1 /* 2 * SME code for cfg80211 3 * both driver SME event handling and the SME implementation 4 * (for nl80211's connect() and wext) 5 * 6 * Copyright 2009 Johannes Berg <johannes@sipsolutions.net> 7 * Copyright (C) 2009 Intel Corporation. All rights reserved. 8 */ 9 10 #include <linux/etherdevice.h> 11 #include <linux/if_arp.h> 12 #include <linux/slab.h> 13 #include <linux/workqueue.h> 14 #include <linux/wireless.h> 15 #include <linux/export.h> 16 #include <net/iw_handler.h> 17 #include <net/cfg80211.h> 18 #include <net/rtnetlink.h> 19 #include "nl80211.h" 20 #include "reg.h" 21 #include "rdev-ops.h" 22 23 /* 24 * Software SME in cfg80211, using auth/assoc/deauth calls to the 25 * driver. This is is for implementing nl80211's connect/disconnect 26 * and wireless extensions (if configured.) 27 */ 28 29 struct cfg80211_conn { 30 struct cfg80211_connect_params params; 31 /* these are sub-states of the _CONNECTING sme_state */ 32 enum { 33 CFG80211_CONN_SCANNING, 34 CFG80211_CONN_SCAN_AGAIN, 35 CFG80211_CONN_AUTHENTICATE_NEXT, 36 CFG80211_CONN_AUTHENTICATING, 37 CFG80211_CONN_AUTH_FAILED, 38 CFG80211_CONN_ASSOCIATE_NEXT, 39 CFG80211_CONN_ASSOCIATING, 40 CFG80211_CONN_ASSOC_FAILED, 41 CFG80211_CONN_DEAUTH, 42 CFG80211_CONN_ABANDON, 43 CFG80211_CONN_CONNECTED, 44 } state; 45 u8 bssid[ETH_ALEN], prev_bssid[ETH_ALEN]; 46 const u8 *ie; 47 size_t ie_len; 48 bool auto_auth, prev_bssid_valid; 49 }; 50 51 static void cfg80211_sme_free(struct wireless_dev *wdev) 52 { 53 if (!wdev->conn) 54 return; 55 56 kfree(wdev->conn->ie); 57 kfree(wdev->conn); 58 wdev->conn = NULL; 59 } 60 61 static int cfg80211_conn_scan(struct wireless_dev *wdev) 62 { 63 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); 64 struct cfg80211_scan_request *request; 65 int n_channels, err; 66 67 ASSERT_RTNL(); 68 ASSERT_WDEV_LOCK(wdev); 69 70 if (rdev->scan_req || rdev->scan_msg) 71 return -EBUSY; 72 73 if (wdev->conn->params.channel) 74 n_channels = 1; 75 else 76 n_channels = ieee80211_get_num_supported_channels(wdev->wiphy); 77 78 request = kzalloc(sizeof(*request) + sizeof(request->ssids[0]) + 79 sizeof(request->channels[0]) * n_channels, 80 GFP_KERNEL); 81 if (!request) 82 return -ENOMEM; 83 84 if (wdev->conn->params.channel) { 85 enum nl80211_band band = wdev->conn->params.channel->band; 86 struct ieee80211_supported_band *sband = 87 wdev->wiphy->bands[band]; 88 89 if (!sband) { 90 kfree(request); 91 return -EINVAL; 92 } 93 request->channels[0] = wdev->conn->params.channel; 94 request->rates[band] = (1 << sband->n_bitrates) - 1; 95 } else { 96 int i = 0, j; 97 enum nl80211_band band; 98 struct ieee80211_supported_band *bands; 99 struct ieee80211_channel *channel; 100 101 for (band = 0; band < NUM_NL80211_BANDS; band++) { 102 bands = wdev->wiphy->bands[band]; 103 if (!bands) 104 continue; 105 for (j = 0; j < bands->n_channels; j++) { 106 channel = &bands->channels[j]; 107 if (channel->flags & IEEE80211_CHAN_DISABLED) 108 continue; 109 request->channels[i++] = channel; 110 } 111 request->rates[band] = (1 << bands->n_bitrates) - 1; 112 } 113 n_channels = i; 114 } 115 request->n_channels = n_channels; 116 request->ssids = (void *)&request->channels[n_channels]; 117 request->n_ssids = 1; 118 119 memcpy(request->ssids[0].ssid, wdev->conn->params.ssid, 120 wdev->conn->params.ssid_len); 121 request->ssids[0].ssid_len = wdev->conn->params.ssid_len; 122 123 eth_broadcast_addr(request->bssid); 124 125 request->wdev = wdev; 126 request->wiphy = &rdev->wiphy; 127 request->scan_start = jiffies; 128 129 rdev->scan_req = request; 130 131 err = rdev_scan(rdev, request); 132 if (!err) { 133 wdev->conn->state = CFG80211_CONN_SCANNING; 134 nl80211_send_scan_start(rdev, wdev); 135 dev_hold(wdev->netdev); 136 } else { 137 rdev->scan_req = NULL; 138 kfree(request); 139 } 140 return err; 141 } 142 143 static int cfg80211_conn_do_work(struct wireless_dev *wdev) 144 { 145 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); 