1 /* 2 * This is the new netlink-based wireless configuration interface. 3 * 4 * Copyright 2006-2010 Johannes Berg <johannes@sipsolutions.net> 5 */ 6 7 #include <linux/if.h> 8 #include <linux/module.h> 9 #include <linux/err.h> 10 #include <linux/slab.h> 11 #include <linux/list.h> 12 #include <linux/if_ether.h> 13 #include <linux/ieee80211.h> 14 #include <linux/nl80211.h> 15 #include <linux/rtnetlink.h> 16 #include <linux/netlink.h> 17 #include <linux/etherdevice.h> 18 #include <net/net_namespace.h> 19 #include <net/genetlink.h> 20 #include <net/cfg80211.h> 21 #include <net/sock.h> 22 #include "core.h" 23 #include "nl80211.h" 24 #include "reg.h" 25 26 static int nl80211_pre_doit(struct genl_ops *ops, struct sk_buff *skb, 27 struct genl_info *info); 28 static void nl80211_post_doit(struct genl_ops *ops, struct sk_buff *skb, 29 struct genl_info *info); 30 31 /* the netlink family */ 32 static struct genl_family nl80211_fam = { 33 .id = GENL_ID_GENERATE, /* don't bother with a hardcoded ID */ 34 .name = "nl80211", /* have users key off the name instead */ 35 .hdrsize = 0, /* no private header */ 36 .version = 1, /* no particular meaning now */ 37 .maxattr = NL80211_ATTR_MAX, 38 .netnsok = true, 39 .pre_doit = nl80211_pre_doit, 40 .post_doit = nl80211_post_doit, 41 }; 42 43 /* internal helper: get rdev and dev */ 44 static int get_rdev_dev_by_info_ifindex(struct genl_info *info, 45 struct cfg80211_registered_device **rdev, 46 struct net_device **dev) 47 { 48 struct nlattr **attrs = info->attrs; 49 int ifindex; 50 51 if (!attrs[NL80211_ATTR_IFINDEX]) 52 return -EINVAL; 53 54 ifindex = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]); 55 *dev = dev_get_by_index(genl_info_net(info), ifindex); 56 if (!*dev) 57 return -ENODEV; 58 59 *rdev = cfg80211_get_dev_from_ifindex(genl_info_net(info), ifindex); 60 if (IS_ERR(*rdev)) { 61 dev_put(*dev); 62 return PTR_ERR(*rdev); 63 } 64 65 return 0; 66 } 67 68 /* policy for the attributes */ 69 static const struct nla_policy nl80211_policy[NL80211_ATTR_MAX+1] = { 70 [NL80211_ATTR_WIPHY] = { .type = NLA_U32 }, 71 [NL80211_ATTR_WIPHY_NAME] = { .type = NLA_NUL_STRING, 72 .len = 20-1 }, 73 [NL80211_ATTR_WIPHY_TXQ_PARAMS] = { .type = NLA_NESTED }, 74 [NL80211_ATTR_WIPHY_FREQ] = { .type = NLA_U32 }, 75 [NL80211_ATTR_WIPHY_CHANNEL_TYPE] = { .type = NLA_U32 }, 76 [NL80211_ATTR_WIPHY_RETRY_SHORT] = { .type = NLA_U8 }, 77 [NL80211_ATTR_WIPHY_RETRY_LONG] = { .type = NLA_U8 }, 78 [NL80211_ATTR_WIPHY_FRAG_THRESHOLD] = { .type = NLA_U32 }, 79 [NL80211_ATTR_WIPHY_RTS_THRESHOLD] = { .type = NLA_U32 }, 80 [NL80211_ATTR_WIPHY_COVERAGE_CLASS] = { .type = NLA_U8 }, 81 82 [NL80211_ATTR_IFTYPE] = { .type = NLA_U32 }, 83 [NL80211_ATTR_IFINDEX] = { .type = NLA_U32 }, 84 [NL80211_ATTR_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ-1 }, 85 86 [NL80211_ATTR_MAC] = { .type = NLA_BINARY, .len = ETH_ALEN }, 87 [NL80211_ATTR_PREV_BSSID] = { .type = NLA_BINARY, .len = ETH_ALEN }, 88 89 [NL80211_ATTR_KEY] = { .type = NLA_NESTED, }, 90 [NL80211_ATTR_KEY_DATA] = { .type = NLA_BINARY, 91 .len = WLAN_MAX_KEY_LEN }, 92 [NL80211_ATTR_KEY_IDX] = { .type = NLA_U8 }, 93 [NL80211_ATTR_KEY_CIPHER] = { .type = NLA_U32 }, 94 [NL80211_ATTR_KEY_DEFAULT] = { .type = NLA_FLAG }, 95 [NL80211_ATTR_KEY_SEQ] = { .type = NLA_BINARY, .len = 8 }, 96 [NL80211_ATTR_KEY_TYPE] = { .type = NLA_U32 }, 97 98 [NL80211_ATTR_BEACON_INTERVAL] = { .type = NLA_U32 }, 99 [NL80211_ATTR_DTIM_PERIOD] = { .type = NLA_U32 }, 100 [NL80211_ATTR_BEACON_HEAD] = { .type = NLA_BINARY, 101 .len = IEEE80211_MAX_DATA_LEN }, 102 [NL80211_ATTR_BEACON_TAIL] = { .type = NLA_BINARY, 103 .len = IEEE80211_MAX_DATA_LEN }, 104 [NL80211_ATTR_STA_AID] = { .type = NLA_U16 }, 105 [NL80211_ATTR_STA_FLAGS] = { .type = NLA_NESTED }, 106 [NL80211_ATTR_STA_LISTEN_INTERVAL] = { .type = NLA_U16 }, 107 [NL80211_ATTR_STA_SUPPORTED_RATES] = { .type = NLA_BINARY, 108 .len = NL80211_MAX_SUPP_RATES }, 109 [NL80211_ATTR_STA_PLINK_ACTION] = { .type = NLA_U8 }, 110 [NL80211_ATTR_STA_VLAN] = { .type = NLA_U32 }, 111 [NL80211_ATTR_MNTR_FLAGS] = { /* NLA_NESTED can't be empty */ }, 112 [NL80211_ATTR_MESH_ID] = { .type = NLA_BINARY, 113 .len = IEEE80211_MAX_MESH_ID_LEN }, 114 [NL80211_ATTR_MPATH_NEXT_HOP] = { .type = NLA_U32 }, 115 116 [NL80211_ATTR_REG_ALPHA2] = { .type = NLA_STRING, .len = 2 }, 117 [NL80211_ATTR_REG_RULES] = { .type = NLA_NESTED }, 118 119 [NL80211_ATTR_BSS_CTS_PROT] = { .type = NLA_U8 }, 120 [NL80211_ATTR_BSS_SHORT_PREAMBLE] = { .type = NLA_U8 }, 121 [NL80211_ATTR_BSS_SHORT_SLOT_TIME] = { .type = NLA_U8 }, 122 [NL80211_ATTR_BSS_BASIC_RATES] = { .type = NLA_BINARY, 123 .len = NL80211_MAX_SUPP_RATES }, 124 [NL80211_ATTR_BSS_HT_OPMODE] = { .type = NLA_U16 }, 125 126 [NL80211_ATTR_MESH_CONFIG] = { .type = NLA_NESTED }, 127 [NL80211_ATTR_SUPPORT_MESH_AUTH] = { .type = NLA_FLAG }, 128 129 [NL80211_ATTR_HT_CAPABILITY] = { .type = NLA_BINARY, 130 .len = NL80211_HT_CAPABILITY_LEN }, 131 132 [NL80211_ATTR_MGMT_SUBTYPE] = { .type = NLA_U8 }, 133 [NL80211_ATTR_IE] = { .type = NLA_BINARY, 134 .len = IEEE80211_MAX_DATA_LEN }, 135 [NL80211_ATTR_SCAN_FREQUENCIES] = { .type = NLA_NESTED }, 136 [NL80211_ATTR_SCAN_SSIDS] = { .type = NLA_NESTED }, 137 138 [NL80211_ATTR_SSID] = { .type = NLA_BINARY, 139 .len = IEEE80211_MAX_SSID_LEN }, 140 [NL80211_ATTR_AUTH_TYPE] = { .type = NLA_U32 }, 141 [NL80211_ATTR_REASON_CODE] = { .type = NLA_U16 }, 142 [NL80211_ATTR_FREQ_FIXED] = { .type = NLA_FLAG }, 143 [NL80211_ATTR_TIMED_OUT] = { .type = NLA_FLAG }, 144 [NL80211_ATTR_USE_MFP] = { .type = NLA_U32 }, 145 [NL80211_ATTR_STA_FLAGS2] = { 146 .len = sizeof(struct nl80211_sta_flag_update), 147 }, 148 [NL80211_ATTR_CONTROL_PORT] = { .type = NLA_FLAG }, 149 [NL80211_ATTR_CONTROL_PORT_ETHERTYPE] = { .type = NLA_U16 }, 150 [NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT] = { .type = NLA_FLAG }, 151 [NL80211_ATTR_PRIVACY] = { .type = NLA_FLAG }, 152 [NL80211_ATTR_CIPHER_SUITE_GROUP] = { .type = NLA_U32 }, 153 [NL80211_ATTR_WPA_VERSIONS] = { .type = NLA_U32 }, 154 [NL80211_ATTR_PID] = { .type = NLA_U32 }, 155 [NL80211_ATTR_4ADDR] = { .type = NLA_U8 }, 156 [NL80211_ATTR_PMKID] = { .type = NLA_BINARY, 157 .len = WLAN_PMKID_LEN }, 158 [NL80211_ATTR_DURATION] = { .type = NLA_U32 }, 159 [NL80211_ATTR_COOKIE] = { .type = NLA_U64 }, 160 [NL80211_ATTR_TX_RATES] = { .type = NLA_NESTED }, 161 [NL80211_ATTR_FRAME] = { .type = NLA_BINARY, 162 .len = IEEE80211_MAX_DATA_LEN }, 163 [NL80211_ATTR_FRAME_MATCH] = { .type = NLA_BINARY, }, 164 [NL80211_ATTR_PS_STATE] = { .type = NLA_U32 }, 165 [NL80211_ATTR_CQM] = { .type = NLA_NESTED, }, 166 [NL80211_ATTR_LOCAL_STATE_CHANGE] = { .type = NLA_FLAG }, 167 [NL80211_ATTR_AP_ISOLATE] = { .type = NLA_U8 }, 168 [NL80211_ATTR_WIPHY_TX_POWER_SETTING] = { .type = NLA_U32 }, 169 [NL80211_ATTR_WIPHY_TX_POWER_LEVEL] = { .type = NLA_U32 }, 170 [NL80211_ATTR_FRAME_TYPE] = { .type = NLA_U16 }, 171 [NL80211_ATTR_WIPHY_ANTENNA_TX] = { .type = NLA_U32 }, 172 [NL80211_ATTR_WIPHY_ANTENNA_RX] = { .type = NLA_U32 }, 173 [NL80211_ATTR_MCAST_RATE] = { .type = NLA_U32 }, 174 [NL80211_ATTR_OFFCHANNEL_TX_OK] = { .type = NLA_FLAG }, 175 [NL80211_ATTR_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED }, 176 [NL80211_ATTR_WOWLAN_TRIGGERS] = { .type = NLA_NESTED }, 177 [NL80211_ATTR_STA_PLINK_STATE] = { .type = NLA_U8 }, 178 [NL80211_ATTR_SCHED_SCAN_INTERVAL] = { .type = NLA_U32 }, 179 [NL80211_ATTR_REKEY_DATA] = { .type = NLA_NESTED }, 180 }; 181 182 /* policy for the key attributes */ 183 static const struct nla_policy nl80211_key_policy[NL80211_KEY_MAX + 1] = { 184 [NL80211_KEY_DATA] = { .type = NLA_BINARY, .len = WLAN_MAX_KEY_LEN }, 185 [NL80211_KEY_IDX] = { .type = NLA_U8 }, 186 [NL80211_KEY_CIPHER] = { .type = NLA_U32 }, 187 [NL80211_KEY_SEQ] = { .type = NLA_BINARY, .len = 8 }, 188 [NL80211_KEY_DEFAULT] = { .type = NLA_FLAG }, 189 [NL80211_KEY_DEFAULT_MGMT] = { .type = NLA_FLAG }, 190 [NL80211_KEY_TYPE] = { .type = NLA_U32 }, 191 [NL80211_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED }, 192 }; 193 194 /* policy for the key default flags */ 195 static const struct nla_policy 196 nl80211_key_default_policy[NUM_NL80211_KEY_DEFAULT_TYPES] = { 197 [NL80211_KEY_DEFAULT_TYPE_UNICAST] = { .type = NLA_FLAG }, 198 [NL80211_KEY_DEFAULT_TYPE_MULTICAST] = { .type = NLA_FLAG }, 199 }; 200 201 /* policy for WoWLAN attributes */ 202 static const struct nla_policy 203 nl80211_wowlan_policy[NUM_NL80211_WOWLAN_TRIG] = { 204 [NL80211_WOWLAN_TRIG_ANY] = { .type = NLA_FLAG }, 205 [NL80211_WOWLAN_TRIG_DISCONNECT] = { .type = NLA_FLAG }, 206 [NL80211_WOWLAN_TRIG_MAGIC_PKT] = { .type = NLA_FLAG }, 207 [NL80211_WOWLAN_TRIG_PKT_PATTERN] = { .type = NLA_NESTED }, 208 }; 209 210 /* policy for GTK rekey offload attributes */ 211 static const struct nla_policy 212 nl80211_rekey_policy[NUM_NL80211_REKEY_DATA] = { 213 [NL80211_REKEY_DATA_KEK] = { .len = NL80211_KEK_LEN }, 214 [NL80211_REKEY_DATA_KCK] = { .len = NL80211_KCK_LEN }, 215 [NL80211_REKEY_DATA_REPLAY_CTR] = { .len = NL80211_REPLAY_CTR_LEN }, 216 }; 217 218 /* ifidx get helper */ 219 static int nl80211_get_ifidx(struct netlink_callback *cb) 220 { 221 int res; 222 223 res = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize, 224 nl80211_fam.attrbuf, nl80211_fam.maxattr, 225 nl80211_policy); 226 if (res) 227 return res; 228 229 if (!nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX]) 230 return -EINVAL; 231 232 res = nla_get_u32(nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX]); 233 if (!res) 234 return -EINVAL; 235 return res; 236 } 237 238 static int nl80211_prepare_netdev_dump(struct sk_buff *skb, 239 struct netlink_callback *cb, 240 struct cfg80211_registered_device **rdev, 241 struct net_device **dev) 242 { 243 int ifidx = cb->args[0]; 244 int err; 245 246 if (!ifidx) 247 ifidx = nl80211_get_ifidx(cb); 248 if (ifidx < 0) 249 return ifidx; 250 251 cb->args[0] = ifidx; 252 253 rtnl_lock(); 254 255 *dev = __dev_get_by_index(sock_net(skb->sk), ifidx); 256 if (!*dev) { 257 err = -ENODEV; 258 goto out_rtnl; 259 } 260 261 *rdev = cfg80211_get_dev_from_ifindex(sock_net(skb->sk), ifidx); 262 if (IS_ERR(*rdev)) { 263 err = PTR_ERR(*rdev); 264 goto out_rtnl; 265 } 266 267 return 0; 268 out_rtnl: 269 rtnl_unlock(); 270 return err; 271 } 272 273 static void nl80211_finish_netdev_dump(struct cfg80211_registered_device *rdev) 274 { 275 cfg80211_unlock_rdev(rdev); 276 rtnl_unlock(); 277 } 278 279 /* IE validation */ 280 static bool is_valid_ie_attr(const struct nlattr *attr) 281 { 282 const u8 *pos; 283 int len; 284 285 if (!attr) 286 return true; 287 288 pos = nla_data(attr); 289 len = nla_len(attr); 290 291 while (len) { 292 u8 elemlen; 293 294 if (len < 2) 295 return false; 296 len -= 2; 297 298 elemlen = pos[1]; 299 if (elemlen > len) 300 return false; 301 302 len -= elemlen; 303 pos += 2 + elemlen; 304 } 305 306 return true; 307 } 308 309 /* message building helper */ 310 static inline void *nl80211hdr_put(struct sk_buff *skb, u32 pid, u32 seq, 311 int flags, u8 cmd) 312 { 313 /* since there is no private header just add the generic one */ 314 return genlmsg_put(skb, pid, seq, &nl80211_fam, flags, cmd); 315 } 316 317 static int nl80211_msg_put_channel(struct sk_buff *msg, 318 struct ieee80211_channel *chan) 319 { 320 NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_FREQ, 321 chan->center_freq); 322 323 if (chan->flags & IEEE80211_CHAN_DISABLED) 324 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_DISABLED); 325 if (chan->flags & IEEE80211_CHAN_PASSIVE_SCAN) 326 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_PASSIVE_SCAN); 327 if (chan->flags & IEEE80211_CHAN_NO_IBSS) 328 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_NO_IBSS); 329 if (chan->flags & IEEE80211_CHAN_RADAR) 330 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_RADAR); 331 332 NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_MAX_TX_POWER, 333 DBM_TO_MBM(chan->max_power)); 334 335 return 0; 336 337 nla_put_failure: 338 return -ENOBUFS; 339 } 340 341 /* netlink command implementations */ 342 343 struct key_parse { 344 struct key_params p; 345 int idx; 346 int type; 347 bool def, defmgmt; 348 bool def_uni, def_multi; 349 }; 350 351 static int nl80211_parse_key_new(struct nlattr *key, struct key_parse *k) 352 { 353 struct nlattr *tb[NL80211_KEY_MAX + 1]; 354 int err = nla_parse_nested(tb, NL80211_KEY_MAX, key, 355 nl80211_key_policy); 356 if (err) 357 return err; 358 359 k->def = !!tb[NL80211_KEY_DEFAULT]; 360 k->defmgmt = !!tb[NL80211_KEY_DEFAULT_MGMT]; 361 362 if (k->def) { 363 k->def_uni = true; 364 k->def_multi = true; 365 } 366 if (k->defmgmt) 367 k->def_multi = true; 368 369 if (tb[NL80211_KEY_IDX]) 370 k->idx = nla_get_u8(tb[NL80211_KEY_IDX]); 371 372 if (tb[NL80211_KEY_DATA]) { 373 k->p.key = nla_data(tb[NL80211_KEY_DATA]); 374 k->p.key_len = nla_len(tb[NL80211_KEY_DATA]); 375 } 376 377 if (tb[NL80211_KEY_SEQ]) { 378 k->p.seq = nla_data(tb[NL80211_KEY_SEQ]); 379 k->p.seq_len = nla_len(tb[NL80211_KEY_SEQ]); 380 } 381 382 if (tb[NL80211_KEY_CIPHER]) 383 k->p.cipher = nla_get_u32(tb[NL80211_KEY_CIPHER]); 384 385 if (tb[NL80211_KEY_TYPE]) { 386 k->type = nla_get_u32(tb[NL80211_KEY_TYPE]); 387 if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES) 388 return -EINVAL; 389 } 390 391 if (tb[NL80211_KEY_DEFAULT_TYPES]) { 392 struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES]; 393 int err = nla_parse_nested(kdt, 394 NUM_NL80211_KEY_DEFAULT_TYPES - 1, 395 tb[NL80211_KEY_DEFAULT_TYPES], 396 nl80211_key_default_policy); 397 if (err) 398 return err; 399 400 k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST]; 401 k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST]; 402 } 403 404 return 0; 405 } 406 407 static int nl80211_parse_key_old(struct genl_info *info, struct key_parse *k) 408 { 409 if (info->attrs[NL80211_ATTR_KEY_DATA]) { 410 k->p.key = nla_data(info->attrs[NL80211_ATTR_KEY_DATA]); 411 k->p.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]); 412 } 413 414 if (info->attrs[NL80211_ATTR_KEY_SEQ]) { 415 k->p.seq = nla_data(info->attrs[NL80211_ATTR_KEY_SEQ]); 416 k->p.seq_len = nla_len(info->attrs[NL80211_ATTR_KEY_SEQ]); 417 } 418 419 if (info->attrs[NL80211_ATTR_KEY_IDX]) 420 k->idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]); 421 422 if (info->attrs[NL80211_ATTR_KEY_CIPHER]) 423 k->p.cipher = nla_get_u32(info->attrs[NL80211_ATTR_KEY_CIPHER]); 424 425 k->def = !!info->attrs[NL80211_ATTR_KEY_DEFAULT]; 426 k->defmgmt = !!info->attrs[NL80211_ATTR_KEY_DEFAULT_MGMT]; 427 428 if (k->def) { 429 k->def_uni = true; 430 k->def_multi = true; 431 } 432 if (k->defmgmt) 433 k->def_multi = true; 434 435 if (info->attrs[NL80211_ATTR_KEY_TYPE]) { 436 k->type = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]); 437 if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES) 438 return -EINVAL; 439 } 440 441 if (info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES]) { 442 struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES]; 443 int err = nla_parse_nested( 444 kdt, NUM_NL80211_KEY_DEFAULT_TYPES - 1, 445 info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES], 446 nl80211_key_default_policy); 447 if (err) 448 return err; 449 450 k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST]; 451 k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST]; 452 } 453 454 return 0; 455 } 456 457 static int nl80211_parse_key(struct genl_info *info, struct key_parse *k) 458 { 459 int err; 460 461 memset(k, 0, sizeof(*k)); 462 k->idx = -1; 463 k->type = -1; 464 465 if (info->attrs[NL80211_ATTR_KEY]) 466 err = nl80211_parse_key_new(info->attrs[NL80211_ATTR_KEY], k); 467 else 468 err = nl80211_parse_key_old(info, k); 469 470 if (err) 471 return err; 472 473 if (k->def && k->defmgmt) 474 return -EINVAL; 475 476 if (k->defmgmt) { 477 if (k->def_uni || !k->def_multi) 478 return -EINVAL; 479 } 480 481 if (k->idx != -1) { 482 if (k->defmgmt) { 483 if (k->idx < 4 || k->idx > 5) 484 return -EINVAL; 485 } else if (k->def) { 486 if (k->idx < 0 || k->idx > 3) 487 return -EINVAL; 488 } else { 489 if (k->idx < 0 || k->idx > 5) 490 return -EINVAL; 491 } 492 } 493 494 return 0; 495 } 496 497 static struct cfg80211_cached_keys * 498 nl80211_parse_connkeys(struct cfg80211_registered_device *rdev, 499 struct nlattr *keys) 500 { 501 struct key_parse parse; 502 struct nlattr *key; 503 struct cfg80211_cached_keys *result; 504 int rem, err, def = 0; 505 506 result = kzalloc(sizeof(*result), GFP_KERNEL); 507 if (!result) 508 return ERR_PTR(-ENOMEM); 509 510 result->def = -1; 511 result->defmgmt = -1; 512 513 nla_for_each_nested(key, keys, rem) { 514 memset(&parse, 0, sizeof(parse)); 515 parse.idx = -1; 516 517 err = nl80211_parse_key_new(key, &parse); 518 if (err) 519 goto error; 520 err = -EINVAL; 521 if (!parse.p.key) 522 goto error; 523 if (parse.idx < 0 || parse.idx > 4) 524 goto error; 525 if (parse.def) { 526 if (def) 527 goto error; 528 def = 1; 529 result->def = parse.idx; 530 if (!parse.def_uni || !parse.def_multi) 531 goto error; 532 } else if (parse.defmgmt) 533 goto error; 534 err = cfg80211_validate_key_settings(rdev, &parse.p, 535 parse.idx, false, NULL); 536 if (err) 537 goto error; 538 result->params[parse.idx].cipher = parse.p.cipher; 539 result->params[parse.idx].key_len = parse.p.key_len; 540 result->params[parse.idx].key = result->data[parse.idx]; 541 memcpy(result->data[parse.idx], parse.p.key, parse.p.key_len); 542 } 543 544 return result; 545 error: 546 kfree(result); 547 return ERR_PTR(err); 548 } 549 550 static int nl80211_key_allowed(struct wireless_dev *wdev) 551 { 552 ASSERT_WDEV_LOCK(wdev); 553 554 switch (wdev->iftype) { 555 case NL80211_IFTYPE_AP: 556 case NL80211_IFTYPE_AP_VLAN: 557 case NL80211_IFTYPE_P2P_GO: 558 case NL80211_IFTYPE_MESH_POINT: 559 break; 560 case NL80211_IFTYPE_ADHOC: 561 if (!wdev->current_bss) 562 return -ENOLINK; 563 break; 564 case NL80211_IFTYPE_STATION: 565 case NL80211_IFTYPE_P2P_CLIENT: 566 if (wdev->sme_state != CFG80211_SME_CONNECTED) 567 return -ENOLINK; 568 break; 569 default: 570 return -EINVAL; 571 } 572 573 return 0; 574 } 575 576 static int nl80211_put_iftypes(struct sk_buff *msg, u32 attr, u16 ifmodes) 577 { 578 struct nlattr *nl_modes = nla_nest_start(msg, attr); 579 int i; 580 581 if (!nl_modes) 582 goto nla_put_failure; 583 584 i = 0; 585 while (ifmodes) { 586 if (ifmodes & 1) 587 NLA_PUT_FLAG(msg, i); 588 ifmodes >>= 1; 589 i++; 590 } 591 592 nla_nest_end(msg, nl_modes); 593 return 0; 594 595 nla_put_failure: 596 return -ENOBUFS; 597 } 598 599 static int nl80211_put_iface_combinations(struct wiphy *wiphy, 600 struct sk_buff *msg) 601 { 602 struct nlattr *nl_combis; 603 int i, j; 604 605 nl_combis = nla_nest_start(msg, 606 NL80211_ATTR_INTERFACE_COMBINATIONS); 607 if (!nl_combis) 608 goto nla_put_failure; 609 610 for (i = 0; i < wiphy->n_iface_combinations; i++) { 611 const struct ieee80211_iface_combination *c; 612 struct nlattr *nl_combi, *nl_limits; 613 614 c = &wiphy->iface_combinations[i]; 615 616 nl_combi = nla_nest_start(msg, i + 1); 617 if (!nl_combi) 618 goto nla_put_failure; 619 620 nl_limits = nla_nest_start(msg, NL80211_IFACE_COMB_LIMITS); 621 if (!nl_limits) 622 goto nla_put_failure; 623 624 for (j = 0; j < c->n_limits; j++) { 625 struct nlattr *nl_limit; 626 627 nl_limit = nla_nest_start(msg, j + 1); 628 if (!nl_limit) 629 goto nla_put_failure; 630 NLA_PUT_U32(msg, NL80211_IFACE_LIMIT_MAX, 631 c->limits[j].max); 632 if (nl80211_put_iftypes(msg, NL80211_IFACE_LIMIT_TYPES, 633 c->limits[j].types)) 634 goto nla_put_failure; 635 nla_nest_end(msg, nl_limit); 636 } 637 638 nla_nest_end(msg, nl_limits); 639 640 if (c->beacon_int_infra_match) 641 NLA_PUT_FLAG(msg, 642 NL80211_IFACE_COMB_STA_AP_BI_MATCH); 643 NLA_PUT_U32(msg, NL80211_IFACE_COMB_NUM_CHANNELS, 644 c->num_different_channels); 645 NLA_PUT_U32(msg, NL80211_IFACE_COMB_MAXNUM, 646 c->max_interfaces); 647 648 nla_nest_end(msg, nl_combi); 649 } 650 651 nla_nest_end(msg, nl_combis); 652 653 return 0; 654 nla_put_failure: 655 return -ENOBUFS; 656 } 657 658 static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags, 659 struct cfg80211_registered_device *dev) 660 { 661 void *hdr; 662 struct nlattr *nl_bands, *nl_band; 663 struct nlattr *nl_freqs, *nl_freq; 664 struct nlattr *nl_rates, *nl_rate; 665 struct nlattr *nl_cmds; 666 enum ieee80211_band band; 667 struct ieee80211_channel *chan; 668 struct ieee80211_rate *rate; 669 int i; 670 const struct ieee80211_txrx_stypes *mgmt_stypes = 671 dev->wiphy.mgmt_stypes; 672 673 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_WIPHY); 674 if (!hdr) 675 return -1; 676 677 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, dev->wiphy_idx); 678 NLA_PUT_STRING(msg, NL80211_ATTR_WIPHY_NAME, wiphy_name(&dev->wiphy)); 679 680 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, 681 cfg80211_rdev_list_generation); 682 683 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_SHORT, 684 dev->wiphy.retry_short); 685 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_LONG, 686 dev->wiphy.retry_long); 687 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, 688 dev->wiphy.frag_threshold); 689 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, 690 dev->wiphy.rts_threshold); 691 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_COVERAGE_CLASS, 692 dev->wiphy.coverage_class); 693 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_SCAN_SSIDS, 694 dev->wiphy.max_scan_ssids); 695 NLA_PUT_U16(msg, NL80211_ATTR_MAX_SCAN_IE_LEN, 696 dev->wiphy.max_scan_ie_len); 697 698 if (dev->wiphy.flags & WIPHY_FLAG_IBSS_RSN) 699 NLA_PUT_FLAG(msg, NL80211_ATTR_SUPPORT_IBSS_RSN); 700 if (dev->wiphy.flags & WIPHY_FLAG_MESH_AUTH) 701 NLA_PUT_FLAG(msg, NL80211_ATTR_SUPPORT_MESH_AUTH); 702 703 NLA_PUT(msg, NL80211_ATTR_CIPHER_SUITES, 704 sizeof(u32) * dev->wiphy.n_cipher_suites, 705 dev->wiphy.cipher_suites); 706 707 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_PMKIDS, 708 dev->wiphy.max_num_pmkids); 709 710 if (dev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) 711 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE); 712 713 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_TX, 714 dev->wiphy.available_antennas_tx); 715 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_RX, 716 dev->wiphy.available_antennas_rx); 717 718 if ((dev->wiphy.available_antennas_tx || 719 dev->wiphy.available_antennas_rx) && dev->ops->get_antenna) { 720 u32 tx_ant = 0, rx_ant = 0; 721 int res; 722 res = dev->ops->get_antenna(&dev->wiphy, &tx_ant, &rx_ant); 723 if (!res) { 724 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_TX, tx_ant); 725 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_RX, rx_ant); 726 } 727 } 728 729 if (nl80211_put_iftypes(msg, NL80211_ATTR_SUPPORTED_IFTYPES, 730 dev->wiphy.interface_modes)) 731 goto nla_put_failure; 732 733 nl_bands = nla_nest_start(msg, NL80211_ATTR_WIPHY_BANDS); 734 if (!nl_bands) 735 goto nla_put_failure; 736 737 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 738 if (!dev->wiphy.bands[band]) 739 continue; 740 741 nl_band = nla_nest_start(msg, band); 742 if (!nl_band) 743 goto nla_put_failure; 744 745 /* add HT info */ 746 if (dev->wiphy.bands[band]->ht_cap.ht_supported) { 747 NLA_PUT(msg, NL80211_BAND_ATTR_HT_MCS_SET, 748 sizeof(dev->wiphy.bands[band]->ht_cap.mcs), 749 &dev->wiphy.bands[band]->ht_cap.mcs); 750 NLA_PUT_U16(msg, NL80211_BAND_ATTR_HT_CAPA, 751 dev->wiphy.bands[band]->ht_cap.cap); 752 NLA_PUT_U8(msg, NL80211_BAND_ATTR_HT_AMPDU_FACTOR, 753 dev->wiphy.bands[band]->ht_cap.ampdu_factor); 754 NLA_PUT_U8(msg, NL80211_BAND_ATTR_HT_AMPDU_DENSITY, 755 dev->wiphy.bands[band]->ht_cap.ampdu_density); 756 } 757 758 /* add frequencies */ 759 nl_freqs = nla_nest_start(msg, NL80211_BAND_ATTR_FREQS); 760 if (!nl_freqs) 761 goto nla_put_failure; 762 763 for (i = 0; i < dev->wiphy.bands[band]->n_channels; i++) { 764 nl_freq = nla_nest_start(msg, i); 765 if (!nl_freq) 766 goto nla_put_failure; 767 768 chan = &dev->wiphy.bands[band]->channels[i]; 769 770 if (nl80211_msg_put_channel(msg, chan)) 771 goto nla_put_failure; 772 773 nla_nest_end(msg, nl_freq); 774 } 775 776 nla_nest_end(msg, nl_freqs); 777 778 /* add bitrates */ 779 nl_rates = nla_nest_start(msg, NL80211_BAND_ATTR_RATES); 780 if (!nl_rates) 781 goto nla_put_failure; 782 783 for (i = 0; i < dev->wiphy.bands[band]->n_bitrates; i++) { 784 nl_rate = nla_nest_start(msg, i); 785 if (!nl_rate) 786 goto nla_put_failure; 787 788 rate = &dev->wiphy.bands[band]->bitrates[i]; 789 NLA_PUT_U32(msg, NL80211_BITRATE_ATTR_RATE, 790 rate->bitrate); 791 if (rate->flags & IEEE80211_RATE_SHORT_PREAMBLE) 792 NLA_PUT_FLAG(msg, 793 NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE); 794 795 nla_nest_end(msg, nl_rate); 796 } 797 798 nla_nest_end(msg, nl_rates); 799 800 nla_nest_end(msg, nl_band); 801 } 802 nla_nest_end(msg, nl_bands); 803 804 nl_cmds = nla_nest_start(msg, NL80211_ATTR_SUPPORTED_COMMANDS); 805 if (!nl_cmds) 806 goto nla_put_failure; 807 808 i = 0; 809 #define CMD(op, n) \ 810 do { \ 811 if (dev->ops->op) { \ 812 i++; \ 813 NLA_PUT_U32(msg, i, NL80211_CMD_ ## n); \ 814 } \ 815 } while (0) 816 817 CMD(add_virtual_intf, NEW_INTERFACE); 818 CMD(change_virtual_intf, SET_INTERFACE); 819 CMD(add_key, NEW_KEY); 820 CMD(add_beacon, NEW_BEACON); 821 CMD(add_station, NEW_STATION); 822 CMD(add_mpath, NEW_MPATH); 823 CMD(update_mesh_config, SET_MESH_CONFIG); 824 CMD(change_bss, SET_BSS); 825 CMD(auth, AUTHENTICATE); 826 CMD(assoc, ASSOCIATE); 827 CMD(deauth, DEAUTHENTICATE); 828 CMD(disassoc, DISASSOCIATE); 829 CMD(join_ibss, JOIN_IBSS); 830 CMD(join_mesh, JOIN_MESH); 831 CMD(set_pmksa, SET_PMKSA); 832 CMD(del_pmksa, DEL_PMKSA); 833 CMD(flush_pmksa, FLUSH_PMKSA); 834 CMD(remain_on_channel, REMAIN_ON_CHANNEL); 835 CMD(set_bitrate_mask, SET_TX_BITRATE_MASK); 836 CMD(mgmt_tx, FRAME); 837 CMD(mgmt_tx_cancel_wait, FRAME_WAIT_CANCEL); 838 if (dev->wiphy.flags & WIPHY_FLAG_NETNS_OK) { 839 i++; 840 NLA_PUT_U32(msg, i, NL80211_CMD_SET_WIPHY_NETNS); 841 } 842 CMD(set_channel, SET_CHANNEL); 843 CMD(set_wds_peer, SET_WDS_PEER); 844 if (dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN) 845 CMD(sched_scan_start, START_SCHED_SCAN); 846 847 #undef CMD 848 849 if (dev->ops->connect || dev->ops->auth) { 850 i++; 851 NLA_PUT_U32(msg, i, NL80211_CMD_CONNECT); 852 } 853 854 if (dev->ops->disconnect || dev->ops->deauth) { 855 i++; 856 NLA_PUT_U32(msg, i, NL80211_CMD_DISCONNECT); 857 } 858 859 nla_nest_end(msg, nl_cmds); 860 861 if (dev->ops->remain_on_channel) 862 NLA_PUT_U32(msg, NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION, 863 dev->wiphy.max_remain_on_channel_duration); 864 865 /* for now at least assume all drivers have it */ 866 if (dev->ops->mgmt_tx) 867 NLA_PUT_FLAG(msg, NL80211_ATTR_OFFCHANNEL_TX_OK); 868 869 if (mgmt_stypes) { 870 u16 stypes; 871 struct nlattr *nl_ftypes, *nl_ifs; 872 enum nl80211_iftype ift; 873 874 nl_ifs = nla_nest_start(msg, NL80211_ATTR_TX_FRAME_TYPES); 875 if (!nl_ifs) 876 goto nla_put_failure; 877 878 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) { 879 nl_ftypes = nla_nest_start(msg, ift); 880 if (!nl_ftypes) 881 goto nla_put_failure; 882 i = 0; 883 stypes = mgmt_stypes[ift].tx; 884 while (stypes) { 885 if (stypes & 1) 886 NLA_PUT_U16(msg, NL80211_ATTR_FRAME_TYPE, 887 (i << 4) | IEEE80211_FTYPE_MGMT); 888 stypes >>= 1; 889 i++; 890 } 891 nla_nest_end(msg, nl_ftypes); 892 } 893 894 nla_nest_end(msg, nl_ifs); 895 896 nl_ifs = nla_nest_start(msg, NL80211_ATTR_RX_FRAME_TYPES); 897 if (!nl_ifs) 898 goto nla_put_failure; 899 900 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) { 901 nl_ftypes = nla_nest_start(msg, ift); 902 if (!nl_ftypes) 903 goto nla_put_failure; 904 i = 0; 905 stypes = mgmt_stypes[ift].rx; 906 while (stypes) { 907 if (stypes & 1) 908 NLA_PUT_U16(msg, NL80211_ATTR_FRAME_TYPE, 909 (i << 4) | IEEE80211_FTYPE_MGMT); 910 stypes >>= 1; 911 i++; 912 } 913 nla_nest_end(msg, nl_ftypes); 914 } 915 nla_nest_end(msg, nl_ifs); 916 } 917 918 if (dev->wiphy.wowlan.flags || dev->wiphy.wowlan.n_patterns) { 919 struct nlattr *nl_wowlan; 920 921 nl_wowlan = nla_nest_start(msg, 922 NL80211_ATTR_WOWLAN_TRIGGERS_SUPPORTED); 923 if (!nl_wowlan) 924 goto nla_put_failure; 925 926 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_ANY) 927 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_ANY); 928 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_DISCONNECT) 929 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_DISCONNECT); 930 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_MAGIC_PKT) 931 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT); 932 if (dev->wiphy.wowlan.n_patterns) { 933 struct nl80211_wowlan_pattern_support pat = { 934 .max_patterns = dev->wiphy.wowlan.n_patterns, 935 .min_pattern_len = 936 dev->wiphy.wowlan.pattern_min_len, 937 .max_pattern_len = 938 dev->wiphy.wowlan.pattern_max_len, 939 }; 940 NLA_PUT(msg, NL80211_WOWLAN_TRIG_PKT_PATTERN, 941 sizeof(pat), &pat); 942 } 943 944 nla_nest_end(msg, nl_wowlan); 945 } 946 947 if (nl80211_put_iftypes(msg, NL80211_ATTR_SOFTWARE_IFTYPES, 948 dev->wiphy.software_iftypes)) 949 goto nla_put_failure; 950 951 if (nl80211_put_iface_combinations(&dev->wiphy, msg)) 952 goto nla_put_failure; 953 954 return genlmsg_end(msg, hdr); 955 956 nla_put_failure: 957 genlmsg_cancel(msg, hdr); 958 return -EMSGSIZE; 959 } 960 961 static int nl80211_dump_wiphy(struct sk_buff *skb, struct netlink_callback *cb) 962 { 963 int idx = 0; 964 int start = cb->args[0]; 965 struct cfg80211_registered_device *dev; 966 967 mutex_lock(&cfg80211_mutex); 968 list_for_each_entry(dev, &cfg80211_rdev_list, list) { 969 if (!net_eq(wiphy_net(&dev->wiphy), sock_net(skb->sk))) 970 continue; 971 if (++idx <= start) 972 continue; 973 if (nl80211_send_wiphy(skb, NETLINK_CB(cb->skb).pid, 974 cb->nlh->nlmsg_seq, NLM_F_MULTI, 975 dev) < 0) { 976 idx--; 977 break; 978 } 979 } 980 mutex_unlock(&cfg80211_mutex); 981 982 cb->args[0] = idx; 983 984 return skb->len; 985 } 986 987 static int nl80211_get_wiphy(struct sk_buff *skb, struct genl_info *info) 988 { 989 struct sk_buff *msg; 990 struct cfg80211_registered_device *dev = info->user_ptr[0]; 991 992 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 993 if (!msg) 994 return -ENOMEM; 995 996 if (nl80211_send_wiphy(msg, info->snd_pid, info->snd_seq, 0, dev) < 0) { 997 nlmsg_free(msg); 998 return -ENOBUFS; 999 } 1000 1001 return genlmsg_reply(msg, info); 1002 } 1003 1004 static const struct nla_policy txq_params_policy[NL80211_TXQ_ATTR_MAX + 1] = { 1005 [NL80211_TXQ_ATTR_QUEUE] = { .type = NLA_U8 }, 1006 [NL80211_TXQ_ATTR_TXOP] = { .type = NLA_U16 }, 1007 [NL80211_TXQ_ATTR_CWMIN] = { .type = NLA_U16 }, 1008 [NL80211_TXQ_ATTR_CWMAX] = { .type = NLA_U16 }, 1009 [NL80211_TXQ_ATTR_AIFS] = { .type = NLA_U8 }, 1010 }; 1011 1012 static int parse_txq_params(struct nlattr *tb[], 1013 struct ieee80211_txq_params *txq_params) 1014 { 1015 if (!tb[NL80211_TXQ_ATTR_QUEUE] || !tb[NL80211_TXQ_ATTR_TXOP] || 1016 !tb[NL80211_TXQ_ATTR_CWMIN] || !tb[NL80211_TXQ_ATTR_CWMAX] || 1017 !tb[NL80211_TXQ_ATTR_AIFS]) 1018 return -EINVAL; 1019 1020 txq_params->queue = nla_get_u8(tb[NL80211_TXQ_ATTR_QUEUE]); 1021 txq_params->txop = nla_get_u16(tb[NL80211_TXQ_ATTR_TXOP]); 1022 txq_params->cwmin = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMIN]); 1023 txq_params->cwmax = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMAX]); 1024 txq_params->aifs = nla_get_u8(tb[NL80211_TXQ_ATTR_AIFS]); 1025 1026 return 0; 1027 } 1028 1029 static bool nl80211_can_set_dev_channel(struct wireless_dev *wdev) 1030 { 1031 /* 1032 * You can only set the channel explicitly for AP, mesh 1033 * and WDS type interfaces; all others have their channel 1034 * managed via their respective "establish a connection" 1035 * command (connect, join, ...) 1036 * 1037 * Monitors are special as they are normally slaved to 1038 * whatever else is going on, so they behave as though 1039 * you tried setting the wiphy channel itself. 1040 */ 1041 return !wdev || 1042 wdev->iftype == NL80211_IFTYPE_AP || 1043 wdev->iftype == NL80211_IFTYPE_WDS || 1044 wdev->iftype == NL80211_IFTYPE_MESH_POINT || 1045 wdev->iftype == NL80211_IFTYPE_MONITOR || 1046 wdev->iftype == NL80211_IFTYPE_P2P_GO; 1047 } 1048 1049 static int __nl80211_set_channel(struct cfg80211_registered_device *rdev, 1050 struct wireless_dev *wdev, 1051 struct genl_info *info) 1052 { 1053 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 1054 u32 freq; 1055 int result; 1056 1057 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ]) 1058 return -EINVAL; 1059 1060 if (!nl80211_can_set_dev_channel(wdev)) 1061 return -EOPNOTSUPP; 1062 1063 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 1064 channel_type = nla_get_u32(info->attrs[ 1065 NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 1066 if (channel_type != NL80211_CHAN_NO_HT && 1067 channel_type != NL80211_CHAN_HT20 && 1068 channel_type != NL80211_CHAN_HT40PLUS && 1069 channel_type != NL80211_CHAN_HT40MINUS) 1070 return -EINVAL; 1071 } 1072 1073 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); 1074 1075 mutex_lock(&rdev->devlist_mtx); 1076 if (wdev) { 1077 wdev_lock(wdev); 1078 result = cfg80211_set_freq(rdev, wdev, freq, channel_type); 1079 wdev_unlock(wdev); 1080 } else { 1081 result = cfg80211_set_freq(rdev, NULL, freq, channel_type); 1082 } 1083 mutex_unlock(&rdev->devlist_mtx); 1084 1085 return result; 1086 } 1087 1088 static int nl80211_set_channel(struct sk_buff *skb, struct genl_info *info) 1089 { 1090 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1091 struct net_device *netdev = info->user_ptr[1]; 1092 1093 return __nl80211_set_channel(rdev, netdev->ieee80211_ptr, info); 1094 } 1095 1096 static int nl80211_set_wds_peer(struct sk_buff *skb, struct genl_info *info) 1097 { 1098 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1099 struct net_device *dev = info->user_ptr[1]; 1100 struct wireless_dev *wdev = dev->ieee80211_ptr; 1101 const u8 *bssid; 1102 1103 if (!info->attrs[NL80211_ATTR_MAC]) 1104 return -EINVAL; 1105 1106 if (netif_running(dev)) 1107 return -EBUSY; 1108 1109 if (!rdev->ops->set_wds_peer) 1110 return -EOPNOTSUPP; 1111 1112 if (wdev->iftype != NL80211_IFTYPE_WDS) 1113 return -EOPNOTSUPP; 1114 1115 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 1116 return rdev->ops->set_wds_peer(wdev->wiphy, dev, bssid); 1117 } 1118 1119 1120 static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info) 1121 { 1122 struct cfg80211_registered_device *rdev; 1123 struct net_device *netdev = NULL; 1124 struct wireless_dev *wdev; 1125 int result = 0, rem_txq_params = 0; 1126 struct nlattr *nl_txq_params; 1127 u32 changed; 1128 u8 retry_short = 0, retry_long = 0; 1129 u32 frag_threshold = 0, rts_threshold = 0; 1130 u8 coverage_class = 0; 1131 1132 /* 1133 * Try to find the wiphy and netdev. Normally this 1134 * function shouldn't need the netdev, but this is 1135 * done for backward compatibility -- previously 1136 * setting the channel was done per wiphy, but now 1137 * it is per netdev. Previous userland like hostapd 1138 * also passed a netdev to set_wiphy, so that it is 1139 * possible to let that go to the right netdev! 1140 */ 1141 mutex_lock(&cfg80211_mutex); 1142 1143 if (info->attrs[NL80211_ATTR_IFINDEX]) { 1144 int ifindex = nla_get_u32(info->attrs[NL80211_ATTR_IFINDEX]); 1145 1146 netdev = dev_get_by_index(genl_info_net(info), ifindex); 1147 if (netdev && netdev->ieee80211_ptr) { 1148 rdev = wiphy_to_dev(netdev->ieee80211_ptr->wiphy); 1149 mutex_lock(&rdev->mtx); 1150 } else 1151 netdev = NULL; 1152 } 1153 1154 if (!netdev) { 1155 rdev = __cfg80211_rdev_from_info(info); 1156 if (IS_ERR(rdev)) { 1157 mutex_unlock(&cfg80211_mutex); 1158 return PTR_ERR(rdev); 1159 } 1160 wdev = NULL; 1161 netdev = NULL; 1162 result = 0; 1163 1164 mutex_lock(&rdev->mtx); 1165 } else if (netif_running(netdev) && 1166 nl80211_can_set_dev_channel(netdev->ieee80211_ptr)) 1167 wdev = netdev->ieee80211_ptr; 1168 else 1169 wdev = NULL; 1170 1171 /* 1172 * end workaround code, by now the rdev is available 1173 * and locked, and wdev may or may not be NULL. 1174 */ 1175 1176 if (info->attrs[NL80211_ATTR_WIPHY_NAME]) 1177 result = cfg80211_dev_rename( 1178 rdev, nla_data(info->attrs[NL80211_ATTR_WIPHY_NAME])); 1179 1180 mutex_unlock(&cfg80211_mutex); 1181 1182 if (result) 1183 goto bad_res; 1184 1185 if (info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS]) { 1186 struct ieee80211_txq_params txq_params; 1187 struct nlattr *tb[NL80211_TXQ_ATTR_MAX + 1]; 1188 1189 if (!rdev->ops->set_txq_params) { 1190 result = -EOPNOTSUPP; 1191 goto bad_res; 1192 } 1193 1194 nla_for_each_nested(nl_txq_params, 1195 info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS], 1196 rem_txq_params) { 1197 nla_parse(tb, NL80211_TXQ_ATTR_MAX, 1198 nla_data(nl_txq_params), 1199 nla_len(nl_txq_params), 1200 txq_params_policy); 1201 result = parse_txq_params(tb, &txq_params); 1202 if (result) 1203 goto bad_res; 1204 1205 result = rdev->ops->set_txq_params(&rdev->wiphy, 1206 &txq_params); 1207 if (result) 1208 goto bad_res; 1209 } 1210 } 1211 1212 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { 1213 result = __nl80211_set_channel(rdev, wdev, info); 1214 if (result) 1215 goto bad_res; 1216 } 1217 1218 if (info->attrs[NL80211_ATTR_WIPHY_TX_POWER_SETTING]) { 1219 enum nl80211_tx_power_setting type; 1220 int idx, mbm = 0; 1221 1222 if (!rdev->ops->set_tx_power) { 1223 result = -EOPNOTSUPP; 1224 goto bad_res; 1225 } 1226 1227 idx = NL80211_ATTR_WIPHY_TX_POWER_SETTING; 1228 type = nla_get_u32(info->attrs[idx]); 1229 1230 if (!info->attrs[NL80211_ATTR_WIPHY_TX_POWER_LEVEL] && 1231 (type != NL80211_TX_POWER_AUTOMATIC)) { 1232 result = -EINVAL; 1233 goto bad_res; 1234 } 1235 1236 if (type != NL80211_TX_POWER_AUTOMATIC) { 1237 idx = NL80211_ATTR_WIPHY_TX_POWER_LEVEL; 1238 mbm = nla_get_u32(info->attrs[idx]); 1239 } 1240 1241 result = rdev->ops->set_tx_power(&rdev->wiphy, type, mbm); 1242 if (result) 1243 goto bad_res; 1244 } 1245 1246 if (info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX] && 1247 info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]) { 1248 u32 tx_ant, rx_ant; 1249 if ((!rdev->wiphy.available_antennas_tx && 1250 !rdev->wiphy.available_antennas_rx) || 1251 !rdev->ops->set_antenna) { 1252 result = -EOPNOTSUPP; 1253 goto bad_res; 1254 } 1255 1256 tx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX]); 1257 rx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]); 1258 1259 /* reject antenna configurations which don't match the 1260 * available antenna masks, except for the "all" mask */ 1261 if ((~tx_ant && (tx_ant & ~rdev->wiphy.available_antennas_tx)) || 1262 (~rx_ant && (rx_ant & ~rdev->wiphy.available_antennas_rx))) { 1263 result = -EINVAL; 1264 goto bad_res; 1265 } 1266 1267 tx_ant = tx_ant & rdev->wiphy.available_antennas_tx; 1268 rx_ant = rx_ant & rdev->wiphy.available_antennas_rx; 1269 1270 result = rdev->ops->set_antenna(&rdev->wiphy, tx_ant, rx_ant); 1271 if (result) 1272 goto bad_res; 1273 } 1274 1275 changed = 0; 1276 1277 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]) { 1278 retry_short = nla_get_u8( 1279 info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]); 1280 if (retry_short == 0) { 1281 result = -EINVAL; 1282 goto bad_res; 1283 } 1284 changed |= WIPHY_PARAM_RETRY_SHORT; 1285 } 1286 1287 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]) { 1288 retry_long = nla_get_u8( 1289 info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]); 1290 if (retry_long == 0) { 1291 result = -EINVAL; 1292 goto bad_res; 1293 } 1294 changed |= WIPHY_PARAM_RETRY_LONG; 1295 } 1296 1297 if (info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]) { 1298 frag_threshold = nla_get_u32( 1299 info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]); 1300 if (frag_threshold < 256) { 1301 result = -EINVAL; 1302 goto bad_res; 1303 } 1304 if (frag_threshold != (u32) -1) { 1305 /* 1306 * Fragments (apart from the last one) are required to 1307 * have even length. Make the fragmentation code 1308 * simpler by stripping LSB should someone try to use 1309 * odd threshold value. 1310 */ 1311 frag_threshold &= ~0x1; 1312 } 1313 changed |= WIPHY_PARAM_FRAG_THRESHOLD; 1314 } 1315 1316 if (info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]) { 1317 rts_threshold = nla_get_u32( 1318 info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]); 1319 changed |= WIPHY_PARAM_RTS_THRESHOLD; 1320 } 1321 1322 if (info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]) { 1323 coverage_class = nla_get_u8( 1324 info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]); 1325 changed |= WIPHY_PARAM_COVERAGE_CLASS; 1326 } 1327 1328 if (changed) { 1329 u8 old_retry_short, old_retry_long; 1330 u32 old_frag_threshold, old_rts_threshold; 1331 u8 old_coverage_class; 1332 1333 if (!rdev->ops->set_wiphy_params) { 1334 result = -EOPNOTSUPP; 1335 goto bad_res; 1336 } 1337 1338 old_retry_short = rdev->wiphy.retry_short; 1339 old_retry_long = rdev->wiphy.retry_long; 1340 old_frag_threshold = rdev->wiphy.frag_threshold; 1341 old_rts_threshold = rdev->wiphy.rts_threshold; 1342 old_coverage_class = rdev->wiphy.coverage_class; 1343 1344 if (changed & WIPHY_PARAM_RETRY_SHORT) 1345 rdev->wiphy.retry_short = retry_short; 1346 if (changed & WIPHY_PARAM_RETRY_LONG) 1347 rdev->wiphy.retry_long = retry_long; 1348 if (changed & WIPHY_PARAM_FRAG_THRESHOLD) 1349 rdev->wiphy.frag_threshold = frag_threshold; 1350 if (changed & WIPHY_PARAM_RTS_THRESHOLD) 1351 rdev->wiphy.rts_threshold = rts_threshold; 1352 if (changed & WIPHY_PARAM_COVERAGE_CLASS) 1353 rdev->wiphy.coverage_class = coverage_class; 1354 1355 result = rdev->ops->set_wiphy_params(&rdev->wiphy, changed); 1356 if (result) { 1357 rdev->wiphy.retry_short = old_retry_short; 1358 rdev->wiphy.retry_long = old_retry_long; 1359 rdev->wiphy.frag_threshold = old_frag_threshold; 1360 rdev->wiphy.rts_threshold = old_rts_threshold; 1361 rdev->wiphy.coverage_class = old_coverage_class; 1362 } 1363 } 1364 1365 bad_res: 1366 mutex_unlock(&rdev->mtx); 1367 if (netdev) 1368 dev_put(netdev); 1369 return result; 1370 } 1371 1372 1373 static int nl80211_send_iface(struct sk_buff *msg, u32 pid, u32 seq, int flags, 1374 struct cfg80211_registered_device *rdev, 1375 struct net_device *dev) 1376 { 1377 void *hdr; 1378 1379 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_INTERFACE); 1380 if (!hdr) 1381 return -1; 1382 1383 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 1384 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 1385 NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, dev->name); 1386 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, dev->ieee80211_ptr->iftype); 1387 1388 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, 1389 rdev->devlist_generation ^ 1390 (cfg80211_rdev_list_generation << 2)); 1391 1392 return genlmsg_end(msg, hdr); 1393 1394 nla_put_failure: 1395 genlmsg_cancel(msg, hdr); 1396 return -EMSGSIZE; 1397 } 1398 1399 static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback *cb) 1400 { 1401 int wp_idx = 0; 1402 int if_idx = 0; 1403 int wp_start = cb->args[0]; 1404 int if_start = cb->args[1]; 1405 struct cfg80211_registered_device *rdev; 1406 struct wireless_dev *wdev; 1407 1408 mutex_lock(&cfg80211_mutex); 1409 list_for_each_entry(rdev, &cfg80211_rdev_list, list) { 1410 if (!net_eq(wiphy_net(&rdev->wiphy), sock_net(skb->sk))) 1411 continue; 1412 if (wp_idx < wp_start) { 1413 wp_idx++; 1414 continue; 1415 } 1416 if_idx = 0; 1417 1418 mutex_lock(&rdev->devlist_mtx); 1419 list_for_each_entry(wdev, &rdev->netdev_list, list) { 1420 if (if_idx < if_start) { 1421 if_idx++; 1422 continue; 1423 } 1424 if (nl80211_send_iface(skb, NETLINK_CB(cb->skb).pid, 1425 cb->nlh->nlmsg_seq, NLM_F_MULTI, 1426 rdev, wdev->netdev) < 0) { 1427 mutex_unlock(&rdev->devlist_mtx); 1428 goto out; 1429 } 1430 if_idx++; 1431 } 1432 mutex_unlock(&rdev->devlist_mtx); 1433 1434 wp_idx++; 1435 } 1436 out: 1437 mutex_unlock(&cfg80211_mutex); 1438 1439 cb->args[0] = wp_idx; 1440 cb->args[1] = if_idx; 1441 1442 return skb->len; 1443 } 1444 1445 static int nl80211_get_interface(struct sk_buff *skb, struct genl_info *info) 1446 { 1447 struct sk_buff *msg; 1448 struct cfg80211_registered_device *dev = info->user_ptr[0]; 1449 struct net_device *netdev = info->user_ptr[1]; 1450 1451 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1452 if (!msg) 1453 return -ENOMEM; 1454 1455 if (nl80211_send_iface(msg, info->snd_pid, info->snd_seq, 0, 1456 dev, netdev) < 0) { 1457 nlmsg_free(msg); 1458 return -ENOBUFS; 1459 } 1460 1461 return genlmsg_reply(msg, info); 1462 } 1463 1464 static const struct nla_policy mntr_flags_policy[NL80211_MNTR_FLAG_MAX + 1] = { 1465 [NL80211_MNTR_FLAG_FCSFAIL] = { .type = NLA_FLAG }, 1466 [NL80211_MNTR_FLAG_PLCPFAIL] = { .type = NLA_FLAG }, 1467 [NL80211_MNTR_FLAG_CONTROL] = { .type = NLA_FLAG }, 1468 [NL80211_MNTR_FLAG_OTHER_BSS] = { .type = NLA_FLAG }, 1469 [NL80211_MNTR_FLAG_COOK_FRAMES] = { .type = NLA_FLAG }, 1470 }; 1471 1472 static int parse_monitor_flags(struct nlattr *nla, u32 *mntrflags) 1473 { 1474 struct nlattr *flags[NL80211_MNTR_FLAG_MAX + 1]; 1475 int flag; 1476 1477 *mntrflags = 0; 1478 1479 if (!nla) 1480 return -EINVAL; 1481 1482 if (nla_parse_nested(flags, NL80211_MNTR_FLAG_MAX, 1483 nla, mntr_flags_policy)) 1484 return -EINVAL; 1485 1486 for (flag = 1; flag <= NL80211_MNTR_FLAG_MAX; flag++) 1487 if (flags[flag]) 1488 *mntrflags |= (1<<flag); 1489 1490 return 0; 1491 } 1492 1493 static int nl80211_valid_4addr(struct cfg80211_registered_device *rdev, 1494 struct net_device *netdev, u8 use_4addr, 1495 enum nl80211_iftype iftype) 1496 { 1497 if (!use_4addr) { 1498 if (netdev && (netdev->priv_flags & IFF_BRIDGE_PORT)) 1499 return -EBUSY; 1500 return 0; 1501 } 1502 1503 switch (iftype) { 1504 case NL80211_IFTYPE_AP_VLAN: 1505 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_AP) 1506 return 0; 1507 break; 1508 case NL80211_IFTYPE_STATION: 1509 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_STATION) 1510 return 0; 1511 break; 1512 default: 1513 break; 1514 } 1515 1516 return -EOPNOTSUPP; 1517 } 1518 1519 static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info) 1520 { 1521 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1522 struct vif_params params; 1523 int err; 1524 enum nl80211_iftype otype, ntype; 1525 struct net_device *dev = info->user_ptr[1]; 1526 u32 _flags, *flags = NULL; 1527 bool change = false; 1528 1529 memset(¶ms, 0, sizeof(params)); 1530 1531 otype = ntype = dev->ieee80211_ptr->iftype; 1532 1533 if (info->attrs[NL80211_ATTR_IFTYPE]) { 1534 ntype = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]); 1535 if (otype != ntype) 1536 change = true; 1537 if (ntype > NL80211_IFTYPE_MAX) 1538 return -EINVAL; 1539 } 1540 1541 if (info->attrs[NL80211_ATTR_MESH_ID]) { 1542 struct wireless_dev *wdev = dev->ieee80211_ptr; 1543 1544 if (ntype != NL80211_IFTYPE_MESH_POINT) 1545 return -EINVAL; 1546 if (netif_running(dev)) 1547 return -EBUSY; 1548 1549 wdev_lock(wdev); 1550 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN != 1551 IEEE80211_MAX_MESH_ID_LEN); 1552 wdev->mesh_id_up_len = 1553 nla_len(info->attrs[NL80211_ATTR_MESH_ID]); 1554 memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]), 1555 wdev->mesh_id_up_len); 1556 wdev_unlock(wdev); 1557 } 1558 1559 if (info->attrs[NL80211_ATTR_4ADDR]) { 1560 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]); 1561 change = true; 1562 err = nl80211_valid_4addr(rdev, dev, params.use_4addr, ntype); 1563 if (err) 1564 return err; 1565 } else { 1566 params.use_4addr = -1; 1567 } 1568 1569 if (info->attrs[NL80211_ATTR_MNTR_FLAGS]) { 1570 if (ntype != NL80211_IFTYPE_MONITOR) 1571 return -EINVAL; 1572 err = parse_monitor_flags(info->attrs[NL80211_ATTR_MNTR_FLAGS], 1573 &_flags); 1574 if (err) 1575 return err; 1576 1577 flags = &_flags; 1578 change = true; 1579 } 1580 1581 if (change) 1582 err = cfg80211_change_iface(rdev, dev, ntype, flags, ¶ms); 1583 else 1584 err = 0; 1585 1586 if (!err && params.use_4addr != -1) 1587 dev->ieee80211_ptr->use_4addr = params.use_4addr; 1588 1589 return err; 1590 } 1591 1592 static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info) 1593 { 1594 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1595 struct vif_params params; 1596 struct net_device *dev; 1597 int err; 1598 enum nl80211_iftype type = NL80211_IFTYPE_UNSPECIFIED; 1599 u32 flags; 1600 1601 memset(¶ms, 0, sizeof(params)); 1602 1603 if (!info->attrs[NL80211_ATTR_IFNAME]) 1604 return -EINVAL; 1605 1606 if (info->attrs[NL80211_ATTR_IFTYPE]) { 1607 type = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]); 1608 if (type > NL80211_IFTYPE_MAX) 1609 return -EINVAL; 1610 } 1611 1612 if (!rdev->ops->add_virtual_intf || 1613 !(rdev->wiphy.interface_modes & (1 << type))) 1614 return -EOPNOTSUPP; 1615 1616 if (info->attrs[NL80211_ATTR_4ADDR]) { 1617 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]); 1618 err = nl80211_valid_4addr(rdev, NULL, params.use_4addr, type); 1619 if (err) 1620 return err; 1621 } 1622 1623 err = parse_monitor_flags(type == NL80211_IFTYPE_MONITOR ? 1624 info->attrs[NL80211_ATTR_MNTR_FLAGS] : NULL, 1625 &flags); 1626 dev = rdev->ops->add_virtual_intf(&rdev->wiphy, 1627 nla_data(info->attrs[NL80211_ATTR_IFNAME]), 1628 type, err ? NULL : &flags, ¶ms); 1629 if (IS_ERR(dev)) 1630 return PTR_ERR(dev); 1631 1632 if (type == NL80211_IFTYPE_MESH_POINT && 1633 info->attrs[NL80211_ATTR_MESH_ID]) { 1634 struct wireless_dev *wdev = dev->ieee80211_ptr; 1635 1636 wdev_lock(wdev); 1637 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN != 1638 IEEE80211_MAX_MESH_ID_LEN); 1639 wdev->mesh_id_up_len = 1640 nla_len(info->attrs[NL80211_ATTR_MESH_ID]); 1641 memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]), 1642 wdev->mesh_id_up_len); 1643 wdev_unlock(wdev); 1644 } 1645 1646 return 0; 1647 } 1648 1649 static int nl80211_del_interface(struct sk_buff *skb, struct genl_info *info) 1650 { 1651 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1652 struct net_device *dev = info->user_ptr[1]; 1653 1654 if (!rdev->ops->del_virtual_intf) 1655 return -EOPNOTSUPP; 1656 1657 return rdev->ops->del_virtual_intf(&rdev->wiphy, dev); 1658 } 1659 1660 struct get_key_cookie { 1661 struct sk_buff *msg; 1662 int error; 1663 int idx; 1664 }; 1665 1666 static void get_key_callback(void *c, struct key_params *params) 1667 { 1668 struct nlattr *key; 1669 struct get_key_cookie *cookie = c; 1670 1671 if (params->key) 1672 NLA_PUT(cookie->msg, NL80211_ATTR_KEY_DATA, 1673 params->key_len, params->key); 1674 1675 if (params->seq) 1676 NLA_PUT(cookie->msg, NL80211_ATTR_KEY_SEQ, 1677 params->seq_len, params->seq); 1678 1679 if (params->cipher) 1680 NLA_PUT_U32(cookie->msg, NL80211_ATTR_KEY_CIPHER, 1681 params->cipher); 1682 1683 key = nla_nest_start(cookie->msg, NL80211_ATTR_KEY); 1684 if (!key) 1685 goto nla_put_failure; 1686 1687 if (params->key) 1688 NLA_PUT(cookie->msg, NL80211_KEY_DATA, 1689 params->key_len, params->key); 1690 1691 if (params->seq) 1692 NLA_PUT(cookie->msg, NL80211_KEY_SEQ, 1693 params->seq_len, params->seq); 1694 1695 if (params->cipher) 1696 NLA_PUT_U32(cookie->msg, NL80211_KEY_CIPHER, 1697 params->cipher); 1698 1699 NLA_PUT_U8(cookie->msg, NL80211_ATTR_KEY_IDX, cookie->idx); 1700 1701 nla_nest_end(cookie->msg, key); 1702 1703 return; 1704 nla_put_failure: 1705 cookie->error = 1; 1706 } 1707 1708 static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info) 1709 { 1710 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1711 int err; 1712 struct net_device *dev = info->user_ptr[1]; 1713 u8 key_idx = 0; 1714 const u8 *mac_addr = NULL; 1715 bool pairwise; 1716 struct get_key_cookie cookie = { 1717 .error = 0, 1718 }; 1719 void *hdr; 1720 struct sk_buff *msg; 1721 1722 if (info->attrs[NL80211_ATTR_KEY_IDX]) 1723 key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]); 1724 1725 if (key_idx > 5) 1726 return -EINVAL; 1727 1728 if (info->attrs[NL80211_ATTR_MAC]) 1729 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1730 1731 pairwise = !!mac_addr; 1732 if (info->attrs[NL80211_ATTR_KEY_TYPE]) { 1733 u32 kt = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]); 1734 if (kt >= NUM_NL80211_KEYTYPES) 1735 return -EINVAL; 1736 if (kt != NL80211_KEYTYPE_GROUP && 1737 kt != NL80211_KEYTYPE_PAIRWISE) 1738 return -EINVAL; 1739 pairwise = kt == NL80211_KEYTYPE_PAIRWISE; 1740 } 1741 1742 if (!rdev->ops->get_key) 1743 return -EOPNOTSUPP; 1744 1745 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1746 if (!msg) 1747 return -ENOMEM; 1748 1749 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 1750 NL80211_CMD_NEW_KEY); 1751 if (IS_ERR(hdr)) 1752 return PTR_ERR(hdr); 1753 1754 cookie.msg = msg; 1755 cookie.idx = key_idx; 1756 1757 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 1758 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx); 1759 if (mac_addr) 1760 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr); 1761 1762 if (pairwise && mac_addr && 1763 !