search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
r8169: revert "Handle rxfifo errors on 8168 chips"
[linux-2.6/linux-acpi-2.6/ibm-acpi-2.6.git] / net / wireless / nl80211.c
blob9a8cde999955ec6ee1a149925cf1903e92a060be
1 /*
2 * This is the new netlink-based wireless configuration interface.
3 *
4 * Copyright 2006-2010 Johannes Berg <johannes@sipsolutions.net>
5 */
6
7 #include <linux/if.h>
8 #include <linux/module.h>
9 #include <linux/err.h>
10 #include <linux/slab.h>
11 #include <linux/list.h>
12 #include <linux/if_ether.h>
13 #include <linux/ieee80211.h>
14 #include <linux/nl80211.h>
15 #include <linux/rtnetlink.h>
16 #include <linux/netlink.h>
17 #include <linux/etherdevice.h>
18 #include <net/net_namespace.h>
19 #include <net/genetlink.h>
20 #include <net/cfg80211.h>
21 #include <net/sock.h>
22 #include "core.h"
23 #include "nl80211.h"
24 #include "reg.h"
25
26 /* the netlink family */
27 static struct genl_family nl80211_fam = {
28 .id = GENL_ID_GENERATE, /* don't bother with a hardcoded ID */
29 .name = "nl80211", /* have users key off the name instead */
30 .hdrsize = 0, /* no private header */
31 .version = 1, /* no particular meaning now */
32 .maxattr = NL80211_ATTR_MAX,
33 .netnsok = true,
34 };
35
36 /* internal helper: get rdev and dev */
37 static int get_rdev_dev_by_info_ifindex(struct genl_info *info,
38 struct cfg80211_registered_device **rdev,
39 struct net_device **dev)
40 {
41 struct nlattr **attrs = info->attrs;
42 int ifindex;
43
44 if (!attrs[NL80211_ATTR_IFINDEX])
45 return -EINVAL;
46
47 ifindex = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]);
48 *dev = dev_get_by_index(genl_info_net(info), ifindex);
49 if (!*dev)
50 return -ENODEV;
51
52 *rdev = cfg80211_get_dev_from_ifindex(genl_info_net(info), ifindex);
53 if (IS_ERR(*rdev)) {
54 dev_put(*dev);
55 return PTR_ERR(*rdev);
56 }
57
58 return 0;
59 }
60
61 /* policy for the attributes */
62 static const struct nla_policy nl80211_policy[NL80211_ATTR_MAX+1] = {
63 [NL80211_ATTR_WIPHY] = { .type = NLA_U32 },
64 [NL80211_ATTR_WIPHY_NAME] = { .type = NLA_NUL_STRING,
65 .len = 20-1 },
66 [NL80211_ATTR_WIPHY_TXQ_PARAMS] = { .type = NLA_NESTED },
67 [NL80211_ATTR_WIPHY_FREQ] = { .type = NLA_U32 },
68 [NL80211_ATTR_WIPHY_CHANNEL_TYPE] = { .type = NLA_U32 },
69 [NL80211_ATTR_WIPHY_RETRY_SHORT] = { .type = NLA_U8 },
70 [NL80211_ATTR_WIPHY_RETRY_LONG] = { .type = NLA_U8 },
71 [NL80211_ATTR_WIPHY_FRAG_THRESHOLD] = { .type = NLA_U32 },
72 [NL80211_ATTR_WIPHY_RTS_THRESHOLD] = { .type = NLA_U32 },
73 [NL80211_ATTR_WIPHY_COVERAGE_CLASS] = { .type = NLA_U8 },
74
75 [NL80211_ATTR_IFTYPE] = { .type = NLA_U32 },
76 [NL80211_ATTR_IFINDEX] = { .type = NLA_U32 },
77 [NL80211_ATTR_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ-1 },
78
79 [NL80211_ATTR_MAC] = { .type = NLA_BINARY, .len = ETH_ALEN },
80 [NL80211_ATTR_PREV_BSSID] = { .type = NLA_BINARY, .len = ETH_ALEN },
81
82 [NL80211_ATTR_KEY] = { .type = NLA_NESTED, },
83 [NL80211_ATTR_KEY_DATA] = { .type = NLA_BINARY,
84 .len = WLAN_MAX_KEY_LEN },
85 [NL80211_ATTR_KEY_IDX] = { .type = NLA_U8 },
86 [NL80211_ATTR_KEY_CIPHER] = { .type = NLA_U32 },
87 [NL80211_ATTR_KEY_DEFAULT] = { .type = NLA_FLAG },
88 [NL80211_ATTR_KEY_SEQ] = { .type = NLA_BINARY, .len = 8 },
89
90 [NL80211_ATTR_BEACON_INTERVAL] = { .type = NLA_U32 },
91 [NL80211_ATTR_DTIM_PERIOD] = { .type = NLA_U32 },
92 [NL80211_ATTR_BEACON_HEAD] = { .type = NLA_BINARY,
93 .len = IEEE80211_MAX_DATA_LEN },
94 [NL80211_ATTR_BEACON_TAIL] = { .type = NLA_BINARY,
95 .len = IEEE80211_MAX_DATA_LEN },
96 [NL80211_ATTR_STA_AID] = { .type = NLA_U16 },
97 [NL80211_ATTR_STA_FLAGS] = { .type = NLA_NESTED },
98 [NL80211_ATTR_STA_LISTEN_INTERVAL] = { .type = NLA_U16 },
99 [NL80211_ATTR_STA_SUPPORTED_RATES] = { .type = NLA_BINARY,
100 .len = NL80211_MAX_SUPP_RATES },
101 [NL80211_ATTR_STA_PLINK_ACTION] = { .type = NLA_U8 },
102 [NL80211_ATTR_STA_VLAN] = { .type = NLA_U32 },
103 [NL80211_ATTR_MNTR_FLAGS] = { /* NLA_NESTED can't be empty */ },
104 [NL80211_ATTR_MESH_ID] = { .type = NLA_BINARY,
105 .len = IEEE80211_MAX_MESH_ID_LEN },
106 [NL80211_ATTR_MPATH_NEXT_HOP] = { .type = NLA_U32 },
107
108 [NL80211_ATTR_REG_ALPHA2] = { .type = NLA_STRING, .len = 2 },
109 [NL80211_ATTR_REG_RULES] = { .type = NLA_NESTED },
110
111 [NL80211_ATTR_BSS_CTS_PROT] = { .type = NLA_U8 },
112 [NL80211_ATTR_BSS_SHORT_PREAMBLE] = { .type = NLA_U8 },
113 [NL80211_ATTR_BSS_SHORT_SLOT_TIME] = { .type = NLA_U8 },
114 [NL80211_ATTR_BSS_BASIC_RATES] = { .type = NLA_BINARY,
115 .len = NL80211_MAX_SUPP_RATES },
116
117 [NL80211_ATTR_MESH_PARAMS] = { .type = NLA_NESTED },
118
119 [NL80211_ATTR_HT_CAPABILITY] = { .type = NLA_BINARY,
120 .len = NL80211_HT_CAPABILITY_LEN },
121
122 [NL80211_ATTR_MGMT_SUBTYPE] = { .type = NLA_U8 },
123 [NL80211_ATTR_IE] = { .type = NLA_BINARY,
124 .len = IEEE80211_MAX_DATA_LEN },
125 [NL80211_ATTR_SCAN_FREQUENCIES] = { .type = NLA_NESTED },
126 [NL80211_ATTR_SCAN_SSIDS] = { .type = NLA_NESTED },
127
128 [NL80211_ATTR_SSID] = { .type = NLA_BINARY,
129 .len = IEEE80211_MAX_SSID_LEN },
130 [NL80211_ATTR_AUTH_TYPE] = { .type = NLA_U32 },
131 [NL80211_ATTR_REASON_CODE] = { .type = NLA_U16 },
132 [NL80211_ATTR_FREQ_FIXED] = { .type = NLA_FLAG },
133 [NL80211_ATTR_TIMED_OUT] = { .type = NLA_FLAG },
134 [NL80211_ATTR_USE_MFP] = { .type = NLA_U32 },
135 [NL80211_ATTR_STA_FLAGS2] = {
136 .len = sizeof(struct nl80211_sta_flag_update),
137 },
138 [NL80211_ATTR_CONTROL_PORT] = { .type = NLA_FLAG },
139 [NL80211_ATTR_PRIVACY] = { .type = NLA_FLAG },
140 [NL80211_ATTR_CIPHER_SUITE_GROUP] = { .type = NLA_U32 },
141 [NL80211_ATTR_WPA_VERSIONS] = { .type = NLA_U32 },
142 [NL80211_ATTR_PID] = { .type = NLA_U32 },
143 [NL80211_ATTR_4ADDR] = { .type = NLA_U8 },
144 [NL80211_ATTR_PMKID] = { .type = NLA_BINARY,
145 .len = WLAN_PMKID_LEN },
146 [NL80211_ATTR_DURATION] = { .type = NLA_U32 },
147 [NL80211_ATTR_COOKIE] = { .type = NLA_U64 },
148 [NL80211_ATTR_TX_RATES] = { .type = NLA_NESTED },
149 [NL80211_ATTR_FRAME] = { .type = NLA_BINARY,
150 .len = IEEE80211_MAX_DATA_LEN },
151 [NL80211_ATTR_FRAME_MATCH] = { .type = NLA_BINARY, },
152 [NL80211_ATTR_PS_STATE] = { .type = NLA_U32 },
153 [NL80211_ATTR_CQM] = { .type = NLA_NESTED, },
154 [NL80211_ATTR_LOCAL_STATE_CHANGE] = { .type = NLA_FLAG },
155 [NL80211_ATTR_AP_ISOLATE] = { .type = NLA_U8 },
156
157 [NL80211_ATTR_WIPHY_TX_POWER_SETTING] = { .type = NLA_U32 },
158 [NL80211_ATTR_WIPHY_TX_POWER_LEVEL] = { .type = NLA_U32 },
159 };
160
161 /* policy for the attributes */
162 static const struct nla_policy nl80211_key_policy[NL80211_KEY_MAX + 1] = {
163 [NL80211_KEY_DATA] = { .type = NLA_BINARY, .len = WLAN_MAX_KEY_LEN },
164 [NL80211_KEY_IDX] = { .type = NLA_U8 },
165 [NL80211_KEY_CIPHER] = { .type = NLA_U32 },
166 [NL80211_KEY_SEQ] = { .type = NLA_BINARY, .len = 8 },
167 [NL80211_KEY_DEFAULT] = { .type = NLA_FLAG },
168 [NL80211_KEY_DEFAULT_MGMT] = { .type = NLA_FLAG },
169 };
170
171 /* ifidx get helper */
172 static int nl80211_get_ifidx(struct netlink_callback *cb)
173 {
174 int res;
175
176 res = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize,
177 nl80211_fam.attrbuf, nl80211_fam.maxattr,
178 nl80211_policy);
179 if (res)
180 return res;
181
182 if (!nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX])
183 return -EINVAL;
184
185 res = nla_get_u32(nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX]);
186 if (!res)
187 return -EINVAL;
188 return res;
189 }
190
191 /* IE validation */
192 static bool is_valid_ie_attr(const struct nlattr *attr)
193 {
194 const u8 *pos;
195 int len;
196
197 if (!attr)
198 return true;
199
200 pos = nla_data(attr);
201 len = nla_len(attr);
202
203 while (len) {
204 u8 elemlen;
205
206 if (len < 2)
207 return false;
208 len -= 2;
209
210 elemlen = pos[1];
211 if (elemlen > len)
212 return false;
213
214 len -= elemlen;
215 pos += 2 + elemlen;
216 }
217
218 return true;
219 }
220
221 /* message building helper */
222 static inline void *nl80211hdr_put(struct sk_buff *skb, u32 pid, u32 seq,
223 int flags, u8 cmd)
224 {
225 /* since there is no private header just add the generic one */
226 return genlmsg_put(skb, pid, seq, &nl80211_fam, flags, cmd);
227 }
228
229 static int nl80211_msg_put_channel(struct sk_buff *msg,
230 struct ieee80211_channel *chan)
231 {
232 NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_FREQ,
233 chan->center_freq);
234
235 if (chan->flags & IEEE80211_CHAN_DISABLED)
236 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_DISABLED);
237 if (chan->flags & IEEE80211_CHAN_PASSIVE_SCAN)
238 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_PASSIVE_SCAN);
239 if (chan->flags & IEEE80211_CHAN_NO_IBSS)
240 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_NO_IBSS);
241 if (chan->flags & IEEE80211_CHAN_RADAR)
242 NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_RADAR);
243
244 NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_MAX_TX_POWER,
245 DBM_TO_MBM(chan->max_power));
246
247 return 0;
248
249 nla_put_failure:
250 return -ENOBUFS;
251 }
252
253 /* netlink command implementations */
254
255 struct key_parse {
256 struct key_params p;
257 int idx;
258 bool def, defmgmt;
259 };
260
261 static int nl80211_parse_key_new(struct nlattr *key, struct key_parse *k)
262 {
263 struct nlattr *tb[NL80211_KEY_MAX + 1];
264 int err = nla_parse_nested(tb, NL80211_KEY_MAX, key,
265 nl80211_key_policy);
266 if (err)
267 return err;
268
269 k->def = !!tb[NL80211_KEY_DEFAULT];
270 k->defmgmt = !!tb[NL80211_KEY_DEFAULT_MGMT];
271
272 if (tb[NL80211_KEY_IDX])
273 k->idx = nla_get_u8(tb[NL80211_KEY_IDX]);
274
275 if (tb[NL80211_KEY_DATA]) {
276 k->p.key = nla_data(tb[NL80211_KEY_DATA]);
277 k->p.key_len = nla_len(tb[NL80211_KEY_DATA]);
278 }
279
280 if (tb[NL80211_KEY_SEQ]) {
281 k->p.seq = nla_data(tb[NL80211_KEY_SEQ]);
282 k->p.seq_len = nla_len(tb[NL80211_KEY_SEQ]);
283 }
284
285 if (tb[NL80211_KEY_CIPHER])
286 k->p.cipher = nla_get_u32(tb[NL80211_KEY_CIPHER]);
287
288 return 0;
289 }
290
291 static int nl80211_parse_key_old(struct genl_info *info, struct key_parse *k)
292 {
293 if (info->attrs[NL80211_ATTR_KEY_DATA]) {
294 k->p.key = nla_data(info->attrs[NL80211_ATTR_KEY_DATA]);
295 k->p.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]);
296 }
297
298 if (info->attrs[NL80211_ATTR_KEY_SEQ]) {
299 k->p.seq = nla_data(info->attrs[NL80211_ATTR_KEY_SEQ]);
300 k->p.seq_len = nla_len(info->attrs[NL80211_ATTR_KEY_SEQ]);
301 }
302
303 if (info->attrs[NL80211_ATTR_KEY_IDX])
304 k->idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);
305
306 if (info->attrs[NL80211_ATTR_KEY_CIPHER])
307 k->p.cipher = nla_get_u32(info->attrs[NL80211_ATTR_KEY_CIPHER]);
308
309 k->def = !!info->attrs[NL80211_ATTR_KEY_DEFAULT];
310 k->defmgmt = !!info->attrs[NL80211_ATTR_KEY_DEFAULT_MGMT];
311
312 return 0;
313 }
314
315 static int nl80211_parse_key(struct genl_info *info, struct key_parse *k)
316 {
317 int err;
318
319 memset(k, 0, sizeof(*k));
320 k->idx = -1;
321
322 if (info->attrs[NL80211_ATTR_KEY])
323 err = nl80211_parse_key_new(info->attrs[NL80211_ATTR_KEY], k);
324 else
325 err = nl80211_parse_key_old(info, k);
326
327 if (err)
328 return err;
329
330 if (k->def && k->defmgmt)
331 return -EINVAL;
332
333 if (k->idx != -1) {
334 if (k->defmgmt) {
335 if (k->idx < 4 || k->idx > 5)
336 return -EINVAL;
337 } else if (k->def) {
338 if (k->idx < 0 || k->idx > 3)
339 return -EINVAL;
340 } else {
341 if (k->idx < 0 || k->idx > 5)
342 return -EINVAL;
343 }
344 }
345
346 return 0;
347 }
348
349 static struct cfg80211_cached_keys *
350 nl80211_parse_connkeys(struct cfg80211_registered_device *rdev,
351 struct nlattr *keys)
352 {
353 struct key_parse parse;
354 struct nlattr *key;
355 struct cfg80211_cached_keys *result;
356 int rem, err, def = 0;
357
358 result = kzalloc(sizeof(*result), GFP_KERNEL);
359 if (!result)
360 return ERR_PTR(-ENOMEM);
361
362 result->def = -1;
363 result->defmgmt = -1;
364
365 nla_for_each_nested(key, keys, rem) {
366 memset(&parse, 0, sizeof(parse));
367 parse.idx = -1;
368
369 err = nl80211_parse_key_new(key, &parse);
370 if (err)
371 goto error;
372 err = -EINVAL;
373 if (!parse.p.key)
374 goto error;
375 if (parse.idx < 0 || parse.idx > 4)
376 goto error;
377 if (parse.def) {
378 if (def)
379 goto error;
380 def = 1;
381 result->def = parse.idx;
382 } else if (parse.defmgmt)
383 goto error;
384 err = cfg80211_validate_key_settings(rdev, &parse.p,
385 parse.idx, NULL);
386 if (err)
387 goto error;
388 result->params[parse.idx].cipher = parse.p.cipher;
389 result->params[parse.idx].key_len = parse.p.key_len;
390 result->params[parse.idx].key = result->data[parse.idx];
391 memcpy(result->data[parse.idx], parse.p.key, parse.p.key_len);
392 }
393
394 return result;
395 error:
396 kfree(result);
397 return ERR_PTR(err);
398 }
399
400 static int nl80211_key_allowed(struct wireless_dev *wdev)
401 {
402 ASSERT_WDEV_LOCK(wdev);
403
404 if (!netif_running(wdev->netdev))
405 return -ENETDOWN;
406
407 switch (wdev->iftype) {
408 case NL80211_IFTYPE_AP:
409 case NL80211_IFTYPE_AP_VLAN:
410 break;
411 case NL80211_IFTYPE_ADHOC:
412 if (!wdev->current_bss)
413 return -ENOLINK;
414 break;
415 case NL80211_IFTYPE_STATION:
416 if (wdev->sme_state != CFG80211_SME_CONNECTED)
417 return -ENOLINK;
418 break;
419 default:
420 return -EINVAL;
421 }
422
423 return 0;
424 }
425
426 static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags,
427 struct cfg80211_registered_device *dev)
428 {
429 void *hdr;
430 struct nlattr *nl_bands, *nl_band;
431 struct nlattr *nl_freqs, *nl_freq;
432 struct nlattr *nl_rates, *nl_rate;
433 struct nlattr *nl_modes;
434 struct nlattr *nl_cmds;
435 enum ieee80211_band band;
436 struct ieee80211_channel *chan;
437 struct ieee80211_rate *rate;
438 int i;
439 u16 ifmodes = dev->wiphy.interface_modes;
440
441 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_WIPHY);
442 if (!hdr)
443 return -1;
444
445 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, dev->wiphy_idx);
446 NLA_PUT_STRING(msg, NL80211_ATTR_WIPHY_NAME, wiphy_name(&dev->wiphy));
447
448 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION,
449 cfg80211_rdev_list_generation);
450
451 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_SHORT,
452 dev->wiphy.retry_short);
453 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_LONG,
454 dev->wiphy.retry_long);
455 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD,
456 dev->wiphy.frag_threshold);
457 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD,
458 dev->wiphy.rts_threshold);
459 NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_COVERAGE_CLASS,
460 dev->wiphy.coverage_class);
461
462 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_SCAN_SSIDS,
463 dev->wiphy.max_scan_ssids);
464 NLA_PUT_U16(msg, NL80211_ATTR_MAX_SCAN_IE_LEN,
465 dev->wiphy.max_scan_ie_len);
466
467 NLA_PUT(msg, NL80211_ATTR_CIPHER_SUITES,
468 sizeof(u32) * dev->wiphy.n_cipher_suites,
469 dev->wiphy.cipher_suites);
470
471 NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_PMKIDS,
472 dev->wiphy.max_num_pmkids);
473
474 nl_modes = nla_nest_start(msg, NL80211_ATTR_SUPPORTED_IFTYPES);
475 if (!nl_modes)
476 goto nla_put_failure;
477
478 i = 0;
479 while (ifmodes) {
480 if (ifmodes & 1)
481 NLA_PUT_FLAG(msg, i);
482 ifmodes >>= 1;
483 i++;
484 }
485
486 nla_nest_end(msg, nl_modes);
487
488 nl_bands = nla_nest_start(msg, NL80211_ATTR_WIPHY_BANDS);
489 if (!nl_bands)
490 goto nla_put_failure;
491
492 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
493 if (!dev->wiphy.bands[band])
494 continue;
495
496 nl_band = nla_nest_start(msg, band);
497 if (!nl_band)
498 goto nla_put_failure;
499
500 /* add HT info */
501 if (dev->wiphy.bands[band]->ht_cap.ht_supported) {
502 NLA_PUT(msg, NL80211_BAND_ATTR_HT_MCS_SET,
503 sizeof(dev->wiphy.bands[band]->ht_cap.mcs),
504 &dev->wiphy.bands[band]->ht_cap.mcs);
505 NLA_PUT_U16(msg, NL80211_BAND_ATTR_HT_CAPA,
506 dev->wiphy.bands[band]->ht_cap.cap);
507 NLA_PUT_U8(msg, NL80211_BAND_ATTR_HT_AMPDU_FACTOR,
508 dev->wiphy.bands[band]->ht_cap.ampdu_factor);
509 NLA_PUT_U8(msg, NL80211_BAND_ATTR_HT_AMPDU_DENSITY,
510 dev->wiphy.bands[band]->ht_cap.ampdu_density);
511 }
512
513 /* add frequencies */
514 nl_freqs = nla_nest_start(msg, NL80211_BAND_ATTR_FREQS);
515 if (!nl_freqs)
516 goto nla_put_failure;
517
518 for (i = 0; i < dev->wiphy.bands[band]->n_channels; i++) {
519 nl_freq = nla_nest_start(msg, i);
520 if (!nl_freq)
521 goto nla_put_failure;
522
523 chan = &dev->wiphy.bands[band]->channels[i];
524
525 if (nl80211_msg_put_channel(msg, chan))
526 goto nla_put_failure;
527
528 nla_nest_end(msg, nl_freq);
529 }
530
531 nla_nest_end(msg, nl_freqs);
532
533 /* add bitrates */
534 nl_rates = nla_nest_start(msg, NL80211_BAND_ATTR_RATES);
535 if (!nl_rates)
536 goto nla_put_failure;
537
538 for (i = 0; i < dev->wiphy.bands[band]->n_bitrates; i++) {
539 nl_rate = nla_nest_start(msg, i);
540 if (!nl_rate)
541 goto nla_put_failure;
542
543 rate = &dev->wiphy.bands[band]->bitrates[i];
544 NLA_PUT_U32(msg, NL80211_BITRATE_ATTR_RATE,
545 rate->bitrate);
546 if (rate->flags & IEEE80211_RATE_SHORT_PREAMBLE)
547 NLA_PUT_FLAG(msg,
548 NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE);
549
550 nla_nest_end(msg, nl_rate);
551 }
552
553 nla_nest_end(msg, nl_rates);
554
555 nla_nest_end(msg, nl_band);
556 }
557 nla_nest_end(msg, nl_bands);
558
559 nl_cmds = nla_nest_start(msg, NL80211_ATTR_SUPPORTED_COMMANDS);
560 if (!nl_cmds)
561 goto nla_put_failure;
562
563 i = 0;
564 #define CMD(op, n) \
565 do { \
566 if (dev->ops->op) { \
567 i++; \
568 NLA_PUT_U32(msg, i, NL80211_CMD_ ## n); \
569 } \
570 } while (0)
571
572 CMD(add_virtual_intf, NEW_INTERFACE);
573 CMD(change_virtual_intf, SET_INTERFACE);
574 CMD(add_key, NEW_KEY);
575 CMD(add_beacon, NEW_BEACON);
576 CMD(add_station, NEW_STATION);
577 CMD(add_mpath, NEW_MPATH);
578 CMD(set_mesh_params, SET_MESH_PARAMS);
579 CMD(change_bss, SET_BSS);
580 CMD(auth, AUTHENTICATE);
581 CMD(assoc, ASSOCIATE);
582 CMD(deauth, DEAUTHENTICATE);
583 CMD(disassoc, DISASSOCIATE);
584 CMD(join_ibss, JOIN_IBSS);
585 CMD(set_pmksa, SET_PMKSA);
586 CMD(del_pmksa, DEL_PMKSA);
587 CMD(flush_pmksa, FLUSH_PMKSA);
588 CMD(remain_on_channel, REMAIN_ON_CHANNEL);
589 CMD(set_bitrate_mask, SET_TX_BITRATE_MASK);
590 CMD(action, ACTION);
591 if (dev->wiphy.flags & WIPHY_FLAG_NETNS_OK) {
592 i++;
593 NLA_PUT_U32(msg, i, NL80211_CMD_SET_WIPHY_NETNS);
594 }
595 CMD(set_channel, SET_CHANNEL);
596
597 #undef CMD
598
599 if (dev->ops->connect || dev->ops->auth) {
600 i++;
601 NLA_PUT_U32(msg, i, NL80211_CMD_CONNECT);
602 }
603
604 if (dev->ops->disconnect || dev->ops->deauth) {
605 i++;
606 NLA_PUT_U32(msg, i, NL80211_CMD_DISCONNECT);
607 }
608
609 nla_nest_end(msg, nl_cmds);
610
611 return genlmsg_end(msg, hdr);
612
613 nla_put_failure:
614 genlmsg_cancel(msg, hdr);
615 return -EMSGSIZE;
616 }
617
618 static int nl80211_dump_wiphy(struct sk_buff *skb, struct netlink_callback *cb)
619 {
620 int idx = 0;
621 int start = cb->args[0];
622 struct cfg80211_registered_device *dev;
623
624 mutex_lock(&cfg80211_mutex);
625 list_for_each_entry(dev, &cfg80211_rdev_list, list) {
626 if (!net_eq(wiphy_net(&dev->wiphy), sock_net(skb->sk)))
627 continue;
628 if (++idx <= start)
629 continue;
630 if (nl80211_send_wiphy(skb, NETLINK_CB(cb->skb).pid,
631 cb->nlh->nlmsg_seq, NLM_F_MULTI,
632 dev) < 0) {
633 idx--;
634 break;
635 }
636 }
637 mutex_unlock(&cfg80211_mutex);
638
639 cb->args[0] = idx;
640
641 return skb->len;
642 }
643
644 static int nl80211_get_wiphy(struct sk_buff *skb, struct genl_info *info)
645 {
646 struct sk_buff *msg;
647 struct cfg80211_registered_device *dev;
648
649 dev = cfg80211_get_dev_from_info(info);
650 if (IS_ERR(dev))
651 return PTR_ERR(dev);
652
653 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
654 if (!msg)
655 goto out_err;
656
657 if (nl80211_send_wiphy(msg, info->snd_pid, info->snd_seq, 0, dev) < 0)
658 goto out_free;
659
660 cfg80211_unlock_rdev(dev);
661
662 return genlmsg_reply(msg, info);
663
664 out_free:
665 nlmsg_free(msg);
666 out_err:
667 cfg80211_unlock_rdev(dev);
668 return -ENOBUFS;
669 }
670
671 static const struct nla_policy txq_params_policy[NL80211_TXQ_ATTR_MAX + 1] = {
672 [NL80211_TXQ_ATTR_QUEUE] = { .type = NLA_U8 },
673 [NL80211_TXQ_ATTR_TXOP] = { .type = NLA_U16 },
674 [NL80211_TXQ_ATTR_CWMIN] = { .type = NLA_U16 },
675 [NL80211_TXQ_ATTR_CWMAX] = { .type = NLA_U16 },
676 [NL80211_TXQ_ATTR_AIFS] = { .type = NLA_U8 },
677 };
678
679 static int parse_txq_params(struct nlattr *tb[],
680 struct ieee80211_txq_params *txq_params)
681 {
682 if (!tb[NL80211_TXQ_ATTR_QUEUE] || !tb[NL80211_TXQ_ATTR_TXOP] ||
683 !tb[NL80211_TXQ_ATTR_CWMIN] || !tb[NL80211_TXQ_ATTR_CWMAX] ||
684 !tb[NL80211_TXQ_ATTR_AIFS])
685 return -EINVAL;
686
687 txq_params->queue = nla_get_u8(tb[NL80211_TXQ_ATTR_QUEUE]);
688 txq_params->txop = nla_get_u16(tb[NL80211_TXQ_ATTR_TXOP]);
689 txq_params->cwmin = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMIN]);
690 txq_params->cwmax = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMAX]);
691 txq_params->aifs = nla_get_u8(tb[NL80211_TXQ_ATTR_AIFS]);
692
693 return 0;
694 }
695
696 static bool nl80211_can_set_dev_channel(struct wireless_dev *wdev)
697 {
698 /*
699 * You can only set the channel explicitly for AP, mesh
700 * and WDS type interfaces; all others have their channel
701 * managed via their respective "establish a connection"
702 * command (connect, join, ...)
