rjw | 1f88458 | 2022-01-06 17:20:42 +0800 | [diff] [blame^] | 1 | /* |
| 2 | * This is the new netlink-based wireless configuration interface. |
| 3 | * |
| 4 | * Copyright 2006-2010 Johannes Berg <johannes@sipsolutions.net> |
| 5 | * Copyright 2013-2014 Intel Mobile Communications GmbH |
| 6 | * Copyright 2015-2017 Intel Deutschland GmbH |
| 7 | */ |
| 8 | |
| 9 | #include <linux/if.h> |
| 10 | #include <linux/module.h> |
| 11 | #include <linux/err.h> |
| 12 | #include <linux/slab.h> |
| 13 | #include <linux/list.h> |
| 14 | #include <linux/if_ether.h> |
| 15 | #include <linux/ieee80211.h> |
| 16 | #include <linux/nl80211.h> |
| 17 | #include <linux/rtnetlink.h> |
| 18 | #include <linux/netlink.h> |
| 19 | #include <linux/nospec.h> |
| 20 | #include <linux/etherdevice.h> |
| 21 | #include <net/net_namespace.h> |
| 22 | #include <net/genetlink.h> |
| 23 | #include <net/cfg80211.h> |
| 24 | #include <net/sock.h> |
| 25 | #include <net/inet_connection_sock.h> |
| 26 | #include "core.h" |
| 27 | #include "nl80211.h" |
| 28 | #include "reg.h" |
| 29 | #include "rdev-ops.h" |
| 30 | |
| 31 | static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev, |
| 32 | struct genl_info *info, |
| 33 | struct cfg80211_crypto_settings *settings, |
| 34 | int cipher_limit); |
| 35 | |
| 36 | /* the netlink family */ |
| 37 | static struct genl_family nl80211_fam; |
| 38 | |
| 39 | /* multicast groups */ |
| 40 | enum nl80211_multicast_groups { |
| 41 | NL80211_MCGRP_CONFIG, |
| 42 | NL80211_MCGRP_SCAN, |
| 43 | NL80211_MCGRP_REGULATORY, |
| 44 | NL80211_MCGRP_MLME, |
| 45 | NL80211_MCGRP_VENDOR, |
| 46 | NL80211_MCGRP_NAN, |
| 47 | NL80211_MCGRP_TESTMODE /* keep last - ifdef! */ |
| 48 | }; |
| 49 | |
| 50 | static const struct genl_multicast_group nl80211_mcgrps[] = { |
| 51 | [NL80211_MCGRP_CONFIG] = { .name = NL80211_MULTICAST_GROUP_CONFIG }, |
| 52 | [NL80211_MCGRP_SCAN] = { .name = NL80211_MULTICAST_GROUP_SCAN }, |
| 53 | [NL80211_MCGRP_REGULATORY] = { .name = NL80211_MULTICAST_GROUP_REG }, |
| 54 | [NL80211_MCGRP_MLME] = { .name = NL80211_MULTICAST_GROUP_MLME }, |
| 55 | [NL80211_MCGRP_VENDOR] = { .name = NL80211_MULTICAST_GROUP_VENDOR }, |
| 56 | [NL80211_MCGRP_NAN] = { .name = NL80211_MULTICAST_GROUP_NAN }, |
| 57 | #ifdef CONFIG_NL80211_TESTMODE |
| 58 | [NL80211_MCGRP_TESTMODE] = { .name = NL80211_MULTICAST_GROUP_TESTMODE } |
| 59 | #endif |
| 60 | }; |
| 61 | |
| 62 | /* returns ERR_PTR values */ |
| 63 | static struct wireless_dev * |
| 64 | __cfg80211_wdev_from_attrs(struct net *netns, struct nlattr **attrs) |
| 65 | { |
| 66 | struct cfg80211_registered_device *rdev; |
| 67 | struct wireless_dev *result = NULL; |
| 68 | bool have_ifidx = attrs[NL80211_ATTR_IFINDEX]; |
| 69 | bool have_wdev_id = attrs[NL80211_ATTR_WDEV]; |
| 70 | u64 wdev_id; |
| 71 | int wiphy_idx = -1; |
| 72 | int ifidx = -1; |
| 73 | |
| 74 | ASSERT_RTNL(); |
| 75 | |
| 76 | if (!have_ifidx && !have_wdev_id) |
| 77 | return ERR_PTR(-EINVAL); |
| 78 | |
| 79 | if (have_ifidx) |
| 80 | ifidx = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]); |
| 81 | if (have_wdev_id) { |
| 82 | wdev_id = nla_get_u64(attrs[NL80211_ATTR_WDEV]); |
| 83 | wiphy_idx = wdev_id >> 32; |
| 84 | } |
| 85 | |
| 86 | list_for_each_entry(rdev, &cfg80211_rdev_list, list) { |
| 87 | struct wireless_dev *wdev; |
| 88 | |
| 89 | if (wiphy_net(&rdev->wiphy) != netns) |
| 90 | continue; |
| 91 | |
| 92 | if (have_wdev_id && rdev->wiphy_idx != wiphy_idx) |
| 93 | continue; |
| 94 | |
| 95 | list_for_each_entry(wdev, &rdev->wiphy.wdev_list, list) { |
| 96 | if (have_ifidx && wdev->netdev && |
| 97 | wdev->netdev->ifindex == ifidx) { |
| 98 | result = wdev; |
| 99 | break; |
| 100 | } |
| 101 | if (have_wdev_id && wdev->identifier == (u32)wdev_id) { |
| 102 | result = wdev; |
| 103 | break; |
| 104 | } |
| 105 | } |
| 106 | |
| 107 | if (result) |
| 108 | break; |
| 109 | } |
| 110 | |
| 111 | if (result) |
| 112 | return result; |
| 113 | return ERR_PTR(-ENODEV); |
| 114 | } |
| 115 | |
| 116 | static struct cfg80211_registered_device * |
| 117 | __cfg80211_rdev_from_attrs(struct net *netns, struct nlattr **attrs) |
| 118 | { |
| 119 | struct cfg80211_registered_device *rdev = NULL, *tmp; |
| 120 | struct net_device *netdev; |
| 121 | |
| 122 | ASSERT_RTNL(); |
| 123 | |
| 124 | if (!attrs[NL80211_ATTR_WIPHY] && |
| 125 | !attrs[NL80211_ATTR_IFINDEX] && |
| 126 | !attrs[NL80211_ATTR_WDEV]) |
| 127 | return ERR_PTR(-EINVAL); |
| 128 | |
| 129 | if (attrs[NL80211_ATTR_WIPHY]) |
| 130 | rdev = cfg80211_rdev_by_wiphy_idx( |
| 131 | nla_get_u32(attrs[NL80211_ATTR_WIPHY])); |
| 132 | |
| 133 | if (attrs[NL80211_ATTR_WDEV]) { |
| 134 | u64 wdev_id = nla_get_u64(attrs[NL80211_ATTR_WDEV]); |
| 135 | struct wireless_dev *wdev; |
| 136 | bool found = false; |
| 137 | |
| 138 | tmp = cfg80211_rdev_by_wiphy_idx(wdev_id >> 32); |
| 139 | if (tmp) { |
| 140 | /* make sure wdev exists */ |
| 141 | list_for_each_entry(wdev, &tmp->wiphy.wdev_list, list) { |
| 142 | if (wdev->identifier != (u32)wdev_id) |
| 143 | continue; |
| 144 | found = true; |
| 145 | break; |
| 146 | } |
| 147 | |
| 148 | if (!found) |
| 149 | tmp = NULL; |
| 150 | |
| 151 | if (rdev && tmp != rdev) |
| 152 | return ERR_PTR(-EINVAL); |
| 153 | rdev = tmp; |
| 154 | } |
| 155 | } |
| 156 | |
| 157 | if (attrs[NL80211_ATTR_IFINDEX]) { |
| 158 | int ifindex = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]); |
| 159 | |
| 160 | netdev = __dev_get_by_index(netns, ifindex); |
| 161 | if (netdev) { |
| 162 | if (netdev->ieee80211_ptr) |
| 163 | tmp = wiphy_to_rdev( |
| 164 | netdev->ieee80211_ptr->wiphy); |
| 165 | else |
| 166 | tmp = NULL; |
| 167 | |
| 168 | /* not wireless device -- return error */ |
| 169 | if (!tmp) |
| 170 | return ERR_PTR(-EINVAL); |
| 171 | |
| 172 | /* mismatch -- return error */ |
| 173 | if (rdev && tmp != rdev) |
| 174 | return ERR_PTR(-EINVAL); |
| 175 | |
| 176 | rdev = tmp; |
| 177 | } |
| 178 | } |
| 179 | |
| 180 | if (!rdev) |
| 181 | return ERR_PTR(-ENODEV); |
| 182 | |
| 183 | if (netns != wiphy_net(&rdev->wiphy)) |
| 184 | return ERR_PTR(-ENODEV); |
| 185 | |
| 186 | return rdev; |
| 187 | } |
| 188 | |
| 189 | /* |
| 190 | * This function returns a pointer to the driver |
| 191 | * that the genl_info item that is passed refers to. |
| 192 | * |
| 193 | * The result of this can be a PTR_ERR and hence must |
| 194 | * be checked with IS_ERR() for errors. |
| 195 | */ |
| 196 | static struct cfg80211_registered_device * |
| 197 | cfg80211_get_dev_from_info(struct net *netns, struct genl_info *info) |
| 198 | { |
| 199 | return __cfg80211_rdev_from_attrs(netns, info->attrs); |
| 200 | } |
| 201 | |
| 202 | static int validate_beacon_head(const struct nlattr *attr, |
| 203 | struct netlink_ext_ack *extack) |
| 204 | { |
| 205 | const u8 *data = nla_data(attr); |
| 206 | unsigned int len = nla_len(attr); |
| 207 | const struct element *elem; |
| 208 | const struct ieee80211_mgmt *mgmt = (void *)data; |
| 209 | unsigned int fixedlen = offsetof(struct ieee80211_mgmt, |
| 210 | u.beacon.variable); |
| 211 | |
| 212 | if (len < fixedlen) |
| 213 | goto err; |
| 214 | |
| 215 | if (ieee80211_hdrlen(mgmt->frame_control) != |
| 216 | offsetof(struct ieee80211_mgmt, u.beacon)) |
| 217 | goto err; |
| 218 | |
| 219 | data += fixedlen; |
| 220 | len -= fixedlen; |
| 221 | |
| 222 | for_each_element(elem, data, len) { |
| 223 | /* nothing */ |
| 224 | } |
| 225 | |
| 226 | if (for_each_element_completed(elem, data, len)) |
| 227 | return 0; |
| 228 | |
| 229 | err: |
| 230 | NL_SET_ERR_MSG_ATTR(extack, attr, "malformed beacon head"); |
| 231 | return -EINVAL; |
| 232 | } |
| 233 | |
| 234 | /* policy for the attributes */ |
| 235 | static const struct nla_policy nl80211_policy[NUM_NL80211_ATTR] = { |
| 236 | [NL80211_ATTR_WIPHY] = { .type = NLA_U32 }, |
| 237 | [NL80211_ATTR_WIPHY_NAME] = { .type = NLA_NUL_STRING, |
| 238 | .len = 20-1 }, |
| 239 | [NL80211_ATTR_WIPHY_TXQ_PARAMS] = { .type = NLA_NESTED }, |
| 240 | |
| 241 | [NL80211_ATTR_WIPHY_FREQ] = { .type = NLA_U32 }, |
| 242 | [NL80211_ATTR_WIPHY_CHANNEL_TYPE] = { .type = NLA_U32 }, |
| 243 | [NL80211_ATTR_CHANNEL_WIDTH] = { .type = NLA_U32 }, |
| 244 | [NL80211_ATTR_CENTER_FREQ1] = { .type = NLA_U32 }, |
| 245 | [NL80211_ATTR_CENTER_FREQ2] = { .type = NLA_U32 }, |
| 246 | |
| 247 | [NL80211_ATTR_WIPHY_RETRY_SHORT] = { .type = NLA_U8 }, |
| 248 | [NL80211_ATTR_WIPHY_RETRY_LONG] = { .type = NLA_U8 }, |
| 249 | [NL80211_ATTR_WIPHY_FRAG_THRESHOLD] = { .type = NLA_U32 }, |
| 250 | [NL80211_ATTR_WIPHY_RTS_THRESHOLD] = { .type = NLA_U32 }, |
| 251 | [NL80211_ATTR_WIPHY_COVERAGE_CLASS] = { .type = NLA_U8 }, |
| 252 | [NL80211_ATTR_WIPHY_DYN_ACK] = { .type = NLA_FLAG }, |
| 253 | |
| 254 | [NL80211_ATTR_IFTYPE] = { .type = NLA_U32 }, |
| 255 | [NL80211_ATTR_IFINDEX] = { .type = NLA_U32 }, |
| 256 | [NL80211_ATTR_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ-1 }, |
| 257 | |
| 258 | [NL80211_ATTR_MAC] = { .len = ETH_ALEN }, |
| 259 | [NL80211_ATTR_PREV_BSSID] = { .len = ETH_ALEN }, |
| 260 | |
| 261 | [NL80211_ATTR_KEY] = { .type = NLA_NESTED, }, |
| 262 | [NL80211_ATTR_KEY_DATA] = { .type = NLA_BINARY, |
| 263 | .len = WLAN_MAX_KEY_LEN }, |
| 264 | [NL80211_ATTR_KEY_IDX] = { .type = NLA_U8 }, |
| 265 | [NL80211_ATTR_KEY_CIPHER] = { .type = NLA_U32 }, |
| 266 | [NL80211_ATTR_KEY_DEFAULT] = { .type = NLA_FLAG }, |
| 267 | [NL80211_ATTR_KEY_SEQ] = { .type = NLA_BINARY, .len = 16 }, |
| 268 | [NL80211_ATTR_KEY_TYPE] = { .type = NLA_U32 }, |
| 269 | |
| 270 | [NL80211_ATTR_BEACON_INTERVAL] = { .type = NLA_U32 }, |
| 271 | [NL80211_ATTR_DTIM_PERIOD] = { .type = NLA_U32 }, |
| 272 | [NL80211_ATTR_BEACON_HEAD] = { .type = NLA_BINARY, |
| 273 | .len = IEEE80211_MAX_DATA_LEN }, |
| 274 | [NL80211_ATTR_BEACON_TAIL] = { .type = NLA_BINARY, |
| 275 | .len = IEEE80211_MAX_DATA_LEN }, |
| 276 | [NL80211_ATTR_STA_AID] = { .type = NLA_U16 }, |
| 277 | [NL80211_ATTR_STA_FLAGS] = { .type = NLA_NESTED }, |
| 278 | [NL80211_ATTR_STA_LISTEN_INTERVAL] = { .type = NLA_U16 }, |
| 279 | [NL80211_ATTR_STA_SUPPORTED_RATES] = { .type = NLA_BINARY, |
| 280 | .len = NL80211_MAX_SUPP_RATES }, |
| 281 | [NL80211_ATTR_STA_PLINK_ACTION] = { .type = NLA_U8 }, |
| 282 | [NL80211_ATTR_STA_VLAN] = { .type = NLA_U32 }, |
| 283 | [NL80211_ATTR_MNTR_FLAGS] = { /* NLA_NESTED can't be empty */ }, |
| 284 | [NL80211_ATTR_MESH_ID] = { .type = NLA_BINARY, |
| 285 | .len = IEEE80211_MAX_MESH_ID_LEN }, |
| 286 | [NL80211_ATTR_MPATH_NEXT_HOP] = { .type = NLA_BINARY, |
| 287 | .len = ETH_ALEN }, |
| 288 | |
| 289 | [NL80211_ATTR_REG_ALPHA2] = { .type = NLA_STRING, .len = 2 }, |
| 290 | [NL80211_ATTR_REG_RULES] = { .type = NLA_NESTED }, |
| 291 | |
| 292 | [NL80211_ATTR_BSS_CTS_PROT] = { .type = NLA_U8 }, |
| 293 | [NL80211_ATTR_BSS_SHORT_PREAMBLE] = { .type = NLA_U8 }, |
| 294 | [NL80211_ATTR_BSS_SHORT_SLOT_TIME] = { .type = NLA_U8 }, |
| 295 | [NL80211_ATTR_BSS_BASIC_RATES] = { .type = NLA_BINARY, |
| 296 | .len = NL80211_MAX_SUPP_RATES }, |
| 297 | [NL80211_ATTR_BSS_HT_OPMODE] = { .type = NLA_U16 }, |
| 298 | |
| 299 | [NL80211_ATTR_MESH_CONFIG] = { .type = NLA_NESTED }, |
| 300 | [NL80211_ATTR_SUPPORT_MESH_AUTH] = { .type = NLA_FLAG }, |
| 301 | |
| 302 | [NL80211_ATTR_HT_CAPABILITY] = { .len = NL80211_HT_CAPABILITY_LEN }, |
| 303 | |
| 304 | [NL80211_ATTR_MGMT_SUBTYPE] = { .type = NLA_U8 }, |
| 305 | [NL80211_ATTR_IE] = { .type = NLA_BINARY, |
| 306 | .len = IEEE80211_MAX_DATA_LEN }, |
| 307 | [NL80211_ATTR_SCAN_FREQUENCIES] = { .type = NLA_NESTED }, |
| 308 | [NL80211_ATTR_SCAN_SSIDS] = { .type = NLA_NESTED }, |
| 309 | |
| 310 | [NL80211_ATTR_SSID] = { .type = NLA_BINARY, |
| 311 | .len = IEEE80211_MAX_SSID_LEN }, |
| 312 | [NL80211_ATTR_AUTH_TYPE] = { .type = NLA_U32 }, |
| 313 | [NL80211_ATTR_REASON_CODE] = { .type = NLA_U16 }, |
| 314 | [NL80211_ATTR_FREQ_FIXED] = { .type = NLA_FLAG }, |
| 315 | [NL80211_ATTR_TIMED_OUT] = { .type = NLA_FLAG }, |
| 316 | [NL80211_ATTR_USE_MFP] = { .type = NLA_U32 }, |
| 317 | [NL80211_ATTR_STA_FLAGS2] = { |
| 318 | .len = sizeof(struct nl80211_sta_flag_update), |
| 319 | }, |
| 320 | [NL80211_ATTR_CONTROL_PORT] = { .type = NLA_FLAG }, |
| 321 | [NL80211_ATTR_CONTROL_PORT_ETHERTYPE] = { .type = NLA_U16 }, |
| 322 | [NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT] = { .type = NLA_FLAG }, |
| 323 | [NL80211_ATTR_PRIVACY] = { .type = NLA_FLAG }, |
| 324 | [NL80211_ATTR_STATUS_CODE] = { .type = NLA_U16 }, |
| 325 | [NL80211_ATTR_CIPHER_SUITE_GROUP] = { .type = NLA_U32 }, |
| 326 | [NL80211_ATTR_WPA_VERSIONS] = { .type = NLA_U32 }, |
| 327 | [NL80211_ATTR_PID] = { .type = NLA_U32 }, |
| 328 | [NL80211_ATTR_4ADDR] = { .type = NLA_U8 }, |
| 329 | [NL80211_ATTR_PMKID] = { .len = WLAN_PMKID_LEN }, |
| 330 | [NL80211_ATTR_DURATION] = { .type = NLA_U32 }, |
| 331 | [NL80211_ATTR_COOKIE] = { .type = NLA_U64 }, |
| 332 | [NL80211_ATTR_TX_RATES] = { .type = NLA_NESTED }, |
| 333 | [NL80211_ATTR_FRAME] = { .type = NLA_BINARY, |
| 334 | .len = IEEE80211_MAX_DATA_LEN }, |
| 335 | [NL80211_ATTR_FRAME_MATCH] = { .type = NLA_BINARY, }, |
| 336 | [NL80211_ATTR_PS_STATE] = { .type = NLA_U32 }, |
| 337 | [NL80211_ATTR_CQM] = { .type = NLA_NESTED, }, |
| 338 | [NL80211_ATTR_LOCAL_STATE_CHANGE] = { .type = NLA_FLAG }, |
| 339 | [NL80211_ATTR_AP_ISOLATE] = { .type = NLA_U8 }, |
| 340 | [NL80211_ATTR_WIPHY_TX_POWER_SETTING] = { .type = NLA_U32 }, |
| 341 | [NL80211_ATTR_WIPHY_TX_POWER_LEVEL] = { .type = NLA_U32 }, |
| 342 | [NL80211_ATTR_FRAME_TYPE] = { .type = NLA_U16 }, |
| 343 | [NL80211_ATTR_WIPHY_ANTENNA_TX] = { .type = NLA_U32 }, |
| 344 | [NL80211_ATTR_WIPHY_ANTENNA_RX] = { .type = NLA_U32 }, |
| 345 | [NL80211_ATTR_MCAST_RATE] = { .type = NLA_U32 }, |
| 346 | [NL80211_ATTR_OFFCHANNEL_TX_OK] = { .type = NLA_FLAG }, |
| 347 | [NL80211_ATTR_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED }, |
| 348 | [NL80211_ATTR_WOWLAN_TRIGGERS] = { .type = NLA_NESTED }, |
| 349 | [NL80211_ATTR_STA_PLINK_STATE] = { .type = NLA_U8 }, |
| 350 | [NL80211_ATTR_MEASUREMENT_DURATION] = { .type = NLA_U16 }, |
| 351 | [NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY] = { .type = NLA_FLAG }, |
| 352 | [NL80211_ATTR_SCHED_SCAN_INTERVAL] = { .type = NLA_U32 }, |
| 353 | [NL80211_ATTR_REKEY_DATA] = { .type = NLA_NESTED }, |
| 354 | [NL80211_ATTR_SCAN_SUPP_RATES] = { .type = NLA_NESTED }, |
| 355 | [NL80211_ATTR_HIDDEN_SSID] = { .type = NLA_U32 }, |
| 356 | [NL80211_ATTR_IE_PROBE_RESP] = { .type = NLA_BINARY, |
| 357 | .len = IEEE80211_MAX_DATA_LEN }, |
| 358 | [NL80211_ATTR_IE_ASSOC_RESP] = { .type = NLA_BINARY, |
| 359 | .len = IEEE80211_MAX_DATA_LEN }, |
| 360 | [NL80211_ATTR_ROAM_SUPPORT] = { .type = NLA_FLAG }, |
| 361 | [NL80211_ATTR_SCHED_SCAN_MATCH] = { .type = NLA_NESTED }, |
| 362 | [NL80211_ATTR_TX_NO_CCK_RATE] = { .type = NLA_FLAG }, |
| 363 | [NL80211_ATTR_TDLS_ACTION] = { .type = NLA_U8 }, |
| 364 | [NL80211_ATTR_TDLS_DIALOG_TOKEN] = { .type = NLA_U8 }, |
| 365 | [NL80211_ATTR_TDLS_OPERATION] = { .type = NLA_U8 }, |
| 366 | [NL80211_ATTR_TDLS_SUPPORT] = { .type = NLA_FLAG }, |
| 367 | [NL80211_ATTR_TDLS_EXTERNAL_SETUP] = { .type = NLA_FLAG }, |
| 368 | [NL80211_ATTR_TDLS_INITIATOR] = { .type = NLA_FLAG }, |
| 369 | [NL80211_ATTR_DONT_WAIT_FOR_ACK] = { .type = NLA_FLAG }, |
| 370 | [NL80211_ATTR_PROBE_RESP] = { .type = NLA_BINARY, |
| 371 | .len = IEEE80211_MAX_DATA_LEN }, |
| 372 | [NL80211_ATTR_DFS_REGION] = { .type = NLA_U8 }, |
| 373 | [NL80211_ATTR_DISABLE_HT] = { .type = NLA_FLAG }, |
| 374 | [NL80211_ATTR_HT_CAPABILITY_MASK] = { |
| 375 | .len = NL80211_HT_CAPABILITY_LEN |
| 376 | }, |
| 377 | [NL80211_ATTR_NOACK_MAP] = { .type = NLA_U16 }, |
| 378 | [NL80211_ATTR_INACTIVITY_TIMEOUT] = { .type = NLA_U16 }, |
| 379 | [NL80211_ATTR_BG_SCAN_PERIOD] = { .type = NLA_U16 }, |
| 380 | [NL80211_ATTR_WDEV] = { .type = NLA_U64 }, |
| 381 | [NL80211_ATTR_USER_REG_HINT_TYPE] = { .type = NLA_U32 }, |
| 382 | [NL80211_ATTR_AUTH_DATA] = { .type = NLA_BINARY, }, |
| 383 | [NL80211_ATTR_VHT_CAPABILITY] = { .len = NL80211_VHT_CAPABILITY_LEN }, |
| 384 | [NL80211_ATTR_SCAN_FLAGS] = { .type = NLA_U32 }, |
| 385 | [NL80211_ATTR_P2P_CTWINDOW] = { .type = NLA_U8 }, |
| 386 | [NL80211_ATTR_P2P_OPPPS] = { .type = NLA_U8 }, |
| 387 | [NL80211_ATTR_LOCAL_MESH_POWER_MODE] = {. type = NLA_U32 }, |
| 388 | [NL80211_ATTR_ACL_POLICY] = {. type = NLA_U32 }, |
| 389 | [NL80211_ATTR_MAC_ADDRS] = { .type = NLA_NESTED }, |
| 390 | [NL80211_ATTR_STA_CAPABILITY] = { .type = NLA_U16 }, |
| 391 | [NL80211_ATTR_STA_EXT_CAPABILITY] = { .type = NLA_BINARY, }, |
| 392 | [NL80211_ATTR_SPLIT_WIPHY_DUMP] = { .type = NLA_FLAG, }, |
| 393 | [NL80211_ATTR_DISABLE_VHT] = { .type = NLA_FLAG }, |
| 394 | [NL80211_ATTR_VHT_CAPABILITY_MASK] = { |
| 395 | .len = NL80211_VHT_CAPABILITY_LEN, |
| 396 | }, |
| 397 | [NL80211_ATTR_MDID] = { .type = NLA_U16 }, |
| 398 | [NL80211_ATTR_IE_RIC] = { .type = NLA_BINARY, |
| 399 | .len = IEEE80211_MAX_DATA_LEN }, |
| 400 | [NL80211_ATTR_CRIT_PROT_ID] = { .type = NLA_U16 }, |
| 401 | [NL80211_ATTR_MAX_CRIT_PROT_DURATION] = { .type = NLA_U16 }, |
| 402 | [NL80211_ATTR_PEER_AID] = { .type = NLA_U16 }, |
| 403 | [NL80211_ATTR_CH_SWITCH_COUNT] = { .type = NLA_U32 }, |
| 404 | [NL80211_ATTR_CH_SWITCH_BLOCK_TX] = { .type = NLA_FLAG }, |
| 405 | [NL80211_ATTR_CSA_IES] = { .type = NLA_NESTED }, |
| 406 | [NL80211_ATTR_CSA_C_OFF_BEACON] = { .type = NLA_BINARY }, |
| 407 | [NL80211_ATTR_CSA_C_OFF_PRESP] = { .type = NLA_BINARY }, |
| 408 | [NL80211_ATTR_STA_SUPPORTED_CHANNELS] = { .type = NLA_BINARY }, |
| 409 | [NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES] = { .type = NLA_BINARY }, |
| 410 | [NL80211_ATTR_HANDLE_DFS] = { .type = NLA_FLAG }, |
| 411 | [NL80211_ATTR_OPMODE_NOTIF] = { .type = NLA_U8 }, |
| 412 | [NL80211_ATTR_VENDOR_ID] = { .type = NLA_U32 }, |
| 413 | [NL80211_ATTR_VENDOR_SUBCMD] = { .type = NLA_U32 }, |
| 414 | [NL80211_ATTR_VENDOR_DATA] = { .type = NLA_BINARY }, |
| 415 | [NL80211_ATTR_QOS_MAP] = { .type = NLA_BINARY, |
| 416 | .len = IEEE80211_QOS_MAP_LEN_MAX }, |
| 417 | [NL80211_ATTR_MAC_HINT] = { .len = ETH_ALEN }, |
| 418 | [NL80211_ATTR_WIPHY_FREQ_HINT] = { .type = NLA_U32 }, |
| 419 | [NL80211_ATTR_TDLS_PEER_CAPABILITY] = { .type = NLA_U32 }, |
| 420 | [NL80211_ATTR_SOCKET_OWNER] = { .type = NLA_FLAG }, |
| 421 | [NL80211_ATTR_CSA_C_OFFSETS_TX] = { .type = NLA_BINARY }, |
| 422 | [NL80211_ATTR_USE_RRM] = { .type = NLA_FLAG }, |
| 423 | [NL80211_ATTR_TSID] = { .type = NLA_U8 }, |
| 424 | [NL80211_ATTR_USER_PRIO] = { .type = NLA_U8 }, |
| 425 | [NL80211_ATTR_ADMITTED_TIME] = { .type = NLA_U16 }, |
| 426 | [NL80211_ATTR_SMPS_MODE] = { .type = NLA_U8 }, |
| 427 | [NL80211_ATTR_OPER_CLASS] = { .type = NLA_U8 }, |
| 428 | [NL80211_ATTR_MAC_MASK] = { .len = ETH_ALEN }, |
| 429 | [NL80211_ATTR_WIPHY_SELF_MANAGED_REG] = { .type = NLA_FLAG }, |
| 430 | [NL80211_ATTR_NETNS_FD] = { .type = NLA_U32 }, |
| 431 | [NL80211_ATTR_SCHED_SCAN_DELAY] = { .type = NLA_U32 }, |
| 432 | [NL80211_ATTR_REG_INDOOR] = { .type = NLA_FLAG }, |
| 433 | [NL80211_ATTR_PBSS] = { .type = NLA_FLAG }, |
| 434 | [NL80211_ATTR_BSS_SELECT] = { .type = NLA_NESTED }, |
| 435 | [NL80211_ATTR_STA_SUPPORT_P2P_PS] = { .type = NLA_U8 }, |
| 436 | [NL80211_ATTR_MU_MIMO_GROUP_DATA] = { |
| 437 | .len = VHT_MUMIMO_GROUPS_DATA_LEN |
| 438 | }, |
| 439 | [NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR] = { .len = ETH_ALEN }, |
| 440 | [NL80211_ATTR_NAN_MASTER_PREF] = { .type = NLA_U8 }, |
| 441 | [NL80211_ATTR_BANDS] = { .type = NLA_U32 }, |
| 442 | [NL80211_ATTR_NAN_FUNC] = { .type = NLA_NESTED }, |
| 443 | [NL80211_ATTR_FILS_KEK] = { .type = NLA_BINARY, |
| 444 | .len = FILS_MAX_KEK_LEN }, |
| 445 | [NL80211_ATTR_FILS_NONCES] = { .len = 2 * FILS_NONCE_LEN }, |
| 446 | [NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED] = { .type = NLA_FLAG, }, |
| 447 | [NL80211_ATTR_BSSID] = { .len = ETH_ALEN }, |
| 448 | [NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI] = { .type = NLA_S8 }, |
| 449 | [NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST] = { |
| 450 | .len = sizeof(struct nl80211_bss_select_rssi_adjust) |
| 451 | }, |
| 452 | [NL80211_ATTR_TIMEOUT_REASON] = { .type = NLA_U32 }, |
| 453 | [NL80211_ATTR_FILS_ERP_USERNAME] = { .type = NLA_BINARY, |
| 454 | .len = FILS_ERP_MAX_USERNAME_LEN }, |
| 455 | [NL80211_ATTR_FILS_ERP_REALM] = { .type = NLA_BINARY, |
| 456 | .len = FILS_ERP_MAX_REALM_LEN }, |
| 457 | [NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM] = { .type = NLA_U16 }, |
| 458 | [NL80211_ATTR_FILS_ERP_RRK] = { .type = NLA_BINARY, |
| 459 | .len = FILS_ERP_MAX_RRK_LEN }, |
| 460 | [NL80211_ATTR_FILS_CACHE_ID] = { .len = 2 }, |
| 461 | [NL80211_ATTR_PMK] = { .type = NLA_BINARY, .len = PMK_MAX_LEN }, |
| 462 | [NL80211_ATTR_SCHED_SCAN_MULTI] = { .type = NLA_FLAG }, |
| 463 | [NL80211_ATTR_EXTERNAL_AUTH_SUPPORT] = { .type = NLA_FLAG }, |
| 464 | }; |
| 465 | |
| 466 | /* policy for the key attributes */ |
| 467 | static const struct nla_policy nl80211_key_policy[NL80211_KEY_MAX + 1] = { |
| 468 | [NL80211_KEY_DATA] = { .type = NLA_BINARY, .len = WLAN_MAX_KEY_LEN }, |
| 469 | [NL80211_KEY_IDX] = { .type = NLA_U8 }, |
| 470 | [NL80211_KEY_CIPHER] = { .type = NLA_U32 }, |
| 471 | [NL80211_KEY_SEQ] = { .type = NLA_BINARY, .len = 16 }, |
| 472 | [NL80211_KEY_DEFAULT] = { .type = NLA_FLAG }, |
| 473 | [NL80211_KEY_DEFAULT_MGMT] = { .type = NLA_FLAG }, |
| 474 | [NL80211_KEY_TYPE] = { .type = NLA_U32 }, |
| 475 | [NL80211_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED }, |
| 476 | }; |
| 477 | |
| 478 | /* policy for the key default flags */ |
| 479 | static const struct nla_policy |
| 480 | nl80211_key_default_policy[NUM_NL80211_KEY_DEFAULT_TYPES] = { |
| 481 | [NL80211_KEY_DEFAULT_TYPE_UNICAST] = { .type = NLA_FLAG }, |
| 482 | [NL80211_KEY_DEFAULT_TYPE_MULTICAST] = { .type = NLA_FLAG }, |
| 483 | }; |
| 484 | |
| 485 | #ifdef CONFIG_PM |
| 486 | /* policy for WoWLAN attributes */ |
| 487 | static const struct nla_policy |
| 488 | nl80211_wowlan_policy[NUM_NL80211_WOWLAN_TRIG] = { |
| 489 | [NL80211_WOWLAN_TRIG_ANY] = { .type = NLA_FLAG }, |
| 490 | [NL80211_WOWLAN_TRIG_DISCONNECT] = { .type = NLA_FLAG }, |
| 491 | [NL80211_WOWLAN_TRIG_MAGIC_PKT] = { .type = NLA_FLAG }, |
| 492 | [NL80211_WOWLAN_TRIG_PKT_PATTERN] = { .type = NLA_NESTED }, |
| 493 | [NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE] = { .type = NLA_FLAG }, |
| 494 | [NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST] = { .type = NLA_FLAG }, |
| 495 | [NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE] = { .type = NLA_FLAG }, |
| 496 | [NL80211_WOWLAN_TRIG_RFKILL_RELEASE] = { .type = NLA_FLAG }, |
| 497 | [NL80211_WOWLAN_TRIG_TCP_CONNECTION] = { .type = NLA_NESTED }, |
| 498 | [NL80211_WOWLAN_TRIG_NET_DETECT] = { .type = NLA_NESTED }, |
| 499 | }; |
| 500 | |
| 501 | static const struct nla_policy |
| 502 | nl80211_wowlan_tcp_policy[NUM_NL80211_WOWLAN_TCP] = { |
| 503 | [NL80211_WOWLAN_TCP_SRC_IPV4] = { .type = NLA_U32 }, |
| 504 | [NL80211_WOWLAN_TCP_DST_IPV4] = { .type = NLA_U32 }, |
| 505 | [NL80211_WOWLAN_TCP_DST_MAC] = { .len = ETH_ALEN }, |
| 506 | [NL80211_WOWLAN_TCP_SRC_PORT] = { .type = NLA_U16 }, |
| 507 | [NL80211_WOWLAN_TCP_DST_PORT] = { .type = NLA_U16 }, |
| 508 | [NL80211_WOWLAN_TCP_DATA_PAYLOAD] = { .len = 1 }, |
| 509 | [NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ] = { |
| 510 | .len = sizeof(struct nl80211_wowlan_tcp_data_seq) |
| 511 | }, |
| 512 | [NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN] = { |
| 513 | .len = sizeof(struct nl80211_wowlan_tcp_data_token) |
| 514 | }, |
| 515 | [NL80211_WOWLAN_TCP_DATA_INTERVAL] = { .type = NLA_U32 }, |
| 516 | [NL80211_WOWLAN_TCP_WAKE_PAYLOAD] = { .len = 1 }, |
| 517 | [NL80211_WOWLAN_TCP_WAKE_MASK] = { .len = 1 }, |
| 518 | }; |
| 519 | #endif /* CONFIG_PM */ |
| 520 | |
| 521 | /* policy for coalesce rule attributes */ |
| 522 | static const struct nla_policy |
| 523 | nl80211_coalesce_policy[NUM_NL80211_ATTR_COALESCE_RULE] = { |
| 524 | [NL80211_ATTR_COALESCE_RULE_DELAY] = { .type = NLA_U32 }, |
| 525 | [NL80211_ATTR_COALESCE_RULE_CONDITION] = { .type = NLA_U32 }, |
| 526 | [NL80211_ATTR_COALESCE_RULE_PKT_PATTERN] = { .type = NLA_NESTED }, |
| 527 | }; |
| 528 | |
| 529 | /* policy for GTK rekey offload attributes */ |
| 530 | static const struct nla_policy |
| 531 | nl80211_rekey_policy[NUM_NL80211_REKEY_DATA] = { |
| 532 | [NL80211_REKEY_DATA_KEK] = { .len = NL80211_KEK_LEN }, |
| 533 | [NL80211_REKEY_DATA_KCK] = { .len = NL80211_KCK_LEN }, |
| 534 | [NL80211_REKEY_DATA_REPLAY_CTR] = { .len = NL80211_REPLAY_CTR_LEN }, |
| 535 | }; |
| 536 | |
| 537 | static const struct nla_policy |
| 538 | nl80211_match_policy[NL80211_SCHED_SCAN_MATCH_ATTR_MAX + 1] = { |
| 539 | [NL80211_SCHED_SCAN_MATCH_ATTR_SSID] = { .type = NLA_BINARY, |
| 540 | .len = IEEE80211_MAX_SSID_LEN }, |
| 541 | [NL80211_SCHED_SCAN_MATCH_ATTR_BSSID] = { .len = ETH_ALEN }, |
| 542 | [NL80211_SCHED_SCAN_MATCH_ATTR_RSSI] = { .type = NLA_U32 }, |
| 543 | }; |
| 544 | |
| 545 | static const struct nla_policy |
| 546 | nl80211_plan_policy[NL80211_SCHED_SCAN_PLAN_MAX + 1] = { |
| 547 | [NL80211_SCHED_SCAN_PLAN_INTERVAL] = { .type = NLA_U32 }, |
| 548 | [NL80211_SCHED_SCAN_PLAN_ITERATIONS] = { .type = NLA_U32 }, |
| 549 | }; |
| 550 | |
| 551 | static const struct nla_policy |
| 552 | nl80211_bss_select_policy[NL80211_BSS_SELECT_ATTR_MAX + 1] = { |
| 553 | [NL80211_BSS_SELECT_ATTR_RSSI] = { .type = NLA_FLAG }, |
| 554 | [NL80211_BSS_SELECT_ATTR_BAND_PREF] = { .type = NLA_U32 }, |
| 555 | [NL80211_BSS_SELECT_ATTR_RSSI_ADJUST] = { |
| 556 | .len = sizeof(struct nl80211_bss_select_rssi_adjust) |
| 557 | }, |
| 558 | }; |
| 559 | |
| 560 | /* policy for NAN function attributes */ |
| 561 | static const struct nla_policy |
| 562 | nl80211_nan_func_policy[NL80211_NAN_FUNC_ATTR_MAX + 1] = { |
| 563 | [NL80211_NAN_FUNC_TYPE] = { .type = NLA_U8 }, |
| 564 | [NL80211_NAN_FUNC_SERVICE_ID] = { |
| 565 | .len = NL80211_NAN_FUNC_SERVICE_ID_LEN }, |
| 566 | [NL80211_NAN_FUNC_PUBLISH_TYPE] = { .type = NLA_U8 }, |
| 567 | [NL80211_NAN_FUNC_PUBLISH_BCAST] = { .type = NLA_FLAG }, |
| 568 | [NL80211_NAN_FUNC_SUBSCRIBE_ACTIVE] = { .type = NLA_FLAG }, |
| 569 | [NL80211_NAN_FUNC_FOLLOW_UP_ID] = { .type = NLA_U8 }, |
| 570 | [NL80211_NAN_FUNC_FOLLOW_UP_REQ_ID] = { .type = NLA_U8 }, |
| 571 | [NL80211_NAN_FUNC_FOLLOW_UP_DEST] = { .len = ETH_ALEN }, |
| 572 | [NL80211_NAN_FUNC_CLOSE_RANGE] = { .type = NLA_FLAG }, |
| 573 | [NL80211_NAN_FUNC_TTL] = { .type = NLA_U32 }, |
| 574 | [NL80211_NAN_FUNC_SERVICE_INFO] = { .type = NLA_BINARY, |
| 575 | .len = NL80211_NAN_FUNC_SERVICE_SPEC_INFO_MAX_LEN }, |
| 576 | [NL80211_NAN_FUNC_SRF] = { .type = NLA_NESTED }, |
| 577 | [NL80211_NAN_FUNC_RX_MATCH_FILTER] = { .type = NLA_NESTED }, |
| 578 | [NL80211_NAN_FUNC_TX_MATCH_FILTER] = { .type = NLA_NESTED }, |
| 579 | [NL80211_NAN_FUNC_INSTANCE_ID] = { .type = NLA_U8 }, |
| 580 | [NL80211_NAN_FUNC_TERM_REASON] = { .type = NLA_U8 }, |
| 581 | }; |
| 582 | |
| 583 | /* policy for Service Response Filter attributes */ |
| 584 | static const struct nla_policy |
| 585 | nl80211_nan_srf_policy[NL80211_NAN_SRF_ATTR_MAX + 1] = { |
| 586 | [NL80211_NAN_SRF_INCLUDE] = { .type = NLA_FLAG }, |
| 587 | [NL80211_NAN_SRF_BF] = { .type = NLA_BINARY, |
| 588 | .len = NL80211_NAN_FUNC_SRF_MAX_LEN }, |
| 589 | [NL80211_NAN_SRF_BF_IDX] = { .type = NLA_U8 }, |
| 590 | [NL80211_NAN_SRF_MAC_ADDRS] = { .type = NLA_NESTED }, |
| 591 | }; |
| 592 | |
| 593 | /* policy for packet pattern attributes */ |
| 594 | static const struct nla_policy |
| 595 | nl80211_packet_pattern_policy[MAX_NL80211_PKTPAT + 1] = { |
| 596 | [NL80211_PKTPAT_MASK] = { .type = NLA_BINARY, }, |
| 597 | [NL80211_PKTPAT_PATTERN] = { .type = NLA_BINARY, }, |
| 598 | [NL80211_PKTPAT_OFFSET] = { .type = NLA_U32 }, |
| 599 | }; |
| 600 | |
| 601 | static int nl80211_prepare_wdev_dump(struct sk_buff *skb, |
| 602 | struct netlink_callback *cb, |
| 603 | struct cfg80211_registered_device **rdev, |
| 604 | struct wireless_dev **wdev) |
| 605 | { |
| 606 | int err; |
| 607 | |
| 608 | if (!cb->args[0]) { |
| 609 | err = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize, |
| 610 | genl_family_attrbuf(&nl80211_fam), |
| 611 | nl80211_fam.maxattr, nl80211_policy, NULL); |
| 612 | if (err) |
| 613 | return err; |
| 614 | |
| 615 | *wdev = __cfg80211_wdev_from_attrs( |
| 616 | sock_net(skb->sk), |
| 617 | genl_family_attrbuf(&nl80211_fam)); |
| 618 | if (IS_ERR(*wdev)) |
| 619 | return PTR_ERR(*wdev); |
| 620 | *rdev = wiphy_to_rdev((*wdev)->wiphy); |
| 621 | /* 0 is the first index - add 1 to parse only once */ |
| 622 | cb->args[0] = (*rdev)->wiphy_idx + 1; |
| 623 | cb->args[1] = (*wdev)->identifier; |
| 624 | } else { |
| 625 | /* subtract the 1 again here */ |
| 626 | struct wiphy *wiphy = wiphy_idx_to_wiphy(cb->args[0] - 1); |
| 627 | struct wireless_dev *tmp; |
| 628 | |
| 629 | if (!wiphy) |
| 630 | return -ENODEV; |
| 631 | *rdev = wiphy_to_rdev(wiphy); |
| 632 | *wdev = NULL; |
| 633 | |
| 634 | list_for_each_entry(tmp, &(*rdev)->wiphy.wdev_list, list) { |
| 635 | if (tmp->identifier == cb->args[1]) { |
| 636 | *wdev = tmp; |
| 637 | break; |
| 638 | } |
| 639 | } |
| 640 | |
| 641 | if (!*wdev) |
| 642 | return -ENODEV; |
| 643 | } |
| 644 | |
| 645 | return 0; |
| 646 | } |
| 647 | |
| 648 | /* IE validation */ |
| 649 | static bool is_valid_ie_attr(const struct nlattr *attr) |
| 650 | { |
| 651 | const u8 *pos; |
| 652 | int len; |
| 653 | |
| 654 | if (!attr) |
| 655 | return true; |
| 656 | |
| 657 | pos = nla_data(attr); |
| 658 | len = nla_len(attr); |
| 659 | |
| 660 | while (len) { |
| 661 | u8 elemlen; |
| 662 | |
| 663 | if (len < 2) |
| 664 | return false; |
| 665 | len -= 2; |
| 666 | |
| 667 | elemlen = pos[1]; |
| 668 | if (elemlen > len) |
| 669 | return false; |
| 670 | |
| 671 | len -= elemlen; |
| 672 | pos += 2 + elemlen; |
| 673 | } |
| 674 | |
| 675 | return true; |
| 676 | } |
| 677 | |
| 678 | /* message building helper */ |
| 679 | static inline void *nl80211hdr_put(struct sk_buff *skb, u32 portid, u32 seq, |
| 680 | int flags, u8 cmd) |
| 681 | { |
| 682 | /* since there is no private header just add the generic one */ |
| 683 | return genlmsg_put(skb, portid, seq, &nl80211_fam, flags, cmd); |
| 684 | } |
| 685 | |
| 686 | static int nl80211_msg_put_channel(struct sk_buff *msg, |
| 687 | struct ieee80211_channel *chan, |
| 688 | bool large) |
| 689 | { |
| 690 | /* Some channels must be completely excluded from the |
| 691 | * list to protect old user-space tools from breaking |
| 692 | */ |
| 693 | if (!large && chan->flags & |
| 694 | (IEEE80211_CHAN_NO_10MHZ | IEEE80211_CHAN_NO_20MHZ)) |
| 695 | return 0; |
| 696 | |
| 697 | if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_FREQ, |
| 698 | chan->center_freq)) |
| 699 | goto nla_put_failure; |
| 700 | |
| 701 | if ((chan->flags & IEEE80211_CHAN_DISABLED) && |
| 702 | nla_put_flag(msg, NL80211_FREQUENCY_ATTR_DISABLED)) |
| 703 | goto nla_put_failure; |
| 704 | if (chan->flags & IEEE80211_CHAN_NO_IR) { |
| 705 | if (nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_IR)) |
| 706 | goto nla_put_failure; |
| 707 | if (nla_put_flag(msg, __NL80211_FREQUENCY_ATTR_NO_IBSS)) |
| 708 | goto nla_put_failure; |
| 709 | } |
| 710 | if (chan->flags & IEEE80211_CHAN_RADAR) { |
| 711 | if (nla_put_flag(msg, NL80211_FREQUENCY_ATTR_RADAR)) |
| 712 | goto nla_put_failure; |
| 713 | if (large) { |
| 714 | u32 time; |
| 715 | |
| 716 | time = elapsed_jiffies_msecs(chan->dfs_state_entered); |
| 717 | |
| 718 | if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_DFS_STATE, |
| 719 | chan->dfs_state)) |
| 720 | goto nla_put_failure; |
| 721 | if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_DFS_TIME, |
| 722 | time)) |
| 723 | goto nla_put_failure; |
| 724 | if (nla_put_u32(msg, |
| 725 | NL80211_FREQUENCY_ATTR_DFS_CAC_TIME, |
| 726 | chan->dfs_cac_ms)) |
| 727 | goto nla_put_failure; |
| 728 | } |
| 729 | } |
| 730 | |
| 731 | if (large) { |
| 732 | if ((chan->flags & IEEE80211_CHAN_NO_HT40MINUS) && |
| 733 | nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_HT40_MINUS)) |
| 734 | goto nla_put_failure; |
| 735 | if ((chan->flags & IEEE80211_CHAN_NO_HT40PLUS) && |
| 736 | nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_HT40_PLUS)) |
| 737 | goto nla_put_failure; |
| 738 | if ((chan->flags & IEEE80211_CHAN_NO_80MHZ) && |
| 739 | nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_80MHZ)) |
| 740 | goto nla_put_failure; |
| 741 | if ((chan->flags & IEEE80211_CHAN_NO_160MHZ) && |
| 742 | nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_160MHZ)) |
| 743 | goto nla_put_failure; |
| 744 | if ((chan->flags & IEEE80211_CHAN_INDOOR_ONLY) && |
| 745 | nla_put_flag(msg, NL80211_FREQUENCY_ATTR_INDOOR_ONLY)) |
| 746 | goto nla_put_failure; |
| 747 | if ((chan->flags & IEEE80211_CHAN_IR_CONCURRENT) && |
| 748 | nla_put_flag(msg, NL80211_FREQUENCY_ATTR_IR_CONCURRENT)) |
| 749 | goto nla_put_failure; |
| 750 | if ((chan->flags & IEEE80211_CHAN_NO_20MHZ) && |
| 751 | nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_20MHZ)) |
| 752 | goto nla_put_failure; |
| 753 | if ((chan->flags & IEEE80211_CHAN_NO_10MHZ) && |
| 754 | nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_10MHZ)) |
| 755 | goto nla_put_failure; |
| 756 | } |
| 757 | |
| 758 | if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_MAX_TX_POWER, |
| 759 | DBM_TO_MBM(chan->max_power))) |
| 760 | goto nla_put_failure; |
| 761 | |
| 762 | return 0; |
| 763 | |
| 764 | nla_put_failure: |
| 765 | return -ENOBUFS; |
| 766 | } |
| 767 | |
| 768 | /* netlink command implementations */ |
| 769 | |
| 770 | struct key_parse { |
| 771 | struct key_params p; |
| 772 | int idx; |
| 773 | int type; |
| 774 | bool def, defmgmt; |
| 775 | bool def_uni, def_multi; |
| 776 | }; |
| 777 | |
| 778 | static int nl80211_parse_key_new(struct nlattr *key, struct key_parse *k) |
| 779 | { |
| 780 | struct nlattr *tb[NL80211_KEY_MAX + 1]; |
| 781 | int err = nla_parse_nested(tb, NL80211_KEY_MAX, key, |
| 782 | nl80211_key_policy, NULL); |
| 783 | if (err) |
| 784 | return err; |
| 785 | |
| 786 | k->def = !!tb[NL80211_KEY_DEFAULT]; |
| 787 | k->defmgmt = !!tb[NL80211_KEY_DEFAULT_MGMT]; |
| 788 | |
| 789 | if (k->def) { |
| 790 | k->def_uni = true; |
| 791 | k->def_multi = true; |
| 792 | } |
| 793 | if (k->defmgmt) |
| 794 | k->def_multi = true; |
| 795 | |
| 796 | if (tb[NL80211_KEY_IDX]) |
| 797 | k->idx = nla_get_u8(tb[NL80211_KEY_IDX]); |
| 798 | |
| 799 | if (tb[NL80211_KEY_DATA]) { |
| 800 | k->p.key = nla_data(tb[NL80211_KEY_DATA]); |
| 801 | k->p.key_len = nla_len(tb[NL80211_KEY_DATA]); |
| 802 | } |
| 803 | |
| 804 | if (tb[NL80211_KEY_SEQ]) { |
| 805 | k->p.seq = nla_data(tb[NL80211_KEY_SEQ]); |
| 806 | k->p.seq_len = nla_len(tb[NL80211_KEY_SEQ]); |
| 807 | } |
| 808 | |
| 809 | if (tb[NL80211_KEY_CIPHER]) |
| 810 | k->p.cipher = nla_get_u32(tb[NL80211_KEY_CIPHER]); |
| 811 | |
| 812 | if (tb[NL80211_KEY_TYPE]) { |
| 813 | k->type = nla_get_u32(tb[NL80211_KEY_TYPE]); |
| 814 | if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES) |
| 815 | return -EINVAL; |
| 816 | } |
| 817 | |
| 818 | if (tb[NL80211_KEY_DEFAULT_TYPES]) { |
| 819 | struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES]; |
| 820 | |
| 821 | err = nla_parse_nested(kdt, NUM_NL80211_KEY_DEFAULT_TYPES - 1, |
| 822 | tb[NL80211_KEY_DEFAULT_TYPES], |
| 823 | nl80211_key_default_policy, NULL); |
| 824 | if (err) |
| 825 | return err; |
| 826 | |
| 827 | k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST]; |
| 828 | k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST]; |
| 829 | } |
| 830 | |
| 831 | return 0; |
| 832 | } |
| 833 | |
| 834 | static int nl80211_parse_key_old(struct genl_info *info, struct key_parse *k) |
| 835 | { |
| 836 | if (info->attrs[NL80211_ATTR_KEY_DATA]) { |
| 837 | k->p.key = nla_data(info->attrs[NL80211_ATTR_KEY_DATA]); |
| 838 | k->p.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]); |
| 839 | } |
| 840 | |
| 841 | if (info->attrs[NL80211_ATTR_KEY_SEQ]) { |
| 842 | k->p.seq = nla_data(info->attrs[NL80211_ATTR_KEY_SEQ]); |
| 843 | k->p.seq_len = nla_len(info->attrs[NL80211_ATTR_KEY_SEQ]); |
| 844 | } |
| 845 | |
| 846 | if (info->attrs[NL80211_ATTR_KEY_IDX]) |
| 847 | k->idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]); |
| 848 | |
| 849 | if (info->attrs[NL80211_ATTR_KEY_CIPHER]) |
| 850 | k->p.cipher = nla_get_u32(info->attrs[NL80211_ATTR_KEY_CIPHER]); |
| 851 | |
| 852 | k->def = !!info->attrs[NL80211_ATTR_KEY_DEFAULT]; |
| 853 | k->defmgmt = !!info->attrs[NL80211_ATTR_KEY_DEFAULT_MGMT]; |
| 854 | |
| 855 | if (k->def) { |
| 856 | k->def_uni = true; |
| 857 | k->def_multi = true; |
| 858 | } |
| 859 | if (k->defmgmt) |
| 860 | k->def_multi = true; |
| 861 | |
| 862 | if (info->attrs[NL80211_ATTR_KEY_TYPE]) { |
| 863 | k->type = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]); |
| 864 | if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES) |
| 865 | return -EINVAL; |
| 866 | } |
| 867 | |
| 868 | if (info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES]) { |
| 869 | struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES]; |
| 870 | int err = nla_parse_nested(kdt, |
| 871 | NUM_NL80211_KEY_DEFAULT_TYPES - 1, |
| 872 | info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES], |
| 873 | nl80211_key_default_policy, |
| 874 | info->extack); |
| 875 | if (err) |
| 876 | return err; |
| 877 | |
| 878 | k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST]; |
| 879 | k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST]; |
| 880 | } |
| 881 | |
| 882 | return 0; |
| 883 | } |
| 884 | |
| 885 | static int nl80211_parse_key(struct genl_info *info, struct key_parse *k) |
| 886 | { |
| 887 | int err; |
| 888 | |
| 889 | memset(k, 0, sizeof(*k)); |
| 890 | k->idx = -1; |
| 891 | k->type = -1; |
| 892 | |
| 893 | if (info->attrs[NL80211_ATTR_KEY]) |
| 894 | err = nl80211_parse_key_new(info->attrs[NL80211_ATTR_KEY], k); |
| 895 | else |
| 896 | err = nl80211_parse_key_old(info, k); |
| 897 | |
| 898 | if (err) |
| 899 | return err; |
| 900 | |
| 901 | if (k->def && k->defmgmt) |
| 902 | return -EINVAL; |
| 903 | |
| 904 | if (k->defmgmt) { |
| 905 | if (k->def_uni || !k->def_multi) |
| 906 | return -EINVAL; |
| 907 | } |
| 908 | |
| 909 | if (k->idx != -1) { |
| 910 | if (k->defmgmt) { |
| 911 | if (k->idx < 4 || k->idx > 5) |
| 912 | return -EINVAL; |
| 913 | } else if (k->def) { |
| 914 | if (k->idx < 0 || k->idx > 3) |
| 915 | return -EINVAL; |
| 916 | } else { |
| 917 | if (k->idx < 0 || k->idx > 5) |
| 918 | return -EINVAL; |
| 919 | } |
| 920 | } |
| 921 | |
| 922 | return 0; |
| 923 | } |
| 924 | |
| 925 | static struct cfg80211_cached_keys * |
| 926 | nl80211_parse_connkeys(struct cfg80211_registered_device *rdev, |
| 927 | struct nlattr *keys, bool *no_ht) |
| 928 | { |
| 929 | struct key_parse parse; |
| 930 | struct nlattr *key; |
| 931 | struct cfg80211_cached_keys *result; |
| 932 | int rem, err, def = 0; |
| 933 | bool have_key = false; |
| 934 | |
| 935 | nla_for_each_nested(key, keys, rem) { |
| 936 | have_key = true; |
| 937 | break; |
| 938 | } |
| 939 | |
| 940 | if (!have_key) |
| 941 | return NULL; |
| 942 | |
| 943 | result = kzalloc(sizeof(*result), GFP_KERNEL); |
| 944 | if (!result) |
| 945 | return ERR_PTR(-ENOMEM); |
| 946 | |
| 947 | result->def = -1; |
| 948 | |
| 949 | nla_for_each_nested(key, keys, rem) { |
| 950 | memset(&parse, 0, sizeof(parse)); |
| 951 | parse.idx = -1; |
| 952 | |
| 953 | err = nl80211_parse_key_new(key, &parse); |
| 954 | if (err) |
| 955 | goto error; |
| 956 | err = -EINVAL; |
| 957 | if (!parse.p.key) |
| 958 | goto error; |
| 959 | if (parse.idx < 0 || parse.idx > 3) |
| 960 | goto error; |
| 961 | if (parse.def) { |
| 962 | if (def) |
| 963 | goto error; |
| 964 | def = 1; |
| 965 | result->def = parse.idx; |
| 966 | if (!parse.def_uni || !parse.def_multi) |
| 967 | goto error; |
| 968 | } else if (parse.defmgmt) |
| 969 | goto error; |
| 970 | err = cfg80211_validate_key_settings(rdev, &parse.p, |
| 971 | parse.idx, false, NULL); |
| 972 | if (err) |
| 973 | goto error; |
| 974 | if (parse.p.cipher != WLAN_CIPHER_SUITE_WEP40 && |
| 975 | parse.p.cipher != WLAN_CIPHER_SUITE_WEP104) { |
| 976 | err = -EINVAL; |
| 977 | goto error; |
| 978 | } |
| 979 | result->params[parse.idx].cipher = parse.p.cipher; |
| 980 | result->params[parse.idx].key_len = parse.p.key_len; |
| 981 | result->params[parse.idx].key = result->data[parse.idx]; |
| 982 | memcpy(result->data[parse.idx], parse.p.key, parse.p.key_len); |
| 983 | |
| 984 | /* must be WEP key if we got here */ |
| 985 | if (no_ht) |
| 986 | *no_ht = true; |
| 987 | } |
| 988 | |
| 989 | if (result->def < 0) { |
| 990 | err = -EINVAL; |
| 991 | goto error; |
| 992 | } |
| 993 | |
| 994 | return result; |
| 995 | error: |
| 996 | kfree(result); |
| 997 | return ERR_PTR(err); |
| 998 | } |
| 999 | |
| 1000 | static int nl80211_key_allowed(struct wireless_dev *wdev) |
| 1001 | { |
| 1002 | ASSERT_WDEV_LOCK(wdev); |
| 1003 | |
| 1004 | switch (wdev->iftype) { |
| 1005 | case NL80211_IFTYPE_AP: |
| 1006 | case NL80211_IFTYPE_AP_VLAN: |
| 1007 | case NL80211_IFTYPE_P2P_GO: |
| 1008 | case NL80211_IFTYPE_MESH_POINT: |
| 1009 | break; |
| 1010 | case NL80211_IFTYPE_ADHOC: |
| 1011 | case NL80211_IFTYPE_STATION: |
| 1012 | case NL80211_IFTYPE_P2P_CLIENT: |
| 1013 | if (!wdev->current_bss) |
| 1014 | return -ENOLINK; |
| 1015 | break; |
| 1016 | case NL80211_IFTYPE_UNSPECIFIED: |
| 1017 | case NL80211_IFTYPE_OCB: |
| 1018 | case NL80211_IFTYPE_MONITOR: |
| 1019 | case NL80211_IFTYPE_NAN: |
| 1020 | case NL80211_IFTYPE_P2P_DEVICE: |
| 1021 | case NL80211_IFTYPE_WDS: |
| 1022 | case NUM_NL80211_IFTYPES: |
| 1023 | return -EINVAL; |
| 1024 | } |
| 1025 | |
| 1026 | return 0; |
| 1027 | } |
| 1028 | |
| 1029 | static struct ieee80211_channel *nl80211_get_valid_chan(struct wiphy *wiphy, |
| 1030 | struct nlattr *tb) |
| 1031 | { |
| 1032 | struct ieee80211_channel *chan; |
| 1033 | |
| 1034 | if (tb == NULL) |
| 1035 | return NULL; |
| 1036 | chan = ieee80211_get_channel(wiphy, nla_get_u32(tb)); |
| 1037 | if (!chan || chan->flags & IEEE80211_CHAN_DISABLED) |
| 1038 | return NULL; |
| 1039 | return chan; |
| 1040 | } |
| 1041 | |
| 1042 | static int nl80211_put_iftypes(struct sk_buff *msg, u32 attr, u16 ifmodes) |
| 1043 | { |
| 1044 | struct nlattr *nl_modes = nla_nest_start(msg, attr); |
| 1045 | int i; |
| 1046 | |
| 1047 | if (!nl_modes) |
| 1048 | goto nla_put_failure; |
| 1049 | |
| 1050 | i = 0; |
| 1051 | while (ifmodes) { |
| 1052 | if ((ifmodes & 1) && nla_put_flag(msg, i)) |
| 1053 | goto nla_put_failure; |
| 1054 | ifmodes >>= 1; |
| 1055 | i++; |
| 1056 | } |
| 1057 | |
| 1058 | nla_nest_end(msg, nl_modes); |
| 1059 | return 0; |
| 1060 | |
| 1061 | nla_put_failure: |
| 1062 | return -ENOBUFS; |
| 1063 | } |
| 1064 | |
| 1065 | static int nl80211_put_iface_combinations(struct wiphy *wiphy, |
| 1066 | struct sk_buff *msg, |
| 1067 | bool large) |
| 1068 | { |
| 1069 | struct nlattr *nl_combis; |
| 1070 | int i, j; |
| 1071 | |
| 1072 | nl_combis = nla_nest_start(msg, |
| 1073 | NL80211_ATTR_INTERFACE_COMBINATIONS); |
| 1074 | if (!nl_combis) |
| 1075 | goto nla_put_failure; |
| 1076 | |
| 1077 | for (i = 0; i < wiphy->n_iface_combinations; i++) { |
| 1078 | const struct ieee80211_iface_combination *c; |
| 1079 | struct nlattr *nl_combi, *nl_limits; |
| 1080 | |
| 1081 | c = &wiphy->iface_combinations[i]; |
| 1082 | |
| 1083 | nl_combi = nla_nest_start(msg, i + 1); |
| 1084 | if (!nl_combi) |
| 1085 | goto nla_put_failure; |
| 1086 | |
| 1087 | nl_limits = nla_nest_start(msg, NL80211_IFACE_COMB_LIMITS); |
| 1088 | if (!nl_limits) |
| 1089 | goto nla_put_failure; |
| 1090 | |
| 1091 | for (j = 0; j < c->n_limits; j++) { |
| 1092 | struct nlattr *nl_limit; |
| 1093 | |
| 1094 | nl_limit = nla_nest_start(msg, j + 1); |
| 1095 | if (!nl_limit) |
| 1096 | goto nla_put_failure; |
| 1097 | if (nla_put_u32(msg, NL80211_IFACE_LIMIT_MAX, |
| 1098 | c->limits[j].max)) |
| 1099 | goto nla_put_failure; |
| 1100 | if (nl80211_put_iftypes(msg, NL80211_IFACE_LIMIT_TYPES, |
| 1101 | c->limits[j].types)) |
| 1102 | goto nla_put_failure; |
| 1103 | nla_nest_end(msg, nl_limit); |
| 1104 | } |
| 1105 | |
| 1106 | nla_nest_end(msg, nl_limits); |
| 1107 | |
| 1108 | if (c->beacon_int_infra_match && |
| 1109 | nla_put_flag(msg, NL80211_IFACE_COMB_STA_AP_BI_MATCH)) |
| 1110 | goto nla_put_failure; |
| 1111 | if (nla_put_u32(msg, NL80211_IFACE_COMB_NUM_CHANNELS, |
| 1112 | c->num_different_channels) || |
| 1113 | nla_put_u32(msg, NL80211_IFACE_COMB_MAXNUM, |
| 1114 | c->max_interfaces)) |
| 1115 | goto nla_put_failure; |
| 1116 | if (large && |
| 1117 | (nla_put_u32(msg, NL80211_IFACE_COMB_RADAR_DETECT_WIDTHS, |
| 1118 | c->radar_detect_widths) || |
| 1119 | nla_put_u32(msg, NL80211_IFACE_COMB_RADAR_DETECT_REGIONS, |
| 1120 | c->radar_detect_regions))) |
| 1121 | goto nla_put_failure; |
| 1122 | if (c->beacon_int_min_gcd && |
| 1123 | nla_put_u32(msg, NL80211_IFACE_COMB_BI_MIN_GCD, |
| 1124 | c->beacon_int_min_gcd)) |
| 1125 | goto nla_put_failure; |
| 1126 | |
| 1127 | nla_nest_end(msg, nl_combi); |
| 1128 | } |
| 1129 | |
| 1130 | nla_nest_end(msg, nl_combis); |
| 1131 | |
| 1132 | return 0; |
| 1133 | nla_put_failure: |
| 1134 | return -ENOBUFS; |
| 1135 | } |
| 1136 | |
| 1137 | #ifdef CONFIG_PM |
| 1138 | static int nl80211_send_wowlan_tcp_caps(struct cfg80211_registered_device *rdev, |
| 1139 | struct sk_buff *msg) |
| 1140 | { |
| 1141 | const struct wiphy_wowlan_tcp_support *tcp = rdev->wiphy.wowlan->tcp; |
| 1142 | struct nlattr *nl_tcp; |
| 1143 | |
| 1144 | if (!tcp) |
| 1145 | return 0; |
| 1146 | |
| 1147 | nl_tcp = nla_nest_start(msg, NL80211_WOWLAN_TRIG_TCP_CONNECTION); |
| 1148 | if (!nl_tcp) |
| 1149 | return -ENOBUFS; |
| 1150 | |
| 1151 | if (nla_put_u32(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD, |
| 1152 | tcp->data_payload_max)) |
| 1153 | return -ENOBUFS; |
| 1154 | |
| 1155 | if (nla_put_u32(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD, |
| 1156 | tcp->data_payload_max)) |
| 1157 | return -ENOBUFS; |
| 1158 | |
| 1159 | if (tcp->seq && nla_put_flag(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ)) |
| 1160 | return -ENOBUFS; |
| 1161 | |
| 1162 | if (tcp->tok && nla_put(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN, |
| 1163 | sizeof(*tcp->tok), tcp->tok)) |
| 1164 | return -ENOBUFS; |
| 1165 | |
| 1166 | if (nla_put_u32(msg, NL80211_WOWLAN_TCP_DATA_INTERVAL, |
| 1167 | tcp->data_interval_max)) |
| 1168 | return -ENOBUFS; |
| 1169 | |
| 1170 | if (nla_put_u32(msg, NL80211_WOWLAN_TCP_WAKE_PAYLOAD, |
| 1171 | tcp->wake_payload_max)) |
| 1172 | return -ENOBUFS; |
| 1173 | |
| 1174 | nla_nest_end(msg, nl_tcp); |
| 1175 | return 0; |
| 1176 | } |
| 1177 | |
| 1178 | static int nl80211_send_wowlan(struct sk_buff *msg, |
| 1179 | struct cfg80211_registered_device *rdev, |
| 1180 | bool large) |
| 1181 | { |
| 1182 | struct nlattr *nl_wowlan; |
| 1183 | |
| 1184 | if (!rdev->wiphy.wowlan) |
| 1185 | return 0; |
| 1186 | |
| 1187 | nl_wowlan = nla_nest_start(msg, NL80211_ATTR_WOWLAN_TRIGGERS_SUPPORTED); |
| 1188 | if (!nl_wowlan) |
| 1189 | return -ENOBUFS; |
| 1190 | |
| 1191 | if (((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_ANY) && |
| 1192 | nla_put_flag(msg, NL80211_WOWLAN_TRIG_ANY)) || |
| 1193 | ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_DISCONNECT) && |
| 1194 | nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT)) || |
| 1195 | ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_MAGIC_PKT) && |
| 1196 | nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT)) || |
| 1197 | ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_SUPPORTS_GTK_REKEY) && |
| 1198 | nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_SUPPORTED)) || |
| 1199 | ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_GTK_REKEY_FAILURE) && |
| 1200 | nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE)) || |
| 1201 | ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_EAP_IDENTITY_REQ) && |
| 1202 | nla_put_flag(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST)) || |
| 1203 | ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_4WAY_HANDSHAKE) && |
| 1204 | nla_put_flag(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE)) || |
| 1205 | ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_RFKILL_RELEASE) && |
| 1206 | nla_put_flag(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE))) |
| 1207 | return -ENOBUFS; |
| 1208 | |
| 1209 | if (rdev->wiphy.wowlan->n_patterns) { |
| 1210 | struct nl80211_pattern_support pat = { |
| 1211 | .max_patterns = rdev->wiphy.wowlan->n_patterns, |
| 1212 | .min_pattern_len = rdev->wiphy.wowlan->pattern_min_len, |
| 1213 | .max_pattern_len = rdev->wiphy.wowlan->pattern_max_len, |
| 1214 | .max_pkt_offset = rdev->wiphy.wowlan->max_pkt_offset, |
| 1215 | }; |
| 1216 | |
| 1217 | if (nla_put(msg, NL80211_WOWLAN_TRIG_PKT_PATTERN, |
| 1218 | sizeof(pat), &pat)) |
| 1219 | return -ENOBUFS; |
| 1220 | } |
| 1221 | |
| 1222 | if ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_NET_DETECT) && |
| 1223 | nla_put_u32(msg, NL80211_WOWLAN_TRIG_NET_DETECT, |
| 1224 | rdev->wiphy.wowlan->max_nd_match_sets)) |
| 1225 | return -ENOBUFS; |
| 1226 | |
| 1227 | if (large && nl80211_send_wowlan_tcp_caps(rdev, msg)) |
| 1228 | return -ENOBUFS; |
| 1229 | |
| 1230 | nla_nest_end(msg, nl_wowlan); |
| 1231 | |
| 1232 | return 0; |
| 1233 | } |
| 1234 | #endif |
| 1235 | |
| 1236 | static int nl80211_send_coalesce(struct sk_buff *msg, |
| 1237 | struct cfg80211_registered_device *rdev) |
| 1238 | { |
| 1239 | struct nl80211_coalesce_rule_support rule; |
| 1240 | |
| 1241 | if (!rdev->wiphy.coalesce) |
| 1242 | return 0; |
| 1243 | |
| 1244 | rule.max_rules = rdev->wiphy.coalesce->n_rules; |
| 1245 | rule.max_delay = rdev->wiphy.coalesce->max_delay; |
| 1246 | rule.pat.max_patterns = rdev->wiphy.coalesce->n_patterns; |
| 1247 | rule.pat.min_pattern_len = rdev->wiphy.coalesce->pattern_min_len; |
| 1248 | rule.pat.max_pattern_len = rdev->wiphy.coalesce->pattern_max_len; |
| 1249 | rule.pat.max_pkt_offset = rdev->wiphy.coalesce->max_pkt_offset; |
| 1250 | |
| 1251 | if (nla_put(msg, NL80211_ATTR_COALESCE_RULE, sizeof(rule), &rule)) |
| 1252 | return -ENOBUFS; |
| 1253 | |
| 1254 | return 0; |
| 1255 | } |
| 1256 | |
| 1257 | static int nl80211_send_band_rateinfo(struct sk_buff *msg, |
| 1258 | struct ieee80211_supported_band *sband) |
| 1259 | { |
| 1260 | struct nlattr *nl_rates, *nl_rate; |
| 1261 | struct ieee80211_rate *rate; |
| 1262 | int i; |
| 1263 | |
| 1264 | /* add HT info */ |
| 1265 | if (sband->ht_cap.ht_supported && |
| 1266 | (nla_put(msg, NL80211_BAND_ATTR_HT_MCS_SET, |
| 1267 | sizeof(sband->ht_cap.mcs), |
| 1268 | &sband->ht_cap.mcs) || |
| 1269 | nla_put_u16(msg, NL80211_BAND_ATTR_HT_CAPA, |
| 1270 | sband->ht_cap.cap) || |
| 1271 | nla_put_u8(msg, NL80211_BAND_ATTR_HT_AMPDU_FACTOR, |
| 1272 | sband->ht_cap.ampdu_factor) || |
| 1273 | nla_put_u8(msg, NL80211_BAND_ATTR_HT_AMPDU_DENSITY, |
| 1274 | sband->ht_cap.ampdu_density))) |
| 1275 | return -ENOBUFS; |
| 1276 | |
| 1277 | /* add VHT info */ |
| 1278 | if (sband->vht_cap.vht_supported && |
| 1279 | (nla_put(msg, NL80211_BAND_ATTR_VHT_MCS_SET, |
| 1280 | sizeof(sband->vht_cap.vht_mcs), |
| 1281 | &sband->vht_cap.vht_mcs) || |
| 1282 | nla_put_u32(msg, NL80211_BAND_ATTR_VHT_CAPA, |
| 1283 | sband->vht_cap.cap))) |
| 1284 | return -ENOBUFS; |
| 1285 | |
| 1286 | /* add bitrates */ |
| 1287 | nl_rates = nla_nest_start(msg, NL80211_BAND_ATTR_RATES); |
| 1288 | if (!nl_rates) |
| 1289 | return -ENOBUFS; |
| 1290 | |
| 1291 | for (i = 0; i < sband->n_bitrates; i++) { |
| 1292 | nl_rate = nla_nest_start(msg, i); |
| 1293 | if (!nl_rate) |
| 1294 | return -ENOBUFS; |
| 1295 | |
| 1296 | rate = &sband->bitrates[i]; |
| 1297 | if (nla_put_u32(msg, NL80211_BITRATE_ATTR_RATE, |
| 1298 | rate->bitrate)) |
| 1299 | return -ENOBUFS; |
| 1300 | if ((rate->flags & IEEE80211_RATE_SHORT_PREAMBLE) && |
| 1301 | nla_put_flag(msg, |
| 1302 | NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE)) |
| 1303 | return -ENOBUFS; |
| 1304 | |
| 1305 | nla_nest_end(msg, nl_rate); |
| 1306 | } |
| 1307 | |
| 1308 | nla_nest_end(msg, nl_rates); |
| 1309 | |
| 1310 | return 0; |
| 1311 | } |
| 1312 | |
| 1313 | static int |
| 1314 | nl80211_send_mgmt_stypes(struct sk_buff *msg, |
| 1315 | const struct ieee80211_txrx_stypes *mgmt_stypes) |
| 1316 | { |
| 1317 | u16 stypes; |
| 1318 | struct nlattr *nl_ftypes, *nl_ifs; |
| 1319 | enum nl80211_iftype ift; |
| 1320 | int i; |
| 1321 | |
| 1322 | if (!mgmt_stypes) |
| 1323 | return 0; |
| 1324 | |
| 1325 | nl_ifs = nla_nest_start(msg, NL80211_ATTR_TX_FRAME_TYPES); |
| 1326 | if (!nl_ifs) |
| 1327 | return -ENOBUFS; |
| 1328 | |
| 1329 | for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) { |
| 1330 | nl_ftypes = nla_nest_start(msg, ift); |
| 1331 | if (!nl_ftypes) |
| 1332 | return -ENOBUFS; |
| 1333 | i = 0; |
| 1334 | stypes = mgmt_stypes[ift].tx; |
| 1335 | while (stypes) { |
| 1336 | if ((stypes & 1) && |
| 1337 | nla_put_u16(msg, NL80211_ATTR_FRAME_TYPE, |
| 1338 | (i << 4) | IEEE80211_FTYPE_MGMT)) |
| 1339 | return -ENOBUFS; |
| 1340 | stypes >>= 1; |
| 1341 | i++; |
| 1342 | } |
| 1343 | nla_nest_end(msg, nl_ftypes); |
| 1344 | } |
| 1345 | |
| 1346 | nla_nest_end(msg, nl_ifs); |
| 1347 | |
| 1348 | nl_ifs = nla_nest_start(msg, NL80211_ATTR_RX_FRAME_TYPES); |
| 1349 | if (!nl_ifs) |
| 1350 | return -ENOBUFS; |
| 1351 | |
| 1352 | for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) { |
| 1353 | nl_ftypes = nla_nest_start(msg, ift); |
| 1354 | if (!nl_ftypes) |
| 1355 | return -ENOBUFS; |
| 1356 | i = 0; |
| 1357 | stypes = mgmt_stypes[ift].rx; |
| 1358 | while (stypes) { |
| 1359 | if ((stypes & 1) && |
| 1360 | nla_put_u16(msg, NL80211_ATTR_FRAME_TYPE, |
| 1361 | (i << 4) | IEEE80211_FTYPE_MGMT)) |
| 1362 | return -ENOBUFS; |
| 1363 | stypes >>= 1; |
| 1364 | i++; |
| 1365 | } |
| 1366 | nla_nest_end(msg, nl_ftypes); |
| 1367 | } |
| 1368 | nla_nest_end(msg, nl_ifs); |
| 1369 | |
| 1370 | return 0; |
| 1371 | } |
| 1372 | |
| 1373 | #define CMD(op, n) \ |
| 1374 | do { \ |
| 1375 | if (rdev->ops->op) { \ |
| 1376 | i++; \ |
| 1377 | if (nla_put_u32(msg, i, NL80211_CMD_ ## n)) \ |
| 1378 | goto nla_put_failure; \ |
| 1379 | } \ |
| 1380 | } while (0) |
| 1381 | |
| 1382 | static int nl80211_add_commands_unsplit(struct cfg80211_registered_device *rdev, |
| 1383 | struct sk_buff *msg) |
| 1384 | { |
| 1385 | int i = 0; |
| 1386 | |
| 1387 | /* |
| 1388 | * do *NOT* add anything into this function, new things need to be |
| 1389 | * advertised only to new versions of userspace that can deal with |
| 1390 | * the split (and they can't possibly care about new features... |
| 1391 | */ |
| 1392 | CMD(add_virtual_intf, NEW_INTERFACE); |
| 1393 | CMD(change_virtual_intf, SET_INTERFACE); |
| 1394 | CMD(add_key, NEW_KEY); |
| 1395 | CMD(start_ap, START_AP); |
| 1396 | CMD(add_station, NEW_STATION); |
| 1397 | CMD(add_mpath, NEW_MPATH); |
| 1398 | CMD(update_mesh_config, SET_MESH_CONFIG); |
| 1399 | CMD(change_bss, SET_BSS); |
| 1400 | CMD(auth, AUTHENTICATE); |
| 1401 | CMD(assoc, ASSOCIATE); |
| 1402 | CMD(deauth, DEAUTHENTICATE); |
| 1403 | CMD(disassoc, DISASSOCIATE); |
| 1404 | CMD(join_ibss, JOIN_IBSS); |
| 1405 | CMD(join_mesh, JOIN_MESH); |
| 1406 | CMD(set_pmksa, SET_PMKSA); |
| 1407 | CMD(del_pmksa, DEL_PMKSA); |
| 1408 | CMD(flush_pmksa, FLUSH_PMKSA); |
| 1409 | if (rdev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL) |
| 1410 | CMD(remain_on_channel, REMAIN_ON_CHANNEL); |
| 1411 | CMD(set_bitrate_mask, SET_TX_BITRATE_MASK); |
| 1412 | CMD(mgmt_tx, FRAME); |
| 1413 | CMD(mgmt_tx_cancel_wait, FRAME_WAIT_CANCEL); |
| 1414 | if (rdev->wiphy.flags & WIPHY_FLAG_NETNS_OK) { |
| 1415 | i++; |
| 1416 | if (nla_put_u32(msg, i, NL80211_CMD_SET_WIPHY_NETNS)) |
| 1417 | goto nla_put_failure; |
| 1418 | } |
| 1419 | if (rdev->ops->set_monitor_channel || rdev->ops->start_ap || |
| 1420 | rdev->ops->join_mesh) { |
| 1421 | i++; |
| 1422 | if (nla_put_u32(msg, i, NL80211_CMD_SET_CHANNEL)) |
| 1423 | goto nla_put_failure; |
| 1424 | } |
| 1425 | CMD(set_wds_peer, SET_WDS_PEER); |
| 1426 | if (rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) { |
| 1427 | CMD(tdls_mgmt, TDLS_MGMT); |
| 1428 | CMD(tdls_oper, TDLS_OPER); |
| 1429 | } |
| 1430 | if (rdev->wiphy.max_sched_scan_reqs) |
| 1431 | CMD(sched_scan_start, START_SCHED_SCAN); |
| 1432 | CMD(probe_client, PROBE_CLIENT); |
| 1433 | CMD(set_noack_map, SET_NOACK_MAP); |
| 1434 | if (rdev->wiphy.flags & WIPHY_FLAG_REPORTS_OBSS) { |
| 1435 | i++; |
| 1436 | if (nla_put_u32(msg, i, NL80211_CMD_REGISTER_BEACONS)) |
| 1437 | goto nla_put_failure; |
| 1438 | } |
| 1439 | CMD(start_p2p_device, START_P2P_DEVICE); |
| 1440 | CMD(set_mcast_rate, SET_MCAST_RATE); |
| 1441 | #ifdef CONFIG_NL80211_TESTMODE |
| 1442 | CMD(testmode_cmd, TESTMODE); |
| 1443 | #endif |
| 1444 | |
| 1445 | if (rdev->ops->connect || rdev->ops->auth) { |
| 1446 | i++; |
| 1447 | if (nla_put_u32(msg, i, NL80211_CMD_CONNECT)) |
| 1448 | goto nla_put_failure; |
| 1449 | } |
| 1450 | |
| 1451 | if (rdev->ops->disconnect || rdev->ops->deauth) { |
| 1452 | i++; |
| 1453 | if (nla_put_u32(msg, i, NL80211_CMD_DISCONNECT)) |
| 1454 | goto nla_put_failure; |
| 1455 | } |
| 1456 | |
| 1457 | return i; |
| 1458 | nla_put_failure: |
| 1459 | return -ENOBUFS; |
| 1460 | } |
| 1461 | |
| 1462 | struct nl80211_dump_wiphy_state { |
| 1463 | s64 filter_wiphy; |
| 1464 | long start; |
| 1465 | long split_start, band_start, chan_start, capa_start; |
| 1466 | bool split; |
| 1467 | }; |
| 1468 | |
| 1469 | static int nl80211_send_wiphy(struct cfg80211_registered_device *rdev, |
| 1470 | enum nl80211_commands cmd, |
| 1471 | struct sk_buff *msg, u32 portid, u32 seq, |
| 1472 | int flags, struct nl80211_dump_wiphy_state *state) |
| 1473 | { |
| 1474 | void *hdr; |
| 1475 | struct nlattr *nl_bands, *nl_band; |
| 1476 | struct nlattr *nl_freqs, *nl_freq; |
| 1477 | struct nlattr *nl_cmds; |
| 1478 | enum nl80211_band band; |
| 1479 | struct ieee80211_channel *chan; |
| 1480 | int i; |
| 1481 | const struct ieee80211_txrx_stypes *mgmt_stypes = |
| 1482 | rdev->wiphy.mgmt_stypes; |
| 1483 | u32 features; |
| 1484 | |
| 1485 | hdr = nl80211hdr_put(msg, portid, seq, flags, cmd); |
| 1486 | if (!hdr) |
| 1487 | return -ENOBUFS; |
| 1488 | |
| 1489 | if (WARN_ON(!state)) |
| 1490 | return -EINVAL; |
| 1491 | |
| 1492 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 1493 | nla_put_string(msg, NL80211_ATTR_WIPHY_NAME, |
| 1494 | wiphy_name(&rdev->wiphy)) || |
| 1495 | nla_put_u32(msg, NL80211_ATTR_GENERATION, |
| 1496 | cfg80211_rdev_list_generation)) |
| 1497 | goto nla_put_failure; |
| 1498 | |
| 1499 | if (cmd != NL80211_CMD_NEW_WIPHY) |
| 1500 | goto finish; |
| 1501 | |
| 1502 | switch (state->split_start) { |
| 1503 | case 0: |
| 1504 | if (nla_put_u8(msg, NL80211_ATTR_WIPHY_RETRY_SHORT, |
| 1505 | rdev->wiphy.retry_short) || |
| 1506 | nla_put_u8(msg, NL80211_ATTR_WIPHY_RETRY_LONG, |
| 1507 | rdev->wiphy.retry_long) || |
| 1508 | nla_put_u32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD, |
| 1509 | rdev->wiphy.frag_threshold) || |
| 1510 | nla_put_u32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD, |
| 1511 | rdev->wiphy.rts_threshold) || |
| 1512 | nla_put_u8(msg, NL80211_ATTR_WIPHY_COVERAGE_CLASS, |
| 1513 | rdev->wiphy.coverage_class) || |
| 1514 | nla_put_u8(msg, NL80211_ATTR_MAX_NUM_SCAN_SSIDS, |
| 1515 | rdev->wiphy.max_scan_ssids) || |
| 1516 | nla_put_u8(msg, NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS, |
| 1517 | rdev->wiphy.max_sched_scan_ssids) || |
| 1518 | nla_put_u16(msg, NL80211_ATTR_MAX_SCAN_IE_LEN, |
| 1519 | rdev->wiphy.max_scan_ie_len) || |
| 1520 | nla_put_u16(msg, NL80211_ATTR_MAX_SCHED_SCAN_IE_LEN, |
| 1521 | rdev->wiphy.max_sched_scan_ie_len) || |
| 1522 | nla_put_u8(msg, NL80211_ATTR_MAX_MATCH_SETS, |
| 1523 | rdev->wiphy.max_match_sets) || |
| 1524 | nla_put_u32(msg, NL80211_ATTR_MAX_NUM_SCHED_SCAN_PLANS, |
| 1525 | rdev->wiphy.max_sched_scan_plans) || |
| 1526 | nla_put_u32(msg, NL80211_ATTR_MAX_SCAN_PLAN_INTERVAL, |
| 1527 | rdev->wiphy.max_sched_scan_plan_interval) || |
| 1528 | nla_put_u32(msg, NL80211_ATTR_MAX_SCAN_PLAN_ITERATIONS, |
| 1529 | rdev->wiphy.max_sched_scan_plan_iterations)) |
| 1530 | goto nla_put_failure; |
| 1531 | |
| 1532 | if ((rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN) && |
| 1533 | nla_put_flag(msg, NL80211_ATTR_SUPPORT_IBSS_RSN)) |
| 1534 | goto nla_put_failure; |
| 1535 | if ((rdev->wiphy.flags & WIPHY_FLAG_MESH_AUTH) && |
| 1536 | nla_put_flag(msg, NL80211_ATTR_SUPPORT_MESH_AUTH)) |
| 1537 | goto nla_put_failure; |
| 1538 | if ((rdev->wiphy.flags & WIPHY_FLAG_AP_UAPSD) && |
| 1539 | nla_put_flag(msg, NL80211_ATTR_SUPPORT_AP_UAPSD)) |
| 1540 | goto nla_put_failure; |
| 1541 | if ((rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_FW_ROAM) && |
| 1542 | nla_put_flag(msg, NL80211_ATTR_ROAM_SUPPORT)) |
| 1543 | goto nla_put_failure; |
| 1544 | if ((rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) && |
| 1545 | nla_put_flag(msg, NL80211_ATTR_TDLS_SUPPORT)) |
| 1546 | goto nla_put_failure; |
| 1547 | if ((rdev->wiphy.flags & WIPHY_FLAG_TDLS_EXTERNAL_SETUP) && |
| 1548 | nla_put_flag(msg, NL80211_ATTR_TDLS_EXTERNAL_SETUP)) |
| 1549 | goto nla_put_failure; |
| 1550 | state->split_start++; |
| 1551 | if (state->split) |
| 1552 | break; |
| 1553 | case 1: |
| 1554 | if (nla_put(msg, NL80211_ATTR_CIPHER_SUITES, |
| 1555 | sizeof(u32) * rdev->wiphy.n_cipher_suites, |
| 1556 | rdev->wiphy.cipher_suites)) |
| 1557 | goto nla_put_failure; |
| 1558 | |
| 1559 | if (nla_put_u8(msg, NL80211_ATTR_MAX_NUM_PMKIDS, |
| 1560 | rdev->wiphy.max_num_pmkids)) |
| 1561 | goto nla_put_failure; |
| 1562 | |
| 1563 | if ((rdev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) && |
| 1564 | nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE)) |
| 1565 | goto nla_put_failure; |
| 1566 | |
| 1567 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_TX, |
| 1568 | rdev->wiphy.available_antennas_tx) || |
| 1569 | nla_put_u32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_RX, |
| 1570 | rdev->wiphy.available_antennas_rx)) |
| 1571 | goto nla_put_failure; |
| 1572 | |
| 1573 | if ((rdev->wiphy.flags & WIPHY_FLAG_AP_PROBE_RESP_OFFLOAD) && |
| 1574 | nla_put_u32(msg, NL80211_ATTR_PROBE_RESP_OFFLOAD, |
| 1575 | rdev->wiphy.probe_resp_offload)) |
| 1576 | goto nla_put_failure; |
| 1577 | |
| 1578 | if ((rdev->wiphy.available_antennas_tx || |
| 1579 | rdev->wiphy.available_antennas_rx) && |
| 1580 | rdev->ops->get_antenna) { |
| 1581 | u32 tx_ant = 0, rx_ant = 0; |
| 1582 | int res; |
| 1583 | |
| 1584 | res = rdev_get_antenna(rdev, &tx_ant, &rx_ant); |
| 1585 | if (!res) { |
| 1586 | if (nla_put_u32(msg, |
| 1587 | NL80211_ATTR_WIPHY_ANTENNA_TX, |
| 1588 | tx_ant) || |
| 1589 | nla_put_u32(msg, |
| 1590 | NL80211_ATTR_WIPHY_ANTENNA_RX, |
| 1591 | rx_ant)) |
| 1592 | goto nla_put_failure; |
| 1593 | } |
| 1594 | } |
| 1595 | |
| 1596 | state->split_start++; |
| 1597 | if (state->split) |
| 1598 | break; |
| 1599 | case 2: |
| 1600 | if (nl80211_put_iftypes(msg, NL80211_ATTR_SUPPORTED_IFTYPES, |
| 1601 | rdev->wiphy.interface_modes)) |
| 1602 | goto nla_put_failure; |
| 1603 | state->split_start++; |
| 1604 | if (state->split) |
| 1605 | break; |
| 1606 | case 3: |
| 1607 | nl_bands = nla_nest_start(msg, NL80211_ATTR_WIPHY_BANDS); |
| 1608 | if (!nl_bands) |
| 1609 | goto nla_put_failure; |
| 1610 | |
| 1611 | for (band = state->band_start; |
| 1612 | band < NUM_NL80211_BANDS; band++) { |
| 1613 | struct ieee80211_supported_band *sband; |
| 1614 | |
| 1615 | sband = rdev->wiphy.bands[band]; |
| 1616 | |
| 1617 | if (!sband) |
| 1618 | continue; |
| 1619 | |
| 1620 | nl_band = nla_nest_start(msg, band); |
| 1621 | if (!nl_band) |
| 1622 | goto nla_put_failure; |
| 1623 | |
| 1624 | switch (state->chan_start) { |
| 1625 | case 0: |
| 1626 | if (nl80211_send_band_rateinfo(msg, sband)) |
| 1627 | goto nla_put_failure; |
| 1628 | state->chan_start++; |
| 1629 | if (state->split) |
| 1630 | break; |
| 1631 | default: |
| 1632 | /* add frequencies */ |
| 1633 | nl_freqs = nla_nest_start( |
| 1634 | msg, NL80211_BAND_ATTR_FREQS); |
| 1635 | if (!nl_freqs) |
| 1636 | goto nla_put_failure; |
| 1637 | |
| 1638 | for (i = state->chan_start - 1; |
| 1639 | i < sband->n_channels; |
| 1640 | i++) { |
| 1641 | nl_freq = nla_nest_start(msg, i); |
| 1642 | if (!nl_freq) |
| 1643 | goto nla_put_failure; |
| 1644 | |
| 1645 | chan = &sband->channels[i]; |
| 1646 | |
| 1647 | if (nl80211_msg_put_channel( |
| 1648 | msg, chan, |
| 1649 | state->split)) |
| 1650 | goto nla_put_failure; |
| 1651 | |
| 1652 | nla_nest_end(msg, nl_freq); |
| 1653 | if (state->split) |
| 1654 | break; |
| 1655 | } |
| 1656 | if (i < sband->n_channels) |
| 1657 | state->chan_start = i + 2; |
| 1658 | else |
| 1659 | state->chan_start = 0; |
| 1660 | nla_nest_end(msg, nl_freqs); |
| 1661 | } |
| 1662 | |
| 1663 | nla_nest_end(msg, nl_band); |
| 1664 | |
| 1665 | if (state->split) { |
| 1666 | /* start again here */ |
| 1667 | if (state->chan_start) |
| 1668 | band--; |
| 1669 | break; |
| 1670 | } |
| 1671 | } |
| 1672 | nla_nest_end(msg, nl_bands); |
| 1673 | |
| 1674 | if (band < NUM_NL80211_BANDS) |
| 1675 | state->band_start = band + 1; |
| 1676 | else |
| 1677 | state->band_start = 0; |
| 1678 | |
| 1679 | /* if bands & channels are done, continue outside */ |
| 1680 | if (state->band_start == 0 && state->chan_start == 0) |
| 1681 | state->split_start++; |
| 1682 | if (state->split) |
| 1683 | break; |
| 1684 | case 4: |
| 1685 | nl_cmds = nla_nest_start(msg, NL80211_ATTR_SUPPORTED_COMMANDS); |
| 1686 | if (!nl_cmds) |
| 1687 | goto nla_put_failure; |
| 1688 | |
| 1689 | i = nl80211_add_commands_unsplit(rdev, msg); |
| 1690 | if (i < 0) |
| 1691 | goto nla_put_failure; |
| 1692 | if (state->split) { |
| 1693 | CMD(crit_proto_start, CRIT_PROTOCOL_START); |
| 1694 | CMD(crit_proto_stop, CRIT_PROTOCOL_STOP); |
| 1695 | if (rdev->wiphy.flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH) |
| 1696 | CMD(channel_switch, CHANNEL_SWITCH); |
| 1697 | CMD(set_qos_map, SET_QOS_MAP); |
| 1698 | if (rdev->wiphy.features & |
| 1699 | NL80211_FEATURE_SUPPORTS_WMM_ADMISSION) |
| 1700 | CMD(add_tx_ts, ADD_TX_TS); |
| 1701 | CMD(set_multicast_to_unicast, SET_MULTICAST_TO_UNICAST); |
| 1702 | CMD(update_connect_params, UPDATE_CONNECT_PARAMS); |
| 1703 | } |
| 1704 | #undef CMD |
| 1705 | |
| 1706 | nla_nest_end(msg, nl_cmds); |
| 1707 | state->split_start++; |
| 1708 | if (state->split) |
| 1709 | break; |
| 1710 | case 5: |
| 1711 | if (rdev->ops->remain_on_channel && |
| 1712 | (rdev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL) && |
| 1713 | nla_put_u32(msg, |
| 1714 | NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION, |
| 1715 | rdev->wiphy.max_remain_on_channel_duration)) |
| 1716 | goto nla_put_failure; |
| 1717 | |
| 1718 | if ((rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX) && |
| 1719 | nla_put_flag(msg, NL80211_ATTR_OFFCHANNEL_TX_OK)) |
| 1720 | goto nla_put_failure; |
| 1721 | |
| 1722 | if (nl80211_send_mgmt_stypes(msg, mgmt_stypes)) |
| 1723 | goto nla_put_failure; |
| 1724 | state->split_start++; |
| 1725 | if (state->split) |
| 1726 | break; |
| 1727 | case 6: |
| 1728 | #ifdef CONFIG_PM |
| 1729 | if (nl80211_send_wowlan(msg, rdev, state->split)) |
| 1730 | goto nla_put_failure; |
| 1731 | state->split_start++; |
| 1732 | if (state->split) |
| 1733 | break; |
| 1734 | #else |
| 1735 | state->split_start++; |
| 1736 | #endif |
| 1737 | case 7: |
| 1738 | if (nl80211_put_iftypes(msg, NL80211_ATTR_SOFTWARE_IFTYPES, |
| 1739 | rdev->wiphy.software_iftypes)) |
| 1740 | goto nla_put_failure; |
| 1741 | |
| 1742 | if (nl80211_put_iface_combinations(&rdev->wiphy, msg, |
| 1743 | state->split)) |
| 1744 | goto nla_put_failure; |
| 1745 | |
| 1746 | state->split_start++; |
| 1747 | if (state->split) |
| 1748 | break; |
| 1749 | case 8: |
| 1750 | if ((rdev->wiphy.flags & WIPHY_FLAG_HAVE_AP_SME) && |
| 1751 | nla_put_u32(msg, NL80211_ATTR_DEVICE_AP_SME, |
| 1752 | rdev->wiphy.ap_sme_capa)) |
| 1753 | goto nla_put_failure; |
| 1754 | |
| 1755 | features = rdev->wiphy.features; |
| 1756 | /* |
| 1757 | * We can only add the per-channel limit information if the |
| 1758 | * dump is split, otherwise it makes it too big. Therefore |
| 1759 | * only advertise it in that case. |
| 1760 | */ |
| 1761 | if (state->split) |
| 1762 | features |= NL80211_FEATURE_ADVERTISE_CHAN_LIMITS; |
| 1763 | if (nla_put_u32(msg, NL80211_ATTR_FEATURE_FLAGS, features)) |
| 1764 | goto nla_put_failure; |
| 1765 | |
| 1766 | if (rdev->wiphy.ht_capa_mod_mask && |
| 1767 | nla_put(msg, NL80211_ATTR_HT_CAPABILITY_MASK, |
| 1768 | sizeof(*rdev->wiphy.ht_capa_mod_mask), |
| 1769 | rdev->wiphy.ht_capa_mod_mask)) |
| 1770 | goto nla_put_failure; |
| 1771 | |
| 1772 | if (rdev->wiphy.flags & WIPHY_FLAG_HAVE_AP_SME && |
| 1773 | rdev->wiphy.max_acl_mac_addrs && |
| 1774 | nla_put_u32(msg, NL80211_ATTR_MAC_ACL_MAX, |
| 1775 | rdev->wiphy.max_acl_mac_addrs)) |
| 1776 | goto nla_put_failure; |
| 1777 | |
| 1778 | /* |
| 1779 | * Any information below this point is only available to |
| 1780 | * applications that can deal with it being split. This |
| 1781 | * helps ensure that newly added capabilities don't break |
| 1782 | * older tools by overrunning their buffers. |
| 1783 | * |
| 1784 | * We still increment split_start so that in the split |
| 1785 | * case we'll continue with more data in the next round, |
| 1786 | * but break unconditionally so unsplit data stops here. |
| 1787 | */ |
| 1788 | state->split_start++; |
| 1789 | break; |
| 1790 | case 9: |
| 1791 | if (rdev->wiphy.extended_capabilities && |
| 1792 | (nla_put(msg, NL80211_ATTR_EXT_CAPA, |
| 1793 | rdev->wiphy.extended_capabilities_len, |
| 1794 | rdev->wiphy.extended_capabilities) || |
| 1795 | nla_put(msg, NL80211_ATTR_EXT_CAPA_MASK, |
| 1796 | rdev->wiphy.extended_capabilities_len, |
| 1797 | rdev->wiphy.extended_capabilities_mask))) |
| 1798 | goto nla_put_failure; |
| 1799 | |
| 1800 | if (rdev->wiphy.vht_capa_mod_mask && |
| 1801 | nla_put(msg, NL80211_ATTR_VHT_CAPABILITY_MASK, |
| 1802 | sizeof(*rdev->wiphy.vht_capa_mod_mask), |