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN)) 1764 return -ENOENT; 1765 1766 err = rdev->ops->get_key(&rdev->wiphy, dev, key_idx, pairwise, 1767 mac_addr, &cookie, get_key_callback); 1768 1769 if (err) 1770 goto free_msg; 1771 1772 if (cookie.error) 1773 goto nla_put_failure; 1774 1775 genlmsg_end(msg, hdr); 1776 return genlmsg_reply(msg, info); 1777 1778 nla_put_failure: 1779 err = -ENOBUFS; 1780 free_msg: 1781 nlmsg_free(msg); 1782 return err; 1783 } 1784 1785 static int nl80211_set_key(struct sk_buff *skb, struct genl_info *info) 1786 { 1787 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1788 struct key_parse key; 1789 int err; 1790 struct net_device *dev = info->user_ptr[1]; 1791 1792 err = nl80211_parse_key(info, &key); 1793 if (err) 1794 return err; 1795 1796 if (key.idx < 0) 1797 return -EINVAL; 1798 1799 /* only support setting default key */ 1800 if (!key.def && !key.defmgmt) 1801 return -EINVAL; 1802 1803 wdev_lock(dev->ieee80211_ptr); 1804 1805 if (key.def) { 1806 if (!rdev->ops->set_default_key) { 1807 err = -EOPNOTSUPP; 1808 goto out; 1809 } 1810 1811 err = nl80211_key_allowed(dev->ieee80211_ptr); 1812 if (err) 1813 goto out; 1814 1815 err = rdev->ops->set_default_key(&rdev->wiphy, dev, key.idx, 1816 key.def_uni, key.def_multi); 1817 1818 if (err) 1819 goto out; 1820 1821 #ifdef CONFIG_CFG80211_WEXT 1822 dev->ieee80211_ptr->wext.default_key = key.idx; 1823 #endif 1824 } else { 1825 if (key.def_uni || !key.def_multi) { 1826 err = -EINVAL; 1827 goto out; 1828 } 1829 1830 if (!rdev->ops->set_default_mgmt_key) { 1831 err = -EOPNOTSUPP; 1832 goto out; 1833 } 1834 1835 err = nl80211_key_allowed(dev->ieee80211_ptr); 1836 if (err) 1837 goto out; 1838 1839 err = rdev->ops->set_default_mgmt_key(&rdev->wiphy, 1840 dev, key.idx); 1841 if (err) 1842 goto out; 1843 1844 #ifdef CONFIG_CFG80211_WEXT 1845 dev->ieee80211_ptr->wext.default_mgmt_key = key.idx; 1846 #endif 1847 } 1848 1849 out: 1850 wdev_unlock(dev->ieee80211_ptr); 1851 1852 return err; 1853 } 1854 1855 static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info) 1856 { 1857 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1858 int err; 1859 struct net_device *dev = info->user_ptr[1]; 1860 struct key_parse key; 1861 const u8 *mac_addr = NULL; 1862 1863 err = nl80211_parse_key(info, &key); 1864 if (err) 1865 return err; 1866 1867 if (!key.p.key) 1868 return -EINVAL; 1869 1870 if (info->attrs[NL80211_ATTR_MAC]) 1871 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1872 1873 if (key.type == -1) { 1874 if (mac_addr) 1875 key.type = NL80211_KEYTYPE_PAIRWISE; 1876 else 1877 key.type = NL80211_KEYTYPE_GROUP; 1878 } 1879 1880 /* for now */ 1881 if (key.type != NL80211_KEYTYPE_PAIRWISE && 1882 key.type != NL80211_KEYTYPE_GROUP) 1883 return -EINVAL; 1884 1885 if (!rdev->ops->add_key) 1886 return -EOPNOTSUPP; 1887 1888 if (cfg80211_validate_key_settings(rdev, &key.p, key.idx, 1889 key.type == NL80211_KEYTYPE_PAIRWISE, 1890 mac_addr)) 1891 return -EINVAL; 1892 1893 wdev_lock(dev->ieee80211_ptr); 1894 err = nl80211_key_allowed(dev->ieee80211_ptr); 1895 if (!err) 1896 err = rdev->ops->add_key(&rdev->wiphy, dev, key.idx, 1897 key.type == NL80211_KEYTYPE_PAIRWISE, 1898 mac_addr, &key.p); 1899 wdev_unlock(dev->ieee80211_ptr); 1900 1901 return err; 1902 } 1903 1904 static int nl80211_del_key(struct sk_buff *skb, struct genl_info *info) 1905 { 1906 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1907 int err; 1908 struct net_device *dev = info->user_ptr[1]; 1909 u8 *mac_addr = NULL; 1910 struct key_parse key; 1911 1912 err = nl80211_parse_key(info, &key); 1913 if (err) 1914 return err; 1915 1916 if (info->attrs[NL80211_ATTR_MAC]) 1917 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1918 1919 if (key.type == -1) { 1920 if (mac_addr) 1921 key.type = NL80211_KEYTYPE_PAIRWISE; 1922 else 1923 key.type = NL80211_KEYTYPE_GROUP; 1924 } 1925 1926 /* for now */ 1927 if (key.type != NL80211_KEYTYPE_PAIRWISE && 1928 key.type != NL80211_KEYTYPE_GROUP) 1929 return -EINVAL; 1930 1931 if (!rdev->ops->del_key) 1932 return -EOPNOTSUPP; 1933 1934 wdev_lock(dev->ieee80211_ptr); 1935 err = nl80211_key_allowed(dev->ieee80211_ptr); 1936 1937 if (key.type == NL80211_KEYTYPE_PAIRWISE && mac_addr && 1938 !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN)) 1939 err = -ENOENT; 1940 1941 if (!err) 1942 err = rdev->ops->del_key(&rdev->wiphy, dev, key.idx, 1943 key.type == NL80211_KEYTYPE_PAIRWISE, 1944 mac_addr); 1945 1946 #ifdef CONFIG_CFG80211_WEXT 1947 if (!err) { 1948 if (key.idx == dev->ieee80211_ptr->wext.default_key) 1949 dev->ieee80211_ptr->wext.default_key = -1; 1950 else if (key.idx == dev->ieee80211_ptr->wext.default_mgmt_key) 1951 dev->ieee80211_ptr->wext.default_mgmt_key = -1; 1952 } 1953 #endif 1954 wdev_unlock(dev->ieee80211_ptr); 1955 1956 return err; 1957 } 1958 1959 static int nl80211_addset_beacon(struct sk_buff *skb, struct genl_info *info) 1960 { 1961 int (*call)(struct wiphy *wiphy, struct net_device *dev, 1962 struct beacon_parameters *info); 1963 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1964 struct net_device *dev = info->user_ptr[1]; 1965 struct wireless_dev *wdev = dev->ieee80211_ptr; 1966 struct beacon_parameters params; 1967 int haveinfo = 0, err; 1968 1969 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_BEACON_TAIL])) 1970 return -EINVAL; 1971 1972 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 1973 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 1974 return -EOPNOTSUPP; 1975 1976 memset(¶ms, 0, sizeof(params)); 1977 1978 switch (info->genlhdr->cmd) { 1979 case NL80211_CMD_NEW_BEACON: 1980 /* these are required for NEW_BEACON */ 1981 if (!info->attrs[NL80211_ATTR_BEACON_INTERVAL] || 1982 !info->attrs[NL80211_ATTR_DTIM_PERIOD] || 1983 !info->attrs[NL80211_ATTR_BEACON_HEAD]) 1984 return -EINVAL; 1985 1986 params.interval = 1987 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]); 1988 params.dtim_period = 1989 nla_get_u32(info->attrs[NL80211_ATTR_DTIM_PERIOD]); 1990 1991 err = cfg80211_validate_beacon_int(rdev, params.interval); 1992 if (err) 1993 return err; 1994 1995 call = rdev->ops->add_beacon; 1996 break; 1997 case NL80211_CMD_SET_BEACON: 1998 call = rdev->ops->set_beacon; 1999 break; 2000 default: 2001 WARN_ON(1); 2002 return -EOPNOTSUPP; 2003 } 2004 2005 if (!call) 2006 return -EOPNOTSUPP; 2007 2008 if (info->attrs[NL80211_ATTR_BEACON_HEAD]) { 2009 params.head = nla_data(info->attrs[NL80211_ATTR_BEACON_HEAD]); 2010 params.head_len = 2011 nla_len(info->attrs[NL80211_ATTR_BEACON_HEAD]); 2012 haveinfo = 1; 2013 } 2014 2015 if (info->attrs[NL80211_ATTR_BEACON_TAIL]) { 2016 params.tail = nla_data(info->attrs[NL80211_ATTR_BEACON_TAIL]); 2017 params.tail_len = 2018 nla_len(info->attrs[NL80211_ATTR_BEACON_TAIL]); 2019 haveinfo = 1; 2020 } 2021 2022 if (!haveinfo) 2023 return -EINVAL; 2024 2025 err = call(&rdev->wiphy, dev, ¶ms); 2026 if (!err && params.interval) 2027 wdev->beacon_interval = params.interval; 2028 return err; 2029 } 2030 2031 static int nl80211_del_beacon(struct sk_buff *skb, struct genl_info *info) 2032 { 2033 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2034 struct net_device *dev = info->user_ptr[1]; 2035 struct wireless_dev *wdev = dev->ieee80211_ptr; 2036 int err; 2037 2038 if (!rdev->ops->del_beacon) 2039 return -EOPNOTSUPP; 2040 2041 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2042 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 2043 return -EOPNOTSUPP; 2044 2045 err = rdev->ops->del_beacon(&rdev->wiphy, dev); 2046 if (!err) 2047 wdev->beacon_interval = 0; 2048 return err; 2049 } 2050 2051 static const struct nla_policy sta_flags_policy[NL80211_STA_FLAG_MAX + 1] = { 2052 [NL80211_STA_FLAG_AUTHORIZED] = { .type = NLA_FLAG }, 2053 [NL80211_STA_FLAG_SHORT_PREAMBLE] = { .type = NLA_FLAG }, 2054 [NL80211_STA_FLAG_WME] = { .type = NLA_FLAG }, 2055 [NL80211_STA_FLAG_MFP] = { .type = NLA_FLAG }, 2056 [NL80211_STA_FLAG_AUTHENTICATED] = { .type = NLA_FLAG }, 2057 }; 2058 2059 static int parse_station_flags(struct genl_info *info, 2060 struct station_parameters *params) 2061 { 2062 struct nlattr *flags[NL80211_STA_FLAG_MAX + 1]; 2063 struct nlattr *nla; 2064 int flag; 2065 2066 /* 2067 * Try parsing the new attribute first so userspace 2068 * can specify both for older kernels. 2069 */ 2070 nla = info->attrs[NL80211_ATTR_STA_FLAGS2]; 2071 if (nla) { 2072 struct nl80211_sta_flag_update *sta_flags; 2073 2074 sta_flags = nla_data(nla); 2075 params->sta_flags_mask = sta_flags->mask; 2076 params->sta_flags_set = sta_flags->set; 2077 if ((params->sta_flags_mask | 2078 params->sta_flags_set) & BIT(__NL80211_STA_FLAG_INVALID)) 2079 return -EINVAL; 2080 return 0; 2081 } 2082 2083 /* if present, parse the old attribute */ 2084 2085 nla = info->attrs[NL80211_ATTR_STA_FLAGS]; 2086 if (!nla) 2087 return 0; 2088 2089 if (nla_parse_nested(flags, NL80211_STA_FLAG_MAX, 2090 nla, sta_flags_policy)) 2091 return -EINVAL; 2092 2093 params->sta_flags_mask = (1 << __NL80211_STA_FLAG_AFTER_LAST) - 1; 2094 params->sta_flags_mask &= ~1; 2095 2096 for (flag = 1; flag <= NL80211_STA_FLAG_MAX; flag++) 2097 if (flags[flag]) 2098 params->sta_flags_set |= (1<<flag); 2099 2100 return 0; 2101 } 2102 2103 static bool nl80211_put_sta_rate(struct sk_buff *msg, struct rate_info *info, 2104 int attr) 2105 { 2106 struct nlattr *rate; 2107 u16 bitrate; 2108 2109 rate = nla_nest_start(msg, attr); 2110 if (!rate) 2111 goto nla_put_failure; 2112 2113 /* cfg80211_calculate_bitrate will return 0 for mcs >= 32 */ 2114 bitrate = cfg80211_calculate_bitrate(info); 2115 if (bitrate > 0) 2116 NLA_PUT_U16(msg, NL80211_RATE_INFO_BITRATE, bitrate); 2117 2118 if (info->flags & RATE_INFO_FLAGS_MCS) 2119 NLA_PUT_U8(msg, NL80211_RATE_INFO_MCS, info->mcs); 2120 if (info->flags & RATE_INFO_FLAGS_40_MHZ_WIDTH) 2121 NLA_PUT_FLAG(msg, NL80211_RATE_INFO_40_MHZ_WIDTH); 2122 if (info->flags & RATE_INFO_FLAGS_SHORT_GI) 2123 NLA_PUT_FLAG(msg, NL80211_RATE_INFO_SHORT_GI); 2124 2125 nla_nest_end(msg, rate); 2126 return true; 2127 2128 nla_put_failure: 2129 return false; 2130 } 2131 2132 static int nl80211_send_station(struct sk_buff *msg, u32 pid, u32 seq, 2133 int flags, struct net_device *dev, 2134 const u8 *mac_addr, struct station_info *sinfo) 2135 { 2136 void *hdr; 2137 struct nlattr *sinfoattr, *bss_param; 2138 2139 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION); 2140 if (!hdr) 2141 return -1; 2142 2143 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 2144 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr); 2145 2146 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, sinfo->generation); 2147 2148 sinfoattr = nla_nest_start(msg, NL80211_ATTR_STA_INFO); 2149 if (!sinfoattr) 2150 goto nla_put_failure; 2151 if (sinfo->filled & STATION_INFO_CONNECTED_TIME) 2152 NLA_PUT_U32(msg, NL80211_STA_INFO_CONNECTED_TIME, 2153 sinfo->connected_time); 2154 if (sinfo->filled & STATION_INFO_INACTIVE_TIME) 2155 NLA_PUT_U32(msg, NL80211_STA_INFO_INACTIVE_TIME, 2156 sinfo->inactive_time); 2157 if (sinfo->filled & STATION_INFO_RX_BYTES) 2158 NLA_PUT_U32(msg, NL80211_STA_INFO_RX_BYTES, 2159 sinfo->rx_bytes); 2160 if (sinfo->filled & STATION_INFO_TX_BYTES) 2161 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_BYTES, 2162 sinfo->tx_bytes); 2163 if (sinfo->filled & STATION_INFO_LLID) 2164 NLA_PUT_U16(msg, NL80211_STA_INFO_LLID, 2165 sinfo->llid); 2166 if (sinfo->filled & STATION_INFO_PLID) 2167 NLA_PUT_U16(msg, NL80211_STA_INFO_PLID, 2168 sinfo->plid); 2169 if (sinfo->filled & STATION_INFO_PLINK_STATE) 2170 NLA_PUT_U8(msg, NL80211_STA_INFO_PLINK_STATE, 2171 sinfo->plink_state); 2172 if (sinfo->filled & STATION_INFO_SIGNAL) 2173 NLA_PUT_U8(msg, NL80211_STA_INFO_SIGNAL, 2174 sinfo->signal); 2175 if (sinfo->filled & STATION_INFO_SIGNAL_AVG) 2176 NLA_PUT_U8(msg, NL80211_STA_INFO_SIGNAL_AVG, 2177 sinfo->signal_avg); 2178 if (sinfo->filled & STATION_INFO_TX_BITRATE) { 2179 if (!nl80211_put_sta_rate(msg, &sinfo->txrate, 2180 NL80211_STA_INFO_TX_BITRATE)) 2181 goto nla_put_failure; 2182 } 2183 if (sinfo->filled & STATION_INFO_RX_BITRATE) { 2184 if (!nl80211_put_sta_rate(msg, &sinfo->rxrate, 2185 NL80211_STA_INFO_RX_BITRATE)) 2186 goto nla_put_failure; 2187 } 2188 if (sinfo->filled & STATION_INFO_RX_PACKETS) 2189 NLA_PUT_U32(msg, NL80211_STA_INFO_RX_PACKETS, 2190 sinfo->rx_packets); 2191 if (sinfo->filled & STATION_INFO_TX_PACKETS) 2192 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_PACKETS, 2193 sinfo->tx_packets); 2194 if (sinfo->filled & STATION_INFO_TX_RETRIES) 2195 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_RETRIES, 2196 sinfo->tx_retries); 2197 if (sinfo->filled & STATION_INFO_TX_FAILED) 2198 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_FAILED, 2199 sinfo->tx_failed); 2200 if (sinfo->filled & STATION_INFO_BSS_PARAM) { 2201 bss_param = nla_nest_start(msg, NL80211_STA_INFO_BSS_PARAM); 2202 if (!bss_param) 2203 goto nla_put_failure; 2204 2205 if (sinfo->bss_param.flags & BSS_PARAM_FLAGS_CTS_PROT) 2206 NLA_PUT_FLAG(msg, NL80211_STA_BSS_PARAM_CTS_PROT); 2207 if (sinfo->bss_param.flags & BSS_PARAM_FLAGS_SHORT_PREAMBLE) 2208 NLA_PUT_FLAG(msg, NL80211_STA_BSS_PARAM_SHORT_PREAMBLE); 2209 if (sinfo->bss_param.flags & BSS_PARAM_FLAGS_SHORT_SLOT_TIME) 2210 NLA_PUT_FLAG(msg, 2211 NL80211_STA_BSS_PARAM_SHORT_SLOT_TIME); 2212 NLA_PUT_U8(msg, NL80211_STA_BSS_PARAM_DTIM_PERIOD, 2213 sinfo->bss_param.dtim_period); 2214 NLA_PUT_U16(msg, NL80211_STA_BSS_PARAM_BEACON_INTERVAL, 2215 sinfo->bss_param.beacon_interval); 2216 2217 nla_nest_end(msg, bss_param); 2218 } 2219 nla_nest_end(msg, sinfoattr); 2220 2221 return genlmsg_end(msg, hdr); 2222 2223 nla_put_failure: 2224 genlmsg_cancel(msg, hdr); 2225 return -EMSGSIZE; 2226 } 2227 2228 static int nl80211_dump_station(struct sk_buff *skb, 2229 struct netlink_callback *cb) 2230 { 2231 struct station_info sinfo; 2232 struct cfg80211_registered_device *dev; 2233 struct net_device *netdev; 2234 u8 mac_addr[ETH_ALEN]; 2235 int sta_idx = cb->args[1]; 2236 int err; 2237 2238 err = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev); 2239 if (err) 2240 return err; 2241 2242 if (!dev->ops->dump_station) { 2243 err = -EOPNOTSUPP; 2244 goto out_err; 2245 } 2246 2247 while (1) { 2248 err = dev->ops->dump_station(&dev->wiphy, netdev, sta_idx, 2249 mac_addr, &sinfo); 2250 if (err == -ENOENT) 2251 break; 2252 if (err) 2253 goto out_err; 2254 2255 if (nl80211_send_station(skb, 2256 NETLINK_CB(cb->skb).pid, 2257 cb->nlh->nlmsg_seq, NLM_F_MULTI, 2258 netdev, mac_addr, 2259 &sinfo) < 0) 2260 goto out; 2261 2262 sta_idx++; 2263 } 2264 2265 2266 out: 2267 cb->args[1] = sta_idx; 2268 err = skb->len; 2269 out_err: 2270 nl80211_finish_netdev_dump(dev); 2271 2272 return err; 2273 } 2274 2275 static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info) 2276 { 2277 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2278 struct net_device *dev = info->user_ptr[1]; 2279 struct station_info sinfo; 2280 struct sk_buff *msg; 2281 u8 *mac_addr = NULL; 2282 int err; 2283 2284 memset(&sinfo, 0, sizeof(sinfo)); 2285 2286 if (!info->attrs[NL80211_ATTR_MAC]) 2287 return -EINVAL; 2288 2289 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2290 2291 if (!rdev->ops->get_station) 2292 return -EOPNOTSUPP; 2293 2294 err = rdev->ops->get_station(&rdev->wiphy, dev, mac_addr, &sinfo); 2295 if (err) 2296 return err; 2297 2298 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 2299 if (!msg) 2300 return -ENOMEM; 2301 2302 if (nl80211_send_station(msg, info->snd_pid, info->snd_seq, 0, 2303 dev, mac_addr, &sinfo) < 0) { 2304 nlmsg_free(msg); 2305 return -ENOBUFS; 2306 } 2307 2308 return genlmsg_reply(msg, info); 2309 } 2310 2311 /* 2312 * Get vlan interface making sure it is running and on the right wiphy. 2313 */ 2314 static int get_vlan(struct genl_info *info, 2315 struct cfg80211_registered_device *rdev, 2316 struct net_device **vlan) 2317 { 2318 struct nlattr *vlanattr = info->attrs[NL80211_ATTR_STA_VLAN]; 2319 *vlan = NULL; 2320 2321 if (vlanattr) { 2322 *vlan = dev_get_by_index(genl_info_net(info), 2323 nla_get_u32(vlanattr)); 2324 if (!*vlan) 2325 return -ENODEV; 2326 if (!(*vlan)->ieee80211_ptr) 2327 return -EINVAL; 2328 if ((*vlan)->ieee80211_ptr->wiphy != &rdev->wiphy) 2329 return -EINVAL; 2330 if (!netif_running(*vlan)) 2331 return -ENETDOWN; 2332 } 2333 return 0; 2334 } 2335 2336 static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info) 2337 { 2338 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2339 int err; 2340 struct net_device *dev = info->user_ptr[1]; 2341 struct station_parameters params; 2342 u8 *mac_addr = NULL; 2343 2344 memset(¶ms, 0, sizeof(params)); 2345 2346 params.listen_interval = -1; 2347 params.plink_state = -1; 2348 2349 if (info->attrs[NL80211_ATTR_STA_AID]) 2350 return -EINVAL; 2351 2352 if (!info->attrs[NL80211_ATTR_MAC]) 2353 return -EINVAL; 2354 2355 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2356 2357 if (info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) { 2358 params.supported_rates = 2359 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2360 params.supported_rates_len = 2361 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2362 } 2363 2364 if (info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]) 2365 params.listen_interval = 2366 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]); 2367 2368 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) 2369 params.ht_capa = 2370 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]); 2371 2372 if (parse_station_flags(info, ¶ms)) 2373 return -EINVAL; 2374 2375 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION]) 2376 params.plink_action = 2377 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]); 2378 2379 if (info->attrs[NL80211_ATTR_STA_PLINK_STATE]) 2380 params.plink_state = 2381 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_STATE]); 2382 2383 err = get_vlan(info, rdev, ¶ms.vlan); 2384 if (err) 2385 goto out; 2386 2387 /* validate settings */ 2388 err = 0; 2389 2390 switch (dev->ieee80211_ptr->iftype) { 2391 case NL80211_IFTYPE_AP: 2392 case NL80211_IFTYPE_AP_VLAN: 2393 case NL80211_IFTYPE_P2P_GO: 2394 /* disallow mesh-specific things */ 2395 if (params.plink_action) 2396 err = -EINVAL; 2397 break; 2398 case NL80211_IFTYPE_P2P_CLIENT: 2399 case NL80211_IFTYPE_STATION: 2400 /* disallow everything but AUTHORIZED flag */ 2401 if (params.plink_action) 2402 err = -EINVAL; 2403 if (params.vlan) 2404 err = -EINVAL; 2405 if (params.supported_rates) 2406 err = -EINVAL; 2407 if (params.ht_capa) 2408 err = -EINVAL; 2409 if (params.listen_interval >= 0) 2410 err = -EINVAL; 2411 if (params.sta_flags_mask & ~BIT(NL80211_STA_FLAG_AUTHORIZED)) 2412 err = -EINVAL; 2413 break; 2414 case NL80211_IFTYPE_MESH_POINT: 2415 /* disallow things mesh doesn't support */ 2416 if (params.vlan) 2417 err = -EINVAL; 2418 if (params.ht_capa) 2419 err = -EINVAL; 2420 if (params.listen_interval >= 0) 2421 err = -EINVAL; 2422 if (params.sta_flags_mask & 2423 ~(BIT(NL80211_STA_FLAG_AUTHENTICATED) | 2424 BIT(NL80211_STA_FLAG_MFP) | 2425 BIT(NL80211_STA_FLAG_AUTHORIZED))) 2426 err = -EINVAL; 2427 break; 2428 default: 2429 err = -EINVAL; 2430 } 2431 2432 if (err) 2433 goto out; 2434 2435 if (!rdev->ops->change_station) { 2436 err = -EOPNOTSUPP; 2437 goto out; 2438 } 2439 2440 err = rdev->ops->change_station(&rdev->wiphy, dev, mac_addr, ¶ms); 2441 2442 out: 2443 if (params.vlan) 2444 dev_put(params.vlan); 2445 2446 return err; 2447 } 2448 2449 static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info) 2450 { 2451 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2452 int err; 2453 struct net_device *dev = info->user_ptr[1]; 2454 struct station_parameters params; 2455 u8 *mac_addr = NULL; 2456 2457 memset(¶ms, 0, sizeof(params)); 2458 2459 if (!info->attrs[NL80211_ATTR_MAC]) 2460 return -EINVAL; 2461 2462 if (!info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]) 2463 return -EINVAL; 2464 2465 if (!info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) 2466 return -EINVAL; 2467 2468 if (!info->attrs[NL80211_ATTR_STA_AID]) 2469 return -EINVAL; 2470 2471 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2472 params.supported_rates = 2473 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2474 params.supported_rates_len = 2475 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2476 params.listen_interval = 2477 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]); 2478 2479 params.aid = nla_get_u16(info->attrs[NL80211_ATTR_STA_AID]); 2480 if (!params.aid || params.aid > IEEE80211_MAX_AID) 2481 return -EINVAL; 2482 2483 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) 2484 params.ht_capa = 2485 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]); 2486 2487 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION]) 2488 params.plink_action = 2489 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]); 2490 2491 if (parse_station_flags(info, ¶ms)) 2492 return -EINVAL; 2493 2494 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2495 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 2496 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT && 2497 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 2498 return -EINVAL; 2499 2500 err = get_vlan(info, rdev, ¶ms.vlan); 2501 if (err) 2502 goto out; 2503 2504 /* validate settings */ 2505 err = 0; 2506 2507 if (!rdev->ops->add_station) { 2508 err = -EOPNOTSUPP; 2509 goto out; 2510 } 2511 2512 err = rdev->ops->add_station(&rdev->wiphy, dev, mac_addr, ¶ms); 2513 2514 out: 2515 if (params.vlan) 2516 dev_put(params.vlan); 2517 return err; 2518 } 2519 2520 static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info) 2521 { 2522 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2523 struct net_device *dev = info->user_ptr[1]; 2524 u8 *mac_addr = NULL; 2525 2526 if (info->attrs[NL80211_ATTR_MAC]) 2527 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2528 2529 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2530 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 2531 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT && 2532 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 2533 return -EINVAL; 2534 2535 if (!rdev->ops->del_station) 2536 return -EOPNOTSUPP; 2537 2538 return rdev->ops->del_station(&rdev->wiphy, dev, mac_addr); 2539 } 2540 2541 static int nl80211_send_mpath(struct sk_buff *msg, u32 pid, u32 seq, 2542 int flags, struct net_device *dev, 2543 u8 *dst, u8 *next_hop, 2544 struct mpath_info *pinfo) 2545 { 2546 void *hdr; 2547 struct nlattr *pinfoattr; 2548 2549 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION); 2550 if (!hdr) 2551 return -1; 2552 2553 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 2554 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, dst); 2555 NLA_PUT(msg, NL80211_ATTR_MPATH_NEXT_HOP, ETH_ALEN, next_hop); 2556 2557 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, pinfo->generation); 2558 2559 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MPATH_INFO); 2560 if (!pinfoattr) 2561 goto nla_put_failure; 2562 if (pinfo->filled & MPATH_INFO_FRAME_QLEN) 2563 NLA_PUT_U32(msg, NL80211_MPATH_INFO_FRAME_QLEN, 2564 pinfo->frame_qlen); 2565 if (pinfo->filled & MPATH_INFO_SN) 2566 NLA_PUT_U32(msg, NL80211_MPATH_INFO_SN, 2567 pinfo->sn); 2568 if (pinfo->filled & MPATH_INFO_METRIC) 2569 NLA_PUT_U32(msg, NL80211_MPATH_INFO_METRIC, 2570 pinfo->metric); 2571 if (pinfo->filled & MPATH_INFO_EXPTIME) 2572 NLA_PUT_U32(msg, NL80211_MPATH_INFO_EXPTIME, 2573 pinfo->exptime); 2574 if (pinfo->filled & MPATH_INFO_FLAGS) 2575 NLA_PUT_U8(msg, NL80211_MPATH_INFO_FLAGS, 2576 pinfo->flags); 2577 if (pinfo->filled & MPATH_INFO_DISCOVERY_TIMEOUT) 2578 NLA_PUT_U32(msg, NL80211_MPATH_INFO_DISCOVERY_TIMEOUT, 2579 pinfo->discovery_timeout); 2580 if (pinfo->filled & MPATH_INFO_DISCOVERY_RETRIES) 2581 NLA_PUT_U8(msg, NL80211_MPATH_INFO_DISCOVERY_RETRIES, 2582 pinfo->discovery_retries); 2583 2584 nla_nest_end(msg, pinfoattr); 2585 2586 return genlmsg_end(msg, hdr); 2587 2588 nla_put_failure: 2589 genlmsg_cancel(msg, hdr); 2590 return -EMSGSIZE; 2591 } 2592 2593 static int nl80211_dump_mpath(struct sk_buff *skb, 2594 struct netlink_callback *cb) 2595 { 2596 struct mpath_info pinfo; 2597 struct cfg80211_registered_device *dev; 2598 struct net_device *netdev; 2599 u8 dst[ETH_ALEN]; 2600 u8 next_hop[ETH_ALEN]; 2601 int path_idx = cb->args[1]; 2602 int err; 2603 2604 err = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev); 2605 if (err) 2606 return err; 2607 2608 if (!dev->ops->dump_mpath) { 2609 err = -EOPNOTSUPP; 2610 goto out_err; 2611 } 2612 2613 if (netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) { 2614 err = -EOPNOTSUPP; 2615 goto out_err; 2616 } 2617 2618 while (1) { 2619 err = dev->ops->dump_mpath(&dev->wiphy, netdev, path_idx, 2620 dst, next_hop, &pinfo); 2621 if (err == -ENOENT) 2622 break; 2623 if (err) 2624 goto out_err; 2625 2626 if (nl80211_send_mpath(skb, NETLINK_CB(cb->skb).pid, 2627 cb->nlh->nlmsg_seq, NLM_F_MULTI, 2628 netdev, dst, next_hop, 2629 &pinfo) < 0) 2630 goto out; 2631 2632 path_idx++; 2633 } 2634 2635 2636 out: 2637 cb->args[1] = path_idx; 2638 err = skb->len; 2639 out_err: 2640 nl80211_finish_netdev_dump(dev); 2641 return err; 2642 } 2643 2644 static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info) 2645 { 2646 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2647 int err; 2648 struct net_device *dev = info->user_ptr[1]; 2649 struct mpath_info pinfo; 2650 struct sk_buff *msg; 2651 u8 *dst = NULL; 2652 u8 next_hop[ETH_ALEN]; 2653 2654 memset(&pinfo, 0, sizeof(pinfo)); 2655 2656 if (!info->attrs[NL80211_ATTR_MAC]) 2657 return -EINVAL; 2658 2659 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 2660 2661 if (!rdev->ops->get_mpath) 2662 return -EOPNOTSUPP; 2663 2664 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) 