1
2
3
4
5
6
7
8#include <linux/if.h>
9#include <linux/module.h>
10#include <linux/err.h>
11#include <linux/slab.h>
12#include <linux/list.h>
13#include <linux/if_ether.h>
14#include <linux/ieee80211.h>
15#include <linux/nl80211.h>
16#include <linux/rtnetlink.h>
17#include <linux/netlink.h>
18#include <linux/etherdevice.h>
19#include <net/net_namespace.h>
20#include <net/genetlink.h>
21#include <net/cfg80211.h>
22#include <net/sock.h>
23#include <net/inet_connection_sock.h>
24#include "core.h"
25#include "nl80211.h"
26#include "reg.h"
27#include "rdev-ops.h"
28
29static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev,
30 struct genl_info *info,
31 struct cfg80211_crypto_settings *settings,
32 int cipher_limit);
33
34static int nl80211_pre_doit(const struct genl_ops *ops, struct sk_buff *skb,
35 struct genl_info *info);
36static void nl80211_post_doit(const struct genl_ops *ops, struct sk_buff *skb,
37 struct genl_info *info);
38
39
40static struct genl_family nl80211_fam = {
41 .id = GENL_ID_GENERATE,
42 .name = NL80211_GENL_NAME,
43 .hdrsize = 0,
44 .version = 1,
45 .maxattr = NL80211_ATTR_MAX,
46 .netnsok = true,
47 .pre_doit = nl80211_pre_doit,
48 .post_doit = nl80211_post_doit,
49};
50
51
52enum nl80211_multicast_groups {
53 NL80211_MCGRP_CONFIG,
54 NL80211_MCGRP_SCAN,
55 NL80211_MCGRP_REGULATORY,
56 NL80211_MCGRP_MLME,
57 NL80211_MCGRP_VENDOR,
58 NL80211_MCGRP_TESTMODE
59};
60
61static const struct genl_multicast_group nl80211_mcgrps[] = {
62 [NL80211_MCGRP_CONFIG] = { .name = NL80211_MULTICAST_GROUP_CONFIG },
63 [NL80211_MCGRP_SCAN] = { .name = NL80211_MULTICAST_GROUP_SCAN },
64 [NL80211_MCGRP_REGULATORY] = { .name = NL80211_MULTICAST_GROUP_REG },
65 [NL80211_MCGRP_MLME] = { .name = NL80211_MULTICAST_GROUP_MLME },
66 [NL80211_MCGRP_VENDOR] = { .name = NL80211_MULTICAST_GROUP_VENDOR },
67#ifdef CONFIG_NL80211_TESTMODE
68 [NL80211_MCGRP_TESTMODE] = { .name = NL80211_MULTICAST_GROUP_TESTMODE }
69#endif
70};
71
72
73static struct wireless_dev *
74__cfg80211_wdev_from_attrs(struct net *netns, struct nlattr **attrs)
75{
76 struct cfg80211_registered_device *rdev;
77 struct wireless_dev *result = NULL;
78 bool have_ifidx = attrs[NL80211_ATTR_IFINDEX];
79 bool have_wdev_id = attrs[NL80211_ATTR_WDEV];
80 u64 wdev_id;
81 int wiphy_idx = -1;
82 int ifidx = -1;
83
84 ASSERT_RTNL();
85
86 if (!have_ifidx && !have_wdev_id)
87 return ERR_PTR(-EINVAL);
88
89 if (have_ifidx)
90 ifidx = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]);
91 if (have_wdev_id) {
92 wdev_id = nla_get_u64(attrs[NL80211_ATTR_WDEV]);
93 wiphy_idx = wdev_id >> 32;
94 }
95
96 list_for_each_entry(rdev, &cfg80211_rdev_list, list) {
97 struct wireless_dev *wdev;
98
99 if (wiphy_net(&rdev->wiphy) != netns)
100 continue;
101
102 if (have_wdev_id && rdev->wiphy_idx != wiphy_idx)
103 continue;
104
105 list_for_each_entry(wdev, &rdev->wdev_list, list) {
106 if (have_ifidx && wdev->netdev &&
107 wdev->netdev->ifindex == ifidx) {
108 result = wdev;
109 break;
110 }
111 if (have_wdev_id && wdev->identifier == (u32)wdev_id) {
112 result = wdev;
113 break;
114 }
115 }
116
117 if (result)
118 break;
119 }
120
121 if (result)
122 return result;
123 return ERR_PTR(-ENODEV);
124}
125
126static struct cfg80211_registered_device *
127__cfg80211_rdev_from_attrs(struct net *netns, struct nlattr **attrs)
128{
129 struct cfg80211_registered_device *rdev = NULL, *tmp;
130 struct net_device *netdev;
131
132 ASSERT_RTNL();
133
134 if (!attrs[NL80211_ATTR_WIPHY] &&
135 !attrs[NL80211_ATTR_IFINDEX] &&
136 !attrs[NL80211_ATTR_WDEV])
137 return ERR_PTR(-EINVAL);
138
139 if (attrs[NL80211_ATTR_WIPHY])
140 rdev = cfg80211_rdev_by_wiphy_idx(
141 nla_get_u32(attrs[NL80211_ATTR_WIPHY]));
142
143 if (attrs[NL80211_ATTR_WDEV]) {
144 u64 wdev_id = nla_get_u64(attrs[NL80211_ATTR_WDEV]);
145 struct wireless_dev *wdev;
146 bool found = false;
147
148 tmp = cfg80211_rdev_by_wiphy_idx(wdev_id >> 32);
149 if (tmp) {
150
151 list_for_each_entry(wdev, &tmp->wdev_list, list) {
152 if (wdev->identifier != (u32)wdev_id)
153 continue;
154 found = true;
155 break;
156 }
157
158 if (!found)
159 tmp = NULL;
160
161 if (rdev && tmp != rdev)
162 return ERR_PTR(-EINVAL);
163 rdev = tmp;
164 }
165 }
166
167 if (attrs[NL80211_ATTR_IFINDEX]) {
168 int ifindex = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]);
169 netdev = __dev_get_by_index(netns, ifindex);
170 if (netdev) {
171 if (netdev->ieee80211_ptr)
172 tmp = wiphy_to_rdev(
173 netdev->ieee80211_ptr->wiphy);
174 else
175 tmp = NULL;
176
177
178 if (!tmp)
179 return ERR_PTR(-EINVAL);
180
181
182 if (rdev && tmp != rdev)
183 return ERR_PTR(-EINVAL);
184
185 rdev = tmp;
186 }
187 }
188
189 if (!rdev)
190 return ERR_PTR(-ENODEV);
191
192 if (netns != wiphy_net(&rdev->wiphy))
193 return ERR_PTR(-ENODEV);
194
195 return rdev;
196}
197
198
199
200
201
202
203
204
205static struct cfg80211_registered_device *
206cfg80211_get_dev_from_info(struct net *netns, struct genl_info *info)
207{
208 return __cfg80211_rdev_from_attrs(netns, info->attrs);
209}
210
211
212static const struct nla_policy nl80211_policy[NUM_NL80211_ATTR] = {
213 [NL80211_ATTR_WIPHY] = { .type = NLA_U32 },
214 [NL80211_ATTR_WIPHY_NAME] = { .type = NLA_NUL_STRING,
215 .len = 20-1 },
216 [NL80211_ATTR_WIPHY_TXQ_PARAMS] = { .type = NLA_NESTED },
217
218 [NL80211_ATTR_WIPHY_FREQ] = { .type = NLA_U32 },
219 [NL80211_ATTR_WIPHY_CHANNEL_TYPE] = { .type = NLA_U32 },
220 [NL80211_ATTR_CHANNEL_WIDTH] = { .type = NLA_U32 },
221 [NL80211_ATTR_CENTER_FREQ1] = { .type = NLA_U32 },
222 [NL80211_ATTR_CENTER_FREQ2] = { .type = NLA_U32 },
223
224 [NL80211_ATTR_WIPHY_RETRY_SHORT] = { .type = NLA_U8 },
225 [NL80211_ATTR_WIPHY_RETRY_LONG] = { .type = NLA_U8 },
226 [NL80211_ATTR_WIPHY_FRAG_THRESHOLD] = { .type = NLA_U32 },
227 [NL80211_ATTR_WIPHY_RTS_THRESHOLD] = { .type = NLA_U32 },
228 [NL80211_ATTR_WIPHY_COVERAGE_CLASS] = { .type = NLA_U8 },
229 [NL80211_ATTR_WIPHY_DYN_ACK] = { .type = NLA_FLAG },
230
231 [NL80211_ATTR_IFTYPE] = { .type = NLA_U32 },
232 [NL80211_ATTR_IFINDEX] = { .type = NLA_U32 },
233 [NL80211_ATTR_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ-1 },
234
235 [NL80211_ATTR_MAC] = { .len = ETH_ALEN },
236 [NL80211_ATTR_PREV_BSSID] = { .len = ETH_ALEN },
237
238 [NL80211_ATTR_KEY] = { .type = NLA_NESTED, },
239 [NL80211_ATTR_KEY_DATA] = { .type = NLA_BINARY,
240 .len = WLAN_MAX_KEY_LEN },
241 [NL80211_ATTR_KEY_IDX] = { .type = NLA_U8 },
242 [NL80211_ATTR_KEY_CIPHER] = { .type = NLA_U32 },
243 [NL80211_ATTR_KEY_DEFAULT] = { .type = NLA_FLAG },
244 [NL80211_ATTR_KEY_SEQ] = { .type = NLA_BINARY, .len = 16 },
245 [NL80211_ATTR_KEY_TYPE] = { .type = NLA_U32 },
246
247 [NL80211_ATTR_BEACON_INTERVAL] = { .type = NLA_U32 },
248 [NL80211_ATTR_DTIM_PERIOD] = { .type = NLA_U32 },
249 [NL80211_ATTR_BEACON_HEAD] = { .type = NLA_BINARY,
250 .len = IEEE80211_MAX_DATA_LEN },
251 [NL80211_ATTR_BEACON_TAIL] = { .type = NLA_BINARY,
252 .len = IEEE80211_MAX_DATA_LEN },
253 [NL80211_ATTR_STA_AID] = { .type = NLA_U16 },
254 [NL80211_ATTR_STA_FLAGS] = { .type = NLA_NESTED },
255 [NL80211_ATTR_STA_LISTEN_INTERVAL] = { .type = NLA_U16 },
256 [NL80211_ATTR_STA_SUPPORTED_RATES] = { .type = NLA_BINARY,
257 .len = NL80211_MAX_SUPP_RATES },
258 [NL80211_ATTR_STA_PLINK_ACTION] = { .type = NLA_U8 },
259 [NL80211_ATTR_STA_VLAN] = { .type = NLA_U32 },
260 [NL80211_ATTR_MNTR_FLAGS] = { },
261 [NL80211_ATTR_MESH_ID] = { .type = NLA_BINARY,
262 .len = IEEE80211_MAX_MESH_ID_LEN },
263 [NL80211_ATTR_MPATH_NEXT_HOP] = { .type = NLA_U32 },
264
265 [NL80211_ATTR_REG_ALPHA2] = { .type = NLA_STRING, .len = 2 },
266 [NL80211_ATTR_REG_RULES] = { .type = NLA_NESTED },
267
268 [NL80211_ATTR_BSS_CTS_PROT] = { .type = NLA_U8 },
269 [NL80211_ATTR_BSS_SHORT_PREAMBLE] = { .type = NLA_U8 },
270 [NL80211_ATTR_BSS_SHORT_SLOT_TIME] = { .type = NLA_U8 },
271 [NL80211_ATTR_BSS_BASIC_RATES] = { .type = NLA_BINARY,
272 .len = NL80211_MAX_SUPP_RATES },
273 [NL80211_ATTR_BSS_HT_OPMODE] = { .type = NLA_U16 },
274
275 [NL80211_ATTR_MESH_CONFIG] = { .type = NLA_NESTED },
276 [NL80211_ATTR_SUPPORT_MESH_AUTH] = { .type = NLA_FLAG },
277
278 [NL80211_ATTR_HT_CAPABILITY] = { .len = NL80211_HT_CAPABILITY_LEN },
279
280 [NL80211_ATTR_MGMT_SUBTYPE] = { .type = NLA_U8 },
281 [NL80211_ATTR_IE] = { .type = NLA_BINARY,
282 .len = IEEE80211_MAX_DATA_LEN },
283 [NL80211_ATTR_SCAN_FREQUENCIES] = { .type = NLA_NESTED },
284 [NL80211_ATTR_SCAN_SSIDS] = { .type = NLA_NESTED },
285
286 [NL80211_ATTR_SSID] = { .type = NLA_BINARY,
287 .len = IEEE80211_MAX_SSID_LEN },
288 [NL80211_ATTR_AUTH_TYPE] = { .type = NLA_U32 },
289 [NL80211_ATTR_REASON_CODE] = { .type = NLA_U16 },
290 [NL80211_ATTR_FREQ_FIXED] = { .type = NLA_FLAG },
291 [NL80211_ATTR_TIMED_OUT] = { .type = NLA_FLAG },
292 [NL80211_ATTR_USE_MFP] = { .type = NLA_U32 },
293 [NL80211_ATTR_STA_FLAGS2] = {
294 .len = sizeof(struct nl80211_sta_flag_update),
295 },
296 [NL80211_ATTR_CONTROL_PORT] = { .type = NLA_FLAG },
297 [NL80211_ATTR_CONTROL_PORT_ETHERTYPE] = { .type = NLA_U16 },
298 [NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT] = { .type = NLA_FLAG },
299 [NL80211_ATTR_PRIVACY] = { .type = NLA_FLAG },
300 [NL80211_ATTR_CIPHER_SUITE_GROUP] = { .type = NLA_U32 },
301 [NL80211_ATTR_WPA_VERSIONS] = { .type = NLA_U32 },
302 [NL80211_ATTR_PID] = { .type = NLA_U32 },
303 [NL80211_ATTR_4ADDR] = { .type = NLA_U8 },
304 [NL80211_ATTR_PMKID] = { .type = NLA_BINARY,
305 .len = WLAN_PMKID_LEN },
306 [NL80211_ATTR_DURATION] = { .type = NLA_U32 },
307 [NL80211_ATTR_COOKIE] = { .type = NLA_U64 },
308 [NL80211_ATTR_TX_RATES] = { .type = NLA_NESTED },
309 [NL80211_ATTR_FRAME] = { .type = NLA_BINARY,
310 .len = IEEE80211_MAX_DATA_LEN },
311 [NL80211_ATTR_FRAME_MATCH] = { .type = NLA_BINARY, },
312 [NL80211_ATTR_PS_STATE] = { .type = NLA_U32 },
313 [NL80211_ATTR_CQM] = { .type = NLA_NESTED, },
314 [NL80211_ATTR_LOCAL_STATE_CHANGE] = { .type = NLA_FLAG },
315 [NL80211_ATTR_AP_ISOLATE] = { .type = NLA_U8 },
316 [NL80211_ATTR_WIPHY_TX_POWER_SETTING] = { .type = NLA_U32 },
317 [NL80211_ATTR_WIPHY_TX_POWER_LEVEL] = { .type = NLA_U32 },
318 [NL80211_ATTR_FRAME_TYPE] = { .type = NLA_U16 },
319 [NL80211_ATTR_WIPHY_ANTENNA_TX] = { .type = NLA_U32 },
320 [NL80211_ATTR_WIPHY_ANTENNA_RX] = { .type = NLA_U32 },
321 [NL80211_ATTR_MCAST_RATE] = { .type = NLA_U32 },
322 [NL80211_ATTR_OFFCHANNEL_TX_OK] = { .type = NLA_FLAG },
323 [NL80211_ATTR_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED },
324 [NL80211_ATTR_WOWLAN_TRIGGERS] = { .type = NLA_NESTED },
325 [NL80211_ATTR_STA_PLINK_STATE] = { .type = NLA_U8 },
326 [NL80211_ATTR_SCHED_SCAN_INTERVAL] = { .type = NLA_U32 },
327 [NL80211_ATTR_REKEY_DATA] = { .type = NLA_NESTED },
328 [NL80211_ATTR_SCAN_SUPP_RATES] = { .type = NLA_NESTED },
329 [NL80211_ATTR_HIDDEN_SSID] = { .type = NLA_U32 },
330 [NL80211_ATTR_IE_PROBE_RESP] = { .type = NLA_BINARY,
331 .len = IEEE80211_MAX_DATA_LEN },
332 [NL80211_ATTR_IE_ASSOC_RESP] = { .type = NLA_BINARY,
333 .len = IEEE80211_MAX_DATA_LEN },
334 [NL80211_ATTR_ROAM_SUPPORT] = { .type = NLA_FLAG },
335 [NL80211_ATTR_SCHED_SCAN_MATCH] = { .type = NLA_NESTED },
336 [NL80211_ATTR_TX_NO_CCK_RATE] = { .type = NLA_FLAG },
337 [NL80211_ATTR_TDLS_ACTION] = { .type = NLA_U8 },
338 [NL80211_ATTR_TDLS_DIALOG_TOKEN] = { .type = NLA_U8 },
339 [NL80211_ATTR_TDLS_OPERATION] = { .type = NLA_U8 },
340 [NL80211_ATTR_TDLS_SUPPORT] = { .type = NLA_FLAG },
341 [NL80211_ATTR_TDLS_EXTERNAL_SETUP] = { .type = NLA_FLAG },
342 [NL80211_ATTR_TDLS_INITIATOR] = { .type = NLA_FLAG },
343 [NL80211_ATTR_DONT_WAIT_FOR_ACK] = { .type = NLA_FLAG },
344 [NL80211_ATTR_PROBE_RESP] = { .type = NLA_BINARY,
345 .len = IEEE80211_MAX_DATA_LEN },
346 [NL80211_ATTR_DFS_REGION] = { .type = NLA_U8 },
347 [NL80211_ATTR_DISABLE_HT] = { .type = NLA_FLAG },
348 [NL80211_ATTR_HT_CAPABILITY_MASK] = {
349 .len = NL80211_HT_CAPABILITY_LEN
350 },
351 [NL80211_ATTR_NOACK_MAP] = { .type = NLA_U16 },
352 [NL80211_ATTR_INACTIVITY_TIMEOUT] = { .type = NLA_U16 },
353 [NL80211_ATTR_BG_SCAN_PERIOD] = { .type = NLA_U16 },
354 [NL80211_ATTR_WDEV] = { .type = NLA_U64 },
355 [NL80211_ATTR_USER_REG_HINT_TYPE] = { .type = NLA_U32 },
356 [NL80211_ATTR_SAE_DATA] = { .type = NLA_BINARY, },
357 [NL80211_ATTR_VHT_CAPABILITY] = { .len = NL80211_VHT_CAPABILITY_LEN },
358 [NL80211_ATTR_SCAN_FLAGS] = { .type = NLA_U32 },
359 [NL80211_ATTR_P2P_CTWINDOW] = { .type = NLA_U8 },
360 [NL80211_ATTR_P2P_OPPPS] = { .type = NLA_U8 },
361 [NL80211_ATTR_ACL_POLICY] = {. type = NLA_U32 },
362 [NL80211_ATTR_MAC_ADDRS] = { .type = NLA_NESTED },
363 [NL80211_ATTR_STA_CAPABILITY] = { .type = NLA_U16 },
364 [NL80211_ATTR_STA_EXT_CAPABILITY] = { .type = NLA_BINARY, },
365 [NL80211_ATTR_SPLIT_WIPHY_DUMP] = { .type = NLA_FLAG, },
366 [NL80211_ATTR_DISABLE_VHT] = { .type = NLA_FLAG },
367 [NL80211_ATTR_VHT_CAPABILITY_MASK] = {
368 .len = NL80211_VHT_CAPABILITY_LEN,
369 },
370 [NL80211_ATTR_MDID] = { .type = NLA_U16 },
371 [NL80211_ATTR_IE_RIC] = { .type = NLA_BINARY,
372 .len = IEEE80211_MAX_DATA_LEN },
373 [NL80211_ATTR_PEER_AID] = { .type = NLA_U16 },
374 [NL80211_ATTR_CH_SWITCH_COUNT] = { .type = NLA_U32 },
375 [NL80211_ATTR_CH_SWITCH_BLOCK_TX] = { .type = NLA_FLAG },
376 [NL80211_ATTR_CSA_IES] = { .type = NLA_NESTED },
377 [NL80211_ATTR_CSA_C_OFF_BEACON] = { .type = NLA_BINARY },
378 [NL80211_ATTR_CSA_C_OFF_PRESP] = { .type = NLA_BINARY },
379 [NL80211_ATTR_STA_SUPPORTED_CHANNELS] = { .type = NLA_BINARY },
380 [NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES] = { .type = NLA_BINARY },
381 [NL80211_ATTR_HANDLE_DFS] = { .type = NLA_FLAG },
382 [NL80211_ATTR_OPMODE_NOTIF] = { .type = NLA_U8 },
383 [NL80211_ATTR_VENDOR_ID] = { .type = NLA_U32 },
384 [NL80211_ATTR_VENDOR_SUBCMD] = { .type = NLA_U32 },
385 [NL80211_ATTR_VENDOR_DATA] = { .type = NLA_BINARY },
386 [NL80211_ATTR_QOS_MAP] = { .type = NLA_BINARY,
387 .len = IEEE80211_QOS_MAP_LEN_MAX },
388 [NL80211_ATTR_MAC_HINT] = { .len = ETH_ALEN },
389 [NL80211_ATTR_WIPHY_FREQ_HINT] = { .type = NLA_U32 },
390 [NL80211_ATTR_TDLS_PEER_CAPABILITY] = { .type = NLA_U32 },
391 [NL80211_ATTR_SOCKET_OWNER] = { .type = NLA_FLAG },
392 [NL80211_ATTR_CSA_C_OFFSETS_TX] = { .type = NLA_BINARY },
393 [NL80211_ATTR_USE_RRM] = { .type = NLA_FLAG },
394 [NL80211_ATTR_TSID] = { .type = NLA_U8 },
395 [NL80211_ATTR_USER_PRIO] = { .type = NLA_U8 },
396 [NL80211_ATTR_ADMITTED_TIME] = { .type = NLA_U16 },
397 [NL80211_ATTR_SMPS_MODE] = { .type = NLA_U8 },
398 [NL80211_ATTR_MAC_MASK] = { .len = ETH_ALEN },
399 [NL80211_ATTR_WIPHY_SELF_MANAGED_REG] = { .type = NLA_FLAG },
400 [NL80211_ATTR_NETNS_FD] = { .type = NLA_U32 },
401 [NL80211_ATTR_SCHED_SCAN_DELAY] = { .type = NLA_U32 },
402 [NL80211_ATTR_REG_INDOOR] = { .type = NLA_FLAG },
403};
404
405
406static const struct nla_policy nl80211_key_policy[NL80211_KEY_MAX + 1] = {
407 [NL80211_KEY_DATA] = { .type = NLA_BINARY, .len = WLAN_MAX_KEY_LEN },
408 [NL80211_KEY_IDX] = { .type = NLA_U8 },
409 [NL80211_KEY_CIPHER] = { .type = NLA_U32 },
410 [NL80211_KEY_SEQ] = { .type = NLA_BINARY, .len = 16 },
411 [NL80211_KEY_DEFAULT] = { .type = NLA_FLAG },
412 [NL80211_KEY_DEFAULT_MGMT] = { .type = NLA_FLAG },
413 [NL80211_KEY_TYPE] = { .type = NLA_U32 },
414 [NL80211_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED },
415};
416
417
418static const struct nla_policy
419nl80211_key_default_policy[NUM_NL80211_KEY_DEFAULT_TYPES] = {
420 [NL80211_KEY_DEFAULT_TYPE_UNICAST] = { .type = NLA_FLAG },
421 [NL80211_KEY_DEFAULT_TYPE_MULTICAST] = { .type = NLA_FLAG },
422};
423
424
425static const struct nla_policy
426nl80211_wowlan_policy[NUM_NL80211_WOWLAN_TRIG] = {
427 [NL80211_WOWLAN_TRIG_ANY] = { .type = NLA_FLAG },
428 [NL80211_WOWLAN_TRIG_DISCONNECT] = { .type = NLA_FLAG },
429 [NL80211_WOWLAN_TRIG_MAGIC_PKT] = { .type = NLA_FLAG },
430 [NL80211_WOWLAN_TRIG_PKT_PATTERN] = { .type = NLA_NESTED },
431 [NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE] = { .type = NLA_FLAG },
432 [NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST] = { .type = NLA_FLAG },
433 [NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE] = { .type = NLA_FLAG },
434 [NL80211_WOWLAN_TRIG_RFKILL_RELEASE] = { .type = NLA_FLAG },
435 [NL80211_WOWLAN_TRIG_TCP_CONNECTION] = { .type = NLA_NESTED },
436 [NL80211_WOWLAN_TRIG_NET_DETECT] = { .type = NLA_NESTED },
437};
438
439static const struct nla_policy
440nl80211_wowlan_tcp_policy[NUM_NL80211_WOWLAN_TCP] = {
441 [NL80211_WOWLAN_TCP_SRC_IPV4] = { .type = NLA_U32 },
442 [NL80211_WOWLAN_TCP_DST_IPV4] = { .type = NLA_U32 },
443 [NL80211_WOWLAN_TCP_DST_MAC] = { .len = ETH_ALEN },
444 [NL80211_WOWLAN_TCP_SRC_PORT] = { .type = NLA_U16 },
445 [NL80211_WOWLAN_TCP_DST_PORT] = { .type = NLA_U16 },
446 [NL80211_WOWLAN_TCP_DATA_PAYLOAD] = { .len = 1 },
447 [NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ] = {
448 .len = sizeof(struct nl80211_wowlan_tcp_data_seq)
449 },
450 [NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN] = {
451 .len = sizeof(struct nl80211_wowlan_tcp_data_token)
452 },
453 [NL80211_WOWLAN_TCP_DATA_INTERVAL] = { .type = NLA_U32 },
454 [NL80211_WOWLAN_TCP_WAKE_PAYLOAD] = { .len = 1 },
455 [NL80211_WOWLAN_TCP_WAKE_MASK] = { .len = 1 },
456};
457
458
459static const struct nla_policy
460nl80211_coalesce_policy[NUM_NL80211_ATTR_COALESCE_RULE] = {
461 [NL80211_ATTR_COALESCE_RULE_DELAY] = { .type = NLA_U32 },
462 [NL80211_ATTR_COALESCE_RULE_CONDITION] = { .type = NLA_U32 },
463 [NL80211_ATTR_COALESCE_RULE_PKT_PATTERN] = { .type = NLA_NESTED },
464};
465
466
467static const struct nla_policy
468nl80211_rekey_policy[NUM_NL80211_REKEY_DATA] = {
469 [NL80211_REKEY_DATA_KEK] = { .len = NL80211_KEK_LEN },
470 [NL80211_REKEY_DATA_KCK] = { .len = NL80211_KCK_LEN },
471 [NL80211_REKEY_DATA_REPLAY_CTR] = { .len = NL80211_REPLAY_CTR_LEN },
472};
473
474static const struct nla_policy
475nl80211_match_policy[NL80211_SCHED_SCAN_MATCH_ATTR_MAX + 1] = {
476 [NL80211_SCHED_SCAN_MATCH_ATTR_SSID] = { .type = NLA_BINARY,
477 .len = IEEE80211_MAX_SSID_LEN },
478 [NL80211_SCHED_SCAN_MATCH_ATTR_RSSI] = { .type = NLA_U32 },
479};
480
481static int nl80211_prepare_wdev_dump(struct sk_buff *skb,
482 struct netlink_callback *cb,
483 struct cfg80211_registered_device **rdev,
484 struct wireless_dev **wdev)
485{
486 int err;
487
488 rtnl_lock();
489
490 if (!cb->args[0]) {
491 err = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize,
492 nl80211_fam.attrbuf, nl80211_fam.maxattr,
493 nl80211_policy);
494 if (err)
495 goto out_unlock;
496
497 *wdev = __cfg80211_wdev_from_attrs(sock_net(skb->sk),
498 nl80211_fam.attrbuf);
499 if (IS_ERR(*wdev)) {
500 err = PTR_ERR(*wdev);
501 goto out_unlock;
502 }
503 *rdev = wiphy_to_rdev((*wdev)->wiphy);
504
505 cb->args[0] = (*rdev)->wiphy_idx + 1;
506 cb->args[1] = (*wdev)->identifier;
507 } else {
508
509 struct wiphy *wiphy = wiphy_idx_to_wiphy(cb->args[0] - 1);
510 struct wireless_dev *tmp;
511
512 if (!wiphy) {
513 err = -ENODEV;
514 goto out_unlock;
515 }
516 *rdev = wiphy_to_rdev(wiphy);
517 *wdev = NULL;
518
519 list_for_each_entry(tmp, &(*rdev)->wdev_list, list) {
520 if (tmp->identifier == cb->args[1]) {
521 *wdev = tmp;
522 break;
523 }
524 }
525
526 if (!*wdev) {
527 err = -ENODEV;
528 goto out_unlock;
529 }
530 }
531
532 return 0;
533 out_unlock:
534 rtnl_unlock();
535 return err;
536}
537
538static void nl80211_finish_wdev_dump(struct cfg80211_registered_device *rdev)
539{
540 rtnl_unlock();
541}
542
543
544static bool is_valid_ie_attr(const struct nlattr *attr)
545{
546 const u8 *pos;
547 int len;
548
549 if (!attr)
550 return true;
551
552 pos = nla_data(attr);
553 len = nla_len(attr);
554
555 while (len) {
556 u8 elemlen;
557
558 if (len < 2)
559 return false;
560 len -= 2;
561
562 elemlen = pos[1];
563 if (elemlen > len)
564 return false;
565
566 len -= elemlen;
567 pos += 2 + elemlen;
568 }
569
570 return true;
571}
572
573
574static inline void *nl80211hdr_put(struct sk_buff *skb, u32 portid, u32 seq,
575 int flags, u8 cmd)
576{
577
578 return genlmsg_put(skb, portid, seq, &nl80211_fam, flags, cmd);
579}
580
581static int nl80211_msg_put_channel(struct sk_buff *msg,
582 struct ieee80211_channel *chan,
583 bool large)
584{
585
586
587
588 if (!large && chan->flags &
589 (IEEE80211_CHAN_NO_10MHZ | IEEE80211_CHAN_NO_20MHZ))
590 return 0;
591
592 if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_FREQ,
593 chan->center_freq))
594 goto nla_put_failure;
595
596 if ((chan->flags & IEEE80211_CHAN_DISABLED) &&
597 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_DISABLED))
598 goto nla_put_failure;
599 if (chan->flags & IEEE80211_CHAN_NO_IR) {
600 if (nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_IR))
601 goto nla_put_failure;
602 if (nla_put_flag(msg, __NL80211_FREQUENCY_ATTR_NO_IBSS))
603 goto nla_put_failure;
604 }
605 if (chan->flags & IEEE80211_CHAN_RADAR) {
606 if (nla_put_flag(msg, NL80211_FREQUENCY_ATTR_RADAR))
607 goto nla_put_failure;
608 if (large) {
609 u32 time;
610
611 time = elapsed_jiffies_msecs(chan->dfs_state_entered);
612
613 if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_DFS_STATE,
614 chan->dfs_state))
615 goto nla_put_failure;
616 if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_DFS_TIME,
617 time))
618 goto nla_put_failure;
619 if (nla_put_u32(msg,
620 NL80211_FREQUENCY_ATTR_DFS_CAC_TIME,
621 chan->dfs_cac_ms))
622 goto nla_put_failure;
623 }
624 }
625
626 if (large) {
627 if ((chan->flags & IEEE80211_CHAN_NO_HT40MINUS) &&
628 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_HT40_MINUS))
629 goto nla_put_failure;
630 if ((chan->flags & IEEE80211_CHAN_NO_HT40PLUS) &&
631 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_HT40_PLUS))
632 goto nla_put_failure;
633 if ((chan->flags & IEEE80211_CHAN_NO_80MHZ) &&
634 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_80MHZ))
635 goto nla_put_failure;
636 if ((chan->flags & IEEE80211_CHAN_NO_160MHZ) &&
637 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_160MHZ))
638 goto nla_put_failure;
639 if ((chan->flags & IEEE80211_CHAN_INDOOR_ONLY) &&
640 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_INDOOR_ONLY))
641 goto nla_put_failure;
642 if ((chan->flags & IEEE80211_CHAN_GO_CONCURRENT) &&
643 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_GO_CONCURRENT))
644 goto nla_put_failure;
645 if ((chan->flags & IEEE80211_CHAN_NO_20MHZ) &&
646 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_20MHZ))
647 goto nla_put_failure;
648 if ((chan->flags & IEEE80211_CHAN_NO_10MHZ) &&
649 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_10MHZ))
650 goto nla_put_failure;
651 }
652
653 if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_MAX_TX_POWER,
654 DBM_TO_MBM(chan->max_power)))
655 goto nla_put_failure;
656
657 return 0;
658
659 nla_put_failure:
660 return -ENOBUFS;
661}
662
663
664
665struct key_parse {
666 struct key_params p;
667 int idx;
668 int type;
669 bool def, defmgmt;
670 bool def_uni, def_multi;
671};
672
673static int nl80211_parse_key_new(struct nlattr *key, struct key_parse *k)
674{
675 struct nlattr *tb[NL80211_KEY_MAX + 1];
676 int err = nla_parse_nested(tb, NL80211_KEY_MAX, key,
677 nl80211_key_policy);
678 if (err)
679 return err;
680
681 k->def = !!tb[NL80211_KEY_DEFAULT];
682 k->defmgmt = !!tb[NL80211_KEY_DEFAULT_MGMT];
683
684 if (k->def) {
685 k->def_uni = true;
686 k->def_multi = true;
687 }
688 if (k->defmgmt)
689 k->def_multi = true;
690
691 if (tb[NL80211_KEY_IDX])
692 k->idx = nla_get_u8(tb[NL80211_KEY_IDX]);
693
694 if (tb[NL80211_KEY_DATA]) {
695 k->p.key = nla_data(tb[NL80211_KEY_DATA]);
696 k->p.key_len = nla_len(tb[NL80211_KEY_DATA]);
697 }
698
699 if (tb[NL80211_KEY_SEQ]) {
700 k->p.seq = nla_data(tb[NL80211_KEY_SEQ]);
701 k->p.seq_len = nla_len(tb[NL80211_KEY_SEQ]);
702 }
703
704 if (tb[NL80211_KEY_CIPHER])
705 k->p.cipher = nla_get_u32(tb[NL80211_KEY_CIPHER]);
706
707 if (tb[NL80211_KEY_TYPE]) {
708 k->type = nla_get_u32(tb[NL80211_KEY_TYPE]);
709 if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES)
710 return -EINVAL;
711 }
712
713 if (tb[NL80211_KEY_DEFAULT_TYPES]) {
714 struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES];
715 err = nla_parse_nested(kdt, NUM_NL80211_KEY_DEFAULT_TYPES - 1,
716 tb[NL80211_KEY_DEFAULT_TYPES],
717 nl80211_key_default_policy);
718 if (err)
719 return err;
720
721 k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST];
722 k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST];
723 }
724
725 return 0;
726}
727
728static int nl80211_parse_key_old(struct genl_info *info, struct key_parse *k)
729{
730 if (info->attrs[NL80211_ATTR_KEY_DATA]) {
731 k->p.key = nla_data(info->attrs[NL80211_ATTR_KEY_DATA]);
732 k->p.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]);
733 }
734
735 if (info->attrs[NL80211_ATTR_KEY_SEQ]) {
736 k->p.seq = nla_data(info->attrs[NL80211_ATTR_KEY_SEQ]);
737 k->p.seq_len = nla_len(info->attrs[NL80211_ATTR_KEY_SEQ]);
738 }
739
740 if (info->attrs[NL80211_ATTR_KEY_IDX])
741 k->idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);
742
743 if (info->attrs[NL80211_ATTR_KEY_CIPHER])
744 k->p.cipher = nla_get_u32(info->attrs[NL80211_ATTR_KEY_CIPHER]);
745
746 k->def = !!info->attrs[NL80211_ATTR_KEY_DEFAULT];
747 k->defmgmt = !!info->attrs[NL80211_ATTR_KEY_DEFAULT_MGMT];
748
749 if (k->def) {
750 k->def_uni = true;
751 k->def_multi = true;
752 }
753 if (k->defmgmt)
754 k->def_multi = true;
755
756 if (info->attrs[NL80211_ATTR_KEY_TYPE]) {
757 k->type = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]);
758 if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES)
759 return -EINVAL;
760 }
761
762 if (info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES]) {
763 struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES];
764 int err = nla_parse_nested(
765 kdt, NUM_NL80211_KEY_DEFAULT_TYPES - 1,
766 info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES],
767 nl80211_key_default_policy);
768 if (err)
769 return err;
770
771 k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST];
772 k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST];
773 }
774
775 return 0;
776}
777
778static int nl80211_parse_key(struct genl_info *info, struct key_parse *k)
779{
780 int err;
781
782 memset(k, 0, sizeof(*k));
783 k->idx = -1;
784 k->type = -1;
785
786 if (info->attrs[NL80211_ATTR_KEY])
787 err = nl80211_parse_key_new(info->attrs[NL80211_ATTR_KEY], k);
788 else
789 err = nl80211_parse_key_old(info, k);
790
791 if (err)
792 return err;
793
794 if (k->def && k->defmgmt)
795 return -EINVAL;
796
797 if (k->defmgmt) {
798 if (k->def_uni || !k->def_multi)
799 return -EINVAL;
800 }
801
802 if (k->idx != -1) {
803 if (k->defmgmt) {
804 if (k->idx < 4 || k->idx > 5)
805 return -EINVAL;
806 } else if (k->def) {
807 if (k->idx < 0 || k->idx > 3)
808 return -EINVAL;
809 } else {
810 if (k->idx < 0 || k->idx > 5)
811 return -EINVAL;
812 }
813 }
814
815 return 0;
816}
817
818static struct cfg80211_cached_keys *
819nl80211_parse_connkeys(struct cfg80211_registered_device *rdev,
820 struct nlattr *keys, bool *no_ht)
821{
822 struct key_parse parse;
823 struct nlattr *key;
824 struct cfg80211_cached_keys *result;
825 int rem, err, def = 0;
826
827 result = kzalloc(sizeof(*result), GFP_KERNEL);
828 if (!result)
829 return ERR_PTR(-ENOMEM);
830
831 result->def = -1;
832 result->defmgmt = -1;
833
834 nla_for_each_nested(key, keys, rem) {
835 memset(&parse, 0, sizeof(parse));
836 parse.idx = -1;
837
838 err = nl80211_parse_key_new(key, &parse);
839 if (err)
840 goto error;
841 err = -EINVAL;
842 if (!parse.p.key)
843 goto error;
844 if (parse.idx < 0 || parse.idx > 4)
845 goto error;
846 if (parse.def) {
847 if (def)
848 goto error;
849 def = 1;
850 result->def = parse.idx;
851 if (!parse.def_uni || !parse.def_multi)
852 goto error;
853 } else if (parse.defmgmt)
854 goto error;
855 err = cfg80211_validate_key_settings(rdev, &parse.p,
856 parse.idx, false, NULL);
857 if (err)
858 goto error;
859 result->params[parse.idx].cipher = parse.p.cipher;
860 result->params[parse.idx].key_len = parse.p.key_len;
861 result->params[parse.idx].key = result->data[parse.idx];
862 memcpy(result->data[parse.idx], parse.p.key, parse.p.key_len);
863
864 if (parse.p.cipher == WLAN_CIPHER_SUITE_WEP40 ||
865 parse.p.cipher == WLAN_CIPHER_SUITE_WEP104) {
866 if (no_ht)
867 *no_ht = true;
868 }
869 }
870
871 return result;
872 error:
873 kfree(result);
874 return ERR_PTR(err);
875}
876
877static int nl80211_key_allowed(struct wireless_dev *wdev)
878{
879 ASSERT_WDEV_LOCK(wdev);
880
881 switch (wdev->iftype) {
882 case NL80211_IFTYPE_AP:
883 case NL80211_IFTYPE_AP_VLAN:
884 case NL80211_IFTYPE_P2P_GO:
885 case NL80211_IFTYPE_MESH_POINT:
886 break;
887 case NL80211_IFTYPE_ADHOC:
888 case NL80211_IFTYPE_STATION:
889 case NL80211_IFTYPE_P2P_CLIENT:
890 if (!wdev->current_bss)
891 return -ENOLINK;
892 break;
893 case NL80211_IFTYPE_UNSPECIFIED:
894 case NL80211_IFTYPE_OCB:
895 case NL80211_IFTYPE_MONITOR:
896 case NL80211_IFTYPE_P2P_DEVICE:
897 case NL80211_IFTYPE_WDS:
898 case NUM_NL80211_IFTYPES:
899 return -EINVAL;
900 }
901
902 return 0;
903}
904
905static struct ieee80211_channel *nl80211_get_valid_chan(struct wiphy *wiphy,
906 struct nlattr *tb)
907{
908 struct ieee80211_channel *chan;
909
910 if (tb == NULL)
911 return NULL;
912 chan = ieee80211_get_channel(wiphy, nla_get_u32(tb));
913 if (!chan || chan->flags & IEEE80211_CHAN_DISABLED)
914 return NULL;
915 return chan;
916}
917
918static int nl80211_put_iftypes(struct sk_buff *msg, u32 attr, u16 ifmodes)
919{
920 struct nlattr *nl_modes = nla_nest_start(msg, attr);
921 int i;
922
923 if (!nl_modes)
924 goto nla_put_failure;
925
926 i = 0;
927 while (ifmodes) {
928 if ((ifmodes & 1) && nla_put_flag(msg, i))
929 goto nla_put_failure;
930 ifmodes >>= 1;
931 i++;
932 }
933
934 nla_nest_end(msg, nl_modes);
935 return 0;
936
937nla_put_failure:
938 return -ENOBUFS;
939}
940
941static int nl80211_put_iface_combinations(struct wiphy *wiphy,
942 struct sk_buff *msg,
943 bool large)
944{
945 struct nlattr *nl_combis;
946 int i, j;
947
948 nl_combis = nla_nest_start(msg,
949 NL80211_ATTR_INTERFACE_COMBINATIONS);
950 if (!nl_combis)
951 goto nla_put_failure;
952
953 for (i = 0; i < wiphy->n_iface_combinations; i++) {
954 const struct ieee80211_iface_combination *c;
955 struct nlattr *nl_combi, *nl_limits;
956
957 c = &wiphy->iface_combinations[i];
958
959 nl_combi = nla_nest_start(msg, i + 1);
960 if (!nl_combi)
961 goto nla_put_failure;
962
963 nl_limits = nla_nest_start(msg, NL80211_IFACE_COMB_LIMITS);
964 if (!nl_limits)
965 goto nla_put_failure;
966
967 for (j = 0; j < c->n_limits; j++) {
968 struct nlattr *nl_limit;
969
970 nl_limit = nla_nest_start(msg, j + 1);
971 if (!nl_limit)
972 goto nla_put_failure;
973 if (nla_put_u32(msg, NL80211_IFACE_LIMIT_MAX,
974 c->limits[j].max))
975 goto nla_put_failure;
976 if (nl80211_put_iftypes(msg, NL80211_IFACE_LIMIT_TYPES,
977 c->limits[j].types))
978 goto nla_put_failure;
979 nla_nest_end(msg, nl_limit);
980 }
981
982 nla_nest_end(msg, nl_limits);
983
984 if (c->beacon_int_infra_match &&
985 nla_put_flag(msg, NL80211_IFACE_COMB_STA_AP_BI_MATCH))
986 goto nla_put_failure;
987 if (nla_put_u32(msg, NL80211_IFACE_COMB_NUM_CHANNELS,
988 c->num_different_channels) ||
989 nla_put_u32(msg, NL80211_IFACE_COMB_MAXNUM,
990 c->max_interfaces))
991 goto nla_put_failure;
992 if (large &&
993 (nla_put_u32(msg, NL80211_IFACE_COMB_RADAR_DETECT_WIDTHS,
994 c->radar_detect_widths) ||
995 nla_put_u32(msg, NL80211_IFACE_COMB_RADAR_DETECT_REGIONS,
996 c->radar_detect_regions)))
997 goto nla_put_failure;
998
999 nla_nest_end(msg, nl_combi);
1000 }
1001
1002 nla_nest_end(msg, nl_combis);
1003
1004 return 0;
1005nla_put_failure:
1006 return -ENOBUFS;
1007}
1008
1009#ifdef CONFIG_PM
1010static int nl80211_send_wowlan_tcp_caps(struct cfg80211_registered_device *rdev,
1011 struct sk_buff *msg)
1012{
1013 const struct wiphy_wowlan_tcp_support *tcp = rdev->wiphy.wowlan->tcp;
1014 struct nlattr *nl_tcp;
1015
1016 if (!tcp)
1017 return 0;
1018
1019 nl_tcp = nla_nest_start(msg, NL80211_WOWLAN_TRIG_TCP_CONNECTION);
1020 if (!nl_tcp)
1021 return -ENOBUFS;
1022
1023 if (nla_put_u32(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD,
1024 tcp->data_payload_max))
1025 return -ENOBUFS;
1026
1027 if (nla_put_u32(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD,
1028 tcp->data_payload_max))
1029 return -ENOBUFS;
1030
1031 if (tcp->seq && nla_put_flag(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ))
1032 return -ENOBUFS;
1033
1034 if (tcp->tok && nla_put(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN,
1035 sizeof(*tcp->tok), tcp->tok))
1036 return -ENOBUFS;
1037
1038 if (nla_put_u32(msg, NL80211_WOWLAN_TCP_DATA_INTERVAL,
1039 tcp->data_interval_max))
1040 return -ENOBUFS;
1041
1042 if (nla_put_u32(msg, NL80211_WOWLAN_TCP_WAKE_PAYLOAD,
1043 tcp->wake_payload_max))
1044 return -ENOBUFS;
1045
1046 nla_nest_end(msg, nl_tcp);
1047 return 0;
1048}
1049
1050static int nl80211_send_wowlan(struct sk_buff *msg,
1051 struct cfg80211_registered_device *rdev,
1052 bool large)
1053{
1054 struct nlattr *nl_wowlan;
1055
1056 if (!rdev->wiphy.wowlan)
1057 return 0;
1058
1059 nl_wowlan = nla_nest_start(msg, NL80211_ATTR_WOWLAN_TRIGGERS_SUPPORTED);
1060 if (!nl_wowlan)
1061 return -ENOBUFS;
1062
1063 if (((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_ANY) &&
1064 nla_put_flag(msg, NL80211_WOWLAN_TRIG_ANY)) ||
1065 ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_DISCONNECT) &&
1066 nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT)) ||
1067 ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_MAGIC_PKT) &&
1068 nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT)) ||
1069 ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_SUPPORTS_GTK_REKEY) &&
1070 nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_SUPPORTED)) ||
1071 ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_GTK_REKEY_FAILURE) &&
1072 nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE)) ||
1073 ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_EAP_IDENTITY_REQ) &&
1074 nla_put_flag(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST)) ||
1075 ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_4WAY_HANDSHAKE) &&
1076 nla_put_flag(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE)) ||
1077 ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_RFKILL_RELEASE) &&
1078 nla_put_flag(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE)))
1079 return -ENOBUFS;
1080
1081 if (rdev->wiphy.wowlan->n_patterns) {
1082 struct nl80211_pattern_support pat = {
1083 .max_patterns = rdev->wiphy.wowlan->n_patterns,
1084 .min_pattern_len = rdev->wiphy.wowlan->pattern_min_len,
1085 .max_pattern_len = rdev->wiphy.wowlan->pattern_max_len,
1086 .max_pkt_offset = rdev->wiphy.wowlan->max_pkt_offset,
1087 };
1088
1089 if (nla_put(msg, NL80211_WOWLAN_TRIG_PKT_PATTERN,
1090 sizeof(pat), &pat))
1091 return -ENOBUFS;
1092 }
1093
1094 if ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_NET_DETECT) &&
1095 nla_put_u32(msg, NL80211_WOWLAN_TRIG_NET_DETECT,
1096 rdev->wiphy.wowlan->max_nd_match_sets))
1097 return -ENOBUFS;
1098
1099 if (large && nl80211_send_wowlan_tcp_caps(rdev, msg))
1100 return -ENOBUFS;
1101
1102 nla_nest_end(msg, nl_wowlan);
1103
1104 return 0;
1105}
1106#endif
1107
1108static int nl80211_send_coalesce(struct sk_buff *msg,
1109 struct cfg80211_registered_device *rdev)
1110{
1111 struct nl80211_coalesce_rule_support rule;
1112
1113 if (!rdev->wiphy.coalesce)
1114 return 0;
1115
1116 rule.max_rules = rdev->wiphy.coalesce->n_rules;
1117 rule.max_delay = rdev->wiphy.coalesce->max_delay;
1118 rule.pat.max_patterns = rdev->wiphy.coalesce->n_patterns;
1119 rule.pat.min_pattern_len = rdev->wiphy.coalesce->pattern_min_len;
1120 rule.pat.max_pattern_len = rdev->wiphy.coalesce->pattern_max_len;
1121 rule.pat.max_pkt_offset = rdev->wiphy.coalesce->max_pkt_offset;
1122
1123 if (nla_put(msg, NL80211_ATTR_COALESCE_RULE, sizeof(rule), &rule))
1124 return -ENOBUFS;
1125
1126 return 0;
1127}
1128
1129static int nl80211_send_band_rateinfo(struct sk_buff *msg,
1130 struct ieee80211_supported_band *sband)
1131{
1132 struct nlattr *nl_rates, *nl_rate;
1133 struct ieee80211_rate *rate;
1134 int i;
1135
1136
1137 if (sband->ht_cap.ht_supported &&
1138 (nla_put(msg, NL80211_BAND_ATTR_HT_MCS_SET,
1139 sizeof(sband->ht_cap.mcs),
1140 &sband->ht_cap.mcs) ||
1141 nla_put_u16(msg, NL80211_BAND_ATTR_HT_CAPA,
1142 sband->ht_cap.cap) ||
1143 nla_put_u8(msg, NL80211_BAND_ATTR_HT_AMPDU_FACTOR,
1144 sband->ht_cap.ampdu_factor) ||
1145 nla_put_u8(msg, NL80211_BAND_ATTR_HT_AMPDU_DENSITY,
1146 sband->ht_cap.ampdu_density)))
1147 return -ENOBUFS;
1148
1149
1150 if (sband->vht_cap.vht_supported &&
1151 (nla_put(msg, NL80211_BAND_ATTR_VHT_MCS_SET,
1152 sizeof(sband->vht_cap.vht_mcs),
1153 &sband->vht_cap.vht_mcs) ||
1154 nla_put_u32(msg, NL80211_BAND_ATTR_VHT_CAPA,
1155 sband->vht_cap.cap)))
1156 return -ENOBUFS;
1157
1158
1159 nl_rates = nla_nest_start(msg, NL80211_BAND_ATTR_RATES);
1160 if (!nl_rates)
1161 return -ENOBUFS;
1162
1163 for (i = 0; i < sband->n_bitrates; i++) {
1164 nl_rate = nla_nest_start(msg, i);
1165 if (!nl_rate)
1166 return -ENOBUFS;
1167
1168 rate = &sband->bitrates[i];
1169 if (nla_put_u32(msg, NL80211_BITRATE_ATTR_RATE,
1170 rate->bitrate))
1171 return -ENOBUFS;
1172 if ((rate->flags & IEEE80211_RATE_SHORT_PREAMBLE) &&
1173 nla_put_flag(msg,
1174 NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE))
1175 return -ENOBUFS;
1176
1177 nla_nest_end(msg, nl_rate);
1178 }
1179
1180 nla_nest_end(msg, nl_rates);
1181
1182 return 0;
1183}
1184
1185static int
1186nl80211_send_mgmt_stypes(struct sk_buff *msg,
1187 const struct ieee80211_txrx_stypes *mgmt_stypes)
1188{
1189 u16 stypes;
1190 struct nlattr *nl_ftypes, *nl_ifs;
1191 enum nl80211_iftype ift;
1192 int i;
1193
1194 if (!mgmt_stypes)
1195 return 0;
1196
1197 nl_ifs = nla_nest_start(msg, NL80211_ATTR_TX_FRAME_TYPES);
1198 if (!nl_ifs)
1199 return -ENOBUFS;
1200
1201 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) {
1202 nl_ftypes = nla_nest_start(msg, ift);
1203 if (!nl_ftypes)
1204 return -ENOBUFS;
1205 i = 0;
1206 stypes = mgmt_stypes[ift].tx;
1207 while (stypes) {
1208 if ((stypes & 1) &&
1209 nla_put_u16(msg, NL80211_ATTR_FRAME_TYPE,
1210 (i << 4) | IEEE80211_FTYPE_MGMT))
1211 return -ENOBUFS;
1212 stypes >>= 1;
1213 i++;
1214 }
1215 nla_nest_end(msg, nl_ftypes);
1216 }
1217
1218 nla_nest_end(msg, nl_ifs);
1219
1220 nl_ifs = nla_nest_start(msg, NL80211_ATTR_RX_FRAME_TYPES);
1221 if (!nl_ifs)
1222 return -ENOBUFS;
1223
1224 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) {
1225 nl_ftypes = nla_nest_start(msg, ift);
1226 if (!nl_ftypes)
1227 return -ENOBUFS;
1228 i = 0;
1229 stypes = mgmt_stypes[ift].rx;
1230 while (stypes) {
1231 if ((stypes & 1) &&
1232 nla_put_u16(msg, NL80211_ATTR_FRAME_TYPE,
1233 (i << 4) | IEEE80211_FTYPE_MGMT))
1234 return -ENOBUFS;
1235 stypes >>= 1;
1236 i++;
1237 }
1238 nla_nest_end(msg, nl_ftypes);
1239 }
1240 nla_nest_end(msg, nl_ifs);
1241
1242 return 0;
1243}
1244
1245struct nl80211_dump_wiphy_state {
1246 s64 filter_wiphy;
1247 long start;
1248 long split_start, band_start, chan_start;
1249 bool split;
1250};
1251
1252static int nl80211_send_wiphy(struct cfg80211_registered_device *rdev,
1253 enum nl80211_commands cmd,
1254 struct sk_buff *msg, u32 portid, u32 seq,
1255 int flags, struct nl80211_dump_wiphy_state *state)
1256{
1257 void *hdr;
1258 struct nlattr *nl_bands, *nl_band;
1259 struct nlattr *nl_freqs, *nl_freq;
1260 struct nlattr *nl_cmds;
1261 enum ieee80211_band band;
1262 struct ieee80211_channel *chan;
