1 /* 2 * This is the new netlink-based wireless configuration interface. 3 * 4 * Copyright 2006-2010 Johannes Berg <johannes@sipsolutions.net> 5 */ 6 7 #include <linux/if.h> 8 #include <linux/module.h> 9 #include <linux/err.h> 10 #include <linux/slab.h> 11 #include <linux/list.h> 12 #include <linux/if_ether.h> 13 #include <linux/ieee80211.h> 14 #include <linux/nl80211.h> 15 #include <linux/rtnetlink.h> 16 #include <linux/netlink.h> 17 #include <linux/etherdevice.h> 18 #include <net/net_namespace.h> 19 #include <net/genetlink.h> 20 #include <net/cfg80211.h> 21 #include <net/sock.h> 22 #include "core.h" 23 #include "nl80211.h" 24 #include "reg.h" 25 26 static bool nl80211_valid_auth_type(enum nl80211_auth_type auth_type); 27 static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev, 28 struct genl_info *info, 29 struct cfg80211_crypto_settings *settings, 30 int cipher_limit); 31 32 static int nl80211_pre_doit(struct genl_ops *ops, struct sk_buff *skb, 33 struct genl_info *info); 34 static void nl80211_post_doit(struct genl_ops *ops, struct sk_buff *skb, 35 struct genl_info *info); 36 37 /* the netlink family */ 38 static struct genl_family nl80211_fam = { 39 .id = GENL_ID_GENERATE, /* don't bother with a hardcoded ID */ 40 .name = "nl80211", /* have users key off the name instead */ 41 .hdrsize = 0, /* no private header */ 42 .version = 1, /* no particular meaning now */ 43 .maxattr = NL80211_ATTR_MAX, 44 .netnsok = true, 45 .pre_doit = nl80211_pre_doit, 46 .post_doit = nl80211_post_doit, 47 }; 48 49 /* internal helper: get rdev and dev */ 50 static int get_rdev_dev_by_ifindex(struct net *netns, struct nlattr **attrs, 51 struct cfg80211_registered_device **rdev, 52 struct net_device **dev) 53 { 54 int ifindex; 55 56 if (!attrs[NL80211_ATTR_IFINDEX]) 57 return -EINVAL; 58 59 ifindex = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]); 60 *dev = dev_get_by_index(netns, ifindex); 61 if (!*dev) 62 return -ENODEV; 63 64 *rdev = cfg80211_get_dev_from_ifindex(netns, ifindex); 65 if (IS_ERR(*rdev)) { 66 dev_put(*dev); 67 return PTR_ERR(*rdev); 68 } 69 70 return 0; 71 } 72 73 /* policy for the attributes */ 74 static const struct nla_policy nl80211_policy[NL80211_ATTR_MAX+1] = { 75 [NL80211_ATTR_WIPHY] = { .type = NLA_U32 }, 76 [NL80211_ATTR_WIPHY_NAME] = { .type = NLA_NUL_STRING, 77 .len = 20-1 }, 78 [NL80211_ATTR_WIPHY_TXQ_PARAMS] = { .type = NLA_NESTED }, 79 [NL80211_ATTR_WIPHY_FREQ] = { .type = NLA_U32 }, 80 [NL80211_ATTR_WIPHY_CHANNEL_TYPE] = { .type = NLA_U32 }, 81 [NL80211_ATTR_WIPHY_RETRY_SHORT] = { .type = NLA_U8 }, 82 [NL80211_ATTR_WIPHY_RETRY_LONG] = { .type = NLA_U8 }, 83 [NL80211_ATTR_WIPHY_FRAG_THRESHOLD] = { .type = NLA_U32 }, 84 [NL80211_ATTR_WIPHY_RTS_THRESHOLD] = { .type = NLA_U32 }, 85 [NL80211_ATTR_WIPHY_COVERAGE_CLASS] = { .type = NLA_U8 }, 86 87 [NL80211_ATTR_IFTYPE] = { .type = NLA_U32 }, 88 [NL80211_ATTR_IFINDEX] = { .type = NLA_U32 }, 89 [NL80211_ATTR_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ-1 }, 90 91 [NL80211_ATTR_MAC] = { .len = ETH_ALEN }, 92 [NL80211_ATTR_PREV_BSSID] = { .len = ETH_ALEN }, 93 94 [NL80211_ATTR_KEY] = { .type = NLA_NESTED, }, 95 [NL80211_ATTR_KEY_DATA] = { .type = NLA_BINARY, 96 .len = WLAN_MAX_KEY_LEN }, 97 [NL80211_ATTR_KEY_IDX] = { .type = NLA_U8 }, 98 [NL80211_ATTR_KEY_CIPHER] = { .type = NLA_U32 }, 99 [NL80211_ATTR_KEY_DEFAULT] = { .type = NLA_FLAG }, 100 [NL80211_ATTR_KEY_SEQ] = { .type = NLA_BINARY, .len = 16 }, 101 [NL80211_ATTR_KEY_TYPE] = { .type = NLA_U32 }, 102 103 [NL80211_ATTR_BEACON_INTERVAL] = { .type = NLA_U32 }, 104 [NL80211_ATTR_DTIM_PERIOD] = { .type = NLA_U32 }, 105 [NL80211_ATTR_BEACON_HEAD] = { .type = NLA_BINARY, 106 .len = IEEE80211_MAX_DATA_LEN }, 107 [NL80211_ATTR_BEACON_TAIL] = { .type = NLA_BINARY, 108 .len = IEEE80211_MAX_DATA_LEN }, 109 [NL80211_ATTR_STA_AID] = { .type = NLA_U16 }, 110 [NL80211_ATTR_STA_FLAGS] = { .type = NLA_NESTED }, 111 [NL80211_ATTR_STA_LISTEN_INTERVAL] = { .type = NLA_U16 }, 112 [NL80211_ATTR_STA_SUPPORTED_RATES] = { .type = NLA_BINARY, 113 .len = NL80211_MAX_SUPP_RATES }, 114 [NL80211_ATTR_STA_PLINK_ACTION] = { .type = NLA_U8 }, 115 [NL80211_ATTR_STA_VLAN] = { .type = NLA_U32 }, 116 [NL80211_ATTR_MNTR_FLAGS] = { /* NLA_NESTED can't be empty */ }, 117 [NL80211_ATTR_MESH_ID] = { .type = NLA_BINARY, 118 .len = IEEE80211_MAX_MESH_ID_LEN }, 119 [NL80211_ATTR_MPATH_NEXT_HOP] = { .type = NLA_U32 }, 120 121 [NL80211_ATTR_REG_ALPHA2] = { .type = NLA_STRING, .len = 2 }, 122 [NL80211_ATTR_REG_RULES] = { .type = NLA_NESTED }, 123 124 [NL80211_ATTR_BSS_CTS_PROT] = { .type = NLA_U8 }, 125 [NL80211_ATTR_BSS_SHORT_PREAMBLE] = { .type = NLA_U8 }, 126 [NL80211_ATTR_BSS_SHORT_SLOT_TIME] = { .type = NLA_U8 }, 127 [NL80211_ATTR_BSS_BASIC_RATES] = { .type = NLA_BINARY, 128 .len = NL80211_MAX_SUPP_RATES }, 129 [NL80211_ATTR_BSS_HT_OPMODE] = { .type = NLA_U16 }, 130 131 [NL80211_ATTR_MESH_CONFIG] = { .type = NLA_NESTED }, 132 [NL80211_ATTR_SUPPORT_MESH_AUTH] = { .type = NLA_FLAG }, 133 134 [NL80211_ATTR_HT_CAPABILITY] = { .len = NL80211_HT_CAPABILITY_LEN }, 135 136 [NL80211_ATTR_MGMT_SUBTYPE] = { .type = NLA_U8 }, 137 [NL80211_ATTR_IE] = { .type = NLA_BINARY, 138 .len = IEEE80211_MAX_DATA_LEN }, 139 [NL80211_ATTR_SCAN_FREQUENCIES] = { .type = NLA_NESTED }, 140 [NL80211_ATTR_SCAN_SSIDS] = { .type = NLA_NESTED }, 141 142 [NL80211_ATTR_SSID] = { .type = NLA_BINARY, 143 .len = IEEE80211_MAX_SSID_LEN }, 144 [NL80211_ATTR_AUTH_TYPE] = { .type = NLA_U32 }, 145 [NL80211_ATTR_REASON_CODE] = { .type = NLA_U16 }, 146 [NL80211_ATTR_FREQ_FIXED] = { .type = NLA_FLAG }, 147 [NL80211_ATTR_TIMED_OUT] = { .type = NLA_FLAG }, 148 [NL80211_ATTR_USE_MFP] = { .type = NLA_U32 }, 149 [NL80211_ATTR_STA_FLAGS2] = { 150 .len = sizeof(struct nl80211_sta_flag_update), 151 }, 152 [NL80211_ATTR_CONTROL_PORT] = { .type = NLA_FLAG }, 153 [NL80211_ATTR_CONTROL_PORT_ETHERTYPE] = { .type = NLA_U16 }, 154 [NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT] = { .type = NLA_FLAG }, 155 [NL80211_ATTR_PRIVACY] = { .type = NLA_FLAG }, 156 [NL80211_ATTR_CIPHER_SUITE_GROUP] = { .type = NLA_U32 }, 157 [NL80211_ATTR_WPA_VERSIONS] = { .type = NLA_U32 }, 158 [NL80211_ATTR_PID] = { .type = NLA_U32 }, 159 [NL80211_ATTR_4ADDR] = { .type = NLA_U8 }, 160 [NL80211_ATTR_PMKID] = { .type = NLA_BINARY, 161 .len = WLAN_PMKID_LEN }, 162 [NL80211_ATTR_DURATION] = { .type = NLA_U32 }, 163 [NL80211_ATTR_COOKIE] = { .type = NLA_U64 }, 164 [NL80211_ATTR_TX_RATES] = { .type = NLA_NESTED }, 165 [NL80211_ATTR_FRAME] = { .type = NLA_BINARY, 166 .len = IEEE80211_MAX_DATA_LEN }, 167 [NL80211_ATTR_FRAME_MATCH] = { .type = NLA_BINARY, }, 168 [NL80211_ATTR_PS_STATE] = { .type = NLA_U32 }, 169 [NL80211_ATTR_CQM] = { .type = NLA_NESTED, }, 170 [NL80211_ATTR_LOCAL_STATE_CHANGE] = { .type = NLA_FLAG }, 171 [NL80211_ATTR_AP_ISOLATE] = { .type = NLA_U8 }, 172 [NL80211_ATTR_WIPHY_TX_POWER_SETTING] = { .type = NLA_U32 }, 173 [NL80211_ATTR_WIPHY_TX_POWER_LEVEL] = { .type = NLA_U32 }, 174 [NL80211_ATTR_FRAME_TYPE] = { .type = NLA_U16 }, 175 [NL80211_ATTR_WIPHY_ANTENNA_TX] = { .type = NLA_U32 }, 176 [NL80211_ATTR_WIPHY_ANTENNA_RX] = { .type = NLA_U32 }, 177 [NL80211_ATTR_MCAST_RATE] = { .type = NLA_U32 }, 178 [NL80211_ATTR_OFFCHANNEL_TX_OK] = { .type = NLA_FLAG }, 179 [NL80211_ATTR_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED }, 180 [NL80211_ATTR_WOWLAN_TRIGGERS] = { .type = NLA_NESTED }, 181 [NL80211_ATTR_STA_PLINK_STATE] = { .type = NLA_U8 }, 182 [NL80211_ATTR_SCHED_SCAN_INTERVAL] = { .type = NLA_U32 }, 183 [NL80211_ATTR_REKEY_DATA] = { .type = NLA_NESTED }, 184 [NL80211_ATTR_SCAN_SUPP_RATES] = { .type = NLA_NESTED }, 185 [NL80211_ATTR_HIDDEN_SSID] = { .type = NLA_U32 }, 186 [NL80211_ATTR_IE_PROBE_RESP] = { .type = NLA_BINARY, 187 .len = IEEE80211_MAX_DATA_LEN }, 188 [NL80211_ATTR_IE_ASSOC_RESP] = { .type = NLA_BINARY, 189 .len = IEEE80211_MAX_DATA_LEN }, 190 [NL80211_ATTR_ROAM_SUPPORT] = { .type = NLA_FLAG }, 191 [NL80211_ATTR_SCHED_SCAN_MATCH] = { .type = NLA_NESTED }, 192 [NL80211_ATTR_TX_NO_CCK_RATE] = { .type = NLA_FLAG }, 193 [NL80211_ATTR_TDLS_ACTION] = { .type = NLA_U8 }, 194 [NL80211_ATTR_TDLS_DIALOG_TOKEN] = { .type = NLA_U8 }, 195 [NL80211_ATTR_TDLS_OPERATION] = { .type = NLA_U8 }, 196 [NL80211_ATTR_TDLS_SUPPORT] = { .type = NLA_FLAG }, 197 [NL80211_ATTR_TDLS_EXTERNAL_SETUP] = { .type = NLA_FLAG }, 198 [NL80211_ATTR_DONT_WAIT_FOR_ACK] = { .type = NLA_FLAG }, 199 [NL80211_ATTR_PROBE_RESP] = { .type = NLA_BINARY, 200 .len = IEEE80211_MAX_DATA_LEN }, 201 [NL80211_ATTR_DFS_REGION] = { .type = NLA_U8 }, 202 [NL80211_ATTR_DISABLE_HT] = { .type = NLA_FLAG }, 203 [NL80211_ATTR_HT_CAPABILITY_MASK] = { 204 .len = NL80211_HT_CAPABILITY_LEN 205 }, 206 [NL80211_ATTR_NOACK_MAP] = { .type = NLA_U16 }, 207 [NL80211_ATTR_INACTIVITY_TIMEOUT] = { .type = NLA_U16 }, 208 [NL80211_ATTR_BG_SCAN_PERIOD] = { .type = NLA_U16 }, 209 }; 210 211 /* policy for the key attributes */ 212 static const struct nla_policy nl80211_key_policy[NL80211_KEY_MAX + 1] = { 213 [NL80211_KEY_DATA] = { .type = NLA_BINARY, .len = WLAN_MAX_KEY_LEN }, 214 [NL80211_KEY_IDX] = { .type = NLA_U8 }, 215 [NL80211_KEY_CIPHER] = { .type = NLA_U32 }, 216 [NL80211_KEY_SEQ] = { .type = NLA_BINARY, .len = 16 }, 217 [NL80211_KEY_DEFAULT] = { .type = NLA_FLAG }, 218 [NL80211_KEY_DEFAULT_MGMT] = { .type = NLA_FLAG }, 219 [NL80211_KEY_TYPE] = { .type = NLA_U32 }, 220 [NL80211_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED }, 221 }; 222 223 /* policy for the key default flags */ 224 static const struct nla_policy 225 nl80211_key_default_policy[NUM_NL80211_KEY_DEFAULT_TYPES] = { 226 [NL80211_KEY_DEFAULT_TYPE_UNICAST] = { .type = NLA_FLAG }, 227 [NL80211_KEY_DEFAULT_TYPE_MULTICAST] = { .type = NLA_FLAG }, 228 }; 229 230 /* policy for WoWLAN attributes */ 231 static const struct nla_policy 232 nl80211_wowlan_policy[NUM_NL80211_WOWLAN_TRIG] = { 233 [NL80211_WOWLAN_TRIG_ANY] = { .type = NLA_FLAG }, 234 [NL80211_WOWLAN_TRIG_DISCONNECT] = { .type = NLA_FLAG }, 235 [NL80211_WOWLAN_TRIG_MAGIC_PKT] = { .type = NLA_FLAG }, 236 [NL80211_WOWLAN_TRIG_PKT_PATTERN] = { .type = NLA_NESTED }, 237 [NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE] = { .type = NLA_FLAG }, 238 [NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST] = { .type = NLA_FLAG }, 239 [NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE] = { .type = NLA_FLAG }, 240 [NL80211_WOWLAN_TRIG_RFKILL_RELEASE] = { .type = NLA_FLAG }, 241 }; 242 243 /* policy for GTK rekey offload attributes */ 244 static const struct nla_policy 245 nl80211_rekey_policy[NUM_NL80211_REKEY_DATA] = { 246 [NL80211_REKEY_DATA_KEK] = { .len = NL80211_KEK_LEN }, 247 [NL80211_REKEY_DATA_KCK] = { .len = NL80211_KCK_LEN }, 248 [NL80211_REKEY_DATA_REPLAY_CTR] = { .len = NL80211_REPLAY_CTR_LEN }, 249 }; 250 251 static const struct nla_policy 252 nl80211_match_policy[NL80211_SCHED_SCAN_MATCH_ATTR_MAX + 1] = { 253 [NL80211_ATTR_SCHED_SCAN_MATCH_SSID] = { .type = NLA_BINARY, 254 .len = IEEE80211_MAX_SSID_LEN }, 255 }; 256 257 /* ifidx get helper */ 258 static int nl80211_get_ifidx(struct netlink_callback *cb) 259 { 260 int res; 261 262 res = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize, 263 nl80211_fam.attrbuf, nl80211_fam.maxattr, 264 nl80211_policy); 265 if (res) 266 return res; 267 268 if (!nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX]) 269 return -EINVAL; 270 271 res = nla_get_u32(nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX]); 272 if (!res) 273 return -EINVAL; 274 return res; 275 } 276 277 static int nl80211_prepare_netdev_dump(struct sk_buff *skb, 278 struct netlink_callback *cb, 279 struct cfg80211_registered_device **rdev, 280 struct net_device **dev) 281 { 282 int ifidx = cb->args[0]; 283 int err; 284 285 if (!ifidx) 286 ifidx = nl80211_get_ifidx(cb); 287 if (ifidx < 0) 288 return ifidx; 289 290 cb->args[0] = ifidx; 291 292 rtnl_lock(); 293 294 *dev = __dev_get_by_index(sock_net(skb->sk), ifidx); 295 if (!*dev) { 296 err = -ENODEV; 297 goto out_rtnl; 298 } 299 300 *rdev = cfg80211_get_dev_from_ifindex(sock_net(skb->sk), ifidx); 301 if (IS_ERR(*rdev)) { 302 err = PTR_ERR(*rdev); 303 goto out_rtnl; 304 } 305 306 return 0; 307 out_rtnl: 308 rtnl_unlock(); 309 return err; 310 } 311 312 static void nl80211_finish_netdev_dump(struct cfg80211_registered_device *rdev) 313 { 314 cfg80211_unlock_rdev(rdev); 315 rtnl_unlock(); 316 } 317 318 /* IE validation */ 319 static bool is_valid_ie_attr(const struct nlattr *attr) 320 { 321 const u8 *pos; 322 int len; 323 324 if (!attr) 325 return true; 326 327 pos = nla_data(attr); 328 len = nla_len(attr); 329 330 while (len) { 331 u8 elemlen; 332 333 if (len < 2) 334 return false; 335 len -= 2; 336 337 elemlen = pos[1]; 338 if (elemlen > len) 339 return false; 340 341 len -= elemlen; 342 pos += 2 + elemlen; 343 } 344 345 return true; 346 } 347 348 /* message building helper */ 349 static inline void *nl80211hdr_put(struct sk_buff *skb, u32 pid, u32 seq, 350 int flags, u8 cmd) 351 { 352 /* since there is no private header just add the generic one */ 353 return genlmsg_put(skb, pid, seq, &nl80211_fam, flags, cmd); 354 } 355 356 static int nl80211_msg_put_channel(struct sk_buff *msg, 357 struct ieee80211_channel *chan) 358 { 359 NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_FREQ, 360 chan->center_freq); 361 362 if (chan->flags & IEEE80211_CHAN_DISABLED) 363 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_DISABLED); 364 if (chan->flags & IEEE80211_CHAN_PASSIVE_SCAN) 365 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_PASSIVE_SCAN); 366 if (chan->flags & IEEE80211_CHAN_NO_IBSS) 367 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_NO_IBSS); 368 if (chan->flags & IEEE80211_CHAN_RADAR) 369 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_RADAR); 370 371 NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_MAX_TX_POWER, 372 DBM_TO_MBM(chan->max_power)); 373 374 return 0; 375 376 nla_put_failure: 377 return -ENOBUFS; 378 } 379 380 /* netlink command implementations */ 381 382 struct key_parse { 383 struct key_params p; 384 int idx; 385 int type; 386 bool def, defmgmt; 387 bool def_uni, def_multi; 388 }; 389 390 static int nl80211_parse_key_new(struct nlattr *key, struct key_parse *k) 391 { 392 struct nlattr *tb[NL80211_KEY_MAX + 1]; 393 int err = nla_parse_nested(tb, NL80211_KEY_MAX, key, 394 nl80211_key_policy); 395 if (err) 396 return err; 397 398 k->def = !!tb[NL80211_KEY_DEFAULT]; 399 k->defmgmt = !!tb[NL80211_KEY_DEFAULT_MGMT]; 400 401 if (k->def) { 402 k->def_uni = true; 403 k->def_multi = true; 404 } 405 if (k->defmgmt) 406 k->def_multi = true; 407 408 if (tb[NL80211_KEY_IDX]) 409 k->idx = nla_get_u8(tb[NL80211_KEY_IDX]); 410 411 if (tb[NL80211_KEY_DATA]) { 412 k->p.key = nla_data(tb[NL80211_KEY_DATA]); 413 k->p.key_len = nla_len(tb[NL80211_KEY_DATA]); 414 } 415 416 if (tb[NL80211_KEY_SEQ]) { 417 k->p.seq = nla_data(tb[NL80211_KEY_SEQ]); 418 k->p.seq_len = nla_len(tb[NL80211_KEY_SEQ]); 419 } 420 421 if (tb[NL80211_KEY_CIPHER]) 422 k->p.cipher = nla_get_u32(tb[NL80211_KEY_CIPHER]); 423 424 if (tb[NL80211_KEY_TYPE]) { 425 k->type = nla_get_u32(tb[NL80211_KEY_TYPE]); 426 if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES) 427 return -EINVAL; 428 } 429 430 if (tb[NL80211_KEY_DEFAULT_TYPES]) { 431 struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES]; 432 err = nla_parse_nested(kdt, NUM_NL80211_KEY_DEFAULT_TYPES - 1, 433 tb[NL80211_KEY_DEFAULT_TYPES], 434 nl80211_key_default_policy); 435 if (err) 436 return err; 437 438 k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST]; 439 k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST]; 440 } 441 442 return 0; 443 } 444 445 static int nl80211_parse_key_old(struct genl_info *info, struct key_parse *k) 446 { 447 if (info->attrs[NL80211_ATTR_KEY_DATA]) { 448 k->p.key = nla_data(info->attrs[NL80211_ATTR_KEY_DATA]); 449 k->p.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]); 450 } 451 452 if (info->attrs[NL80211_ATTR_KEY_SEQ]) { 453 k->p.seq = nla_data(info->attrs[NL80211_ATTR_KEY_SEQ]); 454 k->p.seq_len = nla_len(info->attrs[NL80211_ATTR_KEY_SEQ]); 455 } 456 457 if (info->attrs[NL80211_ATTR_KEY_IDX]) 458 k->idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]); 459 460 if (info->attrs[NL80211_ATTR_KEY_CIPHER]) 461 k->p.cipher = nla_get_u32(info->attrs[NL80211_ATTR_KEY_CIPHER]); 462 463 k->def = !!info->attrs[NL80211_ATTR_KEY_DEFAULT]; 464 k->defmgmt = !!info->attrs[NL80211_ATTR_KEY_DEFAULT_MGMT]; 465 466 if (k->def) { 467 k->def_uni = true; 468 k->def_multi = true; 469 } 470 if (k->defmgmt) 471 k->def_multi = true; 472 473 if (info->attrs[NL80211_ATTR_KEY_TYPE]) { 474 k->type = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]); 475 if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES) 476 return -EINVAL; 477 } 478 479 if (info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES]) { 480 struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES]; 481 int err = nla_parse_nested( 482 kdt, NUM_NL80211_KEY_DEFAULT_TYPES - 1, 483 info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES], 484 nl80211_key_default_policy); 485 if (err) 486 return err; 487 488 k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST]; 489 k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST]; 490 } 491 492 return 0; 493 } 494 495 static int nl80211_parse_key(struct genl_info *info, struct key_parse *k) 496 { 497 int err; 498 499 memset(k, 0, sizeof(*k)); 500 k->idx = -1; 501 k->type = -1; 502 503 if (info->attrs[NL80211_ATTR_KEY]) 504 err = nl80211_parse_key_new(info->attrs[NL80211_ATTR_KEY], k); 505 else 506 err = nl80211_parse_key_old(info, k); 507 508 if (err) 509 return err; 510 511 if (k->def && k->defmgmt) 512 return -EINVAL; 513 514 if (k->defmgmt) { 515 if (k->def_uni || !k->def_multi) 516 return -EINVAL; 517 } 518 519 if (k->idx != -1) { 520 if (k->defmgmt) { 521 if (k->idx < 4 || k->idx > 5) 522 return -EINVAL; 523 } else if (k->def) { 524 if (k->idx < 0 || k->idx > 3) 525 return -EINVAL; 526 } else { 527 if (k->idx < 0 || k->idx > 5) 528 return -EINVAL; 529 } 530 } 531 532 return 0; 533 } 534 535 static struct cfg80211_cached_keys * 536 nl80211_parse_connkeys(struct cfg80211_registered_device *rdev, 537 struct nlattr *keys) 538 { 539 struct key_parse parse; 540 struct nlattr *key; 541 struct cfg80211_cached_keys *result; 542 int rem, err, def = 0; 543 544 result = kzalloc(sizeof(*result), GFP_KERNEL); 545 if (!result) 546 return ERR_PTR(-ENOMEM); 547 548 result->def = -1; 549 result->defmgmt = -1; 550 551 nla_for_each_nested(key, keys, rem) { 552 memset(&parse, 0, sizeof(parse)); 553 parse.idx = -1; 554 555 err = nl80211_parse_key_new(key, &parse); 556 if (err) 557 goto error; 558 err = -EINVAL; 559 if (!parse.p.key) 560 goto error; 561 if (parse.idx < 0 || parse.idx > 4) 562 goto error; 563 if (parse.def) { 564 if (def) 565 goto error; 566 def = 1; 567 result->def = parse.idx; 568 if (!parse.def_uni || !parse.def_multi) 569 goto error; 570 } else if (parse.defmgmt) 571 goto error; 572 err = cfg80211_validate_key_settings(rdev, &parse.p, 573 parse.idx, false, NULL); 574 if (err) 575 goto error; 576 result->params[parse.idx].cipher = parse.p.cipher; 577 result->params[parse.idx].key_len = parse.p.key_len; 578 result->params[parse.idx].key = result->data[parse.idx]; 579 memcpy(result->data[parse.idx], parse.p.key, parse.p.key_len); 580 } 581 582 return result; 583 error: 584 kfree(result); 585 return ERR_PTR(err); 586 } 587 588 static int nl80211_key_allowed(struct wireless_dev *wdev) 589 { 590 ASSERT_WDEV_LOCK(wdev); 591 592 switch (wdev->iftype) { 593 case NL80211_IFTYPE_AP: 594 case NL80211_IFTYPE_AP_VLAN: 595 case NL80211_IFTYPE_P2P_GO: 596 case NL80211_IFTYPE_MESH_POINT: 597 break; 598 case NL80211_IFTYPE_ADHOC: 599 if (!wdev->current_bss) 600 return -ENOLINK; 601 break; 602 case NL80211_IFTYPE_STATION: 603 case NL80211_IFTYPE_P2P_CLIENT: 604 if (wdev->sme_state != CFG80211_SME_CONNECTED) 605 return -ENOLINK; 606 break; 607 default: 608 return -EINVAL; 609 } 610 611 return 0; 612 } 613 614 static int nl80211_put_iftypes(struct sk_buff *msg, u32 attr, u16 ifmodes) 615 { 616 struct nlattr *nl_modes = nla_nest_start(msg, attr); 617 int i; 618 619 if (!nl_modes) 620 goto nla_put_failure; 621 622 i = 0; 623 while (ifmodes) { 624 if (ifmodes & 1) 625 NLA_PUT_FLAG(msg, i); 626 ifmodes >>= 1; 627 i++; 628 } 629 630 nla_nest_end(msg, nl_modes); 631 return 0; 632 633 nla_put_failure: 634 return -ENOBUFS; 635 } 636 637 static int nl80211_put_iface_combinations(struct wiphy *wiphy, 638 struct sk_buff *msg) 639 { 640 struct nlattr *nl_combis; 641 int i, j; 642 643 nl_combis = nla_nest_start(msg, 644 NL80211_ATTR_INTERFACE_COMBINATIONS); 645 if (!nl_combis) 646 goto nla_put_failure; 647 648 for (i = 0; i < wiphy->n_iface_combinations; i++) { 649 const struct ieee80211_iface_combination *c; 650 struct nlattr *nl_combi, *nl_limits; 651 652 c = &wiphy->iface_combinations[i]; 653 654 nl_combi = nla_nest_start(msg, i + 1); 655 if (!nl_combi) 656 goto nla_put_failure; 657 658 nl_limits = nla_nest_start(msg, NL80211_IFACE_COMB_LIMITS); 659 if (!nl_limits) 660 goto nla_put_failure; 661 662 for (j = 0; j < c->n_limits; j++) { 663 struct nlattr *nl_limit; 664 665 nl_limit = nla_nest_start(msg, j + 1); 666 if (!nl_limit) 667 goto nla_put_failure; 668 NLA_PUT_U32(msg, NL80211_IFACE_LIMIT_MAX, 669 c->limits[j].max); 670 if (nl80211_put_iftypes(msg, NL80211_IFACE_LIMIT_TYPES, 671 c->limits[j].types)) 672 goto nla_put_failure; 673 nla_nest_end(msg, nl_limit); 674 } 675 676 nla_nest_end(msg, nl_limits); 677 678 if (c->beacon_int_infra_match) 679 NLA_PUT_FLAG(msg, 680 NL80211_IFACE_COMB_STA_AP_BI_MATCH); 681 NLA_PUT_U32(msg, NL80211_IFACE_COMB_NUM_CHANNELS, 682 c->num_different_channels); 683 NLA_PUT_U32(msg, NL80211_IFACE_COMB_MAXNUM, 684 c->max_interfaces); 685 686 nla_nest_end(msg, nl_combi); 687 } 688 689 nla_nest_end(msg, nl_combis); 690 691 return 0; 692 nla_put_failure: 693 return -ENOBUFS; 694 } 695 696 static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags, 697 struct cfg80211_registered_device *dev) 698 { 699 void *hdr; 700 struct nlattr *nl_bands, *nl_band; 701 struct nlattr *nl_freqs, *nl_freq; 702 struct nlattr *nl_rates, *nl_rate; 703 struct nlattr *nl_cmds; 704 enum ieee80211_band band; 705 struct ieee80211_channel *chan; 706 struct ieee80211_rate *rate; 707 int i; 708 const struct ieee80211_txrx_stypes *mgmt_stypes = 709 dev->wiphy.mgmt_stypes; 710 711 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_WIPHY); 712 if (!hdr) 713 return -1; 714 715 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, dev->wiphy_idx); 716 NLA_PUT_STRING(msg, NL80211_ATTR_WIPHY_NAME, wiphy_name(&dev->wiphy)); 717 718 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, 719 cfg80211_rdev_list_generation); 720 721 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_SHORT, 722 dev->wiphy.retry_short); 723 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_LONG, 724 dev->wiphy.retry_long); 725 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, 726 dev->wiphy.frag_threshold); 727 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, 728 dev->wiphy.rts_threshold); 729 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_COVERAGE_CLASS, 730 dev->wiphy.coverage_class); 731 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_SCAN_SSIDS, 732 dev->wiphy.max_scan_ssids); 733 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS, 734 dev->wiphy.max_sched_scan_ssids); 735 NLA_PUT_U16(msg, NL80211_ATTR_MAX_SCAN_IE_LEN, 736 dev->wiphy.max_scan_ie_len); 737 NLA_PUT_U16(msg, NL80211_ATTR_MAX_SCHED_SCAN_IE_LEN, 738 dev->wiphy.max_sched_scan_ie_len); 739 NLA_PUT_U8(msg, NL80211_ATTR_MAX_MATCH_SETS, 740 dev->wiphy.max_match_sets); 741 742 if (dev->wiphy.flags & WIPHY_FLAG_IBSS_RSN) 743 NLA_PUT_FLAG(msg, NL80211_ATTR_SUPPORT_IBSS_RSN); 744 if (dev->wiphy.flags & WIPHY_FLAG_MESH_AUTH) 745 NLA_PUT_FLAG(msg, NL80211_ATTR_SUPPORT_MESH_AUTH); 746 if (dev->wiphy.flags & WIPHY_FLAG_AP_UAPSD) 747 NLA_PUT_FLAG(msg, NL80211_ATTR_SUPPORT_AP_UAPSD); 748 if (dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_FW_ROAM) 749 NLA_PUT_FLAG(msg, NL80211_ATTR_ROAM_SUPPORT); 750 if (dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) 751 NLA_PUT_FLAG(msg, NL80211_ATTR_TDLS_SUPPORT); 752 if (dev->wiphy.flags & WIPHY_FLAG_TDLS_EXTERNAL_SETUP) 753 NLA_PUT_FLAG(msg, NL80211_ATTR_TDLS_EXTERNAL_SETUP); 754 755 NLA_PUT(msg, NL80211_ATTR_CIPHER_SUITES, 756 sizeof(u32) * dev->wiphy.n_cipher_suites, 757 dev->wiphy.cipher_suites); 758 759 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_PMKIDS, 760 dev->wiphy.max_num_pmkids); 761 762 if (dev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) 763 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE); 764 765 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_TX, 766 dev->wiphy.available_antennas_tx); 767 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_RX, 768 dev->wiphy.available_antennas_rx); 769 770 if (dev->wiphy.flags & WIPHY_FLAG_AP_PROBE_RESP_OFFLOAD) 771 NLA_PUT_U32(msg, NL80211_ATTR_PROBE_RESP_OFFLOAD, 772 dev->wiphy.probe_resp_offload); 773 774 if ((dev->wiphy.available_antennas_tx || 775 dev->wiphy.available_antennas_rx) && dev->ops->get_antenna) { 776 u32 tx_ant = 0, rx_ant = 0; 777 int res; 778 res = dev->ops->get_antenna(&dev->wiphy, &tx_ant, &rx_ant); 779 if (!res) { 780 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_TX, tx_ant); 781 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_RX, rx_ant); 782 } 783 } 784 785 if (nl80211_put_iftypes(msg, NL80211_ATTR_SUPPORTED_IFTYPES, 786 dev->wiphy.interface_modes)) 787 goto nla_put_failure; 788 789 nl_bands = nla_nest_start(msg, NL80211_ATTR_WIPHY_BANDS); 790 if (!nl_bands) 791 goto nla_put_failure; 792 793 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 794 if (!dev->wiphy.bands[band]) 795 continue; 796 797 nl_band = nla_nest_start(msg, band); 798 if (!nl_band) 799 goto nla_put_failure; 800 801 /* add HT info */ 802 if (dev->wiphy.bands[band]->ht_cap.ht_supported) { 803 NLA_PUT(msg, NL80211_BAND_ATTR_HT_MCS_SET, 804 sizeof(dev->wiphy.bands[band]->ht_cap.mcs), 805 &dev->wiphy.bands[band]->ht_cap.mcs); 806 NLA_PUT_U16(msg, NL80211_BAND_ATTR_HT_CAPA, 807 dev->wiphy.bands[band]->ht_cap.cap); 808 NLA_PUT_U8(msg, NL80211_BAND_ATTR_HT_AMPDU_FACTOR, 809 dev->wiphy.bands[band]->ht_cap.ampdu_factor); 810 NLA_PUT_U8(msg, NL80211_BAND_ATTR_HT_AMPDU_DENSITY, 811 dev->wiphy.bands[band]->ht_cap.ampdu_density); 812 } 813 814 /* add frequencies */ 815 nl_freqs = nla_nest_start(msg, NL80211_BAND_ATTR_FREQS); 816 if (!nl_freqs) 817 goto nla_put_failure; 818 819 for (i = 0; i < dev->wiphy.bands[band]->n_channels; i++) { 820 nl_freq = nla_nest_start(msg, i); 821 if (!nl_freq) 822 goto nla_put_failure; 823 824 chan = &dev->wiphy.bands[band]->channels[i]; 825 826 if (nl80211_msg_put_channel(msg, chan)) 827 goto nla_put_failure; 828 829 nla_nest_end(msg, nl_freq); 830 } 831 832 nla_nest_end(msg, nl_freqs); 833 834 /* add bitrates */ 835 nl_rates = nla_nest_start(msg, NL80211_BAND_ATTR_RATES); 836 if (!nl_rates) 837 goto nla_put_failure; 838 839 for (i = 0; i < dev->wiphy.bands[band]->n_bitrates; i++) { 840 nl_rate = nla_nest_start(msg, i); 841 if (!nl_rate) 842 goto nla_put_failure; 843 844 rate = &dev->wiphy.bands[band]->bitrates[i]; 845 NLA_PUT_U32(msg, NL80211_BITRATE_ATTR_RATE, 846 rate->bitrate); 847 if (rate->flags & IEEE80211_RATE_SHORT_PREAMBLE) 848 NLA_PUT_FLAG(msg, 849 NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE); 850 851 nla_nest_end(msg, nl_rate); 852 } 853 854 nla_nest_end(msg, nl_rates); 855 856 nla_nest_end(msg, nl_band); 857 } 858 nla_nest_end(msg, nl_bands); 859 860 nl_cmds = nla_nest_start(msg, NL80211_ATTR_SUPPORTED_COMMANDS); 861 if (!nl_cmds) 862 goto nla_put_failure; 863 864 i = 0; 865 #define CMD(op, n) \ 866 do { \ 867 if (dev->ops->op) { \ 868 i++; \ 869 NLA_PUT_U32(msg, i, NL80211_CMD_ ## n); \ 870 } \ 871 } while (0) 872 873 CMD(add_virtual_intf, NEW_INTERFACE); 874 CMD(change_virtual_intf, SET_INTERFACE); 875 CMD(add_key, NEW_KEY); 876 CMD(start_ap, START_AP); 877 CMD(add_station, NEW_STATION); 878 CMD(add_mpath, NEW_MPATH); 879 CMD(update_mesh_config, SET_MESH_CONFIG); 880 CMD(change_bss, SET_BSS); 881 CMD(auth, AUTHENTICATE); 882 CMD(assoc, ASSOCIATE); 883 CMD(deauth, DEAUTHENTICATE); 884 CMD(disassoc, DISASSOCIATE); 885 CMD(join_ibss, JOIN_IBSS); 886 CMD(join_mesh, JOIN_MESH); 887 CMD(set_pmksa, SET_PMKSA); 888 CMD(del_pmksa, DEL_PMKSA); 889 CMD(flush_pmksa, FLUSH_PMKSA); 890 if (dev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL) 891 CMD(remain_on_channel, REMAIN_ON_CHANNEL); 892 CMD(set_bitrate_mask, SET_TX_BITRATE_MASK); 893 CMD(mgmt_tx, FRAME); 894 CMD(mgmt_tx_cancel_wait, FRAME_WAIT_CANCEL); 895 if (dev->wiphy.flags & WIPHY_FLAG_NETNS_OK) { 896 i++; 897 NLA_PUT_U32(msg, i, NL80211_CMD_SET_WIPHY_NETNS); 898 } 899 CMD(set_channel, SET_CHANNEL); 900 CMD(set_wds_peer, SET_WDS_PEER); 901 if (dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) { 902 CMD(tdls_mgmt, TDLS_MGMT); 903 CMD(tdls_oper, TDLS_OPER); 904 } 905 if (dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN) 906 CMD(sched_scan_start, START_SCHED_SCAN); 907 CMD(probe_client, PROBE_CLIENT); 908 CMD(set_noack_map, SET_NOACK_MAP); 909 if (dev->wiphy.flags & WIPHY_FLAG_REPORTS_OBSS) { 910 i++; 911 NLA_PUT_U32(msg, i, NL80211_CMD_REGISTER_BEACONS); 912 } 913 914 #ifdef CONFIG_NL80211_TESTMODE 915 CMD(testmode_cmd, TESTMODE); 916 #endif 917 918 #undef CMD 919 920 if (dev->ops->connect || dev->ops->auth) { 921 i++; 922 NLA_PUT_U32(msg, i, NL80211_CMD_CONNECT); 923 } 924 925 if (dev->ops->disconnect || dev->ops->deauth) { 926 i++; 927 NLA_PUT_U32(msg, i, NL80211_CMD_DISCONNECT); 928 } 929 930 nla_nest_end(msg, nl_cmds); 931 932 if (dev->ops->remain_on_channel && 933 dev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL) 934 NLA_PUT_U32(msg, NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION, 935 dev->wiphy.max_remain_on_channel_duration); 936 937 if (dev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX) 938 NLA_PUT_FLAG(msg, NL80211_ATTR_OFFCHANNEL_TX_OK); 939 940 if (mgmt_stypes) { 941 u16 stypes; 942 struct nlattr *nl_ftypes, *nl_ifs; 943 enum nl80211_iftype ift; 944 945 nl_ifs = nla_nest_start(msg, NL80211_ATTR_TX_FRAME_TYPES); 946 if (!nl_ifs) 947 goto nla_put_failure; 948 949 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) { 950 nl_ftypes = nla_nest_start(msg, ift); 951 if (!nl_ftypes) 952 goto