703 *
704 * Monitors are special as they are normally slaved to
705 * whatever else is going on, so they behave as though
706 * you tried setting the wiphy channel itself.
707 */
708 return !wdev ||
709 wdev->iftype == NL80211_IFTYPE_AP ||
710 wdev->iftype == NL80211_IFTYPE_WDS ||
711 wdev->iftype == NL80211_IFTYPE_MESH_POINT ||
712 wdev->iftype == NL80211_IFTYPE_MONITOR;
713 }
714
715 static int __nl80211_set_channel(struct cfg80211_registered_device *rdev,
716 struct wireless_dev *wdev,
717 struct genl_info *info)
718 {
719 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT;
720 u32 freq;
721 int result;
722
723 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ])
724 return -EINVAL;
725
726 if (!nl80211_can_set_dev_channel(wdev))
727 return -EOPNOTSUPP;
728
729 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) {
730 channel_type = nla_get_u32(info->attrs[
731 NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
732 if (channel_type != NL80211_CHAN_NO_HT &&
733 channel_type != NL80211_CHAN_HT20 &&
734 channel_type != NL80211_CHAN_HT40PLUS &&
735 channel_type != NL80211_CHAN_HT40MINUS)
736 return -EINVAL;
737 }
738
739 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]);
740
741 mutex_lock(&rdev->devlist_mtx);
742 if (wdev) {
743 wdev_lock(wdev);
744 result = cfg80211_set_freq(rdev, wdev, freq, channel_type);
745 wdev_unlock(wdev);
746 } else {
747 result = cfg80211_set_freq(rdev, NULL, freq, channel_type);
748 }
749 mutex_unlock(&rdev->devlist_mtx);
750
751 return result;
752 }
753
754 static int nl80211_set_channel(struct sk_buff *skb, struct genl_info *info)
755 {
756 struct cfg80211_registered_device *rdev;
757 struct net_device *netdev;
758 int result;
759
760 rtnl_lock();
761
762 result = get_rdev_dev_by_info_ifindex(info, &rdev, &netdev);
763 if (result)
764 goto unlock_rtnl;
765
766 result = __nl80211_set_channel(rdev, netdev->ieee80211_ptr, info);
767
768 dev_put(netdev);
769 cfg80211_unlock_rdev(rdev);
770 unlock_rtnl:
771 rtnl_unlock();
772
773 return result;
774 }
775
776 static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info)
777 {
778 struct cfg80211_registered_device *rdev;
779 struct net_device *netdev = NULL;
780 struct wireless_dev *wdev;
781 int result, rem_txq_params = 0;
782 struct nlattr *nl_txq_params;
783 u32 changed;
784 u8 retry_short = 0, retry_long = 0;
785 u32 frag_threshold = 0, rts_threshold = 0;
786 u8 coverage_class = 0;
787
788 rtnl_lock();
789
790 /*
791 * Try to find the wiphy and netdev. Normally this
792 * function shouldn't need the netdev, but this is
793 * done for backward compatibility -- previously
794 * setting the channel was done per wiphy, but now
795 * it is per netdev. Previous userland like hostapd
796 * also passed a netdev to set_wiphy, so that it is
797 * possible to let that go to the right netdev!
798 */
799 mutex_lock(&cfg80211_mutex);
800
801 if (info->attrs[NL80211_ATTR_IFINDEX]) {
802 int ifindex = nla_get_u32(info->attrs[NL80211_ATTR_IFINDEX]);
803
804 netdev = dev_get_by_index(genl_info_net(info), ifindex);
805 if (netdev && netdev->ieee80211_ptr) {
806 rdev = wiphy_to_dev(netdev->ieee80211_ptr->wiphy);
807 mutex_lock(&rdev->mtx);
808 } else
809 netdev = NULL;
810 }
811
812 if (!netdev) {
813 rdev = __cfg80211_rdev_from_info(info);
814 if (IS_ERR(rdev)) {
815 mutex_unlock(&cfg80211_mutex);
816 result = PTR_ERR(rdev);
817 goto unlock;
818 }
819 wdev = NULL;
820 netdev = NULL;
821 result = 0;
822
823 mutex_lock(&rdev->mtx);
824 } else if (netif_running(netdev) &&
825 nl80211_can_set_dev_channel(netdev->ieee80211_ptr))
826 wdev = netdev->ieee80211_ptr;
827 else
828 wdev = NULL;
829
830 /*
831 * end workaround code, by now the rdev is available
832 * and locked, and wdev may or may not be NULL.
833 */
834
835 if (info->attrs[NL80211_ATTR_WIPHY_NAME])
836 result = cfg80211_dev_rename(
837 rdev, nla_data(info->attrs[NL80211_ATTR_WIPHY_NAME]));
838
839 mutex_unlock(&cfg80211_mutex);
840
841 if (result)
842 goto bad_res;
843
844 if (info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS]) {
845 struct ieee80211_txq_params txq_params;
846 struct nlattr *tb[NL80211_TXQ_ATTR_MAX + 1];
847
848 if (!rdev->ops->set_txq_params) {
849 result = -EOPNOTSUPP;
850 goto bad_res;
851 }
852
853 nla_for_each_nested(nl_txq_params,
854 info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS],
855 rem_txq_params) {
856 nla_parse(tb, NL80211_TXQ_ATTR_MAX,
857 nla_data(nl_txq_params),
858 nla_len(nl_txq_params),
859 txq_params_policy);
860 result = parse_txq_params(tb, &txq_params);
861 if (result)
862 goto bad_res;
863
864 result = rdev->ops->set_txq_params(&rdev->wiphy,
865 &txq_params);
866 if (result)
867 goto bad_res;
868 }
869 }
870
871 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
872 result = __nl80211_set_channel(rdev, wdev, info);
873 if (result)
874 goto bad_res;
875 }
876
877 if (info->attrs[NL80211_ATTR_WIPHY_TX_POWER_SETTING]) {
878 enum nl80211_tx_power_setting type;
879 int idx, mbm = 0;
880
881 if (!rdev->ops->set_tx_power) {
882 result = -EOPNOTSUPP;
883 goto bad_res;
884 }
885
886 idx = NL80211_ATTR_WIPHY_TX_POWER_SETTING;
887 type = nla_get_u32(info->attrs[idx]);
888
889 if (!info->attrs[NL80211_ATTR_WIPHY_TX_POWER_LEVEL] &&
890 (type != NL80211_TX_POWER_AUTOMATIC)) {
891 result = -EINVAL;
892 goto bad_res;
893 }
894
895 if (type != NL80211_TX_POWER_AUTOMATIC) {
896 idx = NL80211_ATTR_WIPHY_TX_POWER_LEVEL;
897 mbm = nla_get_u32(info->attrs[idx]);
898 }
899
900 result = rdev->ops->set_tx_power(&rdev->wiphy, type, mbm);
901 if (result)
902 goto bad_res;
903 }
904
905 changed = 0;
906
907 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]) {
908 retry_short = nla_get_u8(
909 info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]);
910 if (retry_short == 0) {
911 result = -EINVAL;
912 goto bad_res;
913 }
914 changed |= WIPHY_PARAM_RETRY_SHORT;
915 }
916
917 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]) {
918 retry_long = nla_get_u8(
919 info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]);
920 if (retry_long == 0) {
921 result = -EINVAL;
922 goto bad_res;
923 }
924 changed |= WIPHY_PARAM_RETRY_LONG;
925 }
926
927 if (info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]) {
928 frag_threshold = nla_get_u32(
929 info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]);
930 if (frag_threshold < 256) {
931 result = -EINVAL;
932 goto bad_res;
933 }
934 if (frag_threshold != (u32) -1) {
935 /*
936 * Fragments (apart from the last one) are required to
937 * have even length. Make the fragmentation code
938 * simpler by stripping LSB should someone try to use
939 * odd threshold value.
940 */
941 frag_threshold &= ~0x1;
942 }
943 changed |= WIPHY_PARAM_FRAG_THRESHOLD;
944 }
945
946 if (info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]) {
947 rts_threshold = nla_get_u32(
948 info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]);
949 changed |= WIPHY_PARAM_RTS_THRESHOLD;
950 }
951
952 if (info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]) {
953 coverage_class = nla_get_u8(
954 info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]);
955 changed |= WIPHY_PARAM_COVERAGE_CLASS;
956 }
957
958 if (changed) {
959 u8 old_retry_short, old_retry_long;
960 u32 old_frag_threshold, old_rts_threshold;
961 u8 old_coverage_class;
962
963 if (!rdev->ops->set_wiphy_params) {
964 result = -EOPNOTSUPP;
965 goto bad_res;
966 }
967
968 old_retry_short = rdev->wiphy.retry_short;
969 old_retry_long = rdev->wiphy.retry_long;
970 old_frag_threshold = rdev->wiphy.frag_threshold;
971 old_rts_threshold = rdev->wiphy.rts_threshold;
972 old_coverage_class = rdev->wiphy.coverage_class;
973
974 if (changed & WIPHY_PARAM_RETRY_SHORT)
975 rdev->wiphy.retry_short = retry_short;
976 if (changed & WIPHY_PARAM_RETRY_LONG)
977 rdev->wiphy.retry_long = retry_long;
978 if (changed & WIPHY_PARAM_FRAG_THRESHOLD)
979 rdev->wiphy.frag_threshold = frag_threshold;
980 if (changed & WIPHY_PARAM_RTS_THRESHOLD)
981 rdev->wiphy.rts_threshold = rts_threshold;
982 if (changed & WIPHY_PARAM_COVERAGE_CLASS)
983 rdev->wiphy.coverage_class = coverage_class;
984
985 result = rdev->ops->set_wiphy_params(&rdev->wiphy, changed);
986 if (result) {
987 rdev->wiphy.retry_short = old_retry_short;
988 rdev->wiphy.retry_long = old_retry_long;
989 rdev->wiphy.frag_threshold = old_frag_threshold;
990 rdev->wiphy.rts_threshold = old_rts_threshold;
991 rdev->wiphy.coverage_class = old_coverage_class;
992 }
993 }
994
995 bad_res:
996 mutex_unlock(&rdev->mtx);
997 if (netdev)
998 dev_put(netdev);
999 unlock:
1000 rtnl_unlock();
1001 return result;
1002 }
1003
1004
1005 static int nl80211_send_iface(struct sk_buff *msg, u32 pid, u32 seq, int flags,
1006 struct cfg80211_registered_device *rdev,
1007 struct net_device *dev)
1008 {
1009 void *hdr;
1010
1011 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_INTERFACE);
1012 if (!hdr)
1013 return -1;
1014
1015 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex);
1016 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
1017 NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, dev->name);
1018 NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, dev->ieee80211_ptr->iftype);
1019
1020 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION,
1021 rdev->devlist_generation ^
1022 (cfg80211_rdev_list_generation << 2));
1023
1024 return genlmsg_end(msg, hdr);
1025
1026 nla_put_failure:
1027 genlmsg_cancel(msg, hdr);
1028 return -EMSGSIZE;
1029 }
1030
1031 static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback *cb)
1032 {
1033 int wp_idx = 0;
1034 int if_idx = 0;
1035 int wp_start = cb->args[0];
1036 int if_start = cb->args[1];
1037 struct cfg80211_registered_device *rdev;
1038 struct wireless_dev *wdev;
1039
1040 mutex_lock(&cfg80211_mutex);
1041 list_for_each_entry(rdev, &cfg80211_rdev_list, list) {
1042 if (!net_eq(wiphy_net(&rdev->wiphy), sock_net(skb->sk)))
1043 continue;
1044 if (wp_idx < wp_start) {
1045 wp_idx++;
1046 continue;
1047 }
1048 if_idx = 0;
1049
1050 mutex_lock(&rdev->devlist_mtx);
1051 list_for_each_entry(wdev, &rdev->netdev_list, list) {
1052 if (if_idx < if_start) {
1053 if_idx++;
1054 continue;
1055 }
1056 if (nl80211_send_iface(skb, NETLINK_CB(cb->skb).pid,
1057 cb->nlh->nlmsg_seq, NLM_F_MULTI,
1058 rdev, wdev->netdev) < 0) {
1059 mutex_unlock(&rdev->devlist_mtx);
1060 goto out;
1061 }
1062 if_idx++;
1063 }
1064 mutex_unlock(&rdev->devlist_mtx);
1065
1066 wp_idx++;
1067 }
1068 out:
1069 mutex_unlock(&cfg80211_mutex);
1070
1071 cb->args[0] = wp_idx;
1072 cb->args[1] = if_idx;
1073
1074 return skb->len;
1075 }
1076
1077 static int nl80211_get_interface(struct sk_buff *skb, struct genl_info *info)
1078 {
1079 struct sk_buff *msg;
1080 struct cfg80211_registered_device *dev;
1081 struct net_device *netdev;
1082 int err;
1083
1084 err = get_rdev_dev_by_info_ifindex(info, &dev, &netdev);
1085 if (err)
1086 return err;
1087
1088 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
1089 if (!msg)
1090 goto out_err;
1091
1092 if (nl80211_send_iface(msg, info->snd_pid, info->snd_seq, 0,
1093 dev, netdev) < 0)
1094 goto out_free;
1095
1096 dev_put(netdev);
1097 cfg80211_unlock_rdev(dev);
1098
1099 return genlmsg_reply(msg, info);
1100
1101 out_free:
1102 nlmsg_free(msg);
1103 out_err:
1104 dev_put(netdev);
1105 cfg80211_unlock_rdev(dev);
1106 return -ENOBUFS;
1107 }
1108
1109 static const struct nla_policy mntr_flags_policy[NL80211_MNTR_FLAG_MAX + 1] = {
1110 [NL80211_MNTR_FLAG_FCSFAIL] = { .type = NLA_FLAG },
1111 [NL80211_MNTR_FLAG_PLCPFAIL] = { .type = NLA_FLAG },
1112 [NL80211_MNTR_FLAG_CONTROL] = { .type = NLA_FLAG },
1113 [NL80211_MNTR_FLAG_OTHER_BSS] = { .type = NLA_FLAG },
1114 [NL80211_MNTR_FLAG_COOK_FRAMES] = { .type = NLA_FLAG },
1115 };
1116
1117 static int parse_monitor_flags(struct nlattr *nla, u32 *mntrflags)
1118 {
1119 struct nlattr *flags[NL80211_MNTR_FLAG_MAX + 1];
1120 int flag;
1121
1122 *mntrflags = 0;
1123
1124 if (!nla)
1125 return -EINVAL;
1126
1127 if (nla_parse_nested(flags, NL80211_MNTR_FLAG_MAX,
1128 nla, mntr_flags_policy))
1129 return -EINVAL;
1130
1131 for (flag = 1; flag <= NL80211_MNTR_FLAG_MAX; flag++)
1132 if (flags[flag])
1133 *mntrflags |= (1<<flag);
1134
1135 return 0;
1136 }
1137
1138 static int nl80211_valid_4addr(struct cfg80211_registered_device *rdev,
1139 struct net_device *netdev, u8 use_4addr,
1140 enum nl80211_iftype iftype)
1141 {
1142 if (!use_4addr) {
1143 if (netdev && (netdev->priv_flags & IFF_BRIDGE_PORT))
1144 return -EBUSY;
1145 return 0;
1146 }
1147
1148 switch (iftype) {
1149 case NL80211_IFTYPE_AP_VLAN:
1150 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_AP)
1151 return 0;
1152 break;
1153 case NL80211_IFTYPE_STATION:
1154 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_STATION)
1155 return 0;
1156 break;
1157 default:
1158 break;
1159 }
1160
1161 return -EOPNOTSUPP;
1162 }
1163
1164 static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
1165 {
1166 struct cfg80211_registered_device *rdev;
1167 struct vif_params params;
1168 int err;
1169 enum nl80211_iftype otype, ntype;
1170 struct net_device *dev;
1171 u32 _flags, *flags = NULL;
1172 bool change = false;
1173
1174 memset(&params, 0, sizeof(params));
1175
1176 rtnl_lock();
1177
1178 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
1179 if (err)
1180 goto unlock_rtnl;
1181
1182 otype = ntype = dev->ieee80211_ptr->iftype;
1183
1184 if (info->attrs[NL80211_ATTR_IFTYPE]) {
1185 ntype = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]);
1186 if (otype != ntype)
1187 change = true;
1188 if (ntype > NL80211_IFTYPE_MAX) {
1189 err = -EINVAL;
1190 goto unlock;
1191 }
1192 }
1193
1194 if (info->attrs[NL80211_ATTR_MESH_ID]) {
1195 if (ntype != NL80211_IFTYPE_MESH_POINT) {
1196 err = -EINVAL;
1197 goto unlock;
1198 }
1199 params.mesh_id = nla_data(info->attrs[NL80211_ATTR_MESH_ID]);
1200 params.mesh_id_len = nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
1201 change = true;
1202 }
1203
1204 if (info->attrs[NL80211_ATTR_4ADDR]) {
1205 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]);
1206 change = true;
1207 err = nl80211_valid_4addr(rdev, dev, params.use_4addr, ntype);
1208 if (err)
1209 goto unlock;
1210 } else {
1211 params.use_4addr = -1;
1212 }
1213
1214 if (info->attrs[NL80211_ATTR_MNTR_FLAGS]) {
1215 if (ntype != NL80211_IFTYPE_MONITOR) {
1216 err = -EINVAL;
1217 goto unlock;
1218 }
1219 err = parse_monitor_flags(info->attrs[NL80211_ATTR_MNTR_FLAGS],
1220 &_flags);
1221 if (err)
1222 goto unlock;
1223
1224 flags = &_flags;
1225 change = true;
1226 }
1227
1228 if (change)
1229 err = cfg80211_change_iface(rdev, dev, ntype, flags, &params);
1230 else
1231 err = 0;
1232
1233 if (!err && params.use_4addr != -1)
1234 dev->ieee80211_ptr->use_4addr = params.use_4addr;
1235
1236 unlock:
1237 dev_put(dev);
1238 cfg80211_unlock_rdev(rdev);
1239 unlock_rtnl:
1240 rtnl_unlock();
1241 return err;
1242 }
1243
1244 static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info)
1245 {
1246 struct cfg80211_registered_device *rdev;
1247 struct vif_params params;
1248 int err;
1249 enum nl80211_iftype type = NL80211_IFTYPE_UNSPECIFIED;
1250 u32 flags;
1251
1252 memset(&params, 0, sizeof(params));
1253
1254 if (!info->attrs[NL80211_ATTR_IFNAME])
1255 return -EINVAL;
1256
1257 if (info->attrs[NL80211_ATTR_IFTYPE]) {
1258 type = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]);
1259 if (type > NL80211_IFTYPE_MAX)
1260 return -EINVAL;
1261 }
1262
1263 rtnl_lock();
1264
1265 rdev = cfg80211_get_dev_from_info(info);
1266 if (IS_ERR(rdev)) {
1267 err = PTR_ERR(rdev);
1268 goto unlock_rtnl;
1269 }
1270
1271 if (!rdev->ops->add_virtual_intf ||
1272 !(rdev->wiphy.interface_modes & (1 << type))) {
1273 err = -EOPNOTSUPP;
1274 goto unlock;
1275 }
1276
1277 if (type == NL80211_IFTYPE_MESH_POINT &&
1278 info->attrs[NL80211_ATTR_MESH_ID]) {
1279 params.mesh_id = nla_data(info->attrs[NL80211_ATTR_MESH_ID]);
1280 params.mesh_id_len = nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
1281 }
1282
1283 if (info->attrs[NL80211_ATTR_4ADDR]) {
1284 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]);
1285 err = nl80211_valid_4addr(rdev, NULL, params.use_4addr, type);
1286 if (err)
1287 goto unlock;
1288 }
1289
1290 err = parse_monitor_flags(type == NL80211_IFTYPE_MONITOR ?