146 struct cfg80211_connect_params *params; 147 struct cfg80211_assoc_request req = {}; 148 int err; 149 150 ASSERT_WDEV_LOCK(wdev); 151 152 if (!wdev->conn) 153 return 0; 154 155 params = &wdev->conn->params; 156 157 switch (wdev->conn->state) { 158 case CFG80211_CONN_SCANNING: 159 /* didn't find it during scan ... */ 160 return -ENOENT; 161 case CFG80211_CONN_SCAN_AGAIN: 162 return cfg80211_conn_scan(wdev); 163 case CFG80211_CONN_AUTHENTICATE_NEXT: 164 if (WARN_ON(!rdev->ops->auth)) 165 return -EOPNOTSUPP; 166 wdev->conn->state = CFG80211_CONN_AUTHENTICATING; 167 return cfg80211_mlme_auth(rdev, wdev->netdev, 168 params->channel, params->auth_type, 169 params->bssid, 170 params->ssid, params->ssid_len, 171 NULL, 0, 172 params->key, params->key_len, 173 params->key_idx, NULL, 0); 174 case CFG80211_CONN_AUTH_FAILED: 175 return -ENOTCONN; 176 case CFG80211_CONN_ASSOCIATE_NEXT: 177 if (WARN_ON(!rdev->ops->assoc)) 178 return -EOPNOTSUPP; 179 wdev->conn->state = CFG80211_CONN_ASSOCIATING; 180 if (wdev->conn->prev_bssid_valid) 181 req.prev_bssid = wdev->conn->prev_bssid; 182 req.ie = params->ie; 183 req.ie_len = params->ie_len; 184 req.use_mfp = params->mfp != NL80211_MFP_NO; 185 req.crypto = params->crypto; 186 req.flags = params->flags; 187 req.ht_capa = params->ht_capa; 188 req.ht_capa_mask = params->ht_capa_mask; 189 req.vht_capa = params->vht_capa; 190 req.vht_capa_mask = params->vht_capa_mask; 191 192 err = cfg80211_mlme_assoc(rdev, wdev->netdev, params->channel, 193 params->bssid, params->ssid, 194 params->ssid_len, &req); 195 if (err) 196 cfg80211_mlme_deauth(rdev, wdev->netdev, params->bssid, 197 NULL, 0, 198 WLAN_REASON_DEAUTH_LEAVING, 199 false); 200 return err; 201 case CFG80211_CONN_ASSOC_FAILED: 202 cfg80211_mlme_deauth(rdev, wdev->netdev, params->bssid, 203 NULL, 0, 204 WLAN_REASON_DEAUTH_LEAVING, false); 205 return -ENOTCONN; 206 case CFG80211_CONN_DEAUTH: 207 cfg80211_mlme_deauth(rdev, wdev->netdev, params->bssid, 208 NULL, 0, 209 WLAN_REASON_DEAUTH_LEAVING, false); 210 /* fall through */ 211 case CFG80211_CONN_ABANDON: 212 /* free directly, disconnected event already sent */ 213 cfg80211_sme_free(wdev); 214 return 0; 215 default: 216 return 0; 217 } 218 } 219 220 void cfg80211_conn_work(struct work_struct *work) 221 { 222 struct cfg80211_registered_device *rdev = 223 container_of(work, struct cfg80211_registered_device, conn_work); 224 struct wireless_dev *wdev; 225 u8 bssid_buf[ETH_ALEN], *bssid = NULL; 226 227 rtnl_lock(); 228 229 list_for_each_entry(wdev, &rdev->wiphy.wdev_list, list) { 230 if (!wdev->netdev) 231 continue; 232 233 wdev_lock(wdev); 234 if (!netif_running(wdev->netdev)) { 235 wdev_unlock(wdev); 236 continue; 237 } 238 if (!wdev->conn || 239 wdev->conn->state == CFG80211_CONN_CONNECTED) { 240 wdev_unlock(wdev); 241 continue; 242 } 243 if (wdev->conn->params.bssid) { 244 memcpy(bssid_buf, wdev->conn->params.bssid, ETH_ALEN); 245 bssid = bssid_buf; 246 } 247 if (cfg80211_conn_do_work(wdev)) { 248 __cfg80211_connect_result( 249 wdev->netdev, bssid, 250 NULL, 0, NULL, 0, -1, false, NULL); 251 } 252 wdev_unlock(wdev); 253 } 254 255 rtnl_unlock(); 256 } 257 258 /* Returned bss is reference counted and must be cleaned up appropriately. */ 259 static struct cfg80211_bss *cfg80211_get_conn_bss(struct wireless_dev *wdev) 260 { 261 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); 262 struct cfg80211_bss *bss; 263 264 ASSERT_WDEV_LOCK(wdev); 265 266 bss = cfg80211_get_bss(wdev->wiphy, wdev->conn->params.channel, 267 wdev->conn->params.bssid, 268 wdev->conn->params.ssid, 269 wdev->conn->params.ssid_len, 270 wdev->conn_bss_type, 271 IEEE80211_PRIVACY(wdev->conn->params.privacy)); 272 if (!bss) 273 return NULL; 274 275 memcpy(wdev->conn->bssid, bss->bssid, ETH_ALEN); 276 wdev->conn->params.bssid = wdev->conn->bssid; 277 wdev->conn->params.channel = bss->channel; 278 wdev->conn->state = CFG80211_CONN_AUTHENTICATE_NEXT; 279 schedule_work(&rdev->conn_work); 