Gitiles
Code Review Sign In
192.168.1.100 / T106_DC / 0d1b61e51a97cc1eaa83dbaf31a4345e3b1e1768 / . / ap / os / linux / linux-3.4.x / net / wireless / nl80211.c
blob: 4c9140f36495ff4d76268a981c5ca2b7fb6a25a5 [file] [log] [blame]
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]1/*
2 * This is the new netlink-based wireless configuration interface.
3 *
4 * Copyright 2006-2010 Johannes Berg <johannes@sipsolutions.net>
5 */
6
7#include <linux/if.h>
8#include <linux/module.h>
9#include <linux/err.h>
10#include <linux/slab.h>
11#include <linux/list.h>
12#include <linux/if_ether.h>
13#include <linux/ieee80211.h>
14#include <linux/nl80211.h>
15#include <linux/rtnetlink.h>
16#include <linux/netlink.h>
17#include <linux/etherdevice.h>
18#include <net/net_namespace.h>
19#include <net/genetlink.h>
20#include <net/cfg80211.h>
21#include <net/sock.h>
22#include "core.h"
23#include "nl80211.h"
24#include "reg.h"
25
26static bool nl80211_valid_auth_type(enum nl80211_auth_type auth_type);
27static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev,
28 struct genl_info *info,
29 struct cfg80211_crypto_settings *settings,
30 int cipher_limit);
31
32static int nl80211_pre_doit(struct genl_ops *ops, struct sk_buff *skb,
33 struct genl_info *info);
34static void nl80211_post_doit(struct genl_ops *ops, struct sk_buff *skb,
35 struct genl_info *info);
36
37/* the netlink family */
38static struct genl_family nl80211_fam = {
39 .id = GENL_ID_GENERATE, /* don't bother with a hardcoded ID */
40 .name = "nl80211", /* have users key off the name instead */
41 .hdrsize = 0, /* no private header */
42 .version = 1, /* no particular meaning now */
43 .maxattr = NL80211_ATTR_MAX,
44 .netnsok = true,
45 .pre_doit = nl80211_pre_doit,
46 .post_doit = nl80211_post_doit,
47};
48
49/* internal helper: get rdev and dev */
50static int get_rdev_dev_by_ifindex(struct net *netns, struct nlattr **attrs,
51 struct cfg80211_registered_device **rdev,
52 struct net_device **dev)
53{
54 int ifindex;
55
56 if (!attrs[NL80211_ATTR_IFINDEX])
57 return -EINVAL;
58
59 ifindex = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]);
60 *dev = dev_get_by_index(netns, ifindex);
61 if (!*dev)
62 return -ENODEV;
63
64 *rdev = cfg80211_get_dev_from_ifindex(netns, ifindex);
65 if (IS_ERR(*rdev)) {
66 dev_put(*dev);
67 return PTR_ERR(*rdev);
68 }
69
70 return 0;
71}
72
73/* policy for the attributes */
74static const struct nla_policy nl80211_policy[NL80211_ATTR_MAX+1] = {
75 [NL80211_ATTR_WIPHY] = { .type = NLA_U32 },
76 [NL80211_ATTR_WIPHY_NAME] = { .type = NLA_NUL_STRING,
77 .len = 20-1 },
78 [NL80211_ATTR_WIPHY_TXQ_PARAMS] = { .type = NLA_NESTED },
79 [NL80211_ATTR_WIPHY_FREQ] = { .type = NLA_U32 },
80 [NL80211_ATTR_WIPHY_CHANNEL_TYPE] = { .type = NLA_U32 },
81 [NL80211_ATTR_WIPHY_RETRY_SHORT] = { .type = NLA_U8 },
82 [NL80211_ATTR_WIPHY_RETRY_LONG] = { .type = NLA_U8 },
83 [NL80211_ATTR_WIPHY_FRAG_THRESHOLD] = { .type = NLA_U32 },
84 [NL80211_ATTR_WIPHY_RTS_THRESHOLD] = { .type = NLA_U32 },
85 [NL80211_ATTR_WIPHY_COVERAGE_CLASS] = { .type = NLA_U8 },
86
87 [NL80211_ATTR_IFTYPE] = { .type = NLA_U32 },
88 [NL80211_ATTR_IFINDEX] = { .type = NLA_U32 },
89 [NL80211_ATTR_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ-1 },
90
91 [NL80211_ATTR_MAC] = { .len = ETH_ALEN },
92 [NL80211_ATTR_PREV_BSSID] = { .len = ETH_ALEN },
93
94 [NL80211_ATTR_KEY] = { .type = NLA_NESTED, },
95 [NL80211_ATTR_KEY_DATA] = { .type = NLA_BINARY,
96 .len = WLAN_MAX_KEY_LEN },
97 [NL80211_ATTR_KEY_IDX] = { .type = NLA_U8 },
98 [NL80211_ATTR_KEY_CIPHER] = { .type = NLA_U32 },
99 [NL80211_ATTR_KEY_DEFAULT] = { .type = NLA_FLAG },
100 [NL80211_ATTR_KEY_SEQ] = { .type = NLA_BINARY, .len = 16 },
101 [NL80211_ATTR_KEY_TYPE] = { .type = NLA_U32 },
102
103 [NL80211_ATTR_BEACON_INTERVAL] = { .type = NLA_U32 },
104 [NL80211_ATTR_DTIM_PERIOD] = { .type = NLA_U32 },
105 [NL80211_ATTR_BEACON_HEAD] = { .type = NLA_BINARY,
106 .len = IEEE80211_MAX_DATA_LEN },
107 [NL80211_ATTR_BEACON_TAIL] = { .type = NLA_BINARY,
108 .len = IEEE80211_MAX_DATA_LEN },
109 [NL80211_ATTR_STA_AID] = { .type = NLA_U16 },
110 [NL80211_ATTR_STA_FLAGS] = { .type = NLA_NESTED },
111 [NL80211_ATTR_STA_LISTEN_INTERVAL] = { .type = NLA_U16 },
112 [NL80211_ATTR_STA_SUPPORTED_RATES] = { .type = NLA_BINARY,
113 .len = NL80211_MAX_SUPP_RATES },
114 [NL80211_ATTR_STA_PLINK_ACTION] = { .type = NLA_U8 },
115 [NL80211_ATTR_STA_VLAN] = { .type = NLA_U32 },
116 [NL80211_ATTR_MNTR_FLAGS] = { /* NLA_NESTED can't be empty */ },
117 [NL80211_ATTR_MESH_ID] = { .type = NLA_BINARY,
118 .len = IEEE80211_MAX_MESH_ID_LEN },
119 [NL80211_ATTR_MPATH_NEXT_HOP] = { .type = NLA_U32 },
120
121 [NL80211_ATTR_REG_ALPHA2] = { .type = NLA_STRING, .len = 2 },
122 [NL80211_ATTR_REG_RULES] = { .type = NLA_NESTED },
123
124 [NL80211_ATTR_BSS_CTS_PROT] = { .type = NLA_U8 },
125 [NL80211_ATTR_BSS_SHORT_PREAMBLE] = { .type = NLA_U8 },
126 [NL80211_ATTR_BSS_SHORT_SLOT_TIME] = { .type = NLA_U8 },
127 [NL80211_ATTR_BSS_BASIC_RATES] = { .type = NLA_BINARY,
128 .len = NL80211_MAX_SUPP_RATES },
129 [NL80211_ATTR_BSS_HT_OPMODE] = { .type = NLA_U16 },
130
131 [NL80211_ATTR_MESH_CONFIG] = { .type = NLA_NESTED },
132 [NL80211_ATTR_SUPPORT_MESH_AUTH] = { .type = NLA_FLAG },
133
134 [NL80211_ATTR_HT_CAPABILITY] = { .len = NL80211_HT_CAPABILITY_LEN },
135
136 [NL80211_ATTR_MGMT_SUBTYPE] = { .type = NLA_U8 },
137 [NL80211_ATTR_IE] = { .type = NLA_BINARY,
138 .len = IEEE80211_MAX_DATA_LEN },
139 [NL80211_ATTR_SCAN_FREQUENCIES] = { .type = NLA_NESTED },
140 [NL80211_ATTR_SCAN_SSIDS] = { .type = NLA_NESTED },
141
142 [NL80211_ATTR_SSID] = { .type = NLA_BINARY,
143 .len = IEEE80211_MAX_SSID_LEN },
144 [NL80211_ATTR_AUTH_TYPE] = { .type = NLA_U32 },
145 [NL80211_ATTR_REASON_CODE] = { .type = NLA_U16 },
146 [NL80211_ATTR_FREQ_FIXED] = { .type = NLA_FLAG },
147 [NL80211_ATTR_TIMED_OUT] = { .type = NLA_FLAG },
148 [NL80211_ATTR_USE_MFP] = { .type = NLA_U32 },
149 [NL80211_ATTR_STA_FLAGS2] = {
150 .len = sizeof(struct nl80211_sta_flag_update),
151 },
152 [NL80211_ATTR_CONTROL_PORT] = { .type = NLA_FLAG },
153 [NL80211_ATTR_CONTROL_PORT_ETHERTYPE] = { .type = NLA_U16 },
154 [NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT] = { .type = NLA_FLAG },
155 [NL80211_ATTR_PRIVACY] = { .type = NLA_FLAG },
xf.li0d1b61e2025-08-20 05:45:58 -0700[diff] [blame^]156 [NL80211_ATTR_STATUS_CODE] = { .type = NLA_U16 }, // CVE-2020-27068
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]157 [NL80211_ATTR_CIPHER_SUITE_GROUP] = { .type = NLA_U32 },
158 [NL80211_ATTR_WPA_VERSIONS] = { .type = NLA_U32 },
159 [NL80211_ATTR_PID] = { .type = NLA_U32 },
160 [NL80211_ATTR_4ADDR] = { .type = NLA_U8 },
161 [NL80211_ATTR_PMKID] = { .type = NLA_BINARY,
162 .len = WLAN_PMKID_LEN },
163 [NL80211_ATTR_DURATION] = { .type = NLA_U32 },
164 [NL80211_ATTR_COOKIE] = { .type = NLA_U64 },
165 [NL80211_ATTR_TX_RATES] = { .type = NLA_NESTED },
166 [NL80211_ATTR_FRAME] = { .type = NLA_BINARY,
167 .len = IEEE80211_MAX_DATA_LEN },
168 [NL80211_ATTR_FRAME_MATCH] = { .type = NLA_BINARY, },
169 [NL80211_ATTR_PS_STATE] = { .type = NLA_U32 },
170 [NL80211_ATTR_CQM] = { .type = NLA_NESTED, },
171 [NL80211_ATTR_LOCAL_STATE_CHANGE] = { .type = NLA_FLAG },
172 [NL80211_ATTR_AP_ISOLATE] = { .type = NLA_U8 },
173 [NL80211_ATTR_WIPHY_TX_POWER_SETTING] = { .type = NLA_U32 },
174 [NL80211_ATTR_WIPHY_TX_POWER_LEVEL] = { .type = NLA_U32 },
175 [NL80211_ATTR_FRAME_TYPE] = { .type = NLA_U16 },
176 [NL80211_ATTR_WIPHY_ANTENNA_TX] = { .type = NLA_U32 },
177 [NL80211_ATTR_WIPHY_ANTENNA_RX] = { .type = NLA_U32 },
178 [NL80211_ATTR_MCAST_RATE] = { .type = NLA_U32 },
179 [NL80211_ATTR_OFFCHANNEL_TX_OK] = { .type = NLA_FLAG },
180 [NL80211_ATTR_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED },
181 [NL80211_ATTR_WOWLAN_TRIGGERS] = { .type = NLA_NESTED },
182 [NL80211_ATTR_STA_PLINK_STATE] = { .type = NLA_U8 },
183 [NL80211_ATTR_SCHED_SCAN_INTERVAL] = { .type = NLA_U32 },
184 [NL80211_ATTR_REKEY_DATA] = { .type = NLA_NESTED },
185 [NL80211_ATTR_SCAN_SUPP_RATES] = { .type = NLA_NESTED },
186 [NL80211_ATTR_HIDDEN_SSID] = { .type = NLA_U32 },
187 [NL80211_ATTR_IE_PROBE_RESP] = { .type = NLA_BINARY,
188 .len = IEEE80211_MAX_DATA_LEN },
189 [NL80211_ATTR_IE_ASSOC_RESP] = { .type = NLA_BINARY,
190 .len = IEEE80211_MAX_DATA_LEN },
191 [NL80211_ATTR_ROAM_SUPPORT] = { .type = NLA_FLAG },
192 [NL80211_ATTR_SCHED_SCAN_MATCH] = { .type = NLA_NESTED },
193 [NL80211_ATTR_TX_NO_CCK_RATE] = { .type = NLA_FLAG },
194 [NL80211_ATTR_TDLS_ACTION] = { .type = NLA_U8 },
195 [NL80211_ATTR_TDLS_DIALOG_TOKEN] = { .type = NLA_U8 },
196 [NL80211_ATTR_TDLS_OPERATION] = { .type = NLA_U8 },
197 [NL80211_ATTR_TDLS_SUPPORT] = { .type = NLA_FLAG },
198 [NL80211_ATTR_TDLS_EXTERNAL_SETUP] = { .type = NLA_FLAG },
199 [NL80211_ATTR_DONT_WAIT_FOR_ACK] = { .type = NLA_FLAG },
200 [NL80211_ATTR_PROBE_RESP] = { .type = NLA_BINARY,
201 .len = IEEE80211_MAX_DATA_LEN },
202 [NL80211_ATTR_DFS_REGION] = { .type = NLA_U8 },
203 [NL80211_ATTR_DISABLE_HT] = { .type = NLA_FLAG },
204 [NL80211_ATTR_HT_CAPABILITY_MASK] = {
205 .len = NL80211_HT_CAPABILITY_LEN
206 },
207 [NL80211_ATTR_NOACK_MAP] = { .type = NLA_U16 },
208 [NL80211_ATTR_INACTIVITY_TIMEOUT] = { .type = NLA_U16 },
209 [NL80211_ATTR_BG_SCAN_PERIOD] = { .type = NLA_U16 },
zw.wangc08ce042024-08-08 18:42:05 +0800[diff] [blame]210#if (defined CONFIG_AIC8800 || defined CONFIG_AIC8800D80L)
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]211 #if 0
212 [NL80211_ATTR_WDEV] = { .type = NLA_U64 },
213 [NL80211_ATTR_USER_REG_HINT_TYPE] = { .type = NLA_U32 },
214 [NL80211_ATTR_AUTH_DATA] = { .type = NLA_BINARY, },
215 [NL80211_ATTR_VHT_CAPABILITY] = {
216 .type = NLA_EXACT_LEN_WARN,
217 .len = NL80211_VHT_CAPABILITY_LEN
218 },
219 [NL80211_ATTR_SCAN_FLAGS] = { .type = NLA_U32 },
220 [NL80211_ATTR_P2P_CTWINDOW] = NLA_POLICY_MAX(NLA_U8, 127),
221 [NL80211_ATTR_P2P_OPPPS] = NLA_POLICY_MAX(NLA_U8, 1),
222 [NL80211_ATTR_LOCAL_MESH_POWER_MODE] =
223 NLA_POLICY_RANGE(NLA_U32,
224 NL80211_MESH_POWER_UNKNOWN + 1,
225 NL80211_MESH_POWER_MAX),
226 [NL80211_ATTR_ACL_POLICY] = {. type = NLA_U32 },
227 [NL80211_ATTR_MAC_ADDRS] = { .type = NLA_NESTED },
228 [NL80211_ATTR_STA_CAPABILITY] = { .type = NLA_U16 },
229 [NL80211_ATTR_STA_EXT_CAPABILITY] = { .type = NLA_BINARY, },
230 [NL80211_ATTR_SPLIT_WIPHY_DUMP] = { .type = NLA_FLAG, },
231 [NL80211_ATTR_DISABLE_VHT] = { .type = NLA_FLAG },
232 [NL80211_ATTR_VHT_CAPABILITY_MASK] = {
233 .len = NL80211_VHT_CAPABILITY_LEN,
234 },
235 [NL80211_ATTR_MDID] = { .type = NLA_U16 },
236 [NL80211_ATTR_IE_RIC] = { .type = NLA_BINARY,
237 .len = IEEE80211_MAX_DATA_LEN },
238 [NL80211_ATTR_CRIT_PROT_ID] = { .type = NLA_U16 },
239 [NL80211_ATTR_MAX_CRIT_PROT_DURATION] = { .type = NLA_U16 },
240 [NL80211_ATTR_PEER_AID] =
241 NLA_POLICY_RANGE(NLA_U16, 1, IEEE80211_MAX_AID),
242 [NL80211_ATTR_CH_SWITCH_COUNT] = { .type = NLA_U32 },
243 [NL80211_ATTR_CH_SWITCH_BLOCK_TX] = { .type = NLA_FLAG },
244 [NL80211_ATTR_CSA_IES] = { .type = NLA_NESTED },
245 [NL80211_ATTR_CSA_C_OFF_BEACON] = { .type = NLA_BINARY },
246 [NL80211_ATTR_CSA_C_OFF_PRESP] = { .type = NLA_BINARY },
247 [NL80211_ATTR_STA_SUPPORTED_CHANNELS] = { .type = NLA_BINARY },
248 [NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES] = { .type = NLA_BINARY },
249 [NL80211_ATTR_HANDLE_DFS] = { .type = NLA_FLAG },
250 [NL80211_ATTR_OPMODE_NOTIF] = { .type = NLA_U8 },
251 [NL80211_ATTR_VENDOR_ID] = { .type = NLA_U32 },
252 [NL80211_ATTR_VENDOR_SUBCMD] = { .type = NLA_U32 },
253 [NL80211_ATTR_VENDOR_DATA] = { .type = NLA_BINARY },
254 [NL80211_ATTR_QOS_MAP] = { .type = NLA_BINARY,
255 .len = IEEE80211_QOS_MAP_LEN_MAX },
256 [NL80211_ATTR_MAC_HINT] = {
257 .type = NLA_EXACT_LEN_WARN,
258 .len = ETH_ALEN
259 },
260 [NL80211_ATTR_WIPHY_FREQ_HINT] = { .type = NLA_U32 },
261 [NL80211_ATTR_TDLS_PEER_CAPABILITY] = { .type = NLA_U32 },
262 [NL80211_ATTR_SOCKET_OWNER] = { .type = NLA_FLAG },
263 [NL80211_ATTR_CSA_C_OFFSETS_TX] = { .type = NLA_BINARY },
264 [NL80211_ATTR_USE_RRM] = { .type = NLA_FLAG },
265 [NL80211_ATTR_TSID] = NLA_POLICY_MAX(NLA_U8, IEEE80211_NUM_TIDS - 1),
266 [NL80211_ATTR_USER_PRIO] =
267 NLA_POLICY_MAX(NLA_U8, IEEE80211_NUM_UPS - 1),
268 [NL80211_ATTR_ADMITTED_TIME] = { .type = NLA_U16 },
269 [NL80211_ATTR_SMPS_MODE] = { .type = NLA_U8 },
270 [NL80211_ATTR_OPER_CLASS] = { .type = NLA_U8 },
271 [NL80211_ATTR_MAC_MASK] = {
272 .type = NLA_EXACT_LEN_WARN,
273 .len = ETH_ALEN
274 },
275 [NL80211_ATTR_WIPHY_SELF_MANAGED_REG] = { .type = NLA_FLAG },
276 [NL80211_ATTR_NETNS_FD] = { .type = NLA_U32 },
277 [NL80211_ATTR_SCHED_SCAN_DELAY] = { .type = NLA_U32 },
278 [NL80211_ATTR_REG_INDOOR] = { .type = NLA_FLAG },
279 [NL80211_ATTR_PBSS] = { .type = NLA_FLAG },
280 [NL80211_ATTR_BSS_SELECT] = { .type = NLA_NESTED },
281 [NL80211_ATTR_STA_SUPPORT_P2P_PS] =
282 NLA_POLICY_MAX(NLA_U8, NUM_NL80211_P2P_PS_STATUS - 1),
283 [NL80211_ATTR_MU_MIMO_GROUP_DATA] = {
284 .len = VHT_MUMIMO_GROUPS_DATA_LEN
285 },
286 [NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR] = {
287 .type = NLA_EXACT_LEN_WARN,
288 .len = ETH_ALEN
289 },
290 [NL80211_ATTR_NAN_MASTER_PREF] = NLA_POLICY_MIN(NLA_U8, 1),
291 [NL80211_ATTR_BANDS] = { .type = NLA_U32 },
292 [NL80211_ATTR_NAN_FUNC] = { .type = NLA_NESTED },
293 [NL80211_ATTR_FILS_KEK] = { .type = NLA_BINARY,
294 .len = FILS_MAX_KEK_LEN },
295 [NL80211_ATTR_FILS_NONCES] = {
296 .type = NLA_EXACT_LEN_WARN,
297 .len = 2 * FILS_NONCE_LEN
298 },
299 [NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED] = { .type = NLA_FLAG, },
300 [NL80211_ATTR_BSSID] = { .type = NLA_EXACT_LEN_WARN, .len = ETH_ALEN },
301 [NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI] = { .type = NLA_S8 },
302 [NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST] = {
303 .len = sizeof(struct nl80211_bss_select_rssi_adjust)
304 },
305 [NL80211_ATTR_TIMEOUT_REASON] = { .type = NLA_U32 },
306 [NL80211_ATTR_FILS_ERP_USERNAME] = { .type = NLA_BINARY,
307 .len = FILS_ERP_MAX_USERNAME_LEN },
308 [NL80211_ATTR_FILS_ERP_REALM] = { .type = NLA_BINARY,
309 .len = FILS_ERP_MAX_REALM_LEN },
310 [NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM] = { .type = NLA_U16 },
311 [NL80211_ATTR_FILS_ERP_RRK] = { .type = NLA_BINARY,
312 .len = FILS_ERP_MAX_RRK_LEN },
313 [NL80211_ATTR_FILS_CACHE_ID] = { .type = NLA_EXACT_LEN_WARN, .len = 2 },
314 [NL80211_ATTR_PMK] = { .type = NLA_BINARY, .len = PMK_MAX_LEN },
315 [NL80211_ATTR_SCHED_SCAN_MULTI] = { .type = NLA_FLAG },
316 #endif
317 [NL80211_ATTR_EXTERNAL_AUTH_SUPPORT] = { .type = NLA_FLAG },
318#endif
319};
320
321/* policy for the key attributes */
322static const struct nla_policy nl80211_key_policy[NL80211_KEY_MAX + 1] = {
323 [NL80211_KEY_DATA] = { .type = NLA_BINARY, .len = WLAN_MAX_KEY_LEN },
324 [NL80211_KEY_IDX] = { .type = NLA_U8 },
325 [NL80211_KEY_CIPHER] = { .type = NLA_U32 },
326 [NL80211_KEY_SEQ] = { .type = NLA_BINARY, .len = 16 },
327 [NL80211_KEY_DEFAULT] = { .type = NLA_FLAG },
328 [NL80211_KEY_DEFAULT_MGMT] = { .type = NLA_FLAG },
329 [NL80211_KEY_TYPE] = { .type = NLA_U32 },
330 [NL80211_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED },
331};
332
333/* policy for the key default flags */
334static const struct nla_policy
335nl80211_key_default_policy[NUM_NL80211_KEY_DEFAULT_TYPES] = {
336 [NL80211_KEY_DEFAULT_TYPE_UNICAST] = { .type = NLA_FLAG },
337 [NL80211_KEY_DEFAULT_TYPE_MULTICAST] = { .type = NLA_FLAG },
338};
339
340/* policy for WoWLAN attributes */
341static const struct nla_policy
342nl80211_wowlan_policy[NUM_NL80211_WOWLAN_TRIG] = {
343 [NL80211_WOWLAN_TRIG_ANY] = { .type = NLA_FLAG },
344 [NL80211_WOWLAN_TRIG_DISCONNECT] = { .type = NLA_FLAG },
345 [NL80211_WOWLAN_TRIG_MAGIC_PKT] = { .type = NLA_FLAG },
346 [NL80211_WOWLAN_TRIG_PKT_PATTERN] = { .type = NLA_NESTED },
347 [NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE] = { .type = NLA_FLAG },
348 [NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST] = { .type = NLA_FLAG },
349 [NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE] = { .type = NLA_FLAG },
350 [NL80211_WOWLAN_TRIG_RFKILL_RELEASE] = { .type = NLA_FLAG },
351};
352
353/* policy for GTK rekey offload attributes */
354static const struct nla_policy
355nl80211_rekey_policy[NUM_NL80211_REKEY_DATA] = {
356 [NL80211_REKEY_DATA_KEK] = { .len = NL80211_KEK_LEN },
357 [NL80211_REKEY_DATA_KCK] = { .len = NL80211_KCK_LEN },
358 [NL80211_REKEY_DATA_REPLAY_CTR] = { .len = NL80211_REPLAY_CTR_LEN },
359};
360
361static const struct nla_policy
362nl80211_match_policy[NL80211_SCHED_SCAN_MATCH_ATTR_MAX + 1] = {
363 [NL80211_ATTR_SCHED_SCAN_MATCH_SSID] = { .type = NLA_BINARY,
364 .len = IEEE80211_MAX_SSID_LEN },
365};
366
367/* ifidx get helper */
368static int nl80211_get_ifidx(struct netlink_callback *cb)
369{
370 int res;
371
372 res = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize,
373 nl80211_fam.attrbuf, nl80211_fam.maxattr,
374 nl80211_policy);
375 if (res)
376 return res;
377
378 if (!nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX])
379 return -EINVAL;
380
381 res = nla_get_u32(nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX]);
382 if (!res)
383 return -EINVAL;
384 return res;
385}
386
387static int nl80211_prepare_netdev_dump(struct sk_buff *skb,
388 struct netlink_callback *cb,
389 struct cfg80211_registered_device **rdev,
390 struct net_device **dev)
391{
392 int ifidx = cb->args[0];
393 int err;
394
395 if (!ifidx)
396 ifidx = nl80211_get_ifidx(cb);
397 if (ifidx < 0)
398 return ifidx;
399
400 cb->args[0] = ifidx;
401
402 rtnl_lock();
403
404 *dev = __dev_get_by_index(sock_net(skb->sk), ifidx);
405 if (!*dev) {
406 err = -ENODEV;
407 goto out_rtnl;
408 }
409
410 *rdev = cfg80211_get_dev_from_ifindex(sock_net(skb->sk), ifidx);
411 if (IS_ERR(*rdev)) {
412 err = PTR_ERR(*rdev);
413 goto out_rtnl;
414 }
415
416 return 0;
417 out_rtnl:
418 rtnl_unlock();
419 return err;
420}
421
422static void nl80211_finish_netdev_dump(struct cfg80211_registered_device *rdev)
423{
424 cfg80211_unlock_rdev(rdev);
425 rtnl_unlock();
426}
427
428/* IE validation */
429static bool is_valid_ie_attr(const struct nlattr *attr)
430{
431 const u8 *pos;
432 int len;
433
434 if (!attr)
435 return true;
436
437 pos = nla_data(attr);
438 len = nla_len(attr);
439
440 while (len) {
441 u8 elemlen;
442
443 if (len < 2)
444 return false;
445 len -= 2;
446
447 elemlen = pos[1];
448 if (elemlen > len)
449 return false;
450
451 len -= elemlen;
452 pos += 2 + elemlen;
453 }
454
455 return true;
456}
457
458/* message building helper */
459static inline void *nl80211hdr_put(struct sk_buff *skb, u32 pid, u32 seq,
460 int flags, u8 cmd)
461{
462 /* since there is no private header just add the generic one */
463 return genlmsg_put(skb, pid, seq, &nl80211_fam, flags, cmd);
464}
465
466static int nl80211_msg_put_channel(struct sk_buff *msg,
467 struct ieee80211_channel *chan)
468{
469 NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_FREQ,
470 chan->center_freq);
471
472 if (chan->flags & IEEE80211_CHAN_DISABLED)
473 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_DISABLED);
474 if (chan->flags & IEEE80211_CHAN_PASSIVE_SCAN)
475 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_PASSIVE_SCAN);
476 if (chan->flags & IEEE80211_CHAN_NO_IBSS)
477 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_NO_IBSS);
478 if (chan->flags & IEEE80211_CHAN_RADAR)
479 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_RADAR);
480
481 NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_MAX_TX_POWER,
482 DBM_TO_MBM(chan->max_power));
483
484 return 0;
485
486 nla_put_failure:
487 return -ENOBUFS;
488}
489
490/* netlink command implementations */
491
492struct key_parse {
493 struct key_params p;
494 int idx;
495 int type;
496 bool def, defmgmt;
497 bool def_uni, def_multi;
498};
499
500static int nl80211_parse_key_new(struct nlattr *key, struct key_parse *k)
501{
502 struct nlattr *tb[NL80211_KEY_MAX + 1];
503 int err = nla_parse_nested(tb, NL80211_KEY_MAX, key,
504 nl80211_key_policy);
505 if (err)
506 return err;
507
508 k->def = !!tb[NL80211_KEY_DEFAULT];
509 k->defmgmt = !!tb[NL80211_KEY_DEFAULT_MGMT];
510
511 if (k->def) {
512 k->def_uni = true;
513 k->def_multi = true;
514 }
515 if (k->defmgmt)
516 k->def_multi = true;
517
518 if (tb[NL80211_KEY_IDX])
519 k->idx = nla_get_u8(tb[NL80211_KEY_IDX]);
520
521 if (tb[NL80211_KEY_DATA]) {
522 k->p.key = nla_data(tb[NL80211_KEY_DATA]);
523 k->p.key_len = nla_len(tb[NL80211_KEY_DATA]);
524 }
525
526 if (tb[NL80211_KEY_SEQ]) {
527 k->p.seq = nla_data(tb[NL80211_KEY_SEQ]);
528 k->p.seq_len = nla_len(tb[NL80211_KEY_SEQ]);
529 }
530
531 if (tb[NL80211_KEY_CIPHER])
532 k->p.cipher = nla_get_u32(tb[NL80211_KEY_CIPHER]);
533
534 if (tb[NL80211_KEY_TYPE]) {
535 k->type = nla_get_u32(tb[NL80211_KEY_TYPE]);
536 if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES)
537 return -EINVAL;
538 }
539
540 if (tb[NL80211_KEY_DEFAULT_TYPES]) {
541 struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES];
542 err = nla_parse_nested(kdt, NUM_NL80211_KEY_DEFAULT_TYPES - 1,
543 tb[NL80211_KEY_DEFAULT_TYPES],
544 nl80211_key_default_policy);
545 if (err)
546 return err;
547
548 k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST];
549 k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST];
550 }
551
552 return 0;
553}
554
555static int nl80211_parse_key_old(struct genl_info *info, struct key_parse *k)
556{
557 if (info->attrs[NL80211_ATTR_KEY_DATA]) {
558 k->p.key = nla_data(info->attrs[NL80211_ATTR_KEY_DATA]);
559 k->p.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]);
560 }
561
562 if (info->attrs[NL80211_ATTR_KEY_SEQ]) {
563 k->p.seq = nla_data(info->attrs[NL80211_ATTR_KEY_SEQ]);
564 k->p.seq_len = nla_len(info->attrs[NL80211_ATTR_KEY_SEQ]);
565 }
566
567 if (info->attrs[NL80211_ATTR_KEY_IDX])
568 k->idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);
569
570 if (info->attrs[NL80211_ATTR_KEY_CIPHER])
571 k->p.cipher = nla_get_u32(info->attrs[NL80211_ATTR_KEY_CIPHER]);
572
573 k->def = !!info->attrs[NL80211_ATTR_KEY_DEFAULT];
574 k->defmgmt = !!info->attrs[NL80211_ATTR_KEY_DEFAULT_MGMT];
575
576 if (k->def) {
577 k->def_uni = true;
578 k->def_multi = true;
579 }
580 if (k->defmgmt)
581 k->def_multi = true;
582
583 if (info->attrs[NL80211_ATTR_KEY_TYPE]) {
584 k->type = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]);
585 if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES)
586 return -EINVAL;
587 }
588
589 if (info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES]) {
590 struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES];
591 int err = nla_parse_nested(
592 kdt, NUM_NL80211_KEY_DEFAULT_TYPES - 1,
593 info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES],
594 nl80211_key_default_policy);
595 if (err)
596 return err;
597
598 k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST];
599 k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST];
600 }
601
602 return 0;
603}
604
605static int nl80211_parse_key(struct genl_info *info, struct key_parse *k)
606{
607 int err;
608
609 memset(k, 0, sizeof(*k));
610 k->idx = -1;
611 k->type = -1;
612
613 if (info->attrs[NL80211_ATTR_KEY])
614 err = nl80211_parse_key_new(info->attrs[NL80211_ATTR_KEY], k);
615 else
616 err = nl80211_parse_key_old(info, k);
617
618 if (err)
619 return err;
620
621 if (k->def && k->defmgmt)
622 return -EINVAL;
623
624 if (k->defmgmt) {
625 if (k->def_uni || !k->def_multi)
626 return -EINVAL;
627 }
628
629 if (k->idx != -1) {
630 if (k->defmgmt) {
631 if (k->idx < 4 || k->idx > 5)
632 return -EINVAL;
633 } else if (k->def) {
634 if (k->idx < 0 || k->idx > 3)
635 return -EINVAL;
636 } else {
637 if (k->idx < 0 || k->idx > 5)
638 return -EINVAL;
639 }
640 }
641
642 return 0;
643}
644
645static struct cfg80211_cached_keys *
646nl80211_parse_connkeys(struct cfg80211_registered_device *rdev,
647 struct nlattr *keys)
648{
649 struct key_parse parse;
650 struct nlattr *key;
651 struct cfg80211_cached_keys *result;
652 int rem, err, def = 0;
653
654 result = kzalloc(sizeof(*result), GFP_KERNEL);
655 if (!result)
656 return ERR_PTR(-ENOMEM);
657
658 result->def = -1;
659 result->defmgmt = -1;
660
661 nla_for_each_nested(key, keys, rem) {
662 memset(&parse, 0, sizeof(parse));
663 parse.idx = -1;
664
665 err = nl80211_parse_key_new(key, &parse);
666 if (err)
667 goto error;
668 err = -EINVAL;
669 if (!parse.p.key)
670 goto error;
671 if (parse.idx < 0 || parse.idx > 4)
672 goto error;
673 if (parse.def) {
674 if (def)
675 goto error;
676 def = 1;
677 result->def = parse.idx;
678 if (!parse.def_uni || !parse.def_multi)
679 goto error;
680 } else if (parse.defmgmt)
681 goto error;
682 err = cfg80211_validate_key_settings(rdev, &parse.p,
683 parse.idx, false, NULL);
684 if (err)
685 goto error;
686 result->params[parse.idx].cipher = parse.p.cipher;
687 result->params[parse.idx].key_len = parse.p.key_len;
688 result->params[parse.idx].key = result->data[parse.idx];
689 memcpy(result->data[parse.idx], parse.p.key, parse.p.key_len);
690 }
691
692 return result;
693 error:
694 kfree(result);
695 return ERR_PTR(err);
696}
697
698static int nl80211_key_allowed(struct wireless_dev *wdev)
699{
700 ASSERT_WDEV_LOCK(wdev);
701
702 switch (wdev->iftype) {
703 case NL80211_IFTYPE_AP:
704 case NL80211_IFTYPE_AP_VLAN:
705 case NL80211_IFTYPE_P2P_GO:
706 case NL80211_IFTYPE_MESH_POINT:
707 break;
708 case NL80211_IFTYPE_ADHOC:
709 if (!wdev->current_bss)
710 return -ENOLINK;
711 break;
712 case NL80211_IFTYPE_STATION:
713 case NL80211_IFTYPE_P2P_CLIENT:
714 if (wdev->sme_state != CFG80211_SME_CONNECTED)
715 return -ENOLINK;
716 break;
717 default:
718 return -EINVAL;
719 }
720
721 return 0;
722}
723
724static int nl80211_put_iftypes(struct sk_buff *msg, u32 attr, u16 ifmodes)
725{
726 struct nlattr *nl_modes = nla_nest_start(msg, attr);
727 int i;
728
729 if (!nl_modes)
730 goto nla_put_failure;
731
732 i = 0;
733 while (ifmodes) {
734 if (ifmodes & 1)
735 NLA_PUT_FLAG(msg, i);
736 ifmodes >>= 1;
737 i++;
738 }
739
740 nla_nest_end(msg, nl_modes);
741 return 0;
742
743nla_put_failure:
744 return -ENOBUFS;
745}
746
747static int nl80211_put_iface_combinations(struct wiphy *wiphy,
748 struct sk_buff *msg)
749{
750 struct nlattr *nl_combis;
751 int i, j;
752
753 nl_combis = nla_nest_start(msg,
754 NL80211_ATTR_INTERFACE_COMBINATIONS);
755 if (!nl_combis)
756 goto nla_put_failure;
757
758 for (i = 0; i < wiphy->n_iface_combinations; i++) {
759 const struct ieee80211_iface_combination *c;
760 struct nlattr *nl_combi, *nl_limits;
761
762 c = &wiphy->iface_combinations[i];
763
764 nl_combi = nla_nest_start(msg, i + 1);
765 if (!nl_combi)
766 goto nla_put_failure;
767
768 nl_limits = nla_nest_start(msg, NL80211_IFACE_COMB_LIMITS);
769 if (!nl_limits)
770 goto nla_put_failure;
771
772 for (j = 0; j < c->n_limits; j++) {
773 struct nlattr *nl_limit;
774
775 nl_limit = nla_nest_start(msg, j + 1);
776 if (!nl_limit)
777 goto nla_put_failure;
778 NLA_PUT_U32(msg, NL80211_IFACE_LIMIT_MAX,
779 c->limits[j].max);
780 if (nl80211_put_iftypes(msg, NL80211_IFACE_LIMIT_TYPES,
781 c->limits[j].types))
782 goto nla_put_failure;
783 nla_nest_end(msg, nl_limit);
784 }
785
786 nla_nest_end(msg, nl_limits);
787
788 if (c->beacon_int_infra_match)
789 NLA_PUT_FLAG(msg,
790 NL80211_IFACE_COMB_STA_AP_BI_MATCH);
791 NLA_PUT_U32(msg, NL80211_IFACE_COMB_NUM_CHANNELS,
792 c->num_different_channels);
793 NLA_PUT_U32(msg, NL80211_IFACE_COMB_MAXNUM,
794 c->max_interfaces);
795
796 nla_nest_end(msg, nl_combi);
797 }
798
799 nla_nest_end(msg, nl_combis);
800
801 return 0;
802nla_put_failure:
803 return -ENOBUFS;
804}
805
806static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags,
807 struct cfg80211_registered_device *dev)
808{
809 void *hdr;
810 struct nlattr *nl_bands, *nl_band;
811 struct nlattr *nl_freqs, *nl_freq;
812 struct nlattr *nl_rates, *nl_rate;
813 struct nlattr *nl_cmds;
814 enum ieee80211_band band;
815 struct ieee80211_channel *chan;
816 struct ieee80211_rate *rate;
817 int i;
818 const struct ieee80211_txrx_stypes *mgmt_stypes =
819 dev->wiphy.mgmt_stypes;
820
821 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_WIPHY);
822 if (!hdr)
823 return -1;
824
825 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, dev->wiphy_idx);
826 NLA_PUT_STRING(msg, NL80211_ATTR_WIPHY_NAME, wiphy_name(&dev->wiphy));
827
828 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION,
829 cfg80211_rdev_list_generation);
830
831 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_SHORT,
832 dev->wiphy.retry_short);
833 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_LONG,
834 dev->wiphy.retry_long);
835 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD,
836 dev->wiphy.frag_threshold);
837 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD,
838 dev->wiphy.rts_threshold);
839 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_COVERAGE_CLASS,
840 dev->wiphy.coverage_class);
841 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_SCAN_SSIDS,
842 dev->wiphy.max_scan_ssids);
843 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS,
844 dev->wiphy.max_sched_scan_ssids);
845 NLA_PUT_U16(msg, NL80211_ATTR_MAX_SCAN_IE_LEN,
846 dev->wiphy.max_scan_ie_len);
847 NLA_PUT_U16(msg, NL80211_ATTR_MAX_SCHED_SCAN_IE_LEN,
848 dev->wiphy.max_sched_scan_ie_len);
849 NLA_PUT_U8(msg, NL80211_ATTR_MAX_MATCH_SETS,
850 dev->wiphy.max_match_sets);
851
852 if (dev->wiphy.flags & WIPHY_FLAG_IBSS_RSN)
853 NLA_PUT_FLAG(msg, NL80211_ATTR_SUPPORT_IBSS_RSN);
854 if (dev->wiphy.flags & WIPHY_FLAG_MESH_AUTH)
855 NLA_PUT_FLAG(msg, NL80211_ATTR_SUPPORT_MESH_AUTH);
856 if (dev->wiphy.flags & WIPHY_FLAG_AP_UAPSD)
857 NLA_PUT_FLAG(msg, NL80211_ATTR_SUPPORT_AP_UAPSD);
858 if (dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_FW_ROAM)
859 NLA_PUT_FLAG(msg, NL80211_ATTR_ROAM_SUPPORT);
860 if (dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS)
861 NLA_PUT_FLAG(msg, NL80211_ATTR_TDLS_SUPPORT);