1263 int i;
1264 const struct ieee80211_txrx_stypes *mgmt_stypes =
1265 rdev->wiphy.mgmt_stypes;
1266 u32 features;
1267
1268 hdr = nl80211hdr_put(msg, portid, seq, flags, cmd);
1269 if (!hdr)
1270 return -ENOBUFS;
1271
1272 if (WARN_ON(!state))
1273 return -EINVAL;
1274
1275 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
1276 nla_put_string(msg, NL80211_ATTR_WIPHY_NAME,
1277 wiphy_name(&rdev->wiphy)) ||
1278 nla_put_u32(msg, NL80211_ATTR_GENERATION,
1279 cfg80211_rdev_list_generation))
1280 goto nla_put_failure;
1281
1282 if (cmd != NL80211_CMD_NEW_WIPHY)
1283 goto finish;
1284
1285 switch (state->split_start) {
1286 case 0:
1287 if (nla_put_u8(msg, NL80211_ATTR_WIPHY_RETRY_SHORT,
1288 rdev->wiphy.retry_short) ||
1289 nla_put_u8(msg, NL80211_ATTR_WIPHY_RETRY_LONG,
1290 rdev->wiphy.retry_long) ||
1291 nla_put_u32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD,
1292 rdev->wiphy.frag_threshold) ||
1293 nla_put_u32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD,
1294 rdev->wiphy.rts_threshold) ||
1295 nla_put_u8(msg, NL80211_ATTR_WIPHY_COVERAGE_CLASS,
1296 rdev->wiphy.coverage_class) ||
1297 nla_put_u8(msg, NL80211_ATTR_MAX_NUM_SCAN_SSIDS,
1298 rdev->wiphy.max_scan_ssids) ||
1299 nla_put_u8(msg, NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS,
1300 rdev->wiphy.max_sched_scan_ssids) ||
1301 nla_put_u16(msg, NL80211_ATTR_MAX_SCAN_IE_LEN,
1302 rdev->wiphy.max_scan_ie_len) ||
1303 nla_put_u16(msg, NL80211_ATTR_MAX_SCHED_SCAN_IE_LEN,
1304 rdev->wiphy.max_sched_scan_ie_len) ||
1305 nla_put_u8(msg, NL80211_ATTR_MAX_MATCH_SETS,
1306 rdev->wiphy.max_match_sets))
1307 goto nla_put_failure;
1308
1309 if ((rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN) &&
1310 nla_put_flag(msg, NL80211_ATTR_SUPPORT_IBSS_RSN))
1311 goto nla_put_failure;
1312 if ((rdev->wiphy.flags & WIPHY_FLAG_MESH_AUTH) &&
1313 nla_put_flag(msg, NL80211_ATTR_SUPPORT_MESH_AUTH))
1314 goto nla_put_failure;
1315 if ((rdev->wiphy.flags & WIPHY_FLAG_AP_UAPSD) &&
1316 nla_put_flag(msg, NL80211_ATTR_SUPPORT_AP_UAPSD))
1317 goto nla_put_failure;
1318 if ((rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_FW_ROAM) &&
1319 nla_put_flag(msg, NL80211_ATTR_ROAM_SUPPORT))
1320 goto nla_put_failure;
1321 if ((rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) &&
1322 nla_put_flag(msg, NL80211_ATTR_TDLS_SUPPORT))
1323 goto nla_put_failure;
1324 if ((rdev->wiphy.flags & WIPHY_FLAG_TDLS_EXTERNAL_SETUP) &&
1325 nla_put_flag(msg, NL80211_ATTR_TDLS_EXTERNAL_SETUP))
1326 goto nla_put_failure;
1327 state->split_start++;
1328 if (state->split)
1329 break;
1330 case 1:
1331 if (nla_put(msg, NL80211_ATTR_CIPHER_SUITES,
1332 sizeof(u32) * rdev->wiphy.n_cipher_suites,
1333 rdev->wiphy.cipher_suites))
1334 goto nla_put_failure;
1335
1336 if (nla_put_u8(msg, NL80211_ATTR_MAX_NUM_PMKIDS,
1337 rdev->wiphy.max_num_pmkids))
1338 goto nla_put_failure;
1339
1340 if ((rdev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) &&
1341 nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE))
1342 goto nla_put_failure;
1343
1344 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_TX,
1345 rdev->wiphy.available_antennas_tx) ||
1346 nla_put_u32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_RX,
1347 rdev->wiphy.available_antennas_rx))
1348 goto nla_put_failure;
1349
1350 if ((rdev->wiphy.flags & WIPHY_FLAG_AP_PROBE_RESP_OFFLOAD) &&
1351 nla_put_u32(msg, NL80211_ATTR_PROBE_RESP_OFFLOAD,
1352 rdev->wiphy.probe_resp_offload))
1353 goto nla_put_failure;
1354
1355 if ((rdev->wiphy.available_antennas_tx ||
1356 rdev->wiphy.available_antennas_rx) &&
1357 rdev->ops->get_antenna) {
1358 u32 tx_ant = 0, rx_ant = 0;
1359 int res;
1360 res = rdev_get_antenna(rdev, &tx_ant, &rx_ant);
1361 if (!res) {
1362 if (nla_put_u32(msg,
1363 NL80211_ATTR_WIPHY_ANTENNA_TX,
1364 tx_ant) ||
1365 nla_put_u32(msg,
1366 NL80211_ATTR_WIPHY_ANTENNA_RX,
1367 rx_ant))
1368 goto nla_put_failure;
1369 }
1370 }
1371
1372 state->split_start++;
1373 if (state->split)
1374 break;
1375 case 2:
1376 if (nl80211_put_iftypes(msg, NL80211_ATTR_SUPPORTED_IFTYPES,
1377 rdev->wiphy.interface_modes))
1378 goto nla_put_failure;
1379 state->split_start++;
1380 if (state->split)
1381 break;
1382 case 3:
1383 nl_bands = nla_nest_start(msg, NL80211_ATTR_WIPHY_BANDS);
1384 if (!nl_bands)
1385 goto nla_put_failure;
1386
1387 for (band = state->band_start;
1388 band < IEEE80211_NUM_BANDS; band++) {
1389 struct ieee80211_supported_band *sband;
1390
1391 sband = rdev->wiphy.bands[band];
1392
1393 if (!sband)
1394 continue;
1395
1396 nl_band = nla_nest_start(msg, band);
1397 if (!nl_band)
1398 goto nla_put_failure;
1399
1400 switch (state->chan_start) {
1401 case 0:
1402 if (nl80211_send_band_rateinfo(msg, sband))
1403 goto nla_put_failure;
1404 state->chan_start++;
1405 if (state->split)
1406 break;
1407 default:
1408
1409 nl_freqs = nla_nest_start(
1410 msg, NL80211_BAND_ATTR_FREQS);
1411 if (!nl_freqs)
1412 goto nla_put_failure;
1413
1414 for (i = state->chan_start - 1;
1415 i < sband->n_channels;
1416 i++) {
1417 nl_freq = nla_nest_start(msg, i);
1418 if (!nl_freq)
1419 goto nla_put_failure;
1420
1421 chan = &sband->channels[i];
1422
1423 if (nl80211_msg_put_channel(
1424 msg, chan,
1425 state->split))
1426 goto nla_put_failure;
1427
1428 nla_nest_end(msg, nl_freq);
1429 if (state->split)
1430 break;
1431 }
1432 if (i < sband->n_channels)
1433 state->chan_start = i + 2;
1434 else
1435 state->chan_start = 0;
1436 nla_nest_end(msg, nl_freqs);
1437 }
1438
1439 nla_nest_end(msg, nl_band);
1440
1441 if (state->split) {
1442
1443 if (state->chan_start)
1444 band--;
1445 break;
1446 }
1447 }
1448 nla_nest_end(msg, nl_bands);
1449
1450 if (band < IEEE80211_NUM_BANDS)
1451 state->band_start = band + 1;
1452 else
1453 state->band_start = 0;
1454
1455
1456 if (state->band_start == 0 && state->chan_start == 0)
1457 state->split_start++;
1458 if (state->split)
1459 break;
1460 case 4:
1461 nl_cmds = nla_nest_start(msg, NL80211_ATTR_SUPPORTED_COMMANDS);
1462 if (!nl_cmds)
1463 goto nla_put_failure;
1464
1465 i = 0;
1466#define CMD(op, n) \
1467 do { \
1468 if (rdev->ops->op) { \
1469 i++; \
1470 if (nla_put_u32(msg, i, NL80211_CMD_ ## n)) \
1471 goto nla_put_failure; \
1472 } \
1473 } while (0)
1474
1475 CMD(add_virtual_intf, NEW_INTERFACE);
1476 CMD(change_virtual_intf, SET_INTERFACE);
1477 CMD(add_key, NEW_KEY);
1478 CMD(start_ap, START_AP);
1479 CMD(add_station, NEW_STATION);
1480 CMD(add_mpath, NEW_MPATH);
1481 CMD(update_mesh_config, SET_MESH_CONFIG);
1482 CMD(change_bss, SET_BSS);
1483 CMD(auth, AUTHENTICATE);
1484 CMD(assoc, ASSOCIATE);
1485 CMD(deauth, DEAUTHENTICATE);
1486 CMD(disassoc, DISASSOCIATE);
1487 CMD(join_ibss, JOIN_IBSS);
1488 CMD(join_mesh, JOIN_MESH);
1489 CMD(set_pmksa, SET_PMKSA);
1490 CMD(del_pmksa, DEL_PMKSA);
1491 CMD(flush_pmksa, FLUSH_PMKSA);
1492 if (rdev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL)
1493 CMD(remain_on_channel, REMAIN_ON_CHANNEL);
1494 CMD(set_bitrate_mask, SET_TX_BITRATE_MASK);
1495 CMD(mgmt_tx, FRAME);
1496 CMD(mgmt_tx_cancel_wait, FRAME_WAIT_CANCEL);
1497 if (rdev->wiphy.flags & WIPHY_FLAG_NETNS_OK) {
1498 i++;
1499 if (nla_put_u32(msg, i, NL80211_CMD_SET_WIPHY_NETNS))
1500 goto nla_put_failure;
1501 }
1502 if (rdev->ops->set_monitor_channel || rdev->ops->start_ap ||
1503 rdev->ops->join_mesh) {
1504 i++;
1505 if (nla_put_u32(msg, i, NL80211_CMD_SET_CHANNEL))
1506 goto nla_put_failure;
1507 }
1508 CMD(set_wds_peer, SET_WDS_PEER);
1509 if (rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) {
1510 CMD(tdls_mgmt, TDLS_MGMT);
1511 CMD(tdls_oper, TDLS_OPER);
1512 }
1513 if (rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN)
1514 CMD(sched_scan_start, START_SCHED_SCAN);
1515 CMD(probe_client, PROBE_CLIENT);
1516 CMD(set_noack_map, SET_NOACK_MAP);
1517 if (rdev->wiphy.flags & WIPHY_FLAG_REPORTS_OBSS) {
1518 i++;
1519 if (nla_put_u32(msg, i, NL80211_CMD_REGISTER_BEACONS))
1520 goto nla_put_failure;
1521 }
1522 CMD(start_p2p_device, START_P2P_DEVICE);
1523 CMD(set_mcast_rate, SET_MCAST_RATE);
1524#ifdef CONFIG_NL80211_TESTMODE
1525 CMD(testmode_cmd, TESTMODE);
1526#endif
1527 if (state->split) {
1528 CMD(crit_proto_start, CRIT_PROTOCOL_START);
1529 CMD(crit_proto_stop, CRIT_PROTOCOL_STOP);
1530 if (rdev->wiphy.flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH)
1531 CMD(channel_switch, CHANNEL_SWITCH);
1532 CMD(set_qos_map, SET_QOS_MAP);
1533 if (rdev->wiphy.features &
1534 NL80211_FEATURE_SUPPORTS_WMM_ADMISSION)
1535 CMD(add_tx_ts, ADD_TX_TS);
1536 }
1537
1538#undef CMD
1539
1540 if (rdev->ops->connect || rdev->ops->auth) {
1541 i++;
1542 if (nla_put_u32(msg, i, NL80211_CMD_CONNECT))
1543 goto nla_put_failure;
1544 }
1545
1546 if (rdev->ops->disconnect || rdev->ops->deauth) {
1547 i++;
1548 if (nla_put_u32(msg, i, NL80211_CMD_DISCONNECT))
1549 goto nla_put_failure;
1550 }
1551
1552 nla_nest_end(msg, nl_cmds);
1553 state->split_start++;
1554 if (state->split)
1555 break;
1556 case 5:
1557 if (rdev->ops->remain_on_channel &&
1558 (rdev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL) &&
1559 nla_put_u32(msg,
1560 NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION,
1561 rdev->wiphy.max_remain_on_channel_duration))
1562 goto nla_put_failure;
1563
1564 if ((rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX) &&
1565 nla_put_flag(msg, NL80211_ATTR_OFFCHANNEL_TX_OK))
1566 goto nla_put_failure;
1567
1568 if (nl80211_send_mgmt_stypes(msg, mgmt_stypes))
1569 goto nla_put_failure;
1570 state->split_start++;
1571 if (state->split)
1572 break;
1573 case 6:
1574#ifdef CONFIG_PM
1575 if (nl80211_send_wowlan(msg, rdev, state->split))
1576 goto nla_put_failure;
1577 state->split_start++;
1578 if (state->split)
1579 break;
1580#else
1581 state->split_start++;
1582#endif
1583 case 7:
1584 if (nl80211_put_iftypes(msg, NL80211_ATTR_SOFTWARE_IFTYPES,
1585 rdev->wiphy.software_iftypes))
1586 goto nla_put_failure;
1587
1588 if (nl80211_put_iface_combinations(&rdev->wiphy, msg,
1589 state->split))
1590 goto nla_put_failure;
1591
1592 state->split_start++;
1593 if (state->split)
1594 break;
1595 case 8:
1596 if ((rdev->wiphy.flags & WIPHY_FLAG_HAVE_AP_SME) &&
1597 nla_put_u32(msg, NL80211_ATTR_DEVICE_AP_SME,
1598 rdev->wiphy.ap_sme_capa))
1599 goto nla_put_failure;
1600
1601 features = rdev->wiphy.features;
1602
1603
1604
1605
1606
1607 if (state->split)
1608 features |= NL80211_FEATURE_ADVERTISE_CHAN_LIMITS;
1609 if (nla_put_u32(msg, NL80211_ATTR_FEATURE_FLAGS, features))
1610 goto nla_put_failure;
1611
1612 if (rdev->wiphy.ht_capa_mod_mask &&
1613 nla_put(msg, NL80211_ATTR_HT_CAPABILITY_MASK,
1614 sizeof(*rdev->wiphy.ht_capa_mod_mask),
1615 rdev->wiphy.ht_capa_mod_mask))
1616 goto nla_put_failure;
1617
1618 if (rdev->wiphy.flags & WIPHY_FLAG_HAVE_AP_SME &&
1619 rdev->wiphy.max_acl_mac_addrs &&
1620 nla_put_u32(msg, NL80211_ATTR_MAC_ACL_MAX,
1621 rdev->wiphy.max_acl_mac_addrs))
1622 goto nla_put_failure;
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634 state->split_start++;
1635 break;
1636 case 9:
1637 if (rdev->wiphy.extended_capabilities &&
1638 (nla_put(msg, NL80211_ATTR_EXT_CAPA,
1639 rdev->wiphy.extended_capabilities_len,
1640 rdev->wiphy.extended_capabilities) ||
1641 nla_put(msg, NL80211_ATTR_EXT_CAPA_MASK,
1642 rdev->wiphy.extended_capabilities_len,
1643 rdev->wiphy.extended_capabilities_mask)))
1644 goto nla_put_failure;
1645
1646 if (rdev->wiphy.vht_capa_mod_mask &&
1647 nla_put(msg, NL80211_ATTR_VHT_CAPABILITY_MASK,
1648 sizeof(*rdev->wiphy.vht_capa_mod_mask),
1649 rdev->wiphy.vht_capa_mod_mask))
1650 goto nla_put_failure;
1651
1652 state->split_start++;
1653 break;
1654 case 10:
1655 if (nl80211_send_coalesce(msg, rdev))
1656 goto nla_put_failure;
1657
1658 if ((rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_5_10_MHZ) &&
1659 (nla_put_flag(msg, NL80211_ATTR_SUPPORT_5_MHZ) ||
1660 nla_put_flag(msg, NL80211_ATTR_SUPPORT_10_MHZ)))
1661 goto nla_put_failure;
1662
1663 if (rdev->wiphy.max_ap_assoc_sta &&
1664 nla_put_u32(msg, NL80211_ATTR_MAX_AP_ASSOC_STA,
1665 rdev->wiphy.max_ap_assoc_sta))
1666 goto nla_put_failure;
1667
1668 state->split_start++;
1669 break;
1670 case 11:
1671 if (rdev->wiphy.n_vendor_commands) {
1672 const struct nl80211_vendor_cmd_info *info;
1673 struct nlattr *nested;
1674
1675 nested = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA);
1676 if (!nested)
1677 goto nla_put_failure;
1678
1679 for (i = 0; i < rdev->wiphy.n_vendor_commands; i++) {
1680 info = &rdev->wiphy.vendor_commands[i].info;
1681 if (nla_put(msg, i + 1, sizeof(*info), info))
1682 goto nla_put_failure;
1683 }
1684 nla_nest_end(msg, nested);
1685 }
1686
1687 if (rdev->wiphy.n_vendor_events) {
1688 const struct nl80211_vendor_cmd_info *info;
1689 struct nlattr *nested;
1690
1691 nested = nla_nest_start(msg,
1692 NL80211_ATTR_VENDOR_EVENTS);
1693 if (!nested)
1694 goto nla_put_failure;
1695
1696 for (i = 0; i < rdev->wiphy.n_vendor_events; i++) {
1697 info = &rdev->wiphy.vendor_events[i];
1698 if (nla_put(msg, i + 1, sizeof(*info), info))
1699 goto nla_put_failure;
1700 }
1701 nla_nest_end(msg, nested);
1702 }
1703 state->split_start++;
1704 break;
1705 case 12:
1706 if (rdev->wiphy.flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH &&
1707 nla_put_u8(msg, NL80211_ATTR_MAX_CSA_COUNTERS,
1708 rdev->wiphy.max_num_csa_counters))
1709 goto nla_put_failure;
1710
1711 if (rdev->wiphy.regulatory_flags & REGULATORY_WIPHY_SELF_MANAGED &&
1712 nla_put_flag(msg, NL80211_ATTR_WIPHY_SELF_MANAGED_REG))
1713 goto nla_put_failure;
1714
1715 if (nla_put(msg, NL80211_ATTR_EXT_FEATURES,
1716 sizeof(rdev->wiphy.ext_features),
1717 rdev->wiphy.ext_features))
1718 goto nla_put_failure;
1719
1720
1721 state->split_start = 0;
1722 break;
1723 }
1724 finish:
1725 genlmsg_end(msg, hdr);
1726 return 0;
1727
1728 nla_put_failure:
1729 genlmsg_cancel(msg, hdr);
1730 return -EMSGSIZE;
1731}
1732
1733static int nl80211_dump_wiphy_parse(struct sk_buff *skb,
1734 struct netlink_callback *cb,
1735 struct nl80211_dump_wiphy_state *state)
1736{
1737 struct nlattr **tb = nl80211_fam.attrbuf;
1738 int ret = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize,
1739 tb, nl80211_fam.maxattr, nl80211_policy);
1740
1741 if (ret)
1742 return 0;
1743
1744 state->split = tb[NL80211_ATTR_SPLIT_WIPHY_DUMP];
1745 if (tb[NL80211_ATTR_WIPHY])
1746 state->filter_wiphy = nla_get_u32(tb[NL80211_ATTR_WIPHY]);
1747 if (tb[NL80211_ATTR_WDEV])
1748 state->filter_wiphy = nla_get_u64(tb[NL80211_ATTR_WDEV]) >> 32;
1749 if (tb[NL80211_ATTR_IFINDEX]) {
1750 struct net_device *netdev;
1751 struct cfg80211_registered_device *rdev;
1752 int ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
1753
1754 netdev = __dev_get_by_index(sock_net(skb->sk), ifidx);
1755 if (!netdev)
1756 return -ENODEV;
1757 if (netdev->ieee80211_ptr) {
1758 rdev = wiphy_to_rdev(
1759 netdev->ieee80211_ptr->wiphy);
1760 state->filter_wiphy = rdev->wiphy_idx;
1761 }
1762 }
1763
1764 return 0;
1765}
1766
1767static int nl80211_dump_wiphy(struct sk_buff *skb, struct netlink_callback *cb)
1768{
1769 int idx = 0, ret;
1770 struct nl80211_dump_wiphy_state *state = (void *)cb->args[0];
1771 struct cfg80211_registered_device *rdev;
1772
1773 rtnl_lock();
1774 if (!state) {
1775 state = kzalloc(sizeof(*state), GFP_KERNEL);
1776 if (!state) {
1777 rtnl_unlock();
1778 return -ENOMEM;
1779 }
1780 state->filter_wiphy = -1;
1781 ret = nl80211_dump_wiphy_parse(skb, cb, state);
1782 if (ret) {
1783 kfree(state);
1784 rtnl_unlock();
1785 return ret;
1786 }
1787 cb->args[0] = (long)state;
1788 }
1789
1790 list_for_each_entry(rdev, &cfg80211_rdev_list, list) {
1791 if (!net_eq(wiphy_net(&rdev->wiphy), sock_net(skb->sk)))
1792 continue;
1793 if (++idx <= state->start)
1794 continue;
1795 if (state->filter_wiphy != -1 &&
1796 state->filter_wiphy != rdev->wiphy_idx)
1797 continue;
1798
1799 do {
1800 ret = nl80211_send_wiphy(rdev, NL80211_CMD_NEW_WIPHY,
1801 skb,
1802 NETLINK_CB(cb->skb).portid,
1803 cb->nlh->nlmsg_seq,
1804 NLM_F_MULTI, state);
1805 if (ret < 0) {
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819 if ((ret == -ENOBUFS || ret == -EMSGSIZE) &&
1820 !skb->len && !state->split &&
1821 cb->min_dump_alloc < 4096) {
1822 cb->min_dump_alloc = 4096;
1823 state->split_start = 0;
1824 rtnl_unlock();
1825 return 1;
1826 }
1827 idx--;
1828 break;
1829 }
1830 } while (state->split_start > 0);
1831 break;
1832 }
1833 rtnl_unlock();
1834
1835 state->start = idx;
1836
1837 return skb->len;
1838}
1839
1840static int nl80211_dump_wiphy_done(struct netlink_callback *cb)
1841{
1842 kfree((void *)cb->args[0]);
1843 return 0;
1844}
1845
1846static int nl80211_get_wiphy(struct sk_buff *skb, struct genl_info *info)
1847{
1848 struct sk_buff *msg;
1849 struct cfg80211_registered_device *rdev = info->user_ptr[0];
1850 struct nl80211_dump_wiphy_state state = {};
1851
1852 msg = nlmsg_new(4096, GFP_KERNEL);
1853 if (!msg)
1854 return -ENOMEM;
1855
1856 if (nl80211_send_wiphy(rdev, NL80211_CMD_NEW_WIPHY, msg,
1857 info->snd_portid, info->snd_seq, 0,
1858 &state) < 0) {
1859 nlmsg_free(msg);
1860 return -ENOBUFS;
1861 }
1862
1863 return genlmsg_reply(msg, info);
1864}
1865
1866static const struct nla_policy txq_params_policy[NL80211_TXQ_ATTR_MAX + 1] = {
1867 [NL80211_TXQ_ATTR_QUEUE] = { .type = NLA_U8 },
1868 [NL80211_TXQ_ATTR_TXOP] = { .type = NLA_U16 },
1869 [NL80211_TXQ_ATTR_CWMIN] = { .type = NLA_U16 },
1870 [NL80211_TXQ_ATTR_CWMAX] = { .type = NLA_U16 },
1871 [NL80211_TXQ_ATTR_AIFS] = { .type = NLA_U8 },
1872};
1873
1874static int parse_txq_params(struct nlattr *tb[],
1875 struct ieee80211_txq_params *txq_params)
1876{
1877 if (!tb[NL80211_TXQ_ATTR_AC] || !tb[NL80211_TXQ_ATTR_TXOP] ||
1878 !tb[NL80211_TXQ_ATTR_CWMIN] || !tb[NL80211_TXQ_ATTR_CWMAX] ||
1879 !tb[NL80211_TXQ_ATTR_AIFS])
1880 return -EINVAL;
1881
1882 txq_params->ac = nla_get_u8(tb[NL80211_TXQ_ATTR_AC]);
1883 txq_params->txop = nla_get_u16(tb[NL80211_TXQ_ATTR_TXOP]);
1884 txq_params->cwmin = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMIN]);
1885 txq_params->cwmax = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMAX]);
1886 txq_params->aifs = nla_get_u8(tb[NL80211_TXQ_ATTR_AIFS]);
1887
1888 if (txq_params->ac >= NL80211_NUM_ACS)
1889 return -EINVAL;
1890
1891 return 0;
1892}
1893
1894static bool nl80211_can_set_dev_channel(struct wireless_dev *wdev)
1895{
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
1911 return !wdev ||
1912 wdev->iftype == NL80211_IFTYPE_AP ||
1913 wdev->iftype == NL80211_IFTYPE_MESH_POINT ||
1914 wdev->iftype == NL80211_IFTYPE_MONITOR ||
1915 wdev->iftype == NL80211_IFTYPE_P2P_GO;
1916}
1917
1918static int nl80211_parse_chandef(struct cfg80211_registered_device *rdev,
1919 struct genl_info *info,
1920 struct cfg80211_chan_def *chandef)
1921{
1922 u32 control_freq;
1923
1924 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ])
1925 return -EINVAL;
1926
1927 control_freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]);
1928
1929 chandef->chan = ieee80211_get_channel(&rdev->wiphy, control_freq);
1930 chandef->width = NL80211_CHAN_WIDTH_20_NOHT;
1931 chandef->center_freq1 = control_freq;
1932 chandef->center_freq2 = 0;
1933
1934
1935 if (!chandef->chan || chandef->chan->flags & IEEE80211_CHAN_DISABLED)
1936 return -EINVAL;
1937
1938 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) {
1939 enum nl80211_channel_type chantype;
1940
1941 chantype = nla_get_u32(
1942 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
1943
1944 switch (chantype) {
1945 case NL80211_CHAN_NO_HT:
1946 case NL80211_CHAN_HT20:
1947 case NL80211_CHAN_HT40PLUS:
1948 case NL80211_CHAN_HT40MINUS:
1949 cfg80211_chandef_create(chandef, chandef->chan,
1950 chantype);
1951 break;
1952 default:
1953 return -EINVAL;
1954 }
1955 } else if (info->attrs[NL80211_ATTR_CHANNEL_WIDTH]) {
1956 chandef->width =
1957 nla_get_u32(info->attrs[NL80211_ATTR_CHANNEL_WIDTH]);
1958 if (info->attrs[NL80211_ATTR_CENTER_FREQ1])
1959 chandef->center_freq1 =
1960 nla_get_u32(
1961 info->attrs[NL80211_ATTR_CENTER_FREQ1]);
1962 if (info->attrs[NL80211_ATTR_CENTER_FREQ2])
1963 chandef->center_freq2 =
1964 nla_get_u32(
1965 info->attrs[NL80211_ATTR_CENTER_FREQ2]);
1966 }
1967
1968 if (!cfg80211_chandef_valid(chandef))
1969 return -EINVAL;
1970
1971 if (!cfg80211_chandef_usable(&rdev->wiphy, chandef,
1972 IEEE80211_CHAN_DISABLED))
1973 return -EINVAL;
1974
1975 if ((chandef->width == NL80211_CHAN_WIDTH_5 ||
1976 chandef->width == NL80211_CHAN_WIDTH_10) &&
1977 !(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_5_10_MHZ))
1978 return -EINVAL;
1979
1980 return 0;
1981}
1982
1983static int __nl80211_set_channel(struct cfg80211_registered_device *rdev,
1984 struct net_device *dev,
1985 struct genl_info *info)
1986{
1987 struct cfg80211_chan_def chandef;
1988 int result;
1989 enum nl80211_iftype iftype = NL80211_IFTYPE_MONITOR;
1990 struct wireless_dev *wdev = NULL;
1991
1992 if (dev)
1993 wdev = dev->ieee80211_ptr;
1994 if (!nl80211_can_set_dev_channel(wdev))
1995 return -EOPNOTSUPP;
1996 if (wdev)
1997 iftype = wdev->iftype;
1998
1999 result = nl80211_parse_chandef(rdev, info, &chandef);
2000 if (result)
2001 return result;
2002
2003 switch (iftype) {
2004 case NL80211_IFTYPE_AP:
2005 case NL80211_IFTYPE_P2P_GO:
2006 if (!cfg80211_reg_can_beacon(&rdev->wiphy, &chandef, iftype)) {
2007 result = -EINVAL;
2008 break;
2009 }
2010 if (wdev->beacon_interval) {
2011 if (!dev || !rdev->ops->set_ap_chanwidth ||
2012 !(rdev->wiphy.features &
2013 NL80211_FEATURE_AP_MODE_CHAN_WIDTH_CHANGE)) {
2014 result = -EBUSY;
2015 break;
2016 }
2017
2018
2019 if (chandef.chan != wdev->preset_chandef.chan) {
2020 result = -EBUSY;
2021 break;
2022 }
2023 result = rdev_set_ap_chanwidth(rdev, dev, &chandef);
2024 if (result)
2025 break;
2026 }
2027 wdev->preset_chandef = chandef;
2028 result = 0;
2029 break;
2030 case NL80211_IFTYPE_MESH_POINT:
2031 result = cfg80211_set_mesh_channel(rdev, wdev, &chandef);
2032 break;
2033 case NL80211_IFTYPE_MONITOR:
2034 result = cfg80211_set_monitor_channel(rdev, &chandef);
2035 break;
2036 default:
2037 result = -EINVAL;
2038 }
2039
2040 return result;
2041}
2042
2043static int nl80211_set_channel(struct sk_buff *skb, struct genl_info *info)
2044{
2045 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2046 struct net_device *netdev = info->user_ptr[1];
2047
2048 return __nl80211_set_channel(rdev, netdev, info);
2049}
2050
2051static int nl80211_set_wds_peer(struct sk_buff *skb, struct genl_info *info)
2052{
2053 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2054 struct net_device *dev = info->user_ptr[1];
2055 struct wireless_dev *wdev = dev->ieee80211_ptr;
2056 const u8 *bssid;
2057
2058 if (!info->attrs[NL80211_ATTR_MAC])
2059 return -EINVAL;
2060
2061 if (netif_running(dev))
2062 return -EBUSY;
2063
2064 if (!rdev->ops->set_wds_peer)
2065 return -EOPNOTSUPP;
2066
2067 if (wdev->iftype != NL80211_IFTYPE_WDS)
2068 return -EOPNOTSUPP;
2069
2070 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
2071 return rdev_set_wds_peer(rdev, dev, bssid);
2072}
2073
2074
2075static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info)
2076{
2077 struct cfg80211_registered_device *rdev;
2078 struct net_device *netdev = NULL;
2079 struct wireless_dev *wdev;
2080 int result = 0, rem_txq_params = 0;
2081 struct nlattr *nl_txq_params;
2082 u32 changed;
2083 u8 retry_short = 0, retry_long = 0;
2084 u32 frag_threshold = 0, rts_threshold = 0;
2085 u8 coverage_class = 0;
2086
2087 ASSERT_RTNL();
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099 if (info->attrs[NL80211_ATTR_IFINDEX]) {
2100 int ifindex = nla_get_u32(info->attrs[NL80211_ATTR_IFINDEX]);
2101
2102 netdev = __dev_get_by_index(genl_info_net(info), ifindex);
2103 if (netdev && netdev->ieee80211_ptr)
2104 rdev = wiphy_to_rdev(netdev->ieee80211_ptr->wiphy);
2105 else
2106 netdev = NULL;
2107 }
2108
2109 if (!netdev) {
2110 rdev = __cfg80211_rdev_from_attrs(genl_info_net(info),
2111 info->attrs);
2112 if (IS_ERR(rdev))
2113 return PTR_ERR(rdev);
2114 wdev = NULL;
2115 netdev = NULL;
2116 result = 0;
2117 } else
2118 wdev = netdev->ieee80211_ptr;
2119
2120
2121
2122
2123
2124
2125 if (info->attrs[NL80211_ATTR_WIPHY_NAME])
2126 result = cfg80211_dev_rename(
2127 rdev, nla_data(info->attrs[NL80211_ATTR_WIPHY_NAME]));
2128
2129 if (result)
2130 return result;
2131
2132 if (info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS]) {
2133 struct ieee80211_txq_params txq_params;
2134 struct nlattr *tb[NL80211_TXQ_ATTR_MAX + 1];
2135
2136 if (!rdev->ops->set_txq_params)
2137 return -EOPNOTSUPP;
2138
2139 if (!netdev)
2140 return -EINVAL;
2141
2142 if (netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
2143 netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
2144 return -EINVAL;
2145
2146 if (!netif_running(netdev))
2147 return -ENETDOWN;
2148
2149 nla_for_each_nested(nl_txq_params,
2150 info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS],
2151 rem_txq_params) {
2152 result = nla_parse(tb, NL80211_TXQ_ATTR_MAX,
2153 nla_data(nl_txq_params),
2154 nla_len(nl_txq_params),
2155 txq_params_policy);
2156 if (result)
2157 return result;
2158 result = parse_txq_params(tb, &txq_params);
2159 if (result)
2160 return result;
2161
2162 result = rdev_set_txq_params(rdev, netdev,
2163 &txq_params);
2164 if (result)
2165 return result;
2166 }
2167 }
2168
2169 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
2170 result = __nl80211_set_channel(
2171 rdev,
2172 nl80211_can_set_dev_channel(wdev) ? netdev : NULL,
2173 info);
2174 if (result)
2175 return result;
2176 }
2177
2178 if (info->attrs[NL80211_ATTR_WIPHY_TX_POWER_SETTING]) {
2179 struct wireless_dev *txp_wdev = wdev;
2180 enum nl80211_tx_power_setting type;
2181 int idx, mbm = 0;
2182
2183 if (!(rdev->wiphy.features & NL80211_FEATURE_VIF_TXPOWER))
2184 txp_wdev = NULL;
2185
2186 if (!rdev->ops->set_tx_power)
2187 return -EOPNOTSUPP;
2188
2189 idx = NL80211_ATTR_WIPHY_TX_POWER_SETTING;
2190 type = nla_get_u32(info->attrs[idx]);
2191
2192 if (!info->attrs[NL80211_ATTR_WIPHY_TX_POWER_LEVEL] &&
2193 (type != NL80211_TX_POWER_AUTOMATIC))
2194 return -EINVAL;
2195
2196 if (type != NL80211_TX_POWER_AUTOMATIC) {
2197 idx = NL80211_ATTR_WIPHY_TX_POWER_LEVEL;
2198 mbm = nla_get_u32(info->attrs[idx]);
2199 }
2200
2201 result = rdev_set_tx_power(rdev, txp_wdev, type, mbm);
2202 if (result)
2203 return result;
2204 }
2205
2206 if (info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX] &&
2207 info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]) {
2208 u32 tx_ant, rx_ant;
2209 if ((!rdev->wiphy.available_antennas_tx &&
2210 !rdev->wiphy.available_antennas_rx) ||
2211 !rdev->ops->set_antenna)
2212 return -EOPNOTSUPP;
2213
2214 tx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX]);
2215 rx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]);
2216
2217
2218
2219 if ((~tx_ant && (tx_ant & ~rdev->wiphy.available_antennas_tx)) ||
2220 (~rx_ant && (rx_ant & ~rdev->wiphy.available_antennas_rx)))
2221 return -EINVAL;
2222
2223 tx_ant = tx_ant & rdev->wiphy.available_antennas_tx;
2224 rx_ant = rx_ant & rdev->wiphy.available_antennas_rx;
2225
2226 result = rdev_set_antenna(rdev, tx_ant, rx_ant);
2227 if (result)
2228 return result;
2229 }
2230
2231 changed = 0;
2232
2233 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]) {
2234 retry_short = nla_get_u8(
2235 info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]);
2236 if (retry_short == 0)
2237 return -EINVAL;
2238
2239 changed |= WIPHY_PARAM_RETRY_SHORT;
2240 }
2241
2242 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]) {
2243 retry_long = nla_get_u8(
2244 info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]);
2245 if (retry_long == 0)
2246 return -EINVAL;
2247
2248 changed |= WIPHY_PARAM_RETRY_LONG;
2249 }
2250
2251 if (info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]) {
2252 frag_threshold = nla_get_u32(
2253 info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]);
2254 if (frag_threshold < 256)
2255 return -EINVAL;
2256
2257 if (frag_threshold != (u32) -1) {
2258
2259
2260
2261
2262
2263
2264 frag_threshold &= ~0x1;
2265 }
2266 changed |= WIPHY_PARAM_FRAG_THRESHOLD;
2267 }
2268
2269 if (info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]) {
2270 rts_threshold = nla_get_u32(
2271 info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]);
2272 changed |= WIPHY_PARAM_RTS_THRESHOLD;
2273 }
2274
2275 if (info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]) {
2276 if (info->attrs[NL80211_ATTR_WIPHY_DYN_ACK])
2277 return -EINVAL;
2278
2279 coverage_class = nla_get_u8(
2280 info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]);
2281 changed |= WIPHY_PARAM_COVERAGE_CLASS;
2282 }
2283
2284 if (info->attrs[NL80211_ATTR_WIPHY_DYN_ACK]) {
2285 if (!(rdev->wiphy.features & NL80211_FEATURE_ACKTO_ESTIMATION))
2286 return -EOPNOTSUPP;
2287
2288 changed |= WIPHY_PARAM_DYN_ACK;
2289 }
2290
2291 if (changed) {
2292 u8 old_retry_short, old_retry_long;
2293 u32 old_frag_threshold, old_rts_threshold;
2294 u8 old_coverage_class;
2295
2296 if (!rdev->ops->set_wiphy_params)
2297 return -EOPNOTSUPP;
2298
2299 old_retry_short = rdev->wiphy.retry_short;
2300 old_retry_long = rdev->wiphy.retry_long;
2301 old_frag_threshold = rdev->wiphy.frag_threshold;
2302 old_rts_threshold = rdev->wiphy.rts_threshold;
2303 old_coverage_class = rdev->wiphy.coverage_class;
2304
2305 if (changed & WIPHY_PARAM_RETRY_SHORT)
2306 rdev->wiphy.retry_short = retry_short;
2307 if (changed & WIPHY_PARAM_RETRY_LONG)
2308 rdev->wiphy.retry_long = retry_long;
2309 if (changed & WIPHY_PARAM_FRAG_THRESHOLD)
2310 rdev->wiphy.frag_threshold = frag_threshold;
2311 if (changed & WIPHY_PARAM_RTS_THRESHOLD)
2312 rdev->wiphy.rts_threshold = rts_threshold;
2313 if (changed & WIPHY_PARAM_COVERAGE_CLASS)
2314 rdev->wiphy.coverage_class = coverage_class;
2315
2316 result = rdev_set_wiphy_params(rdev, changed);
2317 if (result) {
2318 rdev->wiphy.retry_short = old_retry_short;
2319 rdev->wiphy.retry_long = old_retry_long;
2320 rdev->wiphy.frag_threshold = old_frag_threshold;
2321 rdev->wiphy.rts_threshold = old_rts_threshold;
2322 rdev->wiphy.coverage_class = old_coverage_class;
2323 }
2324 }
2325 return 0;
2326}
2327
2328static inline u64 wdev_id(struct wireless_dev *wdev)
2329{
2330 return (u64)wdev->identifier |
2331 ((u64)wiphy_to_rdev(wdev->wiphy)->wiphy_idx << 32);
2332}
2333
2334static int nl80211_send_chandef(struct sk_buff *msg,
2335 const struct cfg80211_chan_def *chandef)
2336{
2337 if (WARN_ON(!cfg80211_chandef_valid(chandef)))
2338 return -EINVAL;
2339
2340 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ,
2341 chandef->chan->center_freq))
2342 return -ENOBUFS;
2343 switch (chandef->width) {
2344 case NL80211_CHAN_WIDTH_20_NOHT:
2345 case NL80211_CHAN_WIDTH_20:
2346 case NL80211_CHAN_WIDTH_40:
2347 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
2348 cfg80211_get_chandef_type(chandef)))
2349 return -ENOBUFS;
2350 break;
2351 default:
2352 break;
2353 }
2354 if (nla_put_u32(msg, NL80211_ATTR_CHANNEL_WIDTH, chandef->width))
2355 return -ENOBUFS;
2356 if (nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ1, chandef->center_freq1))
2357 return -ENOBUFS;
2358 if (chandef->center_freq2 &&
2359 nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ2, chandef->center_freq2))
2360 return -ENOBUFS;
2361 return 0;
2362}
2363
2364static int nl80211_send_iface(struct sk_buff *msg, u32 portid, u32 seq, int flags,
2365 struct cfg80211_registered_device *rdev,
2366 struct wireless_dev *wdev, bool removal)
2367{
2368 struct net_device *dev = wdev->netdev;
2369 u8 cmd = NL80211_CMD_NEW_INTERFACE;
2370 void *hdr;
2371
2372 if (removal)
2373 cmd = NL80211_CMD_DEL_INTERFACE;
2374
2375 hdr = nl80211hdr_put(msg, portid, seq, flags, cmd);
2376 if (!hdr)
2377 return -1;
2378
2379 if (dev &&
2380 (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
2381 nla_put_string(msg, NL80211_ATTR_IFNAME, dev->name)))
2382 goto nla_put_failure;
2383
2384 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
2385 nla_put_u32(msg, NL80211_ATTR_IFTYPE, wdev->iftype) ||
2386 nla_put_u64(msg, NL80211_ATTR_WDEV, wdev_id(wdev)) ||
2387 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, wdev_address(wdev)) ||
2388 nla_put_u32(msg, NL80211_ATTR_GENERATION,
2389 rdev->devlist_generation ^
2390 (cfg80211_rdev_list_generation << 2)))
2391 goto nla_put_failure;
2392
2393 if (rdev->ops->get_channel) {
2394 int ret;
2395 struct cfg80211_chan_def chandef;
2396
2397 ret = rdev_get_channel(rdev, wdev, &chandef);
2398 if (ret == 0) {
2399 if (nl80211_send_chandef(msg, &chandef))
2400 goto nla_put_failure;
2401 }
2402 }
2403
2404 if (wdev->ssid_len) {
2405 if (nla_put(msg, NL80211_ATTR_SSID, wdev->ssid_len, wdev->ssid))
2406 goto nla_put_failure;
2407 }
2408
2409 genlmsg_end(msg, hdr);
2410 return 0;
2411
2412 nla_put_failure:
2413 genlmsg_cancel(msg, hdr);
2414 return -EMSGSIZE;
2415}
2416
2417static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback *cb)
2418{
2419 int wp_idx = 0;
2420 int if_idx = 0;
2421 int wp_start = cb->args[0];
2422 int if_start = cb->args[1];
2423 struct cfg80211_registered_device *rdev;
2424 struct wireless_dev *wdev;
2425
2426 rtnl_lock();
2427 list_for_each_entry(rdev, &cfg80211_rdev_list, list) {
2428 if (!net_eq(wiphy_net(&rdev->wiphy), sock_net(skb->sk)))
2429 continue;
2430 if (wp_idx < wp_start) {
2431 wp_idx++;
2432 continue;
2433 }
2434 if_idx = 0;
2435
2436 list_for_each_entry(wdev, &rdev->wdev_list, list) {
2437 if (if_idx < if_start) {
2438 if_idx++;
2439 continue;
2440 }
2441 if (nl80211_send_iface(skb, NETLINK_CB(cb->skb).portid,
2442 cb->nlh->nlmsg_seq, NLM_F_MULTI,
2443 rdev, wdev, false) < 0) {
2444 goto out;
2445 }
2446 if_idx++;
2447 }
2448
2449 wp_idx++;
2450 }
2451 out:
2452 rtnl_unlock();
2453
2454 cb->args[0] = wp_idx;
2455 cb->args[1] = if_idx;
2456
2457 return skb->len;
2458}
2459
2460static int nl80211_get_interface(struct sk_buff *skb, struct genl_info *info)
2461{
2462 struct sk_buff *msg;
2463 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2464 struct wireless_dev *wdev = info->user_ptr[1];
2465
2466 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
2467 if (!msg)
2468 return -ENOMEM;
2469
2470 if (nl80211_send_iface(msg, info->snd_portid, info->snd_seq, 0,
2471 rdev, wdev, false) < 0) {
2472 nlmsg_free(msg);
2473 return -ENOBUFS;
2474 }
2475
2476 return genlmsg_reply(msg, info);
2477}
2478
2479static const struct nla_policy mntr_flags_policy[NL80211_MNTR_FLAG_MAX + 1] = {
2480 [NL80211_MNTR_FLAG_FCSFAIL] = { .type = NLA_FLAG },
2481 [NL80211_MNTR_FLAG_PLCPFAIL] = { .type = NLA_FLAG },
2482 [NL80211_MNTR_FLAG_CONTROL] = { .type = NLA_FLAG },
2483 [NL80211_MNTR_FLAG_OTHER_BSS] = { .type = NLA_FLAG },
2484 [NL80211_MNTR_FLAG_COOK_FRAMES] = { .type = NLA_FLAG },
2485 [NL80211_MNTR_FLAG_ACTIVE] = { .type = NLA_FLAG },
2486};
2487
2488static int parse_monitor_flags(struct nlattr *nla, u32 *mntrflags)
2489{
2490 struct nlattr *flags[NL80211_MNTR_FLAG_MAX + 1];
2491 int flag;
2492
2493 *mntrflags = 0;
2494
2495 if (!nla)
2496 return -EINVAL;
2497
2498 if (nla_parse_nested(flags, NL80211_MNTR_FLAG_MAX,
2499 nla, mntr_flags_policy))
2500 return -EINVAL;
2501
2502 for (flag = 1; flag <= NL80211_MNTR_FLAG_MAX; flag++)
2503 if (flags[flag])
2504 *mntrflags |= (1<<flag);
2505
2506 return 0;
2507}
2508
2509static int nl80211_valid_4addr(struct cfg80211_registered_device *rdev,
2510 struct net_device *netdev, u8 use_4addr,
2511 enum nl80211_iftype iftype)
2512{
2513 if (!use_4addr) {
2514 if (netdev && (netdev->priv_flags & IFF_BRIDGE_PORT))
2515 return -EBUSY;
2516 return 0;
2517 }
2518
2519 switch (iftype) {
2520 case NL80211_IFTYPE_AP_VLAN:
2521 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_AP)
2522 return 0;
2523 break;
2524 case NL80211_IFTYPE_STATION:
2525 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_STATION)
2526 return 0;
2527 break;
2528 default:
2529 break;
2530 }
2531
2532 return -EOPNOTSUPP;
2533}
2534
2535static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
2536{
2537 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2538 struct vif_params params;
2539 int err;
2540 enum nl80211_iftype otype, ntype;
2541 struct net_device *dev = info->user_ptr[1];
2542 u32 _flags, *flags = NULL;
2543 bool change = false;
2544
2545 memset(¶ms, 0, sizeof(params));
2546
2547 otype = ntype = dev->ieee80211_ptr->iftype;
2548
2549 if (info->attrs[NL80211_ATTR_IFTYPE]) {
2550 ntype = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]);
2551 if (otype != ntype)
2552 change = true;
2553 if (ntype > NL80211_IFTYPE_MAX)
2554 return -EINVAL;
2555 }
2556
2557 if (info->attrs[NL80211_ATTR_MESH_ID]) {
2558 struct wireless_dev *wdev = dev->ieee80211_ptr;
2559
2560 if (ntype != NL80211_IFTYPE_MESH_POINT)
2561 return -EINVAL;
2562 if (netif_running(dev))
2563 return -EBUSY;
2564
2565 wdev_lock(wdev);
2566 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN !=
2567 IEEE80211_MAX_MESH_ID_LEN);
2568 wdev->mesh_id_up_len =
2569 nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
2570 memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]),
2571 wdev->mesh_id_up_len);
2572 wdev_unlock(wdev);
2573 }
2574
2575 if (info->attrs[NL80211_ATTR_4ADDR]) {
2576 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]);
2577 change = true;
2578 err = nl80211_valid_4addr(rdev, dev, params.use_4addr, ntype);
2579 if (err)
2580 return err;
2581 } else {
2582 params.use_4addr = -1;
2583 }
2584
2585 if (info->attrs[NL80211_ATTR_MNTR_FLAGS]) {
2586 if (ntype != NL80211_IFTYPE_MONITOR)
2587 return -EINVAL;
2588 err = parse_monitor_flags(info->attrs[NL80211_ATTR_MNTR_FLAGS],
2589 &_flags);
2590 if (err)
2591 return err;
2592
2593 flags = &_flags;
2594 change = true;
2595 }
2596
2597 if (flags && (*flags & MONITOR_FLAG_ACTIVE) &&
2598 !(rdev->wiphy.features & NL80211_FEATURE_ACTIVE_MONITOR))
2599 return -EOPNOTSUPP;
2600
2601 if (change)
2602 err = cfg80211_change_iface(rdev, dev, ntype, flags, ¶ms);
2603 else
2604 err = 0;
2605
2606 if (!err && params.use_4addr != -1)
2607 dev->ieee80211_ptr->use_4addr = params.use_4addr;
2608
2609 return err;
2610}
2611
2612static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info)
2613{
2614 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2615 struct vif_params params;
2616 struct wireless_dev *wdev;
2617 struct sk_buff *msg, *event;
2618 int err;
2619 enum nl80211_iftype type = NL80211_IFTYPE_UNSPECIFIED;
2620 u32 flags;
2621
2622
2623 cfg80211_destroy_ifaces(rdev);
2624
2625 memset(¶ms, 0, sizeof(params));
2626
2627 if (!info->attrs[NL80211_ATTR_IFNAME])
2628 return -EINVAL;
2629
2630 if (info->attrs[NL80211_ATTR_IFTYPE]) {
2631 type = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]);
2632 if (type > NL80211_IFTYPE_MAX)
2633 return -EINVAL;
2634 }
2635
2636 if (!rdev->ops->add_virtual_intf ||
2637 !(rdev->wiphy.interface_modes & (1 << type)))
2638 return -EOPNOTSUPP;
2639
2640 if ((type == NL80211_IFTYPE_P2P_DEVICE ||
2641 rdev->wiphy.features & NL80211_FEATURE_MAC_ON_CREATE) &&
2642 info->attrs[NL80211_ATTR_MAC]) {
2643 nla_memcpy(params.macaddr, info->attrs[NL80211_ATTR_MAC],
2644 ETH_ALEN);
2645 if (!is_valid_ether_addr(params.macaddr))
2646 return -EADDRNOTAVAIL;
2647 }
2648
2649 if (info->attrs[NL80211_ATTR_4ADDR]) {
2650 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]);
2651 err = nl80211_valid_4addr(rdev, NULL, params.use_4addr, type);
2652 if (err)
2653 return err;
2654 }
2655
2656 err = parse_monitor_flags(type == NL80211_IFTYPE_MONITOR ?
