1 /* 2 * Copyright 2002-2005, Instant802 Networks, Inc. 3 * Copyright 2005-2006, Devicescape Software, Inc. 4 * Copyright 2007 Johannes Berg <johannes@sipsolutions.net> 5 * Copyright 2008 Luis R. Rodriguez <lrodriguz@atheros.com> 6 * 7 * This program is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License version 2 as 9 * published by the Free Software Foundation. 10 */ 11 12 /** 13 * DOC: Wireless regulatory infrastructure 14 * 15 * The usual implementation is for a driver to read a device EEPROM to 16 * determine which regulatory domain it should be operating under, then 17 * looking up the allowable channels in a driver-local table and finally 18 * registering those channels in the wiphy structure. 19 * 20 * Another set of compliance enforcement is for drivers to use their 21 * own compliance limits which can be stored on the EEPROM. The host 22 * driver or firmware may ensure these are used. 23 * 24 * In addition to all this we provide an extra layer of regulatory 25 * conformance. For drivers which do not have any regulatory 26 * information CRDA provides the complete regulatory solution. 27 * For others it provides a community effort on further restrictions 28 * to enhance compliance. 29 * 30 * Note: When number of rules --> infinity we will not be able to 31 * index on alpha2 any more, instead we'll probably have to 32 * rely on some SHA1 checksum of the regdomain for example. 33 * 34 */ 35 #include <linux/kernel.h> 36 #include <linux/list.h> 37 #include <linux/random.h> 38 #include <linux/nl80211.h> 39 #include <linux/platform_device.h> 40 #include <net/cfg80211.h> 41 #include "core.h" 42 #include "reg.h" 43 #include "regdb.h" 44 #include "nl80211.h" 45 46 #ifdef CONFIG_CFG80211_REG_DEBUG 47 #define REG_DBG_PRINT(format, args...) \ 48 do { \ 49 printk(KERN_DEBUG format , ## args); \ 50 } while (0) 51 #else 52 #define REG_DBG_PRINT(args...) 53 #endif 54 55 /* Receipt of information from last regulatory request */ 56 static struct regulatory_request *last_request; 57 58 /* To trigger userspace events */ 59 static struct platform_device *reg_pdev; 60 61 /* 62 * Central wireless core regulatory domains, we only need two, 63 * the current one and a world regulatory domain in case we have no 64 * information to give us an alpha2 65 */ 66 const struct ieee80211_regdomain *cfg80211_regdomain; 67 68 /* 69 * We use this as a place for the rd structure built from the 70 * last parsed country IE to rest until CRDA gets back to us with 71 * what it thinks should apply for the same country 72 */ 73 static const struct ieee80211_regdomain *country_ie_regdomain; 74 75 /* 76 * Protects static reg.c components: 77 * - cfg80211_world_regdom 78 * - cfg80211_regdom 79 * - country_ie_regdomain 80 * - last_request 81 */ 82 DEFINE_MUTEX(reg_mutex); 83 #define assert_reg_lock() WARN_ON(!mutex_is_locked(®_mutex)) 84 85 /* Used to queue up regulatory hints */ 86 static LIST_HEAD(reg_requests_list); 87 static spinlock_t reg_requests_lock; 88 89 /* Used to queue up beacon hints for review */ 90 static LIST_HEAD(reg_pending_beacons); 91 static spinlock_t reg_pending_beacons_lock; 92 93 /* Used to keep track of processed beacon hints */ 94 static LIST_HEAD(reg_beacon_list); 95 96 struct reg_beacon { 97 struct list_head list; 98 struct ieee80211_channel chan; 99 }; 100 101 /* We keep a static world regulatory domain in case of the absence of CRDA */ 102 static const struct ieee80211_regdomain world_regdom = { 103 .n_reg_rules = 5, 104 .alpha2 = "00", 105 .reg_rules = { 106 /* IEEE 802.11b/g, channels 1..11 */ 107 REG_RULE(2412-10, 2462+10, 40, 6, 20, 0), 108 /* IEEE 802.11b/g, channels 12..13. No HT40 109 * channel fits here. */ 110 REG_RULE(2467-10, 2472+10, 20, 6, 20, 111 NL80211_RRF_PASSIVE_SCAN | 112 NL80211_RRF_NO_IBSS), 113 /* IEEE 802.11 channel 14 - Only JP enables 114 * this and for 802.11b only */ 115 REG_RULE(2484-10, 2484+10, 20, 6, 20, 116 NL80211_RRF_PASSIVE_SCAN | 117 NL80211_RRF_NO_IBSS | 118 NL80211_RRF_NO_OFDM), 119 /* IEEE 802.11a, channel 36..48 */ 120 REG_RULE(5180-10, 5240+10, 40, 6, 20, 121 NL80211_RRF_PASSIVE_SCAN | 122 NL80211_RRF_NO_IBSS), 123 124 /* NB: 5260 MHz - 5700 MHz requies DFS */ 125 126 /* IEEE 802.11a, channel 149..165 */ 127 REG_RULE(5745-10, 5825+10, 40, 6, 20, 128 NL80211_RRF_PASSIVE_SCAN | 129 NL80211_RRF_NO_IBSS), 130 } 131 }; 132 133 static const struct ieee80211_regdomain *cfg80211_world_regdom = 134 &world_regdom; 135 136 static char *ieee80211_regdom = "00"; 137 static char user_alpha2[2]; 138 139 module_param(ieee80211_regdom, charp, 0444); 140 MODULE_PARM_DESC(ieee80211_regdom, "IEEE 802.11 regulatory domain code"); 141 142 static void reset_regdomains(void) 143 { 144 /* avoid freeing static information or freeing something twice */ 145 if (cfg80211_regdomain == cfg80211_world_regdom) 146 cfg80211_regdomain = NULL; 147 if (cfg80211_world_regdom == &world_regdom) 148 cfg80211_world_regdom = NULL; 149 if (cfg80211_regdomain == &world_regdom) 150 cfg80211_regdomain = NULL; 151 152 kfree(cfg80211_regdomain); 153 kfree(cfg80211_world_regdom); 154 155 cfg80211_world_regdom = &world_regdom; 156 cfg80211_regdomain = NULL; 157 } 158 159 /* 160 * Dynamic world regulatory domain requested by the wireless 161 * core upon initialization 162 */ 163 static void update_world_regdomain(const struct ieee80211_regdomain *rd) 164 { 165 BUG_ON(!last_request); 166 167 reset_regdomains(); 168 169 cfg80211_world_regdom = rd; 170 cfg80211_regdomain = rd; 171 } 172 173 bool is_world_regdom(const char *alpha2) 174 { 175 if (!alpha2) 176 return false; 177 if (alpha2[0] == '0' && alpha2[1] == '0') 178 return true; 179 return false; 180 } 181 182 static bool is_alpha2_set(const char *alpha2) 183 { 184 if (!alpha2) 185 return false; 186 if (alpha2[0] != 0 && alpha2[1] != 0) 187 return true; 188 return false; 189 } 190 191 static bool is_alpha_upper(char letter) 192 { 193 /* ASCII A - Z */ 194 if (letter >= 65 && letter <= 90) 195 return true; 196 return false; 197 } 198 199 static bool is_unknown_alpha2(const char *alpha2) 200 { 201 if (!alpha2) 202 return false; 203 /* 204 * Special case where regulatory domain was built by driver 205 * but a specific alpha2 cannot be determined 206 */ 207 if (alpha2[0] == '9' && alpha2[1] == '9') 208 return true; 209 return false; 210 } 211 212 static bool is_intersected_alpha2(const char *alpha2) 213 { 214 if (!alpha2) 215 return false; 216 /* 217 * Special case where regulatory domain is the 218 * result of an intersection between two regulatory domain 219 * structures 220 */ 221 if (alpha2[0] == '9' && alpha2[1] == '8') 222 return true; 223 return false; 224 } 225 226 static bool is_an_alpha2(const char *alpha2) 227 { 228 if (!alpha2) 229 return false; 230 if (is_alpha_upper(alpha2[0]) && is_alpha_upper(alpha2[1])) 231 return true; 232 return false; 233 } 234 235 static bool alpha2_equal(const char *alpha2_x, const char *alpha2_y) 236 { 237 if (!alpha2_x || !alpha2_y) 238 return false; 239 if (alpha2_x[0] == alpha2_y[0] && 240 alpha2_x[1] == alpha2_y[1]) 241 return true; 242 return false; 243 } 244 245 static bool regdom_changes(const char *alpha2) 246 { 247 assert_cfg80211_lock(); 248 249 if (!cfg80211_regdomain) 250 return true; 251 if (alpha2_equal(cfg80211_regdomain->alpha2, alpha2)) 252 return false; 253 return true; 254 } 255 256 /* 257 * The NL80211_REGDOM_SET_BY_USER regdom alpha2 is cached, this lets 258 * you know if a valid regulatory hint with NL80211_REGDOM_SET_BY_USER 259 * has ever been issued. 260 */ 261 static bool is_user_regdom_saved(void) 262 { 263 if (user_alpha2[0] == '9' && user_alpha2[1] == '7') 264 return false; 265 266 /* This would indicate a mistake on the design */ 267 if (WARN((!is_world_regdom(user_alpha2) && 268 !is_an_alpha2(user_alpha2)), 269 "Unexpected user alpha2: %c%c\n", 270 user_alpha2[0], 271 user_alpha2[1])) 272 return false; 273 274 return true; 275 } 276 277 /** 278 * country_ie_integrity_changes - tells us if the country IE has changed 279 * @checksum: checksum of country IE of fields we are interested in 280 * 281 * If the country IE has not changed you can ignore it safely. This is 282 * useful to determine if two devices are seeing two different country IEs 283 * even on the same alpha2. Note that this will return false if no IE has 284 * been set on the wireless core yet. 285 */ 286 static bool country_ie_integrity_changes(u32 checksum) 287 { 288 /* If no IE has been set then the checksum doesn't change */ 289 if (unlikely(!last_request->country_ie_checksum)) 290 return false; 291 if (unlikely(last_request->country_ie_checksum != checksum)) 292 return true; 293 return false; 294 } 295 296 static int reg_copy_regd(const struct ieee80211_regdomain **dst_regd, 297 const struct ieee80211_regdomain *src_regd) 298 { 299 struct ieee80211_regdomain *regd; 300 int size_of_regd = 0; 301 unsigned int i; 302 303 size_of_regd = sizeof(struct ieee80211_regdomain) + 304 ((src_regd->n_reg_rules + 1) * sizeof(struct ieee80211_reg_rule)); 305 306 regd = kzalloc(size_of_regd, GFP_KERNEL); 307 if (!regd) 308 return -ENOMEM; 309 310 memcpy(regd, src_regd, sizeof(struct ieee80211_regdomain)); 311 312 for (i = 0; i < src_regd->n_reg_rules; i++) 313 memcpy(®d->reg_rules[i], &src_regd->reg_rules[i], 314 sizeof(struct ieee80211_reg_rule)); 315 316 *dst_regd = regd; 317 return 0; 318 } 319 320 #ifdef CONFIG_CFG80211_INTERNAL_REGDB 321 struct reg_regdb_search_request { 322 char alpha2[2]; 323 struct list_head list; 324 }; 325 326 static LIST_HEAD(reg_regdb_search_list); 327 static DEFINE_SPINLOCK(reg_regdb_search_lock); 328 329 static void reg_regdb_search(struct work_struct *work) 330 { 331 struct reg_regdb_search_request *request; 332 const struct ieee80211_regdomain *curdom, *regdom; 333 int i, r; 334 335 spin_lock(®_regdb_search_lock); 336 while (!list_empty(®_regdb_search_list)) { 337 request = list_first_entry(®_regdb_search_list, 338 struct reg_regdb_search_request, 339 list); 340 list_del(&request->list); 341 342 for (i=0; i<reg_regdb_size; i++) { 343 curdom = reg_regdb[i]; 344 345 if (!memcmp(request->alpha2, curdom->alpha2, 2)) { 346 r = reg_copy_regd(®dom, curdom); 347 if (r) 348 break; 349 spin_unlock(®_regdb_search_lock); 350 mutex_lock(&cfg80211_mutex); 351 set_regdom(regdom); 352 mutex_unlock(&cfg80211_mutex); 353 spin_lock(®_regdb_search_lock); 354 break; 355 } 356 } 357 358 kfree(request); 359 } 360 spin_unlock(®_regdb_search_lock); 361 } 362 363 static DECLARE_WORK(reg_regdb_work, reg_regdb_search); 364 365 static void reg_regdb_query(const char *alpha2) 366 { 367 struct reg_regdb_search_request *request; 368 369 if (!alpha2) 370 return; 371 372 request = kzalloc(sizeof(struct reg_regdb_search_request), GFP_KERNEL); 373 if (!request) 374 return; 375 376 memcpy(request->alpha2, alpha2, 2); 377 378 spin_lock(®_regdb_search_lock); 379 list_add_tail(&request->list, ®_regdb_search_list); 380 spin_unlock(®_regdb_search_lock); 381 382 schedule_work(®_regdb_work); 383 } 384 #else 385 static inline void reg_regdb_query(const char *alpha2) {} 386 #endif /* CONFIG_CFG80211_INTERNAL_REGDB */ 387 388 /* 389 * This lets us keep regulatory code which is updated on a regulatory 390 * basis in userspace. 