1 /* 2 * This is the new netlink-based wireless configuration interface. 3 * 4 * Copyright 2006-2010 Johannes Berg <johannes@sipsolutions.net> 5 */ 6 7 #include <linux/if.h> 8 #include <linux/module.h> 9 #include <linux/err.h> 10 #include <linux/slab.h> 11 #include <linux/list.h> 12 #include <linux/if_ether.h> 13 #include <linux/ieee80211.h> 14 #include <linux/nl80211.h> 15 #include <linux/rtnetlink.h> 16 #include <linux/netlink.h> 17 #include <linux/etherdevice.h> 18 #include <net/net_namespace.h> 19 #include <net/genetlink.h> 20 #include <net/cfg80211.h> 21 #include <net/sock.h> 22 #include "core.h" 23 #include "nl80211.h" 24 #include "reg.h" 25 26 static int nl80211_pre_doit(struct genl_ops *ops, struct sk_buff *skb, 27 struct genl_info *info); 28 static void nl80211_post_doit(struct genl_ops *ops, struct sk_buff *skb, 29 struct genl_info *info); 30 31 /* the netlink family */ 32 static struct genl_family nl80211_fam = { 33 .id = GENL_ID_GENERATE, /* don't bother with a hardcoded ID */ 34 .name = "nl80211", /* have users key off the name instead */ 35 .hdrsize = 0, /* no private header */ 36 .version = 1, /* no particular meaning now */ 37 .maxattr = NL80211_ATTR_MAX, 38 .netnsok = true, 39 .pre_doit = nl80211_pre_doit, 40 .post_doit = nl80211_post_doit, 41 }; 42 43 /* internal helper: get rdev and dev */ 44 static int get_rdev_dev_by_info_ifindex(struct genl_info *info, 45 struct cfg80211_registered_device **rdev, 46 struct net_device **dev) 47 { 48 struct nlattr **attrs = info->attrs; 49 int ifindex; 50 51 if (!attrs[NL80211_ATTR_IFINDEX]) 52 return -EINVAL; 53 54 ifindex = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]); 55 *dev = dev_get_by_index(genl_info_net(info), ifindex); 56 if (!*dev) 57 return -ENODEV; 58 59 *rdev = cfg80211_get_dev_from_ifindex(genl_info_net(info), ifindex); 60 if (IS_ERR(*rdev)) { 61 dev_put(*dev); 62 return PTR_ERR(*rdev); 63 } 64 65 return 0; 66 } 67 68 /* policy for the attributes */ 69 static const struct nla_policy nl80211_policy[NL80211_ATTR_MAX+1] = { 70 [NL80211_ATTR_WIPHY] = { .type = NLA_U32 }, 71 [NL80211_ATTR_WIPHY_NAME] = { .type = NLA_NUL_STRING, 72 .len = 20-1 }, 73 [NL80211_ATTR_WIPHY_TXQ_PARAMS] = { .type = NLA_NESTED }, 74 [NL80211_ATTR_WIPHY_FREQ] = { .type = NLA_U32 }, 75 [NL80211_ATTR_WIPHY_CHANNEL_TYPE] = { .type = NLA_U32 }, 76 [NL80211_ATTR_WIPHY_RETRY_SHORT] = { .type = NLA_U8 }, 77 [NL80211_ATTR_WIPHY_RETRY_LONG] = { .type = NLA_U8 }, 78 [NL80211_ATTR_WIPHY_FRAG_THRESHOLD] = { .type = NLA_U32 }, 79 [NL80211_ATTR_WIPHY_RTS_THRESHOLD] = { .type = NLA_U32 }, 80 [NL80211_ATTR_WIPHY_COVERAGE_CLASS] = { .type = NLA_U8 }, 81 82 [NL80211_ATTR_IFTYPE] = { .type = NLA_U32 }, 83 [NL80211_ATTR_IFINDEX] = { .type = NLA_U32 }, 84 [NL80211_ATTR_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ-1 }, 85 86 [NL80211_ATTR_MAC] = { .type = NLA_BINARY, .len = ETH_ALEN }, 87 [NL80211_ATTR_PREV_BSSID] = { .type = NLA_BINARY, .len = ETH_ALEN }, 88 89 [NL80211_ATTR_KEY] = { .type = NLA_NESTED, }, 90 [NL80211_ATTR_KEY_DATA] = { .type = NLA_BINARY, 91 .len = WLAN_MAX_KEY_LEN }, 92 [NL80211_ATTR_KEY_IDX] = { .type = NLA_U8 }, 93 [NL80211_ATTR_KEY_CIPHER] = { .type = NLA_U32 }, 94 [NL80211_ATTR_KEY_DEFAULT] = { .type = NLA_FLAG }, 95 [NL80211_ATTR_KEY_SEQ] = { .type = NLA_BINARY, .len = 8 }, 96 [NL80211_ATTR_KEY_TYPE] = { .type = NLA_U32 }, 97 98 [NL80211_ATTR_BEACON_INTERVAL] = { .type = NLA_U32 }, 99 [NL80211_ATTR_DTIM_PERIOD] = { .type = NLA_U32 }, 100 [NL80211_ATTR_BEACON_HEAD] = { .type = NLA_BINARY, 101 .len = IEEE80211_MAX_DATA_LEN }, 102 [NL80211_ATTR_BEACON_TAIL] = { .type = NLA_BINARY, 103 .len = IEEE80211_MAX_DATA_LEN }, 104 [NL80211_ATTR_STA_AID] = { .type = NLA_U16 }, 105 [NL80211_ATTR_STA_FLAGS] = { .type = NLA_NESTED }, 106 [NL80211_ATTR_STA_LISTEN_INTERVAL] = { .type = NLA_U16 }, 107 [NL80211_ATTR_STA_SUPPORTED_RATES] = { .type = NLA_BINARY, 108 .len = NL80211_MAX_SUPP_RATES }, 109 [NL80211_ATTR_STA_PLINK_ACTION] = { .type = NLA_U8 }, 110 [NL80211_ATTR_STA_VLAN] = { .type = NLA_U32 }, 111 [NL80211_ATTR_MNTR_FLAGS] = { /* NLA_NESTED can't be empty */ }, 112 [NL80211_ATTR_MESH_ID] = { .type = NLA_BINARY, 113 .len = IEEE80211_MAX_MESH_ID_LEN }, 114 [NL80211_ATTR_MPATH_NEXT_HOP] = { .type = NLA_U32 }, 115 116 [NL80211_ATTR_REG_ALPHA2] = { .type = NLA_STRING, .len = 2 }, 117 [NL80211_ATTR_REG_RULES] = { .type = NLA_NESTED }, 118 119 [NL80211_ATTR_BSS_CTS_PROT] = { .type = NLA_U8 }, 120 [NL80211_ATTR_BSS_SHORT_PREAMBLE] = { .type = NLA_U8 }, 121 [NL80211_ATTR_BSS_SHORT_SLOT_TIME] = { .type = NLA_U8 }, 122 [NL80211_ATTR_BSS_BASIC_RATES] = { .type = NLA_BINARY, 123 .len = NL80211_MAX_SUPP_RATES }, 124 [NL80211_ATTR_BSS_HT_OPMODE] = { .type = NLA_U16 }, 125 126 [NL80211_ATTR_MESH_CONFIG] = { .type = NLA_NESTED }, 127 128 [NL80211_ATTR_HT_CAPABILITY] = { .type = NLA_BINARY, 129 .len = NL80211_HT_CAPABILITY_LEN }, 130 131 [NL80211_ATTR_MGMT_SUBTYPE] = { .type = NLA_U8 }, 132 [NL80211_ATTR_IE] = { .type = NLA_BINARY, 133 .len = IEEE80211_MAX_DATA_LEN }, 134 [NL80211_ATTR_SCAN_FREQUENCIES] = { .type = NLA_NESTED }, 135 [NL80211_ATTR_SCAN_SSIDS] = { .type = NLA_NESTED }, 136 137 [NL80211_ATTR_SSID] = { .type = NLA_BINARY, 138 .len = IEEE80211_MAX_SSID_LEN }, 139 [NL80211_ATTR_AUTH_TYPE] = { .type = NLA_U32 }, 140 [NL80211_ATTR_REASON_CODE] = { .type = NLA_U16 }, 141 [NL80211_ATTR_FREQ_FIXED] = { .type = NLA_FLAG }, 142 [NL80211_ATTR_TIMED_OUT] = { .type = NLA_FLAG }, 143 [NL80211_ATTR_USE_MFP] = { .type = NLA_U32 }, 144 [NL80211_ATTR_STA_FLAGS2] = { 145 .len = sizeof(struct nl80211_sta_flag_update), 146 }, 147 [NL80211_ATTR_CONTROL_PORT] = { .type = NLA_FLAG }, 148 [NL80211_ATTR_CONTROL_PORT_ETHERTYPE] = { .type = NLA_U16 }, 149 [NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT] = { .type = NLA_FLAG }, 150 [NL80211_ATTR_PRIVACY] = { .type = NLA_FLAG }, 151 [NL80211_ATTR_CIPHER_SUITE_GROUP] = { .type = NLA_U32 }, 152 [NL80211_ATTR_WPA_VERSIONS] = { .type = NLA_U32 }, 153 [NL80211_ATTR_PID] = { .type = NLA_U32 }, 154 [NL80211_ATTR_4ADDR] = { .type = NLA_U8 }, 155 [NL80211_ATTR_PMKID] = { .type = NLA_BINARY, 156 .len = WLAN_PMKID_LEN }, 157 [NL80211_ATTR_DURATION] = { .type = NLA_U32 }, 158 [NL80211_ATTR_COOKIE] = { .type = NLA_U64 }, 159 [NL80211_ATTR_TX_RATES] = { .type = NLA_NESTED }, 160 [NL80211_ATTR_FRAME] = { .type = NLA_BINARY, 161 .len = IEEE80211_MAX_DATA_LEN }, 162 [NL80211_ATTR_FRAME_MATCH] = { .type = NLA_BINARY, }, 163 [NL80211_ATTR_PS_STATE] = { .type = NLA_U32 }, 164 [NL80211_ATTR_CQM] = { .type = NLA_NESTED, }, 165 [NL80211_ATTR_LOCAL_STATE_CHANGE] = { .type = NLA_FLAG }, 166 [NL80211_ATTR_AP_ISOLATE] = { .type = NLA_U8 }, 167 [NL80211_ATTR_WIPHY_TX_POWER_SETTING] = { .type = NLA_U32 }, 168 [NL80211_ATTR_WIPHY_TX_POWER_LEVEL] = { .type = NLA_U32 }, 169 [NL80211_ATTR_FRAME_TYPE] = { .type = NLA_U16 }, 170 [NL80211_ATTR_WIPHY_ANTENNA_TX] = { .type = NLA_U32 }, 171 [NL80211_ATTR_WIPHY_ANTENNA_RX] = { .type = NLA_U32 }, 172 [NL80211_ATTR_MCAST_RATE] = { .type = NLA_U32 }, 173 [NL80211_ATTR_OFFCHANNEL_TX_OK] = { .type = NLA_FLAG }, 174 [NL80211_ATTR_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED }, 175 }; 176 177 /* policy for the key attributes */ 178 static const struct nla_policy nl80211_key_policy[NL80211_KEY_MAX + 1] = { 179 [NL80211_KEY_DATA] = { .type = NLA_BINARY, .len = WLAN_MAX_KEY_LEN }, 180 [NL80211_KEY_IDX] = { .type = NLA_U8 }, 181 [NL80211_KEY_CIPHER] = { .type = NLA_U32 }, 182 [NL80211_KEY_SEQ] = { .type = NLA_BINARY, .len = 8 }, 183 [NL80211_KEY_DEFAULT] = { .type = NLA_FLAG }, 184 [NL80211_KEY_DEFAULT_MGMT] = { .type = NLA_FLAG }, 185 [NL80211_KEY_TYPE] = { .type = NLA_U32 }, 186 [NL80211_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED }, 187 }; 188 189 /* policy for the key default flags */ 190 static const struct nla_policy 191 nl80211_key_default_policy[NUM_NL80211_KEY_DEFAULT_TYPES] = { 192 [NL80211_KEY_DEFAULT_TYPE_UNICAST] = { .type = NLA_FLAG }, 193 [NL80211_KEY_DEFAULT_TYPE_MULTICAST] = { .type = NLA_FLAG }, 194 }; 195 196 /* ifidx get helper */ 197 static int nl80211_get_ifidx(struct netlink_callback *cb) 198 { 199 int res; 200 201 res = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize, 202 nl80211_fam.attrbuf, nl80211_fam.maxattr, 203 nl80211_policy); 204 if (res) 205 return res; 206 207 if (!nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX]) 208 return -EINVAL; 209 210 res = nla_get_u32(nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX]); 211 if (!res) 212 return -EINVAL; 213 return res; 214 } 215 216 static int nl80211_prepare_netdev_dump(struct sk_buff *skb, 217 struct netlink_callback *cb, 218 struct cfg80211_registered_device **rdev, 219 struct net_device **dev) 220 { 221 int ifidx = cb->args[0]; 222 int err; 223 224 if (!ifidx) 225 ifidx = nl80211_get_ifidx(cb); 226 if (ifidx < 0) 227 return ifidx; 228 229 cb->args[0] = ifidx; 230 231 rtnl_lock(); 232 233 *dev = __dev_get_by_index(sock_net(skb->sk), ifidx); 234 if (!*dev) { 235 err = -ENODEV; 236 goto out_rtnl; 237 } 238 239 *rdev = cfg80211_get_dev_from_ifindex(sock_net(skb->sk), ifidx); 240 if (IS_ERR(*rdev)) { 241 err = PTR_ERR(*rdev); 242 goto out_rtnl; 243 } 244 245 return 0; 246 out_rtnl: 247 rtnl_unlock(); 248 return err; 249 } 250 251 static void nl80211_finish_netdev_dump(struct cfg80211_registered_device *rdev) 252 { 253 cfg80211_unlock_rdev(rdev); 254 rtnl_unlock(); 255 } 256 257 /* IE validation */ 258 static bool is_valid_ie_attr(const struct nlattr *attr) 259 { 260 const u8 *pos; 261 int len; 262 263 if (!attr) 264 return true; 265 266 pos = nla_data(attr); 267 len = nla_len(attr); 268 269 while (len) { 270 u8 elemlen; 271 272 if (len < 2) 273 return false; 274 len -= 2; 275 276 elemlen = pos[1]; 277 if (elemlen > len) 278 return false; 279 280 len -= elemlen; 281 pos += 2 + elemlen; 282 } 283 284 return true; 285 } 286 287 /* message building helper */ 288 static inline void *nl80211hdr_put(struct sk_buff *skb, u32 pid, u32 seq, 289 int flags, u8 cmd) 290 { 291 /* since there is no private header just add the generic one */ 292 return genlmsg_put(skb, pid, seq, &nl80211_fam, flags, cmd); 293 } 294 295 static int nl80211_msg_put_channel(struct sk_buff *msg, 296 struct ieee80211_channel *chan) 297 { 298 NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_FREQ, 299 chan->center_freq); 300 301 if (chan->flags & IEEE80211_CHAN_DISABLED) 302 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_DISABLED); 303 if (chan->flags & IEEE80211_CHAN_PASSIVE_SCAN) 304 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_PASSIVE_SCAN); 305 if (chan->flags & IEEE80211_CHAN_NO_IBSS) 306 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_NO_IBSS); 307 if (chan->flags & IEEE80211_CHAN_RADAR) 308 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_RADAR); 309 310 NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_MAX_TX_POWER, 311 DBM_TO_MBM(chan->max_power)); 312 313 return 0; 314 315 nla_put_failure: 316 return -ENOBUFS; 317 } 318 319 /* netlink command implementations */ 320 321 struct key_parse { 322 struct key_params p; 323 int idx; 324 int type; 325 bool def, defmgmt; 326 bool def_uni, def_multi; 327 }; 328 329 static int nl80211_parse_key_new(struct nlattr *key, struct key_parse *k) 330 { 331 struct nlattr *tb[NL80211_KEY_MAX + 1]; 332 int err = nla_parse_nested(tb, NL80211_KEY_MAX, key, 333 nl80211_key_policy); 334 if (err) 335 return err; 336 337 k->def = !!tb[NL80211_KEY_DEFAULT]; 338 k->defmgmt = !!tb[NL80211_KEY_DEFAULT_MGMT]; 339 340 if (k->def) { 341 k->def_uni = true; 342 k->def_multi = true; 343 } 344 if (k->defmgmt) 345 k->def_multi = true; 346 347 if (tb[NL80211_KEY_IDX]) 348 k->idx = nla_get_u8(tb[NL80211_KEY_IDX]); 349 350 if (tb[NL80211_KEY_DATA]) { 351 k->p.key = nla_data(tb[NL80211_KEY_DATA]); 352 k->p.key_len = nla_len(tb[NL80211_KEY_DATA]); 353 } 354 355 if (tb[NL80211_KEY_SEQ]) { 356 k->p.seq = nla_data(tb[NL80211_KEY_SEQ]); 357 k->p.seq_len = nla_len(tb[NL80211_KEY_SEQ]); 358 } 359 360 if (tb[NL80211_KEY_CIPHER]) 361 k->p.cipher = nla_get_u32(tb[NL80211_KEY_CIPHER]); 362 363 if (tb[NL80211_KEY_TYPE]) { 364 k->type = nla_get_u32(tb[NL80211_KEY_TYPE]); 365 if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES) 366 return -EINVAL; 367 } 368 369 if (tb[NL80211_KEY_DEFAULT_TYPES]) { 370 struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES]; 371 int err = nla_parse_nested(kdt, 372 NUM_NL80211_KEY_DEFAULT_TYPES - 1, 373 tb[NL80211_KEY_DEFAULT_TYPES], 374 nl80211_key_default_policy); 375 if (err) 376 return err; 377 378 k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST]; 379 k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST]; 380 } 381 382 return 0; 383 } 384 385 static int nl80211_parse_key_old(struct genl_info *info, struct key_parse *k) 386 { 387 if (info->attrs[NL80211_ATTR_KEY_DATA]) { 388 k->p.key = nla_data(info->attrs[NL80211_ATTR_KEY_DATA]); 389 k->p.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]); 390 } 391 392 if (info->attrs[NL80211_ATTR_KEY_SEQ]) { 393 k->p.seq = nla_data(info->attrs[NL80211_ATTR_KEY_SEQ]); 394 k->p.seq_len = nla_len(info->attrs[NL80211_ATTR_KEY_SEQ]); 395 } 396 397 if (info->attrs[NL80211_ATTR_KEY_IDX]) 398 k->idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]); 399 400 if (info->attrs[NL80211_ATTR_KEY_CIPHER]) 401 k->p.cipher = nla_get_u32(info->attrs[NL80211_ATTR_KEY_CIPHER]); 402 403 k->def = !!info->attrs[NL80211_ATTR_KEY_DEFAULT]; 404 k->defmgmt = !!info->attrs[NL80211_ATTR_KEY_DEFAULT_MGMT]; 405 406 if (k->def) { 407 k->def_uni = true; 408 k->def_multi = true; 409 } 410 if (k->defmgmt) 411 k->def_multi = true; 412 413 if (info->attrs[NL80211_ATTR_KEY_TYPE]) { 414 k->type = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]); 415 if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES) 416 return -EINVAL; 417 } 418 419 if (info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES]) { 420 struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES]; 421 int err = nla_parse_nested( 422 kdt, NUM_NL80211_KEY_DEFAULT_TYPES - 1, 423 info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES], 424 nl80211_key_default_policy); 425 if (err) 426 return err; 427 428 k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST]; 429 k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST]; 430 } 431 432 return 0; 433 } 434 435 static int nl80211_parse_key(struct genl_info *info, struct key_parse *k) 436 { 437 int err; 438 439 memset(k, 0, sizeof(*k)); 440 k->idx = -1; 441 k->type = -1; 442 443 if (info->attrs[NL80211_ATTR_KEY]) 444 err = nl80211_parse_key_new(info->attrs[NL80211_ATTR_KEY], k); 445 else 446 err = nl80211_parse_key_old(info, k); 447 448 if (err) 449 return err; 450 451 if (k->def && k->defmgmt) 452 return -EINVAL; 453 454 if (k->defmgmt) { 455 if (k->def_uni || !k->def_multi) 456 return -EINVAL; 457 } 458 459 if (k->idx != -1) { 460 if (k->defmgmt) { 461 if (k->idx < 4 || k->idx > 5) 462 return -EINVAL; 463 } else if (k->def) { 464 if (k->idx < 0 || k->idx > 3) 465 return -EINVAL; 466 } else { 467 if (k->idx < 0 || k->idx > 5) 468 return -EINVAL; 469 } 470 } 471 472 return 0; 473 } 474 475 static struct cfg80211_cached_keys * 476 nl80211_parse_connkeys(struct cfg80211_registered_device *rdev, 477 struct nlattr *keys) 478 { 479 struct key_parse parse; 480 struct nlattr *key; 481 struct cfg80211_cached_keys *result; 482 int rem, err, def = 0; 483 484 result = kzalloc(sizeof(*result), GFP_KERNEL); 485 if (!result) 486 return ERR_PTR(-ENOMEM); 487 488 result->def = -1; 489 result->defmgmt = -1; 490 491 nla_for_each_nested(key, keys, rem) { 492 memset(&parse, 0, sizeof(parse)); 493 parse.idx = -1; 494 495 err = nl80211_parse_key_new(key, &parse); 496 if (err) 497 goto error; 498 err = -EINVAL; 499 if (!parse.p.key) 500 goto error; 501 if (parse.idx < 0 || parse.idx > 4) 502 goto error; 503 if (parse.def) { 504 if (def) 505 goto error; 506 def = 1; 507 result->def = parse.idx; 508 if (!parse.def_uni || !parse.def_multi) 509 goto error; 510 } else if (parse.defmgmt) 511 goto error; 512 err = cfg80211_validate_key_settings(rdev, &parse.p, 513 parse.idx, false, NULL); 514 if (err) 515 goto error; 516 result->params[parse.idx].cipher = parse.p.cipher; 517 result->params[parse.idx].key_len = parse.p.key_len; 518 result->params[parse.idx].key = result->data[parse.idx]; 519 memcpy(result->data[parse.idx], parse.p.key, parse.p.key_len); 520 } 521 522 return result; 523 error: 524 kfree(result); 525 return ERR_PTR(err); 526 } 527 528 static int nl80211_key_allowed(struct wireless_dev *wdev) 529 { 530 ASSERT_WDEV_LOCK(wdev); 531 532 switch (wdev->iftype) { 533 case NL80211_IFTYPE_AP: 534 case NL80211_IFTYPE_AP_VLAN: 535 case NL80211_IFTYPE_P2P_GO: 536 break; 537 case NL80211_IFTYPE_ADHOC: 538 if (!wdev->current_bss) 539 return -ENOLINK; 540 break; 541 case NL80211_IFTYPE_STATION: 542 case NL80211_IFTYPE_P2P_CLIENT: 543 if (wdev->sme_state != CFG80211_SME_CONNECTED) 544 return -ENOLINK; 545 break; 546 default: 547 return -EINVAL; 548 } 549 550 return 0; 551 } 552 553 static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags, 554 struct cfg80211_registered_device *dev) 555 { 556 void *hdr; 557 struct nlattr *nl_bands, *nl_band; 558 struct nlattr *nl_freqs, *nl_freq; 559 struct nlattr *nl_rates, *nl_rate; 560 struct nlattr *nl_modes; 561 struct nlattr *nl_cmds; 562 enum ieee80211_band band; 563 struct ieee80211_channel *chan; 564 struct ieee80211_rate *rate; 565 int i; 566 u16 ifmodes = dev->wiphy.interface_modes; 567 const struct ieee80211_txrx_stypes *mgmt_stypes = 568 dev->wiphy.mgmt_stypes; 569 570 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_WIPHY); 571 if (!hdr) 572 return -1; 573 574 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, dev->wiphy_idx); 575 NLA_PUT_STRING(msg, NL80211_ATTR_WIPHY_NAME, wiphy_name(&dev->wiphy)); 576 577 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, 578 cfg80211_rdev_list_generation); 579 580 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_SHORT, 581 dev->wiphy.retry_short); 582 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_LONG, 583 dev->wiphy.retry_long); 584 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, 585 dev->wiphy.frag_threshold); 586 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, 587 dev->wiphy.rts_threshold); 588 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_COVERAGE_CLASS, 589 dev->wiphy.coverage_class); 590 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_SCAN_SSIDS, 591 dev->wiphy.max_scan_ssids); 592 NLA_PUT_U16(msg, NL80211_ATTR_MAX_SCAN_IE_LEN, 593 dev->wiphy.max_scan_ie_len); 594 595 if (dev->wiphy.flags & WIPHY_FLAG_IBSS_RSN) 596 NLA_PUT_FLAG(msg, NL80211_ATTR_SUPPORT_IBSS_RSN); 597 598 NLA_PUT(msg, NL80211_ATTR_CIPHER_SUITES, 599 sizeof(u32) * dev->wiphy.n_cipher_suites, 600 dev->wiphy.cipher_suites); 601 602 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_PMKIDS, 603 dev->wiphy.max_num_pmkids); 604 605 if (dev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) 606 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE); 607 608 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_TX, 609 dev->wiphy.available_antennas_tx); 610 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_RX, 611 dev->wiphy.available_antennas_rx); 612 613 if ((dev->wiphy.available_antennas_tx || 614 dev->wiphy.available_antennas_rx) && dev->ops->get_antenna) { 615 u32 tx_ant = 0, rx_ant = 0; 616 int res; 617 res = dev->ops->get_antenna(&dev->wiphy, &tx_ant, &rx_ant); 618 if (!res) { 619 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_TX, tx_ant); 620 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_RX, rx_ant); 621 } 622 } 623 624 nl_modes = nla_nest_start(msg, NL80211_ATTR_SUPPORTED_IFTYPES); 625 if (!nl_modes) 626 goto nla_put_failure; 627 628 i = 0; 629 while (ifmodes) { 630 if (ifmodes & 1) 631 NLA_PUT_FLAG(msg, i); 632 ifmodes >>= 1; 633 i++; 634 } 635 636 nla_nest_end(msg, nl_modes); 637 638 nl_bands = nla_nest_start(msg, NL80211_ATTR_WIPHY_BANDS); 639 if (!nl_bands) 640 goto nla_put_failure; 641 642 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 643 if (!dev->wiphy.bands[band]) 644 continue; 645 646 nl_band = nla_nest_start(msg, band); 647 if (!nl_band) 648 goto nla_put_failure; 649 650 /* add HT info */ 651 if (dev->wiphy.bands[band]->ht_cap.ht_supported) { 652 NLA_PUT(msg, NL80211_BAND_ATTR_HT_MCS_SET, 653 sizeof(dev->wiphy.bands[band]->ht_cap.mcs), 654 &dev->wiphy.bands[band]->ht_cap.mcs); 655 NLA_PUT_U16(msg, NL80211_BAND_ATTR_HT_CAPA, 656 dev->wiphy.bands[band]->ht_cap.cap); 657 NLA_PUT_U8(msg, NL80211_BAND_ATTR_HT_AMPDU_FACTOR, 658 dev->wiphy.bands[band]->ht_cap.ampdu_factor); 659 NLA_PUT_U8(msg, NL80211_BAND_ATTR_HT_AMPDU_DENSITY, 660 dev->wiphy.bands[band]->ht_cap.ampdu_density); 661 } 662 663 /* add frequencies */ 664 nl_freqs = nla_nest_start(msg, NL80211_BAND_ATTR_FREQS); 665 if (!nl_freqs) 666 goto nla_put_failure; 667 668 for (i = 0; i < dev->wiphy.bands[band]->n_channels; i++) { 669 nl_freq = nla_nest_start(msg, i); 670 if (!nl_freq) 671 goto nla_put_failure; 672 673 chan = &dev->wiphy.bands[band]->channels[i]; 674 675 if (nl80211_msg_put_channel(msg, chan)) 676 goto nla_put_failure; 677 678 nla_nest_end(msg, nl_freq); 679 } 680 681 nla_nest_end(msg, nl_freqs); 682 683 /* add bitrates */ 684 nl_rates = nla_nest_start(msg, NL80211_BAND_ATTR_RATES); 685 if (!nl_rates) 686 goto nla_put_failure; 687 688 for (i = 0; i < dev->wiphy.bands[band]->n_bitrates; i++) { 689 nl_rate = nla_nest_start(msg, i); 690 if (!nl_rate) 691 goto nla_put_failure; 692 693 rate = &dev->wiphy.bands[band]->bitrates[i]; 694 NLA_PUT_U32(msg, NL80211_BITRATE_ATTR_RATE, 695 rate->bitrate); 696 if (rate->flags & IEEE80211_RATE_SHORT_PREAMBLE) 697 NLA_PUT_FLAG(msg, 698 NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE); 699 700 nla_nest_end(msg, nl_rate); 701 } 702 703 nla_nest_end(msg, nl_rates); 704 705 nla_nest_end(msg, nl_band); 706 } 707 nla_nest_end(msg, nl_bands); 708 709 nl_cmds = nla_nest_start(msg, NL80211_ATTR_SUPPORTED_COMMANDS); 710 if (!nl_cmds) 711 goto nla_put_failure; 712 713 i = 0; 714 #define CMD(op, n) \ 715 do { \ 716 if (dev->ops->op) { \ 717 i++; \ 718 NLA_PUT_U32(msg, i, NL80211_CMD_ ## n); \ 719 } \ 720 } while (0) 721 722 CMD(add_virtual_intf, NEW_INTERFACE); 723 CMD(change_virtual_intf, SET_INTERFACE); 724 CMD(add_key, NEW_KEY); 725 CMD(add_beacon, NEW_BEACON); 726 CMD(add_station, NEW_STATION); 727 CMD(add_mpath, NEW_MPATH); 728 CMD(update_mesh_config, SET_MESH_CONFIG); 729 CMD(change_bss, SET_BSS); 730 CMD(auth, AUTHENTICATE); 731 CMD(assoc, ASSOCIATE); 732 CMD(deauth, DEAUTHENTICATE); 733 CMD(disassoc, DISASSOCIATE); 734 CMD(join_ibss, JOIN_IBSS); 735 CMD(join_mesh, JOIN_MESH); 736 CMD(set_pmksa, SET_PMKSA); 737 CMD(del_pmksa, DEL_PMKSA); 738 CMD(flush_pmksa, FLUSH_PMKSA); 739 CMD(remain_on_channel, REMAIN_ON_CHANNEL); 740 CMD(set_bitrate_mask, SET_TX_BITRATE_MASK); 