2 * This is the new netlink-based wireless configuration interface.
4 * Copyright 2006-2010 Johannes Berg <johannes@sipsolutions.net>
5 * Copyright 2013-2014 Intel Mobile Communications GmbH
6 * Copyright 2015-2017 Intel Deutschland GmbH
7 * Copyright (C) 2018 Intel Corporation
11 #include <linux/module.h>
12 #include <linux/err.h>
13 #include <linux/slab.h>
14 #include <linux/list.h>
15 #include <linux/if_ether.h>
16 #include <linux/ieee80211.h>
17 #include <linux/nl80211.h>
18 #include <linux/rtnetlink.h>
19 #include <linux/netlink.h>
20 #include <linux/nospec.h>
21 #include <linux/etherdevice.h>
22 #include <net/net_namespace.h>
23 #include <net/genetlink.h>
24 #include <net/cfg80211.h>
26 #include <net/inet_connection_sock.h>
32 static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev,
33 struct genl_info *info,
34 struct cfg80211_crypto_settings *settings,
37 /* the netlink family */
38 static struct genl_family nl80211_fam;
40 /* multicast groups */
41 enum nl80211_multicast_groups {
44 NL80211_MCGRP_REGULATORY,
48 NL80211_MCGRP_TESTMODE /* keep last - ifdef! */
51 static const struct genl_multicast_group nl80211_mcgrps[] = {
52 [NL80211_MCGRP_CONFIG] = { .name = NL80211_MULTICAST_GROUP_CONFIG },
53 [NL80211_MCGRP_SCAN] = { .name = NL80211_MULTICAST_GROUP_SCAN },
54 [NL80211_MCGRP_REGULATORY] = { .name = NL80211_MULTICAST_GROUP_REG },
55 [NL80211_MCGRP_MLME] = { .name = NL80211_MULTICAST_GROUP_MLME },
56 [NL80211_MCGRP_VENDOR] = { .name = NL80211_MULTICAST_GROUP_VENDOR },
57 [NL80211_MCGRP_NAN] = { .name = NL80211_MULTICAST_GROUP_NAN },
58 #ifdef CONFIG_NL80211_TESTMODE
59 [NL80211_MCGRP_TESTMODE] = { .name = NL80211_MULTICAST_GROUP_TESTMODE }
63 /* returns ERR_PTR values */
64 static struct wireless_dev *
65 __cfg80211_wdev_from_attrs(struct net *netns, struct nlattr **attrs)
67 struct cfg80211_registered_device *rdev;
68 struct wireless_dev *result = NULL;
69 bool have_ifidx = attrs[NL80211_ATTR_IFINDEX];
70 bool have_wdev_id = attrs[NL80211_ATTR_WDEV];
77 if (!have_ifidx && !have_wdev_id)
78 return ERR_PTR(-EINVAL);
81 ifidx = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]);
83 wdev_id = nla_get_u64(attrs[NL80211_ATTR_WDEV]);
84 wiphy_idx = wdev_id >> 32;
87 list_for_each_entry(rdev, &cfg80211_rdev_list, list) {
88 struct wireless_dev *wdev;
90 if (wiphy_net(&rdev->wiphy) != netns)
93 if (have_wdev_id && rdev->wiphy_idx != wiphy_idx)
96 list_for_each_entry(wdev, &rdev->wiphy.wdev_list, list) {
97 if (have_ifidx && wdev->netdev &&
98 wdev->netdev->ifindex == ifidx) {
102 if (have_wdev_id && wdev->identifier == (u32)wdev_id) {
114 return ERR_PTR(-ENODEV);
117 static struct cfg80211_registered_device *
118 __cfg80211_rdev_from_attrs(struct net *netns, struct nlattr **attrs)
120 struct cfg80211_registered_device *rdev = NULL, *tmp;
121 struct net_device *netdev;
125 if (!attrs[NL80211_ATTR_WIPHY] &&
126 !attrs[NL80211_ATTR_IFINDEX] &&
127 !attrs[NL80211_ATTR_WDEV])
128 return ERR_PTR(-EINVAL);
130 if (attrs[NL80211_ATTR_WIPHY])
131 rdev = cfg80211_rdev_by_wiphy_idx(
132 nla_get_u32(attrs[NL80211_ATTR_WIPHY]));
134 if (attrs[NL80211_ATTR_WDEV]) {
135 u64 wdev_id = nla_get_u64(attrs[NL80211_ATTR_WDEV]);
136 struct wireless_dev *wdev;
139 tmp = cfg80211_rdev_by_wiphy_idx(wdev_id >> 32);
141 /* make sure wdev exists */
142 list_for_each_entry(wdev, &tmp->wiphy.wdev_list, list) {
143 if (wdev->identifier != (u32)wdev_id)
152 if (rdev && tmp != rdev)
153 return ERR_PTR(-EINVAL);
158 if (attrs[NL80211_ATTR_IFINDEX]) {
159 int ifindex = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]);
161 netdev = __dev_get_by_index(netns, ifindex);
163 if (netdev->ieee80211_ptr)
165 netdev->ieee80211_ptr->wiphy);
169 /* not wireless device -- return error */
171 return ERR_PTR(-EINVAL);
173 /* mismatch -- return error */
174 if (rdev && tmp != rdev)
175 return ERR_PTR(-EINVAL);
182 return ERR_PTR(-ENODEV);
184 if (netns != wiphy_net(&rdev->wiphy))
185 return ERR_PTR(-ENODEV);
191 * This function returns a pointer to the driver
192 * that the genl_info item that is passed refers to.
194 * The result of this can be a PTR_ERR and hence must
195 * be checked with IS_ERR() for errors.
197 static struct cfg80211_registered_device *
198 cfg80211_get_dev_from_info(struct net *netns, struct genl_info *info)
200 return __cfg80211_rdev_from_attrs(netns, info->attrs);
203 static int validate_ie_attr(const struct nlattr *attr,
204 struct netlink_ext_ack *extack)
209 pos = nla_data(attr);
229 NL_SET_ERR_MSG_ATTR(extack, attr, "malformed information elements");
233 /* policy for the attributes */
234 static const struct nla_policy
235 nl80211_ftm_responder_policy[NL80211_FTM_RESP_ATTR_MAX + 1] = {
236 [NL80211_FTM_RESP_ATTR_ENABLED] = { .type = NLA_FLAG, },
237 [NL80211_FTM_RESP_ATTR_LCI] = { .type = NLA_BINARY,
239 [NL80211_FTM_RESP_ATTR_CIVICLOC] = { .type = NLA_BINARY,
243 static const struct nla_policy
244 nl80211_pmsr_ftm_req_attr_policy[NL80211_PMSR_FTM_REQ_ATTR_MAX + 1] = {
245 [NL80211_PMSR_FTM_REQ_ATTR_ASAP] = { .type = NLA_FLAG },
246 [NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE] = { .type = NLA_U32 },
247 [NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP] =
248 NLA_POLICY_MAX(NLA_U8, 15),
249 [NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD] = { .type = NLA_U16 },
250 [NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION] =
251 NLA_POLICY_MAX(NLA_U8, 15),
252 [NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST] =
253 NLA_POLICY_MAX(NLA_U8, 15),
254 [NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES] = { .type = NLA_U8 },
255 [NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI] = { .type = NLA_FLAG },
256 [NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC] = { .type = NLA_FLAG },
259 static const struct nla_policy
260 nl80211_pmsr_req_data_policy[NL80211_PMSR_TYPE_MAX + 1] = {
261 [NL80211_PMSR_TYPE_FTM] =
262 NLA_POLICY_NESTED(NL80211_PMSR_FTM_REQ_ATTR_MAX,
263 nl80211_pmsr_ftm_req_attr_policy),
266 static const struct nla_policy
267 nl80211_pmsr_req_attr_policy[NL80211_PMSR_REQ_ATTR_MAX + 1] = {
268 [NL80211_PMSR_REQ_ATTR_DATA] =
269 NLA_POLICY_NESTED(NL80211_PMSR_TYPE_MAX,
270 nl80211_pmsr_req_data_policy),
271 [NL80211_PMSR_REQ_ATTR_GET_AP_TSF] = { .type = NLA_FLAG },
274 static const struct nla_policy
275 nl80211_psmr_peer_attr_policy[NL80211_PMSR_PEER_ATTR_MAX + 1] = {
276 [NL80211_PMSR_PEER_ATTR_ADDR] = NLA_POLICY_ETH_ADDR,
278 * we could specify this again to be the top-level policy,
279 * but that would open us up to recursion problems ...
281 [NL80211_PMSR_PEER_ATTR_CHAN] = { .type = NLA_NESTED },
282 [NL80211_PMSR_PEER_ATTR_REQ] =
283 NLA_POLICY_NESTED(NL80211_PMSR_REQ_ATTR_MAX,
284 nl80211_pmsr_req_attr_policy),
285 [NL80211_PMSR_PEER_ATTR_RESP] = { .type = NLA_REJECT },
288 static const struct nla_policy
289 nl80211_pmsr_attr_policy[NL80211_PMSR_ATTR_MAX + 1] = {
290 [NL80211_PMSR_ATTR_MAX_PEERS] = { .type = NLA_REJECT },
291 [NL80211_PMSR_ATTR_REPORT_AP_TSF] = { .type = NLA_REJECT },
292 [NL80211_PMSR_ATTR_RANDOMIZE_MAC_ADDR] = { .type = NLA_REJECT },
293 [NL80211_PMSR_ATTR_TYPE_CAPA] = { .type = NLA_REJECT },
294 [NL80211_PMSR_ATTR_PEERS] =
295 NLA_POLICY_NESTED_ARRAY(NL80211_PMSR_PEER_ATTR_MAX,
296 nl80211_psmr_peer_attr_policy),
299 const struct nla_policy nl80211_policy[NUM_NL80211_ATTR] = {
300 [NL80211_ATTR_WIPHY] = { .type = NLA_U32 },
301 [NL80211_ATTR_WIPHY_NAME] = { .type = NLA_NUL_STRING,
303 [NL80211_ATTR_WIPHY_TXQ_PARAMS] = { .type = NLA_NESTED },
305 [NL80211_ATTR_WIPHY_FREQ] = { .type = NLA_U32 },
306 [NL80211_ATTR_WIPHY_CHANNEL_TYPE] = { .type = NLA_U32 },
307 [NL80211_ATTR_CHANNEL_WIDTH] = { .type = NLA_U32 },
308 [NL80211_ATTR_CENTER_FREQ1] = { .type = NLA_U32 },
309 [NL80211_ATTR_CENTER_FREQ2] = { .type = NLA_U32 },
311 [NL80211_ATTR_WIPHY_RETRY_SHORT] = NLA_POLICY_MIN(NLA_U8, 1),
312 [NL80211_ATTR_WIPHY_RETRY_LONG] = NLA_POLICY_MIN(NLA_U8, 1),
313 [NL80211_ATTR_WIPHY_FRAG_THRESHOLD] = { .type = NLA_U32 },
314 [NL80211_ATTR_WIPHY_RTS_THRESHOLD] = { .type = NLA_U32 },
315 [NL80211_ATTR_WIPHY_COVERAGE_CLASS] = { .type = NLA_U8 },
316 [NL80211_ATTR_WIPHY_DYN_ACK] = { .type = NLA_FLAG },
318 [NL80211_ATTR_IFTYPE] = NLA_POLICY_MAX(NLA_U32, NL80211_IFTYPE_MAX),
319 [NL80211_ATTR_IFINDEX] = { .type = NLA_U32 },
320 [NL80211_ATTR_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ-1 },
322 [NL80211_ATTR_MAC] = { .len = ETH_ALEN },
323 [NL80211_ATTR_PREV_BSSID] = { .len = ETH_ALEN },
325 [NL80211_ATTR_KEY] = { .type = NLA_NESTED, },
326 [NL80211_ATTR_KEY_DATA] = { .type = NLA_BINARY,
327 .len = WLAN_MAX_KEY_LEN },
328 [NL80211_ATTR_KEY_IDX] = NLA_POLICY_MAX(NLA_U8, 5),
329 [NL80211_ATTR_KEY_CIPHER] = { .type = NLA_U32 },
330 [NL80211_ATTR_KEY_DEFAULT] = { .type = NLA_FLAG },
331 [NL80211_ATTR_KEY_SEQ] = { .type = NLA_BINARY, .len = 16 },
332 [NL80211_ATTR_KEY_TYPE] =
333 NLA_POLICY_MAX(NLA_U32, NUM_NL80211_KEYTYPES),
335 [NL80211_ATTR_BEACON_INTERVAL] = { .type = NLA_U32 },
336 [NL80211_ATTR_DTIM_PERIOD] = { .type = NLA_U32 },
337 [NL80211_ATTR_BEACON_HEAD] = { .type = NLA_BINARY,
338 .len = IEEE80211_MAX_DATA_LEN },
339 [NL80211_ATTR_BEACON_TAIL] =
340 NLA_POLICY_VALIDATE_FN(NLA_BINARY, validate_ie_attr,
341 IEEE80211_MAX_DATA_LEN),
342 [NL80211_ATTR_STA_AID] =
343 NLA_POLICY_RANGE(NLA_U16, 1, IEEE80211_MAX_AID),
344 [NL80211_ATTR_STA_FLAGS] = { .type = NLA_NESTED },
345 [NL80211_ATTR_STA_LISTEN_INTERVAL] = { .type = NLA_U16 },
346 [NL80211_ATTR_STA_SUPPORTED_RATES] = { .type = NLA_BINARY,
347 .len = NL80211_MAX_SUPP_RATES },
348 [NL80211_ATTR_STA_PLINK_ACTION] =
349 NLA_POLICY_MAX(NLA_U8, NUM_NL80211_PLINK_ACTIONS - 1),
350 [NL80211_ATTR_STA_VLAN] = { .type = NLA_U32 },
351 [NL80211_ATTR_MNTR_FLAGS] = { /* NLA_NESTED can't be empty */ },
352 [NL80211_ATTR_MESH_ID] = { .type = NLA_BINARY,
353 .len = IEEE80211_MAX_MESH_ID_LEN },
354 [NL80211_ATTR_MPATH_NEXT_HOP] = { .type = NLA_U32 },
356 [NL80211_ATTR_REG_ALPHA2] = { .type = NLA_STRING, .len = 2 },
357 [NL80211_ATTR_REG_RULES] = { .type = NLA_NESTED },
359 [NL80211_ATTR_BSS_CTS_PROT] = { .type = NLA_U8 },
360 [NL80211_ATTR_BSS_SHORT_PREAMBLE] = { .type = NLA_U8 },
361 [NL80211_ATTR_BSS_SHORT_SLOT_TIME] = { .type = NLA_U8 },
362 [NL80211_ATTR_BSS_BASIC_RATES] = { .type = NLA_BINARY,
363 .len = NL80211_MAX_SUPP_RATES },
364 [NL80211_ATTR_BSS_HT_OPMODE] = { .type = NLA_U16 },
366 [NL80211_ATTR_MESH_CONFIG] = { .type = NLA_NESTED },
367 [NL80211_ATTR_SUPPORT_MESH_AUTH] = { .type = NLA_FLAG },
369 [NL80211_ATTR_HT_CAPABILITY] = { .len = NL80211_HT_CAPABILITY_LEN },
371 [NL80211_ATTR_MGMT_SUBTYPE] = { .type = NLA_U8 },
372 [NL80211_ATTR_IE] = NLA_POLICY_VALIDATE_FN(NLA_BINARY,
374 IEEE80211_MAX_DATA_LEN),
375 [NL80211_ATTR_SCAN_FREQUENCIES] = { .type = NLA_NESTED },
376 [NL80211_ATTR_SCAN_SSIDS] = { .type = NLA_NESTED },
378 [NL80211_ATTR_SSID] = { .type = NLA_BINARY,
379 .len = IEEE80211_MAX_SSID_LEN },
380 [NL80211_ATTR_AUTH_TYPE] = { .type = NLA_U32 },
381 [NL80211_ATTR_REASON_CODE] = { .type = NLA_U16 },
382 [NL80211_ATTR_FREQ_FIXED] = { .type = NLA_FLAG },
383 [NL80211_ATTR_TIMED_OUT] = { .type = NLA_FLAG },
384 [NL80211_ATTR_USE_MFP] = NLA_POLICY_RANGE(NLA_U32,
386 NL80211_MFP_OPTIONAL),
387 [NL80211_ATTR_STA_FLAGS2] = {
388 .len = sizeof(struct nl80211_sta_flag_update),
390 [NL80211_ATTR_CONTROL_PORT] = { .type = NLA_FLAG },
391 [NL80211_ATTR_CONTROL_PORT_ETHERTYPE] = { .type = NLA_U16 },
392 [NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT] = { .type = NLA_FLAG },
393 [NL80211_ATTR_CONTROL_PORT_OVER_NL80211] = { .type = NLA_FLAG },
394 [NL80211_ATTR_PRIVACY] = { .type = NLA_FLAG },
395 [NL80211_ATTR_CIPHER_SUITE_GROUP] = { .type = NLA_U32 },
396 [NL80211_ATTR_WPA_VERSIONS] = { .type = NLA_U32 },
397 [NL80211_ATTR_PID] = { .type = NLA_U32 },
398 [NL80211_ATTR_4ADDR] = { .type = NLA_U8 },
399 [NL80211_ATTR_PMKID] = { .len = WLAN_PMKID_LEN },
400 [NL80211_ATTR_DURATION] = { .type = NLA_U32 },
401 [NL80211_ATTR_COOKIE] = { .type = NLA_U64 },
402 [NL80211_ATTR_TX_RATES] = { .type = NLA_NESTED },
403 [NL80211_ATTR_FRAME] = { .type = NLA_BINARY,
404 .len = IEEE80211_MAX_DATA_LEN },
405 [NL80211_ATTR_FRAME_MATCH] = { .type = NLA_BINARY, },
406 [NL80211_ATTR_PS_STATE] = NLA_POLICY_RANGE(NLA_U32,
409 [NL80211_ATTR_CQM] = { .type = NLA_NESTED, },
410 [NL80211_ATTR_LOCAL_STATE_CHANGE] = { .type = NLA_FLAG },
411 [NL80211_ATTR_AP_ISOLATE] = { .type = NLA_U8 },
412 [NL80211_ATTR_WIPHY_TX_POWER_SETTING] = { .type = NLA_U32 },
413 [NL80211_ATTR_WIPHY_TX_POWER_LEVEL] = { .type = NLA_U32 },
414 [NL80211_ATTR_FRAME_TYPE] = { .type = NLA_U16 },
415 [NL80211_ATTR_WIPHY_ANTENNA_TX] = { .type = NLA_U32 },
416 [NL80211_ATTR_WIPHY_ANTENNA_RX] = { .type = NLA_U32 },
417 [NL80211_ATTR_MCAST_RATE] = { .type = NLA_U32 },
418 [NL80211_ATTR_OFFCHANNEL_TX_OK] = { .type = NLA_FLAG },
419 [NL80211_ATTR_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED },
420 [NL80211_ATTR_WOWLAN_TRIGGERS] = { .type = NLA_NESTED },
421 [NL80211_ATTR_STA_PLINK_STATE] =
422 NLA_POLICY_MAX(NLA_U8, NUM_NL80211_PLINK_STATES - 1),
423 [NL80211_ATTR_MESH_PEER_AID] =
424 NLA_POLICY_RANGE(NLA_U16, 1, IEEE80211_MAX_AID),
425 [NL80211_ATTR_SCHED_SCAN_INTERVAL] = { .type = NLA_U32 },
426 [NL80211_ATTR_REKEY_DATA] = { .type = NLA_NESTED },
427 [NL80211_ATTR_SCAN_SUPP_RATES] = { .type = NLA_NESTED },
428 [NL80211_ATTR_HIDDEN_SSID] =
429 NLA_POLICY_RANGE(NLA_U32,
430 NL80211_HIDDEN_SSID_NOT_IN_USE,
431 NL80211_HIDDEN_SSID_ZERO_CONTENTS),
432 [NL80211_ATTR_IE_PROBE_RESP] =
433 NLA_POLICY_VALIDATE_FN(NLA_BINARY, validate_ie_attr,
434 IEEE80211_MAX_DATA_LEN),
435 [NL80211_ATTR_IE_ASSOC_RESP] =
436 NLA_POLICY_VALIDATE_FN(NLA_BINARY, validate_ie_attr,
437 IEEE80211_MAX_DATA_LEN),
438 [NL80211_ATTR_ROAM_SUPPORT] = { .type = NLA_FLAG },
439 [NL80211_ATTR_SCHED_SCAN_MATCH] = { .type = NLA_NESTED },
440 [NL80211_ATTR_TX_NO_CCK_RATE] = { .type = NLA_FLAG },
441 [NL80211_ATTR_TDLS_ACTION] = { .type = NLA_U8 },
442 [NL80211_ATTR_TDLS_DIALOG_TOKEN] = { .type = NLA_U8 },
443 [NL80211_ATTR_TDLS_OPERATION] = { .type = NLA_U8 },
444 [NL80211_ATTR_TDLS_SUPPORT] = { .type = NLA_FLAG },
445 [NL80211_ATTR_TDLS_EXTERNAL_SETUP] = { .type = NLA_FLAG },
446 [NL80211_ATTR_TDLS_INITIATOR] = { .type = NLA_FLAG },
447 [NL80211_ATTR_DONT_WAIT_FOR_ACK] = { .type = NLA_FLAG },
448 [NL80211_ATTR_PROBE_RESP] = { .type = NLA_BINARY,
449 .len = IEEE80211_MAX_DATA_LEN },
450 [NL80211_ATTR_DFS_REGION] = { .type = NLA_U8 },
451 [NL80211_ATTR_DISABLE_HT] = { .type = NLA_FLAG },
452 [NL80211_ATTR_HT_CAPABILITY_MASK] = {
453 .len = NL80211_HT_CAPABILITY_LEN
455 [NL80211_ATTR_NOACK_MAP] = { .type = NLA_U16 },
456 [NL80211_ATTR_INACTIVITY_TIMEOUT] = { .type = NLA_U16 },
457 [NL80211_ATTR_BG_SCAN_PERIOD] = { .type = NLA_U16 },
458 [NL80211_ATTR_WDEV] = { .type = NLA_U64 },
459 [NL80211_ATTR_USER_REG_HINT_TYPE] = { .type = NLA_U32 },
460 [NL80211_ATTR_AUTH_DATA] = { .type = NLA_BINARY, },
461 [NL80211_ATTR_VHT_CAPABILITY] = { .len = NL80211_VHT_CAPABILITY_LEN },
462 [NL80211_ATTR_SCAN_FLAGS] = { .type = NLA_U32 },
463 [NL80211_ATTR_P2P_CTWINDOW] = NLA_POLICY_MAX(NLA_U8, 127),
464 [NL80211_ATTR_P2P_OPPPS] = NLA_POLICY_MAX(NLA_U8, 1),
465 [NL80211_ATTR_LOCAL_MESH_POWER_MODE] =
466 NLA_POLICY_RANGE(NLA_U32,
467 NL80211_MESH_POWER_UNKNOWN + 1,
468 NL80211_MESH_POWER_MAX),
469 [NL80211_ATTR_ACL_POLICY] = {. type = NLA_U32 },
470 [NL80211_ATTR_MAC_ADDRS] = { .type = NLA_NESTED },
471 [NL80211_ATTR_STA_CAPABILITY] = { .type = NLA_U16 },
472 [NL80211_ATTR_STA_EXT_CAPABILITY] = { .type = NLA_BINARY, },
473 [NL80211_ATTR_SPLIT_WIPHY_DUMP] = { .type = NLA_FLAG, },
474 [NL80211_ATTR_DISABLE_VHT] = { .type = NLA_FLAG },
475 [NL80211_ATTR_VHT_CAPABILITY_MASK] = {
476 .len = NL80211_VHT_CAPABILITY_LEN,
478 [NL80211_ATTR_MDID] = { .type = NLA_U16 },
479 [NL80211_ATTR_IE_RIC] = { .type = NLA_BINARY,
480 .len = IEEE80211_MAX_DATA_LEN },
481 [NL80211_ATTR_PEER_AID] =
482 NLA_POLICY_RANGE(NLA_U16, 1, IEEE80211_MAX_AID),
483 [NL80211_ATTR_CH_SWITCH_COUNT] = { .type = NLA_U32 },
484 [NL80211_ATTR_CH_SWITCH_BLOCK_TX] = { .type = NLA_FLAG },
485 [NL80211_ATTR_CSA_IES] = { .type = NLA_NESTED },
486 [NL80211_ATTR_CSA_C_OFF_BEACON] = { .type = NLA_BINARY },
487 [NL80211_ATTR_CSA_C_OFF_PRESP] = { .type = NLA_BINARY },
488 [NL80211_ATTR_STA_SUPPORTED_CHANNELS] = { .type = NLA_BINARY },
489 [NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES] = { .type = NLA_BINARY },
490 [NL80211_ATTR_HANDLE_DFS] = { .type = NLA_FLAG },
491 [NL80211_ATTR_OPMODE_NOTIF] = { .type = NLA_U8 },
492 [NL80211_ATTR_VENDOR_ID] = { .type = NLA_U32 },
493 [NL80211_ATTR_VENDOR_SUBCMD] = { .type = NLA_U32 },
494 [NL80211_ATTR_VENDOR_DATA] = { .type = NLA_BINARY },
495 [NL80211_ATTR_QOS_MAP] = { .type = NLA_BINARY,
496 .len = IEEE80211_QOS_MAP_LEN_MAX },
497 [NL80211_ATTR_MAC_HINT] = { .len = ETH_ALEN },
498 [NL80211_ATTR_WIPHY_FREQ_HINT] = { .type = NLA_U32 },
499 [NL80211_ATTR_TDLS_PEER_CAPABILITY] = { .type = NLA_U32 },
500 [NL80211_ATTR_SOCKET_OWNER] = { .type = NLA_FLAG },
501 [NL80211_ATTR_CSA_C_OFFSETS_TX] = { .type = NLA_BINARY },
502 [NL80211_ATTR_USE_RRM] = { .type = NLA_FLAG },
503 [NL80211_ATTR_TSID] = NLA_POLICY_MAX(NLA_U8, IEEE80211_NUM_TIDS - 1),
504 [NL80211_ATTR_USER_PRIO] =
505 NLA_POLICY_MAX(NLA_U8, IEEE80211_NUM_UPS - 1),
506 [NL80211_ATTR_ADMITTED_TIME] = { .type = NLA_U16 },
507 [NL80211_ATTR_SMPS_MODE] = { .type = NLA_U8 },
508 [NL80211_ATTR_MAC_MASK] = { .len = ETH_ALEN },
509 [NL80211_ATTR_WIPHY_SELF_MANAGED_REG] = { .type = NLA_FLAG },
510 [NL80211_ATTR_NETNS_FD] = { .type = NLA_U32 },
511 [NL80211_ATTR_SCHED_SCAN_DELAY] = { .type = NLA_U32 },
512 [NL80211_ATTR_REG_INDOOR] = { .type = NLA_FLAG },
513 [NL80211_ATTR_PBSS] = { .type = NLA_FLAG },
514 [NL80211_ATTR_BSS_SELECT] = { .type = NLA_NESTED },
515 [NL80211_ATTR_STA_SUPPORT_P2P_PS] =
516 NLA_POLICY_MAX(NLA_U8, NUM_NL80211_P2P_PS_STATUS - 1),
517 [NL80211_ATTR_MU_MIMO_GROUP_DATA] = {
518 .len = VHT_MUMIMO_GROUPS_DATA_LEN
520 [NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR] = { .len = ETH_ALEN },
521 [NL80211_ATTR_NAN_MASTER_PREF] = NLA_POLICY_MIN(NLA_U8, 1),
522 [NL80211_ATTR_BANDS] = { .type = NLA_U32 },
523 [NL80211_ATTR_NAN_FUNC] = { .type = NLA_NESTED },
524 [NL80211_ATTR_FILS_KEK] = { .type = NLA_BINARY,
525 .len = FILS_MAX_KEK_LEN },
526 [NL80211_ATTR_FILS_NONCES] = { .len = 2 * FILS_NONCE_LEN },
527 [NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED] = { .type = NLA_FLAG, },
528 [NL80211_ATTR_BSSID] = { .len = ETH_ALEN },
529 [NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI] = { .type = NLA_S8 },
530 [NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST] = {
531 .len = sizeof(struct nl80211_bss_select_rssi_adjust)
533 [NL80211_ATTR_TIMEOUT_REASON] = { .type = NLA_U32 },
534 [NL80211_ATTR_FILS_ERP_USERNAME] = { .type = NLA_BINARY,
535 .len = FILS_ERP_MAX_USERNAME_LEN },
536 [NL80211_ATTR_FILS_ERP_REALM] = { .type = NLA_BINARY,
537 .len = FILS_ERP_MAX_REALM_LEN },
538 [NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM] = { .type = NLA_U16 },
539 [NL80211_ATTR_FILS_ERP_RRK] = { .type = NLA_BINARY,
540 .len = FILS_ERP_MAX_RRK_LEN },
541 [NL80211_ATTR_FILS_CACHE_ID] = { .len = 2 },
542 [NL80211_ATTR_PMK] = { .type = NLA_BINARY, .len = PMK_MAX_LEN },
543 [NL80211_ATTR_SCHED_SCAN_MULTI] = { .type = NLA_FLAG },
544 [NL80211_ATTR_EXTERNAL_AUTH_SUPPORT] = { .type = NLA_FLAG },
546 [NL80211_ATTR_TXQ_LIMIT] = { .type = NLA_U32 },
547 [NL80211_ATTR_TXQ_MEMORY_LIMIT] = { .type = NLA_U32 },
548 [NL80211_ATTR_TXQ_QUANTUM] = { .type = NLA_U32 },
549 [NL80211_ATTR_HE_CAPABILITY] = { .type = NLA_BINARY,
550 .len = NL80211_HE_MAX_CAPABILITY_LEN },
552 [NL80211_ATTR_FTM_RESPONDER] = {
554 .validation_data = nl80211_ftm_responder_policy,
556 [NL80211_ATTR_TIMEOUT] = NLA_POLICY_MIN(NLA_U32, 1),
557 [NL80211_ATTR_PEER_MEASUREMENTS] =
558 NLA_POLICY_NESTED(NL80211_PMSR_FTM_REQ_ATTR_MAX,
559 nl80211_pmsr_attr_policy),
562 /* policy for the key attributes */
563 static const struct nla_policy nl80211_key_policy[NL80211_KEY_MAX + 1] = {
564 [NL80211_KEY_DATA] = { .type = NLA_BINARY, .len = WLAN_MAX_KEY_LEN },
565 [NL80211_KEY_IDX] = { .type = NLA_U8 },
566 [NL80211_KEY_CIPHER] = { .type = NLA_U32 },
567 [NL80211_KEY_SEQ] = { .type = NLA_BINARY, .len = 16 },
568 [NL80211_KEY_DEFAULT] = { .type = NLA_FLAG },
569 [NL80211_KEY_DEFAULT_MGMT] = { .type = NLA_FLAG },
570 [NL80211_KEY_TYPE] = NLA_POLICY_MAX(NLA_U32, NUM_NL80211_KEYTYPES - 1),
571 [NL80211_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED },
574 /* policy for the key default flags */
575 static const struct nla_policy
576 nl80211_key_default_policy[NUM_NL80211_KEY_DEFAULT_TYPES] = {
577 [NL80211_KEY_DEFAULT_TYPE_UNICAST] = { .type = NLA_FLAG },
578 [NL80211_KEY_DEFAULT_TYPE_MULTICAST] = { .type = NLA_FLAG },
582 /* policy for WoWLAN attributes */
583 static const struct nla_policy
584 nl80211_wowlan_policy[NUM_NL80211_WOWLAN_TRIG] = {
585 [NL80211_WOWLAN_TRIG_ANY] = { .type = NLA_FLAG },
586 [NL80211_WOWLAN_TRIG_DISCONNECT] = { .type = NLA_FLAG },
587 [NL80211_WOWLAN_TRIG_MAGIC_PKT] = { .type = NLA_FLAG },
588 [NL80211_WOWLAN_TRIG_PKT_PATTERN] = { .type = NLA_NESTED },
589 [NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE] = { .type = NLA_FLAG },
590 [NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST] = { .type = NLA_FLAG },
591 [NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE] = { .type = NLA_FLAG },
592 [NL80211_WOWLAN_TRIG_RFKILL_RELEASE] = { .type = NLA_FLAG },
593 [NL80211_WOWLAN_TRIG_TCP_CONNECTION] = { .type = NLA_NESTED },
594 [NL80211_WOWLAN_TRIG_NET_DETECT] = { .type = NLA_NESTED },
597 static const struct nla_policy
598 nl80211_wowlan_tcp_policy[NUM_NL80211_WOWLAN_TCP] = {
599 [NL80211_WOWLAN_TCP_SRC_IPV4] = { .type = NLA_U32 },
600 [NL80211_WOWLAN_TCP_DST_IPV4] = { .type = NLA_U32 },
601 [NL80211_WOWLAN_TCP_DST_MAC] = { .len = ETH_ALEN },
602 [NL80211_WOWLAN_TCP_SRC_PORT] = { .type = NLA_U16 },
603 [NL80211_WOWLAN_TCP_DST_PORT] = { .type = NLA_U16 },
604 [NL80211_WOWLAN_TCP_DATA_PAYLOAD] = { .len = 1 },
605 [NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ] = {
606 .len = sizeof(struct nl80211_wowlan_tcp_data_seq)
608 [NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN] = {
609 .len = sizeof(struct nl80211_wowlan_tcp_data_token)
611 [NL80211_WOWLAN_TCP_DATA_INTERVAL] = { .type = NLA_U32 },
612 [NL80211_WOWLAN_TCP_WAKE_PAYLOAD] = { .len = 1 },
613 [NL80211_WOWLAN_TCP_WAKE_MASK] = { .len = 1 },
615 #endif /* CONFIG_PM */
617 /* policy for coalesce rule attributes */
618 static const struct nla_policy
619 nl80211_coalesce_policy[NUM_NL80211_ATTR_COALESCE_RULE] = {
620 [NL80211_ATTR_COALESCE_RULE_DELAY] = { .type = NLA_U32 },
621 [NL80211_ATTR_COALESCE_RULE_CONDITION] =
622 NLA_POLICY_RANGE(NLA_U32,
623 NL80211_COALESCE_CONDITION_MATCH,
624 NL80211_COALESCE_CONDITION_NO_MATCH),
625 [NL80211_ATTR_COALESCE_RULE_PKT_PATTERN] = { .type = NLA_NESTED },
628 /* policy for GTK rekey offload attributes */
629 static const struct nla_policy
630 nl80211_rekey_policy[NUM_NL80211_REKEY_DATA] = {
631 [NL80211_REKEY_DATA_KEK] = { .len = NL80211_KEK_LEN },
632 [NL80211_REKEY_DATA_KCK] = { .len = NL80211_KCK_LEN },
633 [NL80211_REKEY_DATA_REPLAY_CTR] = { .len = NL80211_REPLAY_CTR_LEN },
636 static const struct nla_policy
637 nl80211_match_policy[NL80211_SCHED_SCAN_MATCH_ATTR_MAX + 1] = {
638 [NL80211_SCHED_SCAN_MATCH_ATTR_SSID] = { .type = NLA_BINARY,
639 .len = IEEE80211_MAX_SSID_LEN },
640 [NL80211_SCHED_SCAN_MATCH_ATTR_BSSID] = { .len = ETH_ALEN },
641 [NL80211_SCHED_SCAN_MATCH_ATTR_RSSI] = { .type = NLA_U32 },
644 static const struct nla_policy
645 nl80211_plan_policy[NL80211_SCHED_SCAN_PLAN_MAX + 1] = {
646 [NL80211_SCHED_SCAN_PLAN_INTERVAL] = { .type = NLA_U32 },
647 [NL80211_SCHED_SCAN_PLAN_ITERATIONS] = { .type = NLA_U32 },
650 static const struct nla_policy
651 nl80211_bss_select_policy[NL80211_BSS_SELECT_ATTR_MAX + 1] = {
652 [NL80211_BSS_SELECT_ATTR_RSSI] = { .type = NLA_FLAG },
653 [NL80211_BSS_SELECT_ATTR_BAND_PREF] = { .type = NLA_U32 },
654 [NL80211_BSS_SELECT_ATTR_RSSI_ADJUST] = {
655 .len = sizeof(struct nl80211_bss_select_rssi_adjust)
659 /* policy for NAN function attributes */
660 static const struct nla_policy
661 nl80211_nan_func_policy[NL80211_NAN_FUNC_ATTR_MAX + 1] = {
662 [NL80211_NAN_FUNC_TYPE] = { .type = NLA_U8 },
663 [NL80211_NAN_FUNC_SERVICE_ID] = {
664 .len = NL80211_NAN_FUNC_SERVICE_ID_LEN },
665 [NL80211_NAN_FUNC_PUBLISH_TYPE] = { .type = NLA_U8 },
666 [NL80211_NAN_FUNC_PUBLISH_BCAST] = { .type = NLA_FLAG },
667 [NL80211_NAN_FUNC_SUBSCRIBE_ACTIVE] = { .type = NLA_FLAG },
668 [NL80211_NAN_FUNC_FOLLOW_UP_ID] = { .type = NLA_U8 },
669 [NL80211_NAN_FUNC_FOLLOW_UP_REQ_ID] = { .type = NLA_U8 },
670 [NL80211_NAN_FUNC_FOLLOW_UP_DEST] = { .len = ETH_ALEN },
671 [NL80211_NAN_FUNC_CLOSE_RANGE] = { .type = NLA_FLAG },
672 [NL80211_NAN_FUNC_TTL] = { .type = NLA_U32 },
673 [NL80211_NAN_FUNC_SERVICE_INFO] = { .type = NLA_BINARY,
674 .len = NL80211_NAN_FUNC_SERVICE_SPEC_INFO_MAX_LEN },
675 [NL80211_NAN_FUNC_SRF] = { .type = NLA_NESTED },
676 [NL80211_NAN_FUNC_RX_MATCH_FILTER] = { .type = NLA_NESTED },
677 [NL80211_NAN_FUNC_TX_MATCH_FILTER] = { .type = NLA_NESTED },
678 [NL80211_NAN_FUNC_INSTANCE_ID] = { .type = NLA_U8 },
679 [NL80211_NAN_FUNC_TERM_REASON] = { .type = NLA_U8 },
682 /* policy for Service Response Filter attributes */
683 static const struct nla_policy
684 nl80211_nan_srf_policy[NL80211_NAN_SRF_ATTR_MAX + 1] = {
685 [NL80211_NAN_SRF_INCLUDE] = { .type = NLA_FLAG },
686 [NL80211_NAN_SRF_BF] = { .type = NLA_BINARY,
687 .len = NL80211_NAN_FUNC_SRF_MAX_LEN },
688 [NL80211_NAN_SRF_BF_IDX] = { .type = NLA_U8 },
689 [NL80211_NAN_SRF_MAC_ADDRS] = { .type = NLA_NESTED },
692 /* policy for packet pattern attributes */
693 static const struct nla_policy
694 nl80211_packet_pattern_policy[MAX_NL80211_PKTPAT + 1] = {
695 [NL80211_PKTPAT_MASK] = { .type = NLA_BINARY, },
696 [NL80211_PKTPAT_PATTERN] = { .type = NLA_BINARY, },
697 [NL80211_PKTPAT_OFFSET] = { .type = NLA_U32 },
700 int nl80211_prepare_wdev_dump(struct netlink_callback *cb,
701 struct cfg80211_registered_device **rdev,
702 struct wireless_dev **wdev)
707 err = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize,
708 genl_family_attrbuf(&nl80211_fam),
709 nl80211_fam.maxattr, nl80211_policy, NULL);
713 *wdev = __cfg80211_wdev_from_attrs(
714 sock_net(cb->skb->sk),
715 genl_family_attrbuf(&nl80211_fam));
717 return PTR_ERR(*wdev);
718 *rdev = wiphy_to_rdev((*wdev)->wiphy);
719 /* 0 is the first index - add 1 to parse only once */
720 cb->args[0] = (*rdev)->wiphy_idx + 1;
721 cb->args[1] = (*wdev)->identifier;
723 /* subtract the 1 again here */
724 struct wiphy *wiphy = wiphy_idx_to_wiphy(cb->args[0] - 1);
725 struct wireless_dev *tmp;
729 *rdev = wiphy_to_rdev(wiphy);
732 list_for_each_entry(tmp, &(*rdev)->wiphy.wdev_list, list) {
733 if (tmp->identifier == cb->args[1]) {
746 /* message building helper */
747 void *nl80211hdr_put(struct sk_buff *skb, u32 portid, u32 seq,
750 /* since there is no private header just add the generic one */
751 return genlmsg_put(skb, portid, seq, &nl80211_fam, flags, cmd);
754 static int nl80211_msg_put_wmm_rules(struct sk_buff *msg,
755 const struct ieee80211_reg_rule *rule)
758 struct nlattr *nl_wmm_rules =
759 nla_nest_start(msg, NL80211_FREQUENCY_ATTR_WMM);
762 goto nla_put_failure;
764 for (j = 0; j < IEEE80211_NUM_ACS; j++) {
765 struct nlattr *nl_wmm_rule = nla_nest_start(msg, j);
768 goto nla_put_failure;
770 if (nla_put_u16(msg, NL80211_WMMR_CW_MIN,
771 rule->wmm_rule.client[j].cw_min) ||
772 nla_put_u16(msg, NL80211_WMMR_CW_MAX,
773 rule->wmm_rule.client[j].cw_max) ||
774 nla_put_u8(msg, NL80211_WMMR_AIFSN,
775 rule->wmm_rule.client[j].aifsn) ||
776 nla_put_u16(msg, NL80211_WMMR_TXOP,
777 rule->wmm_rule.client[j].cot))
778 goto nla_put_failure;
780 nla_nest_end(msg, nl_wmm_rule);
782 nla_nest_end(msg, nl_wmm_rules);
790 static int nl80211_msg_put_channel(struct sk_buff *msg, struct wiphy *wiphy,
791 struct ieee80211_channel *chan,
794 /* Some channels must be completely excluded from the
795 * list to protect old user-space tools from breaking
797 if (!large && chan->flags &
798 (IEEE80211_CHAN_NO_10MHZ | IEEE80211_CHAN_NO_20MHZ))
801 if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_FREQ,
803 goto nla_put_failure;
805 if ((chan->flags & IEEE80211_CHAN_DISABLED) &&
806 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_DISABLED))
807 goto nla_put_failure;
808 if (chan->flags & IEEE80211_CHAN_NO_IR) {
809 if (nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_IR))
810 goto nla_put_failure;
811 if (nla_put_flag(msg, __NL80211_FREQUENCY_ATTR_NO_IBSS))
812 goto nla_put_failure;
814 if (chan->flags & IEEE80211_CHAN_RADAR) {
815 if (nla_put_flag(msg, NL80211_FREQUENCY_ATTR_RADAR))
816 goto nla_put_failure;
820 time = elapsed_jiffies_msecs(chan->dfs_state_entered);
822 if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_DFS_STATE,
824 goto nla_put_failure;
825 if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_DFS_TIME,
827 goto nla_put_failure;
829 NL80211_FREQUENCY_ATTR_DFS_CAC_TIME,
831 goto nla_put_failure;
836 if ((chan->flags & IEEE80211_CHAN_NO_HT40MINUS) &&
837 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_HT40_MINUS))
838 goto nla_put_failure;
839 if ((chan->flags & IEEE80211_CHAN_NO_HT40PLUS) &&
840 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_HT40_PLUS))
841 goto nla_put_failure;
842 if ((chan->flags & IEEE80211_CHAN_NO_80MHZ) &&
843 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_80MHZ))
844 goto nla_put_failure;
845 if ((chan->flags & IEEE80211_CHAN_NO_160MHZ) &&
846 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_160MHZ))
847 goto nla_put_failure;
848 if ((chan->flags & IEEE80211_CHAN_INDOOR_ONLY) &&
849 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_INDOOR_ONLY))
850 goto nla_put_failure;
851 if ((chan->flags & IEEE80211_CHAN_IR_CONCURRENT) &&
852 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_IR_CONCURRENT))
853 goto nla_put_failure;
854 if ((chan->flags & IEEE80211_CHAN_NO_20MHZ) &&
855 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_20MHZ))
856 goto nla_put_failure;
857 if ((chan->flags & IEEE80211_CHAN_NO_10MHZ) &&
858 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_10MHZ))
859 goto nla_put_failure;
862 if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_MAX_TX_POWER,
863 DBM_TO_MBM(chan->max_power)))
864 goto nla_put_failure;
867 const struct ieee80211_reg_rule *rule =
868 freq_reg_info(wiphy, MHZ_TO_KHZ(chan->center_freq));
870 if (!IS_ERR_OR_NULL(rule) && rule->has_wmm) {
871 if (nl80211_msg_put_wmm_rules(msg, rule))
872 goto nla_put_failure;
882 static bool nl80211_put_txq_stats(struct sk_buff *msg,
883 struct cfg80211_txq_stats *txqstats,
886 struct nlattr *txqattr;
888 #define PUT_TXQVAL_U32(attr, memb) do { \
889 if (txqstats->filled & BIT(NL80211_TXQ_STATS_ ## attr) && \
890 nla_put_u32(msg, NL80211_TXQ_STATS_ ## attr, txqstats->memb)) \
894 txqattr = nla_nest_start(msg, attrtype);
898 PUT_TXQVAL_U32(BACKLOG_BYTES, backlog_bytes);
899 PUT_TXQVAL_U32(BACKLOG_PACKETS, backlog_packets);
900 PUT_TXQVAL_U32(FLOWS, flows);
901 PUT_TXQVAL_U32(DROPS, drops);
902 PUT_TXQVAL_U32(ECN_MARKS, ecn_marks);
903 PUT_TXQVAL_U32(OVERLIMIT, overlimit);
904 PUT_TXQVAL_U32(OVERMEMORY, overmemory);
905 PUT_TXQVAL_U32(COLLISIONS, collisions);
906 PUT_TXQVAL_U32(TX_BYTES, tx_bytes);
907 PUT_TXQVAL_U32(TX_PACKETS, tx_packets);
908 PUT_TXQVAL_U32(MAX_FLOWS, max_flows);
909 nla_nest_end(msg, txqattr);
911 #undef PUT_TXQVAL_U32
915 /* netlink command implementations */
922 bool def_uni, def_multi;
925 static int nl80211_parse_key_new(struct genl_info *info, struct nlattr *key,
928 struct nlattr *tb[NL80211_KEY_MAX + 1];
929 int err = nla_parse_nested(tb, NL80211_KEY_MAX, key,
930 nl80211_key_policy, info->extack);
934 k->def = !!tb[NL80211_KEY_DEFAULT];
935 k->defmgmt = !!tb[NL80211_KEY_DEFAULT_MGMT];
944 if (tb[NL80211_KEY_IDX])
945 k->idx = nla_get_u8(tb[NL80211_KEY_IDX]);
947 if (tb[NL80211_KEY_DATA]) {
948 k->p.key = nla_data(tb[NL80211_KEY_DATA]);
949 k->p.key_len = nla_len(tb[NL80211_KEY_DATA]);
952 if (tb[NL80211_KEY_SEQ]) {
953 k->p.seq = nla_data(tb[NL80211_KEY_SEQ]);
954 k->p.seq_len = nla_len(tb[NL80211_KEY_SEQ]);
957 if (tb[NL80211_KEY_CIPHER])
958 k->p.cipher = nla_get_u32(tb[NL80211_KEY_CIPHER]);
960 if (tb[NL80211_KEY_TYPE])
961 k->type = nla_get_u32(tb[NL80211_KEY_TYPE]);
963 if (tb[NL80211_KEY_DEFAULT_TYPES]) {
964 struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES];
966 err = nla_parse_nested(kdt, NUM_NL80211_KEY_DEFAULT_TYPES - 1,
967 tb[NL80211_KEY_DEFAULT_TYPES],
968 nl80211_key_default_policy,
973 k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST];
974 k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST];
980 static int nl80211_parse_key_old(struct genl_info *info, struct key_parse *k)
982 if (info->attrs[NL80211_ATTR_KEY_DATA]) {
983 k->p.key = nla_data(info->attrs[NL80211_ATTR_KEY_DATA]);
984 k->p.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]);
987 if (info->attrs[NL80211_ATTR_KEY_SEQ]) {
988 k->p.seq = nla_data(info->attrs[NL80211_ATTR_KEY_SEQ]);
989 k->p.seq_len = nla_len(info->attrs[NL80211_ATTR_KEY_SEQ]);
992 if (info->attrs[NL80211_ATTR_KEY_IDX])
993 k->idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);
995 if (info->attrs[NL80211_ATTR_KEY_CIPHER])
996 k->p.cipher = nla_get_u32(info->attrs[NL80211_ATTR_KEY_CIPHER]);
998 k->def = !!info->attrs[NL80211_ATTR_KEY_DEFAULT];
999 k->defmgmt = !!info->attrs[NL80211_ATTR_KEY_DEFAULT_MGMT];
1003 k->def_multi = true;
1006 k->def_multi = true;
1008 if (info->attrs[NL80211_ATTR_KEY_TYPE])
1009 k->type = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]);
1011 if (info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES]) {
1012 struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES];
1013 int err = nla_parse_nested(kdt,
1014 NUM_NL80211_KEY_DEFAULT_TYPES - 1,
1015 info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES],
1016 nl80211_key_default_policy,
1021 k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST];
1022 k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST];
1028 static int nl80211_parse_key(struct genl_info *info, struct key_parse *k)
1032 memset(k, 0, sizeof(*k));
1036 if (info->attrs[NL80211_ATTR_KEY])
1037 err = nl80211_parse_key_new(info, info->attrs[NL80211_ATTR_KEY], k);
1039 err = nl80211_parse_key_old(info, k);
1044 if (k->def && k->defmgmt) {
1045 GENL_SET_ERR_MSG(info, "key with def && defmgmt is invalid");
1050 if (k->def_uni || !k->def_multi) {
1051 GENL_SET_ERR_MSG(info, "defmgmt key must be mcast");
1058 if (k->idx < 4 || k->idx > 5) {
1059 GENL_SET_ERR_MSG(info,
1060 "defmgmt key idx not 4 or 5");
1063 } else if (k->def) {
1064 if (k->idx < 0 || k->idx > 3) {
1065 GENL_SET_ERR_MSG(info, "def key idx not 0-3");
1069 if (k->idx < 0 || k->idx > 5) {
1070 GENL_SET_ERR_MSG(info, "key idx not 0-5");
1079 static struct cfg80211_cached_keys *
1080 nl80211_parse_connkeys(struct cfg80211_registered_device *rdev,
1081 struct genl_info *info, bool *no_ht)
1083 struct nlattr *keys = info->attrs[NL80211_ATTR_KEYS];
1084 struct key_parse parse;
1086 struct cfg80211_cached_keys *result;
1087 int rem, err, def = 0;
1088 bool have_key = false;
1090 nla_for_each_nested(key, keys, rem) {
1098 result = kzalloc(sizeof(*result), GFP_KERNEL);
1100 return ERR_PTR(-ENOMEM);
1104 nla_for_each_nested(key, keys, rem) {
1105 memset(&parse, 0, sizeof(parse));
1108 err = nl80211_parse_key_new(info, key, &parse);
1114 if (parse.idx < 0 || parse.idx > 3) {
1115 GENL_SET_ERR_MSG(info, "key index out of range [0-3]");
1120 GENL_SET_ERR_MSG(info,
1121 "only one key can be default");
1125 result->def = parse.idx;
1126 if (!parse.def_uni || !parse.def_multi)
1128 } else if (parse.defmgmt)
1130 err = cfg80211_validate_key_settings(rdev, &parse.p,
1131 parse.idx, false, NULL);
1134 if (parse.p.cipher != WLAN_CIPHER_SUITE_WEP40 &&
1135 parse.p.cipher != WLAN_CIPHER_SUITE_WEP104) {
1136 GENL_SET_ERR_MSG(info, "connect key must be WEP");
1140 result->params[parse.idx].cipher = parse.p.cipher;
1141 result->params[parse.idx].key_len = parse.p.key_len;
1142 result->params[parse.idx].key = result->data[parse.idx];
1143 memcpy(result->data[parse.idx], parse.p.key, parse.p.key_len);
1145 /* must be WEP key if we got here */
1150 if (result->def < 0) {
1152 GENL_SET_ERR_MSG(info, "need a default/TX key");
1159 return ERR_PTR(err);
1162 static int nl80211_key_allowed(struct wireless_dev *wdev)
1164 ASSERT_WDEV_LOCK(wdev);
1166 switch (wdev->iftype) {
1167 case NL80211_IFTYPE_AP:
1168 case NL80211_IFTYPE_AP_VLAN:
1169 case NL80211_IFTYPE_P2P_GO:
1170 case NL80211_IFTYPE_MESH_POINT:
1172 case NL80211_IFTYPE_ADHOC:
1173 case NL80211_IFTYPE_STATION:
1174 case NL80211_IFTYPE_P2P_CLIENT:
1175 if (!wdev->current_bss)
1178 case NL80211_IFTYPE_UNSPECIFIED:
1179 case NL80211_IFTYPE_OCB:
1180 case NL80211_IFTYPE_MONITOR:
1181 case NL80211_IFTYPE_NAN:
1182 case NL80211_IFTYPE_P2P_DEVICE:
1183 case NL80211_IFTYPE_WDS:
1184 case NUM_NL80211_IFTYPES:
1191 static struct ieee80211_channel *nl80211_get_valid_chan(struct wiphy *wiphy,
1194 struct ieee80211_channel *chan;
1198 chan = ieee80211_get_channel(wiphy, nla_get_u32(tb));
1199 if (!chan || chan->flags & IEEE80211_CHAN_DISABLED)
1204 static int nl80211_put_iftypes(struct sk_buff *msg, u32 attr, u16 ifmodes)
1206 struct nlattr *nl_modes = nla_nest_start(msg, attr);
1210 goto nla_put_failure;
1214 if ((ifmodes & 1) && nla_put_flag(msg, i))
1215 goto nla_put_failure;
1220 nla_nest_end(msg, nl_modes);
1227 static int nl80211_put_iface_combinations(struct wiphy *wiphy,
1228 struct sk_buff *msg,
1231 struct nlattr *nl_combis;
1234 nl_combis = nla_nest_start(msg,
1235 NL80211_ATTR_INTERFACE_COMBINATIONS);
1237 goto nla_put_failure;
1239 for (i = 0; i < wiphy->n_iface_combinations; i++) {
1240 const struct ieee80211_iface_combination *c;
1241 struct nlattr *nl_combi, *nl_limits;
1243 c = &wiphy->iface_combinations[i];
1245 nl_combi = nla_nest_start(msg, i + 1);
1247 goto nla_put_failure;
1249 nl_limits = nla_nest_start(msg, NL80211_IFACE_COMB_LIMITS);
1251 goto nla_put_failure;
1253 for (j = 0; j < c->n_limits; j++) {
1254 struct nlattr *nl_limit;
1256 nl_limit = nla_nest_start(msg, j + 1);
1258 goto nla_put_failure;
1259 if (nla_put_u32(msg, NL80211_IFACE_LIMIT_MAX,
1261 goto nla_put_failure;
1262 if (nl80211_put_iftypes(msg, NL80211_IFACE_LIMIT_TYPES,
1263 c->limits[j].types))
1264 goto nla_put_failure;
1265 nla_nest_end(msg, nl_limit);
1268 nla_nest_end(msg, nl_limits);
1270 if (c->beacon_int_infra_match &&
1271 nla_put_flag(msg, NL80211_IFACE_COMB_STA_AP_BI_MATCH))
1272 goto nla_put_failure;
1273 if (nla_put_u32(msg, NL80211_IFACE_COMB_NUM_CHANNELS,
1274 c->num_different_channels) ||
1275 nla_put_u32(msg, NL80211_IFACE_COMB_MAXNUM,
1277 goto nla_put_failure;
1279 (nla_put_u32(msg, NL80211_IFACE_COMB_RADAR_DETECT_WIDTHS,
1280 c->radar_detect_widths) ||
1281 nla_put_u32(msg, NL80211_IFACE_COMB_RADAR_DETECT_REGIONS,
1282 c->radar_detect_regions)))
1283 goto nla_put_failure;
1284 if (c->beacon_int_min_gcd &&
1285 nla_put_u32(msg, NL80211_IFACE_COMB_BI_MIN_GCD,
1286 c->beacon_int_min_gcd))
1287 goto nla_put_failure;
1289 nla_nest_end(msg, nl_combi);
1292 nla_nest_end(msg, nl_combis);
1300 static int nl80211_send_wowlan_tcp_caps(struct cfg80211_registered_device *rdev,
1301 struct sk_buff *msg)
1303 const struct wiphy_wowlan_tcp_support *tcp = rdev->wiphy.wowlan->tcp;
1304 struct nlattr *nl_tcp;
1309 nl_tcp = nla_nest_start(msg, NL80211_WOWLAN_TRIG_TCP_CONNECTION);
1313 if (nla_put_u32(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD,
1314 tcp->data_payload_max))
1317 if (nla_put_u32(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD,
1318 tcp->data_payload_max))
1321 if (tcp->seq && nla_put_flag(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ))
1324 if (tcp->tok && nla_put(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN,
1325 sizeof(*tcp->tok), tcp->tok))
1328 if (nla_put_u32(msg, NL80211_WOWLAN_TCP_DATA_INTERVAL,
1329 tcp->data_interval_max))
1332 if (nla_put_u32(msg, NL80211_WOWLAN_TCP_WAKE_PAYLOAD,
1333 tcp->wake_payload_max))
1336 nla_nest_end(msg, nl_tcp);
1340 static int nl80211_send_wowlan(struct sk_buff *msg,
1341 struct cfg80211_registered_device *rdev,
1344 struct nlattr *nl_wowlan;
1346 if (!rdev->wiphy.wowlan)
1349 nl_wowlan = nla_nest_start(msg, NL80211_ATTR_WOWLAN_TRIGGERS_SUPPORTED);
1353 if (((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_ANY) &&
1354 nla_put_flag(msg, NL80211_WOWLAN_TRIG_ANY)) ||
1355 ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_DISCONNECT) &&
1356 nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT)) ||
1357 ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_MAGIC_PKT) &&
1358 nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT)) ||
1359 ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_SUPPORTS_GTK_REKEY) &&
1360 nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_SUPPORTED)) ||
1361 ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_GTK_REKEY_FAILURE) &&
1362 nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE)) ||
1363 ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_EAP_IDENTITY_REQ) &&
1364 nla_put_flag(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST)) ||
1365 ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_4WAY_HANDSHAKE) &&
1366 nla_put_flag(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE)) ||
1367 ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_RFKILL_RELEASE) &&
1368 nla_put_flag(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE)))
1371 if (rdev->wiphy.wowlan->n_patterns) {
1372 struct nl80211_pattern_support pat = {
1373 .max_patterns = rdev->wiphy.wowlan->n_patterns,
1374 .min_pattern_len = rdev->wiphy.wowlan->pattern_min_len,
1375 .max_pattern_len = rdev->wiphy.wowlan->pattern_max_len,
1376 .max_pkt_offset = rdev->wiphy.wowlan->max_pkt_offset,
1379 if (nla_put(msg, NL80211_WOWLAN_TRIG_PKT_PATTERN,
1384 if ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_NET_DETECT) &&
1385 nla_put_u32(msg, NL80211_WOWLAN_TRIG_NET_DETECT,
1386 rdev->wiphy.wowlan->max_nd_match_sets))
1389 if (large && nl80211_send_wowlan_tcp_caps(rdev, msg))
1392 nla_nest_end(msg, nl_wowlan);
1398 static int nl80211_send_coalesce(struct sk_buff *msg,
1399 struct cfg80211_registered_device *rdev)
1401 struct nl80211_coalesce_rule_support rule;
1403 if (!rdev->wiphy.coalesce)
1406 rule.max_rules = rdev->wiphy.coalesce->n_rules;
1407 rule.max_delay = rdev->wiphy.coalesce->max_delay;
1408 rule.pat.max_patterns = rdev->wiphy.coalesce->n_patterns;
1409 rule.pat.min_pattern_len = rdev->wiphy.coalesce->pattern_min_len;
1410 rule.pat.max_pattern_len = rdev->wiphy.coalesce->pattern_max_len;
1411 rule.pat.max_pkt_offset = rdev->wiphy.coalesce->max_pkt_offset;
1413 if (nla_put(msg, NL80211_ATTR_COALESCE_RULE, sizeof(rule), &rule))
1420 nl80211_send_iftype_data(struct sk_buff *msg,
1421 const struct ieee80211_sband_iftype_data *iftdata)
1423 const struct ieee80211_sta_he_cap *he_cap = &iftdata->he_cap;
1425 if (nl80211_put_iftypes(msg, NL80211_BAND_IFTYPE_ATTR_IFTYPES,
1426 iftdata->types_mask))
1429 if (he_cap->has_he) {
1430 if (nla_put(msg, NL80211_BAND_IFTYPE_ATTR_HE_CAP_MAC,
1431 sizeof(he_cap->he_cap_elem.mac_cap_info),
1432 he_cap->he_cap_elem.mac_cap_info) ||
1433 nla_put(msg, NL80211_BAND_IFTYPE_ATTR_HE_CAP_PHY,
1434 sizeof(he_cap->he_cap_elem.phy_cap_info),
1435 he_cap->he_cap_elem.phy_cap_info) ||
1436 nla_put(msg, NL80211_BAND_IFTYPE_ATTR_HE_CAP_MCS_SET,
1437 sizeof(he_cap->he_mcs_nss_supp),
1438 &he_cap->he_mcs_nss_supp) ||
1439 nla_put(msg, NL80211_BAND_IFTYPE_ATTR_HE_CAP_PPE,
1440 sizeof(he_cap->ppe_thres), he_cap->ppe_thres))
1447 static int nl80211_send_band_rateinfo(struct sk_buff *msg,
1448 struct ieee80211_supported_band *sband)
1450 struct nlattr *nl_rates, *nl_rate;
1451 struct ieee80211_rate *rate;
1455 if (sband->ht_cap.ht_supported &&
1456 (nla_put(msg, NL80211_BAND_ATTR_HT_MCS_SET,
1457 sizeof(sband->ht_cap.mcs),
1458 &sband->ht_cap.mcs) ||
1459 nla_put_u16(msg, NL80211_BAND_ATTR_HT_CAPA,
1460 sband->ht_cap.cap) ||
1461 nla_put_u8(msg, NL80211_BAND_ATTR_HT_AMPDU_FACTOR,
1462 sband->ht_cap.ampdu_factor) ||
1463 nla_put_u8(msg, NL80211_BAND_ATTR_HT_AMPDU_DENSITY,
1464 sband->ht_cap.ampdu_density)))
1468 if (sband->vht_cap.vht_supported &&
1469 (nla_put(msg, NL80211_BAND_ATTR_VHT_MCS_SET,
1470 sizeof(sband->vht_cap.vht_mcs),
1471 &sband->vht_cap.vht_mcs) ||
1472 nla_put_u32(msg, NL80211_BAND_ATTR_VHT_CAPA,
1473 sband->vht_cap.cap)))
1476 if (sband->n_iftype_data) {
1477 struct nlattr *nl_iftype_data =
1478 nla_nest_start(msg, NL80211_BAND_ATTR_IFTYPE_DATA);
1481 if (!nl_iftype_data)
1484 for (i = 0; i < sband->n_iftype_data; i++) {
1485 struct nlattr *iftdata;
1487 iftdata = nla_nest_start(msg, i + 1);
1491 err = nl80211_send_iftype_data(msg,
1492 &sband->iftype_data[i]);
1496 nla_nest_end(msg, iftdata);
1499 nla_nest_end(msg, nl_iftype_data);
1503 nl_rates = nla_nest_start(msg, NL80211_BAND_ATTR_RATES);
1507 for (i = 0; i < sband->n_bitrates; i++) {
1508 nl_rate = nla_nest_start(msg, i);
1512 rate = &sband->bitrates[i];
1513 if (nla_put_u32(msg, NL80211_BITRATE_ATTR_RATE,
1516 if ((rate->flags & IEEE80211_RATE_SHORT_PREAMBLE) &&
1518 NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE))
1521 nla_nest_end(msg, nl_rate);
1524 nla_nest_end(msg, nl_rates);
1530 nl80211_send_mgmt_stypes(struct sk_buff *msg,
1531 const struct ieee80211_txrx_stypes *mgmt_stypes)
1534 struct nlattr *nl_ftypes, *nl_ifs;
1535 enum nl80211_iftype ift;
1541 nl_ifs = nla_nest_start(msg, NL80211_ATTR_TX_FRAME_TYPES);
1545 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) {
1546 nl_ftypes = nla_nest_start(msg, ift);
1550 stypes = mgmt_stypes[ift].tx;
1553 nla_put_u16(msg, NL80211_ATTR_FRAME_TYPE,
1554 (i << 4) | IEEE80211_FTYPE_MGMT))
1559 nla_nest_end(msg, nl_ftypes);
1562 nla_nest_end(msg, nl_ifs);
1564 nl_ifs = nla_nest_start(msg, NL80211_ATTR_RX_FRAME_TYPES);
1568 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) {
1569 nl_ftypes = nla_nest_start(msg, ift);
1573 stypes = mgmt_stypes[ift].rx;
1576 nla_put_u16(msg, NL80211_ATTR_FRAME_TYPE,
1577 (i << 4) | IEEE80211_FTYPE_MGMT))
1582 nla_nest_end(msg, nl_ftypes);
1584 nla_nest_end(msg, nl_ifs);
1589 #define CMD(op, n) \
1591 if (rdev->ops->op) { \
1593 if (nla_put_u32(msg, i, NL80211_CMD_ ## n)) \
1594 goto nla_put_failure; \
1598 static int nl80211_add_commands_unsplit(struct cfg80211_registered_device *rdev,
1599 struct sk_buff *msg)
1604 * do *NOT* add anything into this function, new things need to be
1605 * advertised only to new versions of userspace that can deal with
1606 * the split (and they can't possibly care about new features...