391 */ 392 static int call_crda(const char *alpha2) 393 { 394 char country_env[9 + 2] = "COUNTRY="; 395 char *envp[] = { 396 country_env, 397 NULL 398 }; 399 400 if (!is_world_regdom((char *) alpha2)) 401 printk(KERN_INFO "cfg80211: Calling CRDA for country: %c%c\n", 402 alpha2[0], alpha2[1]); 403 else 404 printk(KERN_INFO "cfg80211: Calling CRDA to update world " 405 "regulatory domain\n"); 406 407 /* query internal regulatory database (if it exists) */ 408 reg_regdb_query(alpha2); 409 410 country_env[8] = alpha2[0]; 411 country_env[9] = alpha2[1]; 412 413 return kobject_uevent_env(®_pdev->dev.kobj, KOBJ_CHANGE, envp); 414 } 415 416 /* Used by nl80211 before kmalloc'ing our regulatory domain */ 417 bool reg_is_valid_request(const char *alpha2) 418 { 419 assert_cfg80211_lock(); 420 421 if (!last_request) 422 return false; 423 424 return alpha2_equal(last_request->alpha2, alpha2); 425 } 426 427 /* Sanity check on a regulatory rule */ 428 static bool is_valid_reg_rule(const struct ieee80211_reg_rule *rule) 429 { 430 const struct ieee80211_freq_range *freq_range = &rule->freq_range; 431 u32 freq_diff; 432 433 if (freq_range->start_freq_khz <= 0 || freq_range->end_freq_khz <= 0) 434 return false; 435 436 if (freq_range->start_freq_khz > freq_range->end_freq_khz) 437 return false; 438 439 freq_diff = freq_range->end_freq_khz - freq_range->start_freq_khz; 440 441 if (freq_range->end_freq_khz <= freq_range->start_freq_khz || 442 freq_range->max_bandwidth_khz > freq_diff) 443 return false; 444 445 return true; 446 } 447 448 static bool is_valid_rd(const struct ieee80211_regdomain *rd) 449 { 450 const struct ieee80211_reg_rule *reg_rule = NULL; 451 unsigned int i; 452 453 if (!rd->n_reg_rules) 454 return false; 455 456 if (WARN_ON(rd->n_reg_rules > NL80211_MAX_SUPP_REG_RULES)) 457 return false; 458 459 for (i = 0; i < rd->n_reg_rules; i++) { 460 reg_rule = &rd->reg_rules[i]; 461 if (!is_valid_reg_rule(reg_rule)) 462 return false; 463 } 464 465 return true; 466 } 467 468 static bool reg_does_bw_fit(const struct ieee80211_freq_range *freq_range, 469 u32 center_freq_khz, 470 u32 bw_khz) 471 { 472 u32 start_freq_khz, end_freq_khz; 473 474 start_freq_khz = center_freq_khz - (bw_khz/2); 475 end_freq_khz = center_freq_khz + (bw_khz/2); 476 477 if (start_freq_khz >= freq_range->start_freq_khz && 478 end_freq_khz <= freq_range->end_freq_khz) 479 return true; 480 481 return false; 482 } 483 484 /** 485 * freq_in_rule_band - tells us if a frequency is in a frequency band 486 * @freq_range: frequency rule we want to query 487 * @freq_khz: frequency we are inquiring about 488 * 489 * This lets us know if a specific frequency rule is or is not relevant to 490 * a specific frequency's band. Bands are device specific and artificial 491 * definitions (the "2.4 GHz band" and the "5 GHz band"), however it is 492 * safe for now to assume that a frequency rule should not be part of a 493 * frequency's band if the start freq or end freq are off by more than 2 GHz. 494 * This resolution can be lowered and should be considered as we add 495 * regulatory rule support for other "bands". 496 **/ 497 static bool freq_in_rule_band(const struct ieee80211_freq_range *freq_range, 498 u32 freq_khz) 499 { 500 #define ONE_GHZ_IN_KHZ 1000000 501 if (abs(freq_khz - freq_range->start_freq_khz) <= (2 * ONE_GHZ_IN_KHZ)) 502 return true; 503 if (abs(freq_khz - freq_range->end_freq_khz) <= (2 * ONE_GHZ_IN_KHZ)) 504 return true; 505 return false; 506 #undef ONE_GHZ_IN_KHZ 507 } 508 509 /* 510 * This is a work around for sanity checking ieee80211_channel_to_frequency()'s 511 * work. ieee80211_channel_to_frequency() can for example currently provide a 512 * 2 GHz channel when in fact a 5 GHz channel was desired. An example would be 513 * an AP providing channel 8 on a country IE triplet when it sent this on the 514 * 5 GHz band, that channel is designed to be channel 8 on 5 GHz, not a 2 GHz 515 * channel. 516 * 517 * This can be removed once ieee80211_channel_to_frequency() takes in a band. 518 */ 519 static bool chan_in_band(int chan, enum ieee80211_band band) 520 { 521 int center_freq = ieee80211_channel_to_frequency(chan); 522 523 switch (band) { 524 case IEEE80211_BAND_2GHZ: 525 if (center_freq <= 2484) 526 return true; 527 return false; 528 case IEEE80211_BAND_5GHZ: 529 if (center_freq >= 5005) 530 return true; 531 return false; 532 default: 533 return false; 534 } 535 } 536 537 /* 538 * Some APs may send a country IE triplet for each channel they 539 * support and while this is completely overkill and silly we still 540 * need to support it. We avoid making a single rule for each channel 541 * though and to help us with this we use this helper to find the 542 * actual subband end channel. These type of country IE triplet 543 * scenerios are handled then, all yielding two regulaotry rules from 544 * parsing a country IE: 545 * 546 * [1] 547 * [2] 548 * [36] 549 * [40] 550 * 551 * [1] 552 * [2-4] 553 * [5-12] 554 * [36] 555 * [40-44] 556 * 557 * [1-4] 558 * [5-7] 559 * [36-44] 560 * [48-64] 561 * 562 * [36-36] 563 * [40-40] 564 * [44-44] 565 * [48-48] 566 * [52-52] 567 * [56-56] 568 * [60-60] 569 * [64-64] 570 * [100-100] 571 * [104-104] 572 * [108-108] 573 * [112-112] 574 * [116-116] 575 * [120-120] 576 * [124-124] 577 * [128-128] 578 * [132-132] 579 * [136-136] 580 * [140-140] 581 * 582 * Returns 0 if the IE has been found to be invalid in the middle 583 * somewhere. 584 */ 585 static int max_subband_chan(enum ieee80211_band band, 586 int orig_cur_chan, 587 int orig_end_channel, 588 s8 orig_max_power, 589 u8 **country_ie, 590 u8 *country_ie_len) 591 { 592 u8 *triplets_start = *country_ie; 593 u8 len_at_triplet = *country_ie_len; 594 int end_subband_chan = orig_end_channel; 595 596 /* 597 * We'll deal with padding for the caller unless 598 * its not immediate and we don't process any channels 599 */ 600 if (*country_ie_len == 1) { 601 *country_ie += 1; 602 *country_ie_len -= 1; 603 return orig_end_channel; 604 } 605 606 /* Move to the next triplet and then start search */ 607 *country_ie += 3; 608 *country_ie_len -= 3; 609 610 if (!chan_in_band(orig_cur_chan, band)) 611 return 0; 612 613 while (*country_ie_len >= 3) { 614 int end_channel = 0; 615 struct ieee80211_country_ie_triplet *triplet = 616 (struct ieee80211_country_ie_triplet *) *country_ie; 617 int cur_channel = 0, next_expected_chan; 618 619 /* means last triplet is completely unrelated to this one */ 620 if (triplet->ext.reg_extension_id >= 621 IEEE80211_COUNTRY_EXTENSION_ID) { 622 *country_ie -= 3; 623 *country_ie_len += 3; 624 break; 625 } 626 627 if (triplet->chans.first_channel == 0) { 628 *country_ie += 1; 629 *country_ie_len -= 1; 630 if (*country_ie_len != 0) 631 return 0; 632 break; 633 } 634 635 if (triplet->chans.num_channels == 0) 636 return 0; 637 638 /* Monitonically increasing channel order */ 639 if (triplet->chans.first_channel <= end_subband_chan) 640 return 0; 641 642 if (!chan_in_band(triplet->chans.first_channel, band)) 643 return 0; 644 645 /* 2 GHz */ 646 if (triplet->chans.first_channel <= 14) { 647 end_channel = triplet->chans.first_channel + 648 triplet->chans.num_channels - 1; 649 } 650 else { 651 end_channel = triplet->chans.first_channel + 652 (4 * (triplet->chans.num_channels - 1)); 653 } 654 655 if (!chan_in_band(end_channel, band)) 656 return 0; 657 658 if (orig_max_power != triplet->chans.max_power) { 659 *country_ie -= 3; 660 *country_ie_len += 3; 661 break; 662 } 663 664 cur_channel = triplet->chans.first_channel; 665 666 /* The key is finding the right next expected channel */ 667 if (band == IEEE80211_BAND_2GHZ) 668 next_expected_chan = end_subband_chan + 1; 669 else 670 next_expected_chan = end_subband_chan + 4; 671 672 if (cur_channel != next_expected_chan) { 673 *country_ie -= 3; 674 *country_ie_len += 3; 675 break; 676 } 677 678 end_subband_chan = end_channel; 679 680 /* Move to the next one */ 681 *country_ie += 3; 682 *country_ie_len -= 3; 683 684 /* 685 * Padding needs to be dealt with if we processed 686 * some channels. 687 */ 688 if (*country_ie_len == 1) { 689 *country_ie += 1; 690 *country_ie_len -= 1; 691 break; 692 } 693 694 /* If seen, the IE is invalid */ 695 if (*country_ie_len == 2) 696 return 0; 697 } 698 699 if (end_subband_chan == orig_end_channel) { 700 *country_ie = triplets_start; 701 *country_ie_len = len_at_triplet; 702 return orig_end_channel; 703 } 704 705 return end_subband_chan; 706 } 707 708 /* 709 * Converts a country IE to a regulatory domain. A regulatory domain 710 * structure has a lot of information which the IE doesn't yet have, 711 * so for the other values we use upper max values as we will intersect 712 * with our userspace regulatory agent to get lower bounds. 