| 1803 | rdev->wiphy.vht_capa_mod_mask)) |
| 1804 | goto nla_put_failure; |
| 1805 | |
| 1806 | state->split_start++; |
| 1807 | break; |
| 1808 | case 10: |
| 1809 | if (nl80211_send_coalesce(msg, rdev)) |
| 1810 | goto nla_put_failure; |
| 1811 | |
| 1812 | if ((rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_5_10_MHZ) && |
| 1813 | (nla_put_flag(msg, NL80211_ATTR_SUPPORT_5_MHZ) || |
| 1814 | nla_put_flag(msg, NL80211_ATTR_SUPPORT_10_MHZ))) |
| 1815 | goto nla_put_failure; |
| 1816 | |
| 1817 | if (rdev->wiphy.max_ap_assoc_sta && |
| 1818 | nla_put_u32(msg, NL80211_ATTR_MAX_AP_ASSOC_STA, |
| 1819 | rdev->wiphy.max_ap_assoc_sta)) |
| 1820 | goto nla_put_failure; |
| 1821 | |
| 1822 | state->split_start++; |
| 1823 | break; |
| 1824 | case 11: |
| 1825 | if (rdev->wiphy.n_vendor_commands) { |
| 1826 | const struct nl80211_vendor_cmd_info *info; |
| 1827 | struct nlattr *nested; |
| 1828 | |
| 1829 | nested = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA); |
| 1830 | if (!nested) |
| 1831 | goto nla_put_failure; |
| 1832 | |
| 1833 | for (i = 0; i < rdev->wiphy.n_vendor_commands; i++) { |
| 1834 | info = &rdev->wiphy.vendor_commands[i].info; |
| 1835 | if (nla_put(msg, i + 1, sizeof(*info), info)) |
| 1836 | goto nla_put_failure; |
| 1837 | } |
| 1838 | nla_nest_end(msg, nested); |
| 1839 | } |
| 1840 | |
| 1841 | if (rdev->wiphy.n_vendor_events) { |
| 1842 | const struct nl80211_vendor_cmd_info *info; |
| 1843 | struct nlattr *nested; |
| 1844 | |
| 1845 | nested = nla_nest_start(msg, |
| 1846 | NL80211_ATTR_VENDOR_EVENTS); |
| 1847 | if (!nested) |
| 1848 | goto nla_put_failure; |
| 1849 | |
| 1850 | for (i = 0; i < rdev->wiphy.n_vendor_events; i++) { |
| 1851 | info = &rdev->wiphy.vendor_events[i]; |
| 1852 | if (nla_put(msg, i + 1, sizeof(*info), info)) |
| 1853 | goto nla_put_failure; |
| 1854 | } |
| 1855 | nla_nest_end(msg, nested); |
| 1856 | } |
| 1857 | state->split_start++; |
| 1858 | break; |
| 1859 | case 12: |
| 1860 | if (rdev->wiphy.flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH && |
| 1861 | nla_put_u8(msg, NL80211_ATTR_MAX_CSA_COUNTERS, |
| 1862 | rdev->wiphy.max_num_csa_counters)) |
| 1863 | goto nla_put_failure; |
| 1864 | |
| 1865 | if (rdev->wiphy.regulatory_flags & REGULATORY_WIPHY_SELF_MANAGED && |
| 1866 | nla_put_flag(msg, NL80211_ATTR_WIPHY_SELF_MANAGED_REG)) |
| 1867 | goto nla_put_failure; |
| 1868 | |
| 1869 | if (rdev->wiphy.max_sched_scan_reqs && |
| 1870 | nla_put_u32(msg, NL80211_ATTR_SCHED_SCAN_MAX_REQS, |
| 1871 | rdev->wiphy.max_sched_scan_reqs)) |
| 1872 | goto nla_put_failure; |
| 1873 | |
| 1874 | if (nla_put(msg, NL80211_ATTR_EXT_FEATURES, |
| 1875 | sizeof(rdev->wiphy.ext_features), |
| 1876 | rdev->wiphy.ext_features)) |
| 1877 | goto nla_put_failure; |
| 1878 | |
| 1879 | if (rdev->wiphy.bss_select_support) { |
| 1880 | struct nlattr *nested; |
| 1881 | u32 bss_select_support = rdev->wiphy.bss_select_support; |
| 1882 | |
| 1883 | nested = nla_nest_start(msg, NL80211_ATTR_BSS_SELECT); |
| 1884 | if (!nested) |
| 1885 | goto nla_put_failure; |
| 1886 | |
| 1887 | i = 0; |
| 1888 | while (bss_select_support) { |
| 1889 | if ((bss_select_support & 1) && |
| 1890 | nla_put_flag(msg, i)) |
| 1891 | goto nla_put_failure; |
| 1892 | i++; |
| 1893 | bss_select_support >>= 1; |
| 1894 | } |
| 1895 | nla_nest_end(msg, nested); |
| 1896 | } |
| 1897 | |
| 1898 | state->split_start++; |
| 1899 | break; |
| 1900 | case 13: |
| 1901 | if (rdev->wiphy.num_iftype_ext_capab && |
| 1902 | rdev->wiphy.iftype_ext_capab) { |
| 1903 | struct nlattr *nested_ext_capab, *nested; |
| 1904 | |
| 1905 | nested = nla_nest_start(msg, |
| 1906 | NL80211_ATTR_IFTYPE_EXT_CAPA); |
| 1907 | if (!nested) |
| 1908 | goto nla_put_failure; |
| 1909 | |
| 1910 | for (i = state->capa_start; |
| 1911 | i < rdev->wiphy.num_iftype_ext_capab; i++) { |
| 1912 | const struct wiphy_iftype_ext_capab *capab; |
| 1913 | |
| 1914 | capab = &rdev->wiphy.iftype_ext_capab[i]; |
| 1915 | |
| 1916 | nested_ext_capab = nla_nest_start(msg, i); |
| 1917 | if (!nested_ext_capab || |
| 1918 | nla_put_u32(msg, NL80211_ATTR_IFTYPE, |
| 1919 | capab->iftype) || |
| 1920 | nla_put(msg, NL80211_ATTR_EXT_CAPA, |
| 1921 | capab->extended_capabilities_len, |
| 1922 | capab->extended_capabilities) || |
| 1923 | nla_put(msg, NL80211_ATTR_EXT_CAPA_MASK, |
| 1924 | capab->extended_capabilities_len, |
| 1925 | capab->extended_capabilities_mask)) |
| 1926 | goto nla_put_failure; |
| 1927 | |
| 1928 | nla_nest_end(msg, nested_ext_capab); |
| 1929 | if (state->split) |
| 1930 | break; |
| 1931 | } |
| 1932 | nla_nest_end(msg, nested); |
| 1933 | if (i < rdev->wiphy.num_iftype_ext_capab) { |
| 1934 | state->capa_start = i + 1; |
| 1935 | break; |
| 1936 | } |
| 1937 | } |
| 1938 | |
| 1939 | if (nla_put_u32(msg, NL80211_ATTR_BANDS, |
| 1940 | rdev->wiphy.nan_supported_bands)) |
| 1941 | goto nla_put_failure; |
| 1942 | |
| 1943 | /* done */ |
| 1944 | state->split_start = 0; |
| 1945 | break; |
| 1946 | } |
| 1947 | finish: |
| 1948 | genlmsg_end(msg, hdr); |
| 1949 | return 0; |
| 1950 | |
| 1951 | nla_put_failure: |
| 1952 | genlmsg_cancel(msg, hdr); |
| 1953 | return -EMSGSIZE; |
| 1954 | } |
| 1955 | |
| 1956 | static int nl80211_dump_wiphy_parse(struct sk_buff *skb, |
| 1957 | struct netlink_callback *cb, |
| 1958 | struct nl80211_dump_wiphy_state *state) |
| 1959 | { |
| 1960 | struct nlattr **tb = genl_family_attrbuf(&nl80211_fam); |
| 1961 | int ret = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize, tb, |
| 1962 | nl80211_fam.maxattr, nl80211_policy, NULL); |
| 1963 | /* ignore parse errors for backward compatibility */ |
| 1964 | if (ret) |
| 1965 | return 0; |
| 1966 | |
| 1967 | state->split = tb[NL80211_ATTR_SPLIT_WIPHY_DUMP]; |
| 1968 | if (tb[NL80211_ATTR_WIPHY]) |
| 1969 | state->filter_wiphy = nla_get_u32(tb[NL80211_ATTR_WIPHY]); |
| 1970 | if (tb[NL80211_ATTR_WDEV]) |
| 1971 | state->filter_wiphy = nla_get_u64(tb[NL80211_ATTR_WDEV]) >> 32; |
| 1972 | if (tb[NL80211_ATTR_IFINDEX]) { |
| 1973 | struct net_device *netdev; |
| 1974 | struct cfg80211_registered_device *rdev; |
| 1975 | int ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]); |
| 1976 | |
| 1977 | netdev = __dev_get_by_index(sock_net(skb->sk), ifidx); |
| 1978 | if (!netdev) |
| 1979 | return -ENODEV; |
| 1980 | if (netdev->ieee80211_ptr) { |
| 1981 | rdev = wiphy_to_rdev( |
| 1982 | netdev->ieee80211_ptr->wiphy); |
| 1983 | state->filter_wiphy = rdev->wiphy_idx; |
| 1984 | } |
| 1985 | } |
| 1986 | |
| 1987 | return 0; |
| 1988 | } |
| 1989 | |
| 1990 | static int nl80211_dump_wiphy(struct sk_buff *skb, struct netlink_callback *cb) |
| 1991 | { |
| 1992 | int idx = 0, ret; |
| 1993 | struct nl80211_dump_wiphy_state *state = (void *)cb->args[0]; |
| 1994 | struct cfg80211_registered_device *rdev; |
| 1995 | |
| 1996 | rtnl_lock(); |
| 1997 | if (!state) { |
| 1998 | state = kzalloc(sizeof(*state), GFP_KERNEL); |
| 1999 | if (!state) { |
| 2000 | rtnl_unlock(); |
| 2001 | return -ENOMEM; |
| 2002 | } |
| 2003 | state->filter_wiphy = -1; |
| 2004 | ret = nl80211_dump_wiphy_parse(skb, cb, state); |
| 2005 | if (ret) { |
| 2006 | kfree(state); |
| 2007 | rtnl_unlock(); |
| 2008 | return ret; |
| 2009 | } |
| 2010 | cb->args[0] = (long)state; |
| 2011 | } |
| 2012 | |
| 2013 | list_for_each_entry(rdev, &cfg80211_rdev_list, list) { |
| 2014 | if (!net_eq(wiphy_net(&rdev->wiphy), sock_net(skb->sk))) |
| 2015 | continue; |
| 2016 | if (++idx <= state->start) |
| 2017 | continue; |
| 2018 | if (state->filter_wiphy != -1 && |
| 2019 | state->filter_wiphy != rdev->wiphy_idx) |
| 2020 | continue; |
| 2021 | /* attempt to fit multiple wiphy data chunks into the skb */ |
| 2022 | do { |
| 2023 | ret = nl80211_send_wiphy(rdev, NL80211_CMD_NEW_WIPHY, |
| 2024 | skb, |
| 2025 | NETLINK_CB(cb->skb).portid, |
| 2026 | cb->nlh->nlmsg_seq, |
| 2027 | NLM_F_MULTI, state); |
| 2028 | if (ret < 0) { |
| 2029 | /* |
| 2030 | * If sending the wiphy data didn't fit (ENOBUFS |
| 2031 | * or EMSGSIZE returned), this SKB is still |
| 2032 | * empty (so it's not too big because another |
| 2033 | * wiphy dataset is already in the skb) and |
| 2034 | * we've not tried to adjust the dump allocation |
| 2035 | * yet ... then adjust the alloc size to be |
| 2036 | * bigger, and return 1 but with the empty skb. |
| 2037 | * This results in an empty message being RX'ed |
| 2038 | * in userspace, but that is ignored. |
| 2039 | * |
| 2040 | * We can then retry with the larger buffer. |
| 2041 | */ |
| 2042 | if ((ret == -ENOBUFS || ret == -EMSGSIZE) && |
| 2043 | !skb->len && !state->split && |
| 2044 | cb->min_dump_alloc < 4096) { |
| 2045 | cb->min_dump_alloc = 4096; |
| 2046 | state->split_start = 0; |
| 2047 | rtnl_unlock(); |
| 2048 | return 1; |
| 2049 | } |
| 2050 | idx--; |
| 2051 | break; |
| 2052 | } |
| 2053 | } while (state->split_start > 0); |
| 2054 | break; |
| 2055 | } |
| 2056 | rtnl_unlock(); |
| 2057 | |
| 2058 | state->start = idx; |
| 2059 | |
| 2060 | return skb->len; |
| 2061 | } |
| 2062 | |
| 2063 | static int nl80211_dump_wiphy_done(struct netlink_callback *cb) |
| 2064 | { |
| 2065 | kfree((void *)cb->args[0]); |
| 2066 | return 0; |
| 2067 | } |
| 2068 | |
| 2069 | static int nl80211_get_wiphy(struct sk_buff *skb, struct genl_info *info) |
| 2070 | { |
| 2071 | struct sk_buff *msg; |
| 2072 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 2073 | struct nl80211_dump_wiphy_state state = {}; |
| 2074 | |
| 2075 | msg = nlmsg_new(4096, GFP_KERNEL); |
| 2076 | if (!msg) |
| 2077 | return -ENOMEM; |
| 2078 | |
| 2079 | if (nl80211_send_wiphy(rdev, NL80211_CMD_NEW_WIPHY, msg, |
| 2080 | info->snd_portid, info->snd_seq, 0, |
| 2081 | &state) < 0) { |
| 2082 | nlmsg_free(msg); |
| 2083 | return -ENOBUFS; |
| 2084 | } |
| 2085 | |
| 2086 | return genlmsg_reply(msg, info); |
| 2087 | } |
| 2088 | |
| 2089 | static const struct nla_policy txq_params_policy[NL80211_TXQ_ATTR_MAX + 1] = { |
| 2090 | [NL80211_TXQ_ATTR_QUEUE] = { .type = NLA_U8 }, |
| 2091 | [NL80211_TXQ_ATTR_TXOP] = { .type = NLA_U16 }, |
| 2092 | [NL80211_TXQ_ATTR_CWMIN] = { .type = NLA_U16 }, |
| 2093 | [NL80211_TXQ_ATTR_CWMAX] = { .type = NLA_U16 }, |
| 2094 | [NL80211_TXQ_ATTR_AIFS] = { .type = NLA_U8 }, |
| 2095 | }; |
| 2096 | |
| 2097 | static int parse_txq_params(struct nlattr *tb[], |
| 2098 | struct ieee80211_txq_params *txq_params) |
| 2099 | { |
| 2100 | u8 ac; |
| 2101 | |
| 2102 | if (!tb[NL80211_TXQ_ATTR_AC] || !tb[NL80211_TXQ_ATTR_TXOP] || |
| 2103 | !tb[NL80211_TXQ_ATTR_CWMIN] || !tb[NL80211_TXQ_ATTR_CWMAX] || |
| 2104 | !tb[NL80211_TXQ_ATTR_AIFS]) |
| 2105 | return -EINVAL; |
| 2106 | |
| 2107 | ac = nla_get_u8(tb[NL80211_TXQ_ATTR_AC]); |
| 2108 | txq_params->txop = nla_get_u16(tb[NL80211_TXQ_ATTR_TXOP]); |
| 2109 | txq_params->cwmin = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMIN]); |
| 2110 | txq_params->cwmax = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMAX]); |
| 2111 | txq_params->aifs = nla_get_u8(tb[NL80211_TXQ_ATTR_AIFS]); |
| 2112 | |
| 2113 | if (ac >= NL80211_NUM_ACS) |
| 2114 | return -EINVAL; |
| 2115 | txq_params->ac = array_index_nospec(ac, NL80211_NUM_ACS); |
| 2116 | return 0; |
| 2117 | } |
| 2118 | |
| 2119 | static bool nl80211_can_set_dev_channel(struct wireless_dev *wdev) |
| 2120 | { |
| 2121 | /* |
| 2122 | * You can only set the channel explicitly for WDS interfaces, |
| 2123 | * all others have their channel managed via their respective |
| 2124 | * "establish a connection" command (connect, join, ...) |
| 2125 | * |
| 2126 | * For AP/GO and mesh mode, the channel can be set with the |
| 2127 | * channel userspace API, but is only stored and passed to the |
| 2128 | * low-level driver when the AP starts or the mesh is joined. |
| 2129 | * This is for backward compatibility, userspace can also give |
| 2130 | * the channel in the start-ap or join-mesh commands instead. |
| 2131 | * |
| 2132 | * Monitors are special as they are normally slaved to |
| 2133 | * whatever else is going on, so they have their own special |
| 2134 | * operation to set the monitor channel if possible. |
| 2135 | */ |
| 2136 | return !wdev || |
| 2137 | wdev->iftype == NL80211_IFTYPE_AP || |
| 2138 | wdev->iftype == NL80211_IFTYPE_MESH_POINT || |
| 2139 | wdev->iftype == NL80211_IFTYPE_MONITOR || |
| 2140 | wdev->iftype == NL80211_IFTYPE_P2P_GO; |
| 2141 | } |
| 2142 | |
| 2143 | static int nl80211_parse_chandef(struct cfg80211_registered_device *rdev, |
| 2144 | struct genl_info *info, |
| 2145 | struct cfg80211_chan_def *chandef) |
| 2146 | { |
| 2147 | u32 control_freq; |
| 2148 | |
| 2149 | if (!info->attrs[NL80211_ATTR_WIPHY_FREQ]) |
| 2150 | return -EINVAL; |
| 2151 | |
| 2152 | control_freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]); |
| 2153 | |
| 2154 | memset(chandef, 0, sizeof(*chandef)); |
| 2155 | |
| 2156 | chandef->chan = ieee80211_get_channel(&rdev->wiphy, control_freq); |
| 2157 | chandef->width = NL80211_CHAN_WIDTH_20_NOHT; |
| 2158 | chandef->center_freq1 = control_freq; |
| 2159 | chandef->center_freq2 = 0; |
| 2160 | |
| 2161 | /* Primary channel not allowed */ |
| 2162 | if (!chandef->chan || chandef->chan->flags & IEEE80211_CHAN_DISABLED) |
| 2163 | return -EINVAL; |
| 2164 | |
| 2165 | if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) { |
| 2166 | enum nl80211_channel_type chantype; |
| 2167 | |
| 2168 | chantype = nla_get_u32( |
| 2169 | info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]); |
| 2170 | |
| 2171 | switch (chantype) { |
| 2172 | case NL80211_CHAN_NO_HT: |
| 2173 | case NL80211_CHAN_HT20: |
| 2174 | case NL80211_CHAN_HT40PLUS: |
| 2175 | case NL80211_CHAN_HT40MINUS: |
| 2176 | cfg80211_chandef_create(chandef, chandef->chan, |
| 2177 | chantype); |
| 2178 | break; |
| 2179 | default: |
| 2180 | return -EINVAL; |
| 2181 | } |
| 2182 | } else if (info->attrs[NL80211_ATTR_CHANNEL_WIDTH]) { |
| 2183 | chandef->width = |
| 2184 | nla_get_u32(info->attrs[NL80211_ATTR_CHANNEL_WIDTH]); |
| 2185 | if (info->attrs[NL80211_ATTR_CENTER_FREQ1]) |
| 2186 | chandef->center_freq1 = |
| 2187 | nla_get_u32( |
| 2188 | info->attrs[NL80211_ATTR_CENTER_FREQ1]); |
| 2189 | if (info->attrs[NL80211_ATTR_CENTER_FREQ2]) |
| 2190 | chandef->center_freq2 = |
| 2191 | nla_get_u32( |
| 2192 | info->attrs[NL80211_ATTR_CENTER_FREQ2]); |
| 2193 | } |
| 2194 | |
| 2195 | if (!cfg80211_chandef_valid(chandef)) |
| 2196 | return -EINVAL; |
| 2197 | |
| 2198 | if (!cfg80211_chandef_usable(&rdev->wiphy, chandef, |
| 2199 | IEEE80211_CHAN_DISABLED)) |
| 2200 | return -EINVAL; |
| 2201 | |
| 2202 | if ((chandef->width == NL80211_CHAN_WIDTH_5 || |
| 2203 | chandef->width == NL80211_CHAN_WIDTH_10) && |
| 2204 | !(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_5_10_MHZ)) |
| 2205 | return -EINVAL; |
| 2206 | |
| 2207 | return 0; |
| 2208 | } |
| 2209 | |
| 2210 | static int __nl80211_set_channel(struct cfg80211_registered_device *rdev, |
| 2211 | struct net_device *dev, |
| 2212 | struct genl_info *info) |
| 2213 | { |
| 2214 | struct cfg80211_chan_def chandef; |
| 2215 | int result; |
| 2216 | enum nl80211_iftype iftype = NL80211_IFTYPE_MONITOR; |
| 2217 | struct wireless_dev *wdev = NULL; |
| 2218 | |
| 2219 | if (dev) |
| 2220 | wdev = dev->ieee80211_ptr; |
| 2221 | if (!nl80211_can_set_dev_channel(wdev)) |
| 2222 | return -EOPNOTSUPP; |
| 2223 | if (wdev) |
| 2224 | iftype = wdev->iftype; |
| 2225 | |
| 2226 | result = nl80211_parse_chandef(rdev, info, &chandef); |
| 2227 | if (result) |
| 2228 | return result; |
| 2229 | |
| 2230 | switch (iftype) { |
| 2231 | case NL80211_IFTYPE_AP: |
| 2232 | case NL80211_IFTYPE_P2P_GO: |
| 2233 | if (!cfg80211_reg_can_beacon_relax(&rdev->wiphy, &chandef, |
| 2234 | iftype)) { |
| 2235 | result = -EINVAL; |
| 2236 | break; |
| 2237 | } |
| 2238 | if (wdev->beacon_interval) { |
| 2239 | if (!dev || !rdev->ops->set_ap_chanwidth || |
| 2240 | !(rdev->wiphy.features & |
| 2241 | NL80211_FEATURE_AP_MODE_CHAN_WIDTH_CHANGE)) { |
| 2242 | result = -EBUSY; |
| 2243 | break; |
| 2244 | } |
| 2245 | |
| 2246 | /* Only allow dynamic channel width changes */ |
| 2247 | if (chandef.chan != wdev->preset_chandef.chan) { |
| 2248 | result = -EBUSY; |
| 2249 | break; |
| 2250 | } |
| 2251 | result = rdev_set_ap_chanwidth(rdev, dev, &chandef); |
| 2252 | if (result) |
| 2253 | break; |
| 2254 | } |
| 2255 | wdev->preset_chandef = chandef; |
| 2256 | result = 0; |
| 2257 | break; |
| 2258 | case NL80211_IFTYPE_MESH_POINT: |
| 2259 | result = cfg80211_set_mesh_channel(rdev, wdev, &chandef); |
| 2260 | break; |
| 2261 | case NL80211_IFTYPE_MONITOR: |
| 2262 | result = cfg80211_set_monitor_channel(rdev, &chandef); |
| 2263 | break; |
| 2264 | default: |
| 2265 | result = -EINVAL; |
| 2266 | } |
| 2267 | |
| 2268 | return result; |
| 2269 | } |
| 2270 | |
| 2271 | static int nl80211_set_channel(struct sk_buff *skb, struct genl_info *info) |
| 2272 | { |
| 2273 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 2274 | struct net_device *netdev = info->user_ptr[1]; |
| 2275 | |
| 2276 | return __nl80211_set_channel(rdev, netdev, info); |
| 2277 | } |
| 2278 | |
| 2279 | static int nl80211_set_wds_peer(struct sk_buff *skb, struct genl_info *info) |
| 2280 | { |
| 2281 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 2282 | struct net_device *dev = info->user_ptr[1]; |
| 2283 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 2284 | const u8 *bssid; |
| 2285 | |
| 2286 | if (!info->attrs[NL80211_ATTR_MAC]) |
| 2287 | return -EINVAL; |
| 2288 | |
| 2289 | if (netif_running(dev)) |
| 2290 | return -EBUSY; |
| 2291 | |
| 2292 | if (!rdev->ops->set_wds_peer) |
| 2293 | return -EOPNOTSUPP; |
| 2294 | |
| 2295 | if (wdev->iftype != NL80211_IFTYPE_WDS) |
| 2296 | return -EOPNOTSUPP; |
| 2297 | |
| 2298 | bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 2299 | return rdev_set_wds_peer(rdev, dev, bssid); |
| 2300 | } |
| 2301 | |
| 2302 | static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info) |
| 2303 | { |
| 2304 | struct cfg80211_registered_device *rdev; |
| 2305 | struct net_device *netdev = NULL; |
| 2306 | struct wireless_dev *wdev; |
| 2307 | int result = 0, rem_txq_params = 0; |
| 2308 | struct nlattr *nl_txq_params; |
| 2309 | u32 changed; |
| 2310 | u8 retry_short = 0, retry_long = 0; |
| 2311 | u32 frag_threshold = 0, rts_threshold = 0; |
| 2312 | u8 coverage_class = 0; |
| 2313 | |
| 2314 | ASSERT_RTNL(); |
| 2315 | |
| 2316 | /* |
| 2317 | * Try to find the wiphy and netdev. Normally this |
| 2318 | * function shouldn't need the netdev, but this is |
| 2319 | * done for backward compatibility -- previously |
| 2320 | * setting the channel was done per wiphy, but now |
| 2321 | * it is per netdev. Previous userland like hostapd |
| 2322 | * also passed a netdev to set_wiphy, so that it is |
| 2323 | * possible to let that go to the right netdev! |
| 2324 | */ |
| 2325 | |
| 2326 | if (info->attrs[NL80211_ATTR_IFINDEX]) { |
| 2327 | int ifindex = nla_get_u32(info->attrs[NL80211_ATTR_IFINDEX]); |
| 2328 | |
| 2329 | netdev = __dev_get_by_index(genl_info_net(info), ifindex); |
| 2330 | if (netdev && netdev->ieee80211_ptr) |
| 2331 | rdev = wiphy_to_rdev(netdev->ieee80211_ptr->wiphy); |
| 2332 | else |
| 2333 | netdev = NULL; |
| 2334 | } |
| 2335 | |
| 2336 | if (!netdev) { |
| 2337 | rdev = __cfg80211_rdev_from_attrs(genl_info_net(info), |
| 2338 | info->attrs); |
| 2339 | if (IS_ERR(rdev)) |
| 2340 | return PTR_ERR(rdev); |
| 2341 | wdev = NULL; |
| 2342 | netdev = NULL; |
| 2343 | result = 0; |
| 2344 | } else |
| 2345 | wdev = netdev->ieee80211_ptr; |
| 2346 | |
| 2347 | /* |
| 2348 | * end workaround code, by now the rdev is available |
| 2349 | * and locked, and wdev may or may not be NULL. |
| 2350 | */ |
| 2351 | |
| 2352 | if (info->attrs[NL80211_ATTR_WIPHY_NAME]) |
| 2353 | result = cfg80211_dev_rename( |
| 2354 | rdev, nla_data(info->attrs[NL80211_ATTR_WIPHY_NAME])); |
| 2355 | |
| 2356 | if (result) |
| 2357 | return result; |
| 2358 | |
| 2359 | if (info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS]) { |
| 2360 | struct ieee80211_txq_params txq_params; |
| 2361 | struct nlattr *tb[NL80211_TXQ_ATTR_MAX + 1]; |
| 2362 | |
| 2363 | if (!rdev->ops->set_txq_params) |
| 2364 | return -EOPNOTSUPP; |
| 2365 | |
| 2366 | if (!netdev) |
| 2367 | return -EINVAL; |
| 2368 | |
| 2369 | if (netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && |
| 2370 | netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) |
| 2371 | return -EINVAL; |
| 2372 | |
| 2373 | if (!netif_running(netdev)) |
| 2374 | return -ENETDOWN; |
| 2375 | |
| 2376 | nla_for_each_nested(nl_txq_params, |
| 2377 | info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS], |
| 2378 | rem_txq_params) { |
| 2379 | result = nla_parse_nested(tb, NL80211_TXQ_ATTR_MAX, |
| 2380 | nl_txq_params, |
| 2381 | txq_params_policy, |
| 2382 | info->extack); |
| 2383 | if (result) |
| 2384 | return result; |
| 2385 | result = parse_txq_params(tb, &txq_params); |
| 2386 | if (result) |
| 2387 | return result; |
| 2388 | |
| 2389 | result = rdev_set_txq_params(rdev, netdev, |
| 2390 | &txq_params); |
| 2391 | if (result) |
| 2392 | return result; |
| 2393 | } |
| 2394 | } |
| 2395 | |
| 2396 | if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { |
| 2397 | result = __nl80211_set_channel( |
| 2398 | rdev, |
| 2399 | nl80211_can_set_dev_channel(wdev) ? netdev : NULL, |
| 2400 | info); |
| 2401 | if (result) |
| 2402 | return result; |
| 2403 | } |
| 2404 | |
| 2405 | if (info->attrs[NL80211_ATTR_WIPHY_TX_POWER_SETTING]) { |
| 2406 | struct wireless_dev *txp_wdev = wdev; |
| 2407 | enum nl80211_tx_power_setting type; |
| 2408 | int idx, mbm = 0; |
| 2409 | |
| 2410 | if (!(rdev->wiphy.features & NL80211_FEATURE_VIF_TXPOWER)) |
| 2411 | txp_wdev = NULL; |
| 2412 | |
| 2413 | if (!rdev->ops->set_tx_power) |
| 2414 | return -EOPNOTSUPP; |
| 2415 | |
| 2416 | idx = NL80211_ATTR_WIPHY_TX_POWER_SETTING; |
| 2417 | type = nla_get_u32(info->attrs[idx]); |
| 2418 | |
| 2419 | if (!info->attrs[NL80211_ATTR_WIPHY_TX_POWER_LEVEL] && |
| 2420 | (type != NL80211_TX_POWER_AUTOMATIC)) |
| 2421 | return -EINVAL; |
| 2422 | |
| 2423 | if (type != NL80211_TX_POWER_AUTOMATIC) { |
| 2424 | idx = NL80211_ATTR_WIPHY_TX_POWER_LEVEL; |
| 2425 | mbm = nla_get_u32(info->attrs[idx]); |
| 2426 | } |
| 2427 | |
| 2428 | result = rdev_set_tx_power(rdev, txp_wdev, type, mbm); |
| 2429 | if (result) |
| 2430 | return result; |
| 2431 | } |
| 2432 | |
| 2433 | if (info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX] && |
| 2434 | info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]) { |
| 2435 | u32 tx_ant, rx_ant; |
| 2436 | |
| 2437 | if ((!rdev->wiphy.available_antennas_tx && |
| 2438 | !rdev->wiphy.available_antennas_rx) || |
| 2439 | !rdev->ops->set_antenna) |
| 2440 | return -EOPNOTSUPP; |
| 2441 | |
| 2442 | tx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX]); |
| 2443 | rx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]); |
| 2444 | |
| 2445 | /* reject antenna configurations which don't match the |
| 2446 | * available antenna masks, except for the "all" mask */ |
| 2447 | if ((~tx_ant && (tx_ant & ~rdev->wiphy.available_antennas_tx)) || |
| 2448 | (~rx_ant && (rx_ant & ~rdev->wiphy.available_antennas_rx))) |
| 2449 | return -EINVAL; |
| 2450 | |
| 2451 | tx_ant = tx_ant & rdev->wiphy.available_antennas_tx; |
| 2452 | rx_ant = rx_ant & rdev->wiphy.available_antennas_rx; |
| 2453 | |
| 2454 | result = rdev_set_antenna(rdev, tx_ant, rx_ant); |
| 2455 | if (result) |
| 2456 | return result; |
| 2457 | } |
| 2458 | |
| 2459 | changed = 0; |
| 2460 | |
| 2461 | if (info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]) { |
| 2462 | retry_short = nla_get_u8( |
| 2463 | info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]); |
| 2464 | if (retry_short == 0) |
| 2465 | return -EINVAL; |
| 2466 | |
| 2467 | changed |= WIPHY_PARAM_RETRY_SHORT; |
| 2468 | } |
| 2469 | |
| 2470 | if (info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]) { |
| 2471 | retry_long = nla_get_u8( |
| 2472 | info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]); |
| 2473 | if (retry_long == 0) |
| 2474 | return -EINVAL; |
| 2475 | |
| 2476 | changed |= WIPHY_PARAM_RETRY_LONG; |
| 2477 | } |
| 2478 | |
| 2479 | if (info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]) { |
| 2480 | frag_threshold = nla_get_u32( |
| 2481 | info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]); |
| 2482 | if (frag_threshold < 256) |
| 2483 | return -EINVAL; |
| 2484 | |
| 2485 | if (frag_threshold != (u32) -1) { |
| 2486 | /* |
| 2487 | * Fragments (apart from the last one) are required to |
| 2488 | * have even length. Make the fragmentation code |
| 2489 | * simpler by stripping LSB should someone try to use |
| 2490 | * odd threshold value. |
| 2491 | */ |
| 2492 | frag_threshold &= ~0x1; |
| 2493 | } |
| 2494 | changed |= WIPHY_PARAM_FRAG_THRESHOLD; |
| 2495 | } |
| 2496 | |
| 2497 | if (info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]) { |
| 2498 | rts_threshold = nla_get_u32( |
| 2499 | info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]); |
| 2500 | changed |= WIPHY_PARAM_RTS_THRESHOLD; |
| 2501 | } |
| 2502 | |
| 2503 | if (info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]) { |
| 2504 | if (info->attrs[NL80211_ATTR_WIPHY_DYN_ACK]) |
| 2505 | return -EINVAL; |
| 2506 | |
| 2507 | coverage_class = nla_get_u8( |
| 2508 | info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]); |
| 2509 | changed |= WIPHY_PARAM_COVERAGE_CLASS; |
| 2510 | } |
| 2511 | |
| 2512 | if (info->attrs[NL80211_ATTR_WIPHY_DYN_ACK]) { |
| 2513 | if (!(rdev->wiphy.features & NL80211_FEATURE_ACKTO_ESTIMATION)) |
| 2514 | return -EOPNOTSUPP; |
| 2515 | |
| 2516 | changed |= WIPHY_PARAM_DYN_ACK; |
| 2517 | } |
| 2518 | |
| 2519 | if (changed) { |
| 2520 | u8 old_retry_short, old_retry_long; |
| 2521 | u32 old_frag_threshold, old_rts_threshold; |
| 2522 | u8 old_coverage_class; |
| 2523 | |
| 2524 | if (!rdev->ops->set_wiphy_params) |
| 2525 | return -EOPNOTSUPP; |
| 2526 | |
| 2527 | old_retry_short = rdev->wiphy.retry_short; |
| 2528 | old_retry_long = rdev->wiphy.retry_long; |
| 2529 | old_frag_threshold = rdev->wiphy.frag_threshold; |
| 2530 | old_rts_threshold = rdev->wiphy.rts_threshold; |
| 2531 | old_coverage_class = rdev->wiphy.coverage_class; |
| 2532 | |
| 2533 | if (changed & WIPHY_PARAM_RETRY_SHORT) |
| 2534 | rdev->wiphy.retry_short = retry_short; |
| 2535 | if (changed & WIPHY_PARAM_RETRY_LONG) |
| 2536 | rdev->wiphy.retry_long = retry_long; |
| 2537 | if (changed & WIPHY_PARAM_FRAG_THRESHOLD) |
| 2538 | rdev->wiphy.frag_threshold = frag_threshold; |
| 2539 | if (changed & WIPHY_PARAM_RTS_THRESHOLD) |
| 2540 | rdev->wiphy.rts_threshold = rts_threshold; |
| 2541 | if (changed & WIPHY_PARAM_COVERAGE_CLASS) |
| 2542 | rdev->wiphy.coverage_class = coverage_class; |
| 2543 | |
| 2544 | result = rdev_set_wiphy_params(rdev, changed); |
| 2545 | if (result) { |
| 2546 | rdev->wiphy.retry_short = old_retry_short; |
| 2547 | rdev->wiphy.retry_long = old_retry_long; |
| 2548 | rdev->wiphy.frag_threshold = old_frag_threshold; |
| 2549 | rdev->wiphy.rts_threshold = old_rts_threshold; |
| 2550 | rdev->wiphy.coverage_class = old_coverage_class; |
| 2551 | return result; |
| 2552 | } |
| 2553 | } |
| 2554 | return 0; |
| 2555 | } |
| 2556 | |
| 2557 | static inline u64 wdev_id(struct wireless_dev *wdev) |
| 2558 | { |
| 2559 | return (u64)wdev->identifier | |
| 2560 | ((u64)wiphy_to_rdev(wdev->wiphy)->wiphy_idx << 32); |
| 2561 | } |
| 2562 | |
| 2563 | static int nl80211_send_chandef(struct sk_buff *msg, |
| 2564 | const struct cfg80211_chan_def *chandef) |
| 2565 | { |
| 2566 | if (WARN_ON(!cfg80211_chandef_valid(chandef))) |
| 2567 | return -EINVAL; |
| 2568 | |
| 2569 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, |
| 2570 | chandef->chan->center_freq)) |
| 2571 | return -ENOBUFS; |
| 2572 | switch (chandef->width) { |
| 2573 | case NL80211_CHAN_WIDTH_20_NOHT: |
| 2574 | case NL80211_CHAN_WIDTH_20: |
| 2575 | case NL80211_CHAN_WIDTH_40: |
| 2576 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, |
| 2577 | cfg80211_get_chandef_type(chandef))) |
| 2578 | return -ENOBUFS; |
| 2579 | break; |
| 2580 | default: |
| 2581 | break; |
| 2582 | } |
| 2583 | if (nla_put_u32(msg, NL80211_ATTR_CHANNEL_WIDTH, chandef->width)) |
| 2584 | return -ENOBUFS; |
| 2585 | if (nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ1, chandef->center_freq1)) |
| 2586 | return -ENOBUFS; |
| 2587 | if (chandef->center_freq2 && |
| 2588 | nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ2, chandef->center_freq2)) |
| 2589 | return -ENOBUFS; |
| 2590 | return 0; |
| 2591 | } |
| 2592 | |
| 2593 | static int nl80211_send_iface(struct sk_buff *msg, u32 portid, u32 seq, int flags, |
| 2594 | struct cfg80211_registered_device *rdev, |
| 2595 | struct wireless_dev *wdev, bool removal) |
| 2596 | { |
| 2597 | struct net_device *dev = wdev->netdev; |
| 2598 | u8 cmd = NL80211_CMD_NEW_INTERFACE; |
| 2599 | void *hdr; |
| 2600 | |
| 2601 | if (removal) |
| 2602 | cmd = NL80211_CMD_DEL_INTERFACE; |
| 2603 | |
| 2604 | hdr = nl80211hdr_put(msg, portid, seq, flags, cmd); |
| 2605 | if (!hdr) |
| 2606 | return -1; |
| 2607 | |
| 2608 | if (dev && |
| 2609 | (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) || |
| 2610 | nla_put_string(msg, NL80211_ATTR_IFNAME, dev->name))) |
| 2611 | goto nla_put_failure; |
| 2612 | |
| 2613 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 2614 | nla_put_u32(msg, NL80211_ATTR_IFTYPE, wdev->iftype) || |
| 2615 | nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev), |
| 2616 | NL80211_ATTR_PAD) || |
| 2617 | nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, wdev_address(wdev)) || |
| 2618 | nla_put_u32(msg, NL80211_ATTR_GENERATION, |
| 2619 | rdev->devlist_generation ^ |
| 2620 | (cfg80211_rdev_list_generation << 2))) |
| 2621 | goto nla_put_failure; |
| 2622 | |
| 2623 | if (rdev->ops->get_channel) { |
| 2624 | int ret; |
| 2625 | struct cfg80211_chan_def chandef = {}; |
| 2626 | |
| 2627 | ret = rdev_get_channel(rdev, wdev, &chandef); |
| 2628 | if (ret == 0) { |
| 2629 | if (nl80211_send_chandef(msg, &chandef)) |
| 2630 | goto nla_put_failure; |
| 2631 | } |
| 2632 | } |
| 2633 | |
| 2634 | if (rdev->ops->get_tx_power) { |
| 2635 | int dbm, ret; |
| 2636 | |
| 2637 | ret = rdev_get_tx_power(rdev, wdev, &dbm); |
| 2638 | if (ret == 0 && |
| 2639 | nla_put_u32(msg, NL80211_ATTR_WIPHY_TX_POWER_LEVEL, |
| 2640 | DBM_TO_MBM(dbm))) |
| 2641 | goto nla_put_failure; |
| 2642 | } |
| 2643 | |
| 2644 | if (wdev->ssid_len) { |
| 2645 | if (nla_put(msg, NL80211_ATTR_SSID, wdev->ssid_len, wdev->ssid)) |
| 2646 | goto nla_put_failure; |
| 2647 | } |
| 2648 | |
| 2649 | genlmsg_end(msg, hdr); |
| 2650 | return 0; |
| 2651 | |
| 2652 | nla_put_failure: |
| 2653 | genlmsg_cancel(msg, hdr); |
| 2654 | return -EMSGSIZE; |
| 2655 | } |
| 2656 | |
| 2657 | static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback *cb) |
| 2658 | { |
| 2659 | int wp_idx = 0; |
| 2660 | int if_idx = 0; |
| 2661 | int wp_start = cb->args[0]; |
| 2662 | int if_start = cb->args[1]; |
| 2663 | int filter_wiphy = -1; |
| 2664 | struct cfg80211_registered_device *rdev; |
| 2665 | struct wireless_dev *wdev; |
| 2666 | int ret; |
| 2667 | |
| 2668 | rtnl_lock(); |
| 2669 | if (!cb->args[2]) { |
| 2670 | struct nl80211_dump_wiphy_state state = { |
| 2671 | .filter_wiphy = -1, |
| 2672 | }; |
| 2673 | |
| 2674 | ret = nl80211_dump_wiphy_parse(skb, cb, &state); |
| 2675 | if (ret) |
| 2676 | goto out_unlock; |
| 2677 | |
| 2678 | filter_wiphy = state.filter_wiphy; |
| 2679 | |
| 2680 | /* |
| 2681 | * if filtering, set cb->args[2] to +1 since 0 is the default |
| 2682 | * value needed to determine that parsing is necessary. |
| 2683 | */ |
| 2684 | if (filter_wiphy >= 0) |
| 2685 | cb->args[2] = filter_wiphy + 1; |
| 2686 | else |
| 2687 | cb->args[2] = -1; |
| 2688 | } else if (cb->args[2] > 0) { |
| 2689 | filter_wiphy = cb->args[2] - 1; |
| 2690 | } |
| 2691 | |
| 2692 | list_for_each_entry(rdev, &cfg80211_rdev_list, list) { |
| 2693 | if (!net_eq(wiphy_net(&rdev->wiphy), sock_net(skb->sk))) |
| 2694 | continue; |
| 2695 | if (wp_idx < wp_start) { |
| 2696 | wp_idx++; |
| 2697 | continue; |
| 2698 | } |
| 2699 | |
| 2700 | if (filter_wiphy >= 0 && filter_wiphy != rdev->wiphy_idx) |
| 2701 | continue; |
| 2702 | |
| 2703 | if_idx = 0; |
| 2704 | |
| 2705 | list_for_each_entry(wdev, &rdev->wiphy.wdev_list, list) { |
| 2706 | if (if_idx < if_start) { |
| 2707 | if_idx++; |
| 2708 | continue; |
| 2709 | } |
| 2710 | if (nl80211_send_iface(skb, NETLINK_CB(cb->skb).portid, |
| 2711 | cb->nlh->nlmsg_seq, NLM_F_MULTI, |
| 2712 | rdev, wdev, false) < 0) { |
| 2713 | goto out; |
| 2714 | } |
| 2715 | if_idx++; |
| 2716 | } |
| 2717 | |
| 2718 | wp_idx++; |
| 2719 | } |
| 2720 | out: |
| 2721 | cb->args[0] = wp_idx; |
| 2722 | cb->args[1] = if_idx; |
| 2723 | |
| 2724 | ret = skb->len; |
| 2725 | out_unlock: |
| 2726 | rtnl_unlock(); |
| 2727 | |
| 2728 | return ret; |
| 2729 | } |
| 2730 | |
| 2731 | static int nl80211_get_interface(struct sk_buff *skb, struct genl_info *info) |
| 2732 | { |
| 2733 | struct sk_buff *msg; |
| 2734 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 2735 | struct wireless_dev *wdev = info->user_ptr[1]; |
| 2736 | |
| 2737 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); |
| 2738 | if (!msg) |
| 2739 | return -ENOMEM; |
| 2740 | |
| 2741 | if (nl80211_send_iface(msg, info->snd_portid, info->snd_seq, 0, |
| 2742 | rdev, wdev, false) < 0) { |
| 2743 | nlmsg_free(msg); |
| 2744 | return -ENOBUFS; |
| 2745 | } |
| 2746 | |
| 2747 | return genlmsg_reply(msg, info); |
| 2748 | } |
| 2749 | |
| 2750 | static const struct nla_policy mntr_flags_policy[NL80211_MNTR_FLAG_MAX + 1] = { |
| 2751 | [NL80211_MNTR_FLAG_FCSFAIL] = { .type = NLA_FLAG }, |
| 2752 | [NL80211_MNTR_FLAG_PLCPFAIL] = { .type = NLA_FLAG }, |
| 2753 | [NL80211_MNTR_FLAG_CONTROL] = { .type = NLA_FLAG }, |
| 2754 | [NL80211_MNTR_FLAG_OTHER_BSS] = { .type = NLA_FLAG }, |
| 2755 | [NL80211_MNTR_FLAG_COOK_FRAMES] = { .type = NLA_FLAG }, |
| 2756 | [NL80211_MNTR_FLAG_ACTIVE] = { .type = NLA_FLAG }, |
| 2757 | }; |
| 2758 | |
| 2759 | static int parse_monitor_flags(struct nlattr *nla, u32 *mntrflags) |
| 2760 | { |
| 2761 | struct nlattr *flags[NL80211_MNTR_FLAG_MAX + 1]; |
| 2762 | int flag; |
| 2763 | |
| 2764 | *mntrflags = 0; |
| 2765 | |
| 2766 | if (!nla) |
| 2767 | return -EINVAL; |
| 2768 | |
| 2769 | if (nla_parse_nested(flags, NL80211_MNTR_FLAG_MAX, nla, |
| 2770 | mntr_flags_policy, NULL)) |
| 2771 | return -EINVAL; |
| 2772 | |
| 2773 | for (flag = 1; flag <= NL80211_MNTR_FLAG_MAX; flag++) |
| 2774 | if (flags[flag]) |
| 2775 | *mntrflags |= (1<<flag); |
| 2776 | |
| 2777 | *mntrflags |= MONITOR_FLAG_CHANGED; |
| 2778 | |
| 2779 | return 0; |
| 2780 | } |
| 2781 | |
| 2782 | static int nl80211_parse_mon_options(struct cfg80211_registered_device *rdev, |
| 2783 | enum nl80211_iftype type, |
| 2784 | struct genl_info *info, |
| 2785 | struct vif_params *params) |
| 2786 | { |
| 2787 | bool change = false; |
| 2788 | int err; |
| 2789 | |
| 2790 | if (info->attrs[NL80211_ATTR_MNTR_FLAGS]) { |
| 2791 | if (type != NL80211_IFTYPE_MONITOR) |
| 2792 | return -EINVAL; |
| 2793 | |
| 2794 | err = parse_monitor_flags(info->attrs[NL80211_ATTR_MNTR_FLAGS], |
| 2795 | ¶ms->flags); |
| 2796 | if (err) |
| 2797 | return err; |
| 2798 | |
| 2799 | change = true; |
| 2800 | } |
| 2801 | |
| 2802 | if (params->flags & MONITOR_FLAG_ACTIVE && |
| 2803 | !(rdev->wiphy.features & NL80211_FEATURE_ACTIVE_MONITOR)) |
| 2804 | return -EOPNOTSUPP; |
| 2805 | |
| 2806 | if (info->attrs[NL80211_ATTR_MU_MIMO_GROUP_DATA]) { |
| 2807 | const u8 *mumimo_groups; |
| 2808 | u32 cap_flag = NL80211_EXT_FEATURE_MU_MIMO_AIR_SNIFFER; |
| 2809 | |
| 2810 | if (type != NL80211_IFTYPE_MONITOR) |
| 2811 | return -EINVAL; |
| 2812 | |
| 2813 | if (!wiphy_ext_feature_isset(&rdev->wiphy, cap_flag)) |
| 2814 | return -EOPNOTSUPP; |
| 2815 | |
| 2816 | mumimo_groups = |
| 2817 | nla_data(info->attrs[NL80211_ATTR_MU_MIMO_GROUP_DATA]); |
| 2818 | |
| 2819 | /* bits 0 and 63 are reserved and must be zero */ |
| 2820 | if ((mumimo_groups[0] & BIT(0)) || |
| 2821 | (mumimo_groups[VHT_MUMIMO_GROUPS_DATA_LEN - 1] & BIT(7))) |
| 2822 | return -EINVAL; |
| 2823 | |
| 2824 | params->vht_mumimo_groups = mumimo_groups; |
| 2825 | change = true; |
| 2826 | } |
| 2827 | |
| 2828 | if (info->attrs[NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR]) { |
| 2829 | u32 cap_flag = NL80211_EXT_FEATURE_MU_MIMO_AIR_SNIFFER; |
| 2830 | |
| 2831 | if (type != NL80211_IFTYPE_MONITOR) |
| 2832 | return -EINVAL; |
| 2833 | |
| 2834 | if (!wiphy_ext_feature_isset(&rdev->wiphy, cap_flag)) |
| 2835 | return -EOPNOTSUPP; |
| 2836 | |
| 2837 | params->vht_mumimo_follow_addr = |
| 2838 | nla_data(info->attrs[NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR]); |
| 2839 | change = true; |
| 2840 | } |
| 2841 | |
| 2842 | return change ? 1 : 0; |
| 2843 | } |
| 2844 | |
| 2845 | static int nl80211_valid_4addr(struct cfg80211_registered_device *rdev, |
| 2846 | struct net_device *netdev, u8 use_4addr, |
| 2847 | enum nl80211_iftype iftype) |
| 2848 | { |
| 2849 | if (!use_4addr) { |
| 2850 | if (netdev && (netdev->priv_flags & IFF_BRIDGE_PORT)) |
| 2851 | return -EBUSY; |
| 2852 | return 0; |
| 2853 | } |
| 2854 | |
| 2855 | switch (iftype) { |
| 2856 | case NL80211_IFTYPE_AP_VLAN: |
| 2857 | if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_AP) |
| 2858 | return 0; |
| 2859 | break; |
| 2860 | case NL80211_IFTYPE_STATION: |
| 2861 | if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_STATION) |
| 2862 | return 0; |
| 2863 | break; |
| 2864 | default: |
| 2865 | break; |
| 2866 | } |
| 2867 | |
| 2868 | return -EOPNOTSUPP; |
| 2869 | } |
| 2870 | |
| 2871 | static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info) |
| 2872 | { |
| 2873 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 2874 | struct vif_params params; |
| 2875 | int err; |
| 2876 | enum nl80211_iftype otype, ntype; |
| 2877 | struct net_device *dev = info->user_ptr[1]; |
| 2878 | bool change = false; |
| 2879 | |
| 2880 | memset(¶ms, 0, sizeof(params)); |
| 2881 | |
| 2882 | otype = ntype = dev->ieee80211_ptr->iftype; |
| 2883 | |
| 2884 | if (info->attrs[NL80211_ATTR_IFTYPE]) { |
| 2885 | ntype = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]); |
| 2886 | if (otype != ntype) |
| 2887 | change = true; |
| 2888 | if (ntype > NL80211_IFTYPE_MAX) |
| 2889 | return -EINVAL; |
| 2890 | } |
| 2891 | |
| 2892 | if (info->attrs[NL80211_ATTR_MESH_ID]) { |
| 2893 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 2894 | |
| 2895 | if (ntype != NL80211_IFTYPE_MESH_POINT) |
| 2896 | return -EINVAL; |
| 2897 | if (netif_running(dev)) |
| 2898 | return -EBUSY; |
| 2899 | |
| 2900 | wdev_lock(wdev); |
| 2901 | BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN != |
| 2902 | IEEE80211_MAX_MESH_ID_LEN); |
| 2903 | wdev->mesh_id_up_len = |
| 2904 | nla_len(info->attrs[NL80211_ATTR_MESH_ID]); |
| 2905 | memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]), |
| 2906 | wdev->mesh_id_up_len); |
| 2907 | wdev_unlock(wdev); |
| 2908 | } |
| 2909 | |
| 2910 | if (info->attrs[NL80211_ATTR_4ADDR]) { |
| 2911 | params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]); |
| 2912 | change = true; |
| 2913 | err = nl80211_valid_4addr(rdev, dev, params.use_4addr, ntype); |
| 2914 | if (err) |
| 2915 | return err; |
| 2916 | } else { |
| 2917 | params.use_4addr = -1; |
| 2918 | } |
| 2919 | |
| 2920 | err = nl80211_parse_mon_options(rdev, ntype, info, ¶ms); |
| 2921 | if (err < 0) |
| 2922 | return err; |
| 2923 | if (err > 0) |
| 2924 | change = true; |
| 2925 | |
| 2926 | if (change) |
| 2927 | err = cfg80211_change_iface(rdev, dev, ntype, ¶ms); |
| 2928 | else |
| 2929 | err = 0; |
| 2930 | |
| 2931 | if (!err && params.use_4addr != -1) |
| 2932 | dev->ieee80211_ptr->use_4addr = params.use_4addr; |
| 2933 | |
| 2934 | return err; |
| 2935 | } |
| 2936 | |
| 2937 | static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info) |
| 2938 | { |
| 2939 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 2940 | struct vif_params params; |
| 2941 | struct wireless_dev *wdev; |
| 2942 | struct sk_buff *msg; |
| 2943 | int err; |
| 2944 | enum nl80211_iftype type = NL80211_IFTYPE_UNSPECIFIED; |
| 2945 | |
| 2946 | /* to avoid failing a new interface creation due to pending removal */ |
| 2947 | cfg80211_destroy_ifaces(rdev); |
| 2948 | |
| 2949 | memset(¶ms, 0, sizeof(params)); |
| 2950 | |
| 2951 | if (!info->attrs[NL80211_ATTR_IFNAME]) |
| 2952 | return -EINVAL; |
| 2953 | |
| 2954 | if (info->attrs[NL80211_ATTR_IFTYPE]) { |
| 2955 | type = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]); |
| 2956 | if (type > NL80211_IFTYPE_MAX) |
| 2957 | return -EINVAL; |
| 2958 | } |
| 2959 | |
| 2960 | if (!rdev->ops->add_virtual_intf || |
| 2961 | !(rdev->wiphy.interface_modes & (1 << type))) |
| 2962 | return -EOPNOTSUPP; |
| 2963 | |
| 2964 | if ((type == NL80211_IFTYPE_P2P_DEVICE || type == NL80211_IFTYPE_NAN || |
| 2965 | rdev->wiphy.features & NL80211_FEATURE_MAC_ON_CREATE) && |
| 2966 | info->attrs[NL80211_ATTR_MAC]) { |
| 2967 | nla_memcpy(params.macaddr, info->attrs[NL80211_ATTR_MAC], |
| 2968 | ETH_ALEN); |
| 2969 | if (!is_valid_ether_addr(params.macaddr)) |
| 2970 | return -EADDRNOTAVAIL; |
| 2971 | } |
| 2972 | |
| 2973 | if (info->attrs[NL80211_ATTR_4ADDR]) { |
| 2974 | params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]); |
| 2975 | err = nl80211_valid_4addr(rdev, NULL, params.use_4addr, type); |
| 2976 | if (err) |
| 2977 | return err; |
| 2978 | } |
| 2979 | |
| 2980 | err = nl80211_parse_mon_options(rdev, type, info, ¶ms); |
| 2981 | if (err < 0) |
| 2982 | return err; |
| 2983 | |
| 2984 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); |
| 2985 | if (!msg) |
| 2986 | return -ENOMEM; |
| 2987 | |
| 2988 | wdev = rdev_add_virtual_intf(rdev, |
| 2989 | nla_data(info->attrs[NL80211_ATTR_IFNAME]), |
| 2990 | NET_NAME_USER, type, ¶ms); |
| 2991 | if (WARN_ON(!wdev)) { |
| 2992 | nlmsg_free(msg); |
| 2993 | return -EPROTO; |
| 2994 | } else if (IS_ERR(wdev)) { |
| 2995 | nlmsg_free(msg); |
| 2996 | return PTR_ERR(wdev); |
| 2997 | } |
| 2998 | |
| 2999 | if (info->attrs[NL80211_ATTR_SOCKET_OWNER]) |
| 3000 | wdev->owner_nlportid = info->snd_portid; |
| 3001 | |
| 3002 | switch (type) { |
| 3003 | case NL80211_IFTYPE_MESH_POINT: |
| 3004 | if (!info->attrs[NL80211_ATTR_MESH_ID]) |
| 3005 | break; |
| 3006 | wdev_lock(wdev); |
| 3007 | BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN != |
| 3008 | IEEE80211_MAX_MESH_ID_LEN); |
| 3009 | wdev->mesh_id_up_len = |
| 3010 | nla_len(info->attrs[NL80211_ATTR_MESH_ID]); |
| 3011 | memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]), |
| 3012 | wdev->mesh_id_up_len); |
| 3013 | wdev_unlock(wdev); |
| 3014 | break; |
| 3015 | case NL80211_IFTYPE_NAN: |
| 3016 | case NL80211_IFTYPE_P2P_DEVICE: |
| 3017 | /* |
| 3018 | * P2P Device and NAN do not have a netdev, so don't go |
| 3019 | * through the netdev notifier and must be added here |
| 3020 | */ |
| 3021 | mutex_init(&wdev->mtx); |
| 3022 | INIT_LIST_HEAD(&wdev->event_list); |
| 3023 | spin_lock_init(&wdev->event_lock); |
| 3024 | INIT_LIST_HEAD(&wdev->mgmt_registrations); |
| 3025 | spin_lock_init(&wdev->mgmt_registrations_lock); |
| 3026 | |
| 3027 | wdev->identifier = ++rdev->wdev_id; |
| 3028 | list_add_rcu(&wdev->list, &rdev->wiphy.wdev_list); |
| 3029 | rdev->devlist_generation++; |
| 3030 | break; |
| 3031 | default: |
| 3032 | break; |
| 3033 | } |
| 3034 | |
| 3035 | if (nl80211_send_iface(msg, info->snd_portid, info->snd_seq, 0, |
| 3036 | rdev, wdev, false) < 0) { |
| 3037 | nlmsg_free(msg); |
| 3038 | return -ENOBUFS; |
| 3039 | } |
| 3040 | |
| 3041 | /* |
| 3042 | * For wdevs which have no associated netdev object (e.g. of type |
| 3043 | * NL80211_IFTYPE_P2P_DEVICE), emit the NEW_INTERFACE event here. |
| 3044 | * For all other types, the event will be generated from the |
| 3045 | * netdev notifier |
| 3046 | */ |
| 3047 | if (!wdev->netdev) |
| 3048 | nl80211_notify_iface(rdev, wdev, NL80211_CMD_NEW_INTERFACE); |
| 3049 | |
| 3050 | return genlmsg_reply(msg, info); |
| 3051 | } |
| 3052 | |
| 3053 | static int nl80211_del_interface(struct sk_buff *skb, struct genl_info *info) |
| 3054 | { |
| 3055 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 3056 | struct wireless_dev *wdev = info->user_ptr[1]; |
| 3057 | |
| 3058 | if (!rdev->ops->del_virtual_intf) |
| 3059 | return -EOPNOTSUPP; |
| 3060 | |
| 3061 | /* |
| 3062 | * If we remove a wireless device without a netdev then clear |
| 3063 | * user_ptr[1] so that nl80211_post_doit won't dereference it |
| 3064 | * to check if it needs to do dev_put(). Otherwise it crashes |
| 3065 | * since the wdev has been freed, unlike with a netdev where |
| 3066 | * we need the dev_put() for the netdev to really be freed. |
| 3067 | */ |
| 3068 | if (!wdev->netdev) |
| 3069 | info->user_ptr[1] = NULL; |
| 3070 | |
| 3071 | return rdev_del_virtual_intf(rdev, wdev); |
| 3072 | } |
| 3073 | |
| 3074 | static int nl80211_set_noack_map(struct sk_buff *skb, struct genl_info *info) |
| 3075 | { |
| 3076 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 3077 | struct net_device *dev = info->user_ptr[1]; |
| 3078 | u16 noack_map; |
| 3079 | |
| 3080 | if (!info->attrs[NL80211_ATTR_NOACK_MAP]) |
| 3081 | return -EINVAL; |
| 3082 | |
| 3083 | if (!rdev->ops->set_noack_map) |
| 3084 | return -EOPNOTSUPP; |
| 3085 | |
| 3086 | noack_map = nla_get_u16(info->attrs[NL80211_ATTR_NOACK_MAP]); |
| 3087 | |
| 3088 | return rdev_set_noack_map(rdev, dev, noack_map); |
| 3089 | } |
| 3090 | |
| 3091 | struct get_key_cookie { |
| 3092 | struct sk_buff *msg; |
| 3093 | int error; |
| 3094 | int idx; |
| 3095 | }; |
| 3096 | |
| 3097 | static void get_key_callback(void *c, struct key_params *params) |
| 3098 | { |
| 3099 | struct nlattr *key; |
| 3100 | struct get_key_cookie *cookie = c; |
| 3101 | |
| 3102 | if ((params->key && |
| 3103 | nla_put(cookie->msg, NL80211_ATTR_KEY_DATA, |
| 3104 | params->key_len, params->key)) || |
| 3105 | (params->seq && |
| 3106 | nla_put(cookie->msg, NL80211_ATTR_KEY_SEQ, |
| 3107 | params->seq_len, params->seq)) || |
| 3108 | (params->cipher && |
| 3109 | nla_put_u32(cookie->msg, NL80211_ATTR_KEY_CIPHER, |
| 3110 | params->cipher))) |
| 3111 | goto nla_put_failure; |
| 3112 | |
| 3113 | key = nla_nest_start(cookie->msg, NL80211_ATTR_KEY); |
| 3114 | if (!key) |
| 3115 | goto nla_put_failure; |
| 3116 | |
| 3117 | if ((params->key && |
| 3118 | nla_put(cookie->msg, NL80211_KEY_DATA, |
| 3119 | params->key_len, params->key)) || |
| 3120 | (params->seq && |
| 3121 | nla_put(cookie->msg, NL80211_KEY_SEQ, |
| 3122 | params->seq_len, params->seq)) || |
| 3123 | (params->cipher && |
| 3124 | nla_put_u32(cookie->msg, NL80211_KEY_CIPHER, |
| 3125 | params->cipher))) |
| 3126 | goto nla_put_failure; |
| 3127 | |
| 3128 | if (nla_put_u8(cookie->msg, NL80211_KEY_IDX, cookie->idx)) |
| 3129 | goto nla_put_failure; |
| 3130 | |
| 3131 | nla_nest_end(cookie->msg, key); |
| 3132 | |
| 3133 | return; |
| 3134 | nla_put_failure: |
| 3135 | cookie->error = 1; |
| 3136 | } |
| 3137 | |
| 3138 | static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info) |
| 3139 | { |
| 3140 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 3141 | int err; |
| 3142 | struct net_device *dev = info->user_ptr[1]; |
| 3143 | u8 key_idx = 0; |
| 3144 | const u8 *mac_addr = NULL; |
| 3145 | bool pairwise; |
| 3146 | struct get_key_cookie cookie = { |
| 3147 | .error = 0, |
| 3148 | }; |
| 3149 | void *hdr; |
| 3150 | struct sk_buff *msg; |
| 3151 | |
| 3152 | if (info->attrs[NL80211_ATTR_KEY_IDX]) |
| 3153 | key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]); |
| 3154 | |
| 3155 | if (key_idx > 5) |
| 3156 | return -EINVAL; |
| 3157 | |
| 3158 | if (info->attrs[NL80211_ATTR_MAC]) |
| 3159 | mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 3160 | |
| 3161 | pairwise = !!mac_addr; |
| 3162 | if (info->attrs[NL80211_ATTR_KEY_TYPE]) { |
| 3163 | u32 kt = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]); |
| 3164 | |
| 3165 | if (kt >= NUM_NL80211_KEYTYPES) |
| 3166 | return -EINVAL; |
| 3167 | if (kt != NL80211_KEYTYPE_GROUP && |
| 3168 | kt != NL80211_KEYTYPE_PAIRWISE) |
| 3169 | return -EINVAL; |
| 3170 | pairwise = kt == NL80211_KEYTYPE_PAIRWISE; |
| 3171 | } |
| 3172 | |
| 3173 | if (!rdev->ops->get_key) |
| 3174 | return -EOPNOTSUPP; |
| 3175 | |
| 3176 | if (!pairwise && mac_addr && !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN)) |
| 3177 | return -ENOENT; |
| 3178 | |
| 3179 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); |
| 3180 | if (!msg) |
| 3181 | return -ENOMEM; |
| 3182 | |
| 3183 | hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0, |
| 3184 | NL80211_CMD_NEW_KEY); |
| 3185 | if (!hdr) |
| 3186 | goto nla_put_failure; |
| 3187 | |
| 3188 | cookie.msg = msg; |
| 3189 | cookie.idx = key_idx; |
| 3190 | |
| 3191 | if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) || |
| 3192 | nla_put_u8(msg, NL80211_ATTR_KEY_IDX, key_idx)) |
| 3193 | goto nla_put_failure; |
| 3194 | if (mac_addr && |
| 3195 | nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr)) |
| 3196 | goto nla_put_failure; |
| 3197 | |
| 3198 | err = rdev_get_key(rdev, dev, key_idx, pairwise, mac_addr, &cookie, |
| 3199 | get_key_callback); |
| 3200 | |
| 3201 | if (err) |
| 3202 | goto free_msg; |
| 3203 | |
| 3204 | if (cookie.error) |
| 3205 | goto nla_put_failure; |
| 3206 | |
| 3207 | genlmsg_end(msg, hdr); |
| 3208 | return genlmsg_reply(msg, info); |
| 3209 | |
| 3210 | nla_put_failure: |
| 3211 | err = -ENOBUFS; |
| 3212 | free_msg: |
| 3213 | nlmsg_free(msg); |
| 3214 | return err; |
| 3215 | } |
| 3216 | |
| 3217 | static int nl80211_set_key(struct sk_buff *skb, struct genl_info *info) |
| 3218 | { |
| 3219 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 3220 | struct key_parse key; |
| 3221 | int err; |
| 3222 | struct net_device *dev = info->user_ptr[1]; |
| 3223 | |
| 3224 | err = nl80211_parse_key(info, &key); |
| 3225 | if (err) |
| 3226 | return err; |
| 3227 | |
| 3228 | if (key.idx < 0) |
| 3229 | return -EINVAL; |
| 3230 | |
| 3231 | /* only support setting default key */ |
| 3232 | if (!key.def && !key.defmgmt) |
| 3233 | return -EINVAL; |
| 3234 | |
| 3235 | wdev_lock(dev->ieee80211_ptr); |
| 3236 | |
| 3237 | if (key.def) { |
| 3238 | if (!rdev->ops->set_default_key) { |
| 3239 | err = -EOPNOTSUPP; |
| 3240 | goto out; |
| 3241 | } |
| 3242 | |
| 3243 | err = nl80211_key_allowed(dev->ieee80211_ptr); |
| 3244 | if (err) |
| 3245 | goto out; |
| 3246 | |
| 3247 | err = rdev_set_default_key(rdev, dev, key.idx, |
| 3248 | key.def_uni, key.def_multi); |
| 3249 | |
| 3250 | if (err) |
| 3251 | goto out; |
| 3252 | |
| 3253 | #ifdef CONFIG_CFG80211_WEXT |
| 3254 | dev->ieee80211_ptr->wext.default_key = key.idx; |
| 3255 | #endif |
| 3256 | } else { |
| 3257 | if (key.def_uni || !key.def_multi) { |
| 3258 | err = -EINVAL; |
| 3259 | goto out; |
| 3260 | } |
| 3261 | |
| 3262 | if (!rdev->ops->set_default_mgmt_key) { |
| 3263 | err = -EOPNOTSUPP; |
| 3264 | goto out; |
| 3265 | } |
| 3266 | |
| 3267 | err = nl80211_key_allowed(dev->ieee80211_ptr); |
| 3268 | if (err) |
| 3269 | goto out; |
| 3270 | |
| 3271 | err = rdev_set_default_mgmt_key(rdev, dev, key.idx); |
| 3272 | if (err) |
| 3273 | goto out; |
| 3274 | |
| 3275 | #ifdef CONFIG_CFG80211_WEXT |
| 3276 | dev->ieee80211_ptr->wext.default_mgmt_key = key.idx; |
| 3277 | #endif |
| 3278 | } |
| 3279 | |
| 3280 | out: |
| 3281 | wdev_unlock(dev->ieee80211_ptr); |
| 3282 | |
| 3283 | return err; |
| 3284 | } |
| 3285 | |
| 3286 | static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info) |
| 3287 | { |
| 3288 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 3289 | int err; |
| 3290 | struct net_device *dev = info->user_ptr[1]; |
| 3291 | struct key_parse key; |
| 3292 | const u8 *mac_addr = NULL; |
| 3293 | |
| 3294 | err = nl80211_parse_key(info, &key); |
| 3295 | if (err) |
| 3296 | return err; |
| 3297 | |
| 3298 | if (!key.p.key) |
| 3299 | return -EINVAL; |
| 3300 | |
| 3301 | if (info->attrs[NL80211_ATTR_MAC]) |
| 3302 | mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 3303 | |
| 3304 | if (key.type == -1) { |
| 3305 | if (mac_addr) |
| 3306 | key.type = NL80211_KEYTYPE_PAIRWISE; |
| 3307 | else |
| 3308 | key.type = NL80211_KEYTYPE_GROUP; |
| 3309 | } |
| 3310 | |
| 3311 | /* for now */ |
| 3312 | if (key.type != NL80211_KEYTYPE_PAIRWISE && |
| 3313 | key.type != NL80211_KEYTYPE_GROUP) |
| 3314 | return -EINVAL; |
| 3315 | |
| 3316 | if (!rdev->ops->add_key) |
| 3317 | return -EOPNOTSUPP; |
| 3318 | |
| 3319 | if (cfg80211_validate_key_settings(rdev, &key.p, key.idx, |
| 3320 | key.type == NL80211_KEYTYPE_PAIRWISE, |
| 3321 | mac_addr)) |
| 3322 | return -EINVAL; |
| 3323 | |
| 3324 | wdev_lock(dev->ieee80211_ptr); |
| 3325 | err = nl80211_key_allowed(dev->ieee80211_ptr); |
| 3326 | if (!err) |
| 3327 | err = rdev_add_key(rdev, dev, key.idx, |
| 3328 | key.type == NL80211_KEYTYPE_PAIRWISE, |
| 3329 | mac_addr, &key.p); |
| 3330 | wdev_unlock(dev->ieee80211_ptr); |
| 3331 | |
| 3332 | return err; |
| 3333 | } |
| 3334 | |
| 3335 | static int nl80211_del_key(struct sk_buff *skb, struct genl_info *info) |
| 3336 | { |
| 3337 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 3338 | int err; |
| 3339 | struct net_device *dev = info->user_ptr[1]; |
| 3340 | u8 *mac_addr = NULL; |
| 3341 | struct key_parse key; |
| 3342 | |
| 3343 | err = nl80211_parse_key(info, &key); |
| 3344 | if (err) |
| 3345 | return err; |
| 3346 | |
| 3347 | if (info->attrs[NL80211_ATTR_MAC]) |
| 3348 | mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 3349 | |
| 3350 | if (key.type == -1) { |
| 3351 | if (mac_addr) |
| 3352 | key.type = NL80211_KEYTYPE_PAIRWISE; |
| 3353 | else |
| 3354 | key.type = NL80211_KEYTYPE_GROUP; |
| 3355 | } |
| 3356 | |
| 3357 | /* for now */ |
| 3358 | if (key.type != NL80211_KEYTYPE_PAIRWISE && |
| 3359 | key.type != NL80211_KEYTYPE_GROUP) |
| 3360 | return -EINVAL; |
| 3361 | |
| 3362 | if (!rdev->ops->del_key) |
| 3363 | return -EOPNOTSUPP; |
| 3364 | |
| 3365 | wdev_lock(dev->ieee80211_ptr); |
| 3366 | err = nl80211_key_allowed(dev->ieee80211_ptr); |
| 3367 | |
| 3368 | if (key.type == NL80211_KEYTYPE_GROUP && mac_addr && |
| 3369 | !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN)) |
| 3370 | err = -ENOENT; |
| 3371 | |
| 3372 | if (!err) |
| 3373 | err = rdev_del_key(rdev, dev, key.idx, |
| 3374 | key.type == NL80211_KEYTYPE_PAIRWISE, |
| 3375 | mac_addr); |
| 3376 | |
| 3377 | #ifdef CONFIG_CFG80211_WEXT |
| 3378 | if (!err) { |
| 3379 | if (key.idx == dev->ieee80211_ptr->wext.default_key) |
| 3380 | dev->ieee80211_ptr->wext.default_key = -1; |
| 3381 | else if (key.idx == dev->ieee80211_ptr->wext.default_mgmt_key) |
| 3382 | dev->ieee80211_ptr->wext.default_mgmt_key = -1; |
| 3383 | } |
| 3384 | #endif |
| 3385 | wdev_unlock(dev->ieee80211_ptr); |
| 3386 | |
| 3387 | return err; |
| 3388 | } |
| 3389 | |
| 3390 | /* This function returns an error or the number of nested attributes */ |
| 3391 | static int validate_acl_mac_addrs(struct nlattr *nl_attr) |
| 3392 | { |
| 3393 | struct nlattr *attr; |
| 3394 | int n_entries = 0, tmp; |
| 3395 | |
| 3396 | nla_for_each_nested(attr, nl_attr, tmp) { |
| 3397 | if (nla_len(attr) != ETH_ALEN) |
| 3398 | return -EINVAL; |
| 3399 | |
| 3400 | n_entries++; |
| 3401 | } |
| 3402 | |
| 3403 | return n_entries; |
| 3404 | } |
| 3405 | |
| 3406 | /* |
| 3407 | * This function parses ACL information and allocates memory for ACL data. |
| 3408 | * On successful return, the calling function is responsible to free the |
| 3409 | * ACL buffer returned by this function. |
| 3410 | */ |
| 3411 | static struct cfg80211_acl_data *parse_acl_data(struct wiphy *wiphy, |
| 3412 | struct genl_info *info) |
| 3413 | { |
| 3414 | enum nl80211_acl_policy acl_policy; |
| 3415 | struct nlattr *attr; |
| 3416 | struct cfg80211_acl_data *acl; |
| 3417 | int i = 0, n_entries, tmp; |
| 3418 | |
| 3419 | if (!wiphy->max_acl_mac_addrs) |
| 3420 | return ERR_PTR(-EOPNOTSUPP); |
| 3421 | |
| 3422 | if (!info->attrs[NL80211_ATTR_ACL_POLICY]) |
| 3423 | return ERR_PTR(-EINVAL); |
| 3424 | |
| 3425 | acl_policy = nla_get_u32(info->attrs[NL80211_ATTR_ACL_POLICY]); |
| 3426 | if (acl_policy != NL80211_ACL_POLICY_ACCEPT_UNLESS_LISTED && |
| 3427 | acl_policy != NL80211_ACL_POLICY_DENY_UNLESS_LISTED) |
| 3428 | return ERR_PTR(-EINVAL); |
| 3429 | |
| 3430 | if (!info->attrs[NL80211_ATTR_MAC_ADDRS]) |
| 3431 | return ERR_PTR(-EINVAL); |
| 3432 | |
| 3433 | n_entries = validate_acl_mac_addrs(info->attrs[NL80211_ATTR_MAC_ADDRS]); |
| 3434 | if (n_entries < 0) |
| 3435 | return ERR_PTR(n_entries); |
| 3436 | |
| 3437 | if (n_entries > wiphy->max_acl_mac_addrs) |
| 3438 | return ERR_PTR(-ENOTSUPP); |
| 3439 | |
| 3440 | acl = kzalloc(sizeof(*acl) + (sizeof(struct mac_address) * n_entries), |
| 3441 | GFP_KERNEL); |
| 3442 | if (!acl) |
| 3443 | return ERR_PTR(-ENOMEM); |
| 3444 | |
| 3445 | nla_for_each_nested(attr, info->attrs[NL80211_ATTR_MAC_ADDRS], tmp) { |
| 3446 | memcpy(acl->mac_addrs[i].addr, nla_data(attr), ETH_ALEN); |
| 3447 | i++; |
| 3448 | } |
| 3449 | |
| 3450 | acl->n_acl_entries = n_entries; |
| 3451 | acl->acl_policy = acl_policy; |
| 3452 | |
| 3453 | return acl; |
| 3454 | } |
| 3455 | |
| 3456 | static int nl80211_set_mac_acl(struct sk_buff *skb, struct genl_info *info) |
| 3457 | { |
| 3458 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 3459 | struct net_device *dev = info->user_ptr[1]; |
| 3460 | struct cfg80211_acl_data *acl; |
| 3461 | int err; |
| 3462 | |
| 3463 | if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && |
| 3464 | dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) |
| 3465 | return -EOPNOTSUPP; |
| 3466 | |
| 3467 | if (!dev->ieee80211_ptr->beacon_interval) |
| 3468 | return -EINVAL; |
| 3469 | |
| 3470 | acl = parse_acl_data(&rdev->wiphy, info); |
| 3471 | if (IS_ERR(acl)) |
| 3472 | return PTR_ERR(acl); |
| 3473 | |
| 3474 | err = rdev_set_mac_acl(rdev, dev, acl); |
| 3475 | |
| 3476 | kfree(acl); |
| 3477 | |
| 3478 | return err; |
| 3479 | } |
| 3480 | |
| 3481 | static u32 rateset_to_mask(struct ieee80211_supported_band *sband, |
| 3482 | u8 *rates, u8 rates_len) |
| 3483 | { |
| 3484 | u8 i; |
| 3485 | u32 mask = 0; |
| 3486 | |
| 3487 | for (i = 0; i < rates_len; i++) { |
| 3488 | int rate = (rates[i] & 0x7f) * 5; |
| 3489 | int ridx; |
| 3490 | |
| 3491 | for (ridx = 0; ridx < sband->n_bitrates; ridx++) { |
| 3492 | struct ieee80211_rate *srate = |
| 3493 | &sband->bitrates[ridx]; |
| 3494 | if (rate == srate->bitrate) { |
| 3495 | mask |= 1 << ridx; |
| 3496 | break; |
| 3497 | } |
| 3498 | } |
| 3499 | if (ridx == sband->n_bitrates) |
| 3500 | return 0; /* rate not found */ |
| 3501 | } |
| 3502 | |
| 3503 | return mask; |
| 3504 | } |
| 3505 | |
| 3506 | static bool ht_rateset_to_mask(struct ieee80211_supported_band *sband, |
| 3507 | u8 *rates, u8 rates_len, |
| 3508 | u8 mcs[IEEE80211_HT_MCS_MASK_LEN]) |
| 3509 | { |
| 3510 | u8 i; |
| 3511 | |
| 3512 | memset(mcs, 0, IEEE80211_HT_MCS_MASK_LEN); |
| 3513 | |
| 3514 | for (i = 0; i < rates_len; i++) { |
| 3515 | int ridx, rbit; |
| 3516 | |
| 3517 | ridx = rates[i] / 8; |
| 3518 | rbit = BIT(rates[i] % 8); |
| 3519 | |
| 3520 | /* check validity */ |
| 3521 | if ((ridx < 0) || (ridx >= IEEE80211_HT_MCS_MASK_LEN)) |
| 3522 | return false; |
| 3523 | |
| 3524 | /* check availability */ |
| 3525 | ridx = array_index_nospec(ridx, IEEE80211_HT_MCS_MASK_LEN); |
| 3526 | if (sband->ht_cap.mcs.rx_mask[ridx] & rbit) |
| 3527 | mcs[ridx] |= rbit; |
| 3528 | else |
| 3529 | return false; |
| 3530 | } |
| 3531 | |
| 3532 | return true; |
| 3533 | } |
| 3534 | |
| 3535 | static u16 vht_mcs_map_to_mcs_mask(u8 vht_mcs_map) |
| 3536 | { |
| 3537 | u16 mcs_mask = 0; |
| 3538 | |
| 3539 | switch (vht_mcs_map) { |
| 3540 | case IEEE80211_VHT_MCS_NOT_SUPPORTED: |
| 3541 | break; |
| 3542 | case IEEE80211_VHT_MCS_SUPPORT_0_7: |
| 3543 | mcs_mask = 0x00FF; |
| 3544 | break; |
| 3545 | case IEEE80211_VHT_MCS_SUPPORT_0_8: |
| 3546 | mcs_mask = 0x01FF; |
| 3547 | break; |
| 3548 | case IEEE80211_VHT_MCS_SUPPORT_0_9: |
| 3549 | mcs_mask = 0x03FF; |
| 3550 | break; |
| 3551 | default: |
| 3552 | break; |
| 3553 | } |
| 3554 | |
| 3555 | return mcs_mask; |
| 3556 | } |
| 3557 | |
| 3558 | static void vht_build_mcs_mask(u16 vht_mcs_map, |
| 3559 | u16 vht_mcs_mask[NL80211_VHT_NSS_MAX]) |
| 3560 | { |
| 3561 | u8 nss; |
| 3562 | |
| 3563 | for (nss = 0; nss < NL80211_VHT_NSS_MAX; nss++) { |
| 3564 | vht_mcs_mask[nss] = vht_mcs_map_to_mcs_mask(vht_mcs_map & 0x03); |
| 3565 | vht_mcs_map >>= 2; |
| 3566 | } |
| 3567 | } |
| 3568 | |
| 3569 | static bool vht_set_mcs_mask(struct ieee80211_supported_band *sband, |
| 3570 | struct nl80211_txrate_vht *txrate, |
| 3571 | u16 mcs[NL80211_VHT_NSS_MAX]) |
| 3572 | { |
| 3573 | u16 tx_mcs_map = le16_to_cpu(sband->vht_cap.vht_mcs.tx_mcs_map); |
| 3574 | u16 tx_mcs_mask[NL80211_VHT_NSS_MAX] = {}; |
| 3575 | u8 i; |
| 3576 | |
| 3577 | if (!sband->vht_cap.vht_supported) |
| 3578 | return false; |
| 3579 | |
| 3580 | memset(mcs, 0, sizeof(u16) * NL80211_VHT_NSS_MAX); |
| 3581 | |
| 3582 | /* Build vht_mcs_mask from VHT capabilities */ |
| 3583 | vht_build_mcs_mask(tx_mcs_map, tx_mcs_mask); |
| 3584 | |
| 3585 | for (i = 0; i < NL80211_VHT_NSS_MAX; i++) { |
| 3586 | if ((tx_mcs_mask[i] & txrate->mcs[i]) == txrate->mcs[i]) |
| 3587 | mcs[i] = txrate->mcs[i]; |
| 3588 | else |
| 3589 | return false; |
| 3590 | } |
| 3591 | |
| 3592 | return true; |
| 3593 | } |
| 3594 | |
| 3595 | static const struct nla_policy nl80211_txattr_policy[NL80211_TXRATE_MAX + 1] = { |
| 3596 | [NL80211_TXRATE_LEGACY] = { .type = NLA_BINARY, |
| 3597 | .len = NL80211_MAX_SUPP_RATES }, |
| 3598 | [NL80211_TXRATE_HT] = { .type = NLA_BINARY, |
| 3599 | .len = NL80211_MAX_SUPP_HT_RATES }, |
| 3600 | [NL80211_TXRATE_VHT] = { .len = sizeof(struct nl80211_txrate_vht)}, |
| 3601 | [NL80211_TXRATE_GI] = { .type = NLA_U8 }, |
| 3602 | }; |
| 3603 | |
| 3604 | static int nl80211_parse_tx_bitrate_mask(struct genl_info *info, |
| 3605 | struct cfg80211_bitrate_mask *mask) |
| 3606 | { |
| 3607 | struct nlattr *tb[NL80211_TXRATE_MAX + 1]; |
| 3608 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 3609 | int rem, i; |
| 3610 | struct nlattr *tx_rates; |
| 3611 | struct ieee80211_supported_band *sband; |
| 3612 | u16 vht_tx_mcs_map; |
| 3613 | |
| 3614 | memset(mask, 0, sizeof(*mask)); |
| 3615 | /* Default to all rates enabled */ |
| 3616 | for (i = 0; i < NUM_NL80211_BANDS; i++) { |
| 3617 | sband = rdev->wiphy.bands[i]; |
| 3618 | |
| 3619 | if (!sband) |
| 3620 | continue; |
| 3621 | |
| 3622 | mask->control[i].legacy = (1 << sband->n_bitrates) - 1; |
| 3623 | memcpy(mask->control[i].ht_mcs, |
| 3624 | sband->ht_cap.mcs.rx_mask, |
| 3625 | sizeof(mask->control[i].ht_mcs)); |
| 3626 | |
| 3627 | if (!sband->vht_cap.vht_supported) |
| 3628 | continue; |
| 3629 | |
| 3630 | vht_tx_mcs_map = le16_to_cpu(sband->vht_cap.vht_mcs.tx_mcs_map); |
| 3631 | vht_build_mcs_mask(vht_tx_mcs_map, mask->control[i].vht_mcs); |
| 3632 | } |
| 3633 | |
| 3634 | /* if no rates are given set it back to the defaults */ |
| 3635 | if (!info->attrs[NL80211_ATTR_TX_RATES]) |
| 3636 | goto out; |
| 3637 | |
| 3638 | /* The nested attribute uses enum nl80211_band as the index. This maps |
| 3639 | * directly to the enum nl80211_band values used in cfg80211. |
| 3640 | */ |
| 3641 | BUILD_BUG_ON(NL80211_MAX_SUPP_HT_RATES > IEEE80211_HT_MCS_MASK_LEN * 8); |
| 3642 | nla_for_each_nested(tx_rates, info->attrs[NL80211_ATTR_TX_RATES], rem) { |
| 3643 | enum nl80211_band band = nla_type(tx_rates); |
| 3644 | int err; |
| 3645 | |
| 3646 | if (band < 0 || band >= NUM_NL80211_BANDS) |
| 3647 | return -EINVAL; |
| 3648 | sband = rdev->wiphy.bands[band]; |
| 3649 | if (sband == NULL) |
| 3650 | return -EINVAL; |
| 3651 | err = nla_parse_nested(tb, NL80211_TXRATE_MAX, tx_rates, |
| 3652 | nl80211_txattr_policy, info->extack); |
| 3653 | if (err) |
| 3654 | return err; |
| 3655 | if (tb[NL80211_TXRATE_LEGACY]) { |
| 3656 | mask->control[band].legacy = rateset_to_mask( |
| 3657 | sband, |
| 3658 | nla_data(tb[NL80211_TXRATE_LEGACY]), |
| 3659 | nla_len(tb[NL80211_TXRATE_LEGACY])); |
| 3660 | if ((mask->control[band].legacy == 0) && |
| 3661 | nla_len(tb[NL80211_TXRATE_LEGACY])) |
| 3662 | return -EINVAL; |
| 3663 | } |
| 3664 | if (tb[NL80211_TXRATE_HT]) { |
| 3665 | if (!ht_rateset_to_mask( |
| 3666 | sband, |
| 3667 | nla_data(tb[NL80211_TXRATE_HT]), |
| 3668 | nla_len(tb[NL80211_TXRATE_HT]), |
| 3669 | mask->control[band].ht_mcs)) |
| 3670 | return -EINVAL; |
| 3671 | } |
| 3672 | if (tb[NL80211_TXRATE_VHT]) { |
| 3673 | if (!vht_set_mcs_mask( |
| 3674 | sband, |
| 3675 | nla_data(tb[NL80211_TXRATE_VHT]), |
| 3676 | mask->control[band].vht_mcs)) |
| 3677 | return -EINVAL; |
| 3678 | } |
| 3679 | if (tb[NL80211_TXRATE_GI]) { |
| 3680 | mask->control[band].gi = |
| 3681 | nla_get_u8(tb[NL80211_TXRATE_GI]); |
| 3682 | if (mask->control[band].gi > NL80211_TXRATE_FORCE_LGI) |
| 3683 | return -EINVAL; |
| 3684 | } |
| 3685 | |
| 3686 | if (mask->control[band].legacy == 0) { |
| 3687 | /* don't allow empty legacy rates if HT or VHT |
| 3688 | * are not even supported. |
| 3689 | */ |
| 3690 | if (!(rdev->wiphy.bands[band]->ht_cap.ht_supported || |
| 3691 | rdev->wiphy.bands[band]->vht_cap.vht_supported)) |
| 3692 | return -EINVAL; |
| 3693 | |
| 3694 | for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) |
| 3695 | if (mask->control[band].ht_mcs[i]) |
| 3696 | goto out; |
| 3697 | |
| 3698 | for (i = 0; i < NL80211_VHT_NSS_MAX; i++) |
| 3699 | if (mask->control[band].vht_mcs[i]) |
| 3700 | goto out; |
| 3701 | |
| 3702 | /* legacy and mcs rates may not be both empty */ |
| 3703 | return -EINVAL; |
| 3704 | } |
| 3705 | } |
| 3706 | |
| 3707 | out: |
| 3708 | return 0; |
| 3709 | } |
| 3710 | |
| 3711 | static int validate_beacon_tx_rate(struct cfg80211_registered_device *rdev, |
| 3712 | enum nl80211_band band, |
| 3713 | struct cfg80211_bitrate_mask *beacon_rate) |
| 3714 | { |
| 3715 | u32 count_ht, count_vht, i; |
| 3716 | u32 rate = beacon_rate->control[band].legacy; |
| 3717 | |
| 3718 | /* Allow only one rate */ |
| 3719 | if (hweight32(rate) > 1) |
| 3720 | return -EINVAL; |
| 3721 | |
| 3722 | count_ht = 0; |
| 3723 | for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) { |
| 3724 | if (hweight8(beacon_rate->control[band].ht_mcs[i]) > 1) { |
| 3725 | return -EINVAL; |
| 3726 | } else if (beacon_rate->control[band].ht_mcs[i]) { |
| 3727 | count_ht++; |
| 3728 | if (count_ht > 1) |
| 3729 | return -EINVAL; |
| 3730 | } |
| 3731 | if (count_ht && rate) |
| 3732 | return -EINVAL; |
| 3733 | } |
| 3734 | |
| 3735 | count_vht = 0; |
| 3736 | for (i = 0; i < NL80211_VHT_NSS_MAX; i++) { |
| 3737 | if (hweight16(beacon_rate->control[band].vht_mcs[i]) > 1) { |
| 3738 | return -EINVAL; |
| 3739 | } else if (beacon_rate->control[band].vht_mcs[i]) { |
| 3740 | count_vht++; |
| 3741 | if (count_vht > 1) |
| 3742 | return -EINVAL; |
| 3743 | } |
| 3744 | if (count_vht && rate) |
| 3745 | return -EINVAL; |
| 3746 | } |
| 3747 | |
| 3748 | if ((count_ht && count_vht) || (!rate && !count_ht && !count_vht)) |
| 3749 | return -EINVAL; |
| 3750 | |
| 3751 | if (rate && |
| 3752 | !wiphy_ext_feature_isset(&rdev->wiphy, |
| 3753 | NL80211_EXT_FEATURE_BEACON_RATE_LEGACY)) |
| 3754 | return -EINVAL; |
| 3755 | if (count_ht && |
| 3756 | !wiphy_ext_feature_isset(&rdev->wiphy, |
| 3757 | NL80211_EXT_FEATURE_BEACON_RATE_HT)) |
| 3758 | return -EINVAL; |
| 3759 | if (count_vht && |
| 3760 | !wiphy_ext_feature_isset(&rdev->wiphy, |
| 3761 | NL80211_EXT_FEATURE_BEACON_RATE_VHT)) |
| 3762 | return -EINVAL; |
| 3763 | |
| 3764 | return 0; |
| 3765 | } |
| 3766 | |
| 3767 | static int nl80211_parse_beacon(struct nlattr *attrs[], |
| 3768 | struct cfg80211_beacon_data *bcn) |
| 3769 | { |
| 3770 | bool haveinfo = false; |
| 3771 | |
| 3772 | if (!is_valid_ie_attr(attrs[NL80211_ATTR_BEACON_TAIL]) || |
| 3773 | !is_valid_ie_attr(attrs[NL80211_ATTR_IE]) || |
| 3774 | !is_valid_ie_attr(attrs[NL80211_ATTR_IE_PROBE_RESP]) || |
| 3775 | !is_valid_ie_attr(attrs[NL80211_ATTR_IE_ASSOC_RESP])) |
| 3776 | return -EINVAL; |
| 3777 | |
| 3778 | memset(bcn, 0, sizeof(*bcn)); |
| 3779 | |
| 3780 | if (attrs[NL80211_ATTR_BEACON_HEAD]) { |
| 3781 | int ret = validate_beacon_head(attrs[NL80211_ATTR_BEACON_HEAD], |
| 3782 | NULL); |
| 3783 | |
| 3784 | if (ret) |
| 3785 | return ret; |
| 3786 | |
| 3787 | bcn->head = nla_data(attrs[NL80211_ATTR_BEACON_HEAD]); |
| 3788 | bcn->head_len = nla_len(attrs[NL80211_ATTR_BEACON_HEAD]); |
| 3789 | if (!bcn->head_len) |
| 3790 | return -EINVAL; |
| 3791 | haveinfo = true; |
| 3792 | } |
| 3793 | |
| 3794 | if (attrs[NL80211_ATTR_BEACON_TAIL]) { |
| 3795 | bcn->tail = nla_data(attrs[NL80211_ATTR_BEACON_TAIL]); |
| 3796 | bcn->tail_len = nla_len(attrs[NL80211_ATTR_BEACON_TAIL]); |
| 3797 | haveinfo = true; |
| 3798 | } |
| 3799 | |
| 3800 | if (!haveinfo) |
| 3801 | return -EINVAL; |
| 3802 | |
| 3803 | if (attrs[NL80211_ATTR_IE]) { |
| 3804 | bcn->beacon_ies = nla_data(attrs[NL80211_ATTR_IE]); |
| 3805 | bcn->beacon_ies_len = nla_len(attrs[NL80211_ATTR_IE]); |
| 3806 | } |
| 3807 | |
| 3808 | if (attrs[NL80211_ATTR_IE_PROBE_RESP]) { |
| 3809 | bcn->proberesp_ies = |
| 3810 | nla_data(attrs[NL80211_ATTR_IE_PROBE_RESP]); |
| 3811 | bcn->proberesp_ies_len = |
| 3812 | nla_len(attrs[NL80211_ATTR_IE_PROBE_RESP]); |
| 3813 | } |
| 3814 | |
| 3815 | if (attrs[NL80211_ATTR_IE_ASSOC_RESP]) { |
| 3816 | bcn->assocresp_ies = |
| 3817 | nla_data(attrs[NL80211_ATTR_IE_ASSOC_RESP]); |
| 3818 | bcn->assocresp_ies_len = |
| 3819 | nla_len(attrs[NL80211_ATTR_IE_ASSOC_RESP]); |
| 3820 | } |
| 3821 | |
| 3822 | if (attrs[NL80211_ATTR_PROBE_RESP]) { |
| 3823 | bcn->probe_resp = nla_data(attrs[NL80211_ATTR_PROBE_RESP]); |
| 3824 | bcn->probe_resp_len = nla_len(attrs[NL80211_ATTR_PROBE_RESP]); |
| 3825 | } |
| 3826 | |
| 3827 | return 0; |
| 3828 | } |
| 3829 | |