nla_put_failure; 953 i = 0; 954 stypes = mgmt_stypes[ift].tx; 955 while (stypes) { 956 if (stypes & 1) 957 NLA_PUT_U16(msg, NL80211_ATTR_FRAME_TYPE, 958 (i << 4) | IEEE80211_FTYPE_MGMT); 959 stypes >>= 1; 960 i++; 961 } 962 nla_nest_end(msg, nl_ftypes); 963 } 964 965 nla_nest_end(msg, nl_ifs); 966 967 nl_ifs = nla_nest_start(msg, NL80211_ATTR_RX_FRAME_TYPES); 968 if (!nl_ifs) 969 goto nla_put_failure; 970 971 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) { 972 nl_ftypes = nla_nest_start(msg, ift); 973 if (!nl_ftypes) 974 goto nla_put_failure; 975 i = 0; 976 stypes = mgmt_stypes[ift].rx; 977 while (stypes) { 978 if (stypes & 1) 979 NLA_PUT_U16(msg, NL80211_ATTR_FRAME_TYPE, 980 (i << 4) | IEEE80211_FTYPE_MGMT); 981 stypes >>= 1; 982 i++; 983 } 984 nla_nest_end(msg, nl_ftypes); 985 } 986 nla_nest_end(msg, nl_ifs); 987 } 988 989 if (dev->wiphy.wowlan.flags || dev->wiphy.wowlan.n_patterns) { 990 struct nlattr *nl_wowlan; 991 992 nl_wowlan = nla_nest_start(msg, 993 NL80211_ATTR_WOWLAN_TRIGGERS_SUPPORTED); 994 if (!nl_wowlan) 995 goto nla_put_failure; 996 997 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_ANY) 998 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_ANY); 999 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_DISCONNECT) 1000 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_DISCONNECT); 1001 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_MAGIC_PKT) 1002 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT); 1003 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_SUPPORTS_GTK_REKEY) 1004 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_SUPPORTED); 1005 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_GTK_REKEY_FAILURE) 1006 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE); 1007 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_EAP_IDENTITY_REQ) 1008 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST); 1009 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_4WAY_HANDSHAKE) 1010 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE); 1011 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_RFKILL_RELEASE) 1012 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE); 1013 if (dev->wiphy.wowlan.n_patterns) { 1014 struct nl80211_wowlan_pattern_support pat = { 1015 .max_patterns = dev->wiphy.wowlan.n_patterns, 1016 .min_pattern_len = 1017 dev->wiphy.wowlan.pattern_min_len, 1018 .max_pattern_len = 1019 dev->wiphy.wowlan.pattern_max_len, 1020 }; 1021 NLA_PUT(msg, NL80211_WOWLAN_TRIG_PKT_PATTERN, 1022 sizeof(pat), &pat); 1023 } 1024 1025 nla_nest_end(msg, nl_wowlan); 1026 } 1027 1028 if (nl80211_put_iftypes(msg, NL80211_ATTR_SOFTWARE_IFTYPES, 1029 dev->wiphy.software_iftypes)) 1030 goto nla_put_failure; 1031 1032 if (nl80211_put_iface_combinations(&dev->wiphy, msg)) 1033 goto nla_put_failure; 1034 1035 if (dev->wiphy.flags & WIPHY_FLAG_HAVE_AP_SME) 1036 NLA_PUT_U32(msg, NL80211_ATTR_DEVICE_AP_SME, 1037 dev->wiphy.ap_sme_capa); 1038 1039 NLA_PUT_U32(msg, NL80211_ATTR_FEATURE_FLAGS, dev->wiphy.features); 1040 1041 if (dev->wiphy.ht_capa_mod_mask) 1042 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY_MASK, 1043 sizeof(*dev->wiphy.ht_capa_mod_mask), 1044 dev->wiphy.ht_capa_mod_mask); 1045 1046 return genlmsg_end(msg, hdr); 1047 1048 nla_put_failure: 1049 genlmsg_cancel(msg, hdr); 1050 return -EMSGSIZE; 1051 } 1052 1053 static int nl80211_dump_wiphy(struct sk_buff *skb, struct netlink_callback *cb) 1054 { 1055 int idx = 0; 1056 int start = cb->args[0]; 1057 struct cfg80211_registered_device *dev; 1058 1059 mutex_lock(&cfg80211_mutex); 1060 list_for_each_entry(dev, &cfg80211_rdev_list, list) { 1061 if (!net_eq(wiphy_net(&dev->wiphy), sock_net(skb->sk))) 1062 continue; 1063 if (++idx <= start) 1064 continue; 1065 if (nl80211_send_wiphy(skb, NETLINK_CB(cb->skb).pid, 1066 cb->nlh->nlmsg_seq, NLM_F_MULTI, 1067 dev) < 0) { 1068 idx--; 1069 break; 1070 } 1071 } 1072 mutex_unlock(&cfg80211_mutex); 1073 1074 cb->args[0] = idx; 1075 1076 return skb->len; 1077 } 1078 1079 static int nl80211_get_wiphy(struct sk_buff *skb, struct genl_info *info) 1080 { 1081 struct sk_buff *msg; 1082 struct cfg80211_registered_device *dev = info->user_ptr[0]; 1083 1084 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1085 if (!msg) 1086 return -ENOMEM; 1087 1088 if (nl80211_send_wiphy(msg, info->snd_pid, info->snd_seq, 0, dev) < 0) { 1089 nlmsg_free(msg); 1090 return -ENOBUFS; 1091 } 1092 1093 return genlmsg_reply(msg, info); 1094 } 1095 1096 static const struct nla_policy txq_params_policy[NL80211_TXQ_ATTR_MAX + 1] = { 1097 [NL80211_TXQ_ATTR_QUEUE] = { .type = NLA_U8 }, 1098 [NL80211_TXQ_ATTR_TXOP] = { .type = NLA_U16 }, 1099 [NL80211_TXQ_ATTR_CWMIN] = { .type = NLA_U16 }, 1100 [NL80211_TXQ_ATTR_CWMAX] = { .type = NLA_U16 }, 1101 [NL80211_TXQ_ATTR_AIFS] = { .type = NLA_U8 }, 1102 }; 1103 1104 static int parse_txq_params(struct nlattr *tb[], 1105 struct ieee80211_txq_params *txq_params) 1106 { 1107 if (!tb[NL80211_TXQ_ATTR_QUEUE] || !tb[NL80211_TXQ_ATTR_TXOP] || 1108 !tb[NL80211_TXQ_ATTR_CWMIN] || !tb[NL80211_TXQ_ATTR_CWMAX] || 1109 !tb[NL80211_TXQ_ATTR_AIFS]) 1110 return -EINVAL; 1111 1112 txq_params->queue = nla_get_u8(tb[NL80211_TXQ_ATTR_QUEUE]); 1113 txq_params->txop = nla_get_u16(tb[NL80211_TXQ_ATTR_TXOP]); 1114 txq_params->cwmin = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMIN]); 1115 txq_params->cwmax = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMAX]); 1116 txq_params->aifs = nla_get_u8(tb[NL80211_TXQ_ATTR_AIFS]); 1117 1118 return 0; 1119 } 1120 1121 static bool nl80211_can_set_dev_channel(struct wireless_dev *wdev) 1122 { 1123 /* 1124 * You can only set the channel explicitly for AP, mesh 1125 * and WDS type interfaces; all others have their channel 1126 * managed via their respective "establish a connection" 1127 * command (connect, join, ...) 1128 * 1129 * Monitors are special as they are normally slaved to 1130 * whatever else is going on, so they behave as though 1131 * you tried setting the wiphy channel itself. 1132 */ 1133 return !wdev || 1134 wdev->iftype == NL80211_IFTYPE_AP || 1135 wdev->iftype == NL80211_IFTYPE_WDS || 1136 wdev->iftype == NL80211_IFTYPE_MESH_POINT || 1137 wdev->iftype == NL80211_IFTYPE_MONITOR || 1138 wdev->iftype == NL80211_IFTYPE_P2P_GO; 1139 } 1140 1141 static int __nl80211_set_channel(struct cfg80211_registered_device *rdev, 1142 struct wireless_dev *wdev, 1143 struct genl_info *info) 1144 { 1145 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 1146 u32 freq; 1147 int result; 1148 1149 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ]) 1150 return -EINVAL; 1151 1152 if (!nl80211_can_set_dev_channel(wdev)) 1153 return -EOPNOTSUPP; 1154 1155 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 1156 channel_type = nla_get_u32(info->attrs[ 1157 NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 1158 if (channel_type != NL80211_CHAN_NO_HT && 1159 channel_type != NL80211_CHAN_HT20 && 1160 channel_type != NL80211_CHAN_HT40PLUS && 1161 channel_type != NL80211_CHAN_HT40MINUS) 1162 return -EINVAL; 1163 } 1164 1165 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); 1166 1167 mutex_lock(&rdev->devlist_mtx); 1168 if (wdev) { 1169 wdev_lock(wdev); 1170 result = cfg80211_set_freq(rdev, wdev, freq, channel_type); 1171 wdev_unlock(wdev); 1172 } else { 1173 result = cfg80211_set_freq(rdev, NULL, freq, channel_type); 1174 } 1175 mutex_unlock(&rdev->devlist_mtx); 1176 1177 return result; 1178 } 1179 1180 static int nl80211_set_channel(struct sk_buff *skb, struct genl_info *info) 1181 { 1182 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1183 struct net_device *netdev = info->user_ptr[1]; 1184 1185 return __nl80211_set_channel(rdev, netdev->ieee80211_ptr, info); 1186 } 1187 1188 static int nl80211_set_wds_peer(struct sk_buff *skb, struct genl_info *info) 1189 { 1190 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1191 struct net_device *dev = info->user_ptr[1]; 1192 struct wireless_dev *wdev = dev->ieee80211_ptr; 1193 const u8 *bssid; 1194 1195 if (!info->attrs[NL80211_ATTR_MAC]) 1196 return -EINVAL; 1197 1198 if (netif_running(dev)) 1199 return -EBUSY; 1200 1201 if (!rdev->ops->set_wds_peer) 1202 return -EOPNOTSUPP; 1203 1204 if (wdev->iftype != NL80211_IFTYPE_WDS) 1205 return -EOPNOTSUPP; 1206 1207 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 1208 return rdev->ops->set_wds_peer(wdev->wiphy, dev, bssid); 1209 } 1210 1211 1212 static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info) 1213 { 1214 struct cfg80211_registered_device *rdev; 1215 struct net_device *netdev = NULL; 1216 struct wireless_dev *wdev; 1217 int result = 0, rem_txq_params = 0; 1218 struct nlattr *nl_txq_params; 1219 u32 changed; 1220 u8 retry_short = 0, retry_long = 0; 1221 u32 frag_threshold = 0, rts_threshold = 0; 1222 u8 coverage_class = 0; 1223 1224 /* 1225 * Try to find the wiphy and netdev. Normally this 1226 * function shouldn't need the netdev, but this is 1227 * done for backward compatibility -- previously 1228 * setting the channel was done per wiphy, but now 1229 * it is per netdev. Previous userland like hostapd 1230 * also passed a netdev to set_wiphy, so that it is 1231 * possible to let that go to the right netdev! 1232 */ 1233 mutex_lock(&cfg80211_mutex); 1234 1235 if (info->attrs[NL80211_ATTR_IFINDEX]) { 1236 int ifindex = nla_get_u32(info->attrs[NL80211_ATTR_IFINDEX]); 1237 1238 netdev = dev_get_by_index(genl_info_net(info), ifindex); 1239 if (netdev && netdev->ieee80211_ptr) { 1240 rdev = wiphy_to_dev(netdev->ieee80211_ptr->wiphy); 1241 mutex_lock(&rdev->mtx); 1242 } else 1243 netdev = NULL; 1244 } 1245 1246 if (!netdev) { 1247 rdev = __cfg80211_rdev_from_info(info); 1248 if (IS_ERR(rdev)) { 1249 mutex_unlock(&cfg80211_mutex); 1250 return PTR_ERR(rdev); 1251 } 1252 wdev = NULL; 1253 netdev = NULL; 1254 result = 0; 1255 1256 mutex_lock(&rdev->mtx); 1257 } else if (netif_running(netdev) && 1258 nl80211_can_set_dev_channel(netdev->ieee80211_ptr)) 1259 wdev = netdev->ieee80211_ptr; 1260 else 1261 wdev = NULL; 1262 1263 /* 1264 * end workaround code, by now the rdev is available 1265 * and locked, and wdev may or may not be NULL. 1266 */ 1267 1268 if (info->attrs[NL80211_ATTR_WIPHY_NAME]) 1269 result = cfg80211_dev_rename( 1270 rdev, nla_data(info->attrs[NL80211_ATTR_WIPHY_NAME])); 1271 1272 mutex_unlock(&cfg80211_mutex); 1273 1274 if (result) 1275 goto bad_res; 1276 1277 if (info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS]) { 1278 struct ieee80211_txq_params txq_params; 1279 struct nlattr *tb[NL80211_TXQ_ATTR_MAX + 1]; 1280 1281 if (!rdev->ops->set_txq_params) { 1282 result = -EOPNOTSUPP; 1283 goto bad_res; 1284 } 1285 1286 if (!netdev) { 1287 result = -EINVAL; 1288 goto bad_res; 1289 } 1290 1291 if (netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 1292 netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) { 1293 result = -EINVAL; 1294 goto bad_res; 1295 } 1296 1297 nla_for_each_nested(nl_txq_params, 1298 info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS], 1299 rem_txq_params) { 1300 nla_parse(tb, NL80211_TXQ_ATTR_MAX, 1301 nla_data(nl_txq_params), 1302 nla_len(nl_txq_params), 1303 txq_params_policy); 1304 result = parse_txq_params(tb, &txq_params); 1305 if (result) 1306 goto bad_res; 1307 1308 result = rdev->ops->set_txq_params(&rdev->wiphy, 1309 netdev, 1310 &txq_params); 1311 if (result) 1312 goto bad_res; 1313 } 1314 } 1315 1316 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { 1317 result = __nl80211_set_channel(rdev, wdev, info); 1318 if (result) 1319 goto bad_res; 1320 } 1321 1322 if (info->attrs[NL80211_ATTR_WIPHY_TX_POWER_SETTING]) { 1323 enum nl80211_tx_power_setting type; 1324 int idx, mbm = 0; 1325 1326 if (!rdev->ops->set_tx_power) { 1327 result = -EOPNOTSUPP; 1328 goto bad_res; 1329 } 1330 1331 idx = NL80211_ATTR_WIPHY_TX_POWER_SETTING; 1332 type = nla_get_u32(info->attrs[idx]); 1333 1334 if (!info->attrs[NL80211_ATTR_WIPHY_TX_POWER_LEVEL] && 1335 (type != NL80211_TX_POWER_AUTOMATIC)) { 1336 result = -EINVAL; 1337 goto bad_res; 1338 } 1339 1340 if (type != NL80211_TX_POWER_AUTOMATIC) { 1341 idx = NL80211_ATTR_WIPHY_TX_POWER_LEVEL; 1342 mbm = nla_get_u32(info->attrs[idx]); 1343 } 1344 1345 result = rdev->ops->set_tx_power(&rdev->wiphy, type, mbm); 1346 if (result) 1347 goto bad_res; 1348 } 1349 1350 if (info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX] && 1351 info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]) { 1352 u32 tx_ant, rx_ant; 1353 if ((!rdev->wiphy.available_antennas_tx && 1354 !rdev->wiphy.available_antennas_rx) || 1355 !rdev->ops->set_antenna) { 1356 result = -EOPNOTSUPP; 1357 goto bad_res; 1358 } 1359 1360 tx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX]); 1361 rx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]); 1362 1363 /* reject antenna configurations which don't match the 1364 * available antenna masks, except for the "all" mask */ 1365 if ((~tx_ant && (tx_ant & ~rdev->wiphy.available_antennas_tx)) || 1366 (~rx_ant && (rx_ant & ~rdev->wiphy.available_antennas_rx))) { 1367 result = -EINVAL; 1368 goto bad_res; 1369 } 1370 1371 tx_ant = tx_ant & rdev->wiphy.available_antennas_tx; 1372 rx_ant = rx_ant & rdev->wiphy.available_antennas_rx; 1373 1374 result = rdev->ops->set_antenna(&rdev->wiphy, tx_ant, rx_ant); 1375 if (result) 1376 goto bad_res; 1377 } 1378 1379 changed = 0; 1380 1381 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]) { 1382 retry_short = nla_get_u8( 1383 info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]); 1384 if (retry_short == 0) { 1385 result = -EINVAL; 1386 goto bad_res; 1387 } 1388 changed |= WIPHY_PARAM_RETRY_SHORT; 1389 } 1390 1391 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]) { 1392 retry_long = nla_get_u8( 1393 info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]); 1394 if (retry_long == 0) { 1395 result = -EINVAL; 1396 goto bad_res; 1397 } 1398 changed |= WIPHY_PARAM_RETRY_LONG; 1399 } 1400 1401 if (info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]) { 1402 frag_threshold = nla_get_u32( 1403 info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]); 1404 if (frag_threshold < 256) { 1405 result = -EINVAL; 1406 goto bad_res; 1407 } 1408 if (frag_threshold != (u32) -1) { 1409 /* 1410 * Fragments (apart from the last one) are required to 1411 * have even length. Make the fragmentation code 1412 * simpler by stripping LSB should someone try to use 1413 * odd threshold value. 1414 */ 1415 frag_threshold &= ~0x1; 1416 } 1417 changed |= WIPHY_PARAM_FRAG_THRESHOLD; 1418 } 1419 1420 if (info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]) { 1421 rts_threshold = nla_get_u32( 1422 info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]); 1423 changed |= WIPHY_PARAM_RTS_THRESHOLD; 1424 } 1425 1426 if (info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]) { 1427 coverage_class = nla_get_u8( 1428 info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]); 1429 changed |= WIPHY_PARAM_COVERAGE_CLASS; 1430 } 1431 1432 if (changed) { 1433 u8 old_retry_short, old_retry_long; 1434 u32 old_frag_threshold, old_rts_threshold; 1435 u8 old_coverage_class; 1436 1437 if (!rdev->ops->set_wiphy_params) { 1438 result = -EOPNOTSUPP; 1439 goto bad_res; 1440 } 1441 1442 old_retry_short = rdev->wiphy.retry_short; 1443 old_retry_long = rdev->wiphy.retry_long; 1444 old_frag_threshold = rdev->wiphy.frag_threshold; 1445 old_rts_threshold = rdev->wiphy.rts_threshold; 1446 old_coverage_class = rdev->wiphy.coverage_class; 1447 1448 if (changed & WIPHY_PARAM_RETRY_SHORT) 1449 rdev->wiphy.retry_short = retry_short; 1450 if (changed & WIPHY_PARAM_RETRY_LONG) 1451 rdev->wiphy.retry_long = retry_long; 1452 if (changed & WIPHY_PARAM_FRAG_THRESHOLD) 1453 rdev->wiphy.frag_threshold = frag_threshold; 1454 if (changed & WIPHY_PARAM_RTS_THRESHOLD) 1455 rdev->wiphy.rts_threshold = rts_threshold; 1456 if (changed & WIPHY_PARAM_COVERAGE_CLASS) 1457 rdev->wiphy.coverage_class = coverage_class; 1458 1459 result = rdev->ops->set_wiphy_params(&rdev->wiphy, changed); 1460 if (result) { 1461 rdev->wiphy.retry_short = old_retry_short; 1462 rdev->wiphy.retry_long = old_retry_long; 1463 rdev->wiphy.frag_threshold = old_frag_threshold; 1464 rdev->wiphy.rts_threshold = old_rts_threshold; 1465 rdev->wiphy.coverage_class = old_coverage_class; 1466 } 1467 } 1468 1469 bad_res: 1470 mutex_unlock(&rdev->mtx); 1471 if (netdev) 1472 dev_put(netdev); 1473 return result; 1474 } 1475 1476 1477 static int nl80211_send_iface(struct sk_buff *msg, u32 pid, u32 seq, int flags, 1478 struct cfg80211_registered_device *rdev, 1479 struct net_device *dev) 1480 { 1481 void *hdr; 1482 1483 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_INTERFACE); 1484 if (!hdr) 1485 return -1; 1486 1487 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 1488 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 1489 NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, dev->name); 1490 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, dev->ieee80211_ptr->iftype); 1491 1492 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, 1493 rdev->devlist_generation ^ 1494 (cfg80211_rdev_list_generation << 2)); 1495 1496 return genlmsg_end(msg, hdr); 1497 1498 nla_put_failure: 1499 genlmsg_cancel(msg, hdr); 1500 return -EMSGSIZE; 1501 } 1502 1503 static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback *cb) 1504 { 1505 int wp_idx = 0; 1506 int if_idx = 0; 1507 int wp_start = cb->args[0]; 1508 int if_start = cb->args[1]; 1509 struct cfg80211_registered_device *rdev; 1510 struct wireless_dev *wdev; 1511 1512 mutex_lock(&cfg80211_mutex); 1513 list_for_each_entry(rdev, &cfg80211_rdev_list, list) { 1514 if (!net_eq(wiphy_net(&rdev->wiphy), sock_net(skb->sk))) 1515 continue; 1516 if (wp_idx < wp_start) { 1517 wp_idx++; 1518 continue; 1519 } 1520 if_idx = 0; 1521 1522 mutex_lock(&rdev->devlist_mtx); 1523 list_for_each_entry(wdev, &rdev->netdev_list, list) { 1524 if (if_idx < if_start) { 1525 if_idx++; 1526 continue; 1527 } 1528 if (nl80211_send_iface(skb, NETLINK_CB(cb->skb).pid, 1529 cb->nlh->nlmsg_seq, NLM_F_MULTI, 1530 rdev, wdev->netdev) < 0) { 1531 mutex_unlock(&rdev->devlist_mtx); 1532 goto out; 1533 } 1534 if_idx++; 1535 } 1536 mutex_unlock(&rdev->devlist_mtx); 1537 1538 wp_idx++; 1539 } 1540 out: 1541 mutex_unlock(&cfg80211_mutex); 1542 1543 cb->args[0] = wp_idx; 1544 cb->args[1] = if_idx; 1545 1546 return skb->len; 1547 } 1548 1549 static int nl80211_get_interface(struct sk_buff *skb, struct genl_info *info) 1550 { 1551 struct sk_buff *msg; 1552 struct cfg80211_registered_device *dev = info->user_ptr[0]; 1553 struct net_device *netdev = info->user_ptr[1]; 1554 1555 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1556 if (!msg) 1557 return -ENOMEM; 1558 1559 if (nl80211_send_iface(msg, info->snd_pid, info->snd_seq, 0, 1560 dev, netdev) < 0) { 1561 nlmsg_free(msg); 1562 return -ENOBUFS; 1563 } 1564 1565 return genlmsg_reply(msg, info); 1566 } 1567 1568 static const struct nla_policy mntr_flags_policy[NL80211_MNTR_FLAG_MAX + 1] = { 1569 [NL80211_MNTR_FLAG_FCSFAIL] = { .type = NLA_FLAG }, 1570 [NL80211_MNTR_FLAG_PLCPFAIL] = { .type = NLA_FLAG }, 1571 [NL80211_MNTR_FLAG_CONTROL] = { .type = NLA_FLAG }, 1572 [NL80211_MNTR_FLAG_OTHER_BSS] = { .type = NLA_FLAG }, 1573 [NL80211_MNTR_FLAG_COOK_FRAMES] = { .type = NLA_FLAG }, 1574 }; 1575 1576 static int parse_monitor_flags(struct nlattr *nla, u32 *mntrflags) 1577 { 1578 struct nlattr *flags[NL80211_MNTR_FLAG_MAX + 1]; 1579 int flag; 1580 1581 *mntrflags = 0; 1582 1583 if (!nla) 1584 return -EINVAL; 1585 1586 if (nla_parse_nested(flags, NL80211_MNTR_FLAG_MAX, 1587 nla, mntr_flags_policy)) 1588 return -EINVAL; 1589 1590 for (flag = 1; flag <= NL80211_MNTR_FLAG_MAX; flag++) 1591 if (flags[flag]) 1592 *mntrflags |= (1<<flag); 1593 1594 return 0; 1595 } 1596 1597 static int nl80211_valid_4addr(struct cfg80211_registered_device *rdev, 1598 struct net_device *netdev, u8 use_4addr, 1599 enum nl80211_iftype iftype) 1600 { 1601 if (!use_4addr) { 1602 if (netdev && (netdev->priv_flags & IFF_BRIDGE_PORT)) 1603 return -EBUSY; 1604 return 0; 1605 } 1606 1607 switch (iftype) { 1608 case NL80211_IFTYPE_AP_VLAN: 1609 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_AP) 1610 return 0; 1611 break; 1612 case NL80211_IFTYPE_STATION: 1613 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_STATION) 1614 return 0; 1615 break; 1616 default: 1617 break; 1618 } 1619 1620 return -EOPNOTSUPP; 1621 } 1622 1623 static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info) 1624 { 1625 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1626 struct vif_params params; 1627 int err; 1628 enum nl80211_iftype otype, ntype; 1629 struct net_device *dev = info->user_ptr[1]; 1630 u32 _flags, *flags = NULL; 1631 bool change = false; 1632 1633 memset(¶ms, 0, sizeof(params)); 1634 1635 otype = ntype = dev->ieee80211_ptr->iftype; 1636 1637 if (info->attrs[NL80211_ATTR_IFTYPE]) { 1638 ntype = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]); 1639 if (otype != ntype) 1640 change = true; 1641 if (ntype > NL80211_IFTYPE_MAX) 1642 return -EINVAL; 1643 } 1644 1645 if (info->attrs[NL80211_ATTR_MESH_ID]) { 1646 struct wireless_dev *wdev = dev->ieee80211_ptr; 1647 1648 if (ntype != NL80211_IFTYPE_MESH_POINT) 1649 return -EINVAL; 1650 if (netif_running(dev)) 1651 return -EBUSY; 1652 1653 wdev_lock(wdev); 1654 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN != 1655 IEEE80211_MAX_MESH_ID_LEN); 1656 wdev->mesh_id_up_len = 1657 nla_len(info->attrs[NL80211_ATTR_MESH_ID]); 1658 memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]), 1659 wdev->mesh_id_up_len); 1660 wdev_unlock(wdev); 1661 } 1662 1663 if (info->attrs[NL80211_ATTR_4ADDR]) { 1664 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]); 1665 change = true; 1666 err = nl80211_valid_4addr(rdev, dev, params.use_4addr, ntype); 1667 if (err) 1668 return err; 1669 } else { 1670 params.use_4addr = -1; 1671 } 1672 1673 if (info->attrs[NL80211_ATTR_MNTR_FLAGS]) { 1674 if (ntype != NL80211_IFTYPE_MONITOR) 1675 return -EINVAL; 1676 err = parse_monitor_flags(info->attrs[NL80211_ATTR_MNTR_FLAGS], 1677 &_flags); 1678 if (err) 1679 return err; 1680 1681 flags = &_flags; 1682 change = true; 1683 } 1684 1685 if (change) 1686 err = cfg80211_change_iface(rdev, dev, ntype, flags, ¶ms); 1687 else 1688 err = 0; 1689 1690 if (!err && params.use_4addr != -1) 1691 dev->ieee80211_ptr->use_4addr = params.use_4addr; 1692 1693 return err; 1694 } 1695 1696 static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info) 1697 { 1698 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1699 struct vif_params params; 1700 struct net_device *dev; 1701 int err; 1702 enum nl80211_iftype type = NL80211_IFTYPE_UNSPECIFIED; 1703 u32 flags; 1704 1705 memset(¶ms, 0, sizeof(params)); 1706 1707 if (!info->attrs[NL80211_ATTR_IFNAME]) 1708 return -EINVAL; 1709 1710 if (info->attrs[NL80211_ATTR_IFTYPE]) { 1711 type = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]); 1712 if (type > NL80211_IFTYPE_MAX) 1713 return -EINVAL; 1714 } 1715 1716 if (!rdev->ops->add_virtual_intf || 1717 !(rdev->wiphy.interface_modes & (1 << type))) 1718 return -EOPNOTSUPP; 1719 1720 if (info->attrs[NL80211_ATTR_4ADDR]) { 1721 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]); 1722 err = nl80211_valid_4addr(rdev, NULL, params.use_4addr, type); 1723 if (err) 1724 return err; 1725 } 1726 1727 err = parse_monitor_flags(type == NL80211_IFTYPE_MONITOR ? 1728 info->attrs[NL80211_ATTR_MNTR_FLAGS] : NULL, 1729 &flags); 1730 dev = rdev->ops->add_virtual_intf(&rdev->wiphy, 1731 nla_data(info->attrs[NL80211_ATTR_IFNAME]), 1732 type, err ? NULL : &flags, ¶ms); 1733 if (IS_ERR(dev)) 1734 return PTR_ERR(dev); 1735 1736 if (type == NL80211_IFTYPE_MESH_POINT && 1737 info->attrs[NL80211_ATTR_MESH_ID]) { 1738 struct wireless_dev *wdev = dev->ieee80211_ptr; 1739 1740 wdev_lock(wdev); 1741 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN != 1742 IEEE80211_MAX_MESH_ID_LEN); 1743 wdev->mesh_id_up_len = 1744 nla_len(info->attrs[NL80211_ATTR_MESH_ID]); 1745 memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]), 1746 wdev->mesh_id_up_len); 1747 wdev_unlock(wdev); 1748 } 1749 1750 return 0; 1751 } 1752 1753 static int nl80211_del_interface(struct sk_buff *skb, struct genl_info *info) 1754 { 1755 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1756 struct net_device *dev = info->user_ptr[1]; 1757 1758 if (!rdev->ops->del_virtual_intf) 1759 return -EOPNOTSUPP; 1760 1761 return rdev->ops->del_virtual_intf(&rdev->wiphy, dev); 1762 } 1763 1764 static int nl80211_set_noack_map(struct sk_buff *skb, struct genl_info *info) 1765 { 1766 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1767 struct net_device *dev = info->user_ptr[1]; 1768 u16 noack_map; 1769 1770 if (!info->attrs[NL80211_ATTR_NOACK_MAP]) 1771 return -EINVAL; 1772 1773 if (!rdev->ops->set_noack_map) 1774 return -EOPNOTSUPP; 1775 1776 noack_map = nla_get_u16(info->attrs[NL80211_ATTR_NOACK_MAP]); 1777 1778 return rdev->ops->set_noack_map(&rdev->wiphy, dev, noack_map); 1779 } 1780 1781 struct get_key_cookie { 1782 struct sk_buff *msg; 1783 int error; 1784 int idx; 1785 }; 1786 1787 static void get_key_callback(void *c, struct key_params *params) 1788 { 1789 struct nlattr *key; 1790 struct get_key_cookie *cookie = c; 1791 1792 if (params->key) 1793 NLA_PUT(cookie->msg, NL80211_ATTR_KEY_DATA, 1794 params->key_len, params->key); 1795 1796 if (params->seq) 1797 NLA_PUT(cookie->msg, NL80211_ATTR_KEY_SEQ, 1798 params->seq_len, params->seq); 1799 1800 if (params->cipher) 1801 NLA_PUT_U32(cookie->msg, NL80211_ATTR_KEY_CIPHER, 1802 params->cipher); 1803 1804 key = nla_nest_start(cookie->msg, NL80211_ATTR_KEY); 1805 if (!key) 1806 goto nla_put_failure; 1807 1808 if (params->key) 1809 NLA_PUT(cookie->msg, NL80211_KEY_DATA, 1810 params->key_len, params->key); 1811 1812 if (params->seq) 1813 NLA_PUT(cookie->msg, NL80211_KEY_SEQ, 1814 params->seq_len, params->seq); 1815 1816 if (params->cipher) 1817 NLA_PUT_U32(cookie->msg, NL80211_KEY_CIPHER, 1818 params->cipher); 1819 1820 NLA_PUT_U8(cookie->msg, NL80211_ATTR_KEY_IDX, cookie->idx); 1821 1822 nla_nest_end(cookie->msg, key); 1823 1824 return; 1825 nla_put_failure: 1826 cookie->error = 1; 1827 } 1828 1829 static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info) 1830 { 1831 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1832 int err; 1833 struct net_device *dev = info->user_ptr[1]; 1834 u8 key_idx = 0; 1835 const u8 *mac_addr = NULL; 1836 bool pairwise; 1837 struct get_key_cookie cookie = { 1838 .error = 0, 1839 }; 1840 void *hdr; 1841 struct sk_buff *msg; 1842 1843 if (info->attrs[NL80211_ATTR_KEY_IDX]) 1844 key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]); 1845 1846 if (key_idx > 5) 1847 return -EINVAL; 1848 1849 if (info->attrs[NL80211_ATTR_MAC]) 1850 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1851 1852 pairwise = !!mac_addr; 1853 if (info->attrs[NL80211_ATTR_KEY_TYPE]) { 1854 u32 kt = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]); 1855 if (kt >= NUM_NL80211_KEYTYPES) 1856 return -EINVAL; 1857 if (kt != NL80211_KEYTYPE_GROUP && 1858 kt != NL80211_KEYTYPE_PAIRWISE) 1859 return -EINVAL; 1860 pairwise = kt == NL80211_KEYTYPE_PAIRWISE; 1861 } 1862 1863 if (!rdev->ops->get_key) 1864 return -EOPNOTSUPP; 1865 1866 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1867 if (!msg) 1868 return -ENOMEM; 1869 1870 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 1871 NL80211_CMD_NEW_KEY); 1872 if (IS_ERR(hdr)) 1873 return PTR_ERR(hdr); 1874 1875 cookie.msg = msg; 1876 cookie.idx = key_idx; 1877 1878 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 1879 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx); 1880 if (mac_addr) 1881 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr); 1882 1883 if (pairwise && mac_addr && 1884 !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN)) 1885 return -ENOENT; 1886 1887 err = rdev->ops->get_key(&rdev->wiphy, dev, key_idx, pairwise, 1888 mac_addr, &cookie, get_key_callback); 1889 1890 if (err) 1891 goto free_msg; 1892 1893 if (cookie.error) 1894 goto nla_put_failure; 1895 1896 genlmsg_end(msg, hdr); 1897 return genlmsg_reply(msg, info); 1898 1899 nla_put_failure: 1900 err = -ENOBUFS; 1901 free_msg: 1902 nlmsg_free(msg); 1903 return err; 1904 } 1905 1906 static int nl80211_set_key(struct sk_buff *skb, struct genl_info *info) 1907 { 1908 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1909 struct key_parse key; 1910 int err; 1911 struct net_device *dev = info->user_ptr[1]; 1912 1913 err = nl80211_parse_key(info, &key); 1914 if (err) 1915 return err; 1916 1917 if (key.idx < 0) 1918 return -EINVAL; 1919 1920 /* only support setting default key */ 1921 if (!key.def && !key.defmgmt) 1922 return -EINVAL; 1923 1924 wdev_lock(dev->ieee80211_ptr); 1925 1926 if (key.def) { 1927 if (!rdev->ops->set_default_key) { 1928 err = -EOPNOTSUPP; 1929 goto out; 1930 } 1931 1932 err = nl80211_key_allowed(dev->ieee80211_ptr); 1933 if (err) 1934 goto out; 1935 1936 err = rdev->ops->set_default_key(&rdev->wiphy, dev, key.idx, 1937 key.def_uni, key.def_multi); 1938 1939 if (err) 1940 goto out; 1941 1942 #ifdef CONFIG_CFG80211_WEXT 1943 dev->ieee80211_ptr->wext.default_key = key.idx; 1944 #endif 1945 } else { 1946 if (key.def_uni || !key.def_multi) { 1947 err = -EINVAL; 1948 goto out; 1949 } 1950 1951 if (!rdev->ops->set_default_mgmt_key) { 1952 err = -EOPNOTSUPP; 1953 goto out; 1954 } 1955 1956 err = nl80211_key_allowed(dev->ieee80211_ptr); 1957 if (err) 1958 goto out; 1959 1960 err = rdev->ops->set_default_mgmt_key(&rdev->wiphy, 1961 dev, key.idx); 1962 if (err) 1963 goto out; 1964 1965 #ifdef CONFIG_CFG80211_WEXT 1966 dev->ieee80211_ptr->wext.default_mgmt_key = key.idx; 1967 #endif 1968 } 1969 1970 out: 1971 wdev_unlock(dev->ieee80211_ptr); 1972 1973 return err; 1974 } 1975 1976 static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info) 1977 { 1978 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1979 int err; 1980 struct net_device *dev = info->user_ptr[1]; 1981 struct key_parse key; 1982 const u8 *mac_addr = NULL; 1983 1984 err = nl80211_parse_key(info, &key); 1985 if (err) 1986 return err; 1987 1988 if (!key.p.key) 1989 return -EINVAL; 1990 1991 if (info->attrs[NL80211_ATTR_MAC]) 1992 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1993 1994 if (key.type == -1) { 1995 if (mac_addr) 1996 key.type = NL80211_KEYTYPE_PAIRWISE; 1997 else 1998 key.type = NL80211_KEYTYPE_GROUP; 1999 } 2000 2001 /* for now */ 2002 if (key.type != NL80211_KEYTYPE_PAIRWISE && 2003 key.type != NL80211_KEYTYPE_GROUP) 2004 return -EINVAL; 2005 2006 if (!rdev->ops->add_key) 2007 return -EOPNOTSUPP; 2008 2009 if (cfg80211_validate_key_settings(rdev, &key.p, key.idx, 2010 key.type == NL80211_KEYTYPE_PAIRWISE, 2011 mac_addr)) 2012 return -EINVAL; 2013 2014 wdev_lock(dev->ieee80211_ptr); 2015 err = nl80211_key_allowed(dev->ieee80211_ptr); 2016 if (!err) 2017 err = rdev->ops->add_key(&rdev->wiphy, dev, key.idx, 2018 key.type == NL80211_KEYTYPE_PAIRWISE, 2019 mac_addr, &key.p); 2020 wdev_unlock(dev->ieee80211_ptr); 2021 2022 return err; 2023 } 2024 2025 static int nl80211_del_key(struct sk_buff *skb, struct genl_info *info) 2026 { 2027 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2028 int err; 2029 struct net_device *dev = info->user_ptr[1]; 2030 u8 *mac_addr = NULL; 2031 struct key_parse key; 2032 2033 err = nl80211_parse_key(info, &key); 2034 if (err) 2035 return err; 2036 2037 if (info->attrs[NL80211_ATTR_MAC]) 2038 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2039 2040 if (key.type == -1) { 2041 if (mac_addr) 2042 key.type = NL80211_KEYTYPE_PAIRWISE; 2043 else 2044 key.type = NL80211_KEYTYPE_GROUP; 2045 } 2046 2047 /* for now */ 2048 if (key.type != NL80211_KEYTYPE_PAIRWISE && 2049 key.type != NL80211_KEYTYPE_GROUP) 2050 return -EINVAL; 2051 2052 if (!rdev->ops->del_key) 2053 return -EOPNOTSUPP; 2054 2055 wdev_lock(dev->ieee80211_ptr); 2056 err = nl80211_key_allowed(dev->ieee80211_ptr); 2057 2058 if (key.type == NL80211_KEYTYPE_PAIRWISE && mac_addr && 2059 !