862 if (dev->wiphy.flags & WIPHY_FLAG_TDLS_EXTERNAL_SETUP)
863 NLA_PUT_FLAG(msg, NL80211_ATTR_TDLS_EXTERNAL_SETUP);
864
865 NLA_PUT(msg, NL80211_ATTR_CIPHER_SUITES,
866 sizeof(u32) * dev->wiphy.n_cipher_suites,
867 dev->wiphy.cipher_suites);
868
869 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_PMKIDS,
870 dev->wiphy.max_num_pmkids);
871
872 if (dev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL)
873 NLA_PUT_FLAG(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE);
874
875 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_TX,
876 dev->wiphy.available_antennas_tx);
877 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_RX,
878 dev->wiphy.available_antennas_rx);
879
880 if (dev->wiphy.flags & WIPHY_FLAG_AP_PROBE_RESP_OFFLOAD)
881 NLA_PUT_U32(msg, NL80211_ATTR_PROBE_RESP_OFFLOAD,
882 dev->wiphy.probe_resp_offload);
883
884 if ((dev->wiphy.available_antennas_tx ||
885 dev->wiphy.available_antennas_rx) && dev->ops->get_antenna) {
886 u32 tx_ant = 0, rx_ant = 0;
887 int res;
888 res = dev->ops->get_antenna(&dev->wiphy, &tx_ant, &rx_ant);
889 if (!res) {
890 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_TX, tx_ant);
891 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_ANTENNA_RX, rx_ant);
892 }
893 }
894
895 if (nl80211_put_iftypes(msg, NL80211_ATTR_SUPPORTED_IFTYPES,
896 dev->wiphy.interface_modes))
897 goto nla_put_failure;
898
899 nl_bands = nla_nest_start(msg, NL80211_ATTR_WIPHY_BANDS);
900 if (!nl_bands)
901 goto nla_put_failure;
902
903 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
904 if (!dev->wiphy.bands[band])
905 continue;
906
907 nl_band = nla_nest_start(msg, band);
908 if (!nl_band)
909 goto nla_put_failure;
910
911 /* add HT info */
912 if (dev->wiphy.bands[band]->ht_cap.ht_supported) {
913 NLA_PUT(msg, NL80211_BAND_ATTR_HT_MCS_SET,
914 sizeof(dev->wiphy.bands[band]->ht_cap.mcs),
915 &dev->wiphy.bands[band]->ht_cap.mcs);
916 NLA_PUT_U16(msg, NL80211_BAND_ATTR_HT_CAPA,
917 dev->wiphy.bands[band]->ht_cap.cap);
918 NLA_PUT_U8(msg, NL80211_BAND_ATTR_HT_AMPDU_FACTOR,
919 dev->wiphy.bands[band]->ht_cap.ampdu_factor);
920 NLA_PUT_U8(msg, NL80211_BAND_ATTR_HT_AMPDU_DENSITY,
921 dev->wiphy.bands[band]->ht_cap.ampdu_density);
922 }
923
924 /* add frequencies */
925 nl_freqs = nla_nest_start(msg, NL80211_BAND_ATTR_FREQS);
926 if (!nl_freqs)
927 goto nla_put_failure;
928
929 for (i = 0; i < dev->wiphy.bands[band]->n_channels; i++) {
930 nl_freq = nla_nest_start(msg, i);
931 if (!nl_freq)
932 goto nla_put_failure;
933
934 chan = &dev->wiphy.bands[band]->channels[i];
935
936 if (nl80211_msg_put_channel(msg, chan))
937 goto nla_put_failure;
938
939 nla_nest_end(msg, nl_freq);
940 }
941
942 nla_nest_end(msg, nl_freqs);
943
944 /* add bitrates */
945 nl_rates = nla_nest_start(msg, NL80211_BAND_ATTR_RATES);
946 if (!nl_rates)
947 goto nla_put_failure;
948
949 for (i = 0; i < dev->wiphy.bands[band]->n_bitrates; i++) {
950 nl_rate = nla_nest_start(msg, i);
951 if (!nl_rate)
952 goto nla_put_failure;
953
954 rate = &dev->wiphy.bands[band]->bitrates[i];
955 NLA_PUT_U32(msg, NL80211_BITRATE_ATTR_RATE,
956 rate->bitrate);
957 if (rate->flags & IEEE80211_RATE_SHORT_PREAMBLE)
958 NLA_PUT_FLAG(msg,
959 NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE);
960
961 nla_nest_end(msg, nl_rate);
962 }
963
964 nla_nest_end(msg, nl_rates);
965
966 nla_nest_end(msg, nl_band);
967 }
968 nla_nest_end(msg, nl_bands);
969
970 nl_cmds = nla_nest_start(msg, NL80211_ATTR_SUPPORTED_COMMANDS);
971 if (!nl_cmds)
972 goto nla_put_failure;
973
974 i = 0;
975#define CMD(op, n) \
976 do { \
977 if (dev->ops->op) { \
978 i++; \
979 NLA_PUT_U32(msg, i, NL80211_CMD_ ## n); \
980 } \
981 } while (0)
982
983 CMD(add_virtual_intf, NEW_INTERFACE);
984 CMD(change_virtual_intf, SET_INTERFACE);
985 CMD(add_key, NEW_KEY);
986 CMD(start_ap, START_AP);
987 CMD(add_station, NEW_STATION);
988 CMD(add_mpath, NEW_MPATH);
989 CMD(update_mesh_config, SET_MESH_CONFIG);
990 CMD(change_bss, SET_BSS);
991 CMD(auth, AUTHENTICATE);
992 CMD(assoc, ASSOCIATE);
993 CMD(deauth, DEAUTHENTICATE);
994 CMD(disassoc, DISASSOCIATE);
995 CMD(join_ibss, JOIN_IBSS);
996 CMD(join_mesh, JOIN_MESH);
997 CMD(set_pmksa, SET_PMKSA);
998 CMD(del_pmksa, DEL_PMKSA);
999 CMD(flush_pmksa, FLUSH_PMKSA);
1000 if (dev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL)
1001 CMD(remain_on_channel, REMAIN_ON_CHANNEL);
1002 CMD(set_bitrate_mask, SET_TX_BITRATE_MASK);
1003 CMD(mgmt_tx, FRAME);
1004 CMD(mgmt_tx_cancel_wait, FRAME_WAIT_CANCEL);
1005 if (dev->wiphy.flags & WIPHY_FLAG_NETNS_OK) {
1006 i++;
1007 NLA_PUT_U32(msg, i, NL80211_CMD_SET_WIPHY_NETNS);
1008 }
1009 CMD(set_channel, SET_CHANNEL);
1010 CMD(set_wds_peer, SET_WDS_PEER);
1011 if (dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) {
1012 CMD(tdls_mgmt, TDLS_MGMT);
1013 CMD(tdls_oper, TDLS_OPER);
1014 }
1015 if (dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN)
1016 CMD(sched_scan_start, START_SCHED_SCAN);
1017 CMD(probe_client, PROBE_CLIENT);
1018 CMD(set_noack_map, SET_NOACK_MAP);
1019 if (dev->wiphy.flags & WIPHY_FLAG_REPORTS_OBSS) {
1020 i++;
1021 NLA_PUT_U32(msg, i, NL80211_CMD_REGISTER_BEACONS);
1022 }
1023
1024#ifdef CONFIG_NL80211_TESTMODE
1025 CMD(testmode_cmd, TESTMODE);
1026#endif
1027
1028#undef CMD
1029
1030 if (dev->ops->connect || dev->ops->auth) {
1031 i++;
1032 NLA_PUT_U32(msg, i, NL80211_CMD_CONNECT);
1033 }
1034
1035 if (dev->ops->disconnect || dev->ops->deauth) {
1036 i++;
1037 NLA_PUT_U32(msg, i, NL80211_CMD_DISCONNECT);
1038 }
1039
1040 nla_nest_end(msg, nl_cmds);
1041
1042 if (dev->ops->remain_on_channel &&
1043 dev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL)
1044 NLA_PUT_U32(msg, NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION,
1045 dev->wiphy.max_remain_on_channel_duration);
1046
1047 if (dev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX)
1048 NLA_PUT_FLAG(msg, NL80211_ATTR_OFFCHANNEL_TX_OK);
1049
1050 if (mgmt_stypes) {
1051 u16 stypes;
1052 struct nlattr *nl_ftypes, *nl_ifs;
1053 enum nl80211_iftype ift;
1054
1055 nl_ifs = nla_nest_start(msg, NL80211_ATTR_TX_FRAME_TYPES);
1056 if (!nl_ifs)
1057 goto nla_put_failure;
1058
1059 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) {
1060 nl_ftypes = nla_nest_start(msg, ift);
1061 if (!nl_ftypes)
1062 goto nla_put_failure;
1063 i = 0;
1064 stypes = mgmt_stypes[ift].tx;
1065 while (stypes) {
1066 if (stypes & 1)
1067 NLA_PUT_U16(msg, NL80211_ATTR_FRAME_TYPE,
1068 (i << 4) | IEEE80211_FTYPE_MGMT);
1069 stypes >>= 1;
1070 i++;
1071 }
1072 nla_nest_end(msg, nl_ftypes);
1073 }
1074
1075 nla_nest_end(msg, nl_ifs);
1076
1077 nl_ifs = nla_nest_start(msg, NL80211_ATTR_RX_FRAME_TYPES);
1078 if (!nl_ifs)
1079 goto nla_put_failure;
1080
1081 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) {
1082 nl_ftypes = nla_nest_start(msg, ift);
1083 if (!nl_ftypes)
1084 goto nla_put_failure;
1085 i = 0;
1086 stypes = mgmt_stypes[ift].rx;
1087 while (stypes) {
1088 if (stypes & 1)
1089 NLA_PUT_U16(msg, NL80211_ATTR_FRAME_TYPE,
1090 (i << 4) | IEEE80211_FTYPE_MGMT);
1091 stypes >>= 1;
1092 i++;
1093 }
1094 nla_nest_end(msg, nl_ftypes);
1095 }
1096 nla_nest_end(msg, nl_ifs);
1097 }
1098
1099 if (dev->wiphy.wowlan.flags || dev->wiphy.wowlan.n_patterns) {
1100 struct nlattr *nl_wowlan;
1101
1102 nl_wowlan = nla_nest_start(msg,
1103 NL80211_ATTR_WOWLAN_TRIGGERS_SUPPORTED);
1104 if (!nl_wowlan)
1105 goto nla_put_failure;
1106
1107 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_ANY)
1108 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_ANY);
1109 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_DISCONNECT)
1110 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_DISCONNECT);
1111 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_MAGIC_PKT)
1112 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT);
1113 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_SUPPORTS_GTK_REKEY)
1114 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_SUPPORTED);
1115 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_GTK_REKEY_FAILURE)
1116 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE);
1117 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_EAP_IDENTITY_REQ)
1118 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST);
1119 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_4WAY_HANDSHAKE)
1120 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE);
1121 if (dev->wiphy.wowlan.flags & WIPHY_WOWLAN_RFKILL_RELEASE)
1122 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE);
1123 if (dev->wiphy.wowlan.n_patterns) {
1124 struct nl80211_wowlan_pattern_support pat = {
1125 .max_patterns = dev->wiphy.wowlan.n_patterns,
1126 .min_pattern_len =
1127 dev->wiphy.wowlan.pattern_min_len,
1128 .max_pattern_len =
1129 dev->wiphy.wowlan.pattern_max_len,
1130 };
1131 NLA_PUT(msg, NL80211_WOWLAN_TRIG_PKT_PATTERN,
1132 sizeof(pat), &pat);
1133 }
1134
1135 nla_nest_end(msg, nl_wowlan);
1136 }
1137
1138 if (nl80211_put_iftypes(msg, NL80211_ATTR_SOFTWARE_IFTYPES,
1139 dev->wiphy.software_iftypes))
1140 goto nla_put_failure;
1141
1142 if (nl80211_put_iface_combinations(&dev->wiphy, msg))
1143 goto nla_put_failure;
1144
1145 if (dev->wiphy.flags & WIPHY_FLAG_HAVE_AP_SME)
1146 NLA_PUT_U32(msg, NL80211_ATTR_DEVICE_AP_SME,
1147 dev->wiphy.ap_sme_capa);
1148
1149 NLA_PUT_U32(msg, NL80211_ATTR_FEATURE_FLAGS, dev->wiphy.features);
1150
1151 if (dev->wiphy.ht_capa_mod_mask)
1152 NLA_PUT(msg, NL80211_ATTR_HT_CAPABILITY_MASK,
1153 sizeof(*dev->wiphy.ht_capa_mod_mask),
1154 dev->wiphy.ht_capa_mod_mask);
1155
1156 return genlmsg_end(msg, hdr);
1157
1158 nla_put_failure:
1159 genlmsg_cancel(msg, hdr);
1160 return -EMSGSIZE;
1161}
1162
1163static int nl80211_dump_wiphy(struct sk_buff *skb, struct netlink_callback *cb)
1164{
1165 int idx = 0;
1166 int start = cb->args[0];
1167 struct cfg80211_registered_device *dev;
1168
1169 mutex_lock(&cfg80211_mutex);
1170 list_for_each_entry(dev, &cfg80211_rdev_list, list) {
1171 if (!net_eq(wiphy_net(&dev->wiphy), sock_net(skb->sk)))
1172 continue;
1173 if (++idx <= start)
1174 continue;
1175 if (nl80211_send_wiphy(skb, NETLINK_CB(cb->skb).pid,
1176 cb->nlh->nlmsg_seq, NLM_F_MULTI,
1177 dev) < 0) {
1178 idx--;
1179 break;
1180 }
1181 }
1182 mutex_unlock(&cfg80211_mutex);
1183
1184 cb->args[0] = idx;
1185
1186 return skb->len;
1187}
1188
1189static int nl80211_get_wiphy(struct sk_buff *skb, struct genl_info *info)
1190{
1191 struct sk_buff *msg;
1192 struct cfg80211_registered_device *dev = info->user_ptr[0];
1193
1194 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
1195 if (!msg)
1196 return -ENOMEM;
1197
1198 if (nl80211_send_wiphy(msg, info->snd_pid, info->snd_seq, 0, dev) < 0) {
1199 nlmsg_free(msg);
1200 return -ENOBUFS;
1201 }
1202
1203 return genlmsg_reply(msg, info);
1204}
1205
1206static const struct nla_policy txq_params_policy[NL80211_TXQ_ATTR_MAX + 1] = {
1207 [NL80211_TXQ_ATTR_QUEUE] = { .type = NLA_U8 },
1208 [NL80211_TXQ_ATTR_TXOP] = { .type = NLA_U16 },
1209 [NL80211_TXQ_ATTR_CWMIN] = { .type = NLA_U16 },
1210 [NL80211_TXQ_ATTR_CWMAX] = { .type = NLA_U16 },
1211 [NL80211_TXQ_ATTR_AIFS] = { .type = NLA_U8 },
1212};
1213
1214static int parse_txq_params(struct nlattr *tb[],
1215 struct ieee80211_txq_params *txq_params)
1216{
1217 if (!tb[NL80211_TXQ_ATTR_QUEUE] || !tb[NL80211_TXQ_ATTR_TXOP] ||
1218 !tb[NL80211_TXQ_ATTR_CWMIN] || !tb[NL80211_TXQ_ATTR_CWMAX] ||
1219 !tb[NL80211_TXQ_ATTR_AIFS])
1220 return -EINVAL;
1221
1222 txq_params->queue = nla_get_u8(tb[NL80211_TXQ_ATTR_QUEUE]);
1223 txq_params->txop = nla_get_u16(tb[NL80211_TXQ_ATTR_TXOP]);
1224 txq_params->cwmin = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMIN]);
1225 txq_params->cwmax = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMAX]);
1226 txq_params->aifs = nla_get_u8(tb[NL80211_TXQ_ATTR_AIFS]);
1227
1228 return 0;
1229}
1230
1231static bool nl80211_can_set_dev_channel(struct wireless_dev *wdev)
1232{
1233 /*
1234 * You can only set the channel explicitly for AP, mesh
1235 * and WDS type interfaces; all others have their channel
1236 * managed via their respective "establish a connection"
1237 * command (connect, join, ...)
1238 *
1239 * Monitors are special as they are normally slaved to
1240 * whatever else is going on, so they behave as though
1241 * you tried setting the wiphy channel itself.
1242 */
1243 return !wdev ||
1244 wdev->iftype == NL80211_IFTYPE_AP ||
1245 wdev->iftype == NL80211_IFTYPE_WDS ||
1246 wdev->iftype == NL80211_IFTYPE_MESH_POINT ||
1247 wdev->iftype == NL80211_IFTYPE_MONITOR ||
1248 wdev->iftype == NL80211_IFTYPE_P2P_GO;
1249}
1250
1251static int __nl80211_set_channel(struct cfg80211_registered_device *rdev,
1252 struct wireless_dev *wdev,
1253 struct genl_info *info)
1254{
1255 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT;
1256 u32 freq;
1257 int result;
1258
1259 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ])
1260 return -EINVAL;
1261
1262 if (!nl80211_can_set_dev_channel(wdev))
1263 return -EOPNOTSUPP;
1264
1265 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) {
1266 channel_type = nla_get_u32(info->attrs[
1267 NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
1268 if (channel_type != NL80211_CHAN_NO_HT &&
1269 channel_type != NL80211_CHAN_HT20 &&
1270 channel_type != NL80211_CHAN_HT40PLUS &&
1271 channel_type != NL80211_CHAN_HT40MINUS)
1272 return -EINVAL;
1273 }
1274
1275 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]);
1276
1277 mutex_lock(&rdev->devlist_mtx);
1278 if (wdev) {
1279 wdev_lock(wdev);
1280 result = cfg80211_set_freq(rdev, wdev, freq, channel_type);
1281 wdev_unlock(wdev);
1282 } else {
1283 result = cfg80211_set_freq(rdev, NULL, freq, channel_type);
1284 }
1285 mutex_unlock(&rdev->devlist_mtx);
1286
1287 return result;
1288}
1289
1290static int nl80211_set_channel(struct sk_buff *skb, struct genl_info *info)
1291{
1292 struct cfg80211_registered_device *rdev = info->user_ptr[0];
1293 struct net_device *netdev = info->user_ptr[1];
1294
1295 return __nl80211_set_channel(rdev, netdev->ieee80211_ptr, info);
1296}
1297
1298static int nl80211_set_wds_peer(struct sk_buff *skb, struct genl_info *info)
1299{
1300 struct cfg80211_registered_device *rdev = info->user_ptr[0];
1301 struct net_device *dev = info->user_ptr[1];
1302 struct wireless_dev *wdev = dev->ieee80211_ptr;
1303 const u8 *bssid;
1304
1305 if (!info->attrs[NL80211_ATTR_MAC])
1306 return -EINVAL;
1307
1308 if (netif_running(dev))
1309 return -EBUSY;
1310
1311 if (!rdev->ops->set_wds_peer)
1312 return -EOPNOTSUPP;
1313
1314 if (wdev->iftype != NL80211_IFTYPE_WDS)
1315 return -EOPNOTSUPP;
1316
1317 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
1318 return rdev->ops->set_wds_peer(wdev->wiphy, dev, bssid);
1319}
1320
1321
1322static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info)
1323{
1324 struct cfg80211_registered_device *rdev;
1325 struct net_device *netdev = NULL;
1326 struct wireless_dev *wdev;
1327 int result = 0, rem_txq_params = 0;
1328 struct nlattr *nl_txq_params;
1329 u32 changed;
1330 u8 retry_short = 0, retry_long = 0;
1331 u32 frag_threshold = 0, rts_threshold = 0;
1332 u8 coverage_class = 0;
1333
1334 /*
1335 * Try to find the wiphy and netdev. Normally this
1336 * function shouldn't need the netdev, but this is
1337 * done for backward compatibility -- previously
1338 * setting the channel was done per wiphy, but now
1339 * it is per netdev. Previous userland like hostapd
1340 * also passed a netdev to set_wiphy, so that it is
1341 * possible to let that go to the right netdev!
1342 */
1343 mutex_lock(&cfg80211_mutex);
1344
1345 if (info->attrs[NL80211_ATTR_IFINDEX]) {
1346 int ifindex = nla_get_u32(info->attrs[NL80211_ATTR_IFINDEX]);
1347
1348 netdev = dev_get_by_index(genl_info_net(info), ifindex);
1349 if (netdev && netdev->ieee80211_ptr) {
1350 rdev = wiphy_to_dev(netdev->ieee80211_ptr->wiphy);
1351 mutex_lock(&rdev->mtx);
1352 } else
1353 netdev = NULL;
1354 }
1355
1356 if (!netdev) {
1357 rdev = __cfg80211_rdev_from_info(info);
1358 if (IS_ERR(rdev)) {
1359 mutex_unlock(&cfg80211_mutex);
1360 return PTR_ERR(rdev);
1361 }
1362 wdev = NULL;
1363 netdev = NULL;
1364 result = 0;
1365
1366 mutex_lock(&rdev->mtx);
1367 } else if (netif_running(netdev) &&
1368 nl80211_can_set_dev_channel(netdev->ieee80211_ptr))
1369 wdev = netdev->ieee80211_ptr;
1370 else
1371 wdev = NULL;
1372
1373 /*
1374 * end workaround code, by now the rdev is available
1375 * and locked, and wdev may or may not be NULL.
1376 */
1377
1378 if (info->attrs[NL80211_ATTR_WIPHY_NAME])
1379 result = cfg80211_dev_rename(
1380 rdev, nla_data(info->attrs[NL80211_ATTR_WIPHY_NAME]));
1381
1382 mutex_unlock(&cfg80211_mutex);
1383
1384 if (result)
1385 goto bad_res;
1386
1387 if (info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS]) {
1388 struct ieee80211_txq_params txq_params;
1389 struct nlattr *tb[NL80211_TXQ_ATTR_MAX + 1];
1390
1391 if (!rdev->ops->set_txq_params) {
1392 result = -EOPNOTSUPP;
1393 goto bad_res;
1394 }
1395
1396 if (!netdev) {
1397 result = -EINVAL;
1398 goto bad_res;
1399 }
1400
1401 if (netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
1402 netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) {
1403 result = -EINVAL;
1404 goto bad_res;
1405 }
1406
1407 if (!netif_running(netdev)) {
1408 result = -ENETDOWN;
1409 goto bad_res;
1410 }
1411
1412 nla_for_each_nested(nl_txq_params,
1413 info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS],
1414 rem_txq_params) {
1415 nla_parse(tb, NL80211_TXQ_ATTR_MAX,
1416 nla_data(nl_txq_params),
1417 nla_len(nl_txq_params),
1418 txq_params_policy);
1419 result = parse_txq_params(tb, &txq_params);
1420 if (result)
1421 goto bad_res;
1422
1423 result = rdev->ops->set_txq_params(&rdev->wiphy,
1424 netdev,
1425 &txq_params);
1426 if (result)
1427 goto bad_res;
1428 }
1429 }
1430
1431 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
1432 result = __nl80211_set_channel(rdev, wdev, info);
1433 if (result)
1434 goto bad_res;
1435 }
1436
1437 if (info->attrs[NL80211_ATTR_WIPHY_TX_POWER_SETTING]) {
1438 enum nl80211_tx_power_setting type;
1439 int idx, mbm = 0;
1440
1441 if (!rdev->ops->set_tx_power) {
1442 result = -EOPNOTSUPP;
1443 goto bad_res;
1444 }
1445
1446 idx = NL80211_ATTR_WIPHY_TX_POWER_SETTING;
1447 type = nla_get_u32(info->attrs[idx]);
1448
1449 if (!info->attrs[NL80211_ATTR_WIPHY_TX_POWER_LEVEL] &&
1450 (type != NL80211_TX_POWER_AUTOMATIC)) {
1451 result = -EINVAL;
1452 goto bad_res;
1453 }
1454
1455 if (type != NL80211_TX_POWER_AUTOMATIC) {
1456 idx = NL80211_ATTR_WIPHY_TX_POWER_LEVEL;
1457 mbm = nla_get_u32(info->attrs[idx]);
1458 }
1459
1460 result = rdev->ops->set_tx_power(&rdev->wiphy, type, mbm);
1461 if (result)
1462 goto bad_res;
1463 }
1464
1465 if (info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX] &&
1466 info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]) {
1467 u32 tx_ant, rx_ant;
1468 if ((!rdev->wiphy.available_antennas_tx &&
1469 !rdev->wiphy.available_antennas_rx) ||
1470 !rdev->ops->set_antenna) {
1471 result = -EOPNOTSUPP;
1472 goto bad_res;
1473 }
1474
1475 tx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX]);
1476 rx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]);
1477
1478 /* reject antenna configurations which don't match the
1479 * available antenna masks, except for the "all" mask */
1480 if ((~tx_ant && (tx_ant & ~rdev->wiphy.available_antennas_tx)) ||
1481 (~rx_ant && (rx_ant & ~rdev->wiphy.available_antennas_rx))) {
1482 result = -EINVAL;
1483 goto bad_res;
1484 }
1485
1486 tx_ant = tx_ant & rdev->wiphy.available_antennas_tx;
1487 rx_ant = rx_ant & rdev->wiphy.available_antennas_rx;
1488
1489 result = rdev->ops->set_antenna(&rdev->wiphy, tx_ant, rx_ant);
1490 if (result)
1491 goto bad_res;
1492 }
1493
1494 changed = 0;
1495
1496 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]) {
1497 retry_short = nla_get_u8(
1498 info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]);
1499 if (retry_short == 0) {
1500 result = -EINVAL;
1501 goto bad_res;
1502 }
1503 changed |= WIPHY_PARAM_RETRY_SHORT;
1504 }
1505
1506 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]) {
1507 retry_long = nla_get_u8(
1508 info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]);
1509 if (retry_long == 0) {
1510 result = -EINVAL;
1511 goto bad_res;
1512 }
1513 changed |= WIPHY_PARAM_RETRY_LONG;
1514 }
1515
1516 if (info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]) {
1517 frag_threshold = nla_get_u32(
1518 info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]);
1519 if (frag_threshold < 256) {
1520 result = -EINVAL;
1521 goto bad_res;
1522 }
1523 if (frag_threshold != (u32) -1) {
1524 /*
1525 * Fragments (apart from the last one) are required to
1526 * have even length. Make the fragmentation code
1527 * simpler by stripping LSB should someone try to use
1528 * odd threshold value.
1529 */
1530 frag_threshold &= ~0x1;
1531 }
1532 changed |= WIPHY_PARAM_FRAG_THRESHOLD;
1533 }
1534
1535 if (info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]) {
1536 rts_threshold = nla_get_u32(
1537 info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]);
1538 changed |= WIPHY_PARAM_RTS_THRESHOLD;
1539 }
1540
1541 if (info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]) {
1542 coverage_class = nla_get_u8(
1543 info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]);
1544 changed |= WIPHY_PARAM_COVERAGE_CLASS;
1545 }
1546
1547 if (changed) {
1548 u8 old_retry_short, old_retry_long;
1549 u32 old_frag_threshold, old_rts_threshold;
1550 u8 old_coverage_class;
1551
1552 if (!rdev->ops->set_wiphy_params) {
1553 result = -EOPNOTSUPP;
1554 goto bad_res;
1555 }
1556
1557 old_retry_short = rdev->wiphy.retry_short;
1558 old_retry_long = rdev->wiphy.retry_long;
1559 old_frag_threshold = rdev->wiphy.frag_threshold;
1560 old_rts_threshold = rdev->wiphy.rts_threshold;
1561 old_coverage_class = rdev->wiphy.coverage_class;
1562
1563 if (changed & WIPHY_PARAM_RETRY_SHORT)
1564 rdev->wiphy.retry_short = retry_short;
1565 if (changed & WIPHY_PARAM_RETRY_LONG)
1566 rdev->wiphy.retry_long = retry_long;
1567 if (changed & WIPHY_PARAM_FRAG_THRESHOLD)
1568 rdev->wiphy.frag_threshold = frag_threshold;
1569 if (changed & WIPHY_PARAM_RTS_THRESHOLD)
1570 rdev->wiphy.rts_threshold = rts_threshold;
1571 if (changed & WIPHY_PARAM_COVERAGE_CLASS)
1572 rdev->wiphy.coverage_class = coverage_class;
1573
1574 result = rdev->ops->set_wiphy_params(&rdev->wiphy, changed);
1575 if (result) {
1576 rdev->wiphy.retry_short = old_retry_short;
1577 rdev->wiphy.retry_long = old_retry_long;
1578 rdev->wiphy.frag_threshold = old_frag_threshold;
1579 rdev->wiphy.rts_threshold = old_rts_threshold;
1580 rdev->wiphy.coverage_class = old_coverage_class;
1581 }
1582 }
1583
1584 bad_res:
1585 mutex_unlock(&rdev->mtx);
1586 if (netdev)
1587 dev_put(netdev);
1588 return result;
1589}
1590
1591
1592static int nl80211_send_iface(struct sk_buff *msg, u32 pid, u32 seq, int flags,
1593 struct cfg80211_registered_device *rdev,
1594 struct net_device *dev)
1595{
1596 void *hdr;
1597
1598 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_INTERFACE);
1599 if (!hdr)
1600 return -1;
1601
1602 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex);
1603 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
1604 NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, dev->name);
1605 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, dev->ieee80211_ptr->iftype);
1606
1607 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION,
1608 rdev->devlist_generation ^
1609 (cfg80211_rdev_list_generation << 2));
1610
1611 return genlmsg_end(msg, hdr);
1612
1613 nla_put_failure:
1614 genlmsg_cancel(msg, hdr);
1615 return -EMSGSIZE;
1616}
1617
1618static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback *cb)
1619{
1620 int wp_idx = 0;
1621 int if_idx = 0;
1622 int wp_start = cb->args[0];
1623 int if_start = cb->args[1];
1624 struct cfg80211_registered_device *rdev;
1625 struct wireless_dev *wdev;
1626
1627 mutex_lock(&cfg80211_mutex);
1628 list_for_each_entry(rdev, &cfg80211_rdev_list, list) {
1629 if (!net_eq(wiphy_net(&rdev->wiphy), sock_net(skb->sk)))
1630 continue;
1631 if (wp_idx < wp_start) {
1632 wp_idx++;
1633 continue;
1634 }
1635 if_idx = 0;
1636
1637 mutex_lock(&rdev->devlist_mtx);
1638 list_for_each_entry(wdev, &rdev->netdev_list, list) {
1639 if (if_idx < if_start) {
1640 if_idx++;
1641 continue;
1642 }
1643 if (nl80211_send_iface(skb, NETLINK_CB(cb->skb).pid,
1644 cb->nlh->nlmsg_seq, NLM_F_MULTI,
1645 rdev, wdev->netdev) < 0) {
1646 mutex_unlock(&rdev->devlist_mtx);
1647 goto out;
1648 }
1649 if_idx++;
1650 }
1651 mutex_unlock(&rdev->devlist_mtx);
1652
1653 wp_idx++;
1654 }
1655 out:
1656 mutex_unlock(&cfg80211_mutex);
1657
1658 cb->args[0] = wp_idx;
1659 cb->args[1] = if_idx;
1660
1661 return skb->len;
1662}
1663
1664static int nl80211_get_interface(struct sk_buff *skb, struct genl_info *info)
1665{
1666 struct sk_buff *msg;
1667 struct cfg80211_registered_device *dev = info->user_ptr[0];
1668 struct net_device *netdev = info->user_ptr[1];
1669
1670 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
1671 if (!msg)
1672 return -ENOMEM;
1673
1674 if (nl80211_send_iface(msg, info->snd_pid, info->snd_seq, 0,
1675 dev, netdev) < 0) {
1676 nlmsg_free(msg);
1677 return -ENOBUFS;
1678 }
1679
1680 return genlmsg_reply(msg, info);
1681}
1682
1683static const struct nla_policy mntr_flags_policy[NL80211_MNTR_FLAG_MAX + 1] = {
1684 [NL80211_MNTR_FLAG_FCSFAIL] = { .type = NLA_FLAG },
1685 [NL80211_MNTR_FLAG_PLCPFAIL] = { .type = NLA_FLAG },
1686 [NL80211_MNTR_FLAG_CONTROL] = { .type = NLA_FLAG },
1687 [NL80211_MNTR_FLAG_OTHER_BSS] = { .type = NLA_FLAG },
1688 [NL80211_MNTR_FLAG_COOK_FRAMES] = { .type = NLA_FLAG },
1689};
1690
1691static int parse_monitor_flags(struct nlattr *nla, u32 *mntrflags)
1692{
1693 struct nlattr *flags[NL80211_MNTR_FLAG_MAX + 1];
1694 int flag;
1695
1696 *mntrflags = 0;
1697
1698 if (!nla)
1699 return -EINVAL;
1700
1701 if (nla_parse_nested(flags, NL80211_MNTR_FLAG_MAX,
1702 nla, mntr_flags_policy))
1703 return -EINVAL;
1704
1705 for (flag = 1; flag <= NL80211_MNTR_FLAG_MAX; flag++)
1706 if (flags[flag])
1707 *mntrflags |= (1<<flag);
1708
1709 return 0;
1710}
1711
1712static int nl80211_valid_4addr(struct cfg80211_registered_device *rdev,
1713 struct net_device *netdev, u8 use_4addr,
1714 enum nl80211_iftype iftype)
1715{
1716 if (!use_4addr) {
1717 if (netdev && (netdev->priv_flags & IFF_BRIDGE_PORT))
1718 return -EBUSY;
1719 return 0;
1720 }
1721
1722 switch (iftype) {
1723 case NL80211_IFTYPE_AP_VLAN:
1724 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_AP)
1725 return 0;
1726 break;
1727 case NL80211_IFTYPE_STATION:
1728 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_STATION)
1729 return 0;
1730 break;
1731 default:
1732 break;
1733 }
1734
1735 return -EOPNOTSUPP;
1736}
1737
1738static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
1739{
1740 struct cfg80211_registered_device *rdev = info->user_ptr[0];
1741 struct vif_params params;
1742 int err;
1743 enum nl80211_iftype otype, ntype;
1744 struct net_device *dev = info->user_ptr[1];
1745 u32 _flags, *flags = NULL;
1746 bool change = false;
1747
1748 memset(&params, 0, sizeof(params));
1749
1750 otype = ntype = dev->ieee80211_ptr->iftype;
1751
1752 if (info->attrs[NL80211_ATTR_IFTYPE]) {
1753 ntype = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]);
1754 if (otype != ntype)
1755 change = true;
1756 if (ntype > NL80211_IFTYPE_MAX)
1757 return -EINVAL;
1758 }
1759
1760 if (info->attrs[NL80211_ATTR_MESH_ID]) {
1761 struct wireless_dev *wdev = dev->ieee80211_ptr;
1762
1763 if (ntype != NL80211_IFTYPE_MESH_POINT)
1764 return -EINVAL;
1765 if (netif_running(dev))
1766 return -EBUSY;
1767
1768 wdev_lock(wdev);
1769 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN !=
1770 IEEE80211_MAX_MESH_ID_LEN);
1771 wdev->mesh_id_up_len =
1772 nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
1773 memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]),
1774 wdev->mesh_id_up_len);
1775 wdev_unlock(wdev);
1776 }
1777
1778 if (info->attrs[NL80211_ATTR_4ADDR]) {
1779 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]);
1780 change = true;
1781 err = nl80211_valid_4addr(rdev, dev, params.use_4addr, ntype);
1782 if (err)
1783 return err;
1784 } else {
1785 params.use_4addr = -1;
1786 }
1787
1788 if (info->attrs[NL80211_ATTR_MNTR_FLAGS]) {
1789 if (ntype != NL80211_IFTYPE_MONITOR)
1790 return -EINVAL;
1791 err = parse_monitor_flags(info->attrs[NL80211_ATTR_MNTR_FLAGS],
1792 &_flags);
1793 if (err)
1794 return err;
1795
1796 flags = &_flags;
1797 change = true;
1798 }
1799
1800 if (change)
1801 err = cfg80211_change_iface(rdev, dev, ntype, flags, &params);
1802 else
1803 err = 0;
1804
1805 if (!err && params.use_4addr != -1)
1806 dev->ieee80211_ptr->use_4addr = params.use_4addr;
1807
1808 return err;
1809}
1810
1811static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info)
1812{
1813 struct cfg80211_registered_device *rdev = info->user_ptr[0];
1814 struct vif_params params;
1815 struct net_device *dev;
1816 int err;
1817 enum nl80211_iftype type = NL80211_IFTYPE_UNSPECIFIED;
1818 u32 flags;
1819
1820 memset(&params, 0, sizeof(params));
1821
1822 if (!info->attrs[NL80211_ATTR_IFNAME])
1823 return -EINVAL;
1824
1825 if (info->attrs[NL80211_ATTR_IFTYPE]) {
1826 type = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]);
1827 if (type > NL80211_IFTYPE_MAX)
1828 return -EINVAL;
1829 }
1830
1831 if (!rdev->ops->add_virtual_intf ||
1832 !(rdev->wiphy.interface_modes & (1 << type)))
1833 return -EOPNOTSUPP;
1834
1835 if (info->attrs[NL80211_ATTR_4ADDR]) {
1836 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]);
1837 err = nl80211_valid_4addr(rdev, NULL, params.use_4addr, type);
1838 if (err)
1839 return err;
1840 }
1841
1842 err = parse_monitor_flags(type == NL80211_IFTYPE_MONITOR ?
