1 /* 2 * This is the new netlink-based wireless configuration interface. 3 * 4 * Copyright 2006-2010 Johannes Berg <johannes@sipsolutions.net> 5 */ 6 7 #include <linux/if.h> 8 #include <linux/module.h> 9 #include <linux/err.h> 10 #include <linux/slab.h> 11 #include <linux/list.h> 12 #include <linux/if_ether.h> 13 #include <linux/ieee80211.h> 14 #include <linux/nl80211.h> 15 #include <linux/rtnetlink.h> 16 #include <linux/netlink.h> 17 #include <linux/etherdevice.h> 18 #include <net/net_namespace.h> 19 #include <net/genetlink.h> 20 #include <net/cfg80211.h> 21 #include <net/sock.h> 22 #include "core.h" 23 #include "nl80211.h" 24 #include "reg.h" 25 26 static bool nl80211_valid_auth_type(enum nl80211_auth_type auth_type); 27 static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev, 28 struct genl_info *info, 29 struct cfg80211_crypto_settings *settings, 30 int cipher_limit); 31 32 static int nl80211_pre_doit(struct genl_ops *ops, struct sk_buff *skb, 33 struct genl_info *info); 34 static void nl80211_post_doit(struct genl_ops *ops, struct sk_buff *skb, 35 struct genl_info *info); 36 37 /* the netlink family */ 38 static struct genl_family nl80211_fam = { 39 .id = GENL_ID_GENERATE, /* don't bother with a hardcoded ID */ 40 .name = "nl80211", /* have users key off the name instead */ 41 .hdrsize = 0, /* no private header */ 42 .version = 1, /* no particular meaning now */ 43 .maxattr = NL80211_ATTR_MAX, 44 .netnsok = true, 45 .pre_doit = nl80211_pre_doit, 46 .post_doit = nl80211_post_doit, 47 }; 48 49 /* internal helper: get rdev and dev */ 50 static int get_rdev_dev_by_info_ifindex(struct genl_info *info, 51 struct cfg80211_registered_device **rdev, 52 struct net_device **dev) 53 { 54 struct nlattr **attrs = info->attrs; 55 int ifindex; 56 57 if (!attrs[NL80211_ATTR_IFINDEX]) 58 return -EINVAL; 59 60 ifindex = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]); 61 *dev = dev_get_by_index(genl_info_net(info), ifindex); 62 if (!*dev) 63 return -ENODEV; 64 65 *rdev = cfg80211_get_dev_from_ifindex(genl_info_net(info), ifindex); 66 if (IS_ERR(*rdev)) { 67 dev_put(*dev); 68 return PTR_ERR(*rdev); 69 } 70 71 return 0; 72 } 73 74 /* policy for the attributes */ 75 static const struct nla_policy nl80211_policy[NL80211_ATTR_MAX+1] = { 76 [NL80211_ATTR_WIPHY] = { .type = NLA_U32 }, 77 [NL80211_ATTR_WIPHY_NAME] = { .type = NLA_NUL_STRING, 78 .len = 20-1 }, 79 [NL80211_ATTR_WIPHY_TXQ_PARAMS] = { .type = NLA_NESTED }, 80 [NL80211_ATTR_WIPHY_FREQ] = { .type = NLA_U32 }, 81 [NL80211_ATTR_WIPHY_CHANNEL_TYPE] = { .type = NLA_U32 }, 82 [NL80211_ATTR_WIPHY_RETRY_SHORT] = { .type = NLA_U8 }, 83 [NL80211_ATTR_WIPHY_RETRY_LONG] = { .type = NLA_U8 }, 84 [NL80211_ATTR_WIPHY_FRAG_THRESHOLD] = { .type = NLA_U32 }, 85 [NL80211_ATTR_WIPHY_RTS_THRESHOLD] = { .type = NLA_U32 }, 86 [NL80211_ATTR_WIPHY_COVERAGE_CLASS] = { .type = NLA_U8 }, 87 88 [NL80211_ATTR_IFTYPE] = { .type = NLA_U32 }, 89 [NL80211_ATTR_IFINDEX] = { .type = NLA_U32 }, 90 [NL80211_ATTR_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ-1 }, 91 92 [NL80211_ATTR_MAC] = { .type = NLA_BINARY, .len = ETH_ALEN }, 93 [NL80211_ATTR_PREV_BSSID] = { .type = NLA_BINARY, .len = ETH_ALEN }, 94 95 [NL80211_ATTR_KEY] = { .type = NLA_NESTED, }, 96 [NL80211_ATTR_KEY_DATA] = { .type = NLA_BINARY, 97 .len = WLAN_MAX_KEY_LEN }, 98 [NL80211_ATTR_KEY_IDX] = { .type = NLA_U8 }, 99 [NL80211_ATTR_KEY_CIPHER] = { .type = NLA_U32 }, 100 [NL80211_ATTR_KEY_DEFAULT] = { .type = NLA_FLAG }, 101 [NL80211_ATTR_KEY_SEQ] = { .type = NLA_BINARY, .len = 8 }, 102 [NL80211_ATTR_KEY_TYPE] = { .type = NLA_U32 }, 103 104 [NL80211_ATTR_BEACON_INTERVAL] = { .type = NLA_U32 }, 105 [NL80211_ATTR_DTIM_PERIOD] = { .type = NLA_U32 }, 106 [NL80211_ATTR_BEACON_HEAD] = { .type = NLA_BINARY, 107 .len = IEEE80211_MAX_DATA_LEN }, 108 [NL80211_ATTR_BEACON_TAIL] = { .type = NLA_BINARY, 109 .len = IEEE80211_MAX_DATA_LEN }, 110 [NL80211_ATTR_STA_AID] = { .type = NLA_U16 }, 111 [NL80211_ATTR_STA_FLAGS] = { .type = NLA_NESTED }, 112 [NL80211_ATTR_STA_LISTEN_INTERVAL] = { .type = NLA_U16 }, 113 [NL80211_ATTR_STA_SUPPORTED_RATES] = { .type = NLA_BINARY, 114 .len = NL80211_MAX_SUPP_RATES }, 115 [NL80211_ATTR_STA_PLINK_ACTION] = { .type = NLA_U8 }, 116 [NL80211_ATTR_STA_VLAN] = { .type = NLA_U32 }, 117 [NL80211_ATTR_MNTR_FLAGS] = { /* NLA_NESTED can't be empty */ }, 118 [NL80211_ATTR_MESH_ID] = { .type = NLA_BINARY, 119 .len = IEEE80211_MAX_MESH_ID_LEN }, 120 [NL80211_ATTR_MPATH_NEXT_HOP] = { .type = NLA_U32 }, 121 122 [NL80211_ATTR_REG_ALPHA2] = { .type = NLA_STRING, .len = 2 }, 123 [NL80211_ATTR_REG_RULES] = { .type = NLA_NESTED }, 124 125 [NL80211_ATTR_BSS_CTS_PROT] = { .type = NLA_U8 }, 126 [NL80211_ATTR_BSS_SHORT_PREAMBLE] = { .type = NLA_U8 }, 127 [NL80211_ATTR_BSS_SHORT_SLOT_TIME] = { .type = NLA_U8 }, 128 [NL80211_ATTR_BSS_BASIC_RATES] = { .type = NLA_BINARY, 129 .len = NL80211_MAX_SUPP_RATES }, 130 [NL80211_ATTR_BSS_HT_OPMODE] = { .type = NLA_U16 }, 131 132 [NL80211_ATTR_MESH_CONFIG] = { .type = NLA_NESTED }, 133 [NL80211_ATTR_SUPPORT_MESH_AUTH] = { .type = NLA_FLAG }, 134 135 [NL80211_ATTR_HT_CAPABILITY] = { .type = NLA_BINARY, 136 .len = NL80211_HT_CAPABILITY_LEN }, 137 138 [NL80211_ATTR_MGMT_SUBTYPE] = { .type = NLA_U8 }, 139 [NL80211_ATTR_IE] = { .type = NLA_BINARY, 140 .len = IEEE80211_MAX_DATA_LEN }, 141 [NL80211_ATTR_SCAN_FREQUENCIES] = { .type = NLA_NESTED }, 142 [NL80211_ATTR_SCAN_SSIDS] = { .type = NLA_NESTED }, 143 144 [NL80211_ATTR_SSID] = { .type = NLA_BINARY, 145 .len = IEEE80211_MAX_SSID_LEN }, 146 [NL80211_ATTR_AUTH_TYPE] = { .type = NLA_U32 }, 147 [NL80211_ATTR_REASON_CODE] = { .type = NLA_U16 }, 148 [NL80211_ATTR_FREQ_FIXED] = { .type = NLA_FLAG }, 149 [NL80211_ATTR_TIMED_OUT] = { .type = NLA_FLAG }, 150 [NL80211_ATTR_USE_MFP] = { .type = NLA_U32 }, 151 [NL80211_ATTR_STA_FLAGS2] = { 152 .len = sizeof(struct nl80211_sta_flag_update), 153 }, 154 [NL80211_ATTR_CONTROL_PORT] = { .type = NLA_FLAG }, 155 [NL80211_ATTR_CONTROL_PORT_ETHERTYPE] = { .type = NLA_U16 }, 156 [NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT] = { .type = NLA_FLAG }, 157 [NL80211_ATTR_PRIVACY] = { .type = NLA_FLAG }, 158 [NL80211_ATTR_CIPHER_SUITE_GROUP] = { .type = NLA_U32 }, 159 [NL80211_ATTR_WPA_VERSIONS] = { .type = NLA_U32 }, 160 [NL80211_ATTR_PID] = { .type = NLA_U32 }, 161 [NL80211_ATTR_4ADDR] = { .type = NLA_U8 }, 162 [NL80211_ATTR_PMKID] = { .type = NLA_BINARY, 163 .len = WLAN_PMKID_LEN }, 164 [NL80211_ATTR_DURATION] = { .type = NLA_U32 }, 165 [NL80211_ATTR_COOKIE] = { .type = NLA_U64 }, 166 [NL80211_ATTR_TX_RATES] = { .type = NLA_NESTED }, 167 [NL80211_ATTR_FRAME] = { .type = NLA_BINARY, 168 .len = IEEE80211_MAX_DATA_LEN }, 169 [NL80211_ATTR_FRAME_MATCH] = { .type = NLA_BINARY, }, 170 [NL80211_ATTR_PS_STATE] = { .type = NLA_U32 }, 171 [NL80211_ATTR_CQM] = { .type = NLA_NESTED, }, 172 [NL80211_ATTR_LOCAL_STATE_CHANGE] = { .type = NLA_FLAG }, 173 [NL80211_ATTR_AP_ISOLATE] = { .type = NLA_U8 }, 174 [NL80211_ATTR_WIPHY_TX_POWER_SETTING] = { .type = NLA_U32 }, 175 [NL80211_ATTR_WIPHY_TX_POWER_LEVEL] = { .type = NLA_U32 }, 176 [NL80211_ATTR_FRAME_TYPE] = { .type = NLA_U16 }, 177 [NL80211_ATTR_WIPHY_ANTENNA_TX] = { .type = NLA_U32 }, 178 [NL80211_ATTR_WIPHY_ANTENNA_RX] = { .type = NLA_U32 }, 179 [NL80211_ATTR_MCAST_RATE] = { .type = NLA_U32 }, 180 [NL80211_ATTR_OFFCHANNEL_TX_OK] = { .type = NLA_FLAG }, 181 [NL80211_ATTR_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED }, 182 [NL80211_ATTR_WOWLAN_TRIGGERS] = { .type = NLA_NESTED }, 183 [NL80211_ATTR_STA_PLINK_STATE] = { .type = NLA_U8 }, 184 [NL80211_ATTR_SCHED_SCAN_INTERVAL] = { .type = NLA_U32 }, 185 [NL80211_ATTR_REKEY_DATA] = { .type = NLA_NESTED }, 186 [NL80211_ATTR_SCAN_SUPP_RATES] = { .type = NLA_NESTED }, 187 [NL80211_ATTR_HIDDEN_SSID] = { .type = NLA_U32 }, 188 [NL80211_ATTR_IE_PROBE_RESP] = { .type = NLA_BINARY, 189 .len = IEEE80211_MAX_DATA_LEN }, 190 [NL80211_ATTR_IE_ASSOC_RESP] = { .type = NLA_BINARY, 191 .len = IEEE80211_MAX_DATA_LEN }, 192 [NL80211_ATTR_ROAM_SUPPORT] = { .type = NLA_FLAG }, 193 [NL80211_ATTR_SCHED_SCAN_MATCH] = { .type = NLA_NESTED }, 194 [NL80211_ATTR_TX_NO_CCK_RATE] = { .type = NLA_FLAG }, 195 [NL80211_ATTR_TDLS_ACTION] = { .type = NLA_U8 }, 196 [NL80211_ATTR_TDLS_DIALOG_TOKEN] = { .type = NLA_U8 }, 197 [NL80211_ATTR_TDLS_OPERATION] = { .type = NLA_U8 }, 198 [NL80211_ATTR_TDLS_SUPPORT] = { .type = NLA_FLAG }, 199 [NL80211_ATTR_TDLS_EXTERNAL_SETUP] = { .type = NLA_FLAG }, 200 }; 201 202 /* policy for the key attributes */ 203 static const struct nla_policy nl80211_key_policy[NL80211_KEY_MAX + 1] = { 204 [NL80211_KEY_DATA] = { .type = NLA_BINARY, .len = WLAN_MAX_KEY_LEN }, 205 [NL80211_KEY_IDX] = { .type = NLA_U8 }, 206 [NL80211_KEY_CIPHER] = { .type = NLA_U32 }, 207 [NL80211_KEY_SEQ] = { .type = NLA_BINARY, .len = 8 }, 208 [NL80211_KEY_DEFAULT] = { .type = NLA_FLAG }, 209 [NL80211_KEY_DEFAULT_MGMT] = { .type = NLA_FLAG }, 210 [NL80211_KEY_TYPE] = { .type = NLA_U32 }, 211 [NL80211_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED }, 212 }; 213 214 /* policy for the key default flags */ 215 static const struct nla_policy 216 nl80211_key_default_policy[NUM_NL80211_KEY_DEFAULT_TYPES] = { 217 [NL80211_KEY_DEFAULT_TYPE_UNICAST] = { .type = NLA_FLAG }, 218 [NL80211_KEY_DEFAULT_TYPE_MULTICAST] = { .type = NLA_FLAG }, 219 }; 220 221 /* policy for WoWLAN attributes */ 222 static const struct nla_policy 223 nl80211_wowlan_policy[NUM_NL80211_WOWLAN_TRIG] = { 224 [NL80211_WOWLAN_TRIG_ANY] = { .type = NLA_FLAG }, 225 [NL80211_WOWLAN_TRIG_DISCONNECT] = { .type = NLA_FLAG }, 226 [NL80211_WOWLAN_TRIG_MAGIC_PKT] = { .type = NLA_FLAG }, 227 [NL80211_WOWLAN_TRIG_PKT_PATTERN] = { .type = NLA_NESTED }, 228 [NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE] = { .type = NLA_FLAG }, 229 [NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST] = { .type = NLA_FLAG }, 230 [NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE] = { .type = NLA_FLAG }, 231 [NL80211_WOWLAN_TRIG_RFKILL_RELEASE] = { .type = NLA_FLAG }, 232 }; 233 234 /* policy for GTK rekey offload attributes */ 235 static const struct nla_policy 236 nl80211_rekey_policy[NUM_NL80211_REKEY_DATA] = { 237 [NL80211_REKEY_DATA_KEK] = { .len = NL80211_KEK_LEN }, 238 [NL80211_REKEY_DATA_KCK] = { .len = NL80211_KCK_LEN }, 239 [NL80211_REKEY_DATA_REPLAY_CTR] = { .len = NL80211_REPLAY_CTR_LEN }, 240 }; 241 242 static const struct nla_policy 243 nl80211_match_policy[NL80211_SCHED_SCAN_MATCH_ATTR_MAX + 1] = { 244 [NL80211_ATTR_SCHED_SCAN_MATCH_SSID] = { .type = NLA_BINARY, 245 .len = IEEE80211_MAX_SSID_LEN }, 246 }; 247 248 /* ifidx get helper */ 249 static int nl80211_get_ifidx(struct netlink_callback *cb) 250 { 251 int res; 252 253 res = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize, 254 nl80211_fam.attrbuf, nl80211_fam.maxattr, 255 nl80211_policy); 256 if (res) 257 return res; 258 259 if (!nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX]) 260 return -EINVAL; 261 262 res = nla_get_u32(nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX]); 263 if (!res) 264 return -EINVAL; 265 return res; 266 } 267 268 static int nl80211_prepare_netdev_dump(struct sk_buff *skb, 269 struct netlink_callback *cb, 270 struct cfg80211_registered_device **rdev, 271 struct net_device **dev) 272 { 273 int ifidx = cb->args[0]; 274 int err; 275 276 if (!ifidx) 277 ifidx = nl80211_get_ifidx(cb); 278 if (ifidx < 0) 279 return ifidx; 280 281 cb->args[0] = ifidx; 282 283 rtnl_lock(); 284 285 *dev = __dev_get_by_index(sock_net(skb->sk), ifidx); 286 if (!*dev) { 287 err = -ENODEV; 288 goto out_rtnl; 289 } 290 291 *rdev = cfg80211_get_dev_from_ifindex(sock_net(skb->sk), ifidx); 292 if (IS_ERR(*rdev)) { 293 err = PTR_ERR(*rdev); 294 goto out_rtnl; 295 } 296 297 return 0; 298 out_rtnl: 299 rtnl_unlock(); 300 return err; 301 } 302 303 static void nl80211_finish_netdev_dump(struct cfg80211_registered_device *rdev) 304 { 305 cfg80211_unlock_rdev(rdev); 306 rtnl_unlock(); 307 } 308 309 /* IE validation */ 310 static bool is_valid_ie_attr(const struct nlattr *attr) 311 { 312 const u8 *pos; 313 int len; 314 315 if (!attr) 316 return true; 317 318 pos = nla_data(attr); 319 len = nla_len(attr); 320 321 while (len) { 322 u8 elemlen; 323 324 if (len < 2) 325 return false; 326 len -= 2; 327 328 elemlen = pos[1]; 329 if (elemlen > len) 330 return false; 331 332 len -= elemlen; 333 pos += 2 + elemlen; 334 } 335 336 return true; 337 } 338 339 /* message building helper */ 340 static inline void *nl80211hdr_put(struct sk_buff *skb, u32 pid, u32 seq, 341 int flags, u8 cmd) 342 { 343 /* since there is no private header just add the generic one */ 344 return genlmsg_put(skb, pid, seq, &nl80211_fam, flags, cmd); 345 } 346 347 static int nl80211_msg_put_channel(struct sk_buff *msg, 348 struct ieee80211_channel *chan) 349 { 350 NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_FREQ, 351 chan->center_freq); 352 353 if (chan->flags & IEEE80211_CHAN_DISABLED) 354 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_DISABLED); 355 if (chan->flags & IEEE80211_CHAN_PASSIVE_SCAN) 356 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_PASSIVE_SCAN); 357 if (chan->flags & IEEE80211_CHAN_NO_IBSS) 358 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_NO_IBSS); 359 if (chan->flags & IEEE80211_CHAN_RADAR) 360 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_RADAR); 361 362 NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_MAX_TX_POWER, 363 DBM_TO_MBM(chan->max_power)); 364 365 return 0; 366 367 nla_put_failure: 368 return -ENOBUFS; 369 } 370 371 /* netlink command implementations */ 372 373 struct key_parse { 374 struct key_params p; 375 int idx; 376 int type; 377 bool def, defmgmt; 378 bool def_uni, def_multi; 379 }; 380 381 static int nl80211_parse_key_new(struct nlattr *key, struct key_parse *k) 382 { 383 struct nlattr *tb[NL80211_KEY_MAX + 1]; 384 int err = nla_parse_nested(tb, NL80211_KEY_MAX, key, 385 nl80211_key_policy); 386 if (err) 387 return err; 388 389 k->def = !!tb[NL80211_KEY_DEFAULT]; 390 k->defmgmt = !!tb[NL80211_KEY_DEFAULT_MGMT]; 391 392 if (k->def) { 393 k->def_uni = true; 394 k->def_multi = true; 395 } 396 if (k->defmgmt) 397 k->def_multi = true; 398 399 if (tb[NL80211_KEY_IDX]) 400 k->idx = nla_get_u8(tb[NL80211_KEY_IDX]); 401 402 if (tb[NL80211_KEY_DATA]) { 403 k->p.key = nla_data(tb[NL80211_KEY_DATA]); 404 k->p.key_len = nla_len(tb[NL80211_KEY_DATA]); 405 } 406 407 if (tb[NL80211_KEY_SEQ]) { 408 k->p.seq = nla_data(tb[NL80211_KEY_SEQ]); 409 k->p.seq_len = nla_len(tb[NL80211_KEY_SEQ]); 410 } 411 412 if (tb[NL80211_KEY_CIPHER]) 413 k->p.cipher = nla_get_u32(tb[NL80211_KEY_CIPHER]); 414 415 if (tb[NL80211_KEY_TYPE]) { 416 k->type = nla_get_u32(tb[NL80211_KEY_TYPE]); 417 if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES) 418 return -EINVAL; 419 } 420 421 if (tb[NL80211_KEY_DEFAULT_TYPES]) { 422 struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES]; 423 int err = nla_parse_nested(kdt, 424 NUM_NL80211_KEY_DEFAULT_TYPES - 1, 425 tb[NL80211_KEY_DEFAULT_TYPES], 426 nl80211_key_default_policy); 427 if (err) 428 return err; 429 430 k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST]; 431 k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST]; 432 } 433 434 return 0; 435 } 436 437 static int nl80211_parse_key_old(struct genl_info *info, struct key_parse *k) 438 { 439 if (info->attrs[NL80211_ATTR_KEY_DATA]) { 440 k->p.key = nla_data(info->attrs[NL80211_ATTR_KEY_DATA]); 441 k->p.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]); 442 } 443 444 if (info->attrs[NL80211_ATTR_KEY_SEQ]) { 445 k->p.seq = nla_data(info->attrs[NL80211_ATTR_KEY_SEQ]); 446 k->p.seq_len = nla_len(info->attrs[NL80211_ATTR_KEY_SEQ]); 447 } 448 449 if (info->attrs[NL80211_ATTR_KEY_IDX]) 450 k->idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]); 451 452 if (info->attrs[NL80211_ATTR_KEY_CIPHER]) 453 k->p.cipher = nla_get_u32(info->attrs[NL80211_ATTR_KEY_CIPHER]); 454 455 k->def = !!info->attrs[NL80211_ATTR_KEY_DEFAULT]; 456 k->defmgmt = !!info->attrs[NL80211_ATTR_KEY_DEFAULT_MGMT]; 457 458 if (k->def) { 459 k->def_uni = true; 460 k->def_multi = true; 461 } 462 if (k->defmgmt) 463 k->def_multi = true; 464 465 if (info->attrs[NL80211_ATTR_KEY_TYPE]) { 466 k->type = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]); 467 if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES) 468 return -EINVAL; 469 } 470 471 if (info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES]) { 472 struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES]; 473 int err = nla_parse_nested( 474 kdt, NUM_NL80211_KEY_DEFAULT_TYPES - 1, 475 info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES], 476 nl80211_key_default_policy); 477 if (err) 478 return err; 479 480 k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST]; 481 k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST]; 482 } 483 484 return 0; 485 } 486 487 static int nl80211_parse_key(struct genl_info *info, struct key_parse *k) 488 { 489 int err; 490 491 memset(k, 0, sizeof(*k)); 492 k->idx = -1; 493 k->type = -1; 494 495 if (info->attrs[NL80211_ATTR_KEY]) 496 err = nl80211_parse_key_new(info->attrs[NL80211_ATTR_KEY], k); 497 else 498 err = nl80211_parse_key_old(info, k); 499 500 if (err) 501 return err; 502 503 if (k->def && k->defmgmt) 504 return -EINVAL; 505 506 if (k->defmgmt) { 507 if (k->def_uni || !k->def_multi) 508 return -EINVAL; 509 } 510 511 if (k->idx != -1) { 512 if (k->defmgmt) { 513 if (k->idx < 4 || k->idx > 5) 514 return -EINVAL; 515 } else if (k->def) { 516 if (k->idx < 0 || k->idx > 3) 517 return -EINVAL; 518 } else { 519 if (k->idx < 0 || k->idx > 5) 520 return -EINVAL; 521 } 522 } 523 524 return 0; 525 } 526 527 static struct cfg80211_cached_keys * 528 nl80211_parse_connkeys(struct cfg80211_registered_device *rdev, 529 struct nlattr *keys) 530 { 531 struct key_parse parse; 532 struct nlattr *key; 533 struct cfg80211_cached_keys *result; 534 int rem, err, def = 0; 535 536 result = kzalloc(sizeof(*result), GFP_KERNEL); 537 if (!result) 538 return ERR_PTR(-ENOMEM); 539 540 result->def = -1; 541 result->defmgmt = -1; 542 543 nla_for_each_nested(key, keys, rem) { 544 memset(&parse, 0, sizeof(parse)); 545 parse.idx = -1; 546 547 err = nl80211_parse_key_new(key, &parse); 548 if (err) 549 goto error; 550 err = -EINVAL; 551 if (!parse.p.key) 552 goto error; 553 if (parse.idx < 0 || parse.idx > 4) 554 goto error; 555 if (parse.def) { 556 if (def) 557 goto error; 558 def = 1; 559 result->def = parse.idx; 560 if (!parse.def_uni || !parse.def_multi) 561 goto error; 562 } else if (parse.defmgmt) 563 goto error; 564 err = cfg80211_validate_key_settings(rdev, &parse.p, 565 parse.idx, false, NULL); 566 if (err) 567 goto error; 568 result->params[parse.idx].cipher = parse.p.cipher; 569 result->params[parse.idx].key_len = parse.p.key_len; 570 result->params[parse.idx].key = result->data[parse.idx]; 571 memcpy(result->data[parse.idx], parse.p.key, parse.p.key_len); 572 } 573 574 return result; 575 error: 576 kfree(result); 577 return ERR_PTR(err); 578 } 579 580 static int nl80211_key_allowed(struct wireless_dev *wdev) 581 { 582 ASSERT_WDEV_LOCK(wdev); 583 584 switch (wdev->iftype) { 585 case NL80211_IFTYPE_AP: 586 case NL80211_IFTYPE_AP_VLAN: 587 case NL80211_IFTYPE_P2P_GO: 588 case NL80211_IFTYPE_MESH_POINT: 589 break; 590 case NL80211_IFTYPE_ADHOC: 591 if (!wdev->current_bss) 592 return -ENOLINK; 593 break; 594 case NL80211_IFTYPE_STATION: 595 case NL80211_IFTYPE_P2P_CLIENT: 596 if (wdev->sme_state != CFG80211_SME_CONNECTED) 597 return -ENOLINK; 598 break; 599 default: 600 return -EINVAL; 601 } 602 603 return 0; 604 } 605 606 static int nl80211_put_iftypes(struct sk_buff *msg, u32 attr, u16 ifmodes) 607 { 608 struct nlattr *nl_modes = nla_nest_start(msg, attr); 609 int i; 610 611 if (!nl_modes) 612 goto nla_put_failure; 613 614 i = 0; 615 while (ifmodes) { 616 if (ifmodes & 1) 617 NLA_PUT_FLAG(msg, i); 618 ifmodes >>= 1; 619 i++; 620 } 621 622 nla_nest_end(msg, nl_modes); 623 return 0; 624 625 nla_put_failure: 626 return -ENOBUFS; 627 } 628 629 static int nl80211_put_iface_combinations(struct wiphy *wiphy, 630 struct sk_buff *msg) 631 { 632 struct nlattr *nl_combis; 633 int i, j; 634 635 nl_combis = nla_nest_start(msg, 636 NL80211_ATTR_INTERFACE_COMBINATIONS); 637 if (!nl_combis) 638 goto nla_put_failure; 639 640 for (i = 0; i < wiphy->n_iface_combinations; i++) { 641 const struct ieee80211_iface_combination *c; 642 struct nlattr *nl_combi, *nl_limits; 643 644 c = &wiphy->iface_combinations[i]; 645 646 nl_combi = nla_nest_start(msg, i + 1); 647 if (!nl_combi) 648 goto nla_put_failure; 649 650 nl_limits = nla_nest_start(msg, NL80211_IFACE_COMB_LIMITS); 651 if (!nl_limits) 652 goto nla_put_failure; 653 654 for (j = 0; j < c->n_limits; j++) { 655 struct nlattr *nl_limit; 656 657 nl_limit = nla_nest_start(msg, j + 1); 658 if (!nl_limit) 659 goto nla_put_failure; 660 NLA_PUT_U32(msg, NL80211_IFACE_LIMIT_MAX, 661 c->limits[j].max); 662 if (nl80211_put_iftypes(msg, NL80211_IFACE_LIMIT_TYPES, 663 c->limits[j].types)) 664 goto nla_put_failure; 665 nla_nest_end(msg, nl_limit); 666 } 667 668 nla_nest_end(msg, nl_limits); 669 670 if (c->beacon_int_infra_match) 671 NLA_PUT_FLAG(msg, 672 NL80211_IFACE_COMB_STA_AP_BI_MATCH); 673 NLA_PUT_U32(msg, NL80211_IFACE_COMB_NUM_CHANNELS, 674 c->num_different_channels); 675 NLA_PUT_U32(msg, NL80211_IFACE_COMB_MAXNUM, 676 c->max_interfaces); 677 678 nla_nest_end(msg, nl_combi); 679 } 680 681 nla_nest_end(msg, nl_combis); 682 683 return 0; 684 nla_put_failure: 685 return -ENOBUFS; 686 } 687 688 static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags, 689 struct cfg80211_registered_device *dev) 690 { 691 void *hdr; 692 struct nlattr *nl_bands, *nl_band; 693 struct nlattr *nl_freqs, *nl_freq; 694 struct nlattr *nl_rates, *nl_rate; 695 struct nlattr *nl_cmds; 696 enum ieee80211_band band; 697 struct ieee80211_channel *chan; 698 struct ieee80211_rate *rate; 699 int i; 700 const struct ieee80211_txrx_stypes *mgmt_stypes = 701 dev->wiphy.mgmt_stypes; 702 703 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_WIPHY); 704 if (!hdr) 705 return -1; 706 707 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, dev->wiphy_idx); 708 NLA_PUT_STRING(msg, NL80211_ATTR_WIPHY_NAME, wiphy_name(&dev->wiphy)); 709 710 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, 711 cfg80211_rdev_list_generation); 712 713 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_SHORT, 714 dev->wiphy.retry_short); 715 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_LONG, 716 dev->wiphy.retry_long); 717 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, 718 dev->wiphy.frag_threshold); 719 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, 720 dev->wiphy.rts_threshold); 721 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_COVERAGE_CLASS, 722 dev->wiphy.coverage_class); 723 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_SCAN_SSIDS, 724 dev->wiphy.max_scan_ssids); 725 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS, 726 dev->wiphy.max_sched_scan_ssids); 727 NLA_PUT_U16(msg, NL80211_ATTR_MAX_SCAN_IE_LEN, 728 dev->wiphy.max_scan_ie_len); 729 NLA_PUT_U16(msg, NL80211_ATTR_MAX_SCHED_SCAN_IE_LEN, 730 dev->wiphy.max_sched_scan_ie_len); 731 NLA_PUT_U8(msg, NL80211_ATTR_MAX_MATCH_SETS, 732 dev->wiphy.max_match_sets); 733 734 if (dev->wiphy.flags & WIPHY_FLAG_IBSS_RSN) 735 NLA_PUT_FLAG(msg, NL80211_ATTR_SUPPORT_IBSS_RSN); 736 if (dev->wiphy.flags & WIPHY_FLAG_MESH_AUTH) 737 NLA_PUT_FLAG(msg, NL80211_ATTR_SUPPORT_MESH_AUTH); 738 if (dev->wiphy.flags & WIPHY_FLAG_AP_UAPSD) 739 NLA_PUT_FLAG(msg, NL80211_ATTR_SUPPORT_AP_UAPSD); 740 if (dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_FW_ROAM) 741 NLA_PUT_FLAG(msg, NL80211_ATTR_ROAM_SUPPORT); 742 if (dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) 743 NLA_PUT_FLAG(msg, NL80211_ATTR_TDLS_SUPPORT); 744 if (dev->wiphy.flags & WIPHY_FLAG_TDLS_EXTERNAL_SETUP) 745 NLA_PUT_FLAG(msg, NL80211_ATTR_TDLS_EXTERNAL_SETUP); 746 747 NLA_PUT(msg, NL80211_ATTR_CIPHER_SUITES, 748 sizeof(u32) * dev->wiphy.n_cipher_suites, 749 dev->wiphy.cipher_suites); 750 751 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_PMKIDS, 752 dev->wiphy.max_num_pmkids); 753 754 if (dev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) 755 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE); 756 757 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_TX, 758 dev->wiphy.available_antennas_tx); 759 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_RX, 760 dev->wiphy.available_antennas_rx); 761 762 if ((dev->wiphy.available_antennas_tx || 763 dev->wiphy.available_antennas_rx) && dev->ops->get_antenna) { 764 u32 tx_ant = 0, rx_ant = 0; 765 int res; 766 res = dev->ops->get_antenna(&dev->wiphy, &tx_ant, &rx_ant); 767 if (!res) { 768 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_TX, tx_ant); 769 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_RX, rx_ant); 770 } 771 } 772 773 if (nl80211_put_iftypes(msg, NL80211_ATTR_SUPPORTED_IFTYPES, 774 dev->wiphy.interface_modes)) 775 goto nla_put_failure; 776 777 nl_bands = nla_nest_start(msg, NL80211_ATTR_WIPHY_BANDS); 778 if (!nl_bands) 779 goto nla_put_failure; 780 781 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 782 if (!dev->wiphy.bands[band]) 783 continue; 784 785 nl_band = nla_nest_start(msg, band); 786 if (!nl_band) 787 goto nla_put_failure; 788 789 /* add HT info */ 790 if (dev->wiphy.bands[band]->ht_cap.ht_supported) { 791 NLA_PUT(msg, NL80211_BAND_ATTR_HT_MCS_SET, 792 sizeof(dev->wiphy.bands[band]->ht_cap.mcs), 793 &dev->wiphy.bands[band]->ht_cap.mcs); 794 NLA_PUT_U16(msg, NL80211_BAND_ATTR_HT_CAPA, 795 dev->wiphy.bands[band]->ht_cap.cap); 796 NLA_PUT_U8(msg, NL80211_BAND_ATTR_HT_AMPDU_FACTOR, 797 dev->wiphy.bands[band]->ht_cap.ampdu_factor); 798 NLA_PUT_U8(msg, NL80211_BAND_ATTR_HT_AMPDU_DENSITY, 799 dev->wiphy.bands[band]->ht_cap.ampdu_density); 800 } 801 802 /* add frequencies */ 803 nl_freqs = nla_nest_start(msg, NL80211_BAND_ATTR_FREQS); 804 if (!nl_freqs) 805 goto nla_put_failure; 806 807 for (i = 0; i < dev->wiphy.bands[band]->n_channels; i++) { 808 nl_freq = nla_nest_start(msg, i); 809 if (!nl_freq) 810 goto nla_put_failure; 811 812 chan = &dev->wiphy.bands[band]->channels[i]; 813 814 if (nl80211_msg_put_channel(msg, chan)) 815 goto nla_put_failure; 816 817 nla_nest_end(msg, nl_freq); 818 } 819 820 nla_nest_end(msg, nl_freqs); 821 822 /* add bitrates */ 823 nl_rates = nla_nest_start(msg, NL80211_BAND_ATTR_RATES); 824 if (!nl_rates) 825 goto nla_put_failure; 826 827 for (i = 0; i < dev->wiphy.bands[band]->n_bitrates; i++) { 828 nl_rate = nla_nest_start(msg, i); 829 if (!nl_rate) 830 goto nla_put_failure; 831 832 rate = &dev->wiphy.bands[band]->bitrates[i]; 833 NLA_PUT_U32(msg, NL80211_BITRATE_ATTR_RATE, 834 rate->bitrate); 835 if (rate->flags & IEEE80211_RATE_SHORT_PREAMBLE) 836 NLA_PUT_FLAG(msg, 837 NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE); 838 839 nla_nest_end(msg, nl_rate); 840 } 841 842 nla_nest_end(msg, nl_rates); 843 844 nla_nest_end(msg, nl_band); 845 } 846 nla_nest_end(msg, nl_bands); 847 848 nl_cmds = nla_nest_start(msg, NL80211_ATTR_SUPPORTED_COMMANDS); 849 if (!nl_cmds) 850 goto nla_put_failure; 851 852 i = 0; 853 #define CMD(op, n) \ 854 do { \ 855 if (dev->ops->op) { \ 856 i++; \ 857 NLA_PUT_U32(msg, i, NL80211_CMD_ ## n); \ 858 } \ 859 } while (0) 860 861 CMD(add_virtual_intf, NEW_INTERFACE); 862 CMD(change_virtual_intf, SET_INTERFACE); 863 CMD(add_key, NEW_KEY); 864 CMD(add_beacon, NEW_BEACON); 865 CMD(add_station, NEW_STATION); 866 CMD(add_mpath, NEW_MPATH); 867 CMD(update_mesh_config, SET_MESH_CONFIG); 868 CMD(change_bss, SET_BSS); 869 CMD(auth, AUTHENTICATE); 870 CMD(assoc, ASSOCIATE); 871 CMD(deauth, DEAUTHENTICATE); 872 CMD(disassoc, DISASSOCIATE); 873 CMD(join_ibss, JOIN_IBSS); 874 CMD(join_mesh, JOIN_MESH); 875 CMD(set_pmksa, SET_PMKSA); 876 CMD(del_pmksa, DEL_PMKSA); 877 CMD(flush_pmksa, FLUSH_PMKSA); 878 CMD(remain_on_channel, REMAIN_ON_CHANNEL); 879 CMD(set_bitrate_mask, SET_TX_BITRATE_MASK); 880 CMD(mgmt_tx, FRAME); 881 CMD(mgmt_tx_cancel_wait, FRAME_WAIT_CANCEL); 882 if (dev->wiphy.flags & WIPHY_FLAG_NETNS_OK) { 883 i++; 884 