1608 CMD(add_virtual_intf, NEW_INTERFACE);
1609 CMD(change_virtual_intf, SET_INTERFACE);
1610 CMD(add_key, NEW_KEY);
1611 CMD(start_ap, START_AP);
1612 CMD(add_station, NEW_STATION);
1613 CMD(add_mpath, NEW_MPATH);
1614 CMD(update_mesh_config, SET_MESH_CONFIG);
1615 CMD(change_bss, SET_BSS);
1616 CMD(auth, AUTHENTICATE);
1617 CMD(assoc, ASSOCIATE);
1618 CMD(deauth, DEAUTHENTICATE);
1619 CMD(disassoc, DISASSOCIATE);
1620 CMD(join_ibss, JOIN_IBSS);
1621 CMD(join_mesh, JOIN_MESH);
1622 CMD(set_pmksa, SET_PMKSA);
1623 CMD(del_pmksa, DEL_PMKSA);
1624 CMD(flush_pmksa, FLUSH_PMKSA);
1625 if (rdev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL)
1626 CMD(remain_on_channel, REMAIN_ON_CHANNEL);
1627 CMD(set_bitrate_mask, SET_TX_BITRATE_MASK);
1628 CMD(mgmt_tx, FRAME);
1629 CMD(mgmt_tx_cancel_wait, FRAME_WAIT_CANCEL);
1630 if (rdev->wiphy.flags & WIPHY_FLAG_NETNS_OK) {
1632 if (nla_put_u32(msg, i, NL80211_CMD_SET_WIPHY_NETNS))
1633 goto nla_put_failure;
1635 if (rdev->ops->set_monitor_channel || rdev->ops->start_ap ||
1636 rdev->ops->join_mesh) {
1638 if (nla_put_u32(msg, i, NL80211_CMD_SET_CHANNEL))
1639 goto nla_put_failure;
1641 CMD(set_wds_peer, SET_WDS_PEER);
1642 if (rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) {
1643 CMD(tdls_mgmt, TDLS_MGMT);
1644 CMD(tdls_oper, TDLS_OPER);
1646 if (rdev->wiphy.max_sched_scan_reqs)
1647 CMD(sched_scan_start, START_SCHED_SCAN);
1648 CMD(probe_client, PROBE_CLIENT);
1649 CMD(set_noack_map, SET_NOACK_MAP);
1650 if (rdev->wiphy.flags & WIPHY_FLAG_REPORTS_OBSS) {
1652 if (nla_put_u32(msg, i, NL80211_CMD_REGISTER_BEACONS))
1653 goto nla_put_failure;
1655 CMD(start_p2p_device, START_P2P_DEVICE);
1656 CMD(set_mcast_rate, SET_MCAST_RATE);
1657 #ifdef CONFIG_NL80211_TESTMODE
1658 CMD(testmode_cmd, TESTMODE);
1661 if (rdev->ops->connect || rdev->ops->auth) {
1663 if (nla_put_u32(msg, i, NL80211_CMD_CONNECT))
1664 goto nla_put_failure;
1667 if (rdev->ops->disconnect || rdev->ops->deauth) {
1669 if (nla_put_u32(msg, i, NL80211_CMD_DISCONNECT))
1670 goto nla_put_failure;
1679 nl80211_send_pmsr_ftm_capa(const struct cfg80211_pmsr_capabilities *cap,
1680 struct sk_buff *msg)
1684 if (!cap->ftm.supported)
1687 ftm = nla_nest_start(msg, NL80211_PMSR_TYPE_FTM);
1691 if (cap->ftm.asap && nla_put_flag(msg, NL80211_PMSR_FTM_CAPA_ATTR_ASAP))
1693 if (cap->ftm.non_asap &&
1694 nla_put_flag(msg, NL80211_PMSR_FTM_CAPA_ATTR_NON_ASAP))
1696 if (cap->ftm.request_lci &&
1697 nla_put_flag(msg, NL80211_PMSR_FTM_CAPA_ATTR_REQ_LCI))
1699 if (cap->ftm.request_civicloc &&
1700 nla_put_flag(msg, NL80211_PMSR_FTM_CAPA_ATTR_REQ_CIVICLOC))
1702 if (nla_put_u32(msg, NL80211_PMSR_FTM_CAPA_ATTR_PREAMBLES,
1703 cap->ftm.preambles))
1705 if (nla_put_u32(msg, NL80211_PMSR_FTM_CAPA_ATTR_BANDWIDTHS,
1706 cap->ftm.bandwidths))
1708 if (cap->ftm.max_bursts_exponent >= 0 &&
1709 nla_put_u32(msg, NL80211_PMSR_FTM_CAPA_ATTR_MAX_BURSTS_EXPONENT,
1710 cap->ftm.max_bursts_exponent))
1712 if (cap->ftm.max_ftms_per_burst &&
1713 nla_put_u32(msg, NL80211_PMSR_FTM_CAPA_ATTR_MAX_FTMS_PER_BURST,
1714 cap->ftm.max_ftms_per_burst))
1717 nla_nest_end(msg, ftm);
1721 static int nl80211_send_pmsr_capa(struct cfg80211_registered_device *rdev,
1722 struct sk_buff *msg)
1724 const struct cfg80211_pmsr_capabilities *cap = rdev->wiphy.pmsr_capa;
1725 struct nlattr *pmsr, *caps;
1731 * we don't need to clean up anything here since the caller
1732 * will genlmsg_cancel() if we fail
1735 pmsr = nla_nest_start(msg, NL80211_ATTR_PEER_MEASUREMENTS);
1739 if (nla_put_u32(msg, NL80211_PMSR_ATTR_MAX_PEERS, cap->max_peers))
1742 if (cap->report_ap_tsf &&
1743 nla_put_flag(msg, NL80211_PMSR_ATTR_REPORT_AP_TSF))
1746 if (cap->randomize_mac_addr &&
1747 nla_put_flag(msg, NL80211_PMSR_ATTR_RANDOMIZE_MAC_ADDR))
1750 caps = nla_nest_start(msg, NL80211_PMSR_ATTR_TYPE_CAPA);
1754 if (nl80211_send_pmsr_ftm_capa(cap, msg))
1757 nla_nest_end(msg, caps);
1758 nla_nest_end(msg, pmsr);
1763 struct nl80211_dump_wiphy_state {
1766 long split_start, band_start, chan_start, capa_start;
1770 static int nl80211_send_wiphy(struct cfg80211_registered_device *rdev,
1771 enum nl80211_commands cmd,
1772 struct sk_buff *msg, u32 portid, u32 seq,
1773 int flags, struct nl80211_dump_wiphy_state *state)
1776 struct nlattr *nl_bands, *nl_band;
1777 struct nlattr *nl_freqs, *nl_freq;
1778 struct nlattr *nl_cmds;
1779 enum nl80211_band band;
1780 struct ieee80211_channel *chan;
1782 const struct ieee80211_txrx_stypes *mgmt_stypes =
1783 rdev->wiphy.mgmt_stypes;
1786 hdr = nl80211hdr_put(msg, portid, seq, flags, cmd);
1790 if (WARN_ON(!state))
1793 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
1794 nla_put_string(msg, NL80211_ATTR_WIPHY_NAME,
1795 wiphy_name(&rdev->wiphy)) ||
1796 nla_put_u32(msg, NL80211_ATTR_GENERATION,
1797 cfg80211_rdev_list_generation))
1798 goto nla_put_failure;
1800 if (cmd != NL80211_CMD_NEW_WIPHY)
1803 switch (state->split_start) {
1805 if (nla_put_u8(msg, NL80211_ATTR_WIPHY_RETRY_SHORT,
1806 rdev->wiphy.retry_short) ||
1807 nla_put_u8(msg, NL80211_ATTR_WIPHY_RETRY_LONG,
1808 rdev->wiphy.retry_long) ||
1809 nla_put_u32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD,
1810 rdev->wiphy.frag_threshold) ||
1811 nla_put_u32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD,
1812 rdev->wiphy.rts_threshold) ||
1813 nla_put_u8(msg, NL80211_ATTR_WIPHY_COVERAGE_CLASS,
1814 rdev->wiphy.coverage_class) ||
1815 nla_put_u8(msg, NL80211_ATTR_MAX_NUM_SCAN_SSIDS,
1816 rdev->wiphy.max_scan_ssids) ||
1817 nla_put_u8(msg, NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS,
1818 rdev->wiphy.max_sched_scan_ssids) ||
1819 nla_put_u16(msg, NL80211_ATTR_MAX_SCAN_IE_LEN,
1820 rdev->wiphy.max_scan_ie_len) ||
1821 nla_put_u16(msg, NL80211_ATTR_MAX_SCHED_SCAN_IE_LEN,
1822 rdev->wiphy.max_sched_scan_ie_len) ||
1823 nla_put_u8(msg, NL80211_ATTR_MAX_MATCH_SETS,
1824 rdev->wiphy.max_match_sets) ||
1825 nla_put_u32(msg, NL80211_ATTR_MAX_NUM_SCHED_SCAN_PLANS,
1826 rdev->wiphy.max_sched_scan_plans) ||
1827 nla_put_u32(msg, NL80211_ATTR_MAX_SCAN_PLAN_INTERVAL,
1828 rdev->wiphy.max_sched_scan_plan_interval) ||
1829 nla_put_u32(msg, NL80211_ATTR_MAX_SCAN_PLAN_ITERATIONS,
1830 rdev->wiphy.max_sched_scan_plan_iterations))
1831 goto nla_put_failure;
1833 if ((rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN) &&
1834 nla_put_flag(msg, NL80211_ATTR_SUPPORT_IBSS_RSN))
1835 goto nla_put_failure;
1836 if ((rdev->wiphy.flags & WIPHY_FLAG_MESH_AUTH) &&
1837 nla_put_flag(msg, NL80211_ATTR_SUPPORT_MESH_AUTH))
1838 goto nla_put_failure;
1839 if ((rdev->wiphy.flags & WIPHY_FLAG_AP_UAPSD) &&
1840 nla_put_flag(msg, NL80211_ATTR_SUPPORT_AP_UAPSD))
1841 goto nla_put_failure;
1842 if ((rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_FW_ROAM) &&
1843 nla_put_flag(msg, NL80211_ATTR_ROAM_SUPPORT))
1844 goto nla_put_failure;
1845 if ((rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) &&
1846 nla_put_flag(msg, NL80211_ATTR_TDLS_SUPPORT))
1847 goto nla_put_failure;
1848 if ((rdev->wiphy.flags & WIPHY_FLAG_TDLS_EXTERNAL_SETUP) &&
1849 nla_put_flag(msg, NL80211_ATTR_TDLS_EXTERNAL_SETUP))
1850 goto nla_put_failure;
1851 state->split_start++;
1855 if (nla_put(msg, NL80211_ATTR_CIPHER_SUITES,
1856 sizeof(u32) * rdev->wiphy.n_cipher_suites,
1857 rdev->wiphy.cipher_suites))
1858 goto nla_put_failure;
1860 if (nla_put_u8(msg, NL80211_ATTR_MAX_NUM_PMKIDS,
1861 rdev->wiphy.max_num_pmkids))
1862 goto nla_put_failure;
1864 if ((rdev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) &&
1865 nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE))
1866 goto nla_put_failure;
1868 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_TX,
1869 rdev->wiphy.available_antennas_tx) ||
1870 nla_put_u32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_RX,
1871 rdev->wiphy.available_antennas_rx))
1872 goto nla_put_failure;
1874 if ((rdev->wiphy.flags & WIPHY_FLAG_AP_PROBE_RESP_OFFLOAD) &&
1875 nla_put_u32(msg, NL80211_ATTR_PROBE_RESP_OFFLOAD,
1876 rdev->wiphy.probe_resp_offload))
1877 goto nla_put_failure;
1879 if ((rdev->wiphy.available_antennas_tx ||
1880 rdev->wiphy.available_antennas_rx) &&
1881 rdev->ops->get_antenna) {
1882 u32 tx_ant = 0, rx_ant = 0;
1885 res = rdev_get_antenna(rdev, &tx_ant, &rx_ant);
1887 if (nla_put_u32(msg,
1888 NL80211_ATTR_WIPHY_ANTENNA_TX,
1891 NL80211_ATTR_WIPHY_ANTENNA_RX,
1893 goto nla_put_failure;
1897 state->split_start++;
1901 if (nl80211_put_iftypes(msg, NL80211_ATTR_SUPPORTED_IFTYPES,
1902 rdev->wiphy.interface_modes))
1903 goto nla_put_failure;
1904 state->split_start++;
1908 nl_bands = nla_nest_start(msg, NL80211_ATTR_WIPHY_BANDS);
1910 goto nla_put_failure;
1912 for (band = state->band_start;
1913 band < NUM_NL80211_BANDS; band++) {
1914 struct ieee80211_supported_band *sband;
1916 sband = rdev->wiphy.bands[band];
1921 nl_band = nla_nest_start(msg, band);
1923 goto nla_put_failure;
1925 switch (state->chan_start) {
1927 if (nl80211_send_band_rateinfo(msg, sband))
1928 goto nla_put_failure;
1929 state->chan_start++;
1933 /* add frequencies */
1934 nl_freqs = nla_nest_start(
1935 msg, NL80211_BAND_ATTR_FREQS);
1937 goto nla_put_failure;
1939 for (i = state->chan_start - 1;
1940 i < sband->n_channels;
1942 nl_freq = nla_nest_start(msg, i);
1944 goto nla_put_failure;
1946 chan = &sband->channels[i];
1948 if (nl80211_msg_put_channel(
1949 msg, &rdev->wiphy, chan,
1951 goto nla_put_failure;
1953 nla_nest_end(msg, nl_freq);
1957 if (i < sband->n_channels)
1958 state->chan_start = i + 2;
1960 state->chan_start = 0;
1961 nla_nest_end(msg, nl_freqs);
1964 nla_nest_end(msg, nl_band);
1967 /* start again here */
1968 if (state->chan_start)
1973 nla_nest_end(msg, nl_bands);
1975 if (band < NUM_NL80211_BANDS)
1976 state->band_start = band + 1;
1978 state->band_start = 0;
1980 /* if bands & channels are done, continue outside */
1981 if (state->band_start == 0 && state->chan_start == 0)
1982 state->split_start++;
1986 nl_cmds = nla_nest_start(msg, NL80211_ATTR_SUPPORTED_COMMANDS);
1988 goto nla_put_failure;
1990 i = nl80211_add_commands_unsplit(rdev, msg);
1992 goto nla_put_failure;
1994 CMD(crit_proto_start, CRIT_PROTOCOL_START);
1995 CMD(crit_proto_stop, CRIT_PROTOCOL_STOP);
1996 if (rdev->wiphy.flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH)
1997 CMD(channel_switch, CHANNEL_SWITCH);
1998 CMD(set_qos_map, SET_QOS_MAP);
1999 if (rdev->wiphy.features &
2000 NL80211_FEATURE_SUPPORTS_WMM_ADMISSION)
2001 CMD(add_tx_ts, ADD_TX_TS);
2002 CMD(set_multicast_to_unicast, SET_MULTICAST_TO_UNICAST);
2003 CMD(update_connect_params, UPDATE_CONNECT_PARAMS);
2007 nla_nest_end(msg, nl_cmds);
2008 state->split_start++;
2012 if (rdev->ops->remain_on_channel &&
2013 (rdev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL) &&
2015 NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION,
2016 rdev->wiphy.max_remain_on_channel_duration))
2017 goto nla_put_failure;
2019 if ((rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX) &&
2020 nla_put_flag(msg, NL80211_ATTR_OFFCHANNEL_TX_OK))
2021 goto nla_put_failure;
2023 if (nl80211_send_mgmt_stypes(msg, mgmt_stypes))
2024 goto nla_put_failure;
2025 state->split_start++;
2030 if (nl80211_send_wowlan(msg, rdev, state->split))
2031 goto nla_put_failure;
2032 state->split_start++;
2036 state->split_start++;
2039 if (nl80211_put_iftypes(msg, NL80211_ATTR_SOFTWARE_IFTYPES,
2040 rdev->wiphy.software_iftypes))
2041 goto nla_put_failure;
2043 if (nl80211_put_iface_combinations(&rdev->wiphy, msg,
2045 goto nla_put_failure;
2047 state->split_start++;
2051 if ((rdev->wiphy.flags & WIPHY_FLAG_HAVE_AP_SME) &&
2052 nla_put_u32(msg, NL80211_ATTR_DEVICE_AP_SME,
2053 rdev->wiphy.ap_sme_capa))
2054 goto nla_put_failure;
2056 features = rdev->wiphy.features;
2058 * We can only add the per-channel limit information if the
2059 * dump is split, otherwise it makes it too big. Therefore
2060 * only advertise it in that case.
2063 features |= NL80211_FEATURE_ADVERTISE_CHAN_LIMITS;
2064 if (nla_put_u32(msg, NL80211_ATTR_FEATURE_FLAGS, features))
2065 goto nla_put_failure;
2067 if (rdev->wiphy.ht_capa_mod_mask &&
2068 nla_put(msg, NL80211_ATTR_HT_CAPABILITY_MASK,
2069 sizeof(*rdev->wiphy.ht_capa_mod_mask),
2070 rdev->wiphy.ht_capa_mod_mask))
2071 goto nla_put_failure;
2073 if (rdev->wiphy.flags & WIPHY_FLAG_HAVE_AP_SME &&
2074 rdev->wiphy.max_acl_mac_addrs &&
2075 nla_put_u32(msg, NL80211_ATTR_MAC_ACL_MAX,
2076 rdev->wiphy.max_acl_mac_addrs))
2077 goto nla_put_failure;
2080 * Any information below this point is only available to
2081 * applications that can deal with it being split. This
2082 * helps ensure that newly added capabilities don't break
2083 * older tools by overrunning their buffers.
2085 * We still increment split_start so that in the split
2086 * case we'll continue with more data in the next round,
2087 * but break unconditionally so unsplit data stops here.
2089 state->split_start++;
2092 if (rdev->wiphy.extended_capabilities &&
2093 (nla_put(msg, NL80211_ATTR_EXT_CAPA,
2094 rdev->wiphy.extended_capabilities_len,
2095 rdev->wiphy.extended_capabilities) ||
2096 nla_put(msg, NL80211_ATTR_EXT_CAPA_MASK,
2097 rdev->wiphy.extended_capabilities_len,
2098 rdev->wiphy.extended_capabilities_mask)))
2099 goto nla_put_failure;
2101 if (rdev->wiphy.vht_capa_mod_mask &&
2102 nla_put(msg, NL80211_ATTR_VHT_CAPABILITY_MASK,
2103 sizeof(*rdev->wiphy.vht_capa_mod_mask),
2104 rdev->wiphy.vht_capa_mod_mask))
2105 goto nla_put_failure;
2107 state->split_start++;
2110 if (nl80211_send_coalesce(msg, rdev))
2111 goto nla_put_failure;
2113 if ((rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_5_10_MHZ) &&
2114 (nla_put_flag(msg, NL80211_ATTR_SUPPORT_5_MHZ) ||
2115 nla_put_flag(msg, NL80211_ATTR_SUPPORT_10_MHZ)))
2116 goto nla_put_failure;
2118 if (rdev->wiphy.max_ap_assoc_sta &&
2119 nla_put_u32(msg, NL80211_ATTR_MAX_AP_ASSOC_STA,
2120 rdev->wiphy.max_ap_assoc_sta))
2121 goto nla_put_failure;
2123 state->split_start++;
2126 if (rdev->wiphy.n_vendor_commands) {
2127 const struct nl80211_vendor_cmd_info *info;
2128 struct nlattr *nested;
2130 nested = nla_nest_start(msg, NL80211_ATTR_VENDOR_DATA);
2132 goto nla_put_failure;
2134 for (i = 0; i < rdev->wiphy.n_vendor_commands; i++) {
2135 info = &rdev->wiphy.vendor_commands[i].info;
2136 if (nla_put(msg, i + 1, sizeof(*info), info))
2137 goto nla_put_failure;
2139 nla_nest_end(msg, nested);
2142 if (rdev->wiphy.n_vendor_events) {
2143 const struct nl80211_vendor_cmd_info *info;
2144 struct nlattr *nested;
2146 nested = nla_nest_start(msg,
2147 NL80211_ATTR_VENDOR_EVENTS);
2149 goto nla_put_failure;
2151 for (i = 0; i < rdev->wiphy.n_vendor_events; i++) {
2152 info = &rdev->wiphy.vendor_events[i];
2153 if (nla_put(msg, i + 1, sizeof(*info), info))
2154 goto nla_put_failure;
2156 nla_nest_end(msg, nested);
2158 state->split_start++;
2161 if (rdev->wiphy.flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH &&
2162 nla_put_u8(msg, NL80211_ATTR_MAX_CSA_COUNTERS,
2163 rdev->wiphy.max_num_csa_counters))
2164 goto nla_put_failure;
2166 if (rdev->wiphy.regulatory_flags & REGULATORY_WIPHY_SELF_MANAGED &&
2167 nla_put_flag(msg, NL80211_ATTR_WIPHY_SELF_MANAGED_REG))
2168 goto nla_put_failure;
2170 if (rdev->wiphy.max_sched_scan_reqs &&
2171 nla_put_u32(msg, NL80211_ATTR_SCHED_SCAN_MAX_REQS,
2172 rdev->wiphy.max_sched_scan_reqs))
2173 goto nla_put_failure;
2175 if (nla_put(msg, NL80211_ATTR_EXT_FEATURES,
2176 sizeof(rdev->wiphy.ext_features),
2177 rdev->wiphy.ext_features))
2178 goto nla_put_failure;
2180 if (rdev->wiphy.bss_select_support) {
2181 struct nlattr *nested;
2182 u32 bss_select_support = rdev->wiphy.bss_select_support;
2184 nested = nla_nest_start(msg, NL80211_ATTR_BSS_SELECT);
2186 goto nla_put_failure;
2189 while (bss_select_support) {
2190 if ((bss_select_support & 1) &&
2191 nla_put_flag(msg, i))
2192 goto nla_put_failure;
2194 bss_select_support >>= 1;
2196 nla_nest_end(msg, nested);
2199 state->split_start++;
2202 if (rdev->wiphy.num_iftype_ext_capab &&
2203 rdev->wiphy.iftype_ext_capab) {
2204 struct nlattr *nested_ext_capab, *nested;
2206 nested = nla_nest_start(msg,
2207 NL80211_ATTR_IFTYPE_EXT_CAPA);
2209 goto nla_put_failure;
2211 for (i = state->capa_start;
2212 i < rdev->wiphy.num_iftype_ext_capab; i++) {
2213 const struct wiphy_iftype_ext_capab *capab;
2215 capab = &rdev->wiphy.iftype_ext_capab[i];
2217 nested_ext_capab = nla_nest_start(msg, i);
2218 if (!nested_ext_capab ||
2219 nla_put_u32(msg, NL80211_ATTR_IFTYPE,
2221 nla_put(msg, NL80211_ATTR_EXT_CAPA,
2222 capab->extended_capabilities_len,
2223 capab->extended_capabilities) ||
2224 nla_put(msg, NL80211_ATTR_EXT_CAPA_MASK,
2225 capab->extended_capabilities_len,
2226 capab->extended_capabilities_mask))
2227 goto nla_put_failure;
2229 nla_nest_end(msg, nested_ext_capab);
2233 nla_nest_end(msg, nested);
2234 if (i < rdev->wiphy.num_iftype_ext_capab) {
2235 state->capa_start = i + 1;
2240 if (nla_put_u32(msg, NL80211_ATTR_BANDS,
2241 rdev->wiphy.nan_supported_bands))
2242 goto nla_put_failure;
2244 if (wiphy_ext_feature_isset(&rdev->wiphy,
2245 NL80211_EXT_FEATURE_TXQS)) {
2246 struct cfg80211_txq_stats txqstats = {};
2249 res = rdev_get_txq_stats(rdev, NULL, &txqstats);
2251 !nl80211_put_txq_stats(msg, &txqstats,
2252 NL80211_ATTR_TXQ_STATS))
2253 goto nla_put_failure;
2255 if (nla_put_u32(msg, NL80211_ATTR_TXQ_LIMIT,
2256 rdev->wiphy.txq_limit))
2257 goto nla_put_failure;
2258 if (nla_put_u32(msg, NL80211_ATTR_TXQ_MEMORY_LIMIT,
2259 rdev->wiphy.txq_memory_limit))
2260 goto nla_put_failure;
2261 if (nla_put_u32(msg, NL80211_ATTR_TXQ_QUANTUM,
2262 rdev->wiphy.txq_quantum))
2263 goto nla_put_failure;
2266 state->split_start++;
2269 if (nl80211_send_pmsr_capa(rdev, msg))
2270 goto nla_put_failure;
2273 state->split_start = 0;
2277 genlmsg_end(msg, hdr);
2281 genlmsg_cancel(msg, hdr);
2285 static int nl80211_dump_wiphy_parse(struct sk_buff *skb,
2286 struct netlink_callback *cb,
2287 struct nl80211_dump_wiphy_state *state)
2289 struct nlattr **tb = genl_family_attrbuf(&nl80211_fam);
2290 int ret = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize, tb,
2291 nl80211_fam.maxattr, nl80211_policy, NULL);
2292 /* ignore parse errors for backward compatibility */
2296 state->split = tb[NL80211_ATTR_SPLIT_WIPHY_DUMP];
2297 if (tb[NL80211_ATTR_WIPHY])
2298 state->filter_wiphy = nla_get_u32(tb[NL80211_ATTR_WIPHY]);
2299 if (tb[NL80211_ATTR_WDEV])
2300 state->filter_wiphy = nla_get_u64(tb[NL80211_ATTR_WDEV]) >> 32;
2301 if (tb[NL80211_ATTR_IFINDEX]) {
2302 struct net_device *netdev;
2303 struct cfg80211_registered_device *rdev;
2304 int ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
2306 netdev = __dev_get_by_index(sock_net(skb->sk), ifidx);
2309 if (netdev->ieee80211_ptr) {
2310 rdev = wiphy_to_rdev(
2311 netdev->ieee80211_ptr->wiphy);
2312 state->filter_wiphy = rdev->wiphy_idx;
2319 static int nl80211_dump_wiphy(struct sk_buff *skb, struct netlink_callback *cb)
2322 struct nl80211_dump_wiphy_state *state = (void *)cb->args[0];
2323 struct cfg80211_registered_device *rdev;
2327 state = kzalloc(sizeof(*state), GFP_KERNEL);
2332 state->filter_wiphy = -1;
2333 ret = nl80211_dump_wiphy_parse(skb, cb, state);
2339 cb->args[0] = (long)state;
2342 list_for_each_entry(rdev, &cfg80211_rdev_list, list) {
2343 if (!net_eq(wiphy_net(&rdev->wiphy), sock_net(skb->sk)))
2345 if (++idx <= state->start)
2347 if (state->filter_wiphy != -1 &&
2348 state->filter_wiphy != rdev->wiphy_idx)
2350 /* attempt to fit multiple wiphy data chunks into the skb */
2352 ret = nl80211_send_wiphy(rdev, NL80211_CMD_NEW_WIPHY,
2354 NETLINK_CB(cb->skb).portid,
2356 NLM_F_MULTI, state);
2359 * If sending the wiphy data didn't fit (ENOBUFS
2360 * or EMSGSIZE returned), this SKB is still
2361 * empty (so it's not too big because another
2362 * wiphy dataset is already in the skb) and
2363 * we've not tried to adjust the dump allocation
2364 * yet ... then adjust the alloc size to be
2365 * bigger, and return 1 but with the empty skb.
2366 * This results in an empty message being RX'ed
2367 * in userspace, but that is ignored.
2369 * We can then retry with the larger buffer.
2371 if ((ret == -ENOBUFS || ret == -EMSGSIZE) &&
2372 !skb->len && !state->split &&
2373 cb->min_dump_alloc < 4096) {
2374 cb->min_dump_alloc = 4096;
2375 state->split_start = 0;
2382 } while (state->split_start > 0);
2392 static int nl80211_dump_wiphy_done(struct netlink_callback *cb)
2394 kfree((void *)cb->args[0]);
2398 static int nl80211_get_wiphy(struct sk_buff *skb, struct genl_info *info)
2400 struct sk_buff *msg;
2401 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2402 struct nl80211_dump_wiphy_state state = {};
2404 msg = nlmsg_new(4096, GFP_KERNEL);
2408 if (nl80211_send_wiphy(rdev, NL80211_CMD_NEW_WIPHY, msg,
2409 info->snd_portid, info->snd_seq, 0,
2415 return genlmsg_reply(msg, info);
2418 static const struct nla_policy txq_params_policy[NL80211_TXQ_ATTR_MAX + 1] = {
2419 [NL80211_TXQ_ATTR_QUEUE] = { .type = NLA_U8 },
2420 [NL80211_TXQ_ATTR_TXOP] = { .type = NLA_U16 },
2421 [NL80211_TXQ_ATTR_CWMIN] = { .type = NLA_U16 },
2422 [NL80211_TXQ_ATTR_CWMAX] = { .type = NLA_U16 },
2423 [NL80211_TXQ_ATTR_AIFS] = { .type = NLA_U8 },
2426 static int parse_txq_params(struct nlattr *tb[],
2427 struct ieee80211_txq_params *txq_params)
2431 if (!tb[NL80211_TXQ_ATTR_AC] || !tb[NL80211_TXQ_ATTR_TXOP] ||
2432 !tb[NL80211_TXQ_ATTR_CWMIN] || !tb[NL80211_TXQ_ATTR_CWMAX] ||
2433 !tb[NL80211_TXQ_ATTR_AIFS])
2436 ac = nla_get_u8(tb[NL80211_TXQ_ATTR_AC]);
2437 txq_params->txop = nla_get_u16(tb[NL80211_TXQ_ATTR_TXOP]);
2438 txq_params->cwmin = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMIN]);
2439 txq_params->cwmax = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMAX]);
2440 txq_params->aifs = nla_get_u8(tb[NL80211_TXQ_ATTR_AIFS]);
2442 if (ac >= NL80211_NUM_ACS)
2444 txq_params->ac = array_index_nospec(ac, NL80211_NUM_ACS);
2448 static bool nl80211_can_set_dev_channel(struct wireless_dev *wdev)
2451 * You can only set the channel explicitly for WDS interfaces,
2452 * all others have their channel managed via their respective
2453 * "establish a connection" command (connect, join, ...)
2455 * For AP/GO and mesh mode, the channel can be set with the
2456 * channel userspace API, but is only stored and passed to the
2457 * low-level driver when the AP starts or the mesh is joined.
2458 * This is for backward compatibility, userspace can also give
2459 * the channel in the start-ap or join-mesh commands instead.
2461 * Monitors are special as they are normally slaved to
2462 * whatever else is going on, so they have their own special
2463 * operation to set the monitor channel if possible.
2466 wdev->iftype == NL80211_IFTYPE_AP ||
2467 wdev->iftype == NL80211_IFTYPE_MESH_POINT ||
2468 wdev->iftype == NL80211_IFTYPE_MONITOR ||
2469 wdev->iftype == NL80211_IFTYPE_P2P_GO;
2472 int nl80211_parse_chandef(struct cfg80211_registered_device *rdev,
2473 struct genl_info *info,
2474 struct cfg80211_chan_def *chandef)
2476 struct netlink_ext_ack *extack = info->extack;
2477 struct nlattr **attrs = info->attrs;
2480 if (!attrs[NL80211_ATTR_WIPHY_FREQ])
2483 control_freq = nla_get_u32(attrs[NL80211_ATTR_WIPHY_FREQ]);
2485 chandef->chan = ieee80211_get_channel(&rdev->wiphy, control_freq);
2486 chandef->width = NL80211_CHAN_WIDTH_20_NOHT;
2487 chandef->center_freq1 = control_freq;
2488 chandef->center_freq2 = 0;
2490 /* Primary channel not allowed */
2491 if (!chandef->chan || chandef->chan->flags & IEEE80211_CHAN_DISABLED) {
2492 NL_SET_ERR_MSG_ATTR(extack, attrs[NL80211_ATTR_WIPHY_FREQ],
2493 "Channel is disabled");
2497 if (attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) {
2498 enum nl80211_channel_type chantype;
2500 chantype = nla_get_u32(attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
2503 case NL80211_CHAN_NO_HT:
2504 case NL80211_CHAN_HT20:
2505 case NL80211_CHAN_HT40PLUS:
2506 case NL80211_CHAN_HT40MINUS:
2507 cfg80211_chandef_create(chandef, chandef->chan,
2509 /* user input for center_freq is incorrect */
2510 if (attrs[NL80211_ATTR_CENTER_FREQ1] &&
2511 chandef->center_freq1 != nla_get_u32(attrs[NL80211_ATTR_CENTER_FREQ1])) {
2512 NL_SET_ERR_MSG_ATTR(extack,
2513 attrs[NL80211_ATTR_CENTER_FREQ1],
2514 "bad center frequency 1");
2517 /* center_freq2 must be zero */
2518 if (attrs[NL80211_ATTR_CENTER_FREQ2] &&
2519 nla_get_u32(attrs[NL80211_ATTR_CENTER_FREQ2])) {
2520 NL_SET_ERR_MSG_ATTR(extack,
2521 attrs[NL80211_ATTR_CENTER_FREQ2],
2522 "center frequency 2 can't be used");
2527 NL_SET_ERR_MSG_ATTR(extack,
2528 attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE],
2529 "invalid channel type");
2532 } else if (attrs[NL80211_ATTR_CHANNEL_WIDTH]) {
2534 nla_get_u32(attrs[NL80211_ATTR_CHANNEL_WIDTH]);
2535 if (attrs[NL80211_ATTR_CENTER_FREQ1])
2536 chandef->center_freq1 =
2537 nla_get_u32(attrs[NL80211_ATTR_CENTER_FREQ1]);
2538 if (attrs[NL80211_ATTR_CENTER_FREQ2])
2539 chandef->center_freq2 =
2540 nla_get_u32(attrs[NL80211_ATTR_CENTER_FREQ2]);
2543 if (!cfg80211_chandef_valid(chandef)) {
2544 NL_SET_ERR_MSG(extack, "invalid channel definition");
2548 if (!cfg80211_chandef_usable(&rdev->wiphy, chandef,
2549 IEEE80211_CHAN_DISABLED)) {
2550 NL_SET_ERR_MSG(extack, "(extension) channel is disabled");
2554 if ((chandef->width == NL80211_CHAN_WIDTH_5 ||
2555 chandef->width == NL80211_CHAN_WIDTH_10) &&
2556 !(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_5_10_MHZ)) {
2557 NL_SET_ERR_MSG(extack, "5/10 MHz not supported");
2564 static int __nl80211_set_channel(struct cfg80211_registered_device *rdev,
2565 struct net_device *dev,
2566 struct genl_info *info)
2568 struct cfg80211_chan_def chandef;
2570 enum nl80211_iftype iftype = NL80211_IFTYPE_MONITOR;
2571 struct wireless_dev *wdev = NULL;
2574 wdev = dev->ieee80211_ptr;
2575 if (!nl80211_can_set_dev_channel(wdev))
2578 iftype = wdev->iftype;
2580 result = nl80211_parse_chandef(rdev, info, &chandef);
2585 case NL80211_IFTYPE_AP:
2586 case NL80211_IFTYPE_P2P_GO:
2587 if (!cfg80211_reg_can_beacon_relax(&rdev->wiphy, &chandef,
2592 if (wdev->beacon_interval) {
2593 if (!dev || !rdev->ops->set_ap_chanwidth ||
2594 !(rdev->wiphy.features &
2595 NL80211_FEATURE_AP_MODE_CHAN_WIDTH_CHANGE)) {
2600 /* Only allow dynamic channel width changes */
2601 if (chandef.chan != wdev->preset_chandef.chan) {
2605 result = rdev_set_ap_chanwidth(rdev, dev, &chandef);
2609 wdev->preset_chandef = chandef;
2612 case NL80211_IFTYPE_MESH_POINT:
2613 result = cfg80211_set_mesh_channel(rdev, wdev, &chandef);
2615 case NL80211_IFTYPE_MONITOR:
2616 result = cfg80211_set_monitor_channel(rdev, &chandef);
2625 static int nl80211_set_channel(struct sk_buff *skb, struct genl_info *info)
2627 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2628 struct net_device *netdev = info->user_ptr[1];
2630 return __nl80211_set_channel(rdev, netdev, info);
2633 static int nl80211_set_wds_peer(struct sk_buff *skb, struct genl_info *info)
2635 struct cfg80211_registered_device *rdev = info->user_ptr[0];
2636 struct net_device *dev = info->user_ptr[1];
2637 struct wireless_dev *wdev = dev->ieee80211_ptr;
2640 if (!info->attrs[NL80211_ATTR_MAC])
2643 if (netif_running(dev))
2646 if (!rdev->ops->set_wds_peer)
2649 if (wdev->iftype != NL80211_IFTYPE_WDS)
2652 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
2653 return rdev_set_wds_peer(rdev, dev, bssid);
2656 static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info)
2658 struct cfg80211_registered_device *rdev;
2659 struct net_device *netdev = NULL;
2660 struct wireless_dev *wdev;
2661 int result = 0, rem_txq_params = 0;
2662 struct nlattr *nl_txq_params;
2664 u8 retry_short = 0, retry_long = 0;
2665 u32 frag_threshold = 0, rts_threshold = 0;
2666 u8 coverage_class = 0;
2667 u32 txq_limit = 0, txq_memory_limit = 0, txq_quantum = 0;
2672 * Try to find the wiphy and netdev. Normally this
2673 * function shouldn't need the netdev, but this is
2674 * done for backward compatibility -- previously
2675 * setting the channel was done per wiphy, but now
2676 * it is per netdev. Previous userland like hostapd
2677 * also passed a netdev to set_wiphy, so that it is
2678 * possible to let that go to the right netdev!
2681 if (info->attrs[NL80211_ATTR_IFINDEX]) {
2682 int ifindex = nla_get_u32(info->attrs[NL80211_ATTR_IFINDEX]);
2684 netdev = __dev_get_by_index(genl_info_net(info), ifindex);
2685 if (netdev && netdev->ieee80211_ptr)
2686 rdev = wiphy_to_rdev(netdev->ieee80211_ptr->wiphy);
2692 rdev = __cfg80211_rdev_from_attrs(genl_info_net(info),
2695 return PTR_ERR(rdev);
2700 wdev = netdev->ieee80211_ptr;
2703 * end workaround code, by now the rdev is available
2704 * and locked, and wdev may or may not be NULL.
2707 if (info->attrs[NL80211_ATTR_WIPHY_NAME])
2708 result = cfg80211_dev_rename(
2709 rdev, nla_data(info->attrs[NL80211_ATTR_WIPHY_NAME]));
2714 if (info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS]) {
2715 struct ieee80211_txq_params txq_params;
2716 struct nlattr *tb[NL80211_TXQ_ATTR_MAX + 1];
2718 if (!rdev->ops->set_txq_params)
2724 if (netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
2725 netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
2728 if (!netif_running(netdev))
2731 nla_for_each_nested(nl_txq_params,
2732 info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS],
2734 result = nla_parse_nested(tb, NL80211_TXQ_ATTR_MAX,
2740 result = parse_txq_params(tb, &txq_params);
2744 result = rdev_set_txq_params(rdev, netdev,
2751 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
2752 result = __nl80211_set_channel(
2754 nl80211_can_set_dev_channel(wdev) ? netdev : NULL,
2760 if (info->attrs[NL80211_ATTR_WIPHY_TX_POWER_SETTING]) {
2761 struct wireless_dev *txp_wdev = wdev;
2762 enum nl80211_tx_power_setting type;
2765 if (!(rdev->wiphy.features & NL80211_FEATURE_VIF_TXPOWER))
2768 if (!rdev->ops->set_tx_power)
2771 idx = NL80211_ATTR_WIPHY_TX_POWER_SETTING;
2772 type = nla_get_u32(info->attrs[idx]);
2774 if (!info->attrs[NL80211_ATTR_WIPHY_TX_POWER_LEVEL] &&
2775 (type != NL80211_TX_POWER_AUTOMATIC))
2778 if (type != NL80211_TX_POWER_AUTOMATIC) {
2779 idx = NL80211_ATTR_WIPHY_TX_POWER_LEVEL;
2780 mbm = nla_get_u32(info->attrs[idx]);
2783 result = rdev_set_tx_power(rdev, txp_wdev, type, mbm);
2788 if (info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX] &&
2789 info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]) {
2792 if ((!rdev->wiphy.available_antennas_tx &&
2793 !rdev->wiphy.available_antennas_rx) ||
2794 !rdev->ops->set_antenna)
2797 tx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX]);
2798 rx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]);
2800 /* reject antenna configurations which don't match the
2801 * available antenna masks, except for the "all" mask */
2802 if ((~tx_ant && (tx_ant & ~rdev->wiphy.available_antennas_tx)) ||
2803 (~rx_ant && (rx_ant & ~rdev->wiphy.available_antennas_rx)))
2806 tx_ant = tx_ant & rdev->wiphy.available_antennas_tx;
2807 rx_ant = rx_ant & rdev->wiphy.available_antennas_rx;
2809 result = rdev_set_antenna(rdev, tx_ant, rx_ant);
2816 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]) {
2817 retry_short = nla_get_u8(
2818 info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]);
2820 changed |= WIPHY_PARAM_RETRY_SHORT;
2823 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]) {
2824 retry_long = nla_get_u8(
2825 info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]);
2827 changed |= WIPHY_PARAM_RETRY_LONG;
2830 if (info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]) {
2831 frag_threshold = nla_get_u32(
2832 info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]);
2833 if (frag_threshold < 256)
2836 if (frag_threshold != (u32) -1) {
2838 * Fragments (apart from the last one) are required to
2839 * have even length. Make the fragmentation code
2840 * simpler by stripping LSB should someone try to use
2841 * odd threshold value.
2843 frag_threshold &= ~0x1;
2845 changed |= WIPHY_PARAM_FRAG_THRESHOLD;
2848 if (info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]) {
2849 rts_threshold = nla_get_u32(
2850 info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]);
2851 changed |= WIPHY_PARAM_RTS_THRESHOLD;
2854 if (info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]) {
2855 if (info->attrs[NL80211_ATTR_WIPHY_DYN_ACK])
2858 coverage_class = nla_get_u8(
2859 info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]);
2860 changed |= WIPHY_PARAM_COVERAGE_CLASS;
2863 if (info->attrs[NL80211_ATTR_WIPHY_DYN_ACK]) {
2864 if (!(rdev->wiphy.features & NL80211_FEATURE_ACKTO_ESTIMATION))
2867 changed |= WIPHY_PARAM_DYN_ACK;
2870 if (info->attrs[NL80211_ATTR_TXQ_LIMIT]) {
2871 if (!wiphy_ext_feature_isset(&rdev->wiphy,
2872 NL80211_EXT_FEATURE_TXQS))
2874 txq_limit = nla_get_u32(
2875 info->attrs[NL80211_ATTR_TXQ_LIMIT]);
2876 changed |= WIPHY_PARAM_TXQ_LIMIT;
2879 if (info->attrs[NL80211_ATTR_TXQ_MEMORY_LIMIT]) {
2880 if (!wiphy_ext_feature_isset(&rdev->wiphy,
2881 NL80211_EXT_FEATURE_TXQS))
2883 txq_memory_limit = nla_get_u32(
2884 info->attrs[NL80211_ATTR_TXQ_MEMORY_LIMIT]);
2885 changed |= WIPHY_PARAM_TXQ_MEMORY_LIMIT;
2888 if (info->attrs[NL80211_ATTR_TXQ_QUANTUM]) {
2889 if (!wiphy_ext_feature_isset(&rdev->wiphy,
2890 NL80211_EXT_FEATURE_TXQS))
2892 txq_quantum = nla_get_u32(
2893 info->attrs[NL80211_ATTR_TXQ_QUANTUM]);
2894 changed |= WIPHY_PARAM_TXQ_QUANTUM;
2898 u8 old_retry_short, old_retry_long;
2899 u32 old_frag_threshold, old_rts_threshold;
2900 u8 old_coverage_class;
2901 u32 old_txq_limit, old_txq_memory_limit, old_txq_quantum;
2903 if (!rdev->ops->set_wiphy_params)
2906 old_retry_short = rdev->wiphy.retry_short;
2907 old_retry_long = rdev->wiphy.retry_long;
2908 old_frag_threshold = rdev->wiphy.frag_threshold;
2909 old_rts_threshold = rdev->wiphy.rts_threshold;
2910 old_coverage_class = rdev->wiphy.coverage_class;
2911 old_txq_limit = rdev->wiphy.txq_limit;
2912 old_txq_memory_limit = rdev->wiphy.txq_memory_limit;
2913 old_txq_quantum = rdev->wiphy.txq_quantum;
2915 if (changed & WIPHY_PARAM_RETRY_SHORT)
2916 rdev->wiphy.retry_short = retry_short;
2917 if (changed & WIPHY_PARAM_RETRY_LONG)
2918 rdev->wiphy.retry_long = retry_long;
2919 if (changed & WIPHY_PARAM_FRAG_THRESHOLD)
2920 rdev->wiphy.frag_threshold = frag_threshold;
2921 if (changed & WIPHY_PARAM_RTS_THRESHOLD)
2922 rdev->wiphy.rts_threshold = rts_threshold;
2923 if (changed & WIPHY_PARAM_COVERAGE_CLASS)
2924 rdev->wiphy.coverage_class = coverage_class;
2925 if (changed & WIPHY_PARAM_TXQ_LIMIT)
2926 rdev->wiphy.txq_limit = txq_limit;
2927 if (changed & WIPHY_PARAM_TXQ_MEMORY_LIMIT)
2928 rdev->wiphy.txq_memory_limit = txq_memory_limit;
2929 if (changed & WIPHY_PARAM_TXQ_QUANTUM)
2930 rdev->wiphy.txq_quantum = txq_quantum;
2932 result = rdev_set_wiphy_params(rdev, changed);
2934 rdev->wiphy.retry_short = old_retry_short;
2935 rdev->wiphy.retry_long = old_retry_long;
2936 rdev->wiphy.frag_threshold = old_frag_threshold;
2937 rdev->wiphy.rts_threshold = old_rts_threshold;
2938 rdev->wiphy.coverage_class = old_coverage_class;
2939 rdev->wiphy.txq_limit = old_txq_limit;
2940 rdev->wiphy.txq_memory_limit = old_txq_memory_limit;
2941 rdev->wiphy.txq_quantum = old_txq_quantum;
2948 static int nl80211_send_chandef(struct sk_buff *msg,
2949 const struct cfg80211_chan_def *chandef)
2951 if (WARN_ON(!cfg80211_chandef_valid(chandef)))
2954 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ,
2955 chandef->chan->center_freq))
2957 switch (chandef->width) {
2958 case NL80211_CHAN_WIDTH_20_NOHT:
2959 case NL80211_CHAN_WIDTH_20:
2960 case NL80211_CHAN_WIDTH_40:
2961 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
2962 cfg80211_get_chandef_type(chandef)))
2968 if (nla_put_u32(msg, NL80211_ATTR_CHANNEL_WIDTH, chandef->width))
2970 if (nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ1, chandef->center_freq1))
2972 if (chandef->center_freq2 &&
2973 nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ2, chandef->center_freq2))
2978 static int nl80211_send_iface(struct sk_buff *msg, u32 portid, u32 seq, int flags,
2979 struct cfg80211_registered_device *rdev,
2980 struct wireless_dev *wdev,
2981 enum nl80211_commands cmd)
2983 struct net_device *dev = wdev->netdev;
2986 WARN_ON(cmd != NL80211_CMD_NEW_INTERFACE &&
2987 cmd != NL80211_CMD_DEL_INTERFACE &&
2988 cmd != NL80211_CMD_SET_INTERFACE);
2990 hdr = nl80211hdr_put(msg, portid, seq, flags, cmd);
2995 (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
2996 nla_put_string(msg, NL80211_ATTR_IFNAME, dev->name)))
2997 goto nla_put_failure;
2999 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
3000 nla_put_u32(msg, NL80211_ATTR_IFTYPE, wdev->iftype) ||
3001 nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
3002 NL80211_ATTR_PAD) ||
3003 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, wdev_address(wdev)) ||
3004 nla_put_u32(msg, NL80211_ATTR_GENERATION,
3005 rdev->devlist_generation ^
3006 (cfg80211_rdev_list_generation << 2)) ||
3007 nla_put_u8(msg, NL80211_ATTR_4ADDR, wdev->use_4addr))
3008 goto nla_put_failure;
3010 if (rdev->ops->get_channel) {
3012 struct cfg80211_chan_def chandef;
3014 ret = rdev_get_channel(rdev, wdev, &chandef);
3016 if (nl80211_send_chandef(msg, &chandef))
3017 goto nla_put_failure;
3021 if (rdev->ops->get_tx_power) {
3024 ret = rdev_get_tx_power(rdev, wdev, &dbm);
3026 nla_put_u32(msg, NL80211_ATTR_WIPHY_TX_POWER_LEVEL,
3028 goto nla_put_failure;
3032 switch (wdev->iftype) {
3033 case NL80211_IFTYPE_AP:
3034 if (wdev->ssid_len &&
3035 nla_put(msg, NL80211_ATTR_SSID, wdev->ssid_len, wdev->ssid))
3036 goto nla_put_failure_locked;
3038 case NL80211_IFTYPE_STATION:
3039 case NL80211_IFTYPE_P2P_CLIENT:
3040 case NL80211_IFTYPE_ADHOC: {
3042 if (!wdev->current_bss)
3045 ssid_ie = ieee80211_bss_get_ie(&wdev->current_bss->pub,
3048 nla_put(msg, NL80211_ATTR_SSID, ssid_ie[1], ssid_ie + 2))
3049 goto nla_put_failure_rcu_locked;
3059 if (rdev->ops->get_txq_stats) {
3060 struct cfg80211_txq_stats txqstats = {};
3061 int ret = rdev_get_txq_stats(rdev, wdev, &txqstats);
3064 !nl80211_put_txq_stats(msg, &txqstats,
3065 NL80211_ATTR_TXQ_STATS))
3066 goto nla_put_failure;
3069 genlmsg_end(msg, hdr);
3072 nla_put_failure_rcu_locked:
3074 nla_put_failure_locked:
3077 genlmsg_cancel(msg, hdr);
3081 static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback *cb)
3085 int wp_start = cb->args[0];
3086 int if_start = cb->args[1];
3087 int filter_wiphy = -1;
3088 struct cfg80211_registered_device *rdev;
3089 struct wireless_dev *wdev;
3094 struct nl80211_dump_wiphy_state state = {
3098 ret = nl80211_dump_wiphy_parse(skb, cb, &state);
3102 filter_wiphy = state.filter_wiphy;
3105 * if filtering, set cb->args[2] to +1 since 0 is the default
3106 * value needed to determine that parsing is necessary.
3108 if (filter_wiphy >= 0)
3109 cb->args[2] = filter_wiphy + 1;
3112 } else if (cb->args[2] > 0) {
3113 filter_wiphy = cb->args[2] - 1;
3116 list_for_each_entry(rdev, &cfg80211_rdev_list, list) {
3117 if (!net_eq(wiphy_net(&rdev->wiphy), sock_net(skb->sk)))
3119 if (wp_idx < wp_start) {
3124 if (filter_wiphy >= 0 && filter_wiphy != rdev->wiphy_idx)
3129 list_for_each_entry(wdev, &rdev->wiphy.wdev_list, list) {
3130 if (if_idx < if_start) {
3134 if (nl80211_send_iface(skb, NETLINK_CB(cb->skb).portid,
3135 cb->nlh->nlmsg_seq, NLM_F_MULTI,
3137 NL80211_CMD_NEW_INTERFACE) < 0) {
3146 cb->args[0] = wp_idx;
3147 cb->args[1] = if_idx;
3156 static int nl80211_get_interface(struct sk_buff *skb, struct genl_info *info)
3158 struct sk_buff *msg;
3159 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3160 struct wireless_dev *wdev = info->user_ptr[1];
3162 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
3166 if (nl80211_send_iface(msg, info->snd_portid, info->snd_seq, 0,
3167 rdev, wdev, NL80211_CMD_NEW_INTERFACE) < 0) {
3172 return genlmsg_reply(msg, info);
3175 static const struct nla_policy mntr_flags_policy[NL80211_MNTR_FLAG_MAX + 1] = {
3176 [NL80211_MNTR_FLAG_FCSFAIL] = { .type = NLA_FLAG },
3177 [NL80211_MNTR_FLAG_PLCPFAIL] = { .type = NLA_FLAG },
3178 [NL80211_MNTR_FLAG_CONTROL] = { .type = NLA_FLAG },
3179 [NL80211_MNTR_FLAG_OTHER_BSS] = { .type = NLA_FLAG },
3180 [NL80211_MNTR_FLAG_COOK_FRAMES] = { .type = NLA_FLAG },
3181 [NL80211_MNTR_FLAG_ACTIVE] = { .type = NLA_FLAG },
3184 static int parse_monitor_flags(struct nlattr *nla, u32 *mntrflags)
3186 struct nlattr *flags[NL80211_MNTR_FLAG_MAX + 1];
3194 if (nla_parse_nested(flags, NL80211_MNTR_FLAG_MAX, nla,
3195 mntr_flags_policy, NULL))
3198 for (flag = 1; flag <= NL80211_MNTR_FLAG_MAX; flag++)
3200 *mntrflags |= (1<<flag);
3202 *mntrflags |= MONITOR_FLAG_CHANGED;
3207 static int nl80211_parse_mon_options(struct cfg80211_registered_device *rdev,
3208 enum nl80211_iftype type,
3209 struct genl_info *info,
3210 struct vif_params *params)
3212 bool change = false;
3215 if (info->attrs[NL80211_ATTR_MNTR_FLAGS]) {
3216 if (type != NL80211_IFTYPE_MONITOR)
3219 err = parse_monitor_flags(info->attrs[NL80211_ATTR_MNTR_FLAGS],
3227 if (params->flags & MONITOR_FLAG_ACTIVE &&
3228 !(rdev->wiphy.features & NL80211_FEATURE_ACTIVE_MONITOR))
3231 if (info->attrs[NL80211_ATTR_MU_MIMO_GROUP_DATA]) {
3232 const u8 *mumimo_groups;
3233 u32 cap_flag = NL80211_EXT_FEATURE_MU_MIMO_AIR_SNIFFER;
3235 if (type != NL80211_IFTYPE_MONITOR)
3238 if (!wiphy_ext_feature_isset(&rdev->wiphy, cap_flag))
3242 nla_data(info->attrs[NL80211_ATTR_MU_MIMO_GROUP_DATA]);
3244 /* bits 0 and 63 are reserved and must be zero */
3245 if ((mumimo_groups[0] & BIT(0)) ||
3246 (mumimo_groups[VHT_MUMIMO_GROUPS_DATA_LEN - 1] & BIT(7)))
3249 params->vht_mumimo_groups = mumimo_groups;
3253 if (info->attrs[NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR]) {
3254 u32 cap_flag = NL80211_EXT_FEATURE_MU_MIMO_AIR_SNIFFER;
3256 if (type != NL80211_IFTYPE_MONITOR)
3259 if (!wiphy_ext_feature_isset(&rdev->wiphy, cap_flag))
3262 params->vht_mumimo_follow_addr =
3263 nla_data(info->attrs[NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR]);
3267 return change ? 1 : 0;
3270 static int nl80211_valid_4addr(struct cfg80211_registered_device *rdev,
3271 struct net_device *netdev, u8 use_4addr,
3272 enum nl80211_iftype iftype)
3275 if (netdev && (netdev->priv_flags & IFF_BRIDGE_PORT))
3281 case NL80211_IFTYPE_AP_VLAN:
3282 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_AP)
3285 case NL80211_IFTYPE_STATION:
3286 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_STATION)
3296 static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
3298 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3299 struct vif_params params;
3301 enum nl80211_iftype otype, ntype;
3302 struct net_device *dev = info->user_ptr[1];
3303 bool change = false;
3305 memset(¶ms, 0, sizeof(params));
3307 otype = ntype = dev->ieee80211_ptr->iftype;
3309 if (info->attrs[NL80211_ATTR_IFTYPE]) {
3310 ntype = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]);
3315 if (info->attrs[NL80211_ATTR_MESH_ID]) {
3316 struct wireless_dev *wdev = dev->ieee80211_ptr;
3318 if (ntype != NL80211_IFTYPE_MESH_POINT)
3320 if (netif_running(dev))
3324 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN !=
3325 IEEE80211_MAX_MESH_ID_LEN);
3326 wdev->mesh_id_up_len =
3327 nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
3328 memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]),
3329 wdev->mesh_id_up_len);
3333 if (info->attrs[NL80211_ATTR_4ADDR]) {
3334 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]);
3336 err = nl80211_valid_4addr(rdev, dev, params.use_4addr, ntype);
3340 params.use_4addr = -1;
3343 err = nl80211_parse_mon_options(rdev, ntype, info, ¶ms);
3350 err = cfg80211_change_iface(rdev, dev, ntype, ¶ms);
3354 if (!err && params.use_4addr != -1)
3355 dev->ieee80211_ptr->use_4addr = params.use_4addr;
3357 if (change && !err) {
3358 struct wireless_dev *wdev = dev->ieee80211_ptr;
3360 nl80211_notify_iface(rdev, wdev, NL80211_CMD_SET_INTERFACE);
3366 static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info)
3368 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3369 struct vif_params params;
3370 struct wireless_dev *wdev;
3371 struct sk_buff *msg;
3373 enum nl80211_iftype type = NL80211_IFTYPE_UNSPECIFIED;
3375 /* to avoid failing a new interface creation due to pending removal */
3376 cfg80211_destroy_ifaces(rdev);
3378 memset(¶ms, 0, sizeof(params));
3380 if (!info->attrs[NL80211_ATTR_IFNAME])
3383 if (info->attrs[NL80211_ATTR_IFTYPE])
3384 type = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]);
3386 if (!rdev->ops->add_virtual_intf ||
3387 !(rdev->wiphy.interface_modes & (1 << type)))
3390 if ((type == NL80211_IFTYPE_P2P_DEVICE || type == NL80211_IFTYPE_NAN ||
3391 rdev->wiphy.features & NL80211_FEATURE_MAC_ON_CREATE) &&
3392 info->attrs[NL80211_ATTR_MAC]) {
3393 nla_memcpy(params.macaddr, info->attrs[NL80211_ATTR_MAC],
3395 if (!is_valid_ether_addr(params.macaddr))
3396 return -EADDRNOTAVAIL;
3399 if (info->attrs[NL80211_ATTR_4ADDR]) {
3400 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]);
3401 err = nl80211_valid_4addr(rdev, NULL, params.use_4addr, type);
3406 err = nl80211_parse_mon_options(rdev, type, info, ¶ms);
3410 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
3414 wdev = rdev_add_virtual_intf(rdev,
3415 nla_data(info->attrs[NL80211_ATTR_IFNAME]),
3416 NET_NAME_USER, type, ¶ms);
3417 if (WARN_ON(!wdev)) {
3420 } else if (IS_ERR(wdev)) {
3422 return PTR_ERR(wdev);
3425 if (info->attrs[NL80211_ATTR_SOCKET_OWNER])
3426 wdev->owner_nlportid = info->snd_portid;
3429 case NL80211_IFTYPE_MESH_POINT:
3430 if (!info->attrs[NL80211_ATTR_MESH_ID])
3433 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN !=
3434 IEEE80211_MAX_MESH_ID_LEN);
3435 wdev->mesh_id_up_len =
3436 nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
3437 memcpy(wdev->ssid, nla_data(info->attrs[NL80211_ATTR_MESH_ID]),
3438 wdev->mesh_id_up_len);
3441 case NL80211_IFTYPE_NAN:
3442 case NL80211_IFTYPE_P2P_DEVICE:
3444 * P2P Device and NAN do not have a netdev, so don't go
3445 * through the netdev notifier and must be added here
3447 cfg80211_init_wdev(rdev, wdev);
3453 if (nl80211_send_iface(msg, info->snd_portid, info->snd_seq, 0,
3454 rdev, wdev, NL80211_CMD_NEW_INTERFACE) < 0) {
3459 return genlmsg_reply(msg, info);
3462 static int nl80211_del_interface(struct sk_buff *skb, struct genl_info *info)
3464 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3465 struct wireless_dev *wdev = info->user_ptr[1];
3467 if (!rdev->ops->del_virtual_intf)
3471 * If we remove a wireless device without a netdev then clear
3472 * user_ptr[1] so that nl80211_post_doit won't dereference it
3473 * to check if it needs to do dev_put(). Otherwise it crashes
3474 * since the wdev has been freed, unlike with a netdev where
3475 * we need the dev_put() for the netdev to really be freed.