| 3830 | static void nl80211_check_ap_rate_selectors(struct cfg80211_ap_settings *params, |
| 3831 | const u8 *rates) |
| 3832 | { |
| 3833 | int i; |
| 3834 | |
| 3835 | if (!rates) |
| 3836 | return; |
| 3837 | |
| 3838 | for (i = 0; i < rates[1]; i++) { |
| 3839 | if (rates[2 + i] == BSS_MEMBERSHIP_SELECTOR_HT_PHY) |
| 3840 | params->ht_required = true; |
| 3841 | if (rates[2 + i] == BSS_MEMBERSHIP_SELECTOR_VHT_PHY) |
| 3842 | params->vht_required = true; |
| 3843 | } |
| 3844 | } |
| 3845 | |
| 3846 | /* |
| 3847 | * Since the nl80211 API didn't include, from the beginning, attributes about |
| 3848 | * HT/VHT requirements/capabilities, we parse them out of the IEs for the |
| 3849 | * benefit of drivers that rebuild IEs in the firmware. |
| 3850 | */ |
| 3851 | static void nl80211_calculate_ap_params(struct cfg80211_ap_settings *params) |
| 3852 | { |
| 3853 | const struct cfg80211_beacon_data *bcn = ¶ms->beacon; |
| 3854 | size_t ies_len = bcn->tail_len; |
| 3855 | const u8 *ies = bcn->tail; |
| 3856 | const u8 *rates; |
| 3857 | const u8 *cap; |
| 3858 | |
| 3859 | rates = cfg80211_find_ie(WLAN_EID_SUPP_RATES, ies, ies_len); |
| 3860 | nl80211_check_ap_rate_selectors(params, rates); |
| 3861 | |
| 3862 | rates = cfg80211_find_ie(WLAN_EID_EXT_SUPP_RATES, ies, ies_len); |
| 3863 | nl80211_check_ap_rate_selectors(params, rates); |
| 3864 | |
| 3865 | cap = cfg80211_find_ie(WLAN_EID_HT_CAPABILITY, ies, ies_len); |
| 3866 | if (cap && cap[1] >= sizeof(*params->ht_cap)) |
| 3867 | params->ht_cap = (void *)(cap + 2); |
| 3868 | cap = cfg80211_find_ie(WLAN_EID_VHT_CAPABILITY, ies, ies_len); |
| 3869 | if (cap && cap[1] >= sizeof(*params->vht_cap)) |
| 3870 | params->vht_cap = (void *)(cap + 2); |
| 3871 | } |
| 3872 | |
| 3873 | static bool nl80211_get_ap_channel(struct cfg80211_registered_device *rdev, |
| 3874 | struct cfg80211_ap_settings *params) |
| 3875 | { |
| 3876 | struct wireless_dev *wdev; |
| 3877 | bool ret = false; |
| 3878 | |
| 3879 | list_for_each_entry(wdev, &rdev->wiphy.wdev_list, list) { |
| 3880 | if (wdev->iftype != NL80211_IFTYPE_AP && |
| 3881 | wdev->iftype != NL80211_IFTYPE_P2P_GO) |
| 3882 | continue; |
| 3883 | |
| 3884 | if (!wdev->preset_chandef.chan) |
| 3885 | continue; |
| 3886 | |
| 3887 | params->chandef = wdev->preset_chandef; |
| 3888 | ret = true; |
| 3889 | break; |
| 3890 | } |
| 3891 | |
| 3892 | return ret; |
| 3893 | } |
| 3894 | |
| 3895 | static bool nl80211_valid_auth_type(struct cfg80211_registered_device *rdev, |
| 3896 | enum nl80211_auth_type auth_type, |
| 3897 | enum nl80211_commands cmd) |
| 3898 | { |
| 3899 | if (auth_type > NL80211_AUTHTYPE_MAX) |
| 3900 | return false; |
| 3901 | |
| 3902 | switch (cmd) { |
| 3903 | case NL80211_CMD_AUTHENTICATE: |
| 3904 | if (!(rdev->wiphy.features & NL80211_FEATURE_SAE) && |
| 3905 | auth_type == NL80211_AUTHTYPE_SAE) |
| 3906 | return false; |
| 3907 | if (!wiphy_ext_feature_isset(&rdev->wiphy, |
| 3908 | NL80211_EXT_FEATURE_FILS_STA) && |
| 3909 | (auth_type == NL80211_AUTHTYPE_FILS_SK || |
| 3910 | auth_type == NL80211_AUTHTYPE_FILS_SK_PFS || |
| 3911 | auth_type == NL80211_AUTHTYPE_FILS_PK)) |
| 3912 | return false; |
| 3913 | return true; |
| 3914 | case NL80211_CMD_CONNECT: |
| 3915 | if (!(rdev->wiphy.features & NL80211_FEATURE_SAE) && |
| 3916 | auth_type == NL80211_AUTHTYPE_SAE) |
| 3917 | return false; |
| 3918 | |
| 3919 | /* FILS with SK PFS or PK not supported yet */ |
| 3920 | if (auth_type == NL80211_AUTHTYPE_FILS_SK_PFS || |
| 3921 | auth_type == NL80211_AUTHTYPE_FILS_PK) |
| 3922 | return false; |
| 3923 | if (!wiphy_ext_feature_isset( |
| 3924 | &rdev->wiphy, |
| 3925 | NL80211_EXT_FEATURE_FILS_SK_OFFLOAD) && |
| 3926 | auth_type == NL80211_AUTHTYPE_FILS_SK) |
| 3927 | return false; |
| 3928 | return true; |
| 3929 | case NL80211_CMD_START_AP: |
| 3930 | /* SAE not supported yet */ |
| 3931 | if (auth_type == NL80211_AUTHTYPE_SAE) |
| 3932 | return false; |
| 3933 | /* FILS not supported yet */ |
| 3934 | if (auth_type == NL80211_AUTHTYPE_FILS_SK || |
| 3935 | auth_type == NL80211_AUTHTYPE_FILS_SK_PFS || |
| 3936 | auth_type == NL80211_AUTHTYPE_FILS_PK) |
| 3937 | return false; |
| 3938 | return true; |
| 3939 | default: |
| 3940 | return false; |
| 3941 | } |
| 3942 | } |
| 3943 | |
| 3944 | static int nl80211_start_ap(struct sk_buff *skb, struct genl_info *info) |
| 3945 | { |
| 3946 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 3947 | struct net_device *dev = info->user_ptr[1]; |
| 3948 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 3949 | struct cfg80211_ap_settings params; |
| 3950 | int err; |
| 3951 | |
| 3952 | if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && |
| 3953 | dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) |
| 3954 | return -EOPNOTSUPP; |
| 3955 | |
| 3956 | if (!rdev->ops->start_ap) |
| 3957 | return -EOPNOTSUPP; |
| 3958 | |
| 3959 | if (wdev->beacon_interval) |
| 3960 | return -EALREADY; |
| 3961 | |
| 3962 | memset(¶ms, 0, sizeof(params)); |
| 3963 | |
| 3964 | /* these are required for START_AP */ |
| 3965 | if (!info->attrs[NL80211_ATTR_BEACON_INTERVAL] || |
| 3966 | !info->attrs[NL80211_ATTR_DTIM_PERIOD] || |
| 3967 | !info->attrs[NL80211_ATTR_BEACON_HEAD]) |
| 3968 | return -EINVAL; |
| 3969 | |
| 3970 | err = nl80211_parse_beacon(info->attrs, ¶ms.beacon); |
| 3971 | if (err) |
| 3972 | return err; |
| 3973 | |
| 3974 | params.beacon_interval = |
| 3975 | nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]); |
| 3976 | params.dtim_period = |
| 3977 | nla_get_u32(info->attrs[NL80211_ATTR_DTIM_PERIOD]); |
| 3978 | |
| 3979 | err = cfg80211_validate_beacon_int(rdev, dev->ieee80211_ptr->iftype, |
| 3980 | params.beacon_interval); |
| 3981 | if (err) |
| 3982 | return err; |
| 3983 | |
| 3984 | /* |
| 3985 | * In theory, some of these attributes should be required here |
| 3986 | * but since they were not used when the command was originally |
| 3987 | * added, keep them optional for old user space programs to let |
| 3988 | * them continue to work with drivers that do not need the |
| 3989 | * additional information -- drivers must check! |
| 3990 | */ |
| 3991 | if (info->attrs[NL80211_ATTR_SSID]) { |
| 3992 | params.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); |
| 3993 | params.ssid_len = |
| 3994 | nla_len(info->attrs[NL80211_ATTR_SSID]); |
| 3995 | if (params.ssid_len == 0 || |
| 3996 | params.ssid_len > IEEE80211_MAX_SSID_LEN) |
| 3997 | return -EINVAL; |
| 3998 | } |
| 3999 | |
| 4000 | if (info->attrs[NL80211_ATTR_HIDDEN_SSID]) { |
| 4001 | params.hidden_ssid = nla_get_u32( |
| 4002 | info->attrs[NL80211_ATTR_HIDDEN_SSID]); |
| 4003 | if (params.hidden_ssid != NL80211_HIDDEN_SSID_NOT_IN_USE && |
| 4004 | params.hidden_ssid != NL80211_HIDDEN_SSID_ZERO_LEN && |
| 4005 | params.hidden_ssid != NL80211_HIDDEN_SSID_ZERO_CONTENTS) |
| 4006 | return -EINVAL; |
| 4007 | } |
| 4008 | |
| 4009 | params.privacy = !!info->attrs[NL80211_ATTR_PRIVACY]; |
| 4010 | |
| 4011 | if (info->attrs[NL80211_ATTR_AUTH_TYPE]) { |
| 4012 | params.auth_type = nla_get_u32( |
| 4013 | info->attrs[NL80211_ATTR_AUTH_TYPE]); |
| 4014 | if (!nl80211_valid_auth_type(rdev, params.auth_type, |
| 4015 | NL80211_CMD_START_AP)) |
| 4016 | return -EINVAL; |
| 4017 | } else |
| 4018 | params.auth_type = NL80211_AUTHTYPE_AUTOMATIC; |
| 4019 | |
| 4020 | err = nl80211_crypto_settings(rdev, info, ¶ms.crypto, |
| 4021 | NL80211_MAX_NR_CIPHER_SUITES); |
| 4022 | if (err) |
| 4023 | return err; |
| 4024 | |
| 4025 | if (info->attrs[NL80211_ATTR_INACTIVITY_TIMEOUT]) { |
| 4026 | if (!(rdev->wiphy.features & NL80211_FEATURE_INACTIVITY_TIMER)) |
| 4027 | return -EOPNOTSUPP; |
| 4028 | params.inactivity_timeout = nla_get_u16( |
| 4029 | info->attrs[NL80211_ATTR_INACTIVITY_TIMEOUT]); |
| 4030 | } |
| 4031 | |
| 4032 | if (info->attrs[NL80211_ATTR_P2P_CTWINDOW]) { |
| 4033 | if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) |
| 4034 | return -EINVAL; |
| 4035 | params.p2p_ctwindow = |
| 4036 | nla_get_u8(info->attrs[NL80211_ATTR_P2P_CTWINDOW]); |
| 4037 | if (params.p2p_ctwindow > 127) |
| 4038 | return -EINVAL; |
| 4039 | if (params.p2p_ctwindow != 0 && |
| 4040 | !(rdev->wiphy.features & NL80211_FEATURE_P2P_GO_CTWIN)) |
| 4041 | return -EINVAL; |
| 4042 | } |
| 4043 | |
| 4044 | if (info->attrs[NL80211_ATTR_P2P_OPPPS]) { |
| 4045 | u8 tmp; |
| 4046 | |
| 4047 | if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) |
| 4048 | return -EINVAL; |
| 4049 | tmp = nla_get_u8(info->attrs[NL80211_ATTR_P2P_OPPPS]); |
| 4050 | if (tmp > 1) |
| 4051 | return -EINVAL; |
| 4052 | params.p2p_opp_ps = tmp; |
| 4053 | if (params.p2p_opp_ps != 0 && |
| 4054 | !(rdev->wiphy.features & NL80211_FEATURE_P2P_GO_OPPPS)) |
| 4055 | return -EINVAL; |
| 4056 | } |
| 4057 | |
| 4058 | if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { |
| 4059 | err = nl80211_parse_chandef(rdev, info, ¶ms.chandef); |
| 4060 | if (err) |
| 4061 | return err; |
| 4062 | } else if (wdev->preset_chandef.chan) { |
| 4063 | params.chandef = wdev->preset_chandef; |
| 4064 | } else if (!nl80211_get_ap_channel(rdev, ¶ms)) |
| 4065 | return -EINVAL; |
| 4066 | |
| 4067 | if (!cfg80211_reg_can_beacon_relax(&rdev->wiphy, ¶ms.chandef, |
| 4068 | wdev->iftype)) |
| 4069 | return -EINVAL; |
| 4070 | |
| 4071 | if (info->attrs[NL80211_ATTR_TX_RATES]) { |
| 4072 | err = nl80211_parse_tx_bitrate_mask(info, ¶ms.beacon_rate); |
| 4073 | if (err) |
| 4074 | return err; |
| 4075 | |
| 4076 | err = validate_beacon_tx_rate(rdev, params.chandef.chan->band, |
| 4077 | ¶ms.beacon_rate); |
| 4078 | if (err) |
| 4079 | return err; |
| 4080 | } |
| 4081 | |
| 4082 | if (info->attrs[NL80211_ATTR_SMPS_MODE]) { |
| 4083 | params.smps_mode = |
| 4084 | nla_get_u8(info->attrs[NL80211_ATTR_SMPS_MODE]); |
| 4085 | switch (params.smps_mode) { |
| 4086 | case NL80211_SMPS_OFF: |
| 4087 | break; |
| 4088 | case NL80211_SMPS_STATIC: |
| 4089 | if (!(rdev->wiphy.features & |
| 4090 | NL80211_FEATURE_STATIC_SMPS)) |
| 4091 | return -EINVAL; |
| 4092 | break; |
| 4093 | case NL80211_SMPS_DYNAMIC: |
| 4094 | if (!(rdev->wiphy.features & |
| 4095 | NL80211_FEATURE_DYNAMIC_SMPS)) |
| 4096 | return -EINVAL; |
| 4097 | break; |
| 4098 | default: |
| 4099 | return -EINVAL; |
| 4100 | } |
| 4101 | } else { |
| 4102 | params.smps_mode = NL80211_SMPS_OFF; |
| 4103 | } |
| 4104 | |
| 4105 | params.pbss = nla_get_flag(info->attrs[NL80211_ATTR_PBSS]); |
| 4106 | if (params.pbss && !rdev->wiphy.bands[NL80211_BAND_60GHZ]) |
| 4107 | return -EOPNOTSUPP; |
| 4108 | |
| 4109 | if (info->attrs[NL80211_ATTR_ACL_POLICY]) { |
| 4110 | params.acl = parse_acl_data(&rdev->wiphy, info); |
| 4111 | if (IS_ERR(params.acl)) |
| 4112 | return PTR_ERR(params.acl); |
| 4113 | } |
| 4114 | |
| 4115 | nl80211_calculate_ap_params(¶ms); |
| 4116 | |
| 4117 | wdev_lock(wdev); |
| 4118 | err = rdev_start_ap(rdev, dev, ¶ms); |
| 4119 | if (!err) { |
| 4120 | wdev->preset_chandef = params.chandef; |
| 4121 | wdev->beacon_interval = params.beacon_interval; |
| 4122 | wdev->chandef = params.chandef; |
| 4123 | wdev->ssid_len = params.ssid_len; |
| 4124 | memcpy(wdev->ssid, params.ssid, wdev->ssid_len); |
| 4125 | } |
| 4126 | wdev_unlock(wdev); |
| 4127 | |
| 4128 | kfree(params.acl); |
| 4129 | |
| 4130 | return err; |
| 4131 | } |
| 4132 | |
| 4133 | static int nl80211_set_beacon(struct sk_buff *skb, struct genl_info *info) |
| 4134 | { |
| 4135 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 4136 | struct net_device *dev = info->user_ptr[1]; |
| 4137 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 4138 | struct cfg80211_beacon_data params; |
| 4139 | int err; |
| 4140 | |
| 4141 | if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && |
| 4142 | dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) |
| 4143 | return -EOPNOTSUPP; |
| 4144 | |
| 4145 | if (!rdev->ops->change_beacon) |
| 4146 | return -EOPNOTSUPP; |
| 4147 | |
| 4148 | if (!wdev->beacon_interval) |
| 4149 | return -EINVAL; |
| 4150 | |
| 4151 | err = nl80211_parse_beacon(info->attrs, ¶ms); |
| 4152 | if (err) |
| 4153 | return err; |
| 4154 | |
| 4155 | wdev_lock(wdev); |
| 4156 | err = rdev_change_beacon(rdev, dev, ¶ms); |
| 4157 | wdev_unlock(wdev); |
| 4158 | |
| 4159 | return err; |
| 4160 | } |
| 4161 | |
| 4162 | static int nl80211_stop_ap(struct sk_buff *skb, struct genl_info *info) |
| 4163 | { |
| 4164 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 4165 | struct net_device *dev = info->user_ptr[1]; |
| 4166 | |
| 4167 | return cfg80211_stop_ap(rdev, dev, false); |
| 4168 | } |
| 4169 | |
| 4170 | static const struct nla_policy sta_flags_policy[NL80211_STA_FLAG_MAX + 1] = { |
| 4171 | [NL80211_STA_FLAG_AUTHORIZED] = { .type = NLA_FLAG }, |
| 4172 | [NL80211_STA_FLAG_SHORT_PREAMBLE] = { .type = NLA_FLAG }, |
| 4173 | [NL80211_STA_FLAG_WME] = { .type = NLA_FLAG }, |
| 4174 | [NL80211_STA_FLAG_MFP] = { .type = NLA_FLAG }, |
| 4175 | [NL80211_STA_FLAG_AUTHENTICATED] = { .type = NLA_FLAG }, |
| 4176 | [NL80211_STA_FLAG_TDLS_PEER] = { .type = NLA_FLAG }, |
| 4177 | }; |
| 4178 | |
| 4179 | static int parse_station_flags(struct genl_info *info, |
| 4180 | enum nl80211_iftype iftype, |
| 4181 | struct station_parameters *params) |
| 4182 | { |
| 4183 | struct nlattr *flags[NL80211_STA_FLAG_MAX + 1]; |
| 4184 | struct nlattr *nla; |
| 4185 | int flag; |
| 4186 | |
| 4187 | /* |
| 4188 | * Try parsing the new attribute first so userspace |
| 4189 | * can specify both for older kernels. |
| 4190 | */ |
| 4191 | nla = info->attrs[NL80211_ATTR_STA_FLAGS2]; |
| 4192 | if (nla) { |
| 4193 | struct nl80211_sta_flag_update *sta_flags; |
| 4194 | |
| 4195 | sta_flags = nla_data(nla); |
| 4196 | params->sta_flags_mask = sta_flags->mask; |
| 4197 | params->sta_flags_set = sta_flags->set; |
| 4198 | params->sta_flags_set &= params->sta_flags_mask; |
| 4199 | if ((params->sta_flags_mask | |
| 4200 | params->sta_flags_set) & BIT(__NL80211_STA_FLAG_INVALID)) |
| 4201 | return -EINVAL; |
| 4202 | return 0; |
| 4203 | } |
| 4204 | |
| 4205 | /* if present, parse the old attribute */ |
| 4206 | |
| 4207 | nla = info->attrs[NL80211_ATTR_STA_FLAGS]; |
| 4208 | if (!nla) |
| 4209 | return 0; |
| 4210 | |
| 4211 | if (nla_parse_nested(flags, NL80211_STA_FLAG_MAX, nla, |
| 4212 | sta_flags_policy, info->extack)) |
| 4213 | return -EINVAL; |
| 4214 | |
| 4215 | /* |
| 4216 | * Only allow certain flags for interface types so that |
| 4217 | * other attributes are silently ignored. Remember that |
| 4218 | * this is backward compatibility code with old userspace |
| 4219 | * and shouldn't be hit in other cases anyway. |
| 4220 | */ |
| 4221 | switch (iftype) { |
| 4222 | case NL80211_IFTYPE_AP: |
| 4223 | case NL80211_IFTYPE_AP_VLAN: |
| 4224 | case NL80211_IFTYPE_P2P_GO: |
| 4225 | params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHORIZED) | |
| 4226 | BIT(NL80211_STA_FLAG_SHORT_PREAMBLE) | |
| 4227 | BIT(NL80211_STA_FLAG_WME) | |
| 4228 | BIT(NL80211_STA_FLAG_MFP); |
| 4229 | break; |
| 4230 | case NL80211_IFTYPE_P2P_CLIENT: |
| 4231 | case NL80211_IFTYPE_STATION: |
| 4232 | params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHORIZED) | |
| 4233 | BIT(NL80211_STA_FLAG_TDLS_PEER); |
| 4234 | break; |
| 4235 | case NL80211_IFTYPE_MESH_POINT: |
| 4236 | params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHENTICATED) | |
| 4237 | BIT(NL80211_STA_FLAG_MFP) | |
| 4238 | BIT(NL80211_STA_FLAG_AUTHORIZED); |
| 4239 | break; |
| 4240 | default: |
| 4241 | return -EINVAL; |
| 4242 | } |
| 4243 | |
| 4244 | for (flag = 1; flag <= NL80211_STA_FLAG_MAX; flag++) { |
| 4245 | if (flags[flag]) { |
| 4246 | params->sta_flags_set |= (1<<flag); |
| 4247 | |
| 4248 | /* no longer support new API additions in old API */ |
| 4249 | if (flag > NL80211_STA_FLAG_MAX_OLD_API) |
| 4250 | return -EINVAL; |
| 4251 | } |
| 4252 | } |
| 4253 | |
| 4254 | return 0; |
| 4255 | } |
| 4256 | |
| 4257 | static bool nl80211_put_sta_rate(struct sk_buff *msg, struct rate_info *info, |
| 4258 | int attr) |
| 4259 | { |
| 4260 | struct nlattr *rate; |
| 4261 | u32 bitrate; |
| 4262 | u16 bitrate_compat; |
| 4263 | enum nl80211_rate_info rate_flg; |
| 4264 | |
| 4265 | rate = nla_nest_start(msg, attr); |
| 4266 | if (!rate) |
| 4267 | return false; |
| 4268 | |
| 4269 | /* cfg80211_calculate_bitrate will return 0 for mcs >= 32 */ |
| 4270 | bitrate = cfg80211_calculate_bitrate(info); |
| 4271 | /* report 16-bit bitrate only if we can */ |
| 4272 | bitrate_compat = bitrate < (1UL << 16) ? bitrate : 0; |
| 4273 | if (bitrate > 0 && |
| 4274 | nla_put_u32(msg, NL80211_RATE_INFO_BITRATE32, bitrate)) |
| 4275 | return false; |
| 4276 | if (bitrate_compat > 0 && |
| 4277 | nla_put_u16(msg, NL80211_RATE_INFO_BITRATE, bitrate_compat)) |
| 4278 | return false; |
| 4279 | |
| 4280 | switch (info->bw) { |
| 4281 | case RATE_INFO_BW_5: |
| 4282 | rate_flg = NL80211_RATE_INFO_5_MHZ_WIDTH; |
| 4283 | break; |
| 4284 | case RATE_INFO_BW_10: |
| 4285 | rate_flg = NL80211_RATE_INFO_10_MHZ_WIDTH; |
| 4286 | break; |
| 4287 | default: |
| 4288 | WARN_ON(1); |
| 4289 | /* fall through */ |
| 4290 | case RATE_INFO_BW_20: |
| 4291 | rate_flg = 0; |
| 4292 | break; |
| 4293 | case RATE_INFO_BW_40: |
| 4294 | rate_flg = NL80211_RATE_INFO_40_MHZ_WIDTH; |
| 4295 | break; |
| 4296 | case RATE_INFO_BW_80: |
| 4297 | rate_flg = NL80211_RATE_INFO_80_MHZ_WIDTH; |
| 4298 | break; |
| 4299 | case RATE_INFO_BW_160: |
| 4300 | rate_flg = NL80211_RATE_INFO_160_MHZ_WIDTH; |
| 4301 | break; |
| 4302 | } |
| 4303 | |
| 4304 | if (rate_flg && nla_put_flag(msg, rate_flg)) |
| 4305 | return false; |
| 4306 | |
| 4307 | if (info->flags & RATE_INFO_FLAGS_MCS) { |
| 4308 | if (nla_put_u8(msg, NL80211_RATE_INFO_MCS, info->mcs)) |
| 4309 | return false; |
| 4310 | if (info->flags & RATE_INFO_FLAGS_SHORT_GI && |
| 4311 | nla_put_flag(msg, NL80211_RATE_INFO_SHORT_GI)) |
| 4312 | return false; |
| 4313 | } else if (info->flags & RATE_INFO_FLAGS_VHT_MCS) { |
| 4314 | if (nla_put_u8(msg, NL80211_RATE_INFO_VHT_MCS, info->mcs)) |
| 4315 | return false; |
| 4316 | if (nla_put_u8(msg, NL80211_RATE_INFO_VHT_NSS, info->nss)) |
| 4317 | return false; |
| 4318 | if (info->flags & RATE_INFO_FLAGS_SHORT_GI && |
| 4319 | nla_put_flag(msg, NL80211_RATE_INFO_SHORT_GI)) |
| 4320 | return false; |
| 4321 | } |
| 4322 | |
| 4323 | nla_nest_end(msg, rate); |
| 4324 | return true; |
| 4325 | } |
| 4326 | |
| 4327 | static bool nl80211_put_signal(struct sk_buff *msg, u8 mask, s8 *signal, |
| 4328 | int id) |
| 4329 | { |
| 4330 | void *attr; |
| 4331 | int i = 0; |
| 4332 | |
| 4333 | if (!mask) |
| 4334 | return true; |
| 4335 | |
| 4336 | attr = nla_nest_start(msg, id); |
| 4337 | if (!attr) |
| 4338 | return false; |
| 4339 | |
| 4340 | for (i = 0; i < IEEE80211_MAX_CHAINS; i++) { |
| 4341 | if (!(mask & BIT(i))) |
| 4342 | continue; |
| 4343 | |
| 4344 | if (nla_put_u8(msg, i, signal[i])) |
| 4345 | return false; |
| 4346 | } |
| 4347 | |
| 4348 | nla_nest_end(msg, attr); |
| 4349 | |
| 4350 | return true; |
| 4351 | } |
| 4352 | |
| 4353 | static int nl80211_send_station(struct sk_buff *msg, u32 cmd, u32 portid, |
| 4354 | u32 seq, int flags, |
| 4355 | struct cfg80211_registered_device *rdev, |
| 4356 | struct net_device *dev, |
| 4357 | const u8 *mac_addr, struct station_info *sinfo) |
| 4358 | { |
| 4359 | void *hdr; |
| 4360 | struct nlattr *sinfoattr, *bss_param; |
| 4361 | |
| 4362 | hdr = nl80211hdr_put(msg, portid, seq, flags, cmd); |
| 4363 | if (!hdr) |
| 4364 | return -1; |
| 4365 | |
| 4366 | if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) || |
| 4367 | nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr) || |
| 4368 | nla_put_u32(msg, NL80211_ATTR_GENERATION, sinfo->generation)) |
| 4369 | goto nla_put_failure; |
| 4370 | |
| 4371 | sinfoattr = nla_nest_start(msg, NL80211_ATTR_STA_INFO); |
| 4372 | if (!sinfoattr) |
| 4373 | goto nla_put_failure; |
| 4374 | |
| 4375 | #define PUT_SINFO(attr, memb, type) do { \ |
| 4376 | BUILD_BUG_ON(sizeof(type) == sizeof(u64)); \ |
| 4377 | if (sinfo->filled & (1ULL << NL80211_STA_INFO_ ## attr) && \ |
| 4378 | nla_put_ ## type(msg, NL80211_STA_INFO_ ## attr, \ |
| 4379 | sinfo->memb)) \ |
| 4380 | goto nla_put_failure; \ |
| 4381 | } while (0) |
| 4382 | #define PUT_SINFO_U64(attr, memb) do { \ |
| 4383 | if (sinfo->filled & (1ULL << NL80211_STA_INFO_ ## attr) && \ |
| 4384 | nla_put_u64_64bit(msg, NL80211_STA_INFO_ ## attr, \ |
| 4385 | sinfo->memb, NL80211_STA_INFO_PAD)) \ |
| 4386 | goto nla_put_failure; \ |
| 4387 | } while (0) |
| 4388 | |
| 4389 | PUT_SINFO(CONNECTED_TIME, connected_time, u32); |
| 4390 | PUT_SINFO(INACTIVE_TIME, inactive_time, u32); |
| 4391 | |
| 4392 | if (sinfo->filled & (BIT(NL80211_STA_INFO_RX_BYTES) | |
| 4393 | BIT(NL80211_STA_INFO_RX_BYTES64)) && |
| 4394 | nla_put_u32(msg, NL80211_STA_INFO_RX_BYTES, |
| 4395 | (u32)sinfo->rx_bytes)) |
| 4396 | goto nla_put_failure; |
| 4397 | |
| 4398 | if (sinfo->filled & (BIT(NL80211_STA_INFO_TX_BYTES) | |
| 4399 | BIT(NL80211_STA_INFO_TX_BYTES64)) && |
| 4400 | nla_put_u32(msg, NL80211_STA_INFO_TX_BYTES, |
| 4401 | (u32)sinfo->tx_bytes)) |
| 4402 | goto nla_put_failure; |
| 4403 | |
| 4404 | PUT_SINFO_U64(RX_BYTES64, rx_bytes); |
| 4405 | PUT_SINFO_U64(TX_BYTES64, tx_bytes); |
| 4406 | PUT_SINFO(LLID, llid, u16); |
| 4407 | PUT_SINFO(PLID, plid, u16); |
| 4408 | PUT_SINFO(PLINK_STATE, plink_state, u8); |
| 4409 | PUT_SINFO_U64(RX_DURATION, rx_duration); |
| 4410 | |
| 4411 | switch (rdev->wiphy.signal_type) { |
| 4412 | case CFG80211_SIGNAL_TYPE_MBM: |
| 4413 | PUT_SINFO(SIGNAL, signal, u8); |
| 4414 | PUT_SINFO(SIGNAL_AVG, signal_avg, u8); |
| 4415 | break; |
| 4416 | default: |
| 4417 | break; |
| 4418 | } |
| 4419 | if (sinfo->filled & BIT(NL80211_STA_INFO_CHAIN_SIGNAL)) { |
| 4420 | if (!nl80211_put_signal(msg, sinfo->chains, |
| 4421 | sinfo->chain_signal, |
| 4422 | NL80211_STA_INFO_CHAIN_SIGNAL)) |
| 4423 | goto nla_put_failure; |
| 4424 | } |
| 4425 | if (sinfo->filled & BIT(NL80211_STA_INFO_CHAIN_SIGNAL_AVG)) { |
| 4426 | if (!nl80211_put_signal(msg, sinfo->chains, |
| 4427 | sinfo->chain_signal_avg, |
| 4428 | NL80211_STA_INFO_CHAIN_SIGNAL_AVG)) |
| 4429 | goto nla_put_failure; |
| 4430 | } |
| 4431 | if (sinfo->filled & BIT(NL80211_STA_INFO_TX_BITRATE)) { |
| 4432 | if (!nl80211_put_sta_rate(msg, &sinfo->txrate, |
| 4433 | NL80211_STA_INFO_TX_BITRATE)) |
| 4434 | goto nla_put_failure; |
| 4435 | } |
| 4436 | if (sinfo->filled & BIT(NL80211_STA_INFO_RX_BITRATE)) { |
| 4437 | if (!nl80211_put_sta_rate(msg, &sinfo->rxrate, |
| 4438 | NL80211_STA_INFO_RX_BITRATE)) |
| 4439 | goto nla_put_failure; |
| 4440 | } |
| 4441 | |
| 4442 | PUT_SINFO(RX_PACKETS, rx_packets, u32); |
| 4443 | PUT_SINFO(TX_PACKETS, tx_packets, u32); |
| 4444 | PUT_SINFO(TX_RETRIES, tx_retries, u32); |
| 4445 | PUT_SINFO(TX_FAILED, tx_failed, u32); |
| 4446 | PUT_SINFO(EXPECTED_THROUGHPUT, expected_throughput, u32); |
| 4447 | PUT_SINFO(BEACON_LOSS, beacon_loss_count, u32); |
| 4448 | PUT_SINFO(LOCAL_PM, local_pm, u32); |
| 4449 | PUT_SINFO(PEER_PM, peer_pm, u32); |
| 4450 | PUT_SINFO(NONPEER_PM, nonpeer_pm, u32); |
| 4451 | |
| 4452 | if (sinfo->filled & BIT(NL80211_STA_INFO_BSS_PARAM)) { |
| 4453 | bss_param = nla_nest_start(msg, NL80211_STA_INFO_BSS_PARAM); |
| 4454 | if (!bss_param) |
| 4455 | goto nla_put_failure; |
| 4456 | |
| 4457 | if (((sinfo->bss_param.flags & BSS_PARAM_FLAGS_CTS_PROT) && |
| 4458 | nla_put_flag(msg, NL80211_STA_BSS_PARAM_CTS_PROT)) || |
| 4459 | ((sinfo->bss_param.flags & BSS_PARAM_FLAGS_SHORT_PREAMBLE) && |
| 4460 | nla_put_flag(msg, NL80211_STA_BSS_PARAM_SHORT_PREAMBLE)) || |
| 4461 | ((sinfo->bss_param.flags & BSS_PARAM_FLAGS_SHORT_SLOT_TIME) && |
| 4462 | nla_put_flag(msg, NL80211_STA_BSS_PARAM_SHORT_SLOT_TIME)) || |
| 4463 | nla_put_u8(msg, NL80211_STA_BSS_PARAM_DTIM_PERIOD, |
| 4464 | sinfo->bss_param.dtim_period) || |
| 4465 | nla_put_u16(msg, NL80211_STA_BSS_PARAM_BEACON_INTERVAL, |
| 4466 | sinfo->bss_param.beacon_interval)) |
| 4467 | goto nla_put_failure; |
| 4468 | |
| 4469 | nla_nest_end(msg, bss_param); |
| 4470 | } |
| 4471 | if ((sinfo->filled & BIT(NL80211_STA_INFO_STA_FLAGS)) && |
| 4472 | nla_put(msg, NL80211_STA_INFO_STA_FLAGS, |
| 4473 | sizeof(struct nl80211_sta_flag_update), |
| 4474 | &sinfo->sta_flags)) |
| 4475 | goto nla_put_failure; |
| 4476 | |
| 4477 | PUT_SINFO_U64(T_OFFSET, t_offset); |
| 4478 | PUT_SINFO_U64(RX_DROP_MISC, rx_dropped_misc); |
| 4479 | PUT_SINFO_U64(BEACON_RX, rx_beacon); |
| 4480 | PUT_SINFO(BEACON_SIGNAL_AVG, rx_beacon_signal_avg, u8); |
| 4481 | |
| 4482 | #undef PUT_SINFO |
| 4483 | #undef PUT_SINFO_U64 |
| 4484 | |
| 4485 | if (sinfo->filled & BIT(NL80211_STA_INFO_TID_STATS)) { |
| 4486 | struct nlattr *tidsattr; |
| 4487 | int tid; |
| 4488 | |
| 4489 | tidsattr = nla_nest_start(msg, NL80211_STA_INFO_TID_STATS); |
| 4490 | if (!tidsattr) |
| 4491 | goto nla_put_failure; |
| 4492 | |
| 4493 | for (tid = 0; tid < IEEE80211_NUM_TIDS + 1; tid++) { |
| 4494 | struct cfg80211_tid_stats *tidstats; |
| 4495 | struct nlattr *tidattr; |
| 4496 | |
| 4497 | tidstats = &sinfo->pertid[tid]; |
| 4498 | |
| 4499 | if (!tidstats->filled) |
| 4500 | continue; |
| 4501 | |
| 4502 | tidattr = nla_nest_start(msg, tid + 1); |
| 4503 | if (!tidattr) |
| 4504 | goto nla_put_failure; |
| 4505 | |
| 4506 | #define PUT_TIDVAL_U64(attr, memb) do { \ |
| 4507 | if (tidstats->filled & BIT(NL80211_TID_STATS_ ## attr) && \ |
| 4508 | nla_put_u64_64bit(msg, NL80211_TID_STATS_ ## attr, \ |
| 4509 | tidstats->memb, NL80211_TID_STATS_PAD)) \ |
| 4510 | goto nla_put_failure; \ |
| 4511 | } while (0) |
| 4512 | |
| 4513 | PUT_TIDVAL_U64(RX_MSDU, rx_msdu); |
| 4514 | PUT_TIDVAL_U64(TX_MSDU, tx_msdu); |
| 4515 | PUT_TIDVAL_U64(TX_MSDU_RETRIES, tx_msdu_retries); |
| 4516 | PUT_TIDVAL_U64(TX_MSDU_FAILED, tx_msdu_failed); |
| 4517 | |
| 4518 | #undef PUT_TIDVAL_U64 |
| 4519 | nla_nest_end(msg, tidattr); |
| 4520 | } |
| 4521 | |
| 4522 | nla_nest_end(msg, tidsattr); |
| 4523 | } |
| 4524 | |
| 4525 | nla_nest_end(msg, sinfoattr); |
| 4526 | |
| 4527 | if (sinfo->assoc_req_ies_len && |
| 4528 | nla_put(msg, NL80211_ATTR_IE, sinfo->assoc_req_ies_len, |
| 4529 | sinfo->assoc_req_ies)) |
| 4530 | goto nla_put_failure; |
| 4531 | |
| 4532 | genlmsg_end(msg, hdr); |
| 4533 | return 0; |
| 4534 | |
| 4535 | nla_put_failure: |
| 4536 | genlmsg_cancel(msg, hdr); |
| 4537 | return -EMSGSIZE; |
| 4538 | } |
| 4539 | |
| 4540 | static int nl80211_dump_station(struct sk_buff *skb, |
| 4541 | struct netlink_callback *cb) |
| 4542 | { |
| 4543 | struct station_info sinfo; |
| 4544 | struct cfg80211_registered_device *rdev; |
| 4545 | struct wireless_dev *wdev; |
| 4546 | u8 mac_addr[ETH_ALEN]; |
| 4547 | int sta_idx = cb->args[2]; |
| 4548 | int err; |
| 4549 | |
| 4550 | rtnl_lock(); |
| 4551 | err = nl80211_prepare_wdev_dump(skb, cb, &rdev, &wdev); |
| 4552 | if (err) |
| 4553 | goto out_err; |
| 4554 | |
| 4555 | if (!wdev->netdev) { |
| 4556 | err = -EINVAL; |
| 4557 | goto out_err; |
| 4558 | } |
| 4559 | |
| 4560 | if (!rdev->ops->dump_station) { |
| 4561 | err = -EOPNOTSUPP; |
| 4562 | goto out_err; |
| 4563 | } |
| 4564 | |
| 4565 | while (1) { |
| 4566 | memset(&sinfo, 0, sizeof(sinfo)); |
| 4567 | err = rdev_dump_station(rdev, wdev->netdev, sta_idx, |
| 4568 | mac_addr, &sinfo); |
| 4569 | if (err == -ENOENT) |
| 4570 | break; |
| 4571 | if (err) |
| 4572 | goto out_err; |
| 4573 | |
| 4574 | if (nl80211_send_station(skb, NL80211_CMD_NEW_STATION, |
| 4575 | NETLINK_CB(cb->skb).portid, |
| 4576 | cb->nlh->nlmsg_seq, NLM_F_MULTI, |
| 4577 | rdev, wdev->netdev, mac_addr, |
| 4578 | &sinfo) < 0) |
| 4579 | goto out; |
| 4580 | |
| 4581 | sta_idx++; |
| 4582 | } |
| 4583 | |
| 4584 | out: |
| 4585 | cb->args[2] = sta_idx; |
| 4586 | err = skb->len; |
| 4587 | out_err: |
| 4588 | rtnl_unlock(); |
| 4589 | |
| 4590 | return err; |
| 4591 | } |
| 4592 | |
| 4593 | static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info) |
| 4594 | { |
| 4595 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 4596 | struct net_device *dev = info->user_ptr[1]; |
| 4597 | struct station_info sinfo; |
| 4598 | struct sk_buff *msg; |
| 4599 | u8 *mac_addr = NULL; |
| 4600 | int err; |
| 4601 | |
| 4602 | memset(&sinfo, 0, sizeof(sinfo)); |
| 4603 | |
| 4604 | if (!info->attrs[NL80211_ATTR_MAC]) |
| 4605 | return -EINVAL; |
| 4606 | |
| 4607 | mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 4608 | |
| 4609 | if (!rdev->ops->get_station) |
| 4610 | return -EOPNOTSUPP; |
| 4611 | |
| 4612 | err = rdev_get_station(rdev, dev, mac_addr, &sinfo); |
| 4613 | if (err) |
| 4614 | return err; |
| 4615 | |
| 4616 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); |
| 4617 | if (!msg) |
| 4618 | return -ENOMEM; |
| 4619 | |
| 4620 | if (nl80211_send_station(msg, NL80211_CMD_NEW_STATION, |
| 4621 | info->snd_portid, info->snd_seq, 0, |
| 4622 | rdev, dev, mac_addr, &sinfo) < 0) { |
| 4623 | nlmsg_free(msg); |
| 4624 | return -ENOBUFS; |
| 4625 | } |
| 4626 | |
| 4627 | return genlmsg_reply(msg, info); |
| 4628 | } |
| 4629 | |
| 4630 | int cfg80211_check_station_change(struct wiphy *wiphy, |
| 4631 | struct station_parameters *params, |
| 4632 | enum cfg80211_station_type statype) |
| 4633 | { |
| 4634 | if (params->listen_interval != -1 && |
| 4635 | statype != CFG80211_STA_AP_CLIENT_UNASSOC) |
| 4636 | return -EINVAL; |
| 4637 | |
| 4638 | if (params->support_p2p_ps != -1 && |
| 4639 | statype != CFG80211_STA_AP_CLIENT_UNASSOC) |
| 4640 | return -EINVAL; |
| 4641 | |
| 4642 | if (params->aid && |
| 4643 | !(params->sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) && |
| 4644 | statype != CFG80211_STA_AP_CLIENT_UNASSOC) |
| 4645 | return -EINVAL; |
| 4646 | |
| 4647 | /* When you run into this, adjust the code below for the new flag */ |
| 4648 | BUILD_BUG_ON(NL80211_STA_FLAG_MAX != 7); |
| 4649 | |
| 4650 | switch (statype) { |
| 4651 | case CFG80211_STA_MESH_PEER_KERNEL: |
| 4652 | case CFG80211_STA_MESH_PEER_USER: |
| 4653 | /* |
| 4654 | * No ignoring the TDLS flag here -- the userspace mesh |
| 4655 | * code doesn't have the bug of including TDLS in the |
| 4656 | * mask everywhere. |
| 4657 | */ |
| 4658 | if (params->sta_flags_mask & |
| 4659 | ~(BIT(NL80211_STA_FLAG_AUTHENTICATED) | |
| 4660 | BIT(NL80211_STA_FLAG_MFP) | |
| 4661 | BIT(NL80211_STA_FLAG_AUTHORIZED))) |
| 4662 | return -EINVAL; |
| 4663 | break; |
| 4664 | case CFG80211_STA_TDLS_PEER_SETUP: |
| 4665 | case CFG80211_STA_TDLS_PEER_ACTIVE: |
| 4666 | if (!(params->sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER))) |
| 4667 | return -EINVAL; |
| 4668 | /* ignore since it can't change */ |
| 4669 | params->sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER); |
| 4670 | break; |
| 4671 | default: |
| 4672 | /* disallow mesh-specific things */ |
| 4673 | if (params->plink_action != NL80211_PLINK_ACTION_NO_ACTION) |
| 4674 | return -EINVAL; |
| 4675 | if (params->local_pm) |
| 4676 | return -EINVAL; |
| 4677 | if (params->sta_modify_mask & STATION_PARAM_APPLY_PLINK_STATE) |
| 4678 | return -EINVAL; |
| 4679 | } |
| 4680 | |
| 4681 | if (statype != CFG80211_STA_TDLS_PEER_SETUP && |
| 4682 | statype != CFG80211_STA_TDLS_PEER_ACTIVE) { |
| 4683 | /* TDLS can't be set, ... */ |
| 4684 | if (params->sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) |
| 4685 | return -EINVAL; |
| 4686 | /* |
| 4687 | * ... but don't bother the driver with it. This works around |
| 4688 | * a hostapd/wpa_supplicant issue -- it always includes the |
| 4689 | * TLDS_PEER flag in the mask even for AP mode. |
| 4690 | */ |
| 4691 | params->sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER); |
| 4692 | } |
| 4693 | |
| 4694 | if (statype != CFG80211_STA_TDLS_PEER_SETUP && |
| 4695 | statype != CFG80211_STA_AP_CLIENT_UNASSOC) { |
| 4696 | /* reject other things that can't change */ |
| 4697 | if (params->sta_modify_mask & STATION_PARAM_APPLY_UAPSD) |
| 4698 | return -EINVAL; |
| 4699 | if (params->sta_modify_mask & STATION_PARAM_APPLY_CAPABILITY) |
| 4700 | return -EINVAL; |
| 4701 | if (params->supported_rates) |
| 4702 | return -EINVAL; |
| 4703 | if (params->ext_capab || params->ht_capa || params->vht_capa) |
| 4704 | return -EINVAL; |
| 4705 | } |
| 4706 | |
| 4707 | if (statype != CFG80211_STA_AP_CLIENT && |
| 4708 | statype != CFG80211_STA_AP_CLIENT_UNASSOC) { |
| 4709 | if (params->vlan) |
| 4710 | return -EINVAL; |
| 4711 | } |
| 4712 | |
| 4713 | switch (statype) { |
| 4714 | case CFG80211_STA_AP_MLME_CLIENT: |
| 4715 | /* Use this only for authorizing/unauthorizing a station */ |
| 4716 | if (!(params->sta_flags_mask & BIT(NL80211_STA_FLAG_AUTHORIZED))) |
| 4717 | return -EOPNOTSUPP; |
| 4718 | break; |
| 4719 | case CFG80211_STA_AP_CLIENT: |
| 4720 | case CFG80211_STA_AP_CLIENT_UNASSOC: |
| 4721 | /* accept only the listed bits */ |
| 4722 | if (params->sta_flags_mask & |
| 4723 | ~(BIT(NL80211_STA_FLAG_AUTHORIZED) | |
| 4724 | BIT(NL80211_STA_FLAG_AUTHENTICATED) | |
| 4725 | BIT(NL80211_STA_FLAG_ASSOCIATED) | |
| 4726 | BIT(NL80211_STA_FLAG_SHORT_PREAMBLE) | |
| 4727 | BIT(NL80211_STA_FLAG_WME) | |
| 4728 | BIT(NL80211_STA_FLAG_MFP))) |
| 4729 | return -EINVAL; |
| 4730 | |
| 4731 | /* but authenticated/associated only if driver handles it */ |
| 4732 | if (!(wiphy->features & NL80211_FEATURE_FULL_AP_CLIENT_STATE) && |
| 4733 | params->sta_flags_mask & |
| 4734 | (BIT(NL80211_STA_FLAG_AUTHENTICATED) | |
| 4735 | BIT(NL80211_STA_FLAG_ASSOCIATED))) |
| 4736 | return -EINVAL; |
| 4737 | break; |
| 4738 | case CFG80211_STA_IBSS: |
| 4739 | case CFG80211_STA_AP_STA: |
| 4740 | /* reject any changes other than AUTHORIZED */ |
| 4741 | if (params->sta_flags_mask & ~BIT(NL80211_STA_FLAG_AUTHORIZED)) |
| 4742 | return -EINVAL; |
| 4743 | break; |
| 4744 | case CFG80211_STA_TDLS_PEER_SETUP: |
| 4745 | /* reject any changes other than AUTHORIZED or WME */ |
| 4746 | if (params->sta_flags_mask & ~(BIT(NL80211_STA_FLAG_AUTHORIZED) | |
| 4747 | BIT(NL80211_STA_FLAG_WME))) |
| 4748 | return -EINVAL; |
| 4749 | /* force (at least) rates when authorizing */ |
| 4750 | if (params->sta_flags_set & BIT(NL80211_STA_FLAG_AUTHORIZED) && |
| 4751 | !params->supported_rates) |
| 4752 | return -EINVAL; |
| 4753 | break; |
| 4754 | case CFG80211_STA_TDLS_PEER_ACTIVE: |
| 4755 | /* reject any changes */ |
| 4756 | return -EINVAL; |
| 4757 | case CFG80211_STA_MESH_PEER_KERNEL: |
| 4758 | if (params->sta_modify_mask & STATION_PARAM_APPLY_PLINK_STATE) |
| 4759 | return -EINVAL; |
| 4760 | break; |
| 4761 | case CFG80211_STA_MESH_PEER_USER: |
| 4762 | if (params->plink_action != NL80211_PLINK_ACTION_NO_ACTION && |
| 4763 | params->plink_action != NL80211_PLINK_ACTION_BLOCK) |
| 4764 | return -EINVAL; |
| 4765 | break; |
| 4766 | } |
| 4767 | |
| 4768 | /* |
| 4769 | * Older kernel versions ignored this attribute entirely, so don't |
| 4770 | * reject attempts to update it but mark it as unused instead so the |
| 4771 | * driver won't look at the data. |
| 4772 | */ |
| 4773 | if (statype != CFG80211_STA_AP_CLIENT_UNASSOC && |
| 4774 | statype != CFG80211_STA_TDLS_PEER_SETUP) |
| 4775 | params->opmode_notif_used = false; |
| 4776 | |
| 4777 | return 0; |
| 4778 | } |
| 4779 | EXPORT_SYMBOL(cfg80211_check_station_change); |
| 4780 | |
| 4781 | /* |
| 4782 | * Get vlan interface making sure it is running and on the right wiphy. |
| 4783 | */ |
| 4784 | static struct net_device *get_vlan(struct genl_info *info, |
| 4785 | struct cfg80211_registered_device *rdev) |
| 4786 | { |
| 4787 | struct nlattr *vlanattr = info->attrs[NL80211_ATTR_STA_VLAN]; |
| 4788 | struct net_device *v; |
| 4789 | int ret; |
| 4790 | |
| 4791 | if (!vlanattr) |
| 4792 | return NULL; |
| 4793 | |
| 4794 | v = dev_get_by_index(genl_info_net(info), nla_get_u32(vlanattr)); |
| 4795 | if (!v) |
| 4796 | return ERR_PTR(-ENODEV); |
| 4797 | |
| 4798 | if (!v->ieee80211_ptr || v->ieee80211_ptr->wiphy != &rdev->wiphy) { |
| 4799 | ret = -EINVAL; |
| 4800 | goto error; |
| 4801 | } |
| 4802 | |
| 4803 | if (v->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && |
| 4804 | v->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && |
| 4805 | v->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) { |
| 4806 | ret = -EINVAL; |
| 4807 | goto error; |
| 4808 | } |
| 4809 | |
| 4810 | if (!netif_running(v)) { |
| 4811 | ret = -ENETDOWN; |
| 4812 | goto error; |
| 4813 | } |
| 4814 | |
| 4815 | return v; |
| 4816 | error: |
| 4817 | dev_put(v); |
| 4818 | return ERR_PTR(ret); |
| 4819 | } |
| 4820 | |
| 4821 | static const struct nla_policy |
| 4822 | nl80211_sta_wme_policy[NL80211_STA_WME_MAX + 1] = { |
| 4823 | [NL80211_STA_WME_UAPSD_QUEUES] = { .type = NLA_U8 }, |
| 4824 | [NL80211_STA_WME_MAX_SP] = { .type = NLA_U8 }, |
| 4825 | }; |
| 4826 | |
| 4827 | static int nl80211_parse_sta_wme(struct genl_info *info, |
| 4828 | struct station_parameters *params) |
| 4829 | { |
| 4830 | struct nlattr *tb[NL80211_STA_WME_MAX + 1]; |
| 4831 | struct nlattr *nla; |
| 4832 | int err; |
| 4833 | |
| 4834 | /* parse WME attributes if present */ |
| 4835 | if (!info->attrs[NL80211_ATTR_STA_WME]) |
| 4836 | return 0; |
| 4837 | |
| 4838 | nla = info->attrs[NL80211_ATTR_STA_WME]; |
| 4839 | err = nla_parse_nested(tb, NL80211_STA_WME_MAX, nla, |
| 4840 | nl80211_sta_wme_policy, info->extack); |
| 4841 | if (err) |
| 4842 | return err; |
| 4843 | |
| 4844 | if (tb[NL80211_STA_WME_UAPSD_QUEUES]) |
| 4845 | params->uapsd_queues = nla_get_u8( |
| 4846 | tb[NL80211_STA_WME_UAPSD_QUEUES]); |
| 4847 | if (params->uapsd_queues & ~IEEE80211_WMM_IE_STA_QOSINFO_AC_MASK) |
| 4848 | return -EINVAL; |
| 4849 | |
| 4850 | if (tb[NL80211_STA_WME_MAX_SP]) |
| 4851 | params->max_sp = nla_get_u8(tb[NL80211_STA_WME_MAX_SP]); |
| 4852 | |
| 4853 | if (params->max_sp & ~IEEE80211_WMM_IE_STA_QOSINFO_SP_MASK) |
| 4854 | return -EINVAL; |
| 4855 | |
| 4856 | params->sta_modify_mask |= STATION_PARAM_APPLY_UAPSD; |
| 4857 | |
| 4858 | return 0; |
| 4859 | } |
| 4860 | |
| 4861 | static int nl80211_parse_sta_channel_info(struct genl_info *info, |
| 4862 | struct station_parameters *params) |
| 4863 | { |
| 4864 | if (info->attrs[NL80211_ATTR_STA_SUPPORTED_CHANNELS]) { |
| 4865 | params->supported_channels = |
| 4866 | nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_CHANNELS]); |
| 4867 | params->supported_channels_len = |
| 4868 | nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_CHANNELS]); |
| 4869 | /* |
| 4870 | * Need to include at least one (first channel, number of |
| 4871 | * channels) tuple for each subband, and must have proper |
| 4872 | * tuples for the rest of the data as well. |
| 4873 | */ |
| 4874 | if (params->supported_channels_len < 2) |
| 4875 | return -EINVAL; |
| 4876 | if (params->supported_channels_len % 2) |
| 4877 | return -EINVAL; |
| 4878 | } |
| 4879 | |
| 4880 | if (info->attrs[NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES]) { |
| 4881 | params->supported_oper_classes = |
| 4882 | nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES]); |
| 4883 | params->supported_oper_classes_len = |
| 4884 | nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES]); |
| 4885 | /* |
| 4886 | * The value of the Length field of the Supported Operating |
| 4887 | * Classes element is between 2 and 253. |
| 4888 | */ |
| 4889 | if (params->supported_oper_classes_len < 2 || |
| 4890 | params->supported_oper_classes_len > 253) |
| 4891 | return -EINVAL; |
| 4892 | } |
| 4893 | return 0; |
| 4894 | } |
| 4895 | |
| 4896 | static int nl80211_set_station_tdls(struct genl_info *info, |
| 4897 | struct station_parameters *params) |
| 4898 | { |
| 4899 | int err; |
| 4900 | /* Dummy STA entry gets updated once the peer capabilities are known */ |
| 4901 | if (info->attrs[NL80211_ATTR_PEER_AID]) |
| 4902 | params->aid = nla_get_u16(info->attrs[NL80211_ATTR_PEER_AID]); |
| 4903 | if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) |
| 4904 | params->ht_capa = |
| 4905 | nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]); |
| 4906 | if (info->attrs[NL80211_ATTR_VHT_CAPABILITY]) |
| 4907 | params->vht_capa = |
| 4908 | nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY]); |
| 4909 | |
| 4910 | err = nl80211_parse_sta_channel_info(info, params); |
| 4911 | if (err) |
| 4912 | return err; |
| 4913 | |
| 4914 | return nl80211_parse_sta_wme(info, params); |
| 4915 | } |
| 4916 | |
| 4917 | static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info) |
| 4918 | { |
| 4919 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 4920 | struct net_device *dev = info->user_ptr[1]; |
| 4921 | struct station_parameters params; |
| 4922 | u8 *mac_addr; |
| 4923 | int err; |
| 4924 | |
| 4925 | memset(¶ms, 0, sizeof(params)); |
| 4926 | |
| 4927 | if (!rdev->ops->change_station) |
| 4928 | return -EOPNOTSUPP; |
| 4929 | |
| 4930 | /* |
| 4931 | * AID and listen_interval properties can be set only for unassociated |
| 4932 | * station. Include these parameters here and will check them in |
| 4933 | * cfg80211_check_station_change(). |
| 4934 | */ |
| 4935 | if (info->attrs[NL80211_ATTR_STA_AID]) |
| 4936 | params.aid = nla_get_u16(info->attrs[NL80211_ATTR_STA_AID]); |
| 4937 | |
| 4938 | if (info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]) |
| 4939 | params.listen_interval = |
| 4940 | nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]); |
| 4941 | else |
| 4942 | params.listen_interval = -1; |
| 4943 | |
| 4944 | if (info->attrs[NL80211_ATTR_STA_SUPPORT_P2P_PS]) { |
| 4945 | u8 tmp; |
| 4946 | |
| 4947 | tmp = nla_get_u8(info->attrs[NL80211_ATTR_STA_SUPPORT_P2P_PS]); |
| 4948 | if (tmp >= NUM_NL80211_P2P_PS_STATUS) |
| 4949 | return -EINVAL; |
| 4950 | |
| 4951 | params.support_p2p_ps = tmp; |
| 4952 | } else { |
| 4953 | params.support_p2p_ps = -1; |
| 4954 | } |
| 4955 | |
| 4956 | if (!info->attrs[NL80211_ATTR_MAC]) |
| 4957 | return -EINVAL; |
| 4958 | |
| 4959 | mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 4960 | |
| 4961 | if (info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) { |
| 4962 | params.supported_rates = |
| 4963 | nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); |
| 4964 | params.supported_rates_len = |
| 4965 | nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); |
| 4966 | } |
| 4967 | |
| 4968 | if (info->attrs[NL80211_ATTR_STA_CAPABILITY]) { |
| 4969 | params.capability = |
| 4970 | nla_get_u16(info->attrs[NL80211_ATTR_STA_CAPABILITY]); |
| 4971 | params.sta_modify_mask |= STATION_PARAM_APPLY_CAPABILITY; |
| 4972 | } |
| 4973 | |
| 4974 | if (info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]) { |
| 4975 | params.ext_capab = |
| 4976 | nla_data(info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]); |
| 4977 | params.ext_capab_len = |
| 4978 | nla_len(info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]); |
| 4979 | } |
| 4980 | |
| 4981 | if (parse_station_flags(info, dev->ieee80211_ptr->iftype, ¶ms)) |
| 4982 | return -EINVAL; |
| 4983 | |
| 4984 | if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION]) { |
| 4985 | params.plink_action = |
| 4986 | nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]); |
| 4987 | if (params.plink_action >= NUM_NL80211_PLINK_ACTIONS) |
| 4988 | return -EINVAL; |
| 4989 | } |
| 4990 | |
| 4991 | if (info->attrs[NL80211_ATTR_STA_PLINK_STATE]) { |
| 4992 | params.plink_state = |
| 4993 | nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_STATE]); |
| 4994 | if (params.plink_state >= NUM_NL80211_PLINK_STATES) |
| 4995 | return -EINVAL; |
| 4996 | if (info->attrs[NL80211_ATTR_MESH_PEER_AID]) { |
| 4997 | params.peer_aid = nla_get_u16( |
| 4998 | info->attrs[NL80211_ATTR_MESH_PEER_AID]); |
| 4999 | if (params.peer_aid > IEEE80211_MAX_AID) |
| 5000 | return -EINVAL; |
| 5001 | } |
| 5002 | params.sta_modify_mask |= STATION_PARAM_APPLY_PLINK_STATE; |
| 5003 | } |
| 5004 | |
| 5005 | if (info->attrs[NL80211_ATTR_LOCAL_MESH_POWER_MODE]) { |
| 5006 | enum nl80211_mesh_power_mode pm = nla_get_u32( |
| 5007 | info->attrs[NL80211_ATTR_LOCAL_MESH_POWER_MODE]); |
| 5008 | |
| 5009 | if (pm <= NL80211_MESH_POWER_UNKNOWN || |
| 5010 | pm > NL80211_MESH_POWER_MAX) |
| 5011 | return -EINVAL; |
| 5012 | |
| 5013 | params.local_pm = pm; |
| 5014 | } |
| 5015 | |
| 5016 | if (info->attrs[NL80211_ATTR_OPMODE_NOTIF]) { |
| 5017 | params.opmode_notif_used = true; |
| 5018 | params.opmode_notif = |
| 5019 | nla_get_u8(info->attrs[NL80211_ATTR_OPMODE_NOTIF]); |
| 5020 | } |
| 5021 | |
| 5022 | /* Include parameters for TDLS peer (will check later) */ |
| 5023 | err = nl80211_set_station_tdls(info, ¶ms); |
| 5024 | if (err) |
| 5025 | return err; |
| 5026 | |
| 5027 | params.vlan = get_vlan(info, rdev); |
| 5028 | if (IS_ERR(params.vlan)) |
| 5029 | return PTR_ERR(params.vlan); |
| 5030 | |
| 5031 | switch (dev->ieee80211_ptr->iftype) { |
| 5032 | case NL80211_IFTYPE_AP: |
| 5033 | case NL80211_IFTYPE_AP_VLAN: |
| 5034 | case NL80211_IFTYPE_P2P_GO: |
| 5035 | case NL80211_IFTYPE_P2P_CLIENT: |
| 5036 | case NL80211_IFTYPE_STATION: |
| 5037 | case NL80211_IFTYPE_ADHOC: |
| 5038 | case NL80211_IFTYPE_MESH_POINT: |
| 5039 | break; |
| 5040 | default: |
| 5041 | err = -EOPNOTSUPP; |
| 5042 | goto out_put_vlan; |
| 5043 | } |
| 5044 | |
| 5045 | /* driver will call cfg80211_check_station_change() */ |
| 5046 | err = rdev_change_station(rdev, dev, mac_addr, ¶ms); |
| 5047 | |
| 5048 | out_put_vlan: |
| 5049 | if (params.vlan) |
| 5050 | dev_put(params.vlan); |
| 5051 | |
| 5052 | return err; |
| 5053 | } |
| 5054 | |
| 5055 | static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info) |
| 5056 | { |
| 5057 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 5058 | int err; |
| 5059 | struct net_device *dev = info->user_ptr[1]; |
| 5060 | struct station_parameters params; |
| 5061 | u8 *mac_addr = NULL; |
| 5062 | u32 auth_assoc = BIT(NL80211_STA_FLAG_AUTHENTICATED) | |
| 5063 | BIT(NL80211_STA_FLAG_ASSOCIATED); |
| 5064 | |
| 5065 | memset(¶ms, 0, sizeof(params)); |
| 5066 | |
| 5067 | if (!rdev->ops->add_station) |
| 5068 | return -EOPNOTSUPP; |
| 5069 | |
| 5070 | if (!info->attrs[NL80211_ATTR_MAC]) |
| 5071 | return -EINVAL; |
| 5072 | |
| 5073 | if (!info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]) |
| 5074 | return -EINVAL; |
| 5075 | |
| 5076 | if (!info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) |
| 5077 | return -EINVAL; |
| 5078 | |
| 5079 | if (!info->attrs[NL80211_ATTR_STA_AID] && |
| 5080 | !info->attrs[NL80211_ATTR_PEER_AID]) |
| 5081 | return -EINVAL; |
| 5082 | |
| 5083 | mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 5084 | params.supported_rates = |
| 5085 | nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); |
| 5086 | params.supported_rates_len = |
| 5087 | nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]); |
| 5088 | params.listen_interval = |
| 5089 | nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]); |
| 5090 | |
| 5091 | if (info->attrs[NL80211_ATTR_STA_SUPPORT_P2P_PS]) { |
| 5092 | u8 tmp; |
| 5093 | |
| 5094 | tmp = nla_get_u8(info->attrs[NL80211_ATTR_STA_SUPPORT_P2P_PS]); |
| 5095 | if (tmp >= NUM_NL80211_P2P_PS_STATUS) |
| 5096 | return -EINVAL; |
| 5097 | |
| 5098 | params.support_p2p_ps = tmp; |
| 5099 | } else { |
| 5100 | /* |
| 5101 | * if not specified, assume it's supported for P2P GO interface, |
| 5102 | * and is NOT supported for AP interface |
| 5103 | */ |
| 5104 | params.support_p2p_ps = |
| 5105 | dev->ieee80211_ptr->iftype == NL80211_IFTYPE_P2P_GO; |
| 5106 | } |
| 5107 | |
| 5108 | if (info->attrs[NL80211_ATTR_PEER_AID]) |
| 5109 | params.aid = nla_get_u16(info->attrs[NL80211_ATTR_PEER_AID]); |
| 5110 | else |
| 5111 | params.aid = nla_get_u16(info->attrs[NL80211_ATTR_STA_AID]); |
| 5112 | if (!params.aid || params.aid > IEEE80211_MAX_AID) |
| 5113 | return -EINVAL; |
| 5114 | |
| 5115 | if (info->attrs[NL80211_ATTR_STA_CAPABILITY]) { |
| 5116 | params.capability = |
| 5117 | nla_get_u16(info->attrs[NL80211_ATTR_STA_CAPABILITY]); |
| 5118 | params.sta_modify_mask |= STATION_PARAM_APPLY_CAPABILITY; |
| 5119 | } |
| 5120 | |
| 5121 | if (info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]) { |
| 5122 | params.ext_capab = |
| 5123 | nla_data(info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]); |
| 5124 | params.ext_capab_len = |
| 5125 | nla_len(info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]); |
| 5126 | } |
| 5127 | |
| 5128 | if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) |
| 5129 | params.ht_capa = |
| 5130 | nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]); |
| 5131 | |
| 5132 | if (info->attrs[NL80211_ATTR_VHT_CAPABILITY]) |
| 5133 | params.vht_capa = |
| 5134 | nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY]); |
| 5135 | |
| 5136 | if (info->attrs[NL80211_ATTR_OPMODE_NOTIF]) { |
| 5137 | params.opmode_notif_used = true; |
| 5138 | params.opmode_notif = |
| 5139 | nla_get_u8(info->attrs[NL80211_ATTR_OPMODE_NOTIF]); |
| 5140 | } |
| 5141 | |
| 5142 | if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION]) { |
| 5143 | params.plink_action = |
| 5144 | nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]); |
| 5145 | if (params.plink_action >= NUM_NL80211_PLINK_ACTIONS) |
| 5146 | return -EINVAL; |
| 5147 | } |
| 5148 | |
| 5149 | err = nl80211_parse_sta_channel_info(info, ¶ms); |
| 5150 | if (err) |
| 5151 | return err; |
| 5152 | |
| 5153 | err = nl80211_parse_sta_wme(info, ¶ms); |
| 5154 | if (err) |
| 5155 | return err; |
| 5156 | |
| 5157 | if (parse_station_flags(info, dev->ieee80211_ptr->iftype, ¶ms)) |
| 5158 | return -EINVAL; |
| 5159 | |
| 5160 | /* HT/VHT requires QoS, but if we don't have that just ignore HT/VHT |
| 5161 | * as userspace might just pass through the capabilities from the IEs |
| 5162 | * directly, rather than enforcing this restriction and returning an |
| 5163 | * error in this case. |
| 5164 | */ |
| 5165 | if (!(params.sta_flags_set & BIT(NL80211_STA_FLAG_WME))) { |
| 5166 | params.ht_capa = NULL; |
| 5167 | params.vht_capa = NULL; |
| 5168 | } |
| 5169 | |
| 5170 | /* When you run into this, adjust the code below for the new flag */ |
| 5171 | BUILD_BUG_ON(NL80211_STA_FLAG_MAX != 7); |
| 5172 | |
| 5173 | switch (dev->ieee80211_ptr->iftype) { |
| 5174 | case NL80211_IFTYPE_AP: |
| 5175 | case NL80211_IFTYPE_AP_VLAN: |
| 5176 | case NL80211_IFTYPE_P2P_GO: |
| 5177 | /* ignore WME attributes if iface/sta is not capable */ |
| 5178 | if (!(rdev->wiphy.flags & WIPHY_FLAG_AP_UAPSD) || |
| 5179 | !(params.sta_flags_set & BIT(NL80211_STA_FLAG_WME))) |
| 5180 | params.sta_modify_mask &= ~STATION_PARAM_APPLY_UAPSD; |
| 5181 | |
| 5182 | /* TDLS peers cannot be added */ |
| 5183 | if ((params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) || |
| 5184 | info->attrs[NL80211_ATTR_PEER_AID]) |
| 5185 | return -EINVAL; |
| 5186 | /* but don't bother the driver with it */ |
| 5187 | params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER); |
| 5188 | |
| 5189 | /* allow authenticated/associated only if driver handles it */ |
| 5190 | if (!(rdev->wiphy.features & |
| 5191 | NL80211_FEATURE_FULL_AP_CLIENT_STATE) && |
| 5192 | params.sta_flags_mask & auth_assoc) |
| 5193 | return -EINVAL; |
| 5194 | |
| 5195 | /* Older userspace, or userspace wanting to be compatible with |
| 5196 | * !NL80211_FEATURE_FULL_AP_CLIENT_STATE, will not set the auth |
| 5197 | * and assoc flags in the mask, but assumes the station will be |
| 5198 | * added as associated anyway since this was the required driver |
| 5199 | * behaviour before NL80211_FEATURE_FULL_AP_CLIENT_STATE was |
| 5200 | * introduced. |
| 5201 | * In order to not bother drivers with this quirk in the API |
| 5202 | * set the flags in both the mask and set for new stations in |
| 5203 | * this case. |
| 5204 | */ |
| 5205 | if (!(params.sta_flags_mask & auth_assoc)) { |
| 5206 | params.sta_flags_mask |= auth_assoc; |
| 5207 | params.sta_flags_set |= auth_assoc; |
| 5208 | } |
| 5209 | |
| 5210 | /* must be last in here for error handling */ |
| 5211 | params.vlan = get_vlan(info, rdev); |
| 5212 | if (IS_ERR(params.vlan)) |
| 5213 | return PTR_ERR(params.vlan); |
| 5214 | break; |
| 5215 | case NL80211_IFTYPE_MESH_POINT: |
| 5216 | /* ignore uAPSD data */ |
| 5217 | params.sta_modify_mask &= ~STATION_PARAM_APPLY_UAPSD; |
| 5218 | |
| 5219 | /* associated is disallowed */ |
| 5220 | if (params.sta_flags_mask & BIT(NL80211_STA_FLAG_ASSOCIATED)) |
| 5221 | return -EINVAL; |
| 5222 | /* TDLS peers cannot be added */ |
| 5223 | if ((params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) || |
| 5224 | info->attrs[NL80211_ATTR_PEER_AID]) |
| 5225 | return -EINVAL; |
| 5226 | break; |
| 5227 | case NL80211_IFTYPE_STATION: |
| 5228 | case NL80211_IFTYPE_P2P_CLIENT: |
| 5229 | /* ignore uAPSD data */ |
| 5230 | params.sta_modify_mask &= ~STATION_PARAM_APPLY_UAPSD; |
| 5231 | |
| 5232 | /* these are disallowed */ |
| 5233 | if (params.sta_flags_mask & |
| 5234 | (BIT(NL80211_STA_FLAG_ASSOCIATED) | |
| 5235 | BIT(NL80211_STA_FLAG_AUTHENTICATED))) |
| 5236 | return -EINVAL; |
| 5237 | /* Only TDLS peers can be added */ |
| 5238 | if (!(params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER))) |
| 5239 | return -EINVAL; |
| 5240 | /* Can only add if TDLS ... */ |
| 5241 | if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS)) |
| 5242 | return -EOPNOTSUPP; |
| 5243 | /* ... with external setup is supported */ |
| 5244 | if (!(rdev->wiphy.flags & WIPHY_FLAG_TDLS_EXTERNAL_SETUP)) |
| 5245 | return -EOPNOTSUPP; |
| 5246 | /* |
| 5247 | * Older wpa_supplicant versions always mark the TDLS peer |
| 5248 | * as authorized, but it shouldn't yet be. |
| 5249 | */ |
| 5250 | params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_AUTHORIZED); |
| 5251 | break; |
| 5252 | default: |
| 5253 | return -EOPNOTSUPP; |
| 5254 | } |
| 5255 | |
| 5256 | /* be aware of params.vlan when changing code here */ |
| 5257 | |
| 5258 | err = rdev_add_station(rdev, dev, mac_addr, ¶ms); |
| 5259 | |
| 5260 | if (params.vlan) |
| 5261 | dev_put(params.vlan); |
| 5262 | return err; |
| 5263 | } |
| 5264 | |
| 5265 | static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info) |
| 5266 | { |
| 5267 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 5268 | struct net_device *dev = info->user_ptr[1]; |
| 5269 | struct station_del_parameters params; |
| 5270 | |
| 5271 | memset(¶ms, 0, sizeof(params)); |
| 5272 | |
| 5273 | if (info->attrs[NL80211_ATTR_MAC]) |
| 5274 | params.mac = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 5275 | |
| 5276 | if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && |
| 5277 | dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN && |
| 5278 | dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT && |
| 5279 | dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) |
| 5280 | return -EINVAL; |
| 5281 | |
| 5282 | if (!rdev->ops->del_station) |
| 5283 | return -EOPNOTSUPP; |
| 5284 | |
| 5285 | if (info->attrs[NL80211_ATTR_MGMT_SUBTYPE]) { |
| 5286 | params.subtype = |
| 5287 | nla_get_u8(info->attrs[NL80211_ATTR_MGMT_SUBTYPE]); |
| 5288 | if (params.subtype != IEEE80211_STYPE_DISASSOC >> 4 && |
| 5289 | params.subtype != IEEE80211_STYPE_DEAUTH >> 4) |
| 5290 | return -EINVAL; |
| 5291 | } else { |
| 5292 | /* Default to Deauthentication frame */ |
| 5293 | params.subtype = IEEE80211_STYPE_DEAUTH >> 4; |
| 5294 | } |
| 5295 | |
| 5296 | if (info->attrs[NL80211_ATTR_REASON_CODE]) { |
| 5297 | params.reason_code = |
| 5298 | nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); |
| 5299 | if (params.reason_code == 0) |
| 5300 | return -EINVAL; /* 0 is reserved */ |
| 5301 | } else { |
| 5302 | /* Default to reason code 2 */ |
| 5303 | params.reason_code = WLAN_REASON_PREV_AUTH_NOT_VALID; |
| 5304 | } |
| 5305 | |
| 5306 | return rdev_del_station(rdev, dev, ¶ms); |
| 5307 | } |
| 5308 | |
| 5309 | static int nl80211_send_mpath(struct sk_buff *msg, u32 portid, u32 seq, |
| 5310 | int flags, struct net_device *dev, |
| 5311 | u8 *dst, u8 *next_hop, |
| 5312 | struct mpath_info *pinfo) |
| 5313 | { |
| 5314 | void *hdr; |
| 5315 | struct nlattr *pinfoattr; |
| 5316 | |
| 5317 | hdr = nl80211hdr_put(msg, portid, seq, flags, NL80211_CMD_NEW_MPATH); |
| 5318 | if (!hdr) |
| 5319 | return -1; |
| 5320 | |
| 5321 | if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) || |
| 5322 | nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, dst) || |
| 5323 | nla_put(msg, NL80211_ATTR_MPATH_NEXT_HOP, ETH_ALEN, next_hop) || |
| 5324 | nla_put_u32(msg, NL80211_ATTR_GENERATION, pinfo->generation)) |
| 5325 | goto nla_put_failure; |
| 5326 | |
| 5327 | pinfoattr = nla_nest_start(msg, NL80211_ATTR_MPATH_INFO); |
| 5328 | if (!pinfoattr) |
| 5329 | goto nla_put_failure; |
| 5330 | if ((pinfo->filled & MPATH_INFO_FRAME_QLEN) && |
| 5331 | nla_put_u32(msg, NL80211_MPATH_INFO_FRAME_QLEN, |
| 5332 | pinfo->frame_qlen)) |
| 5333 | goto nla_put_failure; |
| 5334 | if (((pinfo->filled & MPATH_INFO_SN) && |
| 5335 | nla_put_u32(msg, NL80211_MPATH_INFO_SN, pinfo->sn)) || |
| 5336 | ((pinfo->filled & MPATH_INFO_METRIC) && |
| 5337 | nla_put_u32(msg, NL80211_MPATH_INFO_METRIC, |
| 5338 | pinfo->metric)) || |
| 5339 | ((pinfo->filled & MPATH_INFO_EXPTIME) && |
| 5340 | nla_put_u32(msg, NL80211_MPATH_INFO_EXPTIME, |
| 5341 | pinfo->exptime)) || |
| 5342 | ((pinfo->filled & MPATH_INFO_FLAGS) && |
| 5343 | nla_put_u8(msg, NL80211_MPATH_INFO_FLAGS, |
| 5344 | pinfo->flags)) || |
| 5345 | ((pinfo->filled & MPATH_INFO_DISCOVERY_TIMEOUT) && |
| 5346 | nla_put_u32(msg, NL80211_MPATH_INFO_DISCOVERY_TIMEOUT, |
| 5347 | pinfo->discovery_timeout)) || |
| 5348 | ((pinfo->filled & MPATH_INFO_DISCOVERY_RETRIES) && |
| 5349 | nla_put_u8(msg, NL80211_MPATH_INFO_DISCOVERY_RETRIES, |
| 5350 | pinfo->discovery_retries))) |
| 5351 | goto nla_put_failure; |
| 5352 | |
| 5353 | nla_nest_end(msg, pinfoattr); |
| 5354 | |
| 5355 | genlmsg_end(msg, hdr); |
| 5356 | return 0; |
| 5357 | |
| 5358 | nla_put_failure: |
| 5359 | genlmsg_cancel(msg, hdr); |
| 5360 | return -EMSGSIZE; |
| 5361 | } |
| 5362 | |
| 5363 | static int nl80211_dump_mpath(struct sk_buff *skb, |
| 5364 | struct netlink_callback *cb) |
| 5365 | { |
| 5366 | struct mpath_info pinfo; |
| 5367 | struct cfg80211_registered_device *rdev; |
| 5368 | struct wireless_dev *wdev; |
| 5369 | u8 dst[ETH_ALEN]; |
| 5370 | u8 next_hop[ETH_ALEN]; |
| 5371 | int path_idx = cb->args[2]; |
| 5372 | int err; |
| 5373 | |
| 5374 | rtnl_lock(); |
| 5375 | err = nl80211_prepare_wdev_dump(skb, cb, &rdev, &wdev); |
| 5376 | if (err) |
| 5377 | goto out_err; |
| 5378 | |
| 5379 | if (!rdev->ops->dump_mpath) { |
| 5380 | err = -EOPNOTSUPP; |
| 5381 | goto out_err; |
| 5382 | } |
| 5383 | |
| 5384 | if (wdev->iftype != NL80211_IFTYPE_MESH_POINT) { |
| 5385 | err = -EOPNOTSUPP; |
| 5386 | goto out_err; |
| 5387 | } |
| 5388 | |
| 5389 | while (1) { |
| 5390 | err = rdev_dump_mpath(rdev, wdev->netdev, path_idx, dst, |
| 5391 | next_hop, &pinfo); |
| 5392 | if (err == -ENOENT) |
| 5393 | break; |
| 5394 | if (err) |
| 5395 | goto out_err; |
| 5396 | |
| 5397 | if (nl80211_send_mpath(skb, NETLINK_CB(cb->skb).portid, |
| 5398 | cb->nlh->nlmsg_seq, NLM_F_MULTI, |
| 5399 | wdev->netdev, dst, next_hop, |
| 5400 | &pinfo) < 0) |
| 5401 | goto out; |
| 5402 | |
| 5403 | path_idx++; |
| 5404 | } |
| 5405 | |
| 5406 | out: |
| 5407 | cb->args[2] = path_idx; |
| 5408 | err = skb->len; |
| 5409 | out_err: |
| 5410 | rtnl_unlock(); |
| 5411 | return err; |
| 5412 | } |
| 5413 | |
| 5414 | static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info) |
| 5415 | { |
| 5416 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 5417 | int err; |
| 5418 | struct net_device *dev = info->user_ptr[1]; |
| 5419 | struct mpath_info pinfo; |
| 5420 | struct sk_buff *msg; |
| 5421 | u8 *dst = NULL; |
| 5422 | u8 next_hop[ETH_ALEN]; |
| 5423 | |
| 5424 | memset(&pinfo, 0, sizeof(pinfo)); |
| 5425 | |
| 5426 | if (!info->attrs[NL80211_ATTR_MAC]) |
| 5427 | return -EINVAL; |
| 5428 | |
| 5429 | dst = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 5430 | |
| 5431 | if (!rdev->ops->get_mpath) |
| 5432 | return -EOPNOTSUPP; |
| 5433 | |
| 5434 | if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) |
| 5435 | return -EOPNOTSUPP; |
| 5436 | |
| 5437 | err = rdev_get_mpath(rdev, dev, dst, next_hop, &pinfo); |
| 5438 | if (err) |
| 5439 | return err; |
| 5440 | |
| 5441 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); |
| 5442 | if (!msg) |
| 5443 | return -ENOMEM; |
| 5444 | |
| 5445 | if (nl80211_send_mpath(msg, info->snd_portid, info->snd_seq, 0, |
| 5446 | dev, dst, next_hop, &pinfo) < 0) { |
| 5447 | nlmsg_free(msg); |
| 5448 | return -ENOBUFS; |
| 5449 | } |
| 5450 | |
| 5451 | return genlmsg_reply(msg, info); |
| 5452 | } |
| 5453 | |
| 5454 | static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info) |
| 5455 | { |
| 5456 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 5457 | struct net_device *dev = info->user_ptr[1]; |
| 5458 | u8 *dst = NULL; |
| 5459 | u8 *next_hop = NULL; |
| 5460 | |
| 5461 | if (!info->attrs[NL80211_ATTR_MAC]) |
| 5462 | return -EINVAL; |
| 5463 | |
| 5464 | if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]) |
| 5465 | return -EINVAL; |
| 5466 | |
| 5467 | dst = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 5468 | next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]); |
| 5469 | |
| 5470 | if (!rdev->ops->change_mpath) |
| 5471 | return -EOPNOTSUPP; |
| 5472 | |
| 5473 | if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) |
| 5474 | return -EOPNOTSUPP; |
| 5475 | |
| 5476 | return rdev_change_mpath(rdev, dev, dst, next_hop); |
| 5477 | } |
| 5478 | |
| 5479 | static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info) |
| 5480 | { |
| 5481 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 5482 | struct net_device *dev = info->user_ptr[1]; |
| 5483 | u8 *dst = NULL; |
| 5484 | u8 *next_hop = NULL; |
| 5485 | |
| 5486 | if (!info->attrs[NL80211_ATTR_MAC]) |
| 5487 | return -EINVAL; |
| 5488 | |
| 5489 | if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]) |
| 5490 | return -EINVAL; |
| 5491 | |
| 5492 | dst = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 5493 | next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]); |
| 5494 | |
| 5495 | if (!rdev->ops->add_mpath) |
| 5496 | return -EOPNOTSUPP; |
| 5497 | |
| 5498 | if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) |
| 5499 | return -EOPNOTSUPP; |
| 5500 | |
| 5501 | return rdev_add_mpath(rdev, dev, dst, next_hop); |
| 5502 | } |
| 5503 | |
| 5504 | static int nl80211_del_mpath(struct sk_buff *skb, struct genl_info *info) |
| 5505 | { |
| 5506 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 5507 | struct net_device *dev = info->user_ptr[1]; |
| 5508 | u8 *dst = NULL; |
| 5509 | |
| 5510 | if (info->attrs[NL80211_ATTR_MAC]) |
| 5511 | dst = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 5512 | |
| 5513 | if (!rdev->ops->del_mpath) |
| 5514 | return -EOPNOTSUPP; |
| 5515 | |
| 5516 | if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) |
| 5517 | return -EOPNOTSUPP; |
| 5518 | |
| 5519 | return rdev_del_mpath(rdev, dev, dst); |
| 5520 | } |
| 5521 | |
| 5522 | static int nl80211_get_mpp(struct sk_buff *skb, struct genl_info *info) |
| 5523 | { |
| 5524 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 5525 | int err; |
| 5526 | struct net_device *dev = info->user_ptr[1]; |
| 5527 | struct mpath_info pinfo; |
| 5528 | struct sk_buff *msg; |
| 5529 | u8 *dst = NULL; |
| 5530 | u8 mpp[ETH_ALEN]; |
| 5531 | |
| 5532 | memset(&pinfo, 0, sizeof(pinfo)); |
| 5533 | |
| 5534 | if (!info->attrs[NL80211_ATTR_MAC]) |
| 5535 | return -EINVAL; |
| 5536 | |
| 5537 | dst = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 5538 | |
| 5539 | if (!rdev->ops->get_mpp) |
| 5540 | return -EOPNOTSUPP; |
| 5541 | |
| 5542 | if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) |
| 5543 | return -EOPNOTSUPP; |
| 5544 | |
| 5545 | err = rdev_get_mpp(rdev, dev, dst, mpp, &pinfo); |
| 5546 | if (err) |
| 5547 | return err; |
| 5548 | |
| 5549 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); |
| 5550 | if (!msg) |
| 5551 | return -ENOMEM; |
| 5552 | |
| 5553 | if (nl80211_send_mpath(msg, info->snd_portid, info->snd_seq, 0, |
| 5554 | dev, dst, mpp, &pinfo) < 0) { |
| 5555 | nlmsg_free(msg); |
| 5556 | return -ENOBUFS; |
| 5557 | } |
| 5558 | |
| 5559 | return genlmsg_reply(msg, info); |
| 5560 | } |
| 5561 | |
| 5562 | static int nl80211_dump_mpp(struct sk_buff *skb, |
| 5563 | struct netlink_callback *cb) |
| 5564 | { |
| 5565 | struct mpath_info pinfo; |
| 5566 | struct cfg80211_registered_device *rdev; |
| 5567 | struct wireless_dev *wdev; |
| 5568 | u8 dst[ETH_ALEN]; |
| 5569 | u8 mpp[ETH_ALEN]; |
| 5570 | int path_idx = cb->args[2]; |
| 5571 | int err; |
| 5572 | |
| 5573 | rtnl_lock(); |
| 5574 | err = nl80211_prepare_wdev_dump(skb, cb, &rdev, &wdev); |
| 5575 | if (err) |
| 5576 | goto out_err; |
| 5577 | |
| 5578 | if (!rdev->ops->dump_mpp) { |
| 5579 | err = -EOPNOTSUPP; |
| 5580 | goto out_err; |
| 5581 | } |
| 5582 | |
| 5583 | if (wdev->iftype != NL80211_IFTYPE_MESH_POINT) { |
| 5584 | err = -EOPNOTSUPP; |
| 5585 | goto out_err; |
| 5586 | } |
| 5587 | |
| 5588 | while (1) { |
| 5589 | err = rdev_dump_mpp(rdev, wdev->netdev, path_idx, dst, |
| 5590 | mpp, &pinfo); |
| 5591 | if (err == -ENOENT) |
| 5592 | break; |
| 5593 | if (err) |
| 5594 | goto out_err; |
| 5595 | |
| 5596 | if (nl80211_send_mpath(skb, NETLINK_CB(cb->skb).portid, |
| 5597 | cb->nlh->nlmsg_seq, NLM_F_MULTI, |
| 5598 | wdev->netdev, dst, mpp, |
| 5599 | &pinfo) < 0) |
| 5600 | goto out; |
| 5601 | |
| 5602 | path_idx++; |
| 5603 | } |
| 5604 | |
| 5605 | out: |
| 5606 | cb->args[2] = path_idx; |
| 5607 | err = skb->len; |
| 5608 | out_err: |
| 5609 | rtnl_unlock(); |
| 5610 | return err; |
| 5611 | } |
| 5612 | |
| 5613 | static int nl80211_set_bss(struct sk_buff *skb, struct genl_info *info) |
| 5614 | { |
| 5615 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 5616 | struct net_device *dev = info->user_ptr[1]; |
| 5617 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 5618 | struct bss_parameters params; |
| 5619 | int err; |
| 5620 | |
| 5621 | memset(¶ms, 0, sizeof(params)); |
| 5622 | /* default to not changing parameters */ |
| 5623 | params.use_cts_prot = -1; |
| 5624 | params.use_short_preamble = -1; |
| 5625 | params.use_short_slot_time = -1; |
| 5626 | params.ap_isolate = -1; |
| 5627 | params.ht_opmode = -1; |
| 5628 | params.p2p_ctwindow = -1; |
| 5629 | params.p2p_opp_ps = -1; |
| 5630 | |
| 5631 | if (info->attrs[NL80211_ATTR_BSS_CTS_PROT]) |
| 5632 | params.use_cts_prot = |
| 5633 | nla_get_u8(info->attrs[NL80211_ATTR_BSS_CTS_PROT]); |
| 5634 | if (info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]) |
| 5635 | params.use_short_preamble = |
| 5636 | nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]); |
| 5637 | if (info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]) |
| 5638 | params.use_short_slot_time = |
| 5639 | nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]); |
| 5640 | if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) { |
| 5641 | params.basic_rates = |
| 5642 | nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); |
| 5643 | params.basic_rates_len = |
| 5644 | nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); |
| 5645 | } |
| 5646 | if (info->attrs[NL80211_ATTR_AP_ISOLATE]) |
| 5647 | params.ap_isolate = !!nla_get_u8(info->attrs[NL80211_ATTR_AP_ISOLATE]); |
| 5648 | if (info->attrs[NL80211_ATTR_BSS_HT_OPMODE]) |
| 5649 | params.ht_opmode = |
| 5650 | nla_get_u16(info->attrs[NL80211_ATTR_BSS_HT_OPMODE]); |
| 5651 | |
| 5652 | if (info->attrs[NL80211_ATTR_P2P_CTWINDOW]) { |
| 5653 | if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) |
| 5654 | return -EINVAL; |
| 5655 | params.p2p_ctwindow = |
| 5656 | nla_get_s8(info->attrs[NL80211_ATTR_P2P_CTWINDOW]); |
| 5657 | if (params.p2p_ctwindow < 0) |
| 5658 | return -EINVAL; |
| 5659 | if (params.p2p_ctwindow != 0 && |
| 5660 | !(rdev->wiphy.features & NL80211_FEATURE_P2P_GO_CTWIN)) |
| 5661 | return -EINVAL; |
| 5662 | } |
| 5663 | |
| 5664 | if (info->attrs[NL80211_ATTR_P2P_OPPPS]) { |
| 5665 | u8 tmp; |
| 5666 | |
| 5667 | if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) |
| 5668 | return -EINVAL; |
| 5669 | tmp = nla_get_u8(info->attrs[NL80211_ATTR_P2P_OPPPS]); |
| 5670 | if (tmp > 1) |
| 5671 | return -EINVAL; |
| 5672 | params.p2p_opp_ps = tmp; |
| 5673 | if (params.p2p_opp_ps && |
| 5674 | !(rdev->wiphy.features & NL80211_FEATURE_P2P_GO_OPPPS)) |
| 5675 | return -EINVAL; |
| 5676 | } |
| 5677 | |
| 5678 | if (!rdev->ops->change_bss) |
| 5679 | return -EOPNOTSUPP; |
| 5680 | |
| 5681 | if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP && |
| 5682 | dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) |
| 5683 | return -EOPNOTSUPP; |
| 5684 | |
| 5685 | wdev_lock(wdev); |
| 5686 | err = rdev_change_bss(rdev, dev, ¶ms); |
| 5687 | wdev_unlock(wdev); |
| 5688 | |
| 5689 | return err; |
| 5690 | } |
| 5691 | |
| 5692 | static int nl80211_req_set_reg(struct sk_buff *skb, struct genl_info *info) |
| 5693 | { |
| 5694 | char *data = NULL; |
| 5695 | bool is_indoor; |
| 5696 | enum nl80211_user_reg_hint_type user_reg_hint_type; |
| 5697 | u32 owner_nlportid; |
| 5698 | |
| 5699 | /* |
| 5700 | * You should only get this when cfg80211 hasn't yet initialized |
| 5701 | * completely when built-in to the kernel right between the time |
| 5702 | * window between nl80211_init() and regulatory_init(), if that is |
| 5703 | * even possible. |
| 5704 | */ |
| 5705 | if (unlikely(!rcu_access_pointer(cfg80211_regdomain))) |
| 5706 | return -EINPROGRESS; |
| 5707 | |
| 5708 | if (info->attrs[NL80211_ATTR_USER_REG_HINT_TYPE]) |
| 5709 | user_reg_hint_type = |
| 5710 | nla_get_u32(info->attrs[NL80211_ATTR_USER_REG_HINT_TYPE]); |
| 5711 | else |
| 5712 | user_reg_hint_type = NL80211_USER_REG_HINT_USER; |
| 5713 | |
| 5714 | switch (user_reg_hint_type) { |
| 5715 | case NL80211_USER_REG_HINT_USER: |
| 5716 | case NL80211_USER_REG_HINT_CELL_BASE: |
| 5717 | if (!info->attrs[NL80211_ATTR_REG_ALPHA2]) |
| 5718 | return -EINVAL; |
| 5719 | |
| 5720 | data = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]); |
| 5721 | return regulatory_hint_user(data, user_reg_hint_type); |
| 5722 | case NL80211_USER_REG_HINT_INDOOR: |
| 5723 | if (info->attrs[NL80211_ATTR_SOCKET_OWNER]) { |