741 CMD(mgmt_tx, FRAME); 742 CMD(mgmt_tx_cancel_wait, FRAME_WAIT_CANCEL); 743 if (dev->wiphy.flags & WIPHY_FLAG_NETNS_OK) { 744 i++; 745 NLA_PUT_U32(msg, i, NL80211_CMD_SET_WIPHY_NETNS); 746 } 747 CMD(set_channel, SET_CHANNEL); 748 CMD(set_wds_peer, SET_WDS_PEER); 749 750 #undef CMD 751 752 if (dev->ops->connect || dev->ops->auth) { 753 i++; 754 NLA_PUT_U32(msg, i, NL80211_CMD_CONNECT); 755 } 756 757 if (dev->ops->disconnect || dev->ops->deauth) { 758 i++; 759 NLA_PUT_U32(msg, i, NL80211_CMD_DISCONNECT); 760 } 761 762 nla_nest_end(msg, nl_cmds); 763 764 if (dev->ops->remain_on_channel) 765 NLA_PUT_U32(msg, NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION, 766 dev->wiphy.max_remain_on_channel_duration); 767 768 /* for now at least assume all drivers have it */ 769 if (dev->ops->mgmt_tx) 770 NLA_PUT_FLAG(msg, NL80211_ATTR_OFFCHANNEL_TX_OK); 771 772 if (mgmt_stypes) { 773 u16 stypes; 774 struct nlattr *nl_ftypes, *nl_ifs; 775 enum nl80211_iftype ift; 776 777 nl_ifs = nla_nest_start(msg, NL80211_ATTR_TX_FRAME_TYPES); 778 if (!nl_ifs) 779 goto nla_put_failure; 780 781 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) { 782 nl_ftypes = nla_nest_start(msg, ift); 783 if (!nl_ftypes) 784 goto nla_put_failure; 785 i = 0; 786 stypes = mgmt_stypes[ift].tx; 787 while (stypes) { 788 if (stypes & 1) 789 NLA_PUT_U16(msg, NL80211_ATTR_FRAME_TYPE, 790 (i << 4) | IEEE80211_FTYPE_MGMT); 791 stypes >>= 1; 792 i++; 793 } 794 nla_nest_end(msg, nl_ftypes); 795 } 796 797 nla_nest_end(msg, nl_ifs); 798 799 nl_ifs = nla_nest_start(msg, NL80211_ATTR_RX_FRAME_TYPES); 800 if (!nl_ifs) 801 goto nla_put_failure; 802 803 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) { 804 nl_ftypes = nla_nest_start(msg, ift); 805 if (!nl_ftypes) 806 goto nla_put_failure; 807 i = 0; 808 stypes = mgmt_stypes[ift].rx; 809 while (stypes) { 810 if (stypes & 1) 811 NLA_PUT_U16(msg, NL80211_ATTR_FRAME_TYPE, 812 (i << 4) | IEEE80211_FTYPE_MGMT); 813 stypes >>= 1; 814 i++; 815 } 816 nla_nest_end(msg, nl_ftypes); 817 } 818 nla_nest_end(msg, nl_ifs); 819 } 820 821 return genlmsg_end(msg, hdr); 822 823 nla_put_failure: 824 genlmsg_cancel(msg, hdr); 825 return -EMSGSIZE; 826 } 827 828 static int nl80211_dump_wiphy(struct sk_buff *skb, struct netlink_callback *cb) 829 { 830 int idx = 0; 831 int start = cb->args[0]; 832 struct cfg80211_registered_device *dev; 833 834 mutex_lock(&cfg80211_mutex); 835 list_for_each_entry(dev, &cfg80211_rdev_list, list) { 836 if (!net_eq(wiphy_net(&dev->wiphy), sock_net(skb->sk))) 837 continue; 838 if (++idx <= start) 839 continue; 840 if (nl80211_send_wiphy(skb, NETLINK_CB(cb->skb).pid, 841 cb->nlh->nlmsg_seq, NLM_F_MULTI, 842 dev) < 0) { 843 idx--; 844 break; 845 } 846 } 847 mutex_unlock(&cfg80211_mutex); 848 849 cb->args[0] = idx; 850 851 return skb->len; 852 } 853 854 static int nl80211_get_wiphy(struct sk_buff *skb, struct genl_info *info) 855 { 856 struct sk_buff *msg; 857 struct cfg80211_registered_device *dev = info->user_ptr[0]; 858 859 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 860 if (!msg) 861 return -ENOMEM; 862 863 if (nl80211_send_wiphy(msg, info->snd_pid, info->snd_seq, 0, dev) < 0) { 864 nlmsg_free(msg); 865 return -ENOBUFS; 866 } 867 868 return genlmsg_reply(msg, info); 869 } 870 871 static const struct nla_policy txq_params_policy[NL80211_TXQ_ATTR_MAX + 1] = { 872 [NL80211_TXQ_ATTR_QUEUE] = { .type = NLA_U8 }, 873 [NL80211_TXQ_ATTR_TXOP] = { .type = NLA_U16 }, 874 [NL80211_TXQ_ATTR_CWMIN] = { .type = NLA_U16 }, 875 [NL80211_TXQ_ATTR_CWMAX] = { .type = NLA_U16 }, 876 [NL80211_TXQ_ATTR_AIFS] = { .type = NLA_U8 }, 877 }; 878 879 static int parse_txq_params(struct nlattr *tb[], 880 struct ieee80211_txq_params *txq_params) 881 { 882 if (!tb[NL80211_TXQ_ATTR_QUEUE] || !tb[NL80211_TXQ_ATTR_TXOP] || 883 !tb[NL80211_TXQ_ATTR_CWMIN] || !tb[NL80211_TXQ_ATTR_CWMAX] || 884 !tb[NL80211_TXQ_ATTR_AIFS]) 885 return -EINVAL; 886 887 txq_params->queue = nla_get_u8(tb[NL80211_TXQ_ATTR_QUEUE]); 888 txq_params->txop = nla_get_u16(tb[NL80211_TXQ_ATTR_TXOP]); 889 txq_params->cwmin = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMIN]); 890 txq_params->cwmax = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMAX]); 891 txq_params->aifs = nla_get_u8(tb[NL80211_TXQ_ATTR_AIFS]); 892 893 return 0; 894 } 895 896 static bool nl80211_can_set_dev_channel(struct wireless_dev *wdev) 897 { 898 /* 899 * You can only set the channel explicitly for AP, mesh 900 * and WDS type interfaces; all others have their channel 901 * managed via their respective "establish a connection" 902 * command (connect, join, ...) 903 * 904 * Monitors are special as they are normally slaved to 905 * whatever else is going on, so they behave as though 906 * you tried setting the wiphy channel itself. 907 */ 908 return !wdev || 909 wdev->iftype == NL80211_IFTYPE_AP || 910 wdev->iftype == NL80211_IFTYPE_WDS || 911 wdev->iftype == NL80211_IFTYPE_MESH_POINT || 912 wdev->iftype == NL80211_IFTYPE_MONITOR || 913 wdev->iftype == NL80211_IFTYPE_P2P_GO; 914 } 915 916 static int __nl80211_set_channel(struct cfg80211_registered_device *rdev, 917 struct wireless_dev *wdev, 918 struct genl_info *info) 919 { 920 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 921 u32 freq; 922 int result; 923 924 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ]) 925 return -EINVAL; 926 927 if (!nl80211_can_set_dev_channel(wdev)) 928 return -EOPNOTSUPP; 929 930 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 931 channel_type = nla_get_u32(info->attrs[ 932 NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 933 if (channel_type != NL80211_CHAN_NO_HT && 934 channel_type != NL80211_CHAN_HT20 && 935 channel_type != NL80211_CHAN_HT40PLUS && 936 channel_type != NL80211_CHAN_HT40MINUS) 937 return -EINVAL; 938 } 939 940 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); 941 942 mutex_lock(&rdev->devlist_mtx); 943 if (wdev) { 944 wdev_lock(wdev); 945 result = cfg80211_set_freq(rdev, wdev, freq, channel_type); 946 wdev_unlock(wdev); 947 } else { 948 result = cfg80211_set_freq(rdev, NULL, freq, channel_type); 949 } 950 mutex_unlock(&rdev->devlist_mtx); 951 952 return result; 953 } 954 955 static int nl80211_set_channel(struct sk_buff *skb, struct genl_info *info) 956 { 957 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 958 struct net_device *netdev = info->user_ptr[1]; 959 960 return __nl80211_set_channel(rdev, netdev->ieee80211_ptr, info); 961 } 962 963 static int nl80211_set_wds_peer(struct sk_buff *skb, struct genl_info *info) 964 { 965 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 966 struct net_device *dev = info->user_ptr[1]; 967 struct wireless_dev *wdev = dev->ieee80211_ptr; 968 const u8 *bssid; 969 970 if (!info->attrs[NL80211_ATTR_MAC]) 971 return -EINVAL; 972 973 if (netif_running(dev)) 974 return -EBUSY; 975 976 if (!rdev->ops->set_wds_peer) 977 return -EOPNOTSUPP; 978 979 if (wdev->iftype != NL80211_IFTYPE_WDS) 980 return -EOPNOTSUPP; 981 982 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 983 return rdev->ops->set_wds_peer(wdev->wiphy, dev, bssid); 984 } 985 986 987 static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info) 988 { 989 struct cfg80211_registered_device *rdev; 990 struct net_device *netdev = NULL; 991 struct wireless_dev *wdev; 992 int result = 0, rem_txq_params = 0; 993 struct nlattr *nl_txq_params; 994 u32 changed; 995 u8 retry_short = 0, retry_long = 0; 996 u32 frag_threshold = 0, rts_threshold = 0; 997 u8 coverage_class = 0; 998 999 /* 1000 * Try to find the wiphy and netdev. Normally this 1001 * function shouldn't need the netdev, but this is 1002 * done for backward compatibility -- previously 1003 * setting the channel was done per wiphy, but now 1004 * it is per netdev. Previous userland like hostapd 1005 * also passed a netdev to set_wiphy, so that it is 1006 * possible to let that go to the right netdev! 1007 */ 1008 mutex_lock(&cfg80211_mutex); 1009 1010 if (info->attrs[NL80211_ATTR_IFINDEX]) { 1011 int ifindex = nla_get_u32(info->attrs[NL80211_ATTR_IFINDEX]); 1012 1013 netdev = dev_get_by_index(genl_info_net(info), ifindex); 1014 if (netdev && netdev->ieee80211_ptr) { 1015 rdev = wiphy_to_dev(netdev->ieee80211_ptr->wiphy); 1016 mutex_lock(&rdev->mtx); 1017 } else 1018 netdev = NULL; 1019 } 1020 1021 if (!netdev) { 1022 rdev = __cfg80211_rdev_from_info(info); 1023 if (IS_ERR(rdev)) { 1024 mutex_unlock(&cfg80211_mutex); 1025 return PTR_ERR(rdev); 1026 } 1027 wdev = NULL; 1028 netdev = NULL; 1029 result = 0; 1030 1031 mutex_lock(&rdev->mtx); 1032 } else if (netif_running(netdev) && 1033 nl80211_can_set_dev_channel(netdev->ieee80211_ptr)) 1034 wdev = netdev->ieee80211_ptr; 1035 else 1036 wdev = NULL; 1037 1038 /* 1039 * end workaround code, by now the rdev is available 1040 * and locked, and wdev may or may not be NULL. 1041 */ 1042 1043 if (info->attrs[NL80211_ATTR_WIPHY_NAME]) 1044 result = cfg80211_dev_rename( 1045 rdev, nla_data(info->attrs[NL80211_ATTR_WIPHY_NAME])); 1046 1047 mutex_unlock(&cfg80211_mutex); 1048 1049 if (result) 1050 goto bad_res; 1051 1052 if (info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS]) { 1053 struct ieee80211_txq_params txq_params; 1054 struct nlattr *tb[NL80211_TXQ_ATTR_MAX + 1]; 1055 1056 if (!rdev->ops->set_txq_params) { 1057 result = -EOPNOTSUPP; 1058 goto bad_res; 1059 } 1060 1061 nla_for_each_nested(nl_txq_params, 1062 info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS], 1063 rem_txq_params) { 1064 nla_parse(tb, NL80211_TXQ_ATTR_MAX, 1065 nla_data(nl_txq_params), 1066 nla_len(nl_txq_params), 1067 txq_params_policy); 1068 result = parse_txq_params(tb, &txq_params); 1069 if (result) 1070 goto bad_res; 1071 1072 result = rdev->ops->set_txq_params(&rdev->wiphy, 1073 &txq_params); 1074 if (result) 1075 goto bad_res; 1076 } 1077 } 1078 1079 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { 1080 result = __nl80211_set_channel(rdev, wdev, info); 1081 if (result) 1082 goto bad_res; 1083 } 1084 1085 if (info->attrs[NL80211_ATTR_WIPHY_TX_POWER_SETTING]) { 1086 enum nl80211_tx_power_setting type; 1087 int idx, mbm = 0; 1088 1089 if (!rdev->ops->set_tx_power) { 1090 result = -EOPNOTSUPP; 1091 goto bad_res; 1092 } 1093 1094 idx = NL80211_ATTR_WIPHY_TX_POWER_SETTING; 1095 type = nla_get_u32(info->attrs[idx]); 1096 1097 if (!info->attrs[NL80211_ATTR_WIPHY_TX_POWER_LEVEL] && 1098 (type != NL80211_TX_POWER_AUTOMATIC)) { 1099 result = -EINVAL; 1100 goto bad_res; 1101 } 1102 1103 if (type != NL80211_TX_POWER_AUTOMATIC) { 1104 idx = NL80211_ATTR_WIPHY_TX_POWER_LEVEL; 1105 mbm = nla_get_u32(info->attrs[idx]); 1106 } 1107 1108 result = rdev->ops->set_tx_power(&rdev->wiphy, type, mbm); 1109 if (result) 1110 goto bad_res; 1111 } 1112 1113 if (info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX] && 1114 info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]) { 1115 u32 tx_ant, rx_ant; 1116 if ((!rdev->wiphy.available_antennas_tx && 1117 !rdev->wiphy.available_antennas_rx) || 1118 !rdev->ops->set_antenna) { 1119 result = -EOPNOTSUPP; 1120 goto bad_res; 1121 } 1122 1123 tx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX]); 1124 rx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]); 1125 1126 /* reject antenna configurations which don't match the 1127 * available antenna masks, except for the "all" mask */ 1128 if ((~tx_ant && (tx_ant & ~rdev->wiphy.available_antennas_tx)) || 1129 (~rx_ant && (rx_ant & ~rdev->wiphy.available_antennas_rx))) { 1130 result = -EINVAL; 1131 goto bad_res; 1132 } 1133 1134 tx_ant = tx_ant & rdev->wiphy.available_antennas_tx; 1135 rx_ant = rx_ant & rdev->wiphy.available_antennas_rx; 1136 1137 result = rdev->ops->set_antenna(&rdev->wiphy, tx_ant, rx_ant); 1138 if (result) 1139 goto bad_res; 1140 } 1141 1142 changed = 0; 1143 1144 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]) { 1145 retry_short = nla_get_u8( 1146 info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]); 1147 if (retry_short == 0) { 1148 result = -EINVAL; 1149 goto bad_res; 1150 } 1151 changed |= WIPHY_PARAM_RETRY_SHORT; 1152 } 1153 1154 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]) { 1155 retry_long = nla_get_u8( 1156 info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]); 1157 if (retry_long == 0) { 1158 result = -EINVAL; 1159 goto bad_res; 1160 } 1161 changed |= WIPHY_PARAM_RETRY_LONG; 1162 } 1163 1164 if (info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]) { 1165 frag_threshold = nla_get_u32( 1166 info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]); 1167 if (frag_threshold < 256) { 1168 result = -EINVAL; 1169 goto bad_res; 1170 } 1171 if (frag_threshold != (u32) -1) { 1172 /* 1173 * Fragments (apart from the last one) are required to 1174 * have even length. Make the fragmentation code 1175 * simpler by stripping LSB should someone try to use 1176 * odd threshold value. 1177 */ 1178 frag_threshold &= ~0x1; 1179 } 1180 changed |= WIPHY_PARAM_FRAG_THRESHOLD; 1181 } 1182 1183 if (info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]) { 1184 rts_threshold = nla_get_u32( 1185 info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]); 1186 changed |= WIPHY_PARAM_RTS_THRESHOLD; 1187 } 1188 1189 if (info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]) { 1190 coverage_class = nla_get_u8( 1191 info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]); 1192 changed |= WIPHY_PARAM_COVERAGE_CLASS; 1193 } 1194 1195 if (changed) { 1196 u8 old_retry_short, old_retry_long; 1197 u32 old_frag_threshold, old_rts_threshold; 1198 u8 old_coverage_class; 1199 1200 if (!rdev->ops->set_wiphy_params) { 1201 result = -EOPNOTSUPP; 1202 goto bad_res; 1203 } 1204 1205 old_retry_short = rdev->wiphy.retry_short; 1206 old_retry_long = rdev->wiphy.retry_long; 1207 old_frag_threshold = rdev->wiphy.frag_threshold; 1208 old_rts_threshold = rdev->wiphy.rts_threshold; 1209 old_coverage_class = rdev->wiphy.coverage_class; 1210 1211 if (changed & WIPHY_PARAM_RETRY_SHORT) 1212 rdev->wiphy.retry_short = retry_short; 1213 if (changed & WIPHY_PARAM_RETRY_LONG) 1214 rdev->wiphy.retry_long = retry_long; 1215 if (changed & WIPHY_PARAM_FRAG_THRESHOLD) 1216 rdev->wiphy.frag_threshold = frag_threshold; 1217 if (changed & WIPHY_PARAM_RTS_THRESHOLD) 1218 rdev->wiphy.rts_threshold = rts_threshold; 1219 if (changed & WIPHY_PARAM_COVERAGE_CLASS) 1220 rdev->wiphy.coverage_class = coverage_class; 1221 1222 result = rdev->ops->set_wiphy_params(&rdev->wiphy, changed); 1223 if (result) { 1224 rdev->wiphy.retry_short = old_retry_short; 1225 rdev->wiphy.retry_long = old_retry_long; 1226 rdev->wiphy.frag_threshold = old_frag_threshold; 1227 rdev->wiphy.rts_threshold = old_rts_threshold; 1228 rdev->wiphy.coverage_class = old_coverage_class; 1229 } 1230 } 1231 1232 bad_res: 1233 mutex_unlock(&rdev->mtx); 1234 if (netdev) 1235 dev_put(netdev); 1236 return result; 1237 } 1238 1239 1240 static int nl80211_send_iface(struct sk_buff *msg, u32 pid, u32 seq, int flags, 1241 struct cfg80211_registered_device *rdev, 1242 struct net_device *dev) 1243 { 1244 void *hdr; 1245 1246 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_INTERFACE); 1247 if (!hdr) 1248 return -1; 1249 1250 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 1251 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 1252 NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, dev->name); 1253 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, dev->ieee80211_ptr->iftype); 1254 1255 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, 1256 rdev->devlist_generation ^ 1257 (cfg80211_rdev_list_generation << 2)); 1258 1259 return genlmsg_end(msg, hdr); 1260 1261 nla_put_failure: 1262 genlmsg_cancel(msg, hdr); 1263 return -EMSGSIZE; 1264 } 1265 1266 static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback *cb) 1267 { 1268 int wp_idx = 0; 1269 int if_idx = 0; 1270 int wp_start = cb->args[0]; 1271 int if_start = cb->args[1]; 1272 struct cfg80211_registered_device *rdev; 1273 struct wireless_dev *wdev; 1274 1275 mutex_lock(&cfg80211_mutex); 1276 list_for_each_entry(rdev, &cfg80211_rdev_list, list) { 1277 if (!net_eq(wiphy_net(&rdev->wiphy), sock_net(skb->sk))) 1278 continue; 1279 if (wp_idx < wp_start) { 1280 wp_idx++; 1281 continue; 1282 } 1283 if_idx = 0; 1284 1285 mutex_lock(&rdev->devlist_mtx); 1286 list_for_each_entry(wdev, &rdev->netdev_list, list) { 1287 if (if_idx < if_start) { 1288 if_idx++; 1289 continue; 1290 } 1291 if (nl80211_send_iface(skb, NETLINK_CB(cb->skb).pid, 1292 cb->nlh->nlmsg_seq, NLM_F_MULTI, 1293 rdev, wdev->netdev) < 0) { 1294 mutex_unlock(&rdev->devlist_mtx); 1295 goto out; 1296 } 1297 if_idx++; 1298 } 1299 mutex_unlock(&rdev->devlist_mtx); 1300 1301 wp_idx++; 1302 } 1303 out: 1304 mutex_unlock(&cfg80211_mutex); 1305 1306 cb->args[0] = wp_idx; 1307 cb->args[1] = if_idx; 1308 1309 return skb->len; 1310 } 1311 1312 static int nl80211_get_interface(struct sk_buff *skb, struct genl_info *info) 1313 { 1314 struct sk_buff *msg; 1315 struct cfg80211_registered_device *dev = info->user_ptr[0]; 1316 struct net_device *netdev = info->user_ptr[1]; 1317 1318 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1319 if (!msg) 1320 return -ENOMEM; 1321 1322 if (nl80211_send_iface(msg, info->snd_pid, info->snd_seq, 0, 1323 dev, netdev) < 0) { 1324 nlmsg_free(msg); 1325 return -ENOBUFS; 1326 } 1327 1328 return genlmsg_reply(msg, info); 1329 } 1330 1331 static const struct nla_policy mntr_flags_policy[NL80211_MNTR_FLAG_MAX + 1] = { 1332 [NL80211_MNTR_FLAG_FCSFAIL] = { .type = NLA_FLAG }, 1333 [NL80211_MNTR_FLAG_PLCPFAIL] = { .type = NLA_FLAG }, 1334 [NL80211_MNTR_FLAG_CONTROL] = { .type = NLA_FLAG }, 1335 [NL80211_MNTR_FLAG_OTHER_BSS] = { .type = NLA_FLAG }, 1336 [NL80211_MNTR_FLAG_COOK_FRAMES] = { .type = NLA_FLAG }, 1337 }; 1338 1339 static int parse_monitor_flags(struct nlattr *nla, u32 *mntrflags) 1340 { 1341 struct nlattr *flags[NL80211_MNTR_FLAG_MAX + 1]; 1342 int flag; 1343 1344 *mntrflags = 0; 1345 1346 if (!nla) 1347 return -EINVAL; 1348 1349 if (nla_parse_nested(flags, NL80211_MNTR_FLAG_MAX, 1350 nla, mntr_flags_policy)) 1351 return -EINVAL; 1352 1353 for (flag = 1; flag <= NL80211_MNTR_FLAG_MAX; flag++) 1354 if (flags[flag]) 1355 *mntrflags |= (1<<flag); 1356 1357 return 0; 1358 } 1359 1360 static int nl80211_valid_4addr(struct cfg80211_registered_device *rdev, 1361 struct net_device *netdev, u8 use_4addr, 1362 enum nl80211_iftype iftype) 1363 { 1364 if (!use_4addr) { 1365 if (netdev && (netdev->priv_flags & IFF_BRIDGE_PORT)) 1366 return -EBUSY; 1367 return 0; 1368 } 1369 1370 switch (iftype) { 1371 case NL80211_IFTYPE_AP_VLAN: 1372 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_AP) 1373 return 0; 1374 break; 1375 case NL80211_IFTYPE_STATION: 1376 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_STATION) 1377 return 0; 1378 break; 1379 default: 1380 break; 1381 } 1382 1383 return -EOPNOTSUPP; 1384 } 1385 1386 static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info) 1387 { 1388 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1389 struct vif_params params; 1390 int err; 1391 enum nl80211_iftype otype, ntype; 1392 struct net_device *dev = info->user_ptr[1]; 1393 u32 _flags, *flags = NULL; 1394 bool change = false; 1395 1396 memset(¶ms, 0, sizeof(params)); 1397 1398 otype = ntype = dev->ieee80211_ptr->iftype; 1399 1400 if (info->attrs[NL80211_ATTR_IFTYPE]) { 1401 ntype = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]); 1402 if (otype != ntype) 1403 change = true; 1404 if (ntype > NL80211_IFTYPE_MAX) 1405 return -EINVAL; 1406 } 1407 1408 if (info->attrs[NL80211_ATTR_MESH_ID]) { 1409 struct wireless_dev *wdev = dev->ieee80211_ptr; 1410 1411 if (ntype != NL80211_IFTYPE_MESH_POINT) 1412 return -EINVAL; 1413 if (netif_running(dev)) 1414 return -EBUSY; 1415 1416 wdev_lock(wdev); 1417 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN != 1418 IEEE80211_MAX_MESH_ID_LEN); 1419 wdev->mesh_id_up_len = 1420 nla_len(info->attrs[NL80211_ATTR_MESH_ID]); 1421 memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]), 1422 wdev->mesh_id_up_len); 1423 wdev_unlock(wdev); 1424 } 1425 1426 if (info->attrs[NL80211_ATTR_4ADDR]) { 1427 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]); 1428 change = true; 1429 err = nl80211_valid_4addr(rdev, dev, params.use_4addr, ntype); 1430 if (err) 1431 return err; 1432 } else { 1433 params.use_4addr = -1; 1434 } 1435 1436 if (info->attrs[NL80211_ATTR_MNTR_FLAGS]) { 1437 if (ntype != NL80211_IFTYPE_MONITOR) 1438 return -EINVAL; 1439 err = parse_monitor_flags(info->attrs[NL80211_ATTR_MNTR_FLAGS], 1440 &_flags); 1441 if (err) 1442 return err; 1443 1444 flags = &_flags; 1445 change = true; 1446 } 1447 1448 if (change) 1449 err = cfg80211_change_iface(rdev, dev, ntype, flags, ¶ms); 1450 else 1451 err = 0; 1452 1453 if (!err && params.use_4addr != -1) 1454 dev->ieee80211_ptr->use_4addr = params.use_4addr; 1455 1456 return err; 1457 } 1458 1459 static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info) 1460 { 1461 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1462 struct vif_params params; 1463 struct net_device *dev; 1464 int err; 1465 enum nl80211_iftype type = NL80211_IFTYPE_UNSPECIFIED; 1466 u32 flags; 1467 1468 memset(¶ms, 0, sizeof(params)); 1469 1470 if (!info->attrs[NL80211_ATTR_IFNAME]) 1471 return -EINVAL; 1472 1473 if (info->attrs[NL80211_ATTR_IFTYPE]) { 1474 type = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]); 1475 if (type > NL80211_IFTYPE_MAX) 1476 return -EINVAL; 1477 } 1478 1479 if (!rdev->ops->add_virtual_intf || 1480 !(rdev->wiphy.interface_modes & (1 << type))) 1481 return -EOPNOTSUPP; 1482 1483 if (info->attrs[NL80211_ATTR_4ADDR]) { 1484 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]); 1485 err = nl80211_valid_4addr(rdev, NULL, params.use_4addr, type); 1486 if (err) 1487 return err; 1488 } 1489 1490 err = parse_monitor_flags(type == NL80211_IFTYPE_MONITOR ? 