NLA_PUT_U32(msg, i, NL80211_CMD_SET_WIPHY_NETNS); 885 } 886 CMD(set_channel, SET_CHANNEL); 887 CMD(set_wds_peer, SET_WDS_PEER); 888 if (dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) { 889 CMD(tdls_mgmt, TDLS_MGMT); 890 CMD(tdls_oper, TDLS_OPER); 891 } 892 if (dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN) 893 CMD(sched_scan_start, START_SCHED_SCAN); 894 895 #undef CMD 896 897 if (dev->ops->connect || dev->ops->auth) { 898 i++; 899 NLA_PUT_U32(msg, i, NL80211_CMD_CONNECT); 900 } 901 902 if (dev->ops->disconnect || dev->ops->deauth) { 903 i++; 904 NLA_PUT_U32(msg, i, NL80211_CMD_DISCONNECT); 905 } 906 907 nla_nest_end(msg, nl_cmds); 908 909 if (dev->ops->remain_on_channel) 910 NLA_PUT_U32(msg, NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION, 911 dev->wiphy.max_remain_on_channel_duration); 912 913 if (dev->ops->mgmt_tx_cancel_wait) 914 NLA_PUT_FLAG(msg, NL80211_ATTR_OFFCHANNEL_TX_OK); 915 916 if (mgmt_stypes) { 917 u16 stypes; 918 struct nlattr *nl_ftypes, *nl_ifs; 919 enum nl80211_iftype ift; 920 921 nl_ifs = nla_nest_start(msg, NL80211_ATTR_TX_FRAME_TYPES); 922 if (!nl_ifs) 923 goto nla_put_failure; 924 925 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) { 926 nl_ftypes = nla_nest_start(msg, ift); 927 if (!nl_ftypes) 928 goto nla_put_failure; 929 i = 0; 930 stypes = mgmt_stypes[ift].tx; 931 while (stypes) { 932 if (stypes & 1) 933 NLA_PUT_U16(msg, NL80211_ATTR_FRAME_TYPE, 934 (i << 4) | IEEE80211_FTYPE_MGMT); 935 stypes >>= 1; 936 i++; 937 } 938 nla_nest_end(msg, nl_ftypes); 939 } 940 941 nla_nest_end(msg, nl_ifs); 942 943 nl_ifs = nla_nest_start(msg, NL80211_ATTR_RX_FRAME_TYPES); 944 if (!nl_ifs) 945 goto nla_put_failure; 946 947 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) { 948 nl_ftypes = nla_nest_start(msg, ift); 949 if (!nl_ftypes) 950 goto nla_put_failure; 951 i = 0; 952 stypes = mgmt_stypes[ift].rx; 953 while (stypes) { 954 if (stypes & 1) 955 NLA_PUT_U16(msg, NL80211_ATTR_FRAME_TYPE, 956 (i << 4) | IEEE80211_FTYPE_MGMT); 957 stypes >>= 1; 958 i++; 959 } 960 nla_nest_end(msg, nl_ftypes); 961 } 962 nla_nest_end(msg, nl_ifs); 963 } 964 965 if (dev->wiphy.wowlan.flags || dev->wiphy.wowlan.n_patterns) { 966 struct nlattr *nl_wowlan; 967 968 nl_wowlan = nla_nest_start(msg, 969 NL80211_ATTR_WOWLAN_TRIGGERS_SUPPORTED); 970 if (!nl_wowlan) 971 goto nla_put_failure; 972 973 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_ANY) 974 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_ANY); 975 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_DISCONNECT) 976 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_DISCONNECT); 977 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_MAGIC_PKT) 978 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT); 979 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_SUPPORTS_GTK_REKEY) 980 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_SUPPORTED); 981 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_GTK_REKEY_FAILURE) 982 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE); 983 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_EAP_IDENTITY_REQ) 984 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST); 985 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_4WAY_HANDSHAKE) 986 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE); 987 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_RFKILL_RELEASE) 988 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE); 989 if (dev->wiphy.wowlan.n_patterns) { 990 struct nl80211_wowlan_pattern_support pat = { 991 .max_patterns = dev->wiphy.wowlan.n_patterns, 992 .min_pattern_len = 993 dev->wiphy.wowlan.pattern_min_len, 994 .max_pattern_len = 995 dev->wiphy.wowlan.pattern_max_len, 996 }; 997 NLA_PUT(msg, NL80211_WOWLAN_TRIG_PKT_PATTERN, 998 sizeof(pat), &pat); 999 } 1000 1001 nla_nest_end(msg, nl_wowlan); 1002 } 1003 1004 if (nl80211_put_iftypes(msg, NL80211_ATTR_SOFTWARE_IFTYPES, 1005 dev->wiphy.software_iftypes)) 1006 goto nla_put_failure; 1007 1008 if (nl80211_put_iface_combinations(&dev->wiphy, msg)) 1009 goto nla_put_failure; 1010 1011 return genlmsg_end(msg, hdr); 1012 1013 nla_put_failure: 1014 genlmsg_cancel(msg, hdr); 1015 return -EMSGSIZE; 1016 } 1017 1018 static int nl80211_dump_wiphy(struct sk_buff *skb, struct netlink_callback *cb) 1019 { 1020 int idx = 0; 1021 int start = cb->args[0]; 1022 struct cfg80211_registered_device *dev; 1023 1024 mutex_lock(&cfg80211_mutex); 1025 list_for_each_entry(dev, &cfg80211_rdev_list, list) { 1026 if (!net_eq(wiphy_net(&dev->wiphy), sock_net(skb->sk))) 1027 continue; 1028 if (++idx <= start) 1029 continue; 1030 if (nl80211_send_wiphy(skb, NETLINK_CB(cb->skb).pid, 1031 cb->nlh->nlmsg_seq, NLM_F_MULTI, 1032 dev) < 0) { 1033 idx--; 1034 break; 1035 } 1036 } 1037 mutex_unlock(&cfg80211_mutex); 1038 1039 cb->args[0] = idx; 1040 1041 return skb->len; 1042 } 1043 1044 static int nl80211_get_wiphy(struct sk_buff *skb, struct genl_info *info) 1045 { 1046 struct sk_buff *msg; 1047 struct cfg80211_registered_device *dev = info->user_ptr[0]; 1048 1049 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1050 if (!msg) 1051 return -ENOMEM; 1052 1053 if (nl80211_send_wiphy(msg, info->snd_pid, info->snd_seq, 0, dev) < 0) { 1054 nlmsg_free(msg); 1055 return -ENOBUFS; 1056 } 1057 1058 return genlmsg_reply(msg, info); 1059 } 1060 1061 static const struct nla_policy txq_params_policy[NL80211_TXQ_ATTR_MAX + 1] = { 1062 [NL80211_TXQ_ATTR_QUEUE] = { .type = NLA_U8 }, 1063 [NL80211_TXQ_ATTR_TXOP] = { .type = NLA_U16 }, 1064 [NL80211_TXQ_ATTR_CWMIN] = { .type = NLA_U16 }, 1065 [NL80211_TXQ_ATTR_CWMAX] = { .type = NLA_U16 }, 1066 [NL80211_TXQ_ATTR_AIFS] = { .type = NLA_U8 }, 1067 }; 1068 1069 static int parse_txq_params(struct nlattr *tb[], 1070 struct ieee80211_txq_params *txq_params) 1071 { 1072 if (!tb[NL80211_TXQ_ATTR_QUEUE] || !tb[NL80211_TXQ_ATTR_TXOP] || 1073 !tb[NL80211_TXQ_ATTR_CWMIN] || !tb[NL80211_TXQ_ATTR_CWMAX] || 1074 !tb[NL80211_TXQ_ATTR_AIFS]) 1075 return -EINVAL; 1076 1077 txq_params->queue = nla_get_u8(tb[NL80211_TXQ_ATTR_QUEUE]); 1078 txq_params->txop = nla_get_u16(tb[NL80211_TXQ_ATTR_TXOP]); 1079 txq_params->cwmin = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMIN]); 1080 txq_params->cwmax = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMAX]); 1081 txq_params->aifs = nla_get_u8(tb[NL80211_TXQ_ATTR_AIFS]); 1082 1083 return 0; 1084 } 1085 1086 static bool nl80211_can_set_dev_channel(struct wireless_dev *wdev) 1087 { 1088 /* 1089 * You can only set the channel explicitly for AP, mesh 1090 * and WDS type interfaces; all others have their channel 1091 * managed via their respective "establish a connection" 1092 * command (connect, join, ...) 1093 * 1094 * Monitors are special as they are normally slaved to 1095 * whatever else is going on, so they behave as though 1096 * you tried setting the wiphy channel itself. 1097 */ 1098 return !wdev || 1099 wdev->iftype == NL80211_IFTYPE_AP || 1100 wdev->iftype == NL80211_IFTYPE_WDS || 1101 wdev->iftype == NL80211_IFTYPE_MESH_POINT || 1102 wdev->iftype == NL80211_IFTYPE_MONITOR || 1103 wdev->iftype == NL80211_IFTYPE_P2P_GO; 1104 } 1105 1106 static int __nl80211_set_channel(struct cfg80211_registered_device *rdev, 1107 struct wireless_dev *wdev, 1108 struct genl_info *info) 1109 { 1110 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 1111 u32 freq; 1112 int result; 1113 1114 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ]) 1115 return -EINVAL; 1116 1117 if (!nl80211_can_set_dev_channel(wdev)) 1118 return -EOPNOTSUPP; 1119 1120 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 1121 channel_type = nla_get_u32(info->attrs[ 1122 NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 1123 if (channel_type != NL80211_CHAN_NO_HT && 1124 channel_type != NL80211_CHAN_HT20 && 1125 channel_type != NL80211_CHAN_HT40PLUS && 1126 channel_type != NL80211_CHAN_HT40MINUS) 1127 return -EINVAL; 1128 } 1129 1130 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); 1131 1132 mutex_lock(&rdev->devlist_mtx); 1133 if (wdev) { 1134 wdev_lock(wdev); 1135 result = cfg80211_set_freq(rdev, wdev, freq, channel_type); 1136 wdev_unlock(wdev); 1137 } else { 1138 result = cfg80211_set_freq(rdev, NULL, freq, channel_type); 1139 } 1140 mutex_unlock(&rdev->devlist_mtx); 1141 1142 return result; 1143 } 1144 1145 static int nl80211_set_channel(struct sk_buff *skb, struct genl_info *info) 1146 { 1147 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1148 struct net_device *netdev = info->user_ptr[1]; 1149 1150 return __nl80211_set_channel(rdev, netdev->ieee80211_ptr, info); 1151 } 1152 1153 static int nl80211_set_wds_peer(struct sk_buff *skb, struct genl_info *info) 1154 { 1155 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1156 struct net_device *dev = info->user_ptr[1]; 1157 struct wireless_dev *wdev = dev->ieee80211_ptr; 1158 const u8 *bssid; 1159 1160 if (!info->attrs[NL80211_ATTR_MAC]) 1161 return -EINVAL; 1162 1163 if (netif_running(dev)) 1164 return -EBUSY; 1165 1166 if (!rdev->ops->set_wds_peer) 1167 return -EOPNOTSUPP; 1168 1169 if (wdev->iftype != NL80211_IFTYPE_WDS) 1170 return -EOPNOTSUPP; 1171 1172 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 1173 return rdev->ops->set_wds_peer(wdev->wiphy, dev, bssid); 1174 } 1175 1176 1177 static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info) 1178 { 1179 struct cfg80211_registered_device *rdev; 1180 struct net_device *netdev = NULL; 1181 struct wireless_dev *wdev; 1182 int result = 0, rem_txq_params = 0; 1183 struct nlattr *nl_txq_params; 1184 u32 changed; 1185 u8 retry_short = 0, retry_long = 0; 1186 u32 frag_threshold = 0, rts_threshold = 0; 1187 u8 coverage_class = 0; 1188 1189 /* 1190 * Try to find the wiphy and netdev. Normally this 1191 * function shouldn't need the netdev, but this is 1192 * done for backward compatibility -- previously 1193 * setting the channel was done per wiphy, but now 1194 * it is per netdev. Previous userland like hostapd 1195 * also passed a netdev to set_wiphy, so that it is 1196 * possible to let that go to the right netdev! 1197 */ 1198 mutex_lock(&cfg80211_mutex); 1199 1200 if (info->attrs[NL80211_ATTR_IFINDEX]) { 1201 int ifindex = nla_get_u32(info->attrs[NL80211_ATTR_IFINDEX]); 1202 1203 netdev = dev_get_by_index(genl_info_net(info), ifindex); 1204 if (netdev && netdev->ieee80211_ptr) { 1205 rdev = wiphy_to_dev(netdev->ieee80211_ptr->wiphy); 1206 mutex_lock(&rdev->mtx); 1207 } else 1208 netdev = NULL; 1209 } 1210 1211 if (!netdev) { 1212 rdev = __cfg80211_rdev_from_info(info); 1213 if (IS_ERR(rdev)) { 1214 mutex_unlock(&cfg80211_mutex); 1215 return PTR_ERR(rdev); 1216 } 1217 wdev = NULL; 1218 netdev = NULL; 1219 result = 0; 1220 1221 mutex_lock(&rdev->mtx); 1222 } else if (netif_running(netdev) && 1223 nl80211_can_set_dev_channel(netdev->ieee80211_ptr)) 1224 wdev = netdev->ieee80211_ptr; 1225 else 1226 wdev = NULL; 1227 1228 /* 1229 * end workaround code, by now the rdev is available 1230 * and locked, and wdev may or may not be NULL. 1231 */ 1232 1233 if (info->attrs[NL80211_ATTR_WIPHY_NAME]) 1234 result = cfg80211_dev_rename( 1235 rdev, nla_data(info->attrs[NL80211_ATTR_WIPHY_NAME])); 1236 1237 mutex_unlock(&cfg80211_mutex); 1238 1239 if (result) 1240 goto bad_res; 1241 1242 if (info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS]) { 1243 struct ieee80211_txq_params txq_params; 1244 struct nlattr *tb[NL80211_TXQ_ATTR_MAX + 1]; 1245 1246 if (!rdev->ops->set_txq_params) { 1247 result = -EOPNOTSUPP; 1248 goto bad_res; 1249 } 1250 1251 if (!netdev) { 1252 result = -EINVAL; 1253 goto bad_res; 1254 } 1255 1256 nla_for_each_nested(nl_txq_params, 1257 info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS], 1258 rem_txq_params) { 1259 nla_parse(tb, NL80211_TXQ_ATTR_MAX, 1260 nla_data(nl_txq_params), 1261 nla_len(nl_txq_params), 1262 txq_params_policy); 1263 result = parse_txq_params(tb, &txq_params); 1264 if (result) 1265 goto bad_res; 1266 1267 result = rdev->ops->set_txq_params(&rdev->wiphy, 1268 netdev, 1269 &txq_params); 1270 if (result) 1271 goto bad_res; 1272 } 1273 } 1274 1275 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { 1276 result = __nl80211_set_channel(rdev, wdev, info); 1277 if (result) 1278 goto bad_res; 1279 } 1280 1281 if (info->attrs[NL80211_ATTR_WIPHY_TX_POWER_SETTING]) { 1282 enum nl80211_tx_power_setting type; 1283 int idx, mbm = 0; 1284 1285 if (!rdev->ops->set_tx_power) { 1286 result = -EOPNOTSUPP; 1287 goto bad_res; 1288 } 1289 1290 idx = NL80211_ATTR_WIPHY_TX_POWER_SETTING; 1291 type = nla_get_u32(info->attrs[idx]); 1292 1293 if (!info->attrs[NL80211_ATTR_WIPHY_TX_POWER_LEVEL] && 1294 (type != NL80211_TX_POWER_AUTOMATIC)) { 1295 result = -EINVAL; 1296 goto bad_res; 1297 } 1298 1299 if (type != NL80211_TX_POWER_AUTOMATIC) { 1300 idx = NL80211_ATTR_WIPHY_TX_POWER_LEVEL; 1301 mbm = nla_get_u32(info->attrs[idx]); 1302 } 1303 1304 result = rdev->ops->set_tx_power(&rdev->wiphy, type, mbm); 1305 if (result) 1306 goto bad_res; 1307 } 1308 1309 if (info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX] && 1310 info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]) { 1311 u32 tx_ant, rx_ant; 1312 if ((!rdev->wiphy.available_antennas_tx && 1313 !rdev->wiphy.available_antennas_rx) || 1314 !rdev->ops->set_antenna) { 1315 result = -EOPNOTSUPP; 1316 goto bad_res; 1317 } 1318 1319 tx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX]); 1320 rx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]); 1321 1322 /* reject antenna configurations which don't match the 1323 * available antenna masks, except for the "all" mask */ 1324 if ((~tx_ant && (tx_ant & ~rdev->wiphy.available_antennas_tx)) || 1325 (~rx_ant && (rx_ant & ~rdev->wiphy.available_antennas_rx))) { 1326 result = -EINVAL; 1327 goto bad_res; 1328 } 1329 1330 tx_ant = tx_ant & rdev->wiphy.available_antennas_tx; 1331 rx_ant = rx_ant & rdev->wiphy.available_antennas_rx; 1332 1333 result = rdev->ops->set_antenna(&rdev->wiphy, tx_ant, rx_ant); 1334 if (result) 1335 goto bad_res; 1336 } 1337 1338 changed = 0; 1339 1340 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]) { 1341 retry_short = nla_get_u8( 1342 info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]); 1343 if (retry_short == 0) { 1344 result = -EINVAL; 1345 goto bad_res; 1346 } 1347 changed |= WIPHY_PARAM_RETRY_SHORT; 1348 } 1349 1350 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]) { 1351 retry_long = nla_get_u8( 1352 info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]); 1353 if (retry_long == 0) { 1354 result = -EINVAL; 1355 goto bad_res; 1356 } 1357 changed |= WIPHY_PARAM_RETRY_LONG; 1358 } 1359 1360 if (info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]) { 1361 frag_threshold = nla_get_u32( 1362 info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]); 1363 if (frag_threshold < 256) { 1364 result = -EINVAL; 1365 goto bad_res; 1366 } 1367 if (frag_threshold != (u32) -1) { 1368 /* 1369 * Fragments (apart from the last one) are required to 1370 * have even length. Make the fragmentation code 1371 * simpler by stripping LSB should someone try to use 1372 * odd threshold value. 1373 */ 1374 frag_threshold &= ~0x1; 1375 } 1376 changed |= WIPHY_PARAM_FRAG_THRESHOLD; 1377 } 1378 1379 if (info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]) { 1380 rts_threshold = nla_get_u32( 1381 info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]); 1382 changed |= WIPHY_PARAM_RTS_THRESHOLD; 1383 } 1384 1385 if (info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]) { 1386 coverage_class = nla_get_u8( 1387 info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]); 1388 changed |= WIPHY_PARAM_COVERAGE_CLASS; 1389 } 1390 1391 if (changed) { 1392 u8 old_retry_short, old_retry_long; 1393 u32 old_frag_threshold, old_rts_threshold; 1394 u8 old_coverage_class; 1395 1396 if (!rdev->ops->set_wiphy_params) { 1397 result = -EOPNOTSUPP; 1398 goto bad_res; 1399 } 1400 1401 old_retry_short = rdev->wiphy.retry_short; 1402 old_retry_long = rdev->wiphy.retry_long; 1403 old_frag_threshold = rdev->wiphy.frag_threshold; 1404 old_rts_threshold = rdev->wiphy.rts_threshold; 1405 old_coverage_class = rdev->wiphy.coverage_class; 1406 1407 if (changed & WIPHY_PARAM_RETRY_SHORT) 1408 rdev->wiphy.retry_short = retry_short; 1409 if (changed & WIPHY_PARAM_RETRY_LONG) 1410 rdev->wiphy.retry_long = retry_long; 1411 if (changed & WIPHY_PARAM_FRAG_THRESHOLD) 1412 rdev->wiphy.frag_threshold = frag_threshold; 1413 if (changed & WIPHY_PARAM_RTS_THRESHOLD) 1414 rdev->wiphy.rts_threshold = rts_threshold; 1415 if (changed & WIPHY_PARAM_COVERAGE_CLASS) 1416 rdev->wiphy.coverage_class = coverage_class; 1417 1418 result = rdev->ops->set_wiphy_params(&rdev->wiphy, changed); 1419 if (result) { 1420 rdev->wiphy.retry_short = old_retry_short; 1421 rdev->wiphy.retry_long = old_retry_long; 1422 rdev->wiphy.frag_threshold = old_frag_threshold; 1423 rdev->wiphy.rts_threshold = old_rts_threshold; 1424 rdev->wiphy.coverage_class = old_coverage_class; 1425 } 1426 } 1427 1428 bad_res: 1429 mutex_unlock(&rdev->mtx); 1430 if (netdev) 1431 dev_put(netdev); 1432 return result; 1433 } 1434 1435 1436 static int nl80211_send_iface(struct sk_buff *msg, u32 pid, u32 seq, int flags, 1437 struct cfg80211_registered_device *rdev, 1438 struct net_device *dev) 1439 { 1440 void *hdr; 1441 1442 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_INTERFACE); 1443 if (!hdr) 1444 return -1; 1445 1446 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 1447 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 1448 NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, dev->name); 1449 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, dev->ieee80211_ptr->iftype); 1450 1451 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, 1452 rdev->devlist_generation ^ 1453 (cfg80211_rdev_list_generation << 2)); 1454 1455 return genlmsg_end(msg, hdr); 1456 1457 nla_put_failure: 1458 genlmsg_cancel(msg, hdr); 1459 return -EMSGSIZE; 1460 } 1461 1462 static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback *cb) 1463 { 1464 int wp_idx = 0; 1465 int if_idx = 0; 1466 int wp_start = cb->args[0]; 1467 int if_start = cb->args[1]; 1468 struct cfg80211_registered_device *rdev; 1469 struct wireless_dev *wdev; 1470 1471 mutex_lock(&cfg80211_mutex); 1472 list_for_each_entry(rdev, &cfg80211_rdev_list, list) { 1473 if (!net_eq(wiphy_net(&rdev->wiphy), sock_net(skb->sk))) 1474 continue; 1475 if (wp_idx < wp_start) { 1476 wp_idx++; 1477 continue; 1478 } 1479 if_idx = 0; 1480 1481 mutex_lock(&rdev->devlist_mtx); 1482 list_for_each_entry(wdev, &rdev->netdev_list, list) { 1483 if (if_idx < if_start) { 1484 if_idx++; 1485 continue; 1486 } 1487 if (nl80211_send_iface(skb, NETLINK_CB(cb->skb).pid, 1488 cb->nlh->nlmsg_seq, NLM_F_MULTI, 1489 rdev, wdev->netdev) < 0) { 1490 mutex_unlock(&rdev->devlist_mtx); 1491 goto out; 1492 } 1493 if_idx++; 1494 } 1495 mutex_unlock(&rdev->devlist_mtx); 1496 1497 wp_idx++; 1498 } 1499 out: 1500 mutex_unlock(&cfg80211_mutex); 1501 1502 cb->args[0] = wp_idx; 1503 cb->args[1] = if_idx; 1504 1505 return skb->len; 1506 } 1507 1508 static int nl80211_get_interface(struct sk_buff *skb, struct genl_info *info) 1509 { 1510 struct sk_buff *msg; 1511 struct cfg80211_registered_device *dev = info->user_ptr[0]; 1512 struct net_device *netdev = info->user_ptr[1]; 1513 1514 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1515 if (!msg) 1516 return -ENOMEM; 1517 1518 if (nl80211_send_iface(msg, info->snd_pid, info->snd_seq, 0, 1519 dev, netdev) < 0) { 1520 nlmsg_free(msg); 1521 return -ENOBUFS; 1522 } 1523 1524 return genlmsg_reply(msg, info); 1525 } 1526 1527 static const struct nla_policy mntr_flags_policy[NL80211_MNTR_FLAG_MAX + 1] = { 1528 [NL80211_MNTR_FLAG_FCSFAIL] = { .type = NLA_FLAG }, 1529 [NL80211_MNTR_FLAG_PLCPFAIL] = { .type = NLA_FLAG }, 1530 [NL80211_MNTR_FLAG_CONTROL] = { .type = NLA_FLAG }, 1531 [NL80211_MNTR_FLAG_OTHER_BSS] = { .type = NLA_FLAG }, 1532 [NL80211_MNTR_FLAG_COOK_FRAMES] = { .type = NLA_FLAG }, 1533 }; 1534 1535 static int parse_monitor_flags(struct nlattr *nla, u32 *mntrflags) 1536 { 1537 struct nlattr *flags[NL80211_MNTR_FLAG_MAX + 1]; 1538 int flag; 1539 1540 *mntrflags = 0; 1541 1542 if (!nla) 1543 return -EINVAL; 1544 1545 if (nla_parse_nested(flags, NL80211_MNTR_FLAG_MAX, 1546 nla, mntr_flags_policy)) 1547 return -EINVAL; 1548 1549 for (flag = 1; flag <= NL80211_MNTR_FLAG_MAX; flag++) 1550 if (flags[flag]) 1551 *mntrflags |= (1<<flag); 1552 1553 return 0; 1554 } 1555 1556 static int nl80211_valid_4addr(struct cfg80211_registered_device *rdev, 1557 struct net_device *netdev, u8 use_4addr, 1558 enum nl80211_iftype iftype) 1559 { 1560 if (!use_4addr) { 1561 if (netdev && (netdev->priv_flags & IFF_BRIDGE_PORT)) 1562 return -EBUSY; 1563 return 0; 1564 } 1565 1566 switch (iftype) { 1567 case NL80211_IFTYPE_AP_VLAN: 1568 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_AP) 1569 return 0; 1570 break; 1571 case NL80211_IFTYPE_STATION: 1572 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_STATION) 1573 return 0; 1574 break; 1575 default: 1576 break; 1577 } 1578 1579 return -EOPNOTSUPP; 1580 } 1581 1582 static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info) 1583 { 1584 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1585 struct vif_params params; 1586 int err; 1587 enum nl80211_iftype otype, ntype; 1588 struct net_device *dev = info->user_ptr[1]; 1589 u32 _flags, *flags = NULL; 1590 bool change = false; 1591 1592 memset(¶ms, 0, sizeof(params)); 1593 1594 otype = ntype = dev->ieee80211_ptr->iftype; 1595 1596 if (info->attrs[NL80211_ATTR_IFTYPE]) { 1597 ntype = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]); 1598 if (otype != ntype) 1599 change = true; 1600 if (ntype > NL80211_IFTYPE_MAX) 1601 return -EINVAL; 1602 } 1603 1604 if (info->attrs[NL80211_ATTR_MESH_ID]) { 1605 struct wireless_dev *wdev = dev->ieee80211_ptr; 1606 1607 if (ntype != NL80211_IFTYPE_MESH_POINT) 1608 return -EINVAL; 1609 if (netif_running(dev)) 1610 return -EBUSY; 1611 1612 wdev_lock(wdev); 1613 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN != 1614 IEEE80211_MAX_MESH_ID_LEN); 1615 wdev->mesh_id_up_len = 1616 nla_len(info->attrs[NL80211_ATTR_MESH_ID]); 1617 memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]), 1618 wdev->mesh_id_up_len); 1619 wdev_unlock(wdev); 1620 } 1621 1622 if (info->attrs[NL80211_ATTR_4ADDR]) { 1623 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]); 1624 change = true; 1625 err = nl80211_valid_4addr(rdev, dev, params.use_4addr, ntype); 1626 if (err) 1627 return err; 1628 } else { 1629 params.use_4addr = -1; 1630 } 1631 1632 if (info->attrs[NL80211_ATTR_MNTR_FLAGS]) { 1633 if (ntype != NL80211_IFTYPE_MONITOR) 1634 return -EINVAL; 1635 err = parse_monitor_flags(info->attrs[NL80211_ATTR_MNTR_FLAGS], 1636 &_flags); 1637 if (err) 1638 return err; 1639 1640 flags = &_flags; 1641 change = true; 1642 } 1643 1644 if (change) 1645 err = cfg80211_change_iface(rdev, dev, ntype, flags, ¶ms); 1646 else 1647 err = 0; 1648 1649 if (!err && params.use_4addr != -1) 1650 dev->ieee80211_ptr->use_4addr = params.use_4addr; 1651 1652 return err; 1653 } 1654 1655 static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info) 1656 { 1657 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1658 struct vif_params params; 1659 struct net_device *dev; 1660 int err; 1661 enum nl80211_iftype type = NL80211_IFTYPE_UNSPECIFIED; 1662 u32 flags; 1663 1664 memset(¶ms, 0, sizeof(params)); 1665 1666 if (!info->attrs[NL80211_ATTR_IFNAME]) 1667 return -EINVAL; 1668 1669 if (info->attrs[NL80211_ATTR_IFTYPE]) { 1670 type = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]); 1671 if (type > NL80211_IFTYPE_MAX) 1672 return -EINVAL; 1673 } 1674 1675 if (!rdev->ops->add_virtual_intf || 1676 !(rdev->wiphy.interface_modes & (1 << type))) 1677 return -EOPNOTSUPP; 1678 1679 if (info->attrs[NL80211_ATTR_4ADDR]) { 1680 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]); 1681 err = nl80211_valid_4addr(rdev, NULL, params.use_4addr, type); 1682 if (err) 1683 return err; 1684 } 1685 1686 err = parse_monitor_flags(type == NL80211_IFTYPE_MONITOR ? 1687 info->attrs[NL80211_ATTR_MNTR_FLAGS] : NULL, 1688 &flags); 1689 dev = rdev->ops->add_virtual_intf(&rdev->wiphy, 1690 nla_data(info->attrs[NL80211_ATTR_IFNAME]), 1691 type, err ? NULL : &flags, ¶ms); 1692 if (IS_ERR(dev)) 1693 return PTR_ERR(dev); 1694 1695 if (type == NL80211_IFTYPE_MESH_POINT && 1696 info->attrs[NL80211_ATTR_MESH_ID]) { 1697 struct wireless_dev *wdev = dev->ieee80211_ptr; 1698 1699 wdev_lock(wdev); 1700 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN != 1701 IEEE80211_MAX_MESH_ID_LEN); 1702 wdev->mesh_id_up_len = 1703 nla_len(info->attrs[NL80211_ATTR_MESH_ID]); 1704 memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]), 1705 wdev->mesh_id_up_len); 1706 wdev_unlock(wdev); 1707 } 1708 1709 return 0; 1710 } 1711 1712 static int nl80211_del_interface(struct sk_buff *skb, struct genl_info *info) 1713 { 1714 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1715 struct net_device *dev = info->user_ptr[1]; 1716 1717 if (!rdev->ops->del_virtual_intf) 1718 return -EOPNOTSUPP; 1719 1720 return rdev->ops->del_virtual_intf(&rdev->wiphy, dev); 1721 } 1722 1723 struct get_key_cookie { 1724 struct sk_buff *msg; 1725 int error; 1726 int idx; 1727 }; 1728 1729 static void get_key_callback(void *c, struct key_params *params) 1730 { 1731 struct nlattr *key; 1732 struct get_key_cookie *cookie = c; 1733 1734 if (params->key) 1735 NLA_PUT(cookie->msg, NL80211_ATTR_KEY_DATA, 1736 params->key_len, params->key); 1737 1738 if (params->seq) 1739 NLA_PUT(cookie->msg, NL80211_ATTR_KEY_SEQ, 1740 params->seq_len, params->seq); 1741 1742 if (params->cipher) 1743 NLA_PUT_U32(cookie->msg, NL80211_ATTR_KEY_CIPHER, 1744 params->cipher); 1745 1746 key = nla_nest_start(cookie->msg, NL80211_ATTR_KEY); 1747 if (!key) 1748 goto nla_put_failure; 1749 1750 if (params->key) 1751 NLA_PUT(cookie->msg, NL80211_KEY_DATA, 1752 params->key_len, params->key); 1753 1754 if (params->seq) 1755 NLA_PUT(cookie->msg, NL80211_KEY_SEQ, 1756 params->seq_len, params->seq); 1757 1758 if (params->cipher) 1759 NLA_PUT_U32(cookie->msg, NL80211_KEY_CIPHER, 1760 params->cipher); 1761 1762 NLA_PUT_U8(cookie->msg, NL80211_ATTR_KEY_IDX, cookie->idx); 1763 1764 nla_nest_end(cookie->msg, key); 1765 1766 return; 1767 nla_put_failure: 1768 cookie->error = 1; 1769 } 1770 1771 static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info) 1772 { 1773 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1774 int err; 1775 struct net_device *dev = info->user_ptr[1]; 1776 u8 key_idx = 0; 1777 const u8 *mac_addr = NULL; 1778 bool pairwise; 1779 struct get_key_cookie cookie = { 1780 .error = 0, 1781 }; 1782 void *hdr; 1783 struct sk_buff *msg; 1784 1785 if (info->attrs[NL80211_ATTR_KEY_IDX]) 1786 key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]); 1787 1788 if (key_idx > 5) 1789 return -EINVAL; 1790 1791 if (info->attrs[NL80211_ATTR_MAC]) 1792 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1793 1794 pairwise = !!mac_addr; 1795 if (info->attrs[NL80211_ATTR_KEY_TYPE]) { 1796 u32 kt = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]); 1797 if (kt >= NUM_NL80211_KEYTYPES) 1798 return -EINVAL; 1799 if (kt != NL80211_KEYTYPE_GROUP && 1800 kt != NL80211_KEYTYPE_PAIRWISE) 1801 return -EINVAL; 1802 pairwise = kt == NL80211_KEYTYPE_PAIRWISE; 1803 } 1804 1805 if (!rdev->ops->get_key) 1806 return -EOPNOTSUPP; 1807 1808 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 1809 if (!msg) 1810 return -ENOMEM; 1811 1812 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 1813 NL80211_CMD_NEW_KEY); 1814 if (IS_ERR(hdr)) 1815 return PTR_ERR(hdr); 1816 1817 cookie.msg = msg; 1818 cookie.idx = key_idx; 1819 1820 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 1821 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx); 1822 if (mac_addr) 1823 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr); 1824 1825 if (pairwise && mac_addr && 1826 !