3478 info->user_ptr[1] = NULL;
3480 return rdev_del_virtual_intf(rdev, wdev);
3483 static int nl80211_set_noack_map(struct sk_buff *skb, struct genl_info *info)
3485 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3486 struct net_device *dev = info->user_ptr[1];
3489 if (!info->attrs[NL80211_ATTR_NOACK_MAP])
3492 if (!rdev->ops->set_noack_map)
3495 noack_map = nla_get_u16(info->attrs[NL80211_ATTR_NOACK_MAP]);
3497 return rdev_set_noack_map(rdev, dev, noack_map);
3500 struct get_key_cookie {
3501 struct sk_buff *msg;
3506 static void get_key_callback(void *c, struct key_params *params)
3509 struct get_key_cookie *cookie = c;
3512 nla_put(cookie->msg, NL80211_ATTR_KEY_DATA,
3513 params->key_len, params->key)) ||
3515 nla_put(cookie->msg, NL80211_ATTR_KEY_SEQ,
3516 params->seq_len, params->seq)) ||
3518 nla_put_u32(cookie->msg, NL80211_ATTR_KEY_CIPHER,
3520 goto nla_put_failure;
3522 key = nla_nest_start(cookie->msg, NL80211_ATTR_KEY);
3524 goto nla_put_failure;
3527 nla_put(cookie->msg, NL80211_KEY_DATA,
3528 params->key_len, params->key)) ||
3530 nla_put(cookie->msg, NL80211_KEY_SEQ,
3531 params->seq_len, params->seq)) ||
3533 nla_put_u32(cookie->msg, NL80211_KEY_CIPHER,
3535 goto nla_put_failure;
3537 if (nla_put_u8(cookie->msg, NL80211_KEY_IDX, cookie->idx))
3538 goto nla_put_failure;
3540 nla_nest_end(cookie->msg, key);
3547 static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info)
3549 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3551 struct net_device *dev = info->user_ptr[1];
3553 const u8 *mac_addr = NULL;
3555 struct get_key_cookie cookie = {
3559 struct sk_buff *msg;
3561 if (info->attrs[NL80211_ATTR_KEY_IDX])
3562 key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);
3564 if (info->attrs[NL80211_ATTR_MAC])
3565 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
3567 pairwise = !!mac_addr;
3568 if (info->attrs[NL80211_ATTR_KEY_TYPE]) {
3569 u32 kt = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]);
3571 if (kt != NL80211_KEYTYPE_GROUP &&
3572 kt != NL80211_KEYTYPE_PAIRWISE)
3574 pairwise = kt == NL80211_KEYTYPE_PAIRWISE;
3577 if (!rdev->ops->get_key)
3580 if (!pairwise && mac_addr && !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN))
3583 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
3587 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
3588 NL80211_CMD_NEW_KEY);
3590 goto nla_put_failure;
3593 cookie.idx = key_idx;
3595 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
3596 nla_put_u8(msg, NL80211_ATTR_KEY_IDX, key_idx))
3597 goto nla_put_failure;
3599 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr))
3600 goto nla_put_failure;
3602 err = rdev_get_key(rdev, dev, key_idx, pairwise, mac_addr, &cookie,
3609 goto nla_put_failure;
3611 genlmsg_end(msg, hdr);
3612 return genlmsg_reply(msg, info);
3621 static int nl80211_set_key(struct sk_buff *skb, struct genl_info *info)
3623 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3624 struct key_parse key;
3626 struct net_device *dev = info->user_ptr[1];
3628 err = nl80211_parse_key(info, &key);
3635 /* only support setting default key */
3636 if (!key.def && !key.defmgmt)
3639 wdev_lock(dev->ieee80211_ptr);
3642 if (!rdev->ops->set_default_key) {
3647 err = nl80211_key_allowed(dev->ieee80211_ptr);
3651 err = rdev_set_default_key(rdev, dev, key.idx,
3652 key.def_uni, key.def_multi);
3657 #ifdef CONFIG_CFG80211_WEXT
3658 dev->ieee80211_ptr->wext.default_key = key.idx;
3661 if (key.def_uni || !key.def_multi) {
3666 if (!rdev->ops->set_default_mgmt_key) {
3671 err = nl80211_key_allowed(dev->ieee80211_ptr);
3675 err = rdev_set_default_mgmt_key(rdev, dev, key.idx);
3679 #ifdef CONFIG_CFG80211_WEXT
3680 dev->ieee80211_ptr->wext.default_mgmt_key = key.idx;
3685 wdev_unlock(dev->ieee80211_ptr);
3690 static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info)
3692 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3694 struct net_device *dev = info->user_ptr[1];
3695 struct key_parse key;
3696 const u8 *mac_addr = NULL;
3698 err = nl80211_parse_key(info, &key);
3705 if (info->attrs[NL80211_ATTR_MAC])
3706 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
3708 if (key.type == -1) {
3710 key.type = NL80211_KEYTYPE_PAIRWISE;
3712 key.type = NL80211_KEYTYPE_GROUP;
3716 if (key.type != NL80211_KEYTYPE_PAIRWISE &&
3717 key.type != NL80211_KEYTYPE_GROUP)
3720 if (!rdev->ops->add_key)
3723 if (cfg80211_validate_key_settings(rdev, &key.p, key.idx,
3724 key.type == NL80211_KEYTYPE_PAIRWISE,
3728 wdev_lock(dev->ieee80211_ptr);
3729 err = nl80211_key_allowed(dev->ieee80211_ptr);
3731 err = rdev_add_key(rdev, dev, key.idx,
3732 key.type == NL80211_KEYTYPE_PAIRWISE,
3734 wdev_unlock(dev->ieee80211_ptr);
3739 static int nl80211_del_key(struct sk_buff *skb, struct genl_info *info)
3741 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3743 struct net_device *dev = info->user_ptr[1];
3744 u8 *mac_addr = NULL;
3745 struct key_parse key;
3747 err = nl80211_parse_key(info, &key);
3751 if (info->attrs[NL80211_ATTR_MAC])
3752 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
3754 if (key.type == -1) {
3756 key.type = NL80211_KEYTYPE_PAIRWISE;
3758 key.type = NL80211_KEYTYPE_GROUP;
3762 if (key.type != NL80211_KEYTYPE_PAIRWISE &&
3763 key.type != NL80211_KEYTYPE_GROUP)
3766 if (!rdev->ops->del_key)
3769 wdev_lock(dev->ieee80211_ptr);
3770 err = nl80211_key_allowed(dev->ieee80211_ptr);
3772 if (key.type == NL80211_KEYTYPE_GROUP && mac_addr &&
3773 !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN))
3777 err = rdev_del_key(rdev, dev, key.idx,
3778 key.type == NL80211_KEYTYPE_PAIRWISE,
3781 #ifdef CONFIG_CFG80211_WEXT
3783 if (key.idx == dev->ieee80211_ptr->wext.default_key)
3784 dev->ieee80211_ptr->wext.default_key = -1;
3785 else if (key.idx == dev->ieee80211_ptr->wext.default_mgmt_key)
3786 dev->ieee80211_ptr->wext.default_mgmt_key = -1;
3789 wdev_unlock(dev->ieee80211_ptr);
3794 /* This function returns an error or the number of nested attributes */
3795 static int validate_acl_mac_addrs(struct nlattr *nl_attr)
3797 struct nlattr *attr;
3798 int n_entries = 0, tmp;
3800 nla_for_each_nested(attr, nl_attr, tmp) {
3801 if (nla_len(attr) != ETH_ALEN)
3811 * This function parses ACL information and allocates memory for ACL data.
3812 * On successful return, the calling function is responsible to free the
3813 * ACL buffer returned by this function.
3815 static struct cfg80211_acl_data *parse_acl_data(struct wiphy *wiphy,
3816 struct genl_info *info)
3818 enum nl80211_acl_policy acl_policy;
3819 struct nlattr *attr;
3820 struct cfg80211_acl_data *acl;
3821 int i = 0, n_entries, tmp;
3823 if (!wiphy->max_acl_mac_addrs)
3824 return ERR_PTR(-EOPNOTSUPP);
3826 if (!info->attrs[NL80211_ATTR_ACL_POLICY])
3827 return ERR_PTR(-EINVAL);
3829 acl_policy = nla_get_u32(info->attrs[NL80211_ATTR_ACL_POLICY]);
3830 if (acl_policy != NL80211_ACL_POLICY_ACCEPT_UNLESS_LISTED &&
3831 acl_policy != NL80211_ACL_POLICY_DENY_UNLESS_LISTED)
3832 return ERR_PTR(-EINVAL);
3834 if (!info->attrs[NL80211_ATTR_MAC_ADDRS])
3835 return ERR_PTR(-EINVAL);
3837 n_entries = validate_acl_mac_addrs(info->attrs[NL80211_ATTR_MAC_ADDRS]);
3839 return ERR_PTR(n_entries);
3841 if (n_entries > wiphy->max_acl_mac_addrs)
3842 return ERR_PTR(-ENOTSUPP);
3844 acl = kzalloc(sizeof(*acl) + (sizeof(struct mac_address) * n_entries),
3847 return ERR_PTR(-ENOMEM);
3849 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_MAC_ADDRS], tmp) {
3850 memcpy(acl->mac_addrs[i].addr, nla_data(attr), ETH_ALEN);
3854 acl->n_acl_entries = n_entries;
3855 acl->acl_policy = acl_policy;
3860 static int nl80211_set_mac_acl(struct sk_buff *skb, struct genl_info *info)
3862 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3863 struct net_device *dev = info->user_ptr[1];
3864 struct cfg80211_acl_data *acl;
3867 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
3868 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
3871 if (!dev->ieee80211_ptr->beacon_interval)
3874 acl = parse_acl_data(&rdev->wiphy, info);
3876 return PTR_ERR(acl);
3878 err = rdev_set_mac_acl(rdev, dev, acl);
3885 static u32 rateset_to_mask(struct ieee80211_supported_band *sband,
3886 u8 *rates, u8 rates_len)
3891 for (i = 0; i < rates_len; i++) {
3892 int rate = (rates[i] & 0x7f) * 5;
3895 for (ridx = 0; ridx < sband->n_bitrates; ridx++) {
3896 struct ieee80211_rate *srate =
3897 &sband->bitrates[ridx];
3898 if (rate == srate->bitrate) {
3903 if (ridx == sband->n_bitrates)
3904 return 0; /* rate not found */
3910 static bool ht_rateset_to_mask(struct ieee80211_supported_band *sband,
3911 u8 *rates, u8 rates_len,
3912 u8 mcs[IEEE80211_HT_MCS_MASK_LEN])
3916 memset(mcs, 0, IEEE80211_HT_MCS_MASK_LEN);
3918 for (i = 0; i < rates_len; i++) {
3921 ridx = rates[i] / 8;
3922 rbit = BIT(rates[i] % 8);
3924 /* check validity */
3925 if ((ridx < 0) || (ridx >= IEEE80211_HT_MCS_MASK_LEN))
3928 /* check availability */
3929 ridx = array_index_nospec(ridx, IEEE80211_HT_MCS_MASK_LEN);
3930 if (sband->ht_cap.mcs.rx_mask[ridx] & rbit)
3939 static u16 vht_mcs_map_to_mcs_mask(u8 vht_mcs_map)
3943 switch (vht_mcs_map) {
3944 case IEEE80211_VHT_MCS_NOT_SUPPORTED:
3946 case IEEE80211_VHT_MCS_SUPPORT_0_7:
3949 case IEEE80211_VHT_MCS_SUPPORT_0_8:
3952 case IEEE80211_VHT_MCS_SUPPORT_0_9:
3962 static void vht_build_mcs_mask(u16 vht_mcs_map,
3963 u16 vht_mcs_mask[NL80211_VHT_NSS_MAX])
3967 for (nss = 0; nss < NL80211_VHT_NSS_MAX; nss++) {
3968 vht_mcs_mask[nss] = vht_mcs_map_to_mcs_mask(vht_mcs_map & 0x03);
3973 static bool vht_set_mcs_mask(struct ieee80211_supported_band *sband,
3974 struct nl80211_txrate_vht *txrate,
3975 u16 mcs[NL80211_VHT_NSS_MAX])
3977 u16 tx_mcs_map = le16_to_cpu(sband->vht_cap.vht_mcs.tx_mcs_map);
3978 u16 tx_mcs_mask[NL80211_VHT_NSS_MAX] = {};
3981 if (!sband->vht_cap.vht_supported)
3984 memset(mcs, 0, sizeof(u16) * NL80211_VHT_NSS_MAX);
3986 /* Build vht_mcs_mask from VHT capabilities */
3987 vht_build_mcs_mask(tx_mcs_map, tx_mcs_mask);
3989 for (i = 0; i < NL80211_VHT_NSS_MAX; i++) {
3990 if ((tx_mcs_mask[i] & txrate->mcs[i]) == txrate->mcs[i])
3991 mcs[i] = txrate->mcs[i];
3999 static const struct nla_policy nl80211_txattr_policy[NL80211_TXRATE_MAX + 1] = {
4000 [NL80211_TXRATE_LEGACY] = { .type = NLA_BINARY,
4001 .len = NL80211_MAX_SUPP_RATES },
4002 [NL80211_TXRATE_HT] = { .type = NLA_BINARY,
4003 .len = NL80211_MAX_SUPP_HT_RATES },
4004 [NL80211_TXRATE_VHT] = { .len = sizeof(struct nl80211_txrate_vht)},
4005 [NL80211_TXRATE_GI] = { .type = NLA_U8 },
4008 static int nl80211_parse_tx_bitrate_mask(struct genl_info *info,
4009 struct cfg80211_bitrate_mask *mask)
4011 struct nlattr *tb[NL80211_TXRATE_MAX + 1];
4012 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4014 struct nlattr *tx_rates;
4015 struct ieee80211_supported_band *sband;
4018 memset(mask, 0, sizeof(*mask));
4019 /* Default to all rates enabled */
4020 for (i = 0; i < NUM_NL80211_BANDS; i++) {
4021 sband = rdev->wiphy.bands[i];
4026 mask->control[i].legacy = (1 << sband->n_bitrates) - 1;
4027 memcpy(mask->control[i].ht_mcs,
4028 sband->ht_cap.mcs.rx_mask,
4029 sizeof(mask->control[i].ht_mcs));
4031 if (!sband->vht_cap.vht_supported)
4034 vht_tx_mcs_map = le16_to_cpu(sband->vht_cap.vht_mcs.tx_mcs_map);
4035 vht_build_mcs_mask(vht_tx_mcs_map, mask->control[i].vht_mcs);
4038 /* if no rates are given set it back to the defaults */
4039 if (!info->attrs[NL80211_ATTR_TX_RATES])
4042 /* The nested attribute uses enum nl80211_band as the index. This maps
4043 * directly to the enum nl80211_band values used in cfg80211.
4045 BUILD_BUG_ON(NL80211_MAX_SUPP_HT_RATES > IEEE80211_HT_MCS_MASK_LEN * 8);
4046 nla_for_each_nested(tx_rates, info->attrs[NL80211_ATTR_TX_RATES], rem) {
4047 enum nl80211_band band = nla_type(tx_rates);
4050 if (band < 0 || band >= NUM_NL80211_BANDS)
4052 sband = rdev->wiphy.bands[band];
4055 err = nla_parse_nested(tb, NL80211_TXRATE_MAX, tx_rates,
4056 nl80211_txattr_policy, info->extack);
4059 if (tb[NL80211_TXRATE_LEGACY]) {
4060 mask->control[band].legacy = rateset_to_mask(
4062 nla_data(tb[NL80211_TXRATE_LEGACY]),
4063 nla_len(tb[NL80211_TXRATE_LEGACY]));
4064 if ((mask->control[band].legacy == 0) &&
4065 nla_len(tb[NL80211_TXRATE_LEGACY]))
4068 if (tb[NL80211_TXRATE_HT]) {
4069 if (!ht_rateset_to_mask(
4071 nla_data(tb[NL80211_TXRATE_HT]),
4072 nla_len(tb[NL80211_TXRATE_HT]),
4073 mask->control[band].ht_mcs))
4076 if (tb[NL80211_TXRATE_VHT]) {
4077 if (!vht_set_mcs_mask(
4079 nla_data(tb[NL80211_TXRATE_VHT]),
4080 mask->control[band].vht_mcs))
4083 if (tb[NL80211_TXRATE_GI]) {
4084 mask->control[band].gi =
4085 nla_get_u8(tb[NL80211_TXRATE_GI]);
4086 if (mask->control[band].gi > NL80211_TXRATE_FORCE_LGI)
4090 if (mask->control[band].legacy == 0) {
4091 /* don't allow empty legacy rates if HT or VHT
4092 * are not even supported.
4094 if (!(rdev->wiphy.bands[band]->ht_cap.ht_supported ||
4095 rdev->wiphy.bands[band]->vht_cap.vht_supported))
4098 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++)
4099 if (mask->control[band].ht_mcs[i])
4102 for (i = 0; i < NL80211_VHT_NSS_MAX; i++)
4103 if (mask->control[band].vht_mcs[i])
4106 /* legacy and mcs rates may not be both empty */
4115 static int validate_beacon_tx_rate(struct cfg80211_registered_device *rdev,
4116 enum nl80211_band band,
4117 struct cfg80211_bitrate_mask *beacon_rate)
4119 u32 count_ht, count_vht, i;
4120 u32 rate = beacon_rate->control[band].legacy;
4122 /* Allow only one rate */
4123 if (hweight32(rate) > 1)
4127 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
4128 if (hweight8(beacon_rate->control[band].ht_mcs[i]) > 1) {
4130 } else if (beacon_rate->control[band].ht_mcs[i]) {
4135 if (count_ht && rate)
4140 for (i = 0; i < NL80211_VHT_NSS_MAX; i++) {
4141 if (hweight16(beacon_rate->control[band].vht_mcs[i]) > 1) {
4143 } else if (beacon_rate->control[band].vht_mcs[i]) {
4148 if (count_vht && rate)
4152 if ((count_ht && count_vht) || (!rate && !count_ht && !count_vht))
4156 !wiphy_ext_feature_isset(&rdev->wiphy,
4157 NL80211_EXT_FEATURE_BEACON_RATE_LEGACY))
4160 !wiphy_ext_feature_isset(&rdev->wiphy,
4161 NL80211_EXT_FEATURE_BEACON_RATE_HT))
4164 !wiphy_ext_feature_isset(&rdev->wiphy,
4165 NL80211_EXT_FEATURE_BEACON_RATE_VHT))
4171 static int nl80211_parse_beacon(struct cfg80211_registered_device *rdev,
4172 struct nlattr *attrs[],
4173 struct cfg80211_beacon_data *bcn)
4175 bool haveinfo = false;
4178 memset(bcn, 0, sizeof(*bcn));
4180 if (attrs[NL80211_ATTR_BEACON_HEAD]) {
4181 bcn->head = nla_data(attrs[NL80211_ATTR_BEACON_HEAD]);
4182 bcn->head_len = nla_len(attrs[NL80211_ATTR_BEACON_HEAD]);
4188 if (attrs[NL80211_ATTR_BEACON_TAIL]) {
4189 bcn->tail = nla_data(attrs[NL80211_ATTR_BEACON_TAIL]);
4190 bcn->tail_len = nla_len(attrs[NL80211_ATTR_BEACON_TAIL]);
4197 if (attrs[NL80211_ATTR_IE]) {
4198 bcn->beacon_ies = nla_data(attrs[NL80211_ATTR_IE]);
4199 bcn->beacon_ies_len = nla_len(attrs[NL80211_ATTR_IE]);
4202 if (attrs[NL80211_ATTR_IE_PROBE_RESP]) {
4203 bcn->proberesp_ies =
4204 nla_data(attrs[NL80211_ATTR_IE_PROBE_RESP]);
4205 bcn->proberesp_ies_len =
4206 nla_len(attrs[NL80211_ATTR_IE_PROBE_RESP]);
4209 if (attrs[NL80211_ATTR_IE_ASSOC_RESP]) {
4210 bcn->assocresp_ies =
4211 nla_data(attrs[NL80211_ATTR_IE_ASSOC_RESP]);
4212 bcn->assocresp_ies_len =
4213 nla_len(attrs[NL80211_ATTR_IE_ASSOC_RESP]);
4216 if (attrs[NL80211_ATTR_PROBE_RESP]) {
4217 bcn->probe_resp = nla_data(attrs[NL80211_ATTR_PROBE_RESP]);
4218 bcn->probe_resp_len = nla_len(attrs[NL80211_ATTR_PROBE_RESP]);
4221 if (attrs[NL80211_ATTR_FTM_RESPONDER]) {
4222 struct nlattr *tb[NL80211_FTM_RESP_ATTR_MAX + 1];
4224 err = nla_parse_nested(tb, NL80211_FTM_RESP_ATTR_MAX,
4225 attrs[NL80211_ATTR_FTM_RESPONDER],
4230 if (tb[NL80211_FTM_RESP_ATTR_ENABLED] &&
4231 wiphy_ext_feature_isset(&rdev->wiphy,
4232 NL80211_EXT_FEATURE_ENABLE_FTM_RESPONDER))
4233 bcn->ftm_responder = 1;
4237 if (tb[NL80211_FTM_RESP_ATTR_LCI]) {
4238 bcn->lci = nla_data(tb[NL80211_FTM_RESP_ATTR_LCI]);
4239 bcn->lci_len = nla_len(tb[NL80211_FTM_RESP_ATTR_LCI]);
4242 if (tb[NL80211_FTM_RESP_ATTR_CIVICLOC]) {
4243 bcn->civicloc = nla_data(tb[NL80211_FTM_RESP_ATTR_CIVICLOC]);
4244 bcn->civicloc_len = nla_len(tb[NL80211_FTM_RESP_ATTR_CIVICLOC]);
4247 bcn->ftm_responder = -1;
4253 static void nl80211_check_ap_rate_selectors(struct cfg80211_ap_settings *params,
4261 for (i = 0; i < rates[1]; i++) {
4262 if (rates[2 + i] == BSS_MEMBERSHIP_SELECTOR_HT_PHY)
4263 params->ht_required = true;
4264 if (rates[2 + i] == BSS_MEMBERSHIP_SELECTOR_VHT_PHY)
4265 params->vht_required = true;
4270 * Since the nl80211 API didn't include, from the beginning, attributes about
4271 * HT/VHT requirements/capabilities, we parse them out of the IEs for the
4272 * benefit of drivers that rebuild IEs in the firmware.
4274 static void nl80211_calculate_ap_params(struct cfg80211_ap_settings *params)
4276 const struct cfg80211_beacon_data *bcn = ¶ms->beacon;
4277 size_t ies_len = bcn->tail_len;
4278 const u8 *ies = bcn->tail;
4282 rates = cfg80211_find_ie(WLAN_EID_SUPP_RATES, ies, ies_len);
4283 nl80211_check_ap_rate_selectors(params, rates);
4285 rates = cfg80211_find_ie(WLAN_EID_EXT_SUPP_RATES, ies, ies_len);
4286 nl80211_check_ap_rate_selectors(params, rates);
4288 cap = cfg80211_find_ie(WLAN_EID_HT_CAPABILITY, ies, ies_len);
4289 if (cap && cap[1] >= sizeof(*params->ht_cap))
4290 params->ht_cap = (void *)(cap + 2);
4291 cap = cfg80211_find_ie(WLAN_EID_VHT_CAPABILITY, ies, ies_len);
4292 if (cap && cap[1] >= sizeof(*params->vht_cap))
4293 params->vht_cap = (void *)(cap + 2);
4294 cap = cfg80211_find_ext_ie(WLAN_EID_EXT_HE_CAPABILITY, ies, ies_len);
4295 if (cap && cap[1] >= sizeof(*params->he_cap) + 1)
4296 params->he_cap = (void *)(cap + 3);
4299 static bool nl80211_get_ap_channel(struct cfg80211_registered_device *rdev,
4300 struct cfg80211_ap_settings *params)
4302 struct wireless_dev *wdev;
4305 list_for_each_entry(wdev, &rdev->wiphy.wdev_list, list) {
4306 if (wdev->iftype != NL80211_IFTYPE_AP &&
4307 wdev->iftype != NL80211_IFTYPE_P2P_GO)
4310 if (!wdev->preset_chandef.chan)
4313 params->chandef = wdev->preset_chandef;
4321 static bool nl80211_valid_auth_type(struct cfg80211_registered_device *rdev,
4322 enum nl80211_auth_type auth_type,
4323 enum nl80211_commands cmd)
4325 if (auth_type > NL80211_AUTHTYPE_MAX)
4329 case NL80211_CMD_AUTHENTICATE:
4330 if (!(rdev->wiphy.features & NL80211_FEATURE_SAE) &&
4331 auth_type == NL80211_AUTHTYPE_SAE)
4333 if (!wiphy_ext_feature_isset(&rdev->wiphy,
4334 NL80211_EXT_FEATURE_FILS_STA) &&
4335 (auth_type == NL80211_AUTHTYPE_FILS_SK ||
4336 auth_type == NL80211_AUTHTYPE_FILS_SK_PFS ||
4337 auth_type == NL80211_AUTHTYPE_FILS_PK))
4340 case NL80211_CMD_CONNECT:
4341 if (!(rdev->wiphy.features & NL80211_FEATURE_SAE) &&
4342 auth_type == NL80211_AUTHTYPE_SAE)
4345 /* FILS with SK PFS or PK not supported yet */
4346 if (auth_type == NL80211_AUTHTYPE_FILS_SK_PFS ||
4347 auth_type == NL80211_AUTHTYPE_FILS_PK)
4349 if (!wiphy_ext_feature_isset(
4351 NL80211_EXT_FEATURE_FILS_SK_OFFLOAD) &&
4352 auth_type == NL80211_AUTHTYPE_FILS_SK)
4355 case NL80211_CMD_START_AP:
4356 /* SAE not supported yet */
4357 if (auth_type == NL80211_AUTHTYPE_SAE)
4359 /* FILS not supported yet */
4360 if (auth_type == NL80211_AUTHTYPE_FILS_SK ||
4361 auth_type == NL80211_AUTHTYPE_FILS_SK_PFS ||
4362 auth_type == NL80211_AUTHTYPE_FILS_PK)
4370 static int nl80211_start_ap(struct sk_buff *skb, struct genl_info *info)
4372 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4373 struct net_device *dev = info->user_ptr[1];
4374 struct wireless_dev *wdev = dev->ieee80211_ptr;
4375 struct cfg80211_ap_settings params;
4378 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
4379 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
4382 if (!rdev->ops->start_ap)
4385 if (wdev->beacon_interval)
4388 memset(¶ms, 0, sizeof(params));
4390 /* these are required for START_AP */
4391 if (!info->attrs[NL80211_ATTR_BEACON_INTERVAL] ||
4392 !info->attrs[NL80211_ATTR_DTIM_PERIOD] ||
4393 !info->attrs[NL80211_ATTR_BEACON_HEAD])
4396 err = nl80211_parse_beacon(rdev, info->attrs, ¶ms.beacon);
4400 params.beacon_interval =
4401 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]);
4402 params.dtim_period =
4403 nla_get_u32(info->attrs[NL80211_ATTR_DTIM_PERIOD]);
4405 err = cfg80211_validate_beacon_int(rdev, dev->ieee80211_ptr->iftype,
4406 params.beacon_interval);
4411 * In theory, some of these attributes should be required here
4412 * but since they were not used when the command was originally
4413 * added, keep them optional for old user space programs to let
4414 * them continue to work with drivers that do not need the
4415 * additional information -- drivers must check!
4417 if (info->attrs[NL80211_ATTR_SSID]) {
4418 params.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
4420 nla_len(info->attrs[NL80211_ATTR_SSID]);
4421 if (params.ssid_len == 0 ||
4422 params.ssid_len > IEEE80211_MAX_SSID_LEN)
4426 if (info->attrs[NL80211_ATTR_HIDDEN_SSID])
4427 params.hidden_ssid = nla_get_u32(
4428 info->attrs[NL80211_ATTR_HIDDEN_SSID]);
4430 params.privacy = !!info->attrs[NL80211_ATTR_PRIVACY];
4432 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) {
4433 params.auth_type = nla_get_u32(
4434 info->attrs[NL80211_ATTR_AUTH_TYPE]);
4435 if (!nl80211_valid_auth_type(rdev, params.auth_type,
4436 NL80211_CMD_START_AP))
4439 params.auth_type = NL80211_AUTHTYPE_AUTOMATIC;
4441 err = nl80211_crypto_settings(rdev, info, ¶ms.crypto,
4442 NL80211_MAX_NR_CIPHER_SUITES);
4446 if (info->attrs[NL80211_ATTR_INACTIVITY_TIMEOUT]) {
4447 if (!(rdev->wiphy.features & NL80211_FEATURE_INACTIVITY_TIMER))
4449 params.inactivity_timeout = nla_get_u16(
4450 info->attrs[NL80211_ATTR_INACTIVITY_TIMEOUT]);
4453 if (info->attrs[NL80211_ATTR_P2P_CTWINDOW]) {
4454 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
4456 params.p2p_ctwindow =
4457 nla_get_u8(info->attrs[NL80211_ATTR_P2P_CTWINDOW]);
4458 if (params.p2p_ctwindow != 0 &&
4459 !(rdev->wiphy.features & NL80211_FEATURE_P2P_GO_CTWIN))
4463 if (info->attrs[NL80211_ATTR_P2P_OPPPS]) {
4466 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
4468 tmp = nla_get_u8(info->attrs[NL80211_ATTR_P2P_OPPPS]);
4469 params.p2p_opp_ps = tmp;
4470 if (params.p2p_opp_ps != 0 &&
4471 !(rdev->wiphy.features & NL80211_FEATURE_P2P_GO_OPPPS))
4475 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
4476 err = nl80211_parse_chandef(rdev, info, ¶ms.chandef);
4479 } else if (wdev->preset_chandef.chan) {
4480 params.chandef = wdev->preset_chandef;
4481 } else if (!nl80211_get_ap_channel(rdev, ¶ms))
4484 if (!cfg80211_reg_can_beacon_relax(&rdev->wiphy, ¶ms.chandef,
4488 if (info->attrs[NL80211_ATTR_TX_RATES]) {
4489 err = nl80211_parse_tx_bitrate_mask(info, ¶ms.beacon_rate);
4493 err = validate_beacon_tx_rate(rdev, params.chandef.chan->band,
4494 ¶ms.beacon_rate);
4499 if (info->attrs[NL80211_ATTR_SMPS_MODE]) {
4501 nla_get_u8(info->attrs[NL80211_ATTR_SMPS_MODE]);
4502 switch (params.smps_mode) {
4503 case NL80211_SMPS_OFF:
4505 case NL80211_SMPS_STATIC:
4506 if (!(rdev->wiphy.features &
4507 NL80211_FEATURE_STATIC_SMPS))
4510 case NL80211_SMPS_DYNAMIC:
4511 if (!(rdev->wiphy.features &
4512 NL80211_FEATURE_DYNAMIC_SMPS))
4519 params.smps_mode = NL80211_SMPS_OFF;
4522 params.pbss = nla_get_flag(info->attrs[NL80211_ATTR_PBSS]);
4523 if (params.pbss && !rdev->wiphy.bands[NL80211_BAND_60GHZ])
4526 if (info->attrs[NL80211_ATTR_ACL_POLICY]) {
4527 params.acl = parse_acl_data(&rdev->wiphy, info);
4528 if (IS_ERR(params.acl))
4529 return PTR_ERR(params.acl);
4532 nl80211_calculate_ap_params(¶ms);
4535 err = rdev_start_ap(rdev, dev, ¶ms);
4537 wdev->preset_chandef = params.chandef;
4538 wdev->beacon_interval = params.beacon_interval;
4539 wdev->chandef = params.chandef;
4540 wdev->ssid_len = params.ssid_len;
4541 memcpy(wdev->ssid, params.ssid, wdev->ssid_len);
4543 if (info->attrs[NL80211_ATTR_SOCKET_OWNER])
4544 wdev->conn_owner_nlportid = info->snd_portid;
4553 static int nl80211_set_beacon(struct sk_buff *skb, struct genl_info *info)
4555 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4556 struct net_device *dev = info->user_ptr[1];
4557 struct wireless_dev *wdev = dev->ieee80211_ptr;
4558 struct cfg80211_beacon_data params;
4561 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
4562 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
4565 if (!rdev->ops->change_beacon)
4568 if (!wdev->beacon_interval)
4571 err = nl80211_parse_beacon(rdev, info->attrs, ¶ms);
4576 err = rdev_change_beacon(rdev, dev, ¶ms);
4582 static int nl80211_stop_ap(struct sk_buff *skb, struct genl_info *info)
4584 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4585 struct net_device *dev = info->user_ptr[1];
4587 return cfg80211_stop_ap(rdev, dev, false);
4590 static const struct nla_policy sta_flags_policy[NL80211_STA_FLAG_MAX + 1] = {
4591 [NL80211_STA_FLAG_AUTHORIZED] = { .type = NLA_FLAG },
4592 [NL80211_STA_FLAG_SHORT_PREAMBLE] = { .type = NLA_FLAG },
4593 [NL80211_STA_FLAG_WME] = { .type = NLA_FLAG },
4594 [NL80211_STA_FLAG_MFP] = { .type = NLA_FLAG },
4595 [NL80211_STA_FLAG_AUTHENTICATED] = { .type = NLA_FLAG },
4596 [NL80211_STA_FLAG_TDLS_PEER] = { .type = NLA_FLAG },
4599 static int parse_station_flags(struct genl_info *info,
4600 enum nl80211_iftype iftype,
4601 struct station_parameters *params)
4603 struct nlattr *flags[NL80211_STA_FLAG_MAX + 1];
4608 * Try parsing the new attribute first so userspace
4609 * can specify both for older kernels.
4611 nla = info->attrs[NL80211_ATTR_STA_FLAGS2];
4613 struct nl80211_sta_flag_update *sta_flags;
4615 sta_flags = nla_data(nla);
4616 params->sta_flags_mask = sta_flags->mask;
4617 params->sta_flags_set = sta_flags->set;
4618 params->sta_flags_set &= params->sta_flags_mask;
4619 if ((params->sta_flags_mask |
4620 params->sta_flags_set) & BIT(__NL80211_STA_FLAG_INVALID))
4625 /* if present, parse the old attribute */
4627 nla = info->attrs[NL80211_ATTR_STA_FLAGS];
4631 if (nla_parse_nested(flags, NL80211_STA_FLAG_MAX, nla,
4632 sta_flags_policy, info->extack))
4636 * Only allow certain flags for interface types so that
4637 * other attributes are silently ignored. Remember that
4638 * this is backward compatibility code with old userspace
4639 * and shouldn't be hit in other cases anyway.
4642 case NL80211_IFTYPE_AP:
4643 case NL80211_IFTYPE_AP_VLAN:
4644 case NL80211_IFTYPE_P2P_GO:
4645 params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHORIZED) |
4646 BIT(NL80211_STA_FLAG_SHORT_PREAMBLE) |
4647 BIT(NL80211_STA_FLAG_WME) |
4648 BIT(NL80211_STA_FLAG_MFP);
4650 case NL80211_IFTYPE_P2P_CLIENT:
4651 case NL80211_IFTYPE_STATION:
4652 params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHORIZED) |
4653 BIT(NL80211_STA_FLAG_TDLS_PEER);
4655 case NL80211_IFTYPE_MESH_POINT:
4656 params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHENTICATED) |
4657 BIT(NL80211_STA_FLAG_MFP) |
4658 BIT(NL80211_STA_FLAG_AUTHORIZED);
4664 for (flag = 1; flag <= NL80211_STA_FLAG_MAX; flag++) {
4666 params->sta_flags_set |= (1<<flag);
4668 /* no longer support new API additions in old API */
4669 if (flag > NL80211_STA_FLAG_MAX_OLD_API)
4677 bool nl80211_put_sta_rate(struct sk_buff *msg, struct rate_info *info, int attr)
4679 struct nlattr *rate;
4682 enum nl80211_rate_info rate_flg;
4684 rate = nla_nest_start(msg, attr);
4688 /* cfg80211_calculate_bitrate will return 0 for mcs >= 32 */
4689 bitrate = cfg80211_calculate_bitrate(info);
4690 /* report 16-bit bitrate only if we can */
4691 bitrate_compat = bitrate < (1UL << 16) ? bitrate : 0;
4693 nla_put_u32(msg, NL80211_RATE_INFO_BITRATE32, bitrate))
4695 if (bitrate_compat > 0 &&
4696 nla_put_u16(msg, NL80211_RATE_INFO_BITRATE, bitrate_compat))
4700 case RATE_INFO_BW_5:
4701 rate_flg = NL80211_RATE_INFO_5_MHZ_WIDTH;
4703 case RATE_INFO_BW_10:
4704 rate_flg = NL80211_RATE_INFO_10_MHZ_WIDTH;
4709 case RATE_INFO_BW_20:
4712 case RATE_INFO_BW_40:
4713 rate_flg = NL80211_RATE_INFO_40_MHZ_WIDTH;
4715 case RATE_INFO_BW_80:
4716 rate_flg = NL80211_RATE_INFO_80_MHZ_WIDTH;
4718 case RATE_INFO_BW_160:
4719 rate_flg = NL80211_RATE_INFO_160_MHZ_WIDTH;
4721 case RATE_INFO_BW_HE_RU:
4723 WARN_ON(!(info->flags & RATE_INFO_FLAGS_HE_MCS));
4726 if (rate_flg && nla_put_flag(msg, rate_flg))
4729 if (info->flags & RATE_INFO_FLAGS_MCS) {
4730 if (nla_put_u8(msg, NL80211_RATE_INFO_MCS, info->mcs))
4732 if (info->flags & RATE_INFO_FLAGS_SHORT_GI &&
4733 nla_put_flag(msg, NL80211_RATE_INFO_SHORT_GI))
4735 } else if (info->flags & RATE_INFO_FLAGS_VHT_MCS) {
4736 if (nla_put_u8(msg, NL80211_RATE_INFO_VHT_MCS, info->mcs))
4738 if (nla_put_u8(msg, NL80211_RATE_INFO_VHT_NSS, info->nss))
4740 if (info->flags & RATE_INFO_FLAGS_SHORT_GI &&
4741 nla_put_flag(msg, NL80211_RATE_INFO_SHORT_GI))
4743 } else if (info->flags & RATE_INFO_FLAGS_HE_MCS) {
4744 if (nla_put_u8(msg, NL80211_RATE_INFO_HE_MCS, info->mcs))
4746 if (nla_put_u8(msg, NL80211_RATE_INFO_HE_NSS, info->nss))
4748 if (nla_put_u8(msg, NL80211_RATE_INFO_HE_GI, info->he_gi))
4750 if (nla_put_u8(msg, NL80211_RATE_INFO_HE_DCM, info->he_dcm))
4752 if (info->bw == RATE_INFO_BW_HE_RU &&
4753 nla_put_u8(msg, NL80211_RATE_INFO_HE_RU_ALLOC,
4758 nla_nest_end(msg, rate);
4762 static bool nl80211_put_signal(struct sk_buff *msg, u8 mask, s8 *signal,
4771 attr = nla_nest_start(msg, id);
4775 for (i = 0; i < IEEE80211_MAX_CHAINS; i++) {
4776 if (!(mask & BIT(i)))
4779 if (nla_put_u8(msg, i, signal[i]))
4783 nla_nest_end(msg, attr);
4788 static int nl80211_send_station(struct sk_buff *msg, u32 cmd, u32 portid,
4790 struct cfg80211_registered_device *rdev,
4791 struct net_device *dev,
4792 const u8 *mac_addr, struct station_info *sinfo)
4795 struct nlattr *sinfoattr, *bss_param;
4797 hdr = nl80211hdr_put(msg, portid, seq, flags, cmd);
4801 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
4802 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr) ||
4803 nla_put_u32(msg, NL80211_ATTR_GENERATION, sinfo->generation))
4804 goto nla_put_failure;
4806 sinfoattr = nla_nest_start(msg, NL80211_ATTR_STA_INFO);
4808 goto nla_put_failure;
4810 #define PUT_SINFO(attr, memb, type) do { \
4811 BUILD_BUG_ON(sizeof(type) == sizeof(u64)); \
4812 if (sinfo->filled & BIT_ULL(NL80211_STA_INFO_ ## attr) && \
4813 nla_put_ ## type(msg, NL80211_STA_INFO_ ## attr, \
4815 goto nla_put_failure; \
4817 #define PUT_SINFO_U64(attr, memb) do { \
4818 if (sinfo->filled & BIT_ULL(NL80211_STA_INFO_ ## attr) && \
4819 nla_put_u64_64bit(msg, NL80211_STA_INFO_ ## attr, \
4820 sinfo->memb, NL80211_STA_INFO_PAD)) \
4821 goto nla_put_failure; \
4824 PUT_SINFO(CONNECTED_TIME, connected_time, u32);
4825 PUT_SINFO(INACTIVE_TIME, inactive_time, u32);
4827 if (sinfo->filled & (BIT_ULL(NL80211_STA_INFO_RX_BYTES) |
4828 BIT_ULL(NL80211_STA_INFO_RX_BYTES64)) &&
4829 nla_put_u32(msg, NL80211_STA_INFO_RX_BYTES,
4830 (u32)sinfo->rx_bytes))
4831 goto nla_put_failure;
4833 if (sinfo->filled & (BIT_ULL(NL80211_STA_INFO_TX_BYTES) |
4834 BIT_ULL(NL80211_STA_INFO_TX_BYTES64)) &&
4835 nla_put_u32(msg, NL80211_STA_INFO_TX_BYTES,
4836 (u32)sinfo->tx_bytes))
4837 goto nla_put_failure;
4839 PUT_SINFO_U64(RX_BYTES64, rx_bytes);
4840 PUT_SINFO_U64(TX_BYTES64, tx_bytes);
4841 PUT_SINFO(LLID, llid, u16);
4842 PUT_SINFO(PLID, plid, u16);
4843 PUT_SINFO(PLINK_STATE, plink_state, u8);
4844 PUT_SINFO_U64(RX_DURATION, rx_duration);
4846 switch (rdev->wiphy.signal_type) {
4847 case CFG80211_SIGNAL_TYPE_MBM:
4848 PUT_SINFO(SIGNAL, signal, u8);
4849 PUT_SINFO(SIGNAL_AVG, signal_avg, u8);
4854 if (sinfo->filled & BIT_ULL(NL80211_STA_INFO_CHAIN_SIGNAL)) {
4855 if (!nl80211_put_signal(msg, sinfo->chains,
4856 sinfo->chain_signal,
4857 NL80211_STA_INFO_CHAIN_SIGNAL))
4858 goto nla_put_failure;
4860 if (sinfo->filled & BIT_ULL(NL80211_STA_INFO_CHAIN_SIGNAL_AVG)) {
4861 if (!nl80211_put_signal(msg, sinfo->chains,
4862 sinfo->chain_signal_avg,
4863 NL80211_STA_INFO_CHAIN_SIGNAL_AVG))
4864 goto nla_put_failure;
4866 if (sinfo->filled & BIT_ULL(NL80211_STA_INFO_TX_BITRATE)) {
4867 if (!nl80211_put_sta_rate(msg, &sinfo->txrate,
4868 NL80211_STA_INFO_TX_BITRATE))
4869 goto nla_put_failure;
4871 if (sinfo->filled & BIT_ULL(NL80211_STA_INFO_RX_BITRATE)) {
4872 if (!nl80211_put_sta_rate(msg, &sinfo->rxrate,
4873 NL80211_STA_INFO_RX_BITRATE))
4874 goto nla_put_failure;
4877 PUT_SINFO(RX_PACKETS, rx_packets, u32);
4878 PUT_SINFO(TX_PACKETS, tx_packets, u32);
4879 PUT_SINFO(TX_RETRIES, tx_retries, u32);
4880 PUT_SINFO(TX_FAILED, tx_failed, u32);
4881 PUT_SINFO(EXPECTED_THROUGHPUT, expected_throughput, u32);
4882 PUT_SINFO(BEACON_LOSS, beacon_loss_count, u32);
4883 PUT_SINFO(LOCAL_PM, local_pm, u32);
4884 PUT_SINFO(PEER_PM, peer_pm, u32);
4885 PUT_SINFO(NONPEER_PM, nonpeer_pm, u32);
4886 PUT_SINFO(CONNECTED_TO_GATE, connected_to_gate, u8);
4888 if (sinfo->filled & BIT_ULL(NL80211_STA_INFO_BSS_PARAM)) {
4889 bss_param = nla_nest_start(msg, NL80211_STA_INFO_BSS_PARAM);
4891 goto nla_put_failure;
4893 if (((sinfo->bss_param.flags & BSS_PARAM_FLAGS_CTS_PROT) &&
4894 nla_put_flag(msg, NL80211_STA_BSS_PARAM_CTS_PROT)) ||
4895 ((sinfo->bss_param.flags & BSS_PARAM_FLAGS_SHORT_PREAMBLE) &&
4896 nla_put_flag(msg, NL80211_STA_BSS_PARAM_SHORT_PREAMBLE)) ||
4897 ((sinfo->bss_param.flags & BSS_PARAM_FLAGS_SHORT_SLOT_TIME) &&
4898 nla_put_flag(msg, NL80211_STA_BSS_PARAM_SHORT_SLOT_TIME)) ||
4899 nla_put_u8(msg, NL80211_STA_BSS_PARAM_DTIM_PERIOD,
4900 sinfo->bss_param.dtim_period) ||
4901 nla_put_u16(msg, NL80211_STA_BSS_PARAM_BEACON_INTERVAL,
4902 sinfo->bss_param.beacon_interval))
4903 goto nla_put_failure;
4905 nla_nest_end(msg, bss_param);
4907 if ((sinfo->filled & BIT_ULL(NL80211_STA_INFO_STA_FLAGS)) &&
4908 nla_put(msg, NL80211_STA_INFO_STA_FLAGS,
4909 sizeof(struct nl80211_sta_flag_update),
4911 goto nla_put_failure;
4913 PUT_SINFO_U64(T_OFFSET, t_offset);
4914 PUT_SINFO_U64(RX_DROP_MISC, rx_dropped_misc);
4915 PUT_SINFO_U64(BEACON_RX, rx_beacon);
4916 PUT_SINFO(BEACON_SIGNAL_AVG, rx_beacon_signal_avg, u8);
4917 PUT_SINFO(RX_MPDUS, rx_mpdu_count, u32);
4918 PUT_SINFO(FCS_ERROR_COUNT, fcs_err_count, u32);
4919 if (wiphy_ext_feature_isset(&rdev->wiphy,
4920 NL80211_EXT_FEATURE_ACK_SIGNAL_SUPPORT)) {
4921 PUT_SINFO(ACK_SIGNAL, ack_signal, u8);
4922 PUT_SINFO(ACK_SIGNAL_AVG, avg_ack_signal, s8);
4926 #undef PUT_SINFO_U64
4928 if (sinfo->pertid) {
4929 struct nlattr *tidsattr;
4932 tidsattr = nla_nest_start(msg, NL80211_STA_INFO_TID_STATS);
4934 goto nla_put_failure;
4936 for (tid = 0; tid < IEEE80211_NUM_TIDS + 1; tid++) {
4937 struct cfg80211_tid_stats *tidstats;
4938 struct nlattr *tidattr;
4940 tidstats = &sinfo->pertid[tid];
4942 if (!tidstats->filled)
4945 tidattr = nla_nest_start(msg, tid + 1);
4947 goto nla_put_failure;
4949 #define PUT_TIDVAL_U64(attr, memb) do { \
4950 if (tidstats->filled & BIT(NL80211_TID_STATS_ ## attr) && \
4951 nla_put_u64_64bit(msg, NL80211_TID_STATS_ ## attr, \
4952 tidstats->memb, NL80211_TID_STATS_PAD)) \
4953 goto nla_put_failure; \
4956 PUT_TIDVAL_U64(RX_MSDU, rx_msdu);
4957 PUT_TIDVAL_U64(TX_MSDU, tx_msdu);
4958 PUT_TIDVAL_U64(TX_MSDU_RETRIES, tx_msdu_retries);
4959 PUT_TIDVAL_U64(TX_MSDU_FAILED, tx_msdu_failed);
4961 #undef PUT_TIDVAL_U64
4962 if ((tidstats->filled &
4963 BIT(NL80211_TID_STATS_TXQ_STATS)) &&
4964 !nl80211_put_txq_stats(msg, &tidstats->txq_stats,
4965 NL80211_TID_STATS_TXQ_STATS))
4966 goto nla_put_failure;
4968 nla_nest_end(msg, tidattr);
4971 nla_nest_end(msg, tidsattr);
4974 nla_nest_end(msg, sinfoattr);
4976 if (sinfo->assoc_req_ies_len &&
4977 nla_put(msg, NL80211_ATTR_IE, sinfo->assoc_req_ies_len,
4978 sinfo->assoc_req_ies))
4979 goto nla_put_failure;
4981 cfg80211_sinfo_release_content(sinfo);
4982 genlmsg_end(msg, hdr);
4986 cfg80211_sinfo_release_content(sinfo);
4987 genlmsg_cancel(msg, hdr);
4991 static int nl80211_dump_station(struct sk_buff *skb,
4992 struct netlink_callback *cb)
4994 struct station_info sinfo;
4995 struct cfg80211_registered_device *rdev;
4996 struct wireless_dev *wdev;
4997 u8 mac_addr[ETH_ALEN];
4998 int sta_idx = cb->args[2];
5002 err = nl80211_prepare_wdev_dump(cb, &rdev, &wdev);
5006 if (!wdev->netdev) {
5011 if (!rdev->ops->dump_station) {
5017 memset(&sinfo, 0, sizeof(sinfo));
5018 err = rdev_dump_station(rdev, wdev->netdev, sta_idx,
5025 if (nl80211_send_station(skb, NL80211_CMD_NEW_STATION,
5026 NETLINK_CB(cb->skb).portid,
5027 cb->nlh->nlmsg_seq, NLM_F_MULTI,
5028 rdev, wdev->netdev, mac_addr,
5036 cb->args[2] = sta_idx;
5044 static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info)
5046 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5047 struct net_device *dev = info->user_ptr[1];
5048 struct station_info sinfo;
5049 struct sk_buff *msg;
5050 u8 *mac_addr = NULL;
5053 memset(&sinfo, 0, sizeof(sinfo));
5055 if (!info->attrs[NL80211_ATTR_MAC])
5058 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
5060 if (!rdev->ops->get_station)
5063 err = rdev_get_station(rdev, dev, mac_addr, &sinfo);
5067 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
5069 cfg80211_sinfo_release_content(&sinfo);
5073 if (nl80211_send_station(msg, NL80211_CMD_NEW_STATION,
5074 info->snd_portid, info->snd_seq, 0,
5075 rdev, dev, mac_addr, &sinfo) < 0) {
5080 return genlmsg_reply(msg, info);
5083 int cfg80211_check_station_change(struct wiphy *wiphy,
5084 struct station_parameters *params,
5085 enum cfg80211_station_type statype)
5087 if (params->listen_interval != -1 &&
5088 statype != CFG80211_STA_AP_CLIENT_UNASSOC)
5091 if (params->support_p2p_ps != -1 &&
5092 statype != CFG80211_STA_AP_CLIENT_UNASSOC)
5096 !(params->sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) &&
5097 statype != CFG80211_STA_AP_CLIENT_UNASSOC)
5100 /* When you run into this, adjust the code below for the new flag */
5101 BUILD_BUG_ON(NL80211_STA_FLAG_MAX != 7);
5104 case CFG80211_STA_MESH_PEER_KERNEL:
5105 case CFG80211_STA_MESH_PEER_USER:
5107 * No ignoring the TDLS flag here -- the userspace mesh
5108 * code doesn't have the bug of including TDLS in the
5111 if (params->sta_flags_mask &
5112 ~(BIT(NL80211_STA_FLAG_AUTHENTICATED) |
5113 BIT(NL80211_STA_FLAG_MFP) |
5114 BIT(NL80211_STA_FLAG_AUTHORIZED)))
5117 case CFG80211_STA_TDLS_PEER_SETUP:
5118 case CFG80211_STA_TDLS_PEER_ACTIVE:
5119 if (!(params->sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)))
5121 /* ignore since it can't change */
5122 params->sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
5125 /* disallow mesh-specific things */
5126 if (params->plink_action != NL80211_PLINK_ACTION_NO_ACTION)
5128 if (params->local_pm)
5130 if (params->sta_modify_mask & STATION_PARAM_APPLY_PLINK_STATE)
5134 if (statype != CFG80211_STA_TDLS_PEER_SETUP &&
5135 statype != CFG80211_STA_TDLS_PEER_ACTIVE) {
5136 /* TDLS can't be set, ... */
5137 if (params->sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER))
5140 * ... but don't bother the driver with it. This works around
5141 * a hostapd/wpa_supplicant issue -- it always includes the
5142 * TLDS_PEER flag in the mask even for AP mode.
5144 params->sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
5147 if (statype != CFG80211_STA_TDLS_PEER_SETUP &&
5148 statype != CFG80211_STA_AP_CLIENT_UNASSOC) {
5149 /* reject other things that can't change */
5150 if (params->sta_modify_mask & STATION_PARAM_APPLY_UAPSD)
5152 if (params->sta_modify_mask & STATION_PARAM_APPLY_CAPABILITY)
5154 if (params->supported_rates)
5156 if (params->ext_capab || params->ht_capa || params->vht_capa ||
5161 if (statype != CFG80211_STA_AP_CLIENT &&
5162 statype != CFG80211_STA_AP_CLIENT_UNASSOC) {
5168 case CFG80211_STA_AP_MLME_CLIENT:
5169 /* Use this only for authorizing/unauthorizing a station */
5170 if (!(params->sta_flags_mask & BIT(NL80211_STA_FLAG_AUTHORIZED)))
5173 case CFG80211_STA_AP_CLIENT:
5174 case CFG80211_STA_AP_CLIENT_UNASSOC:
5175 /* accept only the listed bits */
5176 if (params->sta_flags_mask &
5177 ~(BIT(NL80211_STA_FLAG_AUTHORIZED) |
5178 BIT(NL80211_STA_FLAG_AUTHENTICATED) |
5179 BIT(NL80211_STA_FLAG_ASSOCIATED) |
5180 BIT(NL80211_STA_FLAG_SHORT_PREAMBLE) |
5181 BIT(NL80211_STA_FLAG_WME) |
5182 BIT(NL80211_STA_FLAG_MFP)))
5185 /* but authenticated/associated only if driver handles it */
5186 if (!(wiphy->features & NL80211_FEATURE_FULL_AP_CLIENT_STATE) &&
5187 params->sta_flags_mask &
5188 (BIT(NL80211_STA_FLAG_AUTHENTICATED) |
5189 BIT(NL80211_STA_FLAG_ASSOCIATED)))
5192 case CFG80211_STA_IBSS:
5193 case CFG80211_STA_AP_STA:
5194 /* reject any changes other than AUTHORIZED */
5195 if (params->sta_flags_mask & ~BIT(NL80211_STA_FLAG_AUTHORIZED))
5198 case CFG80211_STA_TDLS_PEER_SETUP:
5199 /* reject any changes other than AUTHORIZED or WME */
5200 if (params->sta_flags_mask & ~(BIT(NL80211_STA_FLAG_AUTHORIZED) |
5201 BIT(NL80211_STA_FLAG_WME)))
5203 /* force (at least) rates when authorizing */
5204 if (params->sta_flags_set & BIT(NL80211_STA_FLAG_AUTHORIZED) &&
5205 !params->supported_rates)
5208 case CFG80211_STA_TDLS_PEER_ACTIVE:
5209 /* reject any changes */
5211 case CFG80211_STA_MESH_PEER_KERNEL:
5212 if (params->sta_modify_mask & STATION_PARAM_APPLY_PLINK_STATE)
5215 case CFG80211_STA_MESH_PEER_USER:
5216 if (params->plink_action != NL80211_PLINK_ACTION_NO_ACTION &&
5217 params->plink_action != NL80211_PLINK_ACTION_BLOCK)
5223 * Older kernel versions ignored this attribute entirely, so don't
5224 * reject attempts to update it but mark it as unused instead so the
5225 * driver won't look at the data.
5227 if (statype != CFG80211_STA_AP_CLIENT_UNASSOC &&
5228 statype != CFG80211_STA_TDLS_PEER_SETUP)
5229 params->opmode_notif_used = false;
5233 EXPORT_SYMBOL(cfg80211_check_station_change);
5236 * Get vlan interface making sure it is running and on the right wiphy.
5238 static struct net_device *get_vlan(struct genl_info *info,
5239 struct cfg80211_registered_device *rdev)
5241 struct nlattr *vlanattr = info->attrs[NL80211_ATTR_STA_VLAN];
5242 struct net_device *v;
5248 v = dev_get_by_index(genl_info_net(info), nla_get_u32(vlanattr));
5250 return ERR_PTR(-ENODEV);
5252 if (!v->ieee80211_ptr || v->ieee80211_ptr->wiphy != &rdev->wiphy) {
5257 if (v->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN &&
5258 v->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
5259 v->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) {
5264 if (!netif_running(v)) {
5272 return ERR_PTR(ret);
5275 static const struct nla_policy
5276 nl80211_sta_wme_policy[NL80211_STA_WME_MAX + 1] = {
5277 [NL80211_STA_WME_UAPSD_QUEUES] = { .type = NLA_U8 },
5278 [NL80211_STA_WME_MAX_SP] = { .type = NLA_U8 },
5281 static int nl80211_parse_sta_wme(struct genl_info *info,
5282 struct station_parameters *params)
5284 struct nlattr *tb[NL80211_STA_WME_MAX + 1];
5288 /* parse WME attributes if present */
5289 if (!info->attrs[NL80211_ATTR_STA_WME])
5292 nla = info->attrs[NL80211_ATTR_STA_WME];
5293 err = nla_parse_nested(tb, NL80211_STA_WME_MAX, nla,
5294 nl80211_sta_wme_policy, info->extack);
5298 if (tb[NL80211_STA_WME_UAPSD_QUEUES])
5299 params->uapsd_queues = nla_get_u8(
5300 tb[NL80211_STA_WME_UAPSD_QUEUES]);
5301 if (params->uapsd_queues & ~IEEE80211_WMM_IE_STA_QOSINFO_AC_MASK)
5304 if (tb[NL80211_STA_WME_MAX_SP])
5305 params->max_sp = nla_get_u8(tb[NL80211_STA_WME_MAX_SP]);
5307 if (params->max_sp & ~IEEE80211_WMM_IE_STA_QOSINFO_SP_MASK)
5310 params->sta_modify_mask |= STATION_PARAM_APPLY_UAPSD;
5315 static int nl80211_parse_sta_channel_info(struct genl_info *info,
5316 struct station_parameters *params)
5318 if (info->attrs[NL80211_ATTR_STA_SUPPORTED_CHANNELS]) {
5319 params->supported_channels =
5320 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_CHANNELS]);
5321 params->supported_channels_len =
5322 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_CHANNELS]);
5324 * Need to include at least one (first channel, number of
5325 * channels) tuple for each subband, and must have proper
5326 * tuples for the rest of the data as well.
5328 if (params->supported_channels_len < 2)
5330 if (params->supported_channels_len % 2)
5334 if (info->attrs[NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES]) {
5335 params->supported_oper_classes =
5336 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES]);
5337 params->supported_oper_classes_len =
5338 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES]);
5340 * The value of the Length field of the Supported Operating
5341 * Classes element is between 2 and 253.
5343 if (params->supported_oper_classes_len < 2 ||
5344 params->supported_oper_classes_len > 253)
5350 static int nl80211_set_station_tdls(struct genl_info *info,
5351 struct station_parameters *params)
5354 /* Dummy STA entry gets updated once the peer capabilities are known */
5355 if (info->attrs[NL80211_ATTR_PEER_AID])
5356 params->aid = nla_get_u16(info->attrs[NL80211_ATTR_PEER_AID]);
5357 if (info->attrs[NL80211_ATTR_HT_CAPABILITY])
5359 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]);
5360 if (info->attrs[NL80211_ATTR_VHT_CAPABILITY])
5362 nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY]);
5363 if (info->attrs[NL80211_ATTR_HE_CAPABILITY]) {
5365 nla_data(info->attrs[NL80211_ATTR_HE_CAPABILITY]);
5366 params->he_capa_len =
5367 nla_len(info->attrs[NL80211_ATTR_HE_CAPABILITY]);
5369 if (params->he_capa_len < NL80211_HE_MIN_CAPABILITY_LEN)
5373 err = nl80211_parse_sta_channel_info(info, params);
5377 return nl80211_parse_sta_wme(info, params);
5380 static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info)
5382 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5383 struct net_device *dev = info->user_ptr[1];
5384 struct station_parameters params;
5388 memset(¶ms, 0, sizeof(params));
5390 if (!rdev->ops->change_station)
5394 * AID and listen_interval properties can be set only for unassociated
5395 * station. Include these parameters here and will check them in
5396 * cfg80211_check_station_change().
5398 if (info->attrs[NL80211_ATTR_STA_AID])
5399 params.aid = nla_get_u16(info->attrs[NL80211_ATTR_STA_AID]);
5401 if (info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL])
5402 params.listen_interval =
5403 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]);
5405 params.listen_interval = -1;
5407 if (info->attrs[NL80211_ATTR_STA_SUPPORT_P2P_PS])
5408 params.support_p2p_ps =
5409 nla_get_u8(info->attrs[NL80211_ATTR_STA_SUPPORT_P2P_PS]);
5411 params.support_p2p_ps = -1;
5413 if (!info->attrs[NL80211_ATTR_MAC])
5416 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
5418 if (info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) {
5419 params.supported_rates =
5420 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
5421 params.supported_rates_len =
5422 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
5425 if (info->attrs[NL80211_ATTR_STA_CAPABILITY]) {
5427 nla_get_u16(info->attrs[NL80211_ATTR_STA_CAPABILITY]);
5428 params.sta_modify_mask |= STATION_PARAM_APPLY_CAPABILITY;
5431 if (info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]) {
5433 nla_data(info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]);
5434 params.ext_capab_len =
5435 nla_len(info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]);
5438 if (parse_station_flags(info, dev->ieee80211_ptr->iftype, ¶ms))
5441 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION])
5442 params.plink_action =
5443 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]);
5445 if (info->attrs[NL80211_ATTR_STA_PLINK_STATE]) {
5446 params.plink_state =
5447 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_STATE]);
5448 if (info->attrs[NL80211_ATTR_MESH_PEER_AID])
5449 params.peer_aid = nla_get_u16(
5450 info->attrs[NL80211_ATTR_MESH_PEER_AID]);
5451 params.sta_modify_mask |= STATION_PARAM_APPLY_PLINK_STATE;
5454 if (info->attrs[NL80211_ATTR_LOCAL_MESH_POWER_MODE])
5455 params.local_pm = nla_get_u32(
5456 info->attrs[NL80211_ATTR_LOCAL_MESH_POWER_MODE]);
5458 if (info->attrs[NL80211_ATTR_OPMODE_NOTIF]) {
5459 params.opmode_notif_used = true;
5460 params.opmode_notif =
5461 nla_get_u8(info->attrs[NL80211_ATTR_OPMODE_NOTIF]);
5464 /* Include parameters for TDLS peer (will check later) */
5465 err = nl80211_set_station_tdls(info, ¶ms);
5469 params.vlan = get_vlan(info, rdev);
5470 if (IS_ERR(params.vlan))
5471 return PTR_ERR(params.vlan);
5473 switch (dev->ieee80211_ptr->iftype) {
5474 case NL80211_IFTYPE_AP:
5475 case NL80211_IFTYPE_AP_VLAN:
5476 case NL80211_IFTYPE_P2P_GO:
5477 case NL80211_IFTYPE_P2P_CLIENT:
5478 case NL80211_IFTYPE_STATION:
5479 case NL80211_IFTYPE_ADHOC:
5480 case NL80211_IFTYPE_MESH_POINT:
5487 /* driver will call cfg80211_check_station_change() */
5488 err = rdev_change_station(rdev, dev, mac_addr, ¶ms);
5492 dev_put(params.vlan);
5497 static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info)
5499 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5501 struct net_device *dev = info->user_ptr[1];
5502 struct station_parameters params;
5503 u8 *mac_addr = NULL;
5504 u32 auth_assoc = BIT(NL80211_STA_FLAG_AUTHENTICATED) |
5505 BIT(NL80211_STA_FLAG_ASSOCIATED);
5507 memset(¶ms, 0, sizeof(params));
5509 if (!rdev->ops->add_station)
5512 if (!info->attrs[NL80211_ATTR_MAC])
5515 if (!info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL])
5518 if (!info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES])
5521 if (!info->attrs[NL80211_ATTR_STA_AID] &&
5522 !info->attrs[NL80211_ATTR_PEER_AID])
5525 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
5526 params.supported_rates =
5527 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
5528 params.supported_rates_len =
5529 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
5530 params.listen_interval =
5531 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]);
5533 if (info->attrs[NL80211_ATTR_STA_SUPPORT_P2P_PS]) {
5534 params.support_p2p_ps =
5535 nla_get_u8(info->attrs[NL80211_ATTR_STA_SUPPORT_P2P_PS]);
5538 * if not specified, assume it's supported for P2P GO interface,
5539 * and is NOT supported for AP interface
5541 params.support_p2p_ps =
5542 dev->ieee80211_ptr->iftype == NL80211_IFTYPE_P2P_GO;
5545 if (info->attrs[NL80211_ATTR_PEER_AID])
5546 params.aid = nla_get_u16(info->attrs[NL80211_ATTR_PEER_AID]);
5548 params.aid = nla_get_u16(info->attrs[NL80211_ATTR_STA_AID]);
5550 if (info->attrs[NL80211_ATTR_STA_CAPABILITY]) {
5552 nla_get_u16(info->attrs[NL80211_ATTR_STA_CAPABILITY]);
5553 params.sta_modify_mask |= STATION_PARAM_APPLY_CAPABILITY;
5556 if (info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]) {
5558 nla_data(info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]);
5559 params.ext_capab_len =
5560 nla_len(info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]);
5563 if (info->attrs[NL80211_ATTR_HT_CAPABILITY])
5565 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]);
5567 if (info->attrs[NL80211_ATTR_VHT_CAPABILITY])
5569 nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY]);
5571 if (info->attrs[NL80211_ATTR_HE_CAPABILITY]) {
5573 nla_data(info->attrs[NL80211_ATTR_HE_CAPABILITY]);
5574 params.he_capa_len =
5575 nla_len(info->attrs[NL80211_ATTR_HE_CAPABILITY]);
5577 /* max len is validated in nla policy */
5578 if (params.he_capa_len < NL80211_HE_MIN_CAPABILITY_LEN)
5582 if (info->attrs[NL80211_ATTR_OPMODE_NOTIF]) {
5583 params.opmode_notif_used = true;
5584 params.opmode_notif =
5585 nla_get_u8(info->attrs[NL80211_ATTR_OPMODE_NOTIF]);
5588 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION])
5589 params.plink_action =
5590 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]);
5592 err = nl80211_parse_sta_channel_info(info, ¶ms);
5596 err = nl80211_parse_sta_wme(info, ¶ms);
5600 if (parse_station_flags(info, dev->ieee80211_ptr->iftype, ¶ms))
5603 /* HT/VHT requires QoS, but if we don't have that just ignore HT/VHT
5604 * as userspace might just pass through the capabilities from the IEs
5605 * directly, rather than enforcing this restriction and returning an
5606 * error in this case.
