Commit | Line | Data |
---|---|---|
6039f6d2 JM |
1 | /* |
2 | * cfg80211 MLME SAP interface | |
3 | * | |
4 | * Copyright (c) 2009, Jouni Malinen <j@w1.fi> | |
5 | */ | |
6 | ||
7 | #include <linux/kernel.h> | |
8 | #include <linux/module.h> | |
c6fb08aa | 9 | #include <linux/etherdevice.h> |
6039f6d2 JM |
10 | #include <linux/netdevice.h> |
11 | #include <linux/nl80211.h> | |
5a0e3ad6 | 12 | #include <linux/slab.h> |
a9a11622 | 13 | #include <linux/wireless.h> |
6039f6d2 | 14 | #include <net/cfg80211.h> |
a9a11622 | 15 | #include <net/iw_handler.h> |
6039f6d2 JM |
16 | #include "core.h" |
17 | #include "nl80211.h" | |
e35e4d28 HG |
18 | #include "rdev-ops.h" |
19 | ||
6039f6d2 | 20 | |
cb0b4beb | 21 | void cfg80211_send_rx_auth(struct net_device *dev, const u8 *buf, size_t len) |
6039f6d2 | 22 | { |
19957bb3 JB |
23 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
24 | struct wiphy *wiphy = wdev->wiphy; | |
6039f6d2 | 25 | struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); |
19957bb3 | 26 | |
4ee3e063 | 27 | trace_cfg80211_send_rx_auth(dev); |
cb0b4beb | 28 | |
95de817b JB |
29 | nl80211_send_rx_auth(rdev, dev, buf, len, GFP_KERNEL); |
30 | cfg80211_sme_rx_auth(dev, buf, len); | |
6039f6d2 JM |
31 | } |
32 | EXPORT_SYMBOL(cfg80211_send_rx_auth); | |
33 | ||
95de817b JB |
34 | void cfg80211_send_rx_assoc(struct net_device *dev, struct cfg80211_bss *bss, |
35 | const u8 *buf, size_t len) | |
6039f6d2 | 36 | { |
6829c878 JB |
37 | u16 status_code; |
38 | struct wireless_dev *wdev = dev->ieee80211_ptr; | |
39 | struct wiphy *wiphy = wdev->wiphy; | |
6039f6d2 | 40 | struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); |
6829c878 JB |
41 | struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf; |
42 | u8 *ie = mgmt->u.assoc_resp.variable; | |
95de817b | 43 | int ieoffs = offsetof(struct ieee80211_mgmt, u.assoc_resp.variable); |
6829c878 | 44 | |
4ee3e063 | 45 | trace_cfg80211_send_rx_assoc(dev, bss); |
cb0b4beb | 46 | |
6829c878 JB |
47 | status_code = le16_to_cpu(mgmt->u.assoc_resp.status_code); |
48 | ||
f401a6f7 JB |
49 | /* |
50 | * This is a bit of a hack, we don't notify userspace of | |
51 | * a (re-)association reply if we tried to send a reassoc | |
52 | * and got a reject -- we only try again with an assoc | |
53 | * frame instead of reassoc. | |
54 | */ | |
55 | if (status_code != WLAN_STATUS_SUCCESS && wdev->conn && | |
95de817b | 56 | cfg80211_sme_failed_reassoc(wdev)) { |
5b112d3d | 57 | cfg80211_put_bss(wiphy, bss); |
8d61ffa5 | 58 | return; |
95de817b | 59 | } |
f401a6f7 | 60 | |
cb0b4beb | 61 | nl80211_send_rx_assoc(rdev, dev, buf, len, GFP_KERNEL); |
6829c878 | 62 | |
95de817b | 63 | if (status_code != WLAN_STATUS_SUCCESS && wdev->conn) { |
7d930bc3 | 64 | cfg80211_sme_failed_assoc(wdev); |
7d930bc3 JB |
65 | /* |
66 | * do not call connect_result() now because the | |
67 | * sme will schedule work that does it later. | |
68 | */ | |
5b112d3d | 69 | cfg80211_put_bss(wiphy, bss); |
8d61ffa5 | 70 | return; |
df7fc0f9 JB |
71 | } |
72 | ||
ea416a79 JB |
73 | if (!wdev->conn && wdev->sme_state == CFG80211_SME_IDLE) { |
74 | /* | |
75 | * This is for the userspace SME, the CONNECTING | |
76 | * state will be changed to CONNECTED by | |
77 | * __cfg80211_connect_result() below. | |
78 | */ | |
79 | wdev->sme_state = CFG80211_SME_CONNECTING; | |
80 | } | |
81 | ||
95de817b | 82 | /* this consumes the bss reference */ |
df7fc0f9 JB |
83 | __cfg80211_connect_result(dev, mgmt->bssid, NULL, 0, ie, len - ieoffs, |
84 | status_code, | |
95de817b | 85 | status_code == WLAN_STATUS_SUCCESS, bss); |
6039f6d2 JM |
86 | } |
87 | EXPORT_SYMBOL(cfg80211_send_rx_assoc); | |
88 | ||
8d61ffa5 JB |
89 | void cfg80211_send_deauth(struct net_device *dev, |
90 | const u8 *buf, size_t len) | |
6039f6d2 | 91 | { |
6829c878 JB |
92 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
93 | struct wiphy *wiphy = wdev->wiphy; | |
6039f6d2 | 94 | struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); |
6829c878 | 95 | struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf; |
19957bb3 | 96 | const u8 *bssid = mgmt->bssid; |
95de817b | 97 | bool was_current = false; |
6829c878 | 98 | |
8d61ffa5 | 99 | trace_cfg80211_send_deauth(dev); |
667503dd | 100 | ASSERT_WDEV_LOCK(wdev); |
cb0b4beb | 101 | |
19957bb3 | 102 | if (wdev->current_bss && |
ac422d3c | 103 | ether_addr_equal(wdev->current_bss->pub.bssid, bssid)) { |
