1 /* 2 * This is the new netlink-based wireless configuration interface. 3 * 4 * Copyright 2006-2010 Johannes Berg <johannes@sipsolutions.net> 5 */ 6 7 #include <linux/if.h> 8 #include <linux/module.h> 9 #include <linux/err.h> 10 #include <linux/slab.h> 11 #include <linux/list.h> 12 #include <linux/if_ether.h> 13 #include <linux/ieee80211.h> 14 #include <linux/nl80211.h> 15 #include <linux/rtnetlink.h> 16 #include <linux/netlink.h> 17 #include <linux/etherdevice.h> 18 #include <net/net_namespace.h> 19 #include <net/genetlink.h> 20 #include <net/cfg80211.h> 21 #include <net/sock.h> 22 #include "core.h" 23 #include "nl80211.h" 24 #include "reg.h" 25 26 static int nl80211_pre_doit(struct genl_ops *ops, struct sk_buff *skb, 27 struct genl_info *info); 28 static void nl80211_post_doit(struct genl_ops *ops, struct sk_buff *skb, 29 struct genl_info *info); 30 31 /* the netlink family */ 32 static struct genl_family nl80211_fam = { 33 .id = GENL_ID_GENERATE, /* don't bother with a hardcoded ID */ 34 .name = "nl80211", /* have users key off the name instead */ 35 .hdrsize = 0, /* no private header */ 36 .version = 1, /* no particular meaning now */ 37 .maxattr = NL80211_ATTR_MAX, 38 .netnsok = true, 39 .pre_doit = nl80211_pre_doit, 40 .post_doit = nl80211_post_doit, 41 }; 42 43 /* internal helper: get rdev and dev */ 44 static int get_rdev_dev_by_info_ifindex(struct genl_info *info, 45 struct cfg80211_registered_device **rdev, 46 struct net_device **dev) 47 { 48 struct nlattr **attrs = info->attrs; 49 int ifindex; 50 51 if (!attrs[NL80211_ATTR_IFINDEX]) 52 return -EINVAL; 53 54 ifindex = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]); 55 *dev = dev_get_by_index(genl_info_net(info), ifindex); 56 if (!*dev) 57 return -ENODEV; 58 59 *rdev = cfg80211_get_dev_from_ifindex(genl_info_net(info), ifindex); 60 if (IS_ERR(*rdev)) { 61 dev_put(*dev); 62 return PTR_ERR(*rdev); 63 } 64 65 return 0; 66 } 67 68 /* policy for the attributes */ 69 static const struct nla_policy nl80211_policy[NL80211_ATTR_MAX+1] = { 70 [NL80211_ATTR_WIPHY] = { .type = NLA_U32 }, 71 [NL80211_ATTR_WIPHY_NAME] = { .type = NLA_NUL_STRING, 72 .len = 20-1 }, 73 [NL80211_ATTR_WIPHY_TXQ_PARAMS] = { .type = NLA_NESTED }, 74 [NL80211_ATTR_WIPHY_FREQ] = { .type = NLA_U32 }, 75 [NL80211_ATTR_WIPHY_CHANNEL_TYPE] = { .type = NLA_U32 }, 76 [NL80211_ATTR_WIPHY_RETRY_SHORT] = { .type = NLA_U8 }, 77 [NL80211_ATTR_WIPHY_RETRY_LONG] = { .type = NLA_U8 }, 78 [NL80211_ATTR_WIPHY_FRAG_THRESHOLD] = { .type = NLA_U32 }, 79 [NL80211_ATTR_WIPHY_RTS_THRESHOLD] = { .type = NLA_U32 }, 80 [NL80211_ATTR_WIPHY_COVERAGE_CLASS] = { .type = NLA_U8 }, 81 82 [NL80211_ATTR_IFTYPE] = { .type = NLA_U32 }, 83 [NL80211_ATTR_IFINDEX] = { .type = NLA_U32 }, 84 [NL80211_ATTR_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ-1 }, 85 86 [NL80211_ATTR_MAC] = { .type = NLA_BINARY, .len = ETH_ALEN }, 87 [NL80211_ATTR_PREV_BSSID] = { .type = NLA_BINARY, .len = ETH_ALEN }, 88 89 [NL80211_ATTR_KEY] = { .type = NLA_NESTED, }, 90 [NL80211_ATTR_KEY_DATA] = { .type = NLA_BINARY, 91 .len = WLAN_MAX_KEY_LEN }, 92 [NL80211_ATTR_KEY_IDX] = { .type = NLA_U8 }, 93 [NL80211_ATTR_KEY_CIPHER] = { .type = NLA_U32 }, 94 [NL80211_ATTR_KEY_DEFAULT] = { .type = NLA_FLAG }, 95 [NL80211_ATTR_KEY_SEQ] = { .type = NLA_BINARY, .len = 8 }, 96 [NL80211_ATTR_KEY_TYPE] = { .type = NLA_U32 }, 97 98 [NL80211_ATTR_BEACON_INTERVAL] = { .type = NLA_U32 }, 99 [NL80211_ATTR_DTIM_PERIOD] = { .type = NLA_U32 }, 100 [NL80211_ATTR_BEACON_HEAD] = { .type = NLA_BINARY, 101 .len = IEEE80211_MAX_DATA_LEN }, 102 [NL80211_ATTR_BEACON_TAIL] = { .type = NLA_BINARY, 103 .len = IEEE80211_MAX_DATA_LEN }, 104 [NL80211_ATTR_STA_AID] = { .type = NLA_U16 }, 105 [NL80211_ATTR_STA_FLAGS] = { .type = NLA_NESTED }, 106 [NL80211_ATTR_STA_LISTEN_INTERVAL] = { .type = NLA_U16 }, 107 [NL80211_ATTR_STA_SUPPORTED_RATES] = { .type = NLA_BINARY, 108 .len = NL80211_MAX_SUPP_RATES }, 109 [NL80211_ATTR_STA_PLINK_ACTION] = { .type = NLA_U8 }, 110 [NL80211_ATTR_STA_VLAN] = { .type = NLA_U32 }, 111 [NL80211_ATTR_MNTR_FLAGS] = { /* NLA_NESTED can't be empty */ }, 112 [NL80211_ATTR_MESH_ID] = { .type = NLA_BINARY, 113 .len = IEEE80211_MAX_MESH_ID_LEN }, 114 [NL80211_ATTR_MPATH_NEXT_HOP] = { .type = NLA_U32 }, 115 116 [NL80211_ATTR_REG_ALPHA2] = { .type = NLA_STRING, .len = 2 }, 117 [NL80211_ATTR_REG_RULES] = { .type = NLA_NESTED }, 118 119 [NL80211_ATTR_BSS_CTS_PROT] = { .type = NLA_U8 }, 120 [NL80211_ATTR_BSS_SHORT_PREAMBLE] = { .type = NLA_U8 }, 121 [NL80211_ATTR_BSS_SHORT_SLOT_TIME] = { .type = NLA_U8 }, 122 [NL80211_ATTR_BSS_BASIC_RATES] = { .type = NLA_BINARY, 123 .len = NL80211_MAX_SUPP_RATES }, 124 [NL80211_ATTR_BSS_HT_OPMODE] = { .type = NLA_U16 }, 125 126 [NL80211_ATTR_MESH_CONFIG] = { .type = NLA_NESTED }, 127 128 [NL80211_ATTR_HT_CAPABILITY] = { .type = NLA_BINARY, 129 .len = NL80211_HT_CAPABILITY_LEN }, 130 131 [NL80211_ATTR_MGMT_SUBTYPE] = { .type = NLA_U8 }, 132 [NL80211_ATTR_IE] = { .type = NLA_BINARY, 133 .len = IEEE80211_MAX_DATA_LEN }, 134 [NL80211_ATTR_SCAN_FREQUENCIES] = { .type = NLA_NESTED }, 135 [NL80211_ATTR_SCAN_SSIDS] = { .type = NLA_NESTED }, 136 137 [NL80211_ATTR_SSID] = { .type = NLA_BINARY, 138 .len = IEEE80211_MAX_SSID_LEN }, 139 [NL80211_ATTR_AUTH_TYPE] = { .type = NLA_U32 }, 140 [NL80211_ATTR_REASON_CODE] = { .type = NLA_U16 }, 141 [NL80211_ATTR_FREQ_FIXED] = { .type = NLA_FLAG }, 142 [NL80211_ATTR_TIMED_OUT] = { .type = NLA_FLAG }, 143 [NL80211_ATTR_USE_MFP] = { .type = NLA_U32 }, 144 [NL80211_ATTR_STA_FLAGS2] = { 145 .len = sizeof(struct nl80211_sta_flag_update), 146 }, 147 [NL80211_ATTR_CONTROL_PORT] = { .type = NLA_FLAG }, 148 [NL80211_ATTR_CONTROL_PORT_ETHERTYPE] = { .type = NLA_U16 }, 149 [NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT] = { .type = NLA_FLAG }, 150 [NL80211_ATTR_PRIVACY] = { .type = NLA_FLAG }, 151 [NL80211_ATTR_CIPHER_SUITE_GROUP] = { .type = NLA_U32 }, 152 [NL80211_ATTR_WPA_VERSIONS] = { .type = NLA_U32 }, 153 [NL80211_ATTR_PID] = { .type = NLA_U32 }, 154 [NL80211_ATTR_4ADDR] = { .type = NLA_U8 }, 155 [NL80211_ATTR_PMKID] = { .type = NLA_BINARY, 156 .len = WLAN_PMKID_LEN }, 157 [NL80211_ATTR_DURATION] = { .type = NLA_U32 }, 158 [NL80211_ATTR_COOKIE] = { .type = NLA_U64 }, 159 [NL80211_ATTR_TX_RATES] = { .type = NLA_NESTED }, 160 [NL80211_ATTR_FRAME] = { .type = NLA_BINARY, 161 .len = IEEE80211_MAX_DATA_LEN }, 162 [NL80211_ATTR_FRAME_MATCH] = { .type = NLA_BINARY, }, 163 [NL80211_ATTR_PS_STATE] = { .type = NLA_U32 }, 164 [NL80211_ATTR_CQM] = { .type = NLA_NESTED, }, 165 [NL80211_ATTR_LOCAL_STATE_CHANGE] = { .type = NLA_FLAG }, 166 [NL80211_ATTR_AP_ISOLATE] = { .type = NLA_U8 }, 167 [NL80211_ATTR_WIPHY_TX_POWER_SETTING] = { .type = NLA_U32 }, 168 [NL80211_ATTR_WIPHY_TX_POWER_LEVEL] = { .type = NLA_U32 }, 169 [NL80211_ATTR_FRAME_TYPE] = { .type = NLA_U16 }, 170 [NL80211_ATTR_WIPHY_ANTENNA_TX] = { .type = NLA_U32 }, 171 [NL80211_ATTR_WIPHY_ANTENNA_RX] = { .type = NLA_U32 }, 172 [NL80211_ATTR_MCAST_RATE] = { .type = NLA_U32 }, 173 [NL80211_ATTR_OFFCHANNEL_TX_OK] = { .type = NLA_FLAG }, 174 [NL80211_ATTR_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED }, 175 }; 176 177 /* policy for the key attributes */ 178 static const struct nla_policy nl80211_key_policy[NL80211_KEY_MAX + 1] = { 179 [NL80211_KEY_DATA] = { .type = NLA_BINARY, .len = WLAN_MAX_KEY_LEN }, 180 [NL80211_KEY_IDX] = { .type = NLA_U8 }, 181 [NL80211_KEY_CIPHER] = { .type = NLA_U32 }, 182 [NL80211_KEY_SEQ] = { .type = NLA_BINARY, .len = 8 }, 183 [NL80211_KEY_DEFAULT] = { .type = NLA_FLAG }, 184 [NL80211_KEY_DEFAULT_MGMT] = { .type = NLA_FLAG }, 185 [NL80211_KEY_TYPE] = { .type = NLA_U32 }, 186 [NL80211_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED }, 187 }; 188 189 /* policy for the key default flags */ 190 static const struct nla_policy 191 nl80211_key_default_policy[NUM_NL80211_KEY_DEFAULT_TYPES] = { 192 [NL80211_KEY_DEFAULT_TYPE_UNICAST] = { .type = NLA_FLAG }, 193 [NL80211_KEY_DEFAULT_TYPE_MULTICAST] = { .type = NLA_FLAG }, 194 }; 195 196 /* ifidx get helper */ 197 static int nl80211_get_ifidx(struct netlink_callback *cb) 198 { 199 int res; 200 201 res = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize, 202 nl80211_fam.attrbuf, nl80211_fam.maxattr, 203 nl80211_policy); 204 if (res) 205 return res; 206 207 if (!nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX]) 208 return -EINVAL; 209 210 res = nla_get_u32(nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX]); 211 if (!res) 212 return -EINVAL; 213 return res; 214 } 215 216 static int nl80211_prepare_netdev_dump(struct sk_buff *skb, 217 struct netlink_callback *cb, 218 struct cfg80211_registered_device **rdev, 219 struct net_device **dev) 220 { 221 int ifidx = cb->args[0]; 222 int err; 223 224 if (!ifidx) 225 ifidx = nl80211_get_ifidx(cb); 226 if (ifidx < 0) 227 return ifidx; 228 229 cb->args[0] = ifidx; 230 231 rtnl_lock(); 232 233 *dev = __dev_get_by_index(sock_net(skb->sk), ifidx); 234 if (!*dev) { 235 err = -ENODEV; 236 goto out_rtnl; 237 } 238 239 *rdev = cfg80211_get_dev_from_ifindex(sock_net(skb->sk), ifidx); 240 if (IS_ERR(*rdev)) { 241 err = PTR_ERR(*rdev); 242 goto out_rtnl; 243 } 244 245 return 0; 246 out_rtnl: 247 rtnl_unlock(); 248 return err; 249 } 250 251 static void nl80211_finish_netdev_dump(struct cfg80211_registered_device *rdev) 252 { 253 cfg80211_unlock_rdev(rdev); 254 rtnl_unlock(); 255 } 256 257 /* IE validation */ 258 static bool is_valid_ie_attr(const struct nlattr *attr) 259 { 260 const u8 *pos; 261 int len; 262 263 if (!attr) 264 return true; 265 266 pos = nla_data(attr); 267 len = nla_len(attr); 268 269 while (len) { 270 u8 elemlen; 271 272 if (len < 2) 273 return false; 274 len -= 2; 275 276 elemlen = pos[1]; 277 if (elemlen > len) 278 return false; 279 280 len -= elemlen; 281 pos += 2 + elemlen; 282 } 283 284 return true; 285 } 286 287 /* message building helper */ 288 static inline void *nl80211hdr_put(struct sk_buff *skb, u32 pid, u32 seq, 289 int flags, u8 cmd) 290 { 291 /* since there is no private header just add the generic one */ 292 return genlmsg_put(skb, pid, seq, &nl80211_fam, flags, cmd); 293 } 294 295 static int nl80211_msg_put_channel(struct sk_buff *msg, 296 struct ieee80211_channel *chan) 297 { 298 NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_FREQ, 299 chan->center_freq); 300 301 if (chan->flags & IEEE80211_CHAN_DISABLED) 302 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_DISABLED); 303 if (chan->flags & IEEE80211_CHAN_PASSIVE_SCAN) 304 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_PASSIVE_SCAN); 305 if (chan->flags & IEEE80211_CHAN_NO_IBSS) 306 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_NO_IBSS); 307 if (chan->flags & IEEE80211_CHAN_RADAR) 308 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_RADAR); 309 310 NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_MAX_TX_POWER, 311 DBM_TO_MBM(chan->max_power)); 312 313 return 0; 314 315 nla_put_failure: 316 return -ENOBUFS; 317 } 318 319 /* netlink command implementations */ 320 321 struct key_parse { 322 struct key_params p; 323 int idx; 324 int type; 325 bool def, defmgmt; 326 bool def_uni, def_multi; 327 }; 328 329 static int nl80211_parse_key_new(struct nlattr *key, struct key_parse *k) 330 { 331 struct nlattr *tb[NL80211_KEY_MAX + 1]; 332 int err = nla_parse_nested(tb, NL80211_KEY_MAX, key, 333 nl80211_key_policy); 334 if (err) 335 return err; 336 337 k->def = !!tb[NL80211_KEY_DEFAULT]; 338 k->defmgmt = !!tb[NL80211_KEY_DEFAULT_MGMT]; 339 340 if (k->def) { 341 k->def_uni = true; 342 k->def_multi = true; 343 } 344 if (k->defmgmt) 345 k->def_multi = true; 346 347 if (tb[NL80211_KEY_IDX]) 348 k->idx = nla_get_u8(tb[NL80211_KEY_IDX]); 349 350 if (tb[NL80211_KEY_DATA]) { 351 k->p.key = nla_data(tb[NL80211_KEY_DATA]); 352 k->p.key_len = nla_len(tb[NL80211_KEY_DATA]); 353 } 354 355 if (tb[NL80211_KEY_SEQ]) { 356 k->p.seq = nla_data(tb[NL80211_KEY_SEQ]); 357 k->p.seq_len = nla_len(tb[NL80211_KEY_SEQ]); 358 } 359 360 if (tb[NL80211_KEY_CIPHER]) 361 k->p.cipher = nla_get_u32(tb[NL80211_KEY_CIPHER]); 362 363 if (tb[NL80211_KEY_TYPE]) { 364 k->type = nla_get_u32(tb[NL80211_KEY_TYPE]); 365 if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES) 366 return -EINVAL; 367 } 368 369 if (tb[NL80211_KEY_DEFAULT_TYPES]) { 370 struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES]; 371 int err = nla_parse_nested(kdt, 372 NUM_NL80211_KEY_DEFAULT_TYPES - 1, 373 tb[NL80211_KEY_DEFAULT_TYPES], 374 nl80211_key_default_policy); 375 if (err) 376 return err; 377 378 k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST]; 379 k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST]; 380 } 381 382 return 0; 383 } 384 385 static int nl80211_parse_key_old(struct genl_info *info, struct key_parse *k) 386 { 387 if (info->attrs[NL80211_ATTR_KEY_DATA]) { 388 k->p.key = nla_data(info->attrs[NL80211_ATTR_KEY_DATA]); 389 k->p.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]); 390 } 391 392 if (info->attrs[NL80211_ATTR_KEY_SEQ]) { 393 k->p.seq = nla_data(info->attrs[NL80211_ATTR_KEY_SEQ]); 394 k->p.seq_len = nla_len(info->attrs[NL80211_ATTR_KEY_SEQ]); 395 } 396 397 if (info->attrs[NL80211_ATTR_KEY_IDX]) 398 k->idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]); 399 400 if (info->attrs[NL80211_ATTR_KEY_CIPHER]) 401 k->p.cipher = nla_get_u32(info->attrs[NL80211_ATTR_KEY_CIPHER]); 402 403 k->def = !!info->attrs[NL80211_ATTR_KEY_DEFAULT]; 404 k->defmgmt = !!info->attrs[NL80211_ATTR_KEY_DEFAULT_MGMT]; 405 406 if (k->def) { 407 k->def_uni = true; 408 k->def_multi = true; 409 } 410 if (k->defmgmt) 411 k->def_multi = true; 412 413 if (info->attrs[NL80211_ATTR_KEY_TYPE]) { 414 k->type = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]); 415 if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES) 416 return -EINVAL; 417 } 418 419 if (info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES]) { 420 struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES]; 421 int err = nla_parse_nested( 422 kdt, NUM_NL80211_KEY_DEFAULT_TYPES - 1, 423 info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES], 424 nl80211_key_default_policy); 425 if (err) 426 return err; 427 428 k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST]; 429 k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST]; 430 } 431 432 return 0; 433 } 434 435 static int nl80211_parse_key(struct genl_info *info, struct key_parse *k) 436 { 437 int err; 438 439 memset(k, 0, sizeof(*k)); 440 k->idx = -1; 441 k->type = -1; 442 443 if (info->attrs[NL80211_ATTR_KEY]) 444 err = nl80211_parse_key_new(info->attrs[NL80211_ATTR_KEY], k); 445 else 446 err = nl80211_parse_key_old(info, k); 447 448 if (err) 449 return err; 450 451 if (k->def && k->defmgmt) 452 return -EINVAL; 453 454 if (k->defmgmt) { 455 if (k->def_uni || !k->def_multi) 456 return -EINVAL; 457 } 458 459 if (k->idx != -1) { 460 if (k->defmgmt) { 461 if (k->idx < 4 || k->idx > 5) 462 return -EINVAL; 463 } else if (k->def) { 464 if (k->idx < 0 || k->idx > 3) 465 return -EINVAL; 466 } else { 467 if (k->idx < 0 || k->idx > 5) 468 return -EINVAL; 469 } 470 } 471 472 return 0; 473 } 474 475 static struct cfg80211_cached_keys * 476 nl80211_parse_connkeys(struct cfg80211_registered_device *rdev, 477 struct nlattr *keys) 478 { 479 struct key_parse parse; 480 struct nlattr *key; 481 struct cfg80211_cached_keys *result; 482 int rem, err, def = 0; 483 484 result = kzalloc(sizeof(*result), GFP_KERNEL); 485 if (!result) 486 return ERR_PTR(-ENOMEM); 487 488 result->def = -1; 489 result->defmgmt = -1; 490 491 nla_for_each_nested(key, keys, rem) { 492 memset(&parse, 0, sizeof(parse)); 493 parse.idx = -1; 494 495 err = nl80211_parse_key_new(key, &parse); 496 if (err) 497 goto error; 498 err = -EINVAL; 499 if (!parse.p.key) 500 goto error; 501 if (parse.idx < 0 || parse.idx > 4) 502 goto error; 503 if (parse.def) { 504 if (def) 505 goto error; 506 def = 1; 507 result->def = parse.idx; 508 if (!parse.def_uni || !parse.def_multi) 509 goto error; 510 } else if (parse.defmgmt) 511 goto error; 512 err = cfg80211_validate_key_settings(rdev, &parse.p, 513 parse.idx, false, NULL); 514 if (err) 515 goto error; 516 result->params[parse.idx].cipher = parse.p.cipher; 517 result->params[parse.idx].key_len = parse.p.key_len; 518 result->params[parse.idx].key = result->data[parse.idx]; 519 memcpy(result->data[parse.idx], parse.p.key, parse.p.key_len); 520 } 521 522 return result; 523 error: 524 kfree(result); 525 return ERR_PTR(err); 526 } 527 528 static int nl80211_key_allowed(struct wireless_dev *wdev) 529 { 530 ASSERT_WDEV_LOCK(wdev); 531 532 switch (wdev->iftype) { 533 case NL80211_IFTYPE_AP: 534 case NL80211_IFTYPE_AP_VLAN: 535 case NL80211_IFTYPE_P2P_GO: 536 break; 537 case NL80211_IFTYPE_ADHOC: 538 if (!wdev->current_bss) 539 return -ENOLINK; 540 break; 541 case NL80211_IFTYPE_STATION: 542 case NL80211_IFTYPE_P2P_CLIENT: 543 if (wdev->sme_state != CFG80211_SME_CONNECTED) 544 return -ENOLINK; 545 break; 546 default: 547 return -EINVAL; 548 } 549 550 return 0; 551 } 552 553 static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags, 554 struct cfg80211_registered_device *dev) 555 { 556 void *hdr; 557 struct nlattr *nl_bands, *nl_band; 558 struct nlattr *nl_freqs, *nl_freq; 559 struct nlattr *nl_rates, *nl_rate; 560 struct nlattr *nl_modes; 561 struct nlattr *nl_cmds; 562 enum ieee80211_band band; 563 struct ieee80211_channel *chan; 564 struct ieee80211_rate *rate; 565 int i; 566 u16 ifmodes = dev->wiphy.interface_modes; 567 const struct ieee80211_txrx_stypes *mgmt_stypes = 568 dev->wiphy.mgmt_stypes; 569 570 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_WIPHY); 571 if (!hdr) 572 return -1; 573 574 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, dev->wiphy_idx); 575 NLA_PUT_STRING(msg, NL80211_ATTR_WIPHY_NAME, wiphy_name(&dev->wiphy)); 576 577 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, 578 cfg80211_rdev_list_generation); 579 580 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_SHORT, 581 dev->wiphy.retry_short); 582 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_LONG, 583 dev->wiphy.retry_long); 584 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, 585 dev->wiphy.frag_threshold); 586 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, 587 dev->wiphy.rts_threshold); 588 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_COVERAGE_CLASS, 589 dev->wiphy.coverage_class); 590 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_SCAN_SSIDS, 591 dev->wiphy.max_scan_ssids); 592 NLA_PUT_U16(msg, NL80211_ATTR_MAX_SCAN_IE_LEN, 593 dev->wiphy.max_scan_ie_len); 594 595 if (dev->wiphy.flags & WIPHY_FLAG_IBSS_RSN) 596 NLA_PUT_FLAG(msg, NL80211_ATTR_SUPPORT_IBSS_RSN); 597 598 NLA_PUT(msg, NL80211_ATTR_CIPHER_SUITES, 599 sizeof(u32) * dev->wiphy.n_cipher_suites, 600 dev->wiphy.cipher_suites); 601 602 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_PMKIDS, 603 dev->wiphy.max_num_pmkids); 604 605 if (dev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) 606 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE); 607 608 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_TX, 609 dev->wiphy.available_antennas_tx); 610 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_RX, 611 dev->wiphy.available_antennas_rx); 612 613 if ((dev->wiphy.available_antennas_tx || 614 dev->wiphy.available_antennas_rx) && dev->ops->get_antenna) { 615 u32 tx_ant = 0, rx_ant = 0; 616 int res; 617 res = dev->ops->get_antenna(&dev->wiphy, &tx_ant, &rx_ant); 618 if (!res) { 619 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_TX, tx_ant); 620 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_RX, rx_ant); 621 } 622 } 623 624 nl_modes = nla_nest_start(msg, NL80211_ATTR_SUPPORTED_IFTYPES); 625 if (!nl_modes) 626 goto nla_put_failure; 627 628 i = 0; 629 while (ifmodes) { 630 if (ifmodes & 1) 631 NLA_PUT_FLAG(msg, i); 632 ifmodes >>= 1; 633 i++; 634 } 635 636 nla_nest_end(msg, nl_modes); 637 638 nl_bands = nla_nest_start(msg, NL80211_ATTR_WIPHY_BANDS); 639 if (!nl_bands) 640 goto nla_put_failure; 641 642 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 643 if (!dev->wiphy.bands[band]) 644 continue; 645 646 nl_band = nla_nest_start(msg, band); 647 if (!nl_band) 648 goto nla_put_failure; 649 650 /* add HT info */ 651 if (dev->wiphy.bands[band]->ht_cap.ht_supported) { 652 NLA_PUT(msg, NL80211_BAND_ATTR_HT_MCS_SET, 653 sizeof(dev->wiphy.bands[band]->ht_cap.mcs), 654 &dev->wiphy.bands[band]->ht_cap.mcs); 655 NLA_PUT_U16(msg, NL80211_BAND_ATTR_HT_CAPA, 656 dev->wiphy.bands[band]->ht_cap.cap); 657 NLA_PUT_U8(msg, NL80211_BAND_ATTR_HT_AMPDU_FACTOR, 658 dev->wiphy.bands[band]->ht_cap.ampdu_factor); 659 NLA_PUT_U8(msg, NL80211_BAND_ATTR_HT_AMPDU_DENSITY, 660 dev->wiphy.bands[band]->ht_cap.ampdu_density); 661 } 662 663 /* add frequencies */ 664 nl_freqs = nla_nest_start(msg, NL80211_BAND_ATTR_FREQS); 665 if (!nl_freqs) 666 goto nla_put_failure; 667 668 for (i = 0; i < dev->wiphy.bands[band]->n_channels; i++) { 669 nl_freq = nla_nest_start(msg, i); 670 if (!nl_freq) 671 goto nla_put_failure; 672 673 chan = &dev->wiphy.bands[band]->channels[i]; 674 675 if (nl80211_msg_put_channel(msg, chan)) 676 goto nla_put_failure; 677 678 nla_nest_end(msg, nl_freq); 679 } 680 681 nla_nest_end(msg, nl_freqs); 682 683 /* add bitrates */ 684 nl_rates = nla_nest_start(msg, NL80211_BAND_ATTR_RATES); 685 if (!nl_rates) 686 goto nla_put_failure; 687 688 for (i = 0; i < dev->wiphy.bands[band]->n_bitrates; i++) { 689 nl_rate = nla_nest_start(msg, i); 690 if (!nl_rate) 691 goto nla_put_failure; 692 693 rate = &dev->wiphy.bands[band]->bitrates[i]; 694 NLA_PUT_U32(msg, NL80211_BITRATE_ATTR_RATE, 695 rate->bitrate); 696 if (rate->flags & IEEE80211_RATE_SHORT_PREAMBLE) 697 NLA_PUT_FLAG(msg, 698 NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE); 699 700 nla_nest_end(msg, nl_rate); 701 } 702 703 nla_nest_end(msg, nl_rates); 704 705 nla_nest_end(msg, nl_band); 706 } 707 nla_nest_end(msg, nl_bands); 708 709 nl_cmds = nla_nest_start(msg, NL80211_ATTR_SUPPORTED_COMMANDS); 710 if (!nl_cmds) 711 goto nla_put_failure; 712 713 i = 0; 714 #define CMD(op, n) \ 715 do { \ 716 if (dev->ops->op) { \ 717 i++; \ 718 NLA_PUT_U32(msg, i, NL80211_CMD_ ## n); \ 719 } \ 720 } while (0) 721 722 CMD(add_virtual_intf, NEW_INTERFACE); 723 CMD(change_virtual_intf, SET_INTERFACE); 724 CMD(add_key, NEW_KEY); 725 CMD(add_beacon, NEW_BEACON); 726 CMD(add_station, NEW_STATION); 727 CMD(add_mpath, NEW_MPATH); 728 CMD(update_mesh_config, SET_MESH_CONFIG); 729 CMD(change_bss, SET_BSS); 730 CMD(auth, AUTHENTICATE); 731 CMD(assoc, ASSOCIATE); 732 CMD(deauth, DEAUTHENTICATE); 733 CMD(disassoc, DISASSOCIATE); 734 CMD(join_ibss, JOIN_IBSS); 735 CMD(join_mesh, JOIN_MESH); 736 CMD(set_pmksa, SET_PMKSA); 737 CMD(del_pmksa, DEL_PMKSA); 738 CMD(flush_pmksa, FLUSH_PMKSA); 739 CMD(remain_on_channel, REMAIN_ON_CHANNEL); 740 CMD(set_bitrate_mask, SET_TX_BITRATE_MASK); 741 CMD(mgmt_tx, FRAME); 742 CMD(mgmt_tx_cancel_wait, FRAME_WAIT_CANCEL); 