2665 return -EOPNOTSUPP; 2666 2667 err = rdev->ops->get_mpath(&rdev->wiphy, dev, dst, next_hop, &pinfo); 2668 if (err) 2669 return err; 2670 2671 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 2672 if (!msg) 2673 return -ENOMEM; 2674 2675 if (nl80211_send_mpath(msg, info->snd_pid, info->snd_seq, 0, 2676 dev, dst, next_hop, &pinfo) < 0) { 2677 nlmsg_free(msg); 2678 return -ENOBUFS; 2679 } 2680 2681 return genlmsg_reply(msg, info); 2682 } 2683 2684 static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info) 2685 { 2686 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2687 struct net_device *dev = info->user_ptr[1]; 2688 u8 *dst = NULL; 2689 u8 *next_hop = NULL; 2690 2691 if (!info->attrs[NL80211_ATTR_MAC]) 2692 return -EINVAL; 2693 2694 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]) 2695 return -EINVAL; 2696 2697 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 2698 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]); 2699 2700 if (!rdev->ops->change_mpath) 2701 return -EOPNOTSUPP; 2702 2703 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) 2704 return -EOPNOTSUPP; 2705 2706 return rdev->ops->change_mpath(&rdev->wiphy, dev, dst, next_hop); 2707 } 2708 2709 static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info) 2710 { 2711 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2712 struct net_device *dev = info->user_ptr[1]; 2713 u8 *dst = NULL; 2714 u8 *next_hop = NULL; 2715 2716 if (!info->attrs[NL80211_ATTR_MAC]) 2717 return -EINVAL; 2718 2719 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]) 2720 return -EINVAL; 2721 2722 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 2723 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]); 2724 2725 if (!rdev->ops->add_mpath) 2726 return -EOPNOTSUPP; 2727 2728 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) 2729 return -EOPNOTSUPP; 2730 2731 return rdev->ops->add_mpath(&rdev->wiphy, dev, dst, next_hop); 2732 } 2733 2734 static int nl80211_del_mpath(struct sk_buff *skb, struct genl_info *info) 2735 { 2736 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2737 struct net_device *dev = info->user_ptr[1]; 2738 u8 *dst = NULL; 2739 2740 if (info->attrs[NL80211_ATTR_MAC]) 2741 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 2742 2743 if (!rdev->ops->del_mpath) 2744 return -EOPNOTSUPP; 2745 2746 return rdev->ops->del_mpath(&rdev->wiphy, dev, dst); 2747 } 2748 2749 static int nl80211_set_bss(struct sk_buff *skb, struct genl_info *info) 2750 { 2751 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2752 struct net_device *dev = info->user_ptr[1]; 2753 struct bss_parameters params; 2754 2755 memset(¶ms, 0, sizeof(params)); 2756 /* default to not changing parameters */ 2757 params.use_cts_prot = -1; 2758 params.use_short_preamble = -1; 2759 params.use_short_slot_time = -1; 2760 params.ap_isolate = -1; 2761 params.ht_opmode = -1; 2762 2763 if (info->attrs[NL80211_ATTR_BSS_CTS_PROT]) 2764 params.use_cts_prot = 2765 nla_get_u8(info->attrs[NL80211_ATTR_BSS_CTS_PROT]); 2766 if (info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]) 2767 params.use_short_preamble = 2768 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]); 2769 if (info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]) 2770 params.use_short_slot_time = 2771 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]); 2772 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) { 2773 params.basic_rates = 2774 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 2775 params.basic_rates_len = 2776 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 2777 } 2778 if (info->attrs[NL80211_ATTR_AP_ISOLATE]) 2779 params.ap_isolate = !!nla_get_u8(info->attrs[NL80211_ATTR_AP_ISOLATE]); 2780 if (info->attrs[NL80211_ATTR_BSS_HT_OPMODE]) 2781 params.ht_opmode = 2782 nla_get_u16(info->attrs[NL80211_ATTR_BSS_HT_OPMODE]); 2783 2784 if (!rdev->ops->change_bss) 2785 return -EOPNOTSUPP; 2786 2787 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2788 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 2789 return -EOPNOTSUPP; 2790 2791 return rdev->ops->change_bss(&rdev->wiphy, dev, ¶ms); 2792 } 2793 2794 static const struct nla_policy reg_rule_policy[NL80211_REG_RULE_ATTR_MAX + 1] = { 2795 [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 }, 2796 [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 }, 2797 [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 }, 2798 [NL80211_ATTR_FREQ_RANGE_MAX_BW] = { .type = NLA_U32 }, 2799 [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 }, 2800 [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 }, 2801 }; 2802 2803 static int parse_reg_rule(struct nlattr *tb[], 2804 struct ieee80211_reg_rule *reg_rule) 2805 { 2806 struct ieee80211_freq_range *freq_range = ®_rule->freq_range; 2807 struct ieee80211_power_rule *power_rule = ®_rule->power_rule; 2808 2809 if (!tb[NL80211_ATTR_REG_RULE_FLAGS]) 2810 return -EINVAL; 2811 if (!tb[NL80211_ATTR_FREQ_RANGE_START]) 2812 return -EINVAL; 2813 if (!tb[NL80211_ATTR_FREQ_RANGE_END]) 2814 return -EINVAL; 2815 if (!tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) 2816 return -EINVAL; 2817 if (!tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]) 2818 return -EINVAL; 2819 2820 reg_rule->flags = nla_get_u32(tb[NL80211_ATTR_REG_RULE_FLAGS]); 2821 2822 freq_range->start_freq_khz = 2823 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]); 2824 freq_range->end_freq_khz = 2825 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]); 2826 freq_range->max_bandwidth_khz = 2827 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]); 2828 2829 power_rule->max_eirp = 2830 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]); 2831 2832 if (tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]) 2833 power_rule->max_antenna_gain = 2834 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]); 2835 2836 return 0; 2837 } 2838 2839 static int nl80211_req_set_reg(struct sk_buff *skb, struct genl_info *info) 2840 { 2841 int r; 2842 char *data = NULL; 2843 2844 /* 2845 * You should only get this when cfg80211 hasn't yet initialized 2846 * completely when built-in to the kernel right between the time 2847 * window between nl80211_init() and regulatory_init(), if that is 2848 * even possible. 2849 */ 2850 mutex_lock(&cfg80211_mutex); 2851 if (unlikely(!cfg80211_regdomain)) { 2852 mutex_unlock(&cfg80211_mutex); 2853 return -EINPROGRESS; 2854 } 2855 mutex_unlock(&cfg80211_mutex); 2856 2857 if (!info->attrs[NL80211_ATTR_REG_ALPHA2]) 2858 return -EINVAL; 2859 2860 data = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]); 2861 2862 r = regulatory_hint_user(data); 2863 2864 return r; 2865 } 2866 2867 static int nl80211_get_mesh_config(struct sk_buff *skb, 2868 struct genl_info *info) 2869 { 2870 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2871 struct net_device *dev = info->user_ptr[1]; 2872 struct wireless_dev *wdev = dev->ieee80211_ptr; 2873 struct mesh_config cur_params; 2874 int err = 0; 2875 void *hdr; 2876 struct nlattr *pinfoattr; 2877 struct sk_buff *msg; 2878 2879 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT) 2880 return -EOPNOTSUPP; 2881 2882 if (!rdev->ops->get_mesh_config) 2883 return -EOPNOTSUPP; 2884 2885 wdev_lock(wdev); 2886 /* If not connected, get default parameters */ 2887 if (!wdev->mesh_id_len) 2888 memcpy(&cur_params, &default_mesh_config, sizeof(cur_params)); 2889 else 2890 err = rdev->ops->get_mesh_config(&rdev->wiphy, dev, 2891 &cur_params); 2892 wdev_unlock(wdev); 2893 2894 if (err) 2895 return err; 2896 2897 /* Draw up a netlink message to send back */ 2898 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 2899 if (!msg) 2900 return -ENOMEM; 2901 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 2902 NL80211_CMD_GET_MESH_CONFIG); 2903 if (!hdr) 2904 goto out; 2905 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MESH_CONFIG); 2906 if (!pinfoattr) 2907 goto nla_put_failure; 2908 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 2909 NLA_PUT_U16(msg, NL80211_MESHCONF_RETRY_TIMEOUT, 2910 cur_params.dot11MeshRetryTimeout); 2911 NLA_PUT_U16(msg, NL80211_MESHCONF_CONFIRM_TIMEOUT, 2912 cur_params.dot11MeshConfirmTimeout); 2913 NLA_PUT_U16(msg, NL80211_MESHCONF_HOLDING_TIMEOUT, 2914 cur_params.dot11MeshHoldingTimeout); 2915 NLA_PUT_U16(msg, NL80211_MESHCONF_MAX_PEER_LINKS, 2916 cur_params.dot11MeshMaxPeerLinks); 2917 NLA_PUT_U8(msg, NL80211_MESHCONF_MAX_RETRIES, 2918 cur_params.dot11MeshMaxRetries); 2919 NLA_PUT_U8(msg, NL80211_MESHCONF_TTL, 2920 cur_params.dot11MeshTTL); 2921 NLA_PUT_U8(msg, NL80211_MESHCONF_ELEMENT_TTL, 2922 cur_params.element_ttl); 2923 NLA_PUT_U8(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS, 2924 cur_params.auto_open_plinks); 2925 NLA_PUT_U8(msg, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES, 2926 cur_params.dot11MeshHWMPmaxPREQretries); 2927 NLA_PUT_U32(msg, NL80211_MESHCONF_PATH_REFRESH_TIME, 2928 cur_params.path_refresh_time); 2929 NLA_PUT_U16(msg, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT, 2930 cur_params.min_discovery_timeout); 2931 NLA_PUT_U32(msg, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT, 2932 cur_params.dot11MeshHWMPactivePathTimeout); 2933 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL, 2934 cur_params.dot11MeshHWMPpreqMinInterval); 2935 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME, 2936 cur_params.dot11MeshHWMPnetDiameterTraversalTime); 2937 NLA_PUT_U8(msg, NL80211_MESHCONF_HWMP_ROOTMODE, 2938 cur_params.dot11MeshHWMPRootMode); 2939 nla_nest_end(msg, pinfoattr); 2940 genlmsg_end(msg, hdr); 2941 return genlmsg_reply(msg, info); 2942 2943 nla_put_failure: 2944 genlmsg_cancel(msg, hdr); 2945 out: 2946 nlmsg_free(msg); 2947 return -ENOBUFS; 2948 } 2949 2950 static const struct nla_policy nl80211_meshconf_params_policy[NL80211_MESHCONF_ATTR_MAX+1] = { 2951 [NL80211_MESHCONF_RETRY_TIMEOUT] = { .type = NLA_U16 }, 2952 [NL80211_MESHCONF_CONFIRM_TIMEOUT] = { .type = NLA_U16 }, 2953 [NL80211_MESHCONF_HOLDING_TIMEOUT] = { .type = NLA_U16 }, 2954 [NL80211_MESHCONF_MAX_PEER_LINKS] = { .type = NLA_U16 }, 2955 [NL80211_MESHCONF_MAX_RETRIES] = { .type = NLA_U8 }, 2956 [NL80211_MESHCONF_TTL] = { .type = NLA_U8 }, 2957 [NL80211_MESHCONF_ELEMENT_TTL] = { .type = NLA_U8 }, 2958 [NL80211_MESHCONF_AUTO_OPEN_PLINKS] = { .type = NLA_U8 }, 2959 2960 [NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES] = { .type = NLA_U8 }, 2961 [NL80211_MESHCONF_PATH_REFRESH_TIME] = { .type = NLA_U32 }, 2962 [NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT] = { .type = NLA_U16 }, 2963 [NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT] = { .type = NLA_U32 }, 2964 [NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL] = { .type = NLA_U16 }, 2965 [NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME] = { .type = NLA_U16 }, 2966 }; 2967 2968 static const struct nla_policy 2969 nl80211_mesh_setup_params_policy[NL80211_MESH_SETUP_ATTR_MAX+1] = { 2970 [NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL] = { .type = NLA_U8 }, 2971 [NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC] = { .type = NLA_U8 }, 2972 [NL80211_MESH_SETUP_USERSPACE_AUTH] = { .type = NLA_FLAG }, 2973 [NL80211_MESH_SETUP_IE] = { .type = NLA_BINARY, 2974 .len = IEEE80211_MAX_DATA_LEN }, 2975 [NL80211_MESH_SETUP_USERSPACE_AMPE] = { .type = NLA_FLAG }, 2976 }; 2977 2978 static int nl80211_parse_mesh_config(struct genl_info *info, 2979 struct mesh_config *cfg, 2980 u32 *mask_out) 2981 { 2982 struct nlattr *tb[NL80211_MESHCONF_ATTR_MAX + 1]; 2983 u32 mask = 0; 2984 2985 #define FILL_IN_MESH_PARAM_IF_SET(table, cfg, param, mask, attr_num, nla_fn) \ 2986 do {\ 2987 if (table[attr_num]) {\ 2988 cfg->param = nla_fn(table[attr_num]); \ 2989 mask |= (1 << (attr_num - 1)); \ 2990 } \ 2991 } while (0);\ 2992 2993 2994 if (!info->attrs[NL80211_ATTR_MESH_CONFIG]) 2995 return -EINVAL; 2996 if (nla_parse_nested(tb, NL80211_MESHCONF_ATTR_MAX, 2997 info->attrs[NL80211_ATTR_MESH_CONFIG], 2998 nl80211_meshconf_params_policy)) 2999 return -EINVAL; 3000 3001 /* This makes sure that there aren't more than 32 mesh config 3002 * parameters (otherwise our bitfield scheme would not work.) */ 3003 BUILD_BUG_ON(NL80211_MESHCONF_ATTR_MAX > 32); 3004 3005 /* Fill in the params struct */ 3006 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshRetryTimeout, 3007 mask, NL80211_MESHCONF_RETRY_TIMEOUT, nla_get_u16); 3008 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshConfirmTimeout, 3009 mask, NL80211_MESHCONF_CONFIRM_TIMEOUT, nla_get_u16); 3010 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHoldingTimeout, 3011 mask, NL80211_MESHCONF_HOLDING_TIMEOUT, nla_get_u16); 3012 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxPeerLinks, 3013 mask, NL80211_MESHCONF_MAX_PEER_LINKS, nla_get_u16); 3014 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxRetries, 3015 mask, NL80211_MESHCONF_MAX_RETRIES, nla_get_u8); 3016 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshTTL, 3017 mask, NL80211_MESHCONF_TTL, nla_get_u8); 3018 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, element_ttl, 3019 mask, NL80211_MESHCONF_ELEMENT_TTL, nla_get_u8); 3020 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, auto_open_plinks, 3021 mask, NL80211_MESHCONF_AUTO_OPEN_PLINKS, nla_get_u8); 3022 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPmaxPREQretries, 3023 mask, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES, 3024 nla_get_u8); 3025 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, path_refresh_time, 3026 mask, NL80211_MESHCONF_PATH_REFRESH_TIME, nla_get_u32); 3027 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, min_discovery_timeout, 3028 mask, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT, 3029 nla_get_u16); 3030 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPactivePathTimeout, 3031 mask, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT, 3032 nla_get_u32); 3033 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPpreqMinInterval, 3034 mask, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL, 3035 nla_get_u16); 3036 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 3037 dot11MeshHWMPnetDiameterTraversalTime, 3038 mask, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME, 3039 nla_get_u16); 3040 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 3041 dot11MeshHWMPRootMode, mask, 3042 NL80211_MESHCONF_HWMP_ROOTMODE, 3043 nla_get_u8); 3044 if (mask_out) 3045 *mask_out = mask; 3046 3047 return 0; 3048 3049 #undef FILL_IN_MESH_PARAM_IF_SET 3050 } 3051 3052 static int nl80211_parse_mesh_setup(struct genl_info *info, 3053 struct mesh_setup *setup) 3054 { 3055 struct nlattr *tb[NL80211_MESH_SETUP_ATTR_MAX + 1]; 3056 3057 if (!info->attrs[NL80211_ATTR_MESH_SETUP]) 3058 return -EINVAL; 3059 if (nla_parse_nested(tb, NL80211_MESH_SETUP_ATTR_MAX, 3060 info->attrs[NL80211_ATTR_MESH_SETUP], 3061 nl80211_mesh_setup_params_policy)) 3062 return -EINVAL; 3063 3064 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL]) 3065 setup->path_sel_proto = 3066 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL])) ? 3067 IEEE80211_PATH_PROTOCOL_VENDOR : 3068 IEEE80211_PATH_PROTOCOL_HWMP; 3069 3070 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC]) 3071 setup->path_metric = 3072 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC])) ? 3073 IEEE80211_PATH_METRIC_VENDOR : 3074 IEEE80211_PATH_METRIC_AIRTIME; 3075 3076 3077 if (tb[NL80211_MESH_SETUP_IE]) { 3078 struct nlattr *ieattr = 3079 tb[NL80211_MESH_SETUP_IE]; 3080 if (!is_valid_ie_attr(ieattr)) 3081 return -EINVAL; 3082 setup->ie = nla_data(ieattr); 3083 setup->ie_len = nla_len(ieattr); 3084 } 3085 setup->is_authenticated = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_AUTH]); 3086 setup->is_secure = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_AMPE]); 3087 3088 return 0; 3089 } 3090 3091 static int nl80211_update_mesh_config(struct sk_buff *skb, 3092 struct genl_info *info) 3093 { 3094 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3095 struct net_device *dev = info->user_ptr[1]; 3096 struct wireless_dev *wdev = dev->ieee80211_ptr; 3097 struct mesh_config cfg; 3098 u32 mask; 3099 int err; 3100 3101 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT) 3102 return -EOPNOTSUPP; 3103 3104 if (!rdev->ops->update_mesh_config) 3105 return -EOPNOTSUPP; 3106 3107 err = nl80211_parse_mesh_config(info, &cfg, &mask); 3108 if (err) 3109 return err; 3110 3111 wdev_lock(wdev); 3112 if (!wdev->mesh_id_len) 3113 err = -ENOLINK; 3114 3115 if (!err) 3116 err = rdev->ops->update_mesh_config(&rdev->wiphy, dev, 3117 mask, &cfg); 3118 3119 wdev_unlock(wdev); 3120 3121 return err; 3122 } 3123 3124 static int nl80211_get_reg(struct sk_buff *skb, struct genl_info *info) 3125 { 3126 struct sk_buff *msg; 3127 void *hdr = NULL; 3128 struct nlattr *nl_reg_rules; 3129 unsigned int i; 3130 int err = -EINVAL; 3131 3132 mutex_lock(&cfg80211_mutex); 3133 3134 if (!cfg80211_regdomain) 3135 goto out; 3136 3137 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 3138 if (!msg) { 3139 err = -ENOBUFS; 3140 goto out; 3141 } 3142 3143 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 3144 NL80211_CMD_GET_REG); 3145 if (!hdr) 3146 goto put_failure; 3147 3148 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, 3149 cfg80211_regdomain->alpha2); 3150 3151 nl_reg_rules = nla_nest_start(msg, NL80211_ATTR_REG_RULES); 3152 if (!nl_reg_rules) 3153 goto nla_put_failure; 3154 3155 for (i = 0; i < cfg80211_regdomain->n_reg_rules; i++) { 3156 struct nlattr *nl_reg_rule; 3157 const struct ieee80211_reg_rule *reg_rule; 3158 const struct ieee80211_freq_range *freq_range; 3159 const struct ieee80211_power_rule *power_rule; 3160 3161 reg_rule = &cfg80211_regdomain->reg_rules[i]; 3162 freq_range = ®_rule->freq_range; 3163 power_rule = ®_rule->power_rule; 3164 3165 nl_reg_rule = nla_nest_start(msg, i); 3166 if (!nl_reg_rule) 3167 goto nla_put_failure; 3168 3169 NLA_PUT_U32(msg, NL80211_ATTR_REG_RULE_FLAGS, 3170 reg_rule->flags); 3171 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_START, 3172 freq_range->start_freq_khz); 3173 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_END, 3174 freq_range->end_freq_khz); 3175 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_MAX_BW, 3176 freq_range->max_bandwidth_khz); 3177 NLA_PUT_U32(msg, NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN, 3178 power_rule->max_antenna_gain); 3179 NLA_PUT_U32(msg, NL80211_ATTR_POWER_RULE_MAX_EIRP, 3180 power_rule->max_eirp); 3181 3182 nla_nest_end(msg, nl_reg_rule); 3183 } 3184 3185 nla_nest_end(msg, nl_reg_rules); 3186 3187 genlmsg_end(msg, hdr); 3188 err = genlmsg_reply(msg, info); 3189 goto out; 3190 3191 nla_put_failure: 3192 genlmsg_cancel(msg, hdr); 3193 put_failure: 3194 nlmsg_free(msg); 3195 err = -EMSGSIZE; 3196 out: 3197 mutex_unlock(&cfg80211_mutex); 3198 return err; 3199 } 3200 3201 static int nl80211_set_reg(struct sk_buff *skb, struct genl_info *info) 3202 { 3203 struct nlattr *tb[NL80211_REG_RULE_ATTR_MAX + 1]; 3204 struct nlattr *nl_reg_rule; 3205 char *alpha2 = NULL; 3206 int rem_reg_rules = 0, r = 0; 3207 u32 num_rules = 0, rule_idx = 0, size_of_regd; 3208 struct ieee80211_regdomain *rd = NULL; 3209 3210 if (!info->attrs[NL80211_ATTR_REG_ALPHA2]) 3211 return -EINVAL; 3212 3213 if (!info->attrs[NL80211_ATTR_REG_RULES]) 3214 return -EINVAL; 3215 3216 alpha2 = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]); 3217 3218 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES], 3219 rem_reg_rules) { 3220 num_rules++; 3221 if (num_rules > NL80211_MAX_SUPP_REG_RULES) 3222 return -EINVAL; 3223 } 3224 3225 mutex_lock(&cfg80211_mutex); 3226 3227 if (!reg_is_valid_request(alpha2)) { 3228 r = -EINVAL; 3229 goto bad_reg; 3230 } 3231 3232 size_of_regd = sizeof(struct ieee80211_regdomain) + 3233 (num_rules * sizeof(struct ieee80211_reg_rule)); 3234 3235 rd = kzalloc(size_of_regd, GFP_KERNEL); 3236 if (!rd) { 3237 r = -ENOMEM; 3238 goto bad_reg; 3239 } 3240 3241 rd->n_reg_rules = num_rules; 3242 rd->alpha2[0] = alpha2[0]; 3243 rd->alpha2[1] = alpha2[1]; 3244 3245 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES], 3246 rem_reg_rules) { 3247 nla_parse(tb, NL80211_REG_RULE_ATTR_MAX, 3248 nla_data(nl_reg_rule), nla_len(nl_reg_rule), 3249 reg_rule_policy); 3250 r = parse_reg_rule(tb, &rd->reg_rules[rule_idx]); 3251 if (r) 3252 goto bad_reg; 3253 3254 rule_idx++; 3255 3256 if (rule_idx > NL80211_MAX_SUPP_REG_RULES) { 3257 r = -EINVAL; 3258 goto bad_reg; 3259 } 3260 } 3261 3262 BUG_ON(rule_idx != num_rules); 3263 3264 r = set_regdom(rd); 3265 3266 mutex_unlock(&cfg80211_mutex); 3267 3268 return r; 3269 3270 bad_reg: 3271 mutex_unlock(&cfg80211_mutex); 3272 kfree(rd); 3273 return r; 3274 } 3275 3276 static int validate_scan_freqs(struct nlattr *freqs) 3277 { 3278 struct nlattr *attr1, *attr2; 3279 int n_channels = 0, tmp1, tmp2; 3280 3281 nla_for_each_nested(attr1, freqs, tmp1) { 3282 n_channels++; 3283 /* 3284 * Some hardware has a limited channel list for 3285 * scanning, and it is pretty much nonsensical 3286 * to scan for a channel twice, so disallow that 3287 * and don't require drivers to check that the 3288 * channel list they get isn't longer than what 3289 * they can scan, as long as they can scan all 3290 * the channels they registered at once. 3291 */ 3292 nla_for_each_nested(attr2, freqs, tmp2) 3293 if (attr1 != attr2 && 3294 nla_get_u32(attr1) == nla_get_u32(attr2)) 3295 return 0; 3296 } 3297 3298 return n_channels; 3299 } 3300 3301 static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info) 3302 { 3303 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3304 struct net_device *dev = info->user_ptr[1]; 3305 struct cfg80211_scan_request *request; 3306 struct nlattr *attr; 3307 struct wiphy *wiphy; 3308 int err, tmp, n_ssids = 0, n_channels, i; 3309 enum ieee80211_band band; 3310 size_t ie_len; 3311 3312 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3313 return -EINVAL; 3314 3315 wiphy = &rdev->wiphy; 3316 3317 if (!rdev->ops->scan) 3318 return -EOPNOTSUPP; 3319 3320 if (rdev->scan_req) 3321 return -EBUSY; 3322 3323 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 3324 n_channels = validate_scan_freqs( 3325 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]); 3326 if (!n_channels) 3327 return -EINVAL; 3328 } else { 3329 n_channels = 0; 3330 3331 for (band = 0; band < IEEE80211_NUM_BANDS; band++) 3332 if (wiphy->bands[band]) 3333 n_channels += wiphy->bands[band]->n_channels; 3334 } 3335 3336 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) 3337 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) 3338 n_ssids++; 3339 3340 if (n_ssids > wiphy->max_scan_ssids) 3341 return -EINVAL; 3342 3343 if (info->attrs[NL80211_ATTR_IE]) 3344 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3345 else 3346 ie_len = 0; 3347 3348 if (ie_len > wiphy->max_scan_ie_len) 3349 return -EINVAL; 3350 3351 request = kzalloc(sizeof(*request) 3352 + sizeof(*request->ssids) * n_ssids 3353 + sizeof(*request->channels) * n_channels 3354 + ie_len, GFP_KERNEL); 3355 if (!request) 3356 return -ENOMEM; 3357 3358 if (n_ssids) 3359 request->ssids = (void *)&request->channels[n_channels]; 3360 request->n_ssids = n_ssids; 3361 if (ie_len) { 3362 if (request->ssids) 3363 request->ie = (void *)(request->ssids + n_ssids); 3364 else 3365 request->ie = (void *)(request->channels + n_channels); 3366 } 3367 3368 i = 0; 3369 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 3370 /* user specified, bail out if channel not found */ 3371 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_FREQUENCIES], tmp) { 3372 struct ieee80211_channel *chan; 3373 3374 chan = ieee80211_get_channel(wiphy, nla_get_u32(attr)); 3375 3376 if (!chan) { 3377 err = -EINVAL; 3378 goto out_free; 3379 } 3380 3381 /* ignore disabled channels */ 3382 if (chan->flags & IEEE80211_CHAN_DISABLED) 3383 continue; 3384 3385 request->channels[i] = chan; 3386 i++; 3387 } 3388 } else { 3389 /* all channels */ 3390 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 3391 int j; 3392 if (!wiphy->bands[band]) 3393 continue; 3394 for (j = 0; j < wiphy->bands[band]->n_channels; j++) { 3395 struct ieee80211_channel *chan; 3396 3397 chan = &wiphy->bands[band]->channels[j]; 3398 3399 if (chan->flags & IEEE80211_CHAN_DISABLED) 3400 continue; 3401 3402 request->channels[i] = chan; 3403 i++; 3404 } 3405 } 3406 } 3407 3408 if (!i) { 3409 err = -EINVAL; 3410 goto out_free; 3411 } 3412 3413 request->n_channels = i; 3414 3415 i = 0; 3416 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) { 3417 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) { 3418 if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) { 3419 err = -EINVAL; 3420 goto out_free; 3421 } 3422 request->ssids[i].ssid_len = nla_len(attr); 3423 memcpy(request->ssids[i].ssid, nla_data(attr), nla_len(attr)); 3424 i++; 3425 } 3426 } 3427 3428 if (info->attrs[NL80211_ATTR_IE]) { 3429 request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3430 memcpy((void *)request->ie, 3431 nla_data(info->attrs[NL80211_ATTR_IE]), 3432 request->ie_len); 3433 } 3434 3435 request->dev = dev; 3436 request->wiphy = &rdev->wiphy; 3437 3438 rdev->scan_req = request; 3439 err = rdev->ops->scan(&rdev->wiphy, dev, request); 3440 3441 if (!err) { 3442 nl80211_send_scan_start(rdev, dev); 3443 dev_hold(dev); 3444 } else { 3445 out_free: 3446 rdev->scan_req = NULL; 3447 kfree(request); 3448 } 3449 3450 return err; 3451 } 3452 3453 static int nl80211_start_sched_scan(struct sk_buff *skb, 3454 struct genl_info *info) 3455 { 3456 struct cfg80211_sched_scan_request *request; 3457 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3458 struct net_device *dev = info->user_ptr[1]; 3459 struct nlattr *attr; 3460 struct wiphy *wiphy; 3461 int err, tmp, n_ssids = 0, n_channels, i; 3462 u32 interval; 3463 enum ieee80211_band band; 3464 size_t ie_len; 3465 3466 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN) || 3467 !rdev->ops->sched_scan_start) 3468 return -EOPNOTSUPP; 3469 3470 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3471 return -EINVAL; 3472 3473 if (!info->attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL]) 3474 return -EINVAL; 3475 3476 interval = nla_get_u32(info->attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL]); 3477 if (interval == 0) 3478 return -EINVAL; 3479 3480 wiphy = &rdev->wiphy; 3481 3482 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 3483 n_channels = validate_scan_freqs( 3484 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]); 3485 if (!n_channels) 3486 return -EINVAL; 3487 } else { 3488 n_channels = 0; 3489 3490 for (band = 0; band < IEEE80211_NUM_BANDS; band++) 3491 if (wiphy->bands[band]) 3492 n_channels += wiphy->bands[band]->n_channels; 3493 } 3494 3495 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) 3496 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], 3497 tmp) 3498 n_ssids++; 3499 3500 if (n_ssids > wiphy->max_scan_ssids) 3501 return -EINVAL; 3502 3503 if (info->attrs[NL80211_ATTR_IE]) 3504 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3505 else 3506 ie_len = 0; 3507 3508 if (ie_len > wiphy->max_scan_ie_len) 3509 return -EINVAL; 3510 3511 mutex_lock(&rdev->sched_scan_mtx); 3512 3513 if (rdev->sched_scan_req) { 3514 err = -EINPROGRESS; 3515 goto out; 3516 } 3517 3518 request = kzalloc(sizeof(*request) 3519 + sizeof(*request->ssids) * n_ssids 3520 + sizeof(*request->channels) * n_channels 3521 + ie_len, GFP_KERNEL); 3522 if (!request) { 3523 err = -ENOMEM; 3524 goto out; 3525 } 3526 3527 if (n_ssids) 3528 request->ssids = (void *)&request->channels[n_channels]; 3529 request->n_ssids = n_ssids; 3530 if (ie_len) { 3531 if (request->ssids) 3532 request->ie = (void *)(request->ssids + n_ssids); 3533 else 3534 request->ie = (void *)(request->channels + n_channels); 3535 } 3536 3537 i = 0; 3538 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 3539 /* user specified, bail out if channel not found */ 3540 nla_for_each_nested(attr, 3541 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES], 3542 tmp) { 3543 struct ieee80211_channel *chan; 3544 3545 chan = ieee80211_get_channel(wiphy, nla_get_u32(attr)); 3546 3547 if (!chan) { 3548 err = -EINVAL; 3549 goto out_free; 3550 } 3551 3552 /* ignore disabled channels */ 3553 if (chan->flags & IEEE80211_CHAN_DISABLED) 3554 continue; 3555 3556 request->channels[i] = chan; 3557 i++; 3558 } 3559 } else { 3560 /* all channels */ 3561 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 3562 int j; 3563 if (!wiphy->bands[band]) 3564 continue; 3565 for (j = 0; j < wiphy->bands[band]->n_channels; j++) { 3566 struct ieee80211_channel *chan; 3567 3568 chan = &wiphy->bands[band]->channels[j]; 3569 3570 if (chan->flags & IEEE80211_CHAN_DISABLED) 3571 continue; 3572 3573 request->channels[i] = chan; 3574 i++; 3575 } 3576 } 3577 } 3578 3579 if (!i) { 3580 err = -EINVAL; 3581 goto out_free; 3582 } 3583 3584 request->n_channels = i; 3585 3586 i = 0; 3587 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) { 3588 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], 3589 tmp) { 3590 if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) { 3591 err = -EINVAL; 3592 goto out_free; 3593 } 3594 request->ssids[i].ssid_len = nla_len(attr); 3595 memcpy(request->ssids[i].ssid, nla_data(attr), 3596 nla_len(attr)); 3597 i++; 3598 } 3599 } 3600 3601 if (info->attrs[NL80211_ATTR_IE]) { 3602 request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3603 memcpy((void *)request->ie, 3604 nla_data(info->attrs[NL80211_ATTR_IE]), 3605 request->ie_len); 3606 } 3607 3608 request->dev = dev; 3609 request->wiphy = &rdev->wiphy; 3610 request->interval = interval; 3611 3612 err = rdev->ops->sched_scan_start(&rdev->wiphy, dev, request); 3613 if (!err) { 3614 rdev->sched_scan_req = request; 3615 nl80211_send_sched_scan(rdev, dev, 3616 NL80211_CMD_START_SCHED_SCAN); 3617 goto out; 3618 } 3619 3620 out_free: 3621 kfree(request); 3622 out: 3623 mutex_unlock(&rdev->sched_scan_mtx); 3624 return err; 3625 } 3626 3627 static int nl80211_stop_sched_scan(struct sk_buff *skb, 3628 struct genl_info *info) 3629 { 3630 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3631 int err; 3632 3633 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN) || 3634 !rdev->ops->sched_scan_stop) 3635 return -EOPNOTSUPP; 3636 3637 mutex_lock(&rdev->sched_scan_mtx); 3638 err = __cfg80211_stop_sched_scan(rdev, false); 3639 mutex_unlock(&rdev->sched_scan_mtx); 3640 3641 return err; 3642 } 3643 3644 static int nl80211_send_bss(struct sk_buff *msg, struct netlink_callback *cb, 3645 u32 seq, int flags, 3646 struct cfg80211_registered_device *rdev, 3647 struct wireless_dev *wdev, 3648 struct cfg80211_internal_bss *intbss) 3649 { 3650 struct cfg80211_bss *res = &intbss->pub; 3651 void *hdr; 3652 struct nlattr *bss; 3653 int i; 3654 3655 ASSERT_WDEV_LOCK(wdev); 3656 3657 hdr = nl80211hdr_put(msg, NETLINK_CB(cb->skb).pid, seq, flags, 3658 NL80211_CMD_NEW_SCAN_RESULTS); 3659 if (!hdr) 3660 return -1; 3661 3662 genl_dump_check_consistent(cb, hdr, &nl80211_fam); 3663 3664 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, rdev->bss_generation); 3665 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, wdev->netdev->ifindex); 3666 3667 bss = nla_nest_start(msg, NL80211_ATTR_BSS); 3668 if (!bss) 3669 goto nla_put_failure; 3670 if (!is_zero_ether_addr(res->bssid)) 3671 NLA_PUT(msg, NL80211_BSS_BSSID, ETH_ALEN, res->bssid); 3672 if (res->information_elements && res->len_information_elements) 3673 NLA_PUT(msg, NL80211_BSS_INFORMATION_ELEMENTS, 3674 res->len_information_elements, 3675 res->information_elements); 3676 if (res->beacon_ies && res->len_beacon_ies && 3677 res->beacon_ies != res->information_elements) 3678 NLA_PUT(msg, NL80211_BSS_BEACON_IES, 3679 res->len_beacon_ies, res->beacon_ies); 3680 if (res->tsf) 3681 NLA_PUT_U64(msg, NL80211_BSS_TSF, res->tsf); 3682 if (res->beacon_interval) 3683 NLA_PUT_U16(msg, NL80211_BSS_BEACON_INTERVAL, res->beacon_interval); 3684 NLA_PUT_U16(msg, NL80211_BSS_CAPABILITY, res->capability); 3685 NLA_PUT_U32(msg, NL80211_BSS_FREQUENCY, res->channel->center_freq); 3686 NLA_PUT_U32(msg, NL80211_BSS_SEEN_MS_AGO, 3687 jiffies_to_msecs(jiffies - intbss->ts)); 3688 3689 switch (rdev->wiphy.signal_type) { 3690 case CFG80211_SIGNAL_TYPE_MBM: 3691 NLA_PUT_U32(msg, NL80211_BSS_SIGNAL_MBM, res->signal); 3692 break; 3693 case CFG80211_SIGNAL_TYPE_UNSPEC: 3694 NLA_PUT_U8(msg, NL80211_BSS_SIGNAL_UNSPEC, res->signal); 3695 break; 3696 default: 3697 break; 3698 } 3699 3700 switch (wdev->iftype) { 3701 case NL80211_IFTYPE_P2P_CLIENT: 3702 case NL80211_IFTYPE_STATION: 3703 if (intbss == wdev->current_bss) 3704 NLA_PUT_U32(msg, NL80211_BSS_STATUS, 3705 NL80211_BSS_STATUS_ASSOCIATED); 3706 else for (i = 0; i < MAX_AUTH_BSSES; i++) { 3707 if (intbss != wdev->auth_bsses[i]) 3708 continue; 3709 NLA_PUT_U32(msg, NL80211_BSS_STATUS, 3710 NL80211_BSS_STATUS_AUTHENTICATED); 3711 break; 3712 } 3713 break; 3714 case NL80211_IFTYPE_ADHOC: 3715 if (intbss == wdev->current_bss) 3716 NLA_PUT_U32(msg, NL80211_BSS_STATUS, 3717 NL80211_BSS_STATUS_IBSS_JOINED); 3718 break; 3719 default: 3720 break; 3721 } 3722 3723 nla_nest_end(msg, bss); 3724 3725 return genlmsg_end(msg, hdr); 3726 3727 nla_put_failure: 3728 genlmsg_cancel(msg, hdr); 3729 return -EMSGSIZE; 3730 } 3731 3732 static int nl80211_dump_scan(struct sk_buff *skb, 3733 struct netlink_callback *cb) 3734 { 3735 struct cfg80211_registered_device *rdev; 3736 struct net_device *dev; 3737 struct cfg80211_internal_bss *scan; 3738 struct wireless_dev *wdev; 3739 int start = cb->args[1], idx = 0; 3740 int err; 3741 3742 err = nl80211_prepare_netdev_dump(skb, cb, &rdev, &dev); 3743 if (err) 3744 return err; 3745 3746 wdev = dev->ieee80211_ptr; 3747 3748 wdev_lock(wdev); 3749 spin_lock_bh(&rdev->bss_lock); 3750 cfg80211_bss_expire(rdev); 3751 3752 cb->seq = rdev->bss_generation; 3753 3754 list_for_each_entry(scan, &rdev->bss_list, list) { 3755 if (++idx <= start) 3756 continue; 3757 if (nl80211_send_bss(skb, cb, 3758 cb->nlh->nlmsg_seq, NLM_F_MULTI, 3759 rdev, wdev, scan) < 0) { 3760 idx--; 3761 break; 3762 } 3763 } 3764 3765 spin_unlock_bh(&rdev->bss_lock); 3766 wdev_unlock(wdev); 3767 3768 cb->args[1] = idx; 3769 nl80211_finish_netdev_dump(rdev); 3770 3771 return skb->len; 3772 } 3773 3774 static int nl80211_send_survey(struct sk_buff *msg, u32 pid, u32 seq, 3775 int flags, struct net_device *dev, 3776 struct survey_info *survey) 3777 { 3778 void *hdr; 3779 struct nlattr *infoattr; 3780 3781 hdr = nl80211hdr_put(msg, pid, seq, flags, 3782 NL80211_CMD_NEW_SURVEY_RESULTS); 3783 if (!hdr) 3784 return -ENOMEM; 3785 3786 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 3787 3788 infoattr = nla_nest_start(msg, NL80211_ATTR_SURVEY_INFO); 3789 if (!infoattr) 3790 goto nla_put_failure; 3791 3792 NLA_PUT_U32(msg, NL80211_SURVEY_INFO_FREQUENCY, 3793 survey->channel->center_freq); 3794 if (survey->filled & SURVEY_INFO_NOISE_DBM) 3795 NLA_PUT_U8(msg, NL80211_SURVEY_INFO_NOISE, 3796 survey->noise); 3797 if (survey->filled & SURVEY_INFO_IN_USE) 3798 NLA_PUT_FLAG(msg, NL80211_SURVEY_INFO_IN_USE); 3799 if (survey->filled & SURVEY_INFO_CHANNEL_TIME) 3800 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME, 3801 survey->channel_time); 3802 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_BUSY) 3803 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY, 3804 survey->channel_time_busy); 3805 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_EXT_BUSY) 3806 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_EXT_BUSY, 3807 survey->channel_time_ext_busy); 3808 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_RX) 3809 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_RX, 3810 survey->channel_time_rx); 3811 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_TX) 3812 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_TX, 3813 survey->channel_time_tx); 3814 3815 nla_nest_end(msg, infoattr); 3816 3817 return genlmsg_end(msg, hdr); 3818 3819 nla_put_failure: 3820 genlmsg_cancel(msg, hdr); 3821 return -EMSGSIZE; 3822 } 3823 3824 static int nl80211_dump_survey(struct sk_buff *skb, 3825 struct netlink_callback *cb) 3826 { 3827 struct survey_info survey; 3828 struct cfg80211_registered_device *dev; 3829 struct net_device *netdev; 3830 int survey_idx = cb->args[1]; 3831 int res; 3832 3833 res = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev); 3834 if (res) 3835 return res; 3836 3837 if (!dev->ops->dump_survey) { 3838 res = -EOPNOTSUPP; 3839 goto out_err; 3840 } 3841 3842 while (1) { 3843 struct ieee80211_channel *chan; 3844 3845 res = dev->ops->dump_survey(&dev->wiphy, netdev, survey_idx, 3846 &survey); 3847 if (res == -ENOENT) 3848 break; 3849 if (res) 3850 goto out_err; 3851 3852 /* Survey without a channel doesn't make sense */ 3853 if (!survey.channel) { 3854 res = -EINVAL; 3855 goto out; 3856 } 3857 3858 chan = ieee80211_get_channel(&dev->wiphy, 3859 survey.channel->center_freq); 3860 if (!chan || chan->flags & IEEE80211_CHAN_DISABLED) { 3861 survey_idx++; 3862 continue; 3863 } 3864 3865 if (nl80211_send_survey(skb, 3866 NETLINK_CB(cb->skb).pid, 3867 cb->nlh->nlmsg_seq, NLM_F_MULTI, 3868 netdev, 3869 &survey) < 0) 3870 goto out; 3871 survey_idx++; 3872 } 3873 3874 out: 3875 cb->args[1] = survey_idx; 3876 res = skb->len; 3877 out_err: 3878 nl80211_finish_netdev_dump(dev); 3879 return res; 3880 } 3881 3882 static bool nl80211_valid_auth_type(enum nl80211_auth_type auth_type) 3883 { 3884 return auth_type <= NL80211_AUTHTYPE_MAX; 3885 } 3886 3887 static bool nl80211_valid_wpa_versions(u32 wpa_versions) 3888 { 3889 return !(wpa_versions & ~(NL80211_WPA_VERSION_1 | 3890 NL80211_WPA_VERSION_2)); 3891 } 3892 3893 static bool nl80211_valid_akm_suite(u32 akm) 3894 { 3895 return akm == WLAN_AKM_SUITE_8021X || 3896 akm == WLAN_AKM_SUITE_PSK; 3897 } 3898 3899 static bool nl80211_valid_cipher_suite(u32 cipher) 3900 { 3901 return cipher == WLAN_CIPHER_SUITE_WEP40 || 3902 cipher == WLAN_CIPHER_SUITE_WEP104 || 3903 cipher == WLAN_CIPHER_SUITE_TKIP || 3904 cipher == WLAN_CIPHER_SUITE_CCMP || 3905 cipher == WLAN_CIPHER_SUITE_AES_CMAC; 3906 } 3907 3908 3909 static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info) 3910 { 3911 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3912 struct net_device *dev = info->user_ptr[1]; 3913 struct ieee80211_channel *chan; 3914 const u8 *bssid, *ssid, *ie = NULL; 3915 int err, ssid_len, ie_len = 0; 3916 enum nl80211_auth_type auth_type; 3917 struct key_parse key; 3918 bool local_state_change; 3919 3920 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3921 return -EINVAL; 3922 3923 if (!info->attrs[NL80211_ATTR_MAC]) 3924 return -EINVAL; 3925 3926 if (!info->attrs[NL80211_ATTR_AUTH_TYPE]) 3927 return -EINVAL; 3928 3929 if (!info->attrs[NL80211_ATTR_SSID]) 3930 return -EINVAL; 3931 3932 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ]) 3933 return -EINVAL; 3934 3935 err = nl80211_parse_key(info, &key); 3936 if (err) 3937 return err; 3938 3939 if (key.idx >= 0) { 3940 if (key.type != -1 && key.type != NL80211_KEYTYPE_GROUP) 3941 return -EINVAL; 3942 if (!key.p.key || !key.p.key_len) 3943 return -EINVAL; 3944 if ((key.p.cipher != WLAN_CIPHER_SUITE_WEP40 || 3945 key.p.key_len != WLAN_KEY_LEN_WEP40) && 3946 (key.p.cipher != WLAN_CIPHER_SUITE_WEP104 || 3947 key.p.key_len != WLAN_KEY_LEN_WEP104)) 3948 return -EINVAL; 3949 if (key.idx > 4) 3950 return -EINVAL; 3951 } else { 3952 key.p.key_len = 0; 3953 key.p.key = NULL; 3954 } 3955 3956 if (key.idx >= 0) { 3957 int i; 3958 bool ok = false; 3959 for (i = 0; i < rdev->wiphy.n_cipher_suites; i++) { 3960 if (key.p.cipher == rdev->wiphy.cipher_suites[i]) { 3961 ok = true; 3962 break; 3963 } 3964 } 3965 if (!ok) 3966 return -EINVAL; 3967 } 3968 3969 if (!rdev->ops->auth) 3970 return -EOPNOTSUPP; 3971 3972 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 3973 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 3974 return -EOPNOTSUPP; 3975 3976 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 3977 chan = ieee80211_get_channel(&rdev->wiphy, 3978 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 3979 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED)) 3980 return -EINVAL; 3981 3982 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 3983 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 3984 3985 if (info->attrs[NL80211_ATTR_IE]) { 3986 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3987 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3988 } 3989 3990 auth_type = nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]); 3991 if (!nl80211_valid_auth_type(auth_type)) 3992 return -EINVAL; 3993 3994 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; 3995 3996 return cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid, 3997 ssid, ssid_len, ie, ie_len, 3998 key.p.key, key.p.key_len, key.idx, 3999 local_state_change); 4000 } 4001 4002 static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev, 4003 struct genl_info *info, 4004 struct cfg80211_crypto_settings *settings, 4005 int cipher_limit) 4006 { 4007 memset(settings, 0, sizeof(*settings)); 4008 4009 settings->control_port = info->attrs[NL80211_ATTR_CONTROL_PORT]; 4010 4011 if (info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]) { 4012 u16 proto; 4013 proto = nla_get_u16( 4014 info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]); 4015 settings->control_port_ethertype = cpu_to_be16(proto); 4016 if (!(rdev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) && 4017 proto != ETH_P_PAE) 4018 return -EINVAL; 4019 if (info->attrs[NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT]) 4020 settings->control_port_no_encrypt = true; 4021 } else 4022 settings->control_port_ethertype = cpu_to_be16(ETH_P_PAE); 4023 4024 if (info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]) { 4025 void *data; 4026 int len, i; 4027 4028 data = nla_data(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]); 4029 len = nla_len(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]); 4030 settings->n_ciphers_pairwise = len / sizeof(u32); 4031 4032 if (len % sizeof(u32)) 4033 return -EINVAL; 4034 4035 if (settings->n_ciphers_pairwise > cipher_limit) 4036 return -EINVAL; 4037 4038 memcpy(settings->ciphers_pairwise, data, len); 4039 4040 for (i = 0; i < settings->n_ciphers_pairwise; i++) 4041 if (!nl80211_valid_cipher_suite( 4042 settings->ciphers_pairwise[i])) 4043 return -EINVAL; 4044 } 4045 4046 if (info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]) { 4047 settings->cipher_group = 4048 nla_get_u32(info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]); 4049 if (!nl80211_valid_cipher_suite(settings->cipher_group)) 4050 return -EINVAL; 4051 } 4052 4053 if (info->attrs[NL80211_ATTR_WPA_VERSIONS]) { 4054 settings->wpa_versions = 4055 nla_get_u32(info->attrs[NL80211_ATTR_WPA_VERSIONS]); 4056 if (!nl80211_valid_wpa_versions(settings->wpa_versions)) 4057 return -EINVAL; 4058 } 4059 4060 if (info->attrs[NL80211_ATTR_AKM_SUITES]) { 4061 void *data; 4062 int len, i; 4063 4064 data = nla_data(info->attrs[NL80211_ATTR_AKM_SUITES]); 4065 len = nla_len(info->attrs[NL80211_ATTR_AKM_SUITES]); 4066 settings->n_akm_suites = len / sizeof(u32); 4067 4068 if (len % sizeof(u32)) 4069 return -EINVAL; 4070 4071 memcpy(settings->akm_suites, data, len); 4072 4073 for (i = 0; i < settings->n_ciphers_pairwise; i++) 4074 if (!nl80211_valid_akm_suite(settings->akm_suites[i])) 4075 return -EINVAL; 4076 } 4077 4078 return 0; 4079 } 4080 4081 static int nl80211_associate(struct sk_buff *skb, struct genl_info *info) 4082 { 4083 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4084 struct net_device *dev = info->user_ptr[1]; 4085 struct cfg80211_crypto_settings crypto; 4086 struct ieee80211_channel *chan; 4087 const u8 *bssid, *ssid, *ie = NULL, *prev_bssid = NULL; 4088 int err, ssid_len, ie_len = 0; 4089 bool use_mfp = false; 4090 4091 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4092 return -EINVAL; 4093 4094 if (!info->attrs[NL80211_ATTR_MAC] || 4095 !info->attrs[NL80211_ATTR_SSID] || 4096 !info->attrs[NL80211_ATTR_WIPHY_FREQ]) 4097 return -EINVAL; 4098 4099 if (!rdev->ops->assoc) 4100 return -EOPNOTSUPP; 4101 4102 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4103 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4104 return -EOPNOTSUPP; 4105 4106 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4107 4108 chan = ieee80211_get_channel(&rdev->wiphy, 4109 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 4110 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED)) 4111 return -EINVAL; 4112 4113 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 4114 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 4115 4116 if (info->attrs[NL80211_ATTR_IE]) { 4117 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4118 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4119 } 4120 4121 if (info->attrs[NL80211_ATTR_USE_MFP]) { 4122 enum nl80211_mfp mfp = 4123 nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]); 4124 if (mfp == NL80211_MFP_REQUIRED) 4125 use_mfp = true; 4126 else if (mfp != NL80211_MFP_NO) 4127 return -EINVAL; 4128 } 4129 4130 if (info->attrs[NL80211_ATTR_PREV_BSSID]) 4131 prev_bssid = nla_data(info->attrs[NL80211_ATTR_PREV_BSSID]); 4132 4133 err = nl80211_crypto_settings(rdev, info, &crypto, 1); 4134 if (!err) 4135 err = cfg80211_mlme_assoc(rdev, dev, chan, bssid, prev_bssid, 4136 ssid, ssid_len, ie, ie_len, use_mfp, 4137 &crypto); 4138 4139 return err; 4140 } 4141 4142 static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info) 4143 { 4144 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4145 struct net_device *dev = info->user_ptr[1]; 4146 const u8 *ie = NULL, *bssid; 4147 int ie_len = 0; 4148 u16 reason_code; 4149 bool local_state_change; 4150 4151 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4152 return -EINVAL; 4153 4154 if (!info->attrs[NL80211_ATTR_MAC]) 4155 return -EINVAL; 4156 4157 if (!info->attrs[NL80211_ATTR_REASON_CODE]) 4158 return -EINVAL; 4159 4160 if (!rdev->ops->deauth) 4161 return -EOPNOTSUPP; 4162 4163 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4164 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4165 return -EOPNOTSUPP; 4166 4167 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4168 4169 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 4170 if (reason_code == 0) { 4171 /* Reason Code 0 is reserved */ 4172 return -EINVAL; 4173 } 4174 4175 if (info->attrs[NL80211_ATTR_IE]) { 4176 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4177 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4178 } 4179 4180 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; 4181 4182 return cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason_code, 4183 local_state_change); 4184 } 4185 4186 static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info) 4187 { 4188 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4189 struct net_device *dev = info->user_ptr[1]; 4190 const u8 *ie = NULL, *bssid; 4191 int ie_len = 0; 4192 u16 reason_code; 4193 bool local_state_change; 4194 4195 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4196 return -EINVAL; 4197 4198 if (!info->attrs[NL80211_ATTR_MAC]) 4199 return -EINVAL; 4200 4201 if (!info->attrs[NL80211_ATTR_REASON_CODE]) 4202 return -EINVAL; 4203 4204 if (!rdev->ops->disassoc) 4205 return -EOPNOTSUPP; 4206 4207 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4208 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4209 return -EOPNOTSUPP; 4210 4211 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4212 4213 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 4214 if (reason_code == 0) { 4215 /* Reason Code 0 is reserved */ 4216 return -EINVAL; 4217 } 4218 4219 if (info->attrs[NL80211_ATTR_IE]) { 4220 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4221 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4222 } 4223 4224 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; 4225 4226 return cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason_code, 4227 local_state_change); 4228 } 4229 4230 static bool 4231 nl80211_parse_mcast_rate(struct cfg80211_registered_device *rdev, 4232 int mcast_rate[IEEE80211_NUM_BANDS], 4233 int rateval) 4234 { 4235 struct wiphy *wiphy = &rdev->wiphy; 4236 bool found = false; 4237 int band, i; 4238 4239 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 4240 struct ieee80211_supported_band *sband; 4241 4242 sband = wiphy->bands[band]; 4243 if (!sband) 4244 continue; 4245 4246 for (i = 0; i < sband->n_bitrates; i++) { 4247 if (sband->bitrates[i].bitrate == rateval) { 4248 mcast_rate[band] = i + 1; 4249 found = true; 4250 break; 4251 } 4252 } 4253 } 4254 4255 return found; 4256 } 4257 4258 static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info) 4259 { 4260 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4261 struct net_device *dev = info->user_ptr[1]; 4262 struct cfg80211_ibss_params ibss; 4263 struct wiphy *wiphy; 4264 struct cfg80211_cached_keys *connkeys = NULL; 4265 int err; 4266 4267 memset(&ibss, 0, sizeof(ibss)); 4268 4269 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4270 return -EINVAL; 4271 4272 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] || 4273 !info->attrs[NL80211_ATTR_SSID] || 4274 !nla_len(info->attrs[NL80211_ATTR_SSID])) 4275 return -EINVAL; 4276 4277 ibss.beacon_interval = 100; 4278 4279 if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) { 4280 ibss.beacon_interval = 4281 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]); 4282 if (ibss.beacon_interval < 1 || ibss.beacon_interval > 10000) 4283 return -EINVAL; 4284 } 4285 4286 if (!rdev->ops->join_ibss) 4287 return -EOPNOTSUPP; 4288 4289 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) 4290 return -EOPNOTSUPP; 4291 4292 wiphy = &rdev->wiphy; 4293 4294 if (info->attrs[NL80211_ATTR_MAC]) 4295 ibss.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4296 ibss.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 4297 ibss.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 4298 4299 if (info->attrs[NL80211_ATTR_IE]) { 4300 ibss.ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4301 ibss.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4302 } 4303 4304 ibss.channel = ieee80211_get_channel(wiphy, 4305 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 4306 if (!ibss.channel || 4307 ibss.channel->flags & IEEE80211_CHAN_NO_IBSS || 4308 ibss.channel->flags & IEEE80211_CHAN_DISABLED) 4309 return -EINVAL; 4310 4311 ibss.channel_fixed = !!info->attrs[NL80211_ATTR_FREQ_FIXED]; 4312 ibss.privacy = !!info->attrs[NL80211_ATTR_PRIVACY]; 4313 4314 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) { 4315 u8 *rates = 4316 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 4317 int n_rates = 4318 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 4319 struct ieee80211_supported_band *sband = 4320 wiphy->bands[ibss.channel->band]; 4321 int i, j; 4322 4323 if (n_rates == 0) 4324 return -EINVAL; 4325 4326 for (i = 0; i < n_rates; i++) { 4327 int rate = (rates[i] & 0x7f) * 5; 4328 bool found = false; 4329 4330 for (j = 0; j < sband->n_bitrates; j++) { 4331 if (sband->bitrates[j].bitrate == rate) { 4332 found = true; 4333 ibss.basic_rates |= BIT(j); 4334 break; 4335 } 4336 } 4337 if (!found) 4338 return -EINVAL; 4339 } 4340 } 4341 4342 if (info->attrs[NL80211_ATTR_MCAST_RATE] && 4343 !nl80211_parse_mcast_rate(rdev, ibss.mcast_rate, 4344 nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE]))) 4345 return -EINVAL; 4346 4347 if (ibss.privacy && info->attrs[NL80211_ATTR_KEYS]) { 4348 connkeys = nl80211_parse_connkeys(rdev, 4349 info->attrs[NL80211_ATTR_KEYS]); 4350 if (IS_ERR(connkeys)) 4351 return PTR_ERR(connkeys); 4352 } 4353 4354 err = cfg80211_join_ibss(rdev, dev, &ibss, connkeys); 4355 if (err) 4356 kfree(connkeys); 4357 return err; 4358 } 4359 4360 static int nl80211_leave_ibss(struct sk_buff *skb, struct genl_info *info) 4361 { 4362 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4363 struct net_device *dev = info->user_ptr[1]; 4364 4365 if (!rdev->ops->leave_ibss) 4366 return -EOPNOTSUPP; 4367 4368 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) 4369 return -EOPNOTSUPP; 4370 4371 return cfg80211_leave_ibss(rdev, dev, false); 4372 } 4373 4374 #ifdef CONFIG_NL80211_TESTMODE 4375 static struct genl_multicast_group nl80211_testmode_mcgrp = { 4376 .name = "testmode", 4377 }; 4378 4379 static int nl80211_testmode_do(struct sk_buff *skb, struct genl_info *info) 4380 { 4381 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4382 int err; 4383 4384 if (!info->attrs[NL80211_ATTR_TESTDATA]) 4385 return -EINVAL; 4386 4387 err = -EOPNOTSUPP; 4388 if (rdev->ops->testmode_cmd) { 4389 rdev->testmode_info = info; 4390 err = rdev->ops->testmode_cmd(&rdev->wiphy, 4391 nla_data(info->attrs[NL80211_ATTR_TESTDATA]), 4392 nla_len(info->attrs[NL80211_ATTR_TESTDATA])); 4393 rdev->testmode_info = NULL; 4394 } 4395 4396 return err; 4397 } 4398 4399 static int nl80211_testmode_dump(struct sk_buff *skb, 4400 struct netlink_callback *cb) 4401 { 4402 struct cfg80211_registered_device *dev; 4403 int err; 4404 long phy_idx; 4405 void *data = NULL; 4406 int data_len = 0; 4407 4408 if (cb->args[0]) { 4409 /* 4410 * 0 is a valid index, but not valid for args[0], 4411 * so we need to offset by 1. 