713 */ 714 static struct ieee80211_regdomain *country_ie_2_rd( 715 enum ieee80211_band band, 716 u8 *country_ie, 717 u8 country_ie_len, 718 u32 *checksum) 719 { 720 struct ieee80211_regdomain *rd = NULL; 721 unsigned int i = 0; 722 char alpha2[2]; 723 u32 flags = 0; 724 u32 num_rules = 0, size_of_regd = 0; 725 u8 *triplets_start = NULL; 726 u8 len_at_triplet = 0; 727 /* the last channel we have registered in a subband (triplet) */ 728 int last_sub_max_channel = 0; 729 730 *checksum = 0xDEADBEEF; 731 732 /* Country IE requirements */ 733 BUG_ON(country_ie_len < IEEE80211_COUNTRY_IE_MIN_LEN || 734 country_ie_len & 0x01); 735 736 alpha2[0] = country_ie[0]; 737 alpha2[1] = country_ie[1]; 738 739 /* 740 * Third octet can be: 741 * 'I' - Indoor 742 * 'O' - Outdoor 743 * 744 * anything else we assume is no restrictions 745 */ 746 if (country_ie[2] == 'I') 747 flags = NL80211_RRF_NO_OUTDOOR; 748 else if (country_ie[2] == 'O') 749 flags = NL80211_RRF_NO_INDOOR; 750 751 country_ie += 3; 752 country_ie_len -= 3; 753 754 triplets_start = country_ie; 755 len_at_triplet = country_ie_len; 756 757 *checksum ^= ((flags ^ alpha2[0] ^ alpha2[1]) << 8); 758 759 /* 760 * We need to build a reg rule for each triplet, but first we must 761 * calculate the number of reg rules we will need. We will need one 762 * for each channel subband 763 */ 764 while (country_ie_len >= 3) { 765 int end_channel = 0; 766 struct ieee80211_country_ie_triplet *triplet = 767 (struct ieee80211_country_ie_triplet *) country_ie; 768 int cur_sub_max_channel = 0, cur_channel = 0; 769 770 if (triplet->ext.reg_extension_id >= 771 IEEE80211_COUNTRY_EXTENSION_ID) { 772 country_ie += 3; 773 country_ie_len -= 3; 774 continue; 775 } 776 777 /* 778 * APs can add padding to make length divisible 779 * by two, required by the spec. 780 */ 781 if (triplet->chans.first_channel == 0) { 782 country_ie++; 783 country_ie_len--; 784 /* This is expected to be at the very end only */ 785 if (country_ie_len != 0) 786 return NULL; 787 break; 788 } 789 790 if (triplet->chans.num_channels == 0) 791 return NULL; 792 793 if (!chan_in_band(triplet->chans.first_channel, band)) 794 return NULL; 795 796 /* 2 GHz */ 797 if (band == IEEE80211_BAND_2GHZ) 798 end_channel = triplet->chans.first_channel + 799 triplet->chans.num_channels - 1; 800 else 801 /* 802 * 5 GHz -- For example in country IEs if the first 803 * channel given is 36 and the number of channels is 4 804 * then the individual channel numbers defined for the 805 * 5 GHz PHY by these parameters are: 36, 40, 44, and 48 806 * and not 36, 37, 38, 39. 807 * 808 * See: http://tinyurl.com/11d-clarification 809 */ 810 end_channel = triplet->chans.first_channel + 811 (4 * (triplet->chans.num_channels - 1)); 812 813 cur_channel = triplet->chans.first_channel; 814 815 /* 816 * Enhancement for APs that send a triplet for every channel 817 * or for whatever reason sends triplets with multiple channels 818 * separated when in fact they should be together. 819 */ 820 end_channel = max_subband_chan(band, 821 cur_channel, 822 end_channel, 823 triplet->chans.max_power, 824 &country_ie, 825 &country_ie_len); 826 if (!end_channel) 827 return NULL; 828 829 if (!chan_in_band(end_channel, band)) 830 return NULL; 831 832 cur_sub_max_channel = end_channel; 833 834 /* Basic sanity check */ 835 if (cur_sub_max_channel < cur_channel) 836 return NULL; 837 838 /* 839 * Do not allow overlapping channels. Also channels 840 * passed in each subband must be monotonically 841 * increasing 842 */ 843 if (last_sub_max_channel) { 844 if (cur_channel <= last_sub_max_channel) 845 return NULL; 846 if (cur_sub_max_channel <= last_sub_max_channel) 847 return NULL; 848 } 849 850 /* 851 * When dot11RegulatoryClassesRequired is supported 852 * we can throw ext triplets as part of this soup, 853 * for now we don't care when those change as we 854 * don't support them 855 */ 856 *checksum ^= ((cur_channel ^ cur_sub_max_channel) << 8) | 857 ((cur_sub_max_channel ^ cur_sub_max_channel) << 16) | 858 ((triplet->chans.max_power ^ cur_sub_max_channel) << 24); 859 860 last_sub_max_channel = cur_sub_max_channel; 861 862 num_rules++; 863 864 if (country_ie_len >= 3) { 865 country_ie += 3; 866 country_ie_len -= 3; 867 } 868 869 /* 870 * Note: this is not a IEEE requirement but 871 * simply a memory requirement 872 */ 873 if (num_rules > NL80211_MAX_SUPP_REG_RULES) 874 return NULL; 875 } 876 877 country_ie = triplets_start; 878 country_ie_len = len_at_triplet; 879 880 size_of_regd = sizeof(struct ieee80211_regdomain) + 881 (num_rules * sizeof(struct ieee80211_reg_rule)); 882 883 rd = kzalloc(size_of_regd, GFP_KERNEL); 884 if (!rd) 885 return NULL; 886 887 rd->n_reg_rules = num_rules; 888 rd->alpha2[0] = alpha2[0]; 889 rd->alpha2[1] = alpha2[1]; 890 891 /* This time around we fill in the rd */ 892 while (country_ie_len >= 3) { 893 int end_channel = 0; 894 struct ieee80211_country_ie_triplet *triplet = 895 (struct ieee80211_country_ie_triplet *) country_ie; 896 struct ieee80211_reg_rule *reg_rule = NULL; 897 struct ieee80211_freq_range *freq_range = NULL; 898 struct ieee80211_power_rule *power_rule = NULL; 899 900 /* 901 * Must parse if dot11RegulatoryClassesRequired is true, 902 * we don't support this yet 903 */ 904 if (triplet->ext.reg_extension_id >= 905 IEEE80211_COUNTRY_EXTENSION_ID) { 906 country_ie += 3; 907 country_ie_len -= 3; 908 continue; 909 } 910 911 if (triplet->chans.first_channel == 0) { 912 country_ie++; 913 country_ie_len--; 914 break; 915 } 916 917 reg_rule = &rd->reg_rules[i]; 918 freq_range = ®_rule->freq_range; 919 power_rule = ®_rule->power_rule; 920 921 reg_rule->flags = flags; 922 923 /* 2 GHz */ 924 if (band == IEEE80211_BAND_2GHZ) 925 end_channel = triplet->chans.first_channel + 926 triplet->chans.num_channels -1; 927 else 928 end_channel = triplet->chans.first_channel + 929 (4 * (triplet->chans.num_channels - 1)); 930 931 end_channel = max_subband_chan(band, 932 triplet->chans.first_channel, 933 end_channel, 934 triplet->chans.max_power, 935 &country_ie, 936 &country_ie_len); 937 938 /* 939 * The +10 is since the regulatory domain expects 940 * the actual band edge, not the center of freq for 941 * its start and end freqs, assuming 20 MHz bandwidth on 942 * the channels passed 943 */ 944 freq_range->start_freq_khz = 945 MHZ_TO_KHZ(ieee80211_channel_to_frequency( 946 triplet->chans.first_channel) - 10); 947 freq_range->end_freq_khz = 948 MHZ_TO_KHZ(ieee80211_channel_to_frequency( 949 end_channel) + 10); 950 951 /* 952 * These are large arbitrary values we use to intersect later. 953 * Increment this if we ever support >= 40 MHz channels 954 * in IEEE 802.11 955 */ 956 freq_range->max_bandwidth_khz = MHZ_TO_KHZ(40); 957 power_rule->max_antenna_gain = DBI_TO_MBI(100); 958 power_rule->max_eirp = DBM_TO_MBM(triplet->chans.max_power); 959 960 i++; 961 962 if (country_ie_len >= 3) { 963 country_ie += 3; 964 country_ie_len -= 3; 965 } 966 967 BUG_ON(i > NL80211_MAX_SUPP_REG_RULES); 968 } 969 970 return rd; 971 } 972 973 974 /* 975 * Helper for regdom_intersect(), this does the real 976 * mathematical intersection fun 977 */ 978 static int reg_rules_intersect( 979 const struct ieee80211_reg_rule *rule1, 980 const struct ieee80211_reg_rule *rule2, 981 struct ieee80211_reg_rule *intersected_rule) 982 { 983 const struct ieee80211_freq_range *freq_range1, *freq_range2; 984 struct ieee80211_freq_range *freq_range; 985 const struct ieee80211_power_rule *power_rule1, *power_rule2; 986 struct ieee80211_power_rule *power_rule; 987 u32 freq_diff; 988 989 freq_range1 = &rule1->freq_range; 990 freq_range2 = &rule2->freq_range; 991 freq_range = &intersected_rule->freq_range; 992 993 power_rule1 = &rule1->power_rule; 994 power_rule2 = &rule2->power_rule; 995 power_rule = &intersected_rule->power_rule; 996 997 freq_range->start_freq_khz = max(freq_range1->start_freq_khz, 998 freq_range2->start_freq_khz); 999 freq_range->end_freq_khz = min(freq_range1->end_freq_khz, 1000 freq_range2->end_freq_khz); 1001 freq_range->max_bandwidth_khz = min(freq_range1->max_bandwidth_khz, 1002 freq_range2->max_bandwidth_khz); 1003 1004 freq_diff = freq_range->end_freq_khz - freq_range->start_freq_khz; 1005 if (freq_range->max_bandwidth_khz > freq_diff) 1006 freq_range->max_bandwidth_khz = freq_diff; 1007 1008 power_rule->max_eirp = min(power_rule1->max_eirp, 1009 power_rule2->max_eirp); 1010 power_rule->max_antenna_gain = min(power_rule1->max_antenna_gain, 1011 power_rule2->max_antenna_gain); 1012 1013 intersected_rule->flags = (rule1->flags | rule2->flags); 1014 1015 if (!is_valid_reg_rule(intersected_rule)) 1016 return -EINVAL; 1017 1018 return 0; 1019 } 1020 1021 /** 1022 * regdom_intersect - do the intersection between two regulatory domains 1023 * @rd1: first regulatory domain 1024 * @rd2: second regulatory domain 1025 * 1026 * Use this function to get the intersection between two regulatory domains. 1027 * Once completed we will mark the alpha2 for the rd as intersected, "98", 1028 * as no one single alpha2 can represent this regulatory domain. 1029 * 1030 * Returns a pointer to the regulatory domain structure which will hold the 1031 * resulting intersection of rules between rd1 and rd2. We will 1032 * kzalloc() this structure for you. 1033 */ 1034 static struct ieee80211_regdomain *regdom_intersect( 1035 const struct ieee80211_regdomain *rd1, 1036 const struct ieee80211_regdomain *rd2) 1037 { 1038 int r, size_of_regd; 1039 unsigned int x, y; 1040 unsigned int num_rules = 0, rule_idx = 0; 1041 const struct ieee80211_reg_rule *rule1, *rule2; 1042 struct ieee80211_reg_rule *intersected_rule; 1043 struct ieee80211_regdomain *rd; 1044 /* This is just a dummy holder to help us count */ 1045 struct ieee80211_reg_rule irule; 1046 1047 /* Uses the stack temporarily for counter arithmetic */ 1048 intersected_rule = &irule; 1049 1050 memset(intersected_rule, 0, sizeof(struct ieee80211_reg_rule)); 1051 1052 if (!rd1 || !rd2) 1053 return NULL; 1054 1055 /* 1056 * First we get a count of the rules we'll need, then we actually 1057 * build them. This is to so we can malloc() and free() a 1058 * regdomain once. The reason we use reg_rules_intersect() here 1059 * is it will return -EINVAL if the rule computed makes no sense. 