743 if (dev->wiphy.flags & WIPHY_FLAG_NETNS_OK) { 744 i++; 745 NLA_PUT_U32(msg, i, NL80211_CMD_SET_WIPHY_NETNS); 746 } 747 CMD(set_channel, SET_CHANNEL); 748 CMD(set_wds_peer, SET_WDS_PEER); 749 750 #undef CMD 751 752 if (dev->ops->connect || dev->ops->auth) { 753 i++; 754 NLA_PUT_U32(msg, i, NL80211_CMD_CONNECT); 755 } 756 757 if (dev->ops->disconnect || dev->ops->deauth) { 758 i++; 759 NLA_PUT_U32(msg, i, NL80211_CMD_DISCONNECT); 760 } 761 762 nla_nest_end(msg, nl_cmds); 763 764 if (dev->ops->remain_on_channel) 765 NLA_PUT_U32(msg, NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION, 766 dev->wiphy.max_remain_on_channel_duration); 767 768 /* for now at least assume all drivers have it */ 769 if (dev->ops->mgmt_tx) 770 NLA_PUT_FLAG(msg, NL80211_ATTR_OFFCHANNEL_TX_OK); 771 772 if (mgmt_stypes) { 773 u16 stypes; 774 struct nlattr *nl_ftypes, *nl_ifs; 775 enum nl80211_iftype ift; 776 777 nl_ifs = nla_nest_start(msg, NL80211_ATTR_TX_FRAME_TYPES); 778 if (!nl_ifs) 779 goto nla_put_failure; 780 781 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) { 782 nl_ftypes = nla_nest_start(msg, ift); 783 if (!nl_ftypes) 784 goto nla_put_failure; 785 i = 0; 786 stypes = mgmt_stypes[ift].tx; 787 while (stypes) { 788 if (stypes & 1) 789 NLA_PUT_U16(msg, NL80211_ATTR_FRAME_TYPE, 790 (i << 4) | IEEE80211_FTYPE_MGMT); 791 stypes >>= 1; 792 i++; 793 } 794 nla_nest_end(msg, nl_ftypes); 795 } 796 797 nla_nest_end(msg, nl_ifs); 798 799 nl_ifs = nla_nest_start(msg, NL80211_ATTR_RX_FRAME_TYPES); 800 if (!nl_ifs) 801 goto nla_put_failure; 802 803 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) { 804 nl_ftypes = nla_nest_start(msg, ift); 805 if (!nl_ftypes) 806 goto nla_put_failure; 807 i = 0; 808 stypes = mgmt_stypes[ift].rx; 809 while (stypes) { 810 if (stypes & 1) 811 NLA_PUT_U16(msg, NL80211_ATTR_FRAME_TYPE, 812 (i << 4) | IEEE80211_FTYPE_MGMT); 813 stypes >>= 1; 814 i++; 815 } 816 nla_nest_end(msg, nl_ftypes); 817 } 818 nla_nest_end(msg, nl_ifs); 819 } 820 821 return genlmsg_end(msg, hdr); 822 823 nla_put_failure: 824 genlmsg_cancel(msg, hdr); 825 return -EMSGSIZE; 826 } 827 828 static int nl80211_dump_wiphy(struct sk_buff *skb, struct netlink_callback *cb) 829 { 830 int idx = 0; 831 int start = cb->args[0]; 832 struct cfg80211_registered_device *dev; 833 834 mutex_lock(&cfg80211_mutex); 835 list_for_each_entry(dev, &cfg80211_rdev_list, list) { 836 if (!net_eq(wiphy_net(&dev->wiphy), sock_net(skb->sk))) 837 continue; 838 if (++idx <= start) 839 continue; 840 if (nl80211_send_wiphy(skb, NETLINK_CB(cb->skb).pid, 841 cb->nlh->nlmsg_seq, NLM_F_MULTI, 842 dev) < 0) { 843 idx--; 844 break; 845 } 846 } 847 mutex_unlock(&cfg80211_mutex); 848 849 cb->args[0] = idx; 850 851 return skb->len; 852 } 853 854 static int nl80211_get_wiphy(struct sk_buff *skb, struct genl_info *info) 855 { 856 struct sk_buff *msg; 857 struct cfg80211_registered_device *dev = info->user_ptr[0]; 858 859 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 860 if (!msg) 861 return -ENOMEM; 862 863 if (nl80211_send_wiphy(msg, info->snd_pid, info->snd_seq, 0, dev) < 0) { 864 nlmsg_free(msg); 865 return -ENOBUFS; 866 } 867 868 return genlmsg_reply(msg, info); 869 } 870 871 static const struct nla_policy txq_params_policy[NL80211_TXQ_ATTR_MAX + 1] = { 872 [NL80211_TXQ_ATTR_QUEUE] = { .type = NLA_U8 }, 873 [NL80211_TXQ_ATTR_TXOP] = { .type = NLA_U16 }, 874 [NL80211_TXQ_ATTR_CWMIN] = { .type = NLA_U16 }, 875 [NL80211_TXQ_ATTR_CWMAX] = { .type = NLA_U16 }, 876 [NL80211_TXQ_ATTR_AIFS] = { .type = NLA_U8 }, 877 }; 878 879 static int parse_txq_params(struct nlattr *tb[], 880 struct ieee80211_txq_params *txq_params) 881 { 882 if (!tb[NL80211_TXQ_ATTR_QUEUE] || !tb[NL80211_TXQ_ATTR_TXOP] || 883 !tb[NL80211_TXQ_ATTR_CWMIN] || !tb[NL80211_TXQ_ATTR_CWMAX] || 884 !tb[NL80211_TXQ_ATTR_AIFS]) 885 return -EINVAL; 886 887 txq_params->queue = nla_get_u8(tb[NL80211_TXQ_ATTR_QUEUE]); 888 txq_params->txop = nla_get_u16(tb[NL80211_TXQ_ATTR_TXOP]); 889 txq_params->cwmin = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMIN]); 890 txq_params->cwmax = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMAX]); 891 txq_params->aifs = nla_get_u8(tb[NL80211_TXQ_ATTR_AIFS]); 892 893 return 0; 894 } 895 896 static bool nl80211_can_set_dev_channel(struct wireless_dev *wdev) 897 { 898 /* 899 * You can only set the channel explicitly for AP, mesh 900 * and WDS type interfaces; all others have their channel 901 * managed via their respective "establish a connection" 902 * command (connect, join, ...) 903 * 904 * Monitors are special as they are normally slaved to 905 * whatever else is going on, so they behave as though 906 * you tried setting the wiphy channel itself. 907 */ 908 return !wdev || 909 wdev->iftype == NL80211_IFTYPE_AP || 910 wdev->iftype == NL80211_IFTYPE_WDS || 911 wdev->iftype == NL80211_IFTYPE_MESH_POINT || 912 wdev->iftype == NL80211_IFTYPE_MONITOR || 913 wdev->iftype == NL80211_IFTYPE_P2P_GO; 914 } 915 916 static int __nl80211_set_channel(struct cfg80211_registered_device *rdev, 917 struct wireless_dev *wdev, 918 struct genl_info *info) 919 { 920 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 921 u32 freq; 922 int result; 923 924 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ]) 925 return -EINVAL; 926 927 if (!nl80211_can_set_dev_channel(wdev)) 928 return -EOPNOTSUPP; 929 930 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 931 channel_type = nla_get_u32(info->attrs[ 932 NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 933 if (channel_type != NL80211_CHAN_NO_HT && 934 channel_type != NL80211_CHAN_HT20 && 935 channel_type != NL80211_CHAN_HT40PLUS && 936 channel_type != NL80211_CHAN_HT40MINUS) 937 return -EINVAL; 938 } 939 940 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); 941 942 mutex_lock(&rdev->devlist_mtx); 943 if (wdev) { 944 wdev_lock(wdev); 945 result = cfg80211_set_freq(rdev, wdev, freq, channel_type); 946 wdev_unlock(wdev); 947 } else { 948 result = cfg80211_set_freq(rdev, NULL, freq, channel_type); 949 } 950 mutex_unlock(&rdev->devlist_mtx); 951 952 return result; 953 } 954 955 static int nl80211_set_channel(struct sk_buff *skb, struct genl_info *info) 956 { 957 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 958 struct net_device *netdev = info->user_ptr[1]; 959 960 return __nl80211_set_channel(rdev, netdev->ieee80211_ptr, info); 961 } 962 963 static int nl80211_set_wds_peer(struct sk_buff *skb, struct genl_info *info) 964 { 965 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 966 struct net_device *dev = info->user_ptr[1]; 967 struct wireless_dev *wdev = dev->ieee80211_ptr; 968 const u8 *bssid; 969 970 if (!info->attrs[NL80211_ATTR_MAC]) 971 return -EINVAL; 972 973 if (netif_running(dev)) 974 return -EBUSY; 975 976 if (!rdev->ops->set_wds_peer) 977 return -EOPNOTSUPP; 978 979 if (wdev->iftype != NL80211_IFTYPE_WDS) 980 return -EOPNOTSUPP; 981 982 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 983 return rdev->ops->set_wds_peer(wdev->wiphy, dev, bssid); 984 } 985 986 987 static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info) 988 { 989 struct cfg80211_registered_device *rdev; 990 struct net_device *netdev = NULL; 991 struct wireless_dev *wdev; 992 int result = 0, rem_txq_params = 0; 993 struct nlattr *nl_txq_params; 994 u32 changed; 995 u8 retry_short = 0, retry_long = 0; 996 u32 frag_threshold = 0, rts_threshold = 0; 997 u8 coverage_class = 0; 998 999 /* 1000 * Try to find the wiphy and netdev. Normally this 1001 * function shouldn't need the netdev, but this is 1002 * done for backward compatibility -- previously 1003 * setting the channel was done per wiphy, but now 1004 * it is per netdev. Previous userland like hostapd 1005 * also passed a netdev to set_wiphy, so that it is 1006 * possible to let that go to the right netdev! 1007 */ 1008 mutex_lock(&cfg80211_mutex); 1009 1010 if (info->attrs[NL80211_ATTR_IFINDEX]) { 1011 int ifindex = nla_get_u32(info->attrs[NL80211_ATTR_IFINDEX]); 1012 1013 netdev = dev_get_by_index(genl_info_net(info), ifindex); 1014 if (netdev && netdev->ieee80211_ptr) { 1015 rdev = wiphy_to_dev(netdev->ieee80211_ptr->wiphy); 1016 mutex_lock(&rdev->mtx); 1017 } else 1018 netdev = NULL; 1019 } 1020 1021 if (!netdev) { 1022 rdev = __cfg80211_rdev_from_info(info); 1023 if (IS_ERR(rdev)) { 1024 mutex_unlock(&cfg80211_mutex); 1025 return PTR_ERR(rdev); 1026 } 1027 wdev = NULL; 1028 netdev = NULL; 1029 result = 0; 1030 1031 mutex_lock(&rdev->mtx); 1032 } else if (netif_running(netdev) && 1033 nl80211_can_set_dev_channel(netdev->ieee80211_ptr)) 1034 wdev = netdev->ieee80211_ptr; 1035 else 1036 wdev = NULL; 1037 1038 /* 1039 * end workaround code, by now the rdev is available 1040 * and locked, and wdev may or may not be NULL. 1041 */ 1042 1043 if (info->attrs[NL80211_ATTR_WIPHY_NAME]) 1044 result = cfg80211_dev_rename( 1045 rdev, nla_data(info->attrs[NL80211_ATTR_WIPHY_NAME])); 1046 1047 mutex_unlock(&cfg80211_mutex); 1048 1049 if (result) 1050 goto bad_res; 1051 1052 if (info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS]) { 1053 struct ieee80211_txq_params txq_params; 1054 struct nlattr *tb[NL80211_TXQ_ATTR_MAX + 1]; 1055 1056 if (!rdev->ops->set_txq_params) { 1057 result = -EOPNOTSUPP; 1058 goto bad_res; 1059 } 1060 1061 nla_for_each_nested(nl_txq_params, 1062 info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS], 1063 rem_txq_params) { 1064 nla_parse(tb, NL80211_TXQ_ATTR_MAX, 1065 nla_data(nl_txq_params), 1066 nla_len(nl_txq_params), 1067 txq_params_policy); 1068 result = parse_txq_params(tb, &txq_params); 1069 if (result) 1070 goto bad_res; 1071 1072 result = rdev->ops->set_txq_params(&rdev->wiphy, 1073 &txq_params); 1074 if (result) 1075 goto bad_res; 1076 } 1077 } 1078 1079 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { 1080 result = __nl80211_set_channel(rdev, wdev, info); 1081 if (result) 1082 goto bad_res; 1083 } 1084 1085 if (info->attrs[NL80211_ATTR_WIPHY_TX_POWER_SETTING]) { 1086 enum nl80211_tx_power_setting type; 1087 int idx, mbm = 0; 1088 1089 if (!rdev->ops->set_tx_power) { 1090 result = -EOPNOTSUPP; 1091 goto bad_res; 1092 } 1093 1094 idx = NL80211_ATTR_WIPHY_TX_POWER_SETTING; 1095 type = nla_get_u32(info->attrs[idx]); 1096 1097 if (!info->attrs[NL80211_ATTR_WIPHY_TX_POWER_LEVEL] && 1098 (type != NL80211_TX_POWER_AUTOMATIC)) { 1099 result = -EINVAL; 1100 goto bad_res; 1101 } 1102 1103 if (type != NL80211_TX_POWER_AUTOMATIC) { 1104 idx = NL80211_ATTR_WIPHY_TX_POWER_LEVEL; 1105 mbm = nla_get_u32(info->attrs[idx]); 1106 } 1107 1108 result = rdev->ops->set_tx_power(&rdev->wiphy, type, mbm); 1109 if (result) 1110 goto bad_res; 1111 } 1112 1113 if (info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX] && 1114 info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]) { 1115 u32 tx_ant, rx_ant; 1116 if ((!rdev->wiphy.available_antennas_tx && 1117 !rdev->wiphy.available_antennas_rx) || 1118 !rdev->ops->set_antenna) { 1119 result = -EOPNOTSUPP; 1120 goto bad_res; 1121 } 1122 1123 tx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX]); 1124 rx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]); 1125 1126 /* reject antenna configurations which don't match the 1127 * available antenna masks, except for the "all" mask */ 1128 if ((~tx_ant && (tx_ant & ~rdev->wiphy.available_antennas_tx)) || 1129 (~rx_ant && (rx_ant & ~rdev->wiphy.available_antennas_rx))) { 1130 result = -EINVAL; 1131 goto bad_res; 1132 } 1133 1134 tx_ant = tx_ant & rdev->wiphy.available_antennas_tx; 1135 rx_ant = rx_ant & rdev->wiphy.available_antennas_rx; 1136 1137 result = rdev->ops->set_antenna(&rdev->wiphy, tx_ant, rx_ant); 1138 if (result) 1139 goto bad_res; 1140 } 1141 1142 changed = 0; 1143 1144 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]) { 1145 retry_short = nla_get_u8( 1146 info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]); 1147 if (retry_short == 0) { 1148 result = -EINVAL; 1149 goto bad_res; 1150 } 1151 changed |= WIPHY_PARAM_RETRY_SHORT; 1152 } 1153 1154 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]) { 1155 retry_long = nla_get_u8( 1156 info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]); 1157 if (retry_long == 0) { 1158 result = -EINVAL; 1159 goto bad_res; 1160 } 1161 changed |= WIPHY_PARAM_RETRY_LONG; 1162 } 1163 1164 if (info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]) { 1165 frag_threshold = nla_get_u32( 1166 info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]); 1167 if (frag_threshold < 256) { 1168 result = -EINVAL; 1169 goto bad_res; 1170 } 1171 if (frag_threshold != (u32) -1) { 1172 /* 1173 * Fragments (apart from the last one) are required to 1174 * have even length. Make the fragmentation code 1175 * simpler by stripping LSB should someone try to use 1176 * odd threshold value. 1177 */ 1178 frag_threshold &= ~0x1; 1179 } 1180 changed |= WIPHY_PARAM_FRAG_THRESHOLD; 1181 } 1182 1183 if (info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]) { 1184 rts_threshold = nla_get_u32( 1185 info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]); 1186 changed |= WIPHY_PARAM_RTS_THRESHOLD; 1187 } 1188 1189 if (info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]) { 1190 coverage_class = nla_get_u8( 1191 info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]); 1192 changed |= WIPHY_PARAM_COVERAGE_CLASS; 1193 } 1194 1195 if (changed) { 1196 u8 old_retry_short, old_retry_long; 1197 u32 old_frag_threshold, old_rts_threshold; 1198 u8 old_coverage_class; 1199 1200 if (!rdev->ops->set_wiphy_params) { 1201 result = -EOPNOTSUPP; 1202 goto bad_res; 1203 } 1204 1205 old_retry_short = rdev->wiphy.retry_short; 1206 old_retry_long = rdev->wiphy.retry_long; 1207 old_frag_threshold = rdev->wiphy.frag_threshold; 1208 old_rts_threshold = rdev->wiphy.rts_threshold; 1209 old_coverage_class = rdev->wiphy.coverage_class; 1210 1211 if (changed & WIPHY_PARAM_RETRY_SHORT) 1212 rdev->wiphy.retry_short = retry_short; 1213 if (changed & WIPHY_PARAM_RETRY_LONG) 1214 rdev->wiphy.retry_long = retry_long; 1215 if (changed & WIPHY_PARAM_FRAG_THRESHOLD) 1216 rdev->wiphy.frag_threshold = frag_threshold; 1217 if (changed & WIPHY_PARAM_RTS_THRESHOLD) 1218 rdev->wiphy.rts_threshold = rts_threshold; 1219 if (changed & WIPHY_PARAM_COVERAGE_CLASS) 1220 rdev->wiphy.coverage_class = coverage_class; 1221 1222 result = rdev->ops->set_wiphy_params(&rdev->wiphy, changed); 1223 if (result) { 1224 rdev->wiphy.retry_short = old_retry_short; 1225 rdev->wiphy.retry_long = old_retry_long; 1226 rdev->wiphy.frag_threshold = old_frag_threshold; 1227 rdev->wiphy.rts_threshold = old_rts_threshold; 1228 rdev->wiphy.coverage_class = old_coverage_class; 1229 } 1230 } 1231 1232 bad_res: 1233 mutex_unlock(&rdev->mtx); 1234 if (netdev) 1235 dev_put(netdev); 1236 return result; 1237 } 1238 1239 1240 static int nl80211_send_iface(struct sk_buff *msg, u32 pid, u32 seq, int flags, 1241 struct cfg80211_registered_device *rdev, 1242 struct net_device *dev) 1243 { 1244 void *hdr; 1245 1246 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_INTERFACE); 1247 if (!hdr) 1248 return -1; 1249 1250 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 1251 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 1252 NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, dev->name); 1253 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, dev->ieee80211_ptr->iftype); 1254 1255 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, 1256 rdev->devlist_generation ^ 1257 (cfg80211_rdev_list_generation << 2)); 1258 1259 return genlmsg_end(msg, hdr); 1260 1261 nla_put_failure: 1262 genlmsg_cancel(msg, hdr); 1263 return -EMSGSIZE; 1264 } 1265 1266 static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback *cb) 1267 { 1268 int wp_idx = 0; 1269 int if_idx = 0; 1270 int wp_start = cb->args[0]; 1271 int if_start = cb->args[1]; 1272 struct cfg80211_registered_device *rdev; 1273 struct wireless_dev *wdev; 1274 1275 mutex_lock(&cfg80211_mutex); 1276 list_for_each_entry(rdev, &cfg80211_rdev_list, list) { 1277 if (!net_eq(wiphy_net(&rdev->wiphy), sock_net(skb->sk))) 1278 continue; 1279 if (wp_idx < wp_start) { 1280 wp_idx++; 1281 continue; 1282 } 1283 if_idx = 0; 1284 1285 mutex_lock(&rdev->devlist_mtx); 1286 list_for_each_entry(wdev, &rdev->netdev_list, list) { 1287 if (if_idx < if_start) { 1288 if_idx++; 1289 continue; 1290 } 1291 if (nl80211_send_iface(skb, NETLINK_CB(cb->skb).pid, 1292 cb->nlh->nlmsg_seq, NLM_F_MULTI, 1293 rdev, wdev->netdev) < 0) { 1294 mutex_unlock(&rdev->devlist_mtx); 1295 goto out; 1296 } 1297 if_idx++; 1298 } 1299 mutex_unlock(&rdev->devlist_mtx); 1300 1301 wp_idx++; 1302 } 1303 out: 1304 mutex_unlock(&cfg80211_mutex); 1305 1306 cb->args[0] = wp_idx; 1307 cb->args[1] = if_idx; 1308 1309 return skb->len; 1310 } 1311 1312 static int nl80211_get_interface(struct sk_buff *skb, struct genl_info *info) 1313 { 1314 struct sk_buff *msg; 1315 struct cfg80211_registered_device *dev = info->user_ptr[0]; 1316 struct net_device *netdev = info->user_ptr[1]; 1317 1318 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1319 if (!msg) 1320 return -ENOMEM; 1321 1322 if (nl80211_send_iface(msg, info->snd_pid, info->snd_seq, 0, 1323 dev, netdev) < 0) { 1324 nlmsg_free(msg); 1325 return -ENOBUFS; 1326 } 1327 1328 return genlmsg_reply(msg, info); 1329 } 1330 1331 static const struct nla_policy mntr_flags_policy[NL80211_MNTR_FLAG_MAX + 1] = { 1332 [NL80211_MNTR_FLAG_FCSFAIL] = { .type = NLA_FLAG }, 1333 [NL80211_MNTR_FLAG_PLCPFAIL] = { .type = NLA_FLAG }, 1334 [NL80211_MNTR_FLAG_CONTROL] = { .type = NLA_FLAG }, 1335 [NL80211_MNTR_FLAG_OTHER_BSS] = { .type = NLA_FLAG }, 1336 [NL80211_MNTR_FLAG_COOK_FRAMES] = { .type = NLA_FLAG }, 1337 }; 1338 1339 static int parse_monitor_flags(struct nlattr *nla, u32 *mntrflags) 1340 { 1341 struct nlattr *flags[NL80211_MNTR_FLAG_MAX + 1]; 1342 int flag; 1343 1344 *mntrflags = 0; 1345 1346 if (!nla) 1347 return -EINVAL; 1348 1349 if (nla_parse_nested(flags, NL80211_MNTR_FLAG_MAX, 1350 nla, mntr_flags_policy)) 1351 return -EINVAL; 1352 1353 for (flag = 1; flag <= NL80211_MNTR_FLAG_MAX; flag++) 1354 if (flags[flag]) 1355 *mntrflags |= (1<<flag); 1356 1357 return 0; 1358 } 1359 1360 static int nl80211_valid_4addr(struct cfg80211_registered_device *rdev, 1361 struct net_device *netdev, u8 use_4addr, 1362 enum nl80211_iftype iftype) 1363 { 1364 if (!use_4addr) { 1365 if (netdev && (netdev->priv_flags & IFF_BRIDGE_PORT)) 1366 return -EBUSY; 1367 return 0; 1368 } 1369 1370 switch (iftype) { 1371 case NL80211_IFTYPE_AP_VLAN: 1372 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_AP) 1373 return 0; 1374 break; 1375 case NL80211_IFTYPE_STATION: 1376 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_STATION) 1377 return 0; 1378 break; 1379 default: 1380 break; 1381 } 1382 1383 return -EOPNOTSUPP; 1384 } 1385 1386 static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info) 1387 { 1388 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1389 struct vif_params params; 1390 int err; 1391 enum nl80211_iftype otype, ntype; 1392 struct net_device *dev = info->user_ptr[1]; 1393 u32 _flags, *flags = NULL; 1394 bool change = false; 1395 1396 memset(¶ms, 0, sizeof(params)); 1397 1398 otype = ntype = dev->ieee80211_ptr->iftype; 1399 1400 if (info->attrs[NL80211_ATTR_IFTYPE]) { 1401 ntype = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]); 1402 if (otype != ntype) 1403 change = true; 1404 if (ntype > NL80211_IFTYPE_MAX) 1405 return -EINVAL; 1406 } 1407 1408 if (info->attrs[NL80211_ATTR_MESH_ID]) { 1409 struct wireless_dev *wdev = dev->ieee80211_ptr; 1410 1411 if (ntype != NL80211_IFTYPE_MESH_POINT) 1412 return -EINVAL; 1413 if (netif_running(dev)) 1414 return -EBUSY; 1415 1416 wdev_lock(wdev); 1417 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN != 1418 IEEE80211_MAX_MESH_ID_LEN); 1419 wdev->mesh_id_up_len = 1420 nla_len(info->attrs[NL80211_ATTR_MESH_ID]); 1421 memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]), 1422 wdev->mesh_id_up_len); 1423 wdev_unlock(wdev); 1424 } 1425 1426 if (info->attrs[NL80211_ATTR_4ADDR]) { 1427 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]); 1428 change = true; 1429 err = nl80211_valid_4addr(rdev, dev, params.use_4addr, ntype); 1430 if (err) 1431 return err; 1432 } else { 1433 params.use_4addr = -1; 1434 } 1435 1436 if (info->attrs[NL80211_ATTR_MNTR_FLAGS]) { 1437 if (ntype != NL80211_IFTYPE_MONITOR) 1438 return -EINVAL; 1439 err = parse_monitor_flags(info->attrs[NL80211_ATTR_MNTR_FLAGS], 1440 &_flags); 1441 if (err) 1442 return err; 1443 1444 flags = &_flags; 1445 change = true; 1446 } 1447 1448 if (change) 1449 err = cfg80211_change_iface(rdev, dev, ntype, flags, ¶ms); 1450 else 1451 err = 0; 1452 1453 if (!err && params.use_4addr != -1) 1454 dev->ieee80211_ptr->use_4addr = params.use_4addr; 1455 1456 return err; 1457 } 1458 1459 static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info) 1460 { 1461 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1462 struct vif_params params; 1463 struct net_device *dev; 1464 int err; 1465 enum nl80211_iftype type = NL80211_IFTYPE_UNSPECIFIED; 1466 u32 flags; 1467 1468 memset(¶ms, 0, sizeof(params)); 1469 1470 if (!info->attrs[NL80211_ATTR_IFNAME]) 1471 return -EINVAL; 1472 1473 if (info->attrs[NL80211_ATTR_IFTYPE]) { 1474 type = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]); 1475 if (type > NL80211_IFTYPE_MAX) 1476 return -EINVAL; 1477 } 1478 1479 if (!rdev->ops->add_virtual_intf || 1480 !(rdev->wiphy.interface_modes & (1 << type))) 1481 return -EOPNOTSUPP; 1482 1483 if (info->attrs[NL80211_ATTR_4ADDR]) { 1484 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]); 1485 err = nl80211_valid_4addr(rdev, NULL, params.use_4addr, type); 1486 if (err) 1487 return err; 1488 } 1489 1490 err = parse_monitor_flags(type == NL80211_IFTYPE_MONITOR ? 