1843 info->attrs[NL80211_ATTR_MNTR_FLAGS] : NULL,
1844 &flags);
1845 dev = rdev->ops->add_virtual_intf(&rdev->wiphy,
1846 nla_data(info->attrs[NL80211_ATTR_IFNAME]),
1847 type, err ? NULL : &flags, &params);
1848 if (IS_ERR(dev))
1849 return PTR_ERR(dev);
1850
1851 if (type == NL80211_IFTYPE_MESH_POINT &&
1852 info->attrs[NL80211_ATTR_MESH_ID]) {
1853 struct wireless_dev *wdev = dev->ieee80211_ptr;
1854
1855 wdev_lock(wdev);
1856 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN !=
1857 IEEE80211_MAX_MESH_ID_LEN);
1858 wdev->mesh_id_up_len =
1859 nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
1860 memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]),
1861 wdev->mesh_id_up_len);
1862 wdev_unlock(wdev);
1863 }
1864
1865 return 0;
1866}
1867
1868static int nl80211_del_interface(struct sk_buff *skb, struct genl_info *info)
1869{
1870 struct cfg80211_registered_device *rdev = info->user_ptr[0];
1871 struct net_device *dev = info->user_ptr[1];
1872
1873 if (!rdev->ops->del_virtual_intf)
1874 return -EOPNOTSUPP;
1875
1876 return rdev->ops->del_virtual_intf(&rdev->wiphy, dev);
1877}
1878
1879static int nl80211_set_noack_map(struct sk_buff *skb, struct genl_info *info)
1880{
1881 struct cfg80211_registered_device *rdev = info->user_ptr[0];
1882 struct net_device *dev = info->user_ptr[1];
1883 u16 noack_map;
1884
1885 if (!info->attrs[NL80211_ATTR_NOACK_MAP])
1886 return -EINVAL;
1887
1888 if (!rdev->ops->set_noack_map)
1889 return -EOPNOTSUPP;
1890
1891 noack_map = nla_get_u16(info->attrs[NL80211_ATTR_NOACK_MAP]);
1892
1893 return rdev->ops->set_noack_map(&rdev->wiphy, dev, noack_map);
1894}
1895
1896struct get_key_cookie {
1897 struct sk_buff *msg;
1898 int error;
1899 int idx;
1900};
1901
1902static void get_key_callback(void *c, struct key_params *params)
1903{
1904 struct nlattr *key;
1905 struct get_key_cookie *cookie = c;
1906
1907 if (params->key)
1908 NLA_PUT(cookie->msg, NL80211_ATTR_KEY_DATA,
1909 params->key_len, params->key);
1910
1911 if (params->seq)
1912 NLA_PUT(cookie->msg, NL80211_ATTR_KEY_SEQ,
1913 params->seq_len, params->seq);
1914
1915 if (params->cipher)
1916 NLA_PUT_U32(cookie->msg, NL80211_ATTR_KEY_CIPHER,
1917 params->cipher);
1918
1919 key = nla_nest_start(cookie->msg, NL80211_ATTR_KEY);
1920 if (!key)
1921 goto nla_put_failure;
1922
1923 if (params->key)
1924 NLA_PUT(cookie->msg, NL80211_KEY_DATA,
1925 params->key_len, params->key);
1926
1927 if (params->seq)
1928 NLA_PUT(cookie->msg, NL80211_KEY_SEQ,
1929 params->seq_len, params->seq);
1930
1931 if (params->cipher)
1932 NLA_PUT_U32(cookie->msg, NL80211_KEY_CIPHER,
1933 params->cipher);
1934
1935 NLA_PUT_U8(cookie->msg, NL80211_ATTR_KEY_IDX, cookie->idx);
1936
1937 nla_nest_end(cookie->msg, key);
1938
1939 return;
1940 nla_put_failure:
1941 cookie->error = 1;
1942}
1943
1944static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info)
1945{
1946 struct cfg80211_registered_device *rdev = info->user_ptr[0];
1947 int err;
1948 struct net_device *dev = info->user_ptr[1];
1949 u8 key_idx = 0;
1950 const u8 *mac_addr = NULL;
1951 bool pairwise;
1952 struct get_key_cookie cookie = {
1953 .error = 0,
1954 };
1955 void *hdr;
1956 struct sk_buff *msg;
1957
1958 if (info->attrs[NL80211_ATTR_KEY_IDX])
1959 key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);
1960
1961 if (key_idx > 5)
1962 return -EINVAL;
1963
1964 if (info->attrs[NL80211_ATTR_MAC])
1965 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
1966
1967 pairwise = !!mac_addr;
1968 if (info->attrs[NL80211_ATTR_KEY_TYPE]) {
1969 u32 kt = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]);
1970 if (kt >= NUM_NL80211_KEYTYPES)
1971 return -EINVAL;
1972 if (kt != NL80211_KEYTYPE_GROUP &&
1973 kt != NL80211_KEYTYPE_PAIRWISE)
1974 return -EINVAL;
1975 pairwise = kt == NL80211_KEYTYPE_PAIRWISE;
1976 }
1977
1978 if (!rdev->ops->get_key)
1979 return -EOPNOTSUPP;
1980
1981 if (!pairwise && mac_addr && !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN))
1982 return -ENOENT;
1983
1984 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
1985 if (!msg)
1986 return -ENOMEM;
1987
1988 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0,
1989 NL80211_CMD_NEW_KEY);
1990 if (IS_ERR(hdr))
1991 return PTR_ERR(hdr);
1992
1993 cookie.msg = msg;
1994 cookie.idx = key_idx;
1995
1996 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex);
1997 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
1998 if (mac_addr)
1999 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr);
2000
2001 err = rdev->ops->get_key(&rdev->wiphy, dev, key_idx, pairwise,
2002 mac_addr, &cookie, get_key_callback);
2003
2004 if (err)
2005 goto free_msg;
2006
2007 if (cookie.error)
2008 goto nla_put_failure;
2009
2010 genlmsg_end(msg, hdr);
2011 return genlmsg_reply(msg, info);
2012
2013 nla_put_failure:
2014 err = -ENOBUFS;
2015 free_msg:
2016 nlmsg_free(msg);
2017 return err;
2018}
2019
2020static int nl80211_set_key(struct sk_buff *skb, struct genl_info *info)
2021{
2022 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2023 struct key_parse key;
2024 int err;
2025 struct net_device *dev = info->user_ptr[1];
2026
2027 err = nl80211_parse_key(info, &key);
2028 if (err)
2029 return err;
2030
2031 if (key.idx < 0)
2032 return -EINVAL;
2033
2034 /* only support setting default key */
2035 if (!key.def && !key.defmgmt)
2036 return -EINVAL;
2037
2038 wdev_lock(dev->ieee80211_ptr);
2039
2040 if (key.def) {
2041 if (!rdev->ops->set_default_key) {
2042 err = -EOPNOTSUPP;
2043 goto out;
2044 }
2045
2046 err = nl80211_key_allowed(dev->ieee80211_ptr);
2047 if (err)
2048 goto out;
2049
2050 err = rdev->ops->set_default_key(&rdev->wiphy, dev, key.idx,
2051 key.def_uni, key.def_multi);
2052
2053 if (err)
2054 goto out;
2055
2056#ifdef CONFIG_CFG80211_WEXT
2057 dev->ieee80211_ptr->wext.default_key = key.idx;
2058#endif
2059 } else {
2060 if (key.def_uni || !key.def_multi) {
2061 err = -EINVAL;
2062 goto out;
2063 }
2064
2065 if (!rdev->ops->set_default_mgmt_key) {
2066 err = -EOPNOTSUPP;
2067 goto out;
2068 }
2069
2070 err = nl80211_key_allowed(dev->ieee80211_ptr);
2071 if (err)
2072 goto out;
2073
2074 err = rdev->ops->set_default_mgmt_key(&rdev->wiphy,
2075 dev, key.idx);
2076 if (err)
2077 goto out;
2078
2079#ifdef CONFIG_CFG80211_WEXT
2080 dev->ieee80211_ptr->wext.default_mgmt_key = key.idx;
2081#endif
2082 }
2083
2084 out:
2085 wdev_unlock(dev->ieee80211_ptr);
2086
2087 return err;
2088}
2089
2090static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info)
2091{
2092 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2093 int err;
2094 struct net_device *dev = info->user_ptr[1];
2095 struct key_parse key;
2096 const u8 *mac_addr = NULL;
2097
2098 err = nl80211_parse_key(info, &key);
2099 if (err)
2100 return err;
2101
2102 if (!key.p.key)
2103 return -EINVAL;
2104
2105 if (info->attrs[NL80211_ATTR_MAC])
2106 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
2107
2108 if (key.type == -1) {
2109 if (mac_addr)
2110 key.type = NL80211_KEYTYPE_PAIRWISE;
2111 else
2112 key.type = NL80211_KEYTYPE_GROUP;
2113 }
2114
2115 /* for now */
2116 if (key.type != NL80211_KEYTYPE_PAIRWISE &&
2117 key.type != NL80211_KEYTYPE_GROUP)
2118 return -EINVAL;
2119
2120 if (!rdev->ops->add_key)
2121 return -EOPNOTSUPP;
2122
2123 if (cfg80211_validate_key_settings(rdev, &key.p, key.idx,
2124 key.type == NL80211_KEYTYPE_PAIRWISE,
2125 mac_addr))
2126 return -EINVAL;
2127
2128 wdev_lock(dev->ieee80211_ptr);
2129 err = nl80211_key_allowed(dev->ieee80211_ptr);
2130 if (!err)
2131 err = rdev->ops->add_key(&rdev->wiphy, dev, key.idx,
2132 key.type == NL80211_KEYTYPE_PAIRWISE,
2133 mac_addr, &key.p);
2134 wdev_unlock(dev->ieee80211_ptr);
2135
2136 return err;
2137}
2138
2139static int nl80211_del_key(struct sk_buff *skb, struct genl_info *info)
2140{
2141 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2142 int err;
2143 struct net_device *dev = info->user_ptr[1];
2144 u8 *mac_addr = NULL;
2145 struct key_parse key;
2146
2147 err = nl80211_parse_key(info, &key);
2148 if (err)
2149 return err;
2150
2151 if (info->attrs[NL80211_ATTR_MAC])
2152 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
2153
2154 if (key.type == -1) {
2155 if (mac_addr)
2156 key.type = NL80211_KEYTYPE_PAIRWISE;
2157 else
2158 key.type = NL80211_KEYTYPE_GROUP;
2159 }
2160
2161 /* for now */
2162 if (key.type != NL80211_KEYTYPE_PAIRWISE &&
2163 key.type != NL80211_KEYTYPE_GROUP)
2164 return -EINVAL;
2165
2166 if (!rdev->ops->del_key)
2167 return -EOPNOTSUPP;
2168
2169 wdev_lock(dev->ieee80211_ptr);
2170 err = nl80211_key_allowed(dev->ieee80211_ptr);
2171
2172 if (key.type == NL80211_KEYTYPE_GROUP && mac_addr &&
2173 !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN))
2174 err = -ENOENT;
2175
2176 if (!err)
2177 err = rdev->ops->del_key(&rdev->wiphy, dev, key.idx,
2178 key.type == NL80211_KEYTYPE_PAIRWISE,
2179 mac_addr);
2180
2181#ifdef CONFIG_CFG80211_WEXT
2182 if (!err) {
2183 if (key.idx == dev->ieee80211_ptr->wext.default_key)
2184 dev->ieee80211_ptr->wext.default_key = -1;
2185 else if (key.idx == dev->ieee80211_ptr->wext.default_mgmt_key)
2186 dev->ieee80211_ptr->wext.default_mgmt_key = -1;
2187 }
2188#endif
2189 wdev_unlock(dev->ieee80211_ptr);
2190
2191 return err;
2192}
2193
2194static int nl80211_parse_beacon(struct genl_info *info,
2195 struct cfg80211_beacon_data *bcn)
2196{
2197 bool haveinfo = false;
2198
2199 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_BEACON_TAIL]) ||
2200 !is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]) ||
2201 !is_valid_ie_attr(info->attrs[NL80211_ATTR_IE_PROBE_RESP]) ||
2202 !is_valid_ie_attr(info->attrs[NL80211_ATTR_IE_ASSOC_RESP]))
2203 return -EINVAL;
2204
2205 memset(bcn, 0, sizeof(*bcn));
2206
2207 if (info->attrs[NL80211_ATTR_BEACON_HEAD]) {
2208 bcn->head = nla_data(info->attrs[NL80211_ATTR_BEACON_HEAD]);
2209 bcn->head_len = nla_len(info->attrs[NL80211_ATTR_BEACON_HEAD]);
2210 if (!bcn->head_len)
2211 return -EINVAL;
2212 haveinfo = true;
2213 }
2214
2215 if (info->attrs[NL80211_ATTR_BEACON_TAIL]) {
2216 bcn->tail = nla_data(info->attrs[NL80211_ATTR_BEACON_TAIL]);
2217 bcn->tail_len =
2218 nla_len(info->attrs[NL80211_ATTR_BEACON_TAIL]);
2219 haveinfo = true;
2220 }
2221
2222 if (!haveinfo)
2223 return -EINVAL;
2224
2225 if (info->attrs[NL80211_ATTR_IE]) {
2226 bcn->beacon_ies = nla_data(info->attrs[NL80211_ATTR_IE]);
2227 bcn->beacon_ies_len = nla_len(info->attrs[NL80211_ATTR_IE]);
2228 }
2229
2230 if (info->attrs[NL80211_ATTR_IE_PROBE_RESP]) {
2231 bcn->proberesp_ies =
2232 nla_data(info->attrs[NL80211_ATTR_IE_PROBE_RESP]);
2233 bcn->proberesp_ies_len =
2234 nla_len(info->attrs[NL80211_ATTR_IE_PROBE_RESP]);
2235 }
2236
2237 if (info->attrs[NL80211_ATTR_IE_ASSOC_RESP]) {
2238 bcn->assocresp_ies =
2239 nla_data(info->attrs[NL80211_ATTR_IE_ASSOC_RESP]);
2240 bcn->assocresp_ies_len =
2241 nla_len(info->attrs[NL80211_ATTR_IE_ASSOC_RESP]);
2242 }
2243
2244 if (info->attrs[NL80211_ATTR_PROBE_RESP]) {
2245 bcn->probe_resp =
2246 nla_data(info->attrs[NL80211_ATTR_PROBE_RESP]);
2247 bcn->probe_resp_len =
2248 nla_len(info->attrs[NL80211_ATTR_PROBE_RESP]);
2249 }
2250
2251 return 0;
2252}
2253
2254static int nl80211_start_ap(struct sk_buff *skb, struct genl_info *info)
2255{
2256 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2257 struct net_device *dev = info->user_ptr[1];
2258 struct wireless_dev *wdev = dev->ieee80211_ptr;
2259 struct cfg80211_ap_settings params;
2260 int err;
2261
2262 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
2263 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
2264 return -EOPNOTSUPP;
2265
2266 if (!rdev->ops->start_ap)
2267 return -EOPNOTSUPP;
2268
2269 if (wdev->beacon_interval)
2270 return -EALREADY;
2271
2272 memset(&params, 0, sizeof(params));
2273
2274 /* these are required for START_AP */
2275 if (!info->attrs[NL80211_ATTR_BEACON_INTERVAL] ||
2276 !info->attrs[NL80211_ATTR_DTIM_PERIOD] ||
2277 !info->attrs[NL80211_ATTR_BEACON_HEAD])
2278 return -EINVAL;
2279
2280 err = nl80211_parse_beacon(info, &params.beacon);
2281 if (err)
2282 return err;
2283
2284 params.beacon_interval =
2285 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]);
2286 params.dtim_period =
2287 nla_get_u32(info->attrs[NL80211_ATTR_DTIM_PERIOD]);
2288
2289 err = cfg80211_validate_beacon_int(rdev, params.beacon_interval);
2290 if (err)
2291 return err;
2292
2293 /*
2294 * In theory, some of these attributes should be required here
2295 * but since they were not used when the command was originally
2296 * added, keep them optional for old user space programs to let
2297 * them continue to work with drivers that do not need the
2298 * additional information -- drivers must check!
2299 */
2300 if (info->attrs[NL80211_ATTR_SSID]) {
2301 params.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
2302 params.ssid_len =
2303 nla_len(info->attrs[NL80211_ATTR_SSID]);
2304 if (params.ssid_len == 0 ||
2305 params.ssid_len > IEEE80211_MAX_SSID_LEN)
2306 return -EINVAL;
2307 }
2308
2309 if (info->attrs[NL80211_ATTR_HIDDEN_SSID]) {
2310 params.hidden_ssid = nla_get_u32(
2311 info->attrs[NL80211_ATTR_HIDDEN_SSID]);
2312 if (params.hidden_ssid != NL80211_HIDDEN_SSID_NOT_IN_USE &&
2313 params.hidden_ssid != NL80211_HIDDEN_SSID_ZERO_LEN &&
2314 params.hidden_ssid != NL80211_HIDDEN_SSID_ZERO_CONTENTS)
2315 return -EINVAL;
2316 }
2317
2318 params.privacy = !!info->attrs[NL80211_ATTR_PRIVACY];
2319
2320 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) {
2321 params.auth_type = nla_get_u32(
2322 info->attrs[NL80211_ATTR_AUTH_TYPE]);
2323 if (!nl80211_valid_auth_type(params.auth_type))
2324 return -EINVAL;
2325 } else
2326 params.auth_type = NL80211_AUTHTYPE_AUTOMATIC;
2327
2328 err = nl80211_crypto_settings(rdev, info, &params.crypto,
2329 NL80211_MAX_NR_CIPHER_SUITES);
2330 if (err)
2331 return err;
2332
2333 if (info->attrs[NL80211_ATTR_INACTIVITY_TIMEOUT]) {
2334 if (!(rdev->wiphy.features & NL80211_FEATURE_INACTIVITY_TIMER))
2335 return -EOPNOTSUPP;
2336 params.inactivity_timeout = nla_get_u16(
2337 info->attrs[NL80211_ATTR_INACTIVITY_TIMEOUT]);
2338 }
2339
2340 err = rdev->ops->start_ap(&rdev->wiphy, dev, &params);
2341 if (!err)
2342 wdev->beacon_interval = params.beacon_interval;
2343 return err;
2344}
2345
2346static int nl80211_set_beacon(struct sk_buff *skb, struct genl_info *info)
2347{
2348 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2349 struct net_device *dev = info->user_ptr[1];
2350 struct wireless_dev *wdev = dev->ieee80211_ptr;
2351 struct cfg80211_beacon_data params;
2352 int err;
2353
2354 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
2355 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
2356 return -EOPNOTSUPP;
2357
2358 if (!rdev->ops->change_beacon)
2359 return -EOPNOTSUPP;
2360
2361 if (!wdev->beacon_interval)
2362 return -EINVAL;
2363
2364 err = nl80211_parse_beacon(info, &params);
2365 if (err)
2366 return err;
2367
2368 return rdev->ops->change_beacon(&rdev->wiphy, dev, &params);
2369}
2370
2371static int nl80211_stop_ap(struct sk_buff *skb, struct genl_info *info)
2372{
2373 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2374 struct net_device *dev = info->user_ptr[1];
2375 struct wireless_dev *wdev = dev->ieee80211_ptr;
2376 int err;
2377
2378 if (!rdev->ops->stop_ap)
2379 return -EOPNOTSUPP;
2380
2381 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
2382 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
2383 return -EOPNOTSUPP;
2384
2385 if (!wdev->beacon_interval)
2386 return -ENOENT;
2387
2388 err = rdev->ops->stop_ap(&rdev->wiphy, dev);
2389 if (!err)
2390 wdev->beacon_interval = 0;
2391 return err;
2392}
2393
2394static const struct nla_policy sta_flags_policy[NL80211_STA_FLAG_MAX + 1] = {
2395 [NL80211_STA_FLAG_AUTHORIZED] = { .type = NLA_FLAG },
2396 [NL80211_STA_FLAG_SHORT_PREAMBLE] = { .type = NLA_FLAG },
2397 [NL80211_STA_FLAG_WME] = { .type = NLA_FLAG },
2398 [NL80211_STA_FLAG_MFP] = { .type = NLA_FLAG },
2399 [NL80211_STA_FLAG_AUTHENTICATED] = { .type = NLA_FLAG },
2400 [NL80211_STA_FLAG_TDLS_PEER] = { .type = NLA_FLAG },
2401};
2402
2403static int parse_station_flags(struct genl_info *info,
2404 enum nl80211_iftype iftype,
2405 struct station_parameters *params)
2406{
2407 struct nlattr *flags[NL80211_STA_FLAG_MAX + 1];
2408 struct nlattr *nla;
2409 int flag;
2410
2411 /*
2412 * Try parsing the new attribute first so userspace
2413 * can specify both for older kernels.
2414 */
2415 nla = info->attrs[NL80211_ATTR_STA_FLAGS2];
2416 if (nla) {
2417 struct nl80211_sta_flag_update *sta_flags;
2418
2419 sta_flags = nla_data(nla);
2420 params->sta_flags_mask = sta_flags->mask;
2421 params->sta_flags_set = sta_flags->set;
2422 if ((params->sta_flags_mask |
2423 params->sta_flags_set) & BIT(__NL80211_STA_FLAG_INVALID))
2424 return -EINVAL;
2425 return 0;
2426 }
2427
2428 /* if present, parse the old attribute */
2429
2430 nla = info->attrs[NL80211_ATTR_STA_FLAGS];
2431 if (!nla)
2432 return 0;
2433
2434 if (nla_parse_nested(flags, NL80211_STA_FLAG_MAX,
2435 nla, sta_flags_policy))
2436 return -EINVAL;
2437
2438 /*
2439 * Only allow certain flags for interface types so that
2440 * other attributes are silently ignored. Remember that
2441 * this is backward compatibility code with old userspace
2442 * and shouldn't be hit in other cases anyway.
2443 */
2444 switch (iftype) {
2445 case NL80211_IFTYPE_AP:
2446 case NL80211_IFTYPE_AP_VLAN:
2447 case NL80211_IFTYPE_P2P_GO:
2448 params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHORIZED) |
2449 BIT(NL80211_STA_FLAG_SHORT_PREAMBLE) |
2450 BIT(NL80211_STA_FLAG_WME) |
2451 BIT(NL80211_STA_FLAG_MFP);
2452 break;
2453 case NL80211_IFTYPE_P2P_CLIENT:
2454 case NL80211_IFTYPE_STATION:
2455 params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHORIZED) |
2456 BIT(NL80211_STA_FLAG_TDLS_PEER);
2457 break;
2458 case NL80211_IFTYPE_MESH_POINT:
2459 params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHENTICATED) |
2460 BIT(NL80211_STA_FLAG_MFP) |
2461 BIT(NL80211_STA_FLAG_AUTHORIZED);
2462 default:
2463 return -EINVAL;
2464 }
2465
2466 for (flag = 1; flag <= NL80211_STA_FLAG_MAX; flag++)
2467 if (flags[flag])
2468 params->sta_flags_set |= (1<<flag);
2469
2470 return 0;
2471}
2472
2473static bool nl80211_put_sta_rate(struct sk_buff *msg, struct rate_info *info,
2474 int attr)
2475{
2476 struct nlattr *rate;
2477 u16 bitrate;
2478
2479 rate = nla_nest_start(msg, attr);
2480 if (!rate)
2481 goto nla_put_failure;
2482
2483 /* cfg80211_calculate_bitrate will return 0 for mcs >= 32 */
2484 bitrate = cfg80211_calculate_bitrate(info);
2485 if (bitrate > 0)
2486 NLA_PUT_U16(msg, NL80211_RATE_INFO_BITRATE, bitrate);
2487
2488 if (info->flags & RATE_INFO_FLAGS_MCS)
2489 NLA_PUT_U8(msg, NL80211_RATE_INFO_MCS, info->mcs);
2490 if (info->flags & RATE_INFO_FLAGS_40_MHZ_WIDTH)
2491 NLA_PUT_FLAG(msg, NL80211_RATE_INFO_40_MHZ_WIDTH);
2492 if (info->flags & RATE_INFO_FLAGS_SHORT_GI)
2493 NLA_PUT_FLAG(msg, NL80211_RATE_INFO_SHORT_GI);
2494
2495 nla_nest_end(msg, rate);
2496 return true;
2497
2498nla_put_failure:
2499 return false;
2500}
2501
2502static int nl80211_send_station(struct sk_buff *msg, u32 pid, u32 seq,
2503 int flags,
2504 struct cfg80211_registered_device *rdev,
2505 struct net_device *dev,
2506 const u8 *mac_addr, struct station_info *sinfo)
2507{
2508 void *hdr;
2509 struct nlattr *sinfoattr, *bss_param;
2510
2511 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION);
2512 if (!hdr)
2513 return -1;
2514
2515 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex);
2516 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr);
2517
2518 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, sinfo->generation);
2519
2520 sinfoattr = nla_nest_start(msg, NL80211_ATTR_STA_INFO);
2521 if (!sinfoattr)
2522 goto nla_put_failure;
2523 if (sinfo->filled & STATION_INFO_CONNECTED_TIME)
2524 NLA_PUT_U32(msg, NL80211_STA_INFO_CONNECTED_TIME,
2525 sinfo->connected_time);
2526 if (sinfo->filled & STATION_INFO_INACTIVE_TIME)
2527 NLA_PUT_U32(msg, NL80211_STA_INFO_INACTIVE_TIME,
2528 sinfo->inactive_time);
2529 if (sinfo->filled & STATION_INFO_RX_BYTES)
2530 NLA_PUT_U32(msg, NL80211_STA_INFO_RX_BYTES,
2531 sinfo->rx_bytes);
2532 if (sinfo->filled & STATION_INFO_TX_BYTES)
2533 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_BYTES,
2534 sinfo->tx_bytes);
2535 if (sinfo->filled & STATION_INFO_LLID)
2536 NLA_PUT_U16(msg, NL80211_STA_INFO_LLID,
2537 sinfo->llid);
2538 if (sinfo->filled & STATION_INFO_PLID)
2539 NLA_PUT_U16(msg, NL80211_STA_INFO_PLID,
2540 sinfo->plid);
2541 if (sinfo->filled & STATION_INFO_PLINK_STATE)
2542 NLA_PUT_U8(msg, NL80211_STA_INFO_PLINK_STATE,
2543 sinfo->plink_state);
2544 switch (rdev->wiphy.signal_type) {
2545 case CFG80211_SIGNAL_TYPE_MBM:
2546 if (sinfo->filled & STATION_INFO_SIGNAL)
2547 NLA_PUT_U8(msg, NL80211_STA_INFO_SIGNAL,
2548 sinfo->signal);
2549 if (sinfo->filled & STATION_INFO_SIGNAL_AVG)
2550 NLA_PUT_U8(msg, NL80211_STA_INFO_SIGNAL_AVG,
2551 sinfo->signal_avg);
2552 break;
2553 default:
2554 break;
2555 }
2556 if (sinfo->filled & STATION_INFO_TX_BITRATE) {
2557 if (!nl80211_put_sta_rate(msg, &sinfo->txrate,
2558 NL80211_STA_INFO_TX_BITRATE))
2559 goto nla_put_failure;
2560 }
2561 if (sinfo->filled & STATION_INFO_RX_BITRATE) {
2562 if (!nl80211_put_sta_rate(msg, &sinfo->rxrate,
2563 NL80211_STA_INFO_RX_BITRATE))
2564 goto nla_put_failure;
2565 }
2566 if (sinfo->filled & STATION_INFO_RX_PACKETS)
2567 NLA_PUT_U32(msg, NL80211_STA_INFO_RX_PACKETS,
2568 sinfo->rx_packets);
2569 if (sinfo->filled & STATION_INFO_TX_PACKETS)
2570 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_PACKETS,
2571 sinfo->tx_packets);
2572 if (sinfo->filled & STATION_INFO_TX_RETRIES)
2573 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_RETRIES,
2574 sinfo->tx_retries);
2575 if (sinfo->filled & STATION_INFO_TX_FAILED)
2576 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_FAILED,
2577 sinfo->tx_failed);
2578 if (sinfo->filled & STATION_INFO_BEACON_LOSS_COUNT)
2579 NLA_PUT_U32(msg, NL80211_STA_INFO_BEACON_LOSS,
2580 sinfo->beacon_loss_count);
2581 if (sinfo->filled & STATION_INFO_BSS_PARAM) {
2582 bss_param = nla_nest_start(msg, NL80211_STA_INFO_BSS_PARAM);
2583 if (!bss_param)
2584 goto nla_put_failure;
2585
2586 if (sinfo->bss_param.flags & BSS_PARAM_FLAGS_CTS_PROT)
2587 NLA_PUT_FLAG(msg, NL80211_STA_BSS_PARAM_CTS_PROT);
2588 if (sinfo->bss_param.flags & BSS_PARAM_FLAGS_SHORT_PREAMBLE)
2589 NLA_PUT_FLAG(msg, NL80211_STA_BSS_PARAM_SHORT_PREAMBLE);
2590 if (sinfo->bss_param.flags & BSS_PARAM_FLAGS_SHORT_SLOT_TIME)
2591 NLA_PUT_FLAG(msg,
2592 NL80211_STA_BSS_PARAM_SHORT_SLOT_TIME);
2593 NLA_PUT_U8(msg, NL80211_STA_BSS_PARAM_DTIM_PERIOD,
2594 sinfo->bss_param.dtim_period);
2595 NLA_PUT_U16(msg, NL80211_STA_BSS_PARAM_BEACON_INTERVAL,
2596 sinfo->bss_param.beacon_interval);
2597
2598 nla_nest_end(msg, bss_param);
2599 }
2600 if (sinfo->filled & STATION_INFO_STA_FLAGS)
2601 NLA_PUT(msg, NL80211_STA_INFO_STA_FLAGS,
2602 sizeof(struct nl80211_sta_flag_update),
2603 &sinfo->sta_flags);
2604 nla_nest_end(msg, sinfoattr);
2605
2606 if (sinfo->filled & STATION_INFO_ASSOC_REQ_IES)
2607 NLA_PUT(msg, NL80211_ATTR_IE, sinfo->assoc_req_ies_len,
2608 sinfo->assoc_req_ies);
2609
2610 return genlmsg_end(msg, hdr);
2611
2612 nla_put_failure:
2613 genlmsg_cancel(msg, hdr);
2614 return -EMSGSIZE;
2615}
2616
2617static int nl80211_dump_station(struct sk_buff *skb,
2618 struct netlink_callback *cb)
2619{
2620 struct station_info sinfo;
2621 struct cfg80211_registered_device *dev;
2622 struct net_device *netdev;
2623 u8 mac_addr[ETH_ALEN];
2624 int sta_idx = cb->args[1];
2625 int err;
2626
2627 err = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev);
2628 if (err)
2629 return err;
2630
2631 if (!dev->ops->dump_station) {
2632 err = -EOPNOTSUPP;
2633 goto out_err;
2634 }
2635
2636 while (1) {
2637 memset(&sinfo, 0, sizeof(sinfo));
2638 err = dev->ops->dump_station(&dev->wiphy, netdev, sta_idx,
2639 mac_addr, &sinfo);
2640 if (err == -ENOENT)
2641 break;
2642 if (err)
2643 goto out_err;
2644
2645 if (nl80211_send_station(skb,
2646 NETLINK_CB(cb->skb).pid,
2647 cb->nlh->nlmsg_seq, NLM_F_MULTI,
2648 dev, netdev, mac_addr,
2649 &sinfo) < 0)
2650 goto out;
2651
2652 sta_idx++;
2653 }
2654
2655
2656 out:
2657 cb->args[1] = sta_idx;
2658 err = skb->len;
2659 out_err:
2660 nl80211_finish_netdev_dump(dev);
2661
2662 return err;
2663}
2664
2665static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info)
2666{
2667 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2668 struct net_device *dev = info->user_ptr[1];
2669 struct station_info sinfo;
2670 struct sk_buff *msg;
2671 u8 *mac_addr = NULL;
2672 int err;
2673
2674 memset(&sinfo, 0, sizeof(sinfo));
2675
2676 if (!info->attrs[NL80211_ATTR_MAC])
2677 return -EINVAL;
2678
2679 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
2680
2681 if (!rdev->ops->get_station)
2682 return -EOPNOTSUPP;
2683
2684 err = rdev->ops->get_station(&rdev->wiphy, dev, mac_addr, &sinfo);
2685 if (err)
2686 return err;
2687
2688 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
2689 if (!msg)
2690 return -ENOMEM;
2691
2692 if (nl80211_send_station(msg, info->snd_pid, info->snd_seq, 0,
2693 rdev, dev, mac_addr, &sinfo) < 0) {
2694 nlmsg_free(msg);
2695 return -ENOBUFS;
2696 }
2697
2698 return genlmsg_reply(msg, info);
2699}
2700
2701/*
2702 * Get vlan interface making sure it is running and on the right wiphy.
2703 */
2704static struct net_device *get_vlan(struct genl_info *info,
2705 struct cfg80211_registered_device *rdev)
2706{
2707 struct nlattr *vlanattr = info->attrs[NL80211_ATTR_STA_VLAN];
2708 struct net_device *v;
2709 int ret;
2710
2711 if (!vlanattr)
2712 return NULL;
2713
2714 v = dev_get_by_index(genl_info_net(info), nla_get_u32(vlanattr));
2715 if (!v)
2716 return ERR_PTR(-ENODEV);
2717
2718 if (!v->ieee80211_ptr || v->ieee80211_ptr->wiphy != &rdev->wiphy) {
2719 ret = -EINVAL;
2720 goto error;
2721 }
2722
2723 if (!netif_running(v)) {
2724 ret = -ENETDOWN;
2725 goto error;
2726 }
2727
2728 return v;
2729 error:
2730 dev_put(v);
2731 return ERR_PTR(ret);
2732}
2733
2734static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info)
2735{
2736 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2737 int err;
2738 struct net_device *dev = info->user_ptr[1];
2739 struct station_parameters params;
2740 u8 *mac_addr = NULL;
2741
2742 memset(&params, 0, sizeof(params));
2743
2744 params.listen_interval = -1;
2745 params.plink_state = -1;
2746
2747 if (info->attrs[NL80211_ATTR_STA_AID])
2748 return -EINVAL;
2749
2750 if (!info->attrs[NL80211_ATTR_MAC])
2751 return -EINVAL;
2752
2753 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
2754
2755 if (info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) {
2756 params.supported_rates =
2757 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
2758 params.supported_rates_len =
2759 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
2760 }
2761
2762 if (info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL])
2763 params.listen_interval =
2764 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]);
2765
2766 if (info->attrs[NL80211_ATTR_HT_CAPABILITY])
2767 params.ht_capa =
2768 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]);
2769
2770 if (!rdev->ops->change_station)
2771 return -EOPNOTSUPP;
2772
2773 if (parse_station_flags(info, dev->ieee80211_ptr->iftype, &params))
2774 return -EINVAL;
2775
2776 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION])
2777 params.plink_action =
2778 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]);
2779
2780 if (info->attrs[NL80211_ATTR_STA_PLINK_STATE])
2781 params.plink_state =
2782 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_STATE]);
2783
2784 switch (dev->ieee80211_ptr->iftype) {
2785 case NL80211_IFTYPE_AP:
2786 case NL80211_IFTYPE_AP_VLAN:
2787 case NL80211_IFTYPE_P2P_GO:
2788 /* disallow mesh-specific things */
2789 if (params.plink_action)
2790 return -EINVAL;
2791
2792 /* TDLS can't be set, ... */
2793 if (params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER))
2794 return -EINVAL;
2795 /*
2796 * ... but don't bother the driver with it. This works around
2797 * a hostapd/wpa_supplicant issue -- it always includes the
2798 * TLDS_PEER flag in the mask even for AP mode.
2799 */
2800 params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
2801
2802 /* accept only the listed bits */
2803 if (params.sta_flags_mask &
2804 ~(BIT(NL80211_STA_FLAG_AUTHORIZED) |
2805 BIT(NL80211_STA_FLAG_SHORT_PREAMBLE) |
2806 BIT(NL80211_STA_FLAG_WME) |
2807 BIT(NL80211_STA_FLAG_MFP)))
2808 return -EINVAL;
2809
2810 /* must be last in here for error handling */
2811 params.vlan = get_vlan(info, rdev);
2812 if (IS_ERR(params.vlan))
2813 return PTR_ERR(params.vlan);
2814 break;
2815 case NL80211_IFTYPE_P2P_CLIENT:
2816 case NL80211_IFTYPE_STATION:
2817 /*
2818 * Don't allow userspace to change the TDLS_PEER flag,
2819 * but silently ignore attempts to change it since we
2820 * don't have state here to verify that it doesn't try
2821 * to change the flag.
2822 */
2823 params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
2824 /* fall through */
2825 case NL80211_IFTYPE_ADHOC:
2826 /* disallow things sta doesn't support */
2827 if (params.plink_action)
2828 return -EINVAL;
2829 if (params.ht_capa)
2830 return -EINVAL;
2831 if (params.listen_interval >= 0)
2832 return -EINVAL;
2833 /* reject any changes other than AUTHORIZED */
2834 if (params.sta_flags_mask & ~BIT(NL80211_STA_FLAG_AUTHORIZED))
2835 return -EINVAL;
2836 break;
2837 case NL80211_IFTYPE_MESH_POINT:
2838 /* disallow things mesh doesn't support */
2839 if (params.vlan)
2840 return -EINVAL;
2841 if (params.ht_capa)
2842 return -EINVAL;
2843 if (params.listen_interval >= 0)
2844 return -EINVAL;
2845 /*
2846 * No special handling for TDLS here -- the userspace
2847 * mesh code doesn't have this bug.