280 281 return bss; 282 } 283 284 static void __cfg80211_sme_scan_done(struct net_device *dev) 285 { 286 struct wireless_dev *wdev = dev->ieee80211_ptr; 287 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); 288 struct cfg80211_bss *bss; 289 290 ASSERT_WDEV_LOCK(wdev); 291 292 if (!wdev->conn) 293 return; 294 295 if (wdev->conn->state != CFG80211_CONN_SCANNING && 296 wdev->conn->state != CFG80211_CONN_SCAN_AGAIN) 297 return; 298 299 bss = cfg80211_get_conn_bss(wdev); 300 if (bss) 301 cfg80211_put_bss(&rdev->wiphy, bss); 302 else 303 schedule_work(&rdev->conn_work); 304 } 305 306 void cfg80211_sme_scan_done(struct net_device *dev) 307 { 308 struct wireless_dev *wdev = dev->ieee80211_ptr; 309 310 wdev_lock(wdev); 311 __cfg80211_sme_scan_done(dev); 312 wdev_unlock(wdev); 313 } 314 315 void cfg80211_sme_rx_auth(struct wireless_dev *wdev, const u8 *buf, size_t len) 316 { 317 struct wiphy *wiphy = wdev->wiphy; 318 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); 319 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf; 320 u16 status_code = le16_to_cpu(mgmt->u.auth.status_code); 321 322 ASSERT_WDEV_LOCK(wdev); 323 324 if (!wdev->conn || wdev->conn->state == CFG80211_CONN_CONNECTED) 325 return; 326 327 if (status_code == WLAN_STATUS_NOT_SUPPORTED_AUTH_ALG && 328 wdev->conn->auto_auth && 329 wdev->conn->params.auth_type != NL80211_AUTHTYPE_NETWORK_EAP) { 330 /* select automatically between only open, shared, leap */ 331 switch (wdev->conn->params.auth_type) { 332 case NL80211_AUTHTYPE_OPEN_SYSTEM: 333 if (wdev->connect_keys) 334 wdev->conn->params.auth_type = 335 NL80211_AUTHTYPE_SHARED_KEY; 336 else 337 wdev->conn->params.auth_type = 338 NL80211_AUTHTYPE_NETWORK_EAP; 339 break; 340 case NL80211_AUTHTYPE_SHARED_KEY: 341 wdev->conn->params.auth_type = 342 NL80211_AUTHTYPE_NETWORK_EAP; 343 break; 344 default: 345 /* huh? */ 346 wdev->conn->params.auth_type = 347 NL80211_AUTHTYPE_OPEN_SYSTEM; 348 break; 349 } 350 wdev->conn->state = CFG80211_CONN_AUTHENTICATE_NEXT; 351 schedule_work(&rdev->conn_work); 352 } else if (status_code != WLAN_STATUS_SUCCESS) { 353 __cfg80211_connect_result(wdev->netdev, mgmt->bssid, 354 NULL, 0, NULL, 0, 355 status_code, false, NULL); 356 } else if (wdev->conn->state == CFG80211_CONN_AUTHENTICATING) { 357 wdev->conn->state = CFG80211_CONN_ASSOCIATE_NEXT; 358 schedule_work(&rdev->conn_work); 359 } 360 } 361 362 bool cfg80211_sme_rx_assoc_resp(struct wireless_dev *wdev, u16 status) 363 { 364 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); 365 366 if (!wdev->conn) 367 return false; 368 369 if (status == WLAN_STATUS_SUCCESS) { 370 wdev->conn->state = CFG80211_CONN_CONNECTED; 371 return false; 372 } 373 374 if (wdev->conn->prev_bssid_valid) { 375 /* 376 * Some stupid APs don't accept reassoc, so we 377 * need to fall back to trying regular assoc; 378 * return true so no event is sent to userspace. 379 */ 380 wdev->conn->prev_bssid_valid = false; 381 wdev->conn->state = CFG80211_CONN_ASSOCIATE_NEXT; 382 schedule_work(&rdev->conn_work); 383 return true; 384 } 385 386 wdev->conn->state = CFG80211_CONN_ASSOC_FAILED; 387 schedule_work(&rdev->conn_work); 388 return false; 389 } 390 391 void cfg80211_sme_deauth(struct wireless_dev *wdev) 392 { 393 cfg80211_sme_free(wdev); 394 } 395 396 void cfg80211_sme_auth_timeout(struct wireless_dev *wdev) 397 { 398 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); 399 400 if (!wdev->conn) 401 return; 402 403 wdev->conn->state = CFG80211_CONN_AUTH_FAILED; 404 schedule_work(&rdev->conn_work); 405 } 406 407 void cfg80211_sme_disassoc(struct wireless_dev *wdev) 408 { 409 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); 410 411 if (!wdev->conn) 412 return; 413 414 wdev->conn->state = CFG80211_CONN_DEAUTH; 415 schedule_work(&rdev->conn_work); 416 } 417 418 void cfg80211_sme_assoc_timeout(struct wireless_dev *wdev) 419 { 420 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); 