1491 info->attrs[NL80211_ATTR_MNTR_FLAGS] : NULL, 1492 &flags); 1493 dev = rdev->ops->add_virtual_intf(&rdev->wiphy, 1494 nla_data(info->attrs[NL80211_ATTR_IFNAME]), 1495 type, err ? NULL : &flags, ¶ms); 1496 if (IS_ERR(dev)) 1497 return PTR_ERR(dev); 1498 1499 if (type == NL80211_IFTYPE_MESH_POINT && 1500 info->attrs[NL80211_ATTR_MESH_ID]) { 1501 struct wireless_dev *wdev = dev->ieee80211_ptr; 1502 1503 wdev_lock(wdev); 1504 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN != 1505 IEEE80211_MAX_MESH_ID_LEN); 1506 wdev->mesh_id_up_len = 1507 nla_len(info->attrs[NL80211_ATTR_MESH_ID]); 1508 memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]), 1509 wdev->mesh_id_up_len); 1510 wdev_unlock(wdev); 1511 } 1512 1513 return 0; 1514 } 1515 1516 static int nl80211_del_interface(struct sk_buff *skb, struct genl_info *info) 1517 { 1518 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1519 struct net_device *dev = info->user_ptr[1]; 1520 1521 if (!rdev->ops->del_virtual_intf) 1522 return -EOPNOTSUPP; 1523 1524 return rdev->ops->del_virtual_intf(&rdev->wiphy, dev); 1525 } 1526 1527 struct get_key_cookie { 1528 struct sk_buff *msg; 1529 int error; 1530 int idx; 1531 }; 1532 1533 static void get_key_callback(void *c, struct key_params *params) 1534 { 1535 struct nlattr *key; 1536 struct get_key_cookie *cookie = c; 1537 1538 if (params->key) 1539 NLA_PUT(cookie->msg, NL80211_ATTR_KEY_DATA, 1540 params->key_len, params->key); 1541 1542 if (params->seq) 1543 NLA_PUT(cookie->msg, NL80211_ATTR_KEY_SEQ, 1544 params->seq_len, params->seq); 1545 1546 if (params->cipher) 1547 NLA_PUT_U32(cookie->msg, NL80211_ATTR_KEY_CIPHER, 1548 params->cipher); 1549 1550 key = nla_nest_start(cookie->msg, NL80211_ATTR_KEY); 1551 if (!key) 1552 goto nla_put_failure; 1553 1554 if (params->key) 1555 NLA_PUT(cookie->msg, NL80211_KEY_DATA, 1556 params->key_len, params->key); 1557 1558 if (params->seq) 1559 NLA_PUT(cookie->msg, NL80211_KEY_SEQ, 1560 params->seq_len, params->seq); 1561 1562 if (params->cipher) 1563 NLA_PUT_U32(cookie->msg, NL80211_KEY_CIPHER, 1564 params->cipher); 1565 1566 NLA_PUT_U8(cookie->msg, NL80211_ATTR_KEY_IDX, cookie->idx); 1567 1568 nla_nest_end(cookie->msg, key); 1569 1570 return; 1571 nla_put_failure: 1572 cookie->error = 1; 1573 } 1574 1575 static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info) 1576 { 1577 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1578 int err; 1579 struct net_device *dev = info->user_ptr[1]; 1580 u8 key_idx = 0; 1581 const u8 *mac_addr = NULL; 1582 bool pairwise; 1583 struct get_key_cookie cookie = { 1584 .error = 0, 1585 }; 1586 void *hdr; 1587 struct sk_buff *msg; 1588 1589 if (info->attrs[NL80211_ATTR_KEY_IDX]) 1590 key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]); 1591 1592 if (key_idx > 5) 1593 return -EINVAL; 1594 1595 if (info->attrs[NL80211_ATTR_MAC]) 1596 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1597 1598 pairwise = !!mac_addr; 1599 if (info->attrs[NL80211_ATTR_KEY_TYPE]) { 1600 u32 kt = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]); 1601 if (kt >= NUM_NL80211_KEYTYPES) 1602 return -EINVAL; 1603 if (kt != NL80211_KEYTYPE_GROUP && 1604 kt != NL80211_KEYTYPE_PAIRWISE) 1605 return -EINVAL; 1606 pairwise = kt == NL80211_KEYTYPE_PAIRWISE; 1607 } 1608 1609 if (!rdev->ops->get_key) 1610 return -EOPNOTSUPP; 1611 1612 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1613 if (!msg) 1614 return -ENOMEM; 1615 1616 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 1617 NL80211_CMD_NEW_KEY); 1618 if (IS_ERR(hdr)) 1619 return PTR_ERR(hdr); 1620 1621 cookie.msg = msg; 1622 cookie.idx = key_idx; 1623 1624 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 1625 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx); 1626 if (mac_addr) 1627 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr); 1628 1629 if (pairwise && mac_addr && 1630 !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN)) 1631 return -ENOENT; 1632 1633 err = rdev->ops->get_key(&rdev->wiphy, dev, key_idx, pairwise, 1634 mac_addr, &cookie, get_key_callback); 1635 1636 if (err) 1637 goto free_msg; 1638 1639 if (cookie.error) 1640 goto nla_put_failure; 1641 1642 genlmsg_end(msg, hdr); 1643 return genlmsg_reply(msg, info); 1644 1645 nla_put_failure: 1646 err = -ENOBUFS; 1647 free_msg: 1648 nlmsg_free(msg); 1649 return err; 1650 } 1651 1652 static int nl80211_set_key(struct sk_buff *skb, struct genl_info *info) 1653 { 1654 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1655 struct key_parse key; 1656 int err; 1657 struct net_device *dev = info->user_ptr[1]; 1658 1659 err = nl80211_parse_key(info, &key); 1660 if (err) 1661 return err; 1662 1663 if (key.idx < 0) 1664 return -EINVAL; 1665 1666 /* only support setting default key */ 1667 if (!key.def && !key.defmgmt) 1668 return -EINVAL; 1669 1670 wdev_lock(dev->ieee80211_ptr); 1671 1672 if (key.def) { 1673 if (!rdev->ops->set_default_key) { 1674 err = -EOPNOTSUPP; 1675 goto out; 1676 } 1677 1678 err = nl80211_key_allowed(dev->ieee80211_ptr); 1679 if (err) 1680 goto out; 1681 1682 if (!(rdev->wiphy.flags & 1683 WIPHY_FLAG_SUPPORTS_SEPARATE_DEFAULT_KEYS)) { 1684 if (!key.def_uni || !key.def_multi) { 1685 err = -EOPNOTSUPP; 1686 goto out; 1687 } 1688 } 1689 1690 err = rdev->ops->set_default_key(&rdev->wiphy, dev, key.idx, 1691 key.def_uni, key.def_multi); 1692 1693 if (err) 1694 goto out; 1695 1696 #ifdef CONFIG_CFG80211_WEXT 1697 dev->ieee80211_ptr->wext.default_key = key.idx; 1698 #endif 1699 } else { 1700 if (key.def_uni || !key.def_multi) { 1701 err = -EINVAL; 1702 goto out; 1703 } 1704 1705 if (!rdev->ops->set_default_mgmt_key) { 1706 err = -EOPNOTSUPP; 1707 goto out; 1708 } 1709 1710 err = nl80211_key_allowed(dev->ieee80211_ptr); 1711 if (err) 1712 goto out; 1713 1714 err = rdev->ops->set_default_mgmt_key(&rdev->wiphy, 1715 dev, key.idx); 1716 if (err) 1717 goto out; 1718 1719 #ifdef CONFIG_CFG80211_WEXT 1720 dev->ieee80211_ptr->wext.default_mgmt_key = key.idx; 1721 #endif 1722 } 1723 1724 out: 1725 wdev_unlock(dev->ieee80211_ptr); 1726 1727 return err; 1728 } 1729 1730 static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info) 1731 { 1732 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1733 int err; 1734 struct net_device *dev = info->user_ptr[1]; 1735 struct key_parse key; 1736 const u8 *mac_addr = NULL; 1737 1738 err = nl80211_parse_key(info, &key); 1739 if (err) 1740 return err; 1741 1742 if (!key.p.key) 1743 return -EINVAL; 1744 1745 if (info->attrs[NL80211_ATTR_MAC]) 1746 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1747 1748 if (key.type == -1) { 1749 if (mac_addr) 1750 key.type = NL80211_KEYTYPE_PAIRWISE; 1751 else 1752 key.type = NL80211_KEYTYPE_GROUP; 1753 } 1754 1755 /* for now */ 1756 if (key.type != NL80211_KEYTYPE_PAIRWISE && 1757 key.type != NL80211_KEYTYPE_GROUP) 1758 return -EINVAL; 1759 1760 if (!rdev->ops->add_key) 1761 return -EOPNOTSUPP; 1762 1763 if (cfg80211_validate_key_settings(rdev, &key.p, key.idx, 1764 key.type == NL80211_KEYTYPE_PAIRWISE, 1765 mac_addr)) 1766 return -EINVAL; 1767 1768 wdev_lock(dev->ieee80211_ptr); 1769 err = nl80211_key_allowed(dev->ieee80211_ptr); 1770 if (!err) 1771 err = rdev->ops->add_key(&rdev->wiphy, dev, key.idx, 1772 key.type == NL80211_KEYTYPE_PAIRWISE, 1773 mac_addr, &key.p); 1774 wdev_unlock(dev->ieee80211_ptr); 1775 1776 return err; 1777 } 1778 1779 static int nl80211_del_key(struct sk_buff *skb, struct genl_info *info) 1780 { 1781 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1782 int err; 1783 struct net_device *dev = info->user_ptr[1]; 1784 u8 *mac_addr = NULL; 1785 struct key_parse key; 1786 1787 err = nl80211_parse_key(info, &key); 1788 if (err) 1789 return err; 1790 1791 if (info->attrs[NL80211_ATTR_MAC]) 1792 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1793 1794 if (key.type == -1) { 1795 if (mac_addr) 1796 key.type = NL80211_KEYTYPE_PAIRWISE; 1797 else 1798 key.type = NL80211_KEYTYPE_GROUP; 1799 } 1800 1801 /* for now */ 1802 if (key.type != NL80211_KEYTYPE_PAIRWISE && 1803 key.type != NL80211_KEYTYPE_GROUP) 1804 return -EINVAL; 1805 1806 if (!rdev->ops->del_key) 1807 return -EOPNOTSUPP; 1808 1809 wdev_lock(dev->ieee80211_ptr); 1810 err = nl80211_key_allowed(dev->ieee80211_ptr); 1811 1812 if (key.type == NL80211_KEYTYPE_PAIRWISE && mac_addr && 1813 !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN)) 1814 err = -ENOENT; 1815 1816 if (!err) 1817 err = rdev->ops->del_key(&rdev->wiphy, dev, key.idx, 1818 key.type == NL80211_KEYTYPE_PAIRWISE, 1819 mac_addr); 1820 1821 #ifdef CONFIG_CFG80211_WEXT 1822 if (!err) { 1823 if (key.idx == dev->ieee80211_ptr->wext.default_key) 1824 dev->ieee80211_ptr->wext.default_key = -1; 1825 else if (key.idx == dev->ieee80211_ptr->wext.default_mgmt_key) 1826 dev->ieee80211_ptr->wext.default_mgmt_key = -1; 1827 } 1828 #endif 1829 wdev_unlock(dev->ieee80211_ptr); 1830 1831 return err; 1832 } 1833 1834 static int nl80211_addset_beacon(struct sk_buff *skb, struct genl_info *info) 1835 { 1836 int (*call)(struct wiphy *wiphy, struct net_device *dev, 1837 struct beacon_parameters *info); 1838 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1839 struct net_device *dev = info->user_ptr[1]; 1840 struct beacon_parameters params; 1841 int haveinfo = 0; 1842 1843 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_BEACON_TAIL])) 1844 return -EINVAL; 1845 1846 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 1847 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 1848 return -EOPNOTSUPP; 1849 1850 switch (info->genlhdr->cmd) { 1851 case NL80211_CMD_NEW_BEACON: 1852 /* these are required for NEW_BEACON */ 1853 if (!info->attrs[NL80211_ATTR_BEACON_INTERVAL] || 1854 !info->attrs[NL80211_ATTR_DTIM_PERIOD] || 1855 !info->attrs[NL80211_ATTR_BEACON_HEAD]) 1856 return -EINVAL; 1857 1858 call = rdev->ops->add_beacon; 1859 break; 1860 case NL80211_CMD_SET_BEACON: 1861 call = rdev->ops->set_beacon; 1862 break; 1863 default: 1864 WARN_ON(1); 1865 return -EOPNOTSUPP; 1866 } 1867 1868 if (!call) 1869 return -EOPNOTSUPP; 1870 1871 memset(¶ms, 0, sizeof(params)); 1872 1873 if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) { 1874 params.interval = 1875 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]); 1876 haveinfo = 1; 1877 } 1878 1879 if (info->attrs[NL80211_ATTR_DTIM_PERIOD]) { 1880 params.dtim_period = 1881 nla_get_u32(info->attrs[NL80211_ATTR_DTIM_PERIOD]); 1882 haveinfo = 1; 1883 } 1884 1885 if (info->attrs[NL80211_ATTR_BEACON_HEAD]) { 1886 params.head = nla_data(info->attrs[NL80211_ATTR_BEACON_HEAD]); 1887 params.head_len = 1888 nla_len(info->attrs[NL80211_ATTR_BEACON_HEAD]); 1889 haveinfo = 1; 1890 } 1891 1892 if (info->attrs[NL80211_ATTR_BEACON_TAIL]) { 1893 params.tail = nla_data(info->attrs[NL80211_ATTR_BEACON_TAIL]); 1894 params.tail_len = 1895 nla_len(info->attrs[NL80211_ATTR_BEACON_TAIL]); 1896 haveinfo = 1; 1897 } 1898 1899 if (!haveinfo) 1900 return -EINVAL; 1901 1902 return call(&rdev->wiphy, dev, ¶ms); 1903 } 1904 1905 static int nl80211_del_beacon(struct sk_buff *skb, struct genl_info *info) 1906 { 1907 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1908 struct net_device *dev = info->user_ptr[1]; 1909 1910 if (!rdev->ops->del_beacon) 1911 return -EOPNOTSUPP; 1912 1913 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 1914 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 1915 return -EOPNOTSUPP; 1916 1917 return rdev->ops->del_beacon(&rdev->wiphy, dev); 1918 } 1919 1920 static const struct nla_policy sta_flags_policy[NL80211_STA_FLAG_MAX + 1] = { 1921 [NL80211_STA_FLAG_AUTHORIZED] = { .type = NLA_FLAG }, 1922 [NL80211_STA_FLAG_SHORT_PREAMBLE] = { .type = NLA_FLAG }, 1923 [NL80211_STA_FLAG_WME] = { .type = NLA_FLAG }, 1924 [NL80211_STA_FLAG_MFP] = { .type = NLA_FLAG }, 1925 }; 1926 1927 static int parse_station_flags(struct genl_info *info, 1928 struct station_parameters *params) 1929 { 1930 struct nlattr *flags[NL80211_STA_FLAG_MAX + 1]; 1931 struct nlattr *nla; 1932 int flag; 1933 1934 /* 1935 * Try parsing the new attribute first so userspace 1936 * can specify both for older kernels. 1937 */ 1938 nla = info->attrs[NL80211_ATTR_STA_FLAGS2]; 1939 if (nla) { 1940 struct nl80211_sta_flag_update *sta_flags; 1941 1942 sta_flags = nla_data(nla); 1943 params->sta_flags_mask = sta_flags->mask; 1944 params->sta_flags_set = sta_flags->set; 1945 if ((params->sta_flags_mask | 1946 params->sta_flags_set) & BIT(__NL80211_STA_FLAG_INVALID)) 1947 return -EINVAL; 1948 return 0; 1949 } 1950 1951 /* if present, parse the old attribute */ 1952 1953 nla = info->attrs[NL80211_ATTR_STA_FLAGS]; 1954 if (!nla) 1955 return 0; 1956 1957 if (nla_parse_nested(flags, NL80211_STA_FLAG_MAX, 1958 nla, sta_flags_policy)) 1959 return -EINVAL; 1960 1961 params->sta_flags_mask = (1 << __NL80211_STA_FLAG_AFTER_LAST) - 1; 1962 params->sta_flags_mask &= ~1; 1963 1964 for (flag = 1; flag <= NL80211_STA_FLAG_MAX; flag++) 1965 if (flags[flag]) 1966 params->sta_flags_set |= (1<<flag); 1967 1968 return 0; 1969 } 1970 1971 static int nl80211_send_station(struct sk_buff *msg, u32 pid, u32 seq, 1972 int flags, struct net_device *dev, 1973 const u8 *mac_addr, struct station_info *sinfo) 1974 { 1975 void *hdr; 1976 struct nlattr *sinfoattr, *txrate; 1977 u16 bitrate; 1978 1979 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION); 1980 if (!hdr) 1981 return -1; 1982 1983 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 1984 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr); 1985 1986 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, sinfo->generation); 1987 1988 sinfoattr = nla_nest_start(msg, NL80211_ATTR_STA_INFO); 1989 if (!sinfoattr) 1990 goto nla_put_failure; 1991 if (sinfo->filled & STATION_INFO_INACTIVE_TIME) 1992 NLA_PUT_U32(msg, NL80211_STA_INFO_INACTIVE_TIME, 1993 sinfo->inactive_time); 1994 if (sinfo->filled & STATION_INFO_RX_BYTES) 1995 NLA_PUT_U32(msg, NL80211_STA_INFO_RX_BYTES, 1996 sinfo->rx_bytes); 1997 if (sinfo->filled & STATION_INFO_TX_BYTES) 1998 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_BYTES, 1999 sinfo->tx_bytes); 2000 if (sinfo->filled & STATION_INFO_LLID) 2001 NLA_PUT_U16(msg, NL80211_STA_INFO_LLID, 2002 sinfo->llid); 2003 if (sinfo->filled & STATION_INFO_PLID) 2004 NLA_PUT_U16(msg, NL80211_STA_INFO_PLID, 2005 sinfo->plid); 2006 if (sinfo->filled & STATION_INFO_PLINK_STATE) 2007 NLA_PUT_U8(msg, NL80211_STA_INFO_PLINK_STATE, 2008 sinfo->plink_state); 2009 if (sinfo->filled & STATION_INFO_SIGNAL) 2010 NLA_PUT_U8(msg, NL80211_STA_INFO_SIGNAL, 2011 sinfo->signal); 2012 if (sinfo->filled & STATION_INFO_SIGNAL_AVG) 2013 NLA_PUT_U8(msg, NL80211_STA_INFO_SIGNAL_AVG, 2014 sinfo->signal_avg); 2015 if (sinfo->filled & STATION_INFO_TX_BITRATE) { 2016 txrate = nla_nest_start(msg, NL80211_STA_INFO_TX_BITRATE); 2017 if (!txrate) 2018 goto nla_put_failure; 2019 2020 /* cfg80211_calculate_bitrate will return 0 for mcs >= 32 */ 2021 bitrate = cfg80211_calculate_bitrate(&sinfo->txrate); 2022 if (bitrate > 0) 2023 NLA_PUT_U16(msg, NL80211_RATE_INFO_BITRATE, bitrate); 2024 2025 if (sinfo->txrate.flags & RATE_INFO_FLAGS_MCS) 2026 NLA_PUT_U8(msg, NL80211_RATE_INFO_MCS, 2027 sinfo->txrate.mcs); 2028 if (sinfo->txrate.flags & RATE_INFO_FLAGS_40_MHZ_WIDTH) 2029 NLA_PUT_FLAG(msg, NL80211_RATE_INFO_40_MHZ_WIDTH); 2030 if (sinfo->txrate.flags & RATE_INFO_FLAGS_SHORT_GI) 2031 NLA_PUT_FLAG(msg, NL80211_RATE_INFO_SHORT_GI); 2032 2033 nla_nest_end(msg, txrate); 2034 } 2035 if (sinfo->filled & STATION_INFO_RX_PACKETS) 2036 NLA_PUT_U32(msg, NL80211_STA_INFO_RX_PACKETS, 2037 sinfo->rx_packets); 2038 if (sinfo->filled & STATION_INFO_TX_PACKETS) 2039 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_PACKETS, 2040 sinfo->tx_packets); 2041 if (sinfo->filled & STATION_INFO_TX_RETRIES) 2042 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_RETRIES, 2043 sinfo->tx_retries); 2044 if (sinfo->filled & STATION_INFO_TX_FAILED) 2045 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_FAILED, 2046 sinfo->tx_failed); 2047 nla_nest_end(msg, sinfoattr); 2048 2049 return genlmsg_end(msg, hdr); 2050 2051 nla_put_failure: 2052 genlmsg_cancel(msg, hdr); 2053 return -EMSGSIZE; 2054 } 2055 2056 static int nl80211_dump_station(struct sk_buff *skb, 2057 struct netlink_callback *cb) 2058 { 2059 struct station_info sinfo; 2060 struct cfg80211_registered_device *dev; 2061 struct net_device *netdev; 2062 u8 mac_addr[ETH_ALEN]; 2063 int sta_idx = cb->args[1]; 2064 int err; 2065 2066 err = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev); 2067 if (err) 2068 return err; 2069 2070 if (!dev->ops->dump_station) { 2071 err = -EOPNOTSUPP; 2072 goto out_err; 2073 } 2074 2075 while (1) { 2076 err = dev->ops->dump_station(&dev->wiphy, netdev, sta_idx, 2077 mac_addr, &sinfo); 2078 if (err == -ENOENT) 2079 break; 2080 if (err) 2081 goto out_err; 2082 2083 if (nl80211_send_station(skb, 2084 NETLINK_CB(cb->skb).pid, 2085 cb->nlh->nlmsg_seq, NLM_F_MULTI, 2086 netdev, mac_addr, 2087 &sinfo) < 0) 2088 goto out; 2089 2090 sta_idx++; 2091 } 2092 2093 2094 out: 2095 cb->args[1] = sta_idx; 2096 err = skb->len; 2097 out_err: 2098 nl80211_finish_netdev_dump(dev); 2099 2100 return err; 2101 } 2102 2103 static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info) 2104 { 2105 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2106 struct net_device *dev = info->user_ptr[1]; 2107 struct station_info sinfo; 2108 struct sk_buff *msg; 2109 u8 *mac_addr = NULL; 2110 int err; 2111 2112 memset(&sinfo, 0, sizeof(sinfo)); 2113 2114 if (!info->attrs[NL80211_ATTR_MAC]) 2115 return -EINVAL; 2116 2117 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2118 2119 if (!rdev->ops->get_station) 2120 return -EOPNOTSUPP; 2121 2122 err = rdev->ops->get_station(&rdev->wiphy, dev, mac_addr, &sinfo); 2123 if (err) 2124 return err; 2125 2126 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 2127 if (!msg) 2128 return -ENOMEM; 2129 2130 if (nl80211_send_station(msg, info->snd_pid, info->snd_seq, 0, 2131 dev, mac_addr, &sinfo) < 0) { 2132 nlmsg_free(msg); 2133 return -ENOBUFS; 2134 } 2135 2136 return genlmsg_reply(msg, info); 2137 } 2138 2139 /* 2140 * Get vlan interface making sure it is running and on the right wiphy. 2141 */ 2142 static int get_vlan(struct genl_info *info, 2143 struct cfg80211_registered_device *rdev, 2144 struct net_device **vlan) 2145 { 2146 struct nlattr *vlanattr = info->attrs[NL80211_ATTR_STA_VLAN]; 2147 *vlan = NULL; 2148 2149 if (vlanattr) { 2150 *vlan = dev_get_by_index(genl_info_net(info), 2151 nla_get_u32(vlanattr)); 2152 if (!*vlan) 2153 return -ENODEV; 2154 if (!(*vlan)->ieee80211_ptr) 2155 return -EINVAL; 2156 if ((*vlan)->ieee80211_ptr->wiphy != &rdev->wiphy) 2157 return -EINVAL; 2158 if (!netif_running(*vlan)) 2159 return -ENETDOWN; 2160 } 2161 return 0; 2162 } 2163 2164 static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info) 2165 { 2166 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2167 int err; 2168 struct net_device *dev = info->user_ptr[1]; 2169 struct station_parameters params; 2170 u8 *mac_addr = NULL; 2171 2172 memset(¶ms, 0, sizeof(params)); 2173 2174 params.listen_interval = -1; 2175 2176 if (info->attrs[NL80211_ATTR_STA_AID]) 2177 return -EINVAL; 2178 2179 if (!info->attrs[NL80211_ATTR_MAC]) 2180 return -EINVAL; 2181 2182 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2183 2184 if (info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) { 2185 params.supported_rates = 2186 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2187 params.supported_rates_len = 2188 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2189 } 2190 2191 if (info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]) 2192 params.listen_interval = 2193 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]); 2194 2195 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) 2196 params.ht_capa = 2197 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]); 2198 2199 if (parse_station_flags(info, ¶ms)) 2200 return -EINVAL; 2201 2202 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION]) 2203 params.plink_action = 2204 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]); 2205 2206 err = get_vlan(info, rdev, ¶ms.vlan); 2207 if (err) 2208 goto out; 2209 2210 /* validate settings */ 2211 err = 0; 2212 2213 switch (dev->ieee80211_ptr->iftype) { 2214 case NL80211_IFTYPE_AP: 2215 case NL80211_IFTYPE_AP_VLAN: 2216 case NL80211_IFTYPE_P2P_GO: 2217 /* disallow mesh-specific things */ 2218 if (params.plink_action) 2219 err = -EINVAL; 2220 break; 2221 case NL80211_IFTYPE_P2P_CLIENT: 2222 case NL80211_IFTYPE_STATION: 2223 /* disallow everything but AUTHORIZED flag */ 2224 if (params.plink_action) 2225 err = -EINVAL; 2226 if (params.vlan) 2227 err = -EINVAL; 2228 if (params.supported_rates) 2229 err = -EINVAL; 2230 if (params.ht_capa) 2231 err = -EINVAL; 2232 if (params.listen_interval >= 0) 2233 err = -EINVAL; 2234 if (params.sta_flags_mask & ~BIT(NL80211_STA_FLAG_AUTHORIZED)) 2235 err = -EINVAL; 2236 break; 2237 case NL80211_IFTYPE_MESH_POINT: 2238 /* disallow things mesh doesn't support */ 2239 if (params.vlan) 2240 err = -EINVAL; 2241 if (params.ht_capa) 2242 err = -EINVAL; 2243 if (params.listen_interval >= 0) 2244 err = -EINVAL; 2245 if (params.supported_rates) 2246 err = -EINVAL; 2247 if (params.sta_flags_mask) 2248 err = -EINVAL; 2249 break; 2250 default: 2251 err = -EINVAL; 2252 } 2253 2254 if (err) 2255 goto out; 2256 2257 if (!rdev->ops->change_station) { 2258 err = -EOPNOTSUPP; 2259 goto out; 2260 } 2261 2262 err = rdev->ops->change_station(&rdev->wiphy, dev, mac_addr, ¶ms); 2263 2264 out: 2265 if (params.vlan) 2266 dev_put(params.vlan); 2267 2268 return err; 2269 } 2270 2271 static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info) 2272 { 2273 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2274 int err; 2275 struct net_device *dev = info->user_ptr[1]; 2276 struct station_parameters params; 2277 u8 *mac_addr = NULL; 2278 2279 memset(¶ms, 0, sizeof(params)); 2280 2281 if (!info->attrs[NL80211_ATTR_MAC]) 2282 return -EINVAL; 2283 2284 if (!info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]) 2285 return -EINVAL; 2286 2287 if (!info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) 2288 return -EINVAL; 2289 2290 if (!info->attrs[NL80211_ATTR_STA_AID]) 2291 return -EINVAL; 2292 2293 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2294 params.supported_rates = 2295 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2296 params.supported_rates_len = 2297 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2298 params.listen_interval = 2299 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]); 2300 2301 params.aid = nla_get_u16(info->attrs[NL80211_ATTR_STA_AID]); 2302 if (!params.aid || params.aid > IEEE80211_MAX_AID) 2303 return -EINVAL; 2304 2305 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) 2306 params.ht_capa = 2307 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]); 2308 2309 if (parse_station_flags(info, ¶ms)) 2310 return -EINVAL; 2311 2312 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2313 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 2314 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 2315 return -EINVAL; 2316 2317 err = get_vlan(info, rdev, ¶ms.vlan); 2318 if (err) 2319 goto out; 2320 2321 /* validate settings */ 2322 err = 0; 2323 2324 if (!rdev->ops->add_station) { 2325 err = -EOPNOTSUPP; 2326 goto out; 2327 } 2328 2329 err = rdev->ops->add_station(&rdev->wiphy, dev, mac_addr, ¶ms); 2330 2331 out: 2332 if (params.vlan) 2333 dev_put(params.vlan); 2334 return err; 2335 } 2336 2337 static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info) 2338 { 2339 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2340 struct net_device *dev = info->user_ptr[1]; 2341 u8 *mac_addr = NULL; 2342 2343 if (info->attrs[NL80211_ATTR_MAC]) 2344 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2345 