1
2
3
4
5
6
7#include <linux/if.h>
8#include <linux/module.h>
9#include <linux/err.h>
10#include <linux/slab.h>
11#include <linux/list.h>
12#include <linux/if_ether.h>
13#include <linux/ieee80211.h>
14#include <linux/nl80211.h>
15#include <linux/rtnetlink.h>
16#include <linux/netlink.h>
17#include <linux/etherdevice.h>
18#include <net/net_namespace.h>
19#include <net/genetlink.h>
20#include <net/cfg80211.h>
21#include <net/sock.h>
22#include <net/inet_connection_sock.h>
23#include "core.h"
24#include "nl80211.h"
25#include "reg.h"
26#include "rdev-ops.h"
27
28static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev,
29 struct genl_info *info,
30 struct cfg80211_crypto_settings *settings,
31 int cipher_limit);
32
33static int nl80211_pre_doit(const struct genl_ops *ops, struct sk_buff *skb,
34 struct genl_info *info);
35static void nl80211_post_doit(const struct genl_ops *ops, struct sk_buff *skb,
36 struct genl_info *info);
37
38
39static struct genl_family nl80211_fam = {
40 .id = GENL_ID_GENERATE,
41 .name = NL80211_GENL_NAME,
42 .hdrsize = 0,
43 .version = 1,
44 .maxattr = NL80211_ATTR_MAX,
45 .netnsok = true,
46 .pre_doit = nl80211_pre_doit,
47 .post_doit = nl80211_post_doit,
48};
49
50
51enum nl80211_multicast_groups {
52 NL80211_MCGRP_CONFIG,
53 NL80211_MCGRP_SCAN,
54 NL80211_MCGRP_REGULATORY,
55 NL80211_MCGRP_MLME,
56 NL80211_MCGRP_VENDOR,
57 NL80211_MCGRP_TESTMODE
58};
59
60static const struct genl_multicast_group nl80211_mcgrps[] = {
61 [NL80211_MCGRP_CONFIG] = { .name = "config", },
62 [NL80211_MCGRP_SCAN] = { .name = "scan", },
63 [NL80211_MCGRP_REGULATORY] = { .name = "regulatory", },
64 [NL80211_MCGRP_MLME] = { .name = "mlme", },
65 [NL80211_MCGRP_VENDOR] = { .name = "vendor", },
66#ifdef CONFIG_NL80211_TESTMODE
67 [NL80211_MCGRP_TESTMODE] = { .name = "testmode", }
68#endif
69};
70
71
72static struct wireless_dev *
73__cfg80211_wdev_from_attrs(struct net *netns, struct nlattr **attrs)
74{
75 struct cfg80211_registered_device *rdev;
76 struct wireless_dev *result = NULL;
77 bool have_ifidx = attrs[NL80211_ATTR_IFINDEX];
78 bool have_wdev_id = attrs[NL80211_ATTR_WDEV];
79 u64 wdev_id;
80 int wiphy_idx = -1;
81 int ifidx = -1;
82
83 ASSERT_RTNL();
84
85 if (!have_ifidx && !have_wdev_id)
86 return ERR_PTR(-EINVAL);
87
88 if (have_ifidx)
89 ifidx = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]);
90 if (have_wdev_id) {
91 wdev_id = nla_get_u64(attrs[NL80211_ATTR_WDEV]);
92 wiphy_idx = wdev_id >> 32;
93 }
94
95 list_for_each_entry(rdev, &cfg80211_rdev_list, list) {
96 struct wireless_dev *wdev;
97
98 if (wiphy_net(&rdev->wiphy) != netns)
99 continue;
100
101 if (have_wdev_id && rdev->wiphy_idx != wiphy_idx)
102 continue;
103
104 list_for_each_entry(wdev, &rdev->wdev_list, list) {
105 if (have_ifidx && wdev->netdev &&
106 wdev->netdev->ifindex == ifidx) {
107 result = wdev;
108 break;
109 }
110 if (have_wdev_id && wdev->identifier == (u32)wdev_id) {
111 result = wdev;
112 break;
113 }
114 }
115
116 if (result)
117 break;
118 }
119
120 if (result)
121 return result;
122 return ERR_PTR(-ENODEV);
123}
124
125static struct cfg80211_registered_device *
126__cfg80211_rdev_from_attrs(struct net *netns, struct nlattr **attrs)
127{
128 struct cfg80211_registered_device *rdev = NULL, *tmp;
129 struct net_device *netdev;
130
131 ASSERT_RTNL();
132
133 if (!attrs[NL80211_ATTR_WIPHY] &&
134 !attrs[NL80211_ATTR_IFINDEX] &&
135 !attrs[NL80211_ATTR_WDEV])
136 return ERR_PTR(-EINVAL);
137
138 if (attrs[NL80211_ATTR_WIPHY])
139 rdev = cfg80211_rdev_by_wiphy_idx(
140 nla_get_u32(attrs[NL80211_ATTR_WIPHY]));
141
142 if (attrs[NL80211_ATTR_WDEV]) {
143 u64 wdev_id = nla_get_u64(attrs[NL80211_ATTR_WDEV]);
144 struct wireless_dev *wdev;
145 bool found = false;
146
147 tmp = cfg80211_rdev_by_wiphy_idx(wdev_id >> 32);
148 if (tmp) {
149
150 list_for_each_entry(wdev, &tmp->wdev_list, list) {
151 if (wdev->identifier != (u32)wdev_id)
152 continue;
153 found = true;
154 break;
155 }
156
157 if (!found)
158 tmp = NULL;
159
160 if (rdev && tmp != rdev)
161 return ERR_PTR(-EINVAL);
162 rdev = tmp;
163 }
164 }
165
166 if (attrs[NL80211_ATTR_IFINDEX]) {
167 int ifindex = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]);
168 netdev = __dev_get_by_index(netns, ifindex);
169 if (netdev) {
170 if (netdev->ieee80211_ptr)
171 tmp = wiphy_to_dev(
172 netdev->ieee80211_ptr->wiphy);
173 else
174 tmp = NULL;
175
176
177 if (!tmp)
178 return ERR_PTR(-EINVAL);
179
180
181 if (rdev && tmp != rdev)
182 return ERR_PTR(-EINVAL);
183
184 rdev = tmp;
185 }
186 }
187
188 if (!rdev)
189 return ERR_PTR(-ENODEV);
190
191 if (netns != wiphy_net(&rdev->wiphy))
192 return ERR_PTR(-ENODEV);
193
194 return rdev;
195}
196
197
198
199
200
201
202
203
204static struct cfg80211_registered_device *
205cfg80211_get_dev_from_info(struct net *netns, struct genl_info *info)
206{
207 return __cfg80211_rdev_from_attrs(netns, info->attrs);
208}
209
210
211static const struct nla_policy nl80211_policy[NL80211_ATTR_MAX+1] = {
212 [NL80211_ATTR_WIPHY] = { .type = NLA_U32 },
213 [NL80211_ATTR_WIPHY_NAME] = { .type = NLA_NUL_STRING,
214 .len = 20-1 },
215 [NL80211_ATTR_WIPHY_TXQ_PARAMS] = { .type = NLA_NESTED },
216
217 [NL80211_ATTR_WIPHY_FREQ] = { .type = NLA_U32 },
218 [NL80211_ATTR_WIPHY_CHANNEL_TYPE] = { .type = NLA_U32 },
219 [NL80211_ATTR_CHANNEL_WIDTH] = { .type = NLA_U32 },
220 [NL80211_ATTR_CENTER_FREQ1] = { .type = NLA_U32 },
221 [NL80211_ATTR_CENTER_FREQ2] = { .type = NLA_U32 },
222
223 [NL80211_ATTR_WIPHY_RETRY_SHORT] = { .type = NLA_U8 },
224 [NL80211_ATTR_WIPHY_RETRY_LONG] = { .type = NLA_U8 },
225 [NL80211_ATTR_WIPHY_FRAG_THRESHOLD] = { .type = NLA_U32 },
226 [NL80211_ATTR_WIPHY_RTS_THRESHOLD] = { .type = NLA_U32 },
227 [NL80211_ATTR_WIPHY_COVERAGE_CLASS] = { .type = NLA_U8 },
228
229 [NL80211_ATTR_IFTYPE] = { .type = NLA_U32 },
230 [NL80211_ATTR_IFINDEX] = { .type = NLA_U32 },
231 [NL80211_ATTR_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ-1 },
232
233 [NL80211_ATTR_MAC] = { .len = ETH_ALEN },
234 [NL80211_ATTR_PREV_BSSID] = { .len = ETH_ALEN },
235
236 [NL80211_ATTR_KEY] = { .type = NLA_NESTED, },
237 [NL80211_ATTR_KEY_DATA] = { .type = NLA_BINARY,
238 .len = WLAN_MAX_KEY_LEN },
239 [NL80211_ATTR_KEY_IDX] = { .type = NLA_U8 },
240 [NL80211_ATTR_KEY_CIPHER] = { .type = NLA_U32 },
241 [NL80211_ATTR_KEY_DEFAULT] = { .type = NLA_FLAG },
242 [NL80211_ATTR_KEY_SEQ] = { .type = NLA_BINARY, .len = 16 },
243 [NL80211_ATTR_KEY_TYPE] = { .type = NLA_U32 },
244
245 [NL80211_ATTR_BEACON_INTERVAL] = { .type = NLA_U32 },
246 [NL80211_ATTR_DTIM_PERIOD] = { .type = NLA_U32 },
247 [NL80211_ATTR_BEACON_HEAD] = { .type = NLA_BINARY,
248 .len = IEEE80211_MAX_DATA_LEN },
249 [NL80211_ATTR_BEACON_TAIL] = { .type = NLA_BINARY,
250 .len = IEEE80211_MAX_DATA_LEN },
251 [NL80211_ATTR_STA_AID] = { .type = NLA_U16 },
252 [NL80211_ATTR_STA_FLAGS] = { .type = NLA_NESTED },
253 [NL80211_ATTR_STA_LISTEN_INTERVAL] = { .type = NLA_U16 },
254 [NL80211_ATTR_STA_SUPPORTED_RATES] = { .type = NLA_BINARY,
255 .len = NL80211_MAX_SUPP_RATES },
256 [NL80211_ATTR_STA_PLINK_ACTION] = { .type = NLA_U8 },
257 [NL80211_ATTR_STA_VLAN] = { .type = NLA_U32 },
258 [NL80211_ATTR_MNTR_FLAGS] = { },
259 [NL80211_ATTR_MESH_ID] = { .type = NLA_BINARY,
260 .len = IEEE80211_MAX_MESH_ID_LEN },
261 [NL80211_ATTR_MPATH_NEXT_HOP] = { .type = NLA_U32 },
262
263 [NL80211_ATTR_REG_ALPHA2] = { .type = NLA_STRING, .len = 2 },
264 [NL80211_ATTR_REG_RULES] = { .type = NLA_NESTED },
265
266 [NL80211_ATTR_BSS_CTS_PROT] = { .type = NLA_U8 },
267 [NL80211_ATTR_BSS_SHORT_PREAMBLE] = { .type = NLA_U8 },
268 [NL80211_ATTR_BSS_SHORT_SLOT_TIME] = { .type = NLA_U8 },
269 [NL80211_ATTR_BSS_BASIC_RATES] = { .type = NLA_BINARY,
270 .len = NL80211_MAX_SUPP_RATES },
271 [NL80211_ATTR_BSS_HT_OPMODE] = { .type = NLA_U16 },
272
273 [NL80211_ATTR_MESH_CONFIG] = { .type = NLA_NESTED },
274 [NL80211_ATTR_SUPPORT_MESH_AUTH] = { .type = NLA_FLAG },
275
276 [NL80211_ATTR_HT_CAPABILITY] = { .len = NL80211_HT_CAPABILITY_LEN },
277
278 [NL80211_ATTR_MGMT_SUBTYPE] = { .type = NLA_U8 },
279 [NL80211_ATTR_IE] = { .type = NLA_BINARY,
280 .len = IEEE80211_MAX_DATA_LEN },
281 [NL80211_ATTR_SCAN_FREQUENCIES] = { .type = NLA_NESTED },
282 [NL80211_ATTR_SCAN_SSIDS] = { .type = NLA_NESTED },
283
284 [NL80211_ATTR_SSID] = { .type = NLA_BINARY,
285 .len = IEEE80211_MAX_SSID_LEN },
286 [NL80211_ATTR_AUTH_TYPE] = { .type = NLA_U32 },
287 [NL80211_ATTR_REASON_CODE] = { .type = NLA_U16 },
288 [NL80211_ATTR_FREQ_FIXED] = { .type = NLA_FLAG },
289 [NL80211_ATTR_TIMED_OUT] = { .type = NLA_FLAG },
290 [NL80211_ATTR_USE_MFP] = { .type = NLA_U32 },
291 [NL80211_ATTR_STA_FLAGS2] = {
292 .len = sizeof(struct nl80211_sta_flag_update),
293 },
294 [NL80211_ATTR_CONTROL_PORT] = { .type = NLA_FLAG },
295 [NL80211_ATTR_CONTROL_PORT_ETHERTYPE] = { .type = NLA_U16 },
296 [NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT] = { .type = NLA_FLAG },
297 [NL80211_ATTR_PRIVACY] = { .type = NLA_FLAG },
298 [NL80211_ATTR_CIPHER_SUITE_GROUP] = { .type = NLA_U32 },
299 [NL80211_ATTR_WPA_VERSIONS] = { .type = NLA_U32 },
300 [NL80211_ATTR_PID] = { .type = NLA_U32 },
301 [NL80211_ATTR_4ADDR] = { .type = NLA_U8 },
302 [NL80211_ATTR_PMKID] = { .type = NLA_BINARY,
303 .len = WLAN_PMKID_LEN },
304 [NL80211_ATTR_DURATION] = { .type = NLA_U32 },
305 [NL80211_ATTR_COOKIE] = { .type = NLA_U64 },
306 [NL80211_ATTR_TX_RATES] = { .type = NLA_NESTED },
307 [NL80211_ATTR_FRAME] = { .type = NLA_BINARY,
308 .len = IEEE80211_MAX_DATA_LEN },
309 [NL80211_ATTR_FRAME_MATCH] = { .type = NLA_BINARY, },
310 [NL80211_ATTR_PS_STATE] = { .type = NLA_U32 },
311 [NL80211_ATTR_CQM] = { .type = NLA_NESTED, },
312 [NL80211_ATTR_LOCAL_STATE_CHANGE] = { .type = NLA_FLAG },
313 [NL80211_ATTR_AP_ISOLATE] = { .type = NLA_U8 },
314 [NL80211_ATTR_WIPHY_TX_POWER_SETTING] = { .type = NLA_U32 },
315 [NL80211_ATTR_WIPHY_TX_POWER_LEVEL] = { .type = NLA_U32 },
316 [NL80211_ATTR_FRAME_TYPE] = { .type = NLA_U16 },
317 [NL80211_ATTR_WIPHY_ANTENNA_TX] = { .type = NLA_U32 },
318 [NL80211_ATTR_WIPHY_ANTENNA_RX] = { .type = NLA_U32 },
319 [NL80211_ATTR_MCAST_RATE] = { .type = NLA_U32 },
320 [NL80211_ATTR_OFFCHANNEL_TX_OK] = { .type = NLA_FLAG },
321 [NL80211_ATTR_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED },
322 [NL80211_ATTR_WOWLAN_TRIGGERS] = { .type = NLA_NESTED },
323 [NL80211_ATTR_STA_PLINK_STATE] = { .type = NLA_U8 },
324 [NL80211_ATTR_SCHED_SCAN_INTERVAL] = { .type = NLA_U32 },
325 [NL80211_ATTR_REKEY_DATA] = { .type = NLA_NESTED },
326 [NL80211_ATTR_SCAN_SUPP_RATES] = { .type = NLA_NESTED },
327 [NL80211_ATTR_HIDDEN_SSID] = { .type = NLA_U32 },
328 [NL80211_ATTR_IE_PROBE_RESP] = { .type = NLA_BINARY,
329 .len = IEEE80211_MAX_DATA_LEN },
330 [NL80211_ATTR_IE_ASSOC_RESP] = { .type = NLA_BINARY,
331 .len = IEEE80211_MAX_DATA_LEN },
332 [NL80211_ATTR_ROAM_SUPPORT] = { .type = NLA_FLAG },
333 [NL80211_ATTR_SCHED_SCAN_MATCH] = { .type = NLA_NESTED },
334 [NL80211_ATTR_TX_NO_CCK_RATE] = { .type = NLA_FLAG },
335 [NL80211_ATTR_TDLS_ACTION] = { .type = NLA_U8 },
336 [NL80211_ATTR_TDLS_DIALOG_TOKEN] = { .type = NLA_U8 },
337 [NL80211_ATTR_TDLS_OPERATION] = { .type = NLA_U8 },
338 [NL80211_ATTR_TDLS_SUPPORT] = { .type = NLA_FLAG },
339 [NL80211_ATTR_TDLS_EXTERNAL_SETUP] = { .type = NLA_FLAG },
340 [NL80211_ATTR_DONT_WAIT_FOR_ACK] = { .type = NLA_FLAG },
341 [NL80211_ATTR_PROBE_RESP] = { .type = NLA_BINARY,
342 .len = IEEE80211_MAX_DATA_LEN },
343 [NL80211_ATTR_DFS_REGION] = { .type = NLA_U8 },
344 [NL80211_ATTR_DISABLE_HT] = { .type = NLA_FLAG },
345 [NL80211_ATTR_HT_CAPABILITY_MASK] = {
346 .len = NL80211_HT_CAPABILITY_LEN
347 },
348 [NL80211_ATTR_NOACK_MAP] = { .type = NLA_U16 },
349 [NL80211_ATTR_INACTIVITY_TIMEOUT] = { .type = NLA_U16 },
350 [NL80211_ATTR_BG_SCAN_PERIOD] = { .type = NLA_U16 },
351 [NL80211_ATTR_WDEV] = { .type = NLA_U64 },
352 [NL80211_ATTR_USER_REG_HINT_TYPE] = { .type = NLA_U32 },
353 [NL80211_ATTR_SAE_DATA] = { .type = NLA_BINARY, },
354 [NL80211_ATTR_VHT_CAPABILITY] = { .len = NL80211_VHT_CAPABILITY_LEN },
355 [NL80211_ATTR_SCAN_FLAGS] = { .type = NLA_U32 },
356 [NL80211_ATTR_P2P_CTWINDOW] = { .type = NLA_U8 },
357 [NL80211_ATTR_P2P_OPPPS] = { .type = NLA_U8 },
358 [NL80211_ATTR_ACL_POLICY] = {. type = NLA_U32 },
359 [NL80211_ATTR_MAC_ADDRS] = { .type = NLA_NESTED },
360 [NL80211_ATTR_STA_CAPABILITY] = { .type = NLA_U16 },
361 [NL80211_ATTR_STA_EXT_CAPABILITY] = { .type = NLA_BINARY, },
362 [NL80211_ATTR_SPLIT_WIPHY_DUMP] = { .type = NLA_FLAG, },
363 [NL80211_ATTR_DISABLE_VHT] = { .type = NLA_FLAG },
364 [NL80211_ATTR_VHT_CAPABILITY_MASK] = {
365 .len = NL80211_VHT_CAPABILITY_LEN,
366 },
367 [NL80211_ATTR_MDID] = { .type = NLA_U16 },
368 [NL80211_ATTR_IE_RIC] = { .type = NLA_BINARY,
369 .len = IEEE80211_MAX_DATA_LEN },
370 [NL80211_ATTR_PEER_AID] = { .type = NLA_U16 },
371 [NL80211_ATTR_CH_SWITCH_COUNT] = { .type = NLA_U32 },
372 [NL80211_ATTR_CH_SWITCH_BLOCK_TX] = { .type = NLA_FLAG },
373 [NL80211_ATTR_CSA_IES] = { .type = NLA_NESTED },
374 [NL80211_ATTR_CSA_C_OFF_BEACON] = { .type = NLA_U16 },
375 [NL80211_ATTR_CSA_C_OFF_PRESP] = { .type = NLA_U16 },
376 [NL80211_ATTR_STA_SUPPORTED_CHANNELS] = { .type = NLA_BINARY },
377 [NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES] = { .type = NLA_BINARY },
378 [NL80211_ATTR_HANDLE_DFS] = { .type = NLA_FLAG },
379 [NL80211_ATTR_OPMODE_NOTIF] = { .type = NLA_U8 },
380 [NL80211_ATTR_VENDOR_ID] = { .type = NLA_U32 },
381 [NL80211_ATTR_VENDOR_SUBCMD] = { .type = NLA_U32 },
382 [NL80211_ATTR_VENDOR_DATA] = { .type = NLA_BINARY },
383 [NL80211_ATTR_QOS_MAP] = { .type = NLA_BINARY,
384 .len = IEEE80211_QOS_MAP_LEN_MAX },
385 [NL80211_ATTR_MAC_HINT] = { .len = ETH_ALEN },
386 [NL80211_ATTR_WIPHY_FREQ_HINT] = { .type = NLA_U32 },
387 [NL80211_ATTR_TDLS_PEER_CAPABILITY] = { .type = NLA_U32 },
388};
389
390
391static const struct nla_policy nl80211_key_policy[NL80211_KEY_MAX + 1] = {
392 [NL80211_KEY_DATA] = { .type = NLA_BINARY, .len = WLAN_MAX_KEY_LEN },
393 [NL80211_KEY_IDX] = { .type = NLA_U8 },
394 [NL80211_KEY_CIPHER] = { .type = NLA_U32 },
395 [NL80211_KEY_SEQ] = { .type = NLA_BINARY, .len = 16 },
396 [NL80211_KEY_DEFAULT] = { .type = NLA_FLAG },
397 [NL80211_KEY_DEFAULT_MGMT] = { .type = NLA_FLAG },
398 [NL80211_KEY_TYPE] = { .type = NLA_U32 },
399 [NL80211_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED },
400};
401
402
403static const struct nla_policy
404nl80211_key_default_policy[NUM_NL80211_KEY_DEFAULT_TYPES] = {
405 [NL80211_KEY_DEFAULT_TYPE_UNICAST] = { .type = NLA_FLAG },
406 [NL80211_KEY_DEFAULT_TYPE_MULTICAST] = { .type = NLA_FLAG },
407};
408
409
410static const struct nla_policy
411nl80211_wowlan_policy[NUM_NL80211_WOWLAN_TRIG] = {
412 [NL80211_WOWLAN_TRIG_ANY] = { .type = NLA_FLAG },
413 [NL80211_WOWLAN_TRIG_DISCONNECT] = { .type = NLA_FLAG },
414 [NL80211_WOWLAN_TRIG_MAGIC_PKT] = { .type = NLA_FLAG },
415 [NL80211_WOWLAN_TRIG_PKT_PATTERN] = { .type = NLA_NESTED },
416 [NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE] = { .type = NLA_FLAG },
417 [NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST] = { .type = NLA_FLAG },
418 [NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE] = { .type = NLA_FLAG },
419 [NL80211_WOWLAN_TRIG_RFKILL_RELEASE] = { .type = NLA_FLAG },
420 [NL80211_WOWLAN_TRIG_TCP_CONNECTION] = { .type = NLA_NESTED },
421};
422
423static const struct nla_policy
424nl80211_wowlan_tcp_policy[NUM_NL80211_WOWLAN_TCP] = {
425 [NL80211_WOWLAN_TCP_SRC_IPV4] = { .type = NLA_U32 },
426 [NL80211_WOWLAN_TCP_DST_IPV4] = { .type = NLA_U32 },
427 [NL80211_WOWLAN_TCP_DST_MAC] = { .len = ETH_ALEN },
428 [NL80211_WOWLAN_TCP_SRC_PORT] = { .type = NLA_U16 },
429 [NL80211_WOWLAN_TCP_DST_PORT] = { .type = NLA_U16 },
430 [NL80211_WOWLAN_TCP_DATA_PAYLOAD] = { .len = 1 },
431 [NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ] = {
432 .len = sizeof(struct nl80211_wowlan_tcp_data_seq)
433 },
434 [NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN] = {
435 .len = sizeof(struct nl80211_wowlan_tcp_data_token)
436 },
437 [NL80211_WOWLAN_TCP_DATA_INTERVAL] = { .type = NLA_U32 },
438 [NL80211_WOWLAN_TCP_WAKE_PAYLOAD] = { .len = 1 },
439 [NL80211_WOWLAN_TCP_WAKE_MASK] = { .len = 1 },
440};
441
442
443static const struct nla_policy
444nl80211_coalesce_policy[NUM_NL80211_ATTR_COALESCE_RULE] = {
445 [NL80211_ATTR_COALESCE_RULE_DELAY] = { .type = NLA_U32 },
446 [NL80211_ATTR_COALESCE_RULE_CONDITION] = { .type = NLA_U32 },
447 [NL80211_ATTR_COALESCE_RULE_PKT_PATTERN] = { .type = NLA_NESTED },
448};
449
450
451static const struct nla_policy
452nl80211_rekey_policy[NUM_NL80211_REKEY_DATA] = {
453 [NL80211_REKEY_DATA_KEK] = { .len = NL80211_KEK_LEN },
454 [NL80211_REKEY_DATA_KCK] = { .len = NL80211_KCK_LEN },
455 [NL80211_REKEY_DATA_REPLAY_CTR] = { .len = NL80211_REPLAY_CTR_LEN },
456};
457
458static const struct nla_policy
459nl80211_match_policy[NL80211_SCHED_SCAN_MATCH_ATTR_MAX + 1] = {
460 [NL80211_SCHED_SCAN_MATCH_ATTR_SSID] = { .type = NLA_BINARY,
461 .len = IEEE80211_MAX_SSID_LEN },
462 [NL80211_SCHED_SCAN_MATCH_ATTR_RSSI] = { .type = NLA_U32 },
463};
464
465static int nl80211_prepare_wdev_dump(struct sk_buff *skb,
466 struct netlink_callback *cb,
467 struct cfg80211_registered_device **rdev,
468 struct wireless_dev **wdev)
469{
470 int err;
471
472 rtnl_lock();
473
474 if (!cb->args[0]) {
475 err = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize,
476 nl80211_fam.attrbuf, nl80211_fam.maxattr,
477 nl80211_policy);
478 if (err)
479 goto out_unlock;
480
481 *wdev = __cfg80211_wdev_from_attrs(sock_net(skb->sk),
482 nl80211_fam.attrbuf);
483 if (IS_ERR(*wdev)) {
484 err = PTR_ERR(*wdev);
485 goto out_unlock;
486 }
487 *rdev = wiphy_to_dev((*wdev)->wiphy);
488
489 cb->args[0] = (*rdev)->wiphy_idx + 1;
490 cb->args[1] = (*wdev)->identifier;
491 } else {
492
493 struct wiphy *wiphy = wiphy_idx_to_wiphy(cb->args[0] - 1);
494 struct wireless_dev *tmp;
495
496 if (!wiphy) {
497 err = -ENODEV;
498 goto out_unlock;
499 }
500 *rdev = wiphy_to_dev(wiphy);
501 *wdev = NULL;
502
503 list_for_each_entry(tmp, &(*rdev)->wdev_list, list) {
504 if (tmp->identifier == cb->args[1]) {
505 *wdev = tmp;
506 break;
507 }
508 }
509
510 if (!*wdev) {
511 err = -ENODEV;
512 goto out_unlock;
513 }
514 }
515
516 return 0;
517 out_unlock:
518 rtnl_unlock();
519 return err;
520}
521
522static void nl80211_finish_wdev_dump(struct cfg80211_registered_device *rdev)
523{
524 rtnl_unlock();
525}
526
527
528static bool is_valid_ie_attr(const struct nlattr *attr)
529{
530 const u8 *pos;
531 int len;
532
533 if (!attr)
534 return true;
535
536 pos = nla_data(attr);
537 len = nla_len(attr);
538
539 while (len) {
540 u8 elemlen;
541
542 if (len < 2)
543 return false;
544 len -= 2;
545
546 elemlen = pos[1];
547 if (elemlen > len)
548 return false;
549
550 len -= elemlen;
551 pos += 2 + elemlen;
552 }
553
554 return true;
555}
556
557
558static inline void *nl80211hdr_put(struct sk_buff *skb, u32 portid, u32 seq,
559 int flags, u8 cmd)
560{
561
562 return genlmsg_put(skb, portid, seq, &nl80211_fam, flags, cmd);
563}
564
565static int nl80211_msg_put_channel(struct sk_buff *msg,
566 struct ieee80211_channel *chan,
567 bool large)
568{
569 if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_FREQ,
570 chan->center_freq))
571 goto nla_put_failure;
572
573 if ((chan->flags & IEEE80211_CHAN_DISABLED) &&
574 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_DISABLED))
575 goto nla_put_failure;
576 if (chan->flags & IEEE80211_CHAN_NO_IR) {
577 if (nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_IR))
578 goto nla_put_failure;
579 if (nla_put_flag(msg, __NL80211_FREQUENCY_ATTR_NO_IBSS))
580 goto nla_put_failure;
581 }
582 if (chan->flags & IEEE80211_CHAN_RADAR) {
583 if (nla_put_flag(msg, NL80211_FREQUENCY_ATTR_RADAR))
584 goto nla_put_failure;
585 if (large) {
586 u32 time;
587
588 time = elapsed_jiffies_msecs(chan->dfs_state_entered);
589
590 if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_DFS_STATE,
591 chan->dfs_state))
592 goto nla_put_failure;
593 if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_DFS_TIME,
594 time))
595 goto nla_put_failure;
596 if (nla_put_u32(msg,
597 NL80211_FREQUENCY_ATTR_DFS_CAC_TIME,
598 chan->dfs_cac_ms))
599 goto nla_put_failure;
600 }
601 }
602
603 if (large) {
604 if ((chan->flags & IEEE80211_CHAN_NO_HT40MINUS) &&
605 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_HT40_MINUS))
606 goto nla_put_failure;
607 if ((chan->flags & IEEE80211_CHAN_NO_HT40PLUS) &&
608 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_HT40_PLUS))
609 goto nla_put_failure;
610 if ((chan->flags & IEEE80211_CHAN_NO_80MHZ) &&
611 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_80MHZ))
612 goto nla_put_failure;
613 if ((chan->flags & IEEE80211_CHAN_NO_160MHZ) &&
614 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_160MHZ))
615 goto nla_put_failure;
616 }
617
618 if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_MAX_TX_POWER,
619 DBM_TO_MBM(chan->max_power)))
620 goto nla_put_failure;
621
622 return 0;
623
624 nla_put_failure:
625 return -ENOBUFS;
626}
627
628
629
630struct key_parse {
631 struct key_params p;
632 int idx;
633 int type;
634 bool def, defmgmt;
635 bool def_uni, def_multi;
636};
637
638static int nl80211_parse_key_new(struct nlattr *key, struct key_parse *k)
639{
640 struct nlattr *tb[NL80211_KEY_MAX + 1];
641 int err = nla_parse_nested(tb, NL80211_KEY_MAX, key,
642 nl80211_key_policy);
643 if (err)
644 return err;
645
646 k->def = !!tb[NL80211_KEY_DEFAULT];
647 k->defmgmt = !!tb[NL80211_KEY_DEFAULT_MGMT];
648
649 if (k->def) {
650 k->def_uni = true;
651 k->def_multi = true;
652 }
653 if (k->defmgmt)
654 k->def_multi = true;
655
656 if (tb[NL80211_KEY_IDX])
657 k->idx = nla_get_u8(tb[NL80211_KEY_IDX]);
658
659 if (tb[NL80211_KEY_DATA]) {
660 k->p.key = nla_data(tb[NL80211_KEY_DATA]);
661 k->p.key_len = nla_len(tb[NL80211_KEY_DATA]);
662 }
663
664 if (tb[NL80211_KEY_SEQ]) {
665 k->p.seq = nla_data(tb[NL80211_KEY_SEQ]);
666 k->p.seq_len = nla_len(tb[NL80211_KEY_SEQ]);
667 }
668
669 if (tb[NL80211_KEY_CIPHER])
670 k->p.cipher = nla_get_u32(tb[NL80211_KEY_CIPHER]);
671
672 if (tb[NL80211_KEY_TYPE]) {
673 k->type = nla_get_u32(tb[NL80211_KEY_TYPE]);
674 if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES)
675 return -EINVAL;
676 }
677
678 if (tb[NL80211_KEY_DEFAULT_TYPES]) {
679 struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES];
680 err = nla_parse_nested(kdt, NUM_NL80211_KEY_DEFAULT_TYPES - 1,
681 tb[NL80211_KEY_DEFAULT_TYPES],
682 nl80211_key_default_policy);
683 if (err)
684 return err;
685
686 k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST];
687 k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST];
688 }
689
690 return 0;
691}
692
693static int nl80211_parse_key_old(struct genl_info *info, struct key_parse *k)
694{
695 if (info->attrs[NL80211_ATTR_KEY_DATA]) {
696 k->p.key = nla_data(info->attrs[NL80211_ATTR_KEY_DATA]);
697 k->p.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]);
698 }
699
700 if (info->attrs[NL80211_ATTR_KEY_SEQ]) {
701 k->p.seq = nla_data(info->attrs[NL80211_ATTR_KEY_SEQ]);
702 k->p.seq_len = nla_len(info->attrs[NL80211_ATTR_KEY_SEQ]);
703 }
704
705 if (info->attrs[NL80211_ATTR_KEY_IDX])
706 k->idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);
707
708 if (info->attrs[NL80211_ATTR_KEY_CIPHER])
709 k->p.cipher = nla_get_u32(info->attrs[NL80211_ATTR_KEY_CIPHER]);
710
711 k->def = !!info->attrs[NL80211_ATTR_KEY_DEFAULT];
712 k->defmgmt = !!info->attrs[NL80211_ATTR_KEY_DEFAULT_MGMT];
713
714 if (k->def) {
715 k->def_uni = true;
716 k->def_multi = true;
717 }
718 if (k->defmgmt)
719 k->def_multi = true;
720
721 if (info->attrs[NL80211_ATTR_KEY_TYPE]) {
722 k->type = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]);
723 if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES)
724 return -EINVAL;
725 }
726
727 if (info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES]) {
728 struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES];
729 int err = nla_parse_nested(
730 kdt, NUM_NL80211_KEY_DEFAULT_TYPES - 1,
731 info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES],
732 nl80211_key_default_policy);
733 if (err)
734 return err;
735
736 k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST];
737 k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST];
738 }
739
740 return 0;
741}
742
743static int nl80211_parse_key(struct genl_info *info, struct key_parse *k)
744{
745 int err;
746
747 memset(k, 0, sizeof(*k));
748 k->idx = -1;
749 k->type = -1;
750
751 if (info->attrs[NL80211_ATTR_KEY])
752 err = nl80211_parse_key_new(info->attrs[NL80211_ATTR_KEY], k);
753 else
754 err = nl80211_parse_key_old(info, k);
755
756 if (err)
757 return err;
758
759 if (k->def && k->defmgmt)
760 return -EINVAL;
761
762 if (k->defmgmt) {
763 if (k->def_uni || !k->def_multi)
764 return -EINVAL;
765 }
766
767 if (k->idx != -1) {
768 if (k->defmgmt) {
769 if (k->idx < 4 || k->idx > 5)
770 return -EINVAL;
771 } else if (k->def) {
772 if (k->idx < 0 || k->idx > 3)
773 return -EINVAL;
774 } else {
775 if (k->idx < 0 || k->idx > 5)
776 return -EINVAL;
777 }
778 }
779
780 return 0;
781}
782
783static struct cfg80211_cached_keys *
784nl80211_parse_connkeys(struct cfg80211_registered_device *rdev,
785 struct nlattr *keys, bool *no_ht)
786{
787 struct key_parse parse;
788 struct nlattr *key;
789 struct cfg80211_cached_keys *result;
790 int rem, err, def = 0;
791
792 result = kzalloc(sizeof(*result), GFP_KERNEL);
793 if (!result)
794 return ERR_PTR(-ENOMEM);
795
796 result->def = -1;
797 result->defmgmt = -1;
798
799 nla_for_each_nested(key, keys, rem) {
800 memset(&parse, 0, sizeof(parse));
801 parse.idx = -1;
802
803 err = nl80211_parse_key_new(key, &parse);
804 if (err)
805 goto error;
806 err = -EINVAL;
807 if (!parse.p.key)
808 goto error;
809 if (parse.idx < 0 || parse.idx > 4)
810 goto error;
811 if (parse.def) {
812 if (def)
813 goto error;
814 def = 1;
815 result->def = parse.idx;
816 if (!parse.def_uni || !parse.def_multi)
817 goto error;
818 } else if (parse.defmgmt)
819 goto error;
820 err = cfg80211_validate_key_settings(rdev, &parse.p,
821 parse.idx, false, NULL);
822 if (err)
823 goto error;
824 result->params[parse.idx].cipher = parse.p.cipher;
825 result->params[parse.idx].key_len = parse.p.key_len;
826 result->params[parse.idx].key = result->data[parse.idx];
827 memcpy(result->data[parse.idx], parse.p.key, parse.p.key_len);
828
829 if (parse.p.cipher == WLAN_CIPHER_SUITE_WEP40 ||
830 parse.p.cipher == WLAN_CIPHER_SUITE_WEP104) {
831 if (no_ht)
832 *no_ht = true;
833 }
834 }
835
836 return result;
837 error:
838 kfree(result);
839 return ERR_PTR(err);
840}
841
842static int nl80211_key_allowed(struct wireless_dev *wdev)
843{
844 ASSERT_WDEV_LOCK(wdev);
845
846 switch (wdev->iftype) {
847 case NL80211_IFTYPE_AP:
848 case NL80211_IFTYPE_AP_VLAN:
849 case NL80211_IFTYPE_P2P_GO:
850 case NL80211_IFTYPE_MESH_POINT:
851 break;
852 case NL80211_IFTYPE_ADHOC:
853 case NL80211_IFTYPE_STATION:
854 case NL80211_IFTYPE_P2P_CLIENT:
855 if (!wdev->current_bss)
856 return -ENOLINK;
857 break;
858 default:
859 return -EINVAL;
860 }
861
862 return 0;
863}
864
865static struct ieee80211_channel *nl80211_get_valid_chan(struct wiphy *wiphy,
866 struct nlattr *tb)
867{
868 struct ieee80211_channel *chan;
869
870 if (tb == NULL)
871 return NULL;
872 chan = ieee80211_get_channel(wiphy, nla_get_u32(tb));
873 if (!chan || chan->flags & IEEE80211_CHAN_DISABLED)
874 return NULL;
875 return chan;
876}
877
878static int nl80211_put_iftypes(struct sk_buff *msg, u32 attr, u16 ifmodes)
879{
880 struct nlattr *nl_modes = nla_nest_start(msg, attr);
881 int i;
882
883 if (!nl_modes)
884 goto nla_put_failure;
885
886 i = 0;
887 while (ifmodes) {
888 if ((ifmodes & 1) && nla_put_flag(msg, i))
889 goto nla_put_failure;
890 ifmodes >>= 1;
891 i++;
892 }
893
894 nla_nest_end(msg, nl_modes);
895 return 0;
896
897nla_put_failure:
898 return -ENOBUFS;
899}
900
901static int nl80211_put_iface_combinations(struct wiphy *wiphy,
902 struct sk_buff *msg,
903 bool large)
904{
905 struct nlattr *nl_combis;
906 int i, j;
907
908 nl_combis = nla_nest_start(msg,
909 NL80211_ATTR_INTERFACE_COMBINATIONS);
910 if (!nl_combis)
911 goto nla_put_failure;
912
913 for (i = 0; i < wiphy->n_iface_combinations; i++) {
914 const struct ieee80211_iface_combination *c;
915 struct nlattr *nl_combi, *nl_limits;
916
917 c = &wiphy->iface_combinations[i];
918
919 nl_combi = nla_nest_start(msg, i + 1);
920 if (!nl_combi)
921 goto nla_put_failure;
922
923 nl_limits = nla_nest_start(msg, NL80211_IFACE_COMB_LIMITS);
924 if (!nl_limits)
925 goto nla_put_failure;
926
927 for (j = 0; j < c->n_limits; j++) {
928 struct nlattr *nl_limit;
929
930 nl_limit = nla_nest_start(msg, j + 1);
931 if (!nl_limit)
932 goto nla_put_failure;
933 if (nla_put_u32(msg, NL80211_IFACE_LIMIT_MAX,
934 c->limits[j].max))
935 goto nla_put_failure;
936 if (nl80211_put_iftypes(msg, NL80211_IFACE_LIMIT_TYPES,
937 c->limits[j].types))
938 goto nla_put_failure;
939 nla_nest_end(msg, nl_limit);
940 }
941
942 nla_nest_end(msg, nl_limits);
943
944 if (c->beacon_int_infra_match &&
945 nla_put_flag(msg, NL80211_IFACE_COMB_STA_AP_BI_MATCH))
946 goto nla_put_failure;
947 if (nla_put_u32(msg, NL80211_IFACE_COMB_NUM_CHANNELS,
948 c->num_different_channels) ||
949 nla_put_u32(msg, NL80211_IFACE_COMB_MAXNUM,
950 c->max_interfaces))
951 goto nla_put_failure;
952 if (large &&
953 nla_put_u32(msg, NL80211_IFACE_COMB_RADAR_DETECT_WIDTHS,
954 c->radar_detect_widths))
955 goto nla_put_failure;
956
957 nla_nest_end(msg, nl_combi);
958 }
959
960 nla_nest_end(msg, nl_combis);
961
962 return 0;
963nla_put_failure:
964 return -ENOBUFS;
965}
966
967#ifdef CONFIG_PM
968static int nl80211_send_wowlan_tcp_caps(struct cfg80211_registered_device *rdev,
969 struct sk_buff *msg)
970{
971 const struct wiphy_wowlan_tcp_support *tcp = rdev->wiphy.wowlan->tcp;
972 struct nlattr *nl_tcp;
973
974 if (!tcp)
975 return 0;
976
977 nl_tcp = nla_nest_start(msg, NL80211_WOWLAN_TRIG_TCP_CONNECTION);
978 if (!nl_tcp)
979 return -ENOBUFS;
980
981 if (nla_put_u32(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD,
982 tcp->data_payload_max))
983 return -ENOBUFS;
984
985 if (nla_put_u32(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD,
986 tcp->data_payload_max))
987 return -ENOBUFS;
988
989 if (tcp->seq && nla_put_flag(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ))
990 return -ENOBUFS;
991
992 if (tcp->tok && nla_put(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN,
993 sizeof(*tcp->tok), tcp->tok))
994 return -ENOBUFS;
995
996 if (nla_put_u32(msg, NL80211_WOWLAN_TCP_DATA_INTERVAL,
997 tcp->data_interval_max))
998 return -ENOBUFS;
999
1000 if (nla_put_u32(msg, NL80211_WOWLAN_TCP_WAKE_PAYLOAD,
1001 tcp->wake_payload_max))
1002 return -ENOBUFS;
1003
1004 nla_nest_end(msg, nl_tcp);
1005 return 0;
1006}
1007
1008static int nl80211_send_wowlan(struct sk_buff *msg,
1009 struct cfg80211_registered_device *dev,
1010 bool large)
1011{
1012 struct nlattr *nl_wowlan;
1013
1014 if (!dev->wiphy.wowlan)
1015 return 0;
1016
1017 nl_wowlan = nla_nest_start(msg, NL80211_ATTR_WOWLAN_TRIGGERS_SUPPORTED);
1018 if (!nl_wowlan)
1019 return -ENOBUFS;
1020
1021 if (((dev->wiphy.wowlan->flags & WIPHY_WOWLAN_ANY) &&
1022 nla_put_flag(msg, NL80211_WOWLAN_TRIG_ANY)) ||
1023 ((dev->wiphy.wowlan->flags & WIPHY_WOWLAN_DISCONNECT) &&
1024 nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT)) ||
1025 ((dev->wiphy.wowlan->flags & WIPHY_WOWLAN_MAGIC_PKT) &&
1026 nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT)) ||
1027 ((dev->wiphy.wowlan->flags & WIPHY_WOWLAN_SUPPORTS_GTK_REKEY) &&
1028 nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_SUPPORTED)) ||
1029 ((dev->wiphy.wowlan->flags & WIPHY_WOWLAN_GTK_REKEY_FAILURE) &&
1030 nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE)) ||
1031 ((dev->wiphy.wowlan->flags & WIPHY_WOWLAN_EAP_IDENTITY_REQ) &&
1032 nla_put_flag(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST)) ||
1033 ((dev->wiphy.wowlan->flags & WIPHY_WOWLAN_4WAY_HANDSHAKE) &&
1034 nla_put_flag(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE)) ||
1035 ((dev->wiphy.wowlan->flags & WIPHY_WOWLAN_RFKILL_RELEASE) &&
1036 nla_put_flag(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE)))
1037 return -ENOBUFS;
1038
1039 if (dev->wiphy.wowlan->n_patterns) {
1040 struct nl80211_pattern_support pat = {
1041 .max_patterns = dev->wiphy.wowlan->n_patterns,
1042 .min_pattern_len = dev->wiphy.wowlan->pattern_min_len,
1043 .max_pattern_len = dev->wiphy.wowlan->pattern_max_len,
1044 .max_pkt_offset = dev->wiphy.wowlan->max_pkt_offset,
1045 };
1046
1047 if (nla_put(msg, NL80211_WOWLAN_TRIG_PKT_PATTERN,
1048 sizeof(pat), &pat))
1049 return -ENOBUFS;
1050 }
1051
1052 if (large && nl80211_send_wowlan_tcp_caps(dev, msg))
1053 return -ENOBUFS;
1054
1055 nla_nest_end(msg, nl_wowlan);
1056
1057 return 0;
1058}
1059#endif
1060
1061static int nl80211_send_coalesce(struct sk_buff *msg,
1062 struct cfg80211_registered_device *dev)
1063{
1064 struct nl80211_coalesce_rule_support rule;
1065
1066 if (!dev->wiphy.coalesce)
1067 return 0;
1068
1069 rule.max_rules = dev->wiphy.coalesce->n_rules;
1070 rule.max_delay = dev->wiphy.coalesce->max_delay;
1071 rule.pat.max_patterns = dev->wiphy.coalesce->n_patterns;
1072 rule.pat.min_pattern_len = dev->wiphy.coalesce->pattern_min_len;
1073 rule.pat.max_pattern_len = dev->wiphy.coalesce->pattern_max_len;
1074 rule.pat.max_pkt_offset = dev->wiphy.coalesce->max_pkt_offset;
1075
1076 if (nla_put(msg, NL80211_ATTR_COALESCE_RULE, sizeof(rule), &rule))
1077 return -ENOBUFS;
1078
1079 return 0;
1080}
1081
1082static int nl80211_send_band_rateinfo(struct sk_buff *msg,
1083 struct ieee80211_supported_band *sband)
1084{
1085 struct nlattr *nl_rates, *nl_rate;
1086 struct ieee80211_rate *rate;
1087 int i;
1088
1089
1090 if (sband->ht_cap.ht_supported &&
1091 (nla_put(msg, NL80211_BAND_ATTR_HT_MCS_SET,
1092 sizeof(sband->ht_cap.mcs),
1093 &sband->ht_cap.mcs) ||
1094 nla_put_u16(msg, NL80211_BAND_ATTR_HT_CAPA,
1095 sband->ht_cap.cap) ||
1096 nla_put_u8(msg, NL80211_BAND_ATTR_HT_AMPDU_FACTOR,
1097 sband->ht_cap.ampdu_factor) ||
1098 nla_put_u8(msg, NL80211_BAND_ATTR_HT_AMPDU_DENSITY,
1099 sband->ht_cap.ampdu_density)))
1100 return -ENOBUFS;
1101
1102
1103 if (sband->vht_cap.vht_supported &&
1104 (nla_put(msg, NL80211_BAND_ATTR_VHT_MCS_SET,
1105 sizeof(sband->vht_cap.vht_mcs),
1106 &sband->vht_cap.vht_mcs) ||
1107 nla_put_u32(msg, NL80211_BAND_ATTR_VHT_CAPA,
1108 sband->vht_cap.cap)))
1109 return -ENOBUFS;
1110
1111
1112 nl_rates = nla_nest_start(msg, NL80211_BAND_ATTR_RATES);
1113 if (!nl_rates)
1114 return -ENOBUFS;
1115
1116 for (i = 0; i < sband->n_bitrates; i++) {
1117 nl_rate = nla_nest_start(msg, i);
1118 if (!nl_rate)
1119 return -ENOBUFS;
1120
1121 rate = &sband->bitrates[i];
1122 if (nla_put_u32(msg, NL80211_BITRATE_ATTR_RATE,
1123 rate->bitrate))
1124 return -ENOBUFS;
1125 if ((rate->flags & IEEE80211_RATE_SHORT_PREAMBLE) &&
1126 nla_put_flag(msg,
1127 NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE))
1128 return -ENOBUFS;
1129
1130 nla_nest_end(msg, nl_rate);
1131 }
1132
1133 nla_nest_end(msg, nl_rates);
1134
1135 return 0;
1136}
1137
1138static int
1139nl80211_send_mgmt_stypes(struct sk_buff *msg,
1140 const struct ieee80211_txrx_stypes *mgmt_stypes)
1141{
1142 u16 stypes;
1143 struct nlattr *nl_ftypes, *nl_ifs;
1144 enum nl80211_iftype ift;
1145 int i;
1146
1147 if (!mgmt_stypes)
1148 return 0;
1149
1150 nl_ifs = nla_nest_start(msg, NL80211_ATTR_TX_FRAME_TYPES);
1151 if (!nl_ifs)
1152 return -ENOBUFS;
1153
1154 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) {
1155 nl_ftypes = nla_nest_start(msg, ift);
1156 if (!nl_ftypes)
1157 return -ENOBUFS;
1158 i = 0;
1159 stypes = mgmt_stypes[ift].tx;
1160 while (stypes) {
1161 if ((stypes & 1) &&
1162 nla_put_u16(msg, NL80211_ATTR_FRAME_TYPE,
1163 (i << 4) | IEEE80211_FTYPE_MGMT))
1164 return -ENOBUFS;
1165 stypes >>= 1;
1166 i++;
1167 }
1168 nla_nest_end(msg, nl_ftypes);
1169 }
1170
1171 nla_nest_end(msg, nl_ifs);
1172
1173 nl_ifs = nla_nest_start(msg, NL80211_ATTR_RX_FRAME_TYPES);
1174 if (!nl_ifs)
1175 return -ENOBUFS;
1176
1177 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) {
1178 nl_ftypes = nla_nest_start(msg, ift);
1179 if (!nl_ftypes)
1180 return -ENOBUFS;
1181 i = 0;
1182 stypes = mgmt_stypes[ift].rx;
1183 while (stypes) {
1184 if ((stypes & 1) &&
1185 nla_put_u16(msg, NL80211_ATTR_FRAME_TYPE,
1186 (i << 4) | IEEE80211_FTYPE_MGMT))
1187 return -ENOBUFS;
1188 stypes >>= 1;
1189 i++;
1190 }
1191 nla_nest_end(msg, nl_ftypes);
1192 }
1193 nla_nest_end(msg, nl_ifs);
1194
1195 return 0;
1196}
1197
1198struct nl80211_dump_wiphy_state {
1199 s64 filter_wiphy;
1200 long start;
1201 long split_start, band_start, chan_start;
1202 bool split;
1203};
1204
1205static int nl80211_send_wiphy(struct cfg80211_registered_device *dev,
1206 struct sk_buff *msg, u32 portid, u32 seq,
1207 int flags, struct nl80211_dump_wiphy_state *state)
1208{
1209 void *hdr;
1210 struct nlattr *nl_bands, *nl_band;
1211 struct nlattr *nl_freqs, *nl_freq;
1212 struct nlattr *nl_cmds;
1213 enum ieee80211_band band;
1214 struct ieee80211_channel *chan;
1215 int i;
1216 const struct ieee80211_txrx_stypes *mgmt_stypes =
1217 dev->wiphy.mgmt_stypes;
1218 u32 features;
1219
1220 hdr = nl80211hdr_put(msg, portid, seq, flags, NL80211_CMD_NEW_WIPHY);
1221 if (!hdr)
1222 return -ENOBUFS;
1223
1224 if (WARN_ON(!state))
1225 return -EINVAL;
1226