421 422 if (!wdev->conn) 423 return; 424 425 wdev->conn->state = CFG80211_CONN_ASSOC_FAILED; 426 schedule_work(&rdev->conn_work); 427 } 428 429 void cfg80211_sme_abandon_assoc(struct wireless_dev *wdev) 430 { 431 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); 432 433 if (!wdev->conn) 434 return; 435 436 wdev->conn->state = CFG80211_CONN_ABANDON; 437 schedule_work(&rdev->conn_work); 438 } 439 440 static int cfg80211_sme_get_conn_ies(struct wireless_dev *wdev, 441 const u8 *ies, size_t ies_len, 442 const u8 **out_ies, size_t *out_ies_len) 443 { 444 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); 445 u8 *buf; 446 size_t offs; 447 448 if (!rdev->wiphy.extended_capabilities_len || 449 (ies && cfg80211_find_ie(WLAN_EID_EXT_CAPABILITY, ies, ies_len))) { 450 *out_ies = kmemdup(ies, ies_len, GFP_KERNEL); 451 if (!*out_ies) 452 return -ENOMEM; 453 *out_ies_len = ies_len; 454 return 0; 455 } 456 457 buf = kmalloc(ies_len + rdev->wiphy.extended_capabilities_len + 2, 458 GFP_KERNEL); 459 if (!buf) 460 return -ENOMEM; 461 462 if (ies_len) { 463 static const u8 before_extcapa[] = { 464 /* not listing IEs expected to be created by driver */ 465 WLAN_EID_RSN, 466 WLAN_EID_QOS_CAPA, 467 WLAN_EID_RRM_ENABLED_CAPABILITIES, 468 WLAN_EID_MOBILITY_DOMAIN, 469 WLAN_EID_SUPPORTED_REGULATORY_CLASSES, 470 WLAN_EID_BSS_COEX_2040, 471 }; 472 473 offs = ieee80211_ie_split(ies, ies_len, before_extcapa, 474 ARRAY_SIZE(before_extcapa), 0); 475 memcpy(buf, ies, offs); 476 /* leave a whole for extended capabilities IE */ 477 memcpy(buf + offs + rdev->wiphy.extended_capabilities_len + 2, 478 ies + offs, ies_len - offs); 479 } else { 480 offs = 0; 481 } 482 483 /* place extended capabilities IE (with only driver capabilities) */ 484 buf[offs] = WLAN_EID_EXT_CAPABILITY; 485 buf[offs + 1] = rdev->wiphy.extended_capabilities_len; 486 memcpy(buf + offs + 2, 487 rdev->wiphy.extended_capabilities, 488 rdev->wiphy.extended_capabilities_len); 489 490 *out_ies = buf; 491 *out_ies_len = ies_len + rdev->wiphy.extended_capabilities_len + 2; 492 493 return 0; 494 } 495 496 static int cfg80211_sme_connect(struct wireless_dev *wdev, 497 struct cfg80211_connect_params *connect, 498 const u8 *prev_bssid) 499 { 500 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); 501 struct cfg80211_bss *bss; 502 int err; 503 504 if (!rdev->ops->auth || !rdev->ops->assoc) 505 return -EOPNOTSUPP; 506 507 if (wdev->current_bss) { 508 if (!prev_bssid) 509 return -EALREADY; 510 if (prev_bssid && 511 !ether_addr_equal(prev_bssid, wdev->current_bss->pub.bssid)) 512 return -ENOTCONN; 513 cfg80211_unhold_bss(wdev->current_bss); 514 cfg80211_put_bss(wdev->wiphy, &wdev->current_bss->pub); 515 wdev->current_bss = NULL; 516 517 cfg80211_sme_free(wdev); 518 } 519 520 if (WARN_ON(wdev->conn)) 521 return -EINPROGRESS; 522 523 wdev->conn = kzalloc(sizeof(*wdev->conn), GFP_KERNEL); 524 if (!wdev->conn) 525 return -ENOMEM; 526 527 /* 528 * Copy all parameters, and treat explicitly IEs, BSSID, SSID. 529 */ 530 memcpy(&wdev->conn->params, connect, sizeof(*connect)); 531 if (connect->bssid) { 532 wdev->conn->params.bssid = wdev->conn->bssid; 533 memcpy(wdev->conn->bssid, connect->bssid, ETH_ALEN); 534 } 535 536 if (cfg80211_sme_get_conn_ies(wdev, connect->ie, connect->ie_len, 537 &wdev->conn->ie, 538 &wdev->conn->params.ie_len)) { 539 kfree(wdev->conn); 540 wdev->conn = NULL; 541 return -ENOMEM; 542 } 543 wdev->conn->params.ie = wdev->conn->ie; 544 545 if (connect->auth_type == NL80211_AUTHTYPE_AUTOMATIC) { 546 wdev->conn->auto_auth = true; 547 /* start with open system ... should mostly work */ 548 wdev->conn->params.auth_type = 549 NL80211_AUTHTYPE_OPEN_SYSTEM; 550 } else { 551 wdev->conn->auto_auth = false; 552 } 553 554 wdev->conn->params.ssid = wdev->ssid; 555 wdev->conn->params.ssid_len = wdev->ssid_len; 556 557 /* see if we have the bss already */ 558 bss = cfg80211_get_conn_bss(wdev); 559 560 if (prev_bssid) { 561 memcpy(wdev->conn->prev_bssid, prev_bssid, ETH_ALEN); 562 wdev->conn->prev_bssid_valid = true; 563 } 564 565 /* we're good if we have a matching bss struct */ 566 if (bss) { 567 err = cfg80211_conn_do_work(wdev); 568 cfg80211_put_bss(wdev->wiphy, bss); 569 } else { 570 /* otherwise we'll need to scan for the AP first */ 571 err = cfg80211_conn_scan(wdev); 572 573 /* 574 * If we can't scan right now, then we need to scan again 575 * after the current scan finished, since the parameters 576 * changed (unless we find a good AP anyway). 