19957bb3 | 104 | cfg80211_unhold_bss(wdev->current_bss); |
5b112d3d | 105 | cfg80211_put_bss(wiphy, &wdev->current_bss->pub); |
19957bb3 | 106 | wdev->current_bss = NULL; |
3f3b6a8d | 107 | was_current = true; |
19957bb3 | 108 | } |
19957bb3 | 109 | |
5fba4af3 JB |
110 | nl80211_send_deauth(rdev, dev, buf, len, GFP_KERNEL); |
111 | ||
3f3b6a8d | 112 | if (wdev->sme_state == CFG80211_SME_CONNECTED && was_current) { |
6829c878 JB |
113 | u16 reason_code; |
114 | bool from_ap; | |
115 | ||
116 | reason_code = le16_to_cpu(mgmt->u.deauth.reason_code); | |
117 | ||
ac422d3c | 118 | from_ap = !ether_addr_equal(mgmt->sa, dev->dev_addr); |
667503dd | 119 | __cfg80211_disconnected(dev, NULL, 0, reason_code, from_ap); |
6829c878 | 120 | } else if (wdev->sme_state == CFG80211_SME_CONNECTING) { |
667503dd JB |
121 | __cfg80211_connect_result(dev, mgmt->bssid, NULL, 0, NULL, 0, |
122 | WLAN_STATUS_UNSPECIFIED_FAILURE, | |
df7fc0f9 | 123 | false, NULL); |
667503dd JB |
124 | } |
125 | } | |
53b46b84 | 126 | EXPORT_SYMBOL(cfg80211_send_deauth); |
6039f6d2 | 127 | |
8d61ffa5 JB |
128 | void cfg80211_send_disassoc(struct net_device *dev, |
129 | const u8 *buf, size_t len) | |
6039f6d2 | 130 | { |
6829c878 JB |
131 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
132 | struct wiphy *wiphy = wdev->wiphy; | |
6039f6d2 | 133 | struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); |
6829c878 | 134 | struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf; |
19957bb3 | 135 | const u8 *bssid = mgmt->bssid; |
19957bb3 JB |
136 | u16 reason_code; |
137 | bool from_ap; | |
6829c878 | 138 | |
8d61ffa5 | 139 | trace_cfg80211_send_disassoc(dev); |
596a07c1 | 140 | ASSERT_WDEV_LOCK(wdev); |
cb0b4beb JB |
141 | |
142 | nl80211_send_disassoc(rdev, dev, buf, len, GFP_KERNEL); | |
a3b8b056 | 143 | |
596a07c1 JB |
144 | if (wdev->sme_state != CFG80211_SME_CONNECTED) |
145 | return; | |
6829c878 | 146 | |
19957bb3 | 147 | if (wdev->current_bss && |
ac422d3c | 148 | ether_addr_equal(wdev->current_bss->pub.bssid, bssid)) { |
95de817b JB |
149 | cfg80211_sme_disassoc(dev, wdev->current_bss); |
150 | cfg80211_unhold_bss(wdev->current_bss); | |
5b112d3d | 151 | cfg80211_put_bss(wiphy, &wdev->current_bss->pub); |
95de817b | 152 | wdev->current_bss = NULL; |
19957bb3 JB |
153 | } else |
154 | WARN_ON(1); | |
6829c878 | 155 | |
6829c878 | 156 | |
19957bb3 JB |
157 | reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code); |
158 | ||
ac422d3c | 159 | from_ap = !ether_addr_equal(mgmt->sa, dev->dev_addr); |
667503dd | 160 | __cfg80211_disconnected(dev, NULL, 0, reason_code, from_ap); |
667503dd | 161 | } |
6829c878 | 162 | EXPORT_SYMBOL(cfg80211_send_disassoc); |
1965c853 | 163 | |
a58ce43f JB |
164 | void cfg80211_send_auth_timeout(struct net_device *dev, const u8 *addr) |
165 | { | |
166 | struct wireless_dev *wdev = dev->ieee80211_ptr; | |
167 | struct wiphy *wiphy = wdev->wiphy; | |
168 | struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); | |
169 | ||
4ee3e063 | 170 | trace_cfg80211_send_auth_timeout(dev, addr); |
a58ce43f JB |
171 | |
172 | nl80211_send_auth_timeout(rdev, dev, addr, GFP_KERNEL); | |
173 | if (wdev->sme_state == CFG80211_SME_CONNECTING) | |
174 | __cfg80211_connect_result(dev, addr, NULL, 0, NULL, 0, | |
175 | WLAN_STATUS_UNSPECIFIED_FAILURE, | |
176 | false, NULL); | |
1965c853 JM |
177 | } |
178 | EXPORT_SYMBOL(cfg80211_send_auth_timeout); | |
179 | ||
cb0b4beb | 180 | void cfg80211_send_assoc_timeout(struct net_device *dev, const u8 *addr) |
1965c853 | 181 | { |
6829c878 JB |
182 | struct wireless_dev *wdev = dev->ieee80211_ptr; |
183 | struct wiphy *wiphy = wdev->wiphy; | |
1965c853 | 184 | struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); |
19957bb3 | 185 | |
4ee3e063 | 186 | trace_cfg80211_send_assoc_timeout(dev, addr); |
cb0b4beb JB |
187 | |
188 | nl80211_send_assoc_timeout(rdev, dev, addr, GFP_KERNEL); | |
6829c878 | 189 | if (wdev->sme_state == CFG80211_SME_CONNECTING) |
667503dd JB |
190 | __cfg80211_connect_result(dev, addr, NULL, 0, NULL, 0, |
191 | WLAN_STATUS_UNSPECIFIED_FAILURE, | |
df7fc0f9 | 192 | false, NULL); |
1965c853 JM |
193 | } |
194 | EXPORT_SYMBOL(cfg80211_send_assoc_timeout); | |
195 | ||
a3b8b056 JM |
196 | void cfg80211_michael_mic_failure(struct net_device *dev, const u8 *addr, |
197 | enum nl80211_key_type key_type, int key_id, | |
e6d6e342 | 198 | const u8 *tsc, gfp_t gfp) |