1227 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, dev->wiphy_idx) ||
1228 nla_put_string(msg, NL80211_ATTR_WIPHY_NAME,
1229 wiphy_name(&dev->wiphy)) ||
1230 nla_put_u32(msg, NL80211_ATTR_GENERATION,
1231 cfg80211_rdev_list_generation))
1232 goto nla_put_failure;
1233
1234 switch (state->split_start) {
1235 case 0:
1236 if (nla_put_u8(msg, NL80211_ATTR_WIPHY_RETRY_SHORT,
1237 dev->wiphy.retry_short) ||
1238 nla_put_u8(msg, NL80211_ATTR_WIPHY_RETRY_LONG,
1239 dev->wiphy.retry_long) ||
1240 nla_put_u32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD,
1241 dev->wiphy.frag_threshold) ||
1242 nla_put_u32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD,
1243 dev->wiphy.rts_threshold) ||
1244 nla_put_u8(msg, NL80211_ATTR_WIPHY_COVERAGE_CLASS,
1245 dev->wiphy.coverage_class) ||
1246 nla_put_u8(msg, NL80211_ATTR_MAX_NUM_SCAN_SSIDS,
1247 dev->wiphy.max_scan_ssids) ||
1248 nla_put_u8(msg, NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS,
1249 dev->wiphy.max_sched_scan_ssids) ||
1250 nla_put_u16(msg, NL80211_ATTR_MAX_SCAN_IE_LEN,
1251 dev->wiphy.max_scan_ie_len) ||
1252 nla_put_u16(msg, NL80211_ATTR_MAX_SCHED_SCAN_IE_LEN,
1253 dev->wiphy.max_sched_scan_ie_len) ||
1254 nla_put_u8(msg, NL80211_ATTR_MAX_MATCH_SETS,
1255 dev->wiphy.max_match_sets))
1256 goto nla_put_failure;
1257
1258 if ((dev->wiphy.flags & WIPHY_FLAG_IBSS_RSN) &&
1259 nla_put_flag(msg, NL80211_ATTR_SUPPORT_IBSS_RSN))
1260 goto nla_put_failure;
1261 if ((dev->wiphy.flags & WIPHY_FLAG_MESH_AUTH) &&
1262 nla_put_flag(msg, NL80211_ATTR_SUPPORT_MESH_AUTH))
1263 goto nla_put_failure;
1264 if ((dev->wiphy.flags & WIPHY_FLAG_AP_UAPSD) &&
1265 nla_put_flag(msg, NL80211_ATTR_SUPPORT_AP_UAPSD))
1266 goto nla_put_failure;
1267 if ((dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_FW_ROAM) &&
1268 nla_put_flag(msg, NL80211_ATTR_ROAM_SUPPORT))
1269 goto nla_put_failure;
1270 if ((dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) &&
1271 nla_put_flag(msg, NL80211_ATTR_TDLS_SUPPORT))
1272 goto nla_put_failure;
1273 if ((dev->wiphy.flags & WIPHY_FLAG_TDLS_EXTERNAL_SETUP) &&
1274 nla_put_flag(msg, NL80211_ATTR_TDLS_EXTERNAL_SETUP))
1275 goto nla_put_failure;
1276 state->split_start++;
1277 if (state->split)
1278 break;
1279 case 1:
1280 if (nla_put(msg, NL80211_ATTR_CIPHER_SUITES,
1281 sizeof(u32) * dev->wiphy.n_cipher_suites,
1282 dev->wiphy.cipher_suites))
1283 goto nla_put_failure;
1284
1285 if (nla_put_u8(msg, NL80211_ATTR_MAX_NUM_PMKIDS,
1286 dev->wiphy.max_num_pmkids))
1287 goto nla_put_failure;
1288
1289 if ((dev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) &&
1290 nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE))
1291 goto nla_put_failure;
1292
1293 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_TX,
1294 dev->wiphy.available_antennas_tx) ||
1295 nla_put_u32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_RX,
1296 dev->wiphy.available_antennas_rx))
1297 goto nla_put_failure;
1298
1299 if ((dev->wiphy.flags & WIPHY_FLAG_AP_PROBE_RESP_OFFLOAD) &&
1300 nla_put_u32(msg, NL80211_ATTR_PROBE_RESP_OFFLOAD,
1301 dev->wiphy.probe_resp_offload))
1302 goto nla_put_failure;
1303
1304 if ((dev->wiphy.available_antennas_tx ||
1305 dev->wiphy.available_antennas_rx) &&
1306 dev->ops->get_antenna) {
1307 u32 tx_ant = 0, rx_ant = 0;
1308 int res;
1309 res = rdev_get_antenna(dev, &tx_ant, &rx_ant);
1310 if (!res) {
1311 if (nla_put_u32(msg,
1312 NL80211_ATTR_WIPHY_ANTENNA_TX,
1313 tx_ant) ||
1314 nla_put_u32(msg,
1315 NL80211_ATTR_WIPHY_ANTENNA_RX,
1316 rx_ant))
1317 goto nla_put_failure;
1318 }
1319 }
1320
1321 state->split_start++;
1322 if (state->split)
1323 break;
1324 case 2:
1325 if (nl80211_put_iftypes(msg, NL80211_ATTR_SUPPORTED_IFTYPES,
1326 dev->wiphy.interface_modes))
1327 goto nla_put_failure;
1328 state->split_start++;
1329 if (state->split)
1330 break;
1331 case 3:
1332 nl_bands = nla_nest_start(msg, NL80211_ATTR_WIPHY_BANDS);
1333 if (!nl_bands)
1334 goto nla_put_failure;
1335
1336 for (band = state->band_start;
1337 band < IEEE80211_NUM_BANDS; band++) {
1338 struct ieee80211_supported_band *sband;
1339
1340 sband = dev->wiphy.bands[band];
1341
1342 if (!sband)
1343 continue;
1344
1345 nl_band = nla_nest_start(msg, band);
1346 if (!nl_band)
1347 goto nla_put_failure;
1348
1349 switch (state->chan_start) {
1350 case 0:
1351 if (nl80211_send_band_rateinfo(msg, sband))
1352 goto nla_put_failure;
1353 state->chan_start++;
1354 if (state->split)
1355 break;
1356 default:
1357
1358 nl_freqs = nla_nest_start(
1359 msg, NL80211_BAND_ATTR_FREQS);
1360 if (!nl_freqs)
1361 goto nla_put_failure;
1362
1363 for (i = state->chan_start - 1;
1364 i < sband->n_channels;
1365 i++) {
1366 nl_freq = nla_nest_start(msg, i);
1367 if (!nl_freq)
1368 goto nla_put_failure;
1369
1370 chan = &sband->channels[i];
1371
1372 if (nl80211_msg_put_channel(
1373 msg, chan,
1374 state->split))
1375 goto nla_put_failure;
1376
1377 nla_nest_end(msg, nl_freq);
1378 if (state->split)
1379 break;
1380 }
1381 if (i < sband->n_channels)
1382 state->chan_start = i + 2;
1383 else
1384 state->chan_start = 0;
1385 nla_nest_end(msg, nl_freqs);
1386 }
1387
1388 nla_nest_end(msg, nl_band);
1389
1390 if (state->split) {
1391
1392 if (state->chan_start)
1393 band--;
1394 break;
1395 }
1396 }
1397 nla_nest_end(msg, nl_bands);
1398
1399 if (band < IEEE80211_NUM_BANDS)
1400 state->band_start = band + 1;
1401 else
1402 state->band_start = 0;
1403
1404
1405 if (state->band_start == 0 && state->chan_start == 0)
1406 state->split_start++;
1407 if (state->split)
1408 break;
1409 case 4:
1410 nl_cmds = nla_nest_start(msg, NL80211_ATTR_SUPPORTED_COMMANDS);
1411 if (!nl_cmds)
1412 goto nla_put_failure;
1413
1414 i = 0;
1415#define CMD(op, n) \
1416 do { \
1417 if (dev->ops->op) { \
1418 i++; \
1419 if (nla_put_u32(msg, i, NL80211_CMD_ ## n)) \
1420 goto nla_put_failure; \
1421 } \
1422 } while (0)
1423
1424 CMD(add_virtual_intf, NEW_INTERFACE);
1425 CMD(change_virtual_intf, SET_INTERFACE);
1426 CMD(add_key, NEW_KEY);
1427 CMD(start_ap, START_AP);
1428 CMD(add_station, NEW_STATION);
1429 CMD(add_mpath, NEW_MPATH);
1430 CMD(update_mesh_config, SET_MESH_CONFIG);
1431 CMD(change_bss, SET_BSS);
1432 CMD(auth, AUTHENTICATE);
1433 CMD(assoc, ASSOCIATE);
1434 CMD(deauth, DEAUTHENTICATE);
1435 CMD(disassoc, DISASSOCIATE);
1436 CMD(join_ibss, JOIN_IBSS);
1437 CMD(join_mesh, JOIN_MESH);
1438 CMD(set_pmksa, SET_PMKSA);
1439 CMD(del_pmksa, DEL_PMKSA);
1440 CMD(flush_pmksa, FLUSH_PMKSA);
1441 if (dev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL)
1442 CMD(remain_on_channel, REMAIN_ON_CHANNEL);
1443 CMD(set_bitrate_mask, SET_TX_BITRATE_MASK);
1444 CMD(mgmt_tx, FRAME);
1445 CMD(mgmt_tx_cancel_wait, FRAME_WAIT_CANCEL);
1446 if (dev->wiphy.flags & WIPHY_FLAG_NETNS_OK) {
1447 i++;
1448 if (nla_put_u32(msg, i, NL80211_CMD_SET_WIPHY_NETNS))
1449 goto nla_put_failure;
1450 }
1451 if (dev->ops->set_monitor_channel || dev->ops->start_ap ||
1452 dev->ops->join_mesh) {
1453 i++;
1454 if (nla_put_u32(msg, i, NL80211_CMD_SET_CHANNEL))
1455 goto nla_put_failure;
1456 }
1457 CMD(set_wds_peer, SET_WDS_PEER);
1458 if (dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) {
1459 CMD(tdls_mgmt, TDLS_MGMT);
1460 CMD(tdls_oper, TDLS_OPER);
1461 }
1462 if (dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN)
1463 CMD(sched_scan_start, START_SCHED_SCAN);
1464 CMD(probe_client, PROBE_CLIENT);
1465 CMD(set_noack_map, SET_NOACK_MAP);
1466 if (dev->wiphy.flags & WIPHY_FLAG_REPORTS_OBSS) {
1467 i++;
1468 if (nla_put_u32(msg, i, NL80211_CMD_REGISTER_BEACONS))
1469 goto nla_put_failure;
1470 }
1471 CMD(start_p2p_device, START_P2P_DEVICE);
1472 CMD(set_mcast_rate, SET_MCAST_RATE);
1473 if (state->split) {
1474 CMD(crit_proto_start, CRIT_PROTOCOL_START);
1475 CMD(crit_proto_stop, CRIT_PROTOCOL_STOP);
1476 if (dev->wiphy.flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH)
1477 CMD(channel_switch, CHANNEL_SWITCH);
1478 }
1479 CMD(set_qos_map, SET_QOS_MAP);
1480
1481#ifdef CONFIG_NL80211_TESTMODE
1482 CMD(testmode_cmd, TESTMODE);
1483#endif
1484
1485#undef CMD
1486
1487 if (dev->ops->connect || dev->ops->auth) {
1488 i++;
1489 if (nla_put_u32(msg, i, NL80211_CMD_CONNECT))
1490 goto nla_put_failure;
1491 }
1492
1493 if (dev->ops->disconnect || dev->ops->deauth) {
1494 i++;
1495 if (nla_put_u32(msg, i, NL80211_CMD_DISCONNECT))
1496 goto nla_put_failure;
1497 }
1498
1499 nla_nest_end(msg, nl_cmds);
1500 state->split_start++;
1501 if (state->split)
1502 break;
1503 case 5:
1504 if (dev->ops->remain_on_channel &&
1505 (dev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL) &&
1506 nla_put_u32(msg,
1507 NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION,
1508 dev->wiphy.max_remain_on_channel_duration))
1509 goto nla_put_failure;
1510
1511 if ((dev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX) &&
1512 nla_put_flag(msg, NL80211_ATTR_OFFCHANNEL_TX_OK))
1513 goto nla_put_failure;
1514
1515 if (nl80211_send_mgmt_stypes(msg, mgmt_stypes))
1516 goto nla_put_failure;
1517 state->split_start++;
1518 if (state->split)
1519 break;
1520 case 6:
1521#ifdef CONFIG_PM
1522 if (nl80211_send_wowlan(msg, dev, state->split))
1523 goto nla_put_failure;
1524 state->split_start++;
1525 if (state->split)
1526 break;
1527#else
1528 state->split_start++;
1529#endif
1530 case 7:
1531 if (nl80211_put_iftypes(msg, NL80211_ATTR_SOFTWARE_IFTYPES,
1532 dev->wiphy.software_iftypes))
1533 goto nla_put_failure;
1534
1535 if (nl80211_put_iface_combinations(&dev->wiphy, msg,
1536 state->split))
1537 goto nla_put_failure;
1538
1539 state->split_start++;
1540 if (state->split)
1541 break;
1542 case 8:
1543 if ((dev->wiphy.flags & WIPHY_FLAG_HAVE_AP_SME) &&
1544 nla_put_u32(msg, NL80211_ATTR_DEVICE_AP_SME,
1545 dev->wiphy.ap_sme_capa))
1546 goto nla_put_failure;
1547
1548 features = dev->wiphy.features;
1549
1550
1551
1552
1553
1554 if (state->split)
1555 features |= NL80211_FEATURE_ADVERTISE_CHAN_LIMITS;
1556 if (nla_put_u32(msg, NL80211_ATTR_FEATURE_FLAGS, features))
1557 goto nla_put_failure;
1558
1559 if (dev->wiphy.ht_capa_mod_mask &&
1560 nla_put(msg, NL80211_ATTR_HT_CAPABILITY_MASK,
1561 sizeof(*dev->wiphy.ht_capa_mod_mask),
1562 dev->wiphy.ht_capa_mod_mask))
1563 goto nla_put_failure;
1564
1565 if (dev->wiphy.flags & WIPHY_FLAG_HAVE_AP_SME &&
1566 dev->wiphy.max_acl_mac_addrs &&
1567 nla_put_u32(msg, NL80211_ATTR_MAC_ACL_MAX,
1568 dev->wiphy.max_acl_mac_addrs))
1569 goto nla_put_failure;
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581 state->split_start++;
1582 break;
1583 case 9:
1584 if (dev->wiphy.extended_capabilities &&
1585 (nla_put(msg, NL80211_ATTR_EXT_CAPA,
1586 dev->wiphy.extended_capabilities_len,
1587 dev->wiphy.extended_capabilities) ||
1588 nla_put(msg, NL80211_ATTR_EXT_CAPA_MASK,
1589 dev->wiphy.extended_capabilities_len,
1590 dev->wiphy.extended_capabilities_mask)))
1591 goto nla_put_failure;
1592
1593 if (dev->wiphy.vht_capa_mod_mask &&
1594 nla_put(msg, NL80211_ATTR_VHT_CAPABILITY_MASK,
1595 sizeof(*dev->wiphy.vht_capa_mod_mask),
1596 dev->wiphy.vht_capa_mod_mask))
1597 goto nla_put_failure;
1598
1599 state->split_start++;
1600 break;
1601 case 10:
1602 if (nl80211_send_coalesce(msg, dev))
1603 goto nla_put_failure;
1604
1605 if ((dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_5_10_MHZ) &&
1606 (nla_put_flag(msg, NL80211_ATTR_SUPPORT_5_MHZ) ||
1607 nla_put_flag(msg, NL80211_ATTR_SUPPORT_10_MHZ)))
1608 goto nla_put_failure;
1609
1610 if (dev->wiphy.max_ap_assoc_sta &&
1611 nla_put_u32(msg, NL80211_ATTR_MAX_AP_ASSOC_STA,
1612 dev->wiphy.max_ap_assoc_sta))
1613 goto nla_put_failure;
1614
1615 state->split_start++;
1616 break;
1617 case 11:
1618 if (dev->wiphy.n_vendor_commands) {
1619 const struct nl80211_vendor_cmd_info *info;
1620 struct nlattr *nested;
1621
1622 nested = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA);
1623 if (!nested)
1624 goto nla_put_failure;
1625
1626 for (i = 0; i < dev->wiphy.n_vendor_commands; i++) {
1627 info = &dev->wiphy.vendor_commands[i].info;
1628 if (nla_put(msg, i + 1, sizeof(*info), info))
1629 goto nla_put_failure;
1630 }
1631 nla_nest_end(msg, nested);
1632 }
1633
1634 if (dev->wiphy.n_vendor_events) {
1635 const struct nl80211_vendor_cmd_info *info;
1636 struct nlattr *nested;
1637
1638 nested = nla_nest_start(msg,
1639 NL80211_ATTR_VENDOR_EVENTS);
1640 if (!nested)
1641 goto nla_put_failure;
1642
1643 for (i = 0; i < dev->wiphy.n_vendor_events; i++) {
1644 info = &dev->wiphy.vendor_events[i];
1645 if (nla_put(msg, i + 1, sizeof(*info), info))
1646 goto nla_put_failure;
1647 }
1648 nla_nest_end(msg, nested);
1649 }
1650
1651
1652 state->split_start = 0;
1653 break;
1654 }
1655 return genlmsg_end(msg, hdr);
1656
1657 nla_put_failure:
1658 genlmsg_cancel(msg, hdr);
1659 return -EMSGSIZE;
1660}
1661
1662static int nl80211_dump_wiphy_parse(struct sk_buff *skb,
1663 struct netlink_callback *cb,
1664 struct nl80211_dump_wiphy_state *state)
1665{
1666 struct nlattr **tb = nl80211_fam.attrbuf;
1667 int ret = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize,
1668 tb, nl80211_fam.maxattr, nl80211_policy);
1669
1670 if (ret)
1671 return 0;
1672
1673 state->split = tb[NL80211_ATTR_SPLIT_WIPHY_DUMP];
1674 if (tb[NL80211_ATTR_WIPHY])
1675 state->filter_wiphy = nla_get_u32(tb[NL80211_ATTR_WIPHY]);
1676 if (tb[NL80211_ATTR_WDEV])
1677 state->filter_wiphy = nla_get_u64(tb[NL80211_ATTR_WDEV]) >> 32;
1678 if (tb[NL80211_ATTR_IFINDEX]) {
1679 struct net_device *netdev;
1680 struct cfg80211_registered_device *rdev;
1681 int ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
1682
1683 netdev = __dev_get_by_index(sock_net(skb->sk), ifidx);
1684 if (!netdev)
1685 return -ENODEV;
1686 if (netdev->ieee80211_ptr) {
1687 rdev = wiphy_to_dev(
1688 netdev->ieee80211_ptr->wiphy);
1689 state->filter_wiphy = rdev->wiphy_idx;
1690 }
1691 }
1692
1693 return 0;
1694}
1695
1696static int nl80211_dump_wiphy(struct sk_buff *skb, struct netlink_callback *cb)
1697{
1698 int idx = 0, ret;
1699 struct nl80211_dump_wiphy_state *state = (void *)cb->args[0];
1700 struct cfg80211_registered_device *dev;
1701
1702 rtnl_lock();
1703 if (!state) {
1704 state = kzalloc(sizeof(*state), GFP_KERNEL);
1705 if (!state) {
1706 rtnl_unlock();
1707 return -ENOMEM;
1708 }
1709 state->filter_wiphy = -1;
1710 ret = nl80211_dump_wiphy_parse(skb, cb, state);
1711 if (ret) {
1712 kfree(state);
1713 rtnl_unlock();
1714 return ret;
1715 }
1716 cb->args[0] = (long)state;
1717 }
1718
1719 list_for_each_entry(dev, &cfg80211_rdev_list, list) {
1720 if (!net_eq(wiphy_net(&dev->wiphy), sock_net(skb->sk)))
1721 continue;
1722 if (++idx <= state->start)
1723 continue;
1724 if (state->filter_wiphy != -1 &&
1725 state->filter_wiphy != dev->wiphy_idx)
1726 continue;
1727
1728 do {
1729 ret = nl80211_send_wiphy(dev, skb,
1730 NETLINK_CB(cb->skb).portid,
1731 cb->nlh->nlmsg_seq,
1732 NLM_F_MULTI, state);
1733 if (ret < 0) {
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747 if ((ret == -ENOBUFS || ret == -EMSGSIZE) &&
1748 !skb->len && !state->split &&
1749 cb->min_dump_alloc < 4096) {
1750 cb->min_dump_alloc = 4096;
1751 state->split_start = 0;
1752 rtnl_unlock();
1753 return 1;
1754 }
1755 idx--;
1756 break;
1757 }
1758 } while (state->split_start > 0);
1759 break;
1760 }
1761 rtnl_unlock();
1762
1763 state->start = idx;
1764
1765 return skb->len;
1766}
1767
1768static int nl80211_dump_wiphy_done(struct netlink_callback *cb)
1769{
1770 kfree((void *)cb->args[0]);
1771 return 0;
1772}
1773
1774static int nl80211_get_wiphy(struct sk_buff *skb, struct genl_info *info)
1775{
1776 struct sk_buff *msg;
1777 struct cfg80211_registered_device *dev = info->user_ptr[0];
1778 struct nl80211_dump_wiphy_state state = {};
1779
1780 msg = nlmsg_new(4096, GFP_KERNEL);
1781 if (!msg)
1782 return -ENOMEM;
1783
1784 if (nl80211_send_wiphy(dev, msg, info->snd_portid, info->snd_seq, 0,
1785 &state) < 0) {
1786 nlmsg_free(msg);
1787 return -ENOBUFS;
1788 }
1789
1790 return genlmsg_reply(msg, info);
1791}
1792
1793static const struct nla_policy txq_params_policy[NL80211_TXQ_ATTR_MAX + 1] = {
1794 [NL80211_TXQ_ATTR_QUEUE] = { .type = NLA_U8 },
1795 [NL80211_TXQ_ATTR_TXOP] = { .type = NLA_U16 },
1796 [NL80211_TXQ_ATTR_CWMIN] = { .type = NLA_U16 },
1797 [NL80211_TXQ_ATTR_CWMAX] = { .type = NLA_U16 },
1798 [NL80211_TXQ_ATTR_AIFS] = { .type = NLA_U8 },
1799};
1800
1801static int parse_txq_params(struct nlattr *tb[],
1802 struct ieee80211_txq_params *txq_params)
1803{
1804 if (!tb[NL80211_TXQ_ATTR_AC] || !tb[NL80211_TXQ_ATTR_TXOP] ||
1805 !tb[NL80211_TXQ_ATTR_CWMIN] || !tb[NL80211_TXQ_ATTR_CWMAX] ||
1806 !tb[NL80211_TXQ_ATTR_AIFS])
1807 return -EINVAL;
1808
1809 txq_params->ac = nla_get_u8(tb[NL80211_TXQ_ATTR_AC]);
1810 txq_params->txop = nla_get_u16(tb[NL80211_TXQ_ATTR_TXOP]);
1811 txq_params->cwmin = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMIN]);
1812 txq_params->cwmax = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMAX]);
1813 txq_params->aifs = nla_get_u8(tb[NL80211_TXQ_ATTR_AIFS]);
1814
1815 if (txq_params->ac >= NL80211_NUM_ACS)
1816 return -EINVAL;
1817
1818 return 0;
1819}
1820
1821static bool nl80211_can_set_dev_channel(struct wireless_dev *wdev)
1822{
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838 return !wdev ||
1839 wdev->iftype == NL80211_IFTYPE_AP ||
1840 wdev->iftype == NL80211_IFTYPE_MESH_POINT ||
1841 wdev->iftype == NL80211_IFTYPE_MONITOR ||
1842 wdev->iftype == NL80211_IFTYPE_P2P_GO;
1843}
1844
1845static int nl80211_parse_chandef(struct cfg80211_registered_device *rdev,
1846 struct genl_info *info,
1847 struct cfg80211_chan_def *chandef)
1848{
1849 u32 control_freq;
1850
1851 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ])
1852 return -EINVAL;
1853
1854 control_freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]);
1855
1856 chandef->chan = ieee80211_get_channel(&rdev->wiphy, control_freq);
1857 chandef->width = NL80211_CHAN_WIDTH_20_NOHT;
1858 chandef->center_freq1 = control_freq;
1859 chandef->center_freq2 = 0;
1860
1861
1862 if (!chandef->chan || chandef->chan->flags & IEEE80211_CHAN_DISABLED)
1863 return -EINVAL;
1864
1865 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) {
1866 enum nl80211_channel_type chantype;
1867
1868 chantype = nla_get_u32(
1869 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
1870
1871 switch (chantype) {
1872 case NL80211_CHAN_NO_HT:
1873 case NL80211_CHAN_HT20:
1874 case NL80211_CHAN_HT40PLUS:
1875 case NL80211_CHAN_HT40MINUS:
1876 cfg80211_chandef_create(chandef, chandef->chan,
1877 chantype);
1878 break;
1879 default:
1880 return -EINVAL;
1881 }
1882 } else if (info->attrs[NL80211_ATTR_CHANNEL_WIDTH]) {
1883 chandef->width =
1884 nla_get_u32(info->attrs[NL80211_ATTR_CHANNEL_WIDTH]);
1885 if (info->attrs[NL80211_ATTR_CENTER_FREQ1])
1886 chandef->center_freq1 =
1887 nla_get_u32(
1888 info->attrs[NL80211_ATTR_CENTER_FREQ1]);
1889 if (info->attrs[NL80211_ATTR_CENTER_FREQ2])
1890 chandef->center_freq2 =
1891 nla_get_u32(
1892 info->attrs[NL80211_ATTR_CENTER_FREQ2]);
1893 }
1894
1895 if (!cfg80211_chandef_valid(chandef))
1896 return -EINVAL;
1897
1898 if (!cfg80211_chandef_usable(&rdev->wiphy, chandef,
1899 IEEE80211_CHAN_DISABLED))
1900 return -EINVAL;
1901
1902 if ((chandef->width == NL80211_CHAN_WIDTH_5 ||
1903 chandef->width == NL80211_CHAN_WIDTH_10) &&
1904 !(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_5_10_MHZ))
1905 return -EINVAL;
1906
1907 return 0;
1908}
1909
1910static int __nl80211_set_channel(struct cfg80211_registered_device *rdev,
1911 struct wireless_dev *wdev,
1912 struct genl_info *info)
1913{
1914 struct cfg80211_chan_def chandef;
1915 int result;
1916 enum nl80211_iftype iftype = NL80211_IFTYPE_MONITOR;
1917
1918 if (wdev)
1919 iftype = wdev->iftype;
1920
1921 if (!nl80211_can_set_dev_channel(wdev))
1922 return -EOPNOTSUPP;
1923
1924 result = nl80211_parse_chandef(rdev, info, &chandef);
1925 if (result)
1926 return result;
1927
1928 switch (iftype) {
1929 case NL80211_IFTYPE_AP:
1930 case NL80211_IFTYPE_P2P_GO:
1931 if (wdev->beacon_interval) {
1932 result = -EBUSY;
1933 break;
1934 }
1935 if (!cfg80211_reg_can_beacon(&rdev->wiphy, &chandef)) {
1936 result = -EINVAL;
1937 break;
1938 }
1939 wdev->preset_chandef = chandef;
1940 result = 0;
1941 break;
1942 case NL80211_IFTYPE_MESH_POINT:
1943 result = cfg80211_set_mesh_channel(rdev, wdev, &chandef);
1944 break;
1945 case NL80211_IFTYPE_MONITOR:
1946 result = cfg80211_set_monitor_channel(rdev, &chandef);
1947 break;
1948 default:
1949 result = -EINVAL;
1950 }
1951
1952 return result;
1953}
1954
1955static int nl80211_set_channel(struct sk_buff *skb, struct genl_info *info)
1956{
1957 struct cfg80211_registered_device *rdev = info->user_ptr[0];
1958 struct net_device *netdev = info->user_ptr[1];
1959
1960 return __nl80211_set_channel(rdev, netdev->ieee80211_ptr, info);
1961}
1962
1963static int nl80211_set_wds_peer(struct sk_buff *skb, struct genl_info *info)
1964{
1965 struct cfg80211_registered_device *rdev = info->user_ptr[0];
1966 struct net_device *dev = info->user_ptr[1];
1967 struct wireless_dev *wdev = dev->ieee80211_ptr;
1968 const u8 *bssid;
1969
1970 if (!info->attrs[NL80211_ATTR_MAC])
1971 return -EINVAL;
1972
1973 if (netif_running(dev))
1974 return -EBUSY;
1975
1976 if (!rdev->ops->set_wds_peer)
1977 return -EOPNOTSUPP;
1978
1979 if (wdev->iftype != NL80211_IFTYPE_WDS)
1980 return -EOPNOTSUPP;
1981
1982 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
1983 return rdev_set_wds_peer(rdev, dev, bssid);
1984}
1985
1986
1987static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info)
1988{
1989 struct cfg80211_registered_device *rdev;
1990 struct net_device *netdev = NULL;
1991 struct wireless_dev *wdev;
1992 int result = 0, rem_txq_params = 0;
1993 struct nlattr *nl_txq_params;
1994 u32 changed;
1995 u8 retry_short = 0, retry_long = 0;
1996 u32 frag_threshold = 0, rts_threshold = 0;
1997 u8 coverage_class = 0;
1998
1999 ASSERT_RTNL();
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011 if (info->attrs[NL80211_ATTR_IFINDEX]) {
2012 int ifindex = nla_get_u32(info->attrs[NL80211_ATTR_IFINDEX]);
2013
2014 netdev = __dev_get_by_index(genl_info_net(info), ifindex);
2015 if (netdev && netdev->ieee80211_ptr)
2016 rdev = wiphy_to_dev(netdev->ieee80211_ptr->wiphy);
2017 else
2018 netdev = NULL;
2019 }
2020
2021 if (!netdev) {
2022 rdev = __cfg80211_rdev_from_attrs(genl_info_net(info),
2023 info->attrs);
2024 if (IS_ERR(rdev))
2025 return PTR_ERR(rdev);
2026 wdev = NULL;
2027 netdev = NULL;
2028 result = 0;
2029 } else
2030 wdev = netdev->ieee80211_ptr;
2031
2032
2033
2034
2035
2036
2037 if (info->attrs[NL80211_ATTR_WIPHY_NAME])
2038 result = cfg80211_dev_rename(
2039 rdev, nla_data(info->attrs[NL80211_ATTR_WIPHY_NAME]));
2040
2041 if (result)
2042 return result;
2043
2044 if (info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS]) {
2045 struct ieee80211_txq_params txq_params;
2046 struct nlattr *tb[NL80211_TXQ_ATTR_MAX + 1];
2047
2048 if (!rdev->ops->set_txq_params)
2049 return -EOPNOTSUPP;
2050
2051 if (!netdev)
2052 return -EINVAL;
2053
2054 if (netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
2055 netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
2056 return -EINVAL;
2057
2058 if (!netif_running(netdev))
2059 return -ENETDOWN;
2060
2061 nla_for_each_nested(nl_txq_params,
2062 info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS],
2063 rem_txq_params) {
2064 result = nla_parse(tb, NL80211_TXQ_ATTR_MAX,
2065 nla_data(nl_txq_params),
2066 nla_len(nl_txq_params),
2067 txq_params_policy);
2068 if (result)
2069 return result;
2070 result = parse_txq_params(tb, &txq_params);
2071 if (result)
2072 return result;
2073
2074 result = rdev_set_txq_params(rdev, netdev,
2075 &txq_params);
2076 if (result)
2077 return result;
2078 }
2079 }
2080
2081 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
2082 result = __nl80211_set_channel(rdev,
2083 nl80211_can_set_dev_channel(wdev) ? wdev : NULL,
2084 info);
2085 if (result)
2086 return result;
2087 }
2088
2089 if (info->attrs[NL80211_ATTR_WIPHY_TX_POWER_SETTING]) {
2090 struct wireless_dev *txp_wdev = wdev;
2091 enum nl80211_tx_power_setting type;
2092 int idx, mbm = 0;
2093
2094 if (!(rdev->wiphy.features & NL80211_FEATURE_VIF_TXPOWER))
2095 txp_wdev = NULL;
2096
2097 if (!rdev->ops->set_tx_power)
2098 return -EOPNOTSUPP;
2099
2100 idx = NL80211_ATTR_WIPHY_TX_POWER_SETTING;
2101 type = nla_get_u32(info->attrs[idx]);
2102
2103 if (!info->attrs[NL80211_ATTR_WIPHY_TX_POWER_LEVEL] &&
2104 (type != NL80211_TX_POWER_AUTOMATIC))
2105 return -EINVAL;
2106
2107 if (type != NL80211_TX_POWER_AUTOMATIC) {
2108 idx = NL80211_ATTR_WIPHY_TX_POWER_LEVEL;
2109 mbm = nla_get_u32(info->attrs[idx]);
2110 }
2111
2112 result = rdev_set_tx_power(rdev, txp_wdev, type, mbm);
2113 if (result)
2114 return result;
2115 }
2116
2117 if (info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX] &&
2118 info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]) {
2119 u32 tx_ant, rx_ant;
2120 if ((!rdev->wiphy.available_antennas_tx &&
2121 !rdev->wiphy.available_antennas_rx) ||
2122 !rdev->ops->set_antenna)
2123 return -EOPNOTSUPP;
2124
2125 tx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX]);
2126 rx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]);
2127
2128
2129
2130 if ((~tx_ant && (tx_ant & ~rdev->wiphy.available_antennas_tx)) ||
2131 (~rx_ant && (rx_ant & ~rdev->wiphy.available_antennas_rx)))
2132 return -EINVAL;
2133
2134 tx_ant = tx_ant & rdev->wiphy.available_antennas_tx;
2135 rx_ant = rx_ant & rdev->wiphy.available_antennas_rx;
2136
2137 result = rdev_set_antenna(rdev, tx_ant, rx_ant);
2138 if (result)
2139 return result;
2140 }
2141
2142 changed = 0;
2143
2144 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]) {
2145 retry_short = nla_get_u8(
2146 info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]);
2147 if (retry_short == 0)
2148 return -EINVAL;
2149
2150 changed |= WIPHY_PARAM_RETRY_SHORT;
2151 }
2152
2153 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]) {
2154 retry_long = nla_get_u8(
2155 info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]);
2156 if (retry_long == 0)
2157 return -EINVAL;
2158
2159 changed |= WIPHY_PARAM_RETRY_LONG;
2160 }
2161
2162 if (info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]) {
2163 frag_threshold = nla_get_u32(
2164 info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]);
2165 if (frag_threshold < 256)
2166 return -EINVAL;
2167
2168 if (frag_threshold != (u32) -1) {
2169
2170
2171
2172
2173
2174
2175 frag_threshold &= ~0x1;
2176 }
2177 changed |= WIPHY_PARAM_FRAG_THRESHOLD;
2178 }
2179
2180 if (info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]) {
2181 rts_threshold = nla_get_u32(
2182 info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]);
2183 changed |= WIPHY_PARAM_RTS_THRESHOLD;
2184 }
2185
2186 if (info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]) {
2187 coverage_class = nla_get_u8(
2188 info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]);
2189 changed |= WIPHY_PARAM_COVERAGE_CLASS;
2190 }
2191
2192 if (changed) {
2193 u8 old_retry_short, old_retry_long;
2194 u32 old_frag_threshold, old_rts_threshold;
2195 u8 old_coverage_class;
2196
2197 if (!rdev->ops->set_wiphy_params)
2198 return -EOPNOTSUPP;
2199
2200 old_retry_short = rdev->wiphy.retry_short;
2201 old_retry_long = rdev->wiphy.retry_long;
2202 old_frag_threshold = rdev->wiphy.frag_threshold;
2203 old_rts_threshold = rdev->wiphy.rts_threshold;
2204 old_coverage_class = rdev->wiphy.coverage_class;
2205
2206 if (changed & WIPHY_PARAM_RETRY_SHORT)
2207 rdev->wiphy.retry_short = retry_short;
2208 if (changed & WIPHY_PARAM_RETRY_LONG)
2209 rdev->wiphy.retry_long = retry_long;
2210 if (changed & WIPHY_PARAM_FRAG_THRESHOLD)
2211 rdev->wiphy.frag_threshold = frag_threshold;
2212 if (changed & WIPHY_PARAM_RTS_THRESHOLD)
2213 rdev->wiphy.rts_threshold = rts_threshold;
2214 if (changed & WIPHY_PARAM_COVERAGE_CLASS)
2215 rdev->wiphy.coverage_class = coverage_class;
2216
2217 result = rdev_set_wiphy_params(rdev, changed);
2218 if (result) {
2219 rdev->wiphy.retry_short = old_retry_short;
2220 rdev->wiphy.retry_long = old_retry_long;
2221 rdev->wiphy.frag_threshold = old_frag_threshold;
2222 rdev->wiphy.rts_threshold = old_rts_threshold;
2223 rdev->wiphy.coverage_class = old_coverage_class;
2224 }
2225 }
2226 return 0;
2227}
2228
2229static inline u64 wdev_id(struct wireless_dev *wdev)
2230{
2231 return (u64)wdev->identifier |
2232 ((u64)wiphy_to_dev(wdev->wiphy)->wiphy_idx << 32);
2233}
2234
2235static int nl80211_send_chandef(struct sk_buff *msg,
2236 const struct cfg80211_chan_def *chandef)
2237{
2238 WARN_ON(!cfg80211_chandef_valid(chandef));
2239
2240 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ,
2241 chandef->chan->center_freq))
2242 return -ENOBUFS;
2243 switch (chandef->width) {
2244 case NL80211_CHAN_WIDTH_20_NOHT:
2245 case NL80211_CHAN_WIDTH_20:
2246 case NL80211_CHAN_WIDTH_40:
2247 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
2248 cfg80211_get_chandef_type(chandef)))
2249 return -ENOBUFS;
2250 break;
2251 default:
2252 break;
2253 }
2254 if (nla_put_u32(msg, NL80211_ATTR_CHANNEL_WIDTH, chandef->width))
2255 return -ENOBUFS;
2256 if (nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ1, chandef->center_freq1))
2257 return -ENOBUFS;
2258 if (chandef->center_freq2 &&
2259 nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ2, chandef->center_freq2))
2260 return -ENOBUFS;
2261 return 0;
2262}
2263
2264static int nl80211_send_iface(struct sk_buff *msg, u32 portid, u32 seq, int flags,
2265 struct cfg80211_registered_device *rdev,
2266 struct wireless_dev *wdev)
2267{
2268 struct net_device *dev = wdev->netdev;
2269 void *hdr;
2270
2271 hdr = nl80211hdr_put(msg, portid, seq, flags, NL80211_CMD_NEW_INTERFACE);
2272 if (!hdr)
2273 return -1;
2274
2275 if (dev &&
2276 (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
2277 nla_put_string(msg, NL80211_ATTR_IFNAME, dev->name)))
2278 goto nla_put_failure;
2279
2280 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
2281 nla_put_u32(msg, NL80211_ATTR_IFTYPE, wdev->iftype) ||
2282 nla_put_u64(msg, NL80211_ATTR_WDEV, wdev_id(wdev)) ||
2283 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, wdev_address(wdev)) ||
2284 nla_put_u32(msg, NL80211_ATTR_GENERATION,
2285 rdev->devlist_generation ^
2286 (cfg80211_rdev_list_generation << 2)))
2287 goto nla_put_failure;
2288
2289 if (rdev->ops->get_channel) {
2290 int ret;
2291 struct cfg80211_chan_def chandef;
2292
2293 ret = rdev_get_channel(rdev, wdev, &chandef);
2294 if (ret == 0) {
2295 if (nl80211_send_chandef(msg, &chandef))
2296 goto nla_put_failure;
2297 }
2298 }
2299
2300 if (wdev->ssid_len) {
2301 if (nla_put(msg, NL80211_ATTR_SSID, wdev->ssid_len, wdev->ssid))
2302 goto nla_put_failure;
2303 }
2304
2305 return genlmsg_end(msg, hdr);
2306
2307 nla_put_failure:
2308 genlmsg_cancel(msg, hdr);
2309 return -EMSGSIZE;
2310}
2311
2312static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback *cb)
2313{
2314 int wp_idx = 0;
2315 int if_idx = 0;
2316 int wp_start = cb->args[0];
2317 int if_start = cb->args[1];
2318 struct cfg80211_registered_device *rdev;
2319 struct wireless_dev *wdev;
2320
2321 rtnl_lock();
2322 list_for_each_entry(rdev, &cfg80211_rdev_list, list) {
2323 if (!net_eq(wiphy_net(&rdev->wiphy), sock_net(skb->sk)))
2324 continue;
2325 if (wp_idx < wp_start) {
2326 wp_idx++;
2327 continue;
2328 }
2329 if_idx = 0;
2330
2331 list_for_each_entry(wdev, &rdev->wdev_list, list) {
2332 if (if_idx < if_start) {
2333 if_idx++;
2334 continue;
2335 }
2336 if (nl80211_send_iface(skb, NETLINK_CB(cb->skb).portid,
2337 cb->nlh->nlmsg_seq, NLM_F_MULTI,
2338 rdev, wdev) < 0) {
2339 goto out;
2340 }
2341 if_idx++;
2342 }
2343
2344 wp_idx++;
2345 }
2346 out:
2347 rtnl_unlock();
2348
2349 cb->args[0] = wp_idx;
2350 cb->args[1] = if_idx;
2351
2352 return skb->len;
2353}
2354
2355static int nl80211_get_interface(struct sk_buff *skb, struct genl_info *info)
2356{
2357 struct sk_buff *msg;
2358 struct cfg80211_registered_device *dev = info->user_ptr[0];
2359 struct wireless_dev *wdev = info->user_ptr[1];
2360
2361 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
2362 if (!msg)
2363 return -ENOMEM;
2364
2365 if (nl80211_send_iface(msg, info->snd_portid, info->snd_seq, 0,
2366 dev, wdev) < 0) {
2367 nlmsg_free(msg);
2368 return -ENOBUFS;
2369 }
2370
2371 return genlmsg_reply(msg, info);
2372}
2373
2374static const struct nla_policy mntr_flags_policy[NL80211_MNTR_FLAG_MAX + 1] = {
2375 [NL80211_MNTR_FLAG_FCSFAIL] = { .type = NLA_FLAG },
2376 [NL80211_MNTR_FLAG_PLCPFAIL] = { .type = NLA_FLAG },
2377 [NL80211_MNTR_FLAG_CONTROL] = { .type = NLA_FLAG },
2378 [NL80211_MNTR_FLAG_OTHER_BSS] = { .type = NLA_FLAG },
2379 [NL80211_MNTR_FLAG_COOK_FRAMES] = { .type = NLA_FLAG },
2380 [NL80211_MNTR_FLAG_ACTIVE] = { .type = NLA_FLAG },
2381};
2382
2383static int parse_monitor_flags(struct nlattr *nla, u32 *mntrflags)
2384{
2385 struct nlattr *flags[NL80211_MNTR_FLAG_MAX + 1];
2386 int flag;
2387
2388 *mntrflags = 0;
2389
2390 if (!nla)
2391 return -EINVAL;
2392
2393 if (nla_parse_nested(flags, NL80211_MNTR_FLAG_MAX,
2394 nla, mntr_flags_policy))
2395 return -EINVAL;
2396
2397 for (flag = 1; flag <= NL80211_MNTR_FLAG_MAX; flag++)
2398 if (flags[flag])
2399 *mntrflags |= (1<<flag);
2400
2401 return 0;
2402}
2403
2404static int nl80211_valid_4addr(struct cfg80211_registered_device *rdev,
2405 struct net_device *netdev, u8 use_4addr,
2406 enum nl80211_iftype iftype)
2407{
2408 if (!use_4addr) {
2409 if (netdev && (netdev->priv_flags & IFF_BRIDGE_PORT))
2410 return -EBUSY;
2411 return 0;
2412 }
2413
2414 switch (iftype) {
2415 case NL80211_IFTYPE_AP_VLAN:
2416 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_AP)
2417 return 0;
2418 break;
2419 case NL80211_IFTYPE_STATION:
2420 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_STATION)
2421 return 0;
2422 break;
2423 default:
2424 break;
2425 }
2426
2427 return -EOPNOTSUPP;
2428}
2429
2430static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
2431{
2432 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2433 struct vif_params params;
2434 int err;
2435 enum nl80211_iftype otype, ntype;
2436 struct net_device *dev = info->user_ptr[1];
2437 u32 _flags, *flags = NULL;
2438 bool change = false;
2439
2440 memset(¶ms, 0, sizeof(params));
2441
2442 otype = ntype = dev->ieee80211_ptr->iftype;
2443
2444 if (info->attrs[NL80211_ATTR_IFTYPE]) {
2445 ntype = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]);
2446 if (otype != ntype)
2447 change = true;
2448 if (ntype > NL80211_IFTYPE_MAX)
2449 return -EINVAL;
2450 }
2451
2452 if (info->attrs[NL80211_ATTR_MESH_ID]) {
2453 struct wireless_dev *wdev = dev->ieee80211_ptr;
2454
2455 if (ntype != NL80211_IFTYPE_MESH_POINT)
2456 return -EINVAL;
2457 if (netif_running(dev))
2458 return -EBUSY;
2459
2460 wdev_lock(wdev);
2461 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN !=
2462 IEEE80211_MAX_MESH_ID_LEN);
2463 wdev->mesh_id_up_len =
2464 nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
2465 memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]),
2466 wdev->mesh_id_up_len);
2467 wdev_unlock(wdev);
2468 }
2469
2470 if (info->attrs[NL80211_ATTR_4ADDR]) {
2471 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]);
2472 change = true;
2473 err = nl80211_valid_4addr(rdev, dev, params.use_4addr, ntype);
2474 if (err)
2475 return err;
2476 } else {
2477 params.use_4addr = -1;
2478 }
2479
2480 if (info->attrs[NL80211_ATTR_MNTR_FLAGS]) {
2481 if (ntype != NL80211_IFTYPE_MONITOR)
2482 return -EINVAL;
2483 err = parse_monitor_flags(info->attrs[NL80211_ATTR_MNTR_FLAGS],
2484 &_flags);
2485 if (err)
2486 return err;
2487
2488 flags = &_flags;
2489 change = true;
2490 }
2491
2492 if (flags && (*flags & MONITOR_FLAG_ACTIVE) &&
2493 !(rdev->wiphy.features & NL80211_FEATURE_ACTIVE_MONITOR))
2494 return -EOPNOTSUPP;
2495
2496 if (change)
2497 err = cfg80211_change_iface(rdev, dev, ntype, flags, ¶ms);
2498 else
2499 err = 0;
2500
2501 if (!err && params.use_4addr != -1)
2502 dev->ieee80211_ptr->use_4addr = params.use_4addr;
2503
2504 return err;
2505}
2506
2507static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info)
2508{
2509 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2510 struct vif_params params;
2511 struct wireless_dev *wdev;
2512 struct sk_buff *msg;
2513 int err;
2514 enum nl80211_iftype type = NL80211_IFTYPE_UNSPECIFIED;
2515 u32 flags;
2516
2517 memset(¶ms, 0, sizeof(params));
2518
2519 if (!info->attrs[NL80211_ATTR_IFNAME])
2520 return -EINVAL;
2521
2522 if (info->attrs[NL80211_ATTR_IFTYPE]) {
2523 type = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]);
2524 if (type > NL80211_IFTYPE_MAX)
2525 return -EINVAL;
2526 }
2527
2528 if (!rdev->ops->add_virtual_intf ||
2529 !(rdev->wiphy.interface_modes & (1 << type)))
2530 return -EOPNOTSUPP;
2531
2532 if (type == NL80211_IFTYPE_P2P_DEVICE && info->attrs[NL80211_ATTR_MAC]) {
2533 nla_memcpy(params.macaddr, info->attrs[NL80211_ATTR_MAC],
2534 ETH_ALEN);
2535 if (!is_valid_ether_addr(params.macaddr))
2536 return -EADDRNOTAVAIL;
2537 }
2538
2539 if (info->attrs[NL80211_ATTR_4ADDR]) {
2540 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]);
2541 err = nl80211_valid_4addr(rdev, NULL, params.use_4addr, type);
2542 if (err)
2543 return err;
2544 }
2545
2546 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
2547 if (!msg)
2548 return -ENOMEM;
2549
2550 err = parse_monitor_flags(type == NL80211_IFTYPE_MONITOR ?