577 */ 578 if (err == -EBUSY) { 579 err = 0; 580 wdev->conn->state = CFG80211_CONN_SCAN_AGAIN; 581 } 582 } 583 584 if (err) 585 cfg80211_sme_free(wdev); 586 587 return err; 588 } 589 590 static int cfg80211_sme_disconnect(struct wireless_dev *wdev, u16 reason) 591 { 592 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); 593 int err; 594 595 if (!wdev->conn) 596 return 0; 597 598 if (!rdev->ops->deauth) 599 return -EOPNOTSUPP; 600 601 if (wdev->conn->state == CFG80211_CONN_SCANNING || 602 wdev->conn->state == CFG80211_CONN_SCAN_AGAIN) { 603 err = 0; 604 goto out; 605 } 606 607 /* wdev->conn->params.bssid must be set if > SCANNING */ 608 err = cfg80211_mlme_deauth(rdev, wdev->netdev, 609 wdev->conn->params.bssid, 610 NULL, 0, reason, false); 611 out: 612 cfg80211_sme_free(wdev); 613 return err; 614 } 615 616 /* 617 * code shared for in-device and software SME 618 */ 619 620 static bool cfg80211_is_all_idle(void) 621 { 622 struct cfg80211_registered_device *rdev; 623 struct wireless_dev *wdev; 624 bool is_all_idle = true; 625 626 /* 627 * All devices must be idle as otherwise if you are actively 628 * scanning some new beacon hints could be learned and would 629 * count as new regulatory hints. 630 */ 631 list_for_each_entry(rdev, &cfg80211_rdev_list, list) { 632 list_for_each_entry(wdev, &rdev->wiphy.wdev_list, list) { 633 wdev_lock(wdev); 634 if (wdev->conn || wdev->current_bss) 635 is_all_idle = false; 636 wdev_unlock(wdev); 637 } 638 } 639 640 return is_all_idle; 641 } 642 643 static void disconnect_work(struct work_struct *work) 644 { 645 rtnl_lock(); 646 if (cfg80211_is_all_idle()) 647 regulatory_hint_disconnect(); 648 rtnl_unlock(); 649 } 650 651 static DECLARE_WORK(cfg80211_disconnect_work, disconnect_work); 652 653 654 /* 655 * API calls for drivers implementing connect/disconnect and 656 * SME event handling 657 */ 658 659 /* This method must consume bss one way or another */ 660 void __cfg80211_connect_result(struct net_device *dev, const u8 *bssid, 661 const u8 *req_ie, size_t req_ie_len, 662 const u8 *resp_ie, size_t resp_ie_len, 663 int status, bool wextev, 664 struct cfg80211_bss *bss) 665 { 666 struct wireless_dev *wdev = dev->ieee80211_ptr; 667 const u8 *country_ie; 668 #ifdef CONFIG_CFG80211_WEXT 669 union iwreq_data wrqu; 670 #endif 671 672 ASSERT_WDEV_LOCK(wdev); 673 674 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION && 675 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT)) { 676 cfg80211_put_bss(wdev->wiphy, bss); 677 return; 678 } 679 680 nl80211_send_connect_result(wiphy_to_rdev(wdev->wiphy), dev, 681 bssid, req_ie, req_ie_len, 682 resp_ie, resp_ie_len, 683 status, GFP_KERNEL); 684 685 #ifdef CONFIG_CFG80211_WEXT 686 if (wextev) { 687 if (req_ie && status == WLAN_STATUS_SUCCESS) { 688 memset(&wrqu, 0, sizeof(wrqu)); 689 wrqu.data.length = req_ie_len; 690 wireless_send_event(dev, IWEVASSOCREQIE, &wrqu, req_ie); 691 } 692 693 if (resp_ie && status == WLAN_STATUS_SUCCESS) { 694 memset(&wrqu, 0, sizeof(wrqu)); 695 wrqu.data.length = resp_ie_len; 696 wireless_send_event(dev, IWEVASSOCRESPIE, &wrqu, resp_ie); 697 } 698 699 memset(&wrqu, 0, sizeof(wrqu)); 700 wrqu.ap_addr.sa_family = ARPHRD_ETHER; 701 if (bssid && status == WLAN_STATUS_SUCCESS) { 702 memcpy(wrqu.ap_addr.sa_data, bssid, ETH_ALEN); 703 memcpy(wdev->wext.prev_bssid, bssid, ETH_ALEN); 704 wdev->wext.prev_bssid_valid = true; 705 } 706 