2657 info->attrs[NL80211_ATTR_MNTR_FLAGS] : NULL,
2658 &flags);
2659
2660 if (!err && (flags & MONITOR_FLAG_ACTIVE) &&
2661 !(rdev->wiphy.features & NL80211_FEATURE_ACTIVE_MONITOR))
2662 return -EOPNOTSUPP;
2663
2664 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
2665 if (!msg)
2666 return -ENOMEM;
2667
2668 wdev = rdev_add_virtual_intf(rdev,
2669 nla_data(info->attrs[NL80211_ATTR_IFNAME]),
2670 NET_NAME_USER, type, err ? NULL : &flags,
2671 ¶ms);
2672 if (WARN_ON(!wdev)) {
2673 nlmsg_free(msg);
2674 return -EPROTO;
2675 } else if (IS_ERR(wdev)) {
2676 nlmsg_free(msg);
2677 return PTR_ERR(wdev);
2678 }
2679
2680 if (info->attrs[NL80211_ATTR_SOCKET_OWNER])
2681 wdev->owner_nlportid = info->snd_portid;
2682
2683 switch (type) {
2684 case NL80211_IFTYPE_MESH_POINT:
2685 if (!info->attrs[NL80211_ATTR_MESH_ID])
2686 break;
2687 wdev_lock(wdev);
2688 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN !=
2689 IEEE80211_MAX_MESH_ID_LEN);
2690 wdev->mesh_id_up_len =
2691 nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
2692 memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]),
2693 wdev->mesh_id_up_len);
2694 wdev_unlock(wdev);
2695 break;
2696 case NL80211_IFTYPE_P2P_DEVICE:
2697
2698
2699
2700
2701 mutex_init(&wdev->mtx);
2702 INIT_LIST_HEAD(&wdev->event_list);
2703 spin_lock_init(&wdev->event_lock);
2704 INIT_LIST_HEAD(&wdev->mgmt_registrations);
2705 spin_lock_init(&wdev->mgmt_registrations_lock);
2706
2707 wdev->identifier = ++rdev->wdev_id;
2708 list_add_rcu(&wdev->list, &rdev->wdev_list);
2709 rdev->devlist_generation++;
2710 break;
2711 default:
2712 break;
2713 }
2714
2715 if (nl80211_send_iface(msg, info->snd_portid, info->snd_seq, 0,
2716 rdev, wdev, false) < 0) {
2717 nlmsg_free(msg);
2718 return -ENOBUFS;
2719 }
2720
2721 event = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
2722 if (event) {
2723 if (nl80211_send_iface(event, 0, 0, 0,
2724 rdev, wdev, false) < 0) {
2725 nlmsg_free(event);
2726 goto out;
2727 }
2728
2729 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy),
2730 event, 0, NL80211_MCGRP_CONFIG,
2731 GFP_KERNEL);
2732 }
2733
2734out:
2735 return genlmsg_reply(msg, info);
2736}
2737
2738static int nl80211_del_interface(struct sk_buff *skb, struct genl_info *info)
2739{
2740 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2741 struct wireless_dev *wdev = info->user_ptr[1];
2742 struct sk_buff *msg;
2743 int status;
2744
2745 if (!rdev->ops->del_virtual_intf)
2746 return -EOPNOTSUPP;
2747
2748 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
2749 if (msg && nl80211_send_iface(msg, 0, 0, 0, rdev, wdev, true) < 0) {
2750 nlmsg_free(msg);
2751 msg = NULL;
2752 }
2753
2754
2755
2756
2757
2758
2759
2760
2761 if (!wdev->netdev)
2762 info->user_ptr[1] = NULL;
2763
2764 status = rdev_del_virtual_intf(rdev, wdev);
2765 if (status >= 0 && msg)
2766 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy),
2767 msg, 0, NL80211_MCGRP_CONFIG,
2768 GFP_KERNEL);
2769 else
2770 nlmsg_free(msg);
2771
2772 return status;
2773}
2774
2775static int nl80211_set_noack_map(struct sk_buff *skb, struct genl_info *info)
2776{
2777 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2778 struct net_device *dev = info->user_ptr[1];
2779 u16 noack_map;
2780
2781 if (!info->attrs[NL80211_ATTR_NOACK_MAP])
2782 return -EINVAL;
2783
2784 if (!rdev->ops->set_noack_map)
2785 return -EOPNOTSUPP;
2786
2787 noack_map = nla_get_u16(info->attrs[NL80211_ATTR_NOACK_MAP]);
2788
2789 return rdev_set_noack_map(rdev, dev, noack_map);
2790}
2791
2792struct get_key_cookie {
2793 struct sk_buff *msg;
2794 int error;
2795 int idx;
2796};
2797
2798static void get_key_callback(void *c, struct key_params *params)
2799{
2800 struct nlattr *key;
2801 struct get_key_cookie *cookie = c;
2802
2803 if ((params->key &&
2804 nla_put(cookie->msg, NL80211_ATTR_KEY_DATA,
2805 params->key_len, params->key)) ||
2806 (params->seq &&
2807 nla_put(cookie->msg, NL80211_ATTR_KEY_SEQ,
2808 params->seq_len, params->seq)) ||
2809 (params->cipher &&
2810 nla_put_u32(cookie->msg, NL80211_ATTR_KEY_CIPHER,
2811 params->cipher)))
2812 goto nla_put_failure;
2813
2814 key = nla_nest_start(cookie->msg, NL80211_ATTR_KEY);
2815 if (!key)
2816 goto nla_put_failure;
2817
2818 if ((params->key &&
2819 nla_put(cookie->msg, NL80211_KEY_DATA,
2820 params->key_len, params->key)) ||
2821 (params->seq &&
2822 nla_put(cookie->msg, NL80211_KEY_SEQ,
2823 params->seq_len, params->seq)) ||
2824 (params->cipher &&
2825 nla_put_u32(cookie->msg, NL80211_KEY_CIPHER,
2826 params->cipher)))
2827 goto nla_put_failure;
2828
2829 if (nla_put_u8(cookie->msg, NL80211_ATTR_KEY_IDX, cookie->idx))
2830 goto nla_put_failure;
2831
2832 nla_nest_end(cookie->msg, key);
2833
2834 return;
2835 nla_put_failure:
2836 cookie->error = 1;
2837}
2838
2839static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info)
2840{
2841 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2842 int err;
2843 struct net_device *dev = info->user_ptr[1];
2844 u8 key_idx = 0;
2845 const u8 *mac_addr = NULL;
2846 bool pairwise;
2847 struct get_key_cookie cookie = {
2848 .error = 0,
2849 };
2850 void *hdr;
2851 struct sk_buff *msg;
2852
2853 if (info->attrs[NL80211_ATTR_KEY_IDX])
2854 key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);
2855
2856 if (key_idx > 5)
2857 return -EINVAL;
2858
2859 if (info->attrs[NL80211_ATTR_MAC])
2860 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
2861
2862 pairwise = !!mac_addr;
2863 if (info->attrs[NL80211_ATTR_KEY_TYPE]) {
2864 u32 kt = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]);
2865 if (kt >= NUM_NL80211_KEYTYPES)
2866 return -EINVAL;
2867 if (kt != NL80211_KEYTYPE_GROUP &&
2868 kt != NL80211_KEYTYPE_PAIRWISE)
2869 return -EINVAL;
2870 pairwise = kt == NL80211_KEYTYPE_PAIRWISE;
2871 }
2872
2873 if (!rdev->ops->get_key)
2874 return -EOPNOTSUPP;
2875
2876 if (!pairwise && mac_addr && !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN))
2877 return -ENOENT;
2878
2879 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
2880 if (!msg)
2881 return -ENOMEM;
2882
2883 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
2884 NL80211_CMD_NEW_KEY);
2885 if (!hdr)
2886 goto nla_put_failure;
2887
2888 cookie.msg = msg;
2889 cookie.idx = key_idx;
2890
2891 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
2892 nla_put_u8(msg, NL80211_ATTR_KEY_IDX, key_idx))
2893 goto nla_put_failure;
2894 if (mac_addr &&
2895 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr))
2896 goto nla_put_failure;
2897
2898 err = rdev_get_key(rdev, dev, key_idx, pairwise, mac_addr, &cookie,
2899 get_key_callback);
2900
2901 if (err)
2902 goto free_msg;
2903
2904 if (cookie.error)
2905 goto nla_put_failure;
2906
2907 genlmsg_end(msg, hdr);
2908 return genlmsg_reply(msg, info);
2909
2910 nla_put_failure:
2911 err = -ENOBUFS;
2912 free_msg:
2913 nlmsg_free(msg);
2914 return err;
2915}
2916
2917static int nl80211_set_key(struct sk_buff *skb, struct genl_info *info)
2918{
2919 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2920 struct key_parse key;
2921 int err;
2922 struct net_device *dev = info->user_ptr[1];
2923
2924 err = nl80211_parse_key(info, &key);
2925 if (err)
2926 return err;
2927
2928 if (key.idx < 0)
2929 return -EINVAL;
2930
2931
2932 if (!key.def && !key.defmgmt)
2933 return -EINVAL;
2934
2935 wdev_lock(dev->ieee80211_ptr);
2936
2937 if (key.def) {
2938 if (!rdev->ops->set_default_key) {
2939 err = -EOPNOTSUPP;
2940 goto out;
2941 }
2942
2943 err = nl80211_key_allowed(dev->ieee80211_ptr);
2944 if (err)
2945 goto out;
2946
2947 err = rdev_set_default_key(rdev, dev, key.idx,
2948 key.def_uni, key.def_multi);
2949
2950 if (err)
2951 goto out;
2952
2953#ifdef CONFIG_CFG80211_WEXT
2954 dev->ieee80211_ptr->wext.default_key = key.idx;
2955#endif
2956 } else {
2957 if (key.def_uni || !key.def_multi) {
2958 err = -EINVAL;
2959 goto out;
2960 }
2961
2962 if (!rdev->ops->set_default_mgmt_key) {
2963 err = -EOPNOTSUPP;
2964 goto out;
2965 }
2966
2967 err = nl80211_key_allowed(dev->ieee80211_ptr);
2968 if (err)
2969 goto out;
2970
2971 err = rdev_set_default_mgmt_key(rdev, dev, key.idx);
2972 if (err)
2973 goto out;
2974
2975#ifdef CONFIG_CFG80211_WEXT
2976 dev->ieee80211_ptr->wext.default_mgmt_key = key.idx;
2977#endif
2978 }
2979
2980 out:
2981 wdev_unlock(dev->ieee80211_ptr);
2982
2983 return err;
2984}
2985
2986static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info)
2987{
2988 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2989 int err;
2990 struct net_device *dev = info->user_ptr[1];
2991 struct key_parse key;
2992 const u8 *mac_addr = NULL;
2993
2994 err = nl80211_parse_key(info, &key);
2995 if (err)
2996 return err;
2997
2998 if (!key.p.key)
2999 return -EINVAL;
3000
3001 if (info->attrs[NL80211_ATTR_MAC])
3002 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
3003
3004 if (key.type == -1) {
3005 if (mac_addr)
3006 key.type = NL80211_KEYTYPE_PAIRWISE;
3007 else
3008 key.type = NL80211_KEYTYPE_GROUP;
3009 }
3010
3011
3012 if (key.type != NL80211_KEYTYPE_PAIRWISE &&
3013 key.type != NL80211_KEYTYPE_GROUP)
3014 return -EINVAL;
3015
3016 if (!rdev->ops->add_key)
3017 return -EOPNOTSUPP;
3018
3019 if (cfg80211_validate_key_settings(rdev, &key.p, key.idx,
3020 key.type == NL80211_KEYTYPE_PAIRWISE,
3021 mac_addr))
3022 return -EINVAL;
3023
3024 wdev_lock(dev->ieee80211_ptr);
3025 err = nl80211_key_allowed(dev->ieee80211_ptr);
3026 if (!err)
3027 err = rdev_add_key(rdev, dev, key.idx,
3028 key.type == NL80211_KEYTYPE_PAIRWISE,
3029 mac_addr, &key.p);
3030 wdev_unlock(dev->ieee80211_ptr);
3031
3032 return err;
3033}
3034
3035static int nl80211_del_key(struct sk_buff *skb, struct genl_info *info)
3036{
3037 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3038 int err;
3039 struct net_device *dev = info->user_ptr[1];
3040 u8 *mac_addr = NULL;
3041 struct key_parse key;
3042
3043 err = nl80211_parse_key(info, &key);
3044 if (err)
3045 return err;
3046
3047 if (info->attrs[NL80211_ATTR_MAC])
3048 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
3049
3050 if (key.type == -1) {
3051 if (mac_addr)
3052 key.type = NL80211_KEYTYPE_PAIRWISE;
3053 else
3054 key.type = NL80211_KEYTYPE_GROUP;
3055 }
3056
3057
3058 if (key.type != NL80211_KEYTYPE_PAIRWISE &&
3059 key.type != NL80211_KEYTYPE_GROUP)
3060 return -EINVAL;
3061
3062 if (!rdev->ops->del_key)
3063 return -EOPNOTSUPP;
3064
3065 wdev_lock(dev->ieee80211_ptr);
3066 err = nl80211_key_allowed(dev->ieee80211_ptr);
3067
3068 if (key.type == NL80211_KEYTYPE_GROUP && mac_addr &&
3069 !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN))
3070 err = -ENOENT;
3071
3072 if (!err)
3073 err = rdev_del_key(rdev, dev, key.idx,
3074 key.type == NL80211_KEYTYPE_PAIRWISE,
3075 mac_addr);
3076
3077#ifdef CONFIG_CFG80211_WEXT
3078 if (!err) {
3079 if (key.idx == dev->ieee80211_ptr->wext.default_key)
3080 dev->ieee80211_ptr->wext.default_key = -1;
3081 else if (key.idx == dev->ieee80211_ptr->wext.default_mgmt_key)
3082 dev->ieee80211_ptr->wext.default_mgmt_key = -1;
3083 }
3084#endif
3085 wdev_unlock(dev->ieee80211_ptr);
3086
3087 return err;
3088}
3089
3090
3091static int validate_acl_mac_addrs(struct nlattr *nl_attr)
3092{
3093 struct nlattr *attr;
3094 int n_entries = 0, tmp;
3095
3096 nla_for_each_nested(attr, nl_attr, tmp) {
3097 if (nla_len(attr) != ETH_ALEN)
3098 return -EINVAL;
3099
3100 n_entries++;
3101 }
3102
3103 return n_entries;
3104}
3105
3106
3107
3108
3109
3110
3111static struct cfg80211_acl_data *parse_acl_data(struct wiphy *wiphy,
3112 struct genl_info *info)
3113{
3114 enum nl80211_acl_policy acl_policy;
3115 struct nlattr *attr;
3116 struct cfg80211_acl_data *acl;
3117 int i = 0, n_entries, tmp;
3118
3119 if (!wiphy->max_acl_mac_addrs)
3120 return ERR_PTR(-EOPNOTSUPP);
3121
3122 if (!info->attrs[NL80211_ATTR_ACL_POLICY])
3123 return ERR_PTR(-EINVAL);
3124
3125 acl_policy = nla_get_u32(info->attrs[NL80211_ATTR_ACL_POLICY]);
3126 if (acl_policy != NL80211_ACL_POLICY_ACCEPT_UNLESS_LISTED &&
3127 acl_policy != NL80211_ACL_POLICY_DENY_UNLESS_LISTED)
3128 return ERR_PTR(-EINVAL);
3129
3130 if (!info->attrs[NL80211_ATTR_MAC_ADDRS])
3131 return ERR_PTR(-EINVAL);
3132
3133 n_entries = validate_acl_mac_addrs(info->attrs[NL80211_ATTR_MAC_ADDRS]);
3134 if (n_entries < 0)
3135 return ERR_PTR(n_entries);
3136
3137 if (n_entries > wiphy->max_acl_mac_addrs)
3138 return ERR_PTR(-ENOTSUPP);
3139
3140 acl = kzalloc(sizeof(*acl) + (sizeof(struct mac_address) * n_entries),
3141 GFP_KERNEL);
3142 if (!acl)
3143 return ERR_PTR(-ENOMEM);
3144
3145 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_MAC_ADDRS], tmp) {
3146 memcpy(acl->mac_addrs[i].addr, nla_data(attr), ETH_ALEN);
3147 i++;
3148 }
3149
3150 acl->n_acl_entries = n_entries;
3151 acl->acl_policy = acl_policy;
3152
3153 return acl;
3154}
3155
3156static int nl80211_set_mac_acl(struct sk_buff *skb, struct genl_info *info)
3157{
3158 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3159 struct net_device *dev = info->user_ptr[1];
3160 struct cfg80211_acl_data *acl;
3161 int err;
3162
3163 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
3164 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
3165 return -EOPNOTSUPP;
3166
3167 if (!dev->ieee80211_ptr->beacon_interval)
3168 return -EINVAL;
3169
3170 acl = parse_acl_data(&rdev->wiphy, info);
3171 if (IS_ERR(acl))
3172 return PTR_ERR(acl);
3173
3174 err = rdev_set_mac_acl(rdev, dev, acl);
3175
3176 kfree(acl);
3177
3178 return err;
3179}
3180
3181static int nl80211_parse_beacon(struct nlattr *attrs[],
3182 struct cfg80211_beacon_data *bcn)
3183{
3184 bool haveinfo = false;
3185
3186 if (!is_valid_ie_attr(attrs[NL80211_ATTR_BEACON_TAIL]) ||
3187 !is_valid_ie_attr(attrs[NL80211_ATTR_IE]) ||
3188 !is_valid_ie_attr(attrs[NL80211_ATTR_IE_PROBE_RESP]) ||
3189 !is_valid_ie_attr(attrs[NL80211_ATTR_IE_ASSOC_RESP]))
3190 return -EINVAL;
3191
3192 memset(bcn, 0, sizeof(*bcn));
3193
3194 if (attrs[NL80211_ATTR_BEACON_HEAD]) {
3195 bcn->head = nla_data(attrs[NL80211_ATTR_BEACON_HEAD]);
3196 bcn->head_len = nla_len(attrs[NL80211_ATTR_BEACON_HEAD]);
3197 if (!bcn->head_len)
3198 return -EINVAL;
3199 haveinfo = true;
3200 }
3201
3202 if (attrs[NL80211_ATTR_BEACON_TAIL]) {
3203 bcn->tail = nla_data(attrs[NL80211_ATTR_BEACON_TAIL]);
3204 bcn->tail_len = nla_len(attrs[NL80211_ATTR_BEACON_TAIL]);
3205 haveinfo = true;
3206 }
3207
3208 if (!haveinfo)
3209 return -EINVAL;
3210
3211 if (attrs[NL80211_ATTR_IE]) {
3212 bcn->beacon_ies = nla_data(attrs[NL80211_ATTR_IE]);
3213 bcn->beacon_ies_len = nla_len(attrs[NL80211_ATTR_IE]);
3214 }
3215
3216 if (attrs[NL80211_ATTR_IE_PROBE_RESP]) {
3217 bcn->proberesp_ies =
3218 nla_data(attrs[NL80211_ATTR_IE_PROBE_RESP]);
3219 bcn->proberesp_ies_len =
3220 nla_len(attrs[NL80211_ATTR_IE_PROBE_RESP]);
3221 }
3222
3223 if (attrs[NL80211_ATTR_IE_ASSOC_RESP]) {
3224 bcn->assocresp_ies =
3225 nla_data(attrs[NL80211_ATTR_IE_ASSOC_RESP]);
3226 bcn->assocresp_ies_len =
3227 nla_len(attrs[NL80211_ATTR_IE_ASSOC_RESP]);
3228 }
3229
3230 if (attrs[NL80211_ATTR_PROBE_RESP]) {
3231 bcn->probe_resp = nla_data(attrs[NL80211_ATTR_PROBE_RESP]);
3232 bcn->probe_resp_len = nla_len(attrs[NL80211_ATTR_PROBE_RESP]);
3233 }
3234
3235 return 0;
3236}
3237
3238static bool nl80211_get_ap_channel(struct cfg80211_registered_device *rdev,
3239 struct cfg80211_ap_settings *params)
3240{
3241 struct wireless_dev *wdev;
3242 bool ret = false;
3243
3244 list_for_each_entry(wdev, &rdev->wdev_list, list) {
3245 if (wdev->iftype != NL80211_IFTYPE_AP &&
3246 wdev->iftype != NL80211_IFTYPE_P2P_GO)
3247 continue;
3248
3249 if (!wdev->preset_chandef.chan)
3250 continue;
3251
3252 params->chandef = wdev->preset_chandef;
3253 ret = true;
3254 break;
3255 }
3256
3257 return ret;
3258}
3259
3260static bool nl80211_valid_auth_type(struct cfg80211_registered_device *rdev,
3261 enum nl80211_auth_type auth_type,
3262 enum nl80211_commands cmd)
3263{
3264 if (auth_type > NL80211_AUTHTYPE_MAX)
3265 return false;
3266
3267 switch (cmd) {
3268 case NL80211_CMD_AUTHENTICATE:
3269 if (!(rdev->wiphy.features & NL80211_FEATURE_SAE) &&
3270 auth_type == NL80211_AUTHTYPE_SAE)
3271 return false;
3272 return true;
3273 case NL80211_CMD_CONNECT:
3274 case NL80211_CMD_START_AP:
3275
3276 if (auth_type == NL80211_AUTHTYPE_SAE)
3277 return false;
3278 return true;
3279 default:
3280 return false;
3281 }
3282}
3283
3284static int nl80211_start_ap(struct sk_buff *skb, struct genl_info *info)
3285{
3286 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3287 struct net_device *dev = info->user_ptr[1];
3288 struct wireless_dev *wdev = dev->ieee80211_ptr;
3289 struct cfg80211_ap_settings params;
3290 int err;
3291
3292 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
3293 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
3294 return -EOPNOTSUPP;
3295
3296 if (!rdev->ops->start_ap)
3297 return -EOPNOTSUPP;
3298
3299 if (wdev->beacon_interval)
3300 return -EALREADY;
3301
3302 memset(¶ms, 0, sizeof(params));
3303
3304
3305 if (!info->attrs[NL80211_ATTR_BEACON_INTERVAL] ||
3306 !info->attrs[NL80211_ATTR_DTIM_PERIOD] ||
3307 !info->attrs[NL80211_ATTR_BEACON_HEAD])
3308 return -EINVAL;
3309
3310 err = nl80211_parse_beacon(info->attrs, ¶ms.beacon);
3311 if (err)
3312 return err;
3313
3314 params.beacon_interval =
3315 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]);
3316 params.dtim_period =
3317 nla_get_u32(info->attrs[NL80211_ATTR_DTIM_PERIOD]);
3318
3319 err = cfg80211_validate_beacon_int(rdev, params.beacon_interval);
3320 if (err)
3321 return err;
3322
3323
3324
3325
3326
3327
3328
3329
3330 if (info->attrs[NL80211_ATTR_SSID]) {
3331 params.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
3332 params.ssid_len =
3333 nla_len(info->attrs[NL80211_ATTR_SSID]);
3334 if (params.ssid_len == 0 ||
3335 params.ssid_len > IEEE80211_MAX_SSID_LEN)
3336 return -EINVAL;
3337 }
3338
3339 if (info->attrs[NL80211_ATTR_HIDDEN_SSID]) {
3340 params.hidden_ssid = nla_get_u32(
3341 info->attrs[NL80211_ATTR_HIDDEN_SSID]);
3342 if (params.hidden_ssid != NL80211_HIDDEN_SSID_NOT_IN_USE &&
3343 params.hidden_ssid != NL80211_HIDDEN_SSID_ZERO_LEN &&
3344 params.hidden_ssid != NL80211_HIDDEN_SSID_ZERO_CONTENTS)
3345 return -EINVAL;
3346 }
3347
3348 params.privacy = !!info->attrs[NL80211_ATTR_PRIVACY];
3349
3350 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) {
3351 params.auth_type = nla_get_u32(
3352 info->attrs[NL80211_ATTR_AUTH_TYPE]);
3353 if (!nl80211_valid_auth_type(rdev, params.auth_type,
3354 NL80211_CMD_START_AP))
3355 return -EINVAL;
3356 } else
3357 params.auth_type = NL80211_AUTHTYPE_AUTOMATIC;
3358
3359 err = nl80211_crypto_settings(rdev, info, ¶ms.crypto,
3360 NL80211_MAX_NR_CIPHER_SUITES);
3361 if (err)
3362 return err;
3363
3364 if (info->attrs[NL80211_ATTR_INACTIVITY_TIMEOUT]) {
3365 if (!(rdev->wiphy.features & NL80211_FEATURE_INACTIVITY_TIMER))
3366 return -EOPNOTSUPP;
3367 params.inactivity_timeout = nla_get_u16(
3368 info->attrs[NL80211_ATTR_INACTIVITY_TIMEOUT]);
3369 }
3370
3371 if (info->attrs[NL80211_ATTR_P2P_CTWINDOW]) {
3372 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
3373 return -EINVAL;
3374 params.p2p_ctwindow =
3375 nla_get_u8(info->attrs[NL80211_ATTR_P2P_CTWINDOW]);
3376 if (params.p2p_ctwindow > 127)
3377 return -EINVAL;
3378 if (params.p2p_ctwindow != 0 &&
3379 !(rdev->wiphy.features & NL80211_FEATURE_P2P_GO_CTWIN))
3380 return -EINVAL;
3381 }
3382
3383 if (info->attrs[NL80211_ATTR_P2P_OPPPS]) {
3384 u8 tmp;
3385
3386 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
3387 return -EINVAL;
3388 tmp = nla_get_u8(info->attrs[NL80211_ATTR_P2P_OPPPS]);
3389 if (tmp > 1)
3390 return -EINVAL;
3391 params.p2p_opp_ps = tmp;
3392 if (params.p2p_opp_ps != 0 &&
3393 !(rdev->wiphy.features & NL80211_FEATURE_P2P_GO_OPPPS))
3394 return -EINVAL;
3395 }
3396
3397 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
3398 err = nl80211_parse_chandef(rdev, info, ¶ms.chandef);
3399 if (err)
3400 return err;
3401 } else if (wdev->preset_chandef.chan) {
3402 params.chandef = wdev->preset_chandef;
3403 } else if (!nl80211_get_ap_channel(rdev, ¶ms))
3404 return -EINVAL;
3405
3406 if (!cfg80211_reg_can_beacon(&rdev->wiphy, ¶ms.chandef,
3407 wdev->iftype))
3408 return -EINVAL;
3409
3410 if (info->attrs[NL80211_ATTR_ACL_POLICY]) {
3411 params.acl = parse_acl_data(&rdev->wiphy, info);
3412 if (IS_ERR(params.acl))
3413 return PTR_ERR(params.acl);
3414 }
3415
3416 if (info->attrs[NL80211_ATTR_SMPS_MODE]) {
3417 params.smps_mode =
3418 nla_get_u8(info->attrs[NL80211_ATTR_SMPS_MODE]);
3419 switch (params.smps_mode) {
3420 case NL80211_SMPS_OFF:
3421 break;
3422 case NL80211_SMPS_STATIC:
3423 if (!(rdev->wiphy.features &
3424 NL80211_FEATURE_STATIC_SMPS))
3425 return -EINVAL;
3426 break;
3427 case NL80211_SMPS_DYNAMIC:
3428 if (!(rdev->wiphy.features &
3429 NL80211_FEATURE_DYNAMIC_SMPS))
3430 return -EINVAL;
3431 break;
3432 default:
3433 return -EINVAL;
3434 }
3435 } else {
3436 params.smps_mode = NL80211_SMPS_OFF;
3437 }
3438
3439 wdev_lock(wdev);
3440 err = rdev_start_ap(rdev, dev, ¶ms);
3441 if (!err) {
3442 wdev->preset_chandef = params.chandef;
3443 wdev->beacon_interval = params.beacon_interval;
3444 wdev->chandef = params.chandef;
3445 wdev->ssid_len = params.ssid_len;
3446 memcpy(wdev->ssid, params.ssid, wdev->ssid_len);
3447 }
3448 wdev_unlock(wdev);
3449
3450 kfree(params.acl);
3451
3452 return err;
3453}
3454
3455static int nl80211_set_beacon(struct sk_buff *skb, struct genl_info *info)
3456{
3457 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3458 struct net_device *dev = info->user_ptr[1];
3459 struct wireless_dev *wdev = dev->ieee80211_ptr;
3460 struct cfg80211_beacon_data params;
3461 int err;
3462
3463 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
3464 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
3465 return -EOPNOTSUPP;
3466
3467 if (!rdev->ops->change_beacon)
3468 return -EOPNOTSUPP;
3469
3470 if (!wdev->beacon_interval)
3471 return -EINVAL;
3472
3473 err = nl80211_parse_beacon(info->attrs, ¶ms);
3474 if (err)
3475 return err;
3476
3477 wdev_lock(wdev);
3478 err = rdev_change_beacon(rdev, dev, ¶ms);
3479 wdev_unlock(wdev);
3480
3481 return err;
3482}
3483
3484static int nl80211_stop_ap(struct sk_buff *skb, struct genl_info *info)
3485{
3486 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3487 struct net_device *dev = info->user_ptr[1];
3488
3489 return cfg80211_stop_ap(rdev, dev, false);
3490}
3491
3492static const struct nla_policy sta_flags_policy[NL80211_STA_FLAG_MAX + 1] = {
3493 [NL80211_STA_FLAG_AUTHORIZED] = { .type = NLA_FLAG },
3494 [NL80211_STA_FLAG_SHORT_PREAMBLE] = { .type = NLA_FLAG },
3495 [NL80211_STA_FLAG_WME] = { .type = NLA_FLAG },
3496 [NL80211_STA_FLAG_MFP] = { .type = NLA_FLAG },
3497 [NL80211_STA_FLAG_AUTHENTICATED] = { .type = NLA_FLAG },
3498 [NL80211_STA_FLAG_TDLS_PEER] = { .type = NLA_FLAG },
3499};
3500
3501static int parse_station_flags(struct genl_info *info,
3502 enum nl80211_iftype iftype,
3503 struct station_parameters *params)
3504{
3505 struct nlattr *flags[NL80211_STA_FLAG_MAX + 1];
3506 struct nlattr *nla;
3507 int flag;
3508
3509
3510
3511
3512
3513 nla = info->attrs[NL80211_ATTR_STA_FLAGS2];
3514 if (nla) {
3515 struct nl80211_sta_flag_update *sta_flags;
3516
3517 sta_flags = nla_data(nla);
3518 params->sta_flags_mask = sta_flags->mask;
3519 params->sta_flags_set = sta_flags->set;
3520 params->sta_flags_set &= params->sta_flags_mask;
3521 if ((params->sta_flags_mask |
3522 params->sta_flags_set) & BIT(__NL80211_STA_FLAG_INVALID))
3523 return -EINVAL;
3524 return 0;
3525 }
3526
3527
3528
3529 nla = info->attrs[NL80211_ATTR_STA_FLAGS];
3530 if (!nla)
3531 return 0;
3532
3533 if (nla_parse_nested(flags, NL80211_STA_FLAG_MAX,
3534 nla, sta_flags_policy))
3535 return -EINVAL;
3536
3537
3538
3539
3540
3541
3542
3543 switch (iftype) {
3544 case NL80211_IFTYPE_AP:
3545 case NL80211_IFTYPE_AP_VLAN:
3546 case NL80211_IFTYPE_P2P_GO:
3547 params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHORIZED) |
3548 BIT(NL80211_STA_FLAG_SHORT_PREAMBLE) |
3549 BIT(NL80211_STA_FLAG_WME) |
3550 BIT(NL80211_STA_FLAG_MFP);
3551 break;
3552 case NL80211_IFTYPE_P2P_CLIENT:
3553 case NL80211_IFTYPE_STATION:
3554 params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHORIZED) |
3555 BIT(NL80211_STA_FLAG_TDLS_PEER);
3556 break;
3557 case NL80211_IFTYPE_MESH_POINT:
3558 params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHENTICATED) |
3559 BIT(NL80211_STA_FLAG_MFP) |
3560 BIT(NL80211_STA_FLAG_AUTHORIZED);
3561 default:
3562 return -EINVAL;
3563 }
3564
3565 for (flag = 1; flag <= NL80211_STA_FLAG_MAX; flag++) {
3566 if (flags[flag]) {
3567 params->sta_flags_set |= (1<<flag);
3568
3569
3570 if (flag > NL80211_STA_FLAG_MAX_OLD_API)
3571 return -EINVAL;
3572 }
3573 }
3574
3575 return 0;
3576}
3577
3578static bool nl80211_put_sta_rate(struct sk_buff *msg, struct rate_info *info,
3579 int attr)
3580{
3581 struct nlattr *rate;
3582 u32 bitrate;
3583 u16 bitrate_compat;
3584 enum nl80211_attrs rate_flg;
3585
3586 rate = nla_nest_start(msg, attr);
3587 if (!rate)
3588 return false;
3589
3590
3591 bitrate = cfg80211_calculate_bitrate(info);
3592
3593 bitrate_compat = bitrate < (1UL << 16) ? bitrate : 0;
3594 if (bitrate > 0 &&
3595 nla_put_u32(msg, NL80211_RATE_INFO_BITRATE32, bitrate))
3596 return false;
3597 if (bitrate_compat > 0 &&
3598 nla_put_u16(msg, NL80211_RATE_INFO_BITRATE, bitrate_compat))
3599 return false;
3600
3601 switch (info->bw) {
3602 case RATE_INFO_BW_5:
3603 rate_flg = NL80211_RATE_INFO_5_MHZ_WIDTH;
3604 break;
3605 case RATE_INFO_BW_10:
3606 rate_flg = NL80211_RATE_INFO_10_MHZ_WIDTH;
3607 break;
3608 default:
3609 WARN_ON(1);
3610
3611 case RATE_INFO_BW_20:
3612 rate_flg = 0;
3613 break;
3614 case RATE_INFO_BW_40:
3615 rate_flg = NL80211_RATE_INFO_40_MHZ_WIDTH;
3616 break;
3617 case RATE_INFO_BW_80:
3618 rate_flg = NL80211_RATE_INFO_80_MHZ_WIDTH;
3619 break;
3620 case RATE_INFO_BW_160:
3621 rate_flg = NL80211_RATE_INFO_160_MHZ_WIDTH;
3622 break;
3623 }
3624
3625 if (rate_flg && nla_put_flag(msg, rate_flg))
3626 return false;
3627
3628 if (info->flags & RATE_INFO_FLAGS_MCS) {
3629 if (nla_put_u8(msg, NL80211_RATE_INFO_MCS, info->mcs))
3630 return false;
3631 if (info->flags & RATE_INFO_FLAGS_SHORT_GI &&
3632 nla_put_flag(msg, NL80211_RATE_INFO_SHORT_GI))
3633 return false;
3634 } else if (info->flags & RATE_INFO_FLAGS_VHT_MCS) {
3635 if (nla_put_u8(msg, NL80211_RATE_INFO_VHT_MCS, info->mcs))
3636 return false;
3637 if (nla_put_u8(msg, NL80211_RATE_INFO_VHT_NSS, info->nss))
3638 return false;
3639 if (info->flags & RATE_INFO_FLAGS_SHORT_GI &&
3640 nla_put_flag(msg, NL80211_RATE_INFO_SHORT_GI))
3641 return false;
3642 }
3643
3644 nla_nest_end(msg, rate);
3645 return true;
3646}
3647
3648static bool nl80211_put_signal(struct sk_buff *msg, u8 mask, s8 *signal,
3649 int id)
3650{
3651 void *attr;
3652 int i = 0;
3653
3654 if (!mask)
3655 return true;
3656
3657 attr = nla_nest_start(msg, id);
3658 if (!attr)
3659 return false;
3660
3661 for (i = 0; i < IEEE80211_MAX_CHAINS; i++) {
3662 if (!(mask & BIT(i)))
3663 continue;
3664
3665 if (nla_put_u8(msg, i, signal[i]))
3666 return false;
3667 }
3668
3669 nla_nest_end(msg, attr);
3670
3671 return true;
3672}
3673
3674static int nl80211_send_station(struct sk_buff *msg, u32 cmd, u32 portid,
3675 u32 seq, int flags,
3676 struct cfg80211_registered_device *rdev,
3677 struct net_device *dev,
3678 const u8 *mac_addr, struct station_info *sinfo)
3679{
3680 void *hdr;
3681 struct nlattr *sinfoattr, *bss_param;
3682
3683 hdr = nl80211hdr_put(msg, portid, seq, flags, cmd);
3684 if (!hdr)
3685 return -1;
3686
3687 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
3688 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr) ||
3689 nla_put_u32(msg, NL80211_ATTR_GENERATION, sinfo->generation))
3690 goto nla_put_failure;
3691
3692 sinfoattr = nla_nest_start(msg, NL80211_ATTR_STA_INFO);
3693 if (!sinfoattr)
3694 goto nla_put_failure;
3695
3696#define PUT_SINFO(attr, memb, type) do { \
3697 if (sinfo->filled & BIT(NL80211_STA_INFO_ ## attr) && \
3698 nla_put_ ## type(msg, NL80211_STA_INFO_ ## attr, \
3699 sinfo->memb)) \
3700 goto nla_put_failure; \
3701 } while (0)
3702
3703 PUT_SINFO(CONNECTED_TIME, connected_time, u32);
3704 PUT_SINFO(INACTIVE_TIME, inactive_time, u32);
3705
3706 if (sinfo->filled & (BIT(NL80211_STA_INFO_RX_BYTES) |
3707 BIT(NL80211_STA_INFO_RX_BYTES64)) &&
3708 nla_put_u32(msg, NL80211_STA_INFO_RX_BYTES,
3709 (u32)sinfo->rx_bytes))
3710 goto nla_put_failure;
3711
3712 if (sinfo->filled & (BIT(NL80211_STA_INFO_TX_BYTES) |
3713 BIT(NL80211_STA_INFO_TX_BYTES64)) &&
3714 nla_put_u32(msg, NL80211_STA_INFO_TX_BYTES,
3715 (u32)sinfo->tx_bytes))
3716 goto nla_put_failure;
3717
3718 PUT_SINFO(RX_BYTES64, rx_bytes, u64);
3719 PUT_SINFO(TX_BYTES64, tx_bytes, u64);
3720 PUT_SINFO(LLID, llid, u16);
3721 PUT_SINFO(PLID, plid, u16);
3722 PUT_SINFO(PLINK_STATE, plink_state, u8);
3723
3724 switch (rdev->wiphy.signal_type) {
3725 case CFG80211_SIGNAL_TYPE_MBM:
3726 PUT_SINFO(SIGNAL, signal, u8);
3727 PUT_SINFO(SIGNAL_AVG, signal_avg, u8);
3728 break;
3729 default:
3730 break;
3731 }
3732 if (sinfo->filled & BIT(NL80211_STA_INFO_CHAIN_SIGNAL)) {
3733 if (!nl80211_put_signal(msg, sinfo->chains,
3734 sinfo->chain_signal,
3735 NL80211_STA_INFO_CHAIN_SIGNAL))
3736 goto nla_put_failure;
3737 }
3738 if (sinfo->filled & BIT(NL80211_STA_INFO_CHAIN_SIGNAL_AVG)) {
3739 if (!nl80211_put_signal(msg, sinfo->chains,
3740 sinfo->chain_signal_avg,
3741 NL80211_STA_INFO_CHAIN_SIGNAL_AVG))
3742 goto nla_put_failure;
3743 }
3744 if (sinfo->filled & BIT(NL80211_STA_INFO_TX_BITRATE)) {
3745 if (!nl80211_put_sta_rate(msg, &sinfo->txrate,
3746 NL80211_STA_INFO_TX_BITRATE))
3747 goto nla_put_failure;
3748 }
3749 if (sinfo->filled & BIT(NL80211_STA_INFO_RX_BITRATE)) {
3750 if (!nl80211_put_sta_rate(msg, &sinfo->rxrate,
3751 NL80211_STA_INFO_RX_BITRATE))
3752 goto nla_put_failure;
3753 }
3754
3755 PUT_SINFO(RX_PACKETS, rx_packets, u32);
3756 PUT_SINFO(TX_PACKETS, tx_packets, u32);
3757 PUT_SINFO(TX_RETRIES, tx_retries, u32);
3758 PUT_SINFO(TX_FAILED, tx_failed, u32);
3759 PUT_SINFO(EXPECTED_THROUGHPUT, expected_throughput, u32);
3760 PUT_SINFO(BEACON_LOSS, beacon_loss_count, u32);
3761 PUT_SINFO(LOCAL_PM, local_pm, u32);
3762 PUT_SINFO(PEER_PM, peer_pm, u32);
3763 PUT_SINFO(NONPEER_PM, nonpeer_pm, u32);
3764
3765 if (sinfo->filled & BIT(NL80211_STA_INFO_BSS_PARAM)) {
3766 bss_param = nla_nest_start(msg, NL80211_STA_INFO_BSS_PARAM);
3767 if (!bss_param)
3768 goto nla_put_failure;
3769
3770 if (((sinfo->bss_param.flags & BSS_PARAM_FLAGS_CTS_PROT) &&
3771 nla_put_flag(msg, NL80211_STA_BSS_PARAM_CTS_PROT)) ||
3772 ((sinfo->bss_param.flags & BSS_PARAM_FLAGS_SHORT_PREAMBLE) &&
3773 nla_put_flag(msg, NL80211_STA_BSS_PARAM_SHORT_PREAMBLE)) ||
3774 ((sinfo->bss_param.flags & BSS_PARAM_FLAGS_SHORT_SLOT_TIME) &&
3775 nla_put_flag(msg, NL80211_STA_BSS_PARAM_SHORT_SLOT_TIME)) ||
3776 nla_put_u8(msg, NL80211_STA_BSS_PARAM_DTIM_PERIOD,
3777 sinfo->bss_param.dtim_period) ||
3778 nla_put_u16(msg, NL80211_STA_BSS_PARAM_BEACON_INTERVAL,
3779 sinfo->bss_param.beacon_interval))
3780 goto nla_put_failure;
3781
3782 nla_nest_end(msg, bss_param);
3783 }
3784 if ((sinfo->filled & BIT(NL80211_STA_INFO_STA_FLAGS)) &&
3785 nla_put(msg, NL80211_STA_INFO_STA_FLAGS,
3786 sizeof(struct nl80211_sta_flag_update),
3787 &sinfo->sta_flags))
3788 goto nla_put_failure;
3789
3790 PUT_SINFO(T_OFFSET, t_offset, u64);
3791 PUT_SINFO(RX_DROP_MISC, rx_dropped_misc, u64);
3792 PUT_SINFO(BEACON_RX, rx_beacon, u64);
3793 PUT_SINFO(BEACON_SIGNAL_AVG, rx_beacon_signal_avg, u8);
3794
3795#undef PUT_SINFO
3796
3797 if (sinfo->filled & BIT(NL80211_STA_INFO_TID_STATS)) {
3798 struct nlattr *tidsattr;
3799 int tid;
3800
3801 tidsattr = nla_nest_start(msg, NL80211_STA_INFO_TID_STATS);
3802 if (!tidsattr)
3803 goto nla_put_failure;
3804
3805 for (tid = 0; tid < IEEE80211_NUM_TIDS + 1; tid++) {
3806 struct cfg80211_tid_stats *tidstats;
3807 struct nlattr *tidattr;
3808
3809 tidstats = &sinfo->pertid[tid];
3810
3811 if (!tidstats->filled)
3812 continue;
3813
3814 tidattr = nla_nest_start(msg, tid + 1);
3815 if (!tidattr)
3816 goto nla_put_failure;
3817
3818#define PUT_TIDVAL(attr, memb, type) do { \
3819 if (tidstats->filled & BIT(NL80211_TID_STATS_ ## attr) && \
3820 nla_put_ ## type(msg, NL80211_TID_STATS_ ## attr, \
3821 tidstats->memb)) \
3822 goto nla_put_failure; \
3823 } while (0)
3824
3825 PUT_TIDVAL(RX_MSDU, rx_msdu, u64);
3826 PUT_TIDVAL(TX_MSDU, tx_msdu, u64);
3827 PUT_TIDVAL(TX_MSDU_RETRIES, tx_msdu_retries, u64);
3828 PUT_TIDVAL(TX_MSDU_FAILED, tx_msdu_failed, u64);
3829
3830#undef PUT_TIDVAL
3831 nla_nest_end(msg, tidattr);
3832 }
3833
3834 nla_nest_end(msg, tidsattr);
3835 }
3836
3837 nla_nest_end(msg, sinfoattr);
3838
3839 if (sinfo->assoc_req_ies_len &&
3840 nla_put(msg, NL80211_ATTR_IE, sinfo->assoc_req_ies_len,
3841 sinfo->assoc_req_ies))
3842 goto nla_put_failure;
3843
3844 genlmsg_end(msg, hdr);
3845 return 0;
3846
3847 nla_put_failure:
3848 genlmsg_cancel(msg, hdr);
3849 return -EMSGSIZE;
3850}
3851
3852static int nl80211_dump_station(struct sk_buff *skb,
3853 struct netlink_callback *cb)
3854{
3855 struct station_info sinfo;
3856 struct cfg80211_registered_device *rdev;
3857 struct wireless_dev *wdev;
3858 u8 mac_addr[ETH_ALEN];
3859 int sta_idx = cb->args[2];
3860 int err;
3861
3862 err = nl80211_prepare_wdev_dump(skb, cb, &rdev, &wdev);
3863 if (err)
3864 return err;
3865
3866 if (!wdev->netdev) {
3867 err = -EINVAL;
3868 goto out_err;
3869 }
3870
3871 if (!rdev->ops->dump_station) {
3872 err = -EOPNOTSUPP;
3873 goto out_err;
3874 }
3875
3876 while (1) {
3877 memset(&sinfo, 0, sizeof(sinfo));
3878 err = rdev_dump_station(rdev, wdev->netdev, sta_idx,
3879 mac_addr, &sinfo);
3880 if (err == -ENOENT)
3881 break;
3882 if (err)
3883 goto out_err;
3884
3885 if (nl80211_send_station(skb, NL80211_CMD_NEW_STATION,
3886 NETLINK_CB(cb->skb).portid,
3887 cb->nlh->nlmsg_seq, NLM_F_MULTI,
3888 rdev, wdev->netdev, mac_addr,
3889 &sinfo) < 0)
3890 goto out;
3891
3892 sta_idx++;
3893 }
3894
3895
3896 out:
3897 cb->args[2] = sta_idx;
3898 err = skb->len;
3899 out_err:
3900 nl80211_finish_wdev_dump(rdev);
3901
3902 return err;
3903}
3904
3905static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info)
3906{
3907 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3908 struct net_device *dev = info->user_ptr[1];
3909 struct station_info sinfo;
3910 struct sk_buff *msg;
3911 u8 *mac_addr = NULL;
3912 int err;
3913
3914 memset(&sinfo, 0, sizeof(sinfo));
3915
3916 if (!info->attrs[NL80211_ATTR_MAC])
3917 return -EINVAL;
3918
3919 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
3920
3921 if (!rdev->ops->get_station)
3922 return -EOPNOTSUPP;
3923
3924 err = rdev_get_station(rdev, dev, mac_addr, &sinfo);
3925 if (err)
3926 return err;
3927
3928 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
3929 if (!msg)
3930 return -ENOMEM;
3931
3932 if (nl80211_send_station(msg, NL80211_CMD_NEW_STATION,
3933 info->snd_portid, info->snd_seq, 0,
3934 rdev, dev, mac_addr, &sinfo) < 0) {
3935 nlmsg_free(msg);
3936 return -ENOBUFS;
3937 }
3938
3939 return genlmsg_reply(msg, info);
3940}
3941
3942int cfg80211_check_station_change(struct wiphy *wiphy,
3943 struct station_parameters *params,
3944 enum cfg80211_station_type statype)
3945{
3946 if (params->listen_interval != -1)
3947 return -EINVAL;
3948 if (params->aid &&
3949 !(params->sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)))
3950 return -EINVAL;
3951
3952
3953 BUILD_BUG_ON(NL80211_STA_FLAG_MAX != 7);
3954
3955 switch (statype) {
3956 case CFG80211_STA_MESH_PEER_KERNEL:
3957 case CFG80211_STA_MESH_PEER_USER:
3958
3959
3960
3961
3962
3963 if (params->sta_flags_mask &
3964 ~(BIT(NL80211_STA_FLAG_AUTHENTICATED) |
3965 BIT(NL80211_STA_FLAG_MFP) |
3966 BIT(NL80211_STA_FLAG_AUTHORIZED)))
3967 return -EINVAL;
3968 break;
3969 case CFG80211_STA_TDLS_PEER_SETUP:
3970 case CFG80211_STA_TDLS_PEER_ACTIVE:
3971 if (!(params->sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)))
3972 return -EINVAL;
3973
3974 params->sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
3975 break;
3976 default:
3977
3978 if (params->plink_action != NL80211_PLINK_ACTION_NO_ACTION)
3979 return -EINVAL;
3980 if (params->local_pm)
3981 return -EINVAL;
3982 if (params->sta_modify_mask & STATION_PARAM_APPLY_PLINK_STATE)
3983 return -EINVAL;
3984 }
3985
3986 if (statype != CFG80211_STA_TDLS_PEER_SETUP &&
3987 statype != CFG80211_STA_TDLS_PEER_ACTIVE) {
3988
3989 if (params->sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER))
3990 return -EINVAL;
3991
3992
3993
3994
3995
3996 params->sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
3997 }
3998
3999 if (statype != CFG80211_STA_TDLS_PEER_SETUP) {
4000
4001 if (params->sta_modify_mask & STATION_PARAM_APPLY_UAPSD)
4002 return -EINVAL;
4003 if (params->sta_modify_mask & STATION_PARAM_APPLY_CAPABILITY)
4004 return -EINVAL;
4005 if (params->supported_rates)
4006 return -EINVAL;
4007 if (params->ext_capab || params->ht_capa || params->vht_capa)
4008 return -EINVAL;
4009 }
4010
4011 if (statype != CFG80211_STA_AP_CLIENT) {
4012 if (params->vlan)
4013 return -EINVAL;
4014 }
4015
4016 switch (statype) {
4017 case CFG80211_STA_AP_MLME_CLIENT:
4018
4019 if (!(params->sta_flags_mask & BIT(NL80211_STA_FLAG_AUTHORIZED)))
4020 return -EOPNOTSUPP;
4021 break;
4022 case CFG80211_STA_AP_CLIENT:
4023
4024 if (params->sta_flags_mask &
4025 ~(BIT(NL80211_STA_FLAG_AUTHORIZED) |
4026 BIT(NL80211_STA_FLAG_AUTHENTICATED) |
4027 BIT(NL80211_STA_FLAG_ASSOCIATED) |
4028 BIT(NL80211_STA_FLAG_SHORT_PREAMBLE) |
4029 BIT(NL80211_STA_FLAG_WME) |
4030 BIT(NL80211_STA_FLAG_MFP)))
4031 return -EINVAL;
4032
4033
4034 if (!(wiphy->features & NL80211_FEATURE_FULL_AP_CLIENT_STATE) &&
4035 params->sta_flags_mask &
4036 (BIT(NL80211_STA_FLAG_AUTHENTICATED) |
4037 BIT(NL80211_STA_FLAG_ASSOCIATED)))
4038 return -EINVAL;
4039 break;
4040 case CFG80211_STA_IBSS:
4041 case CFG80211_STA_AP_STA:
4042
4043 if (params->sta_flags_mask & ~BIT(NL80211_STA_FLAG_AUTHORIZED))
4044 return -EINVAL;
4045 break;
4046 case CFG80211_STA_TDLS_PEER_SETUP:
4047
4048 if (params->sta_flags_mask & ~(BIT(NL80211_STA_FLAG_AUTHORIZED) |
4049 BIT(NL80211_STA_FLAG_WME)))
4050 return -EINVAL;
4051
4052 if (params->sta_flags_set & BIT(NL80211_STA_FLAG_AUTHORIZED) &&
4053 !params->supported_rates)
4054 return -EINVAL;
4055 break;
4056 case CFG80211_STA_TDLS_PEER_ACTIVE:
4057
4058 return -EINVAL;
4059 case CFG80211_STA_MESH_PEER_KERNEL:
4060 if (params->sta_modify_mask & STATION_PARAM_APPLY_PLINK_STATE)
4061 return -EINVAL;
4062 break;
4063 case CFG80211_STA_MESH_PEER_USER:
4064 if (params->plink_action != NL80211_PLINK_ACTION_NO_ACTION)
4065 return -EINVAL;
4066 break;
4067 }
4068
4069 return 0;
4070}
4071EXPORT_SYMBOL(cfg80211_check_station_change);
4072
4073
4074
4075
4076static struct net_device *get_vlan(struct genl_info *info,
4077 struct cfg80211_registered_device *rdev)
4078{
4079 struct nlattr *vlanattr = info->attrs[NL80211_ATTR_STA_VLAN];
4080 struct net_device *v;
4081 int ret;
4082
4083 if (!vlanattr)
4084 return NULL;
4085
4086 v = dev_get_by_index(genl_info_net(info), nla_get_u32(vlanattr));
4087 if (!v)
4088 return ERR_PTR(-ENODEV);
4089
4090 if (!v->ieee80211_ptr || v->ieee80211_ptr->wiphy != &rdev->wiphy) {
4091 ret = -EINVAL;
4092 goto error;
4093 }
4094
4095 if (v->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN &&
4096 v->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
4097 v->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) {
4098 ret = -EINVAL;
4099 goto error;
4100 }
4101
4102 if (!netif_running(v)) {
4103 ret = -ENETDOWN;
4104 goto error;
4105 }
4106
4107 return v;
4108 error:
4109 dev_put(v);
4110 return ERR_PTR(ret);
4111}
4112
4113static const struct nla_policy
4114nl80211_sta_wme_policy[NL80211_STA_WME_MAX + 1] = {
4115 [NL80211_STA_WME_UAPSD_QUEUES] = { .type = NLA_U8 },
4116 [NL80211_STA_WME_MAX_SP] = { .type = NLA_U8 },
4117};
4118
4119static int nl80211_parse_sta_wme(struct genl_info *info,
4120 struct station_parameters *params)
4121{
4122 struct nlattr *tb[NL80211_STA_WME_MAX + 1];
4123 struct nlattr *nla;
4124 int err;
4125
4126
4127 if (!info->attrs[NL80211_ATTR_STA_WME])
4128 return 0;
4129
4130 nla = info->attrs[NL80211_ATTR_STA_WME];
4131 err = nla_parse_nested(tb, NL80211_STA_WME_MAX, nla,
4132 nl80211_sta_wme_policy);
4133 if (err)
4134 return err;
4135
4136 if (tb[NL80211_STA_WME_UAPSD_QUEUES])
4137 params->uapsd_queues = nla_get_u8(
4138 tb[NL80211_STA_WME_UAPSD_QUEUES]);
4139 if (params->uapsd_queues & ~IEEE80211_WMM_IE_STA_QOSINFO_AC_MASK)
4140 return -EINVAL;
4141
4142 if (tb[NL80211_STA_WME_MAX_SP])
4143 params->max_sp = nla_get_u8(tb[NL80211_STA_WME_MAX_SP]);
4144
4145 if (params->max_sp & ~IEEE80211_WMM_IE_STA_QOSINFO_SP_MASK)
4146 return -EINVAL;
4147
4148 params->sta_modify_mask |= STATION_PARAM_APPLY_UAPSD;
4149
4150 return 0;
4151}
4152
4153static int nl80211_parse_sta_channel_info(struct genl_info *info,
4154 struct station_parameters *params)
4155{
4156 if (info->attrs[NL80211_ATTR_STA_SUPPORTED_CHANNELS]) {
4157 params->supported_channels =
4158 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_CHANNELS]);
4159 params->supported_channels_len =
4160 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_CHANNELS]);
4161
4162
4163
4164
4165
4166 if (params->supported_channels_len < 2)
4167 return -EINVAL;
4168 if (params->supported_channels_len % 2)
4169 return -EINVAL;
4170 }
4171
4172 if (info->attrs[NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES]) {
4173 params->supported_oper_classes =
4174 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES]);
4175 params->supported_oper_classes_len =
4176 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES]);
4177
4178
4179
4180
4181 if (params->supported_oper_classes_len < 2 ||
4182 params->supported_oper_classes_len > 253)
4183 return -EINVAL;
4184 }
4185 return 0;
4186}
4187
4188static int nl80211_set_station_tdls(struct genl_info *info,
4189 struct station_parameters *params)
4190{
4191 int err;
4192
4193 if (info->attrs[NL80211_ATTR_PEER_AID])
4194 params->aid = nla_get_u16(info->attrs[NL80211_ATTR_PEER_AID]);
4195 if (info->attrs[NL80211_ATTR_HT_CAPABILITY])
4196 params->ht_capa =
4197 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]);
4198 if (info->attrs[NL80211_ATTR_VHT_CAPABILITY])
4199 params->vht_capa =
4200 nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY]);
4201
4202 err = nl80211_parse_sta_channel_info(info, params);
4203 if (err)
4204 return err;
4205
4206 return nl80211_parse_sta_wme(info, params);
4207}
4208
4209static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info)
4210{
4211 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4212 struct net_device *dev = info->user_ptr[1];
4213 struct station_parameters params;
4214 u8 *mac_addr;
4215 int err;
4216
4217 memset(¶ms, 0, sizeof(params));
4218
4219 params.listen_interval = -1;
4220
4221 if (!rdev->ops->change_station)
4222 return -EOPNOTSUPP;
4223
4224 if (info->attrs[NL80211_ATTR_STA_AID])
4225 return -EINVAL;
4226
4227 if (!info->attrs[NL80211_ATTR_MAC])
4228 return -EINVAL;
4229
4230 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
4231
4232 if (info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) {
4233 params.supported_rates =
4234 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
4235 params.supported_rates_len =
4236 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
4237 }
4238
4239 if (info->attrs[NL80211_ATTR_STA_CAPABILITY]) {
4240 params.capability =
4241 nla_get_u16(info->attrs[NL80211_ATTR_STA_CAPABILITY]);
4242 params.sta_modify_mask |= STATION_PARAM_APPLY_CAPABILITY;
4243 }
4244
4245 if (info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]) {
4246 params.ext_capab =
4247 nla_data(info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]);
4248 params.ext_capab_len =
4249 nla_len(info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]);
4250 }
4251
4252 if (info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL])
4253 return -EINVAL;
4254
4255 if (parse_station_flags(info, dev->ieee80211_ptr->iftype, ¶ms))
4256 return -EINVAL;
4257
4258 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION]) {
4259 params.plink_action =
4260 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]);
4261 if (params.plink_action >= NUM_NL80211_PLINK_ACTIONS)
4262 return -EINVAL;
4263 }
4264
4265 if (info->attrs[NL80211_ATTR_STA_PLINK_STATE]) {
4266 params.plink_state =
4267 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_STATE]);
4268 if (params.plink_state >= NUM_NL80211_PLINK_STATES)
4269 return -EINVAL;
4270 params.sta_modify_mask |= STATION_PARAM_APPLY_PLINK_STATE;
4271 }
4272
4273 if (info->attrs[NL80211_ATTR_LOCAL_MESH_POWER_MODE]) {
4274 enum nl80211_mesh_power_mode pm = nla_get_u32(
4275 info->attrs[NL80211_ATTR_LOCAL_MESH_POWER_MODE]);
4276
4277 if (pm <= NL80211_MESH_POWER_UNKNOWN ||
4278 pm > NL80211_MESH_POWER_MAX)
4279 return -EINVAL;
4280
4281 params.local_pm = pm;
4282 }
4283
4284
4285 err = nl80211_set_station_tdls(info, ¶ms);
4286 if (err)
4287 return err;
4288
4289 params.vlan = get_vlan(info, rdev);
4290 if (IS_ERR(params.vlan))
4291 return PTR_ERR(params.vlan);
4292
4293 switch (dev->ieee80211_ptr->iftype) {
4294 case NL80211_IFTYPE_AP:
4295 case NL80211_IFTYPE_AP_VLAN:
4296 case NL80211_IFTYPE_P2P_GO:
4297 case NL80211_IFTYPE_P2P_CLIENT:
4298 case NL80211_IFTYPE_STATION:
4299 case NL80211_IFTYPE_ADHOC:
4300 case NL80211_IFTYPE_MESH_POINT:
4301 break;
4302 default:
4303 err = -EOPNOTSUPP;
4304 goto out_put_vlan;
4305 }
4306
4307
4308 err = rdev_change_station(rdev, dev, mac_addr, ¶ms);
4309
4310 out_put_vlan:
4311 if (params.vlan)
4312 dev_put(params.vlan);
4313
4314 return err;
4315}
4316
4317static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info)
4318{
4319 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4320 int err;
4321 struct net_device *dev = info->user_ptr[1];
4322 struct station_parameters params;
4323 u8 *mac_addr = NULL;
4324
4325 memset(¶ms, 0, sizeof(params));
4326
4327 if (!rdev->ops->add_station)
4328 return -EOPNOTSUPP;
4329
4330 if (!info->attrs[NL80211_ATTR_MAC])
4331 return -EINVAL;
4332
4333 if (!info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL])
4334 return -EINVAL;
4335
4336 if (!info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES])
4337 return -EINVAL;
4338
4339 if (!info->attrs[NL80211_ATTR_STA_AID] &&
4340 !info->attrs[NL80211_ATTR_PEER_AID])
4341 return -EINVAL;
4342
4343 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
4344 params.supported_rates =
4345 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
4346 params.supported_rates_len =
4347 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
4348 params.listen_interval =
4349 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]);
4350
4351 if (info->attrs[NL80211_ATTR_PEER_AID])
4352 params.aid = nla_get_u16(info->attrs[NL80211_ATTR_PEER_AID]);
4353 else
4354 params.aid = nla_get_u16(info->attrs[NL80211_ATTR_STA_AID]);
4355 if (!params.aid || params.aid > IEEE80211_MAX_AID)
4356 return -EINVAL;
4357
4358 if (info->attrs[NL80211_ATTR_STA_CAPABILITY]) {
4359 params.capability =
4360 nla_get_u16(info->attrs[NL80211_ATTR_STA_CAPABILITY]);
4361 params.sta_modify_mask |= STATION_PARAM_APPLY_CAPABILITY;
4362 }
4363
4364 if (info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]) {
4365 params.ext_capab =
4366 nla_data(info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]);
4367 params.ext_capab_len =
4368 nla_len(info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]);
4369 }
4370
4371 if (info->attrs[NL80211_ATTR_HT_CAPABILITY])
4372 params.ht_capa =
4373 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]);
4374
4375 if (info->attrs[NL80211_ATTR_VHT_CAPABILITY])
4376 params.vht_capa =
4377 nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY]);
4378
4379 if (info->attrs[NL80211_ATTR_OPMODE_NOTIF]) {
4380 params.opmode_notif_used = true;
4381 params.opmode_notif =
4382 nla_get_u8(info->attrs[NL80211_ATTR_OPMODE_NOTIF]);
4383 }
4384
4385 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION]) {
4386 params.plink_action =
4387 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]);
4388 if (params.plink_action >= NUM_NL80211_PLINK_ACTIONS)
4389 return -EINVAL;
4390 }
4391
4392 err = nl80211_parse_sta_channel_info(info, ¶ms);
4393 if (err)
4394 return err;
4395
4396 err = nl80211_parse_sta_wme(info, ¶ms);
4397 if (err)
4398 return err;
4399
4400 if (parse_station_flags(info, dev->ieee80211_ptr->iftype, ¶ms))
4401 return -EINVAL;
4402
4403
4404
4405
4406
4407
4408 if (!(params.sta_flags_set & BIT(NL80211_STA_FLAG_WME))) {
4409 params.ht_capa = NULL;
4410 params.vht_capa = NULL;
4411 }
4412
4413
4414 BUILD_BUG_ON(NL80211_STA_FLAG_MAX != 7);
4415
4416 switch (dev->ieee80211_ptr->iftype) {
4417 case NL80211_IFTYPE_AP:
4418 case NL80211_IFTYPE_AP_VLAN:
4419 case NL80211_IFTYPE_P2P_GO:
4420
4421 if (!(rdev->wiphy.flags & WIPHY_FLAG_AP_UAPSD) ||
4422 !(params.sta_flags_set & BIT(NL80211_STA_FLAG_WME)))
4423 params.sta_modify_mask &= ~STATION_PARAM_APPLY_UAPSD;
4424
4425
4426 if ((params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) ||
4427 info->attrs[NL80211_ATTR_PEER_AID])
4428 return -EINVAL;
4429
4430 params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
4431
4432
4433 if (!(rdev->wiphy.features &
4434 NL80211_FEATURE_FULL_AP_CLIENT_STATE) &&
4435 params.sta_flags_mask &
4436 (BIT(NL80211_STA_FLAG_AUTHENTICATED) |
4437 BIT(NL80211_STA_FLAG_ASSOCIATED)))
4438 return -EINVAL;
4439
4440
4441 params.vlan = get_vlan(info, rdev);
4442 if (IS_ERR(params.vlan))
4443 return PTR_ERR(params.vlan);