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN)) 2060 err = -ENOENT; 2061 2062 if (!err) 2063 err = rdev->ops->del_key(&rdev->wiphy, dev, key.idx, 2064 key.type == NL80211_KEYTYPE_PAIRWISE, 2065 mac_addr); 2066 2067 #ifdef CONFIG_CFG80211_WEXT 2068 if (!err) { 2069 if (key.idx == dev->ieee80211_ptr->wext.default_key) 2070 dev->ieee80211_ptr->wext.default_key = -1; 2071 else if (key.idx == dev->ieee80211_ptr->wext.default_mgmt_key) 2072 dev->ieee80211_ptr->wext.default_mgmt_key = -1; 2073 } 2074 #endif 2075 wdev_unlock(dev->ieee80211_ptr); 2076 2077 return err; 2078 } 2079 2080 static int nl80211_parse_beacon(struct genl_info *info, 2081 struct cfg80211_beacon_data *bcn) 2082 { 2083 bool haveinfo = false; 2084 2085 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_BEACON_TAIL]) || 2086 !is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]) || 2087 !is_valid_ie_attr(info->attrs[NL80211_ATTR_IE_PROBE_RESP]) || 2088 !is_valid_ie_attr(info->attrs[NL80211_ATTR_IE_ASSOC_RESP])) 2089 return -EINVAL; 2090 2091 memset(bcn, 0, sizeof(*bcn)); 2092 2093 if (info->attrs[NL80211_ATTR_BEACON_HEAD]) { 2094 bcn->head = nla_data(info->attrs[NL80211_ATTR_BEACON_HEAD]); 2095 bcn->head_len = nla_len(info->attrs[NL80211_ATTR_BEACON_HEAD]); 2096 if (!bcn->head_len) 2097 return -EINVAL; 2098 haveinfo = true; 2099 } 2100 2101 if (info->attrs[NL80211_ATTR_BEACON_TAIL]) { 2102 bcn->tail = nla_data(info->attrs[NL80211_ATTR_BEACON_TAIL]); 2103 bcn->tail_len = 2104 nla_len(info->attrs[NL80211_ATTR_BEACON_TAIL]); 2105 haveinfo = true; 2106 } 2107 2108 if (!haveinfo) 2109 return -EINVAL; 2110 2111 if (info->attrs[NL80211_ATTR_IE]) { 2112 bcn->beacon_ies = nla_data(info->attrs[NL80211_ATTR_IE]); 2113 bcn->beacon_ies_len = nla_len(info->attrs[NL80211_ATTR_IE]); 2114 } 2115 2116 if (info->attrs[NL80211_ATTR_IE_PROBE_RESP]) { 2117 bcn->proberesp_ies = 2118 nla_data(info->attrs[NL80211_ATTR_IE_PROBE_RESP]); 2119 bcn->proberesp_ies_len = 2120 nla_len(info->attrs[NL80211_ATTR_IE_PROBE_RESP]); 2121 } 2122 2123 if (info->attrs[NL80211_ATTR_IE_ASSOC_RESP]) { 2124 bcn->assocresp_ies = 2125 nla_data(info->attrs[NL80211_ATTR_IE_ASSOC_RESP]); 2126 bcn->assocresp_ies_len = 2127 nla_len(info->attrs[NL80211_ATTR_IE_ASSOC_RESP]); 2128 } 2129 2130 if (info->attrs[NL80211_ATTR_PROBE_RESP]) { 2131 bcn->probe_resp = 2132 nla_data(info->attrs[NL80211_ATTR_PROBE_RESP]); 2133 bcn->probe_resp_len = 2134 nla_len(info->attrs[NL80211_ATTR_PROBE_RESP]); 2135 } 2136 2137 return 0; 2138 } 2139 2140 static int nl80211_start_ap(struct sk_buff *skb, struct genl_info *info) 2141 { 2142 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2143 struct net_device *dev = info->user_ptr[1]; 2144 struct wireless_dev *wdev = dev->ieee80211_ptr; 2145 struct cfg80211_ap_settings params; 2146 int err; 2147 2148 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2149 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 2150 return -EOPNOTSUPP; 2151 2152 if (!rdev->ops->start_ap) 2153 return -EOPNOTSUPP; 2154 2155 if (wdev->beacon_interval) 2156 return -EALREADY; 2157 2158 memset(¶ms, 0, sizeof(params)); 2159 2160 /* these are required for START_AP */ 2161 if (!info->attrs[NL80211_ATTR_BEACON_INTERVAL] || 2162 !info->attrs[NL80211_ATTR_DTIM_PERIOD] || 2163 !info->attrs[NL80211_ATTR_BEACON_HEAD]) 2164 return -EINVAL; 2165 2166 err = nl80211_parse_beacon(info, ¶ms.beacon); 2167 if (err) 2168 return err; 2169 2170 params.beacon_interval = 2171 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]); 2172 params.dtim_period = 2173 nla_get_u32(info->attrs[NL80211_ATTR_DTIM_PERIOD]); 2174 2175 err = cfg80211_validate_beacon_int(rdev, params.beacon_interval); 2176 if (err) 2177 return err; 2178 2179 /* 2180 * In theory, some of these attributes should be required here 2181 * but since they were not used when the command was originally 2182 * added, keep them optional for old user space programs to let 2183 * them continue to work with drivers that do not need the 2184 * additional information -- drivers must check! 2185 */ 2186 if (info->attrs[NL80211_ATTR_SSID]) { 2187 params.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 2188 params.ssid_len = 2189 nla_len(info->attrs[NL80211_ATTR_SSID]); 2190 if (params.ssid_len == 0 || 2191 params.ssid_len > IEEE80211_MAX_SSID_LEN) 2192 return -EINVAL; 2193 } 2194 2195 if (info->attrs[NL80211_ATTR_HIDDEN_SSID]) { 2196 params.hidden_ssid = nla_get_u32( 2197 info->attrs[NL80211_ATTR_HIDDEN_SSID]); 2198 if (params.hidden_ssid != NL80211_HIDDEN_SSID_NOT_IN_USE && 2199 params.hidden_ssid != NL80211_HIDDEN_SSID_ZERO_LEN && 2200 params.hidden_ssid != NL80211_HIDDEN_SSID_ZERO_CONTENTS) 2201 return -EINVAL; 2202 } 2203 2204 params.privacy = !!info->attrs[NL80211_ATTR_PRIVACY]; 2205 2206 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) { 2207 params.auth_type = nla_get_u32( 2208 info->attrs[NL80211_ATTR_AUTH_TYPE]); 2209 if (!nl80211_valid_auth_type(params.auth_type)) 2210 return -EINVAL; 2211 } else 2212 params.auth_type = NL80211_AUTHTYPE_AUTOMATIC; 2213 2214 err = nl80211_crypto_settings(rdev, info, ¶ms.crypto, 2215 NL80211_MAX_NR_CIPHER_SUITES); 2216 if (err) 2217 return err; 2218 2219 if (info->attrs[NL80211_ATTR_INACTIVITY_TIMEOUT]) { 2220 if (!(rdev->wiphy.features & NL80211_FEATURE_INACTIVITY_TIMER)) 2221 return -EOPNOTSUPP; 2222 params.inactivity_timeout = nla_get_u16( 2223 info->attrs[NL80211_ATTR_INACTIVITY_TIMEOUT]); 2224 } 2225 2226 err = rdev->ops->start_ap(&rdev->wiphy, dev, ¶ms); 2227 if (!err) 2228 wdev->beacon_interval = params.beacon_interval; 2229 return err; 2230 } 2231 2232 static int nl80211_set_beacon(struct sk_buff *skb, struct genl_info *info) 2233 { 2234 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2235 struct net_device *dev = info->user_ptr[1]; 2236 struct wireless_dev *wdev = dev->ieee80211_ptr; 2237 struct cfg80211_beacon_data params; 2238 int err; 2239 2240 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2241 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 2242 return -EOPNOTSUPP; 2243 2244 if (!rdev->ops->change_beacon) 2245 return -EOPNOTSUPP; 2246 2247 if (!wdev->beacon_interval) 2248 return -EINVAL; 2249 2250 err = nl80211_parse_beacon(info, ¶ms); 2251 if (err) 2252 return err; 2253 2254 return rdev->ops->change_beacon(&rdev->wiphy, dev, ¶ms); 2255 } 2256 2257 static int nl80211_stop_ap(struct sk_buff *skb, struct genl_info *info) 2258 { 2259 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2260 struct net_device *dev = info->user_ptr[1]; 2261 struct wireless_dev *wdev = dev->ieee80211_ptr; 2262 int err; 2263 2264 if (!rdev->ops->stop_ap) 2265 return -EOPNOTSUPP; 2266 2267 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2268 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 2269 return -EOPNOTSUPP; 2270 2271 if (!wdev->beacon_interval) 2272 return -ENOENT; 2273 2274 err = rdev->ops->stop_ap(&rdev->wiphy, dev); 2275 if (!err) 2276 wdev->beacon_interval = 0; 2277 return err; 2278 } 2279 2280 static const struct nla_policy sta_flags_policy[NL80211_STA_FLAG_MAX + 1] = { 2281 [NL80211_STA_FLAG_AUTHORIZED] = { .type = NLA_FLAG }, 2282 [NL80211_STA_FLAG_SHORT_PREAMBLE] = { .type = NLA_FLAG }, 2283 [NL80211_STA_FLAG_WME] = { .type = NLA_FLAG }, 2284 [NL80211_STA_FLAG_MFP] = { .type = NLA_FLAG }, 2285 [NL80211_STA_FLAG_AUTHENTICATED] = { .type = NLA_FLAG }, 2286 [NL80211_STA_FLAG_TDLS_PEER] = { .type = NLA_FLAG }, 2287 }; 2288 2289 static int parse_station_flags(struct genl_info *info, 2290 enum nl80211_iftype iftype, 2291 struct station_parameters *params) 2292 { 2293 struct nlattr *flags[NL80211_STA_FLAG_MAX + 1]; 2294 struct nlattr *nla; 2295 int flag; 2296 2297 /* 2298 * Try parsing the new attribute first so userspace 2299 * can specify both for older kernels. 2300 */ 2301 nla = info->attrs[NL80211_ATTR_STA_FLAGS2]; 2302 if (nla) { 2303 struct nl80211_sta_flag_update *sta_flags; 2304 2305 sta_flags = nla_data(nla); 2306 params->sta_flags_mask = sta_flags->mask; 2307 params->sta_flags_set = sta_flags->set; 2308 if ((params->sta_flags_mask | 2309 params->sta_flags_set) & BIT(__NL80211_STA_FLAG_INVALID)) 2310 return -EINVAL; 2311 return 0; 2312 } 2313 2314 /* if present, parse the old attribute */ 2315 2316 nla = info->attrs[NL80211_ATTR_STA_FLAGS]; 2317 if (!nla) 2318 return 0; 2319 2320 if (nla_parse_nested(flags, NL80211_STA_FLAG_MAX, 2321 nla, sta_flags_policy)) 2322 return -EINVAL; 2323 2324 /* 2325 * Only allow certain flags for interface types so that 2326 * other attributes are silently ignored. Remember that 2327 * this is backward compatibility code with old userspace 2328 * and shouldn't be hit in other cases anyway. 2329 */ 2330 switch (iftype) { 2331 case NL80211_IFTYPE_AP: 2332 case NL80211_IFTYPE_AP_VLAN: 2333 case NL80211_IFTYPE_P2P_GO: 2334 params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHORIZED) | 2335 BIT(NL80211_STA_FLAG_SHORT_PREAMBLE) | 2336 BIT(NL80211_STA_FLAG_WME) | 2337 BIT(NL80211_STA_FLAG_MFP); 2338 break; 2339 case NL80211_IFTYPE_P2P_CLIENT: 2340 case NL80211_IFTYPE_STATION: 2341 params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHORIZED) | 2342 BIT(NL80211_STA_FLAG_TDLS_PEER); 2343 break; 2344 case NL80211_IFTYPE_MESH_POINT: 2345 params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHENTICATED) | 2346 BIT(NL80211_STA_FLAG_MFP) | 2347 BIT(NL80211_STA_FLAG_AUTHORIZED); 2348 default: 2349 return -EINVAL; 2350 } 2351 2352 for (flag = 1; flag <= NL80211_STA_FLAG_MAX; flag++) 2353 if (flags[flag]) 2354 params->sta_flags_set |= (1<<flag); 2355 2356 return 0; 2357 } 2358 2359 static bool nl80211_put_sta_rate(struct sk_buff *msg, struct rate_info *info, 2360 int attr) 2361 { 2362 struct nlattr *rate; 2363 u16 bitrate; 2364 2365 rate = nla_nest_start(msg, attr); 2366 if (!rate) 2367 goto nla_put_failure; 2368 2369 /* cfg80211_calculate_bitrate will return 0 for mcs >= 32 */ 2370 bitrate = cfg80211_calculate_bitrate(info); 2371 if (bitrate > 0) 2372 NLA_PUT_U16(msg, NL80211_RATE_INFO_BITRATE, bitrate); 2373 2374 if (info->flags & RATE_INFO_FLAGS_MCS) 2375 NLA_PUT_U8(msg, NL80211_RATE_INFO_MCS, info->mcs); 2376 if (info->flags & RATE_INFO_FLAGS_40_MHZ_WIDTH) 2377 NLA_PUT_FLAG(msg, NL80211_RATE_INFO_40_MHZ_WIDTH); 2378 if (info->flags & RATE_INFO_FLAGS_SHORT_GI) 2379 NLA_PUT_FLAG(msg, NL80211_RATE_INFO_SHORT_GI); 2380 2381 nla_nest_end(msg, rate); 2382 return true; 2383 2384 nla_put_failure: 2385 return false; 2386 } 2387 2388 static int nl80211_send_station(struct sk_buff *msg, u32 pid, u32 seq, 2389 int flags, struct net_device *dev, 2390 const u8 *mac_addr, struct station_info *sinfo) 2391 { 2392 void *hdr; 2393 struct nlattr *sinfoattr, *bss_param; 2394 2395 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION); 2396 if (!hdr) 2397 return -1; 2398 2399 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 2400 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr); 2401 2402 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, sinfo->generation); 2403 2404 sinfoattr = nla_nest_start(msg, NL80211_ATTR_STA_INFO); 2405 if (!sinfoattr) 2406 goto nla_put_failure; 2407 if (sinfo->filled & STATION_INFO_CONNECTED_TIME) 2408 NLA_PUT_U32(msg, NL80211_STA_INFO_CONNECTED_TIME, 2409 sinfo->connected_time); 2410 if (sinfo->filled & STATION_INFO_INACTIVE_TIME) 2411 NLA_PUT_U32(msg, NL80211_STA_INFO_INACTIVE_TIME, 2412 sinfo->inactive_time); 2413 if (sinfo->filled & STATION_INFO_RX_BYTES) 2414 NLA_PUT_U32(msg, NL80211_STA_INFO_RX_BYTES, 2415 sinfo->rx_bytes); 2416 if (sinfo->filled & STATION_INFO_TX_BYTES) 2417 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_BYTES, 2418 sinfo->tx_bytes); 2419 if (sinfo->filled & STATION_INFO_LLID) 2420 NLA_PUT_U16(msg, NL80211_STA_INFO_LLID, 2421 sinfo->llid); 2422 if (sinfo->filled & STATION_INFO_PLID) 2423 NLA_PUT_U16(msg, NL80211_STA_INFO_PLID, 2424 sinfo->plid); 2425 if (sinfo->filled & STATION_INFO_PLINK_STATE) 2426 NLA_PUT_U8(msg, NL80211_STA_INFO_PLINK_STATE, 2427 sinfo->plink_state); 2428 if (sinfo->filled & STATION_INFO_SIGNAL) 2429 NLA_PUT_U8(msg, NL80211_STA_INFO_SIGNAL, 2430 sinfo->signal); 2431 if (sinfo->filled & STATION_INFO_SIGNAL_AVG) 2432 NLA_PUT_U8(msg, NL80211_STA_INFO_SIGNAL_AVG, 2433 sinfo->signal_avg); 2434 if (sinfo->filled & STATION_INFO_TX_BITRATE) { 2435 if (!nl80211_put_sta_rate(msg, &sinfo->txrate, 2436 NL80211_STA_INFO_TX_BITRATE)) 2437 goto nla_put_failure; 2438 } 2439 if (sinfo->filled & STATION_INFO_RX_BITRATE) { 2440 if (!nl80211_put_sta_rate(msg, &sinfo->rxrate, 2441 NL80211_STA_INFO_RX_BITRATE)) 2442 goto nla_put_failure; 2443 } 2444 if (sinfo->filled & STATION_INFO_RX_PACKETS) 2445 NLA_PUT_U32(msg, NL80211_STA_INFO_RX_PACKETS, 2446 sinfo->rx_packets); 2447 if (sinfo->filled & STATION_INFO_TX_PACKETS) 2448 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_PACKETS, 2449 sinfo->tx_packets); 2450 if (sinfo->filled & STATION_INFO_TX_RETRIES) 2451 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_RETRIES, 2452 sinfo->tx_retries); 2453 if (sinfo->filled & STATION_INFO_TX_FAILED) 2454 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_FAILED, 2455 sinfo->tx_failed); 2456 if (sinfo->filled & STATION_INFO_BEACON_LOSS_COUNT) 2457 NLA_PUT_U32(msg, NL80211_STA_INFO_BEACON_LOSS, 2458 sinfo->beacon_loss_count); 2459 if (sinfo->filled & STATION_INFO_BSS_PARAM) { 2460 bss_param = nla_nest_start(msg, NL80211_STA_INFO_BSS_PARAM); 2461 if (!bss_param) 2462 goto nla_put_failure; 2463 2464 if (sinfo->bss_param.flags & BSS_PARAM_FLAGS_CTS_PROT) 2465 NLA_PUT_FLAG(msg, NL80211_STA_BSS_PARAM_CTS_PROT); 2466 if (sinfo->bss_param.flags & BSS_PARAM_FLAGS_SHORT_PREAMBLE) 2467 NLA_PUT_FLAG(msg, NL80211_STA_BSS_PARAM_SHORT_PREAMBLE); 2468 if (sinfo->bss_param.flags & BSS_PARAM_FLAGS_SHORT_SLOT_TIME) 2469 NLA_PUT_FLAG(msg, 2470 NL80211_STA_BSS_PARAM_SHORT_SLOT_TIME); 2471 NLA_PUT_U8(msg, NL80211_STA_BSS_PARAM_DTIM_PERIOD, 2472 sinfo->bss_param.dtim_period); 2473 NLA_PUT_U16(msg, NL80211_STA_BSS_PARAM_BEACON_INTERVAL, 2474 sinfo->bss_param.beacon_interval); 2475 2476 nla_nest_end(msg, bss_param); 2477 } 2478 if (sinfo->filled & STATION_INFO_STA_FLAGS) 2479 NLA_PUT(msg, NL80211_STA_INFO_STA_FLAGS, 2480 sizeof(struct nl80211_sta_flag_update), 2481 &sinfo->sta_flags); 2482 nla_nest_end(msg, sinfoattr); 2483 2484 if (sinfo->filled & STATION_INFO_ASSOC_REQ_IES) 2485 NLA_PUT(msg, NL80211_ATTR_IE, sinfo->assoc_req_ies_len, 2486 sinfo->assoc_req_ies); 2487 2488 return genlmsg_end(msg, hdr); 2489 2490 nla_put_failure: 2491 genlmsg_cancel(msg, hdr); 2492 return -EMSGSIZE; 2493 } 2494 2495 static int nl80211_dump_station(struct sk_buff *skb, 2496 struct netlink_callback *cb) 2497 { 2498 struct station_info sinfo; 2499 struct cfg80211_registered_device *dev; 2500 struct net_device *netdev; 2501 u8 mac_addr[ETH_ALEN]; 2502 int sta_idx = cb->args[1]; 2503 int err; 2504 2505 err = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev); 2506 if (err) 2507 return err; 2508 2509 if (!dev->ops->dump_station) { 2510 err = -EOPNOTSUPP; 2511 goto out_err; 2512 } 2513 2514 while (1) { 2515 memset(&sinfo, 0, sizeof(sinfo)); 2516 err = dev->ops->dump_station(&dev->wiphy, netdev, sta_idx, 2517 mac_addr, &sinfo); 2518 if (err == -ENOENT) 2519 break; 2520 if (err) 2521 goto out_err; 2522 2523 if (nl80211_send_station(skb, 2524 NETLINK_CB(cb->skb).pid, 2525 cb->nlh->nlmsg_seq, NLM_F_MULTI, 2526 netdev, mac_addr, 2527 &sinfo) < 0) 2528 goto out; 2529 2530 sta_idx++; 2531 } 2532 2533 2534 out: 2535 cb->args[1] = sta_idx; 2536 err = skb->len; 2537 out_err: 2538 nl80211_finish_netdev_dump(dev); 2539 2540 return err; 2541 } 2542 2543 static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info) 2544 { 2545 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2546 struct net_device *dev = info->user_ptr[1]; 2547 struct station_info sinfo; 2548 struct sk_buff *msg; 2549 u8 *mac_addr = NULL; 2550 int err; 2551 2552 memset(&sinfo, 0, sizeof(sinfo)); 2553 2554 if (!info->attrs[NL80211_ATTR_MAC]) 2555 return -EINVAL; 2556 2557 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2558 2559 if (!rdev->ops->get_station) 2560 return -EOPNOTSUPP; 2561 2562 err = rdev->ops->get_station(&rdev->wiphy, dev, mac_addr, &sinfo); 2563 if (err) 2564 return err; 2565 2566 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 2567 if (!msg) 2568 return -ENOMEM; 2569 2570 if (nl80211_send_station(msg, info->snd_pid, info->snd_seq, 0, 2571 dev, mac_addr, &sinfo) < 0) { 2572 nlmsg_free(msg); 2573 return -ENOBUFS; 2574 } 2575 2576 return genlmsg_reply(msg, info); 2577 } 2578 2579 /* 2580 * Get vlan interface making sure it is running and on the right wiphy. 2581 */ 2582 static struct net_device *get_vlan(struct genl_info *info, 2583 struct cfg80211_registered_device *rdev) 2584 { 2585 struct nlattr *vlanattr = info->attrs[NL80211_ATTR_STA_VLAN]; 2586 struct net_device *v; 2587 int ret; 2588 2589 if (!vlanattr) 2590 return NULL; 2591 2592 v = dev_get_by_index(genl_info_net(info), nla_get_u32(vlanattr)); 2593 if (!v) 2594 return ERR_PTR(-ENODEV); 2595 2596 if (!v->ieee80211_ptr || v->ieee80211_ptr->wiphy != &rdev->wiphy) { 2597 ret = -EINVAL; 2598 goto error; 2599 } 2600 2601 if (!netif_running(v)) { 2602 ret = -ENETDOWN; 2603 goto error; 2604 } 2605 2606 return v; 2607 error: 2608 dev_put(v); 2609 return ERR_PTR(ret); 2610 } 2611 2612 static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info) 2613 { 2614 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2615 int err; 2616 struct net_device *dev = info->user_ptr[1]; 2617 struct station_parameters params; 2618 u8 *mac_addr = NULL; 2619 2620 memset(¶ms, 0, sizeof(params)); 2621 2622 params.listen_interval = -1; 2623 params.plink_state = -1; 2624 2625 if (info->attrs[NL80211_ATTR_STA_AID]) 2626 return -EINVAL; 2627 2628 if (!info->attrs[NL80211_ATTR_MAC]) 2629 return -EINVAL; 2630 2631 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2632 2633 if (info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) { 2634 params.supported_rates = 2635 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2636 params.supported_rates_len = 2637 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2638 } 2639 2640 if (info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]) 2641 params.listen_interval = 2642 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]); 2643 2644 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) 2645 params.ht_capa = 2646 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]); 2647 2648 if (!rdev->ops->change_station) 2649 return -EOPNOTSUPP; 2650 2651 if (parse_station_flags(info, dev->ieee80211_ptr->iftype, ¶ms)) 2652 return -EINVAL; 2653 2654 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION]) 2655 params.plink_action = 2656 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]); 2657 2658 if (info->attrs[NL80211_ATTR_STA_PLINK_STATE]) 2659 params.plink_state = 2660 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_STATE]); 2661 2662 switch (dev->ieee80211_ptr->iftype) { 2663 case NL80211_IFTYPE_AP: 2664 case NL80211_IFTYPE_AP_VLAN: 2665 case NL80211_IFTYPE_P2P_GO: 2666 /* disallow mesh-specific things */ 2667 if (params.plink_action) 2668 return -EINVAL; 2669 2670 /* TDLS can't be set, ... */ 2671 if (params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) 2672 return -EINVAL; 2673 /* 2674 * ... but don't bother the driver with it. This works around 2675 * a hostapd/wpa_supplicant issue -- it always includes the 2676 * TLDS_PEER flag in the mask even for AP mode. 2677 */ 2678 params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER); 2679 2680 /* accept only the listed bits */ 2681 if (params.sta_flags_mask & 2682 ~(BIT(NL80211_STA_FLAG_AUTHORIZED) | 2683 BIT(NL80211_STA_FLAG_SHORT_PREAMBLE) | 2684 BIT(NL80211_STA_FLAG_WME) | 2685 BIT(NL80211_STA_FLAG_MFP))) 2686 return -EINVAL; 2687 2688 /* must be last in here for error handling */ 2689 params.vlan = get_vlan(info, rdev); 2690 if (IS_ERR(params.vlan)) 2691 return PTR_ERR(params.vlan); 2692 break; 2693 case NL80211_IFTYPE_P2P_CLIENT: 2694 case NL80211_IFTYPE_STATION: 2695 /* 2696 * Don't allow userspace to change the TDLS_PEER flag, 2697 * but silently ignore attempts to change it since we 2698 * don't have state here to verify that it doesn't try 2699 * to change the flag. 2700 */ 2701 params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER); 2702 /* fall through */ 2703 case NL80211_IFTYPE_ADHOC: 2704 /* disallow things sta doesn't support */ 2705 if (params.plink_action) 2706 return -EINVAL; 2707 if (params.ht_capa) 2708 return -EINVAL; 2709 if (params.listen_interval >= 0) 2710 return -EINVAL; 2711 /* reject any changes other than AUTHORIZED */ 2712 if (params.sta_flags_mask & ~BIT(NL80211_STA_FLAG_AUTHORIZED)) 2713 return -EINVAL; 2714 break; 2715 case NL80211_IFTYPE_MESH_POINT: 2716 /* disallow things mesh doesn't support */ 2717 if (params.vlan) 2718 return -EINVAL; 2719 if (params.ht_capa) 2720 return -EINVAL; 2721 if (params.listen_interval >= 0) 2722 return -EINVAL; 2723 /* 2724 * No special handling for TDLS here -- the userspace 2725 * mesh code doesn't have this bug. 2726 */ 2727 if (params.sta_flags_mask & 2728 ~(BIT(NL80211_STA_FLAG_AUTHENTICATED) | 2729 BIT(NL80211_STA_FLAG_MFP) | 2730 BIT(NL80211_STA_FLAG_AUTHORIZED))) 2731 return -EINVAL; 2732 break; 2733 default: 2734 return -EOPNOTSUPP; 2735 } 2736 2737 /* be aware of params.vlan when changing code here */ 2738 2739 err = rdev->ops->change_station(&rdev->wiphy, dev, mac_addr, ¶ms); 2740 2741 if (params.vlan) 2742 dev_put(params.vlan); 2743 2744 return err; 2745 } 2746 2747 static struct nla_policy 2748 nl80211_sta_wme_policy[NL80211_STA_WME_MAX + 1] __read_mostly = { 2749 [NL80211_STA_WME_UAPSD_QUEUES] = { .type = NLA_U8 }, 2750 [NL80211_STA_WME_MAX_SP] = { .type = NLA_U8 }, 2751 }; 2752 2753 static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info) 2754 { 2755 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2756 int err; 2757 struct net_device *dev = info->user_ptr[1]; 2758 struct station_parameters params; 2759 u8 *mac_addr = NULL; 2760 2761 memset(¶ms, 0, sizeof(params)); 2762 2763 if (!info->attrs[NL80211_ATTR_MAC]) 2764 return -EINVAL; 2765 2766 if (!info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]) 2767 return -EINVAL; 2768 2769 if (!info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) 2770 return -EINVAL; 2771 2772 if (!info->attrs[NL80211_ATTR_STA_AID]) 2773 return -EINVAL; 2774 2775 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2776 params.supported_rates = 2777 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2778 params.supported_rates_len = 2779 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2780 params.listen_interval = 2781 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]); 2782 2783 params.aid = nla_get_u16(info->attrs[NL80211_ATTR_STA_AID]); 2784 if (!params.aid || params.aid > IEEE80211_MAX_AID) 2785 return -EINVAL; 2786 2787 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) 2788 params.ht_capa = 2789 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]); 2790 2791 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION]) 2792 params.plink_action = 2793 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]); 2794 2795 if (!rdev->ops->add_station) 2796 return -EOPNOTSUPP; 2797 2798 if (parse_station_flags(info, dev->ieee80211_ptr->iftype, ¶ms)) 2799 return -EINVAL; 2800 2801 switch (dev->ieee80211_ptr->iftype) { 2802 case NL80211_IFTYPE_AP: 2803 case NL80211_IFTYPE_AP_VLAN: 2804 case NL80211_IFTYPE_P2P_GO: 2805 /* parse WME attributes if sta is WME capable */ 2806 if ((rdev->wiphy.flags & WIPHY_FLAG_AP_UAPSD) && 2807 (params.sta_flags_set & BIT(NL80211_STA_FLAG_WME)) && 2808 info->attrs[NL80211_ATTR_STA_WME]) { 2809 struct nlattr *tb[NL80211_STA_WME_MAX + 1]; 2810 struct nlattr *nla; 2811 2812 nla = info->attrs[NL80211_ATTR_STA_WME]; 2813 err = nla_parse_nested(tb, NL80211_STA_WME_MAX, nla, 2814 nl80211_sta_wme_policy); 2815 if (err) 2816 return err; 2817 2818 if (tb[NL80211_STA_WME_UAPSD_QUEUES]) 2819 params.uapsd_queues = 2820 nla_get_u8(tb[NL80211_STA_WME_UAPSD_QUEUES]); 2821 if (params.uapsd_queues & 2822 ~IEEE80211_WMM_IE_STA_QOSINFO_AC_MASK) 2823 return -EINVAL; 2824 2825 if (tb[NL80211_STA_WME_MAX_SP]) 2826 params.max_sp = 2827 nla_get_u8(tb[NL80211_STA_WME_MAX_SP]); 2828 2829 if (params.max_sp & 2830 ~IEEE80211_WMM_IE_STA_QOSINFO_SP_MASK) 2831 return -EINVAL; 2832 2833 params.sta_modify_mask |= STATION_PARAM_APPLY_UAPSD; 2834 } 2835 /* TDLS peers cannot be added */ 2836 if (params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) 2837 return -EINVAL; 2838 /* but don't bother the driver with it */ 2839 params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER); 2840 2841 /* must be last in here for error handling */ 2842 params.vlan = get_vlan(info, rdev); 2843 if (IS_ERR(params.vlan)) 2844 return PTR_ERR(params.vlan); 2845 break; 2846 case NL80211_IFTYPE_MESH_POINT: 2847 /* TDLS peers cannot be added */ 2848 if (params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) 2849 return -EINVAL; 2850 break; 2851 case NL80211_IFTYPE_STATION: 2852 /* Only TDLS peers can be added */ 2853 if (!(params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER))) 2854 return -EINVAL; 2855 /* Can only add if TDLS ... */ 2856 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS)) 2857 return -EOPNOTSUPP; 2858 /* ... with external setup is supported */ 2859 if (!