1060 * All rules that do check out OK are valid. 1061 */ 1062 1063 for (x = 0; x < rd1->n_reg_rules; x++) { 1064 rule1 = &rd1->reg_rules[x]; 1065 for (y = 0; y < rd2->n_reg_rules; y++) { 1066 rule2 = &rd2->reg_rules[y]; 1067 if (!reg_rules_intersect(rule1, rule2, 1068 intersected_rule)) 1069 num_rules++; 1070 memset(intersected_rule, 0, 1071 sizeof(struct ieee80211_reg_rule)); 1072 } 1073 } 1074 1075 if (!num_rules) 1076 return NULL; 1077 1078 size_of_regd = sizeof(struct ieee80211_regdomain) + 1079 ((num_rules + 1) * sizeof(struct ieee80211_reg_rule)); 1080 1081 rd = kzalloc(size_of_regd, GFP_KERNEL); 1082 if (!rd) 1083 return NULL; 1084 1085 for (x = 0; x < rd1->n_reg_rules; x++) { 1086 rule1 = &rd1->reg_rules[x]; 1087 for (y = 0; y < rd2->n_reg_rules; y++) { 1088 rule2 = &rd2->reg_rules[y]; 1089 /* 1090 * This time around instead of using the stack lets 1091 * write to the target rule directly saving ourselves 1092 * a memcpy() 1093 */ 1094 intersected_rule = &rd->reg_rules[rule_idx]; 1095 r = reg_rules_intersect(rule1, rule2, 1096 intersected_rule); 1097 /* 1098 * No need to memset here the intersected rule here as 1099 * we're not using the stack anymore 1100 */ 1101 if (r) 1102 continue; 1103 rule_idx++; 1104 } 1105 } 1106 1107 if (rule_idx != num_rules) { 1108 kfree(rd); 1109 return NULL; 1110 } 1111 1112 rd->n_reg_rules = num_rules; 1113 rd->alpha2[0] = '9'; 1114 rd->alpha2[1] = '8'; 1115 1116 return rd; 1117 } 1118 1119 /* 1120 * XXX: add support for the rest of enum nl80211_reg_rule_flags, we may 1121 * want to just have the channel structure use these 1122 */ 1123 static u32 map_regdom_flags(u32 rd_flags) 1124 { 1125 u32 channel_flags = 0; 1126 if (rd_flags & NL80211_RRF_PASSIVE_SCAN) 1127 channel_flags |= IEEE80211_CHAN_PASSIVE_SCAN; 1128 if (rd_flags & NL80211_RRF_NO_IBSS) 1129 channel_flags |= IEEE80211_CHAN_NO_IBSS; 1130 if (rd_flags & NL80211_RRF_DFS) 1131 channel_flags |= IEEE80211_CHAN_RADAR; 1132 return channel_flags; 1133 } 1134 1135 static int freq_reg_info_regd(struct wiphy *wiphy, 1136 u32 center_freq, 1137 u32 desired_bw_khz, 1138 const struct ieee80211_reg_rule **reg_rule, 1139 const struct ieee80211_regdomain *custom_regd) 1140 { 1141 int i; 1142 bool band_rule_found = false; 1143 const struct ieee80211_regdomain *regd; 1144 bool bw_fits = false; 1145 1146 if (!desired_bw_khz) 1147 desired_bw_khz = MHZ_TO_KHZ(20); 1148 1149 regd = custom_regd ? custom_regd : cfg80211_regdomain; 1150 1151 /* 1152 * Follow the driver's regulatory domain, if present, unless a country 1153 * IE has been processed or a user wants to help complaince further 1154 */ 1155 if (last_request->initiator != NL80211_REGDOM_SET_BY_COUNTRY_IE && 1156 last_request->initiator != NL80211_REGDOM_SET_BY_USER && 1157 wiphy->regd) 1158 regd = wiphy->regd; 1159 1160 if (!regd) 1161 return -EINVAL; 1162 1163 for (i = 0; i < regd->n_reg_rules; i++) { 1164 const struct ieee80211_reg_rule *rr; 1165 const struct ieee80211_freq_range *fr = NULL; 1166 const struct ieee80211_power_rule *pr = NULL; 1167 1168 rr = ®d->reg_rules[i]; 1169 fr = &rr->freq_range; 1170 pr = &rr->power_rule; 1171 1172 /* 1173 * We only need to know if one frequency rule was 1174 * was in center_freq's band, that's enough, so lets 1175 * not overwrite it once found 1176 */ 1177 if (!band_rule_found) 1178 band_rule_found = freq_in_rule_band(fr, center_freq); 1179 1180 bw_fits = reg_does_bw_fit(fr, 1181 center_freq, 1182 desired_bw_khz); 1183 1184 if (band_rule_found && bw_fits) { 1185 *reg_rule = rr; 1186 return 0; 1187 } 1188 } 1189 1190 if (!band_rule_found) 1191 return -ERANGE; 1192 1193 return -EINVAL; 1194 } 1195 EXPORT_SYMBOL(freq_reg_info); 1196 1197 int freq_reg_info(struct wiphy *wiphy, 1198 u32 center_freq, 1199 u32 desired_bw_khz, 1200 const struct ieee80211_reg_rule **reg_rule) 1201 { 1202 assert_cfg80211_lock(); 1203 return freq_reg_info_regd(wiphy, 1204 center_freq, 1205 desired_bw_khz, 1206 reg_rule, 1207 NULL); 1208 } 1209 1210 /* 1211 * Note that right now we assume the desired channel bandwidth 1212 * is always 20 MHz for each individual channel (HT40 uses 20 MHz 1213 * per channel, the primary and the extension channel). To support 1214 * smaller custom bandwidths such as 5 MHz or 10 MHz we'll need a 1215 * new ieee80211_channel.target_bw and re run the regulatory check 1216 * on the wiphy with the target_bw specified. Then we can simply use 1217 * that below for the desired_bw_khz below. 1218 */ 1219 static void handle_channel(struct wiphy *wiphy, enum ieee80211_band band, 1220 unsigned int chan_idx) 1221 { 1222 int r; 1223 u32 flags, bw_flags = 0; 1224 u32 desired_bw_khz = MHZ_TO_KHZ(20); 1225 const struct ieee80211_reg_rule *reg_rule = NULL; 1226 const struct ieee80211_power_rule *power_rule = NULL; 1227 const struct ieee80211_freq_range *freq_range = NULL; 1228 struct ieee80211_supported_band *sband; 1229 struct ieee80211_channel *chan; 1230 struct wiphy *request_wiphy = NULL; 1231 1232 assert_cfg80211_lock(); 1233 1234 request_wiphy = wiphy_idx_to_wiphy(last_request->wiphy_idx); 1235 1236 sband = wiphy->bands[band]; 1237 BUG_ON(chan_idx >= sband->n_channels); 1238 chan = &sband->channels[chan_idx]; 1239 1240 flags = chan->orig_flags; 1241 1242 r = freq_reg_info(wiphy, 1243 MHZ_TO_KHZ(chan->center_freq), 1244 desired_bw_khz, 1245 ®_rule); 1246 1247 if (r) { 1248 /* 1249 * This means no regulatory rule was found in the country IE 1250 * with a frequency range on the center_freq's band, since 1251 * IEEE-802.11 allows for a country IE to have a subset of the 1252 * regulatory information provided in a country we ignore 1253 * disabling the channel unless at least one reg rule was 1254 * found on the center_freq's band. For details see this 1255 * clarification: 1256 * 1257 * http://tinyurl.com/11d-clarification 1258 */ 1259 if (r == -ERANGE && 1260 last_request->initiator == 1261 NL80211_REGDOM_SET_BY_COUNTRY_IE) { 1262 REG_DBG_PRINT("cfg80211: Leaving channel %d MHz " 1263 "intact on %s - no rule found in band on " 1264 "Country IE\n", 1265 chan->center_freq, wiphy_name(wiphy)); 1266 } else { 1267 /* 1268 * In this case we know the country IE has at least one reg rule 1269 * for the band so we respect its band definitions 1270 */ 1271 if (last_request->initiator == 1272 NL80211_REGDOM_SET_BY_COUNTRY_IE) 1273 REG_DBG_PRINT("cfg80211: Disabling " 1274 "channel %d MHz on %s due to " 1275 "Country IE\n", 1276 chan->center_freq, wiphy_name(wiphy)); 1277 flags |= IEEE80211_CHAN_DISABLED; 1278 chan->flags = flags; 1279 } 1280 return; 1281 } 1282 1283 power_rule = ®_rule->power_rule; 1284 freq_range = ®_rule->freq_range; 1285 1286 if (freq_range->max_bandwidth_khz < MHZ_TO_KHZ(40)) 1287 bw_flags = IEEE80211_CHAN_NO_HT40; 1288 1289 if (last_request->initiator == NL80211_REGDOM_SET_BY_DRIVER && 1290 request_wiphy && request_wiphy == wiphy && 1291 request_wiphy->flags & WIPHY_FLAG_STRICT_REGULATORY) { 1292 /* 1293 * This gaurantees the driver's requested regulatory domain 1294 * will always be used as a base for further regulatory 1295 * settings 1296 */ 1297 chan->flags = chan->orig_flags = 1298 map_regdom_flags(reg_rule->flags) | bw_flags; 1299 chan->max_antenna_gain = chan->orig_mag = 1300 (int) MBI_TO_DBI(power_rule->max_antenna_gain); 1301 chan->max_power = chan->orig_mpwr = 1302 (int) MBM_TO_DBM(power_rule->max_eirp); 1303 return; 1304 } 1305 1306 chan->flags = flags | bw_flags | map_regdom_flags(reg_rule->flags); 1307 chan->max_antenna_gain = min(chan->orig_mag, 1308 (int) MBI_TO_DBI(power_rule->max_antenna_gain)); 1309 if (chan->orig_mpwr) 1310 chan->max_power = min(chan->orig_mpwr, 1311 (int) MBM_TO_DBM(power_rule->max_eirp)); 1312 else 1313 chan->max_power = (int) MBM_TO_DBM(power_rule->max_eirp); 1314 } 1315 1316 static void handle_band(struct wiphy *wiphy, enum ieee80211_band band) 1317 { 1318 unsigned int i; 1319 struct ieee80211_supported_band *sband; 1320 1321 BUG_ON(!wiphy->bands[band]); 1322 sband = wiphy->bands[band]; 1323 1324 for (i = 0; i < sband->n_channels; i++) 1325 handle_channel(wiphy, band, i); 1326 } 1327 1328 static bool ignore_reg_update(struct wiphy *wiphy, 1329 enum nl80211_reg_initiator initiator) 1330 { 1331 if (!last_request) 1332 return true; 1333 if (initiator == NL80211_REGDOM_SET_BY_CORE && 1334 wiphy->flags & WIPHY_FLAG_CUSTOM_REGULATORY) 1335 return true; 1336 /* 1337 * wiphy->regd will be set once the device has its own 1338 * desired regulatory domain set 1339 */ 1340 if (wiphy->flags & WIPHY_FLAG_STRICT_REGULATORY && !wiphy->regd && 1341 !is_world_regdom(last_request->alpha2)) 1342 return true; 1343 return false; 1344 } 1345 1346 static void update_all_wiphy_regulatory(enum nl80211_reg_initiator initiator) 1347 { 1348 struct cfg80211_registered_device *rdev; 1349 1350 list_for_each_entry(rdev, &cfg80211_rdev_list, list) 1351 wiphy_update_regulatory(&rdev->wiphy, initiator); 1352 } 1353 1354 static void handle_reg_beacon(struct wiphy *wiphy, 1355 unsigned int chan_idx, 1356 struct reg_beacon *reg_beacon) 1357 { 1358 struct ieee80211_supported_band *sband; 1359 struct ieee80211_channel *chan; 1360 bool channel_changed = false; 1361 struct ieee80211_channel chan_before; 1362 1363 assert_cfg80211_lock(); 1364 1365 sband = wiphy->bands[reg_beacon->chan.band]; 1366 chan = &sband->channels[chan_idx]; 1367 1368 if (likely(chan->center_freq != reg_beacon->chan.center_freq)) 1369 return; 1370 1371 if (chan->beacon_found) 1372 return; 1373 1374 chan->beacon_found = true; 1375 1376 if (wiphy->flags & WIPHY_FLAG_DISABLE_BEACON_HINTS) 1377 return; 1378 1379 chan_before.center_freq = chan->center_freq; 1380 chan_before.flags = chan->flags; 1381 1382 if (chan->flags & IEEE80211_CHAN_PASSIVE_SCAN) { 1383 chan->flags &= ~IEEE80211_CHAN_PASSIVE_SCAN; 1384 channel_changed = true; 1385 } 1386 1387 if (chan->flags & IEEE80211_CHAN_NO_IBSS) { 1388 chan->flags &= ~IEEE80211_CHAN_NO_IBSS; 1389 channel_changed = true; 1390 } 1391 1392 if (channel_changed) 1393 nl80211_send_beacon_hint_event(wiphy, &chan_before, chan); 1394 } 1395 1396 /* 1397 * Called when a scan on a wiphy finds a beacon on 1398 * new channel 1399 */ 1400 static void wiphy_update_new_beacon(struct wiphy *wiphy, 1401 struct reg_beacon *reg_beacon) 1402 { 1403 unsigned int i; 1404 struct ieee80211_supported_band *sband; 1405 1406 assert_cfg80211_lock(); 1407 1408 if (!wiphy->bands[reg_beacon->chan.band]) 1409 return; 1410 1411 sband = wiphy->bands[reg_beacon->chan.band]; 1412 1413 for (i = 0; i < sband->n_channels; i++) 1414 handle_reg_beacon(wiphy, i, reg_beacon); 1415 } 1416 1417 /* 1418 * Called upon reg changes or a new wiphy is added 1419 */ 1420 static void wiphy_update_beacon_reg(struct wiphy *wiphy) 1421 { 1422 unsigned int i; 1423 struct ieee80211_supported_band *sband; 1424 struct reg_beacon *reg_beacon; 1425 1426 assert_cfg80211_lock(); 1427 1428 if (list_empty(®_beacon_list)) 1429 return; 1430 1431 list_for_each_entry(reg_beacon, ®_beacon_list, list) { 1432 if (!wiphy->bands[reg_beacon->chan.band]) 1433 continue; 1434 sband = wiphy->bands[reg_beacon->chan.band]; 1435 for (i = 0; i < sband->n_channels; i++) 1436 handle_reg_beacon(wiphy, i, reg_beacon); 1437 } 1438 } 1439 1440 static bool reg_is_world_roaming(struct wiphy *wiphy) 1441 { 1442 if (is_world_regdom(cfg80211_regdomain->alpha2) || 1443 (wiphy->regd && is_world_regdom(wiphy->regd->alpha2))) 1444 return true; 1445 if (last_request && 1446 last_request->initiator != NL80211_REGDOM_SET_BY_COUNTRY_IE && 1447 wiphy->flags & WIPHY_FLAG_CUSTOM_REGULATORY) 1448 return true; 1449 return false; 1450 } 1451 1452 /* Reap the advantages of previously found beacons */ 1453 static void reg_process_beacons(struct wiphy *wiphy) 1454 { 1455 /* 1456 * Means we are just firing up cfg80211, so no beacons would 1457 * have been processed yet. 1458 */ 1459 if (!last_request) 1460 return; 1461 if (!reg_is_world_roaming(wiphy)) 1462 return; 1463 wiphy_update_beacon_reg(wiphy); 1464 } 1465 1466 static bool is_ht40_not_allowed(struct ieee80211_channel *chan) 1467 { 1468 if (!chan) 1469 return true; 1470 if (chan->flags & IEEE80211_CHAN_DISABLED) 1471 return true; 1472 /* This would happen when regulatory rules disallow HT40 completely */ 1473 if (IEEE80211_CHAN_NO_HT40 == (chan->flags & (IEEE80211_CHAN_NO_HT40))) 1474 return true; 1475 return false; 1476 } 1477 1478 static void reg_process_ht_flags_channel(struct wiphy *wiphy, 1479 enum ieee80211_band band, 1480 unsigned int chan_idx) 1481 { 1482 struct ieee80211_supported_band *sband; 1483 struct ieee80211_channel *channel; 1484 struct ieee80211_channel *channel_before = NULL, *channel_after = NULL; 1485 unsigned int i; 1486 1487 assert_cfg80211_lock(); 1488 1489 sband = wiphy->bands[band]; 1490 BUG_ON(chan_idx >= sband->n_channels); 1491 channel = &sband->channels[chan_idx]; 1492 1493 if (is_ht40_not_allowed(channel)) { 1494 channel->flags |= IEEE80211_CHAN_NO_HT40; 1495 return; 1496 } 1497 1498 /* 1499 * We need to ensure the extension channels exist to 1500 * be able to use HT40- or HT40+, this finds them (or not) 1501 */ 1502 for (i = 0; i < sband->n_channels; i++) { 1503 struct ieee80211_channel *c = &sband->channels[i]; 1504 if (c->center_freq == (channel->center_freq - 20)) 1505 channel_before = c; 1506 if (c->center_freq == (channel->center_freq + 20)) 1507 channel_after = c; 1508 } 1509 1510 /* 1511 * Please note that this assumes target bandwidth is 20 MHz, 1512 * if that ever changes we also need to change the below logic 1513 * to include that as well. 1514 */ 1515 if (is_ht40_not_allowed(channel_before)) 1516 channel->flags |= IEEE80211_CHAN_NO_HT40MINUS; 1517 else 1518 channel->flags &= ~IEEE80211_CHAN_NO_HT40MINUS; 1519 1520 if (is_ht40_not_allowed(channel_after)) 1521 channel->flags |= IEEE80211_CHAN_NO_HT40PLUS; 1522 else 1523 channel->flags &= ~IEEE80211_CHAN_NO_HT40PLUS; 1524 } 1525 1526 static void reg_process_ht_flags_band(struct wiphy *wiphy, 1527 enum ieee80211_band band) 1528 { 1529 unsigned int i; 1530 struct ieee80211_supported_band *sband; 1531 1532 BUG_ON(!wiphy->bands[band]); 1533 sband = wiphy->bands[band]; 1534 1535 for (i = 0; i < sband->n_channels; i++) 1536 reg_process_ht_flags_channel(wiphy, band, i); 1537 } 1538 1539 static void reg_process_ht_flags(struct wiphy *wiphy) 1540 { 1541 enum ieee80211_band band; 1542 1543 if (!wiphy) 1544 return; 1545 1546 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 1547 if (wiphy->bands[band]) 1548 reg_process_ht_flags_band(wiphy, band); 1549 } 1550 1551 } 1552 1553 void wiphy_update_regulatory(struct wiphy *wiphy, 1554 enum nl80211_reg_initiator initiator) 1555 { 1556 enum ieee80211_band band; 1557 1558 if (ignore_reg_update(wiphy, initiator)) 1559 goto out; 1560 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 1561 if (wiphy->bands[band]) 1562 handle_band(wiphy, band); 1563 } 1564 out: 1565 reg_process_beacons(wiphy); 1566 reg_process_ht_flags(wiphy); 1567 if (wiphy->reg_notifier) 1568 wiphy->reg_notifier(wiphy, last_request); 1569 } 1570 1571 static void handle_channel_custom(struct wiphy *wiphy, 1572 enum ieee80211_band band, 1573 unsigned int chan_idx, 1574 const struct ieee80211_regdomain *regd) 1575 { 1576 int r; 1577 u32 desired_bw_khz = MHZ_TO_KHZ(20); 1578 u32 bw_flags = 0; 1579 const struct ieee80211_reg_rule *reg_rule = NULL; 1580 const struct ieee80211_power_rule *power_rule = NULL; 1581 const struct ieee80211_freq_range *freq_range = NULL; 1582 struct ieee80211_supported_band *sband; 1583 struct ieee80211_channel *chan; 1584 1585 assert_reg_lock(); 1586 1587 sband = wiphy->bands[band]; 1588 BUG_ON(chan_idx >= sband->n_channels); 1589 chan = &sband->channels[chan_idx]; 1590 1591 r = freq_reg_info_regd(wiphy, 1592 MHZ_TO_KHZ(chan->center_freq), 1593 desired_bw_khz, 1594 ®_rule, 1595 regd); 1596 1597 if (r) { 1598 chan->flags = IEEE80211_CHAN_DISABLED; 1599 return; 1600 } 1601 1602 power_rule = ®_rule->power_rule; 1603 freq_range = ®_rule->freq_range; 1604 1605 if (freq_range->max_bandwidth_khz < MHZ_TO_KHZ(40)) 1606 bw_flags = IEEE80211_CHAN_NO_HT40; 1607 1608 chan->flags |= map_regdom_flags(reg_rule->flags) | bw_flags; 1609 chan->max_antenna_gain = (int) MBI_TO_DBI(power_rule->max_antenna_gain); 1610 chan->max_power = (int) MBM_TO_DBM(power_rule->max_eirp); 1611 } 1612 1613 static void handle_band_custom(struct wiphy *wiphy, enum ieee80211_band band, 1614 const struct ieee80211_regdomain *regd) 1615 { 1616 unsigned int i; 1617 struct ieee80211_supported_band *sband; 1618 1619 BUG_ON(!wiphy->bands[band]); 1620 sband = wiphy->bands[band]; 1621 1622 for (i = 0; i < sband->n_channels; i++) 1623 handle_channel_custom(wiphy, band, i, regd); 1624 } 1625 1626 /* Used by drivers prior to wiphy registration */ 1627 void wiphy_apply_custom_regulatory(struct wiphy *wiphy, 1628 const struct ieee80211_regdomain *regd) 1629 { 1630 enum ieee80211_band band; 1631 unsigned int bands_set = 0; 1632 1633 mutex_lock(®_mutex); 1634 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 1635 if (!wiphy->bands[band]) 1636 continue; 1637 handle_band_custom(wiphy, band, regd); 1638 bands_set++; 1639 } 1640 mutex_unlock(®_mutex); 1641 1642 /* 1643 * no point in calling this if it won't have any effect 1644 * on your device's supportd bands. 1645 */ 1646 WARN_ON(!bands_set); 1647 } 1648 EXPORT_SYMBOL(wiphy_apply_custom_regulatory); 1649 1650 /* 1651 * Return value which can be used by ignore_request() to indicate 1652 * it has been determined we should intersect two regulatory domains 1653 */ 1654 #define REG_INTERSECT 1 1655 1656 /* This has the logic which determines when a new request 1657 * should be ignored. */ 1658 static int ignore_request(struct wiphy *wiphy, 1659 struct regulatory_request *pending_request) 1660 { 1661 struct wiphy *last_wiphy = NULL; 1662 1663 assert_cfg80211_lock(); 1664 1665 /* All initial requests are respected */ 1666 if (!last_request) 1667 return 0; 1668 1669 switch (pending_request->initiator) { 1670 case NL80211_REGDOM_SET_BY_CORE: 1671 return 0; 1672 case NL80211_REGDOM_SET_BY_COUNTRY_IE: 1673 1674 last_wiphy = wiphy_idx_to_wiphy(last_request->wiphy_idx); 1675 1676 if (unlikely(!is_an_alpha2(pending_request->alpha2))) 1677 return -EINVAL; 1678 if (last_request->initiator == 1679 NL80211_REGDOM_SET_BY_COUNTRY_IE) { 1680 if (last_wiphy != wiphy) { 1681 /* 1682 * Two cards with two APs claiming different 1683 * Country IE alpha2s. We could 1684 * intersect them, but that seems unlikely 1685 * to be correct. Reject second one for now. 1686 */ 1687 if (regdom_changes(pending_request->alpha2)) 1688 return -EOPNOTSUPP; 1689 return -EALREADY; 1690 } 1691 /* 1692 * Two consecutive Country IE hints on the same wiphy. 1693 * This should be picked up early by the driver/stack 1694 */ 1695 if (WARN_ON(regdom_changes(pending_request->alpha2))) 1696 return 0; 1697 return -EALREADY; 1698 } 1699 return REG_INTERSECT; 1700 case NL80211_REGDOM_SET_BY_DRIVER: 1701 if (last_request->initiator == NL80211_REGDOM_SET_BY_CORE) { 1702 if (regdom_changes(pending_request->alpha2)) 1703 return 0; 1704 return -EALREADY; 1705 } 1706 1707 /* 1708 * This would happen if you unplug and plug your card 1709 * back in or if you add a new device for which the previously 1710 * loaded card also agrees on the regulatory domain. 