a3b8b056 JM |
199 | { |
200 | struct wiphy *wiphy = dev->ieee80211_ptr->wiphy; | |
201 | struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); | |
3d23e349 | 202 | #ifdef CONFIG_CFG80211_WEXT |
f58d4ed9 | 203 | union iwreq_data wrqu; |
e6d6e342 | 204 | char *buf = kmalloc(128, gfp); |
f58d4ed9 JB |
205 | |
206 | if (buf) { | |
207 | sprintf(buf, "MLME-MICHAELMICFAILURE.indication(" | |
208 | "keyid=%d %scast addr=%pM)", key_id, | |
209 | key_type == NL80211_KEYTYPE_GROUP ? "broad" : "uni", | |
210 | addr); | |
211 | memset(&wrqu, 0, sizeof(wrqu)); | |
212 | wrqu.data.length = strlen(buf); | |
213 | wireless_send_event(dev, IWEVCUSTOM, &wrqu, buf); | |
214 | kfree(buf); | |
215 | } | |
216 | #endif | |
217 | ||
4ee3e063 | 218 | trace_cfg80211_michael_mic_failure(dev, addr, key_type, key_id, tsc); |
e6d6e342 | 219 | nl80211_michael_mic_failure(rdev, dev, addr, key_type, key_id, tsc, gfp); |
a3b8b056 JM |
220 | } |
221 | EXPORT_SYMBOL(cfg80211_michael_mic_failure); | |
19957bb3 JB |
222 | |
223 | /* some MLME handling for userspace SME */ | |
667503dd JB |
224 | int __cfg80211_mlme_auth(struct cfg80211_registered_device *rdev, |
225 | struct net_device *dev, | |
226 | struct ieee80211_channel *chan, | |
227 | enum nl80211_auth_type auth_type, | |
228 | const u8 *bssid, | |
229 | const u8 *ssid, int ssid_len, | |
fffd0934 | 230 | const u8 *ie, int ie_len, |
e39e5b5e JM |
231 | const u8 *key, int key_len, int key_idx, |
232 | const u8 *sae_data, int sae_data_len) | |
19957bb3 JB |
233 | { |
234 | struct wireless_dev *wdev = dev->ieee80211_ptr; | |
7ade7036 JB |
235 | struct cfg80211_auth_request req = { |
236 | .ie = ie, | |
237 | .ie_len = ie_len, | |
238 | .sae_data = sae_data, | |
239 | .sae_data_len = sae_data_len, | |
240 | .auth_type = auth_type, | |
241 | .key = key, | |
242 | .key_len = key_len, | |
243 | .key_idx = key_idx, | |
244 | }; | |
95de817b | 245 | int err; |
19957bb3 | 246 | |
667503dd JB |
247 | ASSERT_WDEV_LOCK(wdev); |
248 | ||
fffd0934 JB |
249 | if (auth_type == NL80211_AUTHTYPE_SHARED_KEY) |
250 | if (!key || !key_len || key_idx < 0 || key_idx > 4) | |
251 | return -EINVAL; | |
252 | ||
0a9b5e17 | 253 | if (wdev->current_bss && |
ac422d3c | 254 | ether_addr_equal(bssid, wdev->current_bss->pub.bssid)) |
0a9b5e17 JB |
255 | return -EALREADY; |
256 | ||
19957bb3 JB |
257 | req.bss = cfg80211_get_bss(&rdev->wiphy, chan, bssid, ssid, ssid_len, |
258 | WLAN_CAPABILITY_ESS, WLAN_CAPABILITY_ESS); | |
259 | if (!req.bss) | |
260 | return -ENOENT; | |
261 | ||
e4e32459 MK |
262 | err = cfg80211_can_use_chan(rdev, wdev, req.bss->channel, |
263 | CHAN_MODE_SHARED); | |
264 | if (err) | |
265 | goto out; | |
266 | ||
e35e4d28 | 267 | err = rdev_auth(rdev, dev, &req); |
19957bb3 | 268 | |
e4e32459 | 269 | out: |
5b112d3d | 270 | cfg80211_put_bss(&rdev->wiphy, req.bss); |
19957bb3 JB |
271 | return err; |
272 | } | |
273 | ||
667503dd JB |
274 | int cfg80211_mlme_auth(struct cfg80211_registered_device *rdev, |
275 | struct net_device *dev, struct ieee80211_channel *chan, | |
276 | enum nl80211_auth_type auth_type, const u8 *bssid, | |
277 | const u8 *ssid, int ssid_len, | |
fffd0934 | 278 | const u8 *ie, int ie_len, |
e39e5b5e JM |
279 | const u8 *key, int key_len, int key_idx, |
280 | const u8 *sae_data, int sae_data_len) | |
667503dd JB |
281 | { |
282 | int err; | |
283 | ||
5fe231e8 JB |
284 | ASSERT_RTNL(); |
285 | ||
667503dd JB |
286 | wdev_lock(dev->ieee80211_ptr); |
287 | err = __cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid, | |
fffd0934 | 288 | ssid, ssid_len, ie, ie_len, |
e39e5b5e JM |
289 | key, key_len, key_idx, |
290 | sae_data, sae_data_len); | |
667503dd JB |
291 | wdev_unlock(dev->ieee80211_ptr); |
292 | ||
293 | return err; | |
294 | } | |
295 | ||
7e7c8926 BG |
296 | /* Do a logical ht_capa &= ht_capa_mask. */ |
297 | void cfg80211_oper_and_ht_capa(struct ieee80211_ht_cap *ht_capa, | |
298 | const struct ieee80211_ht_cap *ht_capa_mask) | |
299 | { | |
300 | int i; | |
301 | u8 *p1, *p2; | |
302 | if (!ht_capa_mask) { | |
303 | memset(ht_capa, 0, sizeof(*ht_capa)); | |
304 | return; | |
305 | } | |
306 | ||
307 | p1 = (u8*)(ht_capa); | |
308 | p2 = (u8*)(ht_capa_mask); | |
309 | for (i = 0; i<sizeof(*ht_capa); i++) | |
310 | p1[i] &= p2[i]; | |
311 | } | |
312 | ||
ee2aca34 JB |
313 | /* Do a logical ht_capa &= ht_capa_mask. */ |