(rdev->wiphy.flags & WIPHY_FLAG_TDLS_EXTERNAL_SETUP)) 2860 return -EOPNOTSUPP; 2861 break; 2862 default: 2863 return -EOPNOTSUPP; 2864 } 2865 2866 /* be aware of params.vlan when changing code here */ 2867 2868 err = rdev->ops->add_station(&rdev->wiphy, dev, mac_addr, ¶ms); 2869 2870 if (params.vlan) 2871 dev_put(params.vlan); 2872 return err; 2873 } 2874 2875 static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info) 2876 { 2877 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2878 struct net_device *dev = info->user_ptr[1]; 2879 u8 *mac_addr = NULL; 2880 2881 if (info->attrs[NL80211_ATTR_MAC]) 2882 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2883 2884 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2885 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 2886 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT && 2887 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 2888 return -EINVAL; 2889 2890 if (!rdev->ops->del_station) 2891 return -EOPNOTSUPP; 2892 2893 return rdev->ops->del_station(&rdev->wiphy, dev, mac_addr); 2894 } 2895 2896 static int nl80211_send_mpath(struct sk_buff *msg, u32 pid, u32 seq, 2897 int flags, struct net_device *dev, 2898 u8 *dst, u8 *next_hop, 2899 struct mpath_info *pinfo) 2900 { 2901 void *hdr; 2902 struct nlattr *pinfoattr; 2903 2904 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION); 2905 if (!hdr) 2906 return -1; 2907 2908 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 2909 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, dst); 2910 NLA_PUT(msg, NL80211_ATTR_MPATH_NEXT_HOP, ETH_ALEN, next_hop); 2911 2912 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, pinfo->generation); 2913 2914 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MPATH_INFO); 2915 if (!pinfoattr) 2916 goto nla_put_failure; 2917 if (pinfo->filled & MPATH_INFO_FRAME_QLEN) 2918 NLA_PUT_U32(msg, NL80211_MPATH_INFO_FRAME_QLEN, 2919 pinfo->frame_qlen); 2920 if (pinfo->filled & MPATH_INFO_SN) 2921 NLA_PUT_U32(msg, NL80211_MPATH_INFO_SN, 2922 pinfo->sn); 2923 if (pinfo->filled & MPATH_INFO_METRIC) 2924 NLA_PUT_U32(msg, NL80211_MPATH_INFO_METRIC, 2925 pinfo->metric); 2926 if (pinfo->filled & MPATH_INFO_EXPTIME) 2927 NLA_PUT_U32(msg, NL80211_MPATH_INFO_EXPTIME, 2928 pinfo->exptime); 2929 if (pinfo->filled & MPATH_INFO_FLAGS) 2930 NLA_PUT_U8(msg, NL80211_MPATH_INFO_FLAGS, 2931 pinfo->flags); 2932 if (pinfo->filled & MPATH_INFO_DISCOVERY_TIMEOUT) 2933 NLA_PUT_U32(msg, NL80211_MPATH_INFO_DISCOVERY_TIMEOUT, 2934 pinfo->discovery_timeout); 2935 if (pinfo->filled & MPATH_INFO_DISCOVERY_RETRIES) 2936 NLA_PUT_U8(msg, NL80211_MPATH_INFO_DISCOVERY_RETRIES, 2937 pinfo->discovery_retries); 2938 2939 nla_nest_end(msg, pinfoattr); 2940 2941 return genlmsg_end(msg, hdr); 2942 2943 nla_put_failure: 2944 genlmsg_cancel(msg, hdr); 2945 return -EMSGSIZE; 2946 } 2947 2948 static int nl80211_dump_mpath(struct sk_buff *skb, 2949 struct netlink_callback *cb) 2950 { 2951 struct mpath_info pinfo; 2952 struct cfg80211_registered_device *dev; 2953 struct net_device *netdev; 2954 u8 dst[ETH_ALEN]; 2955 u8 next_hop[ETH_ALEN]; 2956 int path_idx = cb->args[1]; 2957 int err; 2958 2959 err = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev); 2960 if (err) 2961 return err; 2962 2963 if (!dev->ops->dump_mpath) { 2964 err = -EOPNOTSUPP; 2965 goto out_err; 2966 } 2967 2968 if (netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) { 2969 err = -EOPNOTSUPP; 2970 goto out_err; 2971 } 2972 2973 while (1) { 2974 err = dev->ops->dump_mpath(&dev->wiphy, netdev, path_idx, 2975 dst, next_hop, &pinfo); 2976 if (err == -ENOENT) 2977 break; 2978 if (err) 2979 goto out_err; 2980 2981 if (nl80211_send_mpath(skb, NETLINK_CB(cb->skb).pid, 2982 cb->nlh->nlmsg_seq, NLM_F_MULTI, 2983 netdev, dst, next_hop, 2984 &pinfo) < 0) 2985 goto out; 2986 2987 path_idx++; 2988 } 2989 2990 2991 out: 2992 cb->args[1] = path_idx; 2993 err = skb->len; 2994 out_err: 2995 nl80211_finish_netdev_dump(dev); 2996 return err; 2997 } 2998 2999 static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info) 3000 { 3001 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3002 int err; 3003 struct net_device *dev = info->user_ptr[1]; 3004 struct mpath_info pinfo; 3005 struct sk_buff *msg; 3006 u8 *dst = NULL; 3007 u8 next_hop[ETH_ALEN]; 3008 3009 memset(&pinfo, 0, sizeof(pinfo)); 3010 3011 if (!info->attrs[NL80211_ATTR_MAC]) 3012 return -EINVAL; 3013 3014 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 3015 3016 if (!rdev->ops->get_mpath) 3017 return -EOPNOTSUPP; 3018 3019 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) 3020 return -EOPNOTSUPP; 3021 3022 err = rdev->ops->get_mpath(&rdev->wiphy, dev, dst, next_hop, &pinfo); 3023 if (err) 3024 return err; 3025 3026 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 3027 if (!msg) 3028 return -ENOMEM; 3029 3030 if (nl80211_send_mpath(msg, info->snd_pid, info->snd_seq, 0, 3031 dev, dst, next_hop, &pinfo) < 0) { 3032 nlmsg_free(msg); 3033 return -ENOBUFS; 3034 } 3035 3036 return genlmsg_reply(msg, info); 3037 } 3038 3039 static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info) 3040 { 3041 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3042 struct net_device *dev = info->user_ptr[1]; 3043 u8 *dst = NULL; 3044 u8 *next_hop = NULL; 3045 3046 if (!info->attrs[NL80211_ATTR_MAC]) 3047 return -EINVAL; 3048 3049 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]) 3050 return -EINVAL; 3051 3052 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 3053 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]); 3054 3055 if (!rdev->ops->change_mpath) 3056 return -EOPNOTSUPP; 3057 3058 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) 3059 return -EOPNOTSUPP; 3060 3061 return rdev->ops->change_mpath(&rdev->wiphy, dev, dst, next_hop); 3062 } 3063 3064 static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info) 3065 { 3066 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3067 struct net_device *dev = info->user_ptr[1]; 3068 u8 *dst = NULL; 3069 u8 *next_hop = NULL; 3070 3071 if (!info->attrs[NL80211_ATTR_MAC]) 3072 return -EINVAL; 3073 3074 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]) 3075 return -EINVAL; 3076 3077 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 3078 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]); 3079 3080 if (!rdev->ops->add_mpath) 3081 return -EOPNOTSUPP; 3082 3083 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) 3084 return -EOPNOTSUPP; 3085 3086 return rdev->ops->add_mpath(&rdev->wiphy, dev, dst, next_hop); 3087 } 3088 3089 static int nl80211_del_mpath(struct sk_buff *skb, struct genl_info *info) 3090 { 3091 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3092 struct net_device *dev = info->user_ptr[1]; 3093 u8 *dst = NULL; 3094 3095 if (info->attrs[NL80211_ATTR_MAC]) 3096 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 3097 3098 if (!rdev->ops->del_mpath) 3099 return -EOPNOTSUPP; 3100 3101 return rdev->ops->del_mpath(&rdev->wiphy, dev, dst); 3102 } 3103 3104 static int nl80211_set_bss(struct sk_buff *skb, struct genl_info *info) 3105 { 3106 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3107 struct net_device *dev = info->user_ptr[1]; 3108 struct bss_parameters params; 3109 3110 memset(¶ms, 0, sizeof(params)); 3111 /* default to not changing parameters */ 3112 params.use_cts_prot = -1; 3113 params.use_short_preamble = -1; 3114 params.use_short_slot_time = -1; 3115 params.ap_isolate = -1; 3116 params.ht_opmode = -1; 3117 3118 if (info->attrs[NL80211_ATTR_BSS_CTS_PROT]) 3119 params.use_cts_prot = 3120 nla_get_u8(info->attrs[NL80211_ATTR_BSS_CTS_PROT]); 3121 if (info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]) 3122 params.use_short_preamble = 3123 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]); 3124 if (info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]) 3125 params.use_short_slot_time = 3126 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]); 3127 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) { 3128 params.basic_rates = 3129 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 3130 params.basic_rates_len = 3131 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 3132 } 3133 if (info->attrs[NL80211_ATTR_AP_ISOLATE]) 3134 params.ap_isolate = !!nla_get_u8(info->attrs[NL80211_ATTR_AP_ISOLATE]); 3135 if (info->attrs[NL80211_ATTR_BSS_HT_OPMODE]) 3136 params.ht_opmode = 3137 nla_get_u16(info->attrs[NL80211_ATTR_BSS_HT_OPMODE]); 3138 3139 if (!rdev->ops->change_bss) 3140 return -EOPNOTSUPP; 3141 3142 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 3143 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 3144 return -EOPNOTSUPP; 3145 3146 return rdev->ops->change_bss(&rdev->wiphy, dev, ¶ms); 3147 } 3148 3149 static const struct nla_policy reg_rule_policy[NL80211_REG_RULE_ATTR_MAX + 1] = { 3150 [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 }, 3151 [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 }, 3152 [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 }, 3153 [NL80211_ATTR_FREQ_RANGE_MAX_BW] = { .type = NLA_U32 }, 3154 [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 }, 3155 [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 }, 3156 }; 3157 3158 static int parse_reg_rule(struct nlattr *tb[], 3159 struct ieee80211_reg_rule *reg_rule) 3160 { 3161 struct ieee80211_freq_range *freq_range = ®_rule->freq_range; 3162 struct ieee80211_power_rule *power_rule = ®_rule->power_rule; 3163 3164 if (!tb[NL80211_ATTR_REG_RULE_FLAGS]) 3165 return -EINVAL; 3166 if (!tb[NL80211_ATTR_FREQ_RANGE_START]) 3167 return -EINVAL; 3168 if (!tb[NL80211_ATTR_FREQ_RANGE_END]) 3169 return -EINVAL; 3170 if (!tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) 3171 return -EINVAL; 3172 if (!tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]) 3173 return -EINVAL; 3174 3175 reg_rule->flags = nla_get_u32(tb[NL80211_ATTR_REG_RULE_FLAGS]); 3176 3177 freq_range->start_freq_khz = 3178 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]); 3179 freq_range->end_freq_khz = 3180 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]); 3181 freq_range->max_bandwidth_khz = 3182 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]); 3183 3184 power_rule->max_eirp = 3185 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]); 3186 3187 if (tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]) 3188 power_rule->max_antenna_gain = 3189 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]); 3190 3191 return 0; 3192 } 3193 3194 static int nl80211_req_set_reg(struct sk_buff *skb, struct genl_info *info) 3195 { 3196 int r; 3197 char *data = NULL; 3198 3199 /* 3200 * You should only get this when cfg80211 hasn't yet initialized 3201 * completely when built-in to the kernel right between the time 3202 * window between nl80211_init() and regulatory_init(), if that is 3203 * even possible. 3204 */ 3205 mutex_lock(&cfg80211_mutex); 3206 if (unlikely(!cfg80211_regdomain)) { 3207 mutex_unlock(&cfg80211_mutex); 3208 return -EINPROGRESS; 3209 } 3210 mutex_unlock(&cfg80211_mutex); 3211 3212 if (!info->attrs[NL80211_ATTR_REG_ALPHA2]) 3213 return -EINVAL; 3214 3215 data = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]); 3216 3217 r = regulatory_hint_user(data); 3218 3219 return r; 3220 } 3221 3222 static int nl80211_get_mesh_config(struct sk_buff *skb, 3223 struct genl_info *info) 3224 { 3225 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3226 struct net_device *dev = info->user_ptr[1]; 3227 struct wireless_dev *wdev = dev->ieee80211_ptr; 3228 struct mesh_config cur_params; 3229 int err = 0; 3230 void *hdr; 3231 struct nlattr *pinfoattr; 3232 struct sk_buff *msg; 3233 3234 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT) 3235 return -EOPNOTSUPP; 3236 3237 if (!rdev->ops->get_mesh_config) 3238 return -EOPNOTSUPP; 3239 3240 wdev_lock(wdev); 3241 /* If not connected, get default parameters */ 3242 if (!wdev->mesh_id_len) 3243 memcpy(&cur_params, &default_mesh_config, sizeof(cur_params)); 3244 else 3245 err = rdev->ops->get_mesh_config(&rdev->wiphy, dev, 3246 &cur_params); 3247 wdev_unlock(wdev); 3248 3249 if (err) 3250 return err; 3251 3252 /* Draw up a netlink message to send back */ 3253 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 3254 if (!msg) 3255 return -ENOMEM; 3256 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 3257 NL80211_CMD_GET_MESH_CONFIG); 3258 if (!hdr) 3259 goto out; 3260 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MESH_CONFIG); 3261 if (!pinfoattr) 3262 goto nla_put_failure; 3263 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 3264 NLA_PUT_U16(msg, NL80211_MESHCONF_RETRY_TIMEOUT, 3265 cur_params.dot11MeshRetryTimeout); 3266 NLA_PUT_U16(msg, NL80211_MESHCONF_CONFIRM_TIMEOUT, 3267 cur_params.dot11MeshConfirmTimeout); 3268 NLA_PUT_U16(msg, NL80211_MESHCONF_HOLDING_TIMEOUT, 3269 cur_params.dot11MeshHoldingTimeout); 3270 NLA_PUT_U16(msg, NL80211_MESHCONF_MAX_PEER_LINKS, 3271 cur_params.dot11MeshMaxPeerLinks); 3272 NLA_PUT_U8(msg, NL80211_MESHCONF_MAX_RETRIES, 3273 cur_params.dot11MeshMaxRetries); 3274 NLA_PUT_U8(msg, NL80211_MESHCONF_TTL, 3275 cur_params.dot11MeshTTL); 3276 NLA_PUT_U8(msg, NL80211_MESHCONF_ELEMENT_TTL, 3277 cur_params.element_ttl); 3278 NLA_PUT_U8(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS, 3279 cur_params.auto_open_plinks); 3280 NLA_PUT_U8(msg, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES, 3281 cur_params.dot11MeshHWMPmaxPREQretries); 3282 NLA_PUT_U32(msg, NL80211_MESHCONF_PATH_REFRESH_TIME, 3283 cur_params.path_refresh_time); 3284 NLA_PUT_U16(msg, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT, 3285 cur_params.min_discovery_timeout); 3286 NLA_PUT_U32(msg, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT, 3287 cur_params.dot11MeshHWMPactivePathTimeout); 3288 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL, 3289 cur_params.dot11MeshHWMPpreqMinInterval); 3290 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL, 3291 cur_params.dot11MeshHWMPperrMinInterval); 3292 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME, 3293 cur_params.dot11MeshHWMPnetDiameterTraversalTime); 3294 NLA_PUT_U8(msg, NL80211_MESHCONF_HWMP_ROOTMODE, 3295 cur_params.dot11MeshHWMPRootMode); 3296 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_RANN_INTERVAL, 3297 cur_params.dot11MeshHWMPRannInterval); 3298 NLA_PUT_U8(msg, NL80211_MESHCONF_GATE_ANNOUNCEMENTS, 3299 cur_params.dot11MeshGateAnnouncementProtocol); 3300 NLA_PUT_U8(msg, NL80211_MESHCONF_FORWARDING, 3301 cur_params.dot11MeshForwarding); 3302 NLA_PUT_U32(msg, NL80211_MESHCONF_RSSI_THRESHOLD, 3303 cur_params.rssi_threshold); 3304 nla_nest_end(msg, pinfoattr); 3305 genlmsg_end(msg, hdr); 3306 return genlmsg_reply(msg, info); 3307 3308 nla_put_failure: 3309 genlmsg_cancel(msg, hdr); 3310 out: 3311 nlmsg_free(msg); 3312 return -ENOBUFS; 3313 } 3314 3315 static const struct nla_policy nl80211_meshconf_params_policy[NL80211_MESHCONF_ATTR_MAX+1] = { 3316 [NL80211_MESHCONF_RETRY_TIMEOUT] = { .type = NLA_U16 }, 3317 [NL80211_MESHCONF_CONFIRM_TIMEOUT] = { .type = NLA_U16 }, 3318 [NL80211_MESHCONF_HOLDING_TIMEOUT] = { .type = NLA_U16 }, 3319 [NL80211_MESHCONF_MAX_PEER_LINKS] = { .type = NLA_U16 }, 3320 [NL80211_MESHCONF_MAX_RETRIES] = { .type = NLA_U8 }, 3321 [NL80211_MESHCONF_TTL] = { .type = NLA_U8 }, 3322 [NL80211_MESHCONF_ELEMENT_TTL] = { .type = NLA_U8 }, 3323 [NL80211_MESHCONF_AUTO_OPEN_PLINKS] = { .type = NLA_U8 }, 3324 3325 [NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES] = { .type = NLA_U8 }, 3326 [NL80211_MESHCONF_PATH_REFRESH_TIME] = { .type = NLA_U32 }, 3327 [NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT] = { .type = NLA_U16 }, 3328 [NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT] = { .type = NLA_U32 }, 3329 [NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL] = { .type = NLA_U16 }, 3330 [NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL] = { .type = NLA_U16 }, 3331 [NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME] = { .type = NLA_U16 }, 3332 [NL80211_MESHCONF_HWMP_ROOTMODE] = { .type = NLA_U8 }, 3333 [NL80211_MESHCONF_HWMP_RANN_INTERVAL] = { .type = NLA_U16 }, 3334 [NL80211_MESHCONF_GATE_ANNOUNCEMENTS] = { .type = NLA_U8 }, 3335 [NL80211_MESHCONF_FORWARDING] = { .type = NLA_U8 }, 3336 [NL80211_MESHCONF_RSSI_THRESHOLD] = { .type = NLA_U32}, 3337 }; 3338 3339 static const struct nla_policy 3340 nl80211_mesh_setup_params_policy[NL80211_MESH_SETUP_ATTR_MAX+1] = { 3341 [NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL] = { .type = NLA_U8 }, 3342 [NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC] = { .type = NLA_U8 }, 3343 [NL80211_MESH_SETUP_USERSPACE_AUTH] = { .type = NLA_FLAG }, 3344 [NL80211_MESH_SETUP_IE] = { .type = NLA_BINARY, 3345 .len = IEEE80211_MAX_DATA_LEN }, 3346 [NL80211_MESH_SETUP_USERSPACE_AMPE] = { .type = NLA_FLAG }, 3347 }; 3348 3349 static int nl80211_parse_mesh_config(struct genl_info *info, 3350 struct mesh_config *cfg, 3351 u32 *mask_out) 3352 { 3353 struct nlattr *tb[NL80211_MESHCONF_ATTR_MAX + 1]; 3354 u32 mask = 0; 3355 3356 #define FILL_IN_MESH_PARAM_IF_SET(table, cfg, param, mask, attr_num, nla_fn) \ 3357 do {\ 3358 if (table[attr_num]) {\ 3359 cfg->param = nla_fn(table[attr_num]); \ 3360 mask |= (1 << (attr_num - 1)); \ 3361 } \ 3362 } while (0);\ 3363 3364 3365 if (!info->attrs[NL80211_ATTR_MESH_CONFIG]) 3366 return -EINVAL; 3367 if (nla_parse_nested(tb, NL80211_MESHCONF_ATTR_MAX, 3368 info->attrs[NL80211_ATTR_MESH_CONFIG], 3369 nl80211_meshconf_params_policy)) 3370 return -EINVAL; 3371 3372 /* This makes sure that there aren't more than 32 mesh config 3373 * parameters (otherwise our bitfield scheme would not work.) */ 3374 BUILD_BUG_ON(NL80211_MESHCONF_ATTR_MAX > 32); 3375 3376 /* Fill in the params struct */ 3377 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshRetryTimeout, 3378 mask, NL80211_MESHCONF_RETRY_TIMEOUT, nla_get_u16); 3379 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshConfirmTimeout, 3380 mask, NL80211_MESHCONF_CONFIRM_TIMEOUT, nla_get_u16); 3381 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHoldingTimeout, 3382 mask, NL80211_MESHCONF_HOLDING_TIMEOUT, nla_get_u16); 3383 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxPeerLinks, 3384 mask, NL80211_MESHCONF_MAX_PEER_LINKS, nla_get_u16); 3385 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxRetries, 3386 mask, NL80211_MESHCONF_MAX_RETRIES, nla_get_u8); 3387 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshTTL, 3388 mask, NL80211_MESHCONF_TTL, nla_get_u8); 3389 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, element_ttl, 3390 mask, NL80211_MESHCONF_ELEMENT_TTL, nla_get_u8); 3391 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, auto_open_plinks, 3392 mask, NL80211_MESHCONF_AUTO_OPEN_PLINKS, nla_get_u8); 3393 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPmaxPREQretries, 3394 mask, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES, 3395 nla_get_u8); 3396 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, path_refresh_time, 3397 mask, NL80211_MESHCONF_PATH_REFRESH_TIME, nla_get_u32); 3398 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, min_discovery_timeout, 3399 mask, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT, 3400 nla_get_u16); 3401 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPactivePathTimeout, 3402 mask, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT, 3403 nla_get_u32); 3404 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPpreqMinInterval, 3405 mask, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL, 3406 nla_get_u16); 3407 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPperrMinInterval, 3408 mask, NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL, 3409 nla_get_u16); 3410 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 3411 dot11MeshHWMPnetDiameterTraversalTime, 3412 mask, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME, 3413 nla_get_u16); 3414 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 3415 dot11MeshHWMPRootMode, mask, 3416 NL80211_MESHCONF_HWMP_ROOTMODE, 3417 nla_get_u8); 3418 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 3419 dot11MeshHWMPRannInterval, mask, 3420 NL80211_MESHCONF_HWMP_RANN_INTERVAL, 3421 nla_get_u16); 3422 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 3423 dot11MeshGateAnnouncementProtocol, mask, 3424 NL80211_MESHCONF_GATE_ANNOUNCEMENTS, 3425 nla_get_u8); 3426 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshForwarding, 3427 mask, NL80211_MESHCONF_FORWARDING, nla_get_u8); 3428 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, rssi_threshold, 3429 mask, NL80211_MESHCONF_RSSI_THRESHOLD, nla_get_u32); 3430 if (mask_out) 3431 *mask_out = mask; 3432 3433 return 0; 3434 3435 #undef FILL_IN_MESH_PARAM_IF_SET 3436 } 3437 3438 static int nl80211_parse_mesh_setup(struct genl_info *info, 3439 struct mesh_setup *setup) 3440 { 3441 struct nlattr *tb[NL80211_MESH_SETUP_ATTR_MAX + 1]; 3442 3443 if (!info->attrs[NL80211_ATTR_MESH_SETUP]) 3444 return -EINVAL; 3445 if (nla_parse_nested(tb, NL80211_MESH_SETUP_ATTR_MAX, 3446 info->attrs[NL80211_ATTR_MESH_SETUP], 3447 nl80211_mesh_setup_params_policy)) 3448 return -EINVAL; 3449 3450 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL]) 3451 setup->path_sel_proto = 3452 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL])) ? 3453 IEEE80211_PATH_PROTOCOL_VENDOR : 3454 IEEE80211_PATH_PROTOCOL_HWMP; 3455 3456 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC]) 3457 setup->path_metric = 3458 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC])) ? 3459 IEEE80211_PATH_METRIC_VENDOR : 3460 IEEE80211_PATH_METRIC_AIRTIME; 3461 3462 3463 if (tb[NL80211_MESH_SETUP_IE]) { 3464 struct nlattr *ieattr = 3465 tb[NL80211_MESH_SETUP_IE]; 3466 if (!is_valid_ie_attr(ieattr)) 3467 return -EINVAL; 3468 setup->ie = nla_data(ieattr); 3469 setup->ie_len = nla_len(ieattr); 3470 } 3471 setup->is_authenticated = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_AUTH]); 3472 setup->is_secure = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_AMPE]); 3473 3474 return 0; 3475 } 3476 3477 static int nl80211_update_mesh_config(struct sk_buff *skb, 3478 struct genl_info *info) 3479 { 3480 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3481 struct net_device *dev = info->user_ptr[1]; 3482 struct wireless_dev *wdev = dev->ieee80211_ptr; 3483 struct mesh_config cfg; 3484 u32 mask; 3485 int err; 3486 3487 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT) 3488 return -EOPNOTSUPP; 3489 3490 if (!rdev->ops->update_mesh_config) 3491 return -EOPNOTSUPP; 3492 3493 err = nl80211_parse_mesh_config(info, &cfg, &mask); 3494 if (err) 3495 return err; 3496 3497 wdev_lock(wdev); 3498 if (!wdev->mesh_id_len) 3499 err = -ENOLINK; 3500 3501 if (!err) 3502 err = rdev->ops->update_mesh_config(&rdev->wiphy, dev, 3503 mask, &cfg); 3504 3505 wdev_unlock(wdev); 3506 3507 return err; 3508 } 3509 3510 static int nl80211_get_reg(struct sk_buff *skb, struct genl_info *info) 3511 { 3512 struct sk_buff *msg; 3513 void *hdr = NULL; 3514 struct nlattr *nl_reg_rules; 3515 unsigned int i; 3516 int err = -EINVAL; 3517 3518 mutex_lock(&cfg80211_mutex); 3519 3520 if (!cfg80211_regdomain) 3521 goto out; 3522 3523 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 3524 if (!msg) { 3525 err = -ENOBUFS; 3526 goto out; 3527 } 3528 3529 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 3530 NL80211_CMD_GET_REG); 3531 if (!hdr) 3532 goto put_failure; 3533 3534 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, 3535 cfg80211_regdomain->alpha2); 3536 if (cfg80211_regdomain->dfs_region) 3537 NLA_PUT_U8(msg, NL80211_ATTR_DFS_REGION, 3538 cfg80211_regdomain->dfs_region); 3539 3540 nl_reg_rules = nla_nest_start(msg, NL80211_ATTR_REG_RULES); 3541 if (!nl_reg_rules) 3542 goto nla_put_failure; 3543 3544 for (i = 0; i < cfg80211_regdomain->n_reg_rules; i++) { 3545 struct nlattr *nl_reg_rule; 3546 const struct ieee80211_reg_rule *reg_rule; 3547 const struct ieee80211_freq_range *freq_range; 3548 const struct ieee80211_power_rule *power_rule; 3549 3550 reg_rule = &cfg80211_regdomain->reg_rules[i]; 3551 freq_range = ®_rule->freq_range; 3552 power_rule = ®_rule->power_rule; 3553 3554 nl_reg_rule = nla_nest_start(msg, i); 3555 if (!nl_reg_rule) 3556 goto nla_put_failure; 3557 3558 NLA_PUT_U32(msg, NL80211_ATTR_REG_RULE_FLAGS, 3559 reg_rule->flags); 3560 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_START, 3561 freq_range->start_freq_khz); 3562 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_END, 3563 freq_range->end_freq_khz); 3564 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_MAX_BW, 3565 freq_range->max_bandwidth_khz); 3566 NLA_PUT_U32(msg, NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN, 3567 power_rule->max_antenna_gain); 3568 NLA_PUT_U32(msg, NL80211_ATTR_POWER_RULE_MAX_EIRP, 3569 power_rule->max_eirp); 3570 3571 nla_nest_end(msg, nl_reg_rule); 3572 } 3573 3574 nla_nest_end(msg, nl_reg_rules); 3575 3576 genlmsg_end(msg, hdr); 3577 err = genlmsg_reply(msg, info); 3578 goto out; 3579 3580 nla_put_failure: 3581 genlmsg_cancel(msg, hdr); 3582 put_failure: 3583 nlmsg_free(msg); 3584 err = -EMSGSIZE; 3585 out: 3586 mutex_unlock(&cfg80211_mutex); 3587 return err; 3588 } 3589 3590 static int nl80211_set_reg(struct sk_buff *skb, struct genl_info *info) 3591 { 3592 struct nlattr *tb[NL80211_REG_RULE_ATTR_MAX + 1]; 3593 struct nlattr *nl_reg_rule; 3594 char *alpha2 = NULL; 3595 int rem_reg_rules = 0, r = 0; 3596 u32 num_rules = 0, rule_idx = 0, size_of_regd; 3597 u8 dfs_region = 0; 3598 struct ieee80211_regdomain *rd = NULL; 3599 3600 if (!info->attrs[NL80211_ATTR_REG_ALPHA2]) 3601 return -EINVAL; 3602 3603 if (!info->attrs[NL80211_ATTR_REG_RULES]) 3604 return -EINVAL; 3605 3606 alpha2 = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]); 3607 3608 if (info->attrs[NL80211_ATTR_DFS_REGION]) 3609 dfs_region = nla_get_u8(info->attrs[NL80211_ATTR_DFS_REGION]); 3610 3611 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES], 3612 rem_reg_rules) { 3613 num_rules++; 3614 if (num_rules > NL80211_MAX_SUPP_REG_RULES) 3615 return -EINVAL; 3616 } 3617 3618 mutex_lock(&cfg80211_mutex); 3619 3620 if (!reg_is_valid_request(alpha2)) { 3621 r = -EINVAL; 3622 goto bad_reg; 3623 } 3624 3625 size_of_regd = sizeof(struct ieee80211_regdomain) + 3626 (num_rules * sizeof(struct ieee80211_reg_rule)); 3627 3628 rd = kzalloc(size_of_regd, GFP_KERNEL); 3629 if (!rd) { 3630 r = -ENOMEM; 3631 goto bad_reg; 3632 } 3633 3634 rd->n_reg_rules = num_rules; 3635 rd->alpha2[0] = alpha2[0]; 3636 rd->alpha2[1] = alpha2[1]; 3637 3638 /* 3639 * Disable DFS master mode if the DFS region was 3640 * not supported or known on this kernel. 3641 */ 3642 if (reg_supported_dfs_region(dfs_region)) 3643 rd->dfs_region = dfs_region; 3644 3645 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES], 3646 rem_reg_rules) { 3647 nla_parse(tb, NL80211_REG_RULE_ATTR_MAX, 3648 nla_data(nl_reg_rule), nla_len(nl_reg_rule), 3649 reg_rule_policy); 3650 r = parse_reg_rule(tb, &rd->reg_rules[rule_idx]); 3651 if (r) 3652 goto bad_reg; 3653 3654 rule_idx++; 3655 3656 if (rule_idx > NL80211_MAX_SUPP_REG_RULES) { 3657 r = -EINVAL; 3658 goto bad_reg; 3659 } 3660 } 3661 3662 BUG_ON(rule_idx != num_rules); 3663 3664 r = set_regdom(rd); 3665 3666 mutex_unlock(&cfg80211_mutex); 3667 3668 return r; 3669 3670 bad_reg: 3671 mutex_unlock(&cfg80211_mutex); 3672 kfree(rd); 3673 return r; 3674 } 3675 3676 static int validate_scan_freqs(struct nlattr *freqs) 3677 { 3678 struct nlattr *attr1, *attr2; 3679 int n_channels = 0, tmp1, tmp2; 3680 3681 nla_for_each_nested(attr1, freqs, tmp1) { 3682 n_channels++; 3683 /* 3684 * Some hardware has a limited channel list for 3685 * scanning, and it is pretty much nonsensical 3686 * to scan for a channel twice, so disallow that 3687 * and don't require drivers to check that the 3688 * channel list they get isn't longer than what 3689 * they can scan, as long as they can scan all 3690 * the channels they registered at once. 3691 */ 3692 nla_for_each_nested(attr2, freqs, tmp2) 3693 if (attr1 != attr2 && 3694 nla_get_u32(attr1) == nla_get_u32(attr2)) 3695 return 0; 3696 } 3697 3698 return n_channels; 3699 } 3700 3701 static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info) 3702 { 3703 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3704 struct net_device *dev = info->user_ptr[1]; 3705 struct cfg80211_scan_request *request; 3706 struct nlattr *attr; 3707 struct wiphy *wiphy; 3708 int err, tmp, n_ssids = 0, n_channels, i; 3709 size_t ie_len; 3710 3711 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3712 return -EINVAL; 3713 3714 wiphy = &rdev->wiphy; 3715 3716 if (!rdev->ops->scan) 3717 return -EOPNOTSUPP; 3718 3719 if (rdev->scan_req) 3720 return -EBUSY; 3721 3722 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 3723 n_channels = validate_scan_freqs( 3724 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]); 3725 if (!n_channels) 3726 return -EINVAL; 3727 } else { 3728 enum ieee80211_band band; 3729 n_channels = 0; 3730 3731 for (band = 0; band < IEEE80211_NUM_BANDS; band++) 3732 if (wiphy->bands[band]) 3733 n_channels += wiphy->bands[band]->n_channels; 3734 } 3735 3736 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) 3737 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) 3738 n_ssids++; 3739 3740 if (n_ssids > wiphy->max_scan_ssids) 3741 return -EINVAL; 3742 3743 if (info->attrs[NL80211_ATTR_IE]) 3744 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3745 else 3746 ie_len = 0; 3747 3748 if (ie_len > wiphy->max_scan_ie_len) 3749 return -EINVAL; 3750 3751 request = kzalloc(sizeof(*request) 3752 + sizeof(*request->ssids) * n_ssids 3753 + sizeof(*request->channels) * n_channels 3754 + ie_len, GFP_KERNEL); 3755 if (!request) 3756 return -ENOMEM; 3757 3758 if (n_ssids) 3759 request->ssids = (void *)&request->channels[n_channels]; 3760 request->n_ssids = n_ssids; 3761 if (ie_len) { 3762 if (request->ssids) 3763 request->ie = (void *)(request->ssids + n_ssids); 3764 else 3765 request->ie = (void *)(request->channels + n_channels); 3766 } 3767 3768 i = 0; 3769 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 3770 /* user specified, bail out if channel not found */ 3771 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_FREQUENCIES], tmp) { 3772 struct ieee80211_channel *chan; 3773 3774 chan = ieee80211_get_channel(wiphy, nla_get_u32(attr)); 3775 3776 if (!chan) { 3777 err = -EINVAL; 3778 goto out_free; 3779 } 3780 3781 /* ignore disabled channels */ 3782 if (chan->flags & IEEE80211_CHAN_DISABLED) 3783 continue; 3784 3785 request->channels[i] = chan; 3786 i++; 3787 } 3788 } else { 3789 enum ieee80211_band band; 3790 3791 /* all channels */ 3792 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 3793 int j; 3794 if (!wiphy->bands[band]) 3795 continue; 3796 for (j = 0; j < wiphy->bands[band]->n_channels; j++) { 3797 struct ieee80211_channel *chan; 3798 3799 chan = &wiphy->bands[band]->channels[j]; 3800 3801 if (chan->flags & IEEE80211_CHAN_DISABLED) 3802 continue; 3803 3804 request->channels[i] = chan; 3805 i++; 3806 } 3807 } 3808 } 3809 3810 if (!i) { 3811 err = -EINVAL; 3812 goto out_free; 3813 } 3814 3815 request->n_channels = i; 3816 3817 i = 0; 3818 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) { 3819 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) { 3820 if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) { 3821 err = -EINVAL; 3822 goto out_free; 3823 } 3824 request->ssids[i].ssid_len = nla_len(attr); 3825 memcpy(request->ssids[i].ssid, nla_data(attr), nla_len(attr)); 3826 i++; 3827 } 3828 } 3829 3830 if (info->attrs[NL80211_ATTR_IE]) { 3831 request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3832 memcpy((void *)request->ie, 3833 nla_data(info->attrs[NL80211_ATTR_IE]), 3834 request->ie_len); 3835 } 3836 3837 for (i = 0; i < IEEE80211_NUM_BANDS; i++) 3838 if (wiphy->bands[i]) 3839 request->rates[i] = 3840 (1 << wiphy->bands[i]->n_bitrates) - 1; 3841 3842 if (info->attrs[NL80211_ATTR_SCAN_SUPP_RATES]) { 3843 nla_for_each_nested(attr, 3844 info->attrs[NL80211_ATTR_SCAN_SUPP_RATES], 3845 tmp) { 3846 enum ieee80211_band band = nla_type(attr); 3847 3848 if (band < 0 || band >= IEEE80211_NUM_BANDS) { 3849 err = -EINVAL; 3850 goto out_free; 3851 } 3852 err = ieee80211_get_ratemask(wiphy->bands[band], 3853 nla_data(attr), 3854 nla_len(attr), 3855 &request->rates[band]); 3856 if (err) 3857 goto out_free; 3858 } 3859 } 3860 3861 request->no_cck = 3862 nla_get_flag(info->attrs[NL80211_ATTR_TX_NO_CCK_RATE]); 3863 3864 request->dev = dev; 3865 request->wiphy = &rdev->wiphy; 3866 3867 rdev->scan_req = request; 3868 err = rdev->ops->scan(&rdev->wiphy, dev, request); 3869 3870 if (!err) { 3871 nl80211_send_scan_start(rdev, dev); 3872 dev_hold(dev); 3873 } else { 3874 out_free: 3875 rdev->scan_req = NULL; 3876 kfree(request); 3877 } 3878 3879 return err; 3880 } 3881 3882 static int nl80211_start_sched_scan(struct sk_buff *skb, 3883 struct genl_info *info) 3884 { 3885 struct cfg80211_sched_scan_request *request; 3886 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3887 struct net_device *dev = info->user_ptr[1]; 3888 struct nlattr *attr; 3889 struct wiphy *wiphy; 3890 int err, tmp, n_ssids = 0, n_match_sets = 0, n_channels, i; 3891 u32 interval; 3892 enum ieee80211_band band; 3893 size_t ie_len; 3894 struct nlattr *tb[NL80211_SCHED_SCAN_MATCH_ATTR_MAX + 1]; 3895 3896 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN) || 3897 !rdev->ops->sched_scan_start) 3898 return -EOPNOTSUPP; 3899 3900 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3901 return -EINVAL; 3902 3903 if (!info->attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL]) 3904 return -EINVAL; 3905 3906 interval = nla_get_u32(info->attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL]); 3907 if (interval == 0) 3908 return -EINVAL; 3909 3910 wiphy = &rdev->wiphy; 3911 3912 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 3913 n_channels = validate_scan_freqs( 3914 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]); 3915 if (!n_channels) 3916 return -EINVAL; 3917 } else { 3918 n_channels = 0; 3919 3920 for (band = 0; band < IEEE80211_NUM_BANDS; band++) 3921 if (wiphy->bands[band]) 3922 n_channels += wiphy->bands[band]->n_channels; 3923 } 3924 3925 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) 3926 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], 3927 tmp) 3928 n_ssids++; 3929 3930 if (n_ssids > wiphy->max_sched_scan_ssids) 3931 return -EINVAL; 3932 3933 if (info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH]) 3934 nla_for_each_nested(attr, 3935 info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH], 3936 tmp) 3937 n_match_sets++; 3938 3939 if (n_match_sets > wiphy->max_match_sets) 3940 return -EINVAL; 3941 3942 if (info->attrs[NL80211_ATTR_IE]) 3943 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3944 else 3945 ie_len = 0; 3946 3947 if (ie_len > wiphy->max_sched_scan_ie_len) 3948 return -EINVAL; 3949 3950 mutex_lock(&rdev->sched_scan_mtx); 3951 3952 if (rdev->sched_scan_req) { 3953 err = -EINPROGRESS; 3954 goto out; 3955 } 3956 3957 request = kzalloc(sizeof(*request) 3958 + sizeof(*request->ssids) * n_ssids 3959 + sizeof(*request->match_sets) * n_match_sets 3960 + sizeof(*request->channels) * n_channels 3961 + ie_len, GFP_KERNEL); 3962 if (!request) { 3963 err = -ENOMEM; 3964 goto out; 3965 } 3966 3967 if (n_ssids) 3968 request->ssids = (void *)&request->channels[n_channels]; 3969 request->n_ssids = n_ssids; 3970 if (ie_len) { 3971 if (request->ssids) 3972 request->ie = (void *)(request->ssids + n_ssids); 3973 else 3974 request->ie = (void *)(request->channels + n_channels); 3975 } 3976 3977 if (n_match_sets) { 3978 if (request->ie) 3979 request->match_sets = (void *)(request->ie + ie_len); 3980 else if (request->ssids) 3981 request->match_sets = 3982 (void *)(request->ssids + n_ssids); 3983 else 3984 request->match_sets = 3985 (void *)(request->channels + n_channels); 3986 } 3987 request->n_match_sets = n_match_sets; 3988 3989 i = 0; 3990 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 3991 /* user specified, bail out if channel not found */ 3992 nla_for_each_nested(attr, 3993 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES], 3994 tmp) { 3995 struct ieee80211_channel *chan; 3996 3997 chan = ieee80211_get_channel(wiphy, nla_get_u32(attr)); 3998 3999 if (!chan) { 4000 err = -EINVAL; 4001 goto out_free; 4002 } 4003 4004 /* ignore disabled channels */ 4005 if (chan->flags & IEEE80211_CHAN_DISABLED) 4006 continue; 4007 4008 request->channels[i] = chan; 4009 i++; 4010 } 4011 } else { 4012 /* all channels */ 4013 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 4014 int j; 4015 if (!wiphy->bands[band]) 4016 continue; 4017 for (j = 0; j < wiphy->bands[band]->n_channels; j++) { 4018 struct ieee80211_channel *chan; 4019 4020 chan = &wiphy->bands[band]->channels[j]; 4021 4022 if (chan->flags & IEEE80211_CHAN_DISABLED) 4023 continue; 4024 4025 request->channels[i] = chan; 4026 i++; 4027 } 4028 } 4029 } 4030 4031 if (!i) { 4032 err = -EINVAL; 4033 goto out_free; 4034 } 4035 4036 request->n_channels = i; 4037 4038 i = 0; 4039 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) { 4040 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], 4041 tmp) { 4042 if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) { 4043 err = -EINVAL; 4044 goto out_free; 4045 } 4046 request->ssids[i].ssid_len = nla_len(attr); 4047 memcpy(request->ssids[i].ssid, nla_data(attr), 4048 nla_len(attr)); 4049 i++; 4050 } 4051 } 4052 4053 i = 0; 4054 if (info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH]) { 4055 nla_for_each_nested(attr, 4056 info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH], 4057 tmp) { 4058 struct nlattr *ssid; 4059 4060 nla_parse(tb, NL80211_SCHED_SCAN_MATCH_ATTR_MAX, 4061 nla_data(attr), nla_len(attr), 4062 nl80211_match_policy); 4063 ssid = tb[NL80211_ATTR_SCHED_SCAN_MATCH_SSID]; 4064 if (ssid) { 4065 if (nla_len(ssid) > IEEE80211_MAX_SSID_LEN) { 4066 err = -EINVAL; 4067 goto out_free; 4068 } 4069 memcpy(request->match_sets[i].ssid.ssid, 4070 nla_data(ssid), nla_len(ssid)); 4071 request->match_sets[i].ssid.ssid_len = 4072 nla_len(ssid); 4073 } 4074 i++; 4075 } 4076 } 4077 4078 if (info->attrs[NL80211_ATTR_IE]) { 4079 request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4080 memcpy((void *)request->ie, 4081 nla_data(info->attrs[NL80211_ATTR_IE]), 4082 request->ie_len); 4083 } 4084 4085 request->dev = dev; 4086 request->wiphy = &rdev->wiphy; 4087 request->interval = interval; 4088 4089 err = rdev->ops->sched_scan_start(&rdev->wiphy, dev, request); 4090 if (!err) { 4091 rdev->sched_scan_req = request; 4092 nl80211_send_sched_scan(rdev, dev, 4093 NL80211_CMD_START_SCHED_SCAN); 4094 goto out; 4095 } 4096 4097 out_free: 4098 kfree(request); 4099 out: 4100 mutex_unlock(&rdev->sched_scan_mtx); 4101 return err; 4102 } 4103 4104 static int nl80211_stop_sched_scan(struct sk_buff *skb, 4105 struct genl_info *info) 4106 { 4107 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4108 int err; 4109 4110 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN) || 4111 !rdev->ops->sched_scan_stop) 4112 return -EOPNOTSUPP; 4113 4114 mutex_lock(&rdev->sched_scan_mtx); 4115 err = __cfg80211_stop_sched_scan(rdev, false); 4116 mutex_unlock(&rdev->sched_scan_mtx); 4117 4118 return err; 4119 } 4120 4121 static int nl80211_send_bss(struct sk_buff *msg, struct netlink_callback *cb, 4122 u32 seq, int flags, 4123 struct cfg80211_registered_device *rdev, 4124 struct wireless_dev *wdev, 4125 struct cfg80211_internal_bss *intbss) 4126 { 4127 struct cfg80211_bss *res = &intbss->pub; 4128 void *hdr; 4129 struct nlattr *bss; 4130 4131 ASSERT_WDEV_LOCK(wdev); 4132 4133 hdr = nl80211hdr_put(msg, NETLINK_CB(cb->skb).pid, seq, flags, 4134 NL80211_CMD_NEW_SCAN_RESULTS); 4135 if (!hdr) 4136 return -1; 4137 4138 genl_dump_check_consistent(cb, hdr, &nl80211_fam); 4139 4140 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, rdev->bss_generation); 4141 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, wdev->netdev->ifindex); 4142 4143 bss = nla_nest_start(msg, NL80211_ATTR_BSS); 4144 if (!bss) 4145 goto nla_put_failure; 4146 if (!is_zero_ether_addr(res->bssid)) 4147 NLA_PUT(msg, NL80211_BSS_BSSID, ETH_ALEN, res->bssid); 4148 if (res->information_elements && res->len_information_elements) 4149 NLA_PUT(msg, NL80211_BSS_INFORMATION_ELEMENTS, 4150 res->len_information_elements, 4151 res->information_elements); 4152 if (res->beacon_ies && res->len_beacon_ies && 4153 res->beacon_ies != res->information_elements) 4154 NLA_PUT(msg, NL80211_BSS_BEACON_IES, 4155 res->len_beacon_ies, res->beacon_ies); 4156 if (res->tsf) 4157 NLA_PUT_U64(msg, NL80211_BSS_TSF, res->tsf); 4158 if (res->beacon_interval) 4159 NLA_PUT_U16(msg, NL80211_BSS_BEACON_INTERVAL, res->beacon_interval); 4160 NLA_PUT_U16(msg, NL80211_BSS_CAPABILITY, res->capability); 4161 NLA_PUT_U32(msg, NL80211_BSS_FREQUENCY, res->channel->center_freq); 4162 NLA_PUT_U32(msg, NL80211_BSS_SEEN_MS_AGO, 4163 jiffies_to_msecs(jiffies - intbss->ts)); 4164 4165 switch (rdev->wiphy.signal_type) { 4166 case CFG80211_SIGNAL_TYPE_MBM: 4167 NLA_PUT_U32(msg, NL80211_BSS_SIGNAL_MBM, res->signal); 4168 break; 4169 case CFG80211_SIGNAL_TYPE_UNSPEC: 4170 NLA_PUT_U8(msg, NL80211_BSS_SIGNAL_UNSPEC, res->signal); 4171 break; 4172 default: 4173 break; 4174 } 4175 4176 switch (wdev->iftype) { 4177 case NL80211_IFTYPE_P2P_CLIENT: 4178 case NL80211_IFTYPE_STATION: 4179 if (intbss == wdev->current_bss) 4180 NLA_PUT_U32(msg, NL80211_BSS_STATUS, 4181 NL80211_BSS_STATUS_ASSOCIATED); 4182 break; 4183 case NL80211_IFTYPE_ADHOC: 4184 if (intbss == wdev->current_bss) 4185 NLA_PUT_U32(msg, NL80211_BSS_STATUS, 4186 NL80211_BSS_STATUS_IBSS_JOINED); 4187 break; 4188 default: 4189 break; 4190 } 4191 4192 nla_nest_end(msg, bss); 4193 4194 return genlmsg_end(msg, hdr); 4195 4196 nla_put_failure: 4197 genlmsg_cancel(msg, hdr); 4198 return -EMSGSIZE; 4199 } 4200 4201 static int nl80211_dump_scan(struct sk_buff *skb, 4202 struct netlink_callback *cb) 4203 { 4204 struct cfg80211_registered_device *rdev; 4205 struct net_device *dev; 4206 struct cfg80211_internal_bss *scan; 4207 struct wireless_dev *wdev; 4208 int start = cb->args[1], idx = 0; 4209 int err; 4210 4211 err = nl80211_prepare_netdev_dump(skb, cb, &rdev, &dev); 4212 if (err) 4213 return err; 4214 4215 wdev = dev->ieee80211_ptr; 4216 4217 wdev_lock(wdev); 4218 spin_lock_bh(&rdev->bss_lock); 4219 cfg80211_bss_expire(rdev); 4220 4221 cb->seq = rdev->bss_generation; 4222 4223 list_for_each_entry(scan, &rdev->bss_list, list) { 4224 if (++idx <= start) 4225 continue; 4226 if (nl80211_send_bss(skb, cb, 4227 cb->nlh->nlmsg_seq, NLM_F_MULTI, 4228 rdev, wdev, scan) < 0) { 4229 idx--; 4230 break; 4231 } 4232 } 4233 4234 spin_unlock_bh(&rdev->bss_lock); 4235 wdev_unlock(wdev); 4236 4237 cb->args[1] = idx; 4238 nl80211_finish_netdev_dump(rdev); 4239 4240 return skb->len; 4241 } 4242 4243 static int nl80211_send_survey(struct sk_buff *msg, u32 pid, u32 seq, 4244 int flags, struct net_device *dev, 4245 struct survey_info *survey) 4246 { 4247 void *hdr; 4248 struct nlattr *infoattr; 4249 4250 hdr = nl80211hdr_put(msg, pid, seq, flags, 4251 NL80211_CMD_NEW_SURVEY_RESULTS); 4252 if (!hdr) 4253 return -ENOMEM; 4254 4255 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 4256 4257 infoattr = nla_nest_start(msg, NL80211_ATTR_SURVEY_INFO); 4258 if (!infoattr) 4259 goto nla_put_failure; 4260 4261 NLA_PUT_U32(msg, NL80211_SURVEY_INFO_FREQUENCY, 4262 survey->channel->center_freq); 4263 if (survey->filled & SURVEY_INFO_NOISE_DBM) 4264 NLA_PUT_U8(msg, NL80211_SURVEY_INFO_NOISE, 4265 survey->noise); 4266 if (survey->filled & SURVEY_INFO_IN_USE) 4267 NLA_PUT_FLAG(msg, NL80211_SURVEY_INFO_IN_USE); 4268 if (survey->filled & SURVEY_INFO_CHANNEL_TIME) 4269 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME, 4270 survey->channel_time); 4271 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_BUSY) 4272 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY, 4273 survey->channel_time_busy); 4274 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_EXT_BUSY) 4275 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_EXT_BUSY, 4276 survey->channel_time_ext_busy); 4277 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_RX) 4278 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_RX, 4279 survey->channel_time_rx); 4280 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_TX) 4281 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_TX, 4282 survey->channel_time_tx); 4283 4284 nla_nest_end(msg, infoattr); 4285 4286 return genlmsg_end(msg, hdr); 4287 4288 nla_put_failure: 4289 genlmsg_cancel(msg, hdr); 4290 return -EMSGSIZE; 4291 } 4292 4293 static int nl80211_dump_survey(struct sk_buff *skb, 4294 struct netlink_callback *cb) 4295 { 4296 struct survey_info survey; 4297 struct cfg80211_registered_device *dev; 4298 struct net_device *netdev; 4299 int survey_idx = cb->args[1]; 4300 int res; 4301 4302 res = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev); 4303 if (res) 4304 return res; 4305 4306 if (!dev->ops->dump_survey) { 4307 res = -EOPNOTSUPP; 4308 goto out_err; 4309 } 4310 4311 while (1) { 4312 struct ieee80211_channel *chan; 4313 4314 res = dev->ops->dump_survey(&dev->wiphy, netdev, survey_idx, 4315 &survey); 4316 if (res == -ENOENT) 4317 break; 4318 if (res) 4319 goto out_err; 4320 4321 /* Survey without a channel doesn't make sense */ 4322 if (!survey.channel) { 4323 res = -EINVAL; 4324 goto out; 4325 } 4326 4327 chan = ieee80211_get_channel(&dev->wiphy, 4328 survey.channel->center_freq); 4329 if (!chan || chan->flags & IEEE80211_CHAN_DISABLED) { 4330 survey_idx++; 4331 continue; 4332 } 4333 4334 if (nl80211_send_survey(skb, 4335 NETLINK_CB(cb->skb).pid, 4336 cb->nlh->nlmsg_seq, NLM_F_MULTI, 4337 netdev, 4338 &survey) < 0) 4339 goto out; 4340 survey_idx++; 4341 } 4342 4343 out: 4344 cb->args[1] = survey_idx; 4345 res = skb->len; 4346 out_err: 4347 nl80211_finish_netdev_dump(dev); 4348 return res; 4349 } 4350 4351 static bool nl80211_valid_auth_type(enum nl80211_auth_type auth_type) 4352 { 4353 return auth_type <= NL80211_AUTHTYPE_MAX; 4354 } 4355 4356 static bool nl80211_valid_wpa_versions(u32 wpa_versions) 4357 { 4358 return !(wpa_versions & ~(NL80211_WPA_VERSION_1 | 4359 NL80211_WPA_VERSION_2)); 4360 } 4361 4362 static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info) 4363 { 4364 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4365 struct net_device *dev = info->user_ptr[1]; 4366 struct ieee80211_channel *chan; 4367 const u8 *bssid, *ssid, *ie = NULL; 4368 int err, ssid_len, ie_len = 0; 4369 enum nl80211_auth_type auth_type; 4370 struct key_parse key; 4371 bool local_state_change; 4372 4373 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4374 return -EINVAL; 4375 4376 if (!info->attrs[NL80211_ATTR_MAC]) 4377 return -EINVAL; 4378 4379 if (!info->attrs[NL80211_ATTR_AUTH_TYPE]) 4380 return -EINVAL; 4381 4382 if (!info->attrs[NL80211_ATTR_SSID]) 4383 return -EINVAL; 4384 4385 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ]) 4386 return -EINVAL; 4387 4388 err = nl80211_parse_key(info, &key); 4389 if (err) 4390 return err; 4391 4392 if (key.idx >= 0) { 4393 if (key.type != -1 && key.type != NL80211_KEYTYPE_GROUP) 4394 return -EINVAL; 4395 if (!key.p.key || !key.p.key_len) 4396 return -EINVAL; 4397 if ((key.p.cipher != WLAN_CIPHER_SUITE_WEP40 || 4398 key.p.key_len != WLAN_KEY_LEN_WEP40) && 4399 (key.p.cipher != WLAN_CIPHER_SUITE_WEP104 || 4400 key.p.key_len != WLAN_KEY_LEN_WEP104)) 4401 return -EINVAL; 4402 if (key.idx > 4) 4403 return -EINVAL; 4404 } else { 4405 key.p.key_len = 0; 4406 key.p.key = NULL; 4407 } 4408 4409 if (key.idx >= 0) { 4410 int i; 4411 bool ok = false; 4412 for (i = 0; i < rdev->wiphy.n_cipher_suites; i++) { 4413 if (key.p.cipher == rdev->wiphy.cipher_suites[i]) { 4414 ok = true; 4415 break; 4416 } 4417 } 4418 if (!ok) 4419 return -EINVAL; 4420 } 4421 4422 if (!rdev->ops->auth) 4423 return -EOPNOTSUPP; 4424 4425 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4426 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4427 return -EOPNOTSUPP; 4428 4429 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4430 chan = ieee80211_get_channel(&rdev->wiphy, 4431 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 4432 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED)) 4433 return -EINVAL; 4434 4435 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 4436 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 4437 4438 if (info->attrs[NL80211_ATTR_IE]) { 4439 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4440 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4441 } 4442 4443 auth_type = nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]); 4444 if (!nl80211_valid_auth_type(auth_type)) 4445 return -EINVAL; 4446 4447 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; 4448 4449 /* 4450 * Since we no longer track auth state, ignore 4451 * requests to only change local state. 4452 */ 4453 if (local_state_change) 4454 return 0; 4455 4456 return cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid, 4457 ssid, ssid_len, ie, ie_len, 4458 key.p.key, key.p.key_len, key.idx); 4459 } 4460 4461 static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev, 4462 struct genl_info *info, 4463 struct cfg80211_crypto_settings *settings, 4464 int cipher_limit) 4465 { 4466 memset(settings, 0, sizeof(*settings)); 4467 4468 settings->control_port = info->attrs[NL80211_ATTR_CONTROL_PORT]; 4469 4470 if (info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]) { 4471 u16 proto; 4472 proto = nla_get_u16( 4473 info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]); 4474 settings->control_port_ethertype = cpu_to_be16(proto); 4475 if (!(rdev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) && 4476 proto != ETH_P_PAE) 4477 return -EINVAL; 4478 if (info->attrs[NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT]) 4479 settings->control_port_no_encrypt = true; 4480 } else 4481 settings->control_port_ethertype = cpu_to_be16(ETH_P_PAE); 4482 4483 if (info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]) { 4484 void *data; 4485 int len, i; 4486 4487 data = nla_data(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]); 4488 len = nla_len(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]); 4489 settings->n_ciphers_pairwise = len / sizeof(u32); 4490 4491 if (len % sizeof(u32)) 4492 return -EINVAL; 4493 4494 if (settings->n_ciphers_pairwise > cipher_limit) 4495 return -EINVAL; 4496 4497 memcpy(settings->ciphers_pairwise, data, len); 4498 4499 for (i = 0; i < settings->n_ciphers_pairwise; i++) 4500 if (!cfg80211_supported_cipher_suite( 4501 &rdev->wiphy, 4502 settings->ciphers_pairwise[i])) 4503 return -EINVAL; 4504 } 4505 4506 if (info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]) { 4507 settings->cipher_group = 4508 nla_get_u32(info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]); 4509 if (!cfg80211_supported_cipher_suite(&rdev->wiphy, 4510 settings->cipher_group)) 4511 return -EINVAL; 4512 } 4513 4514 if (info->attrs[NL80211_ATTR_WPA_VERSIONS]) { 4515 settings->wpa_versions = 4516 nla_get_u32(info->attrs[NL80211_ATTR_WPA_VERSIONS]); 4517 if (!nl80211_valid_wpa_versions(settings->wpa_versions)) 4518 return -EINVAL; 4519 } 4520 4521 if (info->attrs[NL80211_ATTR_AKM_SUITES]) { 4522 void *data; 4523 int len; 4524 4525 data = nla_data(info->attrs[NL80211_ATTR_AKM_SUITES]); 4526 len = nla_len(info->attrs[NL80211_ATTR_AKM_SUITES]); 4527 settings->n_akm_suites = len / sizeof(u32); 4528 4529 if (len % sizeof(u32)) 4530 return -EINVAL; 4531 4532 if (settings->n_akm_suites > NL80211_MAX_NR_AKM_SUITES) 4533 return -EINVAL; 4534 4535 memcpy(settings->akm_suites, data, len); 4536 } 4537 4538 return 0; 4539 } 4540 4541 static int nl80211_associate(struct sk_buff *skb, struct genl_info *info) 4542 { 4543 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4544 struct net_device *dev = info->user_ptr[1]; 4545 struct cfg80211_crypto_settings crypto; 4546 struct ieee80211_channel *chan; 4547 const u8 *bssid, *ssid, *ie = NULL, *prev_bssid = NULL; 4548 int err, ssid_len, ie_len = 0; 4549 bool use_mfp = false; 4550 u32 flags = 0; 4551 struct ieee80211_ht_cap *ht_capa = NULL; 4552 struct ieee80211_ht_cap *ht_capa_mask = NULL; 4553 4554 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4555 return -EINVAL; 4556 4557 if (!info->attrs[NL80211_ATTR_MAC] || 4558 !info->attrs[NL80211_ATTR_SSID] || 4559 !info->attrs[NL80211_ATTR_WIPHY_FREQ]) 4560 return -EINVAL; 4561 4562 if (!rdev->ops->assoc) 4563 return -EOPNOTSUPP; 4564 4565 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4566 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4567 return -EOPNOTSUPP; 4568 4569 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4570 4571 chan = ieee80211_get_channel(&rdev->wiphy, 4572 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 4573 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED)) 4574 return -EINVAL; 4575 4576 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 4577 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 4578 4579 if (info->attrs[NL80211_ATTR_IE]) { 4580 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4581 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4582 } 4583 4584 if (info->attrs[NL80211_ATTR_USE_MFP]) { 4585 enum nl80211_mfp mfp = 4586 nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]); 4587 if (mfp == NL80211_MFP_REQUIRED) 4588 use_mfp = true; 4589 else if (mfp != NL80211_MFP_NO) 4590 return -EINVAL; 4591 } 4592 4593 if (info->attrs[NL80211_ATTR_PREV_BSSID]) 4594 prev_bssid = nla_data(info->attrs[NL80211_ATTR_PREV_BSSID]); 4595 4596 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_HT])) 4597 flags |= ASSOC_REQ_DISABLE_HT; 4598 4599 if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]) 4600 ht_capa_mask = 4601 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]); 4602 4603 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) { 4604 if (!ht_capa_mask) 4605 return -EINVAL; 4606 ht_capa = nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]); 4607 } 4608 4609 err = nl80211_crypto_settings(rdev, info, &crypto, 1); 4610 if (!err) 4611 err = cfg80211_mlme_assoc(rdev, dev, chan, bssid, prev_bssid, 4612 ssid, ssid_len, ie, ie_len, use_mfp, 4613 &crypto, flags, ht_capa, 4614 ht_capa_mask); 4615 4616 return err; 4617 } 4618 4619 static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info) 4620 { 4621 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4622 struct net_device *dev = info->user_ptr[1]; 4623 const u8 *ie = NULL, *bssid; 4624 int ie_len = 0; 4625 u16 reason_code; 4626 bool local_state_change; 4627 4628 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4629 return -EINVAL; 4630 4631 if (!info->attrs[NL80211_ATTR_MAC]) 4632 return -EINVAL; 4633 4634 if (!info->attrs[NL80211_ATTR_REASON_CODE]) 4635 return -EINVAL; 4636 4637 if (!rdev->ops->deauth) 4638 return -EOPNOTSUPP; 4639 4640 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4641 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4642 return -EOPNOTSUPP; 4643 4644 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4645 4646 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 4647 if (reason_code == 0) { 4648 /* Reason Code 0 is reserved */ 4649 return -EINVAL; 4650 } 4651 4652 if (info->attrs[NL80211_ATTR_IE]) { 4653 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4654 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4655 } 4656 4657 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; 4658 4659 return cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason_code, 4660 local_state_change); 4661 } 4662 4663 static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info) 4664 { 4665 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4666 struct net_device *dev = info->user_ptr[1]; 4667 const u8 *ie = NULL, *bssid; 4668 int ie_len = 0; 4669 u16 reason_code; 4670 bool local_state_change; 4671 4672 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4673 return -EINVAL; 4674 4675 if (!info->attrs[NL80211_ATTR_MAC]) 4676 return -EINVAL; 4677 4678 if (!info->attrs[NL80211_ATTR_REASON_CODE]) 4679 return -EINVAL; 4680 4681 if (!rdev->ops->disassoc) 4682 return -EOPNOTSUPP; 4683 4684 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4685 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4686 return -EOPNOTSUPP; 4687 4688 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4689 4690 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 4691 if (reason_code == 0) { 4692 /* Reason Code 0 is reserved */ 4693 return -EINVAL; 4694 } 4695 4696 if (info->attrs[NL80211_ATTR_IE]) { 4697 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4698 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4699 } 4700 4701 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; 4702 4703 return cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason_code, 4704 local_state_change); 4705 } 4706 4707 static bool 4708 nl80211_parse_mcast_rate(struct cfg80211_registered_device *rdev, 4709 int mcast_rate[IEEE80211_NUM_BANDS], 4710 int rateval) 4711 { 4712 struct wiphy *wiphy = &rdev->wiphy; 4713 bool found = false; 4714 int band, i; 4715 4716 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 4717 struct ieee80211_supported_band *sband; 4718 4719 sband = wiphy->bands[band]; 4720 if (!sband) 4721 continue; 4722 4723 for (i = 0; i < sband->n_bitrates; i++) { 4724 if (sband->bitrates[i].bitrate == rateval) { 4725 mcast_rate[band] = i + 1; 4726 found = true; 4727 break; 4728 } 4729 } 4730 } 4731 4732 return found; 4733 } 4734 4735 static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info) 4736 { 4737 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4738 struct net_device *dev = info->user_ptr[1]; 4739 struct cfg80211_ibss_params ibss; 4740 struct wiphy *wiphy; 4741 struct cfg80211_cached_keys *connkeys = NULL; 4742 int err; 4743 4744 memset(&ibss, 0, sizeof(ibss)); 4745 4746 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4747 return -EINVAL; 4748 4749 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] || 4750 !info->attrs[NL80211_ATTR_SSID] || 4751 !nla_len(info->attrs[NL80211_ATTR_SSID])) 4752 return -EINVAL; 4753 4754 ibss.beacon_interval = 100; 4755 4756 if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) { 4757 ibss.beacon_interval = 4758 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]); 4759 if (ibss.beacon_interval < 1 || ibss.beacon_interval > 10000) 4760 return -EINVAL; 4761 } 4762 4763 if (!rdev->ops->join_ibss) 4764 return -EOPNOTSUPP; 4765 4766 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) 4767 return -EOPNOTSUPP; 4768 4769 wiphy = &rdev->wiphy; 4770 4771 if (info->attrs[NL80211_ATTR_MAC]) { 4772 ibss.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4773 4774 if (!is_valid_ether_addr(ibss.bssid)) 4775 return -EINVAL; 4776 } 4777 ibss.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 4778 ibss.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 4779 4780 if (info->attrs[NL80211_ATTR_IE]) { 4781 ibss.ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4782 ibss.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4783 } 4784 4785 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 4786 enum nl80211_channel_type channel_type; 4787 4788 channel_type = nla_get_u32( 4789 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 4790 if (channel_type != NL80211_CHAN_NO_HT && 4791 channel_type != NL80211_CHAN_HT20 && 4792 channel_type != NL80211_CHAN_HT40MINUS && 4793 channel_type != NL80211_CHAN_HT40PLUS) 4794 return -EINVAL; 4795 4796 if (channel_type != NL80211_CHAN_NO_HT && 4797 !(wiphy->features & NL80211_FEATURE_HT_IBSS)) 4798 return -EINVAL; 4799 4800 ibss.channel_type = channel_type; 4801 } else { 4802 ibss.channel_type = NL80211_CHAN_NO_HT; 4803 } 4804 4805 ibss.channel = rdev_freq_to_chan(rdev, 4806 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]), 4807 ibss.channel_type); 4808 if (!ibss.channel || 4809 ibss.channel->flags & IEEE80211_CHAN_NO_IBSS || 4810 ibss.channel->flags & IEEE80211_CHAN_DISABLED) 4811 return -EINVAL; 4812 4813 /* Both channels should be able to initiate communication */ 4814 if ((ibss.channel_type == NL80211_CHAN_HT40PLUS || 4815 ibss.channel_type == NL80211_CHAN_HT40MINUS) && 4816 !cfg80211_can_beacon_sec_chan(&rdev->wiphy, ibss.channel, 4817 ibss.channel_type)) 4818 return -EINVAL; 4819 4820 ibss.channel_fixed = !!info->attrs[NL80211_ATTR_FREQ_FIXED]; 4821 ibss.privacy = !!info->attrs[NL80211_ATTR_PRIVACY]; 4822 4823 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) { 4824 u8 *rates = 4825 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 4826 int n_rates = 4827 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 4828 struct ieee80211_supported_band *sband = 4829 wiphy->bands[ibss.channel->band]; 4830 4831 err = ieee80211_get_ratemask(sband, rates, n_rates, 4832 &ibss.basic_rates); 4833 if (err) 4834 return err; 4835 } 4836 4837 if (info->attrs[NL80211_ATTR_MCAST_RATE] && 4838 !nl80211_parse_mcast_rate(rdev, ibss.mcast_rate, 4839 nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE]))) 4840 return -EINVAL; 4841 4842 if (ibss.privacy && info->attrs[NL80211_ATTR_KEYS]) { 4843 connkeys = nl80211_parse_connkeys(rdev, 4844 info->attrs[NL80211_ATTR_KEYS]); 4845 if (IS_ERR(connkeys)) 4846 return PTR_ERR(connkeys); 4847 } 4848 4849 ibss.control_port = 4850 nla_get_flag(info->attrs[NL80211_ATTR_CONTROL_PORT]); 4851 4852 err = cfg80211_join_ibss(rdev, dev, &ibss, connkeys); 4853 if (err) 4854 kfree(connkeys); 4855 return err; 4856 } 4857 4858 static int nl80211_leave_ibss(struct sk_buff *skb, struct genl_info *info) 4859 { 4860 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4861 struct net_device *dev = info->user_ptr[1]; 4862 4863 if (!rdev->ops->leave_ibss) 4864 return -EOPNOTSUPP; 4865 4866 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) 4867 return -EOPNOTSUPP; 4868 4869 return cfg80211_leave_ibss(rdev, dev, false); 4870 } 4871 4872 #ifdef CONFIG_NL80211_TESTMODE 4873 static struct genl_multicast_group nl80211_testmode_mcgrp = { 4874 .name = "testmode", 4875 }; 4876 4877 static int nl80211_testmode_do(struct sk_buff *skb, struct genl_info *info) 4878 { 4879 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4880 int err; 4881 4882 if (!info->attrs[NL80211_ATTR_TESTDATA]) 4883 return -EINVAL; 4884 4885 err = -EOPNOTSUPP; 4886 if (rdev->ops->testmode_cmd) { 4887 rdev->testmode_info = info; 4888 err = rdev->ops->testmode_cmd(&rdev->wiphy, 4889 nla_data(info->attrs[NL80211_ATTR_TESTDATA]), 4890 nla_len(info->attrs[NL80211_ATTR_TESTDATA])); 4891 rdev->testmode_info = NULL; 4892 } 4893 4894 return err; 4895 } 4896 4897 static int nl80211_testmode_dump(struct sk_buff *skb, 4898 struct netlink_callback *cb) 4899 { 4900 struct cfg80211_registered_device *rdev; 4901 int err; 4902 long phy_idx; 4903 void *data = NULL; 4904 int data_len = 0; 4905 4906 if (cb->args[0]) { 4907 /* 4908 * 0 is a valid index, but not valid for args[0], 4909 * so we need to offset by 1. 