2848 */
2849 if (params.sta_flags_mask &
2850 ~(BIT(NL80211_STA_FLAG_AUTHENTICATED) |
2851 BIT(NL80211_STA_FLAG_MFP) |
2852 BIT(NL80211_STA_FLAG_AUTHORIZED)))
2853 return -EINVAL;
2854 break;
2855 default:
2856 return -EOPNOTSUPP;
2857 }
2858
2859 /* be aware of params.vlan when changing code here */
2860
2861 err = rdev->ops->change_station(&rdev->wiphy, dev, mac_addr, &params);
2862
2863 if (params.vlan)
2864 dev_put(params.vlan);
2865
2866 return err;
2867}
2868
2869static struct nla_policy
2870nl80211_sta_wme_policy[NL80211_STA_WME_MAX + 1] __read_mostly = {
2871 [NL80211_STA_WME_UAPSD_QUEUES] = { .type = NLA_U8 },
2872 [NL80211_STA_WME_MAX_SP] = { .type = NLA_U8 },
2873};
2874
2875static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info)
2876{
2877 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2878 int err;
2879 struct net_device *dev = info->user_ptr[1];
2880 struct station_parameters params;
2881 u8 *mac_addr = NULL;
2882
2883 memset(&params, 0, sizeof(params));
2884
2885 if (!info->attrs[NL80211_ATTR_MAC])
2886 return -EINVAL;
2887
2888 if (!info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL])
2889 return -EINVAL;
2890
2891 if (!info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES])
2892 return -EINVAL;
2893
2894 if (!info->attrs[NL80211_ATTR_STA_AID])
2895 return -EINVAL;
2896
2897 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
2898 params.supported_rates =
2899 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
2900 params.supported_rates_len =
2901 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
2902 params.listen_interval =
2903 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]);
2904
2905 params.aid = nla_get_u16(info->attrs[NL80211_ATTR_STA_AID]);
2906 if (!params.aid || params.aid > IEEE80211_MAX_AID)
2907 return -EINVAL;
2908
2909 if (info->attrs[NL80211_ATTR_HT_CAPABILITY])
2910 params.ht_capa =
2911 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]);
2912
2913 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION])
2914 params.plink_action =
2915 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]);
2916
2917 if (!rdev->ops->add_station)
2918 return -EOPNOTSUPP;
2919
2920 if (parse_station_flags(info, dev->ieee80211_ptr->iftype, &params))
2921 return -EINVAL;
2922
2923 /* HT requires QoS, but if we don't have that just ignore HT/VHT
2924 * as userspace might just pass through the capabilities from the IEs
2925 * directly, rather than enforcing this restriction and returning an
2926 * error in this case.
2927 */
2928 if (!(params.sta_flags_set & BIT(NL80211_STA_FLAG_WME)))
2929 params.ht_capa = NULL;
2930
2931 switch (dev->ieee80211_ptr->iftype) {
2932 case NL80211_IFTYPE_AP:
2933 case NL80211_IFTYPE_AP_VLAN:
2934 case NL80211_IFTYPE_P2P_GO:
2935 /* parse WME attributes if sta is WME capable */
2936 if ((rdev->wiphy.flags & WIPHY_FLAG_AP_UAPSD) &&
2937 (params.sta_flags_set & BIT(NL80211_STA_FLAG_WME)) &&
2938 info->attrs[NL80211_ATTR_STA_WME]) {
2939 struct nlattr *tb[NL80211_STA_WME_MAX + 1];
2940 struct nlattr *nla;
2941
2942 nla = info->attrs[NL80211_ATTR_STA_WME];
2943 err = nla_parse_nested(tb, NL80211_STA_WME_MAX, nla,
2944 nl80211_sta_wme_policy);
2945 if (err)
2946 return err;
2947
2948 if (tb[NL80211_STA_WME_UAPSD_QUEUES])
2949 params.uapsd_queues =
2950 nla_get_u8(tb[NL80211_STA_WME_UAPSD_QUEUES]);
2951 if (params.uapsd_queues &
2952 ~IEEE80211_WMM_IE_STA_QOSINFO_AC_MASK)
2953 return -EINVAL;
2954
2955 if (tb[NL80211_STA_WME_MAX_SP])
2956 params.max_sp =
2957 nla_get_u8(tb[NL80211_STA_WME_MAX_SP]);
2958
2959 if (params.max_sp &
2960 ~IEEE80211_WMM_IE_STA_QOSINFO_SP_MASK)
2961 return -EINVAL;
2962
2963 params.sta_modify_mask |= STATION_PARAM_APPLY_UAPSD;
2964 }
2965 /* TDLS peers cannot be added */
2966 if (params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER))
2967 return -EINVAL;
2968 /* but don't bother the driver with it */
2969 params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
2970
2971 /* must be last in here for error handling */
2972 params.vlan = get_vlan(info, rdev);
2973 if (IS_ERR(params.vlan))
2974 return PTR_ERR(params.vlan);
2975 break;
2976 case NL80211_IFTYPE_MESH_POINT:
2977 /* TDLS peers cannot be added */
2978 if (params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER))
2979 return -EINVAL;
2980 break;
2981 case NL80211_IFTYPE_STATION:
2982 /* Only TDLS peers can be added */
2983 if (!(params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)))
2984 return -EINVAL;
2985 /* Can only add if TDLS ... */
2986 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS))
2987 return -EOPNOTSUPP;
2988 /* ... with external setup is supported */
2989 if (!(rdev->wiphy.flags & WIPHY_FLAG_TDLS_EXTERNAL_SETUP))
2990 return -EOPNOTSUPP;
2991 break;
2992 default:
2993 return -EOPNOTSUPP;
2994 }
2995
2996 /* be aware of params.vlan when changing code here */
2997
2998 err = rdev->ops->add_station(&rdev->wiphy, dev, mac_addr, &params);
2999
3000 if (params.vlan)
3001 dev_put(params.vlan);
3002 return err;
3003}
3004
3005static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info)
3006{
3007 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3008 struct net_device *dev = info->user_ptr[1];
3009 u8 *mac_addr = NULL;
3010
3011 if (info->attrs[NL80211_ATTR_MAC])
3012 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
3013
3014 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
3015 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN &&
3016 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT &&
3017 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
3018 return -EINVAL;
3019
3020 if (!rdev->ops->del_station)
3021 return -EOPNOTSUPP;
3022
3023 return rdev->ops->del_station(&rdev->wiphy, dev, mac_addr);
3024}
3025
3026static int nl80211_send_mpath(struct sk_buff *msg, u32 pid, u32 seq,
3027 int flags, struct net_device *dev,
3028 u8 *dst, u8 *next_hop,
3029 struct mpath_info *pinfo)
3030{
3031 void *hdr;
3032 struct nlattr *pinfoattr;
3033
3034 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION);
3035 if (!hdr)
3036 return -1;
3037
3038 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex);
3039 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, dst);
3040 NLA_PUT(msg, NL80211_ATTR_MPATH_NEXT_HOP, ETH_ALEN, next_hop);
3041
3042 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, pinfo->generation);
3043
3044 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MPATH_INFO);
3045 if (!pinfoattr)
3046 goto nla_put_failure;
3047 if (pinfo->filled & MPATH_INFO_FRAME_QLEN)
3048 NLA_PUT_U32(msg, NL80211_MPATH_INFO_FRAME_QLEN,
3049 pinfo->frame_qlen);
3050 if (pinfo->filled & MPATH_INFO_SN)
3051 NLA_PUT_U32(msg, NL80211_MPATH_INFO_SN,
3052 pinfo->sn);
3053 if (pinfo->filled & MPATH_INFO_METRIC)
3054 NLA_PUT_U32(msg, NL80211_MPATH_INFO_METRIC,
3055 pinfo->metric);
3056 if (pinfo->filled & MPATH_INFO_EXPTIME)
3057 NLA_PUT_U32(msg, NL80211_MPATH_INFO_EXPTIME,
3058 pinfo->exptime);
3059 if (pinfo->filled & MPATH_INFO_FLAGS)
3060 NLA_PUT_U8(msg, NL80211_MPATH_INFO_FLAGS,
3061 pinfo->flags);
3062 if (pinfo->filled & MPATH_INFO_DISCOVERY_TIMEOUT)
3063 NLA_PUT_U32(msg, NL80211_MPATH_INFO_DISCOVERY_TIMEOUT,
3064 pinfo->discovery_timeout);
3065 if (pinfo->filled & MPATH_INFO_DISCOVERY_RETRIES)
3066 NLA_PUT_U8(msg, NL80211_MPATH_INFO_DISCOVERY_RETRIES,
3067 pinfo->discovery_retries);
3068
3069 nla_nest_end(msg, pinfoattr);
3070
3071 return genlmsg_end(msg, hdr);
3072
3073 nla_put_failure:
3074 genlmsg_cancel(msg, hdr);
3075 return -EMSGSIZE;
3076}
3077
3078static int nl80211_dump_mpath(struct sk_buff *skb,
3079 struct netlink_callback *cb)
3080{
3081 struct mpath_info pinfo;
3082 struct cfg80211_registered_device *dev;
3083 struct net_device *netdev;
3084 u8 dst[ETH_ALEN];
3085 u8 next_hop[ETH_ALEN];
3086 int path_idx = cb->args[1];
3087 int err;
3088
3089 err = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev);
3090 if (err)
3091 return err;
3092
3093 if (!dev->ops->dump_mpath) {
3094 err = -EOPNOTSUPP;
3095 goto out_err;
3096 }
3097
3098 if (netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) {
3099 err = -EOPNOTSUPP;
3100 goto out_err;
3101 }
3102
3103 while (1) {
3104 err = dev->ops->dump_mpath(&dev->wiphy, netdev, path_idx,
3105 dst, next_hop, &pinfo);
3106 if (err == -ENOENT)
3107 break;
3108 if (err)
3109 goto out_err;
3110
3111 if (nl80211_send_mpath(skb, NETLINK_CB(cb->skb).pid,
3112 cb->nlh->nlmsg_seq, NLM_F_MULTI,
3113 netdev, dst, next_hop,
3114 &pinfo) < 0)
3115 goto out;
3116
3117 path_idx++;
3118 }
3119
3120
3121 out:
3122 cb->args[1] = path_idx;
3123 err = skb->len;
3124 out_err:
3125 nl80211_finish_netdev_dump(dev);
3126 return err;
3127}
3128
3129static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info)
3130{
3131 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3132 int err;
3133 struct net_device *dev = info->user_ptr[1];
3134 struct mpath_info pinfo;
3135 struct sk_buff *msg;
3136 u8 *dst = NULL;
3137 u8 next_hop[ETH_ALEN];
3138
3139 memset(&pinfo, 0, sizeof(pinfo));
3140
3141 if (!info->attrs[NL80211_ATTR_MAC])
3142 return -EINVAL;
3143
3144 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
3145
3146 if (!rdev->ops->get_mpath)
3147 return -EOPNOTSUPP;
3148
3149 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
3150 return -EOPNOTSUPP;
3151
3152 err = rdev->ops->get_mpath(&rdev->wiphy, dev, dst, next_hop, &pinfo);
3153 if (err)
3154 return err;
3155
3156 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
3157 if (!msg)
3158 return -ENOMEM;
3159
3160 if (nl80211_send_mpath(msg, info->snd_pid, info->snd_seq, 0,
3161 dev, dst, next_hop, &pinfo) < 0) {
3162 nlmsg_free(msg);
3163 return -ENOBUFS;
3164 }
3165
3166 return genlmsg_reply(msg, info);
3167}
3168
3169static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info)
3170{
3171 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3172 struct net_device *dev = info->user_ptr[1];
3173 u8 *dst = NULL;
3174 u8 *next_hop = NULL;
3175
3176 if (!info->attrs[NL80211_ATTR_MAC])
3177 return -EINVAL;
3178
3179 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP])
3180 return -EINVAL;
3181
3182 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
3183 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]);
3184
3185 if (!rdev->ops->change_mpath)
3186 return -EOPNOTSUPP;
3187
3188 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
3189 return -EOPNOTSUPP;
3190
3191 return rdev->ops->change_mpath(&rdev->wiphy, dev, dst, next_hop);
3192}
3193
3194static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info)
3195{
3196 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3197 struct net_device *dev = info->user_ptr[1];
3198 u8 *dst = NULL;
3199 u8 *next_hop = NULL;
3200
3201 if (!info->attrs[NL80211_ATTR_MAC])
3202 return -EINVAL;
3203
3204 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP])
3205 return -EINVAL;
3206
3207 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
3208 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]);
3209
3210 if (!rdev->ops->add_mpath)
3211 return -EOPNOTSUPP;
3212
3213 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
3214 return -EOPNOTSUPP;
3215
3216 return rdev->ops->add_mpath(&rdev->wiphy, dev, dst, next_hop);
3217}
3218
3219static int nl80211_del_mpath(struct sk_buff *skb, struct genl_info *info)
3220{
3221 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3222 struct net_device *dev = info->user_ptr[1];
3223 u8 *dst = NULL;
3224
3225 if (info->attrs[NL80211_ATTR_MAC])
3226 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
3227
3228 if (!rdev->ops->del_mpath)
3229 return -EOPNOTSUPP;
3230
3231 return rdev->ops->del_mpath(&rdev->wiphy, dev, dst);
3232}
3233
3234static int nl80211_set_bss(struct sk_buff *skb, struct genl_info *info)
3235{
3236 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3237 struct net_device *dev = info->user_ptr[1];
3238 struct bss_parameters params;
3239
3240 memset(&params, 0, sizeof(params));
3241 /* default to not changing parameters */
3242 params.use_cts_prot = -1;
3243 params.use_short_preamble = -1;
3244 params.use_short_slot_time = -1;
3245 params.ap_isolate = -1;
3246 params.ht_opmode = -1;
3247
3248 if (info->attrs[NL80211_ATTR_BSS_CTS_PROT])
3249 params.use_cts_prot =
3250 nla_get_u8(info->attrs[NL80211_ATTR_BSS_CTS_PROT]);
3251 if (info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE])
3252 params.use_short_preamble =
3253 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]);
3254 if (info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME])
3255 params.use_short_slot_time =
3256 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]);
3257 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) {
3258 params.basic_rates =
3259 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
3260 params.basic_rates_len =
3261 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
3262 }
3263 if (info->attrs[NL80211_ATTR_AP_ISOLATE])
3264 params.ap_isolate = !!nla_get_u8(info->attrs[NL80211_ATTR_AP_ISOLATE]);
3265 if (info->attrs[NL80211_ATTR_BSS_HT_OPMODE])
3266 params.ht_opmode =
3267 nla_get_u16(info->attrs[NL80211_ATTR_BSS_HT_OPMODE]);
3268
3269 if (!rdev->ops->change_bss)
3270 return -EOPNOTSUPP;
3271
3272 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
3273 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
3274 return -EOPNOTSUPP;
3275
3276 return rdev->ops->change_bss(&rdev->wiphy, dev, &params);
3277}
3278
3279static const struct nla_policy reg_rule_policy[NL80211_REG_RULE_ATTR_MAX + 1] = {
3280 [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 },
3281 [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 },
3282 [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 },
3283 [NL80211_ATTR_FREQ_RANGE_MAX_BW] = { .type = NLA_U32 },
3284 [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 },
3285 [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 },
3286};
3287
3288static int parse_reg_rule(struct nlattr *tb[],
3289 struct ieee80211_reg_rule *reg_rule)
3290{
3291 struct ieee80211_freq_range *freq_range = &reg_rule->freq_range;
3292 struct ieee80211_power_rule *power_rule = &reg_rule->power_rule;
3293
3294 if (!tb[NL80211_ATTR_REG_RULE_FLAGS])
3295 return -EINVAL;
3296 if (!tb[NL80211_ATTR_FREQ_RANGE_START])
3297 return -EINVAL;
3298 if (!tb[NL80211_ATTR_FREQ_RANGE_END])
3299 return -EINVAL;
3300 if (!tb[NL80211_ATTR_FREQ_RANGE_MAX_BW])
3301 return -EINVAL;
3302 if (!tb[NL80211_ATTR_POWER_RULE_MAX_EIRP])
3303 return -EINVAL;
3304
3305 reg_rule->flags = nla_get_u32(tb[NL80211_ATTR_REG_RULE_FLAGS]);
3306
3307 freq_range->start_freq_khz =
3308 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]);
3309 freq_range->end_freq_khz =
3310 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]);
3311 freq_range->max_bandwidth_khz =
3312 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]);
3313
3314 power_rule->max_eirp =
3315 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]);
3316
3317 if (tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN])
3318 power_rule->max_antenna_gain =
3319 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]);
3320
3321 return 0;
3322}
3323
3324static int nl80211_req_set_reg(struct sk_buff *skb, struct genl_info *info)
3325{
3326 int r;
3327 char *data = NULL;
3328
3329 /*
3330 * You should only get this when cfg80211 hasn't yet initialized
3331 * completely when built-in to the kernel right between the time
3332 * window between nl80211_init() and regulatory_init(), if that is
3333 * even possible.
3334 */
3335 mutex_lock(&cfg80211_mutex);
3336 if (unlikely(!cfg80211_regdomain)) {
3337 mutex_unlock(&cfg80211_mutex);
3338 return -EINPROGRESS;
3339 }
3340 mutex_unlock(&cfg80211_mutex);
3341
3342 if (!info->attrs[NL80211_ATTR_REG_ALPHA2])
3343 return -EINVAL;
3344
3345 data = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]);
3346
3347 r = regulatory_hint_user(data);
3348
3349 return r;
3350}
3351
3352static int nl80211_get_mesh_config(struct sk_buff *skb,
3353 struct genl_info *info)
3354{
3355 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3356 struct net_device *dev = info->user_ptr[1];
3357 struct wireless_dev *wdev = dev->ieee80211_ptr;
3358 struct mesh_config cur_params;
3359 int err = 0;
3360 void *hdr;
3361 struct nlattr *pinfoattr;
3362 struct sk_buff *msg;
3363
3364 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT)
3365 return -EOPNOTSUPP;
3366
3367 if (!rdev->ops->get_mesh_config)
3368 return -EOPNOTSUPP;
3369
3370 wdev_lock(wdev);
3371 /* If not connected, get default parameters */
3372 if (!wdev->mesh_id_len)
3373 memcpy(&cur_params, &default_mesh_config, sizeof(cur_params));
3374 else
3375 err = rdev->ops->get_mesh_config(&rdev->wiphy, dev,
3376 &cur_params);
3377 wdev_unlock(wdev);
3378
3379 if (err)
3380 return err;
3381
3382 /* Draw up a netlink message to send back */
3383 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
3384 if (!msg)
3385 return -ENOMEM;
3386 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0,
3387 NL80211_CMD_GET_MESH_CONFIG);
3388 if (!hdr)
3389 goto out;
3390 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MESH_CONFIG);
3391 if (!pinfoattr)
3392 goto nla_put_failure;
3393 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex);
3394 NLA_PUT_U16(msg, NL80211_MESHCONF_RETRY_TIMEOUT,
3395 cur_params.dot11MeshRetryTimeout);
3396 NLA_PUT_U16(msg, NL80211_MESHCONF_CONFIRM_TIMEOUT,
3397 cur_params.dot11MeshConfirmTimeout);
3398 NLA_PUT_U16(msg, NL80211_MESHCONF_HOLDING_TIMEOUT,
3399 cur_params.dot11MeshHoldingTimeout);
3400 NLA_PUT_U16(msg, NL80211_MESHCONF_MAX_PEER_LINKS,
3401 cur_params.dot11MeshMaxPeerLinks);
3402 NLA_PUT_U8(msg, NL80211_MESHCONF_MAX_RETRIES,
3403 cur_params.dot11MeshMaxRetries);
3404 NLA_PUT_U8(msg, NL80211_MESHCONF_TTL,
3405 cur_params.dot11MeshTTL);
3406 NLA_PUT_U8(msg, NL80211_MESHCONF_ELEMENT_TTL,
3407 cur_params.element_ttl);
3408 NLA_PUT_U8(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS,
3409 cur_params.auto_open_plinks);
3410 NLA_PUT_U8(msg, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES,
3411 cur_params.dot11MeshHWMPmaxPREQretries);
3412 NLA_PUT_U32(msg, NL80211_MESHCONF_PATH_REFRESH_TIME,
3413 cur_params.path_refresh_time);
3414 NLA_PUT_U16(msg, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT,
3415 cur_params.min_discovery_timeout);
3416 NLA_PUT_U32(msg, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT,
3417 cur_params.dot11MeshHWMPactivePathTimeout);
3418 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL,
3419 cur_params.dot11MeshHWMPpreqMinInterval);
3420 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL,
3421 cur_params.dot11MeshHWMPperrMinInterval);
3422 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME,
3423 cur_params.dot11MeshHWMPnetDiameterTraversalTime);
3424 NLA_PUT_U8(msg, NL80211_MESHCONF_HWMP_ROOTMODE,
3425 cur_params.dot11MeshHWMPRootMode);
3426 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_RANN_INTERVAL,
3427 cur_params.dot11MeshHWMPRannInterval);
3428 NLA_PUT_U8(msg, NL80211_MESHCONF_GATE_ANNOUNCEMENTS,
3429 cur_params.dot11MeshGateAnnouncementProtocol);
3430 NLA_PUT_U8(msg, NL80211_MESHCONF_FORWARDING,
3431 cur_params.dot11MeshForwarding);
3432 NLA_PUT_U32(msg, NL80211_MESHCONF_RSSI_THRESHOLD,
3433 cur_params.rssi_threshold);
3434 nla_nest_end(msg, pinfoattr);
3435 genlmsg_end(msg, hdr);
3436 return genlmsg_reply(msg, info);
3437
3438 nla_put_failure:
3439 genlmsg_cancel(msg, hdr);
3440 out:
3441 nlmsg_free(msg);
3442 return -ENOBUFS;
3443}
3444
3445static const struct nla_policy nl80211_meshconf_params_policy[NL80211_MESHCONF_ATTR_MAX+1] = {
3446 [NL80211_MESHCONF_RETRY_TIMEOUT] = { .type = NLA_U16 },
3447 [NL80211_MESHCONF_CONFIRM_TIMEOUT] = { .type = NLA_U16 },
3448 [NL80211_MESHCONF_HOLDING_TIMEOUT] = { .type = NLA_U16 },
3449 [NL80211_MESHCONF_MAX_PEER_LINKS] = { .type = NLA_U16 },
3450 [NL80211_MESHCONF_MAX_RETRIES] = { .type = NLA_U8 },
3451 [NL80211_MESHCONF_TTL] = { .type = NLA_U8 },
3452 [NL80211_MESHCONF_ELEMENT_TTL] = { .type = NLA_U8 },
3453 [NL80211_MESHCONF_AUTO_OPEN_PLINKS] = { .type = NLA_U8 },
3454
3455 [NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES] = { .type = NLA_U8 },
3456 [NL80211_MESHCONF_PATH_REFRESH_TIME] = { .type = NLA_U32 },
3457 [NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT] = { .type = NLA_U16 },
3458 [NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT] = { .type = NLA_U32 },
3459 [NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL] = { .type = NLA_U16 },
3460 [NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL] = { .type = NLA_U16 },
3461 [NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME] = { .type = NLA_U16 },
3462 [NL80211_MESHCONF_HWMP_ROOTMODE] = { .type = NLA_U8 },
3463 [NL80211_MESHCONF_HWMP_RANN_INTERVAL] = { .type = NLA_U16 },
3464 [NL80211_MESHCONF_GATE_ANNOUNCEMENTS] = { .type = NLA_U8 },
3465 [NL80211_MESHCONF_FORWARDING] = { .type = NLA_U8 },
3466 [NL80211_MESHCONF_RSSI_THRESHOLD] = { .type = NLA_U32},
3467};
3468
3469static const struct nla_policy
3470 nl80211_mesh_setup_params_policy[NL80211_MESH_SETUP_ATTR_MAX+1] = {
3471 [NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL] = { .type = NLA_U8 },
3472 [NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC] = { .type = NLA_U8 },
3473 [NL80211_MESH_SETUP_USERSPACE_AUTH] = { .type = NLA_FLAG },
3474 [NL80211_MESH_SETUP_IE] = { .type = NLA_BINARY,
3475 .len = IEEE80211_MAX_DATA_LEN },
3476 [NL80211_MESH_SETUP_USERSPACE_AMPE] = { .type = NLA_FLAG },
3477};
3478
3479static int nl80211_parse_mesh_config(struct genl_info *info,
3480 struct mesh_config *cfg,
3481 u32 *mask_out)
3482{
3483 struct nlattr *tb[NL80211_MESHCONF_ATTR_MAX + 1];
3484 u32 mask = 0;
3485
3486#define FILL_IN_MESH_PARAM_IF_SET(table, cfg, param, mask, attr_num, nla_fn) \
3487do {\
3488 if (table[attr_num]) {\
3489 cfg->param = nla_fn(table[attr_num]); \
3490 mask |= (1 << (attr_num - 1)); \
3491 } \
3492} while (0);\
3493
3494
3495 if (!info->attrs[NL80211_ATTR_MESH_CONFIG])
3496 return -EINVAL;
3497 if (nla_parse_nested(tb, NL80211_MESHCONF_ATTR_MAX,
3498 info->attrs[NL80211_ATTR_MESH_CONFIG],
3499 nl80211_meshconf_params_policy))
3500 return -EINVAL;
3501
3502 /* This makes sure that there aren't more than 32 mesh config
3503 * parameters (otherwise our bitfield scheme would not work.) */
3504 BUILD_BUG_ON(NL80211_MESHCONF_ATTR_MAX > 32);
3505
3506 /* Fill in the params struct */
3507 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshRetryTimeout,
3508 mask, NL80211_MESHCONF_RETRY_TIMEOUT, nla_get_u16);
3509 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshConfirmTimeout,
3510 mask, NL80211_MESHCONF_CONFIRM_TIMEOUT, nla_get_u16);
3511 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHoldingTimeout,
3512 mask, NL80211_MESHCONF_HOLDING_TIMEOUT, nla_get_u16);
3513 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxPeerLinks,
3514 mask, NL80211_MESHCONF_MAX_PEER_LINKS, nla_get_u16);
3515 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxRetries,
3516 mask, NL80211_MESHCONF_MAX_RETRIES, nla_get_u8);
3517 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshTTL,
3518 mask, NL80211_MESHCONF_TTL, nla_get_u8);
3519 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, element_ttl,
3520 mask, NL80211_MESHCONF_ELEMENT_TTL, nla_get_u8);
3521 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, auto_open_plinks,
3522 mask, NL80211_MESHCONF_AUTO_OPEN_PLINKS, nla_get_u8);
3523 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPmaxPREQretries,
3524 mask, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES,
3525 nla_get_u8);
3526 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, path_refresh_time,
3527 mask, NL80211_MESHCONF_PATH_REFRESH_TIME, nla_get_u32);
3528 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, min_discovery_timeout,
3529 mask, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT,
3530 nla_get_u16);
3531 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPactivePathTimeout,
3532 mask, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT,
3533 nla_get_u32);
3534 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPpreqMinInterval,
3535 mask, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL,
3536 nla_get_u16);
3537 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPperrMinInterval,
3538 mask, NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL,
3539 nla_get_u16);
3540 FILL_IN_MESH_PARAM_IF_SET(tb, cfg,
3541 dot11MeshHWMPnetDiameterTraversalTime,
3542 mask, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME,
3543 nla_get_u16);
3544 FILL_IN_MESH_PARAM_IF_SET(tb, cfg,
3545 dot11MeshHWMPRootMode, mask,
3546 NL80211_MESHCONF_HWMP_ROOTMODE,
3547 nla_get_u8);
3548 FILL_IN_MESH_PARAM_IF_SET(tb, cfg,
3549 dot11MeshHWMPRannInterval, mask,
3550 NL80211_MESHCONF_HWMP_RANN_INTERVAL,
3551 nla_get_u16);
3552 FILL_IN_MESH_PARAM_IF_SET(tb, cfg,
3553 dot11MeshGateAnnouncementProtocol, mask,
3554 NL80211_MESHCONF_GATE_ANNOUNCEMENTS,
3555 nla_get_u8);
3556 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshForwarding,
3557 mask, NL80211_MESHCONF_FORWARDING, nla_get_u8);
3558 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, rssi_threshold,
3559 mask, NL80211_MESHCONF_RSSI_THRESHOLD, nla_get_u32);
3560 if (mask_out)
3561 *mask_out = mask;
3562
3563 return 0;
3564
3565#undef FILL_IN_MESH_PARAM_IF_SET
3566}
3567
3568static int nl80211_parse_mesh_setup(struct genl_info *info,
3569 struct mesh_setup *setup)
3570{
3571 struct nlattr *tb[NL80211_MESH_SETUP_ATTR_MAX + 1];
3572
3573 if (!info->attrs[NL80211_ATTR_MESH_SETUP])
3574 return -EINVAL;
3575 if (nla_parse_nested(tb, NL80211_MESH_SETUP_ATTR_MAX,
3576 info->attrs[NL80211_ATTR_MESH_SETUP],
3577 nl80211_mesh_setup_params_policy))
3578 return -EINVAL;
3579
3580 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL])
3581 setup->path_sel_proto =
3582 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL])) ?
3583 IEEE80211_PATH_PROTOCOL_VENDOR :
3584 IEEE80211_PATH_PROTOCOL_HWMP;
3585
3586 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC])
3587 setup->path_metric =
3588 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC])) ?
3589 IEEE80211_PATH_METRIC_VENDOR :
3590 IEEE80211_PATH_METRIC_AIRTIME;
3591
3592
3593 if (tb[NL80211_MESH_SETUP_IE]) {
3594 struct nlattr *ieattr =
3595 tb[NL80211_MESH_SETUP_IE];
3596 if (!is_valid_ie_attr(ieattr))
3597 return -EINVAL;
3598 setup->ie = nla_data(ieattr);
3599 setup->ie_len = nla_len(ieattr);
3600 }
3601 setup->is_authenticated = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_AUTH]);
3602 setup->is_secure = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_AMPE]);
3603
3604 return 0;
3605}
3606
3607static int nl80211_update_mesh_config(struct sk_buff *skb,
3608 struct genl_info *info)
3609{
3610 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3611 struct net_device *dev = info->user_ptr[1];
3612 struct wireless_dev *wdev = dev->ieee80211_ptr;
3613 struct mesh_config cfg;
3614 u32 mask;
3615 int err;
3616
3617 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT)
3618 return -EOPNOTSUPP;
3619
3620 if (!rdev->ops->update_mesh_config)
3621 return -EOPNOTSUPP;
3622
3623 err = nl80211_parse_mesh_config(info, &cfg, &mask);
3624 if (err)
3625 return err;
3626
3627 wdev_lock(wdev);
3628 if (!wdev->mesh_id_len)
3629 err = -ENOLINK;
3630
3631 if (!err)
3632 err = rdev->ops->update_mesh_config(&rdev->wiphy, dev,
3633 mask, &cfg);
3634
3635 wdev_unlock(wdev);
3636
3637 return err;
3638}
3639
3640static int nl80211_get_reg(struct sk_buff *skb, struct genl_info *info)
3641{
3642 struct sk_buff *msg;
3643 void *hdr = NULL;
3644 struct nlattr *nl_reg_rules;
3645 unsigned int i;
3646 int err = -EINVAL;
3647
3648 mutex_lock(&cfg80211_mutex);
3649
3650 if (!cfg80211_regdomain)
3651 goto out;
3652
3653 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
3654 if (!msg) {
3655 err = -ENOBUFS;
3656 goto out;
3657 }
3658
3659 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0,
3660 NL80211_CMD_GET_REG);
3661 if (!hdr)
3662 goto put_failure;
3663
3664 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2,
3665 cfg80211_regdomain->alpha2);
3666 if (cfg80211_regdomain->dfs_region)
3667 NLA_PUT_U8(msg, NL80211_ATTR_DFS_REGION,
3668 cfg80211_regdomain->dfs_region);
3669
3670 nl_reg_rules = nla_nest_start(msg, NL80211_ATTR_REG_RULES);
3671 if (!nl_reg_rules)
3672 goto nla_put_failure;
3673
3674 for (i = 0; i < cfg80211_regdomain->n_reg_rules; i++) {
3675 struct nlattr *nl_reg_rule;
3676 const struct ieee80211_reg_rule *reg_rule;
3677 const struct ieee80211_freq_range *freq_range;
3678 const struct ieee80211_power_rule *power_rule;
3679
3680 reg_rule = &cfg80211_regdomain->reg_rules[i];
3681 freq_range = &reg_rule->freq_range;
3682 power_rule = &reg_rule->power_rule;
3683
3684 nl_reg_rule = nla_nest_start(msg, i);
3685 if (!nl_reg_rule)
3686 goto nla_put_failure;
3687
3688 NLA_PUT_U32(msg, NL80211_ATTR_REG_RULE_FLAGS,
3689 reg_rule->flags);
3690 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_START,
3691 freq_range->start_freq_khz);
3692 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_END,
3693 freq_range->end_freq_khz);
3694 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_MAX_BW,
3695 freq_range->max_bandwidth_khz);
3696 NLA_PUT_U32(msg, NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN,
3697 power_rule->max_antenna_gain);
3698 NLA_PUT_U32(msg, NL80211_ATTR_POWER_RULE_MAX_EIRP,
3699 power_rule->max_eirp);
3700
3701 nla_nest_end(msg, nl_reg_rule);
3702 }
3703
3704 nla_nest_end(msg, nl_reg_rules);
3705
3706 genlmsg_end(msg, hdr);
3707 err = genlmsg_reply(msg, info);
3708 goto out;
3709
3710nla_put_failure:
3711 genlmsg_cancel(msg, hdr);
3712put_failure:
3713 nlmsg_free(msg);
3714 err = -EMSGSIZE;
3715out:
3716 mutex_unlock(&cfg80211_mutex);
3717 return err;
3718}
3719
3720static int nl80211_set_reg(struct sk_buff *skb, struct genl_info *info)
3721{
3722 struct nlattr *tb[NL80211_REG_RULE_ATTR_MAX + 1];
3723 struct nlattr *nl_reg_rule;
3724 char *alpha2 = NULL;
3725 int rem_reg_rules = 0, r = 0;
3726 u32 num_rules = 0, rule_idx = 0, size_of_regd;
3727 u8 dfs_region = 0;
3728 struct ieee80211_regdomain *rd = NULL;
3729
3730 if (!info->attrs[NL80211_ATTR_REG_ALPHA2])
3731 return -EINVAL;
3732
3733 if (!info->attrs[NL80211_ATTR_REG_RULES])
3734 return -EINVAL;
3735
3736 alpha2 = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]);
3737
3738 if (info->attrs[NL80211_ATTR_DFS_REGION])
3739 dfs_region = nla_get_u8(info->attrs[NL80211_ATTR_DFS_REGION]);
3740
3741 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES],
3742 rem_reg_rules) {
3743 num_rules++;
3744 if (num_rules > NL80211_MAX_SUPP_REG_RULES)
3745 return -EINVAL;
3746 }
3747
3748 mutex_lock(&cfg80211_mutex);
3749
3750 if (!reg_is_valid_request(alpha2)) {
3751 r = -EINVAL;
3752 goto bad_reg;
3753 }
3754
3755 size_of_regd = sizeof(struct ieee80211_regdomain) +
3756 (num_rules * sizeof(struct ieee80211_reg_rule));
3757
3758 rd = kzalloc(size_of_regd, GFP_KERNEL);
3759 if (!rd) {
3760 r = -ENOMEM;
3761 goto bad_reg;
3762 }
3763
3764 rd->n_reg_rules = num_rules;
3765 rd->alpha2[0] = alpha2[0];
3766 rd->alpha2[1] = alpha2[1];
3767
3768 /*
3769 * Disable DFS master mode if the DFS region was
3770 * not supported or known on this kernel.
3771 */
3772 if (reg_supported_dfs_region(dfs_region))
3773 rd->dfs_region = dfs_region;
3774
3775 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES],
3776 rem_reg_rules) {
3777 nla_parse(tb, NL80211_REG_RULE_ATTR_MAX,
3778 nla_data(nl_reg_rule), nla_len(nl_reg_rule),
3779 reg_rule_policy);
3780 r = parse_reg_rule(tb, &rd->reg_rules[rule_idx]);
3781 if (r)
3782 goto bad_reg;
3783
3784 rule_idx++;
3785
3786 if (rule_idx > NL80211_MAX_SUPP_REG_RULES) {
3787 r = -EINVAL;
3788 goto bad_reg;
3789 }
3790 }
3791
3792 BUG_ON(rule_idx != num_rules);
3793
3794 r = set_regdom(rd);
3795
3796 mutex_unlock(&cfg80211_mutex);
3797
3798 return r;
3799
3800 bad_reg:
3801 mutex_unlock(&cfg80211_mutex);
3802 kfree(rd);
3803 return r;
3804}
3805
3806static int validate_scan_freqs(struct nlattr *freqs)
3807{
3808 struct nlattr *attr1, *attr2;
3809 int n_channels = 0, tmp1, tmp2;
3810
3811 nla_for_each_nested(attr1, freqs, tmp1) {
3812 n_channels++;
3813 /*
3814 * Some hardware has a limited channel list for
3815 * scanning, and it is pretty much nonsensical
3816 * to scan for a channel twice, so disallow that
3817 * and don't require drivers to check that the
3818 * channel list they get isn't longer than what
3819 * they can scan, as long as they can scan all
3820 * the channels they registered at once.