1711 */ 1712 if (last_request->initiator == NL80211_REGDOM_SET_BY_DRIVER && 1713 !regdom_changes(pending_request->alpha2)) 1714 return -EALREADY; 1715 1716 return REG_INTERSECT; 1717 case NL80211_REGDOM_SET_BY_USER: 1718 if (last_request->initiator == NL80211_REGDOM_SET_BY_COUNTRY_IE) 1719 return REG_INTERSECT; 1720 /* 1721 * If the user knows better the user should set the regdom 1722 * to their country before the IE is picked up 1723 */ 1724 if (last_request->initiator == NL80211_REGDOM_SET_BY_USER && 1725 last_request->intersect) 1726 return -EOPNOTSUPP; 1727 /* 1728 * Process user requests only after previous user/driver/core 1729 * requests have been processed 1730 */ 1731 if (last_request->initiator == NL80211_REGDOM_SET_BY_CORE || 1732 last_request->initiator == NL80211_REGDOM_SET_BY_DRIVER || 1733 last_request->initiator == NL80211_REGDOM_SET_BY_USER) { 1734 if (regdom_changes(last_request->alpha2)) 1735 return -EAGAIN; 1736 } 1737 1738 if (!regdom_changes(pending_request->alpha2)) 1739 return -EALREADY; 1740 1741 return 0; 1742 } 1743 1744 return -EINVAL; 1745 } 1746 1747 /** 1748 * __regulatory_hint - hint to the wireless core a regulatory domain 1749 * @wiphy: if the hint comes from country information from an AP, this 1750 * is required to be set to the wiphy that received the information 1751 * @pending_request: the regulatory request currently being processed 1752 * 1753 * The Wireless subsystem can use this function to hint to the wireless core 1754 * what it believes should be the current regulatory domain. 1755 * 1756 * Returns zero if all went fine, %-EALREADY if a regulatory domain had 1757 * already been set or other standard error codes. 1758 * 1759 * Caller must hold &cfg80211_mutex and ®_mutex 1760 */ 1761 static int __regulatory_hint(struct wiphy *wiphy, 1762 struct regulatory_request *pending_request) 1763 { 1764 bool intersect = false; 1765 int r = 0; 1766 1767 assert_cfg80211_lock(); 1768 1769 r = ignore_request(wiphy, pending_request); 1770 1771 if (r == REG_INTERSECT) { 1772 if (pending_request->initiator == 1773 NL80211_REGDOM_SET_BY_DRIVER) { 1774 r = reg_copy_regd(&wiphy->regd, cfg80211_regdomain); 1775 if (r) { 1776 kfree(pending_request); 1777 return r; 1778 } 1779 } 1780 intersect = true; 1781 } else if (r) { 1782 /* 1783 * If the regulatory domain being requested by the 1784 * driver has already been set just copy it to the 1785 * wiphy 1786 */ 1787 if (r == -EALREADY && 1788 pending_request->initiator == 1789 NL80211_REGDOM_SET_BY_DRIVER) { 1790 r = reg_copy_regd(&wiphy->regd, cfg80211_regdomain); 1791 if (r) { 1792 kfree(pending_request); 1793 return r; 1794 } 1795 r = -EALREADY; 1796 goto new_request; 1797 } 1798 kfree(pending_request); 1799 return r; 1800 } 1801 1802 new_request: 1803 kfree(last_request); 1804 1805 last_request = pending_request; 1806 last_request->intersect = intersect; 1807 1808 pending_request = NULL; 1809 1810 if (last_request->initiator == NL80211_REGDOM_SET_BY_USER) { 1811 user_alpha2[0] = last_request->alpha2[0]; 1812 user_alpha2[1] = last_request->alpha2[1]; 1813 } 1814 1815 /* When r == REG_INTERSECT we do need to call CRDA */ 1816 if (r < 0) { 1817 /* 1818 * Since CRDA will not be called in this case as we already 1819 * have applied the requested regulatory domain before we just 1820 * inform userspace we have processed the request 1821 */ 1822 if (r == -EALREADY) 1823 nl80211_send_reg_change_event(last_request); 1824 return r; 1825 } 1826 1827 return call_crda(last_request->alpha2); 1828 } 1829 1830 /* This processes *all* regulatory hints */ 1831 static void reg_process_hint(struct regulatory_request *reg_request) 1832 { 1833 int r = 0; 1834 struct wiphy *wiphy = NULL; 1835 1836 BUG_ON(!reg_request->alpha2); 1837 1838 mutex_lock(&cfg80211_mutex); 1839 mutex_lock(®_mutex); 1840 1841 if (wiphy_idx_valid(reg_request->wiphy_idx)) 1842 wiphy = wiphy_idx_to_wiphy(reg_request->wiphy_idx); 1843 1844 if (reg_request->initiator == NL80211_REGDOM_SET_BY_DRIVER && 1845 !wiphy) { 1846 kfree(reg_request); 1847 goto out; 1848 } 1849 1850 r = __regulatory_hint(wiphy, reg_request); 1851 /* This is required so that the orig_* parameters are saved */ 1852 if (r == -EALREADY && wiphy && 1853 wiphy->flags & WIPHY_FLAG_STRICT_REGULATORY) 1854 wiphy_update_regulatory(wiphy, reg_request->initiator); 1855 out: 1856 mutex_unlock(®_mutex); 1857 mutex_unlock(&cfg80211_mutex); 1858 } 1859 1860 /* Processes regulatory hints, this is all the NL80211_REGDOM_SET_BY_* */ 1861 static void reg_process_pending_hints(void) 1862 { 1863 struct regulatory_request *reg_request; 1864 1865 spin_lock(®_requests_lock); 1866 while (!list_empty(®_requests_list)) { 1867 reg_request = list_first_entry(®_requests_list, 1868 struct regulatory_request, 1869 list); 1870 list_del_init(®_request->list); 1871 1872 spin_unlock(®_requests_lock); 1873 reg_process_hint(reg_request); 1874 spin_lock(®_requests_lock); 1875 } 1876 spin_unlock(®_requests_lock); 1877 } 1878 1879 /* Processes beacon hints -- this has nothing to do with country IEs */ 1880 static void reg_process_pending_beacon_hints(void) 1881 { 1882 struct cfg80211_registered_device *rdev; 1883 struct reg_beacon *pending_beacon, *tmp; 1884 1885 /* 1886 * No need to hold the reg_mutex here as we just touch wiphys 1887 * and do not read or access regulatory variables. 1888 */ 1889 mutex_lock(&cfg80211_mutex); 1890 1891 /* This goes through the _pending_ beacon list */ 1892 spin_lock_bh(®_pending_beacons_lock); 1893 1894 if (list_empty(®_pending_beacons)) { 1895 spin_unlock_bh(®_pending_beacons_lock); 1896 goto out; 1897 } 1898 1899 list_for_each_entry_safe(pending_beacon, tmp, 1900 ®_pending_beacons, list) { 1901 1902 list_del_init(&pending_beacon->list); 1903 1904 /* Applies the beacon hint to current wiphys */ 1905 list_for_each_entry(rdev, &cfg80211_rdev_list, list) 1906 wiphy_update_new_beacon(&rdev->wiphy, pending_beacon); 1907 1908 /* Remembers the beacon hint for new wiphys or reg changes */ 1909 list_add_tail(&pending_beacon->list, ®_beacon_list); 1910 } 1911 1912 spin_unlock_bh(®_pending_beacons_lock); 1913 out: 1914 mutex_unlock(&cfg80211_mutex); 1915 } 1916 1917 static void reg_todo(struct work_struct *work) 1918 { 1919 reg_process_pending_hints(); 1920 reg_process_pending_beacon_hints(); 1921 } 1922 1923 static DECLARE_WORK(reg_work, reg_todo); 1924 1925 static void queue_regulatory_request(struct regulatory_request *request) 1926 { 1927 spin_lock(®_requests_lock); 1928 list_add_tail(&request->list, ®_requests_list); 1929 spin_unlock(®_requests_lock); 1930 1931 schedule_work(®_work); 1932 } 1933 1934 /* 1935 * Core regulatory hint -- happens during cfg80211_init() 1936 * and when we restore regulatory settings. 1937 */ 1938 static int regulatory_hint_core(const char *alpha2) 1939 { 1940 struct regulatory_request *request; 1941 1942 kfree(last_request); 1943 last_request = NULL; 1944 1945 request = kzalloc(sizeof(struct regulatory_request), 1946 GFP_KERNEL); 1947 if (!request) 1948 return -ENOMEM; 1949 1950 request->alpha2[0] = alpha2[0]; 1951 request->alpha2[1] = alpha2[1]; 1952 request->initiator = NL80211_REGDOM_SET_BY_CORE; 1953 1954 /* 1955 * This ensures last_request is populated once modules 1956 * come swinging in and calling regulatory hints and 1957 * wiphy_apply_custom_regulatory(). 1958 */ 1959 reg_process_hint(request); 1960 1961 return 0; 1962 } 1963 1964 /* User hints */ 1965 int regulatory_hint_user(const char *alpha2) 1966 { 1967 struct regulatory_request *request; 1968 1969 BUG_ON(!alpha2); 1970 1971 request = kzalloc(sizeof(struct regulatory_request), GFP_KERNEL); 1972 if (!request) 1973 return -ENOMEM; 1974 1975 request->wiphy_idx = WIPHY_IDX_STALE; 1976 request->alpha2[0] = alpha2[0]; 1977 request->alpha2[1] = alpha2[1]; 1978 request->initiator = NL80211_REGDOM_SET_BY_USER; 1979 1980 queue_regulatory_request(request); 1981 1982 return 0; 1983 } 1984 1985 /* Driver hints */ 1986 int regulatory_hint(struct wiphy *wiphy, const char *alpha2) 1987 { 1988 struct regulatory_request *request; 1989 1990 BUG_ON(!alpha2); 1991 BUG_ON(!wiphy); 1992 1993 request = kzalloc(sizeof(struct regulatory_request), GFP_KERNEL); 1994 if (!request) 1995 return -ENOMEM; 1996 1997 request->wiphy_idx = get_wiphy_idx(wiphy); 1998 1999 /* Must have registered wiphy first */ 2000 BUG_ON(!wiphy_idx_valid(request->wiphy_idx)); 2001 2002 request->alpha2[0] = alpha2[0]; 2003 request->alpha2[1] = alpha2[1]; 2004 request->initiator = NL80211_REGDOM_SET_BY_DRIVER; 2005 2006 queue_regulatory_request(request); 2007 2008 return 0; 2009 } 2010 EXPORT_SYMBOL(regulatory_hint); 2011 2012 /* Caller must hold reg_mutex */ 2013 static bool reg_same_country_ie_hint(struct wiphy *wiphy, 2014 u32 country_ie_checksum) 2015 { 2016 struct wiphy *request_wiphy; 2017 2018 assert_reg_lock(); 2019 2020 if (unlikely(last_request->initiator != 2021 NL80211_REGDOM_SET_BY_COUNTRY_IE)) 2022 return false; 2023 2024 request_wiphy = wiphy_idx_to_wiphy(last_request->wiphy_idx); 2025 2026 if (!request_wiphy) 2027 return false; 2028 2029 if (likely(request_wiphy != wiphy)) 2030 return !country_ie_integrity_changes(country_ie_checksum); 2031 /* 2032 * We should not have let these through at this point, they 2033 * should have been picked up earlier by the first alpha2 check 2034 * on the device 2035 */ 2036 if (WARN_ON(!country_ie_integrity_changes(country_ie_checksum))) 2037 return true; 2038 return false; 2039 } 2040 2041 /* 2042 * We hold wdev_lock() here so we cannot hold cfg80211_mutex() and 2043 * therefore cannot iterate over the rdev list here. 2044 */ 2045 void regulatory_hint_11d(struct wiphy *wiphy, 2046 enum ieee80211_band band, 2047 u8 *country_ie, 2048 u8 country_ie_len) 2049 { 2050 struct ieee80211_regdomain *rd = NULL; 2051 char alpha2[2]; 2052 u32 checksum = 0; 2053 enum environment_cap env = ENVIRON_ANY; 2054 struct regulatory_request *request; 2055 2056 mutex_lock(®_mutex); 2057 2058 if (unlikely(!last_request)) 2059 goto out; 2060 2061 /* IE len must be evenly divisible by 2 */ 2062 if (country_ie_len & 0x01) 2063 goto out; 2064 2065 if (country_ie_len < IEEE80211_COUNTRY_IE_MIN_LEN) 2066 goto out; 2067 2068 /* 2069 * Pending country IE processing, this can happen after we 2070 * call CRDA and wait for a response if a beacon was received before 2071 * we were able to process the last regulatory_hint_11d() call 2072 */ 2073 if (country_ie_regdomain) 2074 goto out; 2075 2076 alpha2[0] = country_ie[0]; 2077 alpha2[1] = country_ie[1]; 2078 2079 if (country_ie[2] == 'I') 2080 env = ENVIRON_INDOOR; 2081 else if (country_ie[2] == 'O') 2082 env = ENVIRON_OUTDOOR; 2083 2084 /* 2085 * We will run this only upon a successful connection on cfg80211. 