4910 */ 4911 phy_idx = cb->args[0] - 1; 4912 } else { 4913 err = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize, 4914 nl80211_fam.attrbuf, nl80211_fam.maxattr, 4915 nl80211_policy); 4916 if (err) 4917 return err; 4918 if (nl80211_fam.attrbuf[NL80211_ATTR_WIPHY]) { 4919 phy_idx = nla_get_u32( 4920 nl80211_fam.attrbuf[NL80211_ATTR_WIPHY]); 4921 } else { 4922 struct net_device *netdev; 4923 4924 err = get_rdev_dev_by_ifindex(sock_net(skb->sk), 4925 nl80211_fam.attrbuf, 4926 &rdev, &netdev); 4927 if (err) 4928 return err; 4929 dev_put(netdev); 4930 phy_idx = rdev->wiphy_idx; 4931 cfg80211_unlock_rdev(rdev); 4932 } 4933 if (nl80211_fam.attrbuf[NL80211_ATTR_TESTDATA]) 4934 cb->args[1] = 4935 (long)nl80211_fam.attrbuf[NL80211_ATTR_TESTDATA]; 4936 } 4937 4938 if (cb->args[1]) { 4939 data = nla_data((void *)cb->args[1]); 4940 data_len = nla_len((void *)cb->args[1]); 4941 } 4942 4943 mutex_lock(&cfg80211_mutex); 4944 rdev = cfg80211_rdev_by_wiphy_idx(phy_idx); 4945 if (!rdev) { 4946 mutex_unlock(&cfg80211_mutex); 4947 return -ENOENT; 4948 } 4949 cfg80211_lock_rdev(rdev); 4950 mutex_unlock(&cfg80211_mutex); 4951 4952 if (!rdev->ops->testmode_dump) { 4953 err = -EOPNOTSUPP; 4954 goto out_err; 4955 } 4956 4957 while (1) { 4958 void *hdr = nl80211hdr_put(skb, NETLINK_CB(cb->skb).pid, 4959 cb->nlh->nlmsg_seq, NLM_F_MULTI, 4960 NL80211_CMD_TESTMODE); 4961 struct nlattr *tmdata; 4962 4963 if (nla_put_u32(skb, NL80211_ATTR_WIPHY, phy_idx) < 0) { 4964 genlmsg_cancel(skb, hdr); 4965 break; 4966 } 4967 4968 tmdata = nla_nest_start(skb, NL80211_ATTR_TESTDATA); 4969 if (!tmdata) { 4970 genlmsg_cancel(skb, hdr); 4971 break; 4972 } 4973 err = rdev->ops->testmode_dump(&rdev->wiphy, skb, cb, 4974 data, data_len); 4975 nla_nest_end(skb, tmdata); 4976 4977 if (err == -ENOBUFS || err == -ENOENT) { 4978 genlmsg_cancel(skb, hdr); 4979 break; 4980 } else if (err) { 4981 genlmsg_cancel(skb, hdr); 4982 goto out_err; 4983 } 4984 4985 genlmsg_end(skb, hdr); 4986 } 4987 4988 err = skb->len; 4989 /* see above */ 4990 cb->args[0] = phy_idx + 1; 4991 out_err: 4992 cfg80211_unlock_rdev(rdev); 4993 return err; 4994 } 4995 4996 static struct sk_buff * 4997 __cfg80211_testmode_alloc_skb(struct cfg80211_registered_device *rdev, 4998 int approxlen, u32 pid, u32 seq, gfp_t gfp) 4999 { 5000 struct sk_buff *skb; 5001 void *hdr; 5002 struct nlattr *data; 5003 5004 skb = nlmsg_new(approxlen + 100, gfp); 5005 if (!skb) 5006 return NULL; 5007 5008 hdr = nl80211hdr_put(skb, pid, seq, 0, NL80211_CMD_TESTMODE); 5009 if (!hdr) { 5010 kfree_skb(skb); 5011 return NULL; 5012 } 5013 5014 NLA_PUT_U32(skb, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5015 data = nla_nest_start(skb, NL80211_ATTR_TESTDATA); 5016 5017 ((void **)skb->cb)[0] = rdev; 5018 ((void **)skb->cb)[1] = hdr; 5019 ((void **)skb->cb)[2] = data; 5020 5021 return skb; 5022 5023 nla_put_failure: 5024 kfree_skb(skb); 5025 return NULL; 5026 } 5027 5028 struct sk_buff *cfg80211_testmode_alloc_reply_skb(struct wiphy *wiphy, 5029 int approxlen) 5030 { 5031 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 5032 5033 if (WARN_ON(!rdev->testmode_info)) 5034 return NULL; 5035 5036 return __cfg80211_testmode_alloc_skb(rdev, approxlen, 5037 rdev->testmode_info->snd_pid, 5038 rdev->testmode_info->snd_seq, 5039 GFP_KERNEL); 5040 } 5041 EXPORT_SYMBOL(cfg80211_testmode_alloc_reply_skb); 5042 5043 int cfg80211_testmode_reply(struct sk_buff *skb) 5044 { 5045 struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0]; 5046 void *hdr = ((void **)skb->cb)[1]; 5047 struct nlattr *data = ((void **)skb->cb)[2]; 5048 5049 if (WARN_ON(!rdev->testmode_info)) { 5050 kfree_skb(skb); 5051 return -EINVAL; 5052 } 5053 5054 nla_nest_end(skb, data); 5055 genlmsg_end(skb, hdr); 5056 return genlmsg_reply(skb, rdev->testmode_info); 5057 } 5058 EXPORT_SYMBOL(cfg80211_testmode_reply); 5059 5060 struct sk_buff *cfg80211_testmode_alloc_event_skb(struct wiphy *wiphy, 5061 int approxlen, gfp_t gfp) 5062 { 5063 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 5064 5065 return __cfg80211_testmode_alloc_skb(rdev, approxlen, 0, 0, gfp); 5066 } 5067 EXPORT_SYMBOL(cfg80211_testmode_alloc_event_skb); 5068 5069 void cfg80211_testmode_event(struct sk_buff *skb, gfp_t gfp) 5070 { 5071 void *hdr = ((void **)skb->cb)[1]; 5072 struct nlattr *data = ((void **)skb->cb)[2]; 5073 5074 nla_nest_end(skb, data); 5075 genlmsg_end(skb, hdr); 5076 genlmsg_multicast(skb, 0, nl80211_testmode_mcgrp.id, gfp); 5077 } 5078 EXPORT_SYMBOL(cfg80211_testmode_event); 5079 #endif 5080 5081 static int nl80211_connect(struct sk_buff *skb, struct genl_info *info) 5082 { 5083 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5084 struct net_device *dev = info->user_ptr[1]; 5085 struct cfg80211_connect_params connect; 5086 struct wiphy *wiphy; 5087 struct cfg80211_cached_keys *connkeys = NULL; 5088 int err; 5089 5090 memset(&connect, 0, sizeof(connect)); 5091 5092 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 5093 return -EINVAL; 5094 5095 if (!info->attrs[NL80211_ATTR_SSID] || 5096 !nla_len(info->attrs[NL80211_ATTR_SSID])) 5097 return -EINVAL; 5098 5099 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) { 5100 connect.auth_type = 5101 nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]); 5102 if (!nl80211_valid_auth_type(connect.auth_type)) 5103 return -EINVAL; 5104 } else 5105 connect.auth_type = NL80211_AUTHTYPE_AUTOMATIC; 5106 5107 connect.privacy = info->attrs[NL80211_ATTR_PRIVACY]; 5108 5109 err = nl80211_crypto_settings(rdev, info, &connect.crypto, 5110 NL80211_MAX_NR_CIPHER_SUITES); 5111 if (err) 5112 return err; 5113 5114 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 5115 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 5116 return -EOPNOTSUPP; 5117 5118 wiphy = &rdev->wiphy; 5119 5120 connect.bg_scan_period = -1; 5121 if (info->attrs[NL80211_ATTR_BG_SCAN_PERIOD] && 5122 (wiphy->flags & WIPHY_FLAG_SUPPORTS_FW_ROAM)) { 5123 connect.bg_scan_period = 5124 nla_get_u16(info->attrs[NL80211_ATTR_BG_SCAN_PERIOD]); 5125 } 5126 5127 if (info->attrs[NL80211_ATTR_MAC]) 5128 connect.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 5129 connect.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 5130 connect.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 5131 5132 if (info->attrs[NL80211_ATTR_IE]) { 5133 connect.ie = nla_data(info->attrs[NL80211_ATTR_IE]); 5134 connect.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 5135 } 5136 5137 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { 5138 connect.channel = 5139 ieee80211_get_channel(wiphy, 5140 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 5141 if (!connect.channel || 5142 connect.channel->flags & IEEE80211_CHAN_DISABLED) 5143 return -EINVAL; 5144 } 5145 5146 if (connect.privacy && info->attrs[NL80211_ATTR_KEYS]) { 5147 connkeys = nl80211_parse_connkeys(rdev, 5148 info->attrs[NL80211_ATTR_KEYS]); 5149 if (IS_ERR(connkeys)) 5150 return PTR_ERR(connkeys); 5151 } 5152 5153 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_HT])) 5154 connect.flags |= ASSOC_REQ_DISABLE_HT; 5155 5156 if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]) 5157 memcpy(&connect.ht_capa_mask, 5158 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]), 5159 sizeof(connect.ht_capa_mask)); 5160 5161 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) { 5162 if (!info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]) 5163 return -EINVAL; 5164 memcpy(&connect.ht_capa, 5165 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]), 5166 sizeof(connect.ht_capa)); 5167 } 5168 5169 err = cfg80211_connect(rdev, dev, &connect, connkeys); 5170 if (err) 5171 kfree(connkeys); 5172 return err; 5173 } 5174 5175 static int nl80211_disconnect(struct sk_buff *skb, struct genl_info *info) 5176 { 5177 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5178 struct net_device *dev = info->user_ptr[1]; 5179 u16 reason; 5180 5181 if (!info->attrs[NL80211_ATTR_REASON_CODE]) 5182 reason = WLAN_REASON_DEAUTH_LEAVING; 5183 else 5184 reason = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 5185 5186 if (reason == 0) 5187 return -EINVAL; 5188 5189 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 5190 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 5191 return -EOPNOTSUPP; 5192 5193 return cfg80211_disconnect(rdev, dev, reason, true); 5194 } 5195 5196 static int nl80211_wiphy_netns(struct sk_buff *skb, struct genl_info *info) 5197 { 5198 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5199 struct net *net; 5200 int err; 5201 u32 pid; 5202 5203 if (!info->attrs[NL80211_ATTR_PID]) 5204 return -EINVAL; 5205 5206 pid = nla_get_u32(info->attrs[NL80211_ATTR_PID]); 5207 5208 net = get_net_ns_by_pid(pid); 5209 if (IS_ERR(net)) 5210 return PTR_ERR(net); 5211 5212 err = 0; 5213 5214 /* check if anything to do */ 5215 if (!net_eq(wiphy_net(&rdev->wiphy), net)) 5216 err = cfg80211_switch_netns(rdev, net); 5217 5218 put_net(net); 5219 return err; 5220 } 5221 5222 static int nl80211_setdel_pmksa(struct sk_buff *skb, struct genl_info *info) 5223 { 5224 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5225 int (*rdev_ops)(struct wiphy *wiphy, struct net_device *dev, 5226 struct cfg80211_pmksa *pmksa) = NULL; 5227 struct net_device *dev = info->user_ptr[1]; 5228 struct cfg80211_pmksa pmksa; 5229 5230 memset(&pmksa, 0, sizeof(struct cfg80211_pmksa)); 5231 5232 if (!info->attrs[NL80211_ATTR_MAC]) 5233 return -EINVAL; 5234 5235 if (!info->attrs[NL80211_ATTR_PMKID]) 5236 return -EINVAL; 5237 5238 pmksa.pmkid = nla_data(info->attrs[NL80211_ATTR_PMKID]); 5239 pmksa.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 5240 5241 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 5242 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 5243 return -EOPNOTSUPP; 5244 5245 switch (info->genlhdr->cmd) { 5246 case NL80211_CMD_SET_PMKSA: 5247 rdev_ops = rdev->ops->set_pmksa; 5248 break; 5249 case NL80211_CMD_DEL_PMKSA: 5250 rdev_ops = rdev->ops->del_pmksa; 5251 break; 5252 default: 5253 WARN_ON(1); 5254 break; 5255 } 5256 5257 if (!rdev_ops) 5258 return -EOPNOTSUPP; 5259 5260 return rdev_ops(&rdev->wiphy, dev, &pmksa); 5261 } 5262 5263 static int nl80211_flush_pmksa(struct sk_buff *skb, struct genl_info *info) 5264 { 5265 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5266 struct net_device *dev = info->user_ptr[1]; 5267 5268 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 5269 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 5270 return -EOPNOTSUPP; 5271 5272 if (!rdev->ops->flush_pmksa) 5273 return -EOPNOTSUPP; 5274 5275 return rdev->ops->flush_pmksa(&rdev->wiphy, dev); 5276 } 5277 5278 static int nl80211_tdls_mgmt(struct sk_buff *skb, struct genl_info *info) 5279 { 5280 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5281 struct net_device *dev = info->user_ptr[1]; 5282 u8 action_code, dialog_token; 5283 u16 status_code; 5284 u8 *peer; 5285 5286 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) || 5287 !rdev->ops->tdls_mgmt) 5288 return -EOPNOTSUPP; 5289 5290 if (!info->attrs[NL80211_ATTR_TDLS_ACTION] || 5291 !info->attrs[NL80211_ATTR_STATUS_CODE] || 5292 !info->attrs[NL80211_ATTR_TDLS_DIALOG_TOKEN] || 5293 !info->attrs[NL80211_ATTR_IE] || 5294 !info->attrs[NL80211_ATTR_MAC]) 5295 return -EINVAL; 5296 5297 peer = nla_data(info->attrs[NL80211_ATTR_MAC]); 5298 action_code = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_ACTION]); 5299 status_code = nla_get_u16(info->attrs[NL80211_ATTR_STATUS_CODE]); 5300 dialog_token = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_DIALOG_TOKEN]); 5301 5302 return rdev->ops->tdls_mgmt(&rdev->wiphy, dev, peer, action_code, 5303 dialog_token, status_code, 5304 nla_data(info->attrs[NL80211_ATTR_IE]), 5305 nla_len(info->attrs[NL80211_ATTR_IE])); 5306 } 5307 5308 static int nl80211_tdls_oper(struct sk_buff *skb, struct genl_info *info) 5309 { 5310 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5311 struct net_device *dev = info->user_ptr[1]; 5312 enum nl80211_tdls_operation operation; 5313 u8 *peer; 5314 5315 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) || 5316 !rdev->ops->tdls_oper) 5317 return -EOPNOTSUPP; 5318 5319 if (!info->attrs[NL80211_ATTR_TDLS_OPERATION] || 5320 !info->attrs[NL80211_ATTR_MAC]) 5321 return -EINVAL; 5322 5323 operation = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_OPERATION]); 5324 peer = nla_data(info->attrs[NL80211_ATTR_MAC]); 5325 5326 return rdev->ops->tdls_oper(&rdev->wiphy, dev, peer, operation); 5327 } 5328 5329 static int nl80211_remain_on_channel(struct sk_buff *skb, 5330 struct genl_info *info) 5331 { 5332 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5333 struct net_device *dev = info->user_ptr[1]; 5334 struct ieee80211_channel *chan; 5335 struct sk_buff *msg; 5336 void *hdr; 5337 u64 cookie; 5338 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 5339 u32 freq, duration; 5340 int err; 5341 5342 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] || 5343 !info->attrs[NL80211_ATTR_DURATION]) 5344 return -EINVAL; 5345 5346 duration = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]); 5347 5348 /* 5349 * We should be on that channel for at least one jiffie, 5350 * and more than 5 seconds seems excessive. 5351 */ 5352 if (!duration || !msecs_to_jiffies(duration) || 5353 duration > rdev->wiphy.max_remain_on_channel_duration) 5354 return -EINVAL; 5355 5356 if (!rdev->ops->remain_on_channel || 5357 !(rdev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL)) 5358 return -EOPNOTSUPP; 5359 5360 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 5361 channel_type = nla_get_u32( 5362 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 5363 if (channel_type != NL80211_CHAN_NO_HT && 5364 channel_type != NL80211_CHAN_HT20 && 5365 channel_type != NL80211_CHAN_HT40PLUS && 5366 channel_type != NL80211_CHAN_HT40MINUS) 5367 return -EINVAL; 5368 } 5369 5370 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); 5371 chan = rdev_freq_to_chan(rdev, freq, channel_type); 5372 if (chan == NULL) 5373 return -EINVAL; 5374 5375 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5376 if (!msg) 5377 return -ENOMEM; 5378 5379 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 5380 NL80211_CMD_REMAIN_ON_CHANNEL); 5381 5382 if (IS_ERR(hdr)) { 5383 err = PTR_ERR(hdr); 5384 goto free_msg; 5385 } 5386 5387 err = rdev->ops->remain_on_channel(&rdev->wiphy, dev, chan, 5388 channel_type, duration, &cookie); 5389 5390 if (err) 5391 goto free_msg; 5392 5393 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 5394 5395 genlmsg_end(msg, hdr); 5396 5397 return genlmsg_reply(msg, info); 5398 5399 nla_put_failure: 5400 err = -ENOBUFS; 5401 free_msg: 5402 nlmsg_free(msg); 5403 return err; 5404 } 5405 5406 static int nl80211_cancel_remain_on_channel(struct sk_buff *skb, 5407 struct genl_info *info) 5408 { 5409 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5410 struct net_device *dev = info->user_ptr[1]; 5411 u64 cookie; 5412 5413 if (!info->attrs[NL80211_ATTR_COOKIE]) 5414 return -EINVAL; 5415 5416 if (!rdev->ops->cancel_remain_on_channel) 5417 return -EOPNOTSUPP; 5418 5419 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]); 5420 5421 return rdev->ops->cancel_remain_on_channel(&rdev->wiphy, dev, cookie); 5422 } 5423 5424 static u32 rateset_to_mask(struct ieee80211_supported_band *sband, 5425 u8 *rates, u8 rates_len) 5426 { 5427 u8 i; 5428 u32 mask = 0; 5429 5430 for (i = 0; i < rates_len; i++) { 5431 int rate = (rates[i] & 0x7f) * 5; 5432 int ridx; 5433 for (ridx = 0; ridx < sband->n_bitrates; ridx++) { 5434 struct ieee80211_rate *srate = 5435 &sband->bitrates[ridx]; 5436 if (rate == srate->bitrate) { 5437 mask |= 1 << ridx; 5438 break; 5439 } 5440 } 5441 if (ridx == sband->n_bitrates) 5442 return 0; /* rate not found */ 5443 } 5444 5445 return mask; 5446 } 5447 5448 static bool ht_rateset_to_mask(struct ieee80211_supported_band *sband, 5449 u8 *rates, u8 rates_len, 5450 u8 mcs[IEEE80211_HT_MCS_MASK_LEN]) 5451 { 5452 u8 i; 5453 5454 memset(mcs, 0, IEEE80211_HT_MCS_MASK_LEN); 5455 5456 for (i = 0; i < rates_len; i++) { 5457 int ridx, rbit; 5458 5459 ridx = rates[i] / 8; 5460 rbit = BIT(rates[i] % 8); 5461 5462 /* check validity */ 5463 if ((ridx < 0) || (ridx >= IEEE80211_HT_MCS_MASK_LEN)) 5464 return false; 5465 5466 /* check availability */ 5467 if (sband->ht_cap.mcs.rx_mask[ridx] & rbit) 5468 mcs[ridx] |= rbit; 5469 else 5470 return false; 5471 } 5472 5473 return true; 5474 } 5475 5476 static const struct nla_policy nl80211_txattr_policy[NL80211_TXRATE_MAX + 1] = { 5477 [NL80211_TXRATE_LEGACY] = { .type = NLA_BINARY, 5478 .len = NL80211_MAX_SUPP_RATES }, 5479 [NL80211_TXRATE_MCS] = { .type = NLA_BINARY, 5480 .len = NL80211_MAX_SUPP_HT_RATES }, 5481 }; 5482 5483 static int nl80211_set_tx_bitrate_mask(struct sk_buff *skb, 5484 struct genl_info *info) 5485 { 5486 struct nlattr *tb[NL80211_TXRATE_MAX + 1]; 5487 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5488 struct cfg80211_bitrate_mask mask; 5489 int rem, i; 5490 struct net_device *dev = info->user_ptr[1]; 5491 struct nlattr *tx_rates; 5492 struct ieee80211_supported_band *sband; 5493 5494 if (info->attrs[NL80211_ATTR_TX_RATES] == NULL) 5495 return -EINVAL; 5496 5497 if (!rdev->ops->set_bitrate_mask) 5498 return -EOPNOTSUPP; 5499 5500 memset(&mask, 0, sizeof(mask)); 5501 /* Default to all rates enabled */ 5502 for (i = 0; i < IEEE80211_NUM_BANDS; i++) { 5503 sband = rdev->wiphy.bands[i]; 5504 mask.control[i].legacy = 5505 sband ? (1 << sband->n_bitrates) - 1 : 0; 5506 if (sband) 5507 memcpy(mask.control[i].mcs, 5508 sband->ht_cap.mcs.rx_mask, 5509 sizeof(mask.control[i].mcs)); 5510 else 5511 memset(mask.control[i].mcs, 0, 5512 sizeof(mask.control[i].mcs)); 5513 } 5514 5515 /* 5516 * The nested attribute uses enum nl80211_band as the index. This maps 5517 * directly to the enum ieee80211_band values used in cfg80211. 5518 */ 5519 BUILD_BUG_ON(NL80211_MAX_SUPP_HT_RATES > IEEE80211_HT_MCS_MASK_LEN * 8); 5520 nla_for_each_nested(tx_rates, info->attrs[NL80211_ATTR_TX_RATES], rem) 5521 { 5522 enum ieee80211_band band = nla_type(tx_rates); 5523 if (band < 0 || band >= IEEE80211_NUM_BANDS) 5524 return -EINVAL; 5525 sband = rdev->wiphy.bands[band]; 5526 if (sband == NULL) 5527 return -EINVAL; 5528 nla_parse(tb, NL80211_TXRATE_MAX, nla_data(tx_rates), 5529 nla_len(tx_rates), nl80211_txattr_policy); 5530 if (tb[NL80211_TXRATE_LEGACY]) { 5531 mask.control[band].legacy = rateset_to_mask( 5532 sband, 5533 nla_data(tb[NL80211_TXRATE_LEGACY]), 5534 nla_len(tb[NL80211_TXRATE_LEGACY])); 5535 } 5536 if (tb[NL80211_TXRATE_MCS]) { 5537 if (!ht_rateset_to_mask( 5538 sband, 5539 nla_data(tb[NL80211_TXRATE_MCS]), 5540 nla_len(tb[NL80211_TXRATE_MCS]), 5541 mask.control[band].mcs)) 5542 return -EINVAL; 5543 } 5544 5545 if (mask.control[band].legacy == 0) { 5546 /* don't allow empty legacy rates if HT 5547 * is not even supported. */ 5548 if (!rdev->wiphy.bands[band]->ht_cap.ht_supported) 5549 return -EINVAL; 5550 5551 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) 5552 if (mask.control[band].mcs[i]) 5553 break; 5554 5555 /* legacy and mcs rates may not be both empty */ 5556 if (i == IEEE80211_HT_MCS_MASK_LEN) 5557 return -EINVAL; 5558 } 5559 } 5560 5561 return rdev->ops->set_bitrate_mask(&rdev->wiphy, dev, NULL, &mask); 5562 } 5563 5564 static int nl80211_register_mgmt(struct sk_buff *skb, struct genl_info *info) 5565 { 5566 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5567 struct net_device *dev = info->user_ptr[1]; 5568 u16 frame_type = IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_ACTION; 5569 5570 if (!info->attrs[NL80211_ATTR_FRAME_MATCH]) 5571 return -EINVAL; 5572 5573 if (info->attrs[NL80211_ATTR_FRAME_TYPE]) 5574 frame_type = nla_get_u16(info->attrs[NL80211_ATTR_FRAME_TYPE]); 5575 5576 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 5577 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC && 5578 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT && 5579 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 5580 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 5581 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT && 5582 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 5583 return -EOPNOTSUPP; 5584 5585 /* not much point in registering if we can't reply */ 5586 if (!rdev->ops->mgmt_tx) 5587 return -EOPNOTSUPP; 5588 5589 return cfg80211_mlme_register_mgmt(dev->ieee80211_ptr, info->snd_pid, 5590 frame_type, 5591 nla_data(info->attrs[NL80211_ATTR_FRAME_MATCH]), 5592 nla_len(info->attrs[NL80211_ATTR_FRAME_MATCH])); 5593 } 5594 5595 static int nl80211_tx_mgmt(struct sk_buff *skb, struct genl_info *info) 5596 { 5597 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5598 struct net_device *dev = info->user_ptr[1]; 5599 struct ieee80211_channel *chan; 5600 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 5601 bool channel_type_valid = false; 5602 u32 freq; 5603 int err; 5604 void *hdr = NULL; 5605 u64 cookie; 5606 struct sk_buff *msg = NULL; 5607 unsigned int wait = 0; 5608 bool offchan, no_cck, dont_wait_for_ack; 5609 5610 dont_wait_for_ack = info->attrs[NL80211_ATTR_DONT_WAIT_FOR_ACK]; 5611 5612 if (!info->attrs[NL80211_ATTR_FRAME] || 5613 !info->attrs[NL80211_ATTR_WIPHY_FREQ]) 5614 return -EINVAL; 5615 5616 if (!rdev->ops->mgmt_tx) 5617 return -EOPNOTSUPP; 5618 5619 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 5620 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC && 5621 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT && 5622 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 5623 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 5624 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT && 5625 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 5626 return -EOPNOTSUPP; 5627 5628 if (info->attrs[NL80211_ATTR_DURATION]) { 5629 if (!(rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX)) 5630 return -EINVAL; 5631 wait = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]); 5632 } 5633 5634 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 5635 channel_type = nla_get_u32( 5636 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 5637 if (channel_type != NL80211_CHAN_NO_HT && 5638 channel_type != NL80211_CHAN_HT20 && 5639 channel_type != NL80211_CHAN_HT40PLUS && 5640 channel_type != NL80211_CHAN_HT40MINUS) 5641 return -EINVAL; 5642 channel_type_valid = true; 5643 } 5644 5645 offchan = info->attrs[NL80211_ATTR_OFFCHANNEL_TX_OK]; 5646 5647 if (offchan && !(rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX)) 5648 return -EINVAL; 5649 5650 no_cck = nla_get_flag(info->attrs[NL80211_ATTR_TX_NO_CCK_RATE]); 5651 5652 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); 5653 chan = rdev_freq_to_chan(rdev, freq, channel_type); 5654 if (chan == NULL) 5655 return -EINVAL; 5656 5657 if (!dont_wait_for_ack) { 5658 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5659 if (!msg) 5660 return -ENOMEM; 5661 5662 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 5663 NL80211_CMD_FRAME); 5664 5665 if (IS_ERR(hdr)) { 5666 err = PTR_ERR(hdr); 5667 goto free_msg; 5668 } 5669 } 5670 5671 err = cfg80211_mlme_mgmt_tx(rdev, dev, chan, offchan, channel_type, 5672 channel_type_valid, wait, 5673 nla_data(info->attrs[NL80211_ATTR_FRAME]), 5674 nla_len(info->attrs[NL80211_ATTR_FRAME]), 5675 no_cck, dont_wait_for_ack, &cookie); 5676 if (err) 5677 goto free_msg; 5678 5679 if (msg) { 5680 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 5681 5682 genlmsg_end(msg, hdr); 5683 return genlmsg_reply(msg, info); 5684 } 5685 5686 return 0; 5687 5688 nla_put_failure: 5689 err = -ENOBUFS; 5690 free_msg: 5691 nlmsg_free(msg); 5692 return err; 5693 } 5694 5695 static int nl80211_tx_mgmt_cancel_wait(struct sk_buff *skb, struct genl_info *info) 5696 { 5697 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5698 struct net_device *dev = info->user_ptr[1]; 5699 u64 cookie; 5700 5701 if (!info->attrs[NL80211_ATTR_COOKIE]) 5702 return -EINVAL; 5703 5704 if (!rdev->ops->mgmt_tx_cancel_wait) 5705 return -EOPNOTSUPP; 5706 5707 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 5708 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC && 5709 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT && 5710 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 5711 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 5712 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 5713 return -EOPNOTSUPP; 5714 5715 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]); 5716 5717 return rdev->ops->mgmt_tx_cancel_wait(&rdev->wiphy, dev, cookie); 5718 } 5719 5720 static int nl80211_set_power_save(struct sk_buff *skb, struct genl_info *info) 5721 { 5722 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5723 struct wireless_dev *wdev; 5724 struct net_device *dev = info->user_ptr[1]; 5725 u8 ps_state; 5726 bool state; 5727 int err; 5728 5729 if (!info->attrs[NL80211_ATTR_PS_STATE]) 5730 return -EINVAL; 5731 5732 ps_state = nla_get_u32(info->attrs[NL80211_ATTR_PS_STATE]); 5733 5734 if (ps_state != NL80211_PS_DISABLED && ps_state != NL80211_PS_ENABLED) 5735 return -EINVAL; 5736 5737 wdev = dev->ieee80211_ptr; 5738 5739 if (!rdev->ops->set_power_mgmt) 5740 return -EOPNOTSUPP; 5741 5742 state = (ps_state == NL80211_PS_ENABLED) ? true : false; 5743 5744 if (state == wdev->ps) 5745 return 0; 5746 5747 err = rdev->ops->set_power_mgmt(wdev->wiphy, dev, state, 5748 wdev->ps_timeout); 5749 if (!err) 5750 wdev->ps = state; 5751 return err; 5752 } 5753 5754 static int nl80211_get_power_save(struct sk_buff *skb, struct genl_info *info) 5755 { 5756 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5757 enum nl80211_ps_state ps_state; 5758 struct wireless_dev *wdev; 5759 struct net_device *dev = info->user_ptr[1]; 5760 struct sk_buff *msg; 5761 void *hdr; 5762 int err; 5763 5764 wdev = dev->ieee80211_ptr; 5765 5766 if (!rdev->ops->set_power_mgmt) 5767 return -EOPNOTSUPP; 5768 5769 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5770 if (!msg) 5771 return -ENOMEM; 5772 5773 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 5774 NL80211_CMD_GET_POWER_SAVE); 5775 if (!hdr) { 5776 err = -ENOBUFS; 5777 goto free_msg; 5778 } 5779 5780 if (wdev->ps) 5781 ps_state = NL80211_PS_ENABLED; 5782 else 5783 ps_state = NL80211_PS_DISABLED; 5784 5785 NLA_PUT_U32(msg, NL80211_ATTR_PS_STATE, ps_state); 5786 5787 genlmsg_end(msg, hdr); 5788 return genlmsg_reply(msg, info); 5789 5790 nla_put_failure: 5791 err = -ENOBUFS; 5792 free_msg: 5793 nlmsg_free(msg); 5794 return err; 5795 } 5796 5797 static struct nla_policy 5798 nl80211_attr_cqm_policy[NL80211_ATTR_CQM_MAX + 1] __read_mostly = { 5799 [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_U32 }, 5800 [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U32 }, 5801 [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 }, 5802 }; 5803 5804 static int nl80211_set_cqm_rssi(struct genl_info *info, 5805 s32 threshold, u32 hysteresis) 5806 { 5807 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5808 struct wireless_dev *wdev; 5809 struct net_device *dev = info->user_ptr[1]; 5810 5811 if (threshold > 0) 5812 return -EINVAL; 5813 5814 wdev = dev->ieee80211_ptr; 5815 5816 if (!rdev->ops->set_cqm_rssi_config) 5817 return -EOPNOTSUPP; 5818 5819 if (wdev->iftype != NL80211_IFTYPE_STATION && 5820 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT) 5821 return -EOPNOTSUPP; 5822 5823 return rdev->ops->set_cqm_rssi_config(wdev->wiphy, dev, 5824 threshold, hysteresis); 5825 } 5826 5827 static int nl80211_set_cqm(struct sk_buff *skb, struct genl_info *info) 5828 { 5829 struct nlattr *attrs[NL80211_ATTR_CQM_MAX + 1]; 5830 struct nlattr *cqm; 5831 int err; 5832 5833 cqm = info->attrs[NL80211_ATTR_CQM]; 5834 if (!cqm) { 5835 err = -EINVAL; 5836 goto out; 5837 } 5838 5839 err = nla_parse_nested(attrs, NL80211_ATTR_CQM_MAX, cqm, 5840 nl80211_attr_cqm_policy); 5841 if (err) 5842 goto out; 5843 5844 if (attrs[NL80211_ATTR_CQM_RSSI_THOLD] && 5845 attrs[NL80211_ATTR_CQM_RSSI_HYST]) { 5846 s32 threshold; 5847 u32 hysteresis; 5848 threshold = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_THOLD]); 5849 hysteresis = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_HYST]); 5850 err = nl80211_set_cqm_rssi(info, threshold, hysteresis); 5851 } else 5852 err = -EINVAL; 5853 5854 out: 5855 return err; 5856 } 5857 5858 static int nl80211_join_mesh(struct sk_buff *skb, struct genl_info *info) 5859 { 5860 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5861 struct net_device *dev = info->user_ptr[1]; 5862 struct mesh_config cfg; 5863 struct mesh_setup setup; 5864 int err; 5865 5866 /* start with default */ 5867 memcpy(&cfg, &default_mesh_config, sizeof(cfg)); 5868 memcpy(&setup, &default_mesh_setup, sizeof(setup)); 5869 5870 if (info->attrs[NL80211_ATTR_MESH_CONFIG]) { 5871 /* and parse parameters if given */ 5872 err = nl80211_parse_mesh_config(info, &cfg, NULL); 5873 if (err) 5874 return err; 5875 } 5876 5877 if (!info->attrs[NL80211_ATTR_MESH_ID] || 5878 !nla_len(info->attrs[NL80211_ATTR_MESH_ID])) 5879 return -EINVAL; 5880 5881 setup.mesh_id = nla_data(info->attrs[NL80211_ATTR_MESH_ID]); 5882 setup.mesh_id_len = nla_len(info->attrs[NL80211_ATTR_MESH_ID]); 5883 5884 if (info->attrs[NL80211_ATTR_MCAST_RATE] && 5885 !nl80211_parse_mcast_rate(rdev, setup.mcast_rate, 5886 nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE]))) 5887 return -EINVAL; 5888 5889 if (info->attrs[NL80211_ATTR_MESH_SETUP]) { 5890 /* parse additional setup parameters if given */ 5891 err = nl80211_parse_mesh_setup(info, &setup); 5892 if (err) 5893 return err; 5894 } 5895 5896 return cfg80211_join_mesh(rdev, dev, &setup, &cfg); 5897 } 5898 5899 static int nl80211_leave_mesh(struct sk_buff *skb, struct genl_info *info) 5900 { 5901 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5902 struct net_device *dev = info->user_ptr[1]; 5903 5904 return cfg80211_leave_mesh(rdev, dev); 5905 } 5906 5907 static int nl80211_get_wowlan(struct sk_buff *skb, struct genl_info *info) 5908 { 5909 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5910 struct sk_buff *msg; 5911 void *hdr; 5912 5913 if (!rdev->wiphy.wowlan.flags && !rdev->wiphy.wowlan.n_patterns) 5914 return -EOPNOTSUPP; 5915 5916 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5917 if (!msg) 5918 return -ENOMEM; 5919 5920 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 5921 NL80211_CMD_GET_WOWLAN); 5922 if (!hdr) 5923 goto nla_put_failure; 5924 5925 if (rdev->wowlan) { 5926 struct nlattr *nl_wowlan; 5927 5928 nl_wowlan = nla_nest_start(msg, NL80211_ATTR_WOWLAN_TRIGGERS); 5929 if (!nl_wowlan) 5930 goto nla_put_failure; 5931 5932 if (rdev->wowlan->any) 5933 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_ANY); 5934 if (rdev->wowlan->disconnect) 5935 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_DISCONNECT); 5936 if (rdev->wowlan->magic_pkt) 5937 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT); 5938 if (rdev->wowlan->gtk_rekey_failure) 5939 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE); 5940 if (rdev->wowlan->eap_identity_req) 5941 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST); 5942 if (rdev->wowlan->four_way_handshake) 5943 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE); 5944 if (rdev->wowlan->rfkill_release) 5945 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE); 5946 if (rdev->wowlan->n_patterns) { 5947 struct nlattr *nl_pats, *nl_pat; 5948 int i, pat_len; 5949 5950 nl_pats = nla_nest_start(msg, 5951 NL80211_WOWLAN_TRIG_PKT_PATTERN); 5952 if (!nl_pats) 5953 goto nla_put_failure; 5954 5955 for (i = 0; i < rdev->wowlan->n_patterns; i++) { 5956 nl_pat = nla_nest_start(msg, i + 1); 5957 if (!nl_pat) 5958 goto nla_put_failure; 5959 pat_len = rdev->wowlan->patterns[i].pattern_len; 5960 NLA_PUT(msg, NL80211_WOWLAN_PKTPAT_MASK, 5961 DIV_ROUND_UP(pat_len, 8), 5962 rdev->wowlan->patterns[i].mask); 5963 NLA_PUT(msg, NL80211_WOWLAN_PKTPAT_PATTERN, 5964 pat_len, 5965 rdev->wowlan->patterns[i].pattern); 5966 nla_nest_end(msg, nl_pat); 5967 } 5968 nla_nest_end(msg, nl_pats); 5969 } 5970 5971 nla_nest_end(msg, nl_wowlan); 5972 } 5973 5974 genlmsg_end(msg, hdr); 5975 return genlmsg_reply(msg, info); 5976 5977 nla_put_failure: 5978 nlmsg_free(msg); 5979 return -ENOBUFS; 5980 } 5981 5982 static int nl80211_set_wowlan(struct sk_buff *skb, struct genl_info *info) 5983 { 5984 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5985 struct nlattr *tb[NUM_NL80211_WOWLAN_TRIG]; 5986 struct cfg80211_wowlan no_triggers = {}; 5987 struct cfg80211_wowlan new_triggers = {}; 5988 struct wiphy_wowlan_support *wowlan = &rdev->wiphy.wowlan; 5989 int err, i; 5990 5991 if (!rdev->wiphy.wowlan.flags && !rdev->wiphy.wowlan.n_patterns) 5992 return -EOPNOTSUPP; 5993 5994 if (!info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]) 5995 goto no_triggers; 5996 5997 err = nla_parse(tb, MAX_NL80211_WOWLAN_TRIG, 5998 nla_data(info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]), 5999 nla_len(info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]), 6000 nl80211_wowlan_policy); 6001 if (err) 6002 return err; 6003 6004 if (tb[NL80211_WOWLAN_TRIG_ANY]) { 6005 if (!