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN)) 1827 return -ENOENT; 1828 1829 err = rdev->ops->get_key(&rdev->wiphy, dev, key_idx, pairwise, 1830 mac_addr, &cookie, get_key_callback); 1831 1832 if (err) 1833 goto free_msg; 1834 1835 if (cookie.error) 1836 goto nla_put_failure; 1837 1838 genlmsg_end(msg, hdr); 1839 return genlmsg_reply(msg, info); 1840 1841 nla_put_failure: 1842 err = -ENOBUFS; 1843 free_msg: 1844 nlmsg_free(msg); 1845 return err; 1846 } 1847 1848 static int nl80211_set_key(struct sk_buff *skb, struct genl_info *info) 1849 { 1850 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1851 struct key_parse key; 1852 int err; 1853 struct net_device *dev = info->user_ptr[1]; 1854 1855 err = nl80211_parse_key(info, &key); 1856 if (err) 1857 return err; 1858 1859 if (key.idx < 0) 1860 return -EINVAL; 1861 1862 /* only support setting default key */ 1863 if (!key.def && !key.defmgmt) 1864 return -EINVAL; 1865 1866 wdev_lock(dev->ieee80211_ptr); 1867 1868 if (key.def) { 1869 if (!rdev->ops->set_default_key) { 1870 err = -EOPNOTSUPP; 1871 goto out; 1872 } 1873 1874 err = nl80211_key_allowed(dev->ieee80211_ptr); 1875 if (err) 1876 goto out; 1877 1878 err = rdev->ops->set_default_key(&rdev->wiphy, dev, key.idx, 1879 key.def_uni, key.def_multi); 1880 1881 if (err) 1882 goto out; 1883 1884 #ifdef CONFIG_CFG80211_WEXT 1885 dev->ieee80211_ptr->wext.default_key = key.idx; 1886 #endif 1887 } else { 1888 if (key.def_uni || !key.def_multi) { 1889 err = -EINVAL; 1890 goto out; 1891 } 1892 1893 if (!rdev->ops->set_default_mgmt_key) { 1894 err = -EOPNOTSUPP; 1895 goto out; 1896 } 1897 1898 err = nl80211_key_allowed(dev->ieee80211_ptr); 1899 if (err) 1900 goto out; 1901 1902 err = rdev->ops->set_default_mgmt_key(&rdev->wiphy, 1903 dev, key.idx); 1904 if (err) 1905 goto out; 1906 1907 #ifdef CONFIG_CFG80211_WEXT 1908 dev->ieee80211_ptr->wext.default_mgmt_key = key.idx; 1909 #endif 1910 } 1911 1912 out: 1913 wdev_unlock(dev->ieee80211_ptr); 1914 1915 return err; 1916 } 1917 1918 static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info) 1919 { 1920 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1921 int err; 1922 struct net_device *dev = info->user_ptr[1]; 1923 struct key_parse key; 1924 const u8 *mac_addr = NULL; 1925 1926 err = nl80211_parse_key(info, &key); 1927 if (err) 1928 return err; 1929 1930 if (!key.p.key) 1931 return -EINVAL; 1932 1933 if (info->attrs[NL80211_ATTR_MAC]) 1934 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1935 1936 if (key.type == -1) { 1937 if (mac_addr) 1938 key.type = NL80211_KEYTYPE_PAIRWISE; 1939 else 1940 key.type = NL80211_KEYTYPE_GROUP; 1941 } 1942 1943 /* for now */ 1944 if (key.type != NL80211_KEYTYPE_PAIRWISE && 1945 key.type != NL80211_KEYTYPE_GROUP) 1946 return -EINVAL; 1947 1948 if (!rdev->ops->add_key) 1949 return -EOPNOTSUPP; 1950 1951 if (cfg80211_validate_key_settings(rdev, &key.p, key.idx, 1952 key.type == NL80211_KEYTYPE_PAIRWISE, 1953 mac_addr)) 1954 return -EINVAL; 1955 1956 wdev_lock(dev->ieee80211_ptr); 1957 err = nl80211_key_allowed(dev->ieee80211_ptr); 1958 if (!err) 1959 err = rdev->ops->add_key(&rdev->wiphy, dev, key.idx, 1960 key.type == NL80211_KEYTYPE_PAIRWISE, 1961 mac_addr, &key.p); 1962 wdev_unlock(dev->ieee80211_ptr); 1963 1964 return err; 1965 } 1966 1967 static int nl80211_del_key(struct sk_buff *skb, struct genl_info *info) 1968 { 1969 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 1970 int err; 1971 struct net_device *dev = info->user_ptr[1]; 1972 u8 *mac_addr = NULL; 1973 struct key_parse key; 1974 1975 err = nl80211_parse_key(info, &key); 1976 if (err) 1977 return err; 1978 1979 if (info->attrs[NL80211_ATTR_MAC]) 1980 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 1981 1982 if (key.type == -1) { 1983 if (mac_addr) 1984 key.type = NL80211_KEYTYPE_PAIRWISE; 1985 else 1986 key.type = NL80211_KEYTYPE_GROUP; 1987 } 1988 1989 /* for now */ 1990 if (key.type != NL80211_KEYTYPE_PAIRWISE && 1991 key.type != NL80211_KEYTYPE_GROUP) 1992 return -EINVAL; 1993 1994 if (!rdev->ops->del_key) 1995 return -EOPNOTSUPP; 1996 1997 wdev_lock(dev->ieee80211_ptr); 1998 err = nl80211_key_allowed(dev->ieee80211_ptr); 1999 2000 if (key.type == NL80211_KEYTYPE_PAIRWISE && mac_addr && 2001 !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN)) 2002 err = -ENOENT; 2003 2004 if (!err) 2005 err = rdev->ops->del_key(&rdev->wiphy, dev, key.idx, 2006 key.type == NL80211_KEYTYPE_PAIRWISE, 2007 mac_addr); 2008 2009 #ifdef CONFIG_CFG80211_WEXT 2010 if (!err) { 2011 if (key.idx == dev->ieee80211_ptr->wext.default_key) 2012 dev->ieee80211_ptr->wext.default_key = -1; 2013 else if (key.idx == dev->ieee80211_ptr->wext.default_mgmt_key) 2014 dev->ieee80211_ptr->wext.default_mgmt_key = -1; 2015 } 2016 #endif 2017 wdev_unlock(dev->ieee80211_ptr); 2018 2019 return err; 2020 } 2021 2022 static int nl80211_addset_beacon(struct sk_buff *skb, struct genl_info *info) 2023 { 2024 int (*call)(struct wiphy *wiphy, struct net_device *dev, 2025 struct beacon_parameters *info); 2026 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2027 struct net_device *dev = info->user_ptr[1]; 2028 struct wireless_dev *wdev = dev->ieee80211_ptr; 2029 struct beacon_parameters params; 2030 int haveinfo = 0, err; 2031 2032 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_BEACON_TAIL]) || 2033 !is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]) || 2034 !is_valid_ie_attr(info->attrs[NL80211_ATTR_IE_PROBE_RESP]) || 2035 !is_valid_ie_attr(info->attrs[NL80211_ATTR_IE_ASSOC_RESP])) 2036 return -EINVAL; 2037 2038 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2039 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 2040 return -EOPNOTSUPP; 2041 2042 memset(¶ms, 0, sizeof(params)); 2043 2044 switch (info->genlhdr->cmd) { 2045 case NL80211_CMD_NEW_BEACON: 2046 /* these are required for NEW_BEACON */ 2047 if (!info->attrs[NL80211_ATTR_BEACON_INTERVAL] || 2048 !info->attrs[NL80211_ATTR_DTIM_PERIOD] || 2049 !info->attrs[NL80211_ATTR_BEACON_HEAD]) 2050 return -EINVAL; 2051 2052 params.interval = 2053 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]); 2054 params.dtim_period = 2055 nla_get_u32(info->attrs[NL80211_ATTR_DTIM_PERIOD]); 2056 2057 err = cfg80211_validate_beacon_int(rdev, params.interval); 2058 if (err) 2059 return err; 2060 2061 /* 2062 * In theory, some of these attributes could be required for 2063 * NEW_BEACON, but since they were not used when the command was 2064 * originally added, keep them optional for old user space 2065 * programs to work with drivers that do not need the additional 2066 * information. 2067 */ 2068 if (info->attrs[NL80211_ATTR_SSID]) { 2069 params.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 2070 params.ssid_len = 2071 nla_len(info->attrs[NL80211_ATTR_SSID]); 2072 if (params.ssid_len == 0 || 2073 params.ssid_len > IEEE80211_MAX_SSID_LEN) 2074 return -EINVAL; 2075 } 2076 2077 if (info->attrs[NL80211_ATTR_HIDDEN_SSID]) { 2078 params.hidden_ssid = nla_get_u32( 2079 info->attrs[NL80211_ATTR_HIDDEN_SSID]); 2080 if (params.hidden_ssid != 2081 NL80211_HIDDEN_SSID_NOT_IN_USE && 2082 params.hidden_ssid != 2083 NL80211_HIDDEN_SSID_ZERO_LEN && 2084 params.hidden_ssid != 2085 NL80211_HIDDEN_SSID_ZERO_CONTENTS) 2086 return -EINVAL; 2087 } 2088 2089 params.privacy = !!info->attrs[NL80211_ATTR_PRIVACY]; 2090 2091 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) { 2092 params.auth_type = nla_get_u32( 2093 info->attrs[NL80211_ATTR_AUTH_TYPE]); 2094 if (!nl80211_valid_auth_type(params.auth_type)) 2095 return -EINVAL; 2096 } else 2097 params.auth_type = NL80211_AUTHTYPE_AUTOMATIC; 2098 2099 err = nl80211_crypto_settings(rdev, info, ¶ms.crypto, 2100 NL80211_MAX_NR_CIPHER_SUITES); 2101 if (err) 2102 return err; 2103 2104 call = rdev->ops->add_beacon; 2105 break; 2106 case NL80211_CMD_SET_BEACON: 2107 call = rdev->ops->set_beacon; 2108 break; 2109 default: 2110 WARN_ON(1); 2111 return -EOPNOTSUPP; 2112 } 2113 2114 if (!call) 2115 return -EOPNOTSUPP; 2116 2117 if (info->attrs[NL80211_ATTR_BEACON_HEAD]) { 2118 params.head = nla_data(info->attrs[NL80211_ATTR_BEACON_HEAD]); 2119 params.head_len = 2120 nla_len(info->attrs[NL80211_ATTR_BEACON_HEAD]); 2121 haveinfo = 1; 2122 } 2123 2124 if (info->attrs[NL80211_ATTR_BEACON_TAIL]) { 2125 params.tail = nla_data(info->attrs[NL80211_ATTR_BEACON_TAIL]); 2126 params.tail_len = 2127 nla_len(info->attrs[NL80211_ATTR_BEACON_TAIL]); 2128 haveinfo = 1; 2129 } 2130 2131 if (!haveinfo) 2132 return -EINVAL; 2133 2134 if (info->attrs[NL80211_ATTR_IE]) { 2135 params.beacon_ies = nla_data(info->attrs[NL80211_ATTR_IE]); 2136 params.beacon_ies_len = nla_len(info->attrs[NL80211_ATTR_IE]); 2137 } 2138 2139 if (info->attrs[NL80211_ATTR_IE_PROBE_RESP]) { 2140 params.proberesp_ies = 2141 nla_data(info->attrs[NL80211_ATTR_IE_PROBE_RESP]); 2142 params.proberesp_ies_len = 2143 nla_len(info->attrs[NL80211_ATTR_IE_PROBE_RESP]); 2144 } 2145 2146 if (info->attrs[NL80211_ATTR_IE_ASSOC_RESP]) { 2147 params.assocresp_ies = 2148 nla_data(info->attrs[NL80211_ATTR_IE_ASSOC_RESP]); 2149 params.assocresp_ies_len = 2150 nla_len(info->attrs[NL80211_ATTR_IE_ASSOC_RESP]); 2151 } 2152 2153 err = call(&rdev->wiphy, dev, ¶ms); 2154 if (!err && params.interval) 2155 wdev->beacon_interval = params.interval; 2156 return err; 2157 } 2158 2159 static int nl80211_del_beacon(struct sk_buff *skb, struct genl_info *info) 2160 { 2161 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2162 struct net_device *dev = info->user_ptr[1]; 2163 struct wireless_dev *wdev = dev->ieee80211_ptr; 2164 int err; 2165 2166 if (!rdev->ops->del_beacon) 2167 return -EOPNOTSUPP; 2168 2169 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2170 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 2171 return -EOPNOTSUPP; 2172 2173 err = rdev->ops->del_beacon(&rdev->wiphy, dev); 2174 if (!err) 2175 wdev->beacon_interval = 0; 2176 return err; 2177 } 2178 2179 static const struct nla_policy sta_flags_policy[NL80211_STA_FLAG_MAX + 1] = { 2180 [NL80211_STA_FLAG_AUTHORIZED] = { .type = NLA_FLAG }, 2181 [NL80211_STA_FLAG_SHORT_PREAMBLE] = { .type = NLA_FLAG }, 2182 [NL80211_STA_FLAG_WME] = { .type = NLA_FLAG }, 2183 [NL80211_STA_FLAG_MFP] = { .type = NLA_FLAG }, 2184 [NL80211_STA_FLAG_AUTHENTICATED] = { .type = NLA_FLAG }, 2185 }; 2186 2187 static int parse_station_flags(struct genl_info *info, 2188 struct station_parameters *params) 2189 { 2190 struct nlattr *flags[NL80211_STA_FLAG_MAX + 1]; 2191 struct nlattr *nla; 2192 int flag; 2193 2194 /* 2195 * Try parsing the new attribute first so userspace 2196 * can specify both for older kernels. 2197 */ 2198 nla = info->attrs[NL80211_ATTR_STA_FLAGS2]; 2199 if (nla) { 2200 struct nl80211_sta_flag_update *sta_flags; 2201 2202 sta_flags = nla_data(nla); 2203 params->sta_flags_mask = sta_flags->mask; 2204 params->sta_flags_set = sta_flags->set; 2205 if ((params->sta_flags_mask | 2206 params->sta_flags_set) & BIT(__NL80211_STA_FLAG_INVALID)) 2207 return -EINVAL; 2208 return 0; 2209 } 2210 2211 /* if present, parse the old attribute */ 2212 2213 nla = info->attrs[NL80211_ATTR_STA_FLAGS]; 2214 if (!nla) 2215 return 0; 2216 2217 if (nla_parse_nested(flags, NL80211_STA_FLAG_MAX, 2218 nla, sta_flags_policy)) 2219 return -EINVAL; 2220 2221 params->sta_flags_mask = (1 << __NL80211_STA_FLAG_AFTER_LAST) - 1; 2222 params->sta_flags_mask &= ~1; 2223 2224 for (flag = 1; flag <= NL80211_STA_FLAG_MAX; flag++) 2225 if (flags[flag]) 2226 params->sta_flags_set |= (1<<flag); 2227 2228 return 0; 2229 } 2230 2231 static bool nl80211_put_sta_rate(struct sk_buff *msg, struct rate_info *info, 2232 int attr) 2233 { 2234 struct nlattr *rate; 2235 u16 bitrate; 2236 2237 rate = nla_nest_start(msg, attr); 2238 if (!rate) 2239 goto nla_put_failure; 2240 2241 /* cfg80211_calculate_bitrate will return 0 for mcs >= 32 */ 2242 bitrate = cfg80211_calculate_bitrate(info); 2243 if (bitrate > 0) 2244 NLA_PUT_U16(msg, NL80211_RATE_INFO_BITRATE, bitrate); 2245 2246 if (info->flags & RATE_INFO_FLAGS_MCS) 2247 NLA_PUT_U8(msg, NL80211_RATE_INFO_MCS, info->mcs); 2248 if (info->flags & RATE_INFO_FLAGS_40_MHZ_WIDTH) 2249 NLA_PUT_FLAG(msg, NL80211_RATE_INFO_40_MHZ_WIDTH); 2250 if (info->flags & RATE_INFO_FLAGS_SHORT_GI) 2251 NLA_PUT_FLAG(msg, NL80211_RATE_INFO_SHORT_GI); 2252 2253 nla_nest_end(msg, rate); 2254 return true; 2255 2256 nla_put_failure: 2257 return false; 2258 } 2259 2260 static int nl80211_send_station(struct sk_buff *msg, u32 pid, u32 seq, 2261 int flags, struct net_device *dev, 2262 const u8 *mac_addr, struct station_info *sinfo) 2263 { 2264 void *hdr; 2265 struct nlattr *sinfoattr, *bss_param; 2266 2267 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION); 2268 if (!hdr) 2269 return -1; 2270 2271 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 2272 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr); 2273 2274 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, sinfo->generation); 2275 2276 sinfoattr = nla_nest_start(msg, NL80211_ATTR_STA_INFO); 2277 if (!sinfoattr) 2278 goto nla_put_failure; 2279 if (sinfo->filled & STATION_INFO_CONNECTED_TIME) 2280 NLA_PUT_U32(msg, NL80211_STA_INFO_CONNECTED_TIME, 2281 sinfo->connected_time); 2282 if (sinfo->filled & STATION_INFO_INACTIVE_TIME) 2283 NLA_PUT_U32(msg, NL80211_STA_INFO_INACTIVE_TIME, 2284 sinfo->inactive_time); 2285 if (sinfo->filled & STATION_INFO_RX_BYTES) 2286 NLA_PUT_U32(msg, NL80211_STA_INFO_RX_BYTES, 2287 sinfo->rx_bytes); 2288 if (sinfo->filled & STATION_INFO_TX_BYTES) 2289 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_BYTES, 2290 sinfo->tx_bytes); 2291 if (sinfo->filled & STATION_INFO_LLID) 2292 NLA_PUT_U16(msg, NL80211_STA_INFO_LLID, 2293 sinfo->llid); 2294 if (sinfo->filled & STATION_INFO_PLID) 2295 NLA_PUT_U16(msg, NL80211_STA_INFO_PLID, 2296 sinfo->plid); 2297 if (sinfo->filled & STATION_INFO_PLINK_STATE) 2298 NLA_PUT_U8(msg, NL80211_STA_INFO_PLINK_STATE, 2299 sinfo->plink_state); 2300 if (sinfo->filled & STATION_INFO_SIGNAL) 2301 NLA_PUT_U8(msg, NL80211_STA_INFO_SIGNAL, 2302 sinfo->signal); 2303 if (sinfo->filled & STATION_INFO_SIGNAL_AVG) 2304 NLA_PUT_U8(msg, NL80211_STA_INFO_SIGNAL_AVG, 2305 sinfo->signal_avg); 2306 if (sinfo->filled & STATION_INFO_TX_BITRATE) { 2307 if (!nl80211_put_sta_rate(msg, &sinfo->txrate, 2308 NL80211_STA_INFO_TX_BITRATE)) 2309 goto nla_put_failure; 2310 } 2311 if (sinfo->filled & STATION_INFO_RX_BITRATE) { 2312 if (!nl80211_put_sta_rate(msg, &sinfo->rxrate, 2313 NL80211_STA_INFO_RX_BITRATE)) 2314 goto nla_put_failure; 2315 } 2316 if (sinfo->filled & STATION_INFO_RX_PACKETS) 2317 NLA_PUT_U32(msg, NL80211_STA_INFO_RX_PACKETS, 2318 sinfo->rx_packets); 2319 if (sinfo->filled & STATION_INFO_TX_PACKETS) 2320 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_PACKETS, 2321 sinfo->tx_packets); 2322 if (sinfo->filled & STATION_INFO_TX_RETRIES) 2323 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_RETRIES, 2324 sinfo->tx_retries); 2325 if (sinfo->filled & STATION_INFO_TX_FAILED) 2326 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_FAILED, 2327 sinfo->tx_failed); 2328 if (sinfo->filled & STATION_INFO_BSS_PARAM) { 2329 bss_param = nla_nest_start(msg, NL80211_STA_INFO_BSS_PARAM); 2330 if (!bss_param) 2331 goto nla_put_failure; 2332 2333 if (sinfo->bss_param.flags & BSS_PARAM_FLAGS_CTS_PROT) 2334 NLA_PUT_FLAG(msg, NL80211_STA_BSS_PARAM_CTS_PROT); 2335 if (sinfo->bss_param.flags & BSS_PARAM_FLAGS_SHORT_PREAMBLE) 2336 NLA_PUT_FLAG(msg, NL80211_STA_BSS_PARAM_SHORT_PREAMBLE); 2337 if (sinfo->bss_param.flags & BSS_PARAM_FLAGS_SHORT_SLOT_TIME) 2338 NLA_PUT_FLAG(msg, 2339 NL80211_STA_BSS_PARAM_SHORT_SLOT_TIME); 2340 NLA_PUT_U8(msg, NL80211_STA_BSS_PARAM_DTIM_PERIOD, 2341 sinfo->bss_param.dtim_period); 2342 NLA_PUT_U16(msg, NL80211_STA_BSS_PARAM_BEACON_INTERVAL, 2343 sinfo->bss_param.beacon_interval); 2344 2345 nla_nest_end(msg, bss_param); 2346 } 2347 if (sinfo->filled & STATION_INFO_STA_FLAGS) 2348 NLA_PUT(msg, NL80211_STA_INFO_STA_FLAGS, 2349 sizeof(struct nl80211_sta_flag_update), 2350 &sinfo->sta_flags); 2351 nla_nest_end(msg, sinfoattr); 2352 2353 if (sinfo->filled & STATION_INFO_ASSOC_REQ_IES) 2354 NLA_PUT(msg, NL80211_ATTR_IE, sinfo->assoc_req_ies_len, 2355 sinfo->assoc_req_ies); 2356 2357 return genlmsg_end(msg, hdr); 2358 2359 nla_put_failure: 2360 genlmsg_cancel(msg, hdr); 2361 return -EMSGSIZE; 2362 } 2363 2364 static int nl80211_dump_station(struct sk_buff *skb, 2365 struct netlink_callback *cb) 2366 { 2367 struct station_info sinfo; 2368 struct cfg80211_registered_device *dev; 2369 struct net_device *netdev; 2370 u8 mac_addr[ETH_ALEN]; 2371 int sta_idx = cb->args[1]; 2372 int err; 2373 2374 err = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev); 2375 if (err) 2376 return err; 2377 2378 if (!dev->ops->dump_station) { 2379 err = -EOPNOTSUPP; 2380 goto out_err; 2381 } 2382 2383 while (1) { 2384 memset(&sinfo, 0, sizeof(sinfo)); 2385 err = dev->ops->dump_station(&dev->wiphy, netdev, sta_idx, 2386 mac_addr, &sinfo); 2387 if (err == -ENOENT) 2388 break; 2389 if (err) 2390 goto out_err; 2391 2392 if (nl80211_send_station(skb, 2393 NETLINK_CB(cb->skb).pid, 2394 cb->nlh->nlmsg_seq, NLM_F_MULTI, 2395 netdev, mac_addr, 2396 &sinfo) < 0) 2397 goto out; 2398 2399 sta_idx++; 2400 } 2401 2402 2403 out: 2404 cb->args[1] = sta_idx; 2405 err = skb->len; 2406 out_err: 2407 nl80211_finish_netdev_dump(dev); 2408 2409 return err; 2410 } 2411 2412 static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info) 2413 { 2414 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2415 struct net_device *dev = info->user_ptr[1]; 2416 struct station_info sinfo; 2417 struct sk_buff *msg; 2418 u8 *mac_addr = NULL; 2419 int err; 2420 2421 memset(&sinfo, 0, sizeof(sinfo)); 2422 2423 if (!info->attrs[NL80211_ATTR_MAC]) 2424 return -EINVAL; 2425 2426 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2427 2428 if (!rdev->ops->get_station) 2429 return -EOPNOTSUPP; 2430 2431 err = rdev->ops->get_station(&rdev->wiphy, dev, mac_addr, &sinfo); 2432 if (err) 2433 return err; 2434 2435 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 2436 if (!msg) 2437 return -ENOMEM; 2438 2439 if (nl80211_send_station(msg, info->snd_pid, info->snd_seq, 0, 2440 dev, mac_addr, &sinfo) < 0) { 2441 nlmsg_free(msg); 2442 return -ENOBUFS; 2443 } 2444 2445 return genlmsg_reply(msg, info); 2446 } 2447 2448 /* 2449 * Get vlan interface making sure it is running and on the right wiphy. 2450 */ 2451 static int get_vlan(struct genl_info *info, 2452 struct cfg80211_registered_device *rdev, 2453 struct net_device **vlan) 2454 { 2455 struct nlattr *vlanattr = info->attrs[NL80211_ATTR_STA_VLAN]; 2456 *vlan = NULL; 2457 2458 if (vlanattr) { 2459 *vlan = dev_get_by_index(genl_info_net(info), 2460 nla_get_u32(vlanattr)); 2461 if (!*vlan) 2462 return -ENODEV; 2463 if (!(*vlan)->ieee80211_ptr) 2464 return -EINVAL; 2465 if ((*vlan)->ieee80211_ptr->wiphy != &rdev->wiphy) 2466 return -EINVAL; 2467 if (!netif_running(*vlan)) 2468 return -ENETDOWN; 2469 } 2470 return 0; 2471 } 2472 2473 static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info) 2474 { 2475 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2476 int err; 2477 struct net_device *dev = info->user_ptr[1]; 2478 struct station_parameters params; 2479 u8 *mac_addr = NULL; 2480 2481 memset(¶ms, 0, sizeof(params)); 2482 2483 params.listen_interval = -1; 2484 params.plink_state = -1; 2485 2486 if (info->attrs[NL80211_ATTR_STA_AID]) 2487 return -EINVAL; 2488 2489 if (!info->attrs[NL80211_ATTR_MAC]) 2490 return -EINVAL; 2491 2492 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2493 2494 if (info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) { 2495 params.supported_rates = 2496 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2497 params.supported_rates_len = 2498 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2499 } 2500 2501 if (info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]) 2502 params.listen_interval = 2503 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]); 2504 2505 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) 2506 params.ht_capa = 2507 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]); 2508 2509 if (parse_station_flags(info, ¶ms)) 2510 return -EINVAL; 2511 2512 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION]) 2513 params.plink_action = 2514 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]); 2515 2516 if (info->attrs[NL80211_ATTR_STA_PLINK_STATE]) 2517 params.plink_state = 2518 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_STATE]); 2519 2520 err = get_vlan(info, rdev, ¶ms.vlan); 2521 if (err) 2522 goto out; 2523 2524 /* validate settings */ 2525 err = 0; 2526 2527 switch (dev->ieee80211_ptr->iftype) { 2528 case NL80211_IFTYPE_AP: 2529 case NL80211_IFTYPE_AP_VLAN: 2530 case NL80211_IFTYPE_P2P_GO: 2531 /* disallow mesh-specific things */ 2532 if (params.plink_action) 2533 err = -EINVAL; 2534 break; 2535 case NL80211_IFTYPE_P2P_CLIENT: 2536 case NL80211_IFTYPE_STATION: 2537 /* disallow things sta doesn't support */ 2538 if (params.plink_action) 2539 err = -EINVAL; 2540 if (params.vlan) 2541 err = -EINVAL; 2542 if (params.supported_rates && 2543 !(params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER))) 2544 err = -EINVAL; 2545 if (params.ht_capa) 2546 err = -EINVAL; 2547 if (params.listen_interval >= 0) 2548 err = -EINVAL; 2549 if (params.sta_flags_mask & 2550 ~(BIT(NL80211_STA_FLAG_AUTHORIZED) | 2551 BIT(NL80211_STA_FLAG_TDLS_PEER))) 2552 err = -EINVAL; 2553 /* can't change the TDLS bit */ 2554 if (!(params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) && 2555 (params.sta_flags_mask & BIT(NL80211_STA_FLAG_TDLS_PEER))) 2556 err = -EINVAL; 2557 break; 2558 case NL80211_IFTYPE_MESH_POINT: 2559 /* disallow things mesh doesn't support */ 2560 if (params.vlan) 2561 err = -EINVAL; 2562 if (params.ht_capa) 2563 err = -EINVAL; 2564 if (params.listen_interval >= 0) 2565 err = -EINVAL; 2566 if (params.sta_flags_mask & 2567 ~(BIT(NL80211_STA_FLAG_AUTHENTICATED) | 2568 BIT(NL80211_STA_FLAG_MFP) | 2569 BIT(NL80211_STA_FLAG_AUTHORIZED))) 2570 err = -EINVAL; 2571 break; 2572 default: 2573 err = -EINVAL; 2574 } 2575 2576 if (err) 2577 goto out; 2578 2579 if (!rdev->ops->change_station) { 2580 err = -EOPNOTSUPP; 2581 goto out; 2582 } 2583 2584 err = rdev->ops->change_station(&rdev->wiphy, dev, mac_addr, ¶ms); 2585 2586 out: 2587 if (params.vlan) 2588 dev_put(params.vlan); 2589 2590 return err; 2591 } 2592 2593 static struct nla_policy 2594 nl80211_sta_wme_policy[NL80211_STA_WME_MAX + 1] __read_mostly = { 2595 [NL80211_STA_WME_UAPSD_QUEUES] = { .type = NLA_U8 }, 2596 [NL80211_STA_WME_MAX_SP] = { .type = NLA_U8 }, 2597 }; 2598 2599 static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info) 2600 { 2601 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2602 int err; 2603 struct net_device *dev = info->user_ptr[1]; 2604 struct station_parameters params; 2605 u8 *mac_addr = NULL; 2606 2607 memset(¶ms, 0, sizeof(params)); 2608 2609 if (!info->attrs[NL80211_ATTR_MAC]) 2610 return -EINVAL; 2611 2612 if (!info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]) 2613 return -EINVAL; 2614 2615 if (!info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) 2616 return -EINVAL; 2617 2618 if (!info->attrs[NL80211_ATTR_STA_AID]) 2619 return -EINVAL; 2620 2621 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2622 params.supported_rates = 2623 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2624 params.supported_rates_len = 2625 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); 2626 params.listen_interval = 2627 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]); 2628 2629 params.aid = nla_get_u16(info->attrs[NL80211_ATTR_STA_AID]); 2630 if (!params.aid || params.aid > IEEE80211_MAX_AID) 2631 return -EINVAL; 2632 2633 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) 2634 params.ht_capa = 2635 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]); 2636 2637 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION]) 2638 params.plink_action = 2639 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]); 2640 2641 if (parse_station_flags(info, ¶ms)) 2642 return -EINVAL; 2643 2644 /* parse WME attributes if sta is WME capable */ 2645 if ((rdev->wiphy.flags & WIPHY_FLAG_AP_UAPSD) && 2646 (params.sta_flags_set & BIT(NL80211_STA_FLAG_WME)) && 2647 info->attrs[NL80211_ATTR_STA_WME]) { 2648 struct nlattr *tb[NL80211_STA_WME_MAX + 1]; 2649 struct nlattr *nla; 2650 2651 nla = info->attrs[NL80211_ATTR_STA_WME]; 2652 err = nla_parse_nested(tb, NL80211_STA_WME_MAX, nla, 2653 nl80211_sta_wme_policy); 2654 if (err) 2655 return err; 2656 2657 if (tb[NL80211_STA_WME_UAPSD_QUEUES]) 2658 params.uapsd_queues = 2659 nla_get_u8(tb[NL80211_STA_WME_UAPSD_QUEUES]); 2660 if (params.uapsd_queues & ~IEEE80211_WMM_IE_STA_QOSINFO_AC_MASK) 2661 return -EINVAL; 2662 2663 if (tb[NL80211_STA_WME_MAX_SP]) 2664 params.max_sp = 2665 nla_get_u8(tb[NL80211_STA_WME_MAX_SP]); 2666 2667 if (params.max_sp & ~IEEE80211_WMM_IE_STA_QOSINFO_SP_MASK) 2668 return -EINVAL; 2669 2670 params.sta_modify_mask |= STATION_PARAM_APPLY_UAPSD; 2671 } 2672 2673 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2674 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 2675 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT && 2676 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO && 2677 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION) 2678 return -EINVAL; 2679 2680 /* 2681 * Only managed stations can add TDLS peers, and only when the 2682 * wiphy supports external TDLS setup. 2683 */ 2684 if (dev->ieee80211_ptr->iftype == NL80211_IFTYPE_STATION && 2685 !