2551 info->attrs[NL80211_ATTR_MNTR_FLAGS] : NULL,
2552 &flags);
2553
2554 if (!err && (flags & MONITOR_FLAG_ACTIVE) &&
2555 !(rdev->wiphy.features & NL80211_FEATURE_ACTIVE_MONITOR))
2556 return -EOPNOTSUPP;
2557
2558 wdev = rdev_add_virtual_intf(rdev,
2559 nla_data(info->attrs[NL80211_ATTR_IFNAME]),
2560 type, err ? NULL : &flags, ¶ms);
2561 if (IS_ERR(wdev)) {
2562 nlmsg_free(msg);
2563 return PTR_ERR(wdev);
2564 }
2565
2566 switch (type) {
2567 case NL80211_IFTYPE_MESH_POINT:
2568 if (!info->attrs[NL80211_ATTR_MESH_ID])
2569 break;
2570 wdev_lock(wdev);
2571 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN !=
2572 IEEE80211_MAX_MESH_ID_LEN);
2573 wdev->mesh_id_up_len =
2574 nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
2575 memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]),
2576 wdev->mesh_id_up_len);
2577 wdev_unlock(wdev);
2578 break;
2579 case NL80211_IFTYPE_P2P_DEVICE:
2580
2581
2582
2583
2584 mutex_init(&wdev->mtx);
2585 INIT_LIST_HEAD(&wdev->event_list);
2586 spin_lock_init(&wdev->event_lock);
2587 INIT_LIST_HEAD(&wdev->mgmt_registrations);
2588 spin_lock_init(&wdev->mgmt_registrations_lock);
2589
2590 wdev->identifier = ++rdev->wdev_id;
2591 list_add_rcu(&wdev->list, &rdev->wdev_list);
2592 rdev->devlist_generation++;
2593 break;
2594 default:
2595 break;
2596 }
2597
2598 if (nl80211_send_iface(msg, info->snd_portid, info->snd_seq, 0,
2599 rdev, wdev) < 0) {
2600 nlmsg_free(msg);
2601 return -ENOBUFS;
2602 }
2603
2604 return genlmsg_reply(msg, info);
2605}
2606
2607static int nl80211_del_interface(struct sk_buff *skb, struct genl_info *info)
2608{
2609 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2610 struct wireless_dev *wdev = info->user_ptr[1];
2611
2612 if (!rdev->ops->del_virtual_intf)
2613 return -EOPNOTSUPP;
2614
2615
2616
2617
2618
2619
2620
2621
2622 if (!wdev->netdev)
2623 info->user_ptr[1] = NULL;
2624
2625 return rdev_del_virtual_intf(rdev, wdev);
2626}
2627
2628static int nl80211_set_noack_map(struct sk_buff *skb, struct genl_info *info)
2629{
2630 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2631 struct net_device *dev = info->user_ptr[1];
2632 u16 noack_map;
2633
2634 if (!info->attrs[NL80211_ATTR_NOACK_MAP])
2635 return -EINVAL;
2636
2637 if (!rdev->ops->set_noack_map)
2638 return -EOPNOTSUPP;
2639
2640 noack_map = nla_get_u16(info->attrs[NL80211_ATTR_NOACK_MAP]);
2641
2642 return rdev_set_noack_map(rdev, dev, noack_map);
2643}
2644
2645struct get_key_cookie {
2646 struct sk_buff *msg;
2647 int error;
2648 int idx;
2649};
2650
2651static void get_key_callback(void *c, struct key_params *params)
2652{
2653 struct nlattr *key;
2654 struct get_key_cookie *cookie = c;
2655
2656 if ((params->key &&
2657 nla_put(cookie->msg, NL80211_ATTR_KEY_DATA,
2658 params->key_len, params->key)) ||
2659 (params->seq &&
2660 nla_put(cookie->msg, NL80211_ATTR_KEY_SEQ,
2661 params->seq_len, params->seq)) ||
2662 (params->cipher &&
2663 nla_put_u32(cookie->msg, NL80211_ATTR_KEY_CIPHER,
2664 params->cipher)))
2665 goto nla_put_failure;
2666
2667 key = nla_nest_start(cookie->msg, NL80211_ATTR_KEY);
2668 if (!key)
2669 goto nla_put_failure;
2670
2671 if ((params->key &&
2672 nla_put(cookie->msg, NL80211_KEY_DATA,
2673 params->key_len, params->key)) ||
2674 (params->seq &&
2675 nla_put(cookie->msg, NL80211_KEY_SEQ,
2676 params->seq_len, params->seq)) ||
2677 (params->cipher &&
2678 nla_put_u32(cookie->msg, NL80211_KEY_CIPHER,
2679 params->cipher)))
2680 goto nla_put_failure;
2681
2682 if (nla_put_u8(cookie->msg, NL80211_ATTR_KEY_IDX, cookie->idx))
2683 goto nla_put_failure;
2684
2685 nla_nest_end(cookie->msg, key);
2686
2687 return;
2688 nla_put_failure:
2689 cookie->error = 1;
2690}
2691
2692static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info)
2693{
2694 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2695 int err;
2696 struct net_device *dev = info->user_ptr[1];
2697 u8 key_idx = 0;
2698 const u8 *mac_addr = NULL;
2699 bool pairwise;
2700 struct get_key_cookie cookie = {
2701 .error = 0,
2702 };
2703 void *hdr;
2704 struct sk_buff *msg;
2705
2706 if (info->attrs[NL80211_ATTR_KEY_IDX])
2707 key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);
2708
2709 if (key_idx > 5)
2710 return -EINVAL;
2711
2712 if (info->attrs[NL80211_ATTR_MAC])
2713 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
2714
2715 pairwise = !!mac_addr;
2716 if (info->attrs[NL80211_ATTR_KEY_TYPE]) {
2717 u32 kt = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]);
2718 if (kt >= NUM_NL80211_KEYTYPES)
2719 return -EINVAL;
2720 if (kt != NL80211_KEYTYPE_GROUP &&
2721 kt != NL80211_KEYTYPE_PAIRWISE)
2722 return -EINVAL;
2723 pairwise = kt == NL80211_KEYTYPE_PAIRWISE;
2724 }
2725
2726 if (!rdev->ops->get_key)
2727 return -EOPNOTSUPP;
2728
2729 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
2730 if (!msg)
2731 return -ENOMEM;
2732
2733 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
2734 NL80211_CMD_NEW_KEY);
2735 if (!hdr)
2736 goto nla_put_failure;
2737
2738 cookie.msg = msg;
2739 cookie.idx = key_idx;
2740
2741 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
2742 nla_put_u8(msg, NL80211_ATTR_KEY_IDX, key_idx))
2743 goto nla_put_failure;
2744 if (mac_addr &&
2745 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr))
2746 goto nla_put_failure;
2747
2748 if (pairwise && mac_addr &&
2749 !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN))
2750 return -ENOENT;
2751
2752 err = rdev_get_key(rdev, dev, key_idx, pairwise, mac_addr, &cookie,
2753 get_key_callback);
2754
2755 if (err)
2756 goto free_msg;
2757
2758 if (cookie.error)
2759 goto nla_put_failure;
2760
2761 genlmsg_end(msg, hdr);
2762 return genlmsg_reply(msg, info);
2763
2764 nla_put_failure:
2765 err = -ENOBUFS;
2766 free_msg:
2767 nlmsg_free(msg);
2768 return err;
2769}
2770
2771static int nl80211_set_key(struct sk_buff *skb, struct genl_info *info)
2772{
2773 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2774 struct key_parse key;
2775 int err;
2776 struct net_device *dev = info->user_ptr[1];
2777
2778 err = nl80211_parse_key(info, &key);
2779 if (err)
2780 return err;
2781
2782 if (key.idx < 0)
2783 return -EINVAL;
2784
2785
2786 if (!key.def && !key.defmgmt)
2787 return -EINVAL;
2788
2789 wdev_lock(dev->ieee80211_ptr);
2790
2791 if (key.def) {
2792 if (!rdev->ops->set_default_key) {
2793 err = -EOPNOTSUPP;
2794 goto out;
2795 }
2796
2797 err = nl80211_key_allowed(dev->ieee80211_ptr);
2798 if (err)
2799 goto out;
2800
2801 err = rdev_set_default_key(rdev, dev, key.idx,
2802 key.def_uni, key.def_multi);
2803
2804 if (err)
2805 goto out;
2806
2807#ifdef CONFIG_CFG80211_WEXT
2808 dev->ieee80211_ptr->wext.default_key = key.idx;
2809#endif
2810 } else {
2811 if (key.def_uni || !key.def_multi) {
2812 err = -EINVAL;
2813 goto out;
2814 }
2815
2816 if (!rdev->ops->set_default_mgmt_key) {
2817 err = -EOPNOTSUPP;
2818 goto out;
2819 }
2820
2821 err = nl80211_key_allowed(dev->ieee80211_ptr);
2822 if (err)
2823 goto out;
2824
2825 err = rdev_set_default_mgmt_key(rdev, dev, key.idx);
2826 if (err)
2827 goto out;
2828
2829#ifdef CONFIG_CFG80211_WEXT
2830 dev->ieee80211_ptr->wext.default_mgmt_key = key.idx;
2831#endif
2832 }
2833
2834 out:
2835 wdev_unlock(dev->ieee80211_ptr);
2836
2837 return err;
2838}
2839
2840static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info)
2841{
2842 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2843 int err;
2844 struct net_device *dev = info->user_ptr[1];
2845 struct key_parse key;
2846 const u8 *mac_addr = NULL;
2847
2848 err = nl80211_parse_key(info, &key);
2849 if (err)
2850 return err;
2851
2852 if (!key.p.key)
2853 return -EINVAL;
2854
2855 if (info->attrs[NL80211_ATTR_MAC])
2856 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
2857
2858 if (key.type == -1) {
2859 if (mac_addr)
2860 key.type = NL80211_KEYTYPE_PAIRWISE;
2861 else
2862 key.type = NL80211_KEYTYPE_GROUP;
2863 }
2864
2865
2866 if (key.type != NL80211_KEYTYPE_PAIRWISE &&
2867 key.type != NL80211_KEYTYPE_GROUP)
2868 return -EINVAL;
2869
2870 if (!rdev->ops->add_key)
2871 return -EOPNOTSUPP;
2872
2873 if (cfg80211_validate_key_settings(rdev, &key.p, key.idx,
2874 key.type == NL80211_KEYTYPE_PAIRWISE,
2875 mac_addr))
2876 return -EINVAL;
2877
2878 wdev_lock(dev->ieee80211_ptr);
2879 err = nl80211_key_allowed(dev->ieee80211_ptr);
2880 if (!err)
2881 err = rdev_add_key(rdev, dev, key.idx,
2882 key.type == NL80211_KEYTYPE_PAIRWISE,
2883 mac_addr, &key.p);
2884 wdev_unlock(dev->ieee80211_ptr);
2885
2886 return err;
2887}
2888
2889static int nl80211_del_key(struct sk_buff *skb, struct genl_info *info)
2890{
2891 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2892 int err;
2893 struct net_device *dev = info->user_ptr[1];
2894 u8 *mac_addr = NULL;
2895 struct key_parse key;
2896
2897 err = nl80211_parse_key(info, &key);
2898 if (err)
2899 return err;
2900
2901 if (info->attrs[NL80211_ATTR_MAC])
2902 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
2903
2904 if (key.type == -1) {
2905 if (mac_addr)
2906 key.type = NL80211_KEYTYPE_PAIRWISE;
2907 else
2908 key.type = NL80211_KEYTYPE_GROUP;
2909 }
2910
2911
2912 if (key.type != NL80211_KEYTYPE_PAIRWISE &&
2913 key.type != NL80211_KEYTYPE_GROUP)
2914 return -EINVAL;
2915
2916 if (!rdev->ops->del_key)
2917 return -EOPNOTSUPP;
2918
2919 wdev_lock(dev->ieee80211_ptr);
2920 err = nl80211_key_allowed(dev->ieee80211_ptr);
2921
2922 if (key.type == NL80211_KEYTYPE_PAIRWISE && mac_addr &&
2923 !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN))
2924 err = -ENOENT;
2925
2926 if (!err)
2927 err = rdev_del_key(rdev, dev, key.idx,
2928 key.type == NL80211_KEYTYPE_PAIRWISE,
2929 mac_addr);
2930
2931#ifdef CONFIG_CFG80211_WEXT
2932 if (!err) {
2933 if (key.idx == dev->ieee80211_ptr->wext.default_key)
2934 dev->ieee80211_ptr->wext.default_key = -1;
2935 else if (key.idx == dev->ieee80211_ptr->wext.default_mgmt_key)
2936 dev->ieee80211_ptr->wext.default_mgmt_key = -1;
2937 }
2938#endif
2939 wdev_unlock(dev->ieee80211_ptr);
2940
2941 return err;
2942}
2943
2944
2945static int validate_acl_mac_addrs(struct nlattr *nl_attr)
2946{
2947 struct nlattr *attr;
2948 int n_entries = 0, tmp;
2949
2950 nla_for_each_nested(attr, nl_attr, tmp) {
2951 if (nla_len(attr) != ETH_ALEN)
2952 return -EINVAL;
2953
2954 n_entries++;
2955 }
2956
2957 return n_entries;
2958}
2959
2960
2961
2962
2963
2964
2965static struct cfg80211_acl_data *parse_acl_data(struct wiphy *wiphy,
2966 struct genl_info *info)
2967{
2968 enum nl80211_acl_policy acl_policy;
2969 struct nlattr *attr;
2970 struct cfg80211_acl_data *acl;
2971 int i = 0, n_entries, tmp;
2972
2973 if (!wiphy->max_acl_mac_addrs)
2974 return ERR_PTR(-EOPNOTSUPP);
2975
2976 if (!info->attrs[NL80211_ATTR_ACL_POLICY])
2977 return ERR_PTR(-EINVAL);
2978
2979 acl_policy = nla_get_u32(info->attrs[NL80211_ATTR_ACL_POLICY]);
2980 if (acl_policy != NL80211_ACL_POLICY_ACCEPT_UNLESS_LISTED &&
2981 acl_policy != NL80211_ACL_POLICY_DENY_UNLESS_LISTED)
2982 return ERR_PTR(-EINVAL);
2983
2984 if (!info->attrs[NL80211_ATTR_MAC_ADDRS])
2985 return ERR_PTR(-EINVAL);
2986
2987 n_entries = validate_acl_mac_addrs(info->attrs[NL80211_ATTR_MAC_ADDRS]);
2988 if (n_entries < 0)
2989 return ERR_PTR(n_entries);
2990
2991 if (n_entries > wiphy->max_acl_mac_addrs)
2992 return ERR_PTR(-ENOTSUPP);
2993
2994 acl = kzalloc(sizeof(*acl) + (sizeof(struct mac_address) * n_entries),
2995 GFP_KERNEL);
2996 if (!acl)
2997 return ERR_PTR(-ENOMEM);
2998
2999 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_MAC_ADDRS], tmp) {
3000 memcpy(acl->mac_addrs[i].addr, nla_data(attr), ETH_ALEN);
3001 i++;
3002 }
3003
3004 acl->n_acl_entries = n_entries;
3005 acl->acl_policy = acl_policy;
3006
3007 return acl;
3008}
3009
3010static int nl80211_set_mac_acl(struct sk_buff *skb, struct genl_info *info)
3011{
3012 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3013 struct net_device *dev = info->user_ptr[1];
3014 struct cfg80211_acl_data *acl;
3015 int err;
3016
3017 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
3018 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
3019 return -EOPNOTSUPP;
3020
3021 if (!dev->ieee80211_ptr->beacon_interval)
3022 return -EINVAL;
3023
3024 acl = parse_acl_data(&rdev->wiphy, info);
3025 if (IS_ERR(acl))
3026 return PTR_ERR(acl);
3027
3028 err = rdev_set_mac_acl(rdev, dev, acl);
3029
3030 kfree(acl);
3031
3032 return err;
3033}
3034
3035static int nl80211_parse_beacon(struct nlattr *attrs[],
3036 struct cfg80211_beacon_data *bcn)
3037{
3038 bool haveinfo = false;
3039
3040 if (!is_valid_ie_attr(attrs[NL80211_ATTR_BEACON_TAIL]) ||
3041 !is_valid_ie_attr(attrs[NL80211_ATTR_IE]) ||
3042 !is_valid_ie_attr(attrs[NL80211_ATTR_IE_PROBE_RESP]) ||
3043 !is_valid_ie_attr(attrs[NL80211_ATTR_IE_ASSOC_RESP]))
3044 return -EINVAL;
3045
3046 memset(bcn, 0, sizeof(*bcn));
3047
3048 if (attrs[NL80211_ATTR_BEACON_HEAD]) {
3049 bcn->head = nla_data(attrs[NL80211_ATTR_BEACON_HEAD]);
3050 bcn->head_len = nla_len(attrs[NL80211_ATTR_BEACON_HEAD]);
3051 if (!bcn->head_len)
3052 return -EINVAL;
3053 haveinfo = true;
3054 }
3055
3056 if (attrs[NL80211_ATTR_BEACON_TAIL]) {
3057 bcn->tail = nla_data(attrs[NL80211_ATTR_BEACON_TAIL]);
3058 bcn->tail_len = nla_len(attrs[NL80211_ATTR_BEACON_TAIL]);
3059 haveinfo = true;
3060 }
3061
3062 if (!haveinfo)
3063 return -EINVAL;
3064
3065 if (attrs[NL80211_ATTR_IE]) {
3066 bcn->beacon_ies = nla_data(attrs[NL80211_ATTR_IE]);
3067 bcn->beacon_ies_len = nla_len(attrs[NL80211_ATTR_IE]);
3068 }
3069
3070 if (attrs[NL80211_ATTR_IE_PROBE_RESP]) {
3071 bcn->proberesp_ies =
3072 nla_data(attrs[NL80211_ATTR_IE_PROBE_RESP]);
3073 bcn->proberesp_ies_len =
3074 nla_len(attrs[NL80211_ATTR_IE_PROBE_RESP]);
3075 }
3076
3077 if (attrs[NL80211_ATTR_IE_ASSOC_RESP]) {
3078 bcn->assocresp_ies =
3079 nla_data(attrs[NL80211_ATTR_IE_ASSOC_RESP]);
3080 bcn->assocresp_ies_len =
3081 nla_len(attrs[NL80211_ATTR_IE_ASSOC_RESP]);
3082 }
3083
3084 if (attrs[NL80211_ATTR_PROBE_RESP]) {
3085 bcn->probe_resp = nla_data(attrs[NL80211_ATTR_PROBE_RESP]);
3086 bcn->probe_resp_len = nla_len(attrs[NL80211_ATTR_PROBE_RESP]);
3087 }
3088
3089 return 0;
3090}
3091
3092static bool nl80211_get_ap_channel(struct cfg80211_registered_device *rdev,
3093 struct cfg80211_ap_settings *params)
3094{
3095 struct wireless_dev *wdev;
3096 bool ret = false;
3097
3098 list_for_each_entry(wdev, &rdev->wdev_list, list) {
3099 if (wdev->iftype != NL80211_IFTYPE_AP &&
3100 wdev->iftype != NL80211_IFTYPE_P2P_GO)
3101 continue;
3102
3103 if (!wdev->preset_chandef.chan)
3104 continue;
3105
3106 params->chandef = wdev->preset_chandef;
3107 ret = true;
3108 break;
3109 }
3110
3111 return ret;
3112}
3113
3114static bool nl80211_valid_auth_type(struct cfg80211_registered_device *rdev,
3115 enum nl80211_auth_type auth_type,
3116 enum nl80211_commands cmd)
3117{
3118 if (auth_type > NL80211_AUTHTYPE_MAX)
3119 return false;
3120
3121 switch (cmd) {
3122 case NL80211_CMD_AUTHENTICATE:
3123 if (!(rdev->wiphy.features & NL80211_FEATURE_SAE) &&
3124 auth_type == NL80211_AUTHTYPE_SAE)
3125 return false;
3126 return true;
3127 case NL80211_CMD_CONNECT:
3128 case NL80211_CMD_START_AP:
3129
3130 if (auth_type == NL80211_AUTHTYPE_SAE)
3131 return false;
3132 return true;
3133 default:
3134 return false;
3135 }
3136}
3137
3138static int nl80211_start_ap(struct sk_buff *skb, struct genl_info *info)
3139{
3140 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3141 struct net_device *dev = info->user_ptr[1];
3142 struct wireless_dev *wdev = dev->ieee80211_ptr;
3143 struct cfg80211_ap_settings params;
3144 int err;
3145 u8 radar_detect_width = 0;
3146
3147 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
3148 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
3149 return -EOPNOTSUPP;
3150
3151 if (!rdev->ops->start_ap)
3152 return -EOPNOTSUPP;
3153
3154 if (wdev->beacon_interval)
3155 return -EALREADY;
3156
3157 memset(¶ms, 0, sizeof(params));
3158
3159
3160 if (!info->attrs[NL80211_ATTR_BEACON_INTERVAL] ||
3161 !info->attrs[NL80211_ATTR_DTIM_PERIOD] ||
3162 !info->attrs[NL80211_ATTR_BEACON_HEAD])
3163 return -EINVAL;
3164
3165 err = nl80211_parse_beacon(info->attrs, ¶ms.beacon);
3166 if (err)
3167 return err;
3168
3169 params.beacon_interval =
3170 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]);
3171 params.dtim_period =
3172 nla_get_u32(info->attrs[NL80211_ATTR_DTIM_PERIOD]);
3173
3174 err = cfg80211_validate_beacon_int(rdev, params.beacon_interval);
3175 if (err)
3176 return err;
3177
3178
3179
3180
3181
3182
3183
3184
3185 if (info->attrs[NL80211_ATTR_SSID]) {
3186 params.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
3187 params.ssid_len =
3188 nla_len(info->attrs[NL80211_ATTR_SSID]);
3189 if (params.ssid_len == 0 ||
3190 params.ssid_len > IEEE80211_MAX_SSID_LEN)
3191 return -EINVAL;
3192 }
3193
3194 if (info->attrs[NL80211_ATTR_HIDDEN_SSID]) {
3195 params.hidden_ssid = nla_get_u32(
3196 info->attrs[NL80211_ATTR_HIDDEN_SSID]);
3197 if (params.hidden_ssid != NL80211_HIDDEN_SSID_NOT_IN_USE &&
3198 params.hidden_ssid != NL80211_HIDDEN_SSID_ZERO_LEN &&
3199 params.hidden_ssid != NL80211_HIDDEN_SSID_ZERO_CONTENTS)
3200 return -EINVAL;
3201 }
3202
3203 params.privacy = !!info->attrs[NL80211_ATTR_PRIVACY];
3204
3205 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) {
3206 params.auth_type = nla_get_u32(
3207 info->attrs[NL80211_ATTR_AUTH_TYPE]);
3208 if (!nl80211_valid_auth_type(rdev, params.auth_type,
3209 NL80211_CMD_START_AP))
3210 return -EINVAL;
3211 } else
3212 params.auth_type = NL80211_AUTHTYPE_AUTOMATIC;
3213
3214 err = nl80211_crypto_settings(rdev, info, ¶ms.crypto,
3215 NL80211_MAX_NR_CIPHER_SUITES);
3216 if (err)
3217 return err;
3218
3219 if (info->attrs[NL80211_ATTR_INACTIVITY_TIMEOUT]) {
3220 if (!(rdev->wiphy.features & NL80211_FEATURE_INACTIVITY_TIMER))
3221 return -EOPNOTSUPP;
3222 params.inactivity_timeout = nla_get_u16(
3223 info->attrs[NL80211_ATTR_INACTIVITY_TIMEOUT]);
3224 }
3225
3226 if (info->attrs[NL80211_ATTR_P2P_CTWINDOW]) {
3227 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
3228 return -EINVAL;
3229 params.p2p_ctwindow =
3230 nla_get_u8(info->attrs[NL80211_ATTR_P2P_CTWINDOW]);
3231 if (params.p2p_ctwindow > 127)
3232 return -EINVAL;
3233 if (params.p2p_ctwindow != 0 &&
3234 !(rdev->wiphy.features & NL80211_FEATURE_P2P_GO_CTWIN))
3235 return -EINVAL;
3236 }
3237
3238 if (info->attrs[NL80211_ATTR_P2P_OPPPS]) {
3239 u8 tmp;
3240
3241 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
3242 return -EINVAL;
3243 tmp = nla_get_u8(info->attrs[NL80211_ATTR_P2P_OPPPS]);
3244 if (tmp > 1)
3245 return -EINVAL;
3246 params.p2p_opp_ps = tmp;
3247 if (params.p2p_opp_ps != 0 &&
3248 !(rdev->wiphy.features & NL80211_FEATURE_P2P_GO_OPPPS))
3249 return -EINVAL;
3250 }
3251
3252 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
3253 err = nl80211_parse_chandef(rdev, info, ¶ms.chandef);
3254 if (err)
3255 return err;
3256 } else if (wdev->preset_chandef.chan) {
3257 params.chandef = wdev->preset_chandef;
3258 } else if (!nl80211_get_ap_channel(rdev, ¶ms))
3259 return -EINVAL;
3260
3261 if (!cfg80211_reg_can_beacon(&rdev->wiphy, ¶ms.chandef))
3262 return -EINVAL;
3263
3264 err = cfg80211_chandef_dfs_required(wdev->wiphy, ¶ms.chandef);
3265 if (err < 0)
3266 return err;
3267 if (err) {
3268 radar_detect_width = BIT(params.chandef.width);
3269 params.radar_required = true;
3270 }
3271
3272 err = cfg80211_can_use_iftype_chan(rdev, wdev, wdev->iftype,
3273 params.chandef.chan,
3274 CHAN_MODE_SHARED,
3275 radar_detect_width);
3276 if (err)
3277 return err;
3278
3279 if (info->attrs[NL80211_ATTR_ACL_POLICY]) {
3280 params.acl = parse_acl_data(&rdev->wiphy, info);
3281 if (IS_ERR(params.acl))
3282 return PTR_ERR(params.acl);
3283 }
3284
3285 wdev_lock(wdev);
3286 err = rdev_start_ap(rdev, dev, ¶ms);
3287 if (!err) {
3288 wdev->preset_chandef = params.chandef;
3289 wdev->beacon_interval = params.beacon_interval;
3290 wdev->chandef = params.chandef;
3291 wdev->ssid_len = params.ssid_len;
3292 memcpy(wdev->ssid, params.ssid, wdev->ssid_len);
3293 }
3294 wdev_unlock(wdev);
3295
3296 kfree(params.acl);
3297
3298 return err;
3299}
3300
3301static int nl80211_set_beacon(struct sk_buff *skb, struct genl_info *info)
3302{
3303 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3304 struct net_device *dev = info->user_ptr[1];
3305 struct wireless_dev *wdev = dev->ieee80211_ptr;
3306 struct cfg80211_beacon_data params;
3307 int err;
3308
3309 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
3310 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
3311 return -EOPNOTSUPP;
3312
3313 if (!rdev->ops->change_beacon)
3314 return -EOPNOTSUPP;
3315
3316 if (!wdev->beacon_interval)
3317 return -EINVAL;
3318
3319 err = nl80211_parse_beacon(info->attrs, ¶ms);
3320 if (err)
3321 return err;
3322
3323 wdev_lock(wdev);
3324 err = rdev_change_beacon(rdev, dev, ¶ms);
3325 wdev_unlock(wdev);
3326
3327 return err;
3328}
3329
3330static int nl80211_stop_ap(struct sk_buff *skb, struct genl_info *info)
3331{
3332 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3333 struct net_device *dev = info->user_ptr[1];
3334
3335 return cfg80211_stop_ap(rdev, dev, false);
3336}
3337
3338static const struct nla_policy sta_flags_policy[NL80211_STA_FLAG_MAX + 1] = {
3339 [NL80211_STA_FLAG_AUTHORIZED] = { .type = NLA_FLAG },
3340 [NL80211_STA_FLAG_SHORT_PREAMBLE] = { .type = NLA_FLAG },
3341 [NL80211_STA_FLAG_WME] = { .type = NLA_FLAG },
3342 [NL80211_STA_FLAG_MFP] = { .type = NLA_FLAG },
3343 [NL80211_STA_FLAG_AUTHENTICATED] = { .type = NLA_FLAG },
3344 [NL80211_STA_FLAG_TDLS_PEER] = { .type = NLA_FLAG },
3345};
3346
3347static int parse_station_flags(struct genl_info *info,
3348 enum nl80211_iftype iftype,
3349 struct station_parameters *params)
3350{
3351 struct nlattr *flags[NL80211_STA_FLAG_MAX + 1];
3352 struct nlattr *nla;
3353 int flag;
3354
3355
3356
3357
3358
3359 nla = info->attrs[NL80211_ATTR_STA_FLAGS2];
3360 if (nla) {
3361 struct nl80211_sta_flag_update *sta_flags;
3362
3363 sta_flags = nla_data(nla);
3364 params->sta_flags_mask = sta_flags->mask;
3365 params->sta_flags_set = sta_flags->set;
3366 params->sta_flags_set &= params->sta_flags_mask;
3367 if ((params->sta_flags_mask |
3368 params->sta_flags_set) & BIT(__NL80211_STA_FLAG_INVALID))
3369 return -EINVAL;
3370 return 0;
3371 }
3372
3373
3374
3375 nla = info->attrs[NL80211_ATTR_STA_FLAGS];
3376 if (!nla)
3377 return 0;
3378
3379 if (nla_parse_nested(flags, NL80211_STA_FLAG_MAX,
3380 nla, sta_flags_policy))
3381 return -EINVAL;
3382
3383
3384
3385
3386
3387
3388
3389 switch (iftype) {
3390 case NL80211_IFTYPE_AP:
3391 case NL80211_IFTYPE_AP_VLAN:
3392 case NL80211_IFTYPE_P2P_GO:
3393 params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHORIZED) |
3394 BIT(NL80211_STA_FLAG_SHORT_PREAMBLE) |
3395 BIT(NL80211_STA_FLAG_WME) |
3396 BIT(NL80211_STA_FLAG_MFP);
3397 break;
3398 case NL80211_IFTYPE_P2P_CLIENT:
3399 case NL80211_IFTYPE_STATION:
3400 params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHORIZED) |
3401 BIT(NL80211_STA_FLAG_TDLS_PEER);
3402 break;
3403 case NL80211_IFTYPE_MESH_POINT:
3404 params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHENTICATED) |
3405 BIT(NL80211_STA_FLAG_MFP) |
3406 BIT(NL80211_STA_FLAG_AUTHORIZED);
3407 default:
3408 return -EINVAL;
3409 }
3410
3411 for (flag = 1; flag <= NL80211_STA_FLAG_MAX; flag++) {
3412 if (flags[flag]) {
3413 params->sta_flags_set |= (1<<flag);
3414
3415
3416 if (flag > NL80211_STA_FLAG_MAX_OLD_API)
3417 return -EINVAL;
3418 }
3419 }
3420
3421 return 0;
3422}
3423
3424static bool nl80211_put_sta_rate(struct sk_buff *msg, struct rate_info *info,
3425 int attr)
3426{
3427 struct nlattr *rate;
3428 u32 bitrate;
3429 u16 bitrate_compat;
3430
3431 rate = nla_nest_start(msg, attr);
3432 if (!rate)
3433 return false;
3434
3435
3436 bitrate = cfg80211_calculate_bitrate(info);
3437
3438 bitrate_compat = bitrate < (1UL << 16) ? bitrate : 0;
3439 if (bitrate > 0 &&
3440 nla_put_u32(msg, NL80211_RATE_INFO_BITRATE32, bitrate))
3441 return false;
3442 if (bitrate_compat > 0 &&
3443 nla_put_u16(msg, NL80211_RATE_INFO_BITRATE, bitrate_compat))
3444 return false;
3445
3446 if (info->flags & RATE_INFO_FLAGS_MCS) {
3447 if (nla_put_u8(msg, NL80211_RATE_INFO_MCS, info->mcs))
3448 return false;
3449 if (info->flags & RATE_INFO_FLAGS_40_MHZ_WIDTH &&
3450 nla_put_flag(msg, NL80211_RATE_INFO_40_MHZ_WIDTH))
3451 return false;
3452 if (info->flags & RATE_INFO_FLAGS_SHORT_GI &&
3453 nla_put_flag(msg, NL80211_RATE_INFO_SHORT_GI))
3454 return false;
3455 } else if (info->flags & RATE_INFO_FLAGS_VHT_MCS) {
3456 if (nla_put_u8(msg, NL80211_RATE_INFO_VHT_MCS, info->mcs))
3457 return false;
3458 if (nla_put_u8(msg, NL80211_RATE_INFO_VHT_NSS, info->nss))
3459 return false;
3460 if (info->flags & RATE_INFO_FLAGS_40_MHZ_WIDTH &&
3461 nla_put_flag(msg, NL80211_RATE_INFO_40_MHZ_WIDTH))
3462 return false;
3463 if (info->flags & RATE_INFO_FLAGS_80_MHZ_WIDTH &&
3464 nla_put_flag(msg, NL80211_RATE_INFO_80_MHZ_WIDTH))
3465 return false;
3466 if (info->flags & RATE_INFO_FLAGS_80P80_MHZ_WIDTH &&
3467 nla_put_flag(msg, NL80211_RATE_INFO_80P80_MHZ_WIDTH))
3468 return false;
3469 if (info->flags & RATE_INFO_FLAGS_160_MHZ_WIDTH &&
3470 nla_put_flag(msg, NL80211_RATE_INFO_160_MHZ_WIDTH))
3471 return false;
3472 if (info->flags & RATE_INFO_FLAGS_SHORT_GI &&
3473 nla_put_flag(msg, NL80211_RATE_INFO_SHORT_GI))
3474 return false;
3475 }
3476
3477 nla_nest_end(msg, rate);
3478 return true;
3479}
3480
3481static bool nl80211_put_signal(struct sk_buff *msg, u8 mask, s8 *signal,
3482 int id)
3483{
3484 void *attr;
3485 int i = 0;
3486
3487 if (!mask)
3488 return true;
3489
3490 attr = nla_nest_start(msg, id);
3491 if (!attr)
3492 return false;
3493
3494 for (i = 0; i < IEEE80211_MAX_CHAINS; i++) {
3495 if (!(mask & BIT(i)))
3496 continue;
3497
3498 if (nla_put_u8(msg, i, signal[i]))
3499 return false;
3500 }
3501
3502 nla_nest_end(msg, attr);
3503
3504 return true;
3505}
3506
3507static int nl80211_send_station(struct sk_buff *msg, u32 portid, u32 seq,
3508 int flags,
3509 struct cfg80211_registered_device *rdev,
3510 struct net_device *dev,
3511 const u8 *mac_addr, struct station_info *sinfo)
3512{
3513 void *hdr;
3514 struct nlattr *sinfoattr, *bss_param;
3515
3516 hdr = nl80211hdr_put(msg, portid, seq, flags, NL80211_CMD_NEW_STATION);
3517 if (!hdr)
3518 return -1;
3519
3520 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
3521 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr) ||
3522 nla_put_u32(msg, NL80211_ATTR_GENERATION, sinfo->generation))
3523 goto nla_put_failure;
3524
3525 sinfoattr = nla_nest_start(msg, NL80211_ATTR_STA_INFO);
3526 if (!sinfoattr)
3527 goto nla_put_failure;
3528 if ((sinfo->filled & STATION_INFO_CONNECTED_TIME) &&
3529 nla_put_u32(msg, NL80211_STA_INFO_CONNECTED_TIME,
3530 sinfo->connected_time))
3531 goto nla_put_failure;
3532 if ((sinfo->filled & STATION_INFO_INACTIVE_TIME) &&
3533 nla_put_u32(msg, NL80211_STA_INFO_INACTIVE_TIME,
3534 sinfo->inactive_time))
3535 goto nla_put_failure;
3536 if ((sinfo->filled & (STATION_INFO_RX_BYTES |
3537 STATION_INFO_RX_BYTES64)) &&
3538 nla_put_u32(msg, NL80211_STA_INFO_RX_BYTES,
3539 (u32)sinfo->rx_bytes))
3540 goto nla_put_failure;
3541 if ((sinfo->filled & (STATION_INFO_TX_BYTES |
3542 STATION_INFO_TX_BYTES64)) &&
3543 nla_put_u32(msg, NL80211_STA_INFO_TX_BYTES,
3544 (u32)sinfo->tx_bytes))
3545 goto nla_put_failure;
3546 if ((sinfo->filled & STATION_INFO_RX_BYTES64) &&
3547 nla_put_u64(msg, NL80211_STA_INFO_RX_BYTES64,
3548 sinfo->rx_bytes))
3549 goto nla_put_failure;
3550 if ((sinfo->filled & STATION_INFO_TX_BYTES64) &&
3551 nla_put_u64(msg, NL80211_STA_INFO_TX_BYTES64,
3552 sinfo->tx_bytes))
3553 goto nla_put_failure;
3554 if ((sinfo->filled & STATION_INFO_LLID) &&
3555 nla_put_u16(msg, NL80211_STA_INFO_LLID, sinfo->llid))
3556 goto nla_put_failure;
3557 if ((sinfo->filled & STATION_INFO_PLID) &&
3558 nla_put_u16(msg, NL80211_STA_INFO_PLID, sinfo->plid))
3559 goto nla_put_failure;
3560 if ((sinfo->filled & STATION_INFO_PLINK_STATE) &&
3561 nla_put_u8(msg, NL80211_STA_INFO_PLINK_STATE,
3562 sinfo->plink_state))
3563 goto nla_put_failure;
3564 switch (rdev->wiphy.signal_type) {
3565 case CFG80211_SIGNAL_TYPE_MBM:
3566 if ((sinfo->filled & STATION_INFO_SIGNAL) &&
3567 nla_put_u8(msg, NL80211_STA_INFO_SIGNAL,
3568 sinfo->signal))
3569 goto nla_put_failure;
3570 if ((sinfo->filled & STATION_INFO_SIGNAL_AVG) &&
3571 nla_put_u8(msg, NL80211_STA_INFO_SIGNAL_AVG,
3572 sinfo->signal_avg))
3573 goto nla_put_failure;
3574 break;
3575 default:
3576 break;
3577 }
3578 if (sinfo->filled & STATION_INFO_CHAIN_SIGNAL) {
3579 if (!nl80211_put_signal(msg, sinfo->chains,
3580 sinfo->chain_signal,
3581 NL80211_STA_INFO_CHAIN_SIGNAL))
3582 goto nla_put_failure;
3583 }
3584 if (sinfo->filled & STATION_INFO_CHAIN_SIGNAL_AVG) {
3585 if (!nl80211_put_signal(msg, sinfo->chains,
3586 sinfo->chain_signal_avg,
3587 NL80211_STA_INFO_CHAIN_SIGNAL_AVG))
3588 goto nla_put_failure;
3589 }
3590 if (sinfo->filled & STATION_INFO_TX_BITRATE) {
3591 if (!nl80211_put_sta_rate(msg, &sinfo->txrate,
3592 NL80211_STA_INFO_TX_BITRATE))
3593 goto nla_put_failure;
3594 }
3595 if (sinfo->filled & STATION_INFO_RX_BITRATE) {
3596 if (!nl80211_put_sta_rate(msg, &sinfo->rxrate,
3597 NL80211_STA_INFO_RX_BITRATE))
3598 goto nla_put_failure;
3599 }
3600 if ((sinfo->filled & STATION_INFO_RX_PACKETS) &&
3601 nla_put_u32(msg, NL80211_STA_INFO_RX_PACKETS,
3602 sinfo->rx_packets))
3603 goto nla_put_failure;
3604 if ((sinfo->filled & STATION_INFO_TX_PACKETS) &&
3605 nla_put_u32(msg, NL80211_STA_INFO_TX_PACKETS,
3606 sinfo->tx_packets))
3607 goto nla_put_failure;
3608 if ((sinfo->filled & STATION_INFO_TX_RETRIES) &&
3609 nla_put_u32(msg, NL80211_STA_INFO_TX_RETRIES,
3610 sinfo->tx_retries))
3611 goto nla_put_failure;
3612 if ((sinfo->filled & STATION_INFO_TX_FAILED) &&
3613 nla_put_u32(msg, NL80211_STA_INFO_TX_FAILED,
3614 sinfo->tx_failed))
3615 goto nla_put_failure;
3616 if ((sinfo->filled & STATION_INFO_BEACON_LOSS_COUNT) &&
3617 nla_put_u32(msg, NL80211_STA_INFO_BEACON_LOSS,
3618 sinfo->beacon_loss_count))
3619 goto nla_put_failure;
3620 if ((sinfo->filled & STATION_INFO_LOCAL_PM) &&
3621 nla_put_u32(msg, NL80211_STA_INFO_LOCAL_PM,
3622 sinfo->local_pm))
3623 goto nla_put_failure;
3624 if ((sinfo->filled & STATION_INFO_PEER_PM) &&
3625 nla_put_u32(msg, NL80211_STA_INFO_PEER_PM,
3626 sinfo->peer_pm))
3627 goto nla_put_failure;
3628 if ((sinfo->filled & STATION_INFO_NONPEER_PM) &&
3629 nla_put_u32(msg, NL80211_STA_INFO_NONPEER_PM,
3630 sinfo->nonpeer_pm))
3631 goto nla_put_failure;
3632 if (sinfo->filled & STATION_INFO_BSS_PARAM) {
3633 bss_param = nla_nest_start(msg, NL80211_STA_INFO_BSS_PARAM);
3634 if (!bss_param)
3635 goto nla_put_failure;
3636
3637 if (((sinfo->bss_param.flags & BSS_PARAM_FLAGS_CTS_PROT) &&
3638 nla_put_flag(msg, NL80211_STA_BSS_PARAM_CTS_PROT)) ||
3639 ((sinfo->bss_param.flags & BSS_PARAM_FLAGS_SHORT_PREAMBLE) &&
3640 nla_put_flag(msg, NL80211_STA_BSS_PARAM_SHORT_PREAMBLE)) ||
3641 ((sinfo->bss_param.flags & BSS_PARAM_FLAGS_SHORT_SLOT_TIME) &&
3642 nla_put_flag(msg, NL80211_STA_BSS_PARAM_SHORT_SLOT_TIME)) ||
3643 nla_put_u8(msg, NL80211_STA_BSS_PARAM_DTIM_PERIOD,
3644 sinfo->bss_param.dtim_period) ||
3645 nla_put_u16(msg, NL80211_STA_BSS_PARAM_BEACON_INTERVAL,
3646 sinfo->bss_param.beacon_interval))
3647 goto nla_put_failure;
3648
3649 nla_nest_end(msg, bss_param);
3650 }
3651 if ((sinfo->filled & STATION_INFO_STA_FLAGS) &&
3652 nla_put(msg, NL80211_STA_INFO_STA_FLAGS,
3653 sizeof(struct nl80211_sta_flag_update),
3654 &sinfo->sta_flags))
3655 goto nla_put_failure;
3656 if ((sinfo->filled & STATION_INFO_T_OFFSET) &&
3657 nla_put_u64(msg, NL80211_STA_INFO_T_OFFSET,
3658 sinfo->t_offset))
3659 goto nla_put_failure;
3660 nla_nest_end(msg, sinfoattr);
3661
3662 if ((sinfo->filled & STATION_INFO_ASSOC_REQ_IES) &&
3663 nla_put(msg, NL80211_ATTR_IE, sinfo->assoc_req_ies_len,
3664 sinfo->assoc_req_ies))
3665 goto nla_put_failure;
3666
3667 return genlmsg_end(msg, hdr);
3668
3669 nla_put_failure:
3670 genlmsg_cancel(msg, hdr);
3671 return -EMSGSIZE;
3672}
3673
3674static int nl80211_dump_station(struct sk_buff *skb,
3675 struct netlink_callback *cb)
3676{
3677 struct station_info sinfo;
3678 struct cfg80211_registered_device *dev;
3679 struct wireless_dev *wdev;
3680 u8 mac_addr[ETH_ALEN];
3681 int sta_idx = cb->args[2];
3682 int err;
3683
3684 err = nl80211_prepare_wdev_dump(skb, cb, &dev, &wdev);
3685 if (err)
3686 return err;
3687
3688 if (!wdev->netdev) {
3689 err = -EINVAL;
3690 goto out_err;
3691 }
3692
3693 if (!dev->ops->dump_station) {
3694 err = -EOPNOTSUPP;
3695 goto out_err;
3696 }
3697
3698 while (1) {
3699 memset(&sinfo, 0, sizeof(sinfo));
3700 err = rdev_dump_station(dev, wdev->netdev, sta_idx,
3701 mac_addr, &sinfo);
3702 if (err == -ENOENT)
3703 break;
3704 if (err)
3705 goto out_err;
3706
3707 if (nl80211_send_station(skb,
3708 NETLINK_CB(cb->skb).portid,
3709 cb->nlh->nlmsg_seq, NLM_F_MULTI,
3710 dev, wdev->netdev, mac_addr,
3711 &sinfo) < 0)
3712 goto out;
3713
3714 sta_idx++;
3715 }
3716
3717
3718 out:
3719 cb->args[2] = sta_idx;
3720 err = skb->len;
3721 out_err:
3722 nl80211_finish_wdev_dump(dev);
3723
3724 return err;
3725}
3726
3727static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info)
3728{
3729 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3730 struct net_device *dev = info->user_ptr[1];
3731 struct station_info sinfo;
3732 struct sk_buff *msg;
3733 u8 *mac_addr = NULL;
3734 int err;
3735
3736 memset(&sinfo, 0, sizeof(sinfo));
3737
3738 if (!info->attrs[NL80211_ATTR_MAC])
3739 return -EINVAL;
3740
3741 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
3742
3743 if (!rdev->ops->get_station)
3744 return -EOPNOTSUPP;
3745
3746 err = rdev_get_station(rdev, dev, mac_addr, &sinfo);
3747 if (err)
3748 return err;
3749
3750 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
3751 if (!msg)
3752 return -ENOMEM;
3753
3754 if (nl80211_send_station(msg, info->snd_portid, info->snd_seq, 0,
3755 rdev, dev, mac_addr, &sinfo) < 0) {
3756 nlmsg_free(msg);
3757 return -ENOBUFS;
3758 }
3759
3760 return genlmsg_reply(msg, info);
3761}
3762
3763int cfg80211_check_station_change(struct wiphy *wiphy,
3764 struct station_parameters *params,
3765 enum cfg80211_station_type statype)
3766{
3767 if (params->listen_interval != -1)
3768 return -EINVAL;
3769 if (params->aid)
3770 return -EINVAL;
3771
3772
3773 BUILD_BUG_ON(NL80211_STA_FLAG_MAX != 7);
3774
3775 switch (statype) {
3776 case CFG80211_STA_MESH_PEER_KERNEL:
3777 case CFG80211_STA_MESH_PEER_USER:
3778
3779
3780
3781
3782
3783 if (params->sta_flags_mask &
3784 ~(BIT(NL80211_STA_FLAG_AUTHENTICATED) |
3785 BIT(NL80211_STA_FLAG_MFP) |
3786 BIT(NL80211_STA_FLAG_AUTHORIZED)))
3787 return -EINVAL;
3788 break;
3789 case CFG80211_STA_TDLS_PEER_SETUP:
3790 case CFG80211_STA_TDLS_PEER_ACTIVE:
3791 if (!(params->sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)))
3792 return -EINVAL;
3793
3794 params->sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
3795 break;
3796 default:
3797
3798 if (params->plink_action != NL80211_PLINK_ACTION_NO_ACTION)
3799 return -EINVAL;
3800 if (params->local_pm)
3801 return -EINVAL;
3802 if (params->sta_modify_mask & STATION_PARAM_APPLY_PLINK_STATE)
3803 return -EINVAL;
3804 }
3805
3806 if (statype != CFG80211_STA_TDLS_PEER_SETUP &&
3807 statype != CFG80211_STA_TDLS_PEER_ACTIVE) {
3808
3809 if (params->sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER))
3810 return -EINVAL;
3811
3812
3813
3814
3815
3816 params->sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
3817 }
3818
3819 if (statype != CFG80211_STA_TDLS_PEER_SETUP) {
3820
3821 if (params->sta_modify_mask & STATION_PARAM_APPLY_UAPSD)
3822 return -EINVAL;
3823 if (params->sta_modify_mask & STATION_PARAM_APPLY_CAPABILITY)
3824 return -EINVAL;
3825 if (params->supported_rates)
3826 return -EINVAL;
3827 if (params->ext_capab || params->ht_capa || params->vht_capa)
3828 return -EINVAL;
3829 }
3830
3831 if (statype != CFG80211_STA_AP_CLIENT) {
3832 if (params->vlan)
3833 return -EINVAL;
3834 }
3835
3836 switch (statype) {
3837 case CFG80211_STA_AP_MLME_CLIENT:
3838
3839 if (!(params->sta_flags_mask & BIT(NL80211_STA_FLAG_AUTHORIZED)))
3840 return -EOPNOTSUPP;
3841 break;
3842 case CFG80211_STA_AP_CLIENT:
3843
3844 if (params->sta_flags_mask &
3845 ~(BIT(NL80211_STA_FLAG_AUTHORIZED) |
3846 BIT(NL80211_STA_FLAG_AUTHENTICATED) |
3847 BIT(NL80211_STA_FLAG_ASSOCIATED) |
3848 BIT(NL80211_STA_FLAG_SHORT_PREAMBLE) |
3849 BIT(NL80211_STA_FLAG_WME) |
3850 BIT(NL80211_STA_FLAG_MFP)))
3851 return -EINVAL;
3852
3853
3854 if (!(wiphy->features & NL80211_FEATURE_FULL_AP_CLIENT_STATE) &&
3855 params->sta_flags_mask &
3856 (BIT(NL80211_STA_FLAG_AUTHENTICATED) |
3857 BIT(NL80211_STA_FLAG_ASSOCIATED)))
3858 return -EINVAL;
3859 break;
3860 case CFG80211_STA_IBSS:
3861 case CFG80211_STA_AP_STA:
3862
3863 if (params->sta_flags_mask & ~BIT(NL80211_STA_FLAG_AUTHORIZED))
3864 return -EINVAL;
3865 break;
3866 case CFG80211_STA_TDLS_PEER_SETUP:
3867
3868 if (params->sta_flags_mask & ~(BIT(NL80211_STA_FLAG_AUTHORIZED) |
3869 BIT(NL80211_STA_FLAG_WME)))
3870 return -EINVAL;
3871
3872 if (params->sta_flags_set & BIT(NL80211_STA_FLAG_AUTHORIZED) &&
3873 !params->supported_rates)
3874 return -EINVAL;
3875 break;
3876 case CFG80211_STA_TDLS_PEER_ACTIVE:
3877
3878 return -EINVAL;
3879 case CFG80211_STA_MESH_PEER_KERNEL:
3880 if (params->sta_modify_mask & STATION_PARAM_APPLY_PLINK_STATE)
3881 return -EINVAL;
3882 break;
3883 case CFG80211_STA_MESH_PEER_USER:
3884 if (params->plink_action != NL80211_PLINK_ACTION_NO_ACTION)
3885 return -EINVAL;
3886 break;
3887 }
3888
3889 return 0;
3890}
3891EXPORT_SYMBOL(cfg80211_check_station_change);
3892
3893
3894
3895
3896static struct net_device *get_vlan(struct genl_info *info,
3897 struct cfg80211_registered_device *rdev)
3898{
3899 struct nlattr *vlanattr = info->attrs[NL80211_ATTR_STA_VLAN];
3900 struct net_device *v;
3901 int ret;
3902
3903 if (!vlanattr)
3904 return NULL;
3905
3906 v = dev_get_by_index(genl_info_net(info), nla_get_u32(vlanattr));
3907 if (!v)
3908 return ERR_PTR(-ENODEV);
3909
3910 if (!v->ieee80211_ptr || v->ieee80211_ptr->wiphy != &rdev->wiphy) {
3911 ret = -EINVAL;
3912 goto error;
3913 }
3914
3915 if (v->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN &&
3916 v->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
3917 v->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) {
3918 ret = -EINVAL;
3919 goto error;
3920 }
3921
3922 if (!netif_running(v)) {
3923 ret = -ENETDOWN;
3924 goto error;
3925 }
3926
3927 return v;
3928 error:
3929 dev_put(v);
3930 return ERR_PTR(ret);
3931}
3932
3933static const struct nla_policy
3934nl80211_sta_wme_policy[NL80211_STA_WME_MAX + 1] = {
3935 [NL80211_STA_WME_UAPSD_QUEUES] = { .type = NLA_U8 },
3936 [NL80211_STA_WME_MAX_SP] = { .type = NLA_U8 },
3937};
3938
3939static int nl80211_parse_sta_wme(struct genl_info *info,
3940 struct station_parameters *params)
3941{
3942 struct nlattr *tb[NL80211_STA_WME_MAX + 1];
3943 struct nlattr *nla;
3944 int err;
3945
3946
3947 if (!info->attrs[NL80211_ATTR_STA_WME])
3948 return 0;
3949
3950 nla = info->attrs[NL80211_ATTR_STA_WME];
3951 err = nla_parse_nested(tb, NL80211_STA_WME_MAX, nla,
3952 nl80211_sta_wme_policy);
3953 if (err)
3954 return err;
3955
3956 if (tb[NL80211_STA_WME_UAPSD_QUEUES])
3957 params->uapsd_queues = nla_get_u8(
3958 tb[NL80211_STA_WME_UAPSD_QUEUES]);
3959 if (params->uapsd_queues & ~IEEE80211_WMM_IE_STA_QOSINFO_AC_MASK)
3960 return -EINVAL;
3961
3962 if (tb[NL80211_STA_WME_MAX_SP])
3963 params->max_sp = nla_get_u8(tb[NL80211_STA_WME_MAX_SP]);
3964
3965 if (params->max_sp & ~IEEE80211_WMM_IE_STA_QOSINFO_SP_MASK)
3966 return -EINVAL;
3967
3968 params->sta_modify_mask |= STATION_PARAM_APPLY_UAPSD;
3969
3970 return 0;
3971}
3972
3973static int nl80211_parse_sta_channel_info(struct genl_info *info,
3974 struct station_parameters *params)
3975{
3976 if (info->attrs[NL80211_ATTR_STA_SUPPORTED_CHANNELS]) {
3977 params->supported_channels =
3978 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_CHANNELS]);
3979 params->supported_channels_len =
3980 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_CHANNELS]);
3981
3982
3983
3984
3985
3986 if (params->supported_channels_len < 2)
3987 return -EINVAL;
3988 if (params->supported_channels_len % 2)
3989 return -EINVAL;
3990 }
3991
3992 if (info->attrs[NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES]) {
3993 params->supported_oper_classes =
3994 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES]);
3995 params->supported_oper_classes_len =
3996 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES]);
3997
3998
3999
4000
4001 if (params->supported_oper_classes_len < 2 ||
4002 params->supported_oper_classes_len > 253)
4003 return -EINVAL;
4004 }
4005 return 0;
4006}
4007
4008static int nl80211_set_station_tdls(struct genl_info *info,
4009 struct station_parameters *params)
4010{
4011 int err;
4012
4013 if (info->attrs[NL80211_ATTR_PEER_AID])
4014 params->aid = nla_get_u16(info->attrs[NL80211_ATTR_PEER_AID]);
4015 if (info->attrs[NL80211_ATTR_HT_CAPABILITY])
4016 params->ht_capa =
4017 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]);
4018 if (info->attrs[NL80211_ATTR_VHT_CAPABILITY])
4019 params->vht_capa =
4020 nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY]);
4021
4022 err = nl80211_parse_sta_channel_info(info, params);
4023 if (err)
4024 return err;
4025
4026 return nl80211_parse_sta_wme(info, params);
4027}
4028
4029static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info)
4030{
4031 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4032 struct net_device *dev = info->user_ptr[1];
4033 struct station_parameters params;
4034 u8 *mac_addr;
4035 int err;
4036
4037 memset(¶ms, 0, sizeof(params));
4038
4039 params.listen_interval = -1;
4040
4041 if (!rdev->ops->change_station)
4042 return -EOPNOTSUPP;
4043
4044 if (info->attrs[NL80211_ATTR_STA_AID])
4045 return -EINVAL;
4046
4047 if (!info->attrs[NL80211_ATTR_MAC])
4048 return -EINVAL;
4049
4050 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
4051
4052 if (info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) {
4053 params.supported_rates =
4054 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
4055 params.supported_rates_len =
4056 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
4057 }
4058
4059 if (info->attrs[NL80211_ATTR_STA_CAPABILITY]) {
4060 params.capability =
4061 nla_get_u16(info->attrs[NL80211_ATTR_STA_CAPABILITY]);
4062 params.sta_modify_mask |= STATION_PARAM_APPLY_CAPABILITY;
4063 }
4064
4065 if (info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]) {
4066 params.ext_capab =
4067 nla_data(info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]);
4068 params.ext_capab_len =
4069 nla_len(info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]);
4070 }
4071
4072 if (info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL])
4073 return -EINVAL;
4074
4075 if (parse_station_flags(info, dev->ieee80211_ptr->iftype, ¶ms))
4076 return -EINVAL;
4077
4078 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION]) {
4079 params.plink_action =
4080 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]);
4081 if (params.plink_action >= NUM_NL80211_PLINK_ACTIONS)
4082 return -EINVAL;
4083 }
4084
4085 if (info->attrs[NL80211_ATTR_STA_PLINK_STATE]) {
4086 params.plink_state =
4087 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_STATE]);
4088 if (params.plink_state >= NUM_NL80211_PLINK_STATES)
4089 return -EINVAL;
4090 params.sta_modify_mask |= STATION_PARAM_APPLY_PLINK_STATE;
4091 }
4092
4093 if (info->attrs[NL80211_ATTR_LOCAL_MESH_POWER_MODE]) {
4094 enum nl80211_mesh_power_mode pm = nla_get_u32(
4095 info->attrs[NL80211_ATTR_LOCAL_MESH_POWER_MODE]);
4096
4097 if (pm <= NL80211_MESH_POWER_UNKNOWN ||
4098 pm > NL80211_MESH_POWER_MAX)
4099 return -EINVAL;
4100
4101 params.local_pm = pm;
4102 }
4103
4104
4105 err = nl80211_set_station_tdls(info, ¶ms);
4106 if (err)
4107 return err;
4108
4109 params.vlan = get_vlan(info, rdev);
4110 if (IS_ERR(params.vlan))
4111 return PTR_ERR(params.vlan);
4112
4113 switch (dev->ieee80211_ptr->iftype) {
4114 case NL80211_IFTYPE_AP:
4115 case NL80211_IFTYPE_AP_VLAN:
4116 case NL80211_IFTYPE_P2P_GO:
4117 case NL80211_IFTYPE_P2P_CLIENT:
4118 case NL80211_IFTYPE_STATION:
4119 case NL80211_IFTYPE_ADHOC:
4120 case NL80211_IFTYPE_MESH_POINT:
4121 break;
4122 default:
4123 err = -EOPNOTSUPP;
4124 goto out_put_vlan;
4125 }
4126
4127
4128 err = rdev_change_station(rdev, dev, mac_addr, ¶ms);
4129
4130 out_put_vlan:
4131 if (params.vlan)
4132 dev_put(params.vlan);
4133
4134 return err;
4135}
4136
4137static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info)
4138{
4139 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4140 int err;
4141 struct net_device *dev = info->user_ptr[1];
4142 struct station_parameters params;
4143 u8 *mac_addr = NULL;
4144
4145 memset(¶ms, 0, sizeof(params));
4146
4147 if (!rdev->ops->add_station)
4148 return -EOPNOTSUPP;
4149
4150 if (!info->attrs[NL80211_ATTR_MAC])
4151 return -EINVAL;
4152