| 5724 | owner_nlportid = info->snd_portid; |
| 5725 | is_indoor = !!info->attrs[NL80211_ATTR_REG_INDOOR]; |
| 5726 | } else { |
| 5727 | owner_nlportid = 0; |
| 5728 | is_indoor = true; |
| 5729 | } |
| 5730 | |
| 5731 | return regulatory_hint_indoor(is_indoor, owner_nlportid); |
| 5732 | default: |
| 5733 | return -EINVAL; |
| 5734 | } |
| 5735 | } |
| 5736 | |
| 5737 | static int nl80211_get_mesh_config(struct sk_buff *skb, |
| 5738 | struct genl_info *info) |
| 5739 | { |
| 5740 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 5741 | struct net_device *dev = info->user_ptr[1]; |
| 5742 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 5743 | struct mesh_config cur_params; |
| 5744 | int err = 0; |
| 5745 | void *hdr; |
| 5746 | struct nlattr *pinfoattr; |
| 5747 | struct sk_buff *msg; |
| 5748 | |
| 5749 | if (wdev->iftype != NL80211_IFTYPE_MESH_POINT) |
| 5750 | return -EOPNOTSUPP; |
| 5751 | |
| 5752 | if (!rdev->ops->get_mesh_config) |
| 5753 | return -EOPNOTSUPP; |
| 5754 | |
| 5755 | wdev_lock(wdev); |
| 5756 | /* If not connected, get default parameters */ |
| 5757 | if (!wdev->mesh_id_len) |
| 5758 | memcpy(&cur_params, &default_mesh_config, sizeof(cur_params)); |
| 5759 | else |
| 5760 | err = rdev_get_mesh_config(rdev, dev, &cur_params); |
| 5761 | wdev_unlock(wdev); |
| 5762 | |
| 5763 | if (err) |
| 5764 | return err; |
| 5765 | |
| 5766 | /* Draw up a netlink message to send back */ |
| 5767 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); |
| 5768 | if (!msg) |
| 5769 | return -ENOMEM; |
| 5770 | hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0, |
| 5771 | NL80211_CMD_GET_MESH_CONFIG); |
| 5772 | if (!hdr) |
| 5773 | goto out; |
| 5774 | pinfoattr = nla_nest_start(msg, NL80211_ATTR_MESH_CONFIG); |
| 5775 | if (!pinfoattr) |
| 5776 | goto nla_put_failure; |
| 5777 | if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) || |
| 5778 | nla_put_u16(msg, NL80211_MESHCONF_RETRY_TIMEOUT, |
| 5779 | cur_params.dot11MeshRetryTimeout) || |
| 5780 | nla_put_u16(msg, NL80211_MESHCONF_CONFIRM_TIMEOUT, |
| 5781 | cur_params.dot11MeshConfirmTimeout) || |
| 5782 | nla_put_u16(msg, NL80211_MESHCONF_HOLDING_TIMEOUT, |
| 5783 | cur_params.dot11MeshHoldingTimeout) || |
| 5784 | nla_put_u16(msg, NL80211_MESHCONF_MAX_PEER_LINKS, |
| 5785 | cur_params.dot11MeshMaxPeerLinks) || |
| 5786 | nla_put_u8(msg, NL80211_MESHCONF_MAX_RETRIES, |
| 5787 | cur_params.dot11MeshMaxRetries) || |
| 5788 | nla_put_u8(msg, NL80211_MESHCONF_TTL, |
| 5789 | cur_params.dot11MeshTTL) || |
| 5790 | nla_put_u8(msg, NL80211_MESHCONF_ELEMENT_TTL, |
| 5791 | cur_params.element_ttl) || |
| 5792 | nla_put_u8(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS, |
| 5793 | cur_params.auto_open_plinks) || |
| 5794 | nla_put_u32(msg, NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR, |
| 5795 | cur_params.dot11MeshNbrOffsetMaxNeighbor) || |
| 5796 | nla_put_u8(msg, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES, |
| 5797 | cur_params.dot11MeshHWMPmaxPREQretries) || |
| 5798 | nla_put_u32(msg, NL80211_MESHCONF_PATH_REFRESH_TIME, |
| 5799 | cur_params.path_refresh_time) || |
| 5800 | nla_put_u16(msg, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT, |
| 5801 | cur_params.min_discovery_timeout) || |
| 5802 | nla_put_u32(msg, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT, |
| 5803 | cur_params.dot11MeshHWMPactivePathTimeout) || |
| 5804 | nla_put_u16(msg, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL, |
| 5805 | cur_params.dot11MeshHWMPpreqMinInterval) || |
| 5806 | nla_put_u16(msg, NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL, |
| 5807 | cur_params.dot11MeshHWMPperrMinInterval) || |
| 5808 | nla_put_u16(msg, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME, |
| 5809 | cur_params.dot11MeshHWMPnetDiameterTraversalTime) || |
| 5810 | nla_put_u8(msg, NL80211_MESHCONF_HWMP_ROOTMODE, |
| 5811 | cur_params.dot11MeshHWMPRootMode) || |
| 5812 | nla_put_u16(msg, NL80211_MESHCONF_HWMP_RANN_INTERVAL, |
| 5813 | cur_params.dot11MeshHWMPRannInterval) || |
| 5814 | nla_put_u8(msg, NL80211_MESHCONF_GATE_ANNOUNCEMENTS, |
| 5815 | cur_params.dot11MeshGateAnnouncementProtocol) || |
| 5816 | nla_put_u8(msg, NL80211_MESHCONF_FORWARDING, |
| 5817 | cur_params.dot11MeshForwarding) || |
| 5818 | nla_put_s32(msg, NL80211_MESHCONF_RSSI_THRESHOLD, |
| 5819 | cur_params.rssi_threshold) || |
| 5820 | nla_put_u32(msg, NL80211_MESHCONF_HT_OPMODE, |
| 5821 | cur_params.ht_opmode) || |
| 5822 | nla_put_u32(msg, NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT, |
| 5823 | cur_params.dot11MeshHWMPactivePathToRootTimeout) || |
| 5824 | nla_put_u16(msg, NL80211_MESHCONF_HWMP_ROOT_INTERVAL, |
| 5825 | cur_params.dot11MeshHWMProotInterval) || |
| 5826 | nla_put_u16(msg, NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL, |
| 5827 | cur_params.dot11MeshHWMPconfirmationInterval) || |
| 5828 | nla_put_u32(msg, NL80211_MESHCONF_POWER_MODE, |
| 5829 | cur_params.power_mode) || |
| 5830 | nla_put_u16(msg, NL80211_MESHCONF_AWAKE_WINDOW, |
| 5831 | cur_params.dot11MeshAwakeWindowDuration) || |
| 5832 | nla_put_u32(msg, NL80211_MESHCONF_PLINK_TIMEOUT, |
| 5833 | cur_params.plink_timeout)) |
| 5834 | goto nla_put_failure; |
| 5835 | nla_nest_end(msg, pinfoattr); |
| 5836 | genlmsg_end(msg, hdr); |
| 5837 | return genlmsg_reply(msg, info); |
| 5838 | |
| 5839 | nla_put_failure: |
| 5840 | genlmsg_cancel(msg, hdr); |
| 5841 | out: |
| 5842 | nlmsg_free(msg); |
| 5843 | return -ENOBUFS; |
| 5844 | } |
| 5845 | |
| 5846 | static const struct nla_policy nl80211_meshconf_params_policy[NL80211_MESHCONF_ATTR_MAX+1] = { |
| 5847 | [NL80211_MESHCONF_RETRY_TIMEOUT] = { .type = NLA_U16 }, |
| 5848 | [NL80211_MESHCONF_CONFIRM_TIMEOUT] = { .type = NLA_U16 }, |
| 5849 | [NL80211_MESHCONF_HOLDING_TIMEOUT] = { .type = NLA_U16 }, |
| 5850 | [NL80211_MESHCONF_MAX_PEER_LINKS] = { .type = NLA_U16 }, |
| 5851 | [NL80211_MESHCONF_MAX_RETRIES] = { .type = NLA_U8 }, |
| 5852 | [NL80211_MESHCONF_TTL] = { .type = NLA_U8 }, |
| 5853 | [NL80211_MESHCONF_ELEMENT_TTL] = { .type = NLA_U8 }, |
| 5854 | [NL80211_MESHCONF_AUTO_OPEN_PLINKS] = { .type = NLA_U8 }, |
| 5855 | [NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR] = { .type = NLA_U32 }, |
| 5856 | [NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES] = { .type = NLA_U8 }, |
| 5857 | [NL80211_MESHCONF_PATH_REFRESH_TIME] = { .type = NLA_U32 }, |
| 5858 | [NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT] = { .type = NLA_U16 }, |
| 5859 | [NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT] = { .type = NLA_U32 }, |
| 5860 | [NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL] = { .type = NLA_U16 }, |
| 5861 | [NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL] = { .type = NLA_U16 }, |
| 5862 | [NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME] = { .type = NLA_U16 }, |
| 5863 | [NL80211_MESHCONF_HWMP_ROOTMODE] = { .type = NLA_U8 }, |
| 5864 | [NL80211_MESHCONF_HWMP_RANN_INTERVAL] = { .type = NLA_U16 }, |
| 5865 | [NL80211_MESHCONF_GATE_ANNOUNCEMENTS] = { .type = NLA_U8 }, |
| 5866 | [NL80211_MESHCONF_FORWARDING] = { .type = NLA_U8 }, |
| 5867 | [NL80211_MESHCONF_RSSI_THRESHOLD] = { .type = NLA_U32 }, |
| 5868 | [NL80211_MESHCONF_HT_OPMODE] = { .type = NLA_U16 }, |
| 5869 | [NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT] = { .type = NLA_U32 }, |
| 5870 | [NL80211_MESHCONF_HWMP_ROOT_INTERVAL] = { .type = NLA_U16 }, |
| 5871 | [NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL] = { .type = NLA_U16 }, |
| 5872 | [NL80211_MESHCONF_POWER_MODE] = { .type = NLA_U32 }, |
| 5873 | [NL80211_MESHCONF_AWAKE_WINDOW] = { .type = NLA_U16 }, |
| 5874 | [NL80211_MESHCONF_PLINK_TIMEOUT] = { .type = NLA_U32 }, |
| 5875 | }; |
| 5876 | |
| 5877 | static const struct nla_policy |
| 5878 | nl80211_mesh_setup_params_policy[NL80211_MESH_SETUP_ATTR_MAX+1] = { |
| 5879 | [NL80211_MESH_SETUP_ENABLE_VENDOR_SYNC] = { .type = NLA_U8 }, |
| 5880 | [NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL] = { .type = NLA_U8 }, |
| 5881 | [NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC] = { .type = NLA_U8 }, |
| 5882 | [NL80211_MESH_SETUP_USERSPACE_AUTH] = { .type = NLA_FLAG }, |
| 5883 | [NL80211_MESH_SETUP_AUTH_PROTOCOL] = { .type = NLA_U8 }, |
| 5884 | [NL80211_MESH_SETUP_USERSPACE_MPM] = { .type = NLA_FLAG }, |
| 5885 | [NL80211_MESH_SETUP_IE] = { .type = NLA_BINARY, |
| 5886 | .len = IEEE80211_MAX_DATA_LEN }, |
| 5887 | [NL80211_MESH_SETUP_USERSPACE_AMPE] = { .type = NLA_FLAG }, |
| 5888 | }; |
| 5889 | |
| 5890 | static int nl80211_check_bool(const struct nlattr *nla, u8 min, u8 max, bool *out) |
| 5891 | { |
| 5892 | u8 val = nla_get_u8(nla); |
| 5893 | if (val < min || val > max) |
| 5894 | return -EINVAL; |
| 5895 | *out = val; |
| 5896 | return 0; |
| 5897 | } |
| 5898 | |
| 5899 | static int nl80211_check_u8(const struct nlattr *nla, u8 min, u8 max, u8 *out) |
| 5900 | { |
| 5901 | u8 val = nla_get_u8(nla); |
| 5902 | if (val < min || val > max) |
| 5903 | return -EINVAL; |
| 5904 | *out = val; |
| 5905 | return 0; |
| 5906 | } |
| 5907 | |
| 5908 | static int nl80211_check_u16(const struct nlattr *nla, u16 min, u16 max, u16 *out) |
| 5909 | { |
| 5910 | u16 val = nla_get_u16(nla); |
| 5911 | if (val < min || val > max) |
| 5912 | return -EINVAL; |
| 5913 | *out = val; |
| 5914 | return 0; |
| 5915 | } |
| 5916 | |
| 5917 | static int nl80211_check_u32(const struct nlattr *nla, u32 min, u32 max, u32 *out) |
| 5918 | { |
| 5919 | u32 val = nla_get_u32(nla); |
| 5920 | if (val < min || val > max) |
| 5921 | return -EINVAL; |
| 5922 | *out = val; |
| 5923 | return 0; |
| 5924 | } |
| 5925 | |
| 5926 | static int nl80211_check_s32(const struct nlattr *nla, s32 min, s32 max, s32 *out) |
| 5927 | { |
| 5928 | s32 val = nla_get_s32(nla); |
| 5929 | if (val < min || val > max) |
| 5930 | return -EINVAL; |
| 5931 | *out = val; |
| 5932 | return 0; |
| 5933 | } |
| 5934 | |
| 5935 | static int nl80211_check_power_mode(const struct nlattr *nla, |
| 5936 | enum nl80211_mesh_power_mode min, |
| 5937 | enum nl80211_mesh_power_mode max, |
| 5938 | enum nl80211_mesh_power_mode *out) |
| 5939 | { |
| 5940 | u32 val = nla_get_u32(nla); |
| 5941 | if (val < min || val > max) |
| 5942 | return -EINVAL; |
| 5943 | *out = val; |
| 5944 | return 0; |
| 5945 | } |
| 5946 | |
| 5947 | static int nl80211_parse_mesh_config(struct genl_info *info, |
| 5948 | struct mesh_config *cfg, |
| 5949 | u32 *mask_out) |
| 5950 | { |
| 5951 | struct nlattr *tb[NL80211_MESHCONF_ATTR_MAX + 1]; |
| 5952 | u32 mask = 0; |
| 5953 | u16 ht_opmode; |
| 5954 | |
| 5955 | #define FILL_IN_MESH_PARAM_IF_SET(tb, cfg, param, min, max, mask, attr, fn) \ |
| 5956 | do { \ |
| 5957 | if (tb[attr]) { \ |
| 5958 | if (fn(tb[attr], min, max, &cfg->param)) \ |
| 5959 | return -EINVAL; \ |
| 5960 | mask |= (1 << (attr - 1)); \ |
| 5961 | } \ |
| 5962 | } while (0) |
| 5963 | |
| 5964 | if (!info->attrs[NL80211_ATTR_MESH_CONFIG]) |
| 5965 | return -EINVAL; |
| 5966 | if (nla_parse_nested(tb, NL80211_MESHCONF_ATTR_MAX, |
| 5967 | info->attrs[NL80211_ATTR_MESH_CONFIG], |
| 5968 | nl80211_meshconf_params_policy, info->extack)) |
| 5969 | return -EINVAL; |
| 5970 | |
| 5971 | /* This makes sure that there aren't more than 32 mesh config |
| 5972 | * parameters (otherwise our bitfield scheme would not work.) */ |
| 5973 | BUILD_BUG_ON(NL80211_MESHCONF_ATTR_MAX > 32); |
| 5974 | |
| 5975 | /* Fill in the params struct */ |
| 5976 | FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshRetryTimeout, 1, 255, |
| 5977 | mask, NL80211_MESHCONF_RETRY_TIMEOUT, |
| 5978 | nl80211_check_u16); |
| 5979 | FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshConfirmTimeout, 1, 255, |
| 5980 | mask, NL80211_MESHCONF_CONFIRM_TIMEOUT, |
| 5981 | nl80211_check_u16); |
| 5982 | FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHoldingTimeout, 1, 255, |
| 5983 | mask, NL80211_MESHCONF_HOLDING_TIMEOUT, |
| 5984 | nl80211_check_u16); |
| 5985 | FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxPeerLinks, 0, 255, |
| 5986 | mask, NL80211_MESHCONF_MAX_PEER_LINKS, |
| 5987 | nl80211_check_u16); |
| 5988 | FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxRetries, 0, 16, |
| 5989 | mask, NL80211_MESHCONF_MAX_RETRIES, |
| 5990 | nl80211_check_u8); |
| 5991 | FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshTTL, 1, 255, |
| 5992 | mask, NL80211_MESHCONF_TTL, nl80211_check_u8); |
| 5993 | FILL_IN_MESH_PARAM_IF_SET(tb, cfg, element_ttl, 1, 255, |
| 5994 | mask, NL80211_MESHCONF_ELEMENT_TTL, |
| 5995 | nl80211_check_u8); |
| 5996 | FILL_IN_MESH_PARAM_IF_SET(tb, cfg, auto_open_plinks, 0, 1, |
| 5997 | mask, NL80211_MESHCONF_AUTO_OPEN_PLINKS, |
| 5998 | nl80211_check_bool); |
| 5999 | FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshNbrOffsetMaxNeighbor, |
| 6000 | 1, 255, mask, |
| 6001 | NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR, |
| 6002 | nl80211_check_u32); |
| 6003 | FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPmaxPREQretries, 0, 255, |
| 6004 | mask, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES, |
| 6005 | nl80211_check_u8); |
| 6006 | FILL_IN_MESH_PARAM_IF_SET(tb, cfg, path_refresh_time, 1, 65535, |
| 6007 | mask, NL80211_MESHCONF_PATH_REFRESH_TIME, |
| 6008 | nl80211_check_u32); |
| 6009 | FILL_IN_MESH_PARAM_IF_SET(tb, cfg, min_discovery_timeout, 1, 65535, |
| 6010 | mask, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT, |
| 6011 | nl80211_check_u16); |
| 6012 | FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPactivePathTimeout, |
| 6013 | 1, 65535, mask, |
| 6014 | NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT, |
| 6015 | nl80211_check_u32); |
| 6016 | FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPpreqMinInterval, |
| 6017 | 1, 65535, mask, |
| 6018 | NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL, |
| 6019 | nl80211_check_u16); |
| 6020 | FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPperrMinInterval, |
| 6021 | 1, 65535, mask, |
| 6022 | NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL, |
| 6023 | nl80211_check_u16); |
| 6024 | FILL_IN_MESH_PARAM_IF_SET(tb, cfg, |
| 6025 | dot11MeshHWMPnetDiameterTraversalTime, |
| 6026 | 1, 65535, mask, |
| 6027 | NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME, |
| 6028 | nl80211_check_u16); |
| 6029 | FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPRootMode, 0, 4, |
| 6030 | mask, NL80211_MESHCONF_HWMP_ROOTMODE, |
| 6031 | nl80211_check_u8); |
| 6032 | FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPRannInterval, 1, 65535, |
| 6033 | mask, NL80211_MESHCONF_HWMP_RANN_INTERVAL, |
| 6034 | nl80211_check_u16); |
| 6035 | FILL_IN_MESH_PARAM_IF_SET(tb, cfg, |
| 6036 | dot11MeshGateAnnouncementProtocol, 0, 1, |
| 6037 | mask, NL80211_MESHCONF_GATE_ANNOUNCEMENTS, |
| 6038 | nl80211_check_bool); |
| 6039 | FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshForwarding, 0, 1, |
| 6040 | mask, NL80211_MESHCONF_FORWARDING, |
| 6041 | nl80211_check_bool); |
| 6042 | FILL_IN_MESH_PARAM_IF_SET(tb, cfg, rssi_threshold, -255, 0, |
| 6043 | mask, NL80211_MESHCONF_RSSI_THRESHOLD, |
| 6044 | nl80211_check_s32); |
| 6045 | /* |
| 6046 | * Check HT operation mode based on |
| 6047 | * IEEE 802.11-2016 9.4.2.57 HT Operation element. |
| 6048 | */ |
| 6049 | if (tb[NL80211_MESHCONF_HT_OPMODE]) { |
| 6050 | ht_opmode = nla_get_u16(tb[NL80211_MESHCONF_HT_OPMODE]); |
| 6051 | |
| 6052 | if (ht_opmode & ~(IEEE80211_HT_OP_MODE_PROTECTION | |
| 6053 | IEEE80211_HT_OP_MODE_NON_GF_STA_PRSNT | |
| 6054 | IEEE80211_HT_OP_MODE_NON_HT_STA_PRSNT)) |
| 6055 | return -EINVAL; |
| 6056 | |
| 6057 | /* NON_HT_STA bit is reserved, but some programs set it */ |
| 6058 | ht_opmode &= ~IEEE80211_HT_OP_MODE_NON_HT_STA_PRSNT; |
| 6059 | |
| 6060 | cfg->ht_opmode = ht_opmode; |
| 6061 | mask |= (1 << (NL80211_MESHCONF_HT_OPMODE - 1)); |
| 6062 | } |
| 6063 | FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPactivePathToRootTimeout, |
| 6064 | 1, 65535, mask, |
| 6065 | NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT, |
| 6066 | nl80211_check_u32); |
| 6067 | FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMProotInterval, 1, 65535, |
| 6068 | mask, NL80211_MESHCONF_HWMP_ROOT_INTERVAL, |
| 6069 | nl80211_check_u16); |
| 6070 | FILL_IN_MESH_PARAM_IF_SET(tb, cfg, |
| 6071 | dot11MeshHWMPconfirmationInterval, |
| 6072 | 1, 65535, mask, |
| 6073 | NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL, |
| 6074 | nl80211_check_u16); |
| 6075 | FILL_IN_MESH_PARAM_IF_SET(tb, cfg, power_mode, |
| 6076 | NL80211_MESH_POWER_ACTIVE, |
| 6077 | NL80211_MESH_POWER_MAX, |
| 6078 | mask, NL80211_MESHCONF_POWER_MODE, |
| 6079 | nl80211_check_power_mode); |
| 6080 | FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshAwakeWindowDuration, |
| 6081 | 0, 65535, mask, |
| 6082 | NL80211_MESHCONF_AWAKE_WINDOW, nl80211_check_u16); |
| 6083 | FILL_IN_MESH_PARAM_IF_SET(tb, cfg, plink_timeout, 0, 0xffffffff, |
| 6084 | mask, NL80211_MESHCONF_PLINK_TIMEOUT, |
| 6085 | nl80211_check_u32); |
| 6086 | if (mask_out) |
| 6087 | *mask_out = mask; |
| 6088 | |
| 6089 | return 0; |
| 6090 | |
| 6091 | #undef FILL_IN_MESH_PARAM_IF_SET |
| 6092 | } |
| 6093 | |
| 6094 | static int nl80211_parse_mesh_setup(struct genl_info *info, |
| 6095 | struct mesh_setup *setup) |
| 6096 | { |
| 6097 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 6098 | struct nlattr *tb[NL80211_MESH_SETUP_ATTR_MAX + 1]; |
| 6099 | |
| 6100 | if (!info->attrs[NL80211_ATTR_MESH_SETUP]) |
| 6101 | return -EINVAL; |
| 6102 | if (nla_parse_nested(tb, NL80211_MESH_SETUP_ATTR_MAX, |
| 6103 | info->attrs[NL80211_ATTR_MESH_SETUP], |
| 6104 | nl80211_mesh_setup_params_policy, info->extack)) |
| 6105 | return -EINVAL; |
| 6106 | |
| 6107 | if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_SYNC]) |
| 6108 | setup->sync_method = |
| 6109 | (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_SYNC])) ? |
| 6110 | IEEE80211_SYNC_METHOD_VENDOR : |
| 6111 | IEEE80211_SYNC_METHOD_NEIGHBOR_OFFSET; |
| 6112 | |
| 6113 | if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL]) |
| 6114 | setup->path_sel_proto = |
| 6115 | (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL])) ? |
| 6116 | IEEE80211_PATH_PROTOCOL_VENDOR : |
| 6117 | IEEE80211_PATH_PROTOCOL_HWMP; |
| 6118 | |
| 6119 | if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC]) |
| 6120 | setup->path_metric = |
| 6121 | (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC])) ? |
| 6122 | IEEE80211_PATH_METRIC_VENDOR : |
| 6123 | IEEE80211_PATH_METRIC_AIRTIME; |
| 6124 | |
| 6125 | if (tb[NL80211_MESH_SETUP_IE]) { |
| 6126 | struct nlattr *ieattr = |
| 6127 | tb[NL80211_MESH_SETUP_IE]; |
| 6128 | if (!is_valid_ie_attr(ieattr)) |
| 6129 | return -EINVAL; |
| 6130 | setup->ie = nla_data(ieattr); |
| 6131 | setup->ie_len = nla_len(ieattr); |
| 6132 | } |
| 6133 | if (tb[NL80211_MESH_SETUP_USERSPACE_MPM] && |
| 6134 | !(rdev->wiphy.features & NL80211_FEATURE_USERSPACE_MPM)) |
| 6135 | return -EINVAL; |
| 6136 | setup->user_mpm = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_MPM]); |
| 6137 | setup->is_authenticated = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_AUTH]); |
| 6138 | setup->is_secure = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_AMPE]); |
| 6139 | if (setup->is_secure) |
| 6140 | setup->user_mpm = true; |
| 6141 | |
| 6142 | if (tb[NL80211_MESH_SETUP_AUTH_PROTOCOL]) { |
| 6143 | if (!setup->user_mpm) |
| 6144 | return -EINVAL; |
| 6145 | setup->auth_id = |
| 6146 | nla_get_u8(tb[NL80211_MESH_SETUP_AUTH_PROTOCOL]); |
| 6147 | } |
| 6148 | |
| 6149 | return 0; |
| 6150 | } |
| 6151 | |
| 6152 | static int nl80211_update_mesh_config(struct sk_buff *skb, |
| 6153 | struct genl_info *info) |
| 6154 | { |
| 6155 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 6156 | struct net_device *dev = info->user_ptr[1]; |
| 6157 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 6158 | struct mesh_config cfg; |
| 6159 | u32 mask; |
| 6160 | int err; |
| 6161 | |
| 6162 | if (wdev->iftype != NL80211_IFTYPE_MESH_POINT) |
| 6163 | return -EOPNOTSUPP; |
| 6164 | |
| 6165 | if (!rdev->ops->update_mesh_config) |
| 6166 | return -EOPNOTSUPP; |
| 6167 | |
| 6168 | err = nl80211_parse_mesh_config(info, &cfg, &mask); |
| 6169 | if (err) |
| 6170 | return err; |
| 6171 | |
| 6172 | wdev_lock(wdev); |
| 6173 | if (!wdev->mesh_id_len) |
| 6174 | err = -ENOLINK; |
| 6175 | |
| 6176 | if (!err) |
| 6177 | err = rdev_update_mesh_config(rdev, dev, mask, &cfg); |
| 6178 | |
| 6179 | wdev_unlock(wdev); |
| 6180 | |
| 6181 | return err; |
| 6182 | } |
| 6183 | |
| 6184 | static int nl80211_put_regdom(const struct ieee80211_regdomain *regdom, |
| 6185 | struct sk_buff *msg) |
| 6186 | { |
| 6187 | struct nlattr *nl_reg_rules; |
| 6188 | unsigned int i; |
| 6189 | |
| 6190 | if (nla_put_string(msg, NL80211_ATTR_REG_ALPHA2, regdom->alpha2) || |
| 6191 | (regdom->dfs_region && |
| 6192 | nla_put_u8(msg, NL80211_ATTR_DFS_REGION, regdom->dfs_region))) |
| 6193 | goto nla_put_failure; |
| 6194 | |
| 6195 | nl_reg_rules = nla_nest_start(msg, NL80211_ATTR_REG_RULES); |
| 6196 | if (!nl_reg_rules) |
| 6197 | goto nla_put_failure; |
| 6198 | |
| 6199 | for (i = 0; i < regdom->n_reg_rules; i++) { |
| 6200 | struct nlattr *nl_reg_rule; |
| 6201 | const struct ieee80211_reg_rule *reg_rule; |
| 6202 | const struct ieee80211_freq_range *freq_range; |
| 6203 | const struct ieee80211_power_rule *power_rule; |
| 6204 | unsigned int max_bandwidth_khz; |
| 6205 | |
| 6206 | reg_rule = ®dom->reg_rules[i]; |
| 6207 | freq_range = ®_rule->freq_range; |
| 6208 | power_rule = ®_rule->power_rule; |
| 6209 | |
| 6210 | nl_reg_rule = nla_nest_start(msg, i); |
| 6211 | if (!nl_reg_rule) |
| 6212 | goto nla_put_failure; |
| 6213 | |
| 6214 | max_bandwidth_khz = freq_range->max_bandwidth_khz; |
| 6215 | if (!max_bandwidth_khz) |
| 6216 | max_bandwidth_khz = reg_get_max_bandwidth(regdom, |
| 6217 | reg_rule); |
| 6218 | |
| 6219 | if (nla_put_u32(msg, NL80211_ATTR_REG_RULE_FLAGS, |
| 6220 | reg_rule->flags) || |
| 6221 | nla_put_u32(msg, NL80211_ATTR_FREQ_RANGE_START, |
| 6222 | freq_range->start_freq_khz) || |
| 6223 | nla_put_u32(msg, NL80211_ATTR_FREQ_RANGE_END, |
| 6224 | freq_range->end_freq_khz) || |
| 6225 | nla_put_u32(msg, NL80211_ATTR_FREQ_RANGE_MAX_BW, |
| 6226 | max_bandwidth_khz) || |
| 6227 | nla_put_u32(msg, NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN, |
| 6228 | power_rule->max_antenna_gain) || |
| 6229 | nla_put_u32(msg, NL80211_ATTR_POWER_RULE_MAX_EIRP, |
| 6230 | power_rule->max_eirp) || |
| 6231 | nla_put_u32(msg, NL80211_ATTR_DFS_CAC_TIME, |
| 6232 | reg_rule->dfs_cac_ms)) |
| 6233 | goto nla_put_failure; |
| 6234 | |
| 6235 | nla_nest_end(msg, nl_reg_rule); |
| 6236 | } |
| 6237 | |
| 6238 | nla_nest_end(msg, nl_reg_rules); |
| 6239 | return 0; |
| 6240 | |
| 6241 | nla_put_failure: |
| 6242 | return -EMSGSIZE; |
| 6243 | } |
| 6244 | |
| 6245 | static int nl80211_get_reg_do(struct sk_buff *skb, struct genl_info *info) |
| 6246 | { |
| 6247 | const struct ieee80211_regdomain *regdom = NULL; |
| 6248 | struct cfg80211_registered_device *rdev; |
| 6249 | struct wiphy *wiphy = NULL; |
| 6250 | struct sk_buff *msg; |
| 6251 | void *hdr; |
| 6252 | |
| 6253 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); |
| 6254 | if (!msg) |
| 6255 | return -ENOBUFS; |
| 6256 | |
| 6257 | hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0, |
| 6258 | NL80211_CMD_GET_REG); |
| 6259 | if (!hdr) |
| 6260 | goto put_failure; |
| 6261 | |
| 6262 | if (info->attrs[NL80211_ATTR_WIPHY]) { |
| 6263 | bool self_managed; |
| 6264 | |
| 6265 | rdev = cfg80211_get_dev_from_info(genl_info_net(info), info); |
| 6266 | if (IS_ERR(rdev)) { |
| 6267 | nlmsg_free(msg); |
| 6268 | return PTR_ERR(rdev); |
| 6269 | } |
| 6270 | |
| 6271 | wiphy = &rdev->wiphy; |
| 6272 | self_managed = wiphy->regulatory_flags & |
| 6273 | REGULATORY_WIPHY_SELF_MANAGED; |
| 6274 | regdom = get_wiphy_regdom(wiphy); |
| 6275 | |
| 6276 | /* a self-managed-reg device must have a private regdom */ |
| 6277 | if (WARN_ON(!regdom && self_managed)) { |
| 6278 | nlmsg_free(msg); |
| 6279 | return -EINVAL; |
| 6280 | } |
| 6281 | |
| 6282 | if (regdom && |
| 6283 | nla_put_u32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy))) |
| 6284 | goto nla_put_failure; |
| 6285 | } |
| 6286 | |
| 6287 | if (!wiphy && reg_last_request_cell_base() && |
| 6288 | nla_put_u32(msg, NL80211_ATTR_USER_REG_HINT_TYPE, |
| 6289 | NL80211_USER_REG_HINT_CELL_BASE)) |
| 6290 | goto nla_put_failure; |
| 6291 | |
| 6292 | rcu_read_lock(); |
| 6293 | |
| 6294 | if (!regdom) |
| 6295 | regdom = rcu_dereference(cfg80211_regdomain); |
| 6296 | |
| 6297 | if (nl80211_put_regdom(regdom, msg)) |
| 6298 | goto nla_put_failure_rcu; |
| 6299 | |
| 6300 | rcu_read_unlock(); |
| 6301 | |
| 6302 | genlmsg_end(msg, hdr); |
| 6303 | return genlmsg_reply(msg, info); |
| 6304 | |
| 6305 | nla_put_failure_rcu: |
| 6306 | rcu_read_unlock(); |
| 6307 | nla_put_failure: |
| 6308 | genlmsg_cancel(msg, hdr); |
| 6309 | put_failure: |
| 6310 | nlmsg_free(msg); |
| 6311 | return -EMSGSIZE; |
| 6312 | } |
| 6313 | |
| 6314 | static int nl80211_send_regdom(struct sk_buff *msg, struct netlink_callback *cb, |
| 6315 | u32 seq, int flags, struct wiphy *wiphy, |
| 6316 | const struct ieee80211_regdomain *regdom) |
| 6317 | { |
| 6318 | void *hdr = nl80211hdr_put(msg, NETLINK_CB(cb->skb).portid, seq, flags, |
| 6319 | NL80211_CMD_GET_REG); |
| 6320 | |
| 6321 | if (!hdr) |
| 6322 | return -1; |
| 6323 | |
| 6324 | genl_dump_check_consistent(cb, hdr, &nl80211_fam); |
| 6325 | |
| 6326 | if (nl80211_put_regdom(regdom, msg)) |
| 6327 | goto nla_put_failure; |
| 6328 | |
| 6329 | if (!wiphy && reg_last_request_cell_base() && |
| 6330 | nla_put_u32(msg, NL80211_ATTR_USER_REG_HINT_TYPE, |
| 6331 | NL80211_USER_REG_HINT_CELL_BASE)) |
| 6332 | goto nla_put_failure; |
| 6333 | |
| 6334 | if (wiphy && |
| 6335 | nla_put_u32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy))) |
| 6336 | goto nla_put_failure; |
| 6337 | |
| 6338 | if (wiphy && wiphy->regulatory_flags & REGULATORY_WIPHY_SELF_MANAGED && |
| 6339 | nla_put_flag(msg, NL80211_ATTR_WIPHY_SELF_MANAGED_REG)) |
| 6340 | goto nla_put_failure; |
| 6341 | |
| 6342 | genlmsg_end(msg, hdr); |
| 6343 | return 0; |
| 6344 | |
| 6345 | nla_put_failure: |
| 6346 | genlmsg_cancel(msg, hdr); |
| 6347 | return -EMSGSIZE; |
| 6348 | } |
| 6349 | |
| 6350 | static int nl80211_get_reg_dump(struct sk_buff *skb, |
| 6351 | struct netlink_callback *cb) |
| 6352 | { |
| 6353 | const struct ieee80211_regdomain *regdom = NULL; |
| 6354 | struct cfg80211_registered_device *rdev; |
| 6355 | int err, reg_idx, start = cb->args[2]; |
| 6356 | |
| 6357 | rtnl_lock(); |
| 6358 | |
| 6359 | if (cfg80211_regdomain && start == 0) { |
| 6360 | err = nl80211_send_regdom(skb, cb, cb->nlh->nlmsg_seq, |
| 6361 | NLM_F_MULTI, NULL, |
| 6362 | rtnl_dereference(cfg80211_regdomain)); |
| 6363 | if (err < 0) |
| 6364 | goto out_err; |
| 6365 | } |
| 6366 | |
| 6367 | /* the global regdom is idx 0 */ |
| 6368 | reg_idx = 1; |
| 6369 | list_for_each_entry(rdev, &cfg80211_rdev_list, list) { |
| 6370 | regdom = get_wiphy_regdom(&rdev->wiphy); |
| 6371 | if (!regdom) |
| 6372 | continue; |
| 6373 | |
| 6374 | if (++reg_idx <= start) |
| 6375 | continue; |
| 6376 | |
| 6377 | err = nl80211_send_regdom(skb, cb, cb->nlh->nlmsg_seq, |
| 6378 | NLM_F_MULTI, &rdev->wiphy, regdom); |
| 6379 | if (err < 0) { |
| 6380 | reg_idx--; |
| 6381 | break; |
| 6382 | } |
| 6383 | } |
| 6384 | |
| 6385 | cb->args[2] = reg_idx; |
| 6386 | err = skb->len; |
| 6387 | out_err: |
| 6388 | rtnl_unlock(); |
| 6389 | return err; |
| 6390 | } |
| 6391 | |
| 6392 | #ifdef CONFIG_CFG80211_CRDA_SUPPORT |
| 6393 | static const struct nla_policy reg_rule_policy[NL80211_REG_RULE_ATTR_MAX + 1] = { |
| 6394 | [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 }, |
| 6395 | [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 }, |
| 6396 | [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 }, |
| 6397 | [NL80211_ATTR_FREQ_RANGE_MAX_BW] = { .type = NLA_U32 }, |
| 6398 | [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 }, |
| 6399 | [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 }, |
| 6400 | [NL80211_ATTR_DFS_CAC_TIME] = { .type = NLA_U32 }, |
| 6401 | }; |
| 6402 | |
| 6403 | static int parse_reg_rule(struct nlattr *tb[], |
| 6404 | struct ieee80211_reg_rule *reg_rule) |
| 6405 | { |
| 6406 | struct ieee80211_freq_range *freq_range = ®_rule->freq_range; |
| 6407 | struct ieee80211_power_rule *power_rule = ®_rule->power_rule; |
| 6408 | |
| 6409 | if (!tb[NL80211_ATTR_REG_RULE_FLAGS]) |
| 6410 | return -EINVAL; |
| 6411 | if (!tb[NL80211_ATTR_FREQ_RANGE_START]) |
| 6412 | return -EINVAL; |
| 6413 | if (!tb[NL80211_ATTR_FREQ_RANGE_END]) |
| 6414 | return -EINVAL; |
| 6415 | if (!tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]) |
| 6416 | return -EINVAL; |
| 6417 | if (!tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]) |
| 6418 | return -EINVAL; |
| 6419 | |
| 6420 | reg_rule->flags = nla_get_u32(tb[NL80211_ATTR_REG_RULE_FLAGS]); |
| 6421 | |
| 6422 | freq_range->start_freq_khz = |
| 6423 | nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]); |
| 6424 | freq_range->end_freq_khz = |
| 6425 | nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]); |
| 6426 | freq_range->max_bandwidth_khz = |
| 6427 | nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]); |
| 6428 | |
| 6429 | power_rule->max_eirp = |
| 6430 | nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]); |
| 6431 | |
| 6432 | if (tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]) |
| 6433 | power_rule->max_antenna_gain = |
| 6434 | nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]); |
| 6435 | |
| 6436 | if (tb[NL80211_ATTR_DFS_CAC_TIME]) |
| 6437 | reg_rule->dfs_cac_ms = |
| 6438 | nla_get_u32(tb[NL80211_ATTR_DFS_CAC_TIME]); |
| 6439 | |
| 6440 | return 0; |
| 6441 | } |
| 6442 | |
| 6443 | static int nl80211_set_reg(struct sk_buff *skb, struct genl_info *info) |
| 6444 | { |
| 6445 | struct nlattr *tb[NL80211_REG_RULE_ATTR_MAX + 1]; |
| 6446 | struct nlattr *nl_reg_rule; |
| 6447 | char *alpha2; |
| 6448 | int rem_reg_rules, r; |
| 6449 | u32 num_rules = 0, rule_idx = 0, size_of_regd; |
| 6450 | enum nl80211_dfs_regions dfs_region = NL80211_DFS_UNSET; |
| 6451 | struct ieee80211_regdomain *rd; |
| 6452 | |
| 6453 | if (!info->attrs[NL80211_ATTR_REG_ALPHA2]) |
| 6454 | return -EINVAL; |
| 6455 | |
| 6456 | if (!info->attrs[NL80211_ATTR_REG_RULES]) |
| 6457 | return -EINVAL; |
| 6458 | |
| 6459 | alpha2 = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]); |
| 6460 | |
| 6461 | if (info->attrs[NL80211_ATTR_DFS_REGION]) |
| 6462 | dfs_region = nla_get_u8(info->attrs[NL80211_ATTR_DFS_REGION]); |
| 6463 | |
| 6464 | nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES], |
| 6465 | rem_reg_rules) { |
| 6466 | num_rules++; |
| 6467 | if (num_rules > NL80211_MAX_SUPP_REG_RULES) |
| 6468 | return -EINVAL; |
| 6469 | } |
| 6470 | |
| 6471 | if (!reg_is_valid_request(alpha2)) |
| 6472 | return -EINVAL; |
| 6473 | |
| 6474 | size_of_regd = sizeof(struct ieee80211_regdomain) + |
| 6475 | num_rules * sizeof(struct ieee80211_reg_rule); |
| 6476 | |
| 6477 | rd = kzalloc(size_of_regd, GFP_KERNEL); |
| 6478 | if (!rd) |
| 6479 | return -ENOMEM; |
| 6480 | |
| 6481 | rd->n_reg_rules = num_rules; |
| 6482 | rd->alpha2[0] = alpha2[0]; |
| 6483 | rd->alpha2[1] = alpha2[1]; |
| 6484 | |
| 6485 | /* |
| 6486 | * Disable DFS master mode if the DFS region was |
| 6487 | * not supported or known on this kernel. |
| 6488 | */ |
| 6489 | if (reg_supported_dfs_region(dfs_region)) |
| 6490 | rd->dfs_region = dfs_region; |
| 6491 | |
| 6492 | nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES], |
| 6493 | rem_reg_rules) { |
| 6494 | r = nla_parse_nested(tb, NL80211_REG_RULE_ATTR_MAX, |
| 6495 | nl_reg_rule, reg_rule_policy, |
| 6496 | info->extack); |
| 6497 | if (r) |
| 6498 | goto bad_reg; |
| 6499 | r = parse_reg_rule(tb, &rd->reg_rules[rule_idx]); |
| 6500 | if (r) |
| 6501 | goto bad_reg; |
| 6502 | |
| 6503 | rule_idx++; |
| 6504 | |
| 6505 | if (rule_idx > NL80211_MAX_SUPP_REG_RULES) { |
| 6506 | r = -EINVAL; |
| 6507 | goto bad_reg; |
| 6508 | } |
| 6509 | } |
| 6510 | |
| 6511 | /* set_regdom takes ownership of rd */ |
| 6512 | return set_regdom(rd, REGD_SOURCE_CRDA); |
| 6513 | bad_reg: |
| 6514 | kfree(rd); |
| 6515 | return r; |
| 6516 | } |
| 6517 | #endif /* CONFIG_CFG80211_CRDA_SUPPORT */ |
| 6518 | |
| 6519 | static int validate_scan_freqs(struct nlattr *freqs) |
| 6520 | { |
| 6521 | struct nlattr *attr1, *attr2; |
| 6522 | int n_channels = 0, tmp1, tmp2; |
| 6523 | |
| 6524 | nla_for_each_nested(attr1, freqs, tmp1) |
| 6525 | if (nla_len(attr1) != sizeof(u32)) |
| 6526 | return 0; |
| 6527 | |
| 6528 | nla_for_each_nested(attr1, freqs, tmp1) { |
| 6529 | n_channels++; |
| 6530 | /* |
| 6531 | * Some hardware has a limited channel list for |
| 6532 | * scanning, and it is pretty much nonsensical |
| 6533 | * to scan for a channel twice, so disallow that |
| 6534 | * and don't require drivers to check that the |
| 6535 | * channel list they get isn't longer than what |
| 6536 | * they can scan, as long as they can scan all |
| 6537 | * the channels they registered at once. |
| 6538 | */ |
| 6539 | nla_for_each_nested(attr2, freqs, tmp2) |
| 6540 | if (attr1 != attr2 && |
| 6541 | nla_get_u32(attr1) == nla_get_u32(attr2)) |
| 6542 | return 0; |
| 6543 | } |
| 6544 | |
| 6545 | return n_channels; |
| 6546 | } |
| 6547 | |
| 6548 | static bool is_band_valid(struct wiphy *wiphy, enum nl80211_band b) |
| 6549 | { |
| 6550 | return b < NUM_NL80211_BANDS && wiphy->bands[b]; |
| 6551 | } |
| 6552 | |
| 6553 | static int parse_bss_select(struct nlattr *nla, struct wiphy *wiphy, |
| 6554 | struct cfg80211_bss_selection *bss_select) |
| 6555 | { |
| 6556 | struct nlattr *attr[NL80211_BSS_SELECT_ATTR_MAX + 1]; |
| 6557 | struct nlattr *nest; |
| 6558 | int err; |
| 6559 | bool found = false; |
| 6560 | int i; |
| 6561 | |
| 6562 | /* only process one nested attribute */ |
| 6563 | nest = nla_data(nla); |
| 6564 | if (!nla_ok(nest, nla_len(nest))) |
| 6565 | return -EINVAL; |
| 6566 | |
| 6567 | err = nla_parse_nested(attr, NL80211_BSS_SELECT_ATTR_MAX, nest, |
| 6568 | nl80211_bss_select_policy, NULL); |
| 6569 | if (err) |
| 6570 | return err; |
| 6571 | |
| 6572 | /* only one attribute may be given */ |
| 6573 | for (i = 0; i <= NL80211_BSS_SELECT_ATTR_MAX; i++) { |
| 6574 | if (attr[i]) { |
| 6575 | if (found) |
| 6576 | return -EINVAL; |
| 6577 | found = true; |
| 6578 | } |
| 6579 | } |
| 6580 | |
| 6581 | bss_select->behaviour = __NL80211_BSS_SELECT_ATTR_INVALID; |
| 6582 | |
| 6583 | if (attr[NL80211_BSS_SELECT_ATTR_RSSI]) |
| 6584 | bss_select->behaviour = NL80211_BSS_SELECT_ATTR_RSSI; |
| 6585 | |
| 6586 | if (attr[NL80211_BSS_SELECT_ATTR_BAND_PREF]) { |
| 6587 | bss_select->behaviour = NL80211_BSS_SELECT_ATTR_BAND_PREF; |
| 6588 | bss_select->param.band_pref = |
| 6589 | nla_get_u32(attr[NL80211_BSS_SELECT_ATTR_BAND_PREF]); |
| 6590 | if (!is_band_valid(wiphy, bss_select->param.band_pref)) |
| 6591 | return -EINVAL; |
| 6592 | } |
| 6593 | |
| 6594 | if (attr[NL80211_BSS_SELECT_ATTR_RSSI_ADJUST]) { |
| 6595 | struct nl80211_bss_select_rssi_adjust *adj_param; |
| 6596 | |
| 6597 | adj_param = nla_data(attr[NL80211_BSS_SELECT_ATTR_RSSI_ADJUST]); |
| 6598 | bss_select->behaviour = NL80211_BSS_SELECT_ATTR_RSSI_ADJUST; |
| 6599 | bss_select->param.adjust.band = adj_param->band; |
| 6600 | bss_select->param.adjust.delta = adj_param->delta; |
| 6601 | if (!is_band_valid(wiphy, bss_select->param.adjust.band)) |
| 6602 | return -EINVAL; |
| 6603 | } |
| 6604 | |
| 6605 | /* user-space did not provide behaviour attribute */ |
| 6606 | if (bss_select->behaviour == __NL80211_BSS_SELECT_ATTR_INVALID) |
| 6607 | return -EINVAL; |
| 6608 | |
| 6609 | if (!(wiphy->bss_select_support & BIT(bss_select->behaviour))) |
| 6610 | return -EINVAL; |
| 6611 | |
| 6612 | return 0; |
| 6613 | } |
| 6614 | |
| 6615 | static int nl80211_parse_random_mac(struct nlattr **attrs, |
| 6616 | u8 *mac_addr, u8 *mac_addr_mask) |
| 6617 | { |
| 6618 | int i; |
| 6619 | |
| 6620 | if (!attrs[NL80211_ATTR_MAC] && !attrs[NL80211_ATTR_MAC_MASK]) { |
| 6621 | eth_zero_addr(mac_addr); |
| 6622 | eth_zero_addr(mac_addr_mask); |
| 6623 | mac_addr[0] = 0x2; |
| 6624 | mac_addr_mask[0] = 0x3; |
| 6625 | |
| 6626 | return 0; |
| 6627 | } |
| 6628 | |
| 6629 | /* need both or none */ |
| 6630 | if (!attrs[NL80211_ATTR_MAC] || !attrs[NL80211_ATTR_MAC_MASK]) |
| 6631 | return -EINVAL; |
| 6632 | |
| 6633 | memcpy(mac_addr, nla_data(attrs[NL80211_ATTR_MAC]), ETH_ALEN); |
| 6634 | memcpy(mac_addr_mask, nla_data(attrs[NL80211_ATTR_MAC_MASK]), ETH_ALEN); |
| 6635 | |
| 6636 | /* don't allow or configure an mcast address */ |
| 6637 | if (!is_multicast_ether_addr(mac_addr_mask) || |
| 6638 | is_multicast_ether_addr(mac_addr)) |
| 6639 | return -EINVAL; |
| 6640 | |
| 6641 | /* |
| 6642 | * allow users to pass a MAC address that has bits set outside |
| 6643 | * of the mask, but don't bother drivers with having to deal |
| 6644 | * with such bits |
| 6645 | */ |
| 6646 | for (i = 0; i < ETH_ALEN; i++) |
| 6647 | mac_addr[i] &= mac_addr_mask[i]; |
| 6648 | |
| 6649 | return 0; |
| 6650 | } |
| 6651 | |
| 6652 | static bool cfg80211_off_channel_oper_allowed(struct wireless_dev *wdev) |
| 6653 | { |
| 6654 | ASSERT_WDEV_LOCK(wdev); |
| 6655 | |
| 6656 | if (!cfg80211_beaconing_iface_active(wdev)) |
| 6657 | return true; |
| 6658 | |
| 6659 | if (!(wdev->chandef.chan->flags & IEEE80211_CHAN_RADAR)) |
| 6660 | return true; |
| 6661 | |
| 6662 | return regulatory_pre_cac_allowed(wdev->wiphy); |
| 6663 | } |
| 6664 | |
| 6665 | static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info) |
| 6666 | { |
| 6667 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 6668 | struct wireless_dev *wdev = info->user_ptr[1]; |
| 6669 | struct cfg80211_scan_request *request; |
| 6670 | struct nlattr *attr; |
| 6671 | struct wiphy *wiphy; |
| 6672 | int err, tmp, n_ssids = 0, n_channels, i; |
| 6673 | size_t ie_len; |
| 6674 | |
| 6675 | if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) |
| 6676 | return -EINVAL; |
| 6677 | |
| 6678 | wiphy = &rdev->wiphy; |
| 6679 | |
| 6680 | if (wdev->iftype == NL80211_IFTYPE_NAN) |
| 6681 | return -EOPNOTSUPP; |
| 6682 | |
| 6683 | if (!rdev->ops->scan) |
| 6684 | return -EOPNOTSUPP; |
| 6685 | |
| 6686 | if (rdev->scan_req || rdev->scan_msg) { |
| 6687 | err = -EBUSY; |
| 6688 | goto unlock; |
| 6689 | } |
| 6690 | |
| 6691 | if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { |
| 6692 | n_channels = validate_scan_freqs( |
| 6693 | info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]); |
| 6694 | if (!n_channels) { |
| 6695 | err = -EINVAL; |
| 6696 | goto unlock; |
| 6697 | } |
| 6698 | } else { |
| 6699 | n_channels = ieee80211_get_num_supported_channels(wiphy); |
| 6700 | } |
| 6701 | |
| 6702 | if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) |
| 6703 | nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) |
| 6704 | n_ssids++; |
| 6705 | |
| 6706 | if (n_ssids > wiphy->max_scan_ssids) { |
| 6707 | err = -EINVAL; |
| 6708 | goto unlock; |
| 6709 | } |
| 6710 | |
| 6711 | if (info->attrs[NL80211_ATTR_IE]) |
| 6712 | ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); |
| 6713 | else |
| 6714 | ie_len = 0; |
| 6715 | |
| 6716 | if (ie_len > wiphy->max_scan_ie_len) { |
| 6717 | err = -EINVAL; |
| 6718 | goto unlock; |
| 6719 | } |
| 6720 | |
| 6721 | request = kzalloc(sizeof(*request) |
| 6722 | + sizeof(*request->ssids) * n_ssids |
| 6723 | + sizeof(*request->channels) * n_channels |
| 6724 | + ie_len, GFP_KERNEL); |
| 6725 | if (!request) { |
| 6726 | err = -ENOMEM; |
| 6727 | goto unlock; |
| 6728 | } |
| 6729 | |
| 6730 | if (n_ssids) |
| 6731 | request->ssids = (void *)&request->channels[n_channels]; |
| 6732 | request->n_ssids = n_ssids; |
| 6733 | if (ie_len) { |
| 6734 | if (n_ssids) |
| 6735 | request->ie = (void *)(request->ssids + n_ssids); |
| 6736 | else |
| 6737 | request->ie = (void *)(request->channels + n_channels); |
| 6738 | } |
| 6739 | |
| 6740 | i = 0; |
| 6741 | if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { |
| 6742 | /* user specified, bail out if channel not found */ |
| 6743 | nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_FREQUENCIES], tmp) { |
| 6744 | struct ieee80211_channel *chan; |
| 6745 | |
| 6746 | chan = ieee80211_get_channel(wiphy, nla_get_u32(attr)); |
| 6747 | |
| 6748 | if (!chan) { |
| 6749 | err = -EINVAL; |
| 6750 | goto out_free; |
| 6751 | } |
| 6752 | |
| 6753 | /* ignore disabled channels */ |
| 6754 | if (chan->flags & IEEE80211_CHAN_DISABLED) |
| 6755 | continue; |
| 6756 | |
| 6757 | request->channels[i] = chan; |
| 6758 | i++; |
| 6759 | } |
| 6760 | } else { |
| 6761 | enum nl80211_band band; |
| 6762 | |
| 6763 | /* all channels */ |
| 6764 | for (band = 0; band < NUM_NL80211_BANDS; band++) { |
| 6765 | int j; |
| 6766 | |
| 6767 | if (!wiphy->bands[band]) |
| 6768 | continue; |
| 6769 | for (j = 0; j < wiphy->bands[band]->n_channels; j++) { |
| 6770 | struct ieee80211_channel *chan; |
| 6771 | |
| 6772 | chan = &wiphy->bands[band]->channels[j]; |
| 6773 | |
| 6774 | if (chan->flags & IEEE80211_CHAN_DISABLED) |
| 6775 | continue; |
| 6776 | |
| 6777 | request->channels[i] = chan; |
| 6778 | i++; |
| 6779 | } |
| 6780 | } |
| 6781 | } |
| 6782 | |
| 6783 | if (!i) { |
| 6784 | err = -EINVAL; |
| 6785 | goto out_free; |
| 6786 | } |
| 6787 | |
| 6788 | request->n_channels = i; |
| 6789 | |
| 6790 | wdev_lock(wdev); |
| 6791 | if (!cfg80211_off_channel_oper_allowed(wdev)) { |
| 6792 | struct ieee80211_channel *chan; |
| 6793 | |
| 6794 | if (request->n_channels != 1) { |
| 6795 | wdev_unlock(wdev); |
| 6796 | err = -EBUSY; |
| 6797 | goto out_free; |
| 6798 | } |
| 6799 | |
| 6800 | chan = request->channels[0]; |
| 6801 | if (chan->center_freq != wdev->chandef.chan->center_freq) { |
| 6802 | wdev_unlock(wdev); |
| 6803 | err = -EBUSY; |
| 6804 | goto out_free; |
| 6805 | } |
| 6806 | } |
| 6807 | wdev_unlock(wdev); |
| 6808 | |
| 6809 | i = 0; |
| 6810 | if (n_ssids) { |
| 6811 | nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) { |
| 6812 | if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) { |
| 6813 | err = -EINVAL; |
| 6814 | goto out_free; |
| 6815 | } |
| 6816 | request->ssids[i].ssid_len = nla_len(attr); |
| 6817 | memcpy(request->ssids[i].ssid, nla_data(attr), nla_len(attr)); |
| 6818 | i++; |
| 6819 | } |
| 6820 | } |
| 6821 | |
| 6822 | if (info->attrs[NL80211_ATTR_IE]) { |
| 6823 | request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); |
| 6824 | memcpy((void *)request->ie, |
| 6825 | nla_data(info->attrs[NL80211_ATTR_IE]), |
| 6826 | request->ie_len); |
| 6827 | } |
| 6828 | |
| 6829 | for (i = 0; i < NUM_NL80211_BANDS; i++) |
| 6830 | if (wiphy->bands[i]) |
| 6831 | request->rates[i] = |
| 6832 | (1 << wiphy->bands[i]->n_bitrates) - 1; |
| 6833 | |
| 6834 | if (info->attrs[NL80211_ATTR_SCAN_SUPP_RATES]) { |
| 6835 | nla_for_each_nested(attr, |
| 6836 | info->attrs[NL80211_ATTR_SCAN_SUPP_RATES], |
| 6837 | tmp) { |
| 6838 | enum nl80211_band band = nla_type(attr); |
| 6839 | |
| 6840 | if (band < 0 || band >= NUM_NL80211_BANDS) { |
| 6841 | err = -EINVAL; |
| 6842 | goto out_free; |
| 6843 | } |
| 6844 | |
| 6845 | if (!wiphy->bands[band]) |
| 6846 | continue; |
| 6847 | |
| 6848 | err = ieee80211_get_ratemask(wiphy->bands[band], |
| 6849 | nla_data(attr), |
| 6850 | nla_len(attr), |
| 6851 | &request->rates[band]); |
| 6852 | if (err) |
| 6853 | goto out_free; |
| 6854 | } |
| 6855 | } |
| 6856 | |
| 6857 | if (info->attrs[NL80211_ATTR_MEASUREMENT_DURATION]) { |
| 6858 | if (!wiphy_ext_feature_isset(wiphy, |
| 6859 | NL80211_EXT_FEATURE_SET_SCAN_DWELL)) { |
| 6860 | err = -EOPNOTSUPP; |
| 6861 | goto out_free; |
| 6862 | } |
| 6863 | |
| 6864 | request->duration = |
| 6865 | nla_get_u16(info->attrs[NL80211_ATTR_MEASUREMENT_DURATION]); |
| 6866 | request->duration_mandatory = |
| 6867 | nla_get_flag(info->attrs[NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY]); |
| 6868 | } |
| 6869 | |
| 6870 | if (info->attrs[NL80211_ATTR_SCAN_FLAGS]) { |
| 6871 | request->flags = nla_get_u32( |
| 6872 | info->attrs[NL80211_ATTR_SCAN_FLAGS]); |
| 6873 | if ((request->flags & NL80211_SCAN_FLAG_LOW_PRIORITY) && |
| 6874 | !(wiphy->features & NL80211_FEATURE_LOW_PRIORITY_SCAN)) { |
| 6875 | err = -EOPNOTSUPP; |
| 6876 | goto out_free; |
| 6877 | } |
| 6878 | |
| 6879 | if (request->flags & NL80211_SCAN_FLAG_RANDOM_ADDR) { |
| 6880 | if (!(wiphy->features & |
| 6881 | NL80211_FEATURE_SCAN_RANDOM_MAC_ADDR)) { |
| 6882 | err = -EOPNOTSUPP; |
| 6883 | goto out_free; |
| 6884 | } |
| 6885 | |
| 6886 | if (wdev->current_bss) { |
| 6887 | err = -EOPNOTSUPP; |
| 6888 | goto out_free; |
| 6889 | } |
| 6890 | |
| 6891 | err = nl80211_parse_random_mac(info->attrs, |
| 6892 | request->mac_addr, |
| 6893 | request->mac_addr_mask); |
| 6894 | if (err) |
| 6895 | goto out_free; |
| 6896 | } |
| 6897 | } |
| 6898 | |
| 6899 | request->no_cck = |
| 6900 | nla_get_flag(info->attrs[NL80211_ATTR_TX_NO_CCK_RATE]); |
| 6901 | |
| 6902 | /* Initial implementation used NL80211_ATTR_MAC to set the specific |
| 6903 | * BSSID to scan for. This was problematic because that same attribute |
| 6904 | * was already used for another purpose (local random MAC address). The |
| 6905 | * NL80211_ATTR_BSSID attribute was added to fix this. For backwards |
| 6906 | * compatibility with older userspace components, also use the |
| 6907 | * NL80211_ATTR_MAC value here if it can be determined to be used for |
| 6908 | * the specific BSSID use case instead of the random MAC address |
| 6909 | * (NL80211_ATTR_SCAN_FLAGS is used to enable random MAC address use). |
| 6910 | */ |
| 6911 | if (info->attrs[NL80211_ATTR_BSSID]) |
| 6912 | memcpy(request->bssid, |
| 6913 | nla_data(info->attrs[NL80211_ATTR_BSSID]), ETH_ALEN); |
| 6914 | else if (!(request->flags & NL80211_SCAN_FLAG_RANDOM_ADDR) && |
| 6915 | info->attrs[NL80211_ATTR_MAC]) |
| 6916 | memcpy(request->bssid, nla_data(info->attrs[NL80211_ATTR_MAC]), |
| 6917 | ETH_ALEN); |
| 6918 | else |
| 6919 | eth_broadcast_addr(request->bssid); |
| 6920 | |
| 6921 | request->wdev = wdev; |
| 6922 | request->wiphy = &rdev->wiphy; |
| 6923 | request->scan_start = jiffies; |
| 6924 | |
| 6925 | rdev->scan_req = request; |
| 6926 | err = rdev_scan(rdev, request); |
| 6927 | |
| 6928 | if (!err) { |
| 6929 | nl80211_send_scan_start(rdev, wdev); |
| 6930 | if (wdev->netdev) |
| 6931 | dev_hold(wdev->netdev); |
| 6932 | } else { |
| 6933 | out_free: |
| 6934 | rdev->scan_req = NULL; |
| 6935 | kfree(request); |
| 6936 | } |
| 6937 | |
| 6938 | unlock: |
| 6939 | return err; |
| 6940 | } |
| 6941 | |
| 6942 | static int nl80211_abort_scan(struct sk_buff *skb, struct genl_info *info) |
| 6943 | { |
| 6944 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 6945 | struct wireless_dev *wdev = info->user_ptr[1]; |
| 6946 | |
| 6947 | if (!rdev->ops->abort_scan) |
| 6948 | return -EOPNOTSUPP; |
| 6949 | |
| 6950 | if (rdev->scan_msg) |
| 6951 | return 0; |
| 6952 | |
| 6953 | if (!rdev->scan_req) |
| 6954 | return -ENOENT; |
| 6955 | |
| 6956 | rdev_abort_scan(rdev, wdev); |
| 6957 | return 0; |
| 6958 | } |
| 6959 | |
| 6960 | static int |
| 6961 | nl80211_parse_sched_scan_plans(struct wiphy *wiphy, int n_plans, |
| 6962 | struct cfg80211_sched_scan_request *request, |
| 6963 | struct nlattr **attrs) |
| 6964 | { |
| 6965 | int tmp, err, i = 0; |
| 6966 | struct nlattr *attr; |
| 6967 | |
| 6968 | if (!attrs[NL80211_ATTR_SCHED_SCAN_PLANS]) { |
| 6969 | u32 interval; |
| 6970 | |
| 6971 | /* |
| 6972 | * If scan plans are not specified, |
| 6973 | * %NL80211_ATTR_SCHED_SCAN_INTERVAL will be specified. In this |
| 6974 | * case one scan plan will be set with the specified scan |
| 6975 | * interval and infinite number of iterations. |
| 6976 | */ |
| 6977 | interval = nla_get_u32(attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL]); |
| 6978 | if (!interval) |
| 6979 | return -EINVAL; |
| 6980 | |
| 6981 | request->scan_plans[0].interval = |
| 6982 | DIV_ROUND_UP(interval, MSEC_PER_SEC); |
| 6983 | if (!request->scan_plans[0].interval) |
| 6984 | return -EINVAL; |
| 6985 | |
| 6986 | if (request->scan_plans[0].interval > |
| 6987 | wiphy->max_sched_scan_plan_interval) |
| 6988 | request->scan_plans[0].interval = |
| 6989 | wiphy->max_sched_scan_plan_interval; |
| 6990 | |
| 6991 | return 0; |
| 6992 | } |
| 6993 | |
| 6994 | nla_for_each_nested(attr, attrs[NL80211_ATTR_SCHED_SCAN_PLANS], tmp) { |
| 6995 | struct nlattr *plan[NL80211_SCHED_SCAN_PLAN_MAX + 1]; |
| 6996 | |
| 6997 | if (WARN_ON(i >= n_plans)) |
| 6998 | return -EINVAL; |
| 6999 | |
| 7000 | err = nla_parse_nested(plan, NL80211_SCHED_SCAN_PLAN_MAX, |
| 7001 | attr, nl80211_plan_policy, NULL); |
| 7002 | if (err) |
| 7003 | return err; |
| 7004 | |
| 7005 | if (!plan[NL80211_SCHED_SCAN_PLAN_INTERVAL]) |
| 7006 | return -EINVAL; |
| 7007 | |
| 7008 | request->scan_plans[i].interval = |
| 7009 | nla_get_u32(plan[NL80211_SCHED_SCAN_PLAN_INTERVAL]); |
| 7010 | if (!request->scan_plans[i].interval || |
| 7011 | request->scan_plans[i].interval > |
| 7012 | wiphy->max_sched_scan_plan_interval) |
| 7013 | return -EINVAL; |
| 7014 | |
| 7015 | if (plan[NL80211_SCHED_SCAN_PLAN_ITERATIONS]) { |
| 7016 | request->scan_plans[i].iterations = |
| 7017 | nla_get_u32(plan[NL80211_SCHED_SCAN_PLAN_ITERATIONS]); |
| 7018 | if (!request->scan_plans[i].iterations || |
| 7019 | (request->scan_plans[i].iterations > |
| 7020 | wiphy->max_sched_scan_plan_iterations)) |
| 7021 | return -EINVAL; |
| 7022 | } else if (i < n_plans - 1) { |
| 7023 | /* |
| 7024 | * All scan plans but the last one must specify |
| 7025 | * a finite number of iterations |
| 7026 | */ |
| 7027 | return -EINVAL; |
| 7028 | } |
| 7029 | |
| 7030 | i++; |
| 7031 | } |
| 7032 | |
| 7033 | /* |
| 7034 | * The last scan plan must not specify the number of |
| 7035 | * iterations, it is supposed to run infinitely |
| 7036 | */ |
| 7037 | if (request->scan_plans[n_plans - 1].iterations) |
| 7038 | return -EINVAL; |
| 7039 | |
| 7040 | return 0; |
| 7041 | } |
| 7042 | |
| 7043 | static struct cfg80211_sched_scan_request * |
| 7044 | nl80211_parse_sched_scan(struct wiphy *wiphy, struct wireless_dev *wdev, |
| 7045 | struct nlattr **attrs, int max_match_sets) |
| 7046 | { |
| 7047 | struct cfg80211_sched_scan_request *request; |
| 7048 | struct nlattr *attr; |
| 7049 | int err, tmp, n_ssids = 0, n_match_sets = 0, n_channels, i, n_plans = 0; |
| 7050 | enum nl80211_band band; |
| 7051 | size_t ie_len; |
| 7052 | struct nlattr *tb[NL80211_SCHED_SCAN_MATCH_ATTR_MAX + 1]; |
| 7053 | s32 default_match_rssi = NL80211_SCAN_RSSI_THOLD_OFF; |
| 7054 | |
| 7055 | if (!is_valid_ie_attr(attrs[NL80211_ATTR_IE])) |
| 7056 | return ERR_PTR(-EINVAL); |
| 7057 | |
| 7058 | if (attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { |
| 7059 | n_channels = validate_scan_freqs( |
| 7060 | attrs[NL80211_ATTR_SCAN_FREQUENCIES]); |
| 7061 | if (!n_channels) |
| 7062 | return ERR_PTR(-EINVAL); |
| 7063 | } else { |
| 7064 | n_channels = ieee80211_get_num_supported_channels(wiphy); |
| 7065 | } |
| 7066 | |
| 7067 | if (attrs[NL80211_ATTR_SCAN_SSIDS]) |
| 7068 | nla_for_each_nested(attr, attrs[NL80211_ATTR_SCAN_SSIDS], |
| 7069 | tmp) |
| 7070 | n_ssids++; |
| 7071 | |
| 7072 | if (n_ssids > wiphy->max_sched_scan_ssids) |
| 7073 | return ERR_PTR(-EINVAL); |
| 7074 | |
| 7075 | /* |
| 7076 | * First, count the number of 'real' matchsets. Due to an issue with |
| 7077 | * the old implementation, matchsets containing only the RSSI attribute |
| 7078 | * (NL80211_SCHED_SCAN_MATCH_ATTR_RSSI) are considered as the 'default' |
| 7079 | * RSSI for all matchsets, rather than their own matchset for reporting |
| 7080 | * all APs with a strong RSSI. This is needed to be compatible with |
| 7081 | * older userspace that treated a matchset with only the RSSI as the |
| 7082 | * global RSSI for all other matchsets - if there are other matchsets. |
| 7083 | */ |
| 7084 | if (attrs[NL80211_ATTR_SCHED_SCAN_MATCH]) { |
| 7085 | nla_for_each_nested(attr, |
| 7086 | attrs[NL80211_ATTR_SCHED_SCAN_MATCH], |
| 7087 | tmp) { |
| 7088 | struct nlattr *rssi; |
| 7089 | |
| 7090 | err = nla_parse_nested(tb, |
| 7091 | NL80211_SCHED_SCAN_MATCH_ATTR_MAX, |
| 7092 | attr, nl80211_match_policy, |
| 7093 | NULL); |
| 7094 | if (err) |
| 7095 | return ERR_PTR(err); |
| 7096 | |
| 7097 | /* SSID and BSSID are mutually exclusive */ |
| 7098 | if (tb[NL80211_SCHED_SCAN_MATCH_ATTR_SSID] && |
| 7099 | tb[NL80211_SCHED_SCAN_MATCH_ATTR_BSSID]) |
| 7100 | return ERR_PTR(-EINVAL); |
| 7101 | |
| 7102 | /* add other standalone attributes here */ |
| 7103 | if (tb[NL80211_SCHED_SCAN_MATCH_ATTR_SSID] || |
| 7104 | tb[NL80211_SCHED_SCAN_MATCH_ATTR_BSSID]) { |
| 7105 | n_match_sets++; |
| 7106 | continue; |
| 7107 | } |
| 7108 | rssi = tb[NL80211_SCHED_SCAN_MATCH_ATTR_RSSI]; |
| 7109 | if (rssi) |
| 7110 | default_match_rssi = nla_get_s32(rssi); |
| 7111 | } |
| 7112 | } |
| 7113 | |
| 7114 | /* However, if there's no other matchset, add the RSSI one */ |
| 7115 | if (!n_match_sets && default_match_rssi != NL80211_SCAN_RSSI_THOLD_OFF) |
| 7116 | n_match_sets = 1; |
| 7117 | |
| 7118 | if (n_match_sets > max_match_sets) |
| 7119 | return ERR_PTR(-EINVAL); |
| 7120 | |
| 7121 | if (attrs[NL80211_ATTR_IE]) |
| 7122 | ie_len = nla_len(attrs[NL80211_ATTR_IE]); |
| 7123 | else |
| 7124 | ie_len = 0; |
| 7125 | |
| 7126 | if (ie_len > wiphy->max_sched_scan_ie_len) |
| 7127 | return ERR_PTR(-EINVAL); |
| 7128 | |
| 7129 | if (attrs[NL80211_ATTR_SCHED_SCAN_PLANS]) { |
| 7130 | /* |
| 7131 | * NL80211_ATTR_SCHED_SCAN_INTERVAL must not be specified since |
| 7132 | * each scan plan already specifies its own interval |
| 7133 | */ |
| 7134 | if (attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL]) |
| 7135 | return ERR_PTR(-EINVAL); |
| 7136 | |
| 7137 | nla_for_each_nested(attr, |
| 7138 | attrs[NL80211_ATTR_SCHED_SCAN_PLANS], tmp) |
| 7139 | n_plans++; |
| 7140 | } else { |
| 7141 | /* |
| 7142 | * The scan interval attribute is kept for backward |
| 7143 | * compatibility. If no scan plans are specified and sched scan |
| 7144 | * interval is specified, one scan plan will be set with this |
| 7145 | * scan interval and infinite number of iterations. |
| 7146 | */ |
| 7147 | if (!attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL]) |
| 7148 | return ERR_PTR(-EINVAL); |
| 7149 | |
| 7150 | n_plans = 1; |
| 7151 | } |
| 7152 | |
| 7153 | if (!n_plans || n_plans > wiphy->max_sched_scan_plans) |
| 7154 | return ERR_PTR(-EINVAL); |
| 7155 | |
| 7156 | if (!wiphy_ext_feature_isset( |
| 7157 | wiphy, NL80211_EXT_FEATURE_SCHED_SCAN_RELATIVE_RSSI) && |
| 7158 | (attrs[NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI] || |
| 7159 | attrs[NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST])) |
| 7160 | return ERR_PTR(-EINVAL); |
| 7161 | |
| 7162 | request = kzalloc(sizeof(*request) |
| 7163 | + sizeof(*request->ssids) * n_ssids |
| 7164 | + sizeof(*request->match_sets) * n_match_sets |
| 7165 | + sizeof(*request->scan_plans) * n_plans |
| 7166 | + sizeof(*request->channels) * n_channels |
| 7167 | + ie_len, GFP_KERNEL); |
| 7168 | if (!request) |
| 7169 | return ERR_PTR(-ENOMEM); |
| 7170 | |
| 7171 | if (n_ssids) |
| 7172 | request->ssids = (void *)&request->channels[n_channels]; |
| 7173 | request->n_ssids = n_ssids; |
| 7174 | if (ie_len) { |
| 7175 | if (n_ssids) |
| 7176 | request->ie = (void *)(request->ssids + n_ssids); |
| 7177 | else |
| 7178 | request->ie = (void *)(request->channels + n_channels); |
| 7179 | } |
| 7180 | |
| 7181 | if (n_match_sets) { |
| 7182 | if (request->ie) |
| 7183 | request->match_sets = (void *)(request->ie + ie_len); |
| 7184 | else if (n_ssids) |
| 7185 | request->match_sets = |
| 7186 | (void *)(request->ssids + n_ssids); |
| 7187 | else |
| 7188 | request->match_sets = |
| 7189 | (void *)(request->channels + n_channels); |
| 7190 | } |
| 7191 | request->n_match_sets = n_match_sets; |
| 7192 | |
| 7193 | if (n_match_sets) |
| 7194 | request->scan_plans = (void *)(request->match_sets + |
| 7195 | n_match_sets); |
| 7196 | else if (request->ie) |
| 7197 | request->scan_plans = (void *)(request->ie + ie_len); |
| 7198 | else if (n_ssids) |
| 7199 | request->scan_plans = (void *)(request->ssids + n_ssids); |
| 7200 | else |
| 7201 | request->scan_plans = (void *)(request->channels + n_channels); |
| 7202 | |
| 7203 | request->n_scan_plans = n_plans; |
| 7204 | |
| 7205 | i = 0; |
| 7206 | if (attrs[NL80211_ATTR_SCAN_FREQUENCIES]) { |
| 7207 | /* user specified, bail out if channel not found */ |
| 7208 | nla_for_each_nested(attr, |
| 7209 | attrs[NL80211_ATTR_SCAN_FREQUENCIES], |
| 7210 | tmp) { |
| 7211 | struct ieee80211_channel *chan; |
| 7212 | |
| 7213 | chan = ieee80211_get_channel(wiphy, nla_get_u32(attr)); |
| 7214 | |
| 7215 | if (!chan) { |
| 7216 | err = -EINVAL; |
| 7217 | goto out_free; |
| 7218 | } |
| 7219 | |
| 7220 | /* ignore disabled channels */ |
| 7221 | if (chan->flags & IEEE80211_CHAN_DISABLED) |
| 7222 | continue; |
| 7223 | |
| 7224 | request->channels[i] = chan; |
| 7225 | i++; |
| 7226 | } |
| 7227 | } else { |
| 7228 | /* all channels */ |
| 7229 | for (band = 0; band < NUM_NL80211_BANDS; band++) { |
| 7230 | int j; |
| 7231 | |
| 7232 | if (!wiphy->bands[band]) |
| 7233 | continue; |
| 7234 | for (j = 0; j < wiphy->bands[band]->n_channels; j++) { |
| 7235 | struct ieee80211_channel *chan; |
| 7236 | |
| 7237 | chan = &wiphy->bands[band]->channels[j]; |
| 7238 | |
| 7239 | if (chan->flags & IEEE80211_CHAN_DISABLED) |
| 7240 | continue; |
| 7241 | |
| 7242 | request->channels[i] = chan; |
| 7243 | i++; |
| 7244 | } |
| 7245 | } |
| 7246 | } |
| 7247 | |
| 7248 | if (!i) { |
| 7249 | err = -EINVAL; |
| 7250 | goto out_free; |
| 7251 | } |
| 7252 | |
| 7253 | request->n_channels = i; |
| 7254 | |
| 7255 | i = 0; |
| 7256 | if (n_ssids) { |
| 7257 | nla_for_each_nested(attr, attrs[NL80211_ATTR_SCAN_SSIDS], |
| 7258 | tmp) { |
| 7259 | if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) { |
| 7260 | err = -EINVAL; |
| 7261 | goto out_free; |
| 7262 | } |
| 7263 | request->ssids[i].ssid_len = nla_len(attr); |
| 7264 | memcpy(request->ssids[i].ssid, nla_data(attr), |
| 7265 | nla_len(attr)); |
| 7266 | i++; |
| 7267 | } |
| 7268 | } |
| 7269 | |
| 7270 | i = 0; |
| 7271 | if (attrs[NL80211_ATTR_SCHED_SCAN_MATCH]) { |
| 7272 | nla_for_each_nested(attr, |
| 7273 | attrs[NL80211_ATTR_SCHED_SCAN_MATCH], |
| 7274 | tmp) { |
| 7275 | struct nlattr *ssid, *bssid, *rssi; |
| 7276 | |
| 7277 | err = nla_parse_nested(tb, |
| 7278 | NL80211_SCHED_SCAN_MATCH_ATTR_MAX, |
| 7279 | attr, nl80211_match_policy, |
| 7280 | NULL); |
| 7281 | if (err) |
| 7282 | goto out_free; |
| 7283 | ssid = tb[NL80211_SCHED_SCAN_MATCH_ATTR_SSID]; |
| 7284 | bssid = tb[NL80211_SCHED_SCAN_MATCH_ATTR_BSSID]; |
| 7285 | if (ssid || bssid) { |
| 7286 | if (WARN_ON(i >= n_match_sets)) { |
| 7287 | /* this indicates a programming error, |
| 7288 | * the loop above should have verified |
| 7289 | * things properly |
| 7290 | */ |
| 7291 | err = -EINVAL; |
| 7292 | goto out_free; |
| 7293 | } |
| 7294 | |
| 7295 | if (ssid) { |
| 7296 | if (nla_len(ssid) > IEEE80211_MAX_SSID_LEN) { |
| 7297 | err = -EINVAL; |
| 7298 | goto out_free; |
| 7299 | } |
| 7300 | memcpy(request->match_sets[i].ssid.ssid, |
| 7301 | nla_data(ssid), nla_len(ssid)); |
| 7302 | request->match_sets[i].ssid.ssid_len = |
| 7303 | nla_len(ssid); |
| 7304 | } |
| 7305 | if (bssid) { |
| 7306 | if (nla_len(bssid) != ETH_ALEN) { |
| 7307 | err = -EINVAL; |
| 7308 | goto out_free; |
| 7309 | } |
| 7310 | memcpy(request->match_sets[i].bssid, |
| 7311 | nla_data(bssid), ETH_ALEN); |
| 7312 | } |
| 7313 | |
| 7314 | /* special attribute - old implementation w/a */ |
| 7315 | request->match_sets[i].rssi_thold = |
| 7316 | default_match_rssi; |
| 7317 | rssi = tb[NL80211_SCHED_SCAN_MATCH_ATTR_RSSI]; |
| 7318 | if (rssi) |
| 7319 | request->match_sets[i].rssi_thold = |
| 7320 | nla_get_s32(rssi); |
| 7321 | } |
| 7322 | i++; |
| 7323 | } |
| 7324 | |
| 7325 | /* there was no other matchset, so the RSSI one is alone */ |
| 7326 | if (i == 0 && n_match_sets) |
| 7327 | request->match_sets[0].rssi_thold = default_match_rssi; |
| 7328 | |
| 7329 | request->min_rssi_thold = INT_MAX; |
| 7330 | for (i = 0; i < n_match_sets; i++) |
| 7331 | request->min_rssi_thold = |
| 7332 | min(request->match_sets[i].rssi_thold, |
| 7333 | request->min_rssi_thold); |
| 7334 | } else { |
| 7335 | request->min_rssi_thold = NL80211_SCAN_RSSI_THOLD_OFF; |
| 7336 | } |
| 7337 | |
| 7338 | if (ie_len) { |
| 7339 | request->ie_len = ie_len; |
| 7340 | memcpy((void *)request->ie, |
| 7341 | nla_data(attrs[NL80211_ATTR_IE]), |
| 7342 | request->ie_len); |
| 7343 | } |
| 7344 | |
| 7345 | if (attrs[NL80211_ATTR_SCAN_FLAGS]) { |
| 7346 | request->flags = nla_get_u32( |
| 7347 | attrs[NL80211_ATTR_SCAN_FLAGS]); |
| 7348 | if ((request->flags & NL80211_SCAN_FLAG_LOW_PRIORITY) && |
| 7349 | !(wiphy->features & NL80211_FEATURE_LOW_PRIORITY_SCAN)) { |
| 7350 | err = -EOPNOTSUPP; |
| 7351 | goto out_free; |
| 7352 | } |
| 7353 | |
| 7354 | if (request->flags & NL80211_SCAN_FLAG_RANDOM_ADDR) { |
| 7355 | u32 flg = NL80211_FEATURE_SCHED_SCAN_RANDOM_MAC_ADDR; |
| 7356 | |
| 7357 | if (!wdev) /* must be net-detect */ |
| 7358 | flg = NL80211_FEATURE_ND_RANDOM_MAC_ADDR; |
| 7359 | |
| 7360 | if (!(wiphy->features & flg)) { |
| 7361 | err = -EOPNOTSUPP; |
| 7362 | goto out_free; |
| 7363 | } |
| 7364 | |
| 7365 | if (wdev && wdev->current_bss) { |
| 7366 | err = -EOPNOTSUPP; |
| 7367 | goto out_free; |
| 7368 | } |
| 7369 | |
| 7370 | err = nl80211_parse_random_mac(attrs, request->mac_addr, |
| 7371 | request->mac_addr_mask); |
| 7372 | if (err) |
| 7373 | goto out_free; |
| 7374 | } |
| 7375 | } |
| 7376 | |
| 7377 | if (attrs[NL80211_ATTR_SCHED_SCAN_DELAY]) |
| 7378 | request->delay = |
| 7379 | nla_get_u32(attrs[NL80211_ATTR_SCHED_SCAN_DELAY]); |
| 7380 | |
| 7381 | if (attrs[NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI]) { |
| 7382 | request->relative_rssi = nla_get_s8( |
| 7383 | attrs[NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI]); |
| 7384 | request->relative_rssi_set = true; |
| 7385 | } |
| 7386 | |
| 7387 | if (request->relative_rssi_set && |
| 7388 | attrs[NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST]) { |
| 7389 | struct nl80211_bss_select_rssi_adjust *rssi_adjust; |
| 7390 | |
| 7391 | rssi_adjust = nla_data( |
| 7392 | attrs[NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST]); |
| 7393 | request->rssi_adjust.band = rssi_adjust->band; |
| 7394 | request->rssi_adjust.delta = rssi_adjust->delta; |
| 7395 | if (!is_band_valid(wiphy, request->rssi_adjust.band)) { |
| 7396 | err = -EINVAL; |
| 7397 | goto out_free; |
| 7398 | } |
| 7399 | } |
| 7400 | |
| 7401 | err = nl80211_parse_sched_scan_plans(wiphy, n_plans, request, attrs); |
| 7402 | if (err) |
| 7403 | goto out_free; |
| 7404 | |
| 7405 | request->scan_start = jiffies; |
| 7406 | |
| 7407 | return request; |
| 7408 | |
| 7409 | out_free: |
| 7410 | kfree(request); |
| 7411 | return ERR_PTR(err); |
| 7412 | } |
| 7413 | |
| 7414 | static int nl80211_start_sched_scan(struct sk_buff *skb, |
| 7415 | struct genl_info *info) |
| 7416 | { |
| 7417 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 7418 | struct net_device *dev = info->user_ptr[1]; |
| 7419 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 7420 | struct cfg80211_sched_scan_request *sched_scan_req; |
| 7421 | bool want_multi; |
| 7422 | int err; |
| 7423 | |
| 7424 | if (!rdev->wiphy.max_sched_scan_reqs || !rdev->ops->sched_scan_start) |
| 7425 | return -EOPNOTSUPP; |
| 7426 | |
| 7427 | want_multi = info->attrs[NL80211_ATTR_SCHED_SCAN_MULTI]; |
| 7428 | err = cfg80211_sched_scan_req_possible(rdev, want_multi); |
| 7429 | if (err) |
| 7430 | return err; |
| 7431 | |
| 7432 | sched_scan_req = nl80211_parse_sched_scan(&rdev->wiphy, wdev, |
| 7433 | info->attrs, |
| 7434 | rdev->wiphy.max_match_sets); |
| 7435 | |
| 7436 | err = PTR_ERR_OR_ZERO(sched_scan_req); |
| 7437 | if (err) |
| 7438 | goto out_err; |
| 7439 | |
| 7440 | /* leave request id zero for legacy request |
| 7441 | * or if driver does not support multi-scheduled scan |
| 7442 | */ |
| 7443 | if (want_multi && rdev->wiphy.max_sched_scan_reqs > 1) { |
| 7444 | while (!sched_scan_req->reqid) |
| 7445 | sched_scan_req->reqid = rdev->wiphy.cookie_counter++; |
| 7446 | } |
| 7447 | |
| 7448 | err = rdev_sched_scan_start(rdev, dev, sched_scan_req); |
| 7449 | if (err) |
| 7450 | goto out_free; |
| 7451 | |
| 7452 | sched_scan_req->dev = dev; |
| 7453 | sched_scan_req->wiphy = &rdev->wiphy; |
| 7454 | |
| 7455 | if (info->attrs[NL80211_ATTR_SOCKET_OWNER]) |
| 7456 | sched_scan_req->owner_nlportid = info->snd_portid; |
| 7457 | |
| 7458 | cfg80211_add_sched_scan_req(rdev, sched_scan_req); |
| 7459 | |
| 7460 | nl80211_send_sched_scan(sched_scan_req, NL80211_CMD_START_SCHED_SCAN); |
| 7461 | return 0; |
| 7462 | |
| 7463 | out_free: |
| 7464 | kfree(sched_scan_req); |
| 7465 | out_err: |
| 7466 | return err; |
| 7467 | } |
| 7468 | |
| 7469 | static int nl80211_stop_sched_scan(struct sk_buff *skb, |
| 7470 | struct genl_info *info) |
| 7471 | { |
| 7472 | struct cfg80211_sched_scan_request *req; |
| 7473 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 7474 | u64 cookie; |
| 7475 | |
| 7476 | if (!rdev->wiphy.max_sched_scan_reqs || !rdev->ops->sched_scan_stop) |
| 7477 | return -EOPNOTSUPP; |
| 7478 | |
| 7479 | if (info->attrs[NL80211_ATTR_COOKIE]) { |
| 7480 | cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]); |
| 7481 | return __cfg80211_stop_sched_scan(rdev, cookie, false); |
| 7482 | } |
| 7483 | |
| 7484 | req = list_first_or_null_rcu(&rdev->sched_scan_req_list, |
| 7485 | struct cfg80211_sched_scan_request, |
| 7486 | list); |
| 7487 | if (!req || req->reqid || |
| 7488 | (req->owner_nlportid && |
| 7489 | req->owner_nlportid != info->snd_portid)) |
| 7490 | return -ENOENT; |
| 7491 | |
| 7492 | return cfg80211_stop_sched_scan_req(rdev, req, false); |
| 7493 | } |
| 7494 | |
| 7495 | static int nl80211_start_radar_detection(struct sk_buff *skb, |
| 7496 | struct genl_info *info) |
| 7497 | { |
| 7498 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 7499 | struct net_device *dev = info->user_ptr[1]; |
| 7500 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 7501 | struct cfg80211_chan_def chandef; |
| 7502 | enum nl80211_dfs_regions dfs_region; |
| 7503 | unsigned int cac_time_ms; |
| 7504 | int err; |
| 7505 | |
| 7506 | dfs_region = reg_get_dfs_region(wdev->wiphy); |
| 7507 | if (dfs_region == NL80211_DFS_UNSET) |
| 7508 | return -EINVAL; |
| 7509 | |
| 7510 | err = nl80211_parse_chandef(rdev, info, &chandef); |
| 7511 | if (err) |
| 7512 | return err; |
| 7513 | |
| 7514 | if (netif_carrier_ok(dev)) |
| 7515 | return -EBUSY; |
| 7516 | |
| 7517 | if (wdev->cac_started) |
| 7518 | return -EBUSY; |
| 7519 | |
| 7520 | err = cfg80211_chandef_dfs_required(wdev->wiphy, &chandef, |
| 7521 | wdev->iftype); |
| 7522 | if (err < 0) |
| 7523 | return err; |
| 7524 | |
| 7525 | if (err == 0) |
| 7526 | return -EINVAL; |
| 7527 | |
| 7528 | if (!cfg80211_chandef_dfs_usable(wdev->wiphy, &chandef)) |
| 7529 | return -EINVAL; |
| 7530 | |
| 7531 | if (!rdev->ops->start_radar_detection) |
| 7532 | return -EOPNOTSUPP; |
| 7533 | |
| 7534 | cac_time_ms = cfg80211_chandef_dfs_cac_time(&rdev->wiphy, &chandef); |
| 7535 | if (WARN_ON(!cac_time_ms)) |
| 7536 | cac_time_ms = IEEE80211_DFS_MIN_CAC_TIME_MS; |
| 7537 | |
| 7538 | err = rdev_start_radar_detection(rdev, dev, &chandef, cac_time_ms); |
| 7539 | if (!err) { |
| 7540 | wdev->chandef = chandef; |
| 7541 | wdev->cac_started = true; |
| 7542 | wdev->cac_start_time = jiffies; |
| 7543 | wdev->cac_time_ms = cac_time_ms; |
| 7544 | } |
| 7545 | return err; |
| 7546 | } |
| 7547 | |
| 7548 | static int nl80211_channel_switch(struct sk_buff *skb, struct genl_info *info) |
| 7549 | { |
| 7550 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 7551 | struct net_device *dev = info->user_ptr[1]; |
| 7552 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 7553 | struct cfg80211_csa_settings params; |
| 7554 | /* csa_attrs is defined static to avoid waste of stack size - this |
| 7555 | * function is called under RTNL lock, so this should not be a problem. |
| 7556 | */ |
| 7557 | static struct nlattr *csa_attrs[NL80211_ATTR_MAX+1]; |
| 7558 | int err; |
| 7559 | bool need_new_beacon = false; |
| 7560 | bool need_handle_dfs_flag = true; |
| 7561 | int len, i; |
| 7562 | u32 cs_count; |
| 7563 | |
| 7564 | if (!rdev->ops->channel_switch || |
| 7565 | !(rdev->wiphy.flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH)) |
| 7566 | return -EOPNOTSUPP; |
| 7567 | |
| 7568 | switch (dev->ieee80211_ptr->iftype) { |
| 7569 | case NL80211_IFTYPE_AP: |
| 7570 | case NL80211_IFTYPE_P2P_GO: |
| 7571 | need_new_beacon = true; |
| 7572 | /* For all modes except AP the handle_dfs flag needs to be |
| 7573 | * supplied to tell the kernel that userspace will handle radar |
| 7574 | * events when they happen. Otherwise a switch to a channel |
| 7575 | * requiring DFS will be rejected. |
| 7576 | */ |
| 7577 | need_handle_dfs_flag = false; |
| 7578 | |
| 7579 | /* useless if AP is not running */ |
| 7580 | if (!wdev->beacon_interval) |
| 7581 | return -ENOTCONN; |
| 7582 | break; |
| 7583 | case NL80211_IFTYPE_ADHOC: |
| 7584 | if (!wdev->ssid_len) |
| 7585 | return -ENOTCONN; |
| 7586 | break; |
| 7587 | case NL80211_IFTYPE_MESH_POINT: |
| 7588 | if (!wdev->mesh_id_len) |
| 7589 | return -ENOTCONN; |
| 7590 | break; |
| 7591 | default: |
| 7592 | return -EOPNOTSUPP; |
| 7593 | } |
| 7594 | |
| 7595 | memset(¶ms, 0, sizeof(params)); |
| 7596 | |
| 7597 | if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] || |
| 7598 | !info->attrs[NL80211_ATTR_CH_SWITCH_COUNT]) |
| 7599 | return -EINVAL; |
| 7600 | |
| 7601 | /* only important for AP, IBSS and mesh create IEs internally */ |