4444 break;
4445 case NL80211_IFTYPE_MESH_POINT:
4446
4447 params.sta_modify_mask &= ~STATION_PARAM_APPLY_UAPSD;
4448
4449
4450 if (params.sta_flags_mask & BIT(NL80211_STA_FLAG_ASSOCIATED))
4451 return -EINVAL;
4452
4453 if ((params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) ||
4454 info->attrs[NL80211_ATTR_PEER_AID])
4455 return -EINVAL;
4456 break;
4457 case NL80211_IFTYPE_STATION:
4458 case NL80211_IFTYPE_P2P_CLIENT:
4459
4460 params.sta_modify_mask &= ~STATION_PARAM_APPLY_UAPSD;
4461
4462
4463 if (params.sta_flags_mask &
4464 (BIT(NL80211_STA_FLAG_ASSOCIATED) |
4465 BIT(NL80211_STA_FLAG_AUTHENTICATED)))
4466 return -EINVAL;
4467
4468 if (!(params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)))
4469 return -EINVAL;
4470
4471 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS))
4472 return -EOPNOTSUPP;
4473
4474 if (!(rdev->wiphy.flags & WIPHY_FLAG_TDLS_EXTERNAL_SETUP))
4475 return -EOPNOTSUPP;
4476
4477
4478
4479
4480 params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_AUTHORIZED);
4481 break;
4482 default:
4483 return -EOPNOTSUPP;
4484 }
4485
4486
4487
4488 err = rdev_add_station(rdev, dev, mac_addr, ¶ms);
4489
4490 if (params.vlan)
4491 dev_put(params.vlan);
4492 return err;
4493}
4494
4495static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info)
4496{
4497 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4498 struct net_device *dev = info->user_ptr[1];
4499 struct station_del_parameters params;
4500
4501 memset(¶ms, 0, sizeof(params));
4502
4503 if (info->attrs[NL80211_ATTR_MAC])
4504 params.mac = nla_data(info->attrs[NL80211_ATTR_MAC]);
4505
4506 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
4507 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN &&
4508 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT &&
4509 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
4510 return -EINVAL;
4511
4512 if (!rdev->ops->del_station)
4513 return -EOPNOTSUPP;
4514
4515 if (info->attrs[NL80211_ATTR_MGMT_SUBTYPE]) {
4516 params.subtype =
4517 nla_get_u8(info->attrs[NL80211_ATTR_MGMT_SUBTYPE]);
4518 if (params.subtype != IEEE80211_STYPE_DISASSOC >> 4 &&
4519 params.subtype != IEEE80211_STYPE_DEAUTH >> 4)
4520 return -EINVAL;
4521 } else {
4522
4523 params.subtype = IEEE80211_STYPE_DEAUTH >> 4;
4524 }
4525
4526 if (info->attrs[NL80211_ATTR_REASON_CODE]) {
4527 params.reason_code =
4528 nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
4529 if (params.reason_code == 0)
4530 return -EINVAL;
4531 } else {
4532
4533 params.reason_code = WLAN_REASON_PREV_AUTH_NOT_VALID;
4534 }
4535
4536 return rdev_del_station(rdev, dev, ¶ms);
4537}
4538
4539static int nl80211_send_mpath(struct sk_buff *msg, u32 portid, u32 seq,
4540 int flags, struct net_device *dev,
4541 u8 *dst, u8 *next_hop,
4542 struct mpath_info *pinfo)
4543{
4544 void *hdr;
4545 struct nlattr *pinfoattr;
4546
4547 hdr = nl80211hdr_put(msg, portid, seq, flags, NL80211_CMD_NEW_MPATH);
4548 if (!hdr)
4549 return -1;
4550
4551 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
4552 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, dst) ||
4553 nla_put(msg, NL80211_ATTR_MPATH_NEXT_HOP, ETH_ALEN, next_hop) ||
4554 nla_put_u32(msg, NL80211_ATTR_GENERATION, pinfo->generation))
4555 goto nla_put_failure;
4556
4557 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MPATH_INFO);
4558 if (!pinfoattr)
4559 goto nla_put_failure;
4560 if ((pinfo->filled & MPATH_INFO_FRAME_QLEN) &&
4561 nla_put_u32(msg, NL80211_MPATH_INFO_FRAME_QLEN,
4562 pinfo->frame_qlen))
4563 goto nla_put_failure;
4564 if (((pinfo->filled & MPATH_INFO_SN) &&
4565 nla_put_u32(msg, NL80211_MPATH_INFO_SN, pinfo->sn)) ||
4566 ((pinfo->filled & MPATH_INFO_METRIC) &&
4567 nla_put_u32(msg, NL80211_MPATH_INFO_METRIC,
4568 pinfo->metric)) ||
4569 ((pinfo->filled & MPATH_INFO_EXPTIME) &&
4570 nla_put_u32(msg, NL80211_MPATH_INFO_EXPTIME,
4571 pinfo->exptime)) ||
4572 ((pinfo->filled & MPATH_INFO_FLAGS) &&
4573 nla_put_u8(msg, NL80211_MPATH_INFO_FLAGS,
4574 pinfo->flags)) ||
4575 ((pinfo->filled & MPATH_INFO_DISCOVERY_TIMEOUT) &&
4576 nla_put_u32(msg, NL80211_MPATH_INFO_DISCOVERY_TIMEOUT,
4577 pinfo->discovery_timeout)) ||
4578 ((pinfo->filled & MPATH_INFO_DISCOVERY_RETRIES) &&
4579 nla_put_u8(msg, NL80211_MPATH_INFO_DISCOVERY_RETRIES,
4580 pinfo->discovery_retries)))
4581 goto nla_put_failure;
4582
4583 nla_nest_end(msg, pinfoattr);
4584
4585 genlmsg_end(msg, hdr);
4586 return 0;
4587
4588 nla_put_failure:
4589 genlmsg_cancel(msg, hdr);
4590 return -EMSGSIZE;
4591}
4592
4593static int nl80211_dump_mpath(struct sk_buff *skb,
4594 struct netlink_callback *cb)
4595{
4596 struct mpath_info pinfo;
4597 struct cfg80211_registered_device *rdev;
4598 struct wireless_dev *wdev;
4599 u8 dst[ETH_ALEN];
4600 u8 next_hop[ETH_ALEN];
4601 int path_idx = cb->args[2];
4602 int err;
4603
4604 err = nl80211_prepare_wdev_dump(skb, cb, &rdev, &wdev);
4605 if (err)
4606 return err;
4607
4608 if (!rdev->ops->dump_mpath) {
4609 err = -EOPNOTSUPP;
4610 goto out_err;
4611 }
4612
4613 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT) {
4614 err = -EOPNOTSUPP;
4615 goto out_err;
4616 }
4617
4618 while (1) {
4619 err = rdev_dump_mpath(rdev, wdev->netdev, path_idx, dst,
4620 next_hop, &pinfo);
4621 if (err == -ENOENT)
4622 break;
4623 if (err)
4624 goto out_err;
4625
4626 if (nl80211_send_mpath(skb, NETLINK_CB(cb->skb).portid,
4627 cb->nlh->nlmsg_seq, NLM_F_MULTI,
4628 wdev->netdev, dst, next_hop,
4629 &pinfo) < 0)
4630 goto out;
4631
4632 path_idx++;
4633 }
4634
4635
4636 out:
4637 cb->args[2] = path_idx;
4638 err = skb->len;
4639 out_err:
4640 nl80211_finish_wdev_dump(rdev);
4641 return err;
4642}
4643
4644static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info)
4645{
4646 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4647 int err;
4648 struct net_device *dev = info->user_ptr[1];
4649 struct mpath_info pinfo;
4650 struct sk_buff *msg;
4651 u8 *dst = NULL;
4652 u8 next_hop[ETH_ALEN];
4653
4654 memset(&pinfo, 0, sizeof(pinfo));
4655
4656 if (!info->attrs[NL80211_ATTR_MAC])
4657 return -EINVAL;
4658
4659 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
4660
4661 if (!rdev->ops->get_mpath)
4662 return -EOPNOTSUPP;
4663
4664 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
4665 return -EOPNOTSUPP;
4666
4667 err = rdev_get_mpath(rdev, dev, dst, next_hop, &pinfo);
4668 if (err)
4669 return err;
4670
4671 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
4672 if (!msg)
4673 return -ENOMEM;
4674
4675 if (nl80211_send_mpath(msg, info->snd_portid, info->snd_seq, 0,
4676 dev, dst, next_hop, &pinfo) < 0) {
4677 nlmsg_free(msg);
4678 return -ENOBUFS;
4679 }
4680
4681 return genlmsg_reply(msg, info);
4682}
4683
4684static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info)
4685{
4686 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4687 struct net_device *dev = info->user_ptr[1];
4688 u8 *dst = NULL;
4689 u8 *next_hop = NULL;
4690
4691 if (!info->attrs[NL80211_ATTR_MAC])
4692 return -EINVAL;
4693
4694 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP])
4695 return -EINVAL;
4696
4697 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
4698 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]);
4699
4700 if (!rdev->ops->change_mpath)
4701 return -EOPNOTSUPP;
4702
4703 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
4704 return -EOPNOTSUPP;
4705
4706 return rdev_change_mpath(rdev, dev, dst, next_hop);
4707}
4708
4709static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info)
4710{
4711 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4712 struct net_device *dev = info->user_ptr[1];
4713 u8 *dst = NULL;
4714 u8 *next_hop = NULL;
4715
4716 if (!info->attrs[NL80211_ATTR_MAC])
4717 return -EINVAL;
4718
4719 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP])
4720 return -EINVAL;
4721
4722 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
4723 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]);
4724
4725 if (!rdev->ops->add_mpath)
4726 return -EOPNOTSUPP;
4727
4728 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
4729 return -EOPNOTSUPP;
4730
4731 return rdev_add_mpath(rdev, dev, dst, next_hop);
4732}
4733
4734static int nl80211_del_mpath(struct sk_buff *skb, struct genl_info *info)
4735{
4736 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4737 struct net_device *dev = info->user_ptr[1];
4738 u8 *dst = NULL;
4739
4740 if (info->attrs[NL80211_ATTR_MAC])
4741 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
4742
4743 if (!rdev->ops->del_mpath)
4744 return -EOPNOTSUPP;
4745
4746 return rdev_del_mpath(rdev, dev, dst);
4747}
4748
4749static int nl80211_get_mpp(struct sk_buff *skb, struct genl_info *info)
4750{
4751 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4752 int err;
4753 struct net_device *dev = info->user_ptr[1];
4754 struct mpath_info pinfo;
4755 struct sk_buff *msg;
4756 u8 *dst = NULL;
4757 u8 mpp[ETH_ALEN];
4758
4759 memset(&pinfo, 0, sizeof(pinfo));
4760
4761 if (!info->attrs[NL80211_ATTR_MAC])
4762 return -EINVAL;
4763
4764 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
4765
4766 if (!rdev->ops->get_mpp)
4767 return -EOPNOTSUPP;
4768
4769 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
4770 return -EOPNOTSUPP;
4771
4772 err = rdev_get_mpp(rdev, dev, dst, mpp, &pinfo);
4773 if (err)
4774 return err;
4775
4776 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
4777 if (!msg)
4778 return -ENOMEM;
4779
4780 if (nl80211_send_mpath(msg, info->snd_portid, info->snd_seq, 0,
4781 dev, dst, mpp, &pinfo) < 0) {
4782 nlmsg_free(msg);
4783 return -ENOBUFS;
4784 }
4785
4786 return genlmsg_reply(msg, info);
4787}
4788
4789static int nl80211_dump_mpp(struct sk_buff *skb,
4790 struct netlink_callback *cb)
4791{
4792 struct mpath_info pinfo;
4793 struct cfg80211_registered_device *rdev;
4794 struct wireless_dev *wdev;
4795 u8 dst[ETH_ALEN];
4796 u8 mpp[ETH_ALEN];
4797 int path_idx = cb->args[2];
4798 int err;
4799
4800 err = nl80211_prepare_wdev_dump(skb, cb, &rdev, &wdev);
4801 if (err)
4802 return err;
4803
4804 if (!rdev->ops->dump_mpp) {
4805 err = -EOPNOTSUPP;
4806 goto out_err;
4807 }
4808
4809 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT) {
4810 err = -EOPNOTSUPP;
4811 goto out_err;
4812 }
4813
4814 while (1) {
4815 err = rdev_dump_mpp(rdev, wdev->netdev, path_idx, dst,
4816 mpp, &pinfo);
4817 if (err == -ENOENT)
4818 break;
4819 if (err)
4820 goto out_err;
4821
4822 if (nl80211_send_mpath(skb, NETLINK_CB(cb->skb).portid,
4823 cb->nlh->nlmsg_seq, NLM_F_MULTI,
4824 wdev->netdev, dst, mpp,
4825 &pinfo) < 0)
4826 goto out;
4827
4828 path_idx++;
4829 }
4830
4831 out:
4832 cb->args[2] = path_idx;
4833 err = skb->len;
4834 out_err:
4835 nl80211_finish_wdev_dump(rdev);
4836 return err;
4837}
4838
4839static int nl80211_set_bss(struct sk_buff *skb, struct genl_info *info)
4840{
4841 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4842 struct net_device *dev = info->user_ptr[1];
4843 struct wireless_dev *wdev = dev->ieee80211_ptr;
4844 struct bss_parameters params;
4845 int err;
4846
4847 memset(¶ms, 0, sizeof(params));
4848
4849 params.use_cts_prot = -1;
4850 params.use_short_preamble = -1;
4851 params.use_short_slot_time = -1;
4852 params.ap_isolate = -1;
4853 params.ht_opmode = -1;
4854 params.p2p_ctwindow = -1;
4855 params.p2p_opp_ps = -1;
4856
4857 if (info->attrs[NL80211_ATTR_BSS_CTS_PROT])
4858 params.use_cts_prot =
4859 nla_get_u8(info->attrs[NL80211_ATTR_BSS_CTS_PROT]);
4860 if (info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE])
4861 params.use_short_preamble =
4862 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]);
4863 if (info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME])
4864 params.use_short_slot_time =
4865 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]);
4866 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) {
4867 params.basic_rates =
4868 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
4869 params.basic_rates_len =
4870 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
4871 }
4872 if (info->attrs[NL80211_ATTR_AP_ISOLATE])
4873 params.ap_isolate = !!nla_get_u8(info->attrs[NL80211_ATTR_AP_ISOLATE]);
4874 if (info->attrs[NL80211_ATTR_BSS_HT_OPMODE])
4875 params.ht_opmode =
4876 nla_get_u16(info->attrs[NL80211_ATTR_BSS_HT_OPMODE]);
4877
4878 if (info->attrs[NL80211_ATTR_P2P_CTWINDOW]) {
4879 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
4880 return -EINVAL;
4881 params.p2p_ctwindow =
4882 nla_get_s8(info->attrs[NL80211_ATTR_P2P_CTWINDOW]);
4883 if (params.p2p_ctwindow < 0)
4884 return -EINVAL;
4885 if (params.p2p_ctwindow != 0 &&
4886 !(rdev->wiphy.features & NL80211_FEATURE_P2P_GO_CTWIN))
4887 return -EINVAL;
4888 }
4889
4890 if (info->attrs[NL80211_ATTR_P2P_OPPPS]) {
4891 u8 tmp;
4892
4893 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
4894 return -EINVAL;
4895 tmp = nla_get_u8(info->attrs[NL80211_ATTR_P2P_OPPPS]);
4896 if (tmp > 1)
4897 return -EINVAL;
4898 params.p2p_opp_ps = tmp;
4899 if (params.p2p_opp_ps &&
4900 !(rdev->wiphy.features & NL80211_FEATURE_P2P_GO_OPPPS))
4901 return -EINVAL;
4902 }
4903
4904 if (!rdev->ops->change_bss)
4905 return -EOPNOTSUPP;
4906
4907 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
4908 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
4909 return -EOPNOTSUPP;
4910
4911 wdev_lock(wdev);
4912 err = rdev_change_bss(rdev, dev, ¶ms);
4913 wdev_unlock(wdev);
4914
4915 return err;
4916}
4917
4918static const struct nla_policy reg_rule_policy[NL80211_REG_RULE_ATTR_MAX + 1] = {
4919 [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 },
4920 [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 },
4921 [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 },
4922 [NL80211_ATTR_FREQ_RANGE_MAX_BW] = { .type = NLA_U32 },
4923 [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 },
4924 [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 },
4925 [NL80211_ATTR_DFS_CAC_TIME] = { .type = NLA_U32 },
4926};
4927
4928static int parse_reg_rule(struct nlattr *tb[],
4929 struct ieee80211_reg_rule *reg_rule)
4930{
4931 struct ieee80211_freq_range *freq_range = ®_rule->freq_range;
4932 struct ieee80211_power_rule *power_rule = ®_rule->power_rule;
4933
4934 if (!tb[NL80211_ATTR_REG_RULE_FLAGS])
4935 return -EINVAL;
4936 if (!tb[NL80211_ATTR_FREQ_RANGE_START])
4937 return -EINVAL;
4938 if (!tb[NL80211_ATTR_FREQ_RANGE_END])
4939 return -EINVAL;
4940 if (!tb[NL80211_ATTR_FREQ_RANGE_MAX_BW])
4941 return -EINVAL;
4942 if (!tb[NL80211_ATTR_POWER_RULE_MAX_EIRP])
4943 return -EINVAL;
4944
4945 reg_rule->flags = nla_get_u32(tb[NL80211_ATTR_REG_RULE_FLAGS]);
4946
4947 freq_range->start_freq_khz =
4948 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]);
4949 freq_range->end_freq_khz =
4950 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]);
4951 freq_range->max_bandwidth_khz =
4952 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]);
4953
4954 power_rule->max_eirp =
4955 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]);
4956
4957 if (tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN])
4958 power_rule->max_antenna_gain =
4959 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]);
4960
4961 if (tb[NL80211_ATTR_DFS_CAC_TIME])
4962 reg_rule->dfs_cac_ms =
4963 nla_get_u32(tb[NL80211_ATTR_DFS_CAC_TIME]);
4964
4965 return 0;
4966}
4967
4968static int nl80211_req_set_reg(struct sk_buff *skb, struct genl_info *info)
4969{
4970 char *data = NULL;
4971 bool is_indoor;
4972 enum nl80211_user_reg_hint_type user_reg_hint_type;
4973 u32 owner_nlportid;
4974
4975
4976
4977
4978
4979
4980
4981
4982 if (unlikely(!rcu_access_pointer(cfg80211_regdomain)))
4983 return -EINPROGRESS;
4984
4985 if (info->attrs[NL80211_ATTR_USER_REG_HINT_TYPE])
4986 user_reg_hint_type =
4987 nla_get_u32(info->attrs[NL80211_ATTR_USER_REG_HINT_TYPE]);
4988 else
4989 user_reg_hint_type = NL80211_USER_REG_HINT_USER;
4990
4991 switch (user_reg_hint_type) {
4992 case NL80211_USER_REG_HINT_USER:
4993 case NL80211_USER_REG_HINT_CELL_BASE:
4994 if (!info->attrs[NL80211_ATTR_REG_ALPHA2])
4995 return -EINVAL;
4996
4997 data = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]);
4998 return regulatory_hint_user(data, user_reg_hint_type);
4999 case NL80211_USER_REG_HINT_INDOOR:
5000 if (info->attrs[NL80211_ATTR_SOCKET_OWNER]) {
5001 owner_nlportid = info->snd_portid;
5002 is_indoor = !!info->attrs[NL80211_ATTR_REG_INDOOR];
5003 } else {
5004 owner_nlportid = 0;
5005 is_indoor = true;
5006 }
5007
5008 return regulatory_hint_indoor(is_indoor, owner_nlportid);
5009 default:
5010 return -EINVAL;
5011 }
5012}
5013
5014static int nl80211_get_mesh_config(struct sk_buff *skb,
5015 struct genl_info *info)
5016{
5017 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5018 struct net_device *dev = info->user_ptr[1];
5019 struct wireless_dev *wdev = dev->ieee80211_ptr;
5020 struct mesh_config cur_params;
5021 int err = 0;
5022 void *hdr;
5023 struct nlattr *pinfoattr;
5024 struct sk_buff *msg;
5025
5026 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT)
5027 return -EOPNOTSUPP;
5028
5029 if (!rdev->ops->get_mesh_config)
5030 return -EOPNOTSUPP;
5031
5032 wdev_lock(wdev);
5033
5034 if (!wdev->mesh_id_len)
5035 memcpy(&cur_params, &default_mesh_config, sizeof(cur_params));
5036 else
5037 err = rdev_get_mesh_config(rdev, dev, &cur_params);
5038 wdev_unlock(wdev);
5039
5040 if (err)
5041 return err;
5042
5043
5044 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
5045 if (!msg)
5046 return -ENOMEM;
5047 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
5048 NL80211_CMD_GET_MESH_CONFIG);
5049 if (!hdr)
5050 goto out;
5051 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MESH_CONFIG);
5052 if (!pinfoattr)
5053 goto nla_put_failure;
5054 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
5055 nla_put_u16(msg, NL80211_MESHCONF_RETRY_TIMEOUT,
5056 cur_params.dot11MeshRetryTimeout) ||
5057 nla_put_u16(msg, NL80211_MESHCONF_CONFIRM_TIMEOUT,
5058 cur_params.dot11MeshConfirmTimeout) ||
5059 nla_put_u16(msg, NL80211_MESHCONF_HOLDING_TIMEOUT,
5060 cur_params.dot11MeshHoldingTimeout) ||
5061 nla_put_u16(msg, NL80211_MESHCONF_MAX_PEER_LINKS,
5062 cur_params.dot11MeshMaxPeerLinks) ||
5063 nla_put_u8(msg, NL80211_MESHCONF_MAX_RETRIES,
5064 cur_params.dot11MeshMaxRetries) ||
5065 nla_put_u8(msg, NL80211_MESHCONF_TTL,
5066 cur_params.dot11MeshTTL) ||
5067 nla_put_u8(msg, NL80211_MESHCONF_ELEMENT_TTL,
5068 cur_params.element_ttl) ||
5069 nla_put_u8(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS,
5070 cur_params.auto_open_plinks) ||
5071 nla_put_u32(msg, NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR,
5072 cur_params.dot11MeshNbrOffsetMaxNeighbor) ||
5073 nla_put_u8(msg, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES,
5074 cur_params.dot11MeshHWMPmaxPREQretries) ||
5075 nla_put_u32(msg, NL80211_MESHCONF_PATH_REFRESH_TIME,
5076 cur_params.path_refresh_time) ||
5077 nla_put_u16(msg, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT,
5078 cur_params.min_discovery_timeout) ||
5079 nla_put_u32(msg, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT,
5080 cur_params.dot11MeshHWMPactivePathTimeout) ||
5081 nla_put_u16(msg, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL,
5082 cur_params.dot11MeshHWMPpreqMinInterval) ||
5083 nla_put_u16(msg, NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL,
5084 cur_params.dot11MeshHWMPperrMinInterval) ||
5085 nla_put_u16(msg, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME,
5086 cur_params.dot11MeshHWMPnetDiameterTraversalTime) ||
5087 nla_put_u8(msg, NL80211_MESHCONF_HWMP_ROOTMODE,
5088 cur_params.dot11MeshHWMPRootMode) ||
5089 nla_put_u16(msg, NL80211_MESHCONF_HWMP_RANN_INTERVAL,
5090 cur_params.dot11MeshHWMPRannInterval) ||
5091 nla_put_u8(msg, NL80211_MESHCONF_GATE_ANNOUNCEMENTS,
5092 cur_params.dot11MeshGateAnnouncementProtocol) ||
5093 nla_put_u8(msg, NL80211_MESHCONF_FORWARDING,
5094 cur_params.dot11MeshForwarding) ||
5095 nla_put_u32(msg, NL80211_MESHCONF_RSSI_THRESHOLD,
5096 cur_params.rssi_threshold) ||
5097 nla_put_u32(msg, NL80211_MESHCONF_HT_OPMODE,
5098 cur_params.ht_opmode) ||
5099 nla_put_u32(msg, NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT,
5100 cur_params.dot11MeshHWMPactivePathToRootTimeout) ||
5101 nla_put_u16(msg, NL80211_MESHCONF_HWMP_ROOT_INTERVAL,
5102 cur_params.dot11MeshHWMProotInterval) ||
5103 nla_put_u16(msg, NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL,
5104 cur_params.dot11MeshHWMPconfirmationInterval) ||
5105 nla_put_u32(msg, NL80211_MESHCONF_POWER_MODE,
5106 cur_params.power_mode) ||
5107 nla_put_u16(msg, NL80211_MESHCONF_AWAKE_WINDOW,
5108 cur_params.dot11MeshAwakeWindowDuration) ||
5109 nla_put_u32(msg, NL80211_MESHCONF_PLINK_TIMEOUT,
5110 cur_params.plink_timeout))
5111 goto nla_put_failure;
5112 nla_nest_end(msg, pinfoattr);
5113 genlmsg_end(msg, hdr);
5114 return genlmsg_reply(msg, info);
5115
5116 nla_put_failure:
5117 genlmsg_cancel(msg, hdr);
5118 out:
5119 nlmsg_free(msg);
5120 return -ENOBUFS;
5121}
5122
5123static const struct nla_policy nl80211_meshconf_params_policy[NL80211_MESHCONF_ATTR_MAX+1] = {
5124 [NL80211_MESHCONF_RETRY_TIMEOUT] = { .type = NLA_U16 },
5125 [NL80211_MESHCONF_CONFIRM_TIMEOUT] = { .type = NLA_U16 },
5126 [NL80211_MESHCONF_HOLDING_TIMEOUT] = { .type = NLA_U16 },
5127 [NL80211_MESHCONF_MAX_PEER_LINKS] = { .type = NLA_U16 },
5128 [NL80211_MESHCONF_MAX_RETRIES] = { .type = NLA_U8 },
5129 [NL80211_MESHCONF_TTL] = { .type = NLA_U8 },
5130 [NL80211_MESHCONF_ELEMENT_TTL] = { .type = NLA_U8 },
5131 [NL80211_MESHCONF_AUTO_OPEN_PLINKS] = { .type = NLA_U8 },
5132 [NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR] = { .type = NLA_U32 },
5133 [NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES] = { .type = NLA_U8 },
5134 [NL80211_MESHCONF_PATH_REFRESH_TIME] = { .type = NLA_U32 },
5135 [NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT] = { .type = NLA_U16 },
5136 [NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT] = { .type = NLA_U32 },
5137 [NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL] = { .type = NLA_U16 },
5138 [NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL] = { .type = NLA_U16 },
5139 [NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME] = { .type = NLA_U16 },
5140 [NL80211_MESHCONF_HWMP_ROOTMODE] = { .type = NLA_U8 },
5141 [NL80211_MESHCONF_HWMP_RANN_INTERVAL] = { .type = NLA_U16 },
5142 [NL80211_MESHCONF_GATE_ANNOUNCEMENTS] = { .type = NLA_U8 },
5143 [NL80211_MESHCONF_FORWARDING] = { .type = NLA_U8 },
5144 [NL80211_MESHCONF_RSSI_THRESHOLD] = { .type = NLA_U32 },
5145 [NL80211_MESHCONF_HT_OPMODE] = { .type = NLA_U16 },
5146 [NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT] = { .type = NLA_U32 },
5147 [NL80211_MESHCONF_HWMP_ROOT_INTERVAL] = { .type = NLA_U16 },
5148 [NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL] = { .type = NLA_U16 },
5149 [NL80211_MESHCONF_POWER_MODE] = { .type = NLA_U32 },
5150 [NL80211_MESHCONF_AWAKE_WINDOW] = { .type = NLA_U16 },
5151 [NL80211_MESHCONF_PLINK_TIMEOUT] = { .type = NLA_U32 },
5152};
5153
5154static const struct nla_policy
5155 nl80211_mesh_setup_params_policy[NL80211_MESH_SETUP_ATTR_MAX+1] = {
5156 [NL80211_MESH_SETUP_ENABLE_VENDOR_SYNC] = { .type = NLA_U8 },
5157 [NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL] = { .type = NLA_U8 },
5158 [NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC] = { .type = NLA_U8 },
5159 [NL80211_MESH_SETUP_USERSPACE_AUTH] = { .type = NLA_FLAG },
5160 [NL80211_MESH_SETUP_AUTH_PROTOCOL] = { .type = NLA_U8 },
5161 [NL80211_MESH_SETUP_USERSPACE_MPM] = { .type = NLA_FLAG },
5162 [NL80211_MESH_SETUP_IE] = { .type = NLA_BINARY,
5163 .len = IEEE80211_MAX_DATA_LEN },
5164 [NL80211_MESH_SETUP_USERSPACE_AMPE] = { .type = NLA_FLAG },
5165};
5166
5167static int nl80211_parse_mesh_config(struct genl_info *info,
5168 struct mesh_config *cfg,
5169 u32 *mask_out)
5170{
5171 struct nlattr *tb[NL80211_MESHCONF_ATTR_MAX + 1];
5172 u32 mask = 0;
5173
5174#define FILL_IN_MESH_PARAM_IF_SET(tb, cfg, param, min, max, mask, attr, fn) \
5175do { \
5176 if (tb[attr]) { \
5177 if (fn(tb[attr]) < min || fn(tb[attr]) > max) \
5178 return -EINVAL; \
5179 cfg->param = fn(tb[attr]); \
5180 mask |= (1 << (attr - 1)); \
5181 } \
5182} while (0)
5183
5184
5185 if (!info->attrs[NL80211_ATTR_MESH_CONFIG])
5186 return -EINVAL;
5187 if (nla_parse_nested(tb, NL80211_MESHCONF_ATTR_MAX,
5188 info->attrs[NL80211_ATTR_MESH_CONFIG],
5189 nl80211_meshconf_params_policy))
5190 return -EINVAL;
5191
5192
5193
5194 BUILD_BUG_ON(NL80211_MESHCONF_ATTR_MAX > 32);
5195
5196
5197 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshRetryTimeout, 1, 255,
5198 mask, NL80211_MESHCONF_RETRY_TIMEOUT,
5199 nla_get_u16);
5200 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshConfirmTimeout, 1, 255,
5201 mask, NL80211_MESHCONF_CONFIRM_TIMEOUT,
5202 nla_get_u16);
5203 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHoldingTimeout, 1, 255,
5204 mask, NL80211_MESHCONF_HOLDING_TIMEOUT,
5205 nla_get_u16);
5206 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxPeerLinks, 0, 255,
5207 mask, NL80211_MESHCONF_MAX_PEER_LINKS,
5208 nla_get_u16);
5209 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxRetries, 0, 16,
5210 mask, NL80211_MESHCONF_MAX_RETRIES,
5211 nla_get_u8);
5212 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshTTL, 1, 255,
5213 mask, NL80211_MESHCONF_TTL, nla_get_u8);
5214 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, element_ttl, 1, 255,
5215 mask, NL80211_MESHCONF_ELEMENT_TTL,
5216 nla_get_u8);
5217 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, auto_open_plinks, 0, 1,
5218 mask, NL80211_MESHCONF_AUTO_OPEN_PLINKS,
5219 nla_get_u8);
5220 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshNbrOffsetMaxNeighbor,
5221 1, 255, mask,
5222 NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR,
5223 nla_get_u32);
5224 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPmaxPREQretries, 0, 255,
5225 mask, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES,
5226 nla_get_u8);
5227 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, path_refresh_time, 1, 65535,
5228 mask, NL80211_MESHCONF_PATH_REFRESH_TIME,
5229 nla_get_u32);
5230 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, min_discovery_timeout, 1, 65535,
5231 mask, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT,
5232 nla_get_u16);
5233 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPactivePathTimeout,
5234 1, 65535, mask,
5235 NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT,
5236 nla_get_u32);
5237 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPpreqMinInterval,
5238 1, 65535, mask,
5239 NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL,
5240 nla_get_u16);
5241 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPperrMinInterval,
5242 1, 65535, mask,
5243 NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL,
5244 nla_get_u16);
5245 FILL_IN_MESH_PARAM_IF_SET(tb, cfg,
5246 dot11MeshHWMPnetDiameterTraversalTime,
5247 1, 65535, mask,
5248 NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME,
5249 nla_get_u16);
5250 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPRootMode, 0, 4,
5251 mask, NL80211_MESHCONF_HWMP_ROOTMODE,
5252 nla_get_u8);
5253 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPRannInterval, 1, 65535,
5254 mask, NL80211_MESHCONF_HWMP_RANN_INTERVAL,
5255 nla_get_u16);
5256 FILL_IN_MESH_PARAM_IF_SET(tb, cfg,
5257 dot11MeshGateAnnouncementProtocol, 0, 1,
5258 mask, NL80211_MESHCONF_GATE_ANNOUNCEMENTS,
5259 nla_get_u8);
5260 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshForwarding, 0, 1,
5261 mask, NL80211_MESHCONF_FORWARDING,
5262 nla_get_u8);
5263 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, rssi_threshold, -255, 0,
5264 mask, NL80211_MESHCONF_RSSI_THRESHOLD,
5265 nla_get_s32);
5266 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, ht_opmode, 0, 16,
5267 mask, NL80211_MESHCONF_HT_OPMODE,
5268 nla_get_u16);
5269 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPactivePathToRootTimeout,
5270 1, 65535, mask,
5271 NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT,
5272 nla_get_u32);
5273 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMProotInterval, 1, 65535,
5274 mask, NL80211_MESHCONF_HWMP_ROOT_INTERVAL,
5275 nla_get_u16);
5276 FILL_IN_MESH_PARAM_IF_SET(tb, cfg,
5277 dot11MeshHWMPconfirmationInterval,
5278 1, 65535, mask,
5279 NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL,
5280 nla_get_u16);
5281 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, power_mode,
5282 NL80211_MESH_POWER_ACTIVE,
5283 NL80211_MESH_POWER_MAX,
5284 mask, NL80211_MESHCONF_POWER_MODE,
5285 nla_get_u32);
5286 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshAwakeWindowDuration,
5287 0, 65535, mask,
5288 NL80211_MESHCONF_AWAKE_WINDOW, nla_get_u16);
5289 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, plink_timeout, 0, 0xffffffff,
5290 mask, NL80211_MESHCONF_PLINK_TIMEOUT,
5291 nla_get_u32);
5292 if (mask_out)
5293 *mask_out = mask;
5294
5295 return 0;
5296
5297#undef FILL_IN_MESH_PARAM_IF_SET
5298}
5299
5300static int nl80211_parse_mesh_setup(struct genl_info *info,
5301 struct mesh_setup *setup)
5302{
5303 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5304 struct nlattr *tb[NL80211_MESH_SETUP_ATTR_MAX + 1];
5305
5306 if (!info->attrs[NL80211_ATTR_MESH_SETUP])
5307 return -EINVAL;
5308 if (nla_parse_nested(tb, NL80211_MESH_SETUP_ATTR_MAX,
5309 info->attrs[NL80211_ATTR_MESH_SETUP],
5310 nl80211_mesh_setup_params_policy))
5311 return -EINVAL;
5312
5313 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_SYNC])
5314 setup->sync_method =
5315 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_SYNC])) ?
5316 IEEE80211_SYNC_METHOD_VENDOR :
5317 IEEE80211_SYNC_METHOD_NEIGHBOR_OFFSET;
5318
5319 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL])
5320 setup->path_sel_proto =
5321 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL])) ?
5322 IEEE80211_PATH_PROTOCOL_VENDOR :
5323 IEEE80211_PATH_PROTOCOL_HWMP;
5324
5325 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC])
5326 setup->path_metric =
5327 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC])) ?
5328 IEEE80211_PATH_METRIC_VENDOR :
5329 IEEE80211_PATH_METRIC_AIRTIME;
5330
5331
5332 if (tb[NL80211_MESH_SETUP_IE]) {
5333 struct nlattr *ieattr =
5334 tb[NL80211_MESH_SETUP_IE];
5335 if (!is_valid_ie_attr(ieattr))
5336 return -EINVAL;
5337 setup->ie = nla_data(ieattr);
5338 setup->ie_len = nla_len(ieattr);
5339 }
5340 if (tb[NL80211_MESH_SETUP_USERSPACE_MPM] &&
5341 !(rdev->wiphy.features & NL80211_FEATURE_USERSPACE_MPM))
5342 return -EINVAL;
5343 setup->user_mpm = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_MPM]);
5344 setup->is_authenticated = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_AUTH]);
5345 setup->is_secure = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_AMPE]);
5346 if (setup->is_secure)
5347 setup->user_mpm = true;
5348
5349 if (tb[NL80211_MESH_SETUP_AUTH_PROTOCOL]) {
5350 if (!setup->user_mpm)
5351 return -EINVAL;
5352 setup->auth_id =
5353 nla_get_u8(tb[NL80211_MESH_SETUP_AUTH_PROTOCOL]);
5354 }
5355
5356 return 0;
5357}
5358
5359static int nl80211_update_mesh_config(struct sk_buff *skb,
5360 struct genl_info *info)
5361{
5362 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5363 struct net_device *dev = info->user_ptr[1];
5364 struct wireless_dev *wdev = dev->ieee80211_ptr;
5365 struct mesh_config cfg;
5366 u32 mask;
5367 int err;
5368
5369 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT)
5370 return -EOPNOTSUPP;
5371
5372 if (!rdev->ops->update_mesh_config)
5373 return -EOPNOTSUPP;
5374
5375 err = nl80211_parse_mesh_config(info, &cfg, &mask);
5376 if (err)
5377 return err;
5378
5379 wdev_lock(wdev);
5380 if (!wdev->mesh_id_len)
5381 err = -ENOLINK;
5382
5383 if (!err)
5384 err = rdev_update_mesh_config(rdev, dev, mask, &cfg);
5385
5386 wdev_unlock(wdev);
5387
5388 return err;
5389}
5390
5391static int nl80211_put_regdom(const struct ieee80211_regdomain *regdom,
5392 struct sk_buff *msg)
5393{
5394 struct nlattr *nl_reg_rules;
5395 unsigned int i;
5396
5397 if (nla_put_string(msg, NL80211_ATTR_REG_ALPHA2, regdom->alpha2) ||
5398 (regdom->dfs_region &&
5399 nla_put_u8(msg, NL80211_ATTR_DFS_REGION, regdom->dfs_region)))
5400 goto nla_put_failure;
5401
5402 nl_reg_rules = nla_nest_start(msg, NL80211_ATTR_REG_RULES);
5403 if (!nl_reg_rules)
5404 goto nla_put_failure;
5405
5406 for (i = 0; i < regdom->n_reg_rules; i++) {
5407 struct nlattr *nl_reg_rule;
5408 const struct ieee80211_reg_rule *reg_rule;
5409 const struct ieee80211_freq_range *freq_range;
5410 const struct ieee80211_power_rule *power_rule;
5411 unsigned int max_bandwidth_khz;
5412
5413 reg_rule = ®dom->reg_rules[i];
5414 freq_range = ®_rule->freq_range;
5415 power_rule = ®_rule->power_rule;
5416
5417 nl_reg_rule = nla_nest_start(msg, i);
5418 if (!nl_reg_rule)
5419 goto nla_put_failure;
5420
5421 max_bandwidth_khz = freq_range->max_bandwidth_khz;
5422 if (!max_bandwidth_khz)
5423 max_bandwidth_khz = reg_get_max_bandwidth(regdom,
5424 reg_rule);
5425
5426 if (nla_put_u32(msg, NL80211_ATTR_REG_RULE_FLAGS,
5427 reg_rule->flags) ||
5428 nla_put_u32(msg, NL80211_ATTR_FREQ_RANGE_START,
5429 freq_range->start_freq_khz) ||
5430 nla_put_u32(msg, NL80211_ATTR_FREQ_RANGE_END,
5431 freq_range->end_freq_khz) ||
5432 nla_put_u32(msg, NL80211_ATTR_FREQ_RANGE_MAX_BW,
5433 max_bandwidth_khz) ||
5434 nla_put_u32(msg, NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN,
5435 power_rule->max_antenna_gain) ||
5436 nla_put_u32(msg, NL80211_ATTR_POWER_RULE_MAX_EIRP,
5437 power_rule->max_eirp) ||
5438 nla_put_u32(msg, NL80211_ATTR_DFS_CAC_TIME,
5439 reg_rule->dfs_cac_ms))
5440 goto nla_put_failure;
5441
5442 nla_nest_end(msg, nl_reg_rule);
5443 }
5444
5445 nla_nest_end(msg, nl_reg_rules);
5446 return 0;
5447
5448nla_put_failure:
5449 return -EMSGSIZE;
5450}
5451
5452static int nl80211_get_reg_do(struct sk_buff *skb, struct genl_info *info)
5453{
5454 const struct ieee80211_regdomain *regdom = NULL;
5455 struct cfg80211_registered_device *rdev;
5456 struct wiphy *wiphy = NULL;
5457 struct sk_buff *msg;
5458 void *hdr;
5459
5460 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
5461 if (!msg)
5462 return -ENOBUFS;
5463
5464 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
5465 NL80211_CMD_GET_REG);
5466 if (!hdr)
5467 goto put_failure;
5468
5469 if (info->attrs[NL80211_ATTR_WIPHY]) {
5470 bool self_managed;
5471
5472 rdev = cfg80211_get_dev_from_info(genl_info_net(info), info);
5473 if (IS_ERR(rdev)) {
5474 nlmsg_free(msg);
5475 return PTR_ERR(rdev);
5476 }
5477
5478 wiphy = &rdev->wiphy;
5479 self_managed = wiphy->regulatory_flags &
5480 REGULATORY_WIPHY_SELF_MANAGED;
5481 regdom = get_wiphy_regdom(wiphy);
5482
5483
5484 if (WARN_ON(!regdom && self_managed)) {
5485 nlmsg_free(msg);
5486 return -EINVAL;
5487 }
5488
5489 if (regdom &&
5490 nla_put_u32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy)))
5491 goto nla_put_failure;
5492 }
5493
5494 if (!wiphy && reg_last_request_cell_base() &&
5495 nla_put_u32(msg, NL80211_ATTR_USER_REG_HINT_TYPE,
5496 NL80211_USER_REG_HINT_CELL_BASE))
5497 goto nla_put_failure;
5498
5499 rcu_read_lock();
5500
5501 if (!regdom)
5502 regdom = rcu_dereference(cfg80211_regdomain);
5503
5504 if (nl80211_put_regdom(regdom, msg))
5505 goto nla_put_failure_rcu;
5506
5507 rcu_read_unlock();
5508
5509 genlmsg_end(msg, hdr);
5510 return genlmsg_reply(msg, info);
5511
5512nla_put_failure_rcu:
5513 rcu_read_unlock();
5514nla_put_failure:
5515 genlmsg_cancel(msg, hdr);
5516put_failure:
5517 nlmsg_free(msg);
5518 return -EMSGSIZE;
5519}
5520
5521static int nl80211_send_regdom(struct sk_buff *msg, struct netlink_callback *cb,
5522 u32 seq, int flags, struct wiphy *wiphy,
5523 const struct ieee80211_regdomain *regdom)
5524{
5525 void *hdr = nl80211hdr_put(msg, NETLINK_CB(cb->skb).portid, seq, flags,
5526 NL80211_CMD_GET_REG);
5527
5528 if (!hdr)
5529 return -1;
5530
5531 genl_dump_check_consistent(cb, hdr, &nl80211_fam);
5532
5533 if (nl80211_put_regdom(regdom, msg))
5534 goto nla_put_failure;
5535
5536 if (!wiphy && reg_last_request_cell_base() &&
5537 nla_put_u32(msg, NL80211_ATTR_USER_REG_HINT_TYPE,
5538 NL80211_USER_REG_HINT_CELL_BASE))
5539 goto nla_put_failure;
5540
5541 if (wiphy &&
5542 nla_put_u32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy)))
5543 goto nla_put_failure;
5544
5545 if (wiphy && wiphy->regulatory_flags & REGULATORY_WIPHY_SELF_MANAGED &&
5546 nla_put_flag(msg, NL80211_ATTR_WIPHY_SELF_MANAGED_REG))
5547 goto nla_put_failure;
5548
5549 genlmsg_end(msg, hdr);
5550 return 0;
5551
5552nla_put_failure:
5553 genlmsg_cancel(msg, hdr);
5554 return -EMSGSIZE;
5555}
5556
5557static int nl80211_get_reg_dump(struct sk_buff *skb,
5558 struct netlink_callback *cb)
5559{
5560 const struct ieee80211_regdomain *regdom = NULL;
5561 struct cfg80211_registered_device *rdev;
5562 int err, reg_idx, start = cb->args[2];
5563
5564 rtnl_lock();
5565
5566 if (cfg80211_regdomain && start == 0) {
5567 err = nl80211_send_regdom(skb, cb, cb->nlh->nlmsg_seq,
5568 NLM_F_MULTI, NULL,
5569 rtnl_dereference(cfg80211_regdomain));
5570 if (err < 0)
5571 goto out_err;
5572 }
5573
5574
5575 reg_idx = 1;
5576 list_for_each_entry(rdev, &cfg80211_rdev_list, list) {
5577 regdom = get_wiphy_regdom(&rdev->wiphy);
5578 if (!regdom)
5579 continue;
5580
5581 if (++reg_idx <= start)
5582 continue;
5583
5584 err = nl80211_send_regdom(skb, cb, cb->nlh->nlmsg_seq,
5585 NLM_F_MULTI, &rdev->wiphy, regdom);
5586 if (err < 0) {
5587 reg_idx--;
5588 break;
5589 }
5590 }
5591
5592 cb->args[2] = reg_idx;
5593 err = skb->len;
5594out_err:
5595 rtnl_unlock();
5596 return err;
5597}
5598
5599static int nl80211_set_reg(struct sk_buff *skb, struct genl_info *info)
5600{
5601 struct nlattr *tb[NL80211_REG_RULE_ATTR_MAX + 1];
5602 struct nlattr *nl_reg_rule;
5603 char *alpha2;
5604 int rem_reg_rules, r;
5605 u32 num_rules = 0, rule_idx = 0, size_of_regd;
5606 enum nl80211_dfs_regions dfs_region = NL80211_DFS_UNSET;
5607 struct ieee80211_regdomain *rd;
5608
5609 if (!info->attrs[NL80211_ATTR_REG_ALPHA2])
5610 return -EINVAL;
5611
5612 if (!info->attrs[NL80211_ATTR_REG_RULES])
5613 return -EINVAL;
5614
5615 alpha2 = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]);
5616
5617 if (info->attrs[NL80211_ATTR_DFS_REGION])
5618 dfs_region = nla_get_u8(info->attrs[NL80211_ATTR_DFS_REGION]);
5619
5620 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES],
5621 rem_reg_rules) {
5622 num_rules++;
5623 if (num_rules > NL80211_MAX_SUPP_REG_RULES)
5624 return -EINVAL;
5625 }
5626
5627 if (!reg_is_valid_request(alpha2))
5628 return -EINVAL;
5629
5630 size_of_regd = sizeof(struct ieee80211_regdomain) +
5631 num_rules * sizeof(struct ieee80211_reg_rule);
5632
5633 rd = kzalloc(size_of_regd, GFP_KERNEL);
5634 if (!rd)
5635 return -ENOMEM;
5636
5637 rd->n_reg_rules = num_rules;
5638 rd->alpha2[0] = alpha2[0];
5639 rd->alpha2[1] = alpha2[1];
5640
5641
5642
5643
5644
5645 if (reg_supported_dfs_region(dfs_region))
5646 rd->dfs_region = dfs_region;
5647
5648 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES],
5649 rem_reg_rules) {
5650 r = nla_parse(tb, NL80211_REG_RULE_ATTR_MAX,
5651 nla_data(nl_reg_rule), nla_len(nl_reg_rule),
5652 reg_rule_policy);
5653 if (r)
5654 goto bad_reg;
5655 r = parse_reg_rule(tb, &rd->reg_rules[rule_idx]);
5656 if (r)
5657 goto bad_reg;
5658
5659 rule_idx++;
5660
5661 if (rule_idx > NL80211_MAX_SUPP_REG_RULES) {
5662 r = -EINVAL;
5663 goto bad_reg;
5664 }
5665 }
5666
5667 r = set_regdom(rd, REGD_SOURCE_CRDA);
5668
5669 rd = NULL;
5670
5671 bad_reg:
5672 kfree(rd);
5673 return r;
5674}
5675
5676static int validate_scan_freqs(struct nlattr *freqs)
5677{
5678 struct nlattr *attr1, *attr2;
5679 int n_channels = 0, tmp1, tmp2;
5680
5681 nla_for_each_nested(attr1, freqs, tmp1) {
5682 n_channels++;
5683
5684
5685
5686
5687
5688
5689
5690
5691
5692 nla_for_each_nested(attr2, freqs, tmp2)
5693 if (attr1 != attr2 &&
5694 nla_get_u32(attr1) == nla_get_u32(attr2))
5695 return 0;
5696 }
5697
5698 return n_channels;
5699}
5700
5701static int nl80211_parse_random_mac(struct nlattr **attrs,
5702 u8 *mac_addr, u8 *mac_addr_mask)
5703{
5704 int i;
5705
5706 if (!attrs[NL80211_ATTR_MAC] && !attrs[NL80211_ATTR_MAC_MASK]) {
5707 eth_zero_addr(mac_addr);
5708 eth_zero_addr(mac_addr_mask);
5709 mac_addr[0] = 0x2;
5710 mac_addr_mask[0] = 0x3;
5711
5712 return 0;
5713 }
5714
5715
5716 if (!attrs[NL80211_ATTR_MAC] || !attrs[NL80211_ATTR_MAC_MASK])
5717 return -EINVAL;
5718
5719 memcpy(mac_addr, nla_data(attrs[NL80211_ATTR_MAC]), ETH_ALEN);
5720 memcpy(mac_addr_mask, nla_data(attrs[NL80211_ATTR_MAC_MASK]), ETH_ALEN);
5721
5722
5723 if (!is_multicast_ether_addr(mac_addr_mask) ||
5724 is_multicast_ether_addr(mac_addr))
5725 return -EINVAL;
5726
5727
5728
5729
5730
5731
5732 for (i = 0; i < ETH_ALEN; i++)
5733 mac_addr[i] &= mac_addr_mask[i];
5734
5735 return 0;
5736}
5737
5738static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info)
5739{
5740 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5741 struct wireless_dev *wdev = info->user_ptr[1];
5742 struct cfg80211_scan_request *request;
5743 struct nlattr *attr;
5744 struct wiphy *wiphy;
5745 int err, tmp, n_ssids = 0, n_channels, i;
5746 size_t ie_len;
5747
5748 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
5749 return -EINVAL;
5750
5751 wiphy = &rdev->wiphy;
5752
5753 if (!rdev->ops->scan)
5754 return -EOPNOTSUPP;
5755
5756 if (rdev->scan_req || rdev->scan_msg) {
5757 err = -EBUSY;
5758 goto unlock;
5759 }
5760
5761 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
5762 n_channels = validate_scan_freqs(
5763 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]);
5764 if (!n_channels) {
5765 err = -EINVAL;
5766 goto unlock;
5767 }
5768 } else {
5769 n_channels = ieee80211_get_num_supported_channels(wiphy);
5770 }
5771
5772 if (info->attrs[NL80211_ATTR_SCAN_SSIDS])
5773 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp)
5774 n_ssids++;
5775
5776 if (n_ssids > wiphy->max_scan_ssids) {
5777 err = -EINVAL;
5778 goto unlock;
5779 }
5780
5781 if (info->attrs[NL80211_ATTR_IE])
5782 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
5783 else
5784 ie_len = 0;
5785
5786 if (ie_len > wiphy->max_scan_ie_len) {
5787 err = -EINVAL;
5788 goto unlock;
5789 }
5790
5791 request = kzalloc(sizeof(*request)
5792 + sizeof(*request->ssids) * n_ssids
5793 + sizeof(*request->channels) * n_channels
5794 + ie_len, GFP_KERNEL);
5795 if (!request) {
5796 err = -ENOMEM;
5797 goto unlock;
5798 }
5799
5800 if (n_ssids)
5801 request->ssids = (void *)&request->channels[n_channels];
5802 request->n_ssids = n_ssids;
5803 if (ie_len) {
5804 if (n_ssids)
5805 request->ie = (void *)(request->ssids + n_ssids);
5806 else
5807 request->ie = (void *)(request->channels + n_channels);
5808 }
5809
5810 i = 0;
5811 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
5812
5813 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_FREQUENCIES], tmp) {
5814 struct ieee80211_channel *chan;
5815
5816 chan = ieee80211_get_channel(wiphy, nla_get_u32(attr));
5817
5818 if (!chan) {
5819 err = -EINVAL;
5820 goto out_free;
5821 }
5822
5823
5824 if (chan->flags & IEEE80211_CHAN_DISABLED)
5825 continue;
5826
5827 request->channels[i] = chan;
5828 i++;
5829 }
5830 } else {
5831 enum ieee80211_band band;
5832
5833
5834 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
5835 int j;
5836 if (!wiphy->bands[band])
5837 continue;
5838 for (j = 0; j < wiphy->bands[band]->n_channels; j++) {
5839 struct ieee80211_channel *chan;
5840
5841 chan = &wiphy->bands[band]->channels[j];
5842
5843 if (chan->flags & IEEE80211_CHAN_DISABLED)
5844 continue;
5845
5846 request->channels[i] = chan;
5847 i++;
5848 }
5849 }
5850 }
5851
5852 if (!i) {
5853 err = -EINVAL;
5854 goto out_free;
5855 }
5856
5857 request->n_channels = i;
5858
5859 i = 0;
5860 if (n_ssids) {
5861 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) {
5862 if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) {
5863 err = -EINVAL;
5864 goto out_free;
5865 }
5866 request->ssids[i].ssid_len = nla_len(attr);
5867 memcpy(request->ssids[i].ssid, nla_data(attr), nla_len(attr));
5868 i++;
5869 }
5870 }
5871
5872 if (info->attrs[NL80211_ATTR_IE]) {
5873 request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
5874 memcpy((void *)request->ie,
5875 nla_data(info->attrs[NL80211_ATTR_IE]),
5876 request->ie_len);
5877 }
5878
5879 for (i = 0; i < IEEE80211_NUM_BANDS; i++)
5880 if (wiphy->bands[i])
5881 request->rates[i] =
5882 (1 << wiphy->bands[i]->n_bitrates) - 1;
5883
5884 if (info->attrs[NL80211_ATTR_SCAN_SUPP_RATES]) {
5885 nla_for_each_nested(attr,
5886 info->attrs[NL80211_ATTR_SCAN_SUPP_RATES],
5887 tmp) {
5888 enum ieee80211_band band = nla_type(attr);
5889
5890 if (band < 0 || band >= IEEE80211_NUM_BANDS) {
5891 err = -EINVAL;
5892 goto out_free;
5893 }
5894
5895 if (!wiphy->bands[band])
5896 continue;
5897
5898 err = ieee80211_get_ratemask(wiphy->bands[band],
5899 nla_data(attr),
5900 nla_len(attr),
5901 &request->rates[band]);
5902 if (err)
5903 goto out_free;
5904 }
5905 }
5906
5907 if (info->attrs[NL80211_ATTR_SCAN_FLAGS]) {
5908 request->flags = nla_get_u32(
5909 info->attrs[NL80211_ATTR_SCAN_FLAGS]);
5910 if ((request->flags & NL80211_SCAN_FLAG_LOW_PRIORITY) &&
5911 !(wiphy->features & NL80211_FEATURE_LOW_PRIORITY_SCAN)) {
5912 err = -EOPNOTSUPP;
5913 goto out_free;
5914 }
5915
5916 if (request->flags & NL80211_SCAN_FLAG_RANDOM_ADDR) {
5917 if (!(wiphy->features &
5918 NL80211_FEATURE_SCAN_RANDOM_MAC_ADDR)) {
5919 err = -EOPNOTSUPP;
5920 goto out_free;
5921 }
5922
5923 if (wdev->current_bss) {
5924 err = -EOPNOTSUPP;
5925 goto out_free;
5926 }
5927
5928 err = nl80211_parse_random_mac(info->attrs,
5929 request->mac_addr,
5930 request->mac_addr_mask);
5931 if (err)
5932 goto out_free;
5933 }
5934 }
5935
5936 request->no_cck =
5937 nla_get_flag(info->attrs[NL80211_ATTR_TX_NO_CCK_RATE]);
5938
5939 request->wdev = wdev;
5940 request->wiphy = &rdev->wiphy;
5941 request->scan_start = jiffies;
5942
5943 rdev->scan_req = request;
5944 err = rdev_scan(rdev, request);
5945
5946 if (!err) {
5947 nl80211_send_scan_start(rdev, wdev);
5948 if (wdev->netdev)
5949 dev_hold(wdev->netdev);
5950 } else {
5951 out_free:
5952 rdev->scan_req = NULL;
5953 kfree(request);
5954 }
5955
5956 unlock:
5957 return err;
5958}
5959
5960static struct cfg80211_sched_scan_request *
5961nl80211_parse_sched_scan(struct wiphy *wiphy, struct wireless_dev *wdev,
5962 struct nlattr **attrs)
5963{
5964 struct cfg80211_sched_scan_request *request;
5965 struct nlattr *attr;
5966 int err, tmp, n_ssids = 0, n_match_sets = 0, n_channels, i;
5967 u32 interval;
5968 enum ieee80211_band band;
5969 size_t ie_len;
5970 struct nlattr *tb[NL80211_SCHED_SCAN_MATCH_ATTR_MAX + 1];
5971 s32 default_match_rssi = NL80211_SCAN_RSSI_THOLD_OFF;
5972
5973 if (!is_valid_ie_attr(attrs[NL80211_ATTR_IE]))
5974 return ERR_PTR(-EINVAL);
5975
5976 if (!attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL])
5977 return ERR_PTR(-EINVAL);
5978
5979 interval = nla_get_u32(attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL]);
5980 if (interval == 0)
5981 return ERR_PTR(-EINVAL);
5982
5983 if (attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
5984 n_channels = validate_scan_freqs(
5985 attrs[NL80211_ATTR_SCAN_FREQUENCIES]);
5986 if (!n_channels)
5987 return ERR_PTR(-EINVAL);
5988 } else {
5989 n_channels = ieee80211_get_num_supported_channels(wiphy);
5990 }
5991
5992 if (attrs[NL80211_ATTR_SCAN_SSIDS])
5993 nla_for_each_nested(attr, attrs[NL80211_ATTR_SCAN_SSIDS],
5994 tmp)
5995 n_ssids++;
5996
5997 if (n_ssids > wiphy->max_sched_scan_ssids)
5998 return ERR_PTR(-EINVAL);
5999
6000
6001
6002
6003
6004
6005
6006
6007
6008
6009 if (attrs[NL80211_ATTR_SCHED_SCAN_MATCH]) {
6010 nla_for_each_nested(attr,
6011 attrs[NL80211_ATTR_SCHED_SCAN_MATCH],
6012 tmp) {
6013 struct nlattr *rssi;
6014
6015 err = nla_parse(tb, NL80211_SCHED_SCAN_MATCH_ATTR_MAX,
6016 nla_data(attr), nla_len(attr),
6017 nl80211_match_policy);
6018 if (err)
6019 return ERR_PTR(err);
6020
6021 if (tb[NL80211_SCHED_SCAN_MATCH_ATTR_SSID]) {
6022 n_match_sets++;
6023 continue;
6024 }
6025 rssi = tb[NL80211_SCHED_SCAN_MATCH_ATTR_RSSI];
6026 if (rssi)
6027 default_match_rssi = nla_get_s32(rssi);
6028 }
6029 }
6030
6031
6032 if (!n_match_sets && default_match_rssi != NL80211_SCAN_RSSI_THOLD_OFF)
6033 n_match_sets = 1;
6034
6035 if (n_match_sets > wiphy->max_match_sets)
6036 return ERR_PTR(-EINVAL);
6037
6038 if (attrs[NL80211_ATTR_IE])
6039 ie_len = nla_len(attrs[NL80211_ATTR_IE]);
6040 else
6041 ie_len = 0;
6042
6043 if (ie_len > wiphy->max_sched_scan_ie_len)
6044 return ERR_PTR(-EINVAL);
6045
6046 request = kzalloc(sizeof(*request)
6047 + sizeof(*request->ssids) * n_ssids
6048 + sizeof(*request->match_sets) * n_match_sets
6049 + sizeof(*request->channels) * n_channels
6050 + ie_len, GFP_KERNEL);
6051 if (!request)
6052 return ERR_PTR(-ENOMEM);
6053
6054 if (n_ssids)
6055 request->ssids = (void *)&request->channels[n_channels];
6056 request->n_ssids = n_ssids;
6057 if (ie_len) {
6058 if (n_ssids)
6059 request->ie = (void *)(request->ssids + n_ssids);
6060 else
6061 request->ie = (void *)(request->channels + n_channels);
6062 }
6063
6064 if (n_match_sets) {
6065 if (request->ie)
6066 request->match_sets = (void *)(request->ie + ie_len);
6067 else if (n_ssids)
6068 request->match_sets =
6069 (void *)(request->ssids + n_ssids);
6070 else
6071 request->match_sets =
6072 (void *)(request->channels + n_channels);
6073 }
6074 request->n_match_sets = n_match_sets;
6075
6076 i = 0;
6077 if (attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
6078