3821 */
3822 nla_for_each_nested(attr2, freqs, tmp2)
3823 if (attr1 != attr2 &&
3824 nla_get_u32(attr1) == nla_get_u32(attr2))
3825 return 0;
3826 }
3827
3828 return n_channels;
3829}
3830
3831static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info)
3832{
3833 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3834 struct net_device *dev = info->user_ptr[1];
3835 struct cfg80211_scan_request *request;
3836 struct nlattr *attr;
3837 struct wiphy *wiphy;
3838 int err, tmp, n_ssids = 0, n_channels, i;
3839 size_t ie_len;
3840
3841 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
3842 return -EINVAL;
3843
3844 wiphy = &rdev->wiphy;
3845
3846 if (!rdev->ops->scan)
3847 return -EOPNOTSUPP;
3848
3849 if (rdev->scan_req)
3850 return -EBUSY;
3851
3852 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
3853 n_channels = validate_scan_freqs(
3854 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]);
3855 if (!n_channels)
3856 return -EINVAL;
3857 } else {
3858 enum ieee80211_band band;
3859 n_channels = 0;
3860
3861 for (band = 0; band < IEEE80211_NUM_BANDS; band++)
3862 if (wiphy->bands[band])
3863 n_channels += wiphy->bands[band]->n_channels;
3864 }
3865
3866 if (info->attrs[NL80211_ATTR_SCAN_SSIDS])
3867 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp)
3868 n_ssids++;
3869
3870 if (n_ssids > wiphy->max_scan_ssids)
3871 return -EINVAL;
3872
3873 if (info->attrs[NL80211_ATTR_IE])
3874 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
3875 else
3876 ie_len = 0;
3877
3878 if (ie_len > wiphy->max_scan_ie_len)
3879 return -EINVAL;
3880
3881 request = kzalloc(sizeof(*request)
3882 + sizeof(*request->ssids) * n_ssids
3883 + sizeof(*request->channels) * n_channels
3884 + ie_len, GFP_KERNEL);
3885 if (!request)
3886 return -ENOMEM;
3887
3888 if (n_ssids)
3889 request->ssids = (void *)&request->channels[n_channels];
3890 request->n_ssids = n_ssids;
3891 if (ie_len) {
3892 if (request->ssids)
3893 request->ie = (void *)(request->ssids + n_ssids);
3894 else
3895 request->ie = (void *)(request->channels + n_channels);
3896 }
3897
3898 i = 0;
3899 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
3900 /* user specified, bail out if channel not found */
3901 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_FREQUENCIES], tmp) {
3902 struct ieee80211_channel *chan;
3903
3904 chan = ieee80211_get_channel(wiphy, nla_get_u32(attr));
3905
3906 if (!chan) {
3907 err = -EINVAL;
3908 goto out_free;
3909 }
3910
3911 /* ignore disabled channels */
3912 if (chan->flags & IEEE80211_CHAN_DISABLED)
3913 continue;
3914
3915 request->channels[i] = chan;
3916 i++;
3917 }
3918 } else {
3919 enum ieee80211_band band;
3920
3921 /* all channels */
3922 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
3923 int j;
3924 if (!wiphy->bands[band])
3925 continue;
3926 for (j = 0; j < wiphy->bands[band]->n_channels; j++) {
3927 struct ieee80211_channel *chan;
3928
3929 chan = &wiphy->bands[band]->channels[j];
3930
3931 if (chan->flags & IEEE80211_CHAN_DISABLED)
3932 continue;
3933
3934 request->channels[i] = chan;
3935 i++;
3936 }
3937 }
3938 }
3939
3940 if (!i) {
3941 err = -EINVAL;
3942 goto out_free;
3943 }
3944
3945 request->n_channels = i;
3946
3947 i = 0;
3948 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) {
3949 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) {
3950 if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) {
3951 err = -EINVAL;
3952 goto out_free;
3953 }
3954 request->ssids[i].ssid_len = nla_len(attr);
3955 memcpy(request->ssids[i].ssid, nla_data(attr), nla_len(attr));
3956 i++;
3957 }
3958 }
3959
3960 if (info->attrs[NL80211_ATTR_IE]) {
3961 request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
3962 memcpy((void *)request->ie,
3963 nla_data(info->attrs[NL80211_ATTR_IE]),
3964 request->ie_len);
3965 }
3966
3967 for (i = 0; i < IEEE80211_NUM_BANDS; i++)
3968 if (wiphy->bands[i])
3969 request->rates[i] =
3970 (1 << wiphy->bands[i]->n_bitrates) - 1;
3971
3972 if (info->attrs[NL80211_ATTR_SCAN_SUPP_RATES]) {
3973 nla_for_each_nested(attr,
3974 info->attrs[NL80211_ATTR_SCAN_SUPP_RATES],
3975 tmp) {
3976 enum ieee80211_band band = nla_type(attr);
3977
3978 if (band < 0 || band >= IEEE80211_NUM_BANDS) {
3979 err = -EINVAL;
3980 goto out_free;
3981 }
3982 err = ieee80211_get_ratemask(wiphy->bands[band],
3983 nla_data(attr),
3984 nla_len(attr),
3985 &request->rates[band]);
3986 if (err)
3987 goto out_free;
3988 }
3989 }
3990
3991 request->no_cck =
3992 nla_get_flag(info->attrs[NL80211_ATTR_TX_NO_CCK_RATE]);
3993
3994 request->dev = dev;
3995 request->wiphy = &rdev->wiphy;
3996
3997 rdev->scan_req = request;
3998 err = rdev->ops->scan(&rdev->wiphy, dev, request);
3999
4000 if (!err) {
4001 nl80211_send_scan_start(rdev, dev);
4002 dev_hold(dev);
4003 } else {
4004 out_free:
4005 rdev->scan_req = NULL;
4006 kfree(request);
4007 }
4008
4009 return err;
4010}
4011
4012static int nl80211_start_sched_scan(struct sk_buff *skb,
4013 struct genl_info *info)
4014{
4015 struct cfg80211_sched_scan_request *request;
4016 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4017 struct net_device *dev = info->user_ptr[1];
4018 struct nlattr *attr;
4019 struct wiphy *wiphy;
4020 int err, tmp, n_ssids = 0, n_match_sets = 0, n_channels, i;
4021 u32 interval;
4022 enum ieee80211_band band;
4023 size_t ie_len;
4024 struct nlattr *tb[NL80211_SCHED_SCAN_MATCH_ATTR_MAX + 1];
4025
4026 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN) ||
4027 !rdev->ops->sched_scan_start)
4028 return -EOPNOTSUPP;
4029
4030 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
4031 return -EINVAL;
4032
4033 if (!info->attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL])
4034 return -EINVAL;
4035
4036 interval = nla_get_u32(info->attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL]);
4037 if (interval == 0)
4038 return -EINVAL;
4039
4040 wiphy = &rdev->wiphy;
4041
4042 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
4043 n_channels = validate_scan_freqs(
4044 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]);
4045 if (!n_channels)
4046 return -EINVAL;
4047 } else {
4048 n_channels = 0;
4049
4050 for (band = 0; band < IEEE80211_NUM_BANDS; band++)
4051 if (wiphy->bands[band])
4052 n_channels += wiphy->bands[band]->n_channels;
4053 }
4054
4055 if (info->attrs[NL80211_ATTR_SCAN_SSIDS])
4056 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS],
4057 tmp)
4058 n_ssids++;
4059
4060 if (n_ssids > wiphy->max_sched_scan_ssids)
4061 return -EINVAL;
4062
4063 if (info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH])
4064 nla_for_each_nested(attr,
4065 info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH],
4066 tmp)
4067 n_match_sets++;
4068
4069 if (n_match_sets > wiphy->max_match_sets)
4070 return -EINVAL;
4071
4072 if (info->attrs[NL80211_ATTR_IE])
4073 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
4074 else
4075 ie_len = 0;
4076
4077 if (ie_len > wiphy->max_sched_scan_ie_len)
4078 return -EINVAL;
4079
4080 mutex_lock(&rdev->sched_scan_mtx);
4081
4082 if (rdev->sched_scan_req) {
4083 err = -EINPROGRESS;
4084 goto out;
4085 }
4086
4087 request = kzalloc(sizeof(*request)
4088 + sizeof(*request->ssids) * n_ssids
4089 + sizeof(*request->match_sets) * n_match_sets
4090 + sizeof(*request->channels) * n_channels
4091 + ie_len, GFP_KERNEL);
4092 if (!request) {
4093 err = -ENOMEM;
4094 goto out;
4095 }
4096
4097 if (n_ssids)
4098 request->ssids = (void *)&request->channels[n_channels];
4099 request->n_ssids = n_ssids;
4100 if (ie_len) {
4101 if (request->ssids)
4102 request->ie = (void *)(request->ssids + n_ssids);
4103 else
4104 request->ie = (void *)(request->channels + n_channels);
4105 }
4106
4107 if (n_match_sets) {
4108 if (request->ie)
4109 request->match_sets = (void *)(request->ie + ie_len);
4110 else if (request->ssids)
4111 request->match_sets =
4112 (void *)(request->ssids + n_ssids);
4113 else
4114 request->match_sets =
4115 (void *)(request->channels + n_channels);
4116 }
4117 request->n_match_sets = n_match_sets;
4118
4119 i = 0;
4120 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
4121 /* user specified, bail out if channel not found */
4122 nla_for_each_nested(attr,
4123 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES],
4124 tmp) {
4125 struct ieee80211_channel *chan;
4126
4127 chan = ieee80211_get_channel(wiphy, nla_get_u32(attr));
4128
4129 if (!chan) {
4130 err = -EINVAL;
4131 goto out_free;
4132 }
4133
4134 /* ignore disabled channels */
4135 if (chan->flags & IEEE80211_CHAN_DISABLED)
4136 continue;
4137
4138 request->channels[i] = chan;
4139 i++;
4140 }
4141 } else {
4142 /* all channels */
4143 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
4144 int j;
4145 if (!wiphy->bands[band])
4146 continue;
4147 for (j = 0; j < wiphy->bands[band]->n_channels; j++) {
4148 struct ieee80211_channel *chan;
4149
4150 chan = &wiphy->bands[band]->channels[j];
4151
4152 if (chan->flags & IEEE80211_CHAN_DISABLED)
4153 continue;
4154
4155 request->channels[i] = chan;
4156 i++;
4157 }
4158 }
4159 }
4160
4161 if (!i) {
4162 err = -EINVAL;
4163 goto out_free;
4164 }
4165
4166 request->n_channels = i;
4167
4168 i = 0;
4169 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) {
4170 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS],
4171 tmp) {
4172 if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) {
4173 err = -EINVAL;
4174 goto out_free;
4175 }
4176 request->ssids[i].ssid_len = nla_len(attr);
4177 memcpy(request->ssids[i].ssid, nla_data(attr),
4178 nla_len(attr));
4179 i++;
4180 }
4181 }
4182
4183 i = 0;
4184 if (info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH]) {
4185 nla_for_each_nested(attr,
4186 info->attrs[NL80211_ATTR_SCHED_SCAN_MATCH],
4187 tmp) {
4188 struct nlattr *ssid;
4189
4190 nla_parse(tb, NL80211_SCHED_SCAN_MATCH_ATTR_MAX,
4191 nla_data(attr), nla_len(attr),
4192 nl80211_match_policy);
4193 ssid = tb[NL80211_ATTR_SCHED_SCAN_MATCH_SSID];
4194 if (ssid) {
4195 if (nla_len(ssid) > IEEE80211_MAX_SSID_LEN) {
4196 err = -EINVAL;
4197 goto out_free;
4198 }
4199 memcpy(request->match_sets[i].ssid.ssid,
4200 nla_data(ssid), nla_len(ssid));
4201 request->match_sets[i].ssid.ssid_len =
4202 nla_len(ssid);
4203 }
4204 i++;
4205 }
4206 }
4207
4208 if (info->attrs[NL80211_ATTR_IE]) {
4209 request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
4210 memcpy((void *)request->ie,
4211 nla_data(info->attrs[NL80211_ATTR_IE]),
4212 request->ie_len);
4213 }
4214
4215 request->dev = dev;
4216 request->wiphy = &rdev->wiphy;
4217 request->interval = interval;
4218
4219 err = rdev->ops->sched_scan_start(&rdev->wiphy, dev, request);
4220 if (!err) {
4221 rdev->sched_scan_req = request;
4222 nl80211_send_sched_scan(rdev, dev,
4223 NL80211_CMD_START_SCHED_SCAN);
4224 goto out;
4225 }
4226
4227out_free:
4228 kfree(request);
4229out:
4230 mutex_unlock(&rdev->sched_scan_mtx);
4231 return err;
4232}
4233
4234static int nl80211_stop_sched_scan(struct sk_buff *skb,
4235 struct genl_info *info)
4236{
4237 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4238 int err;
4239
4240 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN) ||
4241 !rdev->ops->sched_scan_stop)
4242 return -EOPNOTSUPP;
4243
4244 mutex_lock(&rdev->sched_scan_mtx);
4245 err = __cfg80211_stop_sched_scan(rdev, false);
4246 mutex_unlock(&rdev->sched_scan_mtx);
4247
4248 return err;
4249}
4250
4251static int nl80211_send_bss(struct sk_buff *msg, struct netlink_callback *cb,
4252 u32 seq, int flags,
4253 struct cfg80211_registered_device *rdev,
4254 struct wireless_dev *wdev,
4255 struct cfg80211_internal_bss *intbss)
4256{
4257 struct cfg80211_bss *res = &intbss->pub;
4258 void *hdr;
4259 struct nlattr *bss;
4260
4261 ASSERT_WDEV_LOCK(wdev);
4262
4263 hdr = nl80211hdr_put(msg, NETLINK_CB(cb->skb).pid, seq, flags,
4264 NL80211_CMD_NEW_SCAN_RESULTS);
4265 if (!hdr)
4266 return -1;
4267
4268 genl_dump_check_consistent(cb, hdr, &nl80211_fam);
4269
4270 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, rdev->bss_generation);
4271 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, wdev->netdev->ifindex);
4272
4273 bss = nla_nest_start(msg, NL80211_ATTR_BSS);
4274 if (!bss)
4275 goto nla_put_failure;
4276 if (!is_zero_ether_addr(res->bssid))
4277 NLA_PUT(msg, NL80211_BSS_BSSID, ETH_ALEN, res->bssid);
4278 if (res->information_elements && res->len_information_elements)
4279 NLA_PUT(msg, NL80211_BSS_INFORMATION_ELEMENTS,
4280 res->len_information_elements,
4281 res->information_elements);
4282 if (res->beacon_ies && res->len_beacon_ies &&
4283 res->beacon_ies != res->information_elements)
4284 NLA_PUT(msg, NL80211_BSS_BEACON_IES,
4285 res->len_beacon_ies, res->beacon_ies);
4286 if (res->tsf)
4287 NLA_PUT_U64(msg, NL80211_BSS_TSF, res->tsf);
4288 if (res->beacon_interval)
4289 NLA_PUT_U16(msg, NL80211_BSS_BEACON_INTERVAL, res->beacon_interval);
4290 NLA_PUT_U16(msg, NL80211_BSS_CAPABILITY, res->capability);
4291 NLA_PUT_U32(msg, NL80211_BSS_FREQUENCY, res->channel->center_freq);
4292 NLA_PUT_U32(msg, NL80211_BSS_SEEN_MS_AGO,
4293 jiffies_to_msecs(jiffies - intbss->ts));
4294
4295 switch (rdev->wiphy.signal_type) {
4296 case CFG80211_SIGNAL_TYPE_MBM:
4297 NLA_PUT_U32(msg, NL80211_BSS_SIGNAL_MBM, res->signal);
4298 break;
4299 case CFG80211_SIGNAL_TYPE_UNSPEC:
4300 NLA_PUT_U8(msg, NL80211_BSS_SIGNAL_UNSPEC, res->signal);
4301 break;
4302 default:
4303 break;
4304 }
4305
4306 switch (wdev->iftype) {
4307 case NL80211_IFTYPE_P2P_CLIENT:
4308 case NL80211_IFTYPE_STATION:
4309 if (intbss == wdev->current_bss)
4310 NLA_PUT_U32(msg, NL80211_BSS_STATUS,
4311 NL80211_BSS_STATUS_ASSOCIATED);
4312 break;
4313 case NL80211_IFTYPE_ADHOC:
4314 if (intbss == wdev->current_bss)
4315 NLA_PUT_U32(msg, NL80211_BSS_STATUS,
4316 NL80211_BSS_STATUS_IBSS_JOINED);
4317 break;
4318 default:
4319 break;
4320 }
4321
4322 nla_nest_end(msg, bss);
4323
4324 return genlmsg_end(msg, hdr);
4325
4326 nla_put_failure:
4327 genlmsg_cancel(msg, hdr);
4328 return -EMSGSIZE;
4329}
4330
4331static int nl80211_dump_scan(struct sk_buff *skb,
4332 struct netlink_callback *cb)
4333{
4334 struct cfg80211_registered_device *rdev;
4335 struct net_device *dev;
4336 struct cfg80211_internal_bss *scan;
4337 struct wireless_dev *wdev;
4338 int start = cb->args[1], idx = 0;
4339 int err;
4340
4341 err = nl80211_prepare_netdev_dump(skb, cb, &rdev, &dev);
4342 if (err)
4343 return err;
4344
4345 wdev = dev->ieee80211_ptr;
4346
4347 wdev_lock(wdev);
4348 spin_lock_bh(&rdev->bss_lock);
4349 cfg80211_bss_expire(rdev);
4350
4351 cb->seq = rdev->bss_generation;
4352
4353 list_for_each_entry(scan, &rdev->bss_list, list) {
4354 if (++idx <= start)
4355 continue;
4356 if (nl80211_send_bss(skb, cb,
4357 cb->nlh->nlmsg_seq, NLM_F_MULTI,
4358 rdev, wdev, scan) < 0) {
4359 idx--;
4360 break;
4361 }
4362 }
4363
4364 spin_unlock_bh(&rdev->bss_lock);
4365 wdev_unlock(wdev);
4366
4367 cb->args[1] = idx;
4368 nl80211_finish_netdev_dump(rdev);
4369
4370 return skb->len;
4371}
4372
4373static int nl80211_send_survey(struct sk_buff *msg, u32 pid, u32 seq,
4374 int flags, struct net_device *dev,
4375 struct survey_info *survey)
4376{
4377 void *hdr;
4378 struct nlattr *infoattr;
4379
4380 hdr = nl80211hdr_put(msg, pid, seq, flags,
4381 NL80211_CMD_NEW_SURVEY_RESULTS);
4382 if (!hdr)
4383 return -ENOMEM;
4384
4385 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex);
4386
4387 infoattr = nla_nest_start(msg, NL80211_ATTR_SURVEY_INFO);
4388 if (!infoattr)
4389 goto nla_put_failure;
4390
4391 NLA_PUT_U32(msg, NL80211_SURVEY_INFO_FREQUENCY,
4392 survey->channel->center_freq);
4393 if (survey->filled & SURVEY_INFO_NOISE_DBM)
4394 NLA_PUT_U8(msg, NL80211_SURVEY_INFO_NOISE,
4395 survey->noise);
4396 if (survey->filled & SURVEY_INFO_IN_USE)
4397 NLA_PUT_FLAG(msg, NL80211_SURVEY_INFO_IN_USE);
4398 if (survey->filled & SURVEY_INFO_CHANNEL_TIME)
4399 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME,
4400 survey->channel_time);
4401 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_BUSY)
4402 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_BUSY,
4403 survey->channel_time_busy);
4404 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_EXT_BUSY)
4405 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_EXT_BUSY,
4406 survey->channel_time_ext_busy);
4407 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_RX)
4408 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_RX,
4409 survey->channel_time_rx);
4410 if (survey->filled & SURVEY_INFO_CHANNEL_TIME_TX)
4411 NLA_PUT_U64(msg, NL80211_SURVEY_INFO_CHANNEL_TIME_TX,
4412 survey->channel_time_tx);
4413
4414 nla_nest_end(msg, infoattr);
4415
4416 return genlmsg_end(msg, hdr);
4417
4418 nla_put_failure:
4419 genlmsg_cancel(msg, hdr);
4420 return -EMSGSIZE;
4421}
4422
4423static int nl80211_dump_survey(struct sk_buff *skb,
4424 struct netlink_callback *cb)
4425{
4426 struct survey_info survey;
4427 struct cfg80211_registered_device *dev;
4428 struct net_device *netdev;
4429 int survey_idx = cb->args[1];
4430 int res;
4431
4432 res = nl80211_prepare_netdev_dump(skb, cb, &dev, &netdev);
4433 if (res)
4434 return res;
4435
4436 if (!dev->ops->dump_survey) {
4437 res = -EOPNOTSUPP;
4438 goto out_err;
4439 }
4440
4441 while (1) {
4442 struct ieee80211_channel *chan;
4443
4444 res = dev->ops->dump_survey(&dev->wiphy, netdev, survey_idx,
4445 &survey);
4446 if (res == -ENOENT)
4447 break;
4448 if (res)
4449 goto out_err;
4450
4451 /* Survey without a channel doesn't make sense */
4452 if (!survey.channel) {
4453 res = -EINVAL;
4454 goto out;
4455 }
4456
4457 chan = ieee80211_get_channel(&dev->wiphy,
4458 survey.channel->center_freq);
4459 if (!chan || chan->flags & IEEE80211_CHAN_DISABLED) {
4460 survey_idx++;
4461 continue;
4462 }
4463
4464 if (nl80211_send_survey(skb,
4465 NETLINK_CB(cb->skb).pid,
4466 cb->nlh->nlmsg_seq, NLM_F_MULTI,
4467 netdev,
4468 &survey) < 0)
4469 goto out;
4470 survey_idx++;
4471 }
4472
4473 out:
4474 cb->args[1] = survey_idx;
4475 res = skb->len;
4476 out_err:
4477 nl80211_finish_netdev_dump(dev);
4478 return res;
4479}
4480
4481static bool nl80211_valid_auth_type(enum nl80211_auth_type auth_type)
4482{
4483 return auth_type <= NL80211_AUTHTYPE_MAX;
4484}
4485
4486static bool nl80211_valid_wpa_versions(u32 wpa_versions)
4487{
4488 return !(wpa_versions & ~(NL80211_WPA_VERSION_1 |
4489 NL80211_WPA_VERSION_2));
4490}
4491
4492static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info)
4493{
4494 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4495 struct net_device *dev = info->user_ptr[1];
4496 struct ieee80211_channel *chan;
4497 const u8 *bssid, *ssid, *ie = NULL;
4498 int err, ssid_len, ie_len = 0;
4499 enum nl80211_auth_type auth_type;
4500 struct key_parse key;
4501 bool local_state_change;
4502
4503 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
4504 return -EINVAL;
4505
4506 if (!info->attrs[NL80211_ATTR_MAC])
4507 return -EINVAL;
4508
4509 if (!info->attrs[NL80211_ATTR_AUTH_TYPE])
4510 return -EINVAL;
4511
4512 if (!info->attrs[NL80211_ATTR_SSID])
4513 return -EINVAL;
4514
4515 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ])
4516 return -EINVAL;
4517
4518 err = nl80211_parse_key(info, &key);
4519 if (err)
4520 return err;
4521
4522 if (key.idx >= 0) {
4523 if (key.type != -1 && key.type != NL80211_KEYTYPE_GROUP)
4524 return -EINVAL;
4525 if (!key.p.key || !key.p.key_len)
4526 return -EINVAL;
4527 if ((key.p.cipher != WLAN_CIPHER_SUITE_WEP40 ||
4528 key.p.key_len != WLAN_KEY_LEN_WEP40) &&
4529 (key.p.cipher != WLAN_CIPHER_SUITE_WEP104 ||
4530 key.p.key_len != WLAN_KEY_LEN_WEP104))
4531 return -EINVAL;
4532 if (key.idx > 4)
4533 return -EINVAL;
4534 } else {
4535 key.p.key_len = 0;
4536 key.p.key = NULL;
4537 }
4538
4539 if (key.idx >= 0) {
4540 int i;
4541 bool ok = false;
4542 for (i = 0; i < rdev->wiphy.n_cipher_suites; i++) {
4543 if (key.p.cipher == rdev->wiphy.cipher_suites[i]) {
4544 ok = true;
4545 break;
4546 }
4547 }
4548 if (!ok)
4549 return -EINVAL;
4550 }
4551
4552 if (!rdev->ops->auth)
4553 return -EOPNOTSUPP;
4554
4555 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
4556 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
4557 return -EOPNOTSUPP;
4558
4559 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
4560 chan = ieee80211_get_channel(&rdev->wiphy,
4561 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]));
4562 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED))
4563 return -EINVAL;
4564
4565 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
4566 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
4567
4568 if (info->attrs[NL80211_ATTR_IE]) {
4569 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
4570 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
4571 }
4572
4573 auth_type = nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]);
4574 if (!nl80211_valid_auth_type(auth_type))
4575 return -EINVAL;
4576
4577 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE];
4578
4579 /*
4580 * Since we no longer track auth state, ignore
4581 * requests to only change local state.
4582 */
4583 if (local_state_change)
4584 return 0;
4585
4586 return cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid,
4587 ssid, ssid_len, ie, ie_len,
4588 key.p.key, key.p.key_len, key.idx);
4589}
4590
4591static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev,
4592 struct genl_info *info,
4593 struct cfg80211_crypto_settings *settings,
4594 int cipher_limit)
4595{
4596 memset(settings, 0, sizeof(*settings));
4597
4598 settings->control_port = info->attrs[NL80211_ATTR_CONTROL_PORT];
4599
4600 if (info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]) {
4601 u16 proto;
4602 proto = nla_get_u16(
4603 info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]);
4604 settings->control_port_ethertype = cpu_to_be16(proto);
4605 if (!(rdev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) &&
4606 proto != ETH_P_PAE)
4607 return -EINVAL;
4608 if (info->attrs[NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT])
4609 settings->control_port_no_encrypt = true;
4610 } else
4611 settings->control_port_ethertype = cpu_to_be16(ETH_P_PAE);
4612
4613 if (info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]) {
4614 void *data;
4615 int len, i;
4616
4617 data = nla_data(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]);
4618 len = nla_len(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]);
4619 settings->n_ciphers_pairwise = len / sizeof(u32);
4620
4621 if (len % sizeof(u32))
4622 return -EINVAL;
4623
4624 if (settings->n_ciphers_pairwise > cipher_limit)
4625 return -EINVAL;
4626
4627 memcpy(settings->ciphers_pairwise, data, len);
4628
4629 for (i = 0; i < settings->n_ciphers_pairwise; i++)
4630 if (!cfg80211_supported_cipher_suite(
4631 &rdev->wiphy,
4632 settings->ciphers_pairwise[i]))
4633 return -EINVAL;
4634 }
4635
4636 if (info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]) {
4637 settings->cipher_group =
4638 nla_get_u32(info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]);
4639 if (!cfg80211_supported_cipher_suite(&rdev->wiphy,
4640 settings->cipher_group))
4641 return -EINVAL;
4642 }
4643
4644 if (info->attrs[NL80211_ATTR_WPA_VERSIONS]) {
4645 settings->wpa_versions =
4646 nla_get_u32(info->attrs[NL80211_ATTR_WPA_VERSIONS]);
4647 if (!nl80211_valid_wpa_versions(settings->wpa_versions))
4648 return -EINVAL;
4649 }
4650
4651 if (info->attrs[NL80211_ATTR_AKM_SUITES]) {
4652 void *data;
4653 int len;
4654
4655 data = nla_data(info->attrs[NL80211_ATTR_AKM_SUITES]);
4656 len = nla_len(info->attrs[NL80211_ATTR_AKM_SUITES]);
4657 settings->n_akm_suites = len / sizeof(u32);
4658
4659 if (len % sizeof(u32))
4660 return -EINVAL;
4661
4662 if (settings->n_akm_suites > NL80211_MAX_NR_AKM_SUITES)
4663 return -EINVAL;
4664
4665 memcpy(settings->akm_suites, data, len);
4666 }
4667
4668 return 0;
4669}
4670
4671static int nl80211_associate(struct sk_buff *skb, struct genl_info *info)
4672{
4673 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4674 struct net_device *dev = info->user_ptr[1];
4675 struct cfg80211_crypto_settings crypto;
4676 struct ieee80211_channel *chan;
4677 const u8 *bssid, *ssid, *ie = NULL, *prev_bssid = NULL;
4678 int err, ssid_len, ie_len = 0;
4679 bool use_mfp = false;
4680 u32 flags = 0;
4681 struct ieee80211_ht_cap *ht_capa = NULL;
4682 struct ieee80211_ht_cap *ht_capa_mask = NULL;
4683
4684 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
4685 return -EINVAL;
4686
4687 if (!info->attrs[NL80211_ATTR_MAC] ||
4688 !info->attrs[NL80211_ATTR_SSID] ||
4689 !info->attrs[NL80211_ATTR_WIPHY_FREQ])
4690 return -EINVAL;
4691
4692 if (!rdev->ops->assoc)
4693 return -EOPNOTSUPP;
4694
4695 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
4696 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
4697 return -EOPNOTSUPP;
4698
4699 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
4700
4701 chan = ieee80211_get_channel(&rdev->wiphy,
4702 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]));
4703 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED))
4704 return -EINVAL;
4705
4706 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
4707 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
4708
4709 if (info->attrs[NL80211_ATTR_IE]) {
4710 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
4711 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
4712 }
4713
4714 if (info->attrs[NL80211_ATTR_USE_MFP]) {
4715 enum nl80211_mfp mfp =
4716 nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]);
4717 if (mfp == NL80211_MFP_REQUIRED)
4718 use_mfp = true;
4719 else if (mfp != NL80211_MFP_NO)
4720 return -EINVAL;
4721 }
4722
4723 if (info->attrs[NL80211_ATTR_PREV_BSSID])
4724 prev_bssid = nla_data(info->attrs[NL80211_ATTR_PREV_BSSID]);
4725
4726 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_HT]))
4727 flags |= ASSOC_REQ_DISABLE_HT;
4728
4729 if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
4730 ht_capa_mask =
4731 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]);
4732
4733 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) {
4734 if (!ht_capa_mask)
4735 return -EINVAL;
4736 ht_capa = nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]);
4737 }
4738
4739 err = nl80211_crypto_settings(rdev, info, &crypto, 1);
4740 if (!err)
4741 err = cfg80211_mlme_assoc(rdev, dev, chan, bssid, prev_bssid,
4742 ssid, ssid_len, ie, ie_len, use_mfp,
4743 &crypto, flags, ht_capa,
4744 ht_capa_mask);
4745
4746 return err;
4747}
4748
4749static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info)
4750{
4751 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4752 struct net_device *dev = info->user_ptr[1];
4753 const u8 *ie = NULL, *bssid;
4754 int ie_len = 0;
4755 u16 reason_code;
4756 bool local_state_change;
4757
4758 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
4759 return -EINVAL;
4760
4761 if (!info->attrs[NL80211_ATTR_MAC])
4762 return -EINVAL;
4763
4764 if (!info->attrs[NL80211_ATTR_REASON_CODE])
4765 return -EINVAL;
4766
4767 if (!rdev->ops->deauth)
4768 return -EOPNOTSUPP;
4769
4770 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
4771 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
4772 return -EOPNOTSUPP;
4773
4774 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
4775
4776 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
4777 if (reason_code == 0) {
4778 /* Reason Code 0 is reserved */
4779 return -EINVAL;
4780 }
4781
4782 if (info->attrs[NL80211_ATTR_IE]) {
4783 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
4784 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
4785 }
4786
4787 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE];
4788
4789 return cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason_code,
4790 local_state_change);
4791}
4792
4793static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info)
4794{
4795 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4796 struct net_device *dev = info->user_ptr[1];
4797 const u8 *ie = NULL, *bssid;
4798 int ie_len = 0;
4799 u16 reason_code;
4800 bool local_state_change;
4801
4802 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
4803 return -EINVAL;
4804
4805 if (!info->attrs[NL80211_ATTR_MAC])
4806 return -EINVAL;
4807
4808 if (!info->attrs[NL80211_ATTR_REASON_CODE])
4809 return -EINVAL;
4810
4811 if (!rdev->ops->disassoc)
4812 return -EOPNOTSUPP;
4813
4814 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
4815 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
4816 return -EOPNOTSUPP;
4817
4818 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
4819
4820 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
4821 if (reason_code == 0) {
4822 /* Reason Code 0 is reserved */
4823 return -EINVAL;
4824 }
4825
4826 if (info->attrs[NL80211_ATTR_IE]) {
4827 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
4828 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
4829 }
4830
4831 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE];
4832
4833 return cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason_code,
4834 local_state_change);
4835}
4836
4837static bool
4838nl80211_parse_mcast_rate(struct cfg80211_registered_device *rdev,
4839 int mcast_rate[IEEE80211_NUM_BANDS],
4840 int rateval)
4841{
4842 struct wiphy *wiphy = &rdev->wiphy;
4843 bool found = false;
4844 int band, i;
4845
4846 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
4847 struct ieee80211_supported_band *sband;
4848
4849 sband = wiphy->bands[band];
4850 if (!sband)
4851 continue;
4852
4853 for (i = 0; i < sband->n_bitrates; i++) {
4854 if (sband->bitrates[i].bitrate == rateval) {
4855 mcast_rate[band] = i + 1;
4856 found = true;
4857 break;
4858 }
4859 }
4860 }
4861
4862 return found;
4863}
4864
4865static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info)
4866{
4867 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4868 struct net_device *dev = info->user_ptr[1];
4869 struct cfg80211_ibss_params ibss;
4870 struct wiphy *wiphy;
4871 struct cfg80211_cached_keys *connkeys = NULL;
4872 int err;
4873
4874 memset(&ibss, 0, sizeof(ibss));
4875
4876 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
4877 return -EINVAL;
4878
4879 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] ||
4880 !info->attrs[NL80211_ATTR_SSID] ||
4881 !nla_len(info->attrs[NL80211_ATTR_SSID]))
4882 return -EINVAL;
4883
4884 ibss.beacon_interval = 100;
4885
4886 if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) {
4887 ibss.beacon_interval =
4888 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]);
4889 if (ibss.beacon_interval < 1 || ibss.beacon_interval > 10000)
4890 return -EINVAL;
4891 }
4892
4893 if (!rdev->ops->join_ibss)
4894 return -EOPNOTSUPP;
4895
4896 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC)
4897 return -EOPNOTSUPP;
4898
4899 wiphy = &rdev->wiphy;
4900
4901 if (info->attrs[NL80211_ATTR_MAC]) {
4902 ibss.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
4903
4904 if (!is_valid_ether_addr(ibss.bssid))
4905 return -EINVAL;
4906 }
4907 ibss.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
4908 ibss.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
4909
4910 if (info->attrs[NL80211_ATTR_IE]) {
4911 ibss.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
4912 ibss.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
4913 }
4914
4915 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) {
4916 enum nl80211_channel_type channel_type;
4917
4918 channel_type = nla_get_u32(
4919 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
4920 if (channel_type != NL80211_CHAN_NO_HT &&
4921 channel_type != NL80211_CHAN_HT20 &&
4922 channel_type != NL80211_CHAN_HT40MINUS &&
4923 channel_type != NL80211_CHAN_HT40PLUS)
4924 return -EINVAL;
4925
4926 if (channel_type != NL80211_CHAN_NO_HT &&
4927 !(wiphy->features & NL80211_FEATURE_HT_IBSS))
4928 return -EINVAL;
4929
4930 ibss.channel_type = channel_type;
4931 } else {
4932 ibss.channel_type = NL80211_CHAN_NO_HT;
4933 }
4934
4935 ibss.channel = rdev_freq_to_chan(rdev,
4936 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]),
4937 ibss.channel_type);
4938 if (!ibss.channel ||
4939 ibss.channel->flags & IEEE80211_CHAN_NO_IBSS ||
4940 ibss.channel->flags & IEEE80211_CHAN_DISABLED)
4941 return -EINVAL;
4942
4943 /* Both channels should be able to initiate communication */
4944 if ((ibss.channel_type == NL80211_CHAN_HT40PLUS ||
4945 ibss.channel_type == NL80211_CHAN_HT40MINUS) &&
4946 !cfg80211_can_beacon_sec_chan(&rdev->wiphy, ibss.channel,
4947 ibss.channel_type))
4948 return -EINVAL;
4949
4950 ibss.channel_fixed = !!info->attrs[NL80211_ATTR_FREQ_FIXED];
4951 ibss.privacy = !!info->attrs[NL80211_ATTR_PRIVACY];
4952
4953 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) {
4954 u8 *rates =
4955 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
4956 int n_rates =
4957 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
4958 struct ieee80211_supported_band *sband =
4959 wiphy->bands[ibss.channel->band];
4960
4961 err = ieee80211_get_ratemask(sband, rates, n_rates,
4962 &ibss.basic_rates);
4963 if (err)
4964 return err;
4965 }
4966
4967 if (info->attrs[NL80211_ATTR_MCAST_RATE] &&
4968 !nl80211_parse_mcast_rate(rdev, ibss.mcast_rate,
4969 nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE])))
4970 return -EINVAL;
4971
4972 if (ibss.privacy && info->attrs[NL80211_ATTR_KEYS]) {
4973 connkeys = nl80211_parse_connkeys(rdev,
4974 info->attrs[NL80211_ATTR_KEYS]);
4975 if (IS_ERR(connkeys))
4976 return PTR_ERR(connkeys);
4977 }
4978
4979 ibss.control_port =
4980 nla_get_flag(info->attrs[NL80211_ATTR_CONTROL_PORT]);
4981
4982 err = cfg80211_join_ibss(rdev, dev, &ibss, connkeys);
4983 if (err)
4984 kfree(connkeys);
zw.wangc08ce042024-08-08 18:42:05 +0800[diff] [blame]4985#if (defined CONFIG_AIC8800 || defined CONFIG_AIC8800D80L)
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]4986 else if (info->attrs[NL80211_ATTR_SOCKET_OWNER]) {
4987 printk("lemon %s sock_ow\n", __func__);
4988 //dev->ieee80211_ptr->conn_owner_nlportid = info->snd_portid;
4989 dev->ieee80211_ptr->conn_owner_nlportid = info->snd_pid;
4990 }
4991#endif
4992 return err;
4993}
4994
4995static int nl80211_leave_ibss(struct sk_buff *skb, struct genl_info *info)
4996{
4997 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4998 struct net_device *dev = info->user_ptr[1];
4999
5000 if (!rdev->ops->leave_ibss)
5001 return -EOPNOTSUPP;
5002
5003 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC)
5004 return -EOPNOTSUPP;
5005
5006 return cfg80211_leave_ibss(rdev, dev, false);
5007}
5008
5009#ifdef CONFIG_NL80211_TESTMODE
5010static struct genl_multicast_group nl80211_testmode_mcgrp = {
5011 .name = "testmode",
5012};
5013
5014static int nl80211_testmode_do(struct sk_buff *skb, struct genl_info *info)
5015{
5016 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5017 int err;
5018
5019 if (!info->attrs[NL80211_ATTR_TESTDATA])
5020 return -EINVAL;
5021
5022 err = -EOPNOTSUPP;
5023 if (rdev->ops->testmode_cmd) {
5024 rdev->testmode_info = info;
5025 err = rdev->ops->testmode_cmd(&rdev->wiphy,
5026 nla_data(info->attrs[NL80211_ATTR_TESTDATA]),
5027 nla_len(info->attrs[NL80211_ATTR_TESTDATA]));
5028 rdev->testmode_info = NULL;
5029 }
5030
5031 return err;
5032}
5033
5034static int nl80211_testmode_dump(struct sk_buff *skb,
5035 struct netlink_callback *cb)
5036{
5037 struct cfg80211_registered_device *rdev;
5038 int err;
5039 long phy_idx;
5040 void *data = NULL;
5041 int data_len = 0;
5042
5043 if (cb->args[0]) {
5044 /*
5045 * 0 is a valid index, but not valid for args[0],
5046 * so we need to offset by 1.