4153 if (!info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL])
4154 return -EINVAL;
4155
4156 if (!info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES])
4157 return -EINVAL;
4158
4159 if (!info->attrs[NL80211_ATTR_STA_AID] &&
4160 !info->attrs[NL80211_ATTR_PEER_AID])
4161 return -EINVAL;
4162
4163 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
4164 params.supported_rates =
4165 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
4166 params.supported_rates_len =
4167 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
4168 params.listen_interval =
4169 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]);
4170
4171 if (info->attrs[NL80211_ATTR_PEER_AID])
4172 params.aid = nla_get_u16(info->attrs[NL80211_ATTR_PEER_AID]);
4173 else
4174 params.aid = nla_get_u16(info->attrs[NL80211_ATTR_STA_AID]);
4175 if (!params.aid || params.aid > IEEE80211_MAX_AID)
4176 return -EINVAL;
4177
4178 if (info->attrs[NL80211_ATTR_STA_CAPABILITY]) {
4179 params.capability =
4180 nla_get_u16(info->attrs[NL80211_ATTR_STA_CAPABILITY]);
4181 params.sta_modify_mask |= STATION_PARAM_APPLY_CAPABILITY;
4182 }
4183
4184 if (info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]) {
4185 params.ext_capab =
4186 nla_data(info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]);
4187 params.ext_capab_len =
4188 nla_len(info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]);
4189 }
4190
4191 if (info->attrs[NL80211_ATTR_HT_CAPABILITY])
4192 params.ht_capa =
4193 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]);
4194
4195 if (info->attrs[NL80211_ATTR_VHT_CAPABILITY])
4196 params.vht_capa =
4197 nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY]);
4198
4199 if (info->attrs[NL80211_ATTR_OPMODE_NOTIF]) {
4200 params.opmode_notif_used = true;
4201 params.opmode_notif =
4202 nla_get_u8(info->attrs[NL80211_ATTR_OPMODE_NOTIF]);
4203 }
4204
4205 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION]) {
4206 params.plink_action =
4207 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]);
4208 if (params.plink_action >= NUM_NL80211_PLINK_ACTIONS)
4209 return -EINVAL;
4210 }
4211
4212 err = nl80211_parse_sta_channel_info(info, ¶ms);
4213 if (err)
4214 return err;
4215
4216 err = nl80211_parse_sta_wme(info, ¶ms);
4217 if (err)
4218 return err;
4219
4220 if (parse_station_flags(info, dev->ieee80211_ptr->iftype, ¶ms))
4221 return -EINVAL;
4222
4223
4224 BUILD_BUG_ON(NL80211_STA_FLAG_MAX != 7);
4225
4226 switch (dev->ieee80211_ptr->iftype) {
4227 case NL80211_IFTYPE_AP:
4228 case NL80211_IFTYPE_AP_VLAN:
4229 case NL80211_IFTYPE_P2P_GO:
4230
4231 if (!(rdev->wiphy.flags & WIPHY_FLAG_AP_UAPSD) ||
4232 !(params.sta_flags_set & BIT(NL80211_STA_FLAG_WME)))
4233 params.sta_modify_mask &= ~STATION_PARAM_APPLY_UAPSD;
4234
4235
4236 if ((params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) ||
4237 info->attrs[NL80211_ATTR_PEER_AID])
4238 return -EINVAL;
4239
4240 params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
4241
4242
4243 if (!(rdev->wiphy.features &
4244 NL80211_FEATURE_FULL_AP_CLIENT_STATE) &&
4245 params.sta_flags_mask &
4246 (BIT(NL80211_STA_FLAG_AUTHENTICATED) |
4247 BIT(NL80211_STA_FLAG_ASSOCIATED)))
4248 return -EINVAL;
4249
4250
4251 params.vlan = get_vlan(info, rdev);
4252 if (IS_ERR(params.vlan))
4253 return PTR_ERR(params.vlan);
4254 break;
4255 case NL80211_IFTYPE_MESH_POINT:
4256
4257 params.sta_modify_mask &= ~STATION_PARAM_APPLY_UAPSD;
4258
4259
4260 if (params.sta_flags_mask & BIT(NL80211_STA_FLAG_ASSOCIATED))
4261 return -EINVAL;
4262
4263 if ((params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) ||
4264 info->attrs[NL80211_ATTR_PEER_AID])
4265 return -EINVAL;
4266 break;
4267 case NL80211_IFTYPE_STATION:
4268 case NL80211_IFTYPE_P2P_CLIENT:
4269
4270 params.sta_modify_mask &= ~STATION_PARAM_APPLY_UAPSD;
4271
4272
4273 if (params.sta_flags_mask &
4274 (BIT(NL80211_STA_FLAG_ASSOCIATED) |
4275 BIT(NL80211_STA_FLAG_AUTHENTICATED)))
4276 return -EINVAL;
4277
4278 if (!(params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)))
4279 return -EINVAL;
4280
4281 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS))
4282 return -EOPNOTSUPP;
4283
4284 if (!(rdev->wiphy.flags & WIPHY_FLAG_TDLS_EXTERNAL_SETUP))
4285 return -EOPNOTSUPP;
4286
4287
4288
4289
4290 params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_AUTHORIZED);
4291 break;
4292 default:
4293 return -EOPNOTSUPP;
4294 }
4295
4296
4297
4298 err = rdev_add_station(rdev, dev, mac_addr, ¶ms);
4299
4300 if (params.vlan)
4301 dev_put(params.vlan);
4302 return err;
4303}
4304
4305static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info)
4306{
4307 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4308 struct net_device *dev = info->user_ptr[1];
4309 u8 *mac_addr = NULL;
4310
4311 if (info->attrs[NL80211_ATTR_MAC])
4312 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
4313
4314 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
4315 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN &&
4316 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT &&
4317 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
4318 return -EINVAL;
4319
4320 if (!rdev->ops->del_station)
4321 return -EOPNOTSUPP;
4322
4323 return rdev_del_station(rdev, dev, mac_addr);
4324}
4325
4326static int nl80211_send_mpath(struct sk_buff *msg, u32 portid, u32 seq,
4327 int flags, struct net_device *dev,
4328 u8 *dst, u8 *next_hop,
4329 struct mpath_info *pinfo)
4330{
4331 void *hdr;
4332 struct nlattr *pinfoattr;
4333
4334 hdr = nl80211hdr_put(msg, portid, seq, flags, NL80211_CMD_NEW_STATION);
4335 if (!hdr)
4336 return -1;
4337
4338 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
4339 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, dst) ||
4340 nla_put(msg, NL80211_ATTR_MPATH_NEXT_HOP, ETH_ALEN, next_hop) ||
4341 nla_put_u32(msg, NL80211_ATTR_GENERATION, pinfo->generation))
4342 goto nla_put_failure;
4343
4344 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MPATH_INFO);
4345 if (!pinfoattr)
4346 goto nla_put_failure;
4347 if ((pinfo->filled & MPATH_INFO_FRAME_QLEN) &&
4348 nla_put_u32(msg, NL80211_MPATH_INFO_FRAME_QLEN,
4349 pinfo->frame_qlen))
4350 goto nla_put_failure;
4351 if (((pinfo->filled & MPATH_INFO_SN) &&
4352 nla_put_u32(msg, NL80211_MPATH_INFO_SN, pinfo->sn)) ||
4353 ((pinfo->filled & MPATH_INFO_METRIC) &&
4354 nla_put_u32(msg, NL80211_MPATH_INFO_METRIC,
4355 pinfo->metric)) ||
4356 ((pinfo->filled & MPATH_INFO_EXPTIME) &&
4357 nla_put_u32(msg, NL80211_MPATH_INFO_EXPTIME,
4358 pinfo->exptime)) ||
4359 ((pinfo->filled & MPATH_INFO_FLAGS) &&
4360 nla_put_u8(msg, NL80211_MPATH_INFO_FLAGS,
4361 pinfo->flags)) ||
4362 ((pinfo->filled & MPATH_INFO_DISCOVERY_TIMEOUT) &&
4363 nla_put_u32(msg, NL80211_MPATH_INFO_DISCOVERY_TIMEOUT,
4364 pinfo->discovery_timeout)) ||
4365 ((pinfo->filled & MPATH_INFO_DISCOVERY_RETRIES) &&
4366 nla_put_u8(msg, NL80211_MPATH_INFO_DISCOVERY_RETRIES,
4367 pinfo->discovery_retries)))
4368 goto nla_put_failure;
4369
4370 nla_nest_end(msg, pinfoattr);
4371
4372 return genlmsg_end(msg, hdr);
4373
4374 nla_put_failure:
4375 genlmsg_cancel(msg, hdr);
4376 return -EMSGSIZE;
4377}
4378
4379static int nl80211_dump_mpath(struct sk_buff *skb,
4380 struct netlink_callback *cb)
4381{
4382 struct mpath_info pinfo;
4383 struct cfg80211_registered_device *dev;
4384 struct wireless_dev *wdev;
4385 u8 dst[ETH_ALEN];
4386 u8 next_hop[ETH_ALEN];
4387 int path_idx = cb->args[2];
4388 int err;
4389
4390 err = nl80211_prepare_wdev_dump(skb, cb, &dev, &wdev);
4391 if (err)
4392 return err;
4393
4394 if (!dev->ops->dump_mpath) {
4395 err = -EOPNOTSUPP;
4396 goto out_err;
4397 }
4398
4399 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT) {
4400 err = -EOPNOTSUPP;
4401 goto out_err;
4402 }
4403
4404 while (1) {
4405 err = rdev_dump_mpath(dev, wdev->netdev, path_idx, dst,
4406 next_hop, &pinfo);
4407 if (err == -ENOENT)
4408 break;
4409 if (err)
4410 goto out_err;
4411
4412 if (nl80211_send_mpath(skb, NETLINK_CB(cb->skb).portid,
4413 cb->nlh->nlmsg_seq, NLM_F_MULTI,
4414 wdev->netdev, dst, next_hop,
4415 &pinfo) < 0)
4416 goto out;
4417
4418 path_idx++;
4419 }
4420
4421
4422 out:
4423 cb->args[2] = path_idx;
4424 err = skb->len;
4425 out_err:
4426 nl80211_finish_wdev_dump(dev);
4427 return err;
4428}
4429
4430static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info)
4431{
4432 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4433 int err;
4434 struct net_device *dev = info->user_ptr[1];
4435 struct mpath_info pinfo;
4436 struct sk_buff *msg;
4437 u8 *dst = NULL;
4438 u8 next_hop[ETH_ALEN];
4439
4440 memset(&pinfo, 0, sizeof(pinfo));
4441
4442 if (!info->attrs[NL80211_ATTR_MAC])
4443 return -EINVAL;
4444
4445 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
4446
4447 if (!rdev->ops->get_mpath)
4448 return -EOPNOTSUPP;
4449
4450 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
4451 return -EOPNOTSUPP;
4452
4453 err = rdev_get_mpath(rdev, dev, dst, next_hop, &pinfo);
4454 if (err)
4455 return err;
4456
4457 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
4458 if (!msg)
4459 return -ENOMEM;
4460
4461 if (nl80211_send_mpath(msg, info->snd_portid, info->snd_seq, 0,
4462 dev, dst, next_hop, &pinfo) < 0) {
4463 nlmsg_free(msg);
4464 return -ENOBUFS;
4465 }
4466
4467 return genlmsg_reply(msg, info);
4468}
4469
4470static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info)
4471{
4472 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4473 struct net_device *dev = info->user_ptr[1];
4474 u8 *dst = NULL;
4475 u8 *next_hop = NULL;
4476
4477 if (!info->attrs[NL80211_ATTR_MAC])
4478 return -EINVAL;
4479
4480 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP])
4481 return -EINVAL;
4482
4483 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
4484 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]);
4485
4486 if (!rdev->ops->change_mpath)
4487 return -EOPNOTSUPP;
4488
4489 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
4490 return -EOPNOTSUPP;
4491
4492 return rdev_change_mpath(rdev, dev, dst, next_hop);
4493}
4494
4495static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info)
4496{
4497 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4498 struct net_device *dev = info->user_ptr[1];
4499 u8 *dst = NULL;
4500 u8 *next_hop = NULL;
4501
4502 if (!info->attrs[NL80211_ATTR_MAC])
4503 return -EINVAL;
4504
4505 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP])
4506 return -EINVAL;
4507
4508 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
4509 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]);
4510
4511 if (!rdev->ops->add_mpath)
4512 return -EOPNOTSUPP;
4513
4514 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
4515 return -EOPNOTSUPP;
4516
4517 return rdev_add_mpath(rdev, dev, dst, next_hop);
4518}
4519
4520static int nl80211_del_mpath(struct sk_buff *skb, struct genl_info *info)
4521{
4522 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4523 struct net_device *dev = info->user_ptr[1];
4524 u8 *dst = NULL;
4525
4526 if (info->attrs[NL80211_ATTR_MAC])
4527 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
4528
4529 if (!rdev->ops->del_mpath)
4530 return -EOPNOTSUPP;
4531
4532 return rdev_del_mpath(rdev, dev, dst);
4533}
4534
4535static int nl80211_set_bss(struct sk_buff *skb, struct genl_info *info)
4536{
4537 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4538 struct net_device *dev = info->user_ptr[1];
4539 struct wireless_dev *wdev = dev->ieee80211_ptr;
4540 struct bss_parameters params;
4541 int err;
4542
4543 memset(¶ms, 0, sizeof(params));
4544
4545 params.use_cts_prot = -1;
4546 params.use_short_preamble = -1;
4547 params.use_short_slot_time = -1;
4548 params.ap_isolate = -1;
4549 params.ht_opmode = -1;
4550 params.p2p_ctwindow = -1;
4551 params.p2p_opp_ps = -1;
4552
4553 if (info->attrs[NL80211_ATTR_BSS_CTS_PROT])
4554 params.use_cts_prot =
4555 nla_get_u8(info->attrs[NL80211_ATTR_BSS_CTS_PROT]);
4556 if (info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE])
4557 params.use_short_preamble =
4558 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]);
4559 if (info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME])
4560 params.use_short_slot_time =
4561 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]);
4562 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) {
4563 params.basic_rates =
4564 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
4565 params.basic_rates_len =
4566 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
4567 }
4568 if (info->attrs[NL80211_ATTR_AP_ISOLATE])
4569 params.ap_isolate = !!nla_get_u8(info->attrs[NL80211_ATTR_AP_ISOLATE]);
4570 if (info->attrs[NL80211_ATTR_BSS_HT_OPMODE])
4571 params.ht_opmode =
4572 nla_get_u16(info->attrs[NL80211_ATTR_BSS_HT_OPMODE]);
4573
4574 if (info->attrs[NL80211_ATTR_P2P_CTWINDOW]) {
4575 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
4576 return -EINVAL;
4577 params.p2p_ctwindow =
4578 nla_get_s8(info->attrs[NL80211_ATTR_P2P_CTWINDOW]);
4579 if (params.p2p_ctwindow < 0)
4580 return -EINVAL;
4581 if (params.p2p_ctwindow != 0 &&
4582 !(rdev->wiphy.features & NL80211_FEATURE_P2P_GO_CTWIN))
4583 return -EINVAL;
4584 }
4585
4586 if (info->attrs[NL80211_ATTR_P2P_OPPPS]) {
4587 u8 tmp;
4588
4589 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
4590 return -EINVAL;
4591 tmp = nla_get_u8(info->attrs[NL80211_ATTR_P2P_OPPPS]);
4592 if (tmp > 1)
4593 return -EINVAL;
4594 params.p2p_opp_ps = tmp;
4595 if (params.p2p_opp_ps &&
4596 !(rdev->wiphy.features & NL80211_FEATURE_P2P_GO_OPPPS))
4597 return -EINVAL;
4598 }
4599
4600 if (!rdev->ops->change_bss)
4601 return -EOPNOTSUPP;
4602
4603 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
4604 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
4605 return -EOPNOTSUPP;
4606
4607 wdev_lock(wdev);
4608 err = rdev_change_bss(rdev, dev, ¶ms);
4609 wdev_unlock(wdev);
4610
4611 return err;
4612}
4613
4614static const struct nla_policy reg_rule_policy[NL80211_REG_RULE_ATTR_MAX + 1] = {
4615 [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 },
4616 [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 },
4617 [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 },
4618 [NL80211_ATTR_FREQ_RANGE_MAX_BW] = { .type = NLA_U32 },
4619 [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 },
4620 [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 },
4621 [NL80211_ATTR_DFS_CAC_TIME] = { .type = NLA_U32 },
4622};
4623
4624static int parse_reg_rule(struct nlattr *tb[],
4625 struct ieee80211_reg_rule *reg_rule)
4626{
4627 struct ieee80211_freq_range *freq_range = ®_rule->freq_range;
4628 struct ieee80211_power_rule *power_rule = ®_rule->power_rule;
4629
4630 if (!tb[NL80211_ATTR_REG_RULE_FLAGS])
4631 return -EINVAL;
4632 if (!tb[NL80211_ATTR_FREQ_RANGE_START])
4633 return -EINVAL;
4634 if (!tb[NL80211_ATTR_FREQ_RANGE_END])
4635 return -EINVAL;
4636 if (!tb[NL80211_ATTR_FREQ_RANGE_MAX_BW])
4637 return -EINVAL;
4638 if (!tb[NL80211_ATTR_POWER_RULE_MAX_EIRP])
4639 return -EINVAL;
4640
4641 reg_rule->flags = nla_get_u32(tb[NL80211_ATTR_REG_RULE_FLAGS]);
4642
4643 freq_range->start_freq_khz =
4644 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]);
4645 freq_range->end_freq_khz =
4646 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]);
4647 freq_range->max_bandwidth_khz =
4648 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]);
4649
4650 power_rule->max_eirp =
4651 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]);
4652
4653 if (tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN])
4654 power_rule->max_antenna_gain =
4655 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]);
4656
4657 if (tb[NL80211_ATTR_DFS_CAC_TIME])
4658 reg_rule->dfs_cac_ms =
4659 nla_get_u32(tb[NL80211_ATTR_DFS_CAC_TIME]);
4660
4661 return 0;
4662}
4663
4664static int nl80211_req_set_reg(struct sk_buff *skb, struct genl_info *info)
4665{
4666 int r;
4667 char *data = NULL;
4668 enum nl80211_user_reg_hint_type user_reg_hint_type;
4669
4670
4671
4672
4673
4674
4675
4676 if (unlikely(!rcu_access_pointer(cfg80211_regdomain)))
4677 return -EINPROGRESS;
4678
4679 if (!info->attrs[NL80211_ATTR_REG_ALPHA2])
4680 return -EINVAL;
4681
4682 data = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]);
4683
4684 if (info->attrs[NL80211_ATTR_USER_REG_HINT_TYPE])
4685 user_reg_hint_type =
4686 nla_get_u32(info->attrs[NL80211_ATTR_USER_REG_HINT_TYPE]);
4687 else
4688 user_reg_hint_type = NL80211_USER_REG_HINT_USER;
4689
4690 switch (user_reg_hint_type) {
4691 case NL80211_USER_REG_HINT_USER:
4692 case NL80211_USER_REG_HINT_CELL_BASE:
4693 break;
4694 default:
4695 return -EINVAL;
4696 }
4697
4698 r = regulatory_hint_user(data, user_reg_hint_type);
4699
4700 return r;
4701}
4702
4703static int nl80211_get_mesh_config(struct sk_buff *skb,
4704 struct genl_info *info)
4705{
4706 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4707 struct net_device *dev = info->user_ptr[1];
4708 struct wireless_dev *wdev = dev->ieee80211_ptr;
4709 struct mesh_config cur_params;
4710 int err = 0;
4711 void *hdr;
4712 struct nlattr *pinfoattr;
4713 struct sk_buff *msg;
4714
4715 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT)
4716 return -EOPNOTSUPP;
4717
4718 if (!rdev->ops->get_mesh_config)
4719 return -EOPNOTSUPP;
4720
4721 wdev_lock(wdev);
4722
4723 if (!wdev->mesh_id_len)
4724 memcpy(&cur_params, &default_mesh_config, sizeof(cur_params));
4725 else
4726 err = rdev_get_mesh_config(rdev, dev, &cur_params);
4727 wdev_unlock(wdev);
4728
4729 if (err)
4730 return err;
4731
4732
4733 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
4734 if (!msg)
4735 return -ENOMEM;
4736 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
4737 NL80211_CMD_GET_MESH_CONFIG);
4738 if (!hdr)
4739 goto out;
4740 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MESH_CONFIG);
4741 if (!pinfoattr)
4742 goto nla_put_failure;
4743 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
4744 nla_put_u16(msg, NL80211_MESHCONF_RETRY_TIMEOUT,
4745 cur_params.dot11MeshRetryTimeout) ||
4746 nla_put_u16(msg, NL80211_MESHCONF_CONFIRM_TIMEOUT,
4747 cur_params.dot11MeshConfirmTimeout) ||
4748 nla_put_u16(msg, NL80211_MESHCONF_HOLDING_TIMEOUT,
4749 cur_params.dot11MeshHoldingTimeout) ||
4750 nla_put_u16(msg, NL80211_MESHCONF_MAX_PEER_LINKS,
4751 cur_params.dot11MeshMaxPeerLinks) ||
4752 nla_put_u8(msg, NL80211_MESHCONF_MAX_RETRIES,
4753 cur_params.dot11MeshMaxRetries) ||
4754 nla_put_u8(msg, NL80211_MESHCONF_TTL,
4755 cur_params.dot11MeshTTL) ||
4756 nla_put_u8(msg, NL80211_MESHCONF_ELEMENT_TTL,
4757 cur_params.element_ttl) ||
4758 nla_put_u8(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS,
4759 cur_params.auto_open_plinks) ||
4760 nla_put_u32(msg, NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR,
4761 cur_params.dot11MeshNbrOffsetMaxNeighbor) ||
4762 nla_put_u8(msg, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES,
4763 cur_params.dot11MeshHWMPmaxPREQretries) ||
4764 nla_put_u32(msg, NL80211_MESHCONF_PATH_REFRESH_TIME,
4765 cur_params.path_refresh_time) ||
4766 nla_put_u16(msg, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT,
4767 cur_params.min_discovery_timeout) ||
4768 nla_put_u32(msg, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT,
4769 cur_params.dot11MeshHWMPactivePathTimeout) ||
4770 nla_put_u16(msg, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL,
4771 cur_params.dot11MeshHWMPpreqMinInterval) ||
4772 nla_put_u16(msg, NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL,
4773 cur_params.dot11MeshHWMPperrMinInterval) ||
4774 nla_put_u16(msg, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME,
4775 cur_params.dot11MeshHWMPnetDiameterTraversalTime) ||
4776 nla_put_u8(msg, NL80211_MESHCONF_HWMP_ROOTMODE,
4777 cur_params.dot11MeshHWMPRootMode) ||
4778 nla_put_u16(msg, NL80211_MESHCONF_HWMP_RANN_INTERVAL,
4779 cur_params.dot11MeshHWMPRannInterval) ||
4780 nla_put_u8(msg, NL80211_MESHCONF_GATE_ANNOUNCEMENTS,
4781 cur_params.dot11MeshGateAnnouncementProtocol) ||
4782 nla_put_u8(msg, NL80211_MESHCONF_FORWARDING,
4783 cur_params.dot11MeshForwarding) ||
4784 nla_put_u32(msg, NL80211_MESHCONF_RSSI_THRESHOLD,
4785 cur_params.rssi_threshold) ||
4786 nla_put_u32(msg, NL80211_MESHCONF_HT_OPMODE,
4787 cur_params.ht_opmode) ||
4788 nla_put_u32(msg, NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT,
4789 cur_params.dot11MeshHWMPactivePathToRootTimeout) ||
4790 nla_put_u16(msg, NL80211_MESHCONF_HWMP_ROOT_INTERVAL,
4791 cur_params.dot11MeshHWMProotInterval) ||
4792 nla_put_u16(msg, NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL,
4793 cur_params.dot11MeshHWMPconfirmationInterval) ||
4794 nla_put_u32(msg, NL80211_MESHCONF_POWER_MODE,
4795 cur_params.power_mode) ||
4796 nla_put_u16(msg, NL80211_MESHCONF_AWAKE_WINDOW,
4797 cur_params.dot11MeshAwakeWindowDuration) ||
4798 nla_put_u32(msg, NL80211_MESHCONF_PLINK_TIMEOUT,
4799 cur_params.plink_timeout))
4800 goto nla_put_failure;
4801 nla_nest_end(msg, pinfoattr);
4802 genlmsg_end(msg, hdr);
4803 return genlmsg_reply(msg, info);
4804
4805 nla_put_failure:
4806 genlmsg_cancel(msg, hdr);
4807 out:
4808 nlmsg_free(msg);
4809 return -ENOBUFS;
4810}
4811
4812static const struct nla_policy nl80211_meshconf_params_policy[NL80211_MESHCONF_ATTR_MAX+1] = {
4813 [NL80211_MESHCONF_RETRY_TIMEOUT] = { .type = NLA_U16 },
4814 [NL80211_MESHCONF_CONFIRM_TIMEOUT] = { .type = NLA_U16 },
4815 [NL80211_MESHCONF_HOLDING_TIMEOUT] = { .type = NLA_U16 },
4816 [NL80211_MESHCONF_MAX_PEER_LINKS] = { .type = NLA_U16 },
4817 [NL80211_MESHCONF_MAX_RETRIES] = { .type = NLA_U8 },
4818 [NL80211_MESHCONF_TTL] = { .type = NLA_U8 },
4819 [NL80211_MESHCONF_ELEMENT_TTL] = { .type = NLA_U8 },
4820 [NL80211_MESHCONF_AUTO_OPEN_PLINKS] = { .type = NLA_U8 },
4821 [NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR] = { .type = NLA_U32 },
4822 [NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES] = { .type = NLA_U8 },
4823 [NL80211_MESHCONF_PATH_REFRESH_TIME] = { .type = NLA_U32 },
4824 [NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT] = { .type = NLA_U16 },
4825 [NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT] = { .type = NLA_U32 },
4826 [NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL] = { .type = NLA_U16 },
4827 [NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL] = { .type = NLA_U16 },
4828 [NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME] = { .type = NLA_U16 },
4829 [NL80211_MESHCONF_HWMP_ROOTMODE] = { .type = NLA_U8 },
4830 [NL80211_MESHCONF_HWMP_RANN_INTERVAL] = { .type = NLA_U16 },
4831 [NL80211_MESHCONF_GATE_ANNOUNCEMENTS] = { .type = NLA_U8 },
4832 [NL80211_MESHCONF_FORWARDING] = { .type = NLA_U8 },
4833 [NL80211_MESHCONF_RSSI_THRESHOLD] = { .type = NLA_U32 },
4834 [NL80211_MESHCONF_HT_OPMODE] = { .type = NLA_U16 },
4835 [NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT] = { .type = NLA_U32 },
4836 [NL80211_MESHCONF_HWMP_ROOT_INTERVAL] = { .type = NLA_U16 },
4837 [NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL] = { .type = NLA_U16 },
4838 [NL80211_MESHCONF_POWER_MODE] = { .type = NLA_U32 },
4839 [NL80211_MESHCONF_AWAKE_WINDOW] = { .type = NLA_U16 },
4840 [NL80211_MESHCONF_PLINK_TIMEOUT] = { .type = NLA_U32 },
4841};
4842
4843static const struct nla_policy
4844 nl80211_mesh_setup_params_policy[NL80211_MESH_SETUP_ATTR_MAX+1] = {
4845 [NL80211_MESH_SETUP_ENABLE_VENDOR_SYNC] = { .type = NLA_U8 },
4846 [NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL] = { .type = NLA_U8 },
4847 [NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC] = { .type = NLA_U8 },
4848 [NL80211_MESH_SETUP_USERSPACE_AUTH] = { .type = NLA_FLAG },
4849 [NL80211_MESH_SETUP_AUTH_PROTOCOL] = { .type = NLA_U8 },
4850 [NL80211_MESH_SETUP_USERSPACE_MPM] = { .type = NLA_FLAG },
4851 [NL80211_MESH_SETUP_IE] = { .type = NLA_BINARY,
4852 .len = IEEE80211_MAX_DATA_LEN },
4853 [NL80211_MESH_SETUP_USERSPACE_AMPE] = { .type = NLA_FLAG },
4854};
4855
4856static int nl80211_parse_mesh_config(struct genl_info *info,
4857 struct mesh_config *cfg,
4858 u32 *mask_out)
4859{
4860 struct nlattr *tb[NL80211_MESHCONF_ATTR_MAX + 1];
4861 u32 mask = 0;
4862
4863#define FILL_IN_MESH_PARAM_IF_SET(tb, cfg, param, min, max, mask, attr, fn) \
4864do { \
4865 if (tb[attr]) { \
4866 if (fn(tb[attr]) < min || fn(tb[attr]) > max) \
4867 return -EINVAL; \
4868 cfg->param = fn(tb[attr]); \
4869 mask |= (1 << (attr - 1)); \
4870 } \
4871} while (0)
4872
4873
4874 if (!info->attrs[NL80211_ATTR_MESH_CONFIG])
4875 return -EINVAL;
4876 if (nla_parse_nested(tb, NL80211_MESHCONF_ATTR_MAX,
4877 info->attrs[NL80211_ATTR_MESH_CONFIG],
4878 nl80211_meshconf_params_policy))
4879 return -EINVAL;
4880
4881
4882
4883 BUILD_BUG_ON(NL80211_MESHCONF_ATTR_MAX > 32);
4884
4885
4886 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshRetryTimeout, 1, 255,
4887 mask, NL80211_MESHCONF_RETRY_TIMEOUT,
4888 nla_get_u16);
4889 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshConfirmTimeout, 1, 255,
4890 mask, NL80211_MESHCONF_CONFIRM_TIMEOUT,
4891 nla_get_u16);
4892 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHoldingTimeout, 1, 255,
4893 mask, NL80211_MESHCONF_HOLDING_TIMEOUT,
4894 nla_get_u16);
4895 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxPeerLinks, 0, 255,
4896 mask, NL80211_MESHCONF_MAX_PEER_LINKS,
4897 nla_get_u16);
4898 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxRetries, 0, 16,
4899 mask, NL80211_MESHCONF_MAX_RETRIES,
4900 nla_get_u8);
4901 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshTTL, 1, 255,
4902 mask, NL80211_MESHCONF_TTL, nla_get_u8);
4903 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, element_ttl, 1, 255,
4904 mask, NL80211_MESHCONF_ELEMENT_TTL,
4905 nla_get_u8);
4906 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, auto_open_plinks, 0, 1,
4907 mask, NL80211_MESHCONF_AUTO_OPEN_PLINKS,
4908 nla_get_u8);
4909 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshNbrOffsetMaxNeighbor,
4910 1, 255, mask,
4911 NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR,
4912 nla_get_u32);
4913 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPmaxPREQretries, 0, 255,
4914 mask, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES,
4915 nla_get_u8);
4916 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, path_refresh_time, 1, 65535,
4917 mask, NL80211_MESHCONF_PATH_REFRESH_TIME,
4918 nla_get_u32);
4919 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, min_discovery_timeout, 1, 65535,
4920 mask, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT,
4921 nla_get_u16);
4922 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPactivePathTimeout,
4923 1, 65535, mask,
4924 NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT,
4925 nla_get_u32);
4926 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPpreqMinInterval,
4927 1, 65535, mask,
4928 NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL,
4929 nla_get_u16);
4930 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPperrMinInterval,
4931 1, 65535, mask,
4932 NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL,
4933 nla_get_u16);
4934 FILL_IN_MESH_PARAM_IF_SET(tb, cfg,
4935 dot11MeshHWMPnetDiameterTraversalTime,
4936 1, 65535, mask,
4937 NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME,
4938 nla_get_u16);
4939 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPRootMode, 0, 4,
4940 mask, NL80211_MESHCONF_HWMP_ROOTMODE,
4941 nla_get_u8);
4942 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPRannInterval, 1, 65535,
4943 mask, NL80211_MESHCONF_HWMP_RANN_INTERVAL,
4944 nla_get_u16);
4945 FILL_IN_MESH_PARAM_IF_SET(tb, cfg,
4946 dot11MeshGateAnnouncementProtocol, 0, 1,
4947 mask, NL80211_MESHCONF_GATE_ANNOUNCEMENTS,
4948 nla_get_u8);
4949 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshForwarding, 0, 1,
4950 mask, NL80211_MESHCONF_FORWARDING,
4951 nla_get_u8);
4952 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, rssi_threshold, -255, 0,
4953 mask, NL80211_MESHCONF_RSSI_THRESHOLD,
4954 nla_get_s32);
4955 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, ht_opmode, 0, 16,
4956 mask, NL80211_MESHCONF_HT_OPMODE,
4957 nla_get_u16);
4958 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPactivePathToRootTimeout,
4959 1, 65535, mask,
4960 NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT,
4961 nla_get_u32);
4962 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMProotInterval, 1, 65535,
4963 mask, NL80211_MESHCONF_HWMP_ROOT_INTERVAL,
4964 nla_get_u16);
4965 FILL_IN_MESH_PARAM_IF_SET(tb, cfg,
4966 dot11MeshHWMPconfirmationInterval,
4967 1, 65535, mask,
4968 NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL,
4969 nla_get_u16);
4970 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, power_mode,
4971 NL80211_MESH_POWER_ACTIVE,
4972 NL80211_MESH_POWER_MAX,
4973 mask, NL80211_MESHCONF_POWER_MODE,
4974 nla_get_u32);
4975 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshAwakeWindowDuration,
4976 0, 65535, mask,
4977 NL80211_MESHCONF_AWAKE_WINDOW, nla_get_u16);
4978 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, plink_timeout, 1, 0xffffffff,
4979 mask, NL80211_MESHCONF_PLINK_TIMEOUT,
4980 nla_get_u32);
4981 if (mask_out)
4982 *mask_out = mask;
4983
4984 return 0;
4985
4986#undef FILL_IN_MESH_PARAM_IF_SET
4987}
4988
4989static int nl80211_parse_mesh_setup(struct genl_info *info,
4990 struct mesh_setup *setup)
4991{
4992 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4993 struct nlattr *tb[NL80211_MESH_SETUP_ATTR_MAX + 1];
4994
4995 if (!info->attrs[NL80211_ATTR_MESH_SETUP])
4996 return -EINVAL;
4997 if (nla_parse_nested(tb, NL80211_MESH_SETUP_ATTR_MAX,
4998 info->attrs[NL80211_ATTR_MESH_SETUP],
4999 nl80211_mesh_setup_params_policy))
5000 return -EINVAL;
5001
5002 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_SYNC])
5003 setup->sync_method =
5004 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_SYNC])) ?
5005 IEEE80211_SYNC_METHOD_VENDOR :
5006 IEEE80211_SYNC_METHOD_NEIGHBOR_OFFSET;
5007
5008 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL])
5009 setup->path_sel_proto =
5010 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL])) ?
5011 IEEE80211_PATH_PROTOCOL_VENDOR :
5012 IEEE80211_PATH_PROTOCOL_HWMP;
5013
5014 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC])
5015 setup->path_metric =
5016 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC])) ?
5017 IEEE80211_PATH_METRIC_VENDOR :
5018 IEEE80211_PATH_METRIC_AIRTIME;
5019
5020
5021 if (tb[NL80211_MESH_SETUP_IE]) {
5022 struct nlattr *ieattr =
5023 tb[NL80211_MESH_SETUP_IE];
5024 if (!is_valid_ie_attr(ieattr))
5025 return -EINVAL;
5026 setup->ie = nla_data(ieattr);
5027 setup->ie_len = nla_len(ieattr);
5028 }
5029 if (tb[NL80211_MESH_SETUP_USERSPACE_MPM] &&
5030 !(rdev->wiphy.features & NL80211_FEATURE_USERSPACE_MPM))
5031 return -EINVAL;
5032 setup->user_mpm = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_MPM]);
5033 setup->is_authenticated = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_AUTH]);
5034 setup->is_secure = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_AMPE]);
5035 if (setup->is_secure)
5036 setup->user_mpm = true;
5037
5038 if (tb[NL80211_MESH_SETUP_AUTH_PROTOCOL]) {
5039 if (!setup->user_mpm)
5040 return -EINVAL;
5041 setup->auth_id =
5042 nla_get_u8(tb[NL80211_MESH_SETUP_AUTH_PROTOCOL]);
5043 }
5044
5045 return 0;
5046}
5047
5048static int nl80211_update_mesh_config(struct sk_buff *skb,
5049 struct genl_info *info)
5050{
5051 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5052 struct net_device *dev = info->user_ptr[1];
5053 struct wireless_dev *wdev = dev->ieee80211_ptr;
5054 struct mesh_config cfg;
5055 u32 mask;
5056 int err;
5057
5058 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT)
5059 return -EOPNOTSUPP;
5060
5061 if (!rdev->ops->update_mesh_config)
5062 return -EOPNOTSUPP;
5063
5064 err = nl80211_parse_mesh_config(info, &cfg, &mask);
5065 if (err)
5066 return err;
5067
5068 wdev_lock(wdev);
5069 if (!wdev->mesh_id_len)
5070 err = -ENOLINK;
5071
5072 if (!err)
5073 err = rdev_update_mesh_config(rdev, dev, mask, &cfg);
5074
5075 wdev_unlock(wdev);
5076
5077 return err;
5078}
5079
5080static int nl80211_get_reg(struct sk_buff *skb, struct genl_info *info)
5081{
5082 const struct ieee80211_regdomain *regdom;
5083 struct sk_buff *msg;
5084 void *hdr = NULL;
5085 struct nlattr *nl_reg_rules;
5086 unsigned int i;
5087
5088 if (!cfg80211_regdomain)
5089 return -EINVAL;
5090
5091 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
5092 if (!msg)
5093 return -ENOBUFS;
5094
5095 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
5096 NL80211_CMD_GET_REG);
5097 if (!hdr)
5098 goto put_failure;
5099
5100 if (reg_last_request_cell_base() &&
5101 nla_put_u32(msg, NL80211_ATTR_USER_REG_HINT_TYPE,
5102 NL80211_USER_REG_HINT_CELL_BASE))
5103 goto nla_put_failure;
5104
5105 rcu_read_lock();
5106 regdom = rcu_dereference(cfg80211_regdomain);
5107
5108 if (nla_put_string(msg, NL80211_ATTR_REG_ALPHA2, regdom->alpha2) ||
5109 (regdom->dfs_region &&
5110 nla_put_u8(msg, NL80211_ATTR_DFS_REGION, regdom->dfs_region)))
5111 goto nla_put_failure_rcu;
5112
5113 nl_reg_rules = nla_nest_start(msg, NL80211_ATTR_REG_RULES);
5114 if (!nl_reg_rules)
5115 goto nla_put_failure_rcu;
5116
5117 for (i = 0; i < regdom->n_reg_rules; i++) {
5118 struct nlattr *nl_reg_rule;
5119 const struct ieee80211_reg_rule *reg_rule;
5120 const struct ieee80211_freq_range *freq_range;
5121 const struct ieee80211_power_rule *power_rule;
5122 unsigned int max_bandwidth_khz;
5123
5124 reg_rule = ®dom->reg_rules[i];
5125 freq_range = ®_rule->freq_range;
5126 power_rule = ®_rule->power_rule;
5127
5128 nl_reg_rule = nla_nest_start(msg, i);
5129 if (!nl_reg_rule)
5130 goto nla_put_failure_rcu;
5131
5132 max_bandwidth_khz = freq_range->max_bandwidth_khz;
5133 if (!max_bandwidth_khz)
5134 max_bandwidth_khz = reg_get_max_bandwidth(regdom,
5135 reg_rule);
5136
5137 if (nla_put_u32(msg, NL80211_ATTR_REG_RULE_FLAGS,
5138 reg_rule->flags) ||
5139 nla_put_u32(msg, NL80211_ATTR_FREQ_RANGE_START,
5140 freq_range->start_freq_khz) ||
5141 nla_put_u32(msg, NL80211_ATTR_FREQ_RANGE_END,
5142 freq_range->end_freq_khz) ||
5143 nla_put_u32(msg, NL80211_ATTR_FREQ_RANGE_MAX_BW,
5144 max_bandwidth_khz) ||
5145 nla_put_u32(msg, NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN,
5146 power_rule->max_antenna_gain) ||
5147 nla_put_u32(msg, NL80211_ATTR_POWER_RULE_MAX_EIRP,
5148 power_rule->max_eirp) ||
5149 nla_put_u32(msg, NL80211_ATTR_DFS_CAC_TIME,
5150 reg_rule->dfs_cac_ms))
5151 goto nla_put_failure_rcu;
5152
5153 nla_nest_end(msg, nl_reg_rule);
5154 }
5155 rcu_read_unlock();
5156
5157 nla_nest_end(msg, nl_reg_rules);
5158
5159 genlmsg_end(msg, hdr);
5160 return genlmsg_reply(msg, info);
5161
5162nla_put_failure_rcu:
5163 rcu_read_unlock();
5164nla_put_failure:
5165 genlmsg_cancel(msg, hdr);
5166put_failure:
5167 nlmsg_free(msg);
5168 return -EMSGSIZE;
5169}
5170
5171static int nl80211_set_reg(struct sk_buff *skb, struct genl_info *info)
5172{
5173 struct nlattr *tb[NL80211_REG_RULE_ATTR_MAX + 1];
5174 struct nlattr *nl_reg_rule;
5175 char *alpha2 = NULL;
5176 int rem_reg_rules = 0, r = 0;
5177 u32 num_rules = 0, rule_idx = 0, size_of_regd;
5178 enum nl80211_dfs_regions dfs_region = NL80211_DFS_UNSET;
5179 struct ieee80211_regdomain *rd = NULL;
5180
5181 if (!info->attrs[NL80211_ATTR_REG_ALPHA2])
5182 return -EINVAL;
5183
5184 if (!info->attrs[NL80211_ATTR_REG_RULES])
5185 return -EINVAL;
5186
5187 alpha2 = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]);
5188
5189 if (info->attrs[NL80211_ATTR_DFS_REGION])
5190 dfs_region = nla_get_u8(info->attrs[NL80211_ATTR_DFS_REGION]);
5191
5192 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES],
5193 rem_reg_rules) {
5194 num_rules++;
5195 if (num_rules > NL80211_MAX_SUPP_REG_RULES)
5196 return -EINVAL;
5197 }
5198
5199 if (!reg_is_valid_request(alpha2))
5200 return -EINVAL;
5201
5202 size_of_regd = sizeof(struct ieee80211_regdomain) +
5203 num_rules * sizeof(struct ieee80211_reg_rule);
5204
5205 rd = kzalloc(size_of_regd, GFP_KERNEL);
5206 if (!rd)
5207 return -ENOMEM;
5208
5209 rd->n_reg_rules = num_rules;
5210 rd->alpha2[0] = alpha2[0];
5211 rd->alpha2[1] = alpha2[1];
5212
5213
5214
5215
5216
5217 if (reg_supported_dfs_region(dfs_region))
5218 rd->dfs_region = dfs_region;
5219
5220 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES],
5221 rem_reg_rules) {
5222 r = nla_parse(tb, NL80211_REG_RULE_ATTR_MAX,
5223 nla_data(nl_reg_rule), nla_len(nl_reg_rule),
5224 reg_rule_policy);
5225 if (r)
5226 goto bad_reg;
5227 r = parse_reg_rule(tb, &rd->reg_rules[rule_idx]);
5228 if (r)
5229 goto bad_reg;
5230
5231 rule_idx++;
5232
5233 if (rule_idx > NL80211_MAX_SUPP_REG_RULES) {
5234 r = -EINVAL;
5235 goto bad_reg;
5236 }
5237 }
5238
5239 r = set_regdom(rd);
5240
5241 rd = NULL;
5242
5243 bad_reg:
5244 kfree(rd);
5245 return r;
5246}
5247
5248static int validate_scan_freqs(struct nlattr *freqs)
5249{
5250 struct nlattr *attr1, *attr2;
5251 int n_channels = 0, tmp1, tmp2;
5252
5253 nla_for_each_nested(attr1, freqs, tmp1) {
5254 n_channels++;
5255
5256
5257
5258
5259
5260
5261
5262
5263
5264 nla_for_each_nested(attr2, freqs, tmp2)
5265 if (attr1 != attr2 &&
5266 nla_get_u32(attr1) == nla_get_u32(attr2))
5267 return 0;
5268 }
5269
5270 return n_channels;
5271}
5272
5273static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info)
5274{
5275 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5276 struct wireless_dev *wdev = info->user_ptr[1];
5277 struct cfg80211_scan_request *request;
5278 struct nlattr *attr;
5279 struct wiphy *wiphy;
5280 int err, tmp, n_ssids = 0, n_channels, i;
5281 size_t ie_len;
5282
5283 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
5284 return -EINVAL;
5285
5286 wiphy = &rdev->wiphy;
5287
5288 if (!rdev->ops->scan)
5289 return -EOPNOTSUPP;
5290
5291 if (rdev->scan_req || rdev->scan_msg) {
5292 err = -EBUSY;
5293 goto unlock;
5294 }
5295
5296 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
5297 n_channels = validate_scan_freqs(
5298 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]);
5299 if (!n_channels) {
5300 err = -EINVAL;
5301 goto unlock;
5302 }
5303 } else {
5304 n_channels = ieee80211_get_num_supported_channels(wiphy);
5305 }
5306
5307 if (info->attrs[NL80211_ATTR_SCAN_SSIDS])
5308 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp)
5309 n_ssids++;
5310
5311 if (n_ssids > wiphy->max_scan_ssids) {
5312 err = -EINVAL;
5313 goto unlock;
5314 }
5315
5316 if (info->attrs[NL80211_ATTR_IE])
5317 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
5318 else
5319 ie_len = 0;
5320
5321 if (ie_len > wiphy->max_scan_ie_len) {
5322 err = -EINVAL;
5323 goto unlock;
5324 }
5325
5326 request = kzalloc(sizeof(*request)
5327 + sizeof(*request->ssids) * n_ssids
5328 + sizeof(*request->channels) * n_channels
5329 + ie_len, GFP_KERNEL);
5330 if (!request) {
5331 err = -ENOMEM;
5332 goto unlock;
5333 }
5334
5335 if (n_ssids)
5336 request->ssids = (void *)&request->channels[n_channels];
5337 request->n_ssids = n_ssids;
5338 if (ie_len) {
5339 if (request->ssids)
5340 request->ie = (void *)(request->ssids + n_ssids);
5341 else
5342 request->ie = (void *)(request->channels + n_channels);
5343 }
5344
5345 i = 0;
5346 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
5347
5348 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_FREQUENCIES], tmp) {
5349 struct ieee80211_channel *chan;
5350
5351 chan = ieee80211_get_channel(wiphy, nla_get_u32(attr));
5352
5353 if (!chan) {
5354 err = -EINVAL;
5355 goto out_free;
5356 }
5357
5358
5359 if (chan->flags & IEEE80211_CHAN_DISABLED)
5360 continue;
5361
5362 request->channels[i] = chan;
5363 i++;
5364 }
5365 } else {
5366 enum ieee80211_band band;
5367
5368
5369 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
5370 int j;
5371 if (!wiphy->bands[band])
5372 continue;
5373 for (j = 0; j < wiphy->bands[band]->n_channels; j++) {
5374 struct ieee80211_channel *chan;
5375
5376 chan = &wiphy->bands[band]->channels[j];
5377
5378 if (chan->flags & IEEE80211_CHAN_DISABLED)
5379 continue;
5380
5381 request->channels[i] = chan;
5382 i++;
5383 }
5384 }
5385 }
5386
5387 if (!i) {
5388 err = -EINVAL;
5389 goto out_free;
5390 }
5391
5392 request->n_channels = i;
5393
5394 i = 0;
5395 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) {
5396 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) {
5397 if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) {
5398 err = -EINVAL;
5399 goto out_free;
5400 }
5401 request->ssids[i].ssid_len = nla_len(attr);
5402 memcpy(request->ssids[i].ssid, nla_data(attr), nla_len(attr));
5403 i++;
5404 }
5405 }
5406
5407 if (info->attrs[NL80211_ATTR_IE]) {
5408 request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
5409 memcpy((void *)request->ie,
5410 nla_data(info->attrs[NL80211_ATTR_IE]),
5411 request->ie_len);
5412 }
5413
5414 for (i = 0; i < IEEE80211_NUM_BANDS; i++)
5415 if (wiphy->bands[i])
5416 request->rates[i] =
5417 (1 << wiphy->bands[i]->n_bitrates) - 1;
5418
5419 if (info->attrs[NL80211_ATTR_SCAN_SUPP_RATES]) {
5420 nla_for_each_nested(attr,
5421 info->attrs[NL80211_ATTR_SCAN_SUPP_RATES],
5422 tmp) {
5423 enum ieee80211_band band = nla_type(attr);
5424
5425 if (band < 0 || band >= IEEE80211_NUM_BANDS) {
5426 err = -EINVAL;
5427 goto out_free;
5428 }
5429
5430 if (!wiphy->bands[band])
5431 continue;
5432
5433 err = ieee80211_get_ratemask(wiphy->bands[band],
5434 nla_data(attr),
5435 nla_len(attr),
5436 &request->rates[band]);
5437 if (err)
5438 goto out_free;
5439 }
5440 }
5441
5442 if (info->attrs[NL80211_ATTR_SCAN_FLAGS]) {
5443 request->flags = nla_get_u32(
5444 info->attrs[NL80211_ATTR_SCAN_FLAGS]);
5445 if ((request->flags & NL80211_SCAN_FLAG_LOW_PRIORITY) &&
5446 !(wiphy->features & NL80211_FEATURE_LOW_PRIORITY_SCAN)) {
5447 err = -EOPNOTSUPP;
5448 goto out_free;
5449 }
5450 }
5451
5452 request->no_cck =
5453 nla_get_flag(info->attrs[NL80211_ATTR_TX_NO_CCK_RATE]);
5454
5455 request->wdev = wdev;
5456 request->wiphy = &rdev->wiphy;
5457 request->scan_start = jiffies;
5458
5459 rdev->scan_req = request;
5460 err = rdev_scan(rdev, request);
5461
5462 if (!err) {
5463 nl80211_send_scan_start(rdev, wdev);
5464 if (wdev->netdev)
5465 dev_hold(wdev->netdev);
5466 } else {
5467 out_free:
5468 rdev->scan_req = NULL;
5469 kfree(request);
5470 }
5471
5472 unlock:
5473 return err;
5474}
5475
5476static int nl80211_start_sched_scan(struct sk_buff *skb,
5477 struct genl_info *info)
5478{
5479 struct cfg80211_sched_scan_request *request;
5480 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5481 struct net_device *dev = info->user_ptr[1];
5482 struct nlattr *attr;
5483 struct wiphy *wiphy;
5484 int err, tmp, n_ssids = 0, n_match_sets = 0, n_channels, i;
5485 u32 interval;
5486 enum ieee80211_band band;
5487 size_t ie_len;
5488 struct nlattr *tb[NL80211_SCHED_SCAN_MATCH_ATTR_MAX + 1];
5489 s32 default_match_rssi = NL80211_SCAN_RSSI_THOLD_OFF;
5490
5491 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN) ||
5492 !rdev->ops->sched_scan_start)
5493 return -EOPNOTSUPP;
5494
5495 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
5496 return -EINVAL;
5497
5498 if (!info->attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL])
5499 return -EINVAL;
5500
5501 interval = nla_get_u32(info->attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL]);
5502 if (interval == 0)
5503 return -EINVAL;
5504
5505 wiphy = &rdev->wiphy;
5506
5507 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
5508 n_channels = validate_scan_freqs(
5509 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]);
5510 if (!n_channels)
5511 return -EINVAL;
5512 } else {
5513 n_channels = ieee80211_get_num_supported_channels(wiphy);
5514 }
5515
5516 if (info->attrs[NL80211_ATTR_SCAN_SSIDS])
5517 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS],
5518 tmp)
5519 n_ssids++;
5520
5521 if (n_ssids > wiphy->max_sched_scan_ssids)
5522 return -EINVAL;
5523
5524
5525
5526
5527
5528
5529
5530
5531
5532
5533 if (info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH]) {
5534 nla_for_each_nested(attr,
5535 info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH],
5536 tmp) {
5537 struct nlattr *rssi;
5538
5539 err = nla_parse(tb, NL80211_SCHED_SCAN_MATCH_ATTR_MAX,
5540 nla_data(attr), nla_len(attr),
5541 nl80211_match_policy);
5542 if (err)
5543 return err;
5544
5545 if (tb[NL80211_SCHED_SCAN_MATCH_ATTR_SSID]) {
5546 n_match_sets++;
5547 continue;
5548 }
5549 rssi = tb[NL80211_SCHED_SCAN_MATCH_ATTR_RSSI];
5550 if (rssi)
5551 default_match_rssi = nla_get_s32(rssi);
5552 }
5553 }
5554
5555
5556 if (!n_match_sets && default_match_rssi != NL80211_SCAN_RSSI_THOLD_OFF)
5557 n_match_sets = 1;
5558
5559 if (n_match_sets > wiphy->max_match_sets)
5560 return -EINVAL;
5561
5562 if (info->attrs[NL80211_ATTR_IE])
5563 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
5564 else
5565 ie_len = 0;
5566
5567 if (ie_len > wiphy->max_sched_scan_ie_len)
5568 return -EINVAL;
5569
5570 if (rdev->sched_scan_req) {
5571 err = -EINPROGRESS;
5572 goto out;
5573 }
5574
5575 request = kzalloc(sizeof(*request)
5576 + sizeof(*request->ssids) * n_ssids
5577 + sizeof(*request->match_sets) * n_match_sets