314 | void cfg80211_oper_and_vht_capa(struct ieee80211_vht_cap *vht_capa, | |
315 | const struct ieee80211_vht_cap *vht_capa_mask) | |
316 | { | |
317 | int i; | |
318 | u8 *p1, *p2; | |
319 | if (!vht_capa_mask) { | |
320 | memset(vht_capa, 0, sizeof(*vht_capa)); | |
321 | return; | |
322 | } | |
323 | ||
324 | p1 = (u8*)(vht_capa); | |
325 | p2 = (u8*)(vht_capa_mask); | |
326 | for (i = 0; i < sizeof(*vht_capa); i++) | |
327 | p1[i] &= p2[i]; | |
328 | } | |
329 | ||
667503dd JB |
330 | int __cfg80211_mlme_assoc(struct cfg80211_registered_device *rdev, |
331 | struct net_device *dev, | |
332 | struct ieee80211_channel *chan, | |
f62fab73 | 333 | const u8 *bssid, |
667503dd | 334 | const u8 *ssid, int ssid_len, |
f62fab73 | 335 | struct cfg80211_assoc_request *req) |
19957bb3 JB |
336 | { |
337 | struct wireless_dev *wdev = dev->ieee80211_ptr; | |
95de817b | 338 | int err; |
24b6b15f | 339 | bool was_connected = false; |
19957bb3 | 340 | |
667503dd JB |
341 | ASSERT_WDEV_LOCK(wdev); |
342 | ||
f62fab73 JB |
343 | if (wdev->current_bss && req->prev_bssid && |
344 | ether_addr_equal(wdev->current_bss->pub.bssid, req->prev_bssid)) { | |
24b6b15f JM |
345 | /* |
346 | * Trying to reassociate: Allow this to proceed and let the old | |
347 | * association to be dropped when the new one is completed. | |
348 | */ | |
349 | if (wdev->sme_state == CFG80211_SME_CONNECTED) { | |
350 | was_connected = true; | |
351 | wdev->sme_state = CFG80211_SME_CONNECTING; | |
352 | } | |
353 | } else if (wdev->current_bss) | |
19957bb3 JB |
354 | return -EALREADY; |
355 | ||
f62fab73 | 356 | cfg80211_oper_and_ht_capa(&req->ht_capa_mask, |
7e7c8926 | 357 | rdev->wiphy.ht_capa_mod_mask); |
f62fab73 | 358 | cfg80211_oper_and_vht_capa(&req->vht_capa_mask, |
ee2aca34 | 359 | rdev->wiphy.vht_capa_mod_mask); |
7e7c8926 | 360 | |
f62fab73 JB |
361 | req->bss = cfg80211_get_bss(&rdev->wiphy, chan, bssid, ssid, ssid_len, |
362 | WLAN_CAPABILITY_ESS, WLAN_CAPABILITY_ESS); | |
363 | if (!req->bss) { | |
24b6b15f JM |
364 | if (was_connected) |
365 | wdev->sme_state = CFG80211_SME_CONNECTED; | |
19957bb3 | 366 | return -ENOENT; |
24b6b15f | 367 | } |
19957bb3 | 368 | |
f62fab73 | 369 | err = cfg80211_can_use_chan(rdev, wdev, chan, CHAN_MODE_SHARED); |
e4e32459 MK |
370 | if (err) |
371 | goto out; | |
372 | ||
f62fab73 | 373 | err = rdev_assoc(rdev, dev, req); |
19957bb3 | 374 | |
e4e32459 | 375 | out: |
95de817b JB |
376 | if (err) { |
377 | if (was_connected) | |
378 | wdev->sme_state = CFG80211_SME_CONNECTED; | |
f62fab73 | 379 | cfg80211_put_bss(&rdev->wiphy, req->bss); |
19957bb3 JB |
380 | } |
381 | ||
19957bb3 JB |
382 | return err; |
383 | } | |
384 | ||
667503dd JB |
385 | int cfg80211_mlme_assoc(struct cfg80211_registered_device *rdev, |
386 | struct net_device *dev, | |
387 | struct ieee80211_channel *chan, | |
f62fab73 | 388 | const u8 *bssid, |
667503dd | 389 | const u8 *ssid, int ssid_len, |
f62fab73 | 390 | struct cfg80211_assoc_request *req) |
667503dd JB |
391 | { |
392 | struct wireless_dev *wdev = dev->ieee80211_ptr; | |
393 | int err; | |
394 | ||
5fe231e8 JB |
395 | ASSERT_RTNL(); |
396 | ||
667503dd | 397 | wdev_lock(wdev); |
f62fab73 JB |
398 | err = __cfg80211_mlme_assoc(rdev, dev, chan, bssid, |
399 | ssid, ssid_len, req); | |
667503dd JB |
400 | wdev_unlock(wdev); |
401 | ||
402 | return err; | |
403 | } | |
404 | ||
405 | int __cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev, | |
406 | struct net_device *dev, const u8 *bssid, | |
d5cdfacb JM |
407 | const u8 *ie, int ie_len, u16 reason, |
408 | bool local_state_change) | |
19957bb3 JB |
409 | { |
410 | struct wireless_dev *wdev = dev->ieee80211_ptr; | |
95de817b JB |
411 | struct cfg80211_deauth_request req = { |
412 | .bssid = bssid, | |
413 | .reason_code = reason, | |
414 | .ie = ie, | |
415 | .ie_len = ie_len, | |
6863255b | 416 | .local_state_change = local_state_change, |
95de817b | 417 | }; |
19957bb3 | 418 | |
667503dd JB |
419 | ASSERT_WDEV_LOCK(wdev); |
420 | ||
6863255b SG |
421 | if (local_state_change && (!wdev->current_bss || |
422 | !ether_addr_equal(wdev->current_bss->pub.bssid, bssid))) | |
95de817b | 423 | return 0; |
19957bb3 | 424 | |
e35e4d28 | 425 | return rdev_deauth(rdev, dev, &req); |
19957bb3 JB |
426 | } |
427 | ||
667503dd JB |
428 | int cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev, |
429 | struct net_device *dev, const u8 *bssid, | |
d5cdfacb JM |
