nl80211.c 603 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205220622072208220922102211221222132214221522162217221822192220222122222223222422252226222722282229223022312232223322342235223622372238223922402241224222432244224522462247224822492250225122522253225422552256225722582259226022612262226322642265226622672268226922702271227222732274227522762277227822792280228122822283228422852286228722882289229022912292229322942295229622972298229923002301230223032304230523062307230823092310231123122313231423152316231723182319232023212322232323242325232623272328232923302331233223332334233523362337233823392340234123422343234423452346234723482349235023512352235323542355235623572358235923602361236223632364236523662367236823692370237123722373237423752376237723782379238023812382238323842385238623872388238923902391239223932394239523962397239823992400240124022403240424052406240724082409241024112412241324142415241624172418241924202421242224232424242524262427242824292430243124322433243424352436243724382439244024412442244324442445244624472448244924502451245224532454245524562457245824592460246124622463246424652466246724682469247024712472247324742475247624772478247924802481248224832484248524862487248824892490249124922493249424952496249724982499250025012502250325042505250625072508250925102511251225132514251525162517251825192520252125222523252425252526252725282529253025312532253325342535253625372538253925402541254225432544254525462547254825492550255125522553255425552556255725582559256025612562256325642565256625672568256925702571257225732574257525762577257825792580258125822583258425852586258725882589259025912592259325942595259625972598259926002601260226032604260526062607260826092610261126122613261426152616261726182619262026212622262326242625262626272628262926302631263226332634263526362637263826392640264126422643264426452646264726482649265026512652265326542655265626572658265926602661266226632664266526662667266826692670267126722673267426752676267726782679268026812682268326842685268626872688268926902691269226932694269526962697269826992700270127022703270427052706270727082709271027112712271327142715271627172718271927202721272227232724272527262727272827292730273127322733273427352736273727382739274027412742274327442745274627472748274927502751275227532754275527562757275827592760276127622763276427652766276727682769277027712772277327742775277627772778277927802781278227832784278527862787278827892790279127922793279427952796279727982799280028012802280328042805280628072808280928102811281228132814281528162817281828192820282128222823282428252826282728282829283028312832283328342835283628372838283928402841284228432844284528462847284828492850285128522853285428552856285728582859286028612862286328642865286628672868286928702871287228732874287528762877287828792880288128822883288428852886288728882889289028912892289328942895289628972898289929002901290229032904290529062907290829092910291129122913291429152916291729182919292029212922292329242925292629272928292929302931293229332934293529362937293829392940294129422943294429452946294729482949295029512952295329542955295629572958295929602961296229632964296529662967296829692970297129722973297429752976297729782979298029812982298329842985298629872988298929902991299229932994299529962997299829993000300130023003300430053006300730083009301030113012301330143015301630173018301930203021302230233024302530263027302830293030303130323033303430353036303730383039304030413042304330443045304630473048304930503051305230533054305530563057305830593060306130623063306430653066306730683069307030713072307330743075307630773078307930803081308230833084308530863087308830893090309130923093309430953096309730983099310031013102310331043105310631073108310931103111311231133114311531163117311831193120312131223123312431253126312731283129313031313132313331343135313631373138313931403141314231433144314531463147314831493150315131523153315431553156315731583159316031613162316331643165316631673168316931703171317231733174317531763177317831793180318131823183318431853186318731883189319031913192319331943195319631973198319932003201320232033204320532063207320832093210321132123213321432153216321732183219322032213222322332243225322632273228322932303231323232333234323532363237323832393240324132423243324432453246324732483249325032513252325332543255325632573258325932603261326232633264326532663267326832693270327132723273327432753276327732783279328032813282328332843285328632873288328932903291329232933294329532963297329832993300330133023303330433053306330733083309331033113312331333143315331633173318331933203321332233233324332533263327332833293330333133323333333433353336333733383339334033413342334333443345334633473348334933503351335233533354335533563357335833593360336133623363336433653366336733683369337033713372337333743375337633773378337933803381338233833384338533863387338833893390339133923393339433953396339733983399340034013402340334043405340634073408340934103411341234133414341534163417341834193420342134223423342434253426342734283429343034313432343334343435343634373438343934403441344234433444344534463447344834493450345134523453345434553456345734583459346034613462346334643465346634673468346934703471347234733474347534763477347834793480348134823483348434853486348734883489349034913492349334943495349634973498349935003501350235033504350535063507350835093510351135123513351435153516351735183519352035213522352335243525352635273528352935303531353235333534353535363537353835393540354135423543354435453546354735483549355035513552355335543555355635573558355935603561356235633564356535663567356835693570357135723573357435753576357735783579358035813582358335843585358635873588358935903591359235933594359535963597359835993600360136023603360436053606360736083609361036113612361336143615361636173618361936203621362236233624362536263627362836293630363136323633363436353636363736383639364036413642364336443645364636473648364936503651365236533654365536563657365836593660366136623663366436653666366736683669367036713672367336743675367636773678367936803681368236833684368536863687368836893690369136923693369436953696369736983699370037013702370337043705370637073708370937103711371237133714371537163717371837193720372137223723372437253726372737283729373037313732373337343735373637373738373937403741374237433744374537463747374837493750375137523753375437553756375737583759376037613762376337643765376637673768376937703771377237733774377537763777377837793780378137823783378437853786378737883789379037913792379337943795379637973798379938003801380238033804380538063807380838093810381138123813381438153816381738183819382038213822382338243825382638273828382938303831383238333834383538363837383838393840384138423843384438453846384738483849385038513852385338543855385638573858385938603861386238633864386538663867386838693870387138723873387438753876387738783879388038813882388338843885388638873888388938903891389238933894389538963897389838993900390139023903390439053906390739083909391039113912391339143915391639173918391939203921392239233924392539263927392839293930393139323933393439353936393739383939394039413942394339443945394639473948394939503951395239533954395539563957395839593960396139623963396439653966396739683969397039713972397339743975397639773978397939803981398239833984398539863987398839893990399139923993399439953996399739983999400040014002400340044005400640074008400940104011401240134014401540164017401840194020402140224023402440254026402740284029403040314032403340344035403640374038403940404041404240434044404540464047404840494050405140524053405440554056405740584059406040614062406340644065406640674068406940704071407240734074407540764077407840794080408140824083408440854086408740884089409040914092409340944095409640974098409941004101410241034104410541064107410841094110411141124113411441154116411741184119412041214122412341244125412641274128412941304131413241334134413541364137413841394140414141424143414441454146414741484149415041514152415341544155415641574158415941604161416241634164416541664167416841694170417141724173417441754176417741784179418041814182418341844185418641874188418941904191419241934194419541964197419841994200420142024203420442054206420742084209421042114212421342144215421642174218421942204221422242234224422542264227422842294230423142324233423442354236423742384239424042414242424342444245424642474248424942504251425242534254425542564257425842594260426142624263426442654266426742684269427042714272427342744275427642774278427942804281428242834284428542864287428842894290429142924293429442954296429742984299430043014302430343044305430643074308430943104311431243134314431543164317431843194320432143224323432443254326432743284329433043314332433343344335433643374338433943404341434243434344434543464347434843494350435143524353435443554356435743584359436043614362436343644365436643674368436943704371437243734374437543764377437843794380438143824383438443854386438743884389439043914392439343944395439643974398439944004401440244034404440544064407440844094410441144124413441444154416441744184419442044214422442344244425442644274428442944304431443244334434443544364437443844394440444144424443444444454446444744484449445044514452445344544455445644574458445944604461446244634464446544664467446844694470447144724473447444754476447744784479448044814482448344844485448644874488448944904491449244934494449544964497449844994500450145024503450445054506450745084509451045114512451345144515451645174518451945204521452245234524452545264527452845294530453145324533453445354536453745384539454045414542454345444545454645474548454945504551455245534554455545564557455845594560456145624563456445654566456745684569457045714572457345744575457645774578457945804581458245834584458545864587458845894590459145924593459445954596459745984599460046014602460346044605460646074608460946104611461246134614461546164617461846194620462146224623462446254626462746284629463046314632463346344635463646374638463946404641464246434644464546464647464846494650465146524653465446554656465746584659466046614662466346644665466646674668466946704671467246734674467546764677467846794680468146824683468446854686468746884689469046914692469346944695469646974698469947004701470247034704470547064707470847094710471147124713471447154716471747184719472047214722472347244725472647274728472947304731473247334734473547364737473847394740474147424743474447454746474747484749475047514752475347544755475647574758475947604761476247634764476547664767476847694770477147724773477447754776477747784779478047814782478347844785478647874788478947904791479247934794479547964797479847994800480148024803480448054806480748084809481048114812481348144815481648174818481948204821482248234824482548264827482848294830483148324833483448354836483748384839484048414842484348444845484648474848484948504851485248534854485548564857485848594860486148624863486448654866486748684869487048714872487348744875487648774878487948804881488248834884488548864887488848894890489148924893489448954896489748984899490049014902490349044905490649074908490949104911491249134914491549164917491849194920492149224923492449254926492749284929493049314932493349344935493649374938493949404941494249434944494549464947494849494950495149524953495449554956495749584959496049614962496349644965496649674968496949704971497249734974497549764977497849794980498149824983498449854986498749884989499049914992499349944995499649974998499950005001500250035004500550065007500850095010501150125013501450155016501750185019502050215022502350245025502650275028502950305031503250335034503550365037503850395040504150425043504450455046504750485049505050515052505350545055505650575058505950605061506250635064506550665067506850695070507150725073507450755076507750785079508050815082508350845085508650875088508950905091509250935094509550965097509850995100510151025103510451055106510751085109511051115112511351145115511651175118511951205121512251235124512551265127512851295130513151325133513451355136513751385139514051415142514351445145514651475148514951505151515251535154515551565157515851595160516151625163516451655166516751685169517051715172517351745175517651775178517951805181518251835184518551865187518851895190519151925193519451955196519751985199520052015202520352045205520652075208520952105211521252135214521552165217521852195220522152225223522452255226522752285229523052315232523352345235523652375238523952405241524252435244524552465247524852495250525152525253525452555256525752585259526052615262526352645265526652675268526952705271527252735274527552765277527852795280528152825283528452855286528752885289529052915292529352945295529652975298529953005301530253035304530553065307530853095310531153125313531453155316531753185319532053215322532353245325532653275328532953305331533253335334533553365337533853395340534153425343534453455346534753485349535053515352535353545355535653575358535953605361536253635364536553665367536853695370537153725373537453755376537753785379538053815382538353845385538653875388538953905391539253935394539553965397539853995400540154025403540454055406540754085409541054115412541354145415541654175418541954205421542254235424542554265427542854295430543154325433543454355436543754385439544054415442544354445445544654475448544954505451545254535454545554565457545854595460546154625463546454655466546754685469547054715472547354745475547654775478547954805481548254835484548554865487548854895490549154925493549454955496549754985499550055015502550355045505550655075508550955105511551255135514551555165517551855195520552155225523552455255526552755285529553055315532553355345535553655375538553955405541554255435544554555465547554855495550555155525553555455555556555755585559556055615562556355645565556655675568556955705571557255735574557555765577557855795580558155825583558455855586558755885589559055915592559355945595559655975598559956005601560256035604560556065607560856095610561156125613561456155616561756185619562056215622562356245625562656275628562956305631563256335634563556365637563856395640564156425643564456455646564756485649565056515652565356545655565656575658565956605661566256635664566556665667566856695670567156725673567456755676567756785679568056815682568356845685568656875688568956905691569256935694569556965697569856995700570157025703570457055706570757085709571057115712571357145715571657175718571957205721572257235724572557265727572857295730573157325733573457355736573757385739574057415742574357445745574657475748574957505751575257535754575557565757575857595760576157625763576457655766576757685769577057715772577357745775577657775778577957805781578257835784578557865787578857895790579157925793579457955796579757985799580058015802580358045805580658075808580958105811581258135814581558165817581858195820582158225823582458255826582758285829583058315832583358345835583658375838583958405841584258435844584558465847584858495850585158525853585458555856585758585859586058615862586358645865586658675868586958705871587258735874587558765877587858795880588158825883588458855886588758885889589058915892589358945895589658975898589959005901590259035904590559065907590859095910591159125913591459155916591759185919592059215922592359245925592659275928592959305931593259335934593559365937593859395940594159425943594459455946594759485949595059515952595359545955595659575958595959605961596259635964596559665967596859695970597159725973597459755976597759785979598059815982598359845985598659875988598959905991599259935994599559965997599859996000600160026003600460056006600760086009601060116012601360146015601660176018601960206021602260236024602560266027602860296030603160326033603460356036603760386039604060416042604360446045604660476048604960506051605260536054605560566057605860596060606160626063606460656066606760686069607060716072607360746075607660776078607960806081608260836084608560866087608860896090609160926093609460956096609760986099610061016102610361046105610661076108610961106111611261136114611561166117611861196120612161226123612461256126612761286129613061316132613361346135613661376138613961406141614261436144614561466147614861496150615161526153615461556156615761586159616061616162616361646165616661676168616961706171617261736174617561766177617861796180618161826183618461856186618761886189619061916192619361946195619661976198619962006201620262036204620562066207620862096210621162126213621462156216621762186219622062216222622362246225622662276228622962306231623262336234623562366237623862396240624162426243624462456246624762486249625062516252625362546255625662576258625962606261626262636264626562666267626862696270627162726273627462756276627762786279628062816282628362846285628662876288628962906291629262936294629562966297629862996300630163026303630463056306630763086309631063116312631363146315631663176318631963206321632263236324632563266327632863296330633163326333633463356336633763386339634063416342634363446345634663476348634963506351635263536354635563566357635863596360636163626363636463656366636763686369637063716372637363746375637663776378637963806381638263836384638563866387638863896390639163926393639463956396639763986399640064016402640364046405640664076408640964106411641264136414641564166417641864196420642164226423642464256426642764286429643064316432643364346435643664376438643964406441644264436444644564466447644864496450645164526453645464556456645764586459646064616462646364646465646664676468646964706471647264736474647564766477647864796480648164826483648464856486648764886489649064916492649364946495649664976498649965006501650265036504650565066507650865096510651165126513651465156516651765186519652065216522652365246525652665276528652965306531653265336534653565366537653865396540654165426543654465456546654765486549655065516552655365546555655665576558655965606561656265636564656565666567656865696570657165726573657465756576657765786579658065816582658365846585658665876588658965906591659265936594659565966597659865996600660166026603660466056606660766086609661066116612661366146615661666176618661966206621662266236624662566266627662866296630663166326633663466356636663766386639664066416642664366446645664666476648664966506651665266536654665566566657665866596660666166626663666466656666666766686669667066716672667366746675667666776678667966806681668266836684668566866687668866896690669166926693669466956696669766986699670067016702670367046705670667076708670967106711671267136714671567166717671867196720672167226723672467256726672767286729673067316732673367346735673667376738673967406741674267436744674567466747674867496750675167526753675467556756675767586759676067616762676367646765676667676768676967706771677267736774677567766777677867796780678167826783678467856786678767886789679067916792679367946795679667976798679968006801680268036804680568066807680868096810681168126813681468156816681768186819682068216822682368246825682668276828682968306831683268336834683568366837683868396840684168426843684468456846684768486849685068516852685368546855685668576858685968606861686268636864686568666867686868696870687168726873687468756876687768786879688068816882688368846885688668876888688968906891689268936894689568966897689868996900690169026903690469056906690769086909691069116912691369146915691669176918691969206921692269236924692569266927692869296930693169326933693469356936693769386939694069416942694369446945694669476948694969506951695269536954695569566957695869596960696169626963696469656966696769686969697069716972697369746975697669776978697969806981698269836984698569866987698869896990699169926993699469956996699769986999700070017002700370047005700670077008700970107011701270137014701570167017701870197020702170227023702470257026702770287029703070317032703370347035703670377038703970407041704270437044704570467047704870497050705170527053705470557056705770587059706070617062706370647065706670677068706970707071707270737074707570767077707870797080708170827083708470857086708770887089709070917092709370947095709670977098709971007101710271037104710571067107710871097110711171127113711471157116711771187119712071217122712371247125712671277128712971307131713271337134713571367137713871397140714171427143714471457146714771487149715071517152715371547155715671577158715971607161716271637164716571667167716871697170717171727173717471757176717771787179718071817182718371847185718671877188718971907191719271937194719571967197719871997200720172027203720472057206720772087209721072117212721372147215721672177218721972207221722272237224722572267227722872297230723172327233723472357236723772387239724072417242724372447245724672477248724972507251725272537254725572567257725872597260726172627263726472657266726772687269727072717272727372747275727672777278727972807281728272837284728572867287728872897290729172927293729472957296729772987299730073017302730373047305730673077308730973107311731273137314731573167317731873197320732173227323732473257326732773287329733073317332733373347335733673377338733973407341734273437344734573467347734873497350735173527353735473557356735773587359736073617362736373647365736673677368736973707371737273737374737573767377737873797380738173827383738473857386738773887389739073917392739373947395739673977398739974007401740274037404740574067407740874097410741174127413741474157416741774187419742074217422742374247425742674277428742974307431743274337434743574367437743874397440744174427443744474457446744774487449745074517452745374547455745674577458745974607461746274637464746574667467746874697470747174727473747474757476747774787479748074817482748374847485748674877488748974907491749274937494749574967497749874997500750175027503750475057506750775087509751075117512751375147515751675177518751975207521752275237524752575267527752875297530753175327533753475357536753775387539754075417542754375447545754675477548754975507551755275537554755575567557755875597560756175627563756475657566756775687569757075717572757375747575757675777578757975807581758275837584758575867587758875897590759175927593759475957596759775987599760076017602760376047605760676077608760976107611761276137614761576167617761876197620762176227623762476257626762776287629763076317632763376347635763676377638763976407641764276437644764576467647764876497650765176527653765476557656765776587659766076617662766376647665766676677668766976707671767276737674767576767677767876797680768176827683768476857686768776887689769076917692769376947695769676977698769977007701770277037704770577067707770877097710771177127713771477157716771777187719772077217722772377247725772677277728772977307731773277337734773577367737773877397740774177427743774477457746774777487749775077517752775377547755775677577758775977607761776277637764776577667767776877697770777177727773777477757776777777787779778077817782778377847785778677877788778977907791779277937794779577967797779877997800780178027803780478057806780778087809781078117812781378147815781678177818781978207821782278237824782578267827782878297830783178327833783478357836783778387839784078417842784378447845784678477848784978507851785278537854785578567857785878597860786178627863786478657866786778687869787078717872787378747875787678777878787978807881788278837884788578867887788878897890789178927893789478957896789778987899790079017902790379047905790679077908790979107911791279137914791579167917791879197920792179227923792479257926792779287929793079317932793379347935793679377938793979407941794279437944794579467947794879497950795179527953795479557956795779587959796079617962796379647965796679677968796979707971797279737974797579767977797879797980798179827983798479857986798779887989799079917992799379947995799679977998799980008001800280038004800580068007800880098010801180128013801480158016801780188019802080218022802380248025802680278028802980308031803280338034803580368037803880398040804180428043804480458046804780488049805080518052805380548055805680578058805980608061806280638064806580668067806880698070807180728073807480758076807780788079808080818082808380848085808680878088808980908091809280938094809580968097809880998100810181028103810481058106810781088109811081118112811381148115811681178118811981208121812281238124812581268127812881298130813181328133813481358136813781388139814081418142814381448145814681478148814981508151815281538154815581568157815881598160816181628163816481658166816781688169817081718172817381748175817681778178817981808181818281838184818581868187818881898190819181928193819481958196819781988199820082018202820382048205820682078208820982108211821282138214821582168217821882198220822182228223822482258226822782288229823082318232823382348235823682378238823982408241824282438244824582468247824882498250825182528253825482558256825782588259826082618262826382648265826682678268826982708271827282738274827582768277827882798280828182828283828482858286828782888289829082918292829382948295829682978298829983008301830283038304830583068307830883098310831183128313831483158316831783188319832083218322832383248325832683278328832983308331833283338334833583368337833883398340834183428343834483458346834783488349835083518352835383548355835683578358835983608361836283638364836583668367836883698370837183728373837483758376837783788379838083818382838383848385838683878388838983908391839283938394839583968397839883998400840184028403840484058406840784088409841084118412841384148415841684178418841984208421842284238424842584268427842884298430843184328433843484358436843784388439844084418442844384448445844684478448844984508451845284538454845584568457845884598460846184628463846484658466846784688469847084718472847384748475847684778478847984808481848284838484848584868487848884898490849184928493849484958496849784988499850085018502850385048505850685078508850985108511851285138514851585168517851885198520852185228523852485258526852785288529853085318532853385348535853685378538853985408541854285438544854585468547854885498550855185528553855485558556855785588559856085618562856385648565856685678568856985708571857285738574857585768577857885798580858185828583858485858586858785888589859085918592859385948595859685978598859986008601860286038604860586068607860886098610861186128613861486158616861786188619862086218622862386248625862686278628862986308631863286338634863586368637863886398640864186428643864486458646864786488649865086518652865386548655865686578658865986608661866286638664866586668667866886698670867186728673867486758676867786788679868086818682868386848685868686878688868986908691869286938694869586968697869886998700870187028703870487058706870787088709871087118712871387148715871687178718871987208721872287238724872587268727872887298730873187328733873487358736873787388739874087418742874387448745874687478748874987508751875287538754875587568757875887598760876187628763876487658766876787688769877087718772877387748775877687778778877987808781878287838784878587868787878887898790879187928793879487958796879787988799880088018802880388048805880688078808880988108811881288138814881588168817881888198820882188228823882488258826882788288829883088318832883388348835883688378838883988408841884288438844884588468847884888498850885188528853885488558856885788588859886088618862886388648865886688678868886988708871887288738874887588768877887888798880888188828883888488858886888788888889889088918892889388948895889688978898889989008901890289038904890589068907890889098910891189128913891489158916891789188919892089218922892389248925892689278928892989308931893289338934893589368937893889398940894189428943894489458946894789488949895089518952895389548955895689578958895989608961896289638964896589668967896889698970897189728973897489758976897789788979898089818982898389848985898689878988898989908991899289938994899589968997899889999000900190029003900490059006900790089009901090119012901390149015901690179018901990209021902290239024902590269027902890299030903190329033903490359036903790389039904090419042904390449045904690479048904990509051905290539054905590569057905890599060906190629063906490659066906790689069907090719072907390749075907690779078907990809081908290839084908590869087908890899090909190929093909490959096909790989099910091019102910391049105910691079108910991109111911291139114911591169117911891199120912191229123912491259126912791289129913091319132913391349135913691379138913991409141914291439144914591469147914891499150915191529153915491559156915791589159916091619162916391649165916691679168916991709171917291739174917591769177917891799180918191829183918491859186918791889189919091919192919391949195919691979198919992009201920292039204920592069207920892099210921192129213921492159216921792189219922092219222922392249225922692279228922992309231923292339234923592369237923892399240924192429243924492459246924792489249925092519252925392549255925692579258925992609261926292639264926592669267926892699270927192729273927492759276927792789279928092819282928392849285928692879288928992909291929292939294929592969297929892999300930193029303930493059306930793089309931093119312931393149315931693179318931993209321932293239324932593269327932893299330933193329333933493359336933793389339934093419342934393449345934693479348934993509351935293539354935593569357935893599360936193629363936493659366936793689369937093719372937393749375937693779378937993809381938293839384938593869387938893899390939193929393939493959396939793989399940094019402940394049405940694079408940994109411941294139414941594169417941894199420942194229423942494259426942794289429943094319432943394349435943694379438943994409441944294439444944594469447944894499450945194529453945494559456945794589459946094619462946394649465946694679468946994709471947294739474947594769477947894799480948194829483948494859486948794889489949094919492949394949495949694979498949995009501950295039504950595069507950895099510951195129513951495159516951795189519952095219522952395249525952695279528952995309531953295339534953595369537953895399540954195429543954495459546954795489549955095519552955395549555955695579558955995609561956295639564956595669567956895699570957195729573957495759576957795789579958095819582958395849585958695879588958995909591959295939594959595969597959895999600960196029603960496059606960796089609961096119612961396149615961696179618961996209621962296239624962596269627962896299630963196329633963496359636963796389639964096419642964396449645964696479648964996509651965296539654965596569657965896599660966196629663966496659666966796689669967096719672967396749675967696779678967996809681968296839684968596869687968896899690969196929693969496959696969796989699970097019702970397049705970697079708970997109711971297139714971597169717971897199720972197229723972497259726972797289729973097319732973397349735973697379738973997409741974297439744974597469747974897499750975197529753975497559756975797589759976097619762976397649765976697679768976997709771977297739774977597769777977897799780978197829783978497859786978797889789979097919792979397949795979697979798979998009801980298039804980598069807980898099810981198129813981498159816981798189819982098219822982398249825982698279828982998309831983298339834983598369837983898399840984198429843984498459846984798489849985098519852985398549855985698579858985998609861986298639864986598669867986898699870987198729873987498759876987798789879988098819882988398849885988698879888988998909891989298939894989598969897989898999900990199029903990499059906990799089909991099119912991399149915991699179918991999209921992299239924992599269927992899299930993199329933993499359936993799389939994099419942994399449945994699479948994999509951995299539954995599569957995899599960996199629963996499659966996799689969997099719972997399749975997699779978997999809981998299839984998599869987998899899990999199929993999499959996999799989999100001000110002100031000410005100061000710008100091001010011100121001310014100151001610017100181001910020100211002210023100241002510026100271002810029100301003110032100331003410035100361003710038100391004010041100421004310044100451004610047100481004910050100511005210053100541005510056100571005810059100601006110062100631006410065100661006710068100691007010071100721007310074100751007610077100781007910080100811008210083100841008510086100871008810089100901009110092100931009410095100961009710098100991010010101101021010310104101051010610107101081010910110101111011210113101141011510116101171011810119101201012110122101231012410125101261012710128101291013010131101321013310134101351013610137101381013910140101411014210143101441014510146101471014810149101501015110152101531015410155101561015710158101591016010161101621016310164101651016610167101681016910170101711017210173101741017510176101771017810179101801018110182101831018410185101861018710188101891019010191101921019310194101951019610197101981019910200102011020210203102041020510206102071020810209102101021110212102131021410215102161021710218102191022010221102221022310224102251022610227102281022910230102311023210233102341023510236102371023810239102401024110242102431024410245102461024710248102491025010251102521025310254102551025610257102581025910260102611026210263102641026510266102671026810269102701027110272102731027410275102761027710278102791028010281102821028310284102851028610287102881028910290102911029210293102941029510296102971029810299103001030110302103031030410305103061030710308103091031010311103121031310314103151031610317103181031910320103211032210323103241032510326103271032810329103301033110332103331033410335103361033710338103391034010341103421034310344103451034610347103481034910350103511035210353103541035510356103571035810359103601036110362103631036410365103661036710368103691037010371103721037310374103751037610377103781037910380103811038210383103841038510386103871038810389103901039110392103931039410395103961039710398103991040010401104021040310404104051040610407104081040910410104111041210413104141041510416104171041810419104201042110422104231042410425104261042710428104291043010431104321043310434104351043610437104381043910440104411044210443104441044510446104471044810449104501045110452104531045410455104561045710458104591046010461104621046310464104651046610467104681046910470104711047210473104741047510476104771047810479104801048110482104831048410485104861048710488104891049010491104921049310494104951049610497104981049910500105011050210503105041050510506105071050810509105101051110512105131051410515105161051710518105191052010521105221052310524105251052610527105281052910530105311053210533105341053510536105371053810539105401054110542105431054410545105461054710548105491055010551105521055310554105551055610557105581055910560105611056210563105641056510566105671056810569105701057110572105731057410575105761057710578105791058010581105821058310584105851058610587105881058910590105911059210593105941059510596105971059810599106001060110602106031060410605106061060710608106091061010611106121061310614106151061610617106181061910620106211062210623106241062510626106271062810629106301063110632106331063410635106361063710638106391064010641106421064310644106451064610647106481064910650106511065210653106541065510656106571065810659106601066110662106631066410665106661066710668106691067010671106721067310674106751067610677106781067910680106811068210683106841068510686106871068810689106901069110692106931069410695106961069710698106991070010701107021070310704107051070610707107081070910710107111071210713107141071510716107171071810719107201072110722107231072410725107261072710728107291073010731107321073310734107351073610737107381073910740107411074210743107441074510746107471074810749107501075110752107531075410755107561075710758107591076010761107621076310764107651076610767107681076910770107711077210773107741077510776107771077810779107801078110782107831078410785107861078710788107891079010791107921079310794107951079610797107981079910800108011080210803108041080510806108071080810809108101081110812108131081410815108161081710818108191082010821108221082310824108251082610827108281082910830108311083210833108341083510836108371083810839108401084110842108431084410845108461084710848108491085010851108521085310854108551085610857108581085910860108611086210863108641086510866108671086810869108701087110872108731087410875108761087710878108791088010881108821088310884108851088610887108881088910890108911089210893108941089510896108971089810899109001090110902109031090410905109061090710908109091091010911109121091310914109151091610917109181091910920109211092210923109241092510926109271092810929109301093110932109331093410935109361093710938109391094010941109421094310944109451094610947109481094910950109511095210953109541095510956109571095810959109601096110962109631096410965109661096710968109691097010971109721097310974109751097610977109781097910980109811098210983109841098510986109871098810989109901099110992109931099410995109961099710998109991100011001110021100311004110051100611007110081100911010110111101211013110141101511016110171101811019110201102111022110231102411025110261102711028110291103011031110321103311034110351103611037110381103911040110411104211043110441104511046110471104811049110501105111052110531105411055110561105711058110591106011061110621106311064110651106611067110681106911070110711107211073110741107511076110771107811079110801108111082110831108411085110861108711088110891109011091110921109311094110951109611097110981109911100111011110211103111041110511106111071110811109111101111111112111131111411115111161111711118111191112011121111221112311124111251112611127111281112911130111311113211133111341113511136111371113811139111401114111142111431114411145111461114711148111491115011151111521115311154111551115611157111581115911160111611116211163111641116511166111671116811169111701117111172111731117411175111761117711178111791118011181111821118311184111851118611187111881118911190111911119211193111941119511196111971119811199112001120111202112031120411205112061120711208112091121011211112121121311214112151121611217112181121911220112211122211223112241122511226112271122811229112301123111232112331123411235112361123711238112391124011241112421124311244112451124611247112481124911250112511125211253112541125511256112571125811259112601126111262112631126411265112661126711268112691127011271112721127311274112751127611277112781127911280112811128211283112841128511286112871128811289112901129111292112931129411295112961129711298112991130011301113021130311304113051130611307113081130911310113111131211313113141131511316113171131811319113201132111322113231132411325113261132711328113291133011331113321133311334113351133611337113381133911340113411134211343113441134511346113471134811349113501135111352113531135411355113561135711358113591136011361113621136311364113651136611367113681136911370113711137211373113741137511376113771137811379113801138111382113831138411385113861138711388113891139011391113921139311394113951139611397113981139911400114011140211403114041140511406114071140811409114101141111412114131141411415114161141711418114191142011421114221142311424114251142611427114281142911430114311143211433114341143511436114371143811439114401144111442114431144411445114461144711448114491145011451114521145311454114551145611457114581145911460114611146211463114641146511466114671146811469114701147111472114731147411475114761147711478114791148011481114821148311484114851148611487114881148911490114911149211493114941149511496114971149811499115001150111502115031150411505115061150711508115091151011511115121151311514115151151611517115181151911520115211152211523115241152511526115271152811529115301153111532115331153411535115361153711538115391154011541115421154311544115451154611547115481154911550115511155211553115541155511556115571155811559115601156111562115631156411565115661156711568115691157011571115721157311574115751157611577115781157911580115811158211583115841158511586115871158811589115901159111592115931159411595115961159711598115991160011601116021160311604116051160611607116081160911610116111161211613116141161511616116171161811619116201162111622116231162411625116261162711628116291163011631116321163311634116351163611637116381163911640116411164211643116441164511646116471164811649116501165111652116531165411655116561165711658116591166011661116621166311664116651166611667116681166911670116711167211673116741167511676116771167811679116801168111682116831168411685116861168711688116891169011691116921169311694116951169611697116981169911700117011170211703117041170511706117071170811709117101171111712117131171411715117161171711718117191172011721117221172311724117251172611727117281172911730117311173211733117341173511736117371173811739117401174111742117431174411745117461174711748117491175011751117521175311754117551175611757117581175911760117611176211763117641176511766117671176811769117701177111772117731177411775117761177711778117791178011781117821178311784117851178611787117881178911790117911179211793117941179511796117971179811799118001180111802118031180411805118061180711808118091181011811118121181311814118151181611817118181181911820118211182211823118241182511826118271182811829118301183111832118331183411835118361183711838118391184011841118421184311844118451184611847118481184911850118511185211853118541185511856118571185811859118601186111862118631186411865118661186711868118691187011871118721187311874118751187611877118781187911880118811188211883118841188511886118871188811889118901189111892118931189411895118961189711898118991190011901119021190311904119051190611907119081190911910119111191211913119141191511916119171191811919119201192111922119231192411925119261192711928119291193011931119321193311934119351193611937119381193911940119411194211943119441194511946119471194811949119501195111952119531195411955119561195711958119591196011961119621196311964119651196611967119681196911970119711197211973119741197511976119771197811979119801198111982119831198411985119861198711988119891199011991119921199311994119951199611997119981199912000120011200212003120041200512006120071200812009120101201112012120131201412015120161201712018120191202012021120221202312024120251202612027120281202912030120311203212033120341203512036120371203812039120401204112042120431204412045120461204712048120491205012051120521205312054120551205612057120581205912060120611206212063120641206512066120671206812069120701207112072120731207412075120761207712078120791208012081120821208312084120851208612087120881208912090120911209212093120941209512096120971209812099121001210112102121031210412105121061210712108121091211012111121121211312114121151211612117121181211912120121211212212123121241212512126121271212812129121301213112132121331213412135121361213712138121391214012141121421214312144121451214612147121481214912150121511215212153121541215512156121571215812159121601216112162121631216412165121661216712168121691217012171121721217312174121751217612177121781217912180121811218212183121841218512186121871218812189121901219112192121931219412195121961219712198121991220012201122021220312204122051220612207122081220912210122111221212213122141221512216122171221812219122201222112222122231222412225122261222712228122291223012231122321223312234122351223612237122381223912240122411224212243122441224512246122471224812249122501225112252122531225412255122561225712258122591226012261122621226312264122651226612267122681226912270122711227212273122741227512276122771227812279122801228112282122831228412285122861228712288122891229012291122921229312294122951229612297122981229912300123011230212303123041230512306123071230812309123101231112312123131231412315123161231712318123191232012321123221232312324123251232612327123281232912330123311233212333123341233512336123371233812339123401234112342123431234412345123461234712348123491235012351123521235312354123551235612357123581235912360123611236212363123641236512366123671236812369123701237112372123731237412375123761237712378123791238012381123821238312384123851238612387123881238912390123911239212393123941239512396123971239812399124001240112402124031240412405124061240712408124091241012411124121241312414124151241612417124181241912420124211242212423124241242512426124271242812429124301243112432124331243412435124361243712438124391244012441124421244312444124451244612447124481244912450124511245212453124541245512456124571245812459124601246112462124631246412465124661246712468124691247012471124721247312474124751247612477124781247912480124811248212483124841248512486124871248812489124901249112492124931249412495124961249712498124991250012501125021250312504125051250612507125081250912510125111251212513125141251512516125171251812519125201252112522125231252412525125261252712528125291253012531125321253312534125351253612537125381253912540125411254212543125441254512546125471254812549125501255112552125531255412555125561255712558125591256012561125621256312564125651256612567125681256912570125711257212573125741257512576125771257812579125801258112582125831258412585125861258712588125891259012591125921259312594125951259612597125981259912600126011260212603126041260512606126071260812609126101261112612126131261412615126161261712618126191262012621126221262312624126251262612627126281262912630126311263212633126341263512636126371263812639126401264112642126431264412645126461264712648126491265012651126521265312654126551265612657126581265912660126611266212663126641266512666126671266812669126701267112672126731267412675126761267712678126791268012681126821268312684126851268612687126881268912690126911269212693126941269512696126971269812699127001270112702127031270412705127061270712708127091271012711127121271312714127151271612717127181271912720127211272212723127241272512726127271272812729127301273112732127331273412735127361273712738127391274012741127421274312744127451274612747127481274912750127511275212753127541275512756127571275812759127601276112762127631276412765127661276712768127691277012771127721277312774127751277612777127781277912780127811278212783127841278512786127871278812789127901279112792127931279412795127961279712798127991280012801128021280312804128051280612807128081280912810128111281212813128141281512816128171281812819128201282112822128231282412825128261282712828128291283012831128321283312834128351283612837128381283912840128411284212843128441284512846128471284812849128501285112852128531285412855128561285712858128591286012861128621286312864128651286612867128681286912870128711287212873128741287512876128771287812879128801288112882128831288412885128861288712888128891289012891128921289312894128951289612897128981289912900129011290212903129041290512906129071290812909129101291112912129131291412915129161291712918129191292012921129221292312924129251292612927129281292912930129311293212933129341293512936129371293812939129401294112942129431294412945129461294712948129491295012951129521295312954129551295612957129581295912960129611296212963129641296512966129671296812969129701297112972129731297412975129761297712978129791298012981129821298312984129851298612987129881298912990129911299212993129941299512996129971299812999130001300113002130031300413005130061300713008130091301013011130121301313014130151301613017130181301913020130211302213023130241302513026130271302813029130301303113032130331303413035130361303713038130391304013041130421304313044130451304613047130481304913050130511305213053130541305513056130571305813059130601306113062130631306413065130661306713068130691307013071130721307313074130751307613077130781307913080130811308213083130841308513086130871308813089130901309113092130931309413095130961309713098130991310013101131021310313104131051310613107131081310913110131111311213113131141311513116131171311813119131201312113122131231312413125131261312713128131291313013131131321313313134131351313613137131381313913140131411314213143131441314513146131471314813149131501315113152131531315413155131561315713158131591316013161131621316313164131651316613167131681316913170131711317213173131741317513176131771317813179131801318113182131831318413185131861318713188131891319013191131921319313194131951319613197131981319913200132011320213203132041320513206132071320813209132101321113212132131321413215132161321713218132191322013221132221322313224132251322613227132281322913230132311323213233132341323513236132371323813239132401324113242132431324413245132461324713248132491325013251132521325313254132551325613257132581325913260132611326213263132641326513266132671326813269132701327113272132731327413275132761327713278132791328013281132821328313284132851328613287132881328913290132911329213293132941329513296132971329813299133001330113302133031330413305133061330713308133091331013311133121331313314133151331613317133181331913320133211332213323133241332513326133271332813329133301333113332133331333413335133361333713338133391334013341133421334313344133451334613347133481334913350133511335213353133541335513356133571335813359133601336113362133631336413365133661336713368133691337013371133721337313374133751337613377133781337913380133811338213383133841338513386133871338813389133901339113392133931339413395133961339713398133991340013401134021340313404134051340613407134081340913410134111341213413134141341513416134171341813419134201342113422134231342413425134261342713428134291343013431134321343313434134351343613437134381343913440134411344213443134441344513446134471344813449134501345113452134531345413455134561345713458134591346013461134621346313464134651346613467134681346913470134711347213473134741347513476134771347813479134801348113482134831348413485134861348713488134891349013491134921349313494134951349613497134981349913500135011350213503135041350513506135071350813509135101351113512135131351413515135161351713518135191352013521135221352313524135251352613527135281352913530135311353213533135341353513536135371353813539135401354113542135431354413545135461354713548135491355013551135521355313554135551355613557135581355913560135611356213563135641356513566135671356813569135701357113572135731357413575135761357713578135791358013581135821358313584135851358613587135881358913590135911359213593135941359513596135971359813599136001360113602136031360413605136061360713608136091361013611136121361313614136151361613617136181361913620136211362213623136241362513626136271362813629136301363113632136331363413635136361363713638136391364013641136421364313644136451364613647136481364913650136511365213653136541365513656136571365813659136601366113662136631366413665136661366713668136691367013671136721367313674136751367613677136781367913680136811368213683136841368513686136871368813689136901369113692136931369413695136961369713698136991370013701137021370313704137051370613707137081370913710137111371213713137141371513716137171371813719137201372113722137231372413725137261372713728137291373013731137321373313734137351373613737137381373913740137411374213743137441374513746137471374813749137501375113752137531375413755137561375713758137591376013761137621376313764137651376613767137681376913770137711377213773137741377513776137771377813779137801378113782137831378413785137861378713788137891379013791137921379313794137951379613797137981379913800138011380213803138041380513806138071380813809138101381113812138131381413815138161381713818138191382013821138221382313824138251382613827138281382913830138311383213833138341383513836138371383813839138401384113842138431384413845138461384713848138491385013851138521385313854138551385613857138581385913860138611386213863138641386513866138671386813869138701387113872138731387413875138761387713878138791388013881138821388313884138851388613887138881388913890138911389213893138941389513896138971389813899139001390113902139031390413905139061390713908139091391013911139121391313914139151391613917139181391913920139211392213923139241392513926139271392813929139301393113932139331393413935139361393713938139391394013941139421394313944139451394613947139481394913950139511395213953139541395513956139571395813959139601396113962139631396413965139661396713968139691397013971139721397313974139751397613977139781397913980139811398213983139841398513986139871398813989139901399113992139931399413995139961399713998139991400014001140021400314004140051400614007140081400914010140111401214013140141401514016140171401814019140201402114022140231402414025140261402714028140291403014031140321403314034140351403614037140381403914040140411404214043140441404514046140471404814049140501405114052140531405414055140561405714058140591406014061140621406314064140651406614067140681406914070140711407214073140741407514076140771407814079140801408114082140831408414085140861408714088140891409014091140921409314094140951409614097140981409914100141011410214103141041410514106141071410814109141101411114112141131411414115141161411714118141191412014121141221412314124141251412614127141281412914130141311413214133141341413514136141371413814139141401414114142141431414414145141461414714148141491415014151141521415314154141551415614157141581415914160141611416214163141641416514166141671416814169141701417114172141731417414175141761417714178141791418014181141821418314184141851418614187141881418914190141911419214193141941419514196141971419814199142001420114202142031420414205142061420714208142091421014211142121421314214142151421614217142181421914220142211422214223142241422514226142271422814229142301423114232142331423414235142361423714238142391424014241142421424314244142451424614247142481424914250142511425214253142541425514256142571425814259142601426114262142631426414265142661426714268142691427014271142721427314274142751427614277142781427914280142811428214283142841428514286142871428814289142901429114292142931429414295142961429714298142991430014301143021430314304143051430614307143081430914310143111431214313143141431514316143171431814319143201432114322143231432414325143261432714328143291433014331143321433314334143351433614337143381433914340143411434214343143441434514346143471434814349143501435114352143531435414355143561435714358143591436014361143621436314364143651436614367143681436914370143711437214373143741437514376143771437814379143801438114382143831438414385143861438714388143891439014391143921439314394143951439614397143981439914400144011440214403144041440514406144071440814409144101441114412144131441414415144161441714418144191442014421144221442314424144251442614427144281442914430144311443214433144341443514436144371443814439144401444114442144431444414445144461444714448144491445014451144521445314454144551445614457144581445914460144611446214463144641446514466144671446814469144701447114472144731447414475144761447714478144791448014481144821448314484144851448614487144881448914490144911449214493144941449514496144971449814499145001450114502145031450414505145061450714508145091451014511145121451314514145151451614517145181451914520145211452214523145241452514526145271452814529145301453114532145331453414535145361453714538145391454014541145421454314544145451454614547145481454914550145511455214553145541455514556145571455814559145601456114562145631456414565145661456714568145691457014571145721457314574145751457614577145781457914580145811458214583145841458514586145871458814589145901459114592145931459414595145961459714598145991460014601146021460314604146051460614607146081460914610146111461214613146141461514616146171461814619146201462114622146231462414625146261462714628146291463014631146321463314634146351463614637146381463914640146411464214643146441464514646146471464814649146501465114652146531465414655146561465714658146591466014661146621466314664146651466614667146681466914670146711467214673146741467514676146771467814679146801468114682146831468414685146861468714688146891469014691146921469314694146951469614697146981469914700147011470214703147041470514706147071470814709147101471114712147131471414715147161471714718147191472014721147221472314724147251472614727147281472914730147311473214733147341473514736147371473814739147401474114742147431474414745147461474714748147491475014751147521475314754147551475614757147581475914760147611476214763147641476514766147671476814769147701477114772147731477414775147761477714778147791478014781147821478314784147851478614787147881478914790147911479214793147941479514796147971479814799148001480114802148031480414805148061480714808148091481014811148121481314814148151481614817148181481914820148211482214823148241482514826148271482814829148301483114832148331483414835148361483714838148391484014841148421484314844148451484614847148481484914850148511485214853148541485514856148571485814859148601486114862148631486414865148661486714868148691487014871148721487314874148751487614877148781487914880148811488214883148841488514886148871488814889148901489114892148931489414895148961489714898148991490014901149021490314904149051490614907149081490914910149111491214913149141491514916149171491814919149201492114922149231492414925149261492714928149291493014931149321493314934149351493614937149381493914940149411494214943149441494514946149471494814949149501495114952149531495414955149561495714958149591496014961149621496314964149651496614967149681496914970149711497214973149741497514976149771497814979149801498114982149831498414985149861498714988149891499014991149921499314994149951499614997149981499915000150011500215003150041500515006150071500815009150101501115012150131501415015150161501715018150191502015021150221502315024150251502615027150281502915030150311503215033150341503515036150371503815039150401504115042150431504415045150461504715048150491505015051150521505315054150551505615057150581505915060150611506215063150641506515066150671506815069150701507115072150731507415075150761507715078150791508015081150821508315084150851508615087150881508915090150911509215093150941509515096150971509815099151001510115102151031510415105151061510715108151091511015111151121511315114151151511615117151181511915120151211512215123151241512515126151271512815129151301513115132151331513415135151361513715138151391514015141151421514315144151451514615147151481514915150151511515215153151541515515156151571515815159151601516115162151631516415165151661516715168151691517015171151721517315174151751517615177151781517915180151811518215183151841518515186151871518815189151901519115192151931519415195151961519715198151991520015201152021520315204152051520615207152081520915210152111521215213152141521515216152171521815219152201522115222152231522415225152261522715228152291523015231152321523315234152351523615237152381523915240152411524215243152441524515246152471524815249152501525115252152531525415255152561525715258152591526015261152621526315264152651526615267152681526915270152711527215273152741527515276152771527815279152801528115282152831528415285152861528715288152891529015291152921529315294152951529615297152981529915300153011530215303153041530515306153071530815309153101531115312153131531415315153161531715318153191532015321153221532315324153251532615327153281532915330153311533215333153341533515336153371533815339153401534115342153431534415345153461534715348153491535015351153521535315354153551535615357153581535915360153611536215363153641536515366153671536815369153701537115372153731537415375153761537715378153791538015381153821538315384153851538615387153881538915390153911539215393153941539515396153971539815399154001540115402154031540415405154061540715408154091541015411154121541315414154151541615417154181541915420154211542215423154241542515426154271542815429154301543115432154331543415435154361543715438154391544015441154421544315444154451544615447154481544915450154511545215453154541545515456154571545815459154601546115462154631546415465154661546715468154691547015471154721547315474154751547615477154781547915480154811548215483154841548515486154871548815489154901549115492154931549415495154961549715498154991550015501155021550315504155051550615507155081550915510155111551215513155141551515516155171551815519155201552115522155231552415525155261552715528155291553015531155321553315534155351553615537155381553915540155411554215543155441554515546155471554815549155501555115552155531555415555155561555715558155591556015561155621556315564155651556615567155681556915570155711557215573155741557515576155771557815579155801558115582155831558415585155861558715588155891559015591155921559315594155951559615597155981559915600156011560215603156041560515606156071560815609156101561115612156131561415615156161561715618156191562015621156221562315624156251562615627156281562915630156311563215633156341563515636156371563815639156401564115642156431564415645156461564715648156491565015651156521565315654156551565615657156581565915660156611566215663156641566515666156671566815669156701567115672156731567415675156761567715678156791568015681156821568315684156851568615687156881568915690156911569215693156941569515696156971569815699157001570115702157031570415705157061570715708157091571015711157121571315714157151571615717157181571915720157211572215723157241572515726157271572815729157301573115732157331573415735157361573715738157391574015741157421574315744157451574615747157481574915750157511575215753157541575515756157571575815759157601576115762157631576415765157661576715768157691577015771157721577315774157751577615777157781577915780157811578215783157841578515786157871578815789157901579115792157931579415795157961579715798157991580015801158021580315804158051580615807158081580915810158111581215813158141581515816158171581815819158201582115822158231582415825158261582715828158291583015831158321583315834158351583615837158381583915840158411584215843158441584515846158471584815849158501585115852158531585415855158561585715858158591586015861158621586315864158651586615867158681586915870158711587215873158741587515876158771587815879158801588115882158831588415885158861588715888158891589015891158921589315894158951589615897158981589915900159011590215903159041590515906159071590815909159101591115912159131591415915159161591715918159191592015921159221592315924159251592615927159281592915930159311593215933159341593515936159371593815939159401594115942159431594415945159461594715948159491595015951159521595315954159551595615957159581595915960159611596215963159641596515966159671596815969159701597115972159731597415975159761597715978159791598015981159821598315984159851598615987159881598915990159911599215993159941599515996159971599815999160001600116002160031600416005160061600716008160091601016011160121601316014160151601616017160181601916020160211602216023160241602516026160271602816029160301603116032160331603416035160361603716038160391604016041160421604316044160451604616047160481604916050160511605216053160541605516056160571605816059160601606116062160631606416065160661606716068160691607016071160721607316074160751607616077160781607916080160811608216083160841608516086160871608816089160901609116092160931609416095160961609716098160991610016101161021610316104161051610616107161081610916110161111611216113161141611516116161171611816119161201612116122161231612416125161261612716128161291613016131161321613316134161351613616137161381613916140161411614216143161441614516146161471614816149161501615116152161531615416155161561615716158161591616016161161621616316164161651616616167161681616916170161711617216173161741617516176161771617816179161801618116182161831618416185161861618716188161891619016191161921619316194161951619616197161981619916200162011620216203162041620516206162071620816209162101621116212162131621416215162161621716218162191622016221162221622316224162251622616227162281622916230162311623216233162341623516236162371623816239162401624116242162431624416245162461624716248162491625016251162521625316254162551625616257162581625916260162611626216263162641626516266162671626816269162701627116272162731627416275162761627716278162791628016281162821628316284162851628616287162881628916290162911629216293162941629516296162971629816299163001630116302163031630416305163061630716308163091631016311163121631316314163151631616317163181631916320163211632216323163241632516326163271632816329163301633116332163331633416335163361633716338163391634016341163421634316344163451634616347163481634916350163511635216353163541635516356163571635816359163601636116362163631636416365163661636716368163691637016371163721637316374163751637616377163781637916380163811638216383163841638516386163871638816389163901639116392163931639416395163961639716398163991640016401164021640316404164051640616407164081640916410164111641216413164141641516416164171641816419164201642116422164231642416425164261642716428164291643016431164321643316434164351643616437164381643916440164411644216443164441644516446164471644816449164501645116452164531645416455164561645716458164591646016461164621646316464164651646616467164681646916470164711647216473164741647516476164771647816479164801648116482164831648416485164861648716488164891649016491164921649316494164951649616497164981649916500165011650216503165041650516506165071650816509165101651116512165131651416515165161651716518165191652016521165221652316524165251652616527165281652916530165311653216533165341653516536165371653816539165401654116542165431654416545165461654716548165491655016551165521655316554165551655616557165581655916560165611656216563165641656516566165671656816569165701657116572165731657416575165761657716578165791658016581165821658316584165851658616587165881658916590165911659216593165941659516596165971659816599166001660116602166031660416605166061660716608166091661016611166121661316614166151661616617166181661916620166211662216623166241662516626166271662816629166301663116632166331663416635166361663716638166391664016641166421664316644166451664616647166481664916650166511665216653166541665516656166571665816659166601666116662166631666416665166661666716668166691667016671166721667316674166751667616677166781667916680166811668216683166841668516686166871668816689166901669116692166931669416695166961669716698166991670016701167021670316704167051670616707167081670916710167111671216713167141671516716167171671816719167201672116722167231672416725167261672716728167291673016731167321673316734167351673616737167381673916740167411674216743167441674516746167471674816749167501675116752167531675416755167561675716758167591676016761167621676316764167651676616767167681676916770167711677216773167741677516776167771677816779167801678116782167831678416785167861678716788167891679016791167921679316794167951679616797167981679916800168011680216803168041680516806168071680816809168101681116812168131681416815168161681716818168191682016821168221682316824168251682616827168281682916830168311683216833168341683516836168371683816839168401684116842168431684416845168461684716848168491685016851168521685316854168551685616857168581685916860168611686216863168641686516866168671686816869168701687116872168731687416875168761687716878168791688016881168821688316884168851688616887168881688916890168911689216893168941689516896168971689816899169001690116902169031690416905169061690716908169091691016911169121691316914169151691616917169181691916920169211692216923169241692516926169271692816929169301693116932169331693416935169361693716938169391694016941169421694316944169451694616947169481694916950169511695216953169541695516956169571695816959169601696116962169631696416965169661696716968169691697016971169721697316974169751697616977169781697916980169811698216983169841698516986169871698816989169901699116992169931699416995169961699716998169991700017001170021700317004170051700617007170081700917010170111701217013170141701517016170171701817019170201702117022170231702417025170261702717028170291703017031170321703317034170351703617037170381703917040170411704217043170441704517046170471704817049170501705117052170531705417055170561705717058170591706017061170621706317064170651706617067170681706917070170711707217073170741707517076170771707817079170801708117082170831708417085170861708717088170891709017091170921709317094170951709617097170981709917100171011710217103171041710517106171071710817109171101711117112171131711417115171161711717118171191712017121171221712317124171251712617127171281712917130171311713217133171341713517136171371713817139171401714117142171431714417145171461714717148171491715017151171521715317154171551715617157171581715917160171611716217163171641716517166171671716817169171701717117172171731717417175171761717717178171791718017181171821718317184171851718617187171881718917190171911719217193171941719517196171971719817199172001720117202172031720417205172061720717208172091721017211172121721317214172151721617217172181721917220172211722217223172241722517226172271722817229172301723117232172331723417235172361723717238172391724017241172421724317244172451724617247172481724917250172511725217253172541725517256172571725817259172601726117262172631726417265172661726717268172691727017271172721727317274172751727617277172781727917280172811728217283172841728517286172871728817289172901729117292172931729417295172961729717298172991730017301173021730317304173051730617307173081730917310173111731217313173141731517316173171731817319173201732117322173231732417325173261732717328173291733017331173321733317334173351733617337173381733917340173411734217343173441734517346173471734817349173501735117352173531735417355173561735717358173591736017361173621736317364173651736617367173681736917370173711737217373173741737517376173771737817379173801738117382173831738417385173861738717388173891739017391173921739317394173951739617397173981739917400174011740217403174041740517406174071740817409174101741117412174131741417415174161741717418174191742017421174221742317424174251742617427174281742917430174311743217433174341743517436174371743817439174401744117442174431744417445174461744717448174491745017451174521745317454174551745617457174581745917460174611746217463174641746517466174671746817469174701747117472174731747417475174761747717478174791748017481174821748317484174851748617487174881748917490174911749217493174941749517496174971749817499175001750117502175031750417505175061750717508175091751017511175121751317514175151751617517175181751917520175211752217523175241752517526175271752817529175301753117532175331753417535175361753717538175391754017541175421754317544175451754617547175481754917550175511755217553175541755517556175571755817559175601756117562175631756417565175661756717568175691757017571175721757317574175751757617577175781757917580175811758217583175841758517586175871758817589175901759117592175931759417595175961759717598175991760017601176021760317604176051760617607176081760917610176111761217613176141761517616176171761817619176201762117622176231762417625176261762717628176291763017631176321763317634176351763617637176381763917640176411764217643176441764517646176471764817649176501765117652176531765417655176561765717658176591766017661176621766317664176651766617667176681766917670176711767217673176741767517676176771767817679176801768117682176831768417685176861768717688176891769017691176921769317694176951769617697176981769917700177011770217703177041770517706177071770817709177101771117712177131771417715177161771717718177191772017721177221772317724177251772617727177281772917730177311773217733177341773517736177371773817739177401774117742177431774417745177461774717748177491775017751177521775317754177551775617757177581775917760177611776217763177641776517766177671776817769177701777117772177731777417775177761777717778177791778017781177821778317784177851778617787177881778917790177911779217793177941779517796177971779817799178001780117802178031780417805178061780717808178091781017811178121781317814178151781617817178181781917820178211782217823178241782517826178271782817829178301783117832178331783417835178361783717838178391784017841178421784317844178451784617847178481784917850178511785217853178541785517856178571785817859178601786117862178631786417865178661786717868178691787017871178721787317874178751787617877178781787917880178811788217883178841788517886178871788817889178901789117892178931789417895178961789717898178991790017901179021790317904179051790617907179081790917910179111791217913179141791517916179171791817919179201792117922179231792417925179261792717928179291793017931179321793317934179351793617937179381793917940179411794217943179441794517946179471794817949179501795117952179531795417955179561795717958179591796017961179621796317964179651796617967179681796917970179711797217973179741797517976179771797817979179801798117982179831798417985179861798717988179891799017991179921799317994179951799617997179981799918000180011800218003180041800518006180071800818009180101801118012180131801418015180161801718018180191802018021180221802318024180251802618027180281802918030180311803218033180341803518036180371803818039180401804118042180431804418045180461804718048180491805018051180521805318054180551805618057180581805918060180611806218063180641806518066180671806818069180701807118072180731807418075180761807718078180791808018081180821808318084180851808618087180881808918090180911809218093180941809518096180971809818099181001810118102181031810418105181061810718108181091811018111181121811318114181151811618117181181811918120181211812218123181241812518126181271812818129181301813118132181331813418135181361813718138181391814018141181421814318144181451814618147181481814918150181511815218153181541815518156181571815818159181601816118162181631816418165181661816718168181691817018171181721817318174181751817618177181781817918180181811818218183181841818518186181871818818189181901819118192181931819418195181961819718198181991820018201182021820318204182051820618207182081820918210182111821218213182141821518216182171821818219182201822118222182231822418225182261822718228182291823018231182321823318234182351823618237182381823918240182411824218243182441824518246182471824818249182501825118252182531825418255182561825718258182591826018261182621826318264182651826618267182681826918270182711827218273182741827518276182771827818279182801828118282182831828418285182861828718288182891829018291182921829318294182951829618297182981829918300183011830218303183041830518306183071830818309183101831118312183131831418315183161831718318183191832018321183221832318324183251832618327183281832918330183311833218333183341833518336183371833818339183401834118342183431834418345183461834718348183491835018351183521835318354183551835618357183581835918360183611836218363183641836518366183671836818369183701837118372183731837418375183761837718378183791838018381183821838318384183851838618387183881838918390183911839218393183941839518396183971839818399184001840118402184031840418405184061840718408184091841018411184121841318414184151841618417184181841918420184211842218423184241842518426184271842818429184301843118432184331843418435184361843718438184391844018441184421844318444184451844618447184481844918450184511845218453184541845518456184571845818459184601846118462184631846418465184661846718468184691847018471184721847318474184751847618477184781847918480184811848218483184841848518486184871848818489184901849118492184931849418495184961849718498184991850018501185021850318504185051850618507185081850918510185111851218513185141851518516185171851818519185201852118522185231852418525185261852718528185291853018531185321853318534185351853618537185381853918540185411854218543185441854518546185471854818549185501855118552185531855418555185561855718558185591856018561185621856318564185651856618567185681856918570185711857218573185741857518576185771857818579185801858118582185831858418585185861858718588185891859018591185921859318594185951859618597185981859918600186011860218603186041860518606186071860818609186101861118612186131861418615186161861718618186191862018621186221862318624186251862618627186281862918630186311863218633186341863518636186371863818639186401864118642186431864418645186461864718648186491865018651186521865318654186551865618657186581865918660186611866218663186641866518666186671866818669186701867118672186731867418675186761867718678186791868018681186821868318684186851868618687186881868918690186911869218693186941869518696186971869818699187001870118702187031870418705187061870718708187091871018711187121871318714187151871618717187181871918720187211872218723187241872518726187271872818729187301873118732187331873418735187361873718738187391874018741187421874318744187451874618747187481874918750187511875218753187541875518756187571875818759187601876118762187631876418765187661876718768187691877018771187721877318774187751877618777187781877918780187811878218783187841878518786187871878818789187901879118792187931879418795187961879718798187991880018801188021880318804188051880618807188081880918810188111881218813188141881518816188171881818819188201882118822188231882418825188261882718828188291883018831188321883318834188351883618837188381883918840188411884218843188441884518846188471884818849188501885118852188531885418855188561885718858188591886018861188621886318864188651886618867188681886918870188711887218873188741887518876188771887818879188801888118882188831888418885188861888718888188891889018891188921889318894188951889618897188981889918900189011890218903189041890518906189071890818909189101891118912189131891418915189161891718918189191892018921189221892318924189251892618927189281892918930189311893218933189341893518936189371893818939189401894118942189431894418945189461894718948189491895018951189521895318954189551895618957189581895918960189611896218963189641896518966189671896818969189701897118972189731897418975189761897718978189791898018981189821898318984189851898618987189881898918990189911899218993189941899518996189971899818999190001900119002190031900419005190061900719008190091901019011190121901319014190151901619017190181901919020190211902219023190241902519026190271902819029190301903119032190331903419035190361903719038190391904019041190421904319044190451904619047190481904919050190511905219053190541905519056190571905819059190601906119062190631906419065190661906719068190691907019071190721907319074190751907619077190781907919080190811908219083190841908519086190871908819089190901909119092190931909419095190961909719098190991910019101191021910319104191051910619107191081910919110191111911219113191141911519116191171911819119191201912119122191231912419125191261912719128191291913019131191321913319134191351913619137191381913919140191411914219143191441914519146191471914819149191501915119152191531915419155191561915719158191591916019161191621916319164191651916619167191681916919170191711917219173191741917519176191771917819179191801918119182191831918419185191861918719188191891919019191191921919319194191951919619197191981919919200192011920219203192041920519206192071920819209192101921119212192131921419215192161921719218192191922019221192221922319224192251922619227192281922919230192311923219233192341923519236192371923819239192401924119242192431924419245192461924719248192491925019251192521925319254192551925619257192581925919260192611926219263192641926519266192671926819269192701927119272192731927419275192761927719278192791928019281192821928319284192851928619287192881928919290192911929219293192941929519296192971929819299193001930119302193031930419305193061930719308193091931019311193121931319314193151931619317193181931919320193211932219323193241932519326193271932819329193301933119332193331933419335193361933719338193391934019341193421934319344193451934619347193481934919350193511935219353193541935519356193571935819359193601936119362193631936419365193661936719368193691937019371193721937319374193751937619377193781937919380193811938219383193841938519386193871938819389193901939119392193931939419395193961939719398193991940019401194021940319404194051940619407194081940919410194111941219413194141941519416194171941819419194201942119422194231942419425194261942719428194291943019431194321943319434194351943619437194381943919440194411944219443194441944519446194471944819449194501945119452194531945419455194561945719458194591946019461194621946319464194651946619467194681946919470194711947219473194741947519476194771947819479194801948119482194831948419485194861948719488194891949019491194921949319494194951949619497194981949919500195011950219503195041950519506195071950819509195101951119512195131951419515195161951719518195191952019521195221952319524195251952619527195281952919530195311953219533195341953519536195371953819539195401954119542195431954419545195461954719548195491955019551195521955319554195551955619557195581955919560195611956219563195641956519566195671956819569195701957119572195731957419575195761957719578195791958019581195821958319584195851958619587195881958919590195911959219593195941959519596195971959819599196001960119602196031960419605196061960719608196091961019611196121961319614196151961619617196181961919620196211962219623196241962519626196271962819629196301963119632196331963419635196361963719638196391964019641196421964319644196451964619647196481964919650196511965219653196541965519656196571965819659196601966119662196631966419665196661966719668196691967019671196721967319674196751967619677196781967919680196811968219683196841968519686196871968819689196901969119692196931969419695196961969719698196991970019701197021970319704197051970619707197081970919710197111971219713197141971519716197171971819719197201972119722197231972419725197261972719728197291973019731197321973319734197351973619737197381973919740197411974219743197441974519746197471974819749197501975119752197531975419755197561975719758197591976019761197621976319764197651976619767197681976919770197711977219773197741977519776197771977819779197801978119782197831978419785197861978719788197891979019791197921979319794197951979619797197981979919800198011980219803198041980519806198071980819809198101981119812198131981419815198161981719818198191982019821198221982319824198251982619827198281982919830198311983219833198341983519836198371983819839198401984119842198431984419845198461984719848198491985019851198521985319854198551985619857198581985919860198611986219863198641986519866198671986819869198701987119872198731987419875198761987719878198791988019881198821988319884198851988619887198881988919890198911989219893198941989519896198971989819899199001990119902199031990419905199061990719908199091991019911199121991319914199151991619917199181991919920199211992219923199241992519926199271992819929199301993119932199331993419935199361993719938199391994019941199421994319944199451994619947199481994919950199511995219953199541995519956199571995819959199601996119962199631996419965199661996719968199691997019971199721997319974199751997619977199781997919980199811998219983199841998519986199871998819989199901999119992199931999419995199961999719998199992000020001200022000320004200052000620007200082000920010200112001220013200142001520016200172001820019200202002120022200232002420025200262002720028200292003020031200322003320034200352003620037200382003920040200412004220043200442004520046200472004820049200502005120052200532005420055200562005720058200592006020061200622006320064200652006620067200682006920070200712007220073200742007520076200772007820079200802008120082200832008420085200862008720088200892009020091200922009320094200952009620097200982009920100201012010220103201042010520106201072010820109201102011120112201132011420115201162011720118201192012020121201222012320124201252012620127201282012920130201312013220133201342013520136201372013820139201402014120142201432014420145201462014720148201492015020151201522015320154201552015620157201582015920160201612016220163201642016520166201672016820169201702017120172201732017420175201762017720178201792018020181201822018320184201852018620187201882018920190201912019220193201942019520196201972019820199202002020120202202032020420205202062020720208202092021020211202122021320214202152021620217202182021920220202212022220223202242022520226202272022820229202302023120232202332023420235202362023720238202392024020241202422024320244202452024620247202482024920250202512025220253202542025520256202572025820259202602026120262202632026420265202662026720268202692027020271202722027320274202752027620277202782027920280202812028220283202842028520286202872028820289202902029120292202932029420295202962029720298202992030020301203022030320304203052030620307203082030920310203112031220313203142031520316203172031820319203202032120322203232032420325203262032720328203292033020331203322033320334203352033620337203382033920340203412034220343203442034520346203472034820349203502035120352203532035420355203562035720358203592036020361203622036320364203652036620367203682036920370203712037220373203742037520376203772037820379203802038120382203832038420385203862038720388203892039020391203922039320394203952039620397203982039920400204012040220403204042040520406204072040820409204102041120412204132041420415204162041720418204192042020421204222042320424204252042620427204282042920430204312043220433204342043520436204372043820439204402044120442204432044420445204462044720448204492045020451204522045320454204552045620457204582045920460204612046220463204642046520466204672046820469204702047120472204732047420475204762047720478204792048020481204822048320484204852048620487204882048920490204912049220493204942049520496204972049820499205002050120502205032050420505205062050720508205092051020511205122051320514205152051620517205182051920520205212052220523205242052520526205272052820529205302053120532205332053420535205362053720538205392054020541205422054320544205452054620547205482054920550205512055220553205542055520556205572055820559205602056120562205632056420565205662056720568205692057020571205722057320574205752057620577205782057920580205812058220583205842058520586205872058820589205902059120592205932059420595205962059720598205992060020601206022060320604206052060620607206082060920610206112061220613206142061520616206172061820619206202062120622206232062420625206262062720628206292063020631206322063320634206352063620637206382063920640206412064220643206442064520646206472064820649206502065120652206532065420655206562065720658206592066020661206622066320664206652066620667206682066920670206712067220673206742067520676206772067820679206802068120682206832068420685206862068720688206892069020691206922069320694206952069620697206982069920700207012070220703207042070520706207072070820709207102071120712207132071420715207162071720718207192072020721207222072320724207252072620727207282072920730207312073220733207342073520736207372073820739207402074120742207432074420745207462074720748207492075020751207522075320754207552075620757207582075920760207612076220763207642076520766207672076820769207702077120772207732077420775207762077720778207792078020781207822078320784207852078620787207882078920790207912079220793207942079520796207972079820799208002080120802208032080420805208062080720808208092081020811208122081320814208152081620817208182081920820208212082220823208242082520826208272082820829208302083120832208332083420835208362083720838208392084020841208422084320844208452084620847208482084920850208512085220853208542085520856208572085820859208602086120862208632086420865208662086720868208692087020871208722087320874208752087620877208782087920880208812088220883208842088520886208872088820889208902089120892208932089420895208962089720898208992090020901209022090320904209052090620907209082090920910209112091220913209142091520916209172091820919209202092120922209232092420925209262092720928209292093020931209322093320934209352093620937209382093920940209412094220943209442094520946209472094820949209502095120952209532095420955209562095720958209592096020961209622096320964209652096620967209682096920970209712097220973209742097520976209772097820979209802098120982209832098420985209862098720988209892099020991209922099320994209952099620997209982099921000210012100221003210042100521006210072100821009210102101121012210132101421015210162101721018210192102021021210222102321024210252102621027210282102921030210312103221033210342103521036210372103821039210402104121042210432104421045210462104721048210492105021051210522105321054210552105621057210582105921060210612106221063210642106521066210672106821069210702107121072210732107421075210762107721078210792108021081210822108321084210852108621087210882108921090210912109221093210942109521096210972109821099211002110121102211032110421105211062110721108211092111021111211122111321114211152111621117211182111921120211212112221123211242112521126211272112821129211302113121132211332113421135211362113721138211392114021141211422114321144211452114621147211482114921150211512115221153211542115521156211572115821159211602116121162211632116421165211662116721168211692117021171211722117321174211752117621177211782117921180211812118221183211842118521186211872118821189211902119121192211932119421195211962119721198211992120021201212022120321204212052120621207212082120921210212112121221213212142121521216212172121821219212202122121222212232122421225212262122721228212292123021231212322123321234212352123621237212382123921240212412124221243212442124521246212472124821249212502125121252212532125421255212562125721258212592126021261212622126321264212652126621267212682126921270212712127221273212742127521276212772127821279212802128121282212832128421285212862128721288212892129021291212922129321294212952129621297212982129921300213012130221303213042130521306213072130821309213102131121312213132131421315213162131721318213192132021321213222132321324213252132621327213282132921330213312133221333213342133521336213372133821339213402134121342213432134421345213462134721348213492135021351213522135321354213552135621357213582135921360213612136221363213642136521366213672136821369213702137121372213732137421375213762137721378213792138021381213822138321384213852138621387213882138921390213912139221393213942139521396213972139821399214002140121402214032140421405214062140721408214092141021411214122141321414214152141621417214182141921420214212142221423214242142521426214272142821429214302143121432214332143421435214362143721438214392144021441214422144321444214452144621447214482144921450214512145221453214542145521456214572145821459214602146121462214632146421465214662146721468214692147021471214722147321474214752147621477214782147921480214812148221483214842148521486214872148821489214902149121492214932149421495214962149721498214992150021501215022150321504215052150621507215082150921510215112151221513215142151521516215172151821519215202152121522215232152421525215262152721528215292153021531215322153321534215352153621537215382153921540215412154221543215442154521546215472154821549215502155121552215532155421555215562155721558215592156021561215622156321564215652156621567215682156921570215712157221573215742157521576215772157821579215802158121582215832158421585215862158721588215892159021591215922159321594215952159621597215982159921600216012160221603216042160521606216072160821609216102161121612216132161421615216162161721618216192162021621216222162321624216252162621627216282162921630216312163221633216342163521636216372163821639216402164121642216432164421645216462164721648216492165021651216522165321654216552165621657216582165921660216612166221663216642166521666216672166821669216702167121672216732167421675216762167721678216792168021681216822168321684216852168621687216882168921690216912169221693216942169521696216972169821699217002170121702217032170421705217062170721708217092171021711217122171321714217152171621717217182171921720217212172221723217242172521726217272172821729217302173121732217332173421735217362173721738217392174021741217422174321744217452174621747217482174921750217512175221753217542175521756217572175821759217602176121762217632176421765217662176721768217692177021771217722177321774217752177621777217782177921780217812178221783217842178521786217872178821789217902179121792217932179421795217962179721798217992180021801218022180321804218052180621807218082180921810218112181221813218142181521816218172181821819218202182121822218232182421825218262182721828218292183021831218322183321834218352183621837218382183921840218412184221843218442184521846218472184821849218502185121852218532185421855218562185721858218592186021861218622186321864218652186621867218682186921870218712187221873218742187521876218772187821879218802188121882218832188421885218862188721888218892189021891218922189321894218952189621897218982189921900219012190221903219042190521906219072190821909219102191121912219132191421915219162191721918219192192021921219222192321924219252192621927219282192921930219312193221933219342193521936219372193821939219402194121942219432194421945219462194721948219492195021951219522195321954219552195621957219582195921960219612196221963219642196521966219672196821969219702197121972219732197421975219762197721978219792198021981219822198321984219852198621987219882198921990219912199221993219942199521996219972199821999220002200122002220032200422005220062200722008220092201022011220122201322014220152201622017220182201922020220212202222023220242202522026220272202822029220302203122032220332203422035220362203722038220392204022041220422204322044220452204622047220482204922050
  1. // SPDX-License-Identifier: GPL-2.0-only
  2. /*
  3. * This is the new netlink-based wireless configuration interface.
  4. *
  5. * Copyright 2006-2010 Johannes Berg <johannes@sipsolutions.net>
  6. * Copyright 2013-2014 Intel Mobile Communications GmbH
  7. * Copyright 2015-2017 Intel Deutschland GmbH
  8. * Copyright (C) 2018-2026 Intel Corporation
  9. */
  10. #include <linux/if.h>
  11. #include <linux/module.h>
  12. #include <linux/err.h>
  13. #include <linux/slab.h>
  14. #include <linux/list.h>
  15. #include <linux/if_ether.h>
  16. #include <linux/ieee80211.h>
  17. #include <linux/nl80211.h>
  18. #include <linux/rtnetlink.h>
  19. #include <linux/netlink.h>
  20. #include <linux/nospec.h>
  21. #include <linux/etherdevice.h>
  22. #include <linux/if_vlan.h>
  23. #include <net/net_namespace.h>
  24. #include <net/genetlink.h>
  25. #include <net/cfg80211.h>
  26. #include <net/sock.h>
  27. #include <net/inet_connection_sock.h>
  28. #include "core.h"
  29. #include "nl80211.h"
  30. #include "reg.h"
  31. #include "rdev-ops.h"
  32. static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev,
  33. struct genl_info *info,
  34. struct cfg80211_crypto_settings *settings,
  35. int cipher_limit);
  36. /* the netlink family */
  37. static struct genl_family nl80211_fam;
  38. /* multicast groups */
  39. enum nl80211_multicast_groups {
  40. NL80211_MCGRP_CONFIG,
  41. NL80211_MCGRP_SCAN,
  42. NL80211_MCGRP_REGULATORY,
  43. NL80211_MCGRP_MLME,
  44. NL80211_MCGRP_VENDOR,
  45. NL80211_MCGRP_NAN,
  46. NL80211_MCGRP_TESTMODE /* keep last - ifdef! */
  47. };
  48. static const struct genl_multicast_group nl80211_mcgrps[] = {
  49. [NL80211_MCGRP_CONFIG] = { .name = NL80211_MULTICAST_GROUP_CONFIG },
  50. [NL80211_MCGRP_SCAN] = { .name = NL80211_MULTICAST_GROUP_SCAN },
  51. [NL80211_MCGRP_REGULATORY] = { .name = NL80211_MULTICAST_GROUP_REG },
  52. [NL80211_MCGRP_MLME] = { .name = NL80211_MULTICAST_GROUP_MLME },
  53. [NL80211_MCGRP_VENDOR] = { .name = NL80211_MULTICAST_GROUP_VENDOR },
  54. [NL80211_MCGRP_NAN] = { .name = NL80211_MULTICAST_GROUP_NAN },
  55. #ifdef CONFIG_NL80211_TESTMODE
  56. [NL80211_MCGRP_TESTMODE] = { .name = NL80211_MULTICAST_GROUP_TESTMODE }
  57. #endif
  58. };
  59. /* returns ERR_PTR values */
  60. static struct wireless_dev *
  61. __cfg80211_wdev_from_attrs(struct cfg80211_registered_device *rdev,
  62. struct net *netns, struct nlattr **attrs)
  63. {
  64. struct wireless_dev *result = NULL;
  65. bool have_ifidx = attrs[NL80211_ATTR_IFINDEX];
  66. bool have_wdev_id = attrs[NL80211_ATTR_WDEV];
  67. u64 wdev_id = 0;
  68. int wiphy_idx = -1;
  69. int ifidx = -1;
  70. if (!have_ifidx && !have_wdev_id)
  71. return ERR_PTR(-EINVAL);
  72. if (have_ifidx)
  73. ifidx = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]);
  74. if (have_wdev_id) {
  75. wdev_id = nla_get_u64(attrs[NL80211_ATTR_WDEV]);
  76. wiphy_idx = wdev_id >> 32;
  77. }
  78. if (rdev) {
  79. struct wireless_dev *wdev;
  80. lockdep_assert_held(&rdev->wiphy.mtx);
  81. list_for_each_entry(wdev, &rdev->wiphy.wdev_list, list) {
  82. if (have_ifidx && wdev->netdev &&
  83. wdev->netdev->ifindex == ifidx) {
  84. result = wdev;
  85. break;
  86. }
  87. if (have_wdev_id && wdev->identifier == (u32)wdev_id) {
  88. result = wdev;
  89. break;
  90. }
  91. }
  92. return result ?: ERR_PTR(-ENODEV);
  93. }
  94. ASSERT_RTNL();
  95. for_each_rdev(rdev) {
  96. struct wireless_dev *wdev;
  97. if (wiphy_net(&rdev->wiphy) != netns)
  98. continue;
  99. if (have_wdev_id && rdev->wiphy_idx != wiphy_idx)
  100. continue;
  101. list_for_each_entry(wdev, &rdev->wiphy.wdev_list, list) {
  102. if (have_ifidx && wdev->netdev &&
  103. wdev->netdev->ifindex == ifidx) {
  104. result = wdev;
  105. break;
  106. }
  107. if (have_wdev_id && wdev->identifier == (u32)wdev_id) {
  108. result = wdev;
  109. break;
  110. }
  111. }
  112. if (result)
  113. break;
  114. }
  115. if (result)
  116. return result;
  117. return ERR_PTR(-ENODEV);
  118. }
  119. static struct cfg80211_registered_device *
  120. __cfg80211_rdev_from_attrs(struct net *netns, struct nlattr **attrs)
  121. {
  122. struct cfg80211_registered_device *rdev = NULL, *tmp;
  123. struct net_device *netdev;
  124. ASSERT_RTNL();
  125. if (!attrs[NL80211_ATTR_WIPHY] &&
  126. !attrs[NL80211_ATTR_IFINDEX] &&
  127. !attrs[NL80211_ATTR_WDEV])
  128. return ERR_PTR(-EINVAL);
  129. if (attrs[NL80211_ATTR_WIPHY])
  130. rdev = cfg80211_rdev_by_wiphy_idx(
  131. nla_get_u32(attrs[NL80211_ATTR_WIPHY]));
  132. if (attrs[NL80211_ATTR_WDEV]) {
  133. u64 wdev_id = nla_get_u64(attrs[NL80211_ATTR_WDEV]);
  134. struct wireless_dev *wdev;
  135. bool found = false;
  136. tmp = cfg80211_rdev_by_wiphy_idx(wdev_id >> 32);
  137. if (tmp) {
  138. /* make sure wdev exists */
  139. list_for_each_entry(wdev, &tmp->wiphy.wdev_list, list) {
  140. if (wdev->identifier != (u32)wdev_id)
  141. continue;
  142. found = true;
  143. break;
  144. }
  145. if (!found)
  146. tmp = NULL;
  147. if (rdev && tmp != rdev)
  148. return ERR_PTR(-EINVAL);
  149. rdev = tmp;
  150. }
  151. }
  152. if (attrs[NL80211_ATTR_IFINDEX]) {
  153. int ifindex = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]);
  154. netdev = __dev_get_by_index(netns, ifindex);
  155. if (netdev) {
  156. if (netdev->ieee80211_ptr)
  157. tmp = wiphy_to_rdev(
  158. netdev->ieee80211_ptr->wiphy);
  159. else
  160. tmp = NULL;
  161. /* not wireless device -- return error */
  162. if (!tmp)
  163. return ERR_PTR(-EINVAL);
  164. /* mismatch -- return error */
  165. if (rdev && tmp != rdev)
  166. return ERR_PTR(-EINVAL);
  167. rdev = tmp;
  168. }
  169. }
  170. if (!rdev)
  171. return ERR_PTR(-ENODEV);
  172. if (netns != wiphy_net(&rdev->wiphy))
  173. return ERR_PTR(-ENODEV);
  174. return rdev;
  175. }
  176. /*
  177. * This function returns a pointer to the driver
  178. * that the genl_info item that is passed refers to.
  179. *
  180. * The result of this can be a PTR_ERR and hence must
  181. * be checked with IS_ERR() for errors.
  182. */
  183. static struct cfg80211_registered_device *
  184. cfg80211_get_dev_from_info(struct net *netns, struct genl_info *info)
  185. {
  186. return __cfg80211_rdev_from_attrs(netns, info->attrs);
  187. }
  188. static int validate_beacon_head(const struct nlattr *attr,
  189. struct netlink_ext_ack *extack)
  190. {
  191. const u8 *data = nla_data(attr);
  192. unsigned int len = nla_len(attr);
  193. const struct element *elem;
  194. const struct ieee80211_mgmt *mgmt = (void *)data;
  195. const struct ieee80211_ext *ext;
  196. unsigned int fixedlen, hdrlen;
  197. bool s1g_bcn;
  198. if (len < offsetofend(typeof(*mgmt), frame_control))
  199. goto err;
  200. s1g_bcn = ieee80211_is_s1g_beacon(mgmt->frame_control);
  201. if (s1g_bcn) {
  202. ext = (struct ieee80211_ext *)mgmt;
  203. fixedlen =
  204. offsetof(struct ieee80211_ext, u.s1g_beacon.variable) +
  205. ieee80211_s1g_optional_len(ext->frame_control);
  206. hdrlen = offsetof(struct ieee80211_ext, u.s1g_beacon);
  207. } else {
  208. fixedlen = offsetof(struct ieee80211_mgmt,
  209. u.beacon.variable);
  210. hdrlen = offsetof(struct ieee80211_mgmt, u.beacon);
  211. }
  212. if (len < fixedlen)
  213. goto err;
  214. if (ieee80211_hdrlen(mgmt->frame_control) != hdrlen)
  215. goto err;
  216. data += fixedlen;
  217. len -= fixedlen;
  218. for_each_element(elem, data, len) {
  219. /* nothing */
  220. }
  221. if (for_each_element_completed(elem, data, len))
  222. return 0;
  223. err:
  224. NL_SET_ERR_MSG_ATTR(extack, attr, "malformed beacon head");
  225. return -EINVAL;
  226. }
  227. static int validate_ie_attr(const struct nlattr *attr,
  228. struct netlink_ext_ack *extack)
  229. {
  230. const u8 *data = nla_data(attr);
  231. unsigned int len = nla_len(attr);
  232. const struct element *elem;
  233. for_each_element(elem, data, len) {
  234. /* nothing */
  235. }
  236. if (for_each_element_completed(elem, data, len))
  237. return 0;
  238. NL_SET_ERR_MSG_ATTR(extack, attr, "malformed information elements");
  239. return -EINVAL;
  240. }
  241. static int validate_he_capa(const struct nlattr *attr,
  242. struct netlink_ext_ack *extack)
  243. {
  244. if (!ieee80211_he_capa_size_ok(nla_data(attr), nla_len(attr)))
  245. return -EINVAL;
  246. return 0;
  247. }
  248. static int validate_supported_selectors(const struct nlattr *attr,
  249. struct netlink_ext_ack *extack)
  250. {
  251. const u8 *supported_selectors = nla_data(attr);
  252. u8 supported_selectors_len = nla_len(attr);
  253. /* The top bit must not be set as it is not part of the selector */
  254. for (int i = 0; i < supported_selectors_len; i++) {
  255. if (supported_selectors[i] & 0x80)
  256. return -EINVAL;
  257. }
  258. return 0;
  259. }
  260. static int validate_nan_cluster_id(const struct nlattr *attr,
  261. struct netlink_ext_ack *extack)
  262. {
  263. const u8 *data = nla_data(attr);
  264. unsigned int len = nla_len(attr);
  265. static const u8 cluster_id_prefix[4] = {0x50, 0x6f, 0x9a, 0x1};
  266. if (len != ETH_ALEN) {
  267. NL_SET_ERR_MSG_ATTR(extack, attr, "bad cluster id length");
  268. return -EINVAL;
  269. }
  270. if (memcmp(data, cluster_id_prefix, sizeof(cluster_id_prefix))) {
  271. NL_SET_ERR_MSG_ATTR(extack, attr, "invalid cluster id prefix");
  272. return -EINVAL;
  273. }
  274. return 0;
  275. }
  276. static int validate_uhr_capa(const struct nlattr *attr,
  277. struct netlink_ext_ack *extack)
  278. {
  279. const u8 *data = nla_data(attr);
  280. unsigned int len = nla_len(attr);
  281. return ieee80211_uhr_capa_size_ok(data, len, false);
  282. }
  283. /* policy for the attributes */
  284. static const struct nla_policy nl80211_policy[NUM_NL80211_ATTR];
  285. static const struct nla_policy
  286. nl80211_ftm_responder_policy[NL80211_FTM_RESP_ATTR_MAX + 1] = {
  287. [NL80211_FTM_RESP_ATTR_ENABLED] = { .type = NLA_FLAG, },
  288. [NL80211_FTM_RESP_ATTR_LCI] = { .type = NLA_BINARY,
  289. .len = U8_MAX },
  290. [NL80211_FTM_RESP_ATTR_CIVICLOC] = { .type = NLA_BINARY,
  291. .len = U8_MAX },
  292. };
  293. static const struct nla_policy
  294. nl80211_pmsr_ftm_req_attr_policy[NL80211_PMSR_FTM_REQ_ATTR_MAX + 1] = {
  295. [NL80211_PMSR_FTM_REQ_ATTR_ASAP] = { .type = NLA_FLAG },
  296. [NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE] = { .type = NLA_U32 },
  297. [NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP] =
  298. NLA_POLICY_MAX(NLA_U8, 15),
  299. [NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD] = { .type = NLA_U16 },
  300. [NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION] =
  301. NLA_POLICY_MAX(NLA_U8, 15),
  302. [NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST] = { .type = NLA_U8 },
  303. [NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES] = { .type = NLA_U8 },
  304. [NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI] = { .type = NLA_FLAG },
  305. [NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC] = { .type = NLA_FLAG },
  306. [NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED] = { .type = NLA_FLAG },
  307. [NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED] = { .type = NLA_FLAG },
  308. [NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK] = { .type = NLA_FLAG },
  309. [NL80211_PMSR_FTM_REQ_ATTR_BSS_COLOR] = { .type = NLA_U8 },
  310. [NL80211_PMSR_FTM_REQ_ATTR_RSTA] = { .type = NLA_FLAG },
  311. };
  312. static const struct nla_policy
  313. nl80211_pmsr_req_data_policy[NL80211_PMSR_TYPE_MAX + 1] = {
  314. [NL80211_PMSR_TYPE_FTM] =
  315. NLA_POLICY_NESTED(nl80211_pmsr_ftm_req_attr_policy),
  316. };
  317. static const struct nla_policy
  318. nl80211_pmsr_req_attr_policy[NL80211_PMSR_REQ_ATTR_MAX + 1] = {
  319. [NL80211_PMSR_REQ_ATTR_DATA] =
  320. NLA_POLICY_NESTED(nl80211_pmsr_req_data_policy),
  321. [NL80211_PMSR_REQ_ATTR_GET_AP_TSF] = { .type = NLA_FLAG },
  322. };
  323. static const struct nla_policy
  324. nl80211_pmsr_peer_attr_policy[NL80211_PMSR_PEER_ATTR_MAX + 1] = {
  325. [NL80211_PMSR_PEER_ATTR_ADDR] = NLA_POLICY_ETH_ADDR,
  326. [NL80211_PMSR_PEER_ATTR_CHAN] = NLA_POLICY_NESTED(nl80211_policy),
  327. [NL80211_PMSR_PEER_ATTR_REQ] =
  328. NLA_POLICY_NESTED(nl80211_pmsr_req_attr_policy),
  329. [NL80211_PMSR_PEER_ATTR_RESP] = { .type = NLA_REJECT },
  330. };
  331. static const struct nla_policy
  332. nl80211_pmsr_attr_policy[NL80211_PMSR_ATTR_MAX + 1] = {
  333. [NL80211_PMSR_ATTR_MAX_PEERS] = { .type = NLA_REJECT },
  334. [NL80211_PMSR_ATTR_REPORT_AP_TSF] = { .type = NLA_REJECT },
  335. [NL80211_PMSR_ATTR_RANDOMIZE_MAC_ADDR] = { .type = NLA_REJECT },
  336. [NL80211_PMSR_ATTR_TYPE_CAPA] = { .type = NLA_REJECT },
  337. [NL80211_PMSR_ATTR_PEERS] =
  338. NLA_POLICY_NESTED_ARRAY(nl80211_pmsr_peer_attr_policy),
  339. };
  340. static const struct nla_policy
  341. he_obss_pd_policy[NL80211_HE_OBSS_PD_ATTR_MAX + 1] = {
  342. [NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET] =
  343. NLA_POLICY_RANGE(NLA_U8, 1, 20),
  344. [NL80211_HE_OBSS_PD_ATTR_MAX_OFFSET] =
  345. NLA_POLICY_RANGE(NLA_U8, 1, 20),
  346. [NL80211_HE_OBSS_PD_ATTR_NON_SRG_MAX_OFFSET] =
  347. NLA_POLICY_RANGE(NLA_U8, 1, 20),
  348. [NL80211_HE_OBSS_PD_ATTR_BSS_COLOR_BITMAP] =
  349. NLA_POLICY_EXACT_LEN(8),
  350. [NL80211_HE_OBSS_PD_ATTR_PARTIAL_BSSID_BITMAP] =
  351. NLA_POLICY_EXACT_LEN(8),
  352. [NL80211_HE_OBSS_PD_ATTR_SR_CTRL] = { .type = NLA_U8 },
  353. };
  354. static const struct nla_policy
  355. he_bss_color_policy[NL80211_HE_BSS_COLOR_ATTR_MAX + 1] = {
  356. [NL80211_HE_BSS_COLOR_ATTR_COLOR] = NLA_POLICY_RANGE(NLA_U8, 1, 63),
  357. [NL80211_HE_BSS_COLOR_ATTR_DISABLED] = { .type = NLA_FLAG },
  358. [NL80211_HE_BSS_COLOR_ATTR_PARTIAL] = { .type = NLA_FLAG },
  359. };
  360. static const struct nla_policy nl80211_txattr_policy[NL80211_TXRATE_MAX + 1] = {
  361. [NL80211_TXRATE_LEGACY] = { .type = NLA_BINARY,
  362. .len = NL80211_MAX_SUPP_RATES },
  363. [NL80211_TXRATE_HT] = { .type = NLA_BINARY,
  364. .len = NL80211_MAX_SUPP_HT_RATES },
  365. [NL80211_TXRATE_VHT] = NLA_POLICY_EXACT_LEN_WARN(sizeof(struct nl80211_txrate_vht)),
  366. [NL80211_TXRATE_GI] = { .type = NLA_U8 },
  367. [NL80211_TXRATE_HE] = NLA_POLICY_EXACT_LEN(sizeof(struct nl80211_txrate_he)),
  368. [NL80211_TXRATE_HE_GI] = NLA_POLICY_RANGE(NLA_U8,
  369. NL80211_RATE_INFO_HE_GI_0_8,
  370. NL80211_RATE_INFO_HE_GI_3_2),
  371. [NL80211_TXRATE_HE_LTF] = NLA_POLICY_RANGE(NLA_U8,
  372. NL80211_RATE_INFO_HE_1XLTF,
  373. NL80211_RATE_INFO_HE_4XLTF),
  374. [NL80211_TXRATE_EHT] = NLA_POLICY_EXACT_LEN(sizeof(struct nl80211_txrate_eht)),
  375. [NL80211_TXRATE_EHT_GI] = NLA_POLICY_RANGE(NLA_U8,
  376. NL80211_RATE_INFO_EHT_GI_0_8,
  377. NL80211_RATE_INFO_EHT_GI_3_2),
  378. [NL80211_TXRATE_EHT_LTF] = NLA_POLICY_RANGE(NLA_U8,
  379. NL80211_RATE_INFO_EHT_1XLTF,
  380. NL80211_RATE_INFO_EHT_8XLTF),
  381. };
  382. static const struct nla_policy
  383. nl80211_tid_config_attr_policy[NL80211_TID_CONFIG_ATTR_MAX + 1] = {
  384. [NL80211_TID_CONFIG_ATTR_VIF_SUPP] = { .type = NLA_U64 },
  385. [NL80211_TID_CONFIG_ATTR_PEER_SUPP] = { .type = NLA_U64 },
  386. [NL80211_TID_CONFIG_ATTR_OVERRIDE] = { .type = NLA_FLAG },
  387. [NL80211_TID_CONFIG_ATTR_TIDS] = NLA_POLICY_RANGE(NLA_U16, 1, 0xff),
  388. [NL80211_TID_CONFIG_ATTR_NOACK] =
  389. NLA_POLICY_MAX(NLA_U8, NL80211_TID_CONFIG_DISABLE),
  390. [NL80211_TID_CONFIG_ATTR_RETRY_SHORT] = NLA_POLICY_MIN(NLA_U8, 1),
  391. [NL80211_TID_CONFIG_ATTR_RETRY_LONG] = NLA_POLICY_MIN(NLA_U8, 1),
  392. [NL80211_TID_CONFIG_ATTR_AMPDU_CTRL] =
  393. NLA_POLICY_MAX(NLA_U8, NL80211_TID_CONFIG_DISABLE),
  394. [NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL] =
  395. NLA_POLICY_MAX(NLA_U8, NL80211_TID_CONFIG_DISABLE),
  396. [NL80211_TID_CONFIG_ATTR_AMSDU_CTRL] =
  397. NLA_POLICY_MAX(NLA_U8, NL80211_TID_CONFIG_DISABLE),
  398. [NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE] =
  399. NLA_POLICY_MAX(NLA_U8, NL80211_TX_RATE_FIXED),
  400. [NL80211_TID_CONFIG_ATTR_TX_RATE] =
  401. NLA_POLICY_NESTED(nl80211_txattr_policy),
  402. };
  403. static const struct nla_policy
  404. nl80211_fils_discovery_policy[NL80211_FILS_DISCOVERY_ATTR_MAX + 1] = {
  405. [NL80211_FILS_DISCOVERY_ATTR_INT_MIN] = NLA_POLICY_MAX(NLA_U32, 10000),
  406. [NL80211_FILS_DISCOVERY_ATTR_INT_MAX] = NLA_POLICY_MAX(NLA_U32, 10000),
  407. [NL80211_FILS_DISCOVERY_ATTR_TMPL] =
  408. NLA_POLICY_RANGE(NLA_BINARY,
  409. NL80211_FILS_DISCOVERY_TMPL_MIN_LEN,
  410. IEEE80211_MAX_DATA_LEN),
  411. };
  412. static const struct nla_policy
  413. nl80211_unsol_bcast_probe_resp_policy[NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_MAX + 1] = {
  414. [NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_INT] = NLA_POLICY_MAX(NLA_U32, 20),
  415. [NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_TMPL] = { .type = NLA_BINARY,
  416. .len = IEEE80211_MAX_DATA_LEN }
  417. };
  418. static const struct nla_policy
  419. sar_specs_policy[NL80211_SAR_ATTR_SPECS_MAX + 1] = {
  420. [NL80211_SAR_ATTR_SPECS_POWER] = { .type = NLA_S32 },
  421. [NL80211_SAR_ATTR_SPECS_RANGE_INDEX] = {.type = NLA_U32 },
  422. };
  423. static const struct nla_policy
  424. sar_policy[NL80211_SAR_ATTR_MAX + 1] = {
  425. [NL80211_SAR_ATTR_TYPE] = NLA_POLICY_MAX(NLA_U32, NUM_NL80211_SAR_TYPE),
  426. [NL80211_SAR_ATTR_SPECS] = NLA_POLICY_NESTED_ARRAY(sar_specs_policy),
  427. };
  428. static const struct nla_policy
  429. nl80211_mbssid_config_policy[NL80211_MBSSID_CONFIG_ATTR_MAX + 1] = {
  430. [NL80211_MBSSID_CONFIG_ATTR_MAX_INTERFACES] = NLA_POLICY_MIN(NLA_U8, 2),
  431. [NL80211_MBSSID_CONFIG_ATTR_MAX_EMA_PROFILE_PERIODICITY] =
  432. NLA_POLICY_MIN(NLA_U8, 1),
  433. [NL80211_MBSSID_CONFIG_ATTR_INDEX] = { .type = NLA_U8 },
  434. [NL80211_MBSSID_CONFIG_ATTR_TX_IFINDEX] = { .type = NLA_U32 },
  435. [NL80211_MBSSID_CONFIG_ATTR_EMA] = { .type = NLA_FLAG },
  436. [NL80211_MBSSID_CONFIG_ATTR_TX_LINK_ID] =
  437. NLA_POLICY_MAX(NLA_U8, IEEE80211_MLD_MAX_NUM_LINKS),
  438. };
  439. static const struct nla_policy
  440. nl80211_sta_wme_policy[NL80211_STA_WME_MAX + 1] = {
  441. [NL80211_STA_WME_UAPSD_QUEUES] = { .type = NLA_U8 },
  442. [NL80211_STA_WME_MAX_SP] = { .type = NLA_U8 },
  443. };
  444. static const struct nla_policy
  445. nl80211_s1g_short_beacon[NL80211_S1G_SHORT_BEACON_ATTR_MAX + 1] = {
  446. [NL80211_S1G_SHORT_BEACON_ATTR_HEAD] =
  447. NLA_POLICY_VALIDATE_FN(NLA_BINARY, validate_beacon_head,
  448. IEEE80211_MAX_DATA_LEN),
  449. [NL80211_S1G_SHORT_BEACON_ATTR_TAIL] =
  450. NLA_POLICY_VALIDATE_FN(NLA_BINARY, validate_ie_attr,
  451. IEEE80211_MAX_DATA_LEN),
  452. };
  453. static const struct nla_policy
  454. nl80211_nan_band_conf_policy[NL80211_NAN_BAND_CONF_ATTR_MAX + 1] = {
  455. [NL80211_NAN_BAND_CONF_BAND] = NLA_POLICY_MAX(NLA_U8,
  456. NUM_NL80211_BANDS - 1),
  457. [NL80211_NAN_BAND_CONF_FREQ] = { .type = NLA_U16 },
  458. [NL80211_NAN_BAND_CONF_RSSI_CLOSE] = NLA_POLICY_MIN(NLA_S8, -59),
  459. [NL80211_NAN_BAND_CONF_RSSI_MIDDLE] = NLA_POLICY_MIN(NLA_S8, -74),
  460. [NL80211_NAN_BAND_CONF_WAKE_DW] = NLA_POLICY_MAX(NLA_U8, 5),
  461. [NL80211_NAN_BAND_CONF_DISABLE_SCAN] = { .type = NLA_FLAG },
  462. };
  463. static const struct nla_policy
  464. nl80211_nan_conf_policy[NL80211_NAN_CONF_ATTR_MAX + 1] = {
  465. [NL80211_NAN_CONF_CLUSTER_ID] =
  466. NLA_POLICY_VALIDATE_FN(NLA_BINARY, validate_nan_cluster_id,
  467. ETH_ALEN),
  468. [NL80211_NAN_CONF_EXTRA_ATTRS] = { .type = NLA_BINARY,
  469. .len = IEEE80211_MAX_DATA_LEN},
  470. [NL80211_NAN_CONF_VENDOR_ELEMS] =
  471. NLA_POLICY_VALIDATE_FN(NLA_BINARY, validate_ie_attr,
  472. IEEE80211_MAX_DATA_LEN),
  473. [NL80211_NAN_CONF_BAND_CONFIGS] =
  474. NLA_POLICY_NESTED_ARRAY(nl80211_nan_band_conf_policy),
  475. [NL80211_NAN_CONF_SCAN_PERIOD] = { .type = NLA_U16 },
  476. [NL80211_NAN_CONF_SCAN_DWELL_TIME] = NLA_POLICY_RANGE(NLA_U16, 50, 512),
  477. [NL80211_NAN_CONF_DISCOVERY_BEACON_INTERVAL] =
  478. NLA_POLICY_RANGE(NLA_U8, 50, 200),
  479. [NL80211_NAN_CONF_NOTIFY_DW] = { .type = NLA_FLAG },
  480. };
  481. static const struct netlink_range_validation nl80211_punct_bitmap_range = {
  482. .min = 0,
  483. .max = 0xffff,
  484. };
  485. static const struct netlink_range_validation q_range = {
  486. .max = INT_MAX,
  487. };
  488. static const struct nla_policy nl80211_policy[NUM_NL80211_ATTR] = {
  489. [0] = { .strict_start_type = NL80211_ATTR_HE_OBSS_PD },
  490. [NL80211_ATTR_WIPHY] = { .type = NLA_U32 },
  491. [NL80211_ATTR_WIPHY_NAME] = { .type = NLA_NUL_STRING,
  492. .len = 20-1 },
  493. [NL80211_ATTR_WIPHY_TXQ_PARAMS] = { .type = NLA_NESTED },
  494. [NL80211_ATTR_WIPHY_FREQ] = { .type = NLA_U32 },
  495. [NL80211_ATTR_WIPHY_CHANNEL_TYPE] = { .type = NLA_U32 },
  496. [NL80211_ATTR_WIPHY_EDMG_CHANNELS] = NLA_POLICY_RANGE(NLA_U8,
  497. NL80211_EDMG_CHANNELS_MIN,
  498. NL80211_EDMG_CHANNELS_MAX),
  499. [NL80211_ATTR_WIPHY_EDMG_BW_CONFIG] = NLA_POLICY_RANGE(NLA_U8,
  500. NL80211_EDMG_BW_CONFIG_MIN,
  501. NL80211_EDMG_BW_CONFIG_MAX),
  502. [NL80211_ATTR_CHANNEL_WIDTH] = { .type = NLA_U32 },
  503. [NL80211_ATTR_CENTER_FREQ1] = { .type = NLA_U32 },
  504. [NL80211_ATTR_CENTER_FREQ1_OFFSET] = NLA_POLICY_RANGE(NLA_U32, 0, 999),
  505. [NL80211_ATTR_CENTER_FREQ2] = { .type = NLA_U32 },
  506. [NL80211_ATTR_WIPHY_RETRY_SHORT] = NLA_POLICY_MIN(NLA_U8, 1),
  507. [NL80211_ATTR_WIPHY_RETRY_LONG] = NLA_POLICY_MIN(NLA_U8, 1),
  508. [NL80211_ATTR_WIPHY_FRAG_THRESHOLD] = { .type = NLA_U32 },
  509. [NL80211_ATTR_WIPHY_RTS_THRESHOLD] = { .type = NLA_U32 },
  510. [NL80211_ATTR_WIPHY_COVERAGE_CLASS] = { .type = NLA_U8 },
  511. [NL80211_ATTR_WIPHY_DYN_ACK] = { .type = NLA_FLAG },
  512. [NL80211_ATTR_IFTYPE] = NLA_POLICY_MAX(NLA_U32, NL80211_IFTYPE_MAX),
  513. [NL80211_ATTR_IFINDEX] = { .type = NLA_U32 },
  514. [NL80211_ATTR_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ-1 },
  515. [NL80211_ATTR_MAC] = NLA_POLICY_EXACT_LEN_WARN(ETH_ALEN),
  516. [NL80211_ATTR_PREV_BSSID] = NLA_POLICY_EXACT_LEN_WARN(ETH_ALEN),
  517. [NL80211_ATTR_KEY] = { .type = NLA_NESTED, },
  518. [NL80211_ATTR_KEY_DATA] = { .type = NLA_BINARY,
  519. .len = WLAN_MAX_KEY_LEN },
  520. [NL80211_ATTR_KEY_IDX] = NLA_POLICY_MAX(NLA_U8, 7),
  521. [NL80211_ATTR_KEY_CIPHER] = { .type = NLA_U32 },
  522. [NL80211_ATTR_KEY_DEFAULT] = { .type = NLA_FLAG },
  523. [NL80211_ATTR_KEY_SEQ] = { .type = NLA_BINARY, .len = 16 },
  524. [NL80211_ATTR_KEY_TYPE] =
  525. NLA_POLICY_MAX(NLA_U32, NUM_NL80211_KEYTYPES),
  526. [NL80211_ATTR_BEACON_INTERVAL] = { .type = NLA_U32 },
  527. [NL80211_ATTR_DTIM_PERIOD] = { .type = NLA_U32 },
  528. [NL80211_ATTR_BEACON_HEAD] =
  529. NLA_POLICY_VALIDATE_FN(NLA_BINARY, validate_beacon_head,
  530. IEEE80211_MAX_DATA_LEN),
  531. [NL80211_ATTR_BEACON_TAIL] =
  532. NLA_POLICY_VALIDATE_FN(NLA_BINARY, validate_ie_attr,
  533. IEEE80211_MAX_DATA_LEN),
  534. [NL80211_ATTR_STA_AID] =
  535. NLA_POLICY_RANGE(NLA_U16, 1, IEEE80211_MAX_AID),
  536. [NL80211_ATTR_STA_FLAGS] = { .type = NLA_NESTED },
  537. [NL80211_ATTR_STA_LISTEN_INTERVAL] = { .type = NLA_U16 },
  538. [NL80211_ATTR_STA_SUPPORTED_RATES] = { .type = NLA_BINARY,
  539. .len = NL80211_MAX_SUPP_RATES },
  540. [NL80211_ATTR_STA_PLINK_ACTION] =
  541. NLA_POLICY_MAX(NLA_U8, NUM_NL80211_PLINK_ACTIONS - 1),
  542. [NL80211_ATTR_STA_TX_POWER_SETTING] =
  543. NLA_POLICY_RANGE(NLA_U8,
  544. NL80211_TX_POWER_AUTOMATIC,
  545. NL80211_TX_POWER_FIXED),
  546. [NL80211_ATTR_STA_TX_POWER] = { .type = NLA_S16 },
  547. [NL80211_ATTR_STA_VLAN] = { .type = NLA_U32 },
  548. [NL80211_ATTR_MNTR_FLAGS] = { /* NLA_NESTED can't be empty */ },
  549. [NL80211_ATTR_MESH_ID] = { .type = NLA_BINARY,
  550. .len = IEEE80211_MAX_MESH_ID_LEN },
  551. [NL80211_ATTR_MPATH_NEXT_HOP] = NLA_POLICY_ETH_ADDR_COMPAT,
  552. /* allow 3 for NUL-termination, we used to declare this NLA_STRING */
  553. [NL80211_ATTR_REG_ALPHA2] = NLA_POLICY_RANGE(NLA_BINARY, 2, 3),
  554. [NL80211_ATTR_REG_RULES] = { .type = NLA_NESTED },
  555. [NL80211_ATTR_BSS_CTS_PROT] = { .type = NLA_U8 },
  556. [NL80211_ATTR_BSS_SHORT_PREAMBLE] = { .type = NLA_U8 },
  557. [NL80211_ATTR_BSS_SHORT_SLOT_TIME] = { .type = NLA_U8 },
  558. [NL80211_ATTR_BSS_BASIC_RATES] = { .type = NLA_BINARY,
  559. .len = NL80211_MAX_SUPP_RATES },
  560. [NL80211_ATTR_BSS_HT_OPMODE] = { .type = NLA_U16 },
  561. [NL80211_ATTR_MESH_CONFIG] = { .type = NLA_NESTED },
  562. [NL80211_ATTR_SUPPORT_MESH_AUTH] = { .type = NLA_FLAG },
  563. [NL80211_ATTR_HT_CAPABILITY] = NLA_POLICY_EXACT_LEN_WARN(NL80211_HT_CAPABILITY_LEN),
  564. [NL80211_ATTR_MGMT_SUBTYPE] = { .type = NLA_U8 },
  565. [NL80211_ATTR_IE] = NLA_POLICY_VALIDATE_FN(NLA_BINARY,
  566. validate_ie_attr,
  567. IEEE80211_MAX_DATA_LEN),
  568. [NL80211_ATTR_SCAN_FREQUENCIES] = { .type = NLA_NESTED },
  569. [NL80211_ATTR_SCAN_SSIDS] = { .type = NLA_NESTED },
  570. [NL80211_ATTR_SSID] = { .type = NLA_BINARY,
  571. .len = IEEE80211_MAX_SSID_LEN },
  572. [NL80211_ATTR_AUTH_TYPE] = { .type = NLA_U32 },
  573. [NL80211_ATTR_REASON_CODE] = { .type = NLA_U16 },
  574. [NL80211_ATTR_FREQ_FIXED] = { .type = NLA_FLAG },
  575. [NL80211_ATTR_TIMED_OUT] = { .type = NLA_FLAG },
  576. [NL80211_ATTR_USE_MFP] = NLA_POLICY_RANGE(NLA_U32,
  577. NL80211_MFP_NO,
  578. NL80211_MFP_OPTIONAL),
  579. [NL80211_ATTR_STA_FLAGS2] =
  580. NLA_POLICY_EXACT_LEN_WARN(sizeof(struct nl80211_sta_flag_update)),
  581. [NL80211_ATTR_CONTROL_PORT] = { .type = NLA_FLAG },
  582. [NL80211_ATTR_CONTROL_PORT_ETHERTYPE] = { .type = NLA_U16 },
  583. [NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT] = { .type = NLA_FLAG },
  584. [NL80211_ATTR_CONTROL_PORT_OVER_NL80211] = { .type = NLA_FLAG },
  585. [NL80211_ATTR_PRIVACY] = { .type = NLA_FLAG },
  586. [NL80211_ATTR_STATUS_CODE] = { .type = NLA_U16 },
  587. [NL80211_ATTR_CIPHER_SUITE_GROUP] = { .type = NLA_U32 },
  588. [NL80211_ATTR_WPA_VERSIONS] =
  589. NLA_POLICY_RANGE(NLA_U32, 0,
  590. NL80211_WPA_VERSION_1 |
  591. NL80211_WPA_VERSION_2 |
  592. NL80211_WPA_VERSION_3),
  593. [NL80211_ATTR_PID] = { .type = NLA_U32 },
  594. [NL80211_ATTR_4ADDR] = { .type = NLA_U8 },
  595. [NL80211_ATTR_PMKID] = NLA_POLICY_EXACT_LEN_WARN(WLAN_PMKID_LEN),
  596. [NL80211_ATTR_DURATION] = { .type = NLA_U32 },
  597. [NL80211_ATTR_COOKIE] = { .type = NLA_U64 },
  598. [NL80211_ATTR_TX_RATES] = { .type = NLA_NESTED },
  599. [NL80211_ATTR_FRAME] = { .type = NLA_BINARY,
  600. .len = IEEE80211_MAX_DATA_LEN },
  601. [NL80211_ATTR_FRAME_MATCH] = { .type = NLA_BINARY, },
  602. [NL80211_ATTR_PS_STATE] = NLA_POLICY_RANGE(NLA_U32,
  603. NL80211_PS_DISABLED,
  604. NL80211_PS_ENABLED),
  605. [NL80211_ATTR_CQM] = { .type = NLA_NESTED, },
  606. [NL80211_ATTR_LOCAL_STATE_CHANGE] = { .type = NLA_FLAG },
  607. [NL80211_ATTR_AP_ISOLATE] = { .type = NLA_U8 },
  608. [NL80211_ATTR_WIPHY_TX_POWER_SETTING] = { .type = NLA_U32 },
  609. [NL80211_ATTR_WIPHY_TX_POWER_LEVEL] = { .type = NLA_U32 },
  610. [NL80211_ATTR_FRAME_TYPE] = { .type = NLA_U16 },
  611. [NL80211_ATTR_WIPHY_ANTENNA_TX] = { .type = NLA_U32 },
  612. [NL80211_ATTR_WIPHY_ANTENNA_RX] = { .type = NLA_U32 },
  613. [NL80211_ATTR_MCAST_RATE] = { .type = NLA_U32 },
  614. [NL80211_ATTR_OFFCHANNEL_TX_OK] = { .type = NLA_FLAG },
  615. [NL80211_ATTR_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED },
  616. [NL80211_ATTR_WOWLAN_TRIGGERS] = { .type = NLA_NESTED },
  617. [NL80211_ATTR_STA_PLINK_STATE] =
  618. NLA_POLICY_MAX(NLA_U8, NUM_NL80211_PLINK_STATES - 1),
  619. [NL80211_ATTR_MEASUREMENT_DURATION] = { .type = NLA_U16 },
  620. [NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY] = { .type = NLA_FLAG },
  621. [NL80211_ATTR_MESH_PEER_AID] =
  622. NLA_POLICY_RANGE(NLA_U16, 1, IEEE80211_MAX_AID),
  623. [NL80211_ATTR_SCHED_SCAN_INTERVAL] = { .type = NLA_U32 },
  624. [NL80211_ATTR_REKEY_DATA] = { .type = NLA_NESTED },
  625. [NL80211_ATTR_SCAN_SUPP_RATES] = { .type = NLA_NESTED },
  626. [NL80211_ATTR_HIDDEN_SSID] =
  627. NLA_POLICY_RANGE(NLA_U32,
  628. NL80211_HIDDEN_SSID_NOT_IN_USE,
  629. NL80211_HIDDEN_SSID_ZERO_CONTENTS),
  630. [NL80211_ATTR_IE_PROBE_RESP] =
  631. NLA_POLICY_VALIDATE_FN(NLA_BINARY, validate_ie_attr,
  632. IEEE80211_MAX_DATA_LEN),
  633. [NL80211_ATTR_IE_ASSOC_RESP] =
  634. NLA_POLICY_VALIDATE_FN(NLA_BINARY, validate_ie_attr,
  635. IEEE80211_MAX_DATA_LEN),
  636. [NL80211_ATTR_ROAM_SUPPORT] = { .type = NLA_FLAG },
  637. [NL80211_ATTR_STA_WME] = NLA_POLICY_NESTED(nl80211_sta_wme_policy),
  638. [NL80211_ATTR_SCHED_SCAN_MATCH] = { .type = NLA_NESTED },
  639. [NL80211_ATTR_TX_NO_CCK_RATE] = { .type = NLA_FLAG },
  640. [NL80211_ATTR_TDLS_ACTION] = { .type = NLA_U8 },
  641. [NL80211_ATTR_TDLS_DIALOG_TOKEN] = { .type = NLA_U8 },
  642. [NL80211_ATTR_TDLS_OPERATION] = { .type = NLA_U8 },
  643. [NL80211_ATTR_TDLS_SUPPORT] = { .type = NLA_FLAG },
  644. [NL80211_ATTR_TDLS_EXTERNAL_SETUP] = { .type = NLA_FLAG },
  645. [NL80211_ATTR_TDLS_INITIATOR] = { .type = NLA_FLAG },
  646. [NL80211_ATTR_DONT_WAIT_FOR_ACK] = { .type = NLA_FLAG },
  647. [NL80211_ATTR_PROBE_RESP] = { .type = NLA_BINARY,
  648. .len = IEEE80211_MAX_DATA_LEN },
  649. [NL80211_ATTR_DFS_REGION] = { .type = NLA_U8 },
  650. [NL80211_ATTR_DISABLE_HT] = { .type = NLA_FLAG },
  651. [NL80211_ATTR_HT_CAPABILITY_MASK] = {
  652. .len = NL80211_HT_CAPABILITY_LEN
  653. },
  654. [NL80211_ATTR_NOACK_MAP] = { .type = NLA_U16 },
  655. [NL80211_ATTR_INACTIVITY_TIMEOUT] = { .type = NLA_U16 },
  656. [NL80211_ATTR_BG_SCAN_PERIOD] = { .type = NLA_U16 },
  657. [NL80211_ATTR_WDEV] = { .type = NLA_U64 },
  658. [NL80211_ATTR_USER_REG_HINT_TYPE] = { .type = NLA_U32 },
  659. /* need to include at least Auth Transaction and Status Code */
  660. [NL80211_ATTR_AUTH_DATA] = NLA_POLICY_MIN_LEN(4),
  661. [NL80211_ATTR_VHT_CAPABILITY] = NLA_POLICY_EXACT_LEN_WARN(NL80211_VHT_CAPABILITY_LEN),
  662. [NL80211_ATTR_SCAN_FLAGS] = { .type = NLA_U32 },
  663. [NL80211_ATTR_P2P_CTWINDOW] = NLA_POLICY_MAX(NLA_U8, 127),
  664. [NL80211_ATTR_P2P_OPPPS] = NLA_POLICY_MAX(NLA_U8, 1),
  665. [NL80211_ATTR_LOCAL_MESH_POWER_MODE] =
  666. NLA_POLICY_RANGE(NLA_U32,
  667. NL80211_MESH_POWER_UNKNOWN + 1,
  668. NL80211_MESH_POWER_MAX),
  669. [NL80211_ATTR_ACL_POLICY] = {. type = NLA_U32 },
  670. [NL80211_ATTR_MAC_ADDRS] = { .type = NLA_NESTED },
  671. [NL80211_ATTR_STA_CAPABILITY] = { .type = NLA_U16 },
  672. [NL80211_ATTR_STA_EXT_CAPABILITY] = { .type = NLA_BINARY, },
  673. [NL80211_ATTR_SPLIT_WIPHY_DUMP] = { .type = NLA_FLAG, },
  674. [NL80211_ATTR_DISABLE_VHT] = { .type = NLA_FLAG },
  675. [NL80211_ATTR_VHT_CAPABILITY_MASK] = {
  676. .len = NL80211_VHT_CAPABILITY_LEN,
  677. },
  678. [NL80211_ATTR_MDID] = { .type = NLA_U16 },
  679. [NL80211_ATTR_IE_RIC] = { .type = NLA_BINARY,
  680. .len = IEEE80211_MAX_DATA_LEN },
  681. [NL80211_ATTR_CRIT_PROT_ID] = { .type = NLA_U16 },
  682. [NL80211_ATTR_MAX_CRIT_PROT_DURATION] =
  683. NLA_POLICY_MAX(NLA_U16, NL80211_CRIT_PROTO_MAX_DURATION),
  684. [NL80211_ATTR_PEER_AID] =
  685. NLA_POLICY_RANGE(NLA_U16, 1, IEEE80211_MAX_AID),
  686. [NL80211_ATTR_CH_SWITCH_COUNT] = { .type = NLA_U32 },
  687. [NL80211_ATTR_CH_SWITCH_BLOCK_TX] = { .type = NLA_FLAG },
  688. [NL80211_ATTR_CSA_IES] = { .type = NLA_NESTED },
  689. [NL80211_ATTR_CNTDWN_OFFS_BEACON] = { .type = NLA_BINARY },
  690. [NL80211_ATTR_CNTDWN_OFFS_PRESP] = { .type = NLA_BINARY },
  691. [NL80211_ATTR_STA_SUPPORTED_CHANNELS] = NLA_POLICY_MIN_LEN(2),
  692. /*
  693. * The value of the Length field of the Supported Operating
  694. * Classes element is between 2 and 253.