2086 * We leave conflict resolution to the workqueue, where can hold 2087 * cfg80211_mutex. 2088 */ 2089 if (likely(last_request->initiator == 2090 NL80211_REGDOM_SET_BY_COUNTRY_IE && 2091 wiphy_idx_valid(last_request->wiphy_idx))) 2092 goto out; 2093 2094 rd = country_ie_2_rd(band, country_ie, country_ie_len, &checksum); 2095 if (!rd) { 2096 REG_DBG_PRINT("cfg80211: Ignoring bogus country IE\n"); 2097 goto out; 2098 } 2099 2100 /* 2101 * This will not happen right now but we leave it here for the 2102 * the future when we want to add suspend/resume support and having 2103 * the user move to another country after doing so, or having the user 2104 * move to another AP. Right now we just trust the first AP. 2105 * 2106 * If we hit this before we add this support we want to be informed of 2107 * it as it would indicate a mistake in the current design 2108 */ 2109 if (WARN_ON(reg_same_country_ie_hint(wiphy, checksum))) 2110 goto free_rd_out; 2111 2112 request = kzalloc(sizeof(struct regulatory_request), GFP_KERNEL); 2113 if (!request) 2114 goto free_rd_out; 2115 2116 /* 2117 * We keep this around for when CRDA comes back with a response so 2118 * we can intersect with that 2119 */ 2120 country_ie_regdomain = rd; 2121 2122 request->wiphy_idx = get_wiphy_idx(wiphy); 2123 request->alpha2[0] = rd->alpha2[0]; 2124 request->alpha2[1] = rd->alpha2[1]; 2125 request->initiator = NL80211_REGDOM_SET_BY_COUNTRY_IE; 2126 request->country_ie_checksum = checksum; 2127 request->country_ie_env = env; 2128 2129 mutex_unlock(®_mutex); 2130 2131 queue_regulatory_request(request); 2132 2133 return; 2134 2135 free_rd_out: 2136 kfree(rd); 2137 out: 2138 mutex_unlock(®_mutex); 2139 } 2140 2141 static void restore_alpha2(char *alpha2, bool reset_user) 2142 { 2143 /* indicates there is no alpha2 to consider for restoration */ 2144 alpha2[0] = '9'; 2145 alpha2[1] = '7'; 2146 2147 /* The user setting has precedence over the module parameter */ 2148 if (is_user_regdom_saved()) { 2149 /* Unless we're asked to ignore it and reset it */ 2150 if (reset_user) { 2151 REG_DBG_PRINT("cfg80211: Restoring regulatory settings " 2152 "including user preference\n"); 2153 user_alpha2[0] = '9'; 2154 user_alpha2[1] = '7'; 2155 2156 /* 2157 * If we're ignoring user settings, we still need to 2158 * check the module parameter to ensure we put things 2159 * back as they were for a full restore. 2160 */ 2161 if (!is_world_regdom(ieee80211_regdom)) { 2162 REG_DBG_PRINT("cfg80211: Keeping preference on " 2163 "module parameter ieee80211_regdom: %c%c\n", 2164 ieee80211_regdom[0], 2165 ieee80211_regdom[1]); 2166 alpha2[0] = ieee80211_regdom[0]; 2167 alpha2[1] = ieee80211_regdom[1]; 2168 } 2169 } else { 2170 REG_DBG_PRINT("cfg80211: Restoring regulatory settings " 2171 "while preserving user preference for: %c%c\n", 2172 user_alpha2[0], 2173 user_alpha2[1]); 2174 alpha2[0] = user_alpha2[0]; 2175 alpha2[1] = user_alpha2[1]; 2176 } 2177 } else if (!is_world_regdom(ieee80211_regdom)) { 2178 REG_DBG_PRINT("cfg80211: Keeping preference on " 2179 "module parameter ieee80211_regdom: %c%c\n", 2180 ieee80211_regdom[0], 2181 ieee80211_regdom[1]); 2182 alpha2[0] = ieee80211_regdom[0]; 2183 alpha2[1] = ieee80211_regdom[1]; 2184 } else 2185 REG_DBG_PRINT("cfg80211: Restoring regulatory settings\n"); 2186 } 2187 2188 /* 2189 * Restoring regulatory settings involves ingoring any 2190 * possibly stale country IE information and user regulatory 2191 * settings if so desired, this includes any beacon hints 2192 * learned as we could have traveled outside to another country 2193 * after disconnection. To restore regulatory settings we do 2194 * exactly what we did at bootup: 2195 * 2196 * - send a core regulatory hint 2197 * - send a user regulatory hint if applicable 2198 * 2199 * Device drivers that send a regulatory hint for a specific country 2200 * keep their own regulatory domain on wiphy->regd so that does does 2201 * not need to be remembered. 2202 */ 2203 static void restore_regulatory_settings(bool reset_user) 2204 { 2205 char alpha2[2]; 2206 struct reg_beacon *reg_beacon, *btmp; 2207 2208 mutex_lock(&cfg80211_mutex); 2209 mutex_lock(®_mutex); 2210 2211 reset_regdomains(); 2212 restore_alpha2(alpha2, reset_user); 2213 2214 /* Clear beacon hints */ 2215 spin_lock_bh(®_pending_beacons_lock); 2216 if (!list_empty(®_pending_beacons)) { 2217 list_for_each_entry_safe(reg_beacon, btmp, 2218 ®_pending_beacons, list) { 2219 list_del(®_beacon->list); 2220 kfree(reg_beacon); 2221 } 2222 } 2223 spin_unlock_bh(®_pending_beacons_lock); 2224 2225 if (!list_empty(®_beacon_list)) { 2226 list_for_each_entry_safe(reg_beacon, btmp, 2227 ®_beacon_list, list) { 2228 list_del(®_beacon->list); 2229 kfree(reg_beacon); 2230 } 2231 } 2232 2233 /* First restore to the basic regulatory settings */ 2234 cfg80211_regdomain = cfg80211_world_regdom; 2235 2236 mutex_unlock(®_mutex); 2237 mutex_unlock(&cfg80211_mutex); 2238 2239 regulatory_hint_core(cfg80211_regdomain->alpha2); 2240 2241 /* 2242 * This restores the ieee80211_regdom module parameter 2243 * preference or the last user requested regulatory 2244 * settings, user regulatory settings takes precedence. 2245 */ 2246 if (is_an_alpha2(alpha2)) 2247 regulatory_hint_user(user_alpha2); 2248 } 2249 2250 2251 void regulatory_hint_disconnect(void) 2252 { 2253 REG_DBG_PRINT("cfg80211: All devices are disconnected, going to " 2254 "restore regulatory settings\n"); 2255 restore_regulatory_settings(false); 2256 } 2257 2258 static bool freq_is_chan_12_13_14(u16 freq) 2259 { 2260 if (freq == ieee80211_channel_to_frequency(12) || 2261 freq == ieee80211_channel_to_frequency(13) || 2262 freq == ieee80211_channel_to_frequency(14)) 2263 return true; 2264 return false; 2265 } 2266 2267 int regulatory_hint_found_beacon(struct wiphy *wiphy, 2268 struct ieee80211_channel *beacon_chan, 2269 gfp_t gfp) 2270 { 2271 struct reg_beacon *reg_beacon; 2272 2273 if (likely((beacon_chan->beacon_found || 2274 (beacon_chan->flags & IEEE80211_CHAN_RADAR) || 2275 (beacon_chan->band == IEEE80211_BAND_2GHZ && 2276 !freq_is_chan_12_13_14(beacon_chan->center_freq))))) 2277 return 0; 2278 2279 reg_beacon = kzalloc(sizeof(struct reg_beacon), gfp); 2280 if (!reg_beacon) 2281 return -ENOMEM; 2282 2283 REG_DBG_PRINT("cfg80211: Found new beacon on " 2284 "frequency: %d MHz (Ch %d) on %s\n", 2285 beacon_chan->center_freq, 2286 ieee80211_frequency_to_channel(beacon_chan->center_freq), 2287 wiphy_name(wiphy)); 2288 2289 memcpy(®_beacon->chan, beacon_chan, 2290 sizeof(struct ieee80211_channel)); 2291 2292 2293 /* 2294 * Since we can be called from BH or and non-BH context 2295 * we must use spin_lock_bh() 2296 */ 2297 spin_lock_bh(®_pending_beacons_lock); 2298 list_add_tail(®_beacon->list, ®_pending_beacons); 2299 spin_unlock_bh(®_pending_beacons_lock); 2300 2301 schedule_work(®_work); 2302 2303 return 0; 2304 } 2305 2306 static void print_rd_rules(const struct ieee80211_regdomain *rd) 2307 { 2308 unsigned int i; 2309 const struct ieee80211_reg_rule *reg_rule = NULL; 2310 const struct ieee80211_freq_range *freq_range = NULL; 2311 const struct ieee80211_power_rule *power_rule = NULL; 2312 2313 printk(KERN_INFO " (start_freq - end_freq @ bandwidth), " 2314 "(max_antenna_gain, max_eirp)\n"); 2315 2316 for (i = 0; i < rd->n_reg_rules; i++) { 2317 reg_rule = &rd->reg_rules[i]; 2318 freq_range = ®_rule->freq_range; 2319 power_rule = ®_rule->power_rule; 2320 2321 /* 2322 * There may not be documentation for max antenna gain 2323 * in certain regions 2324 */ 2325 if (power_rule->max_antenna_gain) 2326 printk(KERN_INFO " (%d KHz - %d KHz @ %d KHz), " 2327 "(%d mBi, %d mBm)\n", 2328 freq_range->start_freq_khz, 2329 freq_range->end_freq_khz, 2330 freq_range->max_bandwidth_khz, 2331 power_rule->max_antenna_gain, 2332 power_rule->max_eirp); 2333 else 2334 printk(KERN_INFO " (%d KHz - %d KHz @ %d KHz), " 2335 "(N/A, %d mBm)\n", 2336 freq_range->start_freq_khz, 2337 freq_range->end_freq_khz, 2338 freq_range->max_bandwidth_khz, 2339 power_rule->max_eirp); 2340 } 2341 } 2342 2343 static void print_regdomain(const struct ieee80211_regdomain *rd) 2344 { 2345 2346 if (is_intersected_alpha2(rd->alpha2)) { 2347 2348 if (last_request->initiator == 2349 NL80211_REGDOM_SET_BY_COUNTRY_IE) { 2350 struct cfg80211_registered_device *rdev; 2351 rdev = cfg80211_rdev_by_wiphy_idx( 2352 last_request->wiphy_idx); 2353 if (rdev) { 2354 printk(KERN_INFO "cfg80211: Current regulatory " 2355 "domain updated by AP to: %c%c\n", 2356 rdev->country_ie_alpha2[0], 2357 rdev->country_ie_alpha2[1]); 2358 } else 2359 printk(KERN_INFO "cfg80211: Current regulatory " 2360 "domain intersected: \n"); 2361 } else 2362 printk(KERN_INFO "cfg80211: Current regulatory " 2363 "domain intersected: \n"); 2364 } else if (is_world_regdom(rd->alpha2)) 2365 printk(KERN_INFO "cfg80211: World regulatory " 2366 "domain updated:\n"); 2367 else { 2368 if (is_unknown_alpha2(rd->alpha2)) 2369 printk(KERN_INFO "cfg80211: Regulatory domain " 2370 "changed to driver built-in settings " 2371 "(unknown country)\n"); 2372 else 2373 printk(KERN_INFO "cfg80211: Regulatory domain " 2374 "changed to country: %c%c\n", 2375 rd->alpha2[0], rd->alpha2[1]); 2376 } 2377 print_rd_rules(rd); 2378 } 2379 2380 static void print_regdomain_info(const struct ieee80211_regdomain *rd) 2381 { 2382 printk(KERN_INFO "cfg80211: Regulatory domain: %c%c\n", 2383 rd->alpha2[0], rd->alpha2[1]); 2384 print_rd_rules(rd); 2385 } 2386 2387 #ifdef CONFIG_CFG80211_REG_DEBUG 2388 static void reg_country_ie_process_debug( 2389 const struct ieee80211_regdomain *rd, 2390 const struct ieee80211_regdomain *country_ie_regdomain, 2391 const struct ieee80211_regdomain *intersected_rd) 2392 { 2393 printk(KERN_DEBUG "cfg80211: Received country IE:\n"); 2394 print_regdomain_info(country_ie_regdomain); 2395 printk(KERN_DEBUG "cfg80211: CRDA thinks this should applied:\n"); 2396 print_regdomain_info(rd); 2397 if (intersected_rd) { 2398 printk(KERN_DEBUG "cfg80211: We intersect both of these " 2399 "and get:\n"); 2400 print_regdomain_info(intersected_rd); 2401 return; 2402 } 2403 printk(KERN_DEBUG "cfg80211: Intersection between both failed\n"); 2404 } 2405 #else 2406 static inline void reg_country_ie_process_debug( 2407 const struct ieee80211_regdomain *rd, 2408 const struct ieee80211_regdomain *country_ie_regdomain, 2409 const struct ieee80211_regdomain *intersected_rd) 2410 { 2411 } 2412 #endif 2413 2414 /* Takes ownership of rd only if it doesn't fail */ 2415 static int __set_regdom(const struct ieee80211_regdomain *rd) 2416 { 2417 const struct ieee80211_regdomain *intersected_rd = NULL; 2418 struct cfg80211_registered_device *rdev = NULL; 2419 struct wiphy *request_wiphy; 2420 /* Some basic sanity checks first */ 2421 2422 if (is_world_regdom(rd->alpha2)) { 2423 if (WARN_ON(!reg_is_valid_request(rd->alpha2))) 2424 return -EINVAL; 2425 update_world_regdomain(rd); 2426 return 0; 2427 } 2428 2429 if (!is_alpha2_set(rd->alpha2) && !is_an_alpha2(rd->alpha2) && 2430 !is_unknown_alpha2(rd->alpha2)) 2431 return -EINVAL; 2432 2433 if (!last_request) 2434 return -EINVAL; 2435 2436 /* 2437 * Lets only bother proceeding on the same alpha2 if the current 2438 * rd is non static (it means CRDA was present and was used last) 2439 * and the pending request came in from a country IE 2440 */ 2441 if (last_request->initiator != NL80211_REGDOM_SET_BY_COUNTRY_IE) { 2442 /* 2443 * If someone else asked us to change the rd lets only bother 2444 * checking if the alpha2 changes if CRDA was already called 2445 */ 2446 if (!regdom_changes(rd->alpha2)) 2447 return -EINVAL; 2448 } 2449 2450 /* 2451 * Now lets set the regulatory domain, update all driver channels 2452 * and finally inform them of what we have done, in case they want 2453 * to review or adjust their own settings based on their own 2454 * internal EEPROM data 2455 */ 2456 2457 if (WARN_ON(!reg_is_valid_request(rd->alpha2))) 2458 return -EINVAL; 2459 2460 if (!is_valid_rd(rd)) { 2461 printk(KERN_ERR "cfg80211: Invalid " 2462 "regulatory domain detected:\n"); 2463 print_regdomain_info(rd); 2464 return -EINVAL; 2465 } 2466 2467 request_wiphy = wiphy_idx_to_wiphy(last_request->wiphy_idx); 2468 2469 if (!last_request->intersect) { 2470 int r; 2471 2472 if (last_request->initiator != NL80211_REGDOM_SET_BY_DRIVER) { 2473 reset_regdomains(); 2474 cfg80211_regdomain = rd; 2475 return 0; 2476 } 2477 2478 /* 2479 * For a driver hint, lets copy the regulatory domain the 2480 * driver wanted to the wiphy to deal with conflicts 2481 */ 2482 2483 /* 2484 * Userspace could have sent two replies with only 2485 * one kernel request. 2486 */ 2487 if (request_wiphy->regd) 2488 return -EALREADY; 2489 2490 r = reg_copy_regd(&request_wiphy->regd, rd); 2491 if (r) 2492 return r; 2493 2494 reset_regdomains(); 2495 cfg80211_regdomain = rd; 2496 return 0; 2497 } 2498 2499 /* Intersection requires a bit more work */ 2500 2501 if (last_request->initiator != NL80211_REGDOM_SET_BY_COUNTRY_IE) { 2502 2503 intersected_rd = regdom_intersect(rd, cfg80211_regdomain); 2504 if (!intersected_rd) 2505 return -EINVAL; 2506 2507 /* 2508 * We can trash what CRDA provided now. 2509 * However if a driver requested this specific regulatory 2510 * domain we keep it for its private use 2511 */ 2512 if (last_request->initiator == NL80211_REGDOM_SET_BY_DRIVER) 2513 request_wiphy->regd = rd; 2514 else 2515 kfree(rd); 2516 2517 rd = NULL; 2518 2519 reset_regdomains(); 2520 cfg80211_regdomain = intersected_rd; 2521 2522 return 0; 2523 } 2524 2525 /* 2526 * Country IE requests are handled a bit differently, we intersect 2527 * the country IE rd with what CRDA believes that country should have 2528 */ 2529 2530 /* 2531 * Userspace could have sent two replies with only 2532 * one kernel request. By the second reply we would have 2533 * already processed and consumed the country_ie_regdomain. 2534 */ 2535 if (!country_ie_regdomain) 2536 return -EALREADY; 2537 BUG_ON(rd == country_ie_regdomain); 2538 2539 /* 2540 * Intersect what CRDA returned and our what we 2541 * had built from the Country IE received 2542 */ 2543 2544 intersected_rd = regdom_intersect(rd, country_ie_regdomain); 2545 2546 reg_country_ie_process_debug(rd, 2547 country_ie_regdomain, 2548 intersected_rd); 2549 2550 kfree(country_ie_regdomain); 2551 country_ie_regdomain = NULL; 2552 2553 if (!intersected_rd) 2554 return -EINVAL; 2555 2556 rdev = wiphy_to_dev(request_wiphy); 2557 2558 rdev->country_ie_alpha2[0] = rd->alpha2[0]; 2559 rdev->country_ie_alpha2[1] = rd->alpha2[1]; 2560 rdev->env = last_request->country_ie_env; 2561 2562 BUG_ON(intersected_rd == rd); 2563 2564 kfree(rd); 2565 rd = NULL; 2566 2567 reset_regdomains(); 2568 cfg80211_regdomain = intersected_rd; 2569 2570 return 0; 2571 } 2572 2573 2574 /* 2575 * Use this call to set the current regulatory domain. Conflicts with 2576 * multiple drivers can be ironed out later. Caller must've already 2577 * kmalloc'd the rd structure. Caller must hold cfg80211_mutex 2578 */ 2579 int set_regdom(const struct ieee80211_regdomain *rd) 2580 { 2581 int r; 2582 2583 assert_cfg80211_lock(); 2584 2585 mutex_lock(®_mutex); 2586 2587 /* Note that this doesn't update the wiphys, this is done below */ 2588 r = __set_regdom(rd); 2589 if (r) { 2590 kfree(rd); 2591 mutex_unlock(®_mutex); 2592 return r; 2593 } 2594 2595 /* This would make this whole thing pointless */ 2596 if (!last_request->intersect) 2597 BUG_ON(rd != cfg80211_regdomain); 2598 2599 /* update all wiphys now with the new established regulatory domain */ 2600 update_all_wiphy_regulatory(last_request->initiator); 2601 2602 print_regdomain(cfg80211_regdomain); 2603 2604 nl80211_send_reg_change_event(last_request); 2605 2606 mutex_unlock(®_mutex); 2607 2608 return r; 2609 } 2610 2611 /* Caller must hold cfg80211_mutex */ 2612 void reg_device_remove(struct wiphy *wiphy) 2613 { 2614 struct wiphy *request_wiphy = NULL; 2615 2616 assert_cfg80211_lock(); 2617 2618 mutex_lock(®_mutex); 2619 2620 kfree(wiphy->regd); 2621 2622 if (last_request) 2623 request_wiphy = wiphy_idx_to_wiphy(last_request->wiphy_idx); 2624 2625 if (!request_wiphy || request_wiphy != wiphy) 2626 goto out; 2627 2628 last_request->wiphy_idx = WIPHY_IDX_STALE; 2629 last_request->country_ie_env = ENVIRON_ANY; 2630 out: 2631 mutex_unlock(®_mutex); 2632 } 2633 2634 int regulatory_init(void) 2635 { 2636 int err = 0; 2637 2638 reg_pdev = platform_device_register_simple("regulatory", 0, NULL, 0); 2639 if (IS_ERR(reg_pdev)) 2640 return PTR_ERR(reg_pdev); 2641 2642 spin_lock_init(®_requests_lock); 2643 spin_lock_init(®_pending_beacons_lock); 2644 2645 cfg80211_regdomain = cfg80211_world_regdom; 2646 2647 user_alpha2[0] = '9'; 2648 user_alpha2[1] = '7'; 2649 2650 /* We always try to get an update for the static regdomain */ 2651 err = regulatory_hint_core(cfg80211_regdomain->alpha2); 2652 if (err) { 2653 if (err == -ENOMEM) 2654 return err; 2655 /* 2656 * N.B. kobject_uevent_env() can fail mainly for when we're out 2657 * memory which is handled and propagated appropriately above 2658 * but it can also fail during a netlink_broadcast() or during 2659 * early boot for call_usermodehelper(). For now treat these 2660 * errors as non-fatal. 2661 */ 2662 printk(KERN_ERR "cfg80211: kobject_uevent_env() was unable " 2663 "to call CRDA during init"); 2664 #ifdef CONFIG_CFG80211_REG_DEBUG 2665 /* We want to find out exactly why when debugging */ 2666 WARN_ON(err); 2667 #endif 2668 } 2669 2670 /* 2671 * Finally, if the user set the module parameter treat it 2672 * as a user hint. 2673 */ 2674 if (!is_world_regdom(ieee80211_regdom)) 2675 regulatory_hint_user(ieee80211_regdom); 2676 2677 return 0; 2678 } 2679 2680 void regulatory_exit(void) 2681 { 2682 struct regulatory_request *reg_request, *tmp; 2683 struct reg_beacon *reg_beacon, *btmp; 2684 2685 cancel_work_sync(®_work); 2686 2687 mutex_lock(&cfg80211_mutex); 2688 mutex_lock(®_mutex); 2689 2690 reset_regdomains(); 2691 2692 kfree(country_ie_regdomain); 2693 country_ie_regdomain = NULL; 2694 2695 kfree(last_request); 2696 2697 platform_device_unregister(reg_pdev); 2698 2699 spin_lock_bh(®_pending_beacons_lock); 2700 if (!list_empty(®_pending_beacons)) { 2701 list_for_each_entry_safe(reg_beacon, btmp, 2702 ®_pending_beacons, list) { 2703 list_del(®_beacon->list); 2704 kfree(reg_beacon); 2705 } 2706 } 2707 spin_unlock_bh(®_pending_beacons_lock); 2708 2709 if (!list_empty(®_beacon_list)) { 2710 list_for_each_entry_safe(reg_beacon, btmp, 2711 ®_beacon_list, list) { 2712 list_del(®_beacon->list); 2713 kfree(reg_beacon); 2714 } 2715 } 2716 2717 spin_lock(®_requests_lock); 2718 if (!list_empty(®_requests_list)) { 2719 list_for_each_entry_safe(reg_request, tmp, 2720 ®_requests_list, list) { 2721 list_del(®_request->list); 2722 kfree(reg_request); 2723 } 2724 } 2725 spin_unlock(®_requests_lock); 2726 2727 mutex_unlock(®_mutex); 2728 mutex_unlock(&cfg80211_mutex); 2729 } 2730