430 | const u8 *ie, int ie_len, u16 reason, |
431 | bool local_state_change) | |
667503dd JB |
432 | { |
433 | struct wireless_dev *wdev = dev->ieee80211_ptr; | |
434 | int err; | |
435 | ||
436 | wdev_lock(wdev); | |
d5cdfacb JM |
437 | err = __cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason, |
438 | local_state_change); | |
667503dd JB |
439 | wdev_unlock(wdev); |
440 | ||
441 | return err; | |
442 | } | |
443 | ||
444 | static int __cfg80211_mlme_disassoc(struct cfg80211_registered_device *rdev, | |
445 | struct net_device *dev, const u8 *bssid, | |
d5cdfacb JM |
446 | const u8 *ie, int ie_len, u16 reason, |
447 | bool local_state_change) | |
19957bb3 JB |
448 | { |
449 | struct wireless_dev *wdev = dev->ieee80211_ptr; | |
7ade7036 JB |
450 | struct cfg80211_disassoc_request req = { |
451 | .reason_code = reason, | |
452 | .local_state_change = local_state_change, | |
453 | .ie = ie, | |
454 | .ie_len = ie_len, | |
455 | }; | |
19957bb3 | 456 | |
667503dd JB |
457 | ASSERT_WDEV_LOCK(wdev); |
458 | ||
f9d6b402 JB |
459 | if (wdev->sme_state != CFG80211_SME_CONNECTED) |
460 | return -ENOTCONN; | |
461 | ||
8dcf011a | 462 | if (WARN(!wdev->current_bss, "sme_state=%d\n", wdev->sme_state)) |
f9d6b402 JB |
463 | return -ENOTCONN; |
464 | ||
ac422d3c | 465 | if (ether_addr_equal(wdev->current_bss->pub.bssid, bssid)) |
19957bb3 JB |
466 | req.bss = &wdev->current_bss->pub; |
467 | else | |
468 | return -ENOTCONN; | |
469 | ||
e35e4d28 | 470 | return rdev_disassoc(rdev, dev, &req); |
667503dd JB |
471 | } |
472 | ||
473 | int cfg80211_mlme_disassoc(struct cfg80211_registered_device *rdev, | |
474 | struct net_device *dev, const u8 *bssid, | |
d5cdfacb JM |
475 | const u8 *ie, int ie_len, u16 reason, |
476 | bool local_state_change) | |
667503dd JB |
477 | { |
478 | struct wireless_dev *wdev = dev->ieee80211_ptr; | |
479 | int err; | |
480 | ||
481 | wdev_lock(wdev); | |
d5cdfacb JM |
482 | err = __cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason, |
483 | local_state_change); | |
667503dd JB |
484 | wdev_unlock(wdev); |
485 | ||
486 | return err; | |
19957bb3 JB |
487 | } |
488 | ||
489 | void cfg80211_mlme_down(struct cfg80211_registered_device *rdev, | |
490 | struct net_device *dev) | |
491 | { | |
492 | struct wireless_dev *wdev = dev->ieee80211_ptr; | |
95de817b | 493 | u8 bssid[ETH_ALEN]; |
7ade7036 JB |
494 | struct cfg80211_deauth_request req = { |
495 | .reason_code = WLAN_REASON_DEAUTH_LEAVING, | |
496 | .bssid = bssid, | |
497 | }; | |
19957bb3 | 498 | |
667503dd JB |
499 | ASSERT_WDEV_LOCK(wdev); |
500 | ||
19957bb3 JB |
501 | if (!rdev->ops->deauth) |
502 | return; | |
503 | ||
95de817b JB |
504 | if (!wdev->current_bss) |
505 | return; | |
19957bb3 | 506 | |
95de817b | 507 | memcpy(bssid, wdev->current_bss->pub.bssid, ETH_ALEN); |
e35e4d28 | 508 | rdev_deauth(rdev, dev, &req); |
95de817b JB |
509 | |
510 | if (wdev->current_bss) { | |
511 | cfg80211_unhold_bss(wdev->current_bss); | |
5b112d3d | 512 | cfg80211_put_bss(&rdev->wiphy, &wdev->current_bss->pub); |
95de817b | 513 | wdev->current_bss = NULL; |
19957bb3 JB |
514 | } |
515 | } | |
9588bbd5 | 516 | |
2e161f78 | 517 | struct cfg80211_mgmt_registration { |
026331c4 JM |
518 | struct list_head list; |
519 | ||
15e47304 | 520 | u32 nlportid; |
026331c4 JM |
521 | |
522 | int match_len; | |
523 | ||
2e161f78 JB |
524 | __le16 frame_type; |
525 | ||
026331c4 JM |
526 | u8 match[]; |
527 | }; | |
528 | ||
15e47304 | 529 | int cfg80211_mlme_register_mgmt(struct wireless_dev *wdev, u32 snd_portid, |
2e161f78 JB |
530 | u16 frame_type, const u8 *match_data, |
531 | int match_len) | |
026331c4 | 532 | { |
271733cf JB |
533 | struct wiphy *wiphy = wdev->wiphy; |
534 | struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); | |
2e161f78 | 535 | struct cfg80211_mgmt_registration *reg, *nreg; |
026331c4 | 536 | int err = 0; |
2e161f78 JB |
537 | u16 mgmt_type; |
538 | ||
539 | if (!wdev->wiphy->mgmt_stypes) | |
540 | return -EOPNOTSUPP; | |
541 | ||
542 | if ((frame_type & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT) | |
543 | return -EINVAL; | |
544 | ||
545 | if (frame_type & ~(IEEE80211_FCTL_FTYPE | IEEE80211_FCTL_STYPE)) | |
546 | return -EINVAL; | |
547 | ||
548 | mgmt_type = (frame_type & IEEE80211_FCTL_STYPE) >> 4; | |
549 | if (!(wdev->wiphy->mgmt_stypes[wdev->iftype].rx & BIT(mgmt_type))) | |
550 | return -EINVAL; | |
026331c4 JM |