  695. */
  696. [NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES] =
  697. NLA_POLICY_RANGE(NLA_BINARY, 2, 253),
  698. [NL80211_ATTR_HANDLE_DFS] = { .type = NLA_FLAG },
  699. [NL80211_ATTR_OPMODE_NOTIF] = { .type = NLA_U8 },
  700. [NL80211_ATTR_VENDOR_ID] = { .type = NLA_U32 },
  701. [NL80211_ATTR_VENDOR_SUBCMD] = { .type = NLA_U32 },
  702. [NL80211_ATTR_VENDOR_DATA] = { .type = NLA_BINARY },
  703. [NL80211_ATTR_QOS_MAP] = NLA_POLICY_RANGE(NLA_BINARY,
  704. IEEE80211_QOS_MAP_LEN_MIN,
  705. IEEE80211_QOS_MAP_LEN_MAX),
  706. [NL80211_ATTR_MAC_HINT] = NLA_POLICY_EXACT_LEN_WARN(ETH_ALEN),
  707. [NL80211_ATTR_WIPHY_FREQ_HINT] = { .type = NLA_U32 },
  708. [NL80211_ATTR_TDLS_PEER_CAPABILITY] = { .type = NLA_U32 },
  709. [NL80211_ATTR_SOCKET_OWNER] = { .type = NLA_FLAG },
  710. [NL80211_ATTR_CSA_C_OFFSETS_TX] = { .type = NLA_BINARY },
  711. [NL80211_ATTR_USE_RRM] = { .type = NLA_FLAG },
  712. [NL80211_ATTR_TSID] = NLA_POLICY_MAX(NLA_U8, IEEE80211_NUM_TIDS - 1),
  713. [NL80211_ATTR_USER_PRIO] =
  714. NLA_POLICY_MAX(NLA_U8, IEEE80211_NUM_UPS - 1),
  715. [NL80211_ATTR_ADMITTED_TIME] = { .type = NLA_U16 },
  716. [NL80211_ATTR_SMPS_MODE] = { .type = NLA_U8 },
  717. [NL80211_ATTR_OPER_CLASS] = { .type = NLA_U8 },
  718. [NL80211_ATTR_MAC_MASK] = NLA_POLICY_EXACT_LEN_WARN(ETH_ALEN),
  719. [NL80211_ATTR_WIPHY_SELF_MANAGED_REG] = { .type = NLA_FLAG },
  720. [NL80211_ATTR_NETNS_FD] = { .type = NLA_U32 },
  721. [NL80211_ATTR_SCHED_SCAN_DELAY] = { .type = NLA_U32 },
  722. [NL80211_ATTR_REG_INDOOR] = { .type = NLA_FLAG },
  723. [NL80211_ATTR_PBSS] = { .type = NLA_FLAG },
  724. [NL80211_ATTR_BSS_SELECT] = { .type = NLA_NESTED },
  725. [NL80211_ATTR_STA_SUPPORT_P2P_PS] =
  726. NLA_POLICY_MAX(NLA_U8, NUM_NL80211_P2P_PS_STATUS - 1),
  727. [NL80211_ATTR_MU_MIMO_GROUP_DATA] = {
  728. .len = VHT_MUMIMO_GROUPS_DATA_LEN
  729. },
  730. [NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR] = NLA_POLICY_EXACT_LEN_WARN(ETH_ALEN),
  731. [NL80211_ATTR_NAN_MASTER_PREF] = NLA_POLICY_MIN(NLA_U8, 1),
  732. [NL80211_ATTR_BANDS] = { .type = NLA_U32 },
  733. [NL80211_ATTR_NAN_CONFIG] = NLA_POLICY_NESTED(nl80211_nan_conf_policy),
  734. [NL80211_ATTR_NAN_FUNC] = { .type = NLA_NESTED },
  735. [NL80211_ATTR_FILS_KEK] = { .type = NLA_BINARY,
  736. .len = FILS_MAX_KEK_LEN },
  737. [NL80211_ATTR_FILS_NONCES] = NLA_POLICY_EXACT_LEN_WARN(2 * FILS_NONCE_LEN),
  738. [NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED] = { .type = NLA_FLAG, },
  739. [NL80211_ATTR_BSSID] = NLA_POLICY_EXACT_LEN_WARN(ETH_ALEN),
  740. [NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI] = { .type = NLA_S8 },
  741. [NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST] = {
  742. .len = sizeof(struct nl80211_bss_select_rssi_adjust)
  743. },
  744. [NL80211_ATTR_TIMEOUT_REASON] = { .type = NLA_U32 },
  745. [NL80211_ATTR_FILS_ERP_USERNAME] = { .type = NLA_BINARY,
  746. .len = FILS_ERP_MAX_USERNAME_LEN },
  747. [NL80211_ATTR_FILS_ERP_REALM] = { .type = NLA_BINARY,
  748. .len = FILS_ERP_MAX_REALM_LEN },
  749. [NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM] = { .type = NLA_U16 },
  750. [NL80211_ATTR_FILS_ERP_RRK] = { .type = NLA_BINARY,
  751. .len = FILS_ERP_MAX_RRK_LEN },
  752. [NL80211_ATTR_FILS_CACHE_ID] = NLA_POLICY_EXACT_LEN_WARN(2),
  753. [NL80211_ATTR_PMK] = { .type = NLA_BINARY, .len = PMK_MAX_LEN },
  754. [NL80211_ATTR_PMKR0_NAME] = NLA_POLICY_EXACT_LEN(WLAN_PMK_NAME_LEN),
  755. [NL80211_ATTR_SCHED_SCAN_MULTI] = { .type = NLA_FLAG },
  756. [NL80211_ATTR_EXTERNAL_AUTH_SUPPORT] = { .type = NLA_FLAG },
  757. [NL80211_ATTR_TXQ_LIMIT] = { .type = NLA_U32 },
  758. [NL80211_ATTR_TXQ_MEMORY_LIMIT] = { .type = NLA_U32 },
  759. [NL80211_ATTR_TXQ_QUANTUM] = NLA_POLICY_FULL_RANGE(NLA_U32, &q_range),
  760. [NL80211_ATTR_HE_CAPABILITY] =
  761. NLA_POLICY_VALIDATE_FN(NLA_BINARY, validate_he_capa,
  762. NL80211_HE_MAX_CAPABILITY_LEN),
  763. [NL80211_ATTR_FTM_RESPONDER] =
  764. NLA_POLICY_NESTED(nl80211_ftm_responder_policy),
  765. [NL80211_ATTR_TIMEOUT] = NLA_POLICY_MIN(NLA_U32, 1),
  766. [NL80211_ATTR_PEER_MEASUREMENTS] =
  767. NLA_POLICY_NESTED(nl80211_pmsr_attr_policy),
  768. [NL80211_ATTR_AIRTIME_WEIGHT] = NLA_POLICY_MIN(NLA_U16, 1),
  769. [NL80211_ATTR_SAE_PASSWORD] = { .type = NLA_BINARY,
  770. .len = SAE_PASSWORD_MAX_LEN },
  771. [NL80211_ATTR_TWT_RESPONDER] = { .type = NLA_FLAG },
  772. [NL80211_ATTR_HE_OBSS_PD] = NLA_POLICY_NESTED(he_obss_pd_policy),
  773. [NL80211_ATTR_VLAN_ID] = NLA_POLICY_RANGE(NLA_U16, 1, VLAN_N_VID - 2),
  774. [NL80211_ATTR_HE_BSS_COLOR] = NLA_POLICY_NESTED(he_bss_color_policy),
  775. [NL80211_ATTR_TID_CONFIG] =
  776. NLA_POLICY_NESTED_ARRAY(nl80211_tid_config_attr_policy),
  777. [NL80211_ATTR_CONTROL_PORT_NO_PREAUTH] = { .type = NLA_FLAG },
  778. [NL80211_ATTR_PMK_LIFETIME] = NLA_POLICY_MIN(NLA_U32, 1),
  779. [NL80211_ATTR_PMK_REAUTH_THRESHOLD] = NLA_POLICY_RANGE(NLA_U8, 1, 100),
  780. [NL80211_ATTR_RECEIVE_MULTICAST] = { .type = NLA_FLAG },
  781. [NL80211_ATTR_WIPHY_FREQ_OFFSET] = NLA_POLICY_RANGE(NLA_U32, 0, 999),
  782. [NL80211_ATTR_SCAN_FREQ_KHZ] = { .type = NLA_NESTED },
  783. [NL80211_ATTR_HE_6GHZ_CAPABILITY] =
  784. NLA_POLICY_EXACT_LEN(sizeof(struct ieee80211_he_6ghz_capa)),
  785. [NL80211_ATTR_FILS_DISCOVERY] =
  786. NLA_POLICY_NESTED(nl80211_fils_discovery_policy),
  787. [NL80211_ATTR_UNSOL_BCAST_PROBE_RESP] =
  788. NLA_POLICY_NESTED(nl80211_unsol_bcast_probe_resp_policy),
  789. [NL80211_ATTR_S1G_CAPABILITY] =
  790. NLA_POLICY_EXACT_LEN(IEEE80211_S1G_CAPABILITY_LEN),
  791. [NL80211_ATTR_S1G_CAPABILITY_MASK] =
  792. NLA_POLICY_EXACT_LEN(IEEE80211_S1G_CAPABILITY_LEN),
  793. [NL80211_ATTR_SAE_PWE] =
  794. NLA_POLICY_RANGE(NLA_U8, NL80211_SAE_PWE_HUNT_AND_PECK,
  795. NL80211_SAE_PWE_BOTH),
  796. [NL80211_ATTR_RECONNECT_REQUESTED] = { .type = NLA_REJECT },
  797. [NL80211_ATTR_SAR_SPEC] = NLA_POLICY_NESTED(sar_policy),
  798. [NL80211_ATTR_DISABLE_HE] = { .type = NLA_FLAG },
  799. [NL80211_ATTR_OBSS_COLOR_BITMAP] = { .type = NLA_U64 },
  800. [NL80211_ATTR_COLOR_CHANGE_COUNT] = { .type = NLA_U8 },
  801. [NL80211_ATTR_COLOR_CHANGE_COLOR] = { .type = NLA_U8 },
  802. [NL80211_ATTR_COLOR_CHANGE_ELEMS] = NLA_POLICY_NESTED(nl80211_policy),
  803. [NL80211_ATTR_MBSSID_CONFIG] =
  804. NLA_POLICY_NESTED(nl80211_mbssid_config_policy),
  805. [NL80211_ATTR_MBSSID_ELEMS] = { .type = NLA_NESTED },
  806. [NL80211_ATTR_RADAR_BACKGROUND] = { .type = NLA_FLAG },
  807. [NL80211_ATTR_AP_SETTINGS_FLAGS] = { .type = NLA_U32 },
  808. [NL80211_ATTR_EHT_CAPABILITY] =
  809. NLA_POLICY_RANGE(NLA_BINARY,
  810. NL80211_EHT_MIN_CAPABILITY_LEN,
  811. NL80211_EHT_MAX_CAPABILITY_LEN),
  812. [NL80211_ATTR_DISABLE_EHT] = { .type = NLA_FLAG },
  813. [NL80211_ATTR_MLO_LINKS] =
  814. NLA_POLICY_NESTED_ARRAY(nl80211_policy),
  815. [NL80211_ATTR_MLO_LINK_ID] =
  816. NLA_POLICY_RANGE(NLA_U8, 0, IEEE80211_MLD_MAX_NUM_LINKS - 1),
  817. [NL80211_ATTR_MLD_ADDR] = NLA_POLICY_EXACT_LEN(ETH_ALEN),
  818. [NL80211_ATTR_MLO_SUPPORT] = { .type = NLA_FLAG },
  819. [NL80211_ATTR_MAX_NUM_AKM_SUITES] = { .type = NLA_REJECT },
  820. [NL80211_ATTR_EML_CAPABILITY] = { .type = NLA_U16 },
  821. [NL80211_ATTR_PUNCT_BITMAP] =
  822. NLA_POLICY_FULL_RANGE(NLA_U32, &nl80211_punct_bitmap_range),
  823. [NL80211_ATTR_MAX_HW_TIMESTAMP_PEERS] = { .type = NLA_U16 },
  824. [NL80211_ATTR_HW_TIMESTAMP_ENABLED] = { .type = NLA_FLAG },
  825. [NL80211_ATTR_EMA_RNR_ELEMS] = { .type = NLA_NESTED },
  826. [NL80211_ATTR_MLO_LINK_DISABLED] = { .type = NLA_FLAG },
  827. [NL80211_ATTR_BSS_DUMP_INCLUDE_USE_DATA] = { .type = NLA_FLAG },
  828. [NL80211_ATTR_MLO_TTLM_DLINK] = NLA_POLICY_EXACT_LEN(sizeof(u16) * 8),
  829. [NL80211_ATTR_MLO_TTLM_ULINK] = NLA_POLICY_EXACT_LEN(sizeof(u16) * 8),
  830. [NL80211_ATTR_ASSOC_SPP_AMSDU] = { .type = NLA_FLAG },
  831. [NL80211_ATTR_VIF_RADIO_MASK] = { .type = NLA_U32 },
  832. [NL80211_ATTR_SUPPORTED_SELECTORS] =
  833. NLA_POLICY_VALIDATE_FN(NLA_BINARY, validate_supported_selectors,
  834. NL80211_MAX_SUPP_SELECTORS),
  835. [NL80211_ATTR_MLO_RECONF_REM_LINKS] = { .type = NLA_U16 },
  836. [NL80211_ATTR_EPCS] = { .type = NLA_FLAG },
  837. [NL80211_ATTR_ASSOC_MLD_EXT_CAPA_OPS] = { .type = NLA_U16 },
  838. [NL80211_ATTR_WIPHY_RADIO_INDEX] = { .type = NLA_U8 },
  839. [NL80211_ATTR_S1G_LONG_BEACON_PERIOD] = NLA_POLICY_MIN(NLA_U8, 2),
  840. [NL80211_ATTR_S1G_SHORT_BEACON] =
  841. NLA_POLICY_NESTED(nl80211_s1g_short_beacon),
  842. [NL80211_ATTR_BSS_PARAM] = { .type = NLA_FLAG },
  843. [NL80211_ATTR_S1G_PRIMARY_2MHZ] = { .type = NLA_FLAG },
  844. [NL80211_ATTR_EPP_PEER] = { .type = NLA_FLAG },
  845. [NL80211_ATTR_UHR_CAPABILITY] =
  846. NLA_POLICY_VALIDATE_FN(NLA_BINARY, validate_uhr_capa, 255),
  847. [NL80211_ATTR_DISABLE_UHR] = { .type = NLA_FLAG },
  848. };
  849. /* policy for the key attributes */
  850. static const struct nla_policy nl80211_key_policy[NL80211_KEY_MAX + 1] = {
  851. [NL80211_KEY_DATA] = { .type = NLA_BINARY, .len = WLAN_MAX_KEY_LEN },
  852. [NL80211_KEY_IDX] = { .type = NLA_U8 },
  853. [NL80211_KEY_CIPHER] = { .type = NLA_U32 },
  854. [NL80211_KEY_SEQ] = { .type = NLA_BINARY, .len = 16 },
  855. [NL80211_KEY_DEFAULT] = { .type = NLA_FLAG },
  856. [NL80211_KEY_DEFAULT_MGMT] = { .type = NLA_FLAG },
  857. [NL80211_KEY_TYPE] = NLA_POLICY_MAX(NLA_U32, NUM_NL80211_KEYTYPES - 1),
  858. [NL80211_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED },
  859. [NL80211_KEY_MODE] = NLA_POLICY_RANGE(NLA_U8, 0, NL80211_KEY_SET_TX),
  860. };
  861. /* policy for the key default flags */
  862. static const struct nla_policy
  863. nl80211_key_default_policy[NUM_NL80211_KEY_DEFAULT_TYPES] = {
  864. [NL80211_KEY_DEFAULT_TYPE_UNICAST] = { .type = NLA_FLAG },
  865. [NL80211_KEY_DEFAULT_TYPE_MULTICAST] = { .type = NLA_FLAG },
  866. };
  867. #ifdef CONFIG_PM
  868. /* policy for WoWLAN attributes */
  869. static const struct nla_policy
  870. nl80211_wowlan_policy[NUM_NL80211_WOWLAN_TRIG] = {
  871. [NL80211_WOWLAN_TRIG_ANY] = { .type = NLA_FLAG },
  872. [NL80211_WOWLAN_TRIG_DISCONNECT] = { .type = NLA_FLAG },
  873. [NL80211_WOWLAN_TRIG_MAGIC_PKT] = { .type = NLA_FLAG },
  874. [NL80211_WOWLAN_TRIG_PKT_PATTERN] = { .type = NLA_NESTED },
  875. [NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE] = { .type = NLA_FLAG },
  876. [NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST] = { .type = NLA_FLAG },
  877. [NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE] = { .type = NLA_FLAG },
  878. [NL80211_WOWLAN_TRIG_RFKILL_RELEASE] = { .type = NLA_FLAG },
  879. [NL80211_WOWLAN_TRIG_TCP_CONNECTION] = { .type = NLA_NESTED },
  880. [NL80211_WOWLAN_TRIG_NET_DETECT] = { .type = NLA_NESTED },
  881. };
  882. static const struct nla_policy
  883. nl80211_wowlan_tcp_policy[NUM_NL80211_WOWLAN_TCP] = {
  884. [NL80211_WOWLAN_TCP_SRC_IPV4] = { .type = NLA_U32 },
  885. [NL80211_WOWLAN_TCP_DST_IPV4] = { .type = NLA_U32 },
  886. [NL80211_WOWLAN_TCP_DST_MAC] = NLA_POLICY_EXACT_LEN_WARN(ETH_ALEN),
  887. [NL80211_WOWLAN_TCP_SRC_PORT] = { .type = NLA_U16 },
  888. [NL80211_WOWLAN_TCP_DST_PORT] = { .type = NLA_U16 },
  889. [NL80211_WOWLAN_TCP_DATA_PAYLOAD] = NLA_POLICY_MIN_LEN(1),
  890. [NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ] = {
  891. .len = sizeof(struct nl80211_wowlan_tcp_data_seq)
  892. },
  893. [NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN] = {
  894. .len = sizeof(struct nl80211_wowlan_tcp_data_token)
  895. },
  896. [NL80211_WOWLAN_TCP_DATA_INTERVAL] = { .type = NLA_U32 },
  897. [NL80211_WOWLAN_TCP_WAKE_PAYLOAD] = NLA_POLICY_MIN_LEN(1),
  898. [NL80211_WOWLAN_TCP_WAKE_MASK] = NLA_POLICY_MIN_LEN(1),
  899. };
  900. #endif /* CONFIG_PM */
  901. /* policy for coalesce rule attributes */
  902. static const struct nla_policy
  903. nl80211_coalesce_policy[NUM_NL80211_ATTR_COALESCE_RULE] = {
  904. [NL80211_ATTR_COALESCE_RULE_DELAY] = { .type = NLA_U32 },
  905. [NL80211_ATTR_COALESCE_RULE_CONDITION] =
  906. NLA_POLICY_RANGE(NLA_U32,
  907. NL80211_COALESCE_CONDITION_MATCH,
  908. NL80211_COALESCE_CONDITION_NO_MATCH),
  909. [NL80211_ATTR_COALESCE_RULE_PKT_PATTERN] = { .type = NLA_NESTED },
  910. };
  911. /* policy for GTK rekey offload attributes */
  912. static const struct nla_policy
  913. nl80211_rekey_policy[NUM_NL80211_REKEY_DATA] = {
  914. [NL80211_REKEY_DATA_KEK] = {
  915. .type = NLA_BINARY,
  916. .len = NL80211_KEK_EXT_LEN
  917. },
  918. [NL80211_REKEY_DATA_KCK] = {
  919. .type = NLA_BINARY,
  920. .len = NL80211_KCK_EXT_LEN_32
  921. },
  922. [NL80211_REKEY_DATA_REPLAY_CTR] = NLA_POLICY_EXACT_LEN(NL80211_REPLAY_CTR_LEN),
  923. [NL80211_REKEY_DATA_AKM] = { .type = NLA_U32 },
  924. };
  925. static const struct nla_policy
  926. nl80211_match_policy[NL80211_SCHED_SCAN_MATCH_ATTR_MAX + 1] = {
  927. [NL80211_SCHED_SCAN_MATCH_ATTR_SSID] = { .type = NLA_BINARY,
  928. .len = IEEE80211_MAX_SSID_LEN },
  929. [NL80211_SCHED_SCAN_MATCH_ATTR_BSSID] = NLA_POLICY_EXACT_LEN_WARN(ETH_ALEN),
  930. [NL80211_SCHED_SCAN_MATCH_ATTR_RSSI] = { .type = NLA_U32 },
  931. };
  932. static const struct nla_policy
  933. nl80211_plan_policy[NL80211_SCHED_SCAN_PLAN_MAX + 1] = {
  934. [NL80211_SCHED_SCAN_PLAN_INTERVAL] = { .type = NLA_U32 },
  935. [NL80211_SCHED_SCAN_PLAN_ITERATIONS] = { .type = NLA_U32 },
  936. };
  937. static const struct nla_policy
  938. nl80211_bss_select_policy[NL80211_BSS_SELECT_ATTR_MAX + 1] = {
  939. [NL80211_BSS_SELECT_ATTR_RSSI] = { .type = NLA_FLAG },
  940. [NL80211_BSS_SELECT_ATTR_BAND_PREF] = { .type = NLA_U32 },
  941. [NL80211_BSS_SELECT_ATTR_RSSI_ADJUST] = {
  942. .len = sizeof(struct nl80211_bss_select_rssi_adjust)
  943. },
  944. };
  945. /* policy for NAN function attributes */
  946. static const struct nla_policy
  947. nl80211_nan_func_policy[NL80211_NAN_FUNC_ATTR_MAX + 1] = {
  948. [NL80211_NAN_FUNC_TYPE] =
  949. NLA_POLICY_MAX(NLA_U8, NL80211_NAN_FUNC_MAX_TYPE),
  950. [NL80211_NAN_FUNC_SERVICE_ID] = {
  951. .len = NL80211_NAN_FUNC_SERVICE_ID_LEN },
  952. [NL80211_NAN_FUNC_PUBLISH_TYPE] = { .type = NLA_U8 },
  953. [NL80211_NAN_FUNC_PUBLISH_BCAST] = { .type = NLA_FLAG },
  954. [NL80211_NAN_FUNC_SUBSCRIBE_ACTIVE] = { .type = NLA_FLAG },
  955. [NL80211_NAN_FUNC_FOLLOW_UP_ID] = { .type = NLA_U8 },
  956. [NL80211_NAN_FUNC_FOLLOW_UP_REQ_ID] = { .type = NLA_U8 },
  957. [NL80211_NAN_FUNC_FOLLOW_UP_DEST] = NLA_POLICY_EXACT_LEN_WARN(ETH_ALEN),
  958. [NL80211_NAN_FUNC_CLOSE_RANGE] = { .type = NLA_FLAG },
  959. [NL80211_NAN_FUNC_TTL] = { .type = NLA_U32 },
  960. [NL80211_NAN_FUNC_SERVICE_INFO] = { .type = NLA_BINARY,
  961. .len = NL80211_NAN_FUNC_SERVICE_SPEC_INFO_MAX_LEN },
  962. [NL80211_NAN_FUNC_SRF] = { .type = NLA_NESTED },
  963. [NL80211_NAN_FUNC_RX_MATCH_FILTER] = { .type = NLA_NESTED },
  964. [NL80211_NAN_FUNC_TX_MATCH_FILTER] = { .type = NLA_NESTED },
  965. [NL80211_NAN_FUNC_INSTANCE_ID] = { .type = NLA_U8 },
  966. [NL80211_NAN_FUNC_TERM_REASON] = { .type = NLA_U8 },
  967. };
  968. /* policy for Service Response Filter attributes */
  969. static const struct nla_policy
  970. nl80211_nan_srf_policy[NL80211_NAN_SRF_ATTR_MAX + 1] = {
  971. [NL80211_NAN_SRF_INCLUDE] = { .type = NLA_FLAG },
  972. [NL80211_NAN_SRF_BF] = { .type = NLA_BINARY,
  973. .len = NL80211_NAN_FUNC_SRF_MAX_LEN },
  974. [NL80211_NAN_SRF_BF_IDX] = { .type = NLA_U8 },
  975. [NL80211_NAN_SRF_MAC_ADDRS] = { .type = NLA_NESTED },
  976. };
  977. /* policy for packet pattern attributes */
  978. static const struct nla_policy
  979. nl80211_packet_pattern_policy[MAX_NL80211_PKTPAT + 1] = {
  980. [NL80211_PKTPAT_MASK] = { .type = NLA_BINARY, },
  981. [NL80211_PKTPAT_PATTERN] = { .type = NLA_BINARY, },
  982. [NL80211_PKTPAT_OFFSET] = { .type = NLA_U32 },
  983. };
  984. static int nl80211_prepare_wdev_dump(struct netlink_callback *cb,
  985. struct cfg80211_registered_device **rdev,
  986. struct wireless_dev **wdev,
  987. struct nlattr **attrbuf)
  988. {
  989. int err;
  990. if (!cb->args[0]) {
  991. struct nlattr **attrbuf_free = NULL;
  992. if (!attrbuf) {
  993. attrbuf = kzalloc_objs(*attrbuf, NUM_NL80211_ATTR);
  994. if (!attrbuf)
  995. return -ENOMEM;
  996. attrbuf_free = attrbuf;
  997. }
  998. err = nlmsg_parse_deprecated(cb->nlh,
  999. GENL_HDRLEN + nl80211_fam.hdrsize,
  1000. attrbuf, nl80211_fam.maxattr,
  1001. nl80211_policy, NULL);
  1002. if (err) {
  1003. kfree(attrbuf_free);
  1004. return err;
  1005. }
  1006. rtnl_lock();
  1007. *wdev = __cfg80211_wdev_from_attrs(NULL, sock_net(cb->skb->sk),
  1008. attrbuf);
  1009. kfree(attrbuf_free);
  1010. if (IS_ERR(*wdev)) {
  1011. rtnl_unlock();
  1012. return PTR_ERR(*wdev);
  1013. }
  1014. *rdev = wiphy_to_rdev((*wdev)->wiphy);
  1015. mutex_lock(&(*rdev)->wiphy.mtx);
  1016. rtnl_unlock();
  1017. /* 0 is the first index - add 1 to parse only once */
  1018. cb->args[0] = (*rdev)->wiphy_idx + 1;
  1019. cb->args[1] = (*wdev)->identifier;
  1020. } else {
  1021. /* subtract the 1 again here */
  1022. struct wiphy *wiphy;
  1023. struct wireless_dev *tmp;
  1024. rtnl_lock();
  1025. wiphy = wiphy_idx_to_wiphy(cb->args[0] - 1);
  1026. if (!wiphy) {
  1027. rtnl_unlock();
  1028. return -ENODEV;
  1029. }
  1030. *rdev = wiphy_to_rdev(wiphy);
  1031. *wdev = NULL;
  1032. list_for_each_entry(tmp, &(*rdev)->wiphy.wdev_list, list) {
  1033. if (tmp->identifier == cb->args[1]) {
  1034. *wdev = tmp;
  1035. break;
  1036. }
  1037. }
  1038. if (!*wdev) {
  1039. rtnl_unlock();
  1040. return -ENODEV;
  1041. }
  1042. mutex_lock(&(*rdev)->wiphy.mtx);
  1043. rtnl_unlock();
  1044. }
  1045. return 0;
  1046. }
  1047. /* message building helper */
  1048. void *nl80211hdr_put(struct sk_buff *skb, u32 portid, u32 seq,
  1049. int flags, u8 cmd)
  1050. {
  1051. /* since there is no private header just add the generic one */
  1052. return genlmsg_put(skb, portid, seq, &nl80211_fam, flags, cmd);
  1053. }
  1054. static int nl80211_msg_put_wmm_rules(struct sk_buff *msg,
  1055. const struct ieee80211_reg_rule *rule)
  1056. {
  1057. int j;
  1058. struct nlattr *nl_wmm_rules =
  1059. nla_nest_start_noflag(msg, NL80211_FREQUENCY_ATTR_WMM);
  1060. if (!nl_wmm_rules)
  1061. goto nla_put_failure;
  1062. for (j = 0; j < IEEE80211_NUM_ACS; j++) {
  1063. struct nlattr *nl_wmm_rule = nla_nest_start_noflag(msg, j);
  1064. if (!nl_wmm_rule)
  1065. goto nla_put_failure;
  1066. if (nla_put_u16(msg, NL80211_WMMR_CW_MIN,
  1067. rule->wmm_rule.client[j].cw_min) ||
  1068. nla_put_u16(msg, NL80211_WMMR_CW_MAX,
  1069. rule->wmm_rule.client[j].cw_max) ||
  1070. nla_put_u8(msg, NL80211_WMMR_AIFSN,
  1071. rule->wmm_rule.client[j].aifsn) ||
  1072. nla_put_u16(msg, NL80211_WMMR_TXOP,
  1073. rule->wmm_rule.client[j].cot))
  1074. goto nla_put_failure;
  1075. nla_nest_end(msg, nl_wmm_rule);
  1076. }
  1077. nla_nest_end(msg, nl_wmm_rules);
  1078. return 0;
  1079. nla_put_failure:
  1080. return -ENOBUFS;
  1081. }
  1082. static int nl80211_msg_put_channel(struct sk_buff *msg, struct wiphy *wiphy,
  1083. struct ieee80211_channel *chan,
  1084. bool large)
  1085. {
  1086. /* Some channels must be completely excluded from the
  1087. * list to protect old user-space tools from breaking
  1088. */
  1089. if (!large && chan->flags &
  1090. (IEEE80211_CHAN_NO_10MHZ | IEEE80211_CHAN_NO_20MHZ))
  1091. return 0;
  1092. if (!large && chan->freq_offset)
  1093. return 0;
  1094. if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_FREQ,
  1095. chan->center_freq))
  1096. goto nla_put_failure;
  1097. if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_OFFSET, chan->freq_offset))
  1098. goto nla_put_failure;
  1099. if ((chan->flags & IEEE80211_CHAN_PSD) &&
  1100. nla_put_s8(msg, NL80211_FREQUENCY_ATTR_PSD, chan->psd))
  1101. goto nla_put_failure;
  1102. if ((chan->flags & IEEE80211_CHAN_DISABLED) &&
  1103. nla_put_flag(msg, NL80211_FREQUENCY_ATTR_DISABLED))
  1104. goto nla_put_failure;
  1105. if (chan->flags & IEEE80211_CHAN_NO_IR) {
  1106. if (nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_IR))
  1107. goto nla_put_failure;
  1108. if (nla_put_flag(msg, __NL80211_FREQUENCY_ATTR_NO_IBSS))
  1109. goto nla_put_failure;
  1110. }
  1111. if (chan->flags & IEEE80211_CHAN_RADAR) {
  1112. if (nla_put_flag(msg, NL80211_FREQUENCY_ATTR_RADAR))
  1113. goto nla_put_failure;
  1114. if (large) {
  1115. u32 time;
  1116. time = elapsed_jiffies_msecs(chan->dfs_state_entered);
  1117. if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_DFS_STATE,
  1118. chan->dfs_state))
  1119. goto nla_put_failure;
  1120. if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_DFS_TIME,
  1121. time))
  1122. goto nla_put_failure;
  1123. if (nla_put_u32(msg,
  1124. NL80211_FREQUENCY_ATTR_DFS_CAC_TIME,
  1125. chan->dfs_cac_ms))
  1126. goto nla_put_failure;
  1127. }
  1128. }
  1129. if (large) {
  1130. if ((chan->flags & IEEE80211_CHAN_NO_HT40MINUS) &&
  1131. nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_HT40_MINUS))
  1132. goto nla_put_failure;
  1133. if ((chan->flags & IEEE80211_CHAN_NO_HT40PLUS) &&
  1134. nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_HT40_PLUS))
  1135. goto nla_put_failure;
  1136. if ((chan->flags & IEEE80211_CHAN_NO_80MHZ) &&
  1137. nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_80MHZ))
  1138. goto nla_put_failure;
  1139. if ((chan->flags & IEEE80211_CHAN_NO_160MHZ) &&
  1140. nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_160MHZ))
  1141. goto nla_put_failure;
  1142. if ((chan->flags & IEEE80211_CHAN_INDOOR_ONLY) &&
  1143. nla_put_flag(msg, NL80211_FREQUENCY_ATTR_INDOOR_ONLY))
  1144. goto nla_put_failure;
  1145. if ((chan->flags & IEEE80211_CHAN_IR_CONCURRENT) &&
  1146. nla_put_flag(msg, NL80211_FREQUENCY_ATTR_IR_CONCURRENT))
  1147. goto nla_put_failure;
  1148. if ((chan->flags & IEEE80211_CHAN_NO_20MHZ) &&
  1149. nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_20MHZ))
  1150. goto nla_put_failure;
  1151. if ((chan->flags & IEEE80211_CHAN_NO_10MHZ) &&
  1152. nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_10MHZ))
  1153. goto nla_put_failure;
  1154. if ((chan->flags & IEEE80211_CHAN_NO_HE) &&
  1155. nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_HE))
  1156. goto nla_put_failure;
  1157. if ((chan->flags & IEEE80211_CHAN_NO_320MHZ) &&
  1158. nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_320MHZ))
  1159. goto nla_put_failure;
  1160. if ((chan->flags & IEEE80211_CHAN_NO_EHT) &&
  1161. nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_EHT))
  1162. goto nla_put_failure;
  1163. if ((chan->flags & IEEE80211_CHAN_DFS_CONCURRENT) &&
  1164. nla_put_flag(msg, NL80211_FREQUENCY_ATTR_DFS_CONCURRENT))
  1165. goto nla_put_failure;
  1166. if ((chan->flags & IEEE80211_CHAN_NO_6GHZ_VLP_CLIENT) &&
  1167. nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_6GHZ_VLP_CLIENT))
  1168. goto nla_put_failure;
  1169. if ((chan->flags & IEEE80211_CHAN_NO_6GHZ_AFC_CLIENT) &&
  1170. nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_6GHZ_AFC_CLIENT))
  1171. goto nla_put_failure;
  1172. if ((chan->flags & IEEE80211_CHAN_CAN_MONITOR) &&
  1173. nla_put_flag(msg, NL80211_FREQUENCY_ATTR_CAN_MONITOR))
  1174. goto nla_put_failure;
  1175. if ((chan->flags & IEEE80211_CHAN_ALLOW_6GHZ_VLP_AP) &&
  1176. nla_put_flag(msg, NL80211_FREQUENCY_ATTR_ALLOW_6GHZ_VLP_AP))
  1177. goto nla_put_failure;
  1178. if ((chan->flags & IEEE80211_CHAN_ALLOW_20MHZ_ACTIVITY) &&
  1179. nla_put_flag(msg,
  1180. NL80211_FREQUENCY_ATTR_ALLOW_20MHZ_ACTIVITY))
  1181. goto nla_put_failure;
  1182. if ((chan->flags & IEEE80211_CHAN_NO_4MHZ) &&
  1183. nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_4MHZ))
  1184. goto nla_put_failure;
  1185. if ((chan->flags & IEEE80211_CHAN_NO_8MHZ) &&
  1186. nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_8MHZ))
  1187. goto nla_put_failure;
  1188. if ((chan->flags & IEEE80211_CHAN_NO_16MHZ) &&
  1189. nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_16MHZ))
  1190. goto nla_put_failure;
  1191. if ((chan->flags & IEEE80211_CHAN_S1G_NO_PRIMARY) &&
  1192. nla_put_flag(msg, NL80211_FREQUENCY_ATTR_S1G_NO_PRIMARY))
  1193. goto nla_put_failure;
  1194. if ((chan->flags & IEEE80211_CHAN_NO_UHR) &&
  1195. nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_UHR))
  1196. goto nla_put_failure;
  1197. }
  1198. if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_MAX_TX_POWER,
  1199. DBM_TO_MBM(chan->max_power)))
  1200. goto nla_put_failure;
  1201. if (large) {
  1202. const struct ieee80211_reg_rule *rule =
  1203. freq_reg_info(wiphy, MHZ_TO_KHZ(chan->center_freq));
  1204. if (!IS_ERR_OR_NULL(rule) && rule->has_wmm) {
  1205. if (nl80211_msg_put_wmm_rules(msg, rule))
  1206. goto nla_put_failure;
  1207. }
  1208. }
  1209. return 0;
  1210. nla_put_failure:
  1211. return -ENOBUFS;
  1212. }
  1213. static bool nl80211_put_txq_stats(struct sk_buff *msg,
  1214. struct cfg80211_txq_stats *txqstats,
  1215. int attrtype)
  1216. {
  1217. struct nlattr *txqattr;
  1218. #define PUT_TXQVAL_U32(attr, memb) do { \
  1219. if (txqstats->filled & BIT(NL80211_TXQ_STATS_ ## attr) && \
  1220. nla_put_u32(msg, NL80211_TXQ_STATS_ ## attr, txqstats->memb)) \
  1221. return false; \
  1222. } while (0)
  1223. txqattr = nla_nest_start_noflag(msg, attrtype);
  1224. if (!txqattr)
  1225. return false;
  1226. PUT_TXQVAL_U32(BACKLOG_BYTES, backlog_bytes);
  1227. PUT_TXQVAL_U32(BACKLOG_PACKETS, backlog_packets);
  1228. PUT_TXQVAL_U32(FLOWS, flows);
  1229. PUT_TXQVAL_U32(DROPS, drops);
  1230. PUT_TXQVAL_U32(ECN_MARKS, ecn_marks);
  1231. PUT_TXQVAL_U32(OVERLIMIT, overlimit);
  1232. PUT_TXQVAL_U32(OVERMEMORY, overmemory);
  1233. PUT_TXQVAL_U32(COLLISIONS, collisions);
  1234. PUT_TXQVAL_U32(TX_BYTES, tx_bytes);
  1235. PUT_TXQVAL_U32(TX_PACKETS, tx_packets);
  1236. PUT_TXQVAL_U32(MAX_FLOWS, max_flows);
  1237. nla_nest_end(msg, txqattr);
  1238. #undef PUT_TXQVAL_U32
  1239. return true;
  1240. }
  1241. /* netlink command implementations */
  1242. /**
  1243. * nl80211_link_id - return link ID
  1244. * @attrs: attributes to look at
  1245. *
  1246. * Returns: the link ID or 0 if not given
  1247. *
  1248. * Note this function doesn't do any validation of the link
  1249. * ID validity wrt. links that were actually added, so it must
  1250. * be called only from ops with %NL80211_FLAG_MLO_VALID_LINK_ID
  1251. * or if additional validation is done.
  1252. */
  1253. static unsigned int nl80211_link_id(struct nlattr **attrs)
  1254. {
  1255. struct nlattr *linkid = attrs[NL80211_ATTR_MLO_LINK_ID];
  1256. return nla_get_u8_default(linkid, 0);
  1257. }
  1258. static int nl80211_link_id_or_invalid(struct nlattr **attrs)
  1259. {
  1260. struct nlattr *linkid = attrs[NL80211_ATTR_MLO_LINK_ID];
  1261. if (!linkid)
  1262. return -1;
  1263. return nla_get_u8(linkid);
  1264. }
  1265. struct key_parse {
  1266. struct key_params p;
  1267. int idx;
  1268. int type;
  1269. bool def, defmgmt, defbeacon;
  1270. bool def_uni, def_multi;
  1271. };
  1272. static int nl80211_parse_key_new(struct genl_info *info, struct nlattr *key,
  1273. struct key_parse *k)
  1274. {
  1275. struct nlattr *tb[NL80211_KEY_MAX + 1];
  1276. int err = nla_parse_nested_deprecated(tb, NL80211_KEY_MAX, key,
  1277. nl80211_key_policy,
  1278. info->extack);
  1279. if (err)
  1280. return err;
  1281. k->def = !!tb[NL80211_KEY_DEFAULT];
  1282. k->defmgmt = !!tb[NL80211_KEY_DEFAULT_MGMT];
  1283. k->defbeacon = !!tb[NL80211_KEY_DEFAULT_BEACON];
  1284. if (k->def) {
  1285. k->def_uni = true;
  1286. k->def_multi = true;
  1287. }
  1288. if (k->defmgmt || k->defbeacon)
  1289. k->def_multi = true;
  1290. if (tb[NL80211_KEY_IDX])
  1291. k->idx = nla_get_u8(tb[NL80211_KEY_IDX]);
  1292. if (tb[NL80211_KEY_DATA]) {
  1293. k->p.key = nla_data(tb[NL80211_KEY_DATA]);
  1294. k->p.key_len = nla_len(tb[NL80211_KEY_DATA]);
  1295. }
  1296. if (tb[NL80211_KEY_SEQ]) {
  1297. k->p.seq = nla_data(tb[NL80211_KEY_SEQ]);
  1298. k->p.seq_len = nla_len(tb[NL80211_KEY_SEQ]);
  1299. }
  1300. if (tb[NL80211_KEY_CIPHER])
  1301. k->p.cipher = nla_get_u32(tb[NL80211_KEY_CIPHER]);
  1302. if (tb[NL80211_KEY_TYPE])
  1303. k->type = nla_get_u32(tb[NL80211_KEY_TYPE]);
  1304. if (tb[NL80211_KEY_DEFAULT_TYPES]) {
  1305. struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES];
  1306. err = nla_parse_nested_deprecated(kdt,
  1307. NUM_NL80211_KEY_DEFAULT_TYPES - 1,
  1308. tb[NL80211_KEY_DEFAULT_TYPES],
  1309. nl80211_key_default_policy,
  1310. info->extack);
  1311. if (err)
  1312. return err;
  1313. k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST];
  1314. k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST];
  1315. }
  1316. if (tb[NL80211_KEY_MODE])
  1317. k->p.mode = nla_get_u8(tb[NL80211_KEY_MODE]);
  1318. return 0;
  1319. }
  1320. static int nl80211_parse_key_old(struct genl_info *info, struct key_parse *k)
  1321. {
  1322. if (info->attrs[NL80211_ATTR_KEY_DATA]) {
  1323. k->p.key = nla_data(info->attrs[NL80211_ATTR_KEY_DATA]);
  1324. k->p.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]);
  1325. }
  1326. if (info->attrs[NL80211_ATTR_KEY_SEQ]) {
  1327. k->p.seq = nla_data(info->attrs[NL80211_ATTR_KEY_SEQ]);
  1328. k->p.seq_len = nla_len(info->attrs[NL80211_ATTR_KEY_SEQ]);
  1329. }
  1330. if (info->attrs[NL80211_ATTR_KEY_IDX])
  1331. k->idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);
  1332. if (info->attrs[NL80211_ATTR_KEY_CIPHER])
  1333. k->p.cipher = nla_get_u32(info->attrs[NL80211_ATTR_KEY_CIPHER]);
  1334. k->def = !!info->attrs[NL80211_ATTR_KEY_DEFAULT];
  1335. k->defmgmt = !!info->attrs[NL80211_ATTR_KEY_DEFAULT_MGMT];
  1336. if (k->def) {
  1337. k->def_uni = true;
  1338. k->def_multi = true;
  1339. }
  1340. if (k->defmgmt)
  1341. k->def_multi = true;
  1342. if (info->attrs[NL80211_ATTR_KEY_TYPE])
  1343. k->type = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]);
  1344. if (info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES]) {
  1345. struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES];
  1346. int err = nla_parse_nested_deprecated(kdt,
  1347. NUM_NL80211_KEY_DEFAULT_TYPES - 1,
  1348. info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES],
  1349. nl80211_key_default_policy,
  1350. info->extack);
  1351. if (err)
  1352. return err;
  1353. k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST];
  1354. k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST];
  1355. }
  1356. return 0;
  1357. }
  1358. static int nl80211_parse_key(struct genl_info *info, struct key_parse *k)
  1359. {
  1360. int err;
  1361. memset(k, 0, sizeof(*k));
  1362. k->idx = -1;
  1363. k->type = -1;
  1364. if (info->attrs[NL80211_ATTR_KEY])
  1365. err = nl80211_parse_key_new(info, info->attrs[NL80211_ATTR_KEY], k);
  1366. else
  1367. err = nl80211_parse_key_old(info, k);
  1368. if (err)
  1369. return err;
  1370. if ((k->def ? 1 : 0) + (k->defmgmt ? 1 : 0) +
  1371. (k->defbeacon ? 1 : 0) > 1) {
  1372. GENL_SET_ERR_MSG(info,
  1373. "key with multiple default flags is invalid");
  1374. return -EINVAL;
  1375. }
  1376. if (k->defmgmt || k->defbeacon) {
  1377. if (k->def_uni || !k->def_multi) {
  1378. GENL_SET_ERR_MSG(info,
  1379. "defmgmt/defbeacon key must be mcast");
  1380. return -EINVAL;
  1381. }
  1382. }
  1383. if (k->idx != -1) {
  1384. if (k->defmgmt) {
  1385. if (k->idx < 4 || k->idx > 5) {
  1386. GENL_SET_ERR_MSG(info,
  1387. "defmgmt key idx not 4 or 5");
  1388. return -EINVAL;
  1389. }
  1390. } else if (k->defbeacon) {
  1391. if (k->idx < 6 || k->idx > 7) {
  1392. GENL_SET_ERR_MSG(info,
  1393. "defbeacon key idx not 6 or 7");
  1394. return -EINVAL;
  1395. }
  1396. } else if (k->def) {
  1397. if (k->idx < 0 || k->idx > 3) {
  1398. GENL_SET_ERR_MSG(info, "def key idx not 0-3");
  1399. return -EINVAL;
  1400. }
  1401. } else {
  1402. if (k->idx < 0 || k->idx > 7) {
  1403. GENL_SET_ERR_MSG(info, "key idx not 0-7");
  1404. return -EINVAL;
  1405. }
  1406. }
  1407. }
  1408. return 0;
  1409. }
  1410. static struct cfg80211_cached_keys *
  1411. nl80211_parse_connkeys(struct cfg80211_registered_device *rdev,
  1412. struct genl_info *info, bool *no_ht)
  1413. {
  1414. struct nlattr *keys = info->attrs[NL80211_ATTR_KEYS];
  1415. struct key_parse parse;
  1416. struct nlattr *key;
  1417. struct cfg80211_cached_keys *result;
  1418. int rem, err, def = 0;
  1419. bool have_key = false;
  1420. nla_for_each_nested(key, keys, rem) {
  1421. have_key = true;
  1422. break;
  1423. }
  1424. if (!have_key)
  1425. return NULL;
  1426. result = kzalloc_obj(*result);
  1427. if (!result)
  1428. return ERR_PTR(-ENOMEM);
  1429. result->def = -1;
  1430. nla_for_each_nested(key, keys, rem) {
  1431. memset(&parse, 0, sizeof(parse));
  1432. parse.idx = -1;
  1433. err = nl80211_parse_key_new(info, key, &parse);
  1434. if (err)
  1435. goto error;
  1436. err = -EINVAL;
  1437. if (!parse.p.key)
  1438. goto error;
  1439. if (parse.idx < 0 || parse.idx > 3) {
  1440. GENL_SET_ERR_MSG(info, "key index out of range [0-3]");
  1441. goto error;
  1442. }
  1443. if (parse.def) {
  1444. if (def) {
  1445. GENL_SET_ERR_MSG(info,
  1446. "only one key can be default");
  1447. goto error;
  1448. }
  1449. def = 1;
  1450. result->def = parse.idx;
  1451. if (!parse.def_uni || !parse.def_multi)
  1452. goto error;
  1453. } else if (parse.defmgmt)
  1454. goto error;
  1455. err = cfg80211_validate_key_settings(rdev, &parse.p,
  1456. parse.idx, false, NULL);
  1457. if (err)
  1458. goto error;
  1459. if (parse.p.cipher != WLAN_CIPHER_SUITE_WEP40 &&
  1460. parse.p.cipher != WLAN_CIPHER_SUITE_WEP104) {
  1461. GENL_SET_ERR_MSG(info, "connect key must be WEP");
  1462. err = -EINVAL;
  1463. goto error;
  1464. }
  1465. result->params[parse.idx].cipher = parse.p.cipher;
  1466. result->params[parse.idx].key_len = parse.p.key_len;
  1467. result->params[parse.idx].key = result->data[parse.idx];
  1468. memcpy(result->data[parse.idx], parse.p.key, parse.p.key_len);
  1469. /* must be WEP key if we got here */
  1470. if (no_ht)
  1471. *no_ht = true;
  1472. }
  1473. if (result->def < 0) {
  1474. err = -EINVAL;
  1475. GENL_SET_ERR_MSG(info, "need a default/TX key");
  1476. goto error;
  1477. }
  1478. return result;
  1479. error:
  1480. kfree_sensitive(result);
  1481. return ERR_PTR(err);
  1482. }
  1483. static int nl80211_key_allowed(struct wireless_dev *wdev)
  1484. {
  1485. lockdep_assert_wiphy(wdev->wiphy);
  1486. switch (wdev->iftype) {
  1487. case NL80211_IFTYPE_AP:
  1488. case NL80211_IFTYPE_AP_VLAN:
  1489. case NL80211_IFTYPE_P2P_GO:
  1490. case NL80211_IFTYPE_MESH_POINT:
  1491. break;
  1492. case NL80211_IFTYPE_ADHOC:
  1493. if (wdev->u.ibss.current_bss)
  1494. return 0;
  1495. return -ENOLINK;
  1496. case NL80211_IFTYPE_STATION:
  1497. case NL80211_IFTYPE_P2P_CLIENT:
  1498. if (wdev->connected ||
  1499. (wiphy_ext_feature_isset(wdev->wiphy,
  1500. NL80211_EXT_FEATURE_ASSOC_FRAME_ENCRYPTION)))
  1501. return 0;
  1502. return -ENOLINK;
  1503. case NL80211_IFTYPE_NAN:
  1504. if (wiphy_ext_feature_isset(wdev->wiphy,
  1505. NL80211_EXT_FEATURE_SECURE_NAN))
  1506. return 0;
  1507. return -EINVAL;
  1508. case NL80211_IFTYPE_UNSPECIFIED:
  1509. case NL80211_IFTYPE_OCB:
  1510. case NL80211_IFTYPE_MONITOR:
  1511. case NL80211_IFTYPE_P2P_DEVICE:
  1512. case NL80211_IFTYPE_WDS:
  1513. case NUM_NL80211_IFTYPES:
  1514. return -EINVAL;
  1515. }
  1516. return 0;
  1517. }
  1518. static struct ieee80211_channel *nl80211_get_valid_chan(struct wiphy *wiphy,
  1519. u32 freq)
  1520. {
  1521. struct ieee80211_channel *chan;
  1522. chan = ieee80211_get_channel_khz(wiphy, freq);
  1523. if (!chan || chan->flags & IEEE80211_CHAN_DISABLED)
  1524. return NULL;
  1525. return chan;
  1526. }
  1527. static int nl80211_put_iftypes(struct sk_buff *msg, u32 attr, u16 ifmodes)
  1528. {
  1529. struct nlattr *nl_modes = nla_nest_start_noflag(msg, attr);
  1530. int i;
  1531. if (!nl_modes)
  1532. goto nla_put_failure;
  1533. i = 0;
  1534. while (ifmodes) {
  1535. if ((ifmodes & 1) && nla_put_flag(msg, i))
  1536. goto nla_put_failure;
  1537. ifmodes >>= 1;
  1538. i++;
  1539. }
  1540. nla_nest_end(msg, nl_modes);
  1541. return 0;
  1542. nla_put_failure:
  1543. return -ENOBUFS;
  1544. }
  1545. static int nl80211_put_ifcomb_data(struct sk_buff *msg, bool large, int idx,
  1546. const struct ieee80211_iface_combination *c,
  1547. u16 nested)
  1548. {
  1549. struct nlattr *nl_combi, *nl_limits;
  1550. int i;
  1551. nl_combi = nla_nest_start_noflag(msg, idx | nested);
  1552. if (!nl_combi)
  1553. goto nla_put_failure;
  1554. nl_limits = nla_nest_start_noflag(msg, NL80211_IFACE_COMB_LIMITS |
  1555. nested);
  1556. if (!nl_limits)
  1557. goto nla_put_failure;
  1558. for (i = 0; i < c->n_limits; i++) {
  1559. struct nlattr *nl_limit;
  1560. nl_limit = nla_nest_start_noflag(msg, i + 1);
  1561. if (!nl_limit)
  1562. goto nla_put_failure;
  1563. if (nla_put_u32(msg, NL80211_IFACE_LIMIT_MAX, c->limits[i].max))
  1564. goto nla_put_failure;
  1565. if (nl80211_put_iftypes(msg, NL80211_IFACE_LIMIT_TYPES,
  1566. c->limits[i].types))
  1567. goto nla_put_failure;
  1568. nla_nest_end(msg, nl_limit);
  1569. }
  1570. nla_nest_end(msg, nl_limits);
  1571. if (c->beacon_int_infra_match &&
  1572. nla_put_flag(msg, NL80211_IFACE_COMB_STA_AP_BI_MATCH))
  1573. goto nla_put_failure;
  1574. if (nla_put_u32(msg, NL80211_IFACE_COMB_NUM_CHANNELS,
  1575. c->num_different_channels) ||
  1576. nla_put_u32(msg, NL80211_IFACE_COMB_MAXNUM,
  1577. c->max_interfaces))
  1578. goto nla_put_failure;
  1579. if (large &&
  1580. (nla_put_u32(msg, NL80211_IFACE_COMB_RADAR_DETECT_WIDTHS,
  1581. c->radar_detect_widths) ||
  1582. nla_put_u32(msg, NL80211_IFACE_COMB_RADAR_DETECT_REGIONS,
  1583. c->radar_detect_regions)))
  1584. goto nla_put_failure;
  1585. if (c->beacon_int_min_gcd &&
  1586. nla_put_u32(msg, NL80211_IFACE_COMB_BI_MIN_GCD,
  1587. c->beacon_int_min_gcd))
  1588. goto nla_put_failure;
  1589. nla_nest_end(msg, nl_combi);
  1590. return 0;
  1591. nla_put_failure:
  1592. return -ENOBUFS;
  1593. }
  1594. static int nl80211_put_iface_combinations(struct wiphy *wiphy,
  1595. struct sk_buff *msg,
  1596. int attr, int radio,
  1597. bool large, u16 nested)
  1598. {
  1599. const struct ieee80211_iface_combination *c;
  1600. struct nlattr *nl_combis;
  1601. int i, n;
  1602. nl_combis = nla_nest_start_noflag(msg, attr | nested);
  1603. if (!nl_combis)
  1604. goto nla_put_failure;
  1605. if (radio >= 0) {
  1606. c = wiphy->radio[0].iface_combinations;
  1607. n = wiphy->radio[0].n_iface_combinations;
  1608. } else {
  1609. c = wiphy->iface_combinations;
  1610. n = wiphy->n_iface_combinations;
  1611. }
  1612. for (i = 0; i < n; i++)
  1613. if (nl80211_put_ifcomb_data(msg, large, i + 1, &c[i], nested))
  1614. goto nla_put_failure;
  1615. nla_nest_end(msg, nl_combis);
  1616. return 0;
  1617. nla_put_failure:
  1618. return -ENOBUFS;
  1619. }
  1620. #ifdef CONFIG_PM
  1621. static int nl80211_send_wowlan_tcp_caps(struct cfg80211_registered_device *rdev,
  1622. struct sk_buff *msg)
  1623. {
  1624. const struct wiphy_wowlan_tcp_support *tcp = rdev->wiphy.wowlan->tcp;
  1625. struct nlattr *nl_tcp;
  1626. if (!tcp)
  1627. return 0;
  1628. nl_tcp = nla_nest_start_noflag(msg,
  1629. NL80211_WOWLAN_TRIG_TCP_CONNECTION);
  1630. if (!nl_tcp)
  1631. return -ENOBUFS;
  1632. if (nla_put_u32(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD,
  1633. tcp->data_payload_max))
  1634. return -ENOBUFS;
  1635. if (nla_put_u32(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD,
  1636. tcp->data_payload_max))
  1637. return -ENOBUFS;
  1638. if (tcp->seq && nla_put_flag(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ))
  1639. return -ENOBUFS;
  1640. if (tcp->tok && nla_put(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN,
  1641. sizeof(*tcp->tok), tcp->tok))
  1642. return -ENOBUFS;
  1643. if (nla_put_u32(msg, NL80211_WOWLAN_TCP_DATA_INTERVAL,
  1644. tcp->data_interval_max))
  1645. return -ENOBUFS;
  1646. if (nla_put_u32(msg, NL80211_WOWLAN_TCP_WAKE_PAYLOAD,
  1647. tcp->wake_payload_max))
  1648. return -ENOBUFS;
  1649. nla_nest_end(msg, nl_tcp);
  1650. return 0;
  1651. }
  1652. static int nl80211_send_wowlan(struct sk_buff *msg,
  1653. struct cfg80211_registered_device *rdev,
  1654. bool large)
  1655. {
  1656. struct nlattr *nl_wowlan;
  1657. if (!rdev->wiphy.wowlan)
  1658. return 0;
  1659. nl_wowlan = nla_nest_start_noflag(msg,
  1660. NL80211_ATTR_WOWLAN_TRIGGERS_SUPPORTED);
  1661. if (!nl_wowlan)
  1662. return -ENOBUFS;
  1663. if (((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_ANY) &&
  1664. nla_put_flag(msg, NL80211_WOWLAN_TRIG_ANY)) ||
  1665. ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_DISCONNECT) &&
  1666. nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT)) ||
  1667. ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_MAGIC_PKT) &&
  1668. nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT)) ||
  1669. ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_SUPPORTS_GTK_REKEY) &&
  1670. nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_SUPPORTED)) ||
  1671. ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_GTK_REKEY_FAILURE) &&
  1672. nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE)) ||
  1673. ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_EAP_IDENTITY_REQ) &&
  1674. nla_put_flag(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST)) ||
  1675. ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_4WAY_HANDSHAKE) &&
  1676. nla_put_flag(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE)) ||
  1677. ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_RFKILL_RELEASE) &&
  1678. nla_put_flag(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE)))
  1679. return -ENOBUFS;
  1680. if (rdev->wiphy.wowlan->n_patterns) {
  1681. struct nl80211_pattern_support pat = {
  1682. .max_patterns = rdev->wiphy.wowlan->n_patterns,
  1683. .min_pattern_len = rdev->wiphy.wowlan->pattern_min_len,
  1684. .max_pattern_len = rdev->wiphy.wowlan->pattern_max_len,
  1685. .max_pkt_offset = rdev->wiphy.wowlan->max_pkt_offset,
  1686. };
  1687. if (nla_put(msg, NL80211_WOWLAN_TRIG_PKT_PATTERN,
  1688. sizeof(pat), &pat))
  1689. return -ENOBUFS;
  1690. }
  1691. if ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_NET_DETECT) &&
  1692. nla_put_u32(msg, NL80211_WOWLAN_TRIG_NET_DETECT,
  1693. rdev->wiphy.wowlan->max_nd_match_sets))
  1694. return -ENOBUFS;
  1695. if (large && nl80211_send_wowlan_tcp_caps(rdev, msg))
  1696. return -ENOBUFS;
  1697. nla_nest_end(msg, nl_wowlan);
  1698. return 0;
  1699. }
  1700. #endif
  1701. static int nl80211_send_coalesce(struct sk_buff *msg,
  1702. struct cfg80211_registered_device *rdev)
  1703. {
  1704. struct nl80211_coalesce_rule_support rule;
  1705. if (!rdev->wiphy.coalesce)
  1706. return 0;
  1707. rule.max_rules = rdev->wiphy.coalesce->n_rules;
  1708. rule.max_delay = rdev->wiphy.coalesce->max_delay;
  1709. rule.pat.max_patterns = rdev->wiphy.coalesce->n_patterns;
  1710. rule.pat.min_pattern_len = rdev->wiphy.coalesce->pattern_min_len;
  1711. rule.pat.max_pattern_len = rdev->wiphy.coalesce->pattern_max_len;
  1712. rule.pat.max_pkt_offset = rdev->wiphy.coalesce->max_pkt_offset;
  1713. if (nla_put(msg, NL80211_ATTR_COALESCE_RULE, sizeof(rule), &rule))
  1714. return -ENOBUFS;
  1715. return 0;
  1716. }
  1717. static int
  1718. nl80211_send_iftype_data(struct sk_buff *msg,
  1719. const struct ieee80211_supported_band *sband,
  1720. const struct ieee80211_sband_iftype_data *iftdata)
  1721. {
  1722. const struct ieee80211_sta_he_cap *he_cap = &iftdata->he_cap;
  1723. const struct ieee80211_sta_eht_cap *eht_cap = &iftdata->eht_cap;
  1724. const struct ieee80211_sta_uhr_cap *uhr_cap = &iftdata->uhr_cap;
  1725. if (nl80211_put_iftypes(msg, NL80211_BAND_IFTYPE_ATTR_IFTYPES,
  1726. iftdata->types_mask))
  1727. return -ENOBUFS;
  1728. if (he_cap->has_he) {
  1729. if (nla_put(msg, NL80211_BAND_IFTYPE_ATTR_HE_CAP_MAC,
  1730. sizeof(he_cap->he_cap_elem.mac_cap_info),
  1731. he_cap->he_cap_elem.mac_cap_info) ||
  1732. nla_put(msg, NL80211_BAND_IFTYPE_ATTR_HE_CAP_PHY,
  1733. sizeof(he_cap->he_cap_elem.phy_cap_info),
  1734. he_cap->he_cap_elem.phy_cap_info) ||
  1735. nla_put(msg, NL80211_BAND_IFTYPE_ATTR_HE_CAP_MCS_SET,
  1736. sizeof(he_cap->he_mcs_nss_supp),
  1737. &he_cap->he_mcs_nss_supp) ||
  1738. nla_put(msg, NL80211_BAND_IFTYPE_ATTR_HE_CAP_PPE,
  1739. sizeof(he_cap->ppe_thres), he_cap->ppe_thres))
  1740. return -ENOBUFS;
  1741. }
  1742. if (eht_cap->has_eht && he_cap->has_he) {
  1743. u8 mcs_nss_size, ppe_thresh_size;
  1744. u16 ppe_thres_hdr;
  1745. bool is_ap;
  1746. is_ap = iftdata->types_mask & BIT(NL80211_IFTYPE_AP) ||
  1747. iftdata->types_mask & BIT(NL80211_IFTYPE_P2P_GO);
  1748. mcs_nss_size =
  1749. ieee80211_eht_mcs_nss_size(&he_cap->he_cap_elem,
  1750. &eht_cap->eht_cap_elem,
  1751. is_ap);
  1752. ppe_thres_hdr = get_unaligned_le16(&eht_cap->eht_ppe_thres[0]);
  1753. ppe_thresh_size =
  1754. ieee80211_eht_ppe_size(ppe_thres_hdr,
  1755. eht_cap->eht_cap_elem.phy_cap_info);
  1756. if (nla_put(msg, NL80211_BAND_IFTYPE_ATTR_EHT_CAP_MAC,
  1757. sizeof(eht_cap->eht_cap_elem.mac_cap_info),
  1758. eht_cap->eht_cap_elem.mac_cap_info) ||
  1759. nla_put(msg, NL80211_BAND_IFTYPE_ATTR_EHT_CAP_PHY,
  1760. sizeof(eht_cap->eht_cap_elem.phy_cap_info),
  1761. eht_cap->eht_cap_elem.phy_cap_info) ||
  1762. nla_put(msg, NL80211_BAND_IFTYPE_ATTR_EHT_CAP_MCS_SET,
  1763. mcs_nss_size, &eht_cap->eht_mcs_nss_supp) ||
  1764. nla_put(msg, NL80211_BAND_IFTYPE_ATTR_EHT_CAP_PPE,
  1765. ppe_thresh_size, eht_cap->eht_ppe_thres))
  1766. return -ENOBUFS;
  1767. }
  1768. if (uhr_cap->has_uhr) {
  1769. if (nla_put(msg, NL80211_BAND_IFTYPE_ATTR_UHR_CAP_MAC,
  1770. sizeof(uhr_cap->mac), &uhr_cap->mac) ||
  1771. nla_put(msg, NL80211_BAND_IFTYPE_ATTR_UHR_CAP_PHY,
  1772. sizeof(uhr_cap->phy), &uhr_cap->phy))
  1773. return -ENOBUFS;
  1774. }
  1775. if (sband->band == NL80211_BAND_6GHZ &&
  1776. nla_put(msg, NL80211_BAND_IFTYPE_ATTR_HE_6GHZ_CAPA,
  1777. sizeof(iftdata->he_6ghz_capa),
  1778. &iftdata->he_6ghz_capa))
  1779. return -ENOBUFS;
  1780. if (iftdata->vendor_elems.data && iftdata->vendor_elems.len &&
  1781. nla_put(msg, NL80211_BAND_IFTYPE_ATTR_VENDOR_ELEMS,
  1782. iftdata->vendor_elems.len, iftdata->vendor_elems.data))
  1783. return -ENOBUFS;
  1784. return 0;
  1785. }
  1786. static int nl80211_send_band_rateinfo(struct sk_buff *msg,
  1787. struct ieee80211_supported_band *sband,
  1788. bool large)
  1789. {
  1790. struct nlattr *nl_rates, *nl_rate;
  1791. struct ieee80211_rate *rate;
  1792. int i;
  1793. /* add HT info */
  1794. if (sband->ht_cap.ht_supported &&
  1795. (nla_put(msg, NL80211_BAND_ATTR_HT_MCS_SET,
  1796. sizeof(sband->ht_cap.mcs),
  1797. &sband->ht_cap.mcs) ||
  1798. nla_put_u16(msg, NL80211_BAND_ATTR_HT_CAPA,
  1799. sband->ht_cap.cap) ||
  1800. nla_put_u8(msg, NL80211_BAND_ATTR_HT_AMPDU_FACTOR,
  1801. sband->ht_cap.ampdu_factor) ||
  1802. nla_put_u8(msg, NL80211_BAND_ATTR_HT_AMPDU_DENSITY,
  1803. sband->ht_cap.ampdu_density)))
  1804. return -ENOBUFS;
  1805. /* add VHT info */
  1806. if (sband->vht_cap.vht_supported &&
  1807. (nla_put(msg, NL80211_BAND_ATTR_VHT_MCS_SET,
  1808. sizeof(sband->vht_cap.vht_mcs),
  1809. &sband->vht_cap.vht_mcs) ||
  1810. nla_put_u32(msg, NL80211_BAND_ATTR_VHT_CAPA,
  1811. sband->vht_cap.cap)))
  1812. return -ENOBUFS;
  1813. if (large && sband->n_iftype_data) {
  1814. struct nlattr *nl_iftype_data =
  1815. nla_nest_start_noflag(msg,
  1816. NL80211_BAND_ATTR_IFTYPE_DATA);
  1817. const struct ieee80211_sband_iftype_data *iftd;
  1818. int err;
  1819. if (!nl_iftype_data)
  1820. return -ENOBUFS;
  1821. for_each_sband_iftype_data(sband, i, iftd) {
  1822. struct nlattr *iftdata;
  1823. iftdata = nla_nest_start_noflag(msg, i + 1);
  1824. if (!iftdata)
  1825. return -ENOBUFS;
  1826. err = nl80211_send_iftype_data(msg, sband, iftd);
  1827. if (err)
  1828. return err;
  1829. nla_nest_end(msg, iftdata);
  1830. }
  1831. nla_nest_end(msg, nl_iftype_data);
  1832. }
  1833. /* add EDMG info */
  1834. if (large && sband->edmg_cap.channels &&
  1835. (nla_put_u8(msg, NL80211_BAND_ATTR_EDMG_CHANNELS,
  1836. sband->edmg_cap.channels) ||
  1837. nla_put_u8(msg, NL80211_BAND_ATTR_EDMG_BW_CONFIG,
  1838. sband->edmg_cap.bw_config)))
  1839. return -ENOBUFS;
  1840. /* add bitrates */
  1841. nl_rates = nla_nest_start_noflag(msg, NL80211_BAND_ATTR_RATES);
  1842. if (!nl_rates)
  1843. return -ENOBUFS;
  1844. for (i = 0; i < sband->n_bitrates; i++) {
  1845. nl_rate = nla_nest_start_noflag(msg, i);
  1846. if (!nl_rate)
  1847. return -ENOBUFS;
  1848. rate = &sband->bitrates[i];
  1849. if (nla_put_u32(msg, NL80211_BITRATE_ATTR_RATE,
  1850. rate->bitrate))
  1851. return -ENOBUFS;
  1852. if ((rate->flags & IEEE80211_RATE_SHORT_PREAMBLE) &&
  1853. nla_put_flag(msg,
  1854. NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE))
  1855. return -ENOBUFS;
  1856. nla_nest_end(msg, nl_rate);
  1857. }
  1858. nla_nest_end(msg, nl_rates);
  1859. /* S1G capabilities */
  1860. if (sband->band == NL80211_BAND_S1GHZ && sband->s1g_cap.s1g &&
  1861. (nla_put(msg, NL80211_BAND_ATTR_S1G_CAPA,
  1862. sizeof(sband->s1g_cap.cap),
  1863. sband->s1g_cap.cap) ||
  1864. nla_put(msg, NL80211_BAND_ATTR_S1G_MCS_NSS_SET,
  1865. sizeof(sband->s1g_cap.nss_mcs),
  1866. sband->s1g_cap.nss_mcs)))
  1867. return -ENOBUFS;
  1868. return 0;
  1869. }
  1870. static int
  1871. nl80211_send_mgmt_stypes(struct sk_buff *msg,
  1872. const struct ieee80211_txrx_stypes *mgmt_stypes)
  1873. {
  1874. u16 stypes;
  1875. struct nlattr *nl_ftypes, *nl_ifs;
  1876. enum nl80211_iftype ift;
  1877. int i;
  1878. if (!mgmt_stypes)
  1879. return 0;
  1880. nl_ifs = nla_nest_start_noflag(msg, NL80211_ATTR_TX_FRAME_TYPES);
  1881. if (!nl_ifs)
  1882. return -ENOBUFS;
  1883. for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) {
  1884. nl_ftypes = nla_nest_start_noflag(msg, ift);
  1885. if (!nl_ftypes)
  1886. return -ENOBUFS;
  1887. i = 0;
  1888. stypes = mgmt_stypes[ift].tx;
  1889. while (stypes) {
  1890. if ((stypes & 1) &&
  1891. nla_put_u16(msg, NL80211_ATTR_FRAME_TYPE,
  1892. (i << 4) | IEEE80211_FTYPE_MGMT))
  1893. return -ENOBUFS;
  1894. stypes >>= 1;
  1895. i++;
  1896. }
  1897. nla_nest_end(msg, nl_ftypes);
  1898. }
  1899. nla_nest_end(msg, nl_ifs);
  1900. nl_ifs = nla_nest_start_noflag(msg, NL80211_ATTR_RX_FRAME_TYPES);
  1901. if (!nl_ifs)
  1902. return -ENOBUFS;
  1903. for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) {
  1904. nl_ftypes = nla_nest_start_noflag(msg, ift);
  1905. if (!nl_ftypes)
  1906. return -ENOBUFS;
  1907. i = 0;
  1908. stypes = mgmt_stypes[ift].rx;
  1909. while (stypes) {
  1910. if ((stypes & 1) &&
  1911. nla_put_u16(msg, NL80211_ATTR_FRAME_TYPE,
  1912. (i << 4) | IEEE80211_FTYPE_MGMT))
  1913. return -ENOBUFS;
  1914. stypes >>= 1;
  1915. i++;
  1916. }
  1917. nla_nest_end(msg, nl_ftypes);
  1918. }
  1919. nla_nest_end(msg, nl_ifs);
  1920. return 0;
  1921. }
  1922. #define CMD(op, n) \
  1923. do { \
  1924. if (rdev->ops->op) { \
  1925. i++; \
  1926. if (nla_put_u32(msg, i, NL80211_CMD_ ## n)) \
  1927. goto nla_put_failure; \
  1928. } \
  1929. } while (0)
  1930. static int nl80211_add_commands_unsplit(struct cfg80211_registered_device *rdev,
  1931. struct sk_buff *msg)
  1932. {
  1933. int i = 0;
  1934. /*
  1935. * do *NOT* add anything into this function, new things need to be
  1936. * advertised only to new versions of userspace that can deal with
  1937. * the split (and they can't possibly care about new features...
  1938. */
  1939. CMD(add_virtual_intf, NEW_INTERFACE);
  1940. CMD(change_virtual_intf, SET_INTERFACE);
  1941. CMD(add_key, NEW_KEY);
  1942. CMD(start_ap, START_AP);
  1943. CMD(add_station, NEW_STATION);
  1944. CMD(add_mpath, NEW_MPATH);
  1945. CMD(update_mesh_config, SET_MESH_CONFIG);
  1946. CMD(change_bss, SET_BSS);
  1947. CMD(auth, AUTHENTICATE);
  1948. CMD(assoc, ASSOCIATE);
  1949. CMD(deauth, DEAUTHENTICATE);
  1950. CMD(disassoc, DISASSOCIATE);
  1951. CMD(join_ibss, JOIN_IBSS);
  1952. CMD(join_mesh, JOIN_MESH);
  1953. CMD(set_pmksa, SET_PMKSA);
  1954. CMD(del_pmksa, DEL_PMKSA);
  1955. CMD(flush_pmksa, FLUSH_PMKSA);
  1956. if (rdev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL)
  1957. CMD(remain_on_channel, REMAIN_ON_CHANNEL);
  1958. CMD(set_bitrate_mask, SET_TX_BITRATE_MASK);
  1959. CMD(mgmt_tx, FRAME);
  1960. CMD(mgmt_tx_cancel_wait, FRAME_WAIT_CANCEL);
  1961. if (rdev->wiphy.flags & WIPHY_FLAG_NETNS_OK) {
  1962. i++;
  1963. if (nla_put_u32(msg, i, NL80211_CMD_SET_WIPHY_NETNS))
  1964. goto nla_put_failure;
  1965. }
  1966. if (rdev->ops->set_monitor_channel || rdev->ops->start_ap ||
  1967. rdev->ops->join_mesh) {
  1968. i++;
  1969. if (nla_put_u32(msg, i, NL80211_CMD_SET_CHANNEL))
  1970. goto nla_put_failure;
  1971. }
  1972. if (rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) {
  1973. CMD(tdls_mgmt, TDLS_MGMT);
  1974. CMD(tdls_oper, TDLS_OPER);
  1975. }
  1976. if (rdev->wiphy.max_sched_scan_reqs)
  1977. CMD(sched_scan_start, START_SCHED_SCAN);
  1978. CMD(probe_client, PROBE_CLIENT);
  1979. CMD(set_noack_map, SET_NOACK_MAP);
  1980. if (rdev->wiphy.flags & WIPHY_FLAG_REPORTS_OBSS) {
  1981. i++;
  1982. if (nla_put_u32(msg, i, NL80211_CMD_REGISTER_BEACONS))
  1983. goto nla_put_failure;
  1984. }
  1985. CMD(start_p2p_device, START_P2P_DEVICE);
  1986. CMD(set_mcast_rate, SET_MCAST_RATE);
  1987. #ifdef CONFIG_NL80211_TESTMODE
  1988. CMD(testmode_cmd, TESTMODE);
  1989. #endif
  1990. if (rdev->ops->connect || rdev->ops->auth) {
  1991. i++;
  1992. if (nla_put_u32(msg, i, NL80211_CMD_CONNECT))
  1993. goto nla_put_failure;
  1994. }
  1995. if (rdev->ops->disconnect || rdev->ops->deauth) {
  1996. i++;
  1997. if (nla_put_u32(msg, i, NL80211_CMD_DISCONNECT))
  1998. goto nla_put_failure;
  1999. }
  2000. return i;
  2001. nla_put_failure:
  2002. return -ENOBUFS;
  2003. }
  2004. static int
  2005. nl80211_send_pmsr_ftm_capa(const struct cfg80211_pmsr_capabilities *cap,
  2006. struct sk_buff *msg)
  2007. {
  2008. struct nlattr *ftm;
  2009. if (!cap->ftm.supported)
  2010. return 0;
  2011. ftm = nla_nest_start_noflag(msg, NL80211_PMSR_TYPE_FTM);
  2012. if (!ftm)
  2013. return -ENOBUFS;
  2014. if (cap->ftm.asap && nla_put_flag(msg, NL80211_PMSR_FTM_CAPA_ATTR_ASAP))
  2015. return -ENOBUFS;
  2016. if (cap->ftm.non_asap &&
  2017. nla_put_flag(msg, NL80211_PMSR_FTM_CAPA_ATTR_NON_ASAP))
  2018. return -ENOBUFS;
  2019. if (cap->ftm.request_lci &&
  2020. nla_put_flag(msg, NL80211_PMSR_FTM_CAPA_ATTR_REQ_LCI))
  2021. return -ENOBUFS;
  2022. if (cap->ftm.request_civicloc &&
  2023. nla_put_flag(msg, NL80211_PMSR_FTM_CAPA_ATTR_REQ_CIVICLOC))
  2024. return -ENOBUFS;
  2025. if (nla_put_u32(msg, NL80211_PMSR_FTM_CAPA_ATTR_PREAMBLES,
  2026. cap->ftm.preambles))
  2027. return -ENOBUFS;
  2028. if (nla_put_u32(msg, NL80211_PMSR_FTM_CAPA_ATTR_BANDWIDTHS,
  2029. cap->ftm.bandwidths))
  2030. return -ENOBUFS;
  2031. if (cap->ftm.max_bursts_exponent >= 0 &&
  2032. nla_put_u32(msg, NL80211_PMSR_FTM_CAPA_ATTR_MAX_BURSTS_EXPONENT,
  2033. cap->ftm.max_bursts_exponent))
  2034. return -ENOBUFS;
  2035. if (cap->ftm.max_ftms_per_burst &&
  2036. nla_put_u32(msg, NL80211_PMSR_FTM_CAPA_ATTR_MAX_FTMS_PER_BURST,
  2037. cap->ftm.max_ftms_per_burst))
  2038. return -ENOBUFS;
  2039. if (cap->ftm.trigger_based &&
  2040. nla_put_flag(msg, NL80211_PMSR_FTM_CAPA_ATTR_TRIGGER_BASED))
  2041. return -ENOBUFS;
  2042. if (cap->ftm.non_trigger_based &&
  2043. nla_put_flag(msg, NL80211_PMSR_FTM_CAPA_ATTR_NON_TRIGGER_BASED))
  2044. return -ENOBUFS;
  2045. if (cap->ftm.support_6ghz &&
  2046. nla_put_flag(msg, NL80211_PMSR_FTM_CAPA_ATTR_6GHZ_SUPPORT))
  2047. return -ENOBUFS;
  2048. if (nla_put_u32(msg, NL80211_PMSR_FTM_CAPA_ATTR_MAX_TX_LTF_REP,
  2049. cap->ftm.max_tx_ltf_rep))
  2050. return -ENOBUFS;
  2051. if (nla_put_u32(msg, NL80211_PMSR_FTM_CAPA_ATTR_MAX_RX_LTF_REP,
  2052. cap->ftm.max_rx_ltf_rep))
  2053. return -ENOBUFS;
  2054. if (nla_put_u32(msg, NL80211_PMSR_FTM_CAPA_ATTR_MAX_TX_STS,
  2055. cap->ftm.max_tx_sts))
  2056. return -ENOBUFS;
  2057. if (nla_put_u32(msg, NL80211_PMSR_FTM_CAPA_ATTR_MAX_RX_STS,
  2058. cap->ftm.max_rx_sts))
  2059. return -ENOBUFS;
  2060. if (cap->ftm.max_total_ltf_tx > 0 &&
  2061. nla_put_u32(msg, NL80211_PMSR_FTM_CAPA_ATTR_MAX_TOTAL_LTF_TX,
  2062. cap->ftm.max_total_ltf_tx))
  2063. return -ENOBUFS;
  2064. if (cap->ftm.max_total_ltf_rx > 0 &&
  2065. nla_put_u32(msg, NL80211_PMSR_FTM_CAPA_ATTR_MAX_TOTAL_LTF_RX,
  2066. cap->ftm.max_total_ltf_rx))
  2067. return -ENOBUFS;
  2068. if (cap->ftm.support_rsta &&
  2069. nla_put_flag(msg, NL80211_PMSR_FTM_CAPA_ATTR_RSTA_SUPPORT))
  2070. return -ENOBUFS;
  2071. nla_nest_end(msg, ftm);
  2072. return 0;
  2073. }
  2074. static int nl80211_send_pmsr_capa(struct cfg80211_registered_device *rdev,
  2075. struct sk_buff *msg)
  2076. {
  2077. const struct cfg80211_pmsr_capabilities *cap = rdev->wiphy.pmsr_capa;
  2078. struct nlattr *pmsr, *caps;
  2079. if (!cap)
  2080. return 0;
  2081. /*
  2082. * we don't need to clean up anything here since the caller
  2083. * will genlmsg_cancel() if we fail
  2084. */
  2085. pmsr = nla_nest_start_noflag(msg, NL80211_ATTR_PEER_MEASUREMENTS);
  2086. if (!pmsr)
  2087. return -ENOBUFS;
  2088. if (nla_put_u32(msg, NL80211_PMSR_ATTR_MAX_PEERS, cap->max_peers))
  2089. return -ENOBUFS;
  2090. if (cap->report_ap_tsf &&
  2091. nla_put_flag(msg, NL80211_PMSR_ATTR_REPORT_AP_TSF))
  2092. return -ENOBUFS;
  2093. if (cap->randomize_mac_addr &&
  2094. nla_put_flag(msg, NL80211_PMSR_ATTR_RANDOMIZE_MAC_ADDR))
  2095. return -ENOBUFS;
  2096. caps = nla_nest_start_noflag(msg, NL80211_PMSR_ATTR_TYPE_CAPA);
  2097. if (!caps)
  2098. return -ENOBUFS;
  2099. if (nl80211_send_pmsr_ftm_capa(cap, msg))
  2100. return -ENOBUFS;
  2101. nla_nest_end(msg, caps);
  2102. nla_nest_end(msg, pmsr);
  2103. return 0;
  2104. }
  2105. static int
  2106. nl80211_put_iftype_akm_suites(struct cfg80211_registered_device *rdev,
  2107. struct sk_buff *msg)
  2108. {
  2109. int i;
  2110. struct nlattr *nested, *nested_akms;
  2111. const struct wiphy_iftype_akm_suites *iftype_akms;
  2112. if (!rdev->wiphy.num_iftype_akm_suites ||
  2113. !rdev->wiphy.iftype_akm_suites)
  2114. return 0;
  2115. nested = nla_nest_start(msg, NL80211_ATTR_IFTYPE_AKM_SUITES);
  2116. if (!nested)
  2117. return -ENOBUFS;
  2118. for (i = 0; i < rdev->wiphy.num_iftype_akm_suites; i++) {
  2119. nested_akms = nla_nest_start(msg, i + 1);
  2120. if (!nested_akms)
  2121. return -ENOBUFS;
  2122. iftype_akms = &rdev->wiphy.iftype_akm_suites[i];
  2123. if (nl80211_put_iftypes(msg, NL80211_IFTYPE_AKM_ATTR_IFTYPES,
  2124. iftype_akms->iftypes_mask))
  2125. return -ENOBUFS;
  2126. if (nla_put(msg, NL80211_IFTYPE_AKM_ATTR_SUITES,
  2127. sizeof(u32) * iftype_akms->n_akm_suites,
  2128. iftype_akms->akm_suites)) {
  2129. return -ENOBUFS;
  2130. }
  2131. nla_nest_end(msg, nested_akms);
  2132. }
  2133. nla_nest_end(msg, nested);
  2134. return 0;
  2135. }
  2136. static int
  2137. nl80211_put_tid_config_support(struct cfg80211_registered_device *rdev,
  2138. struct sk_buff *msg)
  2139. {
  2140. struct nlattr *supp;
  2141. if (!rdev->wiphy.tid_config_support.vif &&
  2142. !rdev->wiphy.tid_config_support.peer)
  2143. return 0;
  2144. supp = nla_nest_start(msg, NL80211_ATTR_TID_CONFIG);
  2145. if (!supp)
  2146. return -ENOSPC;
  2147. if (rdev->wiphy.tid_config_support.vif &&
  2148. nla_put_u64_64bit(msg, NL80211_TID_CONFIG_ATTR_VIF_SUPP,
  2149. rdev->wiphy.tid_config_support.vif,
  2150. NL80211_TID_CONFIG_ATTR_PAD))
  2151. goto fail;
  2152. if (rdev->wiphy.tid_config_support.peer &&
  2153. nla_put_u64_64bit(msg, NL80211_TID_CONFIG_ATTR_PEER_SUPP,
  2154. rdev->wiphy.tid_config_support.peer,
  2155. NL80211_TID_CONFIG_ATTR_PAD))
  2156. goto fail;
  2157. /* for now we just use the same value ... makes more sense */
  2158. if (nla_put_u8(msg, NL80211_TID_CONFIG_ATTR_RETRY_SHORT,
  2159. rdev->wiphy.tid_config_support.max_retry))
  2160. goto fail;
  2161. if (nla_put_u8(msg, NL80211_TID_CONFIG_ATTR_RETRY_LONG,
  2162. rdev->wiphy.tid_config_support.max_retry))
  2163. goto fail;
  2164. nla_nest_end(msg, supp);
  2165. return 0;
  2166. fail:
  2167. nla_nest_cancel(msg, supp);
  2168. return -ENOBUFS;
  2169. }
  2170. static int
  2171. nl80211_put_sar_specs(struct cfg80211_registered_device *rdev,
  2172. struct sk_buff *msg)
  2173. {
  2174. struct nlattr *sar_capa, *specs, *sub_freq_range;
  2175. u8 num_freq_ranges;
  2176. int i;
  2177. if (!rdev->wiphy.sar_capa)
  2178. return 0;
  2179. num_freq_ranges = rdev->wiphy.sar_capa->num_freq_ranges;
  2180. sar_capa = nla_nest_start(msg, NL80211_ATTR_SAR_SPEC);
  2181. if (!sar_capa)
  2182. return -ENOSPC;
  2183. if (nla_put_u32(msg, NL80211_SAR_ATTR_TYPE, rdev->wiphy.sar_capa->type))
  2184. goto fail;
  2185. specs = nla_nest_start(msg, NL80211_SAR_ATTR_SPECS);
  2186. if (!specs)
  2187. goto fail;
  2188. /* report supported freq_ranges */
  2189. for (i = 0; i < num_freq_ranges; i++) {
  2190. sub_freq_range = nla_nest_start(msg, i + 1);
  2191. if (!sub_freq_range)
  2192. goto fail;
  2193. if (nla_put_u32(msg, NL80211_SAR_ATTR_SPECS_START_FREQ,
  2194. rdev->wiphy.sar_capa->freq_ranges[i].start_freq))
  2195. goto fail;
  2196. if (nla_put_u32(msg, NL80211_SAR_ATTR_SPECS_END_FREQ,
  2197. rdev->wiphy.sar_capa->freq_ranges[i].end_freq))
  2198. goto fail;
  2199. nla_nest_end(msg, sub_freq_range);
  2200. }
  2201. nla_nest_end(msg, specs);
  2202. nla_nest_end(msg, sar_capa);
  2203. return 0;
  2204. fail:
  2205. nla_nest_cancel(msg, sar_capa);
  2206. return -ENOBUFS;
  2207. }
  2208. static int nl80211_put_mbssid_support(struct wiphy *wiphy, struct sk_buff *msg)
  2209. {
  2210. struct nlattr *config;
  2211. if (!wiphy->mbssid_max_interfaces)
  2212. return 0;
  2213. config = nla_nest_start(msg, NL80211_ATTR_MBSSID_CONFIG);
  2214. if (!config)
  2215. return -ENOBUFS;
  2216. if (nla_put_u8(msg, NL80211_MBSSID_CONFIG_ATTR_MAX_INTERFACES,
  2217. wiphy->mbssid_max_interfaces))
  2218. goto fail;
  2219. if (wiphy->ema_max_profile_periodicity &&
  2220. nla_put_u8(msg,
  2221. NL80211_MBSSID_CONFIG_ATTR_MAX_EMA_PROFILE_PERIODICITY,
  2222. wiphy->ema_max_profile_periodicity))
  2223. goto fail;
  2224. nla_nest_end(msg, config);
  2225. return 0;
  2226. fail:
  2227. nla_nest_cancel(msg, config);
  2228. return -ENOBUFS;
  2229. }
  2230. static int nl80211_put_radio(struct wiphy *wiphy, struct sk_buff *msg, int idx)
  2231. {
  2232. const struct wiphy_radio *r = &wiphy->radio[idx];
  2233. const struct wiphy_radio_cfg *rcfg = &wiphy->radio_cfg[idx];
  2234. struct nlattr *radio, *freq;
  2235. int i;
  2236. radio = nla_nest_start(msg, idx);
  2237. if (!radio)
  2238. return -ENOBUFS;
  2239. if (nla_put_u32(msg, NL80211_WIPHY_RADIO_ATTR_INDEX, idx))
  2240. goto nla_put_failure;
  2241. if (rcfg->rts_threshold &&
  2242. nla_put_u32(msg, NL80211_WIPHY_RADIO_ATTR_RTS_THRESHOLD,
  2243. rcfg->rts_threshold))
  2244. goto nla_put_failure;
  2245. if (r->antenna_mask &&
  2246. nla_put_u32(msg, NL80211_WIPHY_RADIO_ATTR_ANTENNA_MASK,
  2247. r->antenna_mask))
  2248. goto nla_put_failure;
  2249. for (i = 0; i < r->n_freq_range; i++) {
  2250. const struct wiphy_radio_freq_range *range = &r->freq_range[i];
  2251. freq = nla_nest_start(msg, NL80211_WIPHY_RADIO_ATTR_FREQ_RANGE);
  2252. if (!freq)
  2253. goto nla_put_failure;
  2254. if (nla_put_u32(msg, NL80211_WIPHY_RADIO_FREQ_ATTR_START,
  2255. range->start_freq) ||
  2256. nla_put_u32(msg, NL80211_WIPHY_RADIO_FREQ_ATTR_END,
  2257. range->end_freq))
  2258. goto nla_put_failure;
  2259. nla_nest_end(msg, freq);
  2260. }
  2261. for (i = 0; i < r->n_iface_combinations; i++)
  2262. if (nl80211_put_ifcomb_data(msg, true,
  2263. NL80211_WIPHY_RADIO_ATTR_INTERFACE_COMBINATION,
  2264. &r->iface_combinations[i],
  2265. NLA_F_NESTED))
  2266. goto nla_put_failure;
  2267. nla_nest_end(msg, radio);
  2268. return 0;
  2269. nla_put_failure:
  2270. return -ENOBUFS;
  2271. }
  2272. static int nl80211_put_radios(struct wiphy *wiphy, struct sk_buff *msg)
  2273. {
  2274. struct nlattr *radios;
  2275. int i;
  2276. if (!wiphy->n_radio)
  2277. return 0;
  2278. radios = nla_nest_start(msg, NL80211_ATTR_WIPHY_RADIOS);
  2279. if (!radios)
  2280. return -ENOBUFS;
  2281. for (i = 0; i < wiphy->n_radio; i++)
  2282. if (nl80211_put_radio(wiphy, msg, i))
  2283. goto fail;
  2284. nla_nest_end(msg, radios);
  2285. if (nl80211_put_iface_combinations(wiphy, msg,
  2286. NL80211_ATTR_WIPHY_INTERFACE_COMBINATIONS,
  2287. -1, true, NLA_F_NESTED))
  2288. return -ENOBUFS;
  2289. return 0;
  2290. fail:
  2291. nla_nest_cancel(msg, radios);
  2292. return -ENOBUFS;
  2293. }
  2294. static int nl80211_put_nan_capa(struct wiphy *wiphy, struct sk_buff *msg)
  2295. {
  2296. struct nlattr *nan_caps;
  2297. nan_caps = nla_nest_start(msg, NL80211_ATTR_NAN_CAPABILITIES);
  2298. if (!nan_caps)
  2299. return -ENOBUFS;
  2300. if (wiphy->nan_capa.flags & WIPHY_NAN_FLAGS_CONFIGURABLE_SYNC &&
  2301. nla_put_flag(msg, NL80211_NAN_CAPA_CONFIGURABLE_SYNC))
  2302. goto fail;
  2303. if ((wiphy->nan_capa.flags & WIPHY_NAN_FLAGS_USERSPACE_DE) &&
  2304. nla_put_flag(msg, NL80211_NAN_CAPA_USERSPACE_DE))
  2305. goto fail;
  2306. if (nla_put_u8(msg, NL80211_NAN_CAPA_OP_MODE,
  2307. wiphy->nan_capa.op_mode) ||
  2308. nla_put_u8(msg, NL80211_NAN_CAPA_NUM_ANTENNAS,
  2309. wiphy->nan_capa.n_antennas) ||
  2310. nla_put_u16(msg, NL80211_NAN_CAPA_MAX_CHANNEL_SWITCH_TIME,
  2311. wiphy->nan_capa.max_channel_switch_time) ||
  2312. nla_put_u8(msg, NL80211_NAN_CAPA_CAPABILITIES,
  2313. wiphy->nan_capa.dev_capabilities))
  2314. goto fail;
  2315. nla_nest_end(msg, nan_caps);
  2316. return 0;
  2317. fail:
  2318. nla_nest_cancel(msg, nan_caps);
  2319. return -ENOBUFS;
  2320. }
  2321. struct nl80211_dump_wiphy_state {
  2322. s64 filter_wiphy;
  2323. long start;
  2324. long split_start, band_start, chan_start, capa_start;
  2325. bool split;
  2326. };
  2327. static int nl80211_send_wiphy(struct cfg80211_registered_device *rdev,
  2328. enum nl80211_commands cmd,
  2329. struct sk_buff *msg, u32 portid, u32 seq,
  2330. int flags, struct nl80211_dump_wiphy_state *state)
  2331. {
  2332. void *hdr;
  2333. struct nlattr *nl_bands, *nl_band;
  2334. struct nlattr *nl_freqs, *nl_freq;
  2335. struct nlattr *nl_cmds;
  2336. enum nl80211_band band;
  2337. struct ieee80211_channel *chan;
  2338. int i;
  2339. const struct ieee80211_txrx_stypes *mgmt_stypes =
  2340. rdev->wiphy.mgmt_stypes;
  2341. u32 features;
  2342. hdr = nl80211hdr_put(msg, portid, seq, flags, cmd);
  2343. if (!hdr)
  2344. return -ENOBUFS;
  2345. if (WARN_ON(!state))
  2346. return -EINVAL;
  2347. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  2348. nla_put_string(msg, NL80211_ATTR_WIPHY_NAME,
  2349. wiphy_name(&rdev->wiphy)) ||
  2350. nla_put_u32(msg, NL80211_ATTR_GENERATION,
  2351. cfg80211_rdev_list_generation))
  2352. goto nla_put_failure;
  2353. if (cmd != NL80211_CMD_NEW_WIPHY)
  2354. goto finish;
  2355. switch (state->split_start) {
  2356. case 0:
  2357. if (nla_put_u8(msg, NL80211_ATTR_WIPHY_RETRY_SHORT,
  2358. rdev->wiphy.retry_short) ||
  2359. nla_put_u8(msg, NL80211_ATTR_WIPHY_RETRY_LONG,
  2360. rdev->wiphy.retry_long) ||
  2361. nla_put_u32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD,
  2362. rdev->wiphy.frag_threshold) ||
  2363. nla_put_u32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD,
  2364. rdev->wiphy.rts_threshold) ||
  2365. nla_put_u8(msg, NL80211_ATTR_WIPHY_COVERAGE_CLASS,
  2366. rdev->wiphy.coverage_class) ||
  2367. nla_put_u8(msg, NL80211_ATTR_MAX_NUM_SCAN_SSIDS,
  2368. rdev->wiphy.max_scan_ssids) ||
  2369. nla_put_u8(msg, NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS,
  2370. rdev->wiphy.max_sched_scan_ssids) ||
  2371. nla_put_u16(msg, NL80211_ATTR_MAX_SCAN_IE_LEN,
  2372. rdev->wiphy.max_scan_ie_len) ||
  2373. nla_put_u16(msg, NL80211_ATTR_MAX_SCHED_SCAN_IE_LEN,
  2374. rdev->wiphy.max_sched_scan_ie_len) ||
  2375. nla_put_u8(msg, NL80211_ATTR_MAX_MATCH_SETS,
  2376. rdev->wiphy.max_match_sets))
  2377. goto nla_put_failure;
  2378. if ((rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN) &&
  2379. nla_put_flag(msg, NL80211_ATTR_SUPPORT_IBSS_RSN))
  2380. goto nla_put_failure;
  2381. if ((rdev->wiphy.flags & WIPHY_FLAG_MESH_AUTH) &&
  2382. nla_put_flag(msg, NL80211_ATTR_SUPPORT_MESH_AUTH))
  2383. goto nla_put_failure;
  2384. if ((rdev->wiphy.flags & WIPHY_FLAG_AP_UAPSD) &&
  2385. nla_put_flag(msg, NL80211_ATTR_SUPPORT_AP_UAPSD))
  2386. goto nla_put_failure;
  2387. if ((rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_FW_ROAM) &&
  2388. nla_put_flag(msg, NL80211_ATTR_ROAM_SUPPORT))
  2389. goto nla_put_failure;
  2390. if ((rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) &&
  2391. nla_put_flag(msg, NL80211_ATTR_TDLS_SUPPORT))
  2392. goto nla_put_failure;
  2393. if ((rdev->wiphy.flags & WIPHY_FLAG_TDLS_EXTERNAL_SETUP) &&
  2394. nla_put_flag(msg, NL80211_ATTR_TDLS_EXTERNAL_SETUP))
  2395. goto nla_put_failure;
  2396. state->split_start++;
  2397. if (state->split)
  2398. break;
  2399. fallthrough;
  2400. case 1:
  2401. if (nla_put(msg, NL80211_ATTR_CIPHER_SUITES,
  2402. sizeof(u32) * rdev->wiphy.n_cipher_suites,
  2403. rdev->wiphy.cipher_suites))
  2404. goto nla_put_failure;
  2405. if (nla_put_u8(msg, NL80211_ATTR_MAX_NUM_PMKIDS,
  2406. rdev->wiphy.max_num_pmkids))
  2407. goto nla_put_failure;
  2408. if ((rdev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) &&
  2409. nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE))
  2410. goto nla_put_failure;
  2411. if (nla_put_u32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_TX,
  2412. rdev->wiphy.available_antennas_tx) ||
  2413. nla_put_u32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_RX,
  2414. rdev->wiphy.available_antennas_rx))
  2415. goto nla_put_failure;
  2416. if ((rdev->wiphy.flags & WIPHY_FLAG_AP_PROBE_RESP_OFFLOAD) &&
  2417. nla_put_u32(msg, NL80211_ATTR_PROBE_RESP_OFFLOAD,
  2418. rdev->wiphy.probe_resp_offload))
  2419. goto nla_put_failure;
  2420. if ((rdev->wiphy.available_antennas_tx ||
  2421. rdev->wiphy.available_antennas_rx) &&
  2422. rdev->ops->get_antenna) {
  2423. u32 tx_ant = 0, rx_ant = 0;
  2424. int res;
  2425. res = rdev_get_antenna(rdev, -1, &tx_ant, &rx_ant);
  2426. if (!res) {
  2427. if (nla_put_u32(msg,
  2428. NL80211_ATTR_WIPHY_ANTENNA_TX,
  2429. tx_ant) ||
  2430. nla_put_u32(msg,
  2431. NL80211_ATTR_WIPHY_ANTENNA_RX,
  2432. rx_ant))
  2433. goto nla_put_failure;
  2434. }
  2435. }
  2436. state->split_start++;
  2437. if (state->split)
  2438. break;
  2439. fallthrough;
  2440. case 2:
  2441. if (nl80211_put_iftypes(msg, NL80211_ATTR_SUPPORTED_IFTYPES,
  2442. rdev->wiphy.interface_modes))
  2443. goto nla_put_failure;
  2444. state->split_start++;
  2445. if (state->split)
  2446. break;
  2447. fallthrough;
  2448. case 3:
  2449. nl_bands = nla_nest_start_noflag(msg,
  2450. NL80211_ATTR_WIPHY_BANDS);
  2451. if (!nl_bands)
  2452. goto nla_put_failure;
  2453. for (band = state->band_start;
  2454. band < (state->split ?
  2455. NUM_NL80211_BANDS :
  2456. NL80211_BAND_60GHZ + 1);
  2457. band++) {
  2458. struct ieee80211_supported_band *sband;
  2459. /* omit higher bands for ancient software */
  2460. if (band > NL80211_BAND_5GHZ && !state->split)
  2461. break;
  2462. sband = rdev->wiphy.bands[band];
  2463. if (!sband)
  2464. continue;
  2465. nl_band = nla_nest_start_noflag(msg, band);
  2466. if (!nl_band)
  2467. goto nla_put_failure;
  2468. switch (state->chan_start) {
  2469. case 0:
  2470. if (nl80211_send_band_rateinfo(msg, sband,
  2471. state->split))
  2472. goto nla_put_failure;
  2473. state->chan_start++;
  2474. if (state->split)
  2475. break;
  2476. fallthrough;
  2477. default:
  2478. /* add frequencies */
  2479. nl_freqs = nla_nest_start_noflag(msg,
  2480. NL80211_BAND_ATTR_FREQS);
  2481. if (!nl_freqs)
  2482. goto nla_put_failure;
  2483. for (i = state->chan_start - 1;
  2484. i < sband->n_channels;
  2485. i++) {
  2486. nl_freq = nla_nest_start_noflag(msg,
  2487. i);
  2488. if (!nl_freq)
  2489. goto nla_put_failure;
  2490. chan = &sband->channels[i];
  2491. if (nl80211_msg_put_channel(
  2492. msg, &rdev->wiphy, chan,
  2493. state->split))
  2494. goto nla_put_failure;
  2495. nla_nest_end(msg, nl_freq);
  2496. if (state->split)
  2497. break;
  2498. }
  2499. if (i < sband->n_channels)
  2500. state->chan_start = i + 2;
  2501. else
  2502. state->chan_start = 0;
  2503. nla_nest_end(msg, nl_freqs);
  2504. }
  2505. nla_nest_end(msg, nl_band);
  2506. if (state->split) {
  2507. /* start again here */
  2508. if (state->chan_start)
  2509. band--;
  2510. break;
  2511. }
  2512. }
  2513. nla_nest_end(msg, nl_bands);
  2514. if (band < NUM_NL80211_BANDS)
  2515. state->band_start = band + 1;
  2516. else
  2517. state->band_start = 0;
  2518. /* if bands & channels are done, continue outside */
  2519. if (state->band_start == 0 && state->chan_start == 0)
  2520. state->split_start++;
  2521. if (state->split)
  2522. break;
  2523. fallthrough;
  2524. case 4:
  2525. nl_cmds = nla_nest_start_noflag(msg,
  2526. NL80211_ATTR_SUPPORTED_COMMANDS);
  2527. if (!nl_cmds)
  2528. goto nla_put_failure;
  2529. i = nl80211_add_commands_unsplit(rdev, msg);
  2530. if (i < 0)
  2531. goto nla_put_failure;
  2532. if (state->split) {
  2533. CMD(crit_proto_start, CRIT_PROTOCOL_START);
  2534. CMD(crit_proto_stop, CRIT_PROTOCOL_STOP);
  2535. if (rdev->wiphy.flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH)
  2536. CMD(channel_switch, CHANNEL_SWITCH);
  2537. CMD(set_qos_map, SET_QOS_MAP);
  2538. if (rdev->wiphy.features &
  2539. NL80211_FEATURE_SUPPORTS_WMM_ADMISSION)
  2540. CMD(add_tx_ts, ADD_TX_TS);
  2541. CMD(set_multicast_to_unicast, SET_MULTICAST_TO_UNICAST);
  2542. CMD(update_connect_params, UPDATE_CONNECT_PARAMS);
  2543. CMD(update_ft_ies, UPDATE_FT_IES);
  2544. if (rdev->wiphy.sar_capa)
  2545. CMD(set_sar_specs, SET_SAR_SPECS);
  2546. CMD(assoc_ml_reconf, ASSOC_MLO_RECONF);
  2547. }
  2548. #undef CMD
  2549. nla_nest_end(msg, nl_cmds);
  2550. state->split_start++;
  2551. if (state->split)
  2552. break;
  2553. fallthrough;
  2554. case 5:
  2555. if (rdev->ops->remain_on_channel &&
  2556. (rdev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL) &&
  2557. nla_put_u32(msg,
  2558. NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION,
  2559. rdev->wiphy.max_remain_on_channel_duration))
  2560. goto nla_put_failure;
  2561. if ((rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX) &&
  2562. nla_put_flag(msg, NL80211_ATTR_OFFCHANNEL_TX_OK))
  2563. goto nla_put_failure;
  2564. state->split_start++;
  2565. if (state->split)
  2566. break;
  2567. fallthrough;
  2568. case 6:
  2569. #ifdef CONFIG_PM
  2570. if (nl80211_send_wowlan(msg, rdev, state->split))
  2571. goto nla_put_failure;
  2572. state->split_start++;
  2573. if (state->split)
  2574. break;
  2575. #else
  2576. state->split_start++;
  2577. #endif
  2578. fallthrough;
  2579. case 7:
  2580. if (nl80211_put_iftypes(msg, NL80211_ATTR_SOFTWARE_IFTYPES,
  2581. rdev->wiphy.software_iftypes))
  2582. goto nla_put_failure;
  2583. if (nl80211_put_iface_combinations(&rdev->wiphy, msg,
  2584. NL80211_ATTR_INTERFACE_COMBINATIONS,
  2585. rdev->wiphy.n_radio ? 0 : -1,
  2586. state->split, 0))
  2587. goto nla_put_failure;
  2588. state->split_start++;
  2589. if (state->split)
  2590. break;
  2591. fallthrough;
  2592. case 8:
  2593. if ((rdev->wiphy.flags & WIPHY_FLAG_HAVE_AP_SME) &&
  2594. nla_put_u32(msg, NL80211_ATTR_DEVICE_AP_SME,
  2595. rdev->wiphy.ap_sme_capa))
  2596. goto nla_put_failure;
  2597. features = rdev->wiphy.features;
  2598. /*
  2599. * We can only add the per-channel limit information if the
  2600. * dump is split, otherwise it makes it too big. Therefore
  2601. * only advertise it in that case.
  2602. */
  2603. if (state->split)
  2604. features |= NL80211_FEATURE_ADVERTISE_CHAN_LIMITS;
  2605. if (nla_put_u32(msg, NL80211_ATTR_FEATURE_FLAGS, features))
  2606. goto nla_put_failure;
  2607. if (rdev->wiphy.ht_capa_mod_mask &&
  2608. nla_put(msg, NL80211_ATTR_HT_CAPABILITY_MASK,
  2609. sizeof(*rdev->wiphy.ht_capa_mod_mask),
  2610. rdev->wiphy.ht_capa_mod_mask))
  2611. goto nla_put_failure;
  2612. if (rdev->wiphy.flags & WIPHY_FLAG_HAVE_AP_SME &&
  2613. rdev->wiphy.max_acl_mac_addrs &&
  2614. nla_put_u32(msg, NL80211_ATTR_MAC_ACL_MAX,
  2615. rdev->wiphy.max_acl_mac_addrs))
  2616. goto nla_put_failure;
  2617. /*
  2618. * Any information below this point is only available to
  2619. * applications that can deal with it being split. This
  2620. * helps ensure that newly added capabilities don't break
  2621. * older tools by overrunning their buffers.
  2622. *
  2623. * We still increment split_start so that in the split
  2624. * case we'll continue with more data in the next round,
  2625. * but break unconditionally so unsplit data stops here.