5608 if (!(params.sta_flags_set & BIT(NL80211_STA_FLAG_WME))) {
5609 params.ht_capa = NULL;
5610 params.vht_capa = NULL;
5612 /* HE requires WME */
5613 if (params.he_capa_len)
5617 /* When you run into this, adjust the code below for the new flag */
5618 BUILD_BUG_ON(NL80211_STA_FLAG_MAX != 7);
5620 switch (dev->ieee80211_ptr->iftype) {
5621 case NL80211_IFTYPE_AP:
5622 case NL80211_IFTYPE_AP_VLAN:
5623 case NL80211_IFTYPE_P2P_GO:
5624 /* ignore WME attributes if iface/sta is not capable */
5625 if (!(rdev->wiphy.flags & WIPHY_FLAG_AP_UAPSD) ||
5626 !(params.sta_flags_set & BIT(NL80211_STA_FLAG_WME)))
5627 params.sta_modify_mask &= ~STATION_PARAM_APPLY_UAPSD;
5629 /* TDLS peers cannot be added */
5630 if ((params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) ||
5631 info->attrs[NL80211_ATTR_PEER_AID])
5633 /* but don't bother the driver with it */
5634 params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
5636 /* allow authenticated/associated only if driver handles it */
5637 if (!(rdev->wiphy.features &
5638 NL80211_FEATURE_FULL_AP_CLIENT_STATE) &&
5639 params.sta_flags_mask & auth_assoc)
5642 /* Older userspace, or userspace wanting to be compatible with
5643 * !NL80211_FEATURE_FULL_AP_CLIENT_STATE, will not set the auth
5644 * and assoc flags in the mask, but assumes the station will be
5645 * added as associated anyway since this was the required driver
5646 * behaviour before NL80211_FEATURE_FULL_AP_CLIENT_STATE was
5648 * In order to not bother drivers with this quirk in the API
5649 * set the flags in both the mask and set for new stations in
5652 if (!(params.sta_flags_mask & auth_assoc)) {
5653 params.sta_flags_mask |= auth_assoc;
5654 params.sta_flags_set |= auth_assoc;
5657 /* must be last in here for error handling */
5658 params.vlan = get_vlan(info, rdev);
5659 if (IS_ERR(params.vlan))
5660 return PTR_ERR(params.vlan);
5662 case NL80211_IFTYPE_MESH_POINT:
5663 /* ignore uAPSD data */
5664 params.sta_modify_mask &= ~STATION_PARAM_APPLY_UAPSD;
5666 /* associated is disallowed */
5667 if (params.sta_flags_mask & BIT(NL80211_STA_FLAG_ASSOCIATED))
5669 /* TDLS peers cannot be added */
5670 if ((params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) ||
5671 info->attrs[NL80211_ATTR_PEER_AID])
5674 case NL80211_IFTYPE_STATION:
5675 case NL80211_IFTYPE_P2P_CLIENT:
5676 /* ignore uAPSD data */
5677 params.sta_modify_mask &= ~STATION_PARAM_APPLY_UAPSD;
5679 /* these are disallowed */
5680 if (params.sta_flags_mask &
5681 (BIT(NL80211_STA_FLAG_ASSOCIATED) |
5682 BIT(NL80211_STA_FLAG_AUTHENTICATED)))
5684 /* Only TDLS peers can be added */
5685 if (!(params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)))
5687 /* Can only add if TDLS ... */
5688 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS))
5690 /* ... with external setup is supported */
5691 if (!(rdev->wiphy.flags & WIPHY_FLAG_TDLS_EXTERNAL_SETUP))
5694 * Older wpa_supplicant versions always mark the TDLS peer
5695 * as authorized, but it shouldn't yet be.
5697 params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_AUTHORIZED);
5703 /* be aware of params.vlan when changing code here */
5705 err = rdev_add_station(rdev, dev, mac_addr, ¶ms);
5708 dev_put(params.vlan);
5712 static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info)
5714 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5715 struct net_device *dev = info->user_ptr[1];
5716 struct station_del_parameters params;
5718 memset(¶ms, 0, sizeof(params));
5720 if (info->attrs[NL80211_ATTR_MAC])
5721 params.mac = nla_data(info->attrs[NL80211_ATTR_MAC]);
5723 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
5724 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN &&
5725 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT &&
5726 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
5729 if (!rdev->ops->del_station)
5732 if (info->attrs[NL80211_ATTR_MGMT_SUBTYPE]) {
5734 nla_get_u8(info->attrs[NL80211_ATTR_MGMT_SUBTYPE]);
5735 if (params.subtype != IEEE80211_STYPE_DISASSOC >> 4 &&
5736 params.subtype != IEEE80211_STYPE_DEAUTH >> 4)
5739 /* Default to Deauthentication frame */
5740 params.subtype = IEEE80211_STYPE_DEAUTH >> 4;
5743 if (info->attrs[NL80211_ATTR_REASON_CODE]) {
5744 params.reason_code =
5745 nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
5746 if (params.reason_code == 0)
5747 return -EINVAL; /* 0 is reserved */
5749 /* Default to reason code 2 */
5750 params.reason_code = WLAN_REASON_PREV_AUTH_NOT_VALID;
5753 return rdev_del_station(rdev, dev, ¶ms);
5756 static int nl80211_send_mpath(struct sk_buff *msg, u32 portid, u32 seq,
5757 int flags, struct net_device *dev,
5758 u8 *dst, u8 *next_hop,
5759 struct mpath_info *pinfo)
5762 struct nlattr *pinfoattr;
5764 hdr = nl80211hdr_put(msg, portid, seq, flags, NL80211_CMD_NEW_MPATH);
5768 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
5769 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, dst) ||
5770 nla_put(msg, NL80211_ATTR_MPATH_NEXT_HOP, ETH_ALEN, next_hop) ||
5771 nla_put_u32(msg, NL80211_ATTR_GENERATION, pinfo->generation))
5772 goto nla_put_failure;
5774 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MPATH_INFO);
5776 goto nla_put_failure;
5777 if ((pinfo->filled & MPATH_INFO_FRAME_QLEN) &&
5778 nla_put_u32(msg, NL80211_MPATH_INFO_FRAME_QLEN,
5780 goto nla_put_failure;
5781 if (((pinfo->filled & MPATH_INFO_SN) &&
5782 nla_put_u32(msg, NL80211_MPATH_INFO_SN, pinfo->sn)) ||
5783 ((pinfo->filled & MPATH_INFO_METRIC) &&
5784 nla_put_u32(msg, NL80211_MPATH_INFO_METRIC,
5786 ((pinfo->filled & MPATH_INFO_EXPTIME) &&
5787 nla_put_u32(msg, NL80211_MPATH_INFO_EXPTIME,
5789 ((pinfo->filled & MPATH_INFO_FLAGS) &&
5790 nla_put_u8(msg, NL80211_MPATH_INFO_FLAGS,
5792 ((pinfo->filled & MPATH_INFO_DISCOVERY_TIMEOUT) &&
5793 nla_put_u32(msg, NL80211_MPATH_INFO_DISCOVERY_TIMEOUT,
5794 pinfo->discovery_timeout)) ||
5795 ((pinfo->filled & MPATH_INFO_DISCOVERY_RETRIES) &&
5796 nla_put_u8(msg, NL80211_MPATH_INFO_DISCOVERY_RETRIES,
5797 pinfo->discovery_retries)))
5798 goto nla_put_failure;
5800 nla_nest_end(msg, pinfoattr);
5802 genlmsg_end(msg, hdr);
5806 genlmsg_cancel(msg, hdr);
5810 static int nl80211_dump_mpath(struct sk_buff *skb,
5811 struct netlink_callback *cb)
5813 struct mpath_info pinfo;
5814 struct cfg80211_registered_device *rdev;
5815 struct wireless_dev *wdev;
5817 u8 next_hop[ETH_ALEN];
5818 int path_idx = cb->args[2];
5822 err = nl80211_prepare_wdev_dump(cb, &rdev, &wdev);
5826 if (!rdev->ops->dump_mpath) {
5831 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT) {
5837 err = rdev_dump_mpath(rdev, wdev->netdev, path_idx, dst,
5844 if (nl80211_send_mpath(skb, NETLINK_CB(cb->skb).portid,
5845 cb->nlh->nlmsg_seq, NLM_F_MULTI,
5846 wdev->netdev, dst, next_hop,
5854 cb->args[2] = path_idx;
5861 static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info)
5863 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5865 struct net_device *dev = info->user_ptr[1];
5866 struct mpath_info pinfo;
5867 struct sk_buff *msg;
5869 u8 next_hop[ETH_ALEN];
5871 memset(&pinfo, 0, sizeof(pinfo));
5873 if (!info->attrs[NL80211_ATTR_MAC])
5876 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
5878 if (!rdev->ops->get_mpath)
5881 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
5884 err = rdev_get_mpath(rdev, dev, dst, next_hop, &pinfo);
5888 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
5892 if (nl80211_send_mpath(msg, info->snd_portid, info->snd_seq, 0,
5893 dev, dst, next_hop, &pinfo) < 0) {
5898 return genlmsg_reply(msg, info);
5901 static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info)
5903 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5904 struct net_device *dev = info->user_ptr[1];
5906 u8 *next_hop = NULL;
5908 if (!info->attrs[NL80211_ATTR_MAC])
5911 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP])
5914 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
5915 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]);
5917 if (!rdev->ops->change_mpath)
5920 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
5923 return rdev_change_mpath(rdev, dev, dst, next_hop);
5926 static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info)
5928 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5929 struct net_device *dev = info->user_ptr[1];
5931 u8 *next_hop = NULL;
5933 if (!info->attrs[NL80211_ATTR_MAC])
5936 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP])
5939 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
5940 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]);
5942 if (!rdev->ops->add_mpath)
5945 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
5948 return rdev_add_mpath(rdev, dev, dst, next_hop);
5951 static int nl80211_del_mpath(struct sk_buff *skb, struct genl_info *info)
5953 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5954 struct net_device *dev = info->user_ptr[1];
5957 if (info->attrs[NL80211_ATTR_MAC])
5958 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
5960 if (!rdev->ops->del_mpath)
5963 return rdev_del_mpath(rdev, dev, dst);
5966 static int nl80211_get_mpp(struct sk_buff *skb, struct genl_info *info)
5968 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5970 struct net_device *dev = info->user_ptr[1];
5971 struct mpath_info pinfo;
5972 struct sk_buff *msg;
5976 memset(&pinfo, 0, sizeof(pinfo));
5978 if (!info->attrs[NL80211_ATTR_MAC])
5981 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
5983 if (!rdev->ops->get_mpp)
5986 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
5989 err = rdev_get_mpp(rdev, dev, dst, mpp, &pinfo);
5993 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
5997 if (nl80211_send_mpath(msg, info->snd_portid, info->snd_seq, 0,
5998 dev, dst, mpp, &pinfo) < 0) {
6003 return genlmsg_reply(msg, info);
6006 static int nl80211_dump_mpp(struct sk_buff *skb,
6007 struct netlink_callback *cb)
6009 struct mpath_info pinfo;
6010 struct cfg80211_registered_device *rdev;
6011 struct wireless_dev *wdev;
6014 int path_idx = cb->args[2];
6018 err = nl80211_prepare_wdev_dump(cb, &rdev, &wdev);
6022 if (!rdev->ops->dump_mpp) {
6027 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT) {
6033 err = rdev_dump_mpp(rdev, wdev->netdev, path_idx, dst,
6040 if (nl80211_send_mpath(skb, NETLINK_CB(cb->skb).portid,
6041 cb->nlh->nlmsg_seq, NLM_F_MULTI,
6042 wdev->netdev, dst, mpp,
6050 cb->args[2] = path_idx;
6057 static int nl80211_set_bss(struct sk_buff *skb, struct genl_info *info)
6059 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6060 struct net_device *dev = info->user_ptr[1];
6061 struct wireless_dev *wdev = dev->ieee80211_ptr;
6062 struct bss_parameters params;
6065 memset(¶ms, 0, sizeof(params));
6066 /* default to not changing parameters */
6067 params.use_cts_prot = -1;
6068 params.use_short_preamble = -1;
6069 params.use_short_slot_time = -1;
6070 params.ap_isolate = -1;
6071 params.ht_opmode = -1;
6072 params.p2p_ctwindow = -1;
6073 params.p2p_opp_ps = -1;
6075 if (info->attrs[NL80211_ATTR_BSS_CTS_PROT])
6076 params.use_cts_prot =
6077 nla_get_u8(info->attrs[NL80211_ATTR_BSS_CTS_PROT]);
6078 if (info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE])
6079 params.use_short_preamble =
6080 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]);
6081 if (info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME])
6082 params.use_short_slot_time =
6083 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]);
6084 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) {
6085 params.basic_rates =
6086 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
6087 params.basic_rates_len =
6088 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
6090 if (info->attrs[NL80211_ATTR_AP_ISOLATE])
6091 params.ap_isolate = !!nla_get_u8(info->attrs[NL80211_ATTR_AP_ISOLATE]);
6092 if (info->attrs[NL80211_ATTR_BSS_HT_OPMODE])
6094 nla_get_u16(info->attrs[NL80211_ATTR_BSS_HT_OPMODE]);
6096 if (info->attrs[NL80211_ATTR_P2P_CTWINDOW]) {
6097 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
6099 params.p2p_ctwindow =
6100 nla_get_u8(info->attrs[NL80211_ATTR_P2P_CTWINDOW]);
6101 if (params.p2p_ctwindow != 0 &&
6102 !(rdev->wiphy.features & NL80211_FEATURE_P2P_GO_CTWIN))
6106 if (info->attrs[NL80211_ATTR_P2P_OPPPS]) {
6109 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
6111 tmp = nla_get_u8(info->attrs[NL80211_ATTR_P2P_OPPPS]);
6112 params.p2p_opp_ps = tmp;
6113 if (params.p2p_opp_ps &&
6114 !(rdev->wiphy.features & NL80211_FEATURE_P2P_GO_OPPPS))
6118 if (!rdev->ops->change_bss)
6121 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
6122 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
6126 err = rdev_change_bss(rdev, dev, ¶ms);
6132 static int nl80211_req_set_reg(struct sk_buff *skb, struct genl_info *info)
6136 enum nl80211_user_reg_hint_type user_reg_hint_type;
6140 * You should only get this when cfg80211 hasn't yet initialized
6141 * completely when built-in to the kernel right between the time
6142 * window between nl80211_init() and regulatory_init(), if that is
6145 if (unlikely(!rcu_access_pointer(cfg80211_regdomain)))
6146 return -EINPROGRESS;
6148 if (info->attrs[NL80211_ATTR_USER_REG_HINT_TYPE])
6149 user_reg_hint_type =
6150 nla_get_u32(info->attrs[NL80211_ATTR_USER_REG_HINT_TYPE]);
6152 user_reg_hint_type = NL80211_USER_REG_HINT_USER;
6154 switch (user_reg_hint_type) {
6155 case NL80211_USER_REG_HINT_USER:
6156 case NL80211_USER_REG_HINT_CELL_BASE:
6157 if (!info->attrs[NL80211_ATTR_REG_ALPHA2])
6160 data = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]);
6161 return regulatory_hint_user(data, user_reg_hint_type);
6162 case NL80211_USER_REG_HINT_INDOOR:
6163 if (info->attrs[NL80211_ATTR_SOCKET_OWNER]) {
6164 owner_nlportid = info->snd_portid;
6165 is_indoor = !!info->attrs[NL80211_ATTR_REG_INDOOR];
6171 return regulatory_hint_indoor(is_indoor, owner_nlportid);
6177 static int nl80211_reload_regdb(struct sk_buff *skb, struct genl_info *info)
6179 return reg_reload_regdb();
6182 static int nl80211_get_mesh_config(struct sk_buff *skb,
6183 struct genl_info *info)
6185 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6186 struct net_device *dev = info->user_ptr[1];
6187 struct wireless_dev *wdev = dev->ieee80211_ptr;
6188 struct mesh_config cur_params;
6191 struct nlattr *pinfoattr;
6192 struct sk_buff *msg;
6194 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT)
6197 if (!rdev->ops->get_mesh_config)
6201 /* If not connected, get default parameters */
6202 if (!wdev->mesh_id_len)
6203 memcpy(&cur_params, &default_mesh_config, sizeof(cur_params));
6205 err = rdev_get_mesh_config(rdev, dev, &cur_params);
6211 /* Draw up a netlink message to send back */
6212 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
6215 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
6216 NL80211_CMD_GET_MESH_CONFIG);
6219 pinfoattr = nla_nest_start(msg, NL80211_ATTR_MESH_CONFIG);
6221 goto nla_put_failure;
6222 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
6223 nla_put_u16(msg, NL80211_MESHCONF_RETRY_TIMEOUT,
6224 cur_params.dot11MeshRetryTimeout) ||
6225 nla_put_u16(msg, NL80211_MESHCONF_CONFIRM_TIMEOUT,
6226 cur_params.dot11MeshConfirmTimeout) ||
6227 nla_put_u16(msg, NL80211_MESHCONF_HOLDING_TIMEOUT,
6228 cur_params.dot11MeshHoldingTimeout) ||
6229 nla_put_u16(msg, NL80211_MESHCONF_MAX_PEER_LINKS,
6230 cur_params.dot11MeshMaxPeerLinks) ||
6231 nla_put_u8(msg, NL80211_MESHCONF_MAX_RETRIES,
6232 cur_params.dot11MeshMaxRetries) ||
6233 nla_put_u8(msg, NL80211_MESHCONF_TTL,
6234 cur_params.dot11MeshTTL) ||
6235 nla_put_u8(msg, NL80211_MESHCONF_ELEMENT_TTL,
6236 cur_params.element_ttl) ||
6237 nla_put_u8(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS,
6238 cur_params.auto_open_plinks) ||
6239 nla_put_u32(msg, NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR,
6240 cur_params.dot11MeshNbrOffsetMaxNeighbor) ||
6241 nla_put_u8(msg, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES,
6242 cur_params.dot11MeshHWMPmaxPREQretries) ||
6243 nla_put_u32(msg, NL80211_MESHCONF_PATH_REFRESH_TIME,
6244 cur_params.path_refresh_time) ||
6245 nla_put_u16(msg, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT,
6246 cur_params.min_discovery_timeout) ||
6247 nla_put_u32(msg, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT,
6248 cur_params.dot11MeshHWMPactivePathTimeout) ||
6249 nla_put_u16(msg, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL,
6250 cur_params.dot11MeshHWMPpreqMinInterval) ||
6251 nla_put_u16(msg, NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL,
6252 cur_params.dot11MeshHWMPperrMinInterval) ||
6253 nla_put_u16(msg, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME,
6254 cur_params.dot11MeshHWMPnetDiameterTraversalTime) ||
6255 nla_put_u8(msg, NL80211_MESHCONF_HWMP_ROOTMODE,
6256 cur_params.dot11MeshHWMPRootMode) ||
6257 nla_put_u16(msg, NL80211_MESHCONF_HWMP_RANN_INTERVAL,
6258 cur_params.dot11MeshHWMPRannInterval) ||
6259 nla_put_u8(msg, NL80211_MESHCONF_GATE_ANNOUNCEMENTS,
6260 cur_params.dot11MeshGateAnnouncementProtocol) ||
6261 nla_put_u8(msg, NL80211_MESHCONF_FORWARDING,
6262 cur_params.dot11MeshForwarding) ||
6263 nla_put_s32(msg, NL80211_MESHCONF_RSSI_THRESHOLD,
6264 cur_params.rssi_threshold) ||
6265 nla_put_u32(msg, NL80211_MESHCONF_HT_OPMODE,
6266 cur_params.ht_opmode) ||
6267 nla_put_u32(msg, NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT,
6268 cur_params.dot11MeshHWMPactivePathToRootTimeout) ||
6269 nla_put_u16(msg, NL80211_MESHCONF_HWMP_ROOT_INTERVAL,
6270 cur_params.dot11MeshHWMProotInterval) ||
6271 nla_put_u16(msg, NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL,
6272 cur_params.dot11MeshHWMPconfirmationInterval) ||
6273 nla_put_u32(msg, NL80211_MESHCONF_POWER_MODE,
6274 cur_params.power_mode) ||
6275 nla_put_u16(msg, NL80211_MESHCONF_AWAKE_WINDOW,
6276 cur_params.dot11MeshAwakeWindowDuration) ||
6277 nla_put_u32(msg, NL80211_MESHCONF_PLINK_TIMEOUT,
6278 cur_params.plink_timeout) ||
6279 nla_put_u8(msg, NL80211_MESHCONF_CONNECTED_TO_GATE,
6280 cur_params.dot11MeshConnectedToMeshGate))
6281 goto nla_put_failure;
6282 nla_nest_end(msg, pinfoattr);
6283 genlmsg_end(msg, hdr);
6284 return genlmsg_reply(msg, info);
6292 static const struct nla_policy
6293 nl80211_meshconf_params_policy[NL80211_MESHCONF_ATTR_MAX+1] = {
6294 [NL80211_MESHCONF_RETRY_TIMEOUT] =
6295 NLA_POLICY_RANGE(NLA_U16, 1, 255),
6296 [NL80211_MESHCONF_CONFIRM_TIMEOUT] =
6297 NLA_POLICY_RANGE(NLA_U16, 1, 255),
6298 [NL80211_MESHCONF_HOLDING_TIMEOUT] =
6299 NLA_POLICY_RANGE(NLA_U16, 1, 255),
6300 [NL80211_MESHCONF_MAX_PEER_LINKS] =
6301 NLA_POLICY_RANGE(NLA_U16, 0, 255),
6302 [NL80211_MESHCONF_MAX_RETRIES] = NLA_POLICY_MAX(NLA_U8, 16),
6303 [NL80211_MESHCONF_TTL] = NLA_POLICY_MIN(NLA_U8, 1),
6304 [NL80211_MESHCONF_ELEMENT_TTL] = NLA_POLICY_MIN(NLA_U8, 1),
6305 [NL80211_MESHCONF_AUTO_OPEN_PLINKS] = NLA_POLICY_MAX(NLA_U8, 1),
6306 [NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR] =
6307 NLA_POLICY_RANGE(NLA_U32, 1, 255),
6308 [NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES] = { .type = NLA_U8 },
6309 [NL80211_MESHCONF_PATH_REFRESH_TIME] = { .type = NLA_U32 },
6310 [NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT] = NLA_POLICY_MIN(NLA_U16, 1),
6311 [NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT] = { .type = NLA_U32 },
6312 [NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL] =
6313 NLA_POLICY_MIN(NLA_U16, 1),
6314 [NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL] =
6315 NLA_POLICY_MIN(NLA_U16, 1),
6316 [NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME] =
6317 NLA_POLICY_MIN(NLA_U16, 1),
6318 [NL80211_MESHCONF_HWMP_ROOTMODE] = NLA_POLICY_MAX(NLA_U8, 4),
6319 [NL80211_MESHCONF_HWMP_RANN_INTERVAL] =
6320 NLA_POLICY_MIN(NLA_U16, 1),
6321 [NL80211_MESHCONF_GATE_ANNOUNCEMENTS] = NLA_POLICY_MAX(NLA_U8, 1),
6322 [NL80211_MESHCONF_FORWARDING] = NLA_POLICY_MAX(NLA_U8, 1),
6323 [NL80211_MESHCONF_RSSI_THRESHOLD] =
6324 NLA_POLICY_RANGE(NLA_S32, -255, 0),
6325 [NL80211_MESHCONF_HT_OPMODE] = { .type = NLA_U16 },
6326 [NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT] = { .type = NLA_U32 },
6327 [NL80211_MESHCONF_HWMP_ROOT_INTERVAL] =
6328 NLA_POLICY_MIN(NLA_U16, 1),
6329 [NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL] =
6330 NLA_POLICY_MIN(NLA_U16, 1),
6331 [NL80211_MESHCONF_POWER_MODE] =
6332 NLA_POLICY_RANGE(NLA_U32,
6333 NL80211_MESH_POWER_ACTIVE,
6334 NL80211_MESH_POWER_MAX),
6335 [NL80211_MESHCONF_AWAKE_WINDOW] = { .type = NLA_U16 },
6336 [NL80211_MESHCONF_PLINK_TIMEOUT] = { .type = NLA_U32 },
6337 [NL80211_MESHCONF_CONNECTED_TO_GATE] = NLA_POLICY_RANGE(NLA_U8, 0, 1),
6340 static const struct nla_policy
6341 nl80211_mesh_setup_params_policy[NL80211_MESH_SETUP_ATTR_MAX+1] = {
6342 [NL80211_MESH_SETUP_ENABLE_VENDOR_SYNC] = { .type = NLA_U8 },
6343 [NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL] = { .type = NLA_U8 },
6344 [NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC] = { .type = NLA_U8 },
6345 [NL80211_MESH_SETUP_USERSPACE_AUTH] = { .type = NLA_FLAG },
6346 [NL80211_MESH_SETUP_AUTH_PROTOCOL] = { .type = NLA_U8 },
6347 [NL80211_MESH_SETUP_USERSPACE_MPM] = { .type = NLA_FLAG },
6348 [NL80211_MESH_SETUP_IE] =
6349 NLA_POLICY_VALIDATE_FN(NLA_BINARY, validate_ie_attr,
6350 IEEE80211_MAX_DATA_LEN),
6351 [NL80211_MESH_SETUP_USERSPACE_AMPE] = { .type = NLA_FLAG },
6354 static int nl80211_parse_mesh_config(struct genl_info *info,
6355 struct mesh_config *cfg,
6358 struct nlattr *tb[NL80211_MESHCONF_ATTR_MAX + 1];
6362 #define FILL_IN_MESH_PARAM_IF_SET(tb, cfg, param, mask, attr, fn) \
6365 cfg->param = fn(tb[attr]); \
6366 mask |= BIT((attr) - 1); \
6370 if (!info->attrs[NL80211_ATTR_MESH_CONFIG])
6372 if (nla_parse_nested(tb, NL80211_MESHCONF_ATTR_MAX,
6373 info->attrs[NL80211_ATTR_MESH_CONFIG],
6374 nl80211_meshconf_params_policy, info->extack))
6377 /* This makes sure that there aren't more than 32 mesh config
6378 * parameters (otherwise our bitfield scheme would not work.) */
6379 BUILD_BUG_ON(NL80211_MESHCONF_ATTR_MAX > 32);
6381 /* Fill in the params struct */
6382 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshRetryTimeout, mask,
6383 NL80211_MESHCONF_RETRY_TIMEOUT, nla_get_u16);
6384 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshConfirmTimeout, mask,
6385 NL80211_MESHCONF_CONFIRM_TIMEOUT,
6387 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHoldingTimeout, mask,
6388 NL80211_MESHCONF_HOLDING_TIMEOUT,
6390 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxPeerLinks, mask,
6391 NL80211_MESHCONF_MAX_PEER_LINKS,
6393 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxRetries, mask,
6394 NL80211_MESHCONF_MAX_RETRIES, nla_get_u8);
6395 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshTTL, mask,
6396 NL80211_MESHCONF_TTL, nla_get_u8);
6397 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, element_ttl, mask,
6398 NL80211_MESHCONF_ELEMENT_TTL, nla_get_u8);
6399 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, auto_open_plinks, mask,
6400 NL80211_MESHCONF_AUTO_OPEN_PLINKS,
6402 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshNbrOffsetMaxNeighbor,
6404 NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR,
6406 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPmaxPREQretries, mask,
6407 NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES,
6409 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, path_refresh_time, mask,
6410 NL80211_MESHCONF_PATH_REFRESH_TIME,
6412 if (mask & BIT(NL80211_MESHCONF_PATH_REFRESH_TIME) &&
6413 (cfg->path_refresh_time < 1 || cfg->path_refresh_time > 65535))
6415 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, min_discovery_timeout, mask,
6416 NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT,
6418 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPactivePathTimeout,
6420 NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT,
6422 if (mask & BIT(NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT) &&
6423 (cfg->dot11MeshHWMPactivePathTimeout < 1 ||
6424 cfg->dot11MeshHWMPactivePathTimeout > 65535))
6426 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPpreqMinInterval, mask,
6427 NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL,
6429 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPperrMinInterval, mask,
6430 NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL,
6432 FILL_IN_MESH_PARAM_IF_SET(tb, cfg,
6433 dot11MeshHWMPnetDiameterTraversalTime, mask,
6434 NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME,
6436 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPRootMode, mask,
6437 NL80211_MESHCONF_HWMP_ROOTMODE, nla_get_u8);
6438 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPRannInterval, mask,
6439 NL80211_MESHCONF_HWMP_RANN_INTERVAL,
6441 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshGateAnnouncementProtocol,
6442 mask, NL80211_MESHCONF_GATE_ANNOUNCEMENTS,
6444 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshForwarding, mask,
6445 NL80211_MESHCONF_FORWARDING, nla_get_u8);
6446 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, rssi_threshold, mask,
6447 NL80211_MESHCONF_RSSI_THRESHOLD,
6449 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshConnectedToMeshGate, mask,
6450 NL80211_MESHCONF_CONNECTED_TO_GATE,
6453 * Check HT operation mode based on
6454 * IEEE 802.11-2016 9.4.2.57 HT Operation element.
6456 if (tb[NL80211_MESHCONF_HT_OPMODE]) {
6457 ht_opmode = nla_get_u16(tb[NL80211_MESHCONF_HT_OPMODE]);
6459 if (ht_opmode & ~(IEEE80211_HT_OP_MODE_PROTECTION |
6460 IEEE80211_HT_OP_MODE_NON_GF_STA_PRSNT |
6461 IEEE80211_HT_OP_MODE_NON_HT_STA_PRSNT))
6464 /* NON_HT_STA bit is reserved, but some programs set it */
6465 ht_opmode &= ~IEEE80211_HT_OP_MODE_NON_HT_STA_PRSNT;
6467 cfg->ht_opmode = ht_opmode;
6468 mask |= (1 << (NL80211_MESHCONF_HT_OPMODE - 1));
6470 FILL_IN_MESH_PARAM_IF_SET(tb, cfg,
6471 dot11MeshHWMPactivePathToRootTimeout, mask,
6472 NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT,
6474 if (mask & BIT(NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT) &&
6475 (cfg->dot11MeshHWMPactivePathToRootTimeout < 1 ||
6476 cfg->dot11MeshHWMPactivePathToRootTimeout > 65535))
6478 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMProotInterval, mask,
6479 NL80211_MESHCONF_HWMP_ROOT_INTERVAL,
6481 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPconfirmationInterval,
6483 NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL,
6485 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, power_mode, mask,
6486 NL80211_MESHCONF_POWER_MODE, nla_get_u32);
6487 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshAwakeWindowDuration, mask,
6488 NL80211_MESHCONF_AWAKE_WINDOW, nla_get_u16);
6489 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, plink_timeout, mask,
6490 NL80211_MESHCONF_PLINK_TIMEOUT, nla_get_u32);
6496 #undef FILL_IN_MESH_PARAM_IF_SET
6499 static int nl80211_parse_mesh_setup(struct genl_info *info,
6500 struct mesh_setup *setup)
6502 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6503 struct nlattr *tb[NL80211_MESH_SETUP_ATTR_MAX + 1];
6505 if (!info->attrs[NL80211_ATTR_MESH_SETUP])
6507 if (nla_parse_nested(tb, NL80211_MESH_SETUP_ATTR_MAX,
6508 info->attrs[NL80211_ATTR_MESH_SETUP],
6509 nl80211_mesh_setup_params_policy, info->extack))
6512 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_SYNC])
6513 setup->sync_method =
6514 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_SYNC])) ?
6515 IEEE80211_SYNC_METHOD_VENDOR :
6516 IEEE80211_SYNC_METHOD_NEIGHBOR_OFFSET;
6518 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL])
6519 setup->path_sel_proto =
6520 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL])) ?
6521 IEEE80211_PATH_PROTOCOL_VENDOR :
6522 IEEE80211_PATH_PROTOCOL_HWMP;
6524 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC])
6525 setup->path_metric =
6526 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC])) ?
6527 IEEE80211_PATH_METRIC_VENDOR :
6528 IEEE80211_PATH_METRIC_AIRTIME;
6530 if (tb[NL80211_MESH_SETUP_IE]) {
6531 struct nlattr *ieattr =
6532 tb[NL80211_MESH_SETUP_IE];
6533 setup->ie = nla_data(ieattr);
6534 setup->ie_len = nla_len(ieattr);
6536 if (tb[NL80211_MESH_SETUP_USERSPACE_MPM] &&
6537 !(rdev->wiphy.features & NL80211_FEATURE_USERSPACE_MPM))
6539 setup->user_mpm = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_MPM]);
6540 setup->is_authenticated = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_AUTH]);
6541 setup->is_secure = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_AMPE]);
6542 if (setup->is_secure)
6543 setup->user_mpm = true;
6545 if (tb[NL80211_MESH_SETUP_AUTH_PROTOCOL]) {
6546 if (!setup->user_mpm)
6549 nla_get_u8(tb[NL80211_MESH_SETUP_AUTH_PROTOCOL]);
6555 static int nl80211_update_mesh_config(struct sk_buff *skb,
6556 struct genl_info *info)
6558 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6559 struct net_device *dev = info->user_ptr[1];
6560 struct wireless_dev *wdev = dev->ieee80211_ptr;
6561 struct mesh_config cfg;
6565 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT)
6568 if (!rdev->ops->update_mesh_config)
6571 err = nl80211_parse_mesh_config(info, &cfg, &mask);
6576 if (!wdev->mesh_id_len)
6580 err = rdev_update_mesh_config(rdev, dev, mask, &cfg);
6587 static int nl80211_put_regdom(const struct ieee80211_regdomain *regdom,
6588 struct sk_buff *msg)
6590 struct nlattr *nl_reg_rules;
6593 if (nla_put_string(msg, NL80211_ATTR_REG_ALPHA2, regdom->alpha2) ||
6594 (regdom->dfs_region &&
6595 nla_put_u8(msg, NL80211_ATTR_DFS_REGION, regdom->dfs_region)))
6596 goto nla_put_failure;
6598 nl_reg_rules = nla_nest_start(msg, NL80211_ATTR_REG_RULES);
6600 goto nla_put_failure;
6602 for (i = 0; i < regdom->n_reg_rules; i++) {
6603 struct nlattr *nl_reg_rule;
6604 const struct ieee80211_reg_rule *reg_rule;
6605 const struct ieee80211_freq_range *freq_range;
6606 const struct ieee80211_power_rule *power_rule;
6607 unsigned int max_bandwidth_khz;
6609 reg_rule = ®dom->reg_rules[i];
6610 freq_range = ®_rule->freq_range;
6611 power_rule = ®_rule->power_rule;
6613 nl_reg_rule = nla_nest_start(msg, i);
6615 goto nla_put_failure;
6617 max_bandwidth_khz = freq_range->max_bandwidth_khz;
6618 if (!max_bandwidth_khz)
6619 max_bandwidth_khz = reg_get_max_bandwidth(regdom,
6622 if (nla_put_u32(msg, NL80211_ATTR_REG_RULE_FLAGS,
6624 nla_put_u32(msg, NL80211_ATTR_FREQ_RANGE_START,
6625 freq_range->start_freq_khz) ||
6626 nla_put_u32(msg, NL80211_ATTR_FREQ_RANGE_END,
6627 freq_range->end_freq_khz) ||
6628 nla_put_u32(msg, NL80211_ATTR_FREQ_RANGE_MAX_BW,
6629 max_bandwidth_khz) ||
6630 nla_put_u32(msg, NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN,
6631 power_rule->max_antenna_gain) ||
6632 nla_put_u32(msg, NL80211_ATTR_POWER_RULE_MAX_EIRP,
6633 power_rule->max_eirp) ||
6634 nla_put_u32(msg, NL80211_ATTR_DFS_CAC_TIME,
6635 reg_rule->dfs_cac_ms))
6636 goto nla_put_failure;
6638 nla_nest_end(msg, nl_reg_rule);
6641 nla_nest_end(msg, nl_reg_rules);
6648 static int nl80211_get_reg_do(struct sk_buff *skb, struct genl_info *info)
6650 const struct ieee80211_regdomain *regdom = NULL;
6651 struct cfg80211_registered_device *rdev;
6652 struct wiphy *wiphy = NULL;
6653 struct sk_buff *msg;
6656 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
6660 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
6661 NL80211_CMD_GET_REG);
6665 if (info->attrs[NL80211_ATTR_WIPHY]) {
6668 rdev = cfg80211_get_dev_from_info(genl_info_net(info), info);
6671 return PTR_ERR(rdev);
6674 wiphy = &rdev->wiphy;
6675 self_managed = wiphy->regulatory_flags &
6676 REGULATORY_WIPHY_SELF_MANAGED;
6677 regdom = get_wiphy_regdom(wiphy);
6679 /* a self-managed-reg device must have a private regdom */
6680 if (WARN_ON(!regdom && self_managed)) {
6686 nla_put_u32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy)))
6687 goto nla_put_failure;
6690 if (!wiphy && reg_last_request_cell_base() &&
6691 nla_put_u32(msg, NL80211_ATTR_USER_REG_HINT_TYPE,
6692 NL80211_USER_REG_HINT_CELL_BASE))
6693 goto nla_put_failure;
6698 regdom = rcu_dereference(cfg80211_regdomain);
6700 if (nl80211_put_regdom(regdom, msg))
6701 goto nla_put_failure_rcu;
6705 genlmsg_end(msg, hdr);
6706 return genlmsg_reply(msg, info);
6708 nla_put_failure_rcu:
6716 static int nl80211_send_regdom(struct sk_buff *msg, struct netlink_callback *cb,
6717 u32 seq, int flags, struct wiphy *wiphy,
6718 const struct ieee80211_regdomain *regdom)
6720 void *hdr = nl80211hdr_put(msg, NETLINK_CB(cb->skb).portid, seq, flags,
6721 NL80211_CMD_GET_REG);
6726 genl_dump_check_consistent(cb, hdr);
6728 if (nl80211_put_regdom(regdom, msg))
6729 goto nla_put_failure;
6731 if (!wiphy && reg_last_request_cell_base() &&
6732 nla_put_u32(msg, NL80211_ATTR_USER_REG_HINT_TYPE,
6733 NL80211_USER_REG_HINT_CELL_BASE))
6734 goto nla_put_failure;
6737 nla_put_u32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy)))
6738 goto nla_put_failure;
6740 if (wiphy && wiphy->regulatory_flags & REGULATORY_WIPHY_SELF_MANAGED &&
6741 nla_put_flag(msg, NL80211_ATTR_WIPHY_SELF_MANAGED_REG))
6742 goto nla_put_failure;
6744 genlmsg_end(msg, hdr);
6748 genlmsg_cancel(msg, hdr);
6752 static int nl80211_get_reg_dump(struct sk_buff *skb,
6753 struct netlink_callback *cb)
6755 const struct ieee80211_regdomain *regdom = NULL;
6756 struct cfg80211_registered_device *rdev;
6757 int err, reg_idx, start = cb->args[2];
6761 if (cfg80211_regdomain && start == 0) {
6762 err = nl80211_send_regdom(skb, cb, cb->nlh->nlmsg_seq,
6764 rtnl_dereference(cfg80211_regdomain));
6769 /* the global regdom is idx 0 */
6771 list_for_each_entry(rdev, &cfg80211_rdev_list, list) {
6772 regdom = get_wiphy_regdom(&rdev->wiphy);
6776 if (++reg_idx <= start)
6779 err = nl80211_send_regdom(skb, cb, cb->nlh->nlmsg_seq,
6780 NLM_F_MULTI, &rdev->wiphy, regdom);
6787 cb->args[2] = reg_idx;
6794 #ifdef CONFIG_CFG80211_CRDA_SUPPORT
6795 static const struct nla_policy reg_rule_policy[NL80211_REG_RULE_ATTR_MAX + 1] = {
6796 [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 },
6797 [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 },
6798 [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 },
6799 [NL80211_ATTR_FREQ_RANGE_MAX_BW] = { .type = NLA_U32 },
6800 [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 },
6801 [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 },
6802 [NL80211_ATTR_DFS_CAC_TIME] = { .type = NLA_U32 },
6805 static int parse_reg_rule(struct nlattr *tb[],
6806 struct ieee80211_reg_rule *reg_rule)
6808 struct ieee80211_freq_range *freq_range = ®_rule->freq_range;
6809 struct ieee80211_power_rule *power_rule = ®_rule->power_rule;
6811 if (!tb[NL80211_ATTR_REG_RULE_FLAGS])
6813 if (!tb[NL80211_ATTR_FREQ_RANGE_START])
6815 if (!tb[NL80211_ATTR_FREQ_RANGE_END])
6817 if (!tb[NL80211_ATTR_FREQ_RANGE_MAX_BW])
6819 if (!tb[NL80211_ATTR_POWER_RULE_MAX_EIRP])
6822 reg_rule->flags = nla_get_u32(tb[NL80211_ATTR_REG_RULE_FLAGS]);
6824 freq_range->start_freq_khz =
6825 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]);
6826 freq_range->end_freq_khz =
6827 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]);
6828 freq_range->max_bandwidth_khz =
6829 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]);
6831 power_rule->max_eirp =
6832 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]);
6834 if (tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN])
6835 power_rule->max_antenna_gain =
6836 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]);
6838 if (tb[NL80211_ATTR_DFS_CAC_TIME])
6839 reg_rule->dfs_cac_ms =
6840 nla_get_u32(tb[NL80211_ATTR_DFS_CAC_TIME]);
6845 static int nl80211_set_reg(struct sk_buff *skb, struct genl_info *info)
6847 struct nlattr *tb[NL80211_REG_RULE_ATTR_MAX + 1];
6848 struct nlattr *nl_reg_rule;
6850 int rem_reg_rules, r;
6851 u32 num_rules = 0, rule_idx = 0, size_of_regd;
6852 enum nl80211_dfs_regions dfs_region = NL80211_DFS_UNSET;
6853 struct ieee80211_regdomain *rd;
6855 if (!info->attrs[NL80211_ATTR_REG_ALPHA2])
6858 if (!info->attrs[NL80211_ATTR_REG_RULES])
6861 alpha2 = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]);
6863 if (info->attrs[NL80211_ATTR_DFS_REGION])
6864 dfs_region = nla_get_u8(info->attrs[NL80211_ATTR_DFS_REGION]);
6866 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES],
6869 if (num_rules > NL80211_MAX_SUPP_REG_RULES)
6873 if (!reg_is_valid_request(alpha2))
6876 size_of_regd = sizeof(struct ieee80211_regdomain) +
6877 num_rules * sizeof(struct ieee80211_reg_rule);
6879 rd = kzalloc(size_of_regd, GFP_KERNEL);
6883 rd->n_reg_rules = num_rules;
6884 rd->alpha2[0] = alpha2[0];
6885 rd->alpha2[1] = alpha2[1];
6888 * Disable DFS master mode if the DFS region was
6889 * not supported or known on this kernel.
6891 if (reg_supported_dfs_region(dfs_region))
6892 rd->dfs_region = dfs_region;
6894 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES],
6896 r = nla_parse_nested(tb, NL80211_REG_RULE_ATTR_MAX,
6897 nl_reg_rule, reg_rule_policy,
6901 r = parse_reg_rule(tb, &rd->reg_rules[rule_idx]);
6907 if (rule_idx > NL80211_MAX_SUPP_REG_RULES) {
6913 /* set_regdom takes ownership of rd */
6914 return set_regdom(rd, REGD_SOURCE_CRDA);
6919 #endif /* CONFIG_CFG80211_CRDA_SUPPORT */
6921 static int validate_scan_freqs(struct nlattr *freqs)
6923 struct nlattr *attr1, *attr2;
6924 int n_channels = 0, tmp1, tmp2;
6926 nla_for_each_nested(attr1, freqs, tmp1)
6927 if (nla_len(attr1) != sizeof(u32))
6930 nla_for_each_nested(attr1, freqs, tmp1) {
6933 * Some hardware has a limited channel list for
6934 * scanning, and it is pretty much nonsensical
6935 * to scan for a channel twice, so disallow that
6936 * and don't require drivers to check that the
6937 * channel list they get isn't longer than what
6938 * they can scan, as long as they can scan all
6939 * the channels they registered at once.
6941 nla_for_each_nested(attr2, freqs, tmp2)
6942 if (attr1 != attr2 &&
6943 nla_get_u32(attr1) == nla_get_u32(attr2))
6950 static bool is_band_valid(struct wiphy *wiphy, enum nl80211_band b)
6952 return b < NUM_NL80211_BANDS && wiphy->bands[b];
6955 static int parse_bss_select(struct nlattr *nla, struct wiphy *wiphy,
6956 struct cfg80211_bss_selection *bss_select)
6958 struct nlattr *attr[NL80211_BSS_SELECT_ATTR_MAX + 1];
6959 struct nlattr *nest;
6964 /* only process one nested attribute */
6965 nest = nla_data(nla);
6966 if (!nla_ok(nest, nla_len(nest)))
6969 err = nla_parse_nested(attr, NL80211_BSS_SELECT_ATTR_MAX, nest,
6970 nl80211_bss_select_policy, NULL);
6974 /* only one attribute may be given */
6975 for (i = 0; i <= NL80211_BSS_SELECT_ATTR_MAX; i++) {
6983 bss_select->behaviour = __NL80211_BSS_SELECT_ATTR_INVALID;
6985 if (attr[NL80211_BSS_SELECT_ATTR_RSSI])
6986 bss_select->behaviour = NL80211_BSS_SELECT_ATTR_RSSI;
6988 if (attr[NL80211_BSS_SELECT_ATTR_BAND_PREF]) {
6989 bss_select->behaviour = NL80211_BSS_SELECT_ATTR_BAND_PREF;
6990 bss_select->param.band_pref =
6991 nla_get_u32(attr[NL80211_BSS_SELECT_ATTR_BAND_PREF]);
6992 if (!is_band_valid(wiphy, bss_select->param.band_pref))
6996 if (attr[NL80211_BSS_SELECT_ATTR_RSSI_ADJUST]) {
6997 struct nl80211_bss_select_rssi_adjust *adj_param;
6999 adj_param = nla_data(attr[NL80211_BSS_SELECT_ATTR_RSSI_ADJUST]);
7000 bss_select->behaviour = NL80211_BSS_SELECT_ATTR_RSSI_ADJUST;
7001 bss_select->param.adjust.band = adj_param->band;
7002 bss_select->param.adjust.delta = adj_param->delta;
7003 if (!is_band_valid(wiphy, bss_select->param.adjust.band))
7007 /* user-space did not provide behaviour attribute */
7008 if (bss_select->behaviour == __NL80211_BSS_SELECT_ATTR_INVALID)
7011 if (!(wiphy->bss_select_support & BIT(bss_select->behaviour)))
7017 int nl80211_parse_random_mac(struct nlattr **attrs,
7018 u8 *mac_addr, u8 *mac_addr_mask)
7022 if (!attrs[NL80211_ATTR_MAC] && !attrs[NL80211_ATTR_MAC_MASK]) {
7023 eth_zero_addr(mac_addr);
7024 eth_zero_addr(mac_addr_mask);
7026 mac_addr_mask[0] = 0x3;
7031 /* need both or none */
7032 if (!attrs[NL80211_ATTR_MAC] || !attrs[NL80211_ATTR_MAC_MASK])
7035 memcpy(mac_addr, nla_data(attrs[NL80211_ATTR_MAC]), ETH_ALEN);
7036 memcpy(mac_addr_mask, nla_data(attrs[NL80211_ATTR_MAC_MASK]), ETH_ALEN);
7038 /* don't allow or configure an mcast address */
7039 if (!is_multicast_ether_addr(mac_addr_mask) ||
7040 is_multicast_ether_addr(mac_addr))
7044 * allow users to pass a MAC address that has bits set outside
7045 * of the mask, but don't bother drivers with having to deal
7048 for (i = 0; i < ETH_ALEN; i++)
7049 mac_addr[i] &= mac_addr_mask[i];
7054 static bool cfg80211_off_channel_oper_allowed(struct wireless_dev *wdev)
7056 ASSERT_WDEV_LOCK(wdev);
7058 if (!cfg80211_beaconing_iface_active(wdev))
7061 if (!(wdev->chandef.chan->flags & IEEE80211_CHAN_RADAR))
7064 return regulatory_pre_cac_allowed(wdev->wiphy);
7067 static bool nl80211_check_scan_feat(struct wiphy *wiphy, u32 flags, u32 flag,
7068 enum nl80211_ext_feature_index feat)
7070 if (!(flags & flag))
7072 if (wiphy_ext_feature_isset(wiphy, feat))
7078 nl80211_check_scan_flags(struct wiphy *wiphy, struct wireless_dev *wdev,
7079 void *request, struct nlattr **attrs,
7082 u8 *mac_addr, *mac_addr_mask;
7084 enum nl80211_feature_flags randomness_flag;
7086 if (!attrs[NL80211_ATTR_SCAN_FLAGS])
7089 if (is_sched_scan) {
7090 struct cfg80211_sched_scan_request *req = request;
7092 randomness_flag = wdev ?
7093 NL80211_FEATURE_SCHED_SCAN_RANDOM_MAC_ADDR :
7094 NL80211_FEATURE_ND_RANDOM_MAC_ADDR;
7095 flags = &req->flags;
7096 mac_addr = req->mac_addr;
7097 mac_addr_mask = req->mac_addr_mask;
7099 struct cfg80211_scan_request *req = request;
7101 randomness_flag = NL80211_FEATURE_SCAN_RANDOM_MAC_ADDR;
7102 flags = &req->flags;
7103 mac_addr = req->mac_addr;
7104 mac_addr_mask = req->mac_addr_mask;
7107 *flags = nla_get_u32(attrs[NL80211_ATTR_SCAN_FLAGS]);
7109 if (((*flags & NL80211_SCAN_FLAG_LOW_PRIORITY) &&
7110 !(wiphy->features & NL80211_FEATURE_LOW_PRIORITY_SCAN)) ||
7111 !nl80211_check_scan_feat(wiphy, *flags,
7112 NL80211_SCAN_FLAG_LOW_SPAN,
7113 NL80211_EXT_FEATURE_LOW_SPAN_SCAN) ||
7114 !nl80211_check_scan_feat(wiphy, *flags,
7115 NL80211_SCAN_FLAG_LOW_POWER,
7116 NL80211_EXT_FEATURE_LOW_POWER_SCAN) ||
7117 !nl80211_check_scan_feat(wiphy, *flags,
7118 NL80211_SCAN_FLAG_HIGH_ACCURACY,
7119 NL80211_EXT_FEATURE_HIGH_ACCURACY_SCAN) ||
7120 !nl80211_check_scan_feat(wiphy, *flags,
7121 NL80211_SCAN_FLAG_FILS_MAX_CHANNEL_TIME,
7122 NL80211_EXT_FEATURE_FILS_MAX_CHANNEL_TIME) ||
7123 !nl80211_check_scan_feat(wiphy, *flags,
7124 NL80211_SCAN_FLAG_ACCEPT_BCAST_PROBE_RESP,
7125 NL80211_EXT_FEATURE_ACCEPT_BCAST_PROBE_RESP) ||
7126 !nl80211_check_scan_feat(wiphy, *flags,
7127 NL80211_SCAN_FLAG_OCE_PROBE_REQ_DEFERRAL_SUPPRESSION,
7128 NL80211_EXT_FEATURE_OCE_PROBE_REQ_DEFERRAL_SUPPRESSION) ||
7129 !nl80211_check_scan_feat(wiphy, *flags,
7130 NL80211_SCAN_FLAG_OCE_PROBE_REQ_HIGH_TX_RATE,
7131 NL80211_EXT_FEATURE_OCE_PROBE_REQ_HIGH_TX_RATE) ||
7132 !nl80211_check_scan_feat(wiphy, *flags,
7133 NL80211_SCAN_FLAG_RANDOM_SN,
7134 NL80211_EXT_FEATURE_SCAN_RANDOM_SN) ||
7135 !nl80211_check_scan_feat(wiphy, *flags,
7136 NL80211_SCAN_FLAG_MIN_PREQ_CONTENT,
7137 NL80211_EXT_FEATURE_SCAN_MIN_PREQ_CONTENT))
7140 if (*flags & NL80211_SCAN_FLAG_RANDOM_ADDR) {
7143 if (!(wiphy->features & randomness_flag) ||
7144 (wdev && wdev->current_bss))
7147 err = nl80211_parse_random_mac(attrs, mac_addr, mac_addr_mask);
7155 static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info)
7157 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7158 struct wireless_dev *wdev = info->user_ptr[1];
7159 struct cfg80211_scan_request *request;
7160 struct nlattr *attr;
7161 struct wiphy *wiphy;
7162 int err, tmp, n_ssids = 0, n_channels, i;
7165 wiphy = &rdev->wiphy;
7167 if (wdev->iftype == NL80211_IFTYPE_NAN)
7170 if (!rdev->ops->scan)
7173 if (rdev->scan_req || rdev->scan_msg) {
7178 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
7179 n_channels = validate_scan_freqs(
7180 info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]);
7186 n_channels = ieee80211_get_num_supported_channels(wiphy);
7189 if (info->attrs[NL80211_ATTR_SCAN_SSIDS])
7190 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp)
7193 if (n_ssids > wiphy->max_scan_ssids) {
7198 if (info->attrs[NL80211_ATTR_IE])
7199 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
7203 if (ie_len > wiphy->max_scan_ie_len) {
7208 request = kzalloc(sizeof(*request)
7209 + sizeof(*request->ssids) * n_ssids
7210 + sizeof(*request->channels) * n_channels
7211 + ie_len, GFP_KERNEL);
7218 request->ssids = (void *)&request->channels[n_channels];
7219 request->n_ssids = n_ssids;
7222 request->ie = (void *)(request->ssids + n_ssids);
7224 request->ie = (void *)(request->channels + n_channels);
7228 if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
7229 /* user specified, bail out if channel not found */
7230 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_FREQUENCIES], tmp) {
7231 struct ieee80211_channel *chan;
7233 chan = ieee80211_get_channel(wiphy, nla_get_u32(attr));
7240 /* ignore disabled channels */
7241 if (chan->flags & IEEE80211_CHAN_DISABLED)
7244 request->channels[i] = chan;
7248 enum nl80211_band band;
7251 for (band = 0; band < NUM_NL80211_BANDS; band++) {
7254 if (!wiphy->bands[band])
7256 for (j = 0; j < wiphy->bands[band]->n_channels; j++) {
7257 struct ieee80211_channel *chan;
7259 chan = &wiphy->bands[band]->channels[j];
7261 if (chan->flags & IEEE80211_CHAN_DISABLED)
7264 request->channels[i] = chan;
7275 request->n_channels = i;
7278 if (!cfg80211_off_channel_oper_allowed(wdev)) {
7279 struct ieee80211_channel *chan;
7281 if (request->n_channels != 1) {
7287 chan = request->channels[0];
7288 if (chan->center_freq != wdev->chandef.chan->center_freq) {
7298 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) {
7299 if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) {
7303 request->ssids[i].ssid_len = nla_len(attr);
7304 memcpy(request->ssids[i].ssid, nla_data(attr), nla_len(attr));
7309 if (info->attrs[NL80211_ATTR_IE]) {
7310 request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
7311 memcpy((void *)request->ie,
7312 nla_data(info->attrs[NL80211_ATTR_IE]),
7316 for (i = 0; i < NUM_NL80211_BANDS; i++)
7317 if (wiphy->bands[i])
7319 (1 << wiphy->bands[i]->n_bitrates) - 1;
7321 if (info->attrs[NL80211_ATTR_SCAN_SUPP_RATES]) {
7322 nla_for_each_nested(attr,
7323 info->attrs[NL80211_ATTR_SCAN_SUPP_RATES],
7325 enum nl80211_band band = nla_type(attr);
7327 if (band < 0 || band >= NUM_NL80211_BANDS) {
7332 if (!wiphy->bands[band])
7335 err = ieee80211_get_ratemask(wiphy->bands[band],
7338 &request->rates[band]);
7344 if (info->attrs[NL80211_ATTR_MEASUREMENT_DURATION]) {
7345 if (!wiphy_ext_feature_isset(wiphy,
7346 NL80211_EXT_FEATURE_SET_SCAN_DWELL)) {
7352 nla_get_u16(info->attrs[NL80211_ATTR_MEASUREMENT_DURATION]);
7353 request->duration_mandatory =
7354 nla_get_flag(info->attrs[NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY]);
7357 err = nl80211_check_scan_flags(wiphy, wdev, request, info->attrs,
7363 nla_get_flag(info->attrs[NL80211_ATTR_TX_NO_CCK_RATE]);
7365 /* Initial implementation used NL80211_ATTR_MAC to set the specific
7366 * BSSID to scan for. This was problematic because that same attribute
7367 * was already used for another purpose (local random MAC address). The
7368 * NL80211_ATTR_BSSID attribute was added to fix this. For backwards
7369 * compatibility with older userspace components, also use the
7370 * NL80211_ATTR_MAC value here if it can be determined to be used for
7371 * the specific BSSID use case instead of the random MAC address
7372 * (NL80211_ATTR_SCAN_FLAGS is used to enable random MAC address use).
7374 if (info->attrs[NL80211_ATTR_BSSID])
7375 memcpy(request->bssid,
7376 nla_data(info->attrs[NL80211_ATTR_BSSID]), ETH_ALEN);
7377 else if (!(request->flags & NL80211_SCAN_FLAG_RANDOM_ADDR) &&
7378 info->attrs[NL80211_ATTR_MAC])
7379 memcpy(request->bssid, nla_data(info->attrs[NL80211_ATTR_MAC]),
7382 eth_broadcast_addr(request->bssid);
7384 request->wdev = wdev;
7385 request->wiphy = &rdev->wiphy;
7386 request->scan_start = jiffies;
7388 rdev->scan_req = request;
7389 err = rdev_scan(rdev, request);
7392 nl80211_send_scan_start(rdev, wdev);
7394 dev_hold(wdev->netdev);
7397 rdev->scan_req = NULL;
7405 static int nl80211_abort_scan(struct sk_buff *skb, struct genl_info *info)
7407 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7408 struct wireless_dev *wdev = info->user_ptr[1];
7410 if (!rdev->ops->abort_scan)
7416 if (!rdev->scan_req)
7419 rdev_abort_scan(rdev, wdev);
7424 nl80211_parse_sched_scan_plans(struct wiphy *wiphy, int n_plans,
7425 struct cfg80211_sched_scan_request *request,
7426 struct nlattr **attrs)
7428 int tmp, err, i = 0;
7429 struct nlattr *attr;
7431 if (!attrs[NL80211_ATTR_SCHED_SCAN_PLANS]) {
7435 * If scan plans are not specified,
7436 * %NL80211_ATTR_SCHED_SCAN_INTERVAL will be specified. In this
7437 * case one scan plan will be set with the specified scan
7438 * interval and infinite number of iterations.
7440 interval = nla_get_u32(attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL]);
7444 request->scan_plans[0].interval =
7445 DIV_ROUND_UP(interval, MSEC_PER_SEC);
7446 if (!request->scan_plans[0].interval)
7449 if (request->scan_plans[0].interval >
7450 wiphy->max_sched_scan_plan_interval)
7451 request->scan_plans[0].interval =
7452 wiphy->max_sched_scan_plan_interval;
7457 nla_for_each_nested(attr, attrs[NL80211_ATTR_SCHED_SCAN_PLANS], tmp) {
7458 struct nlattr *plan[NL80211_SCHED_SCAN_PLAN_MAX + 1];
7460 if (WARN_ON(i >= n_plans))
7463 err = nla_parse_nested(plan, NL80211_SCHED_SCAN_PLAN_MAX,
7464 attr, nl80211_plan_policy, NULL);
7468 if (!plan[NL80211_SCHED_SCAN_PLAN_INTERVAL])
7471 request->scan_plans[i].interval =
7472 nla_get_u32(plan[NL80211_SCHED_SCAN_PLAN_INTERVAL]);
7473 if (!request->scan_plans[i].interval ||
7474 request->scan_plans[i].interval >
7475 wiphy->max_sched_scan_plan_interval)
7478 if (plan[NL80211_SCHED_SCAN_PLAN_ITERATIONS]) {
7479 request->scan_plans[i].iterations =
7480 nla_get_u32(plan[NL80211_SCHED_SCAN_PLAN_ITERATIONS]);
7481 if (!request->scan_plans[i].iterations ||
7482 (request->scan_plans[i].iterations >
7483 wiphy->max_sched_scan_plan_iterations))
7485 } else if (i < n_plans - 1) {
7487 * All scan plans but the last one must specify
7488 * a finite number of iterations
7497 * The last scan plan must not specify the number of
7498 * iterations, it is supposed to run infinitely
7500 if (request->scan_plans[n_plans - 1].iterations)
7506 static struct cfg80211_sched_scan_request *
7507 nl80211_parse_sched_scan(struct wiphy *wiphy, struct wireless_dev *wdev,
7508 struct nlattr **attrs, int max_match_sets)
7510 struct cfg80211_sched_scan_request *request;
7511 struct nlattr *attr;
7512 int err, tmp, n_ssids = 0, n_match_sets = 0, n_channels, i, n_plans = 0;
7513 enum nl80211_band band;
7515 struct nlattr *tb[NL80211_SCHED_SCAN_MATCH_ATTR_MAX + 1];
7516 s32 default_match_rssi = NL80211_SCAN_RSSI_THOLD_OFF;
7518 if (attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
7519 n_channels = validate_scan_freqs(
7520 attrs[NL80211_ATTR_SCAN_FREQUENCIES]);
7522 return ERR_PTR(-EINVAL);
7524 n_channels = ieee80211_get_num_supported_channels(wiphy);
7527 if (attrs[NL80211_ATTR_SCAN_SSIDS])
7528 nla_for_each_nested(attr, attrs[NL80211_ATTR_SCAN_SSIDS],
7532 if (n_ssids > wiphy->max_sched_scan_ssids)
7533 return ERR_PTR(-EINVAL);
7536 * First, count the number of 'real' matchsets. Due to an issue with
7537 * the old implementation, matchsets containing only the RSSI attribute
7538 * (NL80211_SCHED_SCAN_MATCH_ATTR_RSSI) are considered as the 'default'
7539 * RSSI for all matchsets, rather than their own matchset for reporting
7540 * all APs with a strong RSSI. This is needed to be compatible with
7541 * older userspace that treated a matchset with only the RSSI as the
7542 * global RSSI for all other matchsets - if there are other matchsets.