1291 info->attrs[NL80211_ATTR_MNTR_FLAGS] : NULL,
1292 &flags);
1293 err = rdev->ops->add_virtual_intf(&rdev->wiphy,
1294 nla_data(info->attrs[NL80211_ATTR_IFNAME]),
1295 type, err ? NULL : &flags, &params);
1296
1297 unlock:
1298 cfg80211_unlock_rdev(rdev);
1299 unlock_rtnl:
1300 rtnl_unlock();
1301 return err;
1302 }
1303
1304 static int nl80211_del_interface(struct sk_buff *skb, struct genl_info *info)
1305 {
1306 struct cfg80211_registered_device *rdev;
1307 int err;
1308 struct net_device *dev;
1309
1310 rtnl_lock();
1311
1312 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
1313 if (err)
1314 goto unlock_rtnl;
1315
1316 if (!rdev->ops->del_virtual_intf) {
1317 err = -EOPNOTSUPP;
1318 goto out;
1319 }
1320
1321 err = rdev->ops->del_virtual_intf(&rdev->wiphy, dev);
1322
1323 out:
1324 cfg80211_unlock_rdev(rdev);
1325 dev_put(dev);
1326 unlock_rtnl:
1327 rtnl_unlock();
1328 return err;
1329 }
1330
1331 struct get_key_cookie {
1332 struct sk_buff *msg;
1333 int error;
1334 int idx;
1335 };
1336
1337 static void get_key_callback(void *c, struct key_params *params)
1338 {
1339 struct nlattr *key;
1340 struct get_key_cookie *cookie = c;
1341
1342 if (params->key)
1343 NLA_PUT(cookie->msg, NL80211_ATTR_KEY_DATA,
1344 params->key_len, params->key);
1345
1346 if (params->seq)
1347 NLA_PUT(cookie->msg, NL80211_ATTR_KEY_SEQ,
1348 params->seq_len, params->seq);
1349
1350 if (params->cipher)
1351 NLA_PUT_U32(cookie->msg, NL80211_ATTR_KEY_CIPHER,
1352 params->cipher);
1353
1354 key = nla_nest_start(cookie->msg, NL80211_ATTR_KEY);
1355 if (!key)
1356 goto nla_put_failure;
1357
1358 if (params->key)
1359 NLA_PUT(cookie->msg, NL80211_KEY_DATA,
1360 params->key_len, params->key);
1361
1362 if (params->seq)
1363 NLA_PUT(cookie->msg, NL80211_KEY_SEQ,
1364 params->seq_len, params->seq);
1365
1366 if (params->cipher)
1367 NLA_PUT_U32(cookie->msg, NL80211_KEY_CIPHER,
1368 params->cipher);
1369
1370 NLA_PUT_U8(cookie->msg, NL80211_ATTR_KEY_IDX, cookie->idx);
1371
1372 nla_nest_end(cookie->msg, key);
1373
1374 return;
1375 nla_put_failure:
1376 cookie->error = 1;
1377 }
1378
1379 static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info)
1380 {
1381 struct cfg80211_registered_device *rdev;
1382 int err;
1383 struct net_device *dev;
1384 u8 key_idx = 0;
1385 u8 *mac_addr = NULL;
1386 struct get_key_cookie cookie = {
1387 .error = 0,
1388 };
1389 void *hdr;
1390 struct sk_buff *msg;
1391
1392 if (info->attrs[NL80211_ATTR_KEY_IDX])
1393 key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);
1394
1395 if (key_idx > 5)
1396 return -EINVAL;
1397
1398 if (info->attrs[NL80211_ATTR_MAC])
1399 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
1400
1401 rtnl_lock();
1402
1403 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
1404 if (err)
1405 goto unlock_rtnl;
1406
1407 if (!rdev->ops->get_key) {
1408 err = -EOPNOTSUPP;
1409 goto out;
1410 }
1411
1412 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
1413 if (!msg) {
1414 err = -ENOMEM;
1415 goto out;
1416 }
1417
1418 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0,
1419 NL80211_CMD_NEW_KEY);
1420
1421 if (IS_ERR(hdr)) {
1422 err = PTR_ERR(hdr);
1423 goto free_msg;
1424 }
1425
1426 cookie.msg = msg;
1427 cookie.idx = key_idx;
1428
1429 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex);
1430 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx);
1431 if (mac_addr)
1432 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr);
1433
1434 err = rdev->ops->get_key(&rdev->wiphy, dev, key_idx, mac_addr,
1435 &cookie, get_key_callback);
1436
1437 if (err)
1438 goto free_msg;
1439
1440 if (cookie.error)
1441 goto nla_put_failure;
1442
1443 genlmsg_end(msg, hdr);
1444 err = genlmsg_reply(msg, info);
1445 goto out;
1446
1447 nla_put_failure:
1448 err = -ENOBUFS;
1449 free_msg:
1450 nlmsg_free(msg);
1451 out:
1452 cfg80211_unlock_rdev(rdev);
1453 dev_put(dev);
1454 unlock_rtnl:
1455 rtnl_unlock();
1456
1457 return err;
1458 }
1459
1460 static int nl80211_set_key(struct sk_buff *skb, struct genl_info *info)
1461 {
1462 struct cfg80211_registered_device *rdev;
1463 struct key_parse key;
1464 int err;
1465 struct net_device *dev;
1466 int (*func)(struct wiphy *wiphy, struct net_device *netdev,
1467 u8 key_index);
1468
1469 err = nl80211_parse_key(info, &key);
1470 if (err)
1471 return err;
1472
1473 if (key.idx < 0)
1474 return -EINVAL;
1475
1476 /* only support setting default key */
1477 if (!key.def && !key.defmgmt)
1478 return -EINVAL;
1479
1480 rtnl_lock();
1481
1482 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
1483 if (err)
1484 goto unlock_rtnl;
1485
1486 if (key.def)
1487 func = rdev->ops->set_default_key;
1488 else
1489 func = rdev->ops->set_default_mgmt_key;
1490
1491 if (!func) {
1492 err = -EOPNOTSUPP;
1493 goto out;
1494 }
1495
1496 wdev_lock(dev->ieee80211_ptr);
1497 err = nl80211_key_allowed(dev->ieee80211_ptr);
1498 if (!err)
1499 err = func(&rdev->wiphy, dev, key.idx);
1500
1501 #ifdef CONFIG_CFG80211_WEXT
1502 if (!err) {
1503 if (func == rdev->ops->set_default_key)
1504 dev->ieee80211_ptr->wext.default_key = key.idx;
1505 else
1506 dev->ieee80211_ptr->wext.default_mgmt_key = key.idx;
1507 }
1508 #endif
1509 wdev_unlock(dev->ieee80211_ptr);
1510
1511 out:
1512 cfg80211_unlock_rdev(rdev);
1513 dev_put(dev);
1514
1515 unlock_rtnl:
1516 rtnl_unlock();
1517
1518 return err;
1519 }
1520
1521 static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info)
1522 {
1523 struct cfg80211_registered_device *rdev;
1524 int err;
1525 struct net_device *dev;
1526 struct key_parse key;
1527 u8 *mac_addr = NULL;
1528
1529 err = nl80211_parse_key(info, &key);
1530 if (err)
1531 return err;
1532
1533 if (!key.p.key)
1534 return -EINVAL;
1535
1536 if (info->attrs[NL80211_ATTR_MAC])
1537 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
1538
1539 rtnl_lock();
1540
1541 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
1542 if (err)
1543 goto unlock_rtnl;
1544
1545 if (!rdev->ops->add_key) {
1546 err = -EOPNOTSUPP;
1547 goto out;
1548 }
1549
1550 if (cfg80211_validate_key_settings(rdev, &key.p, key.idx, mac_addr)) {
1551 err = -EINVAL;
1552 goto out;
1553 }
1554
1555 wdev_lock(dev->ieee80211_ptr);
1556 err = nl80211_key_allowed(dev->ieee80211_ptr);
1557 if (!err)
1558 err = rdev->ops->add_key(&rdev->wiphy, dev, key.idx,
1559 mac_addr, &key.p);
1560 wdev_unlock(dev->ieee80211_ptr);
1561
1562 out:
1563 cfg80211_unlock_rdev(rdev);
1564 dev_put(dev);
1565 unlock_rtnl:
1566 rtnl_unlock();
1567
1568 return err;
1569 }
1570
1571 static int nl80211_del_key(struct sk_buff *skb, struct genl_info *info)
1572 {
1573 struct cfg80211_registered_device *rdev;
1574 int err;
1575 struct net_device *dev;
1576 u8 *mac_addr = NULL;
1577 struct key_parse key;
1578
1579 err = nl80211_parse_key(info, &key);
1580 if (err)
1581 return err;
1582
1583 if (info->attrs[NL80211_ATTR_MAC])
1584 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
1585
1586 rtnl_lock();
1587
1588 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
1589 if (err)
1590 goto unlock_rtnl;
1591
1592 if (!rdev->ops->del_key) {
1593 err = -EOPNOTSUPP;
1594 goto out;
1595 }
1596
1597 wdev_lock(dev->ieee80211_ptr);
1598 err = nl80211_key_allowed(dev->ieee80211_ptr);
1599 if (!err)
1600 err = rdev->ops->del_key(&rdev->wiphy, dev, key.idx, mac_addr);
1601
1602 #ifdef CONFIG_CFG80211_WEXT
1603 if (!err) {
1604 if (key.idx == dev->ieee80211_ptr->wext.default_key)
1605 dev->ieee80211_ptr->wext.default_key = -1;
1606 else if (key.idx == dev->ieee80211_ptr->wext.default_mgmt_key)
1607 dev->ieee80211_ptr->wext.default_mgmt_key = -1;
1608 }
1609 #endif
1610 wdev_unlock(dev->ieee80211_ptr);
1611
1612 out:
1613 cfg80211_unlock_rdev(rdev);
1614 dev_put(dev);
1615
1616 unlock_rtnl:
1617 rtnl_unlock();
1618
1619 return err;
1620 }
1621
1622 static int nl80211_addset_beacon(struct sk_buff *skb, struct genl_info *info)
1623 {
1624 int (*call)(struct wiphy *wiphy, struct net_device *dev,
1625 struct beacon_parameters *info);
1626 struct cfg80211_registered_device *rdev;
1627 int err;
1628 struct net_device *dev;
1629 struct beacon_parameters params;
1630 int haveinfo = 0;
1631
1632 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_BEACON_TAIL]))
1633 return -EINVAL;
1634
1635 rtnl_lock();
1636
1637 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
1638 if (err)
1639 goto unlock_rtnl;
1640
1641 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP) {
1642 err = -EOPNOTSUPP;
1643 goto out;
1644 }
1645
1646 switch (info->genlhdr->cmd) {
1647 case NL80211_CMD_NEW_BEACON:
1648 /* these are required for NEW_BEACON */
1649 if (!info->attrs[NL80211_ATTR_BEACON_INTERVAL] ||
1650 !info->attrs[NL80211_ATTR_DTIM_PERIOD] ||
1651 !info->attrs[NL80211_ATTR_BEACON_HEAD]) {
1652 err = -EINVAL;
1653 goto out;
1654 }
1655
1656 call = rdev->ops->add_beacon;
1657 break;
1658 case NL80211_CMD_SET_BEACON:
1659 call = rdev->ops->set_beacon;
1660 break;
1661 default:
1662 WARN_ON(1);
1663 err = -EOPNOTSUPP;
1664 goto out;
1665 }
1666
1667 if (!call) {
1668 err = -EOPNOTSUPP;
1669 goto out;
1670 }
1671
1672 memset(&params, 0, sizeof(params));
1673
1674 if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) {
1675 params.interval =
1676 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]);
1677 haveinfo = 1;
1678 }
1679
1680 if (info->attrs[NL80211_ATTR_DTIM_PERIOD]) {
1681 params.dtim_period =
1682 nla_get_u32(info->attrs[NL80211_ATTR_DTIM_PERIOD]);
1683 haveinfo = 1;
1684 }
1685
1686 if (info->attrs[NL80211_ATTR_BEACON_HEAD]) {
1687 params.head = nla_data(info->attrs[NL80211_ATTR_BEACON_HEAD]);
1688 params.head_len =
1689 nla_len(info->attrs[NL80211_ATTR_BEACON_HEAD]);
1690 haveinfo = 1;
1691 }
1692
1693 if (info->attrs[NL80211_ATTR_BEACON_TAIL]) {
1694 params.tail = nla_data(info->attrs[NL80211_ATTR_BEACON_TAIL]);
1695 params.tail_len =
1696 nla_len(info->attrs[NL80211_ATTR_BEACON_TAIL]);
1697 haveinfo = 1;
1698 }
1699
1700 if (!haveinfo) {
1701 err = -EINVAL;
1702 goto out;
1703 }
1704
1705 err = call(&rdev->wiphy, dev, &params);
1706
1707 out:
1708 cfg80211_unlock_rdev(rdev);
1709 dev_put(dev);
1710 unlock_rtnl:
1711 rtnl_unlock();
1712
1713 return err;
1714 }
1715
1716 static int nl80211_del_beacon(struct sk_buff *skb, struct genl_info *info)
1717 {
1718 struct cfg80211_registered_device *rdev;
1719 int err;
1720 struct net_device *dev;
1721
1722 rtnl_lock();
1723
1724 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
1725 if (err)
1726 goto unlock_rtnl;
1727
1728 if (!rdev->ops->del_beacon) {
1729 err = -EOPNOTSUPP;
1730 goto out;
1731 }
1732
1733 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP) {
1734 err = -EOPNOTSUPP;
1735 goto out;
1736 }
1737 err = rdev->ops->del_beacon(&rdev->wiphy, dev);
1738
1739 out:
1740 cfg80211_unlock_rdev(rdev);
1741 dev_put(dev);
1742 unlock_rtnl:
1743 rtnl_unlock();
1744
1745 return err;
1746 }
1747
1748 static const struct nla_policy sta_flags_policy[NL80211_STA_FLAG_MAX + 1] = {
1749 [NL80211_STA_FLAG_AUTHORIZED] = { .type = NLA_FLAG },
1750 [NL80211_STA_FLAG_SHORT_PREAMBLE] = { .type = NLA_FLAG },
1751 [NL80211_STA_FLAG_WME] = { .type = NLA_FLAG },
1752 [NL80211_STA_FLAG_MFP] = { .type = NLA_FLAG },
1753 };
1754
1755 static int parse_station_flags(struct genl_info *info,
1756 struct station_parameters *params)
1757 {
1758 struct nlattr *flags[NL80211_STA_FLAG_MAX + 1];
1759 struct nlattr *nla;
1760 int flag;
1761
1762 /*
1763 * Try parsing the new attribute first so userspace
1764 * can specify both for older kernels.
1765 */
1766 nla = info->attrs[NL80211_ATTR_STA_FLAGS2];
1767 if (nla) {
1768 struct nl80211_sta_flag_update *sta_flags;
1769
1770 sta_flags = nla_data(nla);
1771 params->sta_flags_mask = sta_flags->mask;
1772 params->sta_flags_set = sta_flags->set;
1773 if ((params->sta_flags_mask |
1774 params->sta_flags_set) & BIT(__NL80211_STA_FLAG_INVALID))
1775 return -EINVAL;
1776 return 0;
1777 }
1778
1779 /* if present, parse the old attribute */
1780
1781 nla = info->attrs[NL80211_ATTR_STA_FLAGS];
1782 if (!nla)
1783 return 0;
1784
1785 if (nla_parse_nested(flags, NL80211_STA_FLAG_MAX,
1786 nla, sta_flags_policy))
1787 return -EINVAL;
1788
1789 params->sta_flags_mask = (1 << __NL80211_STA_FLAG_AFTER_LAST) - 1;
1790 params->sta_flags_mask &= ~1;
1791
1792 for (flag = 1; flag <= NL80211_STA_FLAG_MAX; flag++)
1793 if (flags[flag])
1794 params->sta_flags_set |= (1<<flag);
1795
1796 return 0;
1797 }
1798
1799 static int nl80211_send_station(struct sk_buff *msg, u32 pid, u32 seq,
1800 int flags, struct net_device *dev,
1801 const u8 *mac_addr, struct station_info *sinfo)
1802 {
1803 void *hdr;
1804 struct nlattr *sinfoattr, *txrate;
1805 u16 bitrate;
1806
1807 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION);
1808 if (!hdr)
1809 return -1;
1810
1811 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex);
1812 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr);
1813
1814 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, sinfo->generation);
1815
1816 sinfoattr = nla_nest_start(msg, NL80211_ATTR_STA_INFO);
1817 if (!sinfoattr)
1818 goto nla_put_failure;
1819 if (sinfo->filled & STATION_INFO_INACTIVE_TIME)
1820 NLA_PUT_U32(msg, NL80211_STA_INFO_INACTIVE_TIME,
1821 sinfo->inactive_time);
1822 if (sinfo->filled & STATION_INFO_RX_BYTES)
1823 NLA_PUT_U32(msg, NL80211_STA_INFO_RX_BYTES,
1824 sinfo->rx_bytes);
1825 if (sinfo->filled & STATION_INFO_TX_BYTES)
1826 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_BYTES,
1827 sinfo->tx_bytes);
1828 if (sinfo->filled & STATION_INFO_LLID)
1829 NLA_PUT_U16(msg, NL80211_STA_INFO_LLID,
1830 sinfo->llid);
1831 if (sinfo->filled & STATION_INFO_PLID)
1832 NLA_PUT_U16(msg, NL80211_STA_INFO_PLID,
1833 sinfo->plid);
1834 if (sinfo->filled & STATION_INFO_PLINK_STATE)
1835 NLA_PUT_U8(msg, NL80211_STA_INFO_PLINK_STATE,
1836 sinfo->plink_state);
1837 if (sinfo->filled & STATION_INFO_SIGNAL)
1838 NLA_PUT_U8(msg, NL80211_STA_INFO_SIGNAL,
1839 sinfo->signal);
1840 if (sinfo->filled & STATION_INFO_TX_BITRATE) {
1841 txrate = nla_nest_start(msg, NL80211_STA_INFO_TX_BITRATE);
1842 if (!txrate)
1843 goto nla_put_failure;
1844
1845 /* cfg80211_calculate_bitrate will return 0 for mcs >= 32 */
1846 bitrate = cfg80211_calculate_bitrate(&sinfo->txrate);
1847 if (bitrate > 0)
1848 NLA_PUT_U16(msg, NL80211_RATE_INFO_BITRATE, bitrate);
1849
1850 if (sinfo->txrate.flags & RATE_INFO_FLAGS_MCS)
1851 NLA_PUT_U8(msg, NL80211_RATE_INFO_MCS,
1852 sinfo->txrate.mcs);
1853 if (sinfo->txrate.flags & RATE_INFO_FLAGS_40_MHZ_WIDTH)
1854 NLA_PUT_FLAG(msg, NL80211_RATE_INFO_40_MHZ_WIDTH);
1855 if (sinfo->txrate.flags & RATE_INFO_FLAGS_SHORT_GI)
1856 NLA_PUT_FLAG(msg, NL80211_RATE_INFO_SHORT_GI);
1857
1858 nla_nest_end(msg, txrate);
1859 }
1860 if (sinfo->filled & STATION_INFO_RX_PACKETS)
1861 NLA_PUT_U32(msg, NL80211_STA_INFO_RX_PACKETS,
1862 sinfo->rx_packets);
1863 if (sinfo->filled & STATION_INFO_TX_PACKETS)
1864 NLA_PUT_U32(msg, NL80211_STA_INFO_TX_PACKETS,
1865 sinfo->tx_packets);
1866 nla_nest_end(msg, sinfoattr);
1867
1868 return genlmsg_end(msg, hdr);
1869
1870 nla_put_failure:
1871 genlmsg_cancel(msg, hdr);
1872 return -EMSGSIZE;
1873 }
1874
1875 static int nl80211_dump_station(struct sk_buff *skb,
1876 struct netlink_callback *cb)
1877 {
1878 struct station_info sinfo;
1879 struct cfg80211_registered_device *dev;
1880 struct net_device *netdev;
1881 u8 mac_addr[ETH_ALEN];
1882 int ifidx = cb->args[0];
1883 int sta_idx = cb->args[1];
1884 int err;
1885
1886 if (!ifidx)
1887 ifidx = nl80211_get_ifidx(cb);
1888 if (ifidx < 0)
1889 return ifidx;
1890
1891 rtnl_lock();
1892
1893 netdev = __dev_get_by_index(sock_net(skb->sk), ifidx);
1894 if (!netdev) {
1895 err = -ENODEV;
1896 goto out_rtnl;
1897 }
1898
1899 dev = cfg80211_get_dev_from_ifindex(sock_net(skb->sk), ifidx);
1900 if (IS_ERR(dev)) {
1901 err = PTR_ERR(dev);
1902 goto out_rtnl;
1903 }
1904
1905 if (!dev->ops->dump_station) {
1906 err = -EOPNOTSUPP;
1907 goto out_err;
1908 }
1909
1910 while (1) {
1911 err = dev->ops->dump_station(&dev->wiphy, netdev, sta_idx,
1912 mac_addr, &sinfo);
1913 if (err == -ENOENT)
1914 break;
1915 if (err)
1916 goto out_err;
1917
1918 if (nl80211_send_station(skb,
1919 NETLINK_CB(cb->skb).pid,
1920 cb->nlh->nlmsg_seq, NLM_F_MULTI,
1921 netdev, mac_addr,
1922 &sinfo) < 0)
1923 goto out;
1924
1925 sta_idx++;
1926 }
1927
1928
1929 out:
1930 cb->args[1] = sta_idx;
1931 err = skb->len;
1932 out_err:
1933 cfg80211_unlock_rdev(dev);
1934 out_rtnl:
1935 rtnl_unlock();
1936
1937 return err;
1938 }
1939
1940 static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info)
1941 {
1942 struct cfg80211_registered_device *rdev;
1943 int err;
1944 struct net_device *dev;
1945 struct station_info sinfo;
1946 struct sk_buff *msg;
1947 u8 *mac_addr = NULL;
1948
1949 memset(&sinfo, 0, sizeof(sinfo));
1950
1951 if (!info->attrs[NL80211_ATTR_MAC])
1952 return -EINVAL;
1953
1954 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
1955
1956 rtnl_lock();
1957
1958 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
1959 if (err)
1960 goto out_rtnl;
1961
1962 if (!rdev->ops->get_station) {
1963 err = -EOPNOTSUPP;
1964 goto out;
1965 }
1966
1967 err = rdev->ops->get_station(&rdev->wiphy, dev, mac_addr, &sinfo);
1968 if (err)
1969 goto out;
1970
1971 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
1972 if (!msg)
1973 goto out;
1974
1975 if (nl80211_send_station(msg, info->snd_pid, info->snd_seq, 0,
1976 dev, mac_addr, &sinfo) < 0)
1977 goto out_free;
1978
1979 err = genlmsg_reply(msg, info);
1980 goto out;
1981
1982 out_free:
1983 nlmsg_free(msg);
1984 out:
1985 cfg80211_unlock_rdev(rdev);
1986 dev_put(dev);
1987 out_rtnl:
1988 rtnl_unlock();
1989
1990 return err;
1991 }
1992
1993 /*
1994 * Get vlan interface making sure it is running and on the right wiphy.