  2626. */
  2627. if (state->split)
  2628. state->split_start++;
  2629. else
  2630. state->split_start = 0;
  2631. break;
  2632. case 9:
  2633. if (nl80211_send_mgmt_stypes(msg, mgmt_stypes))
  2634. goto nla_put_failure;
  2635. if (nla_put_u32(msg, NL80211_ATTR_MAX_NUM_SCHED_SCAN_PLANS,
  2636. rdev->wiphy.max_sched_scan_plans) ||
  2637. nla_put_u32(msg, NL80211_ATTR_MAX_SCAN_PLAN_INTERVAL,
  2638. rdev->wiphy.max_sched_scan_plan_interval) ||
  2639. nla_put_u32(msg, NL80211_ATTR_MAX_SCAN_PLAN_ITERATIONS,
  2640. rdev->wiphy.max_sched_scan_plan_iterations))
  2641. goto nla_put_failure;
  2642. if (rdev->wiphy.extended_capabilities &&
  2643. (nla_put(msg, NL80211_ATTR_EXT_CAPA,
  2644. rdev->wiphy.extended_capabilities_len,
  2645. rdev->wiphy.extended_capabilities) ||
  2646. nla_put(msg, NL80211_ATTR_EXT_CAPA_MASK,
  2647. rdev->wiphy.extended_capabilities_len,
  2648. rdev->wiphy.extended_capabilities_mask)))
  2649. goto nla_put_failure;
  2650. if (rdev->wiphy.vht_capa_mod_mask &&
  2651. nla_put(msg, NL80211_ATTR_VHT_CAPABILITY_MASK,
  2652. sizeof(*rdev->wiphy.vht_capa_mod_mask),
  2653. rdev->wiphy.vht_capa_mod_mask))
  2654. goto nla_put_failure;
  2655. if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN,
  2656. rdev->wiphy.perm_addr))
  2657. goto nla_put_failure;
  2658. if (!is_zero_ether_addr(rdev->wiphy.addr_mask) &&
  2659. nla_put(msg, NL80211_ATTR_MAC_MASK, ETH_ALEN,
  2660. rdev->wiphy.addr_mask))
  2661. goto nla_put_failure;
  2662. if (rdev->wiphy.n_addresses > 1) {
  2663. void *attr;
  2664. attr = nla_nest_start(msg, NL80211_ATTR_MAC_ADDRS);
  2665. if (!attr)
  2666. goto nla_put_failure;
  2667. for (i = 0; i < rdev->wiphy.n_addresses; i++)
  2668. if (nla_put(msg, i + 1, ETH_ALEN,
  2669. rdev->wiphy.addresses[i].addr))
  2670. goto nla_put_failure;
  2671. nla_nest_end(msg, attr);
  2672. }
  2673. state->split_start++;
  2674. break;
  2675. case 10:
  2676. if (nl80211_send_coalesce(msg, rdev))
  2677. goto nla_put_failure;
  2678. if ((rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_5_10_MHZ) &&
  2679. (nla_put_flag(msg, NL80211_ATTR_SUPPORT_5_MHZ) ||
  2680. nla_put_flag(msg, NL80211_ATTR_SUPPORT_10_MHZ)))
  2681. goto nla_put_failure;
  2682. if (rdev->wiphy.max_ap_assoc_sta &&
  2683. nla_put_u32(msg, NL80211_ATTR_MAX_AP_ASSOC_STA,
  2684. rdev->wiphy.max_ap_assoc_sta))
  2685. goto nla_put_failure;
  2686. state->split_start++;
  2687. break;
  2688. case 11:
  2689. if (rdev->wiphy.n_vendor_commands) {
  2690. const struct nl80211_vendor_cmd_info *info;
  2691. struct nlattr *nested;
  2692. nested = nla_nest_start_noflag(msg,
  2693. NL80211_ATTR_VENDOR_DATA);
  2694. if (!nested)
  2695. goto nla_put_failure;
  2696. for (i = 0; i < rdev->wiphy.n_vendor_commands; i++) {
  2697. info = &rdev->wiphy.vendor_commands[i].info;
  2698. if (nla_put(msg, i + 1, sizeof(*info), info))
  2699. goto nla_put_failure;
  2700. }
  2701. nla_nest_end(msg, nested);
  2702. }
  2703. if (rdev->wiphy.n_vendor_events) {
  2704. const struct nl80211_vendor_cmd_info *info;
  2705. struct nlattr *nested;
  2706. nested = nla_nest_start_noflag(msg,
  2707. NL80211_ATTR_VENDOR_EVENTS);
  2708. if (!nested)
  2709. goto nla_put_failure;
  2710. for (i = 0; i < rdev->wiphy.n_vendor_events; i++) {
  2711. info = &rdev->wiphy.vendor_events[i];
  2712. if (nla_put(msg, i + 1, sizeof(*info), info))
  2713. goto nla_put_failure;
  2714. }
  2715. nla_nest_end(msg, nested);
  2716. }
  2717. state->split_start++;
  2718. break;
  2719. case 12:
  2720. if (rdev->wiphy.flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH &&
  2721. nla_put_u8(msg, NL80211_ATTR_MAX_CSA_COUNTERS,
  2722. rdev->wiphy.max_num_csa_counters))
  2723. goto nla_put_failure;
  2724. if (rdev->wiphy.regulatory_flags & REGULATORY_WIPHY_SELF_MANAGED &&
  2725. nla_put_flag(msg, NL80211_ATTR_WIPHY_SELF_MANAGED_REG))
  2726. goto nla_put_failure;
  2727. if (rdev->wiphy.max_sched_scan_reqs &&
  2728. nla_put_u32(msg, NL80211_ATTR_SCHED_SCAN_MAX_REQS,
  2729. rdev->wiphy.max_sched_scan_reqs))
  2730. goto nla_put_failure;
  2731. if (nla_put(msg, NL80211_ATTR_EXT_FEATURES,
  2732. sizeof(rdev->wiphy.ext_features),
  2733. rdev->wiphy.ext_features))
  2734. goto nla_put_failure;
  2735. if (rdev->wiphy.bss_param_support) {
  2736. struct nlattr *nested;
  2737. u32 parsup = rdev->wiphy.bss_param_support;
  2738. nested = nla_nest_start(msg, NL80211_ATTR_BSS_PARAM);
  2739. if (!nested)
  2740. goto nla_put_failure;
  2741. if ((parsup & WIPHY_BSS_PARAM_CTS_PROT) &&
  2742. nla_put_flag(msg, NL80211_ATTR_BSS_CTS_PROT))
  2743. goto nla_put_failure;
  2744. if ((parsup & WIPHY_BSS_PARAM_SHORT_PREAMBLE) &&
  2745. nla_put_flag(msg, NL80211_ATTR_BSS_SHORT_PREAMBLE))
  2746. goto nla_put_failure;
  2747. if ((parsup & WIPHY_BSS_PARAM_SHORT_SLOT_TIME) &&
  2748. nla_put_flag(msg, NL80211_ATTR_BSS_SHORT_SLOT_TIME))
  2749. goto nla_put_failure;
  2750. if ((parsup & WIPHY_BSS_PARAM_BASIC_RATES) &&
  2751. nla_put_flag(msg, NL80211_ATTR_BSS_BASIC_RATES))
  2752. goto nla_put_failure;
  2753. if ((parsup & WIPHY_BSS_PARAM_AP_ISOLATE) &&
  2754. nla_put_flag(msg, NL80211_ATTR_AP_ISOLATE))
  2755. goto nla_put_failure;
  2756. if ((parsup & WIPHY_BSS_PARAM_HT_OPMODE) &&
  2757. nla_put_flag(msg, NL80211_ATTR_BSS_HT_OPMODE))
  2758. goto nla_put_failure;
  2759. if ((parsup & WIPHY_BSS_PARAM_P2P_CTWINDOW) &&
  2760. nla_put_flag(msg, NL80211_ATTR_P2P_CTWINDOW))
  2761. goto nla_put_failure;
  2762. if ((parsup & WIPHY_BSS_PARAM_P2P_OPPPS) &&
  2763. nla_put_flag(msg, NL80211_ATTR_P2P_OPPPS))
  2764. goto nla_put_failure;
  2765. nla_nest_end(msg, nested);
  2766. }
  2767. if (rdev->wiphy.bss_select_support) {
  2768. struct nlattr *nested;
  2769. u32 bss_select_support = rdev->wiphy.bss_select_support;
  2770. nested = nla_nest_start_noflag(msg,
  2771. NL80211_ATTR_BSS_SELECT);
  2772. if (!nested)
  2773. goto nla_put_failure;
  2774. i = 0;
  2775. while (bss_select_support) {
  2776. if ((bss_select_support & 1) &&
  2777. nla_put_flag(msg, i))
  2778. goto nla_put_failure;
  2779. i++;
  2780. bss_select_support >>= 1;
  2781. }
  2782. nla_nest_end(msg, nested);
  2783. }
  2784. state->split_start++;
  2785. break;
  2786. case 13:
  2787. if (rdev->wiphy.num_iftype_ext_capab &&
  2788. rdev->wiphy.iftype_ext_capab) {
  2789. struct nlattr *nested_ext_capab, *nested;
  2790. nested = nla_nest_start_noflag(msg,
  2791. NL80211_ATTR_IFTYPE_EXT_CAPA);
  2792. if (!nested)
  2793. goto nla_put_failure;
  2794. for (i = state->capa_start;
  2795. i < rdev->wiphy.num_iftype_ext_capab; i++) {
  2796. const struct wiphy_iftype_ext_capab *capab;
  2797. capab = &rdev->wiphy.iftype_ext_capab[i];
  2798. nested_ext_capab = nla_nest_start_noflag(msg,
  2799. i);
  2800. if (!nested_ext_capab ||
  2801. nla_put_u32(msg, NL80211_ATTR_IFTYPE,
  2802. capab->iftype) ||
  2803. nla_put(msg, NL80211_ATTR_EXT_CAPA,
  2804. capab->extended_capabilities_len,
  2805. capab->extended_capabilities) ||
  2806. nla_put(msg, NL80211_ATTR_EXT_CAPA_MASK,
  2807. capab->extended_capabilities_len,
  2808. capab->extended_capabilities_mask))
  2809. goto nla_put_failure;
  2810. if (rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_MLO &&
  2811. (nla_put_u16(msg,
  2812. NL80211_ATTR_EML_CAPABILITY,
  2813. capab->eml_capabilities) ||
  2814. nla_put_u16(msg,
  2815. NL80211_ATTR_MLD_CAPA_AND_OPS,
  2816. capab->mld_capa_and_ops)))
  2817. goto nla_put_failure;
  2818. nla_nest_end(msg, nested_ext_capab);
  2819. if (state->split)
  2820. break;
  2821. }
  2822. nla_nest_end(msg, nested);
  2823. if (i < rdev->wiphy.num_iftype_ext_capab) {
  2824. state->capa_start = i + 1;
  2825. break;
  2826. }
  2827. }
  2828. if (nla_put_u32(msg, NL80211_ATTR_BANDS,
  2829. rdev->wiphy.nan_supported_bands))
  2830. goto nla_put_failure;
  2831. if (wiphy_ext_feature_isset(&rdev->wiphy,
  2832. NL80211_EXT_FEATURE_TXQS)) {
  2833. struct cfg80211_txq_stats txqstats = {};
  2834. int res;
  2835. res = rdev_get_txq_stats(rdev, NULL, &txqstats);
  2836. if (!res &&
  2837. !nl80211_put_txq_stats(msg, &txqstats,
  2838. NL80211_ATTR_TXQ_STATS))
  2839. goto nla_put_failure;
  2840. if (nla_put_u32(msg, NL80211_ATTR_TXQ_LIMIT,
  2841. rdev->wiphy.txq_limit))
  2842. goto nla_put_failure;
  2843. if (nla_put_u32(msg, NL80211_ATTR_TXQ_MEMORY_LIMIT,
  2844. rdev->wiphy.txq_memory_limit))
  2845. goto nla_put_failure;
  2846. if (nla_put_u32(msg, NL80211_ATTR_TXQ_QUANTUM,
  2847. rdev->wiphy.txq_quantum))
  2848. goto nla_put_failure;
  2849. }
  2850. state->split_start++;
  2851. break;
  2852. case 14:
  2853. if (nl80211_send_pmsr_capa(rdev, msg))
  2854. goto nla_put_failure;
  2855. state->split_start++;
  2856. break;
  2857. case 15:
  2858. if (rdev->wiphy.akm_suites &&
  2859. nla_put(msg, NL80211_ATTR_AKM_SUITES,
  2860. sizeof(u32) * rdev->wiphy.n_akm_suites,
  2861. rdev->wiphy.akm_suites))
  2862. goto nla_put_failure;
  2863. if (nl80211_put_iftype_akm_suites(rdev, msg))
  2864. goto nla_put_failure;
  2865. if (nl80211_put_tid_config_support(rdev, msg))
  2866. goto nla_put_failure;
  2867. state->split_start++;
  2868. break;
  2869. case 16:
  2870. if (nl80211_put_sar_specs(rdev, msg))
  2871. goto nla_put_failure;
  2872. if (nl80211_put_mbssid_support(&rdev->wiphy, msg))
  2873. goto nla_put_failure;
  2874. if (nla_put_u16(msg, NL80211_ATTR_MAX_NUM_AKM_SUITES,
  2875. rdev->wiphy.max_num_akm_suites))
  2876. goto nla_put_failure;
  2877. if (rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_MLO)
  2878. nla_put_flag(msg, NL80211_ATTR_MLO_SUPPORT);
  2879. if (rdev->wiphy.hw_timestamp_max_peers &&
  2880. nla_put_u16(msg, NL80211_ATTR_MAX_HW_TIMESTAMP_PEERS,
  2881. rdev->wiphy.hw_timestamp_max_peers))
  2882. goto nla_put_failure;
  2883. state->split_start++;
  2884. break;
  2885. case 17:
  2886. if (nl80211_put_radios(&rdev->wiphy, msg))
  2887. goto nla_put_failure;
  2888. state->split_start++;
  2889. break;
  2890. case 18:
  2891. if (nl80211_put_nan_capa(&rdev->wiphy, msg))
  2892. goto nla_put_failure;
  2893. /* done */
  2894. state->split_start = 0;
  2895. break;
  2896. }
  2897. finish:
  2898. genlmsg_end(msg, hdr);
  2899. return 0;
  2900. nla_put_failure:
  2901. genlmsg_cancel(msg, hdr);
  2902. return -EMSGSIZE;
  2903. }
  2904. static int nl80211_dump_wiphy_parse(struct sk_buff *skb,
  2905. struct netlink_callback *cb,
  2906. struct nl80211_dump_wiphy_state *state)
  2907. {
  2908. struct nlattr **tb = kzalloc_objs(*tb, NUM_NL80211_ATTR);
  2909. int ret;
  2910. if (!tb)
  2911. return -ENOMEM;
  2912. ret = nlmsg_parse_deprecated(cb->nlh,
  2913. GENL_HDRLEN + nl80211_fam.hdrsize,
  2914. tb, nl80211_fam.maxattr,
  2915. nl80211_policy, NULL);
  2916. /* ignore parse errors for backward compatibility */
  2917. if (ret) {
  2918. ret = 0;
  2919. goto out;
  2920. }
  2921. state->split = tb[NL80211_ATTR_SPLIT_WIPHY_DUMP];
  2922. if (tb[NL80211_ATTR_WIPHY])
  2923. state->filter_wiphy = nla_get_u32(tb[NL80211_ATTR_WIPHY]);
  2924. if (tb[NL80211_ATTR_WDEV])
  2925. state->filter_wiphy = nla_get_u64(tb[NL80211_ATTR_WDEV]) >> 32;
  2926. if (tb[NL80211_ATTR_IFINDEX]) {
  2927. struct net_device *netdev;
  2928. struct cfg80211_registered_device *rdev;
  2929. int ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
  2930. netdev = __dev_get_by_index(sock_net(skb->sk), ifidx);
  2931. if (!netdev) {
  2932. ret = -ENODEV;
  2933. goto out;
  2934. }
  2935. if (netdev->ieee80211_ptr) {
  2936. rdev = wiphy_to_rdev(
  2937. netdev->ieee80211_ptr->wiphy);
  2938. state->filter_wiphy = rdev->wiphy_idx;
  2939. }
  2940. }
  2941. ret = 0;
  2942. out:
  2943. kfree(tb);
  2944. return ret;
  2945. }
  2946. static int nl80211_dump_wiphy(struct sk_buff *skb, struct netlink_callback *cb)
  2947. {
  2948. int idx = 0, ret;
  2949. struct nl80211_dump_wiphy_state *state = (void *)cb->args[0];
  2950. struct cfg80211_registered_device *rdev;
  2951. rtnl_lock();
  2952. if (!state) {
  2953. state = kzalloc_obj(*state);
  2954. if (!state) {
  2955. rtnl_unlock();
  2956. return -ENOMEM;
  2957. }
  2958. state->filter_wiphy = -1;
  2959. ret = nl80211_dump_wiphy_parse(skb, cb, state);
  2960. if (ret) {
  2961. kfree(state);
  2962. rtnl_unlock();
  2963. return ret;
  2964. }
  2965. cb->args[0] = (long)state;
  2966. }
  2967. for_each_rdev(rdev) {
  2968. if (!net_eq(wiphy_net(&rdev->wiphy), sock_net(skb->sk)))
  2969. continue;
  2970. if (++idx <= state->start)
  2971. continue;
  2972. if (state->filter_wiphy != -1 &&
  2973. state->filter_wiphy != rdev->wiphy_idx)
  2974. continue;
  2975. wiphy_lock(&rdev->wiphy);
  2976. /* attempt to fit multiple wiphy data chunks into the skb */
  2977. do {
  2978. ret = nl80211_send_wiphy(rdev, NL80211_CMD_NEW_WIPHY,
  2979. skb,
  2980. NETLINK_CB(cb->skb).portid,
  2981. cb->nlh->nlmsg_seq,
  2982. NLM_F_MULTI, state);
  2983. if (ret < 0) {
  2984. /*
  2985. * If sending the wiphy data didn't fit (ENOBUFS
  2986. * or EMSGSIZE returned), this SKB is still
  2987. * empty (so it's not too big because another
  2988. * wiphy dataset is already in the skb) and
  2989. * we've not tried to adjust the dump allocation
  2990. * yet ... then adjust the alloc size to be
  2991. * bigger, and return 1 but with the empty skb.
  2992. * This results in an empty message being RX'ed
  2993. * in userspace, but that is ignored.
  2994. *
  2995. * We can then retry with the larger buffer.
  2996. */
  2997. if ((ret == -ENOBUFS || ret == -EMSGSIZE) &&
  2998. !skb->len && !state->split &&
  2999. cb->min_dump_alloc < 4096) {
  3000. cb->min_dump_alloc = 4096;
  3001. state->split_start = 0;
  3002. wiphy_unlock(&rdev->wiphy);
  3003. rtnl_unlock();
  3004. return 1;
  3005. }
  3006. idx--;
  3007. break;
  3008. }
  3009. } while (state->split_start > 0);
  3010. wiphy_unlock(&rdev->wiphy);
  3011. break;
  3012. }
  3013. rtnl_unlock();
  3014. state->start = idx;
  3015. return skb->len;
  3016. }
  3017. static int nl80211_dump_wiphy_done(struct netlink_callback *cb)
  3018. {
  3019. kfree((void *)cb->args[0]);
  3020. return 0;
  3021. }
  3022. static int nl80211_get_wiphy(struct sk_buff *skb, struct genl_info *info)
  3023. {
  3024. struct sk_buff *msg;
  3025. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  3026. struct nl80211_dump_wiphy_state state = {};
  3027. msg = nlmsg_new(4096, GFP_KERNEL);
  3028. if (!msg)
  3029. return -ENOMEM;
  3030. if (nl80211_send_wiphy(rdev, NL80211_CMD_NEW_WIPHY, msg,
  3031. info->snd_portid, info->snd_seq, 0,
  3032. &state) < 0) {
  3033. nlmsg_free(msg);
  3034. return -ENOBUFS;
  3035. }
  3036. return genlmsg_reply(msg, info);
  3037. }
  3038. static const struct nla_policy txq_params_policy[NL80211_TXQ_ATTR_MAX + 1] = {
  3039. [NL80211_TXQ_ATTR_QUEUE] = { .type = NLA_U8 },
  3040. [NL80211_TXQ_ATTR_TXOP] = { .type = NLA_U16 },
  3041. [NL80211_TXQ_ATTR_CWMIN] = { .type = NLA_U16 },
  3042. [NL80211_TXQ_ATTR_CWMAX] = { .type = NLA_U16 },
  3043. [NL80211_TXQ_ATTR_AIFS] = { .type = NLA_U8 },
  3044. };
  3045. static int parse_txq_params(struct nlattr *tb[],
  3046. struct ieee80211_txq_params *txq_params)
  3047. {
  3048. u8 ac;
  3049. if (!tb[NL80211_TXQ_ATTR_AC] || !tb[NL80211_TXQ_ATTR_TXOP] ||
  3050. !tb[NL80211_TXQ_ATTR_CWMIN] || !tb[NL80211_TXQ_ATTR_CWMAX] ||
  3051. !tb[NL80211_TXQ_ATTR_AIFS])
  3052. return -EINVAL;
  3053. ac = nla_get_u8(tb[NL80211_TXQ_ATTR_AC]);
  3054. txq_params->txop = nla_get_u16(tb[NL80211_TXQ_ATTR_TXOP]);
  3055. txq_params->cwmin = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMIN]);
  3056. txq_params->cwmax = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMAX]);
  3057. txq_params->aifs = nla_get_u8(tb[NL80211_TXQ_ATTR_AIFS]);
  3058. if (ac >= NL80211_NUM_ACS)
  3059. return -EINVAL;
  3060. txq_params->ac = array_index_nospec(ac, NL80211_NUM_ACS);
  3061. return 0;
  3062. }
  3063. static bool nl80211_can_set_dev_channel(struct wireless_dev *wdev)
  3064. {
  3065. /*
  3066. * You can only set the channel explicitly for some interfaces,
  3067. * most have their channel managed via their respective
  3068. * "establish a connection" command (connect, join, ...)
  3069. *
  3070. * For AP/GO and mesh mode, the channel can be set with the
  3071. * channel userspace API, but is only stored and passed to the
  3072. * low-level driver when the AP starts or the mesh is joined.
  3073. * This is for backward compatibility, userspace can also give
  3074. * the channel in the start-ap or join-mesh commands instead.
  3075. *
  3076. * Monitors are special as they are normally slaved to
  3077. * whatever else is going on, so they have their own special
  3078. * operation to set the monitor channel if possible.
  3079. */
  3080. return !wdev ||
  3081. wdev->iftype == NL80211_IFTYPE_AP ||
  3082. wdev->iftype == NL80211_IFTYPE_MESH_POINT ||
  3083. wdev->iftype == NL80211_IFTYPE_MONITOR ||
  3084. wdev->iftype == NL80211_IFTYPE_P2P_GO;
  3085. }
  3086. static int _nl80211_parse_chandef(struct cfg80211_registered_device *rdev,
  3087. struct genl_info *info, bool monitor,
  3088. struct cfg80211_chan_def *chandef)
  3089. {
  3090. struct netlink_ext_ack *extack = info->extack;
  3091. struct nlattr **attrs = info->attrs;
  3092. u32 control_freq;
  3093. if (!attrs[NL80211_ATTR_WIPHY_FREQ]) {
  3094. NL_SET_ERR_MSG_ATTR(extack, attrs[NL80211_ATTR_WIPHY_FREQ],
  3095. "Frequency is missing");
  3096. return -EINVAL;
  3097. }
  3098. control_freq = MHZ_TO_KHZ(
  3099. nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]));
  3100. if (info->attrs[NL80211_ATTR_WIPHY_FREQ_OFFSET])
  3101. control_freq +=
  3102. nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ_OFFSET]);
  3103. memset(chandef, 0, sizeof(*chandef));
  3104. chandef->chan = ieee80211_get_channel_khz(&rdev->wiphy, control_freq);
  3105. chandef->width = NL80211_CHAN_WIDTH_20_NOHT;
  3106. chandef->center_freq1 = KHZ_TO_MHZ(control_freq);
  3107. chandef->freq1_offset = control_freq % 1000;
  3108. chandef->center_freq2 = 0;
  3109. chandef->s1g_primary_2mhz = false;
  3110. if (!chandef->chan) {
  3111. NL_SET_ERR_MSG_ATTR(extack, attrs[NL80211_ATTR_WIPHY_FREQ],
  3112. "Unknown channel");
  3113. return -EINVAL;
  3114. }
  3115. if (cfg80211_chandef_is_s1g(chandef))
  3116. chandef->width = NL80211_CHAN_WIDTH_1;
  3117. if (attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) {
  3118. enum nl80211_channel_type chantype;
  3119. chantype = nla_get_u32(attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
  3120. switch (chantype) {
  3121. case NL80211_CHAN_NO_HT:
  3122. case NL80211_CHAN_HT20:
  3123. case NL80211_CHAN_HT40PLUS:
  3124. case NL80211_CHAN_HT40MINUS:
  3125. cfg80211_chandef_create(chandef, chandef->chan,
  3126. chantype);
  3127. /* user input for center_freq is incorrect */
  3128. if (attrs[NL80211_ATTR_CENTER_FREQ1] &&
  3129. chandef->center_freq1 != nla_get_u32(attrs[NL80211_ATTR_CENTER_FREQ1])) {
  3130. NL_SET_ERR_MSG_ATTR(extack,
  3131. attrs[NL80211_ATTR_CENTER_FREQ1],
  3132. "bad center frequency 1");
  3133. return -EINVAL;
  3134. }
  3135. /* center_freq2 must be zero */
  3136. if (attrs[NL80211_ATTR_CENTER_FREQ2] &&
  3137. nla_get_u32(attrs[NL80211_ATTR_CENTER_FREQ2])) {
  3138. NL_SET_ERR_MSG_ATTR(extack,
  3139. attrs[NL80211_ATTR_CENTER_FREQ2],
  3140. "center frequency 2 can't be used");
  3141. return -EINVAL;
  3142. }
  3143. break;
  3144. default:
  3145. NL_SET_ERR_MSG_ATTR(extack,
  3146. attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE],
  3147. "invalid channel type");
  3148. return -EINVAL;
  3149. }
  3150. } else if (attrs[NL80211_ATTR_CHANNEL_WIDTH]) {
  3151. chandef->width = nla_get_u32(attrs[NL80211_ATTR_CHANNEL_WIDTH]);
  3152. if (attrs[NL80211_ATTR_CENTER_FREQ1]) {
  3153. chandef->center_freq1 =
  3154. nla_get_u32(attrs[NL80211_ATTR_CENTER_FREQ1]);
  3155. chandef->freq1_offset = nla_get_u32_default(
  3156. attrs[NL80211_ATTR_CENTER_FREQ1_OFFSET], 0);
  3157. }
  3158. if (attrs[NL80211_ATTR_CENTER_FREQ2])
  3159. chandef->center_freq2 =
  3160. nla_get_u32(attrs[NL80211_ATTR_CENTER_FREQ2]);
  3161. chandef->s1g_primary_2mhz = nla_get_flag(
  3162. attrs[NL80211_ATTR_S1G_PRIMARY_2MHZ]);
  3163. }
  3164. if (info->attrs[NL80211_ATTR_WIPHY_EDMG_CHANNELS]) {
  3165. chandef->edmg.channels =
  3166. nla_get_u8(info->attrs[NL80211_ATTR_WIPHY_EDMG_CHANNELS]);
  3167. if (info->attrs[NL80211_ATTR_WIPHY_EDMG_BW_CONFIG])
  3168. chandef->edmg.bw_config =
  3169. nla_get_u8(info->attrs[NL80211_ATTR_WIPHY_EDMG_BW_CONFIG]);
  3170. } else {
  3171. chandef->edmg.bw_config = 0;
  3172. chandef->edmg.channels = 0;
  3173. }
  3174. if (info->attrs[NL80211_ATTR_PUNCT_BITMAP]) {
  3175. chandef->punctured =
  3176. nla_get_u32(info->attrs[NL80211_ATTR_PUNCT_BITMAP]);
  3177. if (chandef->punctured &&
  3178. !wiphy_ext_feature_isset(&rdev->wiphy,
  3179. NL80211_EXT_FEATURE_PUNCT)) {
  3180. NL_SET_ERR_MSG(extack,
  3181. "driver doesn't support puncturing");
  3182. return -EINVAL;
  3183. }
  3184. }
  3185. if (!cfg80211_chandef_valid(chandef)) {
  3186. NL_SET_ERR_MSG(extack, "invalid channel definition");
  3187. return -EINVAL;
  3188. }
  3189. if (!_cfg80211_chandef_usable(&rdev->wiphy, chandef,
  3190. IEEE80211_CHAN_DISABLED,
  3191. monitor ? IEEE80211_CHAN_CAN_MONITOR : 0)) {
  3192. NL_SET_ERR_MSG(extack, "(extension) channel is disabled");
  3193. return -EINVAL;
  3194. }
  3195. if ((chandef->width == NL80211_CHAN_WIDTH_5 ||
  3196. chandef->width == NL80211_CHAN_WIDTH_10) &&
  3197. !(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_5_10_MHZ)) {
  3198. NL_SET_ERR_MSG(extack, "5/10 MHz not supported");
  3199. return -EINVAL;
  3200. }
  3201. return 0;
  3202. }
  3203. int nl80211_parse_chandef(struct cfg80211_registered_device *rdev,
  3204. struct genl_info *info,
  3205. struct cfg80211_chan_def *chandef)
  3206. {
  3207. return _nl80211_parse_chandef(rdev, info, false, chandef);
  3208. }
  3209. static int __nl80211_set_channel(struct cfg80211_registered_device *rdev,
  3210. struct net_device *dev,
  3211. struct genl_info *info,
  3212. int _link_id)
  3213. {
  3214. struct cfg80211_chan_def chandef;
  3215. int result;
  3216. enum nl80211_iftype iftype = NL80211_IFTYPE_MONITOR;
  3217. struct wireless_dev *wdev = NULL;
  3218. int link_id = _link_id;
  3219. if (dev)
  3220. wdev = dev->ieee80211_ptr;
  3221. if (!nl80211_can_set_dev_channel(wdev))
  3222. return -EOPNOTSUPP;
  3223. if (wdev)
  3224. iftype = wdev->iftype;
  3225. if (link_id < 0) {
  3226. if (wdev && wdev->valid_links)
  3227. return -EINVAL;
  3228. link_id = 0;
  3229. }
  3230. result = _nl80211_parse_chandef(rdev, info,
  3231. iftype == NL80211_IFTYPE_MONITOR,
  3232. &chandef);
  3233. if (result)
  3234. return result;
  3235. switch (iftype) {
  3236. case NL80211_IFTYPE_AP:
  3237. case NL80211_IFTYPE_P2P_GO:
  3238. if (!cfg80211_reg_can_beacon_relax(&rdev->wiphy, &chandef,
  3239. iftype))
  3240. return -EINVAL;
  3241. if (wdev->links[link_id].ap.beacon_interval) {
  3242. struct ieee80211_channel *cur_chan;
  3243. if (!dev || !rdev->ops->set_ap_chanwidth ||
  3244. !(rdev->wiphy.features &
  3245. NL80211_FEATURE_AP_MODE_CHAN_WIDTH_CHANGE))
  3246. return -EBUSY;
  3247. /* Only allow dynamic channel width changes */
  3248. cur_chan = wdev->links[link_id].ap.chandef.chan;
  3249. if (chandef.chan != cur_chan)
  3250. return -EBUSY;
  3251. /* only allow this for regular channel widths */
  3252. switch (wdev->links[link_id].ap.chandef.width) {
  3253. case NL80211_CHAN_WIDTH_20_NOHT:
  3254. case NL80211_CHAN_WIDTH_20:
  3255. case NL80211_CHAN_WIDTH_40:
  3256. case NL80211_CHAN_WIDTH_80:
  3257. case NL80211_CHAN_WIDTH_80P80:
  3258. case NL80211_CHAN_WIDTH_160:
  3259. case NL80211_CHAN_WIDTH_320:
  3260. break;
  3261. default:
  3262. return -EINVAL;
  3263. }
  3264. switch (chandef.width) {
  3265. case NL80211_CHAN_WIDTH_20_NOHT:
  3266. case NL80211_CHAN_WIDTH_20:
  3267. case NL80211_CHAN_WIDTH_40:
  3268. case NL80211_CHAN_WIDTH_80:
  3269. case NL80211_CHAN_WIDTH_80P80:
  3270. case NL80211_CHAN_WIDTH_160:
  3271. case NL80211_CHAN_WIDTH_320:
  3272. break;
  3273. default:
  3274. return -EINVAL;
  3275. }
  3276. result = rdev_set_ap_chanwidth(rdev, dev, link_id,
  3277. &chandef);
  3278. if (result)
  3279. return result;
  3280. wdev->links[link_id].ap.chandef = chandef;
  3281. } else {
  3282. wdev->u.ap.preset_chandef = chandef;
  3283. }
  3284. return 0;
  3285. case NL80211_IFTYPE_MESH_POINT:
  3286. return cfg80211_set_mesh_channel(rdev, wdev, &chandef);
  3287. case NL80211_IFTYPE_MONITOR:
  3288. return cfg80211_set_monitor_channel(rdev, dev, &chandef);
  3289. default:
  3290. break;
  3291. }
  3292. return -EINVAL;
  3293. }
  3294. static int nl80211_set_channel(struct sk_buff *skb, struct genl_info *info)
  3295. {
  3296. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  3297. int link_id = nl80211_link_id_or_invalid(info->attrs);
  3298. struct net_device *netdev = info->user_ptr[1];
  3299. return __nl80211_set_channel(rdev, netdev, info, link_id);
  3300. }
  3301. static int nl80211_set_wiphy_radio(struct genl_info *info,
  3302. struct cfg80211_registered_device *rdev,
  3303. int radio_idx)
  3304. {
  3305. u32 rts_threshold = 0, old_rts, changed = 0;
  3306. int result;
  3307. if (!rdev->ops->set_wiphy_params)
  3308. return -EOPNOTSUPP;
  3309. if (info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]) {
  3310. rts_threshold = nla_get_u32(
  3311. info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]);
  3312. changed |= WIPHY_PARAM_RTS_THRESHOLD;
  3313. }
  3314. old_rts = rdev->wiphy.radio_cfg[radio_idx].rts_threshold;
  3315. rdev->wiphy.radio_cfg[radio_idx].rts_threshold = rts_threshold;
  3316. result = rdev_set_wiphy_params(rdev, radio_idx, changed);
  3317. if (result)
  3318. rdev->wiphy.radio_cfg[radio_idx].rts_threshold = old_rts;
  3319. return 0;
  3320. }
  3321. static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info)
  3322. {
  3323. struct cfg80211_registered_device *rdev = NULL;
  3324. struct net_device *netdev = NULL;
  3325. struct wireless_dev *wdev;
  3326. int result = 0, rem_txq_params = 0;
  3327. struct nlattr *nl_txq_params;
  3328. u32 changed;
  3329. u8 retry_short = 0, retry_long = 0;
  3330. u32 frag_threshold = 0, rts_threshold = 0;
  3331. u8 coverage_class = 0;
  3332. u32 txq_limit = 0, txq_memory_limit = 0, txq_quantum = 0;
  3333. int radio_idx = -1;
  3334. rtnl_lock();
  3335. /*
  3336. * Try to find the wiphy and netdev. Normally this
  3337. * function shouldn't need the netdev, but this is
  3338. * done for backward compatibility -- previously
  3339. * setting the channel was done per wiphy, but now
  3340. * it is per netdev. Previous userland like hostapd
  3341. * also passed a netdev to set_wiphy, so that it is
  3342. * possible to let that go to the right netdev!
  3343. */
  3344. if (info->attrs[NL80211_ATTR_IFINDEX]) {
  3345. int ifindex = nla_get_u32(info->attrs[NL80211_ATTR_IFINDEX]);
  3346. netdev = __dev_get_by_index(genl_info_net(info), ifindex);
  3347. if (netdev && netdev->ieee80211_ptr)
  3348. rdev = wiphy_to_rdev(netdev->ieee80211_ptr->wiphy);
  3349. else
  3350. netdev = NULL;
  3351. }
  3352. if (!netdev) {
  3353. rdev = __cfg80211_rdev_from_attrs(genl_info_net(info),
  3354. info->attrs);
  3355. if (IS_ERR(rdev)) {
  3356. rtnl_unlock();
  3357. return PTR_ERR(rdev);
  3358. }
  3359. wdev = NULL;
  3360. netdev = NULL;
  3361. result = 0;
  3362. } else
  3363. wdev = netdev->ieee80211_ptr;
  3364. guard(wiphy)(&rdev->wiphy);
  3365. /*
  3366. * end workaround code, by now the rdev is available
  3367. * and locked, and wdev may or may not be NULL.
  3368. */
  3369. if (info->attrs[NL80211_ATTR_WIPHY_NAME])
  3370. result = cfg80211_dev_rename(
  3371. rdev, nla_data(info->attrs[NL80211_ATTR_WIPHY_NAME]));
  3372. rtnl_unlock();
  3373. if (result)
  3374. return result;
  3375. if (info->attrs[NL80211_ATTR_WIPHY_RADIO_INDEX]) {
  3376. /* Radio idx is not expected for non-multi radio wiphy */
  3377. if (rdev->wiphy.n_radio <= 0)
  3378. return -EINVAL;
  3379. radio_idx = nla_get_u8(
  3380. info->attrs[NL80211_ATTR_WIPHY_RADIO_INDEX]);
  3381. if (radio_idx >= rdev->wiphy.n_radio)
  3382. return -EINVAL;
  3383. return nl80211_set_wiphy_radio(info, rdev, radio_idx);
  3384. }
  3385. if (info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS]) {
  3386. struct ieee80211_txq_params txq_params;
  3387. struct nlattr *tb[NL80211_TXQ_ATTR_MAX + 1];
  3388. if (!rdev->ops->set_txq_params)
  3389. return -EOPNOTSUPP;
  3390. if (!netdev)
  3391. return -EINVAL;
  3392. if (netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
  3393. netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
  3394. return -EINVAL;
  3395. if (!netif_running(netdev))
  3396. return -ENETDOWN;
  3397. nla_for_each_nested(nl_txq_params,
  3398. info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS],
  3399. rem_txq_params) {
  3400. result = nla_parse_nested_deprecated(tb,
  3401. NL80211_TXQ_ATTR_MAX,
  3402. nl_txq_params,
  3403. txq_params_policy,
  3404. info->extack);
  3405. if (result)
  3406. return result;
  3407. result = parse_txq_params(tb, &txq_params);
  3408. if (result)
  3409. return result;
  3410. txq_params.link_id =
  3411. nl80211_link_id_or_invalid(info->attrs);
  3412. if (txq_params.link_id >= 0 &&
  3413. !(netdev->ieee80211_ptr->valid_links &
  3414. BIT(txq_params.link_id)))
  3415. result = -ENOLINK;
  3416. else if (txq_params.link_id >= 0 &&
  3417. !netdev->ieee80211_ptr->valid_links)
  3418. result = -EINVAL;
  3419. else
  3420. result = rdev_set_txq_params(rdev, netdev,
  3421. &txq_params);
  3422. if (result)
  3423. return result;
  3424. }
  3425. }
  3426. if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
  3427. int link_id = nl80211_link_id_or_invalid(info->attrs);
  3428. if (wdev) {
  3429. result = __nl80211_set_channel(
  3430. rdev,
  3431. nl80211_can_set_dev_channel(wdev) ? netdev : NULL,
  3432. info, link_id);
  3433. } else {
  3434. result = __nl80211_set_channel(rdev, netdev, info, link_id);
  3435. }
  3436. if (result)
  3437. return result;
  3438. }
  3439. if (info->attrs[NL80211_ATTR_WIPHY_TX_POWER_SETTING]) {
  3440. struct wireless_dev *txp_wdev = wdev;
  3441. enum nl80211_tx_power_setting type;
  3442. int idx, mbm = 0;
  3443. if (!(rdev->wiphy.features & NL80211_FEATURE_VIF_TXPOWER))
  3444. txp_wdev = NULL;
  3445. if (!rdev->ops->set_tx_power)
  3446. return -EOPNOTSUPP;
  3447. idx = NL80211_ATTR_WIPHY_TX_POWER_SETTING;
  3448. type = nla_get_u32(info->attrs[idx]);
  3449. if (!info->attrs[NL80211_ATTR_WIPHY_TX_POWER_LEVEL] &&
  3450. (type != NL80211_TX_POWER_AUTOMATIC))
  3451. return -EINVAL;
  3452. if (type != NL80211_TX_POWER_AUTOMATIC) {
  3453. idx = NL80211_ATTR_WIPHY_TX_POWER_LEVEL;
  3454. mbm = nla_get_u32(info->attrs[idx]);
  3455. }
  3456. result = rdev_set_tx_power(rdev, txp_wdev, radio_idx, type,
  3457. mbm);
  3458. if (result)
  3459. return result;
  3460. }
  3461. if (info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX] &&
  3462. info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]) {
  3463. u32 tx_ant, rx_ant;
  3464. if ((!rdev->wiphy.available_antennas_tx &&
  3465. !rdev->wiphy.available_antennas_rx) ||
  3466. !rdev->ops->set_antenna)
  3467. return -EOPNOTSUPP;
  3468. tx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX]);
  3469. rx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]);
  3470. /* reject antenna configurations which don't match the
  3471. * available antenna masks, except for the "all" mask */
  3472. if ((~tx_ant && (tx_ant & ~rdev->wiphy.available_antennas_tx)) ||
  3473. (~rx_ant && (rx_ant & ~rdev->wiphy.available_antennas_rx)))
  3474. return -EINVAL;
  3475. tx_ant = tx_ant & rdev->wiphy.available_antennas_tx;
  3476. rx_ant = rx_ant & rdev->wiphy.available_antennas_rx;
  3477. result = rdev_set_antenna(rdev, radio_idx, tx_ant, rx_ant);
  3478. if (result)
  3479. return result;
  3480. }
  3481. changed = 0;
  3482. if (info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]) {
  3483. retry_short = nla_get_u8(
  3484. info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]);
  3485. changed |= WIPHY_PARAM_RETRY_SHORT;
  3486. }
  3487. if (info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]) {
  3488. retry_long = nla_get_u8(
  3489. info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]);
  3490. changed |= WIPHY_PARAM_RETRY_LONG;
  3491. }
  3492. if (info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]) {
  3493. frag_threshold = nla_get_u32(
  3494. info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]);
  3495. if (frag_threshold < 256)
  3496. return -EINVAL;
  3497. if (frag_threshold != (u32) -1) {
  3498. /*
  3499. * Fragments (apart from the last one) are required to
  3500. * have even length. Make the fragmentation code
  3501. * simpler by stripping LSB should someone try to use
  3502. * odd threshold value.
  3503. */
  3504. frag_threshold &= ~0x1;
  3505. }
  3506. changed |= WIPHY_PARAM_FRAG_THRESHOLD;
  3507. }
  3508. if (info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]) {
  3509. rts_threshold = nla_get_u32(
  3510. info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]);
  3511. changed |= WIPHY_PARAM_RTS_THRESHOLD;
  3512. }
  3513. if (info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]) {
  3514. if (info->attrs[NL80211_ATTR_WIPHY_DYN_ACK])
  3515. return -EINVAL;
  3516. coverage_class = nla_get_u8(
  3517. info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]);
  3518. changed |= WIPHY_PARAM_COVERAGE_CLASS;
  3519. }
  3520. if (info->attrs[NL80211_ATTR_WIPHY_DYN_ACK]) {
  3521. if (!(rdev->wiphy.features & NL80211_FEATURE_ACKTO_ESTIMATION))
  3522. return -EOPNOTSUPP;
  3523. changed |= WIPHY_PARAM_DYN_ACK;
  3524. }
  3525. if (info->attrs[NL80211_ATTR_TXQ_LIMIT]) {
  3526. if (!wiphy_ext_feature_isset(&rdev->wiphy,
  3527. NL80211_EXT_FEATURE_TXQS))
  3528. return -EOPNOTSUPP;
  3529. txq_limit = nla_get_u32(
  3530. info->attrs[NL80211_ATTR_TXQ_LIMIT]);
  3531. changed |= WIPHY_PARAM_TXQ_LIMIT;
  3532. }
  3533. if (info->attrs[NL80211_ATTR_TXQ_MEMORY_LIMIT]) {
  3534. if (!wiphy_ext_feature_isset(&rdev->wiphy,
  3535. NL80211_EXT_FEATURE_TXQS))
  3536. return -EOPNOTSUPP;
  3537. txq_memory_limit = nla_get_u32(
  3538. info->attrs[NL80211_ATTR_TXQ_MEMORY_LIMIT]);
  3539. changed |= WIPHY_PARAM_TXQ_MEMORY_LIMIT;
  3540. }
  3541. if (info->attrs[NL80211_ATTR_TXQ_QUANTUM]) {
  3542. if (!wiphy_ext_feature_isset(&rdev->wiphy,
  3543. NL80211_EXT_FEATURE_TXQS))
  3544. return -EOPNOTSUPP;
  3545. txq_quantum = nla_get_u32(
  3546. info->attrs[NL80211_ATTR_TXQ_QUANTUM]);
  3547. changed |= WIPHY_PARAM_TXQ_QUANTUM;
  3548. }
  3549. if (changed) {
  3550. u8 old_retry_short, old_retry_long;
  3551. u32 old_frag_threshold, old_rts_threshold;
  3552. u8 old_coverage_class, i;
  3553. u32 old_txq_limit, old_txq_memory_limit, old_txq_quantum;
  3554. u32 *old_radio_rts_threshold = NULL;
  3555. if (!rdev->ops->set_wiphy_params)
  3556. return -EOPNOTSUPP;
  3557. if (rdev->wiphy.n_radio) {
  3558. old_radio_rts_threshold = kcalloc(rdev->wiphy.n_radio,
  3559. sizeof(u32),
  3560. GFP_KERNEL);
  3561. if (!old_radio_rts_threshold)
  3562. return -ENOMEM;
  3563. }
  3564. old_retry_short = rdev->wiphy.retry_short;
  3565. old_retry_long = rdev->wiphy.retry_long;
  3566. old_frag_threshold = rdev->wiphy.frag_threshold;
  3567. old_rts_threshold = rdev->wiphy.rts_threshold;
  3568. if (old_radio_rts_threshold) {
  3569. for (i = 0 ; i < rdev->wiphy.n_radio; i++)
  3570. old_radio_rts_threshold[i] =
  3571. rdev->wiphy.radio_cfg[i].rts_threshold;
  3572. }
  3573. old_coverage_class = rdev->wiphy.coverage_class;
  3574. old_txq_limit = rdev->wiphy.txq_limit;
  3575. old_txq_memory_limit = rdev->wiphy.txq_memory_limit;
  3576. old_txq_quantum = rdev->wiphy.txq_quantum;
  3577. if (changed & WIPHY_PARAM_RETRY_SHORT)
  3578. rdev->wiphy.retry_short = retry_short;
  3579. if (changed & WIPHY_PARAM_RETRY_LONG)
  3580. rdev->wiphy.retry_long = retry_long;
  3581. if (changed & WIPHY_PARAM_FRAG_THRESHOLD)
  3582. rdev->wiphy.frag_threshold = frag_threshold;
  3583. if ((changed & WIPHY_PARAM_RTS_THRESHOLD) &&
  3584. old_radio_rts_threshold) {
  3585. rdev->wiphy.rts_threshold = rts_threshold;
  3586. for (i = 0 ; i < rdev->wiphy.n_radio; i++)
  3587. rdev->wiphy.radio_cfg[i].rts_threshold =
  3588. rdev->wiphy.rts_threshold;
  3589. }
  3590. if (changed & WIPHY_PARAM_COVERAGE_CLASS)
  3591. rdev->wiphy.coverage_class = coverage_class;
  3592. if (changed & WIPHY_PARAM_TXQ_LIMIT)
  3593. rdev->wiphy.txq_limit = txq_limit;
  3594. if (changed & WIPHY_PARAM_TXQ_MEMORY_LIMIT)
  3595. rdev->wiphy.txq_memory_limit = txq_memory_limit;
  3596. if (changed & WIPHY_PARAM_TXQ_QUANTUM)
  3597. rdev->wiphy.txq_quantum = txq_quantum;
  3598. result = rdev_set_wiphy_params(rdev, radio_idx, changed);
  3599. if (result) {
  3600. rdev->wiphy.retry_short = old_retry_short;
  3601. rdev->wiphy.retry_long = old_retry_long;
  3602. rdev->wiphy.frag_threshold = old_frag_threshold;
  3603. rdev->wiphy.rts_threshold = old_rts_threshold;
  3604. if (old_radio_rts_threshold) {
  3605. for (i = 0 ; i < rdev->wiphy.n_radio; i++)
  3606. rdev->wiphy.radio_cfg[i].rts_threshold =
  3607. old_radio_rts_threshold[i];
  3608. }
  3609. rdev->wiphy.coverage_class = old_coverage_class;
  3610. rdev->wiphy.txq_limit = old_txq_limit;
  3611. rdev->wiphy.txq_memory_limit = old_txq_memory_limit;
  3612. rdev->wiphy.txq_quantum = old_txq_quantum;
  3613. }
  3614. kfree(old_radio_rts_threshold);
  3615. return result;
  3616. }
  3617. return 0;
  3618. }
  3619. int nl80211_send_chandef(struct sk_buff *msg, const struct cfg80211_chan_def *chandef)
  3620. {
  3621. if (WARN_ON(!cfg80211_chandef_valid(chandef)))
  3622. return -EINVAL;
  3623. if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ,
  3624. chandef->chan->center_freq))
  3625. return -ENOBUFS;
  3626. if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ_OFFSET,
  3627. chandef->chan->freq_offset))
  3628. return -ENOBUFS;
  3629. switch (chandef->width) {
  3630. case NL80211_CHAN_WIDTH_20_NOHT:
  3631. case NL80211_CHAN_WIDTH_20:
  3632. case NL80211_CHAN_WIDTH_40:
  3633. if (nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
  3634. cfg80211_get_chandef_type(chandef)))
  3635. return -ENOBUFS;
  3636. break;
  3637. default:
  3638. break;
  3639. }
  3640. if (nla_put_u32(msg, NL80211_ATTR_CHANNEL_WIDTH, chandef->width))
  3641. return -ENOBUFS;
  3642. if (nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ1, chandef->center_freq1))
  3643. return -ENOBUFS;
  3644. if (chandef->center_freq2 &&
  3645. nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ2, chandef->center_freq2))
  3646. return -ENOBUFS;
  3647. if (chandef->punctured &&
  3648. nla_put_u32(msg, NL80211_ATTR_PUNCT_BITMAP, chandef->punctured))
  3649. return -ENOBUFS;
  3650. if (chandef->s1g_primary_2mhz &&
  3651. nla_put_flag(msg, NL80211_ATTR_S1G_PRIMARY_2MHZ))
  3652. return -ENOBUFS;
  3653. return 0;
  3654. }
  3655. EXPORT_SYMBOL(nl80211_send_chandef);
  3656. static int nl80211_send_iface(struct sk_buff *msg, u32 portid, u32 seq, int flags,
  3657. struct cfg80211_registered_device *rdev,
  3658. struct wireless_dev *wdev,
  3659. enum nl80211_commands cmd)
  3660. {
  3661. struct net_device *dev = wdev->netdev;
  3662. void *hdr;
  3663. lockdep_assert_wiphy(&rdev->wiphy);
  3664. WARN_ON(cmd != NL80211_CMD_NEW_INTERFACE &&
  3665. cmd != NL80211_CMD_DEL_INTERFACE &&
  3666. cmd != NL80211_CMD_SET_INTERFACE);
  3667. hdr = nl80211hdr_put(msg, portid, seq, flags, cmd);
  3668. if (!hdr)
  3669. return -1;
  3670. if (dev &&
  3671. (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
  3672. nla_put_string(msg, NL80211_ATTR_IFNAME, dev->name)))
  3673. goto nla_put_failure;
  3674. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  3675. nla_put_u32(msg, NL80211_ATTR_IFTYPE, wdev->iftype) ||
  3676. nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
  3677. NL80211_ATTR_PAD) ||
  3678. nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, wdev_address(wdev)) ||
  3679. nla_put_u32(msg, NL80211_ATTR_GENERATION,
  3680. rdev->devlist_generation ^
  3681. (cfg80211_rdev_list_generation << 2)) ||
  3682. nla_put_u8(msg, NL80211_ATTR_4ADDR, wdev->use_4addr) ||
  3683. nla_put_u32(msg, NL80211_ATTR_VIF_RADIO_MASK, wdev->radio_mask))
  3684. goto nla_put_failure;
  3685. if (rdev->ops->get_channel && !wdev->valid_links) {
  3686. struct cfg80211_chan_def chandef = {};
  3687. int ret;
  3688. ret = rdev_get_channel(rdev, wdev, 0, &chandef);
  3689. if (ret == 0 && nl80211_send_chandef(msg, &chandef))
  3690. goto nla_put_failure;
  3691. }
  3692. if (rdev->ops->get_tx_power && !wdev->valid_links) {
  3693. int dbm, ret;
  3694. ret = rdev_get_tx_power(rdev, wdev, -1, 0, &dbm);
  3695. if (ret == 0 &&
  3696. nla_put_u32(msg, NL80211_ATTR_WIPHY_TX_POWER_LEVEL,
  3697. DBM_TO_MBM(dbm)))
  3698. goto nla_put_failure;
  3699. }
  3700. switch (wdev->iftype) {
  3701. case NL80211_IFTYPE_AP:
  3702. case NL80211_IFTYPE_P2P_GO:
  3703. if (wdev->u.ap.ssid_len &&
  3704. nla_put(msg, NL80211_ATTR_SSID, wdev->u.ap.ssid_len,
  3705. wdev->u.ap.ssid))
  3706. goto nla_put_failure;
  3707. break;
  3708. case NL80211_IFTYPE_STATION:
  3709. case NL80211_IFTYPE_P2P_CLIENT:
  3710. if (wdev->u.client.ssid_len &&
  3711. nla_put(msg, NL80211_ATTR_SSID, wdev->u.client.ssid_len,
  3712. wdev->u.client.ssid))
  3713. goto nla_put_failure;
  3714. break;
  3715. case NL80211_IFTYPE_ADHOC:
  3716. if (wdev->u.ibss.ssid_len &&
  3717. nla_put(msg, NL80211_ATTR_SSID, wdev->u.ibss.ssid_len,
  3718. wdev->u.ibss.ssid))
  3719. goto nla_put_failure;
  3720. break;
  3721. default:
  3722. /* nothing */
  3723. break;
  3724. }
  3725. if (rdev->ops->get_txq_stats) {
  3726. struct cfg80211_txq_stats txqstats = {};
  3727. int ret = rdev_get_txq_stats(rdev, wdev, &txqstats);
  3728. if (ret == 0 &&
  3729. !nl80211_put_txq_stats(msg, &txqstats,
  3730. NL80211_ATTR_TXQ_STATS))
  3731. goto nla_put_failure;
  3732. }
  3733. if (wdev->valid_links) {
  3734. unsigned int link_id;
  3735. struct nlattr *links = nla_nest_start(msg,
  3736. NL80211_ATTR_MLO_LINKS);
  3737. if (!links)
  3738. goto nla_put_failure;
  3739. for_each_valid_link(wdev, link_id) {
  3740. struct nlattr *link = nla_nest_start(msg, link_id + 1);
  3741. struct cfg80211_chan_def chandef = {};
  3742. int ret;
  3743. if (!link)
  3744. goto nla_put_failure;
  3745. if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id))
  3746. goto nla_put_failure;
  3747. if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN,
  3748. wdev->links[link_id].addr))
  3749. goto nla_put_failure;
  3750. ret = rdev_get_channel(rdev, wdev, link_id, &chandef);
  3751. if (ret == 0 && nl80211_send_chandef(msg, &chandef))
  3752. goto nla_put_failure;
  3753. if (rdev->ops->get_tx_power) {
  3754. int dbm, ret;
  3755. ret = rdev_get_tx_power(rdev, wdev, -1, link_id, &dbm);
  3756. if (ret == 0 &&
  3757. nla_put_u32(msg, NL80211_ATTR_WIPHY_TX_POWER_LEVEL,
  3758. DBM_TO_MBM(dbm)))
  3759. goto nla_put_failure;
  3760. }
  3761. nla_nest_end(msg, link);
  3762. }
  3763. nla_nest_end(msg, links);
  3764. }
  3765. genlmsg_end(msg, hdr);
  3766. return 0;
  3767. nla_put_failure:
  3768. genlmsg_cancel(msg, hdr);
  3769. return -EMSGSIZE;
  3770. }
  3771. static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback *cb)
  3772. {
  3773. int wp_idx = 0;
  3774. int if_idx = 0;
  3775. int wp_start = cb->args[0];
  3776. int if_start = cb->args[1];
  3777. int filter_wiphy = -1;
  3778. struct cfg80211_registered_device *rdev;
  3779. struct wireless_dev *wdev;
  3780. int ret;
  3781. rtnl_lock();
  3782. if (!cb->args[2]) {
  3783. struct nl80211_dump_wiphy_state state = {
  3784. .filter_wiphy = -1,
  3785. };
  3786. ret = nl80211_dump_wiphy_parse(skb, cb, &state);
  3787. if (ret)
  3788. goto out_unlock;
  3789. filter_wiphy = state.filter_wiphy;
  3790. /*
  3791. * if filtering, set cb->args[2] to +1 since 0 is the default
  3792. * value needed to determine that parsing is necessary.
  3793. */
  3794. if (filter_wiphy >= 0)
  3795. cb->args[2] = filter_wiphy + 1;
  3796. else
  3797. cb->args[2] = -1;
  3798. } else if (cb->args[2] > 0) {
  3799. filter_wiphy = cb->args[2] - 1;
  3800. }
  3801. for_each_rdev(rdev) {
  3802. if (!net_eq(wiphy_net(&rdev->wiphy), sock_net(skb->sk)))
  3803. continue;
  3804. if (wp_idx < wp_start) {
  3805. wp_idx++;
  3806. continue;
  3807. }
  3808. if (filter_wiphy >= 0 && filter_wiphy != rdev->wiphy_idx)
  3809. continue;
  3810. if_idx = 0;
  3811. guard(wiphy)(&rdev->wiphy);
  3812. list_for_each_entry(wdev, &rdev->wiphy.wdev_list, list) {
  3813. if (if_idx < if_start) {
  3814. if_idx++;
  3815. continue;
  3816. }
  3817. if (nl80211_send_iface(skb, NETLINK_CB(cb->skb).portid,
  3818. cb->nlh->nlmsg_seq, NLM_F_MULTI,
  3819. rdev, wdev,
  3820. NL80211_CMD_NEW_INTERFACE) < 0)
  3821. goto out;
  3822. if_idx++;
  3823. }
  3824. if_start = 0;
  3825. wp_idx++;
  3826. }
  3827. out:
  3828. cb->args[0] = wp_idx;
  3829. cb->args[1] = if_idx;
  3830. ret = skb->len;
  3831. out_unlock:
  3832. rtnl_unlock();
  3833. return ret;
  3834. }
  3835. static int nl80211_get_interface(struct sk_buff *skb, struct genl_info *info)
  3836. {
  3837. struct sk_buff *msg;
  3838. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  3839. struct wireless_dev *wdev = info->user_ptr[1];
  3840. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  3841. if (!msg)
  3842. return -ENOMEM;
  3843. if (nl80211_send_iface(msg, info->snd_portid, info->snd_seq, 0,
  3844. rdev, wdev, NL80211_CMD_NEW_INTERFACE) < 0) {
  3845. nlmsg_free(msg);
  3846. return -ENOBUFS;
  3847. }
  3848. return genlmsg_reply(msg, info);
  3849. }
  3850. static const struct nla_policy mntr_flags_policy[NL80211_MNTR_FLAG_MAX + 1] = {
  3851. [NL80211_MNTR_FLAG_FCSFAIL] = { .type = NLA_FLAG },
  3852. [NL80211_MNTR_FLAG_PLCPFAIL] = { .type = NLA_FLAG },
  3853. [NL80211_MNTR_FLAG_CONTROL] = { .type = NLA_FLAG },
  3854. [NL80211_MNTR_FLAG_OTHER_BSS] = { .type = NLA_FLAG },
  3855. [NL80211_MNTR_FLAG_COOK_FRAMES] = { .type = NLA_FLAG },
  3856. [NL80211_MNTR_FLAG_ACTIVE] = { .type = NLA_FLAG },
  3857. [NL80211_MNTR_FLAG_SKIP_TX] = { .type = NLA_FLAG },
  3858. };
  3859. static int parse_monitor_flags(struct nlattr *nla, u32 *mntrflags)
  3860. {
  3861. struct nlattr *flags[NL80211_MNTR_FLAG_MAX + 1];
  3862. int flag;
  3863. *mntrflags = 0;
  3864. if (!nla)
  3865. return -EINVAL;
  3866. if (nla_parse_nested_deprecated(flags, NL80211_MNTR_FLAG_MAX, nla, mntr_flags_policy, NULL))
  3867. return -EINVAL;
  3868. for (flag = 1; flag <= NL80211_MNTR_FLAG_MAX; flag++)
  3869. if (flags[flag])
  3870. *mntrflags |= (1<<flag);
  3871. /* cooked monitor mode is incompatible with other modes */
  3872. if (*mntrflags & MONITOR_FLAG_COOK_FRAMES &&
  3873. *mntrflags != MONITOR_FLAG_COOK_FRAMES)
  3874. return -EOPNOTSUPP;
  3875. *mntrflags |= MONITOR_FLAG_CHANGED;
  3876. return 0;
  3877. }
  3878. static int nl80211_parse_mon_options(struct cfg80211_registered_device *rdev,
  3879. enum nl80211_iftype type,
  3880. struct genl_info *info,
  3881. struct vif_params *params)
  3882. {
  3883. bool change = false;
  3884. int err;
  3885. if (info->attrs[NL80211_ATTR_MNTR_FLAGS]) {
  3886. if (type != NL80211_IFTYPE_MONITOR)
  3887. return -EINVAL;
  3888. err = parse_monitor_flags(info->attrs[NL80211_ATTR_MNTR_FLAGS],
  3889. &params->flags);
  3890. if (err)
  3891. return err;
  3892. change = true;
  3893. }
  3894. /* MONITOR_FLAG_COOK_FRAMES is deprecated, refuse cooperation */
  3895. if (params->flags & MONITOR_FLAG_COOK_FRAMES)
  3896. return -EOPNOTSUPP;
  3897. if (params->flags & MONITOR_FLAG_ACTIVE &&
  3898. !(rdev->wiphy.features & NL80211_FEATURE_ACTIVE_MONITOR))
  3899. return -EOPNOTSUPP;
  3900. if (info->attrs[NL80211_ATTR_MU_MIMO_GROUP_DATA]) {
  3901. const u8 *mumimo_groups;
  3902. u32 cap_flag = NL80211_EXT_FEATURE_MU_MIMO_AIR_SNIFFER;
  3903. if (type != NL80211_IFTYPE_MONITOR)
  3904. return -EINVAL;
  3905. if (!wiphy_ext_feature_isset(&rdev->wiphy, cap_flag))
  3906. return -EOPNOTSUPP;
  3907. mumimo_groups =
  3908. nla_data(info->attrs[NL80211_ATTR_MU_MIMO_GROUP_DATA]);
  3909. /* bits 0 and 63 are reserved and must be zero */
  3910. if ((mumimo_groups[0] & BIT(0)) ||
  3911. (mumimo_groups[VHT_MUMIMO_GROUPS_DATA_LEN - 1] & BIT(7)))
  3912. return -EINVAL;
  3913. params->vht_mumimo_groups = mumimo_groups;
  3914. change = true;
  3915. }
  3916. if (info->attrs[NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR]) {
  3917. u32 cap_flag = NL80211_EXT_FEATURE_MU_MIMO_AIR_SNIFFER;
  3918. if (type != NL80211_IFTYPE_MONITOR)
  3919. return -EINVAL;
  3920. if (!wiphy_ext_feature_isset(&rdev->wiphy, cap_flag))
  3921. return -EOPNOTSUPP;
  3922. params->vht_mumimo_follow_addr =
  3923. nla_data(info->attrs[NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR]);
  3924. change = true;
  3925. }
  3926. return change ? 1 : 0;
  3927. }
  3928. static int nl80211_valid_4addr(struct cfg80211_registered_device *rdev,
  3929. struct net_device *netdev, u8 use_4addr,
  3930. enum nl80211_iftype iftype)
  3931. {
  3932. if (!use_4addr) {
  3933. if (netdev && netif_is_bridge_port(netdev))
  3934. return -EBUSY;
  3935. return 0;
  3936. }
  3937. switch (iftype) {
  3938. case NL80211_IFTYPE_AP_VLAN:
  3939. if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_AP)
  3940. return 0;
  3941. break;
  3942. case NL80211_IFTYPE_STATION:
  3943. if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_STATION)
  3944. return 0;
  3945. break;
  3946. default:
  3947. break;
  3948. }
  3949. return -EOPNOTSUPP;
  3950. }
  3951. static int nl80211_parse_vif_radio_mask(struct genl_info *info,
  3952. u32 *radio_mask)
  3953. {
  3954. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  3955. struct nlattr *attr = info->attrs[NL80211_ATTR_VIF_RADIO_MASK];
  3956. u32 mask, allowed;
  3957. if (!attr) {
  3958. *radio_mask = 0;
  3959. return 0;
  3960. }
  3961. allowed = BIT(rdev->wiphy.n_radio) - 1;
  3962. mask = nla_get_u32(attr);
  3963. if (mask & ~allowed)
  3964. return -EINVAL;
  3965. if (!mask)
  3966. mask = allowed;
  3967. *radio_mask = mask;
  3968. return 1;
  3969. }
  3970. static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
  3971. {
  3972. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  3973. struct vif_params params;
  3974. int err;
  3975. enum nl80211_iftype otype, ntype;
  3976. struct net_device *dev = info->user_ptr[1];
  3977. struct wireless_dev *wdev = dev->ieee80211_ptr;
  3978. u32 radio_mask = 0;
  3979. bool change = false;
  3980. memset(&params, 0, sizeof(params));
  3981. otype = ntype = dev->ieee80211_ptr->iftype;
  3982. if (info->attrs[NL80211_ATTR_IFTYPE]) {
  3983. ntype = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]);
  3984. if (otype != ntype)
  3985. change = true;
  3986. }
  3987. if (info->attrs[NL80211_ATTR_MESH_ID]) {
  3988. if (ntype != NL80211_IFTYPE_MESH_POINT)
  3989. return -EINVAL;
  3990. if (otype != NL80211_IFTYPE_MESH_POINT)
  3991. return -EINVAL;
  3992. if (netif_running(dev))
  3993. return -EBUSY;
  3994. wdev->u.mesh.id_up_len =
  3995. nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
  3996. memcpy(wdev->u.mesh.id,
  3997. nla_data(info->attrs[NL80211_ATTR_MESH_ID]),
  3998. wdev->u.mesh.id_up_len);
  3999. }
  4000. if (info->attrs[NL80211_ATTR_4ADDR]) {
  4001. params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]);
  4002. change = true;
  4003. err = nl80211_valid_4addr(rdev, dev, params.use_4addr, ntype);
  4004. if (err)
  4005. return err;
  4006. } else {
  4007. params.use_4addr = -1;
  4008. }
  4009. err = nl80211_parse_mon_options(rdev, ntype, info, &params);
  4010. if (err < 0)
  4011. return err;
  4012. if (err > 0)
  4013. change = true;
  4014. err = nl80211_parse_vif_radio_mask(info, &radio_mask);
  4015. if (err < 0)
  4016. return err;
  4017. if (err && netif_running(dev))
  4018. return -EBUSY;
  4019. if (change)
  4020. err = cfg80211_change_iface(rdev, dev, ntype, &params);
  4021. else
  4022. err = 0;
  4023. if (!err && params.use_4addr != -1)
  4024. dev->ieee80211_ptr->use_4addr = params.use_4addr;
  4025. if (radio_mask)
  4026. wdev->radio_mask = radio_mask;
  4027. if (change && !err)
  4028. nl80211_notify_iface(rdev, wdev, NL80211_CMD_SET_INTERFACE);
  4029. return err;
  4030. }
  4031. static int _nl80211_new_interface(struct sk_buff *skb, struct genl_info *info)
  4032. {
  4033. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  4034. struct vif_params params;
  4035. struct wireless_dev *wdev;
  4036. struct sk_buff *msg;
  4037. u32 radio_mask;
  4038. int err;
  4039. enum nl80211_iftype type = NL80211_IFTYPE_UNSPECIFIED;
  4040. memset(&params, 0, sizeof(params));
  4041. if (!info->attrs[NL80211_ATTR_IFNAME])
  4042. return -EINVAL;
  4043. if (info->attrs[NL80211_ATTR_IFTYPE])
  4044. type = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]);
  4045. if (!rdev->ops->add_virtual_intf)
  4046. return -EOPNOTSUPP;
  4047. if ((type == NL80211_IFTYPE_P2P_DEVICE || type == NL80211_IFTYPE_NAN ||
  4048. rdev->wiphy.features & NL80211_FEATURE_MAC_ON_CREATE) &&
  4049. info->attrs[NL80211_ATTR_MAC]) {
  4050. nla_memcpy(params.macaddr, info->attrs[NL80211_ATTR_MAC],
  4051. ETH_ALEN);
  4052. if (!is_valid_ether_addr(params.macaddr))
  4053. return -EADDRNOTAVAIL;
  4054. }
  4055. if (info->attrs[NL80211_ATTR_4ADDR]) {
  4056. params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]);
  4057. err = nl80211_valid_4addr(rdev, NULL, params.use_4addr, type);
  4058. if (err)
  4059. return err;
  4060. }
  4061. if (!cfg80211_iftype_allowed(&rdev->wiphy, type, params.use_4addr, 0))
  4062. return -EOPNOTSUPP;
  4063. err = nl80211_parse_mon_options(rdev, type, info, &params);
  4064. if (err < 0)
  4065. return err;
  4066. err = nl80211_parse_vif_radio_mask(info, &radio_mask);
  4067. if (err < 0)
  4068. return err;
  4069. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  4070. if (!msg)
  4071. return -ENOMEM;
  4072. wdev = rdev_add_virtual_intf(rdev,
  4073. nla_data(info->attrs[NL80211_ATTR_IFNAME]),
  4074. NET_NAME_USER, type, &params);
  4075. if (WARN_ON(!wdev)) {
  4076. nlmsg_free(msg);
  4077. return -EPROTO;
  4078. } else if (IS_ERR(wdev)) {
  4079. nlmsg_free(msg);
  4080. return PTR_ERR(wdev);
  4081. }
  4082. if (info->attrs[NL80211_ATTR_SOCKET_OWNER])
  4083. wdev->owner_nlportid = info->snd_portid;
  4084. switch (type) {
  4085. case NL80211_IFTYPE_MESH_POINT:
  4086. if (!info->attrs[NL80211_ATTR_MESH_ID])
  4087. break;
  4088. wdev->u.mesh.id_up_len =
  4089. nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
  4090. memcpy(wdev->u.mesh.id,
  4091. nla_data(info->attrs[NL80211_ATTR_MESH_ID]),
  4092. wdev->u.mesh.id_up_len);
  4093. break;
  4094. case NL80211_IFTYPE_NAN:
  4095. case NL80211_IFTYPE_P2P_DEVICE:
  4096. /*
  4097. * P2P Device and NAN do not have a netdev, so don't go
  4098. * through the netdev notifier and must be added here
  4099. */
  4100. cfg80211_init_wdev(wdev);
  4101. cfg80211_register_wdev(rdev, wdev);
  4102. break;
  4103. default:
  4104. break;
  4105. }
  4106. if (radio_mask)
  4107. wdev->radio_mask = radio_mask;
  4108. if (nl80211_send_iface(msg, info->snd_portid, info->snd_seq, 0,
  4109. rdev, wdev, NL80211_CMD_NEW_INTERFACE) < 0) {
  4110. nlmsg_free(msg);
  4111. return -ENOBUFS;
  4112. }
  4113. return genlmsg_reply(msg, info);
  4114. }
  4115. static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info)
  4116. {
  4117. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  4118. /* to avoid failing a new interface creation due to pending removal */
  4119. cfg80211_destroy_ifaces(rdev);
  4120. guard(wiphy)(&rdev->wiphy);
  4121. return _nl80211_new_interface(skb, info);
  4122. }
  4123. static int nl80211_del_interface(struct sk_buff *skb, struct genl_info *info)
  4124. {
  4125. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  4126. struct wireless_dev *wdev = info->user_ptr[1];
  4127. if (!rdev->ops->del_virtual_intf)
  4128. return -EOPNOTSUPP;
  4129. /*
  4130. * We hold RTNL, so this is safe, without RTNL opencount cannot
  4131. * reach 0, and thus the rdev cannot be deleted.
  4132. *
  4133. * We need to do it for the dev_close(), since that will call
  4134. * the netdev notifiers, and we need to acquire the mutex there
  4135. * but don't know if we get there from here or from some other
  4136. * place (e.g. "ip link set ... down").
  4137. */
  4138. mutex_unlock(&rdev->wiphy.mtx);
  4139. /*
  4140. * If we remove a wireless device without a netdev then clear
  4141. * user_ptr[1] so that nl80211_post_doit won't dereference it
  4142. * to check if it needs to do dev_put(). Otherwise it crashes
  4143. * since the wdev has been freed, unlike with a netdev where
  4144. * we need the dev_put() for the netdev to really be freed.
  4145. */
  4146. if (!wdev->netdev)
  4147. info->user_ptr[1] = NULL;
  4148. else
  4149. dev_close(wdev->netdev);
  4150. mutex_lock(&rdev->wiphy.mtx);
  4151. return cfg80211_remove_virtual_intf(rdev, wdev);
  4152. }
  4153. static int nl80211_set_noack_map(struct sk_buff *skb, struct genl_info *info)
  4154. {
  4155. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  4156. struct net_device *dev = info->user_ptr[1];
  4157. u16 noack_map;
  4158. if (!info->attrs[NL80211_ATTR_NOACK_MAP])
  4159. return -EINVAL;
  4160. if (!rdev->ops->set_noack_map)
  4161. return -EOPNOTSUPP;
  4162. noack_map = nla_get_u16(info->attrs[NL80211_ATTR_NOACK_MAP]);
  4163. return rdev_set_noack_map(rdev, dev, noack_map);
  4164. }
  4165. static int nl80211_validate_key_link_id(struct genl_info *info,
  4166. struct wireless_dev *wdev,
  4167. int link_id, bool pairwise)
  4168. {
  4169. if (pairwise) {
  4170. if (link_id != -1) {
  4171. GENL_SET_ERR_MSG(info,
  4172. "link ID not allowed for pairwise key");
  4173. return -EINVAL;
  4174. }
  4175. return 0;
  4176. }
  4177. if (wdev->valid_links) {
  4178. if (link_id == -1) {
  4179. GENL_SET_ERR_MSG(info,
  4180. "link ID must for MLO group key");
  4181. return -EINVAL;
  4182. }
  4183. if (!(wdev->valid_links & BIT(link_id))) {
  4184. GENL_SET_ERR_MSG(info, "invalid link ID for MLO group key");
  4185. return -EINVAL;
  4186. }
  4187. } else if (link_id != -1) {
  4188. GENL_SET_ERR_MSG(info, "link ID not allowed for non-MLO group key");
  4189. return -EINVAL;
  4190. }
  4191. return 0;
  4192. }
  4193. struct get_key_cookie {
  4194. struct sk_buff *msg;
  4195. int error;
  4196. int idx;
  4197. };
  4198. static void get_key_callback(void *c, struct key_params *params)
  4199. {
  4200. struct nlattr *key;
  4201. struct get_key_cookie *cookie = c;
  4202. if ((params->seq &&
  4203. nla_put(cookie->msg, NL80211_ATTR_KEY_SEQ,
  4204. params->seq_len, params->seq)) ||
  4205. (params->cipher &&
  4206. nla_put_u32(cookie->msg, NL80211_ATTR_KEY_CIPHER,
  4207. params->cipher)))
  4208. goto nla_put_failure;
  4209. key = nla_nest_start_noflag(cookie->msg, NL80211_ATTR_KEY);
  4210. if (!key)
  4211. goto nla_put_failure;
  4212. if ((params->seq &&
  4213. nla_put(cookie->msg, NL80211_KEY_SEQ,
  4214. params->seq_len, params->seq)) ||
  4215. (params->cipher &&
  4216. nla_put_u32(cookie->msg, NL80211_KEY_CIPHER,
  4217. params->cipher)))
  4218. goto nla_put_failure;
  4219. if (nla_put_u8(cookie->msg, NL80211_KEY_IDX, cookie->idx))
  4220. goto nla_put_failure;
  4221. nla_nest_end(cookie->msg, key);
  4222. return;
  4223. nla_put_failure:
  4224. cookie->error = 1;
  4225. }
  4226. static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info)
  4227. {
  4228. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  4229. int err;
  4230. struct net_device *dev = info->user_ptr[1];
  4231. u8 key_idx = 0;
  4232. const u8 *mac_addr = NULL;
  4233. bool pairwise;
  4234. struct get_key_cookie cookie = {
  4235. .error = 0,
  4236. };
  4237. void *hdr;
  4238. struct sk_buff *msg;
  4239. bool bigtk_support = false;
  4240. int link_id = nl80211_link_id_or_invalid(info->attrs);
  4241. struct wireless_dev *wdev = dev->ieee80211_ptr;
  4242. if (wiphy_ext_feature_isset(&rdev->wiphy,
  4243. NL80211_EXT_FEATURE_BEACON_PROTECTION))
  4244. bigtk_support = true;
  4245. if ((wdev->iftype == NL80211_IFTYPE_STATION ||
  4246. wdev->iftype == NL80211_IFTYPE_P2P_CLIENT) &&
  4247. wiphy_ext_feature_isset(&rdev->wiphy,
  4248. NL80211_EXT_FEATURE_BEACON_PROTECTION_CLIENT))
  4249. bigtk_support = true;
  4250. if (info->attrs[NL80211_ATTR_KEY_IDX]) {
  4251. key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);
  4252. if (key_idx >= 6 && key_idx <= 7 && !bigtk_support) {
  4253. GENL_SET_ERR_MSG(info, "BIGTK not supported");
  4254. return -EINVAL;
  4255. }
  4256. }
  4257. if (info->attrs[NL80211_ATTR_MAC])
  4258. mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
  4259. pairwise = !!mac_addr;
  4260. if (info->attrs[NL80211_ATTR_KEY_TYPE]) {
  4261. u32 kt = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]);
  4262. if (kt != NL80211_KEYTYPE_GROUP &&
  4263. kt != NL80211_KEYTYPE_PAIRWISE)
  4264. return -EINVAL;
  4265. pairwise = kt == NL80211_KEYTYPE_PAIRWISE;
  4266. }
  4267. if (!rdev->ops->get_key)
  4268. return -EOPNOTSUPP;
  4269. if (!pairwise && mac_addr && !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN))
  4270. return -ENOENT;
  4271. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  4272. if (!msg)
  4273. return -ENOMEM;
  4274. hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
  4275. NL80211_CMD_NEW_KEY);
  4276. if (!hdr)
  4277. goto nla_put_failure;
  4278. cookie.msg = msg;
  4279. cookie.idx = key_idx;
  4280. if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
  4281. nla_put_u8(msg, NL80211_ATTR_KEY_IDX, key_idx))
  4282. goto nla_put_failure;
  4283. if (mac_addr &&
  4284. nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr))
  4285. goto nla_put_failure;
  4286. err = nl80211_validate_key_link_id(info, wdev, link_id, pairwise);
  4287. if (err)
  4288. goto free_msg;
  4289. err = rdev_get_key(rdev, dev, link_id, key_idx, pairwise, mac_addr,
  4290. &cookie, get_key_callback);
  4291. if (err)
  4292. goto free_msg;
  4293. if (cookie.error)
  4294. goto nla_put_failure;
  4295. genlmsg_end(msg, hdr);
  4296. return genlmsg_reply(msg, info);
  4297. nla_put_failure:
  4298. err = -ENOBUFS;
  4299. free_msg:
  4300. nlmsg_free(msg);
  4301. return err;
  4302. }
  4303. static int nl80211_set_key(struct sk_buff *skb, struct genl_info *info)
  4304. {
  4305. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  4306. struct key_parse key;
  4307. int err;
  4308. struct net_device *dev = info->user_ptr[1];
  4309. int link_id = nl80211_link_id_or_invalid(info->attrs);
  4310. struct wireless_dev *wdev = dev->ieee80211_ptr;
  4311. err = nl80211_parse_key(info, &key);
  4312. if (err)
  4313. return err;
  4314. if (key.idx < 0)
  4315. return -EINVAL;
  4316. /* Only support setting default key and
  4317. * Extended Key ID action NL80211_KEY_SET_TX.
  4318. */
  4319. if (!key.def && !key.defmgmt && !key.defbeacon &&
  4320. !(key.p.mode == NL80211_KEY_SET_TX))
  4321. return -EINVAL;
  4322. if (key.def) {
  4323. if (!rdev->ops->set_default_key)
  4324. return -EOPNOTSUPP;
  4325. err = nl80211_key_allowed(wdev);
  4326. if (err)
  4327. return err;
  4328. err = nl80211_validate_key_link_id(info, wdev, link_id, false);
  4329. if (err)
  4330. return err;
  4331. err = rdev_set_default_key(rdev, dev, link_id, key.idx,
  4332. key.def_uni, key.def_multi);
  4333. if (err)
  4334. return err;
  4335. #ifdef CONFIG_CFG80211_WEXT
  4336. wdev->wext.default_key = key.idx;
  4337. #endif
  4338. return 0;
  4339. } else if (key.defmgmt) {
  4340. if (key.def_uni || !key.def_multi)
  4341. return -EINVAL;
  4342. if (!rdev->ops->set_default_mgmt_key)
  4343. return -EOPNOTSUPP;
  4344. err = nl80211_key_allowed(wdev);
  4345. if (err)
  4346. return err;
  4347. err = nl80211_validate_key_link_id(info, wdev, link_id, false);
  4348. if (err)
  4349. return err;
  4350. err = rdev_set_default_mgmt_key(rdev, dev, link_id, key.idx);
  4351. if (err)
  4352. return err;
  4353. #ifdef CONFIG_CFG80211_WEXT
  4354. wdev->wext.default_mgmt_key = key.idx;
  4355. #endif
  4356. return 0;
  4357. } else if (key.defbeacon) {
  4358. if (key.def_uni || !key.def_multi)
  4359. return -EINVAL;
  4360. if (!rdev->ops->set_default_beacon_key)
  4361. return -EOPNOTSUPP;
  4362. err = nl80211_key_allowed(wdev);
  4363. if (err)
  4364. return err;
  4365. err = nl80211_validate_key_link_id(info, wdev, link_id, false);
  4366. if (err)
  4367. return err;
  4368. return rdev_set_default_beacon_key(rdev, dev, link_id, key.idx);
  4369. } else if (key.p.mode == NL80211_KEY_SET_TX &&
  4370. wiphy_ext_feature_isset(&rdev->wiphy,
  4371. NL80211_EXT_FEATURE_EXT_KEY_ID)) {
  4372. u8 *mac_addr = NULL;
  4373. if (info->attrs[NL80211_ATTR_MAC])
  4374. mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
  4375. if (!mac_addr || key.idx < 0 || key.idx > 1)
  4376. return -EINVAL;
  4377. err = nl80211_validate_key_link_id(info, wdev, link_id, true);
  4378. if (err)
  4379. return err;
  4380. return rdev_add_key(rdev, dev, link_id, key.idx,
  4381. NL80211_KEYTYPE_PAIRWISE,
  4382. mac_addr, &key.p);
  4383. }
  4384. return -EINVAL;
  4385. }
  4386. static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info)
  4387. {
  4388. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  4389. int err;
  4390. struct net_device *dev = info->user_ptr[1];
  4391. struct key_parse key;
  4392. const u8 *mac_addr = NULL;
  4393. int link_id = nl80211_link_id_or_invalid(info->attrs);
  4394. struct wireless_dev *wdev = dev->ieee80211_ptr;
  4395. err = nl80211_parse_key(info, &key);
  4396. if (err)
  4397. return err;
  4398. if (!key.p.key) {
  4399. GENL_SET_ERR_MSG(info, "no key");
  4400. return -EINVAL;
  4401. }
  4402. if (info->attrs[NL80211_ATTR_MAC])
  4403. mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
  4404. if (key.type == -1) {
  4405. if (mac_addr)
  4406. key.type = NL80211_KEYTYPE_PAIRWISE;
  4407. else
  4408. key.type = NL80211_KEYTYPE_GROUP;
  4409. }
  4410. /* for now */
  4411. if (key.type != NL80211_KEYTYPE_PAIRWISE &&
  4412. key.type != NL80211_KEYTYPE_GROUP) {
  4413. GENL_SET_ERR_MSG(info, "key type not pairwise or group");
  4414. return -EINVAL;
  4415. }
  4416. if (key.type == NL80211_KEYTYPE_GROUP &&
  4417. info->attrs[NL80211_ATTR_VLAN_ID])
  4418. key.p.vlan_id = nla_get_u16(info->attrs[NL80211_ATTR_VLAN_ID]);
  4419. if (!rdev->ops->add_key)
  4420. return -EOPNOTSUPP;
  4421. if (cfg80211_validate_key_settings(rdev, &key.p, key.idx,
  4422. key.type == NL80211_KEYTYPE_PAIRWISE,
  4423. mac_addr)) {
  4424. GENL_SET_ERR_MSG(info, "key setting validation failed");
  4425. return -EINVAL;
  4426. }
  4427. err = nl80211_key_allowed(wdev);
  4428. if (err)
  4429. GENL_SET_ERR_MSG(info, "key not allowed");
  4430. if (!err)
  4431. err = nl80211_validate_key_link_id(info, wdev, link_id,
  4432. key.type == NL80211_KEYTYPE_PAIRWISE);
  4433. if (!err) {
  4434. err = rdev_add_key(rdev, dev, link_id, key.idx,
  4435. key.type == NL80211_KEYTYPE_PAIRWISE,
  4436. mac_addr, &key.p);
  4437. if (err)
  4438. GENL_SET_ERR_MSG(info, "key addition failed");
  4439. }
  4440. return err;
  4441. }
  4442. static int nl80211_del_key(struct sk_buff *skb, struct genl_info *info)
  4443. {
  4444. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  4445. int err;
  4446. struct net_device *dev = info->user_ptr[1];
  4447. u8 *mac_addr = NULL;
  4448. struct key_parse key;
  4449. int link_id = nl80211_link_id_or_invalid(info->attrs);
  4450. struct wireless_dev *wdev = dev->ieee80211_ptr;
  4451. err = nl80211_parse_key(info, &key);
  4452. if (err)
  4453. return err;
  4454. if (info->attrs[NL80211_ATTR_MAC])
  4455. mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
  4456. if (key.type == -1) {
  4457. if (mac_addr)
  4458. key.type = NL80211_KEYTYPE_PAIRWISE;
  4459. else
  4460. key.type = NL80211_KEYTYPE_GROUP;
  4461. }
  4462. /* for now */
  4463. if (key.type != NL80211_KEYTYPE_PAIRWISE &&
  4464. key.type != NL80211_KEYTYPE_GROUP)
  4465. return -EINVAL;
  4466. if (!cfg80211_valid_key_idx(rdev, key.idx,
  4467. key.type == NL80211_KEYTYPE_PAIRWISE))
  4468. return -EINVAL;
  4469. if (!rdev->ops->del_key)
  4470. return -EOPNOTSUPP;
  4471. err = nl80211_key_allowed(wdev);
  4472. if (key.type == NL80211_KEYTYPE_GROUP && mac_addr &&
  4473. !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN))
  4474. err = -ENOENT;
  4475. if (!err)
  4476. err = nl80211_validate_key_link_id(info, wdev, link_id,
  4477. key.type == NL80211_KEYTYPE_PAIRWISE);
  4478. if (!err)
  4479. err = rdev_del_key(rdev, dev, link_id, key.idx,
  4480. key.type == NL80211_KEYTYPE_PAIRWISE,
  4481. mac_addr);
  4482. #ifdef CONFIG_CFG80211_WEXT
  4483. if (!err) {
  4484. if (key.idx == wdev->wext.default_key)
  4485. wdev->wext.default_key = -1;
  4486. else if (key.idx == wdev->wext.default_mgmt_key)
  4487. wdev->wext.default_mgmt_key = -1;
  4488. }
  4489. #endif
  4490. return err;
  4491. }
  4492. /* This function returns an error or the number of nested attributes */
  4493. static int validate_acl_mac_addrs(struct nlattr *nl_attr)
  4494. {
  4495. struct nlattr *attr;
  4496. int n_entries = 0, tmp;
  4497. nla_for_each_nested(attr, nl_attr, tmp) {
  4498. if (nla_len(attr) != ETH_ALEN)
  4499. return -EINVAL;
  4500. n_entries++;
  4501. }
  4502. return n_entries;
  4503. }
  4504. /*
  4505. * This function parses ACL information and allocates memory for ACL data.
  4506. * On successful return, the calling function is responsible to free the
  4507. * ACL buffer returned by this function.
  4508. */
  4509. static struct cfg80211_acl_data *parse_acl_data(struct wiphy *wiphy,
  4510. struct genl_info *info)
  4511. {
  4512. enum nl80211_acl_policy acl_policy;
  4513. struct nlattr *attr;
  4514. struct cfg80211_acl_data *acl;
  4515. int i = 0, n_entries, tmp;
  4516. if (!wiphy->max_acl_mac_addrs)
  4517. return ERR_PTR(-EOPNOTSUPP);
  4518. if (!info->attrs[NL80211_ATTR_ACL_POLICY])
  4519. return ERR_PTR(-EINVAL);
  4520. acl_policy = nla_get_u32(info->attrs[NL80211_ATTR_ACL_POLICY]);
  4521. if (acl_policy != NL80211_ACL_POLICY_ACCEPT_UNLESS_LISTED &&
  4522. acl_policy != NL80211_ACL_POLICY_DENY_UNLESS_LISTED)
  4523. return ERR_PTR(-EINVAL);
  4524. if (!info->attrs[NL80211_ATTR_MAC_ADDRS])
  4525. return ERR_PTR(-EINVAL);
  4526. n_entries = validate_acl_mac_addrs(info->attrs[NL80211_ATTR_MAC_ADDRS]);
  4527. if (n_entries < 0)
  4528. return ERR_PTR(n_entries);
  4529. if (n_entries > wiphy->max_acl_mac_addrs)
  4530. return ERR_PTR(-EOPNOTSUPP);
  4531. acl = kzalloc_flex(*acl, mac_addrs, n_entries);
  4532. if (!acl)
  4533. return ERR_PTR(-ENOMEM);
  4534. acl->n_acl_entries = n_entries;
  4535. nla_for_each_nested(attr, info->attrs[NL80211_ATTR_MAC_ADDRS], tmp) {
  4536. memcpy(acl->mac_addrs[i].addr, nla_data(attr), ETH_ALEN);
  4537. i++;
  4538. }
  4539. acl->acl_policy = acl_policy;
  4540. return acl;
  4541. }
  4542. static int nl80211_set_mac_acl(struct sk_buff *skb, struct genl_info *info)
  4543. {
  4544. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  4545. struct net_device *dev = info->user_ptr[1];
  4546. struct cfg80211_acl_data *acl;
  4547. int err;
  4548. if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
  4549. dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
  4550. return -EOPNOTSUPP;
  4551. if (!dev->ieee80211_ptr->links[0].ap.beacon_interval)
  4552. return -EINVAL;
  4553. acl = parse_acl_data(&rdev->wiphy, info);
  4554. if (IS_ERR(acl))
  4555. return PTR_ERR(acl);
  4556. err = rdev_set_mac_acl(rdev, dev, acl);
  4557. kfree(acl);
  4558. return err;
  4559. }
  4560. static u32 rateset_to_mask(struct ieee80211_supported_band *sband,
  4561. u8 *rates, u8 rates_len)
  4562. {
  4563. u8 i;
  4564. u32 mask = 0;
  4565. for (i = 0; i < rates_len; i++) {
  4566. int rate = (rates[i] & 0x7f) * 5;
  4567. int ridx;
  4568. for (ridx = 0; ridx < sband->n_bitrates; ridx++) {
  4569. struct ieee80211_rate *srate =
  4570. &sband->bitrates[ridx];
  4571. if (rate == srate->bitrate) {
  4572. mask |= 1 << ridx;
  4573. break;
  4574. }
  4575. }
  4576. if (ridx == sband->n_bitrates)
  4577. return 0; /* rate not found */
  4578. }
  4579. return mask;
  4580. }
  4581. static bool ht_rateset_to_mask(struct ieee80211_supported_band *sband,
  4582. u8 *rates, u8 rates_len,
  4583. u8 mcs[IEEE80211_HT_MCS_MASK_LEN])
  4584. {
  4585. u8 i;
  4586. memset(mcs, 0, IEEE80211_HT_MCS_MASK_LEN);
  4587. for (i = 0; i < rates_len; i++) {
  4588. int ridx, rbit;
  4589. ridx = rates[i] / 8;
  4590. rbit = BIT(rates[i] % 8);
  4591. /* check validity */
  4592. if ((ridx < 0) || (ridx >= IEEE80211_HT_MCS_MASK_LEN))
  4593. return false;
  4594. /* check availability */
  4595. ridx = array_index_nospec(ridx, IEEE80211_HT_MCS_MASK_LEN);
  4596. if (sband->ht_cap.mcs.rx_mask[ridx] & rbit)
  4597. mcs[ridx] |= rbit;
  4598. else
  4599. return false;
  4600. }
  4601. return true;
  4602. }
  4603. static u16 vht_mcs_map_to_mcs_mask(u8 vht_mcs_map)
  4604. {
  4605. u16 mcs_mask = 0;
  4606. switch (vht_mcs_map) {
  4607. case IEEE80211_VHT_MCS_NOT_SUPPORTED:
  4608. break;
  4609. case IEEE80211_VHT_MCS_SUPPORT_0_7:
  4610. mcs_mask = 0x00FF;
  4611. break;
  4612. case IEEE80211_VHT_MCS_SUPPORT_0_8:
  4613. mcs_mask = 0x01FF;
  4614. break;
  4615. case IEEE80211_VHT_MCS_SUPPORT_0_9:
  4616. mcs_mask = 0x03FF;
  4617. break;
  4618. default:
  4619. break;
  4620. }
  4621. return mcs_mask;
  4622. }
  4623. static void vht_build_mcs_mask(u16 vht_mcs_map,
  4624. u16 vht_mcs_mask[NL80211_VHT_NSS_MAX])
  4625. {
  4626. u8 nss;
  4627. for (nss = 0; nss < NL80211_VHT_NSS_MAX; nss++) {
  4628. vht_mcs_mask[nss] = vht_mcs_map_to_mcs_mask(vht_mcs_map & 0x03);
  4629. vht_mcs_map >>= 2;
  4630. }
  4631. }
  4632. static bool vht_set_mcs_mask(struct ieee80211_supported_band *sband,
  4633. struct nl80211_txrate_vht *txrate,
  4634. u16 mcs[NL80211_VHT_NSS_MAX])
  4635. {
  4636. u16 tx_mcs_map = le16_to_cpu(sband->vht_cap.vht_mcs.tx_mcs_map);
  4637. u16 tx_mcs_mask[NL80211_VHT_NSS_MAX] = {};
  4638. u8 i;
  4639. if (!sband->vht_cap.vht_supported)
  4640. return false;
  4641. memset(mcs, 0, sizeof(u16) * NL80211_VHT_NSS_MAX);
  4642. /* Build vht_mcs_mask from VHT capabilities */
  4643. vht_build_mcs_mask(tx_mcs_map, tx_mcs_mask);
  4644. for (i = 0; i < NL80211_VHT_NSS_MAX; i++) {
  4645. if ((tx_mcs_mask[i] & txrate->mcs[i]) == txrate->mcs[i])
  4646. mcs[i] = txrate->mcs[i];
  4647. else
  4648. return false;
  4649. }
  4650. return true;
  4651. }
  4652. static u16 he_mcs_map_to_mcs_mask(u8 he_mcs_map)
  4653. {
  4654. switch (he_mcs_map) {
  4655. case IEEE80211_HE_MCS_NOT_SUPPORTED:
  4656. return 0;
  4657. case IEEE80211_HE_MCS_SUPPORT_0_7:
  4658. return 0x00FF;
  4659. case IEEE80211_HE_MCS_SUPPORT_0_9:
  4660. return 0x03FF;
  4661. case IEEE80211_HE_MCS_SUPPORT_0_11:
  4662. return 0xFFF;
  4663. default:
  4664. break;
  4665. }
  4666. return 0;
  4667. }
  4668. static void he_build_mcs_mask(u16 he_mcs_map,
  4669. u16 he_mcs_mask[NL80211_HE_NSS_MAX])
  4670. {
  4671. u8 nss;
  4672. for (nss = 0; nss < NL80211_HE_NSS_MAX; nss++) {
  4673. he_mcs_mask[nss] = he_mcs_map_to_mcs_mask(he_mcs_map & 0x03);
  4674. he_mcs_map >>= 2;
  4675. }
  4676. }
  4677. static u16 he_get_txmcsmap(struct genl_info *info, unsigned int link_id,
  4678. const struct ieee80211_sta_he_cap *he_cap)
  4679. {
  4680. struct net_device *dev = info->user_ptr[1];
  4681. struct wireless_dev *wdev = dev->ieee80211_ptr;
  4682. struct cfg80211_chan_def *chandef;
  4683. __le16 tx_mcs;
  4684. chandef = wdev_chandef(wdev, link_id);
  4685. if (!chandef) {
  4686. /*
  4687. * This is probably broken, but we never maintained
  4688. * a chandef in these cases, so it always was.
  4689. */
  4690. return le16_to_cpu(he_cap->he_mcs_nss_supp.tx_mcs_80);
  4691. }
  4692. switch (chandef->width) {
  4693. case NL80211_CHAN_WIDTH_80P80:
  4694. tx_mcs = he_cap->he_mcs_nss_supp.tx_mcs_80p80;
  4695. break;
  4696. case NL80211_CHAN_WIDTH_160:
  4697. tx_mcs = he_cap->he_mcs_nss_supp.tx_mcs_160;
  4698. break;
  4699. default:
  4700. tx_mcs = he_cap->he_mcs_nss_supp.tx_mcs_80;
  4701. break;
  4702. }
  4703. return le16_to_cpu(tx_mcs);
  4704. }
  4705. static bool he_set_mcs_mask(struct genl_info *info,
  4706. struct wireless_dev *wdev,
  4707. struct ieee80211_supported_band *sband,
  4708. struct nl80211_txrate_he *txrate,
  4709. u16 mcs[NL80211_HE_NSS_MAX],
  4710. unsigned int link_id)
  4711. {
  4712. const struct ieee80211_sta_he_cap *he_cap;
  4713. u16 tx_mcs_mask[NL80211_HE_NSS_MAX] = {};
  4714. u16 tx_mcs_map = 0;
  4715. u8 i;
  4716. he_cap = ieee80211_get_he_iftype_cap(sband, wdev->iftype);
  4717. if (!he_cap)
  4718. return false;
  4719. memset(mcs, 0, sizeof(u16) * NL80211_HE_NSS_MAX);
  4720. tx_mcs_map = he_get_txmcsmap(info, link_id, he_cap);
  4721. /* Build he_mcs_mask from HE capabilities */
  4722. he_build_mcs_mask(tx_mcs_map, tx_mcs_mask);
  4723. for (i = 0; i < NL80211_HE_NSS_MAX; i++) {
  4724. if ((tx_mcs_mask[i] & txrate->mcs[i]) == txrate->mcs[i])
  4725. mcs[i] = txrate->mcs[i];
  4726. else
  4727. return false;
  4728. }
  4729. return true;
  4730. }
  4731. static void eht_build_mcs_mask(struct genl_info *info,
  4732. const struct ieee80211_sta_eht_cap *eht_cap,
  4733. u8 mcs_nss_len, u16 *mcs_mask)
  4734. {
  4735. struct net_device *dev = info->user_ptr[1];
  4736. struct wireless_dev *wdev = dev->ieee80211_ptr;
  4737. u8 nss, mcs_7 = 0, mcs_9 = 0, mcs_11 = 0, mcs_13 = 0;
  4738. unsigned int link_id = nl80211_link_id(info->attrs);
  4739. if (mcs_nss_len == 4) {
  4740. const struct ieee80211_eht_mcs_nss_supp_20mhz_only *mcs =
  4741. &eht_cap->eht_mcs_nss_supp.only_20mhz;
  4742. mcs_7 = u8_get_bits(mcs->rx_tx_mcs7_max_nss,
  4743. IEEE80211_EHT_MCS_NSS_TX);
  4744. mcs_9 = u8_get_bits(mcs->rx_tx_mcs9_max_nss,
  4745. IEEE80211_EHT_MCS_NSS_TX);
  4746. mcs_11 = u8_get_bits(mcs->rx_tx_mcs11_max_nss,
  4747. IEEE80211_EHT_MCS_NSS_TX);
  4748. mcs_13 = u8_get_bits(mcs->rx_tx_mcs13_max_nss,
  4749. IEEE80211_EHT_MCS_NSS_TX);
  4750. } else {
  4751. const struct ieee80211_eht_mcs_nss_supp_bw *mcs;
  4752. enum nl80211_chan_width width;
  4753. switch (wdev->iftype) {
  4754. case NL80211_IFTYPE_ADHOC:
  4755. width = wdev->u.ibss.chandef.width;
  4756. break;
  4757. case NL80211_IFTYPE_MESH_POINT:
  4758. width = wdev->u.mesh.chandef.width;
  4759. break;
  4760. case NL80211_IFTYPE_OCB:
  4761. width = wdev->u.ocb.chandef.width;
  4762. break;
  4763. default:
  4764. if (wdev->valid_links)
  4765. width = wdev->links[link_id].ap.chandef.width;
  4766. else
  4767. width = wdev->u.ap.preset_chandef.width;
  4768. break;
  4769. }
  4770. switch (width) {
  4771. case NL80211_CHAN_WIDTH_320:
  4772. mcs = &eht_cap->eht_mcs_nss_supp.bw._320;
  4773. break;
  4774. case NL80211_CHAN_WIDTH_160:
  4775. mcs = &eht_cap->eht_mcs_nss_supp.bw._160;
  4776. break;
  4777. default:
  4778. mcs = &eht_cap->eht_mcs_nss_supp.bw._80;
  4779. break;
  4780. }
  4781. mcs_7 = u8_get_bits(mcs->rx_tx_mcs9_max_nss,
  4782. IEEE80211_EHT_MCS_NSS_TX);
  4783. mcs_9 = u8_get_bits(mcs->rx_tx_mcs9_max_nss,
  4784. IEEE80211_EHT_MCS_NSS_TX);
  4785. mcs_11 = u8_get_bits(mcs->rx_tx_mcs11_max_nss,
  4786. IEEE80211_EHT_MCS_NSS_TX);
  4787. mcs_13 = u8_get_bits(mcs->rx_tx_mcs13_max_nss,
  4788. IEEE80211_EHT_MCS_NSS_TX);
  4789. }
  4790. /* Enable MCS 14 for NSS 0 */
  4791. if (eht_cap->eht_cap_elem.phy_cap_info[6] &
  4792. IEEE80211_EHT_PHY_CAP6_EHT_DUP_6GHZ_SUPP)
  4793. mcs_mask[0] |= 0x4000;
  4794. /* Enable MCS 15 for NSS 0 */
  4795. mcs_mask[0] |= 0x8000;
  4796. for (nss = 0; nss < NL80211_EHT_NSS_MAX; nss++) {
  4797. if (!mcs_7)
  4798. continue;
  4799. mcs_mask[nss] |= 0x00FF;
  4800. mcs_7--;
  4801. if (!mcs_9)
  4802. continue;
  4803. mcs_mask[nss] |= 0x0300;
  4804. mcs_9--;
  4805. if (!mcs_11)
  4806. continue;
  4807. mcs_mask[nss] |= 0x0C00;
  4808. mcs_11--;
  4809. if (!mcs_13)
  4810. continue;
  4811. mcs_mask[nss] |= 0x3000;
  4812. mcs_13--;
  4813. }
  4814. }
  4815. static bool eht_set_mcs_mask(struct genl_info *info, struct wireless_dev *wdev,
  4816. struct ieee80211_supported_band *sband,
  4817. struct nl80211_txrate_eht *txrate,
  4818. u16 mcs[NL80211_EHT_NSS_MAX])
  4819. {
  4820. const struct ieee80211_sta_he_cap *he_cap;
  4821. const struct ieee80211_sta_eht_cap *eht_cap;
  4822. u16 tx_mcs_mask[NL80211_EHT_NSS_MAX] = { 0 };
  4823. u8 i, mcs_nss_len;
  4824. he_cap = ieee80211_get_he_iftype_cap(sband, wdev->iftype);
  4825. if (!he_cap)
  4826. return false;
  4827. eht_cap = ieee80211_get_eht_iftype_cap(sband, wdev->iftype);
  4828. if (!eht_cap)
  4829. return false;
  4830. /* Checks for MCS 14 */
  4831. if (txrate->mcs[0] & 0x4000) {
  4832. if (sband->band != NL80211_BAND_6GHZ)
  4833. return false;
  4834. if (!(eht_cap->eht_cap_elem.phy_cap_info[6] &
  4835. IEEE80211_EHT_PHY_CAP6_EHT_DUP_6GHZ_SUPP))
  4836. return false;
  4837. }
  4838. mcs_nss_len = ieee80211_eht_mcs_nss_size(&he_cap->he_cap_elem,
  4839. &eht_cap->eht_cap_elem,
  4840. wdev->iftype ==
  4841. NL80211_IFTYPE_STATION);
  4842. if (mcs_nss_len == 3) {
  4843. /* Supported iftypes for setting non-20 MHZ only EHT MCS */
  4844. switch (wdev->iftype) {
  4845. case NL80211_IFTYPE_ADHOC:
  4846. case NL80211_IFTYPE_AP:
  4847. case NL80211_IFTYPE_P2P_GO:
  4848. case NL80211_IFTYPE_MESH_POINT:
  4849. case NL80211_IFTYPE_OCB:
  4850. break;
  4851. default:
  4852. return false;
  4853. }
  4854. }
  4855. /* Build eht_mcs_mask from EHT and HE capabilities */
  4856. eht_build_mcs_mask(info, eht_cap, mcs_nss_len, tx_mcs_mask);
  4857. memset(mcs, 0, sizeof(u16) * NL80211_EHT_NSS_MAX);
  4858. for (i = 0; i < NL80211_EHT_NSS_MAX; i++) {
  4859. if ((tx_mcs_mask[i] & txrate->mcs[i]) == txrate->mcs[i])
  4860. mcs[i] = txrate->mcs[i];
  4861. else
  4862. return false;
  4863. }
  4864. return true;
  4865. }
  4866. static int nl80211_parse_tx_bitrate_mask(struct genl_info *info,
  4867. struct nlattr *attrs[],
  4868. enum nl80211_attrs attr,
  4869. struct cfg80211_bitrate_mask *mask,
  4870. struct net_device *dev,
  4871. bool default_all_enabled,
  4872. unsigned int link_id)
  4873. {
  4874. struct nlattr *tb[NL80211_TXRATE_MAX + 1];
  4875. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  4876. struct wireless_dev *wdev = dev->ieee80211_ptr;
  4877. int rem, i;
  4878. struct nlattr *tx_rates;
  4879. struct ieee80211_supported_band *sband;
  4880. u16 vht_tx_mcs_map, he_tx_mcs_map;
  4881. memset(mask, 0, sizeof(*mask));
  4882. /* Default to all rates enabled */
  4883. for (i = 0; i < NUM_NL80211_BANDS; i++) {
  4884. const struct ieee80211_sta_he_cap *he_cap;
  4885. const struct ieee80211_sta_eht_cap *eht_cap;
  4886. u8 mcs_nss_len;
  4887. if (!default_all_enabled)
  4888. break;
  4889. sband = rdev->wiphy.bands[i];
  4890. if (!sband)
  4891. continue;
  4892. mask->control[i].legacy = (1 << sband->n_bitrates) - 1;
  4893. memcpy(mask->control[i].ht_mcs,
  4894. sband->ht_cap.mcs.rx_mask,
  4895. sizeof(mask->control[i].ht_mcs));
  4896. if (sband->vht_cap.vht_supported) {
  4897. vht_tx_mcs_map = le16_to_cpu(sband->vht_cap.vht_mcs.tx_mcs_map);
  4898. vht_build_mcs_mask(vht_tx_mcs_map, mask->control[i].vht_mcs);
  4899. }
  4900. he_cap = ieee80211_get_he_iftype_cap(sband, wdev->iftype);
  4901. if (!he_cap)
  4902. continue;
  4903. he_tx_mcs_map = he_get_txmcsmap(info, link_id, he_cap);
  4904. he_build_mcs_mask(he_tx_mcs_map, mask->control[i].he_mcs);
  4905. mask->control[i].he_gi = 0xFF;
  4906. mask->control[i].he_ltf = 0xFF;
  4907. eht_cap = ieee80211_get_eht_iftype_cap(sband, wdev->iftype);
  4908. if (!eht_cap)
  4909. continue;
  4910. mcs_nss_len = ieee80211_eht_mcs_nss_size(&he_cap->he_cap_elem,
  4911. &eht_cap->eht_cap_elem,
  4912. wdev->iftype ==
  4913. NL80211_IFTYPE_STATION);
  4914. eht_build_mcs_mask(info, eht_cap, mcs_nss_len,
  4915. mask->control[i].eht_mcs);
  4916. mask->control[i].eht_gi = 0xFF;
  4917. mask->control[i].eht_ltf = 0xFF;
  4918. }
  4919. /* if no rates are given set it back to the defaults */
  4920. if (!attrs[attr])
  4921. goto out;
  4922. /* The nested attribute uses enum nl80211_band as the index. This maps
  4923. * directly to the enum nl80211_band values used in cfg80211.
  4924. */
  4925. BUILD_BUG_ON(NL80211_MAX_SUPP_HT_RATES > IEEE80211_HT_MCS_MASK_LEN * 8);
  4926. nla_for_each_nested(tx_rates, attrs[attr], rem) {
  4927. enum nl80211_band band = nla_type(tx_rates);
  4928. int err;
  4929. if (band < 0 || band >= NUM_NL80211_BANDS)
  4930. return -EINVAL;
  4931. sband = rdev->wiphy.bands[band];
  4932. if (sband == NULL)
  4933. return -EINVAL;
  4934. err = nla_parse_nested_deprecated(tb, NL80211_TXRATE_MAX,
  4935. tx_rates,
  4936. nl80211_txattr_policy,
  4937. info->extack);
  4938. if (err)
  4939. return err;
  4940. if (tb[NL80211_TXRATE_LEGACY]) {
  4941. mask->control[band].legacy = rateset_to_mask(
  4942. sband,
  4943. nla_data(tb[NL80211_TXRATE_LEGACY]),
  4944. nla_len(tb[NL80211_TXRATE_LEGACY]));
  4945. if ((mask->control[band].legacy == 0) &&
  4946. nla_len(tb[NL80211_TXRATE_LEGACY]))
  4947. return -EINVAL;
  4948. }
  4949. if (tb[NL80211_TXRATE_HT]) {
  4950. if (!ht_rateset_to_mask(
  4951. sband,
  4952. nla_data(tb[NL80211_TXRATE_HT]),
  4953. nla_len(tb[NL80211_TXRATE_HT]),
  4954. mask->control[band].ht_mcs))
  4955. return -EINVAL;
  4956. }
  4957. if (tb[NL80211_TXRATE_VHT]) {
  4958. if (!vht_set_mcs_mask(
  4959. sband,
  4960. nla_data(tb[NL80211_TXRATE_VHT]),
  4961. mask->control[band].vht_mcs))
  4962. return -EINVAL;
  4963. }
  4964. if (tb[NL80211_TXRATE_GI]) {
  4965. mask->control[band].gi =
  4966. nla_get_u8(tb[NL80211_TXRATE_GI]);
  4967. if (mask->control[band].gi > NL80211_TXRATE_FORCE_LGI)
  4968. return -EINVAL;
  4969. }
  4970. if (tb[NL80211_TXRATE_HE] &&
  4971. !he_set_mcs_mask(info, wdev, sband,
  4972. nla_data(tb[NL80211_TXRATE_HE]),
  4973. mask->control[band].he_mcs,
  4974. link_id))
  4975. return -EINVAL;
  4976. if (tb[NL80211_TXRATE_HE_GI])
  4977. mask->control[band].he_gi =
  4978. nla_get_u8(tb[NL80211_TXRATE_HE_GI]);
  4979. if (tb[NL80211_TXRATE_HE_LTF])
  4980. mask->control[band].he_ltf =
  4981. nla_get_u8(tb[NL80211_TXRATE_HE_LTF]);
  4982. if (tb[NL80211_TXRATE_EHT] &&
  4983. !eht_set_mcs_mask(info, wdev, sband,
  4984. nla_data(tb[NL80211_TXRATE_EHT]),
  4985. mask->control[band].eht_mcs))
  4986. return -EINVAL;
  4987. if (tb[NL80211_TXRATE_EHT_GI])
  4988. mask->control[band].eht_gi =
  4989. nla_get_u8(tb[NL80211_TXRATE_EHT_GI]);
  4990. if (tb[NL80211_TXRATE_EHT_LTF])
  4991. mask->control[band].eht_ltf =
  4992. nla_get_u8(tb[NL80211_TXRATE_EHT_LTF]);
  4993. if (mask->control[band].legacy == 0) {
  4994. /* don't allow empty legacy rates if HT, VHT, HE or EHT
  4995. * are not even supported.