4412 */ 4413 phy_idx = cb->args[0] - 1; 4414 } else { 4415 err = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize, 4416 nl80211_fam.attrbuf, nl80211_fam.maxattr, 4417 nl80211_policy); 4418 if (err) 4419 return err; 4420 if (!nl80211_fam.attrbuf[NL80211_ATTR_WIPHY]) 4421 return -EINVAL; 4422 phy_idx = nla_get_u32(nl80211_fam.attrbuf[NL80211_ATTR_WIPHY]); 4423 if (nl80211_fam.attrbuf[NL80211_ATTR_TESTDATA]) 4424 cb->args[1] = 4425 (long)nl80211_fam.attrbuf[NL80211_ATTR_TESTDATA]; 4426 } 4427 4428 if (cb->args[1]) { 4429 data = nla_data((void *)cb->args[1]); 4430 data_len = nla_len((void *)cb->args[1]); 4431 } 4432 4433 mutex_lock(&cfg80211_mutex); 4434 dev = cfg80211_rdev_by_wiphy_idx(phy_idx); 4435 if (!dev) { 4436 mutex_unlock(&cfg80211_mutex); 4437 return -ENOENT; 4438 } 4439 cfg80211_lock_rdev(dev); 4440 mutex_unlock(&cfg80211_mutex); 4441 4442 if (!dev->ops->testmode_dump) { 4443 err = -EOPNOTSUPP; 4444 goto out_err; 4445 } 4446 4447 while (1) { 4448 void *hdr = nl80211hdr_put(skb, NETLINK_CB(cb->skb).pid, 4449 cb->nlh->nlmsg_seq, NLM_F_MULTI, 4450 NL80211_CMD_TESTMODE); 4451 struct nlattr *tmdata; 4452 4453 if (nla_put_u32(skb, NL80211_ATTR_WIPHY, dev->wiphy_idx) < 0) { 4454 genlmsg_cancel(skb, hdr); 4455 break; 4456 } 4457 4458 tmdata = nla_nest_start(skb, NL80211_ATTR_TESTDATA); 4459 if (!tmdata) { 4460 genlmsg_cancel(skb, hdr); 4461 break; 4462 } 4463 err = dev->ops->testmode_dump(&dev->wiphy, skb, cb, 4464 data, data_len); 4465 nla_nest_end(skb, tmdata); 4466 4467 if (err == -ENOBUFS || err == -ENOENT) { 4468 genlmsg_cancel(skb, hdr); 4469 break; 4470 } else if (err) { 4471 genlmsg_cancel(skb, hdr); 4472 goto out_err; 4473 } 4474 4475 genlmsg_end(skb, hdr); 4476 } 4477 4478 err = skb->len; 4479 /* see above */ 4480 cb->args[0] = phy_idx + 1; 4481 out_err: 4482 cfg80211_unlock_rdev(dev); 4483 return err; 4484 } 4485 4486 static struct sk_buff * 4487 __cfg80211_testmode_alloc_skb(struct cfg80211_registered_device *rdev, 4488 int approxlen, u32 pid, u32 seq, gfp_t gfp) 4489 { 4490 struct sk_buff *skb; 4491 void *hdr; 4492 struct nlattr *data; 4493 4494 skb = nlmsg_new(approxlen + 100, gfp); 4495 if (!skb) 4496 return NULL; 4497 4498 hdr = nl80211hdr_put(skb, pid, seq, 0, NL80211_CMD_TESTMODE); 4499 if (!hdr) { 4500 kfree_skb(skb); 4501 return NULL; 4502 } 4503 4504 NLA_PUT_U32(skb, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 4505 data = nla_nest_start(skb, NL80211_ATTR_TESTDATA); 4506 4507 ((void **)skb->cb)[0] = rdev; 4508 ((void **)skb->cb)[1] = hdr; 4509 ((void **)skb->cb)[2] = data; 4510 4511 return skb; 4512 4513 nla_put_failure: 4514 kfree_skb(skb); 4515 return NULL; 4516 } 4517 4518 struct sk_buff *cfg80211_testmode_alloc_reply_skb(struct wiphy *wiphy, 4519 int approxlen) 4520 { 4521 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 4522 4523 if (WARN_ON(!rdev->testmode_info)) 4524 return NULL; 4525 4526 return __cfg80211_testmode_alloc_skb(rdev, approxlen, 4527 rdev->testmode_info->snd_pid, 4528 rdev->testmode_info->snd_seq, 4529 GFP_KERNEL); 4530 } 4531 EXPORT_SYMBOL(cfg80211_testmode_alloc_reply_skb); 4532 4533 int cfg80211_testmode_reply(struct sk_buff *skb) 4534 { 4535 struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0]; 4536 void *hdr = ((void **)skb->cb)[1]; 4537 struct nlattr *data = ((void **)skb->cb)[2]; 4538 4539 if (WARN_ON(!rdev->testmode_info)) { 4540 kfree_skb(skb); 4541 return -EINVAL; 4542 } 4543 4544 nla_nest_end(skb, data); 4545 genlmsg_end(skb, hdr); 4546 return genlmsg_reply(skb, rdev->testmode_info); 4547 } 4548 EXPORT_SYMBOL(cfg80211_testmode_reply); 4549 4550 struct sk_buff *cfg80211_testmode_alloc_event_skb(struct wiphy *wiphy, 4551 int approxlen, gfp_t gfp) 4552 { 4553 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 4554 4555 return __cfg80211_testmode_alloc_skb(rdev, approxlen, 0, 0, gfp); 4556 } 4557 EXPORT_SYMBOL(cfg80211_testmode_alloc_event_skb); 4558 4559 void cfg80211_testmode_event(struct sk_buff *skb, gfp_t gfp) 4560 { 4561 void *hdr = ((void **)skb->cb)[1]; 4562 struct nlattr *data = ((void **)skb->cb)[2]; 4563 4564 nla_nest_end(skb, data); 4565 genlmsg_end(skb, hdr); 4566 genlmsg_multicast(skb, 0, nl80211_testmode_mcgrp.id, gfp); 4567 } 4568 EXPORT_SYMBOL(cfg80211_testmode_event); 4569 #endif 4570 4571 static int nl80211_connect(struct sk_buff *skb, struct genl_info *info) 4572 { 4573 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4574 struct net_device *dev = info->user_ptr[1]; 4575 struct cfg80211_connect_params connect; 4576 struct wiphy *wiphy; 4577 struct cfg80211_cached_keys *connkeys = NULL; 4578 int err; 4579 4580 memset(&connect, 0, sizeof(connect)); 4581 4582 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4583 return -EINVAL; 4584 4585 if (!info->attrs[NL80211_ATTR_SSID] || 4586 !nla_len(info->attrs[NL80211_ATTR_SSID])) 4587 return -EINVAL; 4588 4589 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) { 4590 connect.auth_type = 4591 nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]); 4592 if (!nl80211_valid_auth_type(connect.auth_type)) 4593 return -EINVAL; 4594 } else 4595 connect.auth_type = NL80211_AUTHTYPE_AUTOMATIC; 4596 4597 connect.privacy = info->attrs[NL80211_ATTR_PRIVACY]; 4598 4599 err = nl80211_crypto_settings(rdev, info, &connect.crypto, 4600 NL80211_MAX_NR_CIPHER_SUITES); 4601 if (err) 4602 return err; 4603 4604 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4605 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4606 return -EOPNOTSUPP; 4607 4608 wiphy = &rdev->wiphy; 4609 4610 if (info->attrs[NL80211_ATTR_MAC]) 4611 connect.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4612 connect.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 4613 connect.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 4614 4615 if (info->attrs[NL80211_ATTR_IE]) { 4616 connect.ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4617 connect.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4618 } 4619 4620 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { 4621 connect.channel = 4622 ieee80211_get_channel(wiphy, 4623 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 4624 if (!connect.channel || 4625 connect.channel->flags & IEEE80211_CHAN_DISABLED) 4626 return -EINVAL; 4627 } 4628 4629 if (connect.privacy && info->attrs[NL80211_ATTR_KEYS]) { 4630 connkeys = nl80211_parse_connkeys(rdev, 4631 info->attrs[NL80211_ATTR_KEYS]); 4632 if (IS_ERR(connkeys)) 4633 return PTR_ERR(connkeys); 4634 } 4635 4636 err = cfg80211_connect(rdev, dev, &connect, connkeys); 4637 if (err) 4638 kfree(connkeys); 4639 return err; 4640 } 4641 4642 static int nl80211_disconnect(struct sk_buff *skb, struct genl_info *info) 4643 { 4644 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4645 struct net_device *dev = info->user_ptr[1]; 4646 u16 reason; 4647 4648 if (!info->attrs[NL80211_ATTR_REASON_CODE]) 4649 reason = WLAN_REASON_DEAUTH_LEAVING; 4650 else 4651 reason = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 4652 4653 if (reason == 0) 4654 return -EINVAL; 4655 4656 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4657 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4658 return -EOPNOTSUPP; 4659 4660 return cfg80211_disconnect(rdev, dev, reason, true); 4661 } 4662 4663 static int nl80211_wiphy_netns(struct sk_buff *skb, struct genl_info *info) 4664 { 4665 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4666 struct net *net; 4667 int err; 4668 u32 pid; 4669 4670 if (!info->attrs[NL80211_ATTR_PID]) 4671 return -EINVAL; 4672 4673 pid = nla_get_u32(info->attrs[NL80211_ATTR_PID]); 4674 4675 net = get_net_ns_by_pid(pid); 4676 if (IS_ERR(net)) 4677 return PTR_ERR(net); 4678 4679 err = 0; 4680 4681 /* check if anything to do */ 4682 if (!net_eq(wiphy_net(&rdev->wiphy), net)) 4683 err = cfg80211_switch_netns(rdev, net); 4684 4685 put_net(net); 4686 return err; 4687 } 4688 4689 static int nl80211_setdel_pmksa(struct sk_buff *skb, struct genl_info *info) 4690 { 4691 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4692 int (*rdev_ops)(struct wiphy *wiphy, struct net_device *dev, 4693 struct cfg80211_pmksa *pmksa) = NULL; 4694 struct net_device *dev = info->user_ptr[1]; 4695 struct cfg80211_pmksa pmksa; 4696 4697 memset(&pmksa, 0, sizeof(struct cfg80211_pmksa)); 4698 4699 if (!info->attrs[NL80211_ATTR_MAC]) 4700 return -EINVAL; 4701 4702 if (!info->attrs[NL80211_ATTR_PMKID]) 4703 return -EINVAL; 4704 4705 pmksa.pmkid = nla_data(info->attrs[NL80211_ATTR_PMKID]); 4706 pmksa.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4707 4708 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4709 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4710 return -EOPNOTSUPP; 4711 4712 switch (info->genlhdr->cmd) { 4713 case NL80211_CMD_SET_PMKSA: 4714 rdev_ops = rdev->ops->set_pmksa; 4715 break; 4716 case NL80211_CMD_DEL_PMKSA: 4717 rdev_ops = rdev->ops->del_pmksa; 4718 break; 4719 default: 4720 WARN_ON(1); 4721 break; 4722 } 4723 4724 if (!rdev_ops) 4725 return -EOPNOTSUPP; 4726 4727 return rdev_ops(&rdev->wiphy, dev, &pmksa); 4728 } 4729 4730 static int nl80211_flush_pmksa(struct sk_buff *skb, struct genl_info *info) 4731 { 4732 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4733 struct net_device *dev = info->user_ptr[1]; 4734 4735 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4736 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4737 return -EOPNOTSUPP; 4738 4739 if (!rdev->ops->flush_pmksa) 4740 return -EOPNOTSUPP; 4741 4742 return rdev->ops->flush_pmksa(&rdev->wiphy, dev); 4743 } 4744 4745 static int nl80211_remain_on_channel(struct sk_buff *skb, 4746 struct genl_info *info) 4747 { 4748 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4749 struct net_device *dev = info->user_ptr[1]; 4750 struct ieee80211_channel *chan; 4751 struct sk_buff *msg; 4752 void *hdr; 4753 u64 cookie; 4754 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 4755 u32 freq, duration; 4756 int err; 4757 4758 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] || 4759 !info->attrs[NL80211_ATTR_DURATION]) 4760 return -EINVAL; 4761 4762 duration = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]); 4763 4764 /* 4765 * We should be on that channel for at least one jiffie, 4766 * and more than 5 seconds seems excessive. 4767 */ 4768 if (!duration || !msecs_to_jiffies(duration) || 4769 duration > rdev->wiphy.max_remain_on_channel_duration) 4770 return -EINVAL; 4771 4772 if (!rdev->ops->remain_on_channel) 4773 return -EOPNOTSUPP; 4774 4775 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 4776 channel_type = nla_get_u32( 4777 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 4778 if (channel_type != NL80211_CHAN_NO_HT && 4779 channel_type != NL80211_CHAN_HT20 && 4780 channel_type != NL80211_CHAN_HT40PLUS && 4781 channel_type != NL80211_CHAN_HT40MINUS) 4782 return -EINVAL; 4783 } 4784 4785 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); 4786 chan = rdev_freq_to_chan(rdev, freq, channel_type); 4787 if (chan == NULL) 4788 return -EINVAL; 4789 4790 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 4791 if (!msg) 4792 return -ENOMEM; 4793 4794 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 4795 NL80211_CMD_REMAIN_ON_CHANNEL); 4796 4797 if (IS_ERR(hdr)) { 4798 err = PTR_ERR(hdr); 4799 goto free_msg; 4800 } 4801 4802 err = rdev->ops->remain_on_channel(&rdev->wiphy, dev, chan, 4803 channel_type, duration, &cookie); 4804 4805 if (err) 4806 goto free_msg; 4807 4808 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 4809 4810 genlmsg_end(msg, hdr); 4811 4812 return genlmsg_reply(msg, info); 4813 4814 nla_put_failure: 4815 err = -ENOBUFS; 4816 free_msg: 4817 nlmsg_free(msg); 4818 return err; 4819 } 4820 4821 static int nl80211_cancel_remain_on_channel(struct sk_buff *skb, 4822 struct genl_info *info) 4823 { 4824 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4825 struct net_device *dev = info->user_ptr[1]; 4826 u64 cookie; 4827 4828 if (!info->attrs[NL80211_ATTR_COOKIE]) 4829 return -EINVAL; 4830 4831 if (!rdev->ops->cancel_remain_on_channel) 4832 return -EOPNOTSUPP; 4833 4834 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]); 4835 4836 return rdev->ops->cancel_remain_on_channel(&rdev->wiphy, dev, cookie); 4837 } 4838 4839 static u32 rateset_to_mask(struct ieee80211_supported_band *sband, 4840 u8 *rates, u8 rates_len) 4841 { 4842 u8 i; 4843 u32 mask = 0; 4844 4845 for (i = 0; i < rates_len; i++) { 4846 int rate = (rates[i] & 0x7f) * 5; 4847 int ridx; 4848 for (ridx = 0; ridx < sband->n_bitrates; ridx++) { 4849 struct ieee80211_rate *srate = 4850 &sband->bitrates[ridx]; 4851 if (rate == srate->bitrate) { 4852 mask |= 1 << ridx; 4853 break; 4854 } 4855 } 4856 if (ridx == sband->n_bitrates) 4857 return 0; /* rate not found */ 4858 } 4859 4860 return mask; 4861 } 4862 4863 static const struct nla_policy nl80211_txattr_policy[NL80211_TXRATE_MAX + 1] = { 4864 [NL80211_TXRATE_LEGACY] = { .type = NLA_BINARY, 4865 .len = NL80211_MAX_SUPP_RATES }, 4866 }; 4867 4868 static int nl80211_set_tx_bitrate_mask(struct sk_buff *skb, 4869 struct genl_info *info) 4870 { 4871 struct nlattr *tb[NL80211_TXRATE_MAX + 1]; 4872 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4873 struct cfg80211_bitrate_mask mask; 4874 int rem, i; 4875 struct net_device *dev = info->user_ptr[1]; 4876 struct nlattr *tx_rates; 4877 struct ieee80211_supported_band *sband; 4878 4879 if (info->attrs[NL80211_ATTR_TX_RATES] == NULL) 4880 return -EINVAL; 4881 4882 if (!rdev->ops->set_bitrate_mask) 4883 return -EOPNOTSUPP; 4884 4885 memset(&mask, 0, sizeof(mask)); 4886 /* Default to all rates enabled */ 4887 for (i = 0; i < IEEE80211_NUM_BANDS; i++) { 4888 sband = rdev->wiphy.bands[i]; 4889 mask.control[i].legacy = 4890 sband ? (1 << sband->n_bitrates) - 1 : 0; 4891 } 4892 4893 /* 4894 * The nested attribute uses enum nl80211_band as the index. This maps 4895 * directly to the enum ieee80211_band values used in cfg80211. 4896 */ 4897 nla_for_each_nested(tx_rates, info->attrs[NL80211_ATTR_TX_RATES], rem) 4898 { 4899 enum ieee80211_band band = nla_type(tx_rates); 4900 if (band < 0 || band >= IEEE80211_NUM_BANDS) 4901 return -EINVAL; 4902 sband = rdev->wiphy.bands[band]; 4903 if (sband == NULL) 4904 return -EINVAL; 4905 nla_parse(tb, NL80211_TXRATE_MAX, nla_data(tx_rates), 4906 nla_len(tx_rates), nl80211_txattr_policy); 4907 if (tb[NL80211_TXRATE_LEGACY]) { 4908 mask.control[band].legacy = rateset_to_mask( 4909 sband, 4910 nla_data(tb[NL80211_TXRATE_LEGACY]), 4911 nla_len(tb[NL80211_TXRATE_LEGACY])); 4912 if (mask.control[band].legacy == 0) 4913 return -EINVAL; 4914 } 4915 } 4916 4917 return rdev->ops->set_bitrate_mask(&rdev->wiphy, dev, NULL, &mask); 4918 } 4919 4920 static int nl80211_register_mgmt(struct sk_buff *skb, struct genl_info *info) 4921 { 4922 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4923 struct net_device *dev = info->user_ptr[1]; 4924 u16 frame_type = IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_ACTION; 4925 4926 if (!info->attrs[NL80211_ATTR_FRAME_MATCH]) 4927 return -EINVAL; 4928 4929 if (info->attrs[NL80211_ATTR_FRAME_TYPE]) 4930 frame_type = nla_get_u16(info->attrs[NL80211_ATTR_FRAME_TYPE]); 4931 4932 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4933 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC && 4934 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT && 4935 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 4936 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 4937 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT && 4938 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 4939 return -EOPNOTSUPP; 4940 4941 /* not much point in registering if we can't reply */ 4942 if (!rdev->ops->mgmt_tx) 4943 return -EOPNOTSUPP; 4944 4945 return cfg80211_mlme_register_mgmt(dev->ieee80211_ptr, info->snd_pid, 4946 frame_type, 4947 nla_data(info->attrs[NL80211_ATTR_FRAME_MATCH]), 4948 nla_len(info->attrs[NL80211_ATTR_FRAME_MATCH])); 4949 } 4950 4951 static int nl80211_tx_mgmt(struct sk_buff *skb, struct genl_info *info) 4952 { 4953 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4954 struct net_device *dev = info->user_ptr[1]; 4955 struct ieee80211_channel *chan; 4956 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 4957 bool channel_type_valid = false; 4958 u32 freq; 4959 int err; 4960 void *hdr; 4961 u64 cookie; 4962 struct sk_buff *msg; 4963 unsigned int wait = 0; 4964 bool offchan; 4965 4966 if (!info->attrs[NL80211_ATTR_FRAME] || 4967 !info->attrs[NL80211_ATTR_WIPHY_FREQ]) 4968 return -EINVAL; 4969 4970 if (!rdev->ops->mgmt_tx) 4971 return -EOPNOTSUPP; 4972 4973 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4974 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC && 4975 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT && 4976 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 4977 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 4978 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT && 4979 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 4980 return -EOPNOTSUPP; 4981 4982 if (info->attrs[NL80211_ATTR_DURATION]) { 4983 if (!rdev->ops->mgmt_tx_cancel_wait) 4984 return -EINVAL; 4985 wait = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]); 4986 } 4987 4988 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 4989 channel_type = nla_get_u32( 4990 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 4991 if (channel_type != NL80211_CHAN_NO_HT && 4992 channel_type != NL80211_CHAN_HT20 && 4993 channel_type != NL80211_CHAN_HT40PLUS && 4994 channel_type != NL80211_CHAN_HT40MINUS) 4995 return -EINVAL; 4996 channel_type_valid = true; 4997 } 4998 4999 offchan = info->attrs[NL80211_ATTR_OFFCHANNEL_TX_OK]; 5000 5001 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); 5002 chan = rdev_freq_to_chan(rdev, freq, channel_type); 5003 if (chan == NULL) 5004 return -EINVAL; 5005 5006 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5007 if (!msg) 5008 return -ENOMEM; 5009 5010 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 5011 NL80211_CMD_FRAME); 5012 5013 if (IS_ERR(hdr)) { 5014 err = PTR_ERR(hdr); 5015 goto free_msg; 5016 } 5017 err = cfg80211_mlme_mgmt_tx(rdev, dev, chan, offchan, channel_type, 5018 channel_type_valid, wait, 5019 nla_data(info->attrs[NL80211_ATTR_FRAME]), 5020 nla_len(info->attrs[NL80211_ATTR_FRAME]), 5021 &cookie); 5022 if (err) 5023 goto free_msg; 5024 5025 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 5026 5027 genlmsg_end(msg, hdr); 5028 return genlmsg_reply(msg, info); 5029 5030 nla_put_failure: 5031 err = -ENOBUFS; 5032 free_msg: 5033 nlmsg_free(msg); 5034 return err; 5035 } 5036 5037 static int nl80211_tx_mgmt_cancel_wait(struct sk_buff *skb, struct genl_info *info) 5038 { 5039 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5040 struct net_device *dev = info->user_ptr[1]; 5041 u64 cookie; 5042 5043 if (!info->attrs[NL80211_ATTR_COOKIE]) 5044 return -EINVAL; 5045 5046 if (!rdev->ops->mgmt_tx_cancel_wait) 5047 return -EOPNOTSUPP; 5048 5049 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 5050 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC && 5051 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT && 5052 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 5053 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 5054 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 5055 return -EOPNOTSUPP; 5056 5057 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]); 5058 5059 return rdev->ops->mgmt_tx_cancel_wait(&rdev->wiphy, dev, cookie); 5060 } 5061 5062 static int nl80211_set_power_save(struct sk_buff *skb, struct genl_info *info) 5063 { 5064 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5065 struct wireless_dev *wdev; 5066 struct net_device *dev = info->user_ptr[1]; 5067 u8 ps_state; 5068 bool state; 5069 int err; 5070 5071 if (!info->attrs[NL80211_ATTR_PS_STATE]) 5072 return -EINVAL; 5073 5074 ps_state = nla_get_u32(info->attrs[NL80211_ATTR_PS_STATE]); 5075 5076 if (ps_state != NL80211_PS_DISABLED && ps_state != NL80211_PS_ENABLED) 5077 return -EINVAL; 5078 5079 wdev = dev->ieee80211_ptr; 5080 5081 if (!rdev->ops->set_power_mgmt) 5082 return -EOPNOTSUPP; 5083 5084 state = (ps_state == NL80211_PS_ENABLED) ? true : false; 5085 5086 if (state == wdev->ps) 5087 return 0; 5088 5089 err = rdev->ops->set_power_mgmt(wdev->wiphy, dev, state, 5090 wdev->ps_timeout); 5091 if (!err) 5092 wdev->ps = state; 5093 return err; 5094 } 5095 5096 static int nl80211_get_power_save(struct sk_buff *skb, struct genl_info *info) 5097 { 5098 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5099 enum nl80211_ps_state ps_state; 5100 struct wireless_dev *wdev; 5101 struct net_device *dev = info->user_ptr[1]; 5102 struct sk_buff *msg; 5103 void *hdr; 5104 int err; 5105 5106 wdev = dev->ieee80211_ptr; 5107 5108 if (!rdev->ops->set_power_mgmt) 5109 return -EOPNOTSUPP; 5110 5111 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5112 if (!msg) 5113 return -ENOMEM; 5114 5115 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 5116 NL80211_CMD_GET_POWER_SAVE); 5117 if (!hdr) { 5118 err = -ENOBUFS; 5119 goto free_msg; 5120 } 5121 5122 if (wdev->ps) 5123 ps_state = NL80211_PS_ENABLED; 5124 else 5125 ps_state = NL80211_PS_DISABLED; 5126 5127 NLA_PUT_U32(msg, NL80211_ATTR_PS_STATE, ps_state); 5128 5129 genlmsg_end(msg, hdr); 5130 return genlmsg_reply(msg, info); 5131 5132 nla_put_failure: 5133 err = -ENOBUFS; 5134 free_msg: 5135 nlmsg_free(msg); 5136 return err; 5137 } 5138 5139 static struct nla_policy 5140 nl80211_attr_cqm_policy[NL80211_ATTR_CQM_MAX + 1] __read_mostly = { 5141 [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_U32 }, 5142 [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U32 }, 5143 [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 }, 5144 }; 5145 5146 static int nl80211_set_cqm_rssi(struct genl_info *info, 5147 s32 threshold, u32 hysteresis) 5148 { 5149 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5150 struct wireless_dev *wdev; 5151 struct net_device *dev = info->user_ptr[1]; 5152 5153 if (threshold > 0) 5154 return -EINVAL; 5155 5156 wdev = dev->ieee80211_ptr; 5157 5158 if (!rdev->ops->set_cqm_rssi_config) 5159 return -EOPNOTSUPP; 5160 5161 if (wdev->iftype != NL80211_IFTYPE_STATION && 5162 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT) 5163 return -EOPNOTSUPP; 5164 5165 return rdev->ops->set_cqm_rssi_config(wdev->wiphy, dev, 5166 threshold, hysteresis); 5167 } 5168 5169 static int nl80211_set_cqm(struct sk_buff *skb, struct genl_info *info) 5170 { 5171 struct nlattr *attrs[NL80211_ATTR_CQM_MAX + 1]; 5172 struct nlattr *cqm; 5173 int err; 5174 5175 cqm = info->attrs[NL80211_ATTR_CQM]; 5176 if (!cqm) { 5177 err = -EINVAL; 5178 goto out; 5179 } 5180 5181 err = nla_parse_nested(attrs, NL80211_ATTR_CQM_MAX, cqm, 5182 nl80211_attr_cqm_policy); 5183 if (err) 5184 goto out; 5185 5186 if (attrs[NL80211_ATTR_CQM_RSSI_THOLD] && 5187 attrs[NL80211_ATTR_CQM_RSSI_HYST]) { 5188 s32 threshold; 5189 u32 hysteresis; 5190 threshold = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_THOLD]); 5191 hysteresis = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_HYST]); 5192 err = nl80211_set_cqm_rssi(info, threshold, hysteresis); 5193 } else 5194 err = -EINVAL; 5195 5196 out: 5197 return err; 5198 } 5199 5200 static int nl80211_join_mesh(struct sk_buff *skb, struct genl_info *info) 5201 { 5202 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5203 struct net_device *dev = info->user_ptr[1]; 5204 struct mesh_config cfg; 5205 struct mesh_setup setup; 5206 int err; 5207 5208 /* start with default */ 5209 memcpy(&cfg, &default_mesh_config, sizeof(cfg)); 5210 memcpy(&setup, &default_mesh_setup, sizeof(setup)); 5211 5212 if (info->attrs[NL80211_ATTR_MESH_CONFIG]) { 5213 /* and parse parameters if given */ 5214 err = nl80211_parse_mesh_config(info, &cfg, NULL); 5215 if (err) 5216 return err; 5217 } 5218 5219 if (!info->attrs[NL80211_ATTR_MESH_ID] || 5220 !nla_len(info->attrs[NL80211_ATTR_MESH_ID])) 5221 return -EINVAL; 5222 5223 setup.mesh_id = nla_data(info->attrs[NL80211_ATTR_MESH_ID]); 5224 setup.mesh_id_len = nla_len(info->attrs[NL80211_ATTR_MESH_ID]); 5225 5226 if (info->attrs[NL80211_ATTR_MESH_SETUP]) { 5227 /* parse additional setup parameters if given */ 5228 err = nl80211_parse_mesh_setup(info, &setup); 5229 if (err) 5230 return err; 5231 } 5232 5233 return cfg80211_join_mesh(rdev, dev, &setup, &cfg); 5234 } 5235 5236 static int nl80211_leave_mesh(struct sk_buff *skb, struct genl_info *info) 5237 { 5238 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5239 struct net_device *dev = info->user_ptr[1]; 5240 5241 return cfg80211_leave_mesh(rdev, dev); 5242 } 5243 5244 static int nl80211_get_wowlan(struct sk_buff *skb, struct genl_info *info) 5245 { 5246 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5247 struct sk_buff *msg; 5248 void *hdr; 5249 5250 if (!rdev->wiphy.wowlan.flags && !rdev->wiphy.wowlan.n_patterns) 5251 return -EOPNOTSUPP; 5252 5253 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5254 if (!msg) 5255 return -ENOMEM; 5256 5257 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 5258 NL80211_CMD_GET_WOWLAN); 5259 if (!hdr) 5260 goto nla_put_failure; 5261 5262 if (rdev->wowlan) { 5263 struct nlattr *nl_wowlan; 5264 5265 nl_wowlan = nla_nest_start(msg, NL80211_ATTR_WOWLAN_TRIGGERS); 5266 if (!nl_wowlan) 5267 goto nla_put_failure; 5268 5269 if (rdev->wowlan->any) 5270 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_ANY); 5271 if (rdev->wowlan->disconnect) 5272 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_DISCONNECT); 5273 if (rdev->wowlan->magic_pkt) 5274 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT); 5275 if (rdev->wowlan->n_patterns) { 5276 struct nlattr *nl_pats, *nl_pat; 5277 int i, pat_len; 5278 5279 nl_pats = nla_nest_start(msg, 5280 NL80211_WOWLAN_TRIG_PKT_PATTERN); 5281 if (!nl_pats) 5282 goto nla_put_failure; 5283 5284 for (i = 0; i < rdev->wowlan->n_patterns; i++) { 5285 nl_pat = nla_nest_start(msg, i + 1); 5286 if (!nl_pat) 5287 goto nla_put_failure; 5288 pat_len = rdev->wowlan->patterns[i].pattern_len; 5289 NLA_PUT(msg, NL80211_WOWLAN_PKTPAT_MASK, 5290 DIV_ROUND_UP(pat_len, 8), 5291 rdev->wowlan->patterns[i].mask); 5292 NLA_PUT(msg, NL80211_WOWLAN_PKTPAT_PATTERN, 5293 pat_len, 5294 rdev->wowlan->patterns[i].pattern); 5295 nla_nest_end(msg, nl_pat); 5296 } 5297 nla_nest_end(msg, nl_pats); 5298 } 5299 5300 nla_nest_end(msg, nl_wowlan); 5301 } 5302 5303 genlmsg_end(msg, hdr); 5304 return genlmsg_reply(msg, info); 5305 5306 nla_put_failure: 5307 nlmsg_free(msg); 5308 return -ENOBUFS; 5309 } 5310 5311 static int nl80211_set_wowlan(struct sk_buff *skb, struct genl_info *info) 5312 { 5313 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5314 struct nlattr *tb[NUM_NL80211_WOWLAN_TRIG]; 5315 struct cfg80211_wowlan no_triggers = {}; 5316 struct cfg80211_wowlan new_triggers = {}; 5317 struct wiphy_wowlan_support *wowlan = &rdev->wiphy.wowlan; 5318 int err, i; 5319 5320 if (!rdev->wiphy.wowlan.flags && !rdev->wiphy.wowlan.n_patterns) 5321 return -EOPNOTSUPP; 5322 5323 if (!info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]) 5324 goto no_triggers; 5325 5326 err = nla_parse(tb, MAX_NL80211_WOWLAN_TRIG, 5327 nla_data(info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]), 5328 nla_len(info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]), 5329 nl80211_wowlan_policy); 5330 if (err) 5331 return err; 5332 5333 if (tb[NL80211_WOWLAN_TRIG_ANY]) { 5334 if (!