1995 */
1996 static int get_vlan(struct genl_info *info,
1997 struct cfg80211_registered_device *rdev,
1998 struct net_device **vlan)
1999 {
2000 struct nlattr *vlanattr = info->attrs[NL80211_ATTR_STA_VLAN];
2001 *vlan = NULL;
2002
2003 if (vlanattr) {
2004 *vlan = dev_get_by_index(genl_info_net(info),
2005 nla_get_u32(vlanattr));
2006 if (!*vlan)
2007 return -ENODEV;
2008 if (!(*vlan)->ieee80211_ptr)
2009 return -EINVAL;
2010 if ((*vlan)->ieee80211_ptr->wiphy != &rdev->wiphy)
2011 return -EINVAL;
2012 if (!netif_running(*vlan))
2013 return -ENETDOWN;
2014 }
2015 return 0;
2016 }
2017
2018 static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info)
2019 {
2020 struct cfg80211_registered_device *rdev;
2021 int err;
2022 struct net_device *dev;
2023 struct station_parameters params;
2024 u8 *mac_addr = NULL;
2025
2026 memset(&params, 0, sizeof(params));
2027
2028 params.listen_interval = -1;
2029
2030 if (info->attrs[NL80211_ATTR_STA_AID])
2031 return -EINVAL;
2032
2033 if (!info->attrs[NL80211_ATTR_MAC])
2034 return -EINVAL;
2035
2036 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
2037
2038 if (info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) {
2039 params.supported_rates =
2040 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
2041 params.supported_rates_len =
2042 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
2043 }
2044
2045 if (info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL])
2046 params.listen_interval =
2047 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]);
2048
2049 if (info->attrs[NL80211_ATTR_HT_CAPABILITY])
2050 params.ht_capa =
2051 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]);
2052
2053 if (parse_station_flags(info, &params))
2054 return -EINVAL;
2055
2056 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION])
2057 params.plink_action =
2058 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]);
2059
2060 rtnl_lock();
2061
2062 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
2063 if (err)
2064 goto out_rtnl;
2065
2066 err = get_vlan(info, rdev, &params.vlan);
2067 if (err)
2068 goto out;
2069
2070 /* validate settings */
2071 err = 0;
2072
2073 switch (dev->ieee80211_ptr->iftype) {
2074 case NL80211_IFTYPE_AP:
2075 case NL80211_IFTYPE_AP_VLAN:
2076 /* disallow mesh-specific things */
2077 if (params.plink_action)
2078 err = -EINVAL;
2079 break;
2080 case NL80211_IFTYPE_STATION:
2081 /* disallow everything but AUTHORIZED flag */
2082 if (params.plink_action)
2083 err = -EINVAL;
2084 if (params.vlan)
2085 err = -EINVAL;
2086 if (params.supported_rates)
2087 err = -EINVAL;
2088 if (params.ht_capa)
2089 err = -EINVAL;
2090 if (params.listen_interval >= 0)
2091 err = -EINVAL;
2092 if (params.sta_flags_mask & ~BIT(NL80211_STA_FLAG_AUTHORIZED))
2093 err = -EINVAL;
2094 break;
2095 case NL80211_IFTYPE_MESH_POINT:
2096 /* disallow things mesh doesn't support */
2097 if (params.vlan)
2098 err = -EINVAL;
2099 if (params.ht_capa)
2100 err = -EINVAL;
2101 if (params.listen_interval >= 0)
2102 err = -EINVAL;
2103 if (params.supported_rates)
2104 err = -EINVAL;
2105 if (params.sta_flags_mask)
2106 err = -EINVAL;
2107 break;
2108 default:
2109 err = -EINVAL;
2110 }
2111
2112 if (err)
2113 goto out;
2114
2115 if (!rdev->ops->change_station) {
2116 err = -EOPNOTSUPP;
2117 goto out;
2118 }
2119
2120 err = rdev->ops->change_station(&rdev->wiphy, dev, mac_addr, &params);
2121
2122 out:
2123 if (params.vlan)
2124 dev_put(params.vlan);
2125 cfg80211_unlock_rdev(rdev);
2126 dev_put(dev);
2127 out_rtnl:
2128 rtnl_unlock();
2129
2130 return err;
2131 }
2132
2133 static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info)
2134 {
2135 struct cfg80211_registered_device *rdev;
2136 int err;
2137 struct net_device *dev;
2138 struct station_parameters params;
2139 u8 *mac_addr = NULL;
2140
2141 memset(&params, 0, sizeof(params));
2142
2143 if (!info->attrs[NL80211_ATTR_MAC])
2144 return -EINVAL;
2145
2146 if (!info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL])
2147 return -EINVAL;
2148
2149 if (!info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES])
2150 return -EINVAL;
2151
2152 if (!info->attrs[NL80211_ATTR_STA_AID])
2153 return -EINVAL;
2154
2155 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
2156 params.supported_rates =
2157 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
2158 params.supported_rates_len =
2159 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
2160 params.listen_interval =
2161 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]);
2162
2163 params.aid = nla_get_u16(info->attrs[NL80211_ATTR_STA_AID]);
2164 if (!params.aid || params.aid > IEEE80211_MAX_AID)
2165 return -EINVAL;
2166
2167 if (info->attrs[NL80211_ATTR_HT_CAPABILITY])
2168 params.ht_capa =
2169 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]);
2170
2171 if (parse_station_flags(info, &params))
2172 return -EINVAL;
2173
2174 rtnl_lock();
2175
2176 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
2177 if (err)
2178 goto out_rtnl;
2179
2180 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
2181 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN) {
2182 err = -EINVAL;
2183 goto out;
2184 }
2185
2186 err = get_vlan(info, rdev, &params.vlan);
2187 if (err)
2188 goto out;
2189
2190 /* validate settings */
2191 err = 0;
2192
2193 if (!rdev->ops->add_station) {
2194 err = -EOPNOTSUPP;
2195 goto out;
2196 }
2197
2198 if (!netif_running(dev)) {
2199 err = -ENETDOWN;
2200 goto out;
2201 }
2202
2203 err = rdev->ops->add_station(&rdev->wiphy, dev, mac_addr, &params);
2204
2205 out:
2206 if (params.vlan)
2207 dev_put(params.vlan);
2208 cfg80211_unlock_rdev(rdev);
2209 dev_put(dev);
2210 out_rtnl:
2211 rtnl_unlock();
2212
2213 return err;
2214 }
2215
2216 static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info)
2217 {
2218 struct cfg80211_registered_device *rdev;
2219 int err;
2220 struct net_device *dev;
2221 u8 *mac_addr = NULL;
2222
2223 if (info->attrs[NL80211_ATTR_MAC])
2224 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
2225
2226 rtnl_lock();
2227
2228 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
2229 if (err)
2230 goto out_rtnl;
2231
2232 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
2233 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN &&
2234 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) {
2235 err = -EINVAL;
2236 goto out;
2237 }
2238
2239 if (!rdev->ops->del_station) {
2240 err = -EOPNOTSUPP;
2241 goto out;
2242 }
2243
2244 err = rdev->ops->del_station(&rdev->wiphy, dev, mac_addr);
2245
2246 out:
2247 cfg80211_unlock_rdev(rdev);
2248 dev_put(dev);
2249 out_rtnl:
2250 rtnl_unlock();
2251
2252 return err;
2253 }
2254
2255 static int nl80211_send_mpath(struct sk_buff *msg, u32 pid, u32 seq,
2256 int flags, struct net_device *dev,
2257 u8 *dst, u8 *next_hop,
2258 struct mpath_info *pinfo)
2259 {
2260 void *hdr;
2261 struct nlattr *pinfoattr;
2262
2263 hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_STATION);
2264 if (!hdr)
2265 return -1;
2266
2267 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex);
2268 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, dst);
2269 NLA_PUT(msg, NL80211_ATTR_MPATH_NEXT_HOP, ETH_ALEN, next_hop);
2270
2271 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, pinfo->generation);
2272
2273 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MPATH_INFO);
2274 if (!pinfoattr)
2275 goto nla_put_failure;
2276 if (pinfo->filled & MPATH_INFO_FRAME_QLEN)
2277 NLA_PUT_U32(msg, NL80211_MPATH_INFO_FRAME_QLEN,
2278 pinfo->frame_qlen);
2279 if (pinfo->filled & MPATH_INFO_SN)
2280 NLA_PUT_U32(msg, NL80211_MPATH_INFO_SN,
2281 pinfo->sn);
2282 if (pinfo->filled & MPATH_INFO_METRIC)
2283 NLA_PUT_U32(msg, NL80211_MPATH_INFO_METRIC,
2284 pinfo->metric);
2285 if (pinfo->filled & MPATH_INFO_EXPTIME)
2286 NLA_PUT_U32(msg, NL80211_MPATH_INFO_EXPTIME,
2287 pinfo->exptime);
2288 if (pinfo->filled & MPATH_INFO_FLAGS)
2289 NLA_PUT_U8(msg, NL80211_MPATH_INFO_FLAGS,
2290 pinfo->flags);
2291 if (pinfo->filled & MPATH_INFO_DISCOVERY_TIMEOUT)
2292 NLA_PUT_U32(msg, NL80211_MPATH_INFO_DISCOVERY_TIMEOUT,
2293 pinfo->discovery_timeout);
2294 if (pinfo->filled & MPATH_INFO_DISCOVERY_RETRIES)
2295 NLA_PUT_U8(msg, NL80211_MPATH_INFO_DISCOVERY_RETRIES,
2296 pinfo->discovery_retries);
2297
2298 nla_nest_end(msg, pinfoattr);
2299
2300 return genlmsg_end(msg, hdr);
2301
2302 nla_put_failure:
2303 genlmsg_cancel(msg, hdr);
2304 return -EMSGSIZE;
2305 }
2306
2307 static int nl80211_dump_mpath(struct sk_buff *skb,
2308 struct netlink_callback *cb)
2309 {
2310 struct mpath_info pinfo;
2311 struct cfg80211_registered_device *dev;
2312 struct net_device *netdev;
2313 u8 dst[ETH_ALEN];
2314 u8 next_hop[ETH_ALEN];
2315 int ifidx = cb->args[0];
2316 int path_idx = cb->args[1];
2317 int err;
2318
2319 if (!ifidx)
2320 ifidx = nl80211_get_ifidx(cb);
2321 if (ifidx < 0)
2322 return ifidx;
2323
2324 rtnl_lock();
2325
2326 netdev = __dev_get_by_index(sock_net(skb->sk), ifidx);
2327 if (!netdev) {
2328 err = -ENODEV;
2329 goto out_rtnl;
2330 }
2331
2332 dev = cfg80211_get_dev_from_ifindex(sock_net(skb->sk), ifidx);
2333 if (IS_ERR(dev)) {
2334 err = PTR_ERR(dev);
2335 goto out_rtnl;
2336 }
2337
2338 if (!dev->ops->dump_mpath) {
2339 err = -EOPNOTSUPP;
2340 goto out_err;
2341 }
2342
2343 if (netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) {
2344 err = -EOPNOTSUPP;
2345 goto out_err;
2346 }
2347
2348 while (1) {
2349 err = dev->ops->dump_mpath(&dev->wiphy, netdev, path_idx,
2350 dst, next_hop, &pinfo);
2351 if (err == -ENOENT)
2352 break;
2353 if (err)
2354 goto out_err;
2355
2356 if (nl80211_send_mpath(skb, NETLINK_CB(cb->skb).pid,
2357 cb->nlh->nlmsg_seq, NLM_F_MULTI,
2358 netdev, dst, next_hop,
2359 &pinfo) < 0)
2360 goto out;
2361
2362 path_idx++;
2363 }
2364
2365
2366 out:
2367 cb->args[1] = path_idx;
2368 err = skb->len;
2369 out_err:
2370 cfg80211_unlock_rdev(dev);
2371 out_rtnl:
2372 rtnl_unlock();
2373
2374 return err;
2375 }
2376
2377 static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info)
2378 {
2379 struct cfg80211_registered_device *rdev;
2380 int err;
2381 struct net_device *dev;
2382 struct mpath_info pinfo;
2383 struct sk_buff *msg;
2384 u8 *dst = NULL;
2385 u8 next_hop[ETH_ALEN];
2386
2387 memset(&pinfo, 0, sizeof(pinfo));
2388
2389 if (!info->attrs[NL80211_ATTR_MAC])
2390 return -EINVAL;
2391
2392 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
2393
2394 rtnl_lock();
2395
2396 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
2397 if (err)
2398 goto out_rtnl;
2399
2400 if (!rdev->ops->get_mpath) {
2401 err = -EOPNOTSUPP;
2402 goto out;
2403 }
2404
2405 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) {
2406 err = -EOPNOTSUPP;
2407 goto out;
2408 }
2409
2410 err = rdev->ops->get_mpath(&rdev->wiphy, dev, dst, next_hop, &pinfo);
2411 if (err)
2412 goto out;
2413
2414 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
2415 if (!msg)
2416 goto out;
2417
2418 if (nl80211_send_mpath(msg, info->snd_pid, info->snd_seq, 0,
2419 dev, dst, next_hop, &pinfo) < 0)
2420 goto out_free;
2421
2422 err = genlmsg_reply(msg, info);
2423 goto out;
2424
2425 out_free:
2426 nlmsg_free(msg);
2427 out:
2428 cfg80211_unlock_rdev(rdev);
2429 dev_put(dev);
2430 out_rtnl:
2431 rtnl_unlock();
2432
2433 return err;
2434 }
2435
2436 static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info)
2437 {
2438 struct cfg80211_registered_device *rdev;
2439 int err;
2440 struct net_device *dev;
2441 u8 *dst = NULL;
2442 u8 *next_hop = NULL;
2443
2444 if (!info->attrs[NL80211_ATTR_MAC])
2445 return -EINVAL;
2446
2447 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP])
2448 return -EINVAL;
2449
2450 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
2451 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]);
2452
2453 rtnl_lock();
2454
2455 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
2456 if (err)
2457 goto out_rtnl;
2458
2459 if (!rdev->ops->change_mpath) {
2460 err = -EOPNOTSUPP;
2461 goto out;
2462 }
2463
2464 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) {
2465 err = -EOPNOTSUPP;
2466 goto out;
2467 }
2468
2469 if (!netif_running(dev)) {
2470 err = -ENETDOWN;
2471 goto out;
2472 }
2473
2474 err = rdev->ops->change_mpath(&rdev->wiphy, dev, dst, next_hop);
2475
2476 out:
2477 cfg80211_unlock_rdev(rdev);
2478 dev_put(dev);
2479 out_rtnl:
2480 rtnl_unlock();
2481
2482 return err;
2483 }
2484 static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info)
2485 {
2486 struct cfg80211_registered_device *rdev;
2487 int err;
2488 struct net_device *dev;
2489 u8 *dst = NULL;
2490 u8 *next_hop = NULL;
2491
2492 if (!info->attrs[NL80211_ATTR_MAC])
2493 return -EINVAL;
2494
2495 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP])
2496 return -EINVAL;
2497
2498 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
2499 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]);
2500
2501 rtnl_lock();
2502
2503 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
2504 if (err)
2505 goto out_rtnl;
2506
2507 if (!rdev->ops->add_mpath) {
2508 err = -EOPNOTSUPP;
2509 goto out;
2510 }
2511
2512 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT) {
2513 err = -EOPNOTSUPP;
2514 goto out;
2515 }
2516
2517 if (!netif_running(dev)) {
2518 err = -ENETDOWN;
2519 goto out;
2520 }
2521
2522 err = rdev->ops->add_mpath(&rdev->wiphy, dev, dst, next_hop);
2523
2524 out:
2525 cfg80211_unlock_rdev(rdev);
2526 dev_put(dev);
2527 out_rtnl:
2528 rtnl_unlock();
2529
2530 return err;
2531 }
2532
2533 static int nl80211_del_mpath(struct sk_buff *skb, struct genl_info *info)
2534 {
2535 struct cfg80211_registered_device *rdev;
2536 int err;
2537 struct net_device *dev;
2538 u8 *dst = NULL;
2539
2540 if (info->attrs[NL80211_ATTR_MAC])
2541 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
2542
2543 rtnl_lock();
2544
2545 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
2546 if (err)
2547 goto out_rtnl;
2548
2549 if (!rdev->ops->del_mpath) {
2550 err = -EOPNOTSUPP;
2551 goto out;
2552 }
2553
2554 err = rdev->ops->del_mpath(&rdev->wiphy, dev, dst);
2555
2556 out:
2557 cfg80211_unlock_rdev(rdev);
2558 dev_put(dev);
2559 out_rtnl:
2560 rtnl_unlock();
2561
2562 return err;
2563 }
2564
2565 static int nl80211_set_bss(struct sk_buff *skb, struct genl_info *info)
2566 {
2567 struct cfg80211_registered_device *rdev;
2568 int err;
2569 struct net_device *dev;
2570 struct bss_parameters params;
2571
2572 memset(&params, 0, sizeof(params));
2573 /* default to not changing parameters */
2574 params.use_cts_prot = -1;
2575 params.use_short_preamble = -1;
2576 params.use_short_slot_time = -1;
2577 params.ap_isolate = -1;
2578
2579 if (info->attrs[NL80211_ATTR_BSS_CTS_PROT])
2580 params.use_cts_prot =
2581 nla_get_u8(info->attrs[NL80211_ATTR_BSS_CTS_PROT]);
2582 if (info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE])
2583 params.use_short_preamble =
2584 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]);
2585 if (info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME])
2586 params.use_short_slot_time =
2587 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]);
2588 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) {
2589 params.basic_rates =
2590 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
2591 params.basic_rates_len =
2592 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
2593 }
2594 if (info->attrs[NL80211_ATTR_AP_ISOLATE])
2595 params.ap_isolate = !!nla_get_u8(info->attrs[NL80211_ATTR_AP_ISOLATE]);
2596
2597 rtnl_lock();
2598
2599 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
2600 if (err)
2601 goto out_rtnl;
2602
2603 if (!rdev->ops->change_bss) {
2604 err = -EOPNOTSUPP;
2605 goto out;
2606 }
2607
2608 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP) {
2609 err = -EOPNOTSUPP;
2610 goto out;
2611 }
2612
2613 err = rdev->ops->change_bss(&rdev->wiphy, dev, &params);
2614
2615 out:
2616 cfg80211_unlock_rdev(rdev);
2617 dev_put(dev);
2618 out_rtnl:
2619 rtnl_unlock();
2620
2621 return err;
2622 }
2623
2624 static const struct nla_policy reg_rule_policy[NL80211_REG_RULE_ATTR_MAX + 1] = {
2625 [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 },
2626 [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 },
2627 [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 },
2628 [NL80211_ATTR_FREQ_RANGE_MAX_BW] = { .type = NLA_U32 },
2629 [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 },
2630 [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 },
2631 };
2632
2633 static int parse_reg_rule(struct nlattr *tb[],
2634 struct ieee80211_reg_rule *reg_rule)
2635 {
2636 struct ieee80211_freq_range *freq_range = &reg_rule->freq_range;
2637 struct ieee80211_power_rule *power_rule = &reg_rule->power_rule;
2638
2639 if (!tb[NL80211_ATTR_REG_RULE_FLAGS])
2640 return -EINVAL;
2641 if (!tb[NL80211_ATTR_FREQ_RANGE_START])
2642 return -EINVAL;
2643 if (!tb[NL80211_ATTR_FREQ_RANGE_END])
2644 return -EINVAL;
2645 if (!tb[NL80211_ATTR_FREQ_RANGE_MAX_BW])
2646 return -EINVAL;
2647 if (!tb[NL80211_ATTR_POWER_RULE_MAX_EIRP])
2648 return -EINVAL;
2649
2650 reg_rule->flags = nla_get_u32(tb[NL80211_ATTR_REG_RULE_FLAGS]);
2651
2652 freq_range->start_freq_khz =
2653 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]);
2654 freq_range->end_freq_khz =
2655 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]);
2656 freq_range->max_bandwidth_khz =
2657 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]);
2658
2659 power_rule->max_eirp =
2660 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]);
2661
2662 if (tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN])
2663 power_rule->max_antenna_gain =
2664 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]);
2665
2666 return 0;
2667 }
2668
2669 static int nl80211_req_set_reg(struct sk_buff *skb, struct genl_info *info)
2670 {
2671 int r;
2672 char *data = NULL;
2673
2674 /*
2675 * You should only get this when cfg80211 hasn't yet initialized
2676 * completely when built-in to the kernel right between the time
2677 * window between nl80211_init() and regulatory_init(), if that is
2678 * even possible.
2679 */
2680 mutex_lock(&cfg80211_mutex);
2681 if (unlikely(!cfg80211_regdomain)) {
2682 mutex_unlock(&cfg80211_mutex);
2683 return -EINPROGRESS;
2684 }
2685 mutex_unlock(&cfg80211_mutex);
2686
2687 if (!info->attrs[NL80211_ATTR_REG_ALPHA2])
2688 return -EINVAL;
2689
2690 data = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]);
2691
2692 r = regulatory_hint_user(data);
2693
2694 return r;
2695 }
2696
2697 static int nl80211_get_mesh_params(struct sk_buff *skb,
2698 struct genl_info *info)
2699 {
2700 struct cfg80211_registered_device *rdev;
2701 struct mesh_config cur_params;
2702 int err;
2703 struct net_device *dev;
2704 void *hdr;
2705 struct nlattr *pinfoattr;
2706 struct sk_buff *msg;
2707
2708 rtnl_lock();
2709
2710 /* Look up our device */
2711 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
2712 if (err)
2713 goto out_rtnl;
2714
2715 if (!rdev->ops->get_mesh_params) {
2716 err = -EOPNOTSUPP;
2717 goto out;
2718 }
2719
2720 /* Get the mesh params */
2721 err = rdev->ops->get_mesh_params(&rdev->wiphy, dev, &cur_params);
2722 if (err)
2723 goto out;
2724
2725 /* Draw up a netlink message to send back */
2726 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
2727 if (!msg) {
2728 err = -ENOBUFS;
2729 goto out;
2730 }
2731 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0,
2732 NL80211_CMD_GET_MESH_PARAMS);
2733 if (!hdr)
2734 goto nla_put_failure;
2735 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MESH_PARAMS);
2736 if (!pinfoattr)
2737 goto nla_put_failure;
2738 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex);
2739 NLA_PUT_U16(msg, NL80211_MESHCONF_RETRY_TIMEOUT,
2740 cur_params.dot11MeshRetryTimeout);
2741 NLA_PUT_U16(msg, NL80211_MESHCONF_CONFIRM_TIMEOUT,
2742 cur_params.dot11MeshConfirmTimeout);
2743 NLA_PUT_U16(msg, NL80211_MESHCONF_HOLDING_TIMEOUT,
2744 cur_params.dot11MeshHoldingTimeout);
2745 NLA_PUT_U16(msg, NL80211_MESHCONF_MAX_PEER_LINKS,
2746 cur_params.dot11MeshMaxPeerLinks);
2747 NLA_PUT_U8(msg, NL80211_MESHCONF_MAX_RETRIES,
2748 cur_params.dot11MeshMaxRetries);
2749 NLA_PUT_U8(msg, NL80211_MESHCONF_TTL,
2750 cur_params.dot11MeshTTL);
2751 NLA_PUT_U8(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS,
2752 cur_params.auto_open_plinks);
2753 NLA_PUT_U8(msg, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES,
2754 cur_params.dot11MeshHWMPmaxPREQretries);
2755 NLA_PUT_U32(msg, NL80211_MESHCONF_PATH_REFRESH_TIME,
2756 cur_params.path_refresh_time);
2757 NLA_PUT_U16(msg, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT,
2758 cur_params.min_discovery_timeout);
2759 NLA_PUT_U32(msg, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT,
2760 cur_params.dot11MeshHWMPactivePathTimeout);
2761 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL,
2762 cur_params.dot11MeshHWMPpreqMinInterval);
2763 NLA_PUT_U16(msg, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME,
2764 cur_params.dot11MeshHWMPnetDiameterTraversalTime);
2765 NLA_PUT_U8(msg, NL80211_MESHCONF_HWMP_ROOTMODE,
2766 cur_params.dot11MeshHWMPRootMode);
2767 nla_nest_end(msg, pinfoattr);
2768 genlmsg_end(msg, hdr);
2769 err = genlmsg_reply(msg, info);
2770 goto out;
2771
2772 nla_put_failure:
2773 genlmsg_cancel(msg, hdr);
2774 nlmsg_free(msg);
2775 err = -EMSGSIZE;
2776 out:
2777 /* Cleanup */
2778 cfg80211_unlock_rdev(rdev);
2779 dev_put(dev);
2780 out_rtnl:
2781 rtnl_unlock();
2782
2783 return err;
2784 }
2785
2786 #define FILL_IN_MESH_PARAM_IF_SET(table, cfg, param, mask, attr_num, nla_fn) \
2787 do {\
2788 if (table[attr_num]) {\
2789 cfg.param = nla_fn(table[attr_num]); \
2790 mask |= (1 << (attr_num - 1)); \
2791 } \
2792 } while (0);\
2793
2794 static const struct nla_policy nl80211_meshconf_params_policy[NL80211_MESHCONF_ATTR_MAX+1] = {
2795 [NL80211_MESHCONF_RETRY_TIMEOUT] = { .type = NLA_U16 },
2796 [NL80211_MESHCONF_CONFIRM_TIMEOUT] = { .type = NLA_U16 },
2797 [NL80211_MESHCONF_HOLDING_TIMEOUT] = { .type = NLA_U16 },
2798 [NL80211_MESHCONF_MAX_PEER_LINKS] = { .type = NLA_U16 },
2799 [NL80211_MESHCONF_MAX_RETRIES] = { .type = NLA_U8 },
2800 [NL80211_MESHCONF_TTL] = { .type = NLA_U8 },
2801 [NL80211_MESHCONF_AUTO_OPEN_PLINKS] = { .type = NLA_U8 },
2802
2803 [NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES] = { .type = NLA_U8 },
2804 [NL80211_MESHCONF_PATH_REFRESH_TIME] = { .type = NLA_U32 },
2805 [NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT] = { .type = NLA_U16 },
2806 [NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT] = { .type = NLA_U32 },
2807 [NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL] = { .type = NLA_U16 },
2808 [NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME] = { .type = NLA_U16 },
2809 };
2810
2811 static int nl80211_set_mesh_params(struct sk_buff *skb, struct genl_info *info)
2812 {
2813 int err;
2814 u32 mask;
2815 struct cfg80211_registered_device *rdev;
2816 struct net_device *dev;
2817 struct mesh_config cfg;
2818 struct nlattr *tb[NL80211_MESHCONF_ATTR_MAX + 1];
2819 struct nlattr *parent_attr;
2820
2821 parent_attr = info->attrs[NL80211_ATTR_MESH_PARAMS];
2822 if (!parent_attr)
2823 return -EINVAL;
2824 if (nla_parse_nested(tb, NL80211_MESHCONF_ATTR_MAX,
2825 parent_attr, nl80211_meshconf_params_policy))
2826 return -EINVAL;
2827
2828 rtnl_lock();
2829
2830 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
2831 if (err)
2832 goto out_rtnl;
2833
2834 if (!rdev->ops->set_mesh_params) {
2835 err = -EOPNOTSUPP;
2836 goto out;
2837 }
2838
2839 /* This makes sure that there aren't more than 32 mesh config
2840 * parameters (otherwise our bitfield scheme would not work.) */
2841 BUILD_BUG_ON(NL80211_MESHCONF_ATTR_MAX > 32);
2842
2843 /* Fill in the params struct */
2844 mask = 0;
2845 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshRetryTimeout,
2846 mask, NL80211_MESHCONF_RETRY_TIMEOUT, nla_get_u16);
2847 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshConfirmTimeout,
2848 mask, NL80211_MESHCONF_CONFIRM_TIMEOUT, nla_get_u16);
2849 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHoldingTimeout,
2850 mask, NL80211_MESHCONF_HOLDING_TIMEOUT, nla_get_u16);
2851 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxPeerLinks,
2852 mask, NL80211_MESHCONF_MAX_PEER_LINKS, nla_get_u16);
2853 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxRetries,
2854 mask, NL80211_MESHCONF_MAX_RETRIES, nla_get_u8);
2855 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshTTL,
2856 mask, NL80211_MESHCONF_TTL, nla_get_u8);
2857 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, auto_open_plinks,
2858 mask, NL80211_MESHCONF_AUTO_OPEN_PLINKS, nla_get_u8);
2859 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPmaxPREQretries,
2860 mask, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES,
2861 nla_get_u8);
2862 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, path_refresh_time,
2863 mask, NL80211_MESHCONF_PATH_REFRESH_TIME, nla_get_u32);
2864 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, min_discovery_timeout,
2865 mask, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT,
2866 nla_get_u16);
2867 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPactivePathTimeout,
2868 mask, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT,
2869 nla_get_u32);
2870 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPpreqMinInterval,
2871 mask, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL,
2872 nla_get_u16);
2873 FILL_IN_MESH_PARAM_IF_SET(tb, cfg,
2874 dot11MeshHWMPnetDiameterTraversalTime,
2875 mask, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME,
2876 nla_get_u16);
2877 FILL_IN_MESH_PARAM_IF_SET(tb, cfg,
2878 dot11MeshHWMPRootMode, mask,
2879 NL80211_MESHCONF_HWMP_ROOTMODE,
2880 nla_get_u8);
2881
2882 /* Apply changes */
2883 err = rdev->ops->set_mesh_params(&rdev->wiphy, dev, &cfg, mask);
2884
2885 out:
2886 /* cleanup */
2887 cfg80211_unlock_rdev(rdev);
2888 dev_put(dev);
2889 out_rtnl:
2890 rtnl_unlock();
2891
2892 return err;
2893 }
2894
2895 #undef FILL_IN_MESH_PARAM_IF_SET
2896
2897 static int nl80211_get_reg(struct sk_buff *skb, struct genl_info *info)
2898 {
2899 struct sk_buff *msg;
2900 void *hdr = NULL;
2901 struct nlattr *nl_reg_rules;
2902 unsigned int i;
2903 int err = -EINVAL;
2904
2905 mutex_lock(&cfg80211_mutex);
2906
2907 if (!cfg80211_regdomain)
2908 goto out;
2909
2910 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
2911 if (!msg) {
2912 err = -ENOBUFS;
2913 goto out;
2914 }
2915
2916 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0,
2917 NL80211_CMD_GET_REG);
2918 if (!hdr)
2919 goto nla_put_failure;
2920
2921 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2,
2922 cfg80211_regdomain->alpha2);
2923
2924 nl_reg_rules = nla_nest_start(msg, NL80211_ATTR_REG_RULES);
2925 if (!nl_reg_rules)
2926 goto nla_put_failure;
2927
2928 for (i = 0; i < cfg80211_regdomain->n_reg_rules; i++) {
2929 struct nlattr *nl_reg_rule;
2930 const struct ieee80211_reg_rule *reg_rule;
2931 const struct ieee80211_freq_range *freq_range;
2932 const struct ieee80211_power_rule *power_rule;
2933
2934 reg_rule = &cfg80211_regdomain->reg_rules[i];
2935 freq_range = &reg_rule->freq_range;
2936 power_rule = &reg_rule->power_rule;
2937
2938 nl_reg_rule = nla_nest_start(msg, i);
2939 if (!nl_reg_rule)
2940 goto nla_put_failure;
2941
2942 NLA_PUT_U32(msg, NL80211_ATTR_REG_RULE_FLAGS,
2943 reg_rule->flags);
2944 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_START,
2945 freq_range->start_freq_khz);
2946 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_END,
2947 freq_range->end_freq_khz);
2948 NLA_PUT_U32(msg, NL80211_ATTR_FREQ_RANGE_MAX_BW,
2949 freq_range->max_bandwidth_khz);
2950 NLA_PUT_U32(msg, NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN,
2951 power_rule->max_antenna_gain);
2952 NLA_PUT_U32(msg, NL80211_ATTR_POWER_RULE_MAX_EIRP,
2953 power_rule->max_eirp);
2954
2955 nla_nest_end(msg, nl_reg_rule);
2956 }
2957
2958 nla_nest_end(msg, nl_reg_rules);
2959
2960 genlmsg_end(msg, hdr);
2961 err = genlmsg_reply(msg, info);
2962 goto out;
2963
2964 nla_put_failure:
2965 genlmsg_cancel(msg, hdr);
2966 nlmsg_free(msg);
2967 err = -EMSGSIZE;
2968 out:
2969 mutex_unlock(&cfg80211_mutex);
2970 return err;
2971 }
2972
2973 static int nl80211_set_reg(struct sk_buff *skb, struct genl_info *info)
2974 {
2975 struct nlattr *tb[NL80211_REG_RULE_ATTR_MAX + 1];
2976 struct nlattr *nl_reg_rule;
2977 char *alpha2 = NULL;
2978 int rem_reg_rules = 0, r = 0;
2979 u32 num_rules = 0, rule_idx = 0, size_of_regd;
2980 struct ieee80211_regdomain *rd = NULL;
2981
2982 if (!info->attrs[NL80211_ATTR_REG_ALPHA2])
2983 return -EINVAL;
2984
2985 if (!info->attrs[NL80211_ATTR_REG_RULES])
2986 return -EINVAL;
2987
2988 alpha2 = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]);
2989
2990 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES],
2991 rem_reg_rules) {
2992 num_rules++;
2993 if (num_rules > NL80211_MAX_SUPP_REG_RULES)
2994 return -EINVAL;
2995 }
2996
2997 mutex_lock(&cfg80211_mutex);
2998
2999 if (!reg_is_valid_request(alpha2)) {
3000 r = -EINVAL;
3001 goto bad_reg;
3002 }
3003
3004 size_of_regd = sizeof(struct ieee80211_regdomain) +
3005 (num_rules * sizeof(struct ieee80211_reg_rule));
3006
3007 rd = kzalloc(size_of_regd, GFP_KERNEL);
3008 if (!rd) {
3009 r = -ENOMEM;
3010 goto bad_reg;
3011 }
3012
3013 rd->n_reg_rules = num_rules;
3014 rd->alpha2[0] = alpha2[0];
3015 rd->alpha2[1] = alpha2[1];
3016
3017 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES],
3018 rem_reg_rules) {
3019 nla_parse(tb, NL80211_REG_RULE_ATTR_MAX,
3020 nla_data(nl_reg_rule), nla_len(nl_reg_rule),
3021 reg_rule_policy);
3022 r = parse_reg_rule(tb, &rd->reg_rules[rule_idx]);
3023 if (r)
3024 goto bad_reg;
3025
3026 rule_idx++;
3027
3028 if (rule_idx > NL80211_MAX_SUPP_REG_RULES) {
3029 r = -EINVAL;
3030 goto bad_reg;
3031 }
3032 }
3033
3034 BUG_ON(rule_idx != num_rules);
3035
3036 r = set_regdom(rd);
3037
3038 mutex_unlock(&cfg80211_mutex);
3039
3040 return r;
3041
3042 bad_reg:
3043 mutex_unlock(&cfg80211_mutex);
3044 kfree(rd);
3045 return r;
3046 }
3047
3048 static int validate_scan_freqs(struct nlattr *freqs)
3049 {
3050 struct nlattr *attr1, *attr2;
3051 int n_channels = 0, tmp1, tmp2;
3052
3053 nla_for_each_nested(attr1, freqs, tmp1) {
3054 n_channels++;
3055 /*
3056 * Some hardware has a limited channel list for
3057 * scanning, and it is pretty much nonsensical
3058 * to scan for a channel twice, so disallow that
3059 * and don't require drivers to check that the
3060 * channel list they get isn't longer than what
3061 * they can scan, as long as they can scan all
3062 * the channels they registered at once.