5047 */
5048 phy_idx = cb->args[0] - 1;
5049 } else {
5050 err = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize,
5051 nl80211_fam.attrbuf, nl80211_fam.maxattr,
5052 nl80211_policy);
5053 if (err)
5054 return err;
5055 if (nl80211_fam.attrbuf[NL80211_ATTR_WIPHY]) {
5056 phy_idx = nla_get_u32(
5057 nl80211_fam.attrbuf[NL80211_ATTR_WIPHY]);
5058 } else {
5059 struct net_device *netdev;
5060
5061 err = get_rdev_dev_by_ifindex(sock_net(skb->sk),
5062 nl80211_fam.attrbuf,
5063 &rdev, &netdev);
5064 if (err)
5065 return err;
5066 dev_put(netdev);
5067 phy_idx = rdev->wiphy_idx;
5068 cfg80211_unlock_rdev(rdev);
5069 }
5070 if (nl80211_fam.attrbuf[NL80211_ATTR_TESTDATA])
5071 cb->args[1] =
5072 (long)nl80211_fam.attrbuf[NL80211_ATTR_TESTDATA];
5073 }
5074
5075 if (cb->args[1]) {
5076 data = nla_data((void *)cb->args[1]);
5077 data_len = nla_len((void *)cb->args[1]);
5078 }
5079
5080 mutex_lock(&cfg80211_mutex);
5081 rdev = cfg80211_rdev_by_wiphy_idx(phy_idx);
5082 if (!rdev) {
5083 mutex_unlock(&cfg80211_mutex);
5084 return -ENOENT;
5085 }
5086 cfg80211_lock_rdev(rdev);
5087 mutex_unlock(&cfg80211_mutex);
5088
5089 if (!rdev->ops->testmode_dump) {
5090 err = -EOPNOTSUPP;
5091 goto out_err;
5092 }
5093
5094 while (1) {
5095 void *hdr = nl80211hdr_put(skb, NETLINK_CB(cb->skb).pid,
5096 cb->nlh->nlmsg_seq, NLM_F_MULTI,
5097 NL80211_CMD_TESTMODE);
5098 struct nlattr *tmdata;
5099
5100 if (nla_put_u32(skb, NL80211_ATTR_WIPHY, phy_idx) < 0) {
5101 genlmsg_cancel(skb, hdr);
5102 break;
5103 }
5104
5105 tmdata = nla_nest_start(skb, NL80211_ATTR_TESTDATA);
5106 if (!tmdata) {
5107 genlmsg_cancel(skb, hdr);
5108 break;
5109 }
5110 err = rdev->ops->testmode_dump(&rdev->wiphy, skb, cb,
5111 data, data_len);
5112 nla_nest_end(skb, tmdata);
5113
5114 if (err == -ENOBUFS || err == -ENOENT) {
5115 genlmsg_cancel(skb, hdr);
5116 break;
5117 } else if (err) {
5118 genlmsg_cancel(skb, hdr);
5119 goto out_err;
5120 }
5121
5122 genlmsg_end(skb, hdr);
5123 }
5124
5125 err = skb->len;
5126 /* see above */
5127 cb->args[0] = phy_idx + 1;
5128 out_err:
5129 cfg80211_unlock_rdev(rdev);
5130 return err;
5131}
5132
5133static struct sk_buff *
5134__cfg80211_testmode_alloc_skb(struct cfg80211_registered_device *rdev,
5135 int approxlen, u32 pid, u32 seq, gfp_t gfp)
5136{
5137 struct sk_buff *skb;
5138 void *hdr;
5139 struct nlattr *data;
5140
5141 skb = nlmsg_new(approxlen + 100, gfp);
5142 if (!skb)
5143 return NULL;
5144
5145 hdr = nl80211hdr_put(skb, pid, seq, 0, NL80211_CMD_TESTMODE);
5146 if (!hdr) {
5147 kfree_skb(skb);
5148 return NULL;
5149 }
5150
5151 NLA_PUT_U32(skb, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
5152 data = nla_nest_start(skb, NL80211_ATTR_TESTDATA);
5153
5154 ((void **)skb->cb)[0] = rdev;
5155 ((void **)skb->cb)[1] = hdr;
5156 ((void **)skb->cb)[2] = data;
5157
5158 return skb;
5159
5160 nla_put_failure:
5161 kfree_skb(skb);
5162 return NULL;
5163}
5164
5165struct sk_buff *cfg80211_testmode_alloc_reply_skb(struct wiphy *wiphy,
5166 int approxlen)
5167{
5168 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
5169
5170 if (WARN_ON(!rdev->testmode_info))
5171 return NULL;
5172
5173 return __cfg80211_testmode_alloc_skb(rdev, approxlen,
5174 rdev->testmode_info->snd_pid,
5175 rdev->testmode_info->snd_seq,
5176 GFP_KERNEL);
5177}
5178EXPORT_SYMBOL(cfg80211_testmode_alloc_reply_skb);
5179
5180int cfg80211_testmode_reply(struct sk_buff *skb)
5181{
5182 struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0];
5183 void *hdr = ((void **)skb->cb)[1];
5184 struct nlattr *data = ((void **)skb->cb)[2];
5185
5186 /* clear CB data for netlink core to own from now on */
5187 memset(skb->cb, 0, sizeof(skb->cb));
5188
5189 if (WARN_ON(!rdev->testmode_info)) {
5190 kfree_skb(skb);
5191 return -EINVAL;
5192 }
5193
5194 nla_nest_end(skb, data);
5195 genlmsg_end(skb, hdr);
5196 return genlmsg_reply(skb, rdev->testmode_info);
5197}
5198EXPORT_SYMBOL(cfg80211_testmode_reply);
5199
5200struct sk_buff *cfg80211_testmode_alloc_event_skb(struct wiphy *wiphy,
5201 int approxlen, gfp_t gfp)
5202{
5203 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
5204
5205 return __cfg80211_testmode_alloc_skb(rdev, approxlen, 0, 0, gfp);
5206}
5207EXPORT_SYMBOL(cfg80211_testmode_alloc_event_skb);
5208
5209void cfg80211_testmode_event(struct sk_buff *skb, gfp_t gfp)
5210{
5211 struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0];
5212 void *hdr = ((void **)skb->cb)[1];
5213 struct nlattr *data = ((void **)skb->cb)[2];
5214
5215 /* clear CB data for netlink core to own from now on */
5216 memset(skb->cb, 0, sizeof(skb->cb));
5217
5218 nla_nest_end(skb, data);
5219 genlmsg_end(skb, hdr);
5220 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), skb, 0,
5221 nl80211_testmode_mcgrp.id, gfp);
5222}
5223EXPORT_SYMBOL(cfg80211_testmode_event);
5224#endif
5225
5226static int nl80211_connect(struct sk_buff *skb, struct genl_info *info)
5227{
5228 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5229 struct net_device *dev = info->user_ptr[1];
5230 struct cfg80211_connect_params connect;
5231 struct wiphy *wiphy;
5232 struct cfg80211_cached_keys *connkeys = NULL;
5233 int err;
5234
5235 memset(&connect, 0, sizeof(connect));
5236
5237 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
5238 return -EINVAL;
5239
5240 if (!info->attrs[NL80211_ATTR_SSID] ||
5241 !nla_len(info->attrs[NL80211_ATTR_SSID]))
5242 return -EINVAL;
5243
5244 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) {
5245 connect.auth_type =
5246 nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]);
5247 if (!nl80211_valid_auth_type(connect.auth_type))
5248 return -EINVAL;
5249 } else
5250 connect.auth_type = NL80211_AUTHTYPE_AUTOMATIC;
5251
5252 connect.privacy = info->attrs[NL80211_ATTR_PRIVACY];
5253
5254 err = nl80211_crypto_settings(rdev, info, &connect.crypto,
5255 NL80211_MAX_NR_CIPHER_SUITES);
5256 if (err)
5257 return err;
5258
5259 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
5260 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
5261 return -EOPNOTSUPP;
5262
5263 wiphy = &rdev->wiphy;
5264
5265 connect.bg_scan_period = -1;
5266 if (info->attrs[NL80211_ATTR_BG_SCAN_PERIOD] &&
5267 (wiphy->flags & WIPHY_FLAG_SUPPORTS_FW_ROAM)) {
5268 connect.bg_scan_period =
5269 nla_get_u16(info->attrs[NL80211_ATTR_BG_SCAN_PERIOD]);
5270 }
5271
5272 if (info->attrs[NL80211_ATTR_MAC])
5273 connect.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
5274 connect.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
5275 connect.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
5276
5277 if (info->attrs[NL80211_ATTR_IE]) {
5278 connect.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
5279 connect.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
5280 }
zw.wangc08ce042024-08-08 18:42:05 +0800[diff] [blame]5281#if (defined CONFIG_AIC8800 || defined CONFIG_AIC8800D80L)
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]5282 if (info->attrs[NL80211_ATTR_USE_MFP]) {
5283 connect.mfp = nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]);
5284 if (connect.mfp != NL80211_MFP_REQUIRED &&
5285 connect.mfp != NL80211_MFP_NO) {
5286 return -EINVAL;
5287 }
5288 } else {
5289 connect.mfp = NL80211_MFP_NO;
5290 }
5291#endif
5292 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
5293 connect.channel =
5294 ieee80211_get_channel(wiphy,
5295 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]));
5296 if (!connect.channel ||
5297 connect.channel->flags & IEEE80211_CHAN_DISABLED)
5298 return -EINVAL;
5299 }
5300
5301 if (connect.privacy && info->attrs[NL80211_ATTR_KEYS]) {
5302 connkeys = nl80211_parse_connkeys(rdev,
5303 info->attrs[NL80211_ATTR_KEYS]);
5304 if (IS_ERR(connkeys))
5305 return PTR_ERR(connkeys);
5306 }
5307
5308 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_HT]))
5309 connect.flags |= ASSOC_REQ_DISABLE_HT;
5310
5311 if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
5312 memcpy(&connect.ht_capa_mask,
5313 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]),
5314 sizeof(connect.ht_capa_mask));
5315
5316 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) {
5317 if (!info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
5318 return -EINVAL;
5319 memcpy(&connect.ht_capa,
5320 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]),
5321 sizeof(connect.ht_capa));
5322 }
zw.wangc08ce042024-08-08 18:42:05 +0800[diff] [blame]5323#if (defined CONFIG_AIC8800 || defined CONFIG_AIC8800D80L)
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]5324 if (nla_get_flag(info->attrs[NL80211_ATTR_EXTERNAL_AUTH_SUPPORT])) {
5325 if (!info->attrs[NL80211_ATTR_SOCKET_OWNER]) {
5326 kzfree(connkeys);
5327 // GENL_SET_ERR_MSG(info,
5328 // "external auth requires connection ownership");
5329 return -EINVAL;
5330 }
5331 connect.flags |= CONNECT_REQ_EXTERNAL_AUTH_SUPPORT;
5332 }
5333
5334 //wdev_lock(dev->ieee80211_ptr);
5335#endif
5336 err = cfg80211_connect(rdev, dev, &connect, connkeys);
5337 if (err)
5338 kfree(connkeys);
zw.wangc08ce042024-08-08 18:42:05 +0800[diff] [blame]5339#if (defined CONFIG_AIC8800 || defined CONFIG_AIC8800D80L)
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]5340 if (!err && info->attrs[NL80211_ATTR_SOCKET_OWNER]) {
5341 //dev->ieee80211_ptr->conn_owner_nlportid = info->snd_portid;
5342 dev->ieee80211_ptr->conn_owner_nlportid = info->snd_pid;
5343 if (connect.bssid) {
5344 memcpy(dev->ieee80211_ptr->disconnect_bssid,
5345 connect.bssid, ETH_ALEN);
5346 }
5347 else {
5348 memset(dev->ieee80211_ptr->disconnect_bssid,
5349 0, ETH_ALEN);
5350 }
5351 }
5352
5353 //wdev_unlock(dev->ieee80211_ptr);
5354#endif
5355 return err;
5356}
5357
5358static int nl80211_disconnect(struct sk_buff *skb, struct genl_info *info)
5359{
5360 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5361 struct net_device *dev = info->user_ptr[1];
5362 u16 reason;
5363
5364 if (!info->attrs[NL80211_ATTR_REASON_CODE])
5365 reason = WLAN_REASON_DEAUTH_LEAVING;
5366 else
5367 reason = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
5368
5369 if (reason == 0)
5370 return -EINVAL;
5371
5372 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
5373 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
5374 return -EOPNOTSUPP;
5375
5376 return cfg80211_disconnect(rdev, dev, reason, true);
5377}
5378
5379static int nl80211_wiphy_netns(struct sk_buff *skb, struct genl_info *info)
5380{
5381 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5382 struct net *net;
5383 int err;
5384 u32 pid;
5385
5386 if (!info->attrs[NL80211_ATTR_PID])
5387 return -EINVAL;
5388
5389 pid = nla_get_u32(info->attrs[NL80211_ATTR_PID]);
5390
5391 net = get_net_ns_by_pid(pid);
5392 if (IS_ERR(net))
5393 return PTR_ERR(net);
5394
5395 err = 0;
5396
5397 /* check if anything to do */
5398 if (!net_eq(wiphy_net(&rdev->wiphy), net))
5399 err = cfg80211_switch_netns(rdev, net);
5400
5401 put_net(net);
5402 return err;
5403}
5404
5405static int nl80211_setdel_pmksa(struct sk_buff *skb, struct genl_info *info)
5406{
5407 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5408 int (*rdev_ops)(struct wiphy *wiphy, struct net_device *dev,
5409 struct cfg80211_pmksa *pmksa) = NULL;
5410 struct net_device *dev = info->user_ptr[1];
5411 struct cfg80211_pmksa pmksa;
5412
5413 memset(&pmksa, 0, sizeof(struct cfg80211_pmksa));
5414
5415 if (!info->attrs[NL80211_ATTR_MAC])
5416 return -EINVAL;
5417
5418 if (!info->attrs[NL80211_ATTR_PMKID])
5419 return -EINVAL;
5420
5421 pmksa.pmkid = nla_data(info->attrs[NL80211_ATTR_PMKID]);
5422 pmksa.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
5423
5424 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
5425 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
5426 return -EOPNOTSUPP;
5427
5428 switch (info->genlhdr->cmd) {
5429 case NL80211_CMD_SET_PMKSA:
5430 rdev_ops = rdev->ops->set_pmksa;
5431 break;
5432 case NL80211_CMD_DEL_PMKSA:
5433 rdev_ops = rdev->ops->del_pmksa;
5434 break;
5435 default:
5436 WARN_ON(1);
5437 break;
5438 }
5439
5440 if (!rdev_ops)
5441 return -EOPNOTSUPP;
5442
5443 return rdev_ops(&rdev->wiphy, dev, &pmksa);
5444}
5445
5446static int nl80211_flush_pmksa(struct sk_buff *skb, struct genl_info *info)
5447{
5448 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5449 struct net_device *dev = info->user_ptr[1];
5450
5451 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
5452 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
5453 return -EOPNOTSUPP;
5454
5455 if (!rdev->ops->flush_pmksa)
5456 return -EOPNOTSUPP;
5457
5458 return rdev->ops->flush_pmksa(&rdev->wiphy, dev);
5459}
5460
5461static int nl80211_tdls_mgmt(struct sk_buff *skb, struct genl_info *info)
5462{
5463 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5464 struct net_device *dev = info->user_ptr[1];
5465 u8 action_code, dialog_token;
5466 u16 status_code;
5467 u8 *peer;
5468
5469 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) ||
5470 !rdev->ops->tdls_mgmt)
5471 return -EOPNOTSUPP;
5472
5473 if (!info->attrs[NL80211_ATTR_TDLS_ACTION] ||
5474 !info->attrs[NL80211_ATTR_STATUS_CODE] ||
5475 !info->attrs[NL80211_ATTR_TDLS_DIALOG_TOKEN] ||
5476 !info->attrs[NL80211_ATTR_IE] ||
5477 !info->attrs[NL80211_ATTR_MAC])
5478 return -EINVAL;
5479
5480 peer = nla_data(info->attrs[NL80211_ATTR_MAC]);
5481 action_code = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_ACTION]);
5482 status_code = nla_get_u16(info->attrs[NL80211_ATTR_STATUS_CODE]);
5483 dialog_token = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_DIALOG_TOKEN]);
5484
5485 return rdev->ops->tdls_mgmt(&rdev->wiphy, dev, peer, action_code,
5486 dialog_token, status_code,
5487 nla_data(info->attrs[NL80211_ATTR_IE]),
5488 nla_len(info->attrs[NL80211_ATTR_IE]));
5489}
5490
5491static int nl80211_tdls_oper(struct sk_buff *skb, struct genl_info *info)
5492{
5493 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5494 struct net_device *dev = info->user_ptr[1];
5495 enum nl80211_tdls_operation operation;
5496 u8 *peer;
5497
5498 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) ||
5499 !rdev->ops->tdls_oper)
5500 return -EOPNOTSUPP;
5501
5502 if (!info->attrs[NL80211_ATTR_TDLS_OPERATION] ||
5503 !info->attrs[NL80211_ATTR_MAC])
5504 return -EINVAL;
5505
5506 operation = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_OPERATION]);
5507 peer = nla_data(info->attrs[NL80211_ATTR_MAC]);
5508
5509 return rdev->ops->tdls_oper(&rdev->wiphy, dev, peer, operation);
5510}
5511
5512static int nl80211_remain_on_channel(struct sk_buff *skb,
5513 struct genl_info *info)
5514{
5515 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5516 struct net_device *dev = info->user_ptr[1];
5517 struct ieee80211_channel *chan;
5518 struct sk_buff *msg;
5519 void *hdr;
5520 u64 cookie;
5521 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT;
5522 u32 freq, duration;
5523 int err;
5524
5525 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] ||
5526 !info->attrs[NL80211_ATTR_DURATION])
5527 return -EINVAL;
5528
5529 duration = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]);
5530
5531 /*
5532 * We should be on that channel for at least one jiffie,
5533 * and more than 5 seconds seems excessive.
5534 */
5535 if (!duration || !msecs_to_jiffies(duration) ||
5536 duration > rdev->wiphy.max_remain_on_channel_duration)
5537 return -EINVAL;
5538
5539 if (!rdev->ops->remain_on_channel ||
5540 !(rdev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL))
5541 return -EOPNOTSUPP;
5542
5543 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) {
5544 channel_type = nla_get_u32(
5545 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
5546 if (channel_type != NL80211_CHAN_NO_HT &&
5547 channel_type != NL80211_CHAN_HT20 &&
5548 channel_type != NL80211_CHAN_HT40PLUS &&
5549 channel_type != NL80211_CHAN_HT40MINUS)
5550 return -EINVAL;
5551 }
5552
5553 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]);
5554 chan = rdev_freq_to_chan(rdev, freq, channel_type);
5555 if (chan == NULL)
5556 return -EINVAL;
5557
5558 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
5559 if (!msg)
5560 return -ENOMEM;
5561
5562 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0,
5563 NL80211_CMD_REMAIN_ON_CHANNEL);
5564
5565 if (IS_ERR(hdr)) {
5566 err = PTR_ERR(hdr);
5567 goto free_msg;
5568 }
5569
5570 err = rdev->ops->remain_on_channel(&rdev->wiphy, dev, chan,
5571 channel_type, duration, &cookie);
5572
5573 if (err)
5574 goto free_msg;
5575
5576 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie);
5577
5578 genlmsg_end(msg, hdr);
5579
5580 return genlmsg_reply(msg, info);
5581
5582 nla_put_failure:
5583 err = -ENOBUFS;
5584 free_msg:
5585 nlmsg_free(msg);
5586 return err;
5587}
5588
5589static int nl80211_cancel_remain_on_channel(struct sk_buff *skb,
5590 struct genl_info *info)
5591{
5592 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5593 struct net_device *dev = info->user_ptr[1];
5594 u64 cookie;
5595
5596 if (!info->attrs[NL80211_ATTR_COOKIE])
5597 return -EINVAL;
5598
5599 if (!rdev->ops->cancel_remain_on_channel)
5600 return -EOPNOTSUPP;
5601
5602 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]);
5603
5604 return rdev->ops->cancel_remain_on_channel(&rdev->wiphy, dev, cookie);
5605}
5606
5607static u32 rateset_to_mask(struct ieee80211_supported_band *sband,
5608 u8 *rates, u8 rates_len)
5609{
5610 u8 i;
5611 u32 mask = 0;
5612
5613 for (i = 0; i < rates_len; i++) {
5614 int rate = (rates[i] & 0x7f) * 5;
5615 int ridx;
5616 for (ridx = 0; ridx < sband->n_bitrates; ridx++) {
5617 struct ieee80211_rate *srate =
5618 &sband->bitrates[ridx];
5619 if (rate == srate->bitrate) {
5620 mask |= 1 << ridx;
5621 break;
5622 }
5623 }
5624 if (ridx == sband->n_bitrates)
5625 return 0; /* rate not found */
5626 }
5627
5628 return mask;
5629}
5630
5631static bool ht_rateset_to_mask(struct ieee80211_supported_band *sband,
5632 u8 *rates, u8 rates_len,
5633 u8 mcs[IEEE80211_HT_MCS_MASK_LEN])
5634{
5635 u8 i;
5636
5637 memset(mcs, 0, IEEE80211_HT_MCS_MASK_LEN);
5638
5639 for (i = 0; i < rates_len; i++) {
5640 int ridx, rbit;
5641
5642 ridx = rates[i] / 8;
5643 rbit = BIT(rates[i] % 8);
5644
5645 /* check validity */
5646 if ((ridx < 0) || (ridx >= IEEE80211_HT_MCS_MASK_LEN))
5647 return false;
5648
5649 /* check availability */
5650 if (sband->ht_cap.mcs.rx_mask[ridx] & rbit)
5651 mcs[ridx] |= rbit;
5652 else
5653 return false;
5654 }
5655
5656 return true;
5657}
5658
5659static const struct nla_policy nl80211_txattr_policy[NL80211_TXRATE_MAX + 1] = {
5660 [NL80211_TXRATE_LEGACY] = { .type = NLA_BINARY,
5661 .len = NL80211_MAX_SUPP_RATES },
5662 [NL80211_TXRATE_MCS] = { .type = NLA_BINARY,
5663 .len = NL80211_MAX_SUPP_HT_RATES },
5664};
5665
5666static int nl80211_set_tx_bitrate_mask(struct sk_buff *skb,
5667 struct genl_info *info)
5668{
5669 struct nlattr *tb[NL80211_TXRATE_MAX + 1];
5670 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5671 struct cfg80211_bitrate_mask mask;
5672 int rem, i;
5673 struct net_device *dev = info->user_ptr[1];
5674 struct nlattr *tx_rates;
5675 struct ieee80211_supported_band *sband;
5676
5677 if (info->attrs[NL80211_ATTR_TX_RATES] == NULL)
5678 return -EINVAL;
5679
5680 if (!rdev->ops->set_bitrate_mask)
5681 return -EOPNOTSUPP;
5682
5683 memset(&mask, 0, sizeof(mask));
5684 /* Default to all rates enabled */
5685 for (i = 0; i < IEEE80211_NUM_BANDS; i++) {
5686 sband = rdev->wiphy.bands[i];
5687 mask.control[i].legacy =
5688 sband ? (1 << sband->n_bitrates) - 1 : 0;
5689 if (sband)
5690 memcpy(mask.control[i].mcs,
5691 sband->ht_cap.mcs.rx_mask,
5692 sizeof(mask.control[i].mcs));
5693 else
5694 memset(mask.control[i].mcs, 0,
5695 sizeof(mask.control[i].mcs));
5696 }
5697
5698 /*
5699 * The nested attribute uses enum nl80211_band as the index. This maps
5700 * directly to the enum ieee80211_band values used in cfg80211.
5701 */
5702 BUILD_BUG_ON(NL80211_MAX_SUPP_HT_RATES > IEEE80211_HT_MCS_MASK_LEN * 8);
5703 nla_for_each_nested(tx_rates, info->attrs[NL80211_ATTR_TX_RATES], rem)
5704 {
5705 enum ieee80211_band band = nla_type(tx_rates);
5706 if (band < 0 || band >= IEEE80211_NUM_BANDS)
5707 return -EINVAL;
5708 sband = rdev->wiphy.bands[band];
5709 if (sband == NULL)
5710 return -EINVAL;
5711 nla_parse(tb, NL80211_TXRATE_MAX, nla_data(tx_rates),
5712 nla_len(tx_rates), nl80211_txattr_policy);
5713 if (tb[NL80211_TXRATE_LEGACY]) {
5714 mask.control[band].legacy = rateset_to_mask(
5715 sband,
5716 nla_data(tb[NL80211_TXRATE_LEGACY]),
5717 nla_len(tb[NL80211_TXRATE_LEGACY]));
5718 }
5719 if (tb[NL80211_TXRATE_MCS]) {
5720 if (!ht_rateset_to_mask(
5721 sband,
5722 nla_data(tb[NL80211_TXRATE_MCS]),
5723 nla_len(tb[NL80211_TXRATE_MCS]),
5724 mask.control[band].mcs))
5725 return -EINVAL;
5726 }
5727
5728 if (mask.control[band].legacy == 0) {
5729 /* don't allow empty legacy rates if HT
5730 * is not even supported. */
5731 if (!rdev->wiphy.bands[band]->ht_cap.ht_supported)
5732 return -EINVAL;
5733
5734 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++)
5735 if (mask.control[band].mcs[i])
5736 break;
5737
5738 /* legacy and mcs rates may not be both empty */
5739 if (i == IEEE80211_HT_MCS_MASK_LEN)
5740 return -EINVAL;
5741 }
5742 }
5743
5744 return rdev->ops->set_bitrate_mask(&rdev->wiphy, dev, NULL, &mask);
5745}
5746
5747static int nl80211_register_mgmt(struct sk_buff *skb, struct genl_info *info)
5748{
5749 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5750 struct net_device *dev = info->user_ptr[1];
5751 u16 frame_type = IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_ACTION;
5752
5753 if (!info->attrs[NL80211_ATTR_FRAME_MATCH])
5754 return -EINVAL;
5755
5756 if (info->attrs[NL80211_ATTR_FRAME_TYPE])
5757 frame_type = nla_get_u16(info->attrs[NL80211_ATTR_FRAME_TYPE]);
5758
5759 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
5760 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC &&
5761 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT &&
5762 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
5763 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN &&
5764 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT &&
5765 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
5766 return -EOPNOTSUPP;
5767
5768 /* not much point in registering if we can't reply */
5769 if (!rdev->ops->mgmt_tx)
5770 return -EOPNOTSUPP;
5771
5772 return cfg80211_mlme_register_mgmt(dev->ieee80211_ptr, info->snd_pid,
5773 frame_type,
5774 nla_data(info->attrs[NL80211_ATTR_FRAME_MATCH]),
5775 nla_len(info->attrs[NL80211_ATTR_FRAME_MATCH]));
5776}
5777
5778static int nl80211_tx_mgmt(struct sk_buff *skb, struct genl_info *info)
5779{
5780 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5781 struct net_device *dev = info->user_ptr[1];
5782 struct ieee80211_channel *chan;
5783 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT;
5784 bool channel_type_valid = false;
5785 u32 freq;
5786 int err;
5787 void *hdr = NULL;
5788 u64 cookie;
5789 struct sk_buff *msg = NULL;
5790 unsigned int wait = 0;
5791 bool offchan, no_cck, dont_wait_for_ack;
5792
5793 dont_wait_for_ack = info->attrs[NL80211_ATTR_DONT_WAIT_FOR_ACK];
5794
5795 if (!info->attrs[NL80211_ATTR_FRAME] ||
5796 !info->attrs[NL80211_ATTR_WIPHY_FREQ])
5797 return -EINVAL;
5798
5799 if (!rdev->ops->mgmt_tx)
5800 return -EOPNOTSUPP;
5801
5802 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
5803 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC &&
5804 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT &&
5805 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
5806 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN &&
5807 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT &&
5808 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
5809 return -EOPNOTSUPP;
5810
5811 if (info->attrs[NL80211_ATTR_DURATION]) {
5812 if (!(rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX))
5813 return -EINVAL;
5814 wait = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]);
5815 }
5816
5817 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) {
5818 channel_type = nla_get_u32(
5819 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
5820 if (channel_type != NL80211_CHAN_NO_HT &&
5821 channel_type != NL80211_CHAN_HT20 &&
5822 channel_type != NL80211_CHAN_HT40PLUS &&
5823 channel_type != NL80211_CHAN_HT40MINUS)
5824 return -EINVAL;
5825 channel_type_valid = true;
5826 }
5827
5828 offchan = info->attrs[NL80211_ATTR_OFFCHANNEL_TX_OK];
5829
5830 if (offchan && !(rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX))
5831 return -EINVAL;
5832
5833 no_cck = nla_get_flag(info->attrs[NL80211_ATTR_TX_NO_CCK_RATE]);
5834
5835 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]);
5836 chan = rdev_freq_to_chan(rdev, freq, channel_type);
5837 if (chan == NULL)
5838 return -EINVAL;
5839
5840 if (!dont_wait_for_ack) {
5841 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
5842 if (!msg)
5843 return -ENOMEM;
5844
5845 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0,
5846 NL80211_CMD_FRAME);
5847
5848 if (IS_ERR(hdr)) {
5849 err = PTR_ERR(hdr);
5850 goto free_msg;
5851 }
5852 }
5853
5854 err = cfg80211_mlme_mgmt_tx(rdev, dev, chan, offchan, channel_type,
5855 channel_type_valid, wait,
5856 nla_data(info->attrs[NL80211_ATTR_FRAME]),
5857 nla_len(info->attrs[NL80211_ATTR_FRAME]),
5858 no_cck, dont_wait_for_ack, &cookie);
5859 if (err)
5860 goto free_msg;
5861
5862 if (msg) {
5863 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie);
5864
5865 genlmsg_end(msg, hdr);
5866 return genlmsg_reply(msg, info);
5867 }
5868
5869 return 0;
5870
5871 nla_put_failure:
5872 err = -ENOBUFS;
5873 free_msg:
5874 nlmsg_free(msg);
5875 return err;
5876}
5877
5878static int nl80211_tx_mgmt_cancel_wait(struct sk_buff *skb, struct genl_info *info)
5879{
5880 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5881 struct net_device *dev = info->user_ptr[1];
5882 u64 cookie;
5883
5884 if (!info->attrs[NL80211_ATTR_COOKIE])
5885 return -EINVAL;
5886
5887 if (!rdev->ops->mgmt_tx_cancel_wait)
5888 return -EOPNOTSUPP;
5889
5890 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
5891 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC &&
5892 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT &&
5893 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
5894 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN &&
5895 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
5896 return -EOPNOTSUPP;
5897
5898 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]);
5899
5900 return rdev->ops->mgmt_tx_cancel_wait(&rdev->wiphy, dev, cookie);
5901}
5902
5903static int nl80211_set_power_save(struct sk_buff *skb, struct genl_info *info)
5904{
5905 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5906 struct wireless_dev *wdev;
5907 struct net_device *dev = info->user_ptr[1];
5908 u8 ps_state;
5909 bool state;
5910 int err;
5911
5912 if (!info->attrs[NL80211_ATTR_PS_STATE])
5913 return -EINVAL;
5914
5915 ps_state = nla_get_u32(info->attrs[NL80211_ATTR_PS_STATE]);
5916
5917 if (ps_state != NL80211_PS_DISABLED && ps_state != NL80211_PS_ENABLED)
5918 return -EINVAL;
5919
5920 wdev = dev->ieee80211_ptr;
5921
5922 if (!rdev->ops->set_power_mgmt)
5923 return -EOPNOTSUPP;
5924
5925 state = (ps_state == NL80211_PS_ENABLED) ? true : false;
5926
5927 if (state == wdev->ps)
5928 return 0;
5929
5930 err = rdev->ops->set_power_mgmt(wdev->wiphy, dev, state,
5931 wdev->ps_timeout);
5932 if (!err)
5933 wdev->ps = state;
5934 return err;
5935}
5936
5937static int nl80211_get_power_save(struct sk_buff *skb, struct genl_info *info)
5938{
5939 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5940 enum nl80211_ps_state ps_state;
5941 struct wireless_dev *wdev;
5942 struct net_device *dev = info->user_ptr[1];
5943 struct sk_buff *msg;
5944 void *hdr;
5945 int err;
5946
5947 wdev = dev->ieee80211_ptr;
5948
5949 if (!rdev->ops->set_power_mgmt)
5950 return -EOPNOTSUPP;
5951
5952 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
5953 if (!msg)
5954 return -ENOMEM;
5955
5956 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0,
5957 NL80211_CMD_GET_POWER_SAVE);
5958 if (!hdr) {
5959 err = -ENOBUFS;
5960 goto free_msg;
5961 }
5962
5963 if (wdev->ps)
5964 ps_state = NL80211_PS_ENABLED;
5965 else
5966 ps_state = NL80211_PS_DISABLED;
5967
5968 NLA_PUT_U32(msg, NL80211_ATTR_PS_STATE, ps_state);
5969
5970 genlmsg_end(msg, hdr);
5971 return genlmsg_reply(msg, info);
5972
5973 nla_put_failure:
5974 err = -ENOBUFS;
5975 free_msg:
5976 nlmsg_free(msg);
5977 return err;
5978}
5979
5980static struct nla_policy
5981nl80211_attr_cqm_policy[NL80211_ATTR_CQM_MAX + 1] __read_mostly = {
5982 [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_U32 },
5983 [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U32 },
5984 [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 },
5985};
5986
5987static int nl80211_set_cqm_rssi(struct genl_info *info,
5988 s32 threshold, u32 hysteresis)
5989{
5990 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5991 struct wireless_dev *wdev;
5992 struct net_device *dev = info->user_ptr[1];
5993
5994 if (threshold > 0)
5995 return -EINVAL;
5996
5997 wdev = dev->ieee80211_ptr;
5998
5999 if (!rdev->ops->set_cqm_rssi_config)
6000 return -EOPNOTSUPP;
6001
6002 if (wdev->iftype != NL80211_IFTYPE_STATION &&
6003 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT)
6004 return -EOPNOTSUPP;
6005
6006 return rdev->ops->set_cqm_rssi_config(wdev->wiphy, dev,
6007 threshold, hysteresis);
6008}
6009
6010static int nl80211_set_cqm(struct sk_buff *skb, struct genl_info *info)
6011{
6012 struct nlattr *attrs[NL80211_ATTR_CQM_MAX + 1];
6013 struct nlattr *cqm;
6014 int err;
6015
6016 cqm = info->attrs[NL80211_ATTR_CQM];
6017 if (!cqm) {
6018 err = -EINVAL;
6019 goto out;
6020 }
6021
6022 err = nla_parse_nested(attrs, NL80211_ATTR_CQM_MAX, cqm,
6023 nl80211_attr_cqm_policy);
6024 if (err)
6025 goto out;
6026
6027 if (attrs[NL80211_ATTR_CQM_RSSI_THOLD] &&
6028 attrs[NL80211_ATTR_CQM_RSSI_HYST]) {
6029 s32 threshold;
6030 u32 hysteresis;
6031 threshold = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_THOLD]);
6032 hysteresis = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_HYST]);
6033 err = nl80211_set_cqm_rssi(info, threshold, hysteresis);
6034 } else
6035 err = -EINVAL;
6036
6037out:
6038 return err;
6039}
6040
6041static int nl80211_join_mesh(struct sk_buff *skb, struct genl_info *info)
6042{
6043 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6044 struct net_device *dev = info->user_ptr[1];
6045 struct mesh_config cfg;
6046 struct mesh_setup setup;
6047 int err;
6048
6049 /* start with default */
6050 memcpy(&cfg, &default_mesh_config, sizeof(cfg));
6051 memcpy(&setup, &default_mesh_setup, sizeof(setup));
6052
6053 if (info->attrs[NL80211_ATTR_MESH_CONFIG]) {
6054 /* and parse parameters if given */
6055 err = nl80211_parse_mesh_config(info, &cfg, NULL);
6056 if (err)
6057 return err;
6058 }
6059
6060 if (!info->attrs[NL80211_ATTR_MESH_ID] ||
6061 !nla_len(info->attrs[NL80211_ATTR_MESH_ID]))
6062 return -EINVAL;
6063
6064 setup.mesh_id = nla_data(info->attrs[NL80211_ATTR_MESH_ID]);
6065 setup.mesh_id_len = nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
6066
6067 if (info->attrs[NL80211_ATTR_MCAST_RATE] &&
6068 !nl80211_parse_mcast_rate(rdev, setup.mcast_rate,
6069 nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE])))
6070 return -EINVAL;
6071
6072 if (info->attrs[NL80211_ATTR_MESH_SETUP]) {
6073 /* parse additional setup parameters if given */
6074 err = nl80211_parse_mesh_setup(info, &setup);
6075 if (err)
6076 return err;
6077 }
6078
6079 return cfg80211_join_mesh(rdev, dev, &setup, &cfg);
6080}
6081
6082static int nl80211_leave_mesh(struct sk_buff *skb, struct genl_info *info)
6083{
6084 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6085 struct net_device *dev = info->user_ptr[1];
6086
6087 return cfg80211_leave_mesh(rdev, dev);
6088}
6089
6090static int nl80211_get_wowlan(struct sk_buff *skb, struct genl_info *info)
6091{
6092 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6093 struct sk_buff *msg;
6094 void *hdr;
6095
6096 if (!rdev->wiphy.wowlan.flags && !rdev->wiphy.wowlan.n_patterns)
6097 return -EOPNOTSUPP;
6098
6099 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
6100 if (!msg)
6101 return -ENOMEM;
6102
6103 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0,
6104 NL80211_CMD_GET_WOWLAN);
6105 if (!hdr)
6106 goto nla_put_failure;
6107
6108 if (rdev->wowlan) {
6109 struct nlattr *nl_wowlan;
6110
6111 nl_wowlan = nla_nest_start(msg, NL80211_ATTR_WOWLAN_TRIGGERS);
6112 if (!nl_wowlan)
6113 goto nla_put_failure;
6114
6115 if (rdev->wowlan->any)
6116 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_ANY);
6117 if (rdev->wowlan->disconnect)
6118 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_DISCONNECT);
6119 if (rdev->wowlan->magic_pkt)
6120 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT);
6121 if (rdev->wowlan->gtk_rekey_failure)
6122 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE);
6123 if (rdev->wowlan->eap_identity_req)
6124 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST);
6125 if (rdev->wowlan->four_way_handshake)
6126 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE);
6127 if (rdev->wowlan->rfkill_release)
6128 NLA_PUT_FLAG(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE);
6129 if (rdev->wowlan->n_patterns) {
6130 struct nlattr *nl_pats, *nl_pat;
6131 int i, pat_len;
6132
6133 nl_pats = nla_nest_start(msg,
6134 NL80211_WOWLAN_TRIG_PKT_PATTERN);
6135 if (!nl_pats)
6136 goto nla_put_failure;
6137
6138 for (i = 0; i < rdev->wowlan->n_patterns; i++) {
6139 nl_pat = nla_nest_start(msg, i + 1);
6140 if (!nl_pat)
6141 goto nla_put_failure;
6142 pat_len = rdev->wowlan->patterns[i].pattern_len;
6143 NLA_PUT(msg, NL80211_WOWLAN_PKTPAT_MASK,
6144 DIV_ROUND_UP(pat_len, 8),
6145 rdev->wowlan->patterns[i].mask);
6146 NLA_PUT(msg, NL80211_WOWLAN_PKTPAT_PATTERN,
6147 pat_len,
6148 rdev->wowlan->patterns[i].pattern);