| 7602 | if (need_new_beacon && !info->attrs[NL80211_ATTR_CSA_IES]) |
| 7603 | return -EINVAL; |
| 7604 | |
| 7605 | /* Even though the attribute is u32, the specification says |
| 7606 | * u8, so let's make sure we don't overflow. |
| 7607 | */ |
| 7608 | cs_count = nla_get_u32(info->attrs[NL80211_ATTR_CH_SWITCH_COUNT]); |
| 7609 | if (cs_count > 255) |
| 7610 | return -EINVAL; |
| 7611 | |
| 7612 | params.count = cs_count; |
| 7613 | |
| 7614 | if (!need_new_beacon) |
| 7615 | goto skip_beacons; |
| 7616 | |
| 7617 | err = nl80211_parse_beacon(info->attrs, ¶ms.beacon_after); |
| 7618 | if (err) |
| 7619 | return err; |
| 7620 | |
| 7621 | err = nla_parse_nested(csa_attrs, NL80211_ATTR_MAX, |
| 7622 | info->attrs[NL80211_ATTR_CSA_IES], |
| 7623 | nl80211_policy, info->extack); |
| 7624 | if (err) |
| 7625 | return err; |
| 7626 | |
| 7627 | err = nl80211_parse_beacon(csa_attrs, ¶ms.beacon_csa); |
| 7628 | if (err) |
| 7629 | return err; |
| 7630 | |
| 7631 | if (!csa_attrs[NL80211_ATTR_CSA_C_OFF_BEACON]) |
| 7632 | return -EINVAL; |
| 7633 | |
| 7634 | len = nla_len(csa_attrs[NL80211_ATTR_CSA_C_OFF_BEACON]); |
| 7635 | if (!len || (len % sizeof(u16))) |
| 7636 | return -EINVAL; |
| 7637 | |
| 7638 | params.n_counter_offsets_beacon = len / sizeof(u16); |
| 7639 | if (rdev->wiphy.max_num_csa_counters && |
| 7640 | (params.n_counter_offsets_beacon > |
| 7641 | rdev->wiphy.max_num_csa_counters)) |
| 7642 | return -EINVAL; |
| 7643 | |
| 7644 | params.counter_offsets_beacon = |
| 7645 | nla_data(csa_attrs[NL80211_ATTR_CSA_C_OFF_BEACON]); |
| 7646 | |
| 7647 | /* sanity checks - counters should fit and be the same */ |
| 7648 | for (i = 0; i < params.n_counter_offsets_beacon; i++) { |
| 7649 | u16 offset = params.counter_offsets_beacon[i]; |
| 7650 | |
| 7651 | if (offset >= params.beacon_csa.tail_len) |
| 7652 | return -EINVAL; |
| 7653 | |
| 7654 | if (params.beacon_csa.tail[offset] != params.count) |
| 7655 | return -EINVAL; |
| 7656 | } |
| 7657 | |
| 7658 | if (csa_attrs[NL80211_ATTR_CSA_C_OFF_PRESP]) { |
| 7659 | len = nla_len(csa_attrs[NL80211_ATTR_CSA_C_OFF_PRESP]); |
| 7660 | if (!len || (len % sizeof(u16))) |
| 7661 | return -EINVAL; |
| 7662 | |
| 7663 | params.n_counter_offsets_presp = len / sizeof(u16); |
| 7664 | if (rdev->wiphy.max_num_csa_counters && |
| 7665 | (params.n_counter_offsets_presp > |
| 7666 | rdev->wiphy.max_num_csa_counters)) |
| 7667 | return -EINVAL; |
| 7668 | |
| 7669 | params.counter_offsets_presp = |
| 7670 | nla_data(csa_attrs[NL80211_ATTR_CSA_C_OFF_PRESP]); |
| 7671 | |
| 7672 | /* sanity checks - counters should fit and be the same */ |
| 7673 | for (i = 0; i < params.n_counter_offsets_presp; i++) { |
| 7674 | u16 offset = params.counter_offsets_presp[i]; |
| 7675 | |
| 7676 | if (offset >= params.beacon_csa.probe_resp_len) |
| 7677 | return -EINVAL; |
| 7678 | |
| 7679 | if (params.beacon_csa.probe_resp[offset] != |
| 7680 | params.count) |
| 7681 | return -EINVAL; |
| 7682 | } |
| 7683 | } |
| 7684 | |
| 7685 | skip_beacons: |
| 7686 | err = nl80211_parse_chandef(rdev, info, ¶ms.chandef); |
| 7687 | if (err) |
| 7688 | return err; |
| 7689 | |
| 7690 | if (!cfg80211_reg_can_beacon_relax(&rdev->wiphy, ¶ms.chandef, |
| 7691 | wdev->iftype)) |
| 7692 | return -EINVAL; |
| 7693 | |
| 7694 | err = cfg80211_chandef_dfs_required(wdev->wiphy, |
| 7695 | ¶ms.chandef, |
| 7696 | wdev->iftype); |
| 7697 | if (err < 0) |
| 7698 | return err; |
| 7699 | |
| 7700 | if (err > 0) { |
| 7701 | params.radar_required = true; |
| 7702 | if (need_handle_dfs_flag && |
| 7703 | !nla_get_flag(info->attrs[NL80211_ATTR_HANDLE_DFS])) { |
| 7704 | return -EINVAL; |
| 7705 | } |
| 7706 | } |
| 7707 | |
| 7708 | if (info->attrs[NL80211_ATTR_CH_SWITCH_BLOCK_TX]) |
| 7709 | params.block_tx = true; |
| 7710 | |
| 7711 | wdev_lock(wdev); |
| 7712 | err = rdev_channel_switch(rdev, dev, ¶ms); |
| 7713 | wdev_unlock(wdev); |
| 7714 | |
| 7715 | return err; |
| 7716 | } |
| 7717 | |
| 7718 | static int nl80211_send_bss(struct sk_buff *msg, struct netlink_callback *cb, |
| 7719 | u32 seq, int flags, |
| 7720 | struct cfg80211_registered_device *rdev, |
| 7721 | struct wireless_dev *wdev, |
| 7722 | struct cfg80211_internal_bss *intbss) |
| 7723 | { |
| 7724 | struct cfg80211_bss *res = &intbss->pub; |
| 7725 | const struct cfg80211_bss_ies *ies; |
| 7726 | void *hdr; |
| 7727 | struct nlattr *bss; |
| 7728 | |
| 7729 | ASSERT_WDEV_LOCK(wdev); |
| 7730 | |
| 7731 | hdr = nl80211hdr_put(msg, NETLINK_CB(cb->skb).portid, seq, flags, |
| 7732 | NL80211_CMD_NEW_SCAN_RESULTS); |
| 7733 | if (!hdr) |
| 7734 | return -1; |
| 7735 | |
| 7736 | genl_dump_check_consistent(cb, hdr, &nl80211_fam); |
| 7737 | |
| 7738 | if (nla_put_u32(msg, NL80211_ATTR_GENERATION, rdev->bss_generation)) |
| 7739 | goto nla_put_failure; |
| 7740 | if (wdev->netdev && |
| 7741 | nla_put_u32(msg, NL80211_ATTR_IFINDEX, wdev->netdev->ifindex)) |
| 7742 | goto nla_put_failure; |
| 7743 | if (nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev), |
| 7744 | NL80211_ATTR_PAD)) |
| 7745 | goto nla_put_failure; |
| 7746 | |
| 7747 | bss = nla_nest_start(msg, NL80211_ATTR_BSS); |
| 7748 | if (!bss) |
| 7749 | goto nla_put_failure; |
| 7750 | if ((!is_zero_ether_addr(res->bssid) && |
| 7751 | nla_put(msg, NL80211_BSS_BSSID, ETH_ALEN, res->bssid))) |
| 7752 | goto nla_put_failure; |
| 7753 | |
| 7754 | rcu_read_lock(); |
| 7755 | /* indicate whether we have probe response data or not */ |
| 7756 | if (rcu_access_pointer(res->proberesp_ies) && |
| 7757 | nla_put_flag(msg, NL80211_BSS_PRESP_DATA)) |
| 7758 | goto fail_unlock_rcu; |
| 7759 | |
| 7760 | /* this pointer prefers to be pointed to probe response data |
| 7761 | * but is always valid |
| 7762 | */ |
| 7763 | ies = rcu_dereference(res->ies); |
| 7764 | if (ies) { |
| 7765 | if (nla_put_u64_64bit(msg, NL80211_BSS_TSF, ies->tsf, |
| 7766 | NL80211_BSS_PAD)) |
| 7767 | goto fail_unlock_rcu; |
| 7768 | if (ies->len && nla_put(msg, NL80211_BSS_INFORMATION_ELEMENTS, |
| 7769 | ies->len, ies->data)) |
| 7770 | goto fail_unlock_rcu; |
| 7771 | } |
| 7772 | |
| 7773 | /* and this pointer is always (unless driver didn't know) beacon data */ |
| 7774 | ies = rcu_dereference(res->beacon_ies); |
| 7775 | if (ies && ies->from_beacon) { |
| 7776 | if (nla_put_u64_64bit(msg, NL80211_BSS_BEACON_TSF, ies->tsf, |
| 7777 | NL80211_BSS_PAD)) |
| 7778 | goto fail_unlock_rcu; |
| 7779 | if (ies->len && nla_put(msg, NL80211_BSS_BEACON_IES, |
| 7780 | ies->len, ies->data)) |
| 7781 | goto fail_unlock_rcu; |
| 7782 | } |
| 7783 | rcu_read_unlock(); |
| 7784 | |
| 7785 | if (res->beacon_interval && |
| 7786 | nla_put_u16(msg, NL80211_BSS_BEACON_INTERVAL, res->beacon_interval)) |
| 7787 | goto nla_put_failure; |
| 7788 | if (nla_put_u16(msg, NL80211_BSS_CAPABILITY, res->capability) || |
| 7789 | nla_put_u32(msg, NL80211_BSS_FREQUENCY, res->channel->center_freq) || |
| 7790 | nla_put_u32(msg, NL80211_BSS_CHAN_WIDTH, res->scan_width) || |
| 7791 | nla_put_u32(msg, NL80211_BSS_SEEN_MS_AGO, |
| 7792 | jiffies_to_msecs(jiffies - intbss->ts))) |
| 7793 | goto nla_put_failure; |
| 7794 | |
| 7795 | if (intbss->parent_tsf && |
| 7796 | (nla_put_u64_64bit(msg, NL80211_BSS_PARENT_TSF, |
| 7797 | intbss->parent_tsf, NL80211_BSS_PAD) || |
| 7798 | nla_put(msg, NL80211_BSS_PARENT_BSSID, ETH_ALEN, |
| 7799 | intbss->parent_bssid))) |
| 7800 | goto nla_put_failure; |
| 7801 | |
| 7802 | if (intbss->ts_boottime && |
| 7803 | nla_put_u64_64bit(msg, NL80211_BSS_LAST_SEEN_BOOTTIME, |
| 7804 | intbss->ts_boottime, NL80211_BSS_PAD)) |
| 7805 | goto nla_put_failure; |
| 7806 | |
| 7807 | switch (rdev->wiphy.signal_type) { |
| 7808 | case CFG80211_SIGNAL_TYPE_MBM: |
| 7809 | if (nla_put_u32(msg, NL80211_BSS_SIGNAL_MBM, res->signal)) |
| 7810 | goto nla_put_failure; |
| 7811 | break; |
| 7812 | case CFG80211_SIGNAL_TYPE_UNSPEC: |
| 7813 | if (nla_put_u8(msg, NL80211_BSS_SIGNAL_UNSPEC, res->signal)) |
| 7814 | goto nla_put_failure; |
| 7815 | break; |
| 7816 | default: |
| 7817 | break; |
| 7818 | } |
| 7819 | |
| 7820 | switch (wdev->iftype) { |
| 7821 | case NL80211_IFTYPE_P2P_CLIENT: |
| 7822 | case NL80211_IFTYPE_STATION: |
| 7823 | if (intbss == wdev->current_bss && |
| 7824 | nla_put_u32(msg, NL80211_BSS_STATUS, |
| 7825 | NL80211_BSS_STATUS_ASSOCIATED)) |
| 7826 | goto nla_put_failure; |
| 7827 | break; |
| 7828 | case NL80211_IFTYPE_ADHOC: |
| 7829 | if (intbss == wdev->current_bss && |
| 7830 | nla_put_u32(msg, NL80211_BSS_STATUS, |
| 7831 | NL80211_BSS_STATUS_IBSS_JOINED)) |
| 7832 | goto nla_put_failure; |
| 7833 | break; |
| 7834 | default: |
| 7835 | break; |
| 7836 | } |
| 7837 | |
| 7838 | nla_nest_end(msg, bss); |
| 7839 | |
| 7840 | genlmsg_end(msg, hdr); |
| 7841 | return 0; |
| 7842 | |
| 7843 | fail_unlock_rcu: |
| 7844 | rcu_read_unlock(); |
| 7845 | nla_put_failure: |
| 7846 | genlmsg_cancel(msg, hdr); |
| 7847 | return -EMSGSIZE; |
| 7848 | } |
| 7849 | |
| 7850 | static int nl80211_dump_scan(struct sk_buff *skb, struct netlink_callback *cb) |
| 7851 | { |
| 7852 | struct cfg80211_registered_device *rdev; |
| 7853 | struct cfg80211_internal_bss *scan; |
| 7854 | struct wireless_dev *wdev; |
| 7855 | int start = cb->args[2], idx = 0; |
| 7856 | int err; |
| 7857 | |
| 7858 | rtnl_lock(); |
| 7859 | err = nl80211_prepare_wdev_dump(skb, cb, &rdev, &wdev); |
| 7860 | if (err) { |
| 7861 | rtnl_unlock(); |
| 7862 | return err; |
| 7863 | } |
| 7864 | |
| 7865 | wdev_lock(wdev); |
| 7866 | spin_lock_bh(&rdev->bss_lock); |
| 7867 | cfg80211_bss_expire(rdev); |
| 7868 | |
| 7869 | cb->seq = rdev->bss_generation; |
| 7870 | |
| 7871 | list_for_each_entry(scan, &rdev->bss_list, list) { |
| 7872 | if (++idx <= start) |
| 7873 | continue; |
| 7874 | if (nl80211_send_bss(skb, cb, |
| 7875 | cb->nlh->nlmsg_seq, NLM_F_MULTI, |
| 7876 | rdev, wdev, scan) < 0) { |
| 7877 | idx--; |
| 7878 | break; |
| 7879 | } |
| 7880 | } |
| 7881 | |
| 7882 | spin_unlock_bh(&rdev->bss_lock); |
| 7883 | wdev_unlock(wdev); |
| 7884 | |
| 7885 | cb->args[2] = idx; |
| 7886 | rtnl_unlock(); |
| 7887 | |
| 7888 | return skb->len; |
| 7889 | } |
| 7890 | |
| 7891 | static int nl80211_send_survey(struct sk_buff *msg, u32 portid, u32 seq, |
| 7892 | int flags, struct net_device *dev, |
| 7893 | bool allow_radio_stats, |
| 7894 | struct survey_info *survey) |
| 7895 | { |
| 7896 | void *hdr; |
| 7897 | struct nlattr *infoattr; |
| 7898 | |
| 7899 | /* skip radio stats if userspace didn't request them */ |
| 7900 | if (!survey->channel && !allow_radio_stats) |
| 7901 | return 0; |
| 7902 | |
| 7903 | hdr = nl80211hdr_put(msg, portid, seq, flags, |
| 7904 | NL80211_CMD_NEW_SURVEY_RESULTS); |
| 7905 | if (!hdr) |
| 7906 | return -ENOMEM; |
| 7907 | |
| 7908 | if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex)) |
| 7909 | goto nla_put_failure; |
| 7910 | |
| 7911 | infoattr = nla_nest_start(msg, NL80211_ATTR_SURVEY_INFO); |
| 7912 | if (!infoattr) |
| 7913 | goto nla_put_failure; |
| 7914 | |
| 7915 | if (survey->channel && |
| 7916 | nla_put_u32(msg, NL80211_SURVEY_INFO_FREQUENCY, |
| 7917 | survey->channel->center_freq)) |
| 7918 | goto nla_put_failure; |
| 7919 | |
| 7920 | if ((survey->filled & SURVEY_INFO_NOISE_DBM) && |
| 7921 | nla_put_u8(msg, NL80211_SURVEY_INFO_NOISE, survey->noise)) |
| 7922 | goto nla_put_failure; |
| 7923 | if ((survey->filled & SURVEY_INFO_IN_USE) && |
| 7924 | nla_put_flag(msg, NL80211_SURVEY_INFO_IN_USE)) |
| 7925 | goto nla_put_failure; |
| 7926 | if ((survey->filled & SURVEY_INFO_TIME) && |
| 7927 | nla_put_u64_64bit(msg, NL80211_SURVEY_INFO_TIME, |
| 7928 | survey->time, NL80211_SURVEY_INFO_PAD)) |
| 7929 | goto nla_put_failure; |
| 7930 | if ((survey->filled & SURVEY_INFO_TIME_BUSY) && |
| 7931 | nla_put_u64_64bit(msg, NL80211_SURVEY_INFO_TIME_BUSY, |
| 7932 | survey->time_busy, NL80211_SURVEY_INFO_PAD)) |
| 7933 | goto nla_put_failure; |
| 7934 | if ((survey->filled & SURVEY_INFO_TIME_EXT_BUSY) && |
| 7935 | nla_put_u64_64bit(msg, NL80211_SURVEY_INFO_TIME_EXT_BUSY, |
| 7936 | survey->time_ext_busy, NL80211_SURVEY_INFO_PAD)) |
| 7937 | goto nla_put_failure; |
| 7938 | if ((survey->filled & SURVEY_INFO_TIME_RX) && |
| 7939 | nla_put_u64_64bit(msg, NL80211_SURVEY_INFO_TIME_RX, |
| 7940 | survey->time_rx, NL80211_SURVEY_INFO_PAD)) |
| 7941 | goto nla_put_failure; |
| 7942 | if ((survey->filled & SURVEY_INFO_TIME_TX) && |
| 7943 | nla_put_u64_64bit(msg, NL80211_SURVEY_INFO_TIME_TX, |
| 7944 | survey->time_tx, NL80211_SURVEY_INFO_PAD)) |
| 7945 | goto nla_put_failure; |
| 7946 | if ((survey->filled & SURVEY_INFO_TIME_SCAN) && |
| 7947 | nla_put_u64_64bit(msg, NL80211_SURVEY_INFO_TIME_SCAN, |
| 7948 | survey->time_scan, NL80211_SURVEY_INFO_PAD)) |
| 7949 | goto nla_put_failure; |
| 7950 | |
| 7951 | nla_nest_end(msg, infoattr); |
| 7952 | |
| 7953 | genlmsg_end(msg, hdr); |
| 7954 | return 0; |
| 7955 | |
| 7956 | nla_put_failure: |
| 7957 | genlmsg_cancel(msg, hdr); |
| 7958 | return -EMSGSIZE; |
| 7959 | } |
| 7960 | |
| 7961 | static int nl80211_dump_survey(struct sk_buff *skb, struct netlink_callback *cb) |
| 7962 | { |
| 7963 | struct nlattr **attrbuf = genl_family_attrbuf(&nl80211_fam); |
| 7964 | struct survey_info survey; |
| 7965 | struct cfg80211_registered_device *rdev; |
| 7966 | struct wireless_dev *wdev; |
| 7967 | int survey_idx = cb->args[2]; |
| 7968 | int res; |
| 7969 | bool radio_stats; |
| 7970 | |
| 7971 | rtnl_lock(); |
| 7972 | res = nl80211_prepare_wdev_dump(skb, cb, &rdev, &wdev); |
| 7973 | if (res) |
| 7974 | goto out_err; |
| 7975 | |
| 7976 | /* prepare_wdev_dump parsed the attributes */ |
| 7977 | radio_stats = attrbuf[NL80211_ATTR_SURVEY_RADIO_STATS]; |
| 7978 | |
| 7979 | if (!wdev->netdev) { |
| 7980 | res = -EINVAL; |
| 7981 | goto out_err; |
| 7982 | } |
| 7983 | |
| 7984 | if (!rdev->ops->dump_survey) { |
| 7985 | res = -EOPNOTSUPP; |
| 7986 | goto out_err; |
| 7987 | } |
| 7988 | |
| 7989 | while (1) { |
| 7990 | res = rdev_dump_survey(rdev, wdev->netdev, survey_idx, &survey); |
| 7991 | if (res == -ENOENT) |
| 7992 | break; |
| 7993 | if (res) |
| 7994 | goto out_err; |
| 7995 | |
| 7996 | /* don't send disabled channels, but do send non-channel data */ |
| 7997 | if (survey.channel && |
| 7998 | survey.channel->flags & IEEE80211_CHAN_DISABLED) { |
| 7999 | survey_idx++; |
| 8000 | continue; |
| 8001 | } |
| 8002 | |
| 8003 | if (nl80211_send_survey(skb, |
| 8004 | NETLINK_CB(cb->skb).portid, |
| 8005 | cb->nlh->nlmsg_seq, NLM_F_MULTI, |
| 8006 | wdev->netdev, radio_stats, &survey) < 0) |
| 8007 | goto out; |
| 8008 | survey_idx++; |
| 8009 | } |
| 8010 | |
| 8011 | out: |
| 8012 | cb->args[2] = survey_idx; |
| 8013 | res = skb->len; |
| 8014 | out_err: |
| 8015 | rtnl_unlock(); |
| 8016 | return res; |
| 8017 | } |
| 8018 | |
| 8019 | static bool nl80211_valid_wpa_versions(u32 wpa_versions) |
| 8020 | { |
| 8021 | return !(wpa_versions & ~(NL80211_WPA_VERSION_1 | |
| 8022 | NL80211_WPA_VERSION_2)); |
| 8023 | } |
| 8024 | |
| 8025 | static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info) |
| 8026 | { |
| 8027 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 8028 | struct net_device *dev = info->user_ptr[1]; |
| 8029 | struct ieee80211_channel *chan; |
| 8030 | const u8 *bssid, *ssid, *ie = NULL, *auth_data = NULL; |
| 8031 | int err, ssid_len, ie_len = 0, auth_data_len = 0; |
| 8032 | enum nl80211_auth_type auth_type; |
| 8033 | struct key_parse key; |
| 8034 | bool local_state_change; |
| 8035 | |
| 8036 | if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) |
| 8037 | return -EINVAL; |
| 8038 | |
| 8039 | if (!info->attrs[NL80211_ATTR_MAC]) |
| 8040 | return -EINVAL; |
| 8041 | |
| 8042 | if (!info->attrs[NL80211_ATTR_AUTH_TYPE]) |
| 8043 | return -EINVAL; |
| 8044 | |
| 8045 | if (!info->attrs[NL80211_ATTR_SSID]) |
| 8046 | return -EINVAL; |
| 8047 | |
| 8048 | if (!info->attrs[NL80211_ATTR_WIPHY_FREQ]) |
| 8049 | return -EINVAL; |
| 8050 | |
| 8051 | err = nl80211_parse_key(info, &key); |
| 8052 | if (err) |
| 8053 | return err; |
| 8054 | |
| 8055 | if (key.idx >= 0) { |
| 8056 | if (key.type != -1 && key.type != NL80211_KEYTYPE_GROUP) |
| 8057 | return -EINVAL; |
| 8058 | if (!key.p.key || !key.p.key_len) |
| 8059 | return -EINVAL; |
| 8060 | if ((key.p.cipher != WLAN_CIPHER_SUITE_WEP40 || |
| 8061 | key.p.key_len != WLAN_KEY_LEN_WEP40) && |
| 8062 | (key.p.cipher != WLAN_CIPHER_SUITE_WEP104 || |
| 8063 | key.p.key_len != WLAN_KEY_LEN_WEP104)) |
| 8064 | return -EINVAL; |
| 8065 | if (key.idx > 3) |
| 8066 | return -EINVAL; |
| 8067 | } else { |
| 8068 | key.p.key_len = 0; |
| 8069 | key.p.key = NULL; |
| 8070 | } |
| 8071 | |
| 8072 | if (key.idx >= 0) { |
| 8073 | int i; |
| 8074 | bool ok = false; |
| 8075 | |
| 8076 | for (i = 0; i < rdev->wiphy.n_cipher_suites; i++) { |
| 8077 | if (key.p.cipher == rdev->wiphy.cipher_suites[i]) { |
| 8078 | ok = true; |
| 8079 | break; |
| 8080 | } |
| 8081 | } |
| 8082 | if (!ok) |
| 8083 | return -EINVAL; |
| 8084 | } |
| 8085 | |
| 8086 | if (!rdev->ops->auth) |
| 8087 | return -EOPNOTSUPP; |
| 8088 | |
| 8089 | if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && |
| 8090 | dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) |
| 8091 | return -EOPNOTSUPP; |
| 8092 | |
| 8093 | bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 8094 | chan = nl80211_get_valid_chan(&rdev->wiphy, |
| 8095 | info->attrs[NL80211_ATTR_WIPHY_FREQ]); |
| 8096 | if (!chan) |
| 8097 | return -EINVAL; |
| 8098 | |
| 8099 | ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); |
| 8100 | ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); |
| 8101 | |
| 8102 | if (info->attrs[NL80211_ATTR_IE]) { |
| 8103 | ie = nla_data(info->attrs[NL80211_ATTR_IE]); |
| 8104 | ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); |
| 8105 | } |
| 8106 | |
| 8107 | auth_type = nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]); |
| 8108 | if (!nl80211_valid_auth_type(rdev, auth_type, NL80211_CMD_AUTHENTICATE)) |
| 8109 | return -EINVAL; |
| 8110 | |
| 8111 | if ((auth_type == NL80211_AUTHTYPE_SAE || |
| 8112 | auth_type == NL80211_AUTHTYPE_FILS_SK || |
| 8113 | auth_type == NL80211_AUTHTYPE_FILS_SK_PFS || |
| 8114 | auth_type == NL80211_AUTHTYPE_FILS_PK) && |
| 8115 | !info->attrs[NL80211_ATTR_AUTH_DATA]) |
| 8116 | return -EINVAL; |
| 8117 | |
| 8118 | if (info->attrs[NL80211_ATTR_AUTH_DATA]) { |
| 8119 | if (auth_type != NL80211_AUTHTYPE_SAE && |
| 8120 | auth_type != NL80211_AUTHTYPE_FILS_SK && |
| 8121 | auth_type != NL80211_AUTHTYPE_FILS_SK_PFS && |
| 8122 | auth_type != NL80211_AUTHTYPE_FILS_PK) |
| 8123 | return -EINVAL; |
| 8124 | auth_data = nla_data(info->attrs[NL80211_ATTR_AUTH_DATA]); |
| 8125 | auth_data_len = nla_len(info->attrs[NL80211_ATTR_AUTH_DATA]); |
| 8126 | /* need to include at least Auth Transaction and Status Code */ |
| 8127 | if (auth_data_len < 4) |
| 8128 | return -EINVAL; |
| 8129 | } |
| 8130 | |
| 8131 | local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; |
| 8132 | |
| 8133 | /* |
| 8134 | * Since we no longer track auth state, ignore |
| 8135 | * requests to only change local state. |
| 8136 | */ |
| 8137 | if (local_state_change) |
| 8138 | return 0; |
| 8139 | |
| 8140 | wdev_lock(dev->ieee80211_ptr); |
| 8141 | err = cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid, |
| 8142 | ssid, ssid_len, ie, ie_len, |
| 8143 | key.p.key, key.p.key_len, key.idx, |
| 8144 | auth_data, auth_data_len); |
| 8145 | wdev_unlock(dev->ieee80211_ptr); |
| 8146 | return err; |
| 8147 | } |
| 8148 | |
| 8149 | static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev, |
| 8150 | struct genl_info *info, |
| 8151 | struct cfg80211_crypto_settings *settings, |
| 8152 | int cipher_limit) |
| 8153 | { |
| 8154 | memset(settings, 0, sizeof(*settings)); |
| 8155 | |
| 8156 | settings->control_port = info->attrs[NL80211_ATTR_CONTROL_PORT]; |
| 8157 | |
| 8158 | if (info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]) { |
| 8159 | u16 proto; |
| 8160 | |
| 8161 | proto = nla_get_u16( |
| 8162 | info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]); |
| 8163 | settings->control_port_ethertype = cpu_to_be16(proto); |
| 8164 | if (!(rdev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) && |
| 8165 | proto != ETH_P_PAE) |
| 8166 | return -EINVAL; |
| 8167 | if (info->attrs[NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT]) |
| 8168 | settings->control_port_no_encrypt = true; |
| 8169 | } else |
| 8170 | settings->control_port_ethertype = cpu_to_be16(ETH_P_PAE); |
| 8171 | |
| 8172 | if (info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]) { |
| 8173 | void *data; |
| 8174 | int len, i; |
| 8175 | |
| 8176 | data = nla_data(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]); |
| 8177 | len = nla_len(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]); |
| 8178 | settings->n_ciphers_pairwise = len / sizeof(u32); |
| 8179 | |
| 8180 | if (len % sizeof(u32)) |
| 8181 | return -EINVAL; |
| 8182 | |
| 8183 | if (settings->n_ciphers_pairwise > cipher_limit) |
| 8184 | return -EINVAL; |
| 8185 | |
| 8186 | memcpy(settings->ciphers_pairwise, data, len); |
| 8187 | |
| 8188 | for (i = 0; i < settings->n_ciphers_pairwise; i++) |
| 8189 | if (!cfg80211_supported_cipher_suite( |
| 8190 | &rdev->wiphy, |
| 8191 | settings->ciphers_pairwise[i])) |
| 8192 | return -EINVAL; |
| 8193 | } |
| 8194 | |
| 8195 | if (info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]) { |
| 8196 | settings->cipher_group = |
| 8197 | nla_get_u32(info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]); |
| 8198 | if (!cfg80211_supported_cipher_suite(&rdev->wiphy, |
| 8199 | settings->cipher_group)) |
| 8200 | return -EINVAL; |
| 8201 | } |
| 8202 | |
| 8203 | if (info->attrs[NL80211_ATTR_WPA_VERSIONS]) { |
| 8204 | settings->wpa_versions = |
| 8205 | nla_get_u32(info->attrs[NL80211_ATTR_WPA_VERSIONS]); |
| 8206 | if (!nl80211_valid_wpa_versions(settings->wpa_versions)) |
| 8207 | return -EINVAL; |
| 8208 | } |
| 8209 | |
| 8210 | if (info->attrs[NL80211_ATTR_AKM_SUITES]) { |
| 8211 | void *data; |
| 8212 | int len; |
| 8213 | |
| 8214 | data = nla_data(info->attrs[NL80211_ATTR_AKM_SUITES]); |
| 8215 | len = nla_len(info->attrs[NL80211_ATTR_AKM_SUITES]); |
| 8216 | settings->n_akm_suites = len / sizeof(u32); |
| 8217 | |
| 8218 | if (len % sizeof(u32)) |
| 8219 | return -EINVAL; |
| 8220 | |
| 8221 | if (settings->n_akm_suites > NL80211_MAX_NR_AKM_SUITES) |
| 8222 | return -EINVAL; |
| 8223 | |
| 8224 | memcpy(settings->akm_suites, data, len); |
| 8225 | } |
| 8226 | |
| 8227 | if (info->attrs[NL80211_ATTR_PMK]) { |
| 8228 | if (nla_len(info->attrs[NL80211_ATTR_PMK]) != WLAN_PMK_LEN) |
| 8229 | return -EINVAL; |
| 8230 | if (!wiphy_ext_feature_isset(&rdev->wiphy, |
| 8231 | NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_PSK)) |
| 8232 | return -EINVAL; |
| 8233 | settings->psk = nla_data(info->attrs[NL80211_ATTR_PMK]); |
| 8234 | } |
| 8235 | |
| 8236 | return 0; |
| 8237 | } |
| 8238 | |
| 8239 | static int nl80211_associate(struct sk_buff *skb, struct genl_info *info) |
| 8240 | { |
| 8241 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 8242 | struct net_device *dev = info->user_ptr[1]; |
| 8243 | struct ieee80211_channel *chan; |
| 8244 | struct cfg80211_assoc_request req = {}; |
| 8245 | const u8 *bssid, *ssid; |
| 8246 | int err, ssid_len = 0; |
| 8247 | |
| 8248 | if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) |
| 8249 | return -EINVAL; |
| 8250 | |
| 8251 | if (!info->attrs[NL80211_ATTR_MAC] || |
| 8252 | !info->attrs[NL80211_ATTR_SSID] || |
| 8253 | !info->attrs[NL80211_ATTR_WIPHY_FREQ]) |
| 8254 | return -EINVAL; |
| 8255 | |
| 8256 | if (!rdev->ops->assoc) |
| 8257 | return -EOPNOTSUPP; |
| 8258 | |
| 8259 | if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && |
| 8260 | dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) |
| 8261 | return -EOPNOTSUPP; |
| 8262 | |
| 8263 | bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 8264 | |
| 8265 | chan = nl80211_get_valid_chan(&rdev->wiphy, |
| 8266 | info->attrs[NL80211_ATTR_WIPHY_FREQ]); |
| 8267 | if (!chan) |
| 8268 | return -EINVAL; |
| 8269 | |
| 8270 | ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); |
| 8271 | ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); |
| 8272 | |
| 8273 | if (info->attrs[NL80211_ATTR_IE]) { |
| 8274 | req.ie = nla_data(info->attrs[NL80211_ATTR_IE]); |
| 8275 | req.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); |
| 8276 | } |
| 8277 | |
| 8278 | if (info->attrs[NL80211_ATTR_USE_MFP]) { |
| 8279 | enum nl80211_mfp mfp = |
| 8280 | nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]); |
| 8281 | if (mfp == NL80211_MFP_REQUIRED) |
| 8282 | req.use_mfp = true; |
| 8283 | else if (mfp != NL80211_MFP_NO) |
| 8284 | return -EINVAL; |
| 8285 | } |
| 8286 | |
| 8287 | if (info->attrs[NL80211_ATTR_PREV_BSSID]) |
| 8288 | req.prev_bssid = nla_data(info->attrs[NL80211_ATTR_PREV_BSSID]); |
| 8289 | |
| 8290 | if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_HT])) |
| 8291 | req.flags |= ASSOC_REQ_DISABLE_HT; |
| 8292 | |
| 8293 | if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]) |
| 8294 | memcpy(&req.ht_capa_mask, |
| 8295 | nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]), |
| 8296 | sizeof(req.ht_capa_mask)); |
| 8297 | |
| 8298 | if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) { |
| 8299 | if (!info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]) |
| 8300 | return -EINVAL; |
| 8301 | memcpy(&req.ht_capa, |
| 8302 | nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]), |
| 8303 | sizeof(req.ht_capa)); |
| 8304 | } |
| 8305 | |
| 8306 | if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_VHT])) |
| 8307 | req.flags |= ASSOC_REQ_DISABLE_VHT; |
| 8308 | |
| 8309 | if (info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK]) |
| 8310 | memcpy(&req.vht_capa_mask, |
| 8311 | nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK]), |
| 8312 | sizeof(req.vht_capa_mask)); |
| 8313 | |
| 8314 | if (info->attrs[NL80211_ATTR_VHT_CAPABILITY]) { |
| 8315 | if (!info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK]) |
| 8316 | return -EINVAL; |
| 8317 | memcpy(&req.vht_capa, |
| 8318 | nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY]), |
| 8319 | sizeof(req.vht_capa)); |
| 8320 | } |
| 8321 | |
| 8322 | if (nla_get_flag(info->attrs[NL80211_ATTR_USE_RRM])) { |
| 8323 | if (!((rdev->wiphy.features & |
| 8324 | NL80211_FEATURE_DS_PARAM_SET_IE_IN_PROBES) && |
| 8325 | (rdev->wiphy.features & NL80211_FEATURE_QUIET)) && |
| 8326 | !wiphy_ext_feature_isset(&rdev->wiphy, |
| 8327 | NL80211_EXT_FEATURE_RRM)) |
| 8328 | return -EINVAL; |
| 8329 | req.flags |= ASSOC_REQ_USE_RRM; |
| 8330 | } |
| 8331 | |
| 8332 | if (info->attrs[NL80211_ATTR_FILS_KEK]) { |
| 8333 | req.fils_kek = nla_data(info->attrs[NL80211_ATTR_FILS_KEK]); |
| 8334 | req.fils_kek_len = nla_len(info->attrs[NL80211_ATTR_FILS_KEK]); |
| 8335 | if (!info->attrs[NL80211_ATTR_FILS_NONCES]) |
| 8336 | return -EINVAL; |
| 8337 | req.fils_nonces = |
| 8338 | nla_data(info->attrs[NL80211_ATTR_FILS_NONCES]); |
| 8339 | } |
| 8340 | |
| 8341 | err = nl80211_crypto_settings(rdev, info, &req.crypto, 1); |
| 8342 | if (!err) { |
| 8343 | wdev_lock(dev->ieee80211_ptr); |
| 8344 | |
| 8345 | err = cfg80211_mlme_assoc(rdev, dev, chan, bssid, |
| 8346 | ssid, ssid_len, &req); |
| 8347 | |
| 8348 | if (!err && info->attrs[NL80211_ATTR_SOCKET_OWNER]) { |
| 8349 | dev->ieee80211_ptr->conn_owner_nlportid = |
| 8350 | info->snd_portid; |
| 8351 | memcpy(dev->ieee80211_ptr->disconnect_bssid, |
| 8352 | bssid, ETH_ALEN); |
| 8353 | } |
| 8354 | |
| 8355 | wdev_unlock(dev->ieee80211_ptr); |
| 8356 | } |
| 8357 | |
| 8358 | return err; |
| 8359 | } |
| 8360 | |
| 8361 | static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info) |
| 8362 | { |
| 8363 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 8364 | struct net_device *dev = info->user_ptr[1]; |
| 8365 | const u8 *ie = NULL, *bssid; |
| 8366 | int ie_len = 0, err; |
| 8367 | u16 reason_code; |
| 8368 | bool local_state_change; |
| 8369 | |
| 8370 | if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) |
| 8371 | return -EINVAL; |
| 8372 | |
| 8373 | if (!info->attrs[NL80211_ATTR_MAC]) |
| 8374 | return -EINVAL; |
| 8375 | |
| 8376 | if (!info->attrs[NL80211_ATTR_REASON_CODE]) |
| 8377 | return -EINVAL; |
| 8378 | |
| 8379 | if (!rdev->ops->deauth) |
| 8380 | return -EOPNOTSUPP; |
| 8381 | |
| 8382 | if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && |
| 8383 | dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) |
| 8384 | return -EOPNOTSUPP; |
| 8385 | |
| 8386 | bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 8387 | |
| 8388 | reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); |
| 8389 | if (reason_code == 0) { |
| 8390 | /* Reason Code 0 is reserved */ |
| 8391 | return -EINVAL; |
| 8392 | } |
| 8393 | |
| 8394 | if (info->attrs[NL80211_ATTR_IE]) { |
| 8395 | ie = nla_data(info->attrs[NL80211_ATTR_IE]); |
| 8396 | ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); |
| 8397 | } |
| 8398 | |
| 8399 | local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; |
| 8400 | |
| 8401 | wdev_lock(dev->ieee80211_ptr); |
| 8402 | err = cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason_code, |
| 8403 | local_state_change); |
| 8404 | wdev_unlock(dev->ieee80211_ptr); |
| 8405 | return err; |
| 8406 | } |
| 8407 | |
| 8408 | static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info) |
| 8409 | { |
| 8410 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 8411 | struct net_device *dev = info->user_ptr[1]; |
| 8412 | const u8 *ie = NULL, *bssid; |
| 8413 | int ie_len = 0, err; |
| 8414 | u16 reason_code; |
| 8415 | bool local_state_change; |
| 8416 | |
| 8417 | if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) |
| 8418 | return -EINVAL; |
| 8419 | |
| 8420 | if (!info->attrs[NL80211_ATTR_MAC]) |
| 8421 | return -EINVAL; |
| 8422 | |
| 8423 | if (!info->attrs[NL80211_ATTR_REASON_CODE]) |
| 8424 | return -EINVAL; |
| 8425 | |
| 8426 | if (!rdev->ops->disassoc) |
| 8427 | return -EOPNOTSUPP; |
| 8428 | |
| 8429 | if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && |
| 8430 | dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) |
| 8431 | return -EOPNOTSUPP; |
| 8432 | |
| 8433 | bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 8434 | |
| 8435 | reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); |
| 8436 | if (reason_code == 0) { |
| 8437 | /* Reason Code 0 is reserved */ |
| 8438 | return -EINVAL; |
| 8439 | } |
| 8440 | |
| 8441 | if (info->attrs[NL80211_ATTR_IE]) { |
| 8442 | ie = nla_data(info->attrs[NL80211_ATTR_IE]); |
| 8443 | ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); |
| 8444 | } |
| 8445 | |
| 8446 | local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE]; |
| 8447 | |
| 8448 | wdev_lock(dev->ieee80211_ptr); |
| 8449 | err = cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason_code, |
| 8450 | local_state_change); |
| 8451 | wdev_unlock(dev->ieee80211_ptr); |
| 8452 | return err; |
| 8453 | } |
| 8454 | |
| 8455 | static bool |
| 8456 | nl80211_parse_mcast_rate(struct cfg80211_registered_device *rdev, |
| 8457 | int mcast_rate[NUM_NL80211_BANDS], |
| 8458 | int rateval) |
| 8459 | { |
| 8460 | struct wiphy *wiphy = &rdev->wiphy; |
| 8461 | bool found = false; |
| 8462 | int band, i; |
| 8463 | |
| 8464 | for (band = 0; band < NUM_NL80211_BANDS; band++) { |
| 8465 | struct ieee80211_supported_band *sband; |
| 8466 | |
| 8467 | sband = wiphy->bands[band]; |
| 8468 | if (!sband) |
| 8469 | continue; |
| 8470 | |
| 8471 | for (i = 0; i < sband->n_bitrates; i++) { |
| 8472 | if (sband->bitrates[i].bitrate == rateval) { |
| 8473 | mcast_rate[band] = i + 1; |
| 8474 | found = true; |
| 8475 | break; |
| 8476 | } |
| 8477 | } |
| 8478 | } |
| 8479 | |
| 8480 | return found; |
| 8481 | } |
| 8482 | |
| 8483 | static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info) |
| 8484 | { |
| 8485 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 8486 | struct net_device *dev = info->user_ptr[1]; |
| 8487 | struct cfg80211_ibss_params ibss; |
| 8488 | struct wiphy *wiphy; |
| 8489 | struct cfg80211_cached_keys *connkeys = NULL; |
| 8490 | int err; |
| 8491 | |
| 8492 | memset(&ibss, 0, sizeof(ibss)); |
| 8493 | |
| 8494 | if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) |
| 8495 | return -EINVAL; |
| 8496 | |
| 8497 | if (!info->attrs[NL80211_ATTR_SSID] || |
| 8498 | !nla_len(info->attrs[NL80211_ATTR_SSID])) |
| 8499 | return -EINVAL; |
| 8500 | |
| 8501 | ibss.beacon_interval = 100; |
| 8502 | |
| 8503 | if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) |
| 8504 | ibss.beacon_interval = |
| 8505 | nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]); |
| 8506 | |
| 8507 | err = cfg80211_validate_beacon_int(rdev, NL80211_IFTYPE_ADHOC, |
| 8508 | ibss.beacon_interval); |
| 8509 | if (err) |
| 8510 | return err; |
| 8511 | |
| 8512 | if (!rdev->ops->join_ibss) |
| 8513 | return -EOPNOTSUPP; |
| 8514 | |
| 8515 | if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) |
| 8516 | return -EOPNOTSUPP; |
| 8517 | |
| 8518 | wiphy = &rdev->wiphy; |
| 8519 | |
| 8520 | if (info->attrs[NL80211_ATTR_MAC]) { |
| 8521 | ibss.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 8522 | |
| 8523 | if (!is_valid_ether_addr(ibss.bssid)) |
| 8524 | return -EINVAL; |
| 8525 | } |
| 8526 | ibss.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); |
| 8527 | ibss.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); |
| 8528 | |
| 8529 | if (info->attrs[NL80211_ATTR_IE]) { |
| 8530 | ibss.ie = nla_data(info->attrs[NL80211_ATTR_IE]); |
| 8531 | ibss.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); |
| 8532 | } |
| 8533 | |
| 8534 | err = nl80211_parse_chandef(rdev, info, &ibss.chandef); |
| 8535 | if (err) |
| 8536 | return err; |
| 8537 | |
| 8538 | if (!cfg80211_reg_can_beacon(&rdev->wiphy, &ibss.chandef, |
| 8539 | NL80211_IFTYPE_ADHOC)) |
| 8540 | return -EINVAL; |
| 8541 | |
| 8542 | switch (ibss.chandef.width) { |
| 8543 | case NL80211_CHAN_WIDTH_5: |
| 8544 | case NL80211_CHAN_WIDTH_10: |
| 8545 | case NL80211_CHAN_WIDTH_20_NOHT: |
| 8546 | break; |
| 8547 | case NL80211_CHAN_WIDTH_20: |
| 8548 | case NL80211_CHAN_WIDTH_40: |
| 8549 | if (!(rdev->wiphy.features & NL80211_FEATURE_HT_IBSS)) |
| 8550 | return -EINVAL; |
| 8551 | break; |
| 8552 | case NL80211_CHAN_WIDTH_80: |
| 8553 | case NL80211_CHAN_WIDTH_80P80: |
| 8554 | case NL80211_CHAN_WIDTH_160: |
| 8555 | if (!(rdev->wiphy.features & NL80211_FEATURE_HT_IBSS)) |
| 8556 | return -EINVAL; |
| 8557 | if (!wiphy_ext_feature_isset(&rdev->wiphy, |
| 8558 | NL80211_EXT_FEATURE_VHT_IBSS)) |
| 8559 | return -EINVAL; |
| 8560 | break; |
| 8561 | default: |
| 8562 | return -EINVAL; |
| 8563 | } |
| 8564 | |
| 8565 | ibss.channel_fixed = !!info->attrs[NL80211_ATTR_FREQ_FIXED]; |
| 8566 | ibss.privacy = !!info->attrs[NL80211_ATTR_PRIVACY]; |
| 8567 | |
| 8568 | if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) { |
| 8569 | u8 *rates = |
| 8570 | nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); |
| 8571 | int n_rates = |
| 8572 | nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); |
| 8573 | struct ieee80211_supported_band *sband = |
| 8574 | wiphy->bands[ibss.chandef.chan->band]; |
| 8575 | |
| 8576 | err = ieee80211_get_ratemask(sband, rates, n_rates, |
| 8577 | &ibss.basic_rates); |
| 8578 | if (err) |
| 8579 | return err; |
| 8580 | } |
| 8581 | |
| 8582 | if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]) |
| 8583 | memcpy(&ibss.ht_capa_mask, |
| 8584 | nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]), |
| 8585 | sizeof(ibss.ht_capa_mask)); |
| 8586 | |
| 8587 | if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) { |
| 8588 | if (!info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]) |
| 8589 | return -EINVAL; |
| 8590 | memcpy(&ibss.ht_capa, |
| 8591 | nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]), |
| 8592 | sizeof(ibss.ht_capa)); |
| 8593 | } |
| 8594 | |
| 8595 | if (info->attrs[NL80211_ATTR_MCAST_RATE] && |
| 8596 | !nl80211_parse_mcast_rate(rdev, ibss.mcast_rate, |
| 8597 | nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE]))) |
| 8598 | return -EINVAL; |
| 8599 | |
| 8600 | if (ibss.privacy && info->attrs[NL80211_ATTR_KEYS]) { |
| 8601 | bool no_ht = false; |
| 8602 | |
| 8603 | connkeys = nl80211_parse_connkeys(rdev, |
| 8604 | info->attrs[NL80211_ATTR_KEYS], |
| 8605 | &no_ht); |
| 8606 | if (IS_ERR(connkeys)) |
| 8607 | return PTR_ERR(connkeys); |
| 8608 | |
| 8609 | if ((ibss.chandef.width != NL80211_CHAN_WIDTH_20_NOHT) && |
| 8610 | no_ht) { |
| 8611 | kzfree(connkeys); |
| 8612 | return -EINVAL; |
| 8613 | } |
| 8614 | } |
| 8615 | |
| 8616 | ibss.control_port = |
| 8617 | nla_get_flag(info->attrs[NL80211_ATTR_CONTROL_PORT]); |
| 8618 | |
| 8619 | ibss.userspace_handles_dfs = |
| 8620 | nla_get_flag(info->attrs[NL80211_ATTR_HANDLE_DFS]); |
| 8621 | |
| 8622 | err = cfg80211_join_ibss(rdev, dev, &ibss, connkeys); |
| 8623 | if (err) |
| 8624 | kzfree(connkeys); |
| 8625 | return err; |
| 8626 | } |
| 8627 | |
| 8628 | static int nl80211_leave_ibss(struct sk_buff *skb, struct genl_info *info) |
| 8629 | { |
| 8630 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 8631 | struct net_device *dev = info->user_ptr[1]; |
| 8632 | |
| 8633 | if (!rdev->ops->leave_ibss) |
| 8634 | return -EOPNOTSUPP; |
| 8635 | |
| 8636 | if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) |
| 8637 | return -EOPNOTSUPP; |
| 8638 | |
| 8639 | return cfg80211_leave_ibss(rdev, dev, false); |
| 8640 | } |
| 8641 | |
| 8642 | static int nl80211_set_mcast_rate(struct sk_buff *skb, struct genl_info *info) |
| 8643 | { |
| 8644 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 8645 | struct net_device *dev = info->user_ptr[1]; |
| 8646 | int mcast_rate[NUM_NL80211_BANDS]; |
| 8647 | u32 nla_rate; |
| 8648 | int err; |
| 8649 | |
| 8650 | if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC && |
| 8651 | dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT && |
| 8652 | dev->ieee80211_ptr->iftype != NL80211_IFTYPE_OCB) |
| 8653 | return -EOPNOTSUPP; |
| 8654 | |
| 8655 | if (!rdev->ops->set_mcast_rate) |
| 8656 | return -EOPNOTSUPP; |
| 8657 | |
| 8658 | memset(mcast_rate, 0, sizeof(mcast_rate)); |
| 8659 | |
| 8660 | if (!info->attrs[NL80211_ATTR_MCAST_RATE]) |
| 8661 | return -EINVAL; |
| 8662 | |
| 8663 | nla_rate = nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE]); |
| 8664 | if (!nl80211_parse_mcast_rate(rdev, mcast_rate, nla_rate)) |
| 8665 | return -EINVAL; |
| 8666 | |
| 8667 | err = rdev_set_mcast_rate(rdev, dev, mcast_rate); |
| 8668 | |
| 8669 | return err; |
| 8670 | } |
| 8671 | |
| 8672 | static struct sk_buff * |
| 8673 | __cfg80211_alloc_vendor_skb(struct cfg80211_registered_device *rdev, |
| 8674 | struct wireless_dev *wdev, int approxlen, |
| 8675 | u32 portid, u32 seq, enum nl80211_commands cmd, |
| 8676 | enum nl80211_attrs attr, |
| 8677 | const struct nl80211_vendor_cmd_info *info, |
| 8678 | gfp_t gfp) |
| 8679 | { |
| 8680 | struct sk_buff *skb; |
| 8681 | void *hdr; |
| 8682 | struct nlattr *data; |
| 8683 | |
| 8684 | skb = nlmsg_new(approxlen + 100, gfp); |
| 8685 | if (!skb) |
| 8686 | return NULL; |
| 8687 | |
| 8688 | hdr = nl80211hdr_put(skb, portid, seq, 0, cmd); |
| 8689 | if (!hdr) { |
| 8690 | kfree_skb(skb); |
| 8691 | return NULL; |
| 8692 | } |
| 8693 | |
| 8694 | if (nla_put_u32(skb, NL80211_ATTR_WIPHY, rdev->wiphy_idx)) |
| 8695 | goto nla_put_failure; |
| 8696 | |
| 8697 | if (info) { |
| 8698 | if (nla_put_u32(skb, NL80211_ATTR_VENDOR_ID, |
| 8699 | info->vendor_id)) |
| 8700 | goto nla_put_failure; |
| 8701 | if (nla_put_u32(skb, NL80211_ATTR_VENDOR_SUBCMD, |
| 8702 | info->subcmd)) |
| 8703 | goto nla_put_failure; |
| 8704 | } |
| 8705 | |
| 8706 | if (wdev) { |
| 8707 | if (nla_put_u64_64bit(skb, NL80211_ATTR_WDEV, |
| 8708 | wdev_id(wdev), NL80211_ATTR_PAD)) |
| 8709 | goto nla_put_failure; |
| 8710 | if (wdev->netdev && |
| 8711 | nla_put_u32(skb, NL80211_ATTR_IFINDEX, |
| 8712 | wdev->netdev->ifindex)) |
| 8713 | goto nla_put_failure; |
| 8714 | } |
| 8715 | |
| 8716 | data = nla_nest_start(skb, attr); |
| 8717 | if (!data) |
| 8718 | goto nla_put_failure; |
| 8719 | |
| 8720 | ((void **)skb->cb)[0] = rdev; |
| 8721 | ((void **)skb->cb)[1] = hdr; |
| 8722 | ((void **)skb->cb)[2] = data; |
| 8723 | |
| 8724 | return skb; |
| 8725 | |
| 8726 | nla_put_failure: |
| 8727 | kfree_skb(skb); |
| 8728 | return NULL; |
| 8729 | } |
| 8730 | |
| 8731 | struct sk_buff *__cfg80211_alloc_event_skb(struct wiphy *wiphy, |
| 8732 | struct wireless_dev *wdev, |
| 8733 | enum nl80211_commands cmd, |
| 8734 | enum nl80211_attrs attr, |
| 8735 | int vendor_event_idx, |
| 8736 | int approxlen, gfp_t gfp) |
| 8737 | { |
| 8738 | struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); |
| 8739 | const struct nl80211_vendor_cmd_info *info; |
| 8740 | |
| 8741 | switch (cmd) { |
| 8742 | case NL80211_CMD_TESTMODE: |
| 8743 | if (WARN_ON(vendor_event_idx != -1)) |
| 8744 | return NULL; |
| 8745 | info = NULL; |
| 8746 | break; |
| 8747 | case NL80211_CMD_VENDOR: |
| 8748 | if (WARN_ON(vendor_event_idx < 0 || |
| 8749 | vendor_event_idx >= wiphy->n_vendor_events)) |
| 8750 | return NULL; |
| 8751 | info = &wiphy->vendor_events[vendor_event_idx]; |
| 8752 | break; |
| 8753 | default: |
| 8754 | WARN_ON(1); |
| 8755 | return NULL; |
| 8756 | } |
| 8757 | |
| 8758 | return __cfg80211_alloc_vendor_skb(rdev, wdev, approxlen, 0, 0, |
| 8759 | cmd, attr, info, gfp); |
| 8760 | } |
| 8761 | EXPORT_SYMBOL(__cfg80211_alloc_event_skb); |
| 8762 | |
| 8763 | void __cfg80211_send_event_skb(struct sk_buff *skb, gfp_t gfp) |
| 8764 | { |
| 8765 | struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0]; |
| 8766 | void *hdr = ((void **)skb->cb)[1]; |
| 8767 | struct nlattr *data = ((void **)skb->cb)[2]; |
| 8768 | enum nl80211_multicast_groups mcgrp = NL80211_MCGRP_TESTMODE; |
| 8769 | |
| 8770 | /* clear CB data for netlink core to own from now on */ |
| 8771 | memset(skb->cb, 0, sizeof(skb->cb)); |
| 8772 | |
| 8773 | nla_nest_end(skb, data); |
| 8774 | genlmsg_end(skb, hdr); |
| 8775 | |
| 8776 | if (data->nla_type == NL80211_ATTR_VENDOR_DATA) |
| 8777 | mcgrp = NL80211_MCGRP_VENDOR; |
| 8778 | |
| 8779 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), skb, 0, |
| 8780 | mcgrp, gfp); |
| 8781 | } |
| 8782 | EXPORT_SYMBOL(__cfg80211_send_event_skb); |
| 8783 | |
| 8784 | #ifdef CONFIG_NL80211_TESTMODE |
| 8785 | static int nl80211_testmode_do(struct sk_buff *skb, struct genl_info *info) |
| 8786 | { |
| 8787 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 8788 | struct wireless_dev *wdev = |
| 8789 | __cfg80211_wdev_from_attrs(genl_info_net(info), info->attrs); |
| 8790 | int err; |
| 8791 | |
| 8792 | if (!rdev->ops->testmode_cmd) |
| 8793 | return -EOPNOTSUPP; |
| 8794 | |
| 8795 | if (IS_ERR(wdev)) { |
| 8796 | err = PTR_ERR(wdev); |
| 8797 | if (err != -EINVAL) |
| 8798 | return err; |
| 8799 | wdev = NULL; |
| 8800 | } else if (wdev->wiphy != &rdev->wiphy) { |
| 8801 | return -EINVAL; |
| 8802 | } |
| 8803 | |
| 8804 | if (!info->attrs[NL80211_ATTR_TESTDATA]) |
| 8805 | return -EINVAL; |
| 8806 | |
| 8807 | rdev->cur_cmd_info = info; |
| 8808 | err = rdev_testmode_cmd(rdev, wdev, |
| 8809 | nla_data(info->attrs[NL80211_ATTR_TESTDATA]), |
| 8810 | nla_len(info->attrs[NL80211_ATTR_TESTDATA])); |
| 8811 | rdev->cur_cmd_info = NULL; |
| 8812 | |
| 8813 | return err; |
| 8814 | } |
| 8815 | |
| 8816 | static int nl80211_testmode_dump(struct sk_buff *skb, |
| 8817 | struct netlink_callback *cb) |
| 8818 | { |
| 8819 | struct cfg80211_registered_device *rdev; |
| 8820 | int err; |
| 8821 | long phy_idx; |
| 8822 | void *data = NULL; |
| 8823 | int data_len = 0; |
| 8824 | |
| 8825 | rtnl_lock(); |
| 8826 | |
| 8827 | if (cb->args[0]) { |
| 8828 | /* |
| 8829 | * 0 is a valid index, but not valid for args[0], |
| 8830 | * so we need to offset by 1. |
| 8831 | */ |
| 8832 | phy_idx = cb->args[0] - 1; |
| 8833 | |
| 8834 | rdev = cfg80211_rdev_by_wiphy_idx(phy_idx); |
| 8835 | if (!rdev) { |
| 8836 | err = -ENOENT; |
| 8837 | goto out_err; |
| 8838 | } |
| 8839 | } else { |
| 8840 | struct nlattr **attrbuf = genl_family_attrbuf(&nl80211_fam); |
| 8841 | |
| 8842 | err = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize, |
| 8843 | attrbuf, nl80211_fam.maxattr, |
| 8844 | nl80211_policy, NULL); |
| 8845 | if (err) |
| 8846 | goto out_err; |
| 8847 | |
| 8848 | rdev = __cfg80211_rdev_from_attrs(sock_net(skb->sk), attrbuf); |
| 8849 | if (IS_ERR(rdev)) { |
| 8850 | err = PTR_ERR(rdev); |
| 8851 | goto out_err; |
| 8852 | } |
| 8853 | phy_idx = rdev->wiphy_idx; |
| 8854 | |
| 8855 | if (attrbuf[NL80211_ATTR_TESTDATA]) |
| 8856 | cb->args[1] = (long)attrbuf[NL80211_ATTR_TESTDATA]; |
| 8857 | } |
| 8858 | |
| 8859 | if (cb->args[1]) { |
| 8860 | data = nla_data((void *)cb->args[1]); |
| 8861 | data_len = nla_len((void *)cb->args[1]); |
| 8862 | } |
| 8863 | |
| 8864 | if (!rdev->ops->testmode_dump) { |
| 8865 | err = -EOPNOTSUPP; |
| 8866 | goto out_err; |
| 8867 | } |
| 8868 | |
| 8869 | while (1) { |
| 8870 | void *hdr = nl80211hdr_put(skb, NETLINK_CB(cb->skb).portid, |
| 8871 | cb->nlh->nlmsg_seq, NLM_F_MULTI, |
| 8872 | NL80211_CMD_TESTMODE); |
| 8873 | struct nlattr *tmdata; |
| 8874 | |
| 8875 | if (!hdr) |
| 8876 | break; |
| 8877 | |
| 8878 | if (nla_put_u32(skb, NL80211_ATTR_WIPHY, phy_idx)) { |
| 8879 | genlmsg_cancel(skb, hdr); |
| 8880 | break; |
| 8881 | } |
| 8882 | |
| 8883 | tmdata = nla_nest_start(skb, NL80211_ATTR_TESTDATA); |
| 8884 | if (!tmdata) { |
| 8885 | genlmsg_cancel(skb, hdr); |
| 8886 | break; |
| 8887 | } |
| 8888 | err = rdev_testmode_dump(rdev, skb, cb, data, data_len); |
| 8889 | nla_nest_end(skb, tmdata); |
| 8890 | |
| 8891 | if (err == -ENOBUFS || err == -ENOENT) { |
| 8892 | genlmsg_cancel(skb, hdr); |
| 8893 | break; |
| 8894 | } else if (err) { |
| 8895 | genlmsg_cancel(skb, hdr); |
| 8896 | goto out_err; |
| 8897 | } |
| 8898 | |
| 8899 | genlmsg_end(skb, hdr); |
| 8900 | } |
| 8901 | |
| 8902 | err = skb->len; |
| 8903 | /* see above */ |
| 8904 | cb->args[0] = phy_idx + 1; |
| 8905 | out_err: |
| 8906 | rtnl_unlock(); |
| 8907 | return err; |
| 8908 | } |
| 8909 | #endif |
| 8910 | |
| 8911 | static int nl80211_connect(struct sk_buff *skb, struct genl_info *info) |
| 8912 | { |
| 8913 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 8914 | struct net_device *dev = info->user_ptr[1]; |
| 8915 | struct cfg80211_connect_params connect; |
| 8916 | struct wiphy *wiphy; |
| 8917 | struct cfg80211_cached_keys *connkeys = NULL; |
| 8918 | int err; |
| 8919 | |
| 8920 | memset(&connect, 0, sizeof(connect)); |
| 8921 | |
| 8922 | if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) |
| 8923 | return -EINVAL; |
| 8924 | |
| 8925 | if (!info->attrs[NL80211_ATTR_SSID] || |
| 8926 | !nla_len(info->attrs[NL80211_ATTR_SSID])) |
| 8927 | return -EINVAL; |
| 8928 | |
| 8929 | if (info->attrs[NL80211_ATTR_AUTH_TYPE]) { |
| 8930 | connect.auth_type = |
| 8931 | nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]); |
| 8932 | if (!nl80211_valid_auth_type(rdev, connect.auth_type, |
| 8933 | NL80211_CMD_CONNECT)) |
| 8934 | return -EINVAL; |
| 8935 | } else |
| 8936 | connect.auth_type = NL80211_AUTHTYPE_AUTOMATIC; |
| 8937 | |
| 8938 | connect.privacy = info->attrs[NL80211_ATTR_PRIVACY]; |
| 8939 | |
| 8940 | if (info->attrs[NL80211_ATTR_WANT_1X_4WAY_HS] && |
| 8941 | !wiphy_ext_feature_isset(&rdev->wiphy, |
| 8942 | NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X)) |
| 8943 | return -EINVAL; |
| 8944 | connect.want_1x = info->attrs[NL80211_ATTR_WANT_1X_4WAY_HS]; |
| 8945 | |
| 8946 | err = nl80211_crypto_settings(rdev, info, &connect.crypto, |
| 8947 | NL80211_MAX_NR_CIPHER_SUITES); |
| 8948 | if (err) |
| 8949 | return err; |
| 8950 | |
| 8951 | if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && |
| 8952 | dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) |
| 8953 | return -EOPNOTSUPP; |
| 8954 | |
| 8955 | wiphy = &rdev->wiphy; |
| 8956 | |
| 8957 | connect.bg_scan_period = -1; |
| 8958 | if (info->attrs[NL80211_ATTR_BG_SCAN_PERIOD] && |
| 8959 | (wiphy->flags & WIPHY_FLAG_SUPPORTS_FW_ROAM)) { |
| 8960 | connect.bg_scan_period = |
| 8961 | nla_get_u16(info->attrs[NL80211_ATTR_BG_SCAN_PERIOD]); |
| 8962 | } |
| 8963 | |
| 8964 | if (info->attrs[NL80211_ATTR_MAC]) |
| 8965 | connect.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 8966 | else if (info->attrs[NL80211_ATTR_MAC_HINT]) |
| 8967 | connect.bssid_hint = |
| 8968 | nla_data(info->attrs[NL80211_ATTR_MAC_HINT]); |
| 8969 | connect.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); |
| 8970 | connect.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); |
| 8971 | |
| 8972 | if (info->attrs[NL80211_ATTR_IE]) { |
| 8973 | connect.ie = nla_data(info->attrs[NL80211_ATTR_IE]); |
| 8974 | connect.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); |
| 8975 | } |
| 8976 | |
| 8977 | if (info->attrs[NL80211_ATTR_USE_MFP]) { |
| 8978 | connect.mfp = nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]); |
| 8979 | if (connect.mfp != NL80211_MFP_REQUIRED && |
| 8980 | connect.mfp != NL80211_MFP_NO) |
| 8981 | return -EINVAL; |
| 8982 | } else { |
| 8983 | connect.mfp = NL80211_MFP_NO; |
| 8984 | } |
| 8985 | |
| 8986 | if (info->attrs[NL80211_ATTR_PREV_BSSID]) |
| 8987 | connect.prev_bssid = |
| 8988 | nla_data(info->attrs[NL80211_ATTR_PREV_BSSID]); |
| 8989 | |
| 8990 | if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { |
| 8991 | connect.channel = nl80211_get_valid_chan( |
| 8992 | wiphy, info->attrs[NL80211_ATTR_WIPHY_FREQ]); |
| 8993 | if (!connect.channel) |
| 8994 | return -EINVAL; |
| 8995 | } else if (info->attrs[NL80211_ATTR_WIPHY_FREQ_HINT]) { |
| 8996 | connect.channel_hint = nl80211_get_valid_chan( |
| 8997 | wiphy, info->attrs[NL80211_ATTR_WIPHY_FREQ_HINT]); |
| 8998 | if (!connect.channel_hint) |
| 8999 | return -EINVAL; |
| 9000 | } |
| 9001 | |
| 9002 | if (connect.privacy && info->attrs[NL80211_ATTR_KEYS]) { |
| 9003 | connkeys = nl80211_parse_connkeys(rdev, |
| 9004 | info->attrs[NL80211_ATTR_KEYS], NULL); |
| 9005 | if (IS_ERR(connkeys)) |
| 9006 | return PTR_ERR(connkeys); |
| 9007 | } |
| 9008 | |
| 9009 | if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_HT])) |
| 9010 | connect.flags |= ASSOC_REQ_DISABLE_HT; |
| 9011 | |
| 9012 | if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]) |
| 9013 | memcpy(&connect.ht_capa_mask, |
| 9014 | nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]), |
| 9015 | sizeof(connect.ht_capa_mask)); |
| 9016 | |
| 9017 | if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) { |
| 9018 | if (!info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]) { |
| 9019 | kzfree(connkeys); |
| 9020 | return -EINVAL; |
| 9021 | } |
| 9022 | memcpy(&connect.ht_capa, |
| 9023 | nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]), |
| 9024 | sizeof(connect.ht_capa)); |
| 9025 | } |
| 9026 | |
| 9027 | if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_VHT])) |
| 9028 | connect.flags |= ASSOC_REQ_DISABLE_VHT; |
| 9029 | |
| 9030 | if (info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK]) |
| 9031 | memcpy(&connect.vht_capa_mask, |
| 9032 | nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK]), |
| 9033 | sizeof(connect.vht_capa_mask)); |
| 9034 | |
| 9035 | if (info->attrs[NL80211_ATTR_VHT_CAPABILITY]) { |
| 9036 | if (!info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK]) { |
| 9037 | kzfree(connkeys); |
| 9038 | return -EINVAL; |
| 9039 | } |
| 9040 | memcpy(&connect.vht_capa, |
| 9041 | nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY]), |
| 9042 | sizeof(connect.vht_capa)); |
| 9043 | } |
| 9044 | |
| 9045 | if (nla_get_flag(info->attrs[NL80211_ATTR_USE_RRM])) { |
| 9046 | if (!((rdev->wiphy.features & |
| 9047 | NL80211_FEATURE_DS_PARAM_SET_IE_IN_PROBES) && |
| 9048 | (rdev->wiphy.features & NL80211_FEATURE_QUIET)) && |
| 9049 | !wiphy_ext_feature_isset(&rdev->wiphy, |
| 9050 | NL80211_EXT_FEATURE_RRM)) { |
| 9051 | kzfree(connkeys); |
| 9052 | return -EINVAL; |
| 9053 | } |
| 9054 | connect.flags |= ASSOC_REQ_USE_RRM; |
| 9055 | } |
| 9056 | |
| 9057 | connect.pbss = nla_get_flag(info->attrs[NL80211_ATTR_PBSS]); |
| 9058 | if (connect.pbss && !rdev->wiphy.bands[NL80211_BAND_60GHZ]) { |
| 9059 | kzfree(connkeys); |
| 9060 | return -EOPNOTSUPP; |
| 9061 | } |
| 9062 | |
| 9063 | if (info->attrs[NL80211_ATTR_BSS_SELECT]) { |
| 9064 | /* bss selection makes no sense if bssid is set */ |
| 9065 | if (connect.bssid) { |
| 9066 | kzfree(connkeys); |
| 9067 | return -EINVAL; |
| 9068 | } |
| 9069 | |
| 9070 | err = parse_bss_select(info->attrs[NL80211_ATTR_BSS_SELECT], |
| 9071 | wiphy, &connect.bss_select); |
| 9072 | if (err) { |
| 9073 | kzfree(connkeys); |
| 9074 | return err; |
| 9075 | } |
| 9076 | } |
| 9077 | |
| 9078 | if (wiphy_ext_feature_isset(&rdev->wiphy, |
| 9079 | NL80211_EXT_FEATURE_FILS_SK_OFFLOAD) && |
| 9080 | info->attrs[NL80211_ATTR_FILS_ERP_USERNAME] && |
| 9081 | info->attrs[NL80211_ATTR_FILS_ERP_REALM] && |
| 9082 | info->attrs[NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM] && |
| 9083 | info->attrs[NL80211_ATTR_FILS_ERP_RRK]) { |
| 9084 | connect.fils_erp_username = |
| 9085 | nla_data(info->attrs[NL80211_ATTR_FILS_ERP_USERNAME]); |
| 9086 | connect.fils_erp_username_len = |
| 9087 | nla_len(info->attrs[NL80211_ATTR_FILS_ERP_USERNAME]); |
| 9088 | connect.fils_erp_realm = |
| 9089 | nla_data(info->attrs[NL80211_ATTR_FILS_ERP_REALM]); |
| 9090 | connect.fils_erp_realm_len = |
| 9091 | nla_len(info->attrs[NL80211_ATTR_FILS_ERP_REALM]); |
| 9092 | connect.fils_erp_next_seq_num = |
| 9093 | nla_get_u16( |
| 9094 | info->attrs[NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM]); |
| 9095 | connect.fils_erp_rrk = |
| 9096 | nla_data(info->attrs[NL80211_ATTR_FILS_ERP_RRK]); |
| 9097 | connect.fils_erp_rrk_len = |
| 9098 | nla_len(info->attrs[NL80211_ATTR_FILS_ERP_RRK]); |
| 9099 | } else if (info->attrs[NL80211_ATTR_FILS_ERP_USERNAME] || |
| 9100 | info->attrs[NL80211_ATTR_FILS_ERP_REALM] || |
| 9101 | info->attrs[NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM] || |
| 9102 | info->attrs[NL80211_ATTR_FILS_ERP_RRK]) { |
| 9103 | kzfree(connkeys); |
| 9104 | return -EINVAL; |
| 9105 | } |
| 9106 | |
| 9107 | if (nla_get_flag(info->attrs[NL80211_ATTR_EXTERNAL_AUTH_SUPPORT])) { |
| 9108 | if (!info->attrs[NL80211_ATTR_SOCKET_OWNER]) { |
| 9109 | kzfree(connkeys); |
| 9110 | GENL_SET_ERR_MSG(info, |
| 9111 | "external auth requires connection ownership"); |
| 9112 | return -EINVAL; |
| 9113 | } |
| 9114 | connect.flags |= CONNECT_REQ_EXTERNAL_AUTH_SUPPORT; |
| 9115 | } |
| 9116 | |
| 9117 | wdev_lock(dev->ieee80211_ptr); |
| 9118 | |
| 9119 | err = cfg80211_connect(rdev, dev, &connect, connkeys, |
| 9120 | connect.prev_bssid); |
| 9121 | if (err) |
| 9122 | kzfree(connkeys); |
| 9123 | |
| 9124 | if (!err && info->attrs[NL80211_ATTR_SOCKET_OWNER]) { |
| 9125 | dev->ieee80211_ptr->conn_owner_nlportid = info->snd_portid; |
| 9126 | if (connect.bssid) |
| 9127 | memcpy(dev->ieee80211_ptr->disconnect_bssid, |
| 9128 | connect.bssid, ETH_ALEN); |
| 9129 | else |
| 9130 | memset(dev->ieee80211_ptr->disconnect_bssid, |
| 9131 | 0, ETH_ALEN); |
| 9132 | } |
| 9133 | |
| 9134 | wdev_unlock(dev->ieee80211_ptr); |
| 9135 | |
| 9136 | return err; |
| 9137 | } |
| 9138 | |
| 9139 | static int nl80211_update_connect_params(struct sk_buff *skb, |
| 9140 | struct genl_info *info) |
| 9141 | { |
| 9142 | struct cfg80211_connect_params connect = {}; |
| 9143 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 9144 | struct net_device *dev = info->user_ptr[1]; |
| 9145 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 9146 | u32 changed = 0; |
| 9147 | int ret; |
| 9148 | |
| 9149 | if (!rdev->ops->update_connect_params) |
| 9150 | return -EOPNOTSUPP; |
| 9151 | |
| 9152 | if (info->attrs[NL80211_ATTR_IE]) { |
| 9153 | if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) |
| 9154 | return -EINVAL; |
| 9155 | connect.ie = nla_data(info->attrs[NL80211_ATTR_IE]); |
| 9156 | connect.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); |
| 9157 | changed |= UPDATE_ASSOC_IES; |
| 9158 | } |
| 9159 | |
| 9160 | wdev_lock(dev->ieee80211_ptr); |
| 9161 | if (!wdev->current_bss) |
| 9162 | ret = -ENOLINK; |
| 9163 | else |
| 9164 | ret = rdev_update_connect_params(rdev, dev, &connect, changed); |
| 9165 | wdev_unlock(dev->ieee80211_ptr); |
| 9166 | |
| 9167 | return ret; |
| 9168 | } |
| 9169 | |
| 9170 | static int nl80211_disconnect(struct sk_buff *skb, struct genl_info *info) |
| 9171 | { |
| 9172 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 9173 | struct net_device *dev = info->user_ptr[1]; |
| 9174 | u16 reason; |
| 9175 | int ret; |
| 9176 | |
| 9177 | if (!info->attrs[NL80211_ATTR_REASON_CODE]) |
| 9178 | reason = WLAN_REASON_DEAUTH_LEAVING; |
| 9179 | else |
| 9180 | reason = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]); |
| 9181 | |
| 9182 | if (reason == 0) |
| 9183 | return -EINVAL; |
| 9184 | |
| 9185 | if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && |
| 9186 | dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) |
| 9187 | return -EOPNOTSUPP; |
| 9188 | |
| 9189 | wdev_lock(dev->ieee80211_ptr); |
| 9190 | ret = cfg80211_disconnect(rdev, dev, reason, true); |
| 9191 | wdev_unlock(dev->ieee80211_ptr); |
| 9192 | return ret; |
| 9193 | } |
| 9194 | |
| 9195 | static int nl80211_wiphy_netns(struct sk_buff *skb, struct genl_info *info) |
| 9196 | { |
| 9197 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 9198 | struct net *net; |
| 9199 | int err; |
| 9200 | |
| 9201 | if (info->attrs[NL80211_ATTR_PID]) { |
| 9202 | u32 pid = nla_get_u32(info->attrs[NL80211_ATTR_PID]); |
| 9203 | |
| 9204 | net = get_net_ns_by_pid(pid); |
| 9205 | } else if (info->attrs[NL80211_ATTR_NETNS_FD]) { |
| 9206 | u32 fd = nla_get_u32(info->attrs[NL80211_ATTR_NETNS_FD]); |
| 9207 | |
| 9208 | net = get_net_ns_by_fd(fd); |
| 9209 | } else { |
| 9210 | return -EINVAL; |
| 9211 | } |
| 9212 | |
| 9213 | if (IS_ERR(net)) |
| 9214 | return PTR_ERR(net); |
| 9215 | |
| 9216 | err = 0; |
| 9217 | |
| 9218 | /* check if anything to do */ |
| 9219 | if (!net_eq(wiphy_net(&rdev->wiphy), net)) |
| 9220 | err = cfg80211_switch_netns(rdev, net); |
| 9221 | |
| 9222 | put_net(net); |
| 9223 | return err; |
| 9224 | } |
| 9225 | |
| 9226 | static int nl80211_setdel_pmksa(struct sk_buff *skb, struct genl_info *info) |
| 9227 | { |
| 9228 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 9229 | int (*rdev_ops)(struct wiphy *wiphy, struct net_device *dev, |
| 9230 | struct cfg80211_pmksa *pmksa) = NULL; |
| 9231 | struct net_device *dev = info->user_ptr[1]; |
| 9232 | struct cfg80211_pmksa pmksa; |
| 9233 | |
| 9234 | memset(&pmksa, 0, sizeof(struct cfg80211_pmksa)); |
| 9235 | |
| 9236 | if (!info->attrs[NL80211_ATTR_PMKID]) |
| 9237 | return -EINVAL; |
| 9238 | |
| 9239 | pmksa.pmkid = nla_data(info->attrs[NL80211_ATTR_PMKID]); |
| 9240 | |
| 9241 | if (info->attrs[NL80211_ATTR_MAC]) { |
| 9242 | pmksa.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 9243 | } else if (info->attrs[NL80211_ATTR_SSID] && |
| 9244 | info->attrs[NL80211_ATTR_FILS_CACHE_ID] && |
| 9245 | (info->genlhdr->cmd == NL80211_CMD_DEL_PMKSA || |
| 9246 | info->attrs[NL80211_ATTR_PMK])) { |
| 9247 | pmksa.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]); |
| 9248 | pmksa.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); |
| 9249 | pmksa.cache_id = |
| 9250 | nla_data(info->attrs[NL80211_ATTR_FILS_CACHE_ID]); |
| 9251 | } else { |
| 9252 | return -EINVAL; |
| 9253 | } |
| 9254 | if (info->attrs[NL80211_ATTR_PMK]) { |
| 9255 | pmksa.pmk = nla_data(info->attrs[NL80211_ATTR_PMK]); |
| 9256 | pmksa.pmk_len = nla_len(info->attrs[NL80211_ATTR_PMK]); |
| 9257 | } |
| 9258 | |
| 9259 | if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && |
| 9260 | dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) |
| 9261 | return -EOPNOTSUPP; |
| 9262 | |
| 9263 | switch (info->genlhdr->cmd) { |
| 9264 | case NL80211_CMD_SET_PMKSA: |
| 9265 | rdev_ops = rdev->ops->set_pmksa; |
| 9266 | break; |
| 9267 | case NL80211_CMD_DEL_PMKSA: |
| 9268 | rdev_ops = rdev->ops->del_pmksa; |
| 9269 | break; |
| 9270 | default: |
| 9271 | WARN_ON(1); |
| 9272 | break; |
| 9273 | } |
| 9274 | |
| 9275 | if (!rdev_ops) |
| 9276 | return -EOPNOTSUPP; |
| 9277 | |
| 9278 | return rdev_ops(&rdev->wiphy, dev, &pmksa); |
| 9279 | } |
| 9280 | |
| 9281 | static int nl80211_flush_pmksa(struct sk_buff *skb, struct genl_info *info) |
| 9282 | { |
| 9283 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 9284 | struct net_device *dev = info->user_ptr[1]; |
| 9285 | |
| 9286 | if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION && |
| 9287 | dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT) |
| 9288 | return -EOPNOTSUPP; |
| 9289 | |
| 9290 | if (!rdev->ops->flush_pmksa) |
| 9291 | return -EOPNOTSUPP; |
| 9292 | |
| 9293 | return rdev_flush_pmksa(rdev, dev); |
| 9294 | } |
| 9295 | |
| 9296 | static int nl80211_tdls_mgmt(struct sk_buff *skb, struct genl_info *info) |
| 9297 | { |
| 9298 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 9299 | struct net_device *dev = info->user_ptr[1]; |
| 9300 | u8 action_code, dialog_token; |
| 9301 | u32 peer_capability = 0; |
| 9302 | u16 status_code; |
| 9303 | u8 *peer; |
| 9304 | bool initiator; |
| 9305 | |
| 9306 | if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) || |
| 9307 | !rdev->ops->tdls_mgmt) |
| 9308 | return -EOPNOTSUPP; |
| 9309 | |
| 9310 | if (!info->attrs[NL80211_ATTR_TDLS_ACTION] || |
| 9311 | !info->attrs[NL80211_ATTR_STATUS_CODE] || |
| 9312 | !info->attrs[NL80211_ATTR_TDLS_DIALOG_TOKEN] || |
| 9313 | !info->attrs[NL80211_ATTR_IE] || |
| 9314 | !info->attrs[NL80211_ATTR_MAC]) |
| 9315 | return -EINVAL; |
| 9316 | |
| 9317 | peer = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 9318 | action_code = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_ACTION]); |
| 9319 | status_code = nla_get_u16(info->attrs[NL80211_ATTR_STATUS_CODE]); |
| 9320 | dialog_token = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_DIALOG_TOKEN]); |
| 9321 | initiator = nla_get_flag(info->attrs[NL80211_ATTR_TDLS_INITIATOR]); |
| 9322 | if (info->attrs[NL80211_ATTR_TDLS_PEER_CAPABILITY]) |
| 9323 | peer_capability = |
| 9324 | nla_get_u32(info->attrs[NL80211_ATTR_TDLS_PEER_CAPABILITY]); |
| 9325 | |
| 9326 | return rdev_tdls_mgmt(rdev, dev, peer, action_code, |
| 9327 | dialog_token, status_code, peer_capability, |
| 9328 | initiator, |
| 9329 | nla_data(info->attrs[NL80211_ATTR_IE]), |
| 9330 | nla_len(info->attrs[NL80211_ATTR_IE])); |
| 9331 | } |
| 9332 | |
| 9333 | static int nl80211_tdls_oper(struct sk_buff *skb, struct genl_info *info) |
| 9334 | { |
| 9335 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 9336 | struct net_device *dev = info->user_ptr[1]; |
| 9337 | enum nl80211_tdls_operation operation; |
| 9338 | u8 *peer; |
| 9339 | |
| 9340 | if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) || |
| 9341 | !rdev->ops->tdls_oper) |
| 9342 | return -EOPNOTSUPP; |
| 9343 | |
| 9344 | if (!info->attrs[NL80211_ATTR_TDLS_OPERATION] || |
| 9345 | !info->attrs[NL80211_ATTR_MAC]) |
| 9346 | return -EINVAL; |
| 9347 | |
| 9348 | operation = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_OPERATION]); |
| 9349 | peer = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 9350 | |
| 9351 | return rdev_tdls_oper(rdev, dev, peer, operation); |
| 9352 | } |
| 9353 | |
| 9354 | static int nl80211_remain_on_channel(struct sk_buff *skb, |
| 9355 | struct genl_info *info) |
| 9356 | { |
| 9357 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 9358 | struct wireless_dev *wdev = info->user_ptr[1]; |
| 9359 | struct cfg80211_chan_def chandef; |
| 9360 | const struct cfg80211_chan_def *compat_chandef; |
| 9361 | struct sk_buff *msg; |
| 9362 | void *hdr; |
| 9363 | u64 cookie; |
| 9364 | u32 duration; |
| 9365 | int err; |
| 9366 | |
| 9367 | if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] || |
| 9368 | !info->attrs[NL80211_ATTR_DURATION]) |
| 9369 | return -EINVAL; |
| 9370 | |
| 9371 | duration = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]); |
| 9372 | |
| 9373 | if (!rdev->ops->remain_on_channel || |
| 9374 | !(rdev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL)) |
| 9375 | return -EOPNOTSUPP; |
| 9376 | |
| 9377 | /* |
| 9378 | * We should be on that channel for at least a minimum amount of |
| 9379 | * time (10ms) but no longer than the driver supports. |
| 9380 | */ |
| 9381 | if (duration < NL80211_MIN_REMAIN_ON_CHANNEL_TIME || |
| 9382 | duration > rdev->wiphy.max_remain_on_channel_duration) |
| 9383 | return -EINVAL; |
| 9384 | |
| 9385 | err = nl80211_parse_chandef(rdev, info, &chandef); |
| 9386 | if (err) |
| 9387 | return err; |
| 9388 | |
| 9389 | wdev_lock(wdev); |
| 9390 | if (!cfg80211_off_channel_oper_allowed(wdev) && |
| 9391 | !cfg80211_chandef_identical(&wdev->chandef, &chandef)) { |
| 9392 | compat_chandef = cfg80211_chandef_compatible(&wdev->chandef, |
| 9393 | &chandef); |
| 9394 | if (compat_chandef != &chandef) { |
| 9395 | wdev_unlock(wdev); |
| 9396 | return -EBUSY; |
| 9397 | } |
| 9398 | } |
| 9399 | wdev_unlock(wdev); |
| 9400 | |
| 9401 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); |
| 9402 | if (!msg) |
| 9403 | return -ENOMEM; |
| 9404 | |
| 9405 | hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0, |
| 9406 | NL80211_CMD_REMAIN_ON_CHANNEL); |
| 9407 | if (!hdr) { |
| 9408 | err = -ENOBUFS; |
| 9409 | goto free_msg; |
| 9410 | } |
| 9411 | |
| 9412 | err = rdev_remain_on_channel(rdev, wdev, chandef.chan, |
| 9413 | duration, &cookie); |
| 9414 | |
| 9415 | if (err) |
| 9416 | goto free_msg; |
| 9417 | |
| 9418 | if (nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, cookie, |
| 9419 | NL80211_ATTR_PAD)) |
| 9420 | goto nla_put_failure; |
| 9421 | |
| 9422 | genlmsg_end(msg, hdr); |
| 9423 | |
| 9424 | return genlmsg_reply(msg, info); |
| 9425 | |
| 9426 | nla_put_failure: |
| 9427 | err = -ENOBUFS; |
| 9428 | free_msg: |
| 9429 | nlmsg_free(msg); |
| 9430 | return err; |
| 9431 | } |
| 9432 | |
| 9433 | static int nl80211_cancel_remain_on_channel(struct sk_buff *skb, |
| 9434 | struct genl_info *info) |
| 9435 | { |
| 9436 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 9437 | struct wireless_dev *wdev = info->user_ptr[1]; |
| 9438 | u64 cookie; |
| 9439 | |
| 9440 | if (!info->attrs[NL80211_ATTR_COOKIE]) |
| 9441 | return -EINVAL; |
| 9442 | |
| 9443 | if (!rdev->ops->cancel_remain_on_channel) |
| 9444 | return -EOPNOTSUPP; |
| 9445 | |
| 9446 | cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]); |
| 9447 | |
| 9448 | return rdev_cancel_remain_on_channel(rdev, wdev, cookie); |
| 9449 | } |
| 9450 | |
| 9451 | static int nl80211_set_tx_bitrate_mask(struct sk_buff *skb, |
| 9452 | struct genl_info *info) |
| 9453 | { |
| 9454 | struct cfg80211_bitrate_mask mask; |
| 9455 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 9456 | struct net_device *dev = info->user_ptr[1]; |
| 9457 | int err; |
| 9458 | |
| 9459 | if (!rdev->ops->set_bitrate_mask) |
| 9460 | return -EOPNOTSUPP; |
| 9461 | |
| 9462 | err = nl80211_parse_tx_bitrate_mask(info, &mask); |
| 9463 | if (err) |
| 9464 | return err; |
| 9465 | |
| 9466 | return rdev_set_bitrate_mask(rdev, dev, NULL, &mask); |
| 9467 | } |
| 9468 | |
| 9469 | static int nl80211_register_mgmt(struct sk_buff *skb, struct genl_info *info) |
| 9470 | { |
| 9471 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 9472 | struct wireless_dev *wdev = info->user_ptr[1]; |
| 9473 | u16 frame_type = IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_ACTION; |
| 9474 | |
| 9475 | if (!info->attrs[NL80211_ATTR_FRAME_MATCH]) |
| 9476 | return -EINVAL; |
| 9477 | |
| 9478 | if (info->attrs[NL80211_ATTR_FRAME_TYPE]) |
| 9479 | frame_type = nla_get_u16(info->attrs[NL80211_ATTR_FRAME_TYPE]); |
| 9480 | |
| 9481 | switch (wdev->iftype) { |
| 9482 | case NL80211_IFTYPE_STATION: |
| 9483 | case NL80211_IFTYPE_ADHOC: |
| 9484 | case NL80211_IFTYPE_P2P_CLIENT: |
| 9485 | case NL80211_IFTYPE_AP: |
| 9486 | case NL80211_IFTYPE_AP_VLAN: |
| 9487 | case NL80211_IFTYPE_MESH_POINT: |
| 9488 | case NL80211_IFTYPE_P2P_GO: |
| 9489 | case NL80211_IFTYPE_P2P_DEVICE: |
| 9490 | break; |
| 9491 | case NL80211_IFTYPE_NAN: |
| 9492 | default: |
| 9493 | return -EOPNOTSUPP; |
| 9494 | } |
| 9495 | |
| 9496 | /* not much point in registering if we can't reply */ |
| 9497 | if (!rdev->ops->mgmt_tx) |
| 9498 | return -EOPNOTSUPP; |
| 9499 | |
| 9500 | return cfg80211_mlme_register_mgmt(wdev, info->snd_portid, frame_type, |
| 9501 | nla_data(info->attrs[NL80211_ATTR_FRAME_MATCH]), |
| 9502 | nla_len(info->attrs[NL80211_ATTR_FRAME_MATCH])); |
| 9503 | } |
| 9504 | |
| 9505 | static int nl80211_tx_mgmt(struct sk_buff *skb, struct genl_info *info) |
| 9506 | { |
| 9507 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 9508 | struct wireless_dev *wdev = info->user_ptr[1]; |
| 9509 | struct cfg80211_chan_def chandef; |
| 9510 | int err; |
| 9511 | void *hdr = NULL; |
| 9512 | u64 cookie; |
| 9513 | struct sk_buff *msg = NULL; |
| 9514 | struct cfg80211_mgmt_tx_params params = { |
| 9515 | .dont_wait_for_ack = |
| 9516 | info->attrs[NL80211_ATTR_DONT_WAIT_FOR_ACK], |
| 9517 | }; |
| 9518 | |
| 9519 | if (!info->attrs[NL80211_ATTR_FRAME]) |
| 9520 | return -EINVAL; |
| 9521 | |
| 9522 | if (!rdev->ops->mgmt_tx) |
| 9523 | return -EOPNOTSUPP; |
| 9524 | |
| 9525 | switch (wdev->iftype) { |
| 9526 | case NL80211_IFTYPE_P2P_DEVICE: |
| 9527 | if (!info->attrs[NL80211_ATTR_WIPHY_FREQ]) |
| 9528 | return -EINVAL; |
| 9529 | case NL80211_IFTYPE_STATION: |
| 9530 | case NL80211_IFTYPE_ADHOC: |
| 9531 | case NL80211_IFTYPE_P2P_CLIENT: |
| 9532 | case NL80211_IFTYPE_AP: |
| 9533 | case NL80211_IFTYPE_AP_VLAN: |
| 9534 | case NL80211_IFTYPE_MESH_POINT: |
| 9535 | case NL80211_IFTYPE_P2P_GO: |
| 9536 | break; |
| 9537 | case NL80211_IFTYPE_NAN: |
| 9538 | default: |
| 9539 | return -EOPNOTSUPP; |
| 9540 | } |
| 9541 | |
| 9542 | if (info->attrs[NL80211_ATTR_DURATION]) { |