7544 if (attrs[NL80211_ATTR_SCHED_SCAN_MATCH]) {
7545 nla_for_each_nested(attr,
7546 attrs[NL80211_ATTR_SCHED_SCAN_MATCH],
7548 struct nlattr *rssi;
7550 err = nla_parse_nested(tb,
7551 NL80211_SCHED_SCAN_MATCH_ATTR_MAX,
7552 attr, nl80211_match_policy,
7555 return ERR_PTR(err);
7557 /* SSID and BSSID are mutually exclusive */
7558 if (tb[NL80211_SCHED_SCAN_MATCH_ATTR_SSID] &&
7559 tb[NL80211_SCHED_SCAN_MATCH_ATTR_BSSID])
7560 return ERR_PTR(-EINVAL);
7562 /* add other standalone attributes here */
7563 if (tb[NL80211_SCHED_SCAN_MATCH_ATTR_SSID] ||
7564 tb[NL80211_SCHED_SCAN_MATCH_ATTR_BSSID]) {
7568 rssi = tb[NL80211_SCHED_SCAN_MATCH_ATTR_RSSI];
7570 default_match_rssi = nla_get_s32(rssi);
7574 /* However, if there's no other matchset, add the RSSI one */
7575 if (!n_match_sets && default_match_rssi != NL80211_SCAN_RSSI_THOLD_OFF)
7578 if (n_match_sets > max_match_sets)
7579 return ERR_PTR(-EINVAL);
7581 if (attrs[NL80211_ATTR_IE])
7582 ie_len = nla_len(attrs[NL80211_ATTR_IE]);
7586 if (ie_len > wiphy->max_sched_scan_ie_len)
7587 return ERR_PTR(-EINVAL);
7589 if (attrs[NL80211_ATTR_SCHED_SCAN_PLANS]) {
7591 * NL80211_ATTR_SCHED_SCAN_INTERVAL must not be specified since
7592 * each scan plan already specifies its own interval
7594 if (attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL])
7595 return ERR_PTR(-EINVAL);
7597 nla_for_each_nested(attr,
7598 attrs[NL80211_ATTR_SCHED_SCAN_PLANS], tmp)
7602 * The scan interval attribute is kept for backward
7603 * compatibility. If no scan plans are specified and sched scan
7604 * interval is specified, one scan plan will be set with this
7605 * scan interval and infinite number of iterations.
7607 if (!attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL])
7608 return ERR_PTR(-EINVAL);
7613 if (!n_plans || n_plans > wiphy->max_sched_scan_plans)
7614 return ERR_PTR(-EINVAL);
7616 if (!wiphy_ext_feature_isset(
7617 wiphy, NL80211_EXT_FEATURE_SCHED_SCAN_RELATIVE_RSSI) &&
7618 (attrs[NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI] ||
7619 attrs[NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST]))
7620 return ERR_PTR(-EINVAL);
7622 request = kzalloc(sizeof(*request)
7623 + sizeof(*request->ssids) * n_ssids
7624 + sizeof(*request->match_sets) * n_match_sets
7625 + sizeof(*request->scan_plans) * n_plans
7626 + sizeof(*request->channels) * n_channels
7627 + ie_len, GFP_KERNEL);
7629 return ERR_PTR(-ENOMEM);
7632 request->ssids = (void *)&request->channels[n_channels];
7633 request->n_ssids = n_ssids;
7636 request->ie = (void *)(request->ssids + n_ssids);
7638 request->ie = (void *)(request->channels + n_channels);
7643 request->match_sets = (void *)(request->ie + ie_len);
7645 request->match_sets =
7646 (void *)(request->ssids + n_ssids);
7648 request->match_sets =
7649 (void *)(request->channels + n_channels);
7651 request->n_match_sets = n_match_sets;
7654 request->scan_plans = (void *)(request->match_sets +
7656 else if (request->ie)
7657 request->scan_plans = (void *)(request->ie + ie_len);
7659 request->scan_plans = (void *)(request->ssids + n_ssids);
7661 request->scan_plans = (void *)(request->channels + n_channels);
7663 request->n_scan_plans = n_plans;
7666 if (attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
7667 /* user specified, bail out if channel not found */
7668 nla_for_each_nested(attr,
7669 attrs[NL80211_ATTR_SCAN_FREQUENCIES],
7671 struct ieee80211_channel *chan;
7673 chan = ieee80211_get_channel(wiphy, nla_get_u32(attr));
7680 /* ignore disabled channels */
7681 if (chan->flags & IEEE80211_CHAN_DISABLED)
7684 request->channels[i] = chan;
7689 for (band = 0; band < NUM_NL80211_BANDS; band++) {
7692 if (!wiphy->bands[band])
7694 for (j = 0; j < wiphy->bands[band]->n_channels; j++) {
7695 struct ieee80211_channel *chan;
7697 chan = &wiphy->bands[band]->channels[j];
7699 if (chan->flags & IEEE80211_CHAN_DISABLED)
7702 request->channels[i] = chan;
7713 request->n_channels = i;
7717 nla_for_each_nested(attr, attrs[NL80211_ATTR_SCAN_SSIDS],
7719 if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) {
7723 request->ssids[i].ssid_len = nla_len(attr);
7724 memcpy(request->ssids[i].ssid, nla_data(attr),
7731 if (attrs[NL80211_ATTR_SCHED_SCAN_MATCH]) {
7732 nla_for_each_nested(attr,
7733 attrs[NL80211_ATTR_SCHED_SCAN_MATCH],
7735 struct nlattr *ssid, *bssid, *rssi;
7737 err = nla_parse_nested(tb,
7738 NL80211_SCHED_SCAN_MATCH_ATTR_MAX,
7739 attr, nl80211_match_policy,
7743 ssid = tb[NL80211_SCHED_SCAN_MATCH_ATTR_SSID];
7744 bssid = tb[NL80211_SCHED_SCAN_MATCH_ATTR_BSSID];
7745 if (ssid || bssid) {
7746 if (WARN_ON(i >= n_match_sets)) {
7747 /* this indicates a programming error,
7748 * the loop above should have verified
7756 if (nla_len(ssid) > IEEE80211_MAX_SSID_LEN) {
7760 memcpy(request->match_sets[i].ssid.ssid,
7761 nla_data(ssid), nla_len(ssid));
7762 request->match_sets[i].ssid.ssid_len =
7766 if (nla_len(bssid) != ETH_ALEN) {
7770 memcpy(request->match_sets[i].bssid,
7771 nla_data(bssid), ETH_ALEN);
7774 /* special attribute - old implementation w/a */
7775 request->match_sets[i].rssi_thold =
7777 rssi = tb[NL80211_SCHED_SCAN_MATCH_ATTR_RSSI];
7779 request->match_sets[i].rssi_thold =
7785 /* there was no other matchset, so the RSSI one is alone */
7786 if (i == 0 && n_match_sets)
7787 request->match_sets[0].rssi_thold = default_match_rssi;
7789 request->min_rssi_thold = INT_MAX;
7790 for (i = 0; i < n_match_sets; i++)
7791 request->min_rssi_thold =
7792 min(request->match_sets[i].rssi_thold,
7793 request->min_rssi_thold);
7795 request->min_rssi_thold = NL80211_SCAN_RSSI_THOLD_OFF;
7799 request->ie_len = ie_len;
7800 memcpy((void *)request->ie,
7801 nla_data(attrs[NL80211_ATTR_IE]),
7805 err = nl80211_check_scan_flags(wiphy, wdev, request, attrs, true);
7809 if (attrs[NL80211_ATTR_SCHED_SCAN_DELAY])
7811 nla_get_u32(attrs[NL80211_ATTR_SCHED_SCAN_DELAY]);
7813 if (attrs[NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI]) {
7814 request->relative_rssi = nla_get_s8(
7815 attrs[NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI]);
7816 request->relative_rssi_set = true;
7819 if (request->relative_rssi_set &&
7820 attrs[NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST]) {
7821 struct nl80211_bss_select_rssi_adjust *rssi_adjust;
7823 rssi_adjust = nla_data(
7824 attrs[NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST]);
7825 request->rssi_adjust.band = rssi_adjust->band;
7826 request->rssi_adjust.delta = rssi_adjust->delta;
7827 if (!is_band_valid(wiphy, request->rssi_adjust.band)) {
7833 err = nl80211_parse_sched_scan_plans(wiphy, n_plans, request, attrs);
7837 request->scan_start = jiffies;
7843 return ERR_PTR(err);
7846 static int nl80211_start_sched_scan(struct sk_buff *skb,
7847 struct genl_info *info)
7849 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7850 struct net_device *dev = info->user_ptr[1];
7851 struct wireless_dev *wdev = dev->ieee80211_ptr;
7852 struct cfg80211_sched_scan_request *sched_scan_req;
7856 if (!rdev->wiphy.max_sched_scan_reqs || !rdev->ops->sched_scan_start)
7859 want_multi = info->attrs[NL80211_ATTR_SCHED_SCAN_MULTI];
7860 err = cfg80211_sched_scan_req_possible(rdev, want_multi);
7864 sched_scan_req = nl80211_parse_sched_scan(&rdev->wiphy, wdev,
7866 rdev->wiphy.max_match_sets);
7868 err = PTR_ERR_OR_ZERO(sched_scan_req);
7872 /* leave request id zero for legacy request
7873 * or if driver does not support multi-scheduled scan
7875 if (want_multi && rdev->wiphy.max_sched_scan_reqs > 1) {
7876 while (!sched_scan_req->reqid)
7877 sched_scan_req->reqid = cfg80211_assign_cookie(rdev);
7880 err = rdev_sched_scan_start(rdev, dev, sched_scan_req);
7884 sched_scan_req->dev = dev;
7885 sched_scan_req->wiphy = &rdev->wiphy;
7887 if (info->attrs[NL80211_ATTR_SOCKET_OWNER])
7888 sched_scan_req->owner_nlportid = info->snd_portid;
7890 cfg80211_add_sched_scan_req(rdev, sched_scan_req);
7892 nl80211_send_sched_scan(sched_scan_req, NL80211_CMD_START_SCHED_SCAN);
7896 kfree(sched_scan_req);
7901 static int nl80211_stop_sched_scan(struct sk_buff *skb,
7902 struct genl_info *info)
7904 struct cfg80211_sched_scan_request *req;
7905 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7908 if (!rdev->wiphy.max_sched_scan_reqs || !rdev->ops->sched_scan_stop)
7911 if (info->attrs[NL80211_ATTR_COOKIE]) {
7912 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]);
7913 return __cfg80211_stop_sched_scan(rdev, cookie, false);
7916 req = list_first_or_null_rcu(&rdev->sched_scan_req_list,
7917 struct cfg80211_sched_scan_request,
7919 if (!req || req->reqid ||
7920 (req->owner_nlportid &&
7921 req->owner_nlportid != info->snd_portid))
7924 return cfg80211_stop_sched_scan_req(rdev, req, false);
7927 static int nl80211_start_radar_detection(struct sk_buff *skb,
7928 struct genl_info *info)
7930 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7931 struct net_device *dev = info->user_ptr[1];
7932 struct wireless_dev *wdev = dev->ieee80211_ptr;
7933 struct wiphy *wiphy = wdev->wiphy;
7934 struct cfg80211_chan_def chandef;
7935 enum nl80211_dfs_regions dfs_region;
7936 unsigned int cac_time_ms;
7939 dfs_region = reg_get_dfs_region(wiphy);
7940 if (dfs_region == NL80211_DFS_UNSET)
7943 err = nl80211_parse_chandef(rdev, info, &chandef);
7947 if (netif_carrier_ok(dev))
7950 if (wdev->cac_started)
7953 err = cfg80211_chandef_dfs_required(wiphy, &chandef, wdev->iftype);
7960 if (!cfg80211_chandef_dfs_usable(wiphy, &chandef))
7963 /* CAC start is offloaded to HW and can't be started manually */
7964 if (wiphy_ext_feature_isset(wiphy, NL80211_EXT_FEATURE_DFS_OFFLOAD))
7967 if (!rdev->ops->start_radar_detection)
7970 cac_time_ms = cfg80211_chandef_dfs_cac_time(&rdev->wiphy, &chandef);
7971 if (WARN_ON(!cac_time_ms))
7972 cac_time_ms = IEEE80211_DFS_MIN_CAC_TIME_MS;
7974 err = rdev_start_radar_detection(rdev, dev, &chandef, cac_time_ms);
7976 wdev->chandef = chandef;
7977 wdev->cac_started = true;
7978 wdev->cac_start_time = jiffies;
7979 wdev->cac_time_ms = cac_time_ms;
7984 static int nl80211_channel_switch(struct sk_buff *skb, struct genl_info *info)
7986 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7987 struct net_device *dev = info->user_ptr[1];
7988 struct wireless_dev *wdev = dev->ieee80211_ptr;
7989 struct cfg80211_csa_settings params;
7990 /* csa_attrs is defined static to avoid waste of stack size - this
7991 * function is called under RTNL lock, so this should not be a problem.
7993 static struct nlattr *csa_attrs[NL80211_ATTR_MAX+1];
7995 bool need_new_beacon = false;
7996 bool need_handle_dfs_flag = true;
8000 if (!rdev->ops->channel_switch ||
8001 !(rdev->wiphy.flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH))
8004 switch (dev->ieee80211_ptr->iftype) {
8005 case NL80211_IFTYPE_AP:
8006 case NL80211_IFTYPE_P2P_GO:
8007 need_new_beacon = true;
8008 /* For all modes except AP the handle_dfs flag needs to be
8009 * supplied to tell the kernel that userspace will handle radar
8010 * events when they happen. Otherwise a switch to a channel
8011 * requiring DFS will be rejected.
8013 need_handle_dfs_flag = false;
8015 /* useless if AP is not running */
8016 if (!wdev->beacon_interval)
8019 case NL80211_IFTYPE_ADHOC:
8020 if (!wdev->ssid_len)
8023 case NL80211_IFTYPE_MESH_POINT:
8024 if (!wdev->mesh_id_len)
8031 memset(¶ms, 0, sizeof(params));
8033 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] ||
8034 !info->attrs[NL80211_ATTR_CH_SWITCH_COUNT])
8037 /* only important for AP, IBSS and mesh create IEs internally */
8038 if (need_new_beacon && !info->attrs[NL80211_ATTR_CSA_IES])
8041 /* Even though the attribute is u32, the specification says
8042 * u8, so let's make sure we don't overflow.
8044 cs_count = nla_get_u32(info->attrs[NL80211_ATTR_CH_SWITCH_COUNT]);
8048 params.count = cs_count;
8050 if (!need_new_beacon)
8053 err = nl80211_parse_beacon(rdev, info->attrs, ¶ms.beacon_after);
8057 err = nla_parse_nested(csa_attrs, NL80211_ATTR_MAX,
8058 info->attrs[NL80211_ATTR_CSA_IES],
8059 nl80211_policy, info->extack);
8063 err = nl80211_parse_beacon(rdev, csa_attrs, ¶ms.beacon_csa);
8067 if (!csa_attrs[NL80211_ATTR_CSA_C_OFF_BEACON])
8070 len = nla_len(csa_attrs[NL80211_ATTR_CSA_C_OFF_BEACON]);
8071 if (!len || (len % sizeof(u16)))
8074 params.n_counter_offsets_beacon = len / sizeof(u16);
8075 if (rdev->wiphy.max_num_csa_counters &&
8076 (params.n_counter_offsets_beacon >
8077 rdev->wiphy.max_num_csa_counters))
8080 params.counter_offsets_beacon =
8081 nla_data(csa_attrs[NL80211_ATTR_CSA_C_OFF_BEACON]);
8083 /* sanity checks - counters should fit and be the same */
8084 for (i = 0; i < params.n_counter_offsets_beacon; i++) {
8085 u16 offset = params.counter_offsets_beacon[i];
8087 if (offset >= params.beacon_csa.tail_len)
8090 if (params.beacon_csa.tail[offset] != params.count)
8094 if (csa_attrs[NL80211_ATTR_CSA_C_OFF_PRESP]) {
8095 len = nla_len(csa_attrs[NL80211_ATTR_CSA_C_OFF_PRESP]);
8096 if (!len || (len % sizeof(u16)))
8099 params.n_counter_offsets_presp = len / sizeof(u16);
8100 if (rdev->wiphy.max_num_csa_counters &&
8101 (params.n_counter_offsets_presp >
8102 rdev->wiphy.max_num_csa_counters))
8105 params.counter_offsets_presp =
8106 nla_data(csa_attrs[NL80211_ATTR_CSA_C_OFF_PRESP]);
8108 /* sanity checks - counters should fit and be the same */
8109 for (i = 0; i < params.n_counter_offsets_presp; i++) {
8110 u16 offset = params.counter_offsets_presp[i];
8112 if (offset >= params.beacon_csa.probe_resp_len)
8115 if (params.beacon_csa.probe_resp[offset] !=
8122 err = nl80211_parse_chandef(rdev, info, ¶ms.chandef);
8126 if (!cfg80211_reg_can_beacon_relax(&rdev->wiphy, ¶ms.chandef,
8130 err = cfg80211_chandef_dfs_required(wdev->wiphy,
8137 params.radar_required = true;
8138 if (need_handle_dfs_flag &&
8139 !nla_get_flag(info->attrs[NL80211_ATTR_HANDLE_DFS])) {
8144 if (info->attrs[NL80211_ATTR_CH_SWITCH_BLOCK_TX])
8145 params.block_tx = true;
8148 err = rdev_channel_switch(rdev, dev, ¶ms);
8154 static int nl80211_send_bss(struct sk_buff *msg, struct netlink_callback *cb,
8156 struct cfg80211_registered_device *rdev,
8157 struct wireless_dev *wdev,
8158 struct cfg80211_internal_bss *intbss)
8160 struct cfg80211_bss *res = &intbss->pub;
8161 const struct cfg80211_bss_ies *ies;
8165 ASSERT_WDEV_LOCK(wdev);
8167 hdr = nl80211hdr_put(msg, NETLINK_CB(cb->skb).portid, seq, flags,
8168 NL80211_CMD_NEW_SCAN_RESULTS);
8172 genl_dump_check_consistent(cb, hdr);
8174 if (nla_put_u32(msg, NL80211_ATTR_GENERATION, rdev->bss_generation))
8175 goto nla_put_failure;
8177 nla_put_u32(msg, NL80211_ATTR_IFINDEX, wdev->netdev->ifindex))
8178 goto nla_put_failure;
8179 if (nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
8181 goto nla_put_failure;
8183 bss = nla_nest_start(msg, NL80211_ATTR_BSS);
8185 goto nla_put_failure;
8186 if ((!is_zero_ether_addr(res->bssid) &&
8187 nla_put(msg, NL80211_BSS_BSSID, ETH_ALEN, res->bssid)))
8188 goto nla_put_failure;
8191 /* indicate whether we have probe response data or not */
8192 if (rcu_access_pointer(res->proberesp_ies) &&
8193 nla_put_flag(msg, NL80211_BSS_PRESP_DATA))
8194 goto fail_unlock_rcu;
8196 /* this pointer prefers to be pointed to probe response data
8197 * but is always valid
8199 ies = rcu_dereference(res->ies);
8201 if (nla_put_u64_64bit(msg, NL80211_BSS_TSF, ies->tsf,
8203 goto fail_unlock_rcu;
8204 if (ies->len && nla_put(msg, NL80211_BSS_INFORMATION_ELEMENTS,
8205 ies->len, ies->data))
8206 goto fail_unlock_rcu;
8209 /* and this pointer is always (unless driver didn't know) beacon data */
8210 ies = rcu_dereference(res->beacon_ies);
8211 if (ies && ies->from_beacon) {
8212 if (nla_put_u64_64bit(msg, NL80211_BSS_BEACON_TSF, ies->tsf,
8214 goto fail_unlock_rcu;
8215 if (ies->len && nla_put(msg, NL80211_BSS_BEACON_IES,
8216 ies->len, ies->data))
8217 goto fail_unlock_rcu;
8221 if (res->beacon_interval &&
8222 nla_put_u16(msg, NL80211_BSS_BEACON_INTERVAL, res->beacon_interval))
8223 goto nla_put_failure;
8224 if (nla_put_u16(msg, NL80211_BSS_CAPABILITY, res->capability) ||
8225 nla_put_u32(msg, NL80211_BSS_FREQUENCY, res->channel->center_freq) ||
8226 nla_put_u32(msg, NL80211_BSS_CHAN_WIDTH, res->scan_width) ||
8227 nla_put_u32(msg, NL80211_BSS_SEEN_MS_AGO,
8228 jiffies_to_msecs(jiffies - intbss->ts)))
8229 goto nla_put_failure;
8231 if (intbss->parent_tsf &&
8232 (nla_put_u64_64bit(msg, NL80211_BSS_PARENT_TSF,
8233 intbss->parent_tsf, NL80211_BSS_PAD) ||
8234 nla_put(msg, NL80211_BSS_PARENT_BSSID, ETH_ALEN,
8235 intbss->parent_bssid)))
8236 goto nla_put_failure;
8238 if (intbss->ts_boottime &&
8239 nla_put_u64_64bit(msg, NL80211_BSS_LAST_SEEN_BOOTTIME,
8240 intbss->ts_boottime, NL80211_BSS_PAD))
8241 goto nla_put_failure;
8243 if (!nl80211_put_signal(msg, intbss->pub.chains,
8244 intbss->pub.chain_signal,
8245 NL80211_BSS_CHAIN_SIGNAL))
8246 goto nla_put_failure;
8248 switch (rdev->wiphy.signal_type) {
8249 case CFG80211_SIGNAL_TYPE_MBM:
8250 if (nla_put_u32(msg, NL80211_BSS_SIGNAL_MBM, res->signal))
8251 goto nla_put_failure;
8253 case CFG80211_SIGNAL_TYPE_UNSPEC:
8254 if (nla_put_u8(msg, NL80211_BSS_SIGNAL_UNSPEC, res->signal))
8255 goto nla_put_failure;
8261 switch (wdev->iftype) {
8262 case NL80211_IFTYPE_P2P_CLIENT:
8263 case NL80211_IFTYPE_STATION:
8264 if (intbss == wdev->current_bss &&
8265 nla_put_u32(msg, NL80211_BSS_STATUS,
8266 NL80211_BSS_STATUS_ASSOCIATED))
8267 goto nla_put_failure;
8269 case NL80211_IFTYPE_ADHOC:
8270 if (intbss == wdev->current_bss &&
8271 nla_put_u32(msg, NL80211_BSS_STATUS,
8272 NL80211_BSS_STATUS_IBSS_JOINED))
8273 goto nla_put_failure;
8279 nla_nest_end(msg, bss);
8281 genlmsg_end(msg, hdr);
8287 genlmsg_cancel(msg, hdr);
8291 static int nl80211_dump_scan(struct sk_buff *skb, struct netlink_callback *cb)
8293 struct cfg80211_registered_device *rdev;
8294 struct cfg80211_internal_bss *scan;
8295 struct wireless_dev *wdev;
8296 int start = cb->args[2], idx = 0;
8300 err = nl80211_prepare_wdev_dump(cb, &rdev, &wdev);
8307 spin_lock_bh(&rdev->bss_lock);
8310 * dump_scan will be called multiple times to break up the scan results
8311 * into multiple messages. It is unlikely that any more bss-es will be
8312 * expired after the first call, so only call only call this on the
8313 * first dump_scan invocation.
8316 cfg80211_bss_expire(rdev);
8318 cb->seq = rdev->bss_generation;
8320 list_for_each_entry(scan, &rdev->bss_list, list) {
8323 if (nl80211_send_bss(skb, cb,
8324 cb->nlh->nlmsg_seq, NLM_F_MULTI,
8325 rdev, wdev, scan) < 0) {
8331 spin_unlock_bh(&rdev->bss_lock);
8340 static int nl80211_send_survey(struct sk_buff *msg, u32 portid, u32 seq,
8341 int flags, struct net_device *dev,
8342 bool allow_radio_stats,
8343 struct survey_info *survey)
8346 struct nlattr *infoattr;
8348 /* skip radio stats if userspace didn't request them */
8349 if (!survey->channel && !allow_radio_stats)
8352 hdr = nl80211hdr_put(msg, portid, seq, flags,
8353 NL80211_CMD_NEW_SURVEY_RESULTS);
8357 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex))
8358 goto nla_put_failure;
8360 infoattr = nla_nest_start(msg, NL80211_ATTR_SURVEY_INFO);
8362 goto nla_put_failure;
8364 if (survey->channel &&
8365 nla_put_u32(msg, NL80211_SURVEY_INFO_FREQUENCY,
8366 survey->channel->center_freq))
8367 goto nla_put_failure;
8369 if ((survey->filled & SURVEY_INFO_NOISE_DBM) &&
8370 nla_put_u8(msg, NL80211_SURVEY_INFO_NOISE, survey->noise))
8371 goto nla_put_failure;
8372 if ((survey->filled & SURVEY_INFO_IN_USE) &&
8373 nla_put_flag(msg, NL80211_SURVEY_INFO_IN_USE))
8374 goto nla_put_failure;
8375 if ((survey->filled & SURVEY_INFO_TIME) &&
8376 nla_put_u64_64bit(msg, NL80211_SURVEY_INFO_TIME,
8377 survey->time, NL80211_SURVEY_INFO_PAD))
8378 goto nla_put_failure;
8379 if ((survey->filled & SURVEY_INFO_TIME_BUSY) &&
8380 nla_put_u64_64bit(msg, NL80211_SURVEY_INFO_TIME_BUSY,
8381 survey->time_busy, NL80211_SURVEY_INFO_PAD))
8382 goto nla_put_failure;
8383 if ((survey->filled & SURVEY_INFO_TIME_EXT_BUSY) &&
8384 nla_put_u64_64bit(msg, NL80211_SURVEY_INFO_TIME_EXT_BUSY,
8385 survey->time_ext_busy, NL80211_SURVEY_INFO_PAD))
8386 goto nla_put_failure;
8387 if ((survey->filled & SURVEY_INFO_TIME_RX) &&
8388 nla_put_u64_64bit(msg, NL80211_SURVEY_INFO_TIME_RX,
8389 survey->time_rx, NL80211_SURVEY_INFO_PAD))
8390 goto nla_put_failure;
8391 if ((survey->filled & SURVEY_INFO_TIME_TX) &&
8392 nla_put_u64_64bit(msg, NL80211_SURVEY_INFO_TIME_TX,
8393 survey->time_tx, NL80211_SURVEY_INFO_PAD))
8394 goto nla_put_failure;
8395 if ((survey->filled & SURVEY_INFO_TIME_SCAN) &&
8396 nla_put_u64_64bit(msg, NL80211_SURVEY_INFO_TIME_SCAN,
8397 survey->time_scan, NL80211_SURVEY_INFO_PAD))
8398 goto nla_put_failure;
8400 nla_nest_end(msg, infoattr);
8402 genlmsg_end(msg, hdr);
8406 genlmsg_cancel(msg, hdr);
8410 static int nl80211_dump_survey(struct sk_buff *skb, struct netlink_callback *cb)
8412 struct nlattr **attrbuf = genl_family_attrbuf(&nl80211_fam);
8413 struct survey_info survey;
8414 struct cfg80211_registered_device *rdev;
8415 struct wireless_dev *wdev;
8416 int survey_idx = cb->args[2];
8421 res = nl80211_prepare_wdev_dump(cb, &rdev, &wdev);
8425 /* prepare_wdev_dump parsed the attributes */
8426 radio_stats = attrbuf[NL80211_ATTR_SURVEY_RADIO_STATS];
8428 if (!wdev->netdev) {
8433 if (!rdev->ops->dump_survey) {
8439 res = rdev_dump_survey(rdev, wdev->netdev, survey_idx, &survey);
8445 /* don't send disabled channels, but do send non-channel data */
8446 if (survey.channel &&
8447 survey.channel->flags & IEEE80211_CHAN_DISABLED) {
8452 if (nl80211_send_survey(skb,
8453 NETLINK_CB(cb->skb).portid,
8454 cb->nlh->nlmsg_seq, NLM_F_MULTI,
8455 wdev->netdev, radio_stats, &survey) < 0)
8461 cb->args[2] = survey_idx;
8468 static bool nl80211_valid_wpa_versions(u32 wpa_versions)
8470 return !(wpa_versions & ~(NL80211_WPA_VERSION_1 |
8471 NL80211_WPA_VERSION_2));
8474 static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info)
8476 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8477 struct net_device *dev = info->user_ptr[1];
8478 struct ieee80211_channel *chan;
8479 const u8 *bssid, *ssid, *ie = NULL, *auth_data = NULL;
8480 int err, ssid_len, ie_len = 0, auth_data_len = 0;
8481 enum nl80211_auth_type auth_type;
8482 struct key_parse key;
8483 bool local_state_change;
8485 if (!info->attrs[NL80211_ATTR_MAC])
8488 if (!info->attrs[NL80211_ATTR_AUTH_TYPE])
8491 if (!info->attrs[NL80211_ATTR_SSID])
8494 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ])
8497 err = nl80211_parse_key(info, &key);
8502 if (key.type != -1 && key.type != NL80211_KEYTYPE_GROUP)
8504 if (!key.p.key || !key.p.key_len)
8506 if ((key.p.cipher != WLAN_CIPHER_SUITE_WEP40 ||
8507 key.p.key_len != WLAN_KEY_LEN_WEP40) &&
8508 (key.p.cipher != WLAN_CIPHER_SUITE_WEP104 ||
8509 key.p.key_len != WLAN_KEY_LEN_WEP104))
8522 for (i = 0; i < rdev->wiphy.n_cipher_suites; i++) {
8523 if (key.p.cipher == rdev->wiphy.cipher_suites[i]) {
8532 if (!rdev->ops->auth)
8535 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
8536 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
8539 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
8540 chan = nl80211_get_valid_chan(&rdev->wiphy,
8541 info->attrs[NL80211_ATTR_WIPHY_FREQ]);
8545 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
8546 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
8548 if (info->attrs[NL80211_ATTR_IE]) {
8549 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
8550 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
8553 auth_type = nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]);
8554 if (!nl80211_valid_auth_type(rdev, auth_type, NL80211_CMD_AUTHENTICATE))
8557 if ((auth_type == NL80211_AUTHTYPE_SAE ||
8558 auth_type == NL80211_AUTHTYPE_FILS_SK ||
8559 auth_type == NL80211_AUTHTYPE_FILS_SK_PFS ||
8560 auth_type == NL80211_AUTHTYPE_FILS_PK) &&
8561 !info->attrs[NL80211_ATTR_AUTH_DATA])
8564 if (info->attrs[NL80211_ATTR_AUTH_DATA]) {
8565 if (auth_type != NL80211_AUTHTYPE_SAE &&
8566 auth_type != NL80211_AUTHTYPE_FILS_SK &&
8567 auth_type != NL80211_AUTHTYPE_FILS_SK_PFS &&
8568 auth_type != NL80211_AUTHTYPE_FILS_PK)
8570 auth_data = nla_data(info->attrs[NL80211_ATTR_AUTH_DATA]);
8571 auth_data_len = nla_len(info->attrs[NL80211_ATTR_AUTH_DATA]);
8572 /* need to include at least Auth Transaction and Status Code */
8573 if (auth_data_len < 4)
8577 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE];
8580 * Since we no longer track auth state, ignore
8581 * requests to only change local state.
8583 if (local_state_change)
8586 wdev_lock(dev->ieee80211_ptr);
8587 err = cfg80211_mlme_auth(rdev, dev, chan, auth_type, bssid,
8588 ssid, ssid_len, ie, ie_len,
8589 key.p.key, key.p.key_len, key.idx,
8590 auth_data, auth_data_len);
8591 wdev_unlock(dev->ieee80211_ptr);
8595 static int validate_pae_over_nl80211(struct cfg80211_registered_device *rdev,
8596 struct genl_info *info)
8598 if (!info->attrs[NL80211_ATTR_SOCKET_OWNER]) {
8599 GENL_SET_ERR_MSG(info, "SOCKET_OWNER not set");
8603 if (!rdev->ops->tx_control_port ||
8604 !wiphy_ext_feature_isset(&rdev->wiphy,
8605 NL80211_EXT_FEATURE_CONTROL_PORT_OVER_NL80211))
8611 static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev,
8612 struct genl_info *info,
8613 struct cfg80211_crypto_settings *settings,
8616 memset(settings, 0, sizeof(*settings));
8618 settings->control_port = info->attrs[NL80211_ATTR_CONTROL_PORT];
8620 if (info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]) {
8623 proto = nla_get_u16(
8624 info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]);
8625 settings->control_port_ethertype = cpu_to_be16(proto);
8626 if (!(rdev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) &&
8629 if (info->attrs[NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT])
8630 settings->control_port_no_encrypt = true;
8632 settings->control_port_ethertype = cpu_to_be16(ETH_P_PAE);
8634 if (info->attrs[NL80211_ATTR_CONTROL_PORT_OVER_NL80211]) {
8635 int r = validate_pae_over_nl80211(rdev, info);
8640 settings->control_port_over_nl80211 = true;
8643 if (info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]) {
8647 data = nla_data(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]);
8648 len = nla_len(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]);
8649 settings->n_ciphers_pairwise = len / sizeof(u32);
8651 if (len % sizeof(u32))
8654 if (settings->n_ciphers_pairwise > cipher_limit)
8657 memcpy(settings->ciphers_pairwise, data, len);
8659 for (i = 0; i < settings->n_ciphers_pairwise; i++)
8660 if (!cfg80211_supported_cipher_suite(
8662 settings->ciphers_pairwise[i]))
8666 if (info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]) {
8667 settings->cipher_group =
8668 nla_get_u32(info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]);
8669 if (!cfg80211_supported_cipher_suite(&rdev->wiphy,
8670 settings->cipher_group))
8674 if (info->attrs[NL80211_ATTR_WPA_VERSIONS]) {
8675 settings->wpa_versions =
8676 nla_get_u32(info->attrs[NL80211_ATTR_WPA_VERSIONS]);
8677 if (!nl80211_valid_wpa_versions(settings->wpa_versions))
8681 if (info->attrs[NL80211_ATTR_AKM_SUITES]) {
8685 data = nla_data(info->attrs[NL80211_ATTR_AKM_SUITES]);
8686 len = nla_len(info->attrs[NL80211_ATTR_AKM_SUITES]);
8687 settings->n_akm_suites = len / sizeof(u32);
8689 if (len % sizeof(u32))
8692 if (settings->n_akm_suites > NL80211_MAX_NR_AKM_SUITES)
8695 memcpy(settings->akm_suites, data, len);
8698 if (info->attrs[NL80211_ATTR_PMK]) {
8699 if (nla_len(info->attrs[NL80211_ATTR_PMK]) != WLAN_PMK_LEN)
8701 if (!wiphy_ext_feature_isset(&rdev->wiphy,
8702 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_PSK))
8704 settings->psk = nla_data(info->attrs[NL80211_ATTR_PMK]);
8710 static int nl80211_associate(struct sk_buff *skb, struct genl_info *info)
8712 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8713 struct net_device *dev = info->user_ptr[1];
8714 struct ieee80211_channel *chan;
8715 struct cfg80211_assoc_request req = {};
8716 const u8 *bssid, *ssid;
8717 int err, ssid_len = 0;
8719 if (dev->ieee80211_ptr->conn_owner_nlportid &&
8720 dev->ieee80211_ptr->conn_owner_nlportid != info->snd_portid)
8723 if (!info->attrs[NL80211_ATTR_MAC] ||
8724 !info->attrs[NL80211_ATTR_SSID] ||
8725 !info->attrs[NL80211_ATTR_WIPHY_FREQ])
8728 if (!rdev->ops->assoc)
8731 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
8732 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
8735 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
8737 chan = nl80211_get_valid_chan(&rdev->wiphy,
8738 info->attrs[NL80211_ATTR_WIPHY_FREQ]);
8742 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
8743 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
8745 if (info->attrs[NL80211_ATTR_IE]) {
8746 req.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
8747 req.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
8750 if (info->attrs[NL80211_ATTR_USE_MFP]) {
8751 enum nl80211_mfp mfp =
8752 nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]);
8753 if (mfp == NL80211_MFP_REQUIRED)
8755 else if (mfp != NL80211_MFP_NO)
8759 if (info->attrs[NL80211_ATTR_PREV_BSSID])
8760 req.prev_bssid = nla_data(info->attrs[NL80211_ATTR_PREV_BSSID]);
8762 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_HT]))
8763 req.flags |= ASSOC_REQ_DISABLE_HT;
8765 if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
8766 memcpy(&req.ht_capa_mask,
8767 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]),
8768 sizeof(req.ht_capa_mask));
8770 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) {
8771 if (!info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
8773 memcpy(&req.ht_capa,
8774 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]),
8775 sizeof(req.ht_capa));
8778 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_VHT]))
8779 req.flags |= ASSOC_REQ_DISABLE_VHT;
8781 if (info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK])
8782 memcpy(&req.vht_capa_mask,
8783 nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK]),
8784 sizeof(req.vht_capa_mask));
8786 if (info->attrs[NL80211_ATTR_VHT_CAPABILITY]) {
8787 if (!info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK])
8789 memcpy(&req.vht_capa,
8790 nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY]),
8791 sizeof(req.vht_capa));
8794 if (nla_get_flag(info->attrs[NL80211_ATTR_USE_RRM])) {
8795 if (!((rdev->wiphy.features &
8796 NL80211_FEATURE_DS_PARAM_SET_IE_IN_PROBES) &&
8797 (rdev->wiphy.features & NL80211_FEATURE_QUIET)) &&
8798 !wiphy_ext_feature_isset(&rdev->wiphy,
8799 NL80211_EXT_FEATURE_RRM))
8801 req.flags |= ASSOC_REQ_USE_RRM;
8804 if (info->attrs[NL80211_ATTR_FILS_KEK]) {
8805 req.fils_kek = nla_data(info->attrs[NL80211_ATTR_FILS_KEK]);
8806 req.fils_kek_len = nla_len(info->attrs[NL80211_ATTR_FILS_KEK]);
8807 if (!info->attrs[NL80211_ATTR_FILS_NONCES])
8810 nla_data(info->attrs[NL80211_ATTR_FILS_NONCES]);
8813 err = nl80211_crypto_settings(rdev, info, &req.crypto, 1);
8815 wdev_lock(dev->ieee80211_ptr);
8817 err = cfg80211_mlme_assoc(rdev, dev, chan, bssid,
8818 ssid, ssid_len, &req);
8820 if (!err && info->attrs[NL80211_ATTR_SOCKET_OWNER]) {
8821 dev->ieee80211_ptr->conn_owner_nlportid =
8823 memcpy(dev->ieee80211_ptr->disconnect_bssid,
8827 wdev_unlock(dev->ieee80211_ptr);
8833 static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info)
8835 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8836 struct net_device *dev = info->user_ptr[1];
8837 const u8 *ie = NULL, *bssid;
8838 int ie_len = 0, err;
8840 bool local_state_change;
8842 if (dev->ieee80211_ptr->conn_owner_nlportid &&
8843 dev->ieee80211_ptr->conn_owner_nlportid != info->snd_portid)
8846 if (!info->attrs[NL80211_ATTR_MAC])
8849 if (!info->attrs[NL80211_ATTR_REASON_CODE])
8852 if (!rdev->ops->deauth)
8855 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
8856 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
8859 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
8861 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
8862 if (reason_code == 0) {
8863 /* Reason Code 0 is reserved */
8867 if (info->attrs[NL80211_ATTR_IE]) {
8868 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
8869 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
8872 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE];
8874 wdev_lock(dev->ieee80211_ptr);
8875 err = cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason_code,
8876 local_state_change);
8877 wdev_unlock(dev->ieee80211_ptr);
8881 static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info)
8883 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8884 struct net_device *dev = info->user_ptr[1];
8885 const u8 *ie = NULL, *bssid;
8886 int ie_len = 0, err;
8888 bool local_state_change;
8890 if (dev->ieee80211_ptr->conn_owner_nlportid &&
8891 dev->ieee80211_ptr->conn_owner_nlportid != info->snd_portid)
8894 if (!info->attrs[NL80211_ATTR_MAC])
8897 if (!info->attrs[NL80211_ATTR_REASON_CODE])
8900 if (!rdev->ops->disassoc)
8903 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
8904 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
8907 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
8909 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
8910 if (reason_code == 0) {
8911 /* Reason Code 0 is reserved */
8915 if (info->attrs[NL80211_ATTR_IE]) {
8916 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
8917 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
8920 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE];
8922 wdev_lock(dev->ieee80211_ptr);
8923 err = cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason_code,
8924 local_state_change);
8925 wdev_unlock(dev->ieee80211_ptr);
8930 nl80211_parse_mcast_rate(struct cfg80211_registered_device *rdev,
8931 int mcast_rate[NUM_NL80211_BANDS],
8934 struct wiphy *wiphy = &rdev->wiphy;
8938 for (band = 0; band < NUM_NL80211_BANDS; band++) {
8939 struct ieee80211_supported_band *sband;
8941 sband = wiphy->bands[band];
8945 for (i = 0; i < sband->n_bitrates; i++) {
8946 if (sband->bitrates[i].bitrate == rateval) {
8947 mcast_rate[band] = i + 1;
8957 static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info)
8959 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8960 struct net_device *dev = info->user_ptr[1];
8961 struct cfg80211_ibss_params ibss;
8962 struct wiphy *wiphy;
8963 struct cfg80211_cached_keys *connkeys = NULL;
8966 memset(&ibss, 0, sizeof(ibss));
8968 if (!info->attrs[NL80211_ATTR_SSID] ||
8969 !nla_len(info->attrs[NL80211_ATTR_SSID]))
8972 ibss.beacon_interval = 100;
8974 if (info->attrs[NL80211_ATTR_BEACON_INTERVAL])
8975 ibss.beacon_interval =
8976 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]);
8978 err = cfg80211_validate_beacon_int(rdev, NL80211_IFTYPE_ADHOC,
8979 ibss.beacon_interval);
8983 if (!rdev->ops->join_ibss)
8986 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC)
8989 wiphy = &rdev->wiphy;
8991 if (info->attrs[NL80211_ATTR_MAC]) {
8992 ibss.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
8994 if (!is_valid_ether_addr(ibss.bssid))
8997 ibss.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
8998 ibss.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
9000 if (info->attrs[NL80211_ATTR_IE]) {
9001 ibss.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
9002 ibss.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
9005 err = nl80211_parse_chandef(rdev, info, &ibss.chandef);
9009 if (!cfg80211_reg_can_beacon(&rdev->wiphy, &ibss.chandef,
9010 NL80211_IFTYPE_ADHOC))
9013 switch (ibss.chandef.width) {
9014 case NL80211_CHAN_WIDTH_5:
9015 case NL80211_CHAN_WIDTH_10:
9016 case NL80211_CHAN_WIDTH_20_NOHT:
9018 case NL80211_CHAN_WIDTH_20:
9019 case NL80211_CHAN_WIDTH_40:
9020 if (!(rdev->wiphy.features & NL80211_FEATURE_HT_IBSS))
9023 case NL80211_CHAN_WIDTH_80:
9024 case NL80211_CHAN_WIDTH_80P80:
9025 case NL80211_CHAN_WIDTH_160:
9026 if (!(rdev->wiphy.features & NL80211_FEATURE_HT_IBSS))
9028 if (!wiphy_ext_feature_isset(&rdev->wiphy,
9029 NL80211_EXT_FEATURE_VHT_IBSS))
9036 ibss.channel_fixed = !!info->attrs[NL80211_ATTR_FREQ_FIXED];
9037 ibss.privacy = !!info->attrs[NL80211_ATTR_PRIVACY];
9039 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) {
9041 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
9043 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
9044 struct ieee80211_supported_band *sband =
9045 wiphy->bands[ibss.chandef.chan->band];
9047 err = ieee80211_get_ratemask(sband, rates, n_rates,
9053 if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
9054 memcpy(&ibss.ht_capa_mask,
9055 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]),
9056 sizeof(ibss.ht_capa_mask));
9058 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) {
9059 if (!info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
9061 memcpy(&ibss.ht_capa,
9062 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]),
9063 sizeof(ibss.ht_capa));
9066 if (info->attrs[NL80211_ATTR_MCAST_RATE] &&
9067 !nl80211_parse_mcast_rate(rdev, ibss.mcast_rate,
9068 nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE])))
9071 if (ibss.privacy && info->attrs[NL80211_ATTR_KEYS]) {
9074 connkeys = nl80211_parse_connkeys(rdev, info, &no_ht);
9075 if (IS_ERR(connkeys))
9076 return PTR_ERR(connkeys);
9078 if ((ibss.chandef.width != NL80211_CHAN_WIDTH_20_NOHT) &&
9086 nla_get_flag(info->attrs[NL80211_ATTR_CONTROL_PORT]);
9088 if (info->attrs[NL80211_ATTR_CONTROL_PORT_OVER_NL80211]) {
9089 int r = validate_pae_over_nl80211(rdev, info);
9094 ibss.control_port_over_nl80211 = true;
9097 ibss.userspace_handles_dfs =
9098 nla_get_flag(info->attrs[NL80211_ATTR_HANDLE_DFS]);
9100 wdev_lock(dev->ieee80211_ptr);
9101 err = __cfg80211_join_ibss(rdev, dev, &ibss, connkeys);
9104 else if (info->attrs[NL80211_ATTR_SOCKET_OWNER])
9105 dev->ieee80211_ptr->conn_owner_nlportid = info->snd_portid;
9106 wdev_unlock(dev->ieee80211_ptr);
9111 static int nl80211_leave_ibss(struct sk_buff *skb, struct genl_info *info)
9113 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9114 struct net_device *dev = info->user_ptr[1];
9116 if (!rdev->ops->leave_ibss)
9119 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC)
9122 return cfg80211_leave_ibss(rdev, dev, false);
9125 static int nl80211_set_mcast_rate(struct sk_buff *skb, struct genl_info *info)
9127 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9128 struct net_device *dev = info->user_ptr[1];
9129 int mcast_rate[NUM_NL80211_BANDS];
9133 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC &&
9134 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT &&
9135 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_OCB)
9138 if (!rdev->ops->set_mcast_rate)
9141 memset(mcast_rate, 0, sizeof(mcast_rate));
9143 if (!info->attrs[NL80211_ATTR_MCAST_RATE])
9146 nla_rate = nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE]);
9147 if (!nl80211_parse_mcast_rate(rdev, mcast_rate, nla_rate))
9150 err = rdev_set_mcast_rate(rdev, dev, mcast_rate);
9155 static struct sk_buff *
9156 __cfg80211_alloc_vendor_skb(struct cfg80211_registered_device *rdev,
9157 struct wireless_dev *wdev, int approxlen,
9158 u32 portid, u32 seq, enum nl80211_commands cmd,
9159 enum nl80211_attrs attr,
9160 const struct nl80211_vendor_cmd_info *info,
9163 struct sk_buff *skb;
9165 struct nlattr *data;
9167 skb = nlmsg_new(approxlen + 100, gfp);
9171 hdr = nl80211hdr_put(skb, portid, seq, 0, cmd);
9177 if (nla_put_u32(skb, NL80211_ATTR_WIPHY, rdev->wiphy_idx))
9178 goto nla_put_failure;
9181 if (nla_put_u32(skb, NL80211_ATTR_VENDOR_ID,
9183 goto nla_put_failure;
9184 if (nla_put_u32(skb, NL80211_ATTR_VENDOR_SUBCMD,
9186 goto nla_put_failure;
9190 if (nla_put_u64_64bit(skb, NL80211_ATTR_WDEV,
9191 wdev_id(wdev), NL80211_ATTR_PAD))
9192 goto nla_put_failure;
9194 nla_put_u32(skb, NL80211_ATTR_IFINDEX,
9195 wdev->netdev->ifindex))
9196 goto nla_put_failure;
9199 data = nla_nest_start(skb, attr);
9201 goto nla_put_failure;
9203 ((void **)skb->cb)[0] = rdev;
9204 ((void **)skb->cb)[1] = hdr;
9205 ((void **)skb->cb)[2] = data;
9214 struct sk_buff *__cfg80211_alloc_event_skb(struct wiphy *wiphy,
9215 struct wireless_dev *wdev,
9216 enum nl80211_commands cmd,
9217 enum nl80211_attrs attr,
9218 int vendor_event_idx,
9219 int approxlen, gfp_t gfp)
9221 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
9222 const struct nl80211_vendor_cmd_info *info;
9225 case NL80211_CMD_TESTMODE:
9226 if (WARN_ON(vendor_event_idx != -1))
9230 case NL80211_CMD_VENDOR:
9231 if (WARN_ON(vendor_event_idx < 0 ||
9232 vendor_event_idx >= wiphy->n_vendor_events))
9234 info = &wiphy->vendor_events[vendor_event_idx];
9241 return __cfg80211_alloc_vendor_skb(rdev, wdev, approxlen, 0, 0,
9242 cmd, attr, info, gfp);
9244 EXPORT_SYMBOL(__cfg80211_alloc_event_skb);
9246 void __cfg80211_send_event_skb(struct sk_buff *skb, gfp_t gfp)
9248 struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0];
9249 void *hdr = ((void **)skb->cb)[1];
9250 struct nlattr *data = ((void **)skb->cb)[2];
9251 enum nl80211_multicast_groups mcgrp = NL80211_MCGRP_TESTMODE;
9253 /* clear CB data for netlink core to own from now on */
9254 memset(skb->cb, 0, sizeof(skb->cb));
9256 nla_nest_end(skb, data);
9257 genlmsg_end(skb, hdr);
9259 if (data->nla_type == NL80211_ATTR_VENDOR_DATA)
9260 mcgrp = NL80211_MCGRP_VENDOR;
9262 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), skb, 0,
9265 EXPORT_SYMBOL(__cfg80211_send_event_skb);
9267 #ifdef CONFIG_NL80211_TESTMODE
9268 static int nl80211_testmode_do(struct sk_buff *skb, struct genl_info *info)
9270 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9271 struct wireless_dev *wdev =
9272 __cfg80211_wdev_from_attrs(genl_info_net(info), info->attrs);
9275 if (!rdev->ops->testmode_cmd)
9279 err = PTR_ERR(wdev);
9283 } else if (wdev->wiphy != &rdev->wiphy) {
9287 if (!info->attrs[NL80211_ATTR_TESTDATA])
9290 rdev->cur_cmd_info = info;
9291 err = rdev_testmode_cmd(rdev, wdev,
9292 nla_data(info->attrs[NL80211_ATTR_TESTDATA]),
9293 nla_len(info->attrs[NL80211_ATTR_TESTDATA]));
9294 rdev->cur_cmd_info = NULL;
9299 static int nl80211_testmode_dump(struct sk_buff *skb,
9300 struct netlink_callback *cb)
9302 struct cfg80211_registered_device *rdev;
9312 * 0 is a valid index, but not valid for args[0],
9313 * so we need to offset by 1.
9315 phy_idx = cb->args[0] - 1;
9317 rdev = cfg80211_rdev_by_wiphy_idx(phy_idx);
9323 struct nlattr **attrbuf = genl_family_attrbuf(&nl80211_fam);
9325 err = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize,
9326 attrbuf, nl80211_fam.maxattr,
9327 nl80211_policy, NULL);
9331 rdev = __cfg80211_rdev_from_attrs(sock_net(skb->sk), attrbuf);
9333 err = PTR_ERR(rdev);
9336 phy_idx = rdev->wiphy_idx;
9338 if (attrbuf[NL80211_ATTR_TESTDATA])
9339 cb->args[1] = (long)attrbuf[NL80211_ATTR_TESTDATA];
9343 data = nla_data((void *)cb->args[1]);
9344 data_len = nla_len((void *)cb->args[1]);
9347 if (!rdev->ops->testmode_dump) {
9353 void *hdr = nl80211hdr_put(skb, NETLINK_CB(cb->skb).portid,
9354 cb->nlh->nlmsg_seq, NLM_F_MULTI,
9355 NL80211_CMD_TESTMODE);
9356 struct nlattr *tmdata;
9361 if (nla_put_u32(skb, NL80211_ATTR_WIPHY, phy_idx)) {
9362 genlmsg_cancel(skb, hdr);
9366 tmdata = nla_nest_start(skb, NL80211_ATTR_TESTDATA);
9368 genlmsg_cancel(skb, hdr);
9371 err = rdev_testmode_dump(rdev, skb, cb, data, data_len);
9372 nla_nest_end(skb, tmdata);
9374 if (err == -ENOBUFS || err == -ENOENT) {
9375 genlmsg_cancel(skb, hdr);
9378 genlmsg_cancel(skb, hdr);
9382 genlmsg_end(skb, hdr);
9387 cb->args[0] = phy_idx + 1;
9394 static int nl80211_connect(struct sk_buff *skb, struct genl_info *info)
9396 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9397 struct net_device *dev = info->user_ptr[1];
9398 struct cfg80211_connect_params connect;
9399 struct wiphy *wiphy;
9400 struct cfg80211_cached_keys *connkeys = NULL;
9403 memset(&connect, 0, sizeof(connect));
9405 if (!info->attrs[NL80211_ATTR_SSID] ||
9406 !nla_len(info->attrs[NL80211_ATTR_SSID]))
9409 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) {
9411 nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]);
9412 if (!nl80211_valid_auth_type(rdev, connect.auth_type,
9413 NL80211_CMD_CONNECT))
9416 connect.auth_type = NL80211_AUTHTYPE_AUTOMATIC;
9418 connect.privacy = info->attrs[NL80211_ATTR_PRIVACY];
9420 if (info->attrs[NL80211_ATTR_WANT_1X_4WAY_HS] &&
9421 !wiphy_ext_feature_isset(&rdev->wiphy,
9422 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X))
9424 connect.want_1x = info->attrs[NL80211_ATTR_WANT_1X_4WAY_HS];
9426 err = nl80211_crypto_settings(rdev, info, &connect.crypto,
9427 NL80211_MAX_NR_CIPHER_SUITES);
9431 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
9432 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
9435 wiphy = &rdev->wiphy;
9437 connect.bg_scan_period = -1;
9438 if (info->attrs[NL80211_ATTR_BG_SCAN_PERIOD] &&
9439 (wiphy->flags & WIPHY_FLAG_SUPPORTS_FW_ROAM)) {
9440 connect.bg_scan_period =
9441 nla_get_u16(info->attrs[NL80211_ATTR_BG_SCAN_PERIOD]);
9444 if (info->attrs[NL80211_ATTR_MAC])
9445 connect.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
9446 else if (info->attrs[NL80211_ATTR_MAC_HINT])
9447 connect.bssid_hint =
9448 nla_data(info->attrs[NL80211_ATTR_MAC_HINT]);
9449 connect.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
9450 connect.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
9452 if (info->attrs[NL80211_ATTR_IE]) {
9453 connect.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
9454 connect.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
9457 if (info->attrs[NL80211_ATTR_USE_MFP]) {
9458 connect.mfp = nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]);
9459 if (connect.mfp == NL80211_MFP_OPTIONAL &&
9460 !wiphy_ext_feature_isset(&rdev->wiphy,
9461 NL80211_EXT_FEATURE_MFP_OPTIONAL))
9464 connect.mfp = NL80211_MFP_NO;
9467 if (info->attrs[NL80211_ATTR_PREV_BSSID])
9468 connect.prev_bssid =
9469 nla_data(info->attrs[NL80211_ATTR_PREV_BSSID]);
9471 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
9472 connect.channel = nl80211_get_valid_chan(
9473 wiphy, info->attrs[NL80211_ATTR_WIPHY_FREQ]);
9474 if (!connect.channel)
9476 } else if (info->attrs[NL80211_ATTR_WIPHY_FREQ_HINT]) {
9477 connect.channel_hint = nl80211_get_valid_chan(
9478 wiphy, info->attrs[NL80211_ATTR_WIPHY_FREQ_HINT]);
9479 if (!connect.channel_hint)
9483 if (connect.privacy && info->attrs[NL80211_ATTR_KEYS]) {
9484 connkeys = nl80211_parse_connkeys(rdev, info, NULL);
9485 if (IS_ERR(connkeys))
9486 return PTR_ERR(connkeys);
9489 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_HT]))
9490 connect.flags |= ASSOC_REQ_DISABLE_HT;
9492 if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
9493 memcpy(&connect.ht_capa_mask,
9494 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]),
9495 sizeof(connect.ht_capa_mask));
9497 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) {
9498 if (!info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]) {
9502 memcpy(&connect.ht_capa,
9503 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]),
9504 sizeof(connect.ht_capa));
9507 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_VHT]))
9508 connect.flags |= ASSOC_REQ_DISABLE_VHT;
9510 if (info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK])
9511 memcpy(&connect.vht_capa_mask,
9512 nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK]),
9513 sizeof(connect.vht_capa_mask));
9515 if (info->attrs[NL80211_ATTR_VHT_CAPABILITY]) {
9516 if (!info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK]) {
9520 memcpy(&connect.vht_capa,
9521 nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY]),
9522 sizeof(connect.vht_capa));
9525 if (nla_get_flag(info->attrs[NL80211_ATTR_USE_RRM])) {
9526 if (!((rdev->wiphy.features &
9527 NL80211_FEATURE_DS_PARAM_SET_IE_IN_PROBES) &&
9528 (rdev->wiphy.features & NL80211_FEATURE_QUIET)) &&
9529 !wiphy_ext_feature_isset(&rdev->wiphy,
9530 NL80211_EXT_FEATURE_RRM)) {
9534 connect.flags |= ASSOC_REQ_USE_RRM;
9537 connect.pbss = nla_get_flag(info->attrs[NL80211_ATTR_PBSS]);
9538 if (connect.pbss && !rdev->wiphy.bands[NL80211_BAND_60GHZ]) {
9543 if (info->attrs[NL80211_ATTR_BSS_SELECT]) {
9544 /* bss selection makes no sense if bssid is set */
9545 if (connect.bssid) {
9550 err = parse_bss_select(info->attrs[NL80211_ATTR_BSS_SELECT],
9551 wiphy, &connect.bss_select);
9558 if (wiphy_ext_feature_isset(&rdev->wiphy,
9559 NL80211_EXT_FEATURE_FILS_SK_OFFLOAD) &&
9560 info->attrs[NL80211_ATTR_FILS_ERP_USERNAME] &&
9561 info->attrs[NL80211_ATTR_FILS_ERP_REALM] &&
9562 info->attrs[NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM] &&
9563 info->attrs[NL80211_ATTR_FILS_ERP_RRK]) {
9564 connect.fils_erp_username =
9565 nla_data(info->attrs[NL80211_ATTR_FILS_ERP_USERNAME]);
9566 connect.fils_erp_username_len =
9567 nla_len(info->attrs[NL80211_ATTR_FILS_ERP_USERNAME]);
9568 connect.fils_erp_realm =
9569 nla_data(info->attrs[NL80211_ATTR_FILS_ERP_REALM]);
9570 connect.fils_erp_realm_len =
9571 nla_len(info->attrs[NL80211_ATTR_FILS_ERP_REALM]);
9572 connect.fils_erp_next_seq_num =
9574 info->attrs[NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM]);
9575 connect.fils_erp_rrk =
9576 nla_data(info->attrs[NL80211_ATTR_FILS_ERP_RRK]);
9577 connect.fils_erp_rrk_len =
9578 nla_len(info->attrs[NL80211_ATTR_FILS_ERP_RRK]);
9579 } else if (info->attrs[NL80211_ATTR_FILS_ERP_USERNAME] ||
9580 info->attrs[NL80211_ATTR_FILS_ERP_REALM] ||
9581 info->attrs[NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM] ||
9582 info->attrs[NL80211_ATTR_FILS_ERP_RRK]) {
9587 if (nla_get_flag(info->attrs[NL80211_ATTR_EXTERNAL_AUTH_SUPPORT])) {
9588 if (!info->attrs[NL80211_ATTR_SOCKET_OWNER]) {
9590 GENL_SET_ERR_MSG(info,
9591 "external auth requires connection ownership");
9594 connect.flags |= CONNECT_REQ_EXTERNAL_AUTH_SUPPORT;
9597 wdev_lock(dev->ieee80211_ptr);
9599 err = cfg80211_connect(rdev, dev, &connect, connkeys,
9600 connect.prev_bssid);
9604 if (!err && info->attrs[NL80211_ATTR_SOCKET_OWNER]) {
9605 dev->ieee80211_ptr->conn_owner_nlportid = info->snd_portid;
9607 memcpy(dev->ieee80211_ptr->disconnect_bssid,
9608 connect.bssid, ETH_ALEN);
9610 memset(dev->ieee80211_ptr->disconnect_bssid,
9614 wdev_unlock(dev->ieee80211_ptr);
9619 static int nl80211_update_connect_params(struct sk_buff *skb,
9620 struct genl_info *info)
9622 struct cfg80211_connect_params connect = {};
9623 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9624 struct net_device *dev = info->user_ptr[1];
9625 struct wireless_dev *wdev = dev->ieee80211_ptr;
9626 bool fils_sk_offload;
9631 if (!rdev->ops->update_connect_params)
9634 if (info->attrs[NL80211_ATTR_IE]) {
9635 connect.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
9636 connect.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
9637 changed |= UPDATE_ASSOC_IES;
9640 fils_sk_offload = wiphy_ext_feature_isset(&rdev->wiphy,
9641 NL80211_EXT_FEATURE_FILS_SK_OFFLOAD);
9644 * when driver supports fils-sk offload all attributes must be
9645 * provided. So the else covers "fils-sk-not-all" and
9648 if (fils_sk_offload &&
9649 info->attrs[NL80211_ATTR_FILS_ERP_USERNAME] &&
9650 info->attrs[NL80211_ATTR_FILS_ERP_REALM] &&
9651 info->attrs[NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM] &&
9652 info->attrs[NL80211_ATTR_FILS_ERP_RRK]) {
9653 connect.fils_erp_username =
9654 nla_data(info->attrs[NL80211_ATTR_FILS_ERP_USERNAME]);
9655 connect.fils_erp_username_len =
9656 nla_len(info->attrs[NL80211_ATTR_FILS_ERP_USERNAME]);
9657 connect.fils_erp_realm =
9658 nla_data(info->attrs[NL80211_ATTR_FILS_ERP_REALM]);
9659 connect.fils_erp_realm_len =
9660 nla_len(info->attrs[NL80211_ATTR_FILS_ERP_REALM]);
9661 connect.fils_erp_next_seq_num =
9663 info->attrs[NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM]);
9664 connect.fils_erp_rrk =
9665 nla_data(info->attrs[NL80211_ATTR_FILS_ERP_RRK]);
9666 connect.fils_erp_rrk_len =
9667 nla_len(info->attrs[NL80211_ATTR_FILS_ERP_RRK]);
9668 changed |= UPDATE_FILS_ERP_INFO;
9669 } else if (info->attrs[NL80211_ATTR_FILS_ERP_USERNAME] ||
9670 info->attrs[NL80211_ATTR_FILS_ERP_REALM] ||
9671 info->attrs[NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM] ||
9672 info->attrs[NL80211_ATTR_FILS_ERP_RRK]) {
9676 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) {
9677 auth_type = nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]);
9678 if (!nl80211_valid_auth_type(rdev, auth_type,
9679 NL80211_CMD_CONNECT))
9682 if (auth_type == NL80211_AUTHTYPE_FILS_SK &&
9683 fils_sk_offload && !(changed & UPDATE_FILS_ERP_INFO))
9686 connect.auth_type = auth_type;
9687 changed |= UPDATE_AUTH_TYPE;
9690 wdev_lock(dev->ieee80211_ptr);
9691 if (!wdev->current_bss)
9694 ret = rdev_update_connect_params(rdev, dev, &connect, changed);
9695 wdev_unlock(dev->ieee80211_ptr);
9700 static int nl80211_disconnect(struct sk_buff *skb, struct genl_info *info)
9702 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9703 struct net_device *dev = info->user_ptr[1];
9707 if (dev->ieee80211_ptr->conn_owner_nlportid &&
9708 dev->ieee80211_ptr->conn_owner_nlportid != info->snd_portid)
9711 if (!info->attrs[NL80211_ATTR_REASON_CODE])
9712 reason = WLAN_REASON_DEAUTH_LEAVING;
9714 reason = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
9719 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
9720 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
9723 wdev_lock(dev->ieee80211_ptr);
9724 ret = cfg80211_disconnect(rdev, dev, reason, true);
9725 wdev_unlock(dev->ieee80211_ptr);
9729 static int nl80211_wiphy_netns(struct sk_buff *skb, struct genl_info *info)
9731 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9735 if (info->attrs[NL80211_ATTR_PID]) {
9736 u32 pid = nla_get_u32(info->attrs[NL80211_ATTR_PID]);
9738 net = get_net_ns_by_pid(pid);
9739 } else if (info->attrs[NL80211_ATTR_NETNS_FD]) {
9740 u32 fd = nla_get_u32(info->attrs[NL80211_ATTR_NETNS_FD]);
9742 net = get_net_ns_by_fd(fd);
9748 return PTR_ERR(net);
9752 /* check if anything to do */
9753 if (!net_eq(wiphy_net(&rdev->wiphy), net))
9754 err = cfg80211_switch_netns(rdev, net);
9760 static int nl80211_setdel_pmksa(struct sk_buff *skb, struct genl_info *info)
9762 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9763 int (*rdev_ops)(struct wiphy *wiphy, struct net_device *dev,
9764 struct cfg80211_pmksa *pmksa) = NULL;
9765 struct net_device *dev = info->user_ptr[1];
9766 struct cfg80211_pmksa pmksa;
9768 memset(&pmksa, 0, sizeof(struct cfg80211_pmksa));
9770 if (!info->attrs[NL80211_ATTR_PMKID])
9773 pmksa.pmkid = nla_data(info->attrs[NL80211_ATTR_PMKID]);
9775 if (info->attrs[NL80211_ATTR_MAC]) {
9776 pmksa.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
9777 } else if (info->attrs[NL80211_ATTR_SSID] &&
9778 info->attrs[NL80211_ATTR_FILS_CACHE_ID] &&
9779 (info->genlhdr->cmd == NL80211_CMD_DEL_PMKSA ||
9780 info->attrs[NL80211_ATTR_PMK])) {
9781 pmksa.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
9782 pmksa.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
9784 nla_data(info->attrs[NL80211_ATTR_FILS_CACHE_ID]);
9788 if (info->attrs[NL80211_ATTR_PMK]) {
9789 pmksa.pmk = nla_data(info->attrs[NL80211_ATTR_PMK]);
9790 pmksa.pmk_len = nla_len(info->attrs[NL80211_ATTR_PMK]);
9793 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
9794 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
9797 switch (info->genlhdr->cmd) {
9798 case NL80211_CMD_SET_PMKSA:
9799 rdev_ops = rdev->ops->set_pmksa;
9801 case NL80211_CMD_DEL_PMKSA:
9802 rdev_ops = rdev->ops->del_pmksa;
9812 return rdev_ops(&rdev->wiphy, dev, &pmksa);
9815 static int nl80211_flush_pmksa(struct sk_buff *skb, struct genl_info *info)
9817 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9818 struct net_device *dev = info->user_ptr[1];
9820 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
9821 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
9824 if (!rdev->ops->flush_pmksa)
9827 return rdev_flush_pmksa(rdev, dev);
9830 static int nl80211_tdls_mgmt(struct sk_buff *skb, struct genl_info *info)
9832 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9833 struct net_device *dev = info->user_ptr[1];
9834 u8 action_code, dialog_token;
9835 u32 peer_capability = 0;
9840 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) ||
9841 !rdev->ops->tdls_mgmt)
9844 if (!info->attrs[NL80211_ATTR_TDLS_ACTION] ||
9845 !info->attrs[NL80211_ATTR_STATUS_CODE] ||
9846 !info->attrs[NL80211_ATTR_TDLS_DIALOG_TOKEN] ||
9847 !info->attrs[NL80211_ATTR_IE] ||
9848 !info->attrs[NL80211_ATTR_MAC])
9851 peer = nla_data(info->attrs[NL80211_ATTR_MAC]);
9852 action_code = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_ACTION]);
9853 status_code = nla_get_u16(info->attrs[NL80211_ATTR_STATUS_CODE]);
9854 dialog_token = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_DIALOG_TOKEN]);
9855 initiator = nla_get_flag(info->attrs[NL80211_ATTR_TDLS_INITIATOR]);
9856 if (info->attrs[NL80211_ATTR_TDLS_PEER_CAPABILITY])
9858 nla_get_u32(info->attrs[NL80211_ATTR_TDLS_PEER_CAPABILITY]);
9860 return rdev_tdls_mgmt(rdev, dev, peer, action_code,
9861 dialog_token, status_code, peer_capability,
9863 nla_data(info->attrs[NL80211_ATTR_IE]),
9864 nla_len(info->attrs[NL80211_ATTR_IE]));
9867 static int nl80211_tdls_oper(struct sk_buff *skb, struct genl_info *info)
9869 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9870 struct net_device *dev = info->user_ptr[1];
9871 enum nl80211_tdls_operation operation;
9874 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) ||
9875 !rdev->ops->tdls_oper)
9878 if (!info->attrs[NL80211_ATTR_TDLS_OPERATION] ||
9879 !info->attrs[NL80211_ATTR_MAC])
9882 operation = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_OPERATION]);
9883 peer = nla_data(info->attrs[NL80211_ATTR_MAC]);
9885 return rdev_tdls_oper(rdev, dev, peer, operation);
9888 static int nl80211_remain_on_channel(struct sk_buff *skb,
9889 struct genl_info *info)
9891 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9892 struct wireless_dev *wdev = info->user_ptr[1];
9893 struct cfg80211_chan_def chandef;
9894 const struct cfg80211_chan_def *compat_chandef;
9895 struct sk_buff *msg;
9901 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] ||
9902 !info->attrs[NL80211_ATTR_DURATION])
9905 duration = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]);
9907 if (!rdev->ops->remain_on_channel ||
9908 !(rdev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL))
9912 * We should be on that channel for at least a minimum amount of
9913 * time (10ms) but no longer than the driver supports.