6149 nla_nest_end(msg, nl_pat);
6150 }
6151 nla_nest_end(msg, nl_pats);
6152 }
6153
6154 nla_nest_end(msg, nl_wowlan);
6155 }
6156
6157 genlmsg_end(msg, hdr);
6158 return genlmsg_reply(msg, info);
6159
6160nla_put_failure:
6161 nlmsg_free(msg);
6162 return -ENOBUFS;
6163}
6164
6165static int nl80211_set_wowlan(struct sk_buff *skb, struct genl_info *info)
6166{
6167 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6168 struct nlattr *tb[NUM_NL80211_WOWLAN_TRIG];
6169 struct cfg80211_wowlan no_triggers = {};
6170 struct cfg80211_wowlan new_triggers = {};
6171 struct wiphy_wowlan_support *wowlan = &rdev->wiphy.wowlan;
6172 int err, i;
6173
6174 if (!rdev->wiphy.wowlan.flags && !rdev->wiphy.wowlan.n_patterns)
6175 return -EOPNOTSUPP;
6176
6177 if (!info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS])
6178 goto no_triggers;
6179
6180 err = nla_parse(tb, MAX_NL80211_WOWLAN_TRIG,
6181 nla_data(info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]),
6182 nla_len(info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]),
6183 nl80211_wowlan_policy);
6184 if (err)
6185 return err;
6186
6187 if (tb[NL80211_WOWLAN_TRIG_ANY]) {
6188 if (!(wowlan->flags & WIPHY_WOWLAN_ANY))
6189 return -EINVAL;
6190 new_triggers.any = true;
6191 }
6192
6193 if (tb[NL80211_WOWLAN_TRIG_DISCONNECT]) {
6194 if (!(wowlan->flags & WIPHY_WOWLAN_DISCONNECT))
6195 return -EINVAL;
6196 new_triggers.disconnect = true;
6197 }
6198
6199 if (tb[NL80211_WOWLAN_TRIG_MAGIC_PKT]) {
6200 if (!(wowlan->flags & WIPHY_WOWLAN_MAGIC_PKT))
6201 return -EINVAL;
6202 new_triggers.magic_pkt = true;
6203 }
6204
6205 if (tb[NL80211_WOWLAN_TRIG_GTK_REKEY_SUPPORTED])
6206 return -EINVAL;
6207
6208 if (tb[NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE]) {
6209 if (!(wowlan->flags & WIPHY_WOWLAN_GTK_REKEY_FAILURE))
6210 return -EINVAL;
6211 new_triggers.gtk_rekey_failure = true;
6212 }
6213
6214 if (tb[NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST]) {
6215 if (!(wowlan->flags & WIPHY_WOWLAN_EAP_IDENTITY_REQ))
6216 return -EINVAL;
6217 new_triggers.eap_identity_req = true;
6218 }
6219
6220 if (tb[NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE]) {
6221 if (!(wowlan->flags & WIPHY_WOWLAN_4WAY_HANDSHAKE))
6222 return -EINVAL;
6223 new_triggers.four_way_handshake = true;
6224 }
6225
6226 if (tb[NL80211_WOWLAN_TRIG_RFKILL_RELEASE]) {
6227 if (!(wowlan->flags & WIPHY_WOWLAN_RFKILL_RELEASE))
6228 return -EINVAL;
6229 new_triggers.rfkill_release = true;
6230 }
6231
6232 if (tb[NL80211_WOWLAN_TRIG_PKT_PATTERN]) {
6233 struct nlattr *pat;
6234 int n_patterns = 0;
6235 int rem, pat_len, mask_len;
6236 struct nlattr *pat_tb[NUM_NL80211_WOWLAN_PKTPAT];
6237
6238 nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN],
6239 rem)
6240 n_patterns++;
6241 if (n_patterns > wowlan->n_patterns)
6242 return -EINVAL;
6243
6244 new_triggers.patterns = kcalloc(n_patterns,
6245 sizeof(new_triggers.patterns[0]),
6246 GFP_KERNEL);
6247 if (!new_triggers.patterns)
6248 return -ENOMEM;
6249
6250 new_triggers.n_patterns = n_patterns;
6251 i = 0;
6252
6253 nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN],
6254 rem) {
6255 nla_parse(pat_tb, MAX_NL80211_WOWLAN_PKTPAT,
6256 nla_data(pat), nla_len(pat), NULL);
6257 err = -EINVAL;
6258 if (!pat_tb[NL80211_WOWLAN_PKTPAT_MASK] ||
6259 !pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN])
6260 goto error;
6261 pat_len = nla_len(pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN]);
6262 mask_len = DIV_ROUND_UP(pat_len, 8);
6263 if (nla_len(pat_tb[NL80211_WOWLAN_PKTPAT_MASK]) !=
6264 mask_len)
6265 goto error;
6266 if (pat_len > wowlan->pattern_max_len ||
6267 pat_len < wowlan->pattern_min_len)
6268 goto error;
6269
6270 new_triggers.patterns[i].mask =
6271 kmalloc(mask_len + pat_len, GFP_KERNEL);
6272 if (!new_triggers.patterns[i].mask) {
6273 err = -ENOMEM;
6274 goto error;
6275 }
6276 new_triggers.patterns[i].pattern =
6277 new_triggers.patterns[i].mask + mask_len;
6278 memcpy(new_triggers.patterns[i].mask,
6279 nla_data(pat_tb[NL80211_WOWLAN_PKTPAT_MASK]),
6280 mask_len);
6281 new_triggers.patterns[i].pattern_len = pat_len;
6282 memcpy(new_triggers.patterns[i].pattern,
6283 nla_data(pat_tb[NL80211_WOWLAN_PKTPAT_PATTERN]),
6284 pat_len);
6285 i++;
6286 }
6287 }
6288
6289 if (memcmp(&new_triggers, &no_triggers, sizeof(new_triggers))) {
6290 struct cfg80211_wowlan *ntrig;
6291 ntrig = kmemdup(&new_triggers, sizeof(new_triggers),
6292 GFP_KERNEL);
6293 if (!ntrig) {
6294 err = -ENOMEM;
6295 goto error;
6296 }
6297 cfg80211_rdev_free_wowlan(rdev);
6298 rdev->wowlan = ntrig;
6299 } else {
6300 no_triggers:
6301 cfg80211_rdev_free_wowlan(rdev);
6302 rdev->wowlan = NULL;
6303 }
6304
6305 return 0;
6306 error:
6307 for (i = 0; i < new_triggers.n_patterns; i++)
6308 kfree(new_triggers.patterns[i].mask);
6309 kfree(new_triggers.patterns);
6310 return err;
6311}
6312
6313static int nl80211_set_rekey_data(struct sk_buff *skb, struct genl_info *info)
6314{
6315 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6316 struct net_device *dev = info->user_ptr[1];
6317 struct wireless_dev *wdev = dev->ieee80211_ptr;
6318 struct nlattr *tb[NUM_NL80211_REKEY_DATA];
6319 struct cfg80211_gtk_rekey_data rekey_data;
6320 int err;
6321
6322 if (!info->attrs[NL80211_ATTR_REKEY_DATA])
6323 return -EINVAL;
6324
6325 err = nla_parse(tb, MAX_NL80211_REKEY_DATA,
6326 nla_data(info->attrs[NL80211_ATTR_REKEY_DATA]),
6327 nla_len(info->attrs[NL80211_ATTR_REKEY_DATA]),
6328 nl80211_rekey_policy);
6329 if (err)
6330 return err;
6331
lh758261d2023-07-13 05:52:04 -0700[diff] [blame]6332 if (!tb[NL80211_REKEY_DATA_REPLAY_CTR] || !tb[NL80211_REKEY_DATA_KEK] ||
6333 !tb[NL80211_REKEY_DATA_KCK]) //CVE-2017-12153(BDSA-2017-1184)
6334 return -EINVAL;
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]6335 if (nla_len(tb[NL80211_REKEY_DATA_REPLAY_CTR]) != NL80211_REPLAY_CTR_LEN)
6336 return -ERANGE;
6337 if (nla_len(tb[NL80211_REKEY_DATA_KEK]) != NL80211_KEK_LEN)
6338 return -ERANGE;
6339 if (nla_len(tb[NL80211_REKEY_DATA_KCK]) != NL80211_KCK_LEN)
6340 return -ERANGE;
6341
6342 memcpy(rekey_data.kek, nla_data(tb[NL80211_REKEY_DATA_KEK]),
6343 NL80211_KEK_LEN);
6344 memcpy(rekey_data.kck, nla_data(tb[NL80211_REKEY_DATA_KCK]),
6345 NL80211_KCK_LEN);
6346 memcpy(rekey_data.replay_ctr,
6347 nla_data(tb[NL80211_REKEY_DATA_REPLAY_CTR]),
6348 NL80211_REPLAY_CTR_LEN);
6349
6350 wdev_lock(wdev);
6351 if (!wdev->current_bss) {
6352 err = -ENOTCONN;
6353 goto out;
6354 }
6355
6356 if (!rdev->ops->set_rekey_data) {
6357 err = -EOPNOTSUPP;
6358 goto out;
6359 }
6360
6361 err = rdev->ops->set_rekey_data(&rdev->wiphy, dev, &rekey_data);
6362 out:
6363 wdev_unlock(wdev);
6364 return err;
6365}
6366
6367static int nl80211_register_unexpected_frame(struct sk_buff *skb,
6368 struct genl_info *info)
6369{
6370 struct net_device *dev = info->user_ptr[1];
6371 struct wireless_dev *wdev = dev->ieee80211_ptr;
6372
6373 if (wdev->iftype != NL80211_IFTYPE_AP &&
6374 wdev->iftype != NL80211_IFTYPE_P2P_GO)
6375 return -EINVAL;
6376
6377 if (wdev->ap_unexpected_nlpid)
6378 return -EBUSY;
6379
6380 wdev->ap_unexpected_nlpid = info->snd_pid;
6381 return 0;
6382}
6383
6384static int nl80211_probe_client(struct sk_buff *skb,
6385 struct genl_info *info)
6386{
6387 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6388 struct net_device *dev = info->user_ptr[1];
6389 struct wireless_dev *wdev = dev->ieee80211_ptr;
6390 struct sk_buff *msg;
6391 void *hdr;
6392 const u8 *addr;
6393 u64 cookie;
6394 int err;
6395
6396 if (wdev->iftype != NL80211_IFTYPE_AP &&
6397 wdev->iftype != NL80211_IFTYPE_P2P_GO)
6398 return -EOPNOTSUPP;
6399
6400 if (!info->attrs[NL80211_ATTR_MAC])
6401 return -EINVAL;
6402
6403 if (!rdev->ops->probe_client)
6404 return -EOPNOTSUPP;
6405
6406 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
6407 if (!msg)
6408 return -ENOMEM;
6409
6410 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0,
6411 NL80211_CMD_PROBE_CLIENT);
6412
6413 if (IS_ERR(hdr)) {
6414 err = PTR_ERR(hdr);
6415 goto free_msg;
6416 }
6417
6418 addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
6419
6420 err = rdev->ops->probe_client(&rdev->wiphy, dev, addr, &cookie);
6421 if (err)
6422 goto free_msg;
6423
6424 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie);
6425
6426 genlmsg_end(msg, hdr);
6427
6428 return genlmsg_reply(msg, info);
6429
6430 nla_put_failure:
6431 err = -ENOBUFS;
6432 free_msg:
6433 nlmsg_free(msg);
6434 return err;
6435}
6436
6437static int nl80211_register_beacons(struct sk_buff *skb, struct genl_info *info)
6438{
6439 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6440
6441 if (!(rdev->wiphy.flags & WIPHY_FLAG_REPORTS_OBSS))
6442 return -EOPNOTSUPP;
6443
6444 if (rdev->ap_beacons_nlpid)
6445 return -EBUSY;
6446
6447 rdev->ap_beacons_nlpid = info->snd_pid;
6448
6449 return 0;
6450}
zw.wangc08ce042024-08-08 18:42:05 +0800[diff] [blame]6451#if (defined CONFIG_AIC8800 || defined CONFIG_AIC8800D80L)
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]6452static inline int
6453rdev_external_auth(struct cfg80211_registered_device *rdev,
6454 struct net_device *dev,
6455 struct cfg80211_external_auth_params *params)
6456{
6457 int ret = -EOPNOTSUPP;
6458
6459 //trace_rdev_external_auth(&rdev->wiphy, dev, params);
6460 if (rdev->ops->external_auth)
6461 ret = rdev->ops->external_auth(&rdev->wiphy, dev, params);
6462 //trace_rdev_return_int(&rdev->wiphy, ret);
6463 return ret;
6464}
6465
6466static int nl80211_external_auth(struct sk_buff *skb, struct genl_info *info)
6467{
6468 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6469 struct net_device *dev = info->user_ptr[1];
6470 struct cfg80211_external_auth_params params;
6471
6472 if (!rdev->ops->external_auth)
6473 return -EOPNOTSUPP;
6474
6475 if (!info->attrs[NL80211_ATTR_SSID] &&
6476 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
6477 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
6478 return -EINVAL;
6479
6480 if (!info->attrs[NL80211_ATTR_BSSID])
6481 return -EINVAL;
6482
6483 if (!info->attrs[NL80211_ATTR_STATUS_CODE])
6484 return -EINVAL;
6485
6486 memset(&params, 0, sizeof(params));
6487
6488 if (info->attrs[NL80211_ATTR_SSID]) {
6489 params.ssid.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
6490 if (params.ssid.ssid_len == 0)
6491 return -EINVAL;
6492 memcpy(params.ssid.ssid,
6493 nla_data(info->attrs[NL80211_ATTR_SSID]),
6494 params.ssid.ssid_len);
6495 }
6496
6497 memcpy(params.bssid, nla_data(info->attrs[NL80211_ATTR_BSSID]),
6498 ETH_ALEN);
6499
6500 params.status = nla_get_u16(info->attrs[NL80211_ATTR_STATUS_CODE]);
6501
6502 if (info->attrs[NL80211_ATTR_PMKID])
6503 params.pmkid = nla_data(info->attrs[NL80211_ATTR_PMKID]);
6504
6505 return rdev_external_auth(rdev, dev, &params);
6506}
6507#endif
6508
6509#define NL80211_FLAG_NEED_WIPHY 0x01
6510#define NL80211_FLAG_NEED_NETDEV 0x02
6511#define NL80211_FLAG_NEED_RTNL 0x04
6512#define NL80211_FLAG_CHECK_NETDEV_UP 0x08
6513#define NL80211_FLAG_NEED_NETDEV_UP (NL80211_FLAG_NEED_NETDEV |\
6514 NL80211_FLAG_CHECK_NETDEV_UP)
6515
6516static int nl80211_pre_doit(struct genl_ops *ops, struct sk_buff *skb,
6517 struct genl_info *info)
6518{
6519 struct cfg80211_registered_device *rdev;
6520 struct net_device *dev;
6521 int err;
6522 bool rtnl = ops->internal_flags & NL80211_FLAG_NEED_RTNL;
6523
6524 if (rtnl)
6525 rtnl_lock();
6526
6527 if (ops->internal_flags & NL80211_FLAG_NEED_WIPHY) {
6528 rdev = cfg80211_get_dev_from_info(info);
6529 if (IS_ERR(rdev)) {
6530 if (rtnl)
6531 rtnl_unlock();
6532 return PTR_ERR(rdev);
6533 }
6534 info->user_ptr[0] = rdev;
6535 } else if (ops->internal_flags & NL80211_FLAG_NEED_NETDEV) {
6536 err = get_rdev_dev_by_ifindex(genl_info_net(info), info->attrs,
6537 &rdev, &dev);
6538 if (err) {
6539 if (rtnl)
6540 rtnl_unlock();
6541 return err;
6542 }
6543 if (ops->internal_flags & NL80211_FLAG_CHECK_NETDEV_UP &&
6544 !netif_running(dev)) {
6545 cfg80211_unlock_rdev(rdev);
6546 dev_put(dev);
6547 if (rtnl)
6548 rtnl_unlock();
6549 return -ENETDOWN;
6550 }
6551 info->user_ptr[0] = rdev;
6552 info->user_ptr[1] = dev;
6553 }
6554
6555 return 0;
6556}
6557
6558static void nl80211_post_doit(struct genl_ops *ops, struct sk_buff *skb,
6559 struct genl_info *info)
6560{
6561 if (info->user_ptr[0])
6562 cfg80211_unlock_rdev(info->user_ptr[0]);
6563 if (info->user_ptr[1])
6564 dev_put(info->user_ptr[1]);
6565 if (ops->internal_flags & NL80211_FLAG_NEED_RTNL)
6566 rtnl_unlock();
6567}
6568
6569static struct genl_ops nl80211_ops[] = {
6570 {
6571 .cmd = NL80211_CMD_GET_WIPHY,
6572 .doit = nl80211_get_wiphy,
6573 .dumpit = nl80211_dump_wiphy,
6574 .policy = nl80211_policy,
6575 /* can be retrieved by unprivileged users */
6576 .internal_flags = NL80211_FLAG_NEED_WIPHY,
6577 },
6578 {
6579 .cmd = NL80211_CMD_SET_WIPHY,
6580 .doit = nl80211_set_wiphy,
6581 .policy = nl80211_policy,
6582 .flags = GENL_ADMIN_PERM,
6583 .internal_flags = NL80211_FLAG_NEED_RTNL,
6584 },
6585 {
6586 .cmd = NL80211_CMD_GET_INTERFACE,
6587 .doit = nl80211_get_interface,
6588 .dumpit = nl80211_dump_interface,
6589 .policy = nl80211_policy,
6590 /* can be retrieved by unprivileged users */
6591 .internal_flags = NL80211_FLAG_NEED_NETDEV,
6592 },
6593 {
6594 .cmd = NL80211_CMD_SET_INTERFACE,
6595 .doit = nl80211_set_interface,
6596 .policy = nl80211_policy,
6597 .flags = GENL_ADMIN_PERM,
6598 .internal_flags = NL80211_FLAG_NEED_NETDEV |
6599 NL80211_FLAG_NEED_RTNL,
6600 },
6601 {
6602 .cmd = NL80211_CMD_NEW_INTERFACE,
6603 .doit = nl80211_new_interface,
6604 .policy = nl80211_policy,
6605 .flags = GENL_ADMIN_PERM,
6606 .internal_flags = NL80211_FLAG_NEED_WIPHY |
6607 NL80211_FLAG_NEED_RTNL,
6608 },
6609 {
6610 .cmd = NL80211_CMD_DEL_INTERFACE,
6611 .doit = nl80211_del_interface,
6612 .policy = nl80211_policy,
6613 .flags = GENL_ADMIN_PERM,
6614 .internal_flags = NL80211_FLAG_NEED_NETDEV |
6615 NL80211_FLAG_NEED_RTNL,
6616 },
6617 {
6618 .cmd = NL80211_CMD_GET_KEY,
6619 .doit = nl80211_get_key,
6620 .policy = nl80211_policy,
6621 .flags = GENL_ADMIN_PERM,
6622 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6623 NL80211_FLAG_NEED_RTNL,
6624 },
6625 {
6626 .cmd = NL80211_CMD_SET_KEY,
6627 .doit = nl80211_set_key,
6628 .policy = nl80211_policy,
6629 .flags = GENL_ADMIN_PERM,
6630 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6631 NL80211_FLAG_NEED_RTNL,
6632 },
6633 {
6634 .cmd = NL80211_CMD_NEW_KEY,
6635 .doit = nl80211_new_key,
6636 .policy = nl80211_policy,
6637 .flags = GENL_ADMIN_PERM,
6638 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6639 NL80211_FLAG_NEED_RTNL,
6640 },
6641 {
6642 .cmd = NL80211_CMD_DEL_KEY,
6643 .doit = nl80211_del_key,
6644 .policy = nl80211_policy,
6645 .flags = GENL_ADMIN_PERM,
6646 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6647 NL80211_FLAG_NEED_RTNL,
6648 },
6649 {
6650 .cmd = NL80211_CMD_SET_BEACON,
6651 .policy = nl80211_policy,
6652 .flags = GENL_ADMIN_PERM,
6653 .doit = nl80211_set_beacon,
6654 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6655 NL80211_FLAG_NEED_RTNL,
6656 },
6657 {
6658 .cmd = NL80211_CMD_START_AP,
6659 .policy = nl80211_policy,
6660 .flags = GENL_ADMIN_PERM,
6661 .doit = nl80211_start_ap,
6662 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6663 NL80211_FLAG_NEED_RTNL,
6664 },
6665 {
6666 .cmd = NL80211_CMD_STOP_AP,
6667 .policy = nl80211_policy,
6668 .flags = GENL_ADMIN_PERM,
6669 .doit = nl80211_stop_ap,
6670 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6671 NL80211_FLAG_NEED_RTNL,
6672 },
6673 {
6674 .cmd = NL80211_CMD_GET_STATION,
6675 .doit = nl80211_get_station,
6676 .dumpit = nl80211_dump_station,
6677 .policy = nl80211_policy,
6678 .internal_flags = NL80211_FLAG_NEED_NETDEV |
6679 NL80211_FLAG_NEED_RTNL,
6680 },
6681 {
6682 .cmd = NL80211_CMD_SET_STATION,
6683 .doit = nl80211_set_station,
6684 .policy = nl80211_policy,
6685 .flags = GENL_ADMIN_PERM,
6686 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6687 NL80211_FLAG_NEED_RTNL,
6688 },
6689 {
6690 .cmd = NL80211_CMD_NEW_STATION,
6691 .doit = nl80211_new_station,
6692 .policy = nl80211_policy,
6693 .flags = GENL_ADMIN_PERM,
6694 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6695 NL80211_FLAG_NEED_RTNL,
6696 },
6697 {
6698 .cmd = NL80211_CMD_DEL_STATION,
6699 .doit = nl80211_del_station,
6700 .policy = nl80211_policy,
6701 .flags = GENL_ADMIN_PERM,
6702 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6703 NL80211_FLAG_NEED_RTNL,
6704 },
6705 {
6706 .cmd = NL80211_CMD_GET_MPATH,
6707 .doit = nl80211_get_mpath,
6708 .dumpit = nl80211_dump_mpath,
6709 .policy = nl80211_policy,
6710 .flags = GENL_ADMIN_PERM,
6711 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6712 NL80211_FLAG_NEED_RTNL,
6713 },
6714 {
6715 .cmd = NL80211_CMD_SET_MPATH,
6716 .doit = nl80211_set_mpath,
6717 .policy = nl80211_policy,
6718 .flags = GENL_ADMIN_PERM,
6719 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6720 NL80211_FLAG_NEED_RTNL,
6721 },
6722 {
6723 .cmd = NL80211_CMD_NEW_MPATH,
6724 .doit = nl80211_new_mpath,
6725 .policy = nl80211_policy,
6726 .flags = GENL_ADMIN_PERM,
6727 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6728 NL80211_FLAG_NEED_RTNL,
6729 },
6730 {
6731 .cmd = NL80211_CMD_DEL_MPATH,
6732 .doit = nl80211_del_mpath,
6733 .policy = nl80211_policy,
6734 .flags = GENL_ADMIN_PERM,
6735 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6736 NL80211_FLAG_NEED_RTNL,
6737 },
6738 {
6739 .cmd = NL80211_CMD_SET_BSS,
6740 .doit = nl80211_set_bss,
6741 .policy = nl80211_policy,
6742 .flags = GENL_ADMIN_PERM,
6743 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6744 NL80211_FLAG_NEED_RTNL,
6745 },
6746 {
6747 .cmd = NL80211_CMD_GET_REG,
6748 .doit = nl80211_get_reg,
6749 .policy = nl80211_policy,
6750 /* can be retrieved by unprivileged users */
6751 },
6752 {
6753 .cmd = NL80211_CMD_SET_REG,
6754 .doit = nl80211_set_reg,
6755 .policy = nl80211_policy,
6756 .flags = GENL_ADMIN_PERM,
6757 },
6758 {
6759 .cmd = NL80211_CMD_REQ_SET_REG,
6760 .doit = nl80211_req_set_reg,
6761 .policy = nl80211_policy,
6762 .flags = GENL_ADMIN_PERM,
6763 },
6764 {
6765 .cmd = NL80211_CMD_GET_MESH_CONFIG,
6766 .doit = nl80211_get_mesh_config,
6767 .policy = nl80211_policy,
6768 /* can be retrieved by unprivileged users */
6769 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6770 NL80211_FLAG_NEED_RTNL,
6771 },
6772 {
6773 .cmd = NL80211_CMD_SET_MESH_CONFIG,
6774 .doit = nl80211_update_mesh_config,
6775 .policy = nl80211_policy,
6776 .flags = GENL_ADMIN_PERM,
6777 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6778 NL80211_FLAG_NEED_RTNL,
6779 },
6780 {
6781 .cmd = NL80211_CMD_TRIGGER_SCAN,
6782 .doit = nl80211_trigger_scan,
6783 .policy = nl80211_policy,
6784 .flags = GENL_ADMIN_PERM,
6785 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6786 NL80211_FLAG_NEED_RTNL,
6787 },
6788 {
6789 .cmd = NL80211_CMD_GET_SCAN,
6790 .policy = nl80211_policy,
6791 .dumpit = nl80211_dump_scan,
6792 },
6793 {
6794 .cmd = NL80211_CMD_START_SCHED_SCAN,
6795 .doit = nl80211_start_sched_scan,
6796 .policy = nl80211_policy,
6797 .flags = GENL_ADMIN_PERM,
6798 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6799 NL80211_FLAG_NEED_RTNL,
6800 },
6801 {
6802 .cmd = NL80211_CMD_STOP_SCHED_SCAN,
6803 .doit = nl80211_stop_sched_scan,
6804 .policy = nl80211_policy,
6805 .flags = GENL_ADMIN_PERM,
6806 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6807 NL80211_FLAG_NEED_RTNL,
6808 },
6809 {
6810 .cmd = NL80211_CMD_AUTHENTICATE,
6811 .doit = nl80211_authenticate,
6812 .policy = nl80211_policy,
6813 .flags = GENL_ADMIN_PERM,
6814 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6815 NL80211_FLAG_NEED_RTNL,
6816 },
6817 {
6818 .cmd = NL80211_CMD_ASSOCIATE,
6819 .doit = nl80211_associate,
6820 .policy = nl80211_policy,
6821 .flags = GENL_ADMIN_PERM,
6822 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6823 NL80211_FLAG_NEED_RTNL,
6824 },
6825 {
6826 .cmd = NL80211_CMD_DEAUTHENTICATE,
6827 .doit = nl80211_deauthenticate,
6828 .policy = nl80211_policy,
6829 .flags = GENL_ADMIN_PERM,
6830 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6831 NL80211_FLAG_NEED_RTNL,
6832 },
6833 {
6834 .cmd = NL80211_CMD_DISASSOCIATE,
6835 .doit = nl80211_disassociate,
6836 .policy = nl80211_policy,
6837 .flags = GENL_ADMIN_PERM,
6838 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6839 NL80211_FLAG_NEED_RTNL,
6840 },
6841 {
6842 .cmd = NL80211_CMD_JOIN_IBSS,
6843 .doit = nl80211_join_ibss,
6844 .policy = nl80211_policy,
6845 .flags = GENL_ADMIN_PERM,
6846 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6847 NL80211_FLAG_NEED_RTNL,
6848 },
6849 {
6850 .cmd = NL80211_CMD_LEAVE_IBSS,
6851 .doit = nl80211_leave_ibss,
6852 .policy = nl80211_policy,
6853 .flags = GENL_ADMIN_PERM,
6854 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6855 NL80211_FLAG_NEED_RTNL,
6856 },
6857#ifdef CONFIG_NL80211_TESTMODE
6858 {
6859 .cmd = NL80211_CMD_TESTMODE,
6860 .doit = nl80211_testmode_do,
6861 .dumpit = nl80211_testmode_dump,
6862 .policy = nl80211_policy,
6863 .flags = GENL_ADMIN_PERM,
6864 .internal_flags = NL80211_FLAG_NEED_WIPHY |
6865 NL80211_FLAG_NEED_RTNL,
6866 },
6867#endif
6868 {
6869 .cmd = NL80211_CMD_CONNECT,
6870 .doit = nl80211_connect,
6871 .policy = nl80211_policy,
6872 .flags = GENL_ADMIN_PERM,
6873 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6874 NL80211_FLAG_NEED_RTNL,
6875 },
6876 {
6877 .cmd = NL80211_CMD_DISCONNECT,
6878 .doit = nl80211_disconnect,
6879 .policy = nl80211_policy,
6880 .flags = GENL_ADMIN_PERM,
6881 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6882 NL80211_FLAG_NEED_RTNL,
6883 },
6884 {
6885 .cmd = NL80211_CMD_SET_WIPHY_NETNS,
6886 .doit = nl80211_wiphy_netns,
6887 .policy = nl80211_policy,
6888 .flags = GENL_ADMIN_PERM,
6889 .internal_flags = NL80211_FLAG_NEED_WIPHY |
6890 NL80211_FLAG_NEED_RTNL,
6891 },
6892 {
6893 .cmd = NL80211_CMD_GET_SURVEY,
6894 .policy = nl80211_policy,
6895 .dumpit = nl80211_dump_survey,
6896 },
6897 {
6898 .cmd = NL80211_CMD_SET_PMKSA,
6899 .doit = nl80211_setdel_pmksa,
6900 .policy = nl80211_policy,
6901 .flags = GENL_ADMIN_PERM,
6902 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6903 NL80211_FLAG_NEED_RTNL,
6904 },
6905 {
6906 .cmd = NL80211_CMD_DEL_PMKSA,
6907 .doit = nl80211_setdel_pmksa,
6908 .policy = nl80211_policy,
6909 .flags = GENL_ADMIN_PERM,
6910 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6911 NL80211_FLAG_NEED_RTNL,
6912 },
zw.wangc08ce042024-08-08 18:42:05 +0800[diff] [blame]6913#if (defined CONFIG_AIC8800 || defined CONFIG_AIC8800D80L)
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]6914 {
6915 .cmd = NL80211_CMD_EXTERNAL_AUTH,
6916 //.validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
6917 .doit = nl80211_external_auth,
6918 .flags = GENL_ADMIN_PERM,
6919 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP,
6920 },
6921#endif
6922 {
6923 .cmd = NL80211_CMD_FLUSH_PMKSA,
6924 .doit = nl80211_flush_pmksa,
6925 .policy = nl80211_policy,
6926 .flags = GENL_ADMIN_PERM,
6927 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6928 NL80211_FLAG_NEED_RTNL,
6929 },
6930 {
6931 .cmd = NL80211_CMD_REMAIN_ON_CHANNEL,
6932 .doit = nl80211_remain_on_channel,
6933 .policy = nl80211_policy,
6934 .flags = GENL_ADMIN_PERM,
6935 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6936 NL80211_FLAG_NEED_RTNL,
6937 },
6938 {
6939 .cmd = NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL,
6940 .doit = nl80211_cancel_remain_on_channel,
6941 .policy = nl80211_policy,
6942 .flags = GENL_ADMIN_PERM,
6943 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6944 NL80211_FLAG_NEED_RTNL,
6945 },
6946 {
6947 .cmd = NL80211_CMD_SET_TX_BITRATE_MASK,
6948 .doit = nl80211_set_tx_bitrate_mask,
6949 .policy = nl80211_policy,
6950 .flags = GENL_ADMIN_PERM,
6951 .internal_flags = NL80211_FLAG_NEED_NETDEV |
6952 NL80211_FLAG_NEED_RTNL,
6953 },
6954 {
6955 .cmd = NL80211_CMD_REGISTER_FRAME,
6956 .doit = nl80211_register_mgmt,
6957 .policy = nl80211_policy,
6958 .flags = GENL_ADMIN_PERM,
6959 .internal_flags = NL80211_FLAG_NEED_NETDEV |
6960 NL80211_FLAG_NEED_RTNL,
6961 },
6962 {
6963 .cmd = NL80211_CMD_FRAME,
6964 .doit = nl80211_tx_mgmt,
6965 .policy = nl80211_policy,
6966 .flags = GENL_ADMIN_PERM,
6967 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6968 NL80211_FLAG_NEED_RTNL,
6969 },
6970 {
6971 .cmd = NL80211_CMD_FRAME_WAIT_CANCEL,
6972 .doit = nl80211_tx_mgmt_cancel_wait,
6973 .policy = nl80211_policy,
6974 .flags = GENL_ADMIN_PERM,
6975 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
6976 NL80211_FLAG_NEED_RTNL,
6977 },
6978 {
6979 .cmd = NL80211_CMD_SET_POWER_SAVE,
6980 .doit = nl80211_set_power_save,
6981 .policy = nl80211_policy,
6982 .flags = GENL_ADMIN_PERM,
6983 .internal_flags = NL80211_FLAG_NEED_NETDEV |
6984 NL80211_FLAG_NEED_RTNL,
6985 },
6986 {
6987 .cmd = NL80211_CMD_GET_POWER_SAVE,
6988 .doit = nl80211_get_power_save,
6989 .policy = nl80211_policy,
6990 /* can be retrieved by unprivileged users */
6991 .internal_flags = NL80211_FLAG_NEED_NETDEV |
6992 NL80211_FLAG_NEED_RTNL,
6993 },
6994 {
6995 .cmd = NL80211_CMD_SET_CQM,
6996 .doit = nl80211_set_cqm,
6997 .policy = nl80211_policy,
6998 .flags = GENL_ADMIN_PERM,
6999 .internal_flags = NL80211_FLAG_NEED_NETDEV |
7000 NL80211_FLAG_NEED_RTNL,
7001 },
7002 {
7003 .cmd = NL80211_CMD_SET_CHANNEL,
7004 .doit = nl80211_set_channel,
7005 .policy = nl80211_policy,
7006 .flags = GENL_ADMIN_PERM,
7007 .internal_flags = NL80211_FLAG_NEED_NETDEV |
7008 NL80211_FLAG_NEED_RTNL,
7009 },
7010 {
7011 .cmd = NL80211_CMD_SET_WDS_PEER,
7012 .doit = nl80211_set_wds_peer,
7013 .policy = nl80211_policy,
7014 .flags = GENL_ADMIN_PERM,
7015 .internal_flags = NL80211_FLAG_NEED_NETDEV |
7016 NL80211_FLAG_NEED_RTNL,
7017 },
7018 {
7019 .cmd = NL80211_CMD_JOIN_MESH,
7020 .doit = nl80211_join_mesh,
7021 .policy = nl80211_policy,
7022 .flags = GENL_ADMIN_PERM,
7023 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
7024 NL80211_FLAG_NEED_RTNL,
7025 },
7026 {
7027 .cmd = NL80211_CMD_LEAVE_MESH,
7028 .doit = nl80211_leave_mesh,
7029 .policy = nl80211_policy,
7030 .flags = GENL_ADMIN_PERM,
7031 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
7032 NL80211_FLAG_NEED_RTNL,
7033 },
7034 {
7035 .cmd = NL80211_CMD_GET_WOWLAN,
7036 .doit = nl80211_get_wowlan,
7037 .policy = nl80211_policy,
7038 /* can be retrieved by unprivileged users */
7039 .internal_flags = NL80211_FLAG_NEED_WIPHY |
7040 NL80211_FLAG_NEED_RTNL,
7041 },
7042 {
7043 .cmd = NL80211_CMD_SET_WOWLAN,
7044 .doit = nl80211_set_wowlan,
7045 .policy = nl80211_policy,
7046 .flags = GENL_ADMIN_PERM,
7047 .internal_flags = NL80211_FLAG_NEED_WIPHY |
7048 NL80211_FLAG_NEED_RTNL,
7049 },
7050 {
7051 .cmd = NL80211_CMD_SET_REKEY_OFFLOAD,
7052 .doit = nl80211_set_rekey_data,
7053 .policy = nl80211_policy,
7054 .flags = GENL_ADMIN_PERM,
7055 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
7056 NL80211_FLAG_NEED_RTNL,
7057 },
7058 {
7059 .cmd = NL80211_CMD_TDLS_MGMT,
7060 .doit = nl80211_tdls_mgmt,
7061 .policy = nl80211_policy,
7062 .flags = GENL_ADMIN_PERM,
7063 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
7064 NL80211_FLAG_NEED_RTNL,
7065 },
7066 {
7067 .cmd = NL80211_CMD_TDLS_OPER,
7068 .doit = nl80211_tdls_oper,
7069 .policy = nl80211_policy,
7070 .flags = GENL_ADMIN_PERM,
7071 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
7072 NL80211_FLAG_NEED_RTNL,
7073 },
7074 {
7075 .cmd = NL80211_CMD_UNEXPECTED_FRAME,
7076 .doit = nl80211_register_unexpected_frame,
7077 .policy = nl80211_policy,
7078 .flags = GENL_ADMIN_PERM,
7079 .internal_flags = NL80211_FLAG_NEED_NETDEV |
7080 NL80211_FLAG_NEED_RTNL,
7081 },
7082 {
7083 .cmd = NL80211_CMD_PROBE_CLIENT,
7084 .doit = nl80211_probe_client,
7085 .policy = nl80211_policy,
7086 .flags = GENL_ADMIN_PERM,
7087 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
7088 NL80211_FLAG_NEED_RTNL,
7089 },
7090 {
7091 .cmd = NL80211_CMD_REGISTER_BEACONS,
7092 .doit = nl80211_register_beacons,
7093 .policy = nl80211_policy,
7094 .flags = GENL_ADMIN_PERM,
7095 .internal_flags = NL80211_FLAG_NEED_WIPHY |
7096 NL80211_FLAG_NEED_RTNL,
7097 },
7098 {
7099 .cmd = NL80211_CMD_SET_NOACK_MAP,
7100 .doit = nl80211_set_noack_map,
7101 .policy = nl80211_policy,
7102 .flags = GENL_ADMIN_PERM,
7103 .internal_flags = NL80211_FLAG_NEED_NETDEV |
7104 NL80211_FLAG_NEED_RTNL,
7105 },
7106
7107};
7108
7109static struct genl_multicast_group nl80211_mlme_mcgrp = {
7110 .name = "mlme",
7111};
7112
7113/* multicast groups */
7114static struct genl_multicast_group nl80211_config_mcgrp = {
7115 .name = "config",
7116};
7117static struct genl_multicast_group nl80211_scan_mcgrp = {
7118 .name = "scan",
7119};
7120static struct genl_multicast_group nl80211_regulatory_mcgrp = {
7121 .name = "regulatory",
7122};
7123
7124/* notification functions */
7125
7126void nl80211_notify_dev_rename(struct cfg80211_registered_device *rdev)
7127{
7128 struct sk_buff *msg;
7129
7130 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
7131 if (!msg)
7132 return;
7133
7134 if (nl80211_send_wiphy(msg, 0, 0, 0, rdev) < 0) {
7135 nlmsg_free(msg);
7136 return;
7137 }
7138
7139 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7140 nl80211_config_mcgrp.id, GFP_KERNEL);
7141}
7142
7143static int nl80211_add_scan_req(struct sk_buff *msg,
7144 struct cfg80211_registered_device *rdev)
7145{
7146 struct cfg80211_scan_request *req = rdev->scan_req;
7147 struct nlattr *nest;
7148 int i;
7149
7150 ASSERT_RDEV_LOCK(rdev);
7151
7152 if (WARN_ON(!req))
7153 return 0;
7154
7155 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_SSIDS);
7156 if (!nest)
7157 goto nla_put_failure;
7158 for (i = 0; i < req->n_ssids; i++)
7159 NLA_PUT(msg, i, req->ssids[i].ssid_len, req->ssids[i].ssid);
7160 nla_nest_end(msg, nest);
7161
7162 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_FREQUENCIES);
7163 if (!nest)
7164 goto nla_put_failure;
7165 for (i = 0; i < req->n_channels; i++)
7166 NLA_PUT_U32(msg, i, req->channels[i]->center_freq);
7167 nla_nest_end(msg, nest);
7168
7169 if (req->ie)
7170 NLA_PUT(msg, NL80211_ATTR_IE, req->ie_len, req->ie);
7171
7172 return 0;
7173 nla_put_failure:
7174 return -ENOBUFS;
7175}
7176
7177static int nl80211_send_scan_msg(struct sk_buff *msg,
7178 struct cfg80211_registered_device *rdev,
7179 struct net_device *netdev,
7180 u32 pid, u32 seq, int flags,
7181 u32 cmd)
7182{
7183 void *hdr;
7184
7185 hdr = nl80211hdr_put(msg, pid, seq, flags, cmd);
7186 if (!hdr)
7187 return -1;
7188
7189 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
7190 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
7191
7192 /* ignore errors and send incomplete event anyway */
7193 nl80211_add_scan_req(msg, rdev);
7194
7195 return genlmsg_end(msg, hdr);
7196
7197 nla_put_failure:
7198 genlmsg_cancel(msg, hdr);
7199 return -EMSGSIZE;
7200}
7201
7202static int
7203nl80211_send_sched_scan_msg(struct sk_buff *msg,
7204 struct cfg80211_registered_device *rdev,
7205 struct net_device *netdev,
7206 u32 pid, u32 seq, int flags, u32 cmd)
7207{
7208 void *hdr;
7209
7210 hdr = nl80211hdr_put(msg, pid, seq, flags, cmd);
7211 if (!hdr)
7212 return -1;
7213
7214 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
7215 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
7216
7217 return genlmsg_end(msg, hdr);
7218
7219 nla_put_failure:
7220 genlmsg_cancel(msg, hdr);
7221 return -EMSGSIZE;
7222}
7223
7224void nl80211_send_scan_start(struct cfg80211_registered_device *rdev,
7225 struct net_device *netdev)
7226{
7227 struct sk_buff *msg;
7228
7229 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
7230 if (!msg)
7231 return;
7232
7233 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0,
7234 NL80211_CMD_TRIGGER_SCAN) < 0) {
7235 nlmsg_free(msg);
7236 return;
7237 }
7238
7239 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7240 nl80211_scan_mcgrp.id, GFP_KERNEL);
7241}
7242
7243void nl80211_send_scan_done(struct cfg80211_registered_device *rdev,
7244 struct net_device *netdev)
7245{
7246 struct sk_buff *msg;
7247
7248 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
7249 if (!msg)
7250 return;
7251
7252 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0,
7253 NL80211_CMD_NEW_SCAN_RESULTS) < 0) {
7254 nlmsg_free(msg);
7255 return;
7256 }
7257
7258 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7259 nl80211_scan_mcgrp.id, GFP_KERNEL);
7260}
7261
7262void nl80211_send_scan_aborted(struct cfg80211_registered_device *rdev,
7263 struct net_device *netdev)
7264{
7265 struct sk_buff *msg;
7266
7267 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
7268 if (!msg)
7269 return;
7270
7271 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0,
7272 NL80211_CMD_SCAN_ABORTED) < 0) {
7273 nlmsg_free(msg);
7274 return;
7275 }
7276
7277 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7278 nl80211_scan_mcgrp.id, GFP_KERNEL);
7279}
7280
7281void nl80211_send_sched_scan_results(struct cfg80211_registered_device *rdev,
7282 struct net_device *netdev)
7283{
7284 struct sk_buff *msg;
7285
7286 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
7287 if (!msg)
7288 return;
7289
7290 if (nl80211_send_sched_scan_msg(msg, rdev, netdev, 0, 0, 0,
7291 NL80211_CMD_SCHED_SCAN_RESULTS) < 0) {
7292 nlmsg_free(msg);
7293 return;
7294 }
7295
7296 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7297 nl80211_scan_mcgrp.id, GFP_KERNEL);
7298}
7299
7300void nl80211_send_sched_scan(struct cfg80211_registered_device *rdev,
7301 struct net_device *netdev, u32 cmd)
7302{
7303 struct sk_buff *msg;
7304
7305 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
7306 if (!msg)
7307 return;
7308
7309 if (nl80211_send_sched_scan_msg(msg, rdev, netdev, 0, 0, 0, cmd) < 0) {
7310 nlmsg_free(msg);
7311 return;
7312 }
7313
7314 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7315 nl80211_scan_mcgrp.id, GFP_KERNEL);
7316}
7317
7318/*
7319 * This can happen on global regulatory changes or device specific settings
7320 * based on custom world regulatory domains.