((params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) && 2686 (rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) && 2687 (rdev->wiphy.flags & WIPHY_FLAG_TDLS_EXTERNAL_SETUP))) 2688 return -EINVAL; 2689 2690 err = get_vlan(info, rdev, ¶ms.vlan); 2691 if (err) 2692 goto out; 2693 2694 /* validate settings */ 2695 err = 0; 2696 2697 if (!rdev->ops->add_station) { 2698 err = -EOPNOTSUPP; 2699 goto out; 2700 } 2701 2702 err = rdev->ops->add_station(&rdev->wiphy, dev, mac_addr, ¶ms); 2703 2704 out: 2705 if (params.vlan) 2706 dev_put(params.vlan); 2707 return err; 2708 } 2709 2710 static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info) 2711 { 2712 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2713 struct net_device *dev = info->user_ptr[1]; 2714 u8 *mac_addr = NULL; 2715 2716 if (info->attrs[NL80211_ATTR_MAC]) 2717 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); 2718 2719 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2720 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 2721 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT && 2722 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 2723 return -EINVAL; 2724 2725 if (!rdev->ops->del_station) 2726 return -EOPNOTSUPP; 2727 2728 return rdev->ops->del_station(&rdev->wiphy, dev, mac_addr); 2729 } 2730 2731 static int nl80211_send_mpath(struct sk_buff *msg, u32 pid, u32 seq, 2732 int flags, struct net_device *dev, 2733 u8 *dst, u8 *next_hop, 2734 struct mpath_info *pinfo) 2735 { 2736 void *hdr; 2737 struct nlattr *pinfoattr; 2738 2739 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION); 2740 if (!hdr) 2741 return -1; 2742 2743 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 2744 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, dst); 2745 NLA_PUT(msg, NL80211_ATTR_MPATH_NEXT_HOP, ETH_ALEN, next_hop); 2746 2747 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, pinfo->generation); 2748 2749 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MPATH_INFO); 2750 if (!pinfoattr) 2751 goto nla_put_failure; 2752 if (pinfo->filled & MPATH_INFO_FRAME_QLEN) 2753 NLA_PUT_U32(msg, NL80211_MPATH_INFO_FRAME_QLEN, 2754 pinfo->frame_qlen); 2755 if (pinfo->filled & MPATH_INFO_SN) 2756 NLA_PUT_U32(msg, NL80211_MPATH_INFO_SN, 2757 pinfo->sn); 2758 if (pinfo->filled & MPATH_INFO_METRIC) 2759 NLA_PUT_U32(msg, NL80211_MPATH_INFO_METRIC, 2760 pinfo->metric); 2761 if (pinfo->filled & MPATH_INFO_EXPTIME) 2762 NLA_PUT_U32(msg, NL80211_MPATH_INFO_EXPTIME, 2763 pinfo->exptime); 2764 if (pinfo->filled & MPATH_INFO_FLAGS) 2765 NLA_PUT_U8(msg, NL80211_MPATH_INFO_FLAGS, 2766 pinfo->flags); 2767 if (pinfo->filled & MPATH_INFO_DISCOVERY_TIMEOUT) 2768 NLA_PUT_U32(msg, NL80211_MPATH_INFO_DISCOVERY_TIMEOUT, 2769 pinfo->discovery_timeout); 2770 if (pinfo->filled & MPATH_INFO_DISCOVERY_RETRIES) 2771 NLA_PUT_U8(msg, NL80211_MPATH_INFO_DISCOVERY_RETRIES, 2772 pinfo->discovery_retries); 2773 2774 nla_nest_end(msg, pinfoattr); 2775 2776 return genlmsg_end(msg, hdr); 2777 2778 nla_put_failure: 2779 genlmsg_cancel(msg, hdr); 2780 return -EMSGSIZE; 2781 } 2782 2783 static int nl80211_dump_mpath(struct sk_buff *skb, 2784 struct netlink_callback *cb) 2785 { 2786 struct mpath_info pinfo; 2787 struct cfg80211_registered_device *dev; 2788 struct net_device *netdev; 2789 u8 dst[ETH_ALEN]; 2790 u8 next_hop[ETH_ALEN]; 2791 int path_idx = cb->args[1]; 2792 int err; 2793 2794 err = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev); 2795 if (err) 2796 return err; 2797 2798 if (!dev->ops->dump_mpath) { 2799 err = -EOPNOTSUPP; 2800 goto out_err; 2801 } 2802 2803 if (netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) { 2804 err = -EOPNOTSUPP; 2805 goto out_err; 2806 } 2807 2808 while (1) { 2809 err = dev->ops->dump_mpath(&dev->wiphy, netdev, path_idx, 2810 dst, next_hop, &pinfo); 2811 if (err == -ENOENT) 2812 break; 2813 if (err) 2814 goto out_err; 2815 2816 if (nl80211_send_mpath(skb, NETLINK_CB(cb->skb).pid, 2817 cb->nlh->nlmsg_seq, NLM_F_MULTI, 2818 netdev, dst, next_hop, 2819 &pinfo) < 0) 2820 goto out; 2821 2822 path_idx++; 2823 } 2824 2825 2826 out: 2827 cb->args[1] = path_idx; 2828 err = skb->len; 2829 out_err: 2830 nl80211_finish_netdev_dump(dev); 2831 return err; 2832 } 2833 2834 static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info) 2835 { 2836 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2837 int err; 2838 struct net_device *dev = info->user_ptr[1]; 2839 struct mpath_info pinfo; 2840 struct sk_buff *msg; 2841 u8 *dst = NULL; 2842 u8 next_hop[ETH_ALEN]; 2843 2844 memset(&pinfo, 0, sizeof(pinfo)); 2845 2846 if (!info->attrs[NL80211_ATTR_MAC]) 2847 return -EINVAL; 2848 2849 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 2850 2851 if (!rdev->ops->get_mpath) 2852 return -EOPNOTSUPP; 2853 2854 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) 2855 return -EOPNOTSUPP; 2856 2857 err = rdev->ops->get_mpath(&rdev->wiphy, dev, dst, next_hop, &pinfo); 2858 if (err) 2859 return err; 2860 2861 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 2862 if (!msg) 2863 return -ENOMEM; 2864 2865 if (nl80211_send_mpath(msg, info->snd_pid, info->snd_seq, 0, 2866 dev, dst, next_hop, &pinfo) < 0) { 2867 nlmsg_free(msg); 2868 return -ENOBUFS; 2869 } 2870 2871 return genlmsg_reply(msg, info); 2872 } 2873 2874 static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info) 2875 { 2876 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2877 struct net_device *dev = info->user_ptr[1]; 2878 u8 *dst = NULL; 2879 u8 *next_hop = NULL; 2880 2881 if (!info->attrs[NL80211_ATTR_MAC]) 2882 return -EINVAL; 2883 2884 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]) 2885 return -EINVAL; 2886 2887 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 2888 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]); 2889 2890 if (!rdev->ops->change_mpath) 2891 return -EOPNOTSUPP; 2892 2893 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) 2894 return -EOPNOTSUPP; 2895 2896 return rdev->ops->change_mpath(&rdev->wiphy, dev, dst, next_hop); 2897 } 2898 2899 static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info) 2900 { 2901 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2902 struct net_device *dev = info->user_ptr[1]; 2903 u8 *dst = NULL; 2904 u8 *next_hop = NULL; 2905 2906 if (!info->attrs[NL80211_ATTR_MAC]) 2907 return -EINVAL; 2908 2909 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]) 2910 return -EINVAL; 2911 2912 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 2913 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]); 2914 2915 if (!rdev->ops->add_mpath) 2916 return -EOPNOTSUPP; 2917 2918 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) 2919 return -EOPNOTSUPP; 2920 2921 return rdev->ops->add_mpath(&rdev->wiphy, dev, dst, next_hop); 2922 } 2923 2924 static int nl80211_del_mpath(struct sk_buff *skb, struct genl_info *info) 2925 { 2926 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2927 struct net_device *dev = info->user_ptr[1]; 2928 u8 *dst = NULL; 2929 2930 if (info->attrs[NL80211_ATTR_MAC]) 2931 dst = nla_data(info->attrs[NL80211_ATTR_MAC]); 2932 2933 if (!rdev->ops->del_mpath) 2934 return -EOPNOTSUPP; 2935 2936 return rdev->ops->del_mpath(&rdev->wiphy, dev, dst); 2937 } 2938 2939 static int nl80211_set_bss(struct sk_buff *skb, struct genl_info *info) 2940 { 2941 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 2942 struct net_device *dev = info->user_ptr[1]; 2943 struct bss_parameters params; 2944 2945 memset(¶ms, 0, sizeof(params)); 2946 /* default to not changing parameters */ 2947 params.use_cts_prot = -1; 2948 params.use_short_preamble = -1; 2949 params.use_short_slot_time = -1; 2950 params.ap_isolate = -1; 2951 params.ht_opmode = -1; 2952 2953 if (info->attrs[NL80211_ATTR_BSS_CTS_PROT]) 2954 params.use_cts_prot = 2955 nla_get_u8(info->attrs[NL80211_ATTR_BSS_CTS_PROT]); 2956 if (info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]) 2957 params.use_short_preamble = 2958 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]); 2959 if (info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]) 2960 params.use_short_slot_time = 2961 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]); 2962 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) { 2963 params.basic_rates = 2964 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 2965 params.basic_rates_len = 2966 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 2967 } 2968 if (info->attrs[NL80211_ATTR_AP_ISOLATE]) 2969 params.ap_isolate = !!nla_get_u8(info->attrs[NL80211_ATTR_AP_ISOLATE]); 2970 if (info->attrs[NL80211_ATTR_BSS_HT_OPMODE]) 2971 params.ht_opmode = 2972 nla_get_u16(info->attrs[NL80211_ATTR_BSS_HT_OPMODE]); 2973 2974 if (!rdev->ops->change_bss) 2975 return -EOPNOTSUPP; 2976 2977 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 2978 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 2979 return -EOPNOTSUPP; 2980 2981 return rdev->ops->change_bss(&rdev->wiphy, dev, ¶ms); 2982 } 2983 2984 static const struct nla_policy reg_rule_policy[NL80211_REG_RULE_ATTR_MAX + 1] = { 2985 [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 }, 2986 [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 }, 2987 [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 }, 2988 [NL80211_ATTR_FREQ_RANGE_MAX_BW] = { .type = NLA_U32 }, 2989 [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 }, 2990 [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 }, 2991 }; 2992 2993 static int parse_reg_rule(struct nlattr *tb[], 2994 struct ieee80211_reg_rule *reg_rule) 2995 { 2996 struct ieee80211_freq_range *freq_range = ®_rule->freq_range; 2997 struct ieee80211_power_rule *power_rule = ®_rule->power_rule; 2998 2999 if (!tb[NL80211_ATTR_REG_RULE_FLAGS]) 3000 return -EINVAL; 3001 if (!tb[NL80211_ATTR_FREQ_RANGE_START]) 3002 return -EINVAL; 3003 if (!tb[NL80211_ATTR_FREQ_RANGE_END]) 3004 return -EINVAL; 3005 if (!tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) 3006 return -EINVAL; 3007 if (!tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]) 3008 return -EINVAL; 3009 3010 reg_rule->flags = nla_get_u32(tb[NL80211_ATTR_REG_RULE_FLAGS]); 3011 3012 freq_range->start_freq_khz = 3013 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]); 3014 freq_range->end_freq_khz = 3015 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]); 3016 freq_range->max_bandwidth_khz = 3017 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]); 3018 3019 power_rule->max_eirp = 3020 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]); 3021 3022 if (tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]) 3023 power_rule->max_antenna_gain = 3024 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]); 3025 3026 return 0; 3027 } 3028 3029 static int nl80211_req_set_reg(struct sk_buff *skb, struct genl_info *info) 3030 { 3031 int r; 3032 char *data = NULL; 3033 3034 /* 3035 * You should only get this when cfg80211 hasn't yet initialized 3036 * completely when built-in to the kernel right between the time 3037 * window between nl80211_init() and regulatory_init(), if that is 3038 * even possible. 3039 */ 3040 mutex_lock(&cfg80211_mutex); 3041 if (unlikely(!cfg80211_regdomain)) { 3042 mutex_unlock(&cfg80211_mutex); 3043 return -EINPROGRESS; 3044 } 3045 mutex_unlock(&cfg80211_mutex); 3046 3047 if (!info->attrs[NL80211_ATTR_REG_ALPHA2]) 3048 return -EINVAL; 3049 3050 data = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]); 3051 3052 r = regulatory_hint_user(data); 3053 3054 return r; 3055 } 3056 3057 static int nl80211_get_mesh_config(struct sk_buff *skb, 3058 struct genl_info *info) 3059 { 3060 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3061 struct net_device *dev = info->user_ptr[1]; 3062 struct wireless_dev *wdev = dev->ieee80211_ptr; 3063 struct mesh_config cur_params; 3064 int err = 0; 3065 void *hdr; 3066 struct nlattr *pinfoattr; 3067 struct sk_buff *msg; 3068 3069 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT) 3070 return -EOPNOTSUPP; 3071 3072 if (!rdev->ops->get_mesh_config) 3073 return -EOPNOTSUPP; 3074 3075 wdev_lock(wdev); 3076 /* If not connected, get default parameters */ 3077 if (!wdev->mesh_id_len) 3078 memcpy(&cur_params, &default_mesh_config, sizeof(cur_params)); 3079 else 3080 err = rdev->ops->get_mesh_config(&rdev->wiphy, dev, 3081 &cur_params); 3082 wdev_unlock(wdev); 3083 3084 if (err) 3085 return err; 3086 3087 /* Draw up a netlink message to send back */ 3088 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 3089 if (!msg) 3090 return -ENOMEM; 3091 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 3092 NL80211_CMD_GET_MESH_CONFIG); 3093 if (!hdr) 3094 goto out; 3095 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MESH_CONFIG); 3096 if (!pinfoattr) 3097 goto nla_put_failure; 3098 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 3099 NLA_PUT_U16(msg, NL80211_MESHCONF_RETRY_TIMEOUT, 3100 cur_params.dot11MeshRetryTimeout); 3101 NLA_PUT_U16(msg, NL80211_MESHCONF_CONFIRM_TIMEOUT, 3102 cur_params.dot11MeshConfirmTimeout); 3103 NLA_PUT_U16(msg, NL80211_MESHCONF_HOLDING_TIMEOUT, 3104 cur_params.dot11MeshHoldingTimeout); 3105 NLA_PUT_U16(msg, NL80211_MESHCONF_MAX_PEER_LINKS, 3106 cur_params.dot11MeshMaxPeerLinks); 3107 NLA_PUT_U8(msg, NL80211_MESHCONF_MAX_RETRIES, 3108 cur_params.dot11MeshMaxRetries); 3109 NLA_PUT_U8(msg, NL80211_MESHCONF_TTL, 3110 cur_params.dot11MeshTTL); 3111 NLA_PUT_U8(msg, NL80211_MESHCONF_ELEMENT_TTL, 3112 cur_params.element_ttl); 3113 NLA_PUT_U8(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS, 3114 cur_params.auto_open_plinks); 3115 NLA_PUT_U8(msg, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES, 3116 cur_params.dot11MeshHWMPmaxPREQretries); 3117 NLA_PUT_U32(msg, NL80211_MESHCONF_PATH_REFRESH_TIME, 3118 cur_params.path_refresh_time); 3119 NLA_PUT_U16(msg, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT, 3120 cur_params.min_discovery_timeout); 3121 NLA_PUT_U32(msg, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT, 3122 cur_params.dot11MeshHWMPactivePathTimeout); 3123 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL, 3124 cur_params.dot11MeshHWMPpreqMinInterval); 3125 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME, 3126 cur_params.dot11MeshHWMPnetDiameterTraversalTime); 3127 NLA_PUT_U8(msg, NL80211_MESHCONF_HWMP_ROOTMODE, 3128 cur_params.dot11MeshHWMPRootMode); 3129 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_RANN_INTERVAL, 3130 cur_params.dot11MeshHWMPRannInterval); 3131 NLA_PUT_U8(msg, NL80211_MESHCONF_GATE_ANNOUNCEMENTS, 3132 cur_params.dot11MeshGateAnnouncementProtocol); 3133 nla_nest_end(msg, pinfoattr); 3134 genlmsg_end(msg, hdr); 3135 return genlmsg_reply(msg, info); 3136 3137 nla_put_failure: 3138 genlmsg_cancel(msg, hdr); 3139 out: 3140 nlmsg_free(msg); 3141 return -ENOBUFS; 3142 } 3143 3144 static const struct nla_policy nl80211_meshconf_params_policy[NL80211_MESHCONF_ATTR_MAX+1] = { 3145 [NL80211_MESHCONF_RETRY_TIMEOUT] = { .type = NLA_U16 }, 3146 [NL80211_MESHCONF_CONFIRM_TIMEOUT] = { .type = NLA_U16 }, 3147 [NL80211_MESHCONF_HOLDING_TIMEOUT] = { .type = NLA_U16 }, 3148 [NL80211_MESHCONF_MAX_PEER_LINKS] = { .type = NLA_U16 }, 3149 [NL80211_MESHCONF_MAX_RETRIES] = { .type = NLA_U8 }, 3150 [NL80211_MESHCONF_TTL] = { .type = NLA_U8 }, 3151 [NL80211_MESHCONF_ELEMENT_TTL] = { .type = NLA_U8 }, 3152 [NL80211_MESHCONF_AUTO_OPEN_PLINKS] = { .type = NLA_U8 }, 3153 3154 [NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES] = { .type = NLA_U8 }, 3155 [NL80211_MESHCONF_PATH_REFRESH_TIME] = { .type = NLA_U32 }, 3156 [NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT] = { .type = NLA_U16 }, 3157 [NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT] = { .type = NLA_U32 }, 3158 [NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL] = { .type = NLA_U16 }, 3159 [NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME] = { .type = NLA_U16 }, 3160 [NL80211_MESHCONF_HWMP_ROOTMODE] = { .type = NLA_U8 }, 3161 [NL80211_MESHCONF_HWMP_RANN_INTERVAL] = { .type = NLA_U16 }, 3162 [NL80211_MESHCONF_GATE_ANNOUNCEMENTS] = { .type = NLA_U8 }, 3163 }; 3164 3165 static const struct nla_policy 3166 nl80211_mesh_setup_params_policy[NL80211_MESH_SETUP_ATTR_MAX+1] = { 3167 [NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL] = { .type = NLA_U8 }, 3168 [NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC] = { .type = NLA_U8 }, 3169 [NL80211_MESH_SETUP_USERSPACE_AUTH] = { .type = NLA_FLAG }, 3170 [NL80211_MESH_SETUP_IE] = { .type = NLA_BINARY, 3171 .len = IEEE80211_MAX_DATA_LEN }, 3172 [NL80211_MESH_SETUP_USERSPACE_AMPE] = { .type = NLA_FLAG }, 3173 }; 3174 3175 static int nl80211_parse_mesh_config(struct genl_info *info, 3176 struct mesh_config *cfg, 3177 u32 *mask_out) 3178 { 3179 struct nlattr *tb[NL80211_MESHCONF_ATTR_MAX + 1]; 3180 u32 mask = 0; 3181 3182 #define FILL_IN_MESH_PARAM_IF_SET(table, cfg, param, mask, attr_num, nla_fn) \ 3183 do {\ 3184 if (table[attr_num]) {\ 3185 cfg->param = nla_fn(table[attr_num]); \ 3186 mask |= (1 << (attr_num - 1)); \ 3187 } \ 3188 } while (0);\ 3189 3190 3191 if (!info->attrs[NL80211_ATTR_MESH_CONFIG]) 3192 return -EINVAL; 3193 if (nla_parse_nested(tb, NL80211_MESHCONF_ATTR_MAX, 3194 info->attrs[NL80211_ATTR_MESH_CONFIG], 3195 nl80211_meshconf_params_policy)) 3196 return -EINVAL; 3197 3198 /* This makes sure that there aren't more than 32 mesh config 3199 * parameters (otherwise our bitfield scheme would not work.) */ 3200 BUILD_BUG_ON(NL80211_MESHCONF_ATTR_MAX > 32); 3201 3202 /* Fill in the params struct */ 3203 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshRetryTimeout, 3204 mask, NL80211_MESHCONF_RETRY_TIMEOUT, nla_get_u16); 3205 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshConfirmTimeout, 3206 mask, NL80211_MESHCONF_CONFIRM_TIMEOUT, nla_get_u16); 3207 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHoldingTimeout, 3208 mask, NL80211_MESHCONF_HOLDING_TIMEOUT, nla_get_u16); 3209 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxPeerLinks, 3210 mask, NL80211_MESHCONF_MAX_PEER_LINKS, nla_get_u16); 3211 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxRetries, 3212 mask, NL80211_MESHCONF_MAX_RETRIES, nla_get_u8); 3213 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshTTL, 3214 mask, NL80211_MESHCONF_TTL, nla_get_u8); 3215 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, element_ttl, 3216 mask, NL80211_MESHCONF_ELEMENT_TTL, nla_get_u8); 3217 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, auto_open_plinks, 3218 mask, NL80211_MESHCONF_AUTO_OPEN_PLINKS, nla_get_u8); 3219 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPmaxPREQretries, 3220 mask, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES, 3221 nla_get_u8); 3222 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, path_refresh_time, 3223 mask, NL80211_MESHCONF_PATH_REFRESH_TIME, nla_get_u32); 3224 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, min_discovery_timeout, 3225 mask, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT, 3226 nla_get_u16); 3227 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPactivePathTimeout, 3228 mask, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT, 3229 nla_get_u32); 3230 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPpreqMinInterval, 3231 mask, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL, 3232 nla_get_u16); 3233 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 3234 dot11MeshHWMPnetDiameterTraversalTime, 3235 mask, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME, 3236 nla_get_u16); 3237 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 3238 dot11MeshHWMPRootMode, mask, 3239 NL80211_MESHCONF_HWMP_ROOTMODE, 3240 nla_get_u8); 3241 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 3242 dot11MeshHWMPRannInterval, mask, 3243 NL80211_MESHCONF_HWMP_RANN_INTERVAL, 3244 nla_get_u16); 3245 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, 3246 dot11MeshGateAnnouncementProtocol, mask, 3247 NL80211_MESHCONF_GATE_ANNOUNCEMENTS, 3248 nla_get_u8); 3249 if (mask_out) 3250 *mask_out = mask; 3251 3252 return 0; 3253 3254 #undef FILL_IN_MESH_PARAM_IF_SET 3255 } 3256 3257 static int nl80211_parse_mesh_setup(struct genl_info *info, 3258 struct mesh_setup *setup) 3259 { 3260 struct nlattr *tb[NL80211_MESH_SETUP_ATTR_MAX + 1]; 3261 3262 if (!info->attrs[NL80211_ATTR_MESH_SETUP]) 3263 return -EINVAL; 3264 if (nla_parse_nested(tb, NL80211_MESH_SETUP_ATTR_MAX, 3265 info->attrs[NL80211_ATTR_MESH_SETUP], 3266 nl80211_mesh_setup_params_policy)) 3267 return -EINVAL; 3268 3269 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL]) 3270 setup->path_sel_proto = 3271 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL])) ? 3272 IEEE80211_PATH_PROTOCOL_VENDOR : 3273 IEEE80211_PATH_PROTOCOL_HWMP; 3274 3275 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC]) 3276 setup->path_metric = 3277 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC])) ? 3278 IEEE80211_PATH_METRIC_VENDOR : 3279 IEEE80211_PATH_METRIC_AIRTIME; 3280 3281 3282 if (tb[NL80211_MESH_SETUP_IE]) { 3283 struct nlattr *ieattr = 3284 tb[NL80211_MESH_SETUP_IE]; 3285 if (!is_valid_ie_attr(ieattr)) 3286 return -EINVAL; 3287 setup->ie = nla_data(ieattr); 3288 setup->ie_len = nla_len(ieattr); 3289 } 3290 setup->is_authenticated = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_AUTH]); 3291 setup->is_secure = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_AMPE]); 3292 3293 return 0; 3294 } 3295 3296 static int nl80211_update_mesh_config(struct sk_buff *skb, 3297 struct genl_info *info) 3298 { 3299 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3300 struct net_device *dev = info->user_ptr[1]; 3301 struct wireless_dev *wdev = dev->ieee80211_ptr; 3302 struct mesh_config cfg; 3303 u32 mask; 3304 int err; 3305 3306 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT) 3307 return -EOPNOTSUPP; 3308 3309 if (!rdev->ops->update_mesh_config) 3310 return -EOPNOTSUPP; 3311 3312 err = nl80211_parse_mesh_config(info, &cfg, &mask); 3313 if (err) 3314 return err; 3315 3316 wdev_lock(wdev); 3317 if (!wdev->mesh_id_len) 3318 err = -ENOLINK; 3319 3320 if (!err) 3321 err = rdev->ops->update_mesh_config(&rdev->wiphy, dev, 3322 mask, &cfg); 3323 3324 wdev_unlock(wdev); 3325 3326 return err; 3327 } 3328 3329 static int nl80211_get_reg(struct sk_buff *skb, struct genl_info *info) 3330 { 3331 struct sk_buff *msg; 3332 void *hdr = NULL; 3333 struct nlattr *nl_reg_rules; 3334 unsigned int i; 3335 int err = -EINVAL; 3336 3337 mutex_lock(&cfg80211_mutex); 3338 3339 if (!cfg80211_regdomain) 3340 goto out; 3341 3342 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 3343 if (!msg) { 3344 err = -ENOBUFS; 3345 goto out; 3346 } 3347 3348 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 3349 NL80211_CMD_GET_REG); 3350 if (!hdr) 3351 goto put_failure; 3352 3353 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, 3354 cfg80211_regdomain->alpha2); 3355 3356 nl_reg_rules = nla_nest_start(msg, NL80211_ATTR_REG_RULES); 3357 if (!nl_reg_rules) 3358 goto nla_put_failure; 3359 3360 for (i = 0; i < cfg80211_regdomain->n_reg_rules; i++) { 3361 struct nlattr *nl_reg_rule; 3362 const struct ieee80211_reg_rule *reg_rule; 3363 const struct ieee80211_freq_range *freq_range; 3364 const struct ieee80211_power_rule *power_rule; 3365 3366 reg_rule = &cfg80211_regdomain->reg_rules[i]; 3367 freq_range = ®_rule->freq_range; 3368 power_rule = ®_rule->power_rule; 3369 3370 nl_reg_rule = nla_nest_start(msg, i); 3371 if (!nl_reg_rule) 3372 goto nla_put_failure; 3373 3374 NLA_PUT_U32(msg, NL80211_ATTR_REG_RULE_FLAGS, 3375 reg_rule->flags); 3376 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_START, 3377 freq_range->start_freq_khz); 3378 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_END, 3379 freq_range->end_freq_khz); 3380 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_MAX_BW, 3381 freq_range->max_bandwidth_khz); 3382 NLA_PUT_U32(msg, NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN, 3383 power_rule->max_antenna_gain); 3384 NLA_PUT_U32(msg, NL80211_ATTR_POWER_RULE_MAX_EIRP, 3385 power_rule->max_eirp); 3386 3387 nla_nest_end(msg, nl_reg_rule); 3388 } 3389 3390 nla_nest_end(msg, nl_reg_rules); 3391 3392 genlmsg_end(msg, hdr); 3393 err = genlmsg_reply(msg, info); 3394 goto out; 3395 3396 nla_put_failure: 3397 genlmsg_cancel(msg, hdr); 3398 put_failure: 3399 nlmsg_free(msg); 3400 err = -EMSGSIZE; 3401 out: 3402 mutex_unlock(&cfg80211_mutex); 3403 return err; 3404 } 3405 3406 static int nl80211_set_reg(struct sk_buff *skb, struct genl_info *info) 3407 { 3408 struct nlattr *tb[NL80211_REG_RULE_ATTR_MAX + 1]; 3409 struct nlattr *nl_reg_rule; 3410 char *alpha2 = NULL; 3411 int rem_reg_rules = 0, r = 0; 3412 u32 num_rules = 0, rule_idx = 0, size_of_regd; 3413 struct ieee80211_regdomain *rd = NULL; 3414 3415 if (!info->attrs[NL80211_ATTR_REG_ALPHA2]) 3416 return -EINVAL; 3417 3418 if (!info->attrs[NL80211_ATTR_REG_RULES]) 3419 return -EINVAL; 3420 3421 alpha2 = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]); 3422 3423 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES], 3424 rem_reg_rules) { 3425 num_rules++; 3426 if (num_rules > NL80211_MAX_SUPP_REG_RULES) 3427 return -EINVAL; 3428 } 3429 3430 mutex_lock(&cfg80211_mutex); 3431 3432 if (!reg_is_valid_request(alpha2)) { 3433 r = -EINVAL; 3434 goto bad_reg; 3435 } 3436 3437 size_of_regd = sizeof(struct ieee80211_regdomain) + 3438 (num_rules * sizeof(struct ieee80211_reg_rule)); 3439 3440 rd = kzalloc(size_of_regd, GFP_KERNEL); 3441 if (!rd) { 3442 r = -ENOMEM; 3443 goto bad_reg; 3444 } 3445 3446 rd->n_reg_rules = num_rules; 3447 rd->alpha2[0] = alpha2[0]; 3448 rd->alpha2[1] = alpha2[1]; 3449 3450 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES], 3451 rem_reg_rules) { 3452 nla_parse(tb, NL80211_REG_RULE_ATTR_MAX, 3453 nla_data(nl_reg_rule), nla_len(nl_reg_rule), 3454 reg_rule_policy); 3455 r = parse_reg_rule(tb, &rd->reg_rules[rule_idx]); 3456 if (r) 3457 goto bad_reg; 3458 3459 rule_idx++; 3460 3461 if (rule_idx > NL80211_MAX_SUPP_REG_RULES) { 3462 r = -EINVAL; 3463 goto bad_reg; 3464 } 3465 } 3466 3467 BUG_ON(rule_idx != num_rules); 3468 3469 r = set_regdom(rd); 3470 3471 mutex_unlock(&cfg80211_mutex); 3472 3473 return r; 3474 3475 bad_reg: 3476 mutex_unlock(&cfg80211_mutex); 3477 kfree(rd); 3478 return r; 3479 } 3480 3481 static int validate_scan_freqs(struct nlattr *freqs) 3482 { 3483 struct nlattr *attr1, *attr2; 3484 int n_channels = 0, tmp1, tmp2; 3485 3486 nla_for_each_nested(attr1, freqs, tmp1) { 3487 n_channels++; 3488 /* 3489 * Some hardware has a limited channel list for 3490 * scanning, and it is pretty much nonsensical 3491 * to scan for a channel twice, so disallow that 3492 * and don't require drivers to check that the 3493 * channel list they get isn't longer than what 3494 * they can scan, as long as they can scan all 3495 * the channels they registered at once. 3496 */ 3497 nla_for_each_nested(attr2, freqs, tmp2) 3498 if (attr1 != attr2 && 3499 nla_get_u32(attr1) == nla_get_u32(attr2)) 3500 return 0; 3501 } 3502 3503 return n_channels; 3504 } 3505 3506 static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info) 3507 { 3508 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3509 struct net_device *dev = info->user_ptr[1]; 3510 struct cfg80211_scan_request *request; 3511 struct nlattr *attr; 3512 struct wiphy *wiphy; 3513 int err, tmp, n_ssids = 0, n_channels, i; 3514 size_t ie_len; 3515 3516 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3517 return -EINVAL; 3518 3519 wiphy = &rdev->wiphy; 3520 3521 if (!rdev->ops->scan) 3522 return -EOPNOTSUPP; 3523 3524 if (rdev->scan_req) 3525 return -EBUSY; 3526 3527 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 3528 n_channels = validate_scan_freqs( 3529 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]); 3530 if (!n_channels) 3531 return -EINVAL; 3532 } else { 3533 enum ieee80211_band band; 3534 n_channels = 0; 3535 3536 for (band = 0; band < IEEE80211_NUM_BANDS; band++) 3537 if (wiphy->bands[band]) 3538 n_channels += wiphy->bands[band]->n_channels; 3539 } 3540 3541 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) 3542 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) 3543 n_ssids++; 3544 3545 if (n_ssids > wiphy->max_scan_ssids) 3546 return -EINVAL; 3547 3548 if (info->attrs[NL80211_ATTR_IE]) 3549 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3550 else 3551 ie_len = 0; 3552 3553 if (ie_len > wiphy->max_scan_ie_len) 3554 return -EINVAL; 3555 3556 request = kzalloc(sizeof(*request) 3557 + sizeof(*request->ssids) * n_ssids 3558 + sizeof(*request->channels) * n_channels 3559 + ie_len, GFP_KERNEL); 3560 if (!request) 3561 return -ENOMEM; 3562 3563 if (n_ssids) 3564 request->ssids = (void *)&request->channels[n_channels]; 3565 request->n_ssids = n_ssids; 3566 if (ie_len) { 3567 if (request->ssids) 3568 request->ie = (void *)(request->ssids + n_ssids); 3569 else 3570 request->ie = (void *)(request->channels + n_channels); 3571 } 3572 3573 i = 0; 3574 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 3575 /* user specified, bail out if channel not found */ 3576 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_FREQUENCIES], tmp) { 3577 struct ieee80211_channel *chan; 3578 3579 chan = ieee80211_get_channel(wiphy, nla_get_u32(attr)); 3580 3581 if (!chan) { 3582 err = -EINVAL; 3583 goto out_free; 3584 } 3585 3586 /* ignore disabled channels */ 3587 if (chan->flags & IEEE80211_CHAN_DISABLED) 3588 continue; 3589 3590 request->channels[i] = chan; 3591 i++; 3592 } 3593 } else { 3594 enum ieee80211_band band; 3595 3596 /* all channels */ 3597 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 3598 int j; 3599 if (!wiphy->bands[band]) 3600 continue; 3601 for (j = 0; j < wiphy->bands[band]->n_channels; j++) { 3602 struct ieee80211_channel *chan; 3603 3604 chan = &wiphy->bands[band]->channels[j]; 3605 3606 if (chan->flags & IEEE80211_CHAN_DISABLED) 3607 continue; 3608 3609 request->channels[i] = chan; 3610 i++; 3611 } 3612 } 3613 } 3614 3615 if (!i) { 3616 err = -EINVAL; 3617 goto out_free; 3618 } 3619 3620 request->n_channels = i; 3621 3622 i = 0; 3623 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) { 3624 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) { 3625 if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) { 3626 err = -EINVAL; 3627 goto out_free; 3628 } 3629 request->ssids[i].ssid_len = nla_len(attr); 3630 memcpy(request->ssids[i].ssid, nla_data(attr), nla_len(attr)); 3631 i++; 3632 } 3633 } 3634 3635 if (info->attrs[NL80211_ATTR_IE]) { 3636 request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3637 memcpy((void *)request->ie, 3638 nla_data(info->attrs[NL80211_ATTR_IE]), 3639 request->ie_len); 3640 } 3641 3642 for (i = 0; i < IEEE80211_NUM_BANDS; i++) 3643 if (wiphy->bands[i]) 3644 request->rates[i] = 3645 (1 << wiphy->bands[i]->n_bitrates) - 