  4996. */
  4997. if (!(rdev->wiphy.bands[band]->ht_cap.ht_supported ||
  4998. rdev->wiphy.bands[band]->vht_cap.vht_supported ||
  4999. ieee80211_get_he_iftype_cap(sband, wdev->iftype) ||
  5000. ieee80211_get_eht_iftype_cap(sband, wdev->iftype)))
  5001. return -EINVAL;
  5002. for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++)
  5003. if (mask->control[band].ht_mcs[i])
  5004. goto out;
  5005. for (i = 0; i < NL80211_VHT_NSS_MAX; i++)
  5006. if (mask->control[band].vht_mcs[i])
  5007. goto out;
  5008. for (i = 0; i < NL80211_HE_NSS_MAX; i++)
  5009. if (mask->control[band].he_mcs[i])
  5010. goto out;
  5011. for (i = 0; i < NL80211_EHT_NSS_MAX; i++)
  5012. if (mask->control[band].eht_mcs[i])
  5013. goto out;
  5014. /* legacy and mcs rates may not be both empty */
  5015. return -EINVAL;
  5016. }
  5017. }
  5018. out:
  5019. return 0;
  5020. }
  5021. static int validate_beacon_tx_rate(struct cfg80211_registered_device *rdev,
  5022. enum nl80211_band band,
  5023. struct cfg80211_bitrate_mask *beacon_rate)
  5024. {
  5025. u32 count_ht, count_vht, count_he, count_eht, i;
  5026. u32 rate = beacon_rate->control[band].legacy;
  5027. /* Allow only one rate */
  5028. if (hweight32(rate) > 1)
  5029. return -EINVAL;
  5030. count_ht = 0;
  5031. for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
  5032. if (hweight8(beacon_rate->control[band].ht_mcs[i]) > 1) {
  5033. return -EINVAL;
  5034. } else if (beacon_rate->control[band].ht_mcs[i]) {
  5035. count_ht++;
  5036. if (count_ht > 1)
  5037. return -EINVAL;
  5038. }
  5039. if (count_ht && rate)
  5040. return -EINVAL;
  5041. }
  5042. count_vht = 0;
  5043. for (i = 0; i < NL80211_VHT_NSS_MAX; i++) {
  5044. if (hweight16(beacon_rate->control[band].vht_mcs[i]) > 1) {
  5045. return -EINVAL;
  5046. } else if (beacon_rate->control[band].vht_mcs[i]) {
  5047. count_vht++;
  5048. if (count_vht > 1)
  5049. return -EINVAL;
  5050. }
  5051. if (count_vht && rate)
  5052. return -EINVAL;
  5053. }
  5054. count_he = 0;
  5055. for (i = 0; i < NL80211_HE_NSS_MAX; i++) {
  5056. if (hweight16(beacon_rate->control[band].he_mcs[i]) > 1) {
  5057. return -EINVAL;
  5058. } else if (beacon_rate->control[band].he_mcs[i]) {
  5059. count_he++;
  5060. if (count_he > 1)
  5061. return -EINVAL;
  5062. }
  5063. if (count_he && rate)
  5064. return -EINVAL;
  5065. }
  5066. count_eht = 0;
  5067. for (i = 0; i < NL80211_EHT_NSS_MAX; i++) {
  5068. if (hweight16(beacon_rate->control[band].eht_mcs[i]) > 1) {
  5069. return -EINVAL;
  5070. } else if (beacon_rate->control[band].eht_mcs[i]) {
  5071. count_eht++;
  5072. if (count_eht > 1)
  5073. return -EINVAL;
  5074. }
  5075. if (count_eht && rate)
  5076. return -EINVAL;
  5077. }
  5078. if ((count_ht && count_vht && count_he && count_eht) ||
  5079. (!rate && !count_ht && !count_vht && !count_he && !count_eht))
  5080. return -EINVAL;
  5081. if (rate &&
  5082. !wiphy_ext_feature_isset(&rdev->wiphy,
  5083. NL80211_EXT_FEATURE_BEACON_RATE_LEGACY))
  5084. return -EINVAL;
  5085. if (count_ht &&
  5086. !wiphy_ext_feature_isset(&rdev->wiphy,
  5087. NL80211_EXT_FEATURE_BEACON_RATE_HT))
  5088. return -EINVAL;
  5089. if (count_vht &&
  5090. !wiphy_ext_feature_isset(&rdev->wiphy,
  5091. NL80211_EXT_FEATURE_BEACON_RATE_VHT))
  5092. return -EINVAL;
  5093. if (count_he &&
  5094. !wiphy_ext_feature_isset(&rdev->wiphy,
  5095. NL80211_EXT_FEATURE_BEACON_RATE_HE))
  5096. return -EINVAL;
  5097. if (count_eht &&
  5098. !wiphy_ext_feature_isset(&rdev->wiphy,
  5099. NL80211_EXT_FEATURE_BEACON_RATE_EHT))
  5100. return -EINVAL;
  5101. return 0;
  5102. }
  5103. static int nl80211_parse_mbssid_config(struct wiphy *wiphy,
  5104. struct net_device *dev,
  5105. unsigned int link_id,
  5106. struct nlattr *attrs,
  5107. struct cfg80211_mbssid_config *config,
  5108. u8 num_elems)
  5109. {
  5110. struct nlattr *tb[NL80211_MBSSID_CONFIG_ATTR_MAX + 1];
  5111. int tx_link_id = -1;
  5112. if (!wiphy->mbssid_max_interfaces)
  5113. return -EOPNOTSUPP;
  5114. if (nla_parse_nested(tb, NL80211_MBSSID_CONFIG_ATTR_MAX, attrs, NULL,
  5115. NULL) ||
  5116. !tb[NL80211_MBSSID_CONFIG_ATTR_INDEX])
  5117. return -EINVAL;
  5118. config->ema = nla_get_flag(tb[NL80211_MBSSID_CONFIG_ATTR_EMA]);
  5119. if (config->ema) {
  5120. if (!wiphy->ema_max_profile_periodicity)
  5121. return -EOPNOTSUPP;
  5122. if (num_elems > wiphy->ema_max_profile_periodicity)
  5123. return -EINVAL;
  5124. }
  5125. config->index = nla_get_u8(tb[NL80211_MBSSID_CONFIG_ATTR_INDEX]);
  5126. if (config->index >= wiphy->mbssid_max_interfaces ||
  5127. (!config->index && !num_elems))
  5128. return -EINVAL;
  5129. if (tb[NL80211_MBSSID_CONFIG_ATTR_TX_LINK_ID])
  5130. tx_link_id = nla_get_u8(tb[NL80211_MBSSID_CONFIG_ATTR_TX_LINK_ID]);
  5131. if (tb[NL80211_MBSSID_CONFIG_ATTR_TX_IFINDEX]) {
  5132. u32 tx_ifindex =
  5133. nla_get_u32(tb[NL80211_MBSSID_CONFIG_ATTR_TX_IFINDEX]);
  5134. if ((!config->index && tx_ifindex != dev->ifindex) ||
  5135. (config->index && tx_ifindex == dev->ifindex))
  5136. return -EINVAL;
  5137. if (tx_ifindex != dev->ifindex) {
  5138. struct net_device *tx_netdev =
  5139. dev_get_by_index(wiphy_net(wiphy), tx_ifindex);
  5140. if (!tx_netdev || !tx_netdev->ieee80211_ptr ||
  5141. tx_netdev->ieee80211_ptr->wiphy != wiphy ||
  5142. tx_netdev->ieee80211_ptr->iftype !=
  5143. NL80211_IFTYPE_AP) {
  5144. dev_put(tx_netdev);
  5145. return -EINVAL;
  5146. }
  5147. config->tx_wdev = tx_netdev->ieee80211_ptr;
  5148. /* Caller should call dev_put(config->tx_wdev) from this point */
  5149. if (config->tx_wdev->valid_links) {
  5150. if (tx_link_id == -1 ||
  5151. !(config->tx_wdev->valid_links & BIT(tx_link_id)))
  5152. return -ENOLINK;
  5153. config->tx_link_id = tx_link_id;
  5154. }
  5155. } else {
  5156. if (tx_link_id >= 0 && tx_link_id != link_id)
  5157. return -EINVAL;
  5158. config->tx_wdev = dev->ieee80211_ptr;
  5159. }
  5160. } else if (!config->index) {
  5161. if (tx_link_id >= 0 && tx_link_id != link_id)
  5162. return -EINVAL;
  5163. config->tx_wdev = dev->ieee80211_ptr;
  5164. } else {
  5165. return -EINVAL;
  5166. }
  5167. return 0;
  5168. }
  5169. static struct cfg80211_mbssid_elems *
  5170. nl80211_parse_mbssid_elems(struct wiphy *wiphy, struct nlattr *attrs)
  5171. {
  5172. struct nlattr *nl_elems;
  5173. struct cfg80211_mbssid_elems *elems;
  5174. int rem_elems;
  5175. u8 i = 0, num_elems = 0;
  5176. if (!wiphy->mbssid_max_interfaces)
  5177. return ERR_PTR(-EINVAL);
  5178. nla_for_each_nested(nl_elems, attrs, rem_elems) {
  5179. if (num_elems >= 255)
  5180. return ERR_PTR(-EINVAL);
  5181. num_elems++;
  5182. }
  5183. elems = kzalloc_flex(*elems, elem, num_elems);
  5184. if (!elems)
  5185. return ERR_PTR(-ENOMEM);
  5186. elems->cnt = num_elems;
  5187. nla_for_each_nested(nl_elems, attrs, rem_elems) {
  5188. elems->elem[i].data = nla_data(nl_elems);
  5189. elems->elem[i].len = nla_len(nl_elems);
  5190. i++;
  5191. }
  5192. return elems;
  5193. }
  5194. static struct cfg80211_rnr_elems *
  5195. nl80211_parse_rnr_elems(struct wiphy *wiphy, struct nlattr *attrs,
  5196. struct netlink_ext_ack *extack)
  5197. {
  5198. struct nlattr *nl_elems;
  5199. struct cfg80211_rnr_elems *elems;
  5200. int rem_elems;
  5201. u8 i = 0, num_elems = 0;
  5202. nla_for_each_nested(nl_elems, attrs, rem_elems) {
  5203. int ret;
  5204. ret = validate_ie_attr(nl_elems, extack);
  5205. if (ret)
  5206. return ERR_PTR(ret);
  5207. num_elems++;
  5208. }
  5209. elems = kzalloc_flex(*elems, elem, num_elems);
  5210. if (!elems)
  5211. return ERR_PTR(-ENOMEM);
  5212. elems->cnt = num_elems;
  5213. nla_for_each_nested(nl_elems, attrs, rem_elems) {
  5214. elems->elem[i].data = nla_data(nl_elems);
  5215. elems->elem[i].len = nla_len(nl_elems);
  5216. i++;
  5217. }
  5218. return elems;
  5219. }
  5220. static int nl80211_parse_he_bss_color(struct nlattr *attrs,
  5221. struct cfg80211_he_bss_color *he_bss_color)
  5222. {
  5223. struct nlattr *tb[NL80211_HE_BSS_COLOR_ATTR_MAX + 1];
  5224. int err;
  5225. err = nla_parse_nested(tb, NL80211_HE_BSS_COLOR_ATTR_MAX, attrs,
  5226. he_bss_color_policy, NULL);
  5227. if (err)
  5228. return err;
  5229. if (!tb[NL80211_HE_BSS_COLOR_ATTR_COLOR])
  5230. return -EINVAL;
  5231. he_bss_color->color =
  5232. nla_get_u8(tb[NL80211_HE_BSS_COLOR_ATTR_COLOR]);
  5233. he_bss_color->enabled =
  5234. !nla_get_flag(tb[NL80211_HE_BSS_COLOR_ATTR_DISABLED]);
  5235. he_bss_color->partial =
  5236. nla_get_flag(tb[NL80211_HE_BSS_COLOR_ATTR_PARTIAL]);
  5237. return 0;
  5238. }
  5239. static int nl80211_parse_beacon(struct cfg80211_registered_device *rdev,
  5240. struct nlattr *attrs[],
  5241. struct cfg80211_beacon_data *bcn,
  5242. struct netlink_ext_ack *extack)
  5243. {
  5244. bool haveinfo = false;
  5245. int err;
  5246. memset(bcn, 0, sizeof(*bcn));
  5247. bcn->link_id = nl80211_link_id(attrs);
  5248. if (attrs[NL80211_ATTR_BEACON_HEAD]) {
  5249. bcn->head = nla_data(attrs[NL80211_ATTR_BEACON_HEAD]);
  5250. bcn->head_len = nla_len(attrs[NL80211_ATTR_BEACON_HEAD]);
  5251. if (!bcn->head_len)
  5252. return -EINVAL;
  5253. haveinfo = true;
  5254. }
  5255. if (attrs[NL80211_ATTR_BEACON_TAIL]) {
  5256. bcn->tail = nla_data(attrs[NL80211_ATTR_BEACON_TAIL]);
  5257. bcn->tail_len = nla_len(attrs[NL80211_ATTR_BEACON_TAIL]);
  5258. haveinfo = true;
  5259. }
  5260. if (!haveinfo)
  5261. return -EINVAL;
  5262. if (attrs[NL80211_ATTR_IE]) {
  5263. bcn->beacon_ies = nla_data(attrs[NL80211_ATTR_IE]);
  5264. bcn->beacon_ies_len = nla_len(attrs[NL80211_ATTR_IE]);
  5265. }
  5266. if (attrs[NL80211_ATTR_IE_PROBE_RESP]) {
  5267. bcn->proberesp_ies =
  5268. nla_data(attrs[NL80211_ATTR_IE_PROBE_RESP]);
  5269. bcn->proberesp_ies_len =
  5270. nla_len(attrs[NL80211_ATTR_IE_PROBE_RESP]);
  5271. }
  5272. if (attrs[NL80211_ATTR_IE_ASSOC_RESP]) {
  5273. bcn->assocresp_ies =
  5274. nla_data(attrs[NL80211_ATTR_IE_ASSOC_RESP]);
  5275. bcn->assocresp_ies_len =
  5276. nla_len(attrs[NL80211_ATTR_IE_ASSOC_RESP]);
  5277. }
  5278. if (attrs[NL80211_ATTR_PROBE_RESP]) {
  5279. bcn->probe_resp = nla_data(attrs[NL80211_ATTR_PROBE_RESP]);
  5280. bcn->probe_resp_len = nla_len(attrs[NL80211_ATTR_PROBE_RESP]);
  5281. }
  5282. if (attrs[NL80211_ATTR_FTM_RESPONDER]) {
  5283. struct nlattr *tb[NL80211_FTM_RESP_ATTR_MAX + 1];
  5284. err = nla_parse_nested_deprecated(tb,
  5285. NL80211_FTM_RESP_ATTR_MAX,
  5286. attrs[NL80211_ATTR_FTM_RESPONDER],
  5287. NULL, NULL);
  5288. if (err)
  5289. return err;
  5290. if (tb[NL80211_FTM_RESP_ATTR_ENABLED] &&
  5291. wiphy_ext_feature_isset(&rdev->wiphy,
  5292. NL80211_EXT_FEATURE_ENABLE_FTM_RESPONDER))
  5293. bcn->ftm_responder = 1;
  5294. else
  5295. return -EOPNOTSUPP;
  5296. if (tb[NL80211_FTM_RESP_ATTR_LCI]) {
  5297. bcn->lci = nla_data(tb[NL80211_FTM_RESP_ATTR_LCI]);
  5298. bcn->lci_len = nla_len(tb[NL80211_FTM_RESP_ATTR_LCI]);
  5299. }
  5300. if (tb[NL80211_FTM_RESP_ATTR_CIVICLOC]) {
  5301. bcn->civicloc = nla_data(tb[NL80211_FTM_RESP_ATTR_CIVICLOC]);
  5302. bcn->civicloc_len = nla_len(tb[NL80211_FTM_RESP_ATTR_CIVICLOC]);
  5303. }
  5304. } else {
  5305. bcn->ftm_responder = -1;
  5306. }
  5307. if (attrs[NL80211_ATTR_HE_BSS_COLOR]) {
  5308. err = nl80211_parse_he_bss_color(attrs[NL80211_ATTR_HE_BSS_COLOR],
  5309. &bcn->he_bss_color);
  5310. if (err)
  5311. return err;
  5312. bcn->he_bss_color_valid = true;
  5313. }
  5314. if (attrs[NL80211_ATTR_MBSSID_ELEMS]) {
  5315. struct cfg80211_mbssid_elems *mbssid =
  5316. nl80211_parse_mbssid_elems(&rdev->wiphy,
  5317. attrs[NL80211_ATTR_MBSSID_ELEMS]);
  5318. if (IS_ERR(mbssid))
  5319. return PTR_ERR(mbssid);
  5320. bcn->mbssid_ies = mbssid;
  5321. if (bcn->mbssid_ies && attrs[NL80211_ATTR_EMA_RNR_ELEMS]) {
  5322. struct cfg80211_rnr_elems *rnr =
  5323. nl80211_parse_rnr_elems(&rdev->wiphy,
  5324. attrs[NL80211_ATTR_EMA_RNR_ELEMS],
  5325. extack);
  5326. if (IS_ERR(rnr))
  5327. return PTR_ERR(rnr);
  5328. if (rnr && rnr->cnt < bcn->mbssid_ies->cnt)
  5329. return -EINVAL;
  5330. bcn->rnr_ies = rnr;
  5331. }
  5332. }
  5333. return 0;
  5334. }
  5335. static int nl80211_parse_he_obss_pd(struct nlattr *attrs,
  5336. struct ieee80211_he_obss_pd *he_obss_pd)
  5337. {
  5338. struct nlattr *tb[NL80211_HE_OBSS_PD_ATTR_MAX + 1];
  5339. int err;
  5340. err = nla_parse_nested(tb, NL80211_HE_OBSS_PD_ATTR_MAX, attrs,
  5341. he_obss_pd_policy, NULL);
  5342. if (err)
  5343. return err;
  5344. if (!tb[NL80211_HE_OBSS_PD_ATTR_SR_CTRL])
  5345. return -EINVAL;
  5346. he_obss_pd->sr_ctrl = nla_get_u8(tb[NL80211_HE_OBSS_PD_ATTR_SR_CTRL]);
  5347. if (tb[NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET])
  5348. he_obss_pd->min_offset =
  5349. nla_get_u8(tb[NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET]);
  5350. if (tb[NL80211_HE_OBSS_PD_ATTR_MAX_OFFSET])
  5351. he_obss_pd->max_offset =
  5352. nla_get_u8(tb[NL80211_HE_OBSS_PD_ATTR_MAX_OFFSET]);
  5353. if (tb[NL80211_HE_OBSS_PD_ATTR_NON_SRG_MAX_OFFSET])
  5354. he_obss_pd->non_srg_max_offset =
  5355. nla_get_u8(tb[NL80211_HE_OBSS_PD_ATTR_NON_SRG_MAX_OFFSET]);
  5356. if (he_obss_pd->min_offset > he_obss_pd->max_offset)
  5357. return -EINVAL;
  5358. if (tb[NL80211_HE_OBSS_PD_ATTR_BSS_COLOR_BITMAP])
  5359. memcpy(he_obss_pd->bss_color_bitmap,
  5360. nla_data(tb[NL80211_HE_OBSS_PD_ATTR_BSS_COLOR_BITMAP]),
  5361. sizeof(he_obss_pd->bss_color_bitmap));
  5362. if (tb[NL80211_HE_OBSS_PD_ATTR_PARTIAL_BSSID_BITMAP])
  5363. memcpy(he_obss_pd->partial_bssid_bitmap,
  5364. nla_data(tb[NL80211_HE_OBSS_PD_ATTR_PARTIAL_BSSID_BITMAP]),
  5365. sizeof(he_obss_pd->partial_bssid_bitmap));
  5366. he_obss_pd->enable = true;
  5367. return 0;
  5368. }
  5369. static int nl80211_parse_fils_discovery(struct cfg80211_registered_device *rdev,
  5370. struct nlattr *attrs,
  5371. struct cfg80211_fils_discovery *fd)
  5372. {
  5373. struct nlattr *tb[NL80211_FILS_DISCOVERY_ATTR_MAX + 1];
  5374. int ret;
  5375. if (!wiphy_ext_feature_isset(&rdev->wiphy,
  5376. NL80211_EXT_FEATURE_FILS_DISCOVERY))
  5377. return -EINVAL;
  5378. ret = nla_parse_nested(tb, NL80211_FILS_DISCOVERY_ATTR_MAX, attrs,
  5379. NULL, NULL);
  5380. if (ret)
  5381. return ret;
  5382. if (!tb[NL80211_FILS_DISCOVERY_ATTR_INT_MIN] &&
  5383. !tb[NL80211_FILS_DISCOVERY_ATTR_INT_MAX] &&
  5384. !tb[NL80211_FILS_DISCOVERY_ATTR_TMPL]) {
  5385. fd->update = true;
  5386. return 0;
  5387. }
  5388. if (!tb[NL80211_FILS_DISCOVERY_ATTR_INT_MIN] ||
  5389. !tb[NL80211_FILS_DISCOVERY_ATTR_INT_MAX] ||
  5390. !tb[NL80211_FILS_DISCOVERY_ATTR_TMPL])
  5391. return -EINVAL;
  5392. fd->tmpl_len = nla_len(tb[NL80211_FILS_DISCOVERY_ATTR_TMPL]);
  5393. fd->tmpl = nla_data(tb[NL80211_FILS_DISCOVERY_ATTR_TMPL]);
  5394. fd->min_interval = nla_get_u32(tb[NL80211_FILS_DISCOVERY_ATTR_INT_MIN]);
  5395. fd->max_interval = nla_get_u32(tb[NL80211_FILS_DISCOVERY_ATTR_INT_MAX]);
  5396. fd->update = true;
  5397. return 0;
  5398. }
  5399. static int
  5400. nl80211_parse_unsol_bcast_probe_resp(struct cfg80211_registered_device *rdev,
  5401. struct nlattr *attrs,
  5402. struct cfg80211_unsol_bcast_probe_resp *presp)
  5403. {
  5404. struct nlattr *tb[NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_MAX + 1];
  5405. int ret;
  5406. if (!wiphy_ext_feature_isset(&rdev->wiphy,
  5407. NL80211_EXT_FEATURE_UNSOL_BCAST_PROBE_RESP))
  5408. return -EINVAL;
  5409. ret = nla_parse_nested(tb, NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_MAX,
  5410. attrs, NULL, NULL);
  5411. if (ret)
  5412. return ret;
  5413. if (!tb[NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_INT] &&
  5414. !tb[NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_TMPL]) {
  5415. presp->update = true;
  5416. return 0;
  5417. }
  5418. if (!tb[NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_INT] ||
  5419. !tb[NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_TMPL])
  5420. return -EINVAL;
  5421. presp->tmpl = nla_data(tb[NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_TMPL]);
  5422. presp->tmpl_len = nla_len(tb[NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_TMPL]);
  5423. presp->interval = nla_get_u32(tb[NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_INT]);
  5424. presp->update = true;
  5425. return 0;
  5426. }
  5427. static void nl80211_check_ap_rate_selectors(struct cfg80211_ap_settings *params,
  5428. const struct element *rates)
  5429. {
  5430. int i;
  5431. if (!rates)
  5432. return;
  5433. for (i = 0; i < rates->datalen; i++) {
  5434. if (rates->data[i] == BSS_MEMBERSHIP_SELECTOR_HT_PHY)
  5435. params->ht_required = true;
  5436. if (rates->data[i] == BSS_MEMBERSHIP_SELECTOR_VHT_PHY)
  5437. params->vht_required = true;
  5438. if (rates->data[i] == BSS_MEMBERSHIP_SELECTOR_HE_PHY)
  5439. params->he_required = true;
  5440. if (rates->data[i] == BSS_MEMBERSHIP_SELECTOR_SAE_H2E)
  5441. params->sae_h2e_required = true;
  5442. }
  5443. }
  5444. /*
  5445. * Since the nl80211 API didn't include, from the beginning, attributes about
  5446. * HT/VHT requirements/capabilities, we parse them out of the IEs for the
  5447. * benefit of drivers that rebuild IEs in the firmware.
  5448. */
  5449. static int nl80211_calculate_ap_params(struct cfg80211_ap_settings *params)
  5450. {
  5451. const struct cfg80211_beacon_data *bcn = &params->beacon;
  5452. size_t ies_len = bcn->tail_len;
  5453. const u8 *ies = bcn->tail;
  5454. const struct element *rates;
  5455. const struct element *cap;
  5456. rates = cfg80211_find_elem(WLAN_EID_SUPP_RATES, ies, ies_len);
  5457. nl80211_check_ap_rate_selectors(params, rates);
  5458. rates = cfg80211_find_elem(WLAN_EID_EXT_SUPP_RATES, ies, ies_len);
  5459. nl80211_check_ap_rate_selectors(params, rates);
  5460. cap = cfg80211_find_elem(WLAN_EID_HT_CAPABILITY, ies, ies_len);
  5461. if (cap && cap->datalen >= sizeof(*params->ht_cap))
  5462. params->ht_cap = (void *)cap->data;
  5463. cap = cfg80211_find_elem(WLAN_EID_VHT_CAPABILITY, ies, ies_len);
  5464. if (cap && cap->datalen >= sizeof(*params->vht_cap))
  5465. params->vht_cap = (void *)cap->data;
  5466. cap = cfg80211_find_ext_elem(WLAN_EID_EXT_HE_CAPABILITY, ies, ies_len);
  5467. if (cap && cap->datalen >= sizeof(*params->he_cap) + 1)
  5468. params->he_cap = (void *)(cap->data + 1);
  5469. cap = cfg80211_find_ext_elem(WLAN_EID_EXT_HE_OPERATION, ies, ies_len);
  5470. if (cap && cap->datalen >= sizeof(*params->he_oper) + 1)
  5471. params->he_oper = (void *)(cap->data + 1);
  5472. cap = cfg80211_find_ext_elem(WLAN_EID_EXT_EHT_CAPABILITY, ies, ies_len);
  5473. if (cap) {
  5474. if (!cap->datalen)
  5475. return -EINVAL;
  5476. params->eht_cap = (void *)(cap->data + 1);
  5477. if (!ieee80211_eht_capa_size_ok((const u8 *)params->he_cap,
  5478. (const u8 *)params->eht_cap,
  5479. cap->datalen - 1, true))
  5480. return -EINVAL;
  5481. }
  5482. cap = cfg80211_find_ext_elem(WLAN_EID_EXT_EHT_OPERATION, ies, ies_len);
  5483. if (cap) {
  5484. if (!cap->datalen)
  5485. return -EINVAL;
  5486. params->eht_oper = (void *)(cap->data + 1);
  5487. if (!ieee80211_eht_oper_size_ok((const u8 *)params->eht_oper,
  5488. cap->datalen - 1))
  5489. return -EINVAL;
  5490. }
  5491. cap = cfg80211_find_ext_elem(WLAN_EID_EXT_UHR_OPER, ies, ies_len);
  5492. if (cap) {
  5493. if (!cap->datalen)
  5494. return -EINVAL;
  5495. params->uhr_oper = (void *)(cap->data + 1);
  5496. if (!ieee80211_uhr_oper_size_ok((const u8 *)params->uhr_oper,
  5497. cap->datalen - 1, true))
  5498. return -EINVAL;
  5499. }
  5500. return 0;
  5501. }
  5502. static bool nl80211_get_ap_channel(struct cfg80211_registered_device *rdev,
  5503. struct cfg80211_ap_settings *params)
  5504. {
  5505. struct wireless_dev *wdev;
  5506. list_for_each_entry(wdev, &rdev->wiphy.wdev_list, list) {
  5507. if (wdev->iftype != NL80211_IFTYPE_AP &&
  5508. wdev->iftype != NL80211_IFTYPE_P2P_GO)
  5509. continue;
  5510. if (!wdev->u.ap.preset_chandef.chan)
  5511. continue;
  5512. params->chandef = wdev->u.ap.preset_chandef;
  5513. return true;
  5514. }
  5515. return false;
  5516. }
  5517. static bool nl80211_valid_auth_type(struct cfg80211_registered_device *rdev,
  5518. enum nl80211_auth_type auth_type,
  5519. enum nl80211_commands cmd)
  5520. {
  5521. if (auth_type > NL80211_AUTHTYPE_MAX)
  5522. return false;
  5523. switch (cmd) {
  5524. case NL80211_CMD_AUTHENTICATE:
  5525. if (!(rdev->wiphy.features & NL80211_FEATURE_SAE) &&
  5526. auth_type == NL80211_AUTHTYPE_SAE)
  5527. return false;
  5528. if (!wiphy_ext_feature_isset(&rdev->wiphy,
  5529. NL80211_EXT_FEATURE_FILS_STA) &&
  5530. (auth_type == NL80211_AUTHTYPE_FILS_SK ||
  5531. auth_type == NL80211_AUTHTYPE_FILS_SK_PFS ||
  5532. auth_type == NL80211_AUTHTYPE_FILS_PK))
  5533. return false;
  5534. if (!wiphy_ext_feature_isset(&rdev->wiphy,
  5535. NL80211_EXT_FEATURE_EPPKE) &&
  5536. auth_type == NL80211_AUTHTYPE_EPPKE)
  5537. return false;
  5538. return true;
  5539. case NL80211_CMD_CONNECT:
  5540. if (!(rdev->wiphy.features & NL80211_FEATURE_SAE) &&
  5541. !wiphy_ext_feature_isset(&rdev->wiphy,
  5542. NL80211_EXT_FEATURE_SAE_OFFLOAD) &&
  5543. auth_type == NL80211_AUTHTYPE_SAE)
  5544. return false;
  5545. /* FILS with SK PFS or PK not supported yet */
  5546. if (auth_type == NL80211_AUTHTYPE_FILS_SK_PFS ||
  5547. auth_type == NL80211_AUTHTYPE_FILS_PK)
  5548. return false;
  5549. if (!wiphy_ext_feature_isset(
  5550. &rdev->wiphy,
  5551. NL80211_EXT_FEATURE_FILS_SK_OFFLOAD) &&
  5552. auth_type == NL80211_AUTHTYPE_FILS_SK)
  5553. return false;
  5554. if (!wiphy_ext_feature_isset(&rdev->wiphy,
  5555. NL80211_EXT_FEATURE_EPPKE) &&
  5556. auth_type == NL80211_AUTHTYPE_EPPKE)
  5557. return false;
  5558. return true;
  5559. case NL80211_CMD_START_AP:
  5560. if (!wiphy_ext_feature_isset(&rdev->wiphy,
  5561. NL80211_EXT_FEATURE_SAE_OFFLOAD_AP) &&
  5562. auth_type == NL80211_AUTHTYPE_SAE)
  5563. return false;
  5564. /* FILS not supported yet */
  5565. if (auth_type == NL80211_AUTHTYPE_FILS_SK ||
  5566. auth_type == NL80211_AUTHTYPE_FILS_SK_PFS ||
  5567. auth_type == NL80211_AUTHTYPE_FILS_PK)
  5568. return false;
  5569. return true;
  5570. default:
  5571. return false;
  5572. }
  5573. }
  5574. static void nl80211_send_ap_started(struct wireless_dev *wdev,
  5575. unsigned int link_id)
  5576. {
  5577. struct wiphy *wiphy = wdev->wiphy;
  5578. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  5579. struct sk_buff *msg;
  5580. void *hdr;
  5581. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  5582. if (!msg)
  5583. return;
  5584. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_START_AP);
  5585. if (!hdr)
  5586. goto out;
  5587. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  5588. nla_put_u32(msg, NL80211_ATTR_IFINDEX, wdev->netdev->ifindex) ||
  5589. nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
  5590. NL80211_ATTR_PAD) ||
  5591. (wdev->u.ap.ssid_len &&
  5592. nla_put(msg, NL80211_ATTR_SSID, wdev->u.ap.ssid_len,
  5593. wdev->u.ap.ssid)) ||
  5594. (wdev->valid_links &&
  5595. nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id)))
  5596. goto out;
  5597. genlmsg_end(msg, hdr);
  5598. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(wiphy), msg, 0,
  5599. NL80211_MCGRP_MLME, GFP_KERNEL);
  5600. return;
  5601. out:
  5602. nlmsg_free(msg);
  5603. }
  5604. static int nl80211_validate_ap_phy_operation(struct cfg80211_ap_settings *params)
  5605. {
  5606. struct ieee80211_channel *channel = params->chandef.chan;
  5607. if ((params->he_cap || params->he_oper) &&
  5608. (channel->flags & IEEE80211_CHAN_NO_HE))
  5609. return -EOPNOTSUPP;
  5610. if ((params->eht_cap || params->eht_oper) &&
  5611. (channel->flags & IEEE80211_CHAN_NO_EHT))
  5612. return -EOPNOTSUPP;
  5613. if (params->uhr_oper && (channel->flags & IEEE80211_CHAN_NO_UHR))
  5614. return -EOPNOTSUPP;
  5615. return 0;
  5616. }
  5617. static int
  5618. nl80211_parse_s1g_short_beacon(struct cfg80211_registered_device *rdev,
  5619. struct nlattr *attrs,
  5620. struct cfg80211_s1g_short_beacon *sb)
  5621. {
  5622. struct nlattr *tb[NL80211_S1G_SHORT_BEACON_ATTR_MAX + 1];
  5623. int ret;
  5624. if (!rdev->wiphy.bands[NL80211_BAND_S1GHZ])
  5625. return -EINVAL;
  5626. ret = nla_parse_nested(tb, NL80211_S1G_SHORT_BEACON_ATTR_MAX, attrs,
  5627. NULL, NULL);
  5628. if (ret)
  5629. return ret;
  5630. /* Short beacon tail is optional (i.e might only include the TIM) */
  5631. if (!tb[NL80211_S1G_SHORT_BEACON_ATTR_HEAD])
  5632. return -EINVAL;
  5633. sb->short_head = nla_data(tb[NL80211_S1G_SHORT_BEACON_ATTR_HEAD]);
  5634. sb->short_head_len = nla_len(tb[NL80211_S1G_SHORT_BEACON_ATTR_HEAD]);
  5635. sb->short_tail_len = 0;
  5636. if (tb[NL80211_S1G_SHORT_BEACON_ATTR_TAIL]) {
  5637. sb->short_tail =
  5638. nla_data(tb[NL80211_S1G_SHORT_BEACON_ATTR_TAIL]);
  5639. sb->short_tail_len =
  5640. nla_len(tb[NL80211_S1G_SHORT_BEACON_ATTR_TAIL]);
  5641. }
  5642. sb->update = true;
  5643. return 0;
  5644. }
  5645. static int nl80211_start_ap(struct sk_buff *skb, struct genl_info *info)
  5646. {
  5647. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  5648. struct cfg80211_beaconing_check_config beacon_check = {};
  5649. unsigned int link_id = nl80211_link_id(info->attrs);
  5650. struct net_device *dev = info->user_ptr[1];
  5651. struct wireless_dev *wdev = dev->ieee80211_ptr;
  5652. struct cfg80211_ap_settings *params;
  5653. int err;
  5654. if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
  5655. dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
  5656. return -EOPNOTSUPP;
  5657. if (!rdev->ops->start_ap)
  5658. return -EOPNOTSUPP;
  5659. if (wdev->links[link_id].cac_started)
  5660. return -EBUSY;
  5661. if (wdev->links[link_id].ap.beacon_interval)
  5662. return -EALREADY;
  5663. /* these are required for START_AP */
  5664. if (!info->attrs[NL80211_ATTR_BEACON_INTERVAL] ||
  5665. !info->attrs[NL80211_ATTR_DTIM_PERIOD] ||
  5666. !info->attrs[NL80211_ATTR_BEACON_HEAD])
  5667. return -EINVAL;
  5668. if (info->attrs[NL80211_ATTR_SMPS_MODE] &&
  5669. nla_get_u8(info->attrs[NL80211_ATTR_SMPS_MODE]) != NL80211_SMPS_OFF)
  5670. return -EOPNOTSUPP;
  5671. params = kzalloc_obj(*params);
  5672. if (!params)
  5673. return -ENOMEM;
  5674. err = nl80211_parse_beacon(rdev, info->attrs, &params->beacon,
  5675. info->extack);
  5676. if (err)
  5677. goto out;
  5678. params->beacon_interval =
  5679. nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]);
  5680. params->dtim_period =
  5681. nla_get_u32(info->attrs[NL80211_ATTR_DTIM_PERIOD]);
  5682. err = cfg80211_validate_beacon_int(rdev, dev->ieee80211_ptr->iftype,
  5683. params->beacon_interval);
  5684. if (err)
  5685. goto out;
  5686. /*
  5687. * In theory, some of these attributes should be required here
  5688. * but since they were not used when the command was originally
  5689. * added, keep them optional for old user space programs to let
  5690. * them continue to work with drivers that do not need the
  5691. * additional information -- drivers must check!
  5692. */
  5693. if (info->attrs[NL80211_ATTR_SSID]) {
  5694. params->ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
  5695. params->ssid_len =
  5696. nla_len(info->attrs[NL80211_ATTR_SSID]);
  5697. if (params->ssid_len == 0) {
  5698. err = -EINVAL;
  5699. goto out;
  5700. }
  5701. if (wdev->u.ap.ssid_len &&
  5702. (wdev->u.ap.ssid_len != params->ssid_len ||
  5703. memcmp(wdev->u.ap.ssid, params->ssid, params->ssid_len))) {
  5704. /* require identical SSID for MLO */
  5705. err = -EINVAL;
  5706. goto out;
  5707. }
  5708. } else if (wdev->valid_links) {
  5709. /* require SSID for MLO */
  5710. err = -EINVAL;
  5711. goto out;
  5712. }
  5713. if (info->attrs[NL80211_ATTR_HIDDEN_SSID])
  5714. params->hidden_ssid = nla_get_u32(
  5715. info->attrs[NL80211_ATTR_HIDDEN_SSID]);
  5716. params->privacy = !!info->attrs[NL80211_ATTR_PRIVACY];
  5717. if (info->attrs[NL80211_ATTR_AUTH_TYPE]) {
  5718. params->auth_type = nla_get_u32(
  5719. info->attrs[NL80211_ATTR_AUTH_TYPE]);
  5720. if (!nl80211_valid_auth_type(rdev, params->auth_type,
  5721. NL80211_CMD_START_AP)) {
  5722. err = -EINVAL;
  5723. goto out;
  5724. }
  5725. } else
  5726. params->auth_type = NL80211_AUTHTYPE_AUTOMATIC;
  5727. err = nl80211_crypto_settings(rdev, info, &params->crypto,
  5728. NL80211_MAX_NR_CIPHER_SUITES);
  5729. if (err)
  5730. goto out;
  5731. if (info->attrs[NL80211_ATTR_INACTIVITY_TIMEOUT]) {
  5732. if (!(rdev->wiphy.features & NL80211_FEATURE_INACTIVITY_TIMER)) {
  5733. err = -EOPNOTSUPP;
  5734. goto out;
  5735. }
  5736. params->inactivity_timeout = nla_get_u16(
  5737. info->attrs[NL80211_ATTR_INACTIVITY_TIMEOUT]);
  5738. }
  5739. if (info->attrs[NL80211_ATTR_P2P_CTWINDOW]) {
  5740. if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) {
  5741. err = -EINVAL;
  5742. goto out;
  5743. }
  5744. params->p2p_ctwindow =
  5745. nla_get_u8(info->attrs[NL80211_ATTR_P2P_CTWINDOW]);
  5746. if (params->p2p_ctwindow != 0 &&
  5747. !(rdev->wiphy.features & NL80211_FEATURE_P2P_GO_CTWIN)) {
  5748. err = -EINVAL;
  5749. goto out;
  5750. }
  5751. }
  5752. if (info->attrs[NL80211_ATTR_P2P_OPPPS]) {
  5753. u8 tmp;
  5754. if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) {
  5755. err = -EINVAL;
  5756. goto out;
  5757. }
  5758. tmp = nla_get_u8(info->attrs[NL80211_ATTR_P2P_OPPPS]);
  5759. params->p2p_opp_ps = tmp;
  5760. if (params->p2p_opp_ps != 0 &&
  5761. !(rdev->wiphy.features & NL80211_FEATURE_P2P_GO_OPPPS)) {
  5762. err = -EINVAL;
  5763. goto out;
  5764. }
  5765. }
  5766. if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
  5767. err = nl80211_parse_chandef(rdev, info, &params->chandef);
  5768. if (err)
  5769. goto out;
  5770. } else if (wdev->valid_links) {
  5771. /* with MLD need to specify the channel configuration */
  5772. err = -EINVAL;
  5773. goto out;
  5774. } else if (wdev->u.ap.preset_chandef.chan) {
  5775. params->chandef = wdev->u.ap.preset_chandef;
  5776. } else if (!nl80211_get_ap_channel(rdev, params)) {
  5777. err = -EINVAL;
  5778. goto out;
  5779. }
  5780. beacon_check.iftype = wdev->iftype;
  5781. beacon_check.relax = true;
  5782. beacon_check.reg_power =
  5783. cfg80211_get_6ghz_power_type(params->beacon.tail,
  5784. params->beacon.tail_len, 0);
  5785. if (!cfg80211_reg_check_beaconing(&rdev->wiphy, &params->chandef,
  5786. &beacon_check)) {
  5787. err = -EINVAL;
  5788. goto out;
  5789. }
  5790. if (info->attrs[NL80211_ATTR_TX_RATES]) {
  5791. err = nl80211_parse_tx_bitrate_mask(info, info->attrs,
  5792. NL80211_ATTR_TX_RATES,
  5793. &params->beacon_rate,
  5794. dev, false, link_id);
  5795. if (err)
  5796. goto out;
  5797. err = validate_beacon_tx_rate(rdev, params->chandef.chan->band,
  5798. &params->beacon_rate);
  5799. if (err)
  5800. goto out;
  5801. }
  5802. params->pbss = nla_get_flag(info->attrs[NL80211_ATTR_PBSS]);
  5803. if (params->pbss && !rdev->wiphy.bands[NL80211_BAND_60GHZ]) {
  5804. err = -EOPNOTSUPP;
  5805. goto out;
  5806. }
  5807. if (info->attrs[NL80211_ATTR_ACL_POLICY]) {
  5808. params->acl = parse_acl_data(&rdev->wiphy, info);
  5809. if (IS_ERR(params->acl)) {
  5810. err = PTR_ERR(params->acl);
  5811. params->acl = NULL;
  5812. goto out;
  5813. }
  5814. }
  5815. params->twt_responder =
  5816. nla_get_flag(info->attrs[NL80211_ATTR_TWT_RESPONDER]);
  5817. if (info->attrs[NL80211_ATTR_HE_OBSS_PD]) {
  5818. err = nl80211_parse_he_obss_pd(
  5819. info->attrs[NL80211_ATTR_HE_OBSS_PD],
  5820. &params->he_obss_pd);
  5821. if (err)
  5822. goto out;
  5823. }
  5824. if (info->attrs[NL80211_ATTR_FILS_DISCOVERY]) {
  5825. err = nl80211_parse_fils_discovery(rdev,
  5826. info->attrs[NL80211_ATTR_FILS_DISCOVERY],
  5827. &params->fils_discovery);
  5828. if (err)
  5829. goto out;
  5830. }
  5831. if (info->attrs[NL80211_ATTR_UNSOL_BCAST_PROBE_RESP]) {
  5832. err = nl80211_parse_unsol_bcast_probe_resp(
  5833. rdev, info->attrs[NL80211_ATTR_UNSOL_BCAST_PROBE_RESP],
  5834. &params->unsol_bcast_probe_resp);
  5835. if (err)
  5836. goto out;
  5837. }
  5838. if (info->attrs[NL80211_ATTR_MBSSID_CONFIG]) {
  5839. err = nl80211_parse_mbssid_config(&rdev->wiphy, dev, link_id,
  5840. info->attrs[NL80211_ATTR_MBSSID_CONFIG],
  5841. &params->mbssid_config,
  5842. params->beacon.mbssid_ies ?
  5843. params->beacon.mbssid_ies->cnt :
  5844. 0);
  5845. if (err)
  5846. goto out;
  5847. }
  5848. if (!params->mbssid_config.ema && params->beacon.rnr_ies) {
  5849. err = -EINVAL;
  5850. goto out;
  5851. }
  5852. if (info->attrs[NL80211_ATTR_S1G_SHORT_BEACON]) {
  5853. if (!info->attrs[NL80211_ATTR_S1G_LONG_BEACON_PERIOD]) {
  5854. err = -EINVAL;
  5855. goto out;
  5856. }
  5857. params->s1g_long_beacon_period = nla_get_u8(
  5858. info->attrs[NL80211_ATTR_S1G_LONG_BEACON_PERIOD]);
  5859. err = nl80211_parse_s1g_short_beacon(
  5860. rdev, info->attrs[NL80211_ATTR_S1G_SHORT_BEACON],
  5861. &params->s1g_short_beacon);
  5862. if (err)
  5863. goto out;
  5864. }
  5865. err = nl80211_calculate_ap_params(params);
  5866. if (err)
  5867. goto out;
  5868. err = nl80211_validate_ap_phy_operation(params);
  5869. if (err)
  5870. goto out;
  5871. if (info->attrs[NL80211_ATTR_AP_SETTINGS_FLAGS])
  5872. params->flags = nla_get_u32(
  5873. info->attrs[NL80211_ATTR_AP_SETTINGS_FLAGS]);
  5874. else if (info->attrs[NL80211_ATTR_EXTERNAL_AUTH_SUPPORT])
  5875. params->flags |= NL80211_AP_SETTINGS_EXTERNAL_AUTH_SUPPORT;
  5876. if (wdev->conn_owner_nlportid &&
  5877. info->attrs[NL80211_ATTR_SOCKET_OWNER] &&
  5878. wdev->conn_owner_nlportid != info->snd_portid) {
  5879. err = -EINVAL;
  5880. goto out;
  5881. }
  5882. /* FIXME: validate MLO/link-id against driver capabilities */
  5883. err = rdev_start_ap(rdev, dev, params);
  5884. if (!err) {
  5885. wdev->links[link_id].ap.beacon_interval = params->beacon_interval;
  5886. wdev->links[link_id].ap.chandef = params->chandef;
  5887. wdev->u.ap.ssid_len = params->ssid_len;
  5888. memcpy(wdev->u.ap.ssid, params->ssid,
  5889. params->ssid_len);
  5890. if (info->attrs[NL80211_ATTR_SOCKET_OWNER])
  5891. wdev->conn_owner_nlportid = info->snd_portid;
  5892. nl80211_send_ap_started(wdev, link_id);
  5893. }
  5894. out:
  5895. kfree(params->acl);
  5896. kfree(params->beacon.mbssid_ies);
  5897. if (params->mbssid_config.tx_wdev &&
  5898. params->mbssid_config.tx_wdev->netdev &&
  5899. params->mbssid_config.tx_wdev->netdev != dev)
  5900. dev_put(params->mbssid_config.tx_wdev->netdev);
  5901. kfree(params->beacon.rnr_ies);
  5902. kfree(params);
  5903. return err;
  5904. }
  5905. static int nl80211_set_beacon(struct sk_buff *skb, struct genl_info *info)
  5906. {
  5907. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  5908. struct cfg80211_beaconing_check_config beacon_check = {};
  5909. unsigned int link_id = nl80211_link_id(info->attrs);
  5910. struct net_device *dev = info->user_ptr[1];
  5911. struct wireless_dev *wdev = dev->ieee80211_ptr;
  5912. struct cfg80211_ap_update *params;
  5913. struct nlattr *attr;
  5914. int err;
  5915. if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
  5916. dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
  5917. return -EOPNOTSUPP;
  5918. if (!rdev->ops->change_beacon)
  5919. return -EOPNOTSUPP;
  5920. if (!wdev->links[link_id].ap.beacon_interval)
  5921. return -EINVAL;
  5922. params = kzalloc_obj(*params);
  5923. if (!params)
  5924. return -ENOMEM;
  5925. err = nl80211_parse_beacon(rdev, info->attrs, &params->beacon,
  5926. info->extack);
  5927. if (err)
  5928. goto out;
  5929. /* recheck beaconing is permitted with possibly changed power type */
  5930. beacon_check.iftype = wdev->iftype;
  5931. beacon_check.relax = true;
  5932. beacon_check.reg_power =
  5933. cfg80211_get_6ghz_power_type(params->beacon.tail,
  5934. params->beacon.tail_len, 0);
  5935. if (!cfg80211_reg_check_beaconing(&rdev->wiphy,
  5936. &wdev->links[link_id].ap.chandef,
  5937. &beacon_check)) {
  5938. err = -EINVAL;
  5939. goto out;
  5940. }
  5941. attr = info->attrs[NL80211_ATTR_FILS_DISCOVERY];
  5942. if (attr) {
  5943. err = nl80211_parse_fils_discovery(rdev, attr,
  5944. &params->fils_discovery);
  5945. if (err)
  5946. goto out;
  5947. }
  5948. attr = info->attrs[NL80211_ATTR_UNSOL_BCAST_PROBE_RESP];
  5949. if (attr) {
  5950. err = nl80211_parse_unsol_bcast_probe_resp(rdev, attr,
  5951. &params->unsol_bcast_probe_resp);
  5952. if (err)
  5953. goto out;
  5954. }
  5955. attr = info->attrs[NL80211_ATTR_S1G_SHORT_BEACON];
  5956. if (attr) {
  5957. err = nl80211_parse_s1g_short_beacon(rdev, attr,
  5958. &params->s1g_short_beacon);
  5959. if (err)
  5960. goto out;
  5961. }
  5962. err = rdev_change_beacon(rdev, dev, params);
  5963. out:
  5964. kfree(params->beacon.mbssid_ies);
  5965. kfree(params->beacon.rnr_ies);
  5966. kfree(params);
  5967. return err;
  5968. }
  5969. static int nl80211_stop_ap(struct sk_buff *skb, struct genl_info *info)
  5970. {
  5971. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  5972. unsigned int link_id = nl80211_link_id(info->attrs);
  5973. struct net_device *dev = info->user_ptr[1];
  5974. return cfg80211_stop_ap(rdev, dev, link_id, false);
  5975. }
  5976. static const struct nla_policy sta_flags_policy[NL80211_STA_FLAG_MAX + 1] = {
  5977. [NL80211_STA_FLAG_AUTHORIZED] = { .type = NLA_FLAG },
  5978. [NL80211_STA_FLAG_SHORT_PREAMBLE] = { .type = NLA_FLAG },
  5979. [NL80211_STA_FLAG_WME] = { .type = NLA_FLAG },
  5980. [NL80211_STA_FLAG_MFP] = { .type = NLA_FLAG },
  5981. [NL80211_STA_FLAG_AUTHENTICATED] = { .type = NLA_FLAG },
  5982. [NL80211_STA_FLAG_TDLS_PEER] = { .type = NLA_FLAG },
  5983. };
  5984. static int parse_station_flags(struct genl_info *info,
  5985. enum nl80211_iftype iftype,
  5986. struct station_parameters *params)
  5987. {
  5988. struct nlattr *flags[NL80211_STA_FLAG_MAX + 1];
  5989. struct nlattr *nla;
  5990. int flag;
  5991. /*
  5992. * Try parsing the new attribute first so userspace
  5993. * can specify both for older kernels.
  5994. */
  5995. nla = info->attrs[NL80211_ATTR_STA_FLAGS2];
  5996. if (nla) {
  5997. struct nl80211_sta_flag_update *sta_flags;
  5998. sta_flags = nla_data(nla);
  5999. params->sta_flags_mask = sta_flags->mask;
  6000. params->sta_flags_set = sta_flags->set;
  6001. params->sta_flags_set &= params->sta_flags_mask;
  6002. if ((params->sta_flags_mask |
  6003. params->sta_flags_set) & BIT(__NL80211_STA_FLAG_INVALID))
  6004. return -EINVAL;
  6005. return 0;
  6006. }
  6007. /* if present, parse the old attribute */
  6008. nla = info->attrs[NL80211_ATTR_STA_FLAGS];
  6009. if (!nla)
  6010. return 0;
  6011. if (nla_parse_nested_deprecated(flags, NL80211_STA_FLAG_MAX, nla, sta_flags_policy, info->extack))
  6012. return -EINVAL;
  6013. /*
  6014. * Only allow certain flags for interface types so that
  6015. * other attributes are silently ignored. Remember that
  6016. * this is backward compatibility code with old userspace
  6017. * and shouldn't be hit in other cases anyway.
  6018. */
  6019. switch (iftype) {
  6020. case NL80211_IFTYPE_AP:
  6021. case NL80211_IFTYPE_AP_VLAN:
  6022. case NL80211_IFTYPE_P2P_GO:
  6023. params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHORIZED) |
  6024. BIT(NL80211_STA_FLAG_SHORT_PREAMBLE) |
  6025. BIT(NL80211_STA_FLAG_WME) |
  6026. BIT(NL80211_STA_FLAG_MFP);
  6027. break;
  6028. case NL80211_IFTYPE_P2P_CLIENT:
  6029. case NL80211_IFTYPE_STATION:
  6030. params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHORIZED) |
  6031. BIT(NL80211_STA_FLAG_TDLS_PEER);
  6032. break;
  6033. case NL80211_IFTYPE_MESH_POINT:
  6034. params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHENTICATED) |
  6035. BIT(NL80211_STA_FLAG_MFP) |
  6036. BIT(NL80211_STA_FLAG_AUTHORIZED);
  6037. break;
  6038. default:
  6039. return -EINVAL;
  6040. }
  6041. for (flag = 1; flag <= NL80211_STA_FLAG_MAX; flag++) {
  6042. if (flags[flag]) {
  6043. params->sta_flags_set |= (1<<flag);
  6044. /* no longer support new API additions in old API */
  6045. if (flag > NL80211_STA_FLAG_MAX_OLD_API)
  6046. return -EINVAL;
  6047. }
  6048. }
  6049. return 0;
  6050. }
  6051. bool nl80211_put_sta_rate(struct sk_buff *msg, struct rate_info *info, int attr)
  6052. {
  6053. struct nlattr *rate;
  6054. u32 bitrate;
  6055. u16 bitrate_compat;
  6056. enum nl80211_rate_info rate_flg;
  6057. rate = nla_nest_start_noflag(msg, attr);
  6058. if (!rate)
  6059. return false;
  6060. /* cfg80211_calculate_bitrate will return 0 for mcs >= 32 */
  6061. bitrate = cfg80211_calculate_bitrate(info);
  6062. /* report 16-bit bitrate only if we can */
  6063. bitrate_compat = bitrate < (1UL << 16) ? bitrate : 0;
  6064. if (bitrate > 0 &&
  6065. nla_put_u32(msg, NL80211_RATE_INFO_BITRATE32, bitrate))
  6066. return false;
  6067. if (bitrate_compat > 0 &&
  6068. nla_put_u16(msg, NL80211_RATE_INFO_BITRATE, bitrate_compat))
  6069. return false;
  6070. switch (info->bw) {
  6071. case RATE_INFO_BW_1:
  6072. rate_flg = NL80211_RATE_INFO_1_MHZ_WIDTH;
  6073. break;
  6074. case RATE_INFO_BW_2:
  6075. rate_flg = NL80211_RATE_INFO_2_MHZ_WIDTH;
  6076. break;
  6077. case RATE_INFO_BW_4:
  6078. rate_flg = NL80211_RATE_INFO_4_MHZ_WIDTH;
  6079. break;
  6080. case RATE_INFO_BW_5:
  6081. rate_flg = NL80211_RATE_INFO_5_MHZ_WIDTH;
  6082. break;
  6083. case RATE_INFO_BW_8:
  6084. rate_flg = NL80211_RATE_INFO_8_MHZ_WIDTH;
  6085. break;
  6086. case RATE_INFO_BW_10:
  6087. rate_flg = NL80211_RATE_INFO_10_MHZ_WIDTH;
  6088. break;
  6089. case RATE_INFO_BW_16:
  6090. rate_flg = NL80211_RATE_INFO_16_MHZ_WIDTH;
  6091. break;
  6092. default:
  6093. WARN_ON(1);
  6094. fallthrough;
  6095. case RATE_INFO_BW_20:
  6096. rate_flg = 0;
  6097. break;
  6098. case RATE_INFO_BW_40:
  6099. rate_flg = NL80211_RATE_INFO_40_MHZ_WIDTH;
  6100. break;
  6101. case RATE_INFO_BW_80:
  6102. rate_flg = NL80211_RATE_INFO_80_MHZ_WIDTH;
  6103. break;
  6104. case RATE_INFO_BW_160:
  6105. rate_flg = NL80211_RATE_INFO_160_MHZ_WIDTH;
  6106. break;
  6107. case RATE_INFO_BW_HE_RU:
  6108. rate_flg = 0;
  6109. WARN_ON(!(info->flags & RATE_INFO_FLAGS_HE_MCS));
  6110. break;
  6111. case RATE_INFO_BW_320:
  6112. rate_flg = NL80211_RATE_INFO_320_MHZ_WIDTH;
  6113. break;
  6114. case RATE_INFO_BW_EHT_RU:
  6115. rate_flg = 0;
  6116. WARN_ON(!(info->flags & RATE_INFO_FLAGS_EHT_MCS) &&
  6117. !(info->flags & RATE_INFO_FLAGS_UHR_MCS));
  6118. break;
  6119. }
  6120. if (rate_flg && nla_put_flag(msg, rate_flg))
  6121. return false;
  6122. if (info->flags & RATE_INFO_FLAGS_MCS) {
  6123. if (nla_put_u8(msg, NL80211_RATE_INFO_MCS, info->mcs))
  6124. return false;
  6125. if (info->flags & RATE_INFO_FLAGS_SHORT_GI &&
  6126. nla_put_flag(msg, NL80211_RATE_INFO_SHORT_GI))
  6127. return false;
  6128. } else if (info->flags & RATE_INFO_FLAGS_VHT_MCS) {
  6129. if (nla_put_u8(msg, NL80211_RATE_INFO_VHT_MCS, info->mcs))
  6130. return false;
  6131. if (nla_put_u8(msg, NL80211_RATE_INFO_VHT_NSS, info->nss))
  6132. return false;
  6133. if (info->flags & RATE_INFO_FLAGS_SHORT_GI &&
  6134. nla_put_flag(msg, NL80211_RATE_INFO_SHORT_GI))
  6135. return false;
  6136. } else if (info->flags & RATE_INFO_FLAGS_HE_MCS) {
  6137. if (nla_put_u8(msg, NL80211_RATE_INFO_HE_MCS, info->mcs))
  6138. return false;
  6139. if (nla_put_u8(msg, NL80211_RATE_INFO_HE_NSS, info->nss))
  6140. return false;
  6141. if (nla_put_u8(msg, NL80211_RATE_INFO_HE_GI, info->he_gi))
  6142. return false;
  6143. if (nla_put_u8(msg, NL80211_RATE_INFO_HE_DCM, info->he_dcm))
  6144. return false;
  6145. if (info->bw == RATE_INFO_BW_HE_RU &&
  6146. nla_put_u8(msg, NL80211_RATE_INFO_HE_RU_ALLOC,
  6147. info->he_ru_alloc))
  6148. return false;
  6149. } else if (info->flags & RATE_INFO_FLAGS_S1G_MCS) {
  6150. if (nla_put_u8(msg, NL80211_RATE_INFO_S1G_MCS, info->mcs))
  6151. return false;
  6152. if (nla_put_u8(msg, NL80211_RATE_INFO_S1G_NSS, info->nss))
  6153. return false;
  6154. if (info->flags & RATE_INFO_FLAGS_SHORT_GI &&
  6155. nla_put_flag(msg, NL80211_RATE_INFO_SHORT_GI))
  6156. return false;
  6157. } else if (info->flags & RATE_INFO_FLAGS_EHT_MCS) {
  6158. if (nla_put_u8(msg, NL80211_RATE_INFO_EHT_MCS, info->mcs))
  6159. return false;
  6160. if (nla_put_u8(msg, NL80211_RATE_INFO_EHT_NSS, info->nss))
  6161. return false;
  6162. if (nla_put_u8(msg, NL80211_RATE_INFO_EHT_GI, info->eht_gi))
  6163. return false;
  6164. if (info->bw == RATE_INFO_BW_EHT_RU &&
  6165. nla_put_u8(msg, NL80211_RATE_INFO_EHT_RU_ALLOC,
  6166. info->eht_ru_alloc))
  6167. return false;
  6168. } else if (info->flags & RATE_INFO_FLAGS_UHR_MCS) {
  6169. if (nla_put_u8(msg, NL80211_RATE_INFO_UHR_MCS, info->mcs))
  6170. return false;
  6171. if (nla_put_u8(msg, NL80211_RATE_INFO_EHT_NSS, info->nss))
  6172. return false;
  6173. if (nla_put_u8(msg, NL80211_RATE_INFO_EHT_GI, info->eht_gi))
  6174. return false;
  6175. if (info->bw == RATE_INFO_BW_EHT_RU &&
  6176. nla_put_u8(msg, NL80211_RATE_INFO_EHT_RU_ALLOC,
  6177. info->eht_ru_alloc))
  6178. return false;
  6179. if (info->flags & RATE_INFO_FLAGS_UHR_ELR_MCS &&
  6180. nla_put_flag(msg, NL80211_RATE_INFO_UHR_ELR))
  6181. return false;
  6182. if (info->flags & RATE_INFO_FLAGS_UHR_IM &&
  6183. nla_put_flag(msg, NL80211_RATE_INFO_UHR_IM))
  6184. return false;
  6185. }
  6186. nla_nest_end(msg, rate);
  6187. return true;
  6188. }
  6189. static bool nl80211_put_signal(struct sk_buff *msg, u8 mask, s8 *signal,
  6190. int id)
  6191. {
  6192. void *attr;
  6193. int i = 0;
  6194. if (!mask)
  6195. return true;
  6196. attr = nla_nest_start_noflag(msg, id);
  6197. if (!attr)
  6198. return false;
  6199. for (i = 0; i < IEEE80211_MAX_CHAINS; i++) {
  6200. if (!(mask & BIT(i)))
  6201. continue;
  6202. if (nla_put_u8(msg, i, signal[i]))
  6203. return false;
  6204. }
  6205. nla_nest_end(msg, attr);
  6206. return true;
  6207. }
  6208. static int nl80211_fill_link_station(struct sk_buff *msg,
  6209. struct cfg80211_registered_device *rdev,
  6210. struct link_station_info *link_sinfo)
  6211. {
  6212. struct nlattr *bss_param, *link_sinfoattr;
  6213. #define PUT_LINK_SINFO(attr, memb, type) do { \
  6214. BUILD_BUG_ON(sizeof(type) == sizeof(u64)); \
  6215. if (link_sinfo->filled & BIT_ULL(NL80211_STA_INFO_ ## attr) && \
  6216. nla_put_ ## type(msg, NL80211_STA_INFO_ ## attr, \
  6217. link_sinfo->memb)) \
  6218. goto nla_put_failure; \
  6219. } while (0)
  6220. #define PUT_LINK_SINFO_U64(attr, memb) do { \
  6221. if (link_sinfo->filled & BIT_ULL(NL80211_STA_INFO_ ## attr) && \
  6222. nla_put_u64_64bit(msg, NL80211_STA_INFO_ ## attr, \
  6223. link_sinfo->memb, NL80211_STA_INFO_PAD)) \
  6224. goto nla_put_failure; \
  6225. } while (0)
  6226. link_sinfoattr = nla_nest_start_noflag(msg, NL80211_ATTR_STA_INFO);
  6227. if (!link_sinfoattr)
  6228. goto nla_put_failure;
  6229. PUT_LINK_SINFO(INACTIVE_TIME, inactive_time, u32);
  6230. if (link_sinfo->filled & (BIT_ULL(NL80211_STA_INFO_RX_BYTES) |
  6231. BIT_ULL(NL80211_STA_INFO_RX_BYTES64)) &&
  6232. nla_put_u32(msg, NL80211_STA_INFO_RX_BYTES,
  6233. (u32)link_sinfo->rx_bytes))
  6234. goto nla_put_failure;
  6235. if (link_sinfo->filled & (BIT_ULL(NL80211_STA_INFO_TX_BYTES) |
  6236. BIT_ULL(NL80211_STA_INFO_TX_BYTES64)) &&
  6237. nla_put_u32(msg, NL80211_STA_INFO_TX_BYTES,
  6238. (u32)link_sinfo->tx_bytes))
  6239. goto nla_put_failure;
  6240. PUT_LINK_SINFO_U64(RX_BYTES64, rx_bytes);
  6241. PUT_LINK_SINFO_U64(TX_BYTES64, tx_bytes);
  6242. PUT_LINK_SINFO_U64(RX_DURATION, rx_duration);
  6243. PUT_LINK_SINFO_U64(TX_DURATION, tx_duration);
  6244. if (wiphy_ext_feature_isset(&rdev->wiphy,
  6245. NL80211_EXT_FEATURE_AIRTIME_FAIRNESS))
  6246. PUT_LINK_SINFO(AIRTIME_WEIGHT, airtime_weight, u16);
  6247. switch (rdev->wiphy.signal_type) {
  6248. case CFG80211_SIGNAL_TYPE_MBM:
  6249. PUT_LINK_SINFO(SIGNAL, signal, u8);
  6250. PUT_LINK_SINFO(SIGNAL_AVG, signal_avg, u8);
  6251. break;
  6252. default:
  6253. break;
  6254. }
  6255. if (link_sinfo->filled & BIT_ULL(NL80211_STA_INFO_CHAIN_SIGNAL)) {
  6256. if (!nl80211_put_signal(msg, link_sinfo->chains,
  6257. link_sinfo->chain_signal,
  6258. NL80211_STA_INFO_CHAIN_SIGNAL))
  6259. goto nla_put_failure;
  6260. }
  6261. if (link_sinfo->filled & BIT_ULL(NL80211_STA_INFO_CHAIN_SIGNAL_AVG)) {
  6262. if (!nl80211_put_signal(msg, link_sinfo->chains,
  6263. link_sinfo->chain_signal_avg,
  6264. NL80211_STA_INFO_CHAIN_SIGNAL_AVG))
  6265. goto nla_put_failure;
  6266. }
  6267. if (link_sinfo->filled & BIT_ULL(NL80211_STA_INFO_TX_BITRATE)) {
  6268. if (!nl80211_put_sta_rate(msg, &link_sinfo->txrate,
  6269. NL80211_STA_INFO_TX_BITRATE))
  6270. goto nla_put_failure;
  6271. }
  6272. if (link_sinfo->filled & BIT_ULL(NL80211_STA_INFO_RX_BITRATE)) {
  6273. if (!nl80211_put_sta_rate(msg, &link_sinfo->rxrate,
  6274. NL80211_STA_INFO_RX_BITRATE))
  6275. goto nla_put_failure;
  6276. }
  6277. PUT_LINK_SINFO(RX_PACKETS, rx_packets, u32);
  6278. PUT_LINK_SINFO(TX_PACKETS, tx_packets, u32);
  6279. PUT_LINK_SINFO(TX_RETRIES, tx_retries, u32);
  6280. PUT_LINK_SINFO(TX_FAILED, tx_failed, u32);
  6281. PUT_LINK_SINFO(EXPECTED_THROUGHPUT, expected_throughput, u32);
  6282. PUT_LINK_SINFO(BEACON_LOSS, beacon_loss_count, u32);
  6283. if (link_sinfo->filled & BIT_ULL(NL80211_STA_INFO_BSS_PARAM)) {
  6284. bss_param = nla_nest_start_noflag(msg,
  6285. NL80211_STA_INFO_BSS_PARAM);
  6286. if (!bss_param)
  6287. goto nla_put_failure;
  6288. if (((link_sinfo->bss_param.flags &
  6289. BSS_PARAM_FLAGS_CTS_PROT) &&
  6290. nla_put_flag(msg, NL80211_STA_BSS_PARAM_CTS_PROT)) ||
  6291. ((link_sinfo->bss_param.flags &
  6292. BSS_PARAM_FLAGS_SHORT_PREAMBLE) &&
  6293. nla_put_flag(msg,
  6294. NL80211_STA_BSS_PARAM_SHORT_PREAMBLE)) ||
  6295. ((link_sinfo->bss_param.flags &
  6296. BSS_PARAM_FLAGS_SHORT_SLOT_TIME) &&
  6297. nla_put_flag(msg,
  6298. NL80211_STA_BSS_PARAM_SHORT_SLOT_TIME)) ||
  6299. nla_put_u8(msg, NL80211_STA_BSS_PARAM_DTIM_PERIOD,
  6300. link_sinfo->bss_param.dtim_period) ||
  6301. nla_put_u16(msg, NL80211_STA_BSS_PARAM_BEACON_INTERVAL,
  6302. link_sinfo->bss_param.beacon_interval))
  6303. goto nla_put_failure;
  6304. nla_nest_end(msg, bss_param);
  6305. }
  6306. PUT_LINK_SINFO_U64(RX_DROP_MISC, rx_dropped_misc);
  6307. PUT_LINK_SINFO_U64(BEACON_RX, rx_beacon);
  6308. PUT_LINK_SINFO(BEACON_SIGNAL_AVG, rx_beacon_signal_avg, u8);
  6309. PUT_LINK_SINFO(RX_MPDUS, rx_mpdu_count, u32);
  6310. PUT_LINK_SINFO(FCS_ERROR_COUNT, fcs_err_count, u32);
  6311. if (wiphy_ext_feature_isset(&rdev->wiphy,
  6312. NL80211_EXT_FEATURE_ACK_SIGNAL_SUPPORT)) {
  6313. PUT_LINK_SINFO(ACK_SIGNAL, ack_signal, u8);
  6314. PUT_LINK_SINFO(ACK_SIGNAL_AVG, avg_ack_signal, s8);
  6315. }
  6316. #undef PUT_LINK_SINFO
  6317. #undef PUT_LINK_SINFO_U64
  6318. if (link_sinfo->pertid) {
  6319. struct nlattr *tidsattr;
  6320. int tid;
  6321. tidsattr = nla_nest_start_noflag(msg,
  6322. NL80211_STA_INFO_TID_STATS);
  6323. if (!tidsattr)
  6324. goto nla_put_failure;
  6325. for (tid = 0; tid < IEEE80211_NUM_TIDS + 1; tid++) {
  6326. struct cfg80211_tid_stats *tidstats;
  6327. struct nlattr *tidattr;
  6328. tidstats = &link_sinfo->pertid[tid];
  6329. if (!tidstats->filled)
  6330. continue;
  6331. tidattr = nla_nest_start_noflag(msg, tid + 1);
  6332. if (!tidattr)
  6333. goto nla_put_failure;
  6334. #define PUT_TIDVAL_U64(attr, memb) do { \
  6335. if (tidstats->filled & BIT(NL80211_TID_STATS_ ## attr) && \
  6336. nla_put_u64_64bit(msg, NL80211_TID_STATS_ ## attr, \
  6337. tidstats->memb, NL80211_TID_STATS_PAD)) \
  6338. goto nla_put_failure; \
  6339. } while (0)
  6340. PUT_TIDVAL_U64(RX_MSDU, rx_msdu);
  6341. PUT_TIDVAL_U64(TX_MSDU, tx_msdu);
  6342. PUT_TIDVAL_U64(TX_MSDU_RETRIES, tx_msdu_retries);
  6343. PUT_TIDVAL_U64(TX_MSDU_FAILED, tx_msdu_failed);
  6344. #undef PUT_TIDVAL_U64
  6345. if ((tidstats->filled &
  6346. BIT(NL80211_TID_STATS_TXQ_STATS)) &&
  6347. !nl80211_put_txq_stats(msg, &tidstats->txq_stats,
  6348. NL80211_TID_STATS_TXQ_STATS))
  6349. goto nla_put_failure;
  6350. nla_nest_end(msg, tidattr);
  6351. }
  6352. nla_nest_end(msg, tidsattr);
  6353. }
  6354. nla_nest_end(msg, link_sinfoattr);
  6355. return 0;
  6356. nla_put_failure:
  6357. return -EMSGSIZE;
  6358. }
  6359. static int nl80211_send_station(struct sk_buff *msg, u32 cmd, u32 portid,
  6360. u32 seq, int flags,
  6361. struct cfg80211_registered_device *rdev,
  6362. struct net_device *dev,
  6363. const u8 *mac_addr, struct station_info *sinfo,
  6364. bool link_stats)
  6365. {
  6366. void *hdr;
  6367. struct nlattr *sinfoattr, *bss_param;
  6368. struct link_station_info *link_sinfo;
  6369. struct nlattr *links, *link;
  6370. int link_id;
  6371. hdr = nl80211hdr_put(msg, portid, seq, flags, cmd);
  6372. if (!hdr) {
  6373. cfg80211_sinfo_release_content(sinfo);
  6374. return -1;
  6375. }
  6376. if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
  6377. nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr) ||
  6378. nla_put_u32(msg, NL80211_ATTR_GENERATION, sinfo->generation))
  6379. goto nla_put_failure;
  6380. sinfoattr = nla_nest_start_noflag(msg, NL80211_ATTR_STA_INFO);
  6381. if (!sinfoattr)
  6382. goto nla_put_failure;
  6383. #define PUT_SINFO(attr, memb, type) do { \
  6384. BUILD_BUG_ON(sizeof(type) == sizeof(u64)); \
  6385. if (sinfo->filled & BIT_ULL(NL80211_STA_INFO_ ## attr) && \
  6386. nla_put_ ## type(msg, NL80211_STA_INFO_ ## attr, \
  6387. sinfo->memb)) \
  6388. goto nla_put_failure; \
  6389. } while (0)
  6390. #define PUT_SINFO_U64(attr, memb) do { \
  6391. if (sinfo->filled & BIT_ULL(NL80211_STA_INFO_ ## attr) && \
  6392. nla_put_u64_64bit(msg, NL80211_STA_INFO_ ## attr, \
  6393. sinfo->memb, NL80211_STA_INFO_PAD)) \
  6394. goto nla_put_failure; \
  6395. } while (0)
  6396. PUT_SINFO(CONNECTED_TIME, connected_time, u32);
  6397. PUT_SINFO(INACTIVE_TIME, inactive_time, u32);
  6398. PUT_SINFO_U64(ASSOC_AT_BOOTTIME, assoc_at);
  6399. if (sinfo->filled & (BIT_ULL(NL80211_STA_INFO_RX_BYTES) |
  6400. BIT_ULL(NL80211_STA_INFO_RX_BYTES64)) &&
  6401. nla_put_u32(msg, NL80211_STA_INFO_RX_BYTES,
  6402. (u32)sinfo->rx_bytes))
  6403. goto nla_put_failure;
  6404. if (sinfo->filled & (BIT_ULL(NL80211_STA_INFO_TX_BYTES) |
  6405. BIT_ULL(NL80211_STA_INFO_TX_BYTES64)) &&
  6406. nla_put_u32(msg, NL80211_STA_INFO_TX_BYTES,
  6407. (u32)sinfo->tx_bytes))
  6408. goto nla_put_failure;
  6409. PUT_SINFO_U64(RX_BYTES64, rx_bytes);
  6410. PUT_SINFO_U64(TX_BYTES64, tx_bytes);
  6411. PUT_SINFO_U64(RX_DURATION, rx_duration);
  6412. PUT_SINFO_U64(TX_DURATION, tx_duration);
  6413. if (wiphy_ext_feature_isset(&rdev->wiphy,
  6414. NL80211_EXT_FEATURE_AIRTIME_FAIRNESS))
  6415. PUT_SINFO(AIRTIME_WEIGHT, airtime_weight, u16);
  6416. switch (rdev->wiphy.signal_type) {
  6417. case CFG80211_SIGNAL_TYPE_MBM:
  6418. PUT_SINFO(SIGNAL, signal, u8);
  6419. PUT_SINFO(SIGNAL_AVG, signal_avg, u8);
  6420. break;
  6421. default:
  6422. break;
  6423. }
  6424. if (sinfo->filled & BIT_ULL(NL80211_STA_INFO_CHAIN_SIGNAL)) {
  6425. if (!nl80211_put_signal(msg, sinfo->chains,
  6426. sinfo->chain_signal,
  6427. NL80211_STA_INFO_CHAIN_SIGNAL))
  6428. goto nla_put_failure;
  6429. }
  6430. if (sinfo->filled & BIT_ULL(NL80211_STA_INFO_CHAIN_SIGNAL_AVG)) {
  6431. if (!nl80211_put_signal(msg, sinfo->chains,
  6432. sinfo->chain_signal_avg,
  6433. NL80211_STA_INFO_CHAIN_SIGNAL_AVG))
  6434. goto nla_put_failure;
  6435. }
  6436. if (sinfo->filled & BIT_ULL(NL80211_STA_INFO_TX_BITRATE)) {
  6437. if (!nl80211_put_sta_rate(msg, &sinfo->txrate,
  6438. NL80211_STA_INFO_TX_BITRATE))
  6439. goto nla_put_failure;
  6440. }
  6441. if (sinfo->filled & BIT_ULL(NL80211_STA_INFO_RX_BITRATE)) {
  6442. if (!nl80211_put_sta_rate(msg, &sinfo->rxrate,
  6443. NL80211_STA_INFO_RX_BITRATE))
  6444. goto nla_put_failure;
  6445. }
  6446. PUT_SINFO(RX_PACKETS, rx_packets, u32);
  6447. PUT_SINFO(TX_PACKETS, tx_packets, u32);
  6448. PUT_SINFO(TX_RETRIES, tx_retries, u32);
  6449. PUT_SINFO(TX_FAILED, tx_failed, u32);
  6450. PUT_SINFO(EXPECTED_THROUGHPUT, expected_throughput, u32);
  6451. PUT_SINFO(BEACON_LOSS, beacon_loss_count, u32);
  6452. PUT_SINFO(LLID, llid, u16);
  6453. PUT_SINFO(PLID, plid, u16);
  6454. PUT_SINFO(PLINK_STATE, plink_state, u8);
  6455. PUT_SINFO(AIRTIME_LINK_METRIC, airtime_link_metric, u32);
  6456. PUT_SINFO(LOCAL_PM, local_pm, u32);
  6457. PUT_SINFO(PEER_PM, peer_pm, u32);
  6458. PUT_SINFO(NONPEER_PM, nonpeer_pm, u32);
  6459. PUT_SINFO(CONNECTED_TO_GATE, connected_to_gate, u8);
  6460. PUT_SINFO(CONNECTED_TO_AS, connected_to_as, u8);
  6461. PUT_SINFO_U64(T_OFFSET, t_offset);
  6462. if (sinfo->filled & BIT_ULL(NL80211_STA_INFO_BSS_PARAM)) {
  6463. bss_param = nla_nest_start_noflag(msg,
  6464. NL80211_STA_INFO_BSS_PARAM);
  6465. if (!bss_param)
  6466. goto nla_put_failure;
  6467. if (((sinfo->bss_param.flags & BSS_PARAM_FLAGS_CTS_PROT) &&
  6468. nla_put_flag(msg, NL80211_STA_BSS_PARAM_CTS_PROT)) ||
  6469. ((sinfo->bss_param.flags & BSS_PARAM_FLAGS_SHORT_PREAMBLE) &&
  6470. nla_put_flag(msg, NL80211_STA_BSS_PARAM_SHORT_PREAMBLE)) ||
  6471. ((sinfo->bss_param.flags & BSS_PARAM_FLAGS_SHORT_SLOT_TIME) &&
  6472. nla_put_flag(msg, NL80211_STA_BSS_PARAM_SHORT_SLOT_TIME)) ||
  6473. nla_put_u8(msg, NL80211_STA_BSS_PARAM_DTIM_PERIOD,
  6474. sinfo->bss_param.dtim_period) ||
  6475. nla_put_u16(msg, NL80211_STA_BSS_PARAM_BEACON_INTERVAL,
  6476. sinfo->bss_param.beacon_interval))
  6477. goto nla_put_failure;
  6478. nla_nest_end(msg, bss_param);
  6479. }
  6480. if ((sinfo->filled & BIT_ULL(NL80211_STA_INFO_STA_FLAGS)) &&
  6481. nla_put(msg, NL80211_STA_INFO_STA_FLAGS,
  6482. sizeof(struct nl80211_sta_flag_update),
  6483. &sinfo->sta_flags))
  6484. goto nla_put_failure;
  6485. PUT_SINFO_U64(RX_DROP_MISC, rx_dropped_misc);
  6486. PUT_SINFO_U64(BEACON_RX, rx_beacon);
  6487. PUT_SINFO(BEACON_SIGNAL_AVG, rx_beacon_signal_avg, u8);
  6488. PUT_SINFO(RX_MPDUS, rx_mpdu_count, u32);
  6489. PUT_SINFO(FCS_ERROR_COUNT, fcs_err_count, u32);
  6490. if (wiphy_ext_feature_isset(&rdev->wiphy,
  6491. NL80211_EXT_FEATURE_ACK_SIGNAL_SUPPORT)) {
  6492. PUT_SINFO(ACK_SIGNAL, ack_signal, u8);
  6493. PUT_SINFO(ACK_SIGNAL_AVG, avg_ack_signal, s8);
  6494. }
  6495. #undef PUT_SINFO
  6496. #undef PUT_SINFO_U64
  6497. if (sinfo->pertid) {
  6498. struct nlattr *tidsattr;
  6499. int tid;
  6500. tidsattr = nla_nest_start_noflag(msg,
  6501. NL80211_STA_INFO_TID_STATS);
  6502. if (!tidsattr)
  6503. goto nla_put_failure;
  6504. for (tid = 0; tid < IEEE80211_NUM_TIDS + 1; tid++) {
  6505. struct cfg80211_tid_stats *tidstats;
  6506. struct nlattr *tidattr;
  6507. tidstats = &sinfo->pertid[tid];
  6508. if (!tidstats->filled)
  6509. continue;
  6510. tidattr = nla_nest_start_noflag(msg, tid + 1);
  6511. if (!tidattr)
  6512. goto nla_put_failure;
  6513. #define PUT_TIDVAL_U64(attr, memb) do { \
  6514. if (tidstats->filled & BIT(NL80211_TID_STATS_ ## attr) && \
  6515. nla_put_u64_64bit(msg, NL80211_TID_STATS_ ## attr, \
  6516. tidstats->memb, NL80211_TID_STATS_PAD)) \
  6517. goto nla_put_failure; \
  6518. } while (0)
  6519. PUT_TIDVAL_U64(RX_MSDU, rx_msdu);
  6520. PUT_TIDVAL_U64(TX_MSDU, tx_msdu);
  6521. PUT_TIDVAL_U64(TX_MSDU_RETRIES, tx_msdu_retries);
  6522. PUT_TIDVAL_U64(TX_MSDU_FAILED, tx_msdu_failed);
  6523. #undef PUT_TIDVAL_U64
  6524. if ((tidstats->filled &
  6525. BIT(NL80211_TID_STATS_TXQ_STATS)) &&
  6526. !nl80211_put_txq_stats(msg, &tidstats->txq_stats,
  6527. NL80211_TID_STATS_TXQ_STATS))
  6528. goto nla_put_failure;
  6529. nla_nest_end(msg, tidattr);
  6530. }
  6531. nla_nest_end(msg, tidsattr);
  6532. }
  6533. nla_nest_end(msg, sinfoattr);
  6534. if (sinfo->assoc_req_ies_len &&
  6535. nla_put(msg, NL80211_ATTR_IE, sinfo->assoc_req_ies_len,
  6536. sinfo->assoc_req_ies))
  6537. goto nla_put_failure;
  6538. if (sinfo->assoc_resp_ies_len &&
  6539. nla_put(msg, NL80211_ATTR_RESP_IE, sinfo->assoc_resp_ies_len,
  6540. sinfo->assoc_resp_ies))
  6541. goto nla_put_failure;
  6542. if (sinfo->mlo_params_valid) {
  6543. if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID,
  6544. sinfo->assoc_link_id))
  6545. goto nla_put_failure;
  6546. if (!is_zero_ether_addr(sinfo->mld_addr) &&
  6547. nla_put(msg, NL80211_ATTR_MLD_ADDR, ETH_ALEN,
  6548. sinfo->mld_addr))
  6549. goto nla_put_failure;
  6550. }
  6551. if (link_stats && sinfo->valid_links) {
  6552. links = nla_nest_start(msg, NL80211_ATTR_MLO_LINKS);
  6553. if (!links)
  6554. goto nla_put_failure;
  6555. for_each_valid_link(sinfo, link_id) {
  6556. link_sinfo = sinfo->links[link_id];
  6557. if (WARN_ON_ONCE(!link_sinfo))
  6558. continue;
  6559. if (!is_valid_ether_addr(link_sinfo->addr))
  6560. continue;
  6561. link = nla_nest_start(msg, link_id + 1);
  6562. if (!link)
  6563. goto nla_put_failure;
  6564. if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID,
  6565. link_id))
  6566. goto nla_put_failure;
  6567. if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN,
  6568. link_sinfo->addr))
  6569. goto nla_put_failure;
  6570. if (nl80211_fill_link_station(msg, rdev, link_sinfo))
  6571. goto nla_put_failure;
  6572. nla_nest_end(msg, link);
  6573. }
  6574. nla_nest_end(msg, links);
  6575. }
  6576. cfg80211_sinfo_release_content(sinfo);
  6577. genlmsg_end(msg, hdr);
  6578. return 0;
  6579. nla_put_failure:
  6580. cfg80211_sinfo_release_content(sinfo);
  6581. genlmsg_cancel(msg, hdr);
  6582. return -EMSGSIZE;
  6583. }
  6584. static void cfg80211_sta_set_mld_sinfo(struct station_info *sinfo)
  6585. {
  6586. struct link_station_info *link_sinfo;
  6587. int link_id, init = 0;
  6588. u32 link_inactive_time;
  6589. sinfo->signal = -99;
  6590. for_each_valid_link(sinfo, link_id) {
  6591. link_sinfo = sinfo->links[link_id];
  6592. if (!link_sinfo)
  6593. continue;
  6594. if ((link_sinfo->filled &
  6595. BIT_ULL(NL80211_STA_INFO_TX_PACKETS))) {
  6596. sinfo->tx_packets += link_sinfo->tx_packets;
  6597. sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_PACKETS);
  6598. }
  6599. if ((link_sinfo->filled &
  6600. BIT_ULL(NL80211_STA_INFO_RX_PACKETS))) {
  6601. sinfo->rx_packets += link_sinfo->rx_packets;
  6602. sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_PACKETS);
  6603. }
  6604. if (link_sinfo->filled &
  6605. (BIT_ULL(NL80211_STA_INFO_TX_BYTES) |
  6606. BIT_ULL(NL80211_STA_INFO_TX_BYTES64))) {
  6607. sinfo->tx_bytes += link_sinfo->tx_bytes;
  6608. sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BYTES);
  6609. }
  6610. if (link_sinfo->filled &
  6611. (BIT_ULL(NL80211_STA_INFO_RX_BYTES) |
  6612. BIT_ULL(NL80211_STA_INFO_TX_BYTES64))) {
  6613. sinfo->rx_bytes += link_sinfo->rx_bytes;
  6614. sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_BYTES);
  6615. }
  6616. if (link_sinfo->filled &
  6617. BIT_ULL(NL80211_STA_INFO_TX_RETRIES)) {
  6618. sinfo->tx_retries += link_sinfo->tx_retries;
  6619. sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_RETRIES);
  6620. }
  6621. if (link_sinfo->filled & BIT_ULL(NL80211_STA_INFO_TX_FAILED)) {
  6622. sinfo->tx_failed += link_sinfo->tx_failed;
  6623. sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_FAILED);
  6624. }
  6625. if (link_sinfo->filled &
  6626. BIT_ULL(NL80211_STA_INFO_RX_DROP_MISC)) {
  6627. sinfo->rx_dropped_misc += link_sinfo->rx_dropped_misc;
  6628. sinfo->filled |=
  6629. BIT_ULL(NL80211_STA_INFO_RX_DROP_MISC);
  6630. }
  6631. if (link_sinfo->filled &
  6632. BIT_ULL(NL80211_STA_INFO_BEACON_LOSS)) {
  6633. sinfo->beacon_loss_count +=
  6634. link_sinfo->beacon_loss_count;
  6635. sinfo->filled |= BIT_ULL(NL80211_STA_INFO_BEACON_LOSS);
  6636. }
  6637. if (link_sinfo->filled &
  6638. BIT_ULL(NL80211_STA_INFO_EXPECTED_THROUGHPUT)) {
  6639. sinfo->expected_throughput +=
  6640. link_sinfo->expected_throughput;
  6641. sinfo->filled |=
  6642. BIT_ULL(NL80211_STA_INFO_EXPECTED_THROUGHPUT);
  6643. }
  6644. if (link_sinfo->filled & BIT_ULL(NL80211_STA_INFO_RX_MPDUS)) {
  6645. sinfo->rx_mpdu_count += link_sinfo->rx_mpdu_count;
  6646. sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_MPDUS);
  6647. }
  6648. if (link_sinfo->filled &
  6649. BIT_ULL(NL80211_STA_INFO_FCS_ERROR_COUNT)) {
  6650. sinfo->fcs_err_count += link_sinfo->fcs_err_count;
  6651. sinfo->filled |=
  6652. BIT_ULL(NL80211_STA_INFO_FCS_ERROR_COUNT);
  6653. }
  6654. if (link_sinfo->filled &
  6655. BIT_ULL(NL80211_STA_INFO_BEACON_RX)) {
  6656. sinfo->rx_beacon += link_sinfo->rx_beacon;
  6657. sinfo->filled |= BIT_ULL(NL80211_STA_INFO_BEACON_RX);
  6658. }
  6659. /* Update MLO signal, signal_avg as best among links */
  6660. if ((link_sinfo->filled & BIT_ULL(NL80211_STA_INFO_SIGNAL)) &&
  6661. link_sinfo->signal > sinfo->signal) {
  6662. sinfo->signal = link_sinfo->signal;
  6663. sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL);
  6664. }
  6665. if ((link_sinfo->filled &
  6666. BIT_ULL(NL80211_STA_INFO_SIGNAL_AVG)) &&
  6667. link_sinfo->signal_avg > sinfo->signal_avg) {
  6668. sinfo->signal_avg = link_sinfo->signal_avg;
  6669. sinfo->filled |= BIT_ULL(NL80211_STA_INFO_SIGNAL_AVG);
  6670. }
  6671. /* Update MLO inactive_time, bss_param based on least
  6672. * value for corresponding field of link.
  6673. */
  6674. if ((link_sinfo->filled &
  6675. BIT_ULL(NL80211_STA_INFO_INACTIVE_TIME)) &&
  6676. (!init ||
  6677. link_inactive_time > link_sinfo->inactive_time)) {
  6678. link_inactive_time = link_sinfo->inactive_time;
  6679. sinfo->inactive_time = link_sinfo->inactive_time;
  6680. sinfo->filled |= NL80211_STA_INFO_INACTIVE_TIME;
  6681. }
  6682. if (link_sinfo->filled & BIT_ULL(NL80211_STA_INFO_BSS_PARAM) &&
  6683. (!init ||
  6684. sinfo->bss_param.dtim_period >
  6685. link_sinfo->bss_param.dtim_period)) {
  6686. sinfo->bss_param.dtim_period =
  6687. link_sinfo->bss_param.dtim_period;
  6688. sinfo->filled |= NL80211_STA_BSS_PARAM_DTIM_PERIOD;
  6689. sinfo->bss_param.beacon_interval =
  6690. link_sinfo->bss_param.beacon_interval;
  6691. sinfo->filled |= NL80211_STA_BSS_PARAM_BEACON_INTERVAL;
  6692. }
  6693. /* Update MLO rates as per last updated link rate */
  6694. if ((link_sinfo->filled &
  6695. BIT_ULL(NL80211_STA_INFO_TX_BITRATE)) &&
  6696. (!init ||
  6697. link_inactive_time > link_sinfo->inactive_time)) {
  6698. sinfo->txrate = link_sinfo->txrate;
  6699. sinfo->filled |= BIT_ULL(NL80211_STA_INFO_TX_BITRATE);
  6700. }
  6701. if ((link_sinfo->filled &
  6702. BIT_ULL(NL80211_STA_INFO_RX_BITRATE)) &&
  6703. (!init ||
  6704. link_inactive_time > link_sinfo->inactive_time)) {
  6705. sinfo->rxrate = link_sinfo->rxrate;
  6706. sinfo->filled |= BIT_ULL(NL80211_STA_INFO_RX_BITRATE);
  6707. }
  6708. if (link_sinfo->filled &
  6709. BIT_ULL(NL80211_STA_INFO_TX_DURATION) &&
  6710. (!init ||
  6711. link_inactive_time > link_sinfo->inactive_time)) {
  6712. sinfo->tx_duration += link_sinfo->tx_duration;
  6713. sinfo->filled |=
  6714. BIT_ULL(NL80211_STA_INFO_TX_DURATION);
  6715. }
  6716. if (link_sinfo->filled &
  6717. BIT_ULL(NL80211_STA_INFO_RX_DURATION) &&
  6718. (!init ||
  6719. link_inactive_time > link_sinfo->inactive_time)) {
  6720. sinfo->rx_duration += link_sinfo->rx_duration;
  6721. sinfo->filled |=
  6722. BIT_ULL(NL80211_STA_INFO_RX_DURATION);
  6723. }
  6724. init++;
  6725. /* pertid stats accumulate for rx/tx fields */
  6726. if (sinfo->pertid) {
  6727. sinfo->pertid->rx_msdu +=
  6728. link_sinfo->pertid->rx_msdu;
  6729. sinfo->pertid->tx_msdu +=
  6730. link_sinfo->pertid->tx_msdu;
  6731. sinfo->pertid->tx_msdu_retries +=
  6732. link_sinfo->pertid->tx_msdu_retries;
  6733. sinfo->pertid->tx_msdu_failed +=
  6734. link_sinfo->pertid->tx_msdu_failed;
  6735. sinfo->pertid->filled |=
  6736. BIT(NL80211_TID_STATS_RX_MSDU) |
  6737. BIT(NL80211_TID_STATS_TX_MSDU) |
  6738. BIT(NL80211_TID_STATS_TX_MSDU_RETRIES) |
  6739. BIT(NL80211_TID_STATS_TX_MSDU_FAILED);
  6740. }
  6741. }
  6742. /* Reset sinfo->filled bits to exclude fields which don't make
  6743. * much sense at the MLO level.
  6744. */
  6745. sinfo->filled &= ~BIT_ULL(NL80211_STA_INFO_CHAIN_SIGNAL);
  6746. sinfo->filled &= ~BIT_ULL(NL80211_STA_INFO_CHAIN_SIGNAL_AVG);
  6747. }
  6748. static int nl80211_dump_station(struct sk_buff *skb,
  6749. struct netlink_callback *cb)
  6750. {
  6751. struct station_info sinfo;
  6752. struct cfg80211_registered_device *rdev;
  6753. struct wireless_dev *wdev;
  6754. u8 mac_addr[ETH_ALEN];
  6755. int sta_idx = cb->args[2];
  6756. bool sinfo_alloc = false;
  6757. int err, i;
  6758. err = nl80211_prepare_wdev_dump(cb, &rdev, &wdev, NULL);
  6759. if (err)
  6760. return err;
  6761. /* nl80211_prepare_wdev_dump acquired it in the successful case */
  6762. __acquire(&rdev->wiphy.mtx);
  6763. if (!wdev->netdev) {
  6764. err = -EINVAL;
  6765. goto out_err;
  6766. }
  6767. if (!rdev->ops->dump_station) {
  6768. err = -EOPNOTSUPP;
  6769. goto out_err;
  6770. }
  6771. while (1) {
  6772. memset(&sinfo, 0, sizeof(sinfo));
  6773. for (i = 0; i < IEEE80211_MLD_MAX_NUM_LINKS; i++) {
  6774. sinfo.links[i] =
  6775. kzalloc_obj(*sinfo.links[0]);
  6776. if (!sinfo.links[i]) {
  6777. err = -ENOMEM;
  6778. goto out_err;
  6779. }
  6780. sinfo_alloc = true;
  6781. }
  6782. err = rdev_dump_station(rdev, wdev->netdev, sta_idx,
  6783. mac_addr, &sinfo);
  6784. if (err == -ENOENT)
  6785. break;
  6786. if (err)
  6787. goto out_err;
  6788. if (sinfo.valid_links)
  6789. cfg80211_sta_set_mld_sinfo(&sinfo);
  6790. /* reset the sinfo_alloc flag as nl80211_send_station()
  6791. * always releases sinfo
  6792. */
  6793. sinfo_alloc = false;
  6794. if (nl80211_send_station(skb, NL80211_CMD_NEW_STATION,
  6795. NETLINK_CB(cb->skb).portid,
  6796. cb->nlh->nlmsg_seq, NLM_F_MULTI,
  6797. rdev, wdev->netdev, mac_addr,
  6798. &sinfo, false) < 0)
  6799. goto out;
  6800. sta_idx++;
  6801. }
  6802. out:
  6803. cb->args[2] = sta_idx;
  6804. err = skb->len;
  6805. out_err:
  6806. if (sinfo_alloc)
  6807. cfg80211_sinfo_release_content(&sinfo);
  6808. wiphy_unlock(&rdev->wiphy);
  6809. return err;
  6810. }
  6811. static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info)
  6812. {
  6813. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  6814. struct net_device *dev = info->user_ptr[1];
  6815. struct station_info sinfo;
  6816. struct sk_buff *msg;
  6817. u8 *mac_addr = NULL;
  6818. int err, i;
  6819. memset(&sinfo, 0, sizeof(sinfo));
  6820. if (!info->attrs[NL80211_ATTR_MAC])
  6821. return -EINVAL;
  6822. mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
  6823. if (!rdev->ops->get_station)
  6824. return -EOPNOTSUPP;
  6825. for (i = 0; i < IEEE80211_MLD_MAX_NUM_LINKS; i++) {
  6826. sinfo.links[i] = kzalloc_obj(*sinfo.links[0]);
  6827. if (!sinfo.links[i]) {
  6828. cfg80211_sinfo_release_content(&sinfo);
  6829. return -ENOMEM;
  6830. }
  6831. }
  6832. err = rdev_get_station(rdev, dev, mac_addr, &sinfo);
  6833. if (err) {
  6834. cfg80211_sinfo_release_content(&sinfo);
  6835. return err;
  6836. }
  6837. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  6838. if (!msg) {
  6839. cfg80211_sinfo_release_content(&sinfo);
  6840. return -ENOMEM;
  6841. }
  6842. if (sinfo.valid_links)
  6843. cfg80211_sta_set_mld_sinfo(&sinfo);
  6844. if (nl80211_send_station(msg, NL80211_CMD_NEW_STATION,
  6845. info->snd_portid, info->snd_seq, 0,
  6846. rdev, dev, mac_addr, &sinfo, false) < 0) {
  6847. nlmsg_free(msg);
  6848. return -ENOBUFS;
  6849. }
  6850. return genlmsg_reply(msg, info);
  6851. }
  6852. int cfg80211_check_station_change(struct wiphy *wiphy,
  6853. struct station_parameters *params,
  6854. enum cfg80211_station_type statype)
  6855. {
  6856. if (params->listen_interval != -1 &&
  6857. statype != CFG80211_STA_AP_CLIENT_UNASSOC)
  6858. return -EINVAL;
  6859. if (params->support_p2p_ps != -1 &&
  6860. statype != CFG80211_STA_AP_CLIENT_UNASSOC)
  6861. return -EINVAL;
  6862. if (params->aid &&
  6863. !(params->sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) &&
  6864. statype != CFG80211_STA_AP_CLIENT_UNASSOC)
  6865. return -EINVAL;
  6866. /* When you run into this, adjust the code below for the new flag */
  6867. BUILD_BUG_ON(NL80211_STA_FLAG_MAX != 8);
  6868. switch (statype) {
  6869. case CFG80211_STA_MESH_PEER_KERNEL:
  6870. case CFG80211_STA_MESH_PEER_USER:
  6871. /*
  6872. * No ignoring the TDLS flag here -- the userspace mesh
  6873. * code doesn't have the bug of including TDLS in the
  6874. * mask everywhere.
  6875. */
  6876. if (params->sta_flags_mask &
  6877. ~(BIT(NL80211_STA_FLAG_AUTHENTICATED) |
  6878. BIT(NL80211_STA_FLAG_MFP) |
  6879. BIT(NL80211_STA_FLAG_AUTHORIZED)))
  6880. return -EINVAL;
  6881. break;
  6882. case CFG80211_STA_TDLS_PEER_SETUP:
  6883. case CFG80211_STA_TDLS_PEER_ACTIVE:
  6884. if (!(params->sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)))
  6885. return -EINVAL;
  6886. /* ignore since it can't change */
  6887. params->sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
  6888. break;
  6889. default:
  6890. /* disallow mesh-specific things */
  6891. if (params->plink_action != NL80211_PLINK_ACTION_NO_ACTION)
  6892. return -EINVAL;
  6893. if (params->local_pm)
  6894. return -EINVAL;
  6895. if (params->sta_modify_mask & STATION_PARAM_APPLY_PLINK_STATE)
  6896. return -EINVAL;
  6897. }
  6898. if (statype != CFG80211_STA_TDLS_PEER_SETUP &&
  6899. statype != CFG80211_STA_TDLS_PEER_ACTIVE) {
  6900. /* TDLS can't be set, ... */
  6901. if (params->sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER))
  6902. return -EINVAL;
  6903. /*
  6904. * ... but don't bother the driver with it. This works around
  6905. * a hostapd/wpa_supplicant issue -- it always includes the
  6906. * TLDS_PEER flag in the mask even for AP mode.
  6907. */
  6908. params->sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
  6909. }
  6910. if (statype != CFG80211_STA_TDLS_PEER_SETUP &&
  6911. statype != CFG80211_STA_AP_CLIENT_UNASSOC) {
  6912. /* reject other things that can't change */
  6913. if (params->sta_modify_mask & STATION_PARAM_APPLY_UAPSD)
  6914. return -EINVAL;
  6915. if (params->sta_modify_mask & STATION_PARAM_APPLY_CAPABILITY)
  6916. return -EINVAL;
  6917. if (params->link_sta_params.supported_rates)
  6918. return -EINVAL;
  6919. if (params->ext_capab || params->link_sta_params.ht_capa ||
  6920. params->link_sta_params.vht_capa ||
  6921. params->link_sta_params.he_capa ||
  6922. params->link_sta_params.eht_capa ||
  6923. params->link_sta_params.uhr_capa)
  6924. return -EINVAL;
  6925. if (params->sta_flags_mask & BIT(NL80211_STA_FLAG_SPP_AMSDU))
  6926. return -EINVAL;
  6927. }
  6928. if (statype != CFG80211_STA_AP_CLIENT &&
  6929. statype != CFG80211_STA_AP_CLIENT_UNASSOC) {
  6930. if (params->vlan)
  6931. return -EINVAL;
  6932. }
  6933. /* Accept EMLSR capabilities only for AP client before association */
  6934. if (statype != CFG80211_STA_AP_CLIENT_UNASSOC &&
  6935. params->eml_cap_present)
  6936. return -EINVAL;
  6937. switch (statype) {
  6938. case CFG80211_STA_AP_MLME_CLIENT:
  6939. /* Use this only for authorizing/unauthorizing a station */
  6940. if (!(params->sta_flags_mask & BIT(NL80211_STA_FLAG_AUTHORIZED)))
  6941. return -EOPNOTSUPP;
  6942. break;
  6943. case CFG80211_STA_AP_CLIENT:
  6944. case CFG80211_STA_AP_CLIENT_UNASSOC:
  6945. /* accept only the listed bits */
  6946. if (params->sta_flags_mask &
  6947. ~(BIT(NL80211_STA_FLAG_AUTHORIZED) |
  6948. BIT(NL80211_STA_FLAG_AUTHENTICATED) |
  6949. BIT(NL80211_STA_FLAG_ASSOCIATED) |
  6950. BIT(NL80211_STA_FLAG_SHORT_PREAMBLE) |
  6951. BIT(NL80211_STA_FLAG_WME) |
  6952. BIT(NL80211_STA_FLAG_MFP) |
  6953. BIT(NL80211_STA_FLAG_SPP_AMSDU)))
  6954. return -EINVAL;
  6955. /* but authenticated/associated only if driver handles it */
  6956. if (!(wiphy->features & NL80211_FEATURE_FULL_AP_CLIENT_STATE) &&
  6957. params->sta_flags_mask &
  6958. (BIT(NL80211_STA_FLAG_AUTHENTICATED) |
  6959. BIT(NL80211_STA_FLAG_ASSOCIATED)))
  6960. return -EINVAL;
  6961. break;
  6962. case CFG80211_STA_IBSS:
  6963. case CFG80211_STA_AP_STA:
  6964. /* reject any changes other than AUTHORIZED */
  6965. if (params->sta_flags_mask & ~BIT(NL80211_STA_FLAG_AUTHORIZED))
  6966. return -EINVAL;
  6967. break;
  6968. case CFG80211_STA_TDLS_PEER_SETUP:
  6969. /* reject any changes other than AUTHORIZED or WME */
  6970. if (params->sta_flags_mask & ~(BIT(NL80211_STA_FLAG_AUTHORIZED) |
  6971. BIT(NL80211_STA_FLAG_WME)))
  6972. return -EINVAL;
  6973. /* force (at least) rates when authorizing */
  6974. if (params->sta_flags_set & BIT(NL80211_STA_FLAG_AUTHORIZED) &&
  6975. !params->link_sta_params.supported_rates)
  6976. return -EINVAL;
  6977. break;
  6978. case CFG80211_STA_TDLS_PEER_ACTIVE:
  6979. /* reject any changes */
  6980. return -EINVAL;
  6981. case CFG80211_STA_MESH_PEER_KERNEL:
  6982. if (params->sta_modify_mask & STATION_PARAM_APPLY_PLINK_STATE)
  6983. return -EINVAL;
  6984. break;
  6985. case CFG80211_STA_MESH_PEER_USER:
  6986. if (params->plink_action != NL80211_PLINK_ACTION_NO_ACTION &&
  6987. params->plink_action != NL80211_PLINK_ACTION_BLOCK)
  6988. return -EINVAL;
  6989. break;
  6990. }
  6991. /*
  6992. * Older kernel versions ignored this attribute entirely, so don't
  6993. * reject attempts to update it but mark it as unused instead so the
  6994. * driver won't look at the data.
  6995. */
  6996. if (statype != CFG80211_STA_AP_CLIENT_UNASSOC &&
  6997. statype != CFG80211_STA_TDLS_PEER_SETUP)
  6998. params->link_sta_params.opmode_notif_used = false;
  6999. return 0;
  7000. }
  7001. EXPORT_SYMBOL(cfg80211_check_station_change);
  7002. /*
  7003. * Get vlan interface making sure it is running and on the right wiphy.
  7004. */
  7005. static struct net_device *get_vlan(struct genl_info *info,
  7006. struct cfg80211_registered_device *rdev)
  7007. {
  7008. struct nlattr *vlanattr = info->attrs[NL80211_ATTR_STA_VLAN];
  7009. struct net_device *v;
  7010. int ret;
  7011. if (!vlanattr)
  7012. return NULL;
  7013. v = dev_get_by_index(genl_info_net(info), nla_get_u32(vlanattr));
  7014. if (!v)
  7015. return ERR_PTR(-ENODEV);
  7016. if (!v->ieee80211_ptr || v->ieee80211_ptr->wiphy != &rdev->wiphy) {
  7017. ret = -EINVAL;
  7018. goto error;
  7019. }
  7020. if (v->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN &&
  7021. v->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
  7022. v->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) {
  7023. ret = -EINVAL;
  7024. goto error;
  7025. }
  7026. if (!netif_running(v)) {
  7027. ret = -ENETDOWN;
  7028. goto error;
  7029. }
  7030. return v;
  7031. error:
  7032. dev_put(v);
  7033. return ERR_PTR(ret);
  7034. }
  7035. static int nl80211_parse_sta_wme(struct genl_info *info,
  7036. struct station_parameters *params)
  7037. {
  7038. struct nlattr *tb[NL80211_STA_WME_MAX + 1];
  7039. struct nlattr *nla;
  7040. int err;
  7041. /* parse WME attributes if present */
  7042. if (!info->attrs[NL80211_ATTR_STA_WME])
  7043. return 0;
  7044. nla = info->attrs[NL80211_ATTR_STA_WME];
  7045. err = nla_parse_nested_deprecated(tb, NL80211_STA_WME_MAX, nla,
  7046. nl80211_sta_wme_policy,
  7047. info->extack);
  7048. if (err)
  7049. return err;
  7050. if (tb[NL80211_STA_WME_UAPSD_QUEUES])
  7051. params->uapsd_queues = nla_get_u8(
  7052. tb[NL80211_STA_WME_UAPSD_QUEUES]);
  7053. if (params->uapsd_queues & ~IEEE80211_WMM_IE_STA_QOSINFO_AC_MASK)
  7054. return -EINVAL;
  7055. if (tb[NL80211_STA_WME_MAX_SP])
  7056. params->max_sp = nla_get_u8(tb[NL80211_STA_WME_MAX_SP]);
  7057. if (params->max_sp & ~IEEE80211_WMM_IE_STA_QOSINFO_SP_MASK)
  7058. return -EINVAL;
  7059. params->sta_modify_mask |= STATION_PARAM_APPLY_UAPSD;
  7060. return 0;
  7061. }
  7062. static int nl80211_parse_sta_channel_info(struct genl_info *info,
  7063. struct station_parameters *params)
  7064. {
  7065. if (info->attrs[NL80211_ATTR_STA_SUPPORTED_CHANNELS]) {
  7066. params->supported_channels =
  7067. nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_CHANNELS]);
  7068. params->supported_channels_len =
  7069. nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_CHANNELS]);
  7070. /*
  7071. * Need to include at least one (first channel, number of
  7072. * channels) tuple for each subband (checked in policy),
  7073. * and must have proper tuples for the rest of the data as well.
  7074. */
  7075. if (params->supported_channels_len % 2)
  7076. return -EINVAL;
  7077. }
  7078. if (info->attrs[NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES]) {
  7079. params->supported_oper_classes =
  7080. nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES]);
  7081. params->supported_oper_classes_len =
  7082. nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES]);
  7083. }
  7084. return 0;
  7085. }
  7086. static int nl80211_set_station_tdls(struct genl_info *info,
  7087. struct station_parameters *params)
  7088. {
  7089. int err;
  7090. /* Dummy STA entry gets updated once the peer capabilities are known */
  7091. if (info->attrs[NL80211_ATTR_PEER_AID])
  7092. params->aid = nla_get_u16(info->attrs[NL80211_ATTR_PEER_AID]);
  7093. if (info->attrs[NL80211_ATTR_HT_CAPABILITY])
  7094. params->link_sta_params.ht_capa =
  7095. nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]);
  7096. if (info->attrs[NL80211_ATTR_VHT_CAPABILITY])
  7097. params->link_sta_params.vht_capa =
  7098. nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY]);
  7099. if (info->attrs[NL80211_ATTR_HE_CAPABILITY]) {
  7100. params->link_sta_params.he_capa =
  7101. nla_data(info->attrs[NL80211_ATTR_HE_CAPABILITY]);
  7102. params->link_sta_params.he_capa_len =
  7103. nla_len(info->attrs[NL80211_ATTR_HE_CAPABILITY]);
  7104. if (info->attrs[NL80211_ATTR_EHT_CAPABILITY]) {
  7105. params->link_sta_params.eht_capa =
  7106. nla_data(info->attrs[NL80211_ATTR_EHT_CAPABILITY]);
  7107. params->link_sta_params.eht_capa_len =
  7108. nla_len(info->attrs[NL80211_ATTR_EHT_CAPABILITY]);
  7109. if (!ieee80211_eht_capa_size_ok((const u8 *)params->link_sta_params.he_capa,
  7110. (const u8 *)params->link_sta_params.eht_capa,
  7111. params->link_sta_params.eht_capa_len,
  7112. false))
  7113. return -EINVAL;
  7114. }
  7115. }
  7116. if (info->attrs[NL80211_ATTR_UHR_CAPABILITY]) {
  7117. if (!params->link_sta_params.eht_capa)
  7118. return -EINVAL;
  7119. params->link_sta_params.uhr_capa =
  7120. nla_data(info->attrs[NL80211_ATTR_UHR_CAPABILITY]);
  7121. params->link_sta_params.uhr_capa_len =
  7122. nla_len(info->attrs[NL80211_ATTR_UHR_CAPABILITY]);
  7123. }
  7124. if (info->attrs[NL80211_ATTR_S1G_CAPABILITY])
  7125. params->link_sta_params.s1g_capa =
  7126. nla_data(info->attrs[NL80211_ATTR_S1G_CAPABILITY]);
  7127. err = nl80211_parse_sta_channel_info(info, params);
  7128. if (err)
  7129. return err;
  7130. return nl80211_parse_sta_wme(info, params);
  7131. }
  7132. static int nl80211_parse_sta_txpower_setting(struct genl_info *info,
  7133. struct sta_txpwr *txpwr,
  7134. bool *txpwr_set)
  7135. {
  7136. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  7137. int idx;
  7138. if (info->attrs[NL80211_ATTR_STA_TX_POWER_SETTING]) {
  7139. if (!rdev->ops->set_tx_power ||
  7140. !wiphy_ext_feature_isset(&rdev->wiphy,
  7141. NL80211_EXT_FEATURE_STA_TX_PWR))
  7142. return -EOPNOTSUPP;
  7143. idx = NL80211_ATTR_STA_TX_POWER_SETTING;
  7144. txpwr->type = nla_get_u8(info->attrs[idx]);
  7145. if (txpwr->type == NL80211_TX_POWER_LIMITED) {
  7146. idx = NL80211_ATTR_STA_TX_POWER;
  7147. if (info->attrs[idx])
  7148. txpwr->power = nla_get_s16(info->attrs[idx]);
  7149. else
  7150. return -EINVAL;
  7151. }
  7152. *txpwr_set = true;
  7153. } else {
  7154. *txpwr_set = false;
  7155. }
  7156. return 0;
  7157. }
  7158. static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info)
  7159. {
  7160. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  7161. struct net_device *dev = info->user_ptr[1];
  7162. struct station_parameters params;
  7163. u8 *mac_addr;
  7164. int err;
  7165. memset(&params, 0, sizeof(params));
  7166. if (!rdev->ops->change_station)
  7167. return -EOPNOTSUPP;
  7168. /*
  7169. * AID and listen_interval properties can be set only for unassociated
  7170. * station. Include these parameters here and will check them in
  7171. * cfg80211_check_station_change().
  7172. */
  7173. if (info->attrs[NL80211_ATTR_STA_AID])
  7174. params.aid = nla_get_u16(info->attrs[NL80211_ATTR_STA_AID]);
  7175. if (info->attrs[NL80211_ATTR_VLAN_ID])
  7176. params.vlan_id = nla_get_u16(info->attrs[NL80211_ATTR_VLAN_ID]);
  7177. if (info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL])
  7178. params.listen_interval =
  7179. nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]);
  7180. else
  7181. params.listen_interval = -1;
  7182. if (info->attrs[NL80211_ATTR_STA_SUPPORT_P2P_PS])
  7183. params.support_p2p_ps =
  7184. nla_get_u8(info->attrs[NL80211_ATTR_STA_SUPPORT_P2P_PS]);
  7185. else
  7186. params.support_p2p_ps = -1;
  7187. if (!info->attrs[NL80211_ATTR_MAC])
  7188. return -EINVAL;
  7189. params.link_sta_params.link_id =
  7190. nl80211_link_id_or_invalid(info->attrs);
  7191. if (info->attrs[NL80211_ATTR_MLD_ADDR]) {
  7192. /* If MLD_ADDR attribute is set then this is an MLD station
  7193. * and the MLD_ADDR attribute holds the MLD address and the
  7194. * MAC attribute holds for the LINK address.
  7195. * In that case, the link_id is also expected to be valid.
  7196. */
  7197. if (params.link_sta_params.link_id < 0)
  7198. return -EINVAL;
  7199. mac_addr = nla_data(info->attrs[NL80211_ATTR_MLD_ADDR]);
  7200. params.link_sta_params.mld_mac = mac_addr;
  7201. params.link_sta_params.link_mac =
  7202. nla_data(info->attrs[NL80211_ATTR_MAC]);
  7203. if (!is_valid_ether_addr(params.link_sta_params.link_mac))
  7204. return -EINVAL;
  7205. } else {
  7206. mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
  7207. }
  7208. if (info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) {
  7209. params.link_sta_params.supported_rates =
  7210. nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
  7211. params.link_sta_params.supported_rates_len =
  7212. nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
  7213. }
  7214. if (info->attrs[NL80211_ATTR_STA_CAPABILITY]) {
  7215. params.capability =
  7216. nla_get_u16(info->attrs[NL80211_ATTR_STA_CAPABILITY]);
  7217. params.sta_modify_mask |= STATION_PARAM_APPLY_CAPABILITY;
  7218. }
  7219. if (info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]) {
  7220. params.ext_capab =
  7221. nla_data(info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]);
  7222. params.ext_capab_len =
  7223. nla_len(info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]);
  7224. }
  7225. if (parse_station_flags(info, dev->ieee80211_ptr->iftype, &params))
  7226. return -EINVAL;
  7227. if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION])
  7228. params.plink_action =
  7229. nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]);
  7230. if (info->attrs[NL80211_ATTR_STA_PLINK_STATE]) {
  7231. params.plink_state =
  7232. nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_STATE]);
  7233. if (info->attrs[NL80211_ATTR_MESH_PEER_AID])
  7234. params.peer_aid = nla_get_u16(
  7235. info->attrs[NL80211_ATTR_MESH_PEER_AID]);
  7236. params.sta_modify_mask |= STATION_PARAM_APPLY_PLINK_STATE;
  7237. }
  7238. if (info->attrs[NL80211_ATTR_LOCAL_MESH_POWER_MODE])
  7239. params.local_pm = nla_get_u32(
  7240. info->attrs[NL80211_ATTR_LOCAL_MESH_POWER_MODE]);
  7241. if (info->attrs[NL80211_ATTR_OPMODE_NOTIF]) {
  7242. params.link_sta_params.opmode_notif_used = true;
  7243. params.link_sta_params.opmode_notif =
  7244. nla_get_u8(info->attrs[NL80211_ATTR_OPMODE_NOTIF]);
  7245. }
  7246. if (info->attrs[NL80211_ATTR_HE_6GHZ_CAPABILITY])
  7247. params.link_sta_params.he_6ghz_capa =
  7248. nla_data(info->attrs[NL80211_ATTR_HE_6GHZ_CAPABILITY]);
  7249. if (info->attrs[NL80211_ATTR_EML_CAPABILITY]) {
  7250. params.eml_cap_present = true;
  7251. params.eml_cap =
  7252. nla_get_u16(info->attrs[NL80211_ATTR_EML_CAPABILITY]);
  7253. }
  7254. if (info->attrs[NL80211_ATTR_AIRTIME_WEIGHT])
  7255. params.airtime_weight =
  7256. nla_get_u16(info->attrs[NL80211_ATTR_AIRTIME_WEIGHT]);
  7257. if (params.airtime_weight &&
  7258. !wiphy_ext_feature_isset(&rdev->wiphy,
  7259. NL80211_EXT_FEATURE_AIRTIME_FAIRNESS))
  7260. return -EOPNOTSUPP;
  7261. err = nl80211_parse_sta_txpower_setting(info,
  7262. &params.link_sta_params.txpwr,
  7263. &params.link_sta_params.txpwr_set);
  7264. if (err)
  7265. return err;
  7266. /* Include parameters for TDLS peer (will check later) */
  7267. err = nl80211_set_station_tdls(info, &params);
  7268. if (err)
  7269. return err;
  7270. params.vlan = get_vlan(info, rdev);
  7271. if (IS_ERR(params.vlan))
  7272. return PTR_ERR(params.vlan);
  7273. switch (dev->ieee80211_ptr->iftype) {
  7274. case NL80211_IFTYPE_AP:
  7275. case NL80211_IFTYPE_AP_VLAN:
  7276. case NL80211_IFTYPE_P2P_GO:
  7277. case NL80211_IFTYPE_P2P_CLIENT:
  7278. case NL80211_IFTYPE_STATION:
  7279. case NL80211_IFTYPE_ADHOC:
  7280. case NL80211_IFTYPE_MESH_POINT:
  7281. break;
  7282. default:
  7283. err = -EOPNOTSUPP;
  7284. goto out_put_vlan;
  7285. }
  7286. /* driver will call cfg80211_check_station_change() */
  7287. err = rdev_change_station(rdev, dev, mac_addr, &params);
  7288. out_put_vlan:
  7289. dev_put(params.vlan);
  7290. return err;
  7291. }
  7292. static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info)
  7293. {
  7294. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  7295. int err;
  7296. struct net_device *dev = info->user_ptr[1];
  7297. struct wireless_dev *wdev = dev->ieee80211_ptr;
  7298. struct station_parameters params;
  7299. u8 *mac_addr = NULL;
  7300. u32 auth_assoc = BIT(NL80211_STA_FLAG_AUTHENTICATED) |
  7301. BIT(NL80211_STA_FLAG_ASSOCIATED);
  7302. memset(&params, 0, sizeof(params));
  7303. if (!rdev->ops->add_station)
  7304. return -EOPNOTSUPP;
  7305. if (!info->attrs[NL80211_ATTR_MAC])
  7306. return -EINVAL;
  7307. if (!info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL])
  7308. return -EINVAL;
  7309. if (!info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES])
  7310. return -EINVAL;
  7311. if (!info->attrs[NL80211_ATTR_STA_AID] &&
  7312. !info->attrs[NL80211_ATTR_PEER_AID])
  7313. return -EINVAL;
  7314. params.link_sta_params.link_id =
  7315. nl80211_link_id_or_invalid(info->attrs);
  7316. if (info->attrs[NL80211_ATTR_MLD_ADDR]) {
  7317. mac_addr = nla_data(info->attrs[NL80211_ATTR_MLD_ADDR]);
  7318. params.link_sta_params.mld_mac = mac_addr;
  7319. params.link_sta_params.link_mac =
  7320. nla_data(info->attrs[NL80211_ATTR_MAC]);
  7321. if (!is_valid_ether_addr(params.link_sta_params.link_mac))
  7322. return -EINVAL;
  7323. } else {
  7324. mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
  7325. }
  7326. params.link_sta_params.supported_rates =
  7327. nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
  7328. params.link_sta_params.supported_rates_len =
  7329. nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
  7330. params.listen_interval =
  7331. nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]);
  7332. if (info->attrs[NL80211_ATTR_VLAN_ID])
  7333. params.vlan_id = nla_get_u16(info->attrs[NL80211_ATTR_VLAN_ID]);
  7334. if (info->attrs[NL80211_ATTR_STA_SUPPORT_P2P_PS]) {
  7335. params.support_p2p_ps =
  7336. nla_get_u8(info->attrs[NL80211_ATTR_STA_SUPPORT_P2P_PS]);
  7337. } else {
  7338. /*
  7339. * if not specified, assume it's supported for P2P GO interface,
  7340. * and is NOT supported for AP interface
  7341. */
  7342. params.support_p2p_ps =
  7343. dev->ieee80211_ptr->iftype == NL80211_IFTYPE_P2P_GO;
  7344. }
  7345. if (info->attrs[NL80211_ATTR_PEER_AID])
  7346. params.aid = nla_get_u16(info->attrs[NL80211_ATTR_PEER_AID]);
  7347. else
  7348. params.aid = nla_get_u16(info->attrs[NL80211_ATTR_STA_AID]);
  7349. if (info->attrs[NL80211_ATTR_STA_CAPABILITY]) {
  7350. params.capability =
  7351. nla_get_u16(info->attrs[NL80211_ATTR_STA_CAPABILITY]);
  7352. params.sta_modify_mask |= STATION_PARAM_APPLY_CAPABILITY;
  7353. }
  7354. if (info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]) {
  7355. params.ext_capab =
  7356. nla_data(info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]);
  7357. params.ext_capab_len =
  7358. nla_len(info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]);
  7359. }
  7360. if (info->attrs[NL80211_ATTR_HT_CAPABILITY])
  7361. params.link_sta_params.ht_capa =
  7362. nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]);
  7363. if (info->attrs[NL80211_ATTR_VHT_CAPABILITY])
  7364. params.link_sta_params.vht_capa =
  7365. nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY]);
  7366. if (info->attrs[NL80211_ATTR_HE_CAPABILITY]) {
  7367. params.link_sta_params.he_capa =
  7368. nla_data(info->attrs[NL80211_ATTR_HE_CAPABILITY]);
  7369. params.link_sta_params.he_capa_len =
  7370. nla_len(info->attrs[NL80211_ATTR_HE_CAPABILITY]);
  7371. if (info->attrs[NL80211_ATTR_EHT_CAPABILITY]) {
  7372. params.link_sta_params.eht_capa =
  7373. nla_data(info->attrs[NL80211_ATTR_EHT_CAPABILITY]);
  7374. params.link_sta_params.eht_capa_len =
  7375. nla_len(info->attrs[NL80211_ATTR_EHT_CAPABILITY]);
  7376. if (!ieee80211_eht_capa_size_ok((const u8 *)params.link_sta_params.he_capa,
  7377. (const u8 *)params.link_sta_params.eht_capa,
  7378. params.link_sta_params.eht_capa_len,
  7379. false))
  7380. return -EINVAL;
  7381. }
  7382. }
  7383. if (info->attrs[NL80211_ATTR_UHR_CAPABILITY]) {
  7384. if (!params.link_sta_params.eht_capa)
  7385. return -EINVAL;
  7386. params.link_sta_params.uhr_capa =
  7387. nla_data(info->attrs[NL80211_ATTR_UHR_CAPABILITY]);
  7388. params.link_sta_params.uhr_capa_len =
  7389. nla_len(info->attrs[NL80211_ATTR_UHR_CAPABILITY]);
  7390. }
  7391. if (info->attrs[NL80211_ATTR_EML_CAPABILITY]) {
  7392. params.eml_cap_present = true;
  7393. params.eml_cap =
  7394. nla_get_u16(info->attrs[NL80211_ATTR_EML_CAPABILITY]);
  7395. }
  7396. if (info->attrs[NL80211_ATTR_HE_6GHZ_CAPABILITY])
  7397. params.link_sta_params.he_6ghz_capa =
  7398. nla_data(info->attrs[NL80211_ATTR_HE_6GHZ_CAPABILITY]);
  7399. if (info->attrs[NL80211_ATTR_S1G_CAPABILITY])
  7400. params.link_sta_params.s1g_capa =
  7401. nla_data(info->attrs[NL80211_ATTR_S1G_CAPABILITY]);
  7402. if (info->attrs[NL80211_ATTR_OPMODE_NOTIF]) {
  7403. params.link_sta_params.opmode_notif_used = true;
  7404. params.link_sta_params.opmode_notif =
  7405. nla_get_u8(info->attrs[NL80211_ATTR_OPMODE_NOTIF]);
  7406. }
  7407. if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION])
  7408. params.plink_action =
  7409. nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]);
  7410. if (info->attrs[NL80211_ATTR_AIRTIME_WEIGHT])
  7411. params.airtime_weight =
  7412. nla_get_u16(info->attrs[NL80211_ATTR_AIRTIME_WEIGHT]);
  7413. if (params.airtime_weight &&
  7414. !wiphy_ext_feature_isset(&rdev->wiphy,
  7415. NL80211_EXT_FEATURE_AIRTIME_FAIRNESS))
  7416. return -EOPNOTSUPP;
  7417. err = nl80211_parse_sta_txpower_setting(info,
  7418. &params.link_sta_params.txpwr,
  7419. &params.link_sta_params.txpwr_set);
  7420. if (err)
  7421. return err;
  7422. err = nl80211_parse_sta_channel_info(info, &params);
  7423. if (err)
  7424. return err;
  7425. err = nl80211_parse_sta_wme(info, &params);
  7426. if (err)
  7427. return err;
  7428. if (parse_station_flags(info, dev->ieee80211_ptr->iftype, &params))
  7429. return -EINVAL;
  7430. /* HT/VHT requires QoS, but if we don't have that just ignore HT/VHT
  7431. * as userspace might just pass through the capabilities from the IEs
  7432. * directly, rather than enforcing this restriction and returning an
  7433. * error in this case.