5578 + sizeof(*request->channels) * n_channels
5579 + ie_len, GFP_KERNEL);
5580 if (!request) {
5581 err = -ENOMEM;
5582 goto out;
5583 }
5584
5585 if (n_ssids)
5586 request->ssids = (void *)&request->channels[n_channels];
5587 request->n_ssids = n_ssids;
5588 if (ie_len) {
5589 if (request->ssids)
5590 request->ie = (void *)(request->ssids + n_ssids);
5591 else
5592 request->ie = (void *)(request->channels + n_channels);
5593 }
5594
5595 if (n_match_sets) {
5596 if (request->ie)
5597 request->match_sets = (void *)(request->ie + ie_len);
5598 else if (request->ssids)
5599 request->match_sets =
5600 (void *)(request->ssids + n_ssids);
5601 else
5602 request->match_sets =
5603 (void *)(request->channels + n_channels);
5604 }
5605 request->n_match_sets = n_match_sets;
5606
5607 i = 0;
5608 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
5609
5610 nla_for_each_nested(attr,
5611 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES],
5612 tmp) {
5613 struct ieee80211_channel *chan;
5614
5615 chan = ieee80211_get_channel(wiphy, nla_get_u32(attr));
5616
5617 if (!chan) {
5618 err = -EINVAL;
5619 goto out_free;
5620 }
5621
5622
5623 if (chan->flags & IEEE80211_CHAN_DISABLED)
5624 continue;
5625
5626 request->channels[i] = chan;
5627 i++;
5628 }
5629 } else {
5630
5631 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
5632 int j;
5633 if (!wiphy->bands[band])
5634 continue;
5635 for (j = 0; j < wiphy->bands[band]->n_channels; j++) {
5636 struct ieee80211_channel *chan;
5637
5638 chan = &wiphy->bands[band]->channels[j];
5639
5640 if (chan->flags & IEEE80211_CHAN_DISABLED)
5641 continue;
5642
5643 request->channels[i] = chan;
5644 i++;
5645 }
5646 }
5647 }
5648
5649 if (!i) {
5650 err = -EINVAL;
5651 goto out_free;
5652 }
5653
5654 request->n_channels = i;
5655
5656 i = 0;
5657 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) {
5658 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS],
5659 tmp) {
5660 if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) {
5661 err = -EINVAL;
5662 goto out_free;
5663 }
5664 request->ssids[i].ssid_len = nla_len(attr);
5665 memcpy(request->ssids[i].ssid, nla_data(attr),
5666 nla_len(attr));
5667 i++;
5668 }
5669 }
5670
5671 i = 0;
5672 if (info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH]) {
5673 nla_for_each_nested(attr,
5674 info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH],
5675 tmp) {
5676 struct nlattr *ssid, *rssi;
5677
5678 err = nla_parse(tb, NL80211_SCHED_SCAN_MATCH_ATTR_MAX,
5679 nla_data(attr), nla_len(attr),
5680 nl80211_match_policy);
5681 if (err)
5682 goto out_free;
5683 ssid = tb[NL80211_SCHED_SCAN_MATCH_ATTR_SSID];
5684 if (ssid) {
5685 if (WARN_ON(i >= n_match_sets)) {
5686
5687
5688
5689
5690 err = -EINVAL;
5691 goto out_free;
5692 }
5693
5694 if (nla_len(ssid) > IEEE80211_MAX_SSID_LEN) {
5695 err = -EINVAL;
5696 goto out_free;
5697 }
5698 memcpy(request->match_sets[i].ssid.ssid,
5699 nla_data(ssid), nla_len(ssid));
5700 request->match_sets[i].ssid.ssid_len =
5701 nla_len(ssid);
5702
5703 request->match_sets[i].rssi_thold =
5704 default_match_rssi;
5705 rssi = tb[NL80211_SCHED_SCAN_MATCH_ATTR_RSSI];
5706 if (rssi)
5707 request->match_sets[i].rssi_thold =
5708 nla_get_s32(rssi);
5709 }
5710 i++;
5711 }
5712
5713
5714 if (i == 0)
5715 request->match_sets[0].rssi_thold = default_match_rssi;
5716
5717 request->min_rssi_thold = INT_MAX;
5718 for (i = 0; i < n_match_sets; i++)
5719 request->min_rssi_thold =
5720 min(request->match_sets[i].rssi_thold,
5721 request->min_rssi_thold);
5722 } else {
5723 request->min_rssi_thold = NL80211_SCAN_RSSI_THOLD_OFF;
5724 }
5725
5726 if (ie_len) {
5727 request->ie_len = ie_len;
5728 memcpy((void *)request->ie,
5729 nla_data(info->attrs[NL80211_ATTR_IE]),
5730 request->ie_len);
5731 }
5732
5733 if (info->attrs[NL80211_ATTR_SCAN_FLAGS]) {
5734 request->flags = nla_get_u32(
5735 info->attrs[NL80211_ATTR_SCAN_FLAGS]);
5736 if ((request->flags & NL80211_SCAN_FLAG_LOW_PRIORITY) &&
5737 !(wiphy->features & NL80211_FEATURE_LOW_PRIORITY_SCAN)) {
5738 err = -EOPNOTSUPP;
5739 goto out_free;
5740 }
5741 }
5742
5743 request->dev = dev;
5744 request->wiphy = &rdev->wiphy;
5745 request->interval = interval;
5746 request->scan_start = jiffies;
5747
5748 err = rdev_sched_scan_start(rdev, dev, request);
5749 if (!err) {
5750 rdev->sched_scan_req = request;
5751 nl80211_send_sched_scan(rdev, dev,
5752 NL80211_CMD_START_SCHED_SCAN);
5753 goto out;
5754 }
5755
5756out_free:
5757 kfree(request);
5758out:
5759 return err;
5760}
5761
5762static int nl80211_stop_sched_scan(struct sk_buff *skb,
5763 struct genl_info *info)
5764{
5765 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5766
5767 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN) ||
5768 !rdev->ops->sched_scan_stop)
5769 return -EOPNOTSUPP;
5770
5771 return __cfg80211_stop_sched_scan(rdev, false);
5772}
5773
5774static int nl80211_start_radar_detection(struct sk_buff *skb,
5775 struct genl_info *info)
5776{
5777 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5778 struct net_device *dev = info->user_ptr[1];
5779 struct wireless_dev *wdev = dev->ieee80211_ptr;
5780 struct cfg80211_chan_def chandef;
5781 enum nl80211_dfs_regions dfs_region;
5782 unsigned int cac_time_ms;
5783 int err;
5784
5785 dfs_region = reg_get_dfs_region(wdev->wiphy);
5786 if (dfs_region == NL80211_DFS_UNSET)
5787 return -EINVAL;
5788
5789 err = nl80211_parse_chandef(rdev, info, &chandef);
5790 if (err)
5791 return err;
5792
5793 if (netif_carrier_ok(dev))
5794 return -EBUSY;
5795
5796 if (wdev->cac_started)
5797 return -EBUSY;
5798
5799 err = cfg80211_chandef_dfs_required(wdev->wiphy, &chandef);
5800 if (err < 0)
5801 return err;
5802
5803 if (err == 0)
5804 return -EINVAL;
5805
5806 if (!cfg80211_chandef_dfs_usable(wdev->wiphy, &chandef))
5807 return -EINVAL;
5808
5809 if (!rdev->ops->start_radar_detection)
5810 return -EOPNOTSUPP;
5811
5812 err = cfg80211_can_use_iftype_chan(rdev, wdev, wdev->iftype,
5813 chandef.chan, CHAN_MODE_SHARED,
5814 BIT(chandef.width));
5815 if (err)
5816 return err;
5817
5818 cac_time_ms = cfg80211_chandef_dfs_cac_time(&rdev->wiphy, &chandef);
5819 if (WARN_ON(!cac_time_ms))
5820 cac_time_ms = IEEE80211_DFS_MIN_CAC_TIME_MS;
5821
5822 err = rdev->ops->start_radar_detection(&rdev->wiphy, dev, &chandef,
5823 cac_time_ms);
5824 if (!err) {
5825 wdev->chandef = chandef;
5826 wdev->cac_started = true;
5827 wdev->cac_start_time = jiffies;
5828 wdev->cac_time_ms = cac_time_ms;
5829 }
5830 return err;
5831}
5832
5833static int nl80211_channel_switch(struct sk_buff *skb, struct genl_info *info)
5834{
5835 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5836 struct net_device *dev = info->user_ptr[1];
5837 struct wireless_dev *wdev = dev->ieee80211_ptr;
5838 struct cfg80211_csa_settings params;
5839
5840
5841
5842 static struct nlattr *csa_attrs[NL80211_ATTR_MAX+1];
5843 u8 radar_detect_width = 0;
5844 int err;
5845 bool need_new_beacon = false;
5846
5847 if (!rdev->ops->channel_switch ||
5848 !(rdev->wiphy.flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH))
5849 return -EOPNOTSUPP;
5850
5851 switch (dev->ieee80211_ptr->iftype) {
5852 case NL80211_IFTYPE_AP:
5853 case NL80211_IFTYPE_P2P_GO:
5854 need_new_beacon = true;
5855
5856
5857 if (!wdev->beacon_interval)
5858 return -ENOTCONN;
5859 break;
5860 case NL80211_IFTYPE_ADHOC:
5861 if (!wdev->ssid_len)
5862 return -ENOTCONN;
5863 break;
5864 case NL80211_IFTYPE_MESH_POINT:
5865 if (!wdev->mesh_id_len)
5866 return -ENOTCONN;
5867 break;
5868 default:
5869 return -EOPNOTSUPP;
5870 }
5871
5872 memset(¶ms, 0, sizeof(params));
5873
5874 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] ||
5875 !info->attrs[NL80211_ATTR_CH_SWITCH_COUNT])
5876 return -EINVAL;
5877
5878
5879 if (need_new_beacon && !info->attrs[NL80211_ATTR_CSA_IES])
5880 return -EINVAL;
5881
5882 params.count = nla_get_u32(info->attrs[NL80211_ATTR_CH_SWITCH_COUNT]);
5883
5884 if (!need_new_beacon)
5885 goto skip_beacons;
5886
5887 err = nl80211_parse_beacon(info->attrs, ¶ms.beacon_after);
5888 if (err)
5889 return err;
5890
5891 err = nla_parse_nested(csa_attrs, NL80211_ATTR_MAX,
5892 info->attrs[NL80211_ATTR_CSA_IES],
5893 nl80211_policy);
5894 if (err)
5895 return err;
5896
5897 err = nl80211_parse_beacon(csa_attrs, ¶ms.beacon_csa);
5898 if (err)
5899 return err;
5900
5901 if (!csa_attrs[NL80211_ATTR_CSA_C_OFF_BEACON])
5902 return -EINVAL;
5903
5904 params.counter_offset_beacon =
5905 nla_get_u16(csa_attrs[NL80211_ATTR_CSA_C_OFF_BEACON]);
5906 if (params.counter_offset_beacon >= params.beacon_csa.tail_len)
5907 return -EINVAL;
5908
5909
5910 if (params.beacon_csa.tail[params.counter_offset_beacon] !=
5911 params.count)
5912 return -EINVAL;
5913
5914 if (csa_attrs[NL80211_ATTR_CSA_C_OFF_PRESP]) {
5915 params.counter_offset_presp =
5916 nla_get_u16(csa_attrs[NL80211_ATTR_CSA_C_OFF_PRESP]);
5917 if (params.counter_offset_presp >=
5918 params.beacon_csa.probe_resp_len)
5919 return -EINVAL;
5920
5921 if (params.beacon_csa.probe_resp[params.counter_offset_presp] !=
5922 params.count)
5923 return -EINVAL;
5924 }
5925
5926skip_beacons:
5927 err = nl80211_parse_chandef(rdev, info, ¶ms.chandef);
5928 if (err)
5929 return err;
5930
5931 if (!cfg80211_reg_can_beacon(&rdev->wiphy, ¶ms.chandef))
5932 return -EINVAL;
5933
5934 switch (dev->ieee80211_ptr->iftype) {
5935 case NL80211_IFTYPE_AP:
5936 case NL80211_IFTYPE_P2P_GO:
5937 case NL80211_IFTYPE_ADHOC:
5938 case NL80211_IFTYPE_MESH_POINT:
5939 err = cfg80211_chandef_dfs_required(wdev->wiphy,
5940 ¶ms.chandef);
5941 if (err < 0)
5942 return err;
5943 if (err) {
5944 radar_detect_width = BIT(params.chandef.width);
5945 params.radar_required = true;
5946 }
5947 break;
5948 default:
5949 break;
5950 }
5951
5952 err = cfg80211_can_use_iftype_chan(rdev, wdev, wdev->iftype,
5953 params.chandef.chan,
5954 CHAN_MODE_SHARED,
5955 radar_detect_width);
5956 if (err)
5957 return err;
5958
5959 if (info->attrs[NL80211_ATTR_CH_SWITCH_BLOCK_TX])
5960 params.block_tx = true;
5961
5962 wdev_lock(wdev);
5963 err = rdev_channel_switch(rdev, dev, ¶ms);
5964 wdev_unlock(wdev);
5965
5966 return err;
5967}
5968
5969static int nl80211_send_bss(struct sk_buff *msg, struct netlink_callback *cb,
5970 u32 seq, int flags,
5971 struct cfg80211_registered_device *rdev,
5972 struct wireless_dev *wdev,
5973 struct cfg80211_internal_bss *intbss)
5974{
5975 struct cfg80211_bss *res = &intbss->pub;
5976 const struct cfg80211_bss_ies *ies;
5977 void *hdr;
5978 struct nlattr *bss;
5979 bool tsf = false;
5980
5981 ASSERT_WDEV_LOCK(wdev);
5982
5983 hdr = nl80211hdr_put(msg, NETLINK_CB(cb->skb).portid, seq, flags,
5984 NL80211_CMD_NEW_SCAN_RESULTS);
5985 if (!hdr)
5986 return -1;
5987
5988 genl_dump_check_consistent(cb, hdr, &nl80211_fam);
5989
5990 if (nla_put_u32(msg, NL80211_ATTR_GENERATION, rdev->bss_generation))
5991 goto nla_put_failure;
5992 if (wdev->netdev &&
5993 nla_put_u32(msg, NL80211_ATTR_IFINDEX, wdev->netdev->ifindex))
5994 goto nla_put_failure;
5995 if (nla_put_u64(msg, NL80211_ATTR_WDEV, wdev_id(wdev)))
5996 goto nla_put_failure;
5997
5998 bss = nla_nest_start(msg, NL80211_ATTR_BSS);
5999 if (!bss)
6000 goto nla_put_failure;
6001 if ((!is_zero_ether_addr(res->bssid) &&
6002 nla_put(msg, NL80211_BSS_BSSID, ETH_ALEN, res->bssid)))
6003 goto nla_put_failure;
6004
6005 rcu_read_lock();
6006 ies = rcu_dereference(res->ies);
6007 if (ies) {
6008 if (nla_put_u64(msg, NL80211_BSS_TSF, ies->tsf))
6009 goto fail_unlock_rcu;
6010 tsf = true;
6011 if (ies->len && nla_put(msg, NL80211_BSS_INFORMATION_ELEMENTS,
6012 ies->len, ies->data))
6013 goto fail_unlock_rcu;
6014 }
6015 ies = rcu_dereference(res->beacon_ies);
6016 if (ies) {
6017 if (!tsf && nla_put_u64(msg, NL80211_BSS_TSF, ies->tsf))
6018 goto fail_unlock_rcu;
6019 if (ies->len && nla_put(msg, NL80211_BSS_BEACON_IES,
6020 ies->len, ies->data))
6021 goto fail_unlock_rcu;
6022 }
6023 rcu_read_unlock();
6024
6025 if (res->beacon_interval &&
6026 nla_put_u16(msg, NL80211_BSS_BEACON_INTERVAL, res->beacon_interval))
6027 goto nla_put_failure;
6028 if (nla_put_u16(msg, NL80211_BSS_CAPABILITY, res->capability) ||
6029 nla_put_u32(msg, NL80211_BSS_FREQUENCY, res->channel->center_freq) ||
6030 nla_put_u32(msg, NL80211_BSS_CHAN_WIDTH, res->scan_width) ||
6031 nla_put_u32(msg, NL80211_BSS_SEEN_MS_AGO,
6032 jiffies_to_msecs(jiffies - intbss->ts)))
6033 goto nla_put_failure;
6034
6035 switch (rdev->wiphy.signal_type) {
6036 case CFG80211_SIGNAL_TYPE_MBM:
6037 if (nla_put_u32(msg, NL80211_BSS_SIGNAL_MBM, res->signal))
6038 goto nla_put_failure;
6039 break;
6040 case CFG80211_SIGNAL_TYPE_UNSPEC:
6041 if (nla_put_u8(msg, NL80211_BSS_SIGNAL_UNSPEC, res->signal))
6042 goto nla_put_failure;
6043 break;
6044 default:
6045 break;
6046 }
6047
6048 switch (wdev->iftype) {
6049 case NL80211_IFTYPE_P2P_CLIENT:
6050 case NL80211_IFTYPE_STATION:
6051 if (intbss == wdev->current_bss &&
6052 nla_put_u32(msg, NL80211_BSS_STATUS,
6053 NL80211_BSS_STATUS_ASSOCIATED))
6054 goto nla_put_failure;
6055 break;
6056 case NL80211_IFTYPE_ADHOC:
6057 if (intbss == wdev->current_bss &&
6058 nla_put_u32(msg, NL80211_BSS_STATUS,
6059 NL80211_BSS_STATUS_IBSS_JOINED))
6060 goto nla_put_failure;
6061 break;
6062 default:
6063 break;
6064 }
6065
6066 nla_nest_end(msg, bss);
6067
6068 return genlmsg_end(msg, hdr);
6069
6070 fail_unlock_rcu:
6071 rcu_read_unlock();
6072 nla_put_failure:
6073 genlmsg_cancel(msg, hdr);
6074 return -EMSGSIZE;
6075}
6076
6077static int nl80211_dump_scan(struct sk_buff *skb, struct netlink_callback *cb)
6078{
6079 struct cfg80211_registered_device *rdev;
6080 struct cfg80211_internal_bss *scan;
6081 struct wireless_dev *wdev;
6082 int start = cb->args[2], idx = 0;
6083 int err;
6084
6085 err = nl80211_prepare_wdev_dump(skb, cb, &rdev, &wdev);
6086 if (err)
6087 return err;
6088
6089 wdev_lock(wdev);
6090 spin_lock_bh(&rdev->bss_lock);
6091 cfg80211_bss_expire(rdev);
6092
6093 cb->seq = rdev->bss_generation;
6094
6095 list_for_each_entry(scan, &rdev->bss_list, list) {
6096 if (++idx <= start)
6097 continue;
6098 if (nl80211_send_bss(skb, cb,
6099 cb->nlh->nlmsg_seq, NLM_F_MULTI,
6100 rdev, wdev, scan) < 0) {
6101 idx--;
6102 break;
6103 }
6104 }
6105
6106 spin_unlock_bh(&rdev->bss_lock);
6107 wdev_unlock(wdev);
6108
6109 cb->args[2] = idx;
6110 nl80211_finish_wdev_dump(rdev);
6111
6112 return skb->len;
6113}
6114
6115static int nl80211_send_survey(struct sk_buff *msg, u32 portid, u32 seq,
6116 int flags, struct net_device *dev,
6117 struct survey_info *survey)
6118{
6119 void *hdr;
6120 struct nlattr *infoattr;
6121
6122 hdr = nl80211hdr_put(msg, portid, seq, flags,
6123 NL80211_CMD_NEW_SURVEY_RESULTS);
6124 if (!hdr)
6125 return -ENOMEM;
6126
6127 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex))
6128 goto nla_put_failure;
6129
6130 infoattr = nla_nest_start(msg, NL80211_ATTR_SURVEY_INFO);
6131 if (!infoattr)
6132 goto nla_put_failure;
6133
6134 if (nla_put_u32(msg, NL80211_SURVEY_INFO_FREQUENCY,
6135 survey->channel->center_freq))
6136 goto nla_put_failure;
6137
6138 if ((survey->filled & SURVEY_INFO_NOISE_DBM) &&
6139 nla_put_u8(msg, NL80211_SURVEY_INFO_NOISE, survey->noise))
6140 goto nla_put_failure;
6141 if ((survey->filled & SURVEY_INFO_IN_USE) &&
6142 nla_put_flag(msg, NL80211_SURVEY_INFO_IN_USE))
6143 goto nla_put_failure;
6144 if ((survey->filled & SURVEY_INFO_CHANNEL_TIME) &&
6145 nla_put_u64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME,
6146 survey->channel_time))
6147 goto nla_put_failure;
6148 if ((survey->filled & SURVEY_INFO_CHANNEL_TIME_BUSY) &&
6149 nla_put_u64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY,
6150 survey->channel_time_busy))
6151 goto nla_put_failure;
6152 if ((survey->filled & SURVEY_INFO_CHANNEL_TIME_EXT_BUSY) &&
6153 nla_put_u64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_EXT_BUSY,
6154 survey->channel_time_ext_busy))
6155 goto nla_put_failure;
6156 if ((survey->filled & SURVEY_INFO_CHANNEL_TIME_RX) &&
6157 nla_put_u64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_RX,
6158 survey->channel_time_rx))
6159 goto nla_put_failure;
6160 if ((survey->filled & SURVEY_INFO_CHANNEL_TIME_TX) &&
6161 nla_put_u64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_TX,
6162 survey->channel_time_tx))
6163 goto nla_put_failure;
6164
6165 nla_nest_end(msg, infoattr);
6166
6167 return genlmsg_end(msg, hdr);
6168
6169 nla_put_failure:
6170 genlmsg_cancel(msg, hdr);
6171 return -EMSGSIZE;
6172}
6173
6174static int nl80211_dump_survey(struct sk_buff *skb,
6175 struct netlink_callback *cb)
6176{
6177 struct survey_info survey;
6178 struct cfg80211_registered_device *dev;
6179 struct wireless_dev *wdev;
6180 int survey_idx = cb->args[2];
6181 int res;
6182
6183 res = nl80211_prepare_wdev_dump(skb, cb, &dev, &wdev);
6184 if (res)
6185 return res;
6186
6187 if (!wdev->netdev) {
6188 res = -EINVAL;
6189 goto out_err;
6190 }
6191
6192 if (!dev->ops->dump_survey) {
6193 res = -EOPNOTSUPP;
6194 goto out_err;
6195 }
6196
6197 while (1) {
6198 struct ieee80211_channel *chan;
6199
6200 res = rdev_dump_survey(dev, wdev->netdev, survey_idx, &survey);
6201 if (res == -ENOENT)
6202 break;
6203 if (res)
6204 goto out_err;
6205
6206
6207 if (!survey.channel) {
6208 res = -EINVAL;
6209 goto out;
6210 }
6211
6212 chan = ieee80211_get_channel(&dev->wiphy,
6213 survey.channel->center_freq);
6214 if (!chan || chan->flags & IEEE80211_CHAN_DISABLED) {
6215 survey_idx++;
6216 continue;
6217 }
6218
6219 if (nl80211_send_survey(skb,
6220 NETLINK_CB(cb->skb).portid,
6221 cb->nlh->nlmsg_seq, NLM_F_MULTI,
6222 wdev->netdev, &survey) < 0)
6223 goto out;
6224 survey_idx++;
6225 }
6226
6227 out:
6228 cb->args[2] = survey_idx;
6229 res = skb->len;
6230 out_err:
6231 nl80211_finish_wdev_dump(dev);
6232 return res;
6233}
6234
6235static bool nl80211_valid_wpa_versions(u32 wpa_versions)
6236{
6237 return !(wpa_versions & ~(NL80211_WPA_VERSION_1 |
6238 NL80211_WPA_VERSION_2));
6239}
6240
6241static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info)
6242{
6243 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6244 struct net_device *dev = info->user_ptr[1];
6245 struct ieee80211_channel *chan;
6246 const u8 *bssid, *ssid, *ie = NULL, *sae_data = NULL;
6247 int err, ssid_len, ie_len = 0, sae_data_len = 0;
6248 enum nl80211_auth_type auth_type;
6249 struct key_parse key;
6250 bool local_state_change;
6251
6252 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
6253 return -EINVAL;
6254
6255 if (!info->attrs[NL80211_ATTR_MAC])
6256 return -EINVAL;
6257
6258 if (!info->attrs[NL80211_ATTR_AUTH_TYPE])
6259 return -EINVAL;
6260
6261 if (!info->attrs[NL80211_ATTR_SSID])
6262 return -EINVAL;
6263
6264 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ])
6265 return -EINVAL;
6266
6267 err = nl80211_parse_key(info, &key);
6268 if (err)
6269 return err;
6270
6271 if (key.idx >= 0) {
6272 if (key.type != -1 && key.type != NL80211_KEYTYPE_GROUP)
6273 return -EINVAL;
6274 if (!key.p.key || !key.p.key_len)
6275 return -EINVAL;
6276 if ((key.p.cipher != WLAN_CIPHER_SUITE_WEP40 ||
6277 key.p.key_len != WLAN_KEY_LEN_WEP40) &&
6278 (key.p.cipher != WLAN_CIPHER_SUITE_WEP104 ||
6279 key.p.key_len != WLAN_KEY_LEN_WEP104))
6280 return -EINVAL;
6281 if (key.idx > 4)
6282 return -EINVAL;
6283 } else {
6284 key.p.key_len = 0;
6285 key.p.key = NULL;
6286 }
6287
6288 if (key.idx >= 0) {
6289 int i;
6290 bool ok = false;
6291 for (i = 0; i < rdev->wiphy.n_cipher_suites; i++) {
6292 if (key.p.cipher == rdev->wiphy.cipher_suites[i]) {
6293 ok = true;
6294 break;
6295 }
6296 }
6297 if (!ok)
6298 return -EINVAL;
6299 }
6300
6301 if (!rdev->ops->auth)
6302 return -EOPNOTSUPP;
6303
6304 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
6305 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
6306 return -EOPNOTSUPP;
6307
6308 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
6309 chan = nl80211_get_valid_chan(&rdev->wiphy,
6310 info->attrs[NL80211_ATTR_WIPHY_FREQ]);
6311 if (!chan)
6312 return -EINVAL;
6313
6314 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
6315 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
6316
6317 if (info->attrs[NL80211_ATTR_IE]) {
6318 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
6319 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
6320 }
6321
6322 auth_type = nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]);
6323 if (!nl80211_valid_auth_type(rdev, auth_type, NL80211_CMD_AUTHENTICATE))
6324 return -EINVAL;
6325
6326 if (auth_type == NL80211_AUTHTYPE_SAE &&
6327 !info->attrs[NL80211_ATTR_SAE_DATA])
6328 return -EINVAL;
6329
6330 if (info->attrs[NL80211_ATTR_SAE_DATA]) {
6331 if (auth_type != NL80211_AUTHTYPE_SAE)
6332 return -EINVAL;
6333 sae_data = nla_data(info->attrs[NL80211_ATTR_SAE_DATA]);
6334 sae_data_len = nla_len(info->attrs[NL80211_ATTR_SAE_DATA]);
6335
6336 if (sae_data_len < 4)
6337 return -EINVAL;
6338 }
6339
6340 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE];
6341
6342
6343
6344
6345
6346 if (local_state_change)
6347 return 0;
6348
6349 wdev_lock(dev->ieee80211_ptr);
6350 err = cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid,
6351 ssid, ssid_len, ie, ie_len,
6352 key.p.key, key.p.key_len, key.idx,
6353 sae_data, sae_data_len);
6354 wdev_unlock(dev->ieee80211_ptr);
6355 return err;
6356}
6357
6358static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev,
6359 struct genl_info *info,
6360 struct cfg80211_crypto_settings *settings,
6361 int cipher_limit)
6362{
6363 memset(settings, 0, sizeof(*settings));
6364
6365 settings->control_port = info->attrs[NL80211_ATTR_CONTROL_PORT];
6366
6367 if (info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]) {
6368 u16 proto;
6369 proto = nla_get_u16(
6370 info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]);
6371 settings->control_port_ethertype = cpu_to_be16(proto);
6372 if (!(rdev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) &&
6373 proto != ETH_P_PAE)
6374 return -EINVAL;
6375 if (info->attrs[NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT])
6376 settings->control_port_no_encrypt = true;
6377 } else
6378 settings->control_port_ethertype = cpu_to_be16(ETH_P_PAE);
6379
6380 if (info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]) {
6381 void *data;
6382 int len, i;
6383
6384 data = nla_data(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]);
6385 len = nla_len(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]);
6386 settings->n_ciphers_pairwise = len / sizeof(u32);
6387
6388 if (len % sizeof(u32))
6389 return -EINVAL;
6390
6391 if (settings->n_ciphers_pairwise > cipher_limit)
6392 return -EINVAL;
6393
6394 memcpy(settings->ciphers_pairwise, data, len);
6395
6396 for (i = 0; i < settings->n_ciphers_pairwise; i++)
6397 if (!cfg80211_supported_cipher_suite(
6398 &rdev->wiphy,
6399 settings->ciphers_pairwise[i]))
6400 return -EINVAL;
6401 }
6402
6403 if (info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]) {
6404 settings->cipher_group =
6405 nla_get_u32(info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]);
6406 if (!cfg80211_supported_cipher_suite(&rdev->wiphy,
6407 settings->cipher_group))
6408 return -EINVAL;
6409 }
6410
6411 if (info->attrs[NL80211_ATTR_WPA_VERSIONS]) {
6412 settings->wpa_versions =
6413 nla_get_u32(info->attrs[NL80211_ATTR_WPA_VERSIONS]);
6414 if (!nl80211_valid_wpa_versions(settings->wpa_versions))
6415 return -EINVAL;
6416 }
6417
6418 if (info->attrs[NL80211_ATTR_AKM_SUITES]) {
6419 void *data;
6420 int len;
6421
6422 data = nla_data(info->attrs[NL80211_ATTR_AKM_SUITES]);
6423 len = nla_len(info->attrs[NL80211_ATTR_AKM_SUITES]);
6424 settings->n_akm_suites = len / sizeof(u32);
6425
6426 if (len % sizeof(u32))
6427 return -EINVAL;
6428
6429 if (settings->n_akm_suites > NL80211_MAX_NR_AKM_SUITES)
6430 return -EINVAL;
6431
6432 memcpy(settings->akm_suites, data, len);
6433 }
6434
6435 return 0;
6436}
6437
6438static int nl80211_associate(struct sk_buff *skb, struct genl_info *info)
6439{
6440 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6441 struct net_device *dev = info->user_ptr[1];
6442 struct ieee80211_channel *chan;
6443 struct cfg80211_assoc_request req = {};
6444 const u8 *bssid, *ssid;
6445 int err, ssid_len = 0;
6446
6447 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
6448 return -EINVAL;
6449
6450 if (!info->attrs[NL80211_ATTR_MAC] ||
6451 !info->attrs[NL80211_ATTR_SSID] ||
6452 !info->attrs[NL80211_ATTR_WIPHY_FREQ])
6453 return -EINVAL;
6454
6455 if (!rdev->ops->assoc)
6456 return -EOPNOTSUPP;
6457
6458 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
6459 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
6460 return -EOPNOTSUPP;
6461
6462 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
6463
6464 chan = nl80211_get_valid_chan(&rdev->wiphy,
6465 info->attrs[NL80211_ATTR_WIPHY_FREQ]);
6466 if (!chan)
6467 return -EINVAL;
6468
6469 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
6470 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
6471
6472 if (info->attrs[NL80211_ATTR_IE]) {
6473 req.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
6474 req.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
6475 }
6476
6477 if (info->attrs[NL80211_ATTR_USE_MFP]) {
6478 enum nl80211_mfp mfp =
6479 nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]);
6480 if (mfp == NL80211_MFP_REQUIRED)
6481 req.use_mfp = true;
6482 else if (mfp != NL80211_MFP_NO)
6483 return -EINVAL;
6484 }
6485
6486 if (info->attrs[NL80211_ATTR_PREV_BSSID])
6487 req.prev_bssid = nla_data(info->attrs[NL80211_ATTR_PREV_BSSID]);
6488
6489 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_HT]))
6490 req.flags |= ASSOC_REQ_DISABLE_HT;
6491
6492 if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
6493 memcpy(&req.ht_capa_mask,
6494 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]),
6495 sizeof(req.ht_capa_mask));
6496
6497 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) {
6498 if (!info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
6499 return -EINVAL;
6500 memcpy(&req.ht_capa,
6501 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]),
6502 sizeof(req.ht_capa));
6503 }
6504
6505 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_VHT]))
6506 req.flags |= ASSOC_REQ_DISABLE_VHT;
6507
6508 if (info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK])
6509 memcpy(&req.vht_capa_mask,
6510 nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK]),
6511 sizeof(req.vht_capa_mask));
6512
6513 if (info->attrs[NL80211_ATTR_VHT_CAPABILITY]) {
6514 if (!info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK])
6515 return -EINVAL;
6516 memcpy(&req.vht_capa,
6517 nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY]),
6518 sizeof(req.vht_capa));
6519 }
6520
6521 err = nl80211_crypto_settings(rdev, info, &req.crypto, 1);
6522 if (!err) {
6523 wdev_lock(dev->ieee80211_ptr);
6524 err = cfg80211_mlme_assoc(rdev, dev, chan, bssid,
6525 ssid, ssid_len, &req);
6526 wdev_unlock(dev->ieee80211_ptr);
6527 }
6528
6529 return err;
6530}
6531
6532static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info)
6533{
6534 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6535 struct net_device *dev = info->user_ptr[1];
6536 const u8 *ie = NULL, *bssid;
6537 int ie_len = 0, err;
6538 u16 reason_code;
6539 bool local_state_change;
6540
6541 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
6542 return -EINVAL;
6543
6544 if (!info->attrs[NL80211_ATTR_MAC])
6545 return -EINVAL;
6546
6547 if (!info->attrs[NL80211_ATTR_REASON_CODE])
6548 return -EINVAL;
6549
6550 if (!rdev->ops->deauth)
6551 return -EOPNOTSUPP;
6552
6553 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
6554 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
6555 return -EOPNOTSUPP;
6556
6557 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
6558
6559 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
6560 if (reason_code == 0) {
6561
6562 return -EINVAL;
6563 }
6564
6565 if (info->attrs[NL80211_ATTR_IE]) {
6566 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
6567 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
6568 }
6569
6570 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE];
6571
6572 wdev_lock(dev->ieee80211_ptr);
6573 err = cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason_code,
6574 local_state_change);
6575 wdev_unlock(dev->ieee80211_ptr);
6576 return err;
6577}
6578
6579static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info)
6580{
6581 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6582 struct net_device *dev = info->user_ptr[1];
6583 const u8 *ie = NULL, *bssid;
6584 int ie_len = 0, err;
6585 u16 reason_code;
6586 bool local_state_change;
6587
6588 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
6589 return -EINVAL;
6590
6591 if (!info->attrs[NL80211_ATTR_MAC])
6592 return -EINVAL;
6593
6594 if (!info->attrs[NL80211_ATTR_REASON_CODE])
6595 return -EINVAL;
6596
6597 if (!rdev->ops->disassoc)
6598 return -EOPNOTSUPP;
6599
6600 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
6601 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
6602 return -EOPNOTSUPP;
6603
6604 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
6605
6606 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
6607 if (reason_code == 0) {
6608
6609 return -EINVAL;
6610 }
6611
6612 if (info->attrs[NL80211_ATTR_IE]) {
6613 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
6614 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
6615 }
6616
6617 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE];
6618
6619 wdev_lock(dev->ieee80211_ptr);
6620 err = cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason_code,
6621 local_state_change);
6622 wdev_unlock(dev->ieee80211_ptr);
6623 return err;
6624}
6625
6626static bool
6627nl80211_parse_mcast_rate(struct cfg80211_registered_device *rdev,
6628 int mcast_rate[IEEE80211_NUM_BANDS],
6629 int rateval)
6630{
6631 struct wiphy *wiphy = &rdev->wiphy;
6632 bool found = false;
6633 int band, i;
6634
6635 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
6636 struct ieee80211_supported_band *sband;
6637
6638 sband = wiphy->bands[band];
6639 if (!sband)
6640 continue;
6641
6642 for (i = 0; i < sband->n_bitrates; i++) {
6643 if (sband->bitrates[i].bitrate == rateval) {
6644 mcast_rate[band] = i + 1;
6645 found = true;
6646 break;
6647 }
6648 }
6649 }
6650
6651 return found;
6652}
6653
6654static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info)
6655{
6656 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6657 struct net_device *dev = info->user_ptr[1];
6658 struct cfg80211_ibss_params ibss;
6659 struct wiphy *wiphy;
6660 struct cfg80211_cached_keys *connkeys = NULL;
6661 int err;
6662
6663 memset(&ibss, 0, sizeof(ibss));
6664
6665 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
6666 return -EINVAL;
6667
6668 if (!info->attrs[NL80211_ATTR_SSID] ||
6669 !nla_len(info->attrs[NL80211_ATTR_SSID]))
6670 return -EINVAL;
6671
6672 ibss.beacon_interval = 100;
6673
6674 if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) {
6675 ibss.beacon_interval =
6676 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]);
6677 if (ibss.beacon_interval < 1 || ibss.beacon_interval > 10000)
6678 return -EINVAL;
6679 }
6680
6681 if (!rdev->ops->join_ibss)
6682 return -EOPNOTSUPP;
6683
6684 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC)
6685 return -EOPNOTSUPP;
6686
6687 wiphy = &rdev->wiphy;
6688
6689 if (info->attrs[NL80211_ATTR_MAC]) {
6690 ibss.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
6691
6692 if (!is_valid_ether_addr(ibss.bssid))
6693 return -EINVAL;
6694 }
6695 ibss.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
6696 ibss.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
6697
6698 if (info->attrs[NL80211_ATTR_IE]) {
6699 ibss.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
6700 ibss.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
6701 }
6702
6703 err = nl80211_parse_chandef(rdev, info, &ibss.chandef);
6704 if (err)
6705 return err;
6706
6707 if (!cfg80211_reg_can_beacon(&rdev->wiphy, &ibss.chandef))
6708 return -EINVAL;
6709
6710 switch (ibss.chandef.width) {
6711 case NL80211_CHAN_WIDTH_5:
6712 case NL80211_CHAN_WIDTH_10:
6713 case NL80211_CHAN_WIDTH_20_NOHT:
6714 break;
6715 case NL80211_CHAN_WIDTH_20:
6716 case NL80211_CHAN_WIDTH_40:
6717 if (rdev->wiphy.features & NL80211_FEATURE_HT_IBSS)
6718 break;
6719 default:
6720 return -EINVAL;
6721 }
6722
6723 ibss.channel_fixed = !!info->attrs[NL80211_ATTR_FREQ_FIXED];
6724 ibss.privacy = !!info->attrs[NL80211_ATTR_PRIVACY];
6725
6726 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) {
6727 u8 *rates =
6728 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
6729 int n_rates =
6730 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
6731 struct ieee80211_supported_band *sband =
6732 wiphy->bands[ibss.chandef.chan->band];
6733
6734 err = ieee80211_get_ratemask(sband, rates, n_rates,
6735 &ibss.basic_rates);
6736 if (err)
6737 return err;
6738 }
6739
6740 if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
6741 memcpy(&ibss.ht_capa_mask,
6742 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]),
6743 sizeof(ibss.ht_capa_mask));
6744
6745 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) {
6746 if (!info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
6747 return -EINVAL;
6748 memcpy(&ibss.ht_capa,
6749 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]),
6750 sizeof(ibss.ht_capa));
6751 }
6752
6753 if (info->attrs[NL80211_ATTR_MCAST_RATE] &&
6754 !nl80211_parse_mcast_rate(rdev, ibss.mcast_rate,
6755 nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE])))
6756 return -EINVAL;
6757
6758 if (ibss.privacy && info->attrs[NL80211_ATTR_KEYS]) {
6759 bool no_ht = false;
6760
6761 connkeys = nl80211_parse_connkeys(rdev,
6762 info->attrs[NL80211_ATTR_KEYS],
6763 &no_ht);
6764 if (IS_ERR(connkeys))
6765 return PTR_ERR(connkeys);
6766
6767 if ((ibss.chandef.width != NL80211_CHAN_WIDTH_20_NOHT) &&
6768 no_ht) {
6769 kfree(connkeys);
6770 return -EINVAL;
6771 }
6772 }
6773
6774 ibss.control_port =
6775 nla_get_flag(info->attrs[NL80211_ATTR_CONTROL_PORT]);
6776
6777 ibss.userspace_handles_dfs =
6778 nla_get_flag(info->attrs[NL80211_ATTR_HANDLE_DFS]);
6779
6780 err = cfg80211_join_ibss(rdev, dev, &ibss, connkeys);
6781 if (err)
6782 kfree(connkeys);
6783 return err;
6784}
6785
6786static int nl80211_leave_ibss(struct sk_buff *skb, struct genl_info *info)
6787{
6788 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6789 struct net_device *dev = info->user_ptr[1];
6790
6791 if (!rdev->ops->leave_ibss)
6792 return -EOPNOTSUPP;
6793
6794 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC)
6795 return -EOPNOTSUPP;
6796
6797 return cfg80211_leave_ibss(rdev, dev, false);
6798}
6799
6800static int nl80211_set_mcast_rate(struct sk_buff *skb, struct genl_info *info)
6801{
6802 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6803 struct net_device *dev = info->user_ptr[1];
6804 int mcast_rate[IEEE80211_NUM_BANDS];
6805 u32 nla_rate;
6806 int err;
6807
6808 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC &&
6809 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
6810 return -EOPNOTSUPP;
6811
6812 if (!rdev->ops->set_mcast_rate)
6813 return -EOPNOTSUPP;
6814
6815 memset(mcast_rate, 0, sizeof(mcast_rate));
6816
6817 if (!info->attrs[NL80211_ATTR_MCAST_RATE])
6818 return -EINVAL;
6819
6820 nla_rate = nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE]);
6821 if (!nl80211_parse_mcast_rate(rdev, mcast_rate, nla_rate))
6822 return -EINVAL;
6823
6824 err = rdev->ops->set_mcast_rate(&rdev->wiphy, dev, mcast_rate);
6825
6826 return err;
6827}
6828
6829static struct sk_buff *
6830__cfg80211_alloc_vendor_skb(struct cfg80211_registered_device *rdev,
6831 int approxlen, u32 portid, u32 seq,
6832 enum nl80211_commands cmd,
6833 enum nl80211_attrs attr,
6834 const struct nl80211_vendor_cmd_info *info,
6835 gfp_t gfp)
6836{
6837 struct sk_buff *skb;
6838 void *hdr;
6839 struct nlattr *data;
6840
6841 skb = nlmsg_new(approxlen + 100, gfp);
6842 if (!skb)
6843 return NULL;
6844
6845 hdr = nl80211hdr_put(skb, portid, seq, 0, cmd);
6846 if (!hdr) {
6847 kfree_skb(skb);
6848 return NULL;
6849 }
6850
6851 if (nla_put_u32(skb, NL80211_ATTR_WIPHY, rdev->wiphy_idx))
6852 goto nla_put_failure;
6853
6854 if (info) {
6855 if (nla_put_u32(skb, NL80211_ATTR_VENDOR_ID,
6856 info->vendor_id))
6857 goto nla_put_failure;
6858 if (nla_put_u32(skb, NL80211_ATTR_VENDOR_SUBCMD,
6859 info->subcmd))
6860 goto nla_put_failure;
6861 }
6862
6863 data = nla_nest_start(skb, attr);
6864
6865 ((void **)skb->cb)[0] = rdev;
6866 ((void **)skb->cb)[1] = hdr;
6867 ((void **)skb->cb)[2] = data;
6868
6869 return skb;
6870
6871 nla_put_failure:
6872 kfree_skb(skb);
6873 return NULL;
6874}
6875
6876struct sk_buff *__cfg80211_alloc_event_skb(struct wiphy *wiphy,
6877 enum nl80211_commands cmd,
6878 enum nl80211_attrs attr,
6879 int vendor_event_idx,
6880 int approxlen, gfp_t gfp)
6881{
6882 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
6883 const struct nl80211_vendor_cmd_info *info;
6884
6885 switch (cmd) {
6886 case NL80211_CMD_TESTMODE:
6887 if (WARN_ON(vendor_event_idx != -1))
6888 return NULL;
6889 info = NULL;
6890 break;
6891 case NL80211_CMD_VENDOR:
6892 if (WARN_ON(vendor_event_idx < 0 ||
6893 vendor_event_idx >= wiphy->n_vendor_events))
6894 return NULL;
6895 info = &wiphy->vendor_events[vendor_event_idx];
6896 break;
6897 default:
6898 WARN_ON(1);
6899 return NULL;
6900 }
6901
6902 return __cfg80211_alloc_vendor_skb(rdev, approxlen, 0, 0,
6903 cmd, attr, info, gfp);
6904}
6905EXPORT_SYMBOL(__cfg80211_alloc_event_skb);
6906
6907void __cfg80211_send_event_skb(struct sk_buff *skb, gfp_t gfp)
6908{
6909 struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0];
6910 void *hdr = ((void **)skb->cb)[1];
6911 struct nlattr *data = ((void **)skb->cb)[2];
6912 enum nl80211_multicast_groups mcgrp = NL80211_MCGRP_TESTMODE;
6913
6914 nla_nest_end(skb, data);
6915 genlmsg_end(skb, hdr);
6916
6917 if (data->nla_type == NL80211_ATTR_VENDOR_DATA)
6918 mcgrp = NL80211_MCGRP_VENDOR;
6919
6920 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), skb, 0,
6921 mcgrp, gfp);
6922}
6923EXPORT_SYMBOL(__cfg80211_send_event_skb);
6924
6925#ifdef CONFIG_NL80211_TESTMODE
6926static int nl80211_testmode_do(struct sk_buff *skb, struct genl_info *info)
6927{
6928 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6929 struct wireless_dev *wdev =
6930 __cfg80211_wdev_from_attrs(genl_info_net(info), info->attrs);
6931 int err;
6932
6933 if (!rdev->ops->testmode_cmd)
6934 return -EOPNOTSUPP;
6935
6936 if (IS_ERR(wdev)) {
6937 err = PTR_ERR(wdev);
6938 if (err != -EINVAL)
6939 return err;
6940 wdev = NULL;
6941 } else if (wdev->wiphy != &rdev->wiphy) {
6942 return -EINVAL;
6943 }
6944
6945 if (!info->attrs[NL80211_ATTR_TESTDATA])
6946 return -EINVAL;
6947
6948 rdev->cur_cmd_info = info;
6949 err = rdev_testmode_cmd(rdev, wdev,
6950 nla_data(info->attrs[NL80211_ATTR_TESTDATA]),
6951 nla_len(info->attrs[NL80211_ATTR_TESTDATA]));
6952 rdev->cur_cmd_info = NULL;
6953
6954 return err;
6955}
6956
6957static int nl80211_testmode_dump(struct sk_buff *skb,
6958 struct netlink_callback *cb)
6959{
6960 struct cfg80211_registered_device *rdev;
6961 int err;
6962 long phy_idx;
6963 void *data = NULL;
6964 int data_len = 0;
6965
6966 rtnl_lock();
6967
6968 if (cb->args[0]) {
6969
6970
6971
6972
6973 phy_idx = cb->args[0] - 1;
6974 } else {
6975 err = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize,
6976 nl80211_fam.attrbuf, nl80211_fam.maxattr,
6977 nl80211_policy);
6978 if (err)
6979 goto out_err;
6980
6981 rdev = __cfg80211_rdev_from_attrs(sock_net(skb->sk),
6982 nl80211_fam.attrbuf);
6983 if (IS_ERR(rdev)) {
6984 err = PTR_ERR(rdev);
6985 goto out_err;
6986 }
6987 phy_idx = rdev->wiphy_idx;
6988 rdev = NULL;
6989
6990 if (nl80211_fam.attrbuf[NL80211_ATTR_TESTDATA])
6991 cb->args[1] =
6992 (long)nl80211_fam.attrbuf[NL80211_ATTR_TESTDATA];
6993 }
6994
6995 if (cb->args[1]) {
6996 data = nla_data((void *)cb->args[1]);
6997 data_len = nla_len((void *)cb->args[1]);
6998 }
6999
7000 rdev = cfg80211_rdev_by_wiphy_idx(phy_idx);
7001 if (!rdev) {
7002 err = -ENOENT;
7003 goto out_err;
7004 }
7005
7006 if (!rdev->ops->testmode_dump) {
7007 err = -EOPNOTSUPP;
7008 goto out_err;
7009 }
7010
7011 while (1) {
7012 void *hdr = nl80211hdr_put(skb, NETLINK_CB(cb->skb).portid,
7013 cb->nlh->nlmsg_seq, NLM_F_MULTI,
7014 NL80211_CMD_TESTMODE);
7015 struct nlattr *tmdata;
7016
7017 if (!hdr)
7018 break;
7019
7020 if (nla_put_u32(skb, NL80211_ATTR_WIPHY, phy_idx)) {
7021 genlmsg_cancel(skb, hdr);
7022 break;
7023 }
7024
7025 tmdata = nla_nest_start(skb, NL80211_ATTR_TESTDATA);
7026 if (!tmdata) {
7027 genlmsg_cancel(skb, hdr);
7028 break;
7029 }
7030 err = rdev_testmode_dump(rdev, skb, cb, data, data_len);
7031 nla_nest_end(skb, tmdata);
7032
7033 if (err == -ENOBUFS || err == -ENOENT) {
7034 genlmsg_cancel(skb, hdr);
7035 break;
7036 } else if (err) {
7037 genlmsg_cancel(skb, hdr);
7038 goto out_err;
7039 }
7040
7041 genlmsg_end(skb, hdr);
7042 }
7043
7044 err = skb->len;
7045
7046 cb->args[0] = phy_idx + 1;
7047 out_err:
7048 rtnl_unlock();
7049 return err;
7050}
7051#endif
7052
7053static int nl80211_connect(struct sk_buff *skb, struct genl_info *info)
7054{
7055 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7056 struct net_device *dev = info->user_ptr[1];
7057 struct cfg80211_connect_params connect;
7058 struct wiphy *wiphy;
7059 struct cfg80211_cached_keys *connkeys = NULL;
7060 int err;
7061
7062 memset(&connect, 0, sizeof(connect));
7063
7064 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
7065 return -EINVAL;
7066
7067 if (!info->attrs[NL80211_ATTR_SSID] ||
7068 !nla_len(info->attrs[NL80211_ATTR_SSID]))
7069 return -EINVAL;
7070
7071 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) {
7072 connect.auth_type =
7073 nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]);
7074 if (!nl80211_valid_auth_type(rdev, connect.auth_type,
7075 NL80211_CMD_CONNECT))
7076 return -EINVAL;
7077 } else
7078 connect.auth_type = NL80211_AUTHTYPE_AUTOMATIC;
7079
7080 connect.privacy = info->attrs[NL80211_ATTR_PRIVACY];
7081
7082 err = nl80211_crypto_settings(rdev, info, &connect.crypto,
7083 NL80211_MAX_NR_CIPHER_SUITES);
7084 if (err)
7085 return err;
7086
7087 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
7088 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
7089 return -EOPNOTSUPP;
7090
7091 wiphy = &rdev->wiphy;
7092
7093 connect.bg_scan_period = -1;
7094 if (info->attrs[NL80211_ATTR_BG_SCAN_PERIOD] &&
7095 (wiphy->flags & WIPHY_FLAG_SUPPORTS_FW_ROAM)) {
7096 connect.bg_scan_period =
7097 nla_get_u16(info->attrs[NL80211_ATTR_BG_SCAN_PERIOD]);
7098 }
7099
7100 if (info->attrs[NL80211_ATTR_MAC])
7101 connect.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
7102 else if (info->attrs[NL80211_ATTR_MAC_HINT])
7103 connect.bssid_hint =
7104 nla_data(info->attrs[NL80211_ATTR_MAC_HINT]);
7105 connect.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
7106 connect.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
7107
7108 if (info->attrs[NL80211_ATTR_IE]) {
7109 connect.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
7110 connect.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
7111 }
7112
7113 if (info->attrs[NL80211_ATTR_USE_MFP]) {
7114 connect.mfp = nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]);
7115 if (connect.mfp != NL80211_MFP_REQUIRED &&
7116 connect.mfp != NL80211_MFP_NO)
7117 return -EINVAL;
7118 } else {
7119 connect.mfp = NL80211_MFP_NO;
7120 }
7121
7122 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
7123 connect.channel = nl80211_get_valid_chan(
7124 wiphy, info->attrs[NL80211_ATTR_WIPHY_FREQ]);
7125 if (!connect.channel)
7126 return -EINVAL;
7127 } else if (info->attrs[NL80211_ATTR_WIPHY_FREQ_HINT]) {
7128 connect.channel_hint = nl80211_get_valid_chan(
7129 wiphy, info->attrs[NL80211_ATTR_WIPHY_FREQ_HINT]);
7130 if (!connect.channel_hint)
7131 return -EINVAL;
7132 }
7133
7134 if (connect.privacy && info->attrs[NL80211_ATTR_KEYS]) {
7135 connkeys = nl80211_parse_connkeys(rdev,
7136 info->attrs[NL80211_ATTR_KEYS], NULL);
7137 if (IS_ERR(connkeys))
7138 return PTR_ERR(connkeys);
7139 }
7140
7141 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_HT]))
7142 connect.flags |= ASSOC_REQ_DISABLE_HT;
7143
7144 if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
7145 memcpy(&connect.ht_capa_mask,
7146 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]),
7147 sizeof(connect.ht_capa_mask));
7148
7149 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) {
7150 if (!info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]) {
7151 kfree(connkeys);
7152 return -EINVAL;
7153 }
7154 memcpy(&connect.ht_capa,
7155 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]),
7156 sizeof(connect.ht_capa));
7157 }
7158
7159 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_VHT]))
7160 connect.flags |= ASSOC_REQ_DISABLE_VHT;
7161
7162 if (info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK])
7163 memcpy(&connect.vht_capa_mask,