1; 3646 3647 if (info->attrs[NL80211_ATTR_SCAN_SUPP_RATES]) { 3648 nla_for_each_nested(attr, 3649 info->attrs[NL80211_ATTR_SCAN_SUPP_RATES], 3650 tmp) { 3651 enum ieee80211_band band = nla_type(attr); 3652 3653 if (band < 0 || band >= IEEE80211_NUM_BANDS) { 3654 err = -EINVAL; 3655 goto out_free; 3656 } 3657 err = ieee80211_get_ratemask(wiphy->bands[band], 3658 nla_data(attr), 3659 nla_len(attr), 3660 &request->rates[band]); 3661 if (err) 3662 goto out_free; 3663 } 3664 } 3665 3666 request->no_cck = 3667 nla_get_flag(info->attrs[NL80211_ATTR_TX_NO_CCK_RATE]); 3668 3669 request->dev = dev; 3670 request->wiphy = &rdev->wiphy; 3671 3672 rdev->scan_req = request; 3673 err = rdev->ops->scan(&rdev->wiphy, dev, request); 3674 3675 if (!err) { 3676 nl80211_send_scan_start(rdev, dev); 3677 dev_hold(dev); 3678 } else { 3679 out_free: 3680 rdev->scan_req = NULL; 3681 kfree(request); 3682 } 3683 3684 return err; 3685 } 3686 3687 static int nl80211_start_sched_scan(struct sk_buff *skb, 3688 struct genl_info *info) 3689 { 3690 struct cfg80211_sched_scan_request *request; 3691 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3692 struct net_device *dev = info->user_ptr[1]; 3693 struct nlattr *attr; 3694 struct wiphy *wiphy; 3695 int err, tmp, n_ssids = 0, n_match_sets = 0, n_channels, i; 3696 u32 interval; 3697 enum ieee80211_band band; 3698 size_t ie_len; 3699 struct nlattr *tb[NL80211_SCHED_SCAN_MATCH_ATTR_MAX + 1]; 3700 3701 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN) || 3702 !rdev->ops->sched_scan_start) 3703 return -EOPNOTSUPP; 3704 3705 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 3706 return -EINVAL; 3707 3708 if (!info->attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL]) 3709 return -EINVAL; 3710 3711 interval = nla_get_u32(info->attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL]); 3712 if (interval == 0) 3713 return -EINVAL; 3714 3715 wiphy = &rdev->wiphy; 3716 3717 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 3718 n_channels = validate_scan_freqs( 3719 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]); 3720 if (!n_channels) 3721 return -EINVAL; 3722 } else { 3723 n_channels = 0; 3724 3725 for (band = 0; band < IEEE80211_NUM_BANDS; band++) 3726 if (wiphy->bands[band]) 3727 n_channels += wiphy->bands[band]->n_channels; 3728 } 3729 3730 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) 3731 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], 3732 tmp) 3733 n_ssids++; 3734 3735 if (n_ssids > wiphy->max_sched_scan_ssids) 3736 return -EINVAL; 3737 3738 if (info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH]) 3739 nla_for_each_nested(attr, 3740 info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH], 3741 tmp) 3742 n_match_sets++; 3743 3744 if (n_match_sets > wiphy->max_match_sets) 3745 return -EINVAL; 3746 3747 if (info->attrs[NL80211_ATTR_IE]) 3748 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3749 else 3750 ie_len = 0; 3751 3752 if (ie_len > wiphy->max_sched_scan_ie_len) 3753 return -EINVAL; 3754 3755 mutex_lock(&rdev->sched_scan_mtx); 3756 3757 if (rdev->sched_scan_req) { 3758 err = -EINPROGRESS; 3759 goto out; 3760 } 3761 3762 request = kzalloc(sizeof(*request) 3763 + sizeof(*request->ssids) * n_ssids 3764 + sizeof(*request->match_sets) * n_match_sets 3765 + sizeof(*request->channels) * n_channels 3766 + ie_len, GFP_KERNEL); 3767 if (!request) { 3768 err = -ENOMEM; 3769 goto out; 3770 } 3771 3772 if (n_ssids) 3773 request->ssids = (void *)&request->channels[n_channels]; 3774 request->n_ssids = n_ssids; 3775 if (ie_len) { 3776 if (request->ssids) 3777 request->ie = (void *)(request->ssids + n_ssids); 3778 else 3779 request->ie = (void *)(request->channels + n_channels); 3780 } 3781 3782 if (n_match_sets) { 3783 if (request->ie) 3784 request->match_sets = (void *)(request->ie + ie_len); 3785 else if (request->ssids) 3786 request->match_sets = 3787 (void *)(request->ssids + n_ssids); 3788 else 3789 request->match_sets = 3790 (void *)(request->channels + n_channels); 3791 } 3792 request->n_match_sets = n_match_sets; 3793 3794 i = 0; 3795 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { 3796 /* user specified, bail out if channel not found */ 3797 nla_for_each_nested(attr, 3798 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES], 3799 tmp) { 3800 struct ieee80211_channel *chan; 3801 3802 chan = ieee80211_get_channel(wiphy, nla_get_u32(attr)); 3803 3804 if (!chan) { 3805 err = -EINVAL; 3806 goto out_free; 3807 } 3808 3809 /* ignore disabled channels */ 3810 if (chan->flags & IEEE80211_CHAN_DISABLED) 3811 continue; 3812 3813 request->channels[i] = chan; 3814 i++; 3815 } 3816 } else { 3817 /* all channels */ 3818 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 3819 int j; 3820 if (!wiphy->bands[band]) 3821 continue; 3822 for (j = 0; j < wiphy->bands[band]->n_channels; j++) { 3823 struct ieee80211_channel *chan; 3824 3825 chan = &wiphy->bands[band]->channels[j]; 3826 3827 if (chan->flags & IEEE80211_CHAN_DISABLED) 3828 continue; 3829 3830 request->channels[i] = chan; 3831 i++; 3832 } 3833 } 3834 } 3835 3836 if (!i) { 3837 err = -EINVAL; 3838 goto out_free; 3839 } 3840 3841 request->n_channels = i; 3842 3843 i = 0; 3844 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) { 3845 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], 3846 tmp) { 3847 if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) { 3848 err = -EINVAL; 3849 goto out_free; 3850 } 3851 request->ssids[i].ssid_len = nla_len(attr); 3852 memcpy(request->ssids[i].ssid, nla_data(attr), 3853 nla_len(attr)); 3854 i++; 3855 } 3856 } 3857 3858 i = 0; 3859 if (info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH]) { 3860 nla_for_each_nested(attr, 3861 info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH], 3862 tmp) { 3863 struct nlattr *ssid; 3864 3865 nla_parse(tb, NL80211_SCHED_SCAN_MATCH_ATTR_MAX, 3866 nla_data(attr), nla_len(attr), 3867 nl80211_match_policy); 3868 ssid = tb[NL80211_ATTR_SCHED_SCAN_MATCH_SSID]; 3869 if (ssid) { 3870 if (nla_len(ssid) > IEEE80211_MAX_SSID_LEN) { 3871 err = -EINVAL; 3872 goto out_free; 3873 } 3874 memcpy(request->match_sets[i].ssid.ssid, 3875 nla_data(ssid), nla_len(ssid)); 3876 request->match_sets[i].ssid.ssid_len = 3877 nla_len(ssid); 3878 } 3879 i++; 3880 } 3881 } 3882 3883 if (info->attrs[NL80211_ATTR_IE]) { 3884 request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 3885 memcpy((void *)request->ie, 3886 nla_data(info->attrs[NL80211_ATTR_IE]), 3887 request->ie_len); 3888 } 3889 3890 request->dev = dev; 3891 request->wiphy = &rdev->wiphy; 3892 request->interval = interval; 3893 3894 err = rdev->ops->sched_scan_start(&rdev->wiphy, dev, request); 3895 if (!err) { 3896 rdev->sched_scan_req = request; 3897 nl80211_send_sched_scan(rdev, dev, 3898 NL80211_CMD_START_SCHED_SCAN); 3899 goto out; 3900 } 3901 3902 out_free: 3903 kfree(request); 3904 out: 3905 mutex_unlock(&rdev->sched_scan_mtx); 3906 return err; 3907 } 3908 3909 static int nl80211_stop_sched_scan(struct sk_buff *skb, 3910 struct genl_info *info) 3911 { 3912 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 3913 int err; 3914 3915 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN) || 3916 !rdev->ops->sched_scan_stop) 3917 return -EOPNOTSUPP; 3918 3919 mutex_lock(&rdev->sched_scan_mtx); 3920 err = __cfg80211_stop_sched_scan(rdev, false); 3921 mutex_unlock(&rdev->sched_scan_mtx); 3922 3923 return err; 3924 } 3925 3926 static int nl80211_send_bss(struct sk_buff *msg, struct netlink_callback *cb, 3927 u32 seq, int flags, 3928 struct cfg80211_registered_device *rdev, 3929 struct wireless_dev *wdev, 3930 struct cfg80211_internal_bss *intbss) 3931 { 3932 struct cfg80211_bss *res = &intbss->pub; 3933 void *hdr; 3934 struct nlattr *bss; 3935 int i; 3936 3937 ASSERT_WDEV_LOCK(wdev); 3938 3939 hdr = nl80211hdr_put(msg, NETLINK_CB(cb->skb).pid, seq, flags, 3940 NL80211_CMD_NEW_SCAN_RESULTS); 3941 if (!hdr) 3942 return -1; 3943 3944 genl_dump_check_consistent(cb, hdr, &nl80211_fam); 3945 3946 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, rdev->bss_generation); 3947 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, wdev->netdev->ifindex); 3948 3949 bss = nla_nest_start(msg, NL80211_ATTR_BSS); 3950 if (!bss) 3951 goto nla_put_failure; 3952 if (!is_zero_ether_addr(res->bssid)) 3953 NLA_PUT(msg, NL80211_BSS_BSSID, ETH_ALEN, res->bssid); 3954 if (res->information_elements && res->len_information_elements) 3955 NLA_PUT(msg, NL80211_BSS_INFORMATION_ELEMENTS, 3956 res->len_information_elements, 3957 res->information_elements); 3958 if (res->beacon_ies && res->len_beacon_ies && 3959 res->beacon_ies != res->information_elements) 3960 NLA_PUT(msg, NL80211_BSS_BEACON_IES, 3961 res->len_beacon_ies, res->beacon_ies); 3962 if (res->tsf) 3963 NLA_PUT_U64(msg, NL80211_BSS_TSF, res->tsf); 3964 if (res->beacon_interval) 3965 NLA_PUT_U16(msg, NL80211_BSS_BEACON_INTERVAL, res->beacon_interval); 3966 NLA_PUT_U16(msg, NL80211_BSS_CAPABILITY, res->capability); 3967 NLA_PUT_U32(msg, NL80211_BSS_FREQUENCY, res->channel->center_freq); 3968 NLA_PUT_U32(msg, NL80211_BSS_SEEN_MS_AGO, 3969 jiffies_to_msecs(jiffies - intbss->ts)); 3970 3971 switch (rdev->wiphy.signal_type) { 3972 case CFG80211_SIGNAL_TYPE_MBM: 3973 NLA_PUT_U32(msg, NL80211_BSS_SIGNAL_MBM, res->signal); 3974 break; 3975 case CFG80211_SIGNAL_TYPE_UNSPEC: 3976 NLA_PUT_U8(msg, NL80211_BSS_SIGNAL_UNSPEC, res->signal); 3977 break; 3978 default: 3979 break; 3980 } 3981 3982 switch (wdev->iftype) { 3983 case NL80211_IFTYPE_P2P_CLIENT: 3984 case NL80211_IFTYPE_STATION: 3985 if (intbss == wdev->current_bss) 3986 NLA_PUT_U32(msg, NL80211_BSS_STATUS, 3987 NL80211_BSS_STATUS_ASSOCIATED); 3988 else for (i = 0; i < MAX_AUTH_BSSES; i++) { 3989 if (intbss != wdev->auth_bsses[i]) 3990 continue; 3991 NLA_PUT_U32(msg, NL80211_BSS_STATUS, 3992 NL80211_BSS_STATUS_AUTHENTICATED); 3993 break; 3994 } 3995 break; 3996 case NL80211_IFTYPE_ADHOC: 3997 if (intbss == wdev->current_bss) 3998 NLA_PUT_U32(msg, NL80211_BSS_STATUS, 3999 NL80211_BSS_STATUS_IBSS_JOINED); 4000 break; 4001 default: 4002 break; 4003 } 4004 4005 nla_nest_end(msg, bss); 4006 4007 return genlmsg_end(msg, hdr); 4008 4009 nla_put_failure: 4010 genlmsg_cancel(msg, hdr); 4011 return -EMSGSIZE; 4012 } 4013 4014 static int nl80211_dump_scan(struct sk_buff *skb, 4015 struct netlink_callback *cb) 4016 { 4017 struct cfg80211_registered_device *rdev; 4018 struct net_device *dev; 4019 struct cfg80211_internal_bss *scan; 4020 struct wireless_dev *wdev; 4021 int start = cb->args[1], idx = 0; 4022 int err; 4023 4024 err = nl80211_prepare_netdev_dump(skb, cb, &rdev, &dev); 4025 if (err) 4026 return err; 4027 4028 wdev = dev->ieee80211_ptr; 4029 4030 wdev_lock(wdev); 4031 spin_lock_bh(&rdev->bss_lock); 4032 cfg80211_bss_expire(rdev); 4033 4034 cb->seq = rdev->bss_generation; 4035 4036 list_for_each_entry(scan, &rdev->bss_list, list) { 4037 if (++idx <= start) 4038 continue; 4039 if (nl80211_send_bss(skb, cb, 4040 cb->nlh->nlmsg_seq, NLM_F_MULTI, 4041 rdev, wdev, scan) < 0) { 4042 idx--; 4043 break; 4044 } 4045 } 4046 4047 spin_unlock_bh(&rdev->bss_lock); 4048 wdev_unlock(wdev); 4049 4050 cb->args[1] = idx; 4051 nl80211_finish_netdev_dump(rdev); 4052 4053 return skb->len; 4054 } 4055 4056 static int nl80211_send_survey(struct sk_buff *msg, u32 pid, u32 seq, 4057 int flags, struct net_device *dev, 4058 struct survey_info *survey) 4059 { 4060 void *hdr; 4061 struct nlattr *infoattr; 4062 4063 hdr = nl80211hdr_put(msg, pid, seq, flags, 4064 NL80211_CMD_NEW_SURVEY_RESULTS); 4065 if (!hdr) 4066 return -ENOMEM; 4067 4068 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 4069 4070 infoattr = nla_nest_start(msg, NL80211_ATTR_SURVEY_INFO); 4071 if (!infoattr) 4072 goto nla_put_failure; 4073 4074 NLA_PUT_U32(msg, NL80211_SURVEY_INFO_FREQUENCY, 4075 survey->channel->center_freq); 4076 if (survey->filled & SURVEY_INFO_NOISE_DBM) 4077 NLA_PUT_U8(msg, NL80211_SURVEY_INFO_NOISE, 4078 survey->noise); 4079 if (survey->filled & SURVEY_INFO_IN_USE) 4080 NLA_PUT_FLAG(msg, NL80211_SURVEY_INFO_IN_USE); 4081 if (survey->filled & SURVEY_INFO_CHANNEL_TIME) 4082 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME, 4083 survey->channel_time); 4084 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_BUSY) 4085 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY, 4086 survey->channel_time_busy); 4087 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_EXT_BUSY) 4088 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_EXT_BUSY, 4089 survey->channel_time_ext_busy); 4090 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_RX) 4091 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_RX, 4092 survey->channel_time_rx); 4093 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_TX) 4094 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_TX, 4095 survey->channel_time_tx); 4096 4097 nla_nest_end(msg, infoattr); 4098 4099 return genlmsg_end(msg, hdr); 4100 4101 nla_put_failure: 4102 genlmsg_cancel(msg, hdr); 4103 return -EMSGSIZE; 4104 } 4105 4106 static int nl80211_dump_survey(struct sk_buff *skb, 4107 struct netlink_callback *cb) 4108 { 4109 struct survey_info survey; 4110 struct cfg80211_registered_device *dev; 4111 struct net_device *netdev; 4112 int survey_idx = cb->args[1]; 4113 int res; 4114 4115 res = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev); 4116 if (res) 4117 return res; 4118 4119 if (!dev->ops->dump_survey) { 4120 res = -EOPNOTSUPP; 4121 goto out_err; 4122 } 4123 4124 while (1) { 4125 struct ieee80211_channel *chan; 4126 4127 res = dev->ops->dump_survey(&dev->wiphy, netdev, survey_idx, 4128 &survey); 4129 if (res == -ENOENT) 4130 break; 4131 if (res) 4132 goto out_err; 4133 4134 /* Survey without a channel doesn't make sense */ 4135 if (!survey.channel) { 4136 res = -EINVAL; 4137 goto out; 4138 } 4139 4140 chan = ieee80211_get_channel(&dev->wiphy, 4141 survey.channel->center_freq); 4142 if (!chan || chan->flags & IEEE80211_CHAN_DISABLED) { 4143 survey_idx++; 4144 continue; 4145 } 4146 4147 if (nl80211_send_survey(skb, 4148 NETLINK_CB(cb->skb).pid, 4149 cb->nlh->nlmsg_seq, NLM_F_MULTI, 4150 netdev, 4151 &survey) < 0) 4152 goto out; 4153 survey_idx++; 4154 } 4155 4156 out: 4157 cb->args[1] = survey_idx; 4158 res = skb->len; 4159 out_err: 4160 nl80211_finish_netdev_dump(dev); 4161 return res; 4162 } 4163 4164 static bool nl80211_valid_auth_type(enum nl80211_auth_type auth_type) 4165 { 4166 return auth_type <= NL80211_AUTHTYPE_MAX; 4167 } 4168 4169 static bool nl80211_valid_wpa_versions(u32 wpa_versions) 4170 { 4171 return !(wpa_versions & ~(NL80211_WPA_VERSION_1 | 4172 NL80211_WPA_VERSION_2)); 4173 } 4174 4175 static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info) 4176 { 4177 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4178 struct net_device *dev = info->user_ptr[1]; 4179 struct ieee80211_channel *chan; 4180 const u8 *bssid, *ssid, *ie = NULL; 4181 int err, ssid_len, ie_len = 0; 4182 enum nl80211_auth_type auth_type; 4183 struct key_parse key; 4184 bool local_state_change; 4185 4186 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4187 return -EINVAL; 4188 4189 if (!info->attrs[NL80211_ATTR_MAC]) 4190 return -EINVAL; 4191 4192 if (!info->attrs[NL80211_ATTR_AUTH_TYPE]) 4193 return -EINVAL; 4194 4195 if (!info->attrs[NL80211_ATTR_SSID]) 4196 return -EINVAL; 4197 4198 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ]) 4199 return -EINVAL; 4200 4201 err = nl80211_parse_key(info, &key); 4202 if (err) 4203 return err; 4204 4205 if (key.idx >= 0) { 4206 if (key.type != -1 && key.type != NL80211_KEYTYPE_GROUP) 4207 return -EINVAL; 4208 if (!key.p.key || !key.p.key_len) 4209 return -EINVAL; 4210 if ((key.p.cipher != WLAN_CIPHER_SUITE_WEP40 || 4211 key.p.key_len != WLAN_KEY_LEN_WEP40) && 4212 (key.p.cipher != WLAN_CIPHER_SUITE_WEP104 || 4213 key.p.key_len != WLAN_KEY_LEN_WEP104)) 4214 return -EINVAL; 4215 if (key.idx > 4) 4216 return -EINVAL; 4217 } else { 4218 key.p.key_len = 0; 4219 key.p.key = NULL; 4220 } 4221 4222 if (key.idx >= 0) { 4223 int i; 4224 bool ok = false; 4225 for (i = 0; i < rdev->wiphy.n_cipher_suites; i++) { 4226 if (key.p.cipher == rdev->wiphy.cipher_suites[i]) { 4227 ok = true; 4228 break; 4229 } 4230 } 4231 if (!ok) 4232 return -EINVAL; 4233 } 4234 4235 if (!rdev->ops->auth) 4236 return -EOPNOTSUPP; 4237 4238 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4239 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4240 return -EOPNOTSUPP; 4241 4242 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4243 chan = ieee80211_get_channel(&rdev->wiphy, 4244 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 4245 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED)) 4246 return -EINVAL; 4247 4248 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 4249 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 4250 4251 if (info->attrs[NL80211_ATTR_IE]) { 4252 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4253 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4254 } 4255 4256 auth_type = nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]); 4257 if (!nl80211_valid_auth_type(auth_type)) 4258 return -EINVAL; 4259 4260 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; 4261 4262 return cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid, 4263 ssid, ssid_len, ie, ie_len, 4264 key.p.key, key.p.key_len, key.idx, 4265 local_state_change); 4266 } 4267 4268 static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev, 4269 struct genl_info *info, 4270 struct cfg80211_crypto_settings *settings, 4271 int cipher_limit) 4272 { 4273 memset(settings, 0, sizeof(*settings)); 4274 4275 settings->control_port = info->attrs[NL80211_ATTR_CONTROL_PORT]; 4276 4277 if (info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]) { 4278 u16 proto; 4279 proto = nla_get_u16( 4280 info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]); 4281 settings->control_port_ethertype = cpu_to_be16(proto); 4282 if (!(rdev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) && 4283 proto != ETH_P_PAE) 4284 return -EINVAL; 4285 if (info->attrs[NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT]) 4286 settings->control_port_no_encrypt = true; 4287 } else 4288 settings->control_port_ethertype = cpu_to_be16(ETH_P_PAE); 4289 4290 if (info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]) { 4291 void *data; 4292 int len, i; 4293 4294 data = nla_data(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]); 4295 len = nla_len(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]); 4296 settings->n_ciphers_pairwise = len / sizeof(u32); 4297 4298 if (len % sizeof(u32)) 4299 return -EINVAL; 4300 4301 if (settings->n_ciphers_pairwise > cipher_limit) 4302 return -EINVAL; 4303 4304 memcpy(settings->ciphers_pairwise, data, len); 4305 4306 for (i = 0; i < settings->n_ciphers_pairwise; i++) 4307 if (!cfg80211_supported_cipher_suite( 4308 &rdev->wiphy, 4309 settings->ciphers_pairwise[i])) 4310 return -EINVAL; 4311 } 4312 4313 if (info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]) { 4314 settings->cipher_group = 4315 nla_get_u32(info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]); 4316 if (!cfg80211_supported_cipher_suite(&rdev->wiphy, 4317 settings->cipher_group)) 4318 return -EINVAL; 4319 } 4320 4321 if (info->attrs[NL80211_ATTR_WPA_VERSIONS]) { 4322 settings->wpa_versions = 4323 nla_get_u32(info->attrs[NL80211_ATTR_WPA_VERSIONS]); 4324 if (!nl80211_valid_wpa_versions(settings->wpa_versions)) 4325 return -EINVAL; 4326 } 4327 4328 if (info->attrs[NL80211_ATTR_AKM_SUITES]) { 4329 void *data; 4330 int len; 4331 4332 data = nla_data(info->attrs[NL80211_ATTR_AKM_SUITES]); 4333 len = nla_len(info->attrs[NL80211_ATTR_AKM_SUITES]); 4334 settings->n_akm_suites = len / sizeof(u32); 4335 4336 if (len % sizeof(u32)) 4337 return -EINVAL; 4338 4339 if (settings->n_akm_suites > NL80211_MAX_NR_AKM_SUITES) 4340 return -EINVAL; 4341 4342 memcpy(settings->akm_suites, data, len); 4343 } 4344 4345 return 0; 4346 } 4347 4348 static int nl80211_associate(struct sk_buff *skb, struct genl_info *info) 4349 { 4350 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4351 struct net_device *dev = info->user_ptr[1]; 4352 struct cfg80211_crypto_settings crypto; 4353 struct ieee80211_channel *chan; 4354 const u8 *bssid, *ssid, *ie = NULL, *prev_bssid = NULL; 4355 int err, ssid_len, ie_len = 0; 4356 bool use_mfp = false; 4357 4358 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4359 return -EINVAL; 4360 4361 if (!info->attrs[NL80211_ATTR_MAC] || 4362 !info->attrs[NL80211_ATTR_SSID] || 4363 !info->attrs[NL80211_ATTR_WIPHY_FREQ]) 4364 return -EINVAL; 4365 4366 if (!rdev->ops->assoc) 4367 return -EOPNOTSUPP; 4368 4369 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4370 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4371 return -EOPNOTSUPP; 4372 4373 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4374 4375 chan = ieee80211_get_channel(&rdev->wiphy, 4376 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 4377 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED)) 4378 return -EINVAL; 4379 4380 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 4381 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 4382 4383 if (info->attrs[NL80211_ATTR_IE]) { 4384 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4385 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4386 } 4387 4388 if (info->attrs[NL80211_ATTR_USE_MFP]) { 4389 enum nl80211_mfp mfp = 4390 nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]); 4391 if (mfp == NL80211_MFP_REQUIRED) 4392 use_mfp = true; 4393 else if (mfp != NL80211_MFP_NO) 4394 return -EINVAL; 4395 } 4396 4397 if (info->attrs[NL80211_ATTR_PREV_BSSID]) 4398 prev_bssid = nla_data(info->attrs[NL80211_ATTR_PREV_BSSID]); 4399 4400 err = nl80211_crypto_settings(rdev, info, &crypto, 1); 4401 if (!err) 4402 err = cfg80211_mlme_assoc(rdev, dev, chan, bssid, prev_bssid, 4403 ssid, ssid_len, ie, ie_len, use_mfp, 4404 &crypto); 4405 4406 return err; 4407 } 4408 4409 static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info) 4410 { 4411 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4412 struct net_device *dev = info->user_ptr[1]; 4413 const u8 *ie = NULL, *bssid; 4414 int ie_len = 0; 4415 u16 reason_code; 4416 bool local_state_change; 4417 4418 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4419 return -EINVAL; 4420 4421 if (!info->attrs[NL80211_ATTR_MAC]) 4422 return -EINVAL; 4423 4424 if (!info->attrs[NL80211_ATTR_REASON_CODE]) 4425 return -EINVAL; 4426 4427 if (!rdev->ops->deauth) 4428 return -EOPNOTSUPP; 4429 4430 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4431 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4432 return -EOPNOTSUPP; 4433 4434 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4435 4436 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 4437 if (reason_code == 0) { 4438 /* Reason Code 0 is reserved */ 4439 return -EINVAL; 4440 } 4441 4442 if (info->attrs[NL80211_ATTR_IE]) { 4443 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4444 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4445 } 4446 4447 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; 4448 4449 return cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason_code, 4450 local_state_change); 4451 } 4452 4453 static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info) 4454 { 4455 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4456 struct net_device *dev = info->user_ptr[1]; 4457 const u8 *ie = NULL, *bssid; 4458 int ie_len = 0; 4459 u16 reason_code; 4460 bool local_state_change; 4461 4462 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4463 return -EINVAL; 4464 4465 if (!info->attrs[NL80211_ATTR_MAC]) 4466 return -EINVAL; 4467 4468 if (!info->attrs[NL80211_ATTR_REASON_CODE]) 4469 return -EINVAL; 4470 4471 if (!rdev->ops->disassoc) 4472 return -EOPNOTSUPP; 4473 4474 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4475 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4476 return -EOPNOTSUPP; 4477 4478 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4479 4480 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 4481 if (reason_code == 0) { 4482 /* Reason Code 0 is reserved */ 4483 return -EINVAL; 4484 } 4485 4486 if (info->attrs[NL80211_ATTR_IE]) { 4487 ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4488 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4489 } 4490 4491 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; 4492 4493 return cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason_code, 4494 local_state_change); 4495 } 4496 4497 static bool 4498 nl80211_parse_mcast_rate(struct cfg80211_registered_device *rdev, 4499 int mcast_rate[IEEE80211_NUM_BANDS], 4500 int rateval) 4501 { 4502 struct wiphy *wiphy = &rdev->wiphy; 4503 bool found = false; 4504 int band, i; 4505 4506 for (band = 0; band < IEEE80211_NUM_BANDS; band++) { 4507 struct ieee80211_supported_band *sband; 4508 4509 sband = wiphy->bands[band]; 4510 if (!sband) 4511 continue; 4512 4513 for (i = 0; i < sband->n_bitrates; i++) { 4514 if (sband->bitrates[i].bitrate == rateval) { 4515 mcast_rate[band] = i + 1; 4516 found = true; 4517 break; 4518 } 4519 } 4520 } 4521 4522 return found; 4523 } 4524 4525 static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info) 4526 { 4527 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4528 struct net_device *dev = info->user_ptr[1]; 4529 struct cfg80211_ibss_params ibss; 4530 struct wiphy *wiphy; 4531 struct cfg80211_cached_keys *connkeys = NULL; 4532 int err; 4533 4534 memset(&ibss, 0, sizeof(ibss)); 4535 4536 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4537 return -EINVAL; 4538 4539 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] || 4540 !info->attrs[NL80211_ATTR_SSID] || 4541 !nla_len(info->attrs[NL80211_ATTR_SSID])) 4542 return -EINVAL; 4543 4544 ibss.beacon_interval = 100; 4545 4546 if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) { 4547 ibss.beacon_interval = 4548 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]); 4549 if (ibss.beacon_interval < 1 || ibss.beacon_interval > 10000) 4550 return -EINVAL; 4551 } 4552 4553 if (!rdev->ops->join_ibss) 4554 return -EOPNOTSUPP; 4555 4556 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) 4557 return -EOPNOTSUPP; 4558 4559 wiphy = &rdev->wiphy; 4560 4561 if (info->attrs[NL80211_ATTR_MAC]) { 4562 ibss.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4563 4564 if (!is_valid_ether_addr(ibss.bssid)) 4565 return -EINVAL; 4566 } 4567 ibss.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 4568 ibss.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 4569 4570 if (info->attrs[NL80211_ATTR_IE]) { 4571 ibss.ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4572 ibss.