  7434. */
  7435. if (!(params.sta_flags_set & BIT(NL80211_STA_FLAG_WME))) {
  7436. params.link_sta_params.ht_capa = NULL;
  7437. params.link_sta_params.vht_capa = NULL;
  7438. /* HE, EHT and UHR require WME */
  7439. if (params.link_sta_params.he_capa_len ||
  7440. params.link_sta_params.he_6ghz_capa ||
  7441. params.link_sta_params.eht_capa_len ||
  7442. params.link_sta_params.uhr_capa_len)
  7443. return -EINVAL;
  7444. }
  7445. /* Ensure that HT/VHT capabilities are not set for 6 GHz HE STA */
  7446. if (params.link_sta_params.he_6ghz_capa &&
  7447. (params.link_sta_params.ht_capa || params.link_sta_params.vht_capa))
  7448. return -EINVAL;
  7449. /* When you run into this, adjust the code below for the new flag */
  7450. BUILD_BUG_ON(NL80211_STA_FLAG_MAX != 8);
  7451. switch (dev->ieee80211_ptr->iftype) {
  7452. case NL80211_IFTYPE_AP:
  7453. case NL80211_IFTYPE_AP_VLAN:
  7454. case NL80211_IFTYPE_P2P_GO:
  7455. /* ignore WME attributes if iface/sta is not capable */
  7456. if (!(rdev->wiphy.flags & WIPHY_FLAG_AP_UAPSD) ||
  7457. !(params.sta_flags_set & BIT(NL80211_STA_FLAG_WME)))
  7458. params.sta_modify_mask &= ~STATION_PARAM_APPLY_UAPSD;
  7459. /* TDLS peers cannot be added */
  7460. if ((params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) ||
  7461. info->attrs[NL80211_ATTR_PEER_AID])
  7462. return -EINVAL;
  7463. /* but don't bother the driver with it */
  7464. params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
  7465. /* allow authenticated/associated only if driver handles it */
  7466. if (!(rdev->wiphy.features &
  7467. NL80211_FEATURE_FULL_AP_CLIENT_STATE) &&
  7468. params.sta_flags_mask & auth_assoc)
  7469. return -EINVAL;
  7470. if (!wiphy_ext_feature_isset(&rdev->wiphy,
  7471. NL80211_EXT_FEATURE_SPP_AMSDU_SUPPORT) &&
  7472. params.sta_flags_mask & BIT(NL80211_STA_FLAG_SPP_AMSDU))
  7473. return -EINVAL;
  7474. /* Older userspace, or userspace wanting to be compatible with
  7475. * !NL80211_FEATURE_FULL_AP_CLIENT_STATE, will not set the auth
  7476. * and assoc flags in the mask, but assumes the station will be
  7477. * added as associated anyway since this was the required driver
  7478. * behaviour before NL80211_FEATURE_FULL_AP_CLIENT_STATE was
  7479. * introduced.
  7480. * In order to not bother drivers with this quirk in the API
  7481. * set the flags in both the mask and set for new stations in
  7482. * this case.
  7483. */
  7484. if (!(params.sta_flags_mask & auth_assoc)) {
  7485. params.sta_flags_mask |= auth_assoc;
  7486. params.sta_flags_set |= auth_assoc;
  7487. }
  7488. /* must be last in here for error handling */
  7489. params.vlan = get_vlan(info, rdev);
  7490. if (IS_ERR(params.vlan))
  7491. return PTR_ERR(params.vlan);
  7492. break;
  7493. case NL80211_IFTYPE_MESH_POINT:
  7494. /* ignore uAPSD data */
  7495. params.sta_modify_mask &= ~STATION_PARAM_APPLY_UAPSD;
  7496. /* associated is disallowed */
  7497. if (params.sta_flags_mask & BIT(NL80211_STA_FLAG_ASSOCIATED))
  7498. return -EINVAL;
  7499. /* TDLS peers cannot be added */
  7500. if ((params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) ||
  7501. info->attrs[NL80211_ATTR_PEER_AID])
  7502. return -EINVAL;
  7503. break;
  7504. case NL80211_IFTYPE_STATION:
  7505. case NL80211_IFTYPE_P2P_CLIENT:
  7506. /* ignore uAPSD data */
  7507. params.sta_modify_mask &= ~STATION_PARAM_APPLY_UAPSD;
  7508. /* these are disallowed */
  7509. if (params.sta_flags_mask &
  7510. (BIT(NL80211_STA_FLAG_ASSOCIATED) |
  7511. BIT(NL80211_STA_FLAG_AUTHENTICATED)))
  7512. return -EINVAL;
  7513. /* Only TDLS peers can be added */
  7514. if (!(params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)))
  7515. return -EINVAL;
  7516. /* Can only add if TDLS ... */
  7517. if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS))
  7518. return -EOPNOTSUPP;
  7519. /* ... with external setup is supported */
  7520. if (!(rdev->wiphy.flags & WIPHY_FLAG_TDLS_EXTERNAL_SETUP))
  7521. return -EOPNOTSUPP;
  7522. /*
  7523. * Older wpa_supplicant versions always mark the TDLS peer
  7524. * as authorized, but it shouldn't yet be.
  7525. */
  7526. params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_AUTHORIZED);
  7527. break;
  7528. default:
  7529. return -EOPNOTSUPP;
  7530. }
  7531. /* be aware of params.vlan when changing code here */
  7532. if (wdev->valid_links) {
  7533. if (params.link_sta_params.link_id < 0) {
  7534. err = -EINVAL;
  7535. goto out;
  7536. }
  7537. if (!(wdev->valid_links & BIT(params.link_sta_params.link_id))) {
  7538. err = -ENOLINK;
  7539. goto out;
  7540. }
  7541. } else {
  7542. if (params.link_sta_params.link_id >= 0) {
  7543. err = -EINVAL;
  7544. goto out;
  7545. }
  7546. }
  7547. params.epp_peer =
  7548. nla_get_flag(info->attrs[NL80211_ATTR_EPP_PEER]);
  7549. err = rdev_add_station(rdev, dev, mac_addr, &params);
  7550. out:
  7551. dev_put(params.vlan);
  7552. return err;
  7553. }
  7554. static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info)
  7555. {
  7556. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  7557. struct net_device *dev = info->user_ptr[1];
  7558. struct wireless_dev *wdev = dev->ieee80211_ptr;
  7559. struct station_del_parameters params;
  7560. int link_id = nl80211_link_id_or_invalid(info->attrs);
  7561. memset(&params, 0, sizeof(params));
  7562. if (info->attrs[NL80211_ATTR_MAC])
  7563. params.mac = nla_data(info->attrs[NL80211_ATTR_MAC]);
  7564. switch (wdev->iftype) {
  7565. case NL80211_IFTYPE_AP:
  7566. case NL80211_IFTYPE_AP_VLAN:
  7567. case NL80211_IFTYPE_MESH_POINT:
  7568. case NL80211_IFTYPE_P2P_GO:
  7569. /* always accept these */
  7570. break;
  7571. case NL80211_IFTYPE_ADHOC:
  7572. /* conditionally accept */
  7573. if (wiphy_ext_feature_isset(&rdev->wiphy,
  7574. NL80211_EXT_FEATURE_DEL_IBSS_STA))
  7575. break;
  7576. return -EINVAL;
  7577. default:
  7578. return -EINVAL;
  7579. }
  7580. if (!rdev->ops->del_station)
  7581. return -EOPNOTSUPP;
  7582. if (info->attrs[NL80211_ATTR_MGMT_SUBTYPE]) {
  7583. params.subtype =
  7584. nla_get_u8(info->attrs[NL80211_ATTR_MGMT_SUBTYPE]);
  7585. if (params.subtype != IEEE80211_STYPE_DISASSOC >> 4 &&
  7586. params.subtype != IEEE80211_STYPE_DEAUTH >> 4)
  7587. return -EINVAL;
  7588. } else {
  7589. /* Default to Deauthentication frame */
  7590. params.subtype = IEEE80211_STYPE_DEAUTH >> 4;
  7591. }
  7592. if (info->attrs[NL80211_ATTR_REASON_CODE]) {
  7593. params.reason_code =
  7594. nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
  7595. if (params.reason_code == 0)
  7596. return -EINVAL; /* 0 is reserved */
  7597. } else {
  7598. /* Default to reason code 2 */
  7599. params.reason_code = WLAN_REASON_PREV_AUTH_NOT_VALID;
  7600. }
  7601. /* Link ID not expected in case of non-ML operation */
  7602. if (!wdev->valid_links && link_id != -1)
  7603. return -EINVAL;
  7604. /* If given, a valid link ID should be passed during MLO */
  7605. if (wdev->valid_links && link_id >= 0 &&
  7606. !(wdev->valid_links & BIT(link_id)))
  7607. return -EINVAL;
  7608. params.link_id = link_id;
  7609. return rdev_del_station(rdev, dev, &params);
  7610. }
  7611. static int nl80211_send_mpath(struct sk_buff *msg, u32 portid, u32 seq,
  7612. int flags, struct net_device *dev,
  7613. u8 *dst, u8 *next_hop,
  7614. struct mpath_info *pinfo)
  7615. {
  7616. void *hdr;
  7617. struct nlattr *pinfoattr;
  7618. hdr = nl80211hdr_put(msg, portid, seq, flags, NL80211_CMD_NEW_MPATH);
  7619. if (!hdr)
  7620. return -1;
  7621. if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
  7622. nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, dst) ||
  7623. nla_put(msg, NL80211_ATTR_MPATH_NEXT_HOP, ETH_ALEN, next_hop) ||
  7624. nla_put_u32(msg, NL80211_ATTR_GENERATION, pinfo->generation))
  7625. goto nla_put_failure;
  7626. pinfoattr = nla_nest_start_noflag(msg, NL80211_ATTR_MPATH_INFO);
  7627. if (!pinfoattr)
  7628. goto nla_put_failure;
  7629. if ((pinfo->filled & MPATH_INFO_FRAME_QLEN) &&
  7630. nla_put_u32(msg, NL80211_MPATH_INFO_FRAME_QLEN,
  7631. pinfo->frame_qlen))
  7632. goto nla_put_failure;
  7633. if (((pinfo->filled & MPATH_INFO_SN) &&
  7634. nla_put_u32(msg, NL80211_MPATH_INFO_SN, pinfo->sn)) ||
  7635. ((pinfo->filled & MPATH_INFO_METRIC) &&
  7636. nla_put_u32(msg, NL80211_MPATH_INFO_METRIC,
  7637. pinfo->metric)) ||
  7638. ((pinfo->filled & MPATH_INFO_EXPTIME) &&
  7639. nla_put_u32(msg, NL80211_MPATH_INFO_EXPTIME,
  7640. pinfo->exptime)) ||
  7641. ((pinfo->filled & MPATH_INFO_FLAGS) &&
  7642. nla_put_u8(msg, NL80211_MPATH_INFO_FLAGS,
  7643. pinfo->flags)) ||
  7644. ((pinfo->filled & MPATH_INFO_DISCOVERY_TIMEOUT) &&
  7645. nla_put_u32(msg, NL80211_MPATH_INFO_DISCOVERY_TIMEOUT,
  7646. pinfo->discovery_timeout)) ||
  7647. ((pinfo->filled & MPATH_INFO_DISCOVERY_RETRIES) &&
  7648. nla_put_u8(msg, NL80211_MPATH_INFO_DISCOVERY_RETRIES,
  7649. pinfo->discovery_retries)) ||
  7650. ((pinfo->filled & MPATH_INFO_HOP_COUNT) &&
  7651. nla_put_u8(msg, NL80211_MPATH_INFO_HOP_COUNT,
  7652. pinfo->hop_count)) ||
  7653. ((pinfo->filled & MPATH_INFO_PATH_CHANGE) &&
  7654. nla_put_u32(msg, NL80211_MPATH_INFO_PATH_CHANGE,
  7655. pinfo->path_change_count)))
  7656. goto nla_put_failure;
  7657. nla_nest_end(msg, pinfoattr);
  7658. genlmsg_end(msg, hdr);
  7659. return 0;
  7660. nla_put_failure:
  7661. genlmsg_cancel(msg, hdr);
  7662. return -EMSGSIZE;
  7663. }
  7664. static int nl80211_dump_mpath(struct sk_buff *skb,
  7665. struct netlink_callback *cb)
  7666. {
  7667. struct mpath_info pinfo;
  7668. struct cfg80211_registered_device *rdev;
  7669. struct wireless_dev *wdev;
  7670. u8 dst[ETH_ALEN];
  7671. u8 next_hop[ETH_ALEN];
  7672. int path_idx = cb->args[2];
  7673. int err;
  7674. err = nl80211_prepare_wdev_dump(cb, &rdev, &wdev, NULL);
  7675. if (err)
  7676. return err;
  7677. /* nl80211_prepare_wdev_dump acquired it in the successful case */
  7678. __acquire(&rdev->wiphy.mtx);
  7679. if (!rdev->ops->dump_mpath) {
  7680. err = -EOPNOTSUPP;
  7681. goto out_err;
  7682. }
  7683. if (wdev->iftype != NL80211_IFTYPE_MESH_POINT) {
  7684. err = -EOPNOTSUPP;
  7685. goto out_err;
  7686. }
  7687. while (1) {
  7688. err = rdev_dump_mpath(rdev, wdev->netdev, path_idx, dst,
  7689. next_hop, &pinfo);
  7690. if (err == -ENOENT)
  7691. break;
  7692. if (err)
  7693. goto out_err;
  7694. if (nl80211_send_mpath(skb, NETLINK_CB(cb->skb).portid,
  7695. cb->nlh->nlmsg_seq, NLM_F_MULTI,
  7696. wdev->netdev, dst, next_hop,
  7697. &pinfo) < 0)
  7698. goto out;
  7699. path_idx++;
  7700. }
  7701. out:
  7702. cb->args[2] = path_idx;
  7703. err = skb->len;
  7704. out_err:
  7705. wiphy_unlock(&rdev->wiphy);
  7706. return err;
  7707. }
  7708. static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info)
  7709. {
  7710. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  7711. int err;
  7712. struct net_device *dev = info->user_ptr[1];
  7713. struct mpath_info pinfo;
  7714. struct sk_buff *msg;
  7715. u8 *dst = NULL;
  7716. u8 next_hop[ETH_ALEN];
  7717. memset(&pinfo, 0, sizeof(pinfo));
  7718. if (!info->attrs[NL80211_ATTR_MAC])
  7719. return -EINVAL;
  7720. dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
  7721. if (!rdev->ops->get_mpath)
  7722. return -EOPNOTSUPP;
  7723. if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
  7724. return -EOPNOTSUPP;
  7725. err = rdev_get_mpath(rdev, dev, dst, next_hop, &pinfo);
  7726. if (err)
  7727. return err;
  7728. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  7729. if (!msg)
  7730. return -ENOMEM;
  7731. if (nl80211_send_mpath(msg, info->snd_portid, info->snd_seq, 0,
  7732. dev, dst, next_hop, &pinfo) < 0) {
  7733. nlmsg_free(msg);
  7734. return -ENOBUFS;
  7735. }
  7736. return genlmsg_reply(msg, info);
  7737. }
  7738. static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info)
  7739. {
  7740. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  7741. struct net_device *dev = info->user_ptr[1];
  7742. u8 *dst = NULL;
  7743. u8 *next_hop = NULL;
  7744. if (!info->attrs[NL80211_ATTR_MAC])
  7745. return -EINVAL;
  7746. if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP])
  7747. return -EINVAL;
  7748. dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
  7749. next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]);
  7750. if (!rdev->ops->change_mpath)
  7751. return -EOPNOTSUPP;
  7752. if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
  7753. return -EOPNOTSUPP;
  7754. return rdev_change_mpath(rdev, dev, dst, next_hop);
  7755. }
  7756. static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info)
  7757. {
  7758. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  7759. struct net_device *dev = info->user_ptr[1];
  7760. u8 *dst = NULL;
  7761. u8 *next_hop = NULL;
  7762. if (!info->attrs[NL80211_ATTR_MAC])
  7763. return -EINVAL;
  7764. if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP])
  7765. return -EINVAL;
  7766. dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
  7767. next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]);
  7768. if (!rdev->ops->add_mpath)
  7769. return -EOPNOTSUPP;
  7770. if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
  7771. return -EOPNOTSUPP;
  7772. return rdev_add_mpath(rdev, dev, dst, next_hop);
  7773. }
  7774. static int nl80211_del_mpath(struct sk_buff *skb, struct genl_info *info)
  7775. {
  7776. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  7777. struct net_device *dev = info->user_ptr[1];
  7778. u8 *dst = NULL;
  7779. if (info->attrs[NL80211_ATTR_MAC])
  7780. dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
  7781. if (!rdev->ops->del_mpath)
  7782. return -EOPNOTSUPP;
  7783. if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
  7784. return -EOPNOTSUPP;
  7785. return rdev_del_mpath(rdev, dev, dst);
  7786. }
  7787. static int nl80211_get_mpp(struct sk_buff *skb, struct genl_info *info)
  7788. {
  7789. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  7790. int err;
  7791. struct net_device *dev = info->user_ptr[1];
  7792. struct mpath_info pinfo;
  7793. struct sk_buff *msg;
  7794. u8 *dst = NULL;
  7795. u8 mpp[ETH_ALEN];
  7796. memset(&pinfo, 0, sizeof(pinfo));
  7797. if (!info->attrs[NL80211_ATTR_MAC])
  7798. return -EINVAL;
  7799. dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
  7800. if (!rdev->ops->get_mpp)
  7801. return -EOPNOTSUPP;
  7802. if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
  7803. return -EOPNOTSUPP;
  7804. err = rdev_get_mpp(rdev, dev, dst, mpp, &pinfo);
  7805. if (err)
  7806. return err;
  7807. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  7808. if (!msg)
  7809. return -ENOMEM;
  7810. if (nl80211_send_mpath(msg, info->snd_portid, info->snd_seq, 0,
  7811. dev, dst, mpp, &pinfo) < 0) {
  7812. nlmsg_free(msg);
  7813. return -ENOBUFS;
  7814. }
  7815. return genlmsg_reply(msg, info);
  7816. }
  7817. static int nl80211_dump_mpp(struct sk_buff *skb,
  7818. struct netlink_callback *cb)
  7819. {
  7820. struct mpath_info pinfo;
  7821. struct cfg80211_registered_device *rdev;
  7822. struct wireless_dev *wdev;
  7823. u8 dst[ETH_ALEN];
  7824. u8 mpp[ETH_ALEN];
  7825. int path_idx = cb->args[2];
  7826. int err;
  7827. err = nl80211_prepare_wdev_dump(cb, &rdev, &wdev, NULL);
  7828. if (err)
  7829. return err;
  7830. /* nl80211_prepare_wdev_dump acquired it in the successful case */
  7831. __acquire(&rdev->wiphy.mtx);
  7832. if (!rdev->ops->dump_mpp) {
  7833. err = -EOPNOTSUPP;
  7834. goto out_err;
  7835. }
  7836. if (wdev->iftype != NL80211_IFTYPE_MESH_POINT) {
  7837. err = -EOPNOTSUPP;
  7838. goto out_err;
  7839. }
  7840. while (1) {
  7841. err = rdev_dump_mpp(rdev, wdev->netdev, path_idx, dst,
  7842. mpp, &pinfo);
  7843. if (err == -ENOENT)
  7844. break;
  7845. if (err)
  7846. goto out_err;
  7847. if (nl80211_send_mpath(skb, NETLINK_CB(cb->skb).portid,
  7848. cb->nlh->nlmsg_seq, NLM_F_MULTI,
  7849. wdev->netdev, dst, mpp,
  7850. &pinfo) < 0)
  7851. goto out;
  7852. path_idx++;
  7853. }
  7854. out:
  7855. cb->args[2] = path_idx;
  7856. err = skb->len;
  7857. out_err:
  7858. wiphy_unlock(&rdev->wiphy);
  7859. return err;
  7860. }
  7861. static int nl80211_set_bss(struct sk_buff *skb, struct genl_info *info)
  7862. {
  7863. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  7864. struct net_device *dev = info->user_ptr[1];
  7865. struct bss_parameters params;
  7866. u32 bss_param_support = rdev->wiphy.bss_param_support;
  7867. u32 changed = 0;
  7868. bool strict;
  7869. memset(&params, 0, sizeof(params));
  7870. params.link_id = nl80211_link_id_or_invalid(info->attrs);
  7871. /* default to not changing parameters */
  7872. params.use_cts_prot = -1;
  7873. params.use_short_preamble = -1;
  7874. params.use_short_slot_time = -1;
  7875. params.ap_isolate = -1;
  7876. params.ht_opmode = -1;
  7877. params.p2p_ctwindow = -1;
  7878. params.p2p_opp_ps = -1;
  7879. strict = nla_get_flag(info->attrs[NL80211_ATTR_BSS_PARAM]);
  7880. if (info->attrs[NL80211_ATTR_BSS_CTS_PROT]) {
  7881. if (strict && !(bss_param_support & WIPHY_BSS_PARAM_CTS_PROT))
  7882. return -EINVAL;
  7883. params.use_cts_prot =
  7884. nla_get_u8(info->attrs[NL80211_ATTR_BSS_CTS_PROT]);
  7885. changed |= WIPHY_BSS_PARAM_CTS_PROT;
  7886. }
  7887. if (info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]) {
  7888. if (strict &&
  7889. !(bss_param_support & WIPHY_BSS_PARAM_SHORT_PREAMBLE))
  7890. return -EINVAL;
  7891. params.use_short_preamble =
  7892. nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]);
  7893. changed |= WIPHY_BSS_PARAM_SHORT_PREAMBLE;
  7894. }
  7895. if (info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]) {
  7896. if (strict &&
  7897. !(bss_param_support & WIPHY_BSS_PARAM_SHORT_SLOT_TIME))
  7898. return -EINVAL;
  7899. params.use_short_slot_time =
  7900. nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]);
  7901. changed |= WIPHY_BSS_PARAM_SHORT_SLOT_TIME;
  7902. }
  7903. if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) {
  7904. if (strict &&
  7905. !(bss_param_support & WIPHY_BSS_PARAM_BASIC_RATES))
  7906. return -EINVAL;
  7907. params.basic_rates =
  7908. nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
  7909. params.basic_rates_len =
  7910. nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
  7911. changed |= WIPHY_BSS_PARAM_BASIC_RATES;
  7912. }
  7913. if (info->attrs[NL80211_ATTR_AP_ISOLATE]) {
  7914. if (strict && !(bss_param_support & WIPHY_BSS_PARAM_AP_ISOLATE))
  7915. return -EINVAL;
  7916. params.ap_isolate =
  7917. !!nla_get_u8(info->attrs[NL80211_ATTR_AP_ISOLATE]);
  7918. changed |= WIPHY_BSS_PARAM_AP_ISOLATE;
  7919. }
  7920. if (info->attrs[NL80211_ATTR_BSS_HT_OPMODE]) {
  7921. if (strict && !(bss_param_support & WIPHY_BSS_PARAM_HT_OPMODE))
  7922. return -EINVAL;
  7923. params.ht_opmode =
  7924. nla_get_u16(info->attrs[NL80211_ATTR_BSS_HT_OPMODE]);
  7925. changed |= WIPHY_BSS_PARAM_HT_OPMODE;
  7926. }
  7927. if (info->attrs[NL80211_ATTR_P2P_CTWINDOW]) {
  7928. if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
  7929. return -EINVAL;
  7930. params.p2p_ctwindow =
  7931. nla_get_u8(info->attrs[NL80211_ATTR_P2P_CTWINDOW]);
  7932. if (params.p2p_ctwindow != 0 &&
  7933. !(bss_param_support & WIPHY_BSS_PARAM_P2P_CTWINDOW))
  7934. return -EINVAL;
  7935. changed |= WIPHY_BSS_PARAM_P2P_CTWINDOW;
  7936. }
  7937. if (info->attrs[NL80211_ATTR_P2P_OPPPS]) {
  7938. u8 tmp;
  7939. if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
  7940. return -EINVAL;
  7941. tmp = nla_get_u8(info->attrs[NL80211_ATTR_P2P_OPPPS]);
  7942. if (tmp && !(bss_param_support & WIPHY_BSS_PARAM_P2P_OPPPS))
  7943. return -EINVAL;
  7944. params.p2p_opp_ps = tmp;
  7945. if (params.p2p_opp_ps &&
  7946. !(rdev->wiphy.bss_param_support & WIPHY_BSS_PARAM_P2P_OPPPS))
  7947. return -EINVAL;
  7948. }
  7949. if (!rdev->ops->change_bss)
  7950. return -EOPNOTSUPP;
  7951. if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
  7952. dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
  7953. return -EOPNOTSUPP;
  7954. changed &= rdev->wiphy.bss_param_support;
  7955. if (!changed)
  7956. return 0;
  7957. return rdev_change_bss(rdev, dev, &params);
  7958. }
  7959. static int nl80211_req_set_reg(struct sk_buff *skb, struct genl_info *info)
  7960. {
  7961. char *data = NULL;
  7962. bool is_indoor;
  7963. enum nl80211_user_reg_hint_type user_reg_hint_type;
  7964. u32 owner_nlportid;
  7965. /*
  7966. * You should only get this when cfg80211 hasn't yet initialized
  7967. * completely when built-in to the kernel right between the time
  7968. * window between nl80211_init() and regulatory_init(), if that is
  7969. * even possible.
  7970. */
  7971. if (unlikely(!rcu_access_pointer(cfg80211_regdomain)))
  7972. return -EINPROGRESS;
  7973. user_reg_hint_type =
  7974. nla_get_u32_default(info->attrs[NL80211_ATTR_USER_REG_HINT_TYPE],
  7975. NL80211_USER_REG_HINT_USER);
  7976. switch (user_reg_hint_type) {
  7977. case NL80211_USER_REG_HINT_USER:
  7978. case NL80211_USER_REG_HINT_CELL_BASE:
  7979. if (!info->attrs[NL80211_ATTR_REG_ALPHA2])
  7980. return -EINVAL;
  7981. data = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]);
  7982. return regulatory_hint_user(data, user_reg_hint_type);
  7983. case NL80211_USER_REG_HINT_INDOOR:
  7984. if (info->attrs[NL80211_ATTR_SOCKET_OWNER]) {
  7985. owner_nlportid = info->snd_portid;
  7986. is_indoor = !!info->attrs[NL80211_ATTR_REG_INDOOR];
  7987. } else {
  7988. owner_nlportid = 0;
  7989. is_indoor = true;
  7990. }
  7991. regulatory_hint_indoor(is_indoor, owner_nlportid);
  7992. return 0;
  7993. default:
  7994. return -EINVAL;
  7995. }
  7996. }
  7997. static int nl80211_reload_regdb(struct sk_buff *skb, struct genl_info *info)
  7998. {
  7999. return reg_reload_regdb();
  8000. }
  8001. static int nl80211_get_mesh_config(struct sk_buff *skb,
  8002. struct genl_info *info)
  8003. {
  8004. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  8005. struct net_device *dev = info->user_ptr[1];
  8006. struct wireless_dev *wdev = dev->ieee80211_ptr;
  8007. struct mesh_config cur_params;
  8008. int err = 0;
  8009. void *hdr;
  8010. struct nlattr *pinfoattr;
  8011. struct sk_buff *msg;
  8012. if (wdev->iftype != NL80211_IFTYPE_MESH_POINT)
  8013. return -EOPNOTSUPP;
  8014. if (!rdev->ops->get_mesh_config)
  8015. return -EOPNOTSUPP;
  8016. /* If not connected, get default parameters */
  8017. if (!wdev->u.mesh.id_len)
  8018. memcpy(&cur_params, &default_mesh_config, sizeof(cur_params));
  8019. else
  8020. err = rdev_get_mesh_config(rdev, dev, &cur_params);
  8021. if (err)
  8022. return err;
  8023. /* Draw up a netlink message to send back */
  8024. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  8025. if (!msg)
  8026. return -ENOMEM;
  8027. hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
  8028. NL80211_CMD_GET_MESH_CONFIG);
  8029. if (!hdr)
  8030. goto out;
  8031. pinfoattr = nla_nest_start_noflag(msg, NL80211_ATTR_MESH_CONFIG);
  8032. if (!pinfoattr)
  8033. goto nla_put_failure;
  8034. if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
  8035. nla_put_u16(msg, NL80211_MESHCONF_RETRY_TIMEOUT,
  8036. cur_params.dot11MeshRetryTimeout) ||
  8037. nla_put_u16(msg, NL80211_MESHCONF_CONFIRM_TIMEOUT,
  8038. cur_params.dot11MeshConfirmTimeout) ||
  8039. nla_put_u16(msg, NL80211_MESHCONF_HOLDING_TIMEOUT,
  8040. cur_params.dot11MeshHoldingTimeout) ||
  8041. nla_put_u16(msg, NL80211_MESHCONF_MAX_PEER_LINKS,
  8042. cur_params.dot11MeshMaxPeerLinks) ||
  8043. nla_put_u8(msg, NL80211_MESHCONF_MAX_RETRIES,
  8044. cur_params.dot11MeshMaxRetries) ||
  8045. nla_put_u8(msg, NL80211_MESHCONF_TTL,
  8046. cur_params.dot11MeshTTL) ||
  8047. nla_put_u8(msg, NL80211_MESHCONF_ELEMENT_TTL,
  8048. cur_params.element_ttl) ||
  8049. nla_put_u8(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS,
  8050. cur_params.auto_open_plinks) ||
  8051. nla_put_u32(msg, NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR,
  8052. cur_params.dot11MeshNbrOffsetMaxNeighbor) ||
  8053. nla_put_u8(msg, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES,
  8054. cur_params.dot11MeshHWMPmaxPREQretries) ||
  8055. nla_put_u32(msg, NL80211_MESHCONF_PATH_REFRESH_TIME,
  8056. cur_params.path_refresh_time) ||
  8057. nla_put_u16(msg, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT,
  8058. cur_params.min_discovery_timeout) ||
  8059. nla_put_u32(msg, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT,
  8060. cur_params.dot11MeshHWMPactivePathTimeout) ||
  8061. nla_put_u16(msg, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL,
  8062. cur_params.dot11MeshHWMPpreqMinInterval) ||
  8063. nla_put_u16(msg, NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL,
  8064. cur_params.dot11MeshHWMPperrMinInterval) ||
  8065. nla_put_u16(msg, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME,
  8066. cur_params.dot11MeshHWMPnetDiameterTraversalTime) ||
  8067. nla_put_u8(msg, NL80211_MESHCONF_HWMP_ROOTMODE,
  8068. cur_params.dot11MeshHWMPRootMode) ||
  8069. nla_put_u16(msg, NL80211_MESHCONF_HWMP_RANN_INTERVAL,
  8070. cur_params.dot11MeshHWMPRannInterval) ||
  8071. nla_put_u8(msg, NL80211_MESHCONF_GATE_ANNOUNCEMENTS,
  8072. cur_params.dot11MeshGateAnnouncementProtocol) ||
  8073. nla_put_u8(msg, NL80211_MESHCONF_FORWARDING,
  8074. cur_params.dot11MeshForwarding) ||
  8075. nla_put_s32(msg, NL80211_MESHCONF_RSSI_THRESHOLD,
  8076. cur_params.rssi_threshold) ||
  8077. nla_put_u32(msg, NL80211_MESHCONF_HT_OPMODE,
  8078. cur_params.ht_opmode) ||
  8079. nla_put_u32(msg, NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT,
  8080. cur_params.dot11MeshHWMPactivePathToRootTimeout) ||
  8081. nla_put_u16(msg, NL80211_MESHCONF_HWMP_ROOT_INTERVAL,
  8082. cur_params.dot11MeshHWMProotInterval) ||
  8083. nla_put_u16(msg, NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL,
  8084. cur_params.dot11MeshHWMPconfirmationInterval) ||
  8085. nla_put_u32(msg, NL80211_MESHCONF_POWER_MODE,
  8086. cur_params.power_mode) ||
  8087. nla_put_u16(msg, NL80211_MESHCONF_AWAKE_WINDOW,
  8088. cur_params.dot11MeshAwakeWindowDuration) ||
  8089. nla_put_u32(msg, NL80211_MESHCONF_PLINK_TIMEOUT,
  8090. cur_params.plink_timeout) ||
  8091. nla_put_u8(msg, NL80211_MESHCONF_CONNECTED_TO_GATE,
  8092. cur_params.dot11MeshConnectedToMeshGate) ||
  8093. nla_put_u8(msg, NL80211_MESHCONF_NOLEARN,
  8094. cur_params.dot11MeshNolearn) ||
  8095. nla_put_u8(msg, NL80211_MESHCONF_CONNECTED_TO_AS,
  8096. cur_params.dot11MeshConnectedToAuthServer))
  8097. goto nla_put_failure;
  8098. nla_nest_end(msg, pinfoattr);
  8099. genlmsg_end(msg, hdr);
  8100. return genlmsg_reply(msg, info);
  8101. nla_put_failure:
  8102. out:
  8103. nlmsg_free(msg);
  8104. return -ENOBUFS;
  8105. }
  8106. static const struct nla_policy
  8107. nl80211_meshconf_params_policy[NL80211_MESHCONF_ATTR_MAX+1] = {
  8108. [NL80211_MESHCONF_RETRY_TIMEOUT] =
  8109. NLA_POLICY_RANGE(NLA_U16, 1, 255),
  8110. [NL80211_MESHCONF_CONFIRM_TIMEOUT] =
  8111. NLA_POLICY_RANGE(NLA_U16, 1, 255),
  8112. [NL80211_MESHCONF_HOLDING_TIMEOUT] =
  8113. NLA_POLICY_RANGE(NLA_U16, 1, 255),
  8114. [NL80211_MESHCONF_MAX_PEER_LINKS] =
  8115. NLA_POLICY_RANGE(NLA_U16, 0, 255),
  8116. [NL80211_MESHCONF_MAX_RETRIES] = NLA_POLICY_MAX(NLA_U8, 16),
  8117. [NL80211_MESHCONF_TTL] = NLA_POLICY_MIN(NLA_U8, 1),
  8118. [NL80211_MESHCONF_ELEMENT_TTL] = NLA_POLICY_MIN(NLA_U8, 1),
  8119. [NL80211_MESHCONF_AUTO_OPEN_PLINKS] = NLA_POLICY_MAX(NLA_U8, 1),
  8120. [NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR] =
  8121. NLA_POLICY_RANGE(NLA_U32, 1, 255),
  8122. [NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES] = { .type = NLA_U8 },
  8123. [NL80211_MESHCONF_PATH_REFRESH_TIME] = { .type = NLA_U32 },
  8124. [NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT] = NLA_POLICY_MIN(NLA_U16, 1),
  8125. [NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT] = { .type = NLA_U32 },
  8126. [NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL] =
  8127. NLA_POLICY_MIN(NLA_U16, 1),
  8128. [NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL] =
  8129. NLA_POLICY_MIN(NLA_U16, 1),
  8130. [NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME] =
  8131. NLA_POLICY_MIN(NLA_U16, 1),
  8132. [NL80211_MESHCONF_HWMP_ROOTMODE] = NLA_POLICY_MAX(NLA_U8, 4),
  8133. [NL80211_MESHCONF_HWMP_RANN_INTERVAL] =
  8134. NLA_POLICY_MIN(NLA_U16, 1),
  8135. [NL80211_MESHCONF_GATE_ANNOUNCEMENTS] = NLA_POLICY_MAX(NLA_U8, 1),
  8136. [NL80211_MESHCONF_FORWARDING] = NLA_POLICY_MAX(NLA_U8, 1),
  8137. [NL80211_MESHCONF_RSSI_THRESHOLD] =
  8138. NLA_POLICY_RANGE(NLA_S32, -255, 0),
  8139. [NL80211_MESHCONF_HT_OPMODE] = { .type = NLA_U16 },
  8140. [NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT] = { .type = NLA_U32 },
  8141. [NL80211_MESHCONF_HWMP_ROOT_INTERVAL] =
  8142. NLA_POLICY_MIN(NLA_U16, 1),
  8143. [NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL] =
  8144. NLA_POLICY_MIN(NLA_U16, 1),
  8145. [NL80211_MESHCONF_POWER_MODE] =
  8146. NLA_POLICY_RANGE(NLA_U32,
  8147. NL80211_MESH_POWER_ACTIVE,
  8148. NL80211_MESH_POWER_MAX),
  8149. [NL80211_MESHCONF_AWAKE_WINDOW] = { .type = NLA_U16 },
  8150. [NL80211_MESHCONF_PLINK_TIMEOUT] = { .type = NLA_U32 },
  8151. [NL80211_MESHCONF_CONNECTED_TO_GATE] = NLA_POLICY_RANGE(NLA_U8, 0, 1),
  8152. [NL80211_MESHCONF_NOLEARN] = NLA_POLICY_RANGE(NLA_U8, 0, 1),
  8153. [NL80211_MESHCONF_CONNECTED_TO_AS] = NLA_POLICY_RANGE(NLA_U8, 0, 1),
  8154. };
  8155. static const struct nla_policy
  8156. nl80211_mesh_setup_params_policy[NL80211_MESH_SETUP_ATTR_MAX+1] = {
  8157. [NL80211_MESH_SETUP_ENABLE_VENDOR_SYNC] = { .type = NLA_U8 },
  8158. [NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL] = { .type = NLA_U8 },
  8159. [NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC] = { .type = NLA_U8 },
  8160. [NL80211_MESH_SETUP_USERSPACE_AUTH] = { .type = NLA_FLAG },
  8161. [NL80211_MESH_SETUP_AUTH_PROTOCOL] = { .type = NLA_U8 },
  8162. [NL80211_MESH_SETUP_USERSPACE_MPM] = { .type = NLA_FLAG },
  8163. [NL80211_MESH_SETUP_IE] =
  8164. NLA_POLICY_VALIDATE_FN(NLA_BINARY, validate_ie_attr,
  8165. IEEE80211_MAX_DATA_LEN),
  8166. [NL80211_MESH_SETUP_USERSPACE_AMPE] = { .type = NLA_FLAG },
  8167. };
  8168. static int nl80211_parse_mesh_config(struct genl_info *info,
  8169. struct mesh_config *cfg,
  8170. u32 *mask_out)
  8171. {
  8172. struct nlattr *tb[NL80211_MESHCONF_ATTR_MAX + 1];
  8173. u32 mask = 0;
  8174. u16 ht_opmode;
  8175. #define FILL_IN_MESH_PARAM_IF_SET(tb, cfg, param, mask, attr, fn) \
  8176. do { \
  8177. if (tb[attr]) { \
  8178. cfg->param = fn(tb[attr]); \
  8179. mask |= BIT((attr) - 1); \
  8180. } \
  8181. } while (0)
  8182. if (!info->attrs[NL80211_ATTR_MESH_CONFIG])
  8183. return -EINVAL;
  8184. if (nla_parse_nested_deprecated(tb, NL80211_MESHCONF_ATTR_MAX, info->attrs[NL80211_ATTR_MESH_CONFIG], nl80211_meshconf_params_policy, info->extack))
  8185. return -EINVAL;
  8186. /* This makes sure that there aren't more than 32 mesh config
  8187. * parameters (otherwise our bitfield scheme would not work.) */
  8188. BUILD_BUG_ON(NL80211_MESHCONF_ATTR_MAX > 32);
  8189. /* Fill in the params struct */
  8190. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshRetryTimeout, mask,
  8191. NL80211_MESHCONF_RETRY_TIMEOUT, nla_get_u16);
  8192. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshConfirmTimeout, mask,
  8193. NL80211_MESHCONF_CONFIRM_TIMEOUT,
  8194. nla_get_u16);
  8195. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHoldingTimeout, mask,
  8196. NL80211_MESHCONF_HOLDING_TIMEOUT,
  8197. nla_get_u16);
  8198. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxPeerLinks, mask,
  8199. NL80211_MESHCONF_MAX_PEER_LINKS,
  8200. nla_get_u16);
  8201. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxRetries, mask,
  8202. NL80211_MESHCONF_MAX_RETRIES, nla_get_u8);
  8203. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshTTL, mask,
  8204. NL80211_MESHCONF_TTL, nla_get_u8);
  8205. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, element_ttl, mask,
  8206. NL80211_MESHCONF_ELEMENT_TTL, nla_get_u8);
  8207. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, auto_open_plinks, mask,
  8208. NL80211_MESHCONF_AUTO_OPEN_PLINKS,
  8209. nla_get_u8);
  8210. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshNbrOffsetMaxNeighbor,
  8211. mask,
  8212. NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR,
  8213. nla_get_u32);
  8214. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPmaxPREQretries, mask,
  8215. NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES,
  8216. nla_get_u8);
  8217. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, path_refresh_time, mask,
  8218. NL80211_MESHCONF_PATH_REFRESH_TIME,
  8219. nla_get_u32);
  8220. if (mask & BIT(NL80211_MESHCONF_PATH_REFRESH_TIME) &&
  8221. (cfg->path_refresh_time < 1 || cfg->path_refresh_time > 65535))
  8222. return -EINVAL;
  8223. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, min_discovery_timeout, mask,
  8224. NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT,
  8225. nla_get_u16);
  8226. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPactivePathTimeout,
  8227. mask,
  8228. NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT,
  8229. nla_get_u32);
  8230. if (mask & BIT(NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT) &&
  8231. (cfg->dot11MeshHWMPactivePathTimeout < 1 ||
  8232. cfg->dot11MeshHWMPactivePathTimeout > 65535))
  8233. return -EINVAL;
  8234. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPpreqMinInterval, mask,
  8235. NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL,
  8236. nla_get_u16);
  8237. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPperrMinInterval, mask,
  8238. NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL,
  8239. nla_get_u16);
  8240. FILL_IN_MESH_PARAM_IF_SET(tb, cfg,
  8241. dot11MeshHWMPnetDiameterTraversalTime, mask,
  8242. NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME,
  8243. nla_get_u16);
  8244. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPRootMode, mask,
  8245. NL80211_MESHCONF_HWMP_ROOTMODE, nla_get_u8);
  8246. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPRannInterval, mask,
  8247. NL80211_MESHCONF_HWMP_RANN_INTERVAL,
  8248. nla_get_u16);
  8249. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshGateAnnouncementProtocol,
  8250. mask, NL80211_MESHCONF_GATE_ANNOUNCEMENTS,
  8251. nla_get_u8);
  8252. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshForwarding, mask,
  8253. NL80211_MESHCONF_FORWARDING, nla_get_u8);
  8254. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, rssi_threshold, mask,
  8255. NL80211_MESHCONF_RSSI_THRESHOLD,
  8256. nla_get_s32);
  8257. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshConnectedToMeshGate, mask,
  8258. NL80211_MESHCONF_CONNECTED_TO_GATE,
  8259. nla_get_u8);
  8260. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshConnectedToAuthServer, mask,
  8261. NL80211_MESHCONF_CONNECTED_TO_AS,
  8262. nla_get_u8);
  8263. /*
  8264. * Check HT operation mode based on
  8265. * IEEE 802.11-2016 9.4.2.57 HT Operation element.
  8266. */
  8267. if (tb[NL80211_MESHCONF_HT_OPMODE]) {
  8268. ht_opmode = nla_get_u16(tb[NL80211_MESHCONF_HT_OPMODE]);
  8269. if (ht_opmode & ~(IEEE80211_HT_OP_MODE_PROTECTION |
  8270. IEEE80211_HT_OP_MODE_NON_GF_STA_PRSNT |
  8271. IEEE80211_HT_OP_MODE_NON_HT_STA_PRSNT))
  8272. return -EINVAL;
  8273. /* NON_HT_STA bit is reserved, but some programs set it */
  8274. ht_opmode &= ~IEEE80211_HT_OP_MODE_NON_HT_STA_PRSNT;
  8275. cfg->ht_opmode = ht_opmode;
  8276. mask |= (1 << (NL80211_MESHCONF_HT_OPMODE - 1));
  8277. }
  8278. FILL_IN_MESH_PARAM_IF_SET(tb, cfg,
  8279. dot11MeshHWMPactivePathToRootTimeout, mask,
  8280. NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT,
  8281. nla_get_u32);
  8282. if (mask & BIT(NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT) &&
  8283. (cfg->dot11MeshHWMPactivePathToRootTimeout < 1 ||
  8284. cfg->dot11MeshHWMPactivePathToRootTimeout > 65535))
  8285. return -EINVAL;
  8286. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMProotInterval, mask,
  8287. NL80211_MESHCONF_HWMP_ROOT_INTERVAL,
  8288. nla_get_u16);
  8289. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPconfirmationInterval,
  8290. mask,
  8291. NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL,
  8292. nla_get_u16);
  8293. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, power_mode, mask,
  8294. NL80211_MESHCONF_POWER_MODE, nla_get_u32);
  8295. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshAwakeWindowDuration, mask,
  8296. NL80211_MESHCONF_AWAKE_WINDOW, nla_get_u16);
  8297. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, plink_timeout, mask,
  8298. NL80211_MESHCONF_PLINK_TIMEOUT, nla_get_u32);
  8299. FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshNolearn, mask,
  8300. NL80211_MESHCONF_NOLEARN, nla_get_u8);
  8301. if (mask_out)
  8302. *mask_out = mask;
  8303. return 0;
  8304. #undef FILL_IN_MESH_PARAM_IF_SET
  8305. }
  8306. static int nl80211_parse_mesh_setup(struct genl_info *info,
  8307. struct mesh_setup *setup)
  8308. {
  8309. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  8310. struct nlattr *tb[NL80211_MESH_SETUP_ATTR_MAX + 1];
  8311. if (!info->attrs[NL80211_ATTR_MESH_SETUP])
  8312. return -EINVAL;
  8313. if (nla_parse_nested_deprecated(tb, NL80211_MESH_SETUP_ATTR_MAX, info->attrs[NL80211_ATTR_MESH_SETUP], nl80211_mesh_setup_params_policy, info->extack))
  8314. return -EINVAL;
  8315. if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_SYNC])
  8316. setup->sync_method =
  8317. (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_SYNC])) ?
  8318. IEEE80211_SYNC_METHOD_VENDOR :
  8319. IEEE80211_SYNC_METHOD_NEIGHBOR_OFFSET;
  8320. if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL])
  8321. setup->path_sel_proto =
  8322. (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL])) ?
  8323. IEEE80211_PATH_PROTOCOL_VENDOR :
  8324. IEEE80211_PATH_PROTOCOL_HWMP;
  8325. if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC])
  8326. setup->path_metric =
  8327. (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC])) ?
  8328. IEEE80211_PATH_METRIC_VENDOR :
  8329. IEEE80211_PATH_METRIC_AIRTIME;
  8330. if (tb[NL80211_MESH_SETUP_IE]) {
  8331. struct nlattr *ieattr =
  8332. tb[NL80211_MESH_SETUP_IE];
  8333. setup->ie = nla_data(ieattr);
  8334. setup->ie_len = nla_len(ieattr);
  8335. }
  8336. if (tb[NL80211_MESH_SETUP_USERSPACE_MPM] &&
  8337. !(rdev->wiphy.features & NL80211_FEATURE_USERSPACE_MPM))
  8338. return -EINVAL;
  8339. setup->user_mpm = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_MPM]);
  8340. setup->is_authenticated = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_AUTH]);
  8341. setup->is_secure = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_AMPE]);
  8342. if (setup->is_secure)
  8343. setup->user_mpm = true;
  8344. if (tb[NL80211_MESH_SETUP_AUTH_PROTOCOL]) {
  8345. if (!setup->user_mpm)
  8346. return -EINVAL;
  8347. setup->auth_id =
  8348. nla_get_u8(tb[NL80211_MESH_SETUP_AUTH_PROTOCOL]);
  8349. }
  8350. return 0;
  8351. }
  8352. static int nl80211_update_mesh_config(struct sk_buff *skb,
  8353. struct genl_info *info)
  8354. {
  8355. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  8356. struct net_device *dev = info->user_ptr[1];
  8357. struct wireless_dev *wdev = dev->ieee80211_ptr;
  8358. struct mesh_config cfg = {};
  8359. u32 mask;
  8360. int err;
  8361. if (wdev->iftype != NL80211_IFTYPE_MESH_POINT)
  8362. return -EOPNOTSUPP;
  8363. if (!rdev->ops->update_mesh_config)
  8364. return -EOPNOTSUPP;
  8365. err = nl80211_parse_mesh_config(info, &cfg, &mask);
  8366. if (err)
  8367. return err;
  8368. if (!wdev->u.mesh.id_len)
  8369. err = -ENOLINK;
  8370. if (!err)
  8371. err = rdev_update_mesh_config(rdev, dev, mask, &cfg);
  8372. return err;
  8373. }
  8374. static int nl80211_put_regdom(const struct ieee80211_regdomain *regdom,
  8375. struct sk_buff *msg)
  8376. {
  8377. struct nlattr *nl_reg_rules;
  8378. unsigned int i;
  8379. if (nla_put_string(msg, NL80211_ATTR_REG_ALPHA2, regdom->alpha2) ||
  8380. (regdom->dfs_region &&
  8381. nla_put_u8(msg, NL80211_ATTR_DFS_REGION, regdom->dfs_region)))
  8382. goto nla_put_failure;
  8383. nl_reg_rules = nla_nest_start_noflag(msg, NL80211_ATTR_REG_RULES);
  8384. if (!nl_reg_rules)
  8385. goto nla_put_failure;
  8386. for (i = 0; i < regdom->n_reg_rules; i++) {
  8387. struct nlattr *nl_reg_rule;
  8388. const struct ieee80211_reg_rule *reg_rule;
  8389. const struct ieee80211_freq_range *freq_range;
  8390. const struct ieee80211_power_rule *power_rule;
  8391. unsigned int max_bandwidth_khz;
  8392. reg_rule = &regdom->reg_rules[i];
  8393. freq_range = &reg_rule->freq_range;
  8394. power_rule = &reg_rule->power_rule;
  8395. nl_reg_rule = nla_nest_start_noflag(msg, i);
  8396. if (!nl_reg_rule)
  8397. goto nla_put_failure;
  8398. max_bandwidth_khz = freq_range->max_bandwidth_khz;
  8399. if (!max_bandwidth_khz)
  8400. max_bandwidth_khz = reg_get_max_bandwidth(regdom,
  8401. reg_rule);
  8402. if (nla_put_u32(msg, NL80211_ATTR_REG_RULE_FLAGS,
  8403. reg_rule->flags) ||
  8404. nla_put_u32(msg, NL80211_ATTR_FREQ_RANGE_START,
  8405. freq_range->start_freq_khz) ||
  8406. nla_put_u32(msg, NL80211_ATTR_FREQ_RANGE_END,
  8407. freq_range->end_freq_khz) ||
  8408. nla_put_u32(msg, NL80211_ATTR_FREQ_RANGE_MAX_BW,
  8409. max_bandwidth_khz) ||
  8410. nla_put_u32(msg, NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN,
  8411. power_rule->max_antenna_gain) ||
  8412. nla_put_u32(msg, NL80211_ATTR_POWER_RULE_MAX_EIRP,
  8413. power_rule->max_eirp) ||
  8414. nla_put_u32(msg, NL80211_ATTR_DFS_CAC_TIME,
  8415. reg_rule->dfs_cac_ms))
  8416. goto nla_put_failure;
  8417. if ((reg_rule->flags & NL80211_RRF_PSD) &&
  8418. nla_put_s8(msg, NL80211_ATTR_POWER_RULE_PSD,
  8419. reg_rule->psd))
  8420. goto nla_put_failure;
  8421. nla_nest_end(msg, nl_reg_rule);
  8422. }
  8423. nla_nest_end(msg, nl_reg_rules);
  8424. return 0;
  8425. nla_put_failure:
  8426. return -EMSGSIZE;
  8427. }
  8428. static int nl80211_get_reg_do(struct sk_buff *skb, struct genl_info *info)
  8429. {
  8430. const struct ieee80211_regdomain *regdom = NULL;
  8431. struct cfg80211_registered_device *rdev;
  8432. struct wiphy *wiphy = NULL;
  8433. struct sk_buff *msg;
  8434. int err = -EMSGSIZE;
  8435. void *hdr;
  8436. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  8437. if (!msg)
  8438. return -ENOBUFS;
  8439. hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
  8440. NL80211_CMD_GET_REG);
  8441. if (!hdr)
  8442. goto put_failure;
  8443. rtnl_lock();
  8444. if (info->attrs[NL80211_ATTR_WIPHY]) {
  8445. bool self_managed;
  8446. rdev = cfg80211_get_dev_from_info(genl_info_net(info), info);
  8447. if (IS_ERR(rdev)) {
  8448. err = PTR_ERR(rdev);
  8449. goto nla_put_failure;
  8450. }
  8451. wiphy = &rdev->wiphy;
  8452. self_managed = wiphy->regulatory_flags &
  8453. REGULATORY_WIPHY_SELF_MANAGED;
  8454. rcu_read_lock();
  8455. regdom = get_wiphy_regdom(wiphy);
  8456. /* a self-managed-reg device must have a private regdom */
  8457. if (WARN_ON(!regdom && self_managed)) {
  8458. err = -EINVAL;
  8459. goto nla_put_failure_rcu;
  8460. }
  8461. if (regdom &&
  8462. nla_put_u32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy)))
  8463. goto nla_put_failure_rcu;
  8464. } else {
  8465. rcu_read_lock();
  8466. }
  8467. if (!wiphy && reg_last_request_cell_base() &&
  8468. nla_put_u32(msg, NL80211_ATTR_USER_REG_HINT_TYPE,
  8469. NL80211_USER_REG_HINT_CELL_BASE))
  8470. goto nla_put_failure_rcu;
  8471. if (!regdom)
  8472. regdom = rcu_dereference(cfg80211_regdomain);
  8473. if (nl80211_put_regdom(regdom, msg))
  8474. goto nla_put_failure_rcu;
  8475. rcu_read_unlock();
  8476. genlmsg_end(msg, hdr);
  8477. rtnl_unlock();
  8478. return genlmsg_reply(msg, info);
  8479. nla_put_failure_rcu:
  8480. rcu_read_unlock();
  8481. nla_put_failure:
  8482. rtnl_unlock();
  8483. put_failure:
  8484. nlmsg_free(msg);
  8485. return err;
  8486. }
  8487. static int nl80211_send_regdom(struct sk_buff *msg, struct netlink_callback *cb,
  8488. u32 seq, int flags, struct wiphy *wiphy,
  8489. const struct ieee80211_regdomain *regdom)
  8490. {
  8491. void *hdr = nl80211hdr_put(msg, NETLINK_CB(cb->skb).portid, seq, flags,
  8492. NL80211_CMD_GET_REG);
  8493. if (!hdr)
  8494. return -1;
  8495. genl_dump_check_consistent(cb, hdr);
  8496. if (nl80211_put_regdom(regdom, msg))
  8497. goto nla_put_failure;
  8498. if (!wiphy && reg_last_request_cell_base() &&
  8499. nla_put_u32(msg, NL80211_ATTR_USER_REG_HINT_TYPE,
  8500. NL80211_USER_REG_HINT_CELL_BASE))
  8501. goto nla_put_failure;
  8502. if (wiphy &&
  8503. nla_put_u32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy)))
  8504. goto nla_put_failure;
  8505. if (wiphy && wiphy->regulatory_flags & REGULATORY_WIPHY_SELF_MANAGED &&
  8506. nla_put_flag(msg, NL80211_ATTR_WIPHY_SELF_MANAGED_REG))
  8507. goto nla_put_failure;
  8508. genlmsg_end(msg, hdr);
  8509. return 0;
  8510. nla_put_failure:
  8511. genlmsg_cancel(msg, hdr);
  8512. return -EMSGSIZE;
  8513. }
  8514. static int nl80211_get_reg_dump(struct sk_buff *skb,
  8515. struct netlink_callback *cb)
  8516. {
  8517. const struct ieee80211_regdomain *regdom = NULL;
  8518. struct cfg80211_registered_device *rdev;
  8519. int err, reg_idx, start = cb->args[2];
  8520. rcu_read_lock();
  8521. if (cfg80211_regdomain && start == 0) {
  8522. err = nl80211_send_regdom(skb, cb, cb->nlh->nlmsg_seq,
  8523. NLM_F_MULTI, NULL,
  8524. rcu_dereference(cfg80211_regdomain));
  8525. if (err < 0)
  8526. goto out_err;
  8527. }
  8528. /* the global regdom is idx 0 */
  8529. reg_idx = 1;
  8530. list_for_each_entry_rcu(rdev, &cfg80211_rdev_list, list) {
  8531. regdom = get_wiphy_regdom(&rdev->wiphy);
  8532. if (!regdom)
  8533. continue;
  8534. if (++reg_idx <= start)
  8535. continue;
  8536. err = nl80211_send_regdom(skb, cb, cb->nlh->nlmsg_seq,
  8537. NLM_F_MULTI, &rdev->wiphy, regdom);
  8538. if (err < 0) {
  8539. reg_idx--;
  8540. break;
  8541. }
  8542. }
  8543. cb->args[2] = reg_idx;
  8544. err = skb->len;
  8545. out_err:
  8546. rcu_read_unlock();
  8547. return err;
  8548. }
  8549. #ifdef CONFIG_CFG80211_CRDA_SUPPORT
  8550. static const struct nla_policy reg_rule_policy[NL80211_REG_RULE_ATTR_MAX + 1] = {
  8551. [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 },
  8552. [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 },
  8553. [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 },
  8554. [NL80211_ATTR_FREQ_RANGE_MAX_BW] = { .type = NLA_U32 },
  8555. [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 },
  8556. [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 },
  8557. [NL80211_ATTR_DFS_CAC_TIME] = { .type = NLA_U32 },
  8558. };
  8559. static int parse_reg_rule(struct nlattr *tb[],
  8560. struct ieee80211_reg_rule *reg_rule)
  8561. {
  8562. struct ieee80211_freq_range *freq_range = &reg_rule->freq_range;
  8563. struct ieee80211_power_rule *power_rule = &reg_rule->power_rule;
  8564. if (!tb[NL80211_ATTR_REG_RULE_FLAGS])
  8565. return -EINVAL;
  8566. if (!tb[NL80211_ATTR_FREQ_RANGE_START])
  8567. return -EINVAL;
  8568. if (!tb[NL80211_ATTR_FREQ_RANGE_END])
  8569. return -EINVAL;
  8570. if (!tb[NL80211_ATTR_FREQ_RANGE_MAX_BW])
  8571. return -EINVAL;
  8572. if (!tb[NL80211_ATTR_POWER_RULE_MAX_EIRP])
  8573. return -EINVAL;
  8574. reg_rule->flags = nla_get_u32(tb[NL80211_ATTR_REG_RULE_FLAGS]);
  8575. freq_range->start_freq_khz =
  8576. nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]);
  8577. freq_range->end_freq_khz =
  8578. nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]);
  8579. freq_range->max_bandwidth_khz =
  8580. nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]);
  8581. power_rule->max_eirp =
  8582. nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]);
  8583. if (tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN])
  8584. power_rule->max_antenna_gain =
  8585. nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]);
  8586. if (tb[NL80211_ATTR_DFS_CAC_TIME])
  8587. reg_rule->dfs_cac_ms =
  8588. nla_get_u32(tb[NL80211_ATTR_DFS_CAC_TIME]);
  8589. return 0;
  8590. }
  8591. static int nl80211_set_reg(struct sk_buff *skb, struct genl_info *info)
  8592. {
  8593. struct nlattr *tb[NL80211_REG_RULE_ATTR_MAX + 1];
  8594. struct nlattr *nl_reg_rule;
  8595. char *alpha2;
  8596. int rem_reg_rules, r;
  8597. u32 num_rules = 0, rule_idx = 0;
  8598. enum nl80211_dfs_regions dfs_region = NL80211_DFS_UNSET;
  8599. struct ieee80211_regdomain *rd;
  8600. if (!info->attrs[NL80211_ATTR_REG_ALPHA2])
  8601. return -EINVAL;
  8602. if (!info->attrs[NL80211_ATTR_REG_RULES])
  8603. return -EINVAL;
  8604. alpha2 = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]);
  8605. if (info->attrs[NL80211_ATTR_DFS_REGION])
  8606. dfs_region = nla_get_u8(info->attrs[NL80211_ATTR_DFS_REGION]);
  8607. nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES],
  8608. rem_reg_rules) {
  8609. num_rules++;
  8610. if (num_rules > NL80211_MAX_SUPP_REG_RULES)
  8611. return -EINVAL;
  8612. }
  8613. rtnl_lock();
  8614. if (!reg_is_valid_request(alpha2)) {
  8615. r = -EINVAL;
  8616. goto out;
  8617. }
  8618. rd = kzalloc_flex(*rd, reg_rules, num_rules);
  8619. if (!rd) {
  8620. r = -ENOMEM;
  8621. goto out;
  8622. }
  8623. rd->n_reg_rules = num_rules;
  8624. rd->alpha2[0] = alpha2[0];
  8625. rd->alpha2[1] = alpha2[1];
  8626. /*
  8627. * Disable DFS master mode if the DFS region was
  8628. * not supported or known on this kernel.
  8629. */
  8630. if (reg_supported_dfs_region(dfs_region))
  8631. rd->dfs_region = dfs_region;
  8632. nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES],
  8633. rem_reg_rules) {
  8634. r = nla_parse_nested_deprecated(tb, NL80211_REG_RULE_ATTR_MAX,
  8635. nl_reg_rule, reg_rule_policy,
  8636. info->extack);
  8637. if (r)
  8638. goto bad_reg;
  8639. r = parse_reg_rule(tb, &rd->reg_rules[rule_idx]);
  8640. if (r)
  8641. goto bad_reg;
  8642. rule_idx++;
  8643. if (rule_idx > NL80211_MAX_SUPP_REG_RULES) {
  8644. r = -EINVAL;
  8645. goto bad_reg;
  8646. }
  8647. }
  8648. r = set_regdom(rd, REGD_SOURCE_CRDA);
  8649. /* set_regdom takes ownership of rd */
  8650. rd = NULL;
  8651. bad_reg:
  8652. kfree(rd);
  8653. out:
  8654. rtnl_unlock();
  8655. return r;
  8656. }
  8657. #endif /* CONFIG_CFG80211_CRDA_SUPPORT */
  8658. static int validate_scan_freqs(struct nlattr *freqs)
  8659. {
  8660. struct nlattr *attr1, *attr2;
  8661. int n_channels = 0, tmp1, tmp2;
  8662. nla_for_each_nested(attr1, freqs, tmp1)
  8663. if (nla_len(attr1) != sizeof(u32))
  8664. return 0;
  8665. nla_for_each_nested(attr1, freqs, tmp1) {
  8666. n_channels++;
  8667. /*
  8668. * Some hardware has a limited channel list for
  8669. * scanning, and it is pretty much nonsensical
  8670. * to scan for a channel twice, so disallow that
  8671. * and don't require drivers to check that the
  8672. * channel list they get isn't longer than what
  8673. * they can scan, as long as they can scan all
  8674. * the channels they registered at once.
  8675. */
  8676. nla_for_each_nested(attr2, freqs, tmp2)
  8677. if (attr1 != attr2 &&
  8678. nla_get_u32(attr1) == nla_get_u32(attr2))
  8679. return 0;
  8680. }
  8681. return n_channels;
  8682. }
  8683. static bool is_band_valid(struct wiphy *wiphy, enum nl80211_band b)
  8684. {
  8685. return b < NUM_NL80211_BANDS && wiphy->bands[b];
  8686. }
  8687. static int parse_bss_select(struct nlattr *nla, struct wiphy *wiphy,
  8688. struct cfg80211_bss_selection *bss_select)
  8689. {
  8690. struct nlattr *attr[NL80211_BSS_SELECT_ATTR_MAX + 1];
  8691. struct nlattr *nest;
  8692. int err;
  8693. bool found = false;
  8694. int i;
  8695. /* only process one nested attribute */
  8696. nest = nla_data(nla);
  8697. if (!nla_ok(nest, nla_len(nest)))
  8698. return -EINVAL;
  8699. err = nla_parse_nested_deprecated(attr, NL80211_BSS_SELECT_ATTR_MAX,
  8700. nest, nl80211_bss_select_policy,
  8701. NULL);
  8702. if (err)
  8703. return err;
  8704. /* only one attribute may be given */
  8705. for (i = 0; i <= NL80211_BSS_SELECT_ATTR_MAX; i++) {
  8706. if (attr[i]) {
  8707. if (found)
  8708. return -EINVAL;
  8709. found = true;
  8710. }
  8711. }
  8712. bss_select->behaviour = __NL80211_BSS_SELECT_ATTR_INVALID;
  8713. if (attr[NL80211_BSS_SELECT_ATTR_RSSI])
  8714. bss_select->behaviour = NL80211_BSS_SELECT_ATTR_RSSI;
  8715. if (attr[NL80211_BSS_SELECT_ATTR_BAND_PREF]) {
  8716. bss_select->behaviour = NL80211_BSS_SELECT_ATTR_BAND_PREF;
  8717. bss_select->param.band_pref =
  8718. nla_get_u32(attr[NL80211_BSS_SELECT_ATTR_BAND_PREF]);
  8719. if (!is_band_valid(wiphy, bss_select->param.band_pref))
  8720. return -EINVAL;
  8721. }
  8722. if (attr[NL80211_BSS_SELECT_ATTR_RSSI_ADJUST]) {
  8723. struct nl80211_bss_select_rssi_adjust *adj_param;
  8724. adj_param = nla_data(attr[NL80211_BSS_SELECT_ATTR_RSSI_ADJUST]);
  8725. bss_select->behaviour = NL80211_BSS_SELECT_ATTR_RSSI_ADJUST;
  8726. bss_select->param.adjust.band = adj_param->band;
  8727. bss_select->param.adjust.delta = adj_param->delta;
  8728. if (!is_band_valid(wiphy, bss_select->param.adjust.band))
  8729. return -EINVAL;
  8730. }
  8731. /* user-space did not provide behaviour attribute */
  8732. if (bss_select->behaviour == __NL80211_BSS_SELECT_ATTR_INVALID)
  8733. return -EINVAL;
  8734. if (!(wiphy->bss_select_support & BIT(bss_select->behaviour)))
  8735. return -EINVAL;
  8736. return 0;
  8737. }
  8738. int nl80211_parse_random_mac(struct nlattr **attrs,
  8739. u8 *mac_addr, u8 *mac_addr_mask)
  8740. {
  8741. int i;
  8742. if (!attrs[NL80211_ATTR_MAC] && !attrs[NL80211_ATTR_MAC_MASK]) {
  8743. eth_zero_addr(mac_addr);
  8744. eth_zero_addr(mac_addr_mask);
  8745. mac_addr[0] = 0x2;
  8746. mac_addr_mask[0] = 0x3;
  8747. return 0;
  8748. }
  8749. /* need both or none */
  8750. if (!attrs[NL80211_ATTR_MAC] || !attrs[NL80211_ATTR_MAC_MASK])
  8751. return -EINVAL;
  8752. memcpy(mac_addr, nla_data(attrs[NL80211_ATTR_MAC]), ETH_ALEN);
  8753. memcpy(mac_addr_mask, nla_data(attrs[NL80211_ATTR_MAC_MASK]), ETH_ALEN);
  8754. /* don't allow or configure an mcast address */
  8755. if (!is_multicast_ether_addr(mac_addr_mask) ||
  8756. is_multicast_ether_addr(mac_addr))
  8757. return -EINVAL;
  8758. /*
  8759. * allow users to pass a MAC address that has bits set outside
  8760. * of the mask, but don't bother drivers with having to deal
  8761. * with such bits
  8762. */
  8763. for (i = 0; i < ETH_ALEN; i++)
  8764. mac_addr[i] &= mac_addr_mask[i];
  8765. return 0;
  8766. }
  8767. static bool cfg80211_off_channel_oper_allowed(struct wireless_dev *wdev,
  8768. struct ieee80211_channel *chan)
  8769. {
  8770. unsigned int link_id;
  8771. bool all_ok = true;
  8772. int radio_idx;
  8773. lockdep_assert_wiphy(wdev->wiphy);
  8774. if (!cfg80211_wdev_channel_allowed(wdev, chan))
  8775. return false;
  8776. if (!cfg80211_beaconing_iface_active(wdev))
  8777. return true;
  8778. radio_idx = cfg80211_get_radio_idx_by_chan(wdev->wiphy, chan);
  8779. /*
  8780. * FIXME: check if we have a free radio/link for chan
  8781. *
  8782. * This, as well as the FIXME below, requires knowing the link
  8783. * capabilities of the hardware.
  8784. */
  8785. /* we cannot leave radar channels */
  8786. for_each_valid_link(wdev, link_id) {
  8787. struct cfg80211_chan_def *chandef;
  8788. int link_radio_idx;
  8789. chandef = wdev_chandef(wdev, link_id);
  8790. if (!chandef || !chandef->chan)
  8791. continue;
  8792. if (!(chandef->chan->flags & IEEE80211_CHAN_RADAR))
  8793. continue;
  8794. /*
  8795. * chandef->chan is a radar channel. If the radio/link onto
  8796. * which this radar channel falls is the same radio/link onto
  8797. * which the input 'chan' falls, off-channel operation should
  8798. * not be allowed. Hence, set 'all_ok' to false.
  8799. */
  8800. link_radio_idx = cfg80211_get_radio_idx_by_chan(wdev->wiphy,
  8801. chandef->chan);
  8802. if (link_radio_idx == radio_idx) {
  8803. all_ok = false;
  8804. break;
  8805. }
  8806. }
  8807. if (all_ok)
  8808. return true;
  8809. return regulatory_pre_cac_allowed(wdev->wiphy);
  8810. }
  8811. static bool nl80211_check_scan_feat(struct wiphy *wiphy, u32 flags, u32 flag,
  8812. enum nl80211_ext_feature_index feat)
  8813. {
  8814. if (!(flags & flag))
  8815. return true;
  8816. if (wiphy_ext_feature_isset(wiphy, feat))
  8817. return true;
  8818. return false;
  8819. }
  8820. static int
  8821. nl80211_check_scan_flags(struct wiphy *wiphy, struct wireless_dev *wdev,
  8822. struct nlattr **attrs, u8 *mac_addr, u8 *mac_addr_mask,
  8823. u32 *flags, enum nl80211_feature_flags randomness_flag)
  8824. {
  8825. if (!attrs[NL80211_ATTR_SCAN_FLAGS])
  8826. return 0;
  8827. *flags = nla_get_u32(attrs[NL80211_ATTR_SCAN_FLAGS]);
  8828. if (((*flags & NL80211_SCAN_FLAG_LOW_PRIORITY) &&
  8829. !(wiphy->features & NL80211_FEATURE_LOW_PRIORITY_SCAN)) ||
  8830. !nl80211_check_scan_feat(wiphy, *flags,
  8831. NL80211_SCAN_FLAG_LOW_SPAN,
  8832. NL80211_EXT_FEATURE_LOW_SPAN_SCAN) ||
  8833. !nl80211_check_scan_feat(wiphy, *flags,
  8834. NL80211_SCAN_FLAG_LOW_POWER,
  8835. NL80211_EXT_FEATURE_LOW_POWER_SCAN) ||
  8836. !nl80211_check_scan_feat(wiphy, *flags,
  8837. NL80211_SCAN_FLAG_HIGH_ACCURACY,
  8838. NL80211_EXT_FEATURE_HIGH_ACCURACY_SCAN) ||
  8839. !nl80211_check_scan_feat(wiphy, *flags,
  8840. NL80211_SCAN_FLAG_FILS_MAX_CHANNEL_TIME,
  8841. NL80211_EXT_FEATURE_FILS_MAX_CHANNEL_TIME) ||
  8842. !nl80211_check_scan_feat(wiphy, *flags,
  8843. NL80211_SCAN_FLAG_ACCEPT_BCAST_PROBE_RESP,
  8844. NL80211_EXT_FEATURE_ACCEPT_BCAST_PROBE_RESP) ||
  8845. !nl80211_check_scan_feat(wiphy, *flags,
  8846. NL80211_SCAN_FLAG_OCE_PROBE_REQ_DEFERRAL_SUPPRESSION,
  8847. NL80211_EXT_FEATURE_OCE_PROBE_REQ_DEFERRAL_SUPPRESSION) ||
  8848. !nl80211_check_scan_feat(wiphy, *flags,
  8849. NL80211_SCAN_FLAG_OCE_PROBE_REQ_HIGH_TX_RATE,
  8850. NL80211_EXT_FEATURE_OCE_PROBE_REQ_HIGH_TX_RATE) ||
  8851. !nl80211_check_scan_feat(wiphy, *flags,
  8852. NL80211_SCAN_FLAG_RANDOM_SN,
  8853. NL80211_EXT_FEATURE_SCAN_RANDOM_SN) ||
  8854. !nl80211_check_scan_feat(wiphy, *flags,
  8855. NL80211_SCAN_FLAG_MIN_PREQ_CONTENT,
  8856. NL80211_EXT_FEATURE_SCAN_MIN_PREQ_CONTENT))
  8857. return -EOPNOTSUPP;
  8858. if (*flags & NL80211_SCAN_FLAG_RANDOM_ADDR) {
  8859. int err;
  8860. if (!(wiphy->features & randomness_flag) ||
  8861. (wdev && wdev->connected))
  8862. return -EOPNOTSUPP;
  8863. err = nl80211_parse_random_mac(attrs, mac_addr, mac_addr_mask);
  8864. if (err)
  8865. return err;
  8866. }
  8867. return 0;
  8868. }
  8869. static int
  8870. nl80211_check_scan_flags_sched(struct wiphy *wiphy, struct wireless_dev *wdev,
  8871. struct nlattr **attrs,
  8872. struct cfg80211_sched_scan_request *req)
  8873. {
  8874. return nl80211_check_scan_flags(wiphy, wdev, attrs,
  8875. req->mac_addr, req->mac_addr_mask,
  8876. &req->flags,
  8877. wdev ? NL80211_FEATURE_SCHED_SCAN_RANDOM_MAC_ADDR :
  8878. NL80211_FEATURE_ND_RANDOM_MAC_ADDR);
  8879. }
  8880. static int
  8881. nl80211_check_scan_flags_reg(struct wiphy *wiphy, struct wireless_dev *wdev,
  8882. struct nlattr **attrs,
  8883. struct cfg80211_scan_request_int *req)
  8884. {
  8885. return nl80211_check_scan_flags(wiphy, wdev, attrs,
  8886. req->req.mac_addr,
  8887. req->req.mac_addr_mask,
  8888. &req->req.flags,
  8889. NL80211_FEATURE_SCAN_RANDOM_MAC_ADDR);
  8890. }
  8891. static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info)
  8892. {
  8893. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  8894. struct wireless_dev *wdev = info->user_ptr[1];
  8895. struct cfg80211_scan_request_int *request;
  8896. struct nlattr *scan_freqs = NULL;
  8897. bool scan_freqs_khz = false;
  8898. struct nlattr *attr;
  8899. struct wiphy *wiphy;
  8900. int err, tmp, n_ssids = 0, n_channels, i;
  8901. size_t ie_len, size;
  8902. size_t ssids_offset, ie_offset;
  8903. wiphy = &rdev->wiphy;
  8904. if (wdev->iftype == NL80211_IFTYPE_NAN)
  8905. return -EOPNOTSUPP;
  8906. if (!rdev->ops->scan)
  8907. return -EOPNOTSUPP;
  8908. if (rdev->scan_req || rdev->scan_msg)
  8909. return -EBUSY;
  8910. if (info->attrs[NL80211_ATTR_SCAN_FREQ_KHZ]) {
  8911. if (!wiphy_ext_feature_isset(wiphy,
  8912. NL80211_EXT_FEATURE_SCAN_FREQ_KHZ))
  8913. return -EOPNOTSUPP;
  8914. scan_freqs = info->attrs[NL80211_ATTR_SCAN_FREQ_KHZ];
  8915. scan_freqs_khz = true;
  8916. } else if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES])
  8917. scan_freqs = info->attrs[NL80211_ATTR_SCAN_FREQUENCIES];
  8918. if (scan_freqs) {
  8919. n_channels = validate_scan_freqs(scan_freqs);
  8920. if (!n_channels)
  8921. return -EINVAL;
  8922. } else {
  8923. n_channels = ieee80211_get_num_supported_channels(wiphy);
  8924. }
  8925. if (info->attrs[NL80211_ATTR_SCAN_SSIDS])
  8926. nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp)
  8927. n_ssids++;
  8928. if (n_ssids > wiphy->max_scan_ssids)
  8929. return -EINVAL;
  8930. if (info->attrs[NL80211_ATTR_IE])
  8931. ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
  8932. else
  8933. ie_len = 0;
  8934. if (ie_len > wiphy->max_scan_ie_len)
  8935. return -EINVAL;
  8936. size = struct_size(request, req.channels, n_channels);
  8937. ssids_offset = size;
  8938. size = size_add(size, array_size(sizeof(*request->req.ssids), n_ssids));
  8939. ie_offset = size;
  8940. size = size_add(size, ie_len);
  8941. request = kzalloc(size, GFP_KERNEL);
  8942. if (!request)
  8943. return -ENOMEM;
  8944. if (n_ssids)
  8945. request->req.ssids = (void *)request + ssids_offset;
  8946. request->req.n_ssids = n_ssids;
  8947. if (ie_len)
  8948. request->req.ie = (void *)request + ie_offset;
  8949. i = 0;
  8950. if (scan_freqs) {
  8951. /* user specified, bail out if channel not found */
  8952. nla_for_each_nested(attr, scan_freqs, tmp) {
  8953. struct ieee80211_channel *chan;
  8954. int freq = nla_get_u32(attr);
  8955. if (!scan_freqs_khz)
  8956. freq = MHZ_TO_KHZ(freq);
  8957. chan = ieee80211_get_channel_khz(wiphy, freq);
  8958. if (!chan) {
  8959. err = -EINVAL;
  8960. goto out_free;
  8961. }
  8962. /* Ignore disabled / no primary channels */
  8963. if (chan->flags & IEEE80211_CHAN_DISABLED ||
  8964. chan->flags & IEEE80211_CHAN_S1G_NO_PRIMARY ||
  8965. !cfg80211_wdev_channel_allowed(wdev, chan))
  8966. continue;
  8967. request->req.channels[i] = chan;
  8968. i++;
  8969. }
  8970. } else {
  8971. enum nl80211_band band;
  8972. /* all channels */
  8973. for (band = 0; band < NUM_NL80211_BANDS; band++) {
  8974. int j;
  8975. if (!wiphy->bands[band])
  8976. continue;
  8977. for (j = 0; j < wiphy->bands[band]->n_channels; j++) {
  8978. struct ieee80211_channel *chan;
  8979. chan = &wiphy->bands[band]->channels[j];
  8980. if (chan->flags & IEEE80211_CHAN_DISABLED ||
  8981. chan->flags &
  8982. IEEE80211_CHAN_S1G_NO_PRIMARY ||
  8983. !cfg80211_wdev_channel_allowed(wdev, chan))
  8984. continue;
  8985. request->req.channels[i] = chan;
  8986. i++;
  8987. }
  8988. }
  8989. }
  8990. if (!i) {
  8991. err = -EINVAL;
  8992. goto out_free;
  8993. }
  8994. request->req.n_channels = i;
  8995. for (i = 0; i < request->req.n_channels; i++) {
  8996. struct ieee80211_channel *chan = request->req.channels[i];
  8997. /* if we can go off-channel to the target channel we're good */
  8998. if (cfg80211_off_channel_oper_allowed(wdev, chan))
  8999. continue;
  9000. if (!cfg80211_wdev_on_sub_chan(wdev, chan, true)) {
  9001. err = -EBUSY;
  9002. goto out_free;
  9003. }
  9004. }
  9005. i = 0;
  9006. if (n_ssids) {
  9007. nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) {
  9008. if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) {
  9009. err = -EINVAL;
  9010. goto out_free;
  9011. }
  9012. request->req.ssids[i].ssid_len = nla_len(attr);
  9013. memcpy(request->req.ssids[i].ssid,
  9014. nla_data(attr), nla_len(attr));
  9015. i++;
  9016. }
  9017. }
  9018. if (info->attrs[NL80211_ATTR_IE]) {
  9019. request->req.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
  9020. memcpy((void *)request->req.ie,
  9021. nla_data(info->attrs[NL80211_ATTR_IE]),
  9022. request->req.ie_len);
  9023. }
  9024. for (i = 0; i < NUM_NL80211_BANDS; i++)
  9025. if (wiphy->bands[i])
  9026. request->req.rates[i] =
  9027. (1 << wiphy->bands[i]->n_bitrates) - 1;
  9028. if (info->attrs[NL80211_ATTR_SCAN_SUPP_RATES]) {
  9029. nla_for_each_nested(attr,
  9030. info->attrs[NL80211_ATTR_SCAN_SUPP_RATES],
  9031. tmp) {
  9032. enum nl80211_band band = nla_type(attr);
  9033. if (band < 0 || band >= NUM_NL80211_BANDS) {
  9034. err = -EINVAL;
  9035. goto out_free;
  9036. }
  9037. if (!wiphy->bands[band])
  9038. continue;
  9039. err = ieee80211_get_ratemask(wiphy->bands[band],
  9040. nla_data(attr),
  9041. nla_len(attr),
  9042. &request->req.rates[band]);
  9043. if (err)
  9044. goto out_free;
  9045. }
  9046. }
  9047. if (info->attrs[NL80211_ATTR_MEASUREMENT_DURATION]) {
  9048. request->req.duration =
  9049. nla_get_u16(info->attrs[NL80211_ATTR_MEASUREMENT_DURATION]);
  9050. request->req.duration_mandatory =
  9051. nla_get_flag(info->attrs[NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY]);
  9052. }
  9053. err = nl80211_check_scan_flags_reg(wiphy, wdev, info->attrs, request);
  9054. if (err)
  9055. goto out_free;
  9056. request->req.no_cck =
  9057. nla_get_flag(info->attrs[NL80211_ATTR_TX_NO_CCK_RATE]);
  9058. /* Initial implementation used NL80211_ATTR_MAC to set the specific
  9059. * BSSID to scan for. This was problematic because that same attribute
  9060. * was already used for another purpose (local random MAC address). The
  9061. * NL80211_ATTR_BSSID attribute was added to fix this. For backwards
  9062. * compatibility with older userspace components, also use the
  9063. * NL80211_ATTR_MAC value here if it can be determined to be used for
  9064. * the specific BSSID use case instead of the random MAC address
  9065. * (NL80211_ATTR_SCAN_FLAGS is used to enable random MAC address use).
  9066. */
  9067. if (info->attrs[NL80211_ATTR_BSSID])
  9068. memcpy(request->req.bssid,
  9069. nla_data(info->attrs[NL80211_ATTR_BSSID]), ETH_ALEN);
  9070. else if (!(request->req.flags & NL80211_SCAN_FLAG_RANDOM_ADDR) &&
  9071. info->attrs[NL80211_ATTR_MAC])
  9072. memcpy(request->req.bssid,
  9073. nla_data(info->attrs[NL80211_ATTR_MAC]),
  9074. ETH_ALEN);
  9075. else
  9076. eth_broadcast_addr(request->req.bssid);
  9077. request->req.tsf_report_link_id =
  9078. nl80211_link_id_or_invalid(info->attrs);
  9079. request->req.wdev = wdev;
  9080. request->req.wiphy = &rdev->wiphy;
  9081. request->req.scan_start = jiffies;
  9082. rdev->scan_req = request;
  9083. err = cfg80211_scan(rdev);
  9084. if (err)
  9085. goto out_free;
  9086. nl80211_send_scan_start(rdev, wdev);
  9087. dev_hold(wdev->netdev);
  9088. return 0;
  9089. out_free:
  9090. rdev->scan_req = NULL;
  9091. kfree(request);
  9092. return err;
  9093. }
  9094. static int nl80211_abort_scan(struct sk_buff *skb, struct genl_info *info)
  9095. {
  9096. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  9097. struct wireless_dev *wdev = info->user_ptr[1];
  9098. if (!rdev->ops->abort_scan)
  9099. return -EOPNOTSUPP;
  9100. if (rdev->scan_msg)
  9101. return 0;
  9102. if (!rdev->scan_req)
  9103. return -ENOENT;
  9104. rdev_abort_scan(rdev, wdev);
  9105. return 0;
  9106. }
  9107. static int
  9108. nl80211_parse_sched_scan_plans(struct wiphy *wiphy, int n_plans,
  9109. struct cfg80211_sched_scan_request *request,
  9110. struct nlattr **attrs)
  9111. {
  9112. int tmp, err, i = 0;
  9113. struct nlattr *attr;
  9114. if (!attrs[NL80211_ATTR_SCHED_SCAN_PLANS]) {
  9115. u32 interval;
  9116. /*
  9117. * If scan plans are not specified,
  9118. * %NL80211_ATTR_SCHED_SCAN_INTERVAL will be specified. In this
  9119. * case one scan plan will be set with the specified scan
  9120. * interval and infinite number of iterations.
  9121. */
  9122. interval = nla_get_u32(attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL]);
  9123. if (!interval)
  9124. return -EINVAL;
  9125. request->scan_plans[0].interval =
  9126. DIV_ROUND_UP(interval, MSEC_PER_SEC);
  9127. if (!request->scan_plans[0].interval)
  9128. return -EINVAL;
  9129. if (request->scan_plans[0].interval >
  9130. wiphy->max_sched_scan_plan_interval)
  9131. request->scan_plans[0].interval =
  9132. wiphy->max_sched_scan_plan_interval;
  9133. return 0;
  9134. }
  9135. nla_for_each_nested(attr, attrs[NL80211_ATTR_SCHED_SCAN_PLANS], tmp) {
  9136. struct nlattr *plan[NL80211_SCHED_SCAN_PLAN_MAX + 1];
  9137. if (WARN_ON(i >= n_plans))
  9138. return -EINVAL;
  9139. err = nla_parse_nested_deprecated(plan,
  9140. NL80211_SCHED_SCAN_PLAN_MAX,
  9141. attr, nl80211_plan_policy,
  9142. NULL);
  9143. if (err)
  9144. return err;
  9145. if (!plan[NL80211_SCHED_SCAN_PLAN_INTERVAL])
  9146. return -EINVAL;
  9147. request->scan_plans[i].interval =
  9148. nla_get_u32(plan[NL80211_SCHED_SCAN_PLAN_INTERVAL]);
  9149. if (!request->scan_plans[i].interval ||
  9150. request->scan_plans[i].interval >
  9151. wiphy->max_sched_scan_plan_interval)
  9152. return -EINVAL;
  9153. if (plan[NL80211_SCHED_SCAN_PLAN_ITERATIONS]) {
  9154. request->scan_plans[i].iterations =
  9155. nla_get_u32(plan[NL80211_SCHED_SCAN_PLAN_ITERATIONS]);
  9156. if (!request->scan_plans[i].iterations ||
  9157. (request->scan_plans[i].iterations >
  9158. wiphy->max_sched_scan_plan_iterations))
  9159. return -EINVAL;
  9160. } else if (i < n_plans - 1) {
  9161. /*
  9162. * All scan plans but the last one must specify
  9163. * a finite number of iterations
  9164. */
  9165. return -EINVAL;
  9166. }
  9167. i++;
  9168. }
  9169. /*
  9170. * The last scan plan must not specify the number of
  9171. * iterations, it is supposed to run infinitely
  9172. */
  9173. if (request->scan_plans[n_plans - 1].iterations)
  9174. return -EINVAL;
  9175. return 0;
  9176. }
  9177. static struct cfg80211_sched_scan_request *
  9178. nl80211_parse_sched_scan(struct wiphy *wiphy, struct wireless_dev *wdev,
  9179. struct nlattr **attrs, int max_match_sets)
  9180. {
  9181. struct cfg80211_sched_scan_request *request;
  9182. struct nlattr *attr;
  9183. int err, tmp, n_ssids = 0, n_match_sets = 0, n_channels, i, n_plans = 0;
  9184. enum nl80211_band band;
  9185. size_t ie_len, size;
  9186. struct nlattr *tb[NL80211_SCHED_SCAN_MATCH_ATTR_MAX + 1];
  9187. s32 default_match_rssi = NL80211_SCAN_RSSI_THOLD_OFF;
  9188. if (attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
  9189. n_channels = validate_scan_freqs(
  9190. attrs[NL80211_ATTR_SCAN_FREQUENCIES]);
  9191. if (!n_channels)
  9192. return ERR_PTR(-EINVAL);
  9193. } else {
  9194. n_channels = ieee80211_get_num_supported_channels(wiphy);
  9195. }
  9196. if (attrs[NL80211_ATTR_SCAN_SSIDS])
  9197. nla_for_each_nested(attr, attrs[NL80211_ATTR_SCAN_SSIDS],
  9198. tmp)
  9199. n_ssids++;
  9200. if (n_ssids > wiphy->max_sched_scan_ssids)
  9201. return ERR_PTR(-EINVAL);
  9202. /*
  9203. * First, count the number of 'real' matchsets. Due to an issue with
  9204. * the old implementation, matchsets containing only the RSSI attribute
  9205. * (NL80211_SCHED_SCAN_MATCH_ATTR_RSSI) are considered as the 'default'
  9206. * RSSI for all matchsets, rather than their own matchset for reporting
  9207. * all APs with a strong RSSI. This is needed to be compatible with
  9208. * older userspace that treated a matchset with only the RSSI as the
  9209. * global RSSI for all other matchsets - if there are other matchsets.
  9210. */
  9211. if (attrs[NL80211_ATTR_SCHED_SCAN_MATCH]) {
  9212. nla_for_each_nested(attr,
  9213. attrs[NL80211_ATTR_SCHED_SCAN_MATCH],
  9214. tmp) {
  9215. struct nlattr *rssi;
  9216. err = nla_parse_nested_deprecated(tb,
  9217. NL80211_SCHED_SCAN_MATCH_ATTR_MAX,
  9218. attr,
  9219. nl80211_match_policy,
  9220. NULL);
  9221. if (err)
  9222. return ERR_PTR(err);
  9223. /* SSID and BSSID are mutually exclusive */
  9224. if (tb[NL80211_SCHED_SCAN_MATCH_ATTR_SSID] &&
  9225. tb[NL80211_SCHED_SCAN_MATCH_ATTR_BSSID])
  9226. return ERR_PTR(-EINVAL);
  9227. /* add other standalone attributes here */
  9228. if (tb[NL80211_SCHED_SCAN_MATCH_ATTR_SSID] ||
  9229. tb[NL80211_SCHED_SCAN_MATCH_ATTR_BSSID]) {
  9230. n_match_sets++;
  9231. continue;
  9232. }
  9233. rssi = tb[NL80211_SCHED_SCAN_MATCH_ATTR_RSSI];
  9234. if (rssi)
  9235. default_match_rssi = nla_get_s32(rssi);
  9236. }
  9237. }
  9238. /* However, if there's no other matchset, add the RSSI one */
  9239. if (!n_match_sets && default_match_rssi != NL80211_SCAN_RSSI_THOLD_OFF)
  9240. n_match_sets = 1;
  9241. if (n_match_sets > max_match_sets)
  9242. return ERR_PTR(-EINVAL);
  9243. if (attrs[NL80211_ATTR_IE])
  9244. ie_len = nla_len(attrs[NL80211_ATTR_IE]);
  9245. else
  9246. ie_len = 0;
  9247. if (ie_len > wiphy->max_sched_scan_ie_len)
  9248. return ERR_PTR(-EINVAL);
  9249. if (attrs[NL80211_ATTR_SCHED_SCAN_PLANS]) {
  9250. /*
  9251. * NL80211_ATTR_SCHED_SCAN_INTERVAL must not be specified since
  9252. * each scan plan already specifies its own interval
  9253. */
  9254. if (attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL])
  9255. return ERR_PTR(-EINVAL);
  9256. nla_for_each_nested(attr,
  9257. attrs[NL80211_ATTR_SCHED_SCAN_PLANS], tmp)
  9258. n_plans++;
  9259. } else {
  9260. /*
  9261. * The scan interval attribute is kept for backward
  9262. * compatibility. If no scan plans are specified and sched scan
  9263. * interval is specified, one scan plan will be set with this
  9264. * scan interval and infinite number of iterations.
  9265. */
  9266. if (!attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL])
  9267. return ERR_PTR(-EINVAL);
  9268. n_plans = 1;
  9269. }
  9270. if (!n_plans || n_plans > wiphy->max_sched_scan_plans)
  9271. return ERR_PTR(-EINVAL);
  9272. if (!wiphy_ext_feature_isset(
  9273. wiphy, NL80211_EXT_FEATURE_SCHED_SCAN_RELATIVE_RSSI) &&
  9274. (attrs[NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI] ||
  9275. attrs[NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST]))
  9276. return ERR_PTR(-EINVAL);
  9277. size = struct_size(request, channels, n_channels);
  9278. size = size_add(size, array_size(sizeof(*request->ssids), n_ssids));
  9279. size = size_add(size, array_size(sizeof(*request->match_sets),
  9280. n_match_sets));
  9281. size = size_add(size, array_size(sizeof(*request->scan_plans),
  9282. n_plans));
  9283. size = size_add(size, ie_len);
  9284. request = kzalloc(size, GFP_KERNEL);
  9285. if (!request)
  9286. return ERR_PTR(-ENOMEM);
  9287. request->n_channels = n_channels;
  9288. if (n_ssids)
  9289. request->ssids = (void *)request +
  9290. struct_size(request, channels, n_channels);
  9291. request->n_ssids = n_ssids;
  9292. if (ie_len) {
  9293. if (n_ssids)
  9294. request->ie = (void *)(request->ssids + n_ssids);
  9295. else
  9296. request->ie = (void *)(request->channels + n_channels);
  9297. }
  9298. if (n_match_sets) {
  9299. if (request->ie)
  9300. request->match_sets = (void *)(request->ie + ie_len);
  9301. else if (n_ssids)
  9302. request->match_sets =
  9303. (void *)(request->ssids + n_ssids);
  9304. else
  9305. request->match_sets =
  9306. (void *)(request->channels + n_channels);
  9307. }
  9308. request->n_match_sets = n_match_sets;
  9309. if (n_match_sets)
  9310. request->scan_plans = (void *)(request->match_sets +
  9311. n_match_sets);
  9312. else if (request->ie)
  9313. request->scan_plans = (void *)(request->ie + ie_len);
  9314. else if (n_ssids)
  9315. request->scan_plans = (void *)(request->ssids + n_ssids);
  9316. else
  9317. request->scan_plans = (void *)(request->channels + n_channels);
  9318. request->n_scan_plans = n_plans;
  9319. i = 0;
  9320. if (attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
  9321. /* user specified, bail out if channel not found */
  9322. nla_for_each_nested(attr,
  9323. attrs[NL80211_ATTR_SCAN_FREQUENCIES],
  9324. tmp) {
  9325. struct ieee80211_channel *chan;
  9326. chan = ieee80211_get_channel(wiphy, nla_get_u32(attr));
  9327. if (!chan) {
  9328. err = -EINVAL;
  9329. goto out_free;
  9330. }
  9331. /* ignore disabled channels */
  9332. if (chan->flags & IEEE80211_CHAN_DISABLED)
  9333. continue;
  9334. request->channels[i] = chan;
  9335. i++;
  9336. }
  9337. } else {
  9338. /* all channels */
  9339. for (band = 0; band < NUM_NL80211_BANDS; band++) {
  9340. int j;
  9341. if (!wiphy->bands[band])
  9342. continue;
  9343. for (j = 0; j < wiphy->bands[band]->n_channels; j++) {
  9344. struct ieee80211_channel *chan;
  9345. chan = &wiphy->bands[band]->channels[j];
  9346. if (chan->flags & IEEE80211_CHAN_DISABLED)
  9347. continue;
  9348. request->channels[i] = chan;
  9349. i++;
  9350. }
  9351. }
  9352. }
  9353. if (!i) {
  9354. err = -EINVAL;
  9355. goto out_free;
  9356. }
  9357. request->n_channels = i;
  9358. i = 0;
  9359. if (n_ssids) {
  9360. nla_for_each_nested(attr, attrs[NL80211_ATTR_SCAN_SSIDS],
  9361. tmp) {
  9362. if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) {
  9363. err = -EINVAL;
  9364. goto out_free;
  9365. }
  9366. request->ssids[i].ssid_len = nla_len(attr);
  9367. memcpy(request->ssids[i].ssid, nla_data(attr),
  9368. nla_len(attr));
  9369. i++;
  9370. }
  9371. }
  9372. i = 0;
  9373. if (attrs[NL80211_ATTR_SCHED_SCAN_MATCH]) {
  9374. nla_for_each_nested(attr,
  9375. attrs[NL80211_ATTR_SCHED_SCAN_MATCH],
  9376. tmp) {
  9377. struct nlattr *ssid, *bssid, *rssi;
  9378. err = nla_parse_nested_deprecated(tb,
  9379. NL80211_SCHED_SCAN_MATCH_ATTR_MAX,
  9380. attr,
  9381. nl80211_match_policy,
  9382. NULL);
  9383. if (err)
  9384. goto out_free;
  9385. ssid = tb[NL80211_SCHED_SCAN_MATCH_ATTR_SSID];
  9386. bssid = tb[NL80211_SCHED_SCAN_MATCH_ATTR_BSSID];
  9387. if (!ssid && !bssid) {
  9388. i++;
  9389. continue;
  9390. }
  9391. if (WARN_ON(i >= n_match_sets)) {
  9392. /* this indicates a programming error,
  9393. * the loop above should have verified
  9394. * things properly
  9395. */
  9396. err = -EINVAL;
  9397. goto out_free;
  9398. }
  9399. if (ssid) {
  9400. memcpy(request->match_sets[i].ssid.ssid,
  9401. nla_data(ssid), nla_len(ssid));
  9402. request->match_sets[i].ssid.ssid_len =
  9403. nla_len(ssid);
  9404. }
  9405. if (bssid)
  9406. memcpy(request->match_sets[i].bssid,
  9407. nla_data(bssid), ETH_ALEN);
  9408. /* special attribute - old implementation w/a */
  9409. request->match_sets[i].rssi_thold = default_match_rssi;
  9410. rssi = tb[NL80211_SCHED_SCAN_MATCH_ATTR_RSSI];
  9411. if (rssi)
  9412. request->match_sets[i].rssi_thold =
  9413. nla_get_s32(rssi);
  9414. i++;
  9415. }
  9416. /* there was no other matchset, so the RSSI one is alone */
  9417. if (i == 0 && n_match_sets)
  9418. request->match_sets[0].rssi_thold = default_match_rssi;
  9419. request->min_rssi_thold = INT_MAX;
  9420. for (i = 0; i < n_match_sets; i++)
  9421. request->min_rssi_thold =
  9422. min(request->match_sets[i].rssi_thold,
  9423. request->min_rssi_thold);
  9424. } else {
  9425. request->min_rssi_thold = NL80211_SCAN_RSSI_THOLD_OFF;
  9426. }
  9427. if (ie_len) {
  9428. request->ie_len = ie_len;
  9429. memcpy((void *)request->ie,
  9430. nla_data(attrs[NL80211_ATTR_IE]),
  9431. request->ie_len);
  9432. }
  9433. err = nl80211_check_scan_flags_sched(wiphy, wdev, attrs, request);
  9434. if (err)
  9435. goto out_free;
  9436. if (attrs[NL80211_ATTR_SCHED_SCAN_DELAY])
  9437. request->delay =
  9438. nla_get_u32(attrs[NL80211_ATTR_SCHED_SCAN_DELAY]);
  9439. if (attrs[NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI]) {
  9440. request->relative_rssi = nla_get_s8(
  9441. attrs[NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI]);
  9442. request->relative_rssi_set = true;
  9443. }
  9444. if (request->relative_rssi_set &&
  9445. attrs[NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST]) {
  9446. struct nl80211_bss_select_rssi_adjust *rssi_adjust;
  9447. rssi_adjust = nla_data(
  9448. attrs[NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST]);
  9449. request->rssi_adjust.band = rssi_adjust->band;
  9450. request->rssi_adjust.delta = rssi_adjust->delta;
  9451. if (!is_band_valid(wiphy, request->rssi_adjust.band)) {
  9452. err = -EINVAL;
  9453. goto out_free;
  9454. }
  9455. }
  9456. err = nl80211_parse_sched_scan_plans(wiphy, n_plans, request, attrs);
  9457. if (err)
  9458. goto out_free;
  9459. request->scan_start = jiffies;
  9460. return request;
  9461. out_free:
  9462. kfree(request);
  9463. return ERR_PTR(err);
  9464. }
  9465. static int nl80211_start_sched_scan(struct sk_buff *skb,
  9466. struct genl_info *info)
  9467. {
  9468. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  9469. struct net_device *dev = info->user_ptr[1];
  9470. struct wireless_dev *wdev = dev->ieee80211_ptr;
  9471. struct cfg80211_sched_scan_request *sched_scan_req;
  9472. bool want_multi;
  9473. int err;
  9474. if (!rdev->wiphy.max_sched_scan_reqs || !rdev->ops->sched_scan_start)
  9475. return -EOPNOTSUPP;
  9476. want_multi = info->attrs[NL80211_ATTR_SCHED_SCAN_MULTI];
  9477. err = cfg80211_sched_scan_req_possible(rdev, want_multi);
  9478. if (err)
  9479. return err;
  9480. sched_scan_req = nl80211_parse_sched_scan(&rdev->wiphy, wdev,
  9481. info->attrs,
  9482. rdev->wiphy.max_match_sets);
  9483. err = PTR_ERR_OR_ZERO(sched_scan_req);
  9484. if (err)
  9485. goto out_err;
  9486. /* leave request id zero for legacy request
  9487. * or if driver does not support multi-scheduled scan
  9488. */
  9489. if (want_multi && rdev->wiphy.max_sched_scan_reqs > 1)
  9490. sched_scan_req->reqid = cfg80211_assign_cookie(rdev);
  9491. err = rdev_sched_scan_start(rdev, dev, sched_scan_req);
  9492. if (err)
  9493. goto out_free;
  9494. sched_scan_req->dev = dev;
  9495. sched_scan_req->wiphy = &rdev->wiphy;
  9496. if (info->attrs[NL80211_ATTR_SOCKET_OWNER])
  9497. sched_scan_req->owner_nlportid = info->snd_portid;
  9498. cfg80211_add_sched_scan_req(rdev, sched_scan_req);
  9499. nl80211_send_sched_scan(sched_scan_req, NL80211_CMD_START_SCHED_SCAN);
  9500. return 0;
  9501. out_free:
  9502. kfree(sched_scan_req);
  9503. out_err:
  9504. return err;
  9505. }
  9506. static int nl80211_stop_sched_scan(struct sk_buff *skb,
  9507. struct genl_info *info)
  9508. {
  9509. struct cfg80211_sched_scan_request *req;
  9510. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  9511. u64 cookie;
  9512. if (!rdev->wiphy.max_sched_scan_reqs || !rdev->ops->sched_scan_stop)
  9513. return -EOPNOTSUPP;
  9514. if (info->attrs[NL80211_ATTR_COOKIE]) {
  9515. cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]);
  9516. return __cfg80211_stop_sched_scan(rdev, cookie, false);
  9517. }
  9518. req = list_first_or_null_rcu(&rdev->sched_scan_req_list,
  9519. struct cfg80211_sched_scan_request,
  9520. list);
  9521. if (!req || req->reqid ||
  9522. (req->owner_nlportid &&
  9523. req->owner_nlportid != info->snd_portid))
  9524. return -ENOENT;
  9525. return cfg80211_stop_sched_scan_req(rdev, req, false);
  9526. }
  9527. static int nl80211_start_radar_detection(struct sk_buff *skb,
  9528. struct genl_info *info)
  9529. {
  9530. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  9531. struct net_device *dev = info->user_ptr[1];
  9532. struct wireless_dev *wdev = dev->ieee80211_ptr;
  9533. int link_id = nl80211_link_id(info->attrs);
  9534. struct wiphy *wiphy = wdev->wiphy;
  9535. struct cfg80211_chan_def chandef;
  9536. enum nl80211_dfs_regions dfs_region;
  9537. unsigned int cac_time_ms;
  9538. int err;
  9539. flush_delayed_work(&rdev->dfs_update_channels_wk);
  9540. switch (wdev->iftype) {
  9541. case NL80211_IFTYPE_AP:
  9542. case NL80211_IFTYPE_P2P_GO:
  9543. case NL80211_IFTYPE_MESH_POINT:
  9544. case NL80211_IFTYPE_ADHOC:
  9545. break;
  9546. default:
  9547. /* caution - see cfg80211_beaconing_iface_active() below */
  9548. return -EINVAL;
  9549. }
  9550. guard(wiphy)(wiphy);
  9551. dfs_region = reg_get_dfs_region(wiphy);
  9552. if (dfs_region == NL80211_DFS_UNSET)
  9553. return -EINVAL;
  9554. err = nl80211_parse_chandef(rdev, info, &chandef);
  9555. if (err)
  9556. return err;
  9557. err = cfg80211_chandef_dfs_required(wiphy, &chandef, wdev->iftype);
  9558. if (err < 0)
  9559. return err;
  9560. if (err == 0)
  9561. return -EINVAL;
  9562. if (!cfg80211_chandef_dfs_usable(wiphy, &chandef))
  9563. return -EINVAL;
  9564. if (nla_get_flag(info->attrs[NL80211_ATTR_RADAR_BACKGROUND]))
  9565. return cfg80211_start_background_radar_detection(rdev, wdev,
  9566. &chandef);
  9567. if (cfg80211_beaconing_iface_active(wdev)) {
  9568. /* During MLO other link(s) can beacon, only the current link
  9569. * can not already beacon
  9570. */
  9571. if (wdev->valid_links &&
  9572. !wdev->links[link_id].ap.beacon_interval) {
  9573. /* nothing */
  9574. } else {
  9575. return -EBUSY;
  9576. }
  9577. }
  9578. if (wdev->links[link_id].cac_started)
  9579. return -EBUSY;
  9580. /* CAC start is offloaded to HW and can't be started manually */
  9581. if (wiphy_ext_feature_isset(wiphy, NL80211_EXT_FEATURE_DFS_OFFLOAD))
  9582. return -EOPNOTSUPP;
  9583. if (!rdev->ops->start_radar_detection)
  9584. return -EOPNOTSUPP;
  9585. cac_time_ms = cfg80211_chandef_dfs_cac_time(&rdev->wiphy, &chandef);
  9586. if (WARN_ON(!cac_time_ms))
  9587. cac_time_ms = IEEE80211_DFS_MIN_CAC_TIME_MS;
  9588. err = rdev_start_radar_detection(rdev, dev, &chandef, cac_time_ms,
  9589. link_id);
  9590. if (err)
  9591. return err;
  9592. switch (wdev->iftype) {
  9593. case NL80211_IFTYPE_AP:
  9594. case NL80211_IFTYPE_P2P_GO:
  9595. wdev->links[link_id].ap.chandef = chandef;
  9596. break;
  9597. case NL80211_IFTYPE_ADHOC:
  9598. wdev->u.ibss.chandef = chandef;
  9599. break;
  9600. case NL80211_IFTYPE_MESH_POINT:
  9601. wdev->u.mesh.chandef = chandef;
  9602. break;
  9603. default:
  9604. break;
  9605. }
  9606. wdev->links[link_id].cac_started = true;
  9607. wdev->links[link_id].cac_start_time = jiffies;
  9608. wdev->links[link_id].cac_time_ms = cac_time_ms;
  9609. return 0;
  9610. }
  9611. static int nl80211_notify_radar_detection(struct sk_buff *skb,
  9612. struct genl_info *info)
  9613. {
  9614. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  9615. struct net_device *dev = info->user_ptr[1];
  9616. struct wireless_dev *wdev = dev->ieee80211_ptr;
  9617. struct wiphy *wiphy = wdev->wiphy;
  9618. struct cfg80211_chan_def chandef;
  9619. enum nl80211_dfs_regions dfs_region;
  9620. int err;
  9621. dfs_region = reg_get_dfs_region(wiphy);
  9622. if (dfs_region == NL80211_DFS_UNSET) {
  9623. GENL_SET_ERR_MSG(info,
  9624. "DFS Region is not set. Unexpected Radar indication");
  9625. return -EINVAL;
  9626. }
  9627. err = nl80211_parse_chandef(rdev, info, &chandef);
  9628. if (err) {
  9629. GENL_SET_ERR_MSG(info, "Unable to extract chandef info");
  9630. return err;
  9631. }
  9632. err = cfg80211_chandef_dfs_required(wiphy, &chandef, wdev->iftype);
  9633. if (err < 0) {
  9634. GENL_SET_ERR_MSG(info, "chandef is invalid");
  9635. return err;
  9636. }
  9637. if (err == 0) {
  9638. GENL_SET_ERR_MSG(info,
  9639. "Unexpected Radar indication for chandef/iftype");
  9640. return -EINVAL;
  9641. }
  9642. /* Do not process this notification if radar is already detected
  9643. * by kernel on this channel, and return success.
  9644. */
  9645. if (chandef.chan->dfs_state == NL80211_DFS_UNAVAILABLE)
  9646. return 0;
  9647. cfg80211_set_dfs_state(wiphy, &chandef, NL80211_DFS_UNAVAILABLE);
  9648. cfg80211_sched_dfs_chan_update(rdev);
  9649. rdev->radar_chandef = chandef;
  9650. /* Propagate this notification to other radios as well */
  9651. queue_work(cfg80211_wq, &rdev->propagate_radar_detect_wk);
  9652. return 0;
  9653. }
  9654. static int nl80211_parse_counter_offsets(struct cfg80211_registered_device *rdev,
  9655. const u8 *data, size_t datalen,
  9656. int first_count, struct nlattr *attr,
  9657. const u16 **offsets, unsigned int *n_offsets)
  9658. {
  9659. int i;
  9660. *n_offsets = 0;
  9661. if (!attr)
  9662. return 0;
  9663. if (!nla_len(attr) || (nla_len(attr) % sizeof(u16)))
  9664. return -EINVAL;
  9665. *n_offsets = nla_len(attr) / sizeof(u16);
  9666. if (rdev->wiphy.max_num_csa_counters &&
  9667. (*n_offsets > rdev->wiphy.max_num_csa_counters))
  9668. return -EINVAL;
  9669. *offsets = nla_data(attr);
  9670. /* sanity checks - counters should fit and be the same */
  9671. for (i = 0; i < *n_offsets; i++) {
  9672. u16 offset = (*offsets)[i];
  9673. if (offset >= datalen)
  9674. return -EINVAL;
  9675. if (first_count != -1 && data[offset] != first_count)
  9676. return -EINVAL;
  9677. }
  9678. return 0;
  9679. }
  9680. static int nl80211_channel_switch(struct sk_buff *skb, struct genl_info *info)
  9681. {
  9682. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  9683. unsigned int link_id = nl80211_link_id(info->attrs);
  9684. struct net_device *dev = info->user_ptr[1];
  9685. struct wireless_dev *wdev = dev->ieee80211_ptr;
  9686. struct cfg80211_csa_settings params;
  9687. struct nlattr **csa_attrs = NULL;
  9688. int err;
  9689. bool need_new_beacon = false;
  9690. bool need_handle_dfs_flag = true;
  9691. u32 cs_count;
  9692. if (!rdev->ops->channel_switch ||
  9693. !(rdev->wiphy.flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH))
  9694. return -EOPNOTSUPP;
  9695. switch (dev->ieee80211_ptr->iftype) {
  9696. case NL80211_IFTYPE_AP:
  9697. case NL80211_IFTYPE_P2P_GO:
  9698. need_new_beacon = true;
  9699. /* For all modes except AP the handle_dfs flag needs to be
  9700. * supplied to tell the kernel that userspace will handle radar
  9701. * events when they happen. Otherwise a switch to a channel
  9702. * requiring DFS will be rejected.
  9703. */
  9704. need_handle_dfs_flag = false;
  9705. /* useless if AP is not running */
  9706. if (!wdev->links[link_id].ap.beacon_interval)
  9707. return -ENOTCONN;
  9708. break;
  9709. case NL80211_IFTYPE_ADHOC:
  9710. if (!wdev->u.ibss.ssid_len)
  9711. return -ENOTCONN;
  9712. break;
  9713. case NL80211_IFTYPE_MESH_POINT:
  9714. if (!wdev->u.mesh.id_len)
  9715. return -ENOTCONN;
  9716. break;
  9717. default:
  9718. return -EOPNOTSUPP;
  9719. }
  9720. memset(&params, 0, sizeof(params));
  9721. params.beacon_csa.ftm_responder = -1;
  9722. if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] ||
  9723. !info->attrs[NL80211_ATTR_CH_SWITCH_COUNT])
  9724. return -EINVAL;
  9725. /* only important for AP, IBSS and mesh create IEs internally */
  9726. if (need_new_beacon && !info->attrs[NL80211_ATTR_CSA_IES])
  9727. return -EINVAL;
  9728. /* Even though the attribute is u32, the specification says
  9729. * u8, so let's make sure we don't overflow.