| 9543 | if (!(rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX)) |
| 9544 | return -EINVAL; |
| 9545 | params.wait = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]); |
| 9546 | |
| 9547 | /* |
| 9548 | * We should wait on the channel for at least a minimum amount |
| 9549 | * of time (10ms) but no longer than the driver supports. |
| 9550 | */ |
| 9551 | if (params.wait < NL80211_MIN_REMAIN_ON_CHANNEL_TIME || |
| 9552 | params.wait > rdev->wiphy.max_remain_on_channel_duration) |
| 9553 | return -EINVAL; |
| 9554 | } |
| 9555 | |
| 9556 | params.offchan = info->attrs[NL80211_ATTR_OFFCHANNEL_TX_OK]; |
| 9557 | |
| 9558 | if (params.offchan && !(rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX)) |
| 9559 | return -EINVAL; |
| 9560 | |
| 9561 | params.no_cck = nla_get_flag(info->attrs[NL80211_ATTR_TX_NO_CCK_RATE]); |
| 9562 | |
| 9563 | /* get the channel if any has been specified, otherwise pass NULL to |
| 9564 | * the driver. The latter will use the current one |
| 9565 | */ |
| 9566 | chandef.chan = NULL; |
| 9567 | if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { |
| 9568 | err = nl80211_parse_chandef(rdev, info, &chandef); |
| 9569 | if (err) |
| 9570 | return err; |
| 9571 | } |
| 9572 | |
| 9573 | if (!chandef.chan && params.offchan) |
| 9574 | return -EINVAL; |
| 9575 | |
| 9576 | wdev_lock(wdev); |
| 9577 | if (params.offchan && !cfg80211_off_channel_oper_allowed(wdev)) { |
| 9578 | wdev_unlock(wdev); |
| 9579 | return -EBUSY; |
| 9580 | } |
| 9581 | wdev_unlock(wdev); |
| 9582 | |
| 9583 | params.buf = nla_data(info->attrs[NL80211_ATTR_FRAME]); |
| 9584 | params.len = nla_len(info->attrs[NL80211_ATTR_FRAME]); |
| 9585 | |
| 9586 | if (info->attrs[NL80211_ATTR_CSA_C_OFFSETS_TX]) { |
| 9587 | int len = nla_len(info->attrs[NL80211_ATTR_CSA_C_OFFSETS_TX]); |
| 9588 | int i; |
| 9589 | |
| 9590 | if (len % sizeof(u16)) |
| 9591 | return -EINVAL; |
| 9592 | |
| 9593 | params.n_csa_offsets = len / sizeof(u16); |
| 9594 | params.csa_offsets = |
| 9595 | nla_data(info->attrs[NL80211_ATTR_CSA_C_OFFSETS_TX]); |
| 9596 | |
| 9597 | /* check that all the offsets fit the frame */ |
| 9598 | for (i = 0; i < params.n_csa_offsets; i++) { |
| 9599 | if (params.csa_offsets[i] >= params.len) |
| 9600 | return -EINVAL; |
| 9601 | } |
| 9602 | } |
| 9603 | |
| 9604 | if (!params.dont_wait_for_ack) { |
| 9605 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); |
| 9606 | if (!msg) |
| 9607 | return -ENOMEM; |
| 9608 | |
| 9609 | hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0, |
| 9610 | NL80211_CMD_FRAME); |
| 9611 | if (!hdr) { |
| 9612 | err = -ENOBUFS; |
| 9613 | goto free_msg; |
| 9614 | } |
| 9615 | } |
| 9616 | |
| 9617 | params.chan = chandef.chan; |
| 9618 | err = cfg80211_mlme_mgmt_tx(rdev, wdev, ¶ms, &cookie); |
| 9619 | if (err) |
| 9620 | goto free_msg; |
| 9621 | |
| 9622 | if (msg) { |
| 9623 | if (nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, cookie, |
| 9624 | NL80211_ATTR_PAD)) |
| 9625 | goto nla_put_failure; |
| 9626 | |
| 9627 | genlmsg_end(msg, hdr); |
| 9628 | return genlmsg_reply(msg, info); |
| 9629 | } |
| 9630 | |
| 9631 | return 0; |
| 9632 | |
| 9633 | nla_put_failure: |
| 9634 | err = -ENOBUFS; |
| 9635 | free_msg: |
| 9636 | nlmsg_free(msg); |
| 9637 | return err; |
| 9638 | } |
| 9639 | |
| 9640 | static int nl80211_tx_mgmt_cancel_wait(struct sk_buff *skb, struct genl_info *info) |
| 9641 | { |
| 9642 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 9643 | struct wireless_dev *wdev = info->user_ptr[1]; |
| 9644 | u64 cookie; |
| 9645 | |
| 9646 | if (!info->attrs[NL80211_ATTR_COOKIE]) |
| 9647 | return -EINVAL; |
| 9648 | |
| 9649 | if (!rdev->ops->mgmt_tx_cancel_wait) |
| 9650 | return -EOPNOTSUPP; |
| 9651 | |
| 9652 | switch (wdev->iftype) { |
| 9653 | case NL80211_IFTYPE_STATION: |
| 9654 | case NL80211_IFTYPE_ADHOC: |
| 9655 | case NL80211_IFTYPE_P2P_CLIENT: |
| 9656 | case NL80211_IFTYPE_AP: |
| 9657 | case NL80211_IFTYPE_AP_VLAN: |
| 9658 | case NL80211_IFTYPE_P2P_GO: |
| 9659 | case NL80211_IFTYPE_P2P_DEVICE: |
| 9660 | break; |
| 9661 | case NL80211_IFTYPE_NAN: |
| 9662 | default: |
| 9663 | return -EOPNOTSUPP; |
| 9664 | } |
| 9665 | |
| 9666 | cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]); |
| 9667 | |
| 9668 | return rdev_mgmt_tx_cancel_wait(rdev, wdev, cookie); |
| 9669 | } |
| 9670 | |
| 9671 | static int nl80211_set_power_save(struct sk_buff *skb, struct genl_info *info) |
| 9672 | { |
| 9673 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 9674 | struct wireless_dev *wdev; |
| 9675 | struct net_device *dev = info->user_ptr[1]; |
| 9676 | u8 ps_state; |
| 9677 | bool state; |
| 9678 | int err; |
| 9679 | |
| 9680 | if (!info->attrs[NL80211_ATTR_PS_STATE]) |
| 9681 | return -EINVAL; |
| 9682 | |
| 9683 | ps_state = nla_get_u32(info->attrs[NL80211_ATTR_PS_STATE]); |
| 9684 | |
| 9685 | if (ps_state != NL80211_PS_DISABLED && ps_state != NL80211_PS_ENABLED) |
| 9686 | return -EINVAL; |
| 9687 | |
| 9688 | wdev = dev->ieee80211_ptr; |
| 9689 | |
| 9690 | if (!rdev->ops->set_power_mgmt) |
| 9691 | return -EOPNOTSUPP; |
| 9692 | |
| 9693 | state = (ps_state == NL80211_PS_ENABLED) ? true : false; |
| 9694 | |
| 9695 | if (state == wdev->ps) |
| 9696 | return 0; |
| 9697 | |
| 9698 | err = rdev_set_power_mgmt(rdev, dev, state, wdev->ps_timeout); |
| 9699 | if (!err) |
| 9700 | wdev->ps = state; |
| 9701 | return err; |
| 9702 | } |
| 9703 | |
| 9704 | static int nl80211_get_power_save(struct sk_buff *skb, struct genl_info *info) |
| 9705 | { |
| 9706 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 9707 | enum nl80211_ps_state ps_state; |
| 9708 | struct wireless_dev *wdev; |
| 9709 | struct net_device *dev = info->user_ptr[1]; |
| 9710 | struct sk_buff *msg; |
| 9711 | void *hdr; |
| 9712 | int err; |
| 9713 | |
| 9714 | wdev = dev->ieee80211_ptr; |
| 9715 | |
| 9716 | if (!rdev->ops->set_power_mgmt) |
| 9717 | return -EOPNOTSUPP; |
| 9718 | |
| 9719 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); |
| 9720 | if (!msg) |
| 9721 | return -ENOMEM; |
| 9722 | |
| 9723 | hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0, |
| 9724 | NL80211_CMD_GET_POWER_SAVE); |
| 9725 | if (!hdr) { |
| 9726 | err = -ENOBUFS; |
| 9727 | goto free_msg; |
| 9728 | } |
| 9729 | |
| 9730 | if (wdev->ps) |
| 9731 | ps_state = NL80211_PS_ENABLED; |
| 9732 | else |
| 9733 | ps_state = NL80211_PS_DISABLED; |
| 9734 | |
| 9735 | if (nla_put_u32(msg, NL80211_ATTR_PS_STATE, ps_state)) |
| 9736 | goto nla_put_failure; |
| 9737 | |
| 9738 | genlmsg_end(msg, hdr); |
| 9739 | return genlmsg_reply(msg, info); |
| 9740 | |
| 9741 | nla_put_failure: |
| 9742 | err = -ENOBUFS; |
| 9743 | free_msg: |
| 9744 | nlmsg_free(msg); |
| 9745 | return err; |
| 9746 | } |
| 9747 | |
| 9748 | static const struct nla_policy |
| 9749 | nl80211_attr_cqm_policy[NL80211_ATTR_CQM_MAX + 1] = { |
| 9750 | [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_BINARY }, |
| 9751 | [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U32 }, |
| 9752 | [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 }, |
| 9753 | [NL80211_ATTR_CQM_TXE_RATE] = { .type = NLA_U32 }, |
| 9754 | [NL80211_ATTR_CQM_TXE_PKTS] = { .type = NLA_U32 }, |
| 9755 | [NL80211_ATTR_CQM_TXE_INTVL] = { .type = NLA_U32 }, |
| 9756 | [NL80211_ATTR_CQM_RSSI_LEVEL] = { .type = NLA_S32 }, |
| 9757 | }; |
| 9758 | |
| 9759 | static int nl80211_set_cqm_txe(struct genl_info *info, |
| 9760 | u32 rate, u32 pkts, u32 intvl) |
| 9761 | { |
| 9762 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 9763 | struct net_device *dev = info->user_ptr[1]; |
| 9764 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 9765 | |
| 9766 | if (rate > 100 || intvl > NL80211_CQM_TXE_MAX_INTVL) |
| 9767 | return -EINVAL; |
| 9768 | |
| 9769 | if (!rdev->ops->set_cqm_txe_config) |
| 9770 | return -EOPNOTSUPP; |
| 9771 | |
| 9772 | if (wdev->iftype != NL80211_IFTYPE_STATION && |
| 9773 | wdev->iftype != NL80211_IFTYPE_P2P_CLIENT) |
| 9774 | return -EOPNOTSUPP; |
| 9775 | |
| 9776 | return rdev_set_cqm_txe_config(rdev, dev, rate, pkts, intvl); |
| 9777 | } |
| 9778 | |
| 9779 | static int cfg80211_cqm_rssi_update(struct cfg80211_registered_device *rdev, |
| 9780 | struct net_device *dev) |
| 9781 | { |
| 9782 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 9783 | s32 last, low, high; |
| 9784 | u32 hyst; |
| 9785 | int i, n, low_index; |
| 9786 | int err; |
| 9787 | |
| 9788 | /* RSSI reporting disabled? */ |
| 9789 | if (!wdev->cqm_config) |
| 9790 | return rdev_set_cqm_rssi_range_config(rdev, dev, 0, 0); |
| 9791 | |
| 9792 | /* |
| 9793 | * Obtain current RSSI value if possible, if not and no RSSI threshold |
| 9794 | * event has been received yet, we should receive an event after a |
| 9795 | * connection is established and enough beacons received to calculate |
| 9796 | * the average. |
| 9797 | */ |
| 9798 | if (!wdev->cqm_config->last_rssi_event_value && wdev->current_bss && |
| 9799 | rdev->ops->get_station) { |
| 9800 | struct station_info sinfo; |
| 9801 | u8 *mac_addr; |
| 9802 | |
| 9803 | mac_addr = wdev->current_bss->pub.bssid; |
| 9804 | |
| 9805 | err = rdev_get_station(rdev, dev, mac_addr, &sinfo); |
| 9806 | if (err) |
| 9807 | return err; |
| 9808 | |
| 9809 | if (sinfo.filled & BIT(NL80211_STA_INFO_BEACON_SIGNAL_AVG)) |
| 9810 | wdev->cqm_config->last_rssi_event_value = |
| 9811 | (s8) sinfo.rx_beacon_signal_avg; |
| 9812 | } |
| 9813 | |
| 9814 | last = wdev->cqm_config->last_rssi_event_value; |
| 9815 | hyst = wdev->cqm_config->rssi_hyst; |
| 9816 | n = wdev->cqm_config->n_rssi_thresholds; |
| 9817 | |
| 9818 | for (i = 0; i < n; i++) { |
| 9819 | i = array_index_nospec(i, n); |
| 9820 | if (last < wdev->cqm_config->rssi_thresholds[i]) |
| 9821 | break; |
| 9822 | } |
| 9823 | |
| 9824 | low_index = i - 1; |
| 9825 | if (low_index >= 0) { |
| 9826 | low_index = array_index_nospec(low_index, n); |
| 9827 | low = wdev->cqm_config->rssi_thresholds[low_index] - hyst; |
| 9828 | } else { |
| 9829 | low = S32_MIN; |
| 9830 | } |
| 9831 | if (i < n) { |
| 9832 | i = array_index_nospec(i, n); |
| 9833 | high = wdev->cqm_config->rssi_thresholds[i] + hyst - 1; |
| 9834 | } else { |
| 9835 | high = S32_MAX; |
| 9836 | } |
| 9837 | |
| 9838 | return rdev_set_cqm_rssi_range_config(rdev, dev, low, high); |
| 9839 | } |
| 9840 | |
| 9841 | static int nl80211_set_cqm_rssi(struct genl_info *info, |
| 9842 | const s32 *thresholds, int n_thresholds, |
| 9843 | u32 hysteresis) |
| 9844 | { |
| 9845 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 9846 | struct net_device *dev = info->user_ptr[1]; |
| 9847 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 9848 | int i, err; |
| 9849 | s32 prev = S32_MIN; |
| 9850 | |
| 9851 | /* Check all values negative and sorted */ |
| 9852 | for (i = 0; i < n_thresholds; i++) { |
| 9853 | if (thresholds[i] > 0 || thresholds[i] <= prev) |
| 9854 | return -EINVAL; |
| 9855 | |
| 9856 | prev = thresholds[i]; |
| 9857 | } |
| 9858 | |
| 9859 | if (wdev->iftype != NL80211_IFTYPE_STATION && |
| 9860 | wdev->iftype != NL80211_IFTYPE_P2P_CLIENT) |
| 9861 | return -EOPNOTSUPP; |
| 9862 | |
| 9863 | wdev_lock(wdev); |
| 9864 | cfg80211_cqm_config_free(wdev); |
| 9865 | wdev_unlock(wdev); |
| 9866 | |
| 9867 | if (n_thresholds <= 1 && rdev->ops->set_cqm_rssi_config) { |
| 9868 | if (n_thresholds == 0 || thresholds[0] == 0) /* Disabling */ |
| 9869 | return rdev_set_cqm_rssi_config(rdev, dev, 0, 0); |
| 9870 | |
| 9871 | return rdev_set_cqm_rssi_config(rdev, dev, |
| 9872 | thresholds[0], hysteresis); |
| 9873 | } |
| 9874 | |
| 9875 | if (!wiphy_ext_feature_isset(&rdev->wiphy, |
| 9876 | NL80211_EXT_FEATURE_CQM_RSSI_LIST)) |
| 9877 | return -EOPNOTSUPP; |
| 9878 | |
| 9879 | if (n_thresholds == 1 && thresholds[0] == 0) /* Disabling */ |
| 9880 | n_thresholds = 0; |
| 9881 | |
| 9882 | wdev_lock(wdev); |
| 9883 | if (n_thresholds) { |
| 9884 | struct cfg80211_cqm_config *cqm_config; |
| 9885 | |
| 9886 | cqm_config = kzalloc(sizeof(struct cfg80211_cqm_config) + |
| 9887 | n_thresholds * sizeof(s32), GFP_KERNEL); |
| 9888 | if (!cqm_config) { |
| 9889 | err = -ENOMEM; |
| 9890 | goto unlock; |
| 9891 | } |
| 9892 | |
| 9893 | cqm_config->rssi_hyst = hysteresis; |
| 9894 | cqm_config->n_rssi_thresholds = n_thresholds; |
| 9895 | memcpy(cqm_config->rssi_thresholds, thresholds, |
| 9896 | n_thresholds * sizeof(s32)); |
| 9897 | |
| 9898 | wdev->cqm_config = cqm_config; |
| 9899 | } |
| 9900 | |
| 9901 | err = cfg80211_cqm_rssi_update(rdev, dev); |
| 9902 | |
| 9903 | unlock: |
| 9904 | wdev_unlock(wdev); |
| 9905 | |
| 9906 | return err; |
| 9907 | } |
| 9908 | |
| 9909 | static int nl80211_set_cqm(struct sk_buff *skb, struct genl_info *info) |
| 9910 | { |
| 9911 | struct nlattr *attrs[NL80211_ATTR_CQM_MAX + 1]; |
| 9912 | struct nlattr *cqm; |
| 9913 | int err; |
| 9914 | |
| 9915 | cqm = info->attrs[NL80211_ATTR_CQM]; |
| 9916 | if (!cqm) |
| 9917 | return -EINVAL; |
| 9918 | |
| 9919 | err = nla_parse_nested(attrs, NL80211_ATTR_CQM_MAX, cqm, |
| 9920 | nl80211_attr_cqm_policy, info->extack); |
| 9921 | if (err) |
| 9922 | return err; |
| 9923 | |
| 9924 | if (attrs[NL80211_ATTR_CQM_RSSI_THOLD] && |
| 9925 | attrs[NL80211_ATTR_CQM_RSSI_HYST]) { |
| 9926 | const s32 *thresholds = |
| 9927 | nla_data(attrs[NL80211_ATTR_CQM_RSSI_THOLD]); |
| 9928 | int len = nla_len(attrs[NL80211_ATTR_CQM_RSSI_THOLD]); |
| 9929 | u32 hysteresis = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_HYST]); |
| 9930 | |
| 9931 | if (len % 4) |
| 9932 | return -EINVAL; |
| 9933 | |
| 9934 | return nl80211_set_cqm_rssi(info, thresholds, len / 4, |
| 9935 | hysteresis); |
| 9936 | } |
| 9937 | |
| 9938 | if (attrs[NL80211_ATTR_CQM_TXE_RATE] && |
| 9939 | attrs[NL80211_ATTR_CQM_TXE_PKTS] && |
| 9940 | attrs[NL80211_ATTR_CQM_TXE_INTVL]) { |
| 9941 | u32 rate = nla_get_u32(attrs[NL80211_ATTR_CQM_TXE_RATE]); |
| 9942 | u32 pkts = nla_get_u32(attrs[NL80211_ATTR_CQM_TXE_PKTS]); |
| 9943 | u32 intvl = nla_get_u32(attrs[NL80211_ATTR_CQM_TXE_INTVL]); |
| 9944 | |
| 9945 | return nl80211_set_cqm_txe(info, rate, pkts, intvl); |
| 9946 | } |
| 9947 | |
| 9948 | return -EINVAL; |
| 9949 | } |
| 9950 | |
| 9951 | static int nl80211_join_ocb(struct sk_buff *skb, struct genl_info *info) |
| 9952 | { |
| 9953 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 9954 | struct net_device *dev = info->user_ptr[1]; |
| 9955 | struct ocb_setup setup = {}; |
| 9956 | int err; |
| 9957 | |
| 9958 | err = nl80211_parse_chandef(rdev, info, &setup.chandef); |
| 9959 | if (err) |
| 9960 | return err; |
| 9961 | |
| 9962 | return cfg80211_join_ocb(rdev, dev, &setup); |
| 9963 | } |
| 9964 | |
| 9965 | static int nl80211_leave_ocb(struct sk_buff *skb, struct genl_info *info) |
| 9966 | { |
| 9967 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 9968 | struct net_device *dev = info->user_ptr[1]; |
| 9969 | |
| 9970 | return cfg80211_leave_ocb(rdev, dev); |
| 9971 | } |
| 9972 | |
| 9973 | static int nl80211_join_mesh(struct sk_buff *skb, struct genl_info *info) |
| 9974 | { |
| 9975 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 9976 | struct net_device *dev = info->user_ptr[1]; |
| 9977 | struct mesh_config cfg; |
| 9978 | struct mesh_setup setup; |
| 9979 | int err; |
| 9980 | |
| 9981 | /* start with default */ |
| 9982 | memcpy(&cfg, &default_mesh_config, sizeof(cfg)); |
| 9983 | memcpy(&setup, &default_mesh_setup, sizeof(setup)); |
| 9984 | |
| 9985 | if (info->attrs[NL80211_ATTR_MESH_CONFIG]) { |
| 9986 | /* and parse parameters if given */ |
| 9987 | err = nl80211_parse_mesh_config(info, &cfg, NULL); |
| 9988 | if (err) |
| 9989 | return err; |
| 9990 | } |
| 9991 | |
| 9992 | if (!info->attrs[NL80211_ATTR_MESH_ID] || |
| 9993 | !nla_len(info->attrs[NL80211_ATTR_MESH_ID])) |
| 9994 | return -EINVAL; |
| 9995 | |
| 9996 | setup.mesh_id = nla_data(info->attrs[NL80211_ATTR_MESH_ID]); |
| 9997 | setup.mesh_id_len = nla_len(info->attrs[NL80211_ATTR_MESH_ID]); |
| 9998 | |
| 9999 | if (info->attrs[NL80211_ATTR_MCAST_RATE] && |
| 10000 | !nl80211_parse_mcast_rate(rdev, setup.mcast_rate, |
| 10001 | nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE]))) |
| 10002 | return -EINVAL; |
| 10003 | |
| 10004 | if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) { |
| 10005 | setup.beacon_interval = |
| 10006 | nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]); |
| 10007 | |
| 10008 | err = cfg80211_validate_beacon_int(rdev, |
| 10009 | NL80211_IFTYPE_MESH_POINT, |
| 10010 | setup.beacon_interval); |
| 10011 | if (err) |
| 10012 | return err; |
| 10013 | } |
| 10014 | |
| 10015 | if (info->attrs[NL80211_ATTR_DTIM_PERIOD]) { |
| 10016 | setup.dtim_period = |
| 10017 | nla_get_u32(info->attrs[NL80211_ATTR_DTIM_PERIOD]); |
| 10018 | if (setup.dtim_period < 1 || setup.dtim_period > 100) |
| 10019 | return -EINVAL; |
| 10020 | } |
| 10021 | |
| 10022 | if (info->attrs[NL80211_ATTR_MESH_SETUP]) { |
| 10023 | /* parse additional setup parameters if given */ |
| 10024 | err = nl80211_parse_mesh_setup(info, &setup); |
| 10025 | if (err) |
| 10026 | return err; |
| 10027 | } |
| 10028 | |
| 10029 | if (setup.user_mpm) |
| 10030 | cfg.auto_open_plinks = false; |
| 10031 | |
| 10032 | if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) { |
| 10033 | err = nl80211_parse_chandef(rdev, info, &setup.chandef); |
| 10034 | if (err) |
| 10035 | return err; |
| 10036 | } else { |
| 10037 | /* cfg80211_join_mesh() will sort it out */ |
| 10038 | setup.chandef.chan = NULL; |
| 10039 | } |
| 10040 | |
| 10041 | if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) { |
| 10042 | u8 *rates = nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); |
| 10043 | int n_rates = |
| 10044 | nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]); |
| 10045 | struct ieee80211_supported_band *sband; |
| 10046 | |
| 10047 | if (!setup.chandef.chan) |
| 10048 | return -EINVAL; |
| 10049 | |
| 10050 | sband = rdev->wiphy.bands[setup.chandef.chan->band]; |
| 10051 | |
| 10052 | err = ieee80211_get_ratemask(sband, rates, n_rates, |
| 10053 | &setup.basic_rates); |
| 10054 | if (err) |
| 10055 | return err; |
| 10056 | } |
| 10057 | |
| 10058 | if (info->attrs[NL80211_ATTR_TX_RATES]) { |
| 10059 | err = nl80211_parse_tx_bitrate_mask(info, &setup.beacon_rate); |
| 10060 | if (err) |
| 10061 | return err; |
| 10062 | |
| 10063 | if (!setup.chandef.chan) |
| 10064 | return -EINVAL; |
| 10065 | |
| 10066 | err = validate_beacon_tx_rate(rdev, setup.chandef.chan->band, |
| 10067 | &setup.beacon_rate); |
| 10068 | if (err) |
| 10069 | return err; |
| 10070 | } |
| 10071 | |
| 10072 | setup.userspace_handles_dfs = |
| 10073 | nla_get_flag(info->attrs[NL80211_ATTR_HANDLE_DFS]); |
| 10074 | |
| 10075 | return cfg80211_join_mesh(rdev, dev, &setup, &cfg); |
| 10076 | } |
| 10077 | |
| 10078 | static int nl80211_leave_mesh(struct sk_buff *skb, struct genl_info *info) |
| 10079 | { |
| 10080 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 10081 | struct net_device *dev = info->user_ptr[1]; |
| 10082 | |
| 10083 | return cfg80211_leave_mesh(rdev, dev); |
| 10084 | } |
| 10085 | |
| 10086 | #ifdef CONFIG_PM |
| 10087 | static int nl80211_send_wowlan_patterns(struct sk_buff *msg, |
| 10088 | struct cfg80211_registered_device *rdev) |
| 10089 | { |
| 10090 | struct cfg80211_wowlan *wowlan = rdev->wiphy.wowlan_config; |
| 10091 | struct nlattr *nl_pats, *nl_pat; |
| 10092 | int i, pat_len; |
| 10093 | |
| 10094 | if (!wowlan->n_patterns) |
| 10095 | return 0; |
| 10096 | |
| 10097 | nl_pats = nla_nest_start(msg, NL80211_WOWLAN_TRIG_PKT_PATTERN); |
| 10098 | if (!nl_pats) |
| 10099 | return -ENOBUFS; |
| 10100 | |
| 10101 | for (i = 0; i < wowlan->n_patterns; i++) { |
| 10102 | nl_pat = nla_nest_start(msg, i + 1); |
| 10103 | if (!nl_pat) |
| 10104 | return -ENOBUFS; |
| 10105 | pat_len = wowlan->patterns[i].pattern_len; |
| 10106 | if (nla_put(msg, NL80211_PKTPAT_MASK, DIV_ROUND_UP(pat_len, 8), |
| 10107 | wowlan->patterns[i].mask) || |
| 10108 | nla_put(msg, NL80211_PKTPAT_PATTERN, pat_len, |
| 10109 | wowlan->patterns[i].pattern) || |
| 10110 | nla_put_u32(msg, NL80211_PKTPAT_OFFSET, |
| 10111 | wowlan->patterns[i].pkt_offset)) |
| 10112 | return -ENOBUFS; |
| 10113 | nla_nest_end(msg, nl_pat); |
| 10114 | } |
| 10115 | nla_nest_end(msg, nl_pats); |
| 10116 | |
| 10117 | return 0; |
| 10118 | } |
| 10119 | |
| 10120 | static int nl80211_send_wowlan_tcp(struct sk_buff *msg, |
| 10121 | struct cfg80211_wowlan_tcp *tcp) |
| 10122 | { |
| 10123 | struct nlattr *nl_tcp; |
| 10124 | |
| 10125 | if (!tcp) |
| 10126 | return 0; |
| 10127 | |
| 10128 | nl_tcp = nla_nest_start(msg, NL80211_WOWLAN_TRIG_TCP_CONNECTION); |
| 10129 | if (!nl_tcp) |
| 10130 | return -ENOBUFS; |
| 10131 | |
| 10132 | if (nla_put_in_addr(msg, NL80211_WOWLAN_TCP_SRC_IPV4, tcp->src) || |
| 10133 | nla_put_in_addr(msg, NL80211_WOWLAN_TCP_DST_IPV4, tcp->dst) || |
| 10134 | nla_put(msg, NL80211_WOWLAN_TCP_DST_MAC, ETH_ALEN, tcp->dst_mac) || |
| 10135 | nla_put_u16(msg, NL80211_WOWLAN_TCP_SRC_PORT, tcp->src_port) || |
| 10136 | nla_put_u16(msg, NL80211_WOWLAN_TCP_DST_PORT, tcp->dst_port) || |
| 10137 | nla_put(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD, |
| 10138 | tcp->payload_len, tcp->payload) || |
| 10139 | nla_put_u32(msg, NL80211_WOWLAN_TCP_DATA_INTERVAL, |
| 10140 | tcp->data_interval) || |
| 10141 | nla_put(msg, NL80211_WOWLAN_TCP_WAKE_PAYLOAD, |
| 10142 | tcp->wake_len, tcp->wake_data) || |
| 10143 | nla_put(msg, NL80211_WOWLAN_TCP_WAKE_MASK, |
| 10144 | DIV_ROUND_UP(tcp->wake_len, 8), tcp->wake_mask)) |
| 10145 | return -ENOBUFS; |
| 10146 | |
| 10147 | if (tcp->payload_seq.len && |
| 10148 | nla_put(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ, |
| 10149 | sizeof(tcp->payload_seq), &tcp->payload_seq)) |
| 10150 | return -ENOBUFS; |
| 10151 | |
| 10152 | if (tcp->payload_tok.len && |
| 10153 | nla_put(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN, |
| 10154 | sizeof(tcp->payload_tok) + tcp->tokens_size, |
| 10155 | &tcp->payload_tok)) |
| 10156 | return -ENOBUFS; |
| 10157 | |
| 10158 | nla_nest_end(msg, nl_tcp); |
| 10159 | |
| 10160 | return 0; |
| 10161 | } |
| 10162 | |
| 10163 | static int nl80211_send_wowlan_nd(struct sk_buff *msg, |
| 10164 | struct cfg80211_sched_scan_request *req) |
| 10165 | { |
| 10166 | struct nlattr *nd, *freqs, *matches, *match, *scan_plans, *scan_plan; |
| 10167 | int i; |
| 10168 | |
| 10169 | if (!req) |
| 10170 | return 0; |
| 10171 | |
| 10172 | nd = nla_nest_start(msg, NL80211_WOWLAN_TRIG_NET_DETECT); |
| 10173 | if (!nd) |
| 10174 | return -ENOBUFS; |
| 10175 | |
| 10176 | if (req->n_scan_plans == 1 && |
| 10177 | nla_put_u32(msg, NL80211_ATTR_SCHED_SCAN_INTERVAL, |
| 10178 | req->scan_plans[0].interval * 1000)) |
| 10179 | return -ENOBUFS; |
| 10180 | |
| 10181 | if (nla_put_u32(msg, NL80211_ATTR_SCHED_SCAN_DELAY, req->delay)) |
| 10182 | return -ENOBUFS; |
| 10183 | |
| 10184 | if (req->relative_rssi_set) { |
| 10185 | struct nl80211_bss_select_rssi_adjust rssi_adjust; |
| 10186 | |
| 10187 | if (nla_put_s8(msg, NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI, |
| 10188 | req->relative_rssi)) |
| 10189 | return -ENOBUFS; |
| 10190 | |
| 10191 | rssi_adjust.band = req->rssi_adjust.band; |
| 10192 | rssi_adjust.delta = req->rssi_adjust.delta; |
| 10193 | if (nla_put(msg, NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST, |
| 10194 | sizeof(rssi_adjust), &rssi_adjust)) |
| 10195 | return -ENOBUFS; |
| 10196 | } |
| 10197 | |
| 10198 | freqs = nla_nest_start(msg, NL80211_ATTR_SCAN_FREQUENCIES); |
| 10199 | if (!freqs) |
| 10200 | return -ENOBUFS; |
| 10201 | |
| 10202 | for (i = 0; i < req->n_channels; i++) { |
| 10203 | if (nla_put_u32(msg, i, req->channels[i]->center_freq)) |
| 10204 | return -ENOBUFS; |
| 10205 | } |
| 10206 | |
| 10207 | nla_nest_end(msg, freqs); |
| 10208 | |
| 10209 | if (req->n_match_sets) { |
| 10210 | matches = nla_nest_start(msg, NL80211_ATTR_SCHED_SCAN_MATCH); |
| 10211 | if (!matches) |
| 10212 | return -ENOBUFS; |
| 10213 | |
| 10214 | for (i = 0; i < req->n_match_sets; i++) { |
| 10215 | match = nla_nest_start(msg, i); |
| 10216 | if (!match) |
| 10217 | return -ENOBUFS; |
| 10218 | |
| 10219 | if (nla_put(msg, NL80211_SCHED_SCAN_MATCH_ATTR_SSID, |
| 10220 | req->match_sets[i].ssid.ssid_len, |
| 10221 | req->match_sets[i].ssid.ssid)) |
| 10222 | return -ENOBUFS; |
| 10223 | nla_nest_end(msg, match); |
| 10224 | } |
| 10225 | nla_nest_end(msg, matches); |
| 10226 | } |
| 10227 | |
| 10228 | scan_plans = nla_nest_start(msg, NL80211_ATTR_SCHED_SCAN_PLANS); |
| 10229 | if (!scan_plans) |
| 10230 | return -ENOBUFS; |
| 10231 | |
| 10232 | for (i = 0; i < req->n_scan_plans; i++) { |
| 10233 | scan_plan = nla_nest_start(msg, i + 1); |
| 10234 | if (!scan_plan) |
| 10235 | return -ENOBUFS; |
| 10236 | |
| 10237 | if (!scan_plan || |
| 10238 | nla_put_u32(msg, NL80211_SCHED_SCAN_PLAN_INTERVAL, |
| 10239 | req->scan_plans[i].interval) || |
| 10240 | (req->scan_plans[i].iterations && |
| 10241 | nla_put_u32(msg, NL80211_SCHED_SCAN_PLAN_ITERATIONS, |
| 10242 | req->scan_plans[i].iterations))) |
| 10243 | return -ENOBUFS; |
| 10244 | nla_nest_end(msg, scan_plan); |
| 10245 | } |
| 10246 | nla_nest_end(msg, scan_plans); |
| 10247 | |
| 10248 | nla_nest_end(msg, nd); |
| 10249 | |
| 10250 | return 0; |
| 10251 | } |
| 10252 | |
| 10253 | static int nl80211_get_wowlan(struct sk_buff *skb, struct genl_info *info) |
| 10254 | { |
| 10255 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 10256 | struct sk_buff *msg; |
| 10257 | void *hdr; |
| 10258 | u32 size = NLMSG_DEFAULT_SIZE; |
| 10259 | |
| 10260 | if (!rdev->wiphy.wowlan) |
| 10261 | return -EOPNOTSUPP; |
| 10262 | |
| 10263 | if (rdev->wiphy.wowlan_config && rdev->wiphy.wowlan_config->tcp) { |
| 10264 | /* adjust size to have room for all the data */ |
| 10265 | size += rdev->wiphy.wowlan_config->tcp->tokens_size + |
| 10266 | rdev->wiphy.wowlan_config->tcp->payload_len + |
| 10267 | rdev->wiphy.wowlan_config->tcp->wake_len + |
| 10268 | rdev->wiphy.wowlan_config->tcp->wake_len / 8; |
| 10269 | } |
| 10270 | |
| 10271 | msg = nlmsg_new(size, GFP_KERNEL); |
| 10272 | if (!msg) |
| 10273 | return -ENOMEM; |
| 10274 | |
| 10275 | hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0, |
| 10276 | NL80211_CMD_GET_WOWLAN); |
| 10277 | if (!hdr) |
| 10278 | goto nla_put_failure; |
| 10279 | |
| 10280 | if (rdev->wiphy.wowlan_config) { |
| 10281 | struct nlattr *nl_wowlan; |
| 10282 | |
| 10283 | nl_wowlan = nla_nest_start(msg, NL80211_ATTR_WOWLAN_TRIGGERS); |
| 10284 | if (!nl_wowlan) |
| 10285 | goto nla_put_failure; |
| 10286 | |
| 10287 | if ((rdev->wiphy.wowlan_config->any && |
| 10288 | nla_put_flag(msg, NL80211_WOWLAN_TRIG_ANY)) || |
| 10289 | (rdev->wiphy.wowlan_config->disconnect && |
| 10290 | nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT)) || |
| 10291 | (rdev->wiphy.wowlan_config->magic_pkt && |
| 10292 | nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT)) || |
| 10293 | (rdev->wiphy.wowlan_config->gtk_rekey_failure && |
| 10294 | nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE)) || |
| 10295 | (rdev->wiphy.wowlan_config->eap_identity_req && |
| 10296 | nla_put_flag(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST)) || |
| 10297 | (rdev->wiphy.wowlan_config->four_way_handshake && |
| 10298 | nla_put_flag(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE)) || |
| 10299 | (rdev->wiphy.wowlan_config->rfkill_release && |
| 10300 | nla_put_flag(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE))) |
| 10301 | goto nla_put_failure; |
| 10302 | |
| 10303 | if (nl80211_send_wowlan_patterns(msg, rdev)) |
| 10304 | goto nla_put_failure; |
| 10305 | |
| 10306 | if (nl80211_send_wowlan_tcp(msg, |
| 10307 | rdev->wiphy.wowlan_config->tcp)) |
| 10308 | goto nla_put_failure; |
| 10309 | |
| 10310 | if (nl80211_send_wowlan_nd( |
| 10311 | msg, |
| 10312 | rdev->wiphy.wowlan_config->nd_config)) |
| 10313 | goto nla_put_failure; |
| 10314 | |
| 10315 | nla_nest_end(msg, nl_wowlan); |
| 10316 | } |
| 10317 | |
| 10318 | genlmsg_end(msg, hdr); |
| 10319 | return genlmsg_reply(msg, info); |
| 10320 | |
| 10321 | nla_put_failure: |
| 10322 | nlmsg_free(msg); |
| 10323 | return -ENOBUFS; |
| 10324 | } |
| 10325 | |
| 10326 | static int nl80211_parse_wowlan_tcp(struct cfg80211_registered_device *rdev, |
| 10327 | struct nlattr *attr, |
| 10328 | struct cfg80211_wowlan *trig) |
| 10329 | { |
| 10330 | struct nlattr *tb[NUM_NL80211_WOWLAN_TCP]; |
| 10331 | struct cfg80211_wowlan_tcp *cfg; |
| 10332 | struct nl80211_wowlan_tcp_data_token *tok = NULL; |
| 10333 | struct nl80211_wowlan_tcp_data_seq *seq = NULL; |
| 10334 | u32 size; |
| 10335 | u32 data_size, wake_size, tokens_size = 0, wake_mask_size; |
| 10336 | int err, port; |
| 10337 | |
| 10338 | if (!rdev->wiphy.wowlan->tcp) |
| 10339 | return -EINVAL; |
| 10340 | |
| 10341 | err = nla_parse_nested(tb, MAX_NL80211_WOWLAN_TCP, attr, |
| 10342 | nl80211_wowlan_tcp_policy, NULL); |
| 10343 | if (err) |
| 10344 | return err; |
| 10345 | |
| 10346 | if (!tb[NL80211_WOWLAN_TCP_SRC_IPV4] || |
| 10347 | !tb[NL80211_WOWLAN_TCP_DST_IPV4] || |
| 10348 | !tb[NL80211_WOWLAN_TCP_DST_MAC] || |
| 10349 | !tb[NL80211_WOWLAN_TCP_DST_PORT] || |
| 10350 | !tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD] || |
| 10351 | !tb[NL80211_WOWLAN_TCP_DATA_INTERVAL] || |
| 10352 | !tb[NL80211_WOWLAN_TCP_WAKE_PAYLOAD] || |
| 10353 | !tb[NL80211_WOWLAN_TCP_WAKE_MASK]) |
| 10354 | return -EINVAL; |
| 10355 | |
| 10356 | data_size = nla_len(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD]); |
| 10357 | if (data_size > rdev->wiphy.wowlan->tcp->data_payload_max) |
| 10358 | return -EINVAL; |
| 10359 | |
| 10360 | if (nla_get_u32(tb[NL80211_WOWLAN_TCP_DATA_INTERVAL]) > |
| 10361 | rdev->wiphy.wowlan->tcp->data_interval_max || |
| 10362 | nla_get_u32(tb[NL80211_WOWLAN_TCP_DATA_INTERVAL]) == 0) |
| 10363 | return -EINVAL; |
| 10364 | |
| 10365 | wake_size = nla_len(tb[NL80211_WOWLAN_TCP_WAKE_PAYLOAD]); |
| 10366 | if (wake_size > rdev->wiphy.wowlan->tcp->wake_payload_max) |
| 10367 | return -EINVAL; |
| 10368 | |
| 10369 | wake_mask_size = nla_len(tb[NL80211_WOWLAN_TCP_WAKE_MASK]); |
| 10370 | if (wake_mask_size != DIV_ROUND_UP(wake_size, 8)) |
| 10371 | return -EINVAL; |
| 10372 | |
| 10373 | if (tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN]) { |
| 10374 | u32 tokln = nla_len(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN]); |
| 10375 | |
| 10376 | tok = nla_data(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN]); |
| 10377 | tokens_size = tokln - sizeof(*tok); |
| 10378 | |
| 10379 | if (!tok->len || tokens_size % tok->len) |
| 10380 | return -EINVAL; |
| 10381 | if (!rdev->wiphy.wowlan->tcp->tok) |
| 10382 | return -EINVAL; |
| 10383 | if (tok->len > rdev->wiphy.wowlan->tcp->tok->max_len) |
| 10384 | return -EINVAL; |
| 10385 | if (tok->len < rdev->wiphy.wowlan->tcp->tok->min_len) |
| 10386 | return -EINVAL; |
| 10387 | if (tokens_size > rdev->wiphy.wowlan->tcp->tok->bufsize) |
| 10388 | return -EINVAL; |
| 10389 | if (tok->offset + tok->len > data_size) |
| 10390 | return -EINVAL; |
| 10391 | } |
| 10392 | |
| 10393 | if (tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ]) { |
| 10394 | seq = nla_data(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ]); |
| 10395 | if (!rdev->wiphy.wowlan->tcp->seq) |
| 10396 | return -EINVAL; |
| 10397 | if (seq->len == 0 || seq->len > 4) |
| 10398 | return -EINVAL; |
| 10399 | if (seq->len + seq->offset > data_size) |
| 10400 | return -EINVAL; |
| 10401 | } |
| 10402 | |
| 10403 | size = sizeof(*cfg); |
| 10404 | size += data_size; |
| 10405 | size += wake_size + wake_mask_size; |
| 10406 | size += tokens_size; |
| 10407 | |
| 10408 | cfg = kzalloc(size, GFP_KERNEL); |
| 10409 | if (!cfg) |
| 10410 | return -ENOMEM; |
| 10411 | cfg->src = nla_get_in_addr(tb[NL80211_WOWLAN_TCP_SRC_IPV4]); |
| 10412 | cfg->dst = nla_get_in_addr(tb[NL80211_WOWLAN_TCP_DST_IPV4]); |
| 10413 | memcpy(cfg->dst_mac, nla_data(tb[NL80211_WOWLAN_TCP_DST_MAC]), |
| 10414 | ETH_ALEN); |
| 10415 | if (tb[NL80211_WOWLAN_TCP_SRC_PORT]) |
| 10416 | port = nla_get_u16(tb[NL80211_WOWLAN_TCP_SRC_PORT]); |
| 10417 | else |
| 10418 | port = 0; |
| 10419 | #ifdef CONFIG_INET |
| 10420 | /* allocate a socket and port for it and use it */ |
| 10421 | err = __sock_create(wiphy_net(&rdev->wiphy), PF_INET, SOCK_STREAM, |
| 10422 | IPPROTO_TCP, &cfg->sock, 1); |
| 10423 | if (err) { |
| 10424 | kfree(cfg); |
| 10425 | return err; |
| 10426 | } |
| 10427 | if (inet_csk_get_port(cfg->sock->sk, port)) { |
| 10428 | sock_release(cfg->sock); |
| 10429 | kfree(cfg); |
| 10430 | return -EADDRINUSE; |
| 10431 | } |
| 10432 | cfg->src_port = inet_sk(cfg->sock->sk)->inet_num; |
| 10433 | #else |
| 10434 | if (!port) { |
| 10435 | kfree(cfg); |
| 10436 | return -EINVAL; |
| 10437 | } |
| 10438 | cfg->src_port = port; |
| 10439 | #endif |
| 10440 | |
| 10441 | cfg->dst_port = nla_get_u16(tb[NL80211_WOWLAN_TCP_DST_PORT]); |
| 10442 | cfg->payload_len = data_size; |
| 10443 | cfg->payload = (u8 *)cfg + sizeof(*cfg) + tokens_size; |
| 10444 | memcpy((void *)cfg->payload, |
| 10445 | nla_data(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD]), |
| 10446 | data_size); |
| 10447 | if (seq) |
| 10448 | cfg->payload_seq = *seq; |
| 10449 | cfg->data_interval = nla_get_u32(tb[NL80211_WOWLAN_TCP_DATA_INTERVAL]); |
| 10450 | cfg->wake_len = wake_size; |
| 10451 | cfg->wake_data = (u8 *)cfg + sizeof(*cfg) + tokens_size + data_size; |
| 10452 | memcpy((void *)cfg->wake_data, |
| 10453 | nla_data(tb[NL80211_WOWLAN_TCP_WAKE_PAYLOAD]), |
| 10454 | wake_size); |
| 10455 | cfg->wake_mask = (u8 *)cfg + sizeof(*cfg) + tokens_size + |
| 10456 | data_size + wake_size; |
| 10457 | memcpy((void *)cfg->wake_mask, |
| 10458 | nla_data(tb[NL80211_WOWLAN_TCP_WAKE_MASK]), |
| 10459 | wake_mask_size); |
| 10460 | if (tok) { |
| 10461 | cfg->tokens_size = tokens_size; |
| 10462 | memcpy(&cfg->payload_tok, tok, sizeof(*tok) + tokens_size); |
| 10463 | } |
| 10464 | |
| 10465 | trig->tcp = cfg; |
| 10466 | |
| 10467 | return 0; |
| 10468 | } |
| 10469 | |
| 10470 | static int nl80211_parse_wowlan_nd(struct cfg80211_registered_device *rdev, |
| 10471 | const struct wiphy_wowlan_support *wowlan, |
| 10472 | struct nlattr *attr, |
| 10473 | struct cfg80211_wowlan *trig) |
| 10474 | { |
| 10475 | struct nlattr **tb; |
| 10476 | int err; |
| 10477 | |
| 10478 | tb = kzalloc(NUM_NL80211_ATTR * sizeof(*tb), GFP_KERNEL); |
| 10479 | if (!tb) |
| 10480 | return -ENOMEM; |
| 10481 | |
| 10482 | if (!(wowlan->flags & WIPHY_WOWLAN_NET_DETECT)) { |
| 10483 | err = -EOPNOTSUPP; |
| 10484 | goto out; |
| 10485 | } |
| 10486 | |
| 10487 | err = nla_parse_nested(tb, NL80211_ATTR_MAX, attr, nl80211_policy, |
| 10488 | NULL); |
| 10489 | if (err) |
| 10490 | goto out; |
| 10491 | |
| 10492 | trig->nd_config = nl80211_parse_sched_scan(&rdev->wiphy, NULL, tb, |
| 10493 | wowlan->max_nd_match_sets); |
| 10494 | err = PTR_ERR_OR_ZERO(trig->nd_config); |
| 10495 | if (err) |
| 10496 | trig->nd_config = NULL; |
| 10497 | |
| 10498 | out: |
| 10499 | kfree(tb); |
| 10500 | return err; |
| 10501 | } |
| 10502 | |
| 10503 | static int nl80211_set_wowlan(struct sk_buff *skb, struct genl_info *info) |
| 10504 | { |
| 10505 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 10506 | struct nlattr *tb[NUM_NL80211_WOWLAN_TRIG]; |
| 10507 | struct cfg80211_wowlan new_triggers = {}; |
| 10508 | struct cfg80211_wowlan *ntrig; |
| 10509 | const struct wiphy_wowlan_support *wowlan = rdev->wiphy.wowlan; |
| 10510 | int err, i; |
| 10511 | bool prev_enabled = rdev->wiphy.wowlan_config; |
| 10512 | bool regular = false; |
| 10513 | |
| 10514 | if (!wowlan) |
| 10515 | return -EOPNOTSUPP; |
| 10516 | |
| 10517 | if (!info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]) { |
| 10518 | cfg80211_rdev_free_wowlan(rdev); |
| 10519 | rdev->wiphy.wowlan_config = NULL; |
| 10520 | goto set_wakeup; |
| 10521 | } |
| 10522 | |
| 10523 | err = nla_parse_nested(tb, MAX_NL80211_WOWLAN_TRIG, |
| 10524 | info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS], |
| 10525 | nl80211_wowlan_policy, info->extack); |
| 10526 | if (err) |
| 10527 | return err; |
| 10528 | |
| 10529 | if (tb[NL80211_WOWLAN_TRIG_ANY]) { |
| 10530 | if (!(wowlan->flags & WIPHY_WOWLAN_ANY)) |
| 10531 | return -EINVAL; |
| 10532 | new_triggers.any = true; |
| 10533 | } |
| 10534 | |
| 10535 | if (tb[NL80211_WOWLAN_TRIG_DISCONNECT]) { |
| 10536 | if (!(wowlan->flags & WIPHY_WOWLAN_DISCONNECT)) |
| 10537 | return -EINVAL; |
| 10538 | new_triggers.disconnect = true; |
| 10539 | regular = true; |
| 10540 | } |
| 10541 | |
| 10542 | if (tb[NL80211_WOWLAN_TRIG_MAGIC_PKT]) { |
| 10543 | if (!(wowlan->flags & WIPHY_WOWLAN_MAGIC_PKT)) |
| 10544 | return -EINVAL; |
| 10545 | new_triggers.magic_pkt = true; |
| 10546 | regular = true; |
| 10547 | } |
| 10548 | |
| 10549 | if (tb[NL80211_WOWLAN_TRIG_GTK_REKEY_SUPPORTED]) |
| 10550 | return -EINVAL; |
| 10551 | |
| 10552 | if (tb[NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE]) { |
| 10553 | if (!(wowlan->flags & WIPHY_WOWLAN_GTK_REKEY_FAILURE)) |
| 10554 | return -EINVAL; |
| 10555 | new_triggers.gtk_rekey_failure = true; |
| 10556 | regular = true; |
| 10557 | } |
| 10558 | |
| 10559 | if (tb[NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST]) { |
| 10560 | if (!(wowlan->flags & WIPHY_WOWLAN_EAP_IDENTITY_REQ)) |
| 10561 | return -EINVAL; |
| 10562 | new_triggers.eap_identity_req = true; |
| 10563 | regular = true; |
| 10564 | } |
| 10565 | |
| 10566 | if (tb[NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE]) { |
| 10567 | if (!(wowlan->flags & WIPHY_WOWLAN_4WAY_HANDSHAKE)) |
| 10568 | return -EINVAL; |
| 10569 | new_triggers.four_way_handshake = true; |
| 10570 | regular = true; |
| 10571 | } |
| 10572 | |
| 10573 | if (tb[NL80211_WOWLAN_TRIG_RFKILL_RELEASE]) { |
| 10574 | if (!(wowlan->flags & WIPHY_WOWLAN_RFKILL_RELEASE)) |
| 10575 | return -EINVAL; |
| 10576 | new_triggers.rfkill_release = true; |
| 10577 | regular = true; |
| 10578 | } |
| 10579 | |
| 10580 | if (tb[NL80211_WOWLAN_TRIG_PKT_PATTERN]) { |
| 10581 | struct nlattr *pat; |
| 10582 | int n_patterns = 0; |
| 10583 | int rem, pat_len, mask_len, pkt_offset; |
| 10584 | struct nlattr *pat_tb[NUM_NL80211_PKTPAT]; |
| 10585 | |
| 10586 | regular = true; |
| 10587 | |
| 10588 | nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN], |
| 10589 | rem) |
| 10590 | n_patterns++; |
| 10591 | if (n_patterns > wowlan->n_patterns) |
| 10592 | return -EINVAL; |
| 10593 | |
| 10594 | new_triggers.patterns = kcalloc(n_patterns, |
| 10595 | sizeof(new_triggers.patterns[0]), |
| 10596 | GFP_KERNEL); |
| 10597 | if (!new_triggers.patterns) |
| 10598 | return -ENOMEM; |
| 10599 | |
| 10600 | new_triggers.n_patterns = n_patterns; |
| 10601 | i = 0; |
| 10602 | |
| 10603 | nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN], |
| 10604 | rem) { |
| 10605 | u8 *mask_pat; |
| 10606 | |
| 10607 | err = nla_parse_nested(pat_tb, MAX_NL80211_PKTPAT, pat, |
| 10608 | nl80211_packet_pattern_policy, |
| 10609 | info->extack); |
| 10610 | if (err) |
| 10611 | goto error; |
| 10612 | |
| 10613 | err = -EINVAL; |
| 10614 | if (!pat_tb[NL80211_PKTPAT_MASK] || |
| 10615 | !pat_tb[NL80211_PKTPAT_PATTERN]) |
| 10616 | goto error; |
| 10617 | pat_len = nla_len(pat_tb[NL80211_PKTPAT_PATTERN]); |
| 10618 | mask_len = DIV_ROUND_UP(pat_len, 8); |
| 10619 | if (nla_len(pat_tb[NL80211_PKTPAT_MASK]) != mask_len) |
| 10620 | goto error; |
| 10621 | if (pat_len > wowlan->pattern_max_len || |
| 10622 | pat_len < wowlan->pattern_min_len) |
| 10623 | goto error; |
| 10624 | |
| 10625 | if (!pat_tb[NL80211_PKTPAT_OFFSET]) |
| 10626 | pkt_offset = 0; |
| 10627 | else |
| 10628 | pkt_offset = nla_get_u32( |
| 10629 | pat_tb[NL80211_PKTPAT_OFFSET]); |
| 10630 | if (pkt_offset > wowlan->max_pkt_offset) |
| 10631 | goto error; |
| 10632 | new_triggers.patterns[i].pkt_offset = pkt_offset; |
| 10633 | |
| 10634 | mask_pat = kmalloc(mask_len + pat_len, GFP_KERNEL); |
| 10635 | if (!mask_pat) { |
| 10636 | err = -ENOMEM; |
| 10637 | goto error; |
| 10638 | } |
| 10639 | new_triggers.patterns[i].mask = mask_pat; |
| 10640 | memcpy(mask_pat, nla_data(pat_tb[NL80211_PKTPAT_MASK]), |
| 10641 | mask_len); |
| 10642 | mask_pat += mask_len; |
| 10643 | new_triggers.patterns[i].pattern = mask_pat; |
| 10644 | new_triggers.patterns[i].pattern_len = pat_len; |
| 10645 | memcpy(mask_pat, |
| 10646 | nla_data(pat_tb[NL80211_PKTPAT_PATTERN]), |
| 10647 | pat_len); |
| 10648 | i++; |
| 10649 | } |
| 10650 | } |
| 10651 | |
| 10652 | if (tb[NL80211_WOWLAN_TRIG_TCP_CONNECTION]) { |
| 10653 | regular = true; |
| 10654 | err = nl80211_parse_wowlan_tcp( |
| 10655 | rdev, tb[NL80211_WOWLAN_TRIG_TCP_CONNECTION], |
| 10656 | &new_triggers); |
| 10657 | if (err) |
| 10658 | goto error; |
| 10659 | } |
| 10660 | |
| 10661 | if (tb[NL80211_WOWLAN_TRIG_NET_DETECT]) { |
| 10662 | regular = true; |
| 10663 | err = nl80211_parse_wowlan_nd( |
| 10664 | rdev, wowlan, tb[NL80211_WOWLAN_TRIG_NET_DETECT], |
| 10665 | &new_triggers); |
| 10666 | if (err) |
| 10667 | goto error; |
| 10668 | } |
| 10669 | |
| 10670 | /* The 'any' trigger means the device continues operating more or less |
| 10671 | * as in its normal operation mode and wakes up the host on most of the |
| 10672 | * normal interrupts (like packet RX, ...) |
| 10673 | * It therefore makes little sense to combine with the more constrained |
| 10674 | * wakeup trigger modes. |
| 10675 | */ |
| 10676 | if (new_triggers.any && regular) { |
| 10677 | err = -EINVAL; |
| 10678 | goto error; |
| 10679 | } |
| 10680 | |
| 10681 | ntrig = kmemdup(&new_triggers, sizeof(new_triggers), GFP_KERNEL); |
| 10682 | if (!ntrig) { |
| 10683 | err = -ENOMEM; |
| 10684 | goto error; |
| 10685 | } |
| 10686 | cfg80211_rdev_free_wowlan(rdev); |
| 10687 | rdev->wiphy.wowlan_config = ntrig; |
| 10688 | |
| 10689 | set_wakeup: |
| 10690 | if (rdev->ops->set_wakeup && |
| 10691 | prev_enabled != !!rdev->wiphy.wowlan_config) |
| 10692 | rdev_set_wakeup(rdev, rdev->wiphy.wowlan_config); |
| 10693 | |
| 10694 | return 0; |
| 10695 | error: |
| 10696 | for (i = 0; i < new_triggers.n_patterns; i++) |
| 10697 | kfree(new_triggers.patterns[i].mask); |
| 10698 | kfree(new_triggers.patterns); |
| 10699 | if (new_triggers.tcp && new_triggers.tcp->sock) |
| 10700 | sock_release(new_triggers.tcp->sock); |
| 10701 | kfree(new_triggers.tcp); |
| 10702 | kfree(new_triggers.nd_config); |
| 10703 | return err; |
| 10704 | } |
| 10705 | #endif |
| 10706 | |
| 10707 | static int nl80211_send_coalesce_rules(struct sk_buff *msg, |
| 10708 | struct cfg80211_registered_device *rdev) |
| 10709 | { |
| 10710 | struct nlattr *nl_pats, *nl_pat, *nl_rule, *nl_rules; |
| 10711 | int i, j, pat_len; |
| 10712 | struct cfg80211_coalesce_rules *rule; |
| 10713 | |
| 10714 | if (!rdev->coalesce->n_rules) |
| 10715 | return 0; |
| 10716 | |
| 10717 | nl_rules = nla_nest_start(msg, NL80211_ATTR_COALESCE_RULE); |
| 10718 | if (!nl_rules) |
| 10719 | return -ENOBUFS; |
| 10720 | |
| 10721 | for (i = 0; i < rdev->coalesce->n_rules; i++) { |
| 10722 | nl_rule = nla_nest_start(msg, i + 1); |
| 10723 | if (!nl_rule) |
| 10724 | return -ENOBUFS; |
| 10725 | |
| 10726 | rule = &rdev->coalesce->rules[i]; |
| 10727 | if (nla_put_u32(msg, NL80211_ATTR_COALESCE_RULE_DELAY, |
| 10728 | rule->delay)) |
| 10729 | return -ENOBUFS; |
| 10730 | |
| 10731 | if (nla_put_u32(msg, NL80211_ATTR_COALESCE_RULE_CONDITION, |
| 10732 | rule->condition)) |
| 10733 | return -ENOBUFS; |
| 10734 | |
| 10735 | nl_pats = nla_nest_start(msg, |
| 10736 | NL80211_ATTR_COALESCE_RULE_PKT_PATTERN); |
| 10737 | if (!nl_pats) |
| 10738 | return -ENOBUFS; |
| 10739 | |
| 10740 | for (j = 0; j < rule->n_patterns; j++) { |
| 10741 | nl_pat = nla_nest_start(msg, j + 1); |
| 10742 | if (!nl_pat) |
| 10743 | return -ENOBUFS; |
| 10744 | pat_len = rule->patterns[j].pattern_len; |
| 10745 | if (nla_put(msg, NL80211_PKTPAT_MASK, |
| 10746 | DIV_ROUND_UP(pat_len, 8), |
| 10747 | rule->patterns[j].mask) || |
| 10748 | nla_put(msg, NL80211_PKTPAT_PATTERN, pat_len, |
| 10749 | rule->patterns[j].pattern) || |
| 10750 | nla_put_u32(msg, NL80211_PKTPAT_OFFSET, |
| 10751 | rule->patterns[j].pkt_offset)) |
| 10752 | return -ENOBUFS; |
| 10753 | nla_nest_end(msg, nl_pat); |
| 10754 | } |
| 10755 | nla_nest_end(msg, nl_pats); |
| 10756 | nla_nest_end(msg, nl_rule); |
| 10757 | } |
| 10758 | nla_nest_end(msg, nl_rules); |
| 10759 | |
| 10760 | return 0; |
| 10761 | } |
| 10762 | |
| 10763 | static int nl80211_get_coalesce(struct sk_buff *skb, struct genl_info *info) |
| 10764 | { |
| 10765 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 10766 | struct sk_buff *msg; |
| 10767 | void *hdr; |
| 10768 | |
| 10769 | if (!rdev->wiphy.coalesce) |
| 10770 | return -EOPNOTSUPP; |
| 10771 | |
| 10772 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); |
| 10773 | if (!msg) |
| 10774 | return -ENOMEM; |
| 10775 | |
| 10776 | hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0, |
| 10777 | NL80211_CMD_GET_COALESCE); |
| 10778 | if (!hdr) |
| 10779 | goto nla_put_failure; |
| 10780 | |
| 10781 | if (rdev->coalesce && nl80211_send_coalesce_rules(msg, rdev)) |
| 10782 | goto nla_put_failure; |
| 10783 | |
| 10784 | genlmsg_end(msg, hdr); |
| 10785 | return genlmsg_reply(msg, info); |
| 10786 | |
| 10787 | nla_put_failure: |
| 10788 | nlmsg_free(msg); |
| 10789 | return -ENOBUFS; |
| 10790 | } |
| 10791 | |
| 10792 | void cfg80211_rdev_free_coalesce(struct cfg80211_registered_device *rdev) |
| 10793 | { |
| 10794 | struct cfg80211_coalesce *coalesce = rdev->coalesce; |
| 10795 | int i, j; |
| 10796 | struct cfg80211_coalesce_rules *rule; |
| 10797 | |
| 10798 | if (!coalesce) |
| 10799 | return; |
| 10800 | |
| 10801 | for (i = 0; i < coalesce->n_rules; i++) { |
| 10802 | rule = &coalesce->rules[i]; |
| 10803 | for (j = 0; j < rule->n_patterns; j++) |
| 10804 | kfree(rule->patterns[j].mask); |
| 10805 | kfree(rule->patterns); |
| 10806 | } |
| 10807 | kfree(coalesce->rules); |
| 10808 | kfree(coalesce); |
| 10809 | rdev->coalesce = NULL; |
| 10810 | } |
| 10811 | |
| 10812 | static int nl80211_parse_coalesce_rule(struct cfg80211_registered_device *rdev, |
| 10813 | struct nlattr *rule, |
| 10814 | struct cfg80211_coalesce_rules *new_rule) |
| 10815 | { |
| 10816 | int err, i; |
| 10817 | const struct wiphy_coalesce_support *coalesce = rdev->wiphy.coalesce; |
| 10818 | struct nlattr *tb[NUM_NL80211_ATTR_COALESCE_RULE], *pat; |
| 10819 | int rem, pat_len, mask_len, pkt_offset, n_patterns = 0; |
| 10820 | struct nlattr *pat_tb[NUM_NL80211_PKTPAT]; |
| 10821 | |
| 10822 | err = nla_parse_nested(tb, NL80211_ATTR_COALESCE_RULE_MAX, rule, |
| 10823 | nl80211_coalesce_policy, NULL); |
| 10824 | if (err) |
| 10825 | return err; |
| 10826 | |
| 10827 | if (tb[NL80211_ATTR_COALESCE_RULE_DELAY]) |
| 10828 | new_rule->delay = |
| 10829 | nla_get_u32(tb[NL80211_ATTR_COALESCE_RULE_DELAY]); |
| 10830 | if (new_rule->delay > coalesce->max_delay) |
| 10831 | return -EINVAL; |
| 10832 | |
| 10833 | if (tb[NL80211_ATTR_COALESCE_RULE_CONDITION]) |
| 10834 | new_rule->condition = |
| 10835 | nla_get_u32(tb[NL80211_ATTR_COALESCE_RULE_CONDITION]); |
| 10836 | if (new_rule->condition != NL80211_COALESCE_CONDITION_MATCH && |
| 10837 | new_rule->condition != NL80211_COALESCE_CONDITION_NO_MATCH) |
| 10838 | return -EINVAL; |
| 10839 | |
| 10840 | if (!tb[NL80211_ATTR_COALESCE_RULE_PKT_PATTERN]) |
| 10841 | return -EINVAL; |
| 10842 | |
| 10843 | nla_for_each_nested(pat, tb[NL80211_ATTR_COALESCE_RULE_PKT_PATTERN], |
| 10844 | rem) |
| 10845 | n_patterns++; |
| 10846 | if (n_patterns > coalesce->n_patterns) |
| 10847 | return -EINVAL; |
| 10848 | |
| 10849 | new_rule->patterns = kcalloc(n_patterns, sizeof(new_rule->patterns[0]), |
| 10850 | GFP_KERNEL); |
| 10851 | if (!new_rule->patterns) |
| 10852 | return -ENOMEM; |
| 10853 | |
| 10854 | new_rule->n_patterns = n_patterns; |
| 10855 | i = 0; |
| 10856 | |
| 10857 | nla_for_each_nested(pat, tb[NL80211_ATTR_COALESCE_RULE_PKT_PATTERN], |
| 10858 | rem) { |
| 10859 | u8 *mask_pat; |
| 10860 | |
| 10861 | err = nla_parse_nested(pat_tb, MAX_NL80211_PKTPAT, pat, |
| 10862 | nl80211_packet_pattern_policy, NULL); |
| 10863 | if (err) |
| 10864 | return err; |
| 10865 | |
| 10866 | if (!pat_tb[NL80211_PKTPAT_MASK] || |
| 10867 | !pat_tb[NL80211_PKTPAT_PATTERN]) |
| 10868 | return -EINVAL; |
| 10869 | pat_len = nla_len(pat_tb[NL80211_PKTPAT_PATTERN]); |
| 10870 | mask_len = DIV_ROUND_UP(pat_len, 8); |
| 10871 | if (nla_len(pat_tb[NL80211_PKTPAT_MASK]) != mask_len) |
| 10872 | return -EINVAL; |
| 10873 | if (pat_len > coalesce->pattern_max_len || |
| 10874 | pat_len < coalesce->pattern_min_len) |
| 10875 | return -EINVAL; |
| 10876 | |
| 10877 | if (!pat_tb[NL80211_PKTPAT_OFFSET]) |
| 10878 | pkt_offset = 0; |
| 10879 | else |
| 10880 | pkt_offset = nla_get_u32(pat_tb[NL80211_PKTPAT_OFFSET]); |
| 10881 | if (pkt_offset > coalesce->max_pkt_offset) |
| 10882 | return -EINVAL; |
| 10883 | new_rule->patterns[i].pkt_offset = pkt_offset; |
| 10884 | |
| 10885 | mask_pat = kmalloc(mask_len + pat_len, GFP_KERNEL); |
| 10886 | if (!mask_pat) |
| 10887 | return -ENOMEM; |
| 10888 | |
| 10889 | new_rule->patterns[i].mask = mask_pat; |
| 10890 | memcpy(mask_pat, nla_data(pat_tb[NL80211_PKTPAT_MASK]), |
| 10891 | mask_len); |
| 10892 | |
| 10893 | mask_pat += mask_len; |
| 10894 | new_rule->patterns[i].pattern = mask_pat; |
| 10895 | new_rule->patterns[i].pattern_len = pat_len; |
| 10896 | memcpy(mask_pat, nla_data(pat_tb[NL80211_PKTPAT_PATTERN]), |
| 10897 | pat_len); |
| 10898 | i++; |
| 10899 | } |
| 10900 | |
| 10901 | return 0; |
| 10902 | } |
| 10903 | |
| 10904 | static int nl80211_set_coalesce(struct sk_buff *skb, struct genl_info *info) |
| 10905 | { |
| 10906 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 10907 | const struct wiphy_coalesce_support *coalesce = rdev->wiphy.coalesce; |
| 10908 | struct cfg80211_coalesce new_coalesce = {}; |
| 10909 | struct cfg80211_coalesce *n_coalesce; |
| 10910 | int err, rem_rule, n_rules = 0, i, j; |
| 10911 | struct nlattr *rule; |
| 10912 | struct cfg80211_coalesce_rules *tmp_rule; |
| 10913 | |
| 10914 | if (!rdev->wiphy.coalesce || !rdev->ops->set_coalesce) |
| 10915 | return -EOPNOTSUPP; |
| 10916 | |
| 10917 | if (!info->attrs[NL80211_ATTR_COALESCE_RULE]) { |
| 10918 | cfg80211_rdev_free_coalesce(rdev); |
| 10919 | rdev_set_coalesce(rdev, NULL); |
| 10920 | return 0; |
| 10921 | } |
| 10922 | |
| 10923 | nla_for_each_nested(rule, info->attrs[NL80211_ATTR_COALESCE_RULE], |
| 10924 | rem_rule) |
| 10925 | n_rules++; |
| 10926 | if (n_rules > coalesce->n_rules) |
| 10927 | return -EINVAL; |
| 10928 | |
| 10929 | new_coalesce.rules = kcalloc(n_rules, sizeof(new_coalesce.rules[0]), |
| 10930 | GFP_KERNEL); |
| 10931 | if (!new_coalesce.rules) |
| 10932 | return -ENOMEM; |
| 10933 | |
| 10934 | new_coalesce.n_rules = n_rules; |
| 10935 | i = 0; |
| 10936 | |
| 10937 | nla_for_each_nested(rule, info->attrs[NL80211_ATTR_COALESCE_RULE], |
| 10938 | rem_rule) { |
| 10939 | err = nl80211_parse_coalesce_rule(rdev, rule, |
| 10940 | &new_coalesce.rules[i]); |
| 10941 | if (err) |
| 10942 | goto error; |
| 10943 | |
| 10944 | i++; |
| 10945 | } |
| 10946 | |
| 10947 | err = rdev_set_coalesce(rdev, &new_coalesce); |
| 10948 | if (err) |
| 10949 | goto error; |
| 10950 | |
| 10951 | n_coalesce = kmemdup(&new_coalesce, sizeof(new_coalesce), GFP_KERNEL); |
| 10952 | if (!n_coalesce) { |
| 10953 | err = -ENOMEM; |
| 10954 | goto error; |
| 10955 | } |
| 10956 | cfg80211_rdev_free_coalesce(rdev); |
| 10957 | rdev->coalesce = n_coalesce; |
| 10958 | |
| 10959 | return 0; |
| 10960 | error: |
| 10961 | for (i = 0; i < new_coalesce.n_rules; i++) { |
| 10962 | tmp_rule = &new_coalesce.rules[i]; |
| 10963 | for (j = 0; j < tmp_rule->n_patterns; j++) |
| 10964 | kfree(tmp_rule->patterns[j].mask); |
| 10965 | kfree(tmp_rule->patterns); |
| 10966 | } |
| 10967 | kfree(new_coalesce.rules); |
| 10968 | |
| 10969 | return err; |
| 10970 | } |
| 10971 | |
| 10972 | static int nl80211_set_rekey_data(struct sk_buff *skb, struct genl_info *info) |
| 10973 | { |
| 10974 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 10975 | struct net_device *dev = info->user_ptr[1]; |
| 10976 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 10977 | struct nlattr *tb[NUM_NL80211_REKEY_DATA]; |
| 10978 | struct cfg80211_gtk_rekey_data rekey_data; |
| 10979 | int err; |
| 10980 | |
| 10981 | if (!info->attrs[NL80211_ATTR_REKEY_DATA]) |
| 10982 | return -EINVAL; |
| 10983 | |
| 10984 | err = nla_parse_nested(tb, MAX_NL80211_REKEY_DATA, |
| 10985 | info->attrs[NL80211_ATTR_REKEY_DATA], |
| 10986 | nl80211_rekey_policy, info->extack); |
| 10987 | if (err) |
| 10988 | return err; |
| 10989 | |
| 10990 | if (!tb[NL80211_REKEY_DATA_REPLAY_CTR] || !tb[NL80211_REKEY_DATA_KEK] || |
| 10991 | !tb[NL80211_REKEY_DATA_KCK]) |
| 10992 | return -EINVAL; |
| 10993 | if (nla_len(tb[NL80211_REKEY_DATA_REPLAY_CTR]) != NL80211_REPLAY_CTR_LEN) |
| 10994 | return -ERANGE; |
| 10995 | if (nla_len(tb[NL80211_REKEY_DATA_KEK]) != NL80211_KEK_LEN) |
| 10996 | return -ERANGE; |
| 10997 | if (nla_len(tb[NL80211_REKEY_DATA_KCK]) != NL80211_KCK_LEN) |
| 10998 | return -ERANGE; |
| 10999 | |
| 11000 | rekey_data.kek = nla_data(tb[NL80211_REKEY_DATA_KEK]); |
| 11001 | rekey_data.kck = nla_data(tb[NL80211_REKEY_DATA_KCK]); |
| 11002 | rekey_data.replay_ctr = nla_data(tb[NL80211_REKEY_DATA_REPLAY_CTR]); |
| 11003 | |
| 11004 | wdev_lock(wdev); |
| 11005 | if (!wdev->current_bss) { |
| 11006 | err = -ENOTCONN; |
| 11007 | goto out; |
| 11008 | } |
| 11009 | |
| 11010 | if (!rdev->ops->set_rekey_data) { |
| 11011 | err = -EOPNOTSUPP; |
| 11012 | goto out; |
| 11013 | } |
| 11014 | |
| 11015 | err = rdev_set_rekey_data(rdev, dev, &rekey_data); |
| 11016 | out: |
| 11017 | wdev_unlock(wdev); |
| 11018 | return err; |
| 11019 | } |
| 11020 | |
| 11021 | static int nl80211_register_unexpected_frame(struct sk_buff *skb, |
| 11022 | struct genl_info *info) |
| 11023 | { |
| 11024 | struct net_device *dev = info->user_ptr[1]; |
| 11025 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 11026 | |
| 11027 | if (wdev->iftype != NL80211_IFTYPE_AP && |
| 11028 | wdev->iftype != NL80211_IFTYPE_P2P_GO) |
| 11029 | return -EINVAL; |
| 11030 | |
| 11031 | if (wdev->ap_unexpected_nlportid) |
| 11032 | return -EBUSY; |
| 11033 | |
| 11034 | wdev->ap_unexpected_nlportid = info->snd_portid; |
| 11035 | return 0; |
| 11036 | } |
| 11037 | |
| 11038 | static int nl80211_probe_client(struct sk_buff *skb, |
| 11039 | struct genl_info *info) |
| 11040 | { |
| 11041 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 11042 | struct net_device *dev = info->user_ptr[1]; |
| 11043 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 11044 | struct sk_buff *msg; |
| 11045 | void *hdr; |
| 11046 | const u8 *addr; |
| 11047 | u64 cookie; |
| 11048 | int err; |
| 11049 | |
| 11050 | if (wdev->iftype != NL80211_IFTYPE_AP && |
| 11051 | wdev->iftype != NL80211_IFTYPE_P2P_GO) |
| 11052 | return -EOPNOTSUPP; |
| 11053 | |
| 11054 | if (!info->attrs[NL80211_ATTR_MAC]) |
| 11055 | return -EINVAL; |
| 11056 | |
| 11057 | if (!rdev->ops->probe_client) |
| 11058 | return -EOPNOTSUPP; |
| 11059 | |
| 11060 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); |
| 11061 | if (!msg) |
| 11062 | return -ENOMEM; |
| 11063 | |
| 11064 | hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0, |
| 11065 | NL80211_CMD_PROBE_CLIENT); |
| 11066 | if (!hdr) { |
| 11067 | err = -ENOBUFS; |
| 11068 | goto free_msg; |
| 11069 | } |
| 11070 | |
| 11071 | addr = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 11072 | |
| 11073 | err = rdev_probe_client(rdev, dev, addr, &cookie); |
| 11074 | if (err) |
| 11075 | goto free_msg; |
| 11076 | |
| 11077 | if (nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, cookie, |
| 11078 | NL80211_ATTR_PAD)) |
| 11079 | goto nla_put_failure; |
| 11080 | |
| 11081 | genlmsg_end(msg, hdr); |
| 11082 | |
| 11083 | return genlmsg_reply(msg, info); |
| 11084 | |
| 11085 | nla_put_failure: |
| 11086 | err = -ENOBUFS; |
| 11087 | free_msg: |
| 11088 | nlmsg_free(msg); |
| 11089 | return err; |
| 11090 | } |
| 11091 | |
| 11092 | static int nl80211_register_beacons(struct sk_buff *skb, struct genl_info *info) |
| 11093 | { |
| 11094 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 11095 | struct cfg80211_beacon_registration *reg, *nreg; |
| 11096 | int rv; |
| 11097 | |
| 11098 | if (!(rdev->wiphy.flags & WIPHY_FLAG_REPORTS_OBSS)) |
| 11099 | return -EOPNOTSUPP; |
| 11100 | |
| 11101 | nreg = kzalloc(sizeof(*nreg), GFP_KERNEL); |
| 11102 | if (!nreg) |
| 11103 | return -ENOMEM; |
| 11104 | |
| 11105 | /* First, check if already registered. */ |
| 11106 | spin_lock_bh(&rdev->beacon_registrations_lock); |
| 11107 | list_for_each_entry(reg, &rdev->beacon_registrations, list) { |
| 11108 | if (reg->nlportid == info->snd_portid) { |
| 11109 | rv = -EALREADY; |
| 11110 | goto out_err; |
| 11111 | } |
| 11112 | } |
| 11113 | /* Add it to the list */ |
| 11114 | nreg->nlportid = info->snd_portid; |
| 11115 | list_add(&nreg->list, &rdev->beacon_registrations); |
| 11116 | |
| 11117 | spin_unlock_bh(&rdev->beacon_registrations_lock); |
| 11118 | |
| 11119 | return 0; |
| 11120 | out_err: |
| 11121 | spin_unlock_bh(&rdev->beacon_registrations_lock); |
| 11122 | kfree(nreg); |
| 11123 | return rv; |
| 11124 | } |
| 11125 | |
| 11126 | static int nl80211_start_p2p_device(struct sk_buff *skb, struct genl_info *info) |
| 11127 | { |
| 11128 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 11129 | struct wireless_dev *wdev = info->user_ptr[1]; |
| 11130 | int err; |
| 11131 | |
| 11132 | if (!rdev->ops->start_p2p_device) |
| 11133 | return -EOPNOTSUPP; |
| 11134 | |
| 11135 | if (wdev->iftype != NL80211_IFTYPE_P2P_DEVICE) |
| 11136 | return -EOPNOTSUPP; |
| 11137 | |
| 11138 | if (wdev_running(wdev)) |
| 11139 | return 0; |
| 11140 | |
| 11141 | if (rfkill_blocked(rdev->rfkill)) |
| 11142 | return -ERFKILL; |
| 11143 | |
| 11144 | err = rdev_start_p2p_device(rdev, wdev); |
| 11145 | if (err) |
| 11146 | return err; |
| 11147 | |
| 11148 | wdev->is_running = true; |
| 11149 | rdev->opencount++; |
| 11150 | |
| 11151 | return 0; |
| 11152 | } |
| 11153 | |
| 11154 | static int nl80211_stop_p2p_device(struct sk_buff *skb, struct genl_info *info) |
| 11155 | { |
| 11156 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 11157 | struct wireless_dev *wdev = info->user_ptr[1]; |
| 11158 | |
| 11159 | if (wdev->iftype != NL80211_IFTYPE_P2P_DEVICE) |
| 11160 | return -EOPNOTSUPP; |
| 11161 | |
| 11162 | if (!rdev->ops->stop_p2p_device) |
| 11163 | return -EOPNOTSUPP; |
| 11164 | |
| 11165 | cfg80211_stop_p2p_device(rdev, wdev); |
| 11166 | |
| 11167 | return 0; |
| 11168 | } |
| 11169 | |
| 11170 | static int nl80211_start_nan(struct sk_buff *skb, struct genl_info *info) |
| 11171 | { |
| 11172 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 11173 | struct wireless_dev *wdev = info->user_ptr[1]; |
| 11174 | struct cfg80211_nan_conf conf = {}; |
| 11175 | int err; |
| 11176 | |
| 11177 | if (wdev->iftype != NL80211_IFTYPE_NAN) |
| 11178 | return -EOPNOTSUPP; |
| 11179 | |
| 11180 | if (wdev_running(wdev)) |
| 11181 | return -EEXIST; |
| 11182 | |
| 11183 | if (rfkill_blocked(rdev->rfkill)) |
| 11184 | return -ERFKILL; |
| 11185 | |
| 11186 | if (!info->attrs[NL80211_ATTR_NAN_MASTER_PREF]) |
| 11187 | return -EINVAL; |
| 11188 | |
| 11189 | conf.master_pref = |
| 11190 | nla_get_u8(info->attrs[NL80211_ATTR_NAN_MASTER_PREF]); |
| 11191 | if (!conf.master_pref) |
| 11192 | return -EINVAL; |
| 11193 | |
| 11194 | if (info->attrs[NL80211_ATTR_BANDS]) { |
| 11195 | u32 bands = nla_get_u32(info->attrs[NL80211_ATTR_BANDS]); |
| 11196 | |
| 11197 | if (bands & ~(u32)wdev->wiphy->nan_supported_bands) |
| 11198 | return -EOPNOTSUPP; |
| 11199 | |
| 11200 | if (bands && !(bands & BIT(NL80211_BAND_2GHZ))) |
| 11201 | return -EINVAL; |
| 11202 | |
| 11203 | conf.bands = bands; |
| 11204 | } |
| 11205 | |
| 11206 | err = rdev_start_nan(rdev, wdev, &conf); |
| 11207 | if (err) |
| 11208 | return err; |
| 11209 | |
| 11210 | wdev->is_running = true; |
| 11211 | rdev->opencount++; |
| 11212 | |
| 11213 | return 0; |
| 11214 | } |
| 11215 | |
| 11216 | static int nl80211_stop_nan(struct sk_buff *skb, struct genl_info *info) |
| 11217 | { |
| 11218 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 11219 | struct wireless_dev *wdev = info->user_ptr[1]; |
| 11220 | |
| 11221 | if (wdev->iftype != NL80211_IFTYPE_NAN) |
| 11222 | return -EOPNOTSUPP; |
| 11223 | |
| 11224 | cfg80211_stop_nan(rdev, wdev); |
| 11225 | |
| 11226 | return 0; |
| 11227 | } |
| 11228 | |
| 11229 | static int validate_nan_filter(struct nlattr *filter_attr) |
| 11230 | { |
| 11231 | struct nlattr *attr; |
| 11232 | int len = 0, n_entries = 0, rem; |
| 11233 | |
| 11234 | nla_for_each_nested(attr, filter_attr, rem) { |
| 11235 | len += nla_len(attr); |
| 11236 | n_entries++; |
| 11237 | } |
| 11238 | |
| 11239 | if (len >= U8_MAX) |
| 11240 | return -EINVAL; |
| 11241 | |
| 11242 | return n_entries; |
| 11243 | } |
| 11244 | |
| 11245 | static int handle_nan_filter(struct nlattr *attr_filter, |
| 11246 | struct cfg80211_nan_func *func, |
| 11247 | bool tx) |
| 11248 | { |
| 11249 | struct nlattr *attr; |
| 11250 | int n_entries, rem, i; |
| 11251 | struct cfg80211_nan_func_filter *filter; |
| 11252 | |
| 11253 | n_entries = validate_nan_filter(attr_filter); |
| 11254 | if (n_entries < 0) |
| 11255 | return n_entries; |
| 11256 | |
| 11257 | BUILD_BUG_ON(sizeof(*func->rx_filters) != sizeof(*func->tx_filters)); |
| 11258 | |
| 11259 | filter = kcalloc(n_entries, sizeof(*func->rx_filters), GFP_KERNEL); |
| 11260 | if (!filter) |
| 11261 | return -ENOMEM; |
| 11262 | |
| 11263 | i = 0; |
| 11264 | nla_for_each_nested(attr, attr_filter, rem) { |
| 11265 | filter[i].filter = nla_memdup(attr, GFP_KERNEL); |
| 11266 | filter[i].len = nla_len(attr); |
| 11267 | i++; |
| 11268 | } |
| 11269 | if (tx) { |
| 11270 | func->num_tx_filters = n_entries; |
| 11271 | func->tx_filters = filter; |
| 11272 | } else { |
| 11273 | func->num_rx_filters = n_entries; |
| 11274 | func->rx_filters = filter; |
| 11275 | } |
| 11276 | |
| 11277 | return 0; |
| 11278 | } |
| 11279 | |
| 11280 | static int nl80211_nan_add_func(struct sk_buff *skb, |
| 11281 | struct genl_info *info) |
| 11282 | { |
| 11283 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 11284 | struct wireless_dev *wdev = info->user_ptr[1]; |
| 11285 | struct nlattr *tb[NUM_NL80211_NAN_FUNC_ATTR], *func_attr; |
| 11286 | struct cfg80211_nan_func *func; |
| 11287 | struct sk_buff *msg = NULL; |
| 11288 | void *hdr = NULL; |
| 11289 | int err = 0; |
| 11290 | |
| 11291 | if (wdev->iftype != NL80211_IFTYPE_NAN) |
| 11292 | return -EOPNOTSUPP; |
| 11293 | |
| 11294 | if (!wdev_running(wdev)) |
| 11295 | return -ENOTCONN; |
| 11296 | |
| 11297 | if (!info->attrs[NL80211_ATTR_NAN_FUNC]) |
| 11298 | return -EINVAL; |
| 11299 | |
| 11300 | err = nla_parse_nested(tb, NL80211_NAN_FUNC_ATTR_MAX, |
| 11301 | info->attrs[NL80211_ATTR_NAN_FUNC], |
| 11302 | nl80211_nan_func_policy, info->extack); |
| 11303 | if (err) |
| 11304 | return err; |
| 11305 | |
| 11306 | func = kzalloc(sizeof(*func), GFP_KERNEL); |
| 11307 | if (!func) |
| 11308 | return -ENOMEM; |
| 11309 | |
| 11310 | func->cookie = wdev->wiphy->cookie_counter++; |
| 11311 | |
| 11312 | if (!tb[NL80211_NAN_FUNC_TYPE] || |
| 11313 | nla_get_u8(tb[NL80211_NAN_FUNC_TYPE]) > NL80211_NAN_FUNC_MAX_TYPE) { |
| 11314 | err = -EINVAL; |
| 11315 | goto out; |
| 11316 | } |
| 11317 | |
| 11318 | |
| 11319 | func->type = nla_get_u8(tb[NL80211_NAN_FUNC_TYPE]); |
| 11320 | |
| 11321 | if (!tb[NL80211_NAN_FUNC_SERVICE_ID]) { |
| 11322 | err = -EINVAL; |
| 11323 | goto out; |
| 11324 | } |
| 11325 | |
| 11326 | memcpy(func->service_id, nla_data(tb[NL80211_NAN_FUNC_SERVICE_ID]), |
| 11327 | sizeof(func->service_id)); |
| 11328 | |
| 11329 | func->close_range = |
| 11330 | nla_get_flag(tb[NL80211_NAN_FUNC_CLOSE_RANGE]); |
| 11331 | |
| 11332 | if (tb[NL80211_NAN_FUNC_SERVICE_INFO]) { |
| 11333 | func->serv_spec_info_len = |
| 11334 | nla_len(tb[NL80211_NAN_FUNC_SERVICE_INFO]); |
| 11335 | func->serv_spec_info = |
| 11336 | kmemdup(nla_data(tb[NL80211_NAN_FUNC_SERVICE_INFO]), |
| 11337 | func->serv_spec_info_len, |
| 11338 | GFP_KERNEL); |
| 11339 | if (!func->serv_spec_info) { |
| 11340 | err = -ENOMEM; |
| 11341 | goto out; |
| 11342 | } |
| 11343 | } |
| 11344 | |
| 11345 | if (tb[NL80211_NAN_FUNC_TTL]) |
| 11346 | func->ttl = nla_get_u32(tb[NL80211_NAN_FUNC_TTL]); |
| 11347 | |
| 11348 | switch (func->type) { |
| 11349 | case NL80211_NAN_FUNC_PUBLISH: |
| 11350 | if (!tb[NL80211_NAN_FUNC_PUBLISH_TYPE]) { |
| 11351 | err = -EINVAL; |
| 11352 | goto out; |
| 11353 | } |
| 11354 | |
| 11355 | func->publish_type = |
| 11356 | nla_get_u8(tb[NL80211_NAN_FUNC_PUBLISH_TYPE]); |
| 11357 | func->publish_bcast = |
| 11358 | nla_get_flag(tb[NL80211_NAN_FUNC_PUBLISH_BCAST]); |
| 11359 | |
| 11360 | if ((!(func->publish_type & NL80211_NAN_SOLICITED_PUBLISH)) && |
| 11361 | func->publish_bcast) { |
| 11362 | err = -EINVAL; |
| 11363 | goto out; |
| 11364 | } |
| 11365 | break; |
| 11366 | case NL80211_NAN_FUNC_SUBSCRIBE: |
| 11367 | func->subscribe_active = |
| 11368 | nla_get_flag(tb[NL80211_NAN_FUNC_SUBSCRIBE_ACTIVE]); |
| 11369 | break; |
| 11370 | case NL80211_NAN_FUNC_FOLLOW_UP: |
| 11371 | if (!tb[NL80211_NAN_FUNC_FOLLOW_UP_ID] || |
| 11372 | !tb[NL80211_NAN_FUNC_FOLLOW_UP_REQ_ID] || |
| 11373 | !tb[NL80211_NAN_FUNC_FOLLOW_UP_DEST]) { |
| 11374 | err = -EINVAL; |
| 11375 | goto out; |
| 11376 | } |
| 11377 | |
| 11378 | func->followup_id = |
| 11379 | nla_get_u8(tb[NL80211_NAN_FUNC_FOLLOW_UP_ID]); |
| 11380 | func->followup_reqid = |
| 11381 | nla_get_u8(tb[NL80211_NAN_FUNC_FOLLOW_UP_REQ_ID]); |
| 11382 | memcpy(func->followup_dest.addr, |
| 11383 | nla_data(tb[NL80211_NAN_FUNC_FOLLOW_UP_DEST]), |
| 11384 | sizeof(func->followup_dest.addr)); |
| 11385 | if (func->ttl) { |
| 11386 | err = -EINVAL; |
| 11387 | goto out; |
| 11388 | } |
| 11389 | break; |
| 11390 | default: |
| 11391 | err = -EINVAL; |
| 11392 | goto out; |
| 11393 | } |
| 11394 | |
| 11395 | if (tb[NL80211_NAN_FUNC_SRF]) { |
| 11396 | struct nlattr *srf_tb[NUM_NL80211_NAN_SRF_ATTR]; |
| 11397 | |
| 11398 | err = nla_parse_nested(srf_tb, NL80211_NAN_SRF_ATTR_MAX, |
| 11399 | tb[NL80211_NAN_FUNC_SRF], |
| 11400 | nl80211_nan_srf_policy, info->extack); |
| 11401 | if (err) |
| 11402 | goto out; |
| 11403 | |
| 11404 | func->srf_include = |
| 11405 | nla_get_flag(srf_tb[NL80211_NAN_SRF_INCLUDE]); |
| 11406 | |
| 11407 | if (srf_tb[NL80211_NAN_SRF_BF]) { |
| 11408 | if (srf_tb[NL80211_NAN_SRF_MAC_ADDRS] || |
| 11409 | !srf_tb[NL80211_NAN_SRF_BF_IDX]) { |
| 11410 | err = -EINVAL; |
| 11411 | goto out; |
| 11412 | } |
| 11413 | |
| 11414 | func->srf_bf_len = |
| 11415 | nla_len(srf_tb[NL80211_NAN_SRF_BF]); |
| 11416 | func->srf_bf = |
| 11417 | kmemdup(nla_data(srf_tb[NL80211_NAN_SRF_BF]), |
| 11418 | func->srf_bf_len, GFP_KERNEL); |
| 11419 | if (!func->srf_bf) { |
| 11420 | err = -ENOMEM; |
| 11421 | goto out; |
| 11422 | } |
| 11423 | |
| 11424 | func->srf_bf_idx = |
| 11425 | nla_get_u8(srf_tb[NL80211_NAN_SRF_BF_IDX]); |
| 11426 | } else { |
| 11427 | struct nlattr *attr, *mac_attr = |
| 11428 | srf_tb[NL80211_NAN_SRF_MAC_ADDRS]; |
| 11429 | int n_entries, rem, i = 0; |
| 11430 | |
| 11431 | if (!mac_attr) { |
| 11432 | err = -EINVAL; |
| 11433 | goto out; |
| 11434 | } |
| 11435 | |
| 11436 | n_entries = validate_acl_mac_addrs(mac_attr); |
| 11437 | if (n_entries <= 0) { |
| 11438 | err = -EINVAL; |
| 11439 | goto out; |
| 11440 | } |
| 11441 | |
| 11442 | func->srf_num_macs = n_entries; |
| 11443 | func->srf_macs = |
| 11444 | kzalloc(sizeof(*func->srf_macs) * n_entries, |
| 11445 | GFP_KERNEL); |
| 11446 | if (!func->srf_macs) { |
| 11447 | err = -ENOMEM; |
| 11448 | goto out; |
| 11449 | } |
| 11450 | |
| 11451 | nla_for_each_nested(attr, mac_attr, rem) |
| 11452 | memcpy(func->srf_macs[i++].addr, nla_data(attr), |
| 11453 | sizeof(*func->srf_macs)); |
| 11454 | } |
| 11455 | } |
| 11456 | |
| 11457 | if (tb[NL80211_NAN_FUNC_TX_MATCH_FILTER]) { |
| 11458 | err = handle_nan_filter(tb[NL80211_NAN_FUNC_TX_MATCH_FILTER], |
| 11459 | func, true); |
| 11460 | if (err) |
| 11461 | goto out; |
| 11462 | } |
| 11463 | |
| 11464 | if (tb[NL80211_NAN_FUNC_RX_MATCH_FILTER]) { |
| 11465 | err = handle_nan_filter(tb[NL80211_NAN_FUNC_RX_MATCH_FILTER], |
| 11466 | func, false); |
| 11467 | if (err) |
| 11468 | goto out; |
| 11469 | } |
| 11470 | |
| 11471 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); |
| 11472 | if (!msg) { |
| 11473 | err = -ENOMEM; |
| 11474 | goto out; |
| 11475 | } |
| 11476 | |
| 11477 | hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0, |
| 11478 | NL80211_CMD_ADD_NAN_FUNCTION); |
| 11479 | /* This can't really happen - we just allocated 4KB */ |
| 11480 | if (WARN_ON(!hdr)) { |
| 11481 | err = -ENOMEM; |
| 11482 | goto out; |
| 11483 | } |
| 11484 | |
| 11485 | err = rdev_add_nan_func(rdev, wdev, func); |
| 11486 | out: |
| 11487 | if (err < 0) { |
| 11488 | cfg80211_free_nan_func(func); |
| 11489 | nlmsg_free(msg); |
| 11490 | return err; |
| 11491 | } |
| 11492 | |
| 11493 | /* propagate the instance id and cookie to userspace */ |
| 11494 | if (nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, func->cookie, |
| 11495 | NL80211_ATTR_PAD)) |
| 11496 | goto nla_put_failure; |
| 11497 | |
| 11498 | func_attr = nla_nest_start(msg, NL80211_ATTR_NAN_FUNC); |
| 11499 | if (!func_attr) |
| 11500 | goto nla_put_failure; |
| 11501 | |
| 11502 | if (nla_put_u8(msg, NL80211_NAN_FUNC_INSTANCE_ID, |
| 11503 | func->instance_id)) |
| 11504 | goto nla_put_failure; |
| 11505 | |
| 11506 | nla_nest_end(msg, func_attr); |
| 11507 | |
| 11508 | genlmsg_end(msg, hdr); |
| 11509 | return genlmsg_reply(msg, info); |
| 11510 | |
| 11511 | nla_put_failure: |
| 11512 | nlmsg_free(msg); |
| 11513 | return -ENOBUFS; |
| 11514 | } |
| 11515 | |
| 11516 | static int nl80211_nan_del_func(struct sk_buff *skb, |
| 11517 | struct genl_info *info) |
| 11518 | { |