3063 */
3064 nla_for_each_nested(attr2, freqs, tmp2)
3065 if (attr1 != attr2 &&
3066 nla_get_u32(attr1) == nla_get_u32(attr2))
3067 return 0;
3068 }
3069
3070 return n_channels;
3071 }
3072
3073 static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info)
3074 {
3075 struct cfg80211_registered_device *rdev;
3076 struct net_device *dev;
3077 struct cfg80211_scan_request *request;
3078 struct cfg80211_ssid *ssid;
3079 struct ieee80211_channel *channel;
3080 struct nlattr *attr;
3081 struct wiphy *wiphy;
3082 int err, tmp, n_ssids = 0, n_channels, i;
3083 enum ieee80211_band band;
3084 size_t ie_len;
3085
3086 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
3087 return -EINVAL;
3088
3089 rtnl_lock();
3090
3091 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
3092 if (err)
3093 goto out_rtnl;
3094
3095 wiphy = &rdev->wiphy;
3096
3097 if (!rdev->ops->scan) {
3098 err = -EOPNOTSUPP;
3099 goto out;
3100 }
3101
3102 if (!netif_running(dev)) {
3103 err = -ENETDOWN;
3104 goto out;
3105 }
3106
3107 if (rdev->scan_req) {
3108 err = -EBUSY;
3109 goto out;
3110 }
3111
3112 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
3113 n_channels = validate_scan_freqs(
3114 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]);
3115 if (!n_channels) {
3116 err = -EINVAL;
3117 goto out;
3118 }
3119 } else {
3120 n_channels = 0;
3121
3122 for (band = 0; band < IEEE80211_NUM_BANDS; band++)
3123 if (wiphy->bands[band])
3124 n_channels += wiphy->bands[band]->n_channels;
3125 }
3126
3127 if (info->attrs[NL80211_ATTR_SCAN_SSIDS])
3128 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp)
3129 n_ssids++;
3130
3131 if (n_ssids > wiphy->max_scan_ssids) {
3132 err = -EINVAL;
3133 goto out;
3134 }
3135
3136 if (info->attrs[NL80211_ATTR_IE])
3137 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
3138 else
3139 ie_len = 0;
3140
3141 if (ie_len > wiphy->max_scan_ie_len) {
3142 err = -EINVAL;
3143 goto out;
3144 }
3145
3146 request = kzalloc(sizeof(*request)
3147 + sizeof(*ssid) * n_ssids
3148 + sizeof(channel) * n_channels
3149 + ie_len, GFP_KERNEL);
3150 if (!request) {
3151 err = -ENOMEM;
3152 goto out;
3153 }
3154
3155 if (n_ssids)
3156 request->ssids = (void *)&request->channels[n_channels];
3157 request->n_ssids = n_ssids;
3158 if (ie_len) {
3159 if (request->ssids)
3160 request->ie = (void *)(request->ssids + n_ssids);
3161 else
3162 request->ie = (void *)(request->channels + n_channels);
3163 }
3164
3165 i = 0;
3166 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
3167 /* user specified, bail out if channel not found */
3168 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_FREQUENCIES], tmp) {
3169 struct ieee80211_channel *chan;
3170
3171 chan = ieee80211_get_channel(wiphy, nla_get_u32(attr));
3172
3173 if (!chan) {
3174 err = -EINVAL;
3175 goto out_free;
3176 }
3177
3178 /* ignore disabled channels */
3179 if (chan->flags & IEEE80211_CHAN_DISABLED)
3180 continue;
3181
3182 request->channels[i] = chan;
3183 i++;
3184 }
3185 } else {
3186 /* all channels */
3187 for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
3188 int j;
3189 if (!wiphy->bands[band])
3190 continue;
3191 for (j = 0; j < wiphy->bands[band]->n_channels; j++) {
3192 struct ieee80211_channel *chan;
3193
3194 chan = &wiphy->bands[band]->channels[j];
3195
3196 if (chan->flags & IEEE80211_CHAN_DISABLED)
3197 continue;
3198
3199 request->channels[i] = chan;
3200 i++;
3201 }
3202 }
3203 }
3204
3205 if (!i) {
3206 err = -EINVAL;
3207 goto out_free;
3208 }
3209
3210 request->n_channels = i;
3211
3212 i = 0;
3213 if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) {
3214 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) {
3215 if (request->ssids[i].ssid_len > IEEE80211_MAX_SSID_LEN) {
3216 err = -EINVAL;
3217 goto out_free;
3218 }
3219 memcpy(request->ssids[i].ssid, nla_data(attr), nla_len(attr));
3220 request->ssids[i].ssid_len = nla_len(attr);
3221 i++;
3222 }
3223 }
3224
3225 if (info->attrs[NL80211_ATTR_IE]) {
3226 request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
3227 memcpy((void *)request->ie,
3228 nla_data(info->attrs[NL80211_ATTR_IE]),
3229 request->ie_len);
3230 }
3231
3232 request->dev = dev;
3233 request->wiphy = &rdev->wiphy;
3234
3235 rdev->scan_req = request;
3236 err = rdev->ops->scan(&rdev->wiphy, dev, request);
3237
3238 if (!err) {
3239 nl80211_send_scan_start(rdev, dev);
3240 dev_hold(dev);
3241 }
3242
3243 out_free:
3244 if (err) {
3245 rdev->scan_req = NULL;
3246 kfree(request);
3247 }
3248 out:
3249 cfg80211_unlock_rdev(rdev);
3250 dev_put(dev);
3251 out_rtnl:
3252 rtnl_unlock();
3253
3254 return err;
3255 }
3256
3257 static int nl80211_send_bss(struct sk_buff *msg, u32 pid, u32 seq, int flags,
3258 struct cfg80211_registered_device *rdev,
3259 struct wireless_dev *wdev,
3260 struct cfg80211_internal_bss *intbss)
3261 {
3262 struct cfg80211_bss *res = &intbss->pub;
3263 void *hdr;
3264 struct nlattr *bss;
3265 int i;
3266
3267 ASSERT_WDEV_LOCK(wdev);
3268
3269 hdr = nl80211hdr_put(msg, pid, seq, flags,
3270 NL80211_CMD_NEW_SCAN_RESULTS);
3271 if (!hdr)
3272 return -1;
3273
3274 NLA_PUT_U32(msg, NL80211_ATTR_GENERATION, rdev->bss_generation);
3275 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, wdev->netdev->ifindex);
3276
3277 bss = nla_nest_start(msg, NL80211_ATTR_BSS);
3278 if (!bss)
3279 goto nla_put_failure;
3280 if (!is_zero_ether_addr(res->bssid))
3281 NLA_PUT(msg, NL80211_BSS_BSSID, ETH_ALEN, res->bssid);
3282 if (res->information_elements && res->len_information_elements)
3283 NLA_PUT(msg, NL80211_BSS_INFORMATION_ELEMENTS,
3284 res->len_information_elements,
3285 res->information_elements);
3286 if (res->beacon_ies && res->len_beacon_ies &&
3287 res->beacon_ies != res->information_elements)
3288 NLA_PUT(msg, NL80211_BSS_BEACON_IES,
3289 res->len_beacon_ies, res->beacon_ies);
3290 if (res->tsf)
3291 NLA_PUT_U64(msg, NL80211_BSS_TSF, res->tsf);
3292 if (res->beacon_interval)
3293 NLA_PUT_U16(msg, NL80211_BSS_BEACON_INTERVAL, res->beacon_interval);
3294 NLA_PUT_U16(msg, NL80211_BSS_CAPABILITY, res->capability);
3295 NLA_PUT_U32(msg, NL80211_BSS_FREQUENCY, res->channel->center_freq);
3296 NLA_PUT_U32(msg, NL80211_BSS_SEEN_MS_AGO,
3297 jiffies_to_msecs(jiffies - intbss->ts));
3298
3299 switch (rdev->wiphy.signal_type) {
3300 case CFG80211_SIGNAL_TYPE_MBM:
3301 NLA_PUT_U32(msg, NL80211_BSS_SIGNAL_MBM, res->signal);
3302 break;
3303 case CFG80211_SIGNAL_TYPE_UNSPEC:
3304 NLA_PUT_U8(msg, NL80211_BSS_SIGNAL_UNSPEC, res->signal);
3305 break;
3306 default:
3307 break;
3308 }
3309
3310 switch (wdev->iftype) {
3311 case NL80211_IFTYPE_STATION:
3312 if (intbss == wdev->current_bss)
3313 NLA_PUT_U32(msg, NL80211_BSS_STATUS,
3314 NL80211_BSS_STATUS_ASSOCIATED);
3315 else for (i = 0; i < MAX_AUTH_BSSES; i++) {
3316 if (intbss != wdev->auth_bsses[i])
3317 continue;
3318 NLA_PUT_U32(msg, NL80211_BSS_STATUS,
3319 NL80211_BSS_STATUS_AUTHENTICATED);
3320 break;
3321 }
3322 break;
3323 case NL80211_IFTYPE_ADHOC:
3324 if (intbss == wdev->current_bss)
3325 NLA_PUT_U32(msg, NL80211_BSS_STATUS,
3326 NL80211_BSS_STATUS_IBSS_JOINED);
3327 break;
3328 default:
3329 break;
3330 }
3331
3332 nla_nest_end(msg, bss);
3333
3334 return genlmsg_end(msg, hdr);
3335
3336 nla_put_failure:
3337 genlmsg_cancel(msg, hdr);
3338 return -EMSGSIZE;
3339 }
3340
3341 static int nl80211_dump_scan(struct sk_buff *skb,
3342 struct netlink_callback *cb)
3343 {
3344 struct cfg80211_registered_device *rdev;
3345 struct net_device *dev;
3346 struct cfg80211_internal_bss *scan;
3347 struct wireless_dev *wdev;
3348 int ifidx = cb->args[0];
3349 int start = cb->args[1], idx = 0;
3350 int err;
3351
3352 if (!ifidx)
3353 ifidx = nl80211_get_ifidx(cb);
3354 if (ifidx < 0)
3355 return ifidx;
3356 cb->args[0] = ifidx;
3357
3358 dev = dev_get_by_index(sock_net(skb->sk), ifidx);
3359 if (!dev)
3360 return -ENODEV;
3361
3362 rdev = cfg80211_get_dev_from_ifindex(sock_net(skb->sk), ifidx);
3363 if (IS_ERR(rdev)) {
3364 err = PTR_ERR(rdev);
3365 goto out_put_netdev;
3366 }
3367
3368 wdev = dev->ieee80211_ptr;
3369
3370 wdev_lock(wdev);
3371 spin_lock_bh(&rdev->bss_lock);
3372 cfg80211_bss_expire(rdev);
3373
3374 list_for_each_entry(scan, &rdev->bss_list, list) {
3375 if (++idx <= start)
3376 continue;
3377 if (nl80211_send_bss(skb,
3378 NETLINK_CB(cb->skb).pid,
3379 cb->nlh->nlmsg_seq, NLM_F_MULTI,
3380 rdev, wdev, scan) < 0) {
3381 idx--;
3382 goto out;
3383 }
3384 }
3385
3386 out:
3387 spin_unlock_bh(&rdev->bss_lock);
3388 wdev_unlock(wdev);
3389
3390 cb->args[1] = idx;
3391 err = skb->len;
3392 cfg80211_unlock_rdev(rdev);
3393 out_put_netdev:
3394 dev_put(dev);
3395
3396 return err;
3397 }
3398
3399 static int nl80211_send_survey(struct sk_buff *msg, u32 pid, u32 seq,
3400 int flags, struct net_device *dev,
3401 struct survey_info *survey)
3402 {
3403 void *hdr;
3404 struct nlattr *infoattr;
3405
3406 /* Survey without a channel doesn't make sense */
3407 if (!survey->channel)
3408 return -EINVAL;
3409
3410 hdr = nl80211hdr_put(msg, pid, seq, flags,
3411 NL80211_CMD_NEW_SURVEY_RESULTS);
3412 if (!hdr)
3413 return -ENOMEM;
3414
3415 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex);
3416
3417 infoattr = nla_nest_start(msg, NL80211_ATTR_SURVEY_INFO);
3418 if (!infoattr)
3419 goto nla_put_failure;
3420
3421 NLA_PUT_U32(msg, NL80211_SURVEY_INFO_FREQUENCY,
3422 survey->channel->center_freq);
3423 if (survey->filled & SURVEY_INFO_NOISE_DBM)
3424 NLA_PUT_U8(msg, NL80211_SURVEY_INFO_NOISE,
3425 survey->noise);
3426
3427 nla_nest_end(msg, infoattr);
3428
3429 return genlmsg_end(msg, hdr);
3430
3431 nla_put_failure:
3432 genlmsg_cancel(msg, hdr);
3433 return -EMSGSIZE;
3434 }
3435
3436 static int nl80211_dump_survey(struct sk_buff *skb,
3437 struct netlink_callback *cb)
3438 {
3439 struct survey_info survey;
3440 struct cfg80211_registered_device *dev;
3441 struct net_device *netdev;
3442 int ifidx = cb->args[0];
3443 int survey_idx = cb->args[1];
3444 int res;
3445
3446 if (!ifidx)
3447 ifidx = nl80211_get_ifidx(cb);
3448 if (ifidx < 0)
3449 return ifidx;
3450 cb->args[0] = ifidx;
3451
3452 rtnl_lock();
3453
3454 netdev = __dev_get_by_index(sock_net(skb->sk), ifidx);
3455 if (!netdev) {
3456 res = -ENODEV;
3457 goto out_rtnl;
3458 }
3459
3460 dev = cfg80211_get_dev_from_ifindex(sock_net(skb->sk), ifidx);
3461 if (IS_ERR(dev)) {
3462 res = PTR_ERR(dev);
3463 goto out_rtnl;
3464 }
3465
3466 if (!dev->ops->dump_survey) {
3467 res = -EOPNOTSUPP;
3468 goto out_err;
3469 }
3470
3471 while (1) {
3472 res = dev->ops->dump_survey(&dev->wiphy, netdev, survey_idx,
3473 &survey);
3474 if (res == -ENOENT)
3475 break;
3476 if (res)
3477 goto out_err;
3478
3479 if (nl80211_send_survey(skb,
3480 NETLINK_CB(cb->skb).pid,
3481 cb->nlh->nlmsg_seq, NLM_F_MULTI,
3482 netdev,
3483 &survey) < 0)
3484 goto out;
3485 survey_idx++;
3486 }
3487
3488 out:
3489 cb->args[1] = survey_idx;
3490 res = skb->len;
3491 out_err:
3492 cfg80211_unlock_rdev(dev);
3493 out_rtnl:
3494 rtnl_unlock();
3495
3496 return res;
3497 }
3498
3499 static bool nl80211_valid_auth_type(enum nl80211_auth_type auth_type)
3500 {
3501 return auth_type <= NL80211_AUTHTYPE_MAX;
3502 }
3503
3504 static bool nl80211_valid_wpa_versions(u32 wpa_versions)
3505 {
3506 return !(wpa_versions & ~(NL80211_WPA_VERSION_1 |
3507 NL80211_WPA_VERSION_2));
3508 }
3509
3510 static bool nl80211_valid_akm_suite(u32 akm)
3511 {
3512 return akm == WLAN_AKM_SUITE_8021X ||
3513 akm == WLAN_AKM_SUITE_PSK;
3514 }
3515
3516 static bool nl80211_valid_cipher_suite(u32 cipher)
3517 {
3518 return cipher == WLAN_CIPHER_SUITE_WEP40 ||
3519 cipher == WLAN_CIPHER_SUITE_WEP104 ||
3520 cipher == WLAN_CIPHER_SUITE_TKIP ||
3521 cipher == WLAN_CIPHER_SUITE_CCMP ||
3522 cipher == WLAN_CIPHER_SUITE_AES_CMAC;
3523 }
3524
3525
3526 static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info)
3527 {
3528 struct cfg80211_registered_device *rdev;
3529 struct net_device *dev;
3530 struct ieee80211_channel *chan;
3531 const u8 *bssid, *ssid, *ie = NULL;
3532 int err, ssid_len, ie_len = 0;
3533 enum nl80211_auth_type auth_type;
3534 struct key_parse key;
3535 bool local_state_change;
3536
3537 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
3538 return -EINVAL;
3539
3540 if (!info->attrs[NL80211_ATTR_MAC])
3541 return -EINVAL;
3542
3543 if (!info->attrs[NL80211_ATTR_AUTH_TYPE])
3544 return -EINVAL;
3545
3546 if (!info->attrs[NL80211_ATTR_SSID])
3547 return -EINVAL;
3548
3549 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ])
3550 return -EINVAL;
3551
3552 err = nl80211_parse_key(info, &key);
3553 if (err)
3554 return err;
3555
3556 if (key.idx >= 0) {
3557 if (!key.p.key || !key.p.key_len)
3558 return -EINVAL;
3559 if ((key.p.cipher != WLAN_CIPHER_SUITE_WEP40 ||
3560 key.p.key_len != WLAN_KEY_LEN_WEP40) &&
3561 (key.p.cipher != WLAN_CIPHER_SUITE_WEP104 ||
3562 key.p.key_len != WLAN_KEY_LEN_WEP104))
3563 return -EINVAL;
3564 if (key.idx > 4)
3565 return -EINVAL;
3566 } else {
3567 key.p.key_len = 0;
3568 key.p.key = NULL;
3569 }
3570
3571 rtnl_lock();
3572
3573 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
3574 if (err)
3575 goto unlock_rtnl;
3576
3577 if (!rdev->ops->auth) {
3578 err = -EOPNOTSUPP;
3579 goto out;
3580 }
3581
3582 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION) {
3583 err = -EOPNOTSUPP;
3584 goto out;
3585 }
3586
3587 if (!netif_running(dev)) {
3588 err = -ENETDOWN;
3589 goto out;
3590 }
3591
3592 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
3593 chan = ieee80211_get_channel(&rdev->wiphy,
3594 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]));
3595 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED)) {
3596 err = -EINVAL;
3597 goto out;
3598 }
3599
3600 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
3601 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
3602
3603 if (info->attrs[NL80211_ATTR_IE]) {
3604 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
3605 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
3606 }
3607
3608 auth_type = nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]);
3609 if (!nl80211_valid_auth_type(auth_type)) {
3610 err = -EINVAL;
3611 goto out;
3612 }
3613
3614 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE];
3615
3616 err = cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid,
3617 ssid, ssid_len, ie, ie_len,
3618 key.p.key, key.p.key_len, key.idx,
3619 local_state_change);
3620
3621 out:
3622 cfg80211_unlock_rdev(rdev);
3623 dev_put(dev);
3624 unlock_rtnl:
3625 rtnl_unlock();
3626 return err;
3627 }
3628
3629 static int nl80211_crypto_settings(struct genl_info *info,
3630 struct cfg80211_crypto_settings *settings,
3631 int cipher_limit)
3632 {
3633 memset(settings, 0, sizeof(*settings));
3634
3635 settings->control_port = info->attrs[NL80211_ATTR_CONTROL_PORT];
3636
3637 if (info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]) {
3638 void *data;
3639 int len, i;
3640
3641 data = nla_data(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]);
3642 len = nla_len(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]);
3643 settings->n_ciphers_pairwise = len / sizeof(u32);
3644
3645 if (len % sizeof(u32))
3646 return -EINVAL;
3647
3648 if (settings->n_ciphers_pairwise > cipher_limit)
3649 return -EINVAL;
3650
3651 memcpy(settings->ciphers_pairwise, data, len);
3652
3653 for (i = 0; i < settings->n_ciphers_pairwise; i++)
3654 if (!nl80211_valid_cipher_suite(
3655 settings->ciphers_pairwise[i]))
3656 return -EINVAL;
3657 }
3658
3659 if (info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]) {
3660 settings->cipher_group =
3661 nla_get_u32(info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]);
3662 if (!nl80211_valid_cipher_suite(settings->cipher_group))
3663 return -EINVAL;
3664 }
3665
3666 if (info->attrs[NL80211_ATTR_WPA_VERSIONS]) {
3667 settings->wpa_versions =
3668 nla_get_u32(info->attrs[NL80211_ATTR_WPA_VERSIONS]);
3669 if (!nl80211_valid_wpa_versions(settings->wpa_versions))
3670 return -EINVAL;
3671 }
3672
3673 if (info->attrs[NL80211_ATTR_AKM_SUITES]) {
3674 void *data;
3675 int len, i;
3676
3677 data = nla_data(info->attrs[NL80211_ATTR_AKM_SUITES]);
3678 len = nla_len(info->attrs[NL80211_ATTR_AKM_SUITES]);
3679 settings->n_akm_suites = len / sizeof(u32);
3680
3681 if (len % sizeof(u32))
3682 return -EINVAL;
3683
3684 memcpy(settings->akm_suites, data, len);
3685
3686 for (i = 0; i < settings->n_ciphers_pairwise; i++)
3687 if (!nl80211_valid_akm_suite(settings->akm_suites[i]))
3688 return -EINVAL;
3689 }
3690
3691 return 0;
3692 }
3693
3694 static int nl80211_associate(struct sk_buff *skb, struct genl_info *info)
3695 {
3696 struct cfg80211_registered_device *rdev;
3697 struct net_device *dev;
3698 struct cfg80211_crypto_settings crypto;
3699 struct ieee80211_channel *chan;
3700 const u8 *bssid, *ssid, *ie = NULL, *prev_bssid = NULL;
3701 int err, ssid_len, ie_len = 0;
3702 bool use_mfp = false;
3703
3704 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
3705 return -EINVAL;
3706
3707 if (!info->attrs[NL80211_ATTR_MAC] ||
3708 !info->attrs[NL80211_ATTR_SSID] ||
3709 !info->attrs[NL80211_ATTR_WIPHY_FREQ])
3710 return -EINVAL;
3711
3712 rtnl_lock();
3713
3714 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
3715 if (err)
3716 goto unlock_rtnl;
3717
3718 if (!rdev->ops->assoc) {
3719 err = -EOPNOTSUPP;
3720 goto out;
3721 }
3722
3723 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION) {
3724 err = -EOPNOTSUPP;
3725 goto out;
3726 }
3727
3728 if (!netif_running(dev)) {
3729 err = -ENETDOWN;
3730 goto out;
3731 }
3732
3733 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
3734
3735 chan = ieee80211_get_channel(&rdev->wiphy,
3736 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]));
3737 if (!chan || (chan->flags & IEEE80211_CHAN_DISABLED)) {
3738 err = -EINVAL;
3739 goto out;
3740 }
3741
3742 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
3743 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
3744
3745 if (info->attrs[NL80211_ATTR_IE]) {
3746 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
3747 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
3748 }
3749
3750 if (info->attrs[NL80211_ATTR_USE_MFP]) {
3751 enum nl80211_mfp mfp =
3752 nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]);
3753 if (mfp == NL80211_MFP_REQUIRED)
3754 use_mfp = true;
3755 else if (mfp != NL80211_MFP_NO) {
3756 err = -EINVAL;
3757 goto out;
3758 }
3759 }
3760
3761 if (info->attrs[NL80211_ATTR_PREV_BSSID])
3762 prev_bssid = nla_data(info->attrs[NL80211_ATTR_PREV_BSSID]);
3763
3764 err = nl80211_crypto_settings(info, &crypto, 1);
3765 if (!err)
3766 err = cfg80211_mlme_assoc(rdev, dev, chan, bssid, prev_bssid,
3767 ssid, ssid_len, ie, ie_len, use_mfp,
3768 &crypto);
3769
3770 out:
3771 cfg80211_unlock_rdev(rdev);
3772 dev_put(dev);
3773 unlock_rtnl:
3774 rtnl_unlock();
3775 return err;
3776 }
3777
3778 static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info)
3779 {
3780 struct cfg80211_registered_device *rdev;
3781 struct net_device *dev;
3782 const u8 *ie = NULL, *bssid;
3783 int err, ie_len = 0;
3784 u16 reason_code;
3785 bool local_state_change;
3786
3787 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
3788 return -EINVAL;
3789
3790 if (!info->attrs[NL80211_ATTR_MAC])
3791 return -EINVAL;
3792
3793 if (!info->attrs[NL80211_ATTR_REASON_CODE])
3794 return -EINVAL;
3795
3796 rtnl_lock();
3797
3798 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
3799 if (err)
3800 goto unlock_rtnl;
3801
3802 if (!rdev->ops->deauth) {
3803 err = -EOPNOTSUPP;
3804 goto out;
3805 }
3806
3807 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION) {
3808 err = -EOPNOTSUPP;
3809 goto out;
3810 }
3811
3812 if (!netif_running(dev)) {
3813 err = -ENETDOWN;
3814 goto out;
3815 }
3816
3817 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
3818
3819 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
3820 if (reason_code == 0) {
3821 /* Reason Code 0 is reserved */
3822 err = -EINVAL;
3823 goto out;
3824 }
3825
3826 if (info->attrs[NL80211_ATTR_IE]) {
3827 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
3828 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
3829 }
3830
3831 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE];
3832
3833 err = cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason_code,
3834 local_state_change);
3835
3836 out:
3837 cfg80211_unlock_rdev(rdev);
3838 dev_put(dev);
3839 unlock_rtnl:
3840 rtnl_unlock();
3841 return err;
3842 }
3843
3844 static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info)
3845 {
3846 struct cfg80211_registered_device *rdev;
3847 struct net_device *dev;
3848 const u8 *ie = NULL, *bssid;
3849 int err, ie_len = 0;
3850 u16 reason_code;
3851 bool local_state_change;
3852
3853 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
3854 return -EINVAL;
3855
3856 if (!info->attrs[NL80211_ATTR_MAC])
3857 return -EINVAL;
3858
3859 if (!info->attrs[NL80211_ATTR_REASON_CODE])
3860 return -EINVAL;
3861
3862 rtnl_lock();
3863
3864 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
3865 if (err)
3866 goto unlock_rtnl;
3867
3868 if (!rdev->ops->disassoc) {
3869 err = -EOPNOTSUPP;
3870 goto out;
3871 }
3872
3873 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION) {
3874 err = -EOPNOTSUPP;
3875 goto out;
3876 }
3877
3878 if (!netif_running(dev)) {
3879 err = -ENETDOWN;
3880 goto out;
3881 }
3882
3883 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
3884
3885 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
3886 if (reason_code == 0) {
3887 /* Reason Code 0 is reserved */
3888 err = -EINVAL;
3889 goto out;
3890 }
3891
3892 if (info->attrs[NL80211_ATTR_IE]) {
3893 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
3894 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
3895 }
3896
3897 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE];
3898
3899 err = cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason_code,
3900 local_state_change);
3901
3902 out:
3903 cfg80211_unlock_rdev(rdev);
3904 dev_put(dev);
3905 unlock_rtnl:
3906 rtnl_unlock();
3907 return err;
3908 }
3909
3910 static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info)
3911 {
3912 struct cfg80211_registered_device *rdev;
3913 struct net_device *dev;
3914 struct cfg80211_ibss_params ibss;
3915 struct wiphy *wiphy;
3916 struct cfg80211_cached_keys *connkeys = NULL;
3917 int err;
3918
3919 memset(&ibss, 0, sizeof(ibss));
3920
3921 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
3922 return -EINVAL;
3923
3924 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] ||
3925 !info->attrs[NL80211_ATTR_SSID] ||
3926 !nla_len(info->attrs[NL80211_ATTR_SSID]))
3927 return -EINVAL;
3928
3929 ibss.beacon_interval = 100;
3930
3931 if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) {
3932 ibss.beacon_interval =
3933 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]);
3934 if (ibss.beacon_interval < 1 || ibss.beacon_interval > 10000)
3935 return -EINVAL;
3936 }
3937
3938 rtnl_lock();
3939
3940 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
3941 if (err)
3942 goto unlock_rtnl;
3943
3944 if (!rdev->ops->join_ibss) {
3945 err = -EOPNOTSUPP;
3946 goto out;
3947 }
3948
3949 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) {
3950 err = -EOPNOTSUPP;
3951 goto out;
3952 }
3953
3954 if (!netif_running(dev)) {
3955 err = -ENETDOWN;
3956 goto out;
3957 }
3958
3959 wiphy = &rdev->wiphy;
3960
3961 if (info->attrs[NL80211_ATTR_MAC])
3962 ibss.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
3963 ibss.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
3964 ibss.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
3965
3966 if (info->attrs[NL80211_ATTR_IE]) {
3967 ibss.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
3968 ibss.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
3969 }
3970
3971 ibss.channel = ieee80211_get_channel(wiphy,
3972 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]));
3973 if (!ibss.channel ||
3974 ibss.channel->flags & IEEE80211_CHAN_NO_IBSS ||
3975 ibss.channel->flags & IEEE80211_CHAN_DISABLED) {
3976 err = -EINVAL;
3977 goto out;
3978 }
3979
3980 ibss.channel_fixed = !!info->attrs[NL80211_ATTR_FREQ_FIXED];
3981 ibss.privacy = !!info->attrs[NL80211_ATTR_PRIVACY];
3982
3983 if (ibss.privacy && info->attrs[NL80211_ATTR_KEYS]) {
3984 connkeys = nl80211_parse_connkeys(rdev,
3985 info->attrs[NL80211_ATTR_KEYS]);
3986 if (IS_ERR(connkeys)) {
3987 err = PTR_ERR(connkeys);
3988 connkeys = NULL;
3989 goto out;
3990 }
3991 }
3992
3993 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) {
3994 u8 *rates =
3995 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
3996 int n_rates =
3997 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
3998 struct ieee80211_supported_band *sband =
3999 wiphy->bands[ibss.channel->band];
4000 int i, j;
4001
4002 if (n_rates == 0) {
4003 err = -EINVAL;
4004 goto out;
4005 }
4006
4007 for (i = 0; i < n_rates; i++) {
4008 int rate = (rates[i] & 0x7f) * 5;
4009 bool found = false;
4010
4011 for (j = 0; j < sband->n_bitrates; j++) {
4012 if (sband->bitrates[j].bitrate == rate) {
4013 found = true;
4014 ibss.basic_rates |= BIT(j);
4015 break;
4016 }
4017 }
4018 if (!found) {
4019 err = -EINVAL;
4020 goto out;
4021 }
4022 }
4023 } else {
4024 /*
4025 * If no rates were explicitly configured,
4026 * use the mandatory rate set for 11b or
4027 * 11a for maximum compatibility.