  9730. */
  9731. cs_count = nla_get_u32(info->attrs[NL80211_ATTR_CH_SWITCH_COUNT]);
  9732. if (cs_count > 255)
  9733. return -EINVAL;
  9734. params.count = cs_count;
  9735. if (!need_new_beacon)
  9736. goto skip_beacons;
  9737. err = nl80211_parse_beacon(rdev, info->attrs, &params.beacon_after,
  9738. info->extack);
  9739. if (err)
  9740. goto free;
  9741. csa_attrs = kzalloc_objs(*csa_attrs, NL80211_ATTR_MAX + 1);
  9742. if (!csa_attrs) {
  9743. err = -ENOMEM;
  9744. goto free;
  9745. }
  9746. err = nla_parse_nested_deprecated(csa_attrs, NL80211_ATTR_MAX,
  9747. info->attrs[NL80211_ATTR_CSA_IES],
  9748. nl80211_policy, info->extack);
  9749. if (err)
  9750. goto free;
  9751. err = nl80211_parse_beacon(rdev, csa_attrs, &params.beacon_csa,
  9752. info->extack);
  9753. if (err)
  9754. goto free;
  9755. if (!csa_attrs[NL80211_ATTR_CNTDWN_OFFS_BEACON]) {
  9756. err = -EINVAL;
  9757. goto free;
  9758. }
  9759. err = nl80211_parse_counter_offsets(rdev, params.beacon_csa.tail,
  9760. params.beacon_csa.tail_len,
  9761. params.count,
  9762. csa_attrs[NL80211_ATTR_CNTDWN_OFFS_BEACON],
  9763. &params.counter_offsets_beacon,
  9764. &params.n_counter_offsets_beacon);
  9765. if (err)
  9766. goto free;
  9767. err = nl80211_parse_counter_offsets(rdev, params.beacon_csa.probe_resp,
  9768. params.beacon_csa.probe_resp_len,
  9769. params.count,
  9770. csa_attrs[NL80211_ATTR_CNTDWN_OFFS_PRESP],
  9771. &params.counter_offsets_presp,
  9772. &params.n_counter_offsets_presp);
  9773. if (err)
  9774. goto free;
  9775. skip_beacons:
  9776. err = nl80211_parse_chandef(rdev, info, &params.chandef);
  9777. if (err)
  9778. goto free;
  9779. if (!cfg80211_reg_can_beacon_relax(&rdev->wiphy, &params.chandef,
  9780. wdev->iftype)) {
  9781. err = -EINVAL;
  9782. goto free;
  9783. }
  9784. err = cfg80211_chandef_dfs_required(wdev->wiphy,
  9785. &params.chandef,
  9786. wdev->iftype);
  9787. if (err < 0)
  9788. goto free;
  9789. if (err > 0) {
  9790. params.radar_required = true;
  9791. if (need_handle_dfs_flag &&
  9792. !nla_get_flag(info->attrs[NL80211_ATTR_HANDLE_DFS])) {
  9793. err = -EINVAL;
  9794. goto free;
  9795. }
  9796. }
  9797. if (info->attrs[NL80211_ATTR_CH_SWITCH_BLOCK_TX])
  9798. params.block_tx = true;
  9799. if ((wdev->iftype == NL80211_IFTYPE_AP ||
  9800. wdev->iftype == NL80211_IFTYPE_P2P_GO) &&
  9801. info->attrs[NL80211_ATTR_UNSOL_BCAST_PROBE_RESP]) {
  9802. err = nl80211_parse_unsol_bcast_probe_resp(
  9803. rdev, info->attrs[NL80211_ATTR_UNSOL_BCAST_PROBE_RESP],
  9804. &params.unsol_bcast_probe_resp);
  9805. if (err)
  9806. goto free;
  9807. }
  9808. params.link_id = link_id;
  9809. err = rdev_channel_switch(rdev, dev, &params);
  9810. free:
  9811. kfree(params.beacon_after.mbssid_ies);
  9812. kfree(params.beacon_csa.mbssid_ies);
  9813. kfree(params.beacon_after.rnr_ies);
  9814. kfree(params.beacon_csa.rnr_ies);
  9815. kfree(csa_attrs);
  9816. return err;
  9817. }
  9818. static int nl80211_send_bss(struct sk_buff *msg, struct netlink_callback *cb,
  9819. u32 seq, int flags,
  9820. struct cfg80211_registered_device *rdev,
  9821. struct wireless_dev *wdev,
  9822. struct cfg80211_internal_bss *intbss)
  9823. {
  9824. struct cfg80211_bss *res = &intbss->pub;
  9825. const struct cfg80211_bss_ies *ies;
  9826. unsigned int link_id;
  9827. void *hdr;
  9828. struct nlattr *bss;
  9829. lockdep_assert_wiphy(wdev->wiphy);
  9830. hdr = nl80211hdr_put(msg, NETLINK_CB(cb->skb).portid, seq, flags,
  9831. NL80211_CMD_NEW_SCAN_RESULTS);
  9832. if (!hdr)
  9833. return -1;
  9834. genl_dump_check_consistent(cb, hdr);
  9835. if (nla_put_u32(msg, NL80211_ATTR_GENERATION, rdev->bss_generation))
  9836. goto nla_put_failure;
  9837. if (wdev->netdev &&
  9838. nla_put_u32(msg, NL80211_ATTR_IFINDEX, wdev->netdev->ifindex))
  9839. goto nla_put_failure;
  9840. if (nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
  9841. NL80211_ATTR_PAD))
  9842. goto nla_put_failure;
  9843. bss = nla_nest_start_noflag(msg, NL80211_ATTR_BSS);
  9844. if (!bss)
  9845. goto nla_put_failure;
  9846. if ((!is_zero_ether_addr(res->bssid) &&
  9847. nla_put(msg, NL80211_BSS_BSSID, ETH_ALEN, res->bssid)))
  9848. goto nla_put_failure;
  9849. rcu_read_lock();
  9850. /* indicate whether we have probe response data or not */
  9851. if (rcu_access_pointer(res->proberesp_ies) &&
  9852. nla_put_flag(msg, NL80211_BSS_PRESP_DATA))
  9853. goto fail_unlock_rcu;
  9854. /* this pointer prefers to be pointed to probe response data
  9855. * but is always valid
  9856. */
  9857. ies = rcu_dereference(res->ies);
  9858. if (ies) {
  9859. if (nla_put_u64_64bit(msg, NL80211_BSS_TSF, ies->tsf,
  9860. NL80211_BSS_PAD))
  9861. goto fail_unlock_rcu;
  9862. if (ies->len && nla_put(msg, NL80211_BSS_INFORMATION_ELEMENTS,
  9863. ies->len, ies->data))
  9864. goto fail_unlock_rcu;
  9865. }
  9866. /* and this pointer is always (unless driver didn't know) beacon data */
  9867. ies = rcu_dereference(res->beacon_ies);
  9868. if (ies && ies->from_beacon) {
  9869. if (nla_put_u64_64bit(msg, NL80211_BSS_BEACON_TSF, ies->tsf,
  9870. NL80211_BSS_PAD))
  9871. goto fail_unlock_rcu;
  9872. if (ies->len && nla_put(msg, NL80211_BSS_BEACON_IES,
  9873. ies->len, ies->data))
  9874. goto fail_unlock_rcu;
  9875. }
  9876. rcu_read_unlock();
  9877. if (res->beacon_interval &&
  9878. nla_put_u16(msg, NL80211_BSS_BEACON_INTERVAL, res->beacon_interval))
  9879. goto nla_put_failure;
  9880. if (nla_put_u16(msg, NL80211_BSS_CAPABILITY, res->capability) ||
  9881. nla_put_u32(msg, NL80211_BSS_FREQUENCY, res->channel->center_freq) ||
  9882. nla_put_u32(msg, NL80211_BSS_FREQUENCY_OFFSET,
  9883. res->channel->freq_offset) ||
  9884. nla_put_u32(msg, NL80211_BSS_SEEN_MS_AGO,
  9885. jiffies_to_msecs(jiffies - intbss->ts)))
  9886. goto nla_put_failure;
  9887. if (intbss->parent_tsf &&
  9888. (nla_put_u64_64bit(msg, NL80211_BSS_PARENT_TSF,
  9889. intbss->parent_tsf, NL80211_BSS_PAD) ||
  9890. nla_put(msg, NL80211_BSS_PARENT_BSSID, ETH_ALEN,
  9891. intbss->parent_bssid)))
  9892. goto nla_put_failure;
  9893. if (res->ts_boottime &&
  9894. nla_put_u64_64bit(msg, NL80211_BSS_LAST_SEEN_BOOTTIME,
  9895. res->ts_boottime, NL80211_BSS_PAD))
  9896. goto nla_put_failure;
  9897. if (!nl80211_put_signal(msg, intbss->pub.chains,
  9898. intbss->pub.chain_signal,
  9899. NL80211_BSS_CHAIN_SIGNAL))
  9900. goto nla_put_failure;
  9901. if (intbss->bss_source != BSS_SOURCE_STA_PROFILE) {
  9902. switch (rdev->wiphy.signal_type) {
  9903. case CFG80211_SIGNAL_TYPE_MBM:
  9904. if (nla_put_u32(msg, NL80211_BSS_SIGNAL_MBM,
  9905. res->signal))
  9906. goto nla_put_failure;
  9907. break;
  9908. case CFG80211_SIGNAL_TYPE_UNSPEC:
  9909. if (nla_put_u8(msg, NL80211_BSS_SIGNAL_UNSPEC,
  9910. res->signal))
  9911. goto nla_put_failure;
  9912. break;
  9913. default:
  9914. break;
  9915. }
  9916. }
  9917. switch (wdev->iftype) {
  9918. case NL80211_IFTYPE_P2P_CLIENT:
  9919. case NL80211_IFTYPE_STATION:
  9920. for_each_valid_link(wdev, link_id) {
  9921. if (intbss == wdev->links[link_id].client.current_bss &&
  9922. (nla_put_u32(msg, NL80211_BSS_STATUS,
  9923. NL80211_BSS_STATUS_ASSOCIATED) ||
  9924. (wdev->valid_links &&
  9925. (nla_put_u8(msg, NL80211_BSS_MLO_LINK_ID,
  9926. link_id) ||
  9927. nla_put(msg, NL80211_BSS_MLD_ADDR, ETH_ALEN,
  9928. wdev->u.client.connected_addr)))))
  9929. goto nla_put_failure;
  9930. }
  9931. break;
  9932. case NL80211_IFTYPE_ADHOC:
  9933. if (intbss == wdev->u.ibss.current_bss &&
  9934. nla_put_u32(msg, NL80211_BSS_STATUS,
  9935. NL80211_BSS_STATUS_IBSS_JOINED))
  9936. goto nla_put_failure;
  9937. break;
  9938. default:
  9939. break;
  9940. }
  9941. if (nla_put_u32(msg, NL80211_BSS_USE_FOR, res->use_for))
  9942. goto nla_put_failure;
  9943. if (res->cannot_use_reasons &&
  9944. nla_put_u64_64bit(msg, NL80211_BSS_CANNOT_USE_REASONS,
  9945. res->cannot_use_reasons,
  9946. NL80211_BSS_PAD))
  9947. goto nla_put_failure;
  9948. nla_nest_end(msg, bss);
  9949. genlmsg_end(msg, hdr);
  9950. return 0;
  9951. fail_unlock_rcu:
  9952. rcu_read_unlock();
  9953. nla_put_failure:
  9954. genlmsg_cancel(msg, hdr);
  9955. return -EMSGSIZE;
  9956. }
  9957. static int nl80211_dump_scan(struct sk_buff *skb, struct netlink_callback *cb)
  9958. {
  9959. struct cfg80211_registered_device *rdev;
  9960. struct cfg80211_internal_bss *scan;
  9961. struct wireless_dev *wdev;
  9962. struct nlattr **attrbuf;
  9963. int start = cb->args[2], idx = 0;
  9964. bool dump_include_use_data;
  9965. int err;
  9966. attrbuf = kzalloc_objs(*attrbuf, NUM_NL80211_ATTR);
  9967. if (!attrbuf)
  9968. return -ENOMEM;
  9969. err = nl80211_prepare_wdev_dump(cb, &rdev, &wdev, attrbuf);
  9970. if (err) {
  9971. kfree(attrbuf);
  9972. return err;
  9973. }
  9974. /* nl80211_prepare_wdev_dump acquired it in the successful case */
  9975. __acquire(&rdev->wiphy.mtx);
  9976. dump_include_use_data =
  9977. attrbuf[NL80211_ATTR_BSS_DUMP_INCLUDE_USE_DATA];
  9978. kfree(attrbuf);
  9979. spin_lock_bh(&rdev->bss_lock);
  9980. /*
  9981. * dump_scan will be called multiple times to break up the scan results
  9982. * into multiple messages. It is unlikely that any more bss-es will be
  9983. * expired after the first call, so only call only call this on the
  9984. * first dump_scan invocation.
  9985. */
  9986. if (start == 0)
  9987. cfg80211_bss_expire(rdev);
  9988. cb->seq = rdev->bss_generation;
  9989. list_for_each_entry(scan, &rdev->bss_list, list) {
  9990. if (++idx <= start)
  9991. continue;
  9992. if (!dump_include_use_data &&
  9993. !(scan->pub.use_for & NL80211_BSS_USE_FOR_NORMAL))
  9994. continue;
  9995. if (nl80211_send_bss(skb, cb,
  9996. cb->nlh->nlmsg_seq, NLM_F_MULTI,
  9997. rdev, wdev, scan) < 0) {
  9998. idx--;
  9999. break;
  10000. }
  10001. }
  10002. spin_unlock_bh(&rdev->bss_lock);
  10003. cb->args[2] = idx;
  10004. wiphy_unlock(&rdev->wiphy);
  10005. return skb->len;
  10006. }
  10007. static int nl80211_send_survey(struct sk_buff *msg, u32 portid, u32 seq,
  10008. int flags, struct net_device *dev,
  10009. bool allow_radio_stats,
  10010. struct survey_info *survey)
  10011. {
  10012. void *hdr;
  10013. struct nlattr *infoattr;
  10014. /* skip radio stats if userspace didn't request them */
  10015. if (!survey->channel && !allow_radio_stats)
  10016. return 0;
  10017. hdr = nl80211hdr_put(msg, portid, seq, flags,
  10018. NL80211_CMD_NEW_SURVEY_RESULTS);
  10019. if (!hdr)
  10020. return -ENOMEM;
  10021. if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex))
  10022. goto nla_put_failure;
  10023. infoattr = nla_nest_start_noflag(msg, NL80211_ATTR_SURVEY_INFO);
  10024. if (!infoattr)
  10025. goto nla_put_failure;
  10026. if (survey->channel &&
  10027. nla_put_u32(msg, NL80211_SURVEY_INFO_FREQUENCY,
  10028. survey->channel->center_freq))
  10029. goto nla_put_failure;
  10030. if (survey->channel && survey->channel->freq_offset &&
  10031. nla_put_u32(msg, NL80211_SURVEY_INFO_FREQUENCY_OFFSET,
  10032. survey->channel->freq_offset))
  10033. goto nla_put_failure;
  10034. if ((survey->filled & SURVEY_INFO_NOISE_DBM) &&
  10035. nla_put_u8(msg, NL80211_SURVEY_INFO_NOISE, survey->noise))
  10036. goto nla_put_failure;
  10037. if ((survey->filled & SURVEY_INFO_IN_USE) &&
  10038. nla_put_flag(msg, NL80211_SURVEY_INFO_IN_USE))
  10039. goto nla_put_failure;
  10040. if ((survey->filled & SURVEY_INFO_TIME) &&
  10041. nla_put_u64_64bit(msg, NL80211_SURVEY_INFO_TIME,
  10042. survey->time, NL80211_SURVEY_INFO_PAD))
  10043. goto nla_put_failure;
  10044. if ((survey->filled & SURVEY_INFO_TIME_BUSY) &&
  10045. nla_put_u64_64bit(msg, NL80211_SURVEY_INFO_TIME_BUSY,
  10046. survey->time_busy, NL80211_SURVEY_INFO_PAD))
  10047. goto nla_put_failure;
  10048. if ((survey->filled & SURVEY_INFO_TIME_EXT_BUSY) &&
  10049. nla_put_u64_64bit(msg, NL80211_SURVEY_INFO_TIME_EXT_BUSY,
  10050. survey->time_ext_busy, NL80211_SURVEY_INFO_PAD))
  10051. goto nla_put_failure;
  10052. if ((survey->filled & SURVEY_INFO_TIME_RX) &&
  10053. nla_put_u64_64bit(msg, NL80211_SURVEY_INFO_TIME_RX,
  10054. survey->time_rx, NL80211_SURVEY_INFO_PAD))
  10055. goto nla_put_failure;
  10056. if ((survey->filled & SURVEY_INFO_TIME_TX) &&
  10057. nla_put_u64_64bit(msg, NL80211_SURVEY_INFO_TIME_TX,
  10058. survey->time_tx, NL80211_SURVEY_INFO_PAD))
  10059. goto nla_put_failure;
  10060. if ((survey->filled & SURVEY_INFO_TIME_SCAN) &&
  10061. nla_put_u64_64bit(msg, NL80211_SURVEY_INFO_TIME_SCAN,
  10062. survey->time_scan, NL80211_SURVEY_INFO_PAD))
  10063. goto nla_put_failure;
  10064. if ((survey->filled & SURVEY_INFO_TIME_BSS_RX) &&
  10065. nla_put_u64_64bit(msg, NL80211_SURVEY_INFO_TIME_BSS_RX,
  10066. survey->time_bss_rx, NL80211_SURVEY_INFO_PAD))
  10067. goto nla_put_failure;
  10068. nla_nest_end(msg, infoattr);
  10069. genlmsg_end(msg, hdr);
  10070. return 0;
  10071. nla_put_failure:
  10072. genlmsg_cancel(msg, hdr);
  10073. return -EMSGSIZE;
  10074. }
  10075. static int nl80211_dump_survey(struct sk_buff *skb, struct netlink_callback *cb)
  10076. {
  10077. struct nlattr **attrbuf;
  10078. struct survey_info survey;
  10079. struct cfg80211_registered_device *rdev;
  10080. struct wireless_dev *wdev;
  10081. int survey_idx = cb->args[2];
  10082. int res;
  10083. bool radio_stats;
  10084. attrbuf = kzalloc_objs(*attrbuf, NUM_NL80211_ATTR);
  10085. if (!attrbuf)
  10086. return -ENOMEM;
  10087. res = nl80211_prepare_wdev_dump(cb, &rdev, &wdev, attrbuf);
  10088. if (res) {
  10089. kfree(attrbuf);
  10090. return res;
  10091. }
  10092. /* nl80211_prepare_wdev_dump acquired it in the successful case */
  10093. __acquire(&rdev->wiphy.mtx);
  10094. /* prepare_wdev_dump parsed the attributes */
  10095. radio_stats = attrbuf[NL80211_ATTR_SURVEY_RADIO_STATS];
  10096. if (!wdev->netdev) {
  10097. res = -EINVAL;
  10098. goto out_err;
  10099. }
  10100. if (!rdev->ops->dump_survey) {
  10101. res = -EOPNOTSUPP;
  10102. goto out_err;
  10103. }
  10104. while (1) {
  10105. res = rdev_dump_survey(rdev, wdev->netdev, survey_idx, &survey);
  10106. if (res == -ENOENT)
  10107. break;
  10108. if (res)
  10109. goto out_err;
  10110. /* don't send disabled channels, but do send non-channel data */
  10111. if (survey.channel &&
  10112. survey.channel->flags & IEEE80211_CHAN_DISABLED) {
  10113. survey_idx++;
  10114. continue;
  10115. }
  10116. if (nl80211_send_survey(skb,
  10117. NETLINK_CB(cb->skb).portid,
  10118. cb->nlh->nlmsg_seq, NLM_F_MULTI,
  10119. wdev->netdev, radio_stats, &survey) < 0)
  10120. goto out;
  10121. survey_idx++;
  10122. }
  10123. out:
  10124. cb->args[2] = survey_idx;
  10125. res = skb->len;
  10126. out_err:
  10127. kfree(attrbuf);
  10128. wiphy_unlock(&rdev->wiphy);
  10129. return res;
  10130. }
  10131. static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info)
  10132. {
  10133. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  10134. struct net_device *dev = info->user_ptr[1];
  10135. struct ieee80211_channel *chan;
  10136. const u8 *bssid, *ssid;
  10137. int err, ssid_len;
  10138. enum nl80211_auth_type auth_type;
  10139. struct key_parse key;
  10140. bool local_state_change;
  10141. struct cfg80211_auth_request req = {};
  10142. u32 freq;
  10143. if (!info->attrs[NL80211_ATTR_MAC])
  10144. return -EINVAL;
  10145. if (!info->attrs[NL80211_ATTR_AUTH_TYPE])
  10146. return -EINVAL;
  10147. if (!info->attrs[NL80211_ATTR_SSID])
  10148. return -EINVAL;
  10149. if (!info->attrs[NL80211_ATTR_WIPHY_FREQ])
  10150. return -EINVAL;
  10151. err = nl80211_parse_key(info, &key);
  10152. if (err)
  10153. return err;
  10154. if (key.idx >= 0) {
  10155. if (key.type != -1 && key.type != NL80211_KEYTYPE_GROUP)
  10156. return -EINVAL;
  10157. if (!key.p.key || !key.p.key_len)
  10158. return -EINVAL;
  10159. if ((key.p.cipher != WLAN_CIPHER_SUITE_WEP40 ||
  10160. key.p.key_len != WLAN_KEY_LEN_WEP40) &&
  10161. (key.p.cipher != WLAN_CIPHER_SUITE_WEP104 ||
  10162. key.p.key_len != WLAN_KEY_LEN_WEP104))
  10163. return -EINVAL;
  10164. if (key.idx > 3)
  10165. return -EINVAL;
  10166. } else {
  10167. key.p.key_len = 0;
  10168. key.p.key = NULL;
  10169. }
  10170. if (key.idx >= 0) {
  10171. int i;
  10172. bool ok = false;
  10173. for (i = 0; i < rdev->wiphy.n_cipher_suites; i++) {
  10174. if (key.p.cipher == rdev->wiphy.cipher_suites[i]) {
  10175. ok = true;
  10176. break;
  10177. }
  10178. }
  10179. if (!ok)
  10180. return -EINVAL;
  10181. }
  10182. if (!rdev->ops->auth)
  10183. return -EOPNOTSUPP;
  10184. if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
  10185. dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
  10186. return -EOPNOTSUPP;
  10187. bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
  10188. freq = MHZ_TO_KHZ(nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]));
  10189. if (info->attrs[NL80211_ATTR_WIPHY_FREQ_OFFSET])
  10190. freq +=
  10191. nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ_OFFSET]);
  10192. chan = nl80211_get_valid_chan(&rdev->wiphy, freq);
  10193. if (!chan)
  10194. return -EINVAL;
  10195. ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
  10196. ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
  10197. if (info->attrs[NL80211_ATTR_IE]) {
  10198. req.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
  10199. req.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
  10200. }
  10201. if (info->attrs[NL80211_ATTR_SUPPORTED_SELECTORS]) {
  10202. req.supported_selectors =
  10203. nla_data(info->attrs[NL80211_ATTR_SUPPORTED_SELECTORS]);
  10204. req.supported_selectors_len =
  10205. nla_len(info->attrs[NL80211_ATTR_SUPPORTED_SELECTORS]);
  10206. }
  10207. auth_type = nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]);
  10208. if (!nl80211_valid_auth_type(rdev, auth_type, NL80211_CMD_AUTHENTICATE))
  10209. return -EINVAL;
  10210. if ((auth_type == NL80211_AUTHTYPE_SAE ||
  10211. auth_type == NL80211_AUTHTYPE_FILS_SK ||
  10212. auth_type == NL80211_AUTHTYPE_FILS_SK_PFS ||
  10213. auth_type == NL80211_AUTHTYPE_FILS_PK ||
  10214. auth_type == NL80211_AUTHTYPE_EPPKE) &&
  10215. !info->attrs[NL80211_ATTR_AUTH_DATA])
  10216. return -EINVAL;
  10217. if (info->attrs[NL80211_ATTR_AUTH_DATA]) {
  10218. if (auth_type != NL80211_AUTHTYPE_SAE &&
  10219. auth_type != NL80211_AUTHTYPE_FILS_SK &&
  10220. auth_type != NL80211_AUTHTYPE_FILS_SK_PFS &&
  10221. auth_type != NL80211_AUTHTYPE_FILS_PK &&
  10222. auth_type != NL80211_AUTHTYPE_EPPKE)
  10223. return -EINVAL;
  10224. req.auth_data = nla_data(info->attrs[NL80211_ATTR_AUTH_DATA]);
  10225. req.auth_data_len = nla_len(info->attrs[NL80211_ATTR_AUTH_DATA]);
  10226. }
  10227. local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE];
  10228. /*
  10229. * Since we no longer track auth state, ignore
  10230. * requests to only change local state.
  10231. */
  10232. if (local_state_change)
  10233. return 0;
  10234. req.auth_type = auth_type;
  10235. req.key = key.p.key;
  10236. req.key_len = key.p.key_len;
  10237. req.key_idx = key.idx;
  10238. req.link_id = nl80211_link_id_or_invalid(info->attrs);
  10239. if (req.link_id >= 0) {
  10240. if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_MLO))
  10241. return -EINVAL;
  10242. if (!info->attrs[NL80211_ATTR_MLD_ADDR])
  10243. return -EINVAL;
  10244. req.ap_mld_addr = nla_data(info->attrs[NL80211_ATTR_MLD_ADDR]);
  10245. if (!is_valid_ether_addr(req.ap_mld_addr))
  10246. return -EINVAL;
  10247. }
  10248. req.bss = cfg80211_get_bss(&rdev->wiphy, chan, bssid, ssid, ssid_len,
  10249. IEEE80211_BSS_TYPE_ESS,
  10250. IEEE80211_PRIVACY_ANY);
  10251. if (!req.bss)
  10252. return -ENOENT;
  10253. err = cfg80211_mlme_auth(rdev, dev, &req);
  10254. cfg80211_put_bss(&rdev->wiphy, req.bss);
  10255. return err;
  10256. }
  10257. static int validate_pae_over_nl80211(struct cfg80211_registered_device *rdev,
  10258. struct genl_info *info)
  10259. {
  10260. if (!info->attrs[NL80211_ATTR_SOCKET_OWNER]) {
  10261. GENL_SET_ERR_MSG(info, "SOCKET_OWNER not set");
  10262. return -EINVAL;
  10263. }
  10264. if (!rdev->ops->tx_control_port ||
  10265. !wiphy_ext_feature_isset(&rdev->wiphy,
  10266. NL80211_EXT_FEATURE_CONTROL_PORT_OVER_NL80211))
  10267. return -EOPNOTSUPP;
  10268. return 0;
  10269. }
  10270. static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev,
  10271. struct genl_info *info,
  10272. struct cfg80211_crypto_settings *settings,
  10273. int cipher_limit)
  10274. {
  10275. memset(settings, 0, sizeof(*settings));
  10276. settings->control_port = info->attrs[NL80211_ATTR_CONTROL_PORT];
  10277. if (info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]) {
  10278. u16 proto;
  10279. proto = nla_get_u16(
  10280. info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]);
  10281. settings->control_port_ethertype = cpu_to_be16(proto);
  10282. if (!(rdev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) &&
  10283. proto != ETH_P_PAE)
  10284. return -EINVAL;
  10285. if (info->attrs[NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT])
  10286. settings->control_port_no_encrypt = true;
  10287. } else
  10288. settings->control_port_ethertype = cpu_to_be16(ETH_P_PAE);
  10289. if (info->attrs[NL80211_ATTR_CONTROL_PORT_OVER_NL80211]) {
  10290. int r = validate_pae_over_nl80211(rdev, info);
  10291. if (r < 0)
  10292. return r;
  10293. settings->control_port_over_nl80211 = true;
  10294. if (info->attrs[NL80211_ATTR_CONTROL_PORT_NO_PREAUTH])
  10295. settings->control_port_no_preauth = true;
  10296. }
  10297. if (info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]) {
  10298. void *data;
  10299. int len, i;
  10300. data = nla_data(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]);
  10301. len = nla_len(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]);
  10302. settings->n_ciphers_pairwise = len / sizeof(u32);
  10303. if (len % sizeof(u32))
  10304. return -EINVAL;
  10305. if (settings->n_ciphers_pairwise > cipher_limit)
  10306. return -EINVAL;
  10307. memcpy(settings->ciphers_pairwise, data, len);
  10308. for (i = 0; i < settings->n_ciphers_pairwise; i++)
  10309. if (!cfg80211_supported_cipher_suite(
  10310. &rdev->wiphy,
  10311. settings->ciphers_pairwise[i]))
  10312. return -EINVAL;
  10313. }
  10314. if (info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]) {
  10315. settings->cipher_group =
  10316. nla_get_u32(info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]);
  10317. if (!cfg80211_supported_cipher_suite(&rdev->wiphy,
  10318. settings->cipher_group))
  10319. return -EINVAL;
  10320. }
  10321. if (info->attrs[NL80211_ATTR_WPA_VERSIONS])
  10322. settings->wpa_versions =
  10323. nla_get_u32(info->attrs[NL80211_ATTR_WPA_VERSIONS]);
  10324. if (info->attrs[NL80211_ATTR_AKM_SUITES]) {
  10325. void *data;
  10326. int len;
  10327. data = nla_data(info->attrs[NL80211_ATTR_AKM_SUITES]);
  10328. len = nla_len(info->attrs[NL80211_ATTR_AKM_SUITES]);
  10329. settings->n_akm_suites = len / sizeof(u32);
  10330. if (len % sizeof(u32))
  10331. return -EINVAL;
  10332. if (settings->n_akm_suites > rdev->wiphy.max_num_akm_suites)
  10333. return -EINVAL;
  10334. memcpy(settings->akm_suites, data, len);
  10335. }
  10336. if (info->attrs[NL80211_ATTR_PMK]) {
  10337. if (nla_len(info->attrs[NL80211_ATTR_PMK]) != WLAN_PMK_LEN)
  10338. return -EINVAL;
  10339. if (!wiphy_ext_feature_isset(&rdev->wiphy,
  10340. NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_PSK) &&
  10341. !wiphy_ext_feature_isset(&rdev->wiphy,
  10342. NL80211_EXT_FEATURE_4WAY_HANDSHAKE_AP_PSK))
  10343. return -EINVAL;
  10344. settings->psk = nla_data(info->attrs[NL80211_ATTR_PMK]);
  10345. }
  10346. if (info->attrs[NL80211_ATTR_SAE_PASSWORD]) {
  10347. if (!wiphy_ext_feature_isset(&rdev->wiphy,
  10348. NL80211_EXT_FEATURE_SAE_OFFLOAD) &&
  10349. !wiphy_ext_feature_isset(&rdev->wiphy,
  10350. NL80211_EXT_FEATURE_SAE_OFFLOAD_AP))
  10351. return -EINVAL;
  10352. settings->sae_pwd =
  10353. nla_data(info->attrs[NL80211_ATTR_SAE_PASSWORD]);
  10354. settings->sae_pwd_len =
  10355. nla_len(info->attrs[NL80211_ATTR_SAE_PASSWORD]);
  10356. }
  10357. settings->sae_pwe =
  10358. nla_get_u8_default(info->attrs[NL80211_ATTR_SAE_PWE],
  10359. NL80211_SAE_PWE_UNSPECIFIED);
  10360. return 0;
  10361. }
  10362. static struct cfg80211_bss *nl80211_assoc_bss(struct cfg80211_registered_device *rdev,
  10363. const u8 *ssid, int ssid_len,
  10364. struct nlattr **attrs,
  10365. int assoc_link_id, int link_id)
  10366. {
  10367. struct ieee80211_channel *chan;
  10368. struct cfg80211_bss *bss;
  10369. const u8 *bssid;
  10370. u32 freq, use_for = 0;
  10371. if (!attrs[NL80211_ATTR_MAC] || !attrs[NL80211_ATTR_WIPHY_FREQ])
  10372. return ERR_PTR(-EINVAL);
  10373. bssid = nla_data(attrs[NL80211_ATTR_MAC]);
  10374. freq = MHZ_TO_KHZ(nla_get_u32(attrs[NL80211_ATTR_WIPHY_FREQ]));
  10375. if (attrs[NL80211_ATTR_WIPHY_FREQ_OFFSET])
  10376. freq += nla_get_u32(attrs[NL80211_ATTR_WIPHY_FREQ_OFFSET]);
  10377. chan = nl80211_get_valid_chan(&rdev->wiphy, freq);
  10378. if (!chan)
  10379. return ERR_PTR(-EINVAL);
  10380. if (assoc_link_id >= 0)
  10381. use_for = NL80211_BSS_USE_FOR_MLD_LINK;
  10382. if (assoc_link_id == link_id)
  10383. use_for |= NL80211_BSS_USE_FOR_NORMAL;
  10384. bss = __cfg80211_get_bss(&rdev->wiphy, chan, bssid,
  10385. ssid, ssid_len,
  10386. IEEE80211_BSS_TYPE_ESS,
  10387. IEEE80211_PRIVACY_ANY,
  10388. use_for);
  10389. if (!bss)
  10390. return ERR_PTR(-ENOENT);
  10391. return bss;
  10392. }
  10393. static int nl80211_process_links(struct cfg80211_registered_device *rdev,
  10394. struct cfg80211_assoc_link *links,
  10395. int assoc_link_id,
  10396. const u8 *ssid, int ssid_len,
  10397. struct genl_info *info)
  10398. {
  10399. unsigned int attrsize = NUM_NL80211_ATTR * sizeof(struct nlattr *);
  10400. struct nlattr **attrs __free(kfree) = kzalloc(attrsize, GFP_KERNEL);
  10401. struct nlattr *link;
  10402. unsigned int link_id;
  10403. int rem, err;
  10404. if (!attrs)
  10405. return -ENOMEM;
  10406. nla_for_each_nested(link, info->attrs[NL80211_ATTR_MLO_LINKS], rem) {
  10407. memset(attrs, 0, attrsize);
  10408. nla_parse_nested(attrs, NL80211_ATTR_MAX, link, NULL, NULL);
  10409. if (!attrs[NL80211_ATTR_MLO_LINK_ID]) {
  10410. NL_SET_BAD_ATTR(info->extack, link);
  10411. return -EINVAL;
  10412. }
  10413. link_id = nla_get_u8(attrs[NL80211_ATTR_MLO_LINK_ID]);
  10414. /* cannot use the same link ID again */
  10415. if (links[link_id].bss) {
  10416. NL_SET_BAD_ATTR(info->extack, link);
  10417. return -EINVAL;
  10418. }
  10419. links[link_id].bss =
  10420. nl80211_assoc_bss(rdev, ssid, ssid_len, attrs,
  10421. assoc_link_id, link_id);
  10422. if (IS_ERR(links[link_id].bss)) {
  10423. err = PTR_ERR(links[link_id].bss);
  10424. links[link_id].bss = NULL;
  10425. NL_SET_ERR_MSG_ATTR(info->extack, link,
  10426. "Error fetching BSS for link");
  10427. return err;
  10428. }
  10429. if (attrs[NL80211_ATTR_IE]) {
  10430. links[link_id].elems = nla_data(attrs[NL80211_ATTR_IE]);
  10431. links[link_id].elems_len =
  10432. nla_len(attrs[NL80211_ATTR_IE]);
  10433. if (cfg80211_find_elem(WLAN_EID_FRAGMENT,
  10434. links[link_id].elems,
  10435. links[link_id].elems_len)) {
  10436. NL_SET_ERR_MSG_ATTR(info->extack,
  10437. attrs[NL80211_ATTR_IE],
  10438. "cannot deal with fragmentation");
  10439. return -EINVAL;
  10440. }
  10441. if (cfg80211_find_ext_elem(WLAN_EID_EXT_NON_INHERITANCE,
  10442. links[link_id].elems,
  10443. links[link_id].elems_len)) {
  10444. NL_SET_ERR_MSG_ATTR(info->extack,
  10445. attrs[NL80211_ATTR_IE],
  10446. "cannot deal with non-inheritance");
  10447. return -EINVAL;
  10448. }
  10449. }
  10450. }
  10451. return 0;
  10452. }
  10453. static int nl80211_associate(struct sk_buff *skb, struct genl_info *info)
  10454. {
  10455. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  10456. struct net_device *dev = info->user_ptr[1];
  10457. struct cfg80211_assoc_request req = {};
  10458. const u8 *ap_addr, *ssid;
  10459. unsigned int link_id;
  10460. int err, ssid_len;
  10461. if (dev->ieee80211_ptr->conn_owner_nlportid &&
  10462. dev->ieee80211_ptr->conn_owner_nlportid != info->snd_portid)
  10463. return -EPERM;
  10464. if (!info->attrs[NL80211_ATTR_SSID])
  10465. return -EINVAL;
  10466. if (!rdev->ops->assoc)
  10467. return -EOPNOTSUPP;
  10468. if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
  10469. dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
  10470. return -EOPNOTSUPP;
  10471. ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
  10472. ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
  10473. if (info->attrs[NL80211_ATTR_IE]) {
  10474. req.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
  10475. req.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
  10476. if (cfg80211_find_ext_elem(WLAN_EID_EXT_NON_INHERITANCE,
  10477. req.ie, req.ie_len)) {
  10478. NL_SET_ERR_MSG_ATTR(info->extack,
  10479. info->attrs[NL80211_ATTR_IE],
  10480. "non-inheritance makes no sense");
  10481. return -EINVAL;
  10482. }
  10483. }
  10484. if (info->attrs[NL80211_ATTR_USE_MFP]) {
  10485. enum nl80211_mfp mfp =
  10486. nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]);
  10487. if (mfp == NL80211_MFP_REQUIRED)
  10488. req.use_mfp = true;
  10489. else if (mfp != NL80211_MFP_NO)
  10490. return -EINVAL;
  10491. }
  10492. if (info->attrs[NL80211_ATTR_PREV_BSSID])
  10493. req.prev_bssid = nla_data(info->attrs[NL80211_ATTR_PREV_BSSID]);
  10494. if (info->attrs[NL80211_ATTR_SUPPORTED_SELECTORS]) {
  10495. req.supported_selectors =
  10496. nla_data(info->attrs[NL80211_ATTR_SUPPORTED_SELECTORS]);
  10497. req.supported_selectors_len =
  10498. nla_len(info->attrs[NL80211_ATTR_SUPPORTED_SELECTORS]);
  10499. }
  10500. if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_HT]))
  10501. req.flags |= ASSOC_REQ_DISABLE_HT;
  10502. if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
  10503. memcpy(&req.ht_capa_mask,
  10504. nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]),
  10505. sizeof(req.ht_capa_mask));
  10506. if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) {
  10507. if (!info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
  10508. return -EINVAL;
  10509. memcpy(&req.ht_capa,
  10510. nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]),
  10511. sizeof(req.ht_capa));
  10512. }
  10513. if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_VHT]))
  10514. req.flags |= ASSOC_REQ_DISABLE_VHT;
  10515. if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_HE]))
  10516. req.flags |= ASSOC_REQ_DISABLE_HE;
  10517. if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_EHT]))
  10518. req.flags |= ASSOC_REQ_DISABLE_EHT;
  10519. if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_UHR]))
  10520. req.flags |= ASSOC_REQ_DISABLE_UHR;
  10521. if (info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK])
  10522. memcpy(&req.vht_capa_mask,
  10523. nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK]),
  10524. sizeof(req.vht_capa_mask));
  10525. if (info->attrs[NL80211_ATTR_VHT_CAPABILITY]) {
  10526. if (!info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK])
  10527. return -EINVAL;
  10528. memcpy(&req.vht_capa,
  10529. nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY]),
  10530. sizeof(req.vht_capa));
  10531. }
  10532. if (nla_get_flag(info->attrs[NL80211_ATTR_USE_RRM])) {
  10533. if (!((rdev->wiphy.features &
  10534. NL80211_FEATURE_DS_PARAM_SET_IE_IN_PROBES) &&
  10535. (rdev->wiphy.features & NL80211_FEATURE_QUIET)) &&
  10536. !wiphy_ext_feature_isset(&rdev->wiphy,
  10537. NL80211_EXT_FEATURE_RRM))
  10538. return -EINVAL;
  10539. req.flags |= ASSOC_REQ_USE_RRM;
  10540. }
  10541. if (info->attrs[NL80211_ATTR_FILS_KEK]) {
  10542. req.fils_kek = nla_data(info->attrs[NL80211_ATTR_FILS_KEK]);
  10543. req.fils_kek_len = nla_len(info->attrs[NL80211_ATTR_FILS_KEK]);
  10544. if (!info->attrs[NL80211_ATTR_FILS_NONCES])
  10545. return -EINVAL;
  10546. req.fils_nonces =
  10547. nla_data(info->attrs[NL80211_ATTR_FILS_NONCES]);
  10548. }
  10549. if (info->attrs[NL80211_ATTR_S1G_CAPABILITY_MASK]) {
  10550. if (!info->attrs[NL80211_ATTR_S1G_CAPABILITY])
  10551. return -EINVAL;
  10552. memcpy(&req.s1g_capa_mask,
  10553. nla_data(info->attrs[NL80211_ATTR_S1G_CAPABILITY_MASK]),
  10554. sizeof(req.s1g_capa_mask));
  10555. }
  10556. if (info->attrs[NL80211_ATTR_S1G_CAPABILITY]) {
  10557. if (!info->attrs[NL80211_ATTR_S1G_CAPABILITY_MASK])
  10558. return -EINVAL;
  10559. memcpy(&req.s1g_capa,
  10560. nla_data(info->attrs[NL80211_ATTR_S1G_CAPABILITY]),
  10561. sizeof(req.s1g_capa));
  10562. }
  10563. if (nla_get_flag(info->attrs[NL80211_ATTR_ASSOC_SPP_AMSDU])) {
  10564. if (!wiphy_ext_feature_isset(&rdev->wiphy,
  10565. NL80211_EXT_FEATURE_SPP_AMSDU_SUPPORT)) {
  10566. GENL_SET_ERR_MSG(info, "SPP A-MSDUs not supported");
  10567. return -EINVAL;
  10568. }
  10569. req.flags |= ASSOC_REQ_SPP_AMSDU;
  10570. }
  10571. req.link_id = nl80211_link_id_or_invalid(info->attrs);
  10572. if (info->attrs[NL80211_ATTR_MLO_LINKS]) {
  10573. if (req.link_id < 0)
  10574. return -EINVAL;
  10575. if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_MLO))
  10576. return -EINVAL;
  10577. if (info->attrs[NL80211_ATTR_MAC] ||
  10578. info->attrs[NL80211_ATTR_WIPHY_FREQ] ||
  10579. !info->attrs[NL80211_ATTR_MLD_ADDR])
  10580. return -EINVAL;
  10581. req.ap_mld_addr = nla_data(info->attrs[NL80211_ATTR_MLD_ADDR]);
  10582. ap_addr = req.ap_mld_addr;
  10583. err = nl80211_process_links(rdev, req.links, req.link_id,
  10584. ssid, ssid_len, info);
  10585. if (err)
  10586. goto free;
  10587. if (!req.links[req.link_id].bss) {
  10588. err = -EINVAL;
  10589. goto free;
  10590. }
  10591. if (req.links[req.link_id].elems_len) {
  10592. GENL_SET_ERR_MSG(info,
  10593. "cannot have per-link elems on assoc link");
  10594. err = -EINVAL;
  10595. goto free;
  10596. }
  10597. if (info->attrs[NL80211_ATTR_ASSOC_MLD_EXT_CAPA_OPS])
  10598. req.ext_mld_capa_ops =
  10599. nla_get_u16(info->attrs[NL80211_ATTR_ASSOC_MLD_EXT_CAPA_OPS]);
  10600. } else {
  10601. if (req.link_id >= 0)
  10602. return -EINVAL;
  10603. req.bss = nl80211_assoc_bss(rdev, ssid, ssid_len, info->attrs,
  10604. -1, -1);
  10605. if (IS_ERR(req.bss))
  10606. return PTR_ERR(req.bss);
  10607. ap_addr = req.bss->bssid;
  10608. if (info->attrs[NL80211_ATTR_ASSOC_MLD_EXT_CAPA_OPS])
  10609. return -EINVAL;
  10610. }
  10611. err = nl80211_crypto_settings(rdev, info, &req.crypto, 1);
  10612. if (!err) {
  10613. struct nlattr *link;
  10614. int rem = 0;
  10615. err = cfg80211_mlme_assoc(rdev, dev, &req,
  10616. info->extack);
  10617. if (!err && info->attrs[NL80211_ATTR_SOCKET_OWNER]) {
  10618. dev->ieee80211_ptr->conn_owner_nlportid =
  10619. info->snd_portid;
  10620. memcpy(dev->ieee80211_ptr->disconnect_bssid,
  10621. ap_addr, ETH_ALEN);
  10622. }
  10623. /* Report error from first problematic link */
  10624. if (info->attrs[NL80211_ATTR_MLO_LINKS]) {
  10625. nla_for_each_nested(link,
  10626. info->attrs[NL80211_ATTR_MLO_LINKS],
  10627. rem) {
  10628. struct nlattr *link_id_attr =
  10629. nla_find_nested(link, NL80211_ATTR_MLO_LINK_ID);
  10630. if (!link_id_attr)
  10631. continue;
  10632. link_id = nla_get_u8(link_id_attr);
  10633. if (link_id == req.link_id)
  10634. continue;
  10635. if (!req.links[link_id].error ||
  10636. WARN_ON(req.links[link_id].error > 0))
  10637. continue;
  10638. WARN_ON(err >= 0);
  10639. NL_SET_BAD_ATTR(info->extack, link);
  10640. err = req.links[link_id].error;
  10641. break;
  10642. }
  10643. }
  10644. }
  10645. free:
  10646. for (link_id = 0; link_id < ARRAY_SIZE(req.links); link_id++)
  10647. cfg80211_put_bss(&rdev->wiphy, req.links[link_id].bss);
  10648. cfg80211_put_bss(&rdev->wiphy, req.bss);
  10649. return err;
  10650. }
  10651. static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info)
  10652. {
  10653. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  10654. struct net_device *dev = info->user_ptr[1];
  10655. const u8 *ie = NULL, *bssid;
  10656. int ie_len = 0;
  10657. u16 reason_code;
  10658. bool local_state_change;
  10659. if (dev->ieee80211_ptr->conn_owner_nlportid &&
  10660. dev->ieee80211_ptr->conn_owner_nlportid != info->snd_portid)
  10661. return -EPERM;
  10662. if (!info->attrs[NL80211_ATTR_MAC])
  10663. return -EINVAL;
  10664. if (!info->attrs[NL80211_ATTR_REASON_CODE])
  10665. return -EINVAL;
  10666. if (!rdev->ops->deauth)
  10667. return -EOPNOTSUPP;
  10668. if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
  10669. dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
  10670. return -EOPNOTSUPP;
  10671. bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
  10672. reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
  10673. if (reason_code == 0) {
  10674. /* Reason Code 0 is reserved */
  10675. return -EINVAL;
  10676. }
  10677. if (info->attrs[NL80211_ATTR_IE]) {
  10678. ie = nla_data(info->attrs[NL80211_ATTR_IE]);
  10679. ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
  10680. }
  10681. local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE];
  10682. return cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason_code,
  10683. local_state_change);
  10684. }
  10685. static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info)
  10686. {
  10687. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  10688. struct net_device *dev = info->user_ptr[1];
  10689. const u8 *ie = NULL, *bssid;
  10690. int ie_len = 0;
  10691. u16 reason_code;
  10692. bool local_state_change;
  10693. if (dev->ieee80211_ptr->conn_owner_nlportid &&
  10694. dev->ieee80211_ptr->conn_owner_nlportid != info->snd_portid)
  10695. return -EPERM;
  10696. if (!info->attrs[NL80211_ATTR_MAC])
  10697. return -EINVAL;
  10698. if (!info->attrs[NL80211_ATTR_REASON_CODE])
  10699. return -EINVAL;
  10700. if (!rdev->ops->disassoc)
  10701. return -EOPNOTSUPP;
  10702. if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
  10703. dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
  10704. return -EOPNOTSUPP;
  10705. bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
  10706. reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
  10707. if (reason_code == 0) {
  10708. /* Reason Code 0 is reserved */
  10709. return -EINVAL;
  10710. }
  10711. if (info->attrs[NL80211_ATTR_IE]) {
  10712. ie = nla_data(info->attrs[NL80211_ATTR_IE]);
  10713. ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
  10714. }
  10715. local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE];
  10716. return cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason_code,
  10717. local_state_change);
  10718. }
  10719. static bool
  10720. nl80211_parse_mcast_rate(struct cfg80211_registered_device *rdev,
  10721. int mcast_rate[NUM_NL80211_BANDS],
  10722. int rateval)
  10723. {
  10724. struct wiphy *wiphy = &rdev->wiphy;
  10725. bool found = false;
  10726. int band, i;
  10727. for (band = 0; band < NUM_NL80211_BANDS; band++) {
  10728. struct ieee80211_supported_band *sband;
  10729. sband = wiphy->bands[band];
  10730. if (!sband)
  10731. continue;
  10732. for (i = 0; i < sband->n_bitrates; i++) {
  10733. if (sband->bitrates[i].bitrate == rateval) {
  10734. mcast_rate[band] = i + 1;
  10735. found = true;
  10736. break;
  10737. }
  10738. }
  10739. }
  10740. return found;
  10741. }
  10742. static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info)
  10743. {
  10744. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  10745. struct net_device *dev = info->user_ptr[1];
  10746. struct cfg80211_ibss_params ibss;
  10747. struct wiphy *wiphy;
  10748. struct cfg80211_cached_keys *connkeys = NULL;
  10749. int err;
  10750. memset(&ibss, 0, sizeof(ibss));
  10751. if (!info->attrs[NL80211_ATTR_SSID] ||
  10752. !nla_len(info->attrs[NL80211_ATTR_SSID]))
  10753. return -EINVAL;
  10754. ibss.beacon_interval = 100;
  10755. if (info->attrs[NL80211_ATTR_BEACON_INTERVAL])
  10756. ibss.beacon_interval =
  10757. nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]);
  10758. err = cfg80211_validate_beacon_int(rdev, NL80211_IFTYPE_ADHOC,
  10759. ibss.beacon_interval);
  10760. if (err)
  10761. return err;
  10762. if (!rdev->ops->join_ibss)
  10763. return -EOPNOTSUPP;
  10764. if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC)
  10765. return -EOPNOTSUPP;
  10766. wiphy = &rdev->wiphy;
  10767. if (info->attrs[NL80211_ATTR_MAC]) {
  10768. ibss.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
  10769. if (!is_valid_ether_addr(ibss.bssid))
  10770. return -EINVAL;
  10771. }
  10772. ibss.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
  10773. ibss.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
  10774. if (info->attrs[NL80211_ATTR_IE]) {
  10775. ibss.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
  10776. ibss.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
  10777. }
  10778. err = nl80211_parse_chandef(rdev, info, &ibss.chandef);
  10779. if (err)
  10780. return err;
  10781. if (!cfg80211_reg_can_beacon(&rdev->wiphy, &ibss.chandef,
  10782. NL80211_IFTYPE_ADHOC))
  10783. return -EINVAL;
  10784. switch (ibss.chandef.width) {
  10785. case NL80211_CHAN_WIDTH_5:
  10786. case NL80211_CHAN_WIDTH_10:
  10787. case NL80211_CHAN_WIDTH_20_NOHT:
  10788. break;
  10789. case NL80211_CHAN_WIDTH_20:
  10790. case NL80211_CHAN_WIDTH_40:
  10791. if (!(rdev->wiphy.features & NL80211_FEATURE_HT_IBSS))
  10792. return -EINVAL;
  10793. break;
  10794. case NL80211_CHAN_WIDTH_80:
  10795. case NL80211_CHAN_WIDTH_80P80:
  10796. case NL80211_CHAN_WIDTH_160:
  10797. if (!(rdev->wiphy.features & NL80211_FEATURE_HT_IBSS))
  10798. return -EINVAL;
  10799. if (!wiphy_ext_feature_isset(&rdev->wiphy,
  10800. NL80211_EXT_FEATURE_VHT_IBSS))
  10801. return -EINVAL;
  10802. break;
  10803. case NL80211_CHAN_WIDTH_320:
  10804. return -EINVAL;
  10805. default:
  10806. return -EINVAL;
  10807. }
  10808. ibss.channel_fixed = !!info->attrs[NL80211_ATTR_FREQ_FIXED];
  10809. ibss.privacy = !!info->attrs[NL80211_ATTR_PRIVACY];
  10810. if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) {
  10811. u8 *rates =
  10812. nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
  10813. int n_rates =
  10814. nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
  10815. struct ieee80211_supported_band *sband =
  10816. wiphy->bands[ibss.chandef.chan->band];
  10817. err = ieee80211_get_ratemask(sband, rates, n_rates,
  10818. &ibss.basic_rates);
  10819. if (err)
  10820. return err;
  10821. }
  10822. if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
  10823. memcpy(&ibss.ht_capa_mask,
  10824. nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]),
  10825. sizeof(ibss.ht_capa_mask));
  10826. if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) {
  10827. if (!info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
  10828. return -EINVAL;
  10829. memcpy(&ibss.ht_capa,
  10830. nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]),
  10831. sizeof(ibss.ht_capa));
  10832. }
  10833. if (info->attrs[NL80211_ATTR_MCAST_RATE] &&
  10834. !nl80211_parse_mcast_rate(rdev, ibss.mcast_rate,
  10835. nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE])))
  10836. return -EINVAL;
  10837. if (ibss.privacy && info->attrs[NL80211_ATTR_KEYS]) {
  10838. bool no_ht = false;
  10839. connkeys = nl80211_parse_connkeys(rdev, info, &no_ht);
  10840. if (IS_ERR(connkeys))
  10841. return PTR_ERR(connkeys);
  10842. if ((ibss.chandef.width != NL80211_CHAN_WIDTH_20_NOHT) &&
  10843. no_ht) {
  10844. kfree_sensitive(connkeys);
  10845. return -EINVAL;
  10846. }
  10847. }
  10848. ibss.control_port =
  10849. nla_get_flag(info->attrs[NL80211_ATTR_CONTROL_PORT]);
  10850. if (info->attrs[NL80211_ATTR_CONTROL_PORT_OVER_NL80211]) {
  10851. int r = validate_pae_over_nl80211(rdev, info);
  10852. if (r < 0) {
  10853. kfree_sensitive(connkeys);
  10854. return r;
  10855. }
  10856. ibss.control_port_over_nl80211 = true;
  10857. }
  10858. ibss.userspace_handles_dfs =
  10859. nla_get_flag(info->attrs[NL80211_ATTR_HANDLE_DFS]);
  10860. err = __cfg80211_join_ibss(rdev, dev, &ibss, connkeys);
  10861. if (err)
  10862. kfree_sensitive(connkeys);
  10863. else if (info->attrs[NL80211_ATTR_SOCKET_OWNER])
  10864. dev->ieee80211_ptr->conn_owner_nlportid = info->snd_portid;
  10865. return err;
  10866. }
  10867. static int nl80211_leave_ibss(struct sk_buff *skb, struct genl_info *info)
  10868. {
  10869. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  10870. struct net_device *dev = info->user_ptr[1];
  10871. if (!rdev->ops->leave_ibss)
  10872. return -EOPNOTSUPP;
  10873. if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC)
  10874. return -EOPNOTSUPP;
  10875. return cfg80211_leave_ibss(rdev, dev, false);
  10876. }
  10877. static int nl80211_set_mcast_rate(struct sk_buff *skb, struct genl_info *info)
  10878. {
  10879. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  10880. struct net_device *dev = info->user_ptr[1];
  10881. int mcast_rate[NUM_NL80211_BANDS];
  10882. u32 nla_rate;
  10883. if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC &&
  10884. dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT &&
  10885. dev->ieee80211_ptr->iftype != NL80211_IFTYPE_OCB)
  10886. return -EOPNOTSUPP;
  10887. if (!rdev->ops->set_mcast_rate)
  10888. return -EOPNOTSUPP;
  10889. memset(mcast_rate, 0, sizeof(mcast_rate));
  10890. if (!info->attrs[NL80211_ATTR_MCAST_RATE])
  10891. return -EINVAL;
  10892. nla_rate = nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE]);
  10893. if (!nl80211_parse_mcast_rate(rdev, mcast_rate, nla_rate))
  10894. return -EINVAL;
  10895. return rdev_set_mcast_rate(rdev, dev, mcast_rate);
  10896. }
  10897. static struct sk_buff *
  10898. __cfg80211_alloc_vendor_skb(struct cfg80211_registered_device *rdev,
  10899. struct wireless_dev *wdev, int approxlen,
  10900. u32 portid, u32 seq, enum nl80211_commands cmd,
  10901. enum nl80211_attrs attr,
  10902. const struct nl80211_vendor_cmd_info *info,
  10903. gfp_t gfp)
  10904. {
  10905. struct sk_buff *skb;
  10906. void *hdr;
  10907. struct nlattr *data;
  10908. skb = nlmsg_new(approxlen + 100, gfp);
  10909. if (!skb)
  10910. return NULL;
  10911. hdr = nl80211hdr_put(skb, portid, seq, 0, cmd);
  10912. if (!hdr) {
  10913. kfree_skb(skb);
  10914. return NULL;
  10915. }
  10916. if (nla_put_u32(skb, NL80211_ATTR_WIPHY, rdev->wiphy_idx))
  10917. goto nla_put_failure;
  10918. if (info) {
  10919. if (nla_put_u32(skb, NL80211_ATTR_VENDOR_ID,
  10920. info->vendor_id))
  10921. goto nla_put_failure;
  10922. if (nla_put_u32(skb, NL80211_ATTR_VENDOR_SUBCMD,
  10923. info->subcmd))
  10924. goto nla_put_failure;
  10925. }
  10926. if (wdev) {
  10927. if (nla_put_u64_64bit(skb, NL80211_ATTR_WDEV,
  10928. wdev_id(wdev), NL80211_ATTR_PAD))
  10929. goto nla_put_failure;
  10930. if (wdev->netdev &&
  10931. nla_put_u32(skb, NL80211_ATTR_IFINDEX,
  10932. wdev->netdev->ifindex))
  10933. goto nla_put_failure;
  10934. }
  10935. data = nla_nest_start_noflag(skb, attr);
  10936. if (!data)
  10937. goto nla_put_failure;
  10938. ((void **)skb->cb)[0] = rdev;
  10939. ((void **)skb->cb)[1] = hdr;
  10940. ((void **)skb->cb)[2] = data;
  10941. return skb;
  10942. nla_put_failure:
  10943. kfree_skb(skb);
  10944. return NULL;
  10945. }
  10946. struct sk_buff *__cfg80211_alloc_event_skb(struct wiphy *wiphy,
  10947. struct wireless_dev *wdev,
  10948. enum nl80211_commands cmd,
  10949. enum nl80211_attrs attr,
  10950. unsigned int portid,
  10951. int vendor_event_idx,
  10952. int approxlen, gfp_t gfp)
  10953. {
  10954. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  10955. const struct nl80211_vendor_cmd_info *info;
  10956. switch (cmd) {
  10957. case NL80211_CMD_TESTMODE:
  10958. if (WARN_ON(vendor_event_idx != -1))
  10959. return NULL;
  10960. info = NULL;
  10961. break;
  10962. case NL80211_CMD_VENDOR:
  10963. if (WARN_ON(vendor_event_idx < 0 ||
  10964. vendor_event_idx >= wiphy->n_vendor_events))
  10965. return NULL;
  10966. info = &wiphy->vendor_events[vendor_event_idx];
  10967. break;
  10968. default:
  10969. WARN_ON(1);
  10970. return NULL;
  10971. }
  10972. return __cfg80211_alloc_vendor_skb(rdev, wdev, approxlen, portid, 0,
  10973. cmd, attr, info, gfp);
  10974. }
  10975. EXPORT_SYMBOL(__cfg80211_alloc_event_skb);
  10976. void __cfg80211_send_event_skb(struct sk_buff *skb, gfp_t gfp)
  10977. {
  10978. struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0];
  10979. void *hdr = ((void **)skb->cb)[1];
  10980. struct nlmsghdr *nlhdr = nlmsg_hdr(skb);
  10981. struct nlattr *data = ((void **)skb->cb)[2];
  10982. enum nl80211_multicast_groups mcgrp = NL80211_MCGRP_TESTMODE;
  10983. /* clear CB data for netlink core to own from now on */
  10984. memset(skb->cb, 0, sizeof(skb->cb));
  10985. nla_nest_end(skb, data);
  10986. genlmsg_end(skb, hdr);
  10987. if (nlhdr->nlmsg_pid) {
  10988. genlmsg_unicast(wiphy_net(&rdev->wiphy), skb,
  10989. nlhdr->nlmsg_pid);
  10990. } else {
  10991. if (data->nla_type == NL80211_ATTR_VENDOR_DATA)
  10992. mcgrp = NL80211_MCGRP_VENDOR;
  10993. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy),
  10994. skb, 0, mcgrp, gfp);
  10995. }
  10996. }
  10997. EXPORT_SYMBOL(__cfg80211_send_event_skb);
  10998. #ifdef CONFIG_NL80211_TESTMODE
  10999. static int nl80211_testmode_do(struct sk_buff *skb, struct genl_info *info)
  11000. {
  11001. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  11002. struct wireless_dev *wdev;
  11003. int err;
  11004. lockdep_assert_held(&rdev->wiphy.mtx);
  11005. wdev = __cfg80211_wdev_from_attrs(rdev, genl_info_net(info),
  11006. info->attrs);
  11007. if (!rdev->ops->testmode_cmd)
  11008. return -EOPNOTSUPP;
  11009. if (IS_ERR(wdev)) {
  11010. err = PTR_ERR(wdev);
  11011. if (err != -EINVAL)
  11012. return err;
  11013. wdev = NULL;
  11014. } else if (wdev->wiphy != &rdev->wiphy) {
  11015. return -EINVAL;
  11016. }
  11017. if (!info->attrs[NL80211_ATTR_TESTDATA])
  11018. return -EINVAL;
  11019. rdev->cur_cmd_info = info;
  11020. err = rdev_testmode_cmd(rdev, wdev,
  11021. nla_data(info->attrs[NL80211_ATTR_TESTDATA]),
  11022. nla_len(info->attrs[NL80211_ATTR_TESTDATA]));
  11023. rdev->cur_cmd_info = NULL;
  11024. return err;
  11025. }
  11026. static int nl80211_testmode_dump(struct sk_buff *skb,
  11027. struct netlink_callback *cb)
  11028. {
  11029. struct cfg80211_registered_device *rdev;
  11030. struct nlattr **attrbuf = NULL;
  11031. int err;
  11032. long phy_idx;
  11033. void *data = NULL;
  11034. int data_len = 0;
  11035. rtnl_lock();
  11036. if (cb->args[0]) {
  11037. /*
  11038. * 0 is a valid index, but not valid for args[0],
  11039. * so we need to offset by 1.
  11040. */
  11041. phy_idx = cb->args[0] - 1;
  11042. rdev = cfg80211_rdev_by_wiphy_idx(phy_idx);
  11043. if (!rdev) {
  11044. err = -ENOENT;
  11045. goto out_err;
  11046. }
  11047. } else {
  11048. attrbuf = kzalloc_objs(*attrbuf, NUM_NL80211_ATTR);
  11049. if (!attrbuf) {
  11050. err = -ENOMEM;
  11051. goto out_err;
  11052. }
  11053. err = nlmsg_parse_deprecated(cb->nlh,
  11054. GENL_HDRLEN + nl80211_fam.hdrsize,
  11055. attrbuf, nl80211_fam.maxattr,
  11056. nl80211_policy, NULL);
  11057. if (err)
  11058. goto out_err;
  11059. rdev = __cfg80211_rdev_from_attrs(sock_net(skb->sk), attrbuf);
  11060. if (IS_ERR(rdev)) {
  11061. err = PTR_ERR(rdev);
  11062. goto out_err;
  11063. }
  11064. phy_idx = rdev->wiphy_idx;
  11065. if (attrbuf[NL80211_ATTR_TESTDATA])
  11066. cb->args[1] = (long)attrbuf[NL80211_ATTR_TESTDATA];
  11067. }
  11068. if (cb->args[1]) {
  11069. data = nla_data((void *)cb->args[1]);
  11070. data_len = nla_len((void *)cb->args[1]);
  11071. }
  11072. if (!rdev->ops->testmode_dump) {
  11073. err = -EOPNOTSUPP;
  11074. goto out_err;
  11075. }
  11076. while (1) {
  11077. void *hdr = nl80211hdr_put(skb, NETLINK_CB(cb->skb).portid,
  11078. cb->nlh->nlmsg_seq, NLM_F_MULTI,
  11079. NL80211_CMD_TESTMODE);
  11080. struct nlattr *tmdata;
  11081. if (!hdr)
  11082. break;
  11083. if (nla_put_u32(skb, NL80211_ATTR_WIPHY, phy_idx)) {
  11084. genlmsg_cancel(skb, hdr);
  11085. break;
  11086. }
  11087. tmdata = nla_nest_start_noflag(skb, NL80211_ATTR_TESTDATA);
  11088. if (!tmdata) {
  11089. genlmsg_cancel(skb, hdr);
  11090. break;
  11091. }
  11092. err = rdev_testmode_dump(rdev, skb, cb, data, data_len);
  11093. nla_nest_end(skb, tmdata);
  11094. if (err == -ENOBUFS || err == -ENOENT) {
  11095. genlmsg_cancel(skb, hdr);
  11096. break;
  11097. } else if (err) {
  11098. genlmsg_cancel(skb, hdr);
  11099. goto out_err;
  11100. }
  11101. genlmsg_end(skb, hdr);
  11102. }
  11103. err = skb->len;
  11104. /* see above */
  11105. cb->args[0] = phy_idx + 1;
  11106. out_err:
  11107. kfree(attrbuf);
  11108. rtnl_unlock();
  11109. return err;
  11110. }
  11111. #endif
  11112. static int nl80211_connect(struct sk_buff *skb, struct genl_info *info)
  11113. {
  11114. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  11115. struct net_device *dev = info->user_ptr[1];
  11116. struct cfg80211_connect_params connect;
  11117. struct wiphy *wiphy;
  11118. struct cfg80211_cached_keys *connkeys = NULL;
  11119. u32 freq = 0;
  11120. int err;
  11121. memset(&connect, 0, sizeof(connect));
  11122. if (!info->attrs[NL80211_ATTR_SSID] ||
  11123. !nla_len(info->attrs[NL80211_ATTR_SSID]))
  11124. return -EINVAL;
  11125. if (info->attrs[NL80211_ATTR_AUTH_TYPE]) {
  11126. connect.auth_type =
  11127. nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]);
  11128. if (!nl80211_valid_auth_type(rdev, connect.auth_type,
  11129. NL80211_CMD_CONNECT))
  11130. return -EINVAL;
  11131. } else
  11132. connect.auth_type = NL80211_AUTHTYPE_AUTOMATIC;
  11133. connect.privacy = info->attrs[NL80211_ATTR_PRIVACY];
  11134. if (info->attrs[NL80211_ATTR_WANT_1X_4WAY_HS] &&
  11135. !wiphy_ext_feature_isset(&rdev->wiphy,
  11136. NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X))
  11137. return -EINVAL;
  11138. connect.want_1x = info->attrs[NL80211_ATTR_WANT_1X_4WAY_HS];
  11139. err = nl80211_crypto_settings(rdev, info, &connect.crypto,
  11140. NL80211_MAX_NR_CIPHER_SUITES);
  11141. if (err)
  11142. return err;
  11143. if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
  11144. dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
  11145. return -EOPNOTSUPP;
  11146. wiphy = &rdev->wiphy;
  11147. connect.bg_scan_period = -1;
  11148. if (info->attrs[NL80211_ATTR_BG_SCAN_PERIOD] &&
  11149. (wiphy->flags & WIPHY_FLAG_SUPPORTS_FW_ROAM)) {
  11150. connect.bg_scan_period =
  11151. nla_get_u16(info->attrs[NL80211_ATTR_BG_SCAN_PERIOD]);
  11152. }
  11153. if (info->attrs[NL80211_ATTR_MAC])
  11154. connect.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
  11155. else if (info->attrs[NL80211_ATTR_MAC_HINT])
  11156. connect.bssid_hint =
  11157. nla_data(info->attrs[NL80211_ATTR_MAC_HINT]);
  11158. connect.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
  11159. connect.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
  11160. if (info->attrs[NL80211_ATTR_IE]) {
  11161. connect.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
  11162. connect.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
  11163. }
  11164. if (info->attrs[NL80211_ATTR_USE_MFP]) {
  11165. connect.mfp = nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]);
  11166. if (connect.mfp == NL80211_MFP_OPTIONAL &&
  11167. !wiphy_ext_feature_isset(&rdev->wiphy,
  11168. NL80211_EXT_FEATURE_MFP_OPTIONAL))
  11169. return -EOPNOTSUPP;
  11170. } else {
  11171. connect.mfp = NL80211_MFP_NO;
  11172. }
  11173. if (info->attrs[NL80211_ATTR_PREV_BSSID])
  11174. connect.prev_bssid =
  11175. nla_data(info->attrs[NL80211_ATTR_PREV_BSSID]);
  11176. if (info->attrs[NL80211_ATTR_WIPHY_FREQ])
  11177. freq = MHZ_TO_KHZ(nla_get_u32(
  11178. info->attrs[NL80211_ATTR_WIPHY_FREQ]));
  11179. if (info->attrs[NL80211_ATTR_WIPHY_FREQ_OFFSET])
  11180. freq +=
  11181. nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ_OFFSET]);
  11182. if (freq) {
  11183. connect.channel = nl80211_get_valid_chan(wiphy, freq);
  11184. if (!connect.channel)
  11185. return -EINVAL;
  11186. } else if (info->attrs[NL80211_ATTR_WIPHY_FREQ_HINT]) {
  11187. freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ_HINT]);
  11188. freq = MHZ_TO_KHZ(freq);
  11189. connect.channel_hint = nl80211_get_valid_chan(wiphy, freq);
  11190. if (!connect.channel_hint)
  11191. return -EINVAL;
  11192. }
  11193. if (info->attrs[NL80211_ATTR_WIPHY_EDMG_CHANNELS]) {
  11194. connect.edmg.channels =
  11195. nla_get_u8(info->attrs[NL80211_ATTR_WIPHY_EDMG_CHANNELS]);
  11196. if (info->attrs[NL80211_ATTR_WIPHY_EDMG_BW_CONFIG])
  11197. connect.edmg.bw_config =
  11198. nla_get_u8(info->attrs[NL80211_ATTR_WIPHY_EDMG_BW_CONFIG]);
  11199. }
  11200. if (connect.privacy && info->attrs[NL80211_ATTR_KEYS]) {
  11201. connkeys = nl80211_parse_connkeys(rdev, info, NULL);
  11202. if (IS_ERR(connkeys))
  11203. return PTR_ERR(connkeys);
  11204. }
  11205. if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_HT]))
  11206. connect.flags |= ASSOC_REQ_DISABLE_HT;
  11207. if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
  11208. memcpy(&connect.ht_capa_mask,
  11209. nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]),
  11210. sizeof(connect.ht_capa_mask));
  11211. if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) {
  11212. if (!info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]) {
  11213. kfree_sensitive(connkeys);
  11214. return -EINVAL;
  11215. }
  11216. memcpy(&connect.ht_capa,
  11217. nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]),
  11218. sizeof(connect.ht_capa));
  11219. }
  11220. if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_VHT]))
  11221. connect.flags |= ASSOC_REQ_DISABLE_VHT;
  11222. if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_HE]))
  11223. connect.flags |= ASSOC_REQ_DISABLE_HE;
  11224. if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_EHT]))
  11225. connect.flags |= ASSOC_REQ_DISABLE_EHT;
  11226. if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_UHR]))
  11227. connect.flags |= ASSOC_REQ_DISABLE_UHR;
  11228. if (info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK])
  11229. memcpy(&connect.vht_capa_mask,
  11230. nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK]),
  11231. sizeof(connect.vht_capa_mask));
  11232. if (info->attrs[NL80211_ATTR_VHT_CAPABILITY]) {
  11233. if (!info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK]) {
  11234. kfree_sensitive(connkeys);
  11235. return -EINVAL;
  11236. }
  11237. memcpy(&connect.vht_capa,
  11238. nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY]),
  11239. sizeof(connect.vht_capa));
  11240. }
  11241. if (nla_get_flag(info->attrs[NL80211_ATTR_USE_RRM])) {
  11242. if (!((rdev->wiphy.features &
  11243. NL80211_FEATURE_DS_PARAM_SET_IE_IN_PROBES) &&
  11244. (rdev->wiphy.features & NL80211_FEATURE_QUIET)) &&
  11245. !wiphy_ext_feature_isset(&rdev->wiphy,
  11246. NL80211_EXT_FEATURE_RRM)) {
  11247. kfree_sensitive(connkeys);
  11248. return -EINVAL;
  11249. }
  11250. connect.flags |= ASSOC_REQ_USE_RRM;
  11251. }
  11252. connect.pbss = nla_get_flag(info->attrs[NL80211_ATTR_PBSS]);
  11253. if (connect.pbss && !rdev->wiphy.bands[NL80211_BAND_60GHZ]) {
  11254. kfree_sensitive(connkeys);
  11255. return -EOPNOTSUPP;
  11256. }
  11257. if (info->attrs[NL80211_ATTR_BSS_SELECT]) {
  11258. /* bss selection makes no sense if bssid is set */
  11259. if (connect.bssid) {
  11260. kfree_sensitive(connkeys);
  11261. return -EINVAL;
  11262. }
  11263. err = parse_bss_select(info->attrs[NL80211_ATTR_BSS_SELECT],
  11264. wiphy, &connect.bss_select);
  11265. if (err) {
  11266. kfree_sensitive(connkeys);
  11267. return err;
  11268. }
  11269. }
  11270. if (wiphy_ext_feature_isset(&rdev->wiphy,
  11271. NL80211_EXT_FEATURE_FILS_SK_OFFLOAD) &&
  11272. info->attrs[NL80211_ATTR_FILS_ERP_USERNAME] &&
  11273. info->attrs[NL80211_ATTR_FILS_ERP_REALM] &&
  11274. info->attrs[NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM] &&
  11275. info->attrs[NL80211_ATTR_FILS_ERP_RRK]) {
  11276. connect.fils_erp_username =
  11277. nla_data(info->attrs[NL80211_ATTR_FILS_ERP_USERNAME]);
  11278. connect.fils_erp_username_len =
  11279. nla_len(info->attrs[NL80211_ATTR_FILS_ERP_USERNAME]);
  11280. connect.fils_erp_realm =
  11281. nla_data(info->attrs[NL80211_ATTR_FILS_ERP_REALM]);
  11282. connect.fils_erp_realm_len =
  11283. nla_len(info->attrs[NL80211_ATTR_FILS_ERP_REALM]);
  11284. connect.fils_erp_next_seq_num =
  11285. nla_get_u16(
  11286. info->attrs[NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM]);
  11287. connect.fils_erp_rrk =
  11288. nla_data(info->attrs[NL80211_ATTR_FILS_ERP_RRK]);
  11289. connect.fils_erp_rrk_len =
  11290. nla_len(info->attrs[NL80211_ATTR_FILS_ERP_RRK]);
  11291. } else if (info->attrs[NL80211_ATTR_FILS_ERP_USERNAME] ||
  11292. info->attrs[NL80211_ATTR_FILS_ERP_REALM] ||
  11293. info->attrs[NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM] ||
  11294. info->attrs[NL80211_ATTR_FILS_ERP_RRK]) {
  11295. kfree_sensitive(connkeys);
  11296. return -EINVAL;
  11297. }
  11298. if (nla_get_flag(info->attrs[NL80211_ATTR_EXTERNAL_AUTH_SUPPORT])) {
  11299. if (!info->attrs[NL80211_ATTR_SOCKET_OWNER]) {
  11300. kfree_sensitive(connkeys);
  11301. GENL_SET_ERR_MSG(info,
  11302. "external auth requires connection ownership");
  11303. return -EINVAL;
  11304. }
  11305. connect.flags |= CONNECT_REQ_EXTERNAL_AUTH_SUPPORT;
  11306. }
  11307. if (nla_get_flag(info->attrs[NL80211_ATTR_MLO_SUPPORT]))
  11308. connect.flags |= CONNECT_REQ_MLO_SUPPORT;
  11309. err = cfg80211_connect(rdev, dev, &connect, connkeys,
  11310. connect.prev_bssid);
  11311. if (err)
  11312. kfree_sensitive(connkeys);
  11313. if (!err && info->attrs[NL80211_ATTR_SOCKET_OWNER]) {
  11314. dev->ieee80211_ptr->conn_owner_nlportid = info->snd_portid;
  11315. if (connect.bssid)
  11316. memcpy(dev->ieee80211_ptr->disconnect_bssid,
  11317. connect.bssid, ETH_ALEN);
  11318. else
  11319. eth_zero_addr(dev->ieee80211_ptr->disconnect_bssid);
  11320. }
  11321. return err;
  11322. }
  11323. static int nl80211_update_connect_params(struct sk_buff *skb,
  11324. struct genl_info *info)
  11325. {
  11326. struct cfg80211_connect_params connect = {};
  11327. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  11328. struct net_device *dev = info->user_ptr[1];
  11329. struct wireless_dev *wdev = dev->ieee80211_ptr;
  11330. bool fils_sk_offload;
  11331. u32 auth_type;
  11332. u32 changed = 0;
  11333. if (!rdev->ops->update_connect_params)
  11334. return -EOPNOTSUPP;
  11335. if (info->attrs[NL80211_ATTR_IE]) {
  11336. connect.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
  11337. connect.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
  11338. changed |= UPDATE_ASSOC_IES;
  11339. }
  11340. fils_sk_offload = wiphy_ext_feature_isset(&rdev->wiphy,
  11341. NL80211_EXT_FEATURE_FILS_SK_OFFLOAD);
  11342. /*
  11343. * when driver supports fils-sk offload all attributes must be
  11344. * provided. So the else covers "fils-sk-not-all" and
  11345. * "no-fils-sk-any".
  11346. */
  11347. if (fils_sk_offload &&
  11348. info->attrs[NL80211_ATTR_FILS_ERP_USERNAME] &&
  11349. info->attrs[NL80211_ATTR_FILS_ERP_REALM] &&
  11350. info->attrs[NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM] &&
  11351. info->attrs[NL80211_ATTR_FILS_ERP_RRK]) {
  11352. connect.fils_erp_username =
  11353. nla_data(info->attrs[NL80211_ATTR_FILS_ERP_USERNAME]);
  11354. connect.fils_erp_username_len =
  11355. nla_len(info->attrs[NL80211_ATTR_FILS_ERP_USERNAME]);
  11356. connect.fils_erp_realm =
  11357. nla_data(info->attrs[NL80211_ATTR_FILS_ERP_REALM]);
  11358. connect.fils_erp_realm_len =
  11359. nla_len(info->attrs[NL80211_ATTR_FILS_ERP_REALM]);
  11360. connect.fils_erp_next_seq_num =
  11361. nla_get_u16(
  11362. info->attrs[NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM]);
  11363. connect.fils_erp_rrk =
  11364. nla_data(info->attrs[NL80211_ATTR_FILS_ERP_RRK]);
  11365. connect.fils_erp_rrk_len =
  11366. nla_len(info->attrs[NL80211_ATTR_FILS_ERP_RRK]);
  11367. changed |= UPDATE_FILS_ERP_INFO;
  11368. } else if (info->attrs[NL80211_ATTR_FILS_ERP_USERNAME] ||
  11369. info->attrs[NL80211_ATTR_FILS_ERP_REALM] ||
  11370. info->attrs[NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM] ||
  11371. info->attrs[NL80211_ATTR_FILS_ERP_RRK]) {
  11372. return -EINVAL;
  11373. }
  11374. if (info->attrs[NL80211_ATTR_AUTH_TYPE]) {
  11375. auth_type = nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]);
  11376. if (!nl80211_valid_auth_type(rdev, auth_type,
  11377. NL80211_CMD_CONNECT))
  11378. return -EINVAL;
  11379. if (auth_type == NL80211_AUTHTYPE_FILS_SK &&
  11380. fils_sk_offload && !(changed & UPDATE_FILS_ERP_INFO))
  11381. return -EINVAL;
  11382. connect.auth_type = auth_type;
  11383. changed |= UPDATE_AUTH_TYPE;
  11384. }
  11385. if (!wdev->connected)
  11386. return -ENOLINK;
  11387. return rdev_update_connect_params(rdev, dev, &connect, changed);
  11388. }
  11389. static int nl80211_disconnect(struct sk_buff *skb, struct genl_info *info)
  11390. {
  11391. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  11392. struct net_device *dev = info->user_ptr[1];
  11393. u16 reason;
  11394. if (dev->ieee80211_ptr->conn_owner_nlportid &&
  11395. dev->ieee80211_ptr->conn_owner_nlportid != info->snd_portid)
  11396. return -EPERM;
  11397. reason = nla_get_u16_default(info->attrs[NL80211_ATTR_REASON_CODE],
  11398. WLAN_REASON_DEAUTH_LEAVING);
  11399. if (reason == 0)
  11400. return -EINVAL;
  11401. if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
  11402. dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
  11403. return -EOPNOTSUPP;
  11404. return cfg80211_disconnect(rdev, dev, reason, true);
  11405. }
  11406. static int nl80211_wiphy_netns(struct sk_buff *skb, struct genl_info *info)
  11407. {
  11408. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  11409. struct net *net;
  11410. int err;
  11411. if (info->attrs[NL80211_ATTR_PID]) {
  11412. u32 pid = nla_get_u32(info->attrs[NL80211_ATTR_PID]);
  11413. net = get_net_ns_by_pid(pid);
  11414. } else if (info->attrs[NL80211_ATTR_NETNS_FD]) {
  11415. u32 fd = nla_get_u32(info->attrs[NL80211_ATTR_NETNS_FD]);
  11416. net = get_net_ns_by_fd(fd);
  11417. } else {
  11418. return -EINVAL;
  11419. }
  11420. if (IS_ERR(net))
  11421. return PTR_ERR(net);
  11422. err = 0;
  11423. /* check if anything to do */
  11424. if (!net_eq(wiphy_net(&rdev->wiphy), net))
  11425. err = cfg80211_switch_netns(rdev, net);
  11426. put_net(net);
  11427. return err;
  11428. }
  11429. static int nl80211_set_pmksa(struct sk_buff *skb, struct genl_info *info)
  11430. {
  11431. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  11432. struct net_device *dev = info->user_ptr[1];
  11433. struct cfg80211_pmksa pmksa;
  11434. bool ap_pmksa_caching_support = false;
  11435. memset(&pmksa, 0, sizeof(struct cfg80211_pmksa));
  11436. ap_pmksa_caching_support = wiphy_ext_feature_isset(&rdev->wiphy,
  11437. NL80211_EXT_FEATURE_AP_PMKSA_CACHING);
  11438. if (!info->attrs[NL80211_ATTR_PMKID])
  11439. return -EINVAL;
  11440. pmksa.pmkid = nla_data(info->attrs[NL80211_ATTR_PMKID]);
  11441. if (info->attrs[NL80211_ATTR_MAC]) {
  11442. pmksa.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
  11443. } else if (info->attrs[NL80211_ATTR_SSID] &&
  11444. info->attrs[NL80211_ATTR_FILS_CACHE_ID] &&
  11445. info->attrs[NL80211_ATTR_PMK]) {
  11446. pmksa.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
  11447. pmksa.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
  11448. pmksa.cache_id = nla_data(info->attrs[NL80211_ATTR_FILS_CACHE_ID]);
  11449. } else {
  11450. return -EINVAL;
  11451. }
  11452. if (info->attrs[NL80211_ATTR_PMK]) {
  11453. pmksa.pmk = nla_data(info->attrs[NL80211_ATTR_PMK]);
  11454. pmksa.pmk_len = nla_len(info->attrs[NL80211_ATTR_PMK]);
  11455. }
  11456. if (info->attrs[NL80211_ATTR_PMK_LIFETIME])
  11457. pmksa.pmk_lifetime =
  11458. nla_get_u32(info->attrs[NL80211_ATTR_PMK_LIFETIME]);
  11459. if (info->attrs[NL80211_ATTR_PMK_REAUTH_THRESHOLD])
  11460. pmksa.pmk_reauth_threshold =
  11461. nla_get_u8(info->attrs[NL80211_ATTR_PMK_REAUTH_THRESHOLD]);
  11462. if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
  11463. dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT &&
  11464. !((dev->ieee80211_ptr->iftype == NL80211_IFTYPE_AP ||
  11465. dev->ieee80211_ptr->iftype == NL80211_IFTYPE_P2P_GO) &&
  11466. ap_pmksa_caching_support))
  11467. return -EOPNOTSUPP;
  11468. if (!rdev->ops->set_pmksa)
  11469. return -EOPNOTSUPP;
  11470. return rdev_set_pmksa(rdev, dev, &pmksa);
  11471. }
  11472. static int nl80211_del_pmksa(struct sk_buff *skb, struct genl_info *info)
  11473. {
  11474. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  11475. struct net_device *dev = info->user_ptr[1];
  11476. struct cfg80211_pmksa pmksa;
  11477. bool sae_offload_support = false;
  11478. bool owe_offload_support = false;
  11479. bool ap_pmksa_caching_support = false;
  11480. memset(&pmksa, 0, sizeof(struct cfg80211_pmksa));
  11481. sae_offload_support = wiphy_ext_feature_isset(&rdev->wiphy,
  11482. NL80211_EXT_FEATURE_SAE_OFFLOAD);
  11483. owe_offload_support = wiphy_ext_feature_isset(&rdev->wiphy,
  11484. NL80211_EXT_FEATURE_OWE_OFFLOAD);
  11485. ap_pmksa_caching_support = wiphy_ext_feature_isset(&rdev->wiphy,
  11486. NL80211_EXT_FEATURE_AP_PMKSA_CACHING);
  11487. if (info->attrs[NL80211_ATTR_PMKID])
  11488. pmksa.pmkid = nla_data(info->attrs[NL80211_ATTR_PMKID]);
  11489. if (info->attrs[NL80211_ATTR_MAC]) {
  11490. pmksa.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
  11491. } else if (info->attrs[NL80211_ATTR_SSID]) {
  11492. /* SSID based pmksa flush supported only for FILS,
  11493. * OWE/SAE OFFLOAD cases
  11494. */
  11495. if (info->attrs[NL80211_ATTR_FILS_CACHE_ID] &&
  11496. info->attrs[NL80211_ATTR_PMK]) {
  11497. pmksa.cache_id = nla_data(info->attrs[NL80211_ATTR_FILS_CACHE_ID]);
  11498. } else if (!sae_offload_support && !owe_offload_support) {
  11499. return -EINVAL;
  11500. }
  11501. pmksa.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
  11502. pmksa.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
  11503. } else {
  11504. return -EINVAL;
  11505. }
  11506. if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
  11507. dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT &&
  11508. !((dev->ieee80211_ptr->iftype == NL80211_IFTYPE_AP ||
  11509. dev->ieee80211_ptr->iftype == NL80211_IFTYPE_P2P_GO) &&
  11510. ap_pmksa_caching_support))
  11511. return -EOPNOTSUPP;
  11512. if (!rdev->ops->del_pmksa)
  11513. return -EOPNOTSUPP;
  11514. return rdev_del_pmksa(rdev, dev, &pmksa);
  11515. }
  11516. static int nl80211_flush_pmksa(struct sk_buff *skb, struct genl_info *info)
  11517. {
  11518. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  11519. struct net_device *dev = info->user_ptr[1];
  11520. if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
  11521. dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
  11522. return -EOPNOTSUPP;
  11523. if (!rdev->ops->flush_pmksa)
  11524. return -EOPNOTSUPP;
  11525. return rdev_flush_pmksa(rdev, dev);
  11526. }
  11527. static int nl80211_tdls_mgmt(struct sk_buff *skb, struct genl_info *info)
  11528. {
  11529. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  11530. struct net_device *dev = info->user_ptr[1];
  11531. u8 action_code, dialog_token;
  11532. u32 peer_capability = 0;
  11533. u16 status_code;
  11534. u8 *peer;
  11535. int link_id;
  11536. bool initiator;
  11537. if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) ||
  11538. !rdev->ops->tdls_mgmt)
  11539. return -EOPNOTSUPP;
  11540. if (!info->attrs[NL80211_ATTR_TDLS_ACTION] ||
  11541. !info->attrs[NL80211_ATTR_STATUS_CODE] ||
  11542. !info->attrs[NL80211_ATTR_TDLS_DIALOG_TOKEN] ||
  11543. !info->attrs[NL80211_ATTR_IE] ||
  11544. !info->attrs[NL80211_ATTR_MAC])
  11545. return -EINVAL;
  11546. peer = nla_data(info->attrs[NL80211_ATTR_MAC]);
  11547. action_code = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_ACTION]);
  11548. status_code = nla_get_u16(info->attrs[NL80211_ATTR_STATUS_CODE]);
  11549. dialog_token = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_DIALOG_TOKEN]);
  11550. initiator = nla_get_flag(info->attrs[NL80211_ATTR_TDLS_INITIATOR]);
  11551. if (info->attrs[NL80211_ATTR_TDLS_PEER_CAPABILITY])
  11552. peer_capability =
  11553. nla_get_u32(info->attrs[NL80211_ATTR_TDLS_PEER_CAPABILITY]);
  11554. link_id = nl80211_link_id_or_invalid(info->attrs);
  11555. return rdev_tdls_mgmt(rdev, dev, peer, link_id, action_code,
  11556. dialog_token, status_code, peer_capability,
  11557. initiator,
  11558. nla_data(info->attrs[NL80211_ATTR_IE]),
  11559. nla_len(info->attrs[NL80211_ATTR_IE]));
  11560. }
  11561. static int nl80211_tdls_oper(struct sk_buff *skb, struct genl_info *info)
  11562. {
  11563. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  11564. struct net_device *dev = info->user_ptr[1];
  11565. enum nl80211_tdls_operation operation;
  11566. u8 *peer;
  11567. if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) ||
  11568. !rdev->ops->tdls_oper)
  11569. return -EOPNOTSUPP;
  11570. if (!info->attrs[NL80211_ATTR_TDLS_OPERATION] ||
  11571. !info->attrs[NL80211_ATTR_MAC])
  11572. return -EINVAL;
  11573. operation = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_OPERATION]);
  11574. peer = nla_data(info->attrs[NL80211_ATTR_MAC]);
  11575. return rdev_tdls_oper(rdev, dev, peer, operation);
  11576. }
  11577. static int nl80211_remain_on_channel(struct sk_buff *skb,
  11578. struct genl_info *info)
  11579. {
  11580. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  11581. unsigned int link_id = nl80211_link_id(info->attrs);
  11582. struct wireless_dev *wdev = info->user_ptr[1];
  11583. struct cfg80211_chan_def chandef;
  11584. struct sk_buff *msg;
  11585. void *hdr;
  11586. u64 cookie;
  11587. u32 duration;
  11588. int err;
  11589. if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] ||
  11590. !info->attrs[NL80211_ATTR_DURATION])
  11591. return -EINVAL;
  11592. duration = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]);
  11593. if (!rdev->ops->remain_on_channel ||
  11594. !(rdev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL))
  11595. return -EOPNOTSUPP;
  11596. /*
  11597. * We should be on that channel for at least a minimum amount of
  11598. * time (10ms) but no longer than the driver supports.
  11599. */
  11600. if (duration < NL80211_MIN_REMAIN_ON_CHANNEL_TIME ||
  11601. duration > rdev->wiphy.max_remain_on_channel_duration)
  11602. return -EINVAL;
  11603. err = nl80211_parse_chandef(rdev, info, &chandef);
  11604. if (err)
  11605. return err;
  11606. if (!cfg80211_off_channel_oper_allowed(wdev, chandef.chan)) {
  11607. const struct cfg80211_chan_def *oper_chandef, *compat_chandef;
  11608. oper_chandef = wdev_chandef(wdev, link_id);
  11609. if (WARN_ON(!oper_chandef)) {
  11610. /* cannot happen since we must beacon to get here */
  11611. WARN_ON(1);
  11612. return -EBUSY;
  11613. }
  11614. /* note: returns first one if identical chandefs */
  11615. compat_chandef = cfg80211_chandef_compatible(&chandef,
  11616. oper_chandef);
  11617. if (compat_chandef != &chandef)
  11618. return -EBUSY;
  11619. }
  11620. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  11621. if (!msg)
  11622. return -ENOMEM;
  11623. hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
  11624. NL80211_CMD_REMAIN_ON_CHANNEL);
  11625. if (!hdr) {
  11626. err = -ENOBUFS;
  11627. goto free_msg;
  11628. }
  11629. err = rdev_remain_on_channel(rdev, wdev, chandef.chan,
  11630. duration, &cookie);
  11631. if (err)
  11632. goto free_msg;
  11633. if (nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, cookie,
  11634. NL80211_ATTR_PAD))
  11635. goto nla_put_failure;
  11636. genlmsg_end(msg, hdr);
  11637. return genlmsg_reply(msg, info);
  11638. nla_put_failure:
  11639. err = -ENOBUFS;
  11640. free_msg:
  11641. nlmsg_free(msg);
  11642. return err;
  11643. }
  11644. static int nl80211_cancel_remain_on_channel(struct sk_buff *skb,
  11645. struct genl_info *info)
  11646. {
  11647. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  11648. struct wireless_dev *wdev = info->user_ptr[1];
  11649. u64 cookie;
  11650. if (!info->attrs[NL80211_ATTR_COOKIE])
  11651. return -EINVAL;
  11652. if (!rdev->ops->cancel_remain_on_channel)
  11653. return -EOPNOTSUPP;
  11654. cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]);
  11655. return rdev_cancel_remain_on_channel(rdev, wdev, cookie);
  11656. }
  11657. static int nl80211_set_tx_bitrate_mask(struct sk_buff *skb,
  11658. struct genl_info *info)
  11659. {
  11660. struct cfg80211_bitrate_mask mask;
  11661. unsigned int link_id = nl80211_link_id(info->attrs);
  11662. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  11663. struct net_device *dev = info->user_ptr[1];
  11664. int err;
  11665. if (!rdev->ops->set_bitrate_mask)
  11666. return -EOPNOTSUPP;
  11667. err = nl80211_parse_tx_bitrate_mask(info, info->attrs,
  11668. NL80211_ATTR_TX_RATES, &mask,
  11669. dev, true, link_id);
  11670. if (err)
  11671. return err;
  11672. return rdev_set_bitrate_mask(rdev, dev, link_id, NULL, &mask);
  11673. }
  11674. static int nl80211_register_mgmt(struct sk_buff *skb, struct genl_info *info)
  11675. {
  11676. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  11677. struct wireless_dev *wdev = info->user_ptr[1];
  11678. u16 frame_type = IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_ACTION;
  11679. if (!info->attrs[NL80211_ATTR_FRAME_MATCH])
  11680. return -EINVAL;
  11681. if (info->attrs[NL80211_ATTR_FRAME_TYPE])
  11682. frame_type = nla_get_u16(info->attrs[NL80211_ATTR_FRAME_TYPE]);
  11683. switch (wdev->iftype) {
  11684. case NL80211_IFTYPE_STATION:
  11685. case NL80211_IFTYPE_ADHOC:
  11686. case NL80211_IFTYPE_P2P_CLIENT:
  11687. case NL80211_IFTYPE_AP:
  11688. case NL80211_IFTYPE_AP_VLAN:
  11689. case NL80211_IFTYPE_MESH_POINT:
  11690. case NL80211_IFTYPE_P2P_GO:
  11691. case NL80211_IFTYPE_P2P_DEVICE:
  11692. break;
  11693. case NL80211_IFTYPE_NAN:
  11694. if (!wiphy_ext_feature_isset(wdev->wiphy,
  11695. NL80211_EXT_FEATURE_SECURE_NAN) &&
  11696. !(wdev->wiphy->nan_capa.flags &
  11697. WIPHY_NAN_FLAGS_USERSPACE_DE))
  11698. return -EOPNOTSUPP;
  11699. break;
  11700. default:
  11701. return -EOPNOTSUPP;
  11702. }
  11703. /* not much point in registering if we can't reply */
  11704. if (!rdev->ops->mgmt_tx)
  11705. return -EOPNOTSUPP;
  11706. if (info->attrs[NL80211_ATTR_RECEIVE_MULTICAST] &&
  11707. !wiphy_ext_feature_isset(&rdev->wiphy,
  11708. NL80211_EXT_FEATURE_MULTICAST_REGISTRATIONS)) {
  11709. GENL_SET_ERR_MSG(info,
  11710. "multicast RX registrations are not supported");
  11711. return -EOPNOTSUPP;
  11712. }
  11713. return cfg80211_mlme_register_mgmt(wdev, info->snd_portid, frame_type,
  11714. nla_data(info->attrs[NL80211_ATTR_FRAME_MATCH]),
  11715. nla_len(info->attrs[NL80211_ATTR_FRAME_MATCH]),
  11716. info->attrs[NL80211_ATTR_RECEIVE_MULTICAST],
  11717. info->extack);
  11718. }
  11719. static int nl80211_tx_mgmt(struct sk_buff *skb, struct genl_info *info)
  11720. {
  11721. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  11722. struct wireless_dev *wdev = info->user_ptr[1];
  11723. struct cfg80211_chan_def chandef;
  11724. int err;
  11725. void *hdr = NULL;
  11726. u64 cookie;
  11727. struct sk_buff *msg = NULL;
  11728. struct cfg80211_mgmt_tx_params params = {
  11729. .dont_wait_for_ack =
  11730. info->attrs[NL80211_ATTR_DONT_WAIT_FOR_ACK],
  11731. };
  11732. if (!info->attrs[NL80211_ATTR_FRAME])
  11733. return -EINVAL;
  11734. if (!rdev->ops->mgmt_tx)
  11735. return -EOPNOTSUPP;
  11736. switch (wdev->iftype) {
  11737. case NL80211_IFTYPE_P2P_DEVICE:
  11738. if (!info->attrs[NL80211_ATTR_WIPHY_FREQ])
  11739. return -EINVAL;
  11740. break;
  11741. case NL80211_IFTYPE_STATION:
  11742. case NL80211_IFTYPE_ADHOC:
  11743. case NL80211_IFTYPE_P2P_CLIENT:
  11744. case NL80211_IFTYPE_AP:
  11745. case NL80211_IFTYPE_AP_VLAN:
  11746. case NL80211_IFTYPE_MESH_POINT:
  11747. case NL80211_IFTYPE_P2P_GO:
  11748. break;
  11749. case NL80211_IFTYPE_NAN:
  11750. if (!wiphy_ext_feature_isset(wdev->wiphy,
  11751. NL80211_EXT_FEATURE_SECURE_NAN) &&
  11752. !(wdev->wiphy->nan_capa.flags &
  11753. WIPHY_NAN_FLAGS_USERSPACE_DE))
  11754. return -EOPNOTSUPP;
  11755. break;
  11756. default:
  11757. return -EOPNOTSUPP;
  11758. }
  11759. if (info->attrs[NL80211_ATTR_DURATION]) {
  11760. if (!(rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX))
  11761. return -EINVAL;
  11762. params.wait = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]);
  11763. /*
  11764. * We should wait on the channel for at least a minimum amount
  11765. * of time (10ms) but no longer than the driver supports.
  11766. */
  11767. if (params.wait < NL80211_MIN_REMAIN_ON_CHANNEL_TIME ||
  11768. params.wait > rdev->wiphy.max_remain_on_channel_duration)
  11769. return -EINVAL;
  11770. }
  11771. params.offchan = info->attrs[NL80211_ATTR_OFFCHANNEL_TX_OK];
  11772. if (params.offchan && !(rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX))
  11773. return -EINVAL;
  11774. params.no_cck = nla_get_flag(info->attrs[NL80211_ATTR_TX_NO_CCK_RATE]);
  11775. /* get the channel if any has been specified, otherwise pass NULL to
  11776. * the driver. The latter will use the current one
  11777. */
  11778. chandef.chan = NULL;
  11779. if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
  11780. err = nl80211_parse_chandef(rdev, info, &chandef);
  11781. if (err)
  11782. return err;
  11783. }
  11784. if (!chandef.chan && params.offchan)
  11785. return -EINVAL;
  11786. if (params.offchan &&
  11787. !cfg80211_off_channel_oper_allowed(wdev, chandef.chan))
  11788. return -EBUSY;
  11789. params.link_id = nl80211_link_id_or_invalid(info->attrs);
  11790. /*
  11791. * This now races due to the unlock, but we cannot check
  11792. * the valid links for the _station_ anyway, so that's up
  11793. * to the driver.
  11794. */
  11795. if (params.link_id >= 0 &&
  11796. !(wdev->valid_links & BIT(params.link_id)))
  11797. return -EINVAL;
  11798. params.buf = nla_data(info->attrs[NL80211_ATTR_FRAME]);
  11799. params.len = nla_len(info->attrs[NL80211_ATTR_FRAME]);
  11800. err = nl80211_parse_counter_offsets(rdev, NULL, params.len, -1,
  11801. info->attrs[NL80211_ATTR_CSA_C_OFFSETS_TX],
  11802. &params.csa_offsets,
  11803. &params.n_csa_offsets);
  11804. if (err)
  11805. return err;
  11806. if (!params.dont_wait_for_ack) {
  11807. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  11808. if (!msg)
  11809. return -ENOMEM;
  11810. hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
  11811. NL80211_CMD_FRAME);
  11812. if (!hdr) {
  11813. err = -ENOBUFS;
  11814. goto free_msg;
  11815. }
  11816. }
  11817. params.chan = chandef.chan;
  11818. err = cfg80211_mlme_mgmt_tx(rdev, wdev, &params, &cookie);
  11819. if (err)
  11820. goto free_msg;
  11821. if (msg) {
  11822. if (nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, cookie,
  11823. NL80211_ATTR_PAD))
  11824. goto nla_put_failure;
  11825. genlmsg_end(msg, hdr);
  11826. return genlmsg_reply(msg, info);
  11827. }
  11828. return 0;
  11829. nla_put_failure:
  11830. err = -ENOBUFS;
  11831. free_msg:
  11832. nlmsg_free(msg);
  11833. return err;
  11834. }
  11835. static int nl80211_tx_mgmt_cancel_wait(struct sk_buff *skb, struct genl_info *info)
  11836. {
  11837. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  11838. struct wireless_dev *wdev = info->user_ptr[1];
  11839. u64 cookie;
  11840. if (!info->attrs[NL80211_ATTR_COOKIE])
  11841. return -EINVAL;
  11842. if (!rdev->ops->mgmt_tx_cancel_wait)
  11843. return -EOPNOTSUPP;
  11844. switch (wdev->iftype) {
  11845. case NL80211_IFTYPE_STATION:
  11846. case NL80211_IFTYPE_ADHOC:
  11847. case NL80211_IFTYPE_P2P_CLIENT:
  11848. case NL80211_IFTYPE_AP:
  11849. case NL80211_IFTYPE_AP_VLAN:
  11850. case NL80211_IFTYPE_P2P_GO:
  11851. case NL80211_IFTYPE_P2P_DEVICE:
  11852. break;
  11853. case NL80211_IFTYPE_NAN:
  11854. if (!wiphy_ext_feature_isset(wdev->wiphy,
  11855. NL80211_EXT_FEATURE_SECURE_NAN))
  11856. return -EOPNOTSUPP;
  11857. break;
  11858. default:
  11859. return -EOPNOTSUPP;
  11860. }
  11861. cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]);
  11862. return rdev_mgmt_tx_cancel_wait(rdev, wdev, cookie);
  11863. }
  11864. static int nl80211_set_power_save(struct sk_buff *skb, struct genl_info *info)
  11865. {
  11866. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  11867. struct wireless_dev *wdev;
  11868. struct net_device *dev = info->user_ptr[1];
  11869. u8 ps_state;
  11870. bool state;
  11871. int err;
  11872. if (!info->attrs[NL80211_ATTR_PS_STATE])
  11873. return -EINVAL;
  11874. ps_state = nla_get_u32(info->attrs[NL80211_ATTR_PS_STATE]);
  11875. wdev = dev->ieee80211_ptr;
  11876. if (!rdev->ops->set_power_mgmt)
  11877. return -EOPNOTSUPP;
  11878. state = (ps_state == NL80211_PS_ENABLED) ? true : false;
  11879. if (state == wdev->ps)
  11880. return 0;
  11881. err = rdev_set_power_mgmt(rdev, dev, state, wdev->ps_timeout);
  11882. if (!err)
  11883. wdev->ps = state;
  11884. return err;
  11885. }
  11886. static int nl80211_get_power_save(struct sk_buff *skb, struct genl_info *info)
  11887. {
  11888. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  11889. enum nl80211_ps_state ps_state;
  11890. struct wireless_dev *wdev;
  11891. struct net_device *dev = info->user_ptr[1];
  11892. struct sk_buff *msg;
  11893. void *hdr;
  11894. int err;
  11895. wdev = dev->ieee80211_ptr;
  11896. if (!rdev->ops->set_power_mgmt)
  11897. return -EOPNOTSUPP;
  11898. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  11899. if (!msg)
  11900. return -ENOMEM;
  11901. hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
  11902. NL80211_CMD_GET_POWER_SAVE);
  11903. if (!hdr) {
  11904. err = -ENOBUFS;
  11905. goto free_msg;
  11906. }
  11907. if (wdev->ps)
  11908. ps_state = NL80211_PS_ENABLED;
  11909. else
  11910. ps_state = NL80211_PS_DISABLED;
  11911. if (nla_put_u32(msg, NL80211_ATTR_PS_STATE, ps_state))
  11912. goto nla_put_failure;
  11913. genlmsg_end(msg, hdr);
  11914. return genlmsg_reply(msg, info);
  11915. nla_put_failure:
  11916. err = -ENOBUFS;
  11917. free_msg:
  11918. nlmsg_free(msg);
  11919. return err;
  11920. }
  11921. static const struct nla_policy
  11922. nl80211_attr_cqm_policy[NL80211_ATTR_CQM_MAX + 1] = {
  11923. [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_BINARY },
  11924. [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U32 },
  11925. [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 },
  11926. [NL80211_ATTR_CQM_TXE_RATE] = { .type = NLA_U32 },
  11927. [NL80211_ATTR_CQM_TXE_PKTS] = { .type = NLA_U32 },
  11928. [NL80211_ATTR_CQM_TXE_INTVL] = { .type = NLA_U32 },
  11929. [NL80211_ATTR_CQM_RSSI_LEVEL] = { .type = NLA_S32 },
  11930. };
  11931. static int nl80211_set_cqm_txe(struct genl_info *info,
  11932. u32 rate, u32 pkts, u32 intvl)
  11933. {
  11934. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  11935. struct net_device *dev = info->user_ptr[1];
  11936. struct wireless_dev *wdev = dev->ieee80211_ptr;
  11937. if (rate > 100 || intvl > NL80211_CQM_TXE_MAX_INTVL)
  11938. return -EINVAL;
  11939. if (!rdev->ops->set_cqm_txe_config)
  11940. return -EOPNOTSUPP;
  11941. if (wdev->iftype != NL80211_IFTYPE_STATION &&
  11942. wdev->iftype != NL80211_IFTYPE_P2P_CLIENT)
  11943. return -EOPNOTSUPP;
  11944. return rdev_set_cqm_txe_config(rdev, dev, rate, pkts, intvl);
  11945. }
  11946. static int cfg80211_cqm_rssi_update(struct cfg80211_registered_device *rdev,
  11947. struct net_device *dev,
  11948. struct cfg80211_cqm_config *cqm_config)
  11949. {
  11950. struct wireless_dev *wdev = dev->ieee80211_ptr;
  11951. s32 last, low, high;
  11952. u32 hyst;
  11953. int i, n, low_index;
  11954. int err;
  11955. /*
  11956. * Obtain current RSSI value if possible, if not and no RSSI threshold
  11957. * event has been received yet, we should receive an event after a
  11958. * connection is established and enough beacons received to calculate
  11959. * the average.