| 11519 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 11520 | struct wireless_dev *wdev = info->user_ptr[1]; |
| 11521 | u64 cookie; |
| 11522 | |
| 11523 | if (wdev->iftype != NL80211_IFTYPE_NAN) |
| 11524 | return -EOPNOTSUPP; |
| 11525 | |
| 11526 | if (!wdev_running(wdev)) |
| 11527 | return -ENOTCONN; |
| 11528 | |
| 11529 | if (!info->attrs[NL80211_ATTR_COOKIE]) |
| 11530 | return -EINVAL; |
| 11531 | |
| 11532 | cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]); |
| 11533 | |
| 11534 | rdev_del_nan_func(rdev, wdev, cookie); |
| 11535 | |
| 11536 | return 0; |
| 11537 | } |
| 11538 | |
| 11539 | static int nl80211_nan_change_config(struct sk_buff *skb, |
| 11540 | struct genl_info *info) |
| 11541 | { |
| 11542 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 11543 | struct wireless_dev *wdev = info->user_ptr[1]; |
| 11544 | struct cfg80211_nan_conf conf = {}; |
| 11545 | u32 changed = 0; |
| 11546 | |
| 11547 | if (wdev->iftype != NL80211_IFTYPE_NAN) |
| 11548 | return -EOPNOTSUPP; |
| 11549 | |
| 11550 | if (!wdev_running(wdev)) |
| 11551 | return -ENOTCONN; |
| 11552 | |
| 11553 | if (info->attrs[NL80211_ATTR_NAN_MASTER_PREF]) { |
| 11554 | conf.master_pref = |
| 11555 | nla_get_u8(info->attrs[NL80211_ATTR_NAN_MASTER_PREF]); |
| 11556 | if (conf.master_pref <= 1 || conf.master_pref == 255) |
| 11557 | return -EINVAL; |
| 11558 | |
| 11559 | changed |= CFG80211_NAN_CONF_CHANGED_PREF; |
| 11560 | } |
| 11561 | |
| 11562 | if (info->attrs[NL80211_ATTR_BANDS]) { |
| 11563 | u32 bands = nla_get_u32(info->attrs[NL80211_ATTR_BANDS]); |
| 11564 | |
| 11565 | if (bands & ~(u32)wdev->wiphy->nan_supported_bands) |
| 11566 | return -EOPNOTSUPP; |
| 11567 | |
| 11568 | if (bands && !(bands & BIT(NL80211_BAND_2GHZ))) |
| 11569 | return -EINVAL; |
| 11570 | |
| 11571 | conf.bands = bands; |
| 11572 | changed |= CFG80211_NAN_CONF_CHANGED_BANDS; |
| 11573 | } |
| 11574 | |
| 11575 | if (!changed) |
| 11576 | return -EINVAL; |
| 11577 | |
| 11578 | return rdev_nan_change_conf(rdev, wdev, &conf, changed); |
| 11579 | } |
| 11580 | |
| 11581 | void cfg80211_nan_match(struct wireless_dev *wdev, |
| 11582 | struct cfg80211_nan_match_params *match, gfp_t gfp) |
| 11583 | { |
| 11584 | struct wiphy *wiphy = wdev->wiphy; |
| 11585 | struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); |
| 11586 | struct nlattr *match_attr, *local_func_attr, *peer_func_attr; |
| 11587 | struct sk_buff *msg; |
| 11588 | void *hdr; |
| 11589 | |
| 11590 | if (WARN_ON(!match->inst_id || !match->peer_inst_id || !match->addr)) |
| 11591 | return; |
| 11592 | |
| 11593 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); |
| 11594 | if (!msg) |
| 11595 | return; |
| 11596 | |
| 11597 | hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NAN_MATCH); |
| 11598 | if (!hdr) { |
| 11599 | nlmsg_free(msg); |
| 11600 | return; |
| 11601 | } |
| 11602 | |
| 11603 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 11604 | (wdev->netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX, |
| 11605 | wdev->netdev->ifindex)) || |
| 11606 | nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev), |
| 11607 | NL80211_ATTR_PAD)) |
| 11608 | goto nla_put_failure; |
| 11609 | |
| 11610 | if (nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, match->cookie, |
| 11611 | NL80211_ATTR_PAD) || |
| 11612 | nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, match->addr)) |
| 11613 | goto nla_put_failure; |
| 11614 | |
| 11615 | match_attr = nla_nest_start(msg, NL80211_ATTR_NAN_MATCH); |
| 11616 | if (!match_attr) |
| 11617 | goto nla_put_failure; |
| 11618 | |
| 11619 | local_func_attr = nla_nest_start(msg, NL80211_NAN_MATCH_FUNC_LOCAL); |
| 11620 | if (!local_func_attr) |
| 11621 | goto nla_put_failure; |
| 11622 | |
| 11623 | if (nla_put_u8(msg, NL80211_NAN_FUNC_INSTANCE_ID, match->inst_id)) |
| 11624 | goto nla_put_failure; |
| 11625 | |
| 11626 | nla_nest_end(msg, local_func_attr); |
| 11627 | |
| 11628 | peer_func_attr = nla_nest_start(msg, NL80211_NAN_MATCH_FUNC_PEER); |
| 11629 | if (!peer_func_attr) |
| 11630 | goto nla_put_failure; |
| 11631 | |
| 11632 | if (nla_put_u8(msg, NL80211_NAN_FUNC_TYPE, match->type) || |
| 11633 | nla_put_u8(msg, NL80211_NAN_FUNC_INSTANCE_ID, match->peer_inst_id)) |
| 11634 | goto nla_put_failure; |
| 11635 | |
| 11636 | if (match->info && match->info_len && |
| 11637 | nla_put(msg, NL80211_NAN_FUNC_SERVICE_INFO, match->info_len, |
| 11638 | match->info)) |
| 11639 | goto nla_put_failure; |
| 11640 | |
| 11641 | nla_nest_end(msg, peer_func_attr); |
| 11642 | nla_nest_end(msg, match_attr); |
| 11643 | genlmsg_end(msg, hdr); |
| 11644 | |
| 11645 | if (!wdev->owner_nlportid) |
| 11646 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), |
| 11647 | msg, 0, NL80211_MCGRP_NAN, gfp); |
| 11648 | else |
| 11649 | genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, |
| 11650 | wdev->owner_nlportid); |
| 11651 | |
| 11652 | return; |
| 11653 | |
| 11654 | nla_put_failure: |
| 11655 | nlmsg_free(msg); |
| 11656 | } |
| 11657 | EXPORT_SYMBOL(cfg80211_nan_match); |
| 11658 | |
| 11659 | void cfg80211_nan_func_terminated(struct wireless_dev *wdev, |
| 11660 | u8 inst_id, |
| 11661 | enum nl80211_nan_func_term_reason reason, |
| 11662 | u64 cookie, gfp_t gfp) |
| 11663 | { |
| 11664 | struct wiphy *wiphy = wdev->wiphy; |
| 11665 | struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); |
| 11666 | struct sk_buff *msg; |
| 11667 | struct nlattr *func_attr; |
| 11668 | void *hdr; |
| 11669 | |
| 11670 | if (WARN_ON(!inst_id)) |
| 11671 | return; |
| 11672 | |
| 11673 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); |
| 11674 | if (!msg) |
| 11675 | return; |
| 11676 | |
| 11677 | hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DEL_NAN_FUNCTION); |
| 11678 | if (!hdr) { |
| 11679 | nlmsg_free(msg); |
| 11680 | return; |
| 11681 | } |
| 11682 | |
| 11683 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 11684 | (wdev->netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX, |
| 11685 | wdev->netdev->ifindex)) || |
| 11686 | nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev), |
| 11687 | NL80211_ATTR_PAD)) |
| 11688 | goto nla_put_failure; |
| 11689 | |
| 11690 | if (nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, cookie, |
| 11691 | NL80211_ATTR_PAD)) |
| 11692 | goto nla_put_failure; |
| 11693 | |
| 11694 | func_attr = nla_nest_start(msg, NL80211_ATTR_NAN_FUNC); |
| 11695 | if (!func_attr) |
| 11696 | goto nla_put_failure; |
| 11697 | |
| 11698 | if (nla_put_u8(msg, NL80211_NAN_FUNC_INSTANCE_ID, inst_id) || |
| 11699 | nla_put_u8(msg, NL80211_NAN_FUNC_TERM_REASON, reason)) |
| 11700 | goto nla_put_failure; |
| 11701 | |
| 11702 | nla_nest_end(msg, func_attr); |
| 11703 | genlmsg_end(msg, hdr); |
| 11704 | |
| 11705 | if (!wdev->owner_nlportid) |
| 11706 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), |
| 11707 | msg, 0, NL80211_MCGRP_NAN, gfp); |
| 11708 | else |
| 11709 | genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, |
| 11710 | wdev->owner_nlportid); |
| 11711 | |
| 11712 | return; |
| 11713 | |
| 11714 | nla_put_failure: |
| 11715 | nlmsg_free(msg); |
| 11716 | } |
| 11717 | EXPORT_SYMBOL(cfg80211_nan_func_terminated); |
| 11718 | |
| 11719 | static int nl80211_get_protocol_features(struct sk_buff *skb, |
| 11720 | struct genl_info *info) |
| 11721 | { |
| 11722 | void *hdr; |
| 11723 | struct sk_buff *msg; |
| 11724 | |
| 11725 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); |
| 11726 | if (!msg) |
| 11727 | return -ENOMEM; |
| 11728 | |
| 11729 | hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0, |
| 11730 | NL80211_CMD_GET_PROTOCOL_FEATURES); |
| 11731 | if (!hdr) |
| 11732 | goto nla_put_failure; |
| 11733 | |
| 11734 | if (nla_put_u32(msg, NL80211_ATTR_PROTOCOL_FEATURES, |
| 11735 | NL80211_PROTOCOL_FEATURE_SPLIT_WIPHY_DUMP)) |
| 11736 | goto nla_put_failure; |
| 11737 | |
| 11738 | genlmsg_end(msg, hdr); |
| 11739 | return genlmsg_reply(msg, info); |
| 11740 | |
| 11741 | nla_put_failure: |
| 11742 | kfree_skb(msg); |
| 11743 | return -ENOBUFS; |
| 11744 | } |
| 11745 | |
| 11746 | static int nl80211_update_ft_ies(struct sk_buff *skb, struct genl_info *info) |
| 11747 | { |
| 11748 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 11749 | struct cfg80211_update_ft_ies_params ft_params; |
| 11750 | struct net_device *dev = info->user_ptr[1]; |
| 11751 | |
| 11752 | if (!rdev->ops->update_ft_ies) |
| 11753 | return -EOPNOTSUPP; |
| 11754 | |
| 11755 | if (!info->attrs[NL80211_ATTR_MDID] || |
| 11756 | !info->attrs[NL80211_ATTR_IE] || |
| 11757 | !is_valid_ie_attr(info->attrs[NL80211_ATTR_IE])) |
| 11758 | return -EINVAL; |
| 11759 | |
| 11760 | memset(&ft_params, 0, sizeof(ft_params)); |
| 11761 | ft_params.md = nla_get_u16(info->attrs[NL80211_ATTR_MDID]); |
| 11762 | ft_params.ie = nla_data(info->attrs[NL80211_ATTR_IE]); |
| 11763 | ft_params.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]); |
| 11764 | |
| 11765 | return rdev_update_ft_ies(rdev, dev, &ft_params); |
| 11766 | } |
| 11767 | |
| 11768 | static int nl80211_crit_protocol_start(struct sk_buff *skb, |
| 11769 | struct genl_info *info) |
| 11770 | { |
| 11771 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 11772 | struct wireless_dev *wdev = info->user_ptr[1]; |
| 11773 | enum nl80211_crit_proto_id proto = NL80211_CRIT_PROTO_UNSPEC; |
| 11774 | u16 duration; |
| 11775 | int ret; |
| 11776 | |
| 11777 | if (!rdev->ops->crit_proto_start) |
| 11778 | return -EOPNOTSUPP; |
| 11779 | |
| 11780 | if (WARN_ON(!rdev->ops->crit_proto_stop)) |
| 11781 | return -EINVAL; |
| 11782 | |
| 11783 | if (rdev->crit_proto_nlportid) |
| 11784 | return -EBUSY; |
| 11785 | |
| 11786 | /* determine protocol if provided */ |
| 11787 | if (info->attrs[NL80211_ATTR_CRIT_PROT_ID]) |
| 11788 | proto = nla_get_u16(info->attrs[NL80211_ATTR_CRIT_PROT_ID]); |
| 11789 | |
| 11790 | if (proto >= NUM_NL80211_CRIT_PROTO) |
| 11791 | return -EINVAL; |
| 11792 | |
| 11793 | /* timeout must be provided */ |
| 11794 | if (!info->attrs[NL80211_ATTR_MAX_CRIT_PROT_DURATION]) |
| 11795 | return -EINVAL; |
| 11796 | |
| 11797 | duration = |
| 11798 | nla_get_u16(info->attrs[NL80211_ATTR_MAX_CRIT_PROT_DURATION]); |
| 11799 | |
| 11800 | if (duration > NL80211_CRIT_PROTO_MAX_DURATION) |
| 11801 | return -ERANGE; |
| 11802 | |
| 11803 | ret = rdev_crit_proto_start(rdev, wdev, proto, duration); |
| 11804 | if (!ret) |
| 11805 | rdev->crit_proto_nlportid = info->snd_portid; |
| 11806 | |
| 11807 | return ret; |
| 11808 | } |
| 11809 | |
| 11810 | static int nl80211_crit_protocol_stop(struct sk_buff *skb, |
| 11811 | struct genl_info *info) |
| 11812 | { |
| 11813 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 11814 | struct wireless_dev *wdev = info->user_ptr[1]; |
| 11815 | |
| 11816 | if (!rdev->ops->crit_proto_stop) |
| 11817 | return -EOPNOTSUPP; |
| 11818 | |
| 11819 | if (rdev->crit_proto_nlportid) { |
| 11820 | rdev->crit_proto_nlportid = 0; |
| 11821 | rdev_crit_proto_stop(rdev, wdev); |
| 11822 | } |
| 11823 | return 0; |
| 11824 | } |
| 11825 | |
| 11826 | static int nl80211_vendor_cmd(struct sk_buff *skb, struct genl_info *info) |
| 11827 | { |
| 11828 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 11829 | struct wireless_dev *wdev = |
| 11830 | __cfg80211_wdev_from_attrs(genl_info_net(info), info->attrs); |
| 11831 | int i, err; |
| 11832 | u32 vid, subcmd; |
| 11833 | |
| 11834 | if (!rdev->wiphy.vendor_commands) |
| 11835 | return -EOPNOTSUPP; |
| 11836 | |
| 11837 | if (IS_ERR(wdev)) { |
| 11838 | err = PTR_ERR(wdev); |
| 11839 | if (err != -EINVAL) |
| 11840 | return err; |
| 11841 | wdev = NULL; |
| 11842 | } else if (wdev->wiphy != &rdev->wiphy) { |
| 11843 | return -EINVAL; |
| 11844 | } |
| 11845 | |
| 11846 | if (!info->attrs[NL80211_ATTR_VENDOR_ID] || |
| 11847 | !info->attrs[NL80211_ATTR_VENDOR_SUBCMD]) |
| 11848 | return -EINVAL; |
| 11849 | |
| 11850 | vid = nla_get_u32(info->attrs[NL80211_ATTR_VENDOR_ID]); |
| 11851 | subcmd = nla_get_u32(info->attrs[NL80211_ATTR_VENDOR_SUBCMD]); |
| 11852 | for (i = 0; i < rdev->wiphy.n_vendor_commands; i++) { |
| 11853 | const struct wiphy_vendor_command *vcmd; |
| 11854 | void *data = NULL; |
| 11855 | int len = 0; |
| 11856 | |
| 11857 | vcmd = &rdev->wiphy.vendor_commands[i]; |
| 11858 | |
| 11859 | if (vcmd->info.vendor_id != vid || vcmd->info.subcmd != subcmd) |
| 11860 | continue; |
| 11861 | |
| 11862 | if (vcmd->flags & (WIPHY_VENDOR_CMD_NEED_WDEV | |
| 11863 | WIPHY_VENDOR_CMD_NEED_NETDEV)) { |
| 11864 | if (!wdev) |
| 11865 | return -EINVAL; |
| 11866 | if (vcmd->flags & WIPHY_VENDOR_CMD_NEED_NETDEV && |
| 11867 | !wdev->netdev) |
| 11868 | return -EINVAL; |
| 11869 | |
| 11870 | if (vcmd->flags & WIPHY_VENDOR_CMD_NEED_RUNNING) { |
| 11871 | if (!wdev_running(wdev)) |
| 11872 | return -ENETDOWN; |
| 11873 | } |
| 11874 | } else { |
| 11875 | wdev = NULL; |
| 11876 | } |
| 11877 | |
| 11878 | if (!vcmd->doit) |
| 11879 | return -EOPNOTSUPP; |
| 11880 | |
| 11881 | if (info->attrs[NL80211_ATTR_VENDOR_DATA]) { |
| 11882 | data = nla_data(info->attrs[NL80211_ATTR_VENDOR_DATA]); |
| 11883 | len = nla_len(info->attrs[NL80211_ATTR_VENDOR_DATA]); |
| 11884 | } |
| 11885 | |
| 11886 | rdev->cur_cmd_info = info; |
| 11887 | err = rdev->wiphy.vendor_commands[i].doit(&rdev->wiphy, wdev, |
| 11888 | data, len); |
| 11889 | rdev->cur_cmd_info = NULL; |
| 11890 | return err; |
| 11891 | } |
| 11892 | |
| 11893 | return -EOPNOTSUPP; |
| 11894 | } |
| 11895 | |
| 11896 | static int nl80211_prepare_vendor_dump(struct sk_buff *skb, |
| 11897 | struct netlink_callback *cb, |
| 11898 | struct cfg80211_registered_device **rdev, |
| 11899 | struct wireless_dev **wdev) |
| 11900 | { |
| 11901 | struct nlattr **attrbuf = genl_family_attrbuf(&nl80211_fam); |
| 11902 | u32 vid, subcmd; |
| 11903 | unsigned int i; |
| 11904 | int vcmd_idx = -1; |
| 11905 | int err; |
| 11906 | void *data = NULL; |
| 11907 | unsigned int data_len = 0; |
| 11908 | |
| 11909 | if (cb->args[0]) { |
| 11910 | /* subtract the 1 again here */ |
| 11911 | struct wiphy *wiphy = wiphy_idx_to_wiphy(cb->args[0] - 1); |
| 11912 | struct wireless_dev *tmp; |
| 11913 | |
| 11914 | if (!wiphy) |
| 11915 | return -ENODEV; |
| 11916 | *rdev = wiphy_to_rdev(wiphy); |
| 11917 | *wdev = NULL; |
| 11918 | |
| 11919 | if (cb->args[1]) { |
| 11920 | list_for_each_entry(tmp, &wiphy->wdev_list, list) { |
| 11921 | if (tmp->identifier == cb->args[1] - 1) { |
| 11922 | *wdev = tmp; |
| 11923 | break; |
| 11924 | } |
| 11925 | } |
| 11926 | } |
| 11927 | |
| 11928 | /* keep rtnl locked in successful case */ |
| 11929 | return 0; |
| 11930 | } |
| 11931 | |
| 11932 | err = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize, attrbuf, |
| 11933 | nl80211_fam.maxattr, nl80211_policy, NULL); |
| 11934 | if (err) |
| 11935 | return err; |
| 11936 | |
| 11937 | if (!attrbuf[NL80211_ATTR_VENDOR_ID] || |
| 11938 | !attrbuf[NL80211_ATTR_VENDOR_SUBCMD]) |
| 11939 | return -EINVAL; |
| 11940 | |
| 11941 | *wdev = __cfg80211_wdev_from_attrs(sock_net(skb->sk), attrbuf); |
| 11942 | if (IS_ERR(*wdev)) |
| 11943 | *wdev = NULL; |
| 11944 | |
| 11945 | *rdev = __cfg80211_rdev_from_attrs(sock_net(skb->sk), attrbuf); |
| 11946 | if (IS_ERR(*rdev)) |
| 11947 | return PTR_ERR(*rdev); |
| 11948 | |
| 11949 | vid = nla_get_u32(attrbuf[NL80211_ATTR_VENDOR_ID]); |
| 11950 | subcmd = nla_get_u32(attrbuf[NL80211_ATTR_VENDOR_SUBCMD]); |
| 11951 | |
| 11952 | for (i = 0; i < (*rdev)->wiphy.n_vendor_commands; i++) { |
| 11953 | const struct wiphy_vendor_command *vcmd; |
| 11954 | |
| 11955 | vcmd = &(*rdev)->wiphy.vendor_commands[i]; |
| 11956 | |
| 11957 | if (vcmd->info.vendor_id != vid || vcmd->info.subcmd != subcmd) |
| 11958 | continue; |
| 11959 | |
| 11960 | if (!vcmd->dumpit) |
| 11961 | return -EOPNOTSUPP; |
| 11962 | |
| 11963 | vcmd_idx = i; |
| 11964 | break; |
| 11965 | } |
| 11966 | |
| 11967 | if (vcmd_idx < 0) |
| 11968 | return -EOPNOTSUPP; |
| 11969 | |
| 11970 | if (attrbuf[NL80211_ATTR_VENDOR_DATA]) { |
| 11971 | data = nla_data(attrbuf[NL80211_ATTR_VENDOR_DATA]); |
| 11972 | data_len = nla_len(attrbuf[NL80211_ATTR_VENDOR_DATA]); |
| 11973 | } |
| 11974 | |
| 11975 | /* 0 is the first index - add 1 to parse only once */ |
| 11976 | cb->args[0] = (*rdev)->wiphy_idx + 1; |
| 11977 | /* add 1 to know if it was NULL */ |
| 11978 | cb->args[1] = *wdev ? (*wdev)->identifier + 1 : 0; |
| 11979 | cb->args[2] = vcmd_idx; |
| 11980 | cb->args[3] = (unsigned long)data; |
| 11981 | cb->args[4] = data_len; |
| 11982 | |
| 11983 | /* keep rtnl locked in successful case */ |
| 11984 | return 0; |
| 11985 | } |
| 11986 | |
| 11987 | static int nl80211_vendor_cmd_dump(struct sk_buff *skb, |
| 11988 | struct netlink_callback *cb) |
| 11989 | { |
| 11990 | struct cfg80211_registered_device *rdev; |
| 11991 | struct wireless_dev *wdev; |
| 11992 | unsigned int vcmd_idx; |
| 11993 | const struct wiphy_vendor_command *vcmd; |
| 11994 | void *data; |
| 11995 | int data_len; |
| 11996 | int err; |
| 11997 | struct nlattr *vendor_data; |
| 11998 | |
| 11999 | rtnl_lock(); |
| 12000 | err = nl80211_prepare_vendor_dump(skb, cb, &rdev, &wdev); |
| 12001 | if (err) |
| 12002 | goto out; |
| 12003 | |
| 12004 | vcmd_idx = cb->args[2]; |
| 12005 | data = (void *)cb->args[3]; |
| 12006 | data_len = cb->args[4]; |
| 12007 | vcmd = &rdev->wiphy.vendor_commands[vcmd_idx]; |
| 12008 | |
| 12009 | if (vcmd->flags & (WIPHY_VENDOR_CMD_NEED_WDEV | |
| 12010 | WIPHY_VENDOR_CMD_NEED_NETDEV)) { |
| 12011 | if (!wdev) { |
| 12012 | err = -EINVAL; |
| 12013 | goto out; |
| 12014 | } |
| 12015 | if (vcmd->flags & WIPHY_VENDOR_CMD_NEED_NETDEV && |
| 12016 | !wdev->netdev) { |
| 12017 | err = -EINVAL; |
| 12018 | goto out; |
| 12019 | } |
| 12020 | |
| 12021 | if (vcmd->flags & WIPHY_VENDOR_CMD_NEED_RUNNING) { |
| 12022 | if (!wdev_running(wdev)) { |
| 12023 | err = -ENETDOWN; |
| 12024 | goto out; |
| 12025 | } |
| 12026 | } |
| 12027 | } |
| 12028 | |
| 12029 | while (1) { |
| 12030 | void *hdr = nl80211hdr_put(skb, NETLINK_CB(cb->skb).portid, |
| 12031 | cb->nlh->nlmsg_seq, NLM_F_MULTI, |
| 12032 | NL80211_CMD_VENDOR); |
| 12033 | if (!hdr) |
| 12034 | break; |
| 12035 | |
| 12036 | if (nla_put_u32(skb, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 12037 | (wdev && nla_put_u64_64bit(skb, NL80211_ATTR_WDEV, |
| 12038 | wdev_id(wdev), |
| 12039 | NL80211_ATTR_PAD))) { |
| 12040 | genlmsg_cancel(skb, hdr); |
| 12041 | break; |
| 12042 | } |
| 12043 | |
| 12044 | vendor_data = nla_nest_start(skb, NL80211_ATTR_VENDOR_DATA); |
| 12045 | if (!vendor_data) { |
| 12046 | genlmsg_cancel(skb, hdr); |
| 12047 | break; |
| 12048 | } |
| 12049 | |
| 12050 | err = vcmd->dumpit(&rdev->wiphy, wdev, skb, data, data_len, |
| 12051 | (unsigned long *)&cb->args[5]); |
| 12052 | nla_nest_end(skb, vendor_data); |
| 12053 | |
| 12054 | if (err == -ENOBUFS || err == -ENOENT) { |
| 12055 | genlmsg_cancel(skb, hdr); |
| 12056 | break; |
| 12057 | } else if (err) { |
| 12058 | genlmsg_cancel(skb, hdr); |
| 12059 | goto out; |
| 12060 | } |
| 12061 | |
| 12062 | genlmsg_end(skb, hdr); |
| 12063 | } |
| 12064 | |
| 12065 | err = skb->len; |
| 12066 | out: |
| 12067 | rtnl_unlock(); |
| 12068 | return err; |
| 12069 | } |
| 12070 | |
| 12071 | struct sk_buff *__cfg80211_alloc_reply_skb(struct wiphy *wiphy, |
| 12072 | enum nl80211_commands cmd, |
| 12073 | enum nl80211_attrs attr, |
| 12074 | int approxlen) |
| 12075 | { |
| 12076 | struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); |
| 12077 | |
| 12078 | if (WARN_ON(!rdev->cur_cmd_info)) |
| 12079 | return NULL; |
| 12080 | |
| 12081 | return __cfg80211_alloc_vendor_skb(rdev, NULL, approxlen, |
| 12082 | rdev->cur_cmd_info->snd_portid, |
| 12083 | rdev->cur_cmd_info->snd_seq, |
| 12084 | cmd, attr, NULL, GFP_KERNEL); |
| 12085 | } |
| 12086 | EXPORT_SYMBOL(__cfg80211_alloc_reply_skb); |
| 12087 | |
| 12088 | int cfg80211_vendor_cmd_reply(struct sk_buff *skb) |
| 12089 | { |
| 12090 | struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0]; |
| 12091 | void *hdr = ((void **)skb->cb)[1]; |
| 12092 | struct nlattr *data = ((void **)skb->cb)[2]; |
| 12093 | |
| 12094 | /* clear CB data for netlink core to own from now on */ |
| 12095 | memset(skb->cb, 0, sizeof(skb->cb)); |
| 12096 | |
| 12097 | if (WARN_ON(!rdev->cur_cmd_info)) { |
| 12098 | kfree_skb(skb); |
| 12099 | return -EINVAL; |
| 12100 | } |
| 12101 | |
| 12102 | nla_nest_end(skb, data); |
| 12103 | genlmsg_end(skb, hdr); |
| 12104 | return genlmsg_reply(skb, rdev->cur_cmd_info); |
| 12105 | } |
| 12106 | EXPORT_SYMBOL_GPL(cfg80211_vendor_cmd_reply); |
| 12107 | |
| 12108 | static int nl80211_set_qos_map(struct sk_buff *skb, |
| 12109 | struct genl_info *info) |
| 12110 | { |
| 12111 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 12112 | struct cfg80211_qos_map *qos_map = NULL; |
| 12113 | struct net_device *dev = info->user_ptr[1]; |
| 12114 | u8 *pos, len, num_des, des_len, des; |
| 12115 | int ret; |
| 12116 | |
| 12117 | if (!rdev->ops->set_qos_map) |
| 12118 | return -EOPNOTSUPP; |
| 12119 | |
| 12120 | if (info->attrs[NL80211_ATTR_QOS_MAP]) { |
| 12121 | pos = nla_data(info->attrs[NL80211_ATTR_QOS_MAP]); |
| 12122 | len = nla_len(info->attrs[NL80211_ATTR_QOS_MAP]); |
| 12123 | |
| 12124 | if (len % 2 || len < IEEE80211_QOS_MAP_LEN_MIN || |
| 12125 | len > IEEE80211_QOS_MAP_LEN_MAX) |
| 12126 | return -EINVAL; |
| 12127 | |
| 12128 | qos_map = kzalloc(sizeof(struct cfg80211_qos_map), GFP_KERNEL); |
| 12129 | if (!qos_map) |
| 12130 | return -ENOMEM; |
| 12131 | |
| 12132 | num_des = (len - IEEE80211_QOS_MAP_LEN_MIN) >> 1; |
| 12133 | if (num_des) { |
| 12134 | des_len = num_des * |
| 12135 | sizeof(struct cfg80211_dscp_exception); |
| 12136 | memcpy(qos_map->dscp_exception, pos, des_len); |
| 12137 | qos_map->num_des = num_des; |
| 12138 | for (des = 0; des < num_des; des++) { |
| 12139 | if (qos_map->dscp_exception[des].up > 7) { |
| 12140 | kfree(qos_map); |
| 12141 | return -EINVAL; |
| 12142 | } |
| 12143 | } |
| 12144 | pos += des_len; |
| 12145 | } |
| 12146 | memcpy(qos_map->up, pos, IEEE80211_QOS_MAP_LEN_MIN); |
| 12147 | } |
| 12148 | |
| 12149 | wdev_lock(dev->ieee80211_ptr); |
| 12150 | ret = nl80211_key_allowed(dev->ieee80211_ptr); |
| 12151 | if (!ret) |
| 12152 | ret = rdev_set_qos_map(rdev, dev, qos_map); |
| 12153 | wdev_unlock(dev->ieee80211_ptr); |
| 12154 | |
| 12155 | kfree(qos_map); |
| 12156 | return ret; |
| 12157 | } |
| 12158 | |
| 12159 | static int nl80211_add_tx_ts(struct sk_buff *skb, struct genl_info *info) |
| 12160 | { |
| 12161 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 12162 | struct net_device *dev = info->user_ptr[1]; |
| 12163 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 12164 | const u8 *peer; |
| 12165 | u8 tsid, up; |
| 12166 | u16 admitted_time = 0; |
| 12167 | int err; |
| 12168 | |
| 12169 | if (!(rdev->wiphy.features & NL80211_FEATURE_SUPPORTS_WMM_ADMISSION)) |
| 12170 | return -EOPNOTSUPP; |
| 12171 | |
| 12172 | if (!info->attrs[NL80211_ATTR_TSID] || !info->attrs[NL80211_ATTR_MAC] || |
| 12173 | !info->attrs[NL80211_ATTR_USER_PRIO]) |
| 12174 | return -EINVAL; |
| 12175 | |
| 12176 | tsid = nla_get_u8(info->attrs[NL80211_ATTR_TSID]); |
| 12177 | if (tsid >= IEEE80211_NUM_TIDS) |
| 12178 | return -EINVAL; |
| 12179 | |
| 12180 | up = nla_get_u8(info->attrs[NL80211_ATTR_USER_PRIO]); |
| 12181 | if (up >= IEEE80211_NUM_UPS) |
| 12182 | return -EINVAL; |
| 12183 | |
| 12184 | /* WMM uses TIDs 0-7 even for TSPEC */ |
| 12185 | if (tsid >= IEEE80211_FIRST_TSPEC_TSID) { |
| 12186 | /* TODO: handle 802.11 TSPEC/admission control |
| 12187 | * need more attributes for that (e.g. BA session requirement); |
| 12188 | * change the WMM adminssion test above to allow both then |
| 12189 | */ |
| 12190 | return -EINVAL; |
| 12191 | } |
| 12192 | |
| 12193 | peer = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 12194 | |
| 12195 | if (info->attrs[NL80211_ATTR_ADMITTED_TIME]) { |
| 12196 | admitted_time = |
| 12197 | nla_get_u16(info->attrs[NL80211_ATTR_ADMITTED_TIME]); |
| 12198 | if (!admitted_time) |
| 12199 | return -EINVAL; |
| 12200 | } |
| 12201 | |
| 12202 | wdev_lock(wdev); |
| 12203 | switch (wdev->iftype) { |
| 12204 | case NL80211_IFTYPE_STATION: |
| 12205 | case NL80211_IFTYPE_P2P_CLIENT: |
| 12206 | if (wdev->current_bss) |
| 12207 | break; |
| 12208 | err = -ENOTCONN; |
| 12209 | goto out; |
| 12210 | default: |
| 12211 | err = -EOPNOTSUPP; |
| 12212 | goto out; |
| 12213 | } |
| 12214 | |
| 12215 | err = rdev_add_tx_ts(rdev, dev, tsid, peer, up, admitted_time); |
| 12216 | |
| 12217 | out: |
| 12218 | wdev_unlock(wdev); |
| 12219 | return err; |
| 12220 | } |
| 12221 | |
| 12222 | static int nl80211_del_tx_ts(struct sk_buff *skb, struct genl_info *info) |
| 12223 | { |
| 12224 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 12225 | struct net_device *dev = info->user_ptr[1]; |
| 12226 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 12227 | const u8 *peer; |
| 12228 | u8 tsid; |
| 12229 | int err; |
| 12230 | |
| 12231 | if (!info->attrs[NL80211_ATTR_TSID] || !info->attrs[NL80211_ATTR_MAC]) |
| 12232 | return -EINVAL; |
| 12233 | |
| 12234 | tsid = nla_get_u8(info->attrs[NL80211_ATTR_TSID]); |
| 12235 | peer = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 12236 | |
| 12237 | wdev_lock(wdev); |
| 12238 | err = rdev_del_tx_ts(rdev, dev, tsid, peer); |
| 12239 | wdev_unlock(wdev); |
| 12240 | |
| 12241 | return err; |
| 12242 | } |
| 12243 | |
| 12244 | static int nl80211_tdls_channel_switch(struct sk_buff *skb, |
| 12245 | struct genl_info *info) |
| 12246 | { |
| 12247 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 12248 | struct net_device *dev = info->user_ptr[1]; |
| 12249 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 12250 | struct cfg80211_chan_def chandef = {}; |
| 12251 | const u8 *addr; |
| 12252 | u8 oper_class; |
| 12253 | int err; |
| 12254 | |
| 12255 | if (!rdev->ops->tdls_channel_switch || |
| 12256 | !(rdev->wiphy.features & NL80211_FEATURE_TDLS_CHANNEL_SWITCH)) |
| 12257 | return -EOPNOTSUPP; |
| 12258 | |
| 12259 | switch (dev->ieee80211_ptr->iftype) { |
| 12260 | case NL80211_IFTYPE_STATION: |
| 12261 | case NL80211_IFTYPE_P2P_CLIENT: |
| 12262 | break; |
| 12263 | default: |
| 12264 | return -EOPNOTSUPP; |
| 12265 | } |
| 12266 | |
| 12267 | if (!info->attrs[NL80211_ATTR_MAC] || |
| 12268 | !info->attrs[NL80211_ATTR_OPER_CLASS]) |
| 12269 | return -EINVAL; |
| 12270 | |
| 12271 | err = nl80211_parse_chandef(rdev, info, &chandef); |
| 12272 | if (err) |
| 12273 | return err; |
| 12274 | |
| 12275 | /* |
| 12276 | * Don't allow wide channels on the 2.4Ghz band, as per IEEE802.11-2012 |
| 12277 | * section 10.22.6.2.1. Disallow 5/10Mhz channels as well for now, the |
| 12278 | * specification is not defined for them. |
| 12279 | */ |
| 12280 | if (chandef.chan->band == NL80211_BAND_2GHZ && |
| 12281 | chandef.width != NL80211_CHAN_WIDTH_20_NOHT && |
| 12282 | chandef.width != NL80211_CHAN_WIDTH_20) |
| 12283 | return -EINVAL; |
| 12284 | |
| 12285 | /* we will be active on the TDLS link */ |
| 12286 | if (!cfg80211_reg_can_beacon_relax(&rdev->wiphy, &chandef, |
| 12287 | wdev->iftype)) |
| 12288 | return -EINVAL; |
| 12289 | |
| 12290 | /* don't allow switching to DFS channels */ |
| 12291 | if (cfg80211_chandef_dfs_required(wdev->wiphy, &chandef, wdev->iftype)) |
| 12292 | return -EINVAL; |
| 12293 | |
| 12294 | addr = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 12295 | oper_class = nla_get_u8(info->attrs[NL80211_ATTR_OPER_CLASS]); |
| 12296 | |
| 12297 | wdev_lock(wdev); |
| 12298 | err = rdev_tdls_channel_switch(rdev, dev, addr, oper_class, &chandef); |
| 12299 | wdev_unlock(wdev); |
| 12300 | |
| 12301 | return err; |
| 12302 | } |
| 12303 | |
| 12304 | static int nl80211_tdls_cancel_channel_switch(struct sk_buff *skb, |
| 12305 | struct genl_info *info) |
| 12306 | { |
| 12307 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 12308 | struct net_device *dev = info->user_ptr[1]; |
| 12309 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 12310 | const u8 *addr; |
| 12311 | |
| 12312 | if (!rdev->ops->tdls_channel_switch || |
| 12313 | !rdev->ops->tdls_cancel_channel_switch || |
| 12314 | !(rdev->wiphy.features & NL80211_FEATURE_TDLS_CHANNEL_SWITCH)) |
| 12315 | return -EOPNOTSUPP; |
| 12316 | |
| 12317 | switch (dev->ieee80211_ptr->iftype) { |
| 12318 | case NL80211_IFTYPE_STATION: |
| 12319 | case NL80211_IFTYPE_P2P_CLIENT: |
| 12320 | break; |
| 12321 | default: |
| 12322 | return -EOPNOTSUPP; |
| 12323 | } |
| 12324 | |
| 12325 | if (!info->attrs[NL80211_ATTR_MAC]) |
| 12326 | return -EINVAL; |
| 12327 | |
| 12328 | addr = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 12329 | |
| 12330 | wdev_lock(wdev); |
| 12331 | rdev_tdls_cancel_channel_switch(rdev, dev, addr); |
| 12332 | wdev_unlock(wdev); |
| 12333 | |
| 12334 | return 0; |
| 12335 | } |
| 12336 | |
| 12337 | static int nl80211_set_multicast_to_unicast(struct sk_buff *skb, |
| 12338 | struct genl_info *info) |
| 12339 | { |
| 12340 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 12341 | struct net_device *dev = info->user_ptr[1]; |
| 12342 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 12343 | const struct nlattr *nla; |
| 12344 | bool enabled; |
| 12345 | |
| 12346 | if (!rdev->ops->set_multicast_to_unicast) |
| 12347 | return -EOPNOTSUPP; |
| 12348 | |
| 12349 | if (wdev->iftype != NL80211_IFTYPE_AP && |
| 12350 | wdev->iftype != NL80211_IFTYPE_P2P_GO) |
| 12351 | return -EOPNOTSUPP; |
| 12352 | |
| 12353 | nla = info->attrs[NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED]; |
| 12354 | enabled = nla_get_flag(nla); |
| 12355 | |
| 12356 | return rdev_set_multicast_to_unicast(rdev, dev, enabled); |
| 12357 | } |
| 12358 | |
| 12359 | static int nl80211_set_pmk(struct sk_buff *skb, struct genl_info *info) |
| 12360 | { |
| 12361 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 12362 | struct net_device *dev = info->user_ptr[1]; |
| 12363 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 12364 | struct cfg80211_pmk_conf pmk_conf = {}; |
| 12365 | int ret; |
| 12366 | |
| 12367 | if (wdev->iftype != NL80211_IFTYPE_STATION && |
| 12368 | wdev->iftype != NL80211_IFTYPE_P2P_CLIENT) |
| 12369 | return -EOPNOTSUPP; |
| 12370 | |
| 12371 | if (!wiphy_ext_feature_isset(&rdev->wiphy, |
| 12372 | NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X)) |
| 12373 | return -EOPNOTSUPP; |
| 12374 | |
| 12375 | if (!info->attrs[NL80211_ATTR_MAC] || !info->attrs[NL80211_ATTR_PMK]) |
| 12376 | return -EINVAL; |
| 12377 | |
| 12378 | wdev_lock(wdev); |
| 12379 | if (!wdev->current_bss) { |
| 12380 | ret = -ENOTCONN; |
| 12381 | goto out; |
| 12382 | } |
| 12383 | |
| 12384 | pmk_conf.aa = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 12385 | if (memcmp(pmk_conf.aa, wdev->current_bss->pub.bssid, ETH_ALEN)) { |
| 12386 | ret = -EINVAL; |
| 12387 | goto out; |
| 12388 | } |
| 12389 | |
| 12390 | pmk_conf.pmk = nla_data(info->attrs[NL80211_ATTR_PMK]); |
| 12391 | pmk_conf.pmk_len = nla_len(info->attrs[NL80211_ATTR_PMK]); |
| 12392 | if (pmk_conf.pmk_len != WLAN_PMK_LEN && |
| 12393 | pmk_conf.pmk_len != WLAN_PMK_LEN_SUITE_B_192) { |
| 12394 | ret = -EINVAL; |
| 12395 | goto out; |
| 12396 | } |
| 12397 | |
| 12398 | if (info->attrs[NL80211_ATTR_PMKR0_NAME]) { |
| 12399 | int r0_name_len = nla_len(info->attrs[NL80211_ATTR_PMKR0_NAME]); |
| 12400 | |
| 12401 | if (r0_name_len != WLAN_PMK_NAME_LEN) { |
| 12402 | ret = -EINVAL; |
| 12403 | goto out; |
| 12404 | } |
| 12405 | |
| 12406 | pmk_conf.pmk_r0_name = |
| 12407 | nla_data(info->attrs[NL80211_ATTR_PMKR0_NAME]); |
| 12408 | } |
| 12409 | |
| 12410 | ret = rdev_set_pmk(rdev, dev, &pmk_conf); |
| 12411 | out: |
| 12412 | wdev_unlock(wdev); |
| 12413 | return ret; |
| 12414 | } |
| 12415 | |
| 12416 | static int nl80211_del_pmk(struct sk_buff *skb, struct genl_info *info) |
| 12417 | { |
| 12418 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 12419 | struct net_device *dev = info->user_ptr[1]; |
| 12420 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 12421 | const u8 *aa; |
| 12422 | int ret; |
| 12423 | |
| 12424 | if (wdev->iftype != NL80211_IFTYPE_STATION && |
| 12425 | wdev->iftype != NL80211_IFTYPE_P2P_CLIENT) |
| 12426 | return -EOPNOTSUPP; |
| 12427 | |
| 12428 | if (!wiphy_ext_feature_isset(&rdev->wiphy, |
| 12429 | NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X)) |
| 12430 | return -EOPNOTSUPP; |
| 12431 | |
| 12432 | if (!info->attrs[NL80211_ATTR_MAC]) |
| 12433 | return -EINVAL; |
| 12434 | |
| 12435 | wdev_lock(wdev); |
| 12436 | aa = nla_data(info->attrs[NL80211_ATTR_MAC]); |
| 12437 | ret = rdev_del_pmk(rdev, dev, aa); |
| 12438 | wdev_unlock(wdev); |
| 12439 | |
| 12440 | return ret; |
| 12441 | } |
| 12442 | |
| 12443 | static int nl80211_external_auth(struct sk_buff *skb, struct genl_info *info) |
| 12444 | { |
| 12445 | struct cfg80211_registered_device *rdev = info->user_ptr[0]; |
| 12446 | struct net_device *dev = info->user_ptr[1]; |
| 12447 | struct cfg80211_external_auth_params params; |
| 12448 | |
| 12449 | if (!rdev->ops->external_auth) |
| 12450 | return -EOPNOTSUPP; |
| 12451 | |
| 12452 | if (!info->attrs[NL80211_ATTR_SSID]) |
| 12453 | return -EINVAL; |
| 12454 | |
| 12455 | if (!info->attrs[NL80211_ATTR_BSSID]) |
| 12456 | return -EINVAL; |
| 12457 | |
| 12458 | if (!info->attrs[NL80211_ATTR_STATUS_CODE]) |
| 12459 | return -EINVAL; |
| 12460 | |
| 12461 | memset(¶ms, 0, sizeof(params)); |
| 12462 | |
| 12463 | params.ssid.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]); |
| 12464 | if (params.ssid.ssid_len == 0 || |
| 12465 | params.ssid.ssid_len > IEEE80211_MAX_SSID_LEN) |
| 12466 | return -EINVAL; |
| 12467 | memcpy(params.ssid.ssid, nla_data(info->attrs[NL80211_ATTR_SSID]), |
| 12468 | params.ssid.ssid_len); |
| 12469 | |
| 12470 | memcpy(params.bssid, nla_data(info->attrs[NL80211_ATTR_BSSID]), |
| 12471 | ETH_ALEN); |
| 12472 | |
| 12473 | params.status = nla_get_u16(info->attrs[NL80211_ATTR_STATUS_CODE]); |
| 12474 | |
| 12475 | return rdev_external_auth(rdev, dev, ¶ms); |
| 12476 | } |
| 12477 | |
| 12478 | #define NL80211_FLAG_NEED_WIPHY 0x01 |
| 12479 | #define NL80211_FLAG_NEED_NETDEV 0x02 |
| 12480 | #define NL80211_FLAG_NEED_RTNL 0x04 |
| 12481 | #define NL80211_FLAG_CHECK_NETDEV_UP 0x08 |
| 12482 | #define NL80211_FLAG_NEED_NETDEV_UP (NL80211_FLAG_NEED_NETDEV |\ |
| 12483 | NL80211_FLAG_CHECK_NETDEV_UP) |
| 12484 | #define NL80211_FLAG_NEED_WDEV 0x10 |
| 12485 | /* If a netdev is associated, it must be UP, P2P must be started */ |
| 12486 | #define NL80211_FLAG_NEED_WDEV_UP (NL80211_FLAG_NEED_WDEV |\ |
| 12487 | NL80211_FLAG_CHECK_NETDEV_UP) |
| 12488 | #define NL80211_FLAG_CLEAR_SKB 0x20 |
| 12489 | |
| 12490 | static int nl80211_pre_doit(const struct genl_ops *ops, struct sk_buff *skb, |
| 12491 | struct genl_info *info) |
| 12492 | { |
| 12493 | struct cfg80211_registered_device *rdev; |
| 12494 | struct wireless_dev *wdev; |
| 12495 | struct net_device *dev; |
| 12496 | bool rtnl = ops->internal_flags & NL80211_FLAG_NEED_RTNL; |
| 12497 | |
| 12498 | if (rtnl) |
| 12499 | rtnl_lock(); |
| 12500 | |
| 12501 | if (ops->internal_flags & NL80211_FLAG_NEED_WIPHY) { |
| 12502 | rdev = cfg80211_get_dev_from_info(genl_info_net(info), info); |
| 12503 | if (IS_ERR(rdev)) { |
| 12504 | if (rtnl) |
| 12505 | rtnl_unlock(); |
| 12506 | return PTR_ERR(rdev); |
| 12507 | } |
| 12508 | info->user_ptr[0] = rdev; |
| 12509 | } else if (ops->internal_flags & NL80211_FLAG_NEED_NETDEV || |
| 12510 | ops->internal_flags & NL80211_FLAG_NEED_WDEV) { |
| 12511 | ASSERT_RTNL(); |
| 12512 | |
| 12513 | wdev = __cfg80211_wdev_from_attrs(genl_info_net(info), |
| 12514 | info->attrs); |
| 12515 | if (IS_ERR(wdev)) { |
| 12516 | if (rtnl) |
| 12517 | rtnl_unlock(); |
| 12518 | return PTR_ERR(wdev); |
| 12519 | } |
| 12520 | |
| 12521 | dev = wdev->netdev; |
| 12522 | rdev = wiphy_to_rdev(wdev->wiphy); |
| 12523 | |
| 12524 | if (ops->internal_flags & NL80211_FLAG_NEED_NETDEV) { |
| 12525 | if (!dev) { |
| 12526 | if (rtnl) |
| 12527 | rtnl_unlock(); |
| 12528 | return -EINVAL; |
| 12529 | } |
| 12530 | |
| 12531 | info->user_ptr[1] = dev; |
| 12532 | } else { |
| 12533 | info->user_ptr[1] = wdev; |
| 12534 | } |
| 12535 | |
| 12536 | if (ops->internal_flags & NL80211_FLAG_CHECK_NETDEV_UP && |
| 12537 | !wdev_running(wdev)) { |
| 12538 | if (rtnl) |
| 12539 | rtnl_unlock(); |
| 12540 | return -ENETDOWN; |
| 12541 | } |
| 12542 | |
| 12543 | if (dev) |
| 12544 | dev_hold(dev); |
| 12545 | |
| 12546 | info->user_ptr[0] = rdev; |
| 12547 | } |
| 12548 | |
| 12549 | return 0; |
| 12550 | } |
| 12551 | |
| 12552 | static void nl80211_post_doit(const struct genl_ops *ops, struct sk_buff *skb, |
| 12553 | struct genl_info *info) |
| 12554 | { |
| 12555 | if (info->user_ptr[1]) { |
| 12556 | if (ops->internal_flags & NL80211_FLAG_NEED_WDEV) { |
| 12557 | struct wireless_dev *wdev = info->user_ptr[1]; |
| 12558 | |
| 12559 | if (wdev->netdev) |
| 12560 | dev_put(wdev->netdev); |
| 12561 | } else { |
| 12562 | dev_put(info->user_ptr[1]); |
| 12563 | } |
| 12564 | } |
| 12565 | |
| 12566 | if (ops->internal_flags & NL80211_FLAG_NEED_RTNL) |
| 12567 | rtnl_unlock(); |
| 12568 | |
| 12569 | /* If needed, clear the netlink message payload from the SKB |
| 12570 | * as it might contain key data that shouldn't stick around on |
| 12571 | * the heap after the SKB is freed. The netlink message header |
| 12572 | * is still needed for further processing, so leave it intact. |
| 12573 | */ |
| 12574 | if (ops->internal_flags & NL80211_FLAG_CLEAR_SKB) { |
| 12575 | struct nlmsghdr *nlh = nlmsg_hdr(skb); |
| 12576 | |
| 12577 | memset(nlmsg_data(nlh), 0, nlmsg_len(nlh)); |
| 12578 | } |
| 12579 | } |
| 12580 | |
| 12581 | static const struct genl_ops nl80211_ops[] = { |
| 12582 | { |
| 12583 | .cmd = NL80211_CMD_GET_WIPHY, |
| 12584 | .doit = nl80211_get_wiphy, |
| 12585 | .dumpit = nl80211_dump_wiphy, |
| 12586 | .done = nl80211_dump_wiphy_done, |
| 12587 | .policy = nl80211_policy, |
| 12588 | /* can be retrieved by unprivileged users */ |
| 12589 | .internal_flags = NL80211_FLAG_NEED_WIPHY | |
| 12590 | NL80211_FLAG_NEED_RTNL, |
| 12591 | }, |
| 12592 | { |
| 12593 | .cmd = NL80211_CMD_SET_WIPHY, |
| 12594 | .doit = nl80211_set_wiphy, |
| 12595 | .policy = nl80211_policy, |
| 12596 | .flags = GENL_UNS_ADMIN_PERM, |
| 12597 | .internal_flags = NL80211_FLAG_NEED_RTNL, |
| 12598 | }, |
| 12599 | { |
| 12600 | .cmd = NL80211_CMD_GET_INTERFACE, |
| 12601 | .doit = nl80211_get_interface, |
| 12602 | .dumpit = nl80211_dump_interface, |
| 12603 | .policy = nl80211_policy, |
| 12604 | /* can be retrieved by unprivileged users */ |
| 12605 | .internal_flags = NL80211_FLAG_NEED_WDEV | |
| 12606 | NL80211_FLAG_NEED_RTNL, |
| 12607 | }, |
| 12608 | { |
| 12609 | .cmd = NL80211_CMD_SET_INTERFACE, |
| 12610 | .doit = nl80211_set_interface, |
| 12611 | .policy = nl80211_policy, |
| 12612 | .flags = GENL_UNS_ADMIN_PERM, |
| 12613 | .internal_flags = NL80211_FLAG_NEED_NETDEV | |
| 12614 | NL80211_FLAG_NEED_RTNL, |
| 12615 | }, |
| 12616 | { |
| 12617 | .cmd = NL80211_CMD_NEW_INTERFACE, |
| 12618 | .doit = nl80211_new_interface, |
| 12619 | .policy = nl80211_policy, |
| 12620 | .flags = GENL_UNS_ADMIN_PERM, |
| 12621 | .internal_flags = NL80211_FLAG_NEED_WIPHY | |
| 12622 | NL80211_FLAG_NEED_RTNL, |
| 12623 | }, |
| 12624 | { |
| 12625 | .cmd = NL80211_CMD_DEL_INTERFACE, |
| 12626 | .doit = nl80211_del_interface, |
| 12627 | .policy = nl80211_policy, |
| 12628 | .flags = GENL_UNS_ADMIN_PERM, |
| 12629 | .internal_flags = NL80211_FLAG_NEED_WDEV | |
| 12630 | NL80211_FLAG_NEED_RTNL, |
| 12631 | }, |
| 12632 | { |
| 12633 | .cmd = NL80211_CMD_GET_KEY, |
| 12634 | .doit = nl80211_get_key, |
| 12635 | .policy = nl80211_policy, |
| 12636 | .flags = GENL_UNS_ADMIN_PERM, |
| 12637 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12638 | NL80211_FLAG_NEED_RTNL, |
| 12639 | }, |
| 12640 | { |
| 12641 | .cmd = NL80211_CMD_SET_KEY, |
| 12642 | .doit = nl80211_set_key, |
| 12643 | .policy = nl80211_policy, |
| 12644 | .flags = GENL_UNS_ADMIN_PERM, |
| 12645 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12646 | NL80211_FLAG_NEED_RTNL | |
| 12647 | NL80211_FLAG_CLEAR_SKB, |
| 12648 | }, |
| 12649 | { |
| 12650 | .cmd = NL80211_CMD_NEW_KEY, |
| 12651 | .doit = nl80211_new_key, |
| 12652 | .policy = nl80211_policy, |
| 12653 | .flags = GENL_UNS_ADMIN_PERM, |
| 12654 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12655 | NL80211_FLAG_NEED_RTNL | |
| 12656 | NL80211_FLAG_CLEAR_SKB, |
| 12657 | }, |
| 12658 | { |
| 12659 | .cmd = NL80211_CMD_DEL_KEY, |
| 12660 | .doit = nl80211_del_key, |
| 12661 | .policy = nl80211_policy, |
| 12662 | .flags = GENL_UNS_ADMIN_PERM, |
| 12663 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12664 | NL80211_FLAG_NEED_RTNL, |
| 12665 | }, |
| 12666 | { |
| 12667 | .cmd = NL80211_CMD_SET_BEACON, |
| 12668 | .policy = nl80211_policy, |
| 12669 | .flags = GENL_UNS_ADMIN_PERM, |
| 12670 | .doit = nl80211_set_beacon, |
| 12671 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12672 | NL80211_FLAG_NEED_RTNL, |
| 12673 | }, |
| 12674 | { |
| 12675 | .cmd = NL80211_CMD_START_AP, |
| 12676 | .policy = nl80211_policy, |
| 12677 | .flags = GENL_UNS_ADMIN_PERM, |
| 12678 | .doit = nl80211_start_ap, |
| 12679 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12680 | NL80211_FLAG_NEED_RTNL, |
| 12681 | }, |
| 12682 | { |
| 12683 | .cmd = NL80211_CMD_STOP_AP, |
| 12684 | .policy = nl80211_policy, |
| 12685 | .flags = GENL_UNS_ADMIN_PERM, |
| 12686 | .doit = nl80211_stop_ap, |
| 12687 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12688 | NL80211_FLAG_NEED_RTNL, |
| 12689 | }, |
| 12690 | { |
| 12691 | .cmd = NL80211_CMD_GET_STATION, |
| 12692 | .doit = nl80211_get_station, |
| 12693 | .dumpit = nl80211_dump_station, |
| 12694 | .policy = nl80211_policy, |
| 12695 | .internal_flags = NL80211_FLAG_NEED_NETDEV | |
| 12696 | NL80211_FLAG_NEED_RTNL, |
| 12697 | }, |
| 12698 | { |
| 12699 | .cmd = NL80211_CMD_SET_STATION, |
| 12700 | .doit = nl80211_set_station, |
| 12701 | .policy = nl80211_policy, |
| 12702 | .flags = GENL_UNS_ADMIN_PERM, |
| 12703 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12704 | NL80211_FLAG_NEED_RTNL, |
| 12705 | }, |
| 12706 | { |
| 12707 | .cmd = NL80211_CMD_NEW_STATION, |
| 12708 | .doit = nl80211_new_station, |
| 12709 | .policy = nl80211_policy, |
| 12710 | .flags = GENL_UNS_ADMIN_PERM, |
| 12711 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12712 | NL80211_FLAG_NEED_RTNL, |
| 12713 | }, |
| 12714 | { |
| 12715 | .cmd = NL80211_CMD_DEL_STATION, |
| 12716 | .doit = nl80211_del_station, |
| 12717 | .policy = nl80211_policy, |
| 12718 | .flags = GENL_UNS_ADMIN_PERM, |
| 12719 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12720 | NL80211_FLAG_NEED_RTNL, |
| 12721 | }, |
| 12722 | { |
| 12723 | .cmd = NL80211_CMD_GET_MPATH, |
| 12724 | .doit = nl80211_get_mpath, |
| 12725 | .dumpit = nl80211_dump_mpath, |
| 12726 | .policy = nl80211_policy, |
| 12727 | .flags = GENL_UNS_ADMIN_PERM, |
| 12728 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12729 | NL80211_FLAG_NEED_RTNL, |
| 12730 | }, |
| 12731 | { |
| 12732 | .cmd = NL80211_CMD_GET_MPP, |
| 12733 | .doit = nl80211_get_mpp, |
| 12734 | .dumpit = nl80211_dump_mpp, |
| 12735 | .policy = nl80211_policy, |
| 12736 | .flags = GENL_UNS_ADMIN_PERM, |
| 12737 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12738 | NL80211_FLAG_NEED_RTNL, |
| 12739 | }, |
| 12740 | { |
| 12741 | .cmd = NL80211_CMD_SET_MPATH, |
| 12742 | .doit = nl80211_set_mpath, |
| 12743 | .policy = nl80211_policy, |
| 12744 | .flags = GENL_UNS_ADMIN_PERM, |
| 12745 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12746 | NL80211_FLAG_NEED_RTNL, |
| 12747 | }, |
| 12748 | { |
| 12749 | .cmd = NL80211_CMD_NEW_MPATH, |
| 12750 | .doit = nl80211_new_mpath, |
| 12751 | .policy = nl80211_policy, |
| 12752 | .flags = GENL_UNS_ADMIN_PERM, |
| 12753 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12754 | NL80211_FLAG_NEED_RTNL, |
| 12755 | }, |
| 12756 | { |
| 12757 | .cmd = NL80211_CMD_DEL_MPATH, |
| 12758 | .doit = nl80211_del_mpath, |
| 12759 | .policy = nl80211_policy, |
| 12760 | .flags = GENL_UNS_ADMIN_PERM, |
| 12761 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12762 | NL80211_FLAG_NEED_RTNL, |
| 12763 | }, |
| 12764 | { |
| 12765 | .cmd = NL80211_CMD_SET_BSS, |
| 12766 | .doit = nl80211_set_bss, |
| 12767 | .policy = nl80211_policy, |
| 12768 | .flags = GENL_UNS_ADMIN_PERM, |
| 12769 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12770 | NL80211_FLAG_NEED_RTNL, |
| 12771 | }, |
| 12772 | { |
| 12773 | .cmd = NL80211_CMD_GET_REG, |
| 12774 | .doit = nl80211_get_reg_do, |
| 12775 | .dumpit = nl80211_get_reg_dump, |
| 12776 | .policy = nl80211_policy, |
| 12777 | .internal_flags = NL80211_FLAG_NEED_RTNL, |
| 12778 | /* can be retrieved by unprivileged users */ |
| 12779 | }, |
| 12780 | #ifdef CONFIG_CFG80211_CRDA_SUPPORT |
| 12781 | { |
| 12782 | .cmd = NL80211_CMD_SET_REG, |
| 12783 | .doit = nl80211_set_reg, |
| 12784 | .policy = nl80211_policy, |
| 12785 | .flags = GENL_ADMIN_PERM, |
| 12786 | .internal_flags = NL80211_FLAG_NEED_RTNL, |
| 12787 | }, |
| 12788 | #endif |
| 12789 | { |
| 12790 | .cmd = NL80211_CMD_REQ_SET_REG, |
| 12791 | .doit = nl80211_req_set_reg, |
| 12792 | .policy = nl80211_policy, |
| 12793 | .flags = GENL_ADMIN_PERM, |
| 12794 | }, |
| 12795 | { |
| 12796 | .cmd = NL80211_CMD_GET_MESH_CONFIG, |
| 12797 | .doit = nl80211_get_mesh_config, |
| 12798 | .policy = nl80211_policy, |
| 12799 | /* can be retrieved by unprivileged users */ |
| 12800 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12801 | NL80211_FLAG_NEED_RTNL, |
| 12802 | }, |
| 12803 | { |
| 12804 | .cmd = NL80211_CMD_SET_MESH_CONFIG, |
| 12805 | .doit = nl80211_update_mesh_config, |
| 12806 | .policy = nl80211_policy, |
| 12807 | .flags = GENL_UNS_ADMIN_PERM, |
| 12808 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12809 | NL80211_FLAG_NEED_RTNL, |
| 12810 | }, |
| 12811 | { |
| 12812 | .cmd = NL80211_CMD_TRIGGER_SCAN, |
| 12813 | .doit = nl80211_trigger_scan, |
| 12814 | .policy = nl80211_policy, |
| 12815 | .flags = GENL_UNS_ADMIN_PERM, |
| 12816 | .internal_flags = NL80211_FLAG_NEED_WDEV_UP | |
| 12817 | NL80211_FLAG_NEED_RTNL, |
| 12818 | }, |
| 12819 | { |
| 12820 | .cmd = NL80211_CMD_ABORT_SCAN, |
| 12821 | .doit = nl80211_abort_scan, |
| 12822 | .policy = nl80211_policy, |
| 12823 | .flags = GENL_UNS_ADMIN_PERM, |
| 12824 | .internal_flags = NL80211_FLAG_NEED_WDEV_UP | |
| 12825 | NL80211_FLAG_NEED_RTNL, |
| 12826 | }, |
| 12827 | { |
| 12828 | .cmd = NL80211_CMD_GET_SCAN, |
| 12829 | .policy = nl80211_policy, |
| 12830 | .dumpit = nl80211_dump_scan, |
| 12831 | }, |
| 12832 | { |
| 12833 | .cmd = NL80211_CMD_START_SCHED_SCAN, |
| 12834 | .doit = nl80211_start_sched_scan, |
| 12835 | .policy = nl80211_policy, |
| 12836 | .flags = GENL_UNS_ADMIN_PERM, |
| 12837 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12838 | NL80211_FLAG_NEED_RTNL, |
| 12839 | }, |
| 12840 | { |
| 12841 | .cmd = NL80211_CMD_STOP_SCHED_SCAN, |
| 12842 | .doit = nl80211_stop_sched_scan, |
| 12843 | .policy = nl80211_policy, |
| 12844 | .flags = GENL_UNS_ADMIN_PERM, |
| 12845 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12846 | NL80211_FLAG_NEED_RTNL, |
| 12847 | }, |
| 12848 | { |
| 12849 | .cmd = NL80211_CMD_AUTHENTICATE, |
| 12850 | .doit = nl80211_authenticate, |
| 12851 | .policy = nl80211_policy, |
| 12852 | .flags = GENL_UNS_ADMIN_PERM, |
| 12853 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12854 | NL80211_FLAG_NEED_RTNL | |
| 12855 | NL80211_FLAG_CLEAR_SKB, |
| 12856 | }, |
| 12857 | { |
| 12858 | .cmd = NL80211_CMD_ASSOCIATE, |
| 12859 | .doit = nl80211_associate, |
| 12860 | .policy = nl80211_policy, |
| 12861 | .flags = GENL_UNS_ADMIN_PERM, |
| 12862 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12863 | NL80211_FLAG_NEED_RTNL | |
| 12864 | NL80211_FLAG_CLEAR_SKB, |
| 12865 | }, |
| 12866 | { |
| 12867 | .cmd = NL80211_CMD_DEAUTHENTICATE, |
| 12868 | .doit = nl80211_deauthenticate, |
| 12869 | .policy = nl80211_policy, |
| 12870 | .flags = GENL_UNS_ADMIN_PERM, |
| 12871 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12872 | NL80211_FLAG_NEED_RTNL, |
| 12873 | }, |
| 12874 | { |
| 12875 | .cmd = NL80211_CMD_DISASSOCIATE, |
| 12876 | .doit = nl80211_disassociate, |
| 12877 | .policy = nl80211_policy, |
| 12878 | .flags = GENL_UNS_ADMIN_PERM, |
| 12879 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12880 | NL80211_FLAG_NEED_RTNL, |
| 12881 | }, |
| 12882 | { |
| 12883 | .cmd = NL80211_CMD_JOIN_IBSS, |
| 12884 | .doit = nl80211_join_ibss, |
| 12885 | .policy = nl80211_policy, |
| 12886 | .flags = GENL_UNS_ADMIN_PERM, |
| 12887 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12888 | NL80211_FLAG_NEED_RTNL, |
| 12889 | }, |
| 12890 | { |
| 12891 | .cmd = NL80211_CMD_LEAVE_IBSS, |
| 12892 | .doit = nl80211_leave_ibss, |
| 12893 | .policy = nl80211_policy, |
| 12894 | .flags = GENL_UNS_ADMIN_PERM, |
| 12895 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12896 | NL80211_FLAG_NEED_RTNL, |
| 12897 | }, |
| 12898 | #ifdef CONFIG_NL80211_TESTMODE |
| 12899 | { |
| 12900 | .cmd = NL80211_CMD_TESTMODE, |
| 12901 | .doit = nl80211_testmode_do, |
| 12902 | .dumpit = nl80211_testmode_dump, |
| 12903 | .policy = nl80211_policy, |
| 12904 | .flags = GENL_UNS_ADMIN_PERM, |
| 12905 | .internal_flags = NL80211_FLAG_NEED_WIPHY | |
| 12906 | NL80211_FLAG_NEED_RTNL, |
| 12907 | }, |
| 12908 | #endif |
| 12909 | { |
| 12910 | .cmd = NL80211_CMD_CONNECT, |
| 12911 | .doit = nl80211_connect, |
| 12912 | .policy = nl80211_policy, |
| 12913 | .flags = GENL_UNS_ADMIN_PERM, |
| 12914 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12915 | NL80211_FLAG_NEED_RTNL | |
| 12916 | NL80211_FLAG_CLEAR_SKB, |
| 12917 | }, |
| 12918 | { |
| 12919 | .cmd = NL80211_CMD_UPDATE_CONNECT_PARAMS, |
| 12920 | .doit = nl80211_update_connect_params, |
| 12921 | .policy = nl80211_policy, |
| 12922 | .flags = GENL_ADMIN_PERM, |
| 12923 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12924 | NL80211_FLAG_NEED_RTNL | |
| 12925 | NL80211_FLAG_CLEAR_SKB, |
| 12926 | }, |
| 12927 | { |
| 12928 | .cmd = NL80211_CMD_DISCONNECT, |
| 12929 | .doit = nl80211_disconnect, |
| 12930 | .policy = nl80211_policy, |
| 12931 | .flags = GENL_UNS_ADMIN_PERM, |
| 12932 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12933 | NL80211_FLAG_NEED_RTNL, |
| 12934 | }, |
| 12935 | { |
| 12936 | .cmd = NL80211_CMD_SET_WIPHY_NETNS, |
| 12937 | .doit = nl80211_wiphy_netns, |
| 12938 | .policy = nl80211_policy, |
| 12939 | .flags = GENL_UNS_ADMIN_PERM, |
| 12940 | .internal_flags = NL80211_FLAG_NEED_WIPHY | |
| 12941 | NL80211_FLAG_NEED_RTNL, |
| 12942 | }, |
| 12943 | { |
| 12944 | .cmd = NL80211_CMD_GET_SURVEY, |
| 12945 | .policy = nl80211_policy, |
| 12946 | .dumpit = nl80211_dump_survey, |
| 12947 | }, |
| 12948 | { |
| 12949 | .cmd = NL80211_CMD_SET_PMKSA, |
| 12950 | .doit = nl80211_setdel_pmksa, |
| 12951 | .policy = nl80211_policy, |
| 12952 | .flags = GENL_UNS_ADMIN_PERM, |
| 12953 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12954 | NL80211_FLAG_NEED_RTNL | |
| 12955 | NL80211_FLAG_CLEAR_SKB, |
| 12956 | }, |
| 12957 | { |
| 12958 | .cmd = NL80211_CMD_DEL_PMKSA, |
| 12959 | .doit = nl80211_setdel_pmksa, |
| 12960 | .policy = nl80211_policy, |
| 12961 | .flags = GENL_UNS_ADMIN_PERM, |
| 12962 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12963 | NL80211_FLAG_NEED_RTNL, |
| 12964 | }, |
| 12965 | { |
| 12966 | .cmd = NL80211_CMD_FLUSH_PMKSA, |
| 12967 | .doit = nl80211_flush_pmksa, |
| 12968 | .policy = nl80211_policy, |
| 12969 | .flags = GENL_UNS_ADMIN_PERM, |
| 12970 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 12971 | NL80211_FLAG_NEED_RTNL, |
| 12972 | }, |
| 12973 | { |
| 12974 | .cmd = NL80211_CMD_REMAIN_ON_CHANNEL, |
| 12975 | .doit = nl80211_remain_on_channel, |
| 12976 | .policy = nl80211_policy, |
| 12977 | .flags = GENL_UNS_ADMIN_PERM, |
| 12978 | .internal_flags = NL80211_FLAG_NEED_WDEV_UP | |
| 12979 | NL80211_FLAG_NEED_RTNL, |
| 12980 | }, |
| 12981 | { |
| 12982 | .cmd = NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL, |
| 12983 | .doit = nl80211_cancel_remain_on_channel, |
| 12984 | .policy = nl80211_policy, |
| 12985 | .flags = GENL_UNS_ADMIN_PERM, |
| 12986 | .internal_flags = NL80211_FLAG_NEED_WDEV_UP | |
| 12987 | NL80211_FLAG_NEED_RTNL, |
| 12988 | }, |
| 12989 | { |
| 12990 | .cmd = NL80211_CMD_SET_TX_BITRATE_MASK, |
| 12991 | .doit = nl80211_set_tx_bitrate_mask, |
| 12992 | .policy = nl80211_policy, |
| 12993 | .flags = GENL_UNS_ADMIN_PERM, |
| 12994 | .internal_flags = NL80211_FLAG_NEED_NETDEV | |
| 12995 | NL80211_FLAG_NEED_RTNL, |
| 12996 | }, |
| 12997 | { |
| 12998 | .cmd = NL80211_CMD_REGISTER_FRAME, |
| 12999 | .doit = nl80211_register_mgmt, |
| 13000 | .policy = nl80211_policy, |
| 13001 | .flags = GENL_UNS_ADMIN_PERM, |
| 13002 | .internal_flags = NL80211_FLAG_NEED_WDEV | |
| 13003 | NL80211_FLAG_NEED_RTNL, |
| 13004 | }, |
| 13005 | { |
| 13006 | .cmd = NL80211_CMD_FRAME, |
| 13007 | .doit = nl80211_tx_mgmt, |
| 13008 | .policy = nl80211_policy, |
| 13009 | .flags = GENL_UNS_ADMIN_PERM, |
| 13010 | .internal_flags = NL80211_FLAG_NEED_WDEV_UP | |
| 13011 | NL80211_FLAG_NEED_RTNL, |
| 13012 | }, |
| 13013 | { |
| 13014 | .cmd = NL80211_CMD_FRAME_WAIT_CANCEL, |
| 13015 | .doit = nl80211_tx_mgmt_cancel_wait, |
| 13016 | .policy = nl80211_policy, |
| 13017 | .flags = GENL_UNS_ADMIN_PERM, |
| 13018 | .internal_flags = NL80211_FLAG_NEED_WDEV_UP | |
| 13019 | NL80211_FLAG_NEED_RTNL, |
| 13020 | }, |
| 13021 | { |
| 13022 | .cmd = NL80211_CMD_SET_POWER_SAVE, |
| 13023 | .doit = nl80211_set_power_save, |
| 13024 | .policy = nl80211_policy, |
| 13025 | .flags = GENL_UNS_ADMIN_PERM, |
| 13026 | .internal_flags = NL80211_FLAG_NEED_NETDEV | |
| 13027 | NL80211_FLAG_NEED_RTNL, |
| 13028 | }, |
| 13029 | { |
| 13030 | .cmd = NL80211_CMD_GET_POWER_SAVE, |
| 13031 | .doit = nl80211_get_power_save, |
| 13032 | .policy = nl80211_policy, |
| 13033 | /* can be retrieved by unprivileged users */ |
| 13034 | .internal_flags = NL80211_FLAG_NEED_NETDEV | |
| 13035 | NL80211_FLAG_NEED_RTNL, |
| 13036 | }, |
| 13037 | { |
| 13038 | .cmd = NL80211_CMD_SET_CQM, |
| 13039 | .doit = nl80211_set_cqm, |
| 13040 | .policy = nl80211_policy, |
| 13041 | .flags = GENL_UNS_ADMIN_PERM, |
| 13042 | .internal_flags = NL80211_FLAG_NEED_NETDEV | |
| 13043 | NL80211_FLAG_NEED_RTNL, |
| 13044 | }, |
| 13045 | { |
| 13046 | .cmd = NL80211_CMD_SET_CHANNEL, |
| 13047 | .doit = nl80211_set_channel, |
| 13048 | .policy = nl80211_policy, |
| 13049 | .flags = GENL_UNS_ADMIN_PERM, |
| 13050 | .internal_flags = NL80211_FLAG_NEED_NETDEV | |
| 13051 | NL80211_FLAG_NEED_RTNL, |
| 13052 | }, |
| 13053 | { |
| 13054 | .cmd = NL80211_CMD_SET_WDS_PEER, |
| 13055 | .doit = nl80211_set_wds_peer, |
| 13056 | .policy = nl80211_policy, |
| 13057 | .flags = GENL_UNS_ADMIN_PERM, |
| 13058 | .internal_flags = NL80211_FLAG_NEED_NETDEV | |
| 13059 | NL80211_FLAG_NEED_RTNL, |
| 13060 | }, |
| 13061 | { |
| 13062 | .cmd = NL80211_CMD_JOIN_MESH, |
| 13063 | .doit = nl80211_join_mesh, |
| 13064 | .policy = nl80211_policy, |
| 13065 | .flags = GENL_UNS_ADMIN_PERM, |
| 13066 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 13067 | NL80211_FLAG_NEED_RTNL, |
| 13068 | }, |
| 13069 | { |
| 13070 | .cmd = NL80211_CMD_LEAVE_MESH, |
| 13071 | .doit = nl80211_leave_mesh, |
| 13072 | .policy = nl80211_policy, |
| 13073 | .flags = GENL_UNS_ADMIN_PERM, |
| 13074 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 13075 | NL80211_FLAG_NEED_RTNL, |
| 13076 | }, |
| 13077 | { |
| 13078 | .cmd = NL80211_CMD_JOIN_OCB, |
| 13079 | .doit = nl80211_join_ocb, |
| 13080 | .policy = nl80211_policy, |
| 13081 | .flags = GENL_UNS_ADMIN_PERM, |
| 13082 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 13083 | NL80211_FLAG_NEED_RTNL, |
| 13084 | }, |
| 13085 | { |
| 13086 | .cmd = NL80211_CMD_LEAVE_OCB, |
| 13087 | .doit = nl80211_leave_ocb, |
| 13088 | .policy = nl80211_policy, |
| 13089 | .flags = GENL_UNS_ADMIN_PERM, |
| 13090 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 13091 | NL80211_FLAG_NEED_RTNL, |
| 13092 | }, |
| 13093 | #ifdef CONFIG_PM |
| 13094 | { |
| 13095 | .cmd = NL80211_CMD_GET_WOWLAN, |
| 13096 | .doit = nl80211_get_wowlan, |
| 13097 | .policy = nl80211_policy, |
| 13098 | /* can be retrieved by unprivileged users */ |
| 13099 | .internal_flags = NL80211_FLAG_NEED_WIPHY | |
| 13100 | NL80211_FLAG_NEED_RTNL, |
| 13101 | }, |
| 13102 | { |
| 13103 | .cmd = NL80211_CMD_SET_WOWLAN, |
| 13104 | .doit = nl80211_set_wowlan, |
| 13105 | .policy = nl80211_policy, |
| 13106 | .flags = GENL_UNS_ADMIN_PERM, |
| 13107 | .internal_flags = NL80211_FLAG_NEED_WIPHY | |
| 13108 | NL80211_FLAG_NEED_RTNL, |
| 13109 | }, |
| 13110 | #endif |
| 13111 | { |
| 13112 | .cmd = NL80211_CMD_SET_REKEY_OFFLOAD, |
| 13113 | .doit = nl80211_set_rekey_data, |
| 13114 | .policy = nl80211_policy, |
| 13115 | .flags = GENL_UNS_ADMIN_PERM, |
| 13116 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 13117 | NL80211_FLAG_NEED_RTNL | |
| 13118 | NL80211_FLAG_CLEAR_SKB, |
| 13119 | }, |
| 13120 | { |
| 13121 | .cmd = NL80211_CMD_TDLS_MGMT, |
| 13122 | .doit = nl80211_tdls_mgmt, |
| 13123 | .policy = nl80211_policy, |
| 13124 | .flags = GENL_UNS_ADMIN_PERM, |
| 13125 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 13126 | NL80211_FLAG_NEED_RTNL, |
| 13127 | }, |
| 13128 | { |
| 13129 | .cmd = NL80211_CMD_TDLS_OPER, |
| 13130 | .doit = nl80211_tdls_oper, |
| 13131 | .policy = nl80211_policy, |
| 13132 | .flags = GENL_UNS_ADMIN_PERM, |
| 13133 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 13134 | NL80211_FLAG_NEED_RTNL, |
| 13135 | }, |
| 13136 | { |
| 13137 | .cmd = NL80211_CMD_UNEXPECTED_FRAME, |
| 13138 | .doit = nl80211_register_unexpected_frame, |
| 13139 | .policy = nl80211_policy, |
| 13140 | .flags = GENL_UNS_ADMIN_PERM, |
| 13141 | .internal_flags = NL80211_FLAG_NEED_NETDEV | |
| 13142 | NL80211_FLAG_NEED_RTNL, |
| 13143 | }, |
| 13144 | { |
| 13145 | .cmd = NL80211_CMD_PROBE_CLIENT, |
| 13146 | .doit = nl80211_probe_client, |
| 13147 | .policy = nl80211_policy, |
| 13148 | .flags = GENL_UNS_ADMIN_PERM, |
| 13149 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 13150 | NL80211_FLAG_NEED_RTNL, |
| 13151 | }, |
| 13152 | { |
| 13153 | .cmd = NL80211_CMD_REGISTER_BEACONS, |
| 13154 | .doit = nl80211_register_beacons, |
| 13155 | .policy = nl80211_policy, |
| 13156 | .flags = GENL_UNS_ADMIN_PERM, |
| 13157 | .internal_flags = NL80211_FLAG_NEED_WIPHY | |
| 13158 | NL80211_FLAG_NEED_RTNL, |
| 13159 | }, |
| 13160 | { |
| 13161 | .cmd = NL80211_CMD_SET_NOACK_MAP, |
| 13162 | .doit = nl80211_set_noack_map, |
| 13163 | .policy = nl80211_policy, |
| 13164 | .flags = GENL_UNS_ADMIN_PERM, |
| 13165 | .internal_flags = NL80211_FLAG_NEED_NETDEV | |
| 13166 | NL80211_FLAG_NEED_RTNL, |
| 13167 | }, |
| 13168 | { |
| 13169 | .cmd = NL80211_CMD_START_P2P_DEVICE, |
| 13170 | .doit = nl80211_start_p2p_device, |
| 13171 | .policy = nl80211_policy, |
| 13172 | .flags = GENL_UNS_ADMIN_PERM, |
| 13173 | .internal_flags = NL80211_FLAG_NEED_WDEV | |
| 13174 | NL80211_FLAG_NEED_RTNL, |
| 13175 | }, |
| 13176 | { |
| 13177 | .cmd = NL80211_CMD_STOP_P2P_DEVICE, |
| 13178 | .doit = nl80211_stop_p2p_device, |
| 13179 | .policy = nl80211_policy, |
| 13180 | .flags = GENL_UNS_ADMIN_PERM, |
| 13181 | .internal_flags = NL80211_FLAG_NEED_WDEV_UP | |
| 13182 | NL80211_FLAG_NEED_RTNL, |
| 13183 | }, |
| 13184 | { |
| 13185 | .cmd = NL80211_CMD_START_NAN, |
| 13186 | .doit = nl80211_start_nan, |
| 13187 | .policy = nl80211_policy, |
| 13188 | .flags = GENL_ADMIN_PERM, |
| 13189 | .internal_flags = NL80211_FLAG_NEED_WDEV | |
| 13190 | NL80211_FLAG_NEED_RTNL, |
| 13191 | }, |
| 13192 | { |
| 13193 | .cmd = NL80211_CMD_STOP_NAN, |
| 13194 | .doit = nl80211_stop_nan, |
| 13195 | .policy = nl80211_policy, |
| 13196 | .flags = GENL_ADMIN_PERM, |
| 13197 | .internal_flags = NL80211_FLAG_NEED_WDEV_UP | |
| 13198 | NL80211_FLAG_NEED_RTNL, |
| 13199 | }, |
| 13200 | { |
| 13201 | .cmd = NL80211_CMD_ADD_NAN_FUNCTION, |
| 13202 | .doit = nl80211_nan_add_func, |
| 13203 | .policy = nl80211_policy, |
| 13204 | .flags = GENL_ADMIN_PERM, |
| 13205 | .internal_flags = NL80211_FLAG_NEED_WDEV_UP | |
| 13206 | NL80211_FLAG_NEED_RTNL, |
| 13207 | }, |
| 13208 | { |
| 13209 | .cmd = NL80211_CMD_DEL_NAN_FUNCTION, |
| 13210 | .doit = nl80211_nan_del_func, |
| 13211 | .policy = nl80211_policy, |
| 13212 | .flags = GENL_ADMIN_PERM, |
| 13213 | .internal_flags = NL80211_FLAG_NEED_WDEV_UP | |
| 13214 | NL80211_FLAG_NEED_RTNL, |
| 13215 | }, |
| 13216 | { |
| 13217 | .cmd = NL80211_CMD_CHANGE_NAN_CONFIG, |
| 13218 | .doit = nl80211_nan_change_config, |
| 13219 | .policy = nl80211_policy, |
| 13220 | .flags = GENL_ADMIN_PERM, |
| 13221 | .internal_flags = NL80211_FLAG_NEED_WDEV_UP | |
| 13222 | NL80211_FLAG_NEED_RTNL, |
| 13223 | }, |
| 13224 | { |
| 13225 | .cmd = NL80211_CMD_SET_MCAST_RATE, |
| 13226 | .doit = nl80211_set_mcast_rate, |
| 13227 | .policy = nl80211_policy, |
| 13228 | .flags = GENL_UNS_ADMIN_PERM, |
| 13229 | .internal_flags = NL80211_FLAG_NEED_NETDEV | |
| 13230 | NL80211_FLAG_NEED_RTNL, |
| 13231 | }, |
| 13232 | { |
| 13233 | .cmd = NL80211_CMD_SET_MAC_ACL, |
| 13234 | .doit = nl80211_set_mac_acl, |
| 13235 | .policy = nl80211_policy, |
| 13236 | .flags = GENL_UNS_ADMIN_PERM, |
| 13237 | .internal_flags = NL80211_FLAG_NEED_NETDEV | |
| 13238 | NL80211_FLAG_NEED_RTNL, |
| 13239 | }, |
| 13240 | { |
| 13241 | .cmd = NL80211_CMD_RADAR_DETECT, |
| 13242 | .doit = nl80211_start_radar_detection, |
| 13243 | .policy = nl80211_policy, |
| 13244 | .flags = GENL_UNS_ADMIN_PERM, |
| 13245 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 13246 | NL80211_FLAG_NEED_RTNL, |
| 13247 | }, |
| 13248 | { |
| 13249 | .cmd = NL80211_CMD_GET_PROTOCOL_FEATURES, |
| 13250 | .doit = nl80211_get_protocol_features, |
| 13251 | .policy = nl80211_policy, |
| 13252 | }, |
| 13253 | { |
| 13254 | .cmd = NL80211_CMD_UPDATE_FT_IES, |
| 13255 | .doit = nl80211_update_ft_ies, |
| 13256 | .policy = nl80211_policy, |
| 13257 | .flags = GENL_UNS_ADMIN_PERM, |
| 13258 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 13259 | NL80211_FLAG_NEED_RTNL, |
| 13260 | }, |
| 13261 | { |
| 13262 | .cmd = NL80211_CMD_CRIT_PROTOCOL_START, |
| 13263 | .doit = nl80211_crit_protocol_start, |
| 13264 | .policy = nl80211_policy, |
| 13265 | .flags = GENL_UNS_ADMIN_PERM, |
| 13266 | .internal_flags = NL80211_FLAG_NEED_WDEV_UP | |
| 13267 | NL80211_FLAG_NEED_RTNL, |
| 13268 | }, |
| 13269 | { |
| 13270 | .cmd = NL80211_CMD_CRIT_PROTOCOL_STOP, |
| 13271 | .doit = nl80211_crit_protocol_stop, |
| 13272 | .policy = nl80211_policy, |
| 13273 | .flags = GENL_UNS_ADMIN_PERM, |
| 13274 | .internal_flags = NL80211_FLAG_NEED_WDEV_UP | |
| 13275 | NL80211_FLAG_NEED_RTNL, |
| 13276 | }, |
| 13277 | { |
| 13278 | .cmd = NL80211_CMD_GET_COALESCE, |
| 13279 | .doit = nl80211_get_coalesce, |
| 13280 | .policy = nl80211_policy, |
| 13281 | .internal_flags = NL80211_FLAG_NEED_WIPHY | |
| 13282 | NL80211_FLAG_NEED_RTNL, |
| 13283 | }, |
| 13284 | { |
| 13285 | .cmd = NL80211_CMD_SET_COALESCE, |
| 13286 | .doit = nl80211_set_coalesce, |
| 13287 | .policy = nl80211_policy, |
| 13288 | .flags = GENL_UNS_ADMIN_PERM, |
| 13289 | .internal_flags = NL80211_FLAG_NEED_WIPHY | |
| 13290 | NL80211_FLAG_NEED_RTNL, |
| 13291 | }, |
| 13292 | { |
| 13293 | .cmd = NL80211_CMD_CHANNEL_SWITCH, |
| 13294 | .doit = nl80211_channel_switch, |
| 13295 | .policy = nl80211_policy, |
| 13296 | .flags = GENL_UNS_ADMIN_PERM, |
| 13297 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 13298 | NL80211_FLAG_NEED_RTNL, |
| 13299 | }, |
| 13300 | { |
| 13301 | .cmd = NL80211_CMD_VENDOR, |
| 13302 | .doit = nl80211_vendor_cmd, |
| 13303 | .dumpit = nl80211_vendor_cmd_dump, |
| 13304 | .policy = nl80211_policy, |
| 13305 | .flags = GENL_UNS_ADMIN_PERM, |
| 13306 | .internal_flags = NL80211_FLAG_NEED_WIPHY | |
| 13307 | NL80211_FLAG_NEED_RTNL | |
| 13308 | NL80211_FLAG_CLEAR_SKB, |
| 13309 | }, |
| 13310 | { |
| 13311 | .cmd = NL80211_CMD_SET_QOS_MAP, |
| 13312 | .doit = nl80211_set_qos_map, |
| 13313 | .policy = nl80211_policy, |
| 13314 | .flags = GENL_UNS_ADMIN_PERM, |
| 13315 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 13316 | NL80211_FLAG_NEED_RTNL, |
| 13317 | }, |
| 13318 | { |
| 13319 | .cmd = NL80211_CMD_ADD_TX_TS, |
| 13320 | .doit = nl80211_add_tx_ts, |
| 13321 | .policy = nl80211_policy, |
| 13322 | .flags = GENL_UNS_ADMIN_PERM, |
| 13323 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 13324 | NL80211_FLAG_NEED_RTNL, |
| 13325 | }, |
| 13326 | { |
| 13327 | .cmd = NL80211_CMD_DEL_TX_TS, |
| 13328 | .doit = nl80211_del_tx_ts, |
| 13329 | .policy = nl80211_policy, |
| 13330 | .flags = GENL_UNS_ADMIN_PERM, |
| 13331 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 13332 | NL80211_FLAG_NEED_RTNL, |
| 13333 | }, |
| 13334 | { |
| 13335 | .cmd = NL80211_CMD_TDLS_CHANNEL_SWITCH, |
| 13336 | .doit = nl80211_tdls_channel_switch, |
| 13337 | .policy = nl80211_policy, |
| 13338 | .flags = GENL_UNS_ADMIN_PERM, |
| 13339 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 13340 | NL80211_FLAG_NEED_RTNL, |
| 13341 | }, |
| 13342 | { |
| 13343 | .cmd = NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH, |
| 13344 | .doit = nl80211_tdls_cancel_channel_switch, |
| 13345 | .policy = nl80211_policy, |
| 13346 | .flags = GENL_UNS_ADMIN_PERM, |
| 13347 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 13348 | NL80211_FLAG_NEED_RTNL, |
| 13349 | }, |
| 13350 | { |
| 13351 | .cmd = NL80211_CMD_SET_MULTICAST_TO_UNICAST, |
| 13352 | .doit = nl80211_set_multicast_to_unicast, |
| 13353 | .policy = nl80211_policy, |
| 13354 | .flags = GENL_UNS_ADMIN_PERM, |
| 13355 | .internal_flags = NL80211_FLAG_NEED_NETDEV | |
| 13356 | NL80211_FLAG_NEED_RTNL, |
| 13357 | }, |
| 13358 | { |
| 13359 | .cmd = NL80211_CMD_SET_PMK, |
| 13360 | .doit = nl80211_set_pmk, |
| 13361 | .policy = nl80211_policy, |
| 13362 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 13363 | NL80211_FLAG_NEED_RTNL | |
| 13364 | NL80211_FLAG_CLEAR_SKB, |
| 13365 | }, |
| 13366 | { |
| 13367 | .cmd = NL80211_CMD_DEL_PMK, |
| 13368 | .doit = nl80211_del_pmk, |
| 13369 | .policy = nl80211_policy, |
| 13370 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 13371 | NL80211_FLAG_NEED_RTNL, |
| 13372 | }, |
| 13373 | { |
| 13374 | .cmd = NL80211_CMD_EXTERNAL_AUTH, |
| 13375 | .doit = nl80211_external_auth, |
| 13376 | .policy = nl80211_policy, |
| 13377 | .flags = GENL_ADMIN_PERM, |
| 13378 | .internal_flags = NL80211_FLAG_NEED_NETDEV_UP | |
| 13379 | NL80211_FLAG_NEED_RTNL, |
| 13380 | }, |
| 13381 | |
| 13382 | }; |
| 13383 | |
| 13384 | static struct genl_family nl80211_fam __ro_after_init = { |
| 13385 | .name = NL80211_GENL_NAME, /* have users key off the name instead */ |
| 13386 | .hdrsize = 0, /* no private header */ |
| 13387 | .version = 1, /* no particular meaning now */ |
| 13388 | .maxattr = NL80211_ATTR_MAX, |
| 13389 | .netnsok = true, |
| 13390 | .pre_doit = nl80211_pre_doit, |
| 13391 | .post_doit = nl80211_post_doit, |
| 13392 | .module = THIS_MODULE, |
| 13393 | .ops = nl80211_ops, |
| 13394 | .n_ops = ARRAY_SIZE(nl80211_ops), |
| 13395 | .mcgrps = nl80211_mcgrps, |
| 13396 | .n_mcgrps = ARRAY_SIZE(nl80211_mcgrps), |
| 13397 | }; |
| 13398 | |
| 13399 | /* notification functions */ |
| 13400 | |
| 13401 | void nl80211_notify_wiphy(struct cfg80211_registered_device *rdev, |
| 13402 | enum nl80211_commands cmd) |
| 13403 | { |
| 13404 | struct sk_buff *msg; |
| 13405 | struct nl80211_dump_wiphy_state state = {}; |
| 13406 | |
| 13407 | WARN_ON(cmd != NL80211_CMD_NEW_WIPHY && |
| 13408 | cmd != NL80211_CMD_DEL_WIPHY); |
| 13409 | |
| 13410 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); |
| 13411 | if (!msg) |
| 13412 | return; |
| 13413 | |
| 13414 | if (nl80211_send_wiphy(rdev, cmd, msg, 0, 0, 0, &state) < 0) { |
| 13415 | nlmsg_free(msg); |
| 13416 | return; |
| 13417 | } |
| 13418 | |
| 13419 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0, |
| 13420 | NL80211_MCGRP_CONFIG, GFP_KERNEL); |
| 13421 | } |
| 13422 | |
| 13423 | void nl80211_notify_iface(struct cfg80211_registered_device *rdev, |
| 13424 | struct wireless_dev *wdev, |
| 13425 | enum nl80211_commands cmd) |
| 13426 | { |
| 13427 | struct sk_buff *msg; |
| 13428 | |
| 13429 | WARN_ON(cmd != NL80211_CMD_NEW_INTERFACE && |
| 13430 | cmd != NL80211_CMD_DEL_INTERFACE); |
| 13431 | |
| 13432 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); |
| 13433 | if (!msg) |
| 13434 | return; |
| 13435 | |
| 13436 | if (nl80211_send_iface(msg, 0, 0, 0, rdev, wdev, |
| 13437 | cmd == NL80211_CMD_DEL_INTERFACE) < 0) { |
| 13438 | nlmsg_free(msg); |
| 13439 | return; |
| 13440 | } |
| 13441 | |
| 13442 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0, |
| 13443 | NL80211_MCGRP_CONFIG, GFP_KERNEL); |
| 13444 | } |
| 13445 | |
| 13446 | static int nl80211_add_scan_req(struct sk_buff *msg, |
| 13447 | struct cfg80211_registered_device *rdev) |
| 13448 | { |
| 13449 | struct cfg80211_scan_request *req = rdev->scan_req; |
| 13450 | struct nlattr *nest; |
| 13451 | int i; |
| 13452 | |
| 13453 | if (WARN_ON(!req)) |
| 13454 | return 0; |
| 13455 | |
| 13456 | nest = nla_nest_start(msg, NL80211_ATTR_SCAN_SSIDS); |
| 13457 | if (!nest) |
| 13458 | goto nla_put_failure; |
| 13459 | for (i = 0; i < req->n_ssids; i++) { |
| 13460 | if (nla_put(msg, i, req->ssids[i].ssid_len, req->ssids[i].ssid)) |
| 13461 | goto nla_put_failure; |
| 13462 | } |
| 13463 | nla_nest_end(msg, nest); |
| 13464 | |
| 13465 | nest = nla_nest_start(msg, NL80211_ATTR_SCAN_FREQUENCIES); |
| 13466 | if (!nest) |
| 13467 | goto nla_put_failure; |
| 13468 | for (i = 0; i < req->n_channels; i++) { |
| 13469 | if (nla_put_u32(msg, i, req->channels[i]->center_freq)) |
| 13470 | goto nla_put_failure; |
| 13471 | } |
| 13472 | nla_nest_end(msg, nest); |
| 13473 | |
| 13474 | if (req->ie && |
| 13475 | nla_put(msg, NL80211_ATTR_IE, req->ie_len, req->ie)) |
| 13476 | goto nla_put_failure; |
| 13477 | |
| 13478 | if (req->flags && |