6079 nla_for_each_nested(attr,
6080 attrs[NL80211_ATTR_SCAN_FREQUENCIES],
6081 tmp) {
6082 struct ieee80211_channel *chan;
6083
6084 chan = ieee80211_get_channel(wiphy, nla_get_u32(attr));
6085
6086 if (!chan) {
6087 err = -EINVAL;
6088 goto out_free;
6089 }
6090
6091
6092 if (chan->flags & IEEE80211_CHAN_DISABLED)
6093 continue;
6094
6095 request->channels[i] = chan;
6096 i++;
6097 }
6098 } else {
6099
6100 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
6101 int j;
6102 if (!wiphy->bands[band])
6103 continue;
6104 for (j = 0; j < wiphy->bands[band]->n_channels; j++) {
6105 struct ieee80211_channel *chan;
6106
6107 chan = &wiphy->bands[band]->channels[j];
6108
6109 if (chan->flags & IEEE80211_CHAN_DISABLED)
6110 continue;
6111
6112 request->channels[i] = chan;
6113 i++;
6114 }
6115 }
6116 }
6117
6118 if (!i) {
6119 err = -EINVAL;
6120 goto out_free;
6121 }
6122
6123 request->n_channels = i;
6124
6125 i = 0;
6126 if (n_ssids) {
6127 nla_for_each_nested(attr, attrs[NL80211_ATTR_SCAN_SSIDS],
6128 tmp) {
6129 if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) {
6130 err = -EINVAL;
6131 goto out_free;
6132 }
6133 request->ssids[i].ssid_len = nla_len(attr);
6134 memcpy(request->ssids[i].ssid, nla_data(attr),
6135 nla_len(attr));
6136 i++;
6137 }
6138 }
6139
6140 i = 0;
6141 if (attrs[NL80211_ATTR_SCHED_SCAN_MATCH]) {
6142 nla_for_each_nested(attr,
6143 attrs[NL80211_ATTR_SCHED_SCAN_MATCH],
6144 tmp) {
6145 struct nlattr *ssid, *rssi;
6146
6147 err = nla_parse(tb, NL80211_SCHED_SCAN_MATCH_ATTR_MAX,
6148 nla_data(attr), nla_len(attr),
6149 nl80211_match_policy);
6150 if (err)
6151 goto out_free;
6152 ssid = tb[NL80211_SCHED_SCAN_MATCH_ATTR_SSID];
6153 if (ssid) {
6154 if (WARN_ON(i >= n_match_sets)) {
6155
6156
6157
6158
6159 err = -EINVAL;
6160 goto out_free;
6161 }
6162
6163 if (nla_len(ssid) > IEEE80211_MAX_SSID_LEN) {
6164 err = -EINVAL;
6165 goto out_free;
6166 }
6167 memcpy(request->match_sets[i].ssid.ssid,
6168 nla_data(ssid), nla_len(ssid));
6169 request->match_sets[i].ssid.ssid_len =
6170 nla_len(ssid);
6171
6172 request->match_sets[i].rssi_thold =
6173 default_match_rssi;
6174 rssi = tb[NL80211_SCHED_SCAN_MATCH_ATTR_RSSI];
6175 if (rssi)
6176 request->match_sets[i].rssi_thold =
6177 nla_get_s32(rssi);
6178 }
6179 i++;
6180 }
6181
6182
6183 if (i == 0 && n_match_sets)
6184 request->match_sets[0].rssi_thold = default_match_rssi;
6185
6186 request->min_rssi_thold = INT_MAX;
6187 for (i = 0; i < n_match_sets; i++)
6188 request->min_rssi_thold =
6189 min(request->match_sets[i].rssi_thold,
6190 request->min_rssi_thold);
6191 } else {
6192 request->min_rssi_thold = NL80211_SCAN_RSSI_THOLD_OFF;
6193 }
6194
6195 if (ie_len) {
6196 request->ie_len = ie_len;
6197 memcpy((void *)request->ie,
6198 nla_data(attrs[NL80211_ATTR_IE]),
6199 request->ie_len);
6200 }
6201
6202 if (attrs[NL80211_ATTR_SCAN_FLAGS]) {
6203 request->flags = nla_get_u32(
6204 attrs[NL80211_ATTR_SCAN_FLAGS]);
6205 if ((request->flags & NL80211_SCAN_FLAG_LOW_PRIORITY) &&
6206 !(wiphy->features & NL80211_FEATURE_LOW_PRIORITY_SCAN)) {
6207 err = -EOPNOTSUPP;
6208 goto out_free;
6209 }
6210
6211 if (request->flags & NL80211_SCAN_FLAG_RANDOM_ADDR) {
6212 u32 flg = NL80211_FEATURE_SCHED_SCAN_RANDOM_MAC_ADDR;
6213
6214 if (!wdev)
6215 flg = NL80211_FEATURE_ND_RANDOM_MAC_ADDR;
6216
6217 if (!(wiphy->features & flg)) {
6218 err = -EOPNOTSUPP;
6219 goto out_free;
6220 }
6221
6222 if (wdev && wdev->current_bss) {
6223 err = -EOPNOTSUPP;
6224 goto out_free;
6225 }
6226
6227 err = nl80211_parse_random_mac(attrs, request->mac_addr,
6228 request->mac_addr_mask);
6229 if (err)
6230 goto out_free;
6231 }
6232 }
6233
6234 if (attrs[NL80211_ATTR_SCHED_SCAN_DELAY])
6235 request->delay =
6236 nla_get_u32(attrs[NL80211_ATTR_SCHED_SCAN_DELAY]);
6237
6238 request->interval = interval;
6239 request->scan_start = jiffies;
6240
6241 return request;
6242
6243out_free:
6244 kfree(request);
6245 return ERR_PTR(err);
6246}
6247
6248static int nl80211_start_sched_scan(struct sk_buff *skb,
6249 struct genl_info *info)
6250{
6251 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6252 struct net_device *dev = info->user_ptr[1];
6253 struct wireless_dev *wdev = dev->ieee80211_ptr;
6254 struct cfg80211_sched_scan_request *sched_scan_req;
6255 int err;
6256
6257 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN) ||
6258 !rdev->ops->sched_scan_start)
6259 return -EOPNOTSUPP;
6260
6261 if (rdev->sched_scan_req)
6262 return -EINPROGRESS;
6263
6264 sched_scan_req = nl80211_parse_sched_scan(&rdev->wiphy, wdev,
6265 info->attrs);
6266
6267 err = PTR_ERR_OR_ZERO(sched_scan_req);
6268 if (err)
6269 goto out_err;
6270
6271 err = rdev_sched_scan_start(rdev, dev, sched_scan_req);
6272 if (err)
6273 goto out_free;
6274
6275 sched_scan_req->dev = dev;
6276 sched_scan_req->wiphy = &rdev->wiphy;
6277
6278 if (info->attrs[NL80211_ATTR_SOCKET_OWNER])
6279 sched_scan_req->owner_nlportid = info->snd_portid;
6280
6281 rcu_assign_pointer(rdev->sched_scan_req, sched_scan_req);
6282
6283 nl80211_send_sched_scan(rdev, dev,
6284 NL80211_CMD_START_SCHED_SCAN);
6285 return 0;
6286
6287out_free:
6288 kfree(sched_scan_req);
6289out_err:
6290 return err;
6291}
6292
6293static int nl80211_stop_sched_scan(struct sk_buff *skb,
6294 struct genl_info *info)
6295{
6296 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6297
6298 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN) ||
6299 !rdev->ops->sched_scan_stop)
6300 return -EOPNOTSUPP;
6301
6302 return __cfg80211_stop_sched_scan(rdev, false);
6303}
6304
6305static int nl80211_start_radar_detection(struct sk_buff *skb,
6306 struct genl_info *info)
6307{
6308 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6309 struct net_device *dev = info->user_ptr[1];
6310 struct wireless_dev *wdev = dev->ieee80211_ptr;
6311 struct cfg80211_chan_def chandef;
6312 enum nl80211_dfs_regions dfs_region;
6313 unsigned int cac_time_ms;
6314 int err;
6315
6316 dfs_region = reg_get_dfs_region(wdev->wiphy);
6317 if (dfs_region == NL80211_DFS_UNSET)
6318 return -EINVAL;
6319
6320 err = nl80211_parse_chandef(rdev, info, &chandef);
6321 if (err)
6322 return err;
6323
6324 if (netif_carrier_ok(dev))
6325 return -EBUSY;
6326
6327 if (wdev->cac_started)
6328 return -EBUSY;
6329
6330 err = cfg80211_chandef_dfs_required(wdev->wiphy, &chandef,
6331 wdev->iftype);
6332 if (err < 0)
6333 return err;
6334
6335 if (err == 0)
6336 return -EINVAL;
6337
6338 if (!cfg80211_chandef_dfs_usable(wdev->wiphy, &chandef))
6339 return -EINVAL;
6340
6341 if (!rdev->ops->start_radar_detection)
6342 return -EOPNOTSUPP;
6343
6344 cac_time_ms = cfg80211_chandef_dfs_cac_time(&rdev->wiphy, &chandef);
6345 if (WARN_ON(!cac_time_ms))
6346 cac_time_ms = IEEE80211_DFS_MIN_CAC_TIME_MS;
6347
6348 err = rdev->ops->start_radar_detection(&rdev->wiphy, dev, &chandef,
6349 cac_time_ms);
6350 if (!err) {
6351 wdev->chandef = chandef;
6352 wdev->cac_started = true;
6353 wdev->cac_start_time = jiffies;
6354 wdev->cac_time_ms = cac_time_ms;
6355 }
6356 return err;
6357}
6358
6359static int nl80211_channel_switch(struct sk_buff *skb, struct genl_info *info)
6360{
6361 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6362 struct net_device *dev = info->user_ptr[1];
6363 struct wireless_dev *wdev = dev->ieee80211_ptr;
6364 struct cfg80211_csa_settings params;
6365
6366
6367
6368 static struct nlattr *csa_attrs[NL80211_ATTR_MAX+1];
6369 int err;
6370 bool need_new_beacon = false;
6371 int len, i;
6372 u32 cs_count;
6373
6374 if (!rdev->ops->channel_switch ||
6375 !(rdev->wiphy.flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH))
6376 return -EOPNOTSUPP;
6377
6378 switch (dev->ieee80211_ptr->iftype) {
6379 case NL80211_IFTYPE_AP:
6380 case NL80211_IFTYPE_P2P_GO:
6381 need_new_beacon = true;
6382
6383
6384 if (!wdev->beacon_interval)
6385 return -ENOTCONN;
6386 break;
6387 case NL80211_IFTYPE_ADHOC:
6388 if (!wdev->ssid_len)
6389 return -ENOTCONN;
6390 break;
6391 case NL80211_IFTYPE_MESH_POINT:
6392 if (!wdev->mesh_id_len)
6393 return -ENOTCONN;
6394 break;
6395 default:
6396 return -EOPNOTSUPP;
6397 }
6398
6399 memset(¶ms, 0, sizeof(params));
6400
6401 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] ||
6402 !info->attrs[NL80211_ATTR_CH_SWITCH_COUNT])
6403 return -EINVAL;
6404
6405
6406 if (need_new_beacon && !info->attrs[NL80211_ATTR_CSA_IES])
6407 return -EINVAL;
6408
6409
6410
6411
6412 cs_count = nla_get_u32(info->attrs[NL80211_ATTR_CH_SWITCH_COUNT]);
6413 if (cs_count > 255)
6414 return -EINVAL;
6415
6416 params.count = cs_count;
6417
6418 if (!need_new_beacon)
6419 goto skip_beacons;
6420
6421 err = nl80211_parse_beacon(info->attrs, ¶ms.beacon_after);
6422 if (err)
6423 return err;
6424
6425 err = nla_parse_nested(csa_attrs, NL80211_ATTR_MAX,
6426 info->attrs[NL80211_ATTR_CSA_IES],
6427 nl80211_policy);
6428 if (err)
6429 return err;
6430
6431 err = nl80211_parse_beacon(csa_attrs, ¶ms.beacon_csa);
6432 if (err)
6433 return err;
6434
6435 if (!csa_attrs[NL80211_ATTR_CSA_C_OFF_BEACON])
6436 return -EINVAL;
6437
6438 len = nla_len(csa_attrs[NL80211_ATTR_CSA_C_OFF_BEACON]);
6439 if (!len || (len % sizeof(u16)))
6440 return -EINVAL;
6441
6442 params.n_counter_offsets_beacon = len / sizeof(u16);
6443 if (rdev->wiphy.max_num_csa_counters &&
6444 (params.n_counter_offsets_beacon >
6445 rdev->wiphy.max_num_csa_counters))
6446 return -EINVAL;
6447
6448 params.counter_offsets_beacon =
6449 nla_data(csa_attrs[NL80211_ATTR_CSA_C_OFF_BEACON]);
6450
6451
6452 for (i = 0; i < params.n_counter_offsets_beacon; i++) {
6453 u16 offset = params.counter_offsets_beacon[i];
6454
6455 if (offset >= params.beacon_csa.tail_len)
6456 return -EINVAL;
6457
6458 if (params.beacon_csa.tail[offset] != params.count)
6459 return -EINVAL;
6460 }
6461
6462 if (csa_attrs[NL80211_ATTR_CSA_C_OFF_PRESP]) {
6463 len = nla_len(csa_attrs[NL80211_ATTR_CSA_C_OFF_PRESP]);
6464 if (!len || (len % sizeof(u16)))
6465 return -EINVAL;
6466
6467 params.n_counter_offsets_presp = len / sizeof(u16);
6468 if (rdev->wiphy.max_num_csa_counters &&
6469 (params.n_counter_offsets_beacon >
6470 rdev->wiphy.max_num_csa_counters))
6471 return -EINVAL;
6472
6473 params.counter_offsets_presp =
6474 nla_data(csa_attrs[NL80211_ATTR_CSA_C_OFF_PRESP]);
6475
6476
6477 for (i = 0; i < params.n_counter_offsets_presp; i++) {
6478 u16 offset = params.counter_offsets_presp[i];
6479
6480 if (offset >= params.beacon_csa.probe_resp_len)
6481 return -EINVAL;
6482
6483 if (params.beacon_csa.probe_resp[offset] !=
6484 params.count)
6485 return -EINVAL;
6486 }
6487 }
6488
6489skip_beacons:
6490 err = nl80211_parse_chandef(rdev, info, ¶ms.chandef);
6491 if (err)
6492 return err;
6493
6494 if (!cfg80211_reg_can_beacon(&rdev->wiphy, ¶ms.chandef,
6495 wdev->iftype))
6496 return -EINVAL;
6497
6498 err = cfg80211_chandef_dfs_required(wdev->wiphy,
6499 ¶ms.chandef,
6500 wdev->iftype);
6501 if (err < 0)
6502 return err;
6503
6504 if (err > 0)
6505 params.radar_required = true;
6506
6507 if (info->attrs[NL80211_ATTR_CH_SWITCH_BLOCK_TX])
6508 params.block_tx = true;
6509
6510 wdev_lock(wdev);
6511 err = rdev_channel_switch(rdev, dev, ¶ms);
6512 wdev_unlock(wdev);
6513
6514 return err;
6515}
6516
6517static int nl80211_send_bss(struct sk_buff *msg, struct netlink_callback *cb,
6518 u32 seq, int flags,
6519 struct cfg80211_registered_device *rdev,
6520 struct wireless_dev *wdev,
6521 struct cfg80211_internal_bss *intbss)
6522{
6523 struct cfg80211_bss *res = &intbss->pub;
6524 const struct cfg80211_bss_ies *ies;
6525 void *hdr;
6526 struct nlattr *bss;
6527
6528 ASSERT_WDEV_LOCK(wdev);
6529
6530 hdr = nl80211hdr_put(msg, NETLINK_CB(cb->skb).portid, seq, flags,
6531 NL80211_CMD_NEW_SCAN_RESULTS);
6532 if (!hdr)
6533 return -1;
6534
6535 genl_dump_check_consistent(cb, hdr, &nl80211_fam);
6536
6537 if (nla_put_u32(msg, NL80211_ATTR_GENERATION, rdev->bss_generation))
6538 goto nla_put_failure;
6539 if (wdev->netdev &&
6540 nla_put_u32(msg, NL80211_ATTR_IFINDEX, wdev->netdev->ifindex))
6541 goto nla_put_failure;
6542 if (nla_put_u64(msg, NL80211_ATTR_WDEV, wdev_id(wdev)))
6543 goto nla_put_failure;
6544
6545 bss = nla_nest_start(msg, NL80211_ATTR_BSS);
6546 if (!bss)
6547 goto nla_put_failure;
6548 if ((!is_zero_ether_addr(res->bssid) &&
6549 nla_put(msg, NL80211_BSS_BSSID, ETH_ALEN, res->bssid)))
6550 goto nla_put_failure;
6551
6552 rcu_read_lock();
6553
6554 if (rcu_access_pointer(res->proberesp_ies) &&
6555 nla_put_flag(msg, NL80211_BSS_PRESP_DATA))
6556 goto fail_unlock_rcu;
6557
6558
6559
6560
6561 ies = rcu_dereference(res->ies);
6562 if (ies) {
6563 if (nla_put_u64(msg, NL80211_BSS_TSF, ies->tsf))
6564 goto fail_unlock_rcu;
6565 if (ies->len && nla_put(msg, NL80211_BSS_INFORMATION_ELEMENTS,
6566 ies->len, ies->data))
6567 goto fail_unlock_rcu;
6568 }
6569
6570
6571 ies = rcu_dereference(res->beacon_ies);
6572 if (ies && ies->from_beacon) {
6573 if (nla_put_u64(msg, NL80211_BSS_BEACON_TSF, ies->tsf))
6574 goto fail_unlock_rcu;
6575 if (ies->len && nla_put(msg, NL80211_BSS_BEACON_IES,
6576 ies->len, ies->data))
6577 goto fail_unlock_rcu;
6578 }
6579 rcu_read_unlock();
6580
6581 if (res->beacon_interval &&
6582 nla_put_u16(msg, NL80211_BSS_BEACON_INTERVAL, res->beacon_interval))
6583 goto nla_put_failure;
6584 if (nla_put_u16(msg, NL80211_BSS_CAPABILITY, res->capability) ||
6585 nla_put_u32(msg, NL80211_BSS_FREQUENCY, res->channel->center_freq) ||
6586 nla_put_u32(msg, NL80211_BSS_CHAN_WIDTH, res->scan_width) ||
6587 nla_put_u32(msg, NL80211_BSS_SEEN_MS_AGO,
6588 jiffies_to_msecs(jiffies - intbss->ts)))
6589 goto nla_put_failure;
6590
6591 switch (rdev->wiphy.signal_type) {
6592 case CFG80211_SIGNAL_TYPE_MBM:
6593 if (nla_put_u32(msg, NL80211_BSS_SIGNAL_MBM, res->signal))
6594 goto nla_put_failure;
6595 break;
6596 case CFG80211_SIGNAL_TYPE_UNSPEC:
6597 if (nla_put_u8(msg, NL80211_BSS_SIGNAL_UNSPEC, res->signal))
6598 goto nla_put_failure;
6599 break;
6600 default:
6601 break;
6602 }
6603
6604 switch (wdev->iftype) {
6605 case NL80211_IFTYPE_P2P_CLIENT:
6606 case NL80211_IFTYPE_STATION:
6607 if (intbss == wdev->current_bss &&
6608 nla_put_u32(msg, NL80211_BSS_STATUS,
6609 NL80211_BSS_STATUS_ASSOCIATED))
6610 goto nla_put_failure;
6611 break;
6612 case NL80211_IFTYPE_ADHOC:
6613 if (intbss == wdev->current_bss &&
6614 nla_put_u32(msg, NL80211_BSS_STATUS,
6615 NL80211_BSS_STATUS_IBSS_JOINED))
6616 goto nla_put_failure;
6617 break;
6618 default:
6619 break;
6620 }
6621
6622 nla_nest_end(msg, bss);
6623
6624 genlmsg_end(msg, hdr);
6625 return 0;
6626
6627 fail_unlock_rcu:
6628 rcu_read_unlock();
6629 nla_put_failure:
6630 genlmsg_cancel(msg, hdr);
6631 return -EMSGSIZE;
6632}
6633
6634static int nl80211_dump_scan(struct sk_buff *skb, struct netlink_callback *cb)
6635{
6636 struct cfg80211_registered_device *rdev;
6637 struct cfg80211_internal_bss *scan;
6638 struct wireless_dev *wdev;
6639 int start = cb->args[2], idx = 0;
6640 int err;
6641
6642 err = nl80211_prepare_wdev_dump(skb, cb, &rdev, &wdev);
6643 if (err)
6644 return err;
6645
6646 wdev_lock(wdev);
6647 spin_lock_bh(&rdev->bss_lock);
6648 cfg80211_bss_expire(rdev);
6649
6650 cb->seq = rdev->bss_generation;
6651
6652 list_for_each_entry(scan, &rdev->bss_list, list) {
6653 if (++idx <= start)
6654 continue;
6655 if (nl80211_send_bss(skb, cb,
6656 cb->nlh->nlmsg_seq, NLM_F_MULTI,
6657 rdev, wdev, scan) < 0) {
6658 idx--;
6659 break;
6660 }
6661 }
6662
6663 spin_unlock_bh(&rdev->bss_lock);
6664 wdev_unlock(wdev);
6665
6666 cb->args[2] = idx;
6667 nl80211_finish_wdev_dump(rdev);
6668
6669 return skb->len;
6670}
6671
6672static int nl80211_send_survey(struct sk_buff *msg, u32 portid, u32 seq,
6673 int flags, struct net_device *dev,
6674 bool allow_radio_stats,
6675 struct survey_info *survey)
6676{
6677 void *hdr;
6678 struct nlattr *infoattr;
6679
6680
6681 if (!survey->channel && !allow_radio_stats)
6682 return 0;
6683
6684 hdr = nl80211hdr_put(msg, portid, seq, flags,
6685 NL80211_CMD_NEW_SURVEY_RESULTS);
6686 if (!hdr)
6687 return -ENOMEM;
6688
6689 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex))
6690 goto nla_put_failure;
6691
6692 infoattr = nla_nest_start(msg, NL80211_ATTR_SURVEY_INFO);
6693 if (!infoattr)
6694 goto nla_put_failure;
6695
6696 if (survey->channel &&
6697 nla_put_u32(msg, NL80211_SURVEY_INFO_FREQUENCY,
6698 survey->channel->center_freq))
6699 goto nla_put_failure;
6700
6701 if ((survey->filled & SURVEY_INFO_NOISE_DBM) &&
6702 nla_put_u8(msg, NL80211_SURVEY_INFO_NOISE, survey->noise))
6703 goto nla_put_failure;
6704 if ((survey->filled & SURVEY_INFO_IN_USE) &&
6705 nla_put_flag(msg, NL80211_SURVEY_INFO_IN_USE))
6706 goto nla_put_failure;
6707 if ((survey->filled & SURVEY_INFO_TIME) &&
6708 nla_put_u64(msg, NL80211_SURVEY_INFO_TIME,
6709 survey->time))
6710 goto nla_put_failure;
6711 if ((survey->filled & SURVEY_INFO_TIME_BUSY) &&
6712 nla_put_u64(msg, NL80211_SURVEY_INFO_TIME_BUSY,
6713 survey->time_busy))
6714 goto nla_put_failure;
6715 if ((survey->filled & SURVEY_INFO_TIME_EXT_BUSY) &&
6716 nla_put_u64(msg, NL80211_SURVEY_INFO_TIME_EXT_BUSY,
6717 survey->time_ext_busy))
6718 goto nla_put_failure;
6719 if ((survey->filled & SURVEY_INFO_TIME_RX) &&
6720 nla_put_u64(msg, NL80211_SURVEY_INFO_TIME_RX,
6721 survey->time_rx))
6722 goto nla_put_failure;
6723 if ((survey->filled & SURVEY_INFO_TIME_TX) &&
6724 nla_put_u64(msg, NL80211_SURVEY_INFO_TIME_TX,
6725 survey->time_tx))
6726 goto nla_put_failure;
6727 if ((survey->filled & SURVEY_INFO_TIME_SCAN) &&
6728 nla_put_u64(msg, NL80211_SURVEY_INFO_TIME_SCAN,
6729 survey->time_scan))
6730 goto nla_put_failure;
6731
6732 nla_nest_end(msg, infoattr);
6733
6734 genlmsg_end(msg, hdr);
6735 return 0;
6736
6737 nla_put_failure:
6738 genlmsg_cancel(msg, hdr);
6739 return -EMSGSIZE;
6740}
6741
6742static int nl80211_dump_survey(struct sk_buff *skb, struct netlink_callback *cb)
6743{
6744 struct survey_info survey;
6745 struct cfg80211_registered_device *rdev;
6746 struct wireless_dev *wdev;
6747 int survey_idx = cb->args[2];
6748 int res;
6749 bool radio_stats;
6750
6751 res = nl80211_prepare_wdev_dump(skb, cb, &rdev, &wdev);
6752 if (res)
6753 return res;
6754
6755
6756 radio_stats = nl80211_fam.attrbuf[NL80211_ATTR_SURVEY_RADIO_STATS];
6757
6758 if (!wdev->netdev) {
6759 res = -EINVAL;
6760 goto out_err;
6761 }
6762
6763 if (!rdev->ops->dump_survey) {
6764 res = -EOPNOTSUPP;
6765 goto out_err;
6766 }
6767
6768 while (1) {
6769 res = rdev_dump_survey(rdev, wdev->netdev, survey_idx, &survey);
6770 if (res == -ENOENT)
6771 break;
6772 if (res)
6773 goto out_err;
6774
6775
6776 if (survey.channel &&
6777 survey.channel->flags & IEEE80211_CHAN_DISABLED) {
6778 survey_idx++;
6779 continue;
6780 }
6781
6782 if (nl80211_send_survey(skb,
6783 NETLINK_CB(cb->skb).portid,
6784 cb->nlh->nlmsg_seq, NLM_F_MULTI,
6785 wdev->netdev, radio_stats, &survey) < 0)
6786 goto out;
6787 survey_idx++;
6788 }
6789
6790 out:
6791 cb->args[2] = survey_idx;
6792 res = skb->len;
6793 out_err:
6794 nl80211_finish_wdev_dump(rdev);
6795 return res;
6796}
6797
6798static bool nl80211_valid_wpa_versions(u32 wpa_versions)
6799{
6800 return !(wpa_versions & ~(NL80211_WPA_VERSION_1 |
6801 NL80211_WPA_VERSION_2));
6802}
6803
6804static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info)
6805{
6806 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6807 struct net_device *dev = info->user_ptr[1];
6808 struct ieee80211_channel *chan;
6809 const u8 *bssid, *ssid, *ie = NULL, *sae_data = NULL;
6810 int err, ssid_len, ie_len = 0, sae_data_len = 0;
6811 enum nl80211_auth_type auth_type;
6812 struct key_parse key;
6813 bool local_state_change;
6814
6815 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
6816 return -EINVAL;
6817
6818 if (!info->attrs[NL80211_ATTR_MAC])
6819 return -EINVAL;
6820
6821 if (!info->attrs[NL80211_ATTR_AUTH_TYPE])
6822 return -EINVAL;
6823
6824 if (!info->attrs[NL80211_ATTR_SSID])
6825 return -EINVAL;
6826
6827 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ])
6828 return -EINVAL;
6829
6830 err = nl80211_parse_key(info, &key);
6831 if (err)
6832 return err;
6833
6834 if (key.idx >= 0) {
6835 if (key.type != -1 && key.type != NL80211_KEYTYPE_GROUP)
6836 return -EINVAL;
6837 if (!key.p.key || !key.p.key_len)
6838 return -EINVAL;
6839 if ((key.p.cipher != WLAN_CIPHER_SUITE_WEP40 ||
6840 key.p.key_len != WLAN_KEY_LEN_WEP40) &&
6841 (key.p.cipher != WLAN_CIPHER_SUITE_WEP104 ||
6842 key.p.key_len != WLAN_KEY_LEN_WEP104))
6843 return -EINVAL;
6844 if (key.idx > 4)
6845 return -EINVAL;
6846 } else {
6847 key.p.key_len = 0;
6848 key.p.key = NULL;
6849 }
6850
6851 if (key.idx >= 0) {
6852 int i;
6853 bool ok = false;
6854 for (i = 0; i < rdev->wiphy.n_cipher_suites; i++) {
6855 if (key.p.cipher == rdev->wiphy.cipher_suites[i]) {
6856 ok = true;
6857 break;
6858 }
6859 }
6860 if (!ok)
6861 return -EINVAL;
6862 }
6863
6864 if (!rdev->ops->auth)
6865 return -EOPNOTSUPP;
6866
6867 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
6868 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
6869 return -EOPNOTSUPP;
6870
6871 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
6872 chan = nl80211_get_valid_chan(&rdev->wiphy,
6873 info->attrs[NL80211_ATTR_WIPHY_FREQ]);
6874 if (!chan)
6875 return -EINVAL;
6876
6877 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
6878 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
6879
6880 if (info->attrs[NL80211_ATTR_IE]) {
6881 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
6882 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
6883 }
6884
6885 auth_type = nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]);
6886 if (!nl80211_valid_auth_type(rdev, auth_type, NL80211_CMD_AUTHENTICATE))
6887 return -EINVAL;
6888
6889 if (auth_type == NL80211_AUTHTYPE_SAE &&
6890 !info->attrs[NL80211_ATTR_SAE_DATA])
6891 return -EINVAL;
6892
6893 if (info->attrs[NL80211_ATTR_SAE_DATA]) {
6894 if (auth_type != NL80211_AUTHTYPE_SAE)
6895 return -EINVAL;
6896 sae_data = nla_data(info->attrs[NL80211_ATTR_SAE_DATA]);
6897 sae_data_len = nla_len(info->attrs[NL80211_ATTR_SAE_DATA]);
6898
6899 if (sae_data_len < 4)
6900 return -EINVAL;
6901 }
6902
6903 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE];
6904
6905
6906
6907
6908
6909 if (local_state_change)
6910 return 0;
6911
6912 wdev_lock(dev->ieee80211_ptr);
6913 err = cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid,
6914 ssid, ssid_len, ie, ie_len,
6915 key.p.key, key.p.key_len, key.idx,
6916 sae_data, sae_data_len);
6917 wdev_unlock(dev->ieee80211_ptr);
6918 return err;
6919}
6920
6921static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev,
6922 struct genl_info *info,
6923 struct cfg80211_crypto_settings *settings,
6924 int cipher_limit)
6925{
6926 memset(settings, 0, sizeof(*settings));
6927
6928 settings->control_port = info->attrs[NL80211_ATTR_CONTROL_PORT];
6929
6930 if (info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]) {
6931 u16 proto;
6932 proto = nla_get_u16(
6933 info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]);
6934 settings->control_port_ethertype = cpu_to_be16(proto);
6935 if (!(rdev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) &&
6936 proto != ETH_P_PAE)
6937 return -EINVAL;
6938 if (info->attrs[NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT])
6939 settings->control_port_no_encrypt = true;
6940 } else
6941 settings->control_port_ethertype = cpu_to_be16(ETH_P_PAE);
6942
6943 if (info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]) {
6944 void *data;
6945 int len, i;
6946
6947 data = nla_data(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]);
6948 len = nla_len(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]);
6949 settings->n_ciphers_pairwise = len / sizeof(u32);
6950
6951 if (len % sizeof(u32))
6952 return -EINVAL;
6953
6954 if (settings->n_ciphers_pairwise > cipher_limit)
6955 return -EINVAL;
6956
6957 memcpy(settings->ciphers_pairwise, data, len);
6958
6959 for (i = 0; i < settings->n_ciphers_pairwise; i++)
6960 if (!cfg80211_supported_cipher_suite(
6961 &rdev->wiphy,
6962 settings->ciphers_pairwise[i]))
6963 return -EINVAL;
6964 }
6965
6966 if (info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]) {
6967 settings->cipher_group =
6968 nla_get_u32(info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]);
6969 if (!cfg80211_supported_cipher_suite(&rdev->wiphy,
6970 settings->cipher_group))
6971 return -EINVAL;
6972 }
6973
6974 if (info->attrs[NL80211_ATTR_WPA_VERSIONS]) {
6975 settings->wpa_versions =
6976 nla_get_u32(info->attrs[NL80211_ATTR_WPA_VERSIONS]);
6977 if (!nl80211_valid_wpa_versions(settings->wpa_versions))
6978 return -EINVAL;
6979 }
6980
6981 if (info->attrs[NL80211_ATTR_AKM_SUITES]) {
6982 void *data;
6983 int len;
6984
6985 data = nla_data(info->attrs[NL80211_ATTR_AKM_SUITES]);
6986 len = nla_len(info->attrs[NL80211_ATTR_AKM_SUITES]);
6987 settings->n_akm_suites = len / sizeof(u32);
6988
6989 if (len % sizeof(u32))
6990 return -EINVAL;
6991
6992 if (settings->n_akm_suites > NL80211_MAX_NR_AKM_SUITES)
6993 return -EINVAL;
6994
6995 memcpy(settings->akm_suites, data, len);
6996 }
6997
6998 return 0;
6999}
7000
7001static int nl80211_associate(struct sk_buff *skb, struct genl_info *info)
7002{
7003 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7004 struct net_device *dev = info->user_ptr[1];
7005 struct ieee80211_channel *chan;
7006 struct cfg80211_assoc_request req = {};
7007 const u8 *bssid, *ssid;
7008 int err, ssid_len = 0;
7009
7010 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
7011 return -EINVAL;
7012
7013 if (!info->attrs[NL80211_ATTR_MAC] ||
7014 !info->attrs[NL80211_ATTR_SSID] ||
7015 !info->attrs[NL80211_ATTR_WIPHY_FREQ])
7016 return -EINVAL;
7017
7018 if (!rdev->ops->assoc)
7019 return -EOPNOTSUPP;
7020
7021 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
7022 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
7023 return -EOPNOTSUPP;
7024
7025 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
7026
7027 chan = nl80211_get_valid_chan(&rdev->wiphy,
7028 info->attrs[NL80211_ATTR_WIPHY_FREQ]);
7029 if (!chan)
7030 return -EINVAL;
7031
7032 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
7033 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
7034
7035 if (info->attrs[NL80211_ATTR_IE]) {
7036 req.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
7037 req.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
7038 }
7039
7040 if (info->attrs[NL80211_ATTR_USE_MFP]) {
7041 enum nl80211_mfp mfp =
7042 nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]);
7043 if (mfp == NL80211_MFP_REQUIRED)
7044 req.use_mfp = true;
7045 else if (mfp != NL80211_MFP_NO)
7046 return -EINVAL;
7047 }
7048
7049 if (info->attrs[NL80211_ATTR_PREV_BSSID])
7050 req.prev_bssid = nla_data(info->attrs[NL80211_ATTR_PREV_BSSID]);
7051
7052 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_HT]))
7053 req.flags |= ASSOC_REQ_DISABLE_HT;
7054
7055 if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
7056 memcpy(&req.ht_capa_mask,
7057 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]),
7058 sizeof(req.ht_capa_mask));
7059
7060 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) {
7061 if (!info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
7062 return -EINVAL;
7063 memcpy(&req.ht_capa,
7064 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]),
7065 sizeof(req.ht_capa));
7066 }
7067
7068 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_VHT]))
7069 req.flags |= ASSOC_REQ_DISABLE_VHT;
7070
7071 if (info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK])
7072 memcpy(&req.vht_capa_mask,
7073 nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK]),
7074 sizeof(req.vht_capa_mask));
7075
7076 if (info->attrs[NL80211_ATTR_VHT_CAPABILITY]) {
7077 if (!info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK])
7078 return -EINVAL;
7079 memcpy(&req.vht_capa,
7080 nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY]),
7081 sizeof(req.vht_capa));
7082 }
7083
7084 if (nla_get_flag(info->attrs[NL80211_ATTR_USE_RRM])) {
7085 if (!(rdev->wiphy.features &
7086 NL80211_FEATURE_DS_PARAM_SET_IE_IN_PROBES) ||
7087 !(rdev->wiphy.features & NL80211_FEATURE_QUIET))
7088 return -EINVAL;
7089 req.flags |= ASSOC_REQ_USE_RRM;
7090 }
7091
7092 err = nl80211_crypto_settings(rdev, info, &req.crypto, 1);
7093 if (!err) {
7094 wdev_lock(dev->ieee80211_ptr);
7095 err = cfg80211_mlme_assoc(rdev, dev, chan, bssid,
7096 ssid, ssid_len, &req);
7097 wdev_unlock(dev->ieee80211_ptr);
7098 }
7099
7100 return err;
7101}
7102
7103static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info)
7104{
7105 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7106 struct net_device *dev = info->user_ptr[1];
7107 const u8 *ie = NULL, *bssid;
7108 int ie_len = 0, err;
7109 u16 reason_code;
7110 bool local_state_change;
7111
7112 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
7113 return -EINVAL;
7114
7115 if (!info->attrs[NL80211_ATTR_MAC])
7116 return -EINVAL;
7117
7118 if (!info->attrs[NL80211_ATTR_REASON_CODE])
7119 return -EINVAL;
7120
7121 if (!rdev->ops->deauth)
7122 return -EOPNOTSUPP;
7123
7124 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
7125 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
7126 return -EOPNOTSUPP;
7127
7128 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
7129
7130 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
7131 if (reason_code == 0) {
7132
7133 return -EINVAL;
7134 }
7135
7136 if (info->attrs[NL80211_ATTR_IE]) {
7137 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
7138 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
7139 }
7140
7141 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE];
7142
7143 wdev_lock(dev->ieee80211_ptr);
7144 err = cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason_code,
7145 local_state_change);
7146 wdev_unlock(dev->ieee80211_ptr);
7147 return err;
7148}
7149
7150static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info)
7151{
7152 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7153 struct net_device *dev = info->user_ptr[1];
7154 const u8 *ie = NULL, *bssid;
7155 int ie_len = 0, err;
7156 u16 reason_code;
7157 bool local_state_change;
7158
7159 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
7160 return -EINVAL;
7161
7162 if (!info->attrs[NL80211_ATTR_MAC])
7163 return -EINVAL;
7164
7165 if (!info->attrs[NL80211_ATTR_REASON_CODE])
7166 return -EINVAL;
7167
7168 if (!rdev->ops->disassoc)
7169 return -EOPNOTSUPP;
7170
7171 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
7172 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
7173 return -EOPNOTSUPP;
7174
7175 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
7176
7177 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
7178 if (reason_code == 0) {
7179
7180 return -EINVAL;
7181 }
7182
7183 if (info->attrs[NL80211_ATTR_IE]) {
7184 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
7185 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
7186 }
7187
7188 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE];
7189
7190 wdev_lock(dev->ieee80211_ptr);
7191 err = cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason_code,
7192 local_state_change);
7193 wdev_unlock(dev->ieee80211_ptr);
7194 return err;
7195}
7196
7197static bool
7198nl80211_parse_mcast_rate(struct cfg80211_registered_device *rdev,
7199 int mcast_rate[IEEE80211_NUM_BANDS],
7200 int rateval)
7201{
7202 struct wiphy *wiphy = &rdev->wiphy;
7203 bool found = false;
7204 int band, i;
7205
7206 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
7207 struct ieee80211_supported_band *sband;
7208
7209 sband = wiphy->bands[band];
7210 if (!sband)
7211 continue;
7212
7213 for (i = 0; i < sband->n_bitrates; i++) {
7214 if (sband->bitrates[i].bitrate == rateval) {
7215 mcast_rate[band] = i + 1;
7216 found = true;
7217 break;
7218 }
7219 }
7220 }
7221
7222 return found;
7223}
7224
7225static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info)
7226{
7227 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7228 struct net_device *dev = info->user_ptr[1];
7229 struct cfg80211_ibss_params ibss;
7230 struct wiphy *wiphy;
7231 struct cfg80211_cached_keys *connkeys = NULL;
7232 int err;
7233
7234 memset(&ibss, 0, sizeof(ibss));
7235
7236 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
7237 return -EINVAL;
7238
7239 if (!info->attrs[NL80211_ATTR_SSID] ||
7240 !nla_len(info->attrs[NL80211_ATTR_SSID]))
7241 return -EINVAL;
7242
7243 ibss.beacon_interval = 100;
7244
7245 if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) {
7246 ibss.beacon_interval =
7247 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]);
7248 if (ibss.beacon_interval < 1 || ibss.beacon_interval > 10000)
7249 return -EINVAL;
7250 }
7251
7252 if (!rdev->ops->join_ibss)
7253 return -EOPNOTSUPP;
7254
7255 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC)
7256 return -EOPNOTSUPP;
7257
7258 wiphy = &rdev->wiphy;
7259
7260 if (info->attrs[NL80211_ATTR_MAC]) {
7261 ibss.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
7262
7263 if (!is_valid_ether_addr(ibss.bssid))
7264 return -EINVAL;
7265 }
7266 ibss.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
7267 ibss.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
7268
7269 if (info->attrs[NL80211_ATTR_IE]) {
7270 ibss.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
7271 ibss.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
7272 }
7273
7274 err = nl80211_parse_chandef(rdev, info, &ibss.chandef);
7275 if (err)
7276 return err;
7277
7278 if (!cfg80211_reg_can_beacon(&rdev->wiphy, &ibss.chandef,
7279 NL80211_IFTYPE_ADHOC))
7280 return -EINVAL;
7281
7282 switch (ibss.chandef.width) {
7283 case NL80211_CHAN_WIDTH_5:
7284 case NL80211_CHAN_WIDTH_10:
7285 case NL80211_CHAN_WIDTH_20_NOHT:
7286 break;
7287 case NL80211_CHAN_WIDTH_20:
7288 case NL80211_CHAN_WIDTH_40:
7289 if (!(rdev->wiphy.features & NL80211_FEATURE_HT_IBSS))
7290 return -EINVAL;
7291 break;
7292 case NL80211_CHAN_WIDTH_80:
7293 case NL80211_CHAN_WIDTH_80P80:
7294 case NL80211_CHAN_WIDTH_160:
7295 if (!(rdev->wiphy.features & NL80211_FEATURE_HT_IBSS))
7296 return -EINVAL;
7297 if (!wiphy_ext_feature_isset(&rdev->wiphy,
7298 NL80211_EXT_FEATURE_VHT_IBSS))
7299 return -EINVAL;
7300 break;
7301 default:
7302 return -EINVAL;
7303 }
7304
7305 ibss.channel_fixed = !!info->attrs[NL80211_ATTR_FREQ_FIXED];
7306 ibss.privacy = !!info->attrs[NL80211_ATTR_PRIVACY];
7307
7308 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) {
7309 u8 *rates =
7310 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
7311 int n_rates =
7312 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
7313 struct ieee80211_supported_band *sband =
7314 wiphy->bands[ibss.chandef.chan->band];
7315
7316 err = ieee80211_get_ratemask(sband, rates, n_rates,
7317 &ibss.basic_rates);
7318 if (err)
7319 return err;
7320 }
7321
7322 if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
7323 memcpy(&ibss.ht_capa_mask,
7324 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]),
7325 sizeof(ibss.ht_capa_mask));
7326
7327 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) {
7328 if (!info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
7329 return -EINVAL;
7330 memcpy(&ibss.ht_capa,
7331 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]),
7332 sizeof(ibss.ht_capa));
7333 }
7334
7335 if (info->attrs[NL80211_ATTR_MCAST_RATE] &&
7336 !nl80211_parse_mcast_rate(rdev, ibss.mcast_rate,
7337 nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE])))
7338 return -EINVAL;
7339
7340 if (ibss.privacy && info->attrs[NL80211_ATTR_KEYS]) {
7341 bool no_ht = false;
7342
7343 connkeys = nl80211_parse_connkeys(rdev,
7344 info->attrs[NL80211_ATTR_KEYS],
7345 &no_ht);
7346 if (IS_ERR(connkeys))
7347 return PTR_ERR(connkeys);
7348
7349 if ((ibss.chandef.width != NL80211_CHAN_WIDTH_20_NOHT) &&
7350 no_ht) {
7351 kfree(connkeys);
7352 return -EINVAL;
7353 }
7354 }
7355
7356 ibss.control_port =
7357 nla_get_flag(info->attrs[NL80211_ATTR_CONTROL_PORT]);
7358
7359 ibss.userspace_handles_dfs =
7360 nla_get_flag(info->attrs[NL80211_ATTR_HANDLE_DFS]);
7361
7362 err = cfg80211_join_ibss(rdev, dev, &ibss, connkeys);
7363 if (err)
7364 kzfree(connkeys);
7365 return err;
7366}
7367
7368static int nl80211_leave_ibss(struct sk_buff *skb, struct genl_info *info)
7369{
7370 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7371 struct net_device *dev = info->user_ptr[1];
7372
7373 if (!rdev->ops->leave_ibss)
7374 return -EOPNOTSUPP;
7375
7376 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC)
7377 return -EOPNOTSUPP;
7378
7379 return cfg80211_leave_ibss(rdev, dev, false);
7380}
7381
7382static int nl80211_set_mcast_rate(struct sk_buff *skb, struct genl_info *info)
7383{
7384 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7385 struct net_device *dev = info->user_ptr[1];
7386 int mcast_rate[IEEE80211_NUM_BANDS];
7387 u32 nla_rate;
7388 int err;
7389
7390 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC &&
7391 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
7392 return -EOPNOTSUPP;
7393
7394 if (!rdev->ops->set_mcast_rate)
7395 return -EOPNOTSUPP;
7396
7397 memset(mcast_rate, 0, sizeof(mcast_rate));
7398
7399 if (!info->attrs[NL80211_ATTR_MCAST_RATE])
7400 return -EINVAL;
7401
7402 nla_rate = nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE]);
7403 if (!nl80211_parse_mcast_rate(rdev, mcast_rate, nla_rate))
7404 return -EINVAL;
7405
7406 err = rdev->ops->set_mcast_rate(&rdev->wiphy, dev, mcast_rate);
7407
7408 return err;
7409}
7410
7411static struct sk_buff *
7412__cfg80211_alloc_vendor_skb(struct cfg80211_registered_device *rdev,
7413 struct wireless_dev *wdev, int approxlen,
7414 u32 portid, u32 seq, enum nl80211_commands cmd,
7415 enum nl80211_attrs attr,
7416 const struct nl80211_vendor_cmd_info *info,
7417 gfp_t gfp)
7418{
7419 struct sk_buff *skb;
7420 void *hdr;
7421 struct nlattr *data;
7422
7423 skb = nlmsg_new(approxlen + 100, gfp);
7424 if (!skb)
7425 return NULL;
7426
7427 hdr = nl80211hdr_put(skb, portid, seq, 0, cmd);
7428 if (!hdr) {
7429 kfree_skb(skb);
7430 return NULL;
7431 }
7432
7433 if (nla_put_u32(skb, NL80211_ATTR_WIPHY, rdev->wiphy_idx))
7434 goto nla_put_failure;
7435
7436 if (info) {
7437 if (nla_put_u32(skb, NL80211_ATTR_VENDOR_ID,
7438 info->vendor_id))
7439 goto nla_put_failure;
7440 if (nla_put_u32(skb, NL80211_ATTR_VENDOR_SUBCMD,
7441 info->subcmd))
7442 goto nla_put_failure;
7443 }
7444
7445 if (wdev) {
7446 if (nla_put_u64(skb, NL80211_ATTR_WDEV,
7447 wdev_id(wdev)))
7448 goto nla_put_failure;
7449 if (wdev->netdev &&
7450 nla_put_u32(skb, NL80211_ATTR_IFINDEX,
7451 wdev->netdev->ifindex))
7452 goto nla_put_failure;
7453 }
7454
7455 data = nla_nest_start(skb, attr);
7456
7457 ((void **)skb->cb)[0] = rdev;
7458 ((void **)skb->cb)[1] = hdr;
7459 ((void **)skb->cb)[2] = data;
7460
7461 return skb;
7462
7463 nla_put_failure:
7464 kfree_skb(skb);
7465 return NULL;
7466}
7467
7468struct sk_buff *__cfg80211_alloc_event_skb(struct wiphy *wiphy,
7469 struct wireless_dev *wdev,
7470 enum nl80211_commands cmd,
7471 enum nl80211_attrs attr,
7472 int vendor_event_idx,
7473 int approxlen, gfp_t gfp)
7474{
7475 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
7476 const struct nl80211_vendor_cmd_info *info;
7477
7478 switch (cmd) {
7479 case NL80211_CMD_TESTMODE:
7480 if (WARN_ON(vendor_event_idx != -1))
7481 return NULL;
7482 info = NULL;
7483 break;
7484 case NL80211_CMD_VENDOR:
7485 if (WARN_ON(vendor_event_idx < 0 ||
7486 vendor_event_idx >= wiphy->n_vendor_events))
7487 return NULL;
7488 info = &wiphy->vendor_events[vendor_event_idx];
7489 break;
7490 default:
7491 WARN_ON(1);
7492 return NULL;
7493 }
7494
7495 return __cfg80211_alloc_vendor_skb(rdev, wdev, approxlen, 0, 0,
7496 cmd, attr, info, gfp);
7497}
7498EXPORT_SYMBOL(__cfg80211_alloc_event_skb);
7499
7500void __cfg80211_send_event_skb(struct sk_buff *skb, gfp_t gfp)
7501{
7502 struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0];
7503 void *hdr = ((void **)skb->cb)[1];
7504 struct nlattr *data = ((void **)skb->cb)[2];
7505 enum nl80211_multicast_groups mcgrp = NL80211_MCGRP_TESTMODE;
7506
7507
7508 memset(skb->cb, 0, sizeof(skb->cb));
7509
7510 nla_nest_end(skb, data);
7511 genlmsg_end(skb, hdr);
7512
7513 if (data->nla_type == NL80211_ATTR_VENDOR_DATA)
7514 mcgrp = NL80211_MCGRP_VENDOR;
7515
7516 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), skb, 0,
7517 mcgrp, gfp);
7518}
7519EXPORT_SYMBOL(__cfg80211_send_event_skb);
7520
7521#ifdef CONFIG_NL80211_TESTMODE
7522static int nl80211_testmode_do(struct sk_buff *skb, struct genl_info *info)
7523{
7524 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7525 struct wireless_dev *wdev =
7526 __cfg80211_wdev_from_attrs(genl_info_net(info), info->attrs);
7527 int err;
7528
7529 if (!rdev->ops->testmode_cmd)
7530 return -EOPNOTSUPP;
7531
7532 if (IS_ERR(wdev)) {
7533 err = PTR_ERR(wdev);
7534 if (err != -EINVAL)
7535 return err;
7536 wdev = NULL;
7537 } else if (wdev->wiphy != &rdev->wiphy) {
7538 return -EINVAL;
7539 }
7540
7541 if (!info->attrs[NL80211_ATTR_TESTDATA])
7542 return -EINVAL;
7543
7544 rdev->cur_cmd_info = info;
7545 err = rdev_testmode_cmd(rdev, wdev,
7546 nla_data(info->attrs[NL80211_ATTR_TESTDATA]),
7547 nla_len(info->attrs[NL80211_ATTR_TESTDATA]));
7548 rdev->cur_cmd_info = NULL;
7549
7550 return err;
7551}
7552
7553static int nl80211_testmode_dump(struct sk_buff *skb,
7554 struct netlink_callback *cb)
7555{
7556 struct cfg80211_registered_device *rdev;
7557 int err;
7558 long phy_idx;
7559 void *data = NULL;
7560 int data_len = 0;
7561
7562 rtnl_lock();
7563
7564 if (cb->args[0]) {
7565
7566
7567
7568
7569 phy_idx = cb->args[0] - 1;
7570 } else {
7571 err = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize,
7572 nl80211_fam.attrbuf, nl80211_fam.maxattr,
7573 nl80211_policy);
7574 if (err)
7575 goto out_err;
7576
7577 rdev = __cfg80211_rdev_from_attrs(sock_net(skb->sk),
7578 nl80211_fam.attrbuf);
7579 if (IS_ERR(rdev)) {
7580 err = PTR_ERR(rdev);
7581 goto out_err;
7582 }
7583 phy_idx = rdev->wiphy_idx;
7584 rdev = NULL;
7585
7586 if (nl80211_fam.attrbuf[NL80211_ATTR_TESTDATA])
7587 cb->args[1] =
7588 (long)nl80211_fam.attrbuf[NL80211_ATTR_TESTDATA];
7589 }
7590
7591 if (cb->args[1]) {
7592 data = nla_data((void *)cb->args[1]);
7593 data_len = nla_len((void *)cb->args[1]);
7594 }
7595
7596 rdev = cfg80211_rdev_by_wiphy_idx(phy_idx);
7597 if (!rdev) {
7598 err = -ENOENT;
7599 goto out_err;
7600 }
7601
7602 if (!rdev->ops->testmode_dump) {
7603 err = -EOPNOTSUPP;
7604 goto out_err;
7605 }
7606
7607 while (1) {
7608 void *hdr = nl80211hdr_put(skb, NETLINK_CB(cb->skb).portid,
7609 cb->nlh->nlmsg_seq, NLM_F_MULTI,
7610 NL80211_CMD_TESTMODE);
7611 struct nlattr *tmdata;
7612
7613 if (!hdr)
7614 break;
7615
7616 if (nla_put_u32(skb, NL80211_ATTR_WIPHY, phy_idx)) {
7617 genlmsg_cancel(skb, hdr);
7618 break;
7619 }
7620
7621 tmdata = nla_nest_start(skb, NL80211_ATTR_TESTDATA);
7622 if (!tmdata) {
7623 genlmsg_cancel(skb, hdr);
7624 break;
7625 }
7626 err = rdev_testmode_dump(rdev, skb, cb, data, data_len);
7627 nla_nest_end(skb, tmdata);
7628
7629 if (err == -ENOBUFS || err == -ENOENT) {
7630 genlmsg_cancel(skb, hdr);
7631 break;
7632 } else if (err) {
7633 genlmsg_cancel(skb, hdr);
7634 goto out_err;
7635 }
7636
7637 genlmsg_end(skb, hdr);
7638 }
7639
7640 err = skb->len;
7641
7642 cb->args[0] = phy_idx + 1;
7643 out_err:
7644 rtnl_unlock();
7645 return err;
7646}
7647#endif
7648
7649static int nl80211_connect(struct sk_buff *skb, struct genl_info *info)
7650{
7651 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7652 struct net_device *dev = info->user_ptr[1];
7653 struct cfg80211_connect_params connect;
7654 struct wiphy *wiphy;
7655 struct cfg80211_cached_keys *connkeys = NULL;
7656 int err;
7657
7658 memset(&connect, 0, sizeof(connect));
7659
7660 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
7661 return -EINVAL;
7662
7663 if (!info->attrs[NL80211_ATTR_SSID] ||
7664 !nla_len(info->attrs[NL80211_ATTR_SSID]))
7665 return -EINVAL;
7666
7667 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) {
7668 connect.auth_type =
7669 nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]);
7670 if (!nl80211_valid_auth_type(rdev, connect.auth_type,
7671 NL80211_CMD_CONNECT))
7672 return -EINVAL;
7673 } else
7674 connect.auth_type = NL80211_AUTHTYPE_AUTOMATIC;
7675
7676 connect.privacy = info->attrs[NL80211_ATTR_PRIVACY];
7677
7678 err = nl80211_crypto_settings(rdev, info, &connect.crypto,
7679 NL80211_MAX_NR_CIPHER_SUITES);
7680 if (err)
7681 return err;
7682
7683 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
7684 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
7685 return -EOPNOTSUPP;
7686
7687 wiphy = &rdev->wiphy;
7688
7689 connect.bg_scan_period = -1;
7690 if (info->attrs[NL80211_ATTR_BG_SCAN_PERIOD] &&
7691 (wiphy->flags & WIPHY_FLAG_SUPPORTS_FW_ROAM)) {
7692 connect.bg_scan_period =
7693 nla_get_u16(info->attrs[NL80211_ATTR_BG_SCAN_PERIOD]);
7694 }
7695
7696 if (info->attrs[NL80211_ATTR_MAC])
7697 connect.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
7698 else if (info->attrs[NL80211_ATTR_MAC_HINT])
7699 connect.bssid_hint =
7700 nla_data(info->attrs[NL80211_ATTR_MAC_HINT]);
7701 connect.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
7702 connect.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
7703
7704 if (info->attrs[NL80211_ATTR_IE]) {
7705 connect.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
7706 connect.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
7707 }
7708
7709 if (info->attrs[NL80211_ATTR_USE_MFP]) {
7710 connect.mfp = nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]);
7711 if (connect.mfp != NL80211_MFP_REQUIRED &&
7712 connect.mfp != NL80211_MFP_NO)
7713 return -EINVAL;
7714 } else {
7715 connect.mfp = NL80211_MFP_NO;
7716 }
7717
7718 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
7719 connect.channel = nl80211_get_valid_chan(
7720 wiphy, info->attrs[NL80211_ATTR_WIPHY_FREQ]);
7721 if (!connect.channel)
7722 return -EINVAL;
7723 } else if (info->attrs[NL80211_ATTR_WIPHY_FREQ_HINT]) {
7724 connect.channel_hint = nl80211_get_valid_chan(
7725 wiphy, info->attrs[NL80211_ATTR_WIPHY_FREQ_HINT]);
7726 if (!connect.channel_hint)
7727 return -EINVAL;
7728 }
7729
7730 if (connect.privacy && info->attrs[NL80211_ATTR_KEYS]) {
7731 connkeys = nl80211_parse_connkeys(rdev,
7732 info->attrs[NL80211_ATTR_KEYS], NULL);
7733 if (IS_ERR(connkeys))
7734 return PTR_ERR(connkeys);
7735 }
7736
7737 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_HT]))
7738 connect.flags |= ASSOC_REQ_DISABLE_HT;
7739
7740 if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
7741 memcpy(&connect.ht_capa_mask,
7742 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]),
7743 sizeof(connect.ht_capa_mask));
7744
7745 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) {
7746 if (!info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]) {
7747 kzfree(connkeys);
7748 return -EINVAL;
7749 }
7750 memcpy(&connect.ht_capa,
7751 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]),
7752 sizeof(connect.ht_capa));
7753 }
7754
7755 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_VHT]))
7756 connect.flags |= ASSOC_REQ_DISABLE_VHT;
7757
7758 if (info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK])
7759 memcpy(&connect.vht_capa_mask,
7760 nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK]),
7761 sizeof(connect.vht_capa_mask));
7762
7763 if (info->attrs[NL80211_ATTR_VHT_CAPABILITY]) {
7764 if (!info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK]) {
7765 kzfree(connkeys);
7766 return -EINVAL;
7767 }
7768 memcpy(&connect.vht_capa,
7769 nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY]),
7770 sizeof(connect.vht_capa));
7771 }
7772
7773 if (nla_get_flag(info->attrs[NL80211_ATTR_USE_RRM])) {
7774 if (!(rdev->wiphy.features &
7775 NL80211_FEATURE_DS_PARAM_SET_IE_IN_PROBES) ||
7776 !(rdev->wiphy.features & NL80211_FEATURE_QUIET))
7777 return -EINVAL;
7778 connect.flags |= ASSOC_REQ_USE_RRM;
7779 }
7780
7781 wdev_lock(dev->ieee80211_ptr);
7782 err = cfg80211_connect(rdev, dev, &connect, connkeys, NULL);
7783 wdev_unlock(dev->ieee80211_ptr);
7784 if (err)
7785 kzfree(connkeys);
7786 return err;
7787}
7788
7789static int nl80211_disconnect(struct sk_buff *skb, struct genl_info *info)
7790{
7791 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7792 struct net_device *dev = info->user_ptr[1];
7793 u16 reason;
7794 int ret;
7795
7796 if (!info->attrs[NL80211_ATTR_REASON_CODE])
7797 reason = WLAN_REASON_DEAUTH_LEAVING;
7798 else
7799 reason = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
7800
7801 if (reason == 0)
7802 return -EINVAL;
7803
7804 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
7805 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
7806 return -EOPNOTSUPP;
7807
7808 wdev_lock(dev->ieee80211_ptr);
7809 ret = cfg80211_disconnect(rdev, dev, reason, true);
7810 wdev_unlock(dev->ieee80211_ptr);
7811 return ret;
7812}
7813
7814static int nl80211_wiphy_netns(struct sk_buff *skb, struct genl_info *info)
7815{
7816 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7817 struct net *net;
7818 int err;
7819
7820 if (info->attrs[NL80211_ATTR_PID]) {
7821 u32 pid = nla_get_u32(info->attrs[NL80211_ATTR_PID]);
7822
7823 net = get_net_ns_by_pid(pid);
7824 } else if (info->attrs[NL80211_ATTR_NETNS_FD]) {
7825 u32 fd = nla_get_u32(info->attrs[NL80211_ATTR_NETNS_FD]);
7826
7827 net = get_net_ns_by_fd(fd);
7828 } else {
7829 return -EINVAL;
7830 }
7831
7832 if (IS_ERR(net))
7833 return PTR_ERR(net);
7834
7835 err = 0;
7836
7837
7838 if (!net_eq(wiphy_net(&rdev->wiphy), net))
7839 err = cfg80211_switch_netns(rdev, net);
7840