7164 nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK]),
7165 sizeof(connect.vht_capa_mask));
7166
7167 if (info->attrs[NL80211_ATTR_VHT_CAPABILITY]) {
7168 if (!info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK]) {
7169 kfree(connkeys);
7170 return -EINVAL;
7171 }
7172 memcpy(&connect.vht_capa,
7173 nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY]),
7174 sizeof(connect.vht_capa));
7175 }
7176
7177 wdev_lock(dev->ieee80211_ptr);
7178 err = cfg80211_connect(rdev, dev, &connect, connkeys, NULL);
7179 wdev_unlock(dev->ieee80211_ptr);
7180 if (err)
7181 kfree(connkeys);
7182 return err;
7183}
7184
7185static int nl80211_disconnect(struct sk_buff *skb, struct genl_info *info)
7186{
7187 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7188 struct net_device *dev = info->user_ptr[1];
7189 u16 reason;
7190 int ret;
7191
7192 if (!info->attrs[NL80211_ATTR_REASON_CODE])
7193 reason = WLAN_REASON_DEAUTH_LEAVING;
7194 else
7195 reason = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
7196
7197 if (reason == 0)
7198 return -EINVAL;
7199
7200 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
7201 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
7202 return -EOPNOTSUPP;
7203
7204 wdev_lock(dev->ieee80211_ptr);
7205 ret = cfg80211_disconnect(rdev, dev, reason, true);
7206 wdev_unlock(dev->ieee80211_ptr);
7207 return ret;
7208}
7209
7210static int nl80211_wiphy_netns(struct sk_buff *skb, struct genl_info *info)
7211{
7212 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7213 struct net *net;
7214 int err;
7215 u32 pid;
7216
7217 if (!info->attrs[NL80211_ATTR_PID])
7218 return -EINVAL;
7219
7220 pid = nla_get_u32(info->attrs[NL80211_ATTR_PID]);
7221
7222 net = get_net_ns_by_pid(pid);
7223 if (IS_ERR(net))
7224 return PTR_ERR(net);
7225
7226 err = 0;
7227
7228
7229 if (!net_eq(wiphy_net(&rdev->wiphy), net))
7230 err = cfg80211_switch_netns(rdev, net);
7231
7232 put_net(net);
7233 return err;
7234}
7235
7236static int nl80211_setdel_pmksa(struct sk_buff *skb, struct genl_info *info)
7237{
7238 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7239 int (*rdev_ops)(struct wiphy *wiphy, struct net_device *dev,
7240 struct cfg80211_pmksa *pmksa) = NULL;
7241 struct net_device *dev = info->user_ptr[1];
7242 struct cfg80211_pmksa pmksa;
7243
7244 memset(&pmksa, 0, sizeof(struct cfg80211_pmksa));
7245
7246 if (!info->attrs[NL80211_ATTR_MAC])
7247 return -EINVAL;
7248
7249 if (!info->attrs[NL80211_ATTR_PMKID])
7250 return -EINVAL;
7251
7252 pmksa.pmkid = nla_data(info->attrs[NL80211_ATTR_PMKID]);
7253 pmksa.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
7254
7255 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
7256 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
7257 return -EOPNOTSUPP;
7258
7259 switch (info->genlhdr->cmd) {
7260 case NL80211_CMD_SET_PMKSA:
7261 rdev_ops = rdev->ops->set_pmksa;
7262 break;
7263 case NL80211_CMD_DEL_PMKSA:
7264 rdev_ops = rdev->ops->del_pmksa;
7265 break;
7266 default:
7267 WARN_ON(1);
7268 break;
7269 }
7270
7271 if (!rdev_ops)
7272 return -EOPNOTSUPP;
7273
7274 return rdev_ops(&rdev->wiphy, dev, &pmksa);
7275}
7276
7277static int nl80211_flush_pmksa(struct sk_buff *skb, struct genl_info *info)
7278{
7279 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7280 struct net_device *dev = info->user_ptr[1];
7281
7282 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
7283 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
7284 return -EOPNOTSUPP;
7285
7286 if (!rdev->ops->flush_pmksa)
7287 return -EOPNOTSUPP;
7288
7289 return rdev_flush_pmksa(rdev, dev);
7290}
7291
7292static int nl80211_tdls_mgmt(struct sk_buff *skb, struct genl_info *info)
7293{
7294 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7295 struct net_device *dev = info->user_ptr[1];
7296 u8 action_code, dialog_token;
7297 u32 peer_capability = 0;
7298 u16 status_code;
7299 u8 *peer;
7300
7301 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) ||
7302 !rdev->ops->tdls_mgmt)
7303 return -EOPNOTSUPP;
7304
7305 if (!info->attrs[NL80211_ATTR_TDLS_ACTION] ||
7306 !info->attrs[NL80211_ATTR_STATUS_CODE] ||
7307 !info->attrs[NL80211_ATTR_TDLS_DIALOG_TOKEN] ||
7308 !info->attrs[NL80211_ATTR_IE] ||
7309 !info->attrs[NL80211_ATTR_MAC])
7310 return -EINVAL;
7311
7312 peer = nla_data(info->attrs[NL80211_ATTR_MAC]);
7313 action_code = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_ACTION]);
7314 status_code = nla_get_u16(info->attrs[NL80211_ATTR_STATUS_CODE]);
7315 dialog_token = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_DIALOG_TOKEN]);
7316 if (info->attrs[NL80211_ATTR_TDLS_PEER_CAPABILITY])
7317 peer_capability =
7318 nla_get_u32(info->attrs[NL80211_ATTR_TDLS_PEER_CAPABILITY]);
7319
7320 return rdev_tdls_mgmt(rdev, dev, peer, action_code,
7321 dialog_token, status_code, peer_capability,
7322 nla_data(info->attrs[NL80211_ATTR_IE]),
7323 nla_len(info->attrs[NL80211_ATTR_IE]));
7324}
7325
7326static int nl80211_tdls_oper(struct sk_buff *skb, struct genl_info *info)
7327{
7328 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7329 struct net_device *dev = info->user_ptr[1];
7330 enum nl80211_tdls_operation operation;
7331 u8 *peer;
7332
7333 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) ||
7334 !rdev->ops->tdls_oper)
7335 return -EOPNOTSUPP;
7336
7337 if (!info->attrs[NL80211_ATTR_TDLS_OPERATION] ||
7338 !info->attrs[NL80211_ATTR_MAC])
7339 return -EINVAL;
7340
7341 operation = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_OPERATION]);
7342 peer = nla_data(info->attrs[NL80211_ATTR_MAC]);
7343
7344 return rdev_tdls_oper(rdev, dev, peer, operation);
7345}
7346
7347static int nl80211_remain_on_channel(struct sk_buff *skb,
7348 struct genl_info *info)
7349{
7350 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7351 struct wireless_dev *wdev = info->user_ptr[1];
7352 struct cfg80211_chan_def chandef;
7353 struct sk_buff *msg;
7354 void *hdr;
7355 u64 cookie;
7356 u32 duration;
7357 int err;
7358
7359 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] ||
7360 !info->attrs[NL80211_ATTR_DURATION])
7361 return -EINVAL;
7362
7363 duration = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]);
7364
7365 if (!rdev->ops->remain_on_channel ||
7366 !(rdev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL))
7367 return -EOPNOTSUPP;
7368
7369
7370
7371
7372
7373 if (duration < NL80211_MIN_REMAIN_ON_CHANNEL_TIME ||
7374 duration > rdev->wiphy.max_remain_on_channel_duration)
7375 return -EINVAL;
7376
7377 err = nl80211_parse_chandef(rdev, info, &chandef);
7378 if (err)
7379 return err;
7380
7381 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
7382 if (!msg)
7383 return -ENOMEM;
7384
7385 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
7386 NL80211_CMD_REMAIN_ON_CHANNEL);
7387 if (!hdr) {
7388 err = -ENOBUFS;
7389 goto free_msg;
7390 }
7391
7392 err = rdev_remain_on_channel(rdev, wdev, chandef.chan,
7393 duration, &cookie);
7394
7395 if (err)
7396 goto free_msg;
7397
7398 if (nla_put_u64(msg, NL80211_ATTR_COOKIE, cookie))
7399 goto nla_put_failure;
7400
7401 genlmsg_end(msg, hdr);
7402
7403 return genlmsg_reply(msg, info);
7404
7405 nla_put_failure:
7406 err = -ENOBUFS;
7407 free_msg:
7408 nlmsg_free(msg);
7409 return err;
7410}
7411
7412static int nl80211_cancel_remain_on_channel(struct sk_buff *skb,
7413 struct genl_info *info)
7414{
7415 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7416 struct wireless_dev *wdev = info->user_ptr[1];
7417 u64 cookie;
7418
7419 if (!info->attrs[NL80211_ATTR_COOKIE])
7420 return -EINVAL;
7421
7422 if (!rdev->ops->cancel_remain_on_channel)
7423 return -EOPNOTSUPP;
7424
7425 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]);
7426
7427 return rdev_cancel_remain_on_channel(rdev, wdev, cookie);
7428}
7429
7430static u32 rateset_to_mask(struct ieee80211_supported_band *sband,
7431 u8 *rates, u8 rates_len)
7432{
7433 u8 i;
7434 u32 mask = 0;
7435
7436 for (i = 0; i < rates_len; i++) {
7437 int rate = (rates[i] & 0x7f) * 5;
7438 int ridx;
7439 for (ridx = 0; ridx < sband->n_bitrates; ridx++) {
7440 struct ieee80211_rate *srate =
7441 &sband->bitrates[ridx];
7442 if (rate == srate->bitrate) {
7443 mask |= 1 << ridx;
7444 break;
7445 }
7446 }
7447 if (ridx == sband->n_bitrates)
7448 return 0;
7449 }
7450
7451 return mask;
7452}
7453
7454static bool ht_rateset_to_mask(struct ieee80211_supported_band *sband,
7455 u8 *rates, u8 rates_len,
7456 u8 mcs[IEEE80211_HT_MCS_MASK_LEN])
7457{
7458 u8 i;
7459
7460 memset(mcs, 0, IEEE80211_HT_MCS_MASK_LEN);
7461
7462 for (i = 0; i < rates_len; i++) {
7463 int ridx, rbit;
7464
7465 ridx = rates[i] / 8;
7466 rbit = BIT(rates[i] % 8);
7467
7468
7469 if ((ridx < 0) || (ridx >= IEEE80211_HT_MCS_MASK_LEN))
7470 return false;
7471
7472
7473 if (sband->ht_cap.mcs.rx_mask[ridx] & rbit)
7474 mcs[ridx] |= rbit;
7475 else
7476 return false;
7477 }
7478
7479 return true;
7480}
7481
7482static u16 vht_mcs_map_to_mcs_mask(u8 vht_mcs_map)
7483{
7484 u16 mcs_mask = 0;
7485
7486 switch (vht_mcs_map) {
7487 case IEEE80211_VHT_MCS_NOT_SUPPORTED:
7488 break;
7489 case IEEE80211_VHT_MCS_SUPPORT_0_7:
7490 mcs_mask = 0x00FF;
7491 break;
7492 case IEEE80211_VHT_MCS_SUPPORT_0_8:
7493 mcs_mask = 0x01FF;
7494 break;
7495 case IEEE80211_VHT_MCS_SUPPORT_0_9:
7496 mcs_mask = 0x03FF;
7497 break;
7498 default:
7499 break;
7500 }
7501
7502 return mcs_mask;
7503}
7504
7505static void vht_build_mcs_mask(u16 vht_mcs_map,
7506 u16 vht_mcs_mask[NL80211_VHT_NSS_MAX])
7507{
7508 u8 nss;
7509
7510 for (nss = 0; nss < NL80211_VHT_NSS_MAX; nss++) {
7511 vht_mcs_mask[nss] = vht_mcs_map_to_mcs_mask(vht_mcs_map & 0x03);
7512 vht_mcs_map >>= 2;
7513 }
7514}
7515
7516static bool vht_set_mcs_mask(struct ieee80211_supported_band *sband,
7517 struct nl80211_txrate_vht *txrate,
7518 u16 mcs[NL80211_VHT_NSS_MAX])
7519{
7520 u16 tx_mcs_map = le16_to_cpu(sband->vht_cap.vht_mcs.tx_mcs_map);
7521 u16 tx_mcs_mask[NL80211_VHT_NSS_MAX] = {};
7522 u8 i;
7523
7524 if (!sband->vht_cap.vht_supported)
7525 return false;
7526
7527 memset(mcs, 0, sizeof(u16) * NL80211_VHT_NSS_MAX);
7528
7529
7530 vht_build_mcs_mask(tx_mcs_map, tx_mcs_mask);
7531
7532 for (i = 0; i < NL80211_VHT_NSS_MAX; i++) {
7533 if ((tx_mcs_mask[i] & txrate->mcs[i]) == txrate->mcs[i])
7534 mcs[i] = txrate->mcs[i];
7535 else
7536 return false;
7537 }
7538
7539 return true;
7540}
7541
7542static const struct nla_policy nl80211_txattr_policy[NL80211_TXRATE_MAX + 1] = {
7543 [NL80211_TXRATE_LEGACY] = { .type = NLA_BINARY,
7544 .len = NL80211_MAX_SUPP_RATES },
7545 [NL80211_TXRATE_HT] = { .type = NLA_BINARY,
7546 .len = NL80211_MAX_SUPP_HT_RATES },
7547 [NL80211_TXRATE_VHT] = { .len = sizeof(struct nl80211_txrate_vht)},
7548 [NL80211_TXRATE_GI] = { .type = NLA_U8 },
7549};
7550
7551static int nl80211_set_tx_bitrate_mask(struct sk_buff *skb,
7552 struct genl_info *info)
7553{
7554 struct nlattr *tb[NL80211_TXRATE_MAX + 1];
7555 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7556 struct cfg80211_bitrate_mask mask;
7557 int rem, i;
7558 struct net_device *dev = info->user_ptr[1];
7559 struct nlattr *tx_rates;
7560 struct ieee80211_supported_band *sband;
7561 u16 vht_tx_mcs_map;
7562
7563 if (!rdev->ops->set_bitrate_mask)
7564 return -EOPNOTSUPP;
7565
7566 memset(&mask, 0, sizeof(mask));
7567
7568 for (i = 0; i < IEEE80211_NUM_BANDS; i++) {
7569 sband = rdev->wiphy.bands[i];
7570
7571 if (!sband)
7572 continue;
7573
7574 mask.control[i].legacy = (1 << sband->n_bitrates) - 1;
7575 memcpy(mask.control[i].ht_mcs,
7576 sband->ht_cap.mcs.rx_mask,
7577 sizeof(mask.control[i].ht_mcs));
7578
7579 if (!sband->vht_cap.vht_supported)
7580 continue;
7581
7582 vht_tx_mcs_map = le16_to_cpu(sband->vht_cap.vht_mcs.tx_mcs_map);
7583 vht_build_mcs_mask(vht_tx_mcs_map, mask.control[i].vht_mcs);
7584 }
7585
7586
7587 if (!info->attrs[NL80211_ATTR_TX_RATES])
7588 goto out;
7589
7590
7591
7592
7593
7594 BUILD_BUG_ON(NL80211_MAX_SUPP_HT_RATES > IEEE80211_HT_MCS_MASK_LEN * 8);
7595 nla_for_each_nested(tx_rates, info->attrs[NL80211_ATTR_TX_RATES], rem) {
7596 enum ieee80211_band band = nla_type(tx_rates);
7597 int err;
7598
7599 if (band < 0 || band >= IEEE80211_NUM_BANDS)
7600 return -EINVAL;
7601 sband = rdev->wiphy.bands[band];
7602 if (sband == NULL)
7603 return -EINVAL;
7604 err = nla_parse(tb, NL80211_TXRATE_MAX, nla_data(tx_rates),
7605 nla_len(tx_rates), nl80211_txattr_policy);
7606 if (err)
7607 return err;
7608 if (tb[NL80211_TXRATE_LEGACY]) {
7609 mask.control[band].legacy = rateset_to_mask(
7610 sband,
7611 nla_data(tb[NL80211_TXRATE_LEGACY]),
7612 nla_len(tb[NL80211_TXRATE_LEGACY]));
7613 if ((mask.control[band].legacy == 0) &&
7614 nla_len(tb[NL80211_TXRATE_LEGACY]))
7615 return -EINVAL;
7616 }
7617 if (tb[NL80211_TXRATE_HT]) {
7618 if (!ht_rateset_to_mask(
7619 sband,
7620 nla_data(tb[NL80211_TXRATE_HT]),
7621 nla_len(tb[NL80211_TXRATE_HT]),
7622 mask.control[band].ht_mcs))
7623 return -EINVAL;
7624 }
7625 if (tb[NL80211_TXRATE_VHT]) {
7626 if (!vht_set_mcs_mask(
7627 sband,
7628 nla_data(tb[NL80211_TXRATE_VHT]),
7629 mask.control[band].vht_mcs))
7630 return -EINVAL;
7631 }
7632 if (tb[NL80211_TXRATE_GI]) {
7633 mask.control[band].gi =
7634 nla_get_u8(tb[NL80211_TXRATE_GI]);
7635 if (mask.control[band].gi > NL80211_TXRATE_FORCE_LGI)
7636 return -EINVAL;
7637 }
7638
7639 if (mask.control[band].legacy == 0) {
7640
7641
7642
7643 if (!(rdev->wiphy.bands[band]->ht_cap.ht_supported ||
7644 rdev->wiphy.bands[band]->vht_cap.vht_supported))
7645 return -EINVAL;
7646
7647 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++)
7648 if (mask.control[band].ht_mcs[i])
7649 goto out;
7650
7651 for (i = 0; i < NL80211_VHT_NSS_MAX; i++)
7652 if (mask.control[band].vht_mcs[i])
7653 goto out;
7654
7655
7656 return -EINVAL;
7657 }
7658 }
7659
7660out:
7661 return rdev_set_bitrate_mask(rdev, dev, NULL, &mask);
7662}
7663
7664static int nl80211_register_mgmt(struct sk_buff *skb, struct genl_info *info)
7665{
7666 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7667 struct wireless_dev *wdev = info->user_ptr[1];
7668 u16 frame_type = IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_ACTION;
7669
7670 if (!info->attrs[NL80211_ATTR_FRAME_MATCH])
7671 return -EINVAL;
7672
7673 if (info->attrs[NL80211_ATTR_FRAME_TYPE])
7674 frame_type = nla_get_u16(info->attrs[NL80211_ATTR_FRAME_TYPE]);
7675
7676 switch (wdev->iftype) {
7677 case NL80211_IFTYPE_STATION:
7678 case NL80211_IFTYPE_ADHOC:
7679 case NL80211_IFTYPE_P2P_CLIENT:
7680 case NL80211_IFTYPE_AP:
7681 case NL80211_IFTYPE_AP_VLAN:
7682 case NL80211_IFTYPE_MESH_POINT:
7683 case NL80211_IFTYPE_P2P_GO:
7684 case NL80211_IFTYPE_P2P_DEVICE:
7685 break;
7686 default:
7687 return -EOPNOTSUPP;
7688 }
7689
7690
7691 if (!rdev->ops->mgmt_tx)
7692 return -EOPNOTSUPP;
7693
7694 return cfg80211_mlme_register_mgmt(wdev, info->snd_portid, frame_type,
7695 nla_data(info->attrs[NL80211_ATTR_FRAME_MATCH]),
7696 nla_len(info->attrs[NL80211_ATTR_FRAME_MATCH]));
7697}
7698
7699static int nl80211_tx_mgmt(struct sk_buff *skb, struct genl_info *info)
7700{
7701 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7702 struct wireless_dev *wdev = info->user_ptr[1];
7703 struct cfg80211_chan_def chandef;
7704 int err;
7705 void *hdr = NULL;
7706 u64 cookie;
7707 struct sk_buff *msg = NULL;
7708 struct cfg80211_mgmt_tx_params params = {
7709 .dont_wait_for_ack =
7710 info->attrs[NL80211_ATTR_DONT_WAIT_FOR_ACK],
7711 };
7712
7713 if (!info->attrs[NL80211_ATTR_FRAME])
7714 return -EINVAL;
7715
7716 if (!rdev->ops->mgmt_tx)
7717 return -EOPNOTSUPP;
7718
7719 switch (wdev->iftype) {
7720 case NL80211_IFTYPE_P2P_DEVICE:
7721 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ])
7722 return -EINVAL;
7723 case NL80211_IFTYPE_STATION:
7724 case NL80211_IFTYPE_ADHOC:
7725 case NL80211_IFTYPE_P2P_CLIENT:
7726 case NL80211_IFTYPE_AP:
7727 case NL80211_IFTYPE_AP_VLAN:
7728 case NL80211_IFTYPE_MESH_POINT:
7729 case NL80211_IFTYPE_P2P_GO:
7730 break;
7731 default:
7732 return -EOPNOTSUPP;
7733 }
7734
7735 if (info->attrs[NL80211_ATTR_DURATION]) {
7736 if (!(rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX))
7737 return -EINVAL;
7738 params.wait = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]);
7739
7740
7741
7742
7743
7744 if (params.wait < NL80211_MIN_REMAIN_ON_CHANNEL_TIME ||
7745 params.wait > rdev->wiphy.max_remain_on_channel_duration)
7746 return -EINVAL;
7747
7748 }
7749
7750 params.offchan = info->attrs[NL80211_ATTR_OFFCHANNEL_TX_OK];
7751
7752 if (params.offchan && !(rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX))
7753 return -EINVAL;
7754
7755 params.no_cck = nla_get_flag(info->attrs[NL80211_ATTR_TX_NO_CCK_RATE]);
7756
7757
7758
7759
7760 chandef.chan = NULL;
7761 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
7762 err = nl80211_parse_chandef(rdev, info, &chandef);
7763 if (err)
7764 return err;
7765 }
7766
7767 if (!chandef.chan && params.offchan)
7768 return -EINVAL;
7769
7770 if (!params.dont_wait_for_ack) {
7771 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
7772 if (!msg)
7773 return -ENOMEM;
7774
7775 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
7776 NL80211_CMD_FRAME);
7777 if (!hdr) {
7778 err = -ENOBUFS;
7779 goto free_msg;
7780 }
7781 }
7782
7783 params.buf = nla_data(info->attrs[NL80211_ATTR_FRAME]);
7784 params.len = nla_len(info->attrs[NL80211_ATTR_FRAME]);
7785 params.chan = chandef.chan;
7786 err = cfg80211_mlme_mgmt_tx(rdev, wdev, ¶ms, &cookie);
7787 if (err)
7788 goto free_msg;
7789
7790 if (msg) {
7791 if (nla_put_u64(msg, NL80211_ATTR_COOKIE, cookie))
7792 goto nla_put_failure;
7793
7794 genlmsg_end(msg, hdr);
7795 return genlmsg_reply(msg, info);
7796 }
7797
7798 return 0;
7799
7800 nla_put_failure:
7801 err = -ENOBUFS;
7802 free_msg:
7803 nlmsg_free(msg);
7804 return err;
7805}
7806
7807static int nl80211_tx_mgmt_cancel_wait(struct sk_buff *skb, struct genl_info *info)
7808{
7809 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7810 struct wireless_dev *wdev = info->user_ptr[1];
7811 u64 cookie;
7812
7813 if (!info->attrs[NL80211_ATTR_COOKIE])
7814 return -EINVAL;
7815
7816 if (!rdev->ops->mgmt_tx_cancel_wait)
7817 return -EOPNOTSUPP;
7818
7819 switch (wdev->iftype) {
7820 case NL80211_IFTYPE_STATION:
7821 case NL80211_IFTYPE_ADHOC:
7822 case NL80211_IFTYPE_P2P_CLIENT:
7823 case NL80211_IFTYPE_AP:
7824 case NL80211_IFTYPE_AP_VLAN:
7825 case NL80211_IFTYPE_P2P_GO:
7826 case NL80211_IFTYPE_P2P_DEVICE:
7827 break;
7828 default:
7829 return -EOPNOTSUPP;
7830 }
7831
7832 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]);
7833
7834 return rdev_mgmt_tx_cancel_wait(rdev, wdev, cookie);
7835}
7836
7837static int nl80211_set_power_save(struct sk_buff *skb, struct genl_info *info)
7838{
7839 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7840 struct wireless_dev *wdev;
7841 struct net_device *dev = info->user_ptr[1];
7842 u8 ps_state;
7843 bool state;
7844 int err;
7845
7846 if (!info->attrs[NL80211_ATTR_PS_STATE])
7847 return -EINVAL;
7848
7849 ps_state = nla_get_u32(info->attrs[NL80211_ATTR_PS_STATE]);
7850
7851 if (ps_state != NL80211_PS_DISABLED && ps_state != NL80211_PS_ENABLED)
7852 return -EINVAL;
7853
7854 wdev = dev->ieee80211_ptr;
7855
7856 if (!rdev->ops->set_power_mgmt)
7857 return -EOPNOTSUPP;
7858
7859 state = (ps_state == NL80211_PS_ENABLED) ? true : false;
7860
7861 if (state == wdev->ps)
7862 return 0;
7863
7864 err = rdev_set_power_mgmt(rdev, dev, state, wdev->ps_timeout);
7865 if (!err)
7866 wdev->ps = state;
7867 return err;
7868}
7869
7870static int nl80211_get_power_save(struct sk_buff *skb, struct genl_info *info)
7871{
7872 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7873 enum nl80211_ps_state ps_state;
7874 struct wireless_dev *wdev;
7875 struct net_device *dev = info->user_ptr[1];
7876 struct sk_buff *msg;
7877 void *hdr;
7878 int err;
7879
7880 wdev = dev->ieee80211_ptr;
7881
7882 if (!rdev->ops->set_power_mgmt)
7883 return -EOPNOTSUPP;
7884
7885 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
7886 if (!msg)
7887 return -ENOMEM;
7888
7889 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
7890 NL80211_CMD_GET_POWER_SAVE);
7891 if (!hdr) {
7892 err = -ENOBUFS;
7893 goto free_msg;
7894 }
7895
7896 if (wdev->ps)
7897 ps_state = NL80211_PS_ENABLED;
7898 else
7899 ps_state = NL80211_PS_DISABLED;
7900
7901 if (nla_put_u32(msg, NL80211_ATTR_PS_STATE, ps_state))
7902 goto nla_put_failure;
7903
7904 genlmsg_end(msg, hdr);
7905 return genlmsg_reply(msg, info);
7906
7907 nla_put_failure:
7908 err = -ENOBUFS;
7909 free_msg:
7910 nlmsg_free(msg);
7911 return err;
7912}
7913
7914static const struct nla_policy
7915nl80211_attr_cqm_policy[NL80211_ATTR_CQM_MAX + 1] = {
7916 [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_U32 },
7917 [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U32 },
7918 [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 },
7919 [NL80211_ATTR_CQM_TXE_RATE] = { .type = NLA_U32 },
7920 [NL80211_ATTR_CQM_TXE_PKTS] = { .type = NLA_U32 },
7921 [NL80211_ATTR_CQM_TXE_INTVL] = { .type = NLA_U32 },
7922};
7923
7924static int nl80211_set_cqm_txe(struct genl_info *info,
7925 u32 rate, u32 pkts, u32 intvl)
7926{
7927 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7928 struct net_device *dev = info->user_ptr[1];
7929 struct wireless_dev *wdev = dev->ieee80211_ptr;
7930
7931 if (rate > 100 || intvl > NL80211_CQM_TXE_MAX_INTVL)
7932 return -EINVAL;
7933
7934 if (!rdev->ops->set_cqm_txe_config)
7935 return -EOPNOTSUPP;
7936
7937 if (wdev->iftype != NL80211_IFTYPE_STATION &&
7938 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT)
7939 return -EOPNOTSUPP;
7940
7941 return rdev_set_cqm_txe_config(rdev, dev, rate, pkts, intvl);
7942}
7943
7944static int nl80211_set_cqm_rssi(struct genl_info *info,
7945 s32 threshold, u32 hysteresis)
7946{
7947 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7948 struct net_device *dev = info->user_ptr[1];
7949 struct wireless_dev *wdev = dev->ieee80211_ptr;
7950
7951 if (threshold > 0)
7952 return -EINVAL;
7953
7954
7955 if (threshold == 0)
7956 hysteresis = 0;
7957
7958 if (!rdev->ops->set_cqm_rssi_config)
7959 return -EOPNOTSUPP;
7960
7961 if (wdev->iftype != NL80211_IFTYPE_STATION &&
7962 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT)
7963 return -EOPNOTSUPP;
7964
7965 return rdev_set_cqm_rssi_config(rdev, dev, threshold, hysteresis);
7966}
7967
7968static int nl80211_set_cqm(struct sk_buff *skb, struct genl_info *info)
7969{
7970 struct nlattr *attrs[NL80211_ATTR_CQM_MAX + 1];
7971 struct nlattr *cqm;
7972 int err;
7973
7974 cqm = info->attrs[NL80211_ATTR_CQM];
7975 if (!cqm)
7976 return -EINVAL;
7977
7978 err = nla_parse_nested(attrs, NL80211_ATTR_CQM_MAX, cqm,
7979 nl80211_attr_cqm_policy);
7980 if (err)
7981 return err;
7982
7983 if (attrs[NL80211_ATTR_CQM_RSSI_THOLD] &&
7984 attrs[NL80211_ATTR_CQM_RSSI_HYST]) {
7985 s32 threshold = nla_get_s32(attrs[NL80211_ATTR_CQM_RSSI_THOLD]);
7986 u32 hysteresis = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_HYST]);
7987
7988 return nl80211_set_cqm_rssi(info, threshold, hysteresis);
7989 }
7990
7991 if (attrs[NL80211_ATTR_CQM_TXE_RATE] &&
7992 attrs[NL80211_ATTR_CQM_TXE_PKTS] &&
7993 attrs[NL80211_ATTR_CQM_TXE_INTVL]) {
7994 u32 rate = nla_get_u32(attrs[NL80211_ATTR_CQM_TXE_RATE]);
7995 u32 pkts = nla_get_u32(attrs[NL80211_ATTR_CQM_TXE_PKTS]);
7996 u32 intvl = nla_get_u32(attrs[NL80211_ATTR_CQM_TXE_INTVL]);
7997
7998 return nl80211_set_cqm_txe(info, rate, pkts, intvl);
7999 }
8000
8001 return -EINVAL;
8002}
8003
8004static int nl80211_join_mesh(struct sk_buff *skb, struct genl_info *info)
8005{
8006 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8007 struct net_device *dev = info->user_ptr[1];
8008 struct mesh_config cfg;
8009 struct mesh_setup setup;
8010 int err;
8011
8012
8013 memcpy(&cfg, &default_mesh_config, sizeof(cfg));
8014 memcpy(&setup, &default_mesh_setup, sizeof(setup));
8015
8016 if (info->attrs[NL80211_ATTR_MESH_CONFIG]) {
8017
8018 err = nl80211_parse_mesh_config(info, &cfg, NULL);
8019 if (err)
8020 return err;
8021 }
8022
8023 if (!info->attrs[NL80211_ATTR_MESH_ID] ||
8024 !nla_len(info->attrs[NL80211_ATTR_MESH_ID]))
8025 return -EINVAL;
8026
8027 setup.mesh_id = nla_data(info->attrs[NL80211_ATTR_MESH_ID]);
8028 setup.mesh_id_len = nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
8029
8030 if (info->attrs[NL80211_ATTR_MCAST_RATE] &&
8031 !nl80211_parse_mcast_rate(rdev, setup.mcast_rate,
8032 nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE])))
8033 return -EINVAL;
8034
8035 if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) {
8036 setup.beacon_interval =
8037 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]);
8038 if (setup.beacon_interval < 10 ||
8039 setup.beacon_interval > 10000)
8040 return -EINVAL;
8041 }
8042
8043 if (info->attrs[NL80211_ATTR_DTIM_PERIOD]) {
8044 setup.dtim_period =
8045 nla_get_u32(info->attrs[NL80211_ATTR_DTIM_PERIOD]);
8046 if (setup.dtim_period < 1 || setup.dtim_period > 100)
8047 return -EINVAL;
8048 }
8049
8050 if (info->attrs[NL80211_ATTR_MESH_SETUP]) {
8051
8052 err = nl80211_parse_mesh_setup(info, &setup);
8053 if (err)
8054 return err;
8055 }
8056
8057 if (setup.user_mpm)
8058 cfg.auto_open_plinks = false;
8059
8060 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
8061 err = nl80211_parse_chandef(rdev, info, &setup.chandef);
8062 if (err)
8063 return err;
8064 } else {
8065
8066 setup.chandef.chan = NULL;
8067 }
8068
8069 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) {
8070 u8 *rates = nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
8071 int n_rates =
8072 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
8073 struct ieee80211_supported_band *sband;
8074
8075 if (!setup.chandef.chan)
8076 return -EINVAL;
8077
8078 sband = rdev->wiphy.bands[setup.chandef.chan->band];
8079
8080 err = ieee80211_get_ratemask(sband, rates, n_rates,
8081 &setup.basic_rates);
8082 if (err)
8083 return err;
8084 }
8085
8086 return cfg80211_join_mesh(rdev, dev, &setup, &cfg);
8087}
8088
8089static int nl80211_leave_mesh(struct sk_buff *skb, struct genl_info *info)
8090{
8091 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8092 struct net_device *dev = info->user_ptr[1];
8093
8094 return cfg80211_leave_mesh(rdev, dev);
8095}
8096
8097#ifdef CONFIG_PM
8098static int nl80211_send_wowlan_patterns(struct sk_buff *msg,
8099 struct cfg80211_registered_device *rdev)
8100{
8101 struct cfg80211_wowlan *wowlan = rdev->wiphy.wowlan_config;
8102 struct nlattr *nl_pats, *nl_pat;
8103 int i, pat_len;
8104
8105 if (!wowlan->n_patterns)
8106 return 0;
8107
8108 nl_pats = nla_nest_start(msg, NL80211_WOWLAN_TRIG_PKT_PATTERN);
8109 if (!nl_pats)
8110 return -ENOBUFS;
8111
8112 for (i = 0; i < wowlan->n_patterns; i++) {
8113 nl_pat = nla_nest_start(msg, i + 1);
8114 if (!nl_pat)
8115 return -ENOBUFS;
8116 pat_len = wowlan->patterns[i].pattern_len;
8117 if (nla_put(msg, NL80211_PKTPAT_MASK, DIV_ROUND_UP(pat_len, 8),
8118 wowlan->patterns[i].mask) ||
8119 nla_put(msg, NL80211_PKTPAT_PATTERN, pat_len,
8120 wowlan->patterns[i].pattern) ||
8121 nla_put_u32(msg, NL80211_PKTPAT_OFFSET,
8122 wowlan->patterns[i].pkt_offset))
8123 return -ENOBUFS;
8124 nla_nest_end(msg, nl_pat);
8125 }
8126 nla_nest_end(msg, nl_pats);
8127
8128 return 0;
8129}
8130
8131static int nl80211_send_wowlan_tcp(struct sk_buff *msg,
8132 struct cfg80211_wowlan_tcp *tcp)
8133{
8134 struct nlattr *nl_tcp;
8135
8136 if (!tcp)
8137 return 0;
8138
8139 nl_tcp = nla_nest_start(msg, NL80211_WOWLAN_TRIG_TCP_CONNECTION);
8140 if (!nl_tcp)
8141 return -ENOBUFS;
8142
8143 if (nla_put_be32(msg, NL80211_WOWLAN_TCP_SRC_IPV4, tcp->src) ||
8144 nla_put_be32(msg, NL80211_WOWLAN_TCP_DST_IPV4, tcp->dst) ||
8145 nla_put(msg, NL80211_WOWLAN_TCP_DST_MAC, ETH_ALEN, tcp->dst_mac) ||
8146 nla_put_u16(msg, NL80211_WOWLAN_TCP_SRC_PORT, tcp->src_port) ||
8147 nla_put_u16(msg, NL80211_WOWLAN_TCP_DST_PORT, tcp->dst_port) ||
8148 nla_put(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD,
8149 tcp->payload_len, tcp->payload) ||
8150 nla_put_u32(msg, NL80211_WOWLAN_TCP_DATA_INTERVAL,
8151 tcp->data_interval) ||
8152 nla_put(msg, NL80211_WOWLAN_TCP_WAKE_PAYLOAD,
8153 tcp->wake_len, tcp->wake_data) ||
8154 nla_put(msg, NL80211_WOWLAN_TCP_WAKE_MASK,
8155 DIV_ROUND_UP(tcp->wake_len, 8), tcp->wake_mask))
8156 return -ENOBUFS;
8157
8158 if (tcp->payload_seq.len &&
8159 nla_put(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ,
8160 sizeof(tcp->payload_seq), &tcp->payload_seq))
8161 return -ENOBUFS;
8162
8163 if (tcp->payload_tok.len &&
8164 nla_put(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN,
8165 sizeof(tcp->payload_tok) + tcp->tokens_size,
8166 &tcp->payload_tok))
8167 return -ENOBUFS;
8168
8169 nla_nest_end(msg, nl_tcp);
8170
8171 return 0;
8172}
8173
8174static int nl80211_get_wowlan(struct sk_buff *skb, struct genl_info *info)
8175{
8176 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8177 struct sk_buff *msg;
8178 void *hdr;
8179 u32 size = NLMSG_DEFAULT_SIZE;
8180
8181 if (!rdev->wiphy.wowlan)
8182 return -EOPNOTSUPP;
8183
8184 if (rdev->wiphy.wowlan_config && rdev->wiphy.wowlan_config->tcp) {
8185
8186 size += rdev->wiphy.wowlan_config->tcp->tokens_size +
8187 rdev->wiphy.wowlan_config->tcp->payload_len +
8188 rdev->wiphy.wowlan_config->tcp->wake_len +
8189 rdev->wiphy.wowlan_config->tcp->wake_len / 8;
8190 }
8191
8192 msg = nlmsg_new(size, GFP_KERNEL);
8193 if (!msg)
8194 return -ENOMEM;
8195
8196 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
8197 NL80211_CMD_GET_WOWLAN);
8198 if (!hdr)
8199 goto nla_put_failure;
8200
8201 if (rdev->wiphy.wowlan_config) {
8202 struct nlattr *nl_wowlan;
8203
8204 nl_wowlan = nla_nest_start(msg, NL80211_ATTR_WOWLAN_TRIGGERS);
8205 if (!nl_wowlan)
8206 goto nla_put_failure;
8207
8208 if ((rdev->wiphy.wowlan_config->any &&
8209 nla_put_flag(msg, NL80211_WOWLAN_TRIG_ANY)) ||
8210 (rdev->wiphy.wowlan_config->disconnect &&
8211 nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT)) ||
8212 (rdev->wiphy.wowlan_config->magic_pkt &&
8213 nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT)) ||
8214 (rdev->wiphy.wowlan_config->gtk_rekey_failure &&
8215 nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE)) ||
8216 (rdev->wiphy.wowlan_config->eap_identity_req &&
8217 nla_put_flag(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST)) ||
8218 (rdev->wiphy.wowlan_config->four_way_handshake &&
8219 nla_put_flag(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE)) ||
8220 (rdev->wiphy.wowlan_config->rfkill_release &&
8221 nla_put_flag(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE)))
8222 goto nla_put_failure;
8223
8224 if (nl80211_send_wowlan_patterns(msg, rdev))
8225 goto nla_put_failure;
8226
8227 if (nl80211_send_wowlan_tcp(msg,
8228 rdev->wiphy.wowlan_config->tcp))
8229 goto nla_put_failure;
8230
8231 nla_nest_end(msg, nl_wowlan);
8232 }
8233
8234 genlmsg_end(msg, hdr);
8235 return genlmsg_reply(msg, info);
8236
8237nla_put_failure:
8238 nlmsg_free(msg);
8239 return -ENOBUFS;
8240}
8241
8242static int nl80211_parse_wowlan_tcp(struct cfg80211_registered_device *rdev,
8243 struct nlattr *attr,
8244 struct cfg80211_wowlan *trig)
8245{
8246 struct nlattr *tb[NUM_NL80211_WOWLAN_TCP];
8247 struct cfg80211_wowlan_tcp *cfg;
8248 struct nl80211_wowlan_tcp_data_token *tok = NULL;
8249 struct nl80211_wowlan_tcp_data_seq *seq = NULL;
8250 u32 size;
8251 u32 data_size, wake_size, tokens_size = 0, wake_mask_size;
8252 int err, port;
8253
8254 if (!rdev->wiphy.wowlan->tcp)
8255 return -EINVAL;
8256
8257 err = nla_parse(tb, MAX_NL80211_WOWLAN_TCP,
8258 nla_data(attr), nla_len(attr),
8259 nl80211_wowlan_tcp_policy);
8260 if (err)
8261 return err;
8262
8263 if (!tb[NL80211_WOWLAN_TCP_SRC_IPV4] ||
8264 !tb[NL80211_WOWLAN_TCP_DST_IPV4] ||
8265 !tb[NL80211_WOWLAN_TCP_DST_MAC] ||
8266 !tb[NL80211_WOWLAN_TCP_DST_PORT] ||
8267 !tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD] ||
8268 !tb[NL80211_WOWLAN_TCP_DATA_INTERVAL] ||
8269 !tb[NL80211_WOWLAN_TCP_WAKE_PAYLOAD] ||
8270 !tb[NL80211_WOWLAN_TCP_WAKE_MASK])
8271 return -EINVAL;
8272
8273 data_size = nla_len(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD]);
8274 if (data_size > rdev->wiphy.wowlan->tcp->data_payload_max)
8275 return -EINVAL;
8276
8277 if (nla_get_u32(tb[NL80211_WOWLAN_TCP_DATA_INTERVAL]) >
8278 rdev->wiphy.wowlan->tcp->data_interval_max ||
8279 nla_get_u32(tb[NL80211_WOWLAN_TCP_DATA_INTERVAL]) == 0)
8280 return -EINVAL;
8281
8282 wake_size = nla_len(tb[NL80211_WOWLAN_TCP_WAKE_PAYLOAD]);
8283 if (wake_size > rdev->wiphy.wowlan->tcp->wake_payload_max)
8284 return -EINVAL;
8285
8286 wake_mask_size = nla_len(tb[NL80211_WOWLAN_TCP_WAKE_MASK]);
8287 if (wake_mask_size != DIV_ROUND_UP(wake_size, 8))
8288 return -EINVAL;
8289
8290 if (tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN]) {
8291 u32 tokln = nla_len(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN]);
8292
8293 tok = nla_data(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN]);
8294 tokens_size = tokln - sizeof(*tok);
8295
8296 if (!tok->len || tokens_size % tok->len)
8297 return -EINVAL;
8298 if (!rdev->wiphy.wowlan->tcp->tok)
8299 return -EINVAL;
8300 if (tok->len > rdev->wiphy.wowlan->tcp->tok->max_len)
8301 return -EINVAL;
8302 if (tok->len < rdev->wiphy.wowlan->tcp->tok->min_len)
8303 return -EINVAL;
8304 if (tokens_size > rdev->wiphy.wowlan->tcp->tok->bufsize)
8305 return -EINVAL;
8306 if (tok->offset + tok->len > data_size)
8307 return -EINVAL;
8308 }
8309
8310 if (tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ]) {
8311 seq = nla_data(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ]);
8312 if (!rdev->wiphy.wowlan->tcp->seq)
8313 return -EINVAL;
8314 if (seq->len == 0 || seq->len > 4)
8315 return -EINVAL;
8316 if (seq->len + seq->offset > data_size)
8317 return -EINVAL;
8318 }
8319
8320 size = sizeof(*cfg);
8321 size += data_size;
8322 size += wake_size + wake_mask_size;
8323 size += tokens_size;
8324
8325 cfg = kzalloc(size, GFP_KERNEL);
8326 if (!cfg)
8327 return -ENOMEM;
8328 cfg->src = nla_get_be32(tb[NL80211_WOWLAN_TCP_SRC_IPV4]);
8329 cfg->dst = nla_get_be32(tb[NL80211_WOWLAN_TCP_DST_IPV4]);
8330 memcpy(cfg->dst_mac, nla_data(tb[NL80211_WOWLAN_TCP_DST_MAC]),
8331 ETH_ALEN);
8332 if (tb[NL80211_WOWLAN_TCP_SRC_PORT])
8333 port = nla_get_u16(tb[NL80211_WOWLAN_TCP_SRC_PORT]);
8334 else
8335 port = 0;
8336#ifdef CONFIG_INET
8337
8338 err = __sock_create(wiphy_net(&rdev->wiphy), PF_INET, SOCK_STREAM,
8339 IPPROTO_TCP, &cfg->sock, 1);
8340 if (err) {
8341 kfree(cfg);
8342 return err;
8343 }
8344 if (inet_csk_get_port(cfg->sock->sk, port)) {
8345 sock_release(cfg->sock);
8346 kfree(cfg);
8347 return -EADDRINUSE;
8348 }
8349 cfg->src_port = inet_sk(cfg->sock->sk)->inet_num;
8350#else
8351 if (!port) {
8352 kfree(cfg);
8353 return -EINVAL;
8354 }
8355 cfg->src_port = port;
8356#endif
8357
8358 cfg->dst_port = nla_get_u16(tb[NL80211_WOWLAN_TCP_DST_PORT]);
8359 cfg->payload_len = data_size;
8360 cfg->payload = (u8 *)cfg + sizeof(*cfg) + tokens_size;
8361 memcpy((void *)cfg->payload,
8362 nla_data(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD]),
8363 data_size);
8364 if (seq)
8365 cfg->payload_seq = *seq;
8366 cfg->data_interval = nla_get_u32(tb[NL80211_WOWLAN_TCP_DATA_INTERVAL]);
8367 cfg->wake_len = wake_size;
8368 cfg->wake_data = (u8 *)cfg + sizeof(*cfg) + tokens_size + data_size;
8369 memcpy((void *)cfg->wake_data,
8370 nla_data(tb[NL80211_WOWLAN_TCP_WAKE_PAYLOAD]),
8371 wake_size);
8372 cfg->wake_mask = (u8 *)cfg + sizeof(*cfg) + tokens_size +
8373 data_size + wake_size;
8374 memcpy((void *)cfg->wake_mask,
8375 nla_data(tb[NL80211_WOWLAN_TCP_WAKE_MASK]),
8376 wake_mask_size);
8377 if (tok) {
8378 cfg->tokens_size = tokens_size;
8379 memcpy(&cfg->payload_tok, tok, sizeof(*tok) + tokens_size);
8380 }
8381
8382 trig->tcp = cfg;
8383
8384 return 0;
8385}
8386
8387static int nl80211_set_wowlan(struct sk_buff *skb, struct genl_info *info)
8388{
8389 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8390 struct nlattr *tb[NUM_NL80211_WOWLAN_TRIG];
8391 struct cfg80211_wowlan new_triggers = {};
8392 struct cfg80211_wowlan *ntrig;
8393 const struct wiphy_wowlan_support *wowlan = rdev->wiphy.wowlan;
8394 int err, i;
8395 bool prev_enabled = rdev->wiphy.wowlan_config;
8396
8397 if (!wowlan)
8398 return -EOPNOTSUPP;
8399
8400 if (!info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]) {
8401 cfg80211_rdev_free_wowlan(rdev);
8402 rdev->wiphy.wowlan_config = NULL;
8403 goto set_wakeup;
8404 }
8405
8406 err = nla_parse(tb, MAX_NL80211_WOWLAN_TRIG,
8407 nla_data(info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]),
8408 nla_len(info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]),
8409 nl80211_wowlan_policy);
8410 if (err)
8411 return err;
8412
8413 if (tb[NL80211_WOWLAN_TRIG_ANY]) {
8414 if (!(wowlan->flags & WIPHY_WOWLAN_ANY))
8415 return -EINVAL;
8416 new_triggers.any = true;
8417 }
8418
8419 if (tb[NL80211_WOWLAN_TRIG_DISCONNECT]) {
8420 if (!(wowlan->flags & WIPHY_WOWLAN_DISCONNECT))
8421 return -EINVAL;
8422 new_triggers.disconnect = true;
8423 }
8424
8425 if (tb[NL80211_WOWLAN_TRIG_MAGIC_PKT]) {
8426 if (!(wowlan->flags & WIPHY_WOWLAN_MAGIC_PKT))
8427 return -EINVAL;
8428 new_triggers.magic_pkt = true;
8429 }
8430
8431 if (tb[NL80211_WOWLAN_TRIG_GTK_REKEY_SUPPORTED])
8432 return -EINVAL;
8433
8434 if (tb[NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE]) {
8435 if (!(wowlan->flags & WIPHY_WOWLAN_GTK_REKEY_FAILURE))
8436 return -EINVAL;
8437 new_triggers.gtk_rekey_failure = true;
8438 }
8439
8440 if (tb[NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST]) {
8441 if (!(wowlan->flags & WIPHY_WOWLAN_EAP_IDENTITY_REQ))
8442 return -EINVAL;
8443 new_triggers.eap_identity_req = true;
8444 }
8445
8446 if (tb[NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE]) {
8447 if (!(wowlan->flags & WIPHY_WOWLAN_4WAY_HANDSHAKE))
8448 return -EINVAL;
8449 new_triggers.four_way_handshake = true;
8450 }
8451
8452 if (tb[NL80211_WOWLAN_TRIG_RFKILL_RELEASE]) {
8453 if (!(wowlan->flags & WIPHY_WOWLAN_RFKILL_RELEASE))
8454 return -EINVAL;
8455 new_triggers.rfkill_release = true;
8456 }
8457
8458 if (tb[NL80211_WOWLAN_TRIG_PKT_PATTERN]) {
8459 struct nlattr *pat;
8460 int n_patterns = 0;
8461 int rem, pat_len, mask_len, pkt_offset;
8462 struct nlattr *pat_tb[NUM_NL80211_PKTPAT];
8463
8464 nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN],
8465 rem)
8466 n_patterns++;
8467 if (n_patterns > wowlan->n_patterns)
8468 return -EINVAL;
8469
8470 new_triggers.patterns = kcalloc(n_patterns,
8471 sizeof(new_triggers.patterns[0]),
8472 GFP_KERNEL);
8473 if (!new_triggers.patterns)
8474 return -ENOMEM;
8475
8476 new_triggers.n_patterns = n_patterns;
8477 i = 0;
8478
8479 nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN],
8480 rem) {
8481 nla_parse(pat_tb, MAX_NL80211_PKTPAT, nla_data(pat),
8482 nla_len(pat), NULL);
8483 err = -EINVAL;
8484 if (!pat_tb[NL80211_PKTPAT_MASK] ||
8485 !pat_tb[NL80211_PKTPAT_PATTERN])
8486 goto error;
8487 pat_len = nla_len(pat_tb[NL80211_PKTPAT_PATTERN]);
8488 mask_len = DIV_ROUND_UP(pat_len, 8);
8489 if (nla_len(pat_tb[NL80211_PKTPAT_MASK]) != mask_len)
8490 goto error;
8491 if (pat_len > wowlan->pattern_max_len ||
8492 pat_len < wowlan->pattern_min_len)
8493 goto error;
8494
8495 if (!pat_tb[NL80211_PKTPAT_OFFSET])
8496 pkt_offset = 0;
8497 else
8498 pkt_offset = nla_get_u32(
8499 pat_tb[NL80211_PKTPAT_OFFSET]);
8500 if (pkt_offset > wowlan->max_pkt_offset)
8501 goto error;
8502 new_triggers.patterns[i].pkt_offset = pkt_offset;
8503
8504 new_triggers.patterns[i].mask =
8505 kmalloc(mask_len + pat_len, GFP_KERNEL);
8506 if (!new_triggers.patterns[i].mask) {
8507 err = -ENOMEM;
8508 goto error;
8509 }
8510 new_triggers.patterns[i].pattern =
8511 new_triggers.patterns[i].mask + mask_len;
8512 memcpy(new_triggers.patterns[i].mask,
8513 nla_data(pat_tb[NL80211_PKTPAT_MASK]),
8514 mask_len);
8515 new_triggers.patterns[i].pattern_len = pat_len;
8516 memcpy(new_triggers.patterns[i].pattern,
8517 nla_data(pat_tb[NL80211_PKTPAT_PATTERN]),
8518 pat_len);
8519 i++;
8520 }
8521 }
8522
8523 if (tb[NL80211_WOWLAN_TRIG_TCP_CONNECTION]) {
8524 err = nl80211_parse_wowlan_tcp(
8525 rdev, tb[NL80211_WOWLAN_TRIG_TCP_CONNECTION],
8526 &new_triggers);
8527 if (err)
8528 goto error;
8529 }
8530
8531 ntrig = kmemdup(&new_triggers, sizeof(new_triggers), GFP_KERNEL);
8532 if (!ntrig) {
8533 err = -ENOMEM;
8534 goto error;
8535 }
8536 cfg80211_rdev_free_wowlan(rdev);
8537 rdev->wiphy.wowlan_config = ntrig;
8538
8539 set_wakeup:
8540 if (rdev->ops->set_wakeup &&
8541 prev_enabled != !!rdev->wiphy.wowlan_config)
8542 rdev_set_wakeup(rdev, rdev->wiphy.wowlan_config);
8543
8544 return 0;
8545 error:
8546 for (i = 0; i < new_triggers.n_patterns; i++)
8547 kfree(new_triggers.patterns[i].mask);
8548 kfree(new_triggers.patterns);
8549 if (new_triggers.tcp && new_triggers.tcp->sock)
8550 sock_release(new_triggers.tcp->sock);
8551 kfree(new_triggers.tcp);
8552 return err;
8553}
8554#endif
8555
8556static int nl80211_send_coalesce_rules(struct sk_buff *msg,
8557 struct cfg80211_registered_device *rdev)
8558{
8559 struct nlattr *nl_pats, *nl_pat, *nl_rule, *nl_rules;
8560 int i, j, pat_len;
8561 struct cfg80211_coalesce_rules *rule;
8562
8563 if (!rdev->coalesce->n_rules)
8564 return 0;
8565
8566 nl_rules = nla_nest_start(msg, NL80211_ATTR_COALESCE_RULE);
8567 if (!nl_rules)
8568 return -ENOBUFS;
8569
8570 for (i = 0; i < rdev->coalesce->n_rules; i++) {
8571 nl_rule = nla_nest_start(msg, i + 1);
8572 if (!nl_rule)
8573 return -ENOBUFS;
8574
8575 rule = &rdev->coalesce->rules[i];
8576 if (nla_put_u32(msg, NL80211_ATTR_COALESCE_RULE_DELAY,
8577 rule->delay))
8578 return -ENOBUFS;
8579
8580 if (nla_put_u32(msg, NL80211_ATTR_COALESCE_RULE_CONDITION,
8581 rule->condition))
8582 return -ENOBUFS;
8583
8584 nl_pats = nla_nest_start(msg,
8585 NL80211_ATTR_COALESCE_RULE_PKT_PATTERN);
8586 if (!nl_pats)
8587 return -ENOBUFS;
8588
8589 for (j = 0; j < rule->n_patterns; j++) {
8590 nl_pat = nla_nest_start(msg, j + 1);
8591 if (!nl_pat)
8592 return -ENOBUFS;
8593 pat_len = rule->patterns[j].pattern_len;
8594 if (nla_put(msg, NL80211_PKTPAT_MASK,
8595 DIV_ROUND_UP(pat_len, 8),
8596 rule->patterns[j].mask) ||
8597 nla_put(msg, NL80211_PKTPAT_PATTERN, pat_len,
8598 rule->patterns[j].pattern) ||
8599 nla_put_u32(msg, NL80211_PKTPAT_OFFSET,
8600 rule->patterns[j].pkt_offset))
8601 return -ENOBUFS;
8602 nla_nest_end(msg, nl_pat);
8603 }
8604 nla_nest_end(msg, nl_pats);
8605 nla_nest_end(msg, nl_rule);
8606 }
8607 nla_nest_end(msg, nl_rules);
8608
8609 return 0;
8610}
8611
8612static int nl80211_get_coalesce(struct sk_buff *skb, struct genl_info *info)
8613{
8614 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8615 struct sk_buff *msg;
8616 void *hdr;
8617
8618 if (!rdev->wiphy.coalesce)
8619 return -EOPNOTSUPP;
8620
8621 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
8622 if (!msg)
8623 return -ENOMEM;
8624
8625 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
8626 NL80211_CMD_GET_COALESCE);
8627 if (!hdr)
8628 goto nla_put_failure;
8629
8630 if (rdev->coalesce && nl80211_send_coalesce_rules(msg, rdev))
8631 goto nla_put_failure;
8632
8633 genlmsg_end(msg, hdr);
8634 return genlmsg_reply(msg, info);
8635
8636nla_put_failure:
8637 nlmsg_free(msg);
8638 return -ENOBUFS;
8639}
8640
8641void cfg80211_rdev_free_coalesce(struct cfg80211_registered_device *rdev)
8642{
8643 struct cfg80211_coalesce *coalesce = rdev->coalesce;
8644 int i, j;
8645 struct cfg80211_coalesce_rules *rule;
8646
8647 if (!coalesce)
8648 return;
8649
8650 for (i = 0; i < coalesce->n_rules; i++) {
8651 rule = &coalesce->rules[i];
8652 for (j = 0; j < rule->n_patterns; j++)
8653 kfree(rule->patterns[j].mask);
8654 kfree(rule->patterns);
8655 }
8656 kfree(coalesce->rules);
8657 kfree(coalesce);
8658 rdev->coalesce = NULL;
8659}
8660
8661static int nl80211_parse_coalesce_rule(struct cfg80211_registered_device *rdev,
8662 struct nlattr *rule,
8663 struct cfg80211_coalesce_rules *new_rule)
8664{
8665 int err, i;
8666 const struct wiphy_coalesce_support *coalesce = rdev->wiphy.coalesce;
8667 struct nlattr *tb[NUM_NL80211_ATTR_COALESCE_RULE], *pat;
8668 int rem, pat_len, mask_len, pkt_offset, n_patterns = 0;
8669 struct nlattr *pat_tb[NUM_NL80211_PKTPAT];
8670
8671 err = nla_parse(tb, NL80211_ATTR_COALESCE_RULE_MAX, nla_data(rule),
8672 nla_len(rule), nl80211_coalesce_policy);
8673 if (err)
8674 return err;
8675
8676 if (tb[NL80211_ATTR_COALESCE_RULE_DELAY])
8677 new_rule->delay =
8678 nla_get_u32(tb[NL80211_ATTR_COALESCE_RULE_DELAY]);
8679 if (new_rule->delay > coalesce->max_delay)
8680 return -EINVAL;
8681
8682 if (tb[NL80211_ATTR_COALESCE_RULE_CONDITION])
8683 new_rule->condition =
8684 nla_get_u32(tb[NL80211_ATTR_COALESCE_RULE_CONDITION]);
8685 if (new_rule->condition != NL80211_COALESCE_CONDITION_MATCH &&
8686 new_rule->condition != NL80211_COALESCE_CONDITION_NO_MATCH)
8687 return -EINVAL;
8688
8689 if (!tb[NL80211_ATTR_COALESCE_RULE_PKT_PATTERN])
8690 return -EINVAL;
8691
8692 nla_for_each_nested(pat, tb[NL80211_ATTR_COALESCE_RULE_PKT_PATTERN],
8693 rem)
8694 n_patterns++;
8695 if (n_patterns > coalesce->n_patterns)