9915 if (duration < NL80211_MIN_REMAIN_ON_CHANNEL_TIME ||
9916 duration > rdev->wiphy.max_remain_on_channel_duration)
9919 err = nl80211_parse_chandef(rdev, info, &chandef);
9924 if (!cfg80211_off_channel_oper_allowed(wdev) &&
9925 !cfg80211_chandef_identical(&wdev->chandef, &chandef)) {
9926 compat_chandef = cfg80211_chandef_compatible(&wdev->chandef,
9928 if (compat_chandef != &chandef) {
9935 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
9939 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
9940 NL80211_CMD_REMAIN_ON_CHANNEL);
9946 err = rdev_remain_on_channel(rdev, wdev, chandef.chan,
9952 if (nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, cookie,
9954 goto nla_put_failure;
9956 genlmsg_end(msg, hdr);
9958 return genlmsg_reply(msg, info);
9967 static int nl80211_cancel_remain_on_channel(struct sk_buff *skb,
9968 struct genl_info *info)
9970 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9971 struct wireless_dev *wdev = info->user_ptr[1];
9974 if (!info->attrs[NL80211_ATTR_COOKIE])
9977 if (!rdev->ops->cancel_remain_on_channel)
9980 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]);
9982 return rdev_cancel_remain_on_channel(rdev, wdev, cookie);
9985 static int nl80211_set_tx_bitrate_mask(struct sk_buff *skb,
9986 struct genl_info *info)
9988 struct cfg80211_bitrate_mask mask;
9989 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9990 struct net_device *dev = info->user_ptr[1];
9993 if (!rdev->ops->set_bitrate_mask)
9996 err = nl80211_parse_tx_bitrate_mask(info, &mask);
10000 return rdev_set_bitrate_mask(rdev, dev, NULL, &mask);
10003 static int nl80211_register_mgmt(struct sk_buff *skb, struct genl_info *info)
10005 struct cfg80211_registered_device *rdev = info->user_ptr[0];
10006 struct wireless_dev *wdev = info->user_ptr[1];
10007 u16 frame_type = IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_ACTION;
10009 if (!info->attrs[NL80211_ATTR_FRAME_MATCH])
10012 if (info->attrs[NL80211_ATTR_FRAME_TYPE])
10013 frame_type = nla_get_u16(info->attrs[NL80211_ATTR_FRAME_TYPE]);
10015 switch (wdev->iftype) {
10016 case NL80211_IFTYPE_STATION:
10017 case NL80211_IFTYPE_ADHOC:
10018 case NL80211_IFTYPE_P2P_CLIENT:
10019 case NL80211_IFTYPE_AP:
10020 case NL80211_IFTYPE_AP_VLAN:
10021 case NL80211_IFTYPE_MESH_POINT:
10022 case NL80211_IFTYPE_P2P_GO:
10023 case NL80211_IFTYPE_P2P_DEVICE:
10025 case NL80211_IFTYPE_NAN:
10027 return -EOPNOTSUPP;
10030 /* not much point in registering if we can't reply */
10031 if (!rdev->ops->mgmt_tx)
10032 return -EOPNOTSUPP;
10034 return cfg80211_mlme_register_mgmt(wdev, info->snd_portid, frame_type,
10035 nla_data(info->attrs[NL80211_ATTR_FRAME_MATCH]),
10036 nla_len(info->attrs[NL80211_ATTR_FRAME_MATCH]));
10039 static int nl80211_tx_mgmt(struct sk_buff *skb, struct genl_info *info)
10041 struct cfg80211_registered_device *rdev = info->user_ptr[0];
10042 struct wireless_dev *wdev = info->user_ptr[1];
10043 struct cfg80211_chan_def chandef;
10047 struct sk_buff *msg = NULL;
10048 struct cfg80211_mgmt_tx_params params = {
10049 .dont_wait_for_ack =
10050 info->attrs[NL80211_ATTR_DONT_WAIT_FOR_ACK],
10053 if (!info->attrs[NL80211_ATTR_FRAME])
10056 if (!rdev->ops->mgmt_tx)
10057 return -EOPNOTSUPP;
10059 switch (wdev->iftype) {
10060 case NL80211_IFTYPE_P2P_DEVICE:
10061 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ])
10063 case NL80211_IFTYPE_STATION:
10064 case NL80211_IFTYPE_ADHOC:
10065 case NL80211_IFTYPE_P2P_CLIENT:
10066 case NL80211_IFTYPE_AP:
10067 case NL80211_IFTYPE_AP_VLAN:
10068 case NL80211_IFTYPE_MESH_POINT:
10069 case NL80211_IFTYPE_P2P_GO:
10071 case NL80211_IFTYPE_NAN:
10073 return -EOPNOTSUPP;
10076 if (info->attrs[NL80211_ATTR_DURATION]) {
10077 if (!(rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX))
10079 params.wait = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]);
10082 * We should wait on the channel for at least a minimum amount
10083 * of time (10ms) but no longer than the driver supports.
10085 if (params.wait < NL80211_MIN_REMAIN_ON_CHANNEL_TIME ||
10086 params.wait > rdev->wiphy.max_remain_on_channel_duration)
10090 params.offchan = info->attrs[NL80211_ATTR_OFFCHANNEL_TX_OK];
10092 if (params.offchan && !(rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX))
10095 params.no_cck = nla_get_flag(info->attrs[NL80211_ATTR_TX_NO_CCK_RATE]);
10097 /* get the channel if any has been specified, otherwise pass NULL to
10098 * the driver. The latter will use the current one
10100 chandef.chan = NULL;
10101 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
10102 err = nl80211_parse_chandef(rdev, info, &chandef);
10107 if (!chandef.chan && params.offchan)
10111 if (params.offchan && !cfg80211_off_channel_oper_allowed(wdev)) {
10117 params.buf = nla_data(info->attrs[NL80211_ATTR_FRAME]);
10118 params.len = nla_len(info->attrs[NL80211_ATTR_FRAME]);
10120 if (info->attrs[NL80211_ATTR_CSA_C_OFFSETS_TX]) {
10121 int len = nla_len(info->attrs[NL80211_ATTR_CSA_C_OFFSETS_TX]);
10124 if (len % sizeof(u16))
10127 params.n_csa_offsets = len / sizeof(u16);
10128 params.csa_offsets =
10129 nla_data(info->attrs[NL80211_ATTR_CSA_C_OFFSETS_TX]);
10131 /* check that all the offsets fit the frame */
10132 for (i = 0; i < params.n_csa_offsets; i++) {
10133 if (params.csa_offsets[i] >= params.len)
10138 if (!params.dont_wait_for_ack) {
10139 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
10143 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
10144 NL80211_CMD_FRAME);
10151 params.chan = chandef.chan;
10152 err = cfg80211_mlme_mgmt_tx(rdev, wdev, ¶ms, &cookie);
10157 if (nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, cookie,
10159 goto nla_put_failure;
10161 genlmsg_end(msg, hdr);
10162 return genlmsg_reply(msg, info);
10174 static int nl80211_tx_mgmt_cancel_wait(struct sk_buff *skb, struct genl_info *info)
10176 struct cfg80211_registered_device *rdev = info->user_ptr[0];
10177 struct wireless_dev *wdev = info->user_ptr[1];
10180 if (!info->attrs[NL80211_ATTR_COOKIE])
10183 if (!rdev->ops->mgmt_tx_cancel_wait)
10184 return -EOPNOTSUPP;
10186 switch (wdev->iftype) {
10187 case NL80211_IFTYPE_STATION:
10188 case NL80211_IFTYPE_ADHOC:
10189 case NL80211_IFTYPE_P2P_CLIENT:
10190 case NL80211_IFTYPE_AP:
10191 case NL80211_IFTYPE_AP_VLAN:
10192 case NL80211_IFTYPE_P2P_GO:
10193 case NL80211_IFTYPE_P2P_DEVICE:
10195 case NL80211_IFTYPE_NAN:
10197 return -EOPNOTSUPP;
10200 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]);
10202 return rdev_mgmt_tx_cancel_wait(rdev, wdev, cookie);
10205 static int nl80211_set_power_save(struct sk_buff *skb, struct genl_info *info)
10207 struct cfg80211_registered_device *rdev = info->user_ptr[0];
10208 struct wireless_dev *wdev;
10209 struct net_device *dev = info->user_ptr[1];
10214 if (!info->attrs[NL80211_ATTR_PS_STATE])
10217 ps_state = nla_get_u32(info->attrs[NL80211_ATTR_PS_STATE]);
10219 wdev = dev->ieee80211_ptr;
10221 if (!rdev->ops->set_power_mgmt)
10222 return -EOPNOTSUPP;
10224 state = (ps_state == NL80211_PS_ENABLED) ? true : false;
10226 if (state == wdev->ps)
10229 err = rdev_set_power_mgmt(rdev, dev, state, wdev->ps_timeout);
10235 static int nl80211_get_power_save(struct sk_buff *skb, struct genl_info *info)
10237 struct cfg80211_registered_device *rdev = info->user_ptr[0];
10238 enum nl80211_ps_state ps_state;
10239 struct wireless_dev *wdev;
10240 struct net_device *dev = info->user_ptr[1];
10241 struct sk_buff *msg;
10245 wdev = dev->ieee80211_ptr;
10247 if (!rdev->ops->set_power_mgmt)
10248 return -EOPNOTSUPP;
10250 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
10254 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
10255 NL80211_CMD_GET_POWER_SAVE);
10262 ps_state = NL80211_PS_ENABLED;
10264 ps_state = NL80211_PS_DISABLED;
10266 if (nla_put_u32(msg, NL80211_ATTR_PS_STATE, ps_state))
10267 goto nla_put_failure;
10269 genlmsg_end(msg, hdr);
10270 return genlmsg_reply(msg, info);
10279 static const struct nla_policy
10280 nl80211_attr_cqm_policy[NL80211_ATTR_CQM_MAX + 1] = {
10281 [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_BINARY },
10282 [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U32 },
10283 [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 },
10284 [NL80211_ATTR_CQM_TXE_RATE] = { .type = NLA_U32 },
10285 [NL80211_ATTR_CQM_TXE_PKTS] = { .type = NLA_U32 },
10286 [NL80211_ATTR_CQM_TXE_INTVL] = { .type = NLA_U32 },
10287 [NL80211_ATTR_CQM_RSSI_LEVEL] = { .type = NLA_S32 },
10290 static int nl80211_set_cqm_txe(struct genl_info *info,
10291 u32 rate, u32 pkts, u32 intvl)
10293 struct cfg80211_registered_device *rdev = info->user_ptr[0];
10294 struct net_device *dev = info->user_ptr[1];
10295 struct wireless_dev *wdev = dev->ieee80211_ptr;
10297 if (rate > 100 || intvl > NL80211_CQM_TXE_MAX_INTVL)
10300 if (!rdev->ops->set_cqm_txe_config)
10301 return -EOPNOTSUPP;
10303 if (wdev->iftype != NL80211_IFTYPE_STATION &&
10304 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT)
10305 return -EOPNOTSUPP;
10307 return rdev_set_cqm_txe_config(rdev, dev, rate, pkts, intvl);
10310 static int cfg80211_cqm_rssi_update(struct cfg80211_registered_device *rdev,
10311 struct net_device *dev)
10313 struct wireless_dev *wdev = dev->ieee80211_ptr;
10314 s32 last, low, high;
10316 int i, n, low_index;
10319 /* RSSI reporting disabled? */
10320 if (!wdev->cqm_config)
10321 return rdev_set_cqm_rssi_range_config(rdev, dev, 0, 0);
10324 * Obtain current RSSI value if possible, if not and no RSSI threshold
10325 * event has been received yet, we should receive an event after a
10326 * connection is established and enough beacons received to calculate
10329 if (!wdev->cqm_config->last_rssi_event_value && wdev->current_bss &&
10330 rdev->ops->get_station) {
10331 struct station_info sinfo = {};
10334 mac_addr = wdev->current_bss->pub.bssid;
10336 err = rdev_get_station(rdev, dev, mac_addr, &sinfo);
10340 if (sinfo.filled & BIT_ULL(NL80211_STA_INFO_BEACON_SIGNAL_AVG))
10341 wdev->cqm_config->last_rssi_event_value =
10342 (s8) sinfo.rx_beacon_signal_avg;
10345 last = wdev->cqm_config->last_rssi_event_value;
10346 hyst = wdev->cqm_config->rssi_hyst;
10347 n = wdev->cqm_config->n_rssi_thresholds;
10349 for (i = 0; i < n; i++)
10350 if (last < wdev->cqm_config->rssi_thresholds[i])
10354 if (low_index >= 0) {
10355 low_index = array_index_nospec(low_index, n);
10356 low = wdev->cqm_config->rssi_thresholds[low_index] - hyst;
10361 i = array_index_nospec(i, n);
10362 high = wdev->cqm_config->rssi_thresholds[i] + hyst - 1;
10367 return rdev_set_cqm_rssi_range_config(rdev, dev, low, high);
10370 static int nl80211_set_cqm_rssi(struct genl_info *info,
10371 const s32 *thresholds, int n_thresholds,
10374 struct cfg80211_registered_device *rdev = info->user_ptr[0];
10375 struct net_device *dev = info->user_ptr[1];
10376 struct wireless_dev *wdev = dev->ieee80211_ptr;
10378 s32 prev = S32_MIN;
10380 /* Check all values negative and sorted */
10381 for (i = 0; i < n_thresholds; i++) {
10382 if (thresholds[i] > 0 || thresholds[i] <= prev)
10385 prev = thresholds[i];
10388 if (wdev->iftype != NL80211_IFTYPE_STATION &&
10389 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT)
10390 return -EOPNOTSUPP;
10393 cfg80211_cqm_config_free(wdev);
10396 if (n_thresholds <= 1 && rdev->ops->set_cqm_rssi_config) {
10397 if (n_thresholds == 0 || thresholds[0] == 0) /* Disabling */
10398 return rdev_set_cqm_rssi_config(rdev, dev, 0, 0);
10400 return rdev_set_cqm_rssi_config(rdev, dev,
10401 thresholds[0], hysteresis);
10404 if (!wiphy_ext_feature_isset(&rdev->wiphy,
10405 NL80211_EXT_FEATURE_CQM_RSSI_LIST))
10406 return -EOPNOTSUPP;
10408 if (n_thresholds == 1 && thresholds[0] == 0) /* Disabling */
10412 if (n_thresholds) {
10413 struct cfg80211_cqm_config *cqm_config;
10415 cqm_config = kzalloc(sizeof(struct cfg80211_cqm_config) +
10416 n_thresholds * sizeof(s32), GFP_KERNEL);
10422 cqm_config->rssi_hyst = hysteresis;
10423 cqm_config->n_rssi_thresholds = n_thresholds;
10424 memcpy(cqm_config->rssi_thresholds, thresholds,
10425 n_thresholds * sizeof(s32));
10427 wdev->cqm_config = cqm_config;
10430 err = cfg80211_cqm_rssi_update(rdev, dev);
10438 static int nl80211_set_cqm(struct sk_buff *skb, struct genl_info *info)
10440 struct nlattr *attrs[NL80211_ATTR_CQM_MAX + 1];
10441 struct nlattr *cqm;
10444 cqm = info->attrs[NL80211_ATTR_CQM];
10448 err = nla_parse_nested(attrs, NL80211_ATTR_CQM_MAX, cqm,
10449 nl80211_attr_cqm_policy, info->extack);
10453 if (attrs[NL80211_ATTR_CQM_RSSI_THOLD] &&
10454 attrs[NL80211_ATTR_CQM_RSSI_HYST]) {
10455 const s32 *thresholds =
10456 nla_data(attrs[NL80211_ATTR_CQM_RSSI_THOLD]);
10457 int len = nla_len(attrs[NL80211_ATTR_CQM_RSSI_THOLD]);
10458 u32 hysteresis = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_HYST]);
10463 return nl80211_set_cqm_rssi(info, thresholds, len / 4,
10467 if (attrs[NL80211_ATTR_CQM_TXE_RATE] &&
10468 attrs[NL80211_ATTR_CQM_TXE_PKTS] &&
10469 attrs[NL80211_ATTR_CQM_TXE_INTVL]) {
10470 u32 rate = nla_get_u32(attrs[NL80211_ATTR_CQM_TXE_RATE]);
10471 u32 pkts = nla_get_u32(attrs[NL80211_ATTR_CQM_TXE_PKTS]);
10472 u32 intvl = nla_get_u32(attrs[NL80211_ATTR_CQM_TXE_INTVL]);
10474 return nl80211_set_cqm_txe(info, rate, pkts, intvl);
10480 static int nl80211_join_ocb(struct sk_buff *skb, struct genl_info *info)
10482 struct cfg80211_registered_device *rdev = info->user_ptr[0];
10483 struct net_device *dev = info->user_ptr[1];
10484 struct ocb_setup setup = {};
10487 err = nl80211_parse_chandef(rdev, info, &setup.chandef);
10491 return cfg80211_join_ocb(rdev, dev, &setup);
10494 static int nl80211_leave_ocb(struct sk_buff *skb, struct genl_info *info)
10496 struct cfg80211_registered_device *rdev = info->user_ptr[0];
10497 struct net_device *dev = info->user_ptr[1];
10499 return cfg80211_leave_ocb(rdev, dev);
10502 static int nl80211_join_mesh(struct sk_buff *skb, struct genl_info *info)
10504 struct cfg80211_registered_device *rdev = info->user_ptr[0];
10505 struct net_device *dev = info->user_ptr[1];
10506 struct mesh_config cfg;
10507 struct mesh_setup setup;
10510 /* start with default */
10511 memcpy(&cfg, &default_mesh_config, sizeof(cfg));
10512 memcpy(&setup, &default_mesh_setup, sizeof(setup));
10514 if (info->attrs[NL80211_ATTR_MESH_CONFIG]) {
10515 /* and parse parameters if given */
10516 err = nl80211_parse_mesh_config(info, &cfg, NULL);
10521 if (!info->attrs[NL80211_ATTR_MESH_ID] ||
10522 !nla_len(info->attrs[NL80211_ATTR_MESH_ID]))
10525 setup.mesh_id = nla_data(info->attrs[NL80211_ATTR_MESH_ID]);
10526 setup.mesh_id_len = nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
10528 if (info->attrs[NL80211_ATTR_MCAST_RATE] &&
10529 !nl80211_parse_mcast_rate(rdev, setup.mcast_rate,
10530 nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE])))
10533 if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) {
10534 setup.beacon_interval =
10535 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]);
10537 err = cfg80211_validate_beacon_int(rdev,
10538 NL80211_IFTYPE_MESH_POINT,
10539 setup.beacon_interval);
10544 if (info->attrs[NL80211_ATTR_DTIM_PERIOD]) {
10545 setup.dtim_period =
10546 nla_get_u32(info->attrs[NL80211_ATTR_DTIM_PERIOD]);
10547 if (setup.dtim_period < 1 || setup.dtim_period > 100)
10551 if (info->attrs[NL80211_ATTR_MESH_SETUP]) {
10552 /* parse additional setup parameters if given */
10553 err = nl80211_parse_mesh_setup(info, &setup);
10558 if (setup.user_mpm)
10559 cfg.auto_open_plinks = false;
10561 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
10562 err = nl80211_parse_chandef(rdev, info, &setup.chandef);
10566 /* __cfg80211_join_mesh() will sort it out */
10567 setup.chandef.chan = NULL;
10570 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) {
10571 u8 *rates = nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
10573 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
10574 struct ieee80211_supported_band *sband;
10576 if (!setup.chandef.chan)
10579 sband = rdev->wiphy.bands[setup.chandef.chan->band];
10581 err = ieee80211_get_ratemask(sband, rates, n_rates,
10582 &setup.basic_rates);
10587 if (info->attrs[NL80211_ATTR_TX_RATES]) {
10588 err = nl80211_parse_tx_bitrate_mask(info, &setup.beacon_rate);
10592 if (!setup.chandef.chan)
10595 err = validate_beacon_tx_rate(rdev, setup.chandef.chan->band,
10596 &setup.beacon_rate);
10601 setup.userspace_handles_dfs =
10602 nla_get_flag(info->attrs[NL80211_ATTR_HANDLE_DFS]);
10604 if (info->attrs[NL80211_ATTR_CONTROL_PORT_OVER_NL80211]) {
10605 int r = validate_pae_over_nl80211(rdev, info);
10610 setup.control_port_over_nl80211 = true;
10613 wdev_lock(dev->ieee80211_ptr);
10614 err = __cfg80211_join_mesh(rdev, dev, &setup, &cfg);
10615 if (!err && info->attrs[NL80211_ATTR_SOCKET_OWNER])
10616 dev->ieee80211_ptr->conn_owner_nlportid = info->snd_portid;
10617 wdev_unlock(dev->ieee80211_ptr);
10622 static int nl80211_leave_mesh(struct sk_buff *skb, struct genl_info *info)
10624 struct cfg80211_registered_device *rdev = info->user_ptr[0];
10625 struct net_device *dev = info->user_ptr[1];
10627 return cfg80211_leave_mesh(rdev, dev);
10631 static int nl80211_send_wowlan_patterns(struct sk_buff *msg,
10632 struct cfg80211_registered_device *rdev)
10634 struct cfg80211_wowlan *wowlan = rdev->wiphy.wowlan_config;
10635 struct nlattr *nl_pats, *nl_pat;
10638 if (!wowlan->n_patterns)
10641 nl_pats = nla_nest_start(msg, NL80211_WOWLAN_TRIG_PKT_PATTERN);
10645 for (i = 0; i < wowlan->n_patterns; i++) {
10646 nl_pat = nla_nest_start(msg, i + 1);
10649 pat_len = wowlan->patterns[i].pattern_len;
10650 if (nla_put(msg, NL80211_PKTPAT_MASK, DIV_ROUND_UP(pat_len, 8),
10651 wowlan->patterns[i].mask) ||
10652 nla_put(msg, NL80211_PKTPAT_PATTERN, pat_len,
10653 wowlan->patterns[i].pattern) ||
10654 nla_put_u32(msg, NL80211_PKTPAT_OFFSET,
10655 wowlan->patterns[i].pkt_offset))
10657 nla_nest_end(msg, nl_pat);
10659 nla_nest_end(msg, nl_pats);
10664 static int nl80211_send_wowlan_tcp(struct sk_buff *msg,
10665 struct cfg80211_wowlan_tcp *tcp)
10667 struct nlattr *nl_tcp;
10672 nl_tcp = nla_nest_start(msg, NL80211_WOWLAN_TRIG_TCP_CONNECTION);
10676 if (nla_put_in_addr(msg, NL80211_WOWLAN_TCP_SRC_IPV4, tcp->src) ||
10677 nla_put_in_addr(msg, NL80211_WOWLAN_TCP_DST_IPV4, tcp->dst) ||
10678 nla_put(msg, NL80211_WOWLAN_TCP_DST_MAC, ETH_ALEN, tcp->dst_mac) ||
10679 nla_put_u16(msg, NL80211_WOWLAN_TCP_SRC_PORT, tcp->src_port) ||
10680 nla_put_u16(msg, NL80211_WOWLAN_TCP_DST_PORT, tcp->dst_port) ||
10681 nla_put(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD,
10682 tcp->payload_len, tcp->payload) ||
10683 nla_put_u32(msg, NL80211_WOWLAN_TCP_DATA_INTERVAL,
10684 tcp->data_interval) ||
10685 nla_put(msg, NL80211_WOWLAN_TCP_WAKE_PAYLOAD,
10686 tcp->wake_len, tcp->wake_data) ||
10687 nla_put(msg, NL80211_WOWLAN_TCP_WAKE_MASK,
10688 DIV_ROUND_UP(tcp->wake_len, 8), tcp->wake_mask))
10691 if (tcp->payload_seq.len &&
10692 nla_put(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ,
10693 sizeof(tcp->payload_seq), &tcp->payload_seq))
10696 if (tcp->payload_tok.len &&
10697 nla_put(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN,
10698 sizeof(tcp->payload_tok) + tcp->tokens_size,
10699 &tcp->payload_tok))
10702 nla_nest_end(msg, nl_tcp);
10707 static int nl80211_send_wowlan_nd(struct sk_buff *msg,
10708 struct cfg80211_sched_scan_request *req)
10710 struct nlattr *nd, *freqs, *matches, *match, *scan_plans, *scan_plan;
10716 nd = nla_nest_start(msg, NL80211_WOWLAN_TRIG_NET_DETECT);
10720 if (req->n_scan_plans == 1 &&
10721 nla_put_u32(msg, NL80211_ATTR_SCHED_SCAN_INTERVAL,
10722 req->scan_plans[0].interval * 1000))
10725 if (nla_put_u32(msg, NL80211_ATTR_SCHED_SCAN_DELAY, req->delay))
10728 if (req->relative_rssi_set) {
10729 struct nl80211_bss_select_rssi_adjust rssi_adjust;
10731 if (nla_put_s8(msg, NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI,
10732 req->relative_rssi))
10735 rssi_adjust.band = req->rssi_adjust.band;
10736 rssi_adjust.delta = req->rssi_adjust.delta;
10737 if (nla_put(msg, NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST,
10738 sizeof(rssi_adjust), &rssi_adjust))
10742 freqs = nla_nest_start(msg, NL80211_ATTR_SCAN_FREQUENCIES);
10746 for (i = 0; i < req->n_channels; i++) {
10747 if (nla_put_u32(msg, i, req->channels[i]->center_freq))
10751 nla_nest_end(msg, freqs);
10753 if (req->n_match_sets) {
10754 matches = nla_nest_start(msg, NL80211_ATTR_SCHED_SCAN_MATCH);
10758 for (i = 0; i < req->n_match_sets; i++) {
10759 match = nla_nest_start(msg, i);
10763 if (nla_put(msg, NL80211_SCHED_SCAN_MATCH_ATTR_SSID,
10764 req->match_sets[i].ssid.ssid_len,
10765 req->match_sets[i].ssid.ssid))
10767 nla_nest_end(msg, match);
10769 nla_nest_end(msg, matches);
10772 scan_plans = nla_nest_start(msg, NL80211_ATTR_SCHED_SCAN_PLANS);
10776 for (i = 0; i < req->n_scan_plans; i++) {
10777 scan_plan = nla_nest_start(msg, i + 1);
10781 if (nla_put_u32(msg, NL80211_SCHED_SCAN_PLAN_INTERVAL,
10782 req->scan_plans[i].interval) ||
10783 (req->scan_plans[i].iterations &&
10784 nla_put_u32(msg, NL80211_SCHED_SCAN_PLAN_ITERATIONS,
10785 req->scan_plans[i].iterations)))
10787 nla_nest_end(msg, scan_plan);
10789 nla_nest_end(msg, scan_plans);
10791 nla_nest_end(msg, nd);
10796 static int nl80211_get_wowlan(struct sk_buff *skb, struct genl_info *info)
10798 struct cfg80211_registered_device *rdev = info->user_ptr[0];
10799 struct sk_buff *msg;
10801 u32 size = NLMSG_DEFAULT_SIZE;
10803 if (!rdev->wiphy.wowlan)
10804 return -EOPNOTSUPP;
10806 if (rdev->wiphy.wowlan_config && rdev->wiphy.wowlan_config->tcp) {
10807 /* adjust size to have room for all the data */
10808 size += rdev->wiphy.wowlan_config->tcp->tokens_size +
10809 rdev->wiphy.wowlan_config->tcp->payload_len +
10810 rdev->wiphy.wowlan_config->tcp->wake_len +
10811 rdev->wiphy.wowlan_config->tcp->wake_len / 8;
10814 msg = nlmsg_new(size, GFP_KERNEL);
10818 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
10819 NL80211_CMD_GET_WOWLAN);
10821 goto nla_put_failure;
10823 if (rdev->wiphy.wowlan_config) {
10824 struct nlattr *nl_wowlan;
10826 nl_wowlan = nla_nest_start(msg, NL80211_ATTR_WOWLAN_TRIGGERS);
10828 goto nla_put_failure;
10830 if ((rdev->wiphy.wowlan_config->any &&
10831 nla_put_flag(msg, NL80211_WOWLAN_TRIG_ANY)) ||
10832 (rdev->wiphy.wowlan_config->disconnect &&
10833 nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT)) ||
10834 (rdev->wiphy.wowlan_config->magic_pkt &&
10835 nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT)) ||
10836 (rdev->wiphy.wowlan_config->gtk_rekey_failure &&
10837 nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE)) ||
10838 (rdev->wiphy.wowlan_config->eap_identity_req &&
10839 nla_put_flag(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST)) ||
10840 (rdev->wiphy.wowlan_config->four_way_handshake &&
10841 nla_put_flag(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE)) ||
10842 (rdev->wiphy.wowlan_config->rfkill_release &&
10843 nla_put_flag(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE)))
10844 goto nla_put_failure;
10846 if (nl80211_send_wowlan_patterns(msg, rdev))
10847 goto nla_put_failure;
10849 if (nl80211_send_wowlan_tcp(msg,
10850 rdev->wiphy.wowlan_config->tcp))
10851 goto nla_put_failure;
10853 if (nl80211_send_wowlan_nd(
10855 rdev->wiphy.wowlan_config->nd_config))
10856 goto nla_put_failure;
10858 nla_nest_end(msg, nl_wowlan);
10861 genlmsg_end(msg, hdr);
10862 return genlmsg_reply(msg, info);
10869 static int nl80211_parse_wowlan_tcp(struct cfg80211_registered_device *rdev,
10870 struct nlattr *attr,
10871 struct cfg80211_wowlan *trig)
10873 struct nlattr *tb[NUM_NL80211_WOWLAN_TCP];
10874 struct cfg80211_wowlan_tcp *cfg;
10875 struct nl80211_wowlan_tcp_data_token *tok = NULL;
10876 struct nl80211_wowlan_tcp_data_seq *seq = NULL;
10878 u32 data_size, wake_size, tokens_size = 0, wake_mask_size;
10881 if (!rdev->wiphy.wowlan->tcp)
10884 err = nla_parse_nested(tb, MAX_NL80211_WOWLAN_TCP, attr,
10885 nl80211_wowlan_tcp_policy, NULL);
10889 if (!tb[NL80211_WOWLAN_TCP_SRC_IPV4] ||
10890 !tb[NL80211_WOWLAN_TCP_DST_IPV4] ||
10891 !tb[NL80211_WOWLAN_TCP_DST_MAC] ||
10892 !tb[NL80211_WOWLAN_TCP_DST_PORT] ||
10893 !tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD] ||
10894 !tb[NL80211_WOWLAN_TCP_DATA_INTERVAL] ||
10895 !tb[NL80211_WOWLAN_TCP_WAKE_PAYLOAD] ||
10896 !tb[NL80211_WOWLAN_TCP_WAKE_MASK])
10899 data_size = nla_len(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD]);
10900 if (data_size > rdev->wiphy.wowlan->tcp->data_payload_max)
10903 if (nla_get_u32(tb[NL80211_WOWLAN_TCP_DATA_INTERVAL]) >
10904 rdev->wiphy.wowlan->tcp->data_interval_max ||
10905 nla_get_u32(tb[NL80211_WOWLAN_TCP_DATA_INTERVAL]) == 0)
10908 wake_size = nla_len(tb[NL80211_WOWLAN_TCP_WAKE_PAYLOAD]);
10909 if (wake_size > rdev->wiphy.wowlan->tcp->wake_payload_max)
10912 wake_mask_size = nla_len(tb[NL80211_WOWLAN_TCP_WAKE_MASK]);
10913 if (wake_mask_size != DIV_ROUND_UP(wake_size, 8))
10916 if (tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN]) {
10917 u32 tokln = nla_len(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN]);
10919 tok = nla_data(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN]);
10920 tokens_size = tokln - sizeof(*tok);
10922 if (!tok->len || tokens_size % tok->len)
10924 if (!rdev->wiphy.wowlan->tcp->tok)
10926 if (tok->len > rdev->wiphy.wowlan->tcp->tok->max_len)
10928 if (tok->len < rdev->wiphy.wowlan->tcp->tok->min_len)
10930 if (tokens_size > rdev->wiphy.wowlan->tcp->tok->bufsize)
10932 if (tok->offset + tok->len > data_size)
10936 if (tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ]) {
10937 seq = nla_data(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ]);
10938 if (!rdev->wiphy.wowlan->tcp->seq)
10940 if (seq->len == 0 || seq->len > 4)
10942 if (seq->len + seq->offset > data_size)
10946 size = sizeof(*cfg);
10948 size += wake_size + wake_mask_size;
10949 size += tokens_size;
10951 cfg = kzalloc(size, GFP_KERNEL);
10954 cfg->src = nla_get_in_addr(tb[NL80211_WOWLAN_TCP_SRC_IPV4]);
10955 cfg->dst = nla_get_in_addr(tb[NL80211_WOWLAN_TCP_DST_IPV4]);
10956 memcpy(cfg->dst_mac, nla_data(tb[NL80211_WOWLAN_TCP_DST_MAC]),
10958 if (tb[NL80211_WOWLAN_TCP_SRC_PORT])
10959 port = nla_get_u16(tb[NL80211_WOWLAN_TCP_SRC_PORT]);
10963 /* allocate a socket and port for it and use it */
10964 err = __sock_create(wiphy_net(&rdev->wiphy), PF_INET, SOCK_STREAM,
10965 IPPROTO_TCP, &cfg->sock, 1);
10970 if (inet_csk_get_port(cfg->sock->sk, port)) {
10971 sock_release(cfg->sock);
10973 return -EADDRINUSE;
10975 cfg->src_port = inet_sk(cfg->sock->sk)->inet_num;
10981 cfg->src_port = port;
10984 cfg->dst_port = nla_get_u16(tb[NL80211_WOWLAN_TCP_DST_PORT]);
10985 cfg->payload_len = data_size;
10986 cfg->payload = (u8 *)cfg + sizeof(*cfg) + tokens_size;
10987 memcpy((void *)cfg->payload,
10988 nla_data(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD]),
10991 cfg->payload_seq = *seq;
10992 cfg->data_interval = nla_get_u32(tb[NL80211_WOWLAN_TCP_DATA_INTERVAL]);
10993 cfg->wake_len = wake_size;
10994 cfg->wake_data = (u8 *)cfg + sizeof(*cfg) + tokens_size + data_size;
10995 memcpy((void *)cfg->wake_data,
10996 nla_data(tb[NL80211_WOWLAN_TCP_WAKE_PAYLOAD]),
10998 cfg->wake_mask = (u8 *)cfg + sizeof(*cfg) + tokens_size +
10999 data_size + wake_size;
11000 memcpy((void *)cfg->wake_mask,
11001 nla_data(tb[NL80211_WOWLAN_TCP_WAKE_MASK]),
11004 cfg->tokens_size = tokens_size;
11005 memcpy(&cfg->payload_tok, tok, sizeof(*tok) + tokens_size);
11013 static int nl80211_parse_wowlan_nd(struct cfg80211_registered_device *rdev,
11014 const struct wiphy_wowlan_support *wowlan,
11015 struct nlattr *attr,
11016 struct cfg80211_wowlan *trig)
11018 struct nlattr **tb;
11021 tb = kcalloc(NUM_NL80211_ATTR, sizeof(*tb), GFP_KERNEL);
11025 if (!(wowlan->flags & WIPHY_WOWLAN_NET_DETECT)) {
11030 err = nla_parse_nested(tb, NL80211_ATTR_MAX, attr, nl80211_policy,
11035 trig->nd_config = nl80211_parse_sched_scan(&rdev->wiphy, NULL, tb,
11036 wowlan->max_nd_match_sets);
11037 err = PTR_ERR_OR_ZERO(trig->nd_config);
11039 trig->nd_config = NULL;
11046 static int nl80211_set_wowlan(struct sk_buff *skb, struct genl_info *info)
11048 struct cfg80211_registered_device *rdev = info->user_ptr[0];
11049 struct nlattr *tb[NUM_NL80211_WOWLAN_TRIG];
11050 struct cfg80211_wowlan new_triggers = {};
11051 struct cfg80211_wowlan *ntrig;
11052 const struct wiphy_wowlan_support *wowlan = rdev->wiphy.wowlan;
11054 bool prev_enabled = rdev->wiphy.wowlan_config;
11055 bool regular = false;
11058 return -EOPNOTSUPP;
11060 if (!info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]) {
11061 cfg80211_rdev_free_wowlan(rdev);
11062 rdev->wiphy.wowlan_config = NULL;
11066 err = nla_parse_nested(tb, MAX_NL80211_WOWLAN_TRIG,
11067 info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS],
11068 nl80211_wowlan_policy, info->extack);
11072 if (tb[NL80211_WOWLAN_TRIG_ANY]) {
11073 if (!(wowlan->flags & WIPHY_WOWLAN_ANY))
11075 new_triggers.any = true;
11078 if (tb[NL80211_WOWLAN_TRIG_DISCONNECT]) {
11079 if (!(wowlan->flags & WIPHY_WOWLAN_DISCONNECT))
11081 new_triggers.disconnect = true;
11085 if (tb[NL80211_WOWLAN_TRIG_MAGIC_PKT]) {
11086 if (!(wowlan->flags & WIPHY_WOWLAN_MAGIC_PKT))
11088 new_triggers.magic_pkt = true;
11092 if (tb[NL80211_WOWLAN_TRIG_GTK_REKEY_SUPPORTED])
11095 if (tb[NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE]) {
11096 if (!(wowlan->flags & WIPHY_WOWLAN_GTK_REKEY_FAILURE))
11098 new_triggers.gtk_rekey_failure = true;
11102 if (tb[NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST]) {
11103 if (!(wowlan->flags & WIPHY_WOWLAN_EAP_IDENTITY_REQ))
11105 new_triggers.eap_identity_req = true;
11109 if (tb[NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE]) {
11110 if (!(wowlan->flags & WIPHY_WOWLAN_4WAY_HANDSHAKE))
11112 new_triggers.four_way_handshake = true;
11116 if (tb[NL80211_WOWLAN_TRIG_RFKILL_RELEASE]) {
11117 if (!(wowlan->flags & WIPHY_WOWLAN_RFKILL_RELEASE))
11119 new_triggers.rfkill_release = true;
11123 if (tb[NL80211_WOWLAN_TRIG_PKT_PATTERN]) {
11124 struct nlattr *pat;
11125 int n_patterns = 0;
11126 int rem, pat_len, mask_len, pkt_offset;
11127 struct nlattr *pat_tb[NUM_NL80211_PKTPAT];
11131 nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN],
11134 if (n_patterns > wowlan->n_patterns)
11137 new_triggers.patterns = kcalloc(n_patterns,
11138 sizeof(new_triggers.patterns[0]),
11140 if (!new_triggers.patterns)
11143 new_triggers.n_patterns = n_patterns;
11146 nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN],
11150 err = nla_parse_nested(pat_tb, MAX_NL80211_PKTPAT, pat,
11151 nl80211_packet_pattern_policy,
11157 if (!pat_tb[NL80211_PKTPAT_MASK] ||
11158 !pat_tb[NL80211_PKTPAT_PATTERN])
11160 pat_len = nla_len(pat_tb[NL80211_PKTPAT_PATTERN]);
11161 mask_len = DIV_ROUND_UP(pat_len, 8);
11162 if (nla_len(pat_tb[NL80211_PKTPAT_MASK]) != mask_len)
11164 if (pat_len > wowlan->pattern_max_len ||
11165 pat_len < wowlan->pattern_min_len)
11168 if (!pat_tb[NL80211_PKTPAT_OFFSET])
11171 pkt_offset = nla_get_u32(
11172 pat_tb[NL80211_PKTPAT_OFFSET]);
11173 if (pkt_offset > wowlan->max_pkt_offset)
11175 new_triggers.patterns[i].pkt_offset = pkt_offset;
11177 mask_pat = kmalloc(mask_len + pat_len, GFP_KERNEL);
11182 new_triggers.patterns[i].mask = mask_pat;
11183 memcpy(mask_pat, nla_data(pat_tb[NL80211_PKTPAT_MASK]),
11185 mask_pat += mask_len;
11186 new_triggers.patterns[i].pattern = mask_pat;
11187 new_triggers.patterns[i].pattern_len = pat_len;
11189 nla_data(pat_tb[NL80211_PKTPAT_PATTERN]),
11195 if (tb[NL80211_WOWLAN_TRIG_TCP_CONNECTION]) {
11197 err = nl80211_parse_wowlan_tcp(
11198 rdev, tb[NL80211_WOWLAN_TRIG_TCP_CONNECTION],
11204 if (tb[NL80211_WOWLAN_TRIG_NET_DETECT]) {
11206 err = nl80211_parse_wowlan_nd(
11207 rdev, wowlan, tb[NL80211_WOWLAN_TRIG_NET_DETECT],
11213 /* The 'any' trigger means the device continues operating more or less
11214 * as in its normal operation mode and wakes up the host on most of the
11215 * normal interrupts (like packet RX, ...)
11216 * It therefore makes little sense to combine with the more constrained
11217 * wakeup trigger modes.