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4573 } 4574 4575 ibss.channel = ieee80211_get_channel(wiphy, 4576 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 4577 if (!ibss.channel || 4578 ibss.channel->flags & IEEE80211_CHAN_NO_IBSS || 4579 ibss.channel->flags & IEEE80211_CHAN_DISABLED) 4580 return -EINVAL; 4581 4582 ibss.channel_fixed = !!info->attrs[NL80211_ATTR_FREQ_FIXED]; 4583 ibss.privacy = !!info->attrs[NL80211_ATTR_PRIVACY]; 4584 4585 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) { 4586 u8 *rates = 4587 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 4588 int n_rates = 4589 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); 4590 struct ieee80211_supported_band *sband = 4591 wiphy->bands[ibss.channel->band]; 4592 int err; 4593 4594 err = ieee80211_get_ratemask(sband, rates, n_rates, 4595 &ibss.basic_rates); 4596 if (err) 4597 return err; 4598 } 4599 4600 if (info->attrs[NL80211_ATTR_MCAST_RATE] && 4601 !nl80211_parse_mcast_rate(rdev, ibss.mcast_rate, 4602 nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE]))) 4603 return -EINVAL; 4604 4605 if (ibss.privacy && info->attrs[NL80211_ATTR_KEYS]) { 4606 connkeys = nl80211_parse_connkeys(rdev, 4607 info->attrs[NL80211_ATTR_KEYS]); 4608 if (IS_ERR(connkeys)) 4609 return PTR_ERR(connkeys); 4610 } 4611 4612 err = cfg80211_join_ibss(rdev, dev, &ibss, connkeys); 4613 if (err) 4614 kfree(connkeys); 4615 return err; 4616 } 4617 4618 static int nl80211_leave_ibss(struct sk_buff *skb, struct genl_info *info) 4619 { 4620 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4621 struct net_device *dev = info->user_ptr[1]; 4622 4623 if (!rdev->ops->leave_ibss) 4624 return -EOPNOTSUPP; 4625 4626 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) 4627 return -EOPNOTSUPP; 4628 4629 return cfg80211_leave_ibss(rdev, dev, false); 4630 } 4631 4632 #ifdef CONFIG_NL80211_TESTMODE 4633 static struct genl_multicast_group nl80211_testmode_mcgrp = { 4634 .name = "testmode", 4635 }; 4636 4637 static int nl80211_testmode_do(struct sk_buff *skb, struct genl_info *info) 4638 { 4639 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4640 int err; 4641 4642 if (!info->attrs[NL80211_ATTR_TESTDATA]) 4643 return -EINVAL; 4644 4645 err = -EOPNOTSUPP; 4646 if (rdev->ops->testmode_cmd) { 4647 rdev->testmode_info = info; 4648 err = rdev->ops->testmode_cmd(&rdev->wiphy, 4649 nla_data(info->attrs[NL80211_ATTR_TESTDATA]), 4650 nla_len(info->attrs[NL80211_ATTR_TESTDATA])); 4651 rdev->testmode_info = NULL; 4652 } 4653 4654 return err; 4655 } 4656 4657 static int nl80211_testmode_dump(struct sk_buff *skb, 4658 struct netlink_callback *cb) 4659 { 4660 struct cfg80211_registered_device *dev; 4661 int err; 4662 long phy_idx; 4663 void *data = NULL; 4664 int data_len = 0; 4665 4666 if (cb->args[0]) { 4667 /* 4668 * 0 is a valid index, but not valid for args[0], 4669 * so we need to offset by 1. 4670 */ 4671 phy_idx = cb->args[0] - 1; 4672 } else { 4673 err = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize, 4674 nl80211_fam.attrbuf, nl80211_fam.maxattr, 4675 nl80211_policy); 4676 if (err) 4677 return err; 4678 if (!nl80211_fam.attrbuf[NL80211_ATTR_WIPHY]) 4679 return -EINVAL; 4680 phy_idx = nla_get_u32(nl80211_fam.attrbuf[NL80211_ATTR_WIPHY]); 4681 if (nl80211_fam.attrbuf[NL80211_ATTR_TESTDATA]) 4682 cb->args[1] = 4683 (long)nl80211_fam.attrbuf[NL80211_ATTR_TESTDATA]; 4684 } 4685 4686 if (cb->args[1]) { 4687 data = nla_data((void *)cb->args[1]); 4688 data_len = nla_len((void *)cb->args[1]); 4689 } 4690 4691 mutex_lock(&cfg80211_mutex); 4692 dev = cfg80211_rdev_by_wiphy_idx(phy_idx); 4693 if (!dev) { 4694 mutex_unlock(&cfg80211_mutex); 4695 return -ENOENT; 4696 } 4697 cfg80211_lock_rdev(dev); 4698 mutex_unlock(&cfg80211_mutex); 4699 4700 if (!dev->ops->testmode_dump) { 4701 err = -EOPNOTSUPP; 4702 goto out_err; 4703 } 4704 4705 while (1) { 4706 void *hdr = nl80211hdr_put(skb, NETLINK_CB(cb->skb).pid, 4707 cb->nlh->nlmsg_seq, NLM_F_MULTI, 4708 NL80211_CMD_TESTMODE); 4709 struct nlattr *tmdata; 4710 4711 if (nla_put_u32(skb, NL80211_ATTR_WIPHY, dev->wiphy_idx) < 0) { 4712 genlmsg_cancel(skb, hdr); 4713 break; 4714 } 4715 4716 tmdata = nla_nest_start(skb, NL80211_ATTR_TESTDATA); 4717 if (!tmdata) { 4718 genlmsg_cancel(skb, hdr); 4719 break; 4720 } 4721 err = dev->ops->testmode_dump(&dev->wiphy, skb, cb, 4722 data, data_len); 4723 nla_nest_end(skb, tmdata); 4724 4725 if (err == -ENOBUFS || err == -ENOENT) { 4726 genlmsg_cancel(skb, hdr); 4727 break; 4728 } else if (err) { 4729 genlmsg_cancel(skb, hdr); 4730 goto out_err; 4731 } 4732 4733 genlmsg_end(skb, hdr); 4734 } 4735 4736 err = skb->len; 4737 /* see above */ 4738 cb->args[0] = phy_idx + 1; 4739 out_err: 4740 cfg80211_unlock_rdev(dev); 4741 return err; 4742 } 4743 4744 static struct sk_buff * 4745 __cfg80211_testmode_alloc_skb(struct cfg80211_registered_device *rdev, 4746 int approxlen, u32 pid, u32 seq, gfp_t gfp) 4747 { 4748 struct sk_buff *skb; 4749 void *hdr; 4750 struct nlattr *data; 4751 4752 skb = nlmsg_new(approxlen + 100, gfp); 4753 if (!skb) 4754 return NULL; 4755 4756 hdr = nl80211hdr_put(skb, pid, seq, 0, NL80211_CMD_TESTMODE); 4757 if (!hdr) { 4758 kfree_skb(skb); 4759 return NULL; 4760 } 4761 4762 NLA_PUT_U32(skb, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 4763 data = nla_nest_start(skb, NL80211_ATTR_TESTDATA); 4764 4765 ((void **)skb->cb)[0] = rdev; 4766 ((void **)skb->cb)[1] = hdr; 4767 ((void **)skb->cb)[2] = data; 4768 4769 return skb; 4770 4771 nla_put_failure: 4772 kfree_skb(skb); 4773 return NULL; 4774 } 4775 4776 struct sk_buff *cfg80211_testmode_alloc_reply_skb(struct wiphy *wiphy, 4777 int approxlen) 4778 { 4779 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 4780 4781 if (WARN_ON(!rdev->testmode_info)) 4782 return NULL; 4783 4784 return __cfg80211_testmode_alloc_skb(rdev, approxlen, 4785 rdev->testmode_info->snd_pid, 4786 rdev->testmode_info->snd_seq, 4787 GFP_KERNEL); 4788 } 4789 EXPORT_SYMBOL(cfg80211_testmode_alloc_reply_skb); 4790 4791 int cfg80211_testmode_reply(struct sk_buff *skb) 4792 { 4793 struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0]; 4794 void *hdr = ((void **)skb->cb)[1]; 4795 struct nlattr *data = ((void **)skb->cb)[2]; 4796 4797 if (WARN_ON(!rdev->testmode_info)) { 4798 kfree_skb(skb); 4799 return -EINVAL; 4800 } 4801 4802 nla_nest_end(skb, data); 4803 genlmsg_end(skb, hdr); 4804 return genlmsg_reply(skb, rdev->testmode_info); 4805 } 4806 EXPORT_SYMBOL(cfg80211_testmode_reply); 4807 4808 struct sk_buff *cfg80211_testmode_alloc_event_skb(struct wiphy *wiphy, 4809 int approxlen, gfp_t gfp) 4810 { 4811 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); 4812 4813 return __cfg80211_testmode_alloc_skb(rdev, approxlen, 0, 0, gfp); 4814 } 4815 EXPORT_SYMBOL(cfg80211_testmode_alloc_event_skb); 4816 4817 void cfg80211_testmode_event(struct sk_buff *skb, gfp_t gfp) 4818 { 4819 void *hdr = ((void **)skb->cb)[1]; 4820 struct nlattr *data = ((void **)skb->cb)[2]; 4821 4822 nla_nest_end(skb, data); 4823 genlmsg_end(skb, hdr); 4824 genlmsg_multicast(skb, 0, nl80211_testmode_mcgrp.id, gfp); 4825 } 4826 EXPORT_SYMBOL(cfg80211_testmode_event); 4827 #endif 4828 4829 static int nl80211_connect(struct sk_buff *skb, struct genl_info *info) 4830 { 4831 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4832 struct net_device *dev = info->user_ptr[1]; 4833 struct cfg80211_connect_params connect; 4834 struct wiphy *wiphy; 4835 struct cfg80211_cached_keys *connkeys = NULL; 4836 int err; 4837 4838 memset(&connect, 0, sizeof(connect)); 4839 4840 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) 4841 return -EINVAL; 4842 4843 if (!info->attrs[NL80211_ATTR_SSID] || 4844 !nla_len(info->attrs[NL80211_ATTR_SSID])) 4845 return -EINVAL; 4846 4847 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) { 4848 connect.auth_type = 4849 nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]); 4850 if (!nl80211_valid_auth_type(connect.auth_type)) 4851 return -EINVAL; 4852 } else 4853 connect.auth_type = NL80211_AUTHTYPE_AUTOMATIC; 4854 4855 connect.privacy = info->attrs[NL80211_ATTR_PRIVACY]; 4856 4857 err = nl80211_crypto_settings(rdev, info, &connect.crypto, 4858 NL80211_MAX_NR_CIPHER_SUITES); 4859 if (err) 4860 return err; 4861 4862 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4863 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4864 return -EOPNOTSUPP; 4865 4866 wiphy = &rdev->wiphy; 4867 4868 if (info->attrs[NL80211_ATTR_MAC]) 4869 connect.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4870 connect.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); 4871 connect.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); 4872 4873 if (info->attrs[NL80211_ATTR_IE]) { 4874 connect.ie = nla_data(info->attrs[NL80211_ATTR_IE]); 4875 connect.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); 4876 } 4877 4878 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { 4879 connect.channel = 4880 ieee80211_get_channel(wiphy, 4881 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ])); 4882 if (!connect.channel || 4883 connect.channel->flags & IEEE80211_CHAN_DISABLED) 4884 return -EINVAL; 4885 } 4886 4887 if (connect.privacy && info->attrs[NL80211_ATTR_KEYS]) { 4888 connkeys = nl80211_parse_connkeys(rdev, 4889 info->attrs[NL80211_ATTR_KEYS]); 4890 if (IS_ERR(connkeys)) 4891 return PTR_ERR(connkeys); 4892 } 4893 4894 err = cfg80211_connect(rdev, dev, &connect, connkeys); 4895 if (err) 4896 kfree(connkeys); 4897 return err; 4898 } 4899 4900 static int nl80211_disconnect(struct sk_buff *skb, struct genl_info *info) 4901 { 4902 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4903 struct net_device *dev = info->user_ptr[1]; 4904 u16 reason; 4905 4906 if (!info->attrs[NL80211_ATTR_REASON_CODE]) 4907 reason = WLAN_REASON_DEAUTH_LEAVING; 4908 else 4909 reason = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); 4910 4911 if (reason == 0) 4912 return -EINVAL; 4913 4914 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4915 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4916 return -EOPNOTSUPP; 4917 4918 return cfg80211_disconnect(rdev, dev, reason, true); 4919 } 4920 4921 static int nl80211_wiphy_netns(struct sk_buff *skb, struct genl_info *info) 4922 { 4923 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4924 struct net *net; 4925 int err; 4926 u32 pid; 4927 4928 if (!info->attrs[NL80211_ATTR_PID]) 4929 return -EINVAL; 4930 4931 pid = nla_get_u32(info->attrs[NL80211_ATTR_PID]); 4932 4933 net = get_net_ns_by_pid(pid); 4934 if (IS_ERR(net)) 4935 return PTR_ERR(net); 4936 4937 err = 0; 4938 4939 /* check if anything to do */ 4940 if (!net_eq(wiphy_net(&rdev->wiphy), net)) 4941 err = cfg80211_switch_netns(rdev, net); 4942 4943 put_net(net); 4944 return err; 4945 } 4946 4947 static int nl80211_setdel_pmksa(struct sk_buff *skb, struct genl_info *info) 4948 { 4949 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4950 int (*rdev_ops)(struct wiphy *wiphy, struct net_device *dev, 4951 struct cfg80211_pmksa *pmksa) = NULL; 4952 struct net_device *dev = info->user_ptr[1]; 4953 struct cfg80211_pmksa pmksa; 4954 4955 memset(&pmksa, 0, sizeof(struct cfg80211_pmksa)); 4956 4957 if (!info->attrs[NL80211_ATTR_MAC]) 4958 return -EINVAL; 4959 4960 if (!info->attrs[NL80211_ATTR_PMKID]) 4961 return -EINVAL; 4962 4963 pmksa.pmkid = nla_data(info->attrs[NL80211_ATTR_PMKID]); 4964 pmksa.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); 4965 4966 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4967 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4968 return -EOPNOTSUPP; 4969 4970 switch (info->genlhdr->cmd) { 4971 case NL80211_CMD_SET_PMKSA: 4972 rdev_ops = rdev->ops->set_pmksa; 4973 break; 4974 case NL80211_CMD_DEL_PMKSA: 4975 rdev_ops = rdev->ops->del_pmksa; 4976 break; 4977 default: 4978 WARN_ON(1); 4979 break; 4980 } 4981 4982 if (!rdev_ops) 4983 return -EOPNOTSUPP; 4984 4985 return rdev_ops(&rdev->wiphy, dev, &pmksa); 4986 } 4987 4988 static int nl80211_flush_pmksa(struct sk_buff *skb, struct genl_info *info) 4989 { 4990 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 4991 struct net_device *dev = info->user_ptr[1]; 4992 4993 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 4994 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) 4995 return -EOPNOTSUPP; 4996 4997 if (!rdev->ops->flush_pmksa) 4998 return -EOPNOTSUPP; 4999 5000 return rdev->ops->flush_pmksa(&rdev->wiphy, dev); 5001 } 5002 5003 static int nl80211_tdls_mgmt(struct sk_buff *skb, struct genl_info *info) 5004 { 5005 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5006 struct net_device *dev = info->user_ptr[1]; 5007 u8 action_code, dialog_token; 5008 u16 status_code; 5009 u8 *peer; 5010 5011 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) || 5012 !rdev->ops->tdls_mgmt) 5013 return -EOPNOTSUPP; 5014 5015 if (!info->attrs[NL80211_ATTR_TDLS_ACTION] || 5016 !info->attrs[NL80211_ATTR_STATUS_CODE] || 5017 !info->attrs[NL80211_ATTR_TDLS_DIALOG_TOKEN] || 5018 !info->attrs[NL80211_ATTR_IE] || 5019 !info->attrs[NL80211_ATTR_MAC]) 5020 return -EINVAL; 5021 5022 peer = nla_data(info->attrs[NL80211_ATTR_MAC]); 5023 action_code = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_ACTION]); 5024 status_code = nla_get_u16(info->attrs[NL80211_ATTR_STATUS_CODE]); 5025 dialog_token = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_DIALOG_TOKEN]); 5026 5027 return rdev->ops->tdls_mgmt(&rdev->wiphy, dev, peer, action_code, 5028 dialog_token, status_code, 5029 nla_data(info->attrs[NL80211_ATTR_IE]), 5030 nla_len(info->attrs[NL80211_ATTR_IE])); 5031 } 5032 5033 static int nl80211_tdls_oper(struct sk_buff *skb, struct genl_info *info) 5034 { 5035 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5036 struct net_device *dev = info->user_ptr[1]; 5037 enum nl80211_tdls_operation operation; 5038 u8 *peer; 5039 5040 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) || 5041 !rdev->ops->tdls_oper) 5042 return -EOPNOTSUPP; 5043 5044 if (!info->attrs[NL80211_ATTR_TDLS_OPERATION] || 5045 !info->attrs[NL80211_ATTR_MAC]) 5046 return -EINVAL; 5047 5048 operation = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_OPERATION]); 5049 peer = nla_data(info->attrs[NL80211_ATTR_MAC]); 5050 5051 return rdev->ops->tdls_oper(&rdev->wiphy, dev, peer, operation); 5052 } 5053 5054 static int nl80211_remain_on_channel(struct sk_buff *skb, 5055 struct genl_info *info) 5056 { 5057 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5058 struct net_device *dev = info->user_ptr[1]; 5059 struct ieee80211_channel *chan; 5060 struct sk_buff *msg; 5061 void *hdr; 5062 u64 cookie; 5063 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 5064 u32 freq, duration; 5065 int err; 5066 5067 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] || 5068 !info->attrs[NL80211_ATTR_DURATION]) 5069 return -EINVAL; 5070 5071 duration = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]); 5072 5073 /* 5074 * We should be on that channel for at least one jiffie, 5075 * and more than 5 seconds seems excessive. 5076 */ 5077 if (!duration || !msecs_to_jiffies(duration) || 5078 duration > rdev->wiphy.max_remain_on_channel_duration) 5079 return -EINVAL; 5080 5081 if (!rdev->ops->remain_on_channel) 5082 return -EOPNOTSUPP; 5083 5084 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 5085 channel_type = nla_get_u32( 5086 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 5087 if (channel_type != NL80211_CHAN_NO_HT && 5088 channel_type != NL80211_CHAN_HT20 && 5089 channel_type != NL80211_CHAN_HT40PLUS && 5090 channel_type != NL80211_CHAN_HT40MINUS) 5091 return -EINVAL; 5092 } 5093 5094 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); 5095 chan = rdev_freq_to_chan(rdev, freq, channel_type); 5096 if (chan == NULL) 5097 return -EINVAL; 5098 5099 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5100 if (!msg) 5101 return -ENOMEM; 5102 5103 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 5104 NL80211_CMD_REMAIN_ON_CHANNEL); 5105 5106 if (IS_ERR(hdr)) { 5107 err = PTR_ERR(hdr); 5108 goto free_msg; 5109 } 5110 5111 err = rdev->ops->remain_on_channel(&rdev->wiphy, dev, chan, 5112 channel_type, duration, &cookie); 5113 5114 if (err) 5115 goto free_msg; 5116 5117 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 5118 5119 genlmsg_end(msg, hdr); 5120 5121 return genlmsg_reply(msg, info); 5122 5123 nla_put_failure: 5124 err = -ENOBUFS; 5125 free_msg: 5126 nlmsg_free(msg); 5127 return err; 5128 } 5129 5130 static int nl80211_cancel_remain_on_channel(struct sk_buff *skb, 5131 struct genl_info *info) 5132 { 5133 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5134 struct net_device *dev = info->user_ptr[1]; 5135 u64 cookie; 5136 5137 if (!info->attrs[NL80211_ATTR_COOKIE]) 5138 return -EINVAL; 5139 5140 if (!rdev->ops->cancel_remain_on_channel) 5141 return -EOPNOTSUPP; 5142 5143 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]); 5144 5145 return rdev->ops->cancel_remain_on_channel(&rdev->wiphy, dev, cookie); 5146 } 5147 5148 static u32 rateset_to_mask(struct ieee80211_supported_band *sband, 5149 u8 *rates, u8 rates_len) 5150 { 5151 u8 i; 5152 u32 mask = 0; 5153 5154 for (i = 0; i < rates_len; i++) { 5155 int rate = (rates[i] & 0x7f) * 5; 5156 int ridx; 5157 for (ridx = 0; ridx < sband->n_bitrates; ridx++) { 5158 struct ieee80211_rate *srate = 5159 &sband->bitrates[ridx]; 5160 if (rate == srate->bitrate) { 5161 mask |= 1 << ridx; 5162 break; 5163 } 5164 } 5165 if (ridx == sband->n_bitrates) 5166 return 0; /* rate not found */ 5167 } 5168 5169 return mask; 5170 } 5171 5172 static const struct nla_policy nl80211_txattr_policy[NL80211_TXRATE_MAX + 1] = { 5173 [NL80211_TXRATE_LEGACY] = { .type = NLA_BINARY, 5174 .len = NL80211_MAX_SUPP_RATES }, 5175 }; 5176 5177 static int nl80211_set_tx_bitrate_mask(struct sk_buff *skb, 5178 struct genl_info *info) 5179 { 5180 struct nlattr *tb[NL80211_TXRATE_MAX + 1]; 5181 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5182 struct cfg80211_bitrate_mask mask; 5183 int rem, i; 5184 struct net_device *dev = info->user_ptr[1]; 5185 struct nlattr *tx_rates; 5186 struct ieee80211_supported_band *sband; 5187 5188 if (info->attrs[NL80211_ATTR_TX_RATES] == NULL) 5189 return -EINVAL; 5190 5191 if (!rdev->ops->set_bitrate_mask) 5192 return -EOPNOTSUPP; 5193 5194 memset(&mask, 0, sizeof(mask)); 5195 /* Default to all rates enabled */ 5196 for (i = 0; i < IEEE80211_NUM_BANDS; i++) { 5197 sband = rdev->wiphy.bands[i]; 5198 mask.control[i].legacy = 5199 sband ? (1 << sband->n_bitrates) - 1 : 0; 5200 } 5201 5202 /* 5203 * The nested attribute uses enum nl80211_band as the index. This maps 5204 * directly to the enum ieee80211_band values used in cfg80211. 5205 */ 5206 nla_for_each_nested(tx_rates, info->attrs[NL80211_ATTR_TX_RATES], rem) 5207 { 5208 enum ieee80211_band band = nla_type(tx_rates); 5209 if (band < 0 || band >= IEEE80211_NUM_BANDS) 5210 return -EINVAL; 5211 sband = rdev->wiphy.bands[band]; 5212 if (sband == NULL) 5213 return -EINVAL; 5214 nla_parse(tb, NL80211_TXRATE_MAX, nla_data(tx_rates), 5215 nla_len(tx_rates), nl80211_txattr_policy); 5216 if (tb[NL80211_TXRATE_LEGACY]) { 5217 mask.control[band].legacy = rateset_to_mask( 5218 sband, 5219 nla_data(tb[NL80211_TXRATE_LEGACY]), 5220 nla_len(tb[NL80211_TXRATE_LEGACY])); 5221 if (mask.control[band].legacy == 0) 5222 return -EINVAL; 5223 } 5224 } 5225 5226 return rdev->ops->set_bitrate_mask(&rdev->wiphy, dev, NULL, &mask); 5227 } 5228 5229 static int nl80211_register_mgmt(struct sk_buff *skb, struct genl_info *info) 5230 { 5231 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5232 struct net_device *dev = info->user_ptr[1]; 5233 u16 frame_type = IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_ACTION; 5234 5235 if (!info->attrs[NL80211_ATTR_FRAME_MATCH]) 5236 return -EINVAL; 5237 5238 if (info->attrs[NL80211_ATTR_FRAME_TYPE]) 5239 frame_type = nla_get_u16(info->attrs[NL80211_ATTR_FRAME_TYPE]); 5240 5241 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 5242 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC && 5243 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT && 5244 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 5245 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 5246 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT && 5247 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 5248 return -EOPNOTSUPP; 5249 5250 /* not much point in registering if we can't reply */ 5251 if (!rdev->ops->mgmt_tx) 5252 return -EOPNOTSUPP; 5253 5254 return cfg80211_mlme_register_mgmt(dev->ieee80211_ptr, info->snd_pid, 5255 frame_type, 5256 nla_data(info->attrs[NL80211_ATTR_FRAME_MATCH]), 5257 nla_len(info->attrs[NL80211_ATTR_FRAME_MATCH])); 5258 } 5259 5260 static int nl80211_tx_mgmt(struct sk_buff *skb, struct genl_info *info) 5261 { 5262 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5263 struct net_device *dev = info->user_ptr[1]; 5264 struct ieee80211_channel *chan; 5265 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT; 5266 bool channel_type_valid = false; 5267 u32 freq; 5268 int err; 5269 void *hdr; 5270 u64 cookie; 5271 struct sk_buff *msg; 5272 unsigned int wait = 0; 5273 bool offchan; 5274 bool no_cck; 5275 5276 if (!info->attrs[NL80211_ATTR_FRAME] || 5277 !info->attrs[NL80211_ATTR_WIPHY_FREQ]) 5278 return -EINVAL; 5279 5280 if (!rdev->ops->mgmt_tx) 5281 return -EOPNOTSUPP; 5282 5283 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 5284 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC && 5285 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT && 5286 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 5287 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 5288 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT && 5289 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 5290 return -EOPNOTSUPP; 5291 5292 if (info->attrs[NL80211_ATTR_DURATION]) { 5293 if (!rdev->ops->mgmt_tx_cancel_wait) 5294 return -EINVAL; 5295 wait = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]); 5296 } 5297 5298 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { 5299 channel_type = nla_get_u32( 5300 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]); 5301 if (channel_type != NL80211_CHAN_NO_HT && 5302 channel_type != NL80211_CHAN_HT20 && 5303 channel_type != NL80211_CHAN_HT40PLUS && 5304 channel_type != NL80211_CHAN_HT40MINUS) 5305 return -EINVAL; 5306 channel_type_valid = true; 5307 } 5308 5309 offchan = info->attrs[NL80211_ATTR_OFFCHANNEL_TX_OK]; 5310 5311 no_cck = nla_get_flag(info->attrs[NL80211_ATTR_TX_NO_CCK_RATE]); 5312 5313 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); 5314 chan = rdev_freq_to_chan(rdev, freq, channel_type); 5315 if (chan == NULL) 5316 return -EINVAL; 5317 5318 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5319 if (!msg) 5320 return -ENOMEM; 5321 5322 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 5323 NL80211_CMD_FRAME); 5324 5325 if (IS_ERR(hdr)) { 5326 err = PTR_ERR(hdr); 5327 goto free_msg; 5328 } 5329 err = cfg80211_mlme_mgmt_tx(rdev, dev, chan, offchan, channel_type, 5330 channel_type_valid, wait, 5331 nla_data(info->attrs[NL80211_ATTR_FRAME]), 5332 nla_len(info->attrs[NL80211_ATTR_FRAME]), 5333 no_cck, &cookie); 5334 if (err) 5335 goto free_msg; 5336 5337 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 5338 5339 genlmsg_end(msg, hdr); 5340 return genlmsg_reply(msg, info); 5341 5342 nla_put_failure: 5343 err = -ENOBUFS; 5344 free_msg: 5345 nlmsg_free(msg); 5346 return err; 5347 } 5348 5349 static int nl80211_tx_mgmt_cancel_wait(struct sk_buff *skb, struct genl_info *info) 5350 { 5351 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5352 struct net_device *dev = info->user_ptr[1]; 5353 u64 cookie; 5354 5355 if (!info->attrs[NL80211_ATTR_COOKIE]) 5356 return -EINVAL; 5357 5358 if (!rdev->ops->mgmt_tx_cancel_wait) 5359 return -EOPNOTSUPP; 5360 5361 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && 5362 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC && 5363 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT && 5364 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && 5365 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && 5366 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) 5367 return -EOPNOTSUPP; 5368 5369 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]); 5370 5371 return rdev->ops->mgmt_tx_cancel_wait(&rdev->wiphy, dev, cookie); 5372 } 5373 5374 static int nl80211_set_power_save(struct sk_buff *skb, struct genl_info *info) 5375 { 5376 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5377 struct wireless_dev *wdev; 5378 struct net_device *dev = info->user_ptr[1]; 5379 u8 ps_state; 5380 bool state; 5381 int err; 5382 5383 if (!info->attrs[NL80211_ATTR_PS_STATE]) 5384 return -EINVAL; 5385 5386 ps_state = nla_get_u32(info->attrs[NL80211_ATTR_PS_STATE]); 5387 5388 if (ps_state != NL80211_PS_DISABLED && ps_state != NL80211_PS_ENABLED) 5389 return -EINVAL; 5390 5391 wdev = dev->ieee80211_ptr; 5392 5393 if (!rdev->ops->set_power_mgmt) 5394 return -EOPNOTSUPP; 5395 5396 state = (ps_state == NL80211_PS_ENABLED) ? true : false; 5397 5398 if (state == wdev->ps) 5399 return 0; 5400 5401 err = rdev->ops->set_power_mgmt(wdev->wiphy, dev, state, 5402 wdev->ps_timeout); 5403 if (!err) 5404 wdev->ps = state; 5405 return err; 5406 } 5407 5408 static int nl80211_get_power_save(struct sk_buff *skb, struct genl_info *info) 5409 { 5410 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5411 enum nl80211_ps_state ps_state; 5412 struct wireless_dev *wdev; 5413 struct net_device *dev = info->user_ptr[1]; 5414 struct sk_buff *msg; 5415 void *hdr; 5416 int err; 5417 5418 wdev = dev->ieee80211_ptr; 5419 5420 if (!rdev->ops->set_power_mgmt) 5421 return -EOPNOTSUPP; 5422 5423 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5424 if (!msg) 5425 return -ENOMEM; 5426 5427 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 5428 NL80211_CMD_GET_POWER_SAVE); 5429 if (!hdr) { 5430 err = -ENOBUFS; 5431 goto free_msg; 5432 } 5433 5434 if (wdev->ps) 5435 ps_state = NL80211_PS_ENABLED; 5436 else 5437 ps_state = NL80211_PS_DISABLED; 5438 5439 NLA_PUT_U32(msg, NL80211_ATTR_PS_STATE, ps_state); 5440 5441 genlmsg_end(msg, hdr); 5442 return genlmsg_reply(msg, info); 5443 5444 nla_put_failure: 5445 err = -ENOBUFS; 5446 free_msg: 5447 nlmsg_free(msg); 5448 return err; 5449 } 5450 5451 static struct nla_policy 5452 nl80211_attr_cqm_policy[NL80211_ATTR_CQM_MAX + 1] __read_mostly = { 5453 [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_U32 }, 5454 [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U32 }, 5455 [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 }, 5456 }; 5457 5458 static int nl80211_set_cqm_rssi(struct genl_info *info, 5459 s32 threshold, u32 hysteresis) 5460 { 5461 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5462 struct wireless_dev *wdev; 5463 struct net_device *dev = info->user_ptr[1]; 5464 5465 if (threshold > 0) 5466 return -EINVAL; 5467 5468 wdev = dev->ieee80211_ptr; 5469 5470 if (!rdev->ops->set_cqm_rssi_config) 5471 return -EOPNOTSUPP; 5472 5473 if (wdev->iftype != NL80211_IFTYPE_STATION && 5474 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT) 5475 return -EOPNOTSUPP; 5476 5477 return rdev->ops->set_cqm_rssi_config(wdev->wiphy, dev, 5478 threshold, hysteresis); 5479 } 5480 5481 static int nl80211_set_cqm(struct sk_buff *skb, struct genl_info *info) 5482 { 5483 struct nlattr *attrs[NL80211_ATTR_CQM_MAX + 1]; 5484 struct nlattr *cqm; 5485 int err; 5486 5487 cqm = info->attrs[NL80211_ATTR_CQM]; 5488 if (!cqm) { 5489 err = -EINVAL; 5490 goto out; 5491 } 5492 5493 err = nla_parse_nested(attrs, NL80211_ATTR_CQM_MAX, cqm, 5494 nl80211_attr_cqm_policy); 5495 if (err) 5496 goto out; 5497 5498 if (attrs[NL80211_ATTR_CQM_RSSI_THOLD] && 5499 attrs[NL80211_ATTR_CQM_RSSI_HYST]) { 5500 s32 threshold; 5501 u32 hysteresis; 5502 threshold = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_THOLD]); 5503 hysteresis = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_HYST]); 5504 err = nl80211_set_cqm_rssi(info, threshold, hysteresis); 5505 } else 5506 err = -EINVAL; 5507 5508 out: 5509 return err; 5510 } 5511 5512 static int nl80211_join_mesh(struct sk_buff *skb, struct genl_info *info) 5513 { 5514 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5515 struct net_device *dev = info->user_ptr[1]; 5516 struct mesh_config cfg; 5517 struct mesh_setup setup; 5518 int err; 5519 5520 /* start with default */ 5521 memcpy(&cfg, &default_mesh_config, sizeof(cfg)); 5522 memcpy(&setup, &default_mesh_setup, sizeof(setup)); 5523 5524 if (info->attrs[NL80211_ATTR_MESH_CONFIG]) { 5525 /* and parse parameters if given */ 5526 err = nl80211_parse_mesh_config(info, &cfg, NULL); 5527 if (err) 5528 return err; 5529 } 5530 5531 if (!info->attrs[NL80211_ATTR_MESH_ID] || 5532 !nla_len(info->attrs[NL80211_ATTR_MESH_ID])) 5533 return -EINVAL; 5534 5535 setup.mesh_id = nla_data(info->attrs[NL80211_ATTR_MESH_ID]); 5536 setup.mesh_id_len = nla_len(info->attrs[NL80211_ATTR_MESH_ID]); 5537 5538 if (info->attrs[NL80211_ATTR_MESH_SETUP]) { 5539 /* parse additional setup parameters if given */ 5540 err = nl80211_parse_mesh_setup(info, &setup); 5541 if (err) 5542 return err; 5543 } 5544 5545 return cfg80211_join_mesh(rdev, dev, &setup, &cfg); 5546 } 5547 5548 static int nl80211_leave_mesh(struct sk_buff *skb, struct genl_info *info) 5549 { 5550 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5551 struct net_device *dev = info->user_ptr[1]; 5552 5553 return cfg80211_leave_mesh(rdev, dev); 5554 } 5555 5556 static int nl80211_get_wowlan(struct sk_buff *skb, struct genl_info *info) 5557 { 5558 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5559 struct sk_buff *msg; 5560 void *hdr; 5561 5562 if (!rdev->wiphy.wowlan.flags && !rdev->wiphy.wowlan.n_patterns) 5563 return -EOPNOTSUPP; 5564 5565 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 5566 if (!msg) 5567 return -ENOMEM; 5568 5569 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0, 5570 NL80211_CMD_GET_WOWLAN); 5571 if (!hdr) 5572 goto nla_put_failure; 5573 5574 if (rdev->wowlan) { 5575 struct nlattr *nl_wowlan; 5576 5577 nl_wowlan = nla_nest_start(msg, NL80211_ATTR_WOWLAN_TRIGGERS); 5578 if (!nl_wowlan) 5579 goto nla_put_failure; 5580 5581 if (rdev->wowlan->any) 5582 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_ANY); 5583 if (rdev->wowlan->disconnect) 5584 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_DISCONNECT); 5585 if (rdev->wowlan->magic_pkt) 5586 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT); 5587 if (rdev->wowlan->gtk_rekey_failure) 5588 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE); 5589 if (rdev->wowlan->eap_identity_req) 5590 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST); 5591 if (rdev->wowlan->four_way_handshake) 5592 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE); 5593 if (rdev->wowlan->rfkill_release) 5594 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE); 5595 if (rdev->wowlan->n_patterns) { 5596 struct nlattr *nl_pats, *nl_pat; 5597 int i, pat_len; 5598 5599 nl_pats = nla_nest_start(msg, 5600 NL80211_WOWLAN_TRIG_PKT_PATTERN); 5601 if (!nl_pats) 5602 goto nla_put_failure; 5603 5604 for (i = 0; i < rdev->wowlan->n_patterns; i++) { 5605 nl_pat = nla_nest_start(msg, i + 1); 5606 if (!nl_pat) 5607 goto nla_put_failure; 5608 pat_len = rdev->wowlan->patterns[i].pattern_len; 5609 NLA_PUT(msg, NL80211_WOWLAN_PKTPAT_MASK, 5610 DIV_ROUND_UP(pat_len, 8), 5611 rdev->wowlan->patterns[i].mask); 5612 NLA_PUT(msg, NL80211_WOWLAN_PKTPAT_PATTERN, 5613 pat_len, 5614 rdev->wowlan->patterns[i].pattern); 5615 nla_nest_end(msg, nl_pat); 5616 } 5617 nla_nest_end(msg, nl_pats); 5618 } 5619 5620 nla_nest_end(msg, nl_wowlan); 5621 } 5622 5623 genlmsg_end(msg, hdr); 5624 return genlmsg_reply(msg, info); 5625 5626 nla_put_failure: 5627 nlmsg_free(msg); 5628 return -ENOBUFS; 5629 } 5630 5631 static int nl80211_set_wowlan(struct sk_buff *skb, struct genl_info *info) 5632 { 5633 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5634 struct nlattr *tb[NUM_NL80211_WOWLAN_TRIG]; 5635 struct cfg80211_wowlan no_triggers = {}; 5636 struct cfg80211_wowlan new_triggers = {}; 5637 struct wiphy_wowlan_support *wowlan = &rdev->wiphy.wowlan; 5638 int err, i; 5639 5640 if (!rdev->wiphy.wowlan.flags && !rdev->wiphy.wowlan.n_patterns) 5641 return -EOPNOTSUPP; 5642 5643 if (!info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]) 5644 goto no_triggers; 5645 5646 err = nla_parse(tb, MAX_NL80211_WOWLAN_TRIG, 5647 nla_data(info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]), 5648 nla_len(info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]), 5649 nl80211_wowlan_policy); 5650 if (err) 5651 return err; 5652 5653 if (tb[NL80211_WOWLAN_TRIG_ANY]) { 5654 if (!