8696 return -EINVAL;
8697
8698 new_rule->patterns = kcalloc(n_patterns, sizeof(new_rule->patterns[0]),
8699 GFP_KERNEL);
8700 if (!new_rule->patterns)
8701 return -ENOMEM;
8702
8703 new_rule->n_patterns = n_patterns;
8704 i = 0;
8705
8706 nla_for_each_nested(pat, tb[NL80211_ATTR_COALESCE_RULE_PKT_PATTERN],
8707 rem) {
8708 nla_parse(pat_tb, MAX_NL80211_PKTPAT, nla_data(pat),
8709 nla_len(pat), NULL);
8710 if (!pat_tb[NL80211_PKTPAT_MASK] ||
8711 !pat_tb[NL80211_PKTPAT_PATTERN])
8712 return -EINVAL;
8713 pat_len = nla_len(pat_tb[NL80211_PKTPAT_PATTERN]);
8714 mask_len = DIV_ROUND_UP(pat_len, 8);
8715 if (nla_len(pat_tb[NL80211_PKTPAT_MASK]) != mask_len)
8716 return -EINVAL;
8717 if (pat_len > coalesce->pattern_max_len ||
8718 pat_len < coalesce->pattern_min_len)
8719 return -EINVAL;
8720
8721 if (!pat_tb[NL80211_PKTPAT_OFFSET])
8722 pkt_offset = 0;
8723 else
8724 pkt_offset = nla_get_u32(pat_tb[NL80211_PKTPAT_OFFSET]);
8725 if (pkt_offset > coalesce->max_pkt_offset)
8726 return -EINVAL;
8727 new_rule->patterns[i].pkt_offset = pkt_offset;
8728
8729 new_rule->patterns[i].mask =
8730 kmalloc(mask_len + pat_len, GFP_KERNEL);
8731 if (!new_rule->patterns[i].mask)
8732 return -ENOMEM;
8733 new_rule->patterns[i].pattern =
8734 new_rule->patterns[i].mask + mask_len;
8735 memcpy(new_rule->patterns[i].mask,
8736 nla_data(pat_tb[NL80211_PKTPAT_MASK]), mask_len);
8737 new_rule->patterns[i].pattern_len = pat_len;
8738 memcpy(new_rule->patterns[i].pattern,
8739 nla_data(pat_tb[NL80211_PKTPAT_PATTERN]), pat_len);
8740 i++;
8741 }
8742
8743 return 0;
8744}
8745
8746static int nl80211_set_coalesce(struct sk_buff *skb, struct genl_info *info)
8747{
8748 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8749 const struct wiphy_coalesce_support *coalesce = rdev->wiphy.coalesce;
8750 struct cfg80211_coalesce new_coalesce = {};
8751 struct cfg80211_coalesce *n_coalesce;
8752 int err, rem_rule, n_rules = 0, i, j;
8753 struct nlattr *rule;
8754 struct cfg80211_coalesce_rules *tmp_rule;
8755
8756 if (!rdev->wiphy.coalesce || !rdev->ops->set_coalesce)
8757 return -EOPNOTSUPP;
8758
8759 if (!info->attrs[NL80211_ATTR_COALESCE_RULE]) {
8760 cfg80211_rdev_free_coalesce(rdev);
8761 rdev->ops->set_coalesce(&rdev->wiphy, NULL);
8762 return 0;
8763 }
8764
8765 nla_for_each_nested(rule, info->attrs[NL80211_ATTR_COALESCE_RULE],
8766 rem_rule)
8767 n_rules++;
8768 if (n_rules > coalesce->n_rules)
8769 return -EINVAL;
8770
8771 new_coalesce.rules = kcalloc(n_rules, sizeof(new_coalesce.rules[0]),
8772 GFP_KERNEL);
8773 if (!new_coalesce.rules)
8774 return -ENOMEM;
8775
8776 new_coalesce.n_rules = n_rules;
8777 i = 0;
8778
8779 nla_for_each_nested(rule, info->attrs[NL80211_ATTR_COALESCE_RULE],
8780 rem_rule) {
8781 err = nl80211_parse_coalesce_rule(rdev, rule,
8782 &new_coalesce.rules[i]);
8783 if (err)
8784 goto error;
8785
8786 i++;
8787 }
8788
8789 err = rdev->ops->set_coalesce(&rdev->wiphy, &new_coalesce);
8790 if (err)
8791 goto error;
8792
8793 n_coalesce = kmemdup(&new_coalesce, sizeof(new_coalesce), GFP_KERNEL);
8794 if (!n_coalesce) {
8795 err = -ENOMEM;
8796 goto error;
8797 }
8798 cfg80211_rdev_free_coalesce(rdev);
8799 rdev->coalesce = n_coalesce;
8800
8801 return 0;
8802error:
8803 for (i = 0; i < new_coalesce.n_rules; i++) {
8804 tmp_rule = &new_coalesce.rules[i];
8805 for (j = 0; j < tmp_rule->n_patterns; j++)
8806 kfree(tmp_rule->patterns[j].mask);
8807 kfree(tmp_rule->patterns);
8808 }
8809 kfree(new_coalesce.rules);
8810
8811 return err;
8812}
8813
8814static int nl80211_set_rekey_data(struct sk_buff *skb, struct genl_info *info)
8815{
8816 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8817 struct net_device *dev = info->user_ptr[1];
8818 struct wireless_dev *wdev = dev->ieee80211_ptr;
8819 struct nlattr *tb[NUM_NL80211_REKEY_DATA];
8820 struct cfg80211_gtk_rekey_data rekey_data;
8821 int err;
8822
8823 if (!info->attrs[NL80211_ATTR_REKEY_DATA])
8824 return -EINVAL;
8825
8826 err = nla_parse(tb, MAX_NL80211_REKEY_DATA,
8827 nla_data(info->attrs[NL80211_ATTR_REKEY_DATA]),
8828 nla_len(info->attrs[NL80211_ATTR_REKEY_DATA]),
8829 nl80211_rekey_policy);
8830 if (err)
8831 return err;
8832
8833 if (nla_len(tb[NL80211_REKEY_DATA_REPLAY_CTR]) != NL80211_REPLAY_CTR_LEN)
8834 return -ERANGE;
8835 if (nla_len(tb[NL80211_REKEY_DATA_KEK]) != NL80211_KEK_LEN)
8836 return -ERANGE;
8837 if (nla_len(tb[NL80211_REKEY_DATA_KCK]) != NL80211_KCK_LEN)
8838 return -ERANGE;
8839
8840 memcpy(rekey_data.kek, nla_data(tb[NL80211_REKEY_DATA_KEK]),
8841 NL80211_KEK_LEN);
8842 memcpy(rekey_data.kck, nla_data(tb[NL80211_REKEY_DATA_KCK]),
8843 NL80211_KCK_LEN);
8844 memcpy(rekey_data.replay_ctr,
8845 nla_data(tb[NL80211_REKEY_DATA_REPLAY_CTR]),
8846 NL80211_REPLAY_CTR_LEN);
8847
8848 wdev_lock(wdev);
8849 if (!wdev->current_bss) {
8850 err = -ENOTCONN;
8851 goto out;
8852 }
8853
8854 if (!rdev->ops->set_rekey_data) {
8855 err = -EOPNOTSUPP;
8856 goto out;
8857 }
8858
8859 err = rdev_set_rekey_data(rdev, dev, &rekey_data);
8860 out:
8861 wdev_unlock(wdev);
8862 return err;
8863}
8864
8865static int nl80211_register_unexpected_frame(struct sk_buff *skb,
8866 struct genl_info *info)
8867{
8868 struct net_device *dev = info->user_ptr[1];
8869 struct wireless_dev *wdev = dev->ieee80211_ptr;
8870
8871 if (wdev->iftype != NL80211_IFTYPE_AP &&
8872 wdev->iftype != NL80211_IFTYPE_P2P_GO)
8873 return -EINVAL;
8874
8875 if (wdev->ap_unexpected_nlportid)
8876 return -EBUSY;
8877
8878 wdev->ap_unexpected_nlportid = info->snd_portid;
8879 return 0;
8880}
8881
8882static int nl80211_probe_client(struct sk_buff *skb,
8883 struct genl_info *info)
8884{
8885 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8886 struct net_device *dev = info->user_ptr[1];
8887 struct wireless_dev *wdev = dev->ieee80211_ptr;
8888 struct sk_buff *msg;
8889 void *hdr;
8890 const u8 *addr;
8891 u64 cookie;
8892 int err;
8893
8894 if (wdev->iftype != NL80211_IFTYPE_AP &&
8895 wdev->iftype != NL80211_IFTYPE_P2P_GO)
8896 return -EOPNOTSUPP;
8897
8898 if (!info->attrs[NL80211_ATTR_MAC])
8899 return -EINVAL;
8900
8901 if (!rdev->ops->probe_client)
8902 return -EOPNOTSUPP;
8903
8904 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
8905 if (!msg)
8906 return -ENOMEM;
8907
8908 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
8909 NL80211_CMD_PROBE_CLIENT);
8910 if (!hdr) {
8911 err = -ENOBUFS;
8912 goto free_msg;
8913 }
8914
8915 addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
8916
8917 err = rdev_probe_client(rdev, dev, addr, &cookie);
8918 if (err)
8919 goto free_msg;
8920
8921 if (nla_put_u64(msg, NL80211_ATTR_COOKIE, cookie))
8922 goto nla_put_failure;
8923
8924 genlmsg_end(msg, hdr);
8925
8926 return genlmsg_reply(msg, info);
8927
8928 nla_put_failure:
8929 err = -ENOBUFS;
8930 free_msg:
8931 nlmsg_free(msg);
8932 return err;
8933}
8934
8935static int nl80211_register_beacons(struct sk_buff *skb, struct genl_info *info)
8936{
8937 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8938 struct cfg80211_beacon_registration *reg, *nreg;
8939 int rv;
8940
8941 if (!(rdev->wiphy.flags & WIPHY_FLAG_REPORTS_OBSS))
8942 return -EOPNOTSUPP;
8943
8944 nreg = kzalloc(sizeof(*nreg), GFP_KERNEL);
8945 if (!nreg)
8946 return -ENOMEM;
8947
8948
8949 spin_lock_bh(&rdev->beacon_registrations_lock);
8950 list_for_each_entry(reg, &rdev->beacon_registrations, list) {
8951 if (reg->nlportid == info->snd_portid) {
8952 rv = -EALREADY;
8953 goto out_err;
8954 }
8955 }
8956
8957 nreg->nlportid = info->snd_portid;
8958 list_add(&nreg->list, &rdev->beacon_registrations);
8959
8960 spin_unlock_bh(&rdev->beacon_registrations_lock);
8961
8962 return 0;
8963out_err:
8964 spin_unlock_bh(&rdev->beacon_registrations_lock);
8965 kfree(nreg);
8966 return rv;
8967}
8968
8969static int nl80211_start_p2p_device(struct sk_buff *skb, struct genl_info *info)
8970{
8971 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8972 struct wireless_dev *wdev = info->user_ptr[1];
8973 int err;
8974
8975 if (!rdev->ops->start_p2p_device)
8976 return -EOPNOTSUPP;
8977
8978 if (wdev->iftype != NL80211_IFTYPE_P2P_DEVICE)
8979 return -EOPNOTSUPP;
8980
8981 if (wdev->p2p_started)
8982 return 0;
8983
8984 err = cfg80211_can_add_interface(rdev, wdev->iftype);
8985 if (err)
8986 return err;
8987
8988 err = rdev_start_p2p_device(rdev, wdev);
8989 if (err)
8990 return err;
8991
8992 wdev->p2p_started = true;
8993 rdev->opencount++;
8994
8995 return 0;
8996}
8997
8998static int nl80211_stop_p2p_device(struct sk_buff *skb, struct genl_info *info)
8999{
9000 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9001 struct wireless_dev *wdev = info->user_ptr[1];
9002
9003 if (wdev->iftype != NL80211_IFTYPE_P2P_DEVICE)
9004 return -EOPNOTSUPP;
9005
9006 if (!rdev->ops->stop_p2p_device)
9007 return -EOPNOTSUPP;
9008
9009 cfg80211_stop_p2p_device(rdev, wdev);
9010
9011 return 0;
9012}
9013
9014static int nl80211_get_protocol_features(struct sk_buff *skb,
9015 struct genl_info *info)
9016{
9017 void *hdr;
9018 struct sk_buff *msg;
9019
9020 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
9021 if (!msg)
9022 return -ENOMEM;
9023
9024 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
9025 NL80211_CMD_GET_PROTOCOL_FEATURES);
9026 if (!hdr)
9027 goto nla_put_failure;
9028
9029 if (nla_put_u32(msg, NL80211_ATTR_PROTOCOL_FEATURES,
9030 NL80211_PROTOCOL_FEATURE_SPLIT_WIPHY_DUMP))
9031 goto nla_put_failure;
9032
9033 genlmsg_end(msg, hdr);
9034 return genlmsg_reply(msg, info);
9035
9036 nla_put_failure:
9037 kfree_skb(msg);
9038 return -ENOBUFS;
9039}
9040
9041static int nl80211_update_ft_ies(struct sk_buff *skb, struct genl_info *info)
9042{
9043 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9044 struct cfg80211_update_ft_ies_params ft_params;
9045 struct net_device *dev = info->user_ptr[1];
9046
9047 if (!rdev->ops->update_ft_ies)
9048 return -EOPNOTSUPP;
9049
9050 if (!info->attrs[NL80211_ATTR_MDID] ||
9051 !is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
9052 return -EINVAL;
9053
9054 memset(&ft_params, 0, sizeof(ft_params));
9055 ft_params.md = nla_get_u16(info->attrs[NL80211_ATTR_MDID]);
9056 ft_params.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
9057 ft_params.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
9058
9059 return rdev_update_ft_ies(rdev, dev, &ft_params);
9060}
9061
9062static int nl80211_crit_protocol_start(struct sk_buff *skb,
9063 struct genl_info *info)
9064{
9065 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9066 struct wireless_dev *wdev = info->user_ptr[1];
9067 enum nl80211_crit_proto_id proto = NL80211_CRIT_PROTO_UNSPEC;
9068 u16 duration;
9069 int ret;
9070
9071 if (!rdev->ops->crit_proto_start)
9072 return -EOPNOTSUPP;
9073
9074 if (WARN_ON(!rdev->ops->crit_proto_stop))
9075 return -EINVAL;
9076
9077 if (rdev->crit_proto_nlportid)
9078 return -EBUSY;
9079
9080
9081 if (info->attrs[NL80211_ATTR_CRIT_PROT_ID])
9082 proto = nla_get_u16(info->attrs[NL80211_ATTR_CRIT_PROT_ID]);
9083
9084 if (proto >= NUM_NL80211_CRIT_PROTO)
9085 return -EINVAL;
9086
9087
9088 if (!info->attrs[NL80211_ATTR_MAX_CRIT_PROT_DURATION])
9089 return -EINVAL;
9090
9091 duration =
9092 nla_get_u16(info->attrs[NL80211_ATTR_MAX_CRIT_PROT_DURATION]);
9093
9094 if (duration > NL80211_CRIT_PROTO_MAX_DURATION)
9095 return -ERANGE;
9096
9097 ret = rdev_crit_proto_start(rdev, wdev, proto, duration);
9098 if (!ret)
9099 rdev->crit_proto_nlportid = info->snd_portid;
9100
9101 return ret;
9102}
9103
9104static int nl80211_crit_protocol_stop(struct sk_buff *skb,
9105 struct genl_info *info)
9106{
9107 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9108 struct wireless_dev *wdev = info->user_ptr[1];
9109
9110 if (!rdev->ops->crit_proto_stop)
9111 return -EOPNOTSUPP;
9112
9113 if (rdev->crit_proto_nlportid) {
9114 rdev->crit_proto_nlportid = 0;
9115 rdev_crit_proto_stop(rdev, wdev);
9116 }
9117 return 0;
9118}
9119
9120static int nl80211_vendor_cmd(struct sk_buff *skb, struct genl_info *info)
9121{
9122 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9123 struct wireless_dev *wdev =
9124 __cfg80211_wdev_from_attrs(genl_info_net(info), info->attrs);
9125 int i, err;
9126 u32 vid, subcmd;
9127
9128 if (!rdev->wiphy.vendor_commands)
9129 return -EOPNOTSUPP;
9130
9131 if (IS_ERR(wdev)) {
9132 err = PTR_ERR(wdev);
9133 if (err != -EINVAL)
9134 return err;
9135 wdev = NULL;
9136 } else if (wdev->wiphy != &rdev->wiphy) {
9137 return -EINVAL;
9138 }
9139
9140 if (!info->attrs[NL80211_ATTR_VENDOR_ID] ||
9141 !info->attrs[NL80211_ATTR_VENDOR_SUBCMD])
9142 return -EINVAL;
9143
9144 vid = nla_get_u32(info->attrs[NL80211_ATTR_VENDOR_ID]);
9145 subcmd = nla_get_u32(info->attrs[NL80211_ATTR_VENDOR_SUBCMD]);
9146 for (i = 0; i < rdev->wiphy.n_vendor_commands; i++) {
9147 const struct wiphy_vendor_command *vcmd;
9148 void *data = NULL;
9149 int len = 0;
9150
9151 vcmd = &rdev->wiphy.vendor_commands[i];
9152
9153 if (vcmd->info.vendor_id != vid || vcmd->info.subcmd != subcmd)
9154 continue;
9155
9156 if (vcmd->flags & (WIPHY_VENDOR_CMD_NEED_WDEV |
9157 WIPHY_VENDOR_CMD_NEED_NETDEV)) {
9158 if (!wdev)
9159 return -EINVAL;
9160 if (vcmd->flags & WIPHY_VENDOR_CMD_NEED_NETDEV &&
9161 !wdev->netdev)
9162 return -EINVAL;
9163
9164 if (vcmd->flags & WIPHY_VENDOR_CMD_NEED_RUNNING) {
9165 if (wdev->netdev &&
9166 !netif_running(wdev->netdev))
9167 return -ENETDOWN;
9168 if (!wdev->netdev && !wdev->p2p_started)
9169 return -ENETDOWN;
9170 }
9171 } else {
9172 wdev = NULL;
9173 }
9174
9175 if (info->attrs[NL80211_ATTR_VENDOR_DATA]) {
9176 data = nla_data(info->attrs[NL80211_ATTR_VENDOR_DATA]);
9177 len = nla_len(info->attrs[NL80211_ATTR_VENDOR_DATA]);
9178 }
9179
9180 rdev->cur_cmd_info = info;
9181 err = rdev->wiphy.vendor_commands[i].doit(&rdev->wiphy, wdev,
9182 data, len);
9183 rdev->cur_cmd_info = NULL;
9184 return err;
9185 }
9186
9187 return -EOPNOTSUPP;
9188}
9189
9190struct sk_buff *__cfg80211_alloc_reply_skb(struct wiphy *wiphy,
9191 enum nl80211_commands cmd,
9192 enum nl80211_attrs attr,
9193 int approxlen)
9194{
9195 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
9196
9197 if (WARN_ON(!rdev->cur_cmd_info))
9198 return NULL;
9199
9200 return __cfg80211_alloc_vendor_skb(rdev, approxlen,
9201 rdev->cur_cmd_info->snd_portid,
9202 rdev->cur_cmd_info->snd_seq,
9203 cmd, attr, NULL, GFP_KERNEL);
9204}
9205EXPORT_SYMBOL(__cfg80211_alloc_reply_skb);
9206
9207int cfg80211_vendor_cmd_reply(struct sk_buff *skb)
9208{
9209 struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0];
9210 void *hdr = ((void **)skb->cb)[1];
9211 struct nlattr *data = ((void **)skb->cb)[2];
9212
9213 if (WARN_ON(!rdev->cur_cmd_info)) {
9214 kfree_skb(skb);
9215 return -EINVAL;
9216 }
9217
9218 nla_nest_end(skb, data);
9219 genlmsg_end(skb, hdr);
9220 return genlmsg_reply(skb, rdev->cur_cmd_info);
9221}
9222EXPORT_SYMBOL_GPL(cfg80211_vendor_cmd_reply);
9223
9224
9225static int nl80211_set_qos_map(struct sk_buff *skb,
9226 struct genl_info *info)
9227{
9228 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9229 struct cfg80211_qos_map *qos_map = NULL;
9230 struct net_device *dev = info->user_ptr[1];
9231 u8 *pos, len, num_des, des_len, des;
9232 int ret;
9233
9234 if (!rdev->ops->set_qos_map)
9235 return -EOPNOTSUPP;
9236
9237 if (info->attrs[NL80211_ATTR_QOS_MAP]) {
9238 pos = nla_data(info->attrs[NL80211_ATTR_QOS_MAP]);
9239 len = nla_len(info->attrs[NL80211_ATTR_QOS_MAP]);
9240
9241 if (len % 2 || len < IEEE80211_QOS_MAP_LEN_MIN ||
9242 len > IEEE80211_QOS_MAP_LEN_MAX)
9243 return -EINVAL;
9244
9245 qos_map = kzalloc(sizeof(struct cfg80211_qos_map), GFP_KERNEL);
9246 if (!qos_map)
9247 return -ENOMEM;
9248
9249 num_des = (len - IEEE80211_QOS_MAP_LEN_MIN) >> 1;
9250 if (num_des) {
9251 des_len = num_des *
9252 sizeof(struct cfg80211_dscp_exception);
9253 memcpy(qos_map->dscp_exception, pos, des_len);
9254 qos_map->num_des = num_des;
9255 for (des = 0; des < num_des; des++) {
9256 if (qos_map->dscp_exception[des].up > 7) {
9257 kfree(qos_map);
9258 return -EINVAL;
9259 }
9260 }
9261 pos += des_len;
9262 }
9263 memcpy(qos_map->up, pos, IEEE80211_QOS_MAP_LEN_MIN);
9264 }
9265
9266 wdev_lock(dev->ieee80211_ptr);
9267 ret = nl80211_key_allowed(dev->ieee80211_ptr);
9268 if (!ret)
9269 ret = rdev_set_qos_map(rdev, dev, qos_map);
9270 wdev_unlock(dev->ieee80211_ptr);
9271
9272 kfree(qos_map);
9273 return ret;
9274}
9275
9276#define NL80211_FLAG_NEED_WIPHY 0x01
9277#define NL80211_FLAG_NEED_NETDEV 0x02
9278#define NL80211_FLAG_NEED_RTNL 0x04
9279#define NL80211_FLAG_CHECK_NETDEV_UP 0x08
9280#define NL80211_FLAG_NEED_NETDEV_UP (NL80211_FLAG_NEED_NETDEV |\
9281 NL80211_FLAG_CHECK_NETDEV_UP)
9282#define NL80211_FLAG_NEED_WDEV 0x10
9283
9284#define NL80211_FLAG_NEED_WDEV_UP (NL80211_FLAG_NEED_WDEV |\
9285 NL80211_FLAG_CHECK_NETDEV_UP)
9286
9287static int nl80211_pre_doit(const struct genl_ops *ops, struct sk_buff *skb,
9288 struct genl_info *info)
9289{
9290 struct cfg80211_registered_device *rdev;
9291 struct wireless_dev *wdev;
9292 struct net_device *dev;
9293 bool rtnl = ops->internal_flags & NL80211_FLAG_NEED_RTNL;
9294
9295 if (rtnl)
9296 rtnl_lock();
9297
9298 if (ops->internal_flags & NL80211_FLAG_NEED_WIPHY) {
9299 rdev = cfg80211_get_dev_from_info(genl_info_net(info), info);
9300 if (IS_ERR(rdev)) {
9301 if (rtnl)
9302 rtnl_unlock();
9303 return PTR_ERR(rdev);
9304 }
9305 info->user_ptr[0] = rdev;
9306 } else if (ops->internal_flags & NL80211_FLAG_NEED_NETDEV ||
9307 ops->internal_flags & NL80211_FLAG_NEED_WDEV) {
9308 ASSERT_RTNL();
9309
9310 wdev = __cfg80211_wdev_from_attrs(genl_info_net(info),
9311 info->attrs);
9312 if (IS_ERR(wdev)) {
9313 if (rtnl)
9314 rtnl_unlock();
9315 return PTR_ERR(wdev);
9316 }
9317
9318 dev = wdev->netdev;
9319 rdev = wiphy_to_dev(wdev->wiphy);
9320
9321 if (ops->internal_flags & NL80211_FLAG_NEED_NETDEV) {
9322 if (!dev) {
9323 if (rtnl)
9324 rtnl_unlock();
9325 return -EINVAL;
9326 }
9327
9328 info->user_ptr[1] = dev;
9329 } else {
9330 info->user_ptr[1] = wdev;
9331 }
9332
9333 if (dev) {
9334 if (ops->internal_flags & NL80211_FLAG_CHECK_NETDEV_UP &&
9335 !netif_running(dev)) {
9336 if (rtnl)
9337 rtnl_unlock();
9338 return -ENETDOWN;
9339 }
9340
9341 dev_hold(dev);
9342 } else if (ops->internal_flags & NL80211_FLAG_CHECK_NETDEV_UP) {
9343 if (!wdev->p2p_started) {
9344 if (rtnl)
9345 rtnl_unlock();
9346 return -ENETDOWN;
9347 }
9348 }
9349
9350 info->user_ptr[0] = rdev;
9351 }
9352
9353 return 0;
9354}
9355
9356static void nl80211_post_doit(const struct genl_ops *ops, struct sk_buff *skb,
9357 struct genl_info *info)
9358{
9359 if (info->user_ptr[1]) {
9360 if (ops->internal_flags & NL80211_FLAG_NEED_WDEV) {
9361 struct wireless_dev *wdev = info->user_ptr[1];
9362
9363 if (wdev->netdev)
9364 dev_put(wdev->netdev);
9365 } else {
9366 dev_put(info->user_ptr[1]);
9367 }
9368 }
9369 if (ops->internal_flags & NL80211_FLAG_NEED_RTNL)
9370 rtnl_unlock();
9371}
9372
9373static const struct genl_ops nl80211_ops[] = {
9374 {
9375 .cmd = NL80211_CMD_GET_WIPHY,
9376 .doit = nl80211_get_wiphy,
9377 .dumpit = nl80211_dump_wiphy,
9378 .done = nl80211_dump_wiphy_done,
9379 .policy = nl80211_policy,
9380
9381 .internal_flags = NL80211_FLAG_NEED_WIPHY |
9382 NL80211_FLAG_NEED_RTNL,
9383 },
9384 {
9385 .cmd = NL80211_CMD_SET_WIPHY,
9386 .doit = nl80211_set_wiphy,
9387 .policy = nl80211_policy,
9388 .flags = GENL_ADMIN_PERM,
9389 .internal_flags = NL80211_FLAG_NEED_RTNL,
9390 },
9391 {
9392 .cmd = NL80211_CMD_GET_INTERFACE,
9393 .doit = nl80211_get_interface,
9394 .dumpit = nl80211_dump_interface,
9395 .policy = nl80211_policy,
9396
9397 .internal_flags = NL80211_FLAG_NEED_WDEV |
9398 NL80211_FLAG_NEED_RTNL,
9399 },
9400 {
9401 .cmd = NL80211_CMD_SET_INTERFACE,
9402 .doit = nl80211_set_interface,
9403 .policy = nl80211_policy,
9404 .flags = GENL_ADMIN_PERM,
9405 .internal_flags = NL80211_FLAG_NEED_NETDEV |
9406 NL80211_FLAG_NEED_RTNL,
9407 },
9408 {
9409 .cmd = NL80211_CMD_NEW_INTERFACE,
9410 .doit = nl80211_new_interface,
9411 .policy = nl80211_policy,
9412 .flags = GENL_ADMIN_PERM,
9413 .internal_flags = NL80211_FLAG_NEED_WIPHY |
9414 NL80211_FLAG_NEED_RTNL,
9415 },
9416 {
9417 .cmd = NL80211_CMD_DEL_INTERFACE,
9418 .doit = nl80211_del_interface,
9419 .policy = nl80211_policy,
9420 .flags = GENL_ADMIN_PERM,
9421 .internal_flags = NL80211_FLAG_NEED_WDEV |
9422 NL80211_FLAG_NEED_RTNL,
9423 },
9424 {
9425 .cmd = NL80211_CMD_GET_KEY,
9426 .doit = nl80211_get_key,
9427 .policy = nl80211_policy,
9428 .flags = GENL_ADMIN_PERM,
9429 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9430 NL80211_FLAG_NEED_RTNL,
9431 },
9432 {
9433 .cmd = NL80211_CMD_SET_KEY,
9434 .doit = nl80211_set_key,
9435 .policy = nl80211_policy,
9436 .flags = GENL_ADMIN_PERM,
9437 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9438 NL80211_FLAG_NEED_RTNL,
9439 },
9440 {
9441 .cmd = NL80211_CMD_NEW_KEY,
9442 .doit = nl80211_new_key,
9443 .policy = nl80211_policy,
9444 .flags = GENL_ADMIN_PERM,
9445 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9446 NL80211_FLAG_NEED_RTNL,
9447 },
9448 {
9449 .cmd = NL80211_CMD_DEL_KEY,
9450 .doit = nl80211_del_key,
9451 .policy = nl80211_policy,
9452 .flags = GENL_ADMIN_PERM,
9453 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9454 NL80211_FLAG_NEED_RTNL,
9455 },
9456 {
9457 .cmd = NL80211_CMD_SET_BEACON,
9458 .policy = nl80211_policy,
9459 .flags = GENL_ADMIN_PERM,
9460 .doit = nl80211_set_beacon,
9461 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9462 NL80211_FLAG_NEED_RTNL,
9463 },
9464 {
9465 .cmd = NL80211_CMD_START_AP,
9466 .policy = nl80211_policy,
9467 .flags = GENL_ADMIN_PERM,
9468 .doit = nl80211_start_ap,
9469 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9470 NL80211_FLAG_NEED_RTNL,
9471 },
9472 {
9473 .cmd = NL80211_CMD_STOP_AP,
9474 .policy = nl80211_policy,
9475 .flags = GENL_ADMIN_PERM,
9476 .doit = nl80211_stop_ap,
9477 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9478 NL80211_FLAG_NEED_RTNL,
9479 },
9480 {
9481 .cmd = NL80211_CMD_GET_STATION,
9482 .doit = nl80211_get_station,
9483 .dumpit = nl80211_dump_station,
9484 .policy = nl80211_policy,
9485 .internal_flags = NL80211_FLAG_NEED_NETDEV |
9486 NL80211_FLAG_NEED_RTNL,
9487 },
9488 {
9489 .cmd = NL80211_CMD_SET_STATION,
9490 .doit = nl80211_set_station,
9491 .policy = nl80211_policy,
9492 .flags = GENL_ADMIN_PERM,
9493 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9494 NL80211_FLAG_NEED_RTNL,
9495 },
9496 {
9497 .cmd = NL80211_CMD_NEW_STATION,
9498 .doit = nl80211_new_station,
9499 .policy = nl80211_policy,
9500 .flags = GENL_ADMIN_PERM,
9501 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9502 NL80211_FLAG_NEED_RTNL,
9503 },
9504 {
9505 .cmd = NL80211_CMD_DEL_STATION,
9506 .doit = nl80211_del_station,
9507 .policy = nl80211_policy,
9508 .flags = GENL_ADMIN_PERM,
9509 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9510 NL80211_FLAG_NEED_RTNL,
9511 },
9512 {
9513 .cmd = NL80211_CMD_GET_MPATH,
9514 .doit = nl80211_get_mpath,
9515 .dumpit = nl80211_dump_mpath,
9516 .policy = nl80211_policy,
9517 .flags = GENL_ADMIN_PERM,
9518 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9519 NL80211_FLAG_NEED_RTNL,
9520 },
9521 {
9522 .cmd = NL80211_CMD_SET_MPATH,
9523 .doit = nl80211_set_mpath,
9524 .policy = nl80211_policy,
9525 .flags = GENL_ADMIN_PERM,
9526 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9527 NL80211_FLAG_NEED_RTNL,
9528 },
9529 {
9530 .cmd = NL80211_CMD_NEW_MPATH,
9531 .doit = nl80211_new_mpath,
9532 .policy = nl80211_policy,
9533 .flags = GENL_ADMIN_PERM,
9534 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9535 NL80211_FLAG_NEED_RTNL,
9536 },
9537 {
9538 .cmd = NL80211_CMD_DEL_MPATH,
9539 .doit = nl80211_del_mpath,
9540 .policy = nl80211_policy,
9541 .flags = GENL_ADMIN_PERM,
9542 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9543 NL80211_FLAG_NEED_RTNL,
9544 },
9545 {
9546 .cmd = NL80211_CMD_SET_BSS,
9547 .doit = nl80211_set_bss,
9548 .policy = nl80211_policy,
9549 .flags = GENL_ADMIN_PERM,
9550 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9551 NL80211_FLAG_NEED_RTNL,
9552 },
9553 {
9554 .cmd = NL80211_CMD_GET_REG,
9555 .doit = nl80211_get_reg,
9556 .policy = nl80211_policy,
9557 .internal_flags = NL80211_FLAG_NEED_RTNL,
9558
9559 },
9560 {
9561 .cmd = NL80211_CMD_SET_REG,
9562 .doit = nl80211_set_reg,
9563 .policy = nl80211_policy,
9564 .flags = GENL_ADMIN_PERM,
9565 .internal_flags = NL80211_FLAG_NEED_RTNL,
9566 },
9567 {
9568 .cmd = NL80211_CMD_REQ_SET_REG,
9569 .doit = nl80211_req_set_reg,
9570 .policy = nl80211_policy,
9571 .flags = GENL_ADMIN_PERM,
9572 },
9573 {
9574 .cmd = NL80211_CMD_GET_MESH_CONFIG,
9575 .doit = nl80211_get_mesh_config,
9576 .policy = nl80211_policy,
9577
9578 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9579 NL80211_FLAG_NEED_RTNL,
9580 },
9581 {
9582 .cmd = NL80211_CMD_SET_MESH_CONFIG,
9583 .doit = nl80211_update_mesh_config,
9584 .policy = nl80211_policy,
9585 .flags = GENL_ADMIN_PERM,
9586 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9587 NL80211_FLAG_NEED_RTNL,
9588 },
9589 {
9590 .cmd = NL80211_CMD_TRIGGER_SCAN,
9591 .doit = nl80211_trigger_scan,
9592 .policy = nl80211_policy,
9593 .flags = GENL_ADMIN_PERM,
9594 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
9595 NL80211_FLAG_NEED_RTNL,
9596 },
9597 {
9598 .cmd = NL80211_CMD_GET_SCAN,
9599 .policy = nl80211_policy,
9600 .dumpit = nl80211_dump_scan,
9601 },
9602 {
9603 .cmd = NL80211_CMD_START_SCHED_SCAN,
9604 .doit = nl80211_start_sched_scan,
9605 .policy = nl80211_policy,
9606 .flags = GENL_ADMIN_PERM,
9607 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9608 NL80211_FLAG_NEED_RTNL,
9609 },
9610 {
9611 .cmd = NL80211_CMD_STOP_SCHED_SCAN,
9612 .doit = nl80211_stop_sched_scan,
9613 .policy = nl80211_policy,
9614 .flags = GENL_ADMIN_PERM,
9615 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9616 NL80211_FLAG_NEED_RTNL,
9617 },
9618 {
9619 .cmd = NL80211_CMD_AUTHENTICATE,
9620 .doit = nl80211_authenticate,
9621 .policy = nl80211_policy,
9622 .flags = GENL_ADMIN_PERM,
9623 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9624 NL80211_FLAG_NEED_RTNL,
9625 },
9626 {
9627 .cmd = NL80211_CMD_ASSOCIATE,
9628 .doit = nl80211_associate,
9629 .policy = nl80211_policy,
9630 .flags = GENL_ADMIN_PERM,
9631 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9632 NL80211_FLAG_NEED_RTNL,
9633 },
9634 {
9635 .cmd = NL80211_CMD_DEAUTHENTICATE,
9636 .doit = nl80211_deauthenticate,
9637 .policy = nl80211_policy,
9638 .flags = GENL_ADMIN_PERM,
9639 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9640 NL80211_FLAG_NEED_RTNL,
9641 },
9642 {
9643 .cmd = NL80211_CMD_DISASSOCIATE,
9644 .doit = nl80211_disassociate,
9645 .policy = nl80211_policy,
9646 .flags = GENL_ADMIN_PERM,
9647 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9648 NL80211_FLAG_NEED_RTNL,
9649 },
9650 {
9651 .cmd = NL80211_CMD_JOIN_IBSS,
9652 .doit = nl80211_join_ibss,
9653 .policy = nl80211_policy,
9654 .flags = GENL_ADMIN_PERM,
9655 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9656 NL80211_FLAG_NEED_RTNL,
9657 },
9658 {
9659 .cmd = NL80211_CMD_LEAVE_IBSS,
9660 .doit = nl80211_leave_ibss,
9661 .policy = nl80211_policy,
9662 .flags = GENL_ADMIN_PERM,
9663 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9664 NL80211_FLAG_NEED_RTNL,
9665 },
9666#ifdef CONFIG_NL80211_TESTMODE
9667 {
9668 .cmd = NL80211_CMD_TESTMODE,
9669 .doit = nl80211_testmode_do,
9670 .dumpit = nl80211_testmode_dump,
9671 .policy = nl80211_policy,
9672 .flags = GENL_ADMIN_PERM,
9673 .internal_flags = NL80211_FLAG_NEED_WIPHY |
9674 NL80211_FLAG_NEED_RTNL,
9675 },
9676#endif
9677 {
9678 .cmd = NL80211_CMD_CONNECT,
9679 .doit = nl80211_connect,
9680 .policy = nl80211_policy,
9681 .flags = GENL_ADMIN_PERM,
9682 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9683 NL80211_FLAG_NEED_RTNL,
9684 },
9685 {
9686 .cmd = NL80211_CMD_DISCONNECT,
9687 .doit = nl80211_disconnect,
9688 .policy = nl80211_policy,
9689 .flags = GENL_ADMIN_PERM,
9690 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9691 NL80211_FLAG_NEED_RTNL,
9692 },
9693 {
9694 .cmd = NL80211_CMD_SET_WIPHY_NETNS,
9695 .doit = nl80211_wiphy_netns,
9696 .policy = nl80211_policy,
9697 .flags = GENL_ADMIN_PERM,
9698 .internal_flags = NL80211_FLAG_NEED_WIPHY |
9699 NL80211_FLAG_NEED_RTNL,
9700 },
9701 {
9702 .cmd = NL80211_CMD_GET_SURVEY,
9703 .policy = nl80211_policy,
9704 .dumpit = nl80211_dump_survey,
9705 },
9706 {
9707 .cmd = NL80211_CMD_SET_PMKSA,
9708 .doit = nl80211_setdel_pmksa,
9709 .policy = nl80211_policy,
9710 .flags = GENL_ADMIN_PERM,
9711 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9712 NL80211_FLAG_NEED_RTNL,
9713 },
9714 {
9715 .cmd = NL80211_CMD_DEL_PMKSA,
9716 .doit = nl80211_setdel_pmksa,
9717 .policy = nl80211_policy,
9718 .flags = GENL_ADMIN_PERM,
9719 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9720 NL80211_FLAG_NEED_RTNL,
9721 },
9722 {
9723 .cmd = NL80211_CMD_FLUSH_PMKSA,
9724 .doit = nl80211_flush_pmksa,
9725 .policy = nl80211_policy,
9726 .flags = GENL_ADMIN_PERM,
9727 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9728 NL80211_FLAG_NEED_RTNL,
9729 },
9730 {
9731 .cmd = NL80211_CMD_REMAIN_ON_CHANNEL,
9732 .doit = nl80211_remain_on_channel,
9733 .policy = nl80211_policy,
9734 .flags = GENL_ADMIN_PERM,
9735 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
9736 NL80211_FLAG_NEED_RTNL,
9737 },
9738 {
9739 .cmd = NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL,
9740 .doit = nl80211_cancel_remain_on_channel,
9741 .policy = nl80211_policy,
9742 .flags = GENL_ADMIN_PERM,
9743 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
9744 NL80211_FLAG_NEED_RTNL,
9745 },
9746 {
9747 .cmd = NL80211_CMD_SET_TX_BITRATE_MASK,
9748 .doit = nl80211_set_tx_bitrate_mask,
9749 .policy = nl80211_policy,
9750 .flags = GENL_ADMIN_PERM,
9751 .internal_flags = NL80211_FLAG_NEED_NETDEV |
9752 NL80211_FLAG_NEED_RTNL,
9753 },
9754 {
9755 .cmd = NL80211_CMD_REGISTER_FRAME,
9756 .doit = nl80211_register_mgmt,
9757 .policy = nl80211_policy,
9758 .flags = GENL_ADMIN_PERM,
9759 .internal_flags = NL80211_FLAG_NEED_WDEV |
9760 NL80211_FLAG_NEED_RTNL,
9761 },
9762 {
9763 .cmd = NL80211_CMD_FRAME,
9764 .doit = nl80211_tx_mgmt,
9765 .policy = nl80211_policy,
9766 .flags = GENL_ADMIN_PERM,
9767 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
9768 NL80211_FLAG_NEED_RTNL,
9769 },
9770 {
9771 .cmd = NL80211_CMD_FRAME_WAIT_CANCEL,
9772 .doit = nl80211_tx_mgmt_cancel_wait,
9773 .policy = nl80211_policy,
9774 .flags = GENL_ADMIN_PERM,
9775 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
9776 NL80211_FLAG_NEED_RTNL,
9777 },
9778 {
9779 .cmd = NL80211_CMD_SET_POWER_SAVE,
9780 .doit = nl80211_set_power_save,
9781 .policy = nl80211_policy,
9782 .flags = GENL_ADMIN_PERM,
9783 .internal_flags = NL80211_FLAG_NEED_NETDEV |
9784 NL80211_FLAG_NEED_RTNL,
9785 },
9786 {
9787 .cmd = NL80211_CMD_GET_POWER_SAVE,
9788 .doit = nl80211_get_power_save,
9789 .policy = nl80211_policy,
9790
9791 .internal_flags = NL80211_FLAG_NEED_NETDEV |
9792 NL80211_FLAG_NEED_RTNL,
9793 },
9794 {
9795 .cmd = NL80211_CMD_SET_CQM,
9796 .doit = nl80211_set_cqm,
9797 .policy = nl80211_policy,
9798 .flags = GENL_ADMIN_PERM,
9799 .internal_flags = NL80211_FLAG_NEED_NETDEV |
9800 NL80211_FLAG_NEED_RTNL,
9801 },
9802 {
9803 .cmd = NL80211_CMD_SET_CHANNEL,
9804 .doit = nl80211_set_channel,
9805 .policy = nl80211_policy,
9806 .flags = GENL_ADMIN_PERM,
9807 .internal_flags = NL80211_FLAG_NEED_NETDEV |
9808 NL80211_FLAG_NEED_RTNL,
9809 },
9810 {
9811 .cmd = NL80211_CMD_SET_WDS_PEER,
9812 .doit = nl80211_set_wds_peer,
9813 .policy = nl80211_policy,
9814 .flags = GENL_ADMIN_PERM,
9815 .internal_flags = NL80211_FLAG_NEED_NETDEV |
9816 NL80211_FLAG_NEED_RTNL,
9817 },
9818 {
9819 .cmd = NL80211_CMD_JOIN_MESH,
9820 .doit = nl80211_join_mesh,
9821 .policy = nl80211_policy,
9822 .flags = GENL_ADMIN_PERM,
9823 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9824 NL80211_FLAG_NEED_RTNL,
9825 },
9826 {
9827 .cmd = NL80211_CMD_LEAVE_MESH,
9828 .doit = nl80211_leave_mesh,
9829 .policy = nl80211_policy,
9830 .flags = GENL_ADMIN_PERM,
9831 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9832 NL80211_FLAG_NEED_RTNL,
9833 },
9834#ifdef CONFIG_PM
9835 {
9836 .cmd = NL80211_CMD_GET_WOWLAN,
9837 .doit = nl80211_get_wowlan,
9838 .policy = nl80211_policy,
9839
9840 .internal_flags = NL80211_FLAG_NEED_WIPHY |
9841 NL80211_FLAG_NEED_RTNL,
9842 },
9843 {
9844 .cmd = NL80211_CMD_SET_WOWLAN,
9845 .doit = nl80211_set_wowlan,
9846 .policy = nl80211_policy,
9847 .flags = GENL_ADMIN_PERM,
9848 .internal_flags = NL80211_FLAG_NEED_WIPHY |
9849 NL80211_FLAG_NEED_RTNL,
9850 },
9851#endif
9852 {
9853 .cmd = NL80211_CMD_SET_REKEY_OFFLOAD,
9854 .doit = nl80211_set_rekey_data,
9855 .policy = nl80211_policy,
9856 .flags = GENL_ADMIN_PERM,
9857 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9858 NL80211_FLAG_NEED_RTNL,
9859 },
9860 {
9861 .cmd = NL80211_CMD_TDLS_MGMT,
9862 .doit = nl80211_tdls_mgmt,
9863 .policy = nl80211_policy,
9864 .flags = GENL_ADMIN_PERM,
9865 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9866 NL80211_FLAG_NEED_RTNL,
9867 },
9868 {
9869 .cmd = NL80211_CMD_TDLS_OPER,
9870 .doit = nl80211_tdls_oper,
9871 .policy = nl80211_policy,
9872 .flags = GENL_ADMIN_PERM,
9873 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9874 NL80211_FLAG_NEED_RTNL,
9875 },
9876 {
9877 .cmd = NL80211_CMD_UNEXPECTED_FRAME,
9878 .doit = nl80211_register_unexpected_frame,
9879 .policy = nl80211_policy,
9880 .flags = GENL_ADMIN_PERM,
9881 .internal_flags = NL80211_FLAG_NEED_NETDEV |
9882 NL80211_FLAG_NEED_RTNL,
9883 },
9884 {
9885 .cmd = NL80211_CMD_PROBE_CLIENT,
9886 .doit = nl80211_probe_client,
9887 .policy = nl80211_policy,
9888 .flags = GENL_ADMIN_PERM,
9889 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9890 NL80211_FLAG_NEED_RTNL,
9891 },
9892 {
9893 .cmd = NL80211_CMD_REGISTER_BEACONS,
9894 .doit = nl80211_register_beacons,
9895 .policy = nl80211_policy,
9896 .flags = GENL_ADMIN_PERM,
9897 .internal_flags = NL80211_FLAG_NEED_WIPHY |
9898 NL80211_FLAG_NEED_RTNL,
9899 },
9900 {
9901 .cmd = NL80211_CMD_SET_NOACK_MAP,
9902 .doit = nl80211_set_noack_map,
9903 .policy = nl80211_policy,
9904 .flags = GENL_ADMIN_PERM,
9905 .internal_flags = NL80211_FLAG_NEED_NETDEV |
9906 NL80211_FLAG_NEED_RTNL,
9907 },
9908 {
9909 .cmd = NL80211_CMD_START_P2P_DEVICE,
9910 .doit = nl80211_start_p2p_device,
9911 .policy = nl80211_policy,
9912 .flags = GENL_ADMIN_PERM,
9913 .internal_flags = NL80211_FLAG_NEED_WDEV |
9914 NL80211_FLAG_NEED_RTNL,
9915 },
9916 {
9917 .cmd = NL80211_CMD_STOP_P2P_DEVICE,
9918 .doit = nl80211_stop_p2p_device,
9919 .policy = nl80211_policy,
9920 .flags = GENL_ADMIN_PERM,
9921 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
9922 NL80211_FLAG_NEED_RTNL,
9923 },
9924 {
9925 .cmd = NL80211_CMD_SET_MCAST_RATE,
9926 .doit = nl80211_set_mcast_rate,
9927 .policy = nl80211_policy,
9928 .flags = GENL_ADMIN_PERM,
9929 .internal_flags = NL80211_FLAG_NEED_NETDEV |
9930 NL80211_FLAG_NEED_RTNL,
9931 },
9932 {
9933 .cmd = NL80211_CMD_SET_MAC_ACL,
9934 .doit = nl80211_set_mac_acl,
9935 .policy = nl80211_policy,
9936 .flags = GENL_ADMIN_PERM,
9937 .internal_flags = NL80211_FLAG_NEED_NETDEV |
9938 NL80211_FLAG_NEED_RTNL,
9939 },
9940 {
9941 .cmd = NL80211_CMD_RADAR_DETECT,
9942 .doit = nl80211_start_radar_detection,
9943 .policy = nl80211_policy,
9944 .flags = GENL_ADMIN_PERM,
9945 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9946 NL80211_FLAG_NEED_RTNL,
9947 },
9948 {
9949 .cmd = NL80211_CMD_GET_PROTOCOL_FEATURES,
9950 .doit = nl80211_get_protocol_features,
9951 .policy = nl80211_policy,
9952 },
9953 {
9954 .cmd = NL80211_CMD_UPDATE_FT_IES,
9955 .doit = nl80211_update_ft_ies,
9956 .policy = nl80211_policy,
9957 .flags = GENL_ADMIN_PERM,
9958 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9959 NL80211_FLAG_NEED_RTNL,
9960 },
9961 {
9962 .cmd = NL80211_CMD_CRIT_PROTOCOL_START,
9963 .doit = nl80211_crit_protocol_start,
9964 .policy = nl80211_policy,
9965 .flags = GENL_ADMIN_PERM,
9966 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
9967 NL80211_FLAG_NEED_RTNL,
9968 },
9969 {
9970 .cmd = NL80211_CMD_CRIT_PROTOCOL_STOP,
9971 .doit = nl80211_crit_protocol_stop,
9972 .policy = nl80211_policy,
9973 .flags = GENL_ADMIN_PERM,
9974 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
9975 NL80211_FLAG_NEED_RTNL,
9976 },
9977 {
9978 .cmd = NL80211_CMD_GET_COALESCE,
9979 .doit = nl80211_get_coalesce,
9980 .policy = nl80211_policy,
9981 .internal_flags = NL80211_FLAG_NEED_WIPHY |
9982 NL80211_FLAG_NEED_RTNL,
9983 },
9984 {
9985 .cmd = NL80211_CMD_SET_COALESCE,
9986 .doit = nl80211_set_coalesce,
9987 .policy = nl80211_policy,
9988 .flags = GENL_ADMIN_PERM,
9989 .internal_flags = NL80211_FLAG_NEED_WIPHY |
9990 NL80211_FLAG_NEED_RTNL,
9991 },
9992 {
9993 .cmd = NL80211_CMD_CHANNEL_SWITCH,
9994 .doit = nl80211_channel_switch,
9995 .policy = nl80211_policy,
9996 .flags = GENL_ADMIN_PERM,
9997 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
9998 NL80211_FLAG_NEED_RTNL,
9999 },
10000 {
10001 .cmd = NL80211_CMD_VENDOR,
10002 .doit = nl80211_vendor_cmd,
10003 .policy = nl80211_policy,
10004 .flags = GENL_ADMIN_PERM,
10005 .internal_flags = NL80211_FLAG_NEED_WIPHY |
10006 NL80211_FLAG_NEED_RTNL,
10007 },
10008 {
10009 .cmd = NL80211_CMD_SET_QOS_MAP,
10010 .doit = nl80211_set_qos_map,
10011 .policy = nl80211_policy,
10012 .flags = GENL_ADMIN_PERM,
10013 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10014 NL80211_FLAG_NEED_RTNL,
10015 },
10016};
10017
10018
10019
10020void nl80211_notify_dev_rename(struct cfg80211_registered_device *rdev)
10021{
10022 struct sk_buff *msg;
10023 struct nl80211_dump_wiphy_state state = {};
10024
10025 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
10026 if (!msg)
10027 return;
10028
10029 if (nl80211_send_wiphy(rdev, msg, 0, 0, 0, &state) < 0) {
10030 nlmsg_free(msg);
10031 return;
10032 }
10033
10034 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
10035 NL80211_MCGRP_CONFIG, GFP_KERNEL);
10036}
10037
10038static int nl80211_add_scan_req(struct sk_buff *msg,
10039 struct cfg80211_registered_device *rdev)
10040{
10041 struct cfg80211_scan_request *req = rdev->scan_req;
10042 struct nlattr *nest;
10043 int i;
10044
10045 if (WARN_ON(!req))
10046 return 0;
10047
10048 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_SSIDS);
10049 if (!nest)
10050 goto nla_put_failure;
10051 for (i = 0; i < req->n_ssids; i++) {
10052 if (nla_put(msg, i, req->ssids[i].ssid_len, req->ssids[i].ssid))
10053 goto nla_put_failure;
10054 }
10055 nla_nest_end(msg, nest);
10056
10057 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_FREQUENCIES);
10058 if (!nest)
10059 goto nla_put_failure;
10060 for (i = 0; i < req->n_channels; i++) {
10061 if (nla_put_u32(msg, i, req->channels[i]->center_freq))
10062 goto nla_put_failure;
10063 }
10064 nla_nest_end(msg, nest);
10065
10066 if (req->ie &&
10067 nla_put(msg, NL80211_ATTR_IE, req->ie_len, req->ie))
10068 goto nla_put_failure;
10069
10070 if (req->flags &&
10071 nla_put_u32(msg, NL80211_ATTR_SCAN_FLAGS, req->flags))
10072 goto nla_put_failure;
10073
10074 return 0;
10075 nla_put_failure:
10076 return -ENOBUFS;
10077}
10078
10079static int nl80211_send_scan_msg(struct sk_buff *msg,
10080 struct cfg80211_registered_device *rdev,
10081 struct wireless_dev *wdev,
10082 u32 portid, u32 seq, int flags,
10083 u32 cmd)
10084{
10085 void *hdr;
10086
10087 hdr = nl80211hdr_put(msg, portid, seq, flags, cmd);
10088 if (!hdr)
10089 return -1;
10090
10091 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
10092 (wdev->netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
10093 wdev->netdev->ifindex)) ||
10094 nla_put_u64(msg, NL80211_ATTR_WDEV, wdev_id(wdev)))
10095 goto nla_put_failure;
10096
10097
10098 nl80211_add_scan_req(msg, rdev);
10099
10100 return genlmsg_end(msg, hdr);
10101
10102 nla_put_failure:
10103 genlmsg_cancel(msg, hdr);
10104 return -EMSGSIZE;
10105}
10106
10107static int
10108nl80211_send_sched_scan_msg(struct sk_buff *msg,
10109 struct cfg80211_registered_device *rdev,
10110 struct net_device *netdev,
10111 u32 portid, u32 seq, int flags, u32 cmd)
10112{
10113 void *hdr;
10114
10115 hdr = nl80211hdr_put(msg, portid, seq, flags, cmd);
10116 if (!hdr)
10117 return -1;
10118
10119 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
10120 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex))
10121 goto nla_put_failure;
10122
10123 return genlmsg_end(msg, hdr);
10124
10125 nla_put_failure:
10126 genlmsg_cancel(msg, hdr);
10127 return -EMSGSIZE;
10128}
10129
10130void nl80211_send_scan_start(struct cfg80211_registered_device *rdev,
10131 struct wireless_dev *wdev)
10132{
10133 struct sk_buff *msg;
10134
10135 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
10136 if (!msg)
10137 return;
10138
10139 if (nl80211_send_scan_msg(msg, rdev, wdev, 0, 0, 0,
10140 NL80211_CMD_TRIGGER_SCAN) < 0) {
10141 nlmsg_free(msg);
10142 return;
10143 }
10144
10145 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
10146 NL80211_MCGRP_SCAN, GFP_KERNEL);
10147}
10148
10149struct sk_buff *nl80211_build_scan_msg(struct cfg80211_registered_device *rdev,
10150 struct wireless_dev *wdev, bool aborted)
10151{
10152 struct sk_buff *msg;
10153
10154 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
10155 if (!msg)
10156 return NULL;
10157
10158 if (nl80211_send_scan_msg(msg, rdev, wdev, 0, 0, 0,
10159 aborted ? NL80211_CMD_SCAN_ABORTED :
10160 NL80211_CMD_NEW_SCAN_RESULTS) < 0) {
10161 nlmsg_free(msg);
10162 return NULL;
10163 }
10164
10165 return msg;
10166}
10167
10168void nl80211_send_scan_result(struct cfg80211_registered_device *rdev,
10169 struct sk_buff *msg)
10170{
10171 if (!msg)
10172 return;
10173
10174 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
10175 NL80211_MCGRP_SCAN, GFP_KERNEL);
10176}
10177
10178void nl80211_send_sched_scan_results(struct cfg80211_registered_device *rdev,
10179 struct net_device *netdev)
10180{
10181 struct sk_buff *msg;
10182
10183 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
10184 if (!msg)
10185 return;
10186
10187 if (nl80211_send_sched_scan_msg(msg, rdev, netdev, 0, 0, 0,
10188 NL80211_CMD_SCHED_SCAN_RESULTS) < 0) {
10189 nlmsg_free(msg);
10190 return;
10191 }
10192
10193 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
10194 NL80211_MCGRP_SCAN, GFP_KERNEL);
10195}
10196
10197void nl80211_send_sched_scan(struct cfg80211_registered_device *rdev,
10198 struct net_device *netdev, u32 cmd)
10199{
10200 struct sk_buff *msg;
10201
10202 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
10203 if (!msg)
10204 return;
10205
10206 if (nl80211_send_sched_scan_msg(msg, rdev, netdev, 0, 0, 0, cmd) < 0) {
10207 nlmsg_free(msg);
10208 return;
10209 }
10210
10211 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
10212 NL80211_MCGRP_SCAN, GFP_KERNEL);
10213}
10214
10215
10216
10217
10218
10219void nl80211_send_reg_change_event(struct regulatory_request *request)
10220{
10221 struct sk_buff *msg;
10222 void *hdr;
10223
10224 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
10225 if (!msg)
10226 return;
10227
10228 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_CHANGE);
10229 if (!hdr) {
10230 nlmsg_free(msg);
10231 return;
10232 }
10233
10234
10235 if (nla_put_u8(msg, NL80211_ATTR_REG_INITIATOR, request->initiator))
10236 goto nla_put_failure;
10237
10238 if (request->alpha2[0] == '0' && request->alpha2[1] == '0') {
10239 if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE,
10240 NL80211_REGDOM_TYPE_WORLD))
10241 goto nla_put_failure;
10242 } else if (request->alpha2[0] == '9' && request->alpha2[1] == '9') {
10243 if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE,
10244 NL80211_REGDOM_TYPE_CUSTOM_WORLD))
10245 goto nla_put_failure;
10246 } else if ((request->alpha2[0] == '9' && request->alpha2[1] == '8') ||
10247 request->intersect) {
10248 if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE,
10249 NL80211_REGDOM_TYPE_INTERSECTION))
10250 goto nla_put_failure;
10251 } else {
10252 if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE,
10253 NL80211_REGDOM_TYPE_COUNTRY) ||
10254 nla_put_string(msg, NL80211_ATTR_REG_ALPHA2,
10255 request->alpha2))
10256 goto nla_put_failure;
10257 }
10258
10259 if (request->wiphy_idx != WIPHY_IDX_INVALID &&
10260 nla_put_u32(msg, NL80211_ATTR_WIPHY, request->wiphy_idx))
10261 goto nla_put_failure;
10262
10263 genlmsg_end(msg, hdr);
10264
10265 rcu_read_lock();
10266 genlmsg_multicast_allns(&nl80211_fam, msg, 0,
10267 NL80211_MCGRP_REGULATORY, GFP_ATOMIC);
10268 rcu_read_unlock();
10269
10270 return;
10271
10272nla_put_failure:
10273 genlmsg_cancel(msg, hdr);
10274 nlmsg_free(msg);
10275}
10276
10277static void nl80211_send_mlme_event(struct cfg80211_registered_device *rdev,
10278 struct net_device *netdev,
10279 const u8 *buf, size_t len,
10280 enum nl80211_commands cmd, gfp_t gfp)
10281{
10282 struct sk_buff *msg;
10283 void *hdr;
10284
10285 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
10286 if (!msg)
10287 return;
10288
10289 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
10290 if (!hdr) {
10291 nlmsg_free(msg);
10292 return;
10293 }
10294