1491 info->attrs[NL80211_ATTR_MNTR_FLAGS] : NULL, 1492 &flags); 1493 dev = rdev->ops->add_virtual_intf(&rdev->wiphy, 1494 nla_data(info->attrs[NL80211_ATTR_IFNAME]), 1495 type, err ? NULL : &flags, ¶ms); 1496 if (IS_ERR(dev)) 1497 return PTR_ERR(dev); 1498 1499 if (type == NL80211_IFTYPE_MESH_POINT && 1500 info->attrs[NL80211_ATTR_MESH_ID]) { 1501 struct wireless_dev *wdev = dev->ieee80211_ptr; 1502 1503 wdev_lock(wdev); 1504 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN != 1505 IEEE80211_MAX_MESH_ID_LEN); 1506 wdev->mesh_id_up_len = 1507 nla_len(info->attrs[NL80211_ATTR_MESH_ID]); 1508 memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]), 1509 wdev->mesh_id_up_len); 1510 wdev_unlock(wdev); 1511 } 1512 1513 return 0; 1514 } 1515 1516 static int nl80211_del_interface(struct sk_buff *skb, struct genl_info *info) 1517 { 1518 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1519 struct net_device *dev = info->user_ptr[1]; 1520 1521 if (!rdev->ops->del_virtual_intf) 1522 return -EOPNOTSUPP; 1523 1524 return rdev->ops->del_virtual_intf(&rdev->wiphy, dev); 1525 } 1526 1527 struct get_key_cookie { 1528 struct sk_buff *msg; 1529 int error; 1530 int idx; 1531 }; 1532 1533 static void get_key_callback(void *c, struct key_params *params) 1534 { 1535 struct nlattr *key; 1536 struct get_key_cookie *cookie = c; 1537 1538 if (params->key) 1539 NLA_PUT(cookie->msg, NL80211_ATTR_KEY_DATA, 1540 params->key_len, params->key); 1541 1542 if (params->seq) 1543 NLA_PUT(cookie->msg, NL80211_ATTR_KEY_SEQ, 1544 params->seq_len, params->seq); 1545 1546 if (params->cipher) 1547 NLA_PUT_U32(cookie->msg, NL80211_ATTR_KEY_CIPHER, 1548 params->cipher); 1549 1550 key = nla_nest_start(cookie->msg, NL80211_ATTR_KEY); 1551 if (!key) 1552 goto nla_put_failure; 1553 1554 if (params->key) 1555 NLA_PUT(cookie->msg, NL80211_KEY_DATA, 1556 params->key_len, params->key); 1557 1558 if (params->seq) 1559 NLA_PUT(cookie->msg, NL80211_KEY_SEQ, 1560 params->seq_len, params->seq); 1561 1562 if (params->cipher) 1563 NLA_PUT_U32(cookie->msg, NL80211_KEY_CIPHER, 1564 params->cipher); 1565 1566 NLA_PUT_U8(cookie->msg, NL80211_ATTR_KEY_IDX, cookie->idx); 1567 1568 nla_nest_end(cookie->msg, key); 1569 1570 return; 1571 nla_put_failure: 1572 cookie->error = 1; 1573 } 1574 1575 static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info) 1576 { 1577 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1578 int err; 1579 struct net_device *dev = info->user_ptr[1]; 1580 u8 key_idx = 0; 1581 const u8 *mac_addr = NULL; 1582 bool pairwise; 1583 struct get_key_cookie cookie = { 1584 .error = 0, 1585 }; 1586 void *hdr; 1587 struct sk_buff *msg; 1588 1589 if (info->attrs[NL80211_ATTR_KEY_IDX]) 1590 key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]); 1591 1592 if (key_idx > 5) 1593 return -EINVAL; 1594 1595 if (info->attrs[NL80211_ATTR_MAC]) 1596 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1597 1598 pairwise = !!mac_addr; 1599 if (info->attrs[NL80211_ATTR_KEY_TYPE]) { 1600 u32 kt = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]); 1601 if (kt >= NUM_NL80211_KEYTYPES) 1602 return -EINVAL; 1603 if (kt != NL80211_KEYTYPE_GROUP && 1604 kt != NL80211_KEYTYPE_PAIRWISE) 1605 return -EINVAL; 1606 pairwise = kt == NL80211_KEYTYPE_PAIRWISE; 1607 } 1608 1609 if (!rdev->ops->get_key) 1610 return -EOPNOTSUPP; 1611 1612 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1613 if (!msg) 1614 return -ENOMEM; 1615 1616 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 1617 NL80211_CMD_NEW_KEY); 1618 if (IS_ERR(hdr)) 1619 return PTR_ERR(hdr); 1620 1621 cookie.msg = msg; 1622 cookie.idx = key_idx; 1623 1624 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 1625 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx); 1626 if (mac_addr) 1627 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr); 1628 1629 if (pairwise && mac_addr && 1630 !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN)) 1631 return -ENOENT; 1632 1633 err = rdev->ops->get_key(&rdev->wiphy, dev, key_idx, pairwise, 1634 mac_addr, &cookie, get_key_callback); 1635 1636 if (err) 1637 goto free_msg; 1638 1639 if (cookie.error) 1640 goto nla_put_failure; 1641 1642 genlmsg_end(msg, hdr); 1643 return genlmsg_reply(msg, info); 1644 1645 nla_put_failure: 1646 err = -ENOBUFS; 1647 free_msg: 1648 nlmsg_free(msg); 1649 return err; 1650 } 1651 1652 static int nl80211_set_key(struct sk_buff *skb, struct genl_info *info) 1653 { 1654 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1655 struct key_parse key; 1656 int err; 1657 struct net_device *dev = info->user_ptr[1]; 1658 1659 err = nl80211_parse_key(info, &key); 1660 if (err) 1661 return err; 1662 1663 if (key.idx < 0) 1664 return -EINVAL; 1665 1666 /* only support setting default key */ 1667 if (!key.def && !key.defmgmt) 1668 return -EINVAL; 1669 1670 wdev_lock(dev->ieee80211_ptr); 1671 1672 if (key.def) { 1673 if (!rdev->ops->set_default_key) { 1674 err = -EOPNOTSUPP; 1675 goto out; 1676 } 1677 1678 err = nl80211_key_allowed(dev->ieee80211_ptr); 1679 if (err) 1680 goto out; 1681 1682 if (!(rdev->wiphy.flags & 1683 WIPHY_FLAG_SUPPORTS_SEPARATE_DEFAULT_KEYS)) { 1684 if (!key.def_uni || !key.def_multi) { 1685 err = -EOPNOTSUPP; 1686 goto out; 1687 } 1688 } 1689 1690 err = rdev->ops->set_default_key(&rdev->wiphy, dev, key.idx, 1691 key.def_uni, key.def_multi); 1692 1693 if (err) 1694 goto out; 1695 1696 #ifdef CONFIG_CFG80211_WEXT 1697 dev->ieee80211_ptr->wext.default_key = key.idx; 1698 #endif 1699 } else { 1700 if (key.def_uni || !key.def_multi) { 1701 err = -EINVAL; 1702 goto out; 1703 } 1704 1705 if (!rdev->ops->set_default_mgmt_key) { 1706 err = -EOPNOTSUPP; 1707 goto out; 1708 } 1709 1710 err = nl80211_key_allowed(dev->ieee80211_ptr); 1711 if (err) 1712 goto out; 1713 1714 err = rdev->ops->set_default_mgmt_key(&rdev->wiphy, 1715 dev, key.idx); 1716 if (err) 1717 goto out; 1718 1719 #ifdef CONFIG_CFG80211_WEXT 1720 dev->ieee80211_ptr->wext.default_mgmt_key = key.idx; 1721 #endif 1722 } 1723 1724 out: 1725 wdev_unlock(dev->ieee80211_ptr); 1726 1727 return err; 1728 } 1729 1730 static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info) 1731 { 1732 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1733 int err; 1734 struct net_device *dev = info->user_ptr[1]; 1735 struct key_parse key; 1736 const u8 *mac_addr = NULL; 1737 1738 err = nl80211_parse_key(info, &key); 1739 if (err) 1740 return err; 1741 1742 if (!key.p.key) 1743 return -EINVAL; 1744 1745 if (info->attrs[NL80211_ATTR_MAC]) 1746 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1747 1748 if (key.type == -1) { 1749 if (mac_addr) 1750 key.type = NL80211_KEYTYPE_PAIRWISE; 1751 else 1752 key.type = NL80211_KEYTYPE_GROUP; 1753 } 1754 1755 /* for now */ 1756 if (key.type != NL80211_KEYTYPE_PAIRWISE && 1757 key.type != NL80211_KEYTYPE_GROUP) 1758 return -EINVAL; 1759 1760 if (!rdev->ops->add_key) 1761 return -EOPNOTSUPP; 1762 1763 if (cfg80211_validate_key_settings(rdev, &key.p, key.idx, 1764 key.type == NL80211_KEYTYPE_PAIRWISE, 1765 mac_addr)) 1766 return -EINVAL; 1767 1768 wdev_lock(dev->ieee80211_ptr); 1769 err = nl80211_key_allowed(dev->ieee80211_ptr); 1770 if (!err) 1771 err = rdev->ops->add_key(&rdev->wiphy, dev, key.idx, 1772 key.type == NL80211_KEYTYPE_PAIRWISE, 1773 mac_addr, &key.p); 1774 wdev_unlock(dev->ieee80211_ptr); 1775 1776 return err; 1777 } 1778 1779 static int nl80211_del_key(struct sk_buff *skb, struct genl_info *info) 1780 { 1781 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1782 int err; 1783 struct net_device *dev = info->user_ptr[1]; 1784 u8 *mac_addr = NULL; 1785 struct key_parse key; 1786 1787 err = nl80211_parse_key(info, &key); 1788 if (err) 1789 return err; 1790 1791 if (info->attrs[NL80211_ATTR_MAC]) 1792 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1793 1794 if (key.type == -1) { 1795 if (mac_addr) 1796 key.type = NL80211_KEYTYPE_PAIRWISE; 1797 else 1798 key.type = NL80211_KEYTYPE_GROUP; 1799 } 1800 1801 /* for now */ 1802 if (key.type != NL80211_KEYTYPE_PAIRWISE && 1803 key.type != NL80211_KEYTYPE_GROUP) 1804 return -EINVAL; 1805 1806 if (!rdev->ops->del_key) 1807 return -EOPNOTSUPP; 1808 1809 wdev_lock(dev->ieee80211_ptr); 1810 err = nl80211_key_allowed(dev->ieee80211_ptr); 1811 1812 if (key.type == NL80211_KEYTYPE_PAIRWISE && mac_addr && 1813 !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN)) 1814 err = -ENOENT; 1815 1816 if (!err) 1817 err = rdev->ops->del_key(&rdev->wiphy, dev, key.idx, 1818 key.type == NL80211_KEYTYPE_PAIRWISE, 1819 mac_addr); 1820 1821 #ifdef CONFIG_CFG80211_WEXT 1822 if (!err) { 1823 if (key.idx == dev->ieee80211_ptr->wext.default_key) 1824 dev->ieee80211_ptr->wext.default_key = -1; 1825 else if (key.idx == dev->ieee80211_ptr->wext.default_mgmt_key) 1826 dev->ieee80211_ptr->wext.default_mgmt_key = -1; 1827 } 1828 #endif 1829 wdev_unlock(dev->ieee80211_ptr); 1830 1831 return err; 1832 } 1833 1834 static int nl80211_addset_beacon(struct sk_buff *skb, struct genl_info *info) 1835 { 1836 int (*call)(struct wiphy *wiphy, struct net_device *dev, 1837 struct beacon_parameters *info); 1838 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1839 struct net_device *dev = info->user_ptr[1]; 1840 struct beacon_parameters params; 1841 int haveinfo = 0; 1842 1843 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_BEACON_TAIL])) 1844 return -EINVAL; 1845 1846 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 1847 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 1848 return -EOPNOTSUPP; 1849 1850 switch (info->genlhdr->cmd) { 1851 case NL80211_CMD_NEW_BEACON: 1852 /* these are required for NEW_BEACON */ 1853 if (!info->attrs[NL80211_ATTR_BEACON_INTERVAL] || 1854 !info->attrs[NL80211_ATTR_DTIM_PERIOD] || 1855 !info->attrs[NL80211_ATTR_BEACON_HEAD]) 1856 return -EINVAL; 1857 1858 call = rdev->ops->add_beacon; 1859 break; 1860 case NL80211_CMD_SET_BEACON: 1861 call = rdev->ops->set_beacon; 1862 break; 1863 default: 1864 WARN_ON(1); 1865 return -EOPNOTSUPP; 1866 } 1867 1868 if (!call) 1869 return -EOPNOTSUPP; 1870 1871 memset(¶ms, 0, sizeof(params)); 1872 1873 if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) { 1874 params.interval = 1875 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]); 1876 haveinfo = 1; 1877 } 1878 1879 if (info->attrs[NL80211_ATTR_DTIM_PERIOD]) { 1880 params.dtim_period = 1881 nla_get_u32(info->attrs[NL80211_ATTR_DTIM_PERIOD]); 1882 haveinfo = 1; 1883 } 1884 1885 if (info->attrs[NL80211_ATTR_BEACON_HEAD]) { 1886 params.head = nla_data(info->attrs[NL80211_ATTR_BEACON_HEAD]); 1887 params.head_len = 1888 nla_len(info->attrs[NL80211_ATTR_BEACON_HEAD]); 1889 haveinfo = 1; 1890 } 1891 1892 if (info->attrs[NL80211_ATTR_BEACON_TAIL]) { 1893 params.tail = nla_data(info->attrs[NL80211_ATTR_BEACON_TAIL]); 1894 params.tail_len = 1895 nla_len(info->attrs[NL80211_ATTR_BEACON_TAIL]); 1896 haveinfo = 1; 1897 } 1898 1899 if (!haveinfo) 1900 return -EINVAL; 1901 1902 return call(&rdev->wiphy, dev, ¶ms); 1903 } 1904 1905 static int nl80211_del_beacon(struct sk_buff *skb, struct genl_info *info) 1906 { 1907 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1908 struct net_device *dev = info->user_ptr[1]; 1909 1910 if (!rdev->ops->del_beacon) 1911 return -EOPNOTSUPP; 1912 1913 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 1914 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 1915 return -EOPNOTSUPP; 1916 1917 return rdev->ops->del_beacon(&rdev->wiphy, dev); 1918 } 1919 1920 static const struct nla_policy sta_flags_policy[NL80211_STA_FLAG_MAX + 1] = { 1921 [NL80211_STA_FLAG_AUTHORIZED] = { .type = NLA_FLAG }, 1922 [NL80211_STA_FLAG_SHORT_PREAMBLE] = { .type = NLA_FLAG }, 1923 [NL80211_STA_FLAG_WME] = { .type = NLA_FLAG }, 1924 [NL80211_STA_FLAG_MFP] = { .type = NLA_FLAG }, 1925 }; 1926 1927 static int parse_station_flags(struct genl_info *info, 1928 struct station_parameters *params) 1929 { 1930 struct nlattr *flags[NL80211_STA_FLAG_MAX + 1]; 1931 struct nlattr *nla; 1932 int flag; 1933 1934 /* 1935 * Try parsing the new attribute first so userspace 1936 * can specify both for older kernels. 1937 */ 1938 nla = info->attrs[NL80211_ATTR_STA_FLAGS2]; 1939 if (nla) { 1940 struct nl80211_sta_flag_update *sta_flags; 1941 1942 sta_flags = nla_data(nla); 1943 params->sta_flags_mask = sta_flags->mask; 1944 params->sta_flags_set = sta_flags->set; 1945 if ((params->sta_flags_mask | 1946 params->sta_flags_set) & BIT(__NL80211_STA_FLAG_INVALID)) 1947 return -EINVAL; 1948 return 0; 1949 } 1950 1951 /* if present, parse the old attribute */ 1952 1953 nla = info->attrs[NL80211_ATTR_STA_FLAGS]; 1954 if (!nla) 1955 return 0; 1956 1957 if (nla_parse_nested(flags, NL80211_STA_FLAG_MAX, 1958 nla, sta_flags_policy)) 1959 return -EINVAL; 1960 1961 params->sta_flags_mask = (1 << __NL80211_STA_FLAG_AFTER_LAST) - 1; 1962 params->sta_flags_mask &= ~1; 1963 1964 for (flag = 1; flag <= NL80211_STA_FLAG_MAX; flag++) 1965 if (flags[flag]) 1966 params->sta_flags_set |= (1<<flag); 1967 1968 return 0; 1969 } 1970 1971 static bool nl80211_put_sta_rate(struct sk_buff *msg, struct rate_info *info, 1972 int attr) 1973 { 1974 struct nlattr *rate; 1975 u16 bitrate; 1976 1977 rate = nla_nest_start(msg, attr); 1978 if (!rate) 1979 goto nla_put_failure; 1980 1981 /* cfg80211_calculate_bitrate will return 0 for mcs >= 32 */ 1982 bitrate = cfg80211_calculate_bitrate(info); 1983 if (bitrate > 0) 1984 NLA_PUT_U16(msg, NL80211_RATE_INFO_BITRATE, bitrate); 1985 1986 if (info->flags & RATE_INFO_FLAGS_MCS) 1987 NLA_PUT_U8(msg, NL80211_RATE_INFO_MCS, info->mcs); 1988 if (info->flags & RATE_INFO_FLAGS_40_MHZ_WIDTH) 1989 NLA_PUT_FLAG(msg, NL80211_RATE_INFO_40_MHZ_WIDTH); 1990 if (info->flags & RATE_INFO_FLAGS_SHORT_GI) 1991 NLA_PUT_FLAG(msg, NL80211_RATE_INFO_SHORT_GI); 1992 1993 nla_nest_end(msg, rate); 1994 return true; 1995 1996 nla_put_failure: 1997 return false; 1998 } 1999 2000 static int nl80211_send_station(struct sk_buff *msg, u32 pid, u32 seq, 2001 int flags, struct net_device *dev, 2002 const u8 *mac_addr, struct station_info *sinfo) 2003 { 2004 void *hdr; 2005 struct nlattr *sinfoattr; 2006 2007 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION); 2008 if (!hdr) 2009 return -1; 2010 2011 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 2012 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr); 2013 2014 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, sinfo->generation); 2015 2016 sinfoattr = nla_nest_start(msg, NL80211_ATTR_STA_INFO); 2017 if (!sinfoattr) 2018 goto nla_put_failure; 2019 if (sinfo->filled & STATION_INFO_INACTIVE_TIME) 2020 NLA_PUT_U32(msg, NL80211_STA_INFO_INACTIVE_TIME, 2021 sinfo->inactive_time); 2022 if (sinfo->filled & STATION_INFO_RX_BYTES) 2023 NLA_PUT_U32(msg, NL80211_STA_INFO_RX_BYTES, 2024 sinfo->rx_bytes); 2025 if (sinfo->filled & STATION_INFO_TX_BYTES) 2026 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_BYTES, 2027 sinfo->tx_bytes); 2028 if (sinfo->filled & STATION_INFO_LLID) 2029 NLA_PUT_U16(msg, NL80211_STA_INFO_LLID, 2030 sinfo->llid); 2031 if (sinfo->filled & STATION_INFO_PLID) 2032 NLA_PUT_U16(msg, NL80211_STA_INFO_PLID, 2033 sinfo->plid); 2034 if (sinfo->filled & STATION_INFO_PLINK_STATE) 2035 NLA_PUT_U8(msg, NL80211_STA_INFO_PLINK_STATE, 2036 sinfo->plink_state); 2037 if (sinfo->filled & STATION_INFO_SIGNAL) 2038 NLA_PUT_U8(msg, NL80211_STA_INFO_SIGNAL, 2039 sinfo->signal); 2040 if (sinfo->filled & STATION_INFO_SIGNAL_AVG) 2041 NLA_PUT_U8(msg, NL80211_STA_INFO_SIGNAL_AVG, 2042 sinfo->signal_avg); 2043 if (sinfo->filled & STATION_INFO_TX_BITRATE) { 2044 if (!nl80211_put_sta_rate(msg, &sinfo->txrate, 2045 NL80211_STA_INFO_TX_BITRATE)) 2046 goto nla_put_failure; 2047 } 2048 if (sinfo->filled & STATION_INFO_RX_BITRATE) { 2049 if (!nl80211_put_sta_rate(msg, &sinfo->rxrate, 2050 NL80211_STA_INFO_RX_BITRATE)) 2051 goto nla_put_failure; 2052 } 2053 if (sinfo->filled & STATION_INFO_RX_PACKETS) 2054 NLA_PUT_U32(msg, NL80211_STA_INFO_RX_PACKETS, 2055 sinfo->rx_packets); 2056 if (sinfo->filled & STATION_INFO_TX_PACKETS) 2057 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_PACKETS, 2058 sinfo->tx_packets); 2059 if (sinfo->filled & STATION_INFO_TX_RETRIES) 2060 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_RETRIES, 2061 sinfo->tx_retries); 2062 if (sinfo->filled & STATION_INFO_TX_FAILED) 2063 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_FAILED, 2064 sinfo->tx_failed); 2065 nla_nest_end(msg, sinfoattr); 2066 2067 return genlmsg_end(msg, hdr); 2068 2069 nla_put_failure: 2070 genlmsg_cancel(msg, hdr); 2071 return -EMSGSIZE; 2072 } 2073 2074 static int nl80211_dump_station(struct sk_buff *skb, 2075 struct netlink_callback *cb) 2076 { 2077 struct station_info sinfo; 2078 struct cfg80211_registered_device *dev; 2079 struct net_device *netdev; 2080 u8 mac_addr[ETH_ALEN]; 2081 int sta_idx = cb->args[1]; 2082 int err; 2083 2084 err = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev); 2085 if (err) 2086 return err; 2087 2088 if (!dev->ops->dump_station) { 2089 err = -EOPNOTSUPP; 2090 goto out_err; 2091 } 2092 2093 while (1) { 2094 err = dev->ops->dump_station(&dev->wiphy, netdev, sta_idx, 2095 mac_addr, &sinfo); 2096 if (err == -ENOENT) 2097 break; 2098 if (err) 2099 goto out_err; 2100 2101 if (nl80211_send_station(skb, 2102 NETLINK_CB(cb->skb).pid, 2103 cb->nlh->nlmsg_seq, NLM_F_MULTI, 2104 netdev, mac_addr, 2105 &sinfo) < 0) 2106 goto out; 2107 2108 sta_idx++; 2109 } 2110 2111 2112 out: 2113 cb->args[1] = sta_idx; 2114 err = skb->len; 2115 out_err: 2116 nl80211_finish_netdev_dump(dev); 2117 2118 return err; 2119 } 2120 2121 static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info) 2122 { 2123 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2124 struct net_device *dev = info->user_ptr[1]; 2125 struct station_info sinfo; 2126 struct sk_buff *msg; 2127 u8 *mac_addr = NULL; 2128 int err; 2129 2130 memset(&sinfo, 0, sizeof(sinfo)); 2131 2132 if (!info->attrs[NL80211_ATTR_MAC]) 2133 return -EINVAL; 2134 2135 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2136 2137 if (!rdev->ops->get_station) 2138 return -EOPNOTSUPP; 2139 2140 err = rdev->ops->get_station(&rdev->wiphy, dev, mac_addr, &sinfo); 2141 if (err) 2142 return err; 2143 2144 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 2145 if (!msg) 2146 return -ENOMEM; 2147 2148 if (nl80211_send_station(msg, info->snd_pid, info->snd_seq, 0, 2149 dev, mac_addr, &sinfo) < 0) { 2150 nlmsg_free(msg); 2151 return -ENOBUFS; 2152 } 2153 2154 return genlmsg_reply(msg, info); 2155 } 2156 2157 /* 2158 * Get vlan interface making sure it is running and on the right wiphy. 2159 */ 2160 static int get_vlan(struct genl_info *info, 2161 struct cfg80211_registered_device *rdev, 2162 struct net_device **vlan) 2163 { 2164 struct nlattr *vlanattr = info->attrs[NL80211_ATTR_STA_VLAN]; 2165 *vlan = NULL; 2166 2167 if (vlanattr) { 2168 *vlan = dev_get_by_index(genl_info_net(info), 2169 nla_get_u32(vlanattr)); 2170 if (!*vlan) 2171 return -ENODEV; 2172 if (!(*vlan)->ieee80211_ptr) 2173 return -EINVAL; 2174 if ((*vlan)->ieee80211_ptr->wiphy != &rdev->wiphy) 2175 return -EINVAL; 2176 if (!netif_running(*vlan)) 2177 return -ENETDOWN; 2178 } 2179 return 0; 2180 } 2181 2182 static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info) 2183 { 2184 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2185 int err; 2186 struct net_device *dev = info->user_ptr[1]; 2187 struct station_parameters params; 2188 u8 *mac_addr = NULL; 2189 2190 memset(¶ms, 0, sizeof(params)); 2191 2192 params.listen_interval = -1; 2193 2194 if (info->attrs[NL80211_ATTR_STA_AID]) 2195 return -EINVAL; 2196 2197 if (!info->attrs[NL80211_ATTR_MAC]) 2198 return -EINVAL; 2199 2200 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2201 2202 if (info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) { 2203 params.supported_rates = 2204 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2205 params.supported_rates_len = 2206 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2207 } 2208 2209 if (info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]) 2210 params.listen_interval = 2211 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]); 2212 2213 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) 2214 params.ht_capa = 2215 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]); 2216 2217 if (parse_station_flags(info, ¶ms)) 2218 return -EINVAL; 2219 2220 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION]) 2221 params.plink_action = 2222 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]); 2223 2224 err = get_vlan(info, rdev, ¶ms.vlan); 2225 if (err) 2226 goto out; 2227 2228 /* validate settings */ 2229 err = 0; 2230 2231 switch (dev->ieee80211_ptr->iftype) { 2232 case NL80211_IFTYPE_AP: 2233 case NL80211_IFTYPE_AP_VLAN: 2234 case NL80211_IFTYPE_P2P_GO: 2235 /* disallow mesh-specific things */ 2236 if (params.plink_action) 2237 err = -EINVAL; 2238 break; 2239 case NL80211_IFTYPE_P2P_CLIENT: 2240 case NL80211_IFTYPE_STATION: 2241 /* disallow everything but AUTHORIZED flag */ 2242 if (params.plink_action) 2243 err = -EINVAL; 2244 if (params.vlan) 2245 err = -EINVAL; 2246 if (params.supported_rates) 2247 err = -EINVAL; 2248 if (params.ht_capa) 2249 err = -EINVAL; 2250 if (params.listen_interval >= 0) 2251 err = -EINVAL; 2252 if (params.sta_flags_mask & ~BIT(NL80211_STA_FLAG_AUTHORIZED)) 2253 err = -EINVAL; 2254 break; 2255 case NL80211_IFTYPE_MESH_POINT: 2256 /* disallow things mesh doesn't support */ 2257 if (params.vlan) 2258 err = -EINVAL; 2259 if (params.ht_capa) 2260 err = -EINVAL; 2261 if (params.listen_interval >= 0) 2262 err = -EINVAL; 2263 if (params.supported_rates) 2264 err = -EINVAL; 2265 if (params.sta_flags_mask) 2266 err = -EINVAL; 2267 break; 2268 default: 2269 err = -EINVAL; 2270 } 2271 2272 if (err) 2273 goto out; 2274 2275 if (!rdev->ops->change_station) { 2276 err = -EOPNOTSUPP; 2277 goto out; 2278 } 2279 2280 err = rdev->ops->change_station(&rdev->wiphy, dev, mac_addr, ¶ms); 2281 2282 out: 2283 if (params.vlan) 2284 dev_put(params.vlan); 2285 2286 return err; 2287 } 2288 2289 static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info) 2290 { 2291 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2292 int err; 2293 struct net_device *dev = info->user_ptr[1]; 2294 struct station_parameters params; 2295 u8 *mac_addr = NULL; 2296 2297 memset(¶ms, 0, sizeof(params)); 2298 2299 if (!info->attrs[NL80211_ATTR_MAC]) 2300 return -EINVAL; 2301 2302 if (!info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]) 2303 return -EINVAL; 2304 2305 if (!info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) 2306 return -EINVAL; 2307 2308 if (!info->attrs[NL80211_ATTR_STA_AID]) 2309 return -EINVAL; 2310 2311 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2312 params.supported_rates = 2313 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2314 params.supported_rates_len = 2315 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2316 params.listen_interval = 2317 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]); 2318 2319 params.aid = nla_get_u16(info->attrs[NL80211_ATTR_STA_AID]); 2320 if (!params.aid || params.aid > IEEE80211_MAX_AID) 2321 return -EINVAL; 2322 2323 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) 2324 params.ht_capa = 2325 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]); 2326 2327 if (parse_station_flags(info, ¶ms)) 2328 return -EINVAL; 2329 2330 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2331 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 2332 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 2333 return -EINVAL; 2334 2335 err = get_vlan(info, rdev, ¶ms.vlan); 2336 if (err) 2337 goto out; 2338 2339 /* validate settings */ 2340 err = 0; 2341 2342 if (!rdev->ops->add_station) { 2343 err = -EOPNOTSUPP; 2344 goto out; 2345 } 2346 2347 err = rdev->ops->add_station(&rdev->wiphy, dev, mac_addr, ¶ms); 2348 2349 out: 2350 if (params.vlan) 2351 dev_put(params.vlan); 2352 return err; 2353 } 2354 2355 static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info) 