  11960. */
  11961. if (!cqm_config->last_rssi_event_value &&
  11962. wdev->links[0].client.current_bss &&
  11963. rdev->ops->get_station) {
  11964. struct station_info sinfo = {};
  11965. u8 *mac_addr;
  11966. mac_addr = wdev->links[0].client.current_bss->pub.bssid;
  11967. err = rdev_get_station(rdev, dev, mac_addr, &sinfo);
  11968. if (err)
  11969. return err;
  11970. cfg80211_sinfo_release_content(&sinfo);
  11971. if (sinfo.filled & BIT_ULL(NL80211_STA_INFO_BEACON_SIGNAL_AVG))
  11972. cqm_config->last_rssi_event_value =
  11973. (s8) sinfo.rx_beacon_signal_avg;
  11974. }
  11975. last = cqm_config->last_rssi_event_value;
  11976. hyst = cqm_config->rssi_hyst;
  11977. n = cqm_config->n_rssi_thresholds;
  11978. for (i = 0; i < n; i++) {
  11979. i = array_index_nospec(i, n);
  11980. if (last < cqm_config->rssi_thresholds[i])
  11981. break;
  11982. }
  11983. low_index = i - 1;
  11984. if (low_index >= 0) {
  11985. low_index = array_index_nospec(low_index, n);
  11986. low = cqm_config->rssi_thresholds[low_index] - hyst;
  11987. } else {
  11988. low = S32_MIN;
  11989. }
  11990. if (i < n) {
  11991. i = array_index_nospec(i, n);
  11992. high = cqm_config->rssi_thresholds[i] + hyst - 1;
  11993. } else {
  11994. high = S32_MAX;
  11995. }
  11996. return rdev_set_cqm_rssi_range_config(rdev, dev, low, high);
  11997. }
  11998. static int nl80211_set_cqm_rssi(struct genl_info *info,
  11999. const s32 *thresholds, int n_thresholds,
  12000. u32 hysteresis)
  12001. {
  12002. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  12003. struct cfg80211_cqm_config *cqm_config = NULL, *old;
  12004. struct net_device *dev = info->user_ptr[1];
  12005. struct wireless_dev *wdev = dev->ieee80211_ptr;
  12006. s32 prev = S32_MIN;
  12007. int i, err;
  12008. /* Check all values negative and sorted */
  12009. for (i = 0; i < n_thresholds; i++) {
  12010. if (thresholds[i] > 0 || thresholds[i] <= prev)
  12011. return -EINVAL;
  12012. prev = thresholds[i];
  12013. }
  12014. if (wdev->iftype != NL80211_IFTYPE_STATION &&
  12015. wdev->iftype != NL80211_IFTYPE_P2P_CLIENT)
  12016. return -EOPNOTSUPP;
  12017. if (n_thresholds == 1 && thresholds[0] == 0) /* Disabling */
  12018. n_thresholds = 0;
  12019. old = wiphy_dereference(wdev->wiphy, wdev->cqm_config);
  12020. /* if already disabled just succeed */
  12021. if (!n_thresholds && !old)
  12022. return 0;
  12023. if (n_thresholds > 1) {
  12024. if (!wiphy_ext_feature_isset(&rdev->wiphy,
  12025. NL80211_EXT_FEATURE_CQM_RSSI_LIST) ||
  12026. !rdev->ops->set_cqm_rssi_range_config)
  12027. return -EOPNOTSUPP;
  12028. } else {
  12029. if (!rdev->ops->set_cqm_rssi_config)
  12030. return -EOPNOTSUPP;
  12031. }
  12032. if (n_thresholds) {
  12033. cqm_config = kzalloc_flex(*cqm_config, rssi_thresholds,
  12034. n_thresholds);
  12035. if (!cqm_config)
  12036. return -ENOMEM;
  12037. cqm_config->rssi_hyst = hysteresis;
  12038. cqm_config->n_rssi_thresholds = n_thresholds;
  12039. memcpy(cqm_config->rssi_thresholds, thresholds,
  12040. flex_array_size(cqm_config, rssi_thresholds,
  12041. n_thresholds));
  12042. cqm_config->use_range_api = n_thresholds > 1 ||
  12043. !rdev->ops->set_cqm_rssi_config;
  12044. rcu_assign_pointer(wdev->cqm_config, cqm_config);
  12045. if (cqm_config->use_range_api)
  12046. err = cfg80211_cqm_rssi_update(rdev, dev, cqm_config);
  12047. else
  12048. err = rdev_set_cqm_rssi_config(rdev, dev,
  12049. thresholds[0],
  12050. hysteresis);
  12051. } else {
  12052. RCU_INIT_POINTER(wdev->cqm_config, NULL);
  12053. /* if enabled as range also disable via range */
  12054. if (old->use_range_api)
  12055. err = rdev_set_cqm_rssi_range_config(rdev, dev, 0, 0);
  12056. else
  12057. err = rdev_set_cqm_rssi_config(rdev, dev, 0, 0);
  12058. }
  12059. if (err) {
  12060. rcu_assign_pointer(wdev->cqm_config, old);
  12061. kfree_rcu(cqm_config, rcu_head);
  12062. } else {
  12063. kfree_rcu(old, rcu_head);
  12064. }
  12065. return err;
  12066. }
  12067. static int nl80211_set_cqm(struct sk_buff *skb, struct genl_info *info)
  12068. {
  12069. struct nlattr *attrs[NL80211_ATTR_CQM_MAX + 1];
  12070. struct nlattr *cqm;
  12071. int err;
  12072. cqm = info->attrs[NL80211_ATTR_CQM];
  12073. if (!cqm)
  12074. return -EINVAL;
  12075. err = nla_parse_nested_deprecated(attrs, NL80211_ATTR_CQM_MAX, cqm,
  12076. nl80211_attr_cqm_policy,
  12077. info->extack);
  12078. if (err)
  12079. return err;
  12080. if (attrs[NL80211_ATTR_CQM_RSSI_THOLD] &&
  12081. attrs[NL80211_ATTR_CQM_RSSI_HYST]) {
  12082. const s32 *thresholds =
  12083. nla_data(attrs[NL80211_ATTR_CQM_RSSI_THOLD]);
  12084. int len = nla_len(attrs[NL80211_ATTR_CQM_RSSI_THOLD]);
  12085. u32 hysteresis = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_HYST]);
  12086. if (len % 4)
  12087. return -EINVAL;
  12088. return nl80211_set_cqm_rssi(info, thresholds, len / 4,
  12089. hysteresis);
  12090. }
  12091. if (attrs[NL80211_ATTR_CQM_TXE_RATE] &&
  12092. attrs[NL80211_ATTR_CQM_TXE_PKTS] &&
  12093. attrs[NL80211_ATTR_CQM_TXE_INTVL]) {
  12094. u32 rate = nla_get_u32(attrs[NL80211_ATTR_CQM_TXE_RATE]);
  12095. u32 pkts = nla_get_u32(attrs[NL80211_ATTR_CQM_TXE_PKTS]);
  12096. u32 intvl = nla_get_u32(attrs[NL80211_ATTR_CQM_TXE_INTVL]);
  12097. return nl80211_set_cqm_txe(info, rate, pkts, intvl);
  12098. }
  12099. return -EINVAL;
  12100. }
  12101. static int nl80211_join_ocb(struct sk_buff *skb, struct genl_info *info)
  12102. {
  12103. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  12104. struct net_device *dev = info->user_ptr[1];
  12105. struct ocb_setup setup = {};
  12106. int err;
  12107. err = nl80211_parse_chandef(rdev, info, &setup.chandef);
  12108. if (err)
  12109. return err;
  12110. return cfg80211_join_ocb(rdev, dev, &setup);
  12111. }
  12112. static int nl80211_leave_ocb(struct sk_buff *skb, struct genl_info *info)
  12113. {
  12114. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  12115. struct net_device *dev = info->user_ptr[1];
  12116. return cfg80211_leave_ocb(rdev, dev);
  12117. }
  12118. static int nl80211_join_mesh(struct sk_buff *skb, struct genl_info *info)
  12119. {
  12120. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  12121. struct net_device *dev = info->user_ptr[1];
  12122. struct mesh_config cfg;
  12123. struct mesh_setup setup;
  12124. int err;
  12125. /* start with default */
  12126. memcpy(&cfg, &default_mesh_config, sizeof(cfg));
  12127. memcpy(&setup, &default_mesh_setup, sizeof(setup));
  12128. if (info->attrs[NL80211_ATTR_MESH_CONFIG]) {
  12129. /* and parse parameters if given */
  12130. err = nl80211_parse_mesh_config(info, &cfg, NULL);
  12131. if (err)
  12132. return err;
  12133. }
  12134. if (!info->attrs[NL80211_ATTR_MESH_ID] ||
  12135. !nla_len(info->attrs[NL80211_ATTR_MESH_ID]))
  12136. return -EINVAL;
  12137. setup.mesh_id = nla_data(info->attrs[NL80211_ATTR_MESH_ID]);
  12138. setup.mesh_id_len = nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
  12139. if (info->attrs[NL80211_ATTR_MCAST_RATE] &&
  12140. !nl80211_parse_mcast_rate(rdev, setup.mcast_rate,
  12141. nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE])))
  12142. return -EINVAL;
  12143. if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) {
  12144. setup.beacon_interval =
  12145. nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]);
  12146. err = cfg80211_validate_beacon_int(rdev,
  12147. NL80211_IFTYPE_MESH_POINT,
  12148. setup.beacon_interval);
  12149. if (err)
  12150. return err;
  12151. }
  12152. if (info->attrs[NL80211_ATTR_DTIM_PERIOD]) {
  12153. setup.dtim_period =
  12154. nla_get_u32(info->attrs[NL80211_ATTR_DTIM_PERIOD]);
  12155. if (setup.dtim_period < 1 || setup.dtim_period > 100)
  12156. return -EINVAL;
  12157. }
  12158. if (info->attrs[NL80211_ATTR_MESH_SETUP]) {
  12159. /* parse additional setup parameters if given */
  12160. err = nl80211_parse_mesh_setup(info, &setup);
  12161. if (err)
  12162. return err;
  12163. }
  12164. if (setup.user_mpm)
  12165. cfg.auto_open_plinks = false;
  12166. if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
  12167. err = nl80211_parse_chandef(rdev, info, &setup.chandef);
  12168. if (err)
  12169. return err;
  12170. } else {
  12171. /* __cfg80211_join_mesh() will sort it out */
  12172. setup.chandef.chan = NULL;
  12173. }
  12174. if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) {
  12175. u8 *rates = nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
  12176. int n_rates =
  12177. nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
  12178. struct ieee80211_supported_band *sband;
  12179. if (!setup.chandef.chan)
  12180. return -EINVAL;
  12181. sband = rdev->wiphy.bands[setup.chandef.chan->band];
  12182. err = ieee80211_get_ratemask(sband, rates, n_rates,
  12183. &setup.basic_rates);
  12184. if (err)
  12185. return err;
  12186. }
  12187. if (info->attrs[NL80211_ATTR_TX_RATES]) {
  12188. err = nl80211_parse_tx_bitrate_mask(info, info->attrs,
  12189. NL80211_ATTR_TX_RATES,
  12190. &setup.beacon_rate,
  12191. dev, false, 0);
  12192. if (err)
  12193. return err;
  12194. if (!setup.chandef.chan)
  12195. return -EINVAL;
  12196. err = validate_beacon_tx_rate(rdev, setup.chandef.chan->band,
  12197. &setup.beacon_rate);
  12198. if (err)
  12199. return err;
  12200. }
  12201. setup.userspace_handles_dfs =
  12202. nla_get_flag(info->attrs[NL80211_ATTR_HANDLE_DFS]);
  12203. if (info->attrs[NL80211_ATTR_CONTROL_PORT_OVER_NL80211]) {
  12204. int r = validate_pae_over_nl80211(rdev, info);
  12205. if (r < 0)
  12206. return r;
  12207. setup.control_port_over_nl80211 = true;
  12208. }
  12209. err = __cfg80211_join_mesh(rdev, dev, &setup, &cfg);
  12210. if (!err && info->attrs[NL80211_ATTR_SOCKET_OWNER])
  12211. dev->ieee80211_ptr->conn_owner_nlportid = info->snd_portid;
  12212. return err;
  12213. }
  12214. static int nl80211_leave_mesh(struct sk_buff *skb, struct genl_info *info)
  12215. {
  12216. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  12217. struct net_device *dev = info->user_ptr[1];
  12218. return cfg80211_leave_mesh(rdev, dev);
  12219. }
  12220. #ifdef CONFIG_PM
  12221. static int nl80211_send_wowlan_patterns(struct sk_buff *msg,
  12222. struct cfg80211_registered_device *rdev)
  12223. {
  12224. struct cfg80211_wowlan *wowlan = rdev->wiphy.wowlan_config;
  12225. struct nlattr *nl_pats, *nl_pat;
  12226. int i, pat_len;
  12227. if (!wowlan->n_patterns)
  12228. return 0;
  12229. nl_pats = nla_nest_start_noflag(msg, NL80211_WOWLAN_TRIG_PKT_PATTERN);
  12230. if (!nl_pats)
  12231. return -ENOBUFS;
  12232. for (i = 0; i < wowlan->n_patterns; i++) {
  12233. nl_pat = nla_nest_start_noflag(msg, i + 1);
  12234. if (!nl_pat)
  12235. return -ENOBUFS;
  12236. pat_len = wowlan->patterns[i].pattern_len;
  12237. if (nla_put(msg, NL80211_PKTPAT_MASK, DIV_ROUND_UP(pat_len, 8),
  12238. wowlan->patterns[i].mask) ||
  12239. nla_put(msg, NL80211_PKTPAT_PATTERN, pat_len,
  12240. wowlan->patterns[i].pattern) ||
  12241. nla_put_u32(msg, NL80211_PKTPAT_OFFSET,
  12242. wowlan->patterns[i].pkt_offset))
  12243. return -ENOBUFS;
  12244. nla_nest_end(msg, nl_pat);
  12245. }
  12246. nla_nest_end(msg, nl_pats);
  12247. return 0;
  12248. }
  12249. static int nl80211_send_wowlan_tcp(struct sk_buff *msg,
  12250. struct cfg80211_wowlan_tcp *tcp)
  12251. {
  12252. struct nlattr *nl_tcp;
  12253. if (!tcp)
  12254. return 0;
  12255. nl_tcp = nla_nest_start_noflag(msg,
  12256. NL80211_WOWLAN_TRIG_TCP_CONNECTION);
  12257. if (!nl_tcp)
  12258. return -ENOBUFS;
  12259. if (nla_put_in_addr(msg, NL80211_WOWLAN_TCP_SRC_IPV4, tcp->src) ||
  12260. nla_put_in_addr(msg, NL80211_WOWLAN_TCP_DST_IPV4, tcp->dst) ||
  12261. nla_put(msg, NL80211_WOWLAN_TCP_DST_MAC, ETH_ALEN, tcp->dst_mac) ||
  12262. nla_put_u16(msg, NL80211_WOWLAN_TCP_SRC_PORT, tcp->src_port) ||
  12263. nla_put_u16(msg, NL80211_WOWLAN_TCP_DST_PORT, tcp->dst_port) ||
  12264. nla_put(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD,
  12265. tcp->payload_len, tcp->payload) ||
  12266. nla_put_u32(msg, NL80211_WOWLAN_TCP_DATA_INTERVAL,
  12267. tcp->data_interval) ||
  12268. nla_put(msg, NL80211_WOWLAN_TCP_WAKE_PAYLOAD,
  12269. tcp->wake_len, tcp->wake_data) ||
  12270. nla_put(msg, NL80211_WOWLAN_TCP_WAKE_MASK,
  12271. DIV_ROUND_UP(tcp->wake_len, 8), tcp->wake_mask))
  12272. return -ENOBUFS;
  12273. if (tcp->payload_seq.len &&
  12274. nla_put(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ,
  12275. sizeof(tcp->payload_seq), &tcp->payload_seq))
  12276. return -ENOBUFS;
  12277. if (tcp->payload_tok.len &&
  12278. nla_put(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN,
  12279. sizeof(tcp->payload_tok) + tcp->tokens_size,
  12280. &tcp->payload_tok))
  12281. return -ENOBUFS;
  12282. nla_nest_end(msg, nl_tcp);
  12283. return 0;
  12284. }
  12285. static int nl80211_send_wowlan_nd(struct sk_buff *msg,
  12286. struct cfg80211_sched_scan_request *req)
  12287. {
  12288. struct nlattr *nd, *freqs, *matches, *match, *scan_plans, *scan_plan;
  12289. int i;
  12290. if (!req)
  12291. return 0;
  12292. nd = nla_nest_start_noflag(msg, NL80211_WOWLAN_TRIG_NET_DETECT);
  12293. if (!nd)
  12294. return -ENOBUFS;
  12295. if (req->n_scan_plans == 1 &&
  12296. nla_put_u32(msg, NL80211_ATTR_SCHED_SCAN_INTERVAL,
  12297. req->scan_plans[0].interval * 1000))
  12298. return -ENOBUFS;
  12299. if (nla_put_u32(msg, NL80211_ATTR_SCHED_SCAN_DELAY, req->delay))
  12300. return -ENOBUFS;
  12301. if (req->relative_rssi_set) {
  12302. struct nl80211_bss_select_rssi_adjust rssi_adjust;
  12303. if (nla_put_s8(msg, NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI,
  12304. req->relative_rssi))
  12305. return -ENOBUFS;
  12306. rssi_adjust.band = req->rssi_adjust.band;
  12307. rssi_adjust.delta = req->rssi_adjust.delta;
  12308. if (nla_put(msg, NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST,
  12309. sizeof(rssi_adjust), &rssi_adjust))
  12310. return -ENOBUFS;
  12311. }
  12312. freqs = nla_nest_start_noflag(msg, NL80211_ATTR_SCAN_FREQUENCIES);
  12313. if (!freqs)
  12314. return -ENOBUFS;
  12315. for (i = 0; i < req->n_channels; i++) {
  12316. if (nla_put_u32(msg, i, req->channels[i]->center_freq))
  12317. return -ENOBUFS;
  12318. }
  12319. nla_nest_end(msg, freqs);
  12320. if (req->n_match_sets) {
  12321. matches = nla_nest_start_noflag(msg,
  12322. NL80211_ATTR_SCHED_SCAN_MATCH);
  12323. if (!matches)
  12324. return -ENOBUFS;
  12325. for (i = 0; i < req->n_match_sets; i++) {
  12326. match = nla_nest_start_noflag(msg, i);
  12327. if (!match)
  12328. return -ENOBUFS;
  12329. if (nla_put(msg, NL80211_SCHED_SCAN_MATCH_ATTR_SSID,
  12330. req->match_sets[i].ssid.ssid_len,
  12331. req->match_sets[i].ssid.ssid))
  12332. return -ENOBUFS;
  12333. nla_nest_end(msg, match);
  12334. }
  12335. nla_nest_end(msg, matches);
  12336. }
  12337. scan_plans = nla_nest_start_noflag(msg, NL80211_ATTR_SCHED_SCAN_PLANS);
  12338. if (!scan_plans)
  12339. return -ENOBUFS;
  12340. for (i = 0; i < req->n_scan_plans; i++) {
  12341. scan_plan = nla_nest_start_noflag(msg, i + 1);
  12342. if (!scan_plan)
  12343. return -ENOBUFS;
  12344. if (nla_put_u32(msg, NL80211_SCHED_SCAN_PLAN_INTERVAL,
  12345. req->scan_plans[i].interval) ||
  12346. (req->scan_plans[i].iterations &&
  12347. nla_put_u32(msg, NL80211_SCHED_SCAN_PLAN_ITERATIONS,
  12348. req->scan_plans[i].iterations)))
  12349. return -ENOBUFS;
  12350. nla_nest_end(msg, scan_plan);
  12351. }
  12352. nla_nest_end(msg, scan_plans);
  12353. nla_nest_end(msg, nd);
  12354. return 0;
  12355. }
  12356. static int nl80211_get_wowlan(struct sk_buff *skb, struct genl_info *info)
  12357. {
  12358. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  12359. struct sk_buff *msg;
  12360. void *hdr;
  12361. u32 size = NLMSG_DEFAULT_SIZE;
  12362. if (!rdev->wiphy.wowlan)
  12363. return -EOPNOTSUPP;
  12364. if (rdev->wiphy.wowlan_config && rdev->wiphy.wowlan_config->tcp) {
  12365. /* adjust size to have room for all the data */
  12366. size += rdev->wiphy.wowlan_config->tcp->tokens_size +
  12367. rdev->wiphy.wowlan_config->tcp->payload_len +
  12368. rdev->wiphy.wowlan_config->tcp->wake_len +
  12369. rdev->wiphy.wowlan_config->tcp->wake_len / 8;
  12370. }
  12371. msg = nlmsg_new(size, GFP_KERNEL);
  12372. if (!msg)
  12373. return -ENOMEM;
  12374. hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
  12375. NL80211_CMD_GET_WOWLAN);
  12376. if (!hdr)
  12377. goto nla_put_failure;
  12378. if (rdev->wiphy.wowlan_config) {
  12379. struct nlattr *nl_wowlan;
  12380. nl_wowlan = nla_nest_start_noflag(msg,
  12381. NL80211_ATTR_WOWLAN_TRIGGERS);
  12382. if (!nl_wowlan)
  12383. goto nla_put_failure;
  12384. if ((rdev->wiphy.wowlan_config->any &&
  12385. nla_put_flag(msg, NL80211_WOWLAN_TRIG_ANY)) ||
  12386. (rdev->wiphy.wowlan_config->disconnect &&
  12387. nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT)) ||
  12388. (rdev->wiphy.wowlan_config->magic_pkt &&
  12389. nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT)) ||
  12390. (rdev->wiphy.wowlan_config->gtk_rekey_failure &&
  12391. nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE)) ||
  12392. (rdev->wiphy.wowlan_config->eap_identity_req &&
  12393. nla_put_flag(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST)) ||
  12394. (rdev->wiphy.wowlan_config->four_way_handshake &&
  12395. nla_put_flag(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE)) ||
  12396. (rdev->wiphy.wowlan_config->rfkill_release &&
  12397. nla_put_flag(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE)))
  12398. goto nla_put_failure;
  12399. if (nl80211_send_wowlan_patterns(msg, rdev))
  12400. goto nla_put_failure;
  12401. if (nl80211_send_wowlan_tcp(msg,
  12402. rdev->wiphy.wowlan_config->tcp))
  12403. goto nla_put_failure;
  12404. if (nl80211_send_wowlan_nd(
  12405. msg,
  12406. rdev->wiphy.wowlan_config->nd_config))
  12407. goto nla_put_failure;
  12408. nla_nest_end(msg, nl_wowlan);
  12409. }
  12410. genlmsg_end(msg, hdr);
  12411. return genlmsg_reply(msg, info);
  12412. nla_put_failure:
  12413. nlmsg_free(msg);
  12414. return -ENOBUFS;
  12415. }
  12416. static int nl80211_parse_wowlan_tcp(struct cfg80211_registered_device *rdev,
  12417. struct nlattr *attr,
  12418. struct cfg80211_wowlan *trig)
  12419. {
  12420. struct nlattr *tb[NUM_NL80211_WOWLAN_TCP];
  12421. struct cfg80211_wowlan_tcp *cfg;
  12422. struct nl80211_wowlan_tcp_data_token *tok = NULL;
  12423. struct nl80211_wowlan_tcp_data_seq *seq = NULL;
  12424. u32 size;
  12425. u32 data_size, wake_size, tokens_size = 0, wake_mask_size;
  12426. int err, port;
  12427. if (!rdev->wiphy.wowlan->tcp)
  12428. return -EINVAL;
  12429. err = nla_parse_nested_deprecated(tb, MAX_NL80211_WOWLAN_TCP, attr,
  12430. nl80211_wowlan_tcp_policy, NULL);
  12431. if (err)
  12432. return err;
  12433. if (!tb[NL80211_WOWLAN_TCP_SRC_IPV4] ||
  12434. !tb[NL80211_WOWLAN_TCP_DST_IPV4] ||
  12435. !tb[NL80211_WOWLAN_TCP_DST_MAC] ||
  12436. !tb[NL80211_WOWLAN_TCP_DST_PORT] ||
  12437. !tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD] ||
  12438. !tb[NL80211_WOWLAN_TCP_DATA_INTERVAL] ||
  12439. !tb[NL80211_WOWLAN_TCP_WAKE_PAYLOAD] ||
  12440. !tb[NL80211_WOWLAN_TCP_WAKE_MASK])
  12441. return -EINVAL;
  12442. data_size = nla_len(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD]);
  12443. if (data_size > rdev->wiphy.wowlan->tcp->data_payload_max)
  12444. return -EINVAL;
  12445. if (nla_get_u32(tb[NL80211_WOWLAN_TCP_DATA_INTERVAL]) >
  12446. rdev->wiphy.wowlan->tcp->data_interval_max ||
  12447. nla_get_u32(tb[NL80211_WOWLAN_TCP_DATA_INTERVAL]) == 0)
  12448. return -EINVAL;
  12449. wake_size = nla_len(tb[NL80211_WOWLAN_TCP_WAKE_PAYLOAD]);
  12450. if (wake_size > rdev->wiphy.wowlan->tcp->wake_payload_max)
  12451. return -EINVAL;
  12452. wake_mask_size = nla_len(tb[NL80211_WOWLAN_TCP_WAKE_MASK]);
  12453. if (wake_mask_size != DIV_ROUND_UP(wake_size, 8))
  12454. return -EINVAL;
  12455. if (tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN]) {
  12456. u32 tokln = nla_len(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN]);
  12457. tok = nla_data(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN]);
  12458. tokens_size = tokln - sizeof(*tok);
  12459. if (!tok->len || tokens_size % tok->len)
  12460. return -EINVAL;
  12461. if (!rdev->wiphy.wowlan->tcp->tok)
  12462. return -EINVAL;
  12463. if (tok->len > rdev->wiphy.wowlan->tcp->tok->max_len)
  12464. return -EINVAL;
  12465. if (tok->len < rdev->wiphy.wowlan->tcp->tok->min_len)
  12466. return -EINVAL;
  12467. if (tokens_size > rdev->wiphy.wowlan->tcp->tok->bufsize)
  12468. return -EINVAL;
  12469. if (tok->offset + tok->len > data_size)
  12470. return -EINVAL;
  12471. }
  12472. if (tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ]) {
  12473. seq = nla_data(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ]);
  12474. if (!rdev->wiphy.wowlan->tcp->seq)
  12475. return -EINVAL;
  12476. if (seq->len == 0 || seq->len > 4)
  12477. return -EINVAL;
  12478. if (seq->len + seq->offset > data_size)
  12479. return -EINVAL;
  12480. }
  12481. size = sizeof(*cfg);
  12482. size += data_size;
  12483. size += wake_size + wake_mask_size;
  12484. size += tokens_size;
  12485. cfg = kzalloc(size, GFP_KERNEL);
  12486. if (!cfg)
  12487. return -ENOMEM;
  12488. cfg->src = nla_get_in_addr(tb[NL80211_WOWLAN_TCP_SRC_IPV4]);
  12489. cfg->dst = nla_get_in_addr(tb[NL80211_WOWLAN_TCP_DST_IPV4]);
  12490. memcpy(cfg->dst_mac, nla_data(tb[NL80211_WOWLAN_TCP_DST_MAC]),
  12491. ETH_ALEN);
  12492. port = nla_get_u16_default(tb[NL80211_WOWLAN_TCP_SRC_PORT], 0);
  12493. #ifdef CONFIG_INET
  12494. /* allocate a socket and port for it and use it */
  12495. err = __sock_create(wiphy_net(&rdev->wiphy), PF_INET, SOCK_STREAM,
  12496. IPPROTO_TCP, &cfg->sock, 1);
  12497. if (err) {
  12498. kfree(cfg);
  12499. return err;
  12500. }
  12501. if (inet_csk_get_port(cfg->sock->sk, port)) {
  12502. sock_release(cfg->sock);
  12503. kfree(cfg);
  12504. return -EADDRINUSE;
  12505. }
  12506. cfg->src_port = inet_sk(cfg->sock->sk)->inet_num;
  12507. #else
  12508. if (!port) {
  12509. kfree(cfg);
  12510. return -EINVAL;
  12511. }
  12512. cfg->src_port = port;
  12513. #endif
  12514. cfg->dst_port = nla_get_u16(tb[NL80211_WOWLAN_TCP_DST_PORT]);
  12515. cfg->payload_len = data_size;
  12516. cfg->payload = (u8 *)cfg + sizeof(*cfg) + tokens_size;
  12517. memcpy((void *)cfg->payload,
  12518. nla_data(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD]),
  12519. data_size);
  12520. if (seq)
  12521. cfg->payload_seq = *seq;
  12522. cfg->data_interval = nla_get_u32(tb[NL80211_WOWLAN_TCP_DATA_INTERVAL]);
  12523. cfg->wake_len = wake_size;
  12524. cfg->wake_data = (u8 *)cfg + sizeof(*cfg) + tokens_size + data_size;
  12525. memcpy((void *)cfg->wake_data,
  12526. nla_data(tb[NL80211_WOWLAN_TCP_WAKE_PAYLOAD]),
  12527. wake_size);
  12528. cfg->wake_mask = (u8 *)cfg + sizeof(*cfg) + tokens_size +
  12529. data_size + wake_size;
  12530. memcpy((void *)cfg->wake_mask,
  12531. nla_data(tb[NL80211_WOWLAN_TCP_WAKE_MASK]),
  12532. wake_mask_size);
  12533. if (tok) {
  12534. cfg->tokens_size = tokens_size;
  12535. cfg->payload_tok = *tok;
  12536. memcpy(cfg->payload_tok.token_stream, tok->token_stream,
  12537. tokens_size);
  12538. }
  12539. trig->tcp = cfg;
  12540. return 0;
  12541. }
  12542. static int nl80211_parse_wowlan_nd(struct cfg80211_registered_device *rdev,
  12543. const struct wiphy_wowlan_support *wowlan,
  12544. struct nlattr *attr,
  12545. struct cfg80211_wowlan *trig)
  12546. {
  12547. struct nlattr **tb;
  12548. int err;
  12549. tb = kzalloc_objs(*tb, NUM_NL80211_ATTR);
  12550. if (!tb)
  12551. return -ENOMEM;
  12552. if (!(wowlan->flags & WIPHY_WOWLAN_NET_DETECT)) {
  12553. err = -EOPNOTSUPP;
  12554. goto out;
  12555. }
  12556. err = nla_parse_nested_deprecated(tb, NL80211_ATTR_MAX, attr,
  12557. nl80211_policy, NULL);
  12558. if (err)
  12559. goto out;
  12560. trig->nd_config = nl80211_parse_sched_scan(&rdev->wiphy, NULL, tb,
  12561. wowlan->max_nd_match_sets);
  12562. err = PTR_ERR_OR_ZERO(trig->nd_config);
  12563. if (err)
  12564. trig->nd_config = NULL;
  12565. out:
  12566. kfree(tb);
  12567. return err;
  12568. }
  12569. static int nl80211_set_wowlan(struct sk_buff *skb, struct genl_info *info)
  12570. {
  12571. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  12572. struct nlattr *tb[NUM_NL80211_WOWLAN_TRIG];
  12573. struct cfg80211_wowlan new_triggers = {};
  12574. struct cfg80211_wowlan *ntrig;
  12575. const struct wiphy_wowlan_support *wowlan = rdev->wiphy.wowlan;
  12576. int err, i;
  12577. bool prev_enabled = rdev->wiphy.wowlan_config;
  12578. bool regular = false;
  12579. if (!wowlan)
  12580. return -EOPNOTSUPP;
  12581. if (!info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]) {
  12582. cfg80211_rdev_free_wowlan(rdev);
  12583. rdev->wiphy.wowlan_config = NULL;
  12584. goto set_wakeup;
  12585. }
  12586. err = nla_parse_nested_deprecated(tb, MAX_NL80211_WOWLAN_TRIG,
  12587. info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS],
  12588. nl80211_wowlan_policy, info->extack);
  12589. if (err)
  12590. return err;
  12591. if (tb[NL80211_WOWLAN_TRIG_ANY]) {
  12592. if (!(wowlan->flags & WIPHY_WOWLAN_ANY))
  12593. return -EINVAL;
  12594. new_triggers.any = true;
  12595. }
  12596. if (tb[NL80211_WOWLAN_TRIG_DISCONNECT]) {
  12597. if (!(wowlan->flags & WIPHY_WOWLAN_DISCONNECT))
  12598. return -EINVAL;
  12599. new_triggers.disconnect = true;
  12600. regular = true;
  12601. }
  12602. if (tb[NL80211_WOWLAN_TRIG_MAGIC_PKT]) {
  12603. if (!(wowlan->flags & WIPHY_WOWLAN_MAGIC_PKT))
  12604. return -EINVAL;
  12605. new_triggers.magic_pkt = true;
  12606. regular = true;
  12607. }
  12608. if (tb[NL80211_WOWLAN_TRIG_GTK_REKEY_SUPPORTED])
  12609. return -EINVAL;
  12610. if (tb[NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE]) {
  12611. if (!(wowlan->flags & WIPHY_WOWLAN_GTK_REKEY_FAILURE))
  12612. return -EINVAL;
  12613. new_triggers.gtk_rekey_failure = true;
  12614. regular = true;
  12615. }
  12616. if (tb[NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST]) {
  12617. if (!(wowlan->flags & WIPHY_WOWLAN_EAP_IDENTITY_REQ))
  12618. return -EINVAL;
  12619. new_triggers.eap_identity_req = true;
  12620. regular = true;
  12621. }
  12622. if (tb[NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE]) {
  12623. if (!(wowlan->flags & WIPHY_WOWLAN_4WAY_HANDSHAKE))
  12624. return -EINVAL;
  12625. new_triggers.four_way_handshake = true;
  12626. regular = true;
  12627. }
  12628. if (tb[NL80211_WOWLAN_TRIG_RFKILL_RELEASE]) {
  12629. if (!(wowlan->flags & WIPHY_WOWLAN_RFKILL_RELEASE))
  12630. return -EINVAL;
  12631. new_triggers.rfkill_release = true;
  12632. regular = true;
  12633. }
  12634. if (tb[NL80211_WOWLAN_TRIG_PKT_PATTERN]) {
  12635. struct nlattr *pat;
  12636. int n_patterns = 0;
  12637. int rem, pat_len, mask_len, pkt_offset;
  12638. struct nlattr *pat_tb[NUM_NL80211_PKTPAT];
  12639. regular = true;
  12640. nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN],
  12641. rem)
  12642. n_patterns++;
  12643. if (n_patterns > wowlan->n_patterns)
  12644. return -EINVAL;
  12645. new_triggers.patterns = kzalloc_objs(new_triggers.patterns[0],
  12646. n_patterns);
  12647. if (!new_triggers.patterns)
  12648. return -ENOMEM;
  12649. new_triggers.n_patterns = n_patterns;
  12650. i = 0;
  12651. nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN],
  12652. rem) {
  12653. u8 *mask_pat;
  12654. err = nla_parse_nested_deprecated(pat_tb,
  12655. MAX_NL80211_PKTPAT,
  12656. pat,
  12657. nl80211_packet_pattern_policy,
  12658. info->extack);
  12659. if (err)
  12660. goto error;
  12661. err = -EINVAL;
  12662. if (!pat_tb[NL80211_PKTPAT_MASK] ||
  12663. !pat_tb[NL80211_PKTPAT_PATTERN])
  12664. goto error;
  12665. pat_len = nla_len(pat_tb[NL80211_PKTPAT_PATTERN]);
  12666. mask_len = DIV_ROUND_UP(pat_len, 8);
  12667. if (nla_len(pat_tb[NL80211_PKTPAT_MASK]) != mask_len)
  12668. goto error;
  12669. if (pat_len > wowlan->pattern_max_len ||
  12670. pat_len < wowlan->pattern_min_len)
  12671. goto error;
  12672. pkt_offset =
  12673. nla_get_u32_default(pat_tb[NL80211_PKTPAT_OFFSET],
  12674. 0);
  12675. if (pkt_offset > wowlan->max_pkt_offset)
  12676. goto error;
  12677. new_triggers.patterns[i].pkt_offset = pkt_offset;
  12678. mask_pat = kmalloc(mask_len + pat_len, GFP_KERNEL);
  12679. if (!mask_pat) {
  12680. err = -ENOMEM;
  12681. goto error;
  12682. }
  12683. new_triggers.patterns[i].mask = mask_pat;
  12684. memcpy(mask_pat, nla_data(pat_tb[NL80211_PKTPAT_MASK]),
  12685. mask_len);
  12686. mask_pat += mask_len;
  12687. new_triggers.patterns[i].pattern = mask_pat;
  12688. new_triggers.patterns[i].pattern_len = pat_len;
  12689. memcpy(mask_pat,
  12690. nla_data(pat_tb[NL80211_PKTPAT_PATTERN]),
  12691. pat_len);
  12692. i++;
  12693. }
  12694. }
  12695. if (tb[NL80211_WOWLAN_TRIG_TCP_CONNECTION]) {
  12696. regular = true;
  12697. err = nl80211_parse_wowlan_tcp(
  12698. rdev, tb[NL80211_WOWLAN_TRIG_TCP_CONNECTION],
  12699. &new_triggers);
  12700. if (err)
  12701. goto error;
  12702. }
  12703. if (tb[NL80211_WOWLAN_TRIG_NET_DETECT]) {
  12704. regular = true;
  12705. err = nl80211_parse_wowlan_nd(
  12706. rdev, wowlan, tb[NL80211_WOWLAN_TRIG_NET_DETECT],
  12707. &new_triggers);
  12708. if (err)
  12709. goto error;
  12710. }
  12711. /* The 'any' trigger means the device continues operating more or less
  12712. * as in its normal operation mode and wakes up the host on most of the
  12713. * normal interrupts (like packet RX, ...)
  12714. * It therefore makes little sense to combine with the more constrained
  12715. * wakeup trigger modes.
  12716. */
  12717. if (new_triggers.any && regular) {
  12718. err = -EINVAL;
  12719. goto error;
  12720. }
  12721. ntrig = kmemdup(&new_triggers, sizeof(new_triggers), GFP_KERNEL);
  12722. if (!ntrig) {
  12723. err = -ENOMEM;
  12724. goto error;
  12725. }
  12726. cfg80211_rdev_free_wowlan(rdev);
  12727. rdev->wiphy.wowlan_config = ntrig;
  12728. set_wakeup:
  12729. if (rdev->ops->set_wakeup &&
  12730. prev_enabled != !!rdev->wiphy.wowlan_config)
  12731. rdev_set_wakeup(rdev, rdev->wiphy.wowlan_config);
  12732. return 0;
  12733. error:
  12734. for (i = 0; i < new_triggers.n_patterns; i++)
  12735. kfree(new_triggers.patterns[i].mask);
  12736. kfree(new_triggers.patterns);
  12737. if (new_triggers.tcp && new_triggers.tcp->sock)
  12738. sock_release(new_triggers.tcp->sock);
  12739. kfree(new_triggers.tcp);
  12740. kfree(new_triggers.nd_config);
  12741. return err;
  12742. }
  12743. #endif
  12744. static int nl80211_send_coalesce_rules(struct sk_buff *msg,
  12745. struct cfg80211_registered_device *rdev)
  12746. {
  12747. struct nlattr *nl_pats, *nl_pat, *nl_rule, *nl_rules;
  12748. int i, j, pat_len;
  12749. struct cfg80211_coalesce_rules *rule;
  12750. if (!rdev->coalesce->n_rules)
  12751. return 0;
  12752. nl_rules = nla_nest_start_noflag(msg, NL80211_ATTR_COALESCE_RULE);
  12753. if (!nl_rules)
  12754. return -ENOBUFS;
  12755. for (i = 0; i < rdev->coalesce->n_rules; i++) {
  12756. nl_rule = nla_nest_start_noflag(msg, i + 1);
  12757. if (!nl_rule)
  12758. return -ENOBUFS;
  12759. rule = &rdev->coalesce->rules[i];
  12760. if (nla_put_u32(msg, NL80211_ATTR_COALESCE_RULE_DELAY,
  12761. rule->delay))
  12762. return -ENOBUFS;
  12763. if (nla_put_u32(msg, NL80211_ATTR_COALESCE_RULE_CONDITION,
  12764. rule->condition))
  12765. return -ENOBUFS;
  12766. nl_pats = nla_nest_start_noflag(msg,
  12767. NL80211_ATTR_COALESCE_RULE_PKT_PATTERN);
  12768. if (!nl_pats)
  12769. return -ENOBUFS;
  12770. for (j = 0; j < rule->n_patterns; j++) {
  12771. nl_pat = nla_nest_start_noflag(msg, j + 1);
  12772. if (!nl_pat)
  12773. return -ENOBUFS;
  12774. pat_len = rule->patterns[j].pattern_len;
  12775. if (nla_put(msg, NL80211_PKTPAT_MASK,
  12776. DIV_ROUND_UP(pat_len, 8),
  12777. rule->patterns[j].mask) ||
  12778. nla_put(msg, NL80211_PKTPAT_PATTERN, pat_len,
  12779. rule->patterns[j].pattern) ||
  12780. nla_put_u32(msg, NL80211_PKTPAT_OFFSET,
  12781. rule->patterns[j].pkt_offset))
  12782. return -ENOBUFS;
  12783. nla_nest_end(msg, nl_pat);
  12784. }
  12785. nla_nest_end(msg, nl_pats);
  12786. nla_nest_end(msg, nl_rule);
  12787. }
  12788. nla_nest_end(msg, nl_rules);
  12789. return 0;
  12790. }
  12791. static int nl80211_get_coalesce(struct sk_buff *skb, struct genl_info *info)
  12792. {
  12793. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  12794. struct sk_buff *msg;
  12795. void *hdr;
  12796. if (!rdev->wiphy.coalesce)
  12797. return -EOPNOTSUPP;
  12798. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  12799. if (!msg)
  12800. return -ENOMEM;
  12801. hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
  12802. NL80211_CMD_GET_COALESCE);
  12803. if (!hdr)
  12804. goto nla_put_failure;
  12805. if (rdev->coalesce && nl80211_send_coalesce_rules(msg, rdev))
  12806. goto nla_put_failure;
  12807. genlmsg_end(msg, hdr);
  12808. return genlmsg_reply(msg, info);
  12809. nla_put_failure:
  12810. nlmsg_free(msg);
  12811. return -ENOBUFS;
  12812. }
  12813. void cfg80211_free_coalesce(struct cfg80211_coalesce *coalesce)
  12814. {
  12815. int i, j;
  12816. struct cfg80211_coalesce_rules *rule;
  12817. if (!coalesce)
  12818. return;
  12819. for (i = 0; i < coalesce->n_rules; i++) {
  12820. rule = &coalesce->rules[i];
  12821. for (j = 0; j < rule->n_patterns; j++)
  12822. kfree(rule->patterns[j].mask);
  12823. kfree(rule->patterns);
  12824. }
  12825. kfree(coalesce);
  12826. }
  12827. static int nl80211_parse_coalesce_rule(struct cfg80211_registered_device *rdev,
  12828. struct nlattr *rule,
  12829. struct cfg80211_coalesce_rules *new_rule)
  12830. {
  12831. int err, i;
  12832. const struct wiphy_coalesce_support *coalesce = rdev->wiphy.coalesce;
  12833. struct nlattr *tb[NUM_NL80211_ATTR_COALESCE_RULE], *pat;
  12834. int rem, pat_len, mask_len, pkt_offset, n_patterns = 0;
  12835. struct nlattr *pat_tb[NUM_NL80211_PKTPAT];
  12836. err = nla_parse_nested_deprecated(tb, NL80211_ATTR_COALESCE_RULE_MAX,
  12837. rule, nl80211_coalesce_policy, NULL);
  12838. if (err)
  12839. return err;
  12840. if (tb[NL80211_ATTR_COALESCE_RULE_DELAY])
  12841. new_rule->delay =
  12842. nla_get_u32(tb[NL80211_ATTR_COALESCE_RULE_DELAY]);
  12843. if (new_rule->delay > coalesce->max_delay)
  12844. return -EINVAL;
  12845. if (tb[NL80211_ATTR_COALESCE_RULE_CONDITION])
  12846. new_rule->condition =
  12847. nla_get_u32(tb[NL80211_ATTR_COALESCE_RULE_CONDITION]);
  12848. if (!tb[NL80211_ATTR_COALESCE_RULE_PKT_PATTERN])
  12849. return -EINVAL;
  12850. nla_for_each_nested(pat, tb[NL80211_ATTR_COALESCE_RULE_PKT_PATTERN],
  12851. rem)
  12852. n_patterns++;
  12853. if (n_patterns > coalesce->n_patterns)
  12854. return -EINVAL;
  12855. new_rule->patterns = kzalloc_objs(new_rule->patterns[0], n_patterns);
  12856. if (!new_rule->patterns)
  12857. return -ENOMEM;
  12858. new_rule->n_patterns = n_patterns;
  12859. i = 0;
  12860. nla_for_each_nested(pat, tb[NL80211_ATTR_COALESCE_RULE_PKT_PATTERN],
  12861. rem) {
  12862. u8 *mask_pat;
  12863. err = nla_parse_nested_deprecated(pat_tb, MAX_NL80211_PKTPAT,
  12864. pat,
  12865. nl80211_packet_pattern_policy,
  12866. NULL);
  12867. if (err)
  12868. return err;
  12869. if (!pat_tb[NL80211_PKTPAT_MASK] ||
  12870. !pat_tb[NL80211_PKTPAT_PATTERN])
  12871. return -EINVAL;
  12872. pat_len = nla_len(pat_tb[NL80211_PKTPAT_PATTERN]);
  12873. mask_len = DIV_ROUND_UP(pat_len, 8);
  12874. if (nla_len(pat_tb[NL80211_PKTPAT_MASK]) != mask_len)
  12875. return -EINVAL;
  12876. if (pat_len > coalesce->pattern_max_len ||
  12877. pat_len < coalesce->pattern_min_len)
  12878. return -EINVAL;
  12879. pkt_offset = nla_get_u32_default(pat_tb[NL80211_PKTPAT_OFFSET],
  12880. 0);
  12881. if (pkt_offset > coalesce->max_pkt_offset)
  12882. return -EINVAL;
  12883. new_rule->patterns[i].pkt_offset = pkt_offset;
  12884. mask_pat = kmalloc(mask_len + pat_len, GFP_KERNEL);
  12885. if (!mask_pat)
  12886. return -ENOMEM;
  12887. new_rule->patterns[i].mask = mask_pat;
  12888. memcpy(mask_pat, nla_data(pat_tb[NL80211_PKTPAT_MASK]),
  12889. mask_len);
  12890. mask_pat += mask_len;
  12891. new_rule->patterns[i].pattern = mask_pat;
  12892. new_rule->patterns[i].pattern_len = pat_len;
  12893. memcpy(mask_pat, nla_data(pat_tb[NL80211_PKTPAT_PATTERN]),
  12894. pat_len);
  12895. i++;
  12896. }
  12897. return 0;
  12898. }
  12899. static int nl80211_set_coalesce(struct sk_buff *skb, struct genl_info *info)
  12900. {
  12901. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  12902. const struct wiphy_coalesce_support *coalesce = rdev->wiphy.coalesce;
  12903. struct cfg80211_coalesce *new_coalesce;
  12904. int err, rem_rule, n_rules = 0, i;
  12905. struct nlattr *rule;
  12906. if (!rdev->wiphy.coalesce || !rdev->ops->set_coalesce)
  12907. return -EOPNOTSUPP;
  12908. if (!info->attrs[NL80211_ATTR_COALESCE_RULE]) {
  12909. cfg80211_free_coalesce(rdev->coalesce);
  12910. rdev->coalesce = NULL;
  12911. rdev_set_coalesce(rdev, NULL);
  12912. return 0;
  12913. }
  12914. nla_for_each_nested(rule, info->attrs[NL80211_ATTR_COALESCE_RULE],
  12915. rem_rule)
  12916. n_rules++;
  12917. if (n_rules > coalesce->n_rules)
  12918. return -EINVAL;
  12919. new_coalesce = kzalloc_flex(*new_coalesce, rules, n_rules);
  12920. if (!new_coalesce)
  12921. return -ENOMEM;
  12922. new_coalesce->n_rules = n_rules;
  12923. i = 0;
  12924. nla_for_each_nested(rule, info->attrs[NL80211_ATTR_COALESCE_RULE],
  12925. rem_rule) {
  12926. err = nl80211_parse_coalesce_rule(rdev, rule,
  12927. &new_coalesce->rules[i]);
  12928. if (err)
  12929. goto error;
  12930. i++;
  12931. }
  12932. err = rdev_set_coalesce(rdev, new_coalesce);
  12933. if (err)
  12934. goto error;
  12935. cfg80211_free_coalesce(rdev->coalesce);
  12936. rdev->coalesce = new_coalesce;
  12937. return 0;
  12938. error:
  12939. cfg80211_free_coalesce(new_coalesce);
  12940. return err;
  12941. }
  12942. static int nl80211_set_rekey_data(struct sk_buff *skb, struct genl_info *info)
  12943. {
  12944. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  12945. struct net_device *dev = info->user_ptr[1];
  12946. struct wireless_dev *wdev = dev->ieee80211_ptr;
  12947. struct nlattr *tb[NUM_NL80211_REKEY_DATA];
  12948. struct cfg80211_gtk_rekey_data rekey_data = {};
  12949. int err;
  12950. if (!info->attrs[NL80211_ATTR_REKEY_DATA])
  12951. return -EINVAL;
  12952. err = nla_parse_nested_deprecated(tb, MAX_NL80211_REKEY_DATA,
  12953. info->attrs[NL80211_ATTR_REKEY_DATA],
  12954. nl80211_rekey_policy, info->extack);
  12955. if (err)
  12956. return err;
  12957. if (!tb[NL80211_REKEY_DATA_REPLAY_CTR] || !tb[NL80211_REKEY_DATA_KEK] ||
  12958. !tb[NL80211_REKEY_DATA_KCK])
  12959. return -EINVAL;
  12960. if (nla_len(tb[NL80211_REKEY_DATA_KEK]) != NL80211_KEK_LEN &&
  12961. !(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_EXT_KEK_KCK &&
  12962. nla_len(tb[NL80211_REKEY_DATA_KEK]) == NL80211_KEK_EXT_LEN))
  12963. return -ERANGE;
  12964. if (nla_len(tb[NL80211_REKEY_DATA_KCK]) != NL80211_KCK_LEN &&
  12965. !(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_EXT_KEK_KCK &&
  12966. nla_len(tb[NL80211_REKEY_DATA_KCK]) == NL80211_KCK_EXT_LEN) &&
  12967. !(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_EXT_KCK_32 &&
  12968. nla_len(tb[NL80211_REKEY_DATA_KCK]) == NL80211_KCK_EXT_LEN_32))
  12969. return -ERANGE;
  12970. rekey_data.kek = nla_data(tb[NL80211_REKEY_DATA_KEK]);
  12971. rekey_data.kck = nla_data(tb[NL80211_REKEY_DATA_KCK]);
  12972. rekey_data.replay_ctr = nla_data(tb[NL80211_REKEY_DATA_REPLAY_CTR]);
  12973. rekey_data.kek_len = nla_len(tb[NL80211_REKEY_DATA_KEK]);
  12974. rekey_data.kck_len = nla_len(tb[NL80211_REKEY_DATA_KCK]);
  12975. if (tb[NL80211_REKEY_DATA_AKM])
  12976. rekey_data.akm = nla_get_u32(tb[NL80211_REKEY_DATA_AKM]);
  12977. if (!wdev->connected)
  12978. return -ENOTCONN;
  12979. if (!rdev->ops->set_rekey_data)
  12980. return -EOPNOTSUPP;
  12981. return rdev_set_rekey_data(rdev, dev, &rekey_data);
  12982. }
  12983. static int nl80211_register_unexpected_frame(struct sk_buff *skb,
  12984. struct genl_info *info)
  12985. {
  12986. struct net_device *dev = info->user_ptr[1];
  12987. struct wireless_dev *wdev = dev->ieee80211_ptr;
  12988. if (wdev->iftype != NL80211_IFTYPE_AP &&
  12989. wdev->iftype != NL80211_IFTYPE_P2P_GO)
  12990. return -EINVAL;
  12991. if (wdev->ap_unexpected_nlportid)
  12992. return -EBUSY;
  12993. wdev->ap_unexpected_nlportid = info->snd_portid;
  12994. return 0;
  12995. }
  12996. static int nl80211_probe_client(struct sk_buff *skb,
  12997. struct genl_info *info)
  12998. {
  12999. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  13000. struct net_device *dev = info->user_ptr[1];
  13001. struct wireless_dev *wdev = dev->ieee80211_ptr;
  13002. struct sk_buff *msg;
  13003. void *hdr;
  13004. const u8 *addr;
  13005. u64 cookie;
  13006. int err;
  13007. if (wdev->iftype != NL80211_IFTYPE_AP &&
  13008. wdev->iftype != NL80211_IFTYPE_P2P_GO)
  13009. return -EOPNOTSUPP;
  13010. if (!info->attrs[NL80211_ATTR_MAC])
  13011. return -EINVAL;
  13012. if (!rdev->ops->probe_client)
  13013. return -EOPNOTSUPP;
  13014. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  13015. if (!msg)
  13016. return -ENOMEM;
  13017. hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
  13018. NL80211_CMD_PROBE_CLIENT);
  13019. if (!hdr) {
  13020. err = -ENOBUFS;
  13021. goto free_msg;
  13022. }
  13023. addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
  13024. err = rdev_probe_client(rdev, dev, addr, &cookie);
  13025. if (err)
  13026. goto free_msg;
  13027. if (nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, cookie,
  13028. NL80211_ATTR_PAD))
  13029. goto nla_put_failure;
  13030. genlmsg_end(msg, hdr);
  13031. return genlmsg_reply(msg, info);
  13032. nla_put_failure:
  13033. err = -ENOBUFS;
  13034. free_msg:
  13035. nlmsg_free(msg);
  13036. return err;
  13037. }
  13038. static int nl80211_register_beacons(struct sk_buff *skb, struct genl_info *info)
  13039. {
  13040. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  13041. struct cfg80211_beacon_registration *reg, *nreg;
  13042. int rv;
  13043. if (!(rdev->wiphy.flags & WIPHY_FLAG_REPORTS_OBSS))
  13044. return -EOPNOTSUPP;
  13045. nreg = kzalloc_obj(*nreg);
  13046. if (!nreg)
  13047. return -ENOMEM;
  13048. /* First, check if already registered. */
  13049. spin_lock_bh(&rdev->beacon_registrations_lock);
  13050. list_for_each_entry(reg, &rdev->beacon_registrations, list) {
  13051. if (reg->nlportid == info->snd_portid) {
  13052. rv = -EALREADY;
  13053. goto out_err;
  13054. }
  13055. }
  13056. /* Add it to the list */
  13057. nreg->nlportid = info->snd_portid;
  13058. list_add(&nreg->list, &rdev->beacon_registrations);
  13059. spin_unlock_bh(&rdev->beacon_registrations_lock);
  13060. return 0;
  13061. out_err:
  13062. spin_unlock_bh(&rdev->beacon_registrations_lock);
  13063. kfree(nreg);
  13064. return rv;
  13065. }
  13066. static int nl80211_start_p2p_device(struct sk_buff *skb, struct genl_info *info)
  13067. {
  13068. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  13069. struct wireless_dev *wdev = info->user_ptr[1];
  13070. int err;
  13071. if (!rdev->ops->start_p2p_device)
  13072. return -EOPNOTSUPP;
  13073. if (wdev->iftype != NL80211_IFTYPE_P2P_DEVICE)
  13074. return -EOPNOTSUPP;
  13075. if (wdev_running(wdev))
  13076. return 0;
  13077. if (rfkill_blocked(rdev->wiphy.rfkill))
  13078. return -ERFKILL;
  13079. err = rdev_start_p2p_device(rdev, wdev);
  13080. if (err)
  13081. return err;
  13082. wdev->is_running = true;
  13083. rdev->opencount++;
  13084. return 0;
  13085. }
  13086. static int nl80211_stop_p2p_device(struct sk_buff *skb, struct genl_info *info)
  13087. {
  13088. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  13089. struct wireless_dev *wdev = info->user_ptr[1];
  13090. if (wdev->iftype != NL80211_IFTYPE_P2P_DEVICE)
  13091. return -EOPNOTSUPP;
  13092. if (!rdev->ops->stop_p2p_device)
  13093. return -EOPNOTSUPP;
  13094. cfg80211_stop_p2p_device(rdev, wdev);
  13095. return 0;
  13096. }
  13097. static struct ieee80211_channel *nl80211_get_nan_channel(struct wiphy *wiphy,
  13098. int freq)
  13099. {
  13100. struct ieee80211_channel *chan;
  13101. struct cfg80211_chan_def def;
  13102. /* Check if the frequency is valid for NAN */
  13103. if (freq != 5220 && freq != 5745 && freq != 2437)
  13104. return NULL;
  13105. chan = ieee80211_get_channel(wiphy, freq);
  13106. if (!chan)
  13107. return NULL;
  13108. cfg80211_chandef_create(&def, chan, NL80211_CHAN_NO_HT);
  13109. /* Check if the channel is allowed */
  13110. if (cfg80211_reg_can_beacon(wiphy, &def, NL80211_IFTYPE_NAN))
  13111. return chan;
  13112. return NULL;
  13113. }
  13114. static int nl80211_parse_nan_band_config(struct wiphy *wiphy,
  13115. struct nlattr **tb,
  13116. struct cfg80211_nan_band_config *cfg,
  13117. enum nl80211_band band)
  13118. {
  13119. if (BIT(band) & ~(u32)wiphy->nan_supported_bands)
  13120. return -EINVAL;
  13121. if (tb[NL80211_NAN_BAND_CONF_FREQ]) {
  13122. u16 freq = nla_get_u16(tb[NL80211_NAN_BAND_CONF_FREQ]);
  13123. if (band != NL80211_BAND_5GHZ)
  13124. return -EINVAL;
  13125. cfg->chan = nl80211_get_nan_channel(wiphy, freq);
  13126. if (!cfg->chan)
  13127. return -EINVAL;
  13128. }
  13129. if (tb[NL80211_NAN_BAND_CONF_RSSI_CLOSE]) {
  13130. cfg->rssi_close =
  13131. nla_get_s8(tb[NL80211_NAN_BAND_CONF_RSSI_CLOSE]);
  13132. if (!tb[NL80211_NAN_BAND_CONF_RSSI_MIDDLE])
  13133. return -EINVAL;
  13134. }
  13135. if (tb[NL80211_NAN_BAND_CONF_RSSI_MIDDLE]) {
  13136. cfg->rssi_middle =
  13137. nla_get_s8(tb[NL80211_NAN_BAND_CONF_RSSI_MIDDLE]);
  13138. if (!cfg->rssi_close || cfg->rssi_middle >= cfg->rssi_close)
  13139. return -EINVAL;
  13140. }
  13141. if (tb[NL80211_NAN_BAND_CONF_WAKE_DW]) {
  13142. cfg->awake_dw_interval =
  13143. nla_get_u8(tb[NL80211_NAN_BAND_CONF_WAKE_DW]);
  13144. if (band == NL80211_BAND_2GHZ && cfg->awake_dw_interval == 0)
  13145. return -EINVAL;
  13146. }
  13147. cfg->disable_scan =
  13148. nla_get_flag(tb[NL80211_NAN_BAND_CONF_DISABLE_SCAN]);
  13149. return 0;
  13150. }
  13151. static int nl80211_parse_nan_conf(struct wiphy *wiphy,
  13152. struct genl_info *info,
  13153. struct cfg80211_nan_conf *conf,
  13154. u32 *changed_flags,
  13155. bool start)
  13156. {
  13157. struct nlattr *attrs[NL80211_NAN_CONF_ATTR_MAX + 1];
  13158. int err, rem;
  13159. u32 changed = 0;
  13160. struct nlattr *band_config;
  13161. if (info->attrs[NL80211_ATTR_NAN_MASTER_PREF]) {
  13162. conf->master_pref =
  13163. nla_get_u8(info->attrs[NL80211_ATTR_NAN_MASTER_PREF]);
  13164. changed |= CFG80211_NAN_CONF_CHANGED_PREF;
  13165. }
  13166. if (info->attrs[NL80211_ATTR_BANDS]) {
  13167. u32 bands = nla_get_u32(info->attrs[NL80211_ATTR_BANDS]);
  13168. if (bands & ~(u32)wiphy->nan_supported_bands)
  13169. return -EOPNOTSUPP;
  13170. if (bands && !(bands & BIT(NL80211_BAND_2GHZ)))
  13171. return -EINVAL;
  13172. conf->bands = bands;
  13173. changed |= CFG80211_NAN_CONF_CHANGED_BANDS;
  13174. }
  13175. conf->band_cfgs[NL80211_BAND_2GHZ].awake_dw_interval = 1;
  13176. if (conf->bands & BIT(NL80211_BAND_5GHZ) || !conf->bands)
  13177. conf->band_cfgs[NL80211_BAND_5GHZ].awake_dw_interval = 1;
  13178. /* On 2.4 GHz band use channel 6 */
  13179. conf->band_cfgs[NL80211_BAND_2GHZ].chan =
  13180. nl80211_get_nan_channel(wiphy, 2437);
  13181. if (!conf->band_cfgs[NL80211_BAND_2GHZ].chan)
  13182. return -EINVAL;
  13183. if (!info->attrs[NL80211_ATTR_NAN_CONFIG])
  13184. goto out;
  13185. err = nla_parse_nested(attrs, NL80211_NAN_CONF_ATTR_MAX,
  13186. info->attrs[NL80211_ATTR_NAN_CONFIG], NULL,
  13187. info->extack);
  13188. if (err)
  13189. return err;
  13190. changed |= CFG80211_NAN_CONF_CHANGED_CONFIG;
  13191. if (attrs[NL80211_NAN_CONF_CLUSTER_ID] && start)
  13192. conf->cluster_id =
  13193. nla_data(attrs[NL80211_NAN_CONF_CLUSTER_ID]);
  13194. if (attrs[NL80211_NAN_CONF_EXTRA_ATTRS]) {
  13195. conf->extra_nan_attrs =
  13196. nla_data(attrs[NL80211_NAN_CONF_EXTRA_ATTRS]);
  13197. conf->extra_nan_attrs_len =
  13198. nla_len(attrs[NL80211_NAN_CONF_EXTRA_ATTRS]);
  13199. }
  13200. if (attrs[NL80211_NAN_CONF_VENDOR_ELEMS]) {
  13201. conf->vendor_elems =
  13202. nla_data(attrs[NL80211_NAN_CONF_VENDOR_ELEMS]);
  13203. conf->vendor_elems_len =
  13204. nla_len(attrs[NL80211_NAN_CONF_VENDOR_ELEMS]);
  13205. }
  13206. if (attrs[NL80211_NAN_CONF_BAND_CONFIGS]) {
  13207. nla_for_each_nested(band_config,
  13208. attrs[NL80211_NAN_CONF_BAND_CONFIGS],
  13209. rem) {
  13210. enum nl80211_band band;
  13211. struct cfg80211_nan_band_config *cfg;
  13212. struct nlattr *tb[NL80211_NAN_BAND_CONF_ATTR_MAX + 1];
  13213. err = nla_parse_nested(tb,
  13214. NL80211_NAN_BAND_CONF_ATTR_MAX,
  13215. band_config, NULL,
  13216. info->extack);
  13217. if (err)
  13218. return err;
  13219. if (!tb[NL80211_NAN_BAND_CONF_BAND])
  13220. return -EINVAL;
  13221. band = nla_get_u8(tb[NL80211_NAN_BAND_CONF_BAND]);
  13222. if (conf->bands && !(conf->bands & BIT(band)))
  13223. return -EINVAL;
  13224. cfg = &conf->band_cfgs[band];
  13225. err = nl80211_parse_nan_band_config(wiphy, tb, cfg,
  13226. band);
  13227. if (err)
  13228. return err;
  13229. }
  13230. }
  13231. if (attrs[NL80211_NAN_CONF_SCAN_PERIOD])
  13232. conf->scan_period =
  13233. nla_get_u16(attrs[NL80211_NAN_CONF_SCAN_PERIOD]);
  13234. if (attrs[NL80211_NAN_CONF_SCAN_DWELL_TIME])
  13235. conf->scan_dwell_time =
  13236. nla_get_u16(attrs[NL80211_NAN_CONF_SCAN_DWELL_TIME]);
  13237. if (attrs[NL80211_NAN_CONF_DISCOVERY_BEACON_INTERVAL])
  13238. conf->discovery_beacon_interval =
  13239. nla_get_u8(attrs[NL80211_NAN_CONF_DISCOVERY_BEACON_INTERVAL]);
  13240. if (attrs[NL80211_NAN_CONF_NOTIFY_DW])
  13241. conf->enable_dw_notification =
  13242. nla_get_flag(attrs[NL80211_NAN_CONF_NOTIFY_DW]);
  13243. out:
  13244. if (!conf->band_cfgs[NL80211_BAND_5GHZ].chan &&
  13245. (!conf->bands || conf->bands & BIT(NL80211_BAND_5GHZ))) {
  13246. /* If no 5GHz channel is specified use default, if possible */
  13247. conf->band_cfgs[NL80211_BAND_5GHZ].chan =
  13248. nl80211_get_nan_channel(wiphy, 5745);
  13249. if (!conf->band_cfgs[NL80211_BAND_5GHZ].chan)
  13250. conf->band_cfgs[NL80211_BAND_5GHZ].chan =
  13251. nl80211_get_nan_channel(wiphy, 5220);
  13252. /* Return error if user space asked explicitly for 5 GHz */
  13253. if (!conf->band_cfgs[NL80211_BAND_5GHZ].chan &&
  13254. conf->bands & BIT(NL80211_BAND_5GHZ)) {
  13255. NL_SET_ERR_MSG_ATTR(info->extack,
  13256. info->attrs[NL80211_ATTR_BANDS],
  13257. "5 GHz band operation is not allowed");
  13258. return -EINVAL;
  13259. }
  13260. }
  13261. if (changed_flags)
  13262. *changed_flags = changed;
  13263. return 0;
  13264. }
  13265. static int nl80211_start_nan(struct sk_buff *skb, struct genl_info *info)
  13266. {
  13267. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  13268. struct wireless_dev *wdev = info->user_ptr[1];
  13269. struct cfg80211_nan_conf conf = {};
  13270. int err;
  13271. if (wdev->iftype != NL80211_IFTYPE_NAN)
  13272. return -EOPNOTSUPP;
  13273. if (wdev_running(wdev))
  13274. return -EEXIST;
  13275. if (rfkill_blocked(rdev->wiphy.rfkill))
  13276. return -ERFKILL;
  13277. /* Master preference is mandatory for START_NAN */
  13278. if (!info->attrs[NL80211_ATTR_NAN_MASTER_PREF])
  13279. return -EINVAL;
  13280. err = nl80211_parse_nan_conf(&rdev->wiphy, info, &conf, NULL, true);
  13281. if (err)
  13282. return err;
  13283. err = rdev_start_nan(rdev, wdev, &conf);
  13284. if (err)
  13285. return err;
  13286. wdev->is_running = true;
  13287. rdev->opencount++;
  13288. return 0;
  13289. }
  13290. static int nl80211_stop_nan(struct sk_buff *skb, struct genl_info *info)
  13291. {
  13292. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  13293. struct wireless_dev *wdev = info->user_ptr[1];
  13294. if (wdev->iftype != NL80211_IFTYPE_NAN)
  13295. return -EOPNOTSUPP;
  13296. cfg80211_stop_nan(rdev, wdev);
  13297. return 0;
  13298. }
  13299. static int validate_nan_filter(struct nlattr *filter_attr)
  13300. {
  13301. struct nlattr *attr;
  13302. int len = 0, n_entries = 0, rem;
  13303. nla_for_each_nested(attr, filter_attr, rem) {
  13304. len += nla_len(attr);
  13305. n_entries++;
  13306. }
  13307. if (len >= U8_MAX)
  13308. return -EINVAL;
  13309. return n_entries;
  13310. }
  13311. static int handle_nan_filter(struct nlattr *attr_filter,
  13312. struct cfg80211_nan_func *func,
  13313. bool tx)
  13314. {
  13315. struct nlattr *attr;
  13316. int n_entries, rem, i;
  13317. struct cfg80211_nan_func_filter *filter;
  13318. n_entries = validate_nan_filter(attr_filter);
  13319. if (n_entries < 0)
  13320. return n_entries;
  13321. BUILD_BUG_ON(sizeof(*func->rx_filters) != sizeof(*func->tx_filters));
  13322. filter = kzalloc_objs(*func->rx_filters, n_entries);
  13323. if (!filter)
  13324. return -ENOMEM;
  13325. i = 0;
  13326. nla_for_each_nested(attr, attr_filter, rem) {
  13327. filter[i].filter = nla_memdup(attr, GFP_KERNEL);
  13328. if (!filter[i].filter)
  13329. goto err;
  13330. filter[i].len = nla_len(attr);
  13331. i++;
  13332. }
  13333. if (tx) {
  13334. func->num_tx_filters = n_entries;
  13335. func->tx_filters = filter;
  13336. } else {
  13337. func->num_rx_filters = n_entries;
  13338. func->rx_filters = filter;
  13339. }
  13340. return 0;
  13341. err:
  13342. i = 0;
  13343. nla_for_each_nested(attr, attr_filter, rem) {
  13344. kfree(filter[i].filter);
  13345. i++;
  13346. }
  13347. kfree(filter);
  13348. return -ENOMEM;
  13349. }
  13350. static int nl80211_nan_add_func(struct sk_buff *skb,
  13351. struct genl_info *info)
  13352. {
  13353. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  13354. struct wireless_dev *wdev = info->user_ptr[1];
  13355. struct nlattr *tb[NUM_NL80211_NAN_FUNC_ATTR], *func_attr;
  13356. struct cfg80211_nan_func *func;
  13357. struct sk_buff *msg = NULL;
  13358. void *hdr = NULL;
  13359. int err = 0;
  13360. if (wdev->iftype != NL80211_IFTYPE_NAN)
  13361. return -EOPNOTSUPP;
  13362. if (!wdev_running(wdev))
  13363. return -ENOTCONN;
  13364. if (!info->attrs[NL80211_ATTR_NAN_FUNC])
  13365. return -EINVAL;
  13366. err = nla_parse_nested_deprecated(tb, NL80211_NAN_FUNC_ATTR_MAX,
  13367. info->attrs[NL80211_ATTR_NAN_FUNC],
  13368. nl80211_nan_func_policy,
  13369. info->extack);
  13370. if (err)
  13371. return err;
  13372. func = kzalloc_obj(*func);
  13373. if (!func)
  13374. return -ENOMEM;
  13375. func->cookie = cfg80211_assign_cookie(rdev);
  13376. if (!tb[NL80211_NAN_FUNC_TYPE]) {
  13377. err = -EINVAL;
  13378. goto out;
  13379. }
  13380. func->type = nla_get_u8(tb[NL80211_NAN_FUNC_TYPE]);
  13381. if (!tb[NL80211_NAN_FUNC_SERVICE_ID]) {
  13382. err = -EINVAL;
  13383. goto out;
  13384. }
  13385. memcpy(func->service_id, nla_data(tb[NL80211_NAN_FUNC_SERVICE_ID]),
  13386. sizeof(func->service_id));
  13387. func->close_range =
  13388. nla_get_flag(tb[NL80211_NAN_FUNC_CLOSE_RANGE]);
  13389. if (tb[NL80211_NAN_FUNC_SERVICE_INFO]) {
  13390. func->serv_spec_info_len =
  13391. nla_len(tb[NL80211_NAN_FUNC_SERVICE_INFO]);
  13392. func->serv_spec_info =
  13393. kmemdup(nla_data(tb[NL80211_NAN_FUNC_SERVICE_INFO]),
  13394. func->serv_spec_info_len,
  13395. GFP_KERNEL);
  13396. if (!func->serv_spec_info) {
  13397. err = -ENOMEM;
  13398. goto out;
  13399. }
  13400. }
  13401. if (tb[NL80211_NAN_FUNC_TTL])
  13402. func->ttl = nla_get_u32(tb[NL80211_NAN_FUNC_TTL]);
  13403. switch (func->type) {
  13404. case NL80211_NAN_FUNC_PUBLISH:
  13405. if (!tb[NL80211_NAN_FUNC_PUBLISH_TYPE]) {
  13406. err = -EINVAL;
  13407. goto out;
  13408. }
  13409. func->publish_type =
  13410. nla_get_u8(tb[NL80211_NAN_FUNC_PUBLISH_TYPE]);
  13411. func->publish_bcast =
  13412. nla_get_flag(tb[NL80211_NAN_FUNC_PUBLISH_BCAST]);
  13413. if ((!(func->publish_type & NL80211_NAN_SOLICITED_PUBLISH)) &&
  13414. func->publish_bcast) {
  13415. err = -EINVAL;
  13416. goto out;
  13417. }
  13418. break;
  13419. case NL80211_NAN_FUNC_SUBSCRIBE:
  13420. func->subscribe_active =
  13421. nla_get_flag(tb[NL80211_NAN_FUNC_SUBSCRIBE_ACTIVE]);
  13422. break;
  13423. case NL80211_NAN_FUNC_FOLLOW_UP:
  13424. if (!tb[NL80211_NAN_FUNC_FOLLOW_UP_ID] ||
  13425. !tb[NL80211_NAN_FUNC_FOLLOW_UP_REQ_ID] ||
  13426. !tb[NL80211_NAN_FUNC_FOLLOW_UP_DEST]) {
  13427. err = -EINVAL;
  13428. goto out;
  13429. }
  13430. func->followup_id =
  13431. nla_get_u8(tb[NL80211_NAN_FUNC_FOLLOW_UP_ID]);
  13432. func->followup_reqid =
  13433. nla_get_u8(tb[NL80211_NAN_FUNC_FOLLOW_UP_REQ_ID]);
  13434. memcpy(func->followup_dest.addr,
  13435. nla_data(tb[NL80211_NAN_FUNC_FOLLOW_UP_DEST]),
  13436. sizeof(func->followup_dest.addr));
  13437. if (func->ttl) {
  13438. err = -EINVAL;
  13439. goto out;
  13440. }
  13441. break;
  13442. default:
  13443. err = -EINVAL;
  13444. goto out;
  13445. }
  13446. if (tb[NL80211_NAN_FUNC_SRF]) {
  13447. struct nlattr *srf_tb[NUM_NL80211_NAN_SRF_ATTR];
  13448. err = nla_parse_nested_deprecated(srf_tb,
  13449. NL80211_NAN_SRF_ATTR_MAX,
  13450. tb[NL80211_NAN_FUNC_SRF],
  13451. nl80211_nan_srf_policy,
  13452. info->extack);
  13453. if (err)
  13454. goto out;
  13455. func->srf_include =
  13456. nla_get_flag(srf_tb[NL80211_NAN_SRF_INCLUDE]);
  13457. if (srf_tb[NL80211_NAN_SRF_BF]) {
  13458. if (srf_tb[NL80211_NAN_SRF_MAC_ADDRS] ||
  13459. !srf_tb[NL80211_NAN_SRF_BF_IDX]) {
  13460. err = -EINVAL;
  13461. goto out;
  13462. }
  13463. func->srf_bf_len =
  13464. nla_len(srf_tb[NL80211_NAN_SRF_BF]);
  13465. func->srf_bf =
  13466. kmemdup(nla_data(srf_tb[NL80211_NAN_SRF_BF]),
  13467. func->srf_bf_len, GFP_KERNEL);
  13468. if (!func->srf_bf) {
  13469. err = -ENOMEM;
  13470. goto out;
  13471. }
  13472. func->srf_bf_idx =
  13473. nla_get_u8(srf_tb[NL80211_NAN_SRF_BF_IDX]);
  13474. } else {
  13475. struct nlattr *attr, *mac_attr =
  13476. srf_tb[NL80211_NAN_SRF_MAC_ADDRS];
  13477. int n_entries, rem, i = 0;
  13478. if (!mac_attr) {
  13479. err = -EINVAL;
  13480. goto out;
  13481. }
  13482. n_entries = validate_acl_mac_addrs(mac_attr);
  13483. if (n_entries <= 0) {
  13484. err = -EINVAL;
  13485. goto out;
  13486. }
  13487. func->srf_num_macs = n_entries;
  13488. func->srf_macs =
  13489. kzalloc_objs(*func->srf_macs, n_entries);
  13490. if (!func->srf_macs) {
  13491. err = -ENOMEM;
  13492. goto out;
  13493. }
  13494. nla_for_each_nested(attr, mac_attr, rem)
  13495. memcpy(func->srf_macs[i++].addr, nla_data(attr),
  13496. sizeof(*func->srf_macs));
  13497. }
  13498. }
  13499. if (tb[NL80211_NAN_FUNC_TX_MATCH_FILTER]) {
  13500. err = handle_nan_filter(tb[NL80211_NAN_FUNC_TX_MATCH_FILTER],
  13501. func, true);
  13502. if (err)
  13503. goto out;
  13504. }
  13505. if (tb[NL80211_NAN_FUNC_RX_MATCH_FILTER]) {
  13506. err = handle_nan_filter(tb[NL80211_NAN_FUNC_RX_MATCH_FILTER],
  13507. func, false);
  13508. if (err)
  13509. goto out;
  13510. }
  13511. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  13512. if (!msg) {
  13513. err = -ENOMEM;
  13514. goto out;
  13515. }
  13516. hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
  13517. NL80211_CMD_ADD_NAN_FUNCTION);
  13518. /* This can't really happen - we just allocated 4KB */
  13519. if (WARN_ON(!hdr)) {
  13520. err = -ENOMEM;
  13521. goto out;
  13522. }
  13523. err = rdev_add_nan_func(rdev, wdev, func);
  13524. out:
  13525. if (err < 0) {
  13526. cfg80211_free_nan_func(func);
  13527. nlmsg_free(msg);
  13528. return err;
  13529. }
  13530. /* propagate the instance id and cookie to userspace */
  13531. if (nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, func->cookie,
  13532. NL80211_ATTR_PAD))
  13533. goto nla_put_failure;
  13534. func_attr = nla_nest_start_noflag(msg, NL80211_ATTR_NAN_FUNC);
  13535. if (!func_attr)
  13536. goto nla_put_failure;
  13537. if (nla_put_u8(msg, NL80211_NAN_FUNC_INSTANCE_ID,
  13538. func->instance_id))
  13539. goto nla_put_failure;
  13540. nla_nest_end(msg, func_attr);
  13541. genlmsg_end(msg, hdr);
  13542. return genlmsg_reply(msg, info);
  13543. nla_put_failure:
  13544. nlmsg_free(msg);
  13545. return -ENOBUFS;
  13546. }
  13547. static int nl80211_nan_del_func(struct sk_buff *skb,
  13548. struct genl_info *info)
  13549. {
  13550. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  13551. struct wireless_dev *wdev = info->user_ptr[1];
  13552. u64 cookie;
  13553. if (wdev->iftype != NL80211_IFTYPE_NAN)
  13554. return -EOPNOTSUPP;
  13555. if (!wdev_running(wdev))
  13556. return -ENOTCONN;
  13557. if (!info->attrs[NL80211_ATTR_COOKIE])
  13558. return -EINVAL;
  13559. cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]);
  13560. rdev_del_nan_func(rdev, wdev, cookie);
  13561. return 0;
  13562. }
  13563. static int nl80211_nan_change_config(struct sk_buff *skb,
  13564. struct genl_info *info)
  13565. {
  13566. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  13567. struct wireless_dev *wdev = info->user_ptr[1];
  13568. struct cfg80211_nan_conf conf = {};
  13569. u32 changed = 0;
  13570. int err;
  13571. if (wdev->iftype != NL80211_IFTYPE_NAN)
  13572. return -EOPNOTSUPP;
  13573. if (!wdev_running(wdev))
  13574. return -ENOTCONN;
  13575. err = nl80211_parse_nan_conf(&rdev->wiphy, info, &conf, &changed, false);
  13576. if (err)
  13577. return err;
  13578. if (!changed)
  13579. return -EINVAL;
  13580. return rdev_nan_change_conf(rdev, wdev, &conf, changed);
  13581. }
  13582. void cfg80211_nan_match(struct wireless_dev *wdev,
  13583. struct cfg80211_nan_match_params *match, gfp_t gfp)
  13584. {
  13585. struct wiphy *wiphy = wdev->wiphy;
  13586. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  13587. struct nlattr *match_attr, *local_func_attr, *peer_func_attr;
  13588. struct sk_buff *msg;
  13589. void *hdr;
  13590. if (WARN_ON(wiphy->nan_capa.flags & WIPHY_NAN_FLAGS_USERSPACE_DE))
  13591. return;
  13592. if (WARN_ON(!match->inst_id || !match->peer_inst_id || !match->addr))
  13593. return;
  13594. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
  13595. if (!msg)
  13596. return;
  13597. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NAN_MATCH);
  13598. if (!hdr) {
  13599. nlmsg_free(msg);
  13600. return;
  13601. }
  13602. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  13603. (wdev->netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
  13604. wdev->netdev->ifindex)) ||
  13605. nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
  13606. NL80211_ATTR_PAD))
  13607. goto nla_put_failure;
  13608. if (nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, match->cookie,
  13609. NL80211_ATTR_PAD) ||
  13610. nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, match->addr))
  13611. goto nla_put_failure;
  13612. match_attr = nla_nest_start_noflag(msg, NL80211_ATTR_NAN_MATCH);
  13613. if (!match_attr)
  13614. goto nla_put_failure;
  13615. local_func_attr = nla_nest_start_noflag(msg,
  13616. NL80211_NAN_MATCH_FUNC_LOCAL);
  13617. if (!local_func_attr)
  13618. goto nla_put_failure;
  13619. if (nla_put_u8(msg, NL80211_NAN_FUNC_INSTANCE_ID, match->inst_id))
  13620. goto nla_put_failure;
  13621. nla_nest_end(msg, local_func_attr);
  13622. peer_func_attr = nla_nest_start_noflag(msg,
  13623. NL80211_NAN_MATCH_FUNC_PEER);
  13624. if (!peer_func_attr)
  13625. goto nla_put_failure;
  13626. if (nla_put_u8(msg, NL80211_NAN_FUNC_TYPE, match->type) ||
  13627. nla_put_u8(msg, NL80211_NAN_FUNC_INSTANCE_ID, match->peer_inst_id))
  13628. goto nla_put_failure;
  13629. if (match->info && match->info_len &&
  13630. nla_put(msg, NL80211_NAN_FUNC_SERVICE_INFO, match->info_len,
  13631. match->info))
  13632. goto nla_put_failure;
  13633. nla_nest_end(msg, peer_func_attr);
  13634. nla_nest_end(msg, match_attr);
  13635. genlmsg_end(msg, hdr);
  13636. if (!wdev->owner_nlportid)
  13637. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy),
  13638. msg, 0, NL80211_MCGRP_NAN, gfp);
  13639. else
  13640. genlmsg_unicast(wiphy_net(&rdev->wiphy), msg,
  13641. wdev->owner_nlportid);
  13642. return;
  13643. nla_put_failure:
  13644. nlmsg_free(msg);
  13645. }
  13646. EXPORT_SYMBOL(cfg80211_nan_match);
  13647. void cfg80211_nan_func_terminated(struct wireless_dev *wdev,
  13648. u8 inst_id,
  13649. enum nl80211_nan_func_term_reason reason,
  13650. u64 cookie, gfp_t gfp)
  13651. {
  13652. struct wiphy *wiphy = wdev->wiphy;
  13653. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  13654. struct sk_buff *msg;
  13655. struct nlattr *func_attr;
  13656. void *hdr;
  13657. if (WARN_ON(wiphy->nan_capa.flags & WIPHY_NAN_FLAGS_USERSPACE_DE))
  13658. return;
  13659. if (WARN_ON(!inst_id))
  13660. return;
  13661. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
  13662. if (!msg)
  13663. return;
  13664. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DEL_NAN_FUNCTION);
  13665. if (!hdr) {
  13666. nlmsg_free(msg);
  13667. return;
  13668. }
  13669. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  13670. (wdev->netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
  13671. wdev->netdev->ifindex)) ||
  13672. nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
  13673. NL80211_ATTR_PAD))
  13674. goto nla_put_failure;
  13675. if (nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, cookie,
  13676. NL80211_ATTR_PAD))
  13677. goto nla_put_failure;
  13678. func_attr = nla_nest_start_noflag(msg, NL80211_ATTR_NAN_FUNC);
  13679. if (!func_attr)
  13680. goto nla_put_failure;
  13681. if (nla_put_u8(msg, NL80211_NAN_FUNC_INSTANCE_ID, inst_id) ||
  13682. nla_put_u8(msg, NL80211_NAN_FUNC_TERM_REASON, reason))
  13683. goto nla_put_failure;
  13684. nla_nest_end(msg, func_attr);
  13685. genlmsg_end(msg, hdr);
  13686. if (!wdev->owner_nlportid)
  13687. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy),
  13688. msg, 0, NL80211_MCGRP_NAN, gfp);
  13689. else
  13690. genlmsg_unicast(wiphy_net(&rdev->wiphy), msg,
  13691. wdev->owner_nlportid);
  13692. return;
  13693. nla_put_failure:
  13694. nlmsg_free(msg);
  13695. }
  13696. EXPORT_SYMBOL(cfg80211_nan_func_terminated);
  13697. static int nl80211_get_protocol_features(struct sk_buff *skb,
  13698. struct genl_info *info)
  13699. {
  13700. void *hdr;
  13701. struct sk_buff *msg;
  13702. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  13703. if (!msg)
  13704. return -ENOMEM;
  13705. hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
  13706. NL80211_CMD_GET_PROTOCOL_FEATURES);
  13707. if (!hdr)
  13708. goto nla_put_failure;
  13709. if (nla_put_u32(msg, NL80211_ATTR_PROTOCOL_FEATURES,
  13710. NL80211_PROTOCOL_FEATURE_SPLIT_WIPHY_DUMP))
  13711. goto nla_put_failure;
  13712. genlmsg_end(msg, hdr);
  13713. return genlmsg_reply(msg, info);
  13714. nla_put_failure:
  13715. kfree_skb(msg);
  13716. return -ENOBUFS;
  13717. }
  13718. static int nl80211_update_ft_ies(struct sk_buff *skb, struct genl_info *info)
  13719. {
  13720. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  13721. struct cfg80211_update_ft_ies_params ft_params;
  13722. struct net_device *dev = info->user_ptr[1];
  13723. if (!rdev->ops->update_ft_ies)
  13724. return -EOPNOTSUPP;
  13725. if (!info->attrs[NL80211_ATTR_MDID] ||
  13726. !info->attrs[NL80211_ATTR_IE])
  13727. return -EINVAL;
  13728. memset(&ft_params, 0, sizeof(ft_params));
  13729. ft_params.md = nla_get_u16(info->attrs[NL80211_ATTR_MDID]);
  13730. ft_params.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
  13731. ft_params.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
  13732. return rdev_update_ft_ies(rdev, dev, &ft_params);
  13733. }
  13734. static int nl80211_crit_protocol_start(struct sk_buff *skb,
  13735. struct genl_info *info)
  13736. {
  13737. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  13738. struct wireless_dev *wdev = info->user_ptr[1];
  13739. enum nl80211_crit_proto_id proto = NL80211_CRIT_PROTO_UNSPEC;
  13740. u16 duration;
  13741. int ret;
  13742. if (!rdev->ops->crit_proto_start)
  13743. return -EOPNOTSUPP;
  13744. if (WARN_ON(!rdev->ops->crit_proto_stop))
  13745. return -EINVAL;
  13746. if (rdev->crit_proto_nlportid)
  13747. return -EBUSY;
  13748. /* determine protocol if provided */
  13749. if (info->attrs[NL80211_ATTR_CRIT_PROT_ID])
  13750. proto = nla_get_u16(info->attrs[NL80211_ATTR_CRIT_PROT_ID]);
  13751. if (proto >= NUM_NL80211_CRIT_PROTO)
  13752. return -EINVAL;
  13753. /* timeout must be provided */
  13754. if (!info->attrs[NL80211_ATTR_MAX_CRIT_PROT_DURATION])
  13755. return -EINVAL;
  13756. duration =
  13757. nla_get_u16(info->attrs[NL80211_ATTR_MAX_CRIT_PROT_DURATION]);
  13758. ret = rdev_crit_proto_start(rdev, wdev, proto, duration);
  13759. if (!ret)
  13760. rdev->crit_proto_nlportid = info->snd_portid;
  13761. return ret;
  13762. }
  13763. static int nl80211_crit_protocol_stop(struct sk_buff *skb,
  13764. struct genl_info *info)
  13765. {
  13766. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  13767. struct wireless_dev *wdev = info->user_ptr[1];
  13768. if (!rdev->ops->crit_proto_stop)
  13769. return -EOPNOTSUPP;
  13770. if (rdev->crit_proto_nlportid) {
  13771. rdev->crit_proto_nlportid = 0;
  13772. rdev_crit_proto_stop(rdev, wdev);
  13773. }
  13774. return 0;
  13775. }
  13776. static int nl80211_vendor_check_policy(const struct wiphy_vendor_command *vcmd,
  13777. struct nlattr *attr,
  13778. struct netlink_ext_ack *extack)
  13779. {
  13780. if (vcmd->policy == VENDOR_CMD_RAW_DATA) {
  13781. if (attr->nla_type & NLA_F_NESTED) {
  13782. NL_SET_ERR_MSG_ATTR(extack, attr,
  13783. "unexpected nested data");
  13784. return -EINVAL;
  13785. }
  13786. return 0;
  13787. }
  13788. if (!(attr->nla_type & NLA_F_NESTED)) {
  13789. NL_SET_ERR_MSG_ATTR(extack, attr, "expected nested data");
  13790. return -EINVAL;
  13791. }
  13792. return nla_validate_nested(attr, vcmd->maxattr, vcmd->policy, extack);
  13793. }
  13794. static int nl80211_vendor_cmd(struct sk_buff *skb, struct genl_info *info)
  13795. {
  13796. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  13797. struct wireless_dev *wdev =
  13798. __cfg80211_wdev_from_attrs(rdev, genl_info_net(info),
  13799. info->attrs);
  13800. int i, err;
  13801. u32 vid, subcmd;
  13802. if (!rdev->wiphy.vendor_commands)
  13803. return -EOPNOTSUPP;
  13804. if (IS_ERR(wdev)) {
  13805. err = PTR_ERR(wdev);
  13806. if (err != -EINVAL)
  13807. return err;
  13808. wdev = NULL;
  13809. } else if (wdev->wiphy != &rdev->wiphy) {
  13810. return -EINVAL;
  13811. }
  13812. if (!info->attrs[NL80211_ATTR_VENDOR_ID] ||
  13813. !info->attrs[NL80211_ATTR_VENDOR_SUBCMD])
  13814. return -EINVAL;
  13815. vid = nla_get_u32(info->attrs[NL80211_ATTR_VENDOR_ID]);
  13816. subcmd = nla_get_u32(info->attrs[NL80211_ATTR_VENDOR_SUBCMD]);
  13817. for (i = 0; i < rdev->wiphy.n_vendor_commands; i++) {
  13818. const struct wiphy_vendor_command *vcmd;
  13819. void *data = NULL;
  13820. int len = 0;
  13821. vcmd = &rdev->wiphy.vendor_commands[i];
  13822. if (vcmd->info.vendor_id != vid || vcmd->info.subcmd != subcmd)
  13823. continue;
  13824. if (vcmd->flags & (WIPHY_VENDOR_CMD_NEED_WDEV |
  13825. WIPHY_VENDOR_CMD_NEED_NETDEV)) {
  13826. if (!wdev)
  13827. return -EINVAL;
  13828. if (vcmd->flags & WIPHY_VENDOR_CMD_NEED_NETDEV &&
  13829. !wdev->netdev)
  13830. return -EINVAL;
  13831. if (vcmd->flags & WIPHY_VENDOR_CMD_NEED_RUNNING) {
  13832. if (!wdev_running(wdev))
  13833. return -ENETDOWN;
  13834. }
  13835. } else {
  13836. wdev = NULL;
  13837. }
  13838. if (!vcmd->doit)
  13839. return -EOPNOTSUPP;
  13840. if (info->attrs[NL80211_ATTR_VENDOR_DATA]) {
  13841. data = nla_data(info->attrs[NL80211_ATTR_VENDOR_DATA]);
  13842. len = nla_len(info->attrs[NL80211_ATTR_VENDOR_DATA]);
  13843. err = nl80211_vendor_check_policy(vcmd,
  13844. info->attrs[NL80211_ATTR_VENDOR_DATA],
  13845. info->extack);
  13846. if (err)
  13847. return err;
  13848. }
  13849. rdev->cur_cmd_info = info;
  13850. err = vcmd->doit(&rdev->wiphy, wdev, data, len);
  13851. rdev->cur_cmd_info = NULL;
  13852. return err;
  13853. }
  13854. return -EOPNOTSUPP;
  13855. }
  13856. static int nl80211_prepare_vendor_dump(struct sk_buff *skb,
  13857. struct netlink_callback *cb,
  13858. struct cfg80211_registered_device **rdev,
  13859. struct wireless_dev **wdev)
  13860. {
  13861. struct nlattr **attrbuf;
  13862. u32 vid, subcmd;
  13863. unsigned int i;
  13864. int vcmd_idx = -1;
  13865. int err;
  13866. void *data = NULL;
  13867. unsigned int data_len = 0;
  13868. if (cb->args[0]) {
  13869. /* subtract the 1 again here */
  13870. struct wiphy *wiphy = wiphy_idx_to_wiphy(cb->args[0] - 1);
  13871. struct wireless_dev *tmp;
  13872. if (!wiphy)
  13873. return -ENODEV;
  13874. *rdev = wiphy_to_rdev(wiphy);
  13875. *wdev = NULL;
  13876. if (cb->args[1]) {
  13877. list_for_each_entry(tmp, &wiphy->wdev_list, list) {
  13878. if (tmp->identifier == cb->args[1] - 1) {
  13879. *wdev = tmp;
  13880. break;
  13881. }
  13882. }
  13883. }
  13884. /* keep rtnl locked in successful case */
  13885. return 0;
  13886. }
  13887. attrbuf = kzalloc_objs(*attrbuf, NUM_NL80211_ATTR);
  13888. if (!attrbuf)
  13889. return -ENOMEM;
  13890. err = nlmsg_parse_deprecated(cb->nlh,
  13891. GENL_HDRLEN + nl80211_fam.hdrsize,
  13892. attrbuf, nl80211_fam.maxattr,
  13893. nl80211_policy, NULL);
  13894. if (err)
  13895. goto out;
  13896. if (!attrbuf[NL80211_ATTR_VENDOR_ID] ||
  13897. !attrbuf[NL80211_ATTR_VENDOR_SUBCMD]) {
  13898. err = -EINVAL;
  13899. goto out;
  13900. }
  13901. *wdev = __cfg80211_wdev_from_attrs(NULL, sock_net(skb->sk), attrbuf);
  13902. if (IS_ERR(*wdev))
  13903. *wdev = NULL;
  13904. *rdev = __cfg80211_rdev_from_attrs(sock_net(skb->sk), attrbuf);
  13905. if (IS_ERR(*rdev)) {
  13906. err = PTR_ERR(*rdev);
  13907. goto out;
  13908. }
  13909. vid = nla_get_u32(attrbuf[NL80211_ATTR_VENDOR_ID]);
  13910. subcmd = nla_get_u32(attrbuf[NL80211_ATTR_VENDOR_SUBCMD]);
  13911. for (i = 0; i < (*rdev)->wiphy.n_vendor_commands; i++) {
  13912. const struct wiphy_vendor_command *vcmd;
  13913. vcmd = &(*rdev)->wiphy.vendor_commands[i];
  13914. if (vcmd->info.vendor_id != vid || vcmd->info.subcmd != subcmd)
  13915. continue;
  13916. if (!vcmd->dumpit) {
  13917. err = -EOPNOTSUPP;
  13918. goto out;
  13919. }
  13920. vcmd_idx = i;
  13921. break;
  13922. }
  13923. if (vcmd_idx < 0) {
  13924. err = -EOPNOTSUPP;
  13925. goto out;
  13926. }
  13927. if (attrbuf[NL80211_ATTR_VENDOR_DATA]) {
  13928. data = nla_data(attrbuf[NL80211_ATTR_VENDOR_DATA]);
  13929. data_len = nla_len(attrbuf[NL80211_ATTR_VENDOR_DATA]);
  13930. err = nl80211_vendor_check_policy(
  13931. &(*rdev)->wiphy.vendor_commands[vcmd_idx],
  13932. attrbuf[NL80211_ATTR_VENDOR_DATA],
  13933. cb->extack);
  13934. if (err)
  13935. goto out;
  13936. }
  13937. /* 0 is the first index - add 1 to parse only once */
  13938. cb->args[0] = (*rdev)->wiphy_idx + 1;
  13939. /* add 1 to know if it was NULL */
  13940. cb->args[1] = *wdev ? (*wdev)->identifier + 1 : 0;
  13941. cb->args[2] = vcmd_idx;
  13942. cb->args[3] = (unsigned long)data;
  13943. cb->args[4] = data_len;
  13944. /* keep rtnl locked in successful case */
  13945. err = 0;
  13946. out:
  13947. kfree(attrbuf);
  13948. return err;
  13949. }
  13950. static int nl80211_vendor_cmd_dump(struct sk_buff *skb,
  13951. struct netlink_callback *cb)
  13952. {
  13953. struct cfg80211_registered_device *rdev;
  13954. struct wireless_dev *wdev;
  13955. unsigned int vcmd_idx;
  13956. const struct wiphy_vendor_command *vcmd;
  13957. void *data;
  13958. int data_len;
  13959. int err;
  13960. struct nlattr *vendor_data;
  13961. rtnl_lock();
  13962. err = nl80211_prepare_vendor_dump(skb, cb, &rdev, &wdev);
  13963. if (err)
  13964. goto out;
  13965. vcmd_idx = cb->args[2];
  13966. data = (void *)cb->args[3];
  13967. data_len = cb->args[4];
  13968. vcmd = &rdev->wiphy.vendor_commands[vcmd_idx];
  13969. if (vcmd->flags & (WIPHY_VENDOR_CMD_NEED_WDEV |
  13970. WIPHY_VENDOR_CMD_NEED_NETDEV)) {
  13971. if (!wdev) {
  13972. err = -EINVAL;
  13973. goto out;
  13974. }
  13975. if (vcmd->flags & WIPHY_VENDOR_CMD_NEED_NETDEV &&
  13976. !wdev->netdev) {
  13977. err = -EINVAL;
  13978. goto out;
  13979. }
  13980. if (vcmd->flags & WIPHY_VENDOR_CMD_NEED_RUNNING) {
  13981. if (!wdev_running(wdev)) {
  13982. err = -ENETDOWN;
  13983. goto out;
  13984. }
  13985. }
  13986. }
  13987. while (1) {
  13988. void *hdr = nl80211hdr_put(skb, NETLINK_CB(cb->skb).portid,
  13989. cb->nlh->nlmsg_seq, NLM_F_MULTI,
  13990. NL80211_CMD_VENDOR);
  13991. if (!hdr)
  13992. break;
  13993. if (nla_put_u32(skb, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  13994. (wdev && nla_put_u64_64bit(skb, NL80211_ATTR_WDEV,
  13995. wdev_id(wdev),
  13996. NL80211_ATTR_PAD))) {
  13997. genlmsg_cancel(skb, hdr);
  13998. break;
  13999. }
  14000. vendor_data = nla_nest_start_noflag(skb,
  14001. NL80211_ATTR_VENDOR_DATA);
  14002. if (!vendor_data) {
  14003. genlmsg_cancel(skb, hdr);
  14004. break;
  14005. }
  14006. err = vcmd->dumpit(&rdev->wiphy, wdev, skb, data, data_len,
  14007. (unsigned long *)&cb->args[5]);
  14008. nla_nest_end(skb, vendor_data);
  14009. if (err == -ENOBUFS || err == -ENOENT) {
  14010. genlmsg_cancel(skb, hdr);
  14011. break;
  14012. } else if (err <= 0) {
  14013. genlmsg_cancel(skb, hdr);
  14014. goto out;
  14015. }
  14016. genlmsg_end(skb, hdr);
  14017. }
  14018. err = skb->len;
  14019. out:
  14020. rtnl_unlock();
  14021. return err;
  14022. }
  14023. struct sk_buff *__cfg80211_alloc_reply_skb(struct wiphy *wiphy,
  14024. enum nl80211_commands cmd,
  14025. enum nl80211_attrs attr,
  14026. int approxlen)
  14027. {
  14028. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  14029. if (WARN_ON(!rdev->cur_cmd_info))
  14030. return NULL;
  14031. return __cfg80211_alloc_vendor_skb(rdev, NULL, approxlen,
  14032. rdev->cur_cmd_info->snd_portid,
  14033. rdev->cur_cmd_info->snd_seq,
  14034. cmd, attr, NULL, GFP_KERNEL);
  14035. }
  14036. EXPORT_SYMBOL(__cfg80211_alloc_reply_skb);
  14037. int cfg80211_vendor_cmd_reply(struct sk_buff *skb)
  14038. {
  14039. struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0];
  14040. void *hdr = ((void **)skb->cb)[1];
  14041. struct nlattr *data = ((void **)skb->cb)[2];
  14042. /* clear CB data for netlink core to own from now on */
  14043. memset(skb->cb, 0, sizeof(skb->cb));
  14044. if (WARN_ON(!rdev->cur_cmd_info)) {
  14045. kfree_skb(skb);
  14046. return -EINVAL;
  14047. }
  14048. nla_nest_end(skb, data);
  14049. genlmsg_end(skb, hdr);
  14050. return genlmsg_reply(skb, rdev->cur_cmd_info);
  14051. }
  14052. EXPORT_SYMBOL_GPL(cfg80211_vendor_cmd_reply);
  14053. unsigned int cfg80211_vendor_cmd_get_sender(struct wiphy *wiphy)
  14054. {
  14055. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  14056. if (WARN_ON(!rdev->cur_cmd_info))
  14057. return 0;
  14058. return rdev->cur_cmd_info->snd_portid;
  14059. }
  14060. EXPORT_SYMBOL_GPL(cfg80211_vendor_cmd_get_sender);
  14061. static int nl80211_set_qos_map(struct sk_buff *skb,
  14062. struct genl_info *info)
  14063. {
  14064. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  14065. struct cfg80211_qos_map *qos_map = NULL;
  14066. struct net_device *dev = info->user_ptr[1];
  14067. u8 *pos, len, num_des, des_len, des;
  14068. int ret;
  14069. if (!rdev->ops->set_qos_map)
  14070. return -EOPNOTSUPP;
  14071. if (info->attrs[NL80211_ATTR_QOS_MAP]) {
  14072. pos = nla_data(info->attrs[NL80211_ATTR_QOS_MAP]);
  14073. len = nla_len(info->attrs[NL80211_ATTR_QOS_MAP]);
  14074. if (len % 2)
  14075. return -EINVAL;
  14076. qos_map = kzalloc_obj(struct cfg80211_qos_map);
  14077. if (!qos_map)
  14078. return -ENOMEM;
  14079. num_des = (len - IEEE80211_QOS_MAP_LEN_MIN) >> 1;
  14080. if (num_des) {
  14081. des_len = num_des *
  14082. sizeof(struct cfg80211_dscp_exception);
  14083. memcpy(qos_map->dscp_exception, pos, des_len);
  14084. qos_map->num_des = num_des;
  14085. for (des = 0; des < num_des; des++) {
  14086. if (qos_map->dscp_exception[des].up > 7) {
  14087. kfree(qos_map);
  14088. return -EINVAL;
  14089. }
  14090. }
  14091. pos += des_len;
  14092. }
  14093. memcpy(qos_map->up, pos, IEEE80211_QOS_MAP_LEN_MIN);
  14094. }
  14095. ret = nl80211_key_allowed(dev->ieee80211_ptr);
  14096. if (!ret)
  14097. ret = rdev_set_qos_map(rdev, dev, qos_map);
  14098. kfree(qos_map);
  14099. return ret;
  14100. }
  14101. static int nl80211_add_tx_ts(struct sk_buff *skb, struct genl_info *info)
  14102. {
  14103. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  14104. struct net_device *dev = info->user_ptr[1];
  14105. struct wireless_dev *wdev = dev->ieee80211_ptr;
  14106. const u8 *peer;
  14107. u8 tsid, up;
  14108. u16 admitted_time = 0;
  14109. if (!(rdev->wiphy.features & NL80211_FEATURE_SUPPORTS_WMM_ADMISSION))
  14110. return -EOPNOTSUPP;
  14111. if (!info->attrs[NL80211_ATTR_TSID] || !info->attrs[NL80211_ATTR_MAC] ||
  14112. !info->attrs[NL80211_ATTR_USER_PRIO])
  14113. return -EINVAL;
  14114. tsid = nla_get_u8(info->attrs[NL80211_ATTR_TSID]);
  14115. up = nla_get_u8(info->attrs[NL80211_ATTR_USER_PRIO]);
  14116. /* WMM uses TIDs 0-7 even for TSPEC */
  14117. if (tsid >= IEEE80211_FIRST_TSPEC_TSID) {
  14118. /* TODO: handle 802.11 TSPEC/admission control
  14119. * need more attributes for that (e.g. BA session requirement);
  14120. * change the WMM admission test above to allow both then
  14121. */
  14122. return -EINVAL;
  14123. }
  14124. peer = nla_data(info->attrs[NL80211_ATTR_MAC]);
  14125. if (info->attrs[NL80211_ATTR_ADMITTED_TIME]) {
  14126. admitted_time =
  14127. nla_get_u16(info->attrs[NL80211_ATTR_ADMITTED_TIME]);
  14128. if (!admitted_time)
  14129. return -EINVAL;
  14130. }
  14131. switch (wdev->iftype) {
  14132. case NL80211_IFTYPE_STATION:
  14133. case NL80211_IFTYPE_P2P_CLIENT:
  14134. if (wdev->connected)
  14135. break;
  14136. return -ENOTCONN;
  14137. default:
  14138. return -EOPNOTSUPP;
  14139. }
  14140. return rdev_add_tx_ts(rdev, dev, tsid, peer, up, admitted_time);
  14141. }
  14142. static int nl80211_del_tx_ts(struct sk_buff *skb, struct genl_info *info)
  14143. {
  14144. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  14145. struct net_device *dev = info->user_ptr[1];
  14146. const u8 *peer;
  14147. u8 tsid;
  14148. if (!info->attrs[NL80211_ATTR_TSID] || !info->attrs[NL80211_ATTR_MAC])
  14149. return -EINVAL;
  14150. tsid = nla_get_u8(info->attrs[NL80211_ATTR_TSID]);
  14151. peer = nla_data(info->attrs[NL80211_ATTR_MAC]);
  14152. return rdev_del_tx_ts(rdev, dev, tsid, peer);
  14153. }
  14154. static int nl80211_tdls_channel_switch(struct sk_buff *skb,
  14155. struct genl_info *info)
  14156. {
  14157. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  14158. struct net_device *dev = info->user_ptr[1];
  14159. struct wireless_dev *wdev = dev->ieee80211_ptr;
  14160. struct cfg80211_chan_def chandef = {};
  14161. const u8 *addr;
  14162. u8 oper_class;
  14163. int err;
  14164. if (!rdev->ops->tdls_channel_switch ||
  14165. !(rdev->wiphy.features & NL80211_FEATURE_TDLS_CHANNEL_SWITCH))
  14166. return -EOPNOTSUPP;
  14167. switch (dev->ieee80211_ptr->iftype) {
  14168. case NL80211_IFTYPE_STATION:
  14169. case NL80211_IFTYPE_P2P_CLIENT:
  14170. break;
  14171. default:
  14172. return -EOPNOTSUPP;
  14173. }
  14174. if (!info->attrs[NL80211_ATTR_MAC] ||
  14175. !info->attrs[NL80211_ATTR_OPER_CLASS])
  14176. return -EINVAL;
  14177. err = nl80211_parse_chandef(rdev, info, &chandef);
  14178. if (err)
  14179. return err;
  14180. /*
  14181. * Don't allow wide channels on the 2.4Ghz band, as per IEEE802.11-2012
  14182. * section 10.22.6.2.1. Disallow 5/10Mhz channels as well for now, the
  14183. * specification is not defined for them.