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL); 707 } 708 #endif 709 710 if (!bss && (status == WLAN_STATUS_SUCCESS)) { 711 WARN_ON_ONCE(!wiphy_to_rdev(wdev->wiphy)->ops->connect); 712 bss = cfg80211_get_bss(wdev->wiphy, NULL, bssid, 713 wdev->ssid, wdev->ssid_len, 714 wdev->conn_bss_type, 715 IEEE80211_PRIVACY_ANY); 716 if (bss) 717 cfg80211_hold_bss(bss_from_pub(bss)); 718 } 719 720 if (wdev->current_bss) { 721 cfg80211_unhold_bss(wdev->current_bss); 722 cfg80211_put_bss(wdev->wiphy, &wdev->current_bss->pub); 723 wdev->current_bss = NULL; 724 } 725 726 if (status != WLAN_STATUS_SUCCESS) { 727 kzfree(wdev->connect_keys); 728 wdev->connect_keys = NULL; 729 wdev->ssid_len = 0; 730 if (bss) { 731 cfg80211_unhold_bss(bss_from_pub(bss)); 732 cfg80211_put_bss(wdev->wiphy, bss); 733 } 734 cfg80211_sme_free(wdev); 735 return; 736 } 737 738 if (WARN_ON(!bss)) 739 return; 740 741 wdev->current_bss = bss_from_pub(bss); 742 743 if (!(wdev->wiphy->flags & WIPHY_FLAG_HAS_STATIC_WEP)) 744 cfg80211_upload_connect_keys(wdev); 745 746 rcu_read_lock(); 747 country_ie = ieee80211_bss_get_ie(bss, WLAN_EID_COUNTRY); 748 if (!country_ie) { 749 rcu_read_unlock(); 750 return; 751 } 752 753 country_ie = kmemdup(country_ie, 2 + country_ie[1], GFP_ATOMIC); 754 rcu_read_unlock(); 755 756 if (!country_ie) 757 return; 758 759 /* 760 * ieee80211_bss_get_ie() ensures we can access: 761 * - country_ie + 2, the start of the country ie data, and 762 * - and country_ie[1] which is the IE length 763 */ 764 regulatory_hint_country_ie(wdev->wiphy, bss->channel->band, 765 country_ie + 2, country_ie[1]); 766 kfree(country_ie); 767 } 768 769 /* Consumes bss object one way or another */ 770 void cfg80211_connect_bss(struct net_device *dev, const u8 *bssid, 771 struct cfg80211_bss *bss, const u8 *req_ie, 772 size_t req_ie_len, const u8 *resp_ie, 773 size_t resp_ie_len, int status, gfp_t gfp) 774 { 775 struct wireless_dev *wdev = dev->ieee80211_ptr; 776 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); 777 struct cfg80211_event *ev; 778 unsigned long flags; 779 780 if (bss) { 781 /* Make sure the bss entry provided by the driver is valid. */ 782 struct cfg80211_internal_bss *ibss = bss_from_pub(bss); 783 784 if (WARN_ON(list_empty(&ibss->list))) { 785 cfg80211_put_bss(wdev->wiphy, bss); 786 return; 787 } 788 } 789 790 ev = kzalloc(sizeof(*ev) + req_ie_len + resp_ie_len, gfp); 791 if (!ev) { 792 cfg80211_put_bss(wdev->wiphy, bss); 793 return; 794 } 795 796 ev->type = EVENT_CONNECT_RESULT; 797 if (bssid) 798 memcpy(ev->cr.bssid, bssid, ETH_ALEN); 799 if (req_ie_len) { 800 ev->cr.req_ie = ((u8 *)ev) + sizeof(*ev); 801 ev->cr.req_ie_len = req_ie_len; 802 memcpy((void *)ev->cr.req_ie, req_ie, req_ie_len); 803 } 804 if (resp_ie_len) { 805 ev->cr.resp_ie = ((u8 *)ev) + sizeof(*ev) + req_ie_len; 806 ev->cr.resp_ie_len = resp_ie_len; 807 memcpy((void *)ev->cr.resp_ie, resp_ie, resp_ie_len); 808 } 809 if (bss) 810 cfg80211_hold_bss(bss_from_pub(bss)); 811 ev->cr.bss = bss; 812 ev->cr.status = status; 813 814 spin_lock_irqsave(&wdev->event_lock, flags); 815 list_add_tail(&ev->list, &wdev->event_list); 816 spin_unlock_irqrestore(&wdev->event_lock, flags); 817 queue_work(cfg80211_wq, &rdev->event_work); 818 } 819 EXPORT_SYMBOL(cfg80211_connect_bss); 820 821 /* Consumes bss object one way or another */ 822 void __cfg80211_roamed(struct wireless_dev *wdev, 823 struct cfg80211_bss *bss, 824 const u8 *req_ie, size_t req_ie_len, 825 const u8 *resp_ie, size_t resp_ie_len) 826 { 827 #ifdef CONFIG_CFG80211_WEXT 828 union iwreq_data wrqu; 829 #endif 830 ASSERT_WDEV_LOCK(wdev); 831 832 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION && 833 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT)) 834 goto out; 835 836 if (WARN_ON(!wdev->current_bss)) 837 goto out; 838 839 cfg80211_unhold_bss(wdev->current_bss); 840 cfg80211_put_bss(wdev->wiphy, &wdev->current_bss->pub); 841 wdev->current_bss = NULL; 842 843 