(wowlan->flags & WIPHY_WOWLAN_ANY)) 6006 return -EINVAL; 6007 new_triggers.any = true; 6008 } 6009 6010 if (tb[NL80211_WOWLAN_TRIG_DISCONNECT]) { 6011 if (!(wowlan->flags & WIPHY_WOWLAN_DISCONNECT)) 6012 return -EINVAL; 6013 new_triggers.disconnect = true; 6014 } 6015 6016 if (tb[NL80211_WOWLAN_TRIG_MAGIC_PKT]) { 6017 if (!(wowlan->flags & WIPHY_WOWLAN_MAGIC_PKT)) 6018 return -EINVAL; 6019 new_triggers.magic_pkt = true; 6020 } 6021 6022 if (tb[NL80211_WOWLAN_TRIG_GTK_REKEY_SUPPORTED]) 6023 return -EINVAL; 6024 6025 if (tb[NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE]) { 6026 if (!(wowlan->flags & WIPHY_WOWLAN_GTK_REKEY_FAILURE)) 6027 return -EINVAL; 6028 new_triggers.gtk_rekey_failure = true; 6029 } 6030 6031 if (tb[NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST]) { 6032 if (!(wowlan->flags & WIPHY_WOWLAN_EAP_IDENTITY_REQ)) 6033 return -EINVAL; 6034 new_triggers.eap_identity_req = true; 6035 } 6036 6037 if (tb[NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE]) { 6038 if (!(wowlan->flags & WIPHY_WOWLAN_4WAY_HANDSHAKE)) 6039 return -EINVAL; 6040 new_triggers.four_way_handshake = true; 6041 } 6042 6043 if (tb[NL80211_WOWLAN_TRIG_RFKILL_RELEASE]) { 6044 if (!(wowlan->flags & WIPHY_WOWLAN_RFKILL_RELEASE)) 6045 return -EINVAL; 6046 new_triggers.rfkill_release = true; 6047 } 6048 6049 if (tb[NL80211_WOWLAN_TRIG_PKT_PATTERN]) { 6050 struct nlattr *pat; 6051 int n_patterns = 0; 6052 int rem, pat_len, mask_len; 6053 struct nlattr *pat_tb[NUM_NL80211_WOWLAN_PKTPAT]; 6054 6055 nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN], 6056 rem) 6057 n_patterns++; 6058 if (n_patterns > wowlan->n_patterns) 6059 return -EINVAL; 6060 6061 new_triggers.patterns = kcalloc(n_patterns, 6062 sizeof(new_triggers.patterns[0]), 6063 GFP_KERNEL); 6064 if (!new_triggers.patterns) 6065 return -ENOMEM; 6066 6067 new_triggers.n_patterns = n_patterns; 6068 i = 0; 6069 6070 nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN], 6071 rem) { 6072 nla_parse(pat_tb, MAX_NL80211_WOWLAN_PKTPAT, 6073 nla_data(pat), nla_len(pat), NULL); 6074 err = -EINVAL; 6075 if (!pat_tb[NL80211_WOWLAN_PKTPAT_MASK] || 6076 !pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN]) 6077 goto error; 6078 pat_len = nla_len(pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN]); 6079 mask_len = DIV_ROUND_UP(pat_len, 8); 6080 if (nla_len(pat_tb[NL80211_WOWLAN_PKTPAT_MASK]) != 6081 mask_len) 6082 goto error; 6083 if (pat_len > wowlan->pattern_max_len || 6084 pat_len < wowlan->pattern_min_len) 6085 goto error; 6086 6087 new_triggers.patterns[i].mask = 6088 kmalloc(mask_len + pat_len, GFP_KERNEL); 6089 if (!new_triggers.patterns[i].mask) { 6090 err = -ENOMEM; 6091 goto error; 6092 } 6093 new_triggers.patterns[i].pattern = 6094 new_triggers.patterns[i].mask + mask_len; 6095 memcpy(new_triggers.patterns[i].mask, 6096 nla_data(pat_tb[NL80211_WOWLAN_PKTPAT_MASK]), 6097 mask_len); 6098 new_triggers.patterns[i].pattern_len = pat_len; 6099 memcpy(new_triggers.patterns[i].pattern, 6100 nla_data(pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN]), 6101 pat_len); 6102 i++; 6103 } 6104 } 6105 6106 if (memcmp(&new_triggers, &no_triggers, sizeof(new_triggers))) { 6107 struct cfg80211_wowlan *ntrig; 6108 ntrig = kmemdup(&new_triggers, sizeof(new_triggers), 6109 GFP_KERNEL); 6110 if (!ntrig) { 6111 err = -ENOMEM; 6112 goto error; 6113 } 6114 cfg80211_rdev_free_wowlan(rdev); 6115 rdev->wowlan = ntrig; 6116 } else { 6117 no_triggers: 6118 cfg80211_rdev_free_wowlan(rdev); 6119 rdev->wowlan = NULL; 6120 } 6121 6122 return 0; 6123 error: 6124 for (i = 0; i < new_triggers.n_patterns; i++) 6125 kfree(new_triggers.patterns[i].mask); 6126 kfree(new_triggers.patterns); 6127 return err; 6128 } 6129 6130 static int nl80211_set_rekey_data(struct sk_buff *skb, struct genl_info *info) 6131 { 6132 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 6133 struct net_device *dev = info->user_ptr[1]; 6134 struct wireless_dev *wdev = dev->ieee80211_ptr; 6135 struct nlattr *tb[NUM_NL80211_REKEY_DATA]; 6136 struct cfg80211_gtk_rekey_data rekey_data; 6137 int err; 6138 6139 if (!info->attrs[NL80211_ATTR_REKEY_DATA]) 6140 return -EINVAL; 6141 6142 err = nla_parse(tb, MAX_NL80211_REKEY_DATA, 6143 nla_data(info->attrs[NL80211_ATTR_REKEY_DATA]), 6144 nla_len(info->attrs[NL80211_ATTR_REKEY_DATA]), 6145 nl80211_rekey_policy); 6146 if (err) 6147 return err; 6148 6149 if (nla_len(tb[NL80211_REKEY_DATA_REPLAY_CTR]) != NL80211_REPLAY_CTR_LEN) 6150 return -ERANGE; 6151 if (nla_len(tb[NL80211_REKEY_DATA_KEK]) != NL80211_KEK_LEN) 6152 return -ERANGE; 6153 if (nla_len(tb[NL80211_REKEY_DATA_KCK]) != NL80211_KCK_LEN) 6154 return -ERANGE; 6155 6156 memcpy(rekey_data.kek, nla_data(tb[NL80211_REKEY_DATA_KEK]), 6157 NL80211_KEK_LEN); 6158 memcpy(rekey_data.kck, nla_data(tb[NL80211_REKEY_DATA_KCK]), 6159 NL80211_KCK_LEN); 6160 memcpy(rekey_data.replay_ctr, 6161 nla_data(tb[NL80211_REKEY_DATA_REPLAY_CTR]), 6162 NL80211_REPLAY_CTR_LEN); 6163 6164 wdev_lock(wdev); 6165 if (!wdev->current_bss) { 6166 err = -ENOTCONN; 6167 goto out; 6168 } 6169 6170 if (!rdev->ops->set_rekey_data) { 6171 err = -EOPNOTSUPP; 6172 goto out; 6173 } 6174 6175 err = rdev->ops->set_rekey_data(&rdev->wiphy, dev, &rekey_data); 6176 out: 6177 wdev_unlock(wdev); 6178 return err; 6179 } 6180 6181 static int nl80211_register_unexpected_frame(struct sk_buff *skb, 6182 struct genl_info *info) 6183 { 6184 struct net_device *dev = info->user_ptr[1]; 6185 struct wireless_dev *wdev = dev->ieee80211_ptr; 6186 6187 if (wdev->iftype != NL80211_IFTYPE_AP && 6188 wdev->iftype != NL80211_IFTYPE_P2P_GO) 6189 return -EINVAL; 6190 6191 if (wdev->ap_unexpected_nlpid) 6192 return -EBUSY; 6193 6194 wdev->ap_unexpected_nlpid = info->snd_pid; 6195 return 0; 6196 } 6197 6198 static int nl80211_probe_client(struct sk_buff *skb, 6199 struct genl_info *info) 6200 { 6201 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 6202 struct net_device *dev = info->user_ptr[1]; 6203 struct wireless_dev *wdev = dev->ieee80211_ptr; 6204 struct sk_buff *msg; 6205 void *hdr; 6206 const u8 *addr; 6207 u64 cookie; 6208 int err; 6209 6210 if (wdev->iftype != NL80211_IFTYPE_AP && 6211 wdev->iftype != NL80211_IFTYPE_P2P_GO) 6212 return -EOPNOTSUPP; 6213 6214 if (!info->attrs[NL80211_ATTR_MAC]) 6215 return -EINVAL; 6216 6217 if (!rdev->ops->probe_client) 6218 return -EOPNOTSUPP; 6219 6220 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 6221 if (!msg) 6222 return -ENOMEM; 6223 6224 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 6225 NL80211_CMD_PROBE_CLIENT); 6226 6227 if (IS_ERR(hdr)) { 6228 err = PTR_ERR(hdr); 6229 goto free_msg; 6230 } 6231 6232 addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 6233 6234 err = rdev->ops->probe_client(&rdev->wiphy, dev, addr, &cookie); 6235 if (err) 6236 goto free_msg; 6237 6238 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 6239 6240 genlmsg_end(msg, hdr); 6241 6242 return genlmsg_reply(msg, info); 6243 6244 nla_put_failure: 6245 err = -ENOBUFS; 6246 free_msg: 6247 nlmsg_free(msg); 6248 return err; 6249 } 6250 6251 static int nl80211_register_beacons(struct sk_buff *skb, struct genl_info *info) 6252 { 6253 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 6254 6255 if (!(rdev->wiphy.flags & WIPHY_FLAG_REPORTS_OBSS)) 6256 return -EOPNOTSUPP; 6257 6258 if (rdev->ap_beacons_nlpid) 6259 return -EBUSY; 6260 6261 rdev->ap_beacons_nlpid = info->snd_pid; 6262 6263 return 0; 6264 } 6265 6266 #define NL80211_FLAG_NEED_WIPHY 0x01 6267 #define NL80211_FLAG_NEED_NETDEV 0x02 6268 #define NL80211_FLAG_NEED_RTNL 0x04 6269 #define NL80211_FLAG_CHECK_NETDEV_UP 0x08 6270 #define NL80211_FLAG_NEED_NETDEV_UP (NL80211_FLAG_NEED_NETDEV |\ 6271 NL80211_FLAG_CHECK_NETDEV_UP) 6272 6273 static int nl80211_pre_doit(struct genl_ops *ops, struct sk_buff *skb, 6274 struct genl_info *info) 6275 { 6276 struct cfg80211_registered_device *rdev; 6277 struct net_device *dev; 6278 int err; 6279 bool rtnl = ops->internal_flags & NL80211_FLAG_NEED_RTNL; 6280 6281 if (rtnl) 6282 rtnl_lock(); 6283 6284 if (ops->internal_flags & NL80211_FLAG_NEED_WIPHY) { 6285 rdev = cfg80211_get_dev_from_info(info); 6286 if (IS_ERR(rdev)) { 6287 if (rtnl) 6288 rtnl_unlock(); 6289 return PTR_ERR(rdev); 6290 } 6291 info->user_ptr[0] = rdev; 6292 } else if (ops->internal_flags & NL80211_FLAG_NEED_NETDEV) { 6293 err = get_rdev_dev_by_ifindex(genl_info_net(info), info->attrs, 6294 &rdev, &dev); 6295 if (err) { 6296 if (rtnl) 6297 rtnl_unlock(); 6298 return err; 6299 } 6300 if (ops->internal_flags & NL80211_FLAG_CHECK_NETDEV_UP && 6301 !netif_running(dev)) { 6302 cfg80211_unlock_rdev(rdev); 6303 dev_put(dev); 6304 if (rtnl) 6305 rtnl_unlock(); 6306 return -ENETDOWN; 6307 } 6308 info->user_ptr[0] = rdev; 6309 info->user_ptr[1] = dev; 6310 } 6311 6312 return 0; 6313 } 6314 6315 static void nl80211_post_doit(struct genl_ops *ops, struct sk_buff *skb, 6316 struct genl_info *info) 6317 { 6318 if (info->user_ptr[0]) 6319 cfg80211_unlock_rdev(info->user_ptr[0]); 6320 if (info->user_ptr[1]) 6321 dev_put(info->user_ptr[1]); 6322 if (ops->internal_flags & NL80211_FLAG_NEED_RTNL) 6323 rtnl_unlock(); 6324 } 6325 6326 static struct genl_ops nl80211_ops[] = { 6327 { 6328 .cmd = NL80211_CMD_GET_WIPHY, 6329 .doit = nl80211_get_wiphy, 6330 .dumpit = nl80211_dump_wiphy, 6331 .policy = nl80211_policy, 6332 /* can be retrieved by unprivileged users */ 6333 .internal_flags = NL80211_FLAG_NEED_WIPHY, 6334 }, 6335 { 6336 .cmd = NL80211_CMD_SET_WIPHY, 6337 .doit = nl80211_set_wiphy, 6338 .policy = nl80211_policy, 6339 .flags = GENL_ADMIN_PERM, 6340 .internal_flags = NL80211_FLAG_NEED_RTNL, 6341 }, 6342 { 6343 .cmd = NL80211_CMD_GET_INTERFACE, 6344 .doit = nl80211_get_interface, 6345 .dumpit = nl80211_dump_interface, 6346 .policy = nl80211_policy, 6347 /* can be retrieved by unprivileged users */ 6348 .internal_flags = NL80211_FLAG_NEED_NETDEV, 6349 }, 6350 { 6351 .cmd = NL80211_CMD_SET_INTERFACE, 6352 .doit = nl80211_set_interface, 6353 .policy = nl80211_policy, 6354 .flags = GENL_ADMIN_PERM, 6355 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6356 NL80211_FLAG_NEED_RTNL, 6357 }, 6358 { 6359 .cmd = NL80211_CMD_NEW_INTERFACE, 6360 .doit = nl80211_new_interface, 6361 .policy = nl80211_policy, 6362 .flags = GENL_ADMIN_PERM, 6363 .internal_flags = NL80211_FLAG_NEED_WIPHY | 6364 NL80211_FLAG_NEED_RTNL, 6365 }, 6366 { 6367 .cmd = NL80211_CMD_DEL_INTERFACE, 6368 .doit = nl80211_del_interface, 6369 .policy = nl80211_policy, 6370 .flags = GENL_ADMIN_PERM, 6371 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6372 NL80211_FLAG_NEED_RTNL, 6373 }, 6374 { 6375 .cmd = NL80211_CMD_GET_KEY, 6376 .doit = nl80211_get_key, 6377 .policy = nl80211_policy, 6378 .flags = GENL_ADMIN_PERM, 6379 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6380 NL80211_FLAG_NEED_RTNL, 6381 }, 6382 { 6383 .cmd = NL80211_CMD_SET_KEY, 6384 .doit = nl80211_set_key, 6385 .policy = nl80211_policy, 6386 .flags = GENL_ADMIN_PERM, 6387 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6388 NL80211_FLAG_NEED_RTNL, 6389 }, 6390 { 6391 .cmd = NL80211_CMD_NEW_KEY, 6392 .doit = nl80211_new_key, 6393 .policy = nl80211_policy, 6394 .flags = GENL_ADMIN_PERM, 6395 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6396 NL80211_FLAG_NEED_RTNL, 6397 }, 6398 { 6399 .cmd = NL80211_CMD_DEL_KEY, 6400 .doit = nl80211_del_key, 6401 .policy = nl80211_policy, 6402 .flags = GENL_ADMIN_PERM, 6403 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6404 NL80211_FLAG_NEED_RTNL, 6405 }, 6406 { 6407 .cmd = NL80211_CMD_SET_BEACON, 6408 .policy = nl80211_policy, 6409 .flags = GENL_ADMIN_PERM, 6410 .doit = nl80211_set_beacon, 6411 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6412 NL80211_FLAG_NEED_RTNL, 6413 }, 6414 { 6415 .cmd = NL80211_CMD_START_AP, 6416 .policy = nl80211_policy, 6417 .flags = GENL_ADMIN_PERM, 6418 .doit = nl80211_start_ap, 6419 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6420 NL80211_FLAG_NEED_RTNL, 6421 }, 6422 { 6423 .cmd = NL80211_CMD_STOP_AP, 6424 .policy = nl80211_policy, 6425 .flags = GENL_ADMIN_PERM, 6426 .doit = nl80211_stop_ap, 6427 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6428 NL80211_FLAG_NEED_RTNL, 6429 }, 6430 { 6431 .cmd = NL80211_CMD_GET_STATION, 6432 .doit = nl80211_get_station, 6433 .dumpit = nl80211_dump_station, 6434 .policy = nl80211_policy, 6435 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6436 NL80211_FLAG_NEED_RTNL, 6437 }, 6438 { 6439 .cmd = NL80211_CMD_SET_STATION, 6440 .doit = nl80211_set_station, 6441 .policy = nl80211_policy, 6442 .flags = GENL_ADMIN_PERM, 6443 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6444 NL80211_FLAG_NEED_RTNL, 6445 }, 6446 { 6447 .cmd = NL80211_CMD_NEW_STATION, 6448 .doit = nl80211_new_station, 6449 .policy = nl80211_policy, 6450 .flags = GENL_ADMIN_PERM, 6451 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6452 NL80211_FLAG_NEED_RTNL, 6453 }, 6454 { 6455 .cmd = NL80211_CMD_DEL_STATION, 6456 .doit = nl80211_del_station, 6457 .policy = nl80211_policy, 6458 .flags = GENL_ADMIN_PERM, 6459 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6460 NL80211_FLAG_NEED_RTNL, 6461 }, 6462 { 6463 .cmd = NL80211_CMD_GET_MPATH, 6464 .doit = nl80211_get_mpath, 6465 .dumpit = nl80211_dump_mpath, 6466 .policy = nl80211_policy, 6467 .flags = GENL_ADMIN_PERM, 6468 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6469 NL80211_FLAG_NEED_RTNL, 6470 }, 6471 { 6472 .cmd = NL80211_CMD_SET_MPATH, 6473 .doit = nl80211_set_mpath, 6474 .policy = nl80211_policy, 6475 .flags = GENL_ADMIN_PERM, 6476 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6477 NL80211_FLAG_NEED_RTNL, 6478 }, 6479 { 6480 .cmd = NL80211_CMD_NEW_MPATH, 6481 .doit = nl80211_new_mpath, 6482 .policy = nl80211_policy, 6483 .flags = GENL_ADMIN_PERM, 6484 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6485 NL80211_FLAG_NEED_RTNL, 6486 }, 6487 { 6488 .cmd = NL80211_CMD_DEL_MPATH, 6489 .doit = nl80211_del_mpath, 6490 .policy = nl80211_policy, 6491 .flags = GENL_ADMIN_PERM, 6492 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6493 NL80211_FLAG_NEED_RTNL, 6494 }, 6495 { 6496 .cmd = NL80211_CMD_SET_BSS, 6497 .doit = nl80211_set_bss, 6498 .policy = nl80211_policy, 6499 .flags = GENL_ADMIN_PERM, 6500 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6501 NL80211_FLAG_NEED_RTNL, 6502 }, 6503 { 6504 .cmd = NL80211_CMD_GET_REG, 6505 .doit = nl80211_get_reg, 6506 .policy = nl80211_policy, 6507 /* can be retrieved by unprivileged users */ 6508 }, 6509 { 6510 .cmd = NL80211_CMD_SET_REG, 6511 .doit = nl80211_set_reg, 6512 .policy = nl80211_policy, 6513 .flags = GENL_ADMIN_PERM, 6514 }, 6515 { 6516 .cmd = NL80211_CMD_REQ_SET_REG, 6517 .doit = nl80211_req_set_reg, 6518 .policy = nl80211_policy, 6519 .flags = GENL_ADMIN_PERM, 6520 }, 6521 { 6522 .cmd = NL80211_CMD_GET_MESH_CONFIG, 6523 .doit = nl80211_get_mesh_config, 6524 .policy = nl80211_policy, 6525 /* can be retrieved by unprivileged users */ 6526 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6527 NL80211_FLAG_NEED_RTNL, 6528 }, 6529 { 6530 .cmd = NL80211_CMD_SET_MESH_CONFIG, 6531 .doit = nl80211_update_mesh_config, 6532 .policy = nl80211_policy, 6533 .flags = GENL_ADMIN_PERM, 6534 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6535 NL80211_FLAG_NEED_RTNL, 6536 }, 6537 { 6538 .cmd = NL80211_CMD_TRIGGER_SCAN, 6539 .doit = nl80211_trigger_scan, 6540 .policy = nl80211_policy, 6541 .flags = GENL_ADMIN_PERM, 6542 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6543 NL80211_FLAG_NEED_RTNL, 6544 }, 6545 { 6546 .cmd = NL80211_CMD_GET_SCAN, 6547 .policy = nl80211_policy, 6548 .dumpit = nl80211_dump_scan, 6549 }, 6550 { 6551 .cmd = NL80211_CMD_START_SCHED_SCAN, 6552 .doit = nl80211_start_sched_scan, 6553 .policy = nl80211_policy, 6554 .flags = GENL_ADMIN_PERM, 6555 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6556 NL80211_FLAG_NEED_RTNL, 6557 }, 6558 { 6559 .cmd = NL80211_CMD_STOP_SCHED_SCAN, 6560 .doit = nl80211_stop_sched_scan, 6561 .policy = nl80211_policy, 6562 .flags = GENL_ADMIN_PERM, 6563 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6564 NL80211_FLAG_NEED_RTNL, 6565 }, 6566 { 6567 .cmd = NL80211_CMD_AUTHENTICATE, 6568 .doit = nl80211_authenticate, 6569 .policy = nl80211_policy, 6570 .flags = GENL_ADMIN_PERM, 6571 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6572 NL80211_FLAG_NEED_RTNL, 6573 }, 6574 { 6575 .cmd = NL80211_CMD_ASSOCIATE, 6576 .doit = nl80211_associate, 6577 .policy = nl80211_policy, 6578 .flags = GENL_ADMIN_PERM, 6579 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6580 NL80211_FLAG_NEED_RTNL, 6581 }, 6582 { 6583 .cmd = NL80211_CMD_DEAUTHENTICATE, 6584 .doit = nl80211_deauthenticate, 6585 .policy = nl80211_policy, 6586 .flags = GENL_ADMIN_PERM, 6587 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6588 NL80211_FLAG_NEED_RTNL, 6589 }, 6590 { 6591 .cmd = NL80211_CMD_DISASSOCIATE, 6592 .doit = nl80211_disassociate, 6593 .policy = nl80211_policy, 6594 .flags = GENL_ADMIN_PERM, 6595 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6596 NL80211_FLAG_NEED_RTNL, 6597 }, 6598 { 6599 .cmd = NL80211_CMD_JOIN_IBSS, 6600 .doit = nl80211_join_ibss, 6601 .policy = nl80211_policy, 6602 .flags = GENL_ADMIN_PERM, 6603 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6604 NL80211_FLAG_NEED_RTNL, 6605 }, 6606 { 6607 .cmd = NL80211_CMD_LEAVE_IBSS, 6608 .doit = nl80211_leave_ibss, 6609 .policy = nl80211_policy, 6610 .flags = GENL_ADMIN_PERM, 6611 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6612 NL80211_FLAG_NEED_RTNL, 6613 }, 6614 #ifdef CONFIG_NL80211_TESTMODE 6615 { 6616 .cmd = NL80211_CMD_TESTMODE, 6617 .doit = nl80211_testmode_do, 6618 .dumpit = nl80211_testmode_dump, 6619 .policy = nl80211_policy, 6620 .flags = GENL_ADMIN_PERM, 6621 .internal_flags = NL80211_FLAG_NEED_WIPHY | 6622 NL80211_FLAG_NEED_RTNL, 6623 }, 6624 #endif 6625 { 6626 .cmd = NL80211_CMD_CONNECT, 6627 .doit = nl80211_connect, 6628 .policy = nl80211_policy, 6629 .flags = GENL_ADMIN_PERM, 6630 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6631 NL80211_FLAG_NEED_RTNL, 6632 }, 6633 { 6634 .cmd = NL80211_CMD_DISCONNECT, 6635 .doit = nl80211_disconnect, 6636 .policy = nl80211_policy, 6637 .flags = GENL_ADMIN_PERM, 6638 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6639 NL80211_FLAG_NEED_RTNL, 6640 }, 6641 { 6642 .cmd = NL80211_CMD_SET_WIPHY_NETNS, 6643 .doit = nl80211_wiphy_netns, 6644 .policy = nl80211_policy, 6645 .flags = GENL_ADMIN_PERM, 6646 .internal_flags = NL80211_FLAG_NEED_WIPHY | 6647 NL80211_FLAG_NEED_RTNL, 6648 }, 6649 { 6650 .cmd = NL80211_CMD_GET_SURVEY, 6651 .policy = nl80211_policy, 6652 .dumpit = nl80211_dump_survey, 6653 }, 6654 { 6655 .cmd = NL80211_CMD_SET_PMKSA, 6656 .doit = nl80211_setdel_pmksa, 6657 .policy = nl80211_policy, 6658 .flags = GENL_ADMIN_PERM, 6659 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6660 NL80211_FLAG_NEED_RTNL, 6661 }, 6662 { 6663 .cmd = NL80211_CMD_DEL_PMKSA, 6664 .doit = nl80211_setdel_pmksa, 6665 .policy = nl80211_policy, 6666 .flags = GENL_ADMIN_PERM, 6667 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6668 NL80211_FLAG_NEED_RTNL, 6669 }, 6670 { 6671 .cmd = NL80211_CMD_FLUSH_PMKSA, 6672 .doit = nl80211_flush_pmksa, 6673 .policy = nl80211_policy, 6674 .flags = GENL_ADMIN_PERM, 6675 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6676 NL80211_FLAG_NEED_RTNL, 6677 }, 6678 { 6679 .cmd = NL80211_CMD_REMAIN_ON_CHANNEL, 6680 .doit = nl80211_remain_on_channel, 6681 .policy = nl80211_policy, 6682 .flags = GENL_ADMIN_PERM, 6683 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6684 NL80211_FLAG_NEED_RTNL, 6685 }, 6686 { 6687 .cmd = NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL, 6688 .doit = nl80211_cancel_remain_on_channel, 6689 .policy = nl80211_policy, 6690 .flags = GENL_ADMIN_PERM, 6691 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6692 NL80211_FLAG_NEED_RTNL, 6693 }, 6694 { 6695 .cmd = NL80211_CMD_SET_TX_BITRATE_MASK, 6696 .doit = nl80211_set_tx_bitrate_mask, 6697 .policy = nl80211_policy, 6698 .flags = GENL_ADMIN_PERM, 6699 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6700 NL80211_FLAG_NEED_RTNL, 6701 }, 6702 { 6703 .cmd = NL80211_CMD_REGISTER_FRAME, 6704 .doit = nl80211_register_mgmt, 6705 .policy = nl80211_policy, 6706 .flags = GENL_ADMIN_PERM, 6707 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6708 NL80211_FLAG_NEED_RTNL, 6709 }, 6710 { 6711 .cmd = NL80211_CMD_FRAME, 6712 .doit = nl80211_tx_mgmt, 6713 .policy = nl80211_policy, 6714 .flags = GENL_ADMIN_PERM, 6715 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6716 NL80211_FLAG_NEED_RTNL, 6717 }, 6718 { 6719 .cmd = NL80211_CMD_FRAME_WAIT_CANCEL, 6720 .doit = nl80211_tx_mgmt_cancel_wait, 6721 .policy = nl80211_policy, 6722 .flags = GENL_ADMIN_PERM, 6723 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6724 NL80211_FLAG_NEED_RTNL, 6725 }, 6726 { 6727 .cmd = NL80211_CMD_SET_POWER_SAVE, 6728 .doit = nl80211_set_power_save, 6729 .policy = nl80211_policy, 6730 .flags = GENL_ADMIN_PERM, 6731 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6732 NL80211_FLAG_NEED_RTNL, 6733 }, 6734 { 6735 .cmd = NL80211_CMD_GET_POWER_SAVE, 6736 .doit = nl80211_get_power_save, 6737 .policy = nl80211_policy, 6738 /* can be retrieved by unprivileged users */ 6739 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6740 NL80211_FLAG_NEED_RTNL, 6741 }, 6742 { 6743 .cmd = NL80211_CMD_SET_CQM, 6744 .doit = nl80211_set_cqm, 6745 .policy = nl80211_policy, 6746 .flags = GENL_ADMIN_PERM, 6747 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6748 NL80211_FLAG_NEED_RTNL, 6749 }, 6750 { 6751 .cmd = NL80211_CMD_SET_CHANNEL, 6752 .doit = nl80211_set_channel, 6753 .policy = nl80211_policy, 6754 .flags = GENL_ADMIN_PERM, 6755 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6756 NL80211_FLAG_NEED_RTNL, 6757 }, 6758 { 6759 .cmd = NL80211_CMD_SET_WDS_PEER, 6760 .doit = nl80211_set_wds_peer, 6761 .policy = nl80211_policy, 6762 .flags = GENL_ADMIN_PERM, 6763 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6764 NL80211_FLAG_NEED_RTNL, 6765 }, 6766 { 6767 .cmd = NL80211_CMD_JOIN_MESH, 6768 .doit = nl80211_join_mesh, 6769 .policy = nl80211_policy, 6770 .flags = GENL_ADMIN_PERM, 6771 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6772 NL80211_FLAG_NEED_RTNL, 6773 }, 6774 { 6775 .cmd = NL80211_CMD_LEAVE_MESH, 6776 .doit = nl80211_leave_mesh, 6777 .policy = nl80211_policy, 6778 .flags = GENL_ADMIN_PERM, 6779 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6780 NL80211_FLAG_NEED_RTNL, 6781 }, 6782 { 6783 .cmd = NL80211_CMD_GET_WOWLAN, 6784 .doit = nl80211_get_wowlan, 6785 .policy = nl80211_policy, 6786 /* can be retrieved by unprivileged users */ 6787 .internal_flags = NL80211_FLAG_NEED_WIPHY | 6788 NL80211_FLAG_NEED_RTNL, 6789 }, 6790 { 6791 .cmd = NL80211_CMD_SET_WOWLAN, 6792 .doit = nl80211_set_wowlan, 6793 .policy = nl80211_policy, 6794 .flags = GENL_ADMIN_PERM, 6795 .internal_flags = NL80211_FLAG_NEED_WIPHY | 6796 NL80211_FLAG_NEED_RTNL, 6797 }, 6798 { 6799 .cmd = NL80211_CMD_SET_REKEY_OFFLOAD, 6800 .doit = nl80211_set_rekey_data, 6801 .policy = nl80211_policy, 6802 .flags = GENL_ADMIN_PERM, 6803 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6804 NL80211_FLAG_NEED_RTNL, 6805 }, 6806 { 6807 .cmd = NL80211_CMD_TDLS_MGMT, 6808 .doit = nl80211_tdls_mgmt, 6809 .policy = nl80211_policy, 6810 .flags = GENL_ADMIN_PERM, 6811 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6812 NL80211_FLAG_NEED_RTNL, 6813 }, 6814 { 6815 .cmd = NL80211_CMD_TDLS_OPER, 6816 .doit = nl80211_tdls_oper, 6817 .policy = nl80211_policy, 6818 .flags = GENL_ADMIN_PERM, 6819 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6820 NL80211_FLAG_NEED_RTNL, 6821 }, 6822 { 6823 .cmd = NL80211_CMD_UNEXPECTED_FRAME, 6824 .doit = nl80211_register_unexpected_frame, 6825 .policy = nl80211_policy, 6826 .flags = GENL_ADMIN_PERM, 6827 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6828 NL80211_FLAG_NEED_RTNL, 6829 }, 6830 { 6831 .cmd = NL80211_CMD_PROBE_CLIENT, 6832 .doit = nl80211_probe_client, 6833 .policy = nl80211_policy, 6834 .flags = GENL_ADMIN_PERM, 6835 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6836 NL80211_FLAG_NEED_RTNL, 6837 }, 6838 { 6839 .cmd = NL80211_CMD_REGISTER_BEACONS, 6840 .doit = nl80211_register_beacons, 6841 .policy = nl80211_policy, 6842 .flags = GENL_ADMIN_PERM, 6843 .internal_flags = NL80211_FLAG_NEED_WIPHY | 6844 NL80211_FLAG_NEED_RTNL, 6845 }, 6846 { 6847 .cmd = NL80211_CMD_SET_NOACK_MAP, 6848 .doit = nl80211_set_noack_map, 6849 .policy = nl80211_policy, 6850 .flags = GENL_ADMIN_PERM, 6851 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6852 NL80211_FLAG_NEED_RTNL, 6853 }, 6854 6855 }; 6856 6857 static struct genl_multicast_group nl80211_mlme_mcgrp = { 6858 .name = "mlme", 6859 }; 6860 6861 /* multicast groups */ 6862 static struct genl_multicast_group nl80211_config_mcgrp = { 6863 .name = "config", 6864 }; 6865 static struct genl_multicast_group nl80211_scan_mcgrp = { 6866 .name = "scan", 6867 }; 6868 static struct genl_multicast_group nl80211_regulatory_mcgrp = { 6869 .name = "regulatory", 6870 }; 6871 6872 /* notification functions */ 6873 6874 void nl80211_notify_dev_rename(struct cfg80211_registered_device *rdev) 6875 { 6876 struct sk_buff *msg; 6877 6878 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 6879 if (!msg) 6880 return; 6881 6882 if (nl80211_send_wiphy(msg, 0, 0, 0, rdev) < 0) { 6883 nlmsg_free(msg); 6884 return; 6885 } 6886 6887 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6888 nl80211_config_mcgrp.id, GFP_KERNEL); 6889 } 6890 6891 static int nl80211_add_scan_req(struct sk_buff *msg, 6892 struct cfg80211_registered_device *rdev) 6893 { 6894 struct cfg80211_scan_request *req = rdev->scan_req; 6895 struct nlattr *nest; 6896 int i; 6897 6898 ASSERT_RDEV_LOCK(rdev); 6899 6900 if (WARN_ON(!req)) 6901 return 0; 6902 6903 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_SSIDS); 6904 if (!nest) 6905 goto nla_put_failure; 6906 for (i = 0; i < req->n_ssids; i++) 6907 NLA_PUT(msg, i, req->ssids[i].ssid_len, req->ssids[i].ssid); 6908 nla_nest_end(msg, nest); 6909 6910 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_FREQUENCIES); 6911 if (!nest) 6912 goto nla_put_failure; 6913 for (i = 0; i < req->n_channels; i++) 6914 NLA_PUT_U32(msg, i, req->channels[i]->center_freq); 6915 nla_nest_end(msg, nest); 6916 6917 if (req->ie) 6918 NLA_PUT(msg, NL80211_ATTR_IE, req->ie_len, req->ie); 6919 6920 return 0; 6921 nla_put_failure: 6922 return -ENOBUFS; 6923 } 6924 6925 static int nl80211_send_scan_msg(struct sk_buff *msg, 6926 struct cfg80211_registered_device *rdev, 6927 struct net_device *netdev, 6928 u32 pid, u32 seq, int flags, 6929 u32 cmd) 6930 { 6931 void *hdr; 6932 6933 hdr = nl80211hdr_put(msg, pid, seq, flags, cmd); 6934 if (!hdr) 6935 return -1; 6936 6937 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6938 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6939 6940 /* ignore errors and send incomplete event anyway */ 6941 nl80211_add_scan_req(msg, rdev); 6942 6943 return genlmsg_end(msg, hdr); 6944 6945 nla_put_failure: 6946 genlmsg_cancel(msg, hdr); 6947 return -EMSGSIZE; 6948 } 6949 6950 static int 6951 nl80211_send_sched_scan_msg(struct sk_buff *msg, 6952 struct cfg80211_registered_device *rdev, 6953 struct net_device *netdev, 6954 u32 pid, u32 seq, int flags, u32 cmd) 6955 { 6956 void *hdr; 6957 6958 hdr = nl80211hdr_put(msg, pid, seq, flags, cmd); 6959 if (!hdr) 6960 return -1; 6961 6962 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6963 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6964 6965 return genlmsg_end(msg, hdr); 6966 6967 nla_put_failure: 6968 genlmsg_cancel(msg, hdr); 6969 return -EMSGSIZE; 6970 } 6971 6972 void nl80211_send_scan_start(struct cfg80211_registered_device *rdev, 6973 struct net_device *netdev) 6974 { 6975 struct sk_buff *msg; 6976 6977 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL); 6978 if (!msg) 6979 return; 6980 6981 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0, 6982 NL80211_CMD_TRIGGER_SCAN) < 0) { 6983 nlmsg_free(msg); 6984 return; 6985 } 6986 6987 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6988 nl80211_scan_mcgrp.id, GFP_KERNEL); 6989 } 6990 6991 void nl80211_send_scan_done(struct cfg80211_registered_device *rdev, 6992 struct net_device *netdev) 6993 { 6994 struct sk_buff *msg; 6995 6996 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 6997 if (!msg) 6998 return; 6999 7000 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0, 7001 NL80211_CMD_NEW_SCAN_RESULTS) < 0) { 7002 nlmsg_free(msg); 7003 return; 7004 } 7005 7006 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7007 nl80211_scan_mcgrp.id, GFP_KERNEL); 7008 } 7009 7010 void nl80211_send_scan_aborted(struct cfg80211_registered_device *rdev, 7011 struct net_device *netdev) 7012 { 7013 struct sk_buff *msg; 7014 7015 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 7016 if (!msg) 7017 return; 7018 7019 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0, 7020 NL80211_CMD_SCAN_ABORTED) < 0) { 7021 nlmsg_free(msg); 7022 return; 7023 } 7024 7025 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7026 nl80211_scan_mcgrp.id, GFP_KERNEL); 7027 } 7028 7029 void nl80211_send_sched_scan_results(struct cfg80211_registered_device *rdev, 7030 struct net_device *netdev) 7031 { 7032 struct sk_buff *msg; 7033 7034 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 7035 if (!msg) 7036 return; 7037 7038 if (nl80211_send_sched_scan_msg(msg, rdev, netdev, 0, 0, 0, 7039 NL80211_CMD_SCHED_SCAN_RESULTS) < 0) { 7040 nlmsg_free(msg); 7041 return; 7042 } 7043 7044 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7045 nl80211_scan_mcgrp.id, GFP_KERNEL); 7046 } 7047 7048 void nl80211_send_sched_scan(struct cfg80211_registered_device *rdev, 7049 struct net_device *netdev, u32 cmd) 7050 { 7051 struct sk_buff *msg; 7052 7053 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL); 7054 if (!msg) 7055 return; 7056 7057 if (nl80211_send_sched_scan_msg(msg, rdev, netdev, 0, 0, 0, cmd) < 0) { 7058 nlmsg_free(msg); 7059 return; 7060 } 7061 7062 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7063 nl80211_scan_mcgrp.id, GFP_KERNEL); 7064 } 7065 7066 /* 7067 * This can happen on global regulatory changes or device specific settings 7068 * based on custom world regulatory domains. 