4028 */
4029 struct ieee80211_supported_band *sband =
4030 wiphy->bands[ibss.channel->band];
4031 int j;
4032 u32 flag = ibss.channel->band == IEEE80211_BAND_5GHZ ?
4033 IEEE80211_RATE_MANDATORY_A :
4034 IEEE80211_RATE_MANDATORY_B;
4035
4036 for (j = 0; j < sband->n_bitrates; j++) {
4037 if (sband->bitrates[j].flags & flag)
4038 ibss.basic_rates |= BIT(j);
4039 }
4040 }
4041
4042 err = cfg80211_join_ibss(rdev, dev, &ibss, connkeys);
4043
4044 out:
4045 cfg80211_unlock_rdev(rdev);
4046 dev_put(dev);
4047 unlock_rtnl:
4048 if (err)
4049 kfree(connkeys);
4050 rtnl_unlock();
4051 return err;
4052 }
4053
4054 static int nl80211_leave_ibss(struct sk_buff *skb, struct genl_info *info)
4055 {
4056 struct cfg80211_registered_device *rdev;
4057 struct net_device *dev;
4058 int err;
4059
4060 rtnl_lock();
4061
4062 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
4063 if (err)
4064 goto unlock_rtnl;
4065
4066 if (!rdev->ops->leave_ibss) {
4067 err = -EOPNOTSUPP;
4068 goto out;
4069 }
4070
4071 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) {
4072 err = -EOPNOTSUPP;
4073 goto out;
4074 }
4075
4076 if (!netif_running(dev)) {
4077 err = -ENETDOWN;
4078 goto out;
4079 }
4080
4081 err = cfg80211_leave_ibss(rdev, dev, false);
4082
4083 out:
4084 cfg80211_unlock_rdev(rdev);
4085 dev_put(dev);
4086 unlock_rtnl:
4087 rtnl_unlock();
4088 return err;
4089 }
4090
4091 #ifdef CONFIG_NL80211_TESTMODE
4092 static struct genl_multicast_group nl80211_testmode_mcgrp = {
4093 .name = "testmode",
4094 };
4095
4096 static int nl80211_testmode_do(struct sk_buff *skb, struct genl_info *info)
4097 {
4098 struct cfg80211_registered_device *rdev;
4099 int err;
4100
4101 if (!info->attrs[NL80211_ATTR_TESTDATA])
4102 return -EINVAL;
4103
4104 rtnl_lock();
4105
4106 rdev = cfg80211_get_dev_from_info(info);
4107 if (IS_ERR(rdev)) {
4108 err = PTR_ERR(rdev);
4109 goto unlock_rtnl;
4110 }
4111
4112 err = -EOPNOTSUPP;
4113 if (rdev->ops->testmode_cmd) {
4114 rdev->testmode_info = info;
4115 err = rdev->ops->testmode_cmd(&rdev->wiphy,
4116 nla_data(info->attrs[NL80211_ATTR_TESTDATA]),
4117 nla_len(info->attrs[NL80211_ATTR_TESTDATA]));
4118 rdev->testmode_info = NULL;
4119 }
4120
4121 cfg80211_unlock_rdev(rdev);
4122
4123 unlock_rtnl:
4124 rtnl_unlock();
4125 return err;
4126 }
4127
4128 static struct sk_buff *
4129 __cfg80211_testmode_alloc_skb(struct cfg80211_registered_device *rdev,
4130 int approxlen, u32 pid, u32 seq, gfp_t gfp)
4131 {
4132 struct sk_buff *skb;
4133 void *hdr;
4134 struct nlattr *data;
4135
4136 skb = nlmsg_new(approxlen + 100, gfp);
4137 if (!skb)
4138 return NULL;
4139
4140 hdr = nl80211hdr_put(skb, pid, seq, 0, NL80211_CMD_TESTMODE);
4141 if (!hdr) {
4142 kfree_skb(skb);
4143 return NULL;
4144 }
4145
4146 NLA_PUT_U32(skb, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
4147 data = nla_nest_start(skb, NL80211_ATTR_TESTDATA);
4148
4149 ((void **)skb->cb)[0] = rdev;
4150 ((void **)skb->cb)[1] = hdr;
4151 ((void **)skb->cb)[2] = data;
4152
4153 return skb;
4154
4155 nla_put_failure:
4156 kfree_skb(skb);
4157 return NULL;
4158 }
4159
4160 struct sk_buff *cfg80211_testmode_alloc_reply_skb(struct wiphy *wiphy,
4161 int approxlen)
4162 {
4163 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
4164
4165 if (WARN_ON(!rdev->testmode_info))
4166 return NULL;
4167
4168 return __cfg80211_testmode_alloc_skb(rdev, approxlen,
4169 rdev->testmode_info->snd_pid,
4170 rdev->testmode_info->snd_seq,
4171 GFP_KERNEL);
4172 }
4173 EXPORT_SYMBOL(cfg80211_testmode_alloc_reply_skb);
4174
4175 int cfg80211_testmode_reply(struct sk_buff *skb)
4176 {
4177 struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0];
4178 void *hdr = ((void **)skb->cb)[1];
4179 struct nlattr *data = ((void **)skb->cb)[2];
4180
4181 if (WARN_ON(!rdev->testmode_info)) {
4182 kfree_skb(skb);
4183 return -EINVAL;
4184 }
4185
4186 nla_nest_end(skb, data);
4187 genlmsg_end(skb, hdr);
4188 return genlmsg_reply(skb, rdev->testmode_info);
4189 }
4190 EXPORT_SYMBOL(cfg80211_testmode_reply);
4191
4192 struct sk_buff *cfg80211_testmode_alloc_event_skb(struct wiphy *wiphy,
4193 int approxlen, gfp_t gfp)
4194 {
4195 struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy);
4196
4197 return __cfg80211_testmode_alloc_skb(rdev, approxlen, 0, 0, gfp);
4198 }
4199 EXPORT_SYMBOL(cfg80211_testmode_alloc_event_skb);
4200
4201 void cfg80211_testmode_event(struct sk_buff *skb, gfp_t gfp)
4202 {
4203 void *hdr = ((void **)skb->cb)[1];
4204 struct nlattr *data = ((void **)skb->cb)[2];
4205
4206 nla_nest_end(skb, data);
4207 genlmsg_end(skb, hdr);
4208 genlmsg_multicast(skb, 0, nl80211_testmode_mcgrp.id, gfp);
4209 }
4210 EXPORT_SYMBOL(cfg80211_testmode_event);
4211 #endif
4212
4213 static int nl80211_connect(struct sk_buff *skb, struct genl_info *info)
4214 {
4215 struct cfg80211_registered_device *rdev;
4216 struct net_device *dev;
4217 struct cfg80211_connect_params connect;
4218 struct wiphy *wiphy;
4219 struct cfg80211_cached_keys *connkeys = NULL;
4220 int err;
4221
4222 memset(&connect, 0, sizeof(connect));
4223
4224 if (!is_valid_ie_attr(info->attrs[NL80211_ATTR_IE]))
4225 return -EINVAL;
4226
4227 if (!info->attrs[NL80211_ATTR_SSID] ||
4228 !nla_len(info->attrs[NL80211_ATTR_SSID]))
4229 return -EINVAL;
4230
4231 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) {
4232 connect.auth_type =
4233 nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]);
4234 if (!nl80211_valid_auth_type(connect.auth_type))
4235 return -EINVAL;
4236 } else
4237 connect.auth_type = NL80211_AUTHTYPE_AUTOMATIC;
4238
4239 connect.privacy = info->attrs[NL80211_ATTR_PRIVACY];
4240
4241 err = nl80211_crypto_settings(info, &connect.crypto,
4242 NL80211_MAX_NR_CIPHER_SUITES);
4243 if (err)
4244 return err;
4245 rtnl_lock();
4246
4247 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
4248 if (err)
4249 goto unlock_rtnl;
4250
4251 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION) {
4252 err = -EOPNOTSUPP;
4253 goto out;
4254 }
4255
4256 if (!netif_running(dev)) {
4257 err = -ENETDOWN;
4258 goto out;
4259 }
4260
4261 wiphy = &rdev->wiphy;
4262
4263 if (info->attrs[NL80211_ATTR_MAC])
4264 connect.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
4265 connect.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
4266 connect.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
4267
4268 if (info->attrs[NL80211_ATTR_IE]) {
4269 connect.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
4270 connect.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
4271 }
4272
4273 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
4274 connect.channel =
4275 ieee80211_get_channel(wiphy,
4276 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]));
4277 if (!connect.channel ||
4278 connect.channel->flags & IEEE80211_CHAN_DISABLED) {
4279 err = -EINVAL;
4280 goto out;
4281 }
4282 }
4283
4284 if (connect.privacy && info->attrs[NL80211_ATTR_KEYS]) {
4285 connkeys = nl80211_parse_connkeys(rdev,
4286 info->attrs[NL80211_ATTR_KEYS]);
4287 if (IS_ERR(connkeys)) {
4288 err = PTR_ERR(connkeys);
4289 connkeys = NULL;
4290 goto out;
4291 }
4292 }
4293
4294 err = cfg80211_connect(rdev, dev, &connect, connkeys);
4295
4296 out:
4297 cfg80211_unlock_rdev(rdev);
4298 dev_put(dev);
4299 unlock_rtnl:
4300 if (err)
4301 kfree(connkeys);
4302 rtnl_unlock();
4303 return err;
4304 }
4305
4306 static int nl80211_disconnect(struct sk_buff *skb, struct genl_info *info)
4307 {
4308 struct cfg80211_registered_device *rdev;
4309 struct net_device *dev;
4310 int err;
4311 u16 reason;
4312
4313 if (!info->attrs[NL80211_ATTR_REASON_CODE])
4314 reason = WLAN_REASON_DEAUTH_LEAVING;
4315 else
4316 reason = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
4317
4318 if (reason == 0)
4319 return -EINVAL;
4320
4321 rtnl_lock();
4322
4323 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
4324 if (err)
4325 goto unlock_rtnl;
4326
4327 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION) {
4328 err = -EOPNOTSUPP;
4329 goto out;
4330 }
4331
4332 if (!netif_running(dev)) {
4333 err = -ENETDOWN;
4334 goto out;
4335 }
4336
4337 err = cfg80211_disconnect(rdev, dev, reason, true);
4338
4339 out:
4340 cfg80211_unlock_rdev(rdev);
4341 dev_put(dev);
4342 unlock_rtnl:
4343 rtnl_unlock();
4344 return err;
4345 }
4346
4347 static int nl80211_wiphy_netns(struct sk_buff *skb, struct genl_info *info)
4348 {
4349 struct cfg80211_registered_device *rdev;
4350 struct net *net;
4351 int err;
4352 u32 pid;
4353
4354 if (!info->attrs[NL80211_ATTR_PID])
4355 return -EINVAL;
4356
4357 pid = nla_get_u32(info->attrs[NL80211_ATTR_PID]);
4358
4359 rtnl_lock();
4360
4361 rdev = cfg80211_get_dev_from_info(info);
4362 if (IS_ERR(rdev)) {
4363 err = PTR_ERR(rdev);
4364 goto out_rtnl;
4365 }
4366
4367 net = get_net_ns_by_pid(pid);
4368 if (IS_ERR(net)) {
4369 err = PTR_ERR(net);
4370 goto out;
4371 }
4372
4373 err = 0;
4374
4375 /* check if anything to do */
4376 if (net_eq(wiphy_net(&rdev->wiphy), net))
4377 goto out_put_net;
4378
4379 err = cfg80211_switch_netns(rdev, net);
4380 out_put_net:
4381 put_net(net);
4382 out:
4383 cfg80211_unlock_rdev(rdev);
4384 out_rtnl:
4385 rtnl_unlock();
4386 return err;
4387 }
4388
4389 static int nl80211_setdel_pmksa(struct sk_buff *skb, struct genl_info *info)
4390 {
4391 struct cfg80211_registered_device *rdev;
4392 int (*rdev_ops)(struct wiphy *wiphy, struct net_device *dev,
4393 struct cfg80211_pmksa *pmksa) = NULL;
4394 int err;
4395 struct net_device *dev;
4396 struct cfg80211_pmksa pmksa;
4397
4398 memset(&pmksa, 0, sizeof(struct cfg80211_pmksa));
4399
4400 if (!info->attrs[NL80211_ATTR_MAC])
4401 return -EINVAL;
4402
4403 if (!info->attrs[NL80211_ATTR_PMKID])
4404 return -EINVAL;
4405
4406 rtnl_lock();
4407
4408 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
4409 if (err)
4410 goto out_rtnl;
4411
4412 pmksa.pmkid = nla_data(info->attrs[NL80211_ATTR_PMKID]);
4413 pmksa.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
4414
4415 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION) {
4416 err = -EOPNOTSUPP;
4417 goto out;
4418 }
4419
4420 switch (info->genlhdr->cmd) {
4421 case NL80211_CMD_SET_PMKSA:
4422 rdev_ops = rdev->ops->set_pmksa;
4423 break;
4424 case NL80211_CMD_DEL_PMKSA:
4425 rdev_ops = rdev->ops->del_pmksa;
4426 break;
4427 default:
4428 WARN_ON(1);
4429 break;
4430 }
4431
4432 if (!rdev_ops) {
4433 err = -EOPNOTSUPP;
4434 goto out;
4435 }
4436
4437 err = rdev_ops(&rdev->wiphy, dev, &pmksa);
4438
4439 out:
4440 cfg80211_unlock_rdev(rdev);
4441 dev_put(dev);
4442 out_rtnl:
4443 rtnl_unlock();
4444
4445 return err;
4446 }
4447
4448 static int nl80211_flush_pmksa(struct sk_buff *skb, struct genl_info *info)
4449 {
4450 struct cfg80211_registered_device *rdev;
4451 int err;
4452 struct net_device *dev;
4453
4454 rtnl_lock();
4455
4456 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
4457 if (err)
4458 goto out_rtnl;
4459
4460 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION) {
4461 err = -EOPNOTSUPP;
4462 goto out;
4463 }
4464
4465 if (!rdev->ops->flush_pmksa) {
4466 err = -EOPNOTSUPP;
4467 goto out;
4468 }
4469
4470 err = rdev->ops->flush_pmksa(&rdev->wiphy, dev);
4471
4472 out:
4473 cfg80211_unlock_rdev(rdev);
4474 dev_put(dev);
4475 out_rtnl:
4476 rtnl_unlock();
4477
4478 return err;
4479
4480 }
4481
4482 static int nl80211_remain_on_channel(struct sk_buff *skb,
4483 struct genl_info *info)
4484 {
4485 struct cfg80211_registered_device *rdev;
4486 struct net_device *dev;
4487 struct ieee80211_channel *chan;
4488 struct sk_buff *msg;
4489 void *hdr;
4490 u64 cookie;
4491 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT;
4492 u32 freq, duration;
4493 int err;
4494
4495 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] ||
4496 !info->attrs[NL80211_ATTR_DURATION])
4497 return -EINVAL;
4498
4499 duration = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]);
4500
4501 /*
4502 * We should be on that channel for at least one jiffie,
4503 * and more than 5 seconds seems excessive.
4504 */
4505 if (!duration || !msecs_to_jiffies(duration) || duration > 5000)
4506 return -EINVAL;
4507
4508 rtnl_lock();
4509
4510 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
4511 if (err)
4512 goto unlock_rtnl;
4513
4514 if (!rdev->ops->remain_on_channel) {
4515 err = -EOPNOTSUPP;
4516 goto out;
4517 }
4518
4519 if (!netif_running(dev)) {
4520 err = -ENETDOWN;
4521 goto out;
4522 }
4523
4524 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) {
4525 channel_type = nla_get_u32(
4526 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
4527 if (channel_type != NL80211_CHAN_NO_HT &&
4528 channel_type != NL80211_CHAN_HT20 &&
4529 channel_type != NL80211_CHAN_HT40PLUS &&
4530 channel_type != NL80211_CHAN_HT40MINUS) {
4531 err = -EINVAL;
4532 goto out;
4533 }
4534 }
4535
4536 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]);
4537 chan = rdev_freq_to_chan(rdev, freq, channel_type);
4538 if (chan == NULL) {
4539 err = -EINVAL;
4540 goto out;
4541 }
4542
4543 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
4544 if (!msg) {
4545 err = -ENOMEM;
4546 goto out;
4547 }
4548
4549 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0,
4550 NL80211_CMD_REMAIN_ON_CHANNEL);
4551
4552 if (IS_ERR(hdr)) {
4553 err = PTR_ERR(hdr);
4554 goto free_msg;
4555 }
4556
4557 err = rdev->ops->remain_on_channel(&rdev->wiphy, dev, chan,
4558 channel_type, duration, &cookie);
4559
4560 if (err)
4561 goto free_msg;
4562
4563 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie);
4564
4565 genlmsg_end(msg, hdr);
4566 err = genlmsg_reply(msg, info);
4567 goto out;
4568
4569 nla_put_failure:
4570 err = -ENOBUFS;
4571 free_msg:
4572 nlmsg_free(msg);
4573 out:
4574 cfg80211_unlock_rdev(rdev);
4575 dev_put(dev);
4576 unlock_rtnl:
4577 rtnl_unlock();
4578 return err;
4579 }
4580
4581 static int nl80211_cancel_remain_on_channel(struct sk_buff *skb,
4582 struct genl_info *info)
4583 {
4584 struct cfg80211_registered_device *rdev;
4585 struct net_device *dev;
4586 u64 cookie;
4587 int err;
4588
4589 if (!info->attrs[NL80211_ATTR_COOKIE])
4590 return -EINVAL;
4591
4592 rtnl_lock();
4593
4594 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
4595 if (err)
4596 goto unlock_rtnl;
4597
4598 if (!rdev->ops->cancel_remain_on_channel) {
4599 err = -EOPNOTSUPP;
4600 goto out;
4601 }
4602
4603 if (!netif_running(dev)) {
4604 err = -ENETDOWN;
4605 goto out;
4606 }
4607
4608 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]);
4609
4610 err = rdev->ops->cancel_remain_on_channel(&rdev->wiphy, dev, cookie);
4611
4612 out:
4613 cfg80211_unlock_rdev(rdev);
4614 dev_put(dev);
4615 unlock_rtnl:
4616 rtnl_unlock();
4617 return err;
4618 }
4619
4620 static u32 rateset_to_mask(struct ieee80211_supported_band *sband,
4621 u8 *rates, u8 rates_len)
4622 {
4623 u8 i;
4624 u32 mask = 0;
4625
4626 for (i = 0; i < rates_len; i++) {
4627 int rate = (rates[i] & 0x7f) * 5;
4628 int ridx;
4629 for (ridx = 0; ridx < sband->n_bitrates; ridx++) {
4630 struct ieee80211_rate *srate =
4631 &sband->bitrates[ridx];
4632 if (rate == srate->bitrate) {
4633 mask |= 1 << ridx;
4634 break;
4635 }
4636 }
4637 if (ridx == sband->n_bitrates)
4638 return 0; /* rate not found */
4639 }
4640
4641 return mask;
4642 }
4643
4644 static const struct nla_policy nl80211_txattr_policy[NL80211_TXRATE_MAX + 1] = {
4645 [NL80211_TXRATE_LEGACY] = { .type = NLA_BINARY,
4646 .len = NL80211_MAX_SUPP_RATES },
4647 };
4648
4649 static int nl80211_set_tx_bitrate_mask(struct sk_buff *skb,
4650 struct genl_info *info)
4651 {
4652 struct nlattr *tb[NL80211_TXRATE_MAX + 1];
4653 struct cfg80211_registered_device *rdev;
4654 struct cfg80211_bitrate_mask mask;
4655 int err, rem, i;
4656 struct net_device *dev;
4657 struct nlattr *tx_rates;
4658 struct ieee80211_supported_band *sband;
4659
4660 if (info->attrs[NL80211_ATTR_TX_RATES] == NULL)
4661 return -EINVAL;
4662
4663 rtnl_lock();
4664
4665 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
4666 if (err)
4667 goto unlock_rtnl;
4668
4669 if (!rdev->ops->set_bitrate_mask) {
4670 err = -EOPNOTSUPP;
4671 goto unlock;
4672 }
4673
4674 memset(&mask, 0, sizeof(mask));
4675 /* Default to all rates enabled */
4676 for (i = 0; i < IEEE80211_NUM_BANDS; i++) {
4677 sband = rdev->wiphy.bands[i];
4678 mask.control[i].legacy =
4679 sband ? (1 << sband->n_bitrates) - 1 : 0;
4680 }
4681
4682 /*
4683 * The nested attribute uses enum nl80211_band as the index. This maps
4684 * directly to the enum ieee80211_band values used in cfg80211.