7841 put_net(net);
7842 return err;
7843}
7844
7845static int nl80211_setdel_pmksa(struct sk_buff *skb, struct genl_info *info)
7846{
7847 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7848 int (*rdev_ops)(struct wiphy *wiphy, struct net_device *dev,
7849 struct cfg80211_pmksa *pmksa) = NULL;
7850 struct net_device *dev = info->user_ptr[1];
7851 struct cfg80211_pmksa pmksa;
7852
7853 memset(&pmksa, 0, sizeof(struct cfg80211_pmksa));
7854
7855 if (!info->attrs[NL80211_ATTR_MAC])
7856 return -EINVAL;
7857
7858 if (!info->attrs[NL80211_ATTR_PMKID])
7859 return -EINVAL;
7860
7861 pmksa.pmkid = nla_data(info->attrs[NL80211_ATTR_PMKID]);
7862 pmksa.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
7863
7864 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
7865 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
7866 return -EOPNOTSUPP;
7867
7868 switch (info->genlhdr->cmd) {
7869 case NL80211_CMD_SET_PMKSA:
7870 rdev_ops = rdev->ops->set_pmksa;
7871 break;
7872 case NL80211_CMD_DEL_PMKSA:
7873 rdev_ops = rdev->ops->del_pmksa;
7874 break;
7875 default:
7876 WARN_ON(1);
7877 break;
7878 }
7879
7880 if (!rdev_ops)
7881 return -EOPNOTSUPP;
7882
7883 return rdev_ops(&rdev->wiphy, dev, &pmksa);
7884}
7885
7886static int nl80211_flush_pmksa(struct sk_buff *skb, struct genl_info *info)
7887{
7888 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7889 struct net_device *dev = info->user_ptr[1];
7890
7891 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
7892 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
7893 return -EOPNOTSUPP;
7894
7895 if (!rdev->ops->flush_pmksa)
7896 return -EOPNOTSUPP;
7897
7898 return rdev_flush_pmksa(rdev, dev);
7899}
7900
7901static int nl80211_tdls_mgmt(struct sk_buff *skb, struct genl_info *info)
7902{
7903 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7904 struct net_device *dev = info->user_ptr[1];
7905 u8 action_code, dialog_token;
7906 u32 peer_capability = 0;
7907 u16 status_code;
7908 u8 *peer;
7909 bool initiator;
7910
7911 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) ||
7912 !rdev->ops->tdls_mgmt)
7913 return -EOPNOTSUPP;
7914
7915 if (!info->attrs[NL80211_ATTR_TDLS_ACTION] ||
7916 !info->attrs[NL80211_ATTR_STATUS_CODE] ||
7917 !info->attrs[NL80211_ATTR_TDLS_DIALOG_TOKEN] ||
7918 !info->attrs[NL80211_ATTR_IE] ||
7919 !info->attrs[NL80211_ATTR_MAC])
7920 return -EINVAL;
7921
7922 peer = nla_data(info->attrs[NL80211_ATTR_MAC]);
7923 action_code = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_ACTION]);
7924 status_code = nla_get_u16(info->attrs[NL80211_ATTR_STATUS_CODE]);
7925 dialog_token = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_DIALOG_TOKEN]);
7926 initiator = nla_get_flag(info->attrs[NL80211_ATTR_TDLS_INITIATOR]);
7927 if (info->attrs[NL80211_ATTR_TDLS_PEER_CAPABILITY])
7928 peer_capability =
7929 nla_get_u32(info->attrs[NL80211_ATTR_TDLS_PEER_CAPABILITY]);
7930
7931 return rdev_tdls_mgmt(rdev, dev, peer, action_code,
7932 dialog_token, status_code, peer_capability,
7933 initiator,
7934 nla_data(info->attrs[NL80211_ATTR_IE]),
7935 nla_len(info->attrs[NL80211_ATTR_IE]));
7936}
7937
7938static int nl80211_tdls_oper(struct sk_buff *skb, struct genl_info *info)
7939{
7940 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7941 struct net_device *dev = info->user_ptr[1];
7942 enum nl80211_tdls_operation operation;
7943 u8 *peer;
7944
7945 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) ||
7946 !rdev->ops->tdls_oper)
7947 return -EOPNOTSUPP;
7948
7949 if (!info->attrs[NL80211_ATTR_TDLS_OPERATION] ||
7950 !info->attrs[NL80211_ATTR_MAC])
7951 return -EINVAL;
7952
7953 operation = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_OPERATION]);
7954 peer = nla_data(info->attrs[NL80211_ATTR_MAC]);
7955
7956 return rdev_tdls_oper(rdev, dev, peer, operation);
7957}
7958
7959static int nl80211_remain_on_channel(struct sk_buff *skb,
7960 struct genl_info *info)
7961{
7962 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7963 struct wireless_dev *wdev = info->user_ptr[1];
7964 struct cfg80211_chan_def chandef;
7965 struct sk_buff *msg;
7966 void *hdr;
7967 u64 cookie;
7968 u32 duration;
7969 int err;
7970
7971 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] ||
7972 !info->attrs[NL80211_ATTR_DURATION])
7973 return -EINVAL;
7974
7975 duration = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]);
7976
7977 if (!rdev->ops->remain_on_channel ||
7978 !(rdev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL))
7979 return -EOPNOTSUPP;
7980
7981
7982
7983
7984
7985 if (duration < NL80211_MIN_REMAIN_ON_CHANNEL_TIME ||
7986 duration > rdev->wiphy.max_remain_on_channel_duration)
7987 return -EINVAL;
7988
7989 err = nl80211_parse_chandef(rdev, info, &chandef);
7990 if (err)
7991 return err;
7992
7993 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
7994 if (!msg)
7995 return -ENOMEM;
7996
7997 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
7998 NL80211_CMD_REMAIN_ON_CHANNEL);
7999 if (!hdr) {
8000 err = -ENOBUFS;
8001 goto free_msg;
8002 }
8003
8004 err = rdev_remain_on_channel(rdev, wdev, chandef.chan,
8005 duration, &cookie);
8006
8007 if (err)
8008 goto free_msg;
8009
8010 if (nla_put_u64(msg, NL80211_ATTR_COOKIE, cookie))
8011 goto nla_put_failure;
8012
8013 genlmsg_end(msg, hdr);
8014
8015 return genlmsg_reply(msg, info);
8016
8017 nla_put_failure:
8018 err = -ENOBUFS;
8019 free_msg:
8020 nlmsg_free(msg);
8021 return err;
8022}
8023
8024static int nl80211_cancel_remain_on_channel(struct sk_buff *skb,
8025 struct genl_info *info)
8026{
8027 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8028 struct wireless_dev *wdev = info->user_ptr[1];
8029 u64 cookie;
8030
8031 if (!info->attrs[NL80211_ATTR_COOKIE])
8032 return -EINVAL;
8033
8034 if (!rdev->ops->cancel_remain_on_channel)
8035 return -EOPNOTSUPP;
8036
8037 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]);
8038
8039 return rdev_cancel_remain_on_channel(rdev, wdev, cookie);
8040}
8041
8042static u32 rateset_to_mask(struct ieee80211_supported_band *sband,
8043 u8 *rates, u8 rates_len)
8044{
8045 u8 i;
8046 u32 mask = 0;
8047
8048 for (i = 0; i < rates_len; i++) {
8049 int rate = (rates[i] & 0x7f) * 5;
8050 int ridx;
8051 for (ridx = 0; ridx < sband->n_bitrates; ridx++) {
8052 struct ieee80211_rate *srate =
8053 &sband->bitrates[ridx];
8054 if (rate == srate->bitrate) {
8055 mask |= 1 << ridx;
8056 break;
8057 }
8058 }
8059 if (ridx == sband->n_bitrates)
8060 return 0;
8061 }
8062
8063 return mask;
8064}
8065
8066static bool ht_rateset_to_mask(struct ieee80211_supported_band *sband,
8067 u8 *rates, u8 rates_len,
8068 u8 mcs[IEEE80211_HT_MCS_MASK_LEN])
8069{
8070 u8 i;
8071
8072 memset(mcs, 0, IEEE80211_HT_MCS_MASK_LEN);
8073
8074 for (i = 0; i < rates_len; i++) {
8075 int ridx, rbit;
8076
8077 ridx = rates[i] / 8;
8078 rbit = BIT(rates[i] % 8);
8079
8080
8081 if ((ridx < 0) || (ridx >= IEEE80211_HT_MCS_MASK_LEN))
8082 return false;
8083
8084
8085 if (sband->ht_cap.mcs.rx_mask[ridx] & rbit)
8086 mcs[ridx] |= rbit;
8087 else
8088 return false;
8089 }
8090
8091 return true;
8092}
8093
8094static u16 vht_mcs_map_to_mcs_mask(u8 vht_mcs_map)
8095{
8096 u16 mcs_mask = 0;
8097
8098 switch (vht_mcs_map) {
8099 case IEEE80211_VHT_MCS_NOT_SUPPORTED:
8100 break;
8101 case IEEE80211_VHT_MCS_SUPPORT_0_7:
8102 mcs_mask = 0x00FF;
8103 break;
8104 case IEEE80211_VHT_MCS_SUPPORT_0_8:
8105 mcs_mask = 0x01FF;
8106 break;
8107 case IEEE80211_VHT_MCS_SUPPORT_0_9:
8108 mcs_mask = 0x03FF;
8109 break;
8110 default:
8111 break;
8112 }
8113
8114 return mcs_mask;
8115}
8116
8117static void vht_build_mcs_mask(u16 vht_mcs_map,
8118 u16 vht_mcs_mask[NL80211_VHT_NSS_MAX])
8119{
8120 u8 nss;
8121
8122 for (nss = 0; nss < NL80211_VHT_NSS_MAX; nss++) {
8123 vht_mcs_mask[nss] = vht_mcs_map_to_mcs_mask(vht_mcs_map & 0x03);
8124 vht_mcs_map >>= 2;
8125 }
8126}
8127
8128static bool vht_set_mcs_mask(struct ieee80211_supported_band *sband,
8129 struct nl80211_txrate_vht *txrate,
8130 u16 mcs[NL80211_VHT_NSS_MAX])
8131{
8132 u16 tx_mcs_map = le16_to_cpu(sband->vht_cap.vht_mcs.tx_mcs_map);
8133 u16 tx_mcs_mask[NL80211_VHT_NSS_MAX] = {};
8134 u8 i;
8135
8136 if (!sband->vht_cap.vht_supported)
8137 return false;
8138
8139 memset(mcs, 0, sizeof(u16) * NL80211_VHT_NSS_MAX);
8140
8141
8142 vht_build_mcs_mask(tx_mcs_map, tx_mcs_mask);
8143
8144 for (i = 0; i < NL80211_VHT_NSS_MAX; i++) {
8145 if ((tx_mcs_mask[i] & txrate->mcs[i]) == txrate->mcs[i])
8146 mcs[i] = txrate->mcs[i];
8147 else
8148 return false;
8149 }
8150
8151 return true;
8152}
8153
8154static const struct nla_policy nl80211_txattr_policy[NL80211_TXRATE_MAX + 1] = {
8155 [NL80211_TXRATE_LEGACY] = { .type = NLA_BINARY,
8156 .len = NL80211_MAX_SUPP_RATES },
8157 [NL80211_TXRATE_HT] = { .type = NLA_BINARY,
8158 .len = NL80211_MAX_SUPP_HT_RATES },
8159 [NL80211_TXRATE_VHT] = { .len = sizeof(struct nl80211_txrate_vht)},
8160 [NL80211_TXRATE_GI] = { .type = NLA_U8 },
8161};
8162
8163static int nl80211_set_tx_bitrate_mask(struct sk_buff *skb,
8164 struct genl_info *info)
8165{
8166 struct nlattr *tb[NL80211_TXRATE_MAX + 1];
8167 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8168 struct cfg80211_bitrate_mask mask;
8169 int rem, i;
8170 struct net_device *dev = info->user_ptr[1];
8171 struct nlattr *tx_rates;
8172 struct ieee80211_supported_band *sband;
8173 u16 vht_tx_mcs_map;
8174
8175 if (!rdev->ops->set_bitrate_mask)
8176 return -EOPNOTSUPP;
8177
8178 memset(&mask, 0, sizeof(mask));
8179
8180 for (i = 0; i < IEEE80211_NUM_BANDS; i++) {
8181 sband = rdev->wiphy.bands[i];
8182
8183 if (!sband)
8184 continue;
8185
8186 mask.control[i].legacy = (1 << sband->n_bitrates) - 1;
8187 memcpy(mask.control[i].ht_mcs,
8188 sband->ht_cap.mcs.rx_mask,
8189 sizeof(mask.control[i].ht_mcs));
8190
8191 if (!sband->vht_cap.vht_supported)
8192 continue;
8193
8194 vht_tx_mcs_map = le16_to_cpu(sband->vht_cap.vht_mcs.tx_mcs_map);
8195 vht_build_mcs_mask(vht_tx_mcs_map, mask.control[i].vht_mcs);
8196 }
8197
8198
8199 if (!info->attrs[NL80211_ATTR_TX_RATES])
8200 goto out;
8201
8202
8203
8204
8205
8206 BUILD_BUG_ON(NL80211_MAX_SUPP_HT_RATES > IEEE80211_HT_MCS_MASK_LEN * 8);
8207 nla_for_each_nested(tx_rates, info->attrs[NL80211_ATTR_TX_RATES], rem) {
8208 enum ieee80211_band band = nla_type(tx_rates);
8209 int err;
8210
8211 if (band < 0 || band >= IEEE80211_NUM_BANDS)
8212 return -EINVAL;
8213 sband = rdev->wiphy.bands[band];
8214 if (sband == NULL)
8215 return -EINVAL;
8216 err = nla_parse(tb, NL80211_TXRATE_MAX, nla_data(tx_rates),
8217 nla_len(tx_rates), nl80211_txattr_policy);
8218 if (err)
8219 return err;
8220 if (tb[NL80211_TXRATE_LEGACY]) {
8221 mask.control[band].legacy = rateset_to_mask(
8222 sband,
8223 nla_data(tb[NL80211_TXRATE_LEGACY]),
8224 nla_len(tb[NL80211_TXRATE_LEGACY]));
8225 if ((mask.control[band].legacy == 0) &&
8226 nla_len(tb[NL80211_TXRATE_LEGACY]))
8227 return -EINVAL;
8228 }
8229 if (tb[NL80211_TXRATE_HT]) {
8230 if (!ht_rateset_to_mask(
8231 sband,
8232 nla_data(tb[NL80211_TXRATE_HT]),
8233 nla_len(tb[NL80211_TXRATE_HT]),
8234 mask.control[band].ht_mcs))
8235 return -EINVAL;
8236 }
8237 if (tb[NL80211_TXRATE_VHT]) {
8238 if (!vht_set_mcs_mask(
8239 sband,
8240 nla_data(tb[NL80211_TXRATE_VHT]),
8241 mask.control[band].vht_mcs))
8242 return -EINVAL;
8243 }
8244 if (tb[NL80211_TXRATE_GI]) {
8245 mask.control[band].gi =
8246 nla_get_u8(tb[NL80211_TXRATE_GI]);
8247 if (mask.control[band].gi > NL80211_TXRATE_FORCE_LGI)
8248 return -EINVAL;
8249 }
8250
8251 if (mask.control[band].legacy == 0) {
8252
8253
8254
8255 if (!(rdev->wiphy.bands[band]->ht_cap.ht_supported ||
8256 rdev->wiphy.bands[band]->vht_cap.vht_supported))
8257 return -EINVAL;
8258
8259 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++)
8260 if (mask.control[band].ht_mcs[i])
8261 goto out;
8262
8263 for (i = 0; i < NL80211_VHT_NSS_MAX; i++)
8264 if (mask.control[band].vht_mcs[i])
8265 goto out;
8266
8267
8268 return -EINVAL;
8269 }
8270 }
8271
8272out:
8273 return rdev_set_bitrate_mask(rdev, dev, NULL, &mask);
8274}
8275
8276static int nl80211_register_mgmt(struct sk_buff *skb, struct genl_info *info)
8277{
8278 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8279 struct wireless_dev *wdev = info->user_ptr[1];
8280 u16 frame_type = IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_ACTION;
8281
8282 if (!info->attrs[NL80211_ATTR_FRAME_MATCH])
8283 return -EINVAL;
8284
8285 if (info->attrs[NL80211_ATTR_FRAME_TYPE])
8286 frame_type = nla_get_u16(info->attrs[NL80211_ATTR_FRAME_TYPE]);
8287
8288 switch (wdev->iftype) {
8289 case NL80211_IFTYPE_STATION:
8290 case NL80211_IFTYPE_ADHOC:
8291 case NL80211_IFTYPE_P2P_CLIENT:
8292 case NL80211_IFTYPE_AP:
8293 case NL80211_IFTYPE_AP_VLAN:
8294 case NL80211_IFTYPE_MESH_POINT:
8295 case NL80211_IFTYPE_P2P_GO:
8296 case NL80211_IFTYPE_P2P_DEVICE:
8297 break;
8298 default:
8299 return -EOPNOTSUPP;
8300 }
8301
8302
8303 if (!rdev->ops->mgmt_tx)
8304 return -EOPNOTSUPP;
8305
8306 return cfg80211_mlme_register_mgmt(wdev, info->snd_portid, frame_type,
8307 nla_data(info->attrs[NL80211_ATTR_FRAME_MATCH]),
8308 nla_len(info->attrs[NL80211_ATTR_FRAME_MATCH]));
8309}
8310
8311static int nl80211_tx_mgmt(struct sk_buff *skb, struct genl_info *info)
8312{
8313 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8314 struct wireless_dev *wdev = info->user_ptr[1];
8315 struct cfg80211_chan_def chandef;
8316 int err;
8317 void *hdr = NULL;
8318 u64 cookie;
8319 struct sk_buff *msg = NULL;
8320 struct cfg80211_mgmt_tx_params params = {
8321 .dont_wait_for_ack =
8322 info->attrs[NL80211_ATTR_DONT_WAIT_FOR_ACK],
8323 };
8324
8325 if (!info->attrs[NL80211_ATTR_FRAME])
8326 return -EINVAL;
8327
8328 if (!rdev->ops->mgmt_tx)
8329 return -EOPNOTSUPP;
8330
8331 switch (wdev->iftype) {
8332 case NL80211_IFTYPE_P2P_DEVICE:
8333 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ])
8334 return -EINVAL;
8335 case NL80211_IFTYPE_STATION:
8336 case NL80211_IFTYPE_ADHOC:
8337 case NL80211_IFTYPE_P2P_CLIENT:
8338 case NL80211_IFTYPE_AP:
8339 case NL80211_IFTYPE_AP_VLAN:
8340 case NL80211_IFTYPE_MESH_POINT:
8341 case NL80211_IFTYPE_P2P_GO:
8342 break;
8343 default:
8344 return -EOPNOTSUPP;
8345 }
8346
8347 if (info->attrs[NL80211_ATTR_DURATION]) {
8348 if (!(rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX))
8349 return -EINVAL;
8350 params.wait = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]);
8351
8352
8353
8354
8355
8356 if (params.wait < NL80211_MIN_REMAIN_ON_CHANNEL_TIME ||
8357 params.wait > rdev->wiphy.max_remain_on_channel_duration)
8358 return -EINVAL;
8359
8360 }
8361
8362 params.offchan = info->attrs[NL80211_ATTR_OFFCHANNEL_TX_OK];
8363
8364 if (params.offchan && !(rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX))
8365 return -EINVAL;
8366
8367 params.no_cck = nla_get_flag(info->attrs[NL80211_ATTR_TX_NO_CCK_RATE]);
8368
8369
8370
8371
8372 chandef.chan = NULL;
8373 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
8374 err = nl80211_parse_chandef(rdev, info, &chandef);
8375 if (err)
8376 return err;
8377 }
8378
8379 if (!chandef.chan && params.offchan)
8380 return -EINVAL;
8381
8382 params.buf = nla_data(info->attrs[NL80211_ATTR_FRAME]);
8383 params.len = nla_len(info->attrs[NL80211_ATTR_FRAME]);
8384
8385 if (info->attrs[NL80211_ATTR_CSA_C_OFFSETS_TX]) {
8386 int len = nla_len(info->attrs[NL80211_ATTR_CSA_C_OFFSETS_TX]);
8387 int i;
8388
8389 if (len % sizeof(u16))
8390 return -EINVAL;
8391
8392 params.n_csa_offsets = len / sizeof(u16);
8393 params.csa_offsets =
8394 nla_data(info->attrs[NL80211_ATTR_CSA_C_OFFSETS_TX]);
8395
8396
8397 for (i = 0; i < params.n_csa_offsets; i++) {
8398 if (params.csa_offsets[i] >= params.len)
8399 return -EINVAL;
8400 }
8401 }
8402
8403 if (!params.dont_wait_for_ack) {
8404 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
8405 if (!msg)
8406 return -ENOMEM;
8407
8408 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
8409 NL80211_CMD_FRAME);
8410 if (!hdr) {
8411 err = -ENOBUFS;
8412 goto free_msg;
8413 }
8414 }
8415
8416 params.chan = chandef.chan;
8417 err = cfg80211_mlme_mgmt_tx(rdev, wdev, ¶ms, &cookie);
8418 if (err)
8419 goto free_msg;
8420
8421 if (msg) {
8422 if (nla_put_u64(msg, NL80211_ATTR_COOKIE, cookie))
8423 goto nla_put_failure;
8424
8425 genlmsg_end(msg, hdr);
8426 return genlmsg_reply(msg, info);
8427 }
8428
8429 return 0;
8430
8431 nla_put_failure:
8432 err = -ENOBUFS;
8433 free_msg:
8434 nlmsg_free(msg);
8435 return err;
8436}
8437
8438static int nl80211_tx_mgmt_cancel_wait(struct sk_buff *skb, struct genl_info *info)
8439{
8440 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8441 struct wireless_dev *wdev = info->user_ptr[1];
8442 u64 cookie;
8443
8444 if (!info->attrs[NL80211_ATTR_COOKIE])
8445 return -EINVAL;
8446
8447 if (!rdev->ops->mgmt_tx_cancel_wait)
8448 return -EOPNOTSUPP;
8449
8450 switch (wdev->iftype) {
8451 case NL80211_IFTYPE_STATION:
8452 case NL80211_IFTYPE_ADHOC:
8453 case NL80211_IFTYPE_P2P_CLIENT:
8454 case NL80211_IFTYPE_AP:
8455 case NL80211_IFTYPE_AP_VLAN:
8456 case NL80211_IFTYPE_P2P_GO:
8457 case NL80211_IFTYPE_P2P_DEVICE:
8458 break;
8459 default:
8460 return -EOPNOTSUPP;
8461 }
8462
8463 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]);
8464
8465 return rdev_mgmt_tx_cancel_wait(rdev, wdev, cookie);
8466}
8467
8468static int nl80211_set_power_save(struct sk_buff *skb, struct genl_info *info)
8469{
8470 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8471 struct wireless_dev *wdev;
8472 struct net_device *dev = info->user_ptr[1];
8473 u8 ps_state;
8474 bool state;
8475 int err;
8476
8477 if (!info->attrs[NL80211_ATTR_PS_STATE])
8478 return -EINVAL;
8479
8480 ps_state = nla_get_u32(info->attrs[NL80211_ATTR_PS_STATE]);
8481
8482 if (ps_state != NL80211_PS_DISABLED && ps_state != NL80211_PS_ENABLED)
8483 return -EINVAL;
8484
8485 wdev = dev->ieee80211_ptr;
8486
8487 if (!rdev->ops->set_power_mgmt)
8488 return -EOPNOTSUPP;
8489
8490 state = (ps_state == NL80211_PS_ENABLED) ? true : false;
8491
8492 if (state == wdev->ps)
8493 return 0;
8494
8495 err = rdev_set_power_mgmt(rdev, dev, state, wdev->ps_timeout);
8496 if (!err)
8497 wdev->ps = state;
8498 return err;
8499}
8500
8501static int nl80211_get_power_save(struct sk_buff *skb, struct genl_info *info)
8502{
8503 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8504 enum nl80211_ps_state ps_state;
8505 struct wireless_dev *wdev;
8506 struct net_device *dev = info->user_ptr[1];
8507 struct sk_buff *msg;
8508 void *hdr;
8509 int err;
8510
8511 wdev = dev->ieee80211_ptr;
8512
8513 if (!rdev->ops->set_power_mgmt)
8514 return -EOPNOTSUPP;
8515
8516 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
8517 if (!msg)
8518 return -ENOMEM;
8519
8520 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
8521 NL80211_CMD_GET_POWER_SAVE);
8522 if (!hdr) {
8523 err = -ENOBUFS;
8524 goto free_msg;
8525 }
8526
8527 if (wdev->ps)
8528 ps_state = NL80211_PS_ENABLED;
8529 else
8530 ps_state = NL80211_PS_DISABLED;
8531
8532 if (nla_put_u32(msg, NL80211_ATTR_PS_STATE, ps_state))
8533 goto nla_put_failure;
8534
8535 genlmsg_end(msg, hdr);
8536 return genlmsg_reply(msg, info);
8537
8538 nla_put_failure:
8539 err = -ENOBUFS;
8540 free_msg:
8541 nlmsg_free(msg);
8542 return err;
8543}
8544
8545static const struct nla_policy
8546nl80211_attr_cqm_policy[NL80211_ATTR_CQM_MAX + 1] = {
8547 [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_U32 },
8548 [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U32 },
8549 [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 },
8550 [NL80211_ATTR_CQM_TXE_RATE] = { .type = NLA_U32 },
8551 [NL80211_ATTR_CQM_TXE_PKTS] = { .type = NLA_U32 },
8552 [NL80211_ATTR_CQM_TXE_INTVL] = { .type = NLA_U32 },
8553};
8554
8555static int nl80211_set_cqm_txe(struct genl_info *info,
8556 u32 rate, u32 pkts, u32 intvl)
8557{
8558 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8559 struct net_device *dev = info->user_ptr[1];
8560 struct wireless_dev *wdev = dev->ieee80211_ptr;
8561
8562 if (rate > 100 || intvl > NL80211_CQM_TXE_MAX_INTVL)
8563 return -EINVAL;
8564
8565 if (!rdev->ops->set_cqm_txe_config)
8566 return -EOPNOTSUPP;
8567
8568 if (wdev->iftype != NL80211_IFTYPE_STATION &&
8569 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT)
8570 return -EOPNOTSUPP;
8571
8572 return rdev_set_cqm_txe_config(rdev, dev, rate, pkts, intvl);
8573}
8574
8575static int nl80211_set_cqm_rssi(struct genl_info *info,
8576 s32 threshold, u32 hysteresis)
8577{
8578 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8579 struct net_device *dev = info->user_ptr[1];
8580 struct wireless_dev *wdev = dev->ieee80211_ptr;
8581
8582 if (threshold > 0)
8583 return -EINVAL;
8584
8585
8586 if (threshold == 0)
8587 hysteresis = 0;
8588
8589 if (!rdev->ops->set_cqm_rssi_config)
8590 return -EOPNOTSUPP;
8591
8592 if (wdev->iftype != NL80211_IFTYPE_STATION &&
8593 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT)
8594 return -EOPNOTSUPP;
8595
8596 return rdev_set_cqm_rssi_config(rdev, dev, threshold, hysteresis);
8597}
8598
8599static int nl80211_set_cqm(struct sk_buff *skb, struct genl_info *info)
8600{
8601 struct nlattr *attrs[NL80211_ATTR_CQM_MAX + 1];
8602 struct nlattr *cqm;
8603 int err;
8604
8605 cqm = info->attrs[NL80211_ATTR_CQM];
8606 if (!cqm)
8607 return -EINVAL;
8608
8609 err = nla_parse_nested(attrs, NL80211_ATTR_CQM_MAX, cqm,
8610 nl80211_attr_cqm_policy);
8611 if (err)
8612 return err;
8613
8614 if (attrs[NL80211_ATTR_CQM_RSSI_THOLD] &&
8615 attrs[NL80211_ATTR_CQM_RSSI_HYST]) {
8616 s32 threshold = nla_get_s32(attrs[NL80211_ATTR_CQM_RSSI_THOLD]);
8617 u32 hysteresis = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_HYST]);
8618
8619 return nl80211_set_cqm_rssi(info, threshold, hysteresis);
8620 }
8621
8622 if (attrs[NL80211_ATTR_CQM_TXE_RATE] &&
8623 attrs[NL80211_ATTR_CQM_TXE_PKTS] &&
8624 attrs[NL80211_ATTR_CQM_TXE_INTVL]) {
8625 u32 rate = nla_get_u32(attrs[NL80211_ATTR_CQM_TXE_RATE]);
8626 u32 pkts = nla_get_u32(attrs[NL80211_ATTR_CQM_TXE_PKTS]);
8627 u32 intvl = nla_get_u32(attrs[NL80211_ATTR_CQM_TXE_INTVL]);
8628
8629 return nl80211_set_cqm_txe(info, rate, pkts, intvl);
8630 }
8631
8632 return -EINVAL;
8633}
8634
8635static int nl80211_join_ocb(struct sk_buff *skb, struct genl_info *info)
8636{
8637 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8638 struct net_device *dev = info->user_ptr[1];
8639 struct ocb_setup setup = {};
8640 int err;
8641
8642 err = nl80211_parse_chandef(rdev, info, &setup.chandef);
8643 if (err)
8644 return err;
8645
8646 return cfg80211_join_ocb(rdev, dev, &setup);
8647}
8648
8649static int nl80211_leave_ocb(struct sk_buff *skb, struct genl_info *info)
8650{
8651 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8652 struct net_device *dev = info->user_ptr[1];
8653
8654 return cfg80211_leave_ocb(rdev, dev);
8655}
8656
8657static int nl80211_join_mesh(struct sk_buff *skb, struct genl_info *info)
8658{
8659 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8660 struct net_device *dev = info->user_ptr[1];
8661 struct mesh_config cfg;
8662 struct mesh_setup setup;
8663 int err;
8664
8665
8666 memcpy(&cfg, &default_mesh_config, sizeof(cfg));
8667 memcpy(&setup, &default_mesh_setup, sizeof(setup));
8668
8669 if (info->attrs[NL80211_ATTR_MESH_CONFIG]) {
8670
8671 err = nl80211_parse_mesh_config(info, &cfg, NULL);
8672 if (err)
8673 return err;
8674 }
8675
8676 if (!info->attrs[NL80211_ATTR_MESH_ID] ||
8677 !nla_len(info->attrs[NL80211_ATTR_MESH_ID]))
8678 return -EINVAL;
8679
8680 setup.mesh_id = nla_data(info->attrs[NL80211_ATTR_MESH_ID]);
8681 setup.mesh_id_len = nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
8682
8683 if (info->attrs[NL80211_ATTR_MCAST_RATE] &&
8684 !nl80211_parse_mcast_rate(rdev, setup.mcast_rate,
8685 nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE])))
8686 return -EINVAL;
8687
8688 if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) {
8689 setup.beacon_interval =
8690 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]);
8691 if (setup.beacon_interval < 10 ||
8692 setup.beacon_interval > 10000)
8693 return -EINVAL;
8694 }
8695
8696 if (info->attrs[NL80211_ATTR_DTIM_PERIOD]) {
8697 setup.dtim_period =
8698 nla_get_u32(info->attrs[NL80211_ATTR_DTIM_PERIOD]);
8699 if (setup.dtim_period < 1 || setup.dtim_period > 100)
8700 return -EINVAL;
8701 }
8702
8703 if (info->attrs[NL80211_ATTR_MESH_SETUP]) {
8704
8705 err = nl80211_parse_mesh_setup(info, &setup);
8706 if (err)
8707 return err;
8708 }
8709
8710 if (setup.user_mpm)
8711 cfg.auto_open_plinks = false;
8712
8713 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
8714 err = nl80211_parse_chandef(rdev, info, &setup.chandef);
8715 if (err)
8716 return err;
8717 } else {
8718
8719 setup.chandef.chan = NULL;
8720 }
8721
8722 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) {
8723 u8 *rates = nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
8724 int n_rates =
8725 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
8726 struct ieee80211_supported_band *sband;
8727
8728 if (!setup.chandef.chan)
8729 return -EINVAL;
8730
8731 sband = rdev->wiphy.bands[setup.chandef.chan->band];
8732
8733 err = ieee80211_get_ratemask(sband, rates, n_rates,
8734 &setup.basic_rates);
8735 if (err)
8736 return err;
8737 }
8738
8739 return cfg80211_join_mesh(rdev, dev, &setup, &cfg);
8740}
8741
8742static int nl80211_leave_mesh(struct sk_buff *skb, struct genl_info *info)
8743{
8744 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8745 struct net_device *dev = info->user_ptr[1];
8746
8747 return cfg80211_leave_mesh(rdev, dev);
8748}
8749
8750#ifdef CONFIG_PM
8751static int nl80211_send_wowlan_patterns(struct sk_buff *msg,
8752 struct cfg80211_registered_device *rdev)
8753{
8754 struct cfg80211_wowlan *wowlan = rdev->wiphy.wowlan_config;
8755 struct nlattr *nl_pats, *nl_pat;
8756 int i, pat_len;
8757
8758 if (!wowlan->n_patterns)
8759 return 0;
8760
8761 nl_pats = nla_nest_start(msg, NL80211_WOWLAN_TRIG_PKT_PATTERN);
8762 if (!nl_pats)
8763 return -ENOBUFS;
8764
8765 for (i = 0; i < wowlan->n_patterns; i++) {
8766 nl_pat = nla_nest_start(msg, i + 1);
8767 if (!nl_pat)
8768 return -ENOBUFS;
8769 pat_len = wowlan->patterns[i].pattern_len;
8770 if (nla_put(msg, NL80211_PKTPAT_MASK, DIV_ROUND_UP(pat_len, 8),
8771 wowlan->patterns[i].mask) ||
8772 nla_put(msg, NL80211_PKTPAT_PATTERN, pat_len,
8773 wowlan->patterns[i].pattern) ||
8774 nla_put_u32(msg, NL80211_PKTPAT_OFFSET,
8775 wowlan->patterns[i].pkt_offset))
8776 return -ENOBUFS;
8777 nla_nest_end(msg, nl_pat);
8778 }
8779 nla_nest_end(msg, nl_pats);
8780
8781 return 0;
8782}
8783
8784static int nl80211_send_wowlan_tcp(struct sk_buff *msg,
8785 struct cfg80211_wowlan_tcp *tcp)
8786{
8787 struct nlattr *nl_tcp;
8788
8789 if (!tcp)
8790 return 0;
8791
8792 nl_tcp = nla_nest_start(msg, NL80211_WOWLAN_TRIG_TCP_CONNECTION);
8793 if (!nl_tcp)
8794 return -ENOBUFS;
8795
8796 if (nla_put_in_addr(msg, NL80211_WOWLAN_TCP_SRC_IPV4, tcp->src) ||
8797 nla_put_in_addr(msg, NL80211_WOWLAN_TCP_DST_IPV4, tcp->dst) ||
8798 nla_put(msg, NL80211_WOWLAN_TCP_DST_MAC, ETH_ALEN, tcp->dst_mac) ||
8799 nla_put_u16(msg, NL80211_WOWLAN_TCP_SRC_PORT, tcp->src_port) ||
8800 nla_put_u16(msg, NL80211_WOWLAN_TCP_DST_PORT, tcp->dst_port) ||
8801 nla_put(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD,
8802 tcp->payload_len, tcp->payload) ||
8803 nla_put_u32(msg, NL80211_WOWLAN_TCP_DATA_INTERVAL,
8804 tcp->data_interval) ||
8805 nla_put(msg, NL80211_WOWLAN_TCP_WAKE_PAYLOAD,
8806 tcp->wake_len, tcp->wake_data) ||
8807 nla_put(msg, NL80211_WOWLAN_TCP_WAKE_MASK,
8808 DIV_ROUND_UP(tcp->wake_len, 8), tcp->wake_mask))
8809 return -ENOBUFS;
8810
8811 if (tcp->payload_seq.len &&
8812 nla_put(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ,
8813 sizeof(tcp->payload_seq), &tcp->payload_seq))
8814 return -ENOBUFS;
8815
8816 if (tcp->payload_tok.len &&
8817 nla_put(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN,
8818 sizeof(tcp->payload_tok) + tcp->tokens_size,
8819 &tcp->payload_tok))
8820 return -ENOBUFS;
8821
8822 nla_nest_end(msg, nl_tcp);
8823
8824 return 0;
8825}
8826
8827static int nl80211_send_wowlan_nd(struct sk_buff *msg,
8828 struct cfg80211_sched_scan_request *req)
8829{
8830 struct nlattr *nd, *freqs, *matches, *match;
8831 int i;
8832
8833 if (!req)
8834 return 0;
8835
8836 nd = nla_nest_start(msg, NL80211_WOWLAN_TRIG_NET_DETECT);
8837 if (!nd)
8838 return -ENOBUFS;
8839
8840 if (nla_put_u32(msg, NL80211_ATTR_SCHED_SCAN_INTERVAL, req->interval))
8841 return -ENOBUFS;
8842
8843 if (nla_put_u32(msg, NL80211_ATTR_SCHED_SCAN_DELAY, req->delay))
8844 return -ENOBUFS;
8845
8846 freqs = nla_nest_start(msg, NL80211_ATTR_SCAN_FREQUENCIES);
8847 if (!freqs)
8848 return -ENOBUFS;
8849
8850 for (i = 0; i < req->n_channels; i++)
8851 nla_put_u32(msg, i, req->channels[i]->center_freq);
8852
8853 nla_nest_end(msg, freqs);
8854
8855 if (req->n_match_sets) {
8856 matches = nla_nest_start(msg, NL80211_ATTR_SCHED_SCAN_MATCH);
8857 for (i = 0; i < req->n_match_sets; i++) {
8858 match = nla_nest_start(msg, i);
8859 nla_put(msg, NL80211_SCHED_SCAN_MATCH_ATTR_SSID,
8860 req->match_sets[i].ssid.ssid_len,
8861 req->match_sets[i].ssid.ssid);
8862 nla_nest_end(msg, match);
8863 }
8864 nla_nest_end(msg, matches);
8865 }
8866
8867 nla_nest_end(msg, nd);
8868
8869 return 0;
8870}
8871
8872static int nl80211_get_wowlan(struct sk_buff *skb, struct genl_info *info)
8873{
8874 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8875 struct sk_buff *msg;
8876 void *hdr;
8877 u32 size = NLMSG_DEFAULT_SIZE;
8878
8879 if (!rdev->wiphy.wowlan)
8880 return -EOPNOTSUPP;
8881
8882 if (rdev->wiphy.wowlan_config && rdev->wiphy.wowlan_config->tcp) {
8883
8884 size += rdev->wiphy.wowlan_config->tcp->tokens_size +
8885 rdev->wiphy.wowlan_config->tcp->payload_len +
8886 rdev->wiphy.wowlan_config->tcp->wake_len +
8887 rdev->wiphy.wowlan_config->tcp->wake_len / 8;
8888 }
8889
8890 msg = nlmsg_new(size, GFP_KERNEL);
8891 if (!msg)
8892 return -ENOMEM;
8893
8894 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
8895 NL80211_CMD_GET_WOWLAN);
8896 if (!hdr)
8897 goto nla_put_failure;
8898
8899 if (rdev->wiphy.wowlan_config) {
8900 struct nlattr *nl_wowlan;
8901
8902 nl_wowlan = nla_nest_start(msg, NL80211_ATTR_WOWLAN_TRIGGERS);
8903 if (!nl_wowlan)
8904 goto nla_put_failure;
8905
8906 if ((rdev->wiphy.wowlan_config->any &&
8907 nla_put_flag(msg, NL80211_WOWLAN_TRIG_ANY)) ||
8908 (rdev->wiphy.wowlan_config->disconnect &&
8909 nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT)) ||
8910 (rdev->wiphy.wowlan_config->magic_pkt &&
8911 nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT)) ||
8912 (rdev->wiphy.wowlan_config->gtk_rekey_failure &&
8913 nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE)) ||
8914 (rdev->wiphy.wowlan_config->eap_identity_req &&
8915 nla_put_flag(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST)) ||
8916 (rdev->wiphy.wowlan_config->four_way_handshake &&
8917 nla_put_flag(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE)) ||
8918 (rdev->wiphy.wowlan_config->rfkill_release &&
8919 nla_put_flag(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE)))
8920 goto nla_put_failure;
8921
8922 if (nl80211_send_wowlan_patterns(msg, rdev))
8923 goto nla_put_failure;
8924
8925 if (nl80211_send_wowlan_tcp(msg,
8926 rdev->wiphy.wowlan_config->tcp))
8927 goto nla_put_failure;
8928
8929 if (nl80211_send_wowlan_nd(
8930 msg,
8931 rdev->wiphy.wowlan_config->nd_config))
8932 goto nla_put_failure;
8933
8934 nla_nest_end(msg, nl_wowlan);
8935 }
8936
8937 genlmsg_end(msg, hdr);
8938 return genlmsg_reply(msg, info);
8939
8940nla_put_failure:
8941 nlmsg_free(msg);
8942 return -ENOBUFS;
8943}
8944
8945static int nl80211_parse_wowlan_tcp(struct cfg80211_registered_device *rdev,
8946 struct nlattr *attr,
8947 struct cfg80211_wowlan *trig)
8948{
8949 struct nlattr *tb[NUM_NL80211_WOWLAN_TCP];
8950 struct cfg80211_wowlan_tcp *cfg;
8951 struct nl80211_wowlan_tcp_data_token *tok = NULL;
8952 struct nl80211_wowlan_tcp_data_seq *seq = NULL;
8953 u32 size;
8954 u32 data_size, wake_size, tokens_size = 0, wake_mask_size;
8955 int err, port;
8956
8957 if (!rdev->wiphy.wowlan->tcp)
8958 return -EINVAL;
8959
8960 err = nla_parse(tb, MAX_NL80211_WOWLAN_TCP,
8961 nla_data(attr), nla_len(attr),
8962 nl80211_wowlan_tcp_policy);
8963 if (err)
8964 return err;
8965
8966 if (!tb[NL80211_WOWLAN_TCP_SRC_IPV4] ||
8967 !tb[NL80211_WOWLAN_TCP_DST_IPV4] ||
8968 !tb[NL80211_WOWLAN_TCP_DST_MAC] ||
8969 !tb[NL80211_WOWLAN_TCP_DST_PORT] ||
8970 !tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD] ||
8971 !tb[NL80211_WOWLAN_TCP_DATA_INTERVAL] ||
8972 !tb[NL80211_WOWLAN_TCP_WAKE_PAYLOAD] ||
8973 !tb[NL80211_WOWLAN_TCP_WAKE_MASK])
8974 return -EINVAL;
8975
8976 data_size = nla_len(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD]);
8977 if (data_size > rdev->wiphy.wowlan->tcp->data_payload_max)
8978 return -EINVAL;
8979
8980 if (nla_get_u32(tb[NL80211_WOWLAN_TCP_DATA_INTERVAL]) >
8981 rdev->wiphy.wowlan->tcp->data_interval_max ||
8982 nla_get_u32(tb[NL80211_WOWLAN_TCP_DATA_INTERVAL]) == 0)
8983 return -EINVAL;
8984
8985 wake_size = nla_len(tb[NL80211_WOWLAN_TCP_WAKE_PAYLOAD]);
8986 if (wake_size > rdev->wiphy.wowlan->tcp->wake_payload_max)
8987 return -EINVAL;
8988
8989 wake_mask_size = nla_len(tb[NL80211_WOWLAN_TCP_WAKE_MASK]);
8990 if (wake_mask_size != DIV_ROUND_UP(wake_size, 8))
8991 return -EINVAL;
8992
8993 if (tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN]) {
8994 u32 tokln = nla_len(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN]);
8995
8996 tok = nla_data(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN]);
8997 tokens_size = tokln - sizeof(*tok);
8998
8999 if (!tok->len || tokens_size % tok->len)
9000 return -EINVAL;
9001 if (!rdev->wiphy.wowlan->tcp->tok)
9002 return -EINVAL;
9003 if (tok->len > rdev->wiphy.wowlan->tcp->tok->max_len)
9004 return -EINVAL;
9005 if (tok->len < rdev->wiphy.wowlan->tcp->tok->min_len)
9006 return -EINVAL;
9007 if (tokens_size > rdev->wiphy.wowlan->tcp->tok->bufsize)
9008 return -EINVAL;
9009 if (tok->offset + tok->len > data_size)
9010 return -EINVAL;
9011 }
9012
9013 if (tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ]) {
9014 seq = nla_data(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ]);
9015 if (!rdev->wiphy.wowlan->tcp->seq)
9016 return -EINVAL;
9017 if (seq->len == 0 || seq->len > 4)
9018 return -EINVAL;
9019 if (seq->len + seq->offset > data_size)
9020 return -EINVAL;
9021 }
9022
9023 size = sizeof(*cfg);
9024 size += data_size;
9025 size += wake_size + wake_mask_size;
9026 size += tokens_size;
9027
9028 cfg = kzalloc(size, GFP_KERNEL);
9029 if (!cfg)
9030 return -ENOMEM;
9031 cfg->src = nla_get_in_addr(tb[NL80211_WOWLAN_TCP_SRC_IPV4]);
9032 cfg->dst = nla_get_in_addr(tb[NL80211_WOWLAN_TCP_DST_IPV4]);
9033 memcpy(cfg->dst_mac, nla_data(tb[NL80211_WOWLAN_TCP_DST_MAC]),
9034 ETH_ALEN);
9035 if (tb[NL80211_WOWLAN_TCP_SRC_PORT])
9036 port = nla_get_u16(tb[NL80211_WOWLAN_TCP_SRC_PORT]);
9037 else
9038 port = 0;
9039#ifdef CONFIG_INET
9040
9041 err = __sock_create(wiphy_net(&rdev->wiphy), PF_INET, SOCK_STREAM,
9042 IPPROTO_TCP, &cfg->sock, 1);
9043 if (err) {
9044 kfree(cfg);
9045 return err;
9046 }
9047 if (inet_csk_get_port(cfg->sock->sk, port)) {
9048 sock_release(cfg->sock);
9049 kfree(cfg);
9050 return -EADDRINUSE;
9051 }
9052 cfg->src_port = inet_sk(cfg->sock->sk)->inet_num;
9053#else
9054 if (!port) {
9055 kfree(cfg);
9056 return -EINVAL;
9057 }
9058 cfg->src_port = port;
9059#endif
9060
9061 cfg->dst_port = nla_get_u16(tb[NL80211_WOWLAN_TCP_DST_PORT]);
9062 cfg->payload_len = data_size;
9063 cfg->payload = (u8 *)cfg + sizeof(*cfg) + tokens_size;
9064 memcpy((void *)cfg->payload,
9065 nla_data(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD]),
9066 data_size);
9067 if (seq)
9068 cfg->payload_seq = *seq;
9069 cfg->data_interval = nla_get_u32(tb[NL80211_WOWLAN_TCP_DATA_INTERVAL]);
9070 cfg->wake_len = wake_size;
9071 cfg->wake_data = (u8 *)cfg + sizeof(*cfg) + tokens_size + data_size;
9072 memcpy((void *)cfg->wake_data,
9073 nla_data(tb[NL80211_WOWLAN_TCP_WAKE_PAYLOAD]),
9074 wake_size);
9075 cfg->wake_mask = (u8 *)cfg + sizeof(*cfg) + tokens_size +
9076 data_size + wake_size;
9077 memcpy((void *)cfg->wake_mask,
9078 nla_data(tb[NL80211_WOWLAN_TCP_WAKE_MASK]),
9079 wake_mask_size);
9080 if (tok) {
9081 cfg->tokens_size = tokens_size;
9082 memcpy(&cfg->payload_tok, tok, sizeof(*tok) + tokens_size);
9083 }
9084
9085 trig->tcp = cfg;
9086
9087 return 0;
9088}
9089
9090static int nl80211_parse_wowlan_nd(struct cfg80211_registered_device *rdev,
9091 const struct wiphy_wowlan_support *wowlan,
9092 struct nlattr *attr,
9093 struct cfg80211_wowlan *trig)
9094{
9095 struct nlattr **tb;
9096 int err;
9097
9098 tb = kzalloc(NUM_NL80211_ATTR * sizeof(*tb), GFP_KERNEL);
9099 if (!tb)
9100 return -ENOMEM;
9101
9102 if (!(wowlan->flags & WIPHY_WOWLAN_NET_DETECT)) {
9103 err = -EOPNOTSUPP;
9104 goto out;
9105 }
9106
9107 err = nla_parse(tb, NL80211_ATTR_MAX,
9108 nla_data(attr), nla_len(attr),
9109 nl80211_policy);
9110 if (err)
9111 goto out;
9112
9113 trig->nd_config = nl80211_parse_sched_scan(&rdev->wiphy, NULL, tb);
9114 err = PTR_ERR_OR_ZERO(trig->nd_config);
9115 if (err)
9116 trig->nd_config = NULL;
9117
9118out:
9119 kfree(tb);
9120 return err;
9121}
9122
9123static int nl80211_set_wowlan(struct sk_buff *skb, struct genl_info *info)
9124{
9125 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9126 struct nlattr *tb[NUM_NL80211_WOWLAN_TRIG];
9127 struct cfg80211_wowlan new_triggers = {};
9128 struct cfg80211_wowlan *ntrig;
9129 const struct wiphy_wowlan_support *wowlan = rdev->wiphy.wowlan;
9130 int err, i;
9131 bool prev_enabled = rdev->wiphy.wowlan_config;
9132 bool regular = false;
9133
9134 if (!wowlan)
9135 return -EOPNOTSUPP;
9136
9137 if (!info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]) {
9138 cfg80211_rdev_free_wowlan(rdev);
9139 rdev->wiphy.wowlan_config = NULL;
9140 goto set_wakeup;
9141 }
9142
9143 err = nla_parse(tb, MAX_NL80211_WOWLAN_TRIG,
9144 nla_data(info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]),
9145 nla_len(info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]),
9146 nl80211_wowlan_policy);
9147 if (err)
9148 return err;
9149
9150 if (tb[NL80211_WOWLAN_TRIG_ANY]) {
9151 if (!(wowlan->flags & WIPHY_WOWLAN_ANY))
9152 return -EINVAL;
9153 new_triggers.any = true;
9154 }
9155
9156 if (tb[NL80211_WOWLAN_TRIG_DISCONNECT]) {
9157 if (!(wowlan->flags & WIPHY_WOWLAN_DISCONNECT))
9158 return -EINVAL;
9159 new_triggers.disconnect = true;
9160 regular = true;
9161 }
9162
9163 if (tb[NL80211_WOWLAN_TRIG_MAGIC_PKT]) {
9164 if (!(wowlan->flags & WIPHY_WOWLAN_MAGIC_PKT))
9165 return -EINVAL;
9166 new_triggers.magic_pkt = true;
9167 regular = true;
9168 }
9169
9170 if (tb[NL80211_WOWLAN_TRIG_GTK_REKEY_SUPPORTED])
9171 return -EINVAL;
9172
9173 if (tb[NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE]) {
9174 if (!(wowlan->flags & WIPHY_WOWLAN_GTK_REKEY_FAILURE))
9175 return -EINVAL;
9176 new_triggers.gtk_rekey_failure = true;
9177 regular = true;
9178 }
9179
9180 if (tb[NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST]) {
9181 if (!(wowlan->flags & WIPHY_WOWLAN_EAP_IDENTITY_REQ))
9182 return -EINVAL;
9183 new_triggers.eap_identity_req = true;
9184 regular = true;
9185 }
9186
9187 if (tb[NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE]) {
9188 if (!(wowlan->flags & WIPHY_WOWLAN_4WAY_HANDSHAKE))
9189 return -EINVAL;
9190 new_triggers.four_way_handshake = true;
9191 regular = true;
9192 }
9193
9194 if (tb[NL80211_WOWLAN_TRIG_RFKILL_RELEASE]) {
9195 if (!(wowlan->flags & WIPHY_WOWLAN_RFKILL_RELEASE))
9196 return -EINVAL;
9197 new_triggers.rfkill_release = true;
9198 regular = true;
9199 }
9200
9201 if (tb[NL80211_WOWLAN_TRIG_PKT_PATTERN]) {
9202 struct nlattr *pat;
9203 int n_patterns = 0;
9204 int rem, pat_len, mask_len, pkt_offset;
9205 struct nlattr *pat_tb[NUM_NL80211_PKTPAT];
9206
9207 regular = true;
9208
9209 nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN],
9210 rem)
9211 n_patterns++;
9212 if (n_patterns > wowlan->n_patterns)
9213 return -EINVAL;
9214
9215 new_triggers.patterns = kcalloc(n_patterns,
9216 sizeof(new_triggers.patterns[0]),
9217 GFP_KERNEL);
9218 if (!new_triggers.patterns)
9219 return -ENOMEM;
9220
9221 new_triggers.n_patterns = n_patterns;
9222 i = 0;
9223
9224 nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN],
9225 rem) {
9226 u8 *mask_pat;
9227
9228 nla_parse(pat_tb, MAX_NL80211_PKTPAT, nla_data(pat),
9229 nla_len(pat), NULL);
9230 err = -EINVAL;
9231 if (!pat_tb[NL80211_PKTPAT_MASK] ||
9232 !pat_tb[NL80211_PKTPAT_PATTERN])
9233 goto error;
9234 pat_len = nla_len(pat_tb[NL80211_PKTPAT_PATTERN]);
9235 mask_len = DIV_ROUND_UP(pat_len, 8);
9236 if (nla_len(pat_tb[NL80211_PKTPAT_MASK]) != mask_len)
9237 goto error;
9238 if (pat_len > wowlan->pattern_max_len ||
9239 pat_len < wowlan->pattern_min_len)
9240 goto error;
9241
9242 if (!pat_tb[NL80211_PKTPAT_OFFSET])
9243 pkt_offset = 0;
9244 else
9245 pkt_offset = nla_get_u32(
9246 pat_tb[NL80211_PKTPAT_OFFSET]);
9247 if (pkt_offset > wowlan->max_pkt_offset)
9248 goto error;
9249 new_triggers.patterns[i].pkt_offset = pkt_offset;
9250
9251 mask_pat = kmalloc(mask_len + pat_len, GFP_KERNEL);
9252 if (!mask_pat) {
9253 err = -ENOMEM;
9254 goto error;
9255 }
9256 new_triggers.patterns[i].mask = mask_pat;
9257 memcpy(mask_pat, nla_data(pat_tb[NL80211_PKTPAT_MASK]),
9258 mask_len);
9259 mask_pat += mask_len;
9260 new_triggers.patterns[i].pattern = mask_pat;
9261 new_triggers.patterns[i].pattern_len = pat_len;
9262 memcpy(mask_pat,
9263 nla_data(pat_tb[NL80211_PKTPAT_PATTERN]),
9264 pat_len);
9265 i++;
9266 }
9267 }
9268
9269 if (tb[NL80211_WOWLAN_TRIG_TCP_CONNECTION]) {
9270 regular = true;
9271 err = nl80211_parse_wowlan_tcp(
9272 rdev, tb[NL80211_WOWLAN_TRIG_TCP_CONNECTION],
9273 &new_triggers);
9274 if (err)
9275 goto error;
9276 }
9277
9278 if (tb[NL80211_WOWLAN_TRIG_NET_DETECT]) {
9279 regular = true;
9280 err = nl80211_parse_wowlan_nd(
9281 rdev, wowlan, tb[NL80211_WOWLAN_TRIG_NET_DETECT],
9282 &new_triggers);
9283 if (err)
9284 goto error;
9285 }
9286
9287
9288
9289
9290
9291
9292
9293 if (new_triggers.any && regular) {
9294 err = -EINVAL;
9295 goto error;
9296 }
9297
9298 ntrig = kmemdup(&new_triggers, sizeof(new_triggers), GFP_KERNEL);
9299 if (!ntrig) {
9300 err = -ENOMEM;
9301 goto error;
9302 }
9303 cfg80211_rdev_free_wowlan(rdev);
9304 rdev->wiphy.wowlan_config = ntrig;
9305
9306 set_wakeup:
9307 if (rdev->ops->set_wakeup &&
9308 prev_enabled != !!rdev->wiphy.wowlan_config)
9309 rdev_set_wakeup(rdev, rdev->wiphy.wowlan_config);
9310
9311 return 0;
9312 error:
9313 for (i = 0; i < new_triggers.n_patterns; i++)
9314 kfree(new_triggers.patterns[i].mask);
9315 kfree(new_triggers.patterns);
9316 if (new_triggers.tcp && new_triggers.tcp->sock)
9317 sock_release(new_triggers.tcp->sock);
9318 kfree(new_triggers.tcp);
9319 return err;
9320}
9321#endif
9322
9323static int nl80211_send_coalesce_rules(struct sk_buff *msg,
9324 struct cfg80211_registered_device *rdev)
9325{
9326 struct nlattr *nl_pats, *nl_pat, *nl_rule, *nl_rules;
9327 int i, j, pat_len;
9328 struct cfg80211_coalesce_rules *rule;
9329
9330 if (!rdev->coalesce->n_rules)
9331 return 0;
9332
9333 nl_rules = nla_nest_start(msg, NL80211_ATTR_COALESCE_RULE);
9334 if (!nl_rules)
9335 return -ENOBUFS;
9336
9337 for (i = 0; i < rdev->coalesce->n_rules; i++) {
9338 nl_rule = nla_nest_start(msg, i + 1);
9339 if (!nl_rule)
9340 return -ENOBUFS;
9341
9342 rule = &rdev->coalesce->rules[i];
9343 if (nla_put_u32(msg, NL80211_ATTR_COALESCE_RULE_DELAY,
9344 rule->delay))
9345 return -ENOBUFS;
9346
9347 if (nla_put_u32(msg, NL80211_ATTR_COALESCE_RULE_CONDITION,
9348 rule->condition))
9349 return -ENOBUFS;
9350
9351 nl_pats = nla_nest_start(msg,
9352 NL80211_ATTR_COALESCE_RULE_PKT_PATTERN);
9353 if (!nl_pats)
9354 return -ENOBUFS;
9355
9356 for (j = 0; j < rule->n_patterns; j++) {
9357 nl_pat = nla_nest_start(msg, j + 1);
9358 if (!nl_pat)
9359 return -ENOBUFS;
9360 pat_len = rule->patterns[j].pattern_len;
9361 if (nla_put(msg, NL80211_PKTPAT_MASK,
9362 DIV_ROUND_UP(pat_len, 8),
9363 rule->patterns[j].mask) ||
9364 nla_put(msg, NL80211_PKTPAT_PATTERN, pat_len,
9365 rule->patterns[j].pattern) ||
9366 nla_put_u32(msg, NL80211_PKTPAT_OFFSET,
9367 rule->patterns[j].pkt_offset))
9368 return -ENOBUFS;
9369 nla_nest_end(msg, nl_pat);
9370 }
9371 nla_nest_end(msg, nl_pats);
9372 nla_nest_end(msg, nl_rule);
9373 }
9374 nla_nest_end(msg, nl_rules);
9375
9376 return 0;
9377}
9378
9379static int nl80211_get_coalesce(struct sk_buff *skb, struct genl_info *info)
9380{
9381 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9382 struct sk_buff *msg;
9383 void *hdr;
9384
9385 if (!rdev->wiphy.coalesce)
9386 return -EOPNOTSUPP;
9387
9388 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
9389 if (!msg)
9390 return -ENOMEM;
9391
9392 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
9393 NL80211_CMD_GET_COALESCE);
9394 if (!hdr)
9395 goto nla_put_failure;
9396
9397 if (rdev->coalesce && nl80211_send_coalesce_rules(msg, rdev))
9398 goto nla_put_failure;
9399
9400 genlmsg_end(msg, hdr);
9401 return genlmsg_reply(msg, info);
9402
9403nla_put_failure:
9404 nlmsg_free(msg);
9405 return -ENOBUFS;
9406}
9407
9408void cfg80211_rdev_free_coalesce(struct cfg80211_registered_device *rdev)
9409{
9410 struct cfg80211_coalesce *coalesce = rdev->coalesce;
9411 int i, j;
9412 struct cfg80211_coalesce_rules *rule;
9413
9414 if (!coalesce)
9415 return;
9416
9417 for (i = 0; i < coalesce->n_rules; i++) {
9418 rule = &coalesce->rules[i];
9419 for (j = 0; j < rule->n_patterns; j++)
9420 kfree(rule->patterns[j].mask);
9421 kfree(rule->patterns);
9422 }
9423 kfree(coalesce->rules);
9424 kfree(coalesce);
9425 rdev->coalesce = NULL;
9426}
9427
9428static int nl80211_parse_coalesce_rule(struct cfg80211_registered_device *rdev,
9429 struct nlattr *rule,
9430 struct cfg80211_coalesce_rules *new_rule)
9431{
9432 int err, i;
9433 const struct wiphy_coalesce_support *coalesce = rdev->wiphy.coalesce;
9434 struct nlattr *tb[NUM_NL80211_ATTR_COALESCE_RULE], *pat;
9435 int rem, pat_len, mask_len, pkt_offset, n_patterns = 0;
9436 struct nlattr *pat_tb[NUM_NL80211_PKTPAT];
9437
9438 err = nla_parse(tb, NL80211_ATTR_COALESCE_RULE_MAX, nla_data(rule),
9439 nla_len(rule), nl80211_coalesce_policy);
9440 if (err)
9441 return err;
9442
9443 if (tb[NL80211_ATTR_COALESCE_RULE_DELAY])
9444 new_rule->delay =
9445 nla_get_u32(tb[NL80211_ATTR_COALESCE_RULE_DELAY]);
9446 if (new_rule->delay > coalesce->max_delay)
9447 return -EINVAL;
9448
9449 if (tb[NL80211_ATTR_COALESCE_RULE_CONDITION])
9450 new_rule->condition =
9451 nla_get_u32(tb[NL80211_ATTR_COALESCE_RULE_CONDITION]);
9452 if (new_rule->condition != NL80211_COALESCE_CONDITION_MATCH &&
9453 new_rule->condition != NL80211_COALESCE_CONDITION_NO_MATCH)
9454 return -EINVAL;
9455
9456 if (!tb[NL80211_ATTR_COALESCE_RULE_PKT_PATTERN])
9457 return -EINVAL;
9458
9459 nla_for_each_nested(pat, tb[NL80211_ATTR_COALESCE_RULE_PKT_PATTERN],
9460 rem)
9461 n_patterns++;
9462 if (n_patterns > coalesce->n_patterns)
9463 return -EINVAL;
9464
9465 new_rule->patterns = kcalloc(n_patterns, sizeof(new_rule->patterns[0]),
9466 GFP_KERNEL);
9467 if (!new_rule->patterns)
9468 return -ENOMEM;
9469
9470 new_rule->n_patterns = n_patterns;
9471 i = 0;
9472
9473 nla_for_each_nested(pat, tb[NL80211_ATTR_COALESCE_RULE_PKT_PATTERN],
9474 rem) {
9475 u8 *mask_pat;
9476
9477 nla_parse(pat_tb, MAX_NL80211_PKTPAT, nla_data(pat),
9478 nla_len(pat), NULL);
9479 if (!pat_tb[NL80211_PKTPAT_MASK] ||
9480 !pat_tb[NL80211_PKTPAT_PATTERN])
9481 return -EINVAL;
9482 pat_len = nla_len(pat_tb[NL80211_PKTPAT_PATTERN]);
9483 mask_len = DIV_ROUND_UP(pat_len, 8);
9484 if (nla_len(pat_tb[NL80211_PKTPAT_MASK]) != mask_len)
9485 return -EINVAL;
9486 if (pat_len > coalesce->pattern_max_len ||
9487 pat_len < coalesce->pattern_min_len)
9488 return -EINVAL;
9489
9490 if (!pat_tb[NL80211_PKTPAT_OFFSET])
9491 pkt_offset = 0;
9492 else
9493 pkt_offset = nla_get_u32(pat_tb[NL80211_PKTPAT_OFFSET]);
9494 if (pkt_offset > coalesce->max_pkt_offset)
9495 return -EINVAL;
9496 new_rule->patterns[i].pkt_offset = pkt_offset;
9497
9498 mask_pat = kmalloc(mask_len + pat_len, GFP_KERNEL);
9499 if (!mask_pat)
9500 return -ENOMEM;
9501
9502 new_rule->patterns[i].mask = mask_pat;
9503 memcpy(mask_pat, nla_data(pat_tb[NL80211_PKTPAT_MASK]),
9504 mask_len);
9505
9506 mask_pat += mask_len;
9507 new_rule->patterns[i].pattern = mask_pat;
9508 new_rule->patterns[i].pattern_len = pat_len;
9509 memcpy(mask_pat, nla_data(pat_tb[NL80211_PKTPAT_PATTERN]),
9510 pat_len);
9511 i++;
9512 }
9513
9514 return 0;
9515}
9516
9517static int nl80211_set_coalesce(struct sk_buff *skb, struct genl_info *info)
9518{
9519 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9520 const struct wiphy_coalesce_support *coalesce = rdev->wiphy.coalesce;
9521 struct cfg80211_coalesce new_coalesce = {};
9522 struct cfg80211_coalesce *n_coalesce;
9523 int err, rem_rule, n_rules = 0, i, j;
9524 struct nlattr *rule;
9525 struct cfg80211_coalesce_rules *tmp_rule;
9526
9527 if (!rdev->wiphy.coalesce || !rdev->ops->set_coalesce)
9528 return -EOPNOTSUPP;
9529
9530 if (!info->attrs[NL80211_ATTR_COALESCE_RULE]) {
9531 cfg80211_rdev_free_coalesce(rdev);
9532 rdev->ops->set_coalesce(&rdev->wiphy, NULL);
9533 return 0;
9534 }
9535
9536 nla_for_each_nested(rule, info->attrs[NL80211_ATTR_COALESCE_RULE],
9537 rem_rule)
9538 n_rules++;
9539 if (n_rules > coalesce->n_rules)
9540 return -EINVAL;
9541
9542 new_coalesce.rules = kcalloc(n_rules, sizeof(new_coalesce.rules[0]),
9543 GFP_KERNEL);
9544 if (!new_coalesce.rules)
9545 return -ENOMEM;