2346 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2347 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 2348 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT && 2349 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 2350 return -EINVAL; 2351 2352 if (!rdev->ops->del_station) 2353 return -EOPNOTSUPP; 2354 2355 return rdev->ops->del_station(&rdev->wiphy, dev, mac_addr); 2356 } 2357 2358 static int nl80211_send_mpath(struct sk_buff *msg, u32 pid, u32 seq, 2359 int flags, struct net_device *dev, 2360 u8 *dst, u8 *next_hop, 2361 struct mpath_info *pinfo) 2362 { 2363 void *hdr; 2364 struct nlattr *pinfoattr; 2365 2366 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION); 2367 if (!hdr) 2368 return -1; 2369 2370 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 2371 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, dst); 2372 NLA_PUT(msg, NL80211_ATTR_MPATH_NEXT_HOP, ETH_ALEN, next_hop); 2373 2374 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, pinfo->generation); 2375 2376 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MPATH_INFO); 2377 if (!pinfoattr) 2378 goto nla_put_failure; 2379 if (pinfo->filled & MPATH_INFO_FRAME_QLEN) 2380 NLA_PUT_U32(msg, NL80211_MPATH_INFO_FRAME_QLEN, 2381 pinfo->frame_qlen); 2382 if (pinfo->filled & MPATH_INFO_SN) 2383 NLA_PUT_U32(msg, NL80211_MPATH_INFO_SN, 2384 pinfo->sn); 2385 if (pinfo->filled & MPATH_INFO_METRIC) 2386 NLA_PUT_U32(msg, NL80211_MPATH_INFO_METRIC, 2387 pinfo->metric); 2388 if (pinfo->filled & MPATH_INFO_EXPTIME) 2389 NLA_PUT_U32(msg, NL80211_MPATH_INFO_EXPTIME, 2390 pinfo->exptime); 2391 if (pinfo->filled & MPATH_INFO_FLAGS) 2392 NLA_PUT_U8(msg, NL80211_MPATH_INFO_FLAGS, 2393 pinfo->flags); 2394 if (pinfo->filled & MPATH_INFO_DISCOVERY_TIMEOUT) 2395 NLA_PUT_U32(msg, NL80211_MPATH_INFO_DISCOVERY_TIMEOUT, 2396 pinfo->discovery_timeout); 2397 if (pinfo->filled & MPATH_INFO_DISCOVERY_RETRIES) 2398 NLA_PUT_U8(msg, NL80211_MPATH_INFO_DISCOVERY_RETRIES, 2399 pinfo->discovery_retries); 2400 2401 nla_nest_end(msg, pinfoattr); 2402 2403 return genlmsg_end(msg, hdr); 2404 2405 nla_put_failure: 2406 genlmsg_cancel(msg, hdr); 2407 return -EMSGSIZE; 2408 } 2409 2410 static int nl80211_dump_mpath(struct sk_buff *skb, 2411 struct netlink_callback *cb) 2412 { 2413 struct mpath_info pinfo; 2414 struct cfg80211_registered_device *dev; 2415 struct net_device *netdev; 2416 u8 dst[ETH_ALEN]; 2417 u8 next_hop[ETH_ALEN]; 2418 int path_idx = cb->args[1]; 2419 int err; 2420 2421 err = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev); 2422 if (err) 2423 return err; 2424 2425 if (!dev->ops->dump_mpath) { 2426 err = -EOPNOTSUPP; 2427 goto out_err; 2428 } 2429 2430 if (netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) { 2431 err = -EOPNOTSUPP; 2432 goto out_err; 2433 } 2434 2435 while (1) { 2436 err = dev->ops->dump_mpath(&dev->wiphy, netdev, path_idx, 2437 dst, next_hop, &pinfo); 2438 if (err == -ENOENT) 2439 break; 2440 if (err) 2441 goto out_err; 2442 2443 if (nl80211_send_mpath(skb, NETLINK_CB(cb->skb).pid, 2444 cb->nlh->nlmsg_seq, NLM_F_MULTI, 2445 netdev, dst, next_hop, 2446 &pinfo) < 0) 2447 goto out; 2448 2449 path_idx++; 2450 } 2451 2452 2453 out: 2454 cb->args[1] = path_idx; 2455 err = skb->len; 2456 out_err: 2457 nl80211_finish_netdev_dump(dev); 2458 return err; 2459 } 2460 2461 static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info) 2462 { 2463 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2464 int err; 2465 struct net_device *dev = info->user_ptr[1]; 2466 struct mpath_info pinfo; 2467 struct sk_buff *msg; 2468 u8 *dst = NULL; 2469 u8 next_hop[ETH_ALEN]; 2470 2471 memset(&pinfo, 0, sizeof(pinfo)); 2472 2473 if (!info->attrs[NL80211_ATTR_MAC]) 2474 return -EINVAL; 2475 2476 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 2477 2478 if (!rdev->ops->get_mpath) 2479 return -EOPNOTSUPP; 2480 2481 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) 2482 return -EOPNOTSUPP; 2483 2484 err = rdev->ops->get_mpath(&rdev->wiphy, dev, dst, next_hop, &pinfo); 2485 if (err) 2486 return err; 2487 2488 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 2489 if (!msg) 2490 return -ENOMEM; 2491 2492 if (nl80211_send_mpath(msg, info->snd_pid, info->snd_seq, 0, 2493 dev, dst, next_hop, &pinfo) < 0) { 2494 nlmsg_free(msg); 2495 return -ENOBUFS; 2496 } 2497 2498 return genlmsg_reply(msg, info); 2499 } 2500 2501 static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info) 2502 { 2503 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2504 struct net_device *dev = info->user_ptr[1]; 2505 u8 *dst = NULL; 2506 u8 *next_hop = NULL; 2507 2508 if (!info->attrs[NL80211_ATTR_MAC]) 2509 return -EINVAL; 2510 2511 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]) 2512 return -EINVAL; 2513 2514 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 2515 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]); 2516 2517 if (!rdev->ops->change_mpath) 2518 return -EOPNOTSUPP; 2519 2520 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) 2521 return -EOPNOTSUPP; 2522 2523 return rdev->ops->change_mpath(&rdev->wiphy, dev, dst, next_hop); 2524 } 2525 2526 static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info) 2527 { 2528 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2529 struct net_device *dev = info->user_ptr[1]; 2530 u8 *dst = NULL; 2531 u8 *next_hop = NULL; 2532 2533 if (!info->attrs[NL80211_ATTR_MAC]) 2534 return -EINVAL; 2535 2536 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]) 2537 return -EINVAL; 2538 2539 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 2540 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]); 2541 2542 if (!rdev->ops->add_mpath) 2543 return -EOPNOTSUPP; 2544 2545 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) 2546 return -EOPNOTSUPP; 2547 2548 return rdev->ops->add_mpath(&rdev->wiphy, dev, dst, next_hop); 2549 } 2550 2551 static int nl80211_del_mpath(struct sk_buff *skb, struct genl_info *info) 2552 { 2553 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2554 struct net_device *dev = info->user_ptr[1]; 2555 u8 *dst = NULL; 2556 2557 if (info->attrs[NL80211_ATTR_MAC]) 2558 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 2559 2560 if (!rdev->ops->del_mpath) 2561 return -EOPNOTSUPP; 2562 2563 return rdev->ops->del_mpath(&rdev->wiphy, dev, dst); 2564 } 2565 2566 static int nl80211_set_bss(struct sk_buff *skb, struct genl_info *info) 2567 { 2568 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2569 struct net_device *dev = info->user_ptr[1]; 2570 struct bss_parameters params; 2571 2572 memset(¶ms, 0, sizeof(params)); 2573 /* default to not changing parameters */ 2574 params.use_cts_prot = -1; 2575 params.use_short_preamble = -1; 2576 params.use_short_slot_time = -1; 2577 params.ap_isolate = -1; 2578 params.ht_opmode = -1; 2579 2580 if (info->attrs[NL80211_ATTR_BSS_CTS_PROT]) 2581 params.use_cts_prot = 2582 nla_get_u8(info->attrs[NL80211_ATTR_BSS_CTS_PROT]); 2583 if (info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]) 2584 params.use_short_preamble = 2585 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]); 2586 if (info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]) 2587 params.use_short_slot_time = 2588 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]); 2589 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) { 2590 params.basic_rates = 2591 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 2592 params.basic_rates_len = 2593 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 2594 } 2595 if (info->attrs[NL80211_ATTR_AP_ISOLATE]) 2596 params.ap_isolate = !!nla_get_u8(info->attrs[NL80211_ATTR_AP_ISOLATE]); 2597 if (info->attrs[NL80211_ATTR_BSS_HT_OPMODE]) 2598 params.ht_opmode = 2599 nla_get_u16(info->attrs[NL80211_ATTR_BSS_HT_OPMODE]); 2600 2601 if (!rdev->ops->change_bss) 2602 return -EOPNOTSUPP; 2603 2604 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2605 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 2606 return -EOPNOTSUPP; 2607 2608 return rdev->ops->change_bss(&rdev->wiphy, dev, ¶ms); 2609 } 2610 2611 static const struct nla_policy reg_rule_policy[NL80211_REG_RULE_ATTR_MAX + 1] = { 2612 [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 }, 2613 [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 }, 2614 [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 }, 2615 [NL80211_ATTR_FREQ_RANGE_MAX_BW] = { .type = NLA_U32 }, 2616 [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 }, 2617 [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 }, 2618 }; 2619 2620 static int parse_reg_rule(struct nlattr *tb[], 2621 struct ieee80211_reg_rule *reg_rule) 2622 { 2623 struct ieee80211_freq_range *freq_range = ®_rule->freq_range; 2624 struct ieee80211_power_rule *power_rule = ®_rule->power_rule; 2625 2626 if (!tb[NL80211_ATTR_REG_RULE_FLAGS]) 2627 return -EINVAL; 2628 if (!tb[NL80211_ATTR_FREQ_RANGE_START]) 2629 return -EINVAL; 2630 if (!tb[NL80211_ATTR_FREQ_RANGE_END]) 2631 return -EINVAL; 2632 if (!tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) 2633 return -EINVAL; 2634 if (!tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]) 2635 return -EINVAL; 2636 2637 reg_rule->flags = nla_get_u32(tb[NL80211_ATTR_REG_RULE_FLAGS]); 2638 2639 freq_range->start_freq_khz = 2640 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]); 2641 freq_range->end_freq_khz = 2642 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]); 2643 freq_range->max_bandwidth_khz = 2644 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]); 2645 2646 power_rule->max_eirp = 2647 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]); 2648 2649 if (tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]) 2650 power_rule->max_antenna_gain = 2651 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]); 2652 2653 return 0; 2654 } 2655 2656 static int nl80211_req_set_reg(struct sk_buff *skb, struct genl_info *info) 2657 { 2658 int r; 2659 char *data = NULL; 2660 2661 /* 2662 * You should only get this when cfg80211 hasn't yet initialized 2663 * completely when built-in to the kernel right between the time 2664 * window between nl80211_init() and regulatory_init(), if that is 2665 * even possible. 2666 */ 2667 mutex_lock(&cfg80211_mutex); 2668 if (unlikely(!cfg80211_regdomain)) { 2669 mutex_unlock(&cfg80211_mutex); 2670 return -EINPROGRESS; 2671 } 2672 mutex_unlock(&cfg80211_mutex); 2673 2674 if (!info->attrs[NL80211_ATTR_REG_ALPHA2]) 2675 return -EINVAL; 2676 2677 data = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]); 2678 2679 r = regulatory_hint_user(data); 2680 2681 return r; 2682 } 2683 2684 static int nl80211_get_mesh_config(struct sk_buff *skb, 2685 struct genl_info *info) 2686 { 2687 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2688 struct net_device *dev = info->user_ptr[1]; 2689 struct wireless_dev *wdev = dev->ieee80211_ptr; 2690 struct mesh_config cur_params; 2691 int err = 0; 2692 void *hdr; 2693 struct nlattr *pinfoattr; 2694 struct sk_buff *msg; 2695 2696 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT) 2697 return -EOPNOTSUPP; 2698 2699 if (!rdev->ops->get_mesh_config) 2700 return -EOPNOTSUPP; 2701 2702 wdev_lock(wdev); 2703 /* If not connected, get default parameters */ 2704 if (!wdev->mesh_id_len) 2705 memcpy(&cur_params, &default_mesh_config, sizeof(cur_params)); 2706 else 2707 err = rdev->ops->get_mesh_config(&rdev->wiphy, dev, 2708 &cur_params); 2709 wdev_unlock(wdev); 2710 2711 if (err) 2712 return err; 2713 2714 /* Draw up a netlink message to send back */ 2715 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 2716 if (!msg) 2717 return -ENOMEM; 2718 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 2719 NL80211_CMD_GET_MESH_CONFIG); 2720 if (!hdr) 2721 goto nla_put_failure; 2722 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MESH_CONFIG); 2723 if (!pinfoattr) 2724 goto nla_put_failure; 2725 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 2726 NLA_PUT_U16(msg, NL80211_MESHCONF_RETRY_TIMEOUT, 2727 cur_params.dot11MeshRetryTimeout); 2728 NLA_PUT_U16(msg, NL80211_MESHCONF_CONFIRM_TIMEOUT, 2729 cur_params.dot11MeshConfirmTimeout); 2730 NLA_PUT_U16(msg, NL80211_MESHCONF_HOLDING_TIMEOUT, 2731 cur_params.dot11MeshHoldingTimeout); 2732 NLA_PUT_U16(msg, NL80211_MESHCONF_MAX_PEER_LINKS, 2733 cur_params.dot11MeshMaxPeerLinks); 2734 NLA_PUT_U8(msg, NL80211_MESHCONF_MAX_RETRIES, 2735 cur_params.dot11MeshMaxRetries); 2736 NLA_PUT_U8(msg, NL80211_MESHCONF_TTL, 2737 cur_params.dot11MeshTTL); 2738 NLA_PUT_U8(msg, NL80211_MESHCONF_ELEMENT_TTL, 2739 cur_params.element_ttl); 2740 NLA_PUT_U8(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS, 2741 cur_params.auto_open_plinks); 2742 NLA_PUT_U8(msg, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES, 2743 cur_params.dot11MeshHWMPmaxPREQretries); 2744 NLA_PUT_U32(msg, NL80211_MESHCONF_PATH_REFRESH_TIME, 2745 cur_params.path_refresh_time); 2746 NLA_PUT_U16(msg, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT, 2747 cur_params.min_discovery_timeout); 2748 NLA_PUT_U32(msg, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT, 2749 cur_params.dot11MeshHWMPactivePathTimeout); 2750 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL, 2751 cur_params.dot11MeshHWMPpreqMinInterval); 2752 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME, 2753 cur_params.dot11MeshHWMPnetDiameterTraversalTime); 2754 NLA_PUT_U8(msg, NL80211_MESHCONF_HWMP_ROOTMODE, 2755 cur_params.dot11MeshHWMPRootMode); 2756 nla_nest_end(msg, pinfoattr); 2757 genlmsg_end(msg, hdr); 2758 return genlmsg_reply(msg, info); 2759 2760 nla_put_failure: 2761 genlmsg_cancel(msg, hdr); 2762 nlmsg_free(msg); 2763 return -ENOBUFS; 2764 } 2765 2766 static const struct nla_policy nl80211_meshconf_params_policy[NL80211_MESHCONF_ATTR_MAX+1] = { 2767 [NL80211_MESHCONF_RETRY_TIMEOUT] = { .type = NLA_U16 }, 2768 [NL80211_MESHCONF_CONFIRM_TIMEOUT] = { .type = NLA_U16 }, 2769 [NL80211_MESHCONF_HOLDING_TIMEOUT] = { .type = NLA_U16 }, 2770 [NL80211_MESHCONF_MAX_PEER_LINKS] = { .type = NLA_U16 }, 2771 [NL80211_MESHCONF_MAX_RETRIES] = { .type = NLA_U8 }, 2772 [NL80211_MESHCONF_TTL] = { .type = NLA_U8 }, 2773 [NL80211_MESHCONF_ELEMENT_TTL] = { .type = NLA_U8 }, 2774 [NL80211_MESHCONF_AUTO_OPEN_PLINKS] = { .type = NLA_U8 }, 2775 2776 [NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES] = { .type = NLA_U8 }, 2777 [NL80211_MESHCONF_PATH_REFRESH_TIME] = { .type = NLA_U32 }, 2778 [NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT] = { .type = NLA_U16 }, 2779 [NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT] = { .type = NLA_U32 }, 2780 [NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL] = { .type = NLA_U16 }, 2781 [NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME] = { .type = NLA_U16 }, 2782 }; 2783 2784 static const struct nla_policy 2785 nl80211_mesh_setup_params_policy[NL80211_MESH_SETUP_ATTR_MAX+1] = { 2786 [NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL] = { .type = NLA_U8 }, 2787 [NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC] = { .type = NLA_U8 }, 2788 [NL80211_MESH_SETUP_VENDOR_PATH_SEL_IE] = { .type = NLA_BINARY, 2789 .len = IEEE80211_MAX_DATA_LEN }, 2790 }; 2791 2792 static int nl80211_parse_mesh_config(struct genl_info *info, 2793 struct mesh_config *cfg, 2794 u32 *mask_out) 2795 { 2796 struct nlattr *tb[NL80211_MESHCONF_ATTR_MAX + 1]; 2797 u32 mask = 0; 2798 2799 #define FILL_IN_MESH_PARAM_IF_SET(table, cfg, param, mask, attr_num, nla_fn) \ 2800 do {\ 2801 if (table[attr_num]) {\ 2802 cfg->param = nla_fn(table[attr_num]); \ 2803 mask |= (1 << (attr_num - 1)); \ 2804 } \ 2805 } while (0);\ 2806 2807 2808 if (!info->attrs[NL80211_ATTR_MESH_CONFIG]) 2809 return -EINVAL; 2810 if (nla_parse_nested(tb, NL80211_MESHCONF_ATTR_MAX, 2811 info->attrs[NL80211_ATTR_MESH_CONFIG], 2812 nl80211_meshconf_params_policy)) 2813 return -EINVAL; 2814 2815 /* This makes sure that there aren't more than 32 mesh config 2816 * parameters (otherwise our bitfield scheme would not work.) */ 2817 BUILD_BUG_ON(NL80211_MESHCONF_ATTR_MAX > 32); 2818 2819 /* Fill in the params struct */ 2820 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshRetryTimeout, 2821 mask, NL80211_MESHCONF_RETRY_TIMEOUT, nla_get_u16); 2822 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshConfirmTimeout, 2823 mask, NL80211_MESHCONF_CONFIRM_TIMEOUT, nla_get_u16); 2824 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHoldingTimeout, 2825 mask, NL80211_MESHCONF_HOLDING_TIMEOUT, nla_get_u16); 2826 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxPeerLinks, 2827 mask, NL80211_MESHCONF_MAX_PEER_LINKS, nla_get_u16); 2828 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxRetries, 2829 mask, NL80211_MESHCONF_MAX_RETRIES, nla_get_u8); 2830 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshTTL, 2831 mask, NL80211_MESHCONF_TTL, nla_get_u8); 2832 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, element_ttl, 2833 mask, NL80211_MESHCONF_ELEMENT_TTL, nla_get_u8); 2834 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, auto_open_plinks, 2835 mask, NL80211_MESHCONF_AUTO_OPEN_PLINKS, nla_get_u8); 2836 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPmaxPREQretries, 2837 mask, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES, 2838 nla_get_u8); 2839 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, path_refresh_time, 2840 mask, NL80211_MESHCONF_PATH_REFRESH_TIME, nla_get_u32); 2841 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, min_discovery_timeout, 2842 mask, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT, 2843 nla_get_u16); 2844 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPactivePathTimeout, 2845 mask, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT, 2846 nla_get_u32); 2847 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPpreqMinInterval, 2848 mask, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL, 2849 nla_get_u16); 2850 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 2851 dot11MeshHWMPnetDiameterTraversalTime, 2852 mask, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME, 2853 nla_get_u16); 2854 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 2855 dot11MeshHWMPRootMode, mask, 2856 NL80211_MESHCONF_HWMP_ROOTMODE, 2857 nla_get_u8); 2858 if (mask_out) 2859 *mask_out = mask; 2860 2861 return 0; 2862 2863 #undef FILL_IN_MESH_PARAM_IF_SET 2864 } 2865 2866 static int nl80211_parse_mesh_setup(struct genl_info *info, 2867 struct mesh_setup *setup) 2868 { 2869 struct nlattr *tb[NL80211_MESH_SETUP_ATTR_MAX + 1]; 2870 2871 if (!info->attrs[NL80211_ATTR_MESH_SETUP]) 2872 return -EINVAL; 2873 if (nla_parse_nested(tb, NL80211_MESH_SETUP_ATTR_MAX, 2874 info->attrs[NL80211_ATTR_MESH_SETUP], 2875 nl80211_mesh_setup_params_policy)) 2876 return -EINVAL; 2877 2878 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL]) 2879 setup->path_sel_proto = 2880 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL])) ? 2881 IEEE80211_PATH_PROTOCOL_VENDOR : 2882 IEEE80211_PATH_PROTOCOL_HWMP; 2883 2884 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC]) 2885 setup->path_metric = 2886 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC])) ? 2887 IEEE80211_PATH_METRIC_VENDOR : 2888 IEEE80211_PATH_METRIC_AIRTIME; 2889 2890 if (tb[NL80211_MESH_SETUP_VENDOR_PATH_SEL_IE]) { 2891 struct nlattr *ieattr = 2892 tb[NL80211_MESH_SETUP_VENDOR_PATH_SEL_IE]; 2893 if (!is_valid_ie_attr(ieattr)) 2894 return -EINVAL; 2895 setup->vendor_ie = nla_data(ieattr); 2896 setup->vendor_ie_len = nla_len(ieattr); 2897 } 2898 2899 return 0; 2900 } 2901 2902 static int nl80211_update_mesh_config(struct sk_buff *skb, 2903 struct genl_info *info) 2904 { 2905 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2906 struct net_device *dev = info->user_ptr[1]; 2907 struct wireless_dev *wdev = dev->ieee80211_ptr; 2908 struct mesh_config cfg; 2909 u32 mask; 2910 int err; 2911 2912 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT) 2913 return -EOPNOTSUPP; 2914 2915 if (!rdev->ops->update_mesh_config) 2916 return -EOPNOTSUPP; 2917 2918 err = nl80211_parse_mesh_config(info, &cfg, &mask); 2919 if (err) 2920 return err; 2921 2922 wdev_lock(wdev); 2923 if (!wdev->mesh_id_len) 2924 err = -ENOLINK; 2925 2926 if (!err) 2927 err = rdev->ops->update_mesh_config(&rdev->wiphy, dev, 2928 mask, &cfg); 2929 2930 wdev_unlock(wdev); 2931 2932 return err; 2933 } 2934 2935 static int nl80211_get_reg(struct sk_buff *skb, struct genl_info *info) 2936 { 2937 struct sk_buff *msg; 2938 void *hdr = NULL; 2939 struct nlattr *nl_reg_rules; 2940 unsigned int i; 2941 int err = -EINVAL; 2942 2943 mutex_lock(&cfg80211_mutex); 2944 2945 if (!cfg80211_regdomain) 2946 goto out; 2947 2948 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 2949 if (!msg) { 2950 err = -ENOBUFS; 2951 goto out; 2952 } 2953 2954 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 2955 NL80211_CMD_GET_REG); 2956 if (!hdr) 2957 goto nla_put_failure; 2958 2959 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, 2960 cfg80211_regdomain->alpha2); 2961 2962 nl_reg_rules = nla_nest_start(msg, NL80211_ATTR_REG_RULES); 2963 if (!nl_reg_rules) 2964 goto nla_put_failure; 2965 2966 for (i = 0; i < cfg80211_regdomain->n_reg_rules; i++) { 2967 struct nlattr *nl_reg_rule; 2968 const struct ieee80211_reg_rule *reg_rule; 2969 const struct ieee80211_freq_range *freq_range; 2970 const struct ieee80211_power_rule *power_rule; 2971 2972 reg_rule = &cfg80211_regdomain->reg_rules[i]; 2973 freq_range = ®_rule->freq_range; 2974 power_rule = ®_rule->power_rule; 2975 2976 nl_reg_rule = nla_nest_start(msg, i); 2977 if (!nl_reg_rule) 2978 goto nla_put_failure; 2979 2980 NLA_PUT_U32(msg, NL80211_ATTR_REG_RULE_FLAGS, 2981 reg_rule->flags); 2982 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_START, 2983 freq_range->start_freq_khz); 2984 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_END, 2985 freq_range->end_freq_khz); 2986 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_MAX_BW, 2987 freq_range->max_bandwidth_khz); 2988 NLA_PUT_U32(msg, NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN, 2989 power_rule->max_antenna_gain); 2990 NLA_PUT_U32(msg, NL80211_ATTR_POWER_RULE_MAX_EIRP, 2991 power_rule->max_eirp); 2992 2993 nla_nest_end(msg, nl_reg_rule); 2994 } 2995 2996 nla_nest_end(msg, nl_reg_rules); 2997 2998 genlmsg_end(msg, hdr); 2999 err = genlmsg_reply(msg, info); 3000 goto out; 3001 3002 nla_put_failure: 3003 genlmsg_cancel(msg, hdr); 3004 nlmsg_free(msg); 3005 err = -EMSGSIZE; 3006 out: 3007 mutex_unlock(&cfg80211_mutex); 3008 return err; 3009 } 3010 3011 static int nl80211_set_reg(struct sk_buff *skb, struct genl_info *info) 3012 { 3013 struct nlattr *tb[NL80211_REG_RULE_ATTR_MAX + 1]; 3014 struct nlattr *nl_reg_rule; 3015 char *alpha2 = NULL; 3016 int rem_reg_rules = 0, r = 0; 3017 u32 num_rules = 0, rule_idx = 0, size_of_regd; 3018 struct