2356 { 2357 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2358 struct net_device *dev = info->user_ptr[1]; 2359 u8 *mac_addr = NULL; 2360 2361 if (info->attrs[NL80211_ATTR_MAC]) 2362 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2363 2364 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2365 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 2366 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT && 2367 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 2368 return -EINVAL; 2369 2370 if (!rdev->ops->del_station) 2371 return -EOPNOTSUPP; 2372 2373 return rdev->ops->del_station(&rdev->wiphy, dev, mac_addr); 2374 } 2375 2376 static int nl80211_send_mpath(struct sk_buff *msg, u32 pid, u32 seq, 2377 int flags, struct net_device *dev, 2378 u8 *dst, u8 *next_hop, 2379 struct mpath_info *pinfo) 2380 { 2381 void *hdr; 2382 struct nlattr *pinfoattr; 2383 2384 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION); 2385 if (!hdr) 2386 return -1; 2387 2388 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 2389 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, dst); 2390 NLA_PUT(msg, NL80211_ATTR_MPATH_NEXT_HOP, ETH_ALEN, next_hop); 2391 2392 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, pinfo->generation); 2393 2394 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MPATH_INFO); 2395 if (!pinfoattr) 2396 goto nla_put_failure; 2397 if (pinfo->filled & MPATH_INFO_FRAME_QLEN) 2398 NLA_PUT_U32(msg, NL80211_MPATH_INFO_FRAME_QLEN, 2399 pinfo->frame_qlen); 2400 if (pinfo->filled & MPATH_INFO_SN) 2401 NLA_PUT_U32(msg, NL80211_MPATH_INFO_SN, 2402 pinfo->sn); 2403 if (pinfo->filled & MPATH_INFO_METRIC) 2404 NLA_PUT_U32(msg, NL80211_MPATH_INFO_METRIC, 2405 pinfo->metric); 2406 if (pinfo->filled & MPATH_INFO_EXPTIME) 2407 NLA_PUT_U32(msg, NL80211_MPATH_INFO_EXPTIME, 2408 pinfo->exptime); 2409 if (pinfo->filled & MPATH_INFO_FLAGS) 2410 NLA_PUT_U8(msg, NL80211_MPATH_INFO_FLAGS, 2411 pinfo->flags); 2412 if (pinfo->filled & MPATH_INFO_DISCOVERY_TIMEOUT) 2413 NLA_PUT_U32(msg, NL80211_MPATH_INFO_DISCOVERY_TIMEOUT, 2414 pinfo->discovery_timeout); 2415 if (pinfo->filled & MPATH_INFO_DISCOVERY_RETRIES) 2416 NLA_PUT_U8(msg, NL80211_MPATH_INFO_DISCOVERY_RETRIES, 2417 pinfo->discovery_retries); 2418 2419 nla_nest_end(msg, pinfoattr); 2420 2421 return genlmsg_end(msg, hdr); 2422 2423 nla_put_failure: 2424 genlmsg_cancel(msg, hdr); 2425 return -EMSGSIZE; 2426 } 2427 2428 static int nl80211_dump_mpath(struct sk_buff *skb, 2429 struct netlink_callback *cb) 2430 { 2431 struct mpath_info pinfo; 2432 struct cfg80211_registered_device *dev; 2433 struct net_device *netdev; 2434 u8 dst[ETH_ALEN]; 2435 u8 next_hop[ETH_ALEN]; 2436 int path_idx = cb->args[1]; 2437 int err; 2438 2439 err = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev); 2440 if (err) 2441 return err; 2442 2443 if (!dev->ops->dump_mpath) { 2444 err = -EOPNOTSUPP; 2445 goto out_err; 2446 } 2447 2448 if (netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) { 2449 err = -EOPNOTSUPP; 2450 goto out_err; 2451 } 2452 2453 while (1) { 2454 err = dev->ops->dump_mpath(&dev->wiphy, netdev, path_idx, 2455 dst, next_hop, &pinfo); 2456 if (err == -ENOENT) 2457 break; 2458 if (err) 2459 goto out_err; 2460 2461 if (nl80211_send_mpath(skb, NETLINK_CB(cb->skb).pid, 2462 cb->nlh->nlmsg_seq, NLM_F_MULTI, 2463 netdev, dst, next_hop, 2464 &pinfo) < 0) 2465 goto out; 2466 2467 path_idx++; 2468 } 2469 2470 2471 out: 2472 cb->args[1] = path_idx; 2473 err = skb->len; 2474 out_err: 2475 nl80211_finish_netdev_dump(dev); 2476 return err; 2477 } 2478 2479 static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info) 2480 { 2481 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2482 int err; 2483 struct net_device *dev = info->user_ptr[1]; 2484 struct mpath_info pinfo; 2485 struct sk_buff *msg; 2486 u8 *dst = NULL; 2487 u8 next_hop[ETH_ALEN]; 2488 2489 memset(&pinfo, 0, sizeof(pinfo)); 2490 2491 if (!info->attrs[NL80211_ATTR_MAC]) 2492 return -EINVAL; 2493 2494 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 2495 2496 if (!rdev->ops->get_mpath) 2497 return -EOPNOTSUPP; 2498 2499 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) 2500 return -EOPNOTSUPP; 2501 2502 err = rdev->ops->get_mpath(&rdev->wiphy, dev, dst, next_hop, &pinfo); 2503 if (err) 2504 return err; 2505 2506 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 2507 if (!msg) 2508 return -ENOMEM; 2509 2510 if (nl80211_send_mpath(msg, info->snd_pid, info->snd_seq, 0, 2511 dev, dst, next_hop, &pinfo) < 0) { 2512 nlmsg_free(msg); 2513 return -ENOBUFS; 2514 } 2515 2516 return genlmsg_reply(msg, info); 2517 } 2518 2519 static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info) 2520 { 2521 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2522 struct net_device *dev = info->user_ptr[1]; 2523 u8 *dst = NULL; 2524 u8 *next_hop = NULL; 2525 2526 if (!info->attrs[NL80211_ATTR_MAC]) 2527 return -EINVAL; 2528 2529 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]) 2530 return -EINVAL; 2531 2532 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 2533 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]); 2534 2535 if (!rdev->ops->change_mpath) 2536 return -EOPNOTSUPP; 2537 2538 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) 2539 return -EOPNOTSUPP; 2540 2541 return rdev->ops->change_mpath(&rdev->wiphy, dev, dst, next_hop); 2542 } 2543 2544 static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info) 2545 { 2546 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2547 struct net_device *dev = info->user_ptr[1]; 2548 u8 *dst = NULL; 2549 u8 *next_hop = NULL; 2550 2551 if (!info->attrs[NL80211_ATTR_MAC]) 2552 return -EINVAL; 2553 2554 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]) 2555 return -EINVAL; 2556 2557 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 2558 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]); 2559 2560 if (!rdev->ops->add_mpath) 2561 return -EOPNOTSUPP; 2562 2563 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) 2564 return -EOPNOTSUPP; 2565 2566 return rdev->ops->add_mpath(&rdev->wiphy, dev, dst, next_hop); 2567 } 2568 2569 static int nl80211_del_mpath(struct sk_buff *skb, struct genl_info *info) 2570 { 2571 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2572 struct net_device *dev = info->user_ptr[1]; 2573 u8 *dst = NULL; 2574 2575 if (info->attrs[NL80211_ATTR_MAC]) 2576 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 2577 2578 if (!rdev->ops->del_mpath) 2579 return -EOPNOTSUPP; 2580 2581 return rdev->ops->del_mpath(&rdev->wiphy, dev, dst); 2582 } 2583 2584 static int nl80211_set_bss(struct sk_buff *skb, struct genl_info *info) 2585 { 2586 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2587 struct net_device *dev = info->user_ptr[1]; 2588 struct bss_parameters params; 2589 2590 memset(¶ms, 0, sizeof(params)); 2591 /* default to not changing parameters */ 2592 params.use_cts_prot = -1; 2593 params.use_short_preamble = -1; 2594 params.use_short_slot_time = -1; 2595 params.ap_isolate = -1; 2596 params.ht_opmode = -1; 2597 2598 if (info->attrs[NL80211_ATTR_BSS_CTS_PROT]) 2599 params.use_cts_prot = 2600 nla_get_u8(info->attrs[NL80211_ATTR_BSS_CTS_PROT]); 2601 if (info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]) 2602 params.use_short_preamble = 2603 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]); 2604 if (info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]) 2605 params.use_short_slot_time = 2606 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]); 2607 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) { 2608 params.basic_rates = 2609 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 2610 params.basic_rates_len = 2611 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 2612 } 2613 if (info->attrs[NL80211_ATTR_AP_ISOLATE]) 2614 params.ap_isolate = !!nla_get_u8(info->attrs[NL80211_ATTR_AP_ISOLATE]); 2615 if (info->attrs[NL80211_ATTR_BSS_HT_OPMODE]) 2616 params.ht_opmode = 2617 nla_get_u16(info->attrs[NL80211_ATTR_BSS_HT_OPMODE]); 2618 2619 if (!rdev->ops->change_bss) 2620 return -EOPNOTSUPP; 2621 2622 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2623 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 2624 return -EOPNOTSUPP; 2625 2626 return rdev->ops->change_bss(&rdev->wiphy, dev, ¶ms); 2627 } 2628 2629 static const struct nla_policy reg_rule_policy[NL80211_REG_RULE_ATTR_MAX + 1] = { 2630 [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 }, 2631 [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 }, 2632 [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 }, 2633 [NL80211_ATTR_FREQ_RANGE_MAX_BW] = { .type = NLA_U32 }, 2634 [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 }, 2635 [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 }, 2636 }; 2637 2638 static int parse_reg_rule(struct nlattr *tb[], 2639 struct ieee80211_reg_rule *reg_rule) 2640 { 2641 struct ieee80211_freq_range *freq_range = ®_rule->freq_range; 2642 struct ieee80211_power_rule *power_rule = ®_rule->power_rule; 2643 2644 if (!tb[NL80211_ATTR_REG_RULE_FLAGS]) 2645 return -EINVAL; 2646 if (!tb[NL80211_ATTR_FREQ_RANGE_START]) 2647 return -EINVAL; 2648 if (!tb[NL80211_ATTR_FREQ_RANGE_END]) 2649 return -EINVAL; 2650 if (!tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) 2651 return -EINVAL; 2652 if (!tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]) 2653 return -EINVAL; 2654 2655 reg_rule->flags = nla_get_u32(tb[NL80211_ATTR_REG_RULE_FLAGS]); 2656 2657 freq_range->start_freq_khz = 2658 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]); 2659 freq_range->end_freq_khz = 2660 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]); 2661 freq_range->max_bandwidth_khz = 2662 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]); 2663 2664 power_rule->max_eirp = 2665 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]); 2666 2667 if (tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]) 2668 power_rule->max_antenna_gain = 2669 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]); 2670 2671 return 0; 2672 } 2673 2674 static int nl80211_req_set_reg(struct sk_buff *skb, struct genl_info *info) 2675 { 2676 int r; 2677 char *data = NULL; 2678 2679 /* 2680 * You should only get this when cfg80211 hasn't yet initialized 2681 * completely when built-in to the kernel right between the time 2682 * window between nl80211_init() and regulatory_init(), if that is 2683 * even possible. 2684 */ 2685 mutex_lock(&cfg80211_mutex); 2686 if (unlikely(!cfg80211_regdomain)) { 2687 mutex_unlock(&cfg80211_mutex); 2688 return -EINPROGRESS; 2689 } 2690 mutex_unlock(&cfg80211_mutex); 2691 2692 if (!info->attrs[NL80211_ATTR_REG_ALPHA2]) 2693 return -EINVAL; 2694 2695 data = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]); 2696 2697 r = regulatory_hint_user(data); 2698 2699 return r; 2700 } 2701 2702 static int nl80211_get_mesh_config(struct sk_buff *skb, 2703 struct genl_info *info) 2704 { 2705 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2706 struct net_device *dev = info->user_ptr[1]; 2707 struct wireless_dev *wdev = dev->ieee80211_ptr; 2708 struct mesh_config cur_params; 2709 int err = 0; 2710 void *hdr; 2711 struct nlattr *pinfoattr; 2712 struct sk_buff *msg; 2713 2714 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT) 2715 return -EOPNOTSUPP; 2716 2717 if (!rdev->ops->get_mesh_config) 2718 return -EOPNOTSUPP; 2719 2720 wdev_lock(wdev); 2721 /* If not connected, get default parameters */ 2722 if (!wdev->mesh_id_len) 2723 memcpy(&cur_params, &default_mesh_config, sizeof(cur_params)); 2724 else 2725 err = rdev->ops->get_mesh_config(&rdev->wiphy, dev, 2726 &cur_params); 2727 wdev_unlock(wdev); 2728 2729 if (err) 2730 return err; 2731 2732 /* Draw up a netlink message to send back */ 2733 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 2734 if (!msg) 2735 return -ENOMEM; 2736 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 2737 NL80211_CMD_GET_MESH_CONFIG); 2738 if (!hdr) 2739 goto out; 2740 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MESH_CONFIG); 2741 if (!pinfoattr) 2742 goto nla_put_failure; 2743 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 2744 NLA_PUT_U16(msg, NL80211_MESHCONF_RETRY_TIMEOUT, 2745 cur_params.dot11MeshRetryTimeout); 2746 NLA_PUT_U16(msg, NL80211_MESHCONF_CONFIRM_TIMEOUT, 2747 cur_params.dot11MeshConfirmTimeout); 2748 NLA_PUT_U16(msg, NL80211_MESHCONF_HOLDING_TIMEOUT, 2749 cur_params.dot11MeshHoldingTimeout); 2750 NLA_PUT_U16(msg, NL80211_MESHCONF_MAX_PEER_LINKS, 2751 cur_params.dot11MeshMaxPeerLinks); 2752 NLA_PUT_U8(msg, NL80211_MESHCONF_MAX_RETRIES, 2753 cur_params.dot11MeshMaxRetries); 2754 NLA_PUT_U8(msg, NL80211_MESHCONF_TTL, 2755 cur_params.dot11MeshTTL); 2756 NLA_PUT_U8(msg, NL80211_MESHCONF_ELEMENT_TTL, 2757 cur_params.element_ttl); 2758 NLA_PUT_U8(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS, 2759 cur_params.auto_open_plinks); 2760 NLA_PUT_U8(msg, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES, 2761 cur_params.dot11MeshHWMPmaxPREQretries); 2762 NLA_PUT_U32(msg, NL80211_MESHCONF_PATH_REFRESH_TIME, 2763 cur_params.path_refresh_time); 2764 NLA_PUT_U16(msg, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT, 2765 cur_params.min_discovery_timeout); 2766 NLA_PUT_U32(msg, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT, 2767 cur_params.dot11MeshHWMPactivePathTimeout); 2768 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL, 2769 cur_params.dot11MeshHWMPpreqMinInterval); 2770 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME, 2771 cur_params.dot11MeshHWMPnetDiameterTraversalTime); 2772 NLA_PUT_U8(msg, NL80211_MESHCONF_HWMP_ROOTMODE, 2773 cur_params.dot11MeshHWMPRootMode); 2774 nla_nest_end(msg, pinfoattr); 2775 genlmsg_end(msg, hdr); 2776 return genlmsg_reply(msg, info); 2777 2778 nla_put_failure: 2779 genlmsg_cancel(msg, hdr); 2780 out: 2781 nlmsg_free(msg); 2782 return -ENOBUFS; 2783 } 2784 2785 static const struct nla_policy nl80211_meshconf_params_policy[NL80211_MESHCONF_ATTR_MAX+1] = { 2786 [NL80211_MESHCONF_RETRY_TIMEOUT] = { .type = NLA_U16 }, 2787 [NL80211_MESHCONF_CONFIRM_TIMEOUT] = { .type = NLA_U16 }, 2788 [NL80211_MESHCONF_HOLDING_TIMEOUT] = { .type = NLA_U16 }, 2789 [NL80211_MESHCONF_MAX_PEER_LINKS] = { .type = NLA_U16 }, 2790 [NL80211_MESHCONF_MAX_RETRIES] = { .type = NLA_U8 }, 2791 [NL80211_MESHCONF_TTL] = { .type = NLA_U8 }, 2792 [NL80211_MESHCONF_ELEMENT_TTL] = { .type = NLA_U8 }, 2793 [NL80211_MESHCONF_AUTO_OPEN_PLINKS] = { .type = NLA_U8 }, 2794 2795 [NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES] = { .type = NLA_U8 }, 2796 [NL80211_MESHCONF_PATH_REFRESH_TIME] = { .type = NLA_U32 }, 2797 [NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT] = { .type = NLA_U16 }, 2798 [NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT] = { .type = NLA_U32 }, 2799 [NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL] = { .type = NLA_U16 }, 2800 [NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME] = { .type = NLA_U16 }, 2801 }; 2802 2803 static const struct nla_policy 2804 nl80211_mesh_setup_params_policy[NL80211_MESH_SETUP_ATTR_MAX+1] = { 2805 [NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL] = { .type = NLA_U8 }, 2806 [NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC] = { .type = NLA_U8 }, 2807 [NL80211_MESH_SETUP_VENDOR_PATH_SEL_IE] = { .type = NLA_BINARY, 2808 .len = IEEE80211_MAX_DATA_LEN }, 2809 }; 2810 2811 static int nl80211_parse_mesh_config(struct genl_info *info, 2812 struct mesh_config *cfg, 2813 u32 *mask_out) 2814 { 2815 struct nlattr *tb[NL80211_MESHCONF_ATTR_MAX + 1]; 2816 u32 mask = 0; 2817 2818 #define FILL_IN_MESH_PARAM_IF_SET(table, cfg, param, mask, attr_num, nla_fn) \ 2819 do {\ 2820 if (table[attr_num]) {\ 2821 cfg->param = nla_fn(table[attr_num]); \ 2822 mask |= (1 << (attr_num - 1)); \ 2823 } \ 2824 } while (0);\ 2825 2826 2827 if (!info->attrs[NL80211_ATTR_MESH_CONFIG]) 2828 return -EINVAL; 2829 if (nla_parse_nested(tb, NL80211_MESHCONF_ATTR_MAX, 2830 info->attrs[NL80211_ATTR_MESH_CONFIG], 2831 nl80211_meshconf_params_policy)) 2832 return -EINVAL; 2833 2834 /* This makes sure that there aren't more than 32 mesh config 2835 * parameters (otherwise our bitfield scheme would not work.) */ 2836 BUILD_BUG_ON(NL80211_MESHCONF_ATTR_MAX > 32); 2837 2838 /* Fill in the params struct */ 2839 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshRetryTimeout, 2840 mask, NL80211_MESHCONF_RETRY_TIMEOUT, nla_get_u16); 2841 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshConfirmTimeout, 2842 mask, NL80211_MESHCONF_CONFIRM_TIMEOUT, nla_get_u16); 2843 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHoldingTimeout, 2844 mask, NL80211_MESHCONF_HOLDING_TIMEOUT, nla_get_u16); 2845 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxPeerLinks, 2846 mask, NL80211_MESHCONF_MAX_PEER_LINKS, nla_get_u16); 2847 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxRetries, 2848 mask, NL80211_MESHCONF_MAX_RETRIES, nla_get_u8); 2849 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshTTL, 2850 mask, NL80211_MESHCONF_TTL, nla_get_u8); 2851 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, element_ttl, 2852 mask, NL80211_MESHCONF_ELEMENT_TTL, nla_get_u8); 2853 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, auto_open_plinks, 2854 mask, NL80211_MESHCONF_AUTO_OPEN_PLINKS, nla_get_u8); 2855 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPmaxPREQretries, 2856 mask, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES, 2857 nla_get_u8); 2858 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, path_refresh_time, 2859 mask, NL80211_MESHCONF_PATH_REFRESH_TIME, nla_get_u32); 2860 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, min_discovery_timeout, 2861 mask, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT, 2862 nla_get_u16); 2863 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPactivePathTimeout, 2864 mask, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT, 2865 nla_get_u32); 2866 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPpreqMinInterval, 2867 mask, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL, 2868 nla_get_u16); 2869 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 2870 dot11MeshHWMPnetDiameterTraversalTime, 2871 mask, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME, 2872 nla_get_u16); 2873 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 2874 dot11MeshHWMPRootMode, mask, 2875 NL80211_MESHCONF_HWMP_ROOTMODE, 2876 nla_get_u8); 2877 if (mask_out) 2878 *mask_out = mask; 2879 2880 return 0; 2881 2882 #undef FILL_IN_MESH_PARAM_IF_SET 2883 } 2884 2885 static int nl80211_parse_mesh_setup(struct genl_info *info, 2886 struct mesh_setup *setup) 2887 { 2888 struct nlattr *tb[NL80211_MESH_SETUP_ATTR_MAX + 1]; 2889 2890 if (!info->attrs[NL80211_ATTR_MESH_SETUP]) 2891 return -EINVAL; 2892 if (nla_parse_nested(tb, NL80211_MESH_SETUP_ATTR_MAX, 2893 info->attrs[NL80211_ATTR_MESH_SETUP], 2894 nl80211_mesh_setup_params_policy)) 2895 return -EINVAL; 2896 2897 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL]) 2898 setup->path_sel_proto = 2899 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL])) ? 2900 IEEE80211_PATH_PROTOCOL_VENDOR : 2901 IEEE80211_PATH_PROTOCOL_HWMP; 2902 2903 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC]) 2904 setup->path_metric = 2905 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC])) ? 2906 IEEE80211_PATH_METRIC_VENDOR : 2907 IEEE80211_PATH_METRIC_AIRTIME; 2908 2909 if (tb[NL80211_MESH_SETUP_VENDOR_PATH_SEL_IE]) { 2910 struct nlattr *ieattr = 2911 tb[NL80211_MESH_SETUP_VENDOR_PATH_SEL_IE]; 2912 if (!is_valid_ie_attr(ieattr)) 2913 return -EINVAL; 2914 setup->vendor_ie = nla_data(ieattr); 2915 setup->vendor_ie_len = nla_len(ieattr); 2916 } 2917 2918 return 0; 2919 } 2920 2921 static int nl80211_update_mesh_config(struct sk_buff *skb, 2922 struct genl_info *info) 2923 { 2924 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2925 struct net_device *dev = info->user_ptr[1]; 2926 struct wireless_dev *wdev = dev->ieee80211_ptr; 2927 struct mesh_config cfg; 2928 u32 mask; 2929 int err; 2930 2931 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT) 2932 return -EOPNOTSUPP; 2933 2934 if (!rdev->ops->update_mesh_config) 2935 return -EOPNOTSUPP; 2936 2937 err = nl80211_parse_mesh_config(info, &cfg, &mask); 2938 if (err) 2939 return err; 2940 2941 wdev_lock(wdev); 2942 if (!wdev->mesh_id_len) 2943 err = -ENOLINK; 2944 2945 if (!err) 2946 err = rdev->ops->update_mesh_config(&rdev->wiphy, dev, 2947 mask, &cfg); 2948 2949 wdev_unlock(wdev); 2950 2951 return err; 2952 } 2953 2954 static int nl80211_get_reg(struct sk_buff *skb, struct genl_info *info) 2955 { 2956 struct sk_buff *msg; 2957 void *hdr = NULL; 2958 struct nlattr *nl_reg_rules; 2959 unsigned int i; 2960 int err = -EINVAL; 2961 2962 mutex_lock(&cfg80211_mutex); 2963 2964 if (!cfg80211_regdomain) 2965 goto out; 2966 2967 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 2968 if (!msg) { 2969 err = -ENOBUFS; 2970 goto out; 2971 } 2972 2973 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 2974 NL80211_CMD_GET_REG); 2975 if (!hdr) 2976 goto put_failure; 2977 2978 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, 2979 cfg80211_regdomain->alpha2); 2980 2981 nl_reg_rules = nla_nest_start(msg, NL80211_ATTR_REG_RULES); 2982 if (!nl_reg_rules) 2983 goto nla_put_failure; 2984 2985 for (i = 0; i < cfg80211_regdomain->n_reg_rules; i++) { 2986 struct nlattr *nl_reg_rule; 2987 const struct ieee80211_reg_rule *reg_rule; 2988 const struct ieee80211_freq_range *freq_range; 2989 const struct ieee80211_power_rule *power_rule; 2990 2991 reg_rule = &cfg80211_regdomain->reg_rules[i]; 2992 freq_range = ®_rule->freq_range; 2993 power_rule = ®_rule->power_rule; 2994 2995 nl_reg_rule = nla_nest_start(msg, i); 2996 if (!nl_reg_rule) 2997 goto nla_put_failure; 2998 2999 NLA_PUT_U32(msg, NL80211_ATTR_REG_RULE_FLAGS, 3000 reg_rule->flags); 3001 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_START, 3002 freq_range->start_freq_khz); 3003 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_END, 3004 freq_range->end_freq_khz); 3005 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_MAX_BW, 3006 freq_range->max_bandwidth_khz); 3007 NLA_PUT_U32(msg, NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN, 3008 power_rule->max_antenna_gain); 3009 NLA_PUT_U32(msg, NL80211_ATTR_POWER_RULE_MAX_EIRP, 3010 power_rule->max_eirp); 3011 3012 nla_nest_end(msg, nl_reg_rule); 3013 } 3014 3015 nla_nest_end(msg, nl_reg_rules); 3016 3017 genlmsg_end(msg, hdr); 3018 err = genlmsg_reply(msg, info); 3019 goto out; 3020 3021 nla_put_failure: 3022 genlmsg_cancel(msg, hdr); 3023 put_failure: 3024 nlmsg_free(msg); 3025 err = -EMSGSIZE; 3026 out: 3027 mutex_unlock(&cfg80211_mutex); 3028 return err; 3029 } 3030 3031 static int nl80211_set_reg(struct sk_buff *skb, struct genl_info *info) 3032 { 3033 