9546
9547 new_coalesce.n_rules = n_rules;
9548 i = 0;
9549
9550 nla_for_each_nested(rule, info->attrs[NL80211_ATTR_COALESCE_RULE],
9551 rem_rule) {
9552 err = nl80211_parse_coalesce_rule(rdev, rule,
9553 &new_coalesce.rules[i]);
9554 if (err)
9555 goto error;
9556
9557 i++;
9558 }
9559
9560 err = rdev->ops->set_coalesce(&rdev->wiphy, &new_coalesce);
9561 if (err)
9562 goto error;
9563
9564 n_coalesce = kmemdup(&new_coalesce, sizeof(new_coalesce), GFP_KERNEL);
9565 if (!n_coalesce) {
9566 err = -ENOMEM;
9567 goto error;
9568 }
9569 cfg80211_rdev_free_coalesce(rdev);
9570 rdev->coalesce = n_coalesce;
9571
9572 return 0;
9573error:
9574 for (i = 0; i < new_coalesce.n_rules; i++) {
9575 tmp_rule = &new_coalesce.rules[i];
9576 for (j = 0; j < tmp_rule->n_patterns; j++)
9577 kfree(tmp_rule->patterns[j].mask);
9578 kfree(tmp_rule->patterns);
9579 }
9580 kfree(new_coalesce.rules);
9581
9582 return err;
9583}
9584
9585static int nl80211_set_rekey_data(struct sk_buff *skb, struct genl_info *info)
9586{
9587 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9588 struct net_device *dev = info->user_ptr[1];
9589 struct wireless_dev *wdev = dev->ieee80211_ptr;
9590 struct nlattr *tb[NUM_NL80211_REKEY_DATA];
9591 struct cfg80211_gtk_rekey_data rekey_data;
9592 int err;
9593
9594 if (!info->attrs[NL80211_ATTR_REKEY_DATA])
9595 return -EINVAL;
9596
9597 err = nla_parse(tb, MAX_NL80211_REKEY_DATA,
9598 nla_data(info->attrs[NL80211_ATTR_REKEY_DATA]),
9599 nla_len(info->attrs[NL80211_ATTR_REKEY_DATA]),
9600 nl80211_rekey_policy);
9601 if (err)
9602 return err;
9603
9604 if (nla_len(tb[NL80211_REKEY_DATA_REPLAY_CTR]) != NL80211_REPLAY_CTR_LEN)
9605 return -ERANGE;
9606 if (nla_len(tb[NL80211_REKEY_DATA_KEK]) != NL80211_KEK_LEN)
9607 return -ERANGE;
9608 if (nla_len(tb[NL80211_REKEY_DATA_KCK]) != NL80211_KCK_LEN)
9609 return -ERANGE;
9610
9611 rekey_data.kek = nla_data(tb[NL80211_REKEY_DATA_KEK]);
9612 rekey_data.kck = nla_data(tb[NL80211_REKEY_DATA_KCK]);
9613 rekey_data.replay_ctr = nla_data(tb[NL80211_REKEY_DATA_REPLAY_CTR]);
9614
9615 wdev_lock(wdev);
9616 if (!wdev->current_bss) {
9617 err = -ENOTCONN;
9618 goto out;
9619 }
9620
9621 if (!rdev->ops->set_rekey_data) {
9622 err = -EOPNOTSUPP;
9623 goto out;
9624 }
9625
9626 err = rdev_set_rekey_data(rdev, dev, &rekey_data);
9627 out:
9628 wdev_unlock(wdev);
9629 return err;
9630}
9631
9632static int nl80211_register_unexpected_frame(struct sk_buff *skb,
9633 struct genl_info *info)
9634{
9635 struct net_device *dev = info->user_ptr[1];
9636 struct wireless_dev *wdev = dev->ieee80211_ptr;
9637
9638 if (wdev->iftype != NL80211_IFTYPE_AP &&
9639 wdev->iftype != NL80211_IFTYPE_P2P_GO)
9640 return -EINVAL;
9641
9642 if (wdev->ap_unexpected_nlportid)
9643 return -EBUSY;
9644
9645 wdev->ap_unexpected_nlportid = info->snd_portid;
9646 return 0;
9647}
9648
9649static int nl80211_probe_client(struct sk_buff *skb,
9650 struct genl_info *info)
9651{
9652 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9653 struct net_device *dev = info->user_ptr[1];
9654 struct wireless_dev *wdev = dev->ieee80211_ptr;
9655 struct sk_buff *msg;
9656 void *hdr;
9657 const u8 *addr;
9658 u64 cookie;
9659 int err;
9660
9661 if (wdev->iftype != NL80211_IFTYPE_AP &&
9662 wdev->iftype != NL80211_IFTYPE_P2P_GO)
9663 return -EOPNOTSUPP;
9664
9665 if (!info->attrs[NL80211_ATTR_MAC])
9666 return -EINVAL;
9667
9668 if (!rdev->ops->probe_client)
9669 return -EOPNOTSUPP;
9670
9671 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
9672 if (!msg)
9673 return -ENOMEM;
9674
9675 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
9676 NL80211_CMD_PROBE_CLIENT);
9677 if (!hdr) {
9678 err = -ENOBUFS;
9679 goto free_msg;
9680 }
9681
9682 addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
9683
9684 err = rdev_probe_client(rdev, dev, addr, &cookie);
9685 if (err)
9686 goto free_msg;
9687
9688 if (nla_put_u64(msg, NL80211_ATTR_COOKIE, cookie))
9689 goto nla_put_failure;
9690
9691 genlmsg_end(msg, hdr);
9692
9693 return genlmsg_reply(msg, info);
9694
9695 nla_put_failure:
9696 err = -ENOBUFS;
9697 free_msg:
9698 nlmsg_free(msg);
9699 return err;
9700}
9701
9702static int nl80211_register_beacons(struct sk_buff *skb, struct genl_info *info)
9703{
9704 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9705 struct cfg80211_beacon_registration *reg, *nreg;
9706 int rv;
9707
9708 if (!(rdev->wiphy.flags & WIPHY_FLAG_REPORTS_OBSS))
9709 return -EOPNOTSUPP;
9710
9711 nreg = kzalloc(sizeof(*nreg), GFP_KERNEL);
9712 if (!nreg)
9713 return -ENOMEM;
9714
9715
9716 spin_lock_bh(&rdev->beacon_registrations_lock);
9717 list_for_each_entry(reg, &rdev->beacon_registrations, list) {
9718 if (reg->nlportid == info->snd_portid) {
9719 rv = -EALREADY;
9720 goto out_err;
9721 }
9722 }
9723
9724 nreg->nlportid = info->snd_portid;
9725 list_add(&nreg->list, &rdev->beacon_registrations);
9726
9727 spin_unlock_bh(&rdev->beacon_registrations_lock);
9728
9729 return 0;
9730out_err:
9731 spin_unlock_bh(&rdev->beacon_registrations_lock);
9732 kfree(nreg);
9733 return rv;
9734}
9735
9736static int nl80211_start_p2p_device(struct sk_buff *skb, struct genl_info *info)
9737{
9738 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9739 struct wireless_dev *wdev = info->user_ptr[1];
9740 int err;
9741
9742 if (!rdev->ops->start_p2p_device)
9743 return -EOPNOTSUPP;
9744
9745 if (wdev->iftype != NL80211_IFTYPE_P2P_DEVICE)
9746 return -EOPNOTSUPP;
9747
9748 if (wdev->p2p_started)
9749 return 0;
9750
9751 if (rfkill_blocked(rdev->rfkill))
9752 return -ERFKILL;
9753
9754 err = rdev_start_p2p_device(rdev, wdev);
9755 if (err)
9756 return err;
9757
9758 wdev->p2p_started = true;
9759 rdev->opencount++;
9760
9761 return 0;
9762}
9763
9764static int nl80211_stop_p2p_device(struct sk_buff *skb, struct genl_info *info)
9765{
9766 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9767 struct wireless_dev *wdev = info->user_ptr[1];
9768
9769 if (wdev->iftype != NL80211_IFTYPE_P2P_DEVICE)
9770 return -EOPNOTSUPP;
9771
9772 if (!rdev->ops->stop_p2p_device)
9773 return -EOPNOTSUPP;
9774
9775 cfg80211_stop_p2p_device(rdev, wdev);
9776
9777 return 0;
9778}
9779
9780static int nl80211_get_protocol_features(struct sk_buff *skb,
9781 struct genl_info *info)
9782{
9783 void *hdr;
9784 struct sk_buff *msg;
9785
9786 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
9787 if (!msg)
9788 return -ENOMEM;
9789
9790 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
9791 NL80211_CMD_GET_PROTOCOL_FEATURES);
9792 if (!hdr)
9793 goto nla_put_failure;
9794
9795 if (nla_put_u32(msg, NL80211_ATTR_PROTOCOL_FEATURES,
9796 NL80211_PROTOCOL_FEATURE_SPLIT_WIPHY_DUMP))
9797 goto nla_put_failure;
9798
9799 genlmsg_end(msg, hdr);
9800 return genlmsg_reply(msg, info);
9801
9802 nla_put_failure:
9803 kfree_skb(msg);
9804 return -ENOBUFS;
9805}
9806
9807static int nl80211_update_ft_ies(struct sk_buff *skb, struct genl_info *info)
9808{
9809 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9810 struct cfg80211_update_ft_ies_params ft_params;
9811 struct net_device *dev = info->user_ptr[1];
9812
9813 if (!rdev->ops->update_ft_ies)
9814 return -EOPNOTSUPP;
9815
9816 if (!info->attrs[NL80211_ATTR_MDID] ||
9817 !is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
9818 return -EINVAL;
9819
9820 memset(&ft_params, 0, sizeof(ft_params));
9821 ft_params.md = nla_get_u16(info->attrs[NL80211_ATTR_MDID]);
9822 ft_params.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
9823 ft_params.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
9824
9825 return rdev_update_ft_ies(rdev, dev, &ft_params);
9826}
9827
9828static int nl80211_crit_protocol_start(struct sk_buff *skb,
9829 struct genl_info *info)
9830{
9831 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9832 struct wireless_dev *wdev = info->user_ptr[1];
9833 enum nl80211_crit_proto_id proto = NL80211_CRIT_PROTO_UNSPEC;
9834 u16 duration;
9835 int ret;
9836
9837 if (!rdev->ops->crit_proto_start)
9838 return -EOPNOTSUPP;
9839
9840 if (WARN_ON(!rdev->ops->crit_proto_stop))
9841 return -EINVAL;
9842
9843 if (rdev->crit_proto_nlportid)
9844 return -EBUSY;
9845
9846
9847 if (info->attrs[NL80211_ATTR_CRIT_PROT_ID])
9848 proto = nla_get_u16(info->attrs[NL80211_ATTR_CRIT_PROT_ID]);
9849
9850 if (proto >= NUM_NL80211_CRIT_PROTO)
9851 return -EINVAL;
9852
9853
9854 if (!info->attrs[NL80211_ATTR_MAX_CRIT_PROT_DURATION])
9855 return -EINVAL;
9856
9857 duration =
9858 nla_get_u16(info->attrs[NL80211_ATTR_MAX_CRIT_PROT_DURATION]);
9859
9860 if (duration > NL80211_CRIT_PROTO_MAX_DURATION)
9861 return -ERANGE;
9862
9863 ret = rdev_crit_proto_start(rdev, wdev, proto, duration);
9864 if (!ret)
9865 rdev->crit_proto_nlportid = info->snd_portid;
9866
9867 return ret;
9868}
9869
9870static int nl80211_crit_protocol_stop(struct sk_buff *skb,
9871 struct genl_info *info)
9872{
9873 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9874 struct wireless_dev *wdev = info->user_ptr[1];
9875
9876 if (!rdev->ops->crit_proto_stop)
9877 return -EOPNOTSUPP;
9878
9879 if (rdev->crit_proto_nlportid) {
9880 rdev->crit_proto_nlportid = 0;
9881 rdev_crit_proto_stop(rdev, wdev);
9882 }
9883 return 0;
9884}
9885
9886static int nl80211_vendor_cmd(struct sk_buff *skb, struct genl_info *info)
9887{
9888 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9889 struct wireless_dev *wdev =
9890 __cfg80211_wdev_from_attrs(genl_info_net(info), info->attrs);
9891 int i, err;
9892 u32 vid, subcmd;
9893
9894 if (!rdev->wiphy.vendor_commands)
9895 return -EOPNOTSUPP;
9896
9897 if (IS_ERR(wdev)) {
9898 err = PTR_ERR(wdev);
9899 if (err != -EINVAL)
9900 return err;
9901 wdev = NULL;
9902 } else if (wdev->wiphy != &rdev->wiphy) {
9903 return -EINVAL;
9904 }
9905
9906 if (!info->attrs[NL80211_ATTR_VENDOR_ID] ||
9907 !info->attrs[NL80211_ATTR_VENDOR_SUBCMD])
9908 return -EINVAL;
9909
9910 vid = nla_get_u32(info->attrs[NL80211_ATTR_VENDOR_ID]);
9911 subcmd = nla_get_u32(info->attrs[NL80211_ATTR_VENDOR_SUBCMD]);
9912 for (i = 0; i < rdev->wiphy.n_vendor_commands; i++) {
9913 const struct wiphy_vendor_command *vcmd;
9914 void *data = NULL;
9915 int len = 0;
9916
9917 vcmd = &rdev->wiphy.vendor_commands[i];
9918
9919 if (vcmd->info.vendor_id != vid || vcmd->info.subcmd != subcmd)
9920 continue;
9921
9922 if (vcmd->flags & (WIPHY_VENDOR_CMD_NEED_WDEV |
9923 WIPHY_VENDOR_CMD_NEED_NETDEV)) {
9924 if (!wdev)
9925 return -EINVAL;
9926 if (vcmd->flags & WIPHY_VENDOR_CMD_NEED_NETDEV &&
9927 !wdev->netdev)
9928 return -EINVAL;
9929
9930 if (vcmd->flags & WIPHY_VENDOR_CMD_NEED_RUNNING) {
9931 if (wdev->netdev &&
9932 !netif_running(wdev->netdev))
9933 return -ENETDOWN;
9934 if (!wdev->netdev && !wdev->p2p_started)
9935 return -ENETDOWN;
9936 }
9937 } else {
9938 wdev = NULL;
9939 }
9940
9941 if (info->attrs[NL80211_ATTR_VENDOR_DATA]) {
9942 data = nla_data(info->attrs[NL80211_ATTR_VENDOR_DATA]);
9943 len = nla_len(info->attrs[NL80211_ATTR_VENDOR_DATA]);
9944 }
9945
9946 rdev->cur_cmd_info = info;
9947 err = rdev->wiphy.vendor_commands[i].doit(&rdev->wiphy, wdev,
9948 data, len);
9949 rdev->cur_cmd_info = NULL;
9950 return err;
9951 }
9952
9953 return -EOPNOTSUPP;
9954}
9955
9956struct sk_buff *__cfg80211_alloc_reply_skb(struct wiphy *wiphy,
9957 enum nl80211_commands cmd,
9958 enum nl80211_attrs attr,
9959 int approxlen)
9960{
9961 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
9962
9963 if (WARN_ON(!rdev->cur_cmd_info))
9964 return NULL;
9965
9966 return __cfg80211_alloc_vendor_skb(rdev, NULL, approxlen,
9967 rdev->cur_cmd_info->snd_portid,
9968 rdev->cur_cmd_info->snd_seq,
9969 cmd, attr, NULL, GFP_KERNEL);
9970}
9971EXPORT_SYMBOL(__cfg80211_alloc_reply_skb);
9972
9973int cfg80211_vendor_cmd_reply(struct sk_buff *skb)
9974{
9975 struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0];
9976 void *hdr = ((void **)skb->cb)[1];
9977 struct nlattr *data = ((void **)skb->cb)[2];
9978
9979
9980 memset(skb->cb, 0, sizeof(skb->cb));
9981
9982 if (WARN_ON(!rdev->cur_cmd_info)) {
9983 kfree_skb(skb);
9984 return -EINVAL;
9985 }
9986
9987 nla_nest_end(skb, data);
9988 genlmsg_end(skb, hdr);
9989 return genlmsg_reply(skb, rdev->cur_cmd_info);
9990}
9991EXPORT_SYMBOL_GPL(cfg80211_vendor_cmd_reply);
9992
9993
9994static int nl80211_set_qos_map(struct sk_buff *skb,
9995 struct genl_info *info)
9996{
9997 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9998 struct cfg80211_qos_map *qos_map = NULL;
9999 struct net_device *dev = info->user_ptr[1];
10000 u8 *pos, len, num_des, des_len, des;
10001 int ret;
10002
10003 if (!rdev->ops->set_qos_map)
10004 return -EOPNOTSUPP;
10005
10006 if (info->attrs[NL80211_ATTR_QOS_MAP]) {
10007 pos = nla_data(info->attrs[NL80211_ATTR_QOS_MAP]);
10008 len = nla_len(info->attrs[NL80211_ATTR_QOS_MAP]);
10009
10010 if (len % 2 || len < IEEE80211_QOS_MAP_LEN_MIN ||
10011 len > IEEE80211_QOS_MAP_LEN_MAX)
10012 return -EINVAL;
10013
10014 qos_map = kzalloc(sizeof(struct cfg80211_qos_map), GFP_KERNEL);
10015 if (!qos_map)
10016 return -ENOMEM;
10017
10018 num_des = (len - IEEE80211_QOS_MAP_LEN_MIN) >> 1;
10019 if (num_des) {
10020 des_len = num_des *
10021 sizeof(struct cfg80211_dscp_exception);
10022 memcpy(qos_map->dscp_exception, pos, des_len);
10023 qos_map->num_des = num_des;
10024 for (des = 0; des < num_des; des++) {
10025 if (qos_map->dscp_exception[des].up > 7) {
10026 kfree(qos_map);
10027 return -EINVAL;
10028 }
10029 }
10030 pos += des_len;
10031 }
10032 memcpy(qos_map->up, pos, IEEE80211_QOS_MAP_LEN_MIN);
10033 }
10034
10035 wdev_lock(dev->ieee80211_ptr);
10036 ret = nl80211_key_allowed(dev->ieee80211_ptr);
10037 if (!ret)
10038 ret = rdev_set_qos_map(rdev, dev, qos_map);
10039 wdev_unlock(dev->ieee80211_ptr);
10040
10041 kfree(qos_map);
10042 return ret;
10043}
10044
10045static int nl80211_add_tx_ts(struct sk_buff *skb, struct genl_info *info)
10046{
10047 struct cfg80211_registered_device *rdev = info->user_ptr[0];
10048 struct net_device *dev = info->user_ptr[1];
10049 struct wireless_dev *wdev = dev->ieee80211_ptr;
10050 const u8 *peer;
10051 u8 tsid, up;
10052 u16 admitted_time = 0;
10053 int err;
10054
10055 if (!(rdev->wiphy.features & NL80211_FEATURE_SUPPORTS_WMM_ADMISSION))
10056 return -EOPNOTSUPP;
10057
10058 if (!info->attrs[NL80211_ATTR_TSID] || !info->attrs[NL80211_ATTR_MAC] ||
10059 !info->attrs[NL80211_ATTR_USER_PRIO])
10060 return -EINVAL;
10061
10062 tsid = nla_get_u8(info->attrs[NL80211_ATTR_TSID]);
10063 if (tsid >= IEEE80211_NUM_TIDS)
10064 return -EINVAL;
10065
10066 up = nla_get_u8(info->attrs[NL80211_ATTR_USER_PRIO]);
10067 if (up >= IEEE80211_NUM_UPS)
10068 return -EINVAL;
10069
10070
10071 if (tsid >= IEEE80211_FIRST_TSPEC_TSID) {
10072
10073
10074
10075
10076 return -EINVAL;
10077 }
10078
10079 peer = nla_data(info->attrs[NL80211_ATTR_MAC]);
10080
10081 if (info->attrs[NL80211_ATTR_ADMITTED_TIME]) {
10082 admitted_time =
10083 nla_get_u16(info->attrs[NL80211_ATTR_ADMITTED_TIME]);
10084 if (!admitted_time)
10085 return -EINVAL;
10086 }
10087
10088 wdev_lock(wdev);
10089 switch (wdev->iftype) {
10090 case NL80211_IFTYPE_STATION:
10091 case NL80211_IFTYPE_P2P_CLIENT:
10092 if (wdev->current_bss)
10093 break;
10094 err = -ENOTCONN;
10095 goto out;
10096 default:
10097 err = -EOPNOTSUPP;
10098 goto out;
10099 }
10100
10101 err = rdev_add_tx_ts(rdev, dev, tsid, peer, up, admitted_time);
10102
10103 out:
10104 wdev_unlock(wdev);
10105 return err;
10106}
10107
10108static int nl80211_del_tx_ts(struct sk_buff *skb, struct genl_info *info)
10109{
10110 struct cfg80211_registered_device *rdev = info->user_ptr[0];
10111 struct net_device *dev = info->user_ptr[1];
10112 struct wireless_dev *wdev = dev->ieee80211_ptr;
10113 const u8 *peer;
10114 u8 tsid;
10115 int err;
10116
10117 if (!info->attrs[NL80211_ATTR_TSID] || !info->attrs[NL80211_ATTR_MAC])
10118 return -EINVAL;
10119
10120 tsid = nla_get_u8(info->attrs[NL80211_ATTR_TSID]);
10121 peer = nla_data(info->attrs[NL80211_ATTR_MAC]);
10122
10123 wdev_lock(wdev);
10124 err = rdev_del_tx_ts(rdev, dev, tsid, peer);
10125 wdev_unlock(wdev);
10126
10127 return err;
10128}
10129
10130static int nl80211_tdls_channel_switch(struct sk_buff *skb,
10131 struct genl_info *info)
10132{
10133 struct cfg80211_registered_device *rdev = info->user_ptr[0];
10134 struct net_device *dev = info->user_ptr[1];
10135 struct wireless_dev *wdev = dev->ieee80211_ptr;
10136 struct cfg80211_chan_def chandef = {};
10137 const u8 *addr;
10138 u8 oper_class;
10139 int err;
10140
10141 if (!rdev->ops->tdls_channel_switch ||
10142 !(rdev->wiphy.features & NL80211_FEATURE_TDLS_CHANNEL_SWITCH))
10143 return -EOPNOTSUPP;
10144
10145 switch (dev->ieee80211_ptr->iftype) {
10146 case NL80211_IFTYPE_STATION:
10147 case NL80211_IFTYPE_P2P_CLIENT:
10148 break;
10149 default:
10150 return -EOPNOTSUPP;
10151 }
10152
10153 if (!info->attrs[NL80211_ATTR_MAC] ||
10154 !info->attrs[NL80211_ATTR_OPER_CLASS])
10155 return -EINVAL;
10156
10157 err = nl80211_parse_chandef(rdev, info, &chandef);
10158 if (err)
10159 return err;
10160
10161
10162
10163
10164
10165
10166 if (chandef.chan->band == IEEE80211_BAND_2GHZ &&
10167 chandef.width != NL80211_CHAN_WIDTH_20_NOHT &&
10168 chandef.width != NL80211_CHAN_WIDTH_20)
10169 return -EINVAL;
10170
10171
10172 if (!cfg80211_reg_can_beacon(&rdev->wiphy, &chandef, wdev->iftype))
10173 return -EINVAL;
10174
10175
10176 if (cfg80211_chandef_dfs_required(wdev->wiphy, &chandef, wdev->iftype))
10177 return -EINVAL;
10178
10179 addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
10180 oper_class = nla_get_u8(info->attrs[NL80211_ATTR_OPER_CLASS]);
10181
10182 wdev_lock(wdev);
10183 err = rdev_tdls_channel_switch(rdev, dev, addr, oper_class, &chandef);
10184 wdev_unlock(wdev);
10185
10186 return err;
10187}
10188
10189static int nl80211_tdls_cancel_channel_switch(struct sk_buff *skb,
10190 struct genl_info *info)
10191{
10192 struct cfg80211_registered_device *rdev = info->user_ptr[0];
10193 struct net_device *dev = info->user_ptr[1];
10194 struct wireless_dev *wdev = dev->ieee80211_ptr;
10195 const u8 *addr;
10196
10197 if (!rdev->ops->tdls_channel_switch ||
10198 !rdev->ops->tdls_cancel_channel_switch ||
10199 !(rdev->wiphy.features & NL80211_FEATURE_TDLS_CHANNEL_SWITCH))
10200 return -EOPNOTSUPP;
10201
10202 switch (dev->ieee80211_ptr->iftype) {
10203 case NL80211_IFTYPE_STATION:
10204 case NL80211_IFTYPE_P2P_CLIENT:
10205 break;
10206 default:
10207 return -EOPNOTSUPP;
10208 }
10209
10210 if (!info->attrs[NL80211_ATTR_MAC])
10211 return -EINVAL;
10212
10213 addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
10214
10215 wdev_lock(wdev);
10216 rdev_tdls_cancel_channel_switch(rdev, dev, addr);
10217 wdev_unlock(wdev);
10218
10219 return 0;
10220}
10221
10222#define NL80211_FLAG_NEED_WIPHY 0x01
10223#define NL80211_FLAG_NEED_NETDEV 0x02
10224#define NL80211_FLAG_NEED_RTNL 0x04
10225#define NL80211_FLAG_CHECK_NETDEV_UP 0x08
10226#define NL80211_FLAG_NEED_NETDEV_UP (NL80211_FLAG_NEED_NETDEV |\
10227 NL80211_FLAG_CHECK_NETDEV_UP)
10228#define NL80211_FLAG_NEED_WDEV 0x10
10229
10230#define NL80211_FLAG_NEED_WDEV_UP (NL80211_FLAG_NEED_WDEV |\
10231 NL80211_FLAG_CHECK_NETDEV_UP)
10232#define NL80211_FLAG_CLEAR_SKB 0x20
10233
10234static int nl80211_pre_doit(const struct genl_ops *ops, struct sk_buff *skb,
10235 struct genl_info *info)
10236{
10237 struct cfg80211_registered_device *rdev;
10238 struct wireless_dev *wdev;
10239 struct net_device *dev;
10240 bool rtnl = ops->internal_flags & NL80211_FLAG_NEED_RTNL;
10241
10242 if (rtnl)
10243 rtnl_lock();
10244
10245 if (ops->internal_flags & NL80211_FLAG_NEED_WIPHY) {
10246 rdev = cfg80211_get_dev_from_info(genl_info_net(info), info);
10247 if (IS_ERR(rdev)) {
10248 if (rtnl)
10249 rtnl_unlock();
10250 return PTR_ERR(rdev);
10251 }
10252 info->user_ptr[0] = rdev;
10253 } else if (ops->internal_flags & NL80211_FLAG_NEED_NETDEV ||
10254 ops->internal_flags & NL80211_FLAG_NEED_WDEV) {
10255 ASSERT_RTNL();
10256
10257 wdev = __cfg80211_wdev_from_attrs(genl_info_net(info),
10258 info->attrs);
10259 if (IS_ERR(wdev)) {
10260 if (rtnl)
10261 rtnl_unlock();
10262 return PTR_ERR(wdev);
10263 }
10264
10265 dev = wdev->netdev;
10266 rdev = wiphy_to_rdev(wdev->wiphy);
10267
10268 if (ops->internal_flags & NL80211_FLAG_NEED_NETDEV) {
10269 if (!dev) {
10270 if (rtnl)
10271 rtnl_unlock();
10272 return -EINVAL;
10273 }
10274
10275 info->user_ptr[1] = dev;
10276 } else {
10277 info->user_ptr[1] = wdev;
10278 }
10279
10280 if (dev) {
10281 if (ops->internal_flags & NL80211_FLAG_CHECK_NETDEV_UP &&
10282 !netif_running(dev)) {
10283 if (rtnl)
10284 rtnl_unlock();
10285 return -ENETDOWN;
10286 }
10287
10288 dev_hold(dev);
10289 } else if (ops->internal_flags & NL80211_FLAG_CHECK_NETDEV_UP) {
10290 if (!wdev->p2p_started) {
10291 if (rtnl)
10292 rtnl_unlock();
10293 return -ENETDOWN;
10294 }
10295 }
10296
10297 info->user_ptr[0] = rdev;
10298 }
10299
10300 return 0;
10301}
10302
10303static void nl80211_post_doit(const struct genl_ops *ops, struct sk_buff *skb,
10304 struct genl_info *info)
10305{
10306 if (info->user_ptr[1]) {
10307 if (ops->internal_flags & NL80211_FLAG_NEED_WDEV) {
10308 struct wireless_dev *wdev = info->user_ptr[1];
10309
10310 if (wdev->netdev)
10311 dev_put(wdev->netdev);
10312 } else {
10313 dev_put(info->user_ptr[1]);
10314 }
10315 }
10316
10317 if (ops->internal_flags & NL80211_FLAG_NEED_RTNL)
10318 rtnl_unlock();
10319
10320
10321
10322
10323
10324
10325 if (ops->internal_flags & NL80211_FLAG_CLEAR_SKB) {
10326 struct nlmsghdr *nlh = nlmsg_hdr(skb);
10327
10328 memset(nlmsg_data(nlh), 0, nlmsg_len(nlh));
10329 }
10330}
10331
10332static const struct genl_ops nl80211_ops[] = {
10333 {
10334 .cmd = NL80211_CMD_GET_WIPHY,
10335 .doit = nl80211_get_wiphy,
10336 .dumpit = nl80211_dump_wiphy,
10337 .done = nl80211_dump_wiphy_done,
10338 .policy = nl80211_policy,
10339
10340 .internal_flags = NL80211_FLAG_NEED_WIPHY |
10341 NL80211_FLAG_NEED_RTNL,
10342 },
10343 {
10344 .cmd = NL80211_CMD_SET_WIPHY,
10345 .doit = nl80211_set_wiphy,
10346 .policy = nl80211_policy,
10347 .flags = GENL_ADMIN_PERM,
10348 .internal_flags = NL80211_FLAG_NEED_RTNL,
10349 },
10350 {
10351 .cmd = NL80211_CMD_GET_INTERFACE,
10352 .doit = nl80211_get_interface,
10353 .dumpit = nl80211_dump_interface,
10354 .policy = nl80211_policy,
10355
10356 .internal_flags = NL80211_FLAG_NEED_WDEV |
10357 NL80211_FLAG_NEED_RTNL,
10358 },
10359 {
10360 .cmd = NL80211_CMD_SET_INTERFACE,
10361 .doit = nl80211_set_interface,
10362 .policy = nl80211_policy,
10363 .flags = GENL_ADMIN_PERM,
10364 .internal_flags = NL80211_FLAG_NEED_NETDEV |
10365 NL80211_FLAG_NEED_RTNL,
10366 },
10367 {
10368 .cmd = NL80211_CMD_NEW_INTERFACE,
10369 .doit = nl80211_new_interface,
10370 .policy = nl80211_policy,
10371 .flags = GENL_ADMIN_PERM,
10372 .internal_flags = NL80211_FLAG_NEED_WIPHY |
10373 NL80211_FLAG_NEED_RTNL,
10374 },
10375 {
10376 .cmd = NL80211_CMD_DEL_INTERFACE,
10377 .doit = nl80211_del_interface,
10378 .policy = nl80211_policy,
10379 .flags = GENL_ADMIN_PERM,
10380 .internal_flags = NL80211_FLAG_NEED_WDEV |
10381 NL80211_FLAG_NEED_RTNL,
10382 },
10383 {
10384 .cmd = NL80211_CMD_GET_KEY,
10385 .doit = nl80211_get_key,
10386 .policy = nl80211_policy,
10387 .flags = GENL_ADMIN_PERM,
10388 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10389 NL80211_FLAG_NEED_RTNL,
10390 },
10391 {
10392 .cmd = NL80211_CMD_SET_KEY,
10393 .doit = nl80211_set_key,
10394 .policy = nl80211_policy,
10395 .flags = GENL_ADMIN_PERM,
10396 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10397 NL80211_FLAG_NEED_RTNL |
10398 NL80211_FLAG_CLEAR_SKB,
10399 },
10400 {
10401 .cmd = NL80211_CMD_NEW_KEY,
10402 .doit = nl80211_new_key,
10403 .policy = nl80211_policy,
10404 .flags = GENL_ADMIN_PERM,
10405 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10406 NL80211_FLAG_NEED_RTNL |
10407 NL80211_FLAG_CLEAR_SKB,
10408 },
10409 {
10410 .cmd = NL80211_CMD_DEL_KEY,
10411 .doit = nl80211_del_key,
10412 .policy = nl80211_policy,
10413 .flags = GENL_ADMIN_PERM,
10414 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10415 NL80211_FLAG_NEED_RTNL,
10416 },
10417 {
10418 .cmd = NL80211_CMD_SET_BEACON,
10419 .policy = nl80211_policy,
10420 .flags = GENL_ADMIN_PERM,
10421 .doit = nl80211_set_beacon,
10422 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10423 NL80211_FLAG_NEED_RTNL,
10424 },
10425 {
10426 .cmd = NL80211_CMD_START_AP,
10427 .policy = nl80211_policy,
10428 .flags = GENL_ADMIN_PERM,
10429 .doit = nl80211_start_ap,
10430 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10431 NL80211_FLAG_NEED_RTNL,
10432 },
10433 {
10434 .cmd = NL80211_CMD_STOP_AP,
10435 .policy = nl80211_policy,
10436 .flags = GENL_ADMIN_PERM,
10437 .doit = nl80211_stop_ap,
10438 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10439 NL80211_FLAG_NEED_RTNL,
10440 },
10441 {
10442 .cmd = NL80211_CMD_GET_STATION,
10443 .doit = nl80211_get_station,
10444 .dumpit = nl80211_dump_station,
10445 .policy = nl80211_policy,
10446 .internal_flags = NL80211_FLAG_NEED_NETDEV |
10447 NL80211_FLAG_NEED_RTNL,
10448 },
10449 {
10450 .cmd = NL80211_CMD_SET_STATION,
10451 .doit = nl80211_set_station,
10452 .policy = nl80211_policy,
10453 .flags = GENL_ADMIN_PERM,
10454 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10455 NL80211_FLAG_NEED_RTNL,
10456 },
10457 {
10458 .cmd = NL80211_CMD_NEW_STATION,
10459 .doit = nl80211_new_station,
10460 .policy = nl80211_policy,
10461 .flags = GENL_ADMIN_PERM,
10462 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10463 NL80211_FLAG_NEED_RTNL,
10464 },
10465 {
10466 .cmd = NL80211_CMD_DEL_STATION,
10467 .doit = nl80211_del_station,
10468 .policy = nl80211_policy,
10469 .flags = GENL_ADMIN_PERM,
10470 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10471 NL80211_FLAG_NEED_RTNL,
10472 },
10473 {
10474 .cmd = NL80211_CMD_GET_MPATH,
10475 .doit = nl80211_get_mpath,
10476 .dumpit = nl80211_dump_mpath,
10477 .policy = nl80211_policy,
10478 .flags = GENL_ADMIN_PERM,
10479 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10480 NL80211_FLAG_NEED_RTNL,
10481 },
10482 {
10483 .cmd = NL80211_CMD_GET_MPP,
10484 .doit = nl80211_get_mpp,
10485 .dumpit = nl80211_dump_mpp,
10486 .policy = nl80211_policy,
10487 .flags = GENL_ADMIN_PERM,
10488 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10489 NL80211_FLAG_NEED_RTNL,
10490 },
10491 {
10492 .cmd = NL80211_CMD_SET_MPATH,
10493 .doit = nl80211_set_mpath,
10494 .policy = nl80211_policy,
10495 .flags = GENL_ADMIN_PERM,
10496 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10497 NL80211_FLAG_NEED_RTNL,
10498 },
10499 {
10500 .cmd = NL80211_CMD_NEW_MPATH,
10501 .doit = nl80211_new_mpath,
10502 .policy = nl80211_policy,
10503 .flags = GENL_ADMIN_PERM,
10504 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10505 NL80211_FLAG_NEED_RTNL,
10506 },
10507 {
10508 .cmd = NL80211_CMD_DEL_MPATH,
10509 .doit = nl80211_del_mpath,
10510 .policy = nl80211_policy,
10511 .flags = GENL_ADMIN_PERM,
10512 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10513 NL80211_FLAG_NEED_RTNL,
10514 },
10515 {
10516 .cmd = NL80211_CMD_SET_BSS,
10517 .doit = nl80211_set_bss,
10518 .policy = nl80211_policy,
10519 .flags = GENL_ADMIN_PERM,
10520 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10521 NL80211_FLAG_NEED_RTNL,
10522 },
10523 {
10524 .cmd = NL80211_CMD_GET_REG,
10525 .doit = nl80211_get_reg_do,
10526 .dumpit = nl80211_get_reg_dump,
10527 .policy = nl80211_policy,
10528 .internal_flags = NL80211_FLAG_NEED_RTNL,
10529
10530 },
10531 {
10532 .cmd = NL80211_CMD_SET_REG,
10533 .doit = nl80211_set_reg,
10534 .policy = nl80211_policy,
10535 .flags = GENL_ADMIN_PERM,
10536 .internal_flags = NL80211_FLAG_NEED_RTNL,
10537 },
10538 {
10539 .cmd = NL80211_CMD_REQ_SET_REG,
10540 .doit = nl80211_req_set_reg,
10541 .policy = nl80211_policy,
10542 .flags = GENL_ADMIN_PERM,
10543 },
10544 {
10545 .cmd = NL80211_CMD_GET_MESH_CONFIG,
10546 .doit = nl80211_get_mesh_config,
10547 .policy = nl80211_policy,
10548
10549 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10550 NL80211_FLAG_NEED_RTNL,
10551 },
10552 {
10553 .cmd = NL80211_CMD_SET_MESH_CONFIG,
10554 .doit = nl80211_update_mesh_config,
10555 .policy = nl80211_policy,
10556 .flags = GENL_ADMIN_PERM,
10557 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10558 NL80211_FLAG_NEED_RTNL,
10559 },
10560 {
10561 .cmd = NL80211_CMD_TRIGGER_SCAN,
10562 .doit = nl80211_trigger_scan,
10563 .policy = nl80211_policy,
10564 .flags = GENL_ADMIN_PERM,
10565 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
10566 NL80211_FLAG_NEED_RTNL,
10567 },
10568 {
10569 .cmd = NL80211_CMD_GET_SCAN,
10570 .policy = nl80211_policy,
10571 .dumpit = nl80211_dump_scan,
10572 },
10573 {
10574 .cmd = NL80211_CMD_START_SCHED_SCAN,
10575 .doit = nl80211_start_sched_scan,
10576 .policy = nl80211_policy,
10577 .flags = GENL_ADMIN_PERM,
10578 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10579 NL80211_FLAG_NEED_RTNL,
10580 },
10581 {
10582 .cmd = NL80211_CMD_STOP_SCHED_SCAN,
10583 .doit = nl80211_stop_sched_scan,
10584 .policy = nl80211_policy,
10585 .flags = GENL_ADMIN_PERM,
10586 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10587 NL80211_FLAG_NEED_RTNL,
10588 },
10589 {
10590 .cmd = NL80211_CMD_AUTHENTICATE,
10591 .doit = nl80211_authenticate,
10592 .policy = nl80211_policy,
10593 .flags = GENL_ADMIN_PERM,
10594 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10595 NL80211_FLAG_NEED_RTNL |
10596 NL80211_FLAG_CLEAR_SKB,
10597 },
10598 {
10599 .cmd = NL80211_CMD_ASSOCIATE,
10600 .doit = nl80211_associate,
10601 .policy = nl80211_policy,
10602 .flags = GENL_ADMIN_PERM,
10603 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10604 NL80211_FLAG_NEED_RTNL,
10605 },
10606 {
10607 .cmd = NL80211_CMD_DEAUTHENTICATE,
10608 .doit = nl80211_deauthenticate,
10609 .policy = nl80211_policy,
10610 .flags = GENL_ADMIN_PERM,
10611 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10612 NL80211_FLAG_NEED_RTNL,
10613 },
10614 {
10615 .cmd = NL80211_CMD_DISASSOCIATE,
10616 .doit = nl80211_disassociate,
10617 .policy = nl80211_policy,
10618 .flags = GENL_ADMIN_PERM,
10619 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10620 NL80211_FLAG_NEED_RTNL,
10621 },
10622 {
10623 .cmd = NL80211_CMD_JOIN_IBSS,
10624 .doit = nl80211_join_ibss,
10625 .policy = nl80211_policy,
10626 .flags = GENL_ADMIN_PERM,
10627 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10628 NL80211_FLAG_NEED_RTNL,
10629 },
10630 {
10631 .cmd = NL80211_CMD_LEAVE_IBSS,
10632 .doit = nl80211_leave_ibss,
10633 .policy = nl80211_policy,
10634 .flags = GENL_ADMIN_PERM,
10635 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10636 NL80211_FLAG_NEED_RTNL,
10637 },
10638#ifdef CONFIG_NL80211_TESTMODE
10639 {
10640 .cmd = NL80211_CMD_TESTMODE,
10641 .doit = nl80211_testmode_do,
10642 .dumpit = nl80211_testmode_dump,
10643 .policy = nl80211_policy,
10644 .flags = GENL_ADMIN_PERM,
10645 .internal_flags = NL80211_FLAG_NEED_WIPHY |
10646 NL80211_FLAG_NEED_RTNL,
10647 },
10648#endif
10649 {
10650 .cmd = NL80211_CMD_CONNECT,
10651 .doit = nl80211_connect,
10652 .policy = nl80211_policy,
10653 .flags = GENL_ADMIN_PERM,
10654 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10655 NL80211_FLAG_NEED_RTNL,
10656 },
10657 {
10658 .cmd = NL80211_CMD_DISCONNECT,
10659 .doit = nl80211_disconnect,
10660 .policy = nl80211_policy,
10661 .flags = GENL_ADMIN_PERM,
10662 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10663 NL80211_FLAG_NEED_RTNL,
10664 },
10665 {
10666 .cmd = NL80211_CMD_SET_WIPHY_NETNS,
10667 .doit = nl80211_wiphy_netns,
10668 .policy = nl80211_policy,
10669 .flags = GENL_ADMIN_PERM,
10670 .internal_flags = NL80211_FLAG_NEED_WIPHY |
10671 NL80211_FLAG_NEED_RTNL,
10672 },
10673 {
10674 .cmd = NL80211_CMD_GET_SURVEY,
10675 .policy = nl80211_policy,
10676 .dumpit = nl80211_dump_survey,
10677 },
10678 {
10679 .cmd = NL80211_CMD_SET_PMKSA,
10680 .doit = nl80211_setdel_pmksa,
10681 .policy = nl80211_policy,
10682 .flags = GENL_ADMIN_PERM,
10683 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10684 NL80211_FLAG_NEED_RTNL,
10685 },
10686 {
10687 .cmd = NL80211_CMD_DEL_PMKSA,
10688 .doit = nl80211_setdel_pmksa,
10689 .policy = nl80211_policy,
10690 .flags = GENL_ADMIN_PERM,
10691 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10692 NL80211_FLAG_NEED_RTNL,
10693 },
10694 {
10695 .cmd = NL80211_CMD_FLUSH_PMKSA,
10696 .doit = nl80211_flush_pmksa,
10697 .policy = nl80211_policy,
10698 .flags = GENL_ADMIN_PERM,
10699 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10700 NL80211_FLAG_NEED_RTNL,
10701 },
10702 {
10703 .cmd = NL80211_CMD_REMAIN_ON_CHANNEL,
10704 .doit = nl80211_remain_on_channel,
10705 .policy = nl80211_policy,
10706 .flags = GENL_ADMIN_PERM,
10707 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
10708 NL80211_FLAG_NEED_RTNL,
10709 },
10710 {
10711 .cmd = NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL,
10712 .doit = nl80211_cancel_remain_on_channel,
10713 .policy = nl80211_policy,
10714 .flags = GENL_ADMIN_PERM,
10715 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
10716 NL80211_FLAG_NEED_RTNL,
10717 },
10718 {
10719 .cmd = NL80211_CMD_SET_TX_BITRATE_MASK,
10720 .doit = nl80211_set_tx_bitrate_mask,
10721 .policy = nl80211_policy,
10722 .flags = GENL_ADMIN_PERM,
10723 .internal_flags = NL80211_FLAG_NEED_NETDEV |
10724 NL80211_FLAG_NEED_RTNL,
10725 },
10726 {
10727 .cmd = NL80211_CMD_REGISTER_FRAME,
10728 .doit = nl80211_register_mgmt,
10729 .policy = nl80211_policy,
10730 .flags = GENL_ADMIN_PERM,
10731 .internal_flags = NL80211_FLAG_NEED_WDEV |
10732 NL80211_FLAG_NEED_RTNL,
10733 },
10734 {
10735 .cmd = NL80211_CMD_FRAME,
10736 .doit = nl80211_tx_mgmt,
10737 .policy = nl80211_policy,
10738 .flags = GENL_ADMIN_PERM,
10739 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
10740 NL80211_FLAG_NEED_RTNL,
10741 },
10742 {
10743 .cmd = NL80211_CMD_FRAME_WAIT_CANCEL,
10744 .doit = nl80211_tx_mgmt_cancel_wait,
10745 .policy = nl80211_policy,
10746 .flags = GENL_ADMIN_PERM,
10747 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
10748 NL80211_FLAG_NEED_RTNL,
10749 },
10750 {
10751 .cmd = NL80211_CMD_SET_POWER_SAVE,
10752 .doit = nl80211_set_power_save,
10753 .policy = nl80211_policy,
10754 .flags = GENL_ADMIN_PERM,
10755 .internal_flags = NL80211_FLAG_NEED_NETDEV |
10756 NL80211_FLAG_NEED_RTNL,
10757 },
10758 {
10759 .cmd = NL80211_CMD_GET_POWER_SAVE,
10760 .doit = nl80211_get_power_save,
10761 .policy = nl80211_policy,
10762
10763 .internal_flags = NL80211_FLAG_NEED_NETDEV |
10764 NL80211_FLAG_NEED_RTNL,
10765 },
10766 {
10767 .cmd = NL80211_CMD_SET_CQM,
10768 .doit = nl80211_set_cqm,
10769 .policy = nl80211_policy,
10770 .flags = GENL_ADMIN_PERM,
10771 .internal_flags = NL80211_FLAG_NEED_NETDEV |
10772 NL80211_FLAG_NEED_RTNL,
10773 },
10774 {
10775 .cmd = NL80211_CMD_SET_CHANNEL,
10776 .doit = nl80211_set_channel,
10777 .policy = nl80211_policy,
10778 .flags = GENL_ADMIN_PERM,
10779 .internal_flags = NL80211_FLAG_NEED_NETDEV |
10780 NL80211_FLAG_NEED_RTNL,
10781 },
10782 {
10783 .cmd = NL80211_CMD_SET_WDS_PEER,
10784 .doit = nl80211_set_wds_peer,
10785 .policy = nl80211_policy,
10786 .flags = GENL_ADMIN_PERM,
10787 .internal_flags = NL80211_FLAG_NEED_NETDEV |
10788 NL80211_FLAG_NEED_RTNL,
10789 },
10790 {
10791 .cmd = NL80211_CMD_JOIN_MESH,
10792 .doit = nl80211_join_mesh,
10793 .policy = nl80211_policy,
10794 .flags = GENL_ADMIN_PERM,
10795 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10796 NL80211_FLAG_NEED_RTNL,
10797 },
10798 {
10799 .cmd = NL80211_CMD_LEAVE_MESH,
10800 .doit = nl80211_leave_mesh,
10801 .policy = nl80211_policy,
10802 .flags = GENL_ADMIN_PERM,
10803 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10804 NL80211_FLAG_NEED_RTNL,
10805 },
10806 {
10807 .cmd = NL80211_CMD_JOIN_OCB,
10808 .doit = nl80211_join_ocb,
10809 .policy = nl80211_policy,
10810 .flags = GENL_ADMIN_PERM,
10811 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10812 NL80211_FLAG_NEED_RTNL,
10813 },
10814 {
10815 .cmd = NL80211_CMD_LEAVE_OCB,
10816 .doit = nl80211_leave_ocb,
10817 .policy = nl80211_policy,
10818 .flags = GENL_ADMIN_PERM,
10819 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10820 NL80211_FLAG_NEED_RTNL,
10821 },
10822#ifdef CONFIG_PM
10823 {
10824 .cmd = NL80211_CMD_GET_WOWLAN,
10825 .doit = nl80211_get_wowlan,
10826 .policy = nl80211_policy,
10827
10828 .internal_flags = NL80211_FLAG_NEED_WIPHY |
10829 NL80211_FLAG_NEED_RTNL,
10830 },
10831 {
10832 .cmd = NL80211_CMD_SET_WOWLAN,
10833 .doit = nl80211_set_wowlan,
10834 .policy = nl80211_policy,
10835 .flags = GENL_ADMIN_PERM,
10836 .internal_flags = NL80211_FLAG_NEED_WIPHY |
10837 NL80211_FLAG_NEED_RTNL,
10838 },
10839#endif
10840 {
10841 .cmd = NL80211_CMD_SET_REKEY_OFFLOAD,
10842 .doit = nl80211_set_rekey_data,
10843 .policy = nl80211_policy,
10844 .flags = GENL_ADMIN_PERM,
10845 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10846 NL80211_FLAG_NEED_RTNL |
10847 NL80211_FLAG_CLEAR_SKB,
10848 },
10849 {
10850 .cmd = NL80211_CMD_TDLS_MGMT,
10851 .doit = nl80211_tdls_mgmt,
10852 .policy = nl80211_policy,
10853 .flags = GENL_ADMIN_PERM,
10854 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10855 NL80211_FLAG_NEED_RTNL,
10856 },
10857 {
10858 .cmd = NL80211_CMD_TDLS_OPER,
10859 .doit = nl80211_tdls_oper,
10860 .policy = nl80211_policy,
10861 .flags = GENL_ADMIN_PERM,
10862 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10863 NL80211_FLAG_NEED_RTNL,
10864 },
10865 {
10866 .cmd = NL80211_CMD_UNEXPECTED_FRAME,
10867 .doit = nl80211_register_unexpected_frame,
10868 .policy = nl80211_policy,
10869 .flags = GENL_ADMIN_PERM,
10870 .internal_flags = NL80211_FLAG_NEED_NETDEV |
10871 NL80211_FLAG_NEED_RTNL,
10872 },
10873 {
10874 .cmd = NL80211_CMD_PROBE_CLIENT,
10875 .doit = nl80211_probe_client,
10876 .policy = nl80211_policy,
10877 .flags = GENL_ADMIN_PERM,
10878 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10879 NL80211_FLAG_NEED_RTNL,
10880 },
10881 {
10882 .cmd = NL80211_CMD_REGISTER_BEACONS,
10883 .doit = nl80211_register_beacons,
10884 .policy = nl80211_policy,
10885 .flags = GENL_ADMIN_PERM,
10886 .internal_flags = NL80211_FLAG_NEED_WIPHY |
10887 NL80211_FLAG_NEED_RTNL,
10888 },
10889 {
10890 .cmd = NL80211_CMD_SET_NOACK_MAP,
10891 .doit = nl80211_set_noack_map,
10892 .policy = nl80211_policy,
10893 .flags = GENL_ADMIN_PERM,
10894 .internal_flags = NL80211_FLAG_NEED_NETDEV |
10895 NL80211_FLAG_NEED_RTNL,
10896 },
10897 {
10898 .cmd = NL80211_CMD_START_P2P_DEVICE,
10899 .doit = nl80211_start_p2p_device,
10900 .policy = nl80211_policy,
10901 .flags = GENL_ADMIN_PERM,
10902 .internal_flags = NL80211_FLAG_NEED_WDEV |
10903 NL80211_FLAG_NEED_RTNL,
10904 },
10905 {
10906 .cmd = NL80211_CMD_STOP_P2P_DEVICE,
10907 .doit = nl80211_stop_p2p_device,
10908 .policy = nl80211_policy,
10909 .flags = GENL_ADMIN_PERM,
10910 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
10911 NL80211_FLAG_NEED_RTNL,
10912 },
10913 {
10914 .cmd = NL80211_CMD_SET_MCAST_RATE,
10915 .doit = nl80211_set_mcast_rate,
10916 .policy = nl80211_policy,
10917 .flags = GENL_ADMIN_PERM,
10918 .internal_flags = NL80211_FLAG_NEED_NETDEV |
10919 NL80211_FLAG_NEED_RTNL,
10920 },
10921 {
10922 .cmd = NL80211_CMD_SET_MAC_ACL,
10923 .doit = nl80211_set_mac_acl,
10924 .policy = nl80211_policy,
10925 .flags = GENL_ADMIN_PERM,
10926 .internal_flags = NL80211_FLAG_NEED_NETDEV |
10927 NL80211_FLAG_NEED_RTNL,
10928 },
10929 {
10930 .cmd = NL80211_CMD_RADAR_DETECT,
10931 .doit = nl80211_start_radar_detection,
10932 .policy = nl80211_policy,
10933 .flags = GENL_ADMIN_PERM,
10934 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10935 NL80211_FLAG_NEED_RTNL,
10936 },
10937 {
10938 .cmd = NL80211_CMD_GET_PROTOCOL_FEATURES,
10939 .doit = nl80211_get_protocol_features,
10940 .policy = nl80211_policy,
10941 },
10942 {
10943 .cmd = NL80211_CMD_UPDATE_FT_IES,
10944 .doit = nl80211_update_ft_ies,
10945 .policy = nl80211_policy,
10946 .flags = GENL_ADMIN_PERM,
10947 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10948 NL80211_FLAG_NEED_RTNL,
10949 },
10950 {
10951 .cmd = NL80211_CMD_CRIT_PROTOCOL_START,
10952 .doit = nl80211_crit_protocol_start,
10953 .policy = nl80211_policy,
10954 .flags = GENL_ADMIN_PERM,
10955 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
10956 NL80211_FLAG_NEED_RTNL,
10957 },
10958 {
10959 .cmd = NL80211_CMD_CRIT_PROTOCOL_STOP,
10960 .doit = nl80211_crit_protocol_stop,
10961 .policy = nl80211_policy,
10962 .flags = GENL_ADMIN_PERM,
10963 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
10964 NL80211_FLAG_NEED_RTNL,
10965 },
10966 {
10967 .cmd = NL80211_CMD_GET_COALESCE,
10968 .doit = nl80211_get_coalesce,
10969 .policy = nl80211_policy,
10970 .internal_flags = NL80211_FLAG_NEED_WIPHY |
10971 NL80211_FLAG_NEED_RTNL,
10972 },
10973 {
10974 .cmd = NL80211_CMD_SET_COALESCE,
10975 .doit = nl80211_set_coalesce,
10976 .policy = nl80211_policy,
10977 .flags = GENL_ADMIN_PERM,
10978 .internal_flags = NL80211_FLAG_NEED_WIPHY |
10979 NL80211_FLAG_NEED_RTNL,
10980 },
10981 {
10982 .cmd = NL80211_CMD_CHANNEL_SWITCH,
10983 .doit = nl80211_channel_switch,
10984 .policy = nl80211_policy,
10985 .flags = GENL_ADMIN_PERM,
10986 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
10987 NL80211_FLAG_NEED_RTNL,
10988 },
10989 {
10990 .cmd = NL80211_CMD_VENDOR,
10991 .doit = nl80211_vendor_cmd,
10992 .policy = nl80211_policy,
10993 .flags = GENL_ADMIN_PERM,
10994 .internal_flags = NL80211_FLAG_NEED_WIPHY |
10995 NL80211_FLAG_NEED_RTNL,
10996 },
10997 {
10998 .cmd = NL80211_CMD_SET_QOS_MAP,
10999 .doit = nl80211_set_qos_map,
11000 .policy = nl80211_policy,
11001 .flags = GENL_ADMIN_PERM,
11002 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
11003 NL80211_FLAG_NEED_RTNL,
11004 },
11005 {
11006 .cmd = NL80211_CMD_ADD_TX_TS,
11007 .doit = nl80211_add_tx_ts,
11008 .policy = nl80211_policy,
11009 .flags = GENL_ADMIN_PERM,
11010 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
11011 NL80211_FLAG_NEED_RTNL,
11012 },
11013 {
11014 .cmd = NL80211_CMD_DEL_TX_TS,
11015 .doit = nl80211_del_tx_ts,
11016 .policy = nl80211_policy,
11017 .flags = GENL_ADMIN_PERM,
11018 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
11019 NL80211_FLAG_NEED_RTNL,
11020 },
11021 {
11022 .cmd = NL80211_CMD_TDLS_CHANNEL_SWITCH,
11023 .doit = nl80211_tdls_channel_switch,
11024 .policy = nl80211_policy,
11025 .flags = GENL_ADMIN_PERM,
11026 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
11027 NL80211_FLAG_NEED_RTNL,
11028 },
11029 {
11030 .cmd = NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH,
11031 .doit = nl80211_tdls_cancel_channel_switch,
11032 .policy = nl80211_policy,
11033 .flags = GENL_ADMIN_PERM,
11034 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
11035 NL80211_FLAG_NEED_RTNL,
11036 },
11037};
11038
11039
11040
11041void nl80211_notify_wiphy(struct cfg80211_registered_device *rdev,
11042 enum nl80211_commands cmd)
11043{
11044 struct sk_buff *msg;
11045 struct nl80211_dump_wiphy_state state = {};
11046
11047 WARN_ON(cmd != NL80211_CMD_NEW_WIPHY &&
11048 cmd != NL80211_CMD_DEL_WIPHY);
11049
11050 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
11051 if (!msg)
11052 return;
11053
11054 if (nl80211_send_wiphy(rdev, cmd, msg, 0, 0, 0, &state) < 0) {
11055 nlmsg_free(msg);
11056 return;
11057 }
11058
11059 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11060 NL80211_MCGRP_CONFIG, GFP_KERNEL);
11061}
11062
11063static int nl80211_add_scan_req(struct sk_buff *msg,
11064 struct cfg80211_registered_device *rdev)
11065{
11066 struct cfg80211_scan_request *req = rdev->scan_req;
11067 struct nlattr *nest;
11068 int i;
11069
11070 if (WARN_ON(!req))
11071 return 0;
11072
11073 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_SSIDS);
11074 if (!nest)
11075 goto nla_put_failure;
11076 for (i = 0; i < req->n_ssids; i++) {
11077 if (nla_put(msg, i, req->ssids[i].ssid_len, req->ssids[i].ssid))
11078 goto nla_put_failure;
11079 }
11080 nla_nest_end(msg, nest);
11081
11082 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_FREQUENCIES);
11083 if (!nest)
11084 goto nla_put_failure;
11085 for (i = 0; i < req->n_channels; i++) {
11086 if (nla_put_u32(msg, i, req->channels[i]->center_freq))
11087 goto nla_put_failure;
11088 }
11089 nla_nest_end(msg, nest);
11090
11091 if (req->ie &&
11092 nla_put(msg, NL80211_ATTR_IE, req->ie_len, req->ie))
11093 goto nla_put_failure;
11094
11095 if (req->flags &&
11096 nla_put_u32(msg, NL80211_ATTR_SCAN_FLAGS, req->flags))
11097 goto nla_put_failure;
11098
11099 return 0;
11100 nla_put_failure:
11101 return -ENOBUFS;
11102}
11103
11104static int nl80211_send_scan_msg(struct sk_buff *msg,
11105 struct cfg80211_registered_device *rdev,
11106 struct wireless_dev *wdev,
11107 u32 portid, u32 seq, int flags,
11108 u32 cmd)
11109{
11110 void *hdr;
11111
11112 hdr = nl80211hdr_put(msg, portid, seq, flags, cmd);
11113 if (!hdr)
11114 return -1;
11115
11116 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
11117 (wdev->netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
11118 wdev->netdev->ifindex)) ||
11119 nla_put_u64(msg, NL80211_ATTR_WDEV, wdev_id(wdev)))
11120 goto nla_put_failure;
11121
11122
11123 nl80211_add_scan_req(msg, rdev);
11124
11125 genlmsg_end(msg, hdr);
11126 return 0;
11127
11128 nla_put_failure:
11129 genlmsg_cancel(msg, hdr);
11130 return -EMSGSIZE;
11131}
11132
11133static int
11134nl80211_send_sched_scan_msg(struct sk_buff *msg,
11135 struct cfg80211_registered_device *rdev,
11136 struct net_device *netdev,
11137 u32 portid, u32 seq, int flags, u32 cmd)
11138{
11139 void *hdr;
11140
11141 hdr = nl80211hdr_put(msg, portid, seq, flags, cmd);
11142 if (!hdr)
11143 return -1;
11144
11145 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
11146 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex))
11147 goto nla_put_failure;
11148
11149 genlmsg_end(msg, hdr);
11150 return 0;
11151
11152 nla_put_failure:
11153 genlmsg_cancel(msg, hdr);
11154 return -EMSGSIZE;
11155}
11156
11157void nl80211_send_scan_start(struct cfg80211_registered_device *rdev,
11158 struct wireless_dev *wdev)
11159{
11160 struct sk_buff *msg;
11161
11162 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
11163 if (!msg)
11164 return;
11165
11166 if (nl80211_send_scan_msg(msg, rdev, wdev, 0, 0, 0,
11167 NL80211_CMD_TRIGGER_SCAN) < 0) {
11168 nlmsg_free(msg);
11169 return;
11170 }
11171
11172 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11173 NL80211_MCGRP_SCAN, GFP_KERNEL);
11174}
11175
11176struct sk_buff *nl80211_build_scan_msg(struct cfg80211_registered_device *rdev,
11177 struct wireless_dev *wdev, bool aborted)
11178{
11179 struct sk_buff *msg;
11180
11181 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
11182 if (!msg)
11183 return NULL;
11184
11185 if (nl80211_send_scan_msg(msg, rdev, wdev, 0, 0, 0,
11186 aborted ? NL80211_CMD_SCAN_ABORTED :
11187 NL80211_CMD_NEW_SCAN_RESULTS) < 0) {
11188 nlmsg_free(msg);
11189 return NULL;
11190 }
11191
11192 return msg;
11193}
11194
11195void nl80211_send_scan_result(struct cfg80211_registered_device *rdev,
11196 struct sk_buff *msg)
11197{
11198 if (!msg)
11199 return;
11200
11201 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11202 NL80211_MCGRP_SCAN, GFP_KERNEL);
11203}
11204
11205void nl80211_send_sched_scan_results(struct cfg80211_registered_device *rdev,
11206 struct net_device *netdev)
11207{
11208 struct sk_buff *msg;
11209
11210 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
11211 if (!msg)
11212 return;
11213
11214 if (nl80211_send_sched_scan_msg(msg, rdev, netdev, 0, 0, 0,
11215 NL80211_CMD_SCHED_SCAN_RESULTS) < 0) {
11216 nlmsg_free(msg);
11217 return;
11218 }
11219
11220 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11221 NL80211_MCGRP_SCAN, GFP_KERNEL);
11222}
11223
11224void nl80211_send_sched_scan(struct cfg80211_registered_device *rdev,
11225 struct net_device *netdev, u32 cmd)
11226{
11227 struct sk_buff *msg;
11228
11229 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
11230 if (!msg)
11231 return;
11232
11233 if (nl80211_send_sched_scan_msg(msg, rdev, netdev, 0, 0, 0, cmd) < 0) {
11234 nlmsg_free(msg);
11235 return;
11236 }
11237
11238 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11239 NL80211_MCGRP_SCAN, GFP_KERNEL);
11240}
11241
11242static bool nl80211_reg_change_event_fill(struct sk_buff *msg,
11243 struct regulatory_request *request)
11244{
11245
11246 if (nla_put_u8(msg, NL80211_ATTR_REG_INITIATOR, request->initiator))
11247 goto nla_put_failure;
11248
11249 if (request->alpha2[0] == '0' && request->alpha2[1] == '0') {
11250 if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE,
11251 NL80211_REGDOM_TYPE_WORLD))
11252 goto nla_put_failure;
11253 } else if (request->alpha2[0] == '9' && request->alpha2[1] == '9') {
11254 if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE,
11255 NL80211_REGDOM_TYPE_CUSTOM_WORLD))
11256 goto nla_put_failure;
11257 } else if ((request->alpha2[0] == '9' && request->alpha2[1] == '8') ||
11258 request->intersect) {
11259 if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE,
11260 NL80211_REGDOM_TYPE_INTERSECTION))
11261 goto nla_put_failure;
11262 } else {
11263 if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE,
11264 NL80211_REGDOM_TYPE_COUNTRY) ||
11265 nla_put_string(msg, NL80211_ATTR_REG_ALPHA2,
11266 request->alpha2))
11267 goto nla_put_failure;
11268 }
11269
11270 if (request->wiphy_idx != WIPHY_IDX_INVALID) {
11271 struct wiphy *wiphy = wiphy_idx_to_wiphy(request->wiphy_idx);
11272
11273 if (wiphy &&
11274 nla_put_u32(msg, NL80211_ATTR_WIPHY, request->wiphy_idx))
11275 goto nla_put_failure;
11276
11277 if (wiphy &&
11278 wiphy->regulatory_flags & REGULATORY_WIPHY_SELF_MANAGED &&