7069 */ 7070 void nl80211_send_reg_change_event(struct regulatory_request *request) 7071 { 7072 struct sk_buff *msg; 7073 void *hdr; 7074 7075 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 7076 if (!msg) 7077 return; 7078 7079 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_CHANGE); 7080 if (!hdr) { 7081 nlmsg_free(msg); 7082 return; 7083 } 7084 7085 /* Userspace can always count this one always being set */ 7086 NLA_PUT_U8(msg, NL80211_ATTR_REG_INITIATOR, request->initiator); 7087 7088 if (request->alpha2[0] == '0' && request->alpha2[1] == '0') 7089 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 7090 NL80211_REGDOM_TYPE_WORLD); 7091 else if (request->alpha2[0] == '9' && request->alpha2[1] == '9') 7092 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 7093 NL80211_REGDOM_TYPE_CUSTOM_WORLD); 7094 else if ((request->alpha2[0] == '9' && request->alpha2[1] == '8') || 7095 request->intersect) 7096 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 7097 NL80211_REGDOM_TYPE_INTERSECTION); 7098 else { 7099 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 7100 NL80211_REGDOM_TYPE_COUNTRY); 7101 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, request->alpha2); 7102 } 7103 7104 if (wiphy_idx_valid(request->wiphy_idx)) 7105 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, request->wiphy_idx); 7106 7107 genlmsg_end(msg, hdr); 7108 7109 rcu_read_lock(); 7110 genlmsg_multicast_allns(msg, 0, nl80211_regulatory_mcgrp.id, 7111 GFP_ATOMIC); 7112 rcu_read_unlock(); 7113 7114 return; 7115 7116 nla_put_failure: 7117 genlmsg_cancel(msg, hdr); 7118 nlmsg_free(msg); 7119 } 7120 7121 static void nl80211_send_mlme_event(struct cfg80211_registered_device *rdev, 7122 struct net_device *netdev, 7123 const u8 *buf, size_t len, 7124 enum nl80211_commands cmd, gfp_t gfp) 7125 { 7126 struct sk_buff *msg; 7127 void *hdr; 7128 7129 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 7130 if (!msg) 7131 return; 7132 7133 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 7134 if (!hdr) { 7135 nlmsg_free(msg); 7136 return; 7137 } 7138 7139 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7140 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7141 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf); 7142 7143 genlmsg_end(msg, hdr); 7144 7145 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7146 nl80211_mlme_mcgrp.id, gfp); 7147 return; 7148 7149 nla_put_failure: 7150 genlmsg_cancel(msg, hdr); 7151 nlmsg_free(msg); 7152 } 7153 7154 void nl80211_send_rx_auth(struct cfg80211_registered_device *rdev, 7155 struct net_device *netdev, const u8 *buf, 7156 size_t len, gfp_t gfp) 7157 { 7158 nl80211_send_mlme_event(rdev, netdev, buf, len, 7159 NL80211_CMD_AUTHENTICATE, gfp); 7160 } 7161 7162 void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev, 7163 struct net_device *netdev, const u8 *buf, 7164 size_t len, gfp_t gfp) 7165 { 7166 nl80211_send_mlme_event(rdev, netdev, buf, len, 7167 NL80211_CMD_ASSOCIATE, gfp); 7168 } 7169 7170 void nl80211_send_deauth(struct cfg80211_registered_device *rdev, 7171 struct net_device *netdev, const u8 *buf, 7172 size_t len, gfp_t gfp) 7173 { 7174 nl80211_send_mlme_event(rdev, netdev, buf, len, 7175 NL80211_CMD_DEAUTHENTICATE, gfp); 7176 } 7177 7178 void nl80211_send_disassoc(struct cfg80211_registered_device *rdev, 7179 struct net_device *netdev, const u8 *buf, 7180 size_t len, gfp_t gfp) 7181 { 7182 nl80211_send_mlme_event(rdev, netdev, buf, len, 7183 NL80211_CMD_DISASSOCIATE, gfp); 7184 } 7185 7186 void nl80211_send_unprot_deauth(struct cfg80211_registered_device *rdev, 7187 struct net_device *netdev, const u8 *buf, 7188 size_t len, gfp_t gfp) 7189 { 7190 nl80211_send_mlme_event(rdev, netdev, buf, len, 7191 NL80211_CMD_UNPROT_DEAUTHENTICATE, gfp); 7192 } 7193 7194 void nl80211_send_unprot_disassoc(struct cfg80211_registered_device *rdev, 7195 struct net_device *netdev, const u8 *buf, 7196 size_t len, gfp_t gfp) 7197 { 7198 nl80211_send_mlme_event(rdev, netdev, buf, len, 7199 NL80211_CMD_UNPROT_DISASSOCIATE, gfp); 7200 } 7201 7202 static void nl80211_send_mlme_timeout(struct cfg80211_registered_device *rdev, 7203 struct net_device *netdev, int cmd, 7204 const u8 *addr, gfp_t gfp) 7205 { 7206 struct sk_buff *msg; 7207 void *hdr; 7208 7209 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 7210 if (!msg) 7211 return; 7212 7213 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 7214 if (!hdr) { 7215 nlmsg_free(msg); 7216 return; 7217 } 7218 7219 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7220 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7221 NLA_PUT_FLAG(msg, NL80211_ATTR_TIMED_OUT); 7222 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); 7223 7224 genlmsg_end(msg, hdr); 7225 7226 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7227 nl80211_mlme_mcgrp.id, gfp); 7228 return; 7229 7230 nla_put_failure: 7231 genlmsg_cancel(msg, hdr); 7232 nlmsg_free(msg); 7233 } 7234 7235 void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev, 7236 struct net_device *netdev, const u8 *addr, 7237 gfp_t gfp) 7238 { 7239 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_AUTHENTICATE, 7240 addr, gfp); 7241 } 7242 7243 void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev, 7244 struct net_device *netdev, const u8 *addr, 7245 gfp_t gfp) 7246 { 7247 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_ASSOCIATE, 7248 addr, gfp); 7249 } 7250 7251 void nl80211_send_connect_result(struct cfg80211_registered_device *rdev, 7252 struct net_device *netdev, const u8 *bssid, 7253 const u8 *req_ie, size_t req_ie_len, 7254 const u8 *resp_ie, size_t resp_ie_len, 7255 u16 status, gfp_t gfp) 7256 { 7257 struct sk_buff *msg; 7258 void *hdr; 7259 7260 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7261 if (!msg) 7262 return; 7263 7264 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONNECT); 7265 if (!hdr) { 7266 nlmsg_free(msg); 7267 return; 7268 } 7269 7270 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7271 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7272 if (bssid) 7273 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 7274 NLA_PUT_U16(msg, NL80211_ATTR_STATUS_CODE, status); 7275 if (req_ie) 7276 NLA_PUT(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie); 7277 if (resp_ie) 7278 NLA_PUT(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie); 7279 7280 genlmsg_end(msg, hdr); 7281 7282 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7283 nl80211_mlme_mcgrp.id, gfp); 7284 return; 7285 7286 nla_put_failure: 7287 genlmsg_cancel(msg, hdr); 7288 nlmsg_free(msg); 7289 7290 } 7291 7292 void nl80211_send_roamed(struct cfg80211_registered_device *rdev, 7293 struct net_device *netdev, const u8 *bssid, 7294 const u8 *req_ie, size_t req_ie_len, 7295 const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp) 7296 { 7297 struct sk_buff *msg; 7298 void *hdr; 7299 7300 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7301 if (!msg) 7302 return; 7303 7304 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_ROAM); 7305 if (!hdr) { 7306 nlmsg_free(msg); 7307 return; 7308 } 7309 7310 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7311 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7312 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 7313 if (req_ie) 7314 NLA_PUT(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie); 7315 if (resp_ie) 7316 NLA_PUT(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie); 7317 7318 genlmsg_end(msg, hdr); 7319 7320 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7321 nl80211_mlme_mcgrp.id, gfp); 7322 return; 7323 7324 nla_put_failure: 7325 genlmsg_cancel(msg, hdr); 7326 nlmsg_free(msg); 7327 7328 } 7329 7330 void nl80211_send_disconnected(struct cfg80211_registered_device *rdev, 7331 struct net_device *netdev, u16 reason, 7332 const u8 *ie, size_t ie_len, bool from_ap) 7333 { 7334 struct sk_buff *msg; 7335 void *hdr; 7336 7337 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL); 7338 if (!msg) 7339 return; 7340 7341 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DISCONNECT); 7342 if (!hdr) { 7343 nlmsg_free(msg); 7344 return; 7345 } 7346 7347 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7348 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7349 if (from_ap && reason) 7350 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason); 7351 if (from_ap) 7352 NLA_PUT_FLAG(msg, NL80211_ATTR_DISCONNECTED_BY_AP); 7353 if (ie) 7354 NLA_PUT(msg, NL80211_ATTR_IE, ie_len, ie); 7355 7356 genlmsg_end(msg, hdr); 7357 7358 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7359 nl80211_mlme_mcgrp.id, GFP_KERNEL); 7360 return; 7361 7362 nla_put_failure: 7363 genlmsg_cancel(msg, hdr); 7364 nlmsg_free(msg); 7365 7366 } 7367 7368 void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev, 7369 struct net_device *netdev, const u8 *bssid, 7370 gfp_t gfp) 7371 { 7372 struct sk_buff *msg; 7373 void *hdr; 7374 7375 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 7376 if (!msg) 7377 return; 7378 7379 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_JOIN_IBSS); 7380 if (!hdr) { 7381 nlmsg_free(msg); 7382 return; 7383 } 7384 7385 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7386 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7387 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 7388 7389 genlmsg_end(msg, hdr); 7390 7391 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7392 nl80211_mlme_mcgrp.id, gfp); 7393 return; 7394 7395 nla_put_failure: 7396 genlmsg_cancel(msg, hdr); 7397 nlmsg_free(msg); 7398 } 7399 7400 void nl80211_send_new_peer_candidate(struct cfg80211_registered_device *rdev, 7401 struct net_device *netdev, 7402 const u8 *macaddr, const u8* ie, u8 ie_len, 7403 gfp_t gfp) 7404 { 7405 struct sk_buff *msg; 7406 void *hdr; 7407 7408 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 7409 if (!msg) 7410 return; 7411 7412 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NEW_PEER_CANDIDATE); 7413 if (!hdr) { 7414 nlmsg_free(msg); 7415 return; 7416 } 7417 7418 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7419 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7420 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, macaddr); 7421 if (ie_len && ie) 7422 NLA_PUT(msg, NL80211_ATTR_IE, ie_len , ie); 7423 7424 genlmsg_end(msg, hdr); 7425 7426 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7427 nl80211_mlme_mcgrp.id, gfp); 7428 return; 7429 7430 nla_put_failure: 7431 genlmsg_cancel(msg, hdr); 7432 nlmsg_free(msg); 7433 } 7434 7435 void nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev, 7436 struct net_device *netdev, const u8 *addr, 7437 enum nl80211_key_type key_type, int key_id, 7438 const u8 *tsc, gfp_t gfp) 7439 { 7440 struct sk_buff *msg; 7441 void *hdr; 7442 7443 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 7444 if (!msg) 7445 return; 7446 7447 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_MICHAEL_MIC_FAILURE); 7448 if (!hdr) { 7449 nlmsg_free(msg); 7450 return; 7451 } 7452 7453 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7454 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7455 if (addr) 7456 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); 7457 NLA_PUT_U32(msg, NL80211_ATTR_KEY_TYPE, key_type); 7458 if (key_id != -1) 7459 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_id); 7460 if (tsc) 7461 NLA_PUT(msg, NL80211_ATTR_KEY_SEQ, 6, tsc); 7462 7463 genlmsg_end(msg, hdr); 7464 7465 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7466 nl80211_mlme_mcgrp.id, gfp); 7467 return; 7468 7469 nla_put_failure: 7470 genlmsg_cancel(msg, hdr); 7471 nlmsg_free(msg); 7472 } 7473 7474 void nl80211_send_beacon_hint_event(struct wiphy *wiphy, 7475 struct ieee80211_channel *channel_before, 7476 struct ieee80211_channel *channel_after) 7477 { 7478 struct sk_buff *msg; 7479 void *hdr; 7480 struct nlattr *nl_freq; 7481 7482 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC); 7483 if (!msg) 7484 return; 7485 7486 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_BEACON_HINT); 7487 if (!hdr) { 7488 nlmsg_free(msg); 7489 return; 7490 } 7491 7492 /* 7493 * Since we are applying the beacon hint to a wiphy we know its 7494 * wiphy_idx is valid 7495 */ 7496 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy)); 7497 7498 /* Before */ 7499 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_BEFORE); 7500 if (!nl_freq) 7501 goto nla_put_failure; 7502 if (nl80211_msg_put_channel(msg, channel_before)) 7503 goto nla_put_failure; 7504 nla_nest_end(msg, nl_freq); 7505 7506 /* After */ 7507 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_AFTER); 7508 if (!nl_freq) 7509 goto nla_put_failure; 7510 if (nl80211_msg_put_channel(msg, channel_after)) 7511 goto nla_put_failure; 7512 nla_nest_end(msg, nl_freq); 7513 7514 genlmsg_end(msg, hdr); 7515 7516 rcu_read_lock(); 7517 genlmsg_multicast_allns(msg, 0, nl80211_regulatory_mcgrp.id, 7518 GFP_ATOMIC); 7519 rcu_read_unlock(); 7520 7521 return; 7522 7523 nla_put_failure: 7524 genlmsg_cancel(msg, hdr); 7525 nlmsg_free(msg); 7526 } 7527 7528 static void nl80211_send_remain_on_chan_event( 7529 int cmd, struct cfg80211_registered_device *rdev, 7530 struct net_device *netdev, u64 cookie, 7531 struct ieee80211_channel *chan, 7532 enum nl80211_channel_type channel_type, 7533 unsigned int duration, gfp_t gfp) 7534 { 7535 struct sk_buff *msg; 7536 void *hdr; 7537 7538 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 7539 if (!msg) 7540 return; 7541 7542 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 7543 if (!hdr) { 7544 nlmsg_free(msg); 7545 return; 7546 } 7547 7548 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7549 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7550 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, chan->center_freq); 7551 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, channel_type); 7552 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 7553 7554 if (cmd == NL80211_CMD_REMAIN_ON_CHANNEL) 7555 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, duration); 7556 7557 genlmsg_end(msg, hdr); 7558 7559 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7560 nl80211_mlme_mcgrp.id, gfp); 7561 return; 7562 7563 nla_put_failure: 7564 genlmsg_cancel(msg, hdr); 7565 nlmsg_free(msg); 7566 } 7567 7568 void nl80211_send_remain_on_channel(struct cfg80211_registered_device *rdev, 7569 struct net_device *netdev, u64 cookie, 7570 struct ieee80211_channel *chan, 7571 enum nl80211_channel_type channel_type, 7572 unsigned int duration, gfp_t gfp) 7573 { 7574 nl80211_send_remain_on_chan_event(NL80211_CMD_REMAIN_ON_CHANNEL, 7575 rdev, netdev, cookie, chan, 7576 channel_type, duration, gfp); 7577 } 7578 7579 void nl80211_send_remain_on_channel_cancel( 7580 struct cfg80211_registered_device *rdev, struct net_device *netdev, 7581 u64 cookie, struct ieee80211_channel *chan, 7582 enum nl80211_channel_type channel_type, gfp_t gfp) 7583 { 7584 nl80211_send_remain_on_chan_event(NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL, 7585 rdev, netdev, cookie, chan, 7586 channel_type, 0, gfp); 7587 } 7588 7589 void nl80211_send_sta_event(struct cfg80211_registered_device *rdev, 7590 struct net_device *dev, const u8 *mac_addr, 7591 struct station_info *sinfo, gfp_t gfp) 7592 { 7593 struct sk_buff *msg; 7594 7595 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7596 if (!msg) 7597 return; 7598 7599 if (nl80211_send_station(msg, 0, 0, 0, dev, mac_addr, sinfo) < 0) { 7600 nlmsg_free(msg); 7601 return; 7602 } 7603 7604 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7605 nl80211_mlme_mcgrp.id, gfp); 7606 } 7607 7608 void nl80211_send_sta_del_event(struct cfg80211_registered_device *rdev, 7609 struct net_device *dev, const u8 *mac_addr, 7610 gfp_t gfp) 7611 { 7612 struct sk_buff *msg; 7613 void *hdr; 7614 7615 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7616 if (!msg) 7617 return; 7618 7619 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DEL_STATION); 7620 if (!hdr) { 7621 nlmsg_free(msg); 7622 return; 7623 } 7624 7625 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 7626 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr); 7627 7628 genlmsg_end(msg, hdr); 7629 7630 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7631 nl80211_mlme_mcgrp.id, gfp); 7632 return; 7633 7634 nla_put_failure: 7635 genlmsg_cancel(msg, hdr); 7636 nlmsg_free(msg); 7637 } 7638 7639 static bool __nl80211_unexpected_frame(struct net_device *dev, u8 cmd, 7640 const u8 *addr, gfp_t gfp) 7641 { 7642 struct wireless_dev *wdev = dev->ieee80211_ptr; 7643 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy); 7644 struct sk_buff *msg; 7645 void *hdr; 7646 int err; 7647 u32 nlpid = ACCESS_ONCE(wdev->ap_unexpected_nlpid); 7648 7649 if (!nlpid) 7650 return false; 7651 7652 msg = nlmsg_new(100, gfp); 7653 if (!msg) 7654 return true; 7655 7656 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 7657 if (!hdr) { 7658 nlmsg_free(msg); 7659 return true; 7660 } 7661 7662 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7663 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 7664 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); 7665 7666 err = genlmsg_end(msg, hdr); 7667 if (err < 0) { 7668 nlmsg_free(msg); 7669 return true; 7670 } 7671 7672 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlpid); 7673 return true; 7674 7675 nla_put_failure: 7676 genlmsg_cancel(msg, hdr); 7677 nlmsg_free(msg); 7678 return true; 7679 } 7680 7681 bool nl80211_unexpected_frame(struct net_device *dev, const u8 *addr, gfp_t gfp) 7682 { 7683 return __nl80211_unexpected_frame(dev, NL80211_CMD_UNEXPECTED_FRAME, 7684 addr, gfp); 7685 } 7686 7687 bool nl80211_unexpected_4addr_frame(struct net_device *dev, 7688 const u8 *addr, gfp_t gfp) 7689 { 7690 return __nl80211_unexpected_frame(dev, 7691 NL80211_CMD_UNEXPECTED_4ADDR_FRAME, 7692 addr, gfp); 7693 } 7694 7695 int nl80211_send_mgmt(struct cfg80211_registered_device *rdev, 7696 struct net_device *netdev, u32 nlpid, 7697 int freq, int sig_dbm, 7698 const u8 *buf, size_t len, gfp_t gfp) 7699 { 7700 struct sk_buff *msg; 7701 void *hdr; 7702 7703 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 7704 if (!msg) 7705 return -ENOMEM; 7706 7707 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME); 7708 if (!hdr) { 7709 nlmsg_free(msg); 7710 return -ENOMEM; 7711 } 7712 7713 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7714 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7715 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq); 7716 if (sig_dbm) 7717 NLA_PUT_U32(msg, NL80211_ATTR_RX_SIGNAL_DBM, sig_dbm); 7718 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf); 7719 7720 genlmsg_end(msg, hdr); 7721 7722 return genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlpid); 7723 7724 nla_put_failure: 7725 genlmsg_cancel(msg, hdr); 7726 nlmsg_free(msg); 7727 return -ENOBUFS; 7728 } 7729 7730 void nl80211_send_mgmt_tx_status(struct cfg80211_registered_device *rdev, 7731 struct net_device *netdev, u64 cookie, 7732 const u8 *buf, size_t len, bool ack, 7733 gfp_t gfp) 7734 { 7735 struct sk_buff *msg; 7736 void *hdr; 7737 7738 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 7739 if (!msg) 7740 return; 7741 7742 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME_TX_STATUS); 7743 if (!hdr) { 7744 nlmsg_free(msg); 7745 return; 7746 } 7747 7748 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7749 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7750 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf); 7751 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 7752 if (ack) 7753 NLA_PUT_FLAG(msg, NL80211_ATTR_ACK); 7754 7755 genlmsg_end(msg, hdr); 7756 7757 genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, gfp); 7758 return; 7759 7760 nla_put_failure: 7761 genlmsg_cancel(msg, hdr); 7762 nlmsg_free(msg); 7763 } 7764 7765 void 7766 nl80211_send_cqm_rssi_notify(struct cfg80211_registered_device *rdev, 7767 struct net_device *netdev, 7768 enum nl80211_cqm_rssi_threshold_event rssi_event, 7769 gfp_t gfp) 7770 { 7771 struct sk_buff *msg; 7772 struct nlattr *pinfoattr; 7773 void *hdr; 7774 7775 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7776 if (!msg) 7777 return; 7778 7779 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM); 7780 if (!hdr) { 7781 nlmsg_free(msg); 7782 return; 7783 } 7784 7785 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7786 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7787 7788 pinfoattr = nla_nest_start(msg, NL80211_ATTR_CQM); 7789 if (!pinfoattr) 7790 goto nla_put_failure; 7791 7792 NLA_PUT_U32(msg, NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT, 7793 rssi_event); 7794 7795 nla_nest_end(msg, pinfoattr); 7796 7797 genlmsg_end(msg, hdr); 7798 7799 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7800 nl80211_mlme_mcgrp.id, gfp); 7801 return; 7802 7803 nla_put_failure: 7804 genlmsg_cancel(msg, hdr); 7805 nlmsg_free(msg); 7806 } 7807 7808 void nl80211_gtk_rekey_notify(struct cfg80211_registered_device *rdev, 7809 struct net_device *netdev, const u8 *bssid, 7810 const u8 *replay_ctr, gfp_t gfp) 7811 { 7812 struct sk_buff *msg; 7813 struct nlattr *rekey_attr; 7814 void *hdr; 7815 7816 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7817 if (!msg) 7818 return; 7819 7820 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_SET_REKEY_OFFLOAD); 7821 if (!hdr) { 7822 nlmsg_free(msg); 7823 return; 7824 } 7825 7826 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7827 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7828 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 7829 7830 rekey_attr = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA); 7831 if (!rekey_attr) 7832 goto nla_put_failure; 7833 7834 NLA_PUT(msg, NL80211_REKEY_DATA_REPLAY_CTR, 7835 NL80211_REPLAY_CTR_LEN, replay_ctr); 7836 7837 nla_nest_end(msg, rekey_attr); 7838 7839 genlmsg_end(msg, hdr); 7840 7841 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7842 nl80211_mlme_mcgrp.id, gfp); 7843 return; 7844 7845 nla_put_failure: 7846 genlmsg_cancel(msg, hdr); 7847 nlmsg_free(msg); 7848 } 7849 7850 void nl80211_pmksa_candidate_notify(struct cfg80211_registered_device *rdev, 7851 struct net_device *netdev, int index, 7852 const u8 *bssid, bool preauth, gfp_t gfp) 7853 { 7854 struct sk_buff *msg; 7855 struct nlattr *attr; 7856 void *hdr; 7857 7858 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7859 if (!msg) 7860 return; 7861 7862 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_PMKSA_CANDIDATE); 7863 if (!hdr) { 7864 nlmsg_free(msg); 7865 return; 7866 } 7867 7868 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7869 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7870 7871 attr = nla_nest_start(msg, NL80211_ATTR_PMKSA_CANDIDATE); 7872 if (!attr) 7873 goto nla_put_failure; 7874 7875 NLA_PUT_U32(msg, NL80211_PMKSA_CANDIDATE_INDEX, index); 7876 NLA_PUT(msg, NL80211_PMKSA_CANDIDATE_BSSID, ETH_ALEN, bssid); 7877 if (preauth) 7878 NLA_PUT_FLAG(msg, NL80211_PMKSA_CANDIDATE_PREAUTH); 7879 7880 nla_nest_end(msg, attr); 7881 7882 genlmsg_end(msg, hdr); 7883 7884 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7885 nl80211_mlme_mcgrp.id, gfp); 7886 return; 7887 7888 nla_put_failure: 7889 genlmsg_cancel(msg, hdr); 7890 nlmsg_free(msg); 7891 } 7892 7893 void 7894 nl80211_send_cqm_pktloss_notify(struct cfg80211_registered_device *rdev, 7895 struct net_device *netdev, const u8 *peer, 7896 u32 num_packets, gfp_t gfp) 7897 { 7898 struct sk_buff *msg; 7899 struct nlattr *pinfoattr; 7900 void *hdr; 7901 7902 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7903 if (!msg) 7904 return; 7905 7906 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM); 7907 if (!hdr) { 7908 nlmsg_free(msg); 7909 return; 7910 } 7911 7912 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7913 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7914 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, peer); 7915 7916 pinfoattr = nla_nest_start(msg, NL80211_ATTR_CQM); 7917 if (!pinfoattr) 7918 goto nla_put_failure; 7919 7920 NLA_PUT_U32(msg, NL80211_ATTR_CQM_PKT_LOSS_EVENT, num_packets); 7921 7922 nla_nest_end(msg, pinfoattr); 7923 7924 genlmsg_end(msg, hdr); 7925 7926 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7927 nl80211_mlme_mcgrp.id, gfp); 7928 return; 7929 7930 nla_put_failure: 7931 genlmsg_cancel(msg, hdr); 7932 nlmsg_free(msg); 7933 } 7934 7935 void cfg80211_probe_status(struct net_device *dev, const u8 *addr, 7936 u64 cookie, bool acked, gfp_t gfp) 7937 { 7938 struct wireless_dev *wdev = dev->ieee80211_ptr; 7939 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy); 7940 struct sk_buff *msg; 7941 void *hdr; 7942 int err; 7943 7944 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7945 if (!msg) 7946 return; 7947 7948 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_PROBE_CLIENT); 7949 if (!hdr) { 7950 nlmsg_free(msg); 7951 return; 7952 } 7953 7954 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7955 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 7956 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); 7957 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 7958 if (acked) 7959 NLA_PUT_FLAG(msg, NL80211_ATTR_ACK); 7960 7961 err = genlmsg_end(msg, hdr); 7962 if (err < 0) { 7963 nlmsg_free(msg); 7964 return; 7965 } 7966 7967 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7968 nl80211_mlme_mcgrp.id, gfp); 7969 return; 7970 7971 nla_put_failure: 7972 genlmsg_cancel(msg, hdr); 7973 nlmsg_free(msg); 7974 } 7975 EXPORT_SYMBOL(cfg80211_probe_status); 7976 7977 void cfg80211_report_obss_beacon(struct wiphy *wiphy, 7978 const u8 *frame, size_t len, 7979 int freq, int sig_dbm, gfp_t gfp) 7980 { 7981 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 7982 struct sk_buff *msg; 7983 void *hdr; 7984 u32 nlpid = ACCESS_ONCE(rdev->ap_beacons_nlpid); 7985 7986 if (!nlpid) 7987 return; 7988 7989 msg = nlmsg_new(len + 100, gfp); 7990 if (!msg) 7991 return; 7992 7993 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME); 7994 if (!hdr) { 7995 nlmsg_free(msg); 7996 return; 7997 } 7998 7999 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 8000 if (freq) 8001 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq); 8002 if (sig_dbm) 8003 NLA_PUT_U32(msg, NL80211_ATTR_RX_SIGNAL_DBM, sig_dbm); 8004 NLA_PUT(msg, NL80211_ATTR_FRAME, len, frame); 8005 8006 genlmsg_end(msg, hdr); 8007 8008 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlpid); 8009 return; 8010 8011 nla_put_failure: 8012 genlmsg_cancel(msg, hdr); 8013 nlmsg_free(msg); 8014 } 8015 EXPORT_SYMBOL(cfg80211_report_obss_beacon); 8016 8017 static int nl80211_netlink_notify(struct notifier_block * nb, 8018 unsigned long state, 8019 void *_notify) 8020 { 8021 struct netlink_notify *notify = _notify; 8022 struct cfg80211_registered_device *rdev; 8023 struct wireless_dev *wdev; 8024 8025 if (state != NETLINK_URELEASE) 8026 return NOTIFY_DONE; 8027 8028 rcu_read_lock(); 8029 8030 list_for_each_entry_rcu(rdev, &cfg80211_rdev_list, list) { 8031 list_for_each_entry_rcu(wdev, &rdev->netdev_list, list) 8032 cfg80211_mlme_unregister_socket(wdev, notify->pid); 8033 if (rdev->ap_beacons_nlpid == notify->pid) 8034 rdev->ap_beacons_nlpid = 0; 8035 } 8036 8037 rcu_read_unlock(); 8038 8039 return NOTIFY_DONE; 8040 } 8041 8042 static struct notifier_block nl80211_netlink_notifier = { 8043 .notifier_call = nl80211_netlink_notify, 8044 }; 8045 8046 /* initialisation/exit functions */ 8047 8048 int nl80211_init(void) 8049 { 8050 int err; 8051 8052 err = genl_register_family_with_ops(&nl80211_fam, 8053 nl80211_ops, ARRAY_SIZE(nl80211_ops)); 8054 if (err) 8055 return err; 8056 8057 err = genl_register_mc_group(&nl80211_fam, &nl80211_config_mcgrp); 8058 if (err) 8059 goto err_out; 8060 8061 err = genl_register_mc_group(&nl80211_fam, &nl80211_scan_mcgrp); 8062 if (err) 8063 goto err_out; 8064 8065 err = genl_register_mc_group(&nl80211_fam, &nl80211_regulatory_mcgrp); 8066 if (err) 8067 goto err_out; 8068 8069 err = genl_register_mc_group(&nl80211_fam, &nl80211_mlme_mcgrp); 8070 if (err) 8071 goto err_out; 8072 8073 #ifdef CONFIG_NL80211_TESTMODE 8074 err = genl_register_mc_group(&nl80211_fam, &nl80211_testmode_mcgrp); 8075 if (err) 8076 goto err_out; 8077 #endif 8078 8079 err = netlink_register_notifier(&nl80211_netlink_notifier); 8080 if (err) 8081 goto err_out; 8082 8083 return 0; 8084 err_out: 8085 genl_unregister_family(&nl80211_fam); 8086 return err; 8087 } 8088 8089 void nl80211_exit(void) 8090 { 8091 netlink_unregister_notifier(&nl80211_netlink_notifier); 8092 genl_unregister_family(&nl80211_fam); 8093 } 8094