(wowlan->flags & WIPHY_WOWLAN_ANY)) 5335 return -EINVAL; 5336 new_triggers.any = true; 5337 } 5338 5339 if (tb[NL80211_WOWLAN_TRIG_DISCONNECT]) { 5340 if (!(wowlan->flags & WIPHY_WOWLAN_DISCONNECT)) 5341 return -EINVAL; 5342 new_triggers.disconnect = true; 5343 } 5344 5345 if (tb[NL80211_WOWLAN_TRIG_MAGIC_PKT]) { 5346 if (!(wowlan->flags & WIPHY_WOWLAN_MAGIC_PKT)) 5347 return -EINVAL; 5348 new_triggers.magic_pkt = true; 5349 } 5350 5351 if (tb[NL80211_WOWLAN_TRIG_PKT_PATTERN]) { 5352 struct nlattr *pat; 5353 int n_patterns = 0; 5354 int rem, pat_len, mask_len; 5355 struct nlattr *pat_tb[NUM_NL80211_WOWLAN_PKTPAT]; 5356 5357 nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN], 5358 rem) 5359 n_patterns++; 5360 if (n_patterns > wowlan->n_patterns) 5361 return -EINVAL; 5362 5363 new_triggers.patterns = kcalloc(n_patterns, 5364 sizeof(new_triggers.patterns[0]), 5365 GFP_KERNEL); 5366 if (!new_triggers.patterns) 5367 return -ENOMEM; 5368 5369 new_triggers.n_patterns = n_patterns; 5370 i = 0; 5371 5372 nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN], 5373 rem) { 5374 nla_parse(pat_tb, MAX_NL80211_WOWLAN_PKTPAT, 5375 nla_data(pat), nla_len(pat), NULL); 5376 err = -EINVAL; 5377 if (!pat_tb[NL80211_WOWLAN_PKTPAT_MASK] || 5378 !pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN]) 5379 goto error; 5380 pat_len = nla_len(pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN]); 5381 mask_len = DIV_ROUND_UP(pat_len, 8); 5382 if (nla_len(pat_tb[NL80211_WOWLAN_PKTPAT_MASK]) != 5383 mask_len) 5384 goto error; 5385 if (pat_len > wowlan->pattern_max_len || 5386 pat_len < wowlan->pattern_min_len) 5387 goto error; 5388 5389 new_triggers.patterns[i].mask = 5390 kmalloc(mask_len + pat_len, GFP_KERNEL); 5391 if (!new_triggers.patterns[i].mask) { 5392 err = -ENOMEM; 5393 goto error; 5394 } 5395 new_triggers.patterns[i].pattern = 5396 new_triggers.patterns[i].mask + mask_len; 5397 memcpy(new_triggers.patterns[i].mask, 5398 nla_data(pat_tb[NL80211_WOWLAN_PKTPAT_MASK]), 5399 mask_len); 5400 new_triggers.patterns[i].pattern_len = pat_len; 5401 memcpy(new_triggers.patterns[i].pattern, 5402 nla_data(pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN]), 5403 pat_len); 5404 i++; 5405 } 5406 } 5407 5408 if (memcmp(&new_triggers, &no_triggers, sizeof(new_triggers))) { 5409 struct cfg80211_wowlan *ntrig; 5410 ntrig = kmemdup(&new_triggers, sizeof(new_triggers), 5411 GFP_KERNEL); 5412 if (!ntrig) { 5413 err = -ENOMEM; 5414 goto error; 5415 } 5416 cfg80211_rdev_free_wowlan(rdev); 5417 rdev->wowlan = ntrig; 5418 } else { 5419 no_triggers: 5420 cfg80211_rdev_free_wowlan(rdev); 5421 rdev->wowlan = NULL; 5422 } 5423 5424 return 0; 5425 error: 5426 for (i = 0; i < new_triggers.n_patterns; i++) 5427 kfree(new_triggers.patterns[i].mask); 5428 kfree(new_triggers.patterns); 5429 return err; 5430 } 5431 5432 static int nl80211_set_rekey_data(struct sk_buff *skb, struct genl_info *info) 5433 { 5434 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5435 struct net_device *dev = info->user_ptr[1]; 5436 struct wireless_dev *wdev = dev->ieee80211_ptr; 5437 struct nlattr *tb[NUM_NL80211_REKEY_DATA]; 5438 struct cfg80211_gtk_rekey_data rekey_data; 5439 int err; 5440 5441 if (!info->attrs[NL80211_ATTR_REKEY_DATA]) 5442 return -EINVAL; 5443 5444 err = nla_parse(tb, MAX_NL80211_REKEY_DATA, 5445 nla_data(info->attrs[NL80211_ATTR_REKEY_DATA]), 5446 nla_len(info->attrs[NL80211_ATTR_REKEY_DATA]), 5447 nl80211_rekey_policy); 5448 if (err) 5449 return err; 5450 5451 if (nla_len(tb[NL80211_REKEY_DATA_REPLAY_CTR]) != NL80211_REPLAY_CTR_LEN) 5452 return -ERANGE; 5453 if (nla_len(tb[NL80211_REKEY_DATA_KEK]) != NL80211_KEK_LEN) 5454 return -ERANGE; 5455 if (nla_len(tb[NL80211_REKEY_DATA_KCK]) != NL80211_KCK_LEN) 5456 return -ERANGE; 5457 5458 memcpy(rekey_data.kek, nla_data(tb[NL80211_REKEY_DATA_KEK]), 5459 NL80211_KEK_LEN); 5460 memcpy(rekey_data.kck, nla_data(tb[NL80211_REKEY_DATA_KCK]), 5461 NL80211_KCK_LEN); 5462 memcpy(rekey_data.replay_ctr, 5463 nla_data(tb[NL80211_REKEY_DATA_REPLAY_CTR]), 5464 NL80211_REPLAY_CTR_LEN); 5465 5466 wdev_lock(wdev); 5467 if (!wdev->current_bss) { 5468 err = -ENOTCONN; 5469 goto out; 5470 } 5471 5472 if (!rdev->ops->set_rekey_data) { 5473 err = -EOPNOTSUPP; 5474 goto out; 5475 } 5476 5477 err = rdev->ops->set_rekey_data(&rdev->wiphy, dev, &rekey_data); 5478 out: 5479 wdev_unlock(wdev); 5480 return err; 5481 } 5482 5483 #define NL80211_FLAG_NEED_WIPHY 0x01 5484 #define NL80211_FLAG_NEED_NETDEV 0x02 5485 #define NL80211_FLAG_NEED_RTNL 0x04 5486 #define NL80211_FLAG_CHECK_NETDEV_UP 0x08 5487 #define NL80211_FLAG_NEED_NETDEV_UP (NL80211_FLAG_NEED_NETDEV |\ 5488 NL80211_FLAG_CHECK_NETDEV_UP) 5489 5490 static int nl80211_pre_doit(struct genl_ops *ops, struct sk_buff *skb, 5491 struct genl_info *info) 5492 { 5493 struct cfg80211_registered_device *rdev; 5494 struct net_device *dev; 5495 int err; 5496 bool rtnl = ops->internal_flags & NL80211_FLAG_NEED_RTNL; 5497 5498 if (rtnl) 5499 rtnl_lock(); 5500 5501 if (ops->internal_flags & NL80211_FLAG_NEED_WIPHY) { 5502 rdev = cfg80211_get_dev_from_info(info); 5503 if (IS_ERR(rdev)) { 5504 if (rtnl) 5505 rtnl_unlock(); 5506 return PTR_ERR(rdev); 5507 } 5508 info->user_ptr[0] = rdev; 5509 } else if (ops->internal_flags & NL80211_FLAG_NEED_NETDEV) { 5510 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 5511 if (err) { 5512 if (rtnl) 5513 rtnl_unlock(); 5514 return err; 5515 } 5516 if (ops->internal_flags & NL80211_FLAG_CHECK_NETDEV_UP && 5517 !netif_running(dev)) { 5518 cfg80211_unlock_rdev(rdev); 5519 dev_put(dev); 5520 if (rtnl) 5521 rtnl_unlock(); 5522 return -ENETDOWN; 5523 } 5524 info->user_ptr[0] = rdev; 5525 info->user_ptr[1] = dev; 5526 } 5527 5528 return 0; 5529 } 5530 5531 static void nl80211_post_doit(struct genl_ops *ops, struct sk_buff *skb, 5532 struct genl_info *info) 5533 { 5534 if (info->user_ptr[0]) 5535 cfg80211_unlock_rdev(info->user_ptr[0]); 5536 if (info->user_ptr[1]) 5537 dev_put(info->user_ptr[1]); 5538 if (ops->internal_flags & NL80211_FLAG_NEED_RTNL) 5539 rtnl_unlock(); 5540 } 5541 5542 static struct genl_ops nl80211_ops[] = { 5543 { 5544 .cmd = NL80211_CMD_GET_WIPHY, 5545 .doit = nl80211_get_wiphy, 5546 .dumpit = nl80211_dump_wiphy, 5547 .policy = nl80211_policy, 5548 /* can be retrieved by unprivileged users */ 5549 .internal_flags = NL80211_FLAG_NEED_WIPHY, 5550 }, 5551 { 5552 .cmd = NL80211_CMD_SET_WIPHY, 5553 .doit = nl80211_set_wiphy, 5554 .policy = nl80211_policy, 5555 .flags = GENL_ADMIN_PERM, 5556 .internal_flags = NL80211_FLAG_NEED_RTNL, 5557 }, 5558 { 5559 .cmd = NL80211_CMD_GET_INTERFACE, 5560 .doit = nl80211_get_interface, 5561 .dumpit = nl80211_dump_interface, 5562 .policy = nl80211_policy, 5563 /* can be retrieved by unprivileged users */ 5564 .internal_flags = NL80211_FLAG_NEED_NETDEV, 5565 }, 5566 { 5567 .cmd = NL80211_CMD_SET_INTERFACE, 5568 .doit = nl80211_set_interface, 5569 .policy = nl80211_policy, 5570 .flags = GENL_ADMIN_PERM, 5571 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5572 NL80211_FLAG_NEED_RTNL, 5573 }, 5574 { 5575 .cmd = NL80211_CMD_NEW_INTERFACE, 5576 .doit = nl80211_new_interface, 5577 .policy = nl80211_policy, 5578 .flags = GENL_ADMIN_PERM, 5579 .internal_flags = NL80211_FLAG_NEED_WIPHY | 5580 NL80211_FLAG_NEED_RTNL, 5581 }, 5582 { 5583 .cmd = NL80211_CMD_DEL_INTERFACE, 5584 .doit = nl80211_del_interface, 5585 .policy = nl80211_policy, 5586 .flags = GENL_ADMIN_PERM, 5587 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5588 NL80211_FLAG_NEED_RTNL, 5589 }, 5590 { 5591 .cmd = NL80211_CMD_GET_KEY, 5592 .doit = nl80211_get_key, 5593 .policy = nl80211_policy, 5594 .flags = GENL_ADMIN_PERM, 5595 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5596 NL80211_FLAG_NEED_RTNL, 5597 }, 5598 { 5599 .cmd = NL80211_CMD_SET_KEY, 5600 .doit = nl80211_set_key, 5601 .policy = nl80211_policy, 5602 .flags = GENL_ADMIN_PERM, 5603 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5604 NL80211_FLAG_NEED_RTNL, 5605 }, 5606 { 5607 .cmd = NL80211_CMD_NEW_KEY, 5608 .doit = nl80211_new_key, 5609 .policy = nl80211_policy, 5610 .flags = GENL_ADMIN_PERM, 5611 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5612 NL80211_FLAG_NEED_RTNL, 5613 }, 5614 { 5615 .cmd = NL80211_CMD_DEL_KEY, 5616 .doit = nl80211_del_key, 5617 .policy = nl80211_policy, 5618 .flags = GENL_ADMIN_PERM, 5619 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5620 NL80211_FLAG_NEED_RTNL, 5621 }, 5622 { 5623 .cmd = NL80211_CMD_SET_BEACON, 5624 .policy = nl80211_policy, 5625 .flags = GENL_ADMIN_PERM, 5626 .doit = nl80211_addset_beacon, 5627 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5628 NL80211_FLAG_NEED_RTNL, 5629 }, 5630 { 5631 .cmd = NL80211_CMD_NEW_BEACON, 5632 .policy = nl80211_policy, 5633 .flags = GENL_ADMIN_PERM, 5634 .doit = nl80211_addset_beacon, 5635 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5636 NL80211_FLAG_NEED_RTNL, 5637 }, 5638 { 5639 .cmd = NL80211_CMD_DEL_BEACON, 5640 .policy = nl80211_policy, 5641 .flags = GENL_ADMIN_PERM, 5642 .doit = nl80211_del_beacon, 5643 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5644 NL80211_FLAG_NEED_RTNL, 5645 }, 5646 { 5647 .cmd = NL80211_CMD_GET_STATION, 5648 .doit = nl80211_get_station, 5649 .dumpit = nl80211_dump_station, 5650 .policy = nl80211_policy, 5651 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5652 NL80211_FLAG_NEED_RTNL, 5653 }, 5654 { 5655 .cmd = NL80211_CMD_SET_STATION, 5656 .doit = nl80211_set_station, 5657 .policy = nl80211_policy, 5658 .flags = GENL_ADMIN_PERM, 5659 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5660 NL80211_FLAG_NEED_RTNL, 5661 }, 5662 { 5663 .cmd = NL80211_CMD_NEW_STATION, 5664 .doit = nl80211_new_station, 5665 .policy = nl80211_policy, 5666 .flags = GENL_ADMIN_PERM, 5667 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5668 NL80211_FLAG_NEED_RTNL, 5669 }, 5670 { 5671 .cmd = NL80211_CMD_DEL_STATION, 5672 .doit = nl80211_del_station, 5673 .policy = nl80211_policy, 5674 .flags = GENL_ADMIN_PERM, 5675 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5676 NL80211_FLAG_NEED_RTNL, 5677 }, 5678 { 5679 .cmd = NL80211_CMD_GET_MPATH, 5680 .doit = nl80211_get_mpath, 5681 .dumpit = nl80211_dump_mpath, 5682 .policy = nl80211_policy, 5683 .flags = GENL_ADMIN_PERM, 5684 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5685 NL80211_FLAG_NEED_RTNL, 5686 }, 5687 { 5688 .cmd = NL80211_CMD_SET_MPATH, 5689 .doit = nl80211_set_mpath, 5690 .policy = nl80211_policy, 5691 .flags = GENL_ADMIN_PERM, 5692 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5693 NL80211_FLAG_NEED_RTNL, 5694 }, 5695 { 5696 .cmd = NL80211_CMD_NEW_MPATH, 5697 .doit = nl80211_new_mpath, 5698 .policy = nl80211_policy, 5699 .flags = GENL_ADMIN_PERM, 5700 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5701 NL80211_FLAG_NEED_RTNL, 5702 }, 5703 { 5704 .cmd = NL80211_CMD_DEL_MPATH, 5705 .doit = nl80211_del_mpath, 5706 .policy = nl80211_policy, 5707 .flags = GENL_ADMIN_PERM, 5708 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5709 NL80211_FLAG_NEED_RTNL, 5710 }, 5711 { 5712 .cmd = NL80211_CMD_SET_BSS, 5713 .doit = nl80211_set_bss, 5714 .policy = nl80211_policy, 5715 .flags = GENL_ADMIN_PERM, 5716 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5717 NL80211_FLAG_NEED_RTNL, 5718 }, 5719 { 5720 .cmd = NL80211_CMD_GET_REG, 5721 .doit = nl80211_get_reg, 5722 .policy = nl80211_policy, 5723 /* can be retrieved by unprivileged users */ 5724 }, 5725 { 5726 .cmd = NL80211_CMD_SET_REG, 5727 .doit = nl80211_set_reg, 5728 .policy = nl80211_policy, 5729 .flags = GENL_ADMIN_PERM, 5730 }, 5731 { 5732 .cmd = NL80211_CMD_REQ_SET_REG, 5733 .doit = nl80211_req_set_reg, 5734 .policy = nl80211_policy, 5735 .flags = GENL_ADMIN_PERM, 5736 }, 5737 { 5738 .cmd = NL80211_CMD_GET_MESH_CONFIG, 5739 .doit = nl80211_get_mesh_config, 5740 .policy = nl80211_policy, 5741 /* can be retrieved by unprivileged users */ 5742 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5743 NL80211_FLAG_NEED_RTNL, 5744 }, 5745 { 5746 .cmd = NL80211_CMD_SET_MESH_CONFIG, 5747 .doit = nl80211_update_mesh_config, 5748 .policy = nl80211_policy, 5749 .flags = GENL_ADMIN_PERM, 5750 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5751 NL80211_FLAG_NEED_RTNL, 5752 }, 5753 { 5754 .cmd = NL80211_CMD_TRIGGER_SCAN, 5755 .doit = nl80211_trigger_scan, 5756 .policy = nl80211_policy, 5757 .flags = GENL_ADMIN_PERM, 5758 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5759 NL80211_FLAG_NEED_RTNL, 5760 }, 5761 { 5762 .cmd = NL80211_CMD_GET_SCAN, 5763 .policy = nl80211_policy, 5764 .dumpit = nl80211_dump_scan, 5765 }, 5766 { 5767 .cmd = NL80211_CMD_START_SCHED_SCAN, 5768 .doit = nl80211_start_sched_scan, 5769 .policy = nl80211_policy, 5770 .flags = GENL_ADMIN_PERM, 5771 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5772 NL80211_FLAG_NEED_RTNL, 5773 }, 5774 { 5775 .cmd = NL80211_CMD_STOP_SCHED_SCAN, 5776 .doit = nl80211_stop_sched_scan, 5777 .policy = nl80211_policy, 5778 .flags = GENL_ADMIN_PERM, 5779 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5780 NL80211_FLAG_NEED_RTNL, 5781 }, 5782 { 5783 .cmd = NL80211_CMD_AUTHENTICATE, 5784 .doit = nl80211_authenticate, 5785 .policy = nl80211_policy, 5786 .flags = GENL_ADMIN_PERM, 5787 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5788 NL80211_FLAG_NEED_RTNL, 5789 }, 5790 { 5791 .cmd = NL80211_CMD_ASSOCIATE, 5792 .doit = nl80211_associate, 5793 .policy = nl80211_policy, 5794 .flags = GENL_ADMIN_PERM, 5795 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5796 NL80211_FLAG_NEED_RTNL, 5797 }, 5798 { 5799 .cmd = NL80211_CMD_DEAUTHENTICATE, 5800 .doit = nl80211_deauthenticate, 5801 .policy = nl80211_policy, 5802 .flags = GENL_ADMIN_PERM, 5803 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5804 NL80211_FLAG_NEED_RTNL, 5805 }, 5806 { 5807 .cmd = NL80211_CMD_DISASSOCIATE, 5808 .doit = nl80211_disassociate, 5809 .policy = nl80211_policy, 5810 .flags = GENL_ADMIN_PERM, 5811 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5812 NL80211_FLAG_NEED_RTNL, 5813 }, 5814 { 5815 .cmd = NL80211_CMD_JOIN_IBSS, 5816 .doit = nl80211_join_ibss, 5817 .policy = nl80211_policy, 5818 .flags = GENL_ADMIN_PERM, 5819 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5820 NL80211_FLAG_NEED_RTNL, 5821 }, 5822 { 5823 .cmd = NL80211_CMD_LEAVE_IBSS, 5824 .doit = nl80211_leave_ibss, 5825 .policy = nl80211_policy, 5826 .flags = GENL_ADMIN_PERM, 5827 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5828 NL80211_FLAG_NEED_RTNL, 5829 }, 5830 #ifdef CONFIG_NL80211_TESTMODE 5831 { 5832 .cmd = NL80211_CMD_TESTMODE, 5833 .doit = nl80211_testmode_do, 5834 .dumpit = nl80211_testmode_dump, 5835 .policy = nl80211_policy, 5836 .flags = GENL_ADMIN_PERM, 5837 .internal_flags = NL80211_FLAG_NEED_WIPHY | 5838 NL80211_FLAG_NEED_RTNL, 5839 }, 5840 #endif 5841 { 5842 .cmd = NL80211_CMD_CONNECT, 5843 .doit = nl80211_connect, 5844 .policy = nl80211_policy, 5845 .flags = GENL_ADMIN_PERM, 5846 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5847 NL80211_FLAG_NEED_RTNL, 5848 }, 5849 { 5850 .cmd = NL80211_CMD_DISCONNECT, 5851 .doit = nl80211_disconnect, 5852 .policy = nl80211_policy, 5853 .flags = GENL_ADMIN_PERM, 5854 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5855 NL80211_FLAG_NEED_RTNL, 5856 }, 5857 { 5858 .cmd = NL80211_CMD_SET_WIPHY_NETNS, 5859 .doit = nl80211_wiphy_netns, 5860 .policy = nl80211_policy, 5861 .flags = GENL_ADMIN_PERM, 5862 .internal_flags = NL80211_FLAG_NEED_WIPHY | 5863 NL80211_FLAG_NEED_RTNL, 5864 }, 5865 { 5866 .cmd = NL80211_CMD_GET_SURVEY, 5867 .policy = nl80211_policy, 5868 .dumpit = nl80211_dump_survey, 5869 }, 5870 { 5871 .cmd = NL80211_CMD_SET_PMKSA, 5872 .doit = nl80211_setdel_pmksa, 5873 .policy = nl80211_policy, 5874 .flags = GENL_ADMIN_PERM, 5875 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5876 NL80211_FLAG_NEED_RTNL, 5877 }, 5878 { 5879 .cmd = NL80211_CMD_DEL_PMKSA, 5880 .doit = nl80211_setdel_pmksa, 5881 .policy = nl80211_policy, 5882 .flags = GENL_ADMIN_PERM, 5883 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5884 NL80211_FLAG_NEED_RTNL, 5885 }, 5886 { 5887 .cmd = NL80211_CMD_FLUSH_PMKSA, 5888 .doit = nl80211_flush_pmksa, 5889 .policy = nl80211_policy, 5890 .flags = GENL_ADMIN_PERM, 5891 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5892 NL80211_FLAG_NEED_RTNL, 5893 }, 5894 { 5895 .cmd = NL80211_CMD_REMAIN_ON_CHANNEL, 5896 .doit = nl80211_remain_on_channel, 5897 .policy = nl80211_policy, 5898 .flags = GENL_ADMIN_PERM, 5899 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5900 NL80211_FLAG_NEED_RTNL, 5901 }, 5902 { 5903 .cmd = NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL, 5904 .doit = nl80211_cancel_remain_on_channel, 5905 .policy = nl80211_policy, 5906 .flags = GENL_ADMIN_PERM, 5907 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5908 NL80211_FLAG_NEED_RTNL, 5909 }, 5910 { 5911 .cmd = NL80211_CMD_SET_TX_BITRATE_MASK, 5912 .doit = nl80211_set_tx_bitrate_mask, 5913 .policy = nl80211_policy, 5914 .flags = GENL_ADMIN_PERM, 5915 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5916 NL80211_FLAG_NEED_RTNL, 5917 }, 5918 { 5919 .cmd = NL80211_CMD_REGISTER_FRAME, 5920 .doit = nl80211_register_mgmt, 5921 .policy = nl80211_policy, 5922 .flags = GENL_ADMIN_PERM, 5923 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5924 NL80211_FLAG_NEED_RTNL, 5925 }, 5926 { 5927 .cmd = NL80211_CMD_FRAME, 5928 .doit = nl80211_tx_mgmt, 5929 .policy = nl80211_policy, 5930 .flags = GENL_ADMIN_PERM, 5931 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5932 NL80211_FLAG_NEED_RTNL, 5933 }, 5934 { 5935 .cmd = NL80211_CMD_FRAME_WAIT_CANCEL, 5936 .doit = nl80211_tx_mgmt_cancel_wait, 5937 .policy = nl80211_policy, 5938 .flags = GENL_ADMIN_PERM, 5939 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5940 NL80211_FLAG_NEED_RTNL, 5941 }, 5942 { 5943 .cmd = NL80211_CMD_SET_POWER_SAVE, 5944 .doit = nl80211_set_power_save, 5945 .policy = nl80211_policy, 5946 .flags = GENL_ADMIN_PERM, 5947 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5948 NL80211_FLAG_NEED_RTNL, 5949 }, 5950 { 5951 .cmd = NL80211_CMD_GET_POWER_SAVE, 5952 .doit = nl80211_get_power_save, 5953 .policy = nl80211_policy, 5954 /* can be retrieved by unprivileged users */ 5955 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5956 NL80211_FLAG_NEED_RTNL, 5957 }, 5958 { 5959 .cmd = NL80211_CMD_SET_CQM, 5960 .doit = nl80211_set_cqm, 5961 .policy = nl80211_policy, 5962 .flags = GENL_ADMIN_PERM, 5963 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5964 NL80211_FLAG_NEED_RTNL, 5965 }, 5966 { 5967 .cmd = NL80211_CMD_SET_CHANNEL, 5968 .doit = nl80211_set_channel, 5969 .policy = nl80211_policy, 5970 .flags = GENL_ADMIN_PERM, 5971 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5972 NL80211_FLAG_NEED_RTNL, 5973 }, 5974 { 5975 .cmd = NL80211_CMD_SET_WDS_PEER, 5976 .doit = nl80211_set_wds_peer, 5977 .policy = nl80211_policy, 5978 .flags = GENL_ADMIN_PERM, 5979 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5980 NL80211_FLAG_NEED_RTNL, 5981 }, 5982 { 5983 .cmd = NL80211_CMD_JOIN_MESH, 5984 .doit = nl80211_join_mesh, 5985 .policy = nl80211_policy, 5986 .flags = GENL_ADMIN_PERM, 5987 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5988 NL80211_FLAG_NEED_RTNL, 5989 }, 5990 { 5991 .cmd = NL80211_CMD_LEAVE_MESH, 5992 .doit = nl80211_leave_mesh, 5993 .policy = nl80211_policy, 5994 .flags = GENL_ADMIN_PERM, 5995 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5996 NL80211_FLAG_NEED_RTNL, 5997 }, 5998 { 5999 .cmd = NL80211_CMD_GET_WOWLAN, 6000 .doit = nl80211_get_wowlan, 6001 .policy = nl80211_policy, 6002 /* can be retrieved by unprivileged users */ 6003 .internal_flags = NL80211_FLAG_NEED_WIPHY | 6004 NL80211_FLAG_NEED_RTNL, 6005 }, 6006 { 6007 .cmd = NL80211_CMD_SET_WOWLAN, 6008 .doit = nl80211_set_wowlan, 6009 .policy = nl80211_policy, 6010 .flags = GENL_ADMIN_PERM, 6011 .internal_flags = NL80211_FLAG_NEED_WIPHY | 6012 NL80211_FLAG_NEED_RTNL, 6013 }, 6014 { 6015 .cmd = NL80211_CMD_SET_REKEY_OFFLOAD, 6016 .doit = nl80211_set_rekey_data, 6017 .policy = nl80211_policy, 6018 .flags = GENL_ADMIN_PERM, 6019 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6020 NL80211_FLAG_NEED_RTNL, 6021 }, 6022 }; 6023 6024 static struct genl_multicast_group nl80211_mlme_mcgrp = { 6025 .name = "mlme", 6026 }; 6027 6028 /* multicast groups */ 6029 static struct genl_multicast_group nl80211_config_mcgrp = { 6030 .name = "config", 6031 }; 6032 static struct genl_multicast_group nl80211_scan_mcgrp = { 6033 .name = "scan", 6034 }; 6035 static struct genl_multicast_group nl80211_regulatory_mcgrp = { 6036 .name = "regulatory", 6037 }; 6038 6039 /* notification functions */ 6040 6041 void nl80211_notify_dev_rename(struct cfg80211_registered_device *rdev) 6042 { 6043 struct sk_buff *msg; 6044 6045 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 6046 if (!msg) 6047 return; 6048 6049 if (nl80211_send_wiphy(msg, 0, 0, 0, rdev) < 0) { 6050 nlmsg_free(msg); 6051 return; 6052 } 6053 6054 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6055 nl80211_config_mcgrp.id, GFP_KERNEL); 6056 } 6057 6058 static int nl80211_add_scan_req(struct sk_buff *msg, 6059 struct cfg80211_registered_device *rdev) 6060 { 6061 struct cfg80211_scan_request *req = rdev->scan_req; 6062 struct nlattr *nest; 6063 int i; 6064 6065 ASSERT_RDEV_LOCK(rdev); 6066 6067 if (WARN_ON(!req)) 6068 return 0; 6069 6070 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_SSIDS); 6071 if (!nest) 6072 goto nla_put_failure; 6073 for (i = 0; i < req->n_ssids; i++) 6074 NLA_PUT(msg, i, req->ssids[i].ssid_len, req->ssids[i].ssid); 6075 nla_nest_end(msg, nest); 6076 6077 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_FREQUENCIES); 6078 if (!nest) 6079 goto nla_put_failure; 6080 for (i = 0; i < req->n_channels; i++) 6081 NLA_PUT_U32(msg, i, req->channels[i]->center_freq); 6082 nla_nest_end(msg, nest); 6083 6084 if (req->ie) 6085 NLA_PUT(msg, NL80211_ATTR_IE, req->ie_len, req->ie); 6086 6087 return 0; 6088 nla_put_failure: 6089 return -ENOBUFS; 6090 } 6091 6092 static int nl80211_send_scan_msg(struct sk_buff *msg, 6093 struct cfg80211_registered_device *rdev, 6094 struct net_device *netdev, 6095 u32 pid, u32 seq, int flags, 6096 u32 cmd) 6097 { 6098 void *hdr; 6099 6100 hdr = nl80211hdr_put(msg, pid, seq, flags, cmd); 6101 if (!hdr) 6102 return -1; 6103 6104 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6105 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6106 6107 /* ignore errors and send incomplete event anyway */ 6108 nl80211_add_scan_req(msg, rdev); 6109 6110 return genlmsg_end(msg, hdr); 6111 6112 nla_put_failure: 6113 genlmsg_cancel(msg, hdr); 6114 return -EMSGSIZE; 6115 } 6116 6117 static int 6118 nl80211_send_sched_scan_msg(struct sk_buff *msg, 6119 struct cfg80211_registered_device *rdev, 6120 struct net_device *netdev, 6121 u32 pid, u32 seq, int flags, u32 cmd) 6122 { 6123 void *hdr; 6124 6125 hdr = nl80211hdr_put(msg, pid, seq, flags, cmd); 6126 if (!hdr) 6127 return -1; 6128 6129 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6130 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6131 6132 return genlmsg_end(msg, hdr); 6133 6134 nla_put_failure: 6135 genlmsg_cancel(msg, hdr); 6136 return -EMSGSIZE; 6137 } 6138 6139 void nl80211_send_scan_start(struct cfg80211_registered_device *rdev, 6140 struct net_device *netdev) 6141 { 6142 struct sk_buff *msg; 6143 6144 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL); 6145 if (!msg) 6146 return; 6147 6148 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0, 6149 NL80211_CMD_TRIGGER_SCAN) < 0) { 6150 nlmsg_free(msg); 6151 return; 6152 } 6153 6154 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6155 nl80211_scan_mcgrp.id, GFP_KERNEL); 6156 } 6157 6158 void nl80211_send_scan_done(struct cfg80211_registered_device *rdev, 6159 struct net_device *netdev) 6160 { 6161 struct sk_buff *msg; 6162 6163 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 6164 if (!msg) 6165 return; 6166 6167 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0, 6168 NL80211_CMD_NEW_SCAN_RESULTS) < 0) { 6169 nlmsg_free(msg); 6170 return; 6171 } 6172 6173 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6174 nl80211_scan_mcgrp.id, GFP_KERNEL); 6175 } 6176 6177 void nl80211_send_scan_aborted(struct cfg80211_registered_device *rdev, 6178 struct net_device *netdev) 6179 { 6180 struct sk_buff *msg; 6181 6182 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 6183 if (!msg) 6184 return; 6185 6186 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0, 6187 NL80211_CMD_SCAN_ABORTED) < 0) { 6188 nlmsg_free(msg); 6189 return; 6190 } 6191 6192 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6193 nl80211_scan_mcgrp.id, GFP_KERNEL); 6194 } 6195 6196 void nl80211_send_sched_scan_results(struct cfg80211_registered_device *rdev, 6197 struct net_device *netdev) 6198 { 6199 struct sk_buff *msg; 6200 6201 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 6202 if (!msg) 6203 return; 6204 6205 if (nl80211_send_sched_scan_msg(msg, rdev, netdev, 0, 0, 0, 6206 NL80211_CMD_SCHED_SCAN_RESULTS) < 0) { 6207 nlmsg_free(msg); 6208 return; 6209 } 6210 6211 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6212 nl80211_scan_mcgrp.id, GFP_KERNEL); 6213 } 6214 6215 void nl80211_send_sched_scan(struct cfg80211_registered_device *rdev, 6216 struct net_device *netdev, u32 cmd) 6217 { 6218 struct sk_buff *msg; 6219 6220 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL); 6221 if (!msg) 6222 return; 6223 6224 if (nl80211_send_sched_scan_msg(msg, rdev, netdev, 0, 0, 0, cmd) < 0) { 6225 nlmsg_free(msg); 6226 return; 6227 } 6228 6229 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6230 nl80211_scan_mcgrp.id, GFP_KERNEL); 6231 } 6232 6233 /* 6234 * This can happen on global regulatory changes or device specific settings 6235 * based on custom world regulatory domains. 