struct nlattr *tb[NL80211_REG_RULE_ATTR_MAX + 1]; 3034 struct nlattr *nl_reg_rule; 3035 char *alpha2 = NULL; 3036 int rem_reg_rules = 0, r = 0; 3037 u32 num_rules = 0, rule_idx = 0, size_of_regd; 3038 struct ieee80211_regdomain *rd = NULL; 3039 3040 if (!info->attrs[NL80211_ATTR_REG_ALPHA2]) 3041 return -EINVAL; 3042 3043 if (!info->attrs[NL80211_ATTR_REG_RULES]) 3044 return -EINVAL; 3045 3046 alpha2 = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]); 3047 3048 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES], 3049 rem_reg_rules) { 3050 num_rules++; 3051 if (num_rules > NL80211_MAX_SUPP_REG_RULES) 3052 return -EINVAL; 3053 } 3054 3055 mutex_lock(&cfg80211_mutex); 3056 3057 if (!reg_is_valid_request(alpha2)) { 3058 r = -EINVAL; 3059 goto bad_reg; 3060 } 3061 3062 size_of_regd = sizeof(struct ieee80211_regdomain) + 3063 (num_rules * sizeof(struct ieee80211_reg_rule)); 3064 3065 rd = kzalloc(size_of_regd, GFP_KERNEL); 3066 if (!rd) { 3067 r = -ENOMEM; 3068 goto bad_reg; 3069 } 3070 3071 rd->n_reg_rules = num_rules; 3072 rd->alpha2[0] = alpha2[0]; 3073 rd->alpha2[1] = alpha2[1]; 3074 3075 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES], 3076 rem_reg_rules) { 3077 nla_parse(tb, NL80211_REG_RULE_ATTR_MAX, 3078 nla_data(nl_reg_rule), nla_len(nl_reg_rule), 3079 reg_rule_policy); 3080 r = parse_reg_rule(tb, &rd->reg_rules[rule_idx]); 3081 if (r) 3082 goto bad_reg; 3083 3084 rule_idx++; 3085 3086 if (rule_idx > NL80211_MAX_SUPP_REG_RULES) { 3087 r = -EINVAL; 3088 goto bad_reg; 3089 } 3090 } 3091 3092 BUG_ON(rule_idx != num_rules); 3093 3094 r = set_regdom(rd); 3095 3096 mutex_unlock(&cfg80211_mutex); 3097 3098 return r; 3099 3100 bad_reg: 3101 mutex_unlock(&cfg80211_mutex); 3102 kfree(rd); 3103 return r; 3104 } 3105 3106 static int validate_scan_freqs(struct nlattr *freqs) 3107 { 3108 struct nlattr *attr1, *attr2; 3109 int n_channels = 0, tmp1, tmp2; 3110 3111 nla_for_each_nested(attr1, freqs, tmp1) { 3112 n_channels++; 3113 /* 3114 * Some hardware has a limited channel list for 3115 * scanning, and it is pretty much nonsensical 3116 * to scan for a channel twice, so disallow that 3117 * and don't require drivers to check that the 3118 * channel list they get isn't longer than what 3119 * they can scan, as long as they can scan all 3120 * the channels they registered at once. 3121 */ 3122 nla_for_each_nested(attr2, freqs, tmp2) 3123 if (attr1 != attr2 && 3124 nla_get_u32(attr1) == nla_get_u32(attr2)) 3125 return 0; 3126 } 3127 3128 return n_channels; 3129 } 3130 3131 static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info) 3132 { 3133 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3134 struct net_device *dev = info->user_ptr[1]; 3135 struct cfg80211_scan_request *request; 3136 struct cfg80211_ssid *ssid; 3137 struct ieee80211_channel *channel; 3138 struct nlattr *attr; 3139 struct wiphy *wiphy; 3140 int err, tmp, n_ssids = 0, n_channels, i; 3141 enum ieee80211_band band; 3142 size_t ie_len; 3143 3144 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3145 return -EINVAL; 3146 3147 wiphy = &rdev->wiphy; 3148 3149 if (!rdev->ops->scan) 3150 return -EOPNOTSUPP; 3151 3152 if (rdev->scan_req) 3153 return -EBUSY; 3154 3155 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 3156 n_channels = validate_scan_freqs( 3157 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]); 3158 if (!n_channels) 3159 return -EINVAL; 3160 } else { 3161 n_channels = 0; 3162 3163 for (band = 0; band < IEEE80211_NUM_BANDS; band++) 3164 if (wiphy->bands[band]) 3165 n_channels += wiphy->bands[band]->n_channels; 3166 } 3167 3168 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) 3169 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) 3170 n_ssids++; 3171 3172 if (n_ssids > wiphy->max_scan_ssids) 3173 return -EINVAL; 3174 3175 if (info->attrs[NL80211_ATTR_IE]) 3176 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3177 else 3178 ie_len = 0; 3179 3180 if (ie_len > wiphy->max_scan_ie_len) 3181 return -EINVAL; 3182 3183 request = kzalloc(sizeof(*request) 3184 + sizeof(*ssid) * n_ssids 3185 + sizeof(channel) * n_channels 3186 + ie_len, GFP_KERNEL); 3187 if (!request) 3188 return -ENOMEM; 3189 3190 if (n_ssids) 3191 request->ssids = (void *)&request->channels[n_channels]; 3192 request->n_ssids = n_ssids; 3193 if (ie_len) { 3194 if (request->ssids) 3195 request->ie = (void *)(request->ssids + n_ssids); 3196 else 3197 request->ie = (void *)(request->channels + n_channels); 3198 } 3199 3200 i = 0; 3201 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 3202 /* user specified, bail out if channel not found */ 3203 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_FREQUENCIES], tmp) { 3204 struct ieee80211_channel *chan; 3205 3206 chan = ieee80211_get_channel(wiphy, nla_get_u32(attr)); 3207 3208 if (!chan) { 3209 err = -EINVAL; 3210 goto out_free; 3211 } 3212 3213 /* ignore disabled channels */ 3214 if (chan->flags & IEEE80211_CHAN_DISABLED) 3215 continue; 3216 3217 request->channels[i] = chan; 3218 i++; 3219 } 3220 } else { 3221 /* all channels */ 3222 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 3223 int j; 3224 if (!wiphy->bands[band]) 3225 continue; 3226 for (j = 0; j < wiphy->bands[band]->n_channels; j++) { 3227 struct ieee80211_channel *chan; 3228 3229 chan = &wiphy->bands[band]->channels[j]; 3230 3231 if (chan->flags & IEEE80211_CHAN_DISABLED) 3232 continue; 3233 3234 request->channels[i] = chan; 3235 i++; 3236 } 3237 } 3238 } 3239 3240 if (!i) { 3241 err = -EINVAL; 3242 goto out_free; 3243 } 3244 3245 request->n_channels = i; 3246 3247 i = 0; 3248 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) { 3249 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) { 3250 if (request->ssids[i].ssid_len > IEEE80211_MAX_SSID_LEN) { 3251 err = -EINVAL; 3252 goto out_free; 3253 } 3254 memcpy(request->ssids[i].ssid, nla_data(attr), nla_len(attr)); 3255 request->ssids[i].ssid_len = nla_len(attr); 3256 i++; 3257 } 3258 } 3259 3260 if (info->attrs[NL80211_ATTR_IE]) { 3261 request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3262 memcpy((void *)request->ie, 3263 nla_data(info->attrs[NL80211_ATTR_IE]), 3264 request->ie_len); 3265 } 3266 3267 request->dev = dev; 3268 request->wiphy = &rdev->wiphy; 3269 3270 rdev->scan_req = request; 3271 err = rdev->ops->scan(&rdev->wiphy, dev, request); 3272 3273 if (!err) { 3274 nl80211_send_scan_start(rdev, dev); 3275 dev_hold(dev); 3276 } else { 3277 out_free: 3278 rdev->scan_req = NULL; 3279 kfree(request); 3280 } 3281 3282 return err; 3283 } 3284 3285 static int nl80211_send_bss(struct sk_buff *msg, u32 pid, u32 seq, int flags, 3286 struct cfg80211_registered_device *rdev, 3287 struct wireless_dev *wdev, 3288 struct cfg80211_internal_bss *intbss) 3289 { 3290 struct cfg80211_bss *res = &intbss->pub; 3291 void *hdr; 3292 struct nlattr *bss; 3293 int i; 3294 3295 ASSERT_WDEV_LOCK(wdev); 3296 3297 hdr = nl80211hdr_put(msg, pid, seq, flags, 3298 NL80211_CMD_NEW_SCAN_RESULTS); 3299 if (!hdr) 3300 return -1; 3301 3302 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, rdev->bss_generation); 3303 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, wdev->netdev->ifindex); 3304 3305 bss = nla_nest_start(msg, NL80211_ATTR_BSS); 3306 if (!bss) 3307 goto nla_put_failure; 3308 if (!is_zero_ether_addr(res->bssid)) 3309 NLA_PUT(msg, NL80211_BSS_BSSID, ETH_ALEN, res->bssid); 3310 if (res->information_elements && res->len_information_elements) 3311 NLA_PUT(msg, NL80211_BSS_INFORMATION_ELEMENTS, 3312 res->len_information_elements, 3313 res->information_elements); 3314 if (res->beacon_ies && res->len_beacon_ies && 3315 res->beacon_ies != res->information_elements) 3316 NLA_PUT(msg, NL80211_BSS_BEACON_IES, 3317 res->len_beacon_ies, res->beacon_ies); 3318 if (res->tsf) 3319 NLA_PUT_U64(msg, NL80211_BSS_TSF, res->tsf); 3320 if (res->beacon_interval) 3321 NLA_PUT_U16(msg, NL80211_BSS_BEACON_INTERVAL, res->beacon_interval); 3322 NLA_PUT_U16(msg, NL80211_BSS_CAPABILITY, res->capability); 3323 NLA_PUT_U32(msg, NL80211_BSS_FREQUENCY, res->channel->center_freq); 3324 NLA_PUT_U32(msg, NL80211_BSS_SEEN_MS_AGO, 3325 jiffies_to_msecs(jiffies - intbss->ts)); 3326 3327 switch (rdev->wiphy.signal_type) { 3328 case CFG80211_SIGNAL_TYPE_MBM: 3329 NLA_PUT_U32(msg, NL80211_BSS_SIGNAL_MBM, res->signal); 3330 break; 3331 case CFG80211_SIGNAL_TYPE_UNSPEC: 3332 NLA_PUT_U8(msg, NL80211_BSS_SIGNAL_UNSPEC, res->signal); 3333 break; 3334 default: 3335 break; 3336 } 3337 3338 switch (wdev->iftype) { 3339 case NL80211_IFTYPE_P2P_CLIENT: 3340 case NL80211_IFTYPE_STATION: 3341 if (intbss == wdev->current_bss) 3342 NLA_PUT_U32(msg, NL80211_BSS_STATUS, 3343 NL80211_BSS_STATUS_ASSOCIATED); 3344 else for (i = 0; i < MAX_AUTH_BSSES; i++) { 3345 if (intbss != wdev->auth_bsses[i]) 3346 continue; 3347 NLA_PUT_U32(msg, NL80211_BSS_STATUS, 3348 NL80211_BSS_STATUS_AUTHENTICATED); 3349 break; 3350 } 3351 break; 3352 case NL80211_IFTYPE_ADHOC: 3353 if (intbss == wdev->current_bss) 3354 NLA_PUT_U32(msg, NL80211_BSS_STATUS, 3355 NL80211_BSS_STATUS_IBSS_JOINED); 3356 break; 3357 default: 3358 break; 3359 } 3360 3361 nla_nest_end(msg, bss); 3362 3363 return genlmsg_end(msg, hdr); 3364 3365 nla_put_failure: 3366 genlmsg_cancel(msg, hdr); 3367 return -EMSGSIZE; 3368 } 3369 3370 static int nl80211_dump_scan(struct sk_buff *skb, 3371 struct netlink_callback *cb) 3372 { 3373 struct cfg80211_registered_device *rdev; 3374 struct net_device *dev; 3375 struct cfg80211_internal_bss *scan; 3376 struct wireless_dev *wdev; 3377 int start = cb->args[1], idx = 0; 3378 int err; 3379 3380 err = nl80211_prepare_netdev_dump(skb, cb, &rdev, &dev); 3381 if (err) 3382 return err; 3383 3384 wdev = dev->ieee80211_ptr; 3385 3386 wdev_lock(wdev); 3387 spin_lock_bh(&rdev->bss_lock); 3388 cfg80211_bss_expire(rdev); 3389 3390 list_for_each_entry(scan, &rdev->bss_list, list) { 3391 if (++idx <= start) 3392 continue; 3393 if (nl80211_send_bss(skb, 3394 NETLINK_CB(cb->skb).pid, 3395 cb->nlh->nlmsg_seq, NLM_F_MULTI, 3396 rdev, wdev, scan) < 0) { 3397 idx--; 3398 break; 3399 } 3400 } 3401 3402 spin_unlock_bh(&rdev->bss_lock); 3403 wdev_unlock(wdev); 3404 3405 cb->args[1] = idx; 3406 nl80211_finish_netdev_dump(rdev); 3407 3408 return skb->len; 3409 } 3410 3411 static int nl80211_send_survey(struct sk_buff *msg, u32 pid, u32 seq, 3412 int flags, struct net_device *dev, 3413 struct survey_info *survey) 3414 { 3415 void *hdr; 3416 struct nlattr *infoattr; 3417 3418 /* Survey without a channel doesn't make sense */ 3419 if (!survey->channel) 3420 return -EINVAL; 3421 3422 hdr = nl80211hdr_put(msg, pid, seq, flags, 3423 NL80211_CMD_NEW_SURVEY_RESULTS); 3424 if (!hdr) 3425 return -ENOMEM; 3426 3427 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 3428 3429 infoattr = nla_nest_start(msg, NL80211_ATTR_SURVEY_INFO); 3430 if (!infoattr) 3431 goto nla_put_failure; 3432 3433 NLA_PUT_U32(msg, NL80211_SURVEY_INFO_FREQUENCY, 3434 survey->channel->center_freq); 3435 if (survey->filled & SURVEY_INFO_NOISE_DBM) 3436 NLA_PUT_U8(msg, NL80211_SURVEY_INFO_NOISE, 3437 survey->noise); 3438 if (survey->filled & SURVEY_INFO_IN_USE) 3439 NLA_PUT_FLAG(msg, NL80211_SURVEY_INFO_IN_USE); 3440 if (survey->filled & SURVEY_INFO_CHANNEL_TIME) 3441 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME, 3442 survey->channel_time); 3443 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_BUSY) 3444 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY, 3445 survey->channel_time_busy); 3446 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_EXT_BUSY) 3447 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_EXT_BUSY, 3448 survey->channel_time_ext_busy); 3449 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_RX) 3450 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_RX, 3451 survey->channel_time_rx); 3452 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_TX) 3453 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_TX, 3454 survey->channel_time_tx); 3455 3456 nla_nest_end(msg, infoattr); 3457 3458 return genlmsg_end(msg, hdr); 3459 3460 nla_put_failure: 3461 genlmsg_cancel(msg, hdr); 3462 return -EMSGSIZE; 3463 } 3464 3465 static int nl80211_dump_survey(struct sk_buff *skb, 3466 struct netlink_callback *cb) 3467 { 3468 struct survey_info survey; 3469 struct cfg80211_registered_device *dev; 3470 struct net_device *netdev; 3471 int survey_idx = cb->args[1]; 3472 int res; 3473 3474 res = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev); 3475 if (res) 3476 return res; 3477 3478 if (!dev->ops->dump_survey) { 3479 res = -EOPNOTSUPP; 3480 goto out_err; 3481 } 3482 3483 while (1) { 3484 res = dev->ops->dump_survey(&dev->wiphy, netdev, survey_idx, 3485 &survey); 3486 if (res == -ENOENT) 3487 break; 3488 if (res) 3489 goto out_err; 3490 3491 if (nl80211_send_survey(skb, 3492 NETLINK_CB(cb->skb).pid, 3493 cb->nlh->nlmsg_seq, NLM_F_MULTI, 3494 netdev, 3495 &survey) < 0) 3496 goto out; 3497 survey_idx++; 3498 } 3499 3500 out: 3501 cb->args[1] = survey_idx; 3502 res = skb->len; 3503 out_err: 3504 nl80211_finish_netdev_dump(dev); 3505 return res; 3506 } 3507 3508 static bool nl80211_valid_auth_type(enum nl80211_auth_type auth_type) 3509 { 3510 return auth_type <= NL80211_AUTHTYPE_MAX; 3511 } 3512 3513 static bool nl80211_valid_wpa_versions(u32 wpa_versions) 3514 { 3515 return !(wpa_versions & ~(NL80211_WPA_VERSION_1 | 3516 NL80211_WPA_VERSION_2)); 3517 } 3518 3519 static bool nl80211_valid_akm_suite(u32 akm) 3520 { 3521 return akm == WLAN_AKM_SUITE_8021X || 3522 akm == WLAN_AKM_SUITE_PSK; 3523 } 3524 3525 static bool nl80211_valid_cipher_suite(u32 cipher) 3526 { 3527 return cipher == WLAN_CIPHER_SUITE_WEP40 || 3528 cipher == WLAN_CIPHER_SUITE_WEP104 || 3529 cipher == WLAN_CIPHER_SUITE_TKIP || 3530 cipher == WLAN_CIPHER_SUITE_CCMP || 3531 cipher == WLAN_CIPHER_SUITE_AES_CMAC; 3532 } 3533 3534 3535 static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info) 3536 { 3537 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3538 struct net_device *dev = info->user_ptr[1]; 3539 struct ieee80211_channel *chan; 3540 const u8 *bssid, *ssid, *ie = NULL; 3541 int err, ssid_len, ie_len = 0; 3542 enum nl80211_auth_type auth_type; 3543 struct key_parse key; 3544 bool local_state_change; 3545 3546 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3547 return -EINVAL; 3548 3549 if (!info->attrs[NL80211_ATTR_MAC]) 3550 return -EINVAL; 3551 3552 if (!info->attrs[NL80211_ATTR_AUTH_TYPE]) 3553 return -EINVAL; 3554 3555 if (!info->attrs[NL80211_ATTR_SSID]) 3556 return -EINVAL; 3557 3558 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ]) 3559 return -EINVAL; 3560 3561 err = nl80211_parse_key(info, &key); 3562 if (err) 3563 return err; 3564 3565 if (key.idx >= 0) { 3566 if (key.type != -1 && key.type != NL80211_KEYTYPE_GROUP) 3567 return -EINVAL; 3568 if (!key.p.key || !key.p.key_len) 3569 return -EINVAL; 3570 if ((key.p.cipher != WLAN_CIPHER_SUITE_WEP40 || 3571 key.p.key_len != WLAN_KEY_LEN_WEP40) && 3572 (key.p.cipher != WLAN_CIPHER_SUITE_WEP104 || 3573 key.p.key_len != WLAN_KEY_LEN_WEP104)) 3574 return -EINVAL; 3575 if (key.idx > 4) 3576 return -EINVAL; 3577 } else { 3578 key.p.key_len = 0; 3579 key.p.key = NULL; 3580 } 3581 3582 if (key.idx >= 0) { 3583 int i; 3584 bool ok = false; 3585 for (i = 0; i < rdev->wiphy.n_cipher_suites; i++) { 3586 if (key.p.cipher == rdev->wiphy.cipher_suites[i]) { 3587 ok = true; 3588 break; 3589 } 3590 } 3591 if (!ok) 3592 return -EINVAL; 3593 } 3594 3595 if (!rdev->ops->auth) 3596 return -EOPNOTSUPP; 3597 3598 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 3599 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 3600 return -EOPNOTSUPP; 3601 3602 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 3603 chan = ieee80211_get_channel(&rdev->wiphy, 3604 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 3605 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED)) 3606 return -EINVAL; 3607 3608 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 3609 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 3610 3611 if (info->attrs[NL80211_ATTR_IE]) { 3612 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3613 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3614 } 3615 3616 auth_type = nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]); 3617 if (!nl80211_valid_auth_type(auth_type)) 3618 return -EINVAL; 3619 3620 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; 3621 3622 return cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid, 3623 ssid, ssid_len, ie, ie_len, 3624 key.p.key, key.p.key_len, key.idx, 3625 local_state_change); 3626 } 3627 3628 static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev, 3629 struct genl_info *info, 3630 struct cfg80211_crypto_settings *settings, 3631 int cipher_limit) 3632 { 3633 memset(settings, 0, sizeof(*settings)); 3634 3635 settings->control_port = info->attrs[NL80211_ATTR_CONTROL_PORT]; 3636 3637 if (info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]) { 3638 u16 proto; 3639 proto = nla_get_u16( 3640 info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]); 3641 settings->control_port_ethertype = cpu_to_be16(proto); 3642 if (!(rdev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) && 3643 proto != ETH_P_PAE) 3644 return -EINVAL; 3645 if (info->attrs[NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT]) 3646 settings->control_port_no_encrypt = true; 3647 } else 3648 settings->control_port_ethertype = cpu_to_be16(ETH_P_PAE); 3649 3650 if (info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]) { 3651 void *data; 3652 int len, i; 3653 3654 data = nla_data(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]); 3655 len = nla_len(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]); 3656 settings->n_ciphers_pairwise = len / sizeof(u32); 3657 3658 if (len % sizeof(u32)) 3659 return -EINVAL; 3660 3661 if (settings->n_ciphers_pairwise > cipher_limit) 3662 return -EINVAL; 3663 3664 memcpy(settings->ciphers_pairwise, data, len); 3665 3666 for (i = 0; i < settings->n_ciphers_pairwise; i++) 3667 if (!nl80211_valid_cipher_suite( 3668 settings->ciphers_pairwise[i])) 3669 return -EINVAL; 3670 } 3671 3672 if (info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]) { 3673 settings->cipher_group = 3674 nla_get_u32(info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]); 3675 if (!nl80211_valid_cipher_suite(settings->cipher_group)) 3676 return -EINVAL; 3677 } 3678 3679 if (info->attrs[NL80211_ATTR_WPA_VERSIONS]) { 3680 settings->wpa_versions = 3681 nla_get_u32(info->attrs[NL80211_ATTR_WPA_VERSIONS]); 3682 if (!nl80211_valid_wpa_versions(settings->wpa_versions)) 3683 return -EINVAL; 3684 } 3685 3686 if (info->attrs[NL80211_ATTR_AKM_SUITES]) { 3687 void *data; 3688 int len, i; 3689 3690 data = nla_data(info->attrs[NL80211_ATTR_AKM_SUITES]); 3691 len = nla_len(info->attrs[NL80211_ATTR_AKM_SUITES]); 3692 settings->n_akm_suites = len / sizeof(u32); 3693 3694 if (len % sizeof(u32)) 3695 return -EINVAL; 3696 3697 memcpy(settings->akm_suites, data, len); 3698 3699 for (i = 0; i < settings->n_ciphers_pairwise; i++) 3700 if (!nl80211_valid_akm_suite(settings->akm_suites[i])) 3701 return -EINVAL; 3702 } 3703 3704 return 0; 3705 } 3706 3707 static int nl80211_associate(struct sk_buff *skb, struct genl_info *info) 3708 { 3709 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3710 struct net_device *dev = info->user_ptr[1]; 3711 struct cfg80211_crypto_settings crypto; 3712 struct ieee80211_channel *chan; 3713 const u8 *bssid, *ssid, *ie = NULL, *prev_bssid = NULL; 3714 int err, ssid_len, ie_len = 0; 3715 bool use_mfp = false; 3716 3717 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3718 return -EINVAL; 3719 3720 if (!info->attrs[NL80211_ATTR_MAC] || 3721 !info->attrs[NL80211_ATTR_SSID] || 3722 !info->attrs[NL80211_ATTR_WIPHY_FREQ]) 3723 return -EINVAL; 3724 3725 if (!rdev->ops->assoc) 3726 return -EOPNOTSUPP; 3727 3728 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 3729 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 3730 return -EOPNOTSUPP; 3731 3732 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 3733 3734 chan = ieee80211_get_channel(&rdev->wiphy, 3735 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 3736 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED)) 3737 return -EINVAL; 3738 3739 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 3740 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 3741 3742 if (info->attrs[NL80211_ATTR_IE]) { 3743 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3744 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3745 } 3746 3747 if (info->attrs[NL80211_ATTR_USE_MFP]) { 3748 enum nl80211_mfp mfp = 3749 nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]); 3750 if (mfp == NL80211_MFP_REQUIRED) 3751 use_mfp = true; 3752 else if (mfp != NL80211_MFP_NO) 3753 return -EINVAL; 3754 } 3755 3756 if (info->attrs[NL80211_ATTR_PREV_BSSID]) 3757 prev_bssid = nla_data(info->attrs[NL80211_ATTR_PREV_BSSID]); 3758 3759 err = nl80211_crypto_settings(rdev, info, &crypto, 1); 3760 if (!err) 3761 err = cfg80211_mlme_assoc(rdev, dev, chan, bssid, prev_bssid, 3762 ssid, ssid_len, ie, ie_len, use_mfp, 3763 &crypto); 3764 3765 return err; 3766 } 3767 3768 static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info) 3769 { 3770 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3771 struct net_device *dev = info->user_ptr[1]; 3772 const u8 *ie = NULL, *bssid; 3773 int ie_len = 0; 3774 u16 reason_code; 3775 bool local_state_change; 3776 3777 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3778 return -EINVAL; 3779 3780 if (!info->attrs[NL80211_ATTR_MAC]) 3781 return -EINVAL; 3782 3783 if (!info->attrs[NL80211_ATTR_REASON_CODE]) 3784 return -EINVAL; 3785 3786 if (!rdev->ops->deauth) 3787 return -EOPNOTSUPP; 3788 3789 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 3790 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 3791 return -EOPNOTSUPP; 3792 3793 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 3794 3795 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 3796 if (reason_code == 0) { 3797 /* Reason Code 0 is reserved */ 3798 return -EINVAL; 3799 } 3800 3801 if (info->attrs[NL80211_ATTR_IE]) { 3802 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3803 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3804 } 3805 3806 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; 3807 3808 return cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason_code, 3809 local_state_change); 3810 } 3811 3812 static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info) 3813 { 3814 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3815 struct net_device *dev = info->user_ptr[1]; 3816 const u8 *ie = NULL, *bssid; 3817 int ie_len = 0; 3818 u16 reason_code; 3819 bool local_state_change; 3820 3821 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3822 return -EINVAL; 3823 3824 if (!info->attrs[NL80211_ATTR_MAC]) 3825 return -EINVAL; 3826 3827 if (!info->attrs[NL80211_ATTR_REASON_CODE]) 3828 return -EINVAL; 3829 3830 if (!rdev->ops->disassoc) 3831 return -EOPNOTSUPP; 3832 3833 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 3834 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 3835 return -EOPNOTSUPP; 3836 3837 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 3838 3839 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 3840 if (reason_code == 0) { 3841 /* Reason Code 0 is reserved */ 3842 return -EINVAL; 3843 } 3844 3845 if (info->attrs[NL80211_ATTR_IE]) { 3846 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3847 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3848 } 3849 3850 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; 3851 3852 return cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason_code, 3853 local_state_change); 3854 } 3855 3856 static bool 3857 nl80211_parse_mcast_rate(struct cfg80211_registered_device *rdev, 3858 int mcast_rate[IEEE80211_NUM_BANDS], 3859 int rateval) 3860 { 3861 struct wiphy *wiphy = &rdev->wiphy; 3862 bool found = false; 3863 int band, i; 3864 3865 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 3866 struct ieee80211_supported_band *sband; 3867 3868 sband = wiphy->bands[band]; 3869 if (!sband) 3870 continue; 3871 3872 for (i = 0; i < sband->n_bitrates; i++) { 3873 if (sband->bitrates[i].bitrate == rateval) { 3874 mcast_rate[band] = i + 1; 3875 found = true; 3876 break; 3877 } 3878 } 3879 } 3880 3881 return found; 3882 } 3883 3884 static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info) 3885 { 3886 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3887 struct net_device *dev = info->user_ptr[1]; 3888 struct cfg80211_ibss_params ibss; 3889 struct wiphy *wiphy; 3890 struct cfg80211_cached_keys *connkeys = NULL; 3891 int err; 3892 3893 memset(&ibss, 0, sizeof(ibss)); 3894 3895 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3896 return -EINVAL; 3897 3898 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] || 3899 !info->attrs[NL80211_ATTR_SSID] || 3900 !nla_len(info->attrs[NL80211_ATTR_SSID])) 3901 return -EINVAL; 3902 3903 ibss.beacon_interval = 100; 3904 3905 if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) { 3906 ibss.beacon_interval = 3907 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]); 3908 if (ibss.beacon_interval < 1 || ibss.beacon_interval > 10000) 3909 return -EINVAL; 3910 } 3911 3912 if (!rdev->ops->join_ibss) 3913 return -EOPNOTSUPP; 3914 3915 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) 3916 return -EOPNOTSUPP; 3917 3918 wiphy = &rdev->wiphy; 3919 3920 if (info->attrs[NL80211_ATTR_MAC]) 3921 ibss.