4685 */
4686 nla_for_each_nested(tx_rates, info->attrs[NL80211_ATTR_TX_RATES], rem)
4687 {
4688 enum ieee80211_band band = nla_type(tx_rates);
4689 if (band < 0 || band >= IEEE80211_NUM_BANDS) {
4690 err = -EINVAL;
4691 goto unlock;
4692 }
4693 sband = rdev->wiphy.bands[band];
4694 if (sband == NULL) {
4695 err = -EINVAL;
4696 goto unlock;
4697 }
4698 nla_parse(tb, NL80211_TXRATE_MAX, nla_data(tx_rates),
4699 nla_len(tx_rates), nl80211_txattr_policy);
4700 if (tb[NL80211_TXRATE_LEGACY]) {
4701 mask.control[band].legacy = rateset_to_mask(
4702 sband,
4703 nla_data(tb[NL80211_TXRATE_LEGACY]),
4704 nla_len(tb[NL80211_TXRATE_LEGACY]));
4705 if (mask.control[band].legacy == 0) {
4706 err = -EINVAL;
4707 goto unlock;
4708 }
4709 }
4710 }
4711
4712 err = rdev->ops->set_bitrate_mask(&rdev->wiphy, dev, NULL, &mask);
4713
4714 unlock:
4715 dev_put(dev);
4716 cfg80211_unlock_rdev(rdev);
4717 unlock_rtnl:
4718 rtnl_unlock();
4719 return err;
4720 }
4721
4722 static int nl80211_register_action(struct sk_buff *skb, struct genl_info *info)
4723 {
4724 struct cfg80211_registered_device *rdev;
4725 struct net_device *dev;
4726 int err;
4727
4728 if (!info->attrs[NL80211_ATTR_FRAME_MATCH])
4729 return -EINVAL;
4730
4731 if (nla_len(info->attrs[NL80211_ATTR_FRAME_MATCH]) < 1)
4732 return -EINVAL;
4733
4734 rtnl_lock();
4735
4736 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
4737 if (err)
4738 goto unlock_rtnl;
4739
4740 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
4741 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) {
4742 err = -EOPNOTSUPP;
4743 goto out;
4744 }
4745
4746 /* not much point in registering if we can't reply */
4747 if (!rdev->ops->action) {
4748 err = -EOPNOTSUPP;
4749 goto out;
4750 }
4751
4752 err = cfg80211_mlme_register_action(dev->ieee80211_ptr, info->snd_pid,
4753 nla_data(info->attrs[NL80211_ATTR_FRAME_MATCH]),
4754 nla_len(info->attrs[NL80211_ATTR_FRAME_MATCH]));
4755 out:
4756 cfg80211_unlock_rdev(rdev);
4757 dev_put(dev);
4758 unlock_rtnl:
4759 rtnl_unlock();
4760 return err;
4761 }
4762
4763 static int nl80211_action(struct sk_buff *skb, struct genl_info *info)
4764 {
4765 struct cfg80211_registered_device *rdev;
4766 struct net_device *dev;
4767 struct ieee80211_channel *chan;
4768 enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT;
4769 bool channel_type_valid = false;
4770 u32 freq;
4771 int err;
4772 void *hdr;
4773 u64 cookie;
4774 struct sk_buff *msg;
4775
4776 if (!info->attrs[NL80211_ATTR_FRAME] ||
4777 !info->attrs[NL80211_ATTR_WIPHY_FREQ])
4778 return -EINVAL;
4779
4780 rtnl_lock();
4781
4782 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
4783 if (err)
4784 goto unlock_rtnl;
4785
4786 if (!rdev->ops->action) {
4787 err = -EOPNOTSUPP;
4788 goto out;
4789 }
4790
4791 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
4792 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC) {
4793 err = -EOPNOTSUPP;
4794 goto out;
4795 }
4796
4797 if (!netif_running(dev)) {
4798 err = -ENETDOWN;
4799 goto out;
4800 }
4801
4802 if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) {
4803 channel_type = nla_get_u32(
4804 info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
4805 if (channel_type != NL80211_CHAN_NO_HT &&
4806 channel_type != NL80211_CHAN_HT20 &&
4807 channel_type != NL80211_CHAN_HT40PLUS &&
4808 channel_type != NL80211_CHAN_HT40MINUS) {
4809 err = -EINVAL;
4810 goto out;
4811 }
4812 channel_type_valid = true;
4813 }
4814
4815 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]);
4816 chan = rdev_freq_to_chan(rdev, freq, channel_type);
4817 if (chan == NULL) {
4818 err = -EINVAL;
4819 goto out;
4820 }
4821
4822 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
4823 if (!msg) {
4824 err = -ENOMEM;
4825 goto out;
4826 }
4827
4828 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0,
4829 NL80211_CMD_ACTION);
4830
4831 if (IS_ERR(hdr)) {
4832 err = PTR_ERR(hdr);
4833 goto free_msg;
4834 }
4835 err = cfg80211_mlme_action(rdev, dev, chan, channel_type,
4836 channel_type_valid,
4837 nla_data(info->attrs[NL80211_ATTR_FRAME]),
4838 nla_len(info->attrs[NL80211_ATTR_FRAME]),
4839 &cookie);
4840 if (err)
4841 goto free_msg;
4842
4843 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie);
4844
4845 genlmsg_end(msg, hdr);
4846 err = genlmsg_reply(msg, info);
4847 goto out;
4848
4849 nla_put_failure:
4850 err = -ENOBUFS;
4851 free_msg:
4852 nlmsg_free(msg);
4853 out:
4854 cfg80211_unlock_rdev(rdev);
4855 dev_put(dev);
4856 unlock_rtnl:
4857 rtnl_unlock();
4858 return err;
4859 }
4860
4861 static int nl80211_set_power_save(struct sk_buff *skb, struct genl_info *info)
4862 {
4863 struct cfg80211_registered_device *rdev;
4864 struct wireless_dev *wdev;
4865 struct net_device *dev;
4866 u8 ps_state;
4867 bool state;
4868 int err;
4869
4870 if (!info->attrs[NL80211_ATTR_PS_STATE]) {
4871 err = -EINVAL;
4872 goto out;
4873 }
4874
4875 ps_state = nla_get_u32(info->attrs[NL80211_ATTR_PS_STATE]);
4876
4877 if (ps_state != NL80211_PS_DISABLED && ps_state != NL80211_PS_ENABLED) {
4878 err = -EINVAL;
4879 goto out;
4880 }
4881
4882 rtnl_lock();
4883
4884 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
4885 if (err)
4886 goto unlock_rdev;
4887
4888 wdev = dev->ieee80211_ptr;
4889
4890 if (!rdev->ops->set_power_mgmt) {
4891 err = -EOPNOTSUPP;
4892 goto unlock_rdev;
4893 }
4894
4895 state = (ps_state == NL80211_PS_ENABLED) ? true : false;
4896
4897 if (state == wdev->ps)
4898 goto unlock_rdev;
4899
4900 wdev->ps = state;
4901
4902 if (rdev->ops->set_power_mgmt(wdev->wiphy, dev, wdev->ps,
4903 wdev->ps_timeout))
4904 /* assume this means it's off */
4905 wdev->ps = false;
4906
4907 unlock_rdev:
4908 cfg80211_unlock_rdev(rdev);
4909 dev_put(dev);
4910 rtnl_unlock();
4911
4912 out:
4913 return err;
4914 }
4915
4916 static int nl80211_get_power_save(struct sk_buff *skb, struct genl_info *info)
4917 {
4918 struct cfg80211_registered_device *rdev;
4919 enum nl80211_ps_state ps_state;
4920 struct wireless_dev *wdev;
4921 struct net_device *dev;
4922 struct sk_buff *msg;
4923 void *hdr;
4924 int err;
4925
4926 rtnl_lock();
4927
4928 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
4929 if (err)
4930 goto unlock_rtnl;
4931
4932 wdev = dev->ieee80211_ptr;
4933
4934 if (!rdev->ops->set_power_mgmt) {
4935 err = -EOPNOTSUPP;
4936 goto out;
4937 }
4938
4939 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
4940 if (!msg) {
4941 err = -ENOMEM;
4942 goto out;
4943 }
4944
4945 hdr = nl80211hdr_put(msg, info->snd_pid, info->snd_seq, 0,
4946 NL80211_CMD_GET_POWER_SAVE);
4947 if (!hdr) {
4948 err = -ENOMEM;
4949 goto free_msg;
4950 }
4951
4952 if (wdev->ps)
4953 ps_state = NL80211_PS_ENABLED;
4954 else
4955 ps_state = NL80211_PS_DISABLED;
4956
4957 NLA_PUT_U32(msg, NL80211_ATTR_PS_STATE, ps_state);
4958
4959 genlmsg_end(msg, hdr);
4960 err = genlmsg_reply(msg, info);
4961 goto out;
4962
4963 nla_put_failure:
4964 err = -ENOBUFS;
4965
4966 free_msg:
4967 nlmsg_free(msg);
4968
4969 out:
4970 cfg80211_unlock_rdev(rdev);
4971 dev_put(dev);
4972
4973 unlock_rtnl:
4974 rtnl_unlock();
4975
4976 return err;
4977 }
4978
4979 static struct nla_policy
4980 nl80211_attr_cqm_policy[NL80211_ATTR_CQM_MAX + 1] __read_mostly = {
4981 [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_U32 },
4982 [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U32 },
4983 [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 },
4984 };
4985
4986 static int nl80211_set_cqm_rssi(struct genl_info *info,
4987 s32 threshold, u32 hysteresis)
4988 {
4989 struct cfg80211_registered_device *rdev;
4990 struct wireless_dev *wdev;
4991 struct net_device *dev;
4992 int err;
4993
4994 if (threshold > 0)
4995 return -EINVAL;
4996
4997 rtnl_lock();
4998
4999 err = get_rdev_dev_by_info_ifindex(info, &rdev, &dev);
5000 if (err)
5001 goto unlock_rtnl;
5002
5003 wdev = dev->ieee80211_ptr;
5004
5005 if (!rdev->ops->set_cqm_rssi_config) {
5006 err = -EOPNOTSUPP;
5007 goto unlock_rdev;
5008 }
5009
5010 if (wdev->iftype != NL80211_IFTYPE_STATION) {
5011 err = -EOPNOTSUPP;
5012 goto unlock_rdev;
5013 }
5014
5015 err = rdev->ops->set_cqm_rssi_config(wdev->wiphy, dev,
5016 threshold, hysteresis);
5017
5018 unlock_rdev:
5019 cfg80211_unlock_rdev(rdev);
5020 dev_put(dev);
5021 unlock_rtnl:
5022 rtnl_unlock();
5023
5024 return err;
5025 }
5026
5027 static int nl80211_set_cqm(struct sk_buff *skb, struct genl_info *info)
5028 {
5029 struct nlattr *attrs[NL80211_ATTR_CQM_MAX + 1];
5030 struct nlattr *cqm;
5031 int err;
5032
5033 cqm = info->attrs[NL80211_ATTR_CQM];
5034 if (!cqm) {
5035 err = -EINVAL;
5036 goto out;
5037 }
5038
5039 err = nla_parse_nested(attrs, NL80211_ATTR_CQM_MAX, cqm,
5040 nl80211_attr_cqm_policy);
5041 if (err)
5042 goto out;
5043
5044 if (attrs[NL80211_ATTR_CQM_RSSI_THOLD] &&
5045 attrs[NL80211_ATTR_CQM_RSSI_HYST]) {
5046 s32 threshold;
5047 u32 hysteresis;
5048 threshold = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_THOLD]);
5049 hysteresis = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_HYST]);
5050 err = nl80211_set_cqm_rssi(info, threshold, hysteresis);
5051 } else
5052 err = -EINVAL;
5053
5054 out:
5055 return err;
5056 }
5057
5058 static struct genl_ops nl80211_ops[] = {
5059 {
5060 .cmd = NL80211_CMD_GET_WIPHY,
5061 .doit = nl80211_get_wiphy,
5062 .dumpit = nl80211_dump_wiphy,
5063 .policy = nl80211_policy,
5064 /* can be retrieved by unprivileged users */
5065 },
5066 {
5067 .cmd = NL80211_CMD_SET_WIPHY,
5068 .doit = nl80211_set_wiphy,
5069 .policy = nl80211_policy,
5070 .flags = GENL_ADMIN_PERM,
5071 },
5072 {
5073 .cmd = NL80211_CMD_GET_INTERFACE,
5074 .doit = nl80211_get_interface,
5075 .dumpit = nl80211_dump_interface,
5076 .policy = nl80211_policy,
5077 /* can be retrieved by unprivileged users */
5078 },
5079 {
5080 .cmd = NL80211_CMD_SET_INTERFACE,
5081 .doit = nl80211_set_interface,
5082 .policy = nl80211_policy,
5083 .flags = GENL_ADMIN_PERM,
5084 },
5085 {
5086 .cmd = NL80211_CMD_NEW_INTERFACE,
5087 .doit = nl80211_new_interface,
5088 .policy = nl80211_policy,
5089 .flags = GENL_ADMIN_PERM,
5090 },
5091 {
5092 .cmd = NL80211_CMD_DEL_INTERFACE,
5093 .doit = nl80211_del_interface,
5094 .policy = nl80211_policy,
5095 .flags = GENL_ADMIN_PERM,
5096 },
5097 {
5098 .cmd = NL80211_CMD_GET_KEY,
5099 .doit = nl80211_get_key,
5100 .policy = nl80211_policy,
5101 .flags = GENL_ADMIN_PERM,
5102 },
5103 {
5104 .cmd = NL80211_CMD_SET_KEY,
5105 .doit = nl80211_set_key,
5106 .policy = nl80211_policy,
5107 .flags = GENL_ADMIN_PERM,
5108 },
5109 {
5110 .cmd = NL80211_CMD_NEW_KEY,
5111 .doit = nl80211_new_key,
5112 .policy = nl80211_policy,
5113 .flags = GENL_ADMIN_PERM,
5114 },
5115 {
5116 .cmd = NL80211_CMD_DEL_KEY,
5117 .doit = nl80211_del_key,
5118 .policy = nl80211_policy,
5119 .flags = GENL_ADMIN_PERM,
5120 },
5121 {
5122 .cmd = NL80211_CMD_SET_BEACON,
5123 .policy = nl80211_policy,
5124 .flags = GENL_ADMIN_PERM,
5125 .doit = nl80211_addset_beacon,
5126 },
5127 {
5128 .cmd = NL80211_CMD_NEW_BEACON,
5129 .policy = nl80211_policy,
5130 .flags = GENL_ADMIN_PERM,
5131 .doit = nl80211_addset_beacon,
5132 },
5133 {
5134 .cmd = NL80211_CMD_DEL_BEACON,
5135 .policy = nl80211_policy,
5136 .flags = GENL_ADMIN_PERM,
5137 .doit = nl80211_del_beacon,
5138 },
5139 {
5140 .cmd = NL80211_CMD_GET_STATION,
5141 .doit = nl80211_get_station,
5142 .dumpit = nl80211_dump_station,
5143 .policy = nl80211_policy,
5144 },
5145 {
5146 .cmd = NL80211_CMD_SET_STATION,
5147 .doit = nl80211_set_station,
5148 .policy = nl80211_policy,
5149 .flags = GENL_ADMIN_PERM,
5150 },
5151 {
5152 .cmd = NL80211_CMD_NEW_STATION,
5153 .doit = nl80211_new_station,
5154 .policy = nl80211_policy,
5155 .flags = GENL_ADMIN_PERM,
5156 },
5157 {
5158 .cmd = NL80211_CMD_DEL_STATION,
5159 .doit = nl80211_del_station,
5160 .policy = nl80211_policy,
5161 .flags = GENL_ADMIN_PERM,
5162 },
5163 {
5164 .cmd = NL80211_CMD_GET_MPATH,
5165 .doit = nl80211_get_mpath,
5166 .dumpit = nl80211_dump_mpath,
5167 .policy = nl80211_policy,
5168 .flags = GENL_ADMIN_PERM,
5169 },
5170 {
5171 .cmd = NL80211_CMD_SET_MPATH,
5172 .doit = nl80211_set_mpath,
5173 .policy = nl80211_policy,
5174 .flags = GENL_ADMIN_PERM,
5175 },
5176 {
5177 .cmd = NL80211_CMD_NEW_MPATH,
5178 .doit = nl80211_new_mpath,
5179 .policy = nl80211_policy,
5180 .flags = GENL_ADMIN_PERM,
5181 },
5182 {
5183 .cmd = NL80211_CMD_DEL_MPATH,
5184 .doit = nl80211_del_mpath,
5185 .policy = nl80211_policy,
5186 .flags = GENL_ADMIN_PERM,
5187 },
5188 {
5189 .cmd = NL80211_CMD_SET_BSS,
5190 .doit = nl80211_set_bss,
5191 .policy = nl80211_policy,
5192 .flags = GENL_ADMIN_PERM,
5193 },
5194 {
5195 .cmd = NL80211_CMD_GET_REG,
5196 .doit = nl80211_get_reg,
5197 .policy = nl80211_policy,
5198 /* can be retrieved by unprivileged users */
5199 },
5200 {
5201 .cmd = NL80211_CMD_SET_REG,
5202 .doit = nl80211_set_reg,
5203 .policy = nl80211_policy,
5204 .flags = GENL_ADMIN_PERM,
5205 },
5206 {
5207 .cmd = NL80211_CMD_REQ_SET_REG,
5208 .doit = nl80211_req_set_reg,
5209 .policy = nl80211_policy,
5210 .flags = GENL_ADMIN_PERM,
5211 },
5212 {
5213 .cmd = NL80211_CMD_GET_MESH_PARAMS,
5214 .doit = nl80211_get_mesh_params,
5215 .policy = nl80211_policy,
5216 /* can be retrieved by unprivileged users */
5217 },
5218 {
5219 .cmd = NL80211_CMD_SET_MESH_PARAMS,
5220 .doit = nl80211_set_mesh_params,
5221 .policy = nl80211_policy,
5222 .flags = GENL_ADMIN_PERM,
5223 },
5224 {
5225 .cmd = NL80211_CMD_TRIGGER_SCAN,
5226 .doit = nl80211_trigger_scan,
5227 .policy = nl80211_policy,
5228 .flags = GENL_ADMIN_PERM,
5229 },
5230 {
5231 .cmd = NL80211_CMD_GET_SCAN,
5232 .policy = nl80211_policy,
5233 .dumpit = nl80211_dump_scan,
5234 },
5235 {
5236 .cmd = NL80211_CMD_AUTHENTICATE,
5237 .doit = nl80211_authenticate,
5238 .policy = nl80211_policy,
5239 .flags = GENL_ADMIN_PERM,
5240 },
5241 {
5242 .cmd = NL80211_CMD_ASSOCIATE,
5243 .doit = nl80211_associate,
5244 .policy = nl80211_policy,
5245 .flags = GENL_ADMIN_PERM,
5246 },
5247 {
5248 .cmd = NL80211_CMD_DEAUTHENTICATE,
5249 .doit = nl80211_deauthenticate,
5250 .policy = nl80211_policy,
5251 .flags = GENL_ADMIN_PERM,
5252 },
5253 {
5254 .cmd = NL80211_CMD_DISASSOCIATE,
5255 .doit = nl80211_disassociate,
5256 .policy = nl80211_policy,
5257 .flags = GENL_ADMIN_PERM,
5258 },
5259 {
5260 .cmd = NL80211_CMD_JOIN_IBSS,
5261 .doit = nl80211_join_ibss,
5262 .policy = nl80211_policy,
5263 .flags = GENL_ADMIN_PERM,
5264 },
5265 {
5266 .cmd = NL80211_CMD_LEAVE_IBSS,
5267 .doit = nl80211_leave_ibss,
5268 .policy = nl80211_policy,
5269 .flags = GENL_ADMIN_PERM,
5270 },
5271 #ifdef CONFIG_NL80211_TESTMODE
5272 {
5273 .cmd = NL80211_CMD_TESTMODE,
5274 .doit = nl80211_testmode_do,
5275 .policy = nl80211_policy,
5276 .flags = GENL_ADMIN_PERM,
5277 },
5278 #endif
5279 {
5280 .cmd = NL80211_CMD_CONNECT,
5281 .doit = nl80211_connect,
5282 .policy = nl80211_policy,
5283 .flags = GENL_ADMIN_PERM,
5284 },
5285 {
5286 .cmd = NL80211_CMD_DISCONNECT,
5287 .doit = nl80211_disconnect,
5288 .policy = nl80211_policy,
5289 .flags = GENL_ADMIN_PERM,
5290 },
5291 {
5292 .cmd = NL80211_CMD_SET_WIPHY_NETNS,
5293 .doit = nl80211_wiphy_netns,
5294 .policy = nl80211_policy,
5295 .flags = GENL_ADMIN_PERM,
5296 },
5297 {
5298 .cmd = NL80211_CMD_GET_SURVEY,
5299 .policy = nl80211_policy,
5300 .dumpit = nl80211_dump_survey,
5301 },
5302 {
5303 .cmd = NL80211_CMD_SET_PMKSA,
5304 .doit = nl80211_setdel_pmksa,
5305 .policy = nl80211_policy,
5306 .flags = GENL_ADMIN_PERM,
5307 },
5308 {
5309 .cmd = NL80211_CMD_DEL_PMKSA,
5310 .doit = nl80211_setdel_pmksa,
5311 .policy = nl80211_policy,
5312 .flags = GENL_ADMIN_PERM,
5313 },
5314 {
5315 .cmd = NL80211_CMD_FLUSH_PMKSA,
5316 .doit = nl80211_flush_pmksa,
5317 .policy = nl80211_policy,
5318 .flags = GENL_ADMIN_PERM,
5319 },
5320 {
5321 .cmd = NL80211_CMD_REMAIN_ON_CHANNEL,
5322 .doit = nl80211_remain_on_channel,
5323 .policy = nl80211_policy,
5324 .flags = GENL_ADMIN_PERM,
5325 },
5326 {
5327 .cmd = NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL,
5328 .doit = nl80211_cancel_remain_on_channel,
5329 .policy = nl80211_policy,
5330 .flags = GENL_ADMIN_PERM,
5331 },
5332 {
5333 .cmd = NL80211_CMD_SET_TX_BITRATE_MASK,
5334 .doit = nl80211_set_tx_bitrate_mask,
5335 .policy = nl80211_policy,
5336 .flags = GENL_ADMIN_PERM,
5337 },
5338 {
5339 .cmd = NL80211_CMD_REGISTER_ACTION,
5340 .doit = nl80211_register_action,
5341 .policy = nl80211_policy,
5342 .flags = GENL_ADMIN_PERM,
5343 },
5344 {
5345 .cmd = NL80211_CMD_ACTION,
5346 .doit = nl80211_action,
5347 .policy = nl80211_policy,
5348 .flags = GENL_ADMIN_PERM,
5349 },
5350 {
5351 .cmd = NL80211_CMD_SET_POWER_SAVE,
5352 .doit = nl80211_set_power_save,
5353 .policy = nl80211_policy,
5354 .flags = GENL_ADMIN_PERM,
5355 },
5356 {
5357 .cmd = NL80211_CMD_GET_POWER_SAVE,
5358 .doit = nl80211_get_power_save,
5359 .policy = nl80211_policy,
5360 /* can be retrieved by unprivileged users */
5361 },
5362 {
5363 .cmd = NL80211_CMD_SET_CQM,
5364 .doit = nl80211_set_cqm,
5365 .policy = nl80211_policy,
5366 .flags = GENL_ADMIN_PERM,
5367 },
5368 {
5369 .cmd = NL80211_CMD_SET_CHANNEL,
5370 .doit = nl80211_set_channel,
5371 .policy = nl80211_policy,
5372 .flags = GENL_ADMIN_PERM,
5373 },
5374 };
5375
5376 static struct genl_multicast_group nl80211_mlme_mcgrp = {
5377 .name = "mlme",
5378 };
5379
5380 /* multicast groups */
5381 static struct genl_multicast_group nl80211_config_mcgrp = {
5382 .name = "config",
5383 };
5384 static struct genl_multicast_group nl80211_scan_mcgrp = {
5385 .name = "scan",
5386 };
5387 static struct genl_multicast_group nl80211_regulatory_mcgrp = {
5388 .name = "regulatory",
5389 };
5390
5391 /* notification functions */
5392
5393 void nl80211_notify_dev_rename(struct cfg80211_registered_device *rdev)
5394 {
5395 struct sk_buff *msg;
5396
5397 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
5398 if (!msg)
5399 return;
5400
5401 if (nl80211_send_wiphy(msg, 0, 0, 0, rdev) < 0) {
5402 nlmsg_free(msg);
5403 return;
5404 }
5405
5406 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
5407 nl80211_config_mcgrp.id, GFP_KERNEL);
5408 }
5409
5410 static int nl80211_add_scan_req(struct sk_buff *msg,
5411 struct cfg80211_registered_device *rdev)
5412 {
5413 struct cfg80211_scan_request *req = rdev->scan_req;
5414 struct nlattr *nest;
5415 int i;
5416
5417 ASSERT_RDEV_LOCK(rdev);
5418
5419 if (WARN_ON(!req))
5420 return 0;
5421
5422 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_SSIDS);
5423 if (!nest)
5424 goto nla_put_failure;
5425 for (i = 0; i < req->n_ssids; i++)
5426 NLA_PUT(msg, i, req->ssids[i].ssid_len, req->ssids[i].ssid);
5427 nla_nest_end(msg, nest);
5428
5429 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_FREQUENCIES);
5430 if (!nest)
5431 goto nla_put_failure;
5432 for (i = 0; i < req->n_channels; i++)
5433 NLA_PUT_U32(msg, i, req->channels[i]->center_freq);
5434 nla_nest_end(msg, nest);
5435
5436 if (req->ie)
5437 NLA_PUT(msg, NL80211_ATTR_IE, req->ie_len, req->ie);
5438
5439 return 0;
5440 nla_put_failure:
5441 return -ENOBUFS;
5442 }
5443
5444 static int nl80211_send_scan_msg(struct sk_buff *msg,
5445 struct cfg80211_registered_device *rdev,
5446 struct net_device *netdev,
5447 u32 pid, u32 seq, int flags,
5448 u32 cmd)
5449 {
5450 void *hdr;
5451
5452 hdr = nl80211hdr_put(msg, pid, seq, flags, cmd);
5453 if (!hdr)
5454 return -1;
5455
5456 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
5457 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
5458
5459 /* ignore errors and send incomplete event anyway */
5460 nl80211_add_scan_req(msg, rdev);
5461
5462 return genlmsg_end(msg, hdr);
5463
5464 nla_put_failure:
5465 genlmsg_cancel(msg, hdr);
5466 return -EMSGSIZE;
5467 }
5468
5469 void nl80211_send_scan_start(struct cfg80211_registered_device *rdev,
5470 struct net_device *netdev)
5471 {
5472 struct sk_buff *msg;
5473
5474 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
5475 if (!msg)
5476 return;
5477
5478 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0,
5479 NL80211_CMD_TRIGGER_SCAN) < 0) {
5480 nlmsg_free(msg);
5481 return;
5482 }
5483
5484 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
5485 nl80211_scan_mcgrp.id, GFP_KERNEL);
5486 }
5487
5488 void nl80211_send_scan_done(struct cfg80211_registered_device *rdev,
5489 struct net_device *netdev)
5490 {
5491 struct sk_buff *msg;
5492
5493 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
5494 if (!msg)
5495 return;
5496
5497 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0,
5498 NL80211_CMD_NEW_SCAN_RESULTS) < 0) {
5499 nlmsg_free(msg);
5500 return;
5501 }
5502
5503 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
5504 nl80211_scan_mcgrp.id, GFP_KERNEL);
5505 }
5506
5507 void nl80211_send_scan_aborted(struct cfg80211_registered_device *rdev,
5508 struct net_device *netdev)
5509 {
5510 struct sk_buff *msg;
5511
5512 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
5513 if (!msg)
5514 return;
5515
5516 if (nl80211_send_scan_msg(msg, rdev, netdev, 0, 0, 0,
5517 NL80211_CMD_SCAN_ABORTED) < 0) {
5518 nlmsg_free(msg);
5519 return;
5520 }
5521
5522 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
5523 nl80211_scan_mcgrp.id, GFP_KERNEL);
5524 }
5525
5526 /*
5527 * This can happen on global regulatory changes or device specific settings
5528 * based on custom world regulatory domains.