551 | |
552 | nreg = kzalloc(sizeof(*reg) + match_len, GFP_KERNEL); | |
553 | if (!nreg) | |
554 | return -ENOMEM; | |
555 | ||
2e161f78 | 556 | spin_lock_bh(&wdev->mgmt_registrations_lock); |
026331c4 | 557 | |
2e161f78 | 558 | list_for_each_entry(reg, &wdev->mgmt_registrations, list) { |
026331c4 JM |
559 | int mlen = min(match_len, reg->match_len); |
560 | ||
2e161f78 JB |
561 | if (frame_type != le16_to_cpu(reg->frame_type)) |
562 | continue; | |
563 | ||
026331c4 JM |
564 | if (memcmp(reg->match, match_data, mlen) == 0) { |
565 | err = -EALREADY; | |
566 | break; | |
567 | } | |
568 | } | |
569 | ||
570 | if (err) { | |
571 | kfree(nreg); | |
572 | goto out; | |
573 | } | |
574 | ||
575 | memcpy(nreg->match, match_data, match_len); | |
576 | nreg->match_len = match_len; | |
15e47304 | 577 | nreg->nlportid = snd_portid; |
2e161f78 JB |
578 | nreg->frame_type = cpu_to_le16(frame_type); |
579 | list_add(&nreg->list, &wdev->mgmt_registrations); | |
026331c4 | 580 | |
271733cf | 581 | if (rdev->ops->mgmt_frame_register) |
e35e4d28 | 582 | rdev_mgmt_frame_register(rdev, wdev, frame_type, true); |
271733cf | 583 | |
026331c4 | 584 | out: |
2e161f78 | 585 | spin_unlock_bh(&wdev->mgmt_registrations_lock); |
271733cf | 586 | |
026331c4 JM |
587 | return err; |
588 | } | |
589 | ||
15e47304 | 590 | void cfg80211_mlme_unregister_socket(struct wireless_dev *wdev, u32 nlportid) |
026331c4 | 591 | { |
271733cf JB |
592 | struct wiphy *wiphy = wdev->wiphy; |
593 | struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); | |
2e161f78 | 594 | struct cfg80211_mgmt_registration *reg, *tmp; |
026331c4 | 595 | |
2e161f78 | 596 | spin_lock_bh(&wdev->mgmt_registrations_lock); |
026331c4 | 597 | |
2e161f78 | 598 | list_for_each_entry_safe(reg, tmp, &wdev->mgmt_registrations, list) { |
15e47304 | 599 | if (reg->nlportid != nlportid) |
271733cf JB |
600 | continue; |
601 | ||
602 | if (rdev->ops->mgmt_frame_register) { | |
603 | u16 frame_type = le16_to_cpu(reg->frame_type); | |
604 | ||
e35e4d28 HG |
605 | rdev_mgmt_frame_register(rdev, wdev, |
606 | frame_type, false); | |
026331c4 | 607 | } |
271733cf JB |
608 | |
609 | list_del(®->list); | |
610 | kfree(reg); | |
026331c4 JM |
611 | } |
612 | ||
2e161f78 | 613 | spin_unlock_bh(&wdev->mgmt_registrations_lock); |
28946da7 | 614 | |
5de17984 AS |
615 | if (nlportid && rdev->crit_proto_nlportid == nlportid) { |
616 | rdev->crit_proto_nlportid = 0; | |
617 | rdev_crit_proto_stop(rdev, wdev); | |
618 | } | |
619 | ||
15e47304 EB |
620 | if (nlportid == wdev->ap_unexpected_nlportid) |
621 | wdev->ap_unexpected_nlportid = 0; | |
026331c4 JM |
622 | } |
623 | ||
2e161f78 | 624 | void cfg80211_mlme_purge_registrations(struct wireless_dev *wdev) |
026331c4 | 625 | { |
2e161f78 | 626 | struct cfg80211_mgmt_registration *reg, *tmp; |
026331c4 | 627 | |
2e161f78 | 628 | spin_lock_bh(&wdev->mgmt_registrations_lock); |
026331c4 | 629 | |
2e161f78 | 630 | list_for_each_entry_safe(reg, tmp, &wdev->mgmt_registrations, list) { |
026331c4 JM |
631 | list_del(®->list); |
632 | kfree(reg); | |
633 | } | |
634 | ||
2e161f78 | 635 | spin_unlock_bh(&wdev->mgmt_registrations_lock); |
026331c4 JM |
636 | } |
637 | ||
2e161f78 | 638 | int cfg80211_mlme_mgmt_tx(struct cfg80211_registered_device *rdev, |
71bbc994 | 639 | struct wireless_dev *wdev, |
f7ca38df | 640 | struct ieee80211_channel *chan, bool offchan, |
42d97a59 JB |
641 | unsigned int wait, const u8 *buf, size_t len, |
642 | bool no_cck, bool dont_wait_for_ack, u64 *cookie) | |
026331c4 | 643 | { |
026331c4 | 644 | const struct ieee80211_mgmt *mgmt; |
2e161f78 JB |
645 | u16 stype; |
646 | ||
647 | if (!wdev->wiphy->mgmt_stypes) | |
648 | return -EOPNOTSUPP; | |
026331c4 | 649 | |
2e161f78 | 650 | if (!rdev->ops->mgmt_tx) |
026331c4 | 651 | return -EOPNOTSUPP; |
2e161f78 | 652 | |
026331c4 JM |
653 | if (len < 24 + 1) |
654 | return -EINVAL; | |
655 | ||
656 | mgmt = (const struct ieee80211_mgmt *) buf; | |
2e161f78 JB |
657 | |
658 | if (!ieee80211_is_mgmt(mgmt->frame_control)) | |
026331c4 | 659 | return -EINVAL; |
2e161f78 JB |
660 | |
661 | stype = le16_to_cpu(mgmt->frame_control) & IEEE80211_FCTL_STYPE; | |
662 | if (!(wdev->wiphy->mgmt_stypes[wdev->iftype].tx & BIT(stype >> 4))) | |
663 | return -EINVAL; | |
664 | ||
665 | if (ieee80211_is_action(mgmt->frame_control) && | |
666 | mgmt->u.action.category != WLAN_CATEGORY_PUBLIC) { | |
663fcafd JB |