6236 */ 6237 void nl80211_send_reg_change_event(struct regulatory_request *request) 6238 { 6239 struct sk_buff *msg; 6240 void *hdr; 6241 6242 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 6243 if (!msg) 6244 return; 6245 6246 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_CHANGE); 6247 if (!hdr) { 6248 nlmsg_free(msg); 6249 return; 6250 } 6251 6252 /* Userspace can always count this one always being set */ 6253 NLA_PUT_U8(msg, NL80211_ATTR_REG_INITIATOR, request->initiator); 6254 6255 if (request->alpha2[0] == '0' && request->alpha2[1] == '0') 6256 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 6257 NL80211_REGDOM_TYPE_WORLD); 6258 else if (request->alpha2[0] == '9' && request->alpha2[1] == '9') 6259 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 6260 NL80211_REGDOM_TYPE_CUSTOM_WORLD); 6261 else if ((request->alpha2[0] == '9' && request->alpha2[1] == '8') || 6262 request->intersect) 6263 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 6264 NL80211_REGDOM_TYPE_INTERSECTION); 6265 else { 6266 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 6267 NL80211_REGDOM_TYPE_COUNTRY); 6268 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, request->alpha2); 6269 } 6270 6271 if (wiphy_idx_valid(request->wiphy_idx)) 6272 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, request->wiphy_idx); 6273 6274 if (genlmsg_end(msg, hdr) < 0) { 6275 nlmsg_free(msg); 6276 return; 6277 } 6278 6279 rcu_read_lock(); 6280 genlmsg_multicast_allns(msg, 0, nl80211_regulatory_mcgrp.id, 6281 GFP_ATOMIC); 6282 rcu_read_unlock(); 6283 6284 return; 6285 6286 nla_put_failure: 6287 genlmsg_cancel(msg, hdr); 6288 nlmsg_free(msg); 6289 } 6290 6291 static void nl80211_send_mlme_event(struct cfg80211_registered_device *rdev, 6292 struct net_device *netdev, 6293 const u8 *buf, size_t len, 6294 enum nl80211_commands cmd, gfp_t gfp) 6295 { 6296 struct sk_buff *msg; 6297 void *hdr; 6298 6299 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 6300 if (!msg) 6301 return; 6302 6303 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 6304 if (!hdr) { 6305 nlmsg_free(msg); 6306 return; 6307 } 6308 6309 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6310 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6311 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf); 6312 6313 if (genlmsg_end(msg, hdr) < 0) { 6314 nlmsg_free(msg); 6315 return; 6316 } 6317 6318 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6319 nl80211_mlme_mcgrp.id, gfp); 6320 return; 6321 6322 nla_put_failure: 6323 genlmsg_cancel(msg, hdr); 6324 nlmsg_free(msg); 6325 } 6326 6327 void nl80211_send_rx_auth(struct cfg80211_registered_device *rdev, 6328 struct net_device *netdev, const u8 *buf, 6329 size_t len, gfp_t gfp) 6330 { 6331 nl80211_send_mlme_event(rdev, netdev, buf, len, 6332 NL80211_CMD_AUTHENTICATE, gfp); 6333 } 6334 6335 void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev, 6336 struct net_device *netdev, const u8 *buf, 6337 size_t len, gfp_t gfp) 6338 { 6339 nl80211_send_mlme_event(rdev, netdev, buf, len, 6340 NL80211_CMD_ASSOCIATE, gfp); 6341 } 6342 6343 void nl80211_send_deauth(struct cfg80211_registered_device *rdev, 6344 struct net_device *netdev, const u8 *buf, 6345 size_t len, gfp_t gfp) 6346 { 6347 nl80211_send_mlme_event(rdev, netdev, buf, len, 6348 NL80211_CMD_DEAUTHENTICATE, gfp); 6349 } 6350 6351 void nl80211_send_disassoc(struct cfg80211_registered_device *rdev, 6352 struct net_device *netdev, const u8 *buf, 6353 size_t len, gfp_t gfp) 6354 { 6355 nl80211_send_mlme_event(rdev, netdev, buf, len, 6356 NL80211_CMD_DISASSOCIATE, gfp); 6357 } 6358 6359 void nl80211_send_unprot_deauth(struct cfg80211_registered_device *rdev, 6360 struct net_device *netdev, const u8 *buf, 6361 size_t len, gfp_t gfp) 6362 { 6363 nl80211_send_mlme_event(rdev, netdev, buf, len, 6364 NL80211_CMD_UNPROT_DEAUTHENTICATE, gfp); 6365 } 6366 6367 void nl80211_send_unprot_disassoc(struct cfg80211_registered_device *rdev, 6368 struct net_device *netdev, const u8 *buf, 6369 size_t len, gfp_t gfp) 6370 { 6371 nl80211_send_mlme_event(rdev, netdev, buf, len, 6372 NL80211_CMD_UNPROT_DISASSOCIATE, gfp); 6373 } 6374 6375 static void nl80211_send_mlme_timeout(struct cfg80211_registered_device *rdev, 6376 struct net_device *netdev, int cmd, 6377 const u8 *addr, gfp_t gfp) 6378 { 6379 struct sk_buff *msg; 6380 void *hdr; 6381 6382 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 6383 if (!msg) 6384 return; 6385 6386 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 6387 if (!hdr) { 6388 nlmsg_free(msg); 6389 return; 6390 } 6391 6392 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6393 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6394 NLA_PUT_FLAG(msg, NL80211_ATTR_TIMED_OUT); 6395 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); 6396 6397 if (genlmsg_end(msg, hdr) < 0) { 6398 nlmsg_free(msg); 6399 return; 6400 } 6401 6402 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6403 nl80211_mlme_mcgrp.id, gfp); 6404 return; 6405 6406 nla_put_failure: 6407 genlmsg_cancel(msg, hdr); 6408 nlmsg_free(msg); 6409 } 6410 6411 void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev, 6412 struct net_device *netdev, const u8 *addr, 6413 gfp_t gfp) 6414 { 6415 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_AUTHENTICATE, 6416 addr, gfp); 6417 } 6418 6419 void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev, 6420 struct net_device *netdev, const u8 *addr, 6421 gfp_t gfp) 6422 { 6423 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_ASSOCIATE, 6424 addr, gfp); 6425 } 6426 6427 void nl80211_send_connect_result(struct cfg80211_registered_device *rdev, 6428 struct net_device *netdev, const u8 *bssid, 6429 const u8 *req_ie, size_t req_ie_len, 6430 const u8 *resp_ie, size_t resp_ie_len, 6431 u16 status, gfp_t gfp) 6432 { 6433 struct sk_buff *msg; 6434 void *hdr; 6435 6436 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 6437 if (!msg) 6438 return; 6439 6440 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONNECT); 6441 if (!hdr) { 6442 nlmsg_free(msg); 6443 return; 6444 } 6445 6446 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6447 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6448 if (bssid) 6449 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 6450 NLA_PUT_U16(msg, NL80211_ATTR_STATUS_CODE, status); 6451 if (req_ie) 6452 NLA_PUT(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie); 6453 if (resp_ie) 6454 NLA_PUT(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie); 6455 6456 if (genlmsg_end(msg, hdr) < 0) { 6457 nlmsg_free(msg); 6458 return; 6459 } 6460 6461 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6462 nl80211_mlme_mcgrp.id, gfp); 6463 return; 6464 6465 nla_put_failure: 6466 genlmsg_cancel(msg, hdr); 6467 nlmsg_free(msg); 6468 6469 } 6470 6471 void nl80211_send_roamed(struct cfg80211_registered_device *rdev, 6472 struct net_device *netdev, const u8 *bssid, 6473 const u8 *req_ie, size_t req_ie_len, 6474 const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp) 6475 { 6476 struct sk_buff *msg; 6477 void *hdr; 6478 6479 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 6480 if (!msg) 6481 return; 6482 6483 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_ROAM); 6484 if (!hdr) { 6485 nlmsg_free(msg); 6486 return; 6487 } 6488 6489 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6490 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6491 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 6492 if (req_ie) 6493 NLA_PUT(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie); 6494 if (resp_ie) 6495 NLA_PUT(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie); 6496 6497 if (genlmsg_end(msg, hdr) < 0) { 6498 nlmsg_free(msg); 6499 return; 6500 } 6501 6502 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6503 nl80211_mlme_mcgrp.id, gfp); 6504 return; 6505 6506 nla_put_failure: 6507 genlmsg_cancel(msg, hdr); 6508 nlmsg_free(msg); 6509 6510 } 6511 6512 void nl80211_send_disconnected(struct cfg80211_registered_device *rdev, 6513 struct net_device *netdev, u16 reason, 6514 const u8 *ie, size_t ie_len, bool from_ap) 6515 { 6516 struct sk_buff *msg; 6517 void *hdr; 6518 6519 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL); 6520 if (!msg) 6521 return; 6522 6523 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DISCONNECT); 6524 if (!hdr) { 6525 nlmsg_free(msg); 6526 return; 6527 } 6528 6529 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6530 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6531 if (from_ap && reason) 6532 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason); 6533 if (from_ap) 6534 NLA_PUT_FLAG(msg, NL80211_ATTR_DISCONNECTED_BY_AP); 6535 if (ie) 6536 NLA_PUT(msg, NL80211_ATTR_IE, ie_len, ie); 6537 6538 if (genlmsg_end(msg, hdr) < 0) { 6539 nlmsg_free(msg); 6540 return; 6541 } 6542 6543 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6544 nl80211_mlme_mcgrp.id, GFP_KERNEL); 6545 return; 6546 6547 nla_put_failure: 6548 genlmsg_cancel(msg, hdr); 6549 nlmsg_free(msg); 6550 6551 } 6552 6553 void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev, 6554 struct net_device *netdev, const u8 *bssid, 6555 gfp_t gfp) 6556 { 6557 struct sk_buff *msg; 6558 void *hdr; 6559 6560 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 6561 if (!msg) 6562 return; 6563 6564 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_JOIN_IBSS); 6565 if (!hdr) { 6566 nlmsg_free(msg); 6567 return; 6568 } 6569 6570 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6571 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6572 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 6573 6574 if (genlmsg_end(msg, hdr) < 0) { 6575 nlmsg_free(msg); 6576 return; 6577 } 6578 6579 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6580 nl80211_mlme_mcgrp.id, gfp); 6581 return; 6582 6583 nla_put_failure: 6584 genlmsg_cancel(msg, hdr); 6585 nlmsg_free(msg); 6586 } 6587 6588 void nl80211_send_new_peer_candidate(struct cfg80211_registered_device *rdev, 6589 struct net_device *netdev, 6590 const u8 *macaddr, const u8* ie, u8 ie_len, 6591 gfp_t gfp) 6592 { 6593 struct sk_buff *msg; 6594 void *hdr; 6595 6596 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 6597 if (!msg) 6598 return; 6599 6600 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NEW_PEER_CANDIDATE); 6601 if (!hdr) { 6602 nlmsg_free(msg); 6603 return; 6604 } 6605 6606 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6607 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6608 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, macaddr); 6609 if (ie_len && ie) 6610 NLA_PUT(msg, NL80211_ATTR_IE, ie_len , ie); 6611 6612 if (genlmsg_end(msg, hdr) < 0) { 6613 nlmsg_free(msg); 6614 return; 6615 } 6616 6617 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6618 nl80211_mlme_mcgrp.id, gfp); 6619 return; 6620 6621 nla_put_failure: 6622 genlmsg_cancel(msg, hdr); 6623 nlmsg_free(msg); 6624 } 6625 6626 void nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev, 6627 struct net_device *netdev, const u8 *addr, 6628 enum nl80211_key_type key_type, int key_id, 6629 const u8 *tsc, gfp_t gfp) 6630 { 6631 struct sk_buff *msg; 6632 void *hdr; 6633 6634 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 6635 if (!msg) 6636 return; 6637 6638 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_MICHAEL_MIC_FAILURE); 6639 if (!hdr) { 6640 nlmsg_free(msg); 6641 return; 6642 } 6643 6644 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6645 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6646 if (addr) 6647 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); 6648 NLA_PUT_U32(msg, NL80211_ATTR_KEY_TYPE, key_type); 6649 if (key_id != -1) 6650 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_id); 6651 if (tsc) 6652 NLA_PUT(msg, NL80211_ATTR_KEY_SEQ, 6, tsc); 6653 6654 if (genlmsg_end(msg, hdr) < 0) { 6655 nlmsg_free(msg); 6656 return; 6657 } 6658 6659 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6660 nl80211_mlme_mcgrp.id, gfp); 6661 return; 6662 6663 nla_put_failure: 6664 genlmsg_cancel(msg, hdr); 6665 nlmsg_free(msg); 6666 } 6667 6668 void nl80211_send_beacon_hint_event(struct wiphy *wiphy, 6669 struct ieee80211_channel *channel_before, 6670 struct ieee80211_channel *channel_after) 6671 { 6672 struct sk_buff *msg; 6673 void *hdr; 6674 struct nlattr *nl_freq; 6675 6676 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC); 6677 if (!msg) 6678 return; 6679 6680 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_BEACON_HINT); 6681 if (!hdr) { 6682 nlmsg_free(msg); 6683 return; 6684 } 6685 6686 /* 6687 * Since we are applying the beacon hint to a wiphy we know its 6688 * wiphy_idx is valid 6689 */ 6690 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy)); 6691 6692 /* Before */ 6693 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_BEFORE); 6694 if (!nl_freq) 6695 goto nla_put_failure; 6696 if (nl80211_msg_put_channel(msg, channel_before)) 6697 goto nla_put_failure; 6698 nla_nest_end(msg, nl_freq); 6699 6700 /* After */ 6701 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_AFTER); 6702 if (!nl_freq) 6703 goto nla_put_failure; 6704 if (nl80211_msg_put_channel(msg, channel_after)) 6705 goto nla_put_failure; 6706 nla_nest_end(msg, nl_freq); 6707 6708 if (genlmsg_end(msg, hdr) < 0) { 6709 nlmsg_free(msg); 6710 return; 6711 } 6712 6713 rcu_read_lock(); 6714 genlmsg_multicast_allns(msg, 0, nl80211_regulatory_mcgrp.id, 6715 GFP_ATOMIC); 6716 rcu_read_unlock(); 6717 6718 return; 6719 6720 nla_put_failure: 6721 genlmsg_cancel(msg, hdr); 6722 nlmsg_free(msg); 6723 } 6724 6725 static void nl80211_send_remain_on_chan_event( 6726 int cmd, struct cfg80211_registered_device *rdev, 6727 struct net_device *netdev, u64 cookie, 6728 struct ieee80211_channel *chan, 6729 enum nl80211_channel_type channel_type, 6730 unsigned int duration, gfp_t gfp) 6731 { 6732 struct sk_buff *msg; 6733 void *hdr; 6734 6735 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 6736 if (!msg) 6737 return; 6738 6739 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 6740 if (!hdr) { 6741 nlmsg_free(msg); 6742 return; 6743 } 6744 6745 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6746 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6747 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, chan->center_freq); 6748 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, channel_type); 6749 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 6750 6751 if (cmd == NL80211_CMD_REMAIN_ON_CHANNEL) 6752 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, duration); 6753 6754 if (genlmsg_end(msg, hdr) < 0) { 6755 nlmsg_free(msg); 6756 return; 6757 } 6758 6759 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6760 nl80211_mlme_mcgrp.id, gfp); 6761 return; 6762 6763 nla_put_failure: 6764 genlmsg_cancel(msg, hdr); 6765 nlmsg_free(msg); 6766 } 6767 6768 void nl80211_send_remain_on_channel(struct cfg80211_registered_device *rdev, 6769 struct net_device *netdev, u64 cookie, 6770 struct ieee80211_channel *chan, 6771 enum nl80211_channel_type channel_type, 6772 unsigned int duration, gfp_t gfp) 6773 { 6774 nl80211_send_remain_on_chan_event(NL80211_CMD_REMAIN_ON_CHANNEL, 6775 rdev, netdev, cookie, chan, 6776 channel_type, duration, gfp); 6777 } 6778 6779 void nl80211_send_remain_on_channel_cancel( 6780 struct cfg80211_registered_device *rdev, struct net_device *netdev, 6781 u64 cookie, struct ieee80211_channel *chan, 6782 enum nl80211_channel_type channel_type, gfp_t gfp) 6783 { 6784 nl80211_send_remain_on_chan_event(NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL, 6785 rdev, netdev, cookie, chan, 6786 channel_type, 0, gfp); 6787 } 6788 6789 void nl80211_send_sta_event(struct cfg80211_registered_device *rdev, 6790 struct net_device *dev, const u8 *mac_addr, 6791 struct station_info *sinfo, gfp_t gfp) 6792 { 6793 struct sk_buff *msg; 6794 6795 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 6796 if (!msg) 6797 return; 6798 6799 if (nl80211_send_station(msg, 0, 0, 0, dev, mac_addr, sinfo) < 0) { 6800 nlmsg_free(msg); 6801 return; 6802 } 6803 6804 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6805 nl80211_mlme_mcgrp.id, gfp); 6806 } 6807 6808 void nl80211_send_sta_del_event(struct cfg80211_registered_device *rdev, 6809 struct net_device *dev, const u8 *mac_addr, 6810 gfp_t gfp) 6811 { 6812 struct sk_buff *msg; 6813 void *hdr; 6814 6815 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 6816 if (!msg) 6817 return; 6818 6819 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DEL_STATION); 6820 if (!hdr) { 6821 nlmsg_free(msg); 6822 return; 6823 } 6824 6825 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 6826 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr); 6827 6828 if (genlmsg_end(msg, hdr) < 0) { 6829 nlmsg_free(msg); 6830 return; 6831 } 6832 6833 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6834 nl80211_mlme_mcgrp.id, gfp); 6835 return; 6836 6837 nla_put_failure: 6838 genlmsg_cancel(msg, hdr); 6839 nlmsg_free(msg); 6840 } 6841 6842 int nl80211_send_mgmt(struct cfg80211_registered_device *rdev, 6843 struct net_device *netdev, u32 nlpid, 6844 int freq, const u8 *buf, size_t len, gfp_t gfp) 6845 { 6846 struct sk_buff *msg; 6847 void *hdr; 6848 int err; 6849 6850 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 6851 if (!msg) 6852 return -ENOMEM; 6853 6854 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME); 6855 if (!hdr) { 6856 nlmsg_free(msg); 6857 return -ENOMEM; 6858 } 6859 6860 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6861 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6862 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq); 6863 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf); 6864 6865 err = genlmsg_end(msg, hdr); 6866 if (err < 0) { 6867 nlmsg_free(msg); 6868 return err; 6869 } 6870 6871 err = genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlpid); 6872 if (err < 0) 6873 return err; 6874 return 0; 6875 6876 nla_put_failure: 6877 genlmsg_cancel(msg, hdr); 6878 nlmsg_free(msg); 6879 return -ENOBUFS; 6880 } 6881 6882 void nl80211_send_mgmt_tx_status(struct cfg80211_registered_device *rdev, 6883 struct net_device *netdev, u64 cookie, 6884 const u8 *buf, size_t len, bool ack, 6885 gfp_t gfp) 6886 { 6887 struct sk_buff *msg; 6888 void *hdr; 6889 6890 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 6891 if (!msg) 6892 return; 6893 6894 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME_TX_STATUS); 6895 if (!hdr) { 6896 nlmsg_free(msg); 6897 return; 6898 } 6899 6900 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6901 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6902 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf); 6903 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 6904 if (ack) 6905 NLA_PUT_FLAG(msg, NL80211_ATTR_ACK); 6906 6907 if (genlmsg_end(msg, hdr) < 0) { 6908 nlmsg_free(msg); 6909 return; 6910 } 6911 6912 genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, gfp); 6913 return; 6914 6915 nla_put_failure: 6916 genlmsg_cancel(msg, hdr); 6917 nlmsg_free(msg); 6918 } 6919 6920 void 6921 nl80211_send_cqm_rssi_notify(struct cfg80211_registered_device *rdev, 6922 struct net_device *netdev, 6923 enum nl80211_cqm_rssi_threshold_event rssi_event, 6924 gfp_t gfp) 6925 { 6926 struct sk_buff *msg; 6927 struct nlattr *pinfoattr; 6928 void *hdr; 6929 6930 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 6931 if (!msg) 6932 return; 6933 6934 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM); 6935 if (!hdr) { 6936 nlmsg_free(msg); 6937 return; 6938 } 6939 6940 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6941 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6942 6943 pinfoattr = nla_nest_start(msg, NL80211_ATTR_CQM); 6944 if (!pinfoattr) 6945 goto nla_put_failure; 6946 6947 NLA_PUT_U32(msg, NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT, 6948 rssi_event); 6949 6950 nla_nest_end(msg, pinfoattr); 6951 6952 if (genlmsg_end(msg, hdr) < 0) { 6953 nlmsg_free(msg); 6954 return; 6955 } 6956 6957 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6958 nl80211_mlme_mcgrp.id, gfp); 6959 return; 6960 6961 nla_put_failure: 6962 genlmsg_cancel(msg, hdr); 6963 nlmsg_free(msg); 6964 } 6965 6966 void nl80211_gtk_rekey_notify(struct cfg80211_registered_device *rdev, 6967 struct net_device *netdev, const u8 *bssid, 6968 const u8 *replay_ctr, gfp_t gfp) 6969 { 6970 struct sk_buff *msg; 6971 struct nlattr *rekey_attr; 6972 void *hdr; 6973 6974 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 6975 if (!msg) 6976 return; 6977 6978 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_SET_REKEY_OFFLOAD); 6979 if (!hdr) { 6980 nlmsg_free(msg); 6981 return; 6982 } 6983 6984 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6985 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6986 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 6987 6988 rekey_attr = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA); 6989 if (!rekey_attr) 6990 goto nla_put_failure; 6991 6992 NLA_PUT(msg, NL80211_REKEY_DATA_REPLAY_CTR, 6993 NL80211_REPLAY_CTR_LEN, replay_ctr); 6994 6995 nla_nest_end(msg, rekey_attr); 6996 6997 if (genlmsg_end(msg, hdr) < 0) { 6998 nlmsg_free(msg); 6999 return; 7000 } 7001 7002 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7003 nl80211_mlme_mcgrp.id, gfp); 7004 return; 7005 7006 nla_put_failure: 7007 genlmsg_cancel(msg, hdr); 7008 nlmsg_free(msg); 7009 } 7010 7011 void 7012 nl80211_send_cqm_pktloss_notify(struct cfg80211_registered_device *rdev, 7013 struct net_device *netdev, const u8 *peer, 7014 u32 num_packets, gfp_t gfp) 7015 { 7016 struct sk_buff *msg; 7017 struct nlattr *pinfoattr; 7018 void *hdr; 7019 7020 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7021 if (!msg) 7022 return; 7023 7024 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM); 7025 if (!hdr) { 7026 nlmsg_free(msg); 7027 return; 7028 } 7029 7030 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7031 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7032 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, peer); 7033 7034 pinfoattr = nla_nest_start(msg, NL80211_ATTR_CQM); 7035 if (!pinfoattr) 7036 goto nla_put_failure; 7037 7038 NLA_PUT_U32(msg, NL80211_ATTR_CQM_PKT_LOSS_EVENT, num_packets); 7039 7040 nla_nest_end(msg, pinfoattr); 7041 7042 if (genlmsg_end(msg, hdr) < 0) { 7043 nlmsg_free(msg); 7044 return; 7045 } 7046 7047 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7048 nl80211_mlme_mcgrp.id, gfp); 7049 return; 7050 7051 nla_put_failure: 7052 genlmsg_cancel(msg, hdr); 7053 nlmsg_free(msg); 7054 } 7055 7056 static int nl80211_netlink_notify(struct notifier_block * nb, 7057 unsigned long state, 7058 void *_notify) 7059 { 7060 struct netlink_notify *notify = _notify; 7061 struct cfg80211_registered_device *rdev; 7062 struct wireless_dev *wdev; 7063 7064 if (state != NETLINK_URELEASE) 7065 return NOTIFY_DONE; 7066 7067 rcu_read_lock(); 7068 7069 list_for_each_entry_rcu(rdev, &cfg80211_rdev_list, list) 7070 list_for_each_entry_rcu(wdev, &rdev->netdev_list, list) 7071 cfg80211_mlme_unregister_socket(wdev, notify->pid); 7072 7073 rcu_read_unlock(); 7074 7075 return NOTIFY_DONE; 7076 } 7077 7078 static struct notifier_block nl80211_netlink_notifier = { 7079 .notifier_call = nl80211_netlink_notify, 7080 }; 7081 7082 /* initialisation/exit functions */ 7083 7084 int nl80211_init(void) 7085 { 7086 int err; 7087 7088 err = genl_register_family_with_ops(&nl80211_fam, 7089 nl80211_ops, ARRAY_SIZE(nl80211_ops)); 7090 if (err) 7091 return err; 7092 7093 err = genl_register_mc_group(&nl80211_fam, &nl80211_config_mcgrp); 7094 if (err) 7095 goto err_out; 7096 7097 err = genl_register_mc_group(&nl80211_fam, &nl80211_scan_mcgrp); 7098 if (err) 7099 goto err_out; 7100 7101 err = genl_register_mc_group(&nl80211_fam, &nl80211_regulatory_mcgrp); 7102 if (err) 7103 goto err_out; 7104 7105 err = genl_register_mc_group(&nl80211_fam, &nl80211_mlme_mcgrp); 7106 if (err) 7107 goto err_out; 7108 7109 #ifdef CONFIG_NL80211_TESTMODE 7110 err = genl_register_mc_group(&nl80211_fam, &nl80211_testmode_mcgrp); 7111 if (err) 7112 goto err_out; 7113 #endif 7114 7115 err = netlink_register_notifier(&nl80211_netlink_notifier); 7116 if (err) 7117 goto err_out; 7118 7119 return 0; 7120 err_out: 7121 genl_unregister_family(&nl80211_fam); 7122 return err; 7123 } 7124 7125 void nl80211_exit(void) 7126 { 7127 netlink_unregister_notifier(&nl80211_netlink_notifier); 7128 genl_unregister_family(&nl80211_fam); 7129 } 7130