5529 */
5530 void nl80211_send_reg_change_event(struct regulatory_request *request)
5531 {
5532 struct sk_buff *msg;
5533 void *hdr;
5534
5535 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
5536 if (!msg)
5537 return;
5538
5539 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_CHANGE);
5540 if (!hdr) {
5541 nlmsg_free(msg);
5542 return;
5543 }
5544
5545 /* Userspace can always count this one always being set */
5546 NLA_PUT_U8(msg, NL80211_ATTR_REG_INITIATOR, request->initiator);
5547
5548 if (request->alpha2[0] == '0' && request->alpha2[1] == '0')
5549 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE,
5550 NL80211_REGDOM_TYPE_WORLD);
5551 else if (request->alpha2[0] == '9' && request->alpha2[1] == '9')
5552 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE,
5553 NL80211_REGDOM_TYPE_CUSTOM_WORLD);
5554 else if ((request->alpha2[0] == '9' && request->alpha2[1] == '8') ||
5555 request->intersect)
5556 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE,
5557 NL80211_REGDOM_TYPE_INTERSECTION);
5558 else {
5559 NLA_PUT_U8(msg, NL80211_ATTR_REG_TYPE,
5560 NL80211_REGDOM_TYPE_COUNTRY);
5561 NLA_PUT_STRING(msg, NL80211_ATTR_REG_ALPHA2, request->alpha2);
5562 }
5563
5564 if (wiphy_idx_valid(request->wiphy_idx))
5565 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, request->wiphy_idx);
5566
5567 if (genlmsg_end(msg, hdr) < 0) {
5568 nlmsg_free(msg);
5569 return;
5570 }
5571
5572 rcu_read_lock();
5573 genlmsg_multicast_allns(msg, 0, nl80211_regulatory_mcgrp.id,
5574 GFP_ATOMIC);
5575 rcu_read_unlock();
5576
5577 return;
5578
5579 nla_put_failure:
5580 genlmsg_cancel(msg, hdr);
5581 nlmsg_free(msg);
5582 }
5583
5584 static void nl80211_send_mlme_event(struct cfg80211_registered_device *rdev,
5585 struct net_device *netdev,
5586 const u8 *buf, size_t len,
5587 enum nl80211_commands cmd, gfp_t gfp)
5588 {
5589 struct sk_buff *msg;
5590 void *hdr;
5591
5592 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
5593 if (!msg)
5594 return;
5595
5596 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
5597 if (!hdr) {
5598 nlmsg_free(msg);
5599 return;
5600 }
5601
5602 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
5603 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
5604 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf);
5605
5606 if (genlmsg_end(msg, hdr) < 0) {
5607 nlmsg_free(msg);
5608 return;
5609 }
5610
5611 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
5612 nl80211_mlme_mcgrp.id, gfp);
5613 return;
5614
5615 nla_put_failure:
5616 genlmsg_cancel(msg, hdr);
5617 nlmsg_free(msg);
5618 }
5619
5620 void nl80211_send_rx_auth(struct cfg80211_registered_device *rdev,
5621 struct net_device *netdev, const u8 *buf,
5622 size_t len, gfp_t gfp)
5623 {
5624 nl80211_send_mlme_event(rdev, netdev, buf, len,
5625 NL80211_CMD_AUTHENTICATE, gfp);
5626 }
5627
5628 void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev,
5629 struct net_device *netdev, const u8 *buf,
5630 size_t len, gfp_t gfp)
5631 {
5632 nl80211_send_mlme_event(rdev, netdev, buf, len,
5633 NL80211_CMD_ASSOCIATE, gfp);
5634 }
5635
5636 void nl80211_send_deauth(struct cfg80211_registered_device *rdev,
5637 struct net_device *netdev, const u8 *buf,
5638 size_t len, gfp_t gfp)
5639 {
5640 nl80211_send_mlme_event(rdev, netdev, buf, len,
5641 NL80211_CMD_DEAUTHENTICATE, gfp);
5642 }
5643
5644 void nl80211_send_disassoc(struct cfg80211_registered_device *rdev,
5645 struct net_device *netdev, const u8 *buf,
5646 size_t len, gfp_t gfp)
5647 {
5648 nl80211_send_mlme_event(rdev, netdev, buf, len,
5649 NL80211_CMD_DISASSOCIATE, gfp);
5650 }
5651
5652 static void nl80211_send_mlme_timeout(struct cfg80211_registered_device *rdev,
5653 struct net_device *netdev, int cmd,
5654 const u8 *addr, gfp_t gfp)
5655 {
5656 struct sk_buff *msg;
5657 void *hdr;
5658
5659 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
5660 if (!msg)
5661 return;
5662
5663 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
5664 if (!hdr) {
5665 nlmsg_free(msg);
5666 return;
5667 }
5668
5669 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
5670 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
5671 NLA_PUT_FLAG(msg, NL80211_ATTR_TIMED_OUT);
5672 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
5673
5674 if (genlmsg_end(msg, hdr) < 0) {
5675 nlmsg_free(msg);
5676 return;
5677 }
5678
5679 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
5680 nl80211_mlme_mcgrp.id, gfp);
5681 return;
5682
5683 nla_put_failure:
5684 genlmsg_cancel(msg, hdr);
5685 nlmsg_free(msg);
5686 }
5687
5688 void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev,
5689 struct net_device *netdev, const u8 *addr,
5690 gfp_t gfp)
5691 {
5692 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_AUTHENTICATE,
5693 addr, gfp);
5694 }
5695
5696 void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev,
5697 struct net_device *netdev, const u8 *addr,
5698 gfp_t gfp)
5699 {
5700 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_ASSOCIATE,
5701 addr, gfp);
5702 }
5703
5704 void nl80211_send_connect_result(struct cfg80211_registered_device *rdev,
5705 struct net_device *netdev, const u8 *bssid,
5706 const u8 *req_ie, size_t req_ie_len,
5707 const u8 *resp_ie, size_t resp_ie_len,
5708 u16 status, gfp_t gfp)
5709 {
5710 struct sk_buff *msg;
5711 void *hdr;
5712
5713 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
5714 if (!msg)
5715 return;
5716
5717 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONNECT);
5718 if (!hdr) {
5719 nlmsg_free(msg);
5720 return;
5721 }
5722
5723 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
5724 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
5725 if (bssid)
5726 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid);
5727 NLA_PUT_U16(msg, NL80211_ATTR_STATUS_CODE, status);
5728 if (req_ie)
5729 NLA_PUT(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie);
5730 if (resp_ie)
5731 NLA_PUT(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie);
5732
5733 if (genlmsg_end(msg, hdr) < 0) {
5734 nlmsg_free(msg);
5735 return;
5736 }
5737
5738 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
5739 nl80211_mlme_mcgrp.id, gfp);
5740 return;
5741
5742 nla_put_failure:
5743 genlmsg_cancel(msg, hdr);
5744 nlmsg_free(msg);
5745
5746 }
5747
5748 void nl80211_send_roamed(struct cfg80211_registered_device *rdev,
5749 struct net_device *netdev, const u8 *bssid,
5750 const u8 *req_ie, size_t req_ie_len,
5751 const u8 *resp_ie, size_t resp_ie_len, gfp_t gfp)
5752 {
5753 struct sk_buff *msg;
5754 void *hdr;
5755
5756 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
5757 if (!msg)
5758 return;
5759
5760 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_ROAM);
5761 if (!hdr) {
5762 nlmsg_free(msg);
5763 return;
5764 }
5765
5766 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
5767 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
5768 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid);
5769 if (req_ie)
5770 NLA_PUT(msg, NL80211_ATTR_REQ_IE, req_ie_len, req_ie);
5771 if (resp_ie)
5772 NLA_PUT(msg, NL80211_ATTR_RESP_IE, resp_ie_len, resp_ie);
5773
5774 if (genlmsg_end(msg, hdr) < 0) {
5775 nlmsg_free(msg);
5776 return;
5777 }
5778
5779 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
5780 nl80211_mlme_mcgrp.id, gfp);
5781 return;
5782
5783 nla_put_failure:
5784 genlmsg_cancel(msg, hdr);
5785 nlmsg_free(msg);
5786
5787 }
5788
5789 void nl80211_send_disconnected(struct cfg80211_registered_device *rdev,
5790 struct net_device *netdev, u16 reason,
5791 const u8 *ie, size_t ie_len, bool from_ap)
5792 {
5793 struct sk_buff *msg;
5794 void *hdr;
5795
5796 msg = nlmsg_new(NLMSG_GOODSIZE, GFP_KERNEL);
5797 if (!msg)
5798 return;
5799
5800 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DISCONNECT);
5801 if (!hdr) {
5802 nlmsg_free(msg);
5803 return;
5804 }
5805
5806 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
5807 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
5808 if (from_ap && reason)
5809 NLA_PUT_U16(msg, NL80211_ATTR_REASON_CODE, reason);
5810 if (from_ap)
5811 NLA_PUT_FLAG(msg, NL80211_ATTR_DISCONNECTED_BY_AP);
5812 if (ie)
5813 NLA_PUT(msg, NL80211_ATTR_IE, ie_len, ie);
5814
5815 if (genlmsg_end(msg, hdr) < 0) {
5816 nlmsg_free(msg);
5817 return;
5818 }
5819
5820 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
5821 nl80211_mlme_mcgrp.id, GFP_KERNEL);
5822 return;
5823
5824 nla_put_failure:
5825 genlmsg_cancel(msg, hdr);
5826 nlmsg_free(msg);
5827
5828 }
5829
5830 void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev,
5831 struct net_device *netdev, const u8 *bssid,
5832 gfp_t gfp)
5833 {
5834 struct sk_buff *msg;
5835 void *hdr;
5836
5837 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
5838 if (!msg)
5839 return;
5840
5841 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_JOIN_IBSS);
5842 if (!hdr) {
5843 nlmsg_free(msg);
5844 return;
5845 }
5846
5847 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
5848 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
5849 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid);
5850
5851 if (genlmsg_end(msg, hdr) < 0) {
5852 nlmsg_free(msg);
5853 return;
5854 }
5855
5856 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
5857 nl80211_mlme_mcgrp.id, gfp);
5858 return;
5859
5860 nla_put_failure:
5861 genlmsg_cancel(msg, hdr);
5862 nlmsg_free(msg);
5863 }
5864
5865 void nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev,
5866 struct net_device *netdev, const u8 *addr,
5867 enum nl80211_key_type key_type, int key_id,
5868 const u8 *tsc, gfp_t gfp)
5869 {
5870 struct sk_buff *msg;
5871 void *hdr;
5872
5873 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
5874 if (!msg)
5875 return;
5876
5877 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_MICHAEL_MIC_FAILURE);
5878 if (!hdr) {
5879 nlmsg_free(msg);
5880 return;
5881 }
5882
5883 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
5884 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
5885 if (addr)
5886 NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr);
5887 NLA_PUT_U32(msg, NL80211_ATTR_KEY_TYPE, key_type);
5888 NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_id);
5889 if (tsc)
5890 NLA_PUT(msg, NL80211_ATTR_KEY_SEQ, 6, tsc);
5891
5892 if (genlmsg_end(msg, hdr) < 0) {
5893 nlmsg_free(msg);
5894 return;
5895 }
5896
5897 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
5898 nl80211_mlme_mcgrp.id, gfp);
5899 return;
5900
5901 nla_put_failure:
5902 genlmsg_cancel(msg, hdr);
5903 nlmsg_free(msg);
5904 }
5905
5906 void nl80211_send_beacon_hint_event(struct wiphy *wiphy,
5907 struct ieee80211_channel *channel_before,
5908 struct ieee80211_channel *channel_after)
5909 {
5910 struct sk_buff *msg;
5911 void *hdr;
5912 struct nlattr *nl_freq;
5913
5914 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC);
5915 if (!msg)
5916 return;
5917
5918 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_BEACON_HINT);
5919 if (!hdr) {
5920 nlmsg_free(msg);
5921 return;
5922 }
5923
5924 /*
5925 * Since we are applying the beacon hint to a wiphy we know its
5926 * wiphy_idx is valid
5927 */
5928 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy));
5929
5930 /* Before */
5931 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_BEFORE);
5932 if (!nl_freq)
5933 goto nla_put_failure;
5934 if (nl80211_msg_put_channel(msg, channel_before))
5935 goto nla_put_failure;
5936 nla_nest_end(msg, nl_freq);
5937
5938 /* After */
5939 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_AFTER);
5940 if (!nl_freq)
5941 goto nla_put_failure;
5942 if (nl80211_msg_put_channel(msg, channel_after))
5943 goto nla_put_failure;
5944 nla_nest_end(msg, nl_freq);
5945
5946 if (genlmsg_end(msg, hdr) < 0) {
5947 nlmsg_free(msg);
5948 return;
5949 }
5950
5951 rcu_read_lock();
5952 genlmsg_multicast_allns(msg, 0, nl80211_regulatory_mcgrp.id,
5953 GFP_ATOMIC);
5954 rcu_read_unlock();
5955
5956 return;
5957
5958 nla_put_failure:
5959 genlmsg_cancel(msg, hdr);
5960 nlmsg_free(msg);
5961 }
5962
5963 static void nl80211_send_remain_on_chan_event(
5964 int cmd, struct cfg80211_registered_device *rdev,
5965 struct net_device *netdev, u64 cookie,
5966 struct ieee80211_channel *chan,
5967 enum nl80211_channel_type channel_type,
5968 unsigned int duration, gfp_t gfp)
5969 {
5970 struct sk_buff *msg;
5971 void *hdr;
5972
5973 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
5974 if (!msg)
5975 return;
5976
5977 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
5978 if (!hdr) {
5979 nlmsg_free(msg);
5980 return;
5981 }
5982
5983 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
5984 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
5985 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, chan->center_freq);
5986 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE, channel_type);
5987 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie);
5988
5989 if (cmd == NL80211_CMD_REMAIN_ON_CHANNEL)
5990 NLA_PUT_U32(msg, NL80211_ATTR_DURATION, duration);
5991
5992 if (genlmsg_end(msg, hdr) < 0) {
5993 nlmsg_free(msg);
5994 return;
5995 }
5996
5997 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
5998 nl80211_mlme_mcgrp.id, gfp);
5999 return;
6000
6001 nla_put_failure:
6002 genlmsg_cancel(msg, hdr);
6003 nlmsg_free(msg);
6004 }
6005
6006 void nl80211_send_remain_on_channel(struct cfg80211_registered_device *rdev,
6007 struct net_device *netdev, u64 cookie,
6008 struct ieee80211_channel *chan,
6009 enum nl80211_channel_type channel_type,
6010 unsigned int duration, gfp_t gfp)
6011 {
6012 nl80211_send_remain_on_chan_event(NL80211_CMD_REMAIN_ON_CHANNEL,
6013 rdev, netdev, cookie, chan,
6014 channel_type, duration, gfp);
6015 }
6016
6017 void nl80211_send_remain_on_channel_cancel(
6018 struct cfg80211_registered_device *rdev, struct net_device *netdev,
6019 u64 cookie, struct ieee80211_channel *chan,
6020 enum nl80211_channel_type channel_type, gfp_t gfp)
6021 {
6022 nl80211_send_remain_on_chan_event(NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL,
6023 rdev, netdev, cookie, chan,
6024 channel_type, 0, gfp);
6025 }
6026
6027 void nl80211_send_sta_event(struct cfg80211_registered_device *rdev,
6028 struct net_device *dev, const u8 *mac_addr,
6029 struct station_info *sinfo, gfp_t gfp)
6030 {
6031 struct sk_buff *msg;
6032
6033 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
6034 if (!msg)
6035 return;
6036
6037 if (nl80211_send_station(msg, 0, 0, 0, dev, mac_addr, sinfo) < 0) {
6038 nlmsg_free(msg);
6039 return;
6040 }
6041
6042 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
6043 nl80211_mlme_mcgrp.id, gfp);
6044 }
6045
6046 int nl80211_send_action(struct cfg80211_registered_device *rdev,
6047 struct net_device *netdev, u32 nlpid,
6048 int freq, const u8 *buf, size_t len, gfp_t gfp)
6049 {
6050 struct sk_buff *msg;
6051 void *hdr;
6052 int err;
6053
6054 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
6055 if (!msg)
6056 return -ENOMEM;
6057
6058 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_ACTION);
6059 if (!hdr) {
6060 nlmsg_free(msg);
6061 return -ENOMEM;
6062 }
6063
6064 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
6065 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
6066 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FREQ, freq);
6067 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf);
6068
6069 err = genlmsg_end(msg, hdr);
6070 if (err < 0) {
6071 nlmsg_free(msg);
6072 return err;
6073 }
6074
6075 err = genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlpid);
6076 if (err < 0)
6077 return err;
6078 return 0;
6079
6080 nla_put_failure:
6081 genlmsg_cancel(msg, hdr);
6082 nlmsg_free(msg);
6083 return -ENOBUFS;
6084 }
6085
6086 void nl80211_send_action_tx_status(struct cfg80211_registered_device *rdev,
6087 struct net_device *netdev, u64 cookie,
6088 const u8 *buf, size_t len, bool ack,
6089 gfp_t gfp)
6090 {
6091 struct sk_buff *msg;
6092 void *hdr;
6093
6094 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
6095 if (!msg)
6096 return;
6097
6098 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_ACTION_TX_STATUS);
6099 if (!hdr) {
6100 nlmsg_free(msg);
6101 return;
6102 }
6103
6104 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
6105 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
6106 NLA_PUT(msg, NL80211_ATTR_FRAME, len, buf);
6107 NLA_PUT_U64(msg, NL80211_ATTR_COOKIE, cookie);
6108 if (ack)
6109 NLA_PUT_FLAG(msg, NL80211_ATTR_ACK);
6110
6111 if (genlmsg_end(msg, hdr) < 0) {
6112 nlmsg_free(msg);
6113 return;
6114 }
6115
6116 genlmsg_multicast(msg, 0, nl80211_mlme_mcgrp.id, gfp);
6117 return;
6118
6119 nla_put_failure:
6120 genlmsg_cancel(msg, hdr);
6121 nlmsg_free(msg);
6122 }
6123
6124 void
6125 nl80211_send_cqm_rssi_notify(struct cfg80211_registered_device *rdev,
6126 struct net_device *netdev,
6127 enum nl80211_cqm_rssi_threshold_event rssi_event,
6128 gfp_t gfp)
6129 {
6130 struct sk_buff *msg;
6131 struct nlattr *pinfoattr;
6132 void *hdr;
6133
6134 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
6135 if (!msg)
6136 return;
6137
6138 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM);
6139 if (!hdr) {
6140 nlmsg_free(msg);
6141 return;
6142 }
6143
6144 NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
6145 NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex);
6146
6147 pinfoattr = nla_nest_start(msg, NL80211_ATTR_CQM);
6148 if (!pinfoattr)
6149 goto nla_put_failure;
6150
6151 NLA_PUT_U32(msg, NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT,
6152 rssi_event);
6153
6154 nla_nest_end(msg, pinfoattr);
6155
6156 if (genlmsg_end(msg, hdr) < 0) {
6157 nlmsg_free(msg);
6158 return;
6159 }
6160
6161 genlmsg_multicast_netns(wiphy_net(&rdev->wiphy), msg, 0,
6162 nl80211_mlme_mcgrp.id, gfp);
6163 return;
6164
6165 nla_put_failure:
6166 genlmsg_cancel(msg, hdr);
6167 nlmsg_free(msg);
6168 }
6169
6170 static int nl80211_netlink_notify(struct notifier_block * nb,
6171 unsigned long state,
6172 void *_notify)
6173 {
6174 struct netlink_notify *notify = _notify;
6175 struct cfg80211_registered_device *rdev;
6176 struct wireless_dev *wdev;
6177
6178 if (state != NETLINK_URELEASE)
6179 return NOTIFY_DONE;
6180
6181 rcu_read_lock();
6182
6183 list_for_each_entry_rcu(rdev, &cfg80211_rdev_list, list)
6184 list_for_each_entry_rcu(wdev, &rdev->netdev_list, list)
6185 cfg80211_mlme_unregister_actions(wdev, notify->pid);
6186
6187 rcu_read_unlock();
6188
6189 return NOTIFY_DONE;
6190 }
6191
6192 static struct notifier_block nl80211_netlink_notifier = {
6193 .notifier_call = nl80211_netlink_notify,
6194 };
6195
6196 /* initialisation/exit functions */
6197
6198 int nl80211_init(void)
6199 {
6200 int err;
6201
6202 err = genl_register_family_with_ops(&nl80211_fam,
6203 nl80211_ops, ARRAY_SIZE(nl80211_ops));
6204 if (err)
6205 return err;
6206
6207 err = genl_register_mc_group(&nl80211_fam, &nl80211_config_mcgrp);
6208 if (err)
6209 goto err_out;
6210
6211 err = genl_register_mc_group(&nl80211_fam, &nl80211_scan_mcgrp);
6212 if (err)
6213 goto err_out;
6214
6215 err = genl_register_mc_group(&nl80211_fam, &nl80211_regulatory_mcgrp);
6216 if (err)
6217 goto err_out;
6218
6219 err = genl_register_mc_group(&nl80211_fam, &nl80211_mlme_mcgrp);
6220 if (err)
6221 goto err_out;
6222
6223 #ifdef CONFIG_NL80211_TESTMODE
6224 err = genl_register_mc_group(&nl80211_fam, &nl80211_testmode_mcgrp);
6225 if (err)
6226 goto err_out;
6227 #endif
6228
6229 err = netlink_register_notifier(&nl80211_netlink_notifier);
6230 if (err)
6231 goto err_out;
6232
6233 return 0;
6234 err_out:
6235 genl_unregister_family(&nl80211_fam);
6236 return err;
6237 }
6238
6239 void nl80211_exit(void)
6240 {
6241 netlink_unregister_notifier(&nl80211_netlink_notifier);
6242 genl_unregister_family(&nl80211_fam);
6243 }
Linux 2.6 ibm-acpi/thinkpad-acpi driver git tree