ieee80211_regdomain *rd = NULL; 3019 3020 if (!info->attrs[NL80211_ATTR_REG_ALPHA2]) 3021 return -EINVAL; 3022 3023 if (!info->attrs[NL80211_ATTR_REG_RULES]) 3024 return -EINVAL; 3025 3026 alpha2 = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]); 3027 3028 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES], 3029 rem_reg_rules) { 3030 num_rules++; 3031 if (num_rules > NL80211_MAX_SUPP_REG_RULES) 3032 return -EINVAL; 3033 } 3034 3035 mutex_lock(&cfg80211_mutex); 3036 3037 if (!reg_is_valid_request(alpha2)) { 3038 r = -EINVAL; 3039 goto bad_reg; 3040 } 3041 3042 size_of_regd = sizeof(struct ieee80211_regdomain) + 3043 (num_rules * sizeof(struct ieee80211_reg_rule)); 3044 3045 rd = kzalloc(size_of_regd, GFP_KERNEL); 3046 if (!rd) { 3047 r = -ENOMEM; 3048 goto bad_reg; 3049 } 3050 3051 rd->n_reg_rules = num_rules; 3052 rd->alpha2[0] = alpha2[0]; 3053 rd->alpha2[1] = alpha2[1]; 3054 3055 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES], 3056 rem_reg_rules) { 3057 nla_parse(tb, NL80211_REG_RULE_ATTR_MAX, 3058 nla_data(nl_reg_rule), nla_len(nl_reg_rule), 3059 reg_rule_policy); 3060 r = parse_reg_rule(tb, &rd->reg_rules[rule_idx]); 3061 if (r) 3062 goto bad_reg; 3063 3064 rule_idx++; 3065 3066 if (rule_idx > NL80211_MAX_SUPP_REG_RULES) { 3067 r = -EINVAL; 3068 goto bad_reg; 3069 } 3070 } 3071 3072 BUG_ON(rule_idx != num_rules); 3073 3074 r = set_regdom(rd); 3075 3076 mutex_unlock(&cfg80211_mutex); 3077 3078 return r; 3079 3080 bad_reg: 3081 mutex_unlock(&cfg80211_mutex); 3082 kfree(rd); 3083 return r; 3084 } 3085 3086 static int validate_scan_freqs(struct nlattr *freqs) 3087 { 3088 struct nlattr *attr1, *attr2; 3089 int n_channels = 0, tmp1, tmp2; 3090 3091 nla_for_each_nested(attr1, freqs, tmp1) { 3092 n_channels++; 3093 /* 3094 * Some hardware has a limited channel list for 3095 * scanning, and it is pretty much nonsensical 3096 * to scan for a channel twice, so disallow that 3097 * and don't require drivers to check that the 3098 * channel list they get isn't longer than what 3099 * they can scan, as long as they can scan all 3100 * the channels they registered at once. 3101 */ 3102 nla_for_each_nested(attr2, freqs, tmp2) 3103 if (attr1 != attr2 && 3104 nla_get_u32(attr1) == nla_get_u32(attr2)) 3105 return 0; 3106 } 3107 3108 return n_channels; 3109 } 3110 3111 static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info) 3112 { 3113 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3114 struct net_device *dev = info->user_ptr[1]; 3115 struct cfg80211_scan_request *request; 3116 struct cfg80211_ssid *ssid; 3117 struct ieee80211_channel *channel; 3118 struct nlattr *attr; 3119 struct wiphy *wiphy; 3120 int err, tmp, n_ssids = 0, n_channels, i; 3121 enum ieee80211_band band; 3122 size_t ie_len; 3123 3124 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3125 return -EINVAL; 3126 3127 wiphy = &rdev->wiphy; 3128 3129 if (!rdev->ops->scan) 3130 return -EOPNOTSUPP; 3131 3132 if (rdev->scan_req) 3133 return -EBUSY; 3134 3135 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 3136 n_channels = validate_scan_freqs( 3137 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]); 3138 if (!n_channels) 3139 return -EINVAL; 3140 } else { 3141 n_channels = 0; 3142 3143 for (band = 0; band < IEEE80211_NUM_BANDS; band++) 3144 if (wiphy->bands[band]) 3145 n_channels += wiphy->bands[band]->n_channels; 3146 } 3147 3148 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) 3149 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) 3150 n_ssids++; 3151 3152 if (n_ssids > wiphy->max_scan_ssids) 3153 return -EINVAL; 3154 3155 if (info->attrs[NL80211_ATTR_IE]) 3156 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3157 else 3158 ie_len = 0; 3159 3160 if (ie_len > wiphy->max_scan_ie_len) 3161 return -EINVAL; 3162 3163 request = kzalloc(sizeof(*request) 3164 + sizeof(*ssid) * n_ssids 3165 + sizeof(channel) * n_channels 3166 + ie_len, GFP_KERNEL); 3167 if (!request) 3168 return -ENOMEM; 3169 3170 if (n_ssids) 3171 request->ssids = (void *)&request->channels[n_channels]; 3172 request->n_ssids = n_ssids; 3173 if (ie_len) { 3174 if (request->ssids) 3175 request->ie = (void *)(request->ssids + n_ssids); 3176 else 3177 request->ie = (void *)(request->channels + n_channels); 3178 } 3179 3180 i = 0; 3181 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 3182 /* user specified, bail out if channel not found */ 3183 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_FREQUENCIES], tmp) { 3184 struct ieee80211_channel *chan; 3185 3186 chan = ieee80211_get_channel(wiphy, nla_get_u32(attr)); 3187 3188 if (!chan) { 3189 err = -EINVAL; 3190 goto out_free; 3191 } 3192 3193 /* ignore disabled channels */ 3194 if (chan->flags & IEEE80211_CHAN_DISABLED) 3195 continue; 3196 3197 request->channels[i] = chan; 3198 i++; 3199 } 3200 } else { 3201 /* all channels */ 3202 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 3203 int j; 3204 if (!wiphy->bands[band]) 3205 continue; 3206 for (j = 0; j < wiphy->bands[band]->n_channels; j++) { 3207 struct ieee80211_channel *chan; 3208 3209 chan = &wiphy->bands[band]->channels[j]; 3210 3211 if (chan->flags & IEEE80211_CHAN_DISABLED) 3212 continue; 3213 3214 request->channels[i] = chan; 3215 i++; 3216 } 3217 } 3218 } 3219 3220 if (!i) { 3221 err = -EINVAL; 3222 goto out_free; 3223 } 3224 3225 request->n_channels = i; 3226 3227 i = 0; 3228 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) { 3229 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) { 3230 if (request->ssids[i].ssid_len > IEEE80211_MAX_SSID_LEN) { 3231 err = -EINVAL; 3232 goto out_free; 3233 } 3234 memcpy(request->ssids[i].ssid, nla_data(attr), nla_len(attr)); 3235 request->ssids[i].ssid_len = nla_len(attr); 3236 i++; 3237 } 3238 } 3239 3240 if (info->attrs[NL80211_ATTR_IE]) { 3241 request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3242 memcpy((void *)request->ie, 3243 nla_data(info->attrs[NL80211_ATTR_IE]), 3244 request->ie_len); 3245 } 3246 3247 request->dev = dev; 3248 request->wiphy = &rdev->wiphy; 3249 3250 rdev->scan_req = request; 3251 err = rdev->ops->scan(&rdev->wiphy, dev, request); 3252 3253 if (!err) { 3254 nl80211_send_scan_start(rdev, dev); 3255 dev_hold(dev); 3256 } else { 3257 out_free: 3258 rdev->scan_req = NULL; 3259 kfree(request); 3260 } 3261 3262 return err; 3263 } 3264 3265 static int nl80211_send_bss(struct sk_buff *msg, u32 pid, u32 seq, int flags, 3266 struct cfg80211_registered_device *rdev, 3267 struct wireless_dev *wdev, 3268 struct cfg80211_internal_bss *intbss) 3269 { 3270 struct cfg80211_bss *res = &intbss->pub; 3271 void *hdr; 3272 struct nlattr *bss; 3273 int i; 3274 3275 ASSERT_WDEV_LOCK(wdev); 3276 3277 hdr = nl80211hdr_put(msg, pid, seq, flags, 3278 NL80211_CMD_NEW_SCAN_RESULTS); 3279 if (!hdr) 3280 return -1; 3281 3282 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, rdev->bss_generation); 3283 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, wdev->netdev->ifindex); 3284 3285 bss = nla_nest_start(msg, NL80211_ATTR_BSS); 3286 if (!bss) 3287 goto nla_put_failure; 3288 if (!is_zero_ether_addr(res->bssid)) 3289 NLA_PUT(msg, NL80211_BSS_BSSID, ETH_ALEN, res->bssid); 3290 if (res->information_elements && res->len_information_elements) 3291 NLA_PUT(msg, NL80211_BSS_INFORMATION_ELEMENTS, 3292 res->len_information_elements, 3293 res->information_elements); 3294 if (res->beacon_ies && res->len_beacon_ies && 3295 res->beacon_ies != res->information_elements) 3296 NLA_PUT(msg, NL80211_BSS_BEACON_IES, 3297 res->len_beacon_ies, res->beacon_ies); 3298 if (res->tsf) 3299 NLA_PUT_U64(msg, NL80211_BSS_TSF, res->tsf); 3300 if (res->beacon_interval) 3301 NLA_PUT_U16(msg, NL80211_BSS_BEACON_INTERVAL, res->beacon_interval); 3302 NLA_PUT_U16(msg, NL80211_BSS_CAPABILITY, res->capability); 3303 NLA_PUT_U32(msg, NL80211_BSS_FREQUENCY, res->channel->center_freq); 3304 NLA_PUT_U32(msg, NL80211_BSS_SEEN_MS_AGO, 3305 jiffies_to_msecs(jiffies - intbss->ts)); 3306 3307 switch (rdev->wiphy.signal_type) { 3308 case CFG80211_SIGNAL_TYPE_MBM: 3309 NLA_PUT_U32(msg, NL80211_BSS_SIGNAL_MBM, res->signal); 3310 break; 3311 case CFG80211_SIGNAL_TYPE_UNSPEC: 3312 NLA_PUT_U8(msg, NL80211_BSS_SIGNAL_UNSPEC, res->signal); 3313 break; 3314 default: 3315 break; 3316 } 3317 3318 switch (wdev->iftype) { 3319 case NL80211_IFTYPE_P2P_CLIENT: 3320 case NL80211_IFTYPE_STATION: 3321 if (intbss == wdev->current_bss) 3322 NLA_PUT_U32(msg, NL80211_BSS_STATUS, 3323 NL80211_BSS_STATUS_ASSOCIATED); 3324 else for (i = 0; i < MAX_AUTH_BSSES; i++) { 3325 if (intbss != wdev->auth_bsses[i]) 3326 continue; 3327 NLA_PUT_U32(msg, NL80211_BSS_STATUS, 3328 NL80211_BSS_STATUS_AUTHENTICATED); 3329 break; 3330 } 3331 break; 3332 case NL80211_IFTYPE_ADHOC: 3333 if (intbss == wdev->current_bss) 3334 NLA_PUT_U32(msg, NL80211_BSS_STATUS, 3335 NL80211_BSS_STATUS_IBSS_JOINED); 3336 break; 3337 default: 3338 break; 3339 } 3340 3341 nla_nest_end(msg, bss); 3342 3343 return genlmsg_end(msg, hdr); 3344 3345 nla_put_failure: 3346 genlmsg_cancel(msg, hdr); 3347 return -EMSGSIZE; 3348 } 3349 3350 static int nl80211_dump_scan(struct sk_buff *skb, 3351 struct netlink_callback *cb) 3352 { 3353 struct cfg80211_registered_device *rdev; 3354 struct net_device *dev; 3355 struct cfg80211_internal_bss *scan; 3356 struct wireless_dev *wdev; 3357 int start = cb->args[1], idx = 0; 3358 int err; 3359 3360 err = nl80211_prepare_netdev_dump(skb, cb, &rdev, &dev); 3361 if (err) 3362 return err; 3363 3364 wdev = dev->ieee80211_ptr; 3365 3366 wdev_lock(wdev); 3367 spin_lock_bh(&rdev->bss_lock); 3368 cfg80211_bss_expire(rdev); 3369 3370 list_for_each_entry(scan, &rdev->bss_list, list) { 3371 if (++idx <= start) 3372 continue; 3373 if (nl80211_send_bss(skb, 3374 NETLINK_CB(cb->skb).pid, 3375 cb->nlh->nlmsg_seq, NLM_F_MULTI, 3376 rdev, wdev, scan) < 0) { 3377 idx--; 3378 break; 3379 } 3380 } 3381 3382 spin_unlock_bh(&rdev->bss_lock); 3383 wdev_unlock(wdev); 3384 3385 cb->args[1] = idx; 3386 nl80211_finish_netdev_dump(rdev); 3387 3388 return skb->len; 3389 } 3390 3391 static int nl80211_send_survey(struct sk_buff *msg, u32 pid, u32 seq, 3392 int flags, struct net_device *dev, 3393 struct survey_info *survey) 3394 { 3395 void *hdr; 3396 struct nlattr *infoattr; 3397 3398 /* Survey without a channel doesn't make sense */ 3399 if (!survey->channel) 3400 return -EINVAL; 3401 3402 hdr = nl80211hdr_put(msg, pid, seq, flags, 3403 NL80211_CMD_NEW_SURVEY_RESULTS); 3404 if (!hdr) 3405 return -ENOMEM; 3406 3407 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 3408 3409 infoattr = nla_nest_start(msg, NL80211_ATTR_SURVEY_INFO); 3410 if (!infoattr) 3411 goto nla_put_failure; 3412 3413 NLA_PUT_U32(msg, NL80211_SURVEY_INFO_FREQUENCY, 3414 survey->channel->center_freq); 3415 if (survey->filled & SURVEY_INFO_NOISE_DBM) 3416 NLA_PUT_U8(msg, NL80211_SURVEY_INFO_NOISE, 3417 survey->noise); 3418 if (survey->filled & SURVEY_INFO_IN_USE) 3419 NLA_PUT_FLAG(msg, NL80211_SURVEY_INFO_IN_USE); 3420 if (survey->filled & SURVEY_INFO_CHANNEL_TIME) 3421 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME, 3422 survey->channel_time); 3423 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_BUSY) 3424 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY, 3425 survey->channel_time_busy); 3426 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_EXT_BUSY) 3427 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_EXT_BUSY, 3428 survey->channel_time_ext_busy); 3429 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_RX) 3430 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_RX, 3431 survey->channel_time_rx); 3432 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_TX) 3433 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_TX, 3434 survey->channel_time_tx); 3435 3436 nla_nest_end(msg, infoattr); 3437 3438 return genlmsg_end(msg, hdr); 3439 3440 nla_put_failure: 3441 genlmsg_cancel(msg, hdr); 3442 return -EMSGSIZE; 3443 } 3444 3445 static int nl80211_dump_survey(struct sk_buff *skb, 3446 struct netlink_callback *cb) 3447 { 3448 struct survey_info survey; 3449 struct cfg80211_registered_device *dev; 3450 struct net_device *netdev; 3451 int survey_idx = cb->args[1]; 3452 int res; 3453 3454 res = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev); 3455 if (res) 3456 return res; 3457 3458 if (!dev->ops->dump_survey) { 3459 res = -EOPNOTSUPP; 3460 goto out_err; 3461 } 3462 3463 while (1) { 3464 res = dev->ops->dump_survey(&dev->wiphy, netdev, survey_idx, 3465 &survey); 3466 if (res == -ENOENT) 3467 break; 3468 if (res) 3469 goto out_err; 3470 3471 if (nl80211_send_survey(skb, 3472 NETLINK_CB(cb->skb).pid, 3473 cb->nlh->nlmsg_seq, NLM_F_MULTI, 3474 netdev, 3475 &survey) < 0) 3476 goto out; 3477 survey_idx++; 3478 } 3479 3480 out: 3481 cb->args[1] = survey_idx; 3482 res = skb->len; 3483 out_err: 3484 nl80211_finish_netdev_dump(dev); 3485 return res; 3486 } 3487 3488 static bool nl80211_valid_auth_type(enum nl80211_auth_type auth_type) 3489 { 3490 return auth_type <= NL80211_AUTHTYPE_MAX; 3491 } 3492 3493 static bool nl80211_valid_wpa_versions(u32 wpa_versions) 3494 { 3495 return !(wpa_versions & ~(NL80211_WPA_VERSION_1 | 3496 NL80211_WPA_VERSION_2)); 3497 } 3498 3499 static bool nl80211_valid_akm_suite(u32 akm) 3500 { 3501 return akm == WLAN_AKM_SUITE_8021X || 3502 akm == WLAN_AKM_SUITE_PSK; 3503 } 3504 3505 static bool nl80211_valid_cipher_suite(u32 cipher) 3506 { 3507 return cipher == WLAN_CIPHER_SUITE_WEP40 || 3508 cipher == WLAN_CIPHER_SUITE_WEP104 || 3509 cipher == WLAN_CIPHER_SUITE_TKIP || 3510 cipher == WLAN_CIPHER_SUITE_CCMP || 3511 cipher == WLAN_CIPHER_SUITE_AES_CMAC; 3512 } 3513 3514 3515 static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info) 3516 { 3517 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3518 struct net_device *dev = info->user_ptr[1]; 3519 struct ieee80211_channel *chan; 3520 const u8 *bssid, *ssid, *ie = NULL; 3521 int err, ssid_len, ie_len = 0; 3522 enum nl80211_auth_type auth_type; 3523 struct key_parse key; 3524 bool local_state_change; 3525 3526 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3527 return -EINVAL; 3528 3529 if (!info->attrs[NL80211_ATTR_MAC]) 3530 return -EINVAL; 3531 3532 if (!info->attrs[NL80211_ATTR_AUTH_TYPE]) 3533 return -EINVAL; 3534 3535 if (!info->attrs[NL80211_ATTR_SSID]) 3536 return -EINVAL; 3537 3538 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ]) 3539 return -EINVAL; 3540 3541 err = nl80211_parse_key(info, &key); 3542 if (err) 3543 return err; 3544 3545 if (key.idx >= 0) { 3546 if (key.type != -1 && key.type != NL80211_KEYTYPE_GROUP) 3547 return -EINVAL; 3548 if (!key.p.key || !key.p.key_len) 3549 return -EINVAL; 3550 if ((key.p.cipher != WLAN_CIPHER_SUITE_WEP40 || 3551 key.p.key_len != WLAN_KEY_LEN_WEP40) && 3552 (key.p.cipher != WLAN_CIPHER_SUITE_WEP104 || 3553 key.p.key_len != WLAN_KEY_LEN_WEP104)) 3554 return -EINVAL; 3555 if (key.idx > 4) 3556 return -EINVAL; 3557 } else { 3558 key.p.key_len = 0; 3559 key.p.key = NULL; 3560 } 3561 3562 if (key.idx >= 0) { 3563 int i; 3564 bool ok = false; 3565 for (i = 0; i < rdev->wiphy.n_cipher_suites; i++) { 3566 if (key.p.cipher == rdev->wiphy.cipher_suites[i]) { 3567 ok = true; 3568 break; 3569 } 3570 } 3571 if (!ok) 3572 return -EINVAL; 3573 } 3574 3575 if (!rdev->ops->auth) 3576 return -EOPNOTSUPP; 3577 3578 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 3579 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 3580 return -EOPNOTSUPP; 3581 3582 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 3583 chan = ieee80211_get_channel(&rdev->wiphy, 3584 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 3585 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED)) 3586 return -EINVAL; 3587 3588 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 3589 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 3590 3591 if (info->attrs[NL80211_ATTR_IE]) { 3592 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3593 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3594 } 3595 3596 auth_type = nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]); 3597 if (!nl80211_valid_auth_type(auth_type)) 3598 return -EINVAL; 3599 3600 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; 3601 3602 return cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid, 3603 ssid, ssid_len, ie, ie_len, 3604 key.p.key, key.p.key_len, key.idx, 3605 local_state_change); 3606 } 3607 3608 static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev, 3609 struct genl_info *info, 3610 struct cfg80211_crypto_settings *settings, 3611 int cipher_limit) 3612 { 3613 memset(settings, 0, sizeof(*settings)); 3614 3615 settings->control_port = info->attrs[NL80211_ATTR_CONTROL_PORT]; 3616 3617 if (info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]) { 3618 u16 proto; 3619 proto = nla_get_u16( 3620 info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]); 3621 settings->control_port_ethertype = cpu_to_be16(proto); 3622 if (!(rdev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) && 3623 proto != ETH_P_PAE) 3624 return -EINVAL; 3625 if (info->attrs[NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT]) 3626 settings->control_port_no_encrypt = true; 3627 } else 3628 settings->control_port_ethertype = cpu_to_be16(ETH_P_PAE); 3629 3630 if (info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]) { 3631 void *data; 3632 int len, i; 3633 3634 data = nla_data(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]); 3635 len = nla_len(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]); 3636 settings->n_ciphers_pairwise = len / sizeof(u32); 3637 3638 if (len % sizeof(u32)) 3639 return -EINVAL; 3640 3641 if (settings->n_ciphers_pairwise > cipher_limit) 3642 return -EINVAL; 3643 3644 memcpy(settings->ciphers_pairwise, data, len); 3645 3646 for (i = 0; i < settings->n_ciphers_pairwise; i++) 3647 if (!nl80211_valid_cipher_suite( 3648 settings->ciphers_pairwise[i])) 3649 return -EINVAL; 3650 } 3651 3652 if (info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]) { 3653 settings->cipher_group = 3654 nla_get_u32(info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]); 3655 if (!nl80211_valid_cipher_suite(settings->cipher_group)) 3656 return -EINVAL; 3657 } 3658 3659 if (info->attrs[NL80211_ATTR_WPA_VERSIONS]) { 3660 settings->wpa_versions = 3661 nla_get_u32(info->attrs[NL80211_ATTR_WPA_VERSIONS]); 3662 if (!nl80211_valid_wpa_versions(settings->wpa_versions)) 3663 return -EINVAL; 3664 } 3665 3666 if (info->attrs[NL80211_ATTR_AKM_SUITES]) { 3667 void *data; 3668 int len, i; 3669 3670 data = nla_data(info->attrs[NL80211_ATTR_AKM_SUITES]); 3671 len = nla_len(info->attrs[NL80211_ATTR_AKM_SUITES]); 3672 settings->n_akm_suites = len / sizeof(u32); 3673 3674 if (len % sizeof(u32)) 3675 return -EINVAL; 3676 3677 memcpy(settings->akm_suites, data, len); 3678 3679 for (i = 0; i < settings->n_ciphers_pairwise; i++) 3680 if (!nl80211_valid_akm_suite(settings->akm_suites[i])) 3681 return -EINVAL; 3682 } 3683 3684 return 0; 3685 } 3686 3687 static int nl80211_associate(struct sk_buff *skb, struct genl_info *info) 3688 { 3689 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3690 struct net_device *dev = info->user_ptr[1]; 3691 struct cfg80211_crypto_settings crypto; 3692 struct ieee80211_channel *chan; 3693 const u8 *bssid, *ssid, *ie = NULL, *prev_bssid = NULL; 3694 int err, ssid_len, ie_len = 0; 3695 bool use_mfp = false; 3696 3697 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3698 return -EINVAL; 3699 3700 if (!info->attrs[NL80211_ATTR_MAC] || 3701 !info->attrs[NL80211_ATTR_SSID] || 3702 !info->attrs[NL80211_ATTR_WIPHY_FREQ]) 3703 return -EINVAL; 3704 3705 if (!rdev->ops->assoc) 3706 return -EOPNOTSUPP; 3707 3708 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 3709 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 3710 return -EOPNOTSUPP; 3711 3712 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 3713 3714 chan = ieee80211_get_channel(&rdev->wiphy, 3715 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 3716 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED)) 3717 return -EINVAL; 3718 3719 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 3720 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 3721 3722 if (info->attrs[NL80211_ATTR_IE]) { 3723 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3724 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3725 } 3726 3727 if (info->attrs[NL80211_ATTR_USE_MFP]) { 3728 enum nl80211_mfp mfp = 3729 nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]); 3730 if (mfp == NL80211_MFP_REQUIRED) 3731 use_mfp = true; 3732 else if (mfp != NL80211_MFP_NO) 3733 return -EINVAL; 3734 } 3735 3736 if (info->attrs[NL80211_ATTR_PREV_BSSID]) 3737 prev_bssid = nla_data(info->attrs[NL80211_ATTR_PREV_BSSID]); 3738 3739 err = nl80211_crypto_settings(rdev, info, &crypto, 1); 3740 if (!err) 3741 err = cfg80211_mlme_assoc(rdev, dev, chan, bssid, prev_bssid, 3742 ssid, ssid_len, ie, ie_len, use_mfp, 3743 &crypto); 3744 3745 return err; 3746 } 3747 3748 static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info) 3749 { 3750 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3751 struct net_device *dev = info->user_ptr[1]; 3752 const u8 *ie = NULL, *bssid; 3753 int ie_len = 0; 3754 u16 reason_code; 3755 bool local_state_change; 3756 3757 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3758 return -EINVAL; 3759 3760 if (!info->attrs[NL80211_ATTR_MAC]) 3761 return -EINVAL; 3762 3763 if (!info->attrs[NL80211_ATTR_REASON_CODE]) 3764 return -EINVAL; 3765 3766 if (!rdev->ops->deauth) 3767 return -EOPNOTSUPP; 3768 3769 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 3770 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 3771 return -EOPNOTSUPP; 3772 3773 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 3774 3775 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 3776 if (reason_code == 0) { 3777 /* Reason Code 0 is reserved */ 3778 return -EINVAL; 3779 } 3780 3781 if (info->attrs[NL80211_ATTR_IE]) { 3782 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3783 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3784 } 3785 3786 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; 3787 3788 return cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason_code, 3789 local_state_change); 3790 } 3791 3792 static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info) 3793 { 3794 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3795 struct net_device *dev = info->user_ptr[1]; 3796 const u8 *ie = NULL, *bssid; 3797 int ie_len = 0; 3798 u16 reason_code; 3799 bool local_state_change; 3800 3801 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3802 return -EINVAL; 3803 3804 if (!info->attrs[NL80211_ATTR_MAC]) 3805 return -EINVAL; 3806 3807 if (!info->attrs[NL80211_ATTR_REASON_CODE]) 3808 return -EINVAL; 3809 3810 if (!rdev->ops->disassoc) 3811 return -EOPNOTSUPP; 3812 3813 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 3814 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 3815 return -EOPNOTSUPP; 3816 3817 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 3818 3819 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 3820 if (reason_code == 0) { 3821 /* Reason Code 0 is reserved */ 3822 return -EINVAL; 3823 } 3824 3825 if (info->attrs[NL80211_ATTR_IE]) { 3826 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3827 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3828 } 3829 3830 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; 3831 3832 return cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason_code, 3833 local_state_change); 3834 } 3835 3836 static bool 3837 nl80211_parse_mcast_rate(struct cfg80211_registered_device *rdev, 3838 int mcast_rate[IEEE80211_NUM_BANDS], 3839 int rateval) 3840 { 3841 struct wiphy *wiphy = &rdev->wiphy; 3842 bool found = false; 3843 int band, i; 3844 3845 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 3846 struct ieee80211_supported_band *sband; 3847 3848 sband = wiphy->bands[band]; 3849 if (!sband) 3850 continue; 3851 3852 for (i = 0; i < sband->n_bitrates; i++) { 3853 if (sband->bitrates[i].bitrate == rateval) { 3854 mcast_rate[band] = i + 1; 3855 found = true; 3856 break; 3857 } 3858 } 3859 } 3860 3861 return found; 3862 } 3863 3864 static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info) 3865 { 3866 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3867 struct net_device *dev = info->user_ptr[1]; 3868 struct cfg80211_ibss_params ibss; 3869 struct wiphy *wiphy; 3870 struct cfg80211_cached_keys *connkeys = NULL; 3871 int err; 3872 3873 memset(&ibss, 0, sizeof(ibss)); 3874 3875 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3876 return -EINVAL; 3877 3878 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] || 3879 !info->attrs[NL80211_ATTR_SSID] || 3880 !nla_len(info->attrs[NL80211_ATTR_SSID])) 3881 return -EINVAL; 3882 3883 ibss.beacon_interval = 100; 3884 3885 if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) { 3886 ibss.beacon_interval = 3887 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]); 3888 if (ibss.beacon_interval < 1 || ibss.beacon_interval > 10000) 3889 return -EINVAL; 3890 } 3891 3892 if (!rdev->ops->join_ibss) 3893 return -EOPNOTSUPP; 3894 3895 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) 3896 return -EOPNOTSUPP; 3897 3898 wiphy = &rdev->wiphy; 3899 3900 if (info->attrs[NL80211_ATTR_MAC]) 3901 ibss.