667 | int err = 0; |
668 | ||
fe100acd JB |
669 | wdev_lock(wdev); |
670 | ||
663fcafd JB |
671 | switch (wdev->iftype) { |
672 | case NL80211_IFTYPE_ADHOC: | |
673 | case NL80211_IFTYPE_STATION: | |
674 | case NL80211_IFTYPE_P2P_CLIENT: | |
675 | if (!wdev->current_bss) { | |
676 | err = -ENOTCONN; | |
677 | break; | |
678 | } | |
679 | ||
ac422d3c JP |
680 | if (!ether_addr_equal(wdev->current_bss->pub.bssid, |
681 | mgmt->bssid)) { | |
663fcafd JB |
682 | err = -ENOTCONN; |
683 | break; | |
684 | } | |
685 | ||
686 | /* | |
687 | * check for IBSS DA must be done by driver as | |
688 | * cfg80211 doesn't track the stations | |
689 | */ | |
690 | if (wdev->iftype == NL80211_IFTYPE_ADHOC) | |
691 | break; | |
fe100acd | 692 | |
663fcafd | 693 | /* for station, check that DA is the AP */ |
ac422d3c JP |
694 | if (!ether_addr_equal(wdev->current_bss->pub.bssid, |
695 | mgmt->da)) { | |
663fcafd JB |
696 | err = -ENOTCONN; |
697 | break; | |
698 | } | |
699 | break; | |
700 | case NL80211_IFTYPE_AP: | |
701 | case NL80211_IFTYPE_P2P_GO: | |
702 | case NL80211_IFTYPE_AP_VLAN: | |
98104fde | 703 | if (!ether_addr_equal(mgmt->bssid, wdev_address(wdev))) |
663fcafd JB |
704 | err = -EINVAL; |
705 | break; | |
0778a6a3 | 706 | case NL80211_IFTYPE_MESH_POINT: |
ac422d3c | 707 | if (!ether_addr_equal(mgmt->sa, mgmt->bssid)) { |
0778a6a3 JC |
708 | err = -EINVAL; |
709 | break; | |
710 | } | |
711 | /* | |
712 | * check for mesh DA must be done by driver as | |
713 | * cfg80211 doesn't track the stations | |
714 | */ | |
715 | break; | |
98104fde JB |
716 | case NL80211_IFTYPE_P2P_DEVICE: |
717 | /* | |
718 | * fall through, P2P device only supports | |
719 | * public action frames | |
720 | */ | |
663fcafd JB |
721 | default: |
722 | err = -EOPNOTSUPP; | |
723 | break; | |
724 | } | |
fe100acd | 725 | wdev_unlock(wdev); |
663fcafd JB |
726 | |
727 | if (err) | |
728 | return err; | |
026331c4 JM |
729 | } |
730 | ||
98104fde | 731 | if (!ether_addr_equal(mgmt->sa, wdev_address(wdev))) |
026331c4 JM |
732 | return -EINVAL; |
733 | ||
734 | /* Transmit the Action frame as requested by user space */ | |
e35e4d28 | 735 | return rdev_mgmt_tx(rdev, wdev, chan, offchan, |
e35e4d28 HG |
736 | wait, buf, len, no_cck, dont_wait_for_ack, |
737 | cookie); | |
026331c4 JM |
738 | } |
739 | ||
71bbc994 | 740 | bool cfg80211_rx_mgmt(struct wireless_dev *wdev, int freq, int sig_mbm, |
804483e9 | 741 | const u8 *buf, size_t len, gfp_t gfp) |
026331c4 | 742 | { |
026331c4 JM |
743 | struct wiphy *wiphy = wdev->wiphy; |
744 | struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); | |
2e161f78 JB |
745 | struct cfg80211_mgmt_registration *reg; |
746 | const struct ieee80211_txrx_stypes *stypes = | |
747 | &wiphy->mgmt_stypes[wdev->iftype]; | |
748 | struct ieee80211_mgmt *mgmt = (void *)buf; | |
749 | const u8 *data; | |
750 | int data_len; | |
026331c4 | 751 | bool result = false; |
2e161f78 JB |
752 | __le16 ftype = mgmt->frame_control & |
753 | cpu_to_le16(IEEE80211_FCTL_FTYPE | IEEE80211_FCTL_STYPE); | |
754 | u16 stype; | |
026331c4 | 755 | |
4ee3e063 | 756 | trace_cfg80211_rx_mgmt(wdev, freq, sig_mbm); |
2e161f78 | 757 | stype = (le16_to_cpu(mgmt->frame_control) & IEEE80211_FCTL_STYPE) >> 4; |
026331c4 | 758 | |
4ee3e063 BL |
759 | if (!(stypes->rx & BIT(stype))) { |
760 | trace_cfg80211_return_bool(false); | |
2e161f78 | 761 | return false; |
4ee3e063 | 762 | } |
026331c4 | 763 | |
2e161f78 JB |
764 | data = buf + ieee80211_hdrlen(mgmt->frame_control); |
765 | data_len = len - ieee80211_hdrlen(mgmt->frame_control); | |
766 | ||
767 | spin_lock_bh(&wdev->mgmt_registrations_lock); | |
768 | ||
769 | list_for_each_entry(reg, &wdev->mgmt_registrations, list) { | |
770 | if (reg->frame_type != ftype) | |
771 | continue; | |
026331c4 | 772 | |
2e161f78 | 773 | if (reg->match_len > data_len) |
026331c4 JM |
774 | continue; |
775 | ||
2e161f78 | 776 | if (memcmp(reg->match, data, reg->match_len)) |
026331c4 JM |
777 | continue; |
778 | ||
779 | /* found match! */ | |
780 | ||
781 | /* Indicate the received Action frame to user space */ | |
15e47304 | 782 | if (nl80211_send_mgmt(rdev, wdev, reg->nlportid, |
804483e9 | 783 | freq, sig_mbm, |
2e161f78 | 784 | buf, len, gfp)) |
026331c4 JM |
785 | continue; |
786 | ||
787 | result = true; | |
788 | break; | |
789 | } | |
790 | ||
2e161f78 | 791 | spin_unlock_bh(&wdev->mgmt_registrations_lock); |