(wowlan->flags & WIPHY_WOWLAN_ANY)) 5655 return -EINVAL; 5656 new_triggers.any = true; 5657 } 5658 5659 if (tb[NL80211_WOWLAN_TRIG_DISCONNECT]) { 5660 if (!(wowlan->flags & WIPHY_WOWLAN_DISCONNECT)) 5661 return -EINVAL; 5662 new_triggers.disconnect = true; 5663 } 5664 5665 if (tb[NL80211_WOWLAN_TRIG_MAGIC_PKT]) { 5666 if (!(wowlan->flags & WIPHY_WOWLAN_MAGIC_PKT)) 5667 return -EINVAL; 5668 new_triggers.magic_pkt = true; 5669 } 5670 5671 if (tb[NL80211_WOWLAN_TRIG_GTK_REKEY_SUPPORTED]) 5672 return -EINVAL; 5673 5674 if (tb[NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE]) { 5675 if (!(wowlan->flags & WIPHY_WOWLAN_GTK_REKEY_FAILURE)) 5676 return -EINVAL; 5677 new_triggers.gtk_rekey_failure = true; 5678 } 5679 5680 if (tb[NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST]) { 5681 if (!(wowlan->flags & WIPHY_WOWLAN_EAP_IDENTITY_REQ)) 5682 return -EINVAL; 5683 new_triggers.eap_identity_req = true; 5684 } 5685 5686 if (tb[NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE]) { 5687 if (!(wowlan->flags & WIPHY_WOWLAN_4WAY_HANDSHAKE)) 5688 return -EINVAL; 5689 new_triggers.four_way_handshake = true; 5690 } 5691 5692 if (tb[NL80211_WOWLAN_TRIG_RFKILL_RELEASE]) { 5693 if (!(wowlan->flags & WIPHY_WOWLAN_RFKILL_RELEASE)) 5694 return -EINVAL; 5695 new_triggers.rfkill_release = true; 5696 } 5697 5698 if (tb[NL80211_WOWLAN_TRIG_PKT_PATTERN]) { 5699 struct nlattr *pat; 5700 int n_patterns = 0; 5701 int rem, pat_len, mask_len; 5702 struct nlattr *pat_tb[NUM_NL80211_WOWLAN_PKTPAT]; 5703 5704 nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN], 5705 rem) 5706 n_patterns++; 5707 if (n_patterns > wowlan->n_patterns) 5708 return -EINVAL; 5709 5710 new_triggers.patterns = kcalloc(n_patterns, 5711 sizeof(new_triggers.patterns[0]), 5712 GFP_KERNEL); 5713 if (!new_triggers.patterns) 5714 return -ENOMEM; 5715 5716 new_triggers.n_patterns = n_patterns; 5717 i = 0; 5718 5719 nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN], 5720 rem) { 5721 nla_parse(pat_tb, MAX_NL80211_WOWLAN_PKTPAT, 5722 nla_data(pat), nla_len(pat), NULL); 5723 err = -EINVAL; 5724 if (!pat_tb[NL80211_WOWLAN_PKTPAT_MASK] || 5725 !pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN]) 5726 goto error; 5727 pat_len = nla_len(pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN]); 5728 mask_len = DIV_ROUND_UP(pat_len, 8); 5729 if (nla_len(pat_tb[NL80211_WOWLAN_PKTPAT_MASK]) != 5730 mask_len) 5731 goto error; 5732 if (pat_len > wowlan->pattern_max_len || 5733 pat_len < wowlan->pattern_min_len) 5734 goto error; 5735 5736 new_triggers.patterns[i].mask = 5737 kmalloc(mask_len + pat_len, GFP_KERNEL); 5738 if (!new_triggers.patterns[i].mask) { 5739 err = -ENOMEM; 5740 goto error; 5741 } 5742 new_triggers.patterns[i].pattern = 5743 new_triggers.patterns[i].mask + mask_len; 5744 memcpy(new_triggers.patterns[i].mask, 5745 nla_data(pat_tb[NL80211_WOWLAN_PKTPAT_MASK]), 5746 mask_len); 5747 new_triggers.patterns[i].pattern_len = pat_len; 5748 memcpy(new_triggers.patterns[i].pattern, 5749 nla_data(pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN]), 5750 pat_len); 5751 i++; 5752 } 5753 } 5754 5755 if (memcmp(&new_triggers, &no_triggers, sizeof(new_triggers))) { 5756 struct cfg80211_wowlan *ntrig; 5757 ntrig = kmemdup(&new_triggers, sizeof(new_triggers), 5758 GFP_KERNEL); 5759 if (!ntrig) { 5760 err = -ENOMEM; 5761 goto error; 5762 } 5763 cfg80211_rdev_free_wowlan(rdev); 5764 rdev->wowlan = ntrig; 5765 } else { 5766 no_triggers: 5767 cfg80211_rdev_free_wowlan(rdev); 5768 rdev->wowlan = NULL; 5769 } 5770 5771 return 0; 5772 error: 5773 for (i = 0; i < new_triggers.n_patterns; i++) 5774 kfree(new_triggers.patterns[i].mask); 5775 kfree(new_triggers.patterns); 5776 return err; 5777 } 5778 5779 static int nl80211_set_rekey_data(struct sk_buff *skb, struct genl_info *info) 5780 { 5781 struct cfg80211_registered_device *rdev = info->user_ptr[0]; 5782 struct net_device *dev = info->user_ptr[1]; 5783 struct wireless_dev *wdev = dev->ieee80211_ptr; 5784 struct nlattr *tb[NUM_NL80211_REKEY_DATA]; 5785 struct cfg80211_gtk_rekey_data rekey_data; 5786 int err; 5787 5788 if (!info->attrs[NL80211_ATTR_REKEY_DATA]) 5789 return -EINVAL; 5790 5791 err = nla_parse(tb, MAX_NL80211_REKEY_DATA, 5792 nla_data(info->attrs[NL80211_ATTR_REKEY_DATA]), 5793 nla_len(info->attrs[NL80211_ATTR_REKEY_DATA]), 5794 nl80211_rekey_policy); 5795 if (err) 5796 return err; 5797 5798 if (nla_len(tb[NL80211_REKEY_DATA_REPLAY_CTR]) != NL80211_REPLAY_CTR_LEN) 5799 return -ERANGE; 5800 if (nla_len(tb[NL80211_REKEY_DATA_KEK]) != NL80211_KEK_LEN) 5801 return -ERANGE; 5802 if (nla_len(tb[NL80211_REKEY_DATA_KCK]) != NL80211_KCK_LEN) 5803 return -ERANGE; 5804 5805 memcpy(rekey_data.kek, nla_data(tb[NL80211_REKEY_DATA_KEK]), 5806 NL80211_KEK_LEN); 5807 memcpy(rekey_data.kck, nla_data(tb[NL80211_REKEY_DATA_KCK]), 5808 NL80211_KCK_LEN); 5809 memcpy(rekey_data.replay_ctr, 5810 nla_data(tb[NL80211_REKEY_DATA_REPLAY_CTR]), 5811 NL80211_REPLAY_CTR_LEN); 5812 5813 wdev_lock(wdev); 5814 if (!wdev->current_bss) { 5815 err = -ENOTCONN; 5816 goto out; 5817 } 5818 5819 if (!rdev->ops->set_rekey_data) { 5820 err = -EOPNOTSUPP; 5821 goto out; 5822 } 5823 5824 err = rdev->ops->set_rekey_data(&rdev->wiphy, dev, &rekey_data); 5825 out: 5826 wdev_unlock(wdev); 5827 return err; 5828 } 5829 5830 #define NL80211_FLAG_NEED_WIPHY 0x01 5831 #define NL80211_FLAG_NEED_NETDEV 0x02 5832 #define NL80211_FLAG_NEED_RTNL 0x04 5833 #define NL80211_FLAG_CHECK_NETDEV_UP 0x08 5834 #define NL80211_FLAG_NEED_NETDEV_UP (NL80211_FLAG_NEED_NETDEV |\ 5835 NL80211_FLAG_CHECK_NETDEV_UP) 5836 5837 static int nl80211_pre_doit(struct genl_ops *ops, struct sk_buff *skb, 5838 struct genl_info *info) 5839 { 5840 struct cfg80211_registered_device *rdev; 5841 struct net_device *dev; 5842 int err; 5843 bool rtnl = ops->internal_flags & NL80211_FLAG_NEED_RTNL; 5844 5845 if (rtnl) 5846 rtnl_lock(); 5847 5848 if (ops->internal_flags & NL80211_FLAG_NEED_WIPHY) { 5849 rdev = cfg80211_get_dev_from_info(info); 5850 if (IS_ERR(rdev)) { 5851 if (rtnl) 5852 rtnl_unlock(); 5853 return PTR_ERR(rdev); 5854 } 5855 info->user_ptr[0] = rdev; 5856 } else if (ops->internal_flags & NL80211_FLAG_NEED_NETDEV) { 5857 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev); 5858 if (err) { 5859 if (rtnl) 5860 rtnl_unlock(); 5861 return err; 5862 } 5863 if (ops->internal_flags & NL80211_FLAG_CHECK_NETDEV_UP && 5864 !netif_running(dev)) { 5865 cfg80211_unlock_rdev(rdev); 5866 dev_put(dev); 5867 if (rtnl) 5868 rtnl_unlock(); 5869 return -ENETDOWN; 5870 } 5871 info->user_ptr[0] = rdev; 5872 info->user_ptr[1] = dev; 5873 } 5874 5875 return 0; 5876 } 5877 5878 static void nl80211_post_doit(struct genl_ops *ops, struct sk_buff *skb, 5879 struct genl_info *info) 5880 { 5881 if (info->user_ptr[0]) 5882 cfg80211_unlock_rdev(info->user_ptr[0]); 5883 if (info->user_ptr[1]) 5884 dev_put(info->user_ptr[1]); 5885 if (ops->internal_flags & NL80211_FLAG_NEED_RTNL) 5886 rtnl_unlock(); 5887 } 5888 5889 static struct genl_ops nl80211_ops[] = { 5890 { 5891 .cmd = NL80211_CMD_GET_WIPHY, 5892 .doit = nl80211_get_wiphy, 5893 .dumpit = nl80211_dump_wiphy, 5894 .policy = nl80211_policy, 5895 /* can be retrieved by unprivileged users */ 5896 .internal_flags = NL80211_FLAG_NEED_WIPHY, 5897 }, 5898 { 5899 .cmd = NL80211_CMD_SET_WIPHY, 5900 .doit = nl80211_set_wiphy, 5901 .policy = nl80211_policy, 5902 .flags = GENL_ADMIN_PERM, 5903 .internal_flags = NL80211_FLAG_NEED_RTNL, 5904 }, 5905 { 5906 .cmd = NL80211_CMD_GET_INTERFACE, 5907 .doit = nl80211_get_interface, 5908 .dumpit = nl80211_dump_interface, 5909 .policy = nl80211_policy, 5910 /* can be retrieved by unprivileged users */ 5911 .internal_flags = NL80211_FLAG_NEED_NETDEV, 5912 }, 5913 { 5914 .cmd = NL80211_CMD_SET_INTERFACE, 5915 .doit = nl80211_set_interface, 5916 .policy = nl80211_policy, 5917 .flags = GENL_ADMIN_PERM, 5918 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5919 NL80211_FLAG_NEED_RTNL, 5920 }, 5921 { 5922 .cmd = NL80211_CMD_NEW_INTERFACE, 5923 .doit = nl80211_new_interface, 5924 .policy = nl80211_policy, 5925 .flags = GENL_ADMIN_PERM, 5926 .internal_flags = NL80211_FLAG_NEED_WIPHY | 5927 NL80211_FLAG_NEED_RTNL, 5928 }, 5929 { 5930 .cmd = NL80211_CMD_DEL_INTERFACE, 5931 .doit = nl80211_del_interface, 5932 .policy = nl80211_policy, 5933 .flags = GENL_ADMIN_PERM, 5934 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5935 NL80211_FLAG_NEED_RTNL, 5936 }, 5937 { 5938 .cmd = NL80211_CMD_GET_KEY, 5939 .doit = nl80211_get_key, 5940 .policy = nl80211_policy, 5941 .flags = GENL_ADMIN_PERM, 5942 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5943 NL80211_FLAG_NEED_RTNL, 5944 }, 5945 { 5946 .cmd = NL80211_CMD_SET_KEY, 5947 .doit = nl80211_set_key, 5948 .policy = nl80211_policy, 5949 .flags = GENL_ADMIN_PERM, 5950 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5951 NL80211_FLAG_NEED_RTNL, 5952 }, 5953 { 5954 .cmd = NL80211_CMD_NEW_KEY, 5955 .doit = nl80211_new_key, 5956 .policy = nl80211_policy, 5957 .flags = GENL_ADMIN_PERM, 5958 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5959 NL80211_FLAG_NEED_RTNL, 5960 }, 5961 { 5962 .cmd = NL80211_CMD_DEL_KEY, 5963 .doit = nl80211_del_key, 5964 .policy = nl80211_policy, 5965 .flags = GENL_ADMIN_PERM, 5966 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 5967 NL80211_FLAG_NEED_RTNL, 5968 }, 5969 { 5970 .cmd = NL80211_CMD_SET_BEACON, 5971 .policy = nl80211_policy, 5972 .flags = GENL_ADMIN_PERM, 5973 .doit = nl80211_addset_beacon, 5974 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5975 NL80211_FLAG_NEED_RTNL, 5976 }, 5977 { 5978 .cmd = NL80211_CMD_NEW_BEACON, 5979 .policy = nl80211_policy, 5980 .flags = GENL_ADMIN_PERM, 5981 .doit = nl80211_addset_beacon, 5982 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5983 NL80211_FLAG_NEED_RTNL, 5984 }, 5985 { 5986 .cmd = NL80211_CMD_DEL_BEACON, 5987 .policy = nl80211_policy, 5988 .flags = GENL_ADMIN_PERM, 5989 .doit = nl80211_del_beacon, 5990 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5991 NL80211_FLAG_NEED_RTNL, 5992 }, 5993 { 5994 .cmd = NL80211_CMD_GET_STATION, 5995 .doit = nl80211_get_station, 5996 .dumpit = nl80211_dump_station, 5997 .policy = nl80211_policy, 5998 .internal_flags = NL80211_FLAG_NEED_NETDEV | 5999 NL80211_FLAG_NEED_RTNL, 6000 }, 6001 { 6002 .cmd = NL80211_CMD_SET_STATION, 6003 .doit = nl80211_set_station, 6004 .policy = nl80211_policy, 6005 .flags = GENL_ADMIN_PERM, 6006 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6007 NL80211_FLAG_NEED_RTNL, 6008 }, 6009 { 6010 .cmd = NL80211_CMD_NEW_STATION, 6011 .doit = nl80211_new_station, 6012 .policy = nl80211_policy, 6013 .flags = GENL_ADMIN_PERM, 6014 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6015 NL80211_FLAG_NEED_RTNL, 6016 }, 6017 { 6018 .cmd = NL80211_CMD_DEL_STATION, 6019 .doit = nl80211_del_station, 6020 .policy = nl80211_policy, 6021 .flags = GENL_ADMIN_PERM, 6022 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6023 NL80211_FLAG_NEED_RTNL, 6024 }, 6025 { 6026 .cmd = NL80211_CMD_GET_MPATH, 6027 .doit = nl80211_get_mpath, 6028 .dumpit = nl80211_dump_mpath, 6029 .policy = nl80211_policy, 6030 .flags = GENL_ADMIN_PERM, 6031 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6032 NL80211_FLAG_NEED_RTNL, 6033 }, 6034 { 6035 .cmd = NL80211_CMD_SET_MPATH, 6036 .doit = nl80211_set_mpath, 6037 .policy = nl80211_policy, 6038 .flags = GENL_ADMIN_PERM, 6039 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6040 NL80211_FLAG_NEED_RTNL, 6041 }, 6042 { 6043 .cmd = NL80211_CMD_NEW_MPATH, 6044 .doit = nl80211_new_mpath, 6045 .policy = nl80211_policy, 6046 .flags = GENL_ADMIN_PERM, 6047 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6048 NL80211_FLAG_NEED_RTNL, 6049 }, 6050 { 6051 .cmd = NL80211_CMD_DEL_MPATH, 6052 .doit = nl80211_del_mpath, 6053 .policy = nl80211_policy, 6054 .flags = GENL_ADMIN_PERM, 6055 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6056 NL80211_FLAG_NEED_RTNL, 6057 }, 6058 { 6059 .cmd = NL80211_CMD_SET_BSS, 6060 .doit = nl80211_set_bss, 6061 .policy = nl80211_policy, 6062 .flags = GENL_ADMIN_PERM, 6063 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6064 NL80211_FLAG_NEED_RTNL, 6065 }, 6066 { 6067 .cmd = NL80211_CMD_GET_REG, 6068 .doit = nl80211_get_reg, 6069 .policy = nl80211_policy, 6070 /* can be retrieved by unprivileged users */ 6071 }, 6072 { 6073 .cmd = NL80211_CMD_SET_REG, 6074 .doit = nl80211_set_reg, 6075 .policy = nl80211_policy, 6076 .flags = GENL_ADMIN_PERM, 6077 }, 6078 { 6079 .cmd = NL80211_CMD_REQ_SET_REG, 6080 .doit = nl80211_req_set_reg, 6081 .policy = nl80211_policy, 6082 .flags = GENL_ADMIN_PERM, 6083 }, 6084 { 6085 .cmd = NL80211_CMD_GET_MESH_CONFIG, 6086 .doit = nl80211_get_mesh_config, 6087 .policy = nl80211_policy, 6088 /* can be retrieved by unprivileged users */ 6089 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6090 NL80211_FLAG_NEED_RTNL, 6091 }, 6092 { 6093 .cmd = NL80211_CMD_SET_MESH_CONFIG, 6094 .doit = nl80211_update_mesh_config, 6095 .policy = nl80211_policy, 6096 .flags = GENL_ADMIN_PERM, 6097 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6098 NL80211_FLAG_NEED_RTNL, 6099 }, 6100 { 6101 .cmd = NL80211_CMD_TRIGGER_SCAN, 6102 .doit = nl80211_trigger_scan, 6103 .policy = nl80211_policy, 6104 .flags = GENL_ADMIN_PERM, 6105 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6106 NL80211_FLAG_NEED_RTNL, 6107 }, 6108 { 6109 .cmd = NL80211_CMD_GET_SCAN, 6110 .policy = nl80211_policy, 6111 .dumpit = nl80211_dump_scan, 6112 }, 6113 { 6114 .cmd = NL80211_CMD_START_SCHED_SCAN, 6115 .doit = nl80211_start_sched_scan, 6116 .policy = nl80211_policy, 6117 .flags = GENL_ADMIN_PERM, 6118 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6119 NL80211_FLAG_NEED_RTNL, 6120 }, 6121 { 6122 .cmd = NL80211_CMD_STOP_SCHED_SCAN, 6123 .doit = nl80211_stop_sched_scan, 6124 .policy = nl80211_policy, 6125 .flags = GENL_ADMIN_PERM, 6126 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6127 NL80211_FLAG_NEED_RTNL, 6128 }, 6129 { 6130 .cmd = NL80211_CMD_AUTHENTICATE, 6131 .doit = nl80211_authenticate, 6132 .policy = nl80211_policy, 6133 .flags = GENL_ADMIN_PERM, 6134 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6135 NL80211_FLAG_NEED_RTNL, 6136 }, 6137 { 6138 .cmd = NL80211_CMD_ASSOCIATE, 6139 .doit = nl80211_associate, 6140 .policy = nl80211_policy, 6141 .flags = GENL_ADMIN_PERM, 6142 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6143 NL80211_FLAG_NEED_RTNL, 6144 }, 6145 { 6146 .cmd = NL80211_CMD_DEAUTHENTICATE, 6147 .doit = nl80211_deauthenticate, 6148 .policy = nl80211_policy, 6149 .flags = GENL_ADMIN_PERM, 6150 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6151 NL80211_FLAG_NEED_RTNL, 6152 }, 6153 { 6154 .cmd = NL80211_CMD_DISASSOCIATE, 6155 .doit = nl80211_disassociate, 6156 .policy = nl80211_policy, 6157 .flags = GENL_ADMIN_PERM, 6158 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6159 NL80211_FLAG_NEED_RTNL, 6160 }, 6161 { 6162 .cmd = NL80211_CMD_JOIN_IBSS, 6163 .doit = nl80211_join_ibss, 6164 .policy = nl80211_policy, 6165 .flags = GENL_ADMIN_PERM, 6166 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6167 NL80211_FLAG_NEED_RTNL, 6168 }, 6169 { 6170 .cmd = NL80211_CMD_LEAVE_IBSS, 6171 .doit = nl80211_leave_ibss, 6172 .policy = nl80211_policy, 6173 .flags = GENL_ADMIN_PERM, 6174 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6175 NL80211_FLAG_NEED_RTNL, 6176 }, 6177 #ifdef CONFIG_NL80211_TESTMODE 6178 { 6179 .cmd = NL80211_CMD_TESTMODE, 6180 .doit = nl80211_testmode_do, 6181 .dumpit = nl80211_testmode_dump, 6182 .policy = nl80211_policy, 6183 .flags = GENL_ADMIN_PERM, 6184 .internal_flags = NL80211_FLAG_NEED_WIPHY | 6185 NL80211_FLAG_NEED_RTNL, 6186 }, 6187 #endif 6188 { 6189 .cmd = NL80211_CMD_CONNECT, 6190 .doit = nl80211_connect, 6191 .policy = nl80211_policy, 6192 .flags = GENL_ADMIN_PERM, 6193 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6194 NL80211_FLAG_NEED_RTNL, 6195 }, 6196 { 6197 .cmd = NL80211_CMD_DISCONNECT, 6198 .doit = nl80211_disconnect, 6199 .policy = nl80211_policy, 6200 .flags = GENL_ADMIN_PERM, 6201 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6202 NL80211_FLAG_NEED_RTNL, 6203 }, 6204 { 6205 .cmd = NL80211_CMD_SET_WIPHY_NETNS, 6206 .doit = nl80211_wiphy_netns, 6207 .policy = nl80211_policy, 6208 .flags = GENL_ADMIN_PERM, 6209 .internal_flags = NL80211_FLAG_NEED_WIPHY | 6210 NL80211_FLAG_NEED_RTNL, 6211 }, 6212 { 6213 .cmd = NL80211_CMD_GET_SURVEY, 6214 .policy = nl80211_policy, 6215 .dumpit = nl80211_dump_survey, 6216 }, 6217 { 6218 .cmd = NL80211_CMD_SET_PMKSA, 6219 .doit = nl80211_setdel_pmksa, 6220 .policy = nl80211_policy, 6221 .flags = GENL_ADMIN_PERM, 6222 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6223 NL80211_FLAG_NEED_RTNL, 6224 }, 6225 { 6226 .cmd = NL80211_CMD_DEL_PMKSA, 6227 .doit = nl80211_setdel_pmksa, 6228 .policy = nl80211_policy, 6229 .flags = GENL_ADMIN_PERM, 6230 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6231 NL80211_FLAG_NEED_RTNL, 6232 }, 6233 { 6234 .cmd = NL80211_CMD_FLUSH_PMKSA, 6235 .doit = nl80211_flush_pmksa, 6236 .policy = nl80211_policy, 6237 .flags = GENL_ADMIN_PERM, 6238 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6239 NL80211_FLAG_NEED_RTNL, 6240 }, 6241 { 6242 .cmd = NL80211_CMD_REMAIN_ON_CHANNEL, 6243 .doit = nl80211_remain_on_channel, 6244 .policy = nl80211_policy, 6245 .flags = GENL_ADMIN_PERM, 6246 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6247 NL80211_FLAG_NEED_RTNL, 6248 }, 6249 { 6250 .cmd = NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL, 6251 .doit = nl80211_cancel_remain_on_channel, 6252 .policy = nl80211_policy, 6253 .flags = GENL_ADMIN_PERM, 6254 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6255 NL80211_FLAG_NEED_RTNL, 6256 }, 6257 { 6258 .cmd = NL80211_CMD_SET_TX_BITRATE_MASK, 6259 .doit = nl80211_set_tx_bitrate_mask, 6260 .policy = nl80211_policy, 6261 .flags = GENL_ADMIN_PERM, 6262 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6263 NL80211_FLAG_NEED_RTNL, 6264 }, 6265 { 6266 .cmd = NL80211_CMD_REGISTER_FRAME, 6267 .doit = nl80211_register_mgmt, 6268 .policy = nl80211_policy, 6269 .flags = GENL_ADMIN_PERM, 6270 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6271 NL80211_FLAG_NEED_RTNL, 6272 }, 6273 { 6274 .cmd = NL80211_CMD_FRAME, 6275 .doit = nl80211_tx_mgmt, 6276 .policy = nl80211_policy, 6277 .flags = GENL_ADMIN_PERM, 6278 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6279 NL80211_FLAG_NEED_RTNL, 6280 }, 6281 { 6282 .cmd = NL80211_CMD_FRAME_WAIT_CANCEL, 6283 .doit = nl80211_tx_mgmt_cancel_wait, 6284 .policy = nl80211_policy, 6285 .flags = GENL_ADMIN_PERM, 6286 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6287 NL80211_FLAG_NEED_RTNL, 6288 }, 6289 { 6290 .cmd = NL80211_CMD_SET_POWER_SAVE, 6291 .doit = nl80211_set_power_save, 6292 .policy = nl80211_policy, 6293 .flags = GENL_ADMIN_PERM, 6294 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6295 NL80211_FLAG_NEED_RTNL, 6296 }, 6297 { 6298 .cmd = NL80211_CMD_GET_POWER_SAVE, 6299 .doit = nl80211_get_power_save, 6300 .policy = nl80211_policy, 6301 /* can be retrieved by unprivileged users */ 6302 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6303 NL80211_FLAG_NEED_RTNL, 6304 }, 6305 { 6306 .cmd = NL80211_CMD_SET_CQM, 6307 .doit = nl80211_set_cqm, 6308 .policy = nl80211_policy, 6309 .flags = GENL_ADMIN_PERM, 6310 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6311 NL80211_FLAG_NEED_RTNL, 6312 }, 6313 { 6314 .cmd = NL80211_CMD_SET_CHANNEL, 6315 .doit = nl80211_set_channel, 6316 .policy = nl80211_policy, 6317 .flags = GENL_ADMIN_PERM, 6318 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6319 NL80211_FLAG_NEED_RTNL, 6320 }, 6321 { 6322 .cmd = NL80211_CMD_SET_WDS_PEER, 6323 .doit = nl80211_set_wds_peer, 6324 .policy = nl80211_policy, 6325 .flags = GENL_ADMIN_PERM, 6326 .internal_flags = NL80211_FLAG_NEED_NETDEV | 6327 NL80211_FLAG_NEED_RTNL, 6328 }, 6329 { 6330 .cmd = NL80211_CMD_JOIN_MESH, 6331 .doit = nl80211_join_mesh, 6332 .policy = nl80211_policy, 6333 .flags = GENL_ADMIN_PERM, 6334 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6335 NL80211_FLAG_NEED_RTNL, 6336 }, 6337 { 6338 .cmd = NL80211_CMD_LEAVE_MESH, 6339 .doit = nl80211_leave_mesh, 6340 .policy = nl80211_policy, 6341 .flags = GENL_ADMIN_PERM, 6342 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6343 NL80211_FLAG_NEED_RTNL, 6344 }, 6345 { 6346 .cmd = NL80211_CMD_GET_WOWLAN, 6347 .doit = nl80211_get_wowlan, 6348 .policy = nl80211_policy, 6349 /* can be retrieved by unprivileged users */ 6350 .internal_flags = NL80211_FLAG_NEED_WIPHY | 6351 NL80211_FLAG_NEED_RTNL, 6352 }, 6353 { 6354 .cmd = NL80211_CMD_SET_WOWLAN, 6355 .doit = nl80211_set_wowlan, 6356 .policy = nl80211_policy, 6357 .flags = GENL_ADMIN_PERM, 6358 .internal_flags = NL80211_FLAG_NEED_WIPHY | 6359 NL80211_FLAG_NEED_RTNL, 6360 }, 6361 { 6362 .cmd = NL80211_CMD_SET_REKEY_OFFLOAD, 6363 .doit = nl80211_set_rekey_data, 6364 .policy = nl80211_policy, 6365 .flags = GENL_ADMIN_PERM, 6366 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6367 NL80211_FLAG_NEED_RTNL, 6368 }, 6369 { 6370 .cmd = NL80211_CMD_TDLS_MGMT, 6371 .doit = nl80211_tdls_mgmt, 6372 .policy = nl80211_policy, 6373 .flags = GENL_ADMIN_PERM, 6374 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6375 NL80211_FLAG_NEED_RTNL, 6376 }, 6377 { 6378 .cmd = NL80211_CMD_TDLS_OPER, 6379 .doit = nl80211_tdls_oper, 6380 .policy = nl80211_policy, 6381 .flags = GENL_ADMIN_PERM, 6382 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | 6383 NL80211_FLAG_NEED_RTNL, 6384 }, 6385 }; 6386 6387 static struct genl_multicast_group nl80211_mlme_mcgrp = { 6388 .name = "mlme", 6389 }; 6390 6391 /* multicast groups */ 6392 static struct genl_multicast_group nl80211_config_mcgrp = { 6393 .name = "config", 6394 }; 6395 static struct genl_multicast_group nl80211_scan_mcgrp = { 6396 .name = "scan", 6397 }; 6398 static struct genl_multicast_group nl80211_regulatory_mcgrp = { 6399 .name = "regulatory", 6400 }; 6401 6402 /* notification functions */ 6403 6404 void nl80211_notify_dev_rename(struct cfg80211_registered_device *rdev) 6405 { 6406 struct sk_buff *msg; 6407 6408 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 6409 if (!msg) 6410 return; 6411 6412 if (nl80211_send_wiphy(msg, 0, 0, 0, rdev) < 0) { 6413 nlmsg_free(msg); 6414 return; 6415 } 6416 6417 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6418 nl80211_config_mcgrp.id, GFP_KERNEL); 6419 } 6420 6421 static int nl80211_add_scan_req(struct sk_buff *msg, 6422 struct cfg80211_registered_device *rdev) 6423 { 6424 struct cfg80211_scan_request *req = rdev->scan_req; 6425 struct nlattr *nest; 6426 int i; 6427 6428 ASSERT_RDEV_LOCK(rdev); 6429 6430 if (WARN_ON(!req)) 6431 return 0; 6432 6433 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_SSIDS); 6434 if (!nest) 6435 goto nla_put_failure; 6436 for (i = 0; i < req->n_ssids; i++) 6437 NLA_PUT(msg, i, req->ssids[i].ssid_len, req->ssids[i].ssid); 6438 nla_nest_end(msg, nest); 6439 6440 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_FREQUENCIES); 6441 if (!nest) 6442 goto nla_put_failure; 6443 for (i = 0; i < req->n_channels; i++) 6444 NLA_PUT_U32(msg, i, req->channels[i]->center_freq); 6445 nla_nest_end(msg, nest); 6446 6447 if (req->ie) 6448 NLA_PUT(msg, NL80211_ATTR_IE, req->ie_len, req->ie); 6449 6450 return 0; 6451 nla_put_failure: 6452 return -ENOBUFS; 6453 } 6454 6455 static int nl80211_send_scan_msg(struct sk_buff *msg, 6456 struct cfg80211_registered_device *rdev, 6457 struct net_device *netdev, 6458 u32 pid, u32 seq, int flags, 6459 u32 cmd) 6460 { 6461 void *hdr; 6462 6463 hdr = nl80211hdr_put(msg, pid, seq, flags, cmd); 6464 if (!hdr) 6465 return -1; 6466 6467 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6468 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6469 6470 /* ignore errors and send incomplete event anyway */ 6471 nl80211_add_scan_req(msg, rdev); 6472 6473 return genlmsg_end(msg, hdr); 6474 6475 nla_put_failure: 6476 genlmsg_cancel(msg, hdr); 6477 return -EMSGSIZE; 6478 } 6479 6480 static int 6481 nl80211_send_sched_scan_msg(struct sk_buff *msg, 6482 struct cfg80211_registered_device *rdev, 6483 struct net_device *netdev, 6484 u32 pid, u32 seq, int flags, u32 cmd) 6485 { 6486 void *hdr; 6487 6488 hdr = nl80211hdr_put(msg, pid, seq, flags, cmd); 6489 if (!hdr) 6490 return -1; 6491 6492 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6493 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6494 6495 return genlmsg_end(msg, hdr); 6496 6497 nla_put_failure: 6498 genlmsg_cancel(msg, hdr); 6499 return -EMSGSIZE; 6500 } 6501 6502 void nl80211_send_scan_start(struct cfg80211_registered_device *rdev, 6503 struct net_device *netdev) 6504 { 6505 struct sk_buff *msg; 6506 6507 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL); 6508 if (!msg) 6509 return; 6510 6511 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0, 6512 NL80211_CMD_TRIGGER_SCAN) < 0) { 6513 nlmsg_free(msg); 6514 return; 6515 } 6516 6517 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6518 nl80211_scan_mcgrp.id, GFP_KERNEL); 6519 } 6520 6521 void nl80211_send_scan_done(struct cfg80211_registered_device *rdev, 6522 struct net_device *netdev) 6523 { 6524 struct sk_buff *msg; 6525 6526 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 6527 if (!msg) 6528 return; 6529 6530 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0, 6531 NL80211_CMD_NEW_SCAN_RESULTS) < 0) { 6532 nlmsg_free(msg); 6533 return; 6534 } 6535 6536 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6537 nl80211_scan_mcgrp.id, GFP_KERNEL); 6538 } 6539 6540 void nl80211_send_scan_aborted(struct cfg80211_registered_device *rdev, 6541 struct net_device *netdev) 6542 { 6543 struct sk_buff *msg; 6544 6545 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 6546 if (!msg) 6547 return; 6548 6549 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0, 6550 NL80211_CMD_SCAN_ABORTED) < 0) { 6551 nlmsg_free(msg); 6552 return; 6553 } 6554 6555 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6556 nl80211_scan_mcgrp.id, GFP_KERNEL); 6557 } 6558 6559 void nl80211_send_sched_scan_results(struct cfg80211_registered_device *rdev, 6560 struct net_device *netdev) 6561 { 6562 struct sk_buff *msg; 6563 6564 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 6565 if (!msg) 6566 return; 6567 6568 if (nl80211_send_sched_scan_msg(msg, rdev, netdev, 0, 0, 0, 6569 NL80211_CMD_SCHED_SCAN_RESULTS) < 0) { 6570 nlmsg_free(msg); 6571 return; 6572 } 6573 6574 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6575 nl80211_scan_mcgrp.id, GFP_KERNEL); 6576 } 6577 6578 void nl80211_send_sched_scan(struct cfg80211_registered_device *rdev, 6579 struct net_device *netdev, u32 cmd) 6580 { 6581 struct sk_buff *msg; 6582 6583 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL); 6584 if (!msg) 6585 return; 6586 6587 if (nl80211_send_sched_scan_msg(msg, rdev, netdev, 0, 0, 0, cmd) < 0) { 6588 nlmsg_free(msg); 6589 return; 6590 } 6591 6592 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6593 nl80211_scan_mcgrp.id, GFP_KERNEL); 6594 } 6595 6596 /* 6597 * This can happen on global regulatory changes or device specific settings 6598 * based on custom world regulatory domains. 