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 3902 ibss.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 3903 ibss.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 3904 3905 if (info->attrs[NL80211_ATTR_IE]) { 3906 ibss.ie = nla_data(info->attrs[NL80211_ATTR_IE]); 3907 ibss.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3908 } 3909 3910 ibss.channel = ieee80211_get_channel(wiphy, 3911 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 3912 if (!ibss.channel || 3913 ibss.channel->flags & IEEE80211_CHAN_NO_IBSS || 3914 ibss.channel->flags & IEEE80211_CHAN_DISABLED) 3915 return -EINVAL; 3916 3917 ibss.channel_fixed = !!info->attrs[NL80211_ATTR_FREQ_FIXED]; 3918 ibss.privacy = !!info->attrs[NL80211_ATTR_PRIVACY]; 3919 3920 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) { 3921 u8 *rates = 3922 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 3923 int n_rates = 3924 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 3925 struct ieee80211_supported_band *sband = 3926 wiphy->bands[ibss.channel->band]; 3927 int i, j; 3928 3929 if (n_rates == 0) 3930 return -EINVAL; 3931 3932 for (i = 0; i < n_rates; i++) { 3933 int rate = (rates[i] & 0x7f) * 5; 3934 bool found = false; 3935 3936 for (j = 0; j < sband->n_bitrates; j++) { 3937 if (sband->bitrates[j].bitrate == rate) { 3938 found = true; 3939 ibss.basic_rates |= BIT(j); 3940 break; 3941 } 3942 } 3943 if (!found) 3944 return -EINVAL; 3945 } 3946 } 3947 3948 if (info->attrs[NL80211_ATTR_MCAST_RATE] && 3949 !nl80211_parse_mcast_rate(rdev, ibss.mcast_rate, 3950 nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE]))) 3951 return -EINVAL; 3952 3953 if (ibss.privacy && info->attrs[NL80211_ATTR_KEYS]) { 3954 connkeys = nl80211_parse_connkeys(rdev, 3955 info->attrs[NL80211_ATTR_KEYS]); 3956 if (IS_ERR(connkeys)) 3957 return PTR_ERR(connkeys); 3958 } 3959 3960 err = cfg80211_join_ibss(rdev, dev, &ibss, connkeys); 3961 if (err) 3962 kfree(connkeys); 3963 return err; 3964 } 3965 3966 static int nl80211_leave_ibss(struct sk_buff *skb, struct genl_info *info) 3967 { 3968 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3969 struct net_device *dev = info->user_ptr[1]; 3970 3971 if (!rdev->ops->leave_ibss) 3972 return -EOPNOTSUPP; 3973 3974 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) 3975 return -EOPNOTSUPP; 3976 3977 return cfg80211_leave_ibss(rdev, dev, false); 3978 } 3979 3980 #ifdef CONFIG_NL80211_TESTMODE 3981 static struct genl_multicast_group nl80211_testmode_mcgrp = { 3982 .name = "testmode", 3983 }; 3984 3985 static int nl80211_testmode_do(struct sk_buff *skb, struct genl_info *info) 3986 { 3987 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3988 int err; 3989 3990 if (!info->attrs[NL80211_ATTR_TESTDATA]) 3991 return -EINVAL; 3992 3993 err = -EOPNOTSUPP; 3994 if (rdev->ops->testmode_cmd) { 3995 rdev->testmode_info = info; 3996 err = rdev->ops->testmode_cmd(&rdev->wiphy, 3997 nla_data(info->attrs[NL80211_ATTR_TESTDATA]), 3998 nla_len(info->attrs[NL80211_ATTR_TESTDATA])); 3999 rdev->testmode_info = NULL; 4000 } 4001 4002 return err; 4003 } 4004 4005 static struct sk_buff * 4006 __cfg80211_testmode_alloc_skb(struct cfg80211_registered_device *rdev, 4007 int approxlen, u32 pid, u32 seq, gfp_t gfp) 4008 { 4009 struct sk_buff *skb; 4010 void *hdr; 4011 struct nlattr *data; 4012 4013 skb = nlmsg_new(approxlen + 100, gfp); 4014 if (!skb) 4015 return NULL; 4016 4017 hdr = nl80211hdr_put(skb, pid, seq, 0, NL80211_CMD_TESTMODE); 4018 if (!hdr) { 4019 kfree_skb(skb); 4020 return NULL; 4021 } 4022 4023 NLA_PUT_U32(skb, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 4024 data = nla_nest_start(skb, NL80211_ATTR_TESTDATA); 4025 4026 ((void **)skb->cb)[0] = rdev; 4027 ((void **)skb->cb)[1] = hdr; 4028 ((void **)skb->cb)[2] = data; 4029 4030 return skb; 4031 4032 nla_put_failure: 4033 kfree_skb(skb); 4034 return NULL; 4035 } 4036 4037 struct sk_buff *cfg80211_testmode_alloc_reply_skb(struct wiphy *wiphy, 4038 int approxlen) 4039 { 4040 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 4041 4042 if (WARN_ON(!rdev->testmode_info)) 4043 return NULL; 4044 4045 return __cfg80211_testmode_alloc_skb(rdev, approxlen, 4046 rdev->testmode_info->snd_pid, 4047 rdev->testmode_info->snd_seq, 4048 GFP_KERNEL); 4049 } 4050 EXPORT_SYMBOL(cfg80211_testmode_alloc_reply_skb); 4051 4052 int cfg80211_testmode_reply(struct sk_buff *skb) 4053 { 4054 struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0]; 4055 void *hdr = ((void **)skb->cb)[1]; 4056 struct nlattr *data = ((void **)skb->cb)[2]; 4057 4058 if (WARN_ON(!rdev->testmode_info)) { 4059 kfree_skb(skb); 4060 return -EINVAL; 4061 } 4062 4063 nla_nest_end(skb, data); 4064 genlmsg_end(skb, hdr); 4065 return genlmsg_reply(skb, rdev->testmode_info); 4066 } 4067 EXPORT_SYMBOL(cfg80211_testmode_reply); 4068 4069 struct sk_buff *cfg80211_testmode_alloc_event_skb(struct wiphy *wiphy, 4070 int approxlen, gfp_t gfp) 4071 { 4072 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 4073 4074 return __cfg80211_testmode_alloc_skb(rdev, approxlen, 0, 0, gfp); 4075 } 4076 EXPORT_SYMBOL(cfg80211_testmode_alloc_event_skb); 4077 4078 void cfg80211_testmode_event(struct sk_buff *skb, gfp_t gfp) 4079 { 4080 void *hdr = ((void **)skb->cb)[1]; 4081 struct nlattr *data = ((void **)skb->cb)[2]; 4082 4083 nla_nest_end(skb, data); 4084 genlmsg_end(skb, hdr); 4085 genlmsg_multicast(skb, 0, nl80211_testmode_mcgrp.id, gfp); 4086 } 4087 EXPORT_SYMBOL(cfg80211_testmode_event); 4088 #endif 4089 4090 static int nl80211_connect(struct sk_buff *skb, struct genl_info *info) 4091 { 4092 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4093 struct net_device *dev = info->user_ptr[1]; 4094 struct cfg80211_connect_params connect; 4095 struct wiphy *wiphy; 4096 struct cfg80211_cached_keys *connkeys = NULL; 4097 int err; 4098 4099 memset(&connect, 0, sizeof(connect)); 4100 4101 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4102 return -EINVAL; 4103 4104 if (!info->attrs[NL80211_ATTR_SSID] || 4105 !nla_len(info->attrs[NL80211_ATTR_SSID])) 4106 return -EINVAL; 4107 4108 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) { 4109 connect.auth_type = 4110 nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]); 4111 if (!nl80211_valid_auth_type(connect.auth_type)) 4112 return -EINVAL; 4113 } else 4114 connect.auth_type = NL80211_AUTHTYPE_AUTOMATIC; 4115 4116 connect.privacy = info->attrs[NL80211_ATTR_PRIVACY]; 4117 4118 err = nl80211_crypto_settings(rdev, info, &connect.crypto, 4119 NL80211_MAX_NR_CIPHER_SUITES); 4120 if (err) 4121 return err; 4122 4123 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4124 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4125 return -EOPNOTSUPP; 4126 4127 wiphy = &rdev->wiphy; 4128 4129 if (info->attrs[NL80211_ATTR_MAC]) 4130 connect.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4131 connect.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 4132 connect.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 4133 4134 if (info->attrs[NL80211_ATTR_IE]) { 4135 connect.ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4136 connect.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4137 } 4138 4139 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { 4140 connect.channel = 4141 ieee80211_get_channel(wiphy, 4142 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 4143 if (!connect.channel || 4144 connect.channel->flags & IEEE80211_CHAN_DISABLED) 4145 return -EINVAL; 4146 } 4147 4148 if (connect.privacy && info->attrs[NL80211_ATTR_KEYS]) { 4149 connkeys = nl80211_parse_connkeys(rdev, 4150 info->attrs[NL80211_ATTR_KEYS]); 4151 if (IS_ERR(connkeys)) 4152 return PTR_ERR(connkeys); 4153 } 4154 4155 err = cfg80211_connect(rdev, dev, &connect, connkeys); 4156 if (err) 4157 kfree(connkeys); 4158 return err; 4159 } 4160 4161 static int nl80211_disconnect(struct sk_buff *skb, struct genl_info *info) 4162 { 4163 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4164 struct net_device *dev = info->user_ptr[1]; 4165 u16 reason; 4166 4167 if (!info->attrs[NL80211_ATTR_REASON_CODE]) 4168 reason = WLAN_REASON_DEAUTH_LEAVING; 4169 else 4170 reason = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 4171 4172 if (reason == 0) 4173 return -EINVAL; 4174 4175 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4176 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4177 return -EOPNOTSUPP; 4178 4179 return cfg80211_disconnect(rdev, dev, reason, true); 4180 } 4181 4182 static int nl80211_wiphy_netns(struct sk_buff *skb, struct genl_info *info) 4183 { 4184 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4185 struct net *net; 4186 int err; 4187 u32 pid; 4188 4189 if (!info->attrs[NL80211_ATTR_PID]) 4190 return -EINVAL; 4191 4192 pid = nla_get_u32(info->attrs[NL80211_ATTR_PID]); 4193 4194 net = get_net_ns_by_pid(pid); 4195 if (IS_ERR(net)) 4196 return PTR_ERR(net); 4197 4198 err = 0; 4199 4200 /* check if anything to do */ 4201 if (!net_eq(wiphy_net(&rdev->wiphy), net)) 4202 err = cfg80211_switch_netns(rdev, net); 4203 4204 put_net(net); 4205 return err; 4206 } 4207 4208 static int nl80211_setdel_pmksa(struct sk_buff *skb, struct genl_info *info) 4209 { 4210 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4211 int (*rdev_ops)(struct wiphy *wiphy, struct net_device *dev, 4212 struct cfg80211_pmksa *pmksa) = NULL; 4213 struct net_device *dev = info->user_ptr[1]; 4214 struct cfg80211_pmksa pmksa; 4215 4216 memset(&pmksa, 0, sizeof(struct cfg80211_pmksa)); 4217 4218 if (!info->attrs[NL80211_ATTR_MAC]) 4219 return -EINVAL; 4220 4221 if (!info->attrs[NL80211_ATTR_PMKID]) 4222 return -EINVAL; 4223 4224 pmksa.pmkid = nla_data(info->attrs[NL80211_ATTR_PMKID]); 4225 pmksa.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4226 4227 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4228 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4229 return -EOPNOTSUPP; 4230 4231 switch (info->genlhdr->cmd) { 4232 case NL80211_CMD_SET_PMKSA: 4233 rdev_ops = rdev->ops->set_pmksa; 4234 break; 4235 case NL80211_CMD_DEL_PMKSA: 4236 rdev_ops = rdev->ops->del_pmksa; 4237 break; 4238 default: 4239 WARN_ON(1); 4240 break; 4241 } 4242 4243 if (!rdev_ops) 4244 return -EOPNOTSUPP; 4245 4246 return rdev_ops(&rdev->wiphy, dev, &pmksa); 4247 } 4248 4249 static int nl80211_flush_pmksa(struct sk_buff *skb, struct genl_info *info) 4250 { 4251 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4252 struct net_device *dev = info->user_ptr[1]; 4253 4254 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4255 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4256 return -EOPNOTSUPP; 4257 4258 if (!rdev->ops->flush_pmksa) 4259 return -EOPNOTSUPP; 4260 4261 return rdev->ops->flush_pmksa(&rdev->wiphy, dev); 4262 } 4263 4264 static int nl80211_remain_on_channel(struct sk_buff *skb, 4265 struct genl_info *info) 4266 { 4267 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4268 struct net_device *dev = info->user_ptr[1]; 4269 struct ieee80211_channel *chan; 4270 struct sk_buff *msg; 4271 void *hdr; 4272 u64 cookie; 4273 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 4274 u32 freq, duration; 4275 int err; 4276 4277 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] || 4278 !info->attrs[NL80211_ATTR_DURATION]) 4279 return -EINVAL; 4280 4281 duration = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]); 4282 4283 /* 4284 * We should be on that channel for at least one jiffie, 4285 * and more than 5 seconds seems excessive. 4286 */ 4287 if (!duration || !msecs_to_jiffies(duration) || 4288 duration > rdev->wiphy.max_remain_on_channel_duration) 4289 return -EINVAL; 4290 4291 if (!rdev->ops->remain_on_channel) 4292 return -EOPNOTSUPP; 4293 4294 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 4295 channel_type = nla_get_u32( 4296 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 4297 if (channel_type != NL80211_CHAN_NO_HT && 4298 channel_type != NL80211_CHAN_HT20 && 4299 channel_type != NL80211_CHAN_HT40PLUS && 4300 channel_type != NL80211_CHAN_HT40MINUS) 4301 return -EINVAL; 4302 } 4303 4304 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); 4305 chan = rdev_freq_to_chan(rdev, freq, channel_type); 4306 if (chan == NULL) 4307 return -EINVAL; 4308 4309 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 4310 if (!msg) 4311 return -ENOMEM; 4312 4313 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 4314 NL80211_CMD_REMAIN_ON_CHANNEL); 4315 4316 if (IS_ERR(hdr)) { 4317 err = PTR_ERR(hdr); 4318 goto free_msg; 4319 } 4320 4321 err = rdev->ops->remain_on_channel(&rdev->wiphy, dev, chan, 4322 channel_type, duration, &cookie); 4323 4324 if (err) 4325 goto free_msg; 4326 4327 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 4328 4329 genlmsg_end(msg, hdr); 4330 4331 return genlmsg_reply(msg, info); 4332 4333 nla_put_failure: 4334 err = -ENOBUFS; 4335 free_msg: 4336 nlmsg_free(msg); 4337 return err; 4338 } 4339 4340 static int nl80211_cancel_remain_on_channel(struct sk_buff *skb, 4341 struct genl_info *info) 4342 { 4343 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4344 struct net_device *dev = info->user_ptr[1]; 4345 u64 cookie; 4346 4347 if (!info->attrs[NL80211_ATTR_COOKIE]) 4348 return -EINVAL; 4349 4350 if (!rdev->ops->cancel_remain_on_channel) 4351 return -EOPNOTSUPP; 4352 4353 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]); 4354 4355 return rdev->ops->cancel_remain_on_channel(&rdev->wiphy, dev, cookie); 4356 } 4357 4358 static u32 rateset_to_mask(struct ieee80211_supported_band *sband, 4359 u8 *rates, u8 rates_len) 4360 { 4361 u8 i; 4362 u32 mask = 0; 4363 4364 for (i = 0; i < rates_len; i++) { 4365 int rate = (rates[i] & 0x7f) * 5; 4366 int ridx; 4367 for (ridx = 0; ridx < sband->n_bitrates; ridx++) { 4368 struct ieee80211_rate *srate = 4369 &sband->bitrates[ridx]; 4370 if (rate == srate->bitrate) { 4371 mask |= 1 << ridx; 4372 break; 4373 } 4374 } 4375 if (ridx == sband->n_bitrates) 4376 return 0; /* rate not found */ 4377 } 4378 4379 return mask; 4380 } 4381 4382 static const struct nla_policy nl80211_txattr_policy[NL80211_TXRATE_MAX + 1] = { 4383 [NL80211_TXRATE_LEGACY] = { .type = NLA_BINARY, 4384 .len = NL80211_MAX_SUPP_RATES }, 4385 }; 4386 4387 static int nl80211_set_tx_bitrate_mask(struct sk_buff *skb, 4388 struct genl_info *info) 4389 { 4390 struct nlattr *tb[NL80211_TXRATE_MAX + 1]; 4391 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4392 struct cfg80211_bitrate_mask mask; 4393 int rem, i; 4394 struct net_device *dev = info->user_ptr[1]; 4395 struct nlattr *tx_rates; 4396 struct ieee80211_supported_band *sband; 4397 4398 if (info->attrs[NL80211_ATTR_TX_RATES] == NULL) 4399 return -EINVAL; 4400 4401 if (!rdev->ops->set_bitrate_mask) 4402 return -EOPNOTSUPP; 4403 4404 memset(&mask, 0, sizeof(mask)); 4405 /* Default to all rates enabled */ 4406 for (i = 0; i < IEEE80211_NUM_BANDS; i++) { 4407 sband = rdev->wiphy.bands[i]; 4408 mask.control[i].legacy = 4409 sband ? (1 << sband->n_bitrates) - 1 : 0; 4410 } 4411 4412 /* 4413 * The nested attribute uses enum nl80211_band as the index. This maps 4414 * directly to the enum ieee80211_band values used in cfg80211. 4415 */ 4416 nla_for_each_nested(tx_rates, info->attrs[NL80211_ATTR_TX_RATES], rem) 4417 { 4418 enum ieee80211_band band = nla_type(tx_rates); 4419 if (band < 0 || band >= IEEE80211_NUM_BANDS) 4420 return -EINVAL; 4421 sband = rdev->wiphy.bands[band]; 4422 if (sband == NULL) 4423 return -EINVAL; 4424 nla_parse(tb, NL80211_TXRATE_MAX, nla_data(tx_rates), 4425 nla_len(tx_rates), nl80211_txattr_policy); 4426 if (tb[NL80211_TXRATE_LEGACY]) { 4427 mask.control[band].legacy = rateset_to_mask( 4428 sband, 4429 nla_data(tb[NL80211_TXRATE_LEGACY]), 4430 nla_len(tb[NL80211_TXRATE_LEGACY])); 4431 if (mask.control[band].legacy == 0) 4432 return -EINVAL; 4433 } 4434 } 4435 4436 return rdev->ops->set_bitrate_mask(&rdev->wiphy, dev, NULL, &mask); 4437 } 4438 4439 static int nl80211_register_mgmt(struct sk_buff *skb, struct genl_info *info) 4440 { 4441 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4442 struct net_device *dev = info->user_ptr[1]; 4443 u16 frame_type = IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_ACTION; 4444 4445 if (!info->attrs[NL80211_ATTR_FRAME_MATCH]) 4446 return -EINVAL; 4447 4448 if (info->attrs[NL80211_ATTR_FRAME_TYPE]) 4449 frame_type = nla_get_u16(info->attrs[NL80211_ATTR_FRAME_TYPE]); 4450 4451 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4452 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC && 4453 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT && 4454 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 4455 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 4456 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT && 4457 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 4458 return -EOPNOTSUPP; 4459 4460 /* not much point in registering if we can't reply */ 4461 if (!rdev->ops->mgmt_tx) 4462 return -EOPNOTSUPP; 4463 4464 return cfg80211_mlme_register_mgmt(dev->ieee80211_ptr, info->snd_pid, 4465 frame_type, 4466 nla_data(info->attrs[NL80211_ATTR_FRAME_MATCH]), 4467 nla_len(info->attrs[NL80211_ATTR_FRAME_MATCH])); 4468 } 4469 4470 static int nl80211_tx_mgmt(struct sk_buff *skb, struct genl_info *info) 4471 { 4472 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4473 struct net_device *dev = info->user_ptr[1]; 4474 struct ieee80211_channel *chan; 4475 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 4476 bool channel_type_valid = false; 4477 u32 freq; 4478 int err; 4479 void *hdr; 4480 u64 cookie; 4481 struct sk_buff *msg; 4482 unsigned int wait = 0; 4483 bool offchan; 4484 4485 if (!info->attrs[NL80211_ATTR_FRAME] || 4486 !info->attrs[NL80211_ATTR_WIPHY_FREQ]) 4487 return -EINVAL; 4488 4489 if (!rdev->ops->mgmt_tx) 4490 return -EOPNOTSUPP; 4491 4492 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4493 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC && 4494 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT && 4495 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 4496 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 4497 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT && 4498 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 4499 return -EOPNOTSUPP; 4500 4501 if (info->attrs[NL80211_ATTR_DURATION]) { 4502 if (!rdev->ops->mgmt_tx_cancel_wait) 4503 return -EINVAL; 4504 wait = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]); 4505 } 4506 4507 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 4508 channel_type = nla_get_u32( 4509 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 4510 if (channel_type != NL80211_CHAN_NO_HT && 4511 channel_type != NL80211_CHAN_HT20 && 4512 channel_type != NL80211_CHAN_HT40PLUS && 4513 channel_type != NL80211_CHAN_HT40MINUS) 4514 return -EINVAL; 4515 channel_type_valid = true; 4516 } 4517 4518 offchan = info->attrs[NL80211_ATTR_OFFCHANNEL_TX_OK]; 4519 4520 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); 4521 chan = rdev_freq_to_chan(rdev, freq, channel_type); 4522 if (chan == NULL) 4523 return -EINVAL; 4524 4525 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 4526 if (!msg) 4527 return -ENOMEM; 4528 4529 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 4530 NL80211_CMD_FRAME); 4531 4532 if (IS_ERR(hdr)) { 4533 err = PTR_ERR(hdr); 4534 goto free_msg; 4535 } 4536 err = cfg80211_mlme_mgmt_tx(rdev, dev, chan, offchan, channel_type, 4537 channel_type_valid, wait, 4538 nla_data(info->attrs[NL80211_ATTR_FRAME]), 4539 nla_len(info->attrs[NL80211_ATTR_FRAME]), 4540 &cookie); 4541 if (err) 4542 goto free_msg; 4543 4544 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 4545 4546 genlmsg_end(msg, hdr); 4547 return genlmsg_reply(msg, info); 4548 4549 nla_put_failure: 4550 err = -ENOBUFS; 4551 free_msg: 4552 nlmsg_free(msg); 4553 return err; 4554 } 4555 4556 static int nl80211_tx_mgmt_cancel_wait(struct sk_buff *skb, struct genl_info *info) 4557 { 4558 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4559 struct net_device *dev = info->user_ptr[1]; 4560 u64 cookie; 4561 4562 if (!info->attrs[NL80211_ATTR_COOKIE]) 4563 return -EINVAL; 4564 4565 if (!rdev->ops->mgmt_tx_cancel_wait) 4566 return -EOPNOTSUPP; 4567 4568 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4569 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC && 4570 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT && 4571 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 4572 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 4573 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 4574 return -EOPNOTSUPP; 4575 4576 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]); 4577 4578 return rdev->ops->mgmt_tx_cancel_wait(&rdev->wiphy, dev, cookie); 4579 } 4580 4581 static int nl80211_set_power_save(struct sk_buff *skb, struct genl_info *info) 4582 { 4583 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4584 struct wireless_dev *wdev; 4585 struct net_device *dev = info->user_ptr[1]; 4586 u8 ps_state; 4587 bool state; 4588 int err; 4589 4590 if (!info->attrs[NL80211_ATTR_PS_STATE]) 4591 return -EINVAL; 4592 4593 ps_state = nla_get_u32(info->attrs[NL80211_ATTR_PS_STATE]); 4594 4595 if (ps_state != NL80211_PS_DISABLED && ps_state != NL80211_PS_ENABLED) 4596 return -EINVAL; 4597 4598 wdev = dev->ieee80211_ptr; 4599 4600 if (!rdev->ops->set_power_mgmt) 4601 return -EOPNOTSUPP; 4602 4603 state = (ps_state == NL80211_PS_ENABLED) ? true : false; 4604 4605 if (state == wdev->ps) 4606 return 0; 4607 4608 err = rdev->ops->set_power_mgmt(wdev->wiphy, dev, state, 4609 wdev->ps_timeout); 4610 if (!err) 4611 wdev->ps = state; 4612 return err; 4613 } 4614 4615 static int nl80211_get_power_save(struct sk_buff *skb, struct genl_info *info) 4616 { 4617 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4618 enum nl80211_ps_state ps_state; 4619 struct wireless_dev *wdev; 4620 struct net_device *dev = info->user_ptr[1]; 4621 struct sk_buff *msg; 4622 void *hdr; 4623 int err; 4624 4625 wdev = dev->ieee80211_ptr; 4626 4627 if (!rdev->ops->set_power_mgmt) 4628 return -EOPNOTSUPP; 4629 4630 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 4631 if (!msg) 4632 return -ENOMEM; 4633 4634 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 4635 NL80211_CMD_GET_POWER_SAVE); 4636 if (!hdr) { 4637 err = -ENOBUFS; 4638 goto free_msg; 4639 } 4640 4641 if (wdev->ps) 4642 ps_state = NL80211_PS_ENABLED; 4643 else 4644 ps_state = NL80211_PS_DISABLED; 4645 4646 NLA_PUT_U32(msg, NL80211_ATTR_PS_STATE, ps_state); 4647 4648 genlmsg_end(msg, hdr); 4649 return genlmsg_reply(msg, info); 4650 4651 nla_put_failure: 4652 err = -ENOBUFS; 4653 free_msg: 4654 nlmsg_free(msg); 4655 return err; 4656 } 4657 4658 static struct nla_policy 4659 nl80211_attr_cqm_policy[NL80211_ATTR_CQM_MAX + 1] __read_mostly = { 4660 [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_U32 }, 4661 [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U32 }, 4662 [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 }, 4663 }; 4664 4665 static int nl80211_set_cqm_rssi(struct genl_info *info, 4666 s32 threshold, u32 hysteresis) 4667 { 4668 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4669 struct wireless_dev *wdev; 4670 struct net_device *dev = info->user_ptr[1]; 4671 4672 if (threshold > 0) 4673 return -EINVAL; 4674 4675 wdev = dev->ieee80211_ptr; 4676 4677 if (!rdev->ops->set_cqm_rssi_config) 4678 return -EOPNOTSUPP; 4679 4680 if (wdev->iftype != NL80211_IFTYPE_STATION && 4681 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT) 4682 return -EOPNOTSUPP; 4683 4684 return rdev->ops->set_cqm_rssi_config(wdev->wiphy, dev, 4685 threshold, hysteresis); 4686 } 4687 4688 static int nl80211_set_cqm(struct sk_buff *skb, struct genl_info *info) 4689 { 4690 struct nlattr *attrs[NL80211_ATTR_CQM_MAX + 1]; 4691 struct nlattr *cqm; 4692 int err; 4693 4694 cqm = info->attrs[NL80211_ATTR_CQM]; 4695 if (!cqm) { 4696 err = -EINVAL; 4697 goto out; 4698 } 4699 4700 err = nla_parse_nested(attrs, NL80211_ATTR_CQM_MAX, cqm, 4701 nl80211_attr_cqm_policy); 4702 if (err) 4703 goto out; 4704 4705 if (attrs[NL80211_ATTR_CQM_RSSI_THOLD] && 4706 attrs[NL80211_ATTR_CQM_RSSI_HYST]) { 4707 s32 threshold; 4708 u32 hysteresis; 4709 threshold = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_THOLD]); 4710 hysteresis = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_HYST]); 4711 err = nl80211_set_cqm_rssi(info, threshold, hysteresis); 4712 } else 4713 err = -EINVAL; 4714 4715 out: 4716 return err; 4717 } 4718 4719 static int nl80211_join_mesh(struct sk_buff *skb, struct genl_info *info) 4720 { 4721 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4722 struct net_device *dev = info->user_ptr[1]; 4723 struct mesh_config cfg; 4724 struct mesh_setup setup; 4725 int err; 4726 4727 /* start with default */ 4728 memcpy(&cfg, &default_mesh_config, sizeof(cfg)); 4729 memcpy(&setup, &default_mesh_setup, sizeof(setup)); 4730 4731 if (info->attrs[NL80211_ATTR_MESH_CONFIG]) { 4732 /* and parse parameters if given */ 4733 err = nl80211_parse_mesh_config(info, &cfg, NULL); 4734 if (err) 4735 return err; 4736 } 4737 4738 if (!info->attrs[NL80211_ATTR_MESH_ID] || 4739 !nla_len(info->attrs[NL80211_ATTR_MESH_ID])) 4740 return -EINVAL; 4741 4742 setup.mesh_id = nla_data(info->attrs[NL80211_ATTR_MESH_ID]); 4743 setup.mesh_id_len = nla_len(info->attrs[NL80211_ATTR_MESH_ID]); 4744 4745 if (info->attrs[NL80211_ATTR_MESH_SETUP]) { 4746 /* parse additional setup parameters if given */ 4747 err = nl80211_parse_mesh_setup(info, &setup); 4748 if (err) 4749 return err; 4750 } 4751 4752 return cfg80211_join_mesh(rdev, dev, &setup, &cfg); 4753 } 4754 4755 static int nl80211_leave_mesh(struct sk_buff *skb, struct genl_info *info) 4756 { 4757 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4758 struct net_device *dev = info->user_ptr[1]; 4759 4760 return cfg80211_leave_mesh(rdev, dev); 4761 } 4762 4763 #define NL80211_FLAG_NEED_WIPHY 0x01 4764 #define NL80211_FLAG_NEED_NETDEV 0x02 4765 #define NL80211_FLAG_NEED_RTNL 0x04 4766 #define NL80211_FLAG_CHECK_NETDEV_UP 0x08 4767 #define NL80211_FLAG_NEED_NETDEV_UP (NL80211_FLAG_NEED_NETDEV |\ 4768 NL80211_FLAG_CHECK_NETDEV_UP) 4769 4770 static int nl80211_pre_doit(struct genl_ops *ops, struct sk_buff *skb, 4771 struct genl_info *info) 4772 { 4773 struct cfg80211_registered_device *rdev; 4774 struct net_device *dev; 4775 int err; 4776 bool rtnl = ops->internal_flags & NL80211_FLAG_NEED_RTNL; 4777 4778 if (rtnl) 4779 rtnl_lock(); 4780 4781 if (ops->internal_flags & NL80211_FLAG_NEED_WIPHY) { 4782 rdev = cfg80211_get_dev_from_info(info); 4783 if (IS_ERR(rdev)) { 4784 if (rtnl) 4785 rtnl_unlock(); 4786 return PTR_ERR(rdev); 4787 } 4788 info->user_ptr[0] = rdev; 4789 } else if (ops->internal_flags & NL80211_FLAG_NEED_NETDEV) { 4790 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 4791 if (err) { 4792 if (rtnl) 4793 rtnl_unlock(); 4794 return err; 4795 } 4796 if (ops->internal_flags & NL80211_FLAG_CHECK_NETDEV_UP && 4797 !netif_running(dev)) { 4798 cfg80211_unlock_rdev(rdev); 4799 dev_put(dev); 4800 if (rtnl) 4801 rtnl_unlock(); 4802 return -ENETDOWN; 4803 } 4804 info->user_ptr[0] = rdev; 4805 info->user_ptr[1] = dev; 4806 } 4807 4808 return 0; 4809 } 4810 4811 static void nl80211_post_doit(struct genl_ops *ops, struct sk_buff *skb, 4812 struct genl_info *info) 4813 { 4814 if (info->user_ptr[0]) 4815 cfg80211_unlock_rdev(info->user_ptr[0]); 4816 if (info->user_ptr[1]) 4817 dev_put(info->user_ptr[1]); 4818 if (ops->internal_flags & NL80211_FLAG_NEED_RTNL) 4819 rtnl_unlock(); 4820 } 4821 4822 static struct genl_ops nl80211_ops[] = { 4823 { 4824 .cmd = NL80211_CMD_GET_WIPHY, 4825 .doit = nl80211_get_wiphy, 4826 .dumpit = nl80211_dump_wiphy, 4827 .policy = nl80211_policy, 4828 /* can be retrieved by unprivileged users */ 4829 .internal_flags = NL80211_FLAG_NEED_WIPHY, 4830 }, 4831 { 4832 .cmd = NL80211_CMD_SET_WIPHY, 4833 .doit = nl80211_set_wiphy, 4834 .policy = nl80211_policy, 4835 .flags = GENL_ADMIN_PERM, 4836 .internal_flags = NL80211_FLAG_NEED_RTNL, 4837 }, 4838 { 4839 .cmd = NL80211_CMD_GET_INTERFACE, 4840 .doit = nl80211_get_interface, 4841 .dumpit = nl80211_dump_interface, 4842 .policy = nl80211_policy, 4843 /* can be retrieved by unprivileged users */ 4844 .internal_flags = NL80211_FLAG_NEED_NETDEV, 4845 }, 4846 { 4847 .cmd = NL80211_CMD_SET_INTERFACE, 4848 .doit = nl80211_set_interface, 4849 .policy = nl80211_policy, 4850 .flags = GENL_ADMIN_PERM, 4851 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4852 NL80211_FLAG_NEED_RTNL, 4853 }, 4854 { 4855 .cmd = NL80211_CMD_NEW_INTERFACE, 4856 .doit = nl80211_new_interface, 4857 .policy = nl80211_policy, 4858 .flags = GENL_ADMIN_PERM, 4859 .internal_flags = NL80211_FLAG_NEED_WIPHY | 4860 NL80211_FLAG_NEED_RTNL, 4861 }, 4862 { 4863 .cmd = NL80211_CMD_DEL_INTERFACE, 4864 .doit = nl80211_del_interface, 4865 .policy = nl80211_policy, 4866 .flags = GENL_ADMIN_PERM, 4867 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4868 NL80211_FLAG_NEED_RTNL, 4869 }, 4870 { 4871 .cmd = NL80211_CMD_GET_KEY, 4872 .doit = nl80211_get_key, 4873 .policy = nl80211_policy, 4874 .flags = GENL_ADMIN_PERM, 4875 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4876 NL80211_FLAG_NEED_RTNL, 4877 }, 4878 { 4879 .cmd = NL80211_CMD_SET_KEY, 4880 .doit = nl80211_set_key, 4881 .policy = nl80211_policy, 4882 .flags = GENL_ADMIN_PERM, 4883 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4884 NL80211_FLAG_NEED_RTNL, 4885 }, 4886 { 4887 .cmd = NL80211_CMD_NEW_KEY, 4888 .doit = nl80211_new_key, 4889 .policy = nl80211_policy, 4890 .flags = GENL_ADMIN_PERM, 4891 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4892 NL80211_FLAG_NEED_RTNL, 4893 }, 4894 { 4895 .cmd = NL80211_CMD_DEL_KEY, 4896 .doit = nl80211_del_key, 4897 .policy = nl80211_policy, 4898 .flags = GENL_ADMIN_PERM, 4899 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4900 NL80211_FLAG_NEED_RTNL, 4901 }, 4902 { 4903 .cmd = NL80211_CMD_SET_BEACON, 4904 .policy = nl80211_policy, 4905 .flags = GENL_ADMIN_PERM, 4906 .doit = nl80211_addset_beacon, 4907 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4908 NL80211_FLAG_NEED_RTNL, 4909 }, 4910 { 4911 .cmd = NL80211_CMD_NEW_BEACON, 4912 .policy = nl80211_policy, 4913 .flags = GENL_ADMIN_PERM, 4914 .doit = nl80211_addset_beacon, 4915 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4916 NL80211_FLAG_NEED_RTNL, 4917 }, 4918 { 4919 .cmd = NL80211_CMD_DEL_BEACON, 4920 .policy = nl80211_policy, 4921 .flags = GENL_ADMIN_PERM, 4922 .doit = nl80211_del_beacon, 4923 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4924 NL80211_FLAG_NEED_RTNL, 4925 }, 4926 { 4927 .cmd = NL80211_CMD_GET_STATION, 4928 .doit = nl80211_get_station, 4929 .dumpit = nl80211_dump_station, 4930 .policy = nl80211_policy, 4931 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4932 NL80211_FLAG_NEED_RTNL, 4933 }, 4934 { 4935 .cmd = NL80211_CMD_SET_STATION, 4936 .doit = nl80211_set_station, 4937 .policy = nl80211_policy, 4938 .flags = GENL_ADMIN_PERM, 4939 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4940 NL80211_FLAG_NEED_RTNL, 4941 }, 4942 { 4943 .cmd = NL80211_CMD_NEW_STATION, 4944 .doit = nl80211_new_station, 4945 .policy = nl80211_policy, 4946 .flags = GENL_ADMIN_PERM, 4947 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4948 NL80211_FLAG_NEED_RTNL, 4949 }, 4950 { 4951 .cmd = NL80211_CMD_DEL_STATION, 4952 .doit = nl80211_del_station, 4953 .policy = nl80211_policy, 4954 .flags = GENL_ADMIN_PERM, 4955 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4956 NL80211_FLAG_NEED_RTNL, 4957 }, 4958 { 4959 .cmd = NL80211_CMD_GET_MPATH, 4960 .doit = nl80211_get_mpath, 4961 .dumpit = nl80211_dump_mpath, 4962 .policy = nl80211_policy, 4963 .flags = GENL_ADMIN_PERM, 4964 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4965 NL80211_FLAG_NEED_RTNL, 4966 }, 4967 { 4968 .cmd = NL80211_CMD_SET_MPATH, 4969 .doit = nl80211_set_mpath, 4970 .policy = nl80211_policy, 4971 .flags = GENL_ADMIN_PERM, 4972 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4973 NL80211_FLAG_NEED_RTNL, 4974 }, 4975 { 4976 .cmd = NL80211_CMD_NEW_MPATH, 4977 .doit = nl80211_new_mpath, 4978 .policy = nl80211_policy, 4979 .flags = GENL_ADMIN_PERM, 4980 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 4981 NL80211_FLAG_NEED_RTNL, 4982 }, 4983 { 4984 .cmd = NL80211_CMD_DEL_MPATH, 4985 .doit = nl80211_del_mpath, 4986 .policy = nl80211_policy, 4987 .flags = GENL_ADMIN_PERM, 4988 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4989 NL80211_FLAG_NEED_RTNL, 4990 }, 4991 { 4992 .cmd = NL80211_CMD_SET_BSS, 4993 .doit = nl80211_set_bss, 4994 .policy = nl80211_policy, 4995 .flags = GENL_ADMIN_PERM, 4996 .internal_flags = NL80211_FLAG_NEED_NETDEV | 4997 NL80211_FLAG_NEED_RTNL, 4998 }, 4999 { 5000 .cmd = NL80211_CMD_GET_REG, 5001 .doit = nl80211_get_reg, 5002 .policy = nl80211_policy, 5003 /* can be retrieved by unprivileged users */ 5004 }, 5005 { 5006 .cmd = NL80211_CMD_SET_REG, 5007 .doit = nl80211_set_reg, 5008 .policy = nl80211_policy, 5009 .flags = GENL_ADMIN_PERM, 5010 }, 5011 { 5012 .cmd = NL80211_CMD_REQ_SET_REG, 5013 .doit = nl80211_req_set_reg, 5014 .policy = nl80211_policy, 5015 .flags = GENL_ADMIN_PERM, 5016 }, 5017 { 5018 .cmd = NL80211_CMD_GET_MESH_CONFIG, 5019 .doit = nl80211_get_mesh_config, 5020 .policy = nl80211_policy, 5021 /* can be retrieved by unprivileged users */ 5022 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5023 NL80211_FLAG_NEED_RTNL, 5024 }, 5025 { 5026 .cmd = NL80211_CMD_SET_MESH_CONFIG, 5027 .doit = nl80211_update_mesh_config, 5028 .policy = nl80211_policy, 5029 .flags = GENL_ADMIN_PERM, 5030 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5031 NL80211_FLAG_NEED_RTNL, 5032 }, 5033 { 5034 .cmd = NL80211_CMD_TRIGGER_SCAN, 5035 .doit = nl80211_trigger_scan, 5036 .policy = nl80211_policy, 5037 .flags = GENL_ADMIN_PERM, 5038 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5039 NL80211_FLAG_NEED_RTNL, 5040 }, 5041 { 5042 .cmd = NL80211_CMD_GET_SCAN, 5043 .policy = nl80211_policy, 5044 .dumpit = nl80211_dump_scan, 5045 }, 5046 { 5047 .cmd = NL80211_CMD_AUTHENTICATE, 5048 .doit = nl80211_authenticate, 5049 .policy = nl80211_policy, 5050 .flags = GENL_ADMIN_PERM, 5051 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5052 NL80211_FLAG_NEED_RTNL, 5053 }, 5054 { 5055 .cmd = NL80211_CMD_ASSOCIATE, 5056 .doit = nl80211_associate, 5057 .policy = nl80211_policy, 5058 .flags = GENL_ADMIN_PERM, 5059 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5060 NL80211_FLAG_NEED_RTNL, 5061 }, 5062 { 5063 .cmd = NL80211_CMD_DEAUTHENTICATE, 5064 .doit = nl80211_deauthenticate, 5065 .policy = nl80211_policy, 5066 .flags = GENL_ADMIN_PERM, 5067 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5068 NL80211_FLAG_NEED_RTNL, 5069 }, 5070 { 5071 .cmd = NL80211_CMD_DISASSOCIATE, 5072 .doit = nl80211_disassociate, 5073 .policy = nl80211_policy, 5074 .flags = GENL_ADMIN_PERM, 5075 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5076 NL80211_FLAG_NEED_RTNL, 5077 }, 5078 { 5079 .cmd = NL80211_CMD_JOIN_IBSS, 5080 .doit = nl80211_join_ibss, 5081 .policy = nl80211_policy, 5082 .flags = GENL_ADMIN_PERM, 5083 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5084 NL80211_FLAG_NEED_RTNL, 5085 }, 5086 { 5087 .cmd = NL80211_CMD_LEAVE_IBSS, 5088 .doit = nl80211_leave_ibss, 5089 .policy = nl80211_policy, 5090 .flags = GENL_ADMIN_PERM, 5091 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5092 NL80211_FLAG_NEED_RTNL, 5093 }, 5094 #ifdef CONFIG_NL80211_TESTMODE 5095 { 5096 .cmd = NL80211_CMD_TESTMODE, 5097 .doit = nl80211_testmode_do, 5098 .policy = nl80211_policy, 5099 .flags = GENL_ADMIN_PERM, 5100 .internal_flags = NL80211_FLAG_NEED_WIPHY | 5101 NL80211_FLAG_NEED_RTNL, 5102 }, 5103 #endif 5104 { 5105 .cmd = NL80211_CMD_CONNECT, 5106 .doit = nl80211_connect, 5107 .policy = nl80211_policy, 5108 .flags = GENL_ADMIN_PERM, 5109 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5110 NL80211_FLAG_NEED_RTNL, 5111 }, 5112 { 5113 .cmd = NL80211_CMD_DISCONNECT, 5114 .doit = nl80211_disconnect, 5115 .policy = nl80211_policy, 5116 .flags = GENL_ADMIN_PERM, 5117 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5118 NL80211_FLAG_NEED_RTNL, 5119 }, 5120 { 5121 .cmd = NL80211_CMD_SET_WIPHY_NETNS, 5122 .doit = nl80211_wiphy_netns, 5123 .policy = nl80211_policy, 5124 .flags = GENL_ADMIN_PERM, 5125 .internal_flags = NL80211_FLAG_NEED_WIPHY | 5126 NL80211_FLAG_NEED_RTNL, 5127 }, 5128 { 5129 .cmd = NL80211_CMD_GET_SURVEY, 5130 .policy = nl80211_policy, 5131 .dumpit = nl80211_dump_survey, 5132 }, 5133 { 5134 .cmd = NL80211_CMD_SET_PMKSA, 5135 .doit = nl80211_setdel_pmksa, 5136 .policy = nl80211_policy, 5137 .flags = GENL_ADMIN_PERM, 5138 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5139 NL80211_FLAG_NEED_RTNL, 5140 }, 5141 { 5142 .cmd = NL80211_CMD_DEL_PMKSA, 5143 .doit = nl80211_setdel_pmksa, 5144 .policy = nl80211_policy, 5145 .flags = GENL_ADMIN_PERM, 5146 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5147 NL80211_FLAG_NEED_RTNL, 5148 }, 5149 { 5150 .cmd = NL80211_CMD_FLUSH_PMKSA, 5151 .doit = nl80211_flush_pmksa, 5152 .policy = nl80211_policy, 5153 .flags = GENL_ADMIN_PERM, 5154 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5155 NL80211_FLAG_NEED_RTNL, 5156 }, 5157 { 5158 .cmd = NL80211_CMD_REMAIN_ON_CHANNEL, 5159 .doit = nl80211_remain_on_channel, 5160 .policy = nl80211_policy, 5161 .flags = GENL_ADMIN_PERM, 5162 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5163 NL80211_FLAG_NEED_RTNL, 5164 }, 5165 { 5166 .cmd = NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL, 5167 .doit = nl80211_cancel_remain_on_channel, 5168 .policy = nl80211_policy, 5169 .flags = GENL_ADMIN_PERM, 5170 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5171 NL80211_FLAG_NEED_RTNL, 5172 }, 5173 { 5174 .cmd = NL80211_CMD_SET_TX_BITRATE_MASK, 5175 .doit = nl80211_set_tx_bitrate_mask, 5176 .policy = nl80211_policy, 5177 .flags = GENL_ADMIN_PERM, 5178 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5179 NL80211_FLAG_NEED_RTNL, 5180 }, 5181 { 5182 .cmd = NL80211_CMD_REGISTER_FRAME, 5183 .doit = nl80211_register_mgmt, 5184 .policy = nl80211_policy, 5185 .flags = GENL_ADMIN_PERM, 5186 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5187 NL80211_FLAG_NEED_RTNL, 5188 }, 5189 { 5190 .cmd = NL80211_CMD_FRAME, 5191 .doit = nl80211_tx_mgmt, 5192 .policy = nl80211_policy, 5193 .flags = GENL_ADMIN_PERM, 5194 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5195 NL80211_FLAG_NEED_RTNL, 5196 }, 5197 { 5198 .cmd = NL80211_CMD_FRAME_WAIT_CANCEL, 5199 .doit = nl80211_tx_mgmt_cancel_wait, 5200 .policy = nl80211_policy, 5201 .flags = GENL_ADMIN_PERM, 5202 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5203 NL80211_FLAG_NEED_RTNL, 5204 }, 5205 { 5206 .cmd = NL80211_CMD_SET_POWER_SAVE, 5207 .doit = nl80211_set_power_save, 5208 .policy = nl80211_policy, 5209 .flags = GENL_ADMIN_PERM, 5210 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5211 NL80211_FLAG_NEED_RTNL, 5212 }, 5213 { 5214 .cmd = NL80211_CMD_GET_POWER_SAVE, 5215 .doit = nl80211_get_power_save, 5216 .policy = nl80211_policy, 5217 /* can be retrieved by unprivileged users */ 5218 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5219 NL80211_FLAG_NEED_RTNL, 5220 }, 5221 { 5222 .cmd = NL80211_CMD_SET_CQM, 5223 .doit = nl80211_set_cqm, 5224 .policy = nl80211_policy, 5225 .flags = GENL_ADMIN_PERM, 5226 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5227 NL80211_FLAG_NEED_RTNL, 5228 }, 5229 { 5230 .cmd = NL80211_CMD_SET_CHANNEL, 5231 .doit = nl80211_set_channel, 5232 .policy = nl80211_policy, 5233 .flags = GENL_ADMIN_PERM, 5234 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5235 NL80211_FLAG_NEED_RTNL, 5236 }, 5237 { 5238 .cmd = NL80211_CMD_SET_WDS_PEER, 5239 .doit = nl80211_set_wds_peer, 5240 .policy = nl80211_policy, 5241 .flags = GENL_ADMIN_PERM, 5242 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5243 NL80211_FLAG_NEED_RTNL, 5244 }, 5245 { 5246 .cmd = NL80211_CMD_JOIN_MESH, 5247 .doit = nl80211_join_mesh, 5248 .policy = nl80211_policy, 5249 .flags = GENL_ADMIN_PERM, 5250 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5251 NL80211_FLAG_NEED_RTNL, 5252 }, 5253 { 5254 .cmd = NL80211_CMD_LEAVE_MESH, 5255 .doit = nl80211_leave_mesh, 5256 .policy = nl80211_policy, 5257 .flags = GENL_ADMIN_PERM, 5258 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5259 NL80211_FLAG_NEED_RTNL, 5260 }, 5261 }; 5262 5263 static struct genl_multicast_group nl80211_mlme_mcgrp = { 5264 .name = "mlme", 5265 }; 5266 5267 /* multicast groups */ 5268 static struct genl_multicast_group nl80211_config_mcgrp = { 5269 .name = "config", 5270 }; 5271 static struct genl_multicast_group nl80211_scan_mcgrp = { 5272 .name = "scan", 5273 }; 5274 static struct genl_multicast_group nl80211_regulatory_mcgrp = { 5275 .name = "regulatory", 5276 }; 5277 5278 /* notification functions */ 5279 5280 void nl80211_notify_dev_rename(struct cfg80211_registered_device *rdev) 5281 { 5282 struct sk_buff *msg; 5283 5284 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5285 if (!msg) 5286 return; 5287 5288 if (nl80211_send_wiphy(msg, 0, 0, 0, rdev) < 0) { 5289 nlmsg_free(msg); 5290 return; 5291 } 5292 5293 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5294 nl80211_config_mcgrp.id, GFP_KERNEL); 5295 } 5296 5297 static int nl80211_add_scan_req(struct sk_buff *msg, 5298 struct cfg80211_registered_device *rdev) 5299 { 5300 struct cfg80211_scan_request *req = rdev->scan_req; 5301 struct nlattr *nest; 5302 int i; 5303 5304 ASSERT_RDEV_LOCK(rdev); 5305 5306 if (WARN_ON(!req)) 5307 return 0; 5308 5309 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_SSIDS); 5310 if (!nest) 5311 goto nla_put_failure; 5312 for (i = 0; i < req->n_ssids; i++) 5313 NLA_PUT(msg, i, req->ssids[i].ssid_len, req->ssids[i].ssid); 5314 nla_nest_end(msg, nest); 5315 5316 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_FREQUENCIES); 5317 if (!nest) 5318 goto nla_put_failure; 5319 for (i = 0; i < req->n_channels; i++) 5320 NLA_PUT_U32(msg, i, req->channels[i]->center_freq); 5321 nla_nest_end(msg, nest); 5322 5323 if (req->ie) 5324 NLA_PUT(msg, NL80211_ATTR_IE, req->ie_len, req->ie); 5325 5326 return 0; 5327 nla_put_failure: 5328 return -ENOBUFS; 5329 } 5330 5331 static int nl80211_send_scan_msg(struct sk_buff *msg, 5332 struct cfg80211_registered_device *rdev, 5333 struct net_device *netdev, 5334 u32 pid, u32 seq, int flags, 5335 u32 cmd) 5336 { 5337 void *hdr; 5338 5339 hdr = nl80211hdr_put(msg, pid, seq, flags, cmd); 5340 if (!hdr) 5341 return -1; 5342 5343 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5344 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5345 5346 /* ignore errors and send incomplete event anyway */ 5347 nl80211_add_scan_req(msg, rdev); 5348 5349 return genlmsg_end(msg, hdr); 5350 5351 nla_put_failure: 5352 genlmsg_cancel(msg, hdr); 5353 return -EMSGSIZE; 5354 } 5355 5356 void nl80211_send_scan_start(struct cfg80211_registered_device *rdev, 5357 struct net_device *netdev) 5358 { 5359 struct sk_buff *msg; 5360 5361 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL); 5362 if (!msg) 5363 return; 5364 5365 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0, 5366 NL80211_CMD_TRIGGER_SCAN) < 0) { 5367 nlmsg_free(msg); 5368 return; 5369 } 5370 5371 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5372 nl80211_scan_mcgrp.id, GFP_KERNEL); 5373 } 5374 5375 void nl80211_send_scan_done(struct cfg80211_registered_device *rdev, 5376 struct net_device *netdev) 5377 { 5378 struct sk_buff *msg; 5379 5380 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5381 if (!msg) 5382 return; 5383 5384 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0, 5385 NL80211_CMD_NEW_SCAN_RESULTS) < 0) { 5386 nlmsg_free(msg); 5387 return; 5388 } 5389 5390 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5391 nl80211_scan_mcgrp.id, GFP_KERNEL); 5392 } 5393 5394 void nl80211_send_scan_aborted(struct cfg80211_registered_device *rdev, 5395 struct net_device *netdev) 5396 { 5397 struct sk_buff *msg; 5398 5399 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5400 if (!msg) 5401 return; 5402 5403 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0, 5404 NL80211_CMD_SCAN_ABORTED) < 0) { 5405 nlmsg_free(msg); 5406 return; 5407 } 5408 5409 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5410 nl80211_scan_mcgrp.id, GFP_KERNEL); 5411 } 5412 5413 /* 5414 * This can happen on global regulatory changes or device specific settings 5415 * based on custom world regulatory domains. 