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 3922 ibss.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 3923 ibss.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 3924 3925 if (info->attrs[NL80211_ATTR_IE]) { 3926 ibss.ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3927 ibss.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3928 } 3929 3930 ibss.channel = ieee80211_get_channel(wiphy, 3931 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 3932 if (!ibss.channel || 3933 ibss.channel->flags & IEEE80211_CHAN_NO_IBSS || 3934 ibss.channel->flags & IEEE80211_CHAN_DISABLED) 3935 return -EINVAL; 3936 3937 ibss.channel_fixed = !!info->attrs[NL80211_ATTR_FREQ_FIXED]; 3938 ibss.privacy = !!info->attrs[NL80211_ATTR_PRIVACY]; 3939 3940 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) { 3941 u8 *rates = 3942 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 3943 int n_rates = 3944 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 3945 struct ieee80211_supported_band *sband = 3946 wiphy->bands[ibss.channel->band]; 3947 int i, j; 3948 3949 if (n_rates == 0) 3950 return -EINVAL; 3951 3952 for (i = 0; i < n_rates; i++) { 3953 int rate = (rates[i] & 0x7f) * 5; 3954 bool found = false; 3955 3956 for (j = 0; j < sband->n_bitrates; j++) { 3957 if (sband->bitrates[j].bitrate == rate) { 3958 found = true; 3959 ibss.basic_rates |= BIT(j); 3960 break; 3961 } 3962 } 3963 if (!found) 3964 return -EINVAL; 3965 } 3966 } 3967 3968 if (info->attrs[NL80211_ATTR_MCAST_RATE] && 3969 !nl80211_parse_mcast_rate(rdev, ibss.mcast_rate, 3970 nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE]))) 3971 return -EINVAL; 3972 3973 if (ibss.privacy && info->attrs[NL80211_ATTR_KEYS]) { 3974 connkeys = nl80211_parse_connkeys(rdev, 3975 info->attrs[NL80211_ATTR_KEYS]); 3976 if (IS_ERR(connkeys)) 3977 return PTR_ERR(connkeys); 3978 } 3979 3980 err = cfg80211_join_ibss(rdev, dev, &ibss, connkeys); 3981 if (err) 3982 kfree(connkeys); 3983 return err; 3984 } 3985 3986 static int nl80211_leave_ibss(struct sk_buff *skb, struct genl_info *info) 3987 { 3988 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3989 struct net_device *dev = info->user_ptr[1]; 3990 3991 if (!rdev->ops->leave_ibss) 3992 return -EOPNOTSUPP; 3993 3994 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) 3995 return -EOPNOTSUPP; 3996 3997 return cfg80211_leave_ibss(rdev, dev, false); 3998 } 3999 4000 #ifdef CONFIG_NL80211_TESTMODE 4001 static struct genl_multicast_group nl80211_testmode_mcgrp = { 4002 .name = "testmode", 4003 }; 4004 4005 static int nl80211_testmode_do(struct sk_buff *skb, struct genl_info *info) 4006 { 4007 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4008 int err; 4009 4010 if (!info->attrs[NL80211_ATTR_TESTDATA]) 4011 return -EINVAL; 4012 4013 err = -EOPNOTSUPP; 4014 if (rdev->ops->testmode_cmd) { 4015 rdev->testmode_info = info; 4016 err = rdev->ops->testmode_cmd(&rdev->wiphy, 4017 nla_data(info->attrs[NL80211_ATTR_TESTDATA]), 4018 nla_len(info->attrs[NL80211_ATTR_TESTDATA])); 4019 rdev->testmode_info = NULL; 4020 } 4021 4022 return err; 4023 } 4024 4025 static struct sk_buff * 4026 __cfg80211_testmode_alloc_skb(struct cfg80211_registered_device *rdev, 4027 int approxlen, u32 pid, u32 seq, gfp_t gfp) 4028 { 4029 struct sk_buff *skb; 4030 void *hdr; 4031 struct nlattr *data; 4032 4033 skb = nlmsg_new(approxlen + 100, gfp); 4034 if (!skb) 4035 return NULL; 4036 4037 hdr = nl80211hdr_put(skb, pid, seq, 0, NL80211_CMD_TESTMODE); 4038 if (!hdr) { 4039 kfree_skb(skb); 4040 return NULL; 4041 } 4042 4043 NLA_PUT_U32(skb, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 4044 data = nla_nest_start(skb, NL80211_ATTR_TESTDATA); 4045 4046 ((void **)skb->cb)[0] = rdev; 4047 ((void **)skb->cb)[1] = hdr; 4048 ((void **)skb->cb)[2] = data; 4049 4050 return skb; 4051 4052 nla_put_failure: 4053 kfree_skb(skb); 4054 return NULL; 4055 } 4056 4057 struct sk_buff *cfg80211_testmode_alloc_reply_skb(struct wiphy *wiphy, 4058 int approxlen) 4059 { 4060 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 4061 4062 if (WARN_ON(!rdev->testmode_info)) 4063 return NULL; 4064 4065 return __cfg80211_testmode_alloc_skb(rdev, approxlen, 4066 rdev->testmode_info->snd_pid, 4067 rdev->testmode_info->snd_seq, 4068 GFP_KERNEL); 4069 } 4070 EXPORT_SYMBOL(cfg80211_testmode_alloc_reply_skb); 4071 4072 int cfg80211_testmode_reply(struct sk_buff *skb) 4073 { 4074 struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0]; 4075 void *hdr = ((void **)skb->cb)[1]; 4076 struct nlattr *data = ((void **)skb->cb)[2]; 4077 4078 if (WARN_ON(!rdev->testmode_info)) { 4079 kfree_skb(skb); 4080 return -EINVAL; 4081 } 4082 4083 nla_nest_end(skb, data); 4084 genlmsg_end(skb, hdr); 4085 return genlmsg_reply(skb, rdev->testmode_info); 4086 } 4087 EXPORT_SYMBOL(cfg80211_testmode_reply); 4088 4089 struct sk_buff *cfg80211_testmode_alloc_event_skb(struct wiphy *wiphy, 4090 int approxlen, gfp_t gfp) 4091 { 4092 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 4093 4094 return __cfg80211_testmode_alloc_skb(rdev, approxlen, 0, 0, gfp); 4095 } 4096 EXPORT_SYMBOL(cfg80211_testmode_alloc_event_skb); 4097 4098 void cfg80211_testmode_event(struct sk_buff *skb, gfp_t gfp) 4099 { 4100 void *hdr = ((void **)skb->cb)[1]; 4101 struct nlattr *data = ((void **)skb->cb)[2]; 4102 4103 nla_nest_end(skb, data); 4104 genlmsg_end(skb, hdr); 4105 genlmsg_multicast(skb, 0, nl80211_testmode_mcgrp.id, gfp); 4106 } 4107 EXPORT_SYMBOL(cfg80211_testmode_event); 4108 #endif 4109 4110 static int nl80211_connect(struct sk_buff *skb, struct genl_info *info) 4111 { 4112 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4113 struct net_device *dev = info->user_ptr[1]; 4114 struct cfg80211_connect_params connect; 4115 struct wiphy *wiphy; 4116 struct cfg80211_cached_keys *connkeys = NULL; 4117 int err; 4118 4119 memset(&connect, 0, sizeof(connect)); 4120 4121 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4122 return -EINVAL; 4123 4124 if (!info->attrs[NL80211_ATTR_SSID] || 4125 !nla_len(info->attrs[NL80211_ATTR_SSID])) 4126 return -EINVAL; 4127 4128 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) { 4129 connect.auth_type = 4130 nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]); 4131 if (!nl80211_valid_auth_type(connect.auth_type)) 4132 return -EINVAL; 4133 } else 4134 connect.auth_type = NL80211_AUTHTYPE_AUTOMATIC; 4135 4136 connect.privacy = info->attrs[NL80211_ATTR_PRIVACY]; 4137 4138 err = nl80211_crypto_settings(rdev, info, &connect.crypto, 4139 NL80211_MAX_NR_CIPHER_SUITES); 4140 if (err) 4141 return err; 4142 4143 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4144 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4145 return -EOPNOTSUPP; 4146 4147 wiphy = &rdev->wiphy; 4148 4149 if (info->attrs[NL80211_ATTR_MAC]) 4150 connect.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4151 connect.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 4152 connect.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 4153 4154 if (info->attrs[NL80211_ATTR_IE]) { 4155 connect.ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4156 connect.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4157 } 4158 4159 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { 4160 connect.channel = 4161 ieee80211_get_channel(wiphy, 4162 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 4163 if (!connect.channel || 4164 connect.channel->flags & IEEE80211_CHAN_DISABLED) 4165 return -EINVAL; 4166 } 4167 4168 if (connect.privacy && info->attrs[NL80211_ATTR_KEYS]) { 4169 connkeys = nl80211_parse_connkeys(rdev, 4170 info->attrs[NL80211_ATTR_KEYS]); 4171 if (IS_ERR(connkeys)) 4172 return PTR_ERR(connkeys); 4173 } 4174 4175 err = cfg80211_connect(rdev, dev, &connect, connkeys); 4176 if (err) 4177 kfree(connkeys); 4178 return err; 4179 } 4180 4181 static int nl80211_disconnect(struct sk_buff *skb, struct genl_info *info) 4182 { 4183 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4184 struct net_device *dev = info->user_ptr[1]; 4185 u16 reason; 4186 4187 if (!info->attrs[NL80211_ATTR_REASON_CODE]) 4188 reason = WLAN_REASON_DEAUTH_LEAVING; 4189 else 4190 reason = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 4191 4192 if (reason == 0) 4193 return -EINVAL; 4194 4195 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4196 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4197 return -EOPNOTSUPP; 4198 4199 return cfg80211_disconnect(rdev, dev, reason, true); 4200 } 4201 4202 static int nl80211_wiphy_netns(struct sk_buff *skb, struct genl_info *info) 4203 { 4204 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4205 struct net *net; 4206 int err; 4207 u32 pid; 4208 4209 if (!info->attrs[NL80211_ATTR_PID]) 4210 return -EINVAL; 4211 4212 pid = nla_get_u32(info->attrs[NL80211_ATTR_PID]); 4213 4214 net = get_net_ns_by_pid(pid); 4215 if (IS_ERR(net)) 4216 return PTR_ERR(net); 4217 4218 err = 0; 4219 4220 /* check if anything to do */ 4221 if (!net_eq(wiphy_net(&rdev->wiphy), net)) 4222 err = cfg80211_switch_netns(rdev, net); 4223 4224 put_net(net); 4225 return err; 4226 } 4227 4228 static int nl80211_setdel_pmksa(struct sk_buff *skb, struct genl_info *info) 4229 { 4230 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4231 int (*rdev_ops)(struct wiphy *wiphy, struct net_device *dev, 4232 struct cfg80211_pmksa *pmksa) = NULL; 4233 struct net_device *dev = info->user_ptr[1]; 4234 struct cfg80211_pmksa pmksa; 4235 4236 memset(&pmksa, 0, sizeof(struct cfg80211_pmksa)); 4237 4238 if (!info->attrs[NL80211_ATTR_MAC]) 4239 return -EINVAL; 4240 4241 if (!info->attrs[NL80211_ATTR_PMKID]) 4242 return -EINVAL; 4243 4244 pmksa.pmkid = nla_data(info->attrs[NL80211_ATTR_PMKID]); 4245 pmksa.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4246 4247 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4248 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4249 return -EOPNOTSUPP; 4250 4251 switch (info->genlhdr->cmd) { 4252 case NL80211_CMD_SET_PMKSA: 4253 rdev_ops = rdev->ops->set_pmksa; 4254 break; 4255 case NL80211_CMD_DEL_PMKSA: 4256 rdev_ops = rdev->ops->del_pmksa; 4257 break; 4258 default: 4259 WARN_ON(1); 4260 break; 4261 } 4262 4263 if (!rdev_ops) 4264 return -EOPNOTSUPP; 4265 4266 return rdev_ops(&rdev->wiphy, dev, &pmksa); 4267 } 4268 4269 static int nl80211_flush_pmksa(struct sk_buff *skb, struct genl_info *info) 4270 { 4271 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4272 struct net_device *dev = info->user_ptr[1]; 4273 4274 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4275 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4276 return -EOPNOTSUPP; 4277 4278 if (!rdev->ops->flush_pmksa) 4279 return -EOPNOTSUPP; 4280 4281 return rdev->ops->flush_pmksa(&rdev->wiphy, dev); 4282 } 4283 4284 static int nl80211_remain_on_channel(struct sk_buff *skb, 4285 struct genl_info *info) 4286 { 4287 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4288 struct net_device *dev = info->user_ptr[1]; 4289 struct ieee80211_channel *chan; 4290 struct sk_buff *msg; 4291 void *hdr; 4292 u64 cookie; 4293 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 4294 u32 freq, duration; 4295 int err; 4296 4297 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] || 4298 !info->attrs[NL80211_ATTR_DURATION]) 4299 return -EINVAL; 4300 4301 duration = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]); 4302 4303 /* 4304 * We should be on that channel for at least one jiffie, 4305 * and more than 5 seconds seems excessive. 4306 */ 4307 if (!duration || !msecs_to_jiffies(duration) || 4308 duration > rdev->wiphy.max_remain_on_channel_duration) 4309 return -EINVAL; 4310 4311 if (!rdev->ops->remain_on_channel) 4312 return -EOPNOTSUPP; 4313 4314 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 4315 channel_type = nla_get_u32( 4316 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 4317 if (channel_type != NL80211_CHAN_NO_HT && 4318 channel_type != NL80211_CHAN_HT20 && 4319 channel_type != NL80211_CHAN_HT40PLUS && 4320 channel_type != NL80211_CHAN_HT40MINUS) 4321 return -EINVAL; 4322 } 4323 4324 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); 4325 chan = rdev_freq_to_chan(rdev, freq, channel_type); 4326 if (chan == NULL) 4327 return -EINVAL; 4328 4329 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 4330 if (!msg) 4331 return -ENOMEM; 4332 4333 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 4334 NL80211_CMD_REMAIN_ON_CHANNEL); 4335 4336 if (IS_ERR(hdr)) { 4337 err = PTR_ERR(hdr); 4338 goto free_msg; 4339 } 4340 4341 err = rdev->ops->remain_on_channel(&rdev->wiphy, dev, chan, 4342 channel_type, duration, &cookie); 4343 4344 if (err) 4345 goto free_msg; 4346 4347 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 4348 4349 genlmsg_end(msg, hdr); 4350 4351 return genlmsg_reply(msg, info); 4352 4353 nla_put_failure: 4354 err = -ENOBUFS; 4355 free_msg: 4356 nlmsg_free(msg); 4357 return err; 4358 } 4359 4360 static int nl80211_cancel_remain_on_channel(struct sk_buff *skb, 4361 struct genl_info *info) 4362 { 4363 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4364 struct net_device *dev = info->user_ptr[1]; 4365 u64 cookie; 4366 4367 if (!info->attrs[NL80211_ATTR_COOKIE]) 4368 return -EINVAL; 4369 4370 if (!rdev->ops->cancel_remain_on_channel) 4371 return -EOPNOTSUPP; 4372 4373 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]); 4374 4375 return rdev->ops->cancel_remain_on_channel(&rdev->wiphy, dev, cookie); 4376 } 4377 4378 static u32 rateset_to_mask(struct ieee80211_supported_band *sband, 4379 u8 *rates, u8 rates_len) 4380 { 4381 u8 i; 4382 u32 mask = 0; 4383 4384 for (i = 0; i < rates_len; i++) { 4385 int rate = (rates[i] & 0x7f) * 5; 4386 int ridx; 4387 for (ridx = 0; ridx < sband->n_bitrates; ridx++) { 4388 struct ieee80211_rate *srate = 4389 &sband->bitrates[ridx]; 4390 if (rate == srate->bitrate) { 4391 mask |= 1 << ridx; 4392 break; 4393 } 4394 } 4395 if (ridx == sband->n_bitrates) 4396 return 0; /* rate not found */ 4397 } 4398 4399 return mask; 4400 } 4401 4402 static const struct nla_policy nl80211_txattr_policy[NL80211_TXRATE_MAX + 1] = { 4403 [NL80211_TXRATE_LEGACY] = { .type = NLA_BINARY, 4404 .len = NL80211_MAX_SUPP_RATES }, 4405 }; 4406 4407 static int nl80211_set_tx_bitrate_mask(struct sk_buff *skb, 4408 struct genl_info *info) 4409 { 4410 struct nlattr *tb[NL80211_TXRATE_MAX + 1]; 4411 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4412 struct cfg80211_bitrate_mask mask; 4413 int rem, i; 4414 struct net_device *dev = info->user_ptr[1]; 4415 struct nlattr *tx_rates; 4416 struct ieee80211_supported_band *sband; 4417 4418 if (info->attrs[NL80211_ATTR_TX_RATES] == NULL) 4419 return -EINVAL; 4420 4421 if (!rdev->ops->set_bitrate_mask) 4422 return -EOPNOTSUPP; 4423 4424 memset(&mask, 0, sizeof(mask)); 4425 /* Default to all rates enabled */ 4426 for (i = 0; i < IEEE80211_NUM_BANDS; i++) { 4427 sband = rdev->wiphy.bands[i]; 4428 mask.control[i].legacy = 4429 sband ? (1 << sband->n_bitrates) - 1 : 0; 4430 } 4431 4432 /* 4433 * The nested attribute uses enum nl80211_band as the index. This maps 4434 * directly to the enum ieee80211_band values used in cfg80211. 4435 */ 4436 nla_for_each_nested(tx_rates, info->attrs[NL80211_ATTR_TX_RATES], rem) 4437 { 4438 enum ieee80211_band band = nla_type(tx_rates); 4439 if (band < 0 || band >= IEEE80211_NUM_BANDS) 4440 return -EINVAL; 4441 sband = rdev->wiphy.bands[band]; 4442 if (sband == NULL) 4443 return -EINVAL; 4444 nla_parse(tb, NL80211_TXRATE_MAX, nla_data(tx_rates), 4445 nla_len(tx_rates), nl80211_txattr_policy); 4446 if (tb[NL80211_TXRATE_LEGACY]) { 4447 mask.control[band].legacy = rateset_to_mask( 4448 sband, 4449 nla_data(tb[NL80211_TXRATE_LEGACY]), 4450 nla_len(tb[NL80211_TXRATE_LEGACY])); 4451 if (mask.control[band].legacy == 0) 4452 return -EINVAL; 4453 } 4454 } 4455 4456 return rdev->ops->set_bitrate_mask(&rdev->wiphy, dev, NULL, &mask); 4457 } 4458 4459 static int nl80211_register_mgmt(struct sk_buff *skb, struct genl_info *info) 4460 { 4461 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4462 struct net_device *dev = info->user_ptr[1]; 4463 u16 frame_type = IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_ACTION; 4464 4465 if (!info->attrs[NL80211_ATTR_FRAME_MATCH]) 4466 return -EINVAL; 4467 4468 if (info->attrs[NL80211_ATTR_FRAME_TYPE]) 4469 frame_type = nla_get_u16(info->attrs[NL80211_ATTR_FRAME_TYPE]); 4470 4471 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4472 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC && 4473 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT && 4474 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 4475 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 4476 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT && 4477 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 4478 return -EOPNOTSUPP; 4479 4480 /* not much point in registering if we can't reply */ 4481 if (!rdev->ops->mgmt_tx) 4482 return -EOPNOTSUPP; 4483 4484 return cfg80211_mlme_register_mgmt(dev->ieee80211_ptr, info->snd_pid, 4485 frame_type, 4486 nla_data(info->attrs[NL80211_ATTR_FRAME_MATCH]), 4487 nla_len(info->attrs[NL80211_ATTR_FRAME_MATCH])); 4488 } 4489 4490 static int nl80211_tx_mgmt(struct sk_buff *skb, struct genl_info *info) 4491 { 4492 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4493 struct net_device *dev = info->user_ptr[1]; 4494 struct ieee80211_channel *chan; 4495 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 4496 bool channel_type_valid = false; 4497 u32 freq; 4498 int err; 4499 void *hdr; 4500 u64 cookie; 4501 struct sk_buff *msg; 4502 unsigned int wait = 0; 4503 bool offchan; 4504 4505 if (!info->attrs[NL80211_ATTR_FRAME] || 4506 !info->attrs[NL80211_ATTR_WIPHY_FREQ]) 4507 return -EINVAL; 4508 4509 if (!rdev->ops->mgmt_tx) 4510 return -EOPNOTSUPP; 4511 4512 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4513 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC && 4514 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT && 4515 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 4516 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 4517 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT && 4518 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 4519 return -EOPNOTSUPP; 4520 4521 if (info->attrs[NL80211_ATTR_DURATION]) { 4522 if (!rdev->ops->mgmt_tx_cancel_wait) 4523 return -EINVAL; 4524 wait = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]); 4525 } 4526 4527 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 4528 channel_type = nla_get_u32( 4529 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 4530 if (channel_type != NL80211_CHAN_NO_HT && 4531 channel_type != NL80211_CHAN_HT20 && 4532 channel_type != NL80211_CHAN_HT40PLUS && 4533 channel_type != NL80211_CHAN_HT40MINUS) 4534 return -EINVAL; 4535 channel_type_valid = true; 4536 } 4537 4538 offchan = info->attrs[NL80211_ATTR_OFFCHANNEL_TX_OK]; 4539 4540 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); 4541 chan = rdev_freq_to_chan(rdev, freq, channel_type); 4542 if (chan == NULL) 4543 return -EINVAL; 4544 4545 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 4546 if (!msg) 4547 return -ENOMEM; 4548 4549 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 4550 NL80211_CMD_FRAME); 4551 4552 if (IS_ERR(hdr)) { 4553 err = PTR_ERR(hdr); 4554 goto free_msg; 4555 } 4556 err = cfg80211_mlme_mgmt_tx(rdev, dev, chan, offchan, channel_type, 4557 channel_type_valid, wait, 4558 nla_data(info->attrs[NL80211_ATTR_FRAME]), 4559 nla_len(info->attrs[NL80211_ATTR_FRAME]), 4560 &cookie); 4561 if (err) 4562 goto free_msg; 4563 4564 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 4565 4566 genlmsg_end(msg, hdr); 4567 return genlmsg_reply(msg, info); 4568 4569 nla_put_failure: 4570 err = -ENOBUFS; 4571 free_msg: 4572 nlmsg_free(msg); 4573 return err; 4574 } 4575 4576 static int nl80211_tx_mgmt_cancel_wait(struct sk_buff *skb, struct genl_info *info) 4577 { 4578 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4579 struct net_device *dev = info->user_ptr[1]; 4580 u64 cookie; 4581 4582 if (!info->attrs[NL80211_ATTR_COOKIE]) 4583 return -EINVAL; 4584 4585 if (!rdev->ops->mgmt_tx_cancel_wait) 4586 return -EOPNOTSUPP; 4587 4588 