11219 if (new_triggers.any && regular) {
11224 ntrig = kmemdup(&new_triggers, sizeof(new_triggers), GFP_KERNEL);
11229 cfg80211_rdev_free_wowlan(rdev);
11230 rdev->wiphy.wowlan_config = ntrig;
11233 if (rdev->ops->set_wakeup &&
11234 prev_enabled != !!rdev->wiphy.wowlan_config)
11235 rdev_set_wakeup(rdev, rdev->wiphy.wowlan_config);
11239 for (i = 0; i < new_triggers.n_patterns; i++)
11240 kfree(new_triggers.patterns[i].mask);
11241 kfree(new_triggers.patterns);
11242 if (new_triggers.tcp && new_triggers.tcp->sock)
11243 sock_release(new_triggers.tcp->sock);
11244 kfree(new_triggers.tcp);
11245 kfree(new_triggers.nd_config);
11250 static int nl80211_send_coalesce_rules(struct sk_buff *msg,
11251 struct cfg80211_registered_device *rdev)
11253 struct nlattr *nl_pats, *nl_pat, *nl_rule, *nl_rules;
11255 struct cfg80211_coalesce_rules *rule;
11257 if (!rdev->coalesce->n_rules)
11260 nl_rules = nla_nest_start(msg, NL80211_ATTR_COALESCE_RULE);
11264 for (i = 0; i < rdev->coalesce->n_rules; i++) {
11265 nl_rule = nla_nest_start(msg, i + 1);
11269 rule = &rdev->coalesce->rules[i];
11270 if (nla_put_u32(msg, NL80211_ATTR_COALESCE_RULE_DELAY,
11274 if (nla_put_u32(msg, NL80211_ATTR_COALESCE_RULE_CONDITION,
11278 nl_pats = nla_nest_start(msg,
11279 NL80211_ATTR_COALESCE_RULE_PKT_PATTERN);
11283 for (j = 0; j < rule->n_patterns; j++) {
11284 nl_pat = nla_nest_start(msg, j + 1);
11287 pat_len = rule->patterns[j].pattern_len;
11288 if (nla_put(msg, NL80211_PKTPAT_MASK,
11289 DIV_ROUND_UP(pat_len, 8),
11290 rule->patterns[j].mask) ||
11291 nla_put(msg, NL80211_PKTPAT_PATTERN, pat_len,
11292 rule->patterns[j].pattern) ||
11293 nla_put_u32(msg, NL80211_PKTPAT_OFFSET,
11294 rule->patterns[j].pkt_offset))
11296 nla_nest_end(msg, nl_pat);
11298 nla_nest_end(msg, nl_pats);
11299 nla_nest_end(msg, nl_rule);
11301 nla_nest_end(msg, nl_rules);
11306 static int nl80211_get_coalesce(struct sk_buff *skb, struct genl_info *info)
11308 struct cfg80211_registered_device *rdev = info->user_ptr[0];
11309 struct sk_buff *msg;
11312 if (!rdev->wiphy.coalesce)
11313 return -EOPNOTSUPP;
11315 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
11319 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
11320 NL80211_CMD_GET_COALESCE);
11322 goto nla_put_failure;
11324 if (rdev->coalesce && nl80211_send_coalesce_rules(msg, rdev))
11325 goto nla_put_failure;
11327 genlmsg_end(msg, hdr);
11328 return genlmsg_reply(msg, info);
11335 void cfg80211_rdev_free_coalesce(struct cfg80211_registered_device *rdev)
11337 struct cfg80211_coalesce *coalesce = rdev->coalesce;
11339 struct cfg80211_coalesce_rules *rule;
11344 for (i = 0; i < coalesce->n_rules; i++) {
11345 rule = &coalesce->rules[i];
11346 for (j = 0; j < rule->n_patterns; j++)
11347 kfree(rule->patterns[j].mask);
11348 kfree(rule->patterns);
11350 kfree(coalesce->rules);
11352 rdev->coalesce = NULL;
11355 static int nl80211_parse_coalesce_rule(struct cfg80211_registered_device *rdev,
11356 struct nlattr *rule,
11357 struct cfg80211_coalesce_rules *new_rule)
11360 const struct wiphy_coalesce_support *coalesce = rdev->wiphy.coalesce;
11361 struct nlattr *tb[NUM_NL80211_ATTR_COALESCE_RULE], *pat;
11362 int rem, pat_len, mask_len, pkt_offset, n_patterns = 0;
11363 struct nlattr *pat_tb[NUM_NL80211_PKTPAT];
11365 err = nla_parse_nested(tb, NL80211_ATTR_COALESCE_RULE_MAX, rule,
11366 nl80211_coalesce_policy, NULL);
11370 if (tb[NL80211_ATTR_COALESCE_RULE_DELAY])
11372 nla_get_u32(tb[NL80211_ATTR_COALESCE_RULE_DELAY]);
11373 if (new_rule->delay > coalesce->max_delay)
11376 if (tb[NL80211_ATTR_COALESCE_RULE_CONDITION])
11377 new_rule->condition =
11378 nla_get_u32(tb[NL80211_ATTR_COALESCE_RULE_CONDITION]);
11380 if (!tb[NL80211_ATTR_COALESCE_RULE_PKT_PATTERN])
11383 nla_for_each_nested(pat, tb[NL80211_ATTR_COALESCE_RULE_PKT_PATTERN],
11386 if (n_patterns > coalesce->n_patterns)
11389 new_rule->patterns = kcalloc(n_patterns, sizeof(new_rule->patterns[0]),
11391 if (!new_rule->patterns)
11394 new_rule->n_patterns = n_patterns;
11397 nla_for_each_nested(pat, tb[NL80211_ATTR_COALESCE_RULE_PKT_PATTERN],
11401 err = nla_parse_nested(pat_tb, MAX_NL80211_PKTPAT, pat,
11402 nl80211_packet_pattern_policy, NULL);
11406 if (!pat_tb[NL80211_PKTPAT_MASK] ||
11407 !pat_tb[NL80211_PKTPAT_PATTERN])
11409 pat_len = nla_len(pat_tb[NL80211_PKTPAT_PATTERN]);
11410 mask_len = DIV_ROUND_UP(pat_len, 8);
11411 if (nla_len(pat_tb[NL80211_PKTPAT_MASK]) != mask_len)
11413 if (pat_len > coalesce->pattern_max_len ||
11414 pat_len < coalesce->pattern_min_len)
11417 if (!pat_tb[NL80211_PKTPAT_OFFSET])
11420 pkt_offset = nla_get_u32(pat_tb[NL80211_PKTPAT_OFFSET]);
11421 if (pkt_offset > coalesce->max_pkt_offset)
11423 new_rule->patterns[i].pkt_offset = pkt_offset;
11425 mask_pat = kmalloc(mask_len + pat_len, GFP_KERNEL);
11429 new_rule->patterns[i].mask = mask_pat;
11430 memcpy(mask_pat, nla_data(pat_tb[NL80211_PKTPAT_MASK]),
11433 mask_pat += mask_len;
11434 new_rule->patterns[i].pattern = mask_pat;
11435 new_rule->patterns[i].pattern_len = pat_len;
11436 memcpy(mask_pat, nla_data(pat_tb[NL80211_PKTPAT_PATTERN]),
11444 static int nl80211_set_coalesce(struct sk_buff *skb, struct genl_info *info)
11446 struct cfg80211_registered_device *rdev = info->user_ptr[0];
11447 const struct wiphy_coalesce_support *coalesce = rdev->wiphy.coalesce;
11448 struct cfg80211_coalesce new_coalesce = {};
11449 struct cfg80211_coalesce *n_coalesce;
11450 int err, rem_rule, n_rules = 0, i, j;
11451 struct nlattr *rule;
11452 struct cfg80211_coalesce_rules *tmp_rule;
11454 if (!rdev->wiphy.coalesce || !rdev->ops->set_coalesce)
11455 return -EOPNOTSUPP;
11457 if (!info->attrs[NL80211_ATTR_COALESCE_RULE]) {
11458 cfg80211_rdev_free_coalesce(rdev);
11459 rdev_set_coalesce(rdev, NULL);
11463 nla_for_each_nested(rule, info->attrs[NL80211_ATTR_COALESCE_RULE],
11466 if (n_rules > coalesce->n_rules)
11469 new_coalesce.rules = kcalloc(n_rules, sizeof(new_coalesce.rules[0]),
11471 if (!new_coalesce.rules)
11474 new_coalesce.n_rules = n_rules;
11477 nla_for_each_nested(rule, info->attrs[NL80211_ATTR_COALESCE_RULE],
11479 err = nl80211_parse_coalesce_rule(rdev, rule,
11480 &new_coalesce.rules[i]);
11487 err = rdev_set_coalesce(rdev, &new_coalesce);
11491 n_coalesce = kmemdup(&new_coalesce, sizeof(new_coalesce), GFP_KERNEL);
11496 cfg80211_rdev_free_coalesce(rdev);
11497 rdev->coalesce = n_coalesce;
11501 for (i = 0; i < new_coalesce.n_rules; i++) {
11502 tmp_rule = &new_coalesce.rules[i];
11503 for (j = 0; j < tmp_rule->n_patterns; j++)
11504 kfree(tmp_rule->patterns[j].mask);
11505 kfree(tmp_rule->patterns);
11507 kfree(new_coalesce.rules);
11512 static int nl80211_set_rekey_data(struct sk_buff *skb, struct genl_info *info)
11514 struct cfg80211_registered_device *rdev = info->user_ptr[0];
11515 struct net_device *dev = info->user_ptr[1];
11516 struct wireless_dev *wdev = dev->ieee80211_ptr;
11517 struct nlattr *tb[NUM_NL80211_REKEY_DATA];
11518 struct cfg80211_gtk_rekey_data rekey_data;
11521 if (!info->attrs[NL80211_ATTR_REKEY_DATA])
11524 err = nla_parse_nested(tb, MAX_NL80211_REKEY_DATA,
11525 info->attrs[NL80211_ATTR_REKEY_DATA],
11526 nl80211_rekey_policy, info->extack);
11530 if (!tb[NL80211_REKEY_DATA_REPLAY_CTR] || !tb[NL80211_REKEY_DATA_KEK] ||
11531 !tb[NL80211_REKEY_DATA_KCK])
11533 if (nla_len(tb[NL80211_REKEY_DATA_REPLAY_CTR]) != NL80211_REPLAY_CTR_LEN)
11535 if (nla_len(tb[NL80211_REKEY_DATA_KEK]) != NL80211_KEK_LEN)
11537 if (nla_len(tb[NL80211_REKEY_DATA_KCK]) != NL80211_KCK_LEN)
11540 rekey_data.kek = nla_data(tb[NL80211_REKEY_DATA_KEK]);
11541 rekey_data.kck = nla_data(tb[NL80211_REKEY_DATA_KCK]);
11542 rekey_data.replay_ctr = nla_data(tb[NL80211_REKEY_DATA_REPLAY_CTR]);
11545 if (!wdev->current_bss) {
11550 if (!rdev->ops->set_rekey_data) {
11555 err = rdev_set_rekey_data(rdev, dev, &rekey_data);
11561 static int nl80211_register_unexpected_frame(struct sk_buff *skb,
11562 struct genl_info *info)
11564 struct net_device *dev = info->user_ptr[1];
11565 struct wireless_dev *wdev = dev->ieee80211_ptr;
11567 if (wdev->iftype != NL80211_IFTYPE_AP &&
11568 wdev->iftype != NL80211_IFTYPE_P2P_GO)
11571 if (wdev->ap_unexpected_nlportid)
11574 wdev->ap_unexpected_nlportid = info->snd_portid;
11578 static int nl80211_probe_client(struct sk_buff *skb,
11579 struct genl_info *info)
11581 struct cfg80211_registered_device *rdev = info->user_ptr[0];
11582 struct net_device *dev = info->user_ptr[1];
11583 struct wireless_dev *wdev = dev->ieee80211_ptr;
11584 struct sk_buff *msg;
11590 if (wdev->iftype != NL80211_IFTYPE_AP &&
11591 wdev->iftype != NL80211_IFTYPE_P2P_GO)
11592 return -EOPNOTSUPP;
11594 if (!info->attrs[NL80211_ATTR_MAC])
11597 if (!rdev->ops->probe_client)
11598 return -EOPNOTSUPP;
11600 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
11604 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
11605 NL80211_CMD_PROBE_CLIENT);
11611 addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
11613 err = rdev_probe_client(rdev, dev, addr, &cookie);
11617 if (nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, cookie,
11619 goto nla_put_failure;
11621 genlmsg_end(msg, hdr);
11623 return genlmsg_reply(msg, info);
11632 static int nl80211_register_beacons(struct sk_buff *skb, struct genl_info *info)
11634 struct cfg80211_registered_device *rdev = info->user_ptr[0];
11635 struct cfg80211_beacon_registration *reg, *nreg;
11638 if (!(rdev->wiphy.flags & WIPHY_FLAG_REPORTS_OBSS))
11639 return -EOPNOTSUPP;
11641 nreg = kzalloc(sizeof(*nreg), GFP_KERNEL);
11645 /* First, check if already registered. */
11646 spin_lock_bh(&rdev->beacon_registrations_lock);
11647 list_for_each_entry(reg, &rdev->beacon_registrations, list) {
11648 if (reg->nlportid == info->snd_portid) {
11653 /* Add it to the list */
11654 nreg->nlportid = info->snd_portid;
11655 list_add(&nreg->list, &rdev->beacon_registrations);
11657 spin_unlock_bh(&rdev->beacon_registrations_lock);
11661 spin_unlock_bh(&rdev->beacon_registrations_lock);
11666 static int nl80211_start_p2p_device(struct sk_buff *skb, struct genl_info *info)
11668 struct cfg80211_registered_device *rdev = info->user_ptr[0];
11669 struct wireless_dev *wdev = info->user_ptr[1];
11672 if (!rdev->ops->start_p2p_device)
11673 return -EOPNOTSUPP;
11675 if (wdev->iftype != NL80211_IFTYPE_P2P_DEVICE)
11676 return -EOPNOTSUPP;
11678 if (wdev_running(wdev))
11681 if (rfkill_blocked(rdev->rfkill))
11684 err = rdev_start_p2p_device(rdev, wdev);
11688 wdev->is_running = true;
11694 static int nl80211_stop_p2p_device(struct sk_buff *skb, struct genl_info *info)
11696 struct cfg80211_registered_device *rdev = info->user_ptr[0];
11697 struct wireless_dev *wdev = info->user_ptr[1];
11699 if (wdev->iftype != NL80211_IFTYPE_P2P_DEVICE)
11700 return -EOPNOTSUPP;
11702 if (!rdev->ops->stop_p2p_device)
11703 return -EOPNOTSUPP;
11705 cfg80211_stop_p2p_device(rdev, wdev);
11710 static int nl80211_start_nan(struct sk_buff *skb, struct genl_info *info)
11712 struct cfg80211_registered_device *rdev = info->user_ptr[0];
11713 struct wireless_dev *wdev = info->user_ptr[1];
11714 struct cfg80211_nan_conf conf = {};
11717 if (wdev->iftype != NL80211_IFTYPE_NAN)
11718 return -EOPNOTSUPP;
11720 if (wdev_running(wdev))
11723 if (rfkill_blocked(rdev->rfkill))
11726 if (!info->attrs[NL80211_ATTR_NAN_MASTER_PREF])
11730 nla_get_u8(info->attrs[NL80211_ATTR_NAN_MASTER_PREF]);
11732 if (info->attrs[NL80211_ATTR_BANDS]) {
11733 u32 bands = nla_get_u32(info->attrs[NL80211_ATTR_BANDS]);
11735 if (bands & ~(u32)wdev->wiphy->nan_supported_bands)
11736 return -EOPNOTSUPP;
11738 if (bands && !(bands & BIT(NL80211_BAND_2GHZ)))
11741 conf.bands = bands;
11744 err = rdev_start_nan(rdev, wdev, &conf);
11748 wdev->is_running = true;
11754 static int nl80211_stop_nan(struct sk_buff *skb, struct genl_info *info)
11756 struct cfg80211_registered_device *rdev = info->user_ptr[0];
11757 struct wireless_dev *wdev = info->user_ptr[1];
11759 if (wdev->iftype != NL80211_IFTYPE_NAN)
11760 return -EOPNOTSUPP;
11762 cfg80211_stop_nan(rdev, wdev);
11767 static int validate_nan_filter(struct nlattr *filter_attr)
11769 struct nlattr *attr;
11770 int len = 0, n_entries = 0, rem;
11772 nla_for_each_nested(attr, filter_attr, rem) {
11773 len += nla_len(attr);
11783 static int handle_nan_filter(struct nlattr *attr_filter,
11784 struct cfg80211_nan_func *func,
11787 struct nlattr *attr;
11788 int n_entries, rem, i;
11789 struct cfg80211_nan_func_filter *filter;
11791 n_entries = validate_nan_filter(attr_filter);
11795 BUILD_BUG_ON(sizeof(*func->rx_filters) != sizeof(*func->tx_filters));
11797 filter = kcalloc(n_entries, sizeof(*func->rx_filters), GFP_KERNEL);
11802 nla_for_each_nested(attr, attr_filter, rem) {
11803 filter[i].filter = nla_memdup(attr, GFP_KERNEL);
11804 filter[i].len = nla_len(attr);
11808 func->num_tx_filters = n_entries;
11809 func->tx_filters = filter;
11811 func->num_rx_filters = n_entries;
11812 func->rx_filters = filter;
11818 static int nl80211_nan_add_func(struct sk_buff *skb,
11819 struct genl_info *info)
11821 struct cfg80211_registered_device *rdev = info->user_ptr[0];
11822 struct wireless_dev *wdev = info->user_ptr[1];
11823 struct nlattr *tb[NUM_NL80211_NAN_FUNC_ATTR], *func_attr;
11824 struct cfg80211_nan_func *func;
11825 struct sk_buff *msg = NULL;
11829 if (wdev->iftype != NL80211_IFTYPE_NAN)
11830 return -EOPNOTSUPP;
11832 if (!wdev_running(wdev))
11835 if (!info->attrs[NL80211_ATTR_NAN_FUNC])
11838 err = nla_parse_nested(tb, NL80211_NAN_FUNC_ATTR_MAX,
11839 info->attrs[NL80211_ATTR_NAN_FUNC],
11840 nl80211_nan_func_policy, info->extack);
11844 func = kzalloc(sizeof(*func), GFP_KERNEL);
11848 func->cookie = cfg80211_assign_cookie(rdev);
11850 if (!tb[NL80211_NAN_FUNC_TYPE] ||
11851 nla_get_u8(tb[NL80211_NAN_FUNC_TYPE]) > NL80211_NAN_FUNC_MAX_TYPE) {
11857 func->type = nla_get_u8(tb[NL80211_NAN_FUNC_TYPE]);
11859 if (!tb[NL80211_NAN_FUNC_SERVICE_ID]) {
11864 memcpy(func->service_id, nla_data(tb[NL80211_NAN_FUNC_SERVICE_ID]),
11865 sizeof(func->service_id));
11867 func->close_range =
11868 nla_get_flag(tb[NL80211_NAN_FUNC_CLOSE_RANGE]);
11870 if (tb[NL80211_NAN_FUNC_SERVICE_INFO]) {
11871 func->serv_spec_info_len =
11872 nla_len(tb[NL80211_NAN_FUNC_SERVICE_INFO]);
11873 func->serv_spec_info =
11874 kmemdup(nla_data(tb[NL80211_NAN_FUNC_SERVICE_INFO]),
11875 func->serv_spec_info_len,
11877 if (!func->serv_spec_info) {
11883 if (tb[NL80211_NAN_FUNC_TTL])
11884 func->ttl = nla_get_u32(tb[NL80211_NAN_FUNC_TTL]);
11886 switch (func->type) {
11887 case NL80211_NAN_FUNC_PUBLISH:
11888 if (!tb[NL80211_NAN_FUNC_PUBLISH_TYPE]) {
11893 func->publish_type =
11894 nla_get_u8(tb[NL80211_NAN_FUNC_PUBLISH_TYPE]);
11895 func->publish_bcast =
11896 nla_get_flag(tb[NL80211_NAN_FUNC_PUBLISH_BCAST]);
11898 if ((!(func->publish_type & NL80211_NAN_SOLICITED_PUBLISH)) &&
11899 func->publish_bcast) {
11904 case NL80211_NAN_FUNC_SUBSCRIBE:
11905 func->subscribe_active =
11906 nla_get_flag(tb[NL80211_NAN_FUNC_SUBSCRIBE_ACTIVE]);
11908 case NL80211_NAN_FUNC_FOLLOW_UP:
11909 if (!tb[NL80211_NAN_FUNC_FOLLOW_UP_ID] ||
11910 !tb[NL80211_NAN_FUNC_FOLLOW_UP_REQ_ID] ||
11911 !tb[NL80211_NAN_FUNC_FOLLOW_UP_DEST]) {
11916 func->followup_id =
11917 nla_get_u8(tb[NL80211_NAN_FUNC_FOLLOW_UP_ID]);
11918 func->followup_reqid =
11919 nla_get_u8(tb[NL80211_NAN_FUNC_FOLLOW_UP_REQ_ID]);
11920 memcpy(func->followup_dest.addr,
11921 nla_data(tb[NL80211_NAN_FUNC_FOLLOW_UP_DEST]),
11922 sizeof(func->followup_dest.addr));
11933 if (tb[NL80211_NAN_FUNC_SRF]) {
11934 struct nlattr *srf_tb[NUM_NL80211_NAN_SRF_ATTR];
11936 err = nla_parse_nested(srf_tb, NL80211_NAN_SRF_ATTR_MAX,
11937 tb[NL80211_NAN_FUNC_SRF],
11938 nl80211_nan_srf_policy, info->extack);
11942 func->srf_include =
11943 nla_get_flag(srf_tb[NL80211_NAN_SRF_INCLUDE]);
11945 if (srf_tb[NL80211_NAN_SRF_BF]) {
11946 if (srf_tb[NL80211_NAN_SRF_MAC_ADDRS] ||
11947 !srf_tb[NL80211_NAN_SRF_BF_IDX]) {
11953 nla_len(srf_tb[NL80211_NAN_SRF_BF]);
11955 kmemdup(nla_data(srf_tb[NL80211_NAN_SRF_BF]),
11956 func->srf_bf_len, GFP_KERNEL);
11957 if (!func->srf_bf) {
11963 nla_get_u8(srf_tb[NL80211_NAN_SRF_BF_IDX]);
11965 struct nlattr *attr, *mac_attr =
11966 srf_tb[NL80211_NAN_SRF_MAC_ADDRS];
11967 int n_entries, rem, i = 0;
11974 n_entries = validate_acl_mac_addrs(mac_attr);
11975 if (n_entries <= 0) {
11980 func->srf_num_macs = n_entries;
11982 kcalloc(n_entries, sizeof(*func->srf_macs),
11984 if (!func->srf_macs) {
11989 nla_for_each_nested(attr, mac_attr, rem)
11990 memcpy(func->srf_macs[i++].addr, nla_data(attr),
11991 sizeof(*func->srf_macs));
11995 if (tb[NL80211_NAN_FUNC_TX_MATCH_FILTER]) {
11996 err = handle_nan_filter(tb[NL80211_NAN_FUNC_TX_MATCH_FILTER],
12002 if (tb[NL80211_NAN_FUNC_RX_MATCH_FILTER]) {
12003 err = handle_nan_filter(tb[NL80211_NAN_FUNC_RX_MATCH_FILTER],
12009 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
12015 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
12016 NL80211_CMD_ADD_NAN_FUNCTION);
12017 /* This can't really happen - we just allocated 4KB */
12018 if (WARN_ON(!hdr)) {
12023 err = rdev_add_nan_func(rdev, wdev, func);
12026 cfg80211_free_nan_func(func);
12031 /* propagate the instance id and cookie to userspace */
12032 if (nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, func->cookie,
12034 goto nla_put_failure;
12036 func_attr = nla_nest_start(msg, NL80211_ATTR_NAN_FUNC);
12038 goto nla_put_failure;
12040 if (nla_put_u8(msg, NL80211_NAN_FUNC_INSTANCE_ID,
12041 func->instance_id))
12042 goto nla_put_failure;
12044 nla_nest_end(msg, func_attr);
12046 genlmsg_end(msg, hdr);
12047 return genlmsg_reply(msg, info);
12054 static int nl80211_nan_del_func(struct sk_buff *skb,
12055 struct genl_info *info)
12057 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12058 struct wireless_dev *wdev = info->user_ptr[1];
12061 if (wdev->iftype != NL80211_IFTYPE_NAN)
12062 return -EOPNOTSUPP;
12064 if (!wdev_running(wdev))
12067 if (!info->attrs[NL80211_ATTR_COOKIE])
12070 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]);
12072 rdev_del_nan_func(rdev, wdev, cookie);
12077 static int nl80211_nan_change_config(struct sk_buff *skb,
12078 struct genl_info *info)
12080 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12081 struct wireless_dev *wdev = info->user_ptr[1];
12082 struct cfg80211_nan_conf conf = {};
12085 if (wdev->iftype != NL80211_IFTYPE_NAN)
12086 return -EOPNOTSUPP;
12088 if (!wdev_running(wdev))
12091 if (info->attrs[NL80211_ATTR_NAN_MASTER_PREF]) {
12093 nla_get_u8(info->attrs[NL80211_ATTR_NAN_MASTER_PREF]);
12094 if (conf.master_pref <= 1 || conf.master_pref == 255)
12097 changed |= CFG80211_NAN_CONF_CHANGED_PREF;
12100 if (info->attrs[NL80211_ATTR_BANDS]) {
12101 u32 bands = nla_get_u32(info->attrs[NL80211_ATTR_BANDS]);
12103 if (bands & ~(u32)wdev->wiphy->nan_supported_bands)
12104 return -EOPNOTSUPP;
12106 if (bands && !(bands & BIT(NL80211_BAND_2GHZ)))
12109 conf.bands = bands;
12110 changed |= CFG80211_NAN_CONF_CHANGED_BANDS;
12116 return rdev_nan_change_conf(rdev, wdev, &conf, changed);
12119 void cfg80211_nan_match(struct wireless_dev *wdev,
12120 struct cfg80211_nan_match_params *match, gfp_t gfp)
12122 struct wiphy *wiphy = wdev->wiphy;
12123 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
12124 struct nlattr *match_attr, *local_func_attr, *peer_func_attr;
12125 struct sk_buff *msg;
12128 if (WARN_ON(!match->inst_id || !match->peer_inst_id || !match->addr))
12131 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
12135 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NAN_MATCH);
12141 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
12142 (wdev->netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
12143 wdev->netdev->ifindex)) ||
12144 nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
12146 goto nla_put_failure;
12148 if (nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, match->cookie,
12149 NL80211_ATTR_PAD) ||
12150 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, match->addr))
12151 goto nla_put_failure;
12153 match_attr = nla_nest_start(msg, NL80211_ATTR_NAN_MATCH);
12155 goto nla_put_failure;
12157 local_func_attr = nla_nest_start(msg, NL80211_NAN_MATCH_FUNC_LOCAL);
12158 if (!local_func_attr)
12159 goto nla_put_failure;
12161 if (nla_put_u8(msg, NL80211_NAN_FUNC_INSTANCE_ID, match->inst_id))
12162 goto nla_put_failure;
12164 nla_nest_end(msg, local_func_attr);
12166 peer_func_attr = nla_nest_start(msg, NL80211_NAN_MATCH_FUNC_PEER);
12167 if (!peer_func_attr)
12168 goto nla_put_failure;
12170 if (nla_put_u8(msg, NL80211_NAN_FUNC_TYPE, match->type) ||
12171 nla_put_u8(msg, NL80211_NAN_FUNC_INSTANCE_ID, match->peer_inst_id))
12172 goto nla_put_failure;
12174 if (match->info && match->info_len &&
12175 nla_put(msg, NL80211_NAN_FUNC_SERVICE_INFO, match->info_len,
12177 goto nla_put_failure;
12179 nla_nest_end(msg, peer_func_attr);
12180 nla_nest_end(msg, match_attr);
12181 genlmsg_end(msg, hdr);
12183 if (!wdev->owner_nlportid)
12184 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy),
12185 msg, 0, NL80211_MCGRP_NAN, gfp);
12187 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg,
12188 wdev->owner_nlportid);
12195 EXPORT_SYMBOL(cfg80211_nan_match);
12197 void cfg80211_nan_func_terminated(struct wireless_dev *wdev,
12199 enum nl80211_nan_func_term_reason reason,
12200 u64 cookie, gfp_t gfp)
12202 struct wiphy *wiphy = wdev->wiphy;
12203 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
12204 struct sk_buff *msg;
12205 struct nlattr *func_attr;
12208 if (WARN_ON(!inst_id))
12211 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
12215 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DEL_NAN_FUNCTION);
12221 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
12222 (wdev->netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
12223 wdev->netdev->ifindex)) ||
12224 nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
12226 goto nla_put_failure;
12228 if (nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, cookie,
12230 goto nla_put_failure;
12232 func_attr = nla_nest_start(msg, NL80211_ATTR_NAN_FUNC);
12234 goto nla_put_failure;
12236 if (nla_put_u8(msg, NL80211_NAN_FUNC_INSTANCE_ID, inst_id) ||
12237 nla_put_u8(msg, NL80211_NAN_FUNC_TERM_REASON, reason))
12238 goto nla_put_failure;
12240 nla_nest_end(msg, func_attr);
12241 genlmsg_end(msg, hdr);
12243 if (!wdev->owner_nlportid)
12244 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy),
12245 msg, 0, NL80211_MCGRP_NAN, gfp);
12247 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg,
12248 wdev->owner_nlportid);
12255 EXPORT_SYMBOL(cfg80211_nan_func_terminated);
12257 static int nl80211_get_protocol_features(struct sk_buff *skb,
12258 struct genl_info *info)
12261 struct sk_buff *msg;
12263 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
12267 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
12268 NL80211_CMD_GET_PROTOCOL_FEATURES);
12270 goto nla_put_failure;
12272 if (nla_put_u32(msg, NL80211_ATTR_PROTOCOL_FEATURES,
12273 NL80211_PROTOCOL_FEATURE_SPLIT_WIPHY_DUMP))
12274 goto nla_put_failure;
12276 genlmsg_end(msg, hdr);
12277 return genlmsg_reply(msg, info);
12284 static int nl80211_update_ft_ies(struct sk_buff *skb, struct genl_info *info)
12286 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12287 struct cfg80211_update_ft_ies_params ft_params;
12288 struct net_device *dev = info->user_ptr[1];
12290 if (!rdev->ops->update_ft_ies)
12291 return -EOPNOTSUPP;
12293 if (!info->attrs[NL80211_ATTR_MDID] ||
12294 !info->attrs[NL80211_ATTR_IE])
12297 memset(&ft_params, 0, sizeof(ft_params));
12298 ft_params.md = nla_get_u16(info->attrs[NL80211_ATTR_MDID]);
12299 ft_params.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
12300 ft_params.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
12302 return rdev_update_ft_ies(rdev, dev, &ft_params);
12305 static int nl80211_crit_protocol_start(struct sk_buff *skb,
12306 struct genl_info *info)
12308 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12309 struct wireless_dev *wdev = info->user_ptr[1];
12310 enum nl80211_crit_proto_id proto = NL80211_CRIT_PROTO_UNSPEC;
12314 if (!rdev->ops->crit_proto_start)
12315 return -EOPNOTSUPP;
12317 if (WARN_ON(!rdev->ops->crit_proto_stop))
12320 if (rdev->crit_proto_nlportid)
12323 /* determine protocol if provided */
12324 if (info->attrs[NL80211_ATTR_CRIT_PROT_ID])
12325 proto = nla_get_u16(info->attrs[NL80211_ATTR_CRIT_PROT_ID]);
12327 if (proto >= NUM_NL80211_CRIT_PROTO)
12330 /* timeout must be provided */
12331 if (!info->attrs[NL80211_ATTR_MAX_CRIT_PROT_DURATION])
12335 nla_get_u16(info->attrs[NL80211_ATTR_MAX_CRIT_PROT_DURATION]);
12337 if (duration > NL80211_CRIT_PROTO_MAX_DURATION)
12340 ret = rdev_crit_proto_start(rdev, wdev, proto, duration);
12342 rdev->crit_proto_nlportid = info->snd_portid;
12347 static int nl80211_crit_protocol_stop(struct sk_buff *skb,
12348 struct genl_info *info)
12350 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12351 struct wireless_dev *wdev = info->user_ptr[1];
12353 if (!rdev->ops->crit_proto_stop)
12354 return -EOPNOTSUPP;
12356 if (rdev->crit_proto_nlportid) {
12357 rdev->crit_proto_nlportid = 0;
12358 rdev_crit_proto_stop(rdev, wdev);
12363 static int nl80211_vendor_cmd(struct sk_buff *skb, struct genl_info *info)
12365 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12366 struct wireless_dev *wdev =
12367 __cfg80211_wdev_from_attrs(genl_info_net(info), info->attrs);
12371 if (!rdev->wiphy.vendor_commands)
12372 return -EOPNOTSUPP;
12374 if (IS_ERR(wdev)) {
12375 err = PTR_ERR(wdev);
12376 if (err != -EINVAL)
12379 } else if (wdev->wiphy != &rdev->wiphy) {
12383 if (!info->attrs[NL80211_ATTR_VENDOR_ID] ||
12384 !info->attrs[NL80211_ATTR_VENDOR_SUBCMD])
12387 vid = nla_get_u32(info->attrs[NL80211_ATTR_VENDOR_ID]);
12388 subcmd = nla_get_u32(info->attrs[NL80211_ATTR_VENDOR_SUBCMD]);
12389 for (i = 0; i < rdev->wiphy.n_vendor_commands; i++) {
12390 const struct wiphy_vendor_command *vcmd;
12394 vcmd = &rdev->wiphy.vendor_commands[i];
12396 if (vcmd->info.vendor_id != vid || vcmd->info.subcmd != subcmd)
12399 if (vcmd->flags & (WIPHY_VENDOR_CMD_NEED_WDEV |
12400 WIPHY_VENDOR_CMD_NEED_NETDEV)) {
12403 if (vcmd->flags & WIPHY_VENDOR_CMD_NEED_NETDEV &&
12407 if (vcmd->flags & WIPHY_VENDOR_CMD_NEED_RUNNING) {
12408 if (!wdev_running(wdev))
12413 return -EOPNOTSUPP;
12418 if (info->attrs[NL80211_ATTR_VENDOR_DATA]) {
12419 data = nla_data(info->attrs[NL80211_ATTR_VENDOR_DATA]);
12420 len = nla_len(info->attrs[NL80211_ATTR_VENDOR_DATA]);
12423 rdev->cur_cmd_info = info;
12424 err = rdev->wiphy.vendor_commands[i].doit(&rdev->wiphy, wdev,
12426 rdev->cur_cmd_info = NULL;
12430 return -EOPNOTSUPP;
12433 static int nl80211_prepare_vendor_dump(struct sk_buff *skb,
12434 struct netlink_callback *cb,
12435 struct cfg80211_registered_device **rdev,
12436 struct wireless_dev **wdev)
12438 struct nlattr **attrbuf = genl_family_attrbuf(&nl80211_fam);
12444 unsigned int data_len = 0;
12447 /* subtract the 1 again here */
12448 struct wiphy *wiphy = wiphy_idx_to_wiphy(cb->args[0] - 1);
12449 struct wireless_dev *tmp;
12453 *rdev = wiphy_to_rdev(wiphy);
12457 list_for_each_entry(tmp, &wiphy->wdev_list, list) {
12458 if (tmp->identifier == cb->args[1] - 1) {
12465 /* keep rtnl locked in successful case */
12469 err = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize, attrbuf,
12470 nl80211_fam.maxattr, nl80211_policy, NULL);
12474 if (!attrbuf[NL80211_ATTR_VENDOR_ID] ||
12475 !attrbuf[NL80211_ATTR_VENDOR_SUBCMD])
12478 *wdev = __cfg80211_wdev_from_attrs(sock_net(skb->sk), attrbuf);
12482 *rdev = __cfg80211_rdev_from_attrs(sock_net(skb->sk), attrbuf);
12484 return PTR_ERR(*rdev);
12486 vid = nla_get_u32(attrbuf[NL80211_ATTR_VENDOR_ID]);
12487 subcmd = nla_get_u32(attrbuf[NL80211_ATTR_VENDOR_SUBCMD]);
12489 for (i = 0; i < (*rdev)->wiphy.n_vendor_commands; i++) {
12490 const struct wiphy_vendor_command *vcmd;
12492 vcmd = &(*rdev)->wiphy.vendor_commands[i];
12494 if (vcmd->info.vendor_id != vid || vcmd->info.subcmd != subcmd)
12498 return -EOPNOTSUPP;
12505 return -EOPNOTSUPP;
12507 if (attrbuf[NL80211_ATTR_VENDOR_DATA]) {
12508 data = nla_data(attrbuf[NL80211_ATTR_VENDOR_DATA]);
12509 data_len = nla_len(attrbuf[NL80211_ATTR_VENDOR_DATA]);
12512 /* 0 is the first index - add 1 to parse only once */
12513 cb->args[0] = (*rdev)->wiphy_idx + 1;
12514 /* add 1 to know if it was NULL */
12515 cb->args[1] = *wdev ? (*wdev)->identifier + 1 : 0;
12516 cb->args[2] = vcmd_idx;
12517 cb->args[3] = (unsigned long)data;
12518 cb->args[4] = data_len;
12520 /* keep rtnl locked in successful case */
12524 static int nl80211_vendor_cmd_dump(struct sk_buff *skb,
12525 struct netlink_callback *cb)
12527 struct cfg80211_registered_device *rdev;
12528 struct wireless_dev *wdev;
12529 unsigned int vcmd_idx;
12530 const struct wiphy_vendor_command *vcmd;
12534 struct nlattr *vendor_data;
12537 err = nl80211_prepare_vendor_dump(skb, cb, &rdev, &wdev);
12541 vcmd_idx = cb->args[2];
12542 data = (void *)cb->args[3];
12543 data_len = cb->args[4];
12544 vcmd = &rdev->wiphy.vendor_commands[vcmd_idx];
12546 if (vcmd->flags & (WIPHY_VENDOR_CMD_NEED_WDEV |
12547 WIPHY_VENDOR_CMD_NEED_NETDEV)) {
12552 if (vcmd->flags & WIPHY_VENDOR_CMD_NEED_NETDEV &&
12558 if (vcmd->flags & WIPHY_VENDOR_CMD_NEED_RUNNING) {
12559 if (!wdev_running(wdev)) {
12567 void *hdr = nl80211hdr_put(skb, NETLINK_CB(cb->skb).portid,
12568 cb->nlh->nlmsg_seq, NLM_F_MULTI,
12569 NL80211_CMD_VENDOR);
12573 if (nla_put_u32(skb, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
12574 (wdev && nla_put_u64_64bit(skb, NL80211_ATTR_WDEV,
12576 NL80211_ATTR_PAD))) {
12577 genlmsg_cancel(skb, hdr);
12581 vendor_data = nla_nest_start(skb, NL80211_ATTR_VENDOR_DATA);
12582 if (!vendor_data) {
12583 genlmsg_cancel(skb, hdr);
12587 err = vcmd->dumpit(&rdev->wiphy, wdev, skb, data, data_len,
12588 (unsigned long *)&cb->args[5]);
12589 nla_nest_end(skb, vendor_data);
12591 if (err == -ENOBUFS || err == -ENOENT) {
12592 genlmsg_cancel(skb, hdr);
12595 genlmsg_cancel(skb, hdr);
12599 genlmsg_end(skb, hdr);
12608 struct sk_buff *__cfg80211_alloc_reply_skb(struct wiphy *wiphy,
12609 enum nl80211_commands cmd,
12610 enum nl80211_attrs attr,
12613 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
12615 if (WARN_ON(!rdev->cur_cmd_info))
12618 return __cfg80211_alloc_vendor_skb(rdev, NULL, approxlen,
12619 rdev->cur_cmd_info->snd_portid,
12620 rdev->cur_cmd_info->snd_seq,
12621 cmd, attr, NULL, GFP_KERNEL);
12623 EXPORT_SYMBOL(__cfg80211_alloc_reply_skb);
12625 int cfg80211_vendor_cmd_reply(struct sk_buff *skb)
12627 struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0];
12628 void *hdr = ((void **)skb->cb)[1];
12629 struct nlattr *data = ((void **)skb->cb)[2];
12631 /* clear CB data for netlink core to own from now on */
12632 memset(skb->cb, 0, sizeof(skb->cb));
12634 if (WARN_ON(!rdev->cur_cmd_info)) {
12639 nla_nest_end(skb, data);
12640 genlmsg_end(skb, hdr);
12641 return genlmsg_reply(skb, rdev->cur_cmd_info);
12643 EXPORT_SYMBOL_GPL(cfg80211_vendor_cmd_reply);
12645 static int nl80211_set_qos_map(struct sk_buff *skb,
12646 struct genl_info *info)
12648 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12649 struct cfg80211_qos_map *qos_map = NULL;
12650 struct net_device *dev = info->user_ptr[1];
12651 u8 *pos, len, num_des, des_len, des;
12654 if (!rdev->ops->set_qos_map)
12655 return -EOPNOTSUPP;
12657 if (info->attrs[NL80211_ATTR_QOS_MAP]) {
12658 pos = nla_data(info->attrs[NL80211_ATTR_QOS_MAP]);
12659 len = nla_len(info->attrs[NL80211_ATTR_QOS_MAP]);
12661 if (len % 2 || len < IEEE80211_QOS_MAP_LEN_MIN ||
12662 len > IEEE80211_QOS_MAP_LEN_MAX)
12665 qos_map = kzalloc(sizeof(struct cfg80211_qos_map), GFP_KERNEL);
12669 num_des = (len - IEEE80211_QOS_MAP_LEN_MIN) >> 1;
12671 des_len = num_des *
12672 sizeof(struct cfg80211_dscp_exception);
12673 memcpy(qos_map->dscp_exception, pos, des_len);
12674 qos_map->num_des = num_des;
12675 for (des = 0; des < num_des; des++) {
12676 if (qos_map->dscp_exception[des].up > 7) {
12683 memcpy(qos_map->up, pos, IEEE80211_QOS_MAP_LEN_MIN);
12686 wdev_lock(dev->ieee80211_ptr);
12687 ret = nl80211_key_allowed(dev->ieee80211_ptr);
12689 ret = rdev_set_qos_map(rdev, dev, qos_map);
12690 wdev_unlock(dev->ieee80211_ptr);
12696 static int nl80211_add_tx_ts(struct sk_buff *skb, struct genl_info *info)
12698 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12699 struct net_device *dev = info->user_ptr[1];
12700 struct wireless_dev *wdev = dev->ieee80211_ptr;
12703 u16 admitted_time = 0;
12706 if (!(rdev->wiphy.features & NL80211_FEATURE_SUPPORTS_WMM_ADMISSION))
12707 return -EOPNOTSUPP;
12709 if (!info->attrs[NL80211_ATTR_TSID] || !info->attrs[NL80211_ATTR_MAC] ||
12710 !info->attrs[NL80211_ATTR_USER_PRIO])
12713 tsid = nla_get_u8(info->attrs[NL80211_ATTR_TSID]);
12714 up = nla_get_u8(info->attrs[NL80211_ATTR_USER_PRIO]);
12716 /* WMM uses TIDs 0-7 even for TSPEC */
12717 if (tsid >= IEEE80211_FIRST_TSPEC_TSID) {
12718 /* TODO: handle 802.11 TSPEC/admission control
12719 * need more attributes for that (e.g. BA session requirement);
12720 * change the WMM adminssion test above to allow both then
12725 peer = nla_data(info->attrs[NL80211_ATTR_MAC]);
12727 if (info->attrs[NL80211_ATTR_ADMITTED_TIME]) {
12729 nla_get_u16(info->attrs[NL80211_ATTR_ADMITTED_TIME]);
12730 if (!admitted_time)
12735 switch (wdev->iftype) {
12736 case NL80211_IFTYPE_STATION:
12737 case NL80211_IFTYPE_P2P_CLIENT:
12738 if (wdev->current_bss)
12747 err = rdev_add_tx_ts(rdev, dev, tsid, peer, up, admitted_time);
12754 static int nl80211_del_tx_ts(struct sk_buff *skb, struct genl_info *info)
12756 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12757 struct net_device *dev = info->user_ptr[1];
12758 struct wireless_dev *wdev = dev->ieee80211_ptr;
12763 if (!info->attrs[NL80211_ATTR_TSID] || !info->attrs[NL80211_ATTR_MAC])
12766 tsid = nla_get_u8(info->attrs[NL80211_ATTR_TSID]);
12767 peer = nla_data(info->attrs[NL80211_ATTR_MAC]);
12770 err = rdev_del_tx_ts(rdev, dev, tsid, peer);
12776 static int nl80211_tdls_channel_switch(struct sk_buff *skb,
12777 struct genl_info *info)
12779 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12780 struct net_device *dev = info->user_ptr[1];
12781 struct wireless_dev *wdev = dev->ieee80211_ptr;
12782 struct cfg80211_chan_def chandef = {};
12787 if (!rdev->ops->tdls_channel_switch ||
12788 !(rdev->wiphy.features & NL80211_FEATURE_TDLS_CHANNEL_SWITCH))
12789 return -EOPNOTSUPP;
12791 switch (dev->ieee80211_ptr->iftype) {
12792 case NL80211_IFTYPE_STATION:
12793 case NL80211_IFTYPE_P2P_CLIENT:
12796 return -EOPNOTSUPP;
12799 if (!info->attrs[NL80211_ATTR_MAC] ||
12800 !info->attrs[NL80211_ATTR_OPER_CLASS])
12803 err = nl80211_parse_chandef(rdev, info, &chandef);
12808 * Don't allow wide channels on the 2.4Ghz band, as per IEEE802.11-2012
12809 * section 10.22.6.2.1. Disallow 5/10Mhz channels as well for now, the
12810 * specification is not defined for them.
12812 if (chandef.chan->band == NL80211_BAND_2GHZ &&
12813 chandef.width != NL80211_CHAN_WIDTH_20_NOHT &&
12814 chandef.width != NL80211_CHAN_WIDTH_20)
12817 /* we will be active on the TDLS link */
12818 if (!cfg80211_reg_can_beacon_relax(&rdev->wiphy, &chandef,
12822 /* don't allow switching to DFS channels */
12823 if (cfg80211_chandef_dfs_required(wdev->wiphy, &chandef, wdev->iftype))
12826 addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
12827 oper_class = nla_get_u8(info->attrs[NL80211_ATTR_OPER_CLASS]);
12830 err = rdev_tdls_channel_switch(rdev, dev, addr, oper_class, &chandef);
12836 static int nl80211_tdls_cancel_channel_switch(struct sk_buff *skb,
12837 struct genl_info *info)
12839 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12840 struct net_device *dev = info->user_ptr[1];
12841 struct wireless_dev *wdev = dev->ieee80211_ptr;
12844 if (!rdev->ops->tdls_channel_switch ||
12845 !rdev->ops->tdls_cancel_channel_switch ||
12846 !(rdev->wiphy.features & NL80211_FEATURE_TDLS_CHANNEL_SWITCH))
12847 return -EOPNOTSUPP;
12849 switch (dev->ieee80211_ptr->iftype) {
12850 case NL80211_IFTYPE_STATION:
12851 case NL80211_IFTYPE_P2P_CLIENT:
12854 return -EOPNOTSUPP;
12857 if (!info->attrs[NL80211_ATTR_MAC])
12860 addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
12863 rdev_tdls_cancel_channel_switch(rdev, dev, addr);
12869 static int nl80211_set_multicast_to_unicast(struct sk_buff *skb,
12870 struct genl_info *info)
12872 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12873 struct net_device *dev = info->user_ptr[1];
12874 struct wireless_dev *wdev = dev->ieee80211_ptr;
12875 const struct nlattr *nla;
12878 if (!rdev->ops->set_multicast_to_unicast)
12879 return -EOPNOTSUPP;
12881 if (wdev->iftype != NL80211_IFTYPE_AP &&
12882 wdev->iftype != NL80211_IFTYPE_P2P_GO)
12883 return -EOPNOTSUPP;
12885 nla = info->attrs[NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED];
12886 enabled = nla_get_flag(nla);
12888 return rdev_set_multicast_to_unicast(rdev, dev, enabled);
12891 static int nl80211_set_pmk(struct sk_buff *skb, struct genl_info *info)
12893 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12894 struct net_device *dev = info->user_ptr[1];
12895 struct wireless_dev *wdev = dev->ieee80211_ptr;
12896 struct cfg80211_pmk_conf pmk_conf = {};
12899 if (wdev->iftype != NL80211_IFTYPE_STATION &&
12900 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT)
12901 return -EOPNOTSUPP;
12903 if (!wiphy_ext_feature_isset(&rdev->wiphy,
12904 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X))
12905 return -EOPNOTSUPP;
12907 if (!info->attrs[NL80211_ATTR_MAC] || !info->attrs[NL80211_ATTR_PMK])
12911 if (!wdev->current_bss) {
12916 pmk_conf.aa = nla_data(info->attrs[NL80211_ATTR_MAC]);
12917 if (memcmp(pmk_conf.aa, wdev->current_bss->pub.bssid, ETH_ALEN)) {
12922 pmk_conf.pmk = nla_data(info->attrs[NL80211_ATTR_PMK]);
12923 pmk_conf.pmk_len = nla_len(info->attrs[NL80211_ATTR_PMK]);
12924 if (pmk_conf.pmk_len != WLAN_PMK_LEN &&
12925 pmk_conf.pmk_len != WLAN_PMK_LEN_SUITE_B_192) {
12930 if (info->attrs[NL80211_ATTR_PMKR0_NAME]) {
12931 int r0_name_len = nla_len(info->attrs[NL80211_ATTR_PMKR0_NAME]);
12933 if (r0_name_len != WLAN_PMK_NAME_LEN) {
12938 pmk_conf.pmk_r0_name =
12939 nla_data(info->attrs[NL80211_ATTR_PMKR0_NAME]);
12942 ret = rdev_set_pmk(rdev, dev, &pmk_conf);
12948 static int nl80211_del_pmk(struct sk_buff *skb, struct genl_info *info)
12950 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12951 struct net_device *dev = info->user_ptr[1];
12952 struct wireless_dev *wdev = dev->ieee80211_ptr;
12956 if (wdev->iftype != NL80211_IFTYPE_STATION &&
12957 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT)
12958 return -EOPNOTSUPP;
12960 if (!wiphy_ext_feature_isset(&rdev->wiphy,
12961 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X))
12962 return -EOPNOTSUPP;
12964 if (!info->attrs[NL80211_ATTR_MAC])
12968 aa = nla_data(info->attrs[NL80211_ATTR_MAC]);
12969 ret = rdev_del_pmk(rdev, dev, aa);
12975 static int nl80211_external_auth(struct sk_buff *skb, struct genl_info *info)
12977 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12978 struct net_device *dev = info->user_ptr[1];
12979 struct cfg80211_external_auth_params params;
12981 if (!rdev->ops->external_auth)
12982 return -EOPNOTSUPP;
12984 if (!info->attrs[NL80211_ATTR_SSID])
12987 if (!info->attrs[NL80211_ATTR_BSSID])
12990 if (!info->attrs[NL80211_ATTR_STATUS_CODE])
12993 memset(¶ms, 0, sizeof(params));
12995 params.ssid.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
12996 if (params.ssid.ssid_len == 0 ||
12997 params.ssid.ssid_len > IEEE80211_MAX_SSID_LEN)
12999 memcpy(params.ssid.ssid, nla_data(info->attrs[NL80211_ATTR_SSID]),
13000 params.ssid.ssid_len);
13002 memcpy(params.bssid, nla_data(info->attrs[NL80211_ATTR_BSSID]),
13005 params.status = nla_get_u16(info->attrs[NL80211_ATTR_STATUS_CODE]);
13007 return rdev_external_auth(rdev, dev, ¶ms);
13010 static int nl80211_tx_control_port(struct sk_buff *skb, struct genl_info *info)
13012 struct cfg80211_registered_device *rdev = info->user_ptr[0];
13013 struct net_device *dev = info->user_ptr[1];
13014 struct wireless_dev *wdev = dev->ieee80211_ptr;
13022 if (!wiphy_ext_feature_isset(&rdev->wiphy,
13023 NL80211_EXT_FEATURE_CONTROL_PORT_OVER_NL80211))
13024 return -EOPNOTSUPP;
13026 if (!rdev->ops->tx_control_port)
13027 return -EOPNOTSUPP;
13029 if (!info->attrs[NL80211_ATTR_FRAME] ||
13030 !info->attrs[NL80211_ATTR_MAC] ||
13031 !info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]) {
13032 GENL_SET_ERR_MSG(info, "Frame, MAC or ethertype missing");
13038 switch (wdev->iftype) {
13039 case NL80211_IFTYPE_AP:
13040 case NL80211_IFTYPE_P2P_GO:
13041 case NL80211_IFTYPE_MESH_POINT:
13043 case NL80211_IFTYPE_ADHOC:
13044 case NL80211_IFTYPE_STATION:
13045 case NL80211_IFTYPE_P2P_CLIENT:
13046 if (wdev->current_bss)
13057 buf = nla_data(info->attrs[NL80211_ATTR_FRAME]);
13058 len = nla_len(info->attrs[NL80211_ATTR_FRAME]);
13059 dest = nla_data(info->attrs[NL80211_ATTR_MAC]);
13060 proto = nla_get_u16(info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]);
13062 nla_get_flag(info->attrs[NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT]);
13064 return rdev_tx_control_port(rdev, dev, buf, len,
13065 dest, cpu_to_be16(proto), noencrypt);
13072 static int nl80211_get_ftm_responder_stats(struct sk_buff *skb,
13073 struct genl_info *info)
13075 struct cfg80211_registered_device *rdev = info->user_ptr[0];
13076 struct net_device *dev = info->user_ptr[1];
13077 struct wireless_dev *wdev = dev->ieee80211_ptr;
13078 struct cfg80211_ftm_responder_stats ftm_stats = {};
13079 struct sk_buff *msg;
13081 struct nlattr *ftm_stats_attr;
13084 if (wdev->iftype != NL80211_IFTYPE_AP || !wdev->beacon_interval)
13085 return -EOPNOTSUPP;
13087 err = rdev_get_ftm_responder_stats(rdev, dev, &ftm_stats);
13091 if (!ftm_stats.filled)
13094 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
13098 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
13099 NL80211_CMD_GET_FTM_RESPONDER_STATS);
13103 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex))
13104 goto nla_put_failure;
13106 ftm_stats_attr = nla_nest_start(msg, NL80211_ATTR_FTM_RESPONDER_STATS);
13107 if (!ftm_stats_attr)
13108 goto nla_put_failure;
13110 #define SET_FTM(field, name, type) \
13111 do { if ((ftm_stats.filled & BIT(NL80211_FTM_STATS_ ## name)) && \
13112 nla_put_ ## type(msg, NL80211_FTM_STATS_ ## name, \
13113 ftm_stats.field)) \
13114 goto nla_put_failure; } while (0)
13115 #define SET_FTM_U64(field, name) \
13116 do { if ((ftm_stats.filled & BIT(NL80211_FTM_STATS_ ## name)) && \
13117 nla_put_u64_64bit(msg, NL80211_FTM_STATS_ ## name, \
13118 ftm_stats.field, NL80211_FTM_STATS_PAD)) \
13119 goto nla_put_failure; } while (0)
13121 SET_FTM(success_num, SUCCESS_NUM, u32);
13122 SET_FTM(partial_num, PARTIAL_NUM, u32);
13123 SET_FTM(failed_num, FAILED_NUM, u32);
13124 SET_FTM(asap_num, ASAP_NUM, u32);
13125 SET_FTM(non_asap_num, NON_ASAP_NUM, u32);
13126 SET_FTM_U64(total_duration_ms, TOTAL_DURATION_MSEC);
13127 SET_FTM(unknown_triggers_num, UNKNOWN_TRIGGERS_NUM, u32);
13128 SET_FTM(reschedule_requests_num, RESCHEDULE_REQUESTS_NUM, u32);
13129 SET_FTM(out_of_window_triggers_num, OUT_OF_WINDOW_TRIGGERS_NUM, u32);
13132 nla_nest_end(msg, ftm_stats_attr);
13134 genlmsg_end(msg, hdr);
13135 return genlmsg_reply(msg, info);
13142 #define NL80211_FLAG_NEED_WIPHY 0x01
13143 #define NL80211_FLAG_NEED_NETDEV 0x02
13144 #define NL80211_FLAG_NEED_RTNL 0x04
13145 #define NL80211_FLAG_CHECK_NETDEV_UP 0x08
13146 #define NL80211_FLAG_NEED_NETDEV_UP (NL80211_FLAG_NEED_NETDEV |\
13147 NL80211_FLAG_CHECK_NETDEV_UP)
13148 #define NL80211_FLAG_NEED_WDEV 0x10
13149 /* If a netdev is associated, it must be UP, P2P must be started */
13150 #define NL80211_FLAG_NEED_WDEV_UP (NL80211_FLAG_NEED_WDEV |\
13151 NL80211_FLAG_CHECK_NETDEV_UP)
13152 #define NL80211_FLAG_CLEAR_SKB 0x20
13154 static int nl80211_pre_doit(const struct genl_ops *ops, struct sk_buff *skb,
13155 struct genl_info *info)
13157 struct cfg80211_registered_device *rdev;
13158 struct wireless_dev *wdev;
13159 struct net_device *dev;
13160 bool rtnl = ops->internal_flags & NL80211_FLAG_NEED_RTNL;
13165 if (ops->internal_flags & NL80211_FLAG_NEED_WIPHY) {
13166 rdev = cfg80211_get_dev_from_info(genl_info_net(info), info);
13167 if (IS_ERR(rdev)) {
13170 return PTR_ERR(rdev);
13172 info->user_ptr[0] = rdev;
13173 } else if (ops->internal_flags & NL80211_FLAG_NEED_NETDEV ||
13174 ops->internal_flags & NL80211_FLAG_NEED_WDEV) {
13177 wdev = __cfg80211_wdev_from_attrs(genl_info_net(info),
13179 if (IS_ERR(wdev)) {
13182 return PTR_ERR(wdev);
13185 dev = wdev->netdev;
13186 rdev = wiphy_to_rdev(wdev->wiphy);
13188 if (ops->internal_flags & NL80211_FLAG_NEED_NETDEV) {
13195 info->user_ptr[1] = dev;
13197 info->user_ptr[1] = wdev;
13200 if (ops->internal_flags & NL80211_FLAG_CHECK_NETDEV_UP &&
13201 !wdev_running(wdev)) {
13210 info->user_ptr[0] = rdev;
13216 static void nl80211_post_doit(const struct genl_ops *ops, struct sk_buff *skb,
13217 struct genl_info *info)
13219 if (info->user_ptr[1]) {
13220 if (ops->internal_flags & NL80211_FLAG_NEED_WDEV) {
13221 struct wireless_dev *wdev = info->user_ptr[1];
13224 dev_put(wdev->netdev);
13226 dev_put(info->user_ptr[1]);
13230 if (ops->internal_flags & NL80211_FLAG_NEED_RTNL)
13233 /* If needed, clear the netlink message payload from the SKB
13234 * as it might contain key data that shouldn't stick around on
13235 * the heap after the SKB is freed. The netlink message header
13236 * is still needed for further processing, so leave it intact.
13238 if (ops->internal_flags & NL80211_FLAG_CLEAR_SKB) {
13239 struct nlmsghdr *nlh = nlmsg_hdr(skb);
13241 memset(nlmsg_data(nlh), 0, nlmsg_len(nlh));
13245 static const struct genl_ops nl80211_ops[] = {
13247 .cmd = NL80211_CMD_GET_WIPHY,
13248 .doit = nl80211_get_wiphy,
13249 .dumpit = nl80211_dump_wiphy,
13250 .done = nl80211_dump_wiphy_done,
13251 .policy = nl80211_policy,
13252 /* can be retrieved by unprivileged users */
13253 .internal_flags = NL80211_FLAG_NEED_WIPHY |
13254 NL80211_FLAG_NEED_RTNL,
13257 .cmd = NL80211_CMD_SET_WIPHY,
13258 .doit = nl80211_set_wiphy,
13259 .policy = nl80211_policy,
13260 .flags = GENL_UNS_ADMIN_PERM,
13261 .internal_flags = NL80211_FLAG_NEED_RTNL,
13264 .cmd = NL80211_CMD_GET_INTERFACE,
13265 .doit = nl80211_get_interface,
13266 .dumpit = nl80211_dump_interface,
13267 .policy = nl80211_policy,
13268 /* can be retrieved by unprivileged users */
13269 .internal_flags = NL80211_FLAG_NEED_WDEV |
13270 NL80211_FLAG_NEED_RTNL,
13273 .cmd = NL80211_CMD_SET_INTERFACE,
13274 .doit = nl80211_set_interface,
13275 .policy = nl80211_policy,
13276 .flags = GENL_UNS_ADMIN_PERM,
13277 .internal_flags = NL80211_FLAG_NEED_NETDEV |
13278 NL80211_FLAG_NEED_RTNL,
13281 .cmd = NL80211_CMD_NEW_INTERFACE,
13282 .doit = nl80211_new_interface,
13283 .policy = nl80211_policy,
13284 .flags = GENL_UNS_ADMIN_PERM,
13285 .internal_flags = NL80211_FLAG_NEED_WIPHY |
13286 NL80211_FLAG_NEED_RTNL,
13289 .cmd = NL80211_CMD_DEL_INTERFACE,
13290 .doit = nl80211_del_interface,
13291 .policy = nl80211_policy,
13292 .flags = GENL_UNS_ADMIN_PERM,
13293 .internal_flags = NL80211_FLAG_NEED_WDEV |
13294 NL80211_FLAG_NEED_RTNL,
13297 .cmd = NL80211_CMD_GET_KEY,
13298 .doit = nl80211_get_key,
13299 .policy = nl80211_policy,
13300 .flags = GENL_UNS_ADMIN_PERM,
13301 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13302 NL80211_FLAG_NEED_RTNL,
13305 .cmd = NL80211_CMD_SET_KEY,
13306 .doit = nl80211_set_key,
13307 .policy = nl80211_policy,
13308 .flags = GENL_UNS_ADMIN_PERM,
13309 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13310 NL80211_FLAG_NEED_RTNL |
13311 NL80211_FLAG_CLEAR_SKB,
13314 .cmd = NL80211_CMD_NEW_KEY,
13315 .doit = nl80211_new_key,
13316 .policy = nl80211_policy,
13317 .flags = GENL_UNS_ADMIN_PERM,
13318 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13319 NL80211_FLAG_NEED_RTNL |
13320 NL80211_FLAG_CLEAR_SKB,
13323 .cmd = NL80211_CMD_DEL_KEY,
13324 .doit = nl80211_del_key,
13325 .policy = nl80211_policy,
13326 .flags = GENL_UNS_ADMIN_PERM,
13327 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13328 NL80211_FLAG_NEED_RTNL,
13331 .cmd = NL80211_CMD_SET_BEACON,
13332 .policy = nl80211_policy,
13333 .flags = GENL_UNS_ADMIN_PERM,
13334 .doit = nl80211_set_beacon,
13335 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13336 NL80211_FLAG_NEED_RTNL,
13339 .cmd = NL80211_CMD_START_AP,
13340 .policy = nl80211_policy,
13341 .flags = GENL_UNS_ADMIN_PERM,
13342 .doit = nl80211_start_ap,
13343 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13344 NL80211_FLAG_NEED_RTNL,
13347 .cmd = NL80211_CMD_STOP_AP,
13348 .policy = nl80211_policy,
13349 .flags = GENL_UNS_ADMIN_PERM,
13350 .doit = nl80211_stop_ap,
13351 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13352 NL80211_FLAG_NEED_RTNL,
13355 .cmd = NL80211_CMD_GET_STATION,
13356 .doit = nl80211_get_station,
13357 .dumpit = nl80211_dump_station,
13358 .policy = nl80211_policy,
13359 .internal_flags = NL80211_FLAG_NEED_NETDEV |
13360 NL80211_FLAG_NEED_RTNL,
13363 .cmd = NL80211_CMD_SET_STATION,
13364 .doit = nl80211_set_station,
13365 .policy = nl80211_policy,
13366 .flags = GENL_UNS_ADMIN_PERM,
13367 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13368 NL80211_FLAG_NEED_RTNL,
13371 .cmd = NL80211_CMD_NEW_STATION,
13372 .doit = nl80211_new_station,
13373 .policy = nl80211_policy,
13374 .flags = GENL_UNS_ADMIN_PERM,
13375 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13376 NL80211_FLAG_NEED_RTNL,
13379 .cmd = NL80211_CMD_DEL_STATION,
13380 .doit = nl80211_del_station,
13381 .policy = nl80211_policy,
13382 .flags = GENL_UNS_ADMIN_PERM,
13383 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13384 NL80211_FLAG_NEED_RTNL,
13387 .cmd = NL80211_CMD_GET_MPATH,
13388 .doit = nl80211_get_mpath,
13389 .dumpit = nl80211_dump_mpath,
13390 .policy = nl80211_policy,
13391 .flags = GENL_UNS_ADMIN_PERM,
13392 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13393 NL80211_FLAG_NEED_RTNL,
13396 .cmd = NL80211_CMD_GET_MPP,
13397 .doit = nl80211_get_mpp,
13398 .dumpit = nl80211_dump_mpp,
13399 .policy = nl80211_policy,
13400 .flags = GENL_UNS_ADMIN_PERM,
13401 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13402 NL80211_FLAG_NEED_RTNL,
13405 .cmd = NL80211_CMD_SET_MPATH,
13406 .doit = nl80211_set_mpath,
13407 .policy = nl80211_policy,
13408 .flags = GENL_UNS_ADMIN_PERM,
13409 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13410 NL80211_FLAG_NEED_RTNL,
13413 .cmd = NL80211_CMD_NEW_MPATH,
13414 .doit = nl80211_new_mpath,
13415 .policy = nl80211_policy,
13416 .flags = GENL_UNS_ADMIN_PERM,
13417 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13418 NL80211_FLAG_NEED_RTNL,
13421 .cmd = NL80211_CMD_DEL_MPATH,
13422 .doit = nl80211_del_mpath,
13423 .policy = nl80211_policy,
13424 .flags = GENL_UNS_ADMIN_PERM,
13425 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13426 NL80211_FLAG_NEED_RTNL,
13429 .cmd = NL80211_CMD_SET_BSS,
13430 .doit = nl80211_set_bss,
13431 .policy = nl80211_policy,
13432 .flags = GENL_UNS_ADMIN_PERM,
13433 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13434 NL80211_FLAG_NEED_RTNL,
13437 .cmd = NL80211_CMD_GET_REG,
13438 .doit = nl80211_get_reg_do,
13439 .dumpit = nl80211_get_reg_dump,
13440 .policy = nl80211_policy,
13441 .internal_flags = NL80211_FLAG_NEED_RTNL,
13442 /* can be retrieved by unprivileged users */
13444 #ifdef CONFIG_CFG80211_CRDA_SUPPORT
13446 .cmd = NL80211_CMD_SET_REG,
13447 .doit = nl80211_set_reg,
13448 .policy = nl80211_policy,
13449 .flags = GENL_ADMIN_PERM,
13450 .internal_flags = NL80211_FLAG_NEED_RTNL,
13454 .cmd = NL80211_CMD_REQ_SET_REG,
13455 .doit = nl80211_req_set_reg,
13456 .policy = nl80211_policy,
13457 .flags = GENL_ADMIN_PERM,
13460 .cmd = NL80211_CMD_RELOAD_REGDB,
13461 .doit = nl80211_reload_regdb,
13462 .policy = nl80211_policy,
13463 .flags = GENL_ADMIN_PERM,
13466 .cmd = NL80211_CMD_GET_MESH_CONFIG,
13467 .doit = nl80211_get_mesh_config,
13468 .policy = nl80211_policy,
13469 /* can be retrieved by unprivileged users */
13470 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13471 NL80211_FLAG_NEED_RTNL,
13474 .cmd = NL80211_CMD_SET_MESH_CONFIG,
13475 .doit = nl80211_update_mesh_config,
13476 .policy = nl80211_policy,
13477 .flags = GENL_UNS_ADMIN_PERM,
13478 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13479 NL80211_FLAG_NEED_RTNL,
13482 .cmd = NL80211_CMD_TRIGGER_SCAN,
13483 .doit = nl80211_trigger_scan,
13484 .policy = nl80211_policy,
13485 .flags = GENL_UNS_ADMIN_PERM,
13486 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
13487 NL80211_FLAG_NEED_RTNL,
13490 .cmd = NL80211_CMD_ABORT_SCAN,
13491 .doit = nl80211_abort_scan,
13492 .policy = nl80211_policy,
13493 .flags = GENL_UNS_ADMIN_PERM,
13494 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
13495 NL80211_FLAG_NEED_RTNL,
13498 .cmd = NL80211_CMD_GET_SCAN,
13499 .policy = nl80211_policy,
13500 .dumpit = nl80211_dump_scan,
13503 .cmd = NL80211_CMD_START_SCHED_SCAN,
13504 .doit = nl80211_start_sched_scan,
13505 .policy = nl80211_policy,
13506 .flags = GENL_UNS_ADMIN_PERM,
13507 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13508 NL80211_FLAG_NEED_RTNL,
13511 .cmd = NL80211_CMD_STOP_SCHED_SCAN,
13512 .doit = nl80211_stop_sched_scan,
13513 .policy = nl80211_policy,
13514 .flags = GENL_UNS_ADMIN_PERM,
13515 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13516 NL80211_FLAG_NEED_RTNL,
13519 .cmd = NL80211_CMD_AUTHENTICATE,
13520 .doit = nl80211_authenticate,
13521 .policy = nl80211_policy,
13522 .flags = GENL_UNS_ADMIN_PERM,
13523 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13524 NL80211_FLAG_NEED_RTNL |
13525 NL80211_FLAG_CLEAR_SKB,
13528 .cmd = NL80211_CMD_ASSOCIATE,
13529 .doit = nl80211_associate,
13530 .policy = nl80211_policy,
13531 .flags = GENL_UNS_ADMIN_PERM,
13532 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13533 NL80211_FLAG_NEED_RTNL,
13536 .cmd = NL80211_CMD_DEAUTHENTICATE,
13537 .doit = nl80211_deauthenticate,
13538 .policy = nl80211_policy,
13539 .flags = GENL_UNS_ADMIN_PERM,
13540 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13541 NL80211_FLAG_NEED_RTNL,
13544 .cmd = NL80211_CMD_DISASSOCIATE,
13545 .doit = nl80211_disassociate,
13546 .policy = nl80211_policy,
13547 .flags = GENL_UNS_ADMIN_PERM,
13548 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13549 NL80211_FLAG_NEED_RTNL,
13552 .cmd = NL80211_CMD_JOIN_IBSS,
13553 .doit = nl80211_join_ibss,
13554 .policy = nl80211_policy,
13555 .flags = GENL_UNS_ADMIN_PERM,
13556 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13557 NL80211_FLAG_NEED_RTNL,
13560 .cmd = NL80211_CMD_LEAVE_IBSS,
13561 .doit = nl80211_leave_ibss,
13562 .policy = nl80211_policy,
13563 .flags = GENL_UNS_ADMIN_PERM,
13564 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13565 NL80211_FLAG_NEED_RTNL,
13567 #ifdef CONFIG_NL80211_TESTMODE
13569 .cmd = NL80211_CMD_TESTMODE,
13570 .doit = nl80211_testmode_do,
13571 .dumpit = nl80211_testmode_dump,
13572 .policy = nl80211_policy,
13573 .flags = GENL_UNS_ADMIN_PERM,
13574 .internal_flags = NL80211_FLAG_NEED_WIPHY |
13575 NL80211_FLAG_NEED_RTNL,
13579 .cmd = NL80211_CMD_CONNECT,
13580 .doit = nl80211_connect,
13581 .policy = nl80211_policy,
13582 .flags = GENL_UNS_ADMIN_PERM,
13583 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13584 NL80211_FLAG_NEED_RTNL,
13587 .cmd = NL80211_CMD_UPDATE_CONNECT_PARAMS,
13588 .doit = nl80211_update_connect_params,
13589 .policy = nl80211_policy,
13590 .flags = GENL_ADMIN_PERM,
13591 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13592 NL80211_FLAG_NEED_RTNL,
13595 .cmd = NL80211_CMD_DISCONNECT,
13596 .doit = nl80211_disconnect,
13597 .policy = nl80211_policy,
13598 .flags = GENL_UNS_ADMIN_PERM,
13599 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13600 NL80211_FLAG_NEED_RTNL,
13603 .cmd = NL80211_CMD_SET_WIPHY_NETNS,
13604 .doit = nl80211_wiphy_netns,
13605 .policy = nl80211_policy,
13606 .flags = GENL_UNS_ADMIN_PERM,
13607 .internal_flags = NL80211_FLAG_NEED_WIPHY |
13608 NL80211_FLAG_NEED_RTNL,
13611 .cmd = NL80211_CMD_GET_SURVEY,
13612 .policy = nl80211_policy,
13613 .dumpit = nl80211_dump_survey,
13616 .cmd = NL80211_CMD_SET_PMKSA,
13617 .doit = nl80211_setdel_pmksa,
13618 .policy = nl80211_policy,
13619 .flags = GENL_UNS_ADMIN_PERM,
13620 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13621 NL80211_FLAG_NEED_RTNL,
13624 .cmd = NL80211_CMD_DEL_PMKSA,
13625 .doit = nl80211_setdel_pmksa,
13626 .policy = nl80211_policy,
13627 .flags = GENL_UNS_ADMIN_PERM,
13628 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13629 NL80211_FLAG_NEED_RTNL,
13632 .cmd = NL80211_CMD_FLUSH_PMKSA,
13633 .doit = nl80211_flush_pmksa,
13634 .policy = nl80211_policy,
13635 .flags = GENL_UNS_ADMIN_PERM,
13636 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13637 NL80211_FLAG_NEED_RTNL,
13640 .cmd = NL80211_CMD_REMAIN_ON_CHANNEL,
13641 .doit = nl80211_remain_on_channel,
13642 .policy = nl80211_policy,
13643 .flags = GENL_UNS_ADMIN_PERM,
13644 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
13645 NL80211_FLAG_NEED_RTNL,
13648 .cmd = NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL,
13649 .doit = nl80211_cancel_remain_on_channel,
13650 .policy = nl80211_policy,
13651 .flags = GENL_UNS_ADMIN_PERM,
13652 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
13653 NL80211_FLAG_NEED_RTNL,
13656 .cmd = NL80211_CMD_SET_TX_BITRATE_MASK,
13657 .doit = nl80211_set_tx_bitrate_mask,
13658 .policy = nl80211_policy,
13659 .flags = GENL_UNS_ADMIN_PERM,
13660 .internal_flags = NL80211_FLAG_NEED_NETDEV |
13661 NL80211_FLAG_NEED_RTNL,
13664 .cmd = NL80211_CMD_REGISTER_FRAME,
13665 .doit = nl80211_register_mgmt,
13666 .policy = nl80211_policy,
13667 .flags = GENL_UNS_ADMIN_PERM,
13668 .internal_flags = NL80211_FLAG_NEED_WDEV |
13669 NL80211_FLAG_NEED_RTNL,
13672 .cmd = NL80211_CMD_FRAME,
13673 .doit = nl80211_tx_mgmt,
13674 .policy = nl80211_policy,
13675 .flags = GENL_UNS_ADMIN_PERM,
13676 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
13677 NL80211_FLAG_NEED_RTNL,
13680 .cmd = NL80211_CMD_FRAME_WAIT_CANCEL,
13681 .doit = nl80211_tx_mgmt_cancel_wait,
13682 .policy = nl80211_policy,
13683 .flags = GENL_UNS_ADMIN_PERM,
13684 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
13685 NL80211_FLAG_NEED_RTNL,
13688 .cmd = NL80211_CMD_SET_POWER_SAVE,
13689 .doit = nl80211_set_power_save,
13690 .policy = nl80211_policy,
13691 .flags = GENL_UNS_ADMIN_PERM,
13692 .internal_flags = NL80211_FLAG_NEED_NETDEV |
13693 NL80211_FLAG_NEED_RTNL,
13696 .cmd = NL80211_CMD_GET_POWER_SAVE,
13697 .doit = nl80211_get_power_save,
13698 .policy = nl80211_policy,
13699 /* can be retrieved by unprivileged users */
13700 .internal_flags = NL80211_FLAG_NEED_NETDEV |
13701 NL80211_FLAG_NEED_RTNL,
13704 .cmd = NL80211_CMD_SET_CQM,
13705 .doit = nl80211_set_cqm,
13706 .policy = nl80211_policy,
13707 .flags = GENL_UNS_ADMIN_PERM,
13708 .internal_flags = NL80211_FLAG_NEED_NETDEV |
13709 NL80211_FLAG_NEED_RTNL,
13712 .cmd = NL80211_CMD_SET_CHANNEL,
13713 .doit = nl80211_set_channel,
13714 .policy = nl80211_policy,
13715 .flags = GENL_UNS_ADMIN_PERM,
13716 .internal_flags = NL80211_FLAG_NEED_NETDEV |
13717 NL80211_FLAG_NEED_RTNL,
13720 .cmd = NL80211_CMD_SET_WDS_PEER,
13721 .doit = nl80211_set_wds_peer,
13722 .policy = nl80211_policy,
13723 .flags = GENL_UNS_ADMIN_PERM,
13724 .internal_flags = NL80211_FLAG_NEED_NETDEV |
13725 NL80211_FLAG_NEED_RTNL,
13728 .cmd = NL80211_CMD_JOIN_MESH,
13729 .doit = nl80211_join_mesh,
13730 .policy = nl80211_policy,
13731 .flags = GENL_UNS_ADMIN_PERM,
13732 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13733 NL80211_FLAG_NEED_RTNL,
13736 .cmd = NL80211_CMD_LEAVE_MESH,
13737 .doit = nl80211_leave_mesh,
13738 .policy = nl80211_policy,
13739 .flags = GENL_UNS_ADMIN_PERM,
13740 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13741 NL80211_FLAG_NEED_RTNL,
13744 .cmd = NL80211_CMD_JOIN_OCB,
13745 .doit = nl80211_join_ocb,
13746 .policy = nl80211_policy,
13747 .flags = GENL_UNS_ADMIN_PERM,
13748 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13749 NL80211_FLAG_NEED_RTNL,
13752 .cmd = NL80211_CMD_LEAVE_OCB,
13753 .doit = nl80211_leave_ocb,
13754 .policy = nl80211_policy,
13755 .flags = GENL_UNS_ADMIN_PERM,
13756 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13757 NL80211_FLAG_NEED_RTNL,
13761 .cmd = NL80211_CMD_GET_WOWLAN,
13762 .doit = nl80211_get_wowlan,
13763 .policy = nl80211_policy,
13764 /* can be retrieved by unprivileged users */
13765 .internal_flags = NL80211_FLAG_NEED_WIPHY |
13766 NL80211_FLAG_NEED_RTNL,
13769 .cmd = NL80211_CMD_SET_WOWLAN,
13770 .doit = nl80211_set_wowlan,
13771 .policy = nl80211_policy,
13772 .flags = GENL_UNS_ADMIN_PERM,
13773 .internal_flags = NL80211_FLAG_NEED_WIPHY |
13774 NL80211_FLAG_NEED_RTNL,
13778 .cmd = NL80211_CMD_SET_REKEY_OFFLOAD,
13779 .doit = nl80211_set_rekey_data,
13780 .policy = nl80211_policy,
13781 .flags = GENL_UNS_ADMIN_PERM,
13782 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13783 NL80211_FLAG_NEED_RTNL |
13784 NL80211_FLAG_CLEAR_SKB,
13787 .cmd = NL80211_CMD_TDLS_MGMT,
13788 .doit = nl80211_tdls_mgmt,
13789 .policy = nl80211_policy,
13790 .flags = GENL_UNS_ADMIN_PERM,
13791 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13792 NL80211_FLAG_NEED_RTNL,
13795 .cmd = NL80211_CMD_TDLS_OPER,
13796 .doit = nl80211_tdls_oper,
13797 .policy = nl80211_policy,
13798 .flags = GENL_UNS_ADMIN_PERM,
13799 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13800 NL80211_FLAG_NEED_RTNL,
13803 .cmd = NL80211_CMD_UNEXPECTED_FRAME,
13804 .doit = nl80211_register_unexpected_frame,
13805 .policy = nl80211_policy,
13806 .flags = GENL_UNS_ADMIN_PERM,
13807 .internal_flags = NL80211_FLAG_NEED_NETDEV |
13808 NL80211_FLAG_NEED_RTNL,
13811 .cmd = NL80211_CMD_PROBE_CLIENT,
13812 .doit = nl80211_probe_client,
13813 .policy = nl80211_policy,
13814 .flags = GENL_UNS_ADMIN_PERM,
13815 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13816 NL80211_FLAG_NEED_RTNL,
13819 .cmd = NL80211_CMD_REGISTER_BEACONS,
13820 .doit = nl80211_register_beacons,
13821 .policy = nl80211_policy,
13822 .flags = GENL_UNS_ADMIN_PERM,
13823 .internal_flags = NL80211_FLAG_NEED_WIPHY |
13824 NL80211_FLAG_NEED_RTNL,
13827 .cmd = NL80211_CMD_SET_NOACK_MAP,
13828 .doit = nl80211_set_noack_map,
13829 .policy = nl80211_policy,
13830 .flags = GENL_UNS_ADMIN_PERM,
13831 .internal_flags = NL80211_FLAG_NEED_NETDEV |
13832 NL80211_FLAG_NEED_RTNL,
13835 .cmd = NL80211_CMD_START_P2P_DEVICE,
13836 .doit = nl80211_start_p2p_device,
13837 .policy = nl80211_policy,
13838 .flags = GENL_UNS_ADMIN_PERM,
13839 .internal_flags = NL80211_FLAG_NEED_WDEV |
13840 NL80211_FLAG_NEED_RTNL,
13843 .cmd = NL80211_CMD_STOP_P2P_DEVICE,
13844 .doit = nl80211_stop_p2p_device,
13845 .policy = nl80211_policy,
13846 .flags = GENL_UNS_ADMIN_PERM,
13847 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
13848 NL80211_FLAG_NEED_RTNL,
13851 .cmd = NL80211_CMD_START_NAN,
13852 .doit = nl80211_start_nan,
13853 .policy = nl80211_policy,
13854 .flags = GENL_ADMIN_PERM,
13855 .internal_flags = NL80211_FLAG_NEED_WDEV |
13856 NL80211_FLAG_NEED_RTNL,
13859 .cmd = NL80211_CMD_STOP_NAN,
13860 .doit = nl80211_stop_nan,
13861 .policy = nl80211_policy,
13862 .flags = GENL_ADMIN_PERM,
13863 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
13864 NL80211_FLAG_NEED_RTNL,
13867 .cmd = NL80211_CMD_ADD_NAN_FUNCTION,
13868 .doit = nl80211_nan_add_func,
13869 .policy = nl80211_policy,
13870 .flags = GENL_ADMIN_PERM,
13871 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
13872 NL80211_FLAG_NEED_RTNL,
13875 .cmd = NL80211_CMD_DEL_NAN_FUNCTION,
13876 .doit = nl80211_nan_del_func,
13877 .policy = nl80211_policy,
13878 .flags = GENL_ADMIN_PERM,
13879 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
13880 NL80211_FLAG_NEED_RTNL,
13883 .cmd = NL80211_CMD_CHANGE_NAN_CONFIG,
13884 .doit = nl80211_nan_change_config,
13885 .policy = nl80211_policy,
13886 .flags = GENL_ADMIN_PERM,
13887 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
13888 NL80211_FLAG_NEED_RTNL,
13891 .cmd = NL80211_CMD_SET_MCAST_RATE,
13892 .doit = nl80211_set_mcast_rate,
13893 .policy = nl80211_policy,
13894 .flags = GENL_UNS_ADMIN_PERM,
13895 .internal_flags = NL80211_FLAG_NEED_NETDEV |
13896 NL80211_FLAG_NEED_RTNL,
13899 .cmd = NL80211_CMD_SET_MAC_ACL,
13900 .doit = nl80211_set_mac_acl,
13901 .policy = nl80211_policy,
13902 .flags = GENL_UNS_ADMIN_PERM,
13903 .internal_flags = NL80211_FLAG_NEED_NETDEV |
13904 NL80211_FLAG_NEED_RTNL,
13907 .cmd = NL80211_CMD_RADAR_DETECT,
13908 .doit = nl80211_start_radar_detection,
13909 .policy = nl80211_policy,
13910 .flags = GENL_UNS_ADMIN_PERM,
13911 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13912 NL80211_FLAG_NEED_RTNL,
13915 .cmd = NL80211_CMD_GET_PROTOCOL_FEATURES,
13916 .doit = nl80211_get_protocol_features,
13917 .policy = nl80211_policy,
13920 .cmd = NL80211_CMD_UPDATE_FT_IES,
13921 .doit = nl80211_update_ft_ies,
13922 .policy = nl80211_policy,
13923 .flags = GENL_UNS_ADMIN_PERM,
13924 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13925 NL80211_FLAG_NEED_RTNL,
13928 .cmd = NL80211_CMD_CRIT_PROTOCOL_START,
13929 .doit = nl80211_crit_protocol_start,
13930 .policy = nl80211_policy,
13931 .flags = GENL_UNS_ADMIN_PERM,
13932 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
13933 NL80211_FLAG_NEED_RTNL,
13936 .cmd = NL80211_CMD_CRIT_PROTOCOL_STOP,
13937 .doit = nl80211_crit_protocol_stop,
13938 .policy = nl80211_policy,
13939 .flags = GENL_UNS_ADMIN_PERM,
13940 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
13941 NL80211_FLAG_NEED_RTNL,
13944 .cmd = NL80211_CMD_GET_COALESCE,
13945 .doit = nl80211_get_coalesce,
13946 .policy = nl80211_policy,
13947 .internal_flags = NL80211_FLAG_NEED_WIPHY |
13948 NL80211_FLAG_NEED_RTNL,
13951 .cmd = NL80211_CMD_SET_COALESCE,
13952 .doit = nl80211_set_coalesce,
13953 .policy = nl80211_policy,
13954 .flags = GENL_UNS_ADMIN_PERM,
13955 .internal_flags = NL80211_FLAG_NEED_WIPHY |
13956 NL80211_FLAG_NEED_RTNL,
13959 .cmd = NL80211_CMD_CHANNEL_SWITCH,
13960 .doit = nl80211_channel_switch,
13961 .policy = nl80211_policy,
13962 .flags = GENL_UNS_ADMIN_PERM,
13963 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13964 NL80211_FLAG_NEED_RTNL,
13967 .cmd = NL80211_CMD_VENDOR,
13968 .doit = nl80211_vendor_cmd,
13969 .dumpit = nl80211_vendor_cmd_dump,
13970 .policy = nl80211_policy,
13971 .flags = GENL_UNS_ADMIN_PERM,
13972 .internal_flags = NL80211_FLAG_NEED_WIPHY |
13973 NL80211_FLAG_NEED_RTNL,
13976 .cmd = NL80211_CMD_SET_QOS_MAP,
13977 .doit = nl80211_set_qos_map,
13978 .policy = nl80211_policy,
13979 .flags = GENL_UNS_ADMIN_PERM,
13980 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13981 NL80211_FLAG_NEED_RTNL,
13984 .cmd = NL80211_CMD_ADD_TX_TS,
13985 .doit = nl80211_add_tx_ts,
13986 .policy = nl80211_policy,
13987 .flags = GENL_UNS_ADMIN_PERM,
13988 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13989 NL80211_FLAG_NEED_RTNL,
13992 .cmd = NL80211_CMD_DEL_TX_TS,
13993 .doit = nl80211_del_tx_ts,
13994 .policy = nl80211_policy,
13995 .flags = GENL_UNS_ADMIN_PERM,
13996 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
13997 NL80211_FLAG_NEED_RTNL,
14000 .cmd = NL80211_CMD_TDLS_CHANNEL_SWITCH,
14001 .doit = nl80211_tdls_channel_switch,
14002 .policy = nl80211_policy,
14003 .flags = GENL_UNS_ADMIN_PERM,
14004 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
14005 NL80211_FLAG_NEED_RTNL,
14008 .cmd = NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH,
14009 .doit = nl80211_tdls_cancel_channel_switch,
14010 .policy = nl80211_policy,
14011 .flags = GENL_UNS_ADMIN_PERM,
14012 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
14013 NL80211_FLAG_NEED_RTNL,
14016 .cmd = NL80211_CMD_SET_MULTICAST_TO_UNICAST,
14017 .doit = nl80211_set_multicast_to_unicast,
14018 .policy = nl80211_policy,
14019 .flags = GENL_UNS_ADMIN_PERM,
14020 .internal_flags = NL80211_FLAG_NEED_NETDEV |
14021 NL80211_FLAG_NEED_RTNL,
14024 .cmd = NL80211_CMD_SET_PMK,
14025 .doit = nl80211_set_pmk,
14026 .policy = nl80211_policy,
14027 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
14028 NL80211_FLAG_NEED_RTNL,
14031 .cmd = NL80211_CMD_DEL_PMK,
14032 .doit = nl80211_del_pmk,
14033 .policy = nl80211_policy,
14034 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
14035 NL80211_FLAG_NEED_RTNL,
14038 .cmd = NL80211_CMD_EXTERNAL_AUTH,
14039 .doit = nl80211_external_auth,
14040 .policy = nl80211_policy,
14041 .flags = GENL_ADMIN_PERM,
14042 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
14043 NL80211_FLAG_NEED_RTNL,
14046 .cmd = NL80211_CMD_CONTROL_PORT_FRAME,
14047 .doit = nl80211_tx_control_port,
14048 .policy = nl80211_policy,
14049 .flags = GENL_UNS_ADMIN_PERM,
14050 .internal_flags = NL80211_FLAG_NEED_NETDEV_UP |
14051 NL80211_FLAG_NEED_RTNL,
14054 .cmd = NL80211_CMD_GET_FTM_RESPONDER_STATS,
14055 .doit = nl80211_get_ftm_responder_stats,
14056 .policy = nl80211_policy,
14057 .internal_flags = NL80211_FLAG_NEED_NETDEV |
14058 NL80211_FLAG_NEED_RTNL,
14061 .cmd = NL80211_CMD_PEER_MEASUREMENT_START,
14062 .doit = nl80211_pmsr_start,
14063 .policy = nl80211_policy,
14064 .flags = GENL_UNS_ADMIN_PERM,
14065 .internal_flags = NL80211_FLAG_NEED_WDEV_UP |
14066 NL80211_FLAG_NEED_RTNL,
14070 static struct genl_family nl80211_fam __ro_after_init = {
14071 .name = NL80211_GENL_NAME, /* have users key off the name instead */
14072 .hdrsize = 0, /* no private header */
14073 .version = 1, /* no particular meaning now */
14074 .maxattr = NL80211_ATTR_MAX,
14076 .pre_doit = nl80211_pre_doit,
14077 .post_doit = nl80211_post_doit,
14078 .module = THIS_MODULE,
14079 .ops = nl80211_ops,
14080 .n_ops = ARRAY_SIZE(nl80211_ops),
14081 .mcgrps = nl80211_mcgrps,
14082 .n_mcgrps = ARRAY_SIZE(nl80211_mcgrps),
14085 /* notification functions */
14087 void nl80211_notify_wiphy(struct cfg80211_registered_device *rdev,
14088 enum nl80211_commands cmd)
14090 struct sk_buff *msg;
14091 struct nl80211_dump_wiphy_state state = {};
14093 WARN_ON(cmd != NL80211_CMD_NEW_WIPHY &&
14094 cmd != NL80211_CMD_DEL_WIPHY);
14096 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
14100 if (nl80211_send_wiphy(rdev, cmd, msg, 0, 0, 0, &state) < 0) {
14105 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
14106 NL80211_MCGRP_CONFIG, GFP_KERNEL);
14109 void nl80211_notify_iface(struct cfg80211_registered_device *rdev,
14110 struct wireless_dev *wdev,
14111 enum nl80211_commands cmd)
14113 struct sk_buff *msg;
14115 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
14119 if (nl80211_send_iface(msg, 0, 0, 0, rdev, wdev, cmd) < 0) {
14124 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
14125 NL80211_MCGRP_CONFIG, GFP_KERNEL);
14128 static int nl80211_add_scan_req(struct sk_buff *msg,
14129 struct cfg80211_registered_device *rdev)
14131 struct cfg80211_scan_request *req = rdev->scan_req;
14132 struct nlattr *nest;
14138 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_SSIDS);
14140 goto nla_put_failure;
14141 for (i = 0; i < req->n_ssids; i++) {
14142 if (nla_put(msg, i, req->ssids[i].ssid_len, req->ssids[i].ssid))
14143 goto nla_put_failure;
14145 nla_nest_end(msg, nest);
14147 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_FREQUENCIES);
14149 goto nla_put_failure;
14150 for (i = 0; i < req->n_channels; i++) {
14151 if (nla_put_u32(msg, i, req->channels[i]->center_freq))
14152 goto nla_put_failure;
14154 nla_nest_end(msg, nest);
14157 nla_put(msg, NL80211_ATTR_IE, req->ie_len, req->ie))
14158 goto nla_put_failure;
14161 nla_put_u32(msg, NL80211_ATTR_SCAN_FLAGS, req->flags))
14162 goto nla_put_failure;
14164 if (req->info.scan_start_tsf &&
14165 (nla_put_u64_64bit(msg, NL80211_ATTR_SCAN_START_TIME_TSF,
14166 req->info.scan_start_tsf, NL80211_BSS_PAD) ||
14167 nla_put(msg, NL80211_ATTR_SCAN_START_TIME_TSF_BSSID, ETH_ALEN,
14168 req->info.tsf_bssid)))
14169 goto nla_put_failure;
14176 static int nl80211_prep_scan_msg(struct sk_buff *msg,
14177 struct cfg80211_registered_device *rdev,
14178 struct wireless_dev *wdev,
14179 u32 portid, u32 seq, int flags,
14184 hdr = nl80211hdr_put(msg, portid, seq, flags, cmd);
14188 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
14189 (wdev->netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
14190 wdev->netdev->ifindex)) ||
14191 nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
14193 goto nla_put_failure;
14195 /* ignore errors and send incomplete event anyway */
14196 nl80211_add_scan_req(msg, rdev);
14198 genlmsg_end(msg, hdr);
14202 genlmsg_cancel(msg, hdr);
14207 nl80211_prep_sched_scan_msg(struct sk_buff *msg,
14208 struct cfg80211_sched_scan_request *req, u32 cmd)
14212 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
14216 if (nla_put_u32(msg, NL80211_ATTR_WIPHY,
14217 wiphy_to_rdev(req->wiphy)->wiphy_idx) ||
14218 nla_put_u32(msg, NL80211_ATTR_IFINDEX, req->dev->ifindex) ||
14219 nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, req->reqid,
14221 goto nla_put_failure;
14223 genlmsg_end(msg, hdr);
14227 genlmsg_cancel(msg, hdr);
14231 void nl80211_send_scan_start(struct cfg80211_registered_device *rdev,
14232 struct wireless_dev *wdev)
14234 struct sk_buff *msg;
14236 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
14240 if (nl80211_prep_scan_msg(msg, rdev, wdev, 0, 0, 0,
14241 NL80211_CMD_TRIGGER_SCAN) < 0) {
14246 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
14247 NL80211_MCGRP_SCAN, GFP_KERNEL);
14250 struct sk_buff *nl80211_build_scan_msg(struct cfg80211_registered_device *rdev,
14251 struct wireless_dev *wdev, bool aborted)
14253 struct sk_buff *msg;
14255 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
14259 if (nl80211_prep_scan_msg(msg, rdev, wdev, 0, 0, 0,
14260 aborted ? NL80211_CMD_SCAN_ABORTED :
14261 NL80211_CMD_NEW_SCAN_RESULTS) < 0) {
14269 /* send message created by nl80211_build_scan_msg() */
14270 void nl80211_send_scan_msg(struct cfg80211_registered_device *rdev,
14271 struct sk_buff *msg)
14276 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
14277 NL80211_MCGRP_SCAN, GFP_KERNEL);
14280 void nl80211_send_sched_scan(struct cfg80211_sched_scan_request *req, u32 cmd)
14282 struct sk_buff *msg;
14284 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
14288 if (nl80211_prep_sched_scan_msg(msg, req, cmd) < 0) {
14293 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(req->wiphy), msg, 0,
14294 NL80211_MCGRP_SCAN, GFP_KERNEL);
14297 static bool nl80211_reg_change_event_fill(struct sk_buff *msg,
14298 struct regulatory_request *request)
14300 /* Userspace can always count this one always being set */
14301 if (nla_put_u8(msg, NL80211_ATTR_REG_INITIATOR, request->initiator))
14302 goto nla_put_failure;
14304 if (request->alpha2[0] == '0' && request->alpha2[1] == '0') {
14305 if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE,
14306 NL80211_REGDOM_TYPE_WORLD))
14307 goto nla_put_failure;
14308 } else if (request->alpha2[0] == '9' && request->alpha2[1] == '9') {
14309 if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE,
14310 NL80211_REGDOM_TYPE_CUSTOM_WORLD))
14311 goto nla_put_failure;
14312 } else if ((request->alpha2[0] == '9' && request->alpha2[1] == '8') ||
14313 request->intersect) {
14314 if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE,
14315 NL80211_REGDOM_TYPE_INTERSECTION))
14316 goto nla_put_failure;
14318 if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE,
14319 NL80211_REGDOM_TYPE_COUNTRY) ||
14320 nla_put_string(msg, NL80211_ATTR_REG_ALPHA2,
14322 goto nla_put_failure;
14325 if (request->wiphy_idx != WIPHY_IDX_INVALID) {
14326 struct wiphy *wiphy = wiphy_idx_to_wiphy(request->wiphy_idx);
14329 nla_put_u32(msg, NL80211_ATTR_WIPHY, request->wiphy_idx))
14330 goto nla_put_failure;
14333 wiphy->regulatory_flags & REGULATORY_WIPHY_SELF_MANAGED &&
14334 nla_put_flag(msg, NL80211_ATTR_WIPHY_SELF_MANAGED_REG))
14335 goto nla_put_failure;
14345 * This can happen on global regulatory changes or device specific settings
14346 * based on custom regulatory domains.