6599 */ 6600 void nl80211_send_reg_change_event(struct regulatory_request *request) 6601 { 6602 struct sk_buff *msg; 6603 void *hdr; 6604 6605 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); 6606 if (!msg) 6607 return; 6608 6609 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_CHANGE); 6610 if (!hdr) { 6611 nlmsg_free(msg); 6612 return; 6613 } 6614 6615 /* Userspace can always count this one always being set */ 6616 NLA_PUT_U8(msg, NL80211_ATTR_REG_INITIATOR, request->initiator); 6617 6618 if (request->alpha2[0] == '0' && request->alpha2[1] == '0') 6619 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 6620 NL80211_REGDOM_TYPE_WORLD); 6621 else if (request->alpha2[0] == '9' && request->alpha2[1] == '9') 6622 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 6623 NL80211_REGDOM_TYPE_CUSTOM_WORLD); 6624 else if ((request->alpha2[0] == '9' && request->alpha2[1] == '8') || 6625 request->intersect) 6626 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 6627 NL80211_REGDOM_TYPE_INTERSECTION); 6628 else { 6629 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE, 6630 NL80211_REGDOM_TYPE_COUNTRY); 6631 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, request->alpha2); 6632 } 6633 6634 if (wiphy_idx_valid(request->wiphy_idx)) 6635 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, request->wiphy_idx); 6636 6637 if (genlmsg_end(msg, hdr) < 0) { 6638 nlmsg_free(msg); 6639 return; 6640 } 6641 6642 rcu_read_lock(); 6643 genlmsg_multicast_allns(msg, 0, nl80211_regulatory_mcgrp.id, 6644 GFP_ATOMIC); 6645 rcu_read_unlock(); 6646 6647 return; 6648 6649 nla_put_failure: 6650 genlmsg_cancel(msg, hdr); 6651 nlmsg_free(msg); 6652 } 6653 6654 static void nl80211_send_mlme_event(struct cfg80211_registered_device *rdev, 6655 struct net_device *netdev, 6656 const u8 *buf, size_t len, 6657 enum nl80211_commands cmd, gfp_t gfp) 6658 { 6659 struct sk_buff *msg; 6660 void *hdr; 6661 6662 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 6663 if (!msg) 6664 return; 6665 6666 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 6667 if (!hdr) { 6668 nlmsg_free(msg); 6669 return; 6670 } 6671 6672 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6673 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6674 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf); 6675 6676 if (genlmsg_end(msg, hdr) < 0) { 6677 nlmsg_free(msg); 6678 return; 6679 } 6680 6681 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6682 nl80211_mlme_mcgrp.id, gfp); 6683 return; 6684 6685 nla_put_failure: 6686 genlmsg_cancel(msg, hdr); 6687 nlmsg_free(msg); 6688 } 6689 6690 void nl80211_send_rx_auth(struct cfg80211_registered_device *rdev, 6691 struct net_device *netdev, const u8 *buf, 6692 size_t len, gfp_t gfp) 6693 { 6694 nl80211_send_mlme_event(rdev, netdev, buf, len, 6695 NL80211_CMD_AUTHENTICATE, gfp); 6696 } 6697 6698 void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev, 6699 struct net_device *netdev, const u8 *buf, 6700 size_t len, gfp_t gfp) 6701 { 6702 nl80211_send_mlme_event(rdev, netdev, buf, len, 6703 NL80211_CMD_ASSOCIATE, gfp); 6704 } 6705 6706 void nl80211_send_deauth(struct cfg80211_registered_device *rdev, 6707 struct net_device *netdev, const u8 *buf, 6708 size_t len, gfp_t gfp) 6709 { 6710 nl80211_send_mlme_event(rdev, netdev, buf, len, 6711 NL80211_CMD_DEAUTHENTICATE, gfp); 6712 } 6713 6714 void nl80211_send_disassoc(struct cfg80211_registered_device *rdev, 6715 struct net_device *netdev, const u8 *buf, 6716 size_t len, gfp_t gfp) 6717 { 6718 nl80211_send_mlme_event(rdev, netdev, buf, len, 6719 NL80211_CMD_DISASSOCIATE, gfp); 6720 } 6721 6722 void nl80211_send_unprot_deauth(struct cfg80211_registered_device *rdev, 6723 struct net_device *netdev, const u8 *buf, 6724 size_t len, gfp_t gfp) 6725 { 6726 nl80211_send_mlme_event(rdev, netdev, buf, len, 6727 NL80211_CMD_UNPROT_DEAUTHENTICATE, gfp); 6728 } 6729 6730 void nl80211_send_unprot_disassoc(struct cfg80211_registered_device *rdev, 6731 struct net_device *netdev, const u8 *buf, 6732 size_t len, gfp_t gfp) 6733 { 6734 nl80211_send_mlme_event(rdev, netdev, buf, len, 6735 NL80211_CMD_UNPROT_DISASSOCIATE, gfp); 6736 } 6737 6738 static void nl80211_send_mlme_timeout(struct cfg80211_registered_device *rdev, 6739 struct net_device *netdev, int cmd, 6740 const u8 *addr, gfp_t gfp) 6741 { 6742 struct sk_buff *msg; 6743 void *hdr; 6744 6745 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 6746 if (!msg) 6747 return; 6748 6749 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 6750 if (!hdr) { 6751 nlmsg_free(msg); 6752 return; 6753 } 6754 6755 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6756 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6757 NLA_PUT_FLAG(msg, NL80211_ATTR_TIMED_OUT); 6758 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); 6759 6760 if (genlmsg_end(msg, hdr) < 0) { 6761 nlmsg_free(msg); 6762 return; 6763 } 6764 6765 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6766 nl80211_mlme_mcgrp.id, gfp); 6767 return; 6768 6769 nla_put_failure: 6770 genlmsg_cancel(msg, hdr); 6771 nlmsg_free(msg); 6772 } 6773 6774 void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev, 6775 struct net_device *netdev, const u8 *addr, 6776 gfp_t gfp) 6777 { 6778 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_AUTHENTICATE, 6779 addr, gfp); 6780 } 6781 6782 void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev, 6783 struct net_device *netdev, const u8 *addr, 6784 gfp_t gfp) 6785 { 6786 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_ASSOCIATE, 6787 addr, gfp); 6788 } 6789 6790 void nl80211_send_connect_result(struct cfg80211_registered_device *rdev, 6791 struct net_device *netdev, const u8 *bssid, 6792 const u8 *req_ie, size_t req_ie_len, 6793 const u8 *resp_ie, size_t resp_ie_len, 6794 u16 status, gfp_t gfp) 6795 { 6796 struct sk_buff *msg; 6797 void *hdr; 6798 6799 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 6800 if (!msg) 6801 return; 6802 6803 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONNECT); 6804 if (!hdr) { 6805 nlmsg_free(msg); 6806 return; 6807 } 6808 6809 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6810 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6811 if (bssid) 6812 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 6813 NLA_PUT_U16(msg, NL80211_ATTR_STATUS_CODE, status); 6814 if (req_ie) 6815 NLA_PUT(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie); 6816 if (resp_ie) 6817 NLA_PUT(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie); 6818 6819 if (genlmsg_end(msg, hdr) < 0) { 6820 nlmsg_free(msg); 6821 return; 6822 } 6823 6824 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6825 nl80211_mlme_mcgrp.id, gfp); 6826 return; 6827 6828 nla_put_failure: 6829 genlmsg_cancel(msg, hdr); 6830 nlmsg_free(msg); 6831 6832 } 6833 6834 void nl80211_send_roamed(struct cfg80211_registered_device *rdev, 6835 struct net_device *netdev, const u8 *bssid, 6836 const u8 *req_ie, size_t req_ie_len, 6837 const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp) 6838 { 6839 struct sk_buff *msg; 6840 void *hdr; 6841 6842 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 6843 if (!msg) 6844 return; 6845 6846 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_ROAM); 6847 if (!hdr) { 6848 nlmsg_free(msg); 6849 return; 6850 } 6851 6852 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6853 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6854 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 6855 if (req_ie) 6856 NLA_PUT(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie); 6857 if (resp_ie) 6858 NLA_PUT(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie); 6859 6860 if (genlmsg_end(msg, hdr) < 0) { 6861 nlmsg_free(msg); 6862 return; 6863 } 6864 6865 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6866 nl80211_mlme_mcgrp.id, gfp); 6867 return; 6868 6869 nla_put_failure: 6870 genlmsg_cancel(msg, hdr); 6871 nlmsg_free(msg); 6872 6873 } 6874 6875 void nl80211_send_disconnected(struct cfg80211_registered_device *rdev, 6876 struct net_device *netdev, u16 reason, 6877 const u8 *ie, size_t ie_len, bool from_ap) 6878 { 6879 struct sk_buff *msg; 6880 void *hdr; 6881 6882 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL); 6883 if (!msg) 6884 return; 6885 6886 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DISCONNECT); 6887 if (!hdr) { 6888 nlmsg_free(msg); 6889 return; 6890 } 6891 6892 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6893 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6894 if (from_ap && reason) 6895 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason); 6896 if (from_ap) 6897 NLA_PUT_FLAG(msg, NL80211_ATTR_DISCONNECTED_BY_AP); 6898 if (ie) 6899 NLA_PUT(msg, NL80211_ATTR_IE, ie_len, ie); 6900 6901 if (genlmsg_end(msg, hdr) < 0) { 6902 nlmsg_free(msg); 6903 return; 6904 } 6905 6906 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6907 nl80211_mlme_mcgrp.id, GFP_KERNEL); 6908 return; 6909 6910 nla_put_failure: 6911 genlmsg_cancel(msg, hdr); 6912 nlmsg_free(msg); 6913 6914 } 6915 6916 void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev, 6917 struct net_device *netdev, const u8 *bssid, 6918 gfp_t gfp) 6919 { 6920 struct sk_buff *msg; 6921 void *hdr; 6922 6923 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 6924 if (!msg) 6925 return; 6926 6927 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_JOIN_IBSS); 6928 if (!hdr) { 6929 nlmsg_free(msg); 6930 return; 6931 } 6932 6933 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6934 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6935 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 6936 6937 if (genlmsg_end(msg, hdr) < 0) { 6938 nlmsg_free(msg); 6939 return; 6940 } 6941 6942 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6943 nl80211_mlme_mcgrp.id, gfp); 6944 return; 6945 6946 nla_put_failure: 6947 genlmsg_cancel(msg, hdr); 6948 nlmsg_free(msg); 6949 } 6950 6951 void nl80211_send_new_peer_candidate(struct cfg80211_registered_device *rdev, 6952 struct net_device *netdev, 6953 const u8 *macaddr, const u8* ie, u8 ie_len, 6954 gfp_t gfp) 6955 { 6956 struct sk_buff *msg; 6957 void *hdr; 6958 6959 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 6960 if (!msg) 6961 return; 6962 6963 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NEW_PEER_CANDIDATE); 6964 if (!hdr) { 6965 nlmsg_free(msg); 6966 return; 6967 } 6968 6969 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 6970 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 6971 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, macaddr); 6972 if (ie_len && ie) 6973 NLA_PUT(msg, NL80211_ATTR_IE, ie_len , ie); 6974 6975 if (genlmsg_end(msg, hdr) < 0) { 6976 nlmsg_free(msg); 6977 return; 6978 } 6979 6980 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 6981 nl80211_mlme_mcgrp.id, gfp); 6982 return; 6983 6984 nla_put_failure: 6985 genlmsg_cancel(msg, hdr); 6986 nlmsg_free(msg); 6987 } 6988 6989 void nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev, 6990 struct net_device *netdev, const u8 *addr, 6991 enum nl80211_key_type key_type, int key_id, 6992 const u8 *tsc, gfp_t gfp) 6993 { 6994 struct sk_buff *msg; 6995 void *hdr; 6996 6997 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 6998 if (!msg) 6999 return; 7000 7001 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_MICHAEL_MIC_FAILURE); 7002 if (!hdr) { 7003 nlmsg_free(msg); 7004 return; 7005 } 7006 7007 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7008 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7009 if (addr) 7010 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); 7011 NLA_PUT_U32(msg, NL80211_ATTR_KEY_TYPE, key_type); 7012 if (key_id != -1) 7013 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_id); 7014 if (tsc) 7015 NLA_PUT(msg, NL80211_ATTR_KEY_SEQ, 6, tsc); 7016 7017 if (genlmsg_end(msg, hdr) < 0) { 7018 nlmsg_free(msg); 7019 return; 7020 } 7021 7022 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7023 nl80211_mlme_mcgrp.id, gfp); 7024 return; 7025 7026 nla_put_failure: 7027 genlmsg_cancel(msg, hdr); 7028 nlmsg_free(msg); 7029 } 7030 7031 void nl80211_send_beacon_hint_event(struct wiphy *wiphy, 7032 struct ieee80211_channel *channel_before, 7033 struct ieee80211_channel *channel_after) 7034 { 7035 struct sk_buff *msg; 7036 void *hdr; 7037 struct nlattr *nl_freq; 7038 7039 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC); 7040 if (!msg) 7041 return; 7042 7043 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_BEACON_HINT); 7044 if (!hdr) { 7045 nlmsg_free(msg); 7046 return; 7047 } 7048 7049 /* 7050 * Since we are applying the beacon hint to a wiphy we know its 7051 * wiphy_idx is valid 7052 */ 7053 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy)); 7054 7055 /* Before */ 7056 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_BEFORE); 7057 if (!nl_freq) 7058 goto nla_put_failure; 7059 if (nl80211_msg_put_channel(msg, channel_before)) 7060 goto nla_put_failure; 7061 nla_nest_end(msg, nl_freq); 7062 7063 /* After */ 7064 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_AFTER); 7065 if (!nl_freq) 7066 goto nla_put_failure; 7067 if (nl80211_msg_put_channel(msg, channel_after)) 7068 goto nla_put_failure; 7069 nla_nest_end(msg, nl_freq); 7070 7071 if (genlmsg_end(msg, hdr) < 0) { 7072 nlmsg_free(msg); 7073 return; 7074 } 7075 7076 rcu_read_lock(); 7077 genlmsg_multicast_allns(msg, 0, nl80211_regulatory_mcgrp.id, 7078 GFP_ATOMIC); 7079 rcu_read_unlock(); 7080 7081 return; 7082 7083 nla_put_failure: 7084 genlmsg_cancel(msg, hdr); 7085 nlmsg_free(msg); 7086 } 7087 7088 static void nl80211_send_remain_on_chan_event( 7089 int cmd, struct cfg80211_registered_device *rdev, 7090 struct net_device *netdev, u64 cookie, 7091 struct ieee80211_channel *chan, 7092 enum nl80211_channel_type channel_type, 7093 unsigned int duration, gfp_t gfp) 7094 { 7095 struct sk_buff *msg; 7096 void *hdr; 7097 7098 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 7099 if (!msg) 7100 return; 7101 7102 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); 7103 if (!hdr) { 7104 nlmsg_free(msg); 7105 return; 7106 } 7107 7108 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7109 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7110 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, chan->center_freq); 7111 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, channel_type); 7112 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 7113 7114 if (cmd == NL80211_CMD_REMAIN_ON_CHANNEL) 7115 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, duration); 7116 7117 if (genlmsg_end(msg, hdr) < 0) { 7118 nlmsg_free(msg); 7119 return; 7120 } 7121 7122 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7123 nl80211_mlme_mcgrp.id, gfp); 7124 return; 7125 7126 nla_put_failure: 7127 genlmsg_cancel(msg, hdr); 7128 nlmsg_free(msg); 7129 } 7130 7131 void nl80211_send_remain_on_channel(struct cfg80211_registered_device *rdev, 7132 struct net_device *netdev, u64 cookie, 7133 struct ieee80211_channel *chan, 7134 enum nl80211_channel_type channel_type, 7135 unsigned int duration, gfp_t gfp) 7136 { 7137 nl80211_send_remain_on_chan_event(NL80211_CMD_REMAIN_ON_CHANNEL, 7138 rdev, netdev, cookie, chan, 7139 channel_type, duration, gfp); 7140 } 7141 7142 void nl80211_send_remain_on_channel_cancel( 7143 struct cfg80211_registered_device *rdev, struct net_device *netdev, 7144 u64 cookie, struct ieee80211_channel *chan, 7145 enum nl80211_channel_type channel_type, gfp_t gfp) 7146 { 7147 nl80211_send_remain_on_chan_event(NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL, 7148 rdev, netdev, cookie, chan, 7149 channel_type, 0, gfp); 7150 } 7151 7152 void nl80211_send_sta_event(struct cfg80211_registered_device *rdev, 7153 struct net_device *dev, const u8 *mac_addr, 7154 struct station_info *sinfo, gfp_t gfp) 7155 { 7156 struct sk_buff *msg; 7157 7158 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7159 if (!msg) 7160 return; 7161 7162 if (nl80211_send_station(msg, 0, 0, 0, dev, mac_addr, sinfo) < 0) { 7163 nlmsg_free(msg); 7164 return; 7165 } 7166 7167 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7168 nl80211_mlme_mcgrp.id, gfp); 7169 } 7170 7171 void nl80211_send_sta_del_event(struct cfg80211_registered_device *rdev, 7172 struct net_device *dev, const u8 *mac_addr, 7173 gfp_t gfp) 7174 { 7175 struct sk_buff *msg; 7176 void *hdr; 7177 7178 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7179 if (!msg) 7180 return; 7181 7182 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DEL_STATION); 7183 if (!hdr) { 7184 nlmsg_free(msg); 7185 return; 7186 } 7187 7188 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex); 7189 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr); 7190 7191 if (genlmsg_end(msg, hdr) < 0) { 7192 nlmsg_free(msg); 7193 return; 7194 } 7195 7196 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7197 nl80211_mlme_mcgrp.id, gfp); 7198 return; 7199 7200 nla_put_failure: 7201 genlmsg_cancel(msg, hdr); 7202 nlmsg_free(msg); 7203 } 7204 7205 int nl80211_send_mgmt(struct cfg80211_registered_device *rdev, 7206 struct net_device *netdev, u32 nlpid, 7207 int freq, const u8 *buf, size_t len, gfp_t gfp) 7208 { 7209 struct sk_buff *msg; 7210 void *hdr; 7211 int err; 7212 7213 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 7214 if (!msg) 7215 return -ENOMEM; 7216 7217 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME); 7218 if (!hdr) { 7219 nlmsg_free(msg); 7220 return -ENOMEM; 7221 } 7222 7223 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7224 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7225 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq); 7226 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf); 7227 7228 err = genlmsg_end(msg, hdr); 7229 if (err < 0) { 7230 nlmsg_free(msg); 7231 return err; 7232 } 7233 7234 err = genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlpid); 7235 if (err < 0) 7236 return err; 7237 return 0; 7238 7239 nla_put_failure: 7240 genlmsg_cancel(msg, hdr); 7241 nlmsg_free(msg); 7242 return -ENOBUFS; 7243 } 7244 7245 void nl80211_send_mgmt_tx_status(struct cfg80211_registered_device *rdev, 7246 struct net_device *netdev, u64 cookie, 7247 const u8 *buf, size_t len, bool ack, 7248 gfp_t gfp) 7249 { 7250 struct sk_buff *msg; 7251 void *hdr; 7252 7253 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); 7254 if (!msg) 7255 return; 7256 7257 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME_TX_STATUS); 7258 if (!hdr) { 7259 nlmsg_free(msg); 7260 return; 7261 } 7262 7263 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7264 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7265 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf); 7266 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie); 7267 if (ack) 7268 NLA_PUT_FLAG(msg, NL80211_ATTR_ACK); 7269 7270 if (genlmsg_end(msg, hdr) < 0) { 7271 nlmsg_free(msg); 7272 return; 7273 } 7274 7275 genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, gfp); 7276 return; 7277 7278 nla_put_failure: 7279 genlmsg_cancel(msg, hdr); 7280 nlmsg_free(msg); 7281 } 7282 7283 void 7284 nl80211_send_cqm_rssi_notify(struct cfg80211_registered_device *rdev, 7285 struct net_device *netdev, 7286 enum nl80211_cqm_rssi_threshold_event rssi_event, 7287 gfp_t gfp) 7288 { 7289 struct sk_buff *msg; 7290 struct nlattr *pinfoattr; 7291 void *hdr; 7292 7293 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7294 if (!msg) 7295 return; 7296 7297 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM); 7298 if (!hdr) { 7299 nlmsg_free(msg); 7300 return; 7301 } 7302 7303 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7304 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7305 7306 pinfoattr = nla_nest_start(msg, NL80211_ATTR_CQM); 7307 if (!pinfoattr) 7308 goto nla_put_failure; 7309 7310 NLA_PUT_U32(msg, NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT, 7311 rssi_event); 7312 7313 nla_nest_end(msg, pinfoattr); 7314 7315 if (genlmsg_end(msg, hdr) < 0) { 7316 nlmsg_free(msg); 7317 return; 7318 } 7319 7320 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7321 nl80211_mlme_mcgrp.id, gfp); 7322 return; 7323 7324 nla_put_failure: 7325 genlmsg_cancel(msg, hdr); 7326 nlmsg_free(msg); 7327 } 7328 7329 void nl80211_gtk_rekey_notify(struct cfg80211_registered_device *rdev, 7330 struct net_device *netdev, const u8 *bssid, 7331 const u8 *replay_ctr, gfp_t gfp) 7332 { 7333 struct sk_buff *msg; 7334 struct nlattr *rekey_attr; 7335 void *hdr; 7336 7337 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7338 if (!msg) 7339 return; 7340 7341 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_SET_REKEY_OFFLOAD); 7342 if (!hdr) { 7343 nlmsg_free(msg); 7344 return; 7345 } 7346 7347 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7348 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7349 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid); 7350 7351 rekey_attr = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA); 7352 if (!rekey_attr) 7353 goto nla_put_failure; 7354 7355 NLA_PUT(msg, NL80211_REKEY_DATA_REPLAY_CTR, 7356 NL80211_REPLAY_CTR_LEN, replay_ctr); 7357 7358 nla_nest_end(msg, rekey_attr); 7359 7360 if (genlmsg_end(msg, hdr) < 0) { 7361 nlmsg_free(msg); 7362 return; 7363 } 7364 7365 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7366 nl80211_mlme_mcgrp.id, gfp); 7367 return; 7368 7369 nla_put_failure: 7370 genlmsg_cancel(msg, hdr); 7371 nlmsg_free(msg); 7372 } 7373 7374 void nl80211_pmksa_candidate_notify(struct cfg80211_registered_device *rdev, 7375 struct net_device *netdev, int index, 7376 const u8 *bssid, bool preauth, gfp_t gfp) 7377 { 7378 struct sk_buff *msg; 7379 struct nlattr *attr; 7380 void *hdr; 7381 7382 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7383 if (!msg) 7384 return; 7385 7386 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_PMKSA_CANDIDATE); 7387 if (!hdr) { 7388 nlmsg_free(msg); 7389 return; 7390 } 7391 7392 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7393 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7394 7395 attr = nla_nest_start(msg, NL80211_ATTR_PMKSA_CANDIDATE); 7396 if (!attr) 7397 goto nla_put_failure; 7398 7399 NLA_PUT_U32(msg, NL80211_PMKSA_CANDIDATE_INDEX, index); 7400 NLA_PUT(msg, NL80211_PMKSA_CANDIDATE_BSSID, ETH_ALEN, bssid); 7401 if (preauth) 7402 NLA_PUT_FLAG(msg, NL80211_PMKSA_CANDIDATE_PREAUTH); 7403 7404 nla_nest_end(msg, attr); 7405 7406 if (genlmsg_end(msg, hdr) < 0) { 7407 nlmsg_free(msg); 7408 return; 7409 } 7410 7411 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7412 nl80211_mlme_mcgrp.id, gfp); 7413 return; 7414 7415 nla_put_failure: 7416 genlmsg_cancel(msg, hdr); 7417 nlmsg_free(msg); 7418 } 7419 7420 void 7421 nl80211_send_cqm_pktloss_notify(struct cfg80211_registered_device *rdev, 7422 struct net_device *netdev, const u8 *peer, 7423 u32 num_packets, gfp_t gfp) 7424 { 7425 struct sk_buff *msg; 7426 struct nlattr *pinfoattr; 7427 void *hdr; 7428 7429 msg = nlmsg_new(NLMSG_GOODSIZE, gfp); 7430 if (!msg) 7431 return; 7432 7433 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM); 7434 if (!hdr) { 7435 nlmsg_free(msg); 7436 return; 7437 } 7438 7439 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx); 7440 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex); 7441 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, peer); 7442 7443 pinfoattr = nla_nest_start(msg, NL80211_ATTR_CQM); 7444 if (!pinfoattr) 7445 goto nla_put_failure; 7446 7447 NLA_PUT_U32(msg, NL80211_ATTR_CQM_PKT_LOSS_EVENT, num_packets); 7448 7449 nla_nest_end(msg, pinfoattr); 7450 7451 if (genlmsg_end(msg, hdr) < 0) { 7452 nlmsg_free(msg); 7453 return; 7454 } 7455 7456 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0, 7457 nl80211_mlme_mcgrp.id, gfp); 7458 return; 7459 7460 nla_put_failure: 7461 genlmsg_cancel(msg, hdr); 7462 nlmsg_free(msg); 7463 } 7464 7465 static int nl80211_netlink_notify(struct notifier_block * nb, 7466 unsigned long state, 7467 void *_notify) 7468 { 7469 struct netlink_notify *notify = _notify; 7470 struct cfg80211_registered_device *rdev; 7471 struct wireless_dev *wdev; 7472 7473 if (state != NETLINK_URELEASE) 7474 return NOTIFY_DONE; 7475 7476 rcu_read_lock(); 7477 7478 list_for_each_entry_rcu(rdev, &cfg80211_rdev_list, list) 7479 list_for_each_entry_rcu(wdev, &rdev->netdev_list, list) 7480 cfg80211_mlme_unregister_socket(wdev, notify->pid); 7481 7482 rcu_read_unlock(); 7483 7484 return NOTIFY_DONE; 7485 } 7486 7487 static struct notifier_block nl80211_netlink_notifier = { 7488 .notifier_call = nl80211_netlink_notify, 7489 }; 7490 7491 /* initialisation/exit functions */ 7492 7493 int nl80211_init(void) 7494 { 7495 int err; 7496 7497 err = genl_register_family_with_ops(&nl80211_fam, 7498 nl80211_ops, ARRAY_SIZE(nl80211_ops)); 7499 if (err) 7500 return err; 7501 7502 err = genl_register_mc_group(&nl80211_fam, &nl80211_config_mcgrp); 7503 if (err) 7504 goto err_out; 7505 7506 err = genl_register_mc_group(&nl80211_fam, &nl80211_scan_mcgrp); 7507 if (err) 7508 goto err_out; 7509 7510 err = genl_register_mc_group(&nl80211_fam, &nl80211_regulatory_mcgrp); 7511 if (err) 7512 goto err_out; 7513 7514 err = genl_register_mc_group(&nl80211_fam, &nl80211_mlme_mcgrp); 7515 if (err) 7516 goto err_out; 7517 7518 #ifdef CONFIG_NL80211_TESTMODE 7519 err = genl_register_mc_group(&nl80211_fam, &nl80211_testmode_mcgrp); 7520 if (err) 7521 goto err_out; 7522 #endif 7523 7524 err = netlink_register_notifier(&nl80211_netlink_notifier); 7525 if (err) 7526 goto err_out; 7527 7528 return 0; 7529 err_out: 7530 genl_unregister_family(&nl80211_fam); 7531 return err; 7532 } 7533 7534 void nl80211_exit(void) 7535 { 7536 netlink_unregister_notifier(&nl80211_netlink_notifier); 7537 genl_unregister_family(&nl80211_fam); 7538 } 7539