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4589 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC && 4590 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT && 4591 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 4592 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 4593 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 4594 return -EOPNOTSUPP; 4595 4596 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]); 4597 4598 return rdev->ops->mgmt_tx_cancel_wait(&rdev->wiphy, dev, cookie); 4599 } 4600 4601 static int nl80211_set_power_save(struct sk_buff *skb, struct genl_info *info) 4602 { 4603 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4604 struct wireless_dev *wdev; 4605 struct net_device *dev = info->user_ptr[1]; 4606 u8 ps_state; 4607 bool state; 4608 int err; 4609 4610 if (!info->attrs[NL80211_ATTR_PS_STATE]) 4611 return -EINVAL; 4612 4613 ps_state = nla_get_u32(info->attrs[NL80211_ATTR_PS_STATE]); 4614 4615 if (ps_state != NL80211_PS_DISABLED && ps_state != NL80211_PS_ENABLED) 4616 return -EINVAL; 4617 4618 wdev = dev->ieee80211_ptr; 4619 4620 if (!rdev->ops->set_power_mgmt) 4621 return -EOPNOTSUPP; 4622 4623 state = (ps_state == NL80211_PS_ENABLED) ? true : false; 4624 4625 if (state == wdev->ps) 4626 return 0; 4627 4628 err = rdev->ops->set_power_mgmt(wdev->wiphy, dev, state, 4629 wdev->ps_timeout); 4630 if (!err) 4631 wdev->ps = state; 4632 return err; 4633 } 4634 4635 static int nl80211_get_power_save(struct sk_buff *skb, struct genl_info *info) 4636 { 4637 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4638 enum nl80211_ps_state ps_state; 4639 struct wireless_dev *wdev; 4640 struct net_device *dev = info->user_ptr[1]; 4641 struct sk_buff *msg; 4642 void *hdr; 4643 int err; 4644 4645 wdev = dev->ieee80211_ptr; 4646 4647 if (!rdev->ops->set_power_mgmt) 4648 return -EOPNOTSUPP; 4649 4650 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 4651 if (!msg) 4652 return -ENOMEM; 4653 4654 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 4655 NL80211_CMD_GET_POWER_SAVE); 4656 if (!hdr) { 4657 err = -ENOBUFS; 4658 goto free_msg; 4659 } 4660 4661 if (wdev->ps) 4662 ps_state = NL80211_PS_ENABLED; 4663 else 4664 ps_state = NL80211_PS_DISABLED; 4665 4666 NLA_PUT_U32(msg, NL80211_ATTR_PS_STATE, ps_state); 4667 4668 genlmsg_end(msg, hdr); 4669 return genlmsg_reply(msg, info); 4670 4671 nla_put_failure: 4672 err = -ENOBUFS; 4673 free_msg: 4674 nlmsg_free(msg); 4675 return err; 4676 } 4677 4678 static struct nla_policy 4679 nl80211_attr_cqm_policy[NL80211_ATTR_CQM_MAX + 1] __read_mostly = { 4680 [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_U32 }, 4681 [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U32 }, 4682 [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 }, 4683 }; 4684 4685 static int nl80211_set_cqm_rssi(struct genl_info *info, 4686 s32 threshold, u32 hysteresis) 4687 { 4688 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4689 struct wireless_dev *wdev; 4690 struct net_device *dev = info->user_ptr[1]; 4691 4692 if (threshold > 0) 4693 return -EINVAL; 4694 4695 wdev = dev->ieee80211_ptr; 4696 4697 if (!rdev->ops->set_cqm_rssi_config) 4698 return -EOPNOTSUPP; 4699 4700 if (wdev->iftype != NL80211_IFTYPE_STATION && 4701 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT) 4702 return -EOPNOTSUPP; 4703 4704 return rdev->ops->set_cqm_rssi_config(wdev->wiphy, dev, 4705 threshold, hysteresis); 4706 } 4707 4708 static int nl80211_set_cqm(struct sk_buff *skb, struct genl_info *info) 4709 { 4710 struct nlattr *attrs[NL80211_ATTR_CQM_MAX + 1]; 4711 struct nlattr *cqm; 4712 int err; 4713 4714 cqm = info->attrs[NL80211_ATTR_CQM]; 4715 if (!cqm) { 4716 err = -EINVAL; 4717 goto out; 4718 } 4719 4720 err = nla_parse_nested(attrs, NL80211_ATTR_CQM_MAX, cqm, 4721 nl80211_attr_cqm_policy); 4722 if (err) 4723 goto out; 4724 4725 if (attrs[NL80211_ATTR_CQM_RSSI_THOLD] && 4726 attrs[NL80211_ATTR_CQM_RSSI_HYST]) { 4727 s32 threshold; 4728 u32 hysteresis; 4729 threshold = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_THOLD]); 4730 hysteresis = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_HYST]); 4731 err = nl80211_set_cqm_rssi(info, threshold, hysteresis); 4732 } else 4733 err = -EINVAL; 4734 4735 out: 4736 return err; 4737 } 4738 4739 static int nl80211_join_mesh(struct sk_buff *skb, struct genl_info *info) 4740 { 4741 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4742 struct net_device *dev = info->user_ptr[1]; 4743 struct mesh_config cfg; 4744 struct mesh_setup setup; 4745 int err; 4746 4747 /* start with default */ 4748 memcpy(&cfg, &default_mesh_config, sizeof(cfg)); 4749 memcpy(&setup, &default_mesh_setup, sizeof(setup)); 4750 4751 if (info->attrs[NL80211_ATTR_MESH_CONFIG]) { 4752 /* and parse parameters if given */ 4753 err = nl80211_parse_mesh_config(info, &cfg, NULL); 4754 if (err) 4755 return err; 4756 } 4757 4758 if (!info->attrs[NL80211_ATTR_MESH_ID] || 4759 !nla_len(info->attrs[NL80211_ATTR_MESH_ID])) 4760 return -EINVAL; 4761 4762 setup.mesh_id = nla_data(info->attrs[NL80211_ATTR_MESH_ID]); 4763 setup.mesh_id_len = nla_len(info->attrs[NL80211_ATTR_MESH_ID]); 4764 4765 if (info->attrs[NL80211_ATTR_MESH_SETUP]) { 4766 /* parse additional setup parameters if given */ 4767 err = nl80211_parse_mesh_setup(info, &setup); 4768 if (err) 4769 return err; 4770 } 4771 4772 return cfg80211_join_mesh(rdev, dev, &setup, &cfg); 4773 } 4774 4775 static int nl80211_leave_mesh(struct sk_buff *skb, struct genl_info *info) 4776 { 4777 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4778 struct net_device *dev = info->user_ptr[1]; 4779 4780 return cfg80211_leave_mesh(rdev, dev); 4781 } 4782 4783 #define NL80211_FLAG_NEED_WIPHY 0x01 4784 #define NL80211_FLAG_NEED_NETDEV 0x02 4785 #define NL80211_FLAG_NEED_RTNL 0x04 4786 #define NL80211_FLAG_CHECK_NETDEV_UP 0x08 4787 #define NL80211_FLAG_NEED_NETDEV_UP (NL80211_FLAG_NEED_NETDEV |\ 4788 NL80211_FLAG_CHECK_NETDEV_UP) 4789 4790 static int nl80211_pre_doit(struct genl_ops *ops, struct sk_buff *skb, 4791 struct genl_info *info) 4792 { 4793 struct cfg80211_registered_device *rdev; 4794 struct net_device *dev; 4795 int err; 4796 bool rtnl = ops->internal_flags & NL80211_FLAG_NEED_RTNL; 4797 4798 if (rtnl) 4799 rtnl_lock(); 4800 4801 if (ops->internal_flags & NL80211_FLAG_NEED_WIPHY) { 4802 rdev = cfg80211_get_dev_from_info(info); 4803 if (IS_ERR(rdev)) { 4804 if (rtnl) 4805 rtnl_unlock(); 4806 return PTR_ERR(rdev); 4807 } 4808 info->user_ptr[0] = rdev; 4809 } else if (ops->internal_flags & NL80211_FLAG_NEED_NETDEV) { 4810 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 4811 if (err) { 4812 if (rtnl) 4813 rtnl_unlock(); 4814 return err; 4815 } 4816 if (ops->internal_flags & NL80211_FLAG_CHECK_NETDEV_UP && 4817 !netif_running(dev)) { 4818 cfg80211_unlock_rdev(rdev); 4819 dev_put(dev); 4820 if (rtnl) 4821 rtnl_unlock(); 4822 return -ENETDOWN; 4823 } 4824 info->user_ptr[0] = rdev; 4825 info->user_ptr[1] = dev; 4826 } 4827 4828 return 0; 4829 } 4830 4831 static void nl80211_post_doit(struct genl_ops *ops, struct sk_buff *skb, 4832 struct genl_info *info) 4833 { 4834 if (info->user_ptr[0]) 4835 cfg80211_unlock_rdev(info->user_ptr[0]); 4836 if (info->user_ptr[1]) 4837 dev_put(info->user_ptr[1]); 4838 if (ops->internal_flags & NL80211_FLAG_NEED_RTNL) 4839 rtnl_unlock(); 4840 } 4841 4842 static struct genl_ops nl80211_ops[] = { 4843 { 4844 .cmd = NL80211_CMD_GET_WIPHY, 4845 .doit = nl80211_get_wiphy, 4846 .dumpit = nl80211_dump_wiphy, 4847 .policy = nl80211_policy, 4848 /* can be retrieved by unprivileged users */ 4849 .internal_flags = NL80211_FLAG_NEED_WIPHY, 4850 }, 4851 { 4852 .cmd = NL80211_CMD_SET_WIPHY, 4853 .doit = nl80211_set_wiphy, 4854 .policy = nl80211_policy, 4855 .flags = GENL_ADMIN_PERM, 4856 .internal_flags = NL80211_FLAG_NEED_RTNL, 4857 }, 4858 { 4859 .cmd = NL80211_CMD_GET_INTERFACE, 4860 .doit = nl80211_get_interface, 4861 .dumpit = nl80211_dump_interface, 4862 .policy = nl80211_policy, 4863 /* can be retrieved by unprivileged users */ 4864 .internal_flags = NL80211_FLAG_NEED_NETDEV, 4865 }, 4866 { 4867 .cmd = NL80211_CMD_SET_INTERFACE, 4868 .doit = nl80211_set_interface, 4869 .policy = nl80211_policy, 4870 .flags = GENL_ADMIN_PERM, 4871 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4872 NL80211_FLAG_NEED_RTNL, 4873 }, 4874 { 4875 .cmd = NL80211_CMD_NEW_INTERFACE, 4876 .doit = nl80211_new_interface, 4877 .policy = nl80211_policy, 4878 .flags = GENL_ADMIN_PERM, 4879 .internal_flags = NL80211_FLAG_NEED_WIPHY | 4880 NL80211_FLAG_NEED_RTNL, 4881 }, 4882 { 4883 .cmd = NL80211_CMD_DEL_INTERFACE, 4884 .doit = nl80211_del_interface, 4885 .policy = nl80211_policy, 4886 .flags = GENL_ADMIN_PERM, 4887 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4888 NL80211_FLAG_NEED_RTNL, 4889 }, 4890 { 4891 .cmd = NL80211_CMD_GET_KEY, 4892 .doit = nl80211_get_key, 4893 .policy = nl80211_policy, 4894 .flags = GENL_ADMIN_PERM, 4895 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4896 NL80211_FLAG_NEED_RTNL, 4897 }, 4898 { 4899 .cmd = NL80211_CMD_SET_KEY, 4900 .doit = nl80211_set_key, 4901 .policy = nl80211_policy, 4902 .flags = GENL_ADMIN_PERM, 4903 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4904 NL80211_FLAG_NEED_RTNL, 4905 }, 4906 { 4907 .cmd = NL80211_CMD_NEW_KEY, 4908 .doit = nl80211_new_key, 4909 .policy = nl80211_policy, 4910 .flags = GENL_ADMIN_PERM, 4911 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4912 NL80211_FLAG_NEED_RTNL, 4913 }, 4914 { 4915 .cmd = NL80211_CMD_DEL_KEY, 4916 .doit = nl80211_del_key, 4917 .policy = nl80211_policy, 4918 .flags = GENL_ADMIN_PERM, 4919 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4920 NL80211_FLAG_NEED_RTNL, 4921 }, 4922 { 4923 .cmd = NL80211_CMD_SET_BEACON, 4924 .policy = nl80211_policy, 4925 .flags = GENL_ADMIN_PERM, 4926 .doit = nl80211_addset_beacon, 4927 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4928 NL80211_FLAG_NEED_RTNL, 4929 }, 4930 { 4931 .cmd = NL80211_CMD_NEW_BEACON, 4932 .policy = nl80211_policy, 4933 .flags = GENL_ADMIN_PERM, 4934 .doit = nl80211_addset_beacon, 4935 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4936 NL80211_FLAG_NEED_RTNL, 4937 }, 4938 { 4939 .cmd = NL80211_CMD_DEL_BEACON, 4940 .policy = nl80211_policy, 4941 .flags = GENL_ADMIN_PERM, 4942 .doit = nl80211_del_beacon, 4943 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4944 NL80211_FLAG_NEED_RTNL, 4945 }, 4946 { 4947 .cmd = NL80211_CMD_GET_STATION, 4948 .doit = nl80211_get_station, 4949 .dumpit = nl80211_dump_station, 4950 .policy = nl80211_policy, 4951 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4952 NL80211_FLAG_NEED_RTNL, 4953 }, 4954 { 4955 .cmd = NL80211_CMD_SET_STATION, 4956 .doit = nl80211_set_station, 4957 .policy = nl80211_policy, 4958 .flags = GENL_ADMIN_PERM, 4959 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4960 NL80211_FLAG_NEED_RTNL, 4961 }, 4962 { 4963 .cmd = NL80211_CMD_NEW_STATION, 4964 .doit = nl80211_new_station, 4965 .policy = nl80211_policy, 4966 .flags = GENL_ADMIN_PERM, 4967 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4968 NL80211_FLAG_NEED_RTNL, 4969 }, 4970 { 4971 .cmd = NL80211_CMD_DEL_STATION, 4972 .doit = nl80211_del_station, 4973 .policy = nl80211_policy, 4974 .flags = GENL_ADMIN_PERM, 4975 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4976 NL80211_FLAG_NEED_RTNL, 4977 }, 4978 { 4979 .cmd = NL80211_CMD_GET_MPATH, 4980 .doit = nl80211_get_mpath, 4981 .dumpit = nl80211_dump_mpath, 4982 .policy = nl80211_policy, 4983 .flags = GENL_ADMIN_PERM, 4984 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4985 NL80211_FLAG_NEED_RTNL, 4986 }, 4987 { 4988 .cmd = NL80211_CMD_SET_MPATH, 4989 .doit = nl80211_set_mpath, 4990 .policy = nl80211_policy, 4991 .flags = GENL_ADMIN_PERM, 4992 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4993 NL80211_FLAG_NEED_RTNL, 4994 }, 4995 { 4996 .cmd = NL80211_CMD_NEW_MPATH, 4997 .doit = nl80211_new_mpath, 4998 .policy = nl80211_policy, 4999 .flags = GENL_ADMIN_PERM, 5000 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5001 NL80211_FLAG_NEED_RTNL, 5002 }, 5003 { 5004 .cmd = NL80211_CMD_DEL_MPATH, 5005 .doit = nl80211_del_mpath, 5006 .policy = nl80211_policy, 5007 .flags = GENL_ADMIN_PERM, 5008 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5009 NL80211_FLAG_NEED_RTNL, 5010 }, 5011 { 5012 .cmd = NL80211_CMD_SET_BSS, 5013 .doit = nl80211_set_bss, 5014 .policy = nl80211_policy, 5015 .flags = GENL_ADMIN_PERM, 5016 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5017 NL80211_FLAG_NEED_RTNL, 5018 }, 5019 { 5020 .cmd = NL80211_CMD_GET_REG, 5021 .doit = nl80211_get_reg, 5022 .policy = nl80211_policy, 5023 /* can be retrieved by unprivileged users */ 5024 }, 5025 { 5026 .cmd = NL80211_CMD_SET_REG, 5027 .doit = nl80211_set_reg, 5028 .policy = nl80211_policy, 5029 .flags = GENL_ADMIN_PERM, 5030 }, 5031 { 5032 .cmd = NL80211_CMD_REQ_SET_REG, 5033 .doit = nl80211_req_set_reg, 5034 .policy = nl80211_policy, 5035 .flags = GENL_ADMIN_PERM, 5036 }, 5037 { 5038 .cmd = NL80211_CMD_GET_MESH_CONFIG, 5039 .doit = nl80211_get_mesh_config, 5040 .policy = nl80211_policy, 5041 /* can be retrieved by unprivileged users */ 5042 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5043 NL80211_FLAG_NEED_RTNL, 5044 }, 5045 { 5046 .cmd = NL80211_CMD_SET_MESH_CONFIG, 5047 .doit = nl80211_update_mesh_config, 5048 .policy = nl80211_policy, 5049 .flags = GENL_ADMIN_PERM, 5050 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5051 NL80211_FLAG_NEED_RTNL, 5052 }, 5053 { 5054 .cmd = NL80211_CMD_TRIGGER_SCAN, 5055 .doit = nl80211_trigger_scan, 5056 .policy = nl80211_policy, 5057 .flags = GENL_ADMIN_PERM, 5058 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5059 NL80211_FLAG_NEED_RTNL, 5060 }, 5061 { 5062 .cmd = NL80211_CMD_GET_SCAN, 5063 .policy = nl80211_policy, 5064 .dumpit = nl80211_dump_scan, 5065 }, 5066 { 5067 .cmd = NL80211_CMD_AUTHENTICATE, 5068 .doit = nl80211_authenticate, 5069 .policy = nl80211_policy, 5070 .flags = GENL_ADMIN_PERM, 5071 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5072 NL80211_FLAG_NEED_RTNL, 5073 }, 5074 { 5075 .cmd = NL80211_CMD_ASSOCIATE, 5076 .doit = nl80211_associate, 5077 .policy = nl80211_policy, 5078 .flags = GENL_ADMIN_PERM, 5079 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5080 NL80211_FLAG_NEED_RTNL, 5081 }, 5082 { 5083 .cmd = NL80211_CMD_DEAUTHENTICATE, 5084 .doit = nl80211_deauthenticate, 5085 .policy = nl80211_policy, 5086 .flags = GENL_ADMIN_PERM, 5087 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5088 NL80211_FLAG_NEED_RTNL, 5089 }, 5090 { 5091 .cmd = NL80211_CMD_DISASSOCIATE, 5092 .doit = nl80211_disassociate, 5093 .policy = nl80211_policy, 5094 .flags = GENL_ADMIN_PERM, 5095 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5096 NL80211_FLAG_NEED_RTNL, 5097 }, 5098 { 5099 .cmd = NL80211_CMD_JOIN_IBSS, 5100 .doit = nl80211_join_ibss, 5101 .policy = nl80211_policy, 5102 .flags = GENL_ADMIN_PERM, 5103 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5104 NL80211_FLAG_NEED_RTNL, 5105 }, 5106 { 5107 .cmd = NL80211_CMD_LEAVE_IBSS, 5108 .doit = nl80211_leave_ibss, 5109 .policy = nl80211_policy, 5110 .flags = GENL_ADMIN_PERM, 5111 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5112 NL80211_FLAG_NEED_RTNL, 5113 }, 5114 #ifdef CONFIG_NL80211_TESTMODE 5115 { 5116 .cmd = NL80211_CMD_TESTMODE, 5117 .doit = nl80211_testmode_do, 5118 .policy = nl80211_policy, 5119 .flags = GENL_ADMIN_PERM, 5120 .internal_flags = NL80211_FLAG_NEED_WIPHY | 5121 NL80211_FLAG_NEED_RTNL, 5122 }, 5123 #endif 5124 { 5125 .cmd = NL80211_CMD_CONNECT, 5126 .doit = nl80211_connect, 5127 .policy = nl80211_policy, 5128 .flags = GENL_ADMIN_PERM, 5129 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5130 NL80211_FLAG_NEED_RTNL, 5131 }, 5132 { 5133 .cmd = NL80211_CMD_DISCONNECT, 5134 .doit = nl80211_disconnect, 5135 .policy = nl80211_policy, 5136 .flags = GENL_ADMIN_PERM, 5137 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5138 NL80211_FLAG_NEED_RTNL, 5139 }, 5140 { 5141 .cmd = NL80211_CMD_SET_WIPHY_NETNS, 5142 .doit = nl80211_wiphy_netns, 5143 .policy = nl80211_policy, 5144 .flags = GENL_ADMIN_PERM, 5145 .internal_flags = NL80211_FLAG_NEED_WIPHY | 5146 NL80211_FLAG_NEED_RTNL, 5147 }, 5148 { 5149 .cmd = NL80211_CMD_GET_SURVEY, 5150 .policy = nl80211_policy, 5151 .dumpit = nl80211_dump_survey, 5152 }, 5153 { 5154 .cmd = NL80211_CMD_SET_PMKSA, 5155 .doit = nl80211_setdel_pmksa, 5156 .policy = nl80211_policy, 5157 .flags = GENL_ADMIN_PERM, 5158 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5159 NL80211_FLAG_NEED_RTNL, 5160 }, 5161 { 5162 .cmd = NL80211_CMD_DEL_PMKSA, 5163 .doit = nl80211_setdel_pmksa, 5164 .policy = nl80211_policy, 5165 .flags = GENL_ADMIN_PERM, 5166 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5167 NL80211_FLAG_NEED_RTNL, 5168 }, 5169 { 5170 .cmd = NL80211_CMD_FLUSH_PMKSA, 5171 .doit = nl80211_flush_pmksa, 5172 .policy = nl80211_policy, 5173 .flags = GENL_ADMIN_PERM, 5174 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5175 NL80211_FLAG_NEED_RTNL, 5176 }, 5177 { 5178 .cmd = NL80211_CMD_REMAIN_ON_CHANNEL, 5179 .doit = nl80211_remain_on_channel, 5180 .policy = nl80211_policy, 5181 .flags = GENL_ADMIN_PERM, 5182 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5183 NL80211_FLAG_NEED_RTNL, 5184 }, 5185 { 5186 .cmd = NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL, 5187 .doit = nl80211_cancel_remain_on_channel, 5188 .policy = nl80211_policy, 5189 .flags = GENL_ADMIN_PERM, 5190 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5191 NL80211_FLAG_NEED_RTNL, 5192 }, 5193 { 5194 .cmd = NL80211_CMD_SET_TX_BITRATE_MASK, 5195 .doit = nl80211_set_tx_bitrate_mask, 5196 .policy = nl80211_policy, 5197 .flags = GENL_ADMIN_PERM, 5198 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5199 NL80211_FLAG_NEED_RTNL, 5200 }, 5201 { 5202 .cmd = NL80211_CMD_REGISTER_FRAME, 5203 .doit = nl80211_register_mgmt, 5204 .policy = nl80211_policy, 5205 .flags = GENL_ADMIN_PERM, 5206 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5207 NL80211_FLAG_NEED_RTNL, 5208 }, 5209 { 5210 .cmd = NL80211_CMD_FRAME, 5211 .doit = nl80211_tx_mgmt, 5212 .policy = nl80211_policy, 5213 .flags = GENL_ADMIN_PERM, 5214 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5215 NL80211_FLAG_NEED_RTNL, 5216 }, 5217 { 5218 .cmd = NL80211_CMD_FRAME_WAIT_CANCEL, 5219 .doit = nl80211_tx_mgmt_cancel_wait, 5220 .policy = nl80211_policy, 5221 .flags = GENL_ADMIN_PERM, 5222 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5223 NL80211_FLAG_NEED_RTNL, 5224 }, 5225 { 5226 .cmd = NL80211_CMD_SET_POWER_SAVE, 5227 .doit = nl80211_set_power_save, 5228 .policy = nl80211_policy, 5229 .flags = GENL_ADMIN_PERM, 5230 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5231 NL80211_FLAG_NEED_RTNL, 5232 }, 5233 { 5234 .cmd = NL80211_CMD_GET_POWER_SAVE, 5235 .doit = nl80211_get_power_save, 5236 .policy = nl80211_policy, 5237 /* can be retrieved by unprivileged users */ 5238 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5239 NL80211_FLAG_NEED_RTNL, 5240 }, 5241 { 5242 .cmd = NL80211_CMD_SET_CQM, 5243 .doit = nl80211_set_cqm, 5244 .policy = nl80211_policy, 5245 .flags = GENL_ADMIN_PERM, 5246 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5247 NL80211_FLAG_NEED_RTNL, 5248 }, 5249 { 5250 .cmd = NL80211_CMD_SET_CHANNEL, 5251 .doit = nl80211_set_channel, 5252 .policy = nl80211_policy, 5253 .flags = GENL_ADMIN_PERM, 5254 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5255 NL80211_FLAG_NEED_RTNL, 5256 }, 5257 { 5258 .cmd = NL80211_CMD_SET_WDS_PEER, 5259 .doit = nl80211_set_wds_peer, 5260 .policy = nl80211_policy, 5261 .flags = GENL_ADMIN_PERM, 5262 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5263 NL80211_FLAG_NEED_RTNL, 5264 }, 5265 { 5266 .cmd = NL80211_CMD_JOIN_MESH, 5267 .doit = nl80211_join_mesh, 5268 .policy = nl80211_policy, 5269 .flags = GENL_ADMIN_PERM, 5270 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5271 NL80211_FLAG_NEED_RTNL, 5272 }, 5273 { 5274 .cmd = NL80211_CMD_LEAVE_MESH, 5275 .doit = nl80211_leave_mesh, 5276 .policy = nl80211_policy, 5277 .flags = GENL_ADMIN_PERM, 5278 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5279 NL80211_FLAG_NEED_RTNL, 5280 }, 5281 }; 5282 5283 static struct genl_multicast_group nl80211_mlme_mcgrp = { 5284 .name = "mlme", 5285 }; 5286 5287 /* multicast groups */ 5288 static struct genl_multicast_group nl80211_config_mcgrp = { 5289 .name = "config", 5290 }; 5291 static struct genl_multicast_group nl80211_scan_mcgrp = { 5292 .name = "scan", 5293 }; 5294 static struct genl_multicast_group nl80211_regulatory_mcgrp = { 5295 .name = "regulatory", 5296 }; 5297 5298 /* notification functions */ 5299 5300 void nl80211_notify_dev_rename(struct cfg80211_registered_device *rdev) 5301 { 5302 struct sk_buff *msg; 5303 5304 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5305 if (!msg) 5306 return; 5307 5308 if (nl80211_send_wiphy(msg, 0, 0, 0, rdev) < 0) { 5309 nlmsg_free(msg); 5310 return; 5311 } 5312 5313 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5314 nl80211_config_mcgrp.id, GFP_KERNEL); 5315 } 5316 5317 static int nl80211_add_scan_req(struct sk_buff *msg, 5318 struct cfg80211_registered_device *rdev) 5319 { 5320 struct cfg80211_scan_request *req = rdev->scan_req; 5321 struct nlattr *nest; 5322 int i; 5323 5324 ASSERT_RDEV_LOCK(rdev); 5325 5326 if (WARN_ON(!req)) 5327 return 0; 5328 5329 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_SSIDS); 5330 if (!nest) 5331 goto nla_put_failure; 5332 for (i = 0; i < req->n_ssids; i++) 5333 NLA_PUT(msg, i, req->ssids[i].ssid_len, req->ssids[i].ssid); 5334 nla_nest_end(msg, nest); 5335 5336 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_FREQUENCIES); 5337 if (!nest) 5338 goto nla_put_failure; 5339 for (i = 0; i < req->n_channels; i++) 5340 NLA_PUT_U32(msg, i, req->channels[i]->center_freq); 5341 nla_nest_end(msg, nest); 5342 5343 if (req->ie) 5344 NLA_PUT(msg, NL80211_ATTR_IE, req->ie_len, req->ie); 5345 5346 return 0; 5347 nla_put_failure: 5348 return -ENOBUFS; 5349 } 5350 5351 static int nl80211_send_scan_msg(struct sk_buff *msg, 5352 struct cfg80211_registered_device *rdev, 5353 struct net_device *netdev, 5354 u32 pid, u32 seq, int flags, 5355 u32 cmd) 5356 { 5357 void *hdr; 5358 5359 hdr = nl80211hdr_put(msg, pid, seq, flags, cmd); 5360 if (!hdr) 5361 return -1; 5362 5363 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5364 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5365 5366 /* ignore errors and send incomplete event anyway */ 5367 nl80211_add_scan_req(msg, rdev); 5368 5369 return genlmsg_end(msg, hdr); 5370 5371 nla_put_failure: 5372 genlmsg_cancel(msg, hdr); 5373 return -EMSGSIZE; 5374 } 5375 5376 void nl80211_send_scan_start(struct cfg80211_registered_device *rdev, 5377 struct net_device *netdev) 5378 { 5379 struct sk_buff *msg; 5380 5381 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL); 5382 if (!msg) 5383 return; 5384 5385 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0, 5386 NL80211_CMD_TRIGGER_SCAN) < 0) { 5387 nlmsg_free(msg); 5388 return; 5389 } 5390 5391 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5392 nl80211_scan_mcgrp.id, GFP_KERNEL); 5393 } 5394 5395 void nl80211_send_scan_done(struct cfg80211_registered_device *rdev, 5396 struct net_device *netdev) 5397 { 5398 struct sk_buff *msg; 5399 5400 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5401 if (!msg) 5402 return; 5403 5404 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0, 5405 NL80211_CMD_NEW_SCAN_RESULTS) < 0) { 5406 nlmsg_free(msg); 5407 return; 5408 } 5409 5410 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5411 nl80211_scan_mcgrp.id, GFP_KERNEL); 5412 } 5413 5414 void nl80211_send_scan_aborted(struct cfg80211_registered_device *rdev, 5415 struct net_device *netdev) 5416 { 5417 struct sk_buff *msg; 5418 5419 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5420 if (!msg) 5421 return; 5422 5423 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0, 5424 NL80211_CMD_SCAN_ABORTED) < 0) { 5425 nlmsg_free(msg); 5426 return; 5427 } 5428 5429 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5430 nl80211_scan_mcgrp.id, GFP_KERNEL); 5431 } 5432 5433 /* 5434 * This can happen on global regulatory changes or device specific settings 5435 * based on custom world regulatory domains. 