14348 void nl80211_common_reg_change_event(enum nl80211_commands cmd_id,
14349 struct regulatory_request *request)
14351 struct sk_buff *msg;
14354 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
14358 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd_id);
14364 if (nl80211_reg_change_event_fill(msg, request) == false)
14365 goto nla_put_failure;
14367 genlmsg_end(msg, hdr);
14370 genlmsg_multicast_allns(&nl80211_fam, msg, 0,
14371 NL80211_MCGRP_REGULATORY, GFP_ATOMIC);
14380 static void nl80211_send_mlme_event(struct cfg80211_registered_device *rdev,
14381 struct net_device *netdev,
14382 const u8 *buf, size_t len,
14383 enum nl80211_commands cmd, gfp_t gfp,
14386 struct sk_buff *msg;
14389 msg = nlmsg_new(100 + len, gfp);
14393 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
14399 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
14400 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
14401 nla_put(msg, NL80211_ATTR_FRAME, len, buf))
14402 goto nla_put_failure;
14404 if (uapsd_queues >= 0) {
14405 struct nlattr *nla_wmm =
14406 nla_nest_start(msg, NL80211_ATTR_STA_WME);
14408 goto nla_put_failure;
14410 if (nla_put_u8(msg, NL80211_STA_WME_UAPSD_QUEUES,
14412 goto nla_put_failure;
14414 nla_nest_end(msg, nla_wmm);
14417 genlmsg_end(msg, hdr);
14419 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
14420 NL80211_MCGRP_MLME, gfp);
14427 void nl80211_send_rx_auth(struct cfg80211_registered_device *rdev,
14428 struct net_device *netdev, const u8 *buf,
14429 size_t len, gfp_t gfp)
14431 nl80211_send_mlme_event(rdev, netdev, buf, len,
14432 NL80211_CMD_AUTHENTICATE, gfp, -1);
14435 void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev,
14436 struct net_device *netdev, const u8 *buf,
14437 size_t len, gfp_t gfp, int uapsd_queues)
14439 nl80211_send_mlme_event(rdev, netdev, buf, len,
14440 NL80211_CMD_ASSOCIATE, gfp, uapsd_queues);
14443 void nl80211_send_deauth(struct cfg80211_registered_device *rdev,
14444 struct net_device *netdev, const u8 *buf,
14445 size_t len, gfp_t gfp)
14447 nl80211_send_mlme_event(rdev, netdev, buf, len,
14448 NL80211_CMD_DEAUTHENTICATE, gfp, -1);
14451 void nl80211_send_disassoc(struct cfg80211_registered_device *rdev,
14452 struct net_device *netdev, const u8 *buf,
14453 size_t len, gfp_t gfp)
14455 nl80211_send_mlme_event(rdev, netdev, buf, len,
14456 NL80211_CMD_DISASSOCIATE, gfp, -1);
14459 void cfg80211_rx_unprot_mlme_mgmt(struct net_device *dev, const u8 *buf,
14462 struct wireless_dev *wdev = dev->ieee80211_ptr;
14463 struct wiphy *wiphy = wdev->wiphy;
14464 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
14465 const struct ieee80211_mgmt *mgmt = (void *)buf;
14468 if (WARN_ON(len < 2))
14471 if (ieee80211_is_deauth(mgmt->frame_control))
14472 cmd = NL80211_CMD_UNPROT_DEAUTHENTICATE;
14474 cmd = NL80211_CMD_UNPROT_DISASSOCIATE;
14476 trace_cfg80211_rx_unprot_mlme_mgmt(dev, buf, len);
14477 nl80211_send_mlme_event(rdev, dev, buf, len, cmd, GFP_ATOMIC, -1);
14479 EXPORT_SYMBOL(cfg80211_rx_unprot_mlme_mgmt);
14481 static void nl80211_send_mlme_timeout(struct cfg80211_registered_device *rdev,
14482 struct net_device *netdev, int cmd,
14483 const u8 *addr, gfp_t gfp)
14485 struct sk_buff *msg;
14488 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
14492 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
14498 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
14499 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
14500 nla_put_flag(msg, NL80211_ATTR_TIMED_OUT) ||
14501 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr))
14502 goto nla_put_failure;
14504 genlmsg_end(msg, hdr);
14506 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
14507 NL80211_MCGRP_MLME, gfp);
14514 void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev,
14515 struct net_device *netdev, const u8 *addr,
14518 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_AUTHENTICATE,
14522 void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev,
14523 struct net_device *netdev, const u8 *addr,
14526 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_ASSOCIATE,
14530 void nl80211_send_connect_result(struct cfg80211_registered_device *rdev,
14531 struct net_device *netdev,
14532 struct cfg80211_connect_resp_params *cr,
14535 struct sk_buff *msg;
14538 msg = nlmsg_new(100 + cr->req_ie_len + cr->resp_ie_len +
14539 cr->fils.kek_len + cr->fils.pmk_len +
14540 (cr->fils.pmkid ? WLAN_PMKID_LEN : 0), gfp);
14544 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONNECT);
14550 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
14551 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
14553 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, cr->bssid)) ||
14554 nla_put_u16(msg, NL80211_ATTR_STATUS_CODE,
14555 cr->status < 0 ? WLAN_STATUS_UNSPECIFIED_FAILURE :
14558 (nla_put_flag(msg, NL80211_ATTR_TIMED_OUT) ||
14559 nla_put_u32(msg, NL80211_ATTR_TIMEOUT_REASON,
14560 cr->timeout_reason))) ||
14562 nla_put(msg, NL80211_ATTR_REQ_IE, cr->req_ie_len, cr->req_ie)) ||
14564 nla_put(msg, NL80211_ATTR_RESP_IE, cr->resp_ie_len,
14566 (cr->fils.update_erp_next_seq_num &&
14567 nla_put_u16(msg, NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM,
14568 cr->fils.erp_next_seq_num)) ||
14569 (cr->status == WLAN_STATUS_SUCCESS &&
14571 nla_put(msg, NL80211_ATTR_FILS_KEK, cr->fils.kek_len,
14574 nla_put(msg, NL80211_ATTR_PMK, cr->fils.pmk_len, cr->fils.pmk)) ||
14576 nla_put(msg, NL80211_ATTR_PMKID, WLAN_PMKID_LEN, cr->fils.pmkid)))))
14577 goto nla_put_failure;
14579 genlmsg_end(msg, hdr);
14581 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
14582 NL80211_MCGRP_MLME, gfp);
14589 void nl80211_send_roamed(struct cfg80211_registered_device *rdev,
14590 struct net_device *netdev,
14591 struct cfg80211_roam_info *info, gfp_t gfp)
14593 struct sk_buff *msg;
14595 const u8 *bssid = info->bss ? info->bss->bssid : info->bssid;
14597 msg = nlmsg_new(100 + info->req_ie_len + info->resp_ie_len +
14598 info->fils.kek_len + info->fils.pmk_len +
14599 (info->fils.pmkid ? WLAN_PMKID_LEN : 0), gfp);
14603 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_ROAM);
14609 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
14610 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
14611 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid) ||
14613 nla_put(msg, NL80211_ATTR_REQ_IE, info->req_ie_len,
14616 nla_put(msg, NL80211_ATTR_RESP_IE, info->resp_ie_len,
14618 (info->fils.update_erp_next_seq_num &&
14619 nla_put_u16(msg, NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM,
14620 info->fils.erp_next_seq_num)) ||
14622 nla_put(msg, NL80211_ATTR_FILS_KEK, info->fils.kek_len,
14623 info->fils.kek)) ||
14625 nla_put(msg, NL80211_ATTR_PMK, info->fils.pmk_len, info->fils.pmk)) ||
14626 (info->fils.pmkid &&
14627 nla_put(msg, NL80211_ATTR_PMKID, WLAN_PMKID_LEN, info->fils.pmkid)))
14628 goto nla_put_failure;
14630 genlmsg_end(msg, hdr);
14632 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
14633 NL80211_MCGRP_MLME, gfp);
14640 void nl80211_send_port_authorized(struct cfg80211_registered_device *rdev,
14641 struct net_device *netdev, const u8 *bssid)
14643 struct sk_buff *msg;
14646 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
14650 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_PORT_AUTHORIZED);
14656 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid))
14657 goto nla_put_failure;
14659 genlmsg_end(msg, hdr);
14661 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
14662 NL80211_MCGRP_MLME, GFP_KERNEL);
14669 void nl80211_send_disconnected(struct cfg80211_registered_device *rdev,
14670 struct net_device *netdev, u16 reason,
14671 const u8 *ie, size_t ie_len, bool from_ap)
14673 struct sk_buff *msg;
14676 msg = nlmsg_new(100 + ie_len, GFP_KERNEL);
14680 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DISCONNECT);
14686 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
14687 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
14689 nla_put_u16(msg, NL80211_ATTR_REASON_CODE, reason)) ||
14691 nla_put_flag(msg, NL80211_ATTR_DISCONNECTED_BY_AP)) ||
14692 (ie && nla_put(msg, NL80211_ATTR_IE, ie_len, ie)))
14693 goto nla_put_failure;
14695 genlmsg_end(msg, hdr);
14697 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
14698 NL80211_MCGRP_MLME, GFP_KERNEL);
14705 void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev,
14706 struct net_device *netdev, const u8 *bssid,
14709 struct sk_buff *msg;
14712 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
14716 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_JOIN_IBSS);
14722 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
14723 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
14724 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid))
14725 goto nla_put_failure;
14727 genlmsg_end(msg, hdr);
14729 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
14730 NL80211_MCGRP_MLME, gfp);
14737 void cfg80211_notify_new_peer_candidate(struct net_device *dev, const u8 *addr,
14738 const u8* ie, u8 ie_len, gfp_t gfp)
14740 struct wireless_dev *wdev = dev->ieee80211_ptr;
14741 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
14742 struct sk_buff *msg;
14745 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_MESH_POINT))
14748 trace_cfg80211_notify_new_peer_candidate(dev, addr);
14750 msg = nlmsg_new(100 + ie_len, gfp);
14754 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NEW_PEER_CANDIDATE);
14760 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
14761 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
14762 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
14764 nla_put(msg, NL80211_ATTR_IE, ie_len , ie)))
14765 goto nla_put_failure;
14767 genlmsg_end(msg, hdr);
14769 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
14770 NL80211_MCGRP_MLME, gfp);
14776 EXPORT_SYMBOL(cfg80211_notify_new_peer_candidate);
14778 void nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev,
14779 struct net_device *netdev, const u8 *addr,
14780 enum nl80211_key_type key_type, int key_id,
14781 const u8 *tsc, gfp_t gfp)
14783 struct sk_buff *msg;
14786 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
14790 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_MICHAEL_MIC_FAILURE);
14796 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
14797 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
14798 (addr && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) ||
14799 nla_put_u32(msg, NL80211_ATTR_KEY_TYPE, key_type) ||
14801 nla_put_u8(msg, NL80211_ATTR_KEY_IDX, key_id)) ||
14802 (tsc && nla_put(msg, NL80211_ATTR_KEY_SEQ, 6, tsc)))
14803 goto nla_put_failure;
14805 genlmsg_end(msg, hdr);
14807 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
14808 NL80211_MCGRP_MLME, gfp);
14815 void nl80211_send_beacon_hint_event(struct wiphy *wiphy,
14816 struct ieee80211_channel *channel_before,
14817 struct ieee80211_channel *channel_after)
14819 struct sk_buff *msg;
14821 struct nlattr *nl_freq;
14823 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC);
14827 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_BEACON_HINT);
14834 * Since we are applying the beacon hint to a wiphy we know its
14835 * wiphy_idx is valid
14837 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy)))
14838 goto nla_put_failure;
14841 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_BEFORE);
14843 goto nla_put_failure;
14845 if (nl80211_msg_put_channel(msg, wiphy, channel_before, false))
14846 goto nla_put_failure;
14847 nla_nest_end(msg, nl_freq);
14850 nl_freq = nla_nest_start(msg, NL80211_ATTR_FREQ_AFTER);
14852 goto nla_put_failure;
14854 if (nl80211_msg_put_channel(msg, wiphy, channel_after, false))
14855 goto nla_put_failure;
14856 nla_nest_end(msg, nl_freq);
14858 genlmsg_end(msg, hdr);
14861 genlmsg_multicast_allns(&nl80211_fam, msg, 0,
14862 NL80211_MCGRP_REGULATORY, GFP_ATOMIC);
14871 static void nl80211_send_remain_on_chan_event(
14872 int cmd, struct cfg80211_registered_device *rdev,
14873 struct wireless_dev *wdev, u64 cookie,
14874 struct ieee80211_channel *chan,
14875 unsigned int duration, gfp_t gfp)
14877 struct sk_buff *msg;
14880 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
14884 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
14890 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
14891 (wdev->netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
14892 wdev->netdev->ifindex)) ||
14893 nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
14894 NL80211_ATTR_PAD) ||
14895 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, chan->center_freq) ||
14896 nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
14897 NL80211_CHAN_NO_HT) ||
14898 nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, cookie,
14900 goto nla_put_failure;
14902 if (cmd == NL80211_CMD_REMAIN_ON_CHANNEL &&
14903 nla_put_u32(msg, NL80211_ATTR_DURATION, duration))
14904 goto nla_put_failure;
14906 genlmsg_end(msg, hdr);
14908 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
14909 NL80211_MCGRP_MLME, gfp);
14916 void cfg80211_ready_on_channel(struct wireless_dev *wdev, u64 cookie,
14917 struct ieee80211_channel *chan,
14918 unsigned int duration, gfp_t gfp)
14920 struct wiphy *wiphy = wdev->wiphy;
14921 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
14923 trace_cfg80211_ready_on_channel(wdev, cookie, chan, duration);
14924 nl80211_send_remain_on_chan_event(NL80211_CMD_REMAIN_ON_CHANNEL,
14925 rdev, wdev, cookie, chan,
14928 EXPORT_SYMBOL(cfg80211_ready_on_channel);
14930 void cfg80211_remain_on_channel_expired(struct wireless_dev *wdev, u64 cookie,
14931 struct ieee80211_channel *chan,
14934 struct wiphy *wiphy = wdev->wiphy;
14935 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
14937 trace_cfg80211_ready_on_channel_expired(wdev, cookie, chan);
14938 nl80211_send_remain_on_chan_event(NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL,
14939 rdev, wdev, cookie, chan, 0, gfp);
14941 EXPORT_SYMBOL(cfg80211_remain_on_channel_expired);
14943 void cfg80211_new_sta(struct net_device *dev, const u8 *mac_addr,
14944 struct station_info *sinfo, gfp_t gfp)
14946 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy;
14947 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
14948 struct sk_buff *msg;
14950 trace_cfg80211_new_sta(dev, mac_addr, sinfo);
14952 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
14956 if (nl80211_send_station(msg, NL80211_CMD_NEW_STATION, 0, 0, 0,
14957 rdev, dev, mac_addr, sinfo) < 0) {
14962 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
14963 NL80211_MCGRP_MLME, gfp);
14965 EXPORT_SYMBOL(cfg80211_new_sta);
14967 void cfg80211_del_sta_sinfo(struct net_device *dev, const u8 *mac_addr,
14968 struct station_info *sinfo, gfp_t gfp)
14970 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy;
14971 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
14972 struct sk_buff *msg;
14973 struct station_info empty_sinfo = {};
14976 sinfo = &empty_sinfo;
14978 trace_cfg80211_del_sta(dev, mac_addr);
14980 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
14982 cfg80211_sinfo_release_content(sinfo);
14986 if (nl80211_send_station(msg, NL80211_CMD_DEL_STATION, 0, 0, 0,
14987 rdev, dev, mac_addr, sinfo) < 0) {
14992 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
14993 NL80211_MCGRP_MLME, gfp);
14995 EXPORT_SYMBOL(cfg80211_del_sta_sinfo);
14997 void cfg80211_conn_failed(struct net_device *dev, const u8 *mac_addr,
14998 enum nl80211_connect_failed_reason reason,
15001 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy;
15002 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
15003 struct sk_buff *msg;
15006 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
15010 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONN_FAILED);
15016 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
15017 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr) ||
15018 nla_put_u32(msg, NL80211_ATTR_CONN_FAILED_REASON, reason))
15019 goto nla_put_failure;
15021 genlmsg_end(msg, hdr);
15023 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
15024 NL80211_MCGRP_MLME, gfp);
15030 EXPORT_SYMBOL(cfg80211_conn_failed);
15032 static bool __nl80211_unexpected_frame(struct net_device *dev, u8 cmd,
15033 const u8 *addr, gfp_t gfp)
15035 struct wireless_dev *wdev = dev->ieee80211_ptr;
15036 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
15037 struct sk_buff *msg;
15039 u32 nlportid = READ_ONCE(wdev->ap_unexpected_nlportid);
15044 msg = nlmsg_new(100, gfp);
15048 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
15054 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
15055 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
15056 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr))
15057 goto nla_put_failure;
15059 genlmsg_end(msg, hdr);
15060 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlportid);
15068 bool cfg80211_rx_spurious_frame(struct net_device *dev,
15069 const u8 *addr, gfp_t gfp)
15071 struct wireless_dev *wdev = dev->ieee80211_ptr;
15074 trace_cfg80211_rx_spurious_frame(dev, addr);
15076 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_AP &&
15077 wdev->iftype != NL80211_IFTYPE_P2P_GO)) {
15078 trace_cfg80211_return_bool(false);
15081 ret = __nl80211_unexpected_frame(dev, NL80211_CMD_UNEXPECTED_FRAME,
15083 trace_cfg80211_return_bool(ret);
15086 EXPORT_SYMBOL(cfg80211_rx_spurious_frame);
15088 bool cfg80211_rx_unexpected_4addr_frame(struct net_device *dev,
15089 const u8 *addr, gfp_t gfp)
15091 struct wireless_dev *wdev = dev->ieee80211_ptr;
15094 trace_cfg80211_rx_unexpected_4addr_frame(dev, addr);
15096 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_AP &&
15097 wdev->iftype != NL80211_IFTYPE_P2P_GO &&
15098 wdev->iftype != NL80211_IFTYPE_AP_VLAN)) {
15099 trace_cfg80211_return_bool(false);
15102 ret = __nl80211_unexpected_frame(dev,
15103 NL80211_CMD_UNEXPECTED_4ADDR_FRAME,
15105 trace_cfg80211_return_bool(ret);
15108 EXPORT_SYMBOL(cfg80211_rx_unexpected_4addr_frame);
15110 int nl80211_send_mgmt(struct cfg80211_registered_device *rdev,
15111 struct wireless_dev *wdev, u32 nlportid,
15112 int freq, int sig_dbm,
15113 const u8 *buf, size_t len, u32 flags, gfp_t gfp)
15115 struct net_device *netdev = wdev->netdev;
15116 struct sk_buff *msg;
15119 msg = nlmsg_new(100 + len, gfp);
15123 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME);
15129 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
15130 (netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
15131 netdev->ifindex)) ||
15132 nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
15133 NL80211_ATTR_PAD) ||
15134 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq) ||
15136 nla_put_u32(msg, NL80211_ATTR_RX_SIGNAL_DBM, sig_dbm)) ||
15137 nla_put(msg, NL80211_ATTR_FRAME, len, buf) ||
15139 nla_put_u32(msg, NL80211_ATTR_RXMGMT_FLAGS, flags)))
15140 goto nla_put_failure;
15142 genlmsg_end(msg, hdr);
15144 return genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlportid);
15151 void cfg80211_mgmt_tx_status(struct wireless_dev *wdev, u64 cookie,
15152 const u8 *buf, size_t len, bool ack, gfp_t gfp)
15154 struct wiphy *wiphy = wdev->wiphy;
15155 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
15156 struct net_device *netdev = wdev->netdev;
15157 struct sk_buff *msg;
15160 trace_cfg80211_mgmt_tx_status(wdev, cookie, ack);
15162 msg = nlmsg_new(100 + len, gfp);
15166 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME_TX_STATUS);
15172 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
15173 (netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
15174 netdev->ifindex)) ||
15175 nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
15176 NL80211_ATTR_PAD) ||
15177 nla_put(msg, NL80211_ATTR_FRAME, len, buf) ||
15178 nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, cookie,
15179 NL80211_ATTR_PAD) ||
15180 (ack && nla_put_flag(msg, NL80211_ATTR_ACK)))
15181 goto nla_put_failure;
15183 genlmsg_end(msg, hdr);
15185 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
15186 NL80211_MCGRP_MLME, gfp);
15192 EXPORT_SYMBOL(cfg80211_mgmt_tx_status);
15194 static int __nl80211_rx_control_port(struct net_device *dev,
15195 struct sk_buff *skb,
15196 bool unencrypted, gfp_t gfp)
15198 struct wireless_dev *wdev = dev->ieee80211_ptr;
15199 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
15200 struct ethhdr *ehdr = eth_hdr(skb);
15201 const u8 *addr = ehdr->h_source;
15202 u16 proto = be16_to_cpu(skb->protocol);
15203 struct sk_buff *msg;
15205 struct nlattr *frame;
15207 u32 nlportid = READ_ONCE(wdev->conn_owner_nlportid);
15212 msg = nlmsg_new(100 + skb->len, gfp);
15216 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONTROL_PORT_FRAME);
15222 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
15223 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
15224 nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
15225 NL80211_ATTR_PAD) ||
15226 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
15227 nla_put_u16(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE, proto) ||
15228 (unencrypted && nla_put_flag(msg,
15229 NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT)))
15230 goto nla_put_failure;
15232 frame = nla_reserve(msg, NL80211_ATTR_FRAME, skb->len);
15234 goto nla_put_failure;
15236 skb_copy_bits(skb, 0, nla_data(frame), skb->len);
15237 genlmsg_end(msg, hdr);
15239 return genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlportid);
15246 bool cfg80211_rx_control_port(struct net_device *dev,
15247 struct sk_buff *skb, bool unencrypted)
15251 trace_cfg80211_rx_control_port(dev, skb, unencrypted);
15252 ret = __nl80211_rx_control_port(dev, skb, unencrypted, GFP_ATOMIC);
15253 trace_cfg80211_return_bool(ret == 0);
15256 EXPORT_SYMBOL(cfg80211_rx_control_port);
15258 static struct sk_buff *cfg80211_prepare_cqm(struct net_device *dev,
15259 const char *mac, gfp_t gfp)
15261 struct wireless_dev *wdev = dev->ieee80211_ptr;
15262 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
15263 struct sk_buff *msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
15269 cb = (void **)msg->cb;
15271 cb[0] = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM);
15277 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
15278 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex))
15279 goto nla_put_failure;
15281 if (mac && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac))
15282 goto nla_put_failure;
15284 cb[1] = nla_nest_start(msg, NL80211_ATTR_CQM);
15286 goto nla_put_failure;
15296 static void cfg80211_send_cqm(struct sk_buff *msg, gfp_t gfp)
15298 void **cb = (void **)msg->cb;
15299 struct cfg80211_registered_device *rdev = cb[2];
15301 nla_nest_end(msg, cb[1]);
15302 genlmsg_end(msg, cb[0]);
15304 memset(msg->cb, 0, sizeof(msg->cb));
15306 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
15307 NL80211_MCGRP_MLME, gfp);
15310 void cfg80211_cqm_rssi_notify(struct net_device *dev,
15311 enum nl80211_cqm_rssi_threshold_event rssi_event,
15312 s32 rssi_level, gfp_t gfp)
15314 struct sk_buff *msg;
15315 struct wireless_dev *wdev = dev->ieee80211_ptr;
15316 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
15318 trace_cfg80211_cqm_rssi_notify(dev, rssi_event, rssi_level);
15320 if (WARN_ON(rssi_event != NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW &&
15321 rssi_event != NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH))
15324 if (wdev->cqm_config) {
15325 wdev->cqm_config->last_rssi_event_value = rssi_level;
15327 cfg80211_cqm_rssi_update(rdev, dev);
15329 if (rssi_level == 0)
15330 rssi_level = wdev->cqm_config->last_rssi_event_value;
15333 msg = cfg80211_prepare_cqm(dev, NULL, gfp);
15337 if (nla_put_u32(msg, NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT,
15339 goto nla_put_failure;
15341 if (rssi_level && nla_put_s32(msg, NL80211_ATTR_CQM_RSSI_LEVEL,
15343 goto nla_put_failure;
15345 cfg80211_send_cqm(msg, gfp);
15352 EXPORT_SYMBOL(cfg80211_cqm_rssi_notify);
15354 void cfg80211_cqm_txe_notify(struct net_device *dev,
15355 const u8 *peer, u32 num_packets,
15356 u32 rate, u32 intvl, gfp_t gfp)
15358 struct sk_buff *msg;
15360 msg = cfg80211_prepare_cqm(dev, peer, gfp);
15364 if (nla_put_u32(msg, NL80211_ATTR_CQM_TXE_PKTS, num_packets))
15365 goto nla_put_failure;
15367 if (nla_put_u32(msg, NL80211_ATTR_CQM_TXE_RATE, rate))
15368 goto nla_put_failure;
15370 if (nla_put_u32(msg, NL80211_ATTR_CQM_TXE_INTVL, intvl))
15371 goto nla_put_failure;
15373 cfg80211_send_cqm(msg, gfp);
15379 EXPORT_SYMBOL(cfg80211_cqm_txe_notify);
15381 void cfg80211_cqm_pktloss_notify(struct net_device *dev,
15382 const u8 *peer, u32 num_packets, gfp_t gfp)
15384 struct sk_buff *msg;
15386 trace_cfg80211_cqm_pktloss_notify(dev, peer, num_packets);
15388 msg = cfg80211_prepare_cqm(dev, peer, gfp);
15392 if (nla_put_u32(msg, NL80211_ATTR_CQM_PKT_LOSS_EVENT, num_packets))
15393 goto nla_put_failure;
15395 cfg80211_send_cqm(msg, gfp);
15401 EXPORT_SYMBOL(cfg80211_cqm_pktloss_notify);
15403 void cfg80211_cqm_beacon_loss_notify(struct net_device *dev, gfp_t gfp)
15405 struct sk_buff *msg;
15407 msg = cfg80211_prepare_cqm(dev, NULL, gfp);
15411 if (nla_put_flag(msg, NL80211_ATTR_CQM_BEACON_LOSS_EVENT))
15412 goto nla_put_failure;
15414 cfg80211_send_cqm(msg, gfp);
15420 EXPORT_SYMBOL(cfg80211_cqm_beacon_loss_notify);
15422 static void nl80211_gtk_rekey_notify(struct cfg80211_registered_device *rdev,
15423 struct net_device *netdev, const u8 *bssid,
15424 const u8 *replay_ctr, gfp_t gfp)
15426 struct sk_buff *msg;
15427 struct nlattr *rekey_attr;
15430 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
15434 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_SET_REKEY_OFFLOAD);
15440 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
15441 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
15442 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid))
15443 goto nla_put_failure;
15445 rekey_attr = nla_nest_start(msg, NL80211_ATTR_REKEY_DATA);
15447 goto nla_put_failure;
15449 if (nla_put(msg, NL80211_REKEY_DATA_REPLAY_CTR,
15450 NL80211_REPLAY_CTR_LEN, replay_ctr))
15451 goto nla_put_failure;
15453 nla_nest_end(msg, rekey_attr);
15455 genlmsg_end(msg, hdr);
15457 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
15458 NL80211_MCGRP_MLME, gfp);
15465 void cfg80211_gtk_rekey_notify(struct net_device *dev, const u8 *bssid,
15466 const u8 *replay_ctr, gfp_t gfp)
15468 struct wireless_dev *wdev = dev->ieee80211_ptr;
15469 struct wiphy *wiphy = wdev->wiphy;
15470 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
15472 trace_cfg80211_gtk_rekey_notify(dev, bssid);
15473 nl80211_gtk_rekey_notify(rdev, dev, bssid, replay_ctr, gfp);
15475 EXPORT_SYMBOL(cfg80211_gtk_rekey_notify);
15478 nl80211_pmksa_candidate_notify(struct cfg80211_registered_device *rdev,
15479 struct net_device *netdev, int index,
15480 const u8 *bssid, bool preauth, gfp_t gfp)
15482 struct sk_buff *msg;
15483 struct nlattr *attr;
15486 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
15490 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_PMKSA_CANDIDATE);
15496 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
15497 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex))
15498 goto nla_put_failure;
15500 attr = nla_nest_start(msg, NL80211_ATTR_PMKSA_CANDIDATE);
15502 goto nla_put_failure;
15504 if (nla_put_u32(msg, NL80211_PMKSA_CANDIDATE_INDEX, index) ||
15505 nla_put(msg, NL80211_PMKSA_CANDIDATE_BSSID, ETH_ALEN, bssid) ||
15507 nla_put_flag(msg, NL80211_PMKSA_CANDIDATE_PREAUTH)))
15508 goto nla_put_failure;
15510 nla_nest_end(msg, attr);
15512 genlmsg_end(msg, hdr);
15514 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
15515 NL80211_MCGRP_MLME, gfp);
15522 void cfg80211_pmksa_candidate_notify(struct net_device *dev, int index,
15523 const u8 *bssid, bool preauth, gfp_t gfp)
15525 struct wireless_dev *wdev = dev->ieee80211_ptr;
15526 struct wiphy *wiphy = wdev->wiphy;
15527 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
15529 trace_cfg80211_pmksa_candidate_notify(dev, index, bssid, preauth);
15530 nl80211_pmksa_candidate_notify(rdev, dev, index, bssid, preauth, gfp);
15532 EXPORT_SYMBOL(cfg80211_pmksa_candidate_notify);
15534 static void nl80211_ch_switch_notify(struct cfg80211_registered_device *rdev,
15535 struct net_device *netdev,
15536 struct cfg80211_chan_def *chandef,
15538 enum nl80211_commands notif,
15541 struct sk_buff *msg;
15544 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
15548 hdr = nl80211hdr_put(msg, 0, 0, 0, notif);
15554 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex))
15555 goto nla_put_failure;
15557 if (nl80211_send_chandef(msg, chandef))
15558 goto nla_put_failure;
15560 if ((notif == NL80211_CMD_CH_SWITCH_STARTED_NOTIFY) &&
15561 (nla_put_u32(msg, NL80211_ATTR_CH_SWITCH_COUNT, count)))
15562 goto nla_put_failure;
15564 genlmsg_end(msg, hdr);
15566 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
15567 NL80211_MCGRP_MLME, gfp);
15574 void cfg80211_ch_switch_notify(struct net_device *dev,
15575 struct cfg80211_chan_def *chandef)
15577 struct wireless_dev *wdev = dev->ieee80211_ptr;
15578 struct wiphy *wiphy = wdev->wiphy;
15579 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
15581 ASSERT_WDEV_LOCK(wdev);
15583 trace_cfg80211_ch_switch_notify(dev, chandef);
15585 wdev->chandef = *chandef;
15586 wdev->preset_chandef = *chandef;
15587 nl80211_ch_switch_notify(rdev, dev, chandef, GFP_KERNEL,
15588 NL80211_CMD_CH_SWITCH_NOTIFY, 0);
15590 EXPORT_SYMBOL(cfg80211_ch_switch_notify);
15592 void cfg80211_ch_switch_started_notify(struct net_device *dev,
15593 struct cfg80211_chan_def *chandef,
15596 struct wireless_dev *wdev = dev->ieee80211_ptr;
15597 struct wiphy *wiphy = wdev->wiphy;
15598 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
15600 trace_cfg80211_ch_switch_started_notify(dev, chandef);
15602 nl80211_ch_switch_notify(rdev, dev, chandef, GFP_KERNEL,
15603 NL80211_CMD_CH_SWITCH_STARTED_NOTIFY, count);
15605 EXPORT_SYMBOL(cfg80211_ch_switch_started_notify);
15608 nl80211_radar_notify(struct cfg80211_registered_device *rdev,
15609 const struct cfg80211_chan_def *chandef,
15610 enum nl80211_radar_event event,
15611 struct net_device *netdev, gfp_t gfp)
15613 struct sk_buff *msg;
15616 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
15620 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_RADAR_DETECT);
15626 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx))
15627 goto nla_put_failure;
15629 /* NOP and radar events don't need a netdev parameter */
15631 struct wireless_dev *wdev = netdev->ieee80211_ptr;
15633 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
15634 nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
15636 goto nla_put_failure;
15639 if (nla_put_u32(msg, NL80211_ATTR_RADAR_EVENT, event))
15640 goto nla_put_failure;
15642 if (nl80211_send_chandef(msg, chandef))
15643 goto nla_put_failure;
15645 genlmsg_end(msg, hdr);
15647 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
15648 NL80211_MCGRP_MLME, gfp);
15655 void cfg80211_sta_opmode_change_notify(struct net_device *dev, const u8 *mac,
15656 struct sta_opmode_info *sta_opmode,
15659 struct sk_buff *msg;
15660 struct wireless_dev *wdev = dev->ieee80211_ptr;
15661 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
15667 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
15671 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_STA_OPMODE_CHANGED);
15677 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx))
15678 goto nla_put_failure;
15680 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex))
15681 goto nla_put_failure;
15683 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac))
15684 goto nla_put_failure;
15686 if ((sta_opmode->changed & STA_OPMODE_SMPS_MODE_CHANGED) &&
15687 nla_put_u8(msg, NL80211_ATTR_SMPS_MODE, sta_opmode->smps_mode))
15688 goto nla_put_failure;
15690 if ((sta_opmode->changed & STA_OPMODE_MAX_BW_CHANGED) &&
15691 nla_put_u8(msg, NL80211_ATTR_CHANNEL_WIDTH, sta_opmode->bw))
15692 goto nla_put_failure;
15694 if ((sta_opmode->changed & STA_OPMODE_N_SS_CHANGED) &&
15695 nla_put_u8(msg, NL80211_ATTR_NSS, sta_opmode->rx_nss))
15696 goto nla_put_failure;
15698 genlmsg_end(msg, hdr);
15700 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
15701 NL80211_MCGRP_MLME, gfp);
15708 EXPORT_SYMBOL(cfg80211_sta_opmode_change_notify);
15710 void cfg80211_probe_status(struct net_device *dev, const u8 *addr,
15711 u64 cookie, bool acked, s32 ack_signal,
15712 bool is_valid_ack_signal, gfp_t gfp)
15714 struct wireless_dev *wdev = dev->ieee80211_ptr;
15715 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
15716 struct sk_buff *msg;
15719 trace_cfg80211_probe_status(dev, addr, cookie, acked);
15721 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
15726 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_PROBE_CLIENT);
15732 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
15733 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
15734 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
15735 nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, cookie,
15736 NL80211_ATTR_PAD) ||
15737 (acked && nla_put_flag(msg, NL80211_ATTR_ACK)) ||
15738 (is_valid_ack_signal && nla_put_s32(msg, NL80211_ATTR_ACK_SIGNAL,
15740 goto nla_put_failure;
15742 genlmsg_end(msg, hdr);
15744 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
15745 NL80211_MCGRP_MLME, gfp);
15751 EXPORT_SYMBOL(cfg80211_probe_status);
15753 void cfg80211_report_obss_beacon(struct wiphy *wiphy,
15754 const u8 *frame, size_t len,
15755 int freq, int sig_dbm)
15757 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
15758 struct sk_buff *msg;
15760 struct cfg80211_beacon_registration *reg;
15762 trace_cfg80211_report_obss_beacon(wiphy, frame, len, freq, sig_dbm);
15764 spin_lock_bh(&rdev->beacon_registrations_lock);
15765 list_for_each_entry(reg, &rdev->beacon_registrations, list) {
15766 msg = nlmsg_new(len + 100, GFP_ATOMIC);
15768 spin_unlock_bh(&rdev->beacon_registrations_lock);
15772 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME);
15774 goto nla_put_failure;
15776 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
15778 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, freq)) ||
15780 nla_put_u32(msg, NL80211_ATTR_RX_SIGNAL_DBM, sig_dbm)) ||
15781 nla_put(msg, NL80211_ATTR_FRAME, len, frame))
15782 goto nla_put_failure;
15784 genlmsg_end(msg, hdr);
15786 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, reg->nlportid);
15788 spin_unlock_bh(&rdev->beacon_registrations_lock);
15792 spin_unlock_bh(&rdev->beacon_registrations_lock);
15795 EXPORT_SYMBOL(cfg80211_report_obss_beacon);
15798 static int cfg80211_net_detect_results(struct sk_buff *msg,
15799 struct cfg80211_wowlan_wakeup *wakeup)
15801 struct cfg80211_wowlan_nd_info *nd = wakeup->net_detect;
15802 struct nlattr *nl_results, *nl_match, *nl_freqs;
15805 nl_results = nla_nest_start(
15806 msg, NL80211_WOWLAN_TRIG_NET_DETECT_RESULTS);
15810 for (i = 0; i < nd->n_matches; i++) {
15811 struct cfg80211_wowlan_nd_match *match = nd->matches[i];
15813 nl_match = nla_nest_start(msg, i);
15817 /* The SSID attribute is optional in nl80211, but for
15818 * simplicity reasons it's always present in the
15819 * cfg80211 structure. If a driver can't pass the
15820 * SSID, that needs to be changed. A zero length SSID
15821 * is still a valid SSID (wildcard), so it cannot be
15822 * used for this purpose.
15824 if (nla_put(msg, NL80211_ATTR_SSID, match->ssid.ssid_len,
15825 match->ssid.ssid)) {
15826 nla_nest_cancel(msg, nl_match);
15830 if (match->n_channels) {
15831 nl_freqs = nla_nest_start(
15832 msg, NL80211_ATTR_SCAN_FREQUENCIES);
15834 nla_nest_cancel(msg, nl_match);
15838 for (j = 0; j < match->n_channels; j++) {
15839 if (nla_put_u32(msg, j, match->channels[j])) {
15840 nla_nest_cancel(msg, nl_freqs);
15841 nla_nest_cancel(msg, nl_match);
15846 nla_nest_end(msg, nl_freqs);
15849 nla_nest_end(msg, nl_match);
15853 nla_nest_end(msg, nl_results);
15857 void cfg80211_report_wowlan_wakeup(struct wireless_dev *wdev,
15858 struct cfg80211_wowlan_wakeup *wakeup,
15861 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
15862 struct sk_buff *msg;
15866 trace_cfg80211_report_wowlan_wakeup(wdev->wiphy, wdev, wakeup);
15869 size += wakeup->packet_present_len;
15871 msg = nlmsg_new(size, gfp);
15875 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_SET_WOWLAN);
15879 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
15880 nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
15884 if (wdev->netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
15885 wdev->netdev->ifindex))
15889 struct nlattr *reasons;
15891 reasons = nla_nest_start(msg, NL80211_ATTR_WOWLAN_TRIGGERS);
15895 if (wakeup->disconnect &&
15896 nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT))
15898 if (wakeup->magic_pkt &&
15899 nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT))
15901 if (wakeup->gtk_rekey_failure &&
15902 nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE))
15904 if (wakeup->eap_identity_req &&
15905 nla_put_flag(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST))
15907 if (wakeup->four_way_handshake &&
15908 nla_put_flag(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE))
15910 if (wakeup->rfkill_release &&
15911 nla_put_flag(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE))
15914 if (wakeup->pattern_idx >= 0 &&
15915 nla_put_u32(msg, NL80211_WOWLAN_TRIG_PKT_PATTERN,
15916 wakeup->pattern_idx))
15919 if (wakeup->tcp_match &&
15920 nla_put_flag(msg, NL80211_WOWLAN_TRIG_WAKEUP_TCP_MATCH))
15923 if (wakeup->tcp_connlost &&
15924 nla_put_flag(msg, NL80211_WOWLAN_TRIG_WAKEUP_TCP_CONNLOST))
15927 if (wakeup->tcp_nomoretokens &&
15929 NL80211_WOWLAN_TRIG_WAKEUP_TCP_NOMORETOKENS))
15932 if (wakeup->packet) {
15933 u32 pkt_attr = NL80211_WOWLAN_TRIG_WAKEUP_PKT_80211;
15934 u32 len_attr = NL80211_WOWLAN_TRIG_WAKEUP_PKT_80211_LEN;
15936 if (!wakeup->packet_80211) {
15938 NL80211_WOWLAN_TRIG_WAKEUP_PKT_8023;
15940 NL80211_WOWLAN_TRIG_WAKEUP_PKT_8023_LEN;
15943 if (wakeup->packet_len &&
15944 nla_put_u32(msg, len_attr, wakeup->packet_len))
15947 if (nla_put(msg, pkt_attr, wakeup->packet_present_len,
15952 if (wakeup->net_detect &&
15953 cfg80211_net_detect_results(msg, wakeup))
15956 nla_nest_end(msg, reasons);
15959 genlmsg_end(msg, hdr);
15961 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
15962 NL80211_MCGRP_MLME, gfp);
15968 EXPORT_SYMBOL(cfg80211_report_wowlan_wakeup);
15971 void cfg80211_tdls_oper_request(struct net_device *dev, const u8 *peer,
15972 enum nl80211_tdls_operation oper,
15973 u16 reason_code, gfp_t gfp)
15975 struct wireless_dev *wdev = dev->ieee80211_ptr;
15976 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
15977 struct sk_buff *msg;
15980 trace_cfg80211_tdls_oper_request(wdev->wiphy, dev, peer, oper,
15983 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
15987 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_TDLS_OPER);
15993 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
15994 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
15995 nla_put_u8(msg, NL80211_ATTR_TDLS_OPERATION, oper) ||
15996 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, peer) ||
15997 (reason_code > 0 &&
15998 nla_put_u16(msg, NL80211_ATTR_REASON_CODE, reason_code)))
15999 goto nla_put_failure;
16001 genlmsg_end(msg, hdr);
16003 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
16004 NL80211_MCGRP_MLME, gfp);
16010 EXPORT_SYMBOL(cfg80211_tdls_oper_request);
16012 static int nl80211_netlink_notify(struct notifier_block * nb,
16013 unsigned long state,
16016 struct netlink_notify *notify = _notify;
16017 struct cfg80211_registered_device *rdev;
16018 struct wireless_dev *wdev;
16019 struct cfg80211_beacon_registration *reg, *tmp;
16021 if (state != NETLINK_URELEASE || notify->protocol != NETLINK_GENERIC)
16022 return NOTIFY_DONE;
16026 list_for_each_entry_rcu(rdev, &cfg80211_rdev_list, list) {
16027 struct cfg80211_sched_scan_request *sched_scan_req;
16029 list_for_each_entry_rcu(sched_scan_req,
16030 &rdev->sched_scan_req_list,
16032 if (sched_scan_req->owner_nlportid == notify->portid) {
16033 sched_scan_req->nl_owner_dead = true;
16034 schedule_work(&rdev->sched_scan_stop_wk);
16038 list_for_each_entry_rcu(wdev, &rdev->wiphy.wdev_list, list) {
16039 cfg80211_mlme_unregister_socket(wdev, notify->portid);
16041 if (wdev->owner_nlportid == notify->portid) {
16042 wdev->nl_owner_dead = true;
16043 schedule_work(&rdev->destroy_work);
16044 } else if (wdev->conn_owner_nlportid == notify->portid) {
16045 schedule_work(&wdev->disconnect_wk);
16048 cfg80211_release_pmsr(wdev, notify->portid);
16051 spin_lock_bh(&rdev->beacon_registrations_lock);
16052 list_for_each_entry_safe(reg, tmp, &rdev->beacon_registrations,
16054 if (reg->nlportid == notify->portid) {
16055 list_del(®->list);
16060 spin_unlock_bh(&rdev->beacon_registrations_lock);
16066 * It is possible that the user space process that is controlling the
16067 * indoor setting disappeared, so notify the regulatory core.
16069 regulatory_netlink_notify(notify->portid);
16073 static struct notifier_block nl80211_netlink_notifier = {
16074 .notifier_call = nl80211_netlink_notify,
16077 void cfg80211_ft_event(struct net_device *netdev,
16078 struct cfg80211_ft_event_params *ft_event)
16080 struct wiphy *wiphy = netdev->ieee80211_ptr->wiphy;
16081 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
16082 struct sk_buff *msg;
16085 trace_cfg80211_ft_event(wiphy, netdev, ft_event);
16087 if (!ft_event->target_ap)
16090 msg = nlmsg_new(100 + ft_event->ies_len + ft_event->ric_ies_len,
16095 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FT_EVENT);
16099 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
16100 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
16101 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, ft_event->target_ap))
16104 if (ft_event->ies &&
16105 nla_put(msg, NL80211_ATTR_IE, ft_event->ies_len, ft_event->ies))
16107 if (ft_event->ric_ies &&
16108 nla_put(msg, NL80211_ATTR_IE_RIC, ft_event->ric_ies_len,
16109 ft_event->ric_ies))
16112 genlmsg_end(msg, hdr);
16114 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
16115 NL80211_MCGRP_MLME, GFP_KERNEL);
16120 EXPORT_SYMBOL(cfg80211_ft_event);
16122 void cfg80211_crit_proto_stopped(struct wireless_dev *wdev, gfp_t gfp)
16124 struct cfg80211_registered_device *rdev;
16125 struct sk_buff *msg;
16129 rdev = wiphy_to_rdev(wdev->wiphy);
16130 if (!rdev->crit_proto_nlportid)
16133 nlportid = rdev->crit_proto_nlportid;
16134 rdev->crit_proto_nlportid = 0;
16136 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
16140 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CRIT_PROTOCOL_STOP);
16142 goto nla_put_failure;
16144 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
16145 nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
16147 goto nla_put_failure;
16149 genlmsg_end(msg, hdr);
16151 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlportid);
16157 EXPORT_SYMBOL(cfg80211_crit_proto_stopped);
16159 void nl80211_send_ap_stopped(struct wireless_dev *wdev)
16161 struct wiphy *wiphy = wdev->wiphy;
16162 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
16163 struct sk_buff *msg;
16166 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
16170 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_STOP_AP);
16174 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
16175 nla_put_u32(msg, NL80211_ATTR_IFINDEX, wdev->netdev->ifindex) ||
16176 nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
16180 genlmsg_end(msg, hdr);
16182 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(wiphy), msg, 0,
16183 NL80211_MCGRP_MLME, GFP_KERNEL);
16189 int cfg80211_external_auth_request(struct net_device *dev,
16190 struct cfg80211_external_auth_params *params,
16193 struct wireless_dev *wdev = dev->ieee80211_ptr;
16194 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
16195 struct sk_buff *msg;
16198 if (!wdev->conn_owner_nlportid)
16201 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
16205 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_EXTERNAL_AUTH);
16207 goto nla_put_failure;
16209 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
16210 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
16211 nla_put_u32(msg, NL80211_ATTR_AKM_SUITES, params->key_mgmt_suite) ||
16212 nla_put_u32(msg, NL80211_ATTR_EXTERNAL_AUTH_ACTION,
16214 nla_put(msg, NL80211_ATTR_BSSID, ETH_ALEN, params->bssid) ||
16215 nla_put(msg, NL80211_ATTR_SSID, params->ssid.ssid_len,
16216 params->ssid.ssid))
16217 goto nla_put_failure;
16219 genlmsg_end(msg, hdr);
16220 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg,
16221 wdev->conn_owner_nlportid);
16228 EXPORT_SYMBOL(cfg80211_external_auth_request);
16230 /* initialisation/exit functions */
16232 int __init nl80211_init(void)
16236 err = genl_register_family(&nl80211_fam);
16240 err = netlink_register_notifier(&nl80211_netlink_notifier);
16246 genl_unregister_family(&nl80211_fam);
16250 void nl80211_exit(void)
16252 netlink_unregister_notifier(&nl80211_netlink_notifier);
16253 genl_unregister_family(&nl80211_fam);
projects / linux-2.6-block.git / blob