cfg80211_hold_bss(bss_from_pub(bss)); 844 wdev->current_bss = bss_from_pub(bss); 845 846 nl80211_send_roamed(wiphy_to_rdev(wdev->wiphy), 847 wdev->netdev, bss->bssid, 848 req_ie, req_ie_len, resp_ie, resp_ie_len, 849 GFP_KERNEL); 850 851 #ifdef CONFIG_CFG80211_WEXT 852 if (req_ie) { 853 memset(&wrqu, 0, sizeof(wrqu)); 854 wrqu.data.length = req_ie_len; 855 wireless_send_event(wdev->netdev, IWEVASSOCREQIE, 856 &wrqu, req_ie); 857 } 858 859 if (resp_ie) { 860 memset(&wrqu, 0, sizeof(wrqu)); 861 wrqu.data.length = resp_ie_len; 862 wireless_send_event(wdev->netdev, IWEVASSOCRESPIE, 863 &wrqu, resp_ie); 864 } 865 866 memset(&wrqu, 0, sizeof(wrqu)); 867 wrqu.ap_addr.sa_family = ARPHRD_ETHER; 868 memcpy(wrqu.ap_addr.sa_data, bss->bssid, ETH_ALEN); 869 memcpy(wdev->wext.prev_bssid, bss->bssid, ETH_ALEN); 870 wdev->wext.prev_bssid_valid = true; 871 wireless_send_event(wdev->netdev, SIOCGIWAP, &wrqu, NULL); 872 #endif 873 874 return; 875 out: 876 cfg80211_put_bss(wdev->wiphy, bss); 877 } 878 879 void cfg80211_roamed(struct net_device *dev, 880 struct ieee80211_channel *channel, 881 const u8 *bssid, 882 const u8 *req_ie, size_t req_ie_len, 883 const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp) 884 { 885 struct wireless_dev *wdev = dev->ieee80211_ptr; 886 struct cfg80211_bss *bss; 887 888 bss = cfg80211_get_bss(wdev->wiphy, channel, bssid, wdev->ssid, 889 wdev->ssid_len, 890 wdev->conn_bss_type, IEEE80211_PRIVACY_ANY); 891 if (WARN_ON(!bss)) 892 return; 893 894 cfg80211_roamed_bss(dev, bss, req_ie, req_ie_len, resp_ie, 895 resp_ie_len, gfp); 896 } 897 EXPORT_SYMBOL(cfg80211_roamed); 898 899 /* Consumes bss object one way or another */ 900 void cfg80211_roamed_bss(struct net_device *dev, 901 struct cfg80211_bss *bss, const u8 *req_ie, 902 size_t req_ie_len, const u8 *resp_ie, 903 size_t resp_ie_len, gfp_t gfp) 904 { 905 struct wireless_dev *wdev = dev->ieee80211_ptr; 906 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); 907 struct cfg80211_event *ev; 908 unsigned long flags; 909 910 if (WARN_ON(!bss)) 911 return; 912 913 ev = kzalloc(sizeof(*ev) + req_ie_len + resp_ie_len, gfp); 914 if (!ev) { 915 cfg80211_put_bss(wdev->wiphy, bss); 916 return; 917 } 918 919 ev->type = EVENT_ROAMED; 920 ev->rm.req_ie = ((u8 *)ev) + sizeof(*ev); 921 ev->rm.req_ie_len = req_ie_len; 922 memcpy((void *)ev->rm.req_ie, req_ie, req_ie_len); 923 ev->rm.resp_ie = ((u8 *)ev) + sizeof(*ev) + req_ie_len; 924 ev->rm.resp_ie_len = resp_ie_len; 925 memcpy((void *)ev->rm.resp_ie, resp_ie, resp_ie_len); 926 ev->rm.bss = bss; 927 928 spin_lock_irqsave(&wdev->event_lock, flags); 929 list_add_tail(&ev->list, &wdev->event_list); 930 spin_unlock_irqrestore(&wdev->event_lock, flags); 931 queue_work(cfg80211_wq, &rdev->event_work); 932 } 933 EXPORT_SYMBOL(cfg80211_roamed_bss); 934 935 void __cfg80211_disconnected(struct net_device *dev, const u8 *ie, 936 size_t ie_len, u16 reason, bool from_ap) 937 { 938 struct wireless_dev *wdev = dev->ieee80211_ptr; 939 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); 940 int i; 941 #ifdef CONFIG_CFG80211_WEXT 942 union iwreq_data wrqu; 943 #endif 944 945 ASSERT_WDEV_LOCK(wdev); 946 947 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION && 948 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT)) 949 return; 950 951 if (wdev->current_bss) { 952 cfg80211_unhold_bss(wdev->current_bss); 953 cfg80211_put_bss(wdev->wiphy, &wdev->current_bss->pub); 954 } 955 956 wdev->current_bss = NULL; 957 wdev->ssid_len = 0; 958 959 nl80211_send_disconnected(rdev, dev, reason, ie, ie_len, from_ap); 960 961 /* stop critical protocol if supported */ 962 if (rdev->ops->crit_proto_stop && rdev->crit_proto_nlportid) { 963 rdev->crit_proto_nlportid = 0; 964 rdev_crit_proto_stop(rdev, wdev); 965 } 966 967 /* 968 * Delete all the keys ... pairwise keys can't really 969 * exist any more anyway, but default keys might. 