11279 nla_put_flag(msg, NL80211_ATTR_WIPHY_SELF_MANAGED_REG))
11280 goto nla_put_failure;
11281 }
11282
11283 return true;
11284
11285nla_put_failure:
11286 return false;
11287}
11288
11289
11290
11291
11292
11293void nl80211_common_reg_change_event(enum nl80211_commands cmd_id,
11294 struct regulatory_request *request)
11295{
11296 struct sk_buff *msg;
11297 void *hdr;
11298
11299 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
11300 if (!msg)
11301 return;
11302
11303 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd_id);
11304 if (!hdr) {
11305 nlmsg_free(msg);
11306 return;
11307 }
11308
11309 if (nl80211_reg_change_event_fill(msg, request) == false)
11310 goto nla_put_failure;
11311
11312 genlmsg_end(msg, hdr);
11313
11314 rcu_read_lock();
11315 genlmsg_multicast_allns(&nl80211_fam, msg, 0,
11316 NL80211_MCGRP_REGULATORY, GFP_ATOMIC);
11317 rcu_read_unlock();
11318
11319 return;
11320
11321nla_put_failure:
11322 genlmsg_cancel(msg, hdr);
11323 nlmsg_free(msg);
11324}
11325
11326static void nl80211_send_mlme_event(struct cfg80211_registered_device *rdev,
11327 struct net_device *netdev,
11328 const u8 *buf, size_t len,
11329 enum nl80211_commands cmd, gfp_t gfp,
11330 int uapsd_queues)
11331{
11332 struct sk_buff *msg;
11333 void *hdr;
11334
11335 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
11336 if (!msg)
11337 return;
11338
11339 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
11340 if (!hdr) {
11341 nlmsg_free(msg);
11342 return;
11343 }
11344
11345 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
11346 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
11347 nla_put(msg, NL80211_ATTR_FRAME, len, buf))
11348 goto nla_put_failure;
11349
11350 if (uapsd_queues >= 0) {
11351 struct nlattr *nla_wmm =
11352 nla_nest_start(msg, NL80211_ATTR_STA_WME);
11353 if (!nla_wmm)
11354 goto nla_put_failure;
11355
11356 if (nla_put_u8(msg, NL80211_STA_WME_UAPSD_QUEUES,
11357 uapsd_queues))
11358 goto nla_put_failure;
11359
11360 nla_nest_end(msg, nla_wmm);
11361 }
11362
11363 genlmsg_end(msg, hdr);
11364
11365 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11366 NL80211_MCGRP_MLME, gfp);
11367 return;
11368
11369 nla_put_failure:
11370 genlmsg_cancel(msg, hdr);
11371 nlmsg_free(msg);
11372}
11373
11374void nl80211_send_rx_auth(struct cfg80211_registered_device *rdev,
11375 struct net_device *netdev, const u8 *buf,
11376 size_t len, gfp_t gfp)
11377{
11378 nl80211_send_mlme_event(rdev, netdev, buf, len,
11379 NL80211_CMD_AUTHENTICATE, gfp, -1);
11380}
11381
11382void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev,
11383 struct net_device *netdev, const u8 *buf,
11384 size_t len, gfp_t gfp, int uapsd_queues)
11385{
11386 nl80211_send_mlme_event(rdev, netdev, buf, len,
11387 NL80211_CMD_ASSOCIATE, gfp, uapsd_queues);
11388}
11389
11390void nl80211_send_deauth(struct cfg80211_registered_device *rdev,
11391 struct net_device *netdev, const u8 *buf,
11392 size_t len, gfp_t gfp)
11393{
11394 nl80211_send_mlme_event(rdev, netdev, buf, len,
11395 NL80211_CMD_DEAUTHENTICATE, gfp, -1);
11396}
11397
11398void nl80211_send_disassoc(struct cfg80211_registered_device *rdev,
11399 struct net_device *netdev, const u8 *buf,
11400 size_t len, gfp_t gfp)
11401{
11402 nl80211_send_mlme_event(rdev, netdev, buf, len,
11403 NL80211_CMD_DISASSOCIATE, gfp, -1);
11404}
11405
11406void cfg80211_rx_unprot_mlme_mgmt(struct net_device *dev, const u8 *buf,
11407 size_t len)
11408{
11409 struct wireless_dev *wdev = dev->ieee80211_ptr;
11410 struct wiphy *wiphy = wdev->wiphy;
11411 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
11412 const struct ieee80211_mgmt *mgmt = (void *)buf;
11413 u32 cmd;
11414
11415 if (WARN_ON(len < 2))
11416 return;
11417
11418 if (ieee80211_is_deauth(mgmt->frame_control))
11419 cmd = NL80211_CMD_UNPROT_DEAUTHENTICATE;
11420 else
11421 cmd = NL80211_CMD_UNPROT_DISASSOCIATE;
11422
11423 trace_cfg80211_rx_unprot_mlme_mgmt(dev, buf, len);
11424 nl80211_send_mlme_event(rdev, dev, buf, len, cmd, GFP_ATOMIC, -1);
11425}
11426EXPORT_SYMBOL(cfg80211_rx_unprot_mlme_mgmt);
11427
11428static void nl80211_send_mlme_timeout(struct cfg80211_registered_device *rdev,
11429 struct net_device *netdev, int cmd,
11430 const u8 *addr, gfp_t gfp)
11431{
11432 struct sk_buff *msg;
11433 void *hdr;
11434
11435 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
11436 if (!msg)
11437 return;
11438
11439 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
11440 if (!hdr) {
11441 nlmsg_free(msg);
11442 return;
11443 }
11444
11445 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
11446 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
11447 nla_put_flag(msg, NL80211_ATTR_TIMED_OUT) ||
11448 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr))
11449 goto nla_put_failure;
11450
11451 genlmsg_end(msg, hdr);
11452
11453 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11454 NL80211_MCGRP_MLME, gfp);
11455 return;
11456
11457 nla_put_failure:
11458 genlmsg_cancel(msg, hdr);
11459 nlmsg_free(msg);
11460}
11461
11462void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev,
11463 struct net_device *netdev, const u8 *addr,
11464 gfp_t gfp)
11465{
11466 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_AUTHENTICATE,
11467 addr, gfp);
11468}
11469
11470void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev,
11471 struct net_device *netdev, const u8 *addr,
11472 gfp_t gfp)
11473{
11474 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_ASSOCIATE,
11475 addr, gfp);
11476}
11477
11478void nl80211_send_connect_result(struct cfg80211_registered_device *rdev,
11479 struct net_device *netdev, const u8 *bssid,
11480 const u8 *req_ie, size_t req_ie_len,
11481 const u8 *resp_ie, size_t resp_ie_len,
11482 u16 status, gfp_t gfp)
11483{
11484 struct sk_buff *msg;
11485 void *hdr;
11486
11487 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
11488 if (!msg)
11489 return;
11490
11491 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONNECT);
11492 if (!hdr) {
11493 nlmsg_free(msg);
11494 return;
11495 }
11496
11497 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
11498 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
11499 (bssid && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid)) ||
11500 nla_put_u16(msg, NL80211_ATTR_STATUS_CODE, status) ||
11501 (req_ie &&
11502 nla_put(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie)) ||
11503 (resp_ie &&
11504 nla_put(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie)))
11505 goto nla_put_failure;
11506
11507 genlmsg_end(msg, hdr);
11508
11509 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11510 NL80211_MCGRP_MLME, gfp);
11511 return;
11512
11513 nla_put_failure:
11514 genlmsg_cancel(msg, hdr);
11515 nlmsg_free(msg);
11516
11517}
11518
11519void nl80211_send_roamed(struct cfg80211_registered_device *rdev,
11520 struct net_device *netdev, const u8 *bssid,
11521 const u8 *req_ie, size_t req_ie_len,
11522 const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp)
11523{
11524 struct sk_buff *msg;
11525 void *hdr;
11526
11527 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
11528 if (!msg)
11529 return;
11530
11531 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_ROAM);
11532 if (!hdr) {
11533 nlmsg_free(msg);
11534 return;
11535 }
11536
11537 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
11538 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
11539 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid) ||
11540 (req_ie &&
11541 nla_put(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie)) ||
11542 (resp_ie &&
11543 nla_put(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie)))
11544 goto nla_put_failure;
11545
11546 genlmsg_end(msg, hdr);
11547
11548 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11549 NL80211_MCGRP_MLME, gfp);
11550 return;
11551
11552 nla_put_failure:
11553 genlmsg_cancel(msg, hdr);
11554 nlmsg_free(msg);
11555
11556}
11557
11558void nl80211_send_disconnected(struct cfg80211_registered_device *rdev,
11559 struct net_device *netdev, u16 reason,
11560 const u8 *ie, size_t ie_len, bool from_ap)
11561{
11562 struct sk_buff *msg;
11563 void *hdr;
11564
11565 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
11566 if (!msg)
11567 return;
11568
11569 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DISCONNECT);
11570 if (!hdr) {
11571 nlmsg_free(msg);
11572 return;
11573 }
11574
11575 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
11576 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
11577 (from_ap && reason &&
11578 nla_put_u16(msg, NL80211_ATTR_REASON_CODE, reason)) ||
11579 (from_ap &&
11580 nla_put_flag(msg, NL80211_ATTR_DISCONNECTED_BY_AP)) ||
11581 (ie && nla_put(msg, NL80211_ATTR_IE, ie_len, ie)))
11582 goto nla_put_failure;
11583
11584 genlmsg_end(msg, hdr);
11585
11586 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11587 NL80211_MCGRP_MLME, GFP_KERNEL);
11588 return;
11589
11590 nla_put_failure:
11591 genlmsg_cancel(msg, hdr);
11592 nlmsg_free(msg);
11593
11594}
11595
11596void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev,
11597 struct net_device *netdev, const u8 *bssid,
11598 gfp_t gfp)
11599{
11600 struct sk_buff *msg;
11601 void *hdr;
11602
11603 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
11604 if (!msg)
11605 return;
11606
11607 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_JOIN_IBSS);
11608 if (!hdr) {
11609 nlmsg_free(msg);
11610 return;
11611 }
11612
11613 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
11614 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
11615 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid))
11616 goto nla_put_failure;
11617
11618 genlmsg_end(msg, hdr);
11619
11620 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11621 NL80211_MCGRP_MLME, gfp);
11622 return;
11623
11624 nla_put_failure:
11625 genlmsg_cancel(msg, hdr);
11626 nlmsg_free(msg);
11627}
11628
11629void cfg80211_notify_new_peer_candidate(struct net_device *dev, const u8 *addr,
11630 const u8* ie, u8 ie_len, gfp_t gfp)
11631{
11632 struct wireless_dev *wdev = dev->ieee80211_ptr;
11633 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
11634 struct sk_buff *msg;
11635 void *hdr;
11636
11637 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_MESH_POINT))
11638 return;
11639
11640 trace_cfg80211_notify_new_peer_candidate(dev, addr);
11641
11642 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
11643 if (!msg)
11644 return;
11645
11646 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NEW_PEER_CANDIDATE);
11647 if (!hdr) {
11648 nlmsg_free(msg);
11649 return;
11650 }
11651
11652 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
11653 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
11654 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
11655 (ie_len && ie &&
11656 nla_put(msg, NL80211_ATTR_IE, ie_len , ie)))
11657 goto nla_put_failure;
11658
11659 genlmsg_end(msg, hdr);
11660
11661 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11662 NL80211_MCGRP_MLME, gfp);
11663 return;
11664
11665 nla_put_failure:
11666 genlmsg_cancel(msg, hdr);
11667 nlmsg_free(msg);
11668}
11669EXPORT_SYMBOL(cfg80211_notify_new_peer_candidate);
11670
11671void nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev,
11672 struct net_device *netdev, const u8 *addr,
11673 enum nl80211_key_type key_type, int key_id,
11674 const u8 *tsc, gfp_t gfp)
11675{
11676 struct sk_buff *msg;
11677 void *hdr;
11678
11679 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
11680 if (!msg)
11681 return;
11682
11683 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_MICHAEL_MIC_FAILURE);
11684 if (!hdr) {
11685 nlmsg_free(msg);
11686 return;
11687 }
11688
11689 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
11690 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
11691 (addr && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) ||
11692 nla_put_u32(msg, NL80211_ATTR_KEY_TYPE, key_type) ||
11693 (key_id != -1 &&
11694 nla_put_u8(msg, NL80211_ATTR_KEY_IDX, key_id)) ||
11695 (tsc && nla_put(msg, NL80211_ATTR_KEY_SEQ, 6, tsc)))
11696 goto nla_put_failure;
11697
11698 genlmsg_end(msg, hdr);
11699
11700 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11701 NL80211_MCGRP_MLME, gfp);
11702 return;
11703
11704 nla_put_failure:
11705 genlmsg_cancel(msg, hdr);
11706 nlmsg_free(msg);
11707}
11708
11709void nl80211_send_beacon_hint_event(struct wiphy *wiphy,
11710 struct ieee80211_channel *channel_before,
11711 struct ieee80211_channel *channel_after)
11712{
11713 struct sk_buff *msg;
11714 void *hdr;
11715 struct nlattr *nl_freq;
11716
11717 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC);
11718 if (!msg)
11719 return;
11720
11721 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_BEACON_HINT);
11722 if (!hdr) {
11723 nlmsg_free(msg);
11724 return;
11725 }
11726
11727
11728
11729
11730
11731 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy)))
11732 goto nla_put_failure;
11733
11734
11735 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_BEFORE);
11736 if (!nl_freq)
11737 goto nla_put_failure;
11738 if (nl80211_msg_put_channel(msg, channel_before, false))
11739 goto nla_put_failure;
11740 nla_nest_end(msg, nl_freq);
11741
11742
11743 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_AFTER);
11744 if (!nl_freq)
11745 goto nla_put_failure;
11746 if (nl80211_msg_put_channel(msg, channel_after, false))
11747 goto nla_put_failure;
11748 nla_nest_end(msg, nl_freq);
11749
11750 genlmsg_end(msg, hdr);
11751
11752 rcu_read_lock();
11753 genlmsg_multicast_allns(&nl80211_fam, msg, 0,
11754 NL80211_MCGRP_REGULATORY, GFP_ATOMIC);
11755 rcu_read_unlock();
11756
11757 return;
11758
11759nla_put_failure:
11760 genlmsg_cancel(msg, hdr);
11761 nlmsg_free(msg);
11762}
11763
11764static void nl80211_send_remain_on_chan_event(
11765 int cmd, struct cfg80211_registered_device *rdev,
11766 struct wireless_dev *wdev, u64 cookie,
11767 struct ieee80211_channel *chan,
11768 unsigned int duration, gfp_t gfp)
11769{
11770 struct sk_buff *msg;
11771 void *hdr;
11772
11773 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
11774 if (!msg)
11775 return;
11776
11777 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
11778 if (!hdr) {
11779 nlmsg_free(msg);
11780 return;
11781 }
11782
11783 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
11784 (wdev->netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
11785 wdev->netdev->ifindex)) ||
11786 nla_put_u64(msg, NL80211_ATTR_WDEV, wdev_id(wdev)) ||
11787 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, chan->center_freq) ||
11788 nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
11789 NL80211_CHAN_NO_HT) ||
11790 nla_put_u64(msg, NL80211_ATTR_COOKIE, cookie))
11791 goto nla_put_failure;
11792
11793 if (cmd == NL80211_CMD_REMAIN_ON_CHANNEL &&
11794 nla_put_u32(msg, NL80211_ATTR_DURATION, duration))
11795 goto nla_put_failure;
11796
11797 genlmsg_end(msg, hdr);
11798
11799 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11800 NL80211_MCGRP_MLME, gfp);
11801 return;
11802
11803 nla_put_failure:
11804 genlmsg_cancel(msg, hdr);
11805 nlmsg_free(msg);
11806}
11807
11808void cfg80211_ready_on_channel(struct wireless_dev *wdev, u64 cookie,
11809 struct ieee80211_channel *chan,
11810 unsigned int duration, gfp_t gfp)
11811{
11812 struct wiphy *wiphy = wdev->wiphy;
11813 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
11814
11815 trace_cfg80211_ready_on_channel(wdev, cookie, chan, duration);
11816 nl80211_send_remain_on_chan_event(NL80211_CMD_REMAIN_ON_CHANNEL,
11817 rdev, wdev, cookie, chan,
11818 duration, gfp);
11819}
11820EXPORT_SYMBOL(cfg80211_ready_on_channel);
11821
11822void cfg80211_remain_on_channel_expired(struct wireless_dev *wdev, u64 cookie,
11823 struct ieee80211_channel *chan,
11824 gfp_t gfp)
11825{
11826 struct wiphy *wiphy = wdev->wiphy;
11827 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
11828
11829 trace_cfg80211_ready_on_channel_expired(wdev, cookie, chan);
11830 nl80211_send_remain_on_chan_event(NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL,
11831 rdev, wdev, cookie, chan, 0, gfp);
11832}
11833EXPORT_SYMBOL(cfg80211_remain_on_channel_expired);
11834
11835void cfg80211_new_sta(struct net_device *dev, const u8 *mac_addr,
11836 struct station_info *sinfo, gfp_t gfp)
11837{
11838 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy;
11839 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
11840 struct sk_buff *msg;
11841
11842 trace_cfg80211_new_sta(dev, mac_addr, sinfo);
11843
11844 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
11845 if (!msg)
11846 return;
11847
11848 if (nl80211_send_station(msg, NL80211_CMD_NEW_STATION, 0, 0, 0,
11849 rdev, dev, mac_addr, sinfo) < 0) {
11850 nlmsg_free(msg);
11851 return;
11852 }
11853
11854 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11855 NL80211_MCGRP_MLME, gfp);
11856}
11857EXPORT_SYMBOL(cfg80211_new_sta);
11858
11859void cfg80211_del_sta_sinfo(struct net_device *dev, const u8 *mac_addr,
11860 struct station_info *sinfo, gfp_t gfp)
11861{
11862 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy;
11863 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
11864 struct sk_buff *msg;
11865 struct station_info empty_sinfo = {};
11866
11867 if (!sinfo)
11868 sinfo = &empty_sinfo;
11869
11870 trace_cfg80211_del_sta(dev, mac_addr);
11871
11872 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
11873 if (!msg)
11874 return;
11875
11876 if (nl80211_send_station(msg, NL80211_CMD_DEL_STATION, 0, 0, 0,
11877 rdev, dev, mac_addr, sinfo) < 0) {
11878 nlmsg_free(msg);
11879 return;
11880 }
11881
11882 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11883 NL80211_MCGRP_MLME, gfp);
11884}
11885EXPORT_SYMBOL(cfg80211_del_sta_sinfo);
11886
11887void cfg80211_conn_failed(struct net_device *dev, const u8 *mac_addr,
11888 enum nl80211_connect_failed_reason reason,
11889 gfp_t gfp)
11890{
11891 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy;
11892 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
11893 struct sk_buff *msg;
11894 void *hdr;
11895
11896 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
11897 if (!msg)
11898 return;
11899
11900 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONN_FAILED);
11901 if (!hdr) {
11902 nlmsg_free(msg);
11903 return;
11904 }
11905
11906 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
11907 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr) ||
11908 nla_put_u32(msg, NL80211_ATTR_CONN_FAILED_REASON, reason))
11909 goto nla_put_failure;
11910
11911 genlmsg_end(msg, hdr);
11912
11913 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
11914 NL80211_MCGRP_MLME, gfp);
11915 return;
11916
11917 nla_put_failure:
11918 genlmsg_cancel(msg, hdr);
11919 nlmsg_free(msg);
11920}
11921EXPORT_SYMBOL(cfg80211_conn_failed);
11922
11923static bool __nl80211_unexpected_frame(struct net_device *dev, u8 cmd,
11924 const u8 *addr, gfp_t gfp)
11925{
11926 struct wireless_dev *wdev = dev->ieee80211_ptr;
11927 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
11928 struct sk_buff *msg;
11929 void *hdr;
11930 u32 nlportid = ACCESS_ONCE(wdev->ap_unexpected_nlportid);
11931
11932 if (!nlportid)
11933 return false;
11934
11935 msg = nlmsg_new(100, gfp);
11936 if (!msg)
11937 return true;
11938
11939 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
11940 if (!hdr) {
11941 nlmsg_free(msg);
11942 return true;
11943 }
11944
11945 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
11946 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
11947 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr))
11948 goto nla_put_failure;
11949
11950 genlmsg_end(msg, hdr);
11951 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlportid);
11952 return true;
11953
11954 nla_put_failure:
11955 genlmsg_cancel(msg, hdr);
11956 nlmsg_free(msg);
11957 return true;
11958}
11959
11960bool cfg80211_rx_spurious_frame(struct net_device *dev,
11961 const u8 *addr, gfp_t gfp)
11962{
11963 struct wireless_dev *wdev = dev->ieee80211_ptr;
11964 bool ret;
11965
11966 trace_cfg80211_rx_spurious_frame(dev, addr);
11967
11968 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_AP &&
11969 wdev->iftype != NL80211_IFTYPE_P2P_GO)) {
11970 trace_cfg80211_return_bool(false);
11971 return false;
11972 }
11973 ret = __nl80211_unexpected_frame(dev, NL80211_CMD_UNEXPECTED_FRAME,
11974 addr, gfp);
11975 trace_cfg80211_return_bool(ret);
11976 return ret;
11977}
11978EXPORT_SYMBOL(cfg80211_rx_spurious_frame);
11979
11980bool cfg80211_rx_unexpected_4addr_frame(struct net_device *dev,
11981 const u8 *addr, gfp_t gfp)
11982{
11983 struct wireless_dev *wdev = dev->ieee80211_ptr;
11984 bool ret;
11985
11986 trace_cfg80211_rx_unexpected_4addr_frame(dev, addr);
11987
11988 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_AP &&
11989 wdev->iftype != NL80211_IFTYPE_P2P_GO &&
11990 wdev->iftype != NL80211_IFTYPE_AP_VLAN)) {
11991 trace_cfg80211_return_bool(false);
11992 return false;
11993 }
11994 ret = __nl80211_unexpected_frame(dev,
11995 NL80211_CMD_UNEXPECTED_4ADDR_FRAME,
11996 addr, gfp);
11997 trace_cfg80211_return_bool(ret);
11998 return ret;
11999}
12000EXPORT_SYMBOL(cfg80211_rx_unexpected_4addr_frame);
12001
12002int nl80211_send_mgmt(struct cfg80211_registered_device *rdev,
12003 struct wireless_dev *wdev, u32 nlportid,
12004 int freq, int sig_dbm,
12005 const u8 *buf, size_t len, u32 flags, gfp_t gfp)
12006{
12007 struct net_device *netdev = wdev->netdev;
12008 struct sk_buff *msg;
12009 void *hdr;
12010
12011 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
12012 if (!msg)
12013 return -ENOMEM;
12014
12015 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME);
12016 if (!hdr) {
12017 nlmsg_free(msg);
12018 return -ENOMEM;
12019 }
12020
12021 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
12022 (netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
12023 netdev->ifindex)) ||
12024 nla_put_u64(msg, NL80211_ATTR_WDEV, wdev_id(wdev)) ||
12025 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq) ||
12026 (sig_dbm &&
12027 nla_put_u32(msg, NL80211_ATTR_RX_SIGNAL_DBM, sig_dbm)) ||
12028 nla_put(msg, NL80211_ATTR_FRAME, len, buf) ||
12029 (flags &&
12030 nla_put_u32(msg, NL80211_ATTR_RXMGMT_FLAGS, flags)))
12031 goto nla_put_failure;
12032
12033 genlmsg_end(msg, hdr);
12034
12035 return genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlportid);
12036
12037 nla_put_failure:
12038 genlmsg_cancel(msg, hdr);
12039 nlmsg_free(msg);
12040 return -ENOBUFS;
12041}
12042
12043void cfg80211_mgmt_tx_status(struct wireless_dev *wdev, u64 cookie,
12044 const u8 *buf, size_t len, bool ack, gfp_t gfp)
12045{
12046 struct wiphy *wiphy = wdev->wiphy;
12047 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
12048 struct net_device *netdev = wdev->netdev;
12049 struct sk_buff *msg;
12050 void *hdr;
12051
12052 trace_cfg80211_mgmt_tx_status(wdev, cookie, ack);
12053
12054 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
12055 if (!msg)
12056 return;
12057
12058 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME_TX_STATUS);
12059 if (!hdr) {
12060 nlmsg_free(msg);
12061 return;
12062 }
12063
12064 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
12065 (netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
12066 netdev->ifindex)) ||
12067 nla_put_u64(msg, NL80211_ATTR_WDEV, wdev_id(wdev)) ||
12068 nla_put(msg, NL80211_ATTR_FRAME, len, buf) ||
12069 nla_put_u64(msg, NL80211_ATTR_COOKIE, cookie) ||
12070 (ack && nla_put_flag(msg, NL80211_ATTR_ACK)))
12071 goto nla_put_failure;
12072
12073 genlmsg_end(msg, hdr);
12074
12075 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
12076 NL80211_MCGRP_MLME, gfp);
12077 return;
12078
12079 nla_put_failure:
12080 genlmsg_cancel(msg, hdr);
12081 nlmsg_free(msg);
12082}
12083EXPORT_SYMBOL(cfg80211_mgmt_tx_status);
12084
12085static struct sk_buff *cfg80211_prepare_cqm(struct net_device *dev,
12086 const char *mac, gfp_t gfp)
12087{
12088 struct wireless_dev *wdev = dev->ieee80211_ptr;
12089 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
12090 struct sk_buff *msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
12091 void **cb;
12092
12093 if (!msg)
12094 return NULL;
12095
12096 cb = (void **)msg->cb;
12097
12098 cb[0] = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM);
12099 if (!cb[0]) {
12100 nlmsg_free(msg);
12101 return NULL;
12102 }
12103
12104 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
12105 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex))
12106 goto nla_put_failure;
12107
12108 if (mac && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac))
12109 goto nla_put_failure;
12110
12111 cb[1] = nla_nest_start(msg, NL80211_ATTR_CQM);
12112 if (!cb[1])
12113 goto nla_put_failure;
12114
12115 cb[2] = rdev;
12116
12117 return msg;
12118 nla_put_failure:
12119 nlmsg_free(msg);
12120 return NULL;
12121}
12122
12123static void cfg80211_send_cqm(struct sk_buff *msg, gfp_t gfp)
12124{
12125 void **cb = (void **)msg->cb;
12126 struct cfg80211_registered_device *rdev = cb[2];
12127
12128 nla_nest_end(msg, cb[1]);
12129 genlmsg_end(msg, cb[0]);
12130
12131 memset(msg->cb, 0, sizeof(msg->cb));
12132
12133 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
12134 NL80211_MCGRP_MLME, gfp);
12135}
12136
12137void cfg80211_cqm_rssi_notify(struct net_device *dev,
12138 enum nl80211_cqm_rssi_threshold_event rssi_event,
12139 gfp_t gfp)
12140{
12141 struct sk_buff *msg;
12142
12143 trace_cfg80211_cqm_rssi_notify(dev, rssi_event);
12144
12145 if (WARN_ON(rssi_event != NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW &&
12146 rssi_event != NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH))
12147 return;
12148
12149 msg = cfg80211_prepare_cqm(dev, NULL, gfp);
12150 if (!msg)
12151 return;
12152
12153 if (nla_put_u32(msg, NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT,
12154 rssi_event))
12155 goto nla_put_failure;
12156
12157 cfg80211_send_cqm(msg, gfp);
12158
12159 return;
12160
12161 nla_put_failure:
12162 nlmsg_free(msg);
12163}
12164EXPORT_SYMBOL(cfg80211_cqm_rssi_notify);
12165
12166void cfg80211_cqm_txe_notify(struct net_device *dev,
12167 const u8 *peer, u32 num_packets,
12168 u32 rate, u32 intvl, gfp_t gfp)
12169{
12170 struct sk_buff *msg;
12171
12172 msg = cfg80211_prepare_cqm(dev, peer, gfp);
12173 if (!msg)
12174 return;
12175
12176 if (nla_put_u32(msg, NL80211_ATTR_CQM_TXE_PKTS, num_packets))
12177 goto nla_put_failure;
12178
12179 if (nla_put_u32(msg, NL80211_ATTR_CQM_TXE_RATE, rate))
12180 goto nla_put_failure;
12181
12182 if (nla_put_u32(msg, NL80211_ATTR_CQM_TXE_INTVL, intvl))
12183 goto nla_put_failure;
12184
12185 cfg80211_send_cqm(msg, gfp);
12186 return;
12187
12188 nla_put_failure:
12189 nlmsg_free(msg);
12190}
12191EXPORT_SYMBOL(cfg80211_cqm_txe_notify);
12192
12193void cfg80211_cqm_pktloss_notify(struct net_device *dev,
12194 const u8 *peer, u32 num_packets, gfp_t gfp)
12195{
12196 struct sk_buff *msg;
12197
12198 trace_cfg80211_cqm_pktloss_notify(dev, peer, num_packets);
12199
12200 msg = cfg80211_prepare_cqm(dev, peer, gfp);
12201 if (!msg)
12202 return;
12203
12204 if (nla_put_u32(msg, NL80211_ATTR_CQM_PKT_LOSS_EVENT, num_packets))
12205 goto nla_put_failure;
12206
12207 cfg80211_send_cqm(msg, gfp);
12208 return;
12209
12210 nla_put_failure:
12211 nlmsg_free(msg);
12212}
12213EXPORT_SYMBOL(cfg80211_cqm_pktloss_notify);
12214
12215void cfg80211_cqm_beacon_loss_notify(struct net_device *dev, gfp_t gfp)
12216{
12217 struct sk_buff *msg;
12218
12219 msg = cfg80211_prepare_cqm(dev, NULL, gfp);
12220 if (!msg)
12221 return;
12222
12223 if (nla_put_flag(msg, NL80211_ATTR_CQM_BEACON_LOSS_EVENT))
12224 goto nla_put_failure;
12225
12226 cfg80211_send_cqm(msg, gfp);
12227 return;
12228
12229 nla_put_failure:
12230 nlmsg_free(msg);
12231}
12232EXPORT_SYMBOL(cfg80211_cqm_beacon_loss_notify);
12233
12234static void nl80211_gtk_rekey_notify(struct cfg80211_registered_device *rdev,
12235 struct net_device *netdev, const u8 *bssid,
12236 const u8 *replay_ctr, gfp_t gfp)
12237{
12238 struct sk_buff *msg;
12239 struct nlattr *rekey_attr;
12240 void *hdr;
12241
12242 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
12243 if (!msg)
12244 return;
12245
12246 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_SET_REKEY_OFFLOAD);
12247 if (!hdr) {
12248 nlmsg_free(msg);
12249 return;
12250 }
12251
12252 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
12253 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
12254 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid))
12255 goto nla_put_failure;
12256
12257 rekey_attr = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA);
12258 if (!rekey_attr)
12259 goto nla_put_failure;
12260
12261 if (nla_put(msg, NL80211_REKEY_DATA_REPLAY_CTR,
12262 NL80211_REPLAY_CTR_LEN, replay_ctr))
12263 goto nla_put_failure;
12264
12265 nla_nest_end(msg, rekey_attr);
12266
12267 genlmsg_end(msg, hdr);
12268
12269 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
12270 NL80211_MCGRP_MLME, gfp);
12271 return;
12272
12273 nla_put_failure:
12274 genlmsg_cancel(msg, hdr);
12275 nlmsg_free(msg);
12276}
12277
12278void cfg80211_gtk_rekey_notify(struct net_device *dev, const u8 *bssid,
12279 const u8 *replay_ctr, gfp_t gfp)
12280{
12281 struct wireless_dev *wdev = dev->ieee80211_ptr;
12282 struct wiphy *wiphy = wdev->wiphy;
12283 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
12284
12285 trace_cfg80211_gtk_rekey_notify(dev, bssid);
12286 nl80211_gtk_rekey_notify(rdev, dev, bssid, replay_ctr, gfp);
12287}
12288EXPORT_SYMBOL(cfg80211_gtk_rekey_notify);
12289
12290static void
12291nl80211_pmksa_candidate_notify(struct cfg80211_registered_device *rdev,
12292 struct net_device *netdev, int index,
12293 const u8 *bssid, bool preauth, gfp_t gfp)
12294{
12295 struct sk_buff *msg;
12296 struct nlattr *attr;
12297 void *hdr;
12298
12299 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
12300 if (!msg)
12301 return;
12302
12303 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_PMKSA_CANDIDATE);
12304 if (!hdr) {
12305 nlmsg_free(msg);
12306 return;
12307 }
12308
12309 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
12310 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex))
12311 goto nla_put_failure;
12312
12313 attr = nla_nest_start(msg, NL80211_ATTR_PMKSA_CANDIDATE);
12314 if (!attr)
12315 goto nla_put_failure;
12316
12317 if (nla_put_u32(msg, NL80211_PMKSA_CANDIDATE_INDEX, index) ||
12318 nla_put(msg, NL80211_PMKSA_CANDIDATE_BSSID, ETH_ALEN, bssid) ||
12319 (preauth &&
12320 nla_put_flag(msg, NL80211_PMKSA_CANDIDATE_PREAUTH)))
12321 goto nla_put_failure;
12322
12323 nla_nest_end(msg, attr);
12324
12325 genlmsg_end(msg, hdr);
12326
12327 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
12328 NL80211_MCGRP_MLME, gfp);
12329 return;
12330
12331 nla_put_failure:
12332 genlmsg_cancel(msg, hdr);
12333 nlmsg_free(msg);
12334}
12335
12336void cfg80211_pmksa_candidate_notify(struct net_device *dev, int index,
12337 const u8 *bssid, bool preauth, gfp_t gfp)
12338{
12339 struct wireless_dev *wdev = dev->ieee80211_ptr;
12340 struct wiphy *wiphy = wdev->wiphy;
12341 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
12342
12343 trace_cfg80211_pmksa_candidate_notify(dev, index, bssid, preauth);
12344 nl80211_pmksa_candidate_notify(rdev, dev, index, bssid, preauth, gfp);
12345}
12346EXPORT_SYMBOL(cfg80211_pmksa_candidate_notify);
12347
12348static void nl80211_ch_switch_notify(struct cfg80211_registered_device *rdev,
12349 struct net_device *netdev,
12350 struct cfg80211_chan_def *chandef,
12351 gfp_t gfp,
12352 enum nl80211_commands notif,
12353 u8 count)
12354{
12355 struct sk_buff *msg;
12356 void *hdr;
12357
12358 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
12359 if (!msg)
12360 return;
12361
12362 hdr = nl80211hdr_put(msg, 0, 0, 0, notif);
12363 if (!hdr) {
12364 nlmsg_free(msg);
12365 return;
12366 }
12367
12368 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex))
12369 goto nla_put_failure;
12370
12371 if (nl80211_send_chandef(msg, chandef))
12372 goto nla_put_failure;
12373
12374 if ((notif == NL80211_CMD_CH_SWITCH_STARTED_NOTIFY) &&
12375 (nla_put_u32(msg, NL80211_ATTR_CH_SWITCH_COUNT, count)))
12376 goto nla_put_failure;
12377
12378 genlmsg_end(msg, hdr);
12379
12380 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
12381 NL80211_MCGRP_MLME, gfp);
12382 return;
12383
12384 nla_put_failure:
12385 genlmsg_cancel(msg, hdr);
12386 nlmsg_free(msg);
12387}
12388
12389void cfg80211_ch_switch_notify(struct net_device *dev,
12390 struct cfg80211_chan_def *chandef)
12391{
12392 struct wireless_dev *wdev = dev->ieee80211_ptr;
12393 struct wiphy *wiphy = wdev->wiphy;
12394 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
12395
12396 ASSERT_WDEV_LOCK(wdev);
12397
12398 trace_cfg80211_ch_switch_notify(dev, chandef);
12399
12400 wdev->chandef = *chandef;
12401 wdev->preset_chandef = *chandef;
12402 nl80211_ch_switch_notify(rdev, dev, chandef, GFP_KERNEL,
12403 NL80211_CMD_CH_SWITCH_NOTIFY, 0);
12404}
12405EXPORT_SYMBOL(cfg80211_ch_switch_notify);
12406
12407void cfg80211_ch_switch_started_notify(struct net_device *dev,
12408 struct cfg80211_chan_def *chandef,
12409 u8 count)
12410{
12411 struct wireless_dev *wdev = dev->ieee80211_ptr;
12412 struct wiphy *wiphy = wdev->wiphy;
12413 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
12414
12415 trace_cfg80211_ch_switch_started_notify(dev, chandef);
12416
12417 nl80211_ch_switch_notify(rdev, dev, chandef, GFP_KERNEL,
12418 NL80211_CMD_CH_SWITCH_STARTED_NOTIFY, count);
12419}
12420EXPORT_SYMBOL(cfg80211_ch_switch_started_notify);
12421
12422void
12423nl80211_radar_notify(struct cfg80211_registered_device *rdev,
12424 const struct cfg80211_chan_def *chandef,
12425 enum nl80211_radar_event event,
12426 struct net_device *netdev, gfp_t gfp)
12427{
12428 struct sk_buff *msg;
12429 void *hdr;
12430
12431 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
12432 if (!msg)
12433 return;
12434
12435 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_RADAR_DETECT);
12436 if (!hdr) {
12437 nlmsg_free(msg);
12438 return;
12439 }
12440
12441 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx))
12442 goto nla_put_failure;
12443
12444
12445 if (netdev) {
12446 struct wireless_dev *wdev = netdev->ieee80211_ptr;
12447
12448 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
12449 nla_put_u64(msg, NL80211_ATTR_WDEV, wdev_id(wdev)))
12450 goto nla_put_failure;
12451 }
12452
12453 if (nla_put_u32(msg, NL80211_ATTR_RADAR_EVENT, event))
12454 goto nla_put_failure;
12455
12456 if (nl80211_send_chandef(msg, chandef))
12457 goto nla_put_failure;
12458
12459 genlmsg_end(msg, hdr);
12460
12461 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
12462 NL80211_MCGRP_MLME, gfp);
12463 return;
12464
12465 nla_put_failure:
12466 genlmsg_cancel(msg, hdr);
12467 nlmsg_free(msg);
12468}
12469
12470void cfg80211_probe_status(struct net_device *dev, const u8 *addr,
12471 u64 cookie, bool acked, gfp_t gfp)
12472{
12473 struct wireless_dev *wdev = dev->ieee80211_ptr;
12474 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
12475 struct sk_buff *msg;
12476 void *hdr;
12477
12478 trace_cfg80211_probe_status(dev, addr, cookie, acked);
12479
12480 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
12481
12482 if (!msg)
12483 return;
12484
12485 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_PROBE_CLIENT);
12486 if (!hdr) {
12487 nlmsg_free(msg);
12488 return;
12489 }
12490
12491 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
12492 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
12493 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
12494 nla_put_u64(msg, NL80211_ATTR_COOKIE, cookie) ||
12495 (acked && nla_put_flag(msg, NL80211_ATTR_ACK)))
12496 goto nla_put_failure;
12497
12498 genlmsg_end(msg, hdr);
12499
12500 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
12501 NL80211_MCGRP_MLME, gfp);
12502 return;
12503
12504 nla_put_failure:
12505 genlmsg_cancel(msg, hdr);
12506 nlmsg_free(msg);
12507}
12508EXPORT_SYMBOL(cfg80211_probe_status);
12509
12510void cfg80211_report_obss_beacon(struct wiphy *wiphy,
12511 const u8 *frame, size_t len,
12512 int freq, int sig_dbm)
12513{
12514 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
12515 struct sk_buff *msg;
12516 void *hdr;
12517 struct cfg80211_beacon_registration *reg;
12518
12519 trace_cfg80211_report_obss_beacon(wiphy, frame, len, freq, sig_dbm);
12520
12521 spin_lock_bh(&rdev->beacon_registrations_lock);
12522 list_for_each_entry(reg, &rdev->beacon_registrations, list) {
12523 msg = nlmsg_new(len + 100, GFP_ATOMIC);
12524 if (!msg) {
12525 spin_unlock_bh(&rdev->beacon_registrations_lock);
12526 return;
12527 }
12528
12529 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME);
12530 if (!hdr)
12531 goto nla_put_failure;
12532
12533 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
12534 (freq &&
12535 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq)) ||
12536 (sig_dbm &&
12537 nla_put_u32(msg, NL80211_ATTR_RX_SIGNAL_DBM, sig_dbm)) ||
12538 nla_put(msg, NL80211_ATTR_FRAME, len, frame))
12539 goto nla_put_failure;
12540
12541 genlmsg_end(msg, hdr);
12542
12543 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, reg->nlportid);
12544 }
12545 spin_unlock_bh(&rdev->beacon_registrations_lock);
12546 return;
12547
12548 nla_put_failure:
12549 spin_unlock_bh(&rdev->beacon_registrations_lock);
12550 if (hdr)
12551 genlmsg_cancel(msg, hdr);
12552 nlmsg_free(msg);
12553}
12554EXPORT_SYMBOL(cfg80211_report_obss_beacon);
12555
12556#ifdef CONFIG_PM
12557static int cfg80211_net_detect_results(struct sk_buff *msg,
12558 struct cfg80211_wowlan_wakeup *wakeup)
12559{
12560 struct cfg80211_wowlan_nd_info *nd = wakeup->net_detect;
12561 struct nlattr *nl_results, *nl_match, *nl_freqs;
12562 int i, j;
12563
12564 nl_results = nla_nest_start(
12565 msg, NL80211_WOWLAN_TRIG_NET_DETECT_RESULTS);
12566 if (!nl_results)
12567 return -EMSGSIZE;
12568
12569 for (i = 0; i < nd->n_matches; i++) {
12570 struct cfg80211_wowlan_nd_match *match = nd->matches[i];
12571
12572 nl_match = nla_nest_start(msg, i);
12573 if (!nl_match)
12574 break;
12575
12576
12577
12578
12579
12580
12581
12582
12583 if (nla_put(msg, NL80211_ATTR_SSID, match->ssid.ssid_len,
12584 match->ssid.ssid)) {
12585 nla_nest_cancel(msg, nl_match);
12586 goto out;
12587 }
12588
12589 if (match->n_channels) {
12590 nl_freqs = nla_nest_start(
12591 msg, NL80211_ATTR_SCAN_FREQUENCIES);
12592 if (!nl_freqs) {
12593 nla_nest_cancel(msg, nl_match);
12594 goto out;
12595 }
12596
12597 for (j = 0; j < match->n_channels; j++) {
12598 if (nla_put_u32(msg, j, match->channels[j])) {
12599 nla_nest_cancel(msg, nl_freqs);
12600 nla_nest_cancel(msg, nl_match);
12601 goto out;
12602 }
12603 }
12604
12605 nla_nest_end(msg, nl_freqs);
12606 }
12607
12608 nla_nest_end(msg, nl_match);
12609 }
12610
12611out:
12612 nla_nest_end(msg, nl_results);
12613 return 0;
12614}
12615
12616void cfg80211_report_wowlan_wakeup(struct wireless_dev *wdev,
12617 struct cfg80211_wowlan_wakeup *wakeup,
12618 gfp_t gfp)
12619{
12620 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
12621 struct sk_buff *msg;
12622 void *hdr;
12623 int size = 200;
12624
12625 trace_cfg80211_report_wowlan_wakeup(wdev->wiphy, wdev, wakeup);
12626
12627 if (wakeup)
12628 size += wakeup->packet_present_len;
12629
12630 msg = nlmsg_new(size, gfp);
12631 if (!msg)
12632 return;
12633
12634 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_SET_WOWLAN);
12635 if (!hdr)
12636 goto free_msg;
12637
12638 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
12639 nla_put_u64(msg, NL80211_ATTR_WDEV, wdev_id(wdev)))
12640 goto free_msg;
12641
12642 if (wdev->netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
12643 wdev->netdev->ifindex))
12644 goto free_msg;
12645
12646 if (wakeup) {
12647 struct nlattr *reasons;
12648
12649 reasons = nla_nest_start(msg, NL80211_ATTR_WOWLAN_TRIGGERS);
12650 if (!reasons)
12651 goto free_msg;
12652
12653 if (wakeup->disconnect &&
12654 nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT))
12655 goto free_msg;
12656 if (wakeup->magic_pkt &&
12657 nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT))
12658 goto free_msg;
12659 if (wakeup->gtk_rekey_failure &&
12660 nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE))
12661 goto free_msg;
12662 if (wakeup->eap_identity_req &&
12663 nla_put_flag(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST))
12664 goto free_msg;
12665 if (wakeup->four_way_handshake &&
12666 nla_put_flag(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE))
12667 goto free_msg;
12668 if (wakeup->rfkill_release &&
12669 nla_put_flag(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE))
12670 goto free_msg;
12671
12672 if (wakeup->pattern_idx >= 0 &&
12673 nla_put_u32(msg, NL80211_WOWLAN_TRIG_PKT_PATTERN,
12674 wakeup->pattern_idx))
12675 goto free_msg;
12676
12677 if (wakeup->tcp_match &&
12678 nla_put_flag(msg, NL80211_WOWLAN_TRIG_WAKEUP_TCP_MATCH))
12679 goto free_msg;
12680
12681 if (wakeup->tcp_connlost &&
12682 nla_put_flag(msg, NL80211_WOWLAN_TRIG_WAKEUP_TCP_CONNLOST))
12683 goto free_msg;
12684
12685 if (wakeup->tcp_nomoretokens &&
12686 nla_put_flag(msg,
12687 NL80211_WOWLAN_TRIG_WAKEUP_TCP_NOMORETOKENS))
12688 goto free_msg;
12689
12690 if (wakeup->packet) {
12691 u32 pkt_attr = NL80211_WOWLAN_TRIG_WAKEUP_PKT_80211;
12692 u32 len_attr = NL80211_WOWLAN_TRIG_WAKEUP_PKT_80211_LEN;
12693
12694 if (!wakeup->packet_80211) {
12695 pkt_attr =
12696 NL80211_WOWLAN_TRIG_WAKEUP_PKT_8023;
12697 len_attr =
12698 NL80211_WOWLAN_TRIG_WAKEUP_PKT_8023_LEN;
12699 }
12700
12701 if (wakeup->packet_len &&
12702 nla_put_u32(msg, len_attr, wakeup->packet_len))
12703 goto free_msg;
12704
12705 if (nla_put(msg, pkt_attr, wakeup->packet_present_len,
12706 wakeup->packet))
12707 goto free_msg;
12708 }
12709
12710 if (wakeup->net_detect &&
12711 cfg80211_net_detect_results(msg, wakeup))
12712 goto free_msg;
12713
12714 nla_nest_end(msg, reasons);
12715 }
12716
12717 genlmsg_end(msg, hdr);
12718
12719 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
12720 NL80211_MCGRP_MLME, gfp);
12721 return;
12722
12723 free_msg:
12724 nlmsg_free(msg);
12725}
12726EXPORT_SYMBOL(cfg80211_report_wowlan_wakeup);
12727#endif
12728
12729void cfg80211_tdls_oper_request(struct net_device *dev, const u8 *peer,
12730 enum nl80211_tdls_operation oper,
12731 u16 reason_code, gfp_t gfp)
12732{
12733 struct wireless_dev *wdev = dev->ieee80211_ptr;
12734 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
12735 struct sk_buff *msg;
12736 void *hdr;
12737
12738 trace_cfg80211_tdls_oper_request(wdev->wiphy, dev, peer, oper,
12739 reason_code);
12740
12741 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
12742 if (!msg)
12743 return;
12744
12745 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_TDLS_OPER);
12746 if (!hdr) {
12747 nlmsg_free(msg);
12748 return;
12749 }
12750
12751 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
12752 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
12753 nla_put_u8(msg, NL80211_ATTR_TDLS_OPERATION, oper) ||
12754 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, peer) ||
12755 (reason_code > 0 &&
12756 nla_put_u16(msg, NL80211_ATTR_REASON_CODE, reason_code)))
12757 goto nla_put_failure;
12758
12759 genlmsg_end(msg, hdr);
12760
12761 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
12762 NL80211_MCGRP_MLME, gfp);
12763 return;
12764
12765 nla_put_failure:
12766 genlmsg_cancel(msg, hdr);
12767 nlmsg_free(msg);
12768}
12769EXPORT_SYMBOL(cfg80211_tdls_oper_request);
12770
12771static int nl80211_netlink_notify(struct notifier_block * nb,
12772 unsigned long state,
12773 void *_notify)
12774{
12775 struct netlink_notify *notify = _notify;
12776 struct cfg80211_registered_device *rdev;
12777 struct wireless_dev *wdev;
12778 struct cfg80211_beacon_registration *reg, *tmp;
12779
12780 if (state != NETLINK_URELEASE)
12781 return NOTIFY_DONE;
12782
12783 rcu_read_lock();
12784
12785 list_for_each_entry_rcu(rdev, &cfg80211_rdev_list, list) {
12786 bool schedule_destroy_work = false;
12787 bool schedule_scan_stop = false;
12788 struct cfg80211_sched_scan_request *sched_scan_req =
12789 rcu_dereference(rdev->sched_scan_req);
12790
12791 if (sched_scan_req && notify->portid &&
12792 sched_scan_req->owner_nlportid == notify->portid)
12793 schedule_scan_stop = true;
12794
12795 list_for_each_entry_rcu(wdev, &rdev->wdev_list, list) {
12796 cfg80211_mlme_unregister_socket(wdev, notify->portid);
12797
12798 if (wdev->owner_nlportid == notify->portid)
12799 schedule_destroy_work = true;
12800 }
12801
12802 spin_lock_bh(&rdev->beacon_registrations_lock);
12803 list_for_each_entry_safe(reg, tmp, &rdev->beacon_registrations,
12804 list) {
12805 if (reg->nlportid == notify->portid) {
12806 list_del(®->list);
12807 kfree(reg);
12808 break;
12809 }
12810 }
12811 spin_unlock_bh(&rdev->beacon_registrations_lock);
12812
12813 if (schedule_destroy_work) {
12814 struct cfg80211_iface_destroy *destroy;
12815
12816 destroy = kzalloc(sizeof(*destroy), GFP_ATOMIC);
12817 if (destroy) {
12818 destroy->nlportid = notify->portid;
12819 spin_lock(&rdev->destroy_list_lock);
12820 list_add(&destroy->list, &rdev->destroy_list);
12821 spin_unlock(&rdev->destroy_list_lock);
12822 schedule_work(&rdev->destroy_work);
12823 }
12824 } else if (schedule_scan_stop) {
12825 sched_scan_req->owner_nlportid = 0;
12826
12827 if (rdev->ops->sched_scan_stop &&
12828 rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN)
12829 schedule_work(&rdev->sched_scan_stop_wk);
12830 }
12831 }
12832
12833 rcu_read_unlock();
12834
12835
12836
12837
12838
12839 regulatory_netlink_notify(notify->portid);
12840 return NOTIFY_OK;
12841}
12842
12843static struct notifier_block nl80211_netlink_notifier = {
12844 .notifier_call = nl80211_netlink_notify,
12845};
12846
12847void cfg80211_ft_event(struct net_device *netdev,
12848 struct cfg80211_ft_event_params *ft_event)
12849{
12850 struct wiphy *wiphy = netdev->ieee80211_ptr->wiphy;
12851 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
12852 struct sk_buff *msg;
12853 void *hdr;
12854
12855 trace_cfg80211_ft_event(wiphy, netdev, ft_event);
12856
12857 if (!ft_event->target_ap)
12858 return;
12859
12860 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
12861 if (!msg)
12862 return;
12863
12864 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FT_EVENT);
12865 if (!hdr)
12866 goto out;
12867
12868 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
12869 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
12870 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, ft_event->target_ap))
12871 goto out;
12872
12873 if (ft_event->ies &&
12874 nla_put(msg, NL80211_ATTR_IE, ft_event->ies_len, ft_event->ies))
12875 goto out;
12876 if (ft_event->ric_ies &&
12877 nla_put(msg, NL80211_ATTR_IE_RIC, ft_event->ric_ies_len,
12878 ft_event->ric_ies))
12879 goto out;
12880
12881 genlmsg_end(msg, hdr);
12882
12883 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
12884 NL80211_MCGRP_MLME, GFP_KERNEL);
12885 return;
12886 out:
12887 nlmsg_free(msg);
12888}
12889EXPORT_SYMBOL(cfg80211_ft_event);
12890
12891void cfg80211_crit_proto_stopped(struct wireless_dev *wdev, gfp_t gfp)
12892{
12893 struct cfg80211_registered_device *rdev;
12894 struct sk_buff *msg;
12895 void *hdr;
12896 u32 nlportid;
12897
12898 rdev = wiphy_to_rdev(wdev->wiphy);
12899 if (!rdev->crit_proto_nlportid)
12900 return;
12901
12902 nlportid = rdev->crit_proto_nlportid;
12903 rdev->crit_proto_nlportid = 0;
12904
12905 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
12906 if (!msg)
12907 return;
12908
12909 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CRIT_PROTOCOL_STOP);
12910 if (!hdr)
12911 goto nla_put_failure;
12912
12913 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
12914 nla_put_u64(msg, NL80211_ATTR_WDEV, wdev_id(wdev)))
12915 goto nla_put_failure;
12916
12917 genlmsg_end(msg, hdr);
12918
12919 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlportid);
12920 return;
12921
12922 nla_put_failure:
12923 if (hdr)
12924 genlmsg_cancel(msg, hdr);
12925 nlmsg_free(msg);
12926
12927}
12928EXPORT_SYMBOL(cfg80211_crit_proto_stopped);
12929
12930void nl80211_send_ap_stopped(struct wireless_dev *wdev)
12931{
12932 struct wiphy *wiphy = wdev->wiphy;
12933 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
12934 struct sk_buff *msg;
12935 void *hdr;
12936
12937 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
12938 if (!msg)
12939 return;
12940
12941 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_STOP_AP);
12942 if (!hdr)
12943 goto out;
12944
12945 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
12946 nla_put_u32(msg, NL80211_ATTR_IFINDEX, wdev->netdev->ifindex) ||
12947 nla_put_u64(msg, NL80211_ATTR_WDEV, wdev_id(wdev)))
12948 goto out;
12949
12950 genlmsg_end(msg, hdr);
12951
12952 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(wiphy), msg, 0,
12953 NL80211_MCGRP_MLME, GFP_KERNEL);
12954 return;
12955 out:
12956 nlmsg_free(msg);
12957}
12958
12959
12960
12961int nl80211_init(void)
12962{
12963 int err;
12964
12965 err = genl_register_family_with_ops_groups(&nl80211_fam, nl80211_ops,
12966 nl80211_mcgrps);
12967 if (err)
12968 return err;
12969
12970 err = netlink_register_notifier(&nl80211_netlink_notifier);
12971 if (err)
12972 goto err_out;
12973
12974 return 0;
12975 err_out:
12976 genl_unregister_family(&nl80211_fam);
12977 return err;
12978}
12979
12980void nl80211_exit(void)
12981{
12982 netlink_unregister_notifier(&nl80211_netlink_notifier);
12983 genl_unregister_family(&nl80211_fam);
12984}
12985