5436 */ 5437 void nl80211_send_reg_change_event(struct regulatory_request *request) 5438 { 5439 struct sk_buff *msg; 5440 void *hdr; 5441 5442 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5443 if (!msg) 5444 return; 5445 5446 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_CHANGE); 5447 if (!hdr) { 5448 nlmsg_free(msg); 5449 return; 5450 } 5451 5452 /* Userspace can always count this one always being set */ 5453 NLA_PUT_U8(msg, NL80211_ATTR_REG_INITIATOR, request->initiator); 5454 5455 if (request->alpha2[0] == '0' && request->alpha2[1] == '0') 5456 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 5457 NL80211_REGDOM_TYPE_WORLD); 5458 else if (request->alpha2[0] == '9' && request->alpha2[1] == '9') 5459 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 5460 NL80211_REGDOM_TYPE_CUSTOM_WORLD); 5461 else if ((request->alpha2[0] == '9' && request->alpha2[1] == '8') || 5462 request->intersect) 5463 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 5464 NL80211_REGDOM_TYPE_INTERSECTION); 5465 else { 5466 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 5467 NL80211_REGDOM_TYPE_COUNTRY); 5468 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, request->alpha2); 5469 } 5470 5471 if (wiphy_idx_valid(request->wiphy_idx)) 5472 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, request->wiphy_idx); 5473 5474 if (genlmsg_end(msg, hdr) < 0) { 5475 nlmsg_free(msg); 5476 return; 5477 } 5478 5479 rcu_read_lock(); 5480 genlmsg_multicast_allns(msg, 0, nl80211_regulatory_mcgrp.id, 5481 GFP_ATOMIC); 5482 rcu_read_unlock(); 5483 5484 return; 5485 5486 nla_put_failure: 5487 genlmsg_cancel(msg, hdr); 5488 nlmsg_free(msg); 5489 } 5490 5491 static void nl80211_send_mlme_event(struct cfg80211_registered_device *rdev, 5492 struct net_device *netdev, 5493 const u8 *buf, size_t len, 5494 enum nl80211_commands cmd, gfp_t gfp) 5495 { 5496 struct sk_buff *msg; 5497 void *hdr; 5498 5499 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 5500 if (!msg) 5501 return; 5502 5503 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 5504 if (!hdr) { 5505 nlmsg_free(msg); 5506 return; 5507 } 5508 5509 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5510 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5511 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf); 5512 5513 if (genlmsg_end(msg, hdr) < 0) { 5514 nlmsg_free(msg); 5515 return; 5516 } 5517 5518 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5519 nl80211_mlme_mcgrp.id, gfp); 5520 return; 5521 5522 nla_put_failure: 5523 genlmsg_cancel(msg, hdr); 5524 nlmsg_free(msg); 5525 } 5526 5527 void nl80211_send_rx_auth(struct cfg80211_registered_device *rdev, 5528 struct net_device *netdev, const u8 *buf, 5529 size_t len, gfp_t gfp) 5530 { 5531 nl80211_send_mlme_event(rdev, netdev, buf, len, 5532 NL80211_CMD_AUTHENTICATE, gfp); 5533 } 5534 5535 void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev, 5536 struct net_device *netdev, const u8 *buf, 5537 size_t len, gfp_t gfp) 5538 { 5539 nl80211_send_mlme_event(rdev, netdev, buf, len, 5540 NL80211_CMD_ASSOCIATE, gfp); 5541 } 5542 5543 void nl80211_send_deauth(struct cfg80211_registered_device *rdev, 5544 struct net_device *netdev, const u8 *buf, 5545 size_t len, gfp_t gfp) 5546 { 5547 nl80211_send_mlme_event(rdev, netdev, buf, len, 5548 NL80211_CMD_DEAUTHENTICATE, gfp); 5549 } 5550 5551 void nl80211_send_disassoc(struct cfg80211_registered_device *rdev, 5552 struct net_device *netdev, const u8 *buf, 5553 size_t len, gfp_t gfp) 5554 { 5555 nl80211_send_mlme_event(rdev, netdev, buf, len, 5556 NL80211_CMD_DISASSOCIATE, gfp); 5557 } 5558 5559 void nl80211_send_unprot_deauth(struct cfg80211_registered_device *rdev, 5560 struct net_device *netdev, const u8 *buf, 5561 size_t len, gfp_t gfp) 5562 { 5563 nl80211_send_mlme_event(rdev, netdev, buf, len, 5564 NL80211_CMD_UNPROT_DEAUTHENTICATE, gfp); 5565 } 5566 5567 void nl80211_send_unprot_disassoc(struct cfg80211_registered_device *rdev, 5568 struct net_device *netdev, const u8 *buf, 5569 size_t len, gfp_t gfp) 5570 { 5571 nl80211_send_mlme_event(rdev, netdev, buf, len, 5572 NL80211_CMD_UNPROT_DISASSOCIATE, gfp); 5573 } 5574 5575 static void nl80211_send_mlme_timeout(struct cfg80211_registered_device *rdev, 5576 struct net_device *netdev, int cmd, 5577 const u8 *addr, gfp_t gfp) 5578 { 5579 struct sk_buff *msg; 5580 void *hdr; 5581 5582 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 5583 if (!msg) 5584 return; 5585 5586 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 5587 if (!hdr) { 5588 nlmsg_free(msg); 5589 return; 5590 } 5591 5592 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5593 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5594 NLA_PUT_FLAG(msg, NL80211_ATTR_TIMED_OUT); 5595 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); 5596 5597 if (genlmsg_end(msg, hdr) < 0) { 5598 nlmsg_free(msg); 5599 return; 5600 } 5601 5602 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5603 nl80211_mlme_mcgrp.id, gfp); 5604 return; 5605 5606 nla_put_failure: 5607 genlmsg_cancel(msg, hdr); 5608 nlmsg_free(msg); 5609 } 5610 5611 void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev, 5612 struct net_device *netdev, const u8 *addr, 5613 gfp_t gfp) 5614 { 5615 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_AUTHENTICATE, 5616 addr, gfp); 5617 } 5618 5619 void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev, 5620 struct net_device *netdev, const u8 *addr, 5621 gfp_t gfp) 5622 { 5623 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_ASSOCIATE, 5624 addr, gfp); 5625 } 5626 5627 void nl80211_send_connect_result(struct cfg80211_registered_device *rdev, 5628 struct net_device *netdev, const u8 *bssid, 5629 const u8 *req_ie, size_t req_ie_len, 5630 const u8 *resp_ie, size_t resp_ie_len, 5631 u16 status, gfp_t gfp) 5632 { 5633 struct sk_buff *msg; 5634 void *hdr; 5635 5636 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 5637 if (!msg) 5638 return; 5639 5640 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONNECT); 5641 if (!hdr) { 5642 nlmsg_free(msg); 5643 return; 5644 } 5645 5646 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5647 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5648 if (bssid) 5649 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 5650 NLA_PUT_U16(msg, NL80211_ATTR_STATUS_CODE, status); 5651 if (req_ie) 5652 NLA_PUT(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie); 5653 if (resp_ie) 5654 NLA_PUT(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie); 5655 5656 if (genlmsg_end(msg, hdr) < 0) { 5657 nlmsg_free(msg); 5658 return; 5659 } 5660 5661 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5662 nl80211_mlme_mcgrp.id, gfp); 5663 return; 5664 5665 nla_put_failure: 5666 genlmsg_cancel(msg, hdr); 5667 nlmsg_free(msg); 5668 5669 } 5670 5671 void nl80211_send_roamed(struct cfg80211_registered_device *rdev, 5672 struct net_device *netdev, const u8 *bssid, 5673 const u8 *req_ie, size_t req_ie_len, 5674 const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp) 5675 { 5676 struct sk_buff *msg; 5677 void *hdr; 5678 5679 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 5680 if (!msg) 5681 return; 5682 5683 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_ROAM); 5684 if (!hdr) { 5685 nlmsg_free(msg); 5686 return; 5687 } 5688 5689 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5690 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5691 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 5692 if (req_ie) 5693 NLA_PUT(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie); 5694 if (resp_ie) 5695 NLA_PUT(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie); 5696 5697 if (genlmsg_end(msg, hdr) < 0) { 5698 nlmsg_free(msg); 5699 return; 5700 } 5701 5702 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5703 nl80211_mlme_mcgrp.id, gfp); 5704 return; 5705 5706 nla_put_failure: 5707 genlmsg_cancel(msg, hdr); 5708 nlmsg_free(msg); 5709 5710 } 5711 5712 void nl80211_send_disconnected(struct cfg80211_registered_device *rdev, 5713 struct net_device *netdev, u16 reason, 5714 const u8 *ie, size_t ie_len, bool from_ap) 5715 { 5716 struct sk_buff *msg; 5717 void *hdr; 5718 5719 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL); 5720 if (!msg) 5721 return; 5722 5723 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DISCONNECT); 5724 if (!hdr) { 5725 nlmsg_free(msg); 5726 return; 5727 } 5728 5729 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5730 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5731 if (from_ap && reason) 5732 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason); 5733 if (from_ap) 5734 NLA_PUT_FLAG(msg, NL80211_ATTR_DISCONNECTED_BY_AP); 5735 if (ie) 5736 NLA_PUT(msg, NL80211_ATTR_IE, ie_len, ie); 5737 5738 if (genlmsg_end(msg, hdr) < 0) { 5739 nlmsg_free(msg); 5740 return; 5741 } 5742 5743 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5744 nl80211_mlme_mcgrp.id, GFP_KERNEL); 5745 return; 5746 5747 nla_put_failure: 5748 genlmsg_cancel(msg, hdr); 5749 nlmsg_free(msg); 5750 5751 } 5752 5753 void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev, 5754 struct net_device *netdev, const u8 *bssid, 5755 gfp_t gfp) 5756 { 5757 struct sk_buff *msg; 5758 void *hdr; 5759 5760 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 5761 if (!msg) 5762 return; 5763 5764 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_JOIN_IBSS); 5765 if (!hdr) { 5766 nlmsg_free(msg); 5767 return; 5768 } 5769 5770 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5771 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5772 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 5773 5774 if (genlmsg_end(msg, hdr) < 0) { 5775 nlmsg_free(msg); 5776 return; 5777 } 5778 5779 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5780 nl80211_mlme_mcgrp.id, gfp); 5781 return; 5782 5783 nla_put_failure: 5784 genlmsg_cancel(msg, hdr); 5785 nlmsg_free(msg); 5786 } 5787 5788 void nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev, 5789 struct net_device *netdev, const u8 *addr, 5790 enum nl80211_key_type key_type, int key_id, 5791 const u8 *tsc, gfp_t gfp) 5792 { 5793 struct sk_buff *msg; 5794 void *hdr; 5795 5796 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 5797 if (!msg) 5798 return; 5799 5800 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_MICHAEL_MIC_FAILURE); 5801 if (!hdr) { 5802 nlmsg_free(msg); 5803 return; 5804 } 5805 5806 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5807 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5808 if (addr) 5809 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); 5810 NLA_PUT_U32(msg, NL80211_ATTR_KEY_TYPE, key_type); 5811 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_id); 5812 if (tsc) 5813 NLA_PUT(msg, NL80211_ATTR_KEY_SEQ, 6, tsc); 5814 5815 if (genlmsg_end(msg, hdr) < 0) { 5816 nlmsg_free(msg); 5817 return; 5818 } 5819 5820 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5821 nl80211_mlme_mcgrp.id, gfp); 5822 return; 5823 5824 nla_put_failure: 5825 genlmsg_cancel(msg, hdr); 5826 nlmsg_free(msg); 5827 } 5828 5829 void nl80211_send_beacon_hint_event(struct wiphy *wiphy, 5830 struct ieee80211_channel *channel_before, 5831 struct ieee80211_channel *channel_after) 5832 { 5833 struct sk_buff *msg; 5834 void *hdr; 5835 struct nlattr *nl_freq; 5836 5837 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC); 5838 if (!msg) 5839 return; 5840 5841 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_BEACON_HINT); 5842 if (!hdr) { 5843 nlmsg_free(msg); 5844 return; 5845 } 5846 5847 /* 5848 * Since we are applying the beacon hint to a wiphy we know its 5849 * wiphy_idx is valid 5850 */ 5851 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy)); 5852 5853 /* Before */ 5854 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_BEFORE); 5855 if (!nl_freq) 5856 goto nla_put_failure; 5857 if (nl80211_msg_put_channel(msg, channel_before)) 5858 goto nla_put_failure; 5859 nla_nest_end(msg, nl_freq); 5860 5861 /* After */ 5862 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_AFTER); 5863 if (!nl_freq) 5864 goto nla_put_failure; 5865 if (nl80211_msg_put_channel(msg, channel_after)) 5866 goto nla_put_failure; 5867 nla_nest_end(msg, nl_freq); 5868 5869 if (genlmsg_end(msg, hdr) < 0) { 5870 nlmsg_free(msg); 5871 return; 5872 } 5873 5874 rcu_read_lock(); 5875 genlmsg_multicast_allns(msg, 0, nl80211_regulatory_mcgrp.id, 5876 GFP_ATOMIC); 5877 rcu_read_unlock(); 5878 5879 return; 5880 5881 nla_put_failure: 5882 genlmsg_cancel(msg, hdr); 5883 nlmsg_free(msg); 5884 } 5885 5886 static void nl80211_send_remain_on_chan_event( 5887 int cmd, struct cfg80211_registered_device *rdev, 5888 struct net_device *netdev, u64 cookie, 5889 struct ieee80211_channel *chan, 5890 enum nl80211_channel_type channel_type, 5891 unsigned int duration, gfp_t gfp) 5892 { 5893 struct sk_buff *msg; 5894 void *hdr; 5895 5896 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 5897 if (!msg) 5898 return; 5899 5900 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 5901 if (!hdr) { 5902 nlmsg_free(msg); 5903 return; 5904 } 5905 5906 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5907 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5908 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, chan->center_freq); 5909 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, channel_type); 5910 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 5911 5912 if (cmd == NL80211_CMD_REMAIN_ON_CHANNEL) 5913 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, duration); 5914 5915 if (genlmsg_end(msg, hdr) < 0) { 5916 nlmsg_free(msg); 5917 return; 5918 } 5919 5920 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5921 nl80211_mlme_mcgrp.id, gfp); 5922 return; 5923 5924 nla_put_failure: 5925 genlmsg_cancel(msg, hdr); 5926 nlmsg_free(msg); 5927 } 5928 5929 void nl80211_send_remain_on_channel(struct cfg80211_registered_device *rdev, 5930 struct net_device *netdev, u64 cookie, 5931 struct ieee80211_channel *chan, 5932 enum nl80211_channel_type channel_type, 5933 unsigned int duration, gfp_t gfp) 5934 { 5935 nl80211_send_remain_on_chan_event(NL80211_CMD_REMAIN_ON_CHANNEL, 5936 rdev, netdev, cookie, chan, 5937 channel_type, duration, gfp); 5938 } 5939 5940 void nl80211_send_remain_on_channel_cancel( 5941 struct cfg80211_registered_device *rdev, struct net_device *netdev, 5942 u64 cookie, struct ieee80211_channel *chan, 5943 enum nl80211_channel_type channel_type, gfp_t gfp) 5944 { 5945 nl80211_send_remain_on_chan_event(NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL, 5946 rdev, netdev, cookie, chan, 5947 channel_type, 0, gfp); 5948 } 5949 5950 void nl80211_send_sta_event(struct cfg80211_registered_device *rdev, 5951 struct net_device *dev, const u8 *mac_addr, 5952 struct station_info *sinfo, gfp_t gfp) 5953 { 5954 struct sk_buff *msg; 5955 5956 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 5957 if (!msg) 5958 return; 5959 5960 if (nl80211_send_station(msg, 0, 0, 0, dev, mac_addr, sinfo) < 0) { 5961 nlmsg_free(msg); 5962 return; 5963 } 5964 5965 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5966 nl80211_mlme_mcgrp.id, gfp); 5967 } 5968 5969 int nl80211_send_mgmt(struct cfg80211_registered_device *rdev, 5970 struct net_device *netdev, u32 nlpid, 5971 int freq, const u8 *buf, size_t len, gfp_t gfp) 5972 { 5973 struct sk_buff *msg; 5974 void *hdr; 5975 int err; 5976 5977 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 5978 if (!msg) 5979 return -ENOMEM; 5980 5981 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME); 5982 if (!hdr) { 5983 nlmsg_free(msg); 5984 return -ENOMEM; 5985 } 5986 5987 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5988 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5989 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq); 5990 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf); 5991 5992 err = genlmsg_end(msg, hdr); 5993 if (err < 0) { 5994 nlmsg_free(msg); 5995 return err; 5996 } 5997 5998 err = genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlpid); 5999 if (err < 0) 6000 return err; 6001 return 0; 6002 6003 nla_put_failure: 6004 genlmsg_cancel(msg, hdr); 6005 nlmsg_free(msg); 6006 return -ENOBUFS; 6007 } 6008 6009 void nl80211_send_mgmt_tx_status(struct cfg80211_registered_device *rdev, 6010 struct net_device *netdev, u64 cookie, 6011 const u8 *buf, size_t len, bool ack, 6012 gfp_t gfp) 6013 { 6014 struct sk_buff *msg; 6015 void *hdr; 6016 6017 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 6018 if (!msg) 6019 return; 6020 6021 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME_TX_STATUS); 6022 if (!hdr) { 6023 nlmsg_free(msg); 6024 return; 6025 } 6026 6027 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6028 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6029 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf); 6030 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 6031 if (ack) 6032 NLA_PUT_FLAG(msg, NL80211_ATTR_ACK); 6033 6034 if (genlmsg_end(msg, hdr) < 0) { 6035 nlmsg_free(msg); 6036 return; 6037 } 6038 6039 genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, gfp); 6040 return; 6041 6042 nla_put_failure: 6043 genlmsg_cancel(msg, hdr); 6044 nlmsg_free(msg); 6045 } 6046 6047 void 6048 nl80211_send_cqm_rssi_notify(struct cfg80211_registered_device *rdev, 6049 struct net_device *netdev, 6050 enum nl80211_cqm_rssi_threshold_event rssi_event, 6051 gfp_t gfp) 6052 { 6053 struct sk_buff *msg; 6054 struct nlattr *pinfoattr; 6055 void *hdr; 6056 6057 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 6058 if (!msg) 6059 return; 6060 6061 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM); 6062 if (!hdr) { 6063 nlmsg_free(msg); 6064 return; 6065 } 6066 6067 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6068 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6069 6070 pinfoattr = nla_nest_start(msg, NL80211_ATTR_CQM); 6071 if (!pinfoattr) 6072 goto nla_put_failure; 6073 6074 NLA_PUT_U32(msg, NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT, 6075 rssi_event); 6076 6077 nla_nest_end(msg, pinfoattr); 6078 6079 if (genlmsg_end(msg, hdr) < 0) { 6080 nlmsg_free(msg); 6081 return; 6082 } 6083 6084 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6085 nl80211_mlme_mcgrp.id, gfp); 6086 return; 6087 6088 nla_put_failure: 6089 genlmsg_cancel(msg, hdr); 6090 nlmsg_free(msg); 6091 } 6092 6093 void 6094 nl80211_send_cqm_pktloss_notify(struct cfg80211_registered_device *rdev, 6095 struct net_device *netdev, const u8 *peer, 6096 u32 num_packets, gfp_t gfp) 6097 { 6098 struct sk_buff *msg; 6099 struct nlattr *pinfoattr; 6100 void *hdr; 6101 6102 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 6103 if (!msg) 6104 return; 6105 6106 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM); 6107 if (!hdr) { 6108 nlmsg_free(msg); 6109 return; 6110 } 6111 6112 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6113 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6114 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, peer); 6115 6116 pinfoattr = nla_nest_start(msg, NL80211_ATTR_CQM); 6117 if (!pinfoattr) 6118 goto nla_put_failure; 6119 6120 NLA_PUT_U32(msg, NL80211_ATTR_CQM_PKT_LOSS_EVENT, num_packets); 6121 6122 nla_nest_end(msg, pinfoattr); 6123 6124 if (genlmsg_end(msg, hdr) < 0) { 6125 nlmsg_free(msg); 6126 return; 6127 } 6128 6129 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6130 nl80211_mlme_mcgrp.id, gfp); 6131 return; 6132 6133 nla_put_failure: 6134 genlmsg_cancel(msg, hdr); 6135 nlmsg_free(msg); 6136 } 6137 6138 static int nl80211_netlink_notify(struct notifier_block * nb, 6139 unsigned long state, 6140 void *_notify) 6141 { 6142 struct netlink_notify *notify = _notify; 6143 struct cfg80211_registered_device *rdev; 6144 struct wireless_dev *wdev; 6145 6146 if (state != NETLINK_URELEASE) 6147 return NOTIFY_DONE; 6148 6149 rcu_read_lock(); 6150 6151 list_for_each_entry_rcu(rdev, &cfg80211_rdev_list, list) 6152 list_for_each_entry_rcu(wdev, &rdev->netdev_list, list) 6153 cfg80211_mlme_unregister_socket(wdev, notify->pid); 6154 6155 rcu_read_unlock(); 6156 6157 return NOTIFY_DONE; 6158 } 6159 6160 static struct notifier_block nl80211_netlink_notifier = { 6161 .notifier_call = nl80211_netlink_notify, 6162 }; 6163 6164 /* initialisation/exit functions */ 6165 6166 int nl80211_init(void) 6167 { 6168 int err; 6169 6170 err = genl_register_family_with_ops(&nl80211_fam, 6171 nl80211_ops, ARRAY_SIZE(nl80211_ops)); 6172 if (err) 6173 return err; 6174 6175 err = genl_register_mc_group(&nl80211_fam, &nl80211_config_mcgrp); 6176 if (err) 6177 goto err_out; 6178 6179 err = genl_register_mc_group(&nl80211_fam, &nl80211_scan_mcgrp); 6180 if (err) 6181 goto err_out; 6182 6183 err = genl_register_mc_group(&nl80211_fam, &nl80211_regulatory_mcgrp); 6184 if (err) 6185 goto err_out; 6186 6187 err = genl_register_mc_group(&nl80211_fam, &nl80211_mlme_mcgrp); 6188 if (err) 6189 goto err_out; 6190 6191 #ifdef CONFIG_NL80211_TESTMODE 6192 err = genl_register_mc_group(&nl80211_fam, &nl80211_testmode_mcgrp); 6193 if (err) 6194 goto err_out; 6195 #endif 6196 6197 err = netlink_register_notifier(&nl80211_netlink_notifier); 6198 if (err) 6199 goto err_out; 6200 6201 return 0; 6202 err_out: 6203 genl_unregister_family(&nl80211_fam); 6204 return err; 6205 } 6206 6207 void nl80211_exit(void) 6208 { 6209 netlink_unregister_notifier(&nl80211_netlink_notifier); 6210 genl_unregister_family(&nl80211_fam); 6211 } 6212