10295 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
10296 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
10297 nla_put(msg, NL80211_ATTR_FRAME, len, buf))
10298 goto nla_put_failure;
10299
10300 genlmsg_end(msg, hdr);
10301
10302 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
10303 NL80211_MCGRP_MLME, gfp);
10304 return;
10305
10306 nla_put_failure:
10307 genlmsg_cancel(msg, hdr);
10308 nlmsg_free(msg);
10309}
10310
10311void nl80211_send_rx_auth(struct cfg80211_registered_device *rdev,
10312 struct net_device *netdev, const u8 *buf,
10313 size_t len, gfp_t gfp)
10314{
10315 nl80211_send_mlme_event(rdev, netdev, buf, len,
10316 NL80211_CMD_AUTHENTICATE, gfp);
10317}
10318
10319void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev,
10320 struct net_device *netdev, const u8 *buf,
10321 size_t len, gfp_t gfp)
10322{
10323 nl80211_send_mlme_event(rdev, netdev, buf, len,
10324 NL80211_CMD_ASSOCIATE, gfp);
10325}
10326
10327void nl80211_send_deauth(struct cfg80211_registered_device *rdev,
10328 struct net_device *netdev, const u8 *buf,
10329 size_t len, gfp_t gfp)
10330{
10331 nl80211_send_mlme_event(rdev, netdev, buf, len,
10332 NL80211_CMD_DEAUTHENTICATE, gfp);
10333}
10334
10335void nl80211_send_disassoc(struct cfg80211_registered_device *rdev,
10336 struct net_device *netdev, const u8 *buf,
10337 size_t len, gfp_t gfp)
10338{
10339 nl80211_send_mlme_event(rdev, netdev, buf, len,
10340 NL80211_CMD_DISASSOCIATE, gfp);
10341}
10342
10343void cfg80211_rx_unprot_mlme_mgmt(struct net_device *dev, const u8 *buf,
10344 size_t len)
10345{
10346 struct wireless_dev *wdev = dev->ieee80211_ptr;
10347 struct wiphy *wiphy = wdev->wiphy;
10348 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
10349 const struct ieee80211_mgmt *mgmt = (void *)buf;
10350 u32 cmd;
10351
10352 if (WARN_ON(len < 2))
10353 return;
10354
10355 if (ieee80211_is_deauth(mgmt->frame_control))
10356 cmd = NL80211_CMD_UNPROT_DEAUTHENTICATE;
10357 else
10358 cmd = NL80211_CMD_UNPROT_DISASSOCIATE;
10359
10360 trace_cfg80211_rx_unprot_mlme_mgmt(dev, buf, len);
10361 nl80211_send_mlme_event(rdev, dev, buf, len, cmd, GFP_ATOMIC);
10362}
10363EXPORT_SYMBOL(cfg80211_rx_unprot_mlme_mgmt);
10364
10365static void nl80211_send_mlme_timeout(struct cfg80211_registered_device *rdev,
10366 struct net_device *netdev, int cmd,
10367 const u8 *addr, gfp_t gfp)
10368{
10369 struct sk_buff *msg;
10370 void *hdr;
10371
10372 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
10373 if (!msg)
10374 return;
10375
10376 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
10377 if (!hdr) {
10378 nlmsg_free(msg);
10379 return;
10380 }
10381
10382 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
10383 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
10384 nla_put_flag(msg, NL80211_ATTR_TIMED_OUT) ||
10385 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr))
10386 goto nla_put_failure;
10387
10388 genlmsg_end(msg, hdr);
10389
10390 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
10391 NL80211_MCGRP_MLME, gfp);
10392 return;
10393
10394 nla_put_failure:
10395 genlmsg_cancel(msg, hdr);
10396 nlmsg_free(msg);
10397}
10398
10399void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev,
10400 struct net_device *netdev, const u8 *addr,
10401 gfp_t gfp)
10402{
10403 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_AUTHENTICATE,
10404 addr, gfp);
10405}
10406
10407void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev,
10408 struct net_device *netdev, const u8 *addr,
10409 gfp_t gfp)
10410{
10411 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_ASSOCIATE,
10412 addr, gfp);
10413}
10414
10415void nl80211_send_connect_result(struct cfg80211_registered_device *rdev,
10416 struct net_device *netdev, const u8 *bssid,
10417 const u8 *req_ie, size_t req_ie_len,
10418 const u8 *resp_ie, size_t resp_ie_len,
10419 u16 status, gfp_t gfp)
10420{
10421 struct sk_buff *msg;
10422 void *hdr;
10423
10424 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
10425 if (!msg)
10426 return;
10427
10428 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONNECT);
10429 if (!hdr) {
10430 nlmsg_free(msg);
10431 return;
10432 }
10433
10434 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
10435 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
10436 (bssid && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid)) ||
10437 nla_put_u16(msg, NL80211_ATTR_STATUS_CODE, status) ||
10438 (req_ie &&
10439 nla_put(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie)) ||
10440 (resp_ie &&
10441 nla_put(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie)))
10442 goto nla_put_failure;
10443
10444 genlmsg_end(msg, hdr);
10445
10446 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
10447 NL80211_MCGRP_MLME, gfp);
10448 return;
10449
10450 nla_put_failure:
10451 genlmsg_cancel(msg, hdr);
10452 nlmsg_free(msg);
10453
10454}
10455
10456void nl80211_send_roamed(struct cfg80211_registered_device *rdev,
10457 struct net_device *netdev, const u8 *bssid,
10458 const u8 *req_ie, size_t req_ie_len,
10459 const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp)
10460{
10461 struct sk_buff *msg;
10462 void *hdr;
10463
10464 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
10465 if (!msg)
10466 return;
10467
10468 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_ROAM);
10469 if (!hdr) {
10470 nlmsg_free(msg);
10471 return;
10472 }
10473
10474 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
10475 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
10476 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid) ||
10477 (req_ie &&
10478 nla_put(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie)) ||
10479 (resp_ie &&
10480 nla_put(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie)))
10481 goto nla_put_failure;
10482
10483 genlmsg_end(msg, hdr);
10484
10485 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
10486 NL80211_MCGRP_MLME, gfp);
10487 return;
10488
10489 nla_put_failure:
10490 genlmsg_cancel(msg, hdr);
10491 nlmsg_free(msg);
10492
10493}
10494
10495void nl80211_send_disconnected(struct cfg80211_registered_device *rdev,
10496 struct net_device *netdev, u16 reason,
10497 const u8 *ie, size_t ie_len, bool from_ap)
10498{
10499 struct sk_buff *msg;
10500 void *hdr;
10501
10502 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
10503 if (!msg)
10504 return;
10505
10506 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DISCONNECT);
10507 if (!hdr) {
10508 nlmsg_free(msg);
10509 return;
10510 }
10511
10512 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
10513 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
10514 (from_ap && reason &&
10515 nla_put_u16(msg, NL80211_ATTR_REASON_CODE, reason)) ||
10516 (from_ap &&
10517 nla_put_flag(msg, NL80211_ATTR_DISCONNECTED_BY_AP)) ||
10518 (ie && nla_put(msg, NL80211_ATTR_IE, ie_len, ie)))
10519 goto nla_put_failure;
10520
10521 genlmsg_end(msg, hdr);
10522
10523 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
10524 NL80211_MCGRP_MLME, GFP_KERNEL);
10525 return;
10526
10527 nla_put_failure:
10528 genlmsg_cancel(msg, hdr);
10529 nlmsg_free(msg);
10530
10531}
10532
10533void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev,
10534 struct net_device *netdev, const u8 *bssid,
10535 gfp_t gfp)
10536{
10537 struct sk_buff *msg;
10538 void *hdr;
10539
10540 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
10541 if (!msg)
10542 return;
10543
10544 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_JOIN_IBSS);
10545 if (!hdr) {
10546 nlmsg_free(msg);
10547 return;
10548 }
10549
10550 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
10551 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
10552 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid))
10553 goto nla_put_failure;
10554
10555 genlmsg_end(msg, hdr);
10556
10557 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
10558 NL80211_MCGRP_MLME, gfp);
10559 return;
10560
10561 nla_put_failure:
10562 genlmsg_cancel(msg, hdr);
10563 nlmsg_free(msg);
10564}
10565
10566void cfg80211_notify_new_peer_candidate(struct net_device *dev, const u8 *addr,
10567 const u8* ie, u8 ie_len, gfp_t gfp)
10568{
10569 struct wireless_dev *wdev = dev->ieee80211_ptr;
10570 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
10571 struct sk_buff *msg;
10572 void *hdr;
10573
10574 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_MESH_POINT))
10575 return;
10576
10577 trace_cfg80211_notify_new_peer_candidate(dev, addr);
10578
10579 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
10580 if (!msg)
10581 return;
10582
10583 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NEW_PEER_CANDIDATE);
10584 if (!hdr) {
10585 nlmsg_free(msg);
10586 return;
10587 }
10588
10589 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
10590 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
10591 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
10592 (ie_len && ie &&
10593 nla_put(msg, NL80211_ATTR_IE, ie_len , ie)))
10594 goto nla_put_failure;
10595
10596 genlmsg_end(msg, hdr);
10597
10598 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
10599 NL80211_MCGRP_MLME, gfp);
10600 return;
10601
10602 nla_put_failure:
10603 genlmsg_cancel(msg, hdr);
10604 nlmsg_free(msg);
10605}
10606EXPORT_SYMBOL(cfg80211_notify_new_peer_candidate);
10607
10608void nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev,
10609 struct net_device *netdev, const u8 *addr,
10610 enum nl80211_key_type key_type, int key_id,
10611 const u8 *tsc, gfp_t gfp)
10612{
10613 struct sk_buff *msg;
10614 void *hdr;
10615
10616 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
10617 if (!msg)
10618 return;
10619
10620 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_MICHAEL_MIC_FAILURE);
10621 if (!hdr) {
10622 nlmsg_free(msg);
10623 return;
10624 }
10625
10626 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
10627 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
10628 (addr && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) ||
10629 nla_put_u32(msg, NL80211_ATTR_KEY_TYPE, key_type) ||
10630 (key_id != -1 &&
10631 nla_put_u8(msg, NL80211_ATTR_KEY_IDX, key_id)) ||
10632 (tsc && nla_put(msg, NL80211_ATTR_KEY_SEQ, 6, tsc)))
10633 goto nla_put_failure;
10634
10635 genlmsg_end(msg, hdr);
10636
10637 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
10638 NL80211_MCGRP_MLME, gfp);
10639 return;
10640
10641 nla_put_failure:
10642 genlmsg_cancel(msg, hdr);
10643 nlmsg_free(msg);
10644}
10645
10646void nl80211_send_beacon_hint_event(struct wiphy *wiphy,
10647 struct ieee80211_channel *channel_before,
10648 struct ieee80211_channel *channel_after)
10649{
10650 struct sk_buff *msg;
10651 void *hdr;
10652 struct nlattr *nl_freq;
10653
10654 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC);
10655 if (!msg)
10656 return;
10657
10658 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_BEACON_HINT);
10659 if (!hdr) {
10660 nlmsg_free(msg);
10661 return;
10662 }
10663
10664
10665
10666
10667
10668 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy)))
10669 goto nla_put_failure;
10670
10671
10672 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_BEFORE);
10673 if (!nl_freq)
10674 goto nla_put_failure;
10675 if (nl80211_msg_put_channel(msg, channel_before, false))
10676 goto nla_put_failure;
10677 nla_nest_end(msg, nl_freq);
10678
10679
10680 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_AFTER);
10681 if (!nl_freq)
10682 goto nla_put_failure;
10683 if (nl80211_msg_put_channel(msg, channel_after, false))
10684 goto nla_put_failure;
10685 nla_nest_end(msg, nl_freq);
10686
10687 genlmsg_end(msg, hdr);
10688
10689 rcu_read_lock();
10690 genlmsg_multicast_allns(&nl80211_fam, msg, 0,
10691 NL80211_MCGRP_REGULATORY, GFP_ATOMIC);
10692 rcu_read_unlock();
10693
10694 return;
10695
10696nla_put_failure:
10697 genlmsg_cancel(msg, hdr);
10698 nlmsg_free(msg);
10699}
10700
10701static void nl80211_send_remain_on_chan_event(
10702 int cmd, struct cfg80211_registered_device *rdev,
10703 struct wireless_dev *wdev, u64 cookie,
10704 struct ieee80211_channel *chan,
10705 unsigned int duration, gfp_t gfp)
10706{
10707 struct sk_buff *msg;
10708 void *hdr;
10709
10710 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
10711 if (!msg)
10712 return;
10713
10714 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
10715 if (!hdr) {
10716 nlmsg_free(msg);
10717 return;
10718 }
10719
10720 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
10721 (wdev->netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
10722 wdev->netdev->ifindex)) ||
10723 nla_put_u64(msg, NL80211_ATTR_WDEV, wdev_id(wdev)) ||
10724 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, chan->center_freq) ||
10725 nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
10726 NL80211_CHAN_NO_HT) ||
10727 nla_put_u64(msg, NL80211_ATTR_COOKIE, cookie))
10728 goto nla_put_failure;
10729
10730 if (cmd == NL80211_CMD_REMAIN_ON_CHANNEL &&
10731 nla_put_u32(msg, NL80211_ATTR_DURATION, duration))
10732 goto nla_put_failure;
10733
10734 genlmsg_end(msg, hdr);
10735
10736 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
10737 NL80211_MCGRP_MLME, gfp);
10738 return;
10739
10740 nla_put_failure:
10741 genlmsg_cancel(msg, hdr);
10742 nlmsg_free(msg);
10743}
10744
10745void cfg80211_ready_on_channel(struct wireless_dev *wdev, u64 cookie,
10746 struct ieee80211_channel *chan,
10747 unsigned int duration, gfp_t gfp)
10748{
10749 struct wiphy *wiphy = wdev->wiphy;
10750 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
10751
10752 trace_cfg80211_ready_on_channel(wdev, cookie, chan, duration);
10753 nl80211_send_remain_on_chan_event(NL80211_CMD_REMAIN_ON_CHANNEL,
10754 rdev, wdev, cookie, chan,
10755 duration, gfp);
10756}
10757EXPORT_SYMBOL(cfg80211_ready_on_channel);
10758
10759void cfg80211_remain_on_channel_expired(struct wireless_dev *wdev, u64 cookie,
10760 struct ieee80211_channel *chan,
10761 gfp_t gfp)
10762{
10763 struct wiphy *wiphy = wdev->wiphy;
10764 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
10765
10766 trace_cfg80211_ready_on_channel_expired(wdev, cookie, chan);
10767 nl80211_send_remain_on_chan_event(NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL,
10768 rdev, wdev, cookie, chan, 0, gfp);
10769}
10770EXPORT_SYMBOL(cfg80211_remain_on_channel_expired);
10771
10772void cfg80211_new_sta(struct net_device *dev, const u8 *mac_addr,
10773 struct station_info *sinfo, gfp_t gfp)
10774{
10775 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy;
10776 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
10777 struct sk_buff *msg;
10778
10779 trace_cfg80211_new_sta(dev, mac_addr, sinfo);
10780
10781 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
10782 if (!msg)
10783 return;
10784
10785 if (nl80211_send_station(msg, 0, 0, 0,
10786 rdev, dev, mac_addr, sinfo) < 0) {
10787 nlmsg_free(msg);
10788 return;
10789 }
10790
10791 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
10792 NL80211_MCGRP_MLME, gfp);
10793}
10794EXPORT_SYMBOL(cfg80211_new_sta);
10795
10796void cfg80211_del_sta(struct net_device *dev, const u8 *mac_addr, gfp_t gfp)
10797{
10798 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy;
10799 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
10800 struct sk_buff *msg;
10801 void *hdr;
10802
10803 trace_cfg80211_del_sta(dev, mac_addr);
10804
10805 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
10806 if (!msg)
10807 return;
10808
10809 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DEL_STATION);
10810 if (!hdr) {
10811 nlmsg_free(msg);
10812 return;
10813 }
10814
10815 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
10816 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr))
10817 goto nla_put_failure;
10818
10819 genlmsg_end(msg, hdr);
10820
10821 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
10822 NL80211_MCGRP_MLME, gfp);
10823 return;
10824
10825 nla_put_failure:
10826 genlmsg_cancel(msg, hdr);
10827 nlmsg_free(msg);
10828}
10829EXPORT_SYMBOL(cfg80211_del_sta);
10830
10831void cfg80211_conn_failed(struct net_device *dev, const u8 *mac_addr,
10832 enum nl80211_connect_failed_reason reason,
10833 gfp_t gfp)
10834{
10835 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy;
10836 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
10837 struct sk_buff *msg;
10838 void *hdr;
10839
10840 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
10841 if (!msg)
10842 return;
10843
10844 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONN_FAILED);
10845 if (!hdr) {
10846 nlmsg_free(msg);
10847 return;
10848 }
10849
10850 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
10851 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr) ||
10852 nla_put_u32(msg, NL80211_ATTR_CONN_FAILED_REASON, reason))
10853 goto nla_put_failure;
10854
10855 genlmsg_end(msg, hdr);
10856
10857 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
10858 NL80211_MCGRP_MLME, gfp);
10859 return;
10860
10861 nla_put_failure:
10862 genlmsg_cancel(msg, hdr);
10863 nlmsg_free(msg);
10864}
10865EXPORT_SYMBOL(cfg80211_conn_failed);
10866
10867static bool __nl80211_unexpected_frame(struct net_device *dev, u8 cmd,
10868 const u8 *addr, gfp_t gfp)
10869{
10870 struct wireless_dev *wdev = dev->ieee80211_ptr;
10871 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
10872 struct sk_buff *msg;
10873 void *hdr;
10874 u32 nlportid = ACCESS_ONCE(wdev->ap_unexpected_nlportid);
10875
10876 if (!nlportid)
10877 return false;
10878
10879 msg = nlmsg_new(100, gfp);
10880 if (!msg)
10881 return true;
10882
10883 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
10884 if (!hdr) {
10885 nlmsg_free(msg);
10886 return true;
10887 }
10888
10889 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
10890 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
10891 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr))
10892 goto nla_put_failure;
10893
10894 genlmsg_end(msg, hdr);
10895 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlportid);
10896 return true;
10897
10898 nla_put_failure:
10899 genlmsg_cancel(msg, hdr);
10900 nlmsg_free(msg);
10901 return true;
10902}
10903
10904bool cfg80211_rx_spurious_frame(struct net_device *dev,
10905 const u8 *addr, gfp_t gfp)
10906{
10907 struct wireless_dev *wdev = dev->ieee80211_ptr;
10908 bool ret;
10909
10910 trace_cfg80211_rx_spurious_frame(dev, addr);
10911
10912 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_AP &&
10913 wdev->iftype != NL80211_IFTYPE_P2P_GO)) {
10914 trace_cfg80211_return_bool(false);
10915 return false;
10916 }
10917 ret = __nl80211_unexpected_frame(dev, NL80211_CMD_UNEXPECTED_FRAME,
10918 addr, gfp);
10919 trace_cfg80211_return_bool(ret);
10920 return ret;
10921}
10922EXPORT_SYMBOL(cfg80211_rx_spurious_frame);
10923
10924bool cfg80211_rx_unexpected_4addr_frame(struct net_device *dev,
10925 const u8 *addr, gfp_t gfp)
10926{
10927 struct wireless_dev *wdev = dev->ieee80211_ptr;
10928 bool ret;
10929
10930 trace_cfg80211_rx_unexpected_4addr_frame(dev, addr);
10931
10932 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_AP &&
10933 wdev->iftype != NL80211_IFTYPE_P2P_GO &&
10934 wdev->iftype != NL80211_IFTYPE_AP_VLAN)) {
10935 trace_cfg80211_return_bool(false);
10936 return false;
10937 }
10938 ret = __nl80211_unexpected_frame(dev,
10939 NL80211_CMD_UNEXPECTED_4ADDR_FRAME,
10940 addr, gfp);
10941 trace_cfg80211_return_bool(ret);
10942 return ret;
10943}
10944EXPORT_SYMBOL(cfg80211_rx_unexpected_4addr_frame);
10945
10946int nl80211_send_mgmt(struct cfg80211_registered_device *rdev,
10947 struct wireless_dev *wdev, u32 nlportid,
10948 int freq, int sig_dbm,
10949 const u8 *buf, size_t len, u32 flags, gfp_t gfp)
10950{
10951 struct net_device *netdev = wdev->netdev;
10952 struct sk_buff *msg;
10953 void *hdr;
10954
10955 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
10956 if (!msg)
10957 return -ENOMEM;
10958
10959 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME);
10960 if (!hdr) {
10961 nlmsg_free(msg);
10962 return -ENOMEM;
10963 }
10964
10965 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
10966 (netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
10967 netdev->ifindex)) ||
10968 nla_put_u64(msg, NL80211_ATTR_WDEV, wdev_id(wdev)) ||
10969 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq) ||
10970 (sig_dbm &&
10971 nla_put_u32(msg, NL80211_ATTR_RX_SIGNAL_DBM, sig_dbm)) ||
10972 nla_put(msg, NL80211_ATTR_FRAME, len, buf) ||
10973 (flags &&
10974 nla_put_u32(msg, NL80211_ATTR_RXMGMT_FLAGS, flags)))
10975 goto nla_put_failure;
10976
10977 genlmsg_end(msg, hdr);
10978
10979 return genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlportid);
10980
10981 nla_put_failure:
10982 genlmsg_cancel(msg, hdr);
10983 nlmsg_free(msg);
10984 return -ENOBUFS;
10985}
10986
10987void cfg80211_mgmt_tx_status(struct wireless_dev *wdev, u64 cookie,
10988 const u8 *buf, size_t len, bool ack, gfp_t gfp)
10989{
10990 struct wiphy *wiphy = wdev->wiphy;
10991 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
10992 struct net_device *netdev = wdev->netdev;
10993 struct sk_buff *msg;
10994 void *hdr;
10995
10996 trace_cfg80211_mgmt_tx_status(wdev, cookie, ack);
10997
10998 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
10999 if (!msg)
11000 return;
11001
11002 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME_TX_STATUS);
11003 if (!hdr) {
11004 nlmsg_free(msg);
11005 return;
11006 }
11007
11008 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
11009 (netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
11010 netdev->ifindex)) ||
11011 nla_put_u64(msg, NL80211_ATTR_WDEV, wdev_id(wdev)) ||
11012 nla_put(msg, NL80211_ATTR_FRAME, len, buf) ||
11013 nla_put_u64(msg, NL80211_ATTR_COOKIE, cookie) ||
11014 (ack && nla_put_flag(msg, NL80211_ATTR_ACK)))
11015 goto nla_put_failure;
11016
11017 genlmsg_end(msg, hdr);
11018
11019 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11020 NL80211_MCGRP_MLME, gfp);
11021 return;
11022
11023 nla_put_failure:
11024 genlmsg_cancel(msg, hdr);
11025 nlmsg_free(msg);
11026}
11027EXPORT_SYMBOL(cfg80211_mgmt_tx_status);
11028
11029void cfg80211_cqm_rssi_notify(struct net_device *dev,
11030 enum nl80211_cqm_rssi_threshold_event rssi_event,
11031 gfp_t gfp)
11032{
11033 struct wireless_dev *wdev = dev->ieee80211_ptr;
11034 struct wiphy *wiphy = wdev->wiphy;
11035 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
11036 struct sk_buff *msg;
11037 struct nlattr *pinfoattr;
11038 void *hdr;
11039
11040 trace_cfg80211_cqm_rssi_notify(dev, rssi_event);
11041
11042 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
11043 if (!msg)
11044 return;
11045
11046 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM);
11047 if (!hdr) {
11048 nlmsg_free(msg);
11049 return;
11050 }
11051
11052 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
11053 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex))
11054 goto nla_put_failure;
11055
11056 pinfoattr = nla_nest_start(msg, NL80211_ATTR_CQM);
11057 if (!pinfoattr)
11058 goto nla_put_failure;
11059
11060 if (nla_put_u32(msg, NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT,
11061 rssi_event))
11062 goto nla_put_failure;
11063
11064 nla_nest_end(msg, pinfoattr);
11065
11066 genlmsg_end(msg, hdr);
11067
11068 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11069 NL80211_MCGRP_MLME, gfp);
11070 return;
11071
11072 nla_put_failure:
11073 genlmsg_cancel(msg, hdr);
11074 nlmsg_free(msg);
11075}
11076EXPORT_SYMBOL(cfg80211_cqm_rssi_notify);
11077
11078static void nl80211_gtk_rekey_notify(struct cfg80211_registered_device *rdev,
11079 struct net_device *netdev, const u8 *bssid,
11080 const u8 *replay_ctr, gfp_t gfp)
11081{
11082 struct sk_buff *msg;
11083 struct nlattr *rekey_attr;
11084 void *hdr;
11085
11086 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
11087 if (!msg)
11088 return;
11089
11090 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_SET_REKEY_OFFLOAD);
11091 if (!hdr) {
11092 nlmsg_free(msg);
11093 return;
11094 }
11095
11096 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
11097 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
11098 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid))
11099 goto nla_put_failure;
11100
11101 rekey_attr = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA);
11102 if (!rekey_attr)
11103 goto nla_put_failure;
11104
11105 if (nla_put(msg, NL80211_REKEY_DATA_REPLAY_CTR,
11106 NL80211_REPLAY_CTR_LEN, replay_ctr))
11107 goto nla_put_failure;
11108
11109 nla_nest_end(msg, rekey_attr);
11110
11111 genlmsg_end(msg, hdr);
11112
11113 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11114 NL80211_MCGRP_MLME, gfp);
11115 return;
11116
11117 nla_put_failure:
11118 genlmsg_cancel(msg, hdr);
11119 nlmsg_free(msg);
11120}
11121
11122void cfg80211_gtk_rekey_notify(struct net_device *dev, const u8 *bssid,
11123 const u8 *replay_ctr, gfp_t gfp)
11124{
11125 struct wireless_dev *wdev = dev->ieee80211_ptr;
11126 struct wiphy *wiphy = wdev->wiphy;
11127 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
11128
11129 trace_cfg80211_gtk_rekey_notify(dev, bssid);
11130 nl80211_gtk_rekey_notify(rdev, dev, bssid, replay_ctr, gfp);
11131}
11132EXPORT_SYMBOL(cfg80211_gtk_rekey_notify);
11133
11134static void
11135nl80211_pmksa_candidate_notify(struct cfg80211_registered_device *rdev,
11136 struct net_device *netdev, int index,
11137 const u8 *bssid, bool preauth, gfp_t gfp)
11138{
11139 struct sk_buff *msg;
11140 struct nlattr *attr;
11141 void *hdr;
11142
11143 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
11144 if (!msg)
11145 return;
11146
11147 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_PMKSA_CANDIDATE);
11148 if (!hdr) {
11149 nlmsg_free(msg);
11150 return;
11151 }
11152
11153 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
11154 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex))
11155 goto nla_put_failure;
11156
11157 attr = nla_nest_start(msg, NL80211_ATTR_PMKSA_CANDIDATE);
11158 if (!attr)
11159 goto nla_put_failure;
11160
11161 if (nla_put_u32(msg, NL80211_PMKSA_CANDIDATE_INDEX, index) ||
11162 nla_put(msg, NL80211_PMKSA_CANDIDATE_BSSID, ETH_ALEN, bssid) ||
11163 (preauth &&
11164 nla_put_flag(msg, NL80211_PMKSA_CANDIDATE_PREAUTH)))
11165 goto nla_put_failure;
11166
11167 nla_nest_end(msg, attr);
11168
11169 genlmsg_end(msg, hdr);
11170
11171 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11172 NL80211_MCGRP_MLME, gfp);
11173 return;
11174
11175 nla_put_failure:
11176 genlmsg_cancel(msg, hdr);
11177 nlmsg_free(msg);
11178}
11179
11180void cfg80211_pmksa_candidate_notify(struct net_device *dev, int index,
11181 const u8 *bssid, bool preauth, gfp_t gfp)
11182{
11183 struct wireless_dev *wdev = dev->ieee80211_ptr;
11184 struct wiphy *wiphy = wdev->wiphy;
11185 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
11186
11187 trace_cfg80211_pmksa_candidate_notify(dev, index, bssid, preauth);
11188 nl80211_pmksa_candidate_notify(rdev, dev, index, bssid, preauth, gfp);
11189}
11190EXPORT_SYMBOL(cfg80211_pmksa_candidate_notify);
11191
11192static void nl80211_ch_switch_notify(struct cfg80211_registered_device *rdev,
11193 struct net_device *netdev,
11194 struct cfg80211_chan_def *chandef,
11195 gfp_t gfp)
11196{
11197 struct sk_buff *msg;
11198 void *hdr;
11199
11200 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
11201 if (!msg)
11202 return;
11203
11204 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CH_SWITCH_NOTIFY);
11205 if (!hdr) {
11206 nlmsg_free(msg);
11207 return;
11208 }
11209
11210 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex))
11211 goto nla_put_failure;
11212
11213 if (nl80211_send_chandef(msg, chandef))
11214 goto nla_put_failure;
11215
11216 genlmsg_end(msg, hdr);
11217
11218 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11219 NL80211_MCGRP_MLME, gfp);
11220 return;
11221
11222 nla_put_failure:
11223 genlmsg_cancel(msg, hdr);
11224 nlmsg_free(msg);
11225}
11226
11227void cfg80211_ch_switch_notify(struct net_device *dev,
11228 struct cfg80211_chan_def *chandef)
11229{
11230 struct wireless_dev *wdev = dev->ieee80211_ptr;
11231 struct wiphy *wiphy = wdev->wiphy;
11232 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
11233
11234 ASSERT_WDEV_LOCK(wdev);
11235
11236 trace_cfg80211_ch_switch_notify(dev, chandef);
11237
11238 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_AP &&
11239 wdev->iftype != NL80211_IFTYPE_P2P_GO &&
11240 wdev->iftype != NL80211_IFTYPE_ADHOC &&
11241 wdev->iftype != NL80211_IFTYPE_MESH_POINT))
11242 return;
11243
11244 wdev->chandef = *chandef;
11245 wdev->preset_chandef = *chandef;
11246 nl80211_ch_switch_notify(rdev, dev, chandef, GFP_KERNEL);
11247}
11248EXPORT_SYMBOL(cfg80211_ch_switch_notify);
11249
11250void cfg80211_cqm_txe_notify(struct net_device *dev,
11251 const u8 *peer, u32 num_packets,
11252 u32 rate, u32 intvl, gfp_t gfp)
11253{
11254 struct wireless_dev *wdev = dev->ieee80211_ptr;
11255 struct wiphy *wiphy = wdev->wiphy;
11256 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
11257 struct sk_buff *msg;
11258 struct nlattr *pinfoattr;
11259 void *hdr;
11260
11261 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
11262 if (!msg)
11263 return;
11264
11265 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM);
11266 if (!hdr) {
11267 nlmsg_free(msg);
11268 return;
11269 }
11270
11271 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
11272 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
11273 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, peer))
11274 goto nla_put_failure;
11275
11276 pinfoattr = nla_nest_start(msg, NL80211_ATTR_CQM);
11277 if (!pinfoattr)
11278 goto nla_put_failure;
11279
11280 if (nla_put_u32(msg, NL80211_ATTR_CQM_TXE_PKTS, num_packets))
11281 goto nla_put_failure;
11282
11283 if (nla_put_u32(msg, NL80211_ATTR_CQM_TXE_RATE, rate))
11284 goto nla_put_failure;
11285
11286 if (nla_put_u32(msg, NL80211_ATTR_CQM_TXE_INTVL, intvl))
11287 goto nla_put_failure;
11288
11289 nla_nest_end(msg, pinfoattr);
11290
11291 genlmsg_end(msg, hdr);
11292
11293 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11294 NL80211_MCGRP_MLME, gfp);
11295 return;
11296
11297 nla_put_failure:
11298 genlmsg_cancel(msg, hdr);
11299 nlmsg_free(msg);
11300}
11301EXPORT_SYMBOL(cfg80211_cqm_txe_notify);
11302
11303void
11304nl80211_radar_notify(struct cfg80211_registered_device *rdev,
11305 const struct cfg80211_chan_def *chandef,
11306 enum nl80211_radar_event event,
11307 struct net_device *netdev, gfp_t gfp)
11308{
11309 struct sk_buff *msg;
11310 void *hdr;
11311
11312 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
11313 if (!msg)
11314 return;
11315
11316 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_RADAR_DETECT);
11317 if (!hdr) {
11318 nlmsg_free(msg);
11319 return;
11320 }
11321
11322 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx))
11323 goto nla_put_failure;
11324
11325
11326 if (netdev) {
11327 struct wireless_dev *wdev = netdev->ieee80211_ptr;
11328
11329 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
11330 nla_put_u64(msg, NL80211_ATTR_WDEV, wdev_id(wdev)))
11331 goto nla_put_failure;
11332 }
11333
11334 if (nla_put_u32(msg, NL80211_ATTR_RADAR_EVENT, event))
11335 goto nla_put_failure;
11336
11337 if (nl80211_send_chandef(msg, chandef))
11338 goto nla_put_failure;
11339
11340 genlmsg_end(msg, hdr);
11341
11342 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11343 NL80211_MCGRP_MLME, gfp);
11344 return;
11345
11346 nla_put_failure:
11347 genlmsg_cancel(msg, hdr);
11348 nlmsg_free(msg);
11349}
11350
11351void cfg80211_cqm_pktloss_notify(struct net_device *dev,
11352 const u8 *peer, u32 num_packets, gfp_t gfp)
11353{
11354 struct wireless_dev *wdev = dev->ieee80211_ptr;
11355 struct wiphy *wiphy = wdev->wiphy;
11356 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
11357 struct sk_buff *msg;
11358 struct nlattr *pinfoattr;
11359 void *hdr;
11360
11361 trace_cfg80211_cqm_pktloss_notify(dev, peer, num_packets);
11362
11363 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
11364 if (!msg)
11365 return;
11366
11367 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM);
11368 if (!hdr) {
11369 nlmsg_free(msg);
11370 return;
11371 }
11372
11373 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
11374 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
11375 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, peer))
11376 goto nla_put_failure;
11377
11378 pinfoattr = nla_nest_start(msg, NL80211_ATTR_CQM);
11379 if (!pinfoattr)
11380 goto nla_put_failure;
11381
11382 if (nla_put_u32(msg, NL80211_ATTR_CQM_PKT_LOSS_EVENT, num_packets))
11383 goto nla_put_failure;
11384
11385 nla_nest_end(msg, pinfoattr);
11386
11387 genlmsg_end(msg, hdr);
11388
11389 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11390 NL80211_MCGRP_MLME, gfp);
11391 return;
11392
11393 nla_put_failure:
11394 genlmsg_cancel(msg, hdr);
11395 nlmsg_free(msg);
11396}
11397EXPORT_SYMBOL(cfg80211_cqm_pktloss_notify);
11398
11399void cfg80211_probe_status(struct net_device *dev, const u8 *addr,
11400 u64 cookie, bool acked, gfp_t gfp)
11401{
11402 struct wireless_dev *wdev = dev->ieee80211_ptr;
11403 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
11404 struct sk_buff *msg;
11405 void *hdr;
11406
11407 trace_cfg80211_probe_status(dev, addr, cookie, acked);
11408
11409 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
11410
11411 if (!msg)
11412 return;
11413
11414 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_PROBE_CLIENT);
11415 if (!hdr) {
11416 nlmsg_free(msg);
11417 return;
11418 }
11419
11420 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
11421 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
11422 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
11423 nla_put_u64(msg, NL80211_ATTR_COOKIE, cookie) ||
11424 (acked && nla_put_flag(msg, NL80211_ATTR_ACK)))
11425 goto nla_put_failure;
11426
11427 genlmsg_end(msg, hdr);
11428
11429 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11430 NL80211_MCGRP_MLME, gfp);
11431 return;
11432
11433 nla_put_failure:
11434 genlmsg_cancel(msg, hdr);
11435 nlmsg_free(msg);
11436}
11437EXPORT_SYMBOL(cfg80211_probe_status);
11438
11439void cfg80211_report_obss_beacon(struct wiphy *wiphy,
11440 const u8 *frame, size_t len,
11441 int freq, int sig_dbm)
11442{
11443 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
11444 struct sk_buff *msg;
11445 void *hdr;
11446 struct cfg80211_beacon_registration *reg;
11447
11448 trace_cfg80211_report_obss_beacon(wiphy, frame, len, freq, sig_dbm);
11449
11450 spin_lock_bh(&rdev->beacon_registrations_lock);
11451 list_for_each_entry(reg, &rdev->beacon_registrations, list) {
11452 msg = nlmsg_new(len + 100, GFP_ATOMIC);
11453 if (!msg) {
11454 spin_unlock_bh(&rdev->beacon_registrations_lock);
11455 return;
11456 }
11457
11458 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME);
11459 if (!hdr)
11460 goto nla_put_failure;
11461
11462 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
11463 (freq &&
11464 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq)) ||
11465 (sig_dbm &&
11466 nla_put_u32(msg, NL80211_ATTR_RX_SIGNAL_DBM, sig_dbm)) ||
11467 nla_put(msg, NL80211_ATTR_FRAME, len, frame))
11468 goto nla_put_failure;
11469
11470 genlmsg_end(msg, hdr);
11471
11472 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, reg->nlportid);
11473 }
11474 spin_unlock_bh(&rdev->beacon_registrations_lock);
11475 return;
11476
11477 nla_put_failure:
11478 spin_unlock_bh(&rdev->beacon_registrations_lock);
11479 if (hdr)
11480 genlmsg_cancel(msg, hdr);
11481 nlmsg_free(msg);
11482}
11483EXPORT_SYMBOL(cfg80211_report_obss_beacon);
11484
11485#ifdef CONFIG_PM
11486void cfg80211_report_wowlan_wakeup(struct wireless_dev *wdev,
11487 struct cfg80211_wowlan_wakeup *wakeup,
11488 gfp_t gfp)
11489{
11490 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
11491 struct sk_buff *msg;
11492 void *hdr;
11493 int size = 200;
11494
11495 trace_cfg80211_report_wowlan_wakeup(wdev->wiphy, wdev, wakeup);
11496
11497 if (wakeup)
11498 size += wakeup->packet_present_len;
11499
11500 msg = nlmsg_new(size, gfp);
11501 if (!msg)
11502 return;
11503
11504 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_SET_WOWLAN);
11505 if (!hdr)
11506 goto free_msg;
11507
11508 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
11509 nla_put_u64(msg, NL80211_ATTR_WDEV, wdev_id(wdev)))
11510 goto free_msg;
11511
11512 if (wdev->netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
11513 wdev->netdev->ifindex))
11514 goto free_msg;
11515
11516 if (wakeup) {
11517 struct nlattr *reasons;
11518
11519 reasons = nla_nest_start(msg, NL80211_ATTR_WOWLAN_TRIGGERS);
11520 if (!reasons)
11521 goto free_msg;
11522
11523 if (wakeup->disconnect &&
11524 nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT))
11525 goto free_msg;
11526 if (wakeup->magic_pkt &&
11527 nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT))
11528 goto free_msg;
11529 if (wakeup->gtk_rekey_failure &&
11530 nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE))
11531 goto free_msg;
11532 if (wakeup->eap_identity_req &&
11533 nla_put_flag(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST))
11534 goto free_msg;
11535 if (wakeup->four_way_handshake &&
11536 nla_put_flag(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE))
11537 goto free_msg;
11538 if (wakeup->rfkill_release &&
11539 nla_put_flag(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE))
11540 goto free_msg;
11541
11542 if (wakeup->pattern_idx >= 0 &&
11543 nla_put_u32(msg, NL80211_WOWLAN_TRIG_PKT_PATTERN,
11544 wakeup->pattern_idx))
11545 goto free_msg;
11546
11547 if (wakeup->tcp_match &&
11548 nla_put_flag(msg, NL80211_WOWLAN_TRIG_WAKEUP_TCP_MATCH))
11549 goto free_msg;
11550
11551 if (wakeup->tcp_connlost &&
11552 nla_put_flag(msg, NL80211_WOWLAN_TRIG_WAKEUP_TCP_CONNLOST))
11553 goto free_msg;
11554
11555 if (wakeup->tcp_nomoretokens &&
11556 nla_put_flag(msg,
11557 NL80211_WOWLAN_TRIG_WAKEUP_TCP_NOMORETOKENS))
11558 goto free_msg;
11559
11560 if (wakeup->packet) {
11561 u32 pkt_attr = NL80211_WOWLAN_TRIG_WAKEUP_PKT_80211;
11562 u32 len_attr = NL80211_WOWLAN_TRIG_WAKEUP_PKT_80211_LEN;
11563
11564 if (!wakeup->packet_80211) {
11565 pkt_attr =
11566 NL80211_WOWLAN_TRIG_WAKEUP_PKT_8023;
11567 len_attr =
11568 NL80211_WOWLAN_TRIG_WAKEUP_PKT_8023_LEN;
11569 }
11570
11571 if (wakeup->packet_len &&
11572 nla_put_u32(msg, len_attr, wakeup->packet_len))
11573 goto free_msg;
11574
11575 if (nla_put(msg, pkt_attr, wakeup->packet_present_len,
11576 wakeup->packet))
11577 goto free_msg;
11578 }
11579
11580 nla_nest_end(msg, reasons);
11581 }
11582
11583 genlmsg_end(msg, hdr);
11584
11585 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11586 NL80211_MCGRP_MLME, gfp);
11587 return;
11588
11589 free_msg:
11590 nlmsg_free(msg);
11591}
11592EXPORT_SYMBOL(cfg80211_report_wowlan_wakeup);
11593#endif
11594
11595void cfg80211_tdls_oper_request(struct net_device *dev, const u8 *peer,
11596 enum nl80211_tdls_operation oper,
11597 u16 reason_code, gfp_t gfp)
11598{
11599 struct wireless_dev *wdev = dev->ieee80211_ptr;
11600 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
11601 struct sk_buff *msg;
11602 void *hdr;
11603
11604 trace_cfg80211_tdls_oper_request(wdev->wiphy, dev, peer, oper,
11605 reason_code);
11606
11607 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
11608 if (!msg)
11609 return;
11610
11611 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_TDLS_OPER);
11612 if (!hdr) {
11613 nlmsg_free(msg);
11614 return;
11615 }
11616
11617 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
11618 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
11619 nla_put_u8(msg, NL80211_ATTR_TDLS_OPERATION, oper) ||
11620 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, peer) ||
11621 (reason_code > 0 &&
11622 nla_put_u16(msg, NL80211_ATTR_REASON_CODE, reason_code)))
11623 goto nla_put_failure;
11624
11625 genlmsg_end(msg, hdr);
11626
11627 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11628 NL80211_MCGRP_MLME, gfp);
11629 return;
11630
11631 nla_put_failure:
11632 genlmsg_cancel(msg, hdr);
11633 nlmsg_free(msg);
11634}
11635EXPORT_SYMBOL(cfg80211_tdls_oper_request);
11636
11637static int nl80211_netlink_notify(struct notifier_block * nb,
11638 unsigned long state,
11639 void *_notify)
11640{
11641 struct netlink_notify *notify = _notify;
11642 struct cfg80211_registered_device *rdev;
11643 struct wireless_dev *wdev;
11644 struct cfg80211_beacon_registration *reg, *tmp;
11645
11646 if (state != NETLINK_URELEASE)
11647 return NOTIFY_DONE;
11648
11649 rcu_read_lock();
11650
11651 list_for_each_entry_rcu(rdev, &cfg80211_rdev_list, list) {
11652 list_for_each_entry_rcu(wdev, &rdev->wdev_list, list)
11653 cfg80211_mlme_unregister_socket(wdev, notify->portid);
11654
11655 spin_lock_bh(&rdev->beacon_registrations_lock);
11656 list_for_each_entry_safe(reg, tmp, &rdev->beacon_registrations,
11657 list) {
11658 if (reg->nlportid == notify->portid) {
11659 list_del(®->list);
11660 kfree(reg);
11661 break;
11662 }
11663 }
11664 spin_unlock_bh(&rdev->beacon_registrations_lock);
11665 }
11666
11667 rcu_read_unlock();
11668
11669 return NOTIFY_DONE;
11670}
11671
11672static struct notifier_block nl80211_netlink_notifier = {
11673 .notifier_call = nl80211_netlink_notify,
11674};
11675
11676void cfg80211_ft_event(struct net_device *netdev,
11677 struct cfg80211_ft_event_params *ft_event)
11678{
11679 struct wiphy *wiphy = netdev->ieee80211_ptr->wiphy;
11680 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
11681 struct sk_buff *msg;
11682 void *hdr;
11683
11684 trace_cfg80211_ft_event(wiphy, netdev, ft_event);
11685
11686 if (!ft_event->target_ap)
11687 return;
11688
11689 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
11690 if (!msg)
11691 return;
11692
11693 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FT_EVENT);
11694 if (!hdr)
11695 goto out;
11696
11697 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
11698 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
11699 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, ft_event->target_ap))
11700 goto out;
11701
11702 if (ft_event->ies &&
11703 nla_put(msg, NL80211_ATTR_IE, ft_event->ies_len, ft_event->ies))
11704 goto out;
11705 if (ft_event->ric_ies &&
11706 nla_put(msg, NL80211_ATTR_IE_RIC, ft_event->ric_ies_len,
11707 ft_event->ric_ies))
11708 goto out;
11709
11710 genlmsg_end(msg, hdr);
11711
11712 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11713 NL80211_MCGRP_MLME, GFP_KERNEL);
11714 return;
11715 out:
11716 nlmsg_free(msg);
11717}
11718EXPORT_SYMBOL(cfg80211_ft_event);
11719
11720void cfg80211_crit_proto_stopped(struct wireless_dev *wdev, gfp_t gfp)
11721{
11722 struct cfg80211_registered_device *rdev;
11723 struct sk_buff *msg;
11724 void *hdr;
11725 u32 nlportid;
11726
11727 rdev = wiphy_to_dev(wdev->wiphy);
11728 if (!rdev->crit_proto_nlportid)
11729 return;
11730
11731 nlportid = rdev->crit_proto_nlportid;
11732 rdev->crit_proto_nlportid = 0;
11733
11734 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
11735 if (!msg)
11736 return;
11737
11738 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CRIT_PROTOCOL_STOP);
11739 if (!hdr)
11740 goto nla_put_failure;
11741
11742 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
11743 nla_put_u64(msg, NL80211_ATTR_WDEV, wdev_id(wdev)))
11744 goto nla_put_failure;
11745
11746 genlmsg_end(msg, hdr);
11747
11748 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlportid);
11749 return;
11750
11751 nla_put_failure:
11752 if (hdr)
11753 genlmsg_cancel(msg, hdr);
11754 nlmsg_free(msg);
11755
11756}
11757EXPORT_SYMBOL(cfg80211_crit_proto_stopped);
11758
11759void nl80211_send_ap_stopped(struct wireless_dev *wdev)
11760{
11761 struct wiphy *wiphy = wdev->wiphy;
11762 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
11763 struct sk_buff *msg;
11764 void *hdr;
11765
11766 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
11767 if (!msg)
11768 return;
11769
11770 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_STOP_AP);
11771 if (!hdr)
11772 goto out;
11773
11774 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
11775 nla_put_u32(msg, NL80211_ATTR_IFINDEX, wdev->netdev->ifindex) ||
11776 nla_put_u64(msg, NL80211_ATTR_WDEV, wdev_id(wdev)))
11777 goto out;
11778
11779 genlmsg_end(msg, hdr);
11780
11781 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(wiphy), msg, 0,
11782 NL80211_MCGRP_MLME, GFP_KERNEL);
11783 return;
11784 out:
11785 nlmsg_free(msg);
11786}
11787
11788
11789
11790int nl80211_init(void)
11791{
11792 int err;
11793
11794 err = genl_register_family_with_ops_groups(&nl80211_fam, nl80211_ops,
11795 nl80211_mcgrps);
11796 if (err)
11797 return err;
11798
11799 err = netlink_register_notifier(&nl80211_netlink_notifier);
11800 if (err)
11801 goto err_out;
11802
11803 return 0;
11804 err_out:
11805 genl_unregister_family(&nl80211_fam);
11806 return err;
11807}
11808
11809void nl80211_exit(void)
11810{
11811 netlink_unregister_notifier(&nl80211_netlink_notifier);
11812 genl_unregister_family(&nl80211_fam);
11813}
11814