970 */ 971 if (rdev->ops->del_key) 972 for (i = 0; i < 6; i++) 973 rdev_del_key(rdev, dev, i, false, NULL); 974 975 rdev_set_qos_map(rdev, dev, NULL); 976 977 #ifdef CONFIG_CFG80211_WEXT 978 memset(&wrqu, 0, sizeof(wrqu)); 979 wrqu.ap_addr.sa_family = ARPHRD_ETHER; 980 wireless_send_event(dev, SIOCGIWAP, &wrqu, NULL); 981 wdev->wext.connect.ssid_len = 0; 982 #endif 983 984 schedule_work(&cfg80211_disconnect_work); 985 } 986 987 void cfg80211_disconnected(struct net_device *dev, u16 reason, 988 const u8 *ie, size_t ie_len, 989 bool locally_generated, gfp_t gfp) 990 { 991 struct wireless_dev *wdev = dev->ieee80211_ptr; 992 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); 993 struct cfg80211_event *ev; 994 unsigned long flags; 995 996 ev = kzalloc(sizeof(*ev) + ie_len, gfp); 997 if (!ev) 998 return; 999 1000 ev->type = EVENT_DISCONNECTED; 1001 ev->dc.ie = ((u8 *)ev) + sizeof(*ev); 1002 ev->dc.ie_len = ie_len; 1003 memcpy((void *)ev->dc.ie, ie, ie_len); 1004 ev->dc.reason = reason; 1005 ev->dc.locally_generated = locally_generated; 1006 1007 spin_lock_irqsave(&wdev->event_lock, flags); 1008 list_add_tail(&ev->list, &wdev->event_list); 1009 spin_unlock_irqrestore(&wdev->event_lock, flags); 1010 queue_work(cfg80211_wq, &rdev->event_work); 1011 } 1012 EXPORT_SYMBOL(cfg80211_disconnected); 1013 1014 /* 1015 * API calls for nl80211/wext compatibility code 1016 */ 1017 int cfg80211_connect(struct cfg80211_registered_device *rdev, 1018 struct net_device *dev, 1019 struct cfg80211_connect_params *connect, 1020 struct cfg80211_cached_keys *connkeys, 1021 const u8 *prev_bssid) 1022 { 1023 struct wireless_dev *wdev = dev->ieee80211_ptr; 1024 int err; 1025 1026 ASSERT_WDEV_LOCK(wdev); 1027 1028 if (WARN_ON(wdev->connect_keys)) { 1029 kzfree(wdev->connect_keys); 1030 wdev->connect_keys = NULL; 1031 } 1032 1033 cfg80211_oper_and_ht_capa(&connect->ht_capa_mask, 1034 rdev->wiphy.ht_capa_mod_mask); 1035 1036 if (connkeys && connkeys->def >= 0) { 1037 int idx; 1038 u32 cipher; 1039 1040 idx = connkeys->def; 1041 cipher = connkeys->params[idx].cipher; 1042 /* If given a WEP key we may need it for shared key auth */ 1043 if (cipher == WLAN_CIPHER_SUITE_WEP40 || 1044 cipher == WLAN_CIPHER_SUITE_WEP104) { 1045 connect->key_idx = idx; 1046 connect->key = connkeys->params[idx].key; 1047 connect->key_len = connkeys->params[idx].key_len; 1048 1049 /* 1050 * If ciphers are not set (e.g. when going through 1051 * iwconfig), we have to set them appropriately here. 1052 */ 1053 if (connect->crypto.cipher_group == 0) 1054 connect->crypto.cipher_group = cipher; 1055 1056 if (connect->crypto.n_ciphers_pairwise == 0) { 1057 connect->crypto.n_ciphers_pairwise = 1; 1058 connect->crypto.ciphers_pairwise[0] = cipher; 1059 } 1060 } 1061 1062 connect->crypto.wep_keys = connkeys->params; 1063 connect->crypto.wep_tx_key = connkeys->def; 1064 } else { 1065 if (WARN_ON(connkeys)) 1066 return -EINVAL; 1067 } 1068 1069 wdev->connect_keys = connkeys; 1070 memcpy(wdev->ssid, connect->ssid, connect->ssid_len); 1071 wdev->ssid_len = connect->ssid_len; 1072 1073 wdev->conn_bss_type = connect->pbss ? IEEE80211_BSS_TYPE_PBSS : 1074 IEEE80211_BSS_TYPE_ESS; 1075 1076 if (!rdev->ops->connect) 1077 err = cfg80211_sme_connect(wdev, connect, prev_bssid); 1078 else 1079 err = rdev_connect(rdev, dev, connect); 1080 1081 if (err) { 1082 wdev->connect_keys = NULL; 1083 wdev->ssid_len = 0; 1084 return err; 1085 } 1086 1087 return 0; 1088 } 1089 1090 int cfg80211_disconnect(struct cfg80211_registered_device *rdev, 1091 struct net_device *dev, u16 reason, bool wextev) 1092 { 1093 struct wireless_dev *wdev = dev->ieee80211_ptr; 1094 int err = 0; 1095 1096 ASSERT_WDEV_LOCK(wdev); 1097 1098 kzfree(wdev->connect_keys); 1099 wdev->connect_keys = NULL; 1100 1101 if (wdev->conn) 1102 err = cfg80211_sme_disconnect(wdev, reason); 1103 else if (!rdev->ops->disconnect) 1104 cfg80211_mlme_down(rdev, dev); 1105 else if (wdev->ssid_len) 1106 err = rdev_disconnect(rdev, dev, reason); 1107 1108 return err; 1109 } 1110