026331c4 | 792 | |
4ee3e063 | 793 | trace_cfg80211_return_bool(result); |
026331c4 JM |
794 | return result; |
795 | } | |
2e161f78 | 796 | EXPORT_SYMBOL(cfg80211_rx_mgmt); |
026331c4 | 797 | |
04f39047 SW |
798 | void cfg80211_dfs_channels_update_work(struct work_struct *work) |
799 | { | |
800 | struct delayed_work *delayed_work; | |
801 | struct cfg80211_registered_device *rdev; | |
802 | struct cfg80211_chan_def chandef; | |
803 | struct ieee80211_supported_band *sband; | |
804 | struct ieee80211_channel *c; | |
805 | struct wiphy *wiphy; | |
806 | bool check_again = false; | |
807 | unsigned long timeout, next_time = 0; | |
808 | int bandid, i; | |
809 | ||
810 | delayed_work = container_of(work, struct delayed_work, work); | |
811 | rdev = container_of(delayed_work, struct cfg80211_registered_device, | |
812 | dfs_update_channels_wk); | |
813 | wiphy = &rdev->wiphy; | |
814 | ||
5fe231e8 | 815 | rtnl_lock(); |
04f39047 SW |
816 | for (bandid = 0; bandid < IEEE80211_NUM_BANDS; bandid++) { |
817 | sband = wiphy->bands[bandid]; | |
818 | if (!sband) | |
819 | continue; | |
820 | ||
821 | for (i = 0; i < sband->n_channels; i++) { | |
822 | c = &sband->channels[i]; | |
823 | ||
824 | if (c->dfs_state != NL80211_DFS_UNAVAILABLE) | |
825 | continue; | |
826 | ||
827 | timeout = c->dfs_state_entered + | |
828 | IEEE80211_DFS_MIN_NOP_TIME_MS; | |
829 | ||
830 | if (time_after_eq(jiffies, timeout)) { | |
831 | c->dfs_state = NL80211_DFS_USABLE; | |
832 | cfg80211_chandef_create(&chandef, c, | |
833 | NL80211_CHAN_NO_HT); | |
834 | ||
835 | nl80211_radar_notify(rdev, &chandef, | |
836 | NL80211_RADAR_NOP_FINISHED, | |
837 | NULL, GFP_ATOMIC); | |
838 | continue; | |
839 | } | |
840 | ||
841 | if (!check_again) | |
842 | next_time = timeout - jiffies; | |
843 | else | |
844 | next_time = min(next_time, timeout - jiffies); | |
845 | check_again = true; | |
846 | } | |
847 | } | |
5fe231e8 | 848 | rtnl_unlock(); |
04f39047 SW |
849 | |
850 | /* reschedule if there are other channels waiting to be cleared again */ | |
851 | if (check_again) | |
852 | queue_delayed_work(cfg80211_wq, &rdev->dfs_update_channels_wk, | |
853 | next_time); | |
854 | } | |
855 | ||
856 | ||
857 | void cfg80211_radar_event(struct wiphy *wiphy, | |
858 | struct cfg80211_chan_def *chandef, | |
859 | gfp_t gfp) | |
860 | { | |
861 | struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); | |
862 | unsigned long timeout; | |
863 | ||
864 | trace_cfg80211_radar_event(wiphy, chandef); | |
865 | ||
866 | /* only set the chandef supplied channel to unavailable, in | |
867 | * case the radar is detected on only one of multiple channels | |
868 | * spanned by the chandef. | |
869 | */ | |
870 | cfg80211_set_dfs_state(wiphy, chandef, NL80211_DFS_UNAVAILABLE); | |
871 | ||
872 | timeout = msecs_to_jiffies(IEEE80211_DFS_MIN_NOP_TIME_MS); | |
873 | queue_delayed_work(cfg80211_wq, &rdev->dfs_update_channels_wk, | |
874 | timeout); | |
875 | ||
876 | nl80211_radar_notify(rdev, chandef, NL80211_RADAR_DETECTED, NULL, gfp); | |
877 | } | |
878 | EXPORT_SYMBOL(cfg80211_radar_event); | |
879 | ||
880 | void cfg80211_cac_event(struct net_device *netdev, | |
881 | enum nl80211_radar_event event, gfp_t gfp) | |
882 | { | |
883 | struct wireless_dev *wdev = netdev->ieee80211_ptr; | |
884 | struct wiphy *wiphy = wdev->wiphy; | |
885 | struct cfg80211_registered_device *rdev = wiphy_to_dev(wiphy); | |
886 | struct cfg80211_chan_def chandef; | |
887 | unsigned long timeout; | |
888 | ||
889 | trace_cfg80211_cac_event(netdev, event); | |
890 | ||
891 | if (WARN_ON(!wdev->cac_started)) | |
892 | return; | |
893 | ||
894 | if (WARN_ON(!wdev->channel)) | |
895 | return; | |
896 | ||
897 | cfg80211_chandef_create(&chandef, wdev->channel, NL80211_CHAN_NO_HT); | |
898 | ||
899 | switch (event) { | |
900 | case NL80211_RADAR_CAC_FINISHED: | |
901 | timeout = wdev->cac_start_time + | |
902 | msecs_to_jiffies(IEEE80211_DFS_MIN_CAC_TIME_MS); | |
903 | WARN_ON(!time_after_eq(jiffies, timeout)); | |
904 | cfg80211_set_dfs_state(wiphy, &chandef, NL80211_DFS_AVAILABLE); | |
905 | break; | |
906 | case NL80211_RADAR_CAC_ABORTED: | |
907 | break; | |
908 | default: | |
909 | WARN_ON(1); | |
910 | return; | |
911 | } | |
912 | wdev->cac_started = false; | |
913 | ||
914 | nl80211_radar_notify(rdev, &chandef, event, netdev, gfp); | |
915 | } | |
916 | EXPORT_SYMBOL(cfg80211_cac_event); |