7321 */
7322void nl80211_send_reg_change_event(struct regulatory_request *request)
7323{
7324 struct sk_buff *msg;
7325 void *hdr;
7326
7327 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
7328 if (!msg)
7329 return;
7330
7331 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_CHANGE);
7332 if (!hdr) {
7333 nlmsg_free(msg);
7334 return;
7335 }
7336
7337 /* Userspace can always count this one always being set */
7338 NLA_PUT_U8(msg, NL80211_ATTR_REG_INITIATOR, request->initiator);
7339
7340 if (request->alpha2[0] == '0' && request->alpha2[1] == '0')
7341 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE,
7342 NL80211_REGDOM_TYPE_WORLD);
7343 else if (request->alpha2[0] == '9' && request->alpha2[1] == '9')
7344 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE,
7345 NL80211_REGDOM_TYPE_CUSTOM_WORLD);
7346 else if ((request->alpha2[0] == '9' && request->alpha2[1] == '8') ||
7347 request->intersect)
7348 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE,
7349 NL80211_REGDOM_TYPE_INTERSECTION);
7350 else {
7351 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE,
7352 NL80211_REGDOM_TYPE_COUNTRY);
7353 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, request->alpha2);
7354 }
7355
7356 if (wiphy_idx_valid(request->wiphy_idx))
7357 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, request->wiphy_idx);
7358
7359 genlmsg_end(msg, hdr);
7360
7361 rcu_read_lock();
7362 genlmsg_multicast_allns(msg, 0, nl80211_regulatory_mcgrp.id,
7363 GFP_ATOMIC);
7364 rcu_read_unlock();
7365
7366 return;
7367
7368nla_put_failure:
7369 genlmsg_cancel(msg, hdr);
7370 nlmsg_free(msg);
7371}
7372
7373static void nl80211_send_mlme_event(struct cfg80211_registered_device *rdev,
7374 struct net_device *netdev,
7375 const u8 *buf, size_t len,
7376 enum nl80211_commands cmd, gfp_t gfp)
7377{
7378 struct sk_buff *msg;
7379 void *hdr;
7380
7381 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
7382 if (!msg)
7383 return;
7384
7385 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
7386 if (!hdr) {
7387 nlmsg_free(msg);
7388 return;
7389 }
7390
7391 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
7392 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
7393 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf);
7394
7395 genlmsg_end(msg, hdr);
7396
7397 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7398 nl80211_mlme_mcgrp.id, gfp);
7399 return;
7400
7401 nla_put_failure:
7402 genlmsg_cancel(msg, hdr);
7403 nlmsg_free(msg);
7404}
7405
7406void nl80211_send_rx_auth(struct cfg80211_registered_device *rdev,
7407 struct net_device *netdev, const u8 *buf,
7408 size_t len, gfp_t gfp)
7409{
7410 nl80211_send_mlme_event(rdev, netdev, buf, len,
7411 NL80211_CMD_AUTHENTICATE, gfp);
7412}
7413
7414void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev,
7415 struct net_device *netdev, const u8 *buf,
7416 size_t len, gfp_t gfp)
7417{
7418 nl80211_send_mlme_event(rdev, netdev, buf, len,
7419 NL80211_CMD_ASSOCIATE, gfp);
7420}
7421
7422void nl80211_send_deauth(struct cfg80211_registered_device *rdev,
7423 struct net_device *netdev, const u8 *buf,
7424 size_t len, gfp_t gfp)
7425{
7426 nl80211_send_mlme_event(rdev, netdev, buf, len,
7427 NL80211_CMD_DEAUTHENTICATE, gfp);
7428}
7429
7430void nl80211_send_disassoc(struct cfg80211_registered_device *rdev,
7431 struct net_device *netdev, const u8 *buf,
7432 size_t len, gfp_t gfp)
7433{
7434 nl80211_send_mlme_event(rdev, netdev, buf, len,
7435 NL80211_CMD_DISASSOCIATE, gfp);
7436}
7437
7438void nl80211_send_unprot_deauth(struct cfg80211_registered_device *rdev,
7439 struct net_device *netdev, const u8 *buf,
7440 size_t len, gfp_t gfp)
7441{
7442 nl80211_send_mlme_event(rdev, netdev, buf, len,
7443 NL80211_CMD_UNPROT_DEAUTHENTICATE, gfp);
7444}
7445
7446void nl80211_send_unprot_disassoc(struct cfg80211_registered_device *rdev,
7447 struct net_device *netdev, const u8 *buf,
7448 size_t len, gfp_t gfp)
7449{
7450 nl80211_send_mlme_event(rdev, netdev, buf, len,
7451 NL80211_CMD_UNPROT_DISASSOCIATE, gfp);
7452}
7453
7454static void nl80211_send_mlme_timeout(struct cfg80211_registered_device *rdev,
7455 struct net_device *netdev, int cmd,
7456 const u8 *addr, gfp_t gfp)
7457{
7458 struct sk_buff *msg;
7459 void *hdr;
7460
7461 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
7462 if (!msg)
7463 return;
7464
7465 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
7466 if (!hdr) {
7467 nlmsg_free(msg);
7468 return;
7469 }
7470
7471 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
7472 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
7473 NLA_PUT_FLAG(msg, NL80211_ATTR_TIMED_OUT);
7474 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
7475
7476 genlmsg_end(msg, hdr);
7477
7478 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7479 nl80211_mlme_mcgrp.id, gfp);
7480 return;
7481
7482 nla_put_failure:
7483 genlmsg_cancel(msg, hdr);
7484 nlmsg_free(msg);
7485}
7486
7487void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev,
7488 struct net_device *netdev, const u8 *addr,
7489 gfp_t gfp)
7490{
7491 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_AUTHENTICATE,
7492 addr, gfp);
7493}
7494
7495void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev,
7496 struct net_device *netdev, const u8 *addr,
7497 gfp_t gfp)
7498{
7499 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_ASSOCIATE,
7500 addr, gfp);
7501}
7502
7503void nl80211_send_connect_result(struct cfg80211_registered_device *rdev,
7504 struct net_device *netdev, const u8 *bssid,
7505 const u8 *req_ie, size_t req_ie_len,
7506 const u8 *resp_ie, size_t resp_ie_len,
7507 u16 status, gfp_t gfp)
7508{
7509 struct sk_buff *msg;
7510 void *hdr;
7511
7512 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
7513 if (!msg)
7514 return;
7515
7516 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONNECT);
7517 if (!hdr) {
7518 nlmsg_free(msg);
7519 return;
7520 }
7521
7522 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
7523 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
7524 if (bssid)
7525 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid);
7526 NLA_PUT_U16(msg, NL80211_ATTR_STATUS_CODE, status);
7527 if (req_ie)
7528 NLA_PUT(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie);
7529 if (resp_ie)
7530 NLA_PUT(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie);
7531
7532 genlmsg_end(msg, hdr);
7533
7534 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7535 nl80211_mlme_mcgrp.id, gfp);
7536 return;
7537
7538 nla_put_failure:
7539 genlmsg_cancel(msg, hdr);
7540 nlmsg_free(msg);
7541
7542}
7543
7544void nl80211_send_roamed(struct cfg80211_registered_device *rdev,
7545 struct net_device *netdev, const u8 *bssid,
7546 const u8 *req_ie, size_t req_ie_len,
7547 const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp)
7548{
7549 struct sk_buff *msg;
7550 void *hdr;
7551
7552 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
7553 if (!msg)
7554 return;
7555
7556 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_ROAM);
7557 if (!hdr) {
7558 nlmsg_free(msg);
7559 return;
7560 }
7561
7562 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
7563 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
7564 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid);
7565 if (req_ie)
7566 NLA_PUT(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie);
7567 if (resp_ie)
7568 NLA_PUT(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie);
7569
7570 genlmsg_end(msg, hdr);
7571
7572 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7573 nl80211_mlme_mcgrp.id, gfp);
7574 return;
7575
7576 nla_put_failure:
7577 genlmsg_cancel(msg, hdr);
7578 nlmsg_free(msg);
7579
7580}
7581
7582void nl80211_send_disconnected(struct cfg80211_registered_device *rdev,
7583 struct net_device *netdev, u16 reason,
7584 const u8 *ie, size_t ie_len, bool from_ap)
7585{
7586 struct sk_buff *msg;
7587 void *hdr;
7588
7589 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
7590 if (!msg)
7591 return;
7592
7593 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DISCONNECT);
7594 if (!hdr) {
7595 nlmsg_free(msg);
7596 return;
7597 }
7598
7599 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
7600 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
7601 if (from_ap && reason)
7602 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason);
7603 if (from_ap)
7604 NLA_PUT_FLAG(msg, NL80211_ATTR_DISCONNECTED_BY_AP);
7605 if (ie)
7606 NLA_PUT(msg, NL80211_ATTR_IE, ie_len, ie);
7607
7608 genlmsg_end(msg, hdr);
7609
7610 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7611 nl80211_mlme_mcgrp.id, GFP_KERNEL);
7612 return;
7613
7614 nla_put_failure:
7615 genlmsg_cancel(msg, hdr);
7616 nlmsg_free(msg);
7617
7618}
7619
7620void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev,
7621 struct net_device *netdev, const u8 *bssid,
7622 gfp_t gfp)
7623{
7624 struct sk_buff *msg;
7625 void *hdr;
7626
7627 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
7628 if (!msg)
7629 return;
7630
7631 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_JOIN_IBSS);
7632 if (!hdr) {
7633 nlmsg_free(msg);
7634 return;
7635 }
7636
7637 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
7638 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
7639 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid);
7640
7641 genlmsg_end(msg, hdr);
7642
7643 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7644 nl80211_mlme_mcgrp.id, gfp);
7645 return;
7646
7647 nla_put_failure:
7648 genlmsg_cancel(msg, hdr);
7649 nlmsg_free(msg);
7650}
7651
7652void nl80211_send_new_peer_candidate(struct cfg80211_registered_device *rdev,
7653 struct net_device *netdev,
7654 const u8 *macaddr, const u8* ie, u8 ie_len,
7655 gfp_t gfp)
7656{
7657 struct sk_buff *msg;
7658 void *hdr;
7659
7660 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
7661 if (!msg)
7662 return;
7663
7664 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NEW_PEER_CANDIDATE);
7665 if (!hdr) {
7666 nlmsg_free(msg);
7667 return;
7668 }
7669
7670 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
7671 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
7672 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, macaddr);
7673 if (ie_len && ie)
7674 NLA_PUT(msg, NL80211_ATTR_IE, ie_len , ie);
7675
7676 genlmsg_end(msg, hdr);
7677
7678 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7679 nl80211_mlme_mcgrp.id, gfp);
7680 return;
7681
7682 nla_put_failure:
7683 genlmsg_cancel(msg, hdr);
7684 nlmsg_free(msg);
7685}
7686
7687void nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev,
7688 struct net_device *netdev, const u8 *addr,
7689 enum nl80211_key_type key_type, int key_id,
7690 const u8 *tsc, gfp_t gfp)
7691{
7692 struct sk_buff *msg;
7693 void *hdr;
7694
7695 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
7696 if (!msg)
7697 return;
7698
7699 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_MICHAEL_MIC_FAILURE);
7700 if (!hdr) {
7701 nlmsg_free(msg);
7702 return;
7703 }
7704
7705 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
7706 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
7707 if (addr)
7708 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
7709 NLA_PUT_U32(msg, NL80211_ATTR_KEY_TYPE, key_type);
7710 if (key_id != -1)
7711 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_id);
7712 if (tsc)
7713 NLA_PUT(msg, NL80211_ATTR_KEY_SEQ, 6, tsc);
7714
7715 genlmsg_end(msg, hdr);
7716
7717 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7718 nl80211_mlme_mcgrp.id, gfp);
7719 return;
7720
7721 nla_put_failure:
7722 genlmsg_cancel(msg, hdr);
7723 nlmsg_free(msg);
7724}
7725
7726void nl80211_send_beacon_hint_event(struct wiphy *wiphy,
7727 struct ieee80211_channel *channel_before,
7728 struct ieee80211_channel *channel_after)
7729{
7730 struct sk_buff *msg;
7731 void *hdr;
7732 struct nlattr *nl_freq;
7733
7734 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC);
7735 if (!msg)
7736 return;
7737
7738 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_BEACON_HINT);
7739 if (!hdr) {
7740 nlmsg_free(msg);
7741 return;
7742 }
7743
7744 /*
7745 * Since we are applying the beacon hint to a wiphy we know its
7746 * wiphy_idx is valid
7747 */
7748 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy));
7749
7750 /* Before */
7751 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_BEFORE);
7752 if (!nl_freq)
7753 goto nla_put_failure;
7754 if (nl80211_msg_put_channel(msg, channel_before))
7755 goto nla_put_failure;
7756 nla_nest_end(msg, nl_freq);
7757
7758 /* After */
7759 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_AFTER);
7760 if (!nl_freq)
7761 goto nla_put_failure;
7762 if (nl80211_msg_put_channel(msg, channel_after))
7763 goto nla_put_failure;
7764 nla_nest_end(msg, nl_freq);
7765
7766 genlmsg_end(msg, hdr);
7767
7768 rcu_read_lock();
7769 genlmsg_multicast_allns(msg, 0, nl80211_regulatory_mcgrp.id,
7770 GFP_ATOMIC);
7771 rcu_read_unlock();
7772
7773 return;
7774
7775nla_put_failure:
7776 genlmsg_cancel(msg, hdr);
7777 nlmsg_free(msg);
7778}
7779
7780static void nl80211_send_remain_on_chan_event(
7781 int cmd, struct cfg80211_registered_device *rdev,
7782 struct net_device *netdev, u64 cookie,
7783 struct ieee80211_channel *chan,
7784 enum nl80211_channel_type channel_type,
7785 unsigned int duration, gfp_t gfp)
7786{
7787 struct sk_buff *msg;
7788 void *hdr;
7789
7790 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
7791 if (!msg)
7792 return;
7793
7794 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
7795 if (!hdr) {
7796 nlmsg_free(msg);
7797 return;
7798 }
7799
7800 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
7801 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
7802 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, chan->center_freq);
7803 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, channel_type);
7804 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie);
7805
7806 if (cmd == NL80211_CMD_REMAIN_ON_CHANNEL)
7807 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, duration);
7808
7809 genlmsg_end(msg, hdr);
7810
7811 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7812 nl80211_mlme_mcgrp.id, gfp);
7813 return;
7814
7815 nla_put_failure:
7816 genlmsg_cancel(msg, hdr);
7817 nlmsg_free(msg);
7818}
7819
7820void nl80211_send_remain_on_channel(struct cfg80211_registered_device *rdev,
7821 struct net_device *netdev, u64 cookie,
7822 struct ieee80211_channel *chan,
7823 enum nl80211_channel_type channel_type,
7824 unsigned int duration, gfp_t gfp)
7825{
7826 nl80211_send_remain_on_chan_event(NL80211_CMD_REMAIN_ON_CHANNEL,
7827 rdev, netdev, cookie, chan,
7828 channel_type, duration, gfp);
7829}
7830
7831void nl80211_send_remain_on_channel_cancel(
7832 struct cfg80211_registered_device *rdev, struct net_device *netdev,
7833 u64 cookie, struct ieee80211_channel *chan,
7834 enum nl80211_channel_type channel_type, gfp_t gfp)
7835{
7836 nl80211_send_remain_on_chan_event(NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL,
7837 rdev, netdev, cookie, chan,
7838 channel_type, 0, gfp);
7839}
7840
7841void nl80211_send_sta_event(struct cfg80211_registered_device *rdev,
7842 struct net_device *dev, const u8 *mac_addr,
7843 struct station_info *sinfo, gfp_t gfp)
7844{
7845 struct sk_buff *msg;
7846
7847 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
7848 if (!msg)
7849 return;
7850
7851 if (nl80211_send_station(msg, 0, 0, 0,
7852 rdev, dev, mac_addr, sinfo) < 0) {
7853 nlmsg_free(msg);
7854 return;
7855 }
7856
7857 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7858 nl80211_mlme_mcgrp.id, gfp);
7859}
7860
7861void nl80211_send_sta_del_event(struct cfg80211_registered_device *rdev,
7862 struct net_device *dev, const u8 *mac_addr,
7863 gfp_t gfp)
7864{
7865 struct sk_buff *msg;
7866 void *hdr;
7867
7868 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
7869 if (!msg)
7870 return;
7871
7872 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DEL_STATION);
7873 if (!hdr) {
7874 nlmsg_free(msg);
7875 return;
7876 }
7877
7878 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex);
7879 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr);
7880
7881 genlmsg_end(msg, hdr);
7882
7883 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
7884 nl80211_mlme_mcgrp.id, gfp);
7885 return;
7886
7887 nla_put_failure:
7888 genlmsg_cancel(msg, hdr);
7889 nlmsg_free(msg);
7890}
7891
7892static bool __nl80211_unexpected_frame(struct net_device *dev, u8 cmd,
7893 const u8 *addr, gfp_t gfp)
7894{
7895 struct wireless_dev *wdev = dev->ieee80211_ptr;
7896 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
7897 struct sk_buff *msg;
7898 void *hdr;
7899 int err;
7900 u32 nlpid = ACCESS_ONCE(wdev->ap_unexpected_nlpid);
7901
7902 if (!nlpid)
7903 return false;
7904
7905 msg = nlmsg_new(100, gfp);
7906 if (!msg)
7907 return true;
7908
7909 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
7910 if (!hdr) {
7911 nlmsg_free(msg);
7912 return true;
7913 }
7914
7915 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
7916 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex);
7917 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
7918
7919 err = genlmsg_end(msg, hdr);
7920 if (err < 0) {
7921 nlmsg_free(msg);
7922 return true;
7923 }
7924
7925 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlpid);
7926 return true;
7927
7928 nla_put_failure:
7929 genlmsg_cancel(msg, hdr);
7930 nlmsg_free(msg);
7931 return true;
7932}
7933
7934bool nl80211_unexpected_frame(struct net_device *dev, const u8 *addr, gfp_t gfp)
7935{
7936 return __nl80211_unexpected_frame(dev, NL80211_CMD_UNEXPECTED_FRAME,
7937 addr, gfp);
7938}
7939
7940bool nl80211_unexpected_4addr_frame(struct net_device *dev,
7941 const u8 *addr, gfp_t gfp)
7942{
7943 return __nl80211_unexpected_frame(dev,
7944 NL80211_CMD_UNEXPECTED_4ADDR_FRAME,
7945 addr, gfp);
7946}
7947
7948int nl80211_send_mgmt(struct cfg80211_registered_device *rdev,
7949 struct net_device *netdev, u32 nlpid,
7950 int freq, int sig_dbm,
7951 const u8 *buf, size_t len, gfp_t gfp)
7952{
7953 struct sk_buff *msg;
7954 void *hdr;
7955
7956 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
7957 if (!msg)
7958 return -ENOMEM;
7959
7960 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME);
7961 if (!hdr) {
7962 nlmsg_free(msg);
7963 return -ENOMEM;
7964 }
7965
7966 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
7967 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
7968 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
7969 if (sig_dbm)
7970 NLA_PUT_U32(msg, NL80211_ATTR_RX_SIGNAL_DBM, sig_dbm);
7971 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf);
7972
7973 genlmsg_end(msg, hdr);
7974
7975 return genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlpid);
7976
7977 nla_put_failure:
7978 genlmsg_cancel(msg, hdr);
7979 nlmsg_free(msg);
7980 return -ENOBUFS;
7981}
7982
7983void nl80211_send_mgmt_tx_status(struct cfg80211_registered_device *rdev,
7984 struct net_device *netdev, u64 cookie,
7985 const u8 *buf, size_t len, bool ack,
7986 gfp_t gfp)
7987{
7988 struct sk_buff *msg;
7989 void *hdr;
7990
7991 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
7992 if (!msg)
7993 return;
7994
7995 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME_TX_STATUS);
7996 if (!hdr) {
7997 nlmsg_free(msg);
7998 return;
7999 }
8000
8001 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
8002 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
8003 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf);
8004 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie);
8005 if (ack)
8006 NLA_PUT_FLAG(msg, NL80211_ATTR_ACK);
8007
8008 genlmsg_end(msg, hdr);
8009
8010 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
8011 nl80211_mlme_mcgrp.id, gfp);
8012 return;
8013
8014 nla_put_failure:
8015 genlmsg_cancel(msg, hdr);
8016 nlmsg_free(msg);
8017}
8018
8019void
8020nl80211_send_cqm_rssi_notify(struct cfg80211_registered_device *rdev,
8021 struct net_device *netdev,
8022 enum nl80211_cqm_rssi_threshold_event rssi_event,
8023 gfp_t gfp)
8024{
8025 struct sk_buff *msg;
8026 struct nlattr *pinfoattr;
8027 void *hdr;
8028
8029 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
8030 if (!msg)
8031 return;
8032
8033 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM);
8034 if (!hdr) {
8035 nlmsg_free(msg);
8036 return;
8037 }
8038
8039 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
8040 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
8041
8042 pinfoattr = nla_nest_start(msg, NL80211_ATTR_CQM);
8043 if (!pinfoattr)
8044 goto nla_put_failure;
8045
8046 NLA_PUT_U32(msg, NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT,
8047 rssi_event);
8048
8049 nla_nest_end(msg, pinfoattr);
8050
8051 genlmsg_end(msg, hdr);
8052
8053 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
8054 nl80211_mlme_mcgrp.id, gfp);
8055 return;
8056
8057 nla_put_failure:
8058 genlmsg_cancel(msg, hdr);
8059 nlmsg_free(msg);
8060}
8061
8062void nl80211_gtk_rekey_notify(struct cfg80211_registered_device *rdev,
8063 struct net_device *netdev, const u8 *bssid,
8064 const u8 *replay_ctr, gfp_t gfp)
8065{
8066 struct sk_buff *msg;
8067 struct nlattr *rekey_attr;
8068 void *hdr;
8069
8070 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
8071 if (!msg)
8072 return;
8073
8074 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_SET_REKEY_OFFLOAD);
8075 if (!hdr) {
8076 nlmsg_free(msg);
8077 return;
8078 }
8079
8080 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
8081 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
8082 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid);
8083
8084 rekey_attr = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA);
8085 if (!rekey_attr)
8086 goto nla_put_failure;
8087
8088 NLA_PUT(msg, NL80211_REKEY_DATA_REPLAY_CTR,
8089 NL80211_REPLAY_CTR_LEN, replay_ctr);
8090
8091 nla_nest_end(msg, rekey_attr);
8092
8093 genlmsg_end(msg, hdr);
8094
8095 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
8096 nl80211_mlme_mcgrp.id, gfp);
8097 return;
8098
8099 nla_put_failure:
8100 genlmsg_cancel(msg, hdr);
8101 nlmsg_free(msg);
8102}
8103
8104void nl80211_pmksa_candidate_notify(struct cfg80211_registered_device *rdev,
8105 struct net_device *netdev, int index,
8106 const u8 *bssid, bool preauth, gfp_t gfp)
8107{
8108 struct sk_buff *msg;
8109 struct nlattr *attr;
8110 void *hdr;
8111
8112 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
8113 if (!msg)
8114 return;
8115
8116 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_PMKSA_CANDIDATE);
8117 if (!hdr) {
8118 nlmsg_free(msg);
8119 return;
8120 }
8121
8122 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
8123 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
8124
8125 attr = nla_nest_start(msg, NL80211_ATTR_PMKSA_CANDIDATE);
8126 if (!attr)
8127 goto nla_put_failure;
8128
8129 NLA_PUT_U32(msg, NL80211_PMKSA_CANDIDATE_INDEX, index);
8130 NLA_PUT(msg, NL80211_PMKSA_CANDIDATE_BSSID, ETH_ALEN, bssid);
8131 if (preauth)
8132 NLA_PUT_FLAG(msg, NL80211_PMKSA_CANDIDATE_PREAUTH);
8133
8134 nla_nest_end(msg, attr);
8135
8136 genlmsg_end(msg, hdr);
8137
8138 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
8139 nl80211_mlme_mcgrp.id, gfp);
8140 return;
8141
8142 nla_put_failure:
8143 genlmsg_cancel(msg, hdr);
8144 nlmsg_free(msg);
8145}
8146
8147void
8148nl80211_send_cqm_pktloss_notify(struct cfg80211_registered_device *rdev,
8149 struct net_device *netdev, const u8 *peer,
8150 u32 num_packets, gfp_t gfp)
8151{
8152 struct sk_buff *msg;
8153 struct nlattr *pinfoattr;
8154 void *hdr;
8155
8156 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
8157 if (!msg)
8158 return;
8159
8160 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM);
8161 if (!hdr) {
8162 nlmsg_free(msg);
8163 return;
8164 }
8165
8166 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
8167 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
8168 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, peer);
8169
8170 pinfoattr = nla_nest_start(msg, NL80211_ATTR_CQM);
8171 if (!pinfoattr)
8172 goto nla_put_failure;
8173
8174 NLA_PUT_U32(msg, NL80211_ATTR_CQM_PKT_LOSS_EVENT, num_packets);
8175
8176 nla_nest_end(msg, pinfoattr);
8177
8178 genlmsg_end(msg, hdr);
8179
8180 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
8181 nl80211_mlme_mcgrp.id, gfp);
8182 return;
8183
8184 nla_put_failure:
8185 genlmsg_cancel(msg, hdr);
8186 nlmsg_free(msg);
8187}
8188
8189void cfg80211_probe_status(struct net_device *dev, const u8 *addr,
8190 u64 cookie, bool acked, gfp_t gfp)
8191{
8192 struct wireless_dev *wdev = dev->ieee80211_ptr;
8193 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
8194 struct sk_buff *msg;
8195 void *hdr;
8196 int err;
8197
8198 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
8199 if (!msg)
8200 return;
8201
8202 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_PROBE_CLIENT);
8203 if (!hdr) {
8204 nlmsg_free(msg);
8205 return;
8206 }
8207
8208 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
8209 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex);
8210 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
8211 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie);
8212 if (acked)
8213 NLA_PUT_FLAG(msg, NL80211_ATTR_ACK);
8214
8215 err = genlmsg_end(msg, hdr);
8216 if (err < 0) {
8217 nlmsg_free(msg);
8218 return;
8219 }
8220
8221 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
8222 nl80211_mlme_mcgrp.id, gfp);
8223 return;
8224
8225 nla_put_failure:
8226 genlmsg_cancel(msg, hdr);
8227 nlmsg_free(msg);
8228}
8229EXPORT_SYMBOL(cfg80211_probe_status);
8230
8231void cfg80211_report_obss_beacon(struct wiphy *wiphy,
8232 const u8 *frame, size_t len,
8233 int freq, int sig_dbm, gfp_t gfp)
8234{
8235 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
8236 struct sk_buff *msg;
8237 void *hdr;
8238 u32 nlpid = ACCESS_ONCE(rdev->ap_beacons_nlpid);
8239
8240 if (!nlpid)
8241 return;
8242
8243 msg = nlmsg_new(len + 100, gfp);
8244 if (!msg)
8245 return;
8246
8247 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME);
8248 if (!hdr) {
8249 nlmsg_free(msg);
8250 return;
8251 }
8252
8253 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
8254 if (freq)
8255 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
8256 if (sig_dbm)
8257 NLA_PUT_U32(msg, NL80211_ATTR_RX_SIGNAL_DBM, sig_dbm);
8258 NLA_PUT(msg, NL80211_ATTR_FRAME, len, frame);
8259
8260 genlmsg_end(msg, hdr);
8261
8262 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlpid);
8263 return;
8264
8265 nla_put_failure:
8266 genlmsg_cancel(msg, hdr);
8267 nlmsg_free(msg);
8268}
8269EXPORT_SYMBOL(cfg80211_report_obss_beacon);
8270
zw.wangc08ce042024-08-08 18:42:05 +0800[diff] [blame]8271#if (defined CONFIG_AIC8800 || defined CONFIG_AIC8800D80L)
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]8272int cfg80211_external_auth_request(struct net_device *dev,
8273 struct cfg80211_external_auth_params *params,
8274 gfp_t gfp)
8275{
8276 struct wireless_dev *wdev = dev->ieee80211_ptr;
8277 // struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
8278 struct cfg80211_registered_device *rdev = wiphy_to_dev(wdev->wiphy);
8279 struct sk_buff *msg;
8280 void *hdr;
8281
8282 if (!wdev->conn_owner_nlportid) {
8283 return -EINVAL;
8284 }
8285
8286 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
8287 if (!msg)
8288 return -ENOMEM;
8289
8290 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_EXTERNAL_AUTH);
8291 if (!hdr)
8292 goto nla_put_failure;
8293
8294 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
8295 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
8296 nla_put_u32(msg, NL80211_ATTR_AKM_SUITES, params->key_mgmt_suite) ||
8297 nla_put_u32(msg, NL80211_ATTR_EXTERNAL_AUTH_ACTION,
8298 params->action) ||
8299 nla_put(msg, NL80211_ATTR_BSSID, ETH_ALEN, params->bssid) ||
8300 nla_put(msg, NL80211_ATTR_SSID, params->ssid.ssid_len,
8301 params->ssid.ssid))
8302 goto nla_put_failure;
8303
8304 genlmsg_end(msg, hdr);
8305 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg,
8306 wdev->conn_owner_nlportid);
8307 return 0;
8308
8309 nla_put_failure:
8310 nlmsg_free(msg);
8311 return -ENOBUFS;
8312}
8313EXPORT_SYMBOL(cfg80211_external_auth_request);
8314#endif
8315
8316static int nl80211_netlink_notify(struct notifier_block * nb,
8317 unsigned long state,
8318 void *_notify)
8319{
8320 struct netlink_notify *notify = _notify;
8321 struct cfg80211_registered_device *rdev;
8322 struct wireless_dev *wdev;
8323
8324 if (state != NETLINK_URELEASE)
8325 return NOTIFY_DONE;
8326
8327 rcu_read_lock();
8328
8329 list_for_each_entry_rcu(rdev, &cfg80211_rdev_list, list) {
8330 list_for_each_entry_rcu(wdev, &rdev->netdev_list, list)
8331 cfg80211_mlme_unregister_socket(wdev, notify->pid);
8332 if (rdev->ap_beacons_nlpid == notify->pid)
8333 rdev->ap_beacons_nlpid = 0;
8334 }
8335
8336 rcu_read_unlock();
8337
8338 return NOTIFY_DONE;
8339}
8340
8341static struct notifier_block nl80211_netlink_notifier = {
8342 .notifier_call = nl80211_netlink_notify,
8343};
8344
8345/* initialisation/exit functions */
8346
8347int nl80211_init(void)
8348{
8349 int err;
8350
8351 err = genl_register_family_with_ops(&nl80211_fam,
8352 nl80211_ops, ARRAY_SIZE(nl80211_ops));
8353 if (err)
8354 return err;
8355
8356 err = genl_register_mc_group(&nl80211_fam, &nl80211_config_mcgrp);
8357 if (err)
8358 goto err_out;
8359
8360 err = genl_register_mc_group(&nl80211_fam, &nl80211_scan_mcgrp);
8361 if (err)
8362 goto err_out;
8363
8364 err = genl_register_mc_group(&nl80211_fam, &nl80211_regulatory_mcgrp);
8365 if (err)
8366 goto err_out;
8367
8368 err = genl_register_mc_group(&nl80211_fam, &nl80211_mlme_mcgrp);
8369 if (err)
8370 goto err_out;
8371
8372#ifdef CONFIG_NL80211_TESTMODE
8373 err = genl_register_mc_group(&nl80211_fam, &nl80211_testmode_mcgrp);
8374 if (err)
8375 goto err_out;
8376#endif
8377
8378 err = netlink_register_notifier(&nl80211_netlink_notifier);
8379 if (err)
8380 goto err_out;
8381
8382 return 0;
8383 err_out:
8384 genl_unregister_family(&nl80211_fam);
8385 return err;
8386}
8387
8388void nl80211_exit(void)
8389{
8390 netlink_unregister_notifier(&nl80211_netlink_notifier);
8391 genl_unregister_family(&nl80211_fam);
8392}