5416 */ 5417 void nl80211_send_reg_change_event(struct regulatory_request *request) 5418 { 5419 struct sk_buff *msg; 5420 void *hdr; 5421 5422 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5423 if (!msg) 5424 return; 5425 5426 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_CHANGE); 5427 if (!hdr) { 5428 nlmsg_free(msg); 5429 return; 5430 } 5431 5432 /* Userspace can always count this one always being set */ 5433 NLA_PUT_U8(msg, NL80211_ATTR_REG_INITIATOR, request->initiator); 5434 5435 if (request->alpha2[0] == '0' && request->alpha2[1] == '0') 5436 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 5437 NL80211_REGDOM_TYPE_WORLD); 5438 else if (request->alpha2[0] == '9' && request->alpha2[1] == '9') 5439 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 5440 NL80211_REGDOM_TYPE_CUSTOM_WORLD); 5441 else if ((request->alpha2[0] == '9' && request->alpha2[1] == '8') || 5442 request->intersect) 5443 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 5444 NL80211_REGDOM_TYPE_INTERSECTION); 5445 else { 5446 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 5447 NL80211_REGDOM_TYPE_COUNTRY); 5448 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, request->alpha2); 5449 } 5450 5451 if (wiphy_idx_valid(request->wiphy_idx)) 5452 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, request->wiphy_idx); 5453 5454 if (genlmsg_end(msg, hdr) < 0) { 5455 nlmsg_free(msg); 5456 return; 5457 } 5458 5459 rcu_read_lock(); 5460 genlmsg_multicast_allns(msg, 0, nl80211_regulatory_mcgrp.id, 5461 GFP_ATOMIC); 5462 rcu_read_unlock(); 5463 5464 return; 5465 5466 nla_put_failure: 5467 genlmsg_cancel(msg, hdr); 5468 nlmsg_free(msg); 5469 } 5470 5471 static void nl80211_send_mlme_event(struct cfg80211_registered_device *rdev, 5472 struct net_device *netdev, 5473 const u8 *buf, size_t len, 5474 enum nl80211_commands cmd, gfp_t gfp) 5475 { 5476 struct sk_buff *msg; 5477 void *hdr; 5478 5479 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 5480 if (!msg) 5481 return; 5482 5483 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 5484 if (!hdr) { 5485 nlmsg_free(msg); 5486 return; 5487 } 5488 5489 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5490 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5491 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf); 5492 5493 if (genlmsg_end(msg, hdr) < 0) { 5494 nlmsg_free(msg); 5495 return; 5496 } 5497 5498 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5499 nl80211_mlme_mcgrp.id, gfp); 5500 return; 5501 5502 nla_put_failure: 5503 genlmsg_cancel(msg, hdr); 5504 nlmsg_free(msg); 5505 } 5506 5507 void nl80211_send_rx_auth(struct cfg80211_registered_device *rdev, 5508 struct net_device *netdev, const u8 *buf, 5509 size_t len, gfp_t gfp) 5510 { 5511 nl80211_send_mlme_event(rdev, netdev, buf, len, 5512 NL80211_CMD_AUTHENTICATE, gfp); 5513 } 5514 5515 void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev, 5516 struct net_device *netdev, const u8 *buf, 5517 size_t len, gfp_t gfp) 5518 { 5519 nl80211_send_mlme_event(rdev, netdev, buf, len, 5520 NL80211_CMD_ASSOCIATE, gfp); 5521 } 5522 5523 void nl80211_send_deauth(struct cfg80211_registered_device *rdev, 5524 struct net_device *netdev, const u8 *buf, 5525 size_t len, gfp_t gfp) 5526 { 5527 nl80211_send_mlme_event(rdev, netdev, buf, len, 5528 NL80211_CMD_DEAUTHENTICATE, gfp); 5529 } 5530 5531 void nl80211_send_disassoc(struct cfg80211_registered_device *rdev, 5532 struct net_device *netdev, const u8 *buf, 5533 size_t len, gfp_t gfp) 5534 { 5535 nl80211_send_mlme_event(rdev, netdev, buf, len, 5536 NL80211_CMD_DISASSOCIATE, gfp); 5537 } 5538 5539 void nl80211_send_unprot_deauth(struct cfg80211_registered_device *rdev, 5540 struct net_device *netdev, const u8 *buf, 5541 size_t len, gfp_t gfp) 5542 { 5543 nl80211_send_mlme_event(rdev, netdev, buf, len, 5544 NL80211_CMD_UNPROT_DEAUTHENTICATE, gfp); 5545 } 5546 5547 void nl80211_send_unprot_disassoc(struct cfg80211_registered_device *rdev, 5548 struct net_device *netdev, const u8 *buf, 5549 size_t len, gfp_t gfp) 5550 { 5551 nl80211_send_mlme_event(rdev, netdev, buf, len, 5552 NL80211_CMD_UNPROT_DISASSOCIATE, gfp); 5553 } 5554 5555 static void nl80211_send_mlme_timeout(struct cfg80211_registered_device *rdev, 5556 struct net_device *netdev, int cmd, 5557 const u8 *addr, gfp_t gfp) 5558 { 5559 struct sk_buff *msg; 5560 void *hdr; 5561 5562 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 5563 if (!msg) 5564 return; 5565 5566 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 5567 if (!hdr) { 5568 nlmsg_free(msg); 5569 return; 5570 } 5571 5572 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5573 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5574 NLA_PUT_FLAG(msg, NL80211_ATTR_TIMED_OUT); 5575 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); 5576 5577 if (genlmsg_end(msg, hdr) < 0) { 5578 nlmsg_free(msg); 5579 return; 5580 } 5581 5582 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5583 nl80211_mlme_mcgrp.id, gfp); 5584 return; 5585 5586 nla_put_failure: 5587 genlmsg_cancel(msg, hdr); 5588 nlmsg_free(msg); 5589 } 5590 5591 void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev, 5592 struct net_device *netdev, const u8 *addr, 5593 gfp_t gfp) 5594 { 5595 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_AUTHENTICATE, 5596 addr, gfp); 5597 } 5598 5599 void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev, 5600 struct net_device *netdev, const u8 *addr, 5601 gfp_t gfp) 5602 { 5603 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_ASSOCIATE, 5604 addr, gfp); 5605 } 5606 5607 void nl80211_send_connect_result(struct cfg80211_registered_device *rdev, 5608 struct net_device *netdev, const u8 *bssid, 5609 const u8 *req_ie, size_t req_ie_len, 5610 const u8 *resp_ie, size_t resp_ie_len, 5611 u16 status, gfp_t gfp) 5612 { 5613 struct sk_buff *msg; 5614 void *hdr; 5615 5616 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 5617 if (!msg) 5618 return; 5619 5620 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONNECT); 5621 if (!hdr) { 5622 nlmsg_free(msg); 5623 return; 5624 } 5625 5626 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5627 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5628 if (bssid) 5629 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 5630 NLA_PUT_U16(msg, NL80211_ATTR_STATUS_CODE, status); 5631 if (req_ie) 5632 NLA_PUT(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie); 5633 if (resp_ie) 5634 NLA_PUT(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie); 5635 5636 if (genlmsg_end(msg, hdr) < 0) { 5637 nlmsg_free(msg); 5638 return; 5639 } 5640 5641 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5642 nl80211_mlme_mcgrp.id, gfp); 5643 return; 5644 5645 nla_put_failure: 5646 genlmsg_cancel(msg, hdr); 5647 nlmsg_free(msg); 5648 5649 } 5650 5651 void nl80211_send_roamed(struct cfg80211_registered_device *rdev, 5652 struct net_device *netdev, const u8 *bssid, 5653 const u8 *req_ie, size_t req_ie_len, 5654 const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp) 5655 { 5656 struct sk_buff *msg; 5657 void *hdr; 5658 5659 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 5660 if (!msg) 5661 return; 5662 5663 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_ROAM); 5664 if (!hdr) { 5665 nlmsg_free(msg); 5666 return; 5667 } 5668 5669 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5670 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5671 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 5672 if (req_ie) 5673 NLA_PUT(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie); 5674 if (resp_ie) 5675 NLA_PUT(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie); 5676 5677 if (genlmsg_end(msg, hdr) < 0) { 5678 nlmsg_free(msg); 5679 return; 5680 } 5681 5682 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5683 nl80211_mlme_mcgrp.id, gfp); 5684 return; 5685 5686 nla_put_failure: 5687 genlmsg_cancel(msg, hdr); 5688 nlmsg_free(msg); 5689 5690 } 5691 5692 void nl80211_send_disconnected(struct cfg80211_registered_device *rdev, 5693 struct net_device *netdev, u16 reason, 5694 const u8 *ie, size_t ie_len, bool from_ap) 5695 { 5696 struct sk_buff *msg; 5697 void *hdr; 5698 5699 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL); 5700 if (!msg) 5701 return; 5702 5703 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DISCONNECT); 5704 if (!hdr) { 5705 nlmsg_free(msg); 5706 return; 5707 } 5708 5709 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5710 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5711 if (from_ap && reason) 5712 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason); 5713 if (from_ap) 5714 NLA_PUT_FLAG(msg, NL80211_ATTR_DISCONNECTED_BY_AP); 5715 if (ie) 5716 NLA_PUT(msg, NL80211_ATTR_IE, ie_len, ie); 5717 5718 if (genlmsg_end(msg, hdr) < 0) { 5719 nlmsg_free(msg); 5720 return; 5721 } 5722 5723 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5724 nl80211_mlme_mcgrp.id, GFP_KERNEL); 5725 return; 5726 5727 nla_put_failure: 5728 genlmsg_cancel(msg, hdr); 5729 nlmsg_free(msg); 5730 5731 } 5732 5733 void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev, 5734 struct net_device *netdev, const u8 *bssid, 5735 gfp_t gfp) 5736 { 5737 struct sk_buff *msg; 5738 void *hdr; 5739 5740 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 5741 if (!msg) 5742 return; 5743 5744 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_JOIN_IBSS); 5745 if (!hdr) { 5746 nlmsg_free(msg); 5747 return; 5748 } 5749 5750 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5751 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5752 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 5753 5754 if (genlmsg_end(msg, hdr) < 0) { 5755 nlmsg_free(msg); 5756 return; 5757 } 5758 5759 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5760 nl80211_mlme_mcgrp.id, gfp); 5761 return; 5762 5763 nla_put_failure: 5764 genlmsg_cancel(msg, hdr); 5765 nlmsg_free(msg); 5766 } 5767 5768 void nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev, 5769 struct net_device *netdev, const u8 *addr, 5770 enum nl80211_key_type key_type, int key_id, 5771 const u8 *tsc, gfp_t gfp) 5772 { 5773 struct sk_buff *msg; 5774 void *hdr; 5775 5776 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 5777 if (!msg) 5778 return; 5779 5780 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_MICHAEL_MIC_FAILURE); 5781 if (!hdr) { 5782 nlmsg_free(msg); 5783 return; 5784 } 5785 5786 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5787 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5788 if (addr) 5789 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); 5790 NLA_PUT_U32(msg, NL80211_ATTR_KEY_TYPE, key_type); 5791 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_id); 5792 if (tsc) 5793 NLA_PUT(msg, NL80211_ATTR_KEY_SEQ, 6, tsc); 5794 5795 if (genlmsg_end(msg, hdr) < 0) { 5796 nlmsg_free(msg); 5797 return; 5798 } 5799 5800 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5801 nl80211_mlme_mcgrp.id, gfp); 5802 return; 5803 5804 nla_put_failure: 5805 genlmsg_cancel(msg, hdr); 5806 nlmsg_free(msg); 5807 } 5808 5809 void nl80211_send_beacon_hint_event(struct wiphy *wiphy, 5810 struct ieee80211_channel *channel_before, 5811 struct ieee80211_channel *channel_after) 5812 { 5813 struct sk_buff *msg; 5814 void *hdr; 5815 struct nlattr *nl_freq; 5816 5817 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC); 5818 if (!msg) 5819 return; 5820 5821 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_BEACON_HINT); 5822 if (!hdr) { 5823 nlmsg_free(msg); 5824 return; 5825 } 5826 5827 /* 5828 * Since we are applying the beacon hint to a wiphy we know its 5829 * wiphy_idx is valid 5830 */ 5831 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy)); 5832 5833 /* Before */ 5834 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_BEFORE); 5835 if (!nl_freq) 5836 goto nla_put_failure; 5837 if (nl80211_msg_put_channel(msg, channel_before)) 5838 goto nla_put_failure; 5839 nla_nest_end(msg, nl_freq); 5840 5841 /* After */ 5842 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_AFTER); 5843 if (!nl_freq) 5844 goto nla_put_failure; 5845 if (nl80211_msg_put_channel(msg, channel_after)) 5846 goto nla_put_failure; 5847 nla_nest_end(msg, nl_freq); 5848 5849 if (genlmsg_end(msg, hdr) < 0) { 5850 nlmsg_free(msg); 5851 return; 5852 } 5853 5854 rcu_read_lock(); 5855 genlmsg_multicast_allns(msg, 0, nl80211_regulatory_mcgrp.id, 5856 GFP_ATOMIC); 5857 rcu_read_unlock(); 5858 5859 return; 5860 5861 nla_put_failure: 5862 genlmsg_cancel(msg, hdr); 5863 nlmsg_free(msg); 5864 } 5865 5866 static void nl80211_send_remain_on_chan_event( 5867 int cmd, struct cfg80211_registered_device *rdev, 5868 struct net_device *netdev, u64 cookie, 5869 struct ieee80211_channel *chan, 5870 enum nl80211_channel_type channel_type, 5871 unsigned int duration, gfp_t gfp) 5872 { 5873 struct sk_buff *msg; 5874 void *hdr; 5875 5876 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 5877 if (!msg) 5878 return; 5879 5880 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 5881 if (!hdr) { 5882 nlmsg_free(msg); 5883 return; 5884 } 5885 5886 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5887 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5888 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, chan->center_freq); 5889 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, channel_type); 5890 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 5891 5892 if (cmd == NL80211_CMD_REMAIN_ON_CHANNEL) 5893 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, duration); 5894 5895 if (genlmsg_end(msg, hdr) < 0) { 5896 nlmsg_free(msg); 5897 return; 5898 } 5899 5900 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5901 nl80211_mlme_mcgrp.id, gfp); 5902 return; 5903 5904 nla_put_failure: 5905 genlmsg_cancel(msg, hdr); 5906 nlmsg_free(msg); 5907 } 5908 5909 void nl80211_send_remain_on_channel(struct cfg80211_registered_device *rdev, 5910 struct net_device *netdev, u64 cookie, 5911 struct ieee80211_channel *chan, 5912 enum nl80211_channel_type channel_type, 5913 unsigned int duration, gfp_t gfp) 5914 { 5915 nl80211_send_remain_on_chan_event(NL80211_CMD_REMAIN_ON_CHANNEL, 5916 rdev, netdev, cookie, chan, 5917 channel_type, duration, gfp); 5918 } 5919 5920 void nl80211_send_remain_on_channel_cancel( 5921 struct cfg80211_registered_device *rdev, struct net_device *netdev, 5922 u64 cookie, struct ieee80211_channel *chan, 5923 enum nl80211_channel_type channel_type, gfp_t gfp) 5924 { 5925 nl80211_send_remain_on_chan_event(NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL, 5926 rdev, netdev, cookie, chan, 5927 channel_type, 0, gfp); 5928 } 5929 5930 void nl80211_send_sta_event(struct cfg80211_registered_device *rdev, 5931 struct net_device *dev, const u8 *mac_addr, 5932 struct station_info *sinfo, gfp_t gfp) 5933 { 5934 struct sk_buff *msg; 5935 5936 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 5937 if (!msg) 5938 return; 5939 5940 if (nl80211_send_station(msg, 0, 0, 0, dev, mac_addr, sinfo) < 0) { 5941 nlmsg_free(msg); 5942 return; 5943 } 5944 5945 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 5946 nl80211_mlme_mcgrp.id, gfp); 5947 } 5948 5949 int nl80211_send_mgmt(struct cfg80211_registered_device *rdev, 5950 struct net_device *netdev, u32 nlpid, 5951 int freq, const u8 *buf, size_t len, gfp_t gfp) 5952 { 5953 struct sk_buff *msg; 5954 void *hdr; 5955 int err; 5956 5957 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 5958 if (!msg) 5959 return -ENOMEM; 5960 5961 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME); 5962 if (!hdr) { 5963 nlmsg_free(msg); 5964 return -ENOMEM; 5965 } 5966 5967 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 5968 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 5969 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq); 5970 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf); 5971 5972 err = genlmsg_end(msg, hdr); 5973 if (err < 0) { 5974 nlmsg_free(msg); 5975 return err; 5976 } 5977 5978 err = genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlpid); 5979 if (err < 0) 5980 return err; 5981 return 0; 5982 5983 nla_put_failure: 5984 genlmsg_cancel(msg, hdr); 5985 nlmsg_free(msg); 5986 return -ENOBUFS; 5987 } 5988 5989 void nl80211_send_mgmt_tx_status(struct cfg80211_registered_device *rdev, 5990 struct net_device *netdev, u64 cookie, 5991 const u8 *buf, size_t len, bool ack, 5992 gfp_t gfp) 5993 { 5994 struct sk_buff *msg; 5995 void *hdr; 5996 5997 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 5998 if (!msg) 5999 return; 6000 6001 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME_TX_STATUS); 6002 if (!hdr) { 6003 nlmsg_free(msg); 6004 return; 6005 } 6006 6007 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6008 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6009 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf); 6010 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 6011 if (ack) 6012 NLA_PUT_FLAG(msg, NL80211_ATTR_ACK); 6013 6014 if (genlmsg_end(msg, hdr) < 0) { 6015 nlmsg_free(msg); 6016 return; 6017 } 6018 6019 genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, gfp); 6020 return; 6021 6022 nla_put_failure: 6023 genlmsg_cancel(msg, hdr); 6024 nlmsg_free(msg); 6025 } 6026 6027 void 6028 nl80211_send_cqm_rssi_notify(struct cfg80211_registered_device *rdev, 6029 struct net_device *netdev, 6030 enum nl80211_cqm_rssi_threshold_event rssi_event, 6031 gfp_t gfp) 6032 { 6033 struct sk_buff *msg; 6034 struct nlattr *pinfoattr; 6035 void *hdr; 6036 6037 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 6038 if (!msg) 6039 return; 6040 6041 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM); 6042 if (!hdr) { 6043 nlmsg_free(msg); 6044 return; 6045 } 6046 6047 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6048 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6049 6050 pinfoattr = nla_nest_start(msg, NL80211_ATTR_CQM); 6051 if (!pinfoattr) 6052 goto nla_put_failure; 6053 6054 NLA_PUT_U32(msg, NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT, 6055 rssi_event); 6056 6057 nla_nest_end(msg, pinfoattr); 6058 6059 if (genlmsg_end(msg, hdr) < 0) { 6060 nlmsg_free(msg); 6061 return; 6062 } 6063 6064 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6065 nl80211_mlme_mcgrp.id, gfp); 6066 return; 6067 6068 nla_put_failure: 6069 genlmsg_cancel(msg, hdr); 6070 nlmsg_free(msg); 6071 } 6072 6073 void 6074 nl80211_send_cqm_pktloss_notify(struct cfg80211_registered_device *rdev, 6075 struct net_device *netdev, const u8 *peer, 6076 u32 num_packets, gfp_t gfp) 6077 { 6078 struct sk_buff *msg; 6079 struct nlattr *pinfoattr; 6080 void *hdr; 6081 6082 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 6083 if (!msg) 6084 return; 6085 6086 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM); 6087 if (!hdr) { 6088 nlmsg_free(msg); 6089 return; 6090 } 6091 6092 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6093 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6094 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, peer); 6095 6096 pinfoattr = nla_nest_start(msg, NL80211_ATTR_CQM); 6097 if (!pinfoattr) 6098 goto nla_put_failure; 6099 6100 NLA_PUT_U32(msg, NL80211_ATTR_CQM_PKT_LOSS_EVENT, num_packets); 6101 6102 nla_nest_end(msg, pinfoattr); 6103 6104 if (genlmsg_end(msg, hdr) < 0) { 6105 nlmsg_free(msg); 6106 return; 6107 } 6108 6109 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6110 nl80211_mlme_mcgrp.id, gfp); 6111 return; 6112 6113 nla_put_failure: 6114 genlmsg_cancel(msg, hdr); 6115 nlmsg_free(msg); 6116 } 6117 6118 static int nl80211_netlink_notify(struct notifier_block * nb, 6119 unsigned long state, 6120 void *_notify) 6121 { 6122 struct netlink_notify *notify = _notify; 6123 struct cfg80211_registered_device *rdev; 6124 struct wireless_dev *wdev; 6125 6126 if (state != NETLINK_URELEASE) 6127 return NOTIFY_DONE; 6128 6129 rcu_read_lock(); 6130 6131 list_for_each_entry_rcu(rdev, &cfg80211_rdev_list, list) 6132 list_for_each_entry_rcu(wdev, &rdev->netdev_list, list) 6133 cfg80211_mlme_unregister_socket(wdev, notify->pid); 6134 6135 rcu_read_unlock(); 6136 6137 return NOTIFY_DONE; 6138 } 6139 6140 static struct notifier_block nl80211_netlink_notifier = { 6141 .notifier_call = nl80211_netlink_notify, 6142 }; 6143 6144 /* initialisation/exit functions */ 6145 6146 int nl80211_init(void) 6147 { 6148 int err; 6149 6150 err = genl_register_family_with_ops(&nl80211_fam, 6151 nl80211_ops, ARRAY_SIZE(nl80211_ops)); 6152 if (err) 6153 return err; 6154 6155 err = genl_register_mc_group(&nl80211_fam, &nl80211_config_mcgrp); 6156 if (err) 6157 goto err_out; 6158 6159 err = genl_register_mc_group(&nl80211_fam, &nl80211_scan_mcgrp); 6160 if (err) 6161 goto err_out; 6162 6163 err = genl_register_mc_group(&nl80211_fam, &nl80211_regulatory_mcgrp); 6164 if (err) 6165 goto err_out; 6166 6167 err = genl_register_mc_group(&nl80211_fam, &nl80211_mlme_mcgrp); 6168 if (err) 6169 goto err_out; 6170 6171 #ifdef CONFIG_NL80211_TESTMODE 6172 err = genl_register_mc_group(&nl80211_fam, &nl80211_testmode_mcgrp); 6173 if (err) 6174 goto err_out; 6175 #endif 6176 6177 err = netlink_register_notifier(&nl80211_netlink_notifier); 6178 if (err) 6179 goto err_out; 6180 6181 return 0; 6182 err_out: 6183 genl_unregister_family(&nl80211_fam); 6184 return err; 6185 } 6186 6187 void nl80211_exit(void) 6188 { 6189 netlink_unregister_notifier(&nl80211_netlink_notifier); 6190 genl_unregister_family(&nl80211_fam); 6191 } 6192