| 13479 | nla_put_u32(msg, NL80211_ATTR_SCAN_FLAGS, req->flags)) |
| 13480 | goto nla_put_failure; |
| 13481 | |
| 13482 | if (req->info.scan_start_tsf && |
| 13483 | (nla_put_u64_64bit(msg, NL80211_ATTR_SCAN_START_TIME_TSF, |
| 13484 | req->info.scan_start_tsf, NL80211_BSS_PAD) || |
| 13485 | nla_put(msg, NL80211_ATTR_SCAN_START_TIME_TSF_BSSID, ETH_ALEN, |
| 13486 | req->info.tsf_bssid))) |
| 13487 | goto nla_put_failure; |
| 13488 | |
| 13489 | return 0; |
| 13490 | nla_put_failure: |
| 13491 | return -ENOBUFS; |
| 13492 | } |
| 13493 | |
| 13494 | static int nl80211_prep_scan_msg(struct sk_buff *msg, |
| 13495 | struct cfg80211_registered_device *rdev, |
| 13496 | struct wireless_dev *wdev, |
| 13497 | u32 portid, u32 seq, int flags, |
| 13498 | u32 cmd) |
| 13499 | { |
| 13500 | void *hdr; |
| 13501 | |
| 13502 | hdr = nl80211hdr_put(msg, portid, seq, flags, cmd); |
| 13503 | if (!hdr) |
| 13504 | return -1; |
| 13505 | |
| 13506 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 13507 | (wdev->netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX, |
| 13508 | wdev->netdev->ifindex)) || |
| 13509 | nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev), |
| 13510 | NL80211_ATTR_PAD)) |
| 13511 | goto nla_put_failure; |
| 13512 | |
| 13513 | /* ignore errors and send incomplete event anyway */ |
| 13514 | nl80211_add_scan_req(msg, rdev); |
| 13515 | |
| 13516 | genlmsg_end(msg, hdr); |
| 13517 | return 0; |
| 13518 | |
| 13519 | nla_put_failure: |
| 13520 | genlmsg_cancel(msg, hdr); |
| 13521 | return -EMSGSIZE; |
| 13522 | } |
| 13523 | |
| 13524 | static int |
| 13525 | nl80211_prep_sched_scan_msg(struct sk_buff *msg, |
| 13526 | struct cfg80211_sched_scan_request *req, u32 cmd) |
| 13527 | { |
| 13528 | void *hdr; |
| 13529 | |
| 13530 | hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); |
| 13531 | if (!hdr) |
| 13532 | return -1; |
| 13533 | |
| 13534 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, |
| 13535 | wiphy_to_rdev(req->wiphy)->wiphy_idx) || |
| 13536 | nla_put_u32(msg, NL80211_ATTR_IFINDEX, req->dev->ifindex) || |
| 13537 | nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, req->reqid, |
| 13538 | NL80211_ATTR_PAD)) |
| 13539 | goto nla_put_failure; |
| 13540 | |
| 13541 | genlmsg_end(msg, hdr); |
| 13542 | return 0; |
| 13543 | |
| 13544 | nla_put_failure: |
| 13545 | genlmsg_cancel(msg, hdr); |
| 13546 | return -EMSGSIZE; |
| 13547 | } |
| 13548 | |
| 13549 | void nl80211_send_scan_start(struct cfg80211_registered_device *rdev, |
| 13550 | struct wireless_dev *wdev) |
| 13551 | { |
| 13552 | struct sk_buff *msg; |
| 13553 | |
| 13554 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); |
| 13555 | if (!msg) |
| 13556 | return; |
| 13557 | |
| 13558 | if (nl80211_prep_scan_msg(msg, rdev, wdev, 0, 0, 0, |
| 13559 | NL80211_CMD_TRIGGER_SCAN) < 0) { |
| 13560 | nlmsg_free(msg); |
| 13561 | return; |
| 13562 | } |
| 13563 | |
| 13564 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0, |
| 13565 | NL80211_MCGRP_SCAN, GFP_KERNEL); |
| 13566 | } |
| 13567 | |
| 13568 | struct sk_buff *nl80211_build_scan_msg(struct cfg80211_registered_device *rdev, |
| 13569 | struct wireless_dev *wdev, bool aborted) |
| 13570 | { |
| 13571 | struct sk_buff *msg; |
| 13572 | |
| 13573 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); |
| 13574 | if (!msg) |
| 13575 | return NULL; |
| 13576 | |
| 13577 | if (nl80211_prep_scan_msg(msg, rdev, wdev, 0, 0, 0, |
| 13578 | aborted ? NL80211_CMD_SCAN_ABORTED : |
| 13579 | NL80211_CMD_NEW_SCAN_RESULTS) < 0) { |
| 13580 | nlmsg_free(msg); |
| 13581 | return NULL; |
| 13582 | } |
| 13583 | |
| 13584 | return msg; |
| 13585 | } |
| 13586 | |
| 13587 | /* send message created by nl80211_build_scan_msg() */ |
| 13588 | void nl80211_send_scan_msg(struct cfg80211_registered_device *rdev, |
| 13589 | struct sk_buff *msg) |
| 13590 | { |
| 13591 | if (!msg) |
| 13592 | return; |
| 13593 | |
| 13594 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0, |
| 13595 | NL80211_MCGRP_SCAN, GFP_KERNEL); |
| 13596 | } |
| 13597 | |
| 13598 | void nl80211_send_sched_scan(struct cfg80211_sched_scan_request *req, u32 cmd) |
| 13599 | { |
| 13600 | struct sk_buff *msg; |
| 13601 | |
| 13602 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); |
| 13603 | if (!msg) |
| 13604 | return; |
| 13605 | |
| 13606 | if (nl80211_prep_sched_scan_msg(msg, req, cmd) < 0) { |
| 13607 | nlmsg_free(msg); |
| 13608 | return; |
| 13609 | } |
| 13610 | |
| 13611 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(req->wiphy), msg, 0, |
| 13612 | NL80211_MCGRP_SCAN, GFP_KERNEL); |
| 13613 | } |
| 13614 | |
| 13615 | static bool nl80211_reg_change_event_fill(struct sk_buff *msg, |
| 13616 | struct regulatory_request *request) |
| 13617 | { |
| 13618 | /* Userspace can always count this one always being set */ |
| 13619 | if (nla_put_u8(msg, NL80211_ATTR_REG_INITIATOR, request->initiator)) |
| 13620 | goto nla_put_failure; |
| 13621 | |
| 13622 | if (request->alpha2[0] == '0' && request->alpha2[1] == '0') { |
| 13623 | if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE, |
| 13624 | NL80211_REGDOM_TYPE_WORLD)) |
| 13625 | goto nla_put_failure; |
| 13626 | } else if (request->alpha2[0] == '9' && request->alpha2[1] == '9') { |
| 13627 | if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE, |
| 13628 | NL80211_REGDOM_TYPE_CUSTOM_WORLD)) |
| 13629 | goto nla_put_failure; |
| 13630 | } else if ((request->alpha2[0] == '9' && request->alpha2[1] == '8') || |
| 13631 | request->intersect) { |
| 13632 | if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE, |
| 13633 | NL80211_REGDOM_TYPE_INTERSECTION)) |
| 13634 | goto nla_put_failure; |
| 13635 | } else { |
| 13636 | if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE, |
| 13637 | NL80211_REGDOM_TYPE_COUNTRY) || |
| 13638 | nla_put_string(msg, NL80211_ATTR_REG_ALPHA2, |
| 13639 | request->alpha2)) |
| 13640 | goto nla_put_failure; |
| 13641 | } |
| 13642 | |
| 13643 | if (request->wiphy_idx != WIPHY_IDX_INVALID) { |
| 13644 | struct wiphy *wiphy = wiphy_idx_to_wiphy(request->wiphy_idx); |
| 13645 | |
| 13646 | if (wiphy && |
| 13647 | nla_put_u32(msg, NL80211_ATTR_WIPHY, request->wiphy_idx)) |
| 13648 | goto nla_put_failure; |
| 13649 | |
| 13650 | if (wiphy && |
| 13651 | wiphy->regulatory_flags & REGULATORY_WIPHY_SELF_MANAGED && |
| 13652 | nla_put_flag(msg, NL80211_ATTR_WIPHY_SELF_MANAGED_REG)) |
| 13653 | goto nla_put_failure; |
| 13654 | } |
| 13655 | |
| 13656 | return true; |
| 13657 | |
| 13658 | nla_put_failure: |
| 13659 | return false; |
| 13660 | } |
| 13661 | |
| 13662 | /* |
| 13663 | * This can happen on global regulatory changes or device specific settings |
| 13664 | * based on custom regulatory domains. |
| 13665 | */ |
| 13666 | void nl80211_common_reg_change_event(enum nl80211_commands cmd_id, |
| 13667 | struct regulatory_request *request) |
| 13668 | { |
| 13669 | struct sk_buff *msg; |
| 13670 | void *hdr; |
| 13671 | |
| 13672 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); |
| 13673 | if (!msg) |
| 13674 | return; |
| 13675 | |
| 13676 | hdr = nl80211hdr_put(msg, 0, 0, 0, cmd_id); |
| 13677 | if (!hdr) { |
| 13678 | nlmsg_free(msg); |
| 13679 | return; |
| 13680 | } |
| 13681 | |
| 13682 | if (nl80211_reg_change_event_fill(msg, request) == false) |
| 13683 | goto nla_put_failure; |
| 13684 | |
| 13685 | genlmsg_end(msg, hdr); |
| 13686 | |
| 13687 | rcu_read_lock(); |
| 13688 | genlmsg_multicast_allns(&nl80211_fam, msg, 0, |
| 13689 | NL80211_MCGRP_REGULATORY, GFP_ATOMIC); |
| 13690 | rcu_read_unlock(); |
| 13691 | |
| 13692 | return; |
| 13693 | |
| 13694 | nla_put_failure: |
| 13695 | genlmsg_cancel(msg, hdr); |
| 13696 | nlmsg_free(msg); |
| 13697 | } |
| 13698 | |
| 13699 | static void nl80211_send_mlme_event(struct cfg80211_registered_device *rdev, |
| 13700 | struct net_device *netdev, |
| 13701 | const u8 *buf, size_t len, |
| 13702 | enum nl80211_commands cmd, gfp_t gfp, |
| 13703 | int uapsd_queues) |
| 13704 | { |
| 13705 | struct sk_buff *msg; |
| 13706 | void *hdr; |
| 13707 | |
| 13708 | msg = nlmsg_new(100 + len, gfp); |
| 13709 | if (!msg) |
| 13710 | return; |
| 13711 | |
| 13712 | hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); |
| 13713 | if (!hdr) { |
| 13714 | nlmsg_free(msg); |
| 13715 | return; |
| 13716 | } |
| 13717 | |
| 13718 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 13719 | nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) || |
| 13720 | nla_put(msg, NL80211_ATTR_FRAME, len, buf)) |
| 13721 | goto nla_put_failure; |
| 13722 | |
| 13723 | if (uapsd_queues >= 0) { |
| 13724 | struct nlattr *nla_wmm = |
| 13725 | nla_nest_start(msg, NL80211_ATTR_STA_WME); |
| 13726 | if (!nla_wmm) |
| 13727 | goto nla_put_failure; |
| 13728 | |
| 13729 | if (nla_put_u8(msg, NL80211_STA_WME_UAPSD_QUEUES, |
| 13730 | uapsd_queues)) |
| 13731 | goto nla_put_failure; |
| 13732 | |
| 13733 | nla_nest_end(msg, nla_wmm); |
| 13734 | } |
| 13735 | |
| 13736 | genlmsg_end(msg, hdr); |
| 13737 | |
| 13738 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0, |
| 13739 | NL80211_MCGRP_MLME, gfp); |
| 13740 | return; |
| 13741 | |
| 13742 | nla_put_failure: |
| 13743 | genlmsg_cancel(msg, hdr); |
| 13744 | nlmsg_free(msg); |
| 13745 | } |
| 13746 | |
| 13747 | void nl80211_send_rx_auth(struct cfg80211_registered_device *rdev, |
| 13748 | struct net_device *netdev, const u8 *buf, |
| 13749 | size_t len, gfp_t gfp) |
| 13750 | { |
| 13751 | nl80211_send_mlme_event(rdev, netdev, buf, len, |
| 13752 | NL80211_CMD_AUTHENTICATE, gfp, -1); |
| 13753 | } |
| 13754 | |
| 13755 | void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev, |
| 13756 | struct net_device *netdev, const u8 *buf, |
| 13757 | size_t len, gfp_t gfp, int uapsd_queues) |
| 13758 | { |
| 13759 | nl80211_send_mlme_event(rdev, netdev, buf, len, |
| 13760 | NL80211_CMD_ASSOCIATE, gfp, uapsd_queues); |
| 13761 | } |
| 13762 | |
| 13763 | void nl80211_send_deauth(struct cfg80211_registered_device *rdev, |
| 13764 | struct net_device *netdev, const u8 *buf, |
| 13765 | size_t len, gfp_t gfp) |
| 13766 | { |
| 13767 | nl80211_send_mlme_event(rdev, netdev, buf, len, |
| 13768 | NL80211_CMD_DEAUTHENTICATE, gfp, -1); |
| 13769 | } |
| 13770 | |
| 13771 | void nl80211_send_disassoc(struct cfg80211_registered_device *rdev, |
| 13772 | struct net_device *netdev, const u8 *buf, |
| 13773 | size_t len, gfp_t gfp) |
| 13774 | { |
| 13775 | nl80211_send_mlme_event(rdev, netdev, buf, len, |
| 13776 | NL80211_CMD_DISASSOCIATE, gfp, -1); |
| 13777 | } |
| 13778 | |
| 13779 | void cfg80211_rx_unprot_mlme_mgmt(struct net_device *dev, const u8 *buf, |
| 13780 | size_t len) |
| 13781 | { |
| 13782 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 13783 | struct wiphy *wiphy = wdev->wiphy; |
| 13784 | struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); |
| 13785 | const struct ieee80211_mgmt *mgmt = (void *)buf; |
| 13786 | u32 cmd; |
| 13787 | |
| 13788 | if (WARN_ON(len < 2)) |
| 13789 | return; |
| 13790 | |
| 13791 | if (ieee80211_is_deauth(mgmt->frame_control)) |
| 13792 | cmd = NL80211_CMD_UNPROT_DEAUTHENTICATE; |
| 13793 | else |
| 13794 | cmd = NL80211_CMD_UNPROT_DISASSOCIATE; |
| 13795 | |
| 13796 | trace_cfg80211_rx_unprot_mlme_mgmt(dev, buf, len); |
| 13797 | nl80211_send_mlme_event(rdev, dev, buf, len, cmd, GFP_ATOMIC, -1); |
| 13798 | } |
| 13799 | EXPORT_SYMBOL(cfg80211_rx_unprot_mlme_mgmt); |
| 13800 | |
| 13801 | static void nl80211_send_mlme_timeout(struct cfg80211_registered_device *rdev, |
| 13802 | struct net_device *netdev, int cmd, |
| 13803 | const u8 *addr, gfp_t gfp) |
| 13804 | { |
| 13805 | struct sk_buff *msg; |
| 13806 | void *hdr; |
| 13807 | |
| 13808 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); |
| 13809 | if (!msg) |
| 13810 | return; |
| 13811 | |
| 13812 | hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); |
| 13813 | if (!hdr) { |
| 13814 | nlmsg_free(msg); |
| 13815 | return; |
| 13816 | } |
| 13817 | |
| 13818 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 13819 | nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) || |
| 13820 | nla_put_flag(msg, NL80211_ATTR_TIMED_OUT) || |
| 13821 | nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) |
| 13822 | goto nla_put_failure; |
| 13823 | |
| 13824 | genlmsg_end(msg, hdr); |
| 13825 | |
| 13826 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0, |
| 13827 | NL80211_MCGRP_MLME, gfp); |
| 13828 | return; |
| 13829 | |
| 13830 | nla_put_failure: |
| 13831 | genlmsg_cancel(msg, hdr); |
| 13832 | nlmsg_free(msg); |
| 13833 | } |
| 13834 | |
| 13835 | void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev, |
| 13836 | struct net_device *netdev, const u8 *addr, |
| 13837 | gfp_t gfp) |
| 13838 | { |
| 13839 | nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_AUTHENTICATE, |
| 13840 | addr, gfp); |
| 13841 | } |
| 13842 | |
| 13843 | void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev, |
| 13844 | struct net_device *netdev, const u8 *addr, |
| 13845 | gfp_t gfp) |
| 13846 | { |
| 13847 | nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_ASSOCIATE, |
| 13848 | addr, gfp); |
| 13849 | } |
| 13850 | |
| 13851 | void nl80211_send_connect_result(struct cfg80211_registered_device *rdev, |
| 13852 | struct net_device *netdev, |
| 13853 | struct cfg80211_connect_resp_params *cr, |
| 13854 | gfp_t gfp) |
| 13855 | { |
| 13856 | struct sk_buff *msg; |
| 13857 | void *hdr; |
| 13858 | |
| 13859 | msg = nlmsg_new(100 + cr->req_ie_len + cr->resp_ie_len + |
| 13860 | cr->fils_kek_len + cr->pmk_len + |
| 13861 | (cr->pmkid ? WLAN_PMKID_LEN : 0), gfp); |
| 13862 | if (!msg) |
| 13863 | return; |
| 13864 | |
| 13865 | hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONNECT); |
| 13866 | if (!hdr) { |
| 13867 | nlmsg_free(msg); |
| 13868 | return; |
| 13869 | } |
| 13870 | |
| 13871 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 13872 | nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) || |
| 13873 | (cr->bssid && |
| 13874 | nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, cr->bssid)) || |
| 13875 | nla_put_u16(msg, NL80211_ATTR_STATUS_CODE, |
| 13876 | cr->status < 0 ? WLAN_STATUS_UNSPECIFIED_FAILURE : |
| 13877 | cr->status) || |
| 13878 | (cr->status < 0 && |
| 13879 | (nla_put_flag(msg, NL80211_ATTR_TIMED_OUT) || |
| 13880 | nla_put_u32(msg, NL80211_ATTR_TIMEOUT_REASON, |
| 13881 | cr->timeout_reason))) || |
| 13882 | (cr->req_ie && |
| 13883 | nla_put(msg, NL80211_ATTR_REQ_IE, cr->req_ie_len, cr->req_ie)) || |
| 13884 | (cr->resp_ie && |
| 13885 | nla_put(msg, NL80211_ATTR_RESP_IE, cr->resp_ie_len, |
| 13886 | cr->resp_ie)) || |
| 13887 | (cr->update_erp_next_seq_num && |
| 13888 | nla_put_u16(msg, NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM, |
| 13889 | cr->fils_erp_next_seq_num)) || |
| 13890 | (cr->status == WLAN_STATUS_SUCCESS && |
| 13891 | ((cr->fils_kek && |
| 13892 | nla_put(msg, NL80211_ATTR_FILS_KEK, cr->fils_kek_len, |
| 13893 | cr->fils_kek)) || |
| 13894 | (cr->pmk && |
| 13895 | nla_put(msg, NL80211_ATTR_PMK, cr->pmk_len, cr->pmk)) || |
| 13896 | (cr->pmkid && |
| 13897 | nla_put(msg, NL80211_ATTR_PMKID, WLAN_PMKID_LEN, cr->pmkid))))) |
| 13898 | goto nla_put_failure; |
| 13899 | |
| 13900 | genlmsg_end(msg, hdr); |
| 13901 | |
| 13902 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0, |
| 13903 | NL80211_MCGRP_MLME, gfp); |
| 13904 | return; |
| 13905 | |
| 13906 | nla_put_failure: |
| 13907 | genlmsg_cancel(msg, hdr); |
| 13908 | nlmsg_free(msg); |
| 13909 | } |
| 13910 | |
| 13911 | void nl80211_send_roamed(struct cfg80211_registered_device *rdev, |
| 13912 | struct net_device *netdev, |
| 13913 | struct cfg80211_roam_info *info, gfp_t gfp) |
| 13914 | { |
| 13915 | struct sk_buff *msg; |
| 13916 | void *hdr; |
| 13917 | const u8 *bssid = info->bss ? info->bss->bssid : info->bssid; |
| 13918 | |
| 13919 | msg = nlmsg_new(100 + info->req_ie_len + info->resp_ie_len, gfp); |
| 13920 | if (!msg) |
| 13921 | return; |
| 13922 | |
| 13923 | hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_ROAM); |
| 13924 | if (!hdr) { |
| 13925 | nlmsg_free(msg); |
| 13926 | return; |
| 13927 | } |
| 13928 | |
| 13929 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 13930 | nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) || |
| 13931 | nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid) || |
| 13932 | (info->req_ie && |
| 13933 | nla_put(msg, NL80211_ATTR_REQ_IE, info->req_ie_len, |
| 13934 | info->req_ie)) || |
| 13935 | (info->resp_ie && |
| 13936 | nla_put(msg, NL80211_ATTR_RESP_IE, info->resp_ie_len, |
| 13937 | info->resp_ie)) || |
| 13938 | (info->authorized && |
| 13939 | nla_put_flag(msg, NL80211_ATTR_PORT_AUTHORIZED))) |
| 13940 | goto nla_put_failure; |
| 13941 | |
| 13942 | genlmsg_end(msg, hdr); |
| 13943 | |
| 13944 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0, |
| 13945 | NL80211_MCGRP_MLME, gfp); |
| 13946 | return; |
| 13947 | |
| 13948 | nla_put_failure: |
| 13949 | genlmsg_cancel(msg, hdr); |
| 13950 | nlmsg_free(msg); |
| 13951 | } |
| 13952 | |
| 13953 | void nl80211_send_disconnected(struct cfg80211_registered_device *rdev, |
| 13954 | struct net_device *netdev, u16 reason, |
| 13955 | const u8 *ie, size_t ie_len, bool from_ap) |
| 13956 | { |
| 13957 | struct sk_buff *msg; |
| 13958 | void *hdr; |
| 13959 | |
| 13960 | msg = nlmsg_new(100 + ie_len, GFP_KERNEL); |
| 13961 | if (!msg) |
| 13962 | return; |
| 13963 | |
| 13964 | hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DISCONNECT); |
| 13965 | if (!hdr) { |
| 13966 | nlmsg_free(msg); |
| 13967 | return; |
| 13968 | } |
| 13969 | |
| 13970 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 13971 | nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) || |
| 13972 | (from_ap && reason && |
| 13973 | nla_put_u16(msg, NL80211_ATTR_REASON_CODE, reason)) || |
| 13974 | (from_ap && |
| 13975 | nla_put_flag(msg, NL80211_ATTR_DISCONNECTED_BY_AP)) || |
| 13976 | (ie && nla_put(msg, NL80211_ATTR_IE, ie_len, ie))) |
| 13977 | goto nla_put_failure; |
| 13978 | |
| 13979 | genlmsg_end(msg, hdr); |
| 13980 | |
| 13981 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0, |
| 13982 | NL80211_MCGRP_MLME, GFP_KERNEL); |
| 13983 | return; |
| 13984 | |
| 13985 | nla_put_failure: |
| 13986 | genlmsg_cancel(msg, hdr); |
| 13987 | nlmsg_free(msg); |
| 13988 | } |
| 13989 | |
| 13990 | void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev, |
| 13991 | struct net_device *netdev, const u8 *bssid, |
| 13992 | gfp_t gfp) |
| 13993 | { |
| 13994 | struct sk_buff *msg; |
| 13995 | void *hdr; |
| 13996 | |
| 13997 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); |
| 13998 | if (!msg) |
| 13999 | return; |
| 14000 | |
| 14001 | hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_JOIN_IBSS); |
| 14002 | if (!hdr) { |
| 14003 | nlmsg_free(msg); |
| 14004 | return; |
| 14005 | } |
| 14006 | |
| 14007 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 14008 | nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) || |
| 14009 | nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid)) |
| 14010 | goto nla_put_failure; |
| 14011 | |
| 14012 | genlmsg_end(msg, hdr); |
| 14013 | |
| 14014 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0, |
| 14015 | NL80211_MCGRP_MLME, gfp); |
| 14016 | return; |
| 14017 | |
| 14018 | nla_put_failure: |
| 14019 | genlmsg_cancel(msg, hdr); |
| 14020 | nlmsg_free(msg); |
| 14021 | } |
| 14022 | |
| 14023 | void cfg80211_notify_new_peer_candidate(struct net_device *dev, const u8 *addr, |
| 14024 | const u8* ie, u8 ie_len, gfp_t gfp) |
| 14025 | { |
| 14026 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 14027 | struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); |
| 14028 | struct sk_buff *msg; |
| 14029 | void *hdr; |
| 14030 | |
| 14031 | if (WARN_ON(wdev->iftype != NL80211_IFTYPE_MESH_POINT)) |
| 14032 | return; |
| 14033 | |
| 14034 | trace_cfg80211_notify_new_peer_candidate(dev, addr); |
| 14035 | |
| 14036 | msg = nlmsg_new(100 + ie_len, gfp); |
| 14037 | if (!msg) |
| 14038 | return; |
| 14039 | |
| 14040 | hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NEW_PEER_CANDIDATE); |
| 14041 | if (!hdr) { |
| 14042 | nlmsg_free(msg); |
| 14043 | return; |
| 14044 | } |
| 14045 | |
| 14046 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 14047 | nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) || |
| 14048 | nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) || |
| 14049 | (ie_len && ie && |
| 14050 | nla_put(msg, NL80211_ATTR_IE, ie_len , ie))) |
| 14051 | goto nla_put_failure; |
| 14052 | |
| 14053 | genlmsg_end(msg, hdr); |
| 14054 | |
| 14055 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0, |
| 14056 | NL80211_MCGRP_MLME, gfp); |
| 14057 | return; |
| 14058 | |
| 14059 | nla_put_failure: |
| 14060 | genlmsg_cancel(msg, hdr); |
| 14061 | nlmsg_free(msg); |
| 14062 | } |
| 14063 | EXPORT_SYMBOL(cfg80211_notify_new_peer_candidate); |
| 14064 | |
| 14065 | void nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev, |
| 14066 | struct net_device *netdev, const u8 *addr, |
| 14067 | enum nl80211_key_type key_type, int key_id, |
| 14068 | const u8 *tsc, gfp_t gfp) |
| 14069 | { |
| 14070 | struct sk_buff *msg; |
| 14071 | void *hdr; |
| 14072 | |
| 14073 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); |
| 14074 | if (!msg) |
| 14075 | return; |
| 14076 | |
| 14077 | hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_MICHAEL_MIC_FAILURE); |
| 14078 | if (!hdr) { |
| 14079 | nlmsg_free(msg); |
| 14080 | return; |
| 14081 | } |
| 14082 | |
| 14083 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 14084 | nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) || |
| 14085 | (addr && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) || |
| 14086 | nla_put_u32(msg, NL80211_ATTR_KEY_TYPE, key_type) || |
| 14087 | (key_id != -1 && |
| 14088 | nla_put_u8(msg, NL80211_ATTR_KEY_IDX, key_id)) || |
| 14089 | (tsc && nla_put(msg, NL80211_ATTR_KEY_SEQ, 6, tsc))) |
| 14090 | goto nla_put_failure; |
| 14091 | |
| 14092 | genlmsg_end(msg, hdr); |
| 14093 | |
| 14094 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0, |
| 14095 | NL80211_MCGRP_MLME, gfp); |
| 14096 | return; |
| 14097 | |
| 14098 | nla_put_failure: |
| 14099 | genlmsg_cancel(msg, hdr); |
| 14100 | nlmsg_free(msg); |
| 14101 | } |
| 14102 | |
| 14103 | void nl80211_send_beacon_hint_event(struct wiphy *wiphy, |
| 14104 | struct ieee80211_channel *channel_before, |
| 14105 | struct ieee80211_channel *channel_after) |
| 14106 | { |
| 14107 | struct sk_buff *msg; |
| 14108 | void *hdr; |
| 14109 | struct nlattr *nl_freq; |
| 14110 | |
| 14111 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC); |
| 14112 | if (!msg) |
| 14113 | return; |
| 14114 | |
| 14115 | hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_BEACON_HINT); |
| 14116 | if (!hdr) { |
| 14117 | nlmsg_free(msg); |
| 14118 | return; |
| 14119 | } |
| 14120 | |
| 14121 | /* |
| 14122 | * Since we are applying the beacon hint to a wiphy we know its |
| 14123 | * wiphy_idx is valid |
| 14124 | */ |
| 14125 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy))) |
| 14126 | goto nla_put_failure; |
| 14127 | |
| 14128 | /* Before */ |
| 14129 | nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_BEFORE); |
| 14130 | if (!nl_freq) |
| 14131 | goto nla_put_failure; |
| 14132 | if (nl80211_msg_put_channel(msg, channel_before, false)) |
| 14133 | goto nla_put_failure; |
| 14134 | nla_nest_end(msg, nl_freq); |
| 14135 | |
| 14136 | /* After */ |
| 14137 | nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_AFTER); |
| 14138 | if (!nl_freq) |
| 14139 | goto nla_put_failure; |
| 14140 | if (nl80211_msg_put_channel(msg, channel_after, false)) |
| 14141 | goto nla_put_failure; |
| 14142 | nla_nest_end(msg, nl_freq); |
| 14143 | |
| 14144 | genlmsg_end(msg, hdr); |
| 14145 | |
| 14146 | rcu_read_lock(); |
| 14147 | genlmsg_multicast_allns(&nl80211_fam, msg, 0, |
| 14148 | NL80211_MCGRP_REGULATORY, GFP_ATOMIC); |
| 14149 | rcu_read_unlock(); |
| 14150 | |
| 14151 | return; |
| 14152 | |
| 14153 | nla_put_failure: |
| 14154 | genlmsg_cancel(msg, hdr); |
| 14155 | nlmsg_free(msg); |
| 14156 | } |
| 14157 | |
| 14158 | static void nl80211_send_remain_on_chan_event( |
| 14159 | int cmd, struct cfg80211_registered_device *rdev, |
| 14160 | struct wireless_dev *wdev, u64 cookie, |
| 14161 | struct ieee80211_channel *chan, |
| 14162 | unsigned int duration, gfp_t gfp) |
| 14163 | { |
| 14164 | struct sk_buff *msg; |
| 14165 | void *hdr; |
| 14166 | |
| 14167 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); |
| 14168 | if (!msg) |
| 14169 | return; |
| 14170 | |
| 14171 | hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); |
| 14172 | if (!hdr) { |
| 14173 | nlmsg_free(msg); |
| 14174 | return; |
| 14175 | } |
| 14176 | |
| 14177 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 14178 | (wdev->netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX, |
| 14179 | wdev->netdev->ifindex)) || |
| 14180 | nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev), |
| 14181 | NL80211_ATTR_PAD) || |
| 14182 | nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, chan->center_freq) || |
| 14183 | nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, |
| 14184 | NL80211_CHAN_NO_HT) || |
| 14185 | nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, cookie, |
| 14186 | NL80211_ATTR_PAD)) |
| 14187 | goto nla_put_failure; |
| 14188 | |
| 14189 | if (cmd == NL80211_CMD_REMAIN_ON_CHANNEL && |
| 14190 | nla_put_u32(msg, NL80211_ATTR_DURATION, duration)) |
| 14191 | goto nla_put_failure; |
| 14192 | |
| 14193 | genlmsg_end(msg, hdr); |
| 14194 | |
| 14195 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0, |
| 14196 | NL80211_MCGRP_MLME, gfp); |
| 14197 | return; |
| 14198 | |
| 14199 | nla_put_failure: |
| 14200 | genlmsg_cancel(msg, hdr); |
| 14201 | nlmsg_free(msg); |
| 14202 | } |
| 14203 | |
| 14204 | void cfg80211_ready_on_channel(struct wireless_dev *wdev, u64 cookie, |
| 14205 | struct ieee80211_channel *chan, |
| 14206 | unsigned int duration, gfp_t gfp) |
| 14207 | { |
| 14208 | struct wiphy *wiphy = wdev->wiphy; |
| 14209 | struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); |
| 14210 | |
| 14211 | trace_cfg80211_ready_on_channel(wdev, cookie, chan, duration); |
| 14212 | nl80211_send_remain_on_chan_event(NL80211_CMD_REMAIN_ON_CHANNEL, |
| 14213 | rdev, wdev, cookie, chan, |
| 14214 | duration, gfp); |
| 14215 | } |
| 14216 | EXPORT_SYMBOL(cfg80211_ready_on_channel); |
| 14217 | |
| 14218 | void cfg80211_remain_on_channel_expired(struct wireless_dev *wdev, u64 cookie, |
| 14219 | struct ieee80211_channel *chan, |
| 14220 | gfp_t gfp) |
| 14221 | { |
| 14222 | struct wiphy *wiphy = wdev->wiphy; |
| 14223 | struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); |
| 14224 | |
| 14225 | trace_cfg80211_ready_on_channel_expired(wdev, cookie, chan); |
| 14226 | nl80211_send_remain_on_chan_event(NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL, |
| 14227 | rdev, wdev, cookie, chan, 0, gfp); |
| 14228 | } |
| 14229 | EXPORT_SYMBOL(cfg80211_remain_on_channel_expired); |
| 14230 | |
| 14231 | void cfg80211_new_sta(struct net_device *dev, const u8 *mac_addr, |
| 14232 | struct station_info *sinfo, gfp_t gfp) |
| 14233 | { |
| 14234 | struct wiphy *wiphy = dev->ieee80211_ptr->wiphy; |
| 14235 | struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); |
| 14236 | struct sk_buff *msg; |
| 14237 | |
| 14238 | trace_cfg80211_new_sta(dev, mac_addr, sinfo); |
| 14239 | |
| 14240 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); |
| 14241 | if (!msg) |
| 14242 | return; |
| 14243 | |
| 14244 | if (nl80211_send_station(msg, NL80211_CMD_NEW_STATION, 0, 0, 0, |
| 14245 | rdev, dev, mac_addr, sinfo) < 0) { |
| 14246 | nlmsg_free(msg); |
| 14247 | return; |
| 14248 | } |
| 14249 | |
| 14250 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0, |
| 14251 | NL80211_MCGRP_MLME, gfp); |
| 14252 | } |
| 14253 | EXPORT_SYMBOL(cfg80211_new_sta); |
| 14254 | |
| 14255 | void cfg80211_del_sta_sinfo(struct net_device *dev, const u8 *mac_addr, |
| 14256 | struct station_info *sinfo, gfp_t gfp) |
| 14257 | { |
| 14258 | struct wiphy *wiphy = dev->ieee80211_ptr->wiphy; |
| 14259 | struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); |
| 14260 | struct sk_buff *msg; |
| 14261 | struct station_info empty_sinfo = {}; |
| 14262 | |
| 14263 | if (!sinfo) |
| 14264 | sinfo = &empty_sinfo; |
| 14265 | |
| 14266 | trace_cfg80211_del_sta(dev, mac_addr); |
| 14267 | |
| 14268 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); |
| 14269 | if (!msg) |
| 14270 | return; |
| 14271 | |
| 14272 | if (nl80211_send_station(msg, NL80211_CMD_DEL_STATION, 0, 0, 0, |
| 14273 | rdev, dev, mac_addr, sinfo) < 0) { |
| 14274 | nlmsg_free(msg); |
| 14275 | return; |
| 14276 | } |
| 14277 | |
| 14278 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0, |
| 14279 | NL80211_MCGRP_MLME, gfp); |
| 14280 | } |
| 14281 | EXPORT_SYMBOL(cfg80211_del_sta_sinfo); |
| 14282 | |
| 14283 | void cfg80211_conn_failed(struct net_device *dev, const u8 *mac_addr, |
| 14284 | enum nl80211_connect_failed_reason reason, |
| 14285 | gfp_t gfp) |
| 14286 | { |
| 14287 | struct wiphy *wiphy = dev->ieee80211_ptr->wiphy; |
| 14288 | struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); |
| 14289 | struct sk_buff *msg; |
| 14290 | void *hdr; |
| 14291 | |
| 14292 | msg = nlmsg_new(NLMSG_GOODSIZE, gfp); |
| 14293 | if (!msg) |
| 14294 | return; |
| 14295 | |
| 14296 | hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONN_FAILED); |
| 14297 | if (!hdr) { |
| 14298 | nlmsg_free(msg); |
| 14299 | return; |
| 14300 | } |
| 14301 | |
| 14302 | if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) || |
| 14303 | nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr) || |
| 14304 | nla_put_u32(msg, NL80211_ATTR_CONN_FAILED_REASON, reason)) |
| 14305 | goto nla_put_failure; |
| 14306 | |
| 14307 | genlmsg_end(msg, hdr); |
| 14308 | |
| 14309 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0, |
| 14310 | NL80211_MCGRP_MLME, gfp); |
| 14311 | return; |
| 14312 | |
| 14313 | nla_put_failure: |
| 14314 | genlmsg_cancel(msg, hdr); |
| 14315 | nlmsg_free(msg); |
| 14316 | } |
| 14317 | EXPORT_SYMBOL(cfg80211_conn_failed); |
| 14318 | |
| 14319 | static bool __nl80211_unexpected_frame(struct net_device *dev, u8 cmd, |
| 14320 | const u8 *addr, gfp_t gfp) |
| 14321 | { |
| 14322 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 14323 | struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); |
| 14324 | struct sk_buff *msg; |
| 14325 | void *hdr; |
| 14326 | u32 nlportid = ACCESS_ONCE(wdev->ap_unexpected_nlportid); |
| 14327 | |
| 14328 | if (!nlportid) |
| 14329 | return false; |
| 14330 | |
| 14331 | msg = nlmsg_new(100, gfp); |
| 14332 | if (!msg) |
| 14333 | return true; |
| 14334 | |
| 14335 | hdr = nl80211hdr_put(msg, 0, 0, 0, cmd); |
| 14336 | if (!hdr) { |
| 14337 | nlmsg_free(msg); |
| 14338 | return true; |
| 14339 | } |
| 14340 | |
| 14341 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 14342 | nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) || |
| 14343 | nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) |
| 14344 | goto nla_put_failure; |
| 14345 | |
| 14346 | genlmsg_end(msg, hdr); |
| 14347 | genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlportid); |
| 14348 | return true; |
| 14349 | |
| 14350 | nla_put_failure: |
| 14351 | genlmsg_cancel(msg, hdr); |
| 14352 | nlmsg_free(msg); |
| 14353 | return true; |
| 14354 | } |
| 14355 | |
| 14356 | bool cfg80211_rx_spurious_frame(struct net_device *dev, |
| 14357 | const u8 *addr, gfp_t gfp) |
| 14358 | { |
| 14359 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 14360 | bool ret; |
| 14361 | |
| 14362 | trace_cfg80211_rx_spurious_frame(dev, addr); |
| 14363 | |
| 14364 | if (WARN_ON(wdev->iftype != NL80211_IFTYPE_AP && |
| 14365 | wdev->iftype != NL80211_IFTYPE_P2P_GO)) { |
| 14366 | trace_cfg80211_return_bool(false); |
| 14367 | return false; |
| 14368 | } |
| 14369 | ret = __nl80211_unexpected_frame(dev, NL80211_CMD_UNEXPECTED_FRAME, |
| 14370 | addr, gfp); |
| 14371 | trace_cfg80211_return_bool(ret); |
| 14372 | return ret; |
| 14373 | } |
| 14374 | EXPORT_SYMBOL(cfg80211_rx_spurious_frame); |
| 14375 | |
| 14376 | bool cfg80211_rx_unexpected_4addr_frame(struct net_device *dev, |
| 14377 | const u8 *addr, gfp_t gfp) |
| 14378 | { |
| 14379 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 14380 | bool ret; |
| 14381 | |
| 14382 | trace_cfg80211_rx_unexpected_4addr_frame(dev, addr); |
| 14383 | |
| 14384 | if (WARN_ON(wdev->iftype != NL80211_IFTYPE_AP && |
| 14385 | wdev->iftype != NL80211_IFTYPE_P2P_GO && |
| 14386 | wdev->iftype != NL80211_IFTYPE_AP_VLAN)) { |
| 14387 | trace_cfg80211_return_bool(false); |
| 14388 | return false; |
| 14389 | } |
| 14390 | ret = __nl80211_unexpected_frame(dev, |
| 14391 | NL80211_CMD_UNEXPECTED_4ADDR_FRAME, |
| 14392 | addr, gfp); |
| 14393 | trace_cfg80211_return_bool(ret); |
| 14394 | return ret; |
| 14395 | } |
| 14396 | EXPORT_SYMBOL(cfg80211_rx_unexpected_4addr_frame); |
| 14397 | |
| 14398 | int nl80211_send_mgmt(struct cfg80211_registered_device *rdev, |
| 14399 | struct wireless_dev *wdev, u32 nlportid, |
| 14400 | int freq, int sig_dbm, |
| 14401 | const u8 *buf, size_t len, u32 flags, gfp_t gfp) |
| 14402 | { |
| 14403 | struct net_device *netdev = wdev->netdev; |
| 14404 | struct sk_buff *msg; |
| 14405 | void *hdr; |
| 14406 | |
| 14407 | msg = nlmsg_new(100 + len, gfp); |
| 14408 | if (!msg) |
| 14409 | return -ENOMEM; |
| 14410 | |
| 14411 | hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME); |
| 14412 | if (!hdr) { |
| 14413 | nlmsg_free(msg); |
| 14414 | return -ENOMEM; |
| 14415 | } |
| 14416 | |
| 14417 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 14418 | (netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX, |
| 14419 | netdev->ifindex)) || |
| 14420 | nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev), |
| 14421 | NL80211_ATTR_PAD) || |
| 14422 | nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq) || |
| 14423 | (sig_dbm && |
| 14424 | nla_put_u32(msg, NL80211_ATTR_RX_SIGNAL_DBM, sig_dbm)) || |
| 14425 | nla_put(msg, NL80211_ATTR_FRAME, len, buf) || |
| 14426 | (flags && |
| 14427 | nla_put_u32(msg, NL80211_ATTR_RXMGMT_FLAGS, flags))) |
| 14428 | goto nla_put_failure; |
| 14429 | |
| 14430 | genlmsg_end(msg, hdr); |
| 14431 | |
| 14432 | return genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlportid); |
| 14433 | |
| 14434 | nla_put_failure: |
| 14435 | genlmsg_cancel(msg, hdr); |
| 14436 | nlmsg_free(msg); |
| 14437 | return -ENOBUFS; |
| 14438 | } |
| 14439 | |
| 14440 | void cfg80211_mgmt_tx_status(struct wireless_dev *wdev, u64 cookie, |
| 14441 | const u8 *buf, size_t len, bool ack, gfp_t gfp) |
| 14442 | { |
| 14443 | struct wiphy *wiphy = wdev->wiphy; |
| 14444 | struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); |
| 14445 | struct net_device *netdev = wdev->netdev; |
| 14446 | struct sk_buff *msg; |
| 14447 | void *hdr; |
| 14448 | |
| 14449 | trace_cfg80211_mgmt_tx_status(wdev, cookie, ack); |
| 14450 | |
| 14451 | msg = nlmsg_new(100 + len, gfp); |
| 14452 | if (!msg) |
| 14453 | return; |
| 14454 | |
| 14455 | hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME_TX_STATUS); |
| 14456 | if (!hdr) { |
| 14457 | nlmsg_free(msg); |
| 14458 | return; |
| 14459 | } |
| 14460 | |
| 14461 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 14462 | (netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX, |
| 14463 | netdev->ifindex)) || |
| 14464 | nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev), |
| 14465 | NL80211_ATTR_PAD) || |
| 14466 | nla_put(msg, NL80211_ATTR_FRAME, len, buf) || |
| 14467 | nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, cookie, |
| 14468 | NL80211_ATTR_PAD) || |
| 14469 | (ack && nla_put_flag(msg, NL80211_ATTR_ACK))) |
| 14470 | goto nla_put_failure; |
| 14471 | |
| 14472 | genlmsg_end(msg, hdr); |
| 14473 | |
| 14474 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0, |
| 14475 | NL80211_MCGRP_MLME, gfp); |
| 14476 | return; |
| 14477 | |
| 14478 | nla_put_failure: |
| 14479 | genlmsg_cancel(msg, hdr); |
| 14480 | nlmsg_free(msg); |
| 14481 | } |
| 14482 | EXPORT_SYMBOL(cfg80211_mgmt_tx_status); |
| 14483 | |
| 14484 | static struct sk_buff *cfg80211_prepare_cqm(struct net_device *dev, |
| 14485 | const char *mac, gfp_t gfp) |
| 14486 | { |
| 14487 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 14488 | struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); |
| 14489 | struct sk_buff *msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); |
| 14490 | void **cb; |
| 14491 | |
| 14492 | if (!msg) |
| 14493 | return NULL; |
| 14494 | |
| 14495 | cb = (void **)msg->cb; |
| 14496 | |
| 14497 | cb[0] = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM); |
| 14498 | if (!cb[0]) { |
| 14499 | nlmsg_free(msg); |
| 14500 | return NULL; |
| 14501 | } |
| 14502 | |
| 14503 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 14504 | nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex)) |
| 14505 | goto nla_put_failure; |
| 14506 | |
| 14507 | if (mac && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac)) |
| 14508 | goto nla_put_failure; |
| 14509 | |
| 14510 | cb[1] = nla_nest_start(msg, NL80211_ATTR_CQM); |
| 14511 | if (!cb[1]) |
| 14512 | goto nla_put_failure; |
| 14513 | |
| 14514 | cb[2] = rdev; |
| 14515 | |
| 14516 | return msg; |
| 14517 | nla_put_failure: |
| 14518 | nlmsg_free(msg); |
| 14519 | return NULL; |
| 14520 | } |
| 14521 | |
| 14522 | static void cfg80211_send_cqm(struct sk_buff *msg, gfp_t gfp) |
| 14523 | { |
| 14524 | void **cb = (void **)msg->cb; |
| 14525 | struct cfg80211_registered_device *rdev = cb[2]; |
| 14526 | |
| 14527 | nla_nest_end(msg, cb[1]); |
| 14528 | genlmsg_end(msg, cb[0]); |
| 14529 | |
| 14530 | memset(msg->cb, 0, sizeof(msg->cb)); |
| 14531 | |
| 14532 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0, |
| 14533 | NL80211_MCGRP_MLME, gfp); |
| 14534 | } |
| 14535 | |
| 14536 | void cfg80211_cqm_rssi_notify(struct net_device *dev, |
| 14537 | enum nl80211_cqm_rssi_threshold_event rssi_event, |
| 14538 | s32 rssi_level, gfp_t gfp) |
| 14539 | { |
| 14540 | struct sk_buff *msg; |
| 14541 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 14542 | struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); |
| 14543 | |
| 14544 | trace_cfg80211_cqm_rssi_notify(dev, rssi_event, rssi_level); |
| 14545 | |
| 14546 | if (WARN_ON(rssi_event != NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW && |
| 14547 | rssi_event != NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH)) |
| 14548 | return; |
| 14549 | |
| 14550 | if (wdev->cqm_config) { |
| 14551 | wdev->cqm_config->last_rssi_event_value = rssi_level; |
| 14552 | |
| 14553 | cfg80211_cqm_rssi_update(rdev, dev); |
| 14554 | |
| 14555 | if (rssi_level == 0) |
| 14556 | rssi_level = wdev->cqm_config->last_rssi_event_value; |
| 14557 | } |
| 14558 | |
| 14559 | msg = cfg80211_prepare_cqm(dev, NULL, gfp); |
| 14560 | if (!msg) |
| 14561 | return; |
| 14562 | |
| 14563 | if (nla_put_u32(msg, NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT, |
| 14564 | rssi_event)) |
| 14565 | goto nla_put_failure; |
| 14566 | |
| 14567 | if (rssi_level && nla_put_s32(msg, NL80211_ATTR_CQM_RSSI_LEVEL, |
| 14568 | rssi_level)) |
| 14569 | goto nla_put_failure; |
| 14570 | |
| 14571 | cfg80211_send_cqm(msg, gfp); |
| 14572 | |
| 14573 | return; |
| 14574 | |
| 14575 | nla_put_failure: |
| 14576 | nlmsg_free(msg); |
| 14577 | } |
| 14578 | EXPORT_SYMBOL(cfg80211_cqm_rssi_notify); |
| 14579 | |
| 14580 | void cfg80211_cqm_txe_notify(struct net_device *dev, |
| 14581 | const u8 *peer, u32 num_packets, |
| 14582 | u32 rate, u32 intvl, gfp_t gfp) |
| 14583 | { |
| 14584 | struct sk_buff *msg; |
| 14585 | |
| 14586 | msg = cfg80211_prepare_cqm(dev, peer, gfp); |
| 14587 | if (!msg) |
| 14588 | return; |
| 14589 | |
| 14590 | if (nla_put_u32(msg, NL80211_ATTR_CQM_TXE_PKTS, num_packets)) |
| 14591 | goto nla_put_failure; |
| 14592 | |
| 14593 | if (nla_put_u32(msg, NL80211_ATTR_CQM_TXE_RATE, rate)) |
| 14594 | goto nla_put_failure; |
| 14595 | |
| 14596 | if (nla_put_u32(msg, NL80211_ATTR_CQM_TXE_INTVL, intvl)) |
| 14597 | goto nla_put_failure; |
| 14598 | |
| 14599 | cfg80211_send_cqm(msg, gfp); |
| 14600 | return; |
| 14601 | |
| 14602 | nla_put_failure: |
| 14603 | nlmsg_free(msg); |
| 14604 | } |
| 14605 | EXPORT_SYMBOL(cfg80211_cqm_txe_notify); |
| 14606 | |
| 14607 | void cfg80211_cqm_pktloss_notify(struct net_device *dev, |
| 14608 | const u8 *peer, u32 num_packets, gfp_t gfp) |
| 14609 | { |
| 14610 | struct sk_buff *msg; |
| 14611 | |
| 14612 | trace_cfg80211_cqm_pktloss_notify(dev, peer, num_packets); |
| 14613 | |
| 14614 | msg = cfg80211_prepare_cqm(dev, peer, gfp); |
| 14615 | if (!msg) |
| 14616 | return; |
| 14617 | |
| 14618 | if (nla_put_u32(msg, NL80211_ATTR_CQM_PKT_LOSS_EVENT, num_packets)) |
| 14619 | goto nla_put_failure; |
| 14620 | |
| 14621 | cfg80211_send_cqm(msg, gfp); |
| 14622 | return; |
| 14623 | |
| 14624 | nla_put_failure: |
| 14625 | nlmsg_free(msg); |
| 14626 | } |
| 14627 | EXPORT_SYMBOL(cfg80211_cqm_pktloss_notify); |
| 14628 | |
| 14629 | void cfg80211_cqm_beacon_loss_notify(struct net_device *dev, gfp_t gfp) |
| 14630 | { |
| 14631 | struct sk_buff *msg; |
| 14632 | |
| 14633 | msg = cfg80211_prepare_cqm(dev, NULL, gfp); |
| 14634 | if (!msg) |
| 14635 | return; |
| 14636 | |
| 14637 | if (nla_put_flag(msg, NL80211_ATTR_CQM_BEACON_LOSS_EVENT)) |
| 14638 | goto nla_put_failure; |
| 14639 | |
| 14640 | cfg80211_send_cqm(msg, gfp); |
| 14641 | return; |
| 14642 | |
| 14643 | nla_put_failure: |
| 14644 | nlmsg_free(msg); |
| 14645 | } |
| 14646 | EXPORT_SYMBOL(cfg80211_cqm_beacon_loss_notify); |
| 14647 | |
| 14648 | static void nl80211_gtk_rekey_notify(struct cfg80211_registered_device *rdev, |
| 14649 | struct net_device *netdev, const u8 *bssid, |
| 14650 | const u8 *replay_ctr, gfp_t gfp) |
| 14651 | { |
| 14652 | struct sk_buff *msg; |
| 14653 | struct nlattr *rekey_attr; |
| 14654 | void *hdr; |
| 14655 | |
| 14656 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); |
| 14657 | if (!msg) |
| 14658 | return; |
| 14659 | |
| 14660 | hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_SET_REKEY_OFFLOAD); |
| 14661 | if (!hdr) { |
| 14662 | nlmsg_free(msg); |
| 14663 | return; |
| 14664 | } |
| 14665 | |
| 14666 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 14667 | nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) || |
| 14668 | nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid)) |
| 14669 | goto nla_put_failure; |
| 14670 | |
| 14671 | rekey_attr = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA); |
| 14672 | if (!rekey_attr) |
| 14673 | goto nla_put_failure; |
| 14674 | |
| 14675 | if (nla_put(msg, NL80211_REKEY_DATA_REPLAY_CTR, |
| 14676 | NL80211_REPLAY_CTR_LEN, replay_ctr)) |
| 14677 | goto nla_put_failure; |
| 14678 | |
| 14679 | nla_nest_end(msg, rekey_attr); |
| 14680 | |
| 14681 | genlmsg_end(msg, hdr); |
| 14682 | |
| 14683 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0, |
| 14684 | NL80211_MCGRP_MLME, gfp); |
| 14685 | return; |
| 14686 | |
| 14687 | nla_put_failure: |
| 14688 | genlmsg_cancel(msg, hdr); |
| 14689 | nlmsg_free(msg); |
| 14690 | } |
| 14691 | |
| 14692 | void cfg80211_gtk_rekey_notify(struct net_device *dev, const u8 *bssid, |
| 14693 | const u8 *replay_ctr, gfp_t gfp) |
| 14694 | { |
| 14695 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 14696 | struct wiphy *wiphy = wdev->wiphy; |
| 14697 | struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); |
| 14698 | |
| 14699 | trace_cfg80211_gtk_rekey_notify(dev, bssid); |
| 14700 | nl80211_gtk_rekey_notify(rdev, dev, bssid, replay_ctr, gfp); |
| 14701 | } |
| 14702 | EXPORT_SYMBOL(cfg80211_gtk_rekey_notify); |
| 14703 | |
| 14704 | static void |
| 14705 | nl80211_pmksa_candidate_notify(struct cfg80211_registered_device *rdev, |
| 14706 | struct net_device *netdev, int index, |
| 14707 | const u8 *bssid, bool preauth, gfp_t gfp) |
| 14708 | { |
| 14709 | struct sk_buff *msg; |
| 14710 | struct nlattr *attr; |
| 14711 | void *hdr; |
| 14712 | |
| 14713 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); |
| 14714 | if (!msg) |
| 14715 | return; |
| 14716 | |
| 14717 | hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_PMKSA_CANDIDATE); |
| 14718 | if (!hdr) { |
| 14719 | nlmsg_free(msg); |
| 14720 | return; |
| 14721 | } |
| 14722 | |
| 14723 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 14724 | nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex)) |
| 14725 | goto nla_put_failure; |
| 14726 | |
| 14727 | attr = nla_nest_start(msg, NL80211_ATTR_PMKSA_CANDIDATE); |
| 14728 | if (!attr) |
| 14729 | goto nla_put_failure; |
| 14730 | |
| 14731 | if (nla_put_u32(msg, NL80211_PMKSA_CANDIDATE_INDEX, index) || |
| 14732 | nla_put(msg, NL80211_PMKSA_CANDIDATE_BSSID, ETH_ALEN, bssid) || |
| 14733 | (preauth && |
| 14734 | nla_put_flag(msg, NL80211_PMKSA_CANDIDATE_PREAUTH))) |
| 14735 | goto nla_put_failure; |
| 14736 | |
| 14737 | nla_nest_end(msg, attr); |
| 14738 | |
| 14739 | genlmsg_end(msg, hdr); |
| 14740 | |
| 14741 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0, |
| 14742 | NL80211_MCGRP_MLME, gfp); |
| 14743 | return; |
| 14744 | |
| 14745 | nla_put_failure: |
| 14746 | genlmsg_cancel(msg, hdr); |
| 14747 | nlmsg_free(msg); |
| 14748 | } |
| 14749 | |
| 14750 | void cfg80211_pmksa_candidate_notify(struct net_device *dev, int index, |
| 14751 | const u8 *bssid, bool preauth, gfp_t gfp) |
| 14752 | { |
| 14753 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 14754 | struct wiphy *wiphy = wdev->wiphy; |
| 14755 | struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); |
| 14756 | |
| 14757 | trace_cfg80211_pmksa_candidate_notify(dev, index, bssid, preauth); |
| 14758 | nl80211_pmksa_candidate_notify(rdev, dev, index, bssid, preauth, gfp); |
| 14759 | } |
| 14760 | EXPORT_SYMBOL(cfg80211_pmksa_candidate_notify); |
| 14761 | |
| 14762 | static void nl80211_ch_switch_notify(struct cfg80211_registered_device *rdev, |
| 14763 | struct net_device *netdev, |
| 14764 | struct cfg80211_chan_def *chandef, |
| 14765 | gfp_t gfp, |
| 14766 | enum nl80211_commands notif, |
| 14767 | u8 count) |
| 14768 | { |
| 14769 | struct sk_buff *msg; |
| 14770 | void *hdr; |
| 14771 | |
| 14772 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); |
| 14773 | if (!msg) |
| 14774 | return; |
| 14775 | |
| 14776 | hdr = nl80211hdr_put(msg, 0, 0, 0, notif); |
| 14777 | if (!hdr) { |
| 14778 | nlmsg_free(msg); |
| 14779 | return; |
| 14780 | } |
| 14781 | |
| 14782 | if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex)) |
| 14783 | goto nla_put_failure; |
| 14784 | |
| 14785 | if (nl80211_send_chandef(msg, chandef)) |
| 14786 | goto nla_put_failure; |
| 14787 | |
| 14788 | if ((notif == NL80211_CMD_CH_SWITCH_STARTED_NOTIFY) && |
| 14789 | (nla_put_u32(msg, NL80211_ATTR_CH_SWITCH_COUNT, count))) |
| 14790 | goto nla_put_failure; |
| 14791 | |
| 14792 | genlmsg_end(msg, hdr); |
| 14793 | |
| 14794 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0, |
| 14795 | NL80211_MCGRP_MLME, gfp); |
| 14796 | return; |
| 14797 | |
| 14798 | nla_put_failure: |
| 14799 | genlmsg_cancel(msg, hdr); |
| 14800 | nlmsg_free(msg); |
| 14801 | } |
| 14802 | |
| 14803 | void cfg80211_ch_switch_notify(struct net_device *dev, |
| 14804 | struct cfg80211_chan_def *chandef) |
| 14805 | { |
| 14806 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 14807 | struct wiphy *wiphy = wdev->wiphy; |
| 14808 | struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); |
| 14809 | |
| 14810 | ASSERT_WDEV_LOCK(wdev); |
| 14811 | |
| 14812 | trace_cfg80211_ch_switch_notify(dev, chandef); |
| 14813 | |
| 14814 | wdev->chandef = *chandef; |
| 14815 | wdev->preset_chandef = *chandef; |
| 14816 | |
| 14817 | if (wdev->iftype == NL80211_IFTYPE_STATION && |
| 14818 | !WARN_ON(!wdev->current_bss)) |
| 14819 | wdev->current_bss->pub.channel = chandef->chan; |
| 14820 | |
| 14821 | nl80211_ch_switch_notify(rdev, dev, chandef, GFP_KERNEL, |
| 14822 | NL80211_CMD_CH_SWITCH_NOTIFY, 0); |
| 14823 | } |
| 14824 | EXPORT_SYMBOL(cfg80211_ch_switch_notify); |
| 14825 | |
| 14826 | void cfg80211_ch_switch_started_notify(struct net_device *dev, |
| 14827 | struct cfg80211_chan_def *chandef, |
| 14828 | u8 count) |
| 14829 | { |
| 14830 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 14831 | struct wiphy *wiphy = wdev->wiphy; |
| 14832 | struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); |
| 14833 | |
| 14834 | trace_cfg80211_ch_switch_started_notify(dev, chandef); |
| 14835 | |
| 14836 | nl80211_ch_switch_notify(rdev, dev, chandef, GFP_KERNEL, |
| 14837 | NL80211_CMD_CH_SWITCH_STARTED_NOTIFY, count); |
| 14838 | } |
| 14839 | EXPORT_SYMBOL(cfg80211_ch_switch_started_notify); |
| 14840 | |
| 14841 | void |
| 14842 | nl80211_radar_notify(struct cfg80211_registered_device *rdev, |
| 14843 | const struct cfg80211_chan_def *chandef, |
| 14844 | enum nl80211_radar_event event, |
| 14845 | struct net_device *netdev, gfp_t gfp) |
| 14846 | { |
| 14847 | struct sk_buff *msg; |
| 14848 | void *hdr; |
| 14849 | |
| 14850 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); |
| 14851 | if (!msg) |
| 14852 | return; |
| 14853 | |
| 14854 | hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_RADAR_DETECT); |
| 14855 | if (!hdr) { |
| 14856 | nlmsg_free(msg); |
| 14857 | return; |
| 14858 | } |
| 14859 | |
| 14860 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx)) |
| 14861 | goto nla_put_failure; |
| 14862 | |
| 14863 | /* NOP and radar events don't need a netdev parameter */ |
| 14864 | if (netdev) { |
| 14865 | struct wireless_dev *wdev = netdev->ieee80211_ptr; |
| 14866 | |
| 14867 | if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) || |
| 14868 | nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev), |
| 14869 | NL80211_ATTR_PAD)) |
| 14870 | goto nla_put_failure; |
| 14871 | } |
| 14872 | |
| 14873 | if (nla_put_u32(msg, NL80211_ATTR_RADAR_EVENT, event)) |
| 14874 | goto nla_put_failure; |
| 14875 | |
| 14876 | if (nl80211_send_chandef(msg, chandef)) |
| 14877 | goto nla_put_failure; |
| 14878 | |
| 14879 | genlmsg_end(msg, hdr); |
| 14880 | |
| 14881 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0, |
| 14882 | NL80211_MCGRP_MLME, gfp); |
| 14883 | return; |
| 14884 | |
| 14885 | nla_put_failure: |
| 14886 | genlmsg_cancel(msg, hdr); |
| 14887 | nlmsg_free(msg); |
| 14888 | } |
| 14889 | |
| 14890 | void cfg80211_probe_status(struct net_device *dev, const u8 *addr, |
| 14891 | u64 cookie, bool acked, gfp_t gfp) |
| 14892 | { |
| 14893 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 14894 | struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); |
| 14895 | struct sk_buff *msg; |
| 14896 | void *hdr; |
| 14897 | |
| 14898 | trace_cfg80211_probe_status(dev, addr, cookie, acked); |
| 14899 | |
| 14900 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); |
| 14901 | |
| 14902 | if (!msg) |
| 14903 | return; |
| 14904 | |
| 14905 | hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_PROBE_CLIENT); |
| 14906 | if (!hdr) { |
| 14907 | nlmsg_free(msg); |
| 14908 | return; |
| 14909 | } |
| 14910 | |
| 14911 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 14912 | nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) || |
| 14913 | nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) || |
| 14914 | nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, cookie, |
| 14915 | NL80211_ATTR_PAD) || |
| 14916 | (acked && nla_put_flag(msg, NL80211_ATTR_ACK))) |
| 14917 | goto nla_put_failure; |
| 14918 | |
| 14919 | genlmsg_end(msg, hdr); |
| 14920 | |
| 14921 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0, |
| 14922 | NL80211_MCGRP_MLME, gfp); |
| 14923 | return; |
| 14924 | |
| 14925 | nla_put_failure: |
| 14926 | genlmsg_cancel(msg, hdr); |
| 14927 | nlmsg_free(msg); |
| 14928 | } |
| 14929 | EXPORT_SYMBOL(cfg80211_probe_status); |
| 14930 | |
| 14931 | void cfg80211_report_obss_beacon(struct wiphy *wiphy, |
| 14932 | const u8 *frame, size_t len, |
| 14933 | int freq, int sig_dbm) |
| 14934 | { |
| 14935 | struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); |
| 14936 | struct sk_buff *msg; |
| 14937 | void *hdr; |
| 14938 | struct cfg80211_beacon_registration *reg; |
| 14939 | |
| 14940 | trace_cfg80211_report_obss_beacon(wiphy, frame, len, freq, sig_dbm); |
| 14941 | |
| 14942 | spin_lock_bh(&rdev->beacon_registrations_lock); |
| 14943 | list_for_each_entry(reg, &rdev->beacon_registrations, list) { |
| 14944 | msg = nlmsg_new(len + 100, GFP_ATOMIC); |
| 14945 | if (!msg) { |
| 14946 | spin_unlock_bh(&rdev->beacon_registrations_lock); |
| 14947 | return; |
| 14948 | } |
| 14949 | |
| 14950 | hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME); |
| 14951 | if (!hdr) |
| 14952 | goto nla_put_failure; |
| 14953 | |
| 14954 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 14955 | (freq && |
| 14956 | nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq)) || |
| 14957 | (sig_dbm && |
| 14958 | nla_put_u32(msg, NL80211_ATTR_RX_SIGNAL_DBM, sig_dbm)) || |
| 14959 | nla_put(msg, NL80211_ATTR_FRAME, len, frame)) |
| 14960 | goto nla_put_failure; |
| 14961 | |
| 14962 | genlmsg_end(msg, hdr); |
| 14963 | |
| 14964 | genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, reg->nlportid); |
| 14965 | } |
| 14966 | spin_unlock_bh(&rdev->beacon_registrations_lock); |
| 14967 | return; |
| 14968 | |
| 14969 | nla_put_failure: |
| 14970 | spin_unlock_bh(&rdev->beacon_registrations_lock); |
| 14971 | if (hdr) |
| 14972 | genlmsg_cancel(msg, hdr); |
| 14973 | nlmsg_free(msg); |
| 14974 | } |
| 14975 | EXPORT_SYMBOL(cfg80211_report_obss_beacon); |
| 14976 | |
| 14977 | #ifdef CONFIG_PM |
| 14978 | static int cfg80211_net_detect_results(struct sk_buff *msg, |
| 14979 | struct cfg80211_wowlan_wakeup *wakeup) |
| 14980 | { |
| 14981 | struct cfg80211_wowlan_nd_info *nd = wakeup->net_detect; |
| 14982 | struct nlattr *nl_results, *nl_match, *nl_freqs; |
| 14983 | int i, j; |
| 14984 | |
| 14985 | nl_results = nla_nest_start( |
| 14986 | msg, NL80211_WOWLAN_TRIG_NET_DETECT_RESULTS); |
| 14987 | if (!nl_results) |
| 14988 | return -EMSGSIZE; |
| 14989 | |
| 14990 | for (i = 0; i < nd->n_matches; i++) { |
| 14991 | struct cfg80211_wowlan_nd_match *match = nd->matches[i]; |
| 14992 | |
| 14993 | nl_match = nla_nest_start(msg, i); |
| 14994 | if (!nl_match) |
| 14995 | break; |
| 14996 | |
| 14997 | /* The SSID attribute is optional in nl80211, but for |
| 14998 | * simplicity reasons it's always present in the |
| 14999 | * cfg80211 structure. If a driver can't pass the |
| 15000 | * SSID, that needs to be changed. A zero length SSID |
| 15001 | * is still a valid SSID (wildcard), so it cannot be |
| 15002 | * used for this purpose. |
| 15003 | */ |
| 15004 | if (nla_put(msg, NL80211_ATTR_SSID, match->ssid.ssid_len, |
| 15005 | match->ssid.ssid)) { |
| 15006 | nla_nest_cancel(msg, nl_match); |
| 15007 | goto out; |
| 15008 | } |
| 15009 | |
| 15010 | if (match->n_channels) { |
| 15011 | nl_freqs = nla_nest_start( |
| 15012 | msg, NL80211_ATTR_SCAN_FREQUENCIES); |
| 15013 | if (!nl_freqs) { |
| 15014 | nla_nest_cancel(msg, nl_match); |
| 15015 | goto out; |
| 15016 | } |
| 15017 | |
| 15018 | for (j = 0; j < match->n_channels; j++) { |
| 15019 | if (nla_put_u32(msg, j, match->channels[j])) { |
| 15020 | nla_nest_cancel(msg, nl_freqs); |
| 15021 | nla_nest_cancel(msg, nl_match); |
| 15022 | goto out; |
| 15023 | } |
| 15024 | } |
| 15025 | |
| 15026 | nla_nest_end(msg, nl_freqs); |
| 15027 | } |
| 15028 | |
| 15029 | nla_nest_end(msg, nl_match); |
| 15030 | } |
| 15031 | |
| 15032 | out: |
| 15033 | nla_nest_end(msg, nl_results); |
| 15034 | return 0; |
| 15035 | } |
| 15036 | |
| 15037 | void cfg80211_report_wowlan_wakeup(struct wireless_dev *wdev, |
| 15038 | struct cfg80211_wowlan_wakeup *wakeup, |
| 15039 | gfp_t gfp) |
| 15040 | { |
| 15041 | struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); |
| 15042 | struct sk_buff *msg; |
| 15043 | void *hdr; |
| 15044 | int size = 200; |
| 15045 | |
| 15046 | trace_cfg80211_report_wowlan_wakeup(wdev->wiphy, wdev, wakeup); |
| 15047 | |
| 15048 | if (wakeup) |
| 15049 | size += wakeup->packet_present_len; |
| 15050 | |
| 15051 | msg = nlmsg_new(size, gfp); |
| 15052 | if (!msg) |
| 15053 | return; |
| 15054 | |
| 15055 | hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_SET_WOWLAN); |
| 15056 | if (!hdr) |
| 15057 | goto free_msg; |
| 15058 | |
| 15059 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 15060 | nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev), |
| 15061 | NL80211_ATTR_PAD)) |
| 15062 | goto free_msg; |
| 15063 | |
| 15064 | if (wdev->netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX, |
| 15065 | wdev->netdev->ifindex)) |
| 15066 | goto free_msg; |
| 15067 | |
| 15068 | if (wakeup) { |
| 15069 | struct nlattr *reasons; |
| 15070 | |
| 15071 | reasons = nla_nest_start(msg, NL80211_ATTR_WOWLAN_TRIGGERS); |
| 15072 | if (!reasons) |
| 15073 | goto free_msg; |
| 15074 | |
| 15075 | if (wakeup->disconnect && |
| 15076 | nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT)) |
| 15077 | goto free_msg; |
| 15078 | if (wakeup->magic_pkt && |
| 15079 | nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT)) |
| 15080 | goto free_msg; |
| 15081 | if (wakeup->gtk_rekey_failure && |
| 15082 | nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE)) |
| 15083 | goto free_msg; |
| 15084 | if (wakeup->eap_identity_req && |
| 15085 | nla_put_flag(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST)) |
| 15086 | goto free_msg; |
| 15087 | if (wakeup->four_way_handshake && |
| 15088 | nla_put_flag(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE)) |
| 15089 | goto free_msg; |
| 15090 | if (wakeup->rfkill_release && |
| 15091 | nla_put_flag(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE)) |
| 15092 | goto free_msg; |
| 15093 | |
| 15094 | if (wakeup->pattern_idx >= 0 && |
| 15095 | nla_put_u32(msg, NL80211_WOWLAN_TRIG_PKT_PATTERN, |
| 15096 | wakeup->pattern_idx)) |
| 15097 | goto free_msg; |
| 15098 | |
| 15099 | if (wakeup->tcp_match && |
| 15100 | nla_put_flag(msg, NL80211_WOWLAN_TRIG_WAKEUP_TCP_MATCH)) |
| 15101 | goto free_msg; |
| 15102 | |
| 15103 | if (wakeup->tcp_connlost && |
| 15104 | nla_put_flag(msg, NL80211_WOWLAN_TRIG_WAKEUP_TCP_CONNLOST)) |
| 15105 | goto free_msg; |
| 15106 | |
| 15107 | if (wakeup->tcp_nomoretokens && |
| 15108 | nla_put_flag(msg, |
| 15109 | NL80211_WOWLAN_TRIG_WAKEUP_TCP_NOMORETOKENS)) |
| 15110 | goto free_msg; |
| 15111 | |
| 15112 | if (wakeup->packet) { |
| 15113 | u32 pkt_attr = NL80211_WOWLAN_TRIG_WAKEUP_PKT_80211; |
| 15114 | u32 len_attr = NL80211_WOWLAN_TRIG_WAKEUP_PKT_80211_LEN; |
| 15115 | |
| 15116 | if (!wakeup->packet_80211) { |
| 15117 | pkt_attr = |
| 15118 | NL80211_WOWLAN_TRIG_WAKEUP_PKT_8023; |
| 15119 | len_attr = |
| 15120 | NL80211_WOWLAN_TRIG_WAKEUP_PKT_8023_LEN; |
| 15121 | } |
| 15122 | |
| 15123 | if (wakeup->packet_len && |
| 15124 | nla_put_u32(msg, len_attr, wakeup->packet_len)) |
| 15125 | goto free_msg; |
| 15126 | |
| 15127 | if (nla_put(msg, pkt_attr, wakeup->packet_present_len, |
| 15128 | wakeup->packet)) |
| 15129 | goto free_msg; |
| 15130 | } |
| 15131 | |
| 15132 | if (wakeup->net_detect && |
| 15133 | cfg80211_net_detect_results(msg, wakeup)) |
| 15134 | goto free_msg; |
| 15135 | |
| 15136 | nla_nest_end(msg, reasons); |
| 15137 | } |
| 15138 | |
| 15139 | genlmsg_end(msg, hdr); |
| 15140 | |
| 15141 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0, |
| 15142 | NL80211_MCGRP_MLME, gfp); |
| 15143 | return; |
| 15144 | |
| 15145 | free_msg: |
| 15146 | nlmsg_free(msg); |
| 15147 | } |
| 15148 | EXPORT_SYMBOL(cfg80211_report_wowlan_wakeup); |
| 15149 | #endif |
| 15150 | |
| 15151 | void cfg80211_tdls_oper_request(struct net_device *dev, const u8 *peer, |
| 15152 | enum nl80211_tdls_operation oper, |
| 15153 | u16 reason_code, gfp_t gfp) |
| 15154 | { |
| 15155 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 15156 | struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); |
| 15157 | struct sk_buff *msg; |
| 15158 | void *hdr; |
| 15159 | |
| 15160 | trace_cfg80211_tdls_oper_request(wdev->wiphy, dev, peer, oper, |
| 15161 | reason_code); |
| 15162 | |
| 15163 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); |
| 15164 | if (!msg) |
| 15165 | return; |
| 15166 | |
| 15167 | hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_TDLS_OPER); |
| 15168 | if (!hdr) { |
| 15169 | nlmsg_free(msg); |
| 15170 | return; |
| 15171 | } |
| 15172 | |
| 15173 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 15174 | nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) || |
| 15175 | nla_put_u8(msg, NL80211_ATTR_TDLS_OPERATION, oper) || |
| 15176 | nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, peer) || |
| 15177 | (reason_code > 0 && |
| 15178 | nla_put_u16(msg, NL80211_ATTR_REASON_CODE, reason_code))) |
| 15179 | goto nla_put_failure; |
| 15180 | |
| 15181 | genlmsg_end(msg, hdr); |
| 15182 | |
| 15183 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0, |
| 15184 | NL80211_MCGRP_MLME, gfp); |
| 15185 | return; |
| 15186 | |
| 15187 | nla_put_failure: |
| 15188 | genlmsg_cancel(msg, hdr); |
| 15189 | nlmsg_free(msg); |
| 15190 | } |
| 15191 | EXPORT_SYMBOL(cfg80211_tdls_oper_request); |
| 15192 | |
| 15193 | static int nl80211_netlink_notify(struct notifier_block * nb, |
| 15194 | unsigned long state, |
| 15195 | void *_notify) |
| 15196 | { |
| 15197 | struct netlink_notify *notify = _notify; |
| 15198 | struct cfg80211_registered_device *rdev; |
| 15199 | struct wireless_dev *wdev; |
| 15200 | struct cfg80211_beacon_registration *reg, *tmp; |
| 15201 | |
| 15202 | if (state != NETLINK_URELEASE || notify->protocol != NETLINK_GENERIC) |
| 15203 | return NOTIFY_DONE; |
| 15204 | |
| 15205 | rcu_read_lock(); |
| 15206 | |
| 15207 | list_for_each_entry_rcu(rdev, &cfg80211_rdev_list, list) { |
| 15208 | struct cfg80211_sched_scan_request *sched_scan_req; |
| 15209 | |
| 15210 | list_for_each_entry_rcu(sched_scan_req, |
| 15211 | &rdev->sched_scan_req_list, |
| 15212 | list) { |
| 15213 | if (sched_scan_req->owner_nlportid == notify->portid) { |
| 15214 | sched_scan_req->nl_owner_dead = true; |
| 15215 | schedule_work(&rdev->sched_scan_stop_wk); |
| 15216 | } |
| 15217 | } |
| 15218 | |
| 15219 | list_for_each_entry_rcu(wdev, &rdev->wiphy.wdev_list, list) { |
| 15220 | cfg80211_mlme_unregister_socket(wdev, notify->portid); |
| 15221 | |
| 15222 | if (wdev->owner_nlportid == notify->portid) { |
| 15223 | wdev->nl_owner_dead = true; |
| 15224 | schedule_work(&rdev->destroy_work); |
| 15225 | } else if (wdev->conn_owner_nlportid == notify->portid) { |
| 15226 | schedule_work(&wdev->disconnect_wk); |
| 15227 | } |
| 15228 | } |
| 15229 | |
| 15230 | spin_lock_bh(&rdev->beacon_registrations_lock); |
| 15231 | list_for_each_entry_safe(reg, tmp, &rdev->beacon_registrations, |
| 15232 | list) { |
| 15233 | if (reg->nlportid == notify->portid) { |
| 15234 | list_del(®->list); |
| 15235 | kfree(reg); |
| 15236 | break; |
| 15237 | } |
| 15238 | } |
| 15239 | spin_unlock_bh(&rdev->beacon_registrations_lock); |
| 15240 | } |
| 15241 | |
| 15242 | rcu_read_unlock(); |
| 15243 | |
| 15244 | /* |
| 15245 | * It is possible that the user space process that is controlling the |
| 15246 | * indoor setting disappeared, so notify the regulatory core. |
| 15247 | */ |
| 15248 | regulatory_netlink_notify(notify->portid); |
| 15249 | return NOTIFY_OK; |
| 15250 | } |
| 15251 | |
| 15252 | static struct notifier_block nl80211_netlink_notifier = { |
| 15253 | .notifier_call = nl80211_netlink_notify, |
| 15254 | }; |
| 15255 | |
| 15256 | void cfg80211_ft_event(struct net_device *netdev, |
| 15257 | struct cfg80211_ft_event_params *ft_event) |
| 15258 | { |
| 15259 | struct wiphy *wiphy = netdev->ieee80211_ptr->wiphy; |
| 15260 | struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); |
| 15261 | struct sk_buff *msg; |
| 15262 | void *hdr; |
| 15263 | |
| 15264 | trace_cfg80211_ft_event(wiphy, netdev, ft_event); |
| 15265 | |
| 15266 | if (!ft_event->target_ap) |
| 15267 | return; |
| 15268 | |
| 15269 | msg = nlmsg_new(100 + ft_event->ric_ies_len, GFP_KERNEL); |
| 15270 | if (!msg) |
| 15271 | return; |
| 15272 | |
| 15273 | hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FT_EVENT); |
| 15274 | if (!hdr) |
| 15275 | goto out; |
| 15276 | |
| 15277 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 15278 | nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) || |
| 15279 | nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, ft_event->target_ap)) |
| 15280 | goto out; |
| 15281 | |
| 15282 | if (ft_event->ies && |
| 15283 | nla_put(msg, NL80211_ATTR_IE, ft_event->ies_len, ft_event->ies)) |
| 15284 | goto out; |
| 15285 | if (ft_event->ric_ies && |
| 15286 | nla_put(msg, NL80211_ATTR_IE_RIC, ft_event->ric_ies_len, |
| 15287 | ft_event->ric_ies)) |
| 15288 | goto out; |
| 15289 | |
| 15290 | genlmsg_end(msg, hdr); |
| 15291 | |
| 15292 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0, |
| 15293 | NL80211_MCGRP_MLME, GFP_KERNEL); |
| 15294 | return; |
| 15295 | out: |
| 15296 | nlmsg_free(msg); |
| 15297 | } |
| 15298 | EXPORT_SYMBOL(cfg80211_ft_event); |
| 15299 | |
| 15300 | void cfg80211_crit_proto_stopped(struct wireless_dev *wdev, gfp_t gfp) |
| 15301 | { |
| 15302 | struct cfg80211_registered_device *rdev; |
| 15303 | struct sk_buff *msg; |
| 15304 | void *hdr; |
| 15305 | u32 nlportid; |
| 15306 | |
| 15307 | rdev = wiphy_to_rdev(wdev->wiphy); |
| 15308 | if (!rdev->crit_proto_nlportid) |
| 15309 | return; |
| 15310 | |
| 15311 | nlportid = rdev->crit_proto_nlportid; |
| 15312 | rdev->crit_proto_nlportid = 0; |
| 15313 | |
| 15314 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); |
| 15315 | if (!msg) |
| 15316 | return; |
| 15317 | |
| 15318 | hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CRIT_PROTOCOL_STOP); |
| 15319 | if (!hdr) |
| 15320 | goto nla_put_failure; |
| 15321 | |
| 15322 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 15323 | nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev), |
| 15324 | NL80211_ATTR_PAD)) |
| 15325 | goto nla_put_failure; |
| 15326 | |
| 15327 | genlmsg_end(msg, hdr); |
| 15328 | |
| 15329 | genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlportid); |
| 15330 | return; |
| 15331 | |
| 15332 | nla_put_failure: |
| 15333 | if (hdr) |
| 15334 | genlmsg_cancel(msg, hdr); |
| 15335 | nlmsg_free(msg); |
| 15336 | } |
| 15337 | EXPORT_SYMBOL(cfg80211_crit_proto_stopped); |
| 15338 | |
| 15339 | void nl80211_send_ap_stopped(struct wireless_dev *wdev) |
| 15340 | { |
| 15341 | struct wiphy *wiphy = wdev->wiphy; |
| 15342 | struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy); |
| 15343 | struct sk_buff *msg; |
| 15344 | void *hdr; |
| 15345 | |
| 15346 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL); |
| 15347 | if (!msg) |
| 15348 | return; |
| 15349 | |
| 15350 | hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_STOP_AP); |
| 15351 | if (!hdr) |
| 15352 | goto out; |
| 15353 | |
| 15354 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 15355 | nla_put_u32(msg, NL80211_ATTR_IFINDEX, wdev->netdev->ifindex) || |
| 15356 | nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev), |
| 15357 | NL80211_ATTR_PAD)) |
| 15358 | goto out; |
| 15359 | |
| 15360 | genlmsg_end(msg, hdr); |
| 15361 | |
| 15362 | genlmsg_multicast_netns(&nl80211_fam, wiphy_net(wiphy), msg, 0, |
| 15363 | NL80211_MCGRP_MLME, GFP_KERNEL); |
| 15364 | return; |
| 15365 | out: |
| 15366 | nlmsg_free(msg); |
| 15367 | } |
| 15368 | |
| 15369 | int cfg80211_external_auth_request(struct net_device *dev, |
| 15370 | struct cfg80211_external_auth_params *params, |
| 15371 | gfp_t gfp) |
| 15372 | { |
| 15373 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
| 15374 | struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy); |
| 15375 | struct sk_buff *msg; |
| 15376 | void *hdr; |
| 15377 | |
| 15378 | if (!wdev->conn_owner_nlportid) |
| 15379 | return -EINVAL; |
| 15380 | |
| 15381 | msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp); |
| 15382 | if (!msg) |
| 15383 | return -ENOMEM; |
| 15384 | |
| 15385 | hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_EXTERNAL_AUTH); |
| 15386 | if (!hdr) |
| 15387 | goto nla_put_failure; |
| 15388 | |
| 15389 | if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) || |
| 15390 | nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) || |
| 15391 | nla_put_u32(msg, NL80211_ATTR_AKM_SUITES, params->key_mgmt_suite) || |
| 15392 | nla_put_u32(msg, NL80211_ATTR_EXTERNAL_AUTH_ACTION, |
| 15393 | params->action) || |
| 15394 | nla_put(msg, NL80211_ATTR_BSSID, ETH_ALEN, params->bssid) || |
| 15395 | nla_put(msg, NL80211_ATTR_SSID, params->ssid.ssid_len, |
| 15396 | params->ssid.ssid)) |
| 15397 | goto nla_put_failure; |
| 15398 | |
| 15399 | genlmsg_end(msg, hdr); |
| 15400 | genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, |
| 15401 | wdev->conn_owner_nlportid); |
| 15402 | return 0; |
| 15403 | |
| 15404 | nla_put_failure: |
| 15405 | nlmsg_free(msg); |
| 15406 | return -ENOBUFS; |
| 15407 | } |
| 15408 | EXPORT_SYMBOL(cfg80211_external_auth_request); |
| 15409 | |
| 15410 | /* initialisation/exit functions */ |
| 15411 | |
| 15412 | int __init nl80211_init(void) |
| 15413 | { |
| 15414 | int err; |
| 15415 | |
| 15416 | err = genl_register_family(&nl80211_fam); |
| 15417 | if (err) |
| 15418 | return err; |
| 15419 | |
| 15420 | err = netlink_register_notifier(&nl80211_netlink_notifier); |
| 15421 | if (err) |
| 15422 | goto err_out; |
| 15423 | |
| 15424 | return 0; |
| 15425 | err_out: |
| 15426 | genl_unregister_family(&nl80211_fam); |
| 15427 | return err; |
| 15428 | } |
| 15429 | |
| 15430 | void nl80211_exit(void) |
| 15431 | { |
| 15432 | netlink_unregister_notifier(&nl80211_netlink_notifier); |
| 15433 | genl_unregister_family(&nl80211_fam); |
| 15434 | } |