  14184. */
  14185. if (chandef.chan->band == NL80211_BAND_2GHZ &&
  14186. chandef.width != NL80211_CHAN_WIDTH_20_NOHT &&
  14187. chandef.width != NL80211_CHAN_WIDTH_20)
  14188. return -EINVAL;
  14189. /* we will be active on the TDLS link */
  14190. if (!cfg80211_reg_can_beacon_relax(&rdev->wiphy, &chandef,
  14191. wdev->iftype))
  14192. return -EINVAL;
  14193. /* don't allow switching to DFS channels */
  14194. if (cfg80211_chandef_dfs_required(wdev->wiphy, &chandef, wdev->iftype))
  14195. return -EINVAL;
  14196. addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
  14197. oper_class = nla_get_u8(info->attrs[NL80211_ATTR_OPER_CLASS]);
  14198. return rdev_tdls_channel_switch(rdev, dev, addr, oper_class, &chandef);
  14199. }
  14200. static int nl80211_tdls_cancel_channel_switch(struct sk_buff *skb,
  14201. struct genl_info *info)
  14202. {
  14203. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  14204. struct net_device *dev = info->user_ptr[1];
  14205. const u8 *addr;
  14206. if (!rdev->ops->tdls_channel_switch ||
  14207. !rdev->ops->tdls_cancel_channel_switch ||
  14208. !(rdev->wiphy.features & NL80211_FEATURE_TDLS_CHANNEL_SWITCH))
  14209. return -EOPNOTSUPP;
  14210. switch (dev->ieee80211_ptr->iftype) {
  14211. case NL80211_IFTYPE_STATION:
  14212. case NL80211_IFTYPE_P2P_CLIENT:
  14213. break;
  14214. default:
  14215. return -EOPNOTSUPP;
  14216. }
  14217. if (!info->attrs[NL80211_ATTR_MAC])
  14218. return -EINVAL;
  14219. addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
  14220. rdev_tdls_cancel_channel_switch(rdev, dev, addr);
  14221. return 0;
  14222. }
  14223. static int nl80211_set_multicast_to_unicast(struct sk_buff *skb,
  14224. struct genl_info *info)
  14225. {
  14226. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  14227. struct net_device *dev = info->user_ptr[1];
  14228. struct wireless_dev *wdev = dev->ieee80211_ptr;
  14229. const struct nlattr *nla;
  14230. bool enabled;
  14231. if (!rdev->ops->set_multicast_to_unicast)
  14232. return -EOPNOTSUPP;
  14233. if (wdev->iftype != NL80211_IFTYPE_AP &&
  14234. wdev->iftype != NL80211_IFTYPE_P2P_GO)
  14235. return -EOPNOTSUPP;
  14236. nla = info->attrs[NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED];
  14237. enabled = nla_get_flag(nla);
  14238. return rdev_set_multicast_to_unicast(rdev, dev, enabled);
  14239. }
  14240. static int nl80211_set_pmk(struct sk_buff *skb, struct genl_info *info)
  14241. {
  14242. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  14243. struct net_device *dev = info->user_ptr[1];
  14244. struct wireless_dev *wdev = dev->ieee80211_ptr;
  14245. struct cfg80211_pmk_conf pmk_conf = {};
  14246. if (wdev->iftype != NL80211_IFTYPE_STATION &&
  14247. wdev->iftype != NL80211_IFTYPE_P2P_CLIENT)
  14248. return -EOPNOTSUPP;
  14249. if (!wiphy_ext_feature_isset(&rdev->wiphy,
  14250. NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X))
  14251. return -EOPNOTSUPP;
  14252. if (!info->attrs[NL80211_ATTR_MAC] || !info->attrs[NL80211_ATTR_PMK])
  14253. return -EINVAL;
  14254. if (!wdev->connected)
  14255. return -ENOTCONN;
  14256. pmk_conf.aa = nla_data(info->attrs[NL80211_ATTR_MAC]);
  14257. if (memcmp(pmk_conf.aa, wdev->u.client.connected_addr, ETH_ALEN))
  14258. return -EINVAL;
  14259. pmk_conf.pmk = nla_data(info->attrs[NL80211_ATTR_PMK]);
  14260. pmk_conf.pmk_len = nla_len(info->attrs[NL80211_ATTR_PMK]);
  14261. if (pmk_conf.pmk_len != WLAN_PMK_LEN &&
  14262. pmk_conf.pmk_len != WLAN_PMK_LEN_SUITE_B_192)
  14263. return -EINVAL;
  14264. if (info->attrs[NL80211_ATTR_PMKR0_NAME])
  14265. pmk_conf.pmk_r0_name =
  14266. nla_data(info->attrs[NL80211_ATTR_PMKR0_NAME]);
  14267. return rdev_set_pmk(rdev, dev, &pmk_conf);
  14268. }
  14269. static int nl80211_del_pmk(struct sk_buff *skb, struct genl_info *info)
  14270. {
  14271. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  14272. struct net_device *dev = info->user_ptr[1];
  14273. struct wireless_dev *wdev = dev->ieee80211_ptr;
  14274. const u8 *aa;
  14275. if (wdev->iftype != NL80211_IFTYPE_STATION &&
  14276. wdev->iftype != NL80211_IFTYPE_P2P_CLIENT)
  14277. return -EOPNOTSUPP;
  14278. if (!wiphy_ext_feature_isset(&rdev->wiphy,
  14279. NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X))
  14280. return -EOPNOTSUPP;
  14281. if (!info->attrs[NL80211_ATTR_MAC])
  14282. return -EINVAL;
  14283. aa = nla_data(info->attrs[NL80211_ATTR_MAC]);
  14284. return rdev_del_pmk(rdev, dev, aa);
  14285. }
  14286. static int nl80211_external_auth(struct sk_buff *skb, struct genl_info *info)
  14287. {
  14288. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  14289. struct net_device *dev = info->user_ptr[1];
  14290. struct cfg80211_external_auth_params params;
  14291. if (!rdev->ops->external_auth)
  14292. return -EOPNOTSUPP;
  14293. if (!info->attrs[NL80211_ATTR_SSID] &&
  14294. dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
  14295. dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
  14296. return -EINVAL;
  14297. if (!info->attrs[NL80211_ATTR_BSSID])
  14298. return -EINVAL;
  14299. if (!info->attrs[NL80211_ATTR_STATUS_CODE])
  14300. return -EINVAL;
  14301. memset(&params, 0, sizeof(params));
  14302. if (info->attrs[NL80211_ATTR_SSID]) {
  14303. params.ssid.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
  14304. if (params.ssid.ssid_len == 0)
  14305. return -EINVAL;
  14306. memcpy(params.ssid.ssid,
  14307. nla_data(info->attrs[NL80211_ATTR_SSID]),
  14308. params.ssid.ssid_len);
  14309. }
  14310. memcpy(params.bssid, nla_data(info->attrs[NL80211_ATTR_BSSID]),
  14311. ETH_ALEN);
  14312. params.status = nla_get_u16(info->attrs[NL80211_ATTR_STATUS_CODE]);
  14313. if (info->attrs[NL80211_ATTR_PMKID])
  14314. params.pmkid = nla_data(info->attrs[NL80211_ATTR_PMKID]);
  14315. return rdev_external_auth(rdev, dev, &params);
  14316. }
  14317. static int nl80211_tx_control_port(struct sk_buff *skb, struct genl_info *info)
  14318. {
  14319. bool dont_wait_for_ack = info->attrs[NL80211_ATTR_DONT_WAIT_FOR_ACK];
  14320. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  14321. struct net_device *dev = info->user_ptr[1];
  14322. struct wireless_dev *wdev = dev->ieee80211_ptr;
  14323. const u8 *buf;
  14324. size_t len;
  14325. u8 *dest;
  14326. u16 proto;
  14327. bool noencrypt;
  14328. u64 cookie = 0;
  14329. int link_id;
  14330. int err;
  14331. if (!wiphy_ext_feature_isset(&rdev->wiphy,
  14332. NL80211_EXT_FEATURE_CONTROL_PORT_OVER_NL80211))
  14333. return -EOPNOTSUPP;
  14334. if (!rdev->ops->tx_control_port)
  14335. return -EOPNOTSUPP;
  14336. if (!info->attrs[NL80211_ATTR_FRAME] ||
  14337. !info->attrs[NL80211_ATTR_MAC] ||
  14338. !info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]) {
  14339. GENL_SET_ERR_MSG(info, "Frame, MAC or ethertype missing");
  14340. return -EINVAL;
  14341. }
  14342. switch (wdev->iftype) {
  14343. case NL80211_IFTYPE_AP:
  14344. case NL80211_IFTYPE_P2P_GO:
  14345. case NL80211_IFTYPE_MESH_POINT:
  14346. break;
  14347. case NL80211_IFTYPE_ADHOC:
  14348. if (wdev->u.ibss.current_bss)
  14349. break;
  14350. return -ENOTCONN;
  14351. case NL80211_IFTYPE_STATION:
  14352. case NL80211_IFTYPE_P2P_CLIENT:
  14353. if (wdev->connected)
  14354. break;
  14355. return -ENOTCONN;
  14356. default:
  14357. return -EOPNOTSUPP;
  14358. }
  14359. buf = nla_data(info->attrs[NL80211_ATTR_FRAME]);
  14360. len = nla_len(info->attrs[NL80211_ATTR_FRAME]);
  14361. dest = nla_data(info->attrs[NL80211_ATTR_MAC]);
  14362. proto = nla_get_u16(info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]);
  14363. noencrypt =
  14364. nla_get_flag(info->attrs[NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT]);
  14365. link_id = nl80211_link_id_or_invalid(info->attrs);
  14366. err = rdev_tx_control_port(rdev, dev, buf, len,
  14367. dest, cpu_to_be16(proto), noencrypt, link_id,
  14368. dont_wait_for_ack ? NULL : &cookie);
  14369. if (!err && !dont_wait_for_ack)
  14370. nl_set_extack_cookie_u64(info->extack, cookie);
  14371. return err;
  14372. }
  14373. static int nl80211_get_ftm_responder_stats(struct sk_buff *skb,
  14374. struct genl_info *info)
  14375. {
  14376. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  14377. struct net_device *dev = info->user_ptr[1];
  14378. struct wireless_dev *wdev = dev->ieee80211_ptr;
  14379. struct cfg80211_ftm_responder_stats ftm_stats = {};
  14380. unsigned int link_id = nl80211_link_id(info->attrs);
  14381. struct sk_buff *msg;
  14382. void *hdr;
  14383. struct nlattr *ftm_stats_attr;
  14384. int err;
  14385. if (wdev->iftype != NL80211_IFTYPE_AP ||
  14386. !wdev->links[link_id].ap.beacon_interval)
  14387. return -EOPNOTSUPP;
  14388. err = rdev_get_ftm_responder_stats(rdev, dev, &ftm_stats);
  14389. if (err)
  14390. return err;
  14391. if (!ftm_stats.filled)
  14392. return -ENODATA;
  14393. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  14394. if (!msg)
  14395. return -ENOMEM;
  14396. hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
  14397. NL80211_CMD_GET_FTM_RESPONDER_STATS);
  14398. if (!hdr)
  14399. goto nla_put_failure;
  14400. if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex))
  14401. goto nla_put_failure;
  14402. ftm_stats_attr = nla_nest_start_noflag(msg,
  14403. NL80211_ATTR_FTM_RESPONDER_STATS);
  14404. if (!ftm_stats_attr)
  14405. goto nla_put_failure;
  14406. #define SET_FTM(field, name, type) \
  14407. do { if ((ftm_stats.filled & BIT(NL80211_FTM_STATS_ ## name)) && \
  14408. nla_put_ ## type(msg, NL80211_FTM_STATS_ ## name, \
  14409. ftm_stats.field)) \
  14410. goto nla_put_failure; } while (0)
  14411. #define SET_FTM_U64(field, name) \
  14412. do { if ((ftm_stats.filled & BIT(NL80211_FTM_STATS_ ## name)) && \
  14413. nla_put_u64_64bit(msg, NL80211_FTM_STATS_ ## name, \
  14414. ftm_stats.field, NL80211_FTM_STATS_PAD)) \
  14415. goto nla_put_failure; } while (0)
  14416. SET_FTM(success_num, SUCCESS_NUM, u32);
  14417. SET_FTM(partial_num, PARTIAL_NUM, u32);
  14418. SET_FTM(failed_num, FAILED_NUM, u32);
  14419. SET_FTM(asap_num, ASAP_NUM, u32);
  14420. SET_FTM(non_asap_num, NON_ASAP_NUM, u32);
  14421. SET_FTM_U64(total_duration_ms, TOTAL_DURATION_MSEC);
  14422. SET_FTM(unknown_triggers_num, UNKNOWN_TRIGGERS_NUM, u32);
  14423. SET_FTM(reschedule_requests_num, RESCHEDULE_REQUESTS_NUM, u32);
  14424. SET_FTM(out_of_window_triggers_num, OUT_OF_WINDOW_TRIGGERS_NUM, u32);
  14425. #undef SET_FTM
  14426. nla_nest_end(msg, ftm_stats_attr);
  14427. genlmsg_end(msg, hdr);
  14428. return genlmsg_reply(msg, info);
  14429. nla_put_failure:
  14430. nlmsg_free(msg);
  14431. return -ENOBUFS;
  14432. }
  14433. static int nl80211_update_owe_info(struct sk_buff *skb, struct genl_info *info)
  14434. {
  14435. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  14436. struct cfg80211_update_owe_info owe_info;
  14437. struct net_device *dev = info->user_ptr[1];
  14438. if (!rdev->ops->update_owe_info)
  14439. return -EOPNOTSUPP;
  14440. if (!info->attrs[NL80211_ATTR_STATUS_CODE] ||
  14441. !info->attrs[NL80211_ATTR_MAC])
  14442. return -EINVAL;
  14443. memset(&owe_info, 0, sizeof(owe_info));
  14444. owe_info.status = nla_get_u16(info->attrs[NL80211_ATTR_STATUS_CODE]);
  14445. nla_memcpy(owe_info.peer, info->attrs[NL80211_ATTR_MAC], ETH_ALEN);
  14446. if (info->attrs[NL80211_ATTR_IE]) {
  14447. owe_info.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
  14448. owe_info.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
  14449. }
  14450. return rdev_update_owe_info(rdev, dev, &owe_info);
  14451. }
  14452. static int nl80211_probe_mesh_link(struct sk_buff *skb, struct genl_info *info)
  14453. {
  14454. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  14455. struct net_device *dev = info->user_ptr[1];
  14456. struct wireless_dev *wdev = dev->ieee80211_ptr;
  14457. struct station_info sinfo = {};
  14458. const u8 *buf;
  14459. size_t len;
  14460. u8 *dest;
  14461. int err;
  14462. if (!rdev->ops->probe_mesh_link || !rdev->ops->get_station)
  14463. return -EOPNOTSUPP;
  14464. if (!info->attrs[NL80211_ATTR_MAC] ||
  14465. !info->attrs[NL80211_ATTR_FRAME]) {
  14466. GENL_SET_ERR_MSG(info, "Frame or MAC missing");
  14467. return -EINVAL;
  14468. }
  14469. if (wdev->iftype != NL80211_IFTYPE_MESH_POINT)
  14470. return -EOPNOTSUPP;
  14471. dest = nla_data(info->attrs[NL80211_ATTR_MAC]);
  14472. buf = nla_data(info->attrs[NL80211_ATTR_FRAME]);
  14473. len = nla_len(info->attrs[NL80211_ATTR_FRAME]);
  14474. if (len < sizeof(struct ethhdr))
  14475. return -EINVAL;
  14476. if (!ether_addr_equal(buf, dest) || is_multicast_ether_addr(buf) ||
  14477. !ether_addr_equal(buf + ETH_ALEN, dev->dev_addr))
  14478. return -EINVAL;
  14479. err = rdev_get_station(rdev, dev, dest, &sinfo);
  14480. if (err)
  14481. return err;
  14482. cfg80211_sinfo_release_content(&sinfo);
  14483. return rdev_probe_mesh_link(rdev, dev, dest, buf, len);
  14484. }
  14485. static int parse_tid_conf(struct cfg80211_registered_device *rdev,
  14486. struct nlattr *attrs[], struct net_device *dev,
  14487. struct cfg80211_tid_cfg *tid_conf,
  14488. struct genl_info *info, const u8 *peer,
  14489. unsigned int link_id)
  14490. {
  14491. struct netlink_ext_ack *extack = info->extack;
  14492. u64 mask;
  14493. int err;
  14494. if (!attrs[NL80211_TID_CONFIG_ATTR_TIDS])
  14495. return -EINVAL;
  14496. tid_conf->config_override =
  14497. nla_get_flag(attrs[NL80211_TID_CONFIG_ATTR_OVERRIDE]);
  14498. tid_conf->tids = nla_get_u16(attrs[NL80211_TID_CONFIG_ATTR_TIDS]);
  14499. if (tid_conf->config_override) {
  14500. if (rdev->ops->reset_tid_config) {
  14501. err = rdev_reset_tid_config(rdev, dev, peer,
  14502. tid_conf->tids);
  14503. if (err)
  14504. return err;
  14505. } else {
  14506. return -EINVAL;
  14507. }
  14508. }
  14509. if (attrs[NL80211_TID_CONFIG_ATTR_NOACK]) {
  14510. tid_conf->mask |= BIT(NL80211_TID_CONFIG_ATTR_NOACK);
  14511. tid_conf->noack =
  14512. nla_get_u8(attrs[NL80211_TID_CONFIG_ATTR_NOACK]);
  14513. }
  14514. if (attrs[NL80211_TID_CONFIG_ATTR_RETRY_SHORT]) {
  14515. tid_conf->mask |= BIT(NL80211_TID_CONFIG_ATTR_RETRY_SHORT);
  14516. tid_conf->retry_short =
  14517. nla_get_u8(attrs[NL80211_TID_CONFIG_ATTR_RETRY_SHORT]);
  14518. if (tid_conf->retry_short > rdev->wiphy.max_data_retry_count)
  14519. return -EINVAL;
  14520. }
  14521. if (attrs[NL80211_TID_CONFIG_ATTR_RETRY_LONG]) {
  14522. tid_conf->mask |= BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG);
  14523. tid_conf->retry_long =
  14524. nla_get_u8(attrs[NL80211_TID_CONFIG_ATTR_RETRY_LONG]);
  14525. if (tid_conf->retry_long > rdev->wiphy.max_data_retry_count)
  14526. return -EINVAL;
  14527. }
  14528. if (attrs[NL80211_TID_CONFIG_ATTR_AMPDU_CTRL]) {
  14529. tid_conf->mask |= BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL);
  14530. tid_conf->ampdu =
  14531. nla_get_u8(attrs[NL80211_TID_CONFIG_ATTR_AMPDU_CTRL]);
  14532. }
  14533. if (attrs[NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL]) {
  14534. tid_conf->mask |= BIT(NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL);
  14535. tid_conf->rtscts =
  14536. nla_get_u8(attrs[NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL]);
  14537. }
  14538. if (attrs[NL80211_TID_CONFIG_ATTR_AMSDU_CTRL]) {
  14539. tid_conf->mask |= BIT(NL80211_TID_CONFIG_ATTR_AMSDU_CTRL);
  14540. tid_conf->amsdu =
  14541. nla_get_u8(attrs[NL80211_TID_CONFIG_ATTR_AMSDU_CTRL]);
  14542. }
  14543. if (attrs[NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE]) {
  14544. u32 idx = NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE, attr;
  14545. tid_conf->txrate_type = nla_get_u8(attrs[idx]);
  14546. if (tid_conf->txrate_type != NL80211_TX_RATE_AUTOMATIC) {
  14547. attr = NL80211_TID_CONFIG_ATTR_TX_RATE;
  14548. err = nl80211_parse_tx_bitrate_mask(info, attrs, attr,
  14549. &tid_conf->txrate_mask, dev,
  14550. true, link_id);
  14551. if (err)
  14552. return err;
  14553. tid_conf->mask |= BIT(NL80211_TID_CONFIG_ATTR_TX_RATE);
  14554. }
  14555. tid_conf->mask |= BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE);
  14556. }
  14557. if (peer)
  14558. mask = rdev->wiphy.tid_config_support.peer;
  14559. else
  14560. mask = rdev->wiphy.tid_config_support.vif;
  14561. if (tid_conf->mask & ~mask) {
  14562. NL_SET_ERR_MSG(extack, "unsupported TID configuration");
  14563. return -EOPNOTSUPP;
  14564. }
  14565. return 0;
  14566. }
  14567. static int nl80211_set_tid_config(struct sk_buff *skb,
  14568. struct genl_info *info)
  14569. {
  14570. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  14571. struct nlattr *attrs[NL80211_TID_CONFIG_ATTR_MAX + 1];
  14572. unsigned int link_id = nl80211_link_id(info->attrs);
  14573. struct net_device *dev = info->user_ptr[1];
  14574. struct cfg80211_tid_config *tid_config;
  14575. struct nlattr *tid;
  14576. int conf_idx = 0, rem_conf;
  14577. int ret = -EINVAL;
  14578. u32 num_conf = 0;
  14579. if (!info->attrs[NL80211_ATTR_TID_CONFIG])
  14580. return -EINVAL;
  14581. if (!rdev->ops->set_tid_config)
  14582. return -EOPNOTSUPP;
  14583. nla_for_each_nested(tid, info->attrs[NL80211_ATTR_TID_CONFIG],
  14584. rem_conf)
  14585. num_conf++;
  14586. tid_config = kzalloc_flex(*tid_config, tid_conf, num_conf);
  14587. if (!tid_config)
  14588. return -ENOMEM;
  14589. tid_config->n_tid_conf = num_conf;
  14590. if (info->attrs[NL80211_ATTR_MAC])
  14591. tid_config->peer = nla_data(info->attrs[NL80211_ATTR_MAC]);
  14592. nla_for_each_nested(tid, info->attrs[NL80211_ATTR_TID_CONFIG],
  14593. rem_conf) {
  14594. ret = nla_parse_nested(attrs, NL80211_TID_CONFIG_ATTR_MAX,
  14595. tid, NULL, NULL);
  14596. if (ret)
  14597. goto bad_tid_conf;
  14598. ret = parse_tid_conf(rdev, attrs, dev,
  14599. &tid_config->tid_conf[conf_idx],
  14600. info, tid_config->peer, link_id);
  14601. if (ret)
  14602. goto bad_tid_conf;
  14603. conf_idx++;
  14604. }
  14605. ret = rdev_set_tid_config(rdev, dev, tid_config);
  14606. bad_tid_conf:
  14607. kfree(tid_config);
  14608. return ret;
  14609. }
  14610. static int nl80211_color_change(struct sk_buff *skb, struct genl_info *info)
  14611. {
  14612. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  14613. struct cfg80211_color_change_settings params = {};
  14614. struct net_device *dev = info->user_ptr[1];
  14615. struct wireless_dev *wdev = dev->ieee80211_ptr;
  14616. struct nlattr **tb;
  14617. u16 offset;
  14618. int err;
  14619. if (!rdev->ops->color_change)
  14620. return -EOPNOTSUPP;
  14621. if (!wiphy_ext_feature_isset(&rdev->wiphy,
  14622. NL80211_EXT_FEATURE_BSS_COLOR))
  14623. return -EOPNOTSUPP;
  14624. if (wdev->iftype != NL80211_IFTYPE_AP)
  14625. return -EOPNOTSUPP;
  14626. if (!info->attrs[NL80211_ATTR_COLOR_CHANGE_COUNT] ||
  14627. !info->attrs[NL80211_ATTR_COLOR_CHANGE_COLOR] ||
  14628. !info->attrs[NL80211_ATTR_COLOR_CHANGE_ELEMS])
  14629. return -EINVAL;
  14630. params.count = nla_get_u8(info->attrs[NL80211_ATTR_COLOR_CHANGE_COUNT]);
  14631. params.color = nla_get_u8(info->attrs[NL80211_ATTR_COLOR_CHANGE_COLOR]);
  14632. err = nl80211_parse_beacon(rdev, info->attrs, &params.beacon_next,
  14633. info->extack);
  14634. if (err)
  14635. return err;
  14636. tb = kzalloc_objs(*tb, NL80211_ATTR_MAX + 1);
  14637. if (!tb)
  14638. return -ENOMEM;
  14639. err = nla_parse_nested(tb, NL80211_ATTR_MAX,
  14640. info->attrs[NL80211_ATTR_COLOR_CHANGE_ELEMS],
  14641. nl80211_policy, info->extack);
  14642. if (err)
  14643. goto out;
  14644. err = nl80211_parse_beacon(rdev, tb, &params.beacon_color_change,
  14645. info->extack);
  14646. if (err)
  14647. goto out;
  14648. if (!tb[NL80211_ATTR_CNTDWN_OFFS_BEACON]) {
  14649. err = -EINVAL;
  14650. goto out;
  14651. }
  14652. if (nla_len(tb[NL80211_ATTR_CNTDWN_OFFS_BEACON]) != sizeof(u16)) {
  14653. err = -EINVAL;
  14654. goto out;
  14655. }
  14656. offset = nla_get_u16(tb[NL80211_ATTR_CNTDWN_OFFS_BEACON]);
  14657. if (offset >= params.beacon_color_change.tail_len) {
  14658. err = -EINVAL;
  14659. goto out;
  14660. }
  14661. if (params.beacon_color_change.tail[offset] != params.count) {
  14662. err = -EINVAL;
  14663. goto out;
  14664. }
  14665. params.counter_offset_beacon = offset;
  14666. if (tb[NL80211_ATTR_CNTDWN_OFFS_PRESP]) {
  14667. if (nla_len(tb[NL80211_ATTR_CNTDWN_OFFS_PRESP]) !=
  14668. sizeof(u16)) {
  14669. err = -EINVAL;
  14670. goto out;
  14671. }
  14672. offset = nla_get_u16(tb[NL80211_ATTR_CNTDWN_OFFS_PRESP]);
  14673. if (offset >= params.beacon_color_change.probe_resp_len) {
  14674. err = -EINVAL;
  14675. goto out;
  14676. }
  14677. if (params.beacon_color_change.probe_resp[offset] !=
  14678. params.count) {
  14679. err = -EINVAL;
  14680. goto out;
  14681. }
  14682. params.counter_offset_presp = offset;
  14683. }
  14684. if (info->attrs[NL80211_ATTR_UNSOL_BCAST_PROBE_RESP]) {
  14685. err = nl80211_parse_unsol_bcast_probe_resp(
  14686. rdev, info->attrs[NL80211_ATTR_UNSOL_BCAST_PROBE_RESP],
  14687. &params.unsol_bcast_probe_resp);
  14688. if (err)
  14689. goto out;
  14690. }
  14691. params.link_id = nl80211_link_id(info->attrs);
  14692. err = rdev_color_change(rdev, dev, &params);
  14693. out:
  14694. kfree(params.beacon_next.mbssid_ies);
  14695. kfree(params.beacon_color_change.mbssid_ies);
  14696. kfree(params.beacon_next.rnr_ies);
  14697. kfree(params.beacon_color_change.rnr_ies);
  14698. kfree(tb);
  14699. return err;
  14700. }
  14701. static int nl80211_set_fils_aad(struct sk_buff *skb,
  14702. struct genl_info *info)
  14703. {
  14704. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  14705. struct net_device *dev = info->user_ptr[1];
  14706. struct cfg80211_fils_aad fils_aad = {};
  14707. u8 *nonces;
  14708. if (!info->attrs[NL80211_ATTR_MAC] ||
  14709. !info->attrs[NL80211_ATTR_FILS_KEK] ||
  14710. !info->attrs[NL80211_ATTR_FILS_NONCES])
  14711. return -EINVAL;
  14712. fils_aad.macaddr = nla_data(info->attrs[NL80211_ATTR_MAC]);
  14713. fils_aad.kek_len = nla_len(info->attrs[NL80211_ATTR_FILS_KEK]);
  14714. fils_aad.kek = nla_data(info->attrs[NL80211_ATTR_FILS_KEK]);
  14715. nonces = nla_data(info->attrs[NL80211_ATTR_FILS_NONCES]);
  14716. fils_aad.snonce = nonces;
  14717. fils_aad.anonce = nonces + FILS_NONCE_LEN;
  14718. return rdev_set_fils_aad(rdev, dev, &fils_aad);
  14719. }
  14720. static int nl80211_add_link(struct sk_buff *skb, struct genl_info *info)
  14721. {
  14722. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  14723. unsigned int link_id = nl80211_link_id(info->attrs);
  14724. struct net_device *dev = info->user_ptr[1];
  14725. struct wireless_dev *wdev = dev->ieee80211_ptr;
  14726. int ret;
  14727. if (!(wdev->wiphy->flags & WIPHY_FLAG_SUPPORTS_MLO))
  14728. return -EINVAL;
  14729. switch (wdev->iftype) {
  14730. case NL80211_IFTYPE_AP:
  14731. break;
  14732. default:
  14733. return -EINVAL;
  14734. }
  14735. if (!info->attrs[NL80211_ATTR_MAC] ||
  14736. !is_valid_ether_addr(nla_data(info->attrs[NL80211_ATTR_MAC])))
  14737. return -EINVAL;
  14738. wdev->valid_links |= BIT(link_id);
  14739. ether_addr_copy(wdev->links[link_id].addr,
  14740. nla_data(info->attrs[NL80211_ATTR_MAC]));
  14741. ret = rdev_add_intf_link(rdev, wdev, link_id);
  14742. if (ret) {
  14743. wdev->valid_links &= ~BIT(link_id);
  14744. eth_zero_addr(wdev->links[link_id].addr);
  14745. }
  14746. return ret;
  14747. }
  14748. static int nl80211_remove_link(struct sk_buff *skb, struct genl_info *info)
  14749. {
  14750. unsigned int link_id = nl80211_link_id(info->attrs);
  14751. struct net_device *dev = info->user_ptr[1];
  14752. struct wireless_dev *wdev = dev->ieee80211_ptr;
  14753. /* cannot remove if there's no link */
  14754. if (!info->attrs[NL80211_ATTR_MLO_LINK_ID])
  14755. return -EINVAL;
  14756. switch (wdev->iftype) {
  14757. case NL80211_IFTYPE_AP:
  14758. break;
  14759. default:
  14760. return -EINVAL;
  14761. }
  14762. cfg80211_remove_link(wdev, link_id);
  14763. return 0;
  14764. }
  14765. static int
  14766. nl80211_add_mod_link_station(struct sk_buff *skb, struct genl_info *info,
  14767. bool add)
  14768. {
  14769. struct link_station_parameters params = {};
  14770. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  14771. struct net_device *dev = info->user_ptr[1];
  14772. int err;
  14773. if ((add && !rdev->ops->add_link_station) ||
  14774. (!add && !rdev->ops->mod_link_station))
  14775. return -EOPNOTSUPP;
  14776. if (add && !info->attrs[NL80211_ATTR_MAC])
  14777. return -EINVAL;
  14778. if (!info->attrs[NL80211_ATTR_MLD_ADDR])
  14779. return -EINVAL;
  14780. if (add && !info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES])
  14781. return -EINVAL;
  14782. params.mld_mac = nla_data(info->attrs[NL80211_ATTR_MLD_ADDR]);
  14783. if (info->attrs[NL80211_ATTR_MAC]) {
  14784. params.link_mac = nla_data(info->attrs[NL80211_ATTR_MAC]);
  14785. if (!is_valid_ether_addr(params.link_mac))
  14786. return -EINVAL;
  14787. }
  14788. if (!info->attrs[NL80211_ATTR_MLO_LINK_ID])
  14789. return -EINVAL;
  14790. params.link_id = nla_get_u8(info->attrs[NL80211_ATTR_MLO_LINK_ID]);
  14791. if (info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) {
  14792. params.supported_rates =
  14793. nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
  14794. params.supported_rates_len =
  14795. nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
  14796. }
  14797. if (info->attrs[NL80211_ATTR_HT_CAPABILITY])
  14798. params.ht_capa =
  14799. nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]);
  14800. if (info->attrs[NL80211_ATTR_VHT_CAPABILITY])
  14801. params.vht_capa =
  14802. nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY]);
  14803. if (info->attrs[NL80211_ATTR_HE_CAPABILITY]) {
  14804. params.he_capa =
  14805. nla_data(info->attrs[NL80211_ATTR_HE_CAPABILITY]);
  14806. params.he_capa_len =
  14807. nla_len(info->attrs[NL80211_ATTR_HE_CAPABILITY]);
  14808. if (info->attrs[NL80211_ATTR_EHT_CAPABILITY]) {
  14809. params.eht_capa =
  14810. nla_data(info->attrs[NL80211_ATTR_EHT_CAPABILITY]);
  14811. params.eht_capa_len =
  14812. nla_len(info->attrs[NL80211_ATTR_EHT_CAPABILITY]);
  14813. if (!ieee80211_eht_capa_size_ok((const u8 *)params.he_capa,
  14814. (const u8 *)params.eht_capa,
  14815. params.eht_capa_len,
  14816. false))
  14817. return -EINVAL;
  14818. }
  14819. }
  14820. if (info->attrs[NL80211_ATTR_UHR_CAPABILITY]) {
  14821. if (!params.eht_capa)
  14822. return -EINVAL;
  14823. params.uhr_capa =
  14824. nla_data(info->attrs[NL80211_ATTR_UHR_CAPABILITY]);
  14825. params.uhr_capa_len =
  14826. nla_len(info->attrs[NL80211_ATTR_UHR_CAPABILITY]);
  14827. }
  14828. if (info->attrs[NL80211_ATTR_HE_6GHZ_CAPABILITY])
  14829. params.he_6ghz_capa =
  14830. nla_data(info->attrs[NL80211_ATTR_HE_6GHZ_CAPABILITY]);
  14831. if (info->attrs[NL80211_ATTR_OPMODE_NOTIF]) {
  14832. params.opmode_notif_used = true;
  14833. params.opmode_notif =
  14834. nla_get_u8(info->attrs[NL80211_ATTR_OPMODE_NOTIF]);
  14835. }
  14836. err = nl80211_parse_sta_txpower_setting(info, &params.txpwr,
  14837. &params.txpwr_set);
  14838. if (err)
  14839. return err;
  14840. if (add)
  14841. return rdev_add_link_station(rdev, dev, &params);
  14842. return rdev_mod_link_station(rdev, dev, &params);
  14843. }
  14844. static int
  14845. nl80211_add_link_station(struct sk_buff *skb, struct genl_info *info)
  14846. {
  14847. return nl80211_add_mod_link_station(skb, info, true);
  14848. }
  14849. static int
  14850. nl80211_modify_link_station(struct sk_buff *skb, struct genl_info *info)
  14851. {
  14852. return nl80211_add_mod_link_station(skb, info, false);
  14853. }
  14854. static int
  14855. nl80211_remove_link_station(struct sk_buff *skb, struct genl_info *info)
  14856. {
  14857. struct link_station_del_parameters params = {};
  14858. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  14859. struct net_device *dev = info->user_ptr[1];
  14860. if (!rdev->ops->del_link_station)
  14861. return -EOPNOTSUPP;
  14862. if (!info->attrs[NL80211_ATTR_MLD_ADDR] ||
  14863. !info->attrs[NL80211_ATTR_MLO_LINK_ID])
  14864. return -EINVAL;
  14865. params.mld_mac = nla_data(info->attrs[NL80211_ATTR_MLD_ADDR]);
  14866. params.link_id = nla_get_u8(info->attrs[NL80211_ATTR_MLO_LINK_ID]);
  14867. return rdev_del_link_station(rdev, dev, &params);
  14868. }
  14869. static int nl80211_set_hw_timestamp(struct sk_buff *skb,
  14870. struct genl_info *info)
  14871. {
  14872. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  14873. struct net_device *dev = info->user_ptr[1];
  14874. struct cfg80211_set_hw_timestamp hwts = {};
  14875. if (!rdev->wiphy.hw_timestamp_max_peers)
  14876. return -EOPNOTSUPP;
  14877. if (!info->attrs[NL80211_ATTR_MAC] &&
  14878. rdev->wiphy.hw_timestamp_max_peers != CFG80211_HW_TIMESTAMP_ALL_PEERS)
  14879. return -EOPNOTSUPP;
  14880. if (info->attrs[NL80211_ATTR_MAC])
  14881. hwts.macaddr = nla_data(info->attrs[NL80211_ATTR_MAC]);
  14882. hwts.enable =
  14883. nla_get_flag(info->attrs[NL80211_ATTR_HW_TIMESTAMP_ENABLED]);
  14884. return rdev_set_hw_timestamp(rdev, dev, &hwts);
  14885. }
  14886. static int
  14887. nl80211_set_ttlm(struct sk_buff *skb, struct genl_info *info)
  14888. {
  14889. struct cfg80211_ttlm_params params = {};
  14890. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  14891. struct net_device *dev = info->user_ptr[1];
  14892. struct wireless_dev *wdev = dev->ieee80211_ptr;
  14893. if (wdev->iftype != NL80211_IFTYPE_STATION &&
  14894. wdev->iftype != NL80211_IFTYPE_P2P_CLIENT)
  14895. return -EOPNOTSUPP;
  14896. if (!wdev->connected)
  14897. return -ENOLINK;
  14898. if (!info->attrs[NL80211_ATTR_MLO_TTLM_DLINK] ||
  14899. !info->attrs[NL80211_ATTR_MLO_TTLM_ULINK])
  14900. return -EINVAL;
  14901. nla_memcpy(params.dlink,
  14902. info->attrs[NL80211_ATTR_MLO_TTLM_DLINK],
  14903. sizeof(params.dlink));
  14904. nla_memcpy(params.ulink,
  14905. info->attrs[NL80211_ATTR_MLO_TTLM_ULINK],
  14906. sizeof(params.ulink));
  14907. return rdev_set_ttlm(rdev, dev, &params);
  14908. }
  14909. static int nl80211_assoc_ml_reconf(struct sk_buff *skb, struct genl_info *info)
  14910. {
  14911. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  14912. struct net_device *dev = info->user_ptr[1];
  14913. struct wireless_dev *wdev = dev->ieee80211_ptr;
  14914. struct cfg80211_ml_reconf_req req = {};
  14915. unsigned int link_id;
  14916. u16 add_links;
  14917. int err;
  14918. if (!wdev->valid_links)
  14919. return -EINVAL;
  14920. if (dev->ieee80211_ptr->conn_owner_nlportid &&
  14921. dev->ieee80211_ptr->conn_owner_nlportid != info->snd_portid)
  14922. return -EPERM;
  14923. if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
  14924. dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
  14925. return -EOPNOTSUPP;
  14926. add_links = 0;
  14927. if (info->attrs[NL80211_ATTR_MLO_LINKS]) {
  14928. err = nl80211_process_links(rdev, req.add_links,
  14929. /* mark as MLO, but not assoc */
  14930. IEEE80211_MLD_MAX_NUM_LINKS,
  14931. NULL, 0, info);
  14932. if (err)
  14933. return err;
  14934. for (link_id = 0; link_id < IEEE80211_MLD_MAX_NUM_LINKS;
  14935. link_id++) {
  14936. if (!req.add_links[link_id].bss)
  14937. continue;
  14938. add_links |= BIT(link_id);
  14939. }
  14940. }
  14941. if (info->attrs[NL80211_ATTR_MLO_RECONF_REM_LINKS])
  14942. req.rem_links =
  14943. nla_get_u16(info->attrs[NL80211_ATTR_MLO_RECONF_REM_LINKS]);
  14944. /* Validate that existing links are not added, removed links are valid
  14945. * and don't allow adding and removing the same links
  14946. */
  14947. if ((add_links & req.rem_links) || !(add_links | req.rem_links) ||
  14948. (wdev->valid_links & add_links) ||
  14949. ((wdev->valid_links & req.rem_links) != req.rem_links)) {
  14950. err = -EINVAL;
  14951. goto out;
  14952. }
  14953. if (info->attrs[NL80211_ATTR_ASSOC_MLD_EXT_CAPA_OPS])
  14954. req.ext_mld_capa_ops =
  14955. nla_get_u16(info->attrs[NL80211_ATTR_ASSOC_MLD_EXT_CAPA_OPS]);
  14956. err = cfg80211_assoc_ml_reconf(rdev, dev, &req);
  14957. out:
  14958. for (link_id = 0; link_id < ARRAY_SIZE(req.add_links); link_id++)
  14959. cfg80211_put_bss(&rdev->wiphy, req.add_links[link_id].bss);
  14960. return err;
  14961. }
  14962. static int
  14963. nl80211_epcs_cfg(struct sk_buff *skb, struct genl_info *info)
  14964. {
  14965. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  14966. struct net_device *dev = info->user_ptr[1];
  14967. struct wireless_dev *wdev = dev->ieee80211_ptr;
  14968. bool val;
  14969. if (wdev->iftype != NL80211_IFTYPE_STATION &&
  14970. wdev->iftype != NL80211_IFTYPE_P2P_CLIENT)
  14971. return -EOPNOTSUPP;
  14972. if (!wdev->connected)
  14973. return -ENOLINK;
  14974. val = nla_get_flag(info->attrs[NL80211_ATTR_EPCS]);
  14975. return rdev_set_epcs(rdev, dev, val);
  14976. }
  14977. #define NL80211_FLAG_NEED_WIPHY 0x01
  14978. #define NL80211_FLAG_NEED_NETDEV 0x02
  14979. #define NL80211_FLAG_NEED_RTNL 0x04
  14980. #define NL80211_FLAG_CHECK_NETDEV_UP 0x08
  14981. #define NL80211_FLAG_NEED_NETDEV_UP (NL80211_FLAG_NEED_NETDEV |\
  14982. NL80211_FLAG_CHECK_NETDEV_UP)
  14983. #define NL80211_FLAG_NEED_WDEV 0x10
  14984. /* If a netdev is associated, it must be UP, P2P must be started */
  14985. #define NL80211_FLAG_NEED_WDEV_UP (NL80211_FLAG_NEED_WDEV |\
  14986. NL80211_FLAG_CHECK_NETDEV_UP)
  14987. #define NL80211_FLAG_CLEAR_SKB 0x20
  14988. #define NL80211_FLAG_NO_WIPHY_MTX 0x40
  14989. #define NL80211_FLAG_MLO_VALID_LINK_ID 0x80
  14990. #define NL80211_FLAG_MLO_UNSUPPORTED 0x100
  14991. #define INTERNAL_FLAG_SELECTORS(__sel) \
  14992. SELECTOR(__sel, NONE, 0) /* must be first */ \
  14993. SELECTOR(__sel, WIPHY, \
  14994. NL80211_FLAG_NEED_WIPHY) \
  14995. SELECTOR(__sel, WDEV, \
  14996. NL80211_FLAG_NEED_WDEV) \
  14997. SELECTOR(__sel, NETDEV, \
  14998. NL80211_FLAG_NEED_NETDEV) \
  14999. SELECTOR(__sel, NETDEV_LINK, \
  15000. NL80211_FLAG_NEED_NETDEV | \
  15001. NL80211_FLAG_MLO_VALID_LINK_ID) \
  15002. SELECTOR(__sel, NETDEV_NO_MLO, \
  15003. NL80211_FLAG_NEED_NETDEV | \
  15004. NL80211_FLAG_MLO_UNSUPPORTED) \
  15005. SELECTOR(__sel, WIPHY_RTNL, \
  15006. NL80211_FLAG_NEED_WIPHY | \
  15007. NL80211_FLAG_NEED_RTNL) \
  15008. SELECTOR(__sel, WIPHY_RTNL_NOMTX, \
  15009. NL80211_FLAG_NEED_WIPHY | \
  15010. NL80211_FLAG_NEED_RTNL | \
  15011. NL80211_FLAG_NO_WIPHY_MTX) \
  15012. SELECTOR(__sel, WDEV_RTNL, \
  15013. NL80211_FLAG_NEED_WDEV | \
  15014. NL80211_FLAG_NEED_RTNL) \
  15015. SELECTOR(__sel, NETDEV_RTNL, \
  15016. NL80211_FLAG_NEED_NETDEV | \
  15017. NL80211_FLAG_NEED_RTNL) \
  15018. SELECTOR(__sel, NETDEV_UP, \
  15019. NL80211_FLAG_NEED_NETDEV_UP) \
  15020. SELECTOR(__sel, NETDEV_UP_LINK, \
  15021. NL80211_FLAG_NEED_NETDEV_UP | \
  15022. NL80211_FLAG_MLO_VALID_LINK_ID) \
  15023. SELECTOR(__sel, NETDEV_UP_NO_MLO, \
  15024. NL80211_FLAG_NEED_NETDEV_UP | \
  15025. NL80211_FLAG_MLO_UNSUPPORTED) \
  15026. SELECTOR(__sel, NETDEV_UP_NO_MLO_CLEAR, \
  15027. NL80211_FLAG_NEED_NETDEV_UP | \
  15028. NL80211_FLAG_CLEAR_SKB | \
  15029. NL80211_FLAG_MLO_UNSUPPORTED) \
  15030. SELECTOR(__sel, NETDEV_UP_NOTMX, \
  15031. NL80211_FLAG_NEED_NETDEV_UP | \
  15032. NL80211_FLAG_NO_WIPHY_MTX) \
  15033. SELECTOR(__sel, NETDEV_UP_NOTMX_MLO, \
  15034. NL80211_FLAG_NEED_NETDEV_UP | \
  15035. NL80211_FLAG_NO_WIPHY_MTX | \
  15036. NL80211_FLAG_MLO_VALID_LINK_ID) \
  15037. SELECTOR(__sel, NETDEV_UP_CLEAR, \
  15038. NL80211_FLAG_NEED_NETDEV_UP | \
  15039. NL80211_FLAG_CLEAR_SKB) \
  15040. SELECTOR(__sel, WDEV_UP, \
  15041. NL80211_FLAG_NEED_WDEV_UP) \
  15042. SELECTOR(__sel, WDEV_UP_LINK, \
  15043. NL80211_FLAG_NEED_WDEV_UP | \
  15044. NL80211_FLAG_MLO_VALID_LINK_ID) \
  15045. SELECTOR(__sel, WDEV_UP_RTNL, \
  15046. NL80211_FLAG_NEED_WDEV_UP | \
  15047. NL80211_FLAG_NEED_RTNL) \
  15048. SELECTOR(__sel, WIPHY_CLEAR, \
  15049. NL80211_FLAG_NEED_WIPHY | \
  15050. NL80211_FLAG_CLEAR_SKB)
  15051. enum nl80211_internal_flags_selector {
  15052. #define SELECTOR(_, name, value) NL80211_IFL_SEL_##name,
  15053. INTERNAL_FLAG_SELECTORS(_)
  15054. #undef SELECTOR
  15055. };
  15056. static u32 nl80211_internal_flags[] = {
  15057. #define SELECTOR(_, name, value) [NL80211_IFL_SEL_##name] = value,
  15058. INTERNAL_FLAG_SELECTORS(_)
  15059. #undef SELECTOR
  15060. };
  15061. static int nl80211_pre_doit(const struct genl_split_ops *ops,
  15062. struct sk_buff *skb,
  15063. struct genl_info *info)
  15064. {
  15065. struct cfg80211_registered_device *rdev = NULL;
  15066. struct wireless_dev *wdev = NULL;
  15067. struct net_device *dev = NULL;
  15068. u32 internal_flags;
  15069. int err;
  15070. if (WARN_ON(ops->internal_flags >= ARRAY_SIZE(nl80211_internal_flags)))
  15071. return -EINVAL;
  15072. internal_flags = nl80211_internal_flags[ops->internal_flags];
  15073. rtnl_lock();
  15074. if (internal_flags & NL80211_FLAG_NEED_WIPHY) {
  15075. rdev = cfg80211_get_dev_from_info(genl_info_net(info), info);
  15076. if (IS_ERR(rdev)) {
  15077. err = PTR_ERR(rdev);
  15078. goto out_unlock;
  15079. }
  15080. info->user_ptr[0] = rdev;
  15081. } else if (internal_flags & NL80211_FLAG_NEED_NETDEV ||
  15082. internal_flags & NL80211_FLAG_NEED_WDEV) {
  15083. wdev = __cfg80211_wdev_from_attrs(NULL, genl_info_net(info),
  15084. info->attrs);
  15085. if (IS_ERR(wdev)) {
  15086. err = PTR_ERR(wdev);
  15087. goto out_unlock;
  15088. }
  15089. dev = wdev->netdev;
  15090. dev_hold(dev);
  15091. rdev = wiphy_to_rdev(wdev->wiphy);
  15092. if (internal_flags & NL80211_FLAG_NEED_NETDEV) {
  15093. if (!dev) {
  15094. err = -EINVAL;
  15095. goto out_unlock;
  15096. }
  15097. info->user_ptr[1] = dev;
  15098. } else {
  15099. info->user_ptr[1] = wdev;
  15100. }
  15101. if (internal_flags & NL80211_FLAG_CHECK_NETDEV_UP &&
  15102. !wdev_running(wdev)) {
  15103. err = -ENETDOWN;
  15104. goto out_unlock;
  15105. }
  15106. info->user_ptr[0] = rdev;
  15107. }
  15108. if (internal_flags & NL80211_FLAG_MLO_VALID_LINK_ID) {
  15109. struct nlattr *link_id = info->attrs[NL80211_ATTR_MLO_LINK_ID];
  15110. if (!wdev) {
  15111. err = -EINVAL;
  15112. goto out_unlock;
  15113. }
  15114. /* MLO -> require valid link ID */
  15115. if (wdev->valid_links &&
  15116. (!link_id ||
  15117. !(wdev->valid_links & BIT(nla_get_u8(link_id))))) {
  15118. err = -EINVAL;
  15119. goto out_unlock;
  15120. }
  15121. /* non-MLO -> no link ID attribute accepted */
  15122. if (!wdev->valid_links && link_id) {
  15123. err = -EINVAL;
  15124. goto out_unlock;
  15125. }
  15126. }
  15127. if (internal_flags & NL80211_FLAG_MLO_UNSUPPORTED) {
  15128. if (info->attrs[NL80211_ATTR_MLO_LINK_ID] ||
  15129. (wdev && wdev->valid_links)) {
  15130. err = -EINVAL;
  15131. goto out_unlock;
  15132. }
  15133. }
  15134. if (rdev && !(internal_flags & NL80211_FLAG_NO_WIPHY_MTX)) {
  15135. wiphy_lock(&rdev->wiphy);
  15136. /* we keep the mutex locked until post_doit */
  15137. __release(&rdev->wiphy.mtx);
  15138. }
  15139. if (!(internal_flags & NL80211_FLAG_NEED_RTNL))
  15140. rtnl_unlock();
  15141. return 0;
  15142. out_unlock:
  15143. rtnl_unlock();
  15144. dev_put(dev);
  15145. return err;
  15146. }
  15147. static void nl80211_post_doit(const struct genl_split_ops *ops,
  15148. struct sk_buff *skb,
  15149. struct genl_info *info)
  15150. {
  15151. u32 internal_flags = nl80211_internal_flags[ops->internal_flags];
  15152. if (info->user_ptr[1]) {
  15153. if (internal_flags & NL80211_FLAG_NEED_WDEV) {
  15154. struct wireless_dev *wdev = info->user_ptr[1];
  15155. dev_put(wdev->netdev);
  15156. } else {
  15157. dev_put(info->user_ptr[1]);
  15158. }
  15159. }
  15160. if (info->user_ptr[0] &&
  15161. !(internal_flags & NL80211_FLAG_NO_WIPHY_MTX)) {
  15162. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  15163. /* we kept the mutex locked since pre_doit */
  15164. __acquire(&rdev->wiphy.mtx);
  15165. wiphy_unlock(&rdev->wiphy);
  15166. }
  15167. if (internal_flags & NL80211_FLAG_NEED_RTNL)
  15168. rtnl_unlock();
  15169. /* If needed, clear the netlink message payload from the SKB
  15170. * as it might contain key data that shouldn't stick around on
  15171. * the heap after the SKB is freed. The netlink message header
  15172. * is still needed for further processing, so leave it intact.
  15173. */
  15174. if (internal_flags & NL80211_FLAG_CLEAR_SKB) {
  15175. struct nlmsghdr *nlh = nlmsg_hdr(skb);
  15176. memset(nlmsg_data(nlh), 0, nlmsg_len(nlh));
  15177. }
  15178. }
  15179. static int nl80211_set_sar_sub_specs(struct cfg80211_registered_device *rdev,
  15180. struct cfg80211_sar_specs *sar_specs,
  15181. struct nlattr *spec[], int index)
  15182. {
  15183. u32 range_index, i;
  15184. if (!sar_specs || !spec)
  15185. return -EINVAL;
  15186. if (!spec[NL80211_SAR_ATTR_SPECS_POWER] ||
  15187. !spec[NL80211_SAR_ATTR_SPECS_RANGE_INDEX])
  15188. return -EINVAL;
  15189. range_index = nla_get_u32(spec[NL80211_SAR_ATTR_SPECS_RANGE_INDEX]);
  15190. /* check if range_index exceeds num_freq_ranges */
  15191. if (range_index >= rdev->wiphy.sar_capa->num_freq_ranges)
  15192. return -EINVAL;
  15193. /* check if range_index duplicates */
  15194. for (i = 0; i < index; i++) {
  15195. if (sar_specs->sub_specs[i].freq_range_index == range_index)
  15196. return -EINVAL;
  15197. }
  15198. sar_specs->sub_specs[index].power =
  15199. nla_get_s32(spec[NL80211_SAR_ATTR_SPECS_POWER]);
  15200. sar_specs->sub_specs[index].freq_range_index = range_index;
  15201. return 0;
  15202. }
  15203. static int nl80211_set_sar_specs(struct sk_buff *skb, struct genl_info *info)
  15204. {
  15205. struct cfg80211_registered_device *rdev = info->user_ptr[0];
  15206. struct nlattr *spec[NL80211_SAR_ATTR_SPECS_MAX + 1];
  15207. struct nlattr *tb[NL80211_SAR_ATTR_MAX + 1];
  15208. struct cfg80211_sar_specs *sar_spec;
  15209. enum nl80211_sar_type type;
  15210. struct nlattr *spec_list;
  15211. u32 specs;
  15212. int rem, err;
  15213. if (!rdev->wiphy.sar_capa || !rdev->ops->set_sar_specs)
  15214. return -EOPNOTSUPP;
  15215. if (!info->attrs[NL80211_ATTR_SAR_SPEC])
  15216. return -EINVAL;
  15217. nla_parse_nested(tb, NL80211_SAR_ATTR_MAX,
  15218. info->attrs[NL80211_ATTR_SAR_SPEC],
  15219. NULL, NULL);
  15220. if (!tb[NL80211_SAR_ATTR_TYPE] || !tb[NL80211_SAR_ATTR_SPECS])
  15221. return -EINVAL;
  15222. type = nla_get_u32(tb[NL80211_SAR_ATTR_TYPE]);
  15223. if (type != rdev->wiphy.sar_capa->type)
  15224. return -EINVAL;
  15225. specs = 0;
  15226. nla_for_each_nested(spec_list, tb[NL80211_SAR_ATTR_SPECS], rem)
  15227. specs++;
  15228. if (specs > rdev->wiphy.sar_capa->num_freq_ranges)
  15229. return -EINVAL;
  15230. sar_spec = kzalloc_flex(*sar_spec, sub_specs, specs);
  15231. if (!sar_spec)
  15232. return -ENOMEM;
  15233. sar_spec->num_sub_specs = specs;
  15234. sar_spec->type = type;
  15235. specs = 0;
  15236. nla_for_each_nested(spec_list, tb[NL80211_SAR_ATTR_SPECS], rem) {
  15237. nla_parse_nested(spec, NL80211_SAR_ATTR_SPECS_MAX,
  15238. spec_list, NULL, NULL);
  15239. switch (type) {
  15240. case NL80211_SAR_TYPE_POWER:
  15241. if (nl80211_set_sar_sub_specs(rdev, sar_spec,
  15242. spec, specs)) {
  15243. err = -EINVAL;
  15244. goto error;
  15245. }
  15246. break;
  15247. default:
  15248. err = -EINVAL;
  15249. goto error;
  15250. }
  15251. specs++;
  15252. }
  15253. sar_spec->num_sub_specs = specs;
  15254. rdev->cur_cmd_info = info;
  15255. err = rdev_set_sar_specs(rdev, sar_spec);
  15256. rdev->cur_cmd_info = NULL;
  15257. error:
  15258. kfree(sar_spec);
  15259. return err;
  15260. }
  15261. #define SELECTOR(__sel, name, value) \
  15262. ((__sel) == (value)) ? NL80211_IFL_SEL_##name :
  15263. int __missing_selector(void);
  15264. #define IFLAGS(__val) INTERNAL_FLAG_SELECTORS(__val) __missing_selector()
  15265. static const struct genl_ops nl80211_ops[] = {
  15266. {
  15267. .cmd = NL80211_CMD_GET_WIPHY,
  15268. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15269. .doit = nl80211_get_wiphy,
  15270. .dumpit = nl80211_dump_wiphy,
  15271. .done = nl80211_dump_wiphy_done,
  15272. /* can be retrieved by unprivileged users */
  15273. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WIPHY),
  15274. },
  15275. };
  15276. static const struct genl_small_ops nl80211_small_ops[] = {
  15277. {
  15278. .cmd = NL80211_CMD_SET_WIPHY,
  15279. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15280. .doit = nl80211_set_wiphy,
  15281. .flags = GENL_UNS_ADMIN_PERM,
  15282. },
  15283. {
  15284. .cmd = NL80211_CMD_GET_INTERFACE,
  15285. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15286. .doit = nl80211_get_interface,
  15287. .dumpit = nl80211_dump_interface,
  15288. /* can be retrieved by unprivileged users */
  15289. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV),
  15290. },
  15291. {
  15292. .cmd = NL80211_CMD_SET_INTERFACE,
  15293. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15294. .doit = nl80211_set_interface,
  15295. .flags = GENL_UNS_ADMIN_PERM,
  15296. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV |
  15297. NL80211_FLAG_NEED_RTNL),
  15298. },
  15299. {
  15300. .cmd = NL80211_CMD_NEW_INTERFACE,
  15301. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15302. .doit = nl80211_new_interface,
  15303. .flags = GENL_UNS_ADMIN_PERM,
  15304. .internal_flags =
  15305. IFLAGS(NL80211_FLAG_NEED_WIPHY |
  15306. NL80211_FLAG_NEED_RTNL |
  15307. /* we take the wiphy mutex later ourselves */
  15308. NL80211_FLAG_NO_WIPHY_MTX),
  15309. },
  15310. {
  15311. .cmd = NL80211_CMD_DEL_INTERFACE,
  15312. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15313. .doit = nl80211_del_interface,
  15314. .flags = GENL_UNS_ADMIN_PERM,
  15315. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV |
  15316. NL80211_FLAG_NEED_RTNL),
  15317. },
  15318. {
  15319. .cmd = NL80211_CMD_GET_KEY,
  15320. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15321. .doit = nl80211_get_key,
  15322. .flags = GENL_UNS_ADMIN_PERM,
  15323. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15324. },
  15325. {
  15326. .cmd = NL80211_CMD_SET_KEY,
  15327. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15328. .doit = nl80211_set_key,
  15329. .flags = GENL_UNS_ADMIN_PERM,
  15330. /* cannot use NL80211_FLAG_MLO_VALID_LINK_ID, depends on key */
  15331. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
  15332. NL80211_FLAG_CLEAR_SKB),
  15333. },
  15334. {
  15335. .cmd = NL80211_CMD_NEW_KEY,
  15336. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15337. .doit = nl80211_new_key,
  15338. .flags = GENL_UNS_ADMIN_PERM,
  15339. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
  15340. NL80211_FLAG_CLEAR_SKB),
  15341. },
  15342. {
  15343. .cmd = NL80211_CMD_DEL_KEY,
  15344. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15345. .doit = nl80211_del_key,
  15346. .flags = GENL_UNS_ADMIN_PERM,
  15347. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15348. },
  15349. {
  15350. .cmd = NL80211_CMD_SET_BEACON,
  15351. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15352. .flags = GENL_UNS_ADMIN_PERM,
  15353. .doit = nl80211_set_beacon,
  15354. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
  15355. NL80211_FLAG_MLO_VALID_LINK_ID),
  15356. },
  15357. {
  15358. .cmd = NL80211_CMD_START_AP,
  15359. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15360. .flags = GENL_UNS_ADMIN_PERM,
  15361. .doit = nl80211_start_ap,
  15362. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
  15363. NL80211_FLAG_MLO_VALID_LINK_ID),
  15364. },
  15365. {
  15366. .cmd = NL80211_CMD_STOP_AP,
  15367. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15368. .flags = GENL_UNS_ADMIN_PERM,
  15369. .doit = nl80211_stop_ap,
  15370. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
  15371. NL80211_FLAG_MLO_VALID_LINK_ID),
  15372. },
  15373. {
  15374. .cmd = NL80211_CMD_GET_STATION,
  15375. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15376. .doit = nl80211_get_station,
  15377. .dumpit = nl80211_dump_station,
  15378. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV),
  15379. },
  15380. {
  15381. .cmd = NL80211_CMD_SET_STATION,
  15382. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15383. .doit = nl80211_set_station,
  15384. .flags = GENL_UNS_ADMIN_PERM,
  15385. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15386. },
  15387. {
  15388. .cmd = NL80211_CMD_NEW_STATION,
  15389. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15390. .doit = nl80211_new_station,
  15391. .flags = GENL_UNS_ADMIN_PERM,
  15392. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15393. },
  15394. {
  15395. .cmd = NL80211_CMD_DEL_STATION,
  15396. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15397. .doit = nl80211_del_station,
  15398. .flags = GENL_UNS_ADMIN_PERM,
  15399. /* cannot use NL80211_FLAG_MLO_VALID_LINK_ID, depends on
  15400. * whether MAC address is passed or not. If MAC address is
  15401. * passed, then even during MLO, link ID is not required.
  15402. */
  15403. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15404. },
  15405. {
  15406. .cmd = NL80211_CMD_GET_MPATH,
  15407. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15408. .doit = nl80211_get_mpath,
  15409. .dumpit = nl80211_dump_mpath,
  15410. .flags = GENL_UNS_ADMIN_PERM,
  15411. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15412. },
  15413. {
  15414. .cmd = NL80211_CMD_GET_MPP,
  15415. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15416. .doit = nl80211_get_mpp,
  15417. .dumpit = nl80211_dump_mpp,
  15418. .flags = GENL_UNS_ADMIN_PERM,
  15419. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15420. },
  15421. {
  15422. .cmd = NL80211_CMD_SET_MPATH,
  15423. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15424. .doit = nl80211_set_mpath,
  15425. .flags = GENL_UNS_ADMIN_PERM,
  15426. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15427. },
  15428. {
  15429. .cmd = NL80211_CMD_NEW_MPATH,
  15430. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15431. .doit = nl80211_new_mpath,
  15432. .flags = GENL_UNS_ADMIN_PERM,
  15433. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15434. },
  15435. {
  15436. .cmd = NL80211_CMD_DEL_MPATH,
  15437. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15438. .doit = nl80211_del_mpath,
  15439. .flags = GENL_UNS_ADMIN_PERM,
  15440. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15441. },
  15442. {
  15443. .cmd = NL80211_CMD_SET_BSS,
  15444. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15445. .doit = nl80211_set_bss,
  15446. .flags = GENL_UNS_ADMIN_PERM,
  15447. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
  15448. NL80211_FLAG_MLO_VALID_LINK_ID),
  15449. },
  15450. {
  15451. .cmd = NL80211_CMD_GET_REG,
  15452. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15453. .doit = nl80211_get_reg_do,
  15454. .dumpit = nl80211_get_reg_dump,
  15455. /* can be retrieved by unprivileged users */
  15456. },
  15457. #ifdef CONFIG_CFG80211_CRDA_SUPPORT
  15458. {
  15459. .cmd = NL80211_CMD_SET_REG,
  15460. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15461. .doit = nl80211_set_reg,
  15462. .flags = GENL_ADMIN_PERM,
  15463. },
  15464. #endif
  15465. {
  15466. .cmd = NL80211_CMD_REQ_SET_REG,
  15467. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15468. .doit = nl80211_req_set_reg,
  15469. .flags = GENL_ADMIN_PERM,
  15470. },
  15471. {
  15472. .cmd = NL80211_CMD_RELOAD_REGDB,
  15473. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15474. .doit = nl80211_reload_regdb,
  15475. .flags = GENL_ADMIN_PERM,
  15476. },
  15477. {
  15478. .cmd = NL80211_CMD_GET_MESH_CONFIG,
  15479. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15480. .doit = nl80211_get_mesh_config,
  15481. /* can be retrieved by unprivileged users */
  15482. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15483. },
  15484. {
  15485. .cmd = NL80211_CMD_SET_MESH_CONFIG,
  15486. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15487. .doit = nl80211_update_mesh_config,
  15488. .flags = GENL_UNS_ADMIN_PERM,
  15489. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15490. },
  15491. {
  15492. .cmd = NL80211_CMD_TRIGGER_SCAN,
  15493. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15494. .doit = nl80211_trigger_scan,
  15495. .flags = GENL_UNS_ADMIN_PERM,
  15496. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP),
  15497. },
  15498. {
  15499. .cmd = NL80211_CMD_ABORT_SCAN,
  15500. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15501. .doit = nl80211_abort_scan,
  15502. .flags = GENL_UNS_ADMIN_PERM,
  15503. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP),
  15504. },
  15505. {
  15506. .cmd = NL80211_CMD_GET_SCAN,
  15507. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15508. .dumpit = nl80211_dump_scan,
  15509. },
  15510. {
  15511. .cmd = NL80211_CMD_START_SCHED_SCAN,
  15512. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15513. .doit = nl80211_start_sched_scan,
  15514. .flags = GENL_UNS_ADMIN_PERM,
  15515. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15516. },
  15517. {
  15518. .cmd = NL80211_CMD_STOP_SCHED_SCAN,
  15519. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15520. .doit = nl80211_stop_sched_scan,
  15521. .flags = GENL_UNS_ADMIN_PERM,
  15522. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15523. },
  15524. {
  15525. .cmd = NL80211_CMD_AUTHENTICATE,
  15526. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15527. .doit = nl80211_authenticate,
  15528. .flags = GENL_UNS_ADMIN_PERM,
  15529. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
  15530. NL80211_FLAG_CLEAR_SKB),
  15531. },
  15532. {
  15533. .cmd = NL80211_CMD_ASSOCIATE,
  15534. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15535. .doit = nl80211_associate,
  15536. .flags = GENL_UNS_ADMIN_PERM,
  15537. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
  15538. NL80211_FLAG_CLEAR_SKB),
  15539. },
  15540. {
  15541. .cmd = NL80211_CMD_DEAUTHENTICATE,
  15542. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15543. .doit = nl80211_deauthenticate,
  15544. .flags = GENL_UNS_ADMIN_PERM,
  15545. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15546. },
  15547. {
  15548. .cmd = NL80211_CMD_DISASSOCIATE,
  15549. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15550. .doit = nl80211_disassociate,
  15551. .flags = GENL_UNS_ADMIN_PERM,
  15552. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15553. },
  15554. {
  15555. .cmd = NL80211_CMD_JOIN_IBSS,
  15556. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15557. .doit = nl80211_join_ibss,
  15558. .flags = GENL_UNS_ADMIN_PERM,
  15559. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15560. },
  15561. {
  15562. .cmd = NL80211_CMD_LEAVE_IBSS,
  15563. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15564. .doit = nl80211_leave_ibss,
  15565. .flags = GENL_UNS_ADMIN_PERM,
  15566. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15567. },
  15568. #ifdef CONFIG_NL80211_TESTMODE
  15569. {
  15570. .cmd = NL80211_CMD_TESTMODE,
  15571. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15572. .doit = nl80211_testmode_do,
  15573. .dumpit = nl80211_testmode_dump,
  15574. .flags = GENL_UNS_ADMIN_PERM,
  15575. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WIPHY),
  15576. },
  15577. #endif
  15578. {
  15579. .cmd = NL80211_CMD_CONNECT,
  15580. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15581. .doit = nl80211_connect,
  15582. .flags = GENL_UNS_ADMIN_PERM,
  15583. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
  15584. NL80211_FLAG_CLEAR_SKB),
  15585. },
  15586. {
  15587. .cmd = NL80211_CMD_UPDATE_CONNECT_PARAMS,
  15588. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15589. .doit = nl80211_update_connect_params,
  15590. .flags = GENL_ADMIN_PERM,
  15591. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
  15592. NL80211_FLAG_CLEAR_SKB),
  15593. },
  15594. {
  15595. .cmd = NL80211_CMD_DISCONNECT,
  15596. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15597. .doit = nl80211_disconnect,
  15598. .flags = GENL_UNS_ADMIN_PERM,
  15599. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15600. },
  15601. {
  15602. .cmd = NL80211_CMD_SET_WIPHY_NETNS,
  15603. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15604. .doit = nl80211_wiphy_netns,
  15605. .flags = GENL_UNS_ADMIN_PERM,
  15606. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WIPHY |
  15607. NL80211_FLAG_NEED_RTNL |
  15608. NL80211_FLAG_NO_WIPHY_MTX),
  15609. },
  15610. {
  15611. .cmd = NL80211_CMD_GET_SURVEY,
  15612. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15613. .dumpit = nl80211_dump_survey,
  15614. },
  15615. {
  15616. .cmd = NL80211_CMD_SET_PMKSA,
  15617. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15618. .doit = nl80211_set_pmksa,
  15619. .flags = GENL_UNS_ADMIN_PERM,
  15620. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
  15621. NL80211_FLAG_CLEAR_SKB),
  15622. },
  15623. {
  15624. .cmd = NL80211_CMD_DEL_PMKSA,
  15625. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15626. .doit = nl80211_del_pmksa,
  15627. .flags = GENL_UNS_ADMIN_PERM,
  15628. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15629. },
  15630. {
  15631. .cmd = NL80211_CMD_FLUSH_PMKSA,
  15632. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15633. .doit = nl80211_flush_pmksa,
  15634. .flags = GENL_UNS_ADMIN_PERM,
  15635. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15636. },
  15637. {
  15638. .cmd = NL80211_CMD_REMAIN_ON_CHANNEL,
  15639. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15640. .doit = nl80211_remain_on_channel,
  15641. .flags = GENL_UNS_ADMIN_PERM,
  15642. /* FIXME: requiring a link ID here is probably not good */
  15643. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP |
  15644. NL80211_FLAG_MLO_VALID_LINK_ID),
  15645. },
  15646. {
  15647. .cmd = NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL,
  15648. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15649. .doit = nl80211_cancel_remain_on_channel,
  15650. .flags = GENL_UNS_ADMIN_PERM,
  15651. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP),
  15652. },
  15653. {
  15654. .cmd = NL80211_CMD_SET_TX_BITRATE_MASK,
  15655. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15656. .doit = nl80211_set_tx_bitrate_mask,
  15657. .flags = GENL_UNS_ADMIN_PERM,
  15658. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV |
  15659. NL80211_FLAG_MLO_VALID_LINK_ID),
  15660. },
  15661. {
  15662. .cmd = NL80211_CMD_REGISTER_FRAME,
  15663. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15664. .doit = nl80211_register_mgmt,
  15665. .flags = GENL_UNS_ADMIN_PERM,
  15666. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV),
  15667. },
  15668. {
  15669. .cmd = NL80211_CMD_FRAME,
  15670. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15671. .doit = nl80211_tx_mgmt,
  15672. .flags = GENL_UNS_ADMIN_PERM,
  15673. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP),
  15674. },
  15675. {
  15676. .cmd = NL80211_CMD_FRAME_WAIT_CANCEL,
  15677. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15678. .doit = nl80211_tx_mgmt_cancel_wait,
  15679. .flags = GENL_UNS_ADMIN_PERM,
  15680. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP),
  15681. },
  15682. {
  15683. .cmd = NL80211_CMD_SET_POWER_SAVE,
  15684. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15685. .doit = nl80211_set_power_save,
  15686. .flags = GENL_UNS_ADMIN_PERM,
  15687. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV),
  15688. },
  15689. {
  15690. .cmd = NL80211_CMD_GET_POWER_SAVE,
  15691. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15692. .doit = nl80211_get_power_save,
  15693. /* can be retrieved by unprivileged users */
  15694. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV),
  15695. },
  15696. {
  15697. .cmd = NL80211_CMD_SET_CQM,
  15698. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15699. .doit = nl80211_set_cqm,
  15700. .flags = GENL_UNS_ADMIN_PERM,
  15701. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV),
  15702. },
  15703. {
  15704. .cmd = NL80211_CMD_SET_CHANNEL,
  15705. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15706. .doit = nl80211_set_channel,
  15707. .flags = GENL_UNS_ADMIN_PERM,
  15708. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV |
  15709. NL80211_FLAG_MLO_VALID_LINK_ID),
  15710. },
  15711. {
  15712. .cmd = NL80211_CMD_JOIN_MESH,
  15713. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15714. .doit = nl80211_join_mesh,
  15715. .flags = GENL_UNS_ADMIN_PERM,
  15716. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15717. },
  15718. {
  15719. .cmd = NL80211_CMD_LEAVE_MESH,
  15720. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15721. .doit = nl80211_leave_mesh,
  15722. .flags = GENL_UNS_ADMIN_PERM,
  15723. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15724. },
  15725. {
  15726. .cmd = NL80211_CMD_JOIN_OCB,
  15727. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15728. .doit = nl80211_join_ocb,
  15729. .flags = GENL_UNS_ADMIN_PERM,
  15730. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15731. },
  15732. {
  15733. .cmd = NL80211_CMD_LEAVE_OCB,
  15734. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15735. .doit = nl80211_leave_ocb,
  15736. .flags = GENL_UNS_ADMIN_PERM,
  15737. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15738. },
  15739. #ifdef CONFIG_PM
  15740. {
  15741. .cmd = NL80211_CMD_GET_WOWLAN,
  15742. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15743. .doit = nl80211_get_wowlan,
  15744. /* can be retrieved by unprivileged users */
  15745. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WIPHY),
  15746. },
  15747. {
  15748. .cmd = NL80211_CMD_SET_WOWLAN,
  15749. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15750. .doit = nl80211_set_wowlan,
  15751. .flags = GENL_UNS_ADMIN_PERM,
  15752. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WIPHY),
  15753. },
  15754. #endif
  15755. {
  15756. .cmd = NL80211_CMD_SET_REKEY_OFFLOAD,
  15757. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15758. .doit = nl80211_set_rekey_data,
  15759. .flags = GENL_UNS_ADMIN_PERM,
  15760. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
  15761. NL80211_FLAG_CLEAR_SKB),
  15762. },
  15763. {
  15764. .cmd = NL80211_CMD_TDLS_MGMT,
  15765. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15766. .doit = nl80211_tdls_mgmt,
  15767. .flags = GENL_UNS_ADMIN_PERM,
  15768. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
  15769. NL80211_FLAG_MLO_VALID_LINK_ID),
  15770. },
  15771. {
  15772. .cmd = NL80211_CMD_TDLS_OPER,
  15773. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15774. .doit = nl80211_tdls_oper,
  15775. .flags = GENL_UNS_ADMIN_PERM,
  15776. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15777. },
  15778. {
  15779. .cmd = NL80211_CMD_UNEXPECTED_FRAME,
  15780. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15781. .doit = nl80211_register_unexpected_frame,
  15782. .flags = GENL_UNS_ADMIN_PERM,
  15783. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV),
  15784. },
  15785. {
  15786. .cmd = NL80211_CMD_PROBE_CLIENT,
  15787. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15788. .doit = nl80211_probe_client,
  15789. .flags = GENL_UNS_ADMIN_PERM,
  15790. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15791. },
  15792. {
  15793. .cmd = NL80211_CMD_REGISTER_BEACONS,
  15794. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15795. .doit = nl80211_register_beacons,
  15796. .flags = GENL_UNS_ADMIN_PERM,
  15797. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WIPHY),
  15798. },
  15799. {
  15800. .cmd = NL80211_CMD_SET_NOACK_MAP,
  15801. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15802. .doit = nl80211_set_noack_map,
  15803. .flags = GENL_UNS_ADMIN_PERM,
  15804. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV),
  15805. },
  15806. {
  15807. .cmd = NL80211_CMD_START_P2P_DEVICE,
  15808. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15809. .doit = nl80211_start_p2p_device,
  15810. .flags = GENL_UNS_ADMIN_PERM,
  15811. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV |
  15812. NL80211_FLAG_NEED_RTNL),
  15813. },
  15814. {
  15815. .cmd = NL80211_CMD_STOP_P2P_DEVICE,
  15816. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15817. .doit = nl80211_stop_p2p_device,
  15818. .flags = GENL_UNS_ADMIN_PERM,
  15819. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP |
  15820. NL80211_FLAG_NEED_RTNL),
  15821. },
  15822. {
  15823. .cmd = NL80211_CMD_START_NAN,
  15824. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15825. .doit = nl80211_start_nan,
  15826. .flags = GENL_ADMIN_PERM,
  15827. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV |
  15828. NL80211_FLAG_NEED_RTNL),
  15829. },
  15830. {
  15831. .cmd = NL80211_CMD_STOP_NAN,
  15832. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15833. .doit = nl80211_stop_nan,
  15834. .flags = GENL_ADMIN_PERM,
  15835. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP |
  15836. NL80211_FLAG_NEED_RTNL),
  15837. },
  15838. {
  15839. .cmd = NL80211_CMD_ADD_NAN_FUNCTION,
  15840. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15841. .doit = nl80211_nan_add_func,
  15842. .flags = GENL_ADMIN_PERM,
  15843. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP),
  15844. },
  15845. {
  15846. .cmd = NL80211_CMD_DEL_NAN_FUNCTION,
  15847. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15848. .doit = nl80211_nan_del_func,
  15849. .flags = GENL_ADMIN_PERM,
  15850. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP),
  15851. },
  15852. {
  15853. .cmd = NL80211_CMD_CHANGE_NAN_CONFIG,
  15854. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15855. .doit = nl80211_nan_change_config,
  15856. .flags = GENL_ADMIN_PERM,
  15857. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP),
  15858. },
  15859. {
  15860. .cmd = NL80211_CMD_SET_MCAST_RATE,
  15861. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15862. .doit = nl80211_set_mcast_rate,
  15863. .flags = GENL_UNS_ADMIN_PERM,
  15864. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV),
  15865. },
  15866. {
  15867. .cmd = NL80211_CMD_SET_MAC_ACL,
  15868. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15869. .doit = nl80211_set_mac_acl,
  15870. .flags = GENL_UNS_ADMIN_PERM,
  15871. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV |
  15872. NL80211_FLAG_MLO_UNSUPPORTED),
  15873. },
  15874. {
  15875. .cmd = NL80211_CMD_RADAR_DETECT,
  15876. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15877. .doit = nl80211_start_radar_detection,
  15878. .flags = GENL_UNS_ADMIN_PERM,
  15879. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
  15880. NL80211_FLAG_NO_WIPHY_MTX |
  15881. NL80211_FLAG_MLO_VALID_LINK_ID),
  15882. },
  15883. {
  15884. .cmd = NL80211_CMD_GET_PROTOCOL_FEATURES,
  15885. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15886. .doit = nl80211_get_protocol_features,
  15887. },
  15888. {
  15889. .cmd = NL80211_CMD_UPDATE_FT_IES,
  15890. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15891. .doit = nl80211_update_ft_ies,
  15892. .flags = GENL_UNS_ADMIN_PERM,
  15893. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15894. },
  15895. {
  15896. .cmd = NL80211_CMD_CRIT_PROTOCOL_START,
  15897. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15898. .doit = nl80211_crit_protocol_start,
  15899. .flags = GENL_UNS_ADMIN_PERM,
  15900. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP),
  15901. },
  15902. {
  15903. .cmd = NL80211_CMD_CRIT_PROTOCOL_STOP,
  15904. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15905. .doit = nl80211_crit_protocol_stop,
  15906. .flags = GENL_UNS_ADMIN_PERM,
  15907. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP),
  15908. },
  15909. {
  15910. .cmd = NL80211_CMD_GET_COALESCE,
  15911. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15912. .doit = nl80211_get_coalesce,
  15913. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WIPHY),
  15914. },
  15915. {
  15916. .cmd = NL80211_CMD_SET_COALESCE,
  15917. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15918. .doit = nl80211_set_coalesce,
  15919. .flags = GENL_UNS_ADMIN_PERM,
  15920. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WIPHY),
  15921. },
  15922. {
  15923. .cmd = NL80211_CMD_CHANNEL_SWITCH,
  15924. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15925. .doit = nl80211_channel_switch,
  15926. .flags = GENL_UNS_ADMIN_PERM,
  15927. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
  15928. NL80211_FLAG_MLO_VALID_LINK_ID),
  15929. },
  15930. {
  15931. .cmd = NL80211_CMD_VENDOR,
  15932. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15933. .doit = nl80211_vendor_cmd,
  15934. .dumpit = nl80211_vendor_cmd_dump,
  15935. .flags = GENL_UNS_ADMIN_PERM,
  15936. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WIPHY |
  15937. NL80211_FLAG_CLEAR_SKB),
  15938. },
  15939. {
  15940. .cmd = NL80211_CMD_SET_QOS_MAP,
  15941. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15942. .doit = nl80211_set_qos_map,
  15943. .flags = GENL_UNS_ADMIN_PERM,
  15944. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15945. },
  15946. {
  15947. .cmd = NL80211_CMD_ADD_TX_TS,
  15948. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15949. .doit = nl80211_add_tx_ts,
  15950. .flags = GENL_UNS_ADMIN_PERM,
  15951. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
  15952. NL80211_FLAG_MLO_UNSUPPORTED),
  15953. },
  15954. {
  15955. .cmd = NL80211_CMD_DEL_TX_TS,
  15956. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15957. .doit = nl80211_del_tx_ts,
  15958. .flags = GENL_UNS_ADMIN_PERM,
  15959. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15960. },
  15961. {
  15962. .cmd = NL80211_CMD_TDLS_CHANNEL_SWITCH,
  15963. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15964. .doit = nl80211_tdls_channel_switch,
  15965. .flags = GENL_UNS_ADMIN_PERM,
  15966. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15967. },
  15968. {
  15969. .cmd = NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH,
  15970. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15971. .doit = nl80211_tdls_cancel_channel_switch,
  15972. .flags = GENL_UNS_ADMIN_PERM,
  15973. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15974. },
  15975. {
  15976. .cmd = NL80211_CMD_SET_MULTICAST_TO_UNICAST,
  15977. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15978. .doit = nl80211_set_multicast_to_unicast,
  15979. .flags = GENL_UNS_ADMIN_PERM,
  15980. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV),
  15981. },
  15982. {
  15983. .cmd = NL80211_CMD_SET_PMK,
  15984. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15985. .doit = nl80211_set_pmk,
  15986. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
  15987. NL80211_FLAG_CLEAR_SKB),
  15988. },
  15989. {
  15990. .cmd = NL80211_CMD_DEL_PMK,
  15991. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15992. .doit = nl80211_del_pmk,
  15993. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  15994. },
  15995. {
  15996. .cmd = NL80211_CMD_EXTERNAL_AUTH,
  15997. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  15998. .doit = nl80211_external_auth,
  15999. .flags = GENL_ADMIN_PERM,
  16000. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  16001. },
  16002. {
  16003. .cmd = NL80211_CMD_CONTROL_PORT_FRAME,
  16004. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  16005. .doit = nl80211_tx_control_port,
  16006. .flags = GENL_UNS_ADMIN_PERM,
  16007. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  16008. },
  16009. {
  16010. .cmd = NL80211_CMD_GET_FTM_RESPONDER_STATS,
  16011. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  16012. .doit = nl80211_get_ftm_responder_stats,
  16013. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV |
  16014. NL80211_FLAG_MLO_VALID_LINK_ID),
  16015. },
  16016. {
  16017. .cmd = NL80211_CMD_PEER_MEASUREMENT_START,
  16018. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  16019. .doit = nl80211_pmsr_start,
  16020. .flags = GENL_UNS_ADMIN_PERM,
  16021. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP),
  16022. },
  16023. {
  16024. .cmd = NL80211_CMD_NOTIFY_RADAR,
  16025. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  16026. .doit = nl80211_notify_radar_detection,
  16027. .flags = GENL_UNS_ADMIN_PERM,
  16028. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  16029. },
  16030. {
  16031. .cmd = NL80211_CMD_UPDATE_OWE_INFO,
  16032. .doit = nl80211_update_owe_info,
  16033. .flags = GENL_ADMIN_PERM,
  16034. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  16035. },
  16036. {
  16037. .cmd = NL80211_CMD_PROBE_MESH_LINK,
  16038. .doit = nl80211_probe_mesh_link,
  16039. .flags = GENL_UNS_ADMIN_PERM,
  16040. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  16041. },
  16042. {
  16043. .cmd = NL80211_CMD_SET_TID_CONFIG,
  16044. .doit = nl80211_set_tid_config,
  16045. .flags = GENL_UNS_ADMIN_PERM,
  16046. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV |
  16047. NL80211_FLAG_MLO_VALID_LINK_ID),
  16048. },
  16049. {
  16050. .cmd = NL80211_CMD_SET_SAR_SPECS,
  16051. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  16052. .doit = nl80211_set_sar_specs,
  16053. .flags = GENL_UNS_ADMIN_PERM,
  16054. .internal_flags = IFLAGS(NL80211_FLAG_NEED_WIPHY |
  16055. NL80211_FLAG_NEED_RTNL),
  16056. },
  16057. {
  16058. .cmd = NL80211_CMD_COLOR_CHANGE_REQUEST,
  16059. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  16060. .doit = nl80211_color_change,
  16061. .flags = GENL_UNS_ADMIN_PERM,
  16062. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
  16063. NL80211_FLAG_MLO_VALID_LINK_ID),
  16064. },
  16065. {
  16066. .cmd = NL80211_CMD_SET_FILS_AAD,
  16067. .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
  16068. .doit = nl80211_set_fils_aad,
  16069. .flags = GENL_UNS_ADMIN_PERM,
  16070. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  16071. },
  16072. {
  16073. .cmd = NL80211_CMD_ADD_LINK,
  16074. .doit = nl80211_add_link,
  16075. .flags = GENL_UNS_ADMIN_PERM,
  16076. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  16077. },
  16078. {
  16079. .cmd = NL80211_CMD_REMOVE_LINK,
  16080. .doit = nl80211_remove_link,
  16081. .flags = GENL_UNS_ADMIN_PERM,
  16082. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
  16083. NL80211_FLAG_MLO_VALID_LINK_ID),
  16084. },
  16085. {
  16086. .cmd = NL80211_CMD_ADD_LINK_STA,
  16087. .doit = nl80211_add_link_station,
  16088. .flags = GENL_UNS_ADMIN_PERM,
  16089. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
  16090. NL80211_FLAG_MLO_VALID_LINK_ID),
  16091. },
  16092. {
  16093. .cmd = NL80211_CMD_MODIFY_LINK_STA,
  16094. .doit = nl80211_modify_link_station,
  16095. .flags = GENL_UNS_ADMIN_PERM,
  16096. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
  16097. NL80211_FLAG_MLO_VALID_LINK_ID),
  16098. },
  16099. {
  16100. .cmd = NL80211_CMD_REMOVE_LINK_STA,
  16101. .doit = nl80211_remove_link_station,
  16102. .flags = GENL_UNS_ADMIN_PERM,
  16103. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
  16104. NL80211_FLAG_MLO_VALID_LINK_ID),
  16105. },
  16106. {
  16107. .cmd = NL80211_CMD_SET_HW_TIMESTAMP,
  16108. .doit = nl80211_set_hw_timestamp,
  16109. .flags = GENL_UNS_ADMIN_PERM,
  16110. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  16111. },
  16112. {
  16113. .cmd = NL80211_CMD_SET_TID_TO_LINK_MAPPING,
  16114. .doit = nl80211_set_ttlm,
  16115. .flags = GENL_UNS_ADMIN_PERM,
  16116. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  16117. },
  16118. {
  16119. .cmd = NL80211_CMD_ASSOC_MLO_RECONF,
  16120. .doit = nl80211_assoc_ml_reconf,
  16121. .flags = GENL_UNS_ADMIN_PERM,
  16122. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  16123. },
  16124. {
  16125. .cmd = NL80211_CMD_EPCS_CFG,
  16126. .doit = nl80211_epcs_cfg,
  16127. .flags = GENL_UNS_ADMIN_PERM,
  16128. .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
  16129. },
  16130. };
  16131. static struct genl_family nl80211_fam __ro_after_init = {
  16132. .name = NL80211_GENL_NAME, /* have users key off the name instead */
  16133. .hdrsize = 0, /* no private header */
  16134. .version = 1, /* no particular meaning now */
  16135. .maxattr = NL80211_ATTR_MAX,
  16136. .policy = nl80211_policy,
  16137. .netnsok = true,
  16138. .pre_doit = nl80211_pre_doit,
  16139. .post_doit = nl80211_post_doit,
  16140. .module = THIS_MODULE,
  16141. .ops = nl80211_ops,
  16142. .n_ops = ARRAY_SIZE(nl80211_ops),
  16143. .small_ops = nl80211_small_ops,
  16144. .n_small_ops = ARRAY_SIZE(nl80211_small_ops),
  16145. .resv_start_op = NL80211_CMD_REMOVE_LINK_STA + 1,
  16146. .mcgrps = nl80211_mcgrps,
  16147. .n_mcgrps = ARRAY_SIZE(nl80211_mcgrps),
  16148. .parallel_ops = true,
  16149. };
  16150. /* notification functions */
  16151. void nl80211_notify_wiphy(struct cfg80211_registered_device *rdev,
  16152. enum nl80211_commands cmd)
  16153. {
  16154. struct sk_buff *msg;
  16155. struct nl80211_dump_wiphy_state state = {};
  16156. WARN_ON(cmd != NL80211_CMD_NEW_WIPHY &&
  16157. cmd != NL80211_CMD_DEL_WIPHY);
  16158. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  16159. if (!msg)
  16160. return;
  16161. if (nl80211_send_wiphy(rdev, cmd, msg, 0, 0, 0, &state) < 0) {
  16162. nlmsg_free(msg);
  16163. return;
  16164. }
  16165. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  16166. NL80211_MCGRP_CONFIG, GFP_KERNEL);
  16167. }
  16168. void nl80211_notify_iface(struct cfg80211_registered_device *rdev,
  16169. struct wireless_dev *wdev,
  16170. enum nl80211_commands cmd)
  16171. {
  16172. struct sk_buff *msg;
  16173. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  16174. if (!msg)
  16175. return;
  16176. if (nl80211_send_iface(msg, 0, 0, 0, rdev, wdev, cmd) < 0) {
  16177. nlmsg_free(msg);
  16178. return;
  16179. }
  16180. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  16181. NL80211_MCGRP_CONFIG, GFP_KERNEL);
  16182. }
  16183. static int nl80211_add_scan_req(struct sk_buff *msg,
  16184. struct cfg80211_registered_device *rdev)
  16185. {
  16186. struct cfg80211_scan_request_int *req = rdev->scan_req;
  16187. struct nlattr *nest;
  16188. int i;
  16189. struct cfg80211_scan_info *info;
  16190. if (WARN_ON(!req))
  16191. return 0;
  16192. nest = nla_nest_start_noflag(msg, NL80211_ATTR_SCAN_SSIDS);
  16193. if (!nest)
  16194. goto nla_put_failure;
  16195. for (i = 0; i < req->req.n_ssids; i++) {
  16196. if (nla_put(msg, i, req->req.ssids[i].ssid_len,
  16197. req->req.ssids[i].ssid))
  16198. goto nla_put_failure;
  16199. }
  16200. nla_nest_end(msg, nest);
  16201. if (req->req.flags & NL80211_SCAN_FLAG_FREQ_KHZ) {
  16202. nest = nla_nest_start(msg, NL80211_ATTR_SCAN_FREQ_KHZ);
  16203. if (!nest)
  16204. goto nla_put_failure;
  16205. for (i = 0; i < req->req.n_channels; i++) {
  16206. if (nla_put_u32(msg, i,
  16207. ieee80211_channel_to_khz(req->req.channels[i])))
  16208. goto nla_put_failure;
  16209. }
  16210. nla_nest_end(msg, nest);
  16211. } else {
  16212. nest = nla_nest_start_noflag(msg,
  16213. NL80211_ATTR_SCAN_FREQUENCIES);
  16214. if (!nest)
  16215. goto nla_put_failure;
  16216. for (i = 0; i < req->req.n_channels; i++) {
  16217. if (nla_put_u32(msg, i,
  16218. req->req.channels[i]->center_freq))
  16219. goto nla_put_failure;
  16220. }
  16221. nla_nest_end(msg, nest);
  16222. }
  16223. if (req->req.ie &&
  16224. nla_put(msg, NL80211_ATTR_IE, req->req.ie_len, req->req.ie))
  16225. goto nla_put_failure;
  16226. if (req->req.flags &&
  16227. nla_put_u32(msg, NL80211_ATTR_SCAN_FLAGS, req->req.flags))
  16228. goto nla_put_failure;
  16229. info = rdev->int_scan_req ? &rdev->int_scan_req->info :
  16230. &rdev->scan_req->info;
  16231. if (info->scan_start_tsf &&
  16232. (nla_put_u64_64bit(msg, NL80211_ATTR_SCAN_START_TIME_TSF,
  16233. info->scan_start_tsf, NL80211_BSS_PAD) ||
  16234. nla_put(msg, NL80211_ATTR_SCAN_START_TIME_TSF_BSSID, ETH_ALEN,
  16235. info->tsf_bssid)))
  16236. goto nla_put_failure;
  16237. return 0;
  16238. nla_put_failure:
  16239. return -ENOBUFS;
  16240. }
  16241. static int nl80211_prep_scan_msg(struct sk_buff *msg,
  16242. struct cfg80211_registered_device *rdev,
  16243. struct wireless_dev *wdev,
  16244. u32 portid, u32 seq, int flags,
  16245. u32 cmd)
  16246. {
  16247. void *hdr;
  16248. hdr = nl80211hdr_put(msg, portid, seq, flags, cmd);
  16249. if (!hdr)
  16250. return -1;
  16251. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  16252. (wdev->netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
  16253. wdev->netdev->ifindex)) ||
  16254. nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
  16255. NL80211_ATTR_PAD))
  16256. goto nla_put_failure;
  16257. /* ignore errors and send incomplete event anyway */
  16258. nl80211_add_scan_req(msg, rdev);
  16259. genlmsg_end(msg, hdr);
  16260. return 0;
  16261. nla_put_failure:
  16262. genlmsg_cancel(msg, hdr);
  16263. return -EMSGSIZE;
  16264. }
  16265. static int
  16266. nl80211_prep_sched_scan_msg(struct sk_buff *msg,
  16267. struct cfg80211_sched_scan_request *req, u32 cmd)
  16268. {
  16269. void *hdr;
  16270. hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
  16271. if (!hdr)
  16272. return -1;
  16273. if (nla_put_u32(msg, NL80211_ATTR_WIPHY,
  16274. wiphy_to_rdev(req->wiphy)->wiphy_idx) ||
  16275. nla_put_u32(msg, NL80211_ATTR_IFINDEX, req->dev->ifindex) ||
  16276. nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, req->reqid,
  16277. NL80211_ATTR_PAD))
  16278. goto nla_put_failure;
  16279. genlmsg_end(msg, hdr);
  16280. return 0;
  16281. nla_put_failure:
  16282. genlmsg_cancel(msg, hdr);
  16283. return -EMSGSIZE;
  16284. }
  16285. void nl80211_send_scan_start(struct cfg80211_registered_device *rdev,
  16286. struct wireless_dev *wdev)
  16287. {
  16288. struct sk_buff *msg;
  16289. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  16290. if (!msg)
  16291. return;
  16292. if (nl80211_prep_scan_msg(msg, rdev, wdev, 0, 0, 0,
  16293. NL80211_CMD_TRIGGER_SCAN) < 0) {
  16294. nlmsg_free(msg);
  16295. return;
  16296. }
  16297. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  16298. NL80211_MCGRP_SCAN, GFP_KERNEL);
  16299. }
  16300. struct sk_buff *nl80211_build_scan_msg(struct cfg80211_registered_device *rdev,
  16301. struct wireless_dev *wdev, bool aborted)
  16302. {
  16303. struct sk_buff *msg;
  16304. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  16305. if (!msg)
  16306. return NULL;
  16307. if (nl80211_prep_scan_msg(msg, rdev, wdev, 0, 0, 0,
  16308. aborted ? NL80211_CMD_SCAN_ABORTED :
  16309. NL80211_CMD_NEW_SCAN_RESULTS) < 0) {
  16310. nlmsg_free(msg);
  16311. return NULL;
  16312. }
  16313. return msg;
  16314. }
  16315. /* send message created by nl80211_build_scan_msg() */
  16316. void nl80211_send_scan_msg(struct cfg80211_registered_device *rdev,
  16317. struct sk_buff *msg)
  16318. {
  16319. if (!msg)
  16320. return;
  16321. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  16322. NL80211_MCGRP_SCAN, GFP_KERNEL);
  16323. }
  16324. void nl80211_send_sched_scan(struct cfg80211_sched_scan_request *req, u32 cmd)
  16325. {
  16326. struct sk_buff *msg;
  16327. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  16328. if (!msg)
  16329. return;
  16330. if (nl80211_prep_sched_scan_msg(msg, req, cmd) < 0) {
  16331. nlmsg_free(msg);
  16332. return;
  16333. }
  16334. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(req->wiphy), msg, 0,
  16335. NL80211_MCGRP_SCAN, GFP_KERNEL);
  16336. }
  16337. static bool nl80211_reg_change_event_fill(struct sk_buff *msg,
  16338. struct regulatory_request *request)
  16339. {
  16340. /* Userspace can always count this one always being set */
  16341. if (nla_put_u8(msg, NL80211_ATTR_REG_INITIATOR, request->initiator))
  16342. goto nla_put_failure;
  16343. if (request->alpha2[0] == '0' && request->alpha2[1] == '0') {
  16344. if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE,
  16345. NL80211_REGDOM_TYPE_WORLD))
  16346. goto nla_put_failure;
  16347. } else if (request->alpha2[0] == '9' && request->alpha2[1] == '9') {
  16348. if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE,
  16349. NL80211_REGDOM_TYPE_CUSTOM_WORLD))
  16350. goto nla_put_failure;
  16351. } else if ((request->alpha2[0] == '9' && request->alpha2[1] == '8') ||
  16352. request->intersect) {
  16353. if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE,
  16354. NL80211_REGDOM_TYPE_INTERSECTION))
  16355. goto nla_put_failure;
  16356. } else {
  16357. if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE,
  16358. NL80211_REGDOM_TYPE_COUNTRY) ||
  16359. nla_put_string(msg, NL80211_ATTR_REG_ALPHA2,
  16360. request->alpha2))
  16361. goto nla_put_failure;
  16362. }
  16363. if (request->wiphy_idx != WIPHY_IDX_INVALID) {
  16364. struct wiphy *wiphy = wiphy_idx_to_wiphy(request->wiphy_idx);
  16365. if (wiphy &&
  16366. nla_put_u32(msg, NL80211_ATTR_WIPHY, request->wiphy_idx))
  16367. goto nla_put_failure;
  16368. if (wiphy &&
  16369. wiphy->regulatory_flags & REGULATORY_WIPHY_SELF_MANAGED &&
  16370. nla_put_flag(msg, NL80211_ATTR_WIPHY_SELF_MANAGED_REG))
  16371. goto nla_put_failure;
  16372. }
  16373. return true;
  16374. nla_put_failure:
  16375. return false;
  16376. }
  16377. /*
  16378. * This can happen on global regulatory changes or device specific settings
  16379. * based on custom regulatory domains.
  16380. */
  16381. void nl80211_common_reg_change_event(enum nl80211_commands cmd_id,
  16382. struct regulatory_request *request)
  16383. {
  16384. struct sk_buff *msg;
  16385. void *hdr;
  16386. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  16387. if (!msg)
  16388. return;
  16389. hdr = nl80211hdr_put(msg, 0, 0, 0, cmd_id);
  16390. if (!hdr)
  16391. goto nla_put_failure;
  16392. if (!nl80211_reg_change_event_fill(msg, request))
  16393. goto nla_put_failure;
  16394. genlmsg_end(msg, hdr);
  16395. genlmsg_multicast_allns(&nl80211_fam, msg, 0,
  16396. NL80211_MCGRP_REGULATORY);
  16397. return;
  16398. nla_put_failure:
  16399. nlmsg_free(msg);
  16400. }
  16401. struct nl80211_mlme_event {
  16402. enum nl80211_commands cmd;
  16403. const u8 *buf;
  16404. size_t buf_len;
  16405. int uapsd_queues;
  16406. const u8 *req_ies;
  16407. size_t req_ies_len;
  16408. bool reconnect;
  16409. };
  16410. static void nl80211_send_mlme_event(struct cfg80211_registered_device *rdev,
  16411. struct net_device *netdev,
  16412. const struct nl80211_mlme_event *event,
  16413. gfp_t gfp)
  16414. {
  16415. struct sk_buff *msg;
  16416. void *hdr;
  16417. msg = nlmsg_new(100 + event->buf_len + event->req_ies_len, gfp);
  16418. if (!msg)
  16419. return;
  16420. hdr = nl80211hdr_put(msg, 0, 0, 0, event->cmd);
  16421. if (!hdr) {
  16422. nlmsg_free(msg);
  16423. return;
  16424. }
  16425. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  16426. nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
  16427. nla_put(msg, NL80211_ATTR_FRAME, event->buf_len, event->buf) ||
  16428. (event->req_ies &&
  16429. nla_put(msg, NL80211_ATTR_REQ_IE, event->req_ies_len,
  16430. event->req_ies)))
  16431. goto nla_put_failure;
  16432. if (event->reconnect &&
  16433. nla_put_flag(msg, NL80211_ATTR_RECONNECT_REQUESTED))
  16434. goto nla_put_failure;
  16435. if (event->uapsd_queues >= 0) {
  16436. struct nlattr *nla_wmm =
  16437. nla_nest_start_noflag(msg, NL80211_ATTR_STA_WME);
  16438. if (!nla_wmm)
  16439. goto nla_put_failure;
  16440. if (nla_put_u8(msg, NL80211_STA_WME_UAPSD_QUEUES,
  16441. event->uapsd_queues))
  16442. goto nla_put_failure;
  16443. nla_nest_end(msg, nla_wmm);
  16444. }
  16445. genlmsg_end(msg, hdr);
  16446. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  16447. NL80211_MCGRP_MLME, gfp);
  16448. return;
  16449. nla_put_failure:
  16450. nlmsg_free(msg);
  16451. }
  16452. void nl80211_send_rx_auth(struct cfg80211_registered_device *rdev,
  16453. struct net_device *netdev, const u8 *buf,
  16454. size_t len, gfp_t gfp)
  16455. {
  16456. struct nl80211_mlme_event event = {
  16457. .cmd = NL80211_CMD_AUTHENTICATE,
  16458. .buf = buf,
  16459. .buf_len = len,
  16460. .uapsd_queues = -1,
  16461. };
  16462. nl80211_send_mlme_event(rdev, netdev, &event, gfp);
  16463. }
  16464. void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev,
  16465. struct net_device *netdev,
  16466. const struct cfg80211_rx_assoc_resp_data *data)
  16467. {
  16468. struct nl80211_mlme_event event = {
  16469. .cmd = NL80211_CMD_ASSOCIATE,
  16470. .buf = data->buf,
  16471. .buf_len = data->len,
  16472. .uapsd_queues = data->uapsd_queues,
  16473. .req_ies = data->req_ies,
  16474. .req_ies_len = data->req_ies_len,
  16475. };
  16476. nl80211_send_mlme_event(rdev, netdev, &event, GFP_KERNEL);
  16477. }
  16478. void nl80211_send_deauth(struct cfg80211_registered_device *rdev,
  16479. struct net_device *netdev, const u8 *buf,
  16480. size_t len, bool reconnect, gfp_t gfp)
  16481. {
  16482. struct nl80211_mlme_event event = {
  16483. .cmd = NL80211_CMD_DEAUTHENTICATE,
  16484. .buf = buf,
  16485. .buf_len = len,
  16486. .reconnect = reconnect,
  16487. .uapsd_queues = -1,
  16488. };
  16489. nl80211_send_mlme_event(rdev, netdev, &event, gfp);
  16490. }
  16491. void nl80211_send_disassoc(struct cfg80211_registered_device *rdev,
  16492. struct net_device *netdev, const u8 *buf,
  16493. size_t len, bool reconnect, gfp_t gfp)
  16494. {
  16495. struct nl80211_mlme_event event = {
  16496. .cmd = NL80211_CMD_DISASSOCIATE,
  16497. .buf = buf,
  16498. .buf_len = len,
  16499. .reconnect = reconnect,
  16500. .uapsd_queues = -1,
  16501. };
  16502. nl80211_send_mlme_event(rdev, netdev, &event, gfp);
  16503. }
  16504. void cfg80211_rx_unprot_mlme_mgmt(struct net_device *dev, const u8 *buf,
  16505. size_t len)
  16506. {
  16507. struct wireless_dev *wdev = dev->ieee80211_ptr;
  16508. struct wiphy *wiphy = wdev->wiphy;
  16509. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  16510. const struct ieee80211_mgmt *mgmt = (void *)buf;
  16511. struct nl80211_mlme_event event = {
  16512. .buf = buf,
  16513. .buf_len = len,
  16514. .uapsd_queues = -1,
  16515. };
  16516. if (WARN_ON(len < 2))
  16517. return;
  16518. if (ieee80211_is_deauth(mgmt->frame_control)) {
  16519. event.cmd = NL80211_CMD_UNPROT_DEAUTHENTICATE;
  16520. } else if (ieee80211_is_disassoc(mgmt->frame_control)) {
  16521. event.cmd = NL80211_CMD_UNPROT_DISASSOCIATE;
  16522. } else if (ieee80211_is_beacon(mgmt->frame_control)) {
  16523. if (wdev->unprot_beacon_reported &&
  16524. elapsed_jiffies_msecs(wdev->unprot_beacon_reported) < 10000)
  16525. return;
  16526. event.cmd = NL80211_CMD_UNPROT_BEACON;
  16527. wdev->unprot_beacon_reported = jiffies;
  16528. } else {
  16529. return;
  16530. }
  16531. trace_cfg80211_rx_unprot_mlme_mgmt(dev, buf, len);
  16532. nl80211_send_mlme_event(rdev, dev, &event, GFP_ATOMIC);
  16533. }
  16534. EXPORT_SYMBOL(cfg80211_rx_unprot_mlme_mgmt);
  16535. static void nl80211_send_mlme_timeout(struct cfg80211_registered_device *rdev,
  16536. struct net_device *netdev, int cmd,
  16537. const u8 *addr, gfp_t gfp)
  16538. {
  16539. struct sk_buff *msg;
  16540. void *hdr;
  16541. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
  16542. if (!msg)
  16543. return;
  16544. hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
  16545. if (!hdr) {
  16546. nlmsg_free(msg);
  16547. return;
  16548. }
  16549. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  16550. nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
  16551. nla_put_flag(msg, NL80211_ATTR_TIMED_OUT) ||
  16552. nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr))
  16553. goto nla_put_failure;
  16554. genlmsg_end(msg, hdr);
  16555. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  16556. NL80211_MCGRP_MLME, gfp);
  16557. return;
  16558. nla_put_failure:
  16559. nlmsg_free(msg);
  16560. }
  16561. void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev,
  16562. struct net_device *netdev, const u8 *addr,
  16563. gfp_t gfp)
  16564. {
  16565. nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_AUTHENTICATE,
  16566. addr, gfp);
  16567. }
  16568. void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev,
  16569. struct net_device *netdev, const u8 *addr,
  16570. gfp_t gfp)
  16571. {
  16572. nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_ASSOCIATE,
  16573. addr, gfp);
  16574. }
  16575. void nl80211_send_connect_result(struct cfg80211_registered_device *rdev,
  16576. struct net_device *netdev,
  16577. struct cfg80211_connect_resp_params *cr,
  16578. gfp_t gfp)
  16579. {
  16580. struct sk_buff *msg;
  16581. void *hdr;
  16582. unsigned int link;
  16583. size_t link_info_size = 0;
  16584. const u8 *connected_addr = cr->valid_links ?
  16585. cr->ap_mld_addr : cr->links[0].bssid;
  16586. if (cr->valid_links) {
  16587. for_each_valid_link(cr, link) {
  16588. /* Nested attribute header */
  16589. link_info_size += NLA_HDRLEN;
  16590. /* Link ID */
  16591. link_info_size += nla_total_size(sizeof(u8));
  16592. link_info_size += cr->links[link].addr ?
  16593. nla_total_size(ETH_ALEN) : 0;
  16594. link_info_size += (cr->links[link].bssid ||
  16595. cr->links[link].bss) ?
  16596. nla_total_size(ETH_ALEN) : 0;
  16597. link_info_size += nla_total_size(sizeof(u16));
  16598. }
  16599. }
  16600. msg = nlmsg_new(100 + cr->req_ie_len + cr->resp_ie_len +
  16601. cr->fils.kek_len + cr->fils.pmk_len +
  16602. (cr->fils.pmkid ? WLAN_PMKID_LEN : 0) + link_info_size,
  16603. gfp);
  16604. if (!msg)
  16605. return;
  16606. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONNECT);
  16607. if (!hdr) {
  16608. nlmsg_free(msg);
  16609. return;
  16610. }
  16611. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  16612. nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
  16613. (connected_addr &&
  16614. nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, connected_addr)) ||
  16615. nla_put_u16(msg, NL80211_ATTR_STATUS_CODE,
  16616. cr->status < 0 ? WLAN_STATUS_UNSPECIFIED_FAILURE :
  16617. cr->status) ||
  16618. (cr->status < 0 &&
  16619. (nla_put_flag(msg, NL80211_ATTR_TIMED_OUT) ||
  16620. nla_put_u32(msg, NL80211_ATTR_TIMEOUT_REASON,
  16621. cr->timeout_reason))) ||
  16622. (cr->req_ie &&
  16623. nla_put(msg, NL80211_ATTR_REQ_IE, cr->req_ie_len, cr->req_ie)) ||
  16624. (cr->resp_ie &&
  16625. nla_put(msg, NL80211_ATTR_RESP_IE, cr->resp_ie_len,
  16626. cr->resp_ie)) ||
  16627. (cr->fils.update_erp_next_seq_num &&
  16628. nla_put_u16(msg, NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM,
  16629. cr->fils.erp_next_seq_num)) ||
  16630. (cr->status == WLAN_STATUS_SUCCESS &&
  16631. ((cr->fils.kek &&
  16632. nla_put(msg, NL80211_ATTR_FILS_KEK, cr->fils.kek_len,
  16633. cr->fils.kek)) ||
  16634. (cr->fils.pmk &&
  16635. nla_put(msg, NL80211_ATTR_PMK, cr->fils.pmk_len, cr->fils.pmk)) ||
  16636. (cr->fils.pmkid &&
  16637. nla_put(msg, NL80211_ATTR_PMKID, WLAN_PMKID_LEN, cr->fils.pmkid)))))
  16638. goto nla_put_failure;
  16639. if (cr->valid_links) {
  16640. int i = 1;
  16641. struct nlattr *nested;
  16642. nested = nla_nest_start(msg, NL80211_ATTR_MLO_LINKS);
  16643. if (!nested)
  16644. goto nla_put_failure;
  16645. for_each_valid_link(cr, link) {
  16646. struct nlattr *nested_mlo_links;
  16647. const u8 *bssid = cr->links[link].bss ?
  16648. cr->links[link].bss->bssid :
  16649. cr->links[link].bssid;
  16650. nested_mlo_links = nla_nest_start(msg, i);
  16651. if (!nested_mlo_links)
  16652. goto nla_put_failure;
  16653. if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link) ||
  16654. (bssid &&
  16655. nla_put(msg, NL80211_ATTR_BSSID, ETH_ALEN, bssid)) ||
  16656. (cr->links[link].addr &&
  16657. nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN,
  16658. cr->links[link].addr)) ||
  16659. nla_put_u16(msg, NL80211_ATTR_STATUS_CODE,
  16660. cr->links[link].status))
  16661. goto nla_put_failure;
  16662. nla_nest_end(msg, nested_mlo_links);
  16663. i++;
  16664. }
  16665. nla_nest_end(msg, nested);
  16666. }
  16667. genlmsg_end(msg, hdr);
  16668. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  16669. NL80211_MCGRP_MLME, gfp);
  16670. return;
  16671. nla_put_failure:
  16672. nlmsg_free(msg);
  16673. }
  16674. void nl80211_send_roamed(struct cfg80211_registered_device *rdev,
  16675. struct net_device *netdev,
  16676. struct cfg80211_roam_info *info, gfp_t gfp)
  16677. {
  16678. struct sk_buff *msg;
  16679. void *hdr;
  16680. size_t link_info_size = 0;
  16681. unsigned int link;
  16682. const u8 *connected_addr = info->ap_mld_addr ?
  16683. info->ap_mld_addr :
  16684. (info->links[0].bss ?
  16685. info->links[0].bss->bssid :
  16686. info->links[0].bssid);
  16687. if (info->valid_links) {
  16688. for_each_valid_link(info, link) {
  16689. /* Nested attribute header */
  16690. link_info_size += NLA_HDRLEN;
  16691. /* Link ID */
  16692. link_info_size += nla_total_size(sizeof(u8));
  16693. link_info_size += info->links[link].addr ?
  16694. nla_total_size(ETH_ALEN) : 0;
  16695. link_info_size += (info->links[link].bssid ||
  16696. info->links[link].bss) ?
  16697. nla_total_size(ETH_ALEN) : 0;
  16698. }
  16699. }
  16700. msg = nlmsg_new(100 + info->req_ie_len + info->resp_ie_len +
  16701. info->fils.kek_len + info->fils.pmk_len +
  16702. (info->fils.pmkid ? WLAN_PMKID_LEN : 0) +
  16703. link_info_size, gfp);
  16704. if (!msg)
  16705. return;
  16706. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_ROAM);
  16707. if (!hdr) {
  16708. nlmsg_free(msg);
  16709. return;
  16710. }
  16711. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  16712. nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
  16713. nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, connected_addr) ||
  16714. (info->req_ie &&
  16715. nla_put(msg, NL80211_ATTR_REQ_IE, info->req_ie_len,
  16716. info->req_ie)) ||
  16717. (info->resp_ie &&
  16718. nla_put(msg, NL80211_ATTR_RESP_IE, info->resp_ie_len,
  16719. info->resp_ie)) ||
  16720. (info->fils.update_erp_next_seq_num &&
  16721. nla_put_u16(msg, NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM,
  16722. info->fils.erp_next_seq_num)) ||
  16723. (info->fils.kek &&
  16724. nla_put(msg, NL80211_ATTR_FILS_KEK, info->fils.kek_len,
  16725. info->fils.kek)) ||
  16726. (info->fils.pmk &&
  16727. nla_put(msg, NL80211_ATTR_PMK, info->fils.pmk_len, info->fils.pmk)) ||
  16728. (info->fils.pmkid &&
  16729. nla_put(msg, NL80211_ATTR_PMKID, WLAN_PMKID_LEN, info->fils.pmkid)))
  16730. goto nla_put_failure;
  16731. if (info->valid_links) {
  16732. int i = 1;
  16733. struct nlattr *nested;
  16734. nested = nla_nest_start(msg, NL80211_ATTR_MLO_LINKS);
  16735. if (!nested)
  16736. goto nla_put_failure;
  16737. for_each_valid_link(info, link) {
  16738. struct nlattr *nested_mlo_links;
  16739. const u8 *bssid = info->links[link].bss ?
  16740. info->links[link].bss->bssid :
  16741. info->links[link].bssid;
  16742. nested_mlo_links = nla_nest_start(msg, i);
  16743. if (!nested_mlo_links)
  16744. goto nla_put_failure;
  16745. if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link) ||
  16746. (bssid &&
  16747. nla_put(msg, NL80211_ATTR_BSSID, ETH_ALEN, bssid)) ||
  16748. (info->links[link].addr &&
  16749. nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN,
  16750. info->links[link].addr)))
  16751. goto nla_put_failure;
  16752. nla_nest_end(msg, nested_mlo_links);
  16753. i++;
  16754. }
  16755. nla_nest_end(msg, nested);
  16756. }
  16757. genlmsg_end(msg, hdr);
  16758. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  16759. NL80211_MCGRP_MLME, gfp);
  16760. return;
  16761. nla_put_failure:
  16762. nlmsg_free(msg);
  16763. }
  16764. void nl80211_send_port_authorized(struct cfg80211_registered_device *rdev,
  16765. struct net_device *netdev, const u8 *peer_addr,
  16766. const u8 *td_bitmap, u8 td_bitmap_len)
  16767. {
  16768. struct sk_buff *msg;
  16769. void *hdr;
  16770. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  16771. if (!msg)
  16772. return;
  16773. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_PORT_AUTHORIZED);
  16774. if (!hdr) {
  16775. nlmsg_free(msg);
  16776. return;
  16777. }
  16778. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  16779. nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
  16780. nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, peer_addr))
  16781. goto nla_put_failure;
  16782. if (td_bitmap_len > 0 && td_bitmap &&
  16783. nla_put(msg, NL80211_ATTR_TD_BITMAP, td_bitmap_len, td_bitmap))
  16784. goto nla_put_failure;
  16785. genlmsg_end(msg, hdr);
  16786. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  16787. NL80211_MCGRP_MLME, GFP_KERNEL);
  16788. return;
  16789. nla_put_failure:
  16790. nlmsg_free(msg);
  16791. }
  16792. void nl80211_send_disconnected(struct cfg80211_registered_device *rdev,
  16793. struct net_device *netdev, u16 reason,
  16794. const u8 *ie, size_t ie_len, bool from_ap)
  16795. {
  16796. struct sk_buff *msg;
  16797. void *hdr;
  16798. msg = nlmsg_new(100 + ie_len, GFP_KERNEL);
  16799. if (!msg)
  16800. return;
  16801. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DISCONNECT);
  16802. if (!hdr) {
  16803. nlmsg_free(msg);
  16804. return;
  16805. }
  16806. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  16807. nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
  16808. (reason &&
  16809. nla_put_u16(msg, NL80211_ATTR_REASON_CODE, reason)) ||
  16810. (from_ap &&
  16811. nla_put_flag(msg, NL80211_ATTR_DISCONNECTED_BY_AP)) ||
  16812. (ie && nla_put(msg, NL80211_ATTR_IE, ie_len, ie)))
  16813. goto nla_put_failure;
  16814. genlmsg_end(msg, hdr);
  16815. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  16816. NL80211_MCGRP_MLME, GFP_KERNEL);
  16817. return;
  16818. nla_put_failure:
  16819. nlmsg_free(msg);
  16820. }
  16821. void cfg80211_links_removed(struct net_device *dev, u16 link_mask)
  16822. {
  16823. struct wireless_dev *wdev = dev->ieee80211_ptr;
  16824. struct wiphy *wiphy = wdev->wiphy;
  16825. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  16826. struct sk_buff *msg;
  16827. struct nlattr *links;
  16828. void *hdr;
  16829. lockdep_assert_wiphy(wdev->wiphy);
  16830. trace_cfg80211_links_removed(dev, link_mask);
  16831. if (WARN_ON(wdev->iftype != NL80211_IFTYPE_STATION &&
  16832. wdev->iftype != NL80211_IFTYPE_P2P_CLIENT))
  16833. return;
  16834. if (WARN_ON(!wdev->valid_links || !link_mask ||
  16835. (wdev->valid_links & link_mask) != link_mask ||
  16836. wdev->valid_links == link_mask))
  16837. return;
  16838. cfg80211_wdev_release_link_bsses(wdev, link_mask);
  16839. wdev->valid_links &= ~link_mask;
  16840. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  16841. if (!msg)
  16842. return;
  16843. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_LINKS_REMOVED);
  16844. if (!hdr) {
  16845. nlmsg_free(msg);
  16846. return;
  16847. }
  16848. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  16849. nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex))
  16850. goto nla_put_failure;
  16851. links = nla_nest_start(msg, NL80211_ATTR_MLO_LINKS);
  16852. if (!links)
  16853. goto nla_put_failure;
  16854. while (link_mask) {
  16855. struct nlattr *link;
  16856. int link_id = __ffs(link_mask);
  16857. link = nla_nest_start(msg, link_id + 1);
  16858. if (!link)
  16859. goto nla_put_failure;
  16860. if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id))
  16861. goto nla_put_failure;
  16862. nla_nest_end(msg, link);
  16863. link_mask &= ~(1 << link_id);
  16864. }
  16865. nla_nest_end(msg, links);
  16866. genlmsg_end(msg, hdr);
  16867. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  16868. NL80211_MCGRP_MLME, GFP_KERNEL);
  16869. return;
  16870. nla_put_failure:
  16871. nlmsg_free(msg);
  16872. }
  16873. EXPORT_SYMBOL(cfg80211_links_removed);
  16874. void nl80211_mlo_reconf_add_done(struct net_device *dev,
  16875. struct cfg80211_mlo_reconf_done_data *data)
  16876. {
  16877. struct wireless_dev *wdev = dev->ieee80211_ptr;
  16878. struct wiphy *wiphy = wdev->wiphy;
  16879. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  16880. struct nl80211_mlme_event event = {
  16881. .cmd = NL80211_CMD_ASSOC_MLO_RECONF,
  16882. .buf = data->buf,
  16883. .buf_len = data->len,
  16884. .uapsd_queues = -1,
  16885. };
  16886. nl80211_send_mlme_event(rdev, dev, &event, GFP_KERNEL);
  16887. }
  16888. EXPORT_SYMBOL(nl80211_mlo_reconf_add_done);
  16889. void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev,
  16890. struct net_device *netdev, const u8 *bssid,
  16891. gfp_t gfp)
  16892. {
  16893. struct sk_buff *msg;
  16894. void *hdr;
  16895. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
  16896. if (!msg)
  16897. return;
  16898. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_JOIN_IBSS);
  16899. if (!hdr) {
  16900. nlmsg_free(msg);
  16901. return;
  16902. }
  16903. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  16904. nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
  16905. nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid))
  16906. goto nla_put_failure;
  16907. genlmsg_end(msg, hdr);
  16908. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  16909. NL80211_MCGRP_MLME, gfp);
  16910. return;
  16911. nla_put_failure:
  16912. nlmsg_free(msg);
  16913. }
  16914. void cfg80211_notify_new_peer_candidate(struct net_device *dev, const u8 *addr,
  16915. const u8 *ie, u8 ie_len,
  16916. int sig_dbm, gfp_t gfp)
  16917. {
  16918. struct wireless_dev *wdev = dev->ieee80211_ptr;
  16919. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
  16920. struct sk_buff *msg;
  16921. void *hdr;
  16922. if (WARN_ON(wdev->iftype != NL80211_IFTYPE_MESH_POINT))
  16923. return;
  16924. trace_cfg80211_notify_new_peer_candidate(dev, addr);
  16925. msg = nlmsg_new(100 + ie_len, gfp);
  16926. if (!msg)
  16927. return;
  16928. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NEW_PEER_CANDIDATE);
  16929. if (!hdr) {
  16930. nlmsg_free(msg);
  16931. return;
  16932. }
  16933. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  16934. nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
  16935. nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
  16936. (ie_len && ie &&
  16937. nla_put(msg, NL80211_ATTR_IE, ie_len, ie)) ||
  16938. (sig_dbm &&
  16939. nla_put_u32(msg, NL80211_ATTR_RX_SIGNAL_DBM, sig_dbm)))
  16940. goto nla_put_failure;
  16941. genlmsg_end(msg, hdr);
  16942. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  16943. NL80211_MCGRP_MLME, gfp);
  16944. return;
  16945. nla_put_failure:
  16946. nlmsg_free(msg);
  16947. }
  16948. EXPORT_SYMBOL(cfg80211_notify_new_peer_candidate);
  16949. void nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev,
  16950. struct net_device *netdev, const u8 *addr,
  16951. enum nl80211_key_type key_type, int key_id,
  16952. const u8 *tsc, gfp_t gfp)
  16953. {
  16954. struct sk_buff *msg;
  16955. void *hdr;
  16956. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
  16957. if (!msg)
  16958. return;
  16959. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_MICHAEL_MIC_FAILURE);
  16960. if (!hdr) {
  16961. nlmsg_free(msg);
  16962. return;
  16963. }
  16964. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  16965. nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
  16966. (addr && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) ||
  16967. nla_put_u32(msg, NL80211_ATTR_KEY_TYPE, key_type) ||
  16968. (key_id != -1 &&
  16969. nla_put_u8(msg, NL80211_ATTR_KEY_IDX, key_id)) ||
  16970. (tsc && nla_put(msg, NL80211_ATTR_KEY_SEQ, 6, tsc)))
  16971. goto nla_put_failure;
  16972. genlmsg_end(msg, hdr);
  16973. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  16974. NL80211_MCGRP_MLME, gfp);
  16975. return;
  16976. nla_put_failure:
  16977. nlmsg_free(msg);
  16978. }
  16979. void nl80211_send_beacon_hint_event(struct wiphy *wiphy,
  16980. struct ieee80211_channel *channel_before,
  16981. struct ieee80211_channel *channel_after)
  16982. {
  16983. struct sk_buff *msg;
  16984. void *hdr;
  16985. struct nlattr *nl_freq;
  16986. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC);
  16987. if (!msg)
  16988. return;
  16989. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_BEACON_HINT);
  16990. if (!hdr) {
  16991. nlmsg_free(msg);
  16992. return;
  16993. }
  16994. /*
  16995. * Since we are applying the beacon hint to a wiphy we know its
  16996. * wiphy_idx is valid
  16997. */
  16998. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy)))
  16999. goto nla_put_failure;
  17000. /* Before */
  17001. nl_freq = nla_nest_start_noflag(msg, NL80211_ATTR_FREQ_BEFORE);
  17002. if (!nl_freq)
  17003. goto nla_put_failure;
  17004. if (nl80211_msg_put_channel(msg, wiphy, channel_before, false))
  17005. goto nla_put_failure;
  17006. nla_nest_end(msg, nl_freq);
  17007. /* After */
  17008. nl_freq = nla_nest_start_noflag(msg, NL80211_ATTR_FREQ_AFTER);
  17009. if (!nl_freq)
  17010. goto nla_put_failure;
  17011. if (nl80211_msg_put_channel(msg, wiphy, channel_after, false))
  17012. goto nla_put_failure;
  17013. nla_nest_end(msg, nl_freq);
  17014. genlmsg_end(msg, hdr);
  17015. genlmsg_multicast_allns(&nl80211_fam, msg, 0,
  17016. NL80211_MCGRP_REGULATORY);
  17017. return;
  17018. nla_put_failure:
  17019. nlmsg_free(msg);
  17020. }
  17021. static void nl80211_send_remain_on_chan_event(
  17022. int cmd, struct cfg80211_registered_device *rdev,
  17023. struct wireless_dev *wdev, u64 cookie,
  17024. struct ieee80211_channel *chan,
  17025. unsigned int duration, gfp_t gfp)
  17026. {
  17027. struct sk_buff *msg;
  17028. void *hdr;
  17029. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
  17030. if (!msg)
  17031. return;
  17032. hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
  17033. if (!hdr) {
  17034. nlmsg_free(msg);
  17035. return;
  17036. }
  17037. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  17038. (wdev->netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
  17039. wdev->netdev->ifindex)) ||
  17040. nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
  17041. NL80211_ATTR_PAD) ||
  17042. nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, chan->center_freq) ||
  17043. nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
  17044. NL80211_CHAN_NO_HT) ||
  17045. nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, cookie,
  17046. NL80211_ATTR_PAD))
  17047. goto nla_put_failure;
  17048. if (cmd == NL80211_CMD_REMAIN_ON_CHANNEL &&
  17049. nla_put_u32(msg, NL80211_ATTR_DURATION, duration))
  17050. goto nla_put_failure;
  17051. genlmsg_end(msg, hdr);
  17052. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  17053. NL80211_MCGRP_MLME, gfp);
  17054. return;
  17055. nla_put_failure:
  17056. nlmsg_free(msg);
  17057. }
  17058. void cfg80211_assoc_comeback(struct net_device *netdev,
  17059. const u8 *ap_addr, u32 timeout)
  17060. {
  17061. struct wireless_dev *wdev = netdev->ieee80211_ptr;
  17062. struct wiphy *wiphy = wdev->wiphy;
  17063. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  17064. struct sk_buff *msg;
  17065. void *hdr;
  17066. trace_cfg80211_assoc_comeback(wdev, ap_addr, timeout);
  17067. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  17068. if (!msg)
  17069. return;
  17070. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_ASSOC_COMEBACK);
  17071. if (!hdr) {
  17072. nlmsg_free(msg);
  17073. return;
  17074. }
  17075. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  17076. nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
  17077. nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, ap_addr) ||
  17078. nla_put_u32(msg, NL80211_ATTR_TIMEOUT, timeout))
  17079. goto nla_put_failure;
  17080. genlmsg_end(msg, hdr);
  17081. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  17082. NL80211_MCGRP_MLME, GFP_KERNEL);
  17083. return;
  17084. nla_put_failure:
  17085. nlmsg_free(msg);
  17086. }
  17087. EXPORT_SYMBOL(cfg80211_assoc_comeback);
  17088. void cfg80211_ready_on_channel(struct wireless_dev *wdev, u64 cookie,
  17089. struct ieee80211_channel *chan,
  17090. unsigned int duration, gfp_t gfp)
  17091. {
  17092. struct wiphy *wiphy = wdev->wiphy;
  17093. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  17094. trace_cfg80211_ready_on_channel(wdev, cookie, chan, duration);
  17095. nl80211_send_remain_on_chan_event(NL80211_CMD_REMAIN_ON_CHANNEL,
  17096. rdev, wdev, cookie, chan,
  17097. duration, gfp);
  17098. }
  17099. EXPORT_SYMBOL(cfg80211_ready_on_channel);
  17100. void cfg80211_remain_on_channel_expired(struct wireless_dev *wdev, u64 cookie,
  17101. struct ieee80211_channel *chan,
  17102. gfp_t gfp)
  17103. {
  17104. struct wiphy *wiphy = wdev->wiphy;
  17105. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  17106. trace_cfg80211_ready_on_channel_expired(wdev, cookie, chan);
  17107. nl80211_send_remain_on_chan_event(NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL,
  17108. rdev, wdev, cookie, chan, 0, gfp);
  17109. }
  17110. EXPORT_SYMBOL(cfg80211_remain_on_channel_expired);
  17111. void cfg80211_tx_mgmt_expired(struct wireless_dev *wdev, u64 cookie,
  17112. struct ieee80211_channel *chan,
  17113. gfp_t gfp)
  17114. {
  17115. struct wiphy *wiphy = wdev->wiphy;
  17116. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  17117. trace_cfg80211_tx_mgmt_expired(wdev, cookie, chan);
  17118. nl80211_send_remain_on_chan_event(NL80211_CMD_FRAME_WAIT_CANCEL,
  17119. rdev, wdev, cookie, chan, 0, gfp);
  17120. }
  17121. EXPORT_SYMBOL(cfg80211_tx_mgmt_expired);
  17122. void cfg80211_new_sta(struct net_device *dev, const u8 *mac_addr,
  17123. struct station_info *sinfo, gfp_t gfp)
  17124. {
  17125. struct wiphy *wiphy = dev->ieee80211_ptr->wiphy;
  17126. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  17127. struct sk_buff *msg;
  17128. trace_cfg80211_new_sta(dev, mac_addr, sinfo);
  17129. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
  17130. if (!msg)
  17131. return;
  17132. if (nl80211_send_station(msg, NL80211_CMD_NEW_STATION, 0, 0, 0,
  17133. rdev, dev, mac_addr, sinfo, false) < 0) {
  17134. nlmsg_free(msg);
  17135. return;
  17136. }
  17137. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  17138. NL80211_MCGRP_MLME, gfp);
  17139. }
  17140. EXPORT_SYMBOL(cfg80211_new_sta);
  17141. void cfg80211_del_sta_sinfo(struct net_device *dev, const u8 *mac_addr,
  17142. struct station_info *sinfo, gfp_t gfp)
  17143. {
  17144. struct wiphy *wiphy = dev->ieee80211_ptr->wiphy;
  17145. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  17146. struct sk_buff *msg;
  17147. struct station_info empty_sinfo = {};
  17148. if (!sinfo)
  17149. sinfo = &empty_sinfo;
  17150. trace_cfg80211_del_sta(dev, mac_addr);
  17151. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
  17152. if (!msg) {
  17153. cfg80211_sinfo_release_content(sinfo);
  17154. return;
  17155. }
  17156. if (nl80211_send_station(msg, NL80211_CMD_DEL_STATION, 0, 0, 0,
  17157. rdev, dev, mac_addr, sinfo, false) < 0) {
  17158. nlmsg_free(msg);
  17159. return;
  17160. }
  17161. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  17162. NL80211_MCGRP_MLME, gfp);
  17163. }
  17164. EXPORT_SYMBOL(cfg80211_del_sta_sinfo);
  17165. void cfg80211_conn_failed(struct net_device *dev, const u8 *mac_addr,
  17166. enum nl80211_connect_failed_reason reason,
  17167. gfp_t gfp)
  17168. {
  17169. struct wiphy *wiphy = dev->ieee80211_ptr->wiphy;
  17170. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  17171. struct sk_buff *msg;
  17172. void *hdr;
  17173. msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
  17174. if (!msg)
  17175. return;
  17176. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONN_FAILED);
  17177. if (!hdr) {
  17178. nlmsg_free(msg);
  17179. return;
  17180. }
  17181. if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
  17182. nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr) ||
  17183. nla_put_u32(msg, NL80211_ATTR_CONN_FAILED_REASON, reason))
  17184. goto nla_put_failure;
  17185. genlmsg_end(msg, hdr);
  17186. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  17187. NL80211_MCGRP_MLME, gfp);
  17188. return;
  17189. nla_put_failure:
  17190. nlmsg_free(msg);
  17191. }
  17192. EXPORT_SYMBOL(cfg80211_conn_failed);
  17193. static bool __nl80211_unexpected_frame(struct net_device *dev, u8 cmd,
  17194. const u8 *addr, int link_id, gfp_t gfp)
  17195. {
  17196. struct wireless_dev *wdev = dev->ieee80211_ptr;
  17197. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
  17198. struct sk_buff *msg;
  17199. void *hdr;
  17200. u32 nlportid = READ_ONCE(wdev->ap_unexpected_nlportid);
  17201. if (!nlportid)
  17202. return false;
  17203. msg = nlmsg_new(100, gfp);
  17204. if (!msg)
  17205. return true;
  17206. hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
  17207. if (!hdr) {
  17208. nlmsg_free(msg);
  17209. return true;
  17210. }
  17211. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  17212. nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
  17213. nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
  17214. (link_id >= 0 &&
  17215. nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id)))
  17216. goto nla_put_failure;
  17217. genlmsg_end(msg, hdr);
  17218. genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlportid);
  17219. return true;
  17220. nla_put_failure:
  17221. nlmsg_free(msg);
  17222. return true;
  17223. }
  17224. bool cfg80211_rx_spurious_frame(struct net_device *dev, const u8 *addr,
  17225. int link_id, gfp_t gfp)
  17226. {
  17227. struct wireless_dev *wdev = dev->ieee80211_ptr;
  17228. bool ret;
  17229. trace_cfg80211_rx_spurious_frame(dev, addr, link_id);
  17230. if (WARN_ON(wdev->iftype != NL80211_IFTYPE_AP &&
  17231. wdev->iftype != NL80211_IFTYPE_P2P_GO)) {
  17232. trace_cfg80211_return_bool(false);
  17233. return false;
  17234. }
  17235. ret = __nl80211_unexpected_frame(dev, NL80211_CMD_UNEXPECTED_FRAME,
  17236. addr, link_id, gfp);
  17237. trace_cfg80211_return_bool(ret);
  17238. return ret;
  17239. }
  17240. EXPORT_SYMBOL(cfg80211_rx_spurious_frame);
  17241. bool cfg80211_rx_unexpected_4addr_frame(struct net_device *dev, const u8 *addr,
  17242. int link_id, gfp_t gfp)
  17243. {
  17244. struct wireless_dev *wdev = dev->ieee80211_ptr;
  17245. bool ret;
  17246. trace_cfg80211_rx_unexpected_4addr_frame(dev, addr, link_id);
  17247. if (WARN_ON(wdev->iftype != NL80211_IFTYPE_AP &&
  17248. wdev->iftype != NL80211_IFTYPE_P2P_GO &&
  17249. wdev->iftype != NL80211_IFTYPE_AP_VLAN)) {
  17250. trace_cfg80211_return_bool(false);
  17251. return false;
  17252. }
  17253. ret = __nl80211_unexpected_frame(dev,
  17254. NL80211_CMD_UNEXPECTED_4ADDR_FRAME,
  17255. addr, link_id, gfp);
  17256. trace_cfg80211_return_bool(ret);
  17257. return ret;
  17258. }
  17259. EXPORT_SYMBOL(cfg80211_rx_unexpected_4addr_frame);
  17260. int nl80211_send_mgmt(struct cfg80211_registered_device *rdev,
  17261. struct wireless_dev *wdev, u32 nlportid,
  17262. struct cfg80211_rx_info *info, gfp_t gfp)
  17263. {
  17264. struct net_device *netdev = wdev->netdev;
  17265. struct sk_buff *msg;
  17266. void *hdr;
  17267. msg = nlmsg_new(100 + info->len, gfp);
  17268. if (!msg)
  17269. return -ENOMEM;
  17270. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME);
  17271. if (!hdr) {
  17272. nlmsg_free(msg);
  17273. return -ENOMEM;
  17274. }
  17275. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  17276. (netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
  17277. netdev->ifindex)) ||
  17278. nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
  17279. NL80211_ATTR_PAD) ||
  17280. (info->have_link_id &&
  17281. nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, info->link_id)) ||
  17282. nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, KHZ_TO_MHZ(info->freq)) ||
  17283. nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ_OFFSET, info->freq % 1000) ||
  17284. (info->sig_dbm &&
  17285. nla_put_u32(msg, NL80211_ATTR_RX_SIGNAL_DBM, info->sig_dbm)) ||
  17286. nla_put(msg, NL80211_ATTR_FRAME, info->len, info->buf) ||
  17287. (info->flags &&
  17288. nla_put_u32(msg, NL80211_ATTR_RXMGMT_FLAGS, info->flags)) ||
  17289. (info->rx_tstamp && nla_put_u64_64bit(msg,
  17290. NL80211_ATTR_RX_HW_TIMESTAMP,
  17291. info->rx_tstamp,
  17292. NL80211_ATTR_PAD)) ||
  17293. (info->ack_tstamp && nla_put_u64_64bit(msg,
  17294. NL80211_ATTR_TX_HW_TIMESTAMP,
  17295. info->ack_tstamp,
  17296. NL80211_ATTR_PAD)))
  17297. goto nla_put_failure;
  17298. genlmsg_end(msg, hdr);
  17299. return genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlportid);
  17300. nla_put_failure:
  17301. nlmsg_free(msg);
  17302. return -ENOBUFS;
  17303. }
  17304. static void nl80211_frame_tx_status(struct wireless_dev *wdev,
  17305. struct cfg80211_tx_status *status,
  17306. gfp_t gfp, enum nl80211_commands command)
  17307. {
  17308. struct wiphy *wiphy = wdev->wiphy;
  17309. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  17310. struct net_device *netdev = wdev->netdev;
  17311. struct sk_buff *msg;
  17312. void *hdr;
  17313. if (command == NL80211_CMD_FRAME_TX_STATUS)
  17314. trace_cfg80211_mgmt_tx_status(wdev, status->cookie,
  17315. status->ack);
  17316. else
  17317. trace_cfg80211_control_port_tx_status(wdev, status->cookie,
  17318. status->ack);
  17319. msg = nlmsg_new(100 + status->len, gfp);
  17320. if (!msg)
  17321. return;
  17322. hdr = nl80211hdr_put(msg, 0, 0, 0, command);
  17323. if (!hdr) {
  17324. nlmsg_free(msg);
  17325. return;
  17326. }
  17327. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  17328. (netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
  17329. netdev->ifindex)) ||
  17330. nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
  17331. NL80211_ATTR_PAD) ||
  17332. nla_put(msg, NL80211_ATTR_FRAME, status->len, status->buf) ||
  17333. nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, status->cookie,
  17334. NL80211_ATTR_PAD) ||
  17335. (status->ack && nla_put_flag(msg, NL80211_ATTR_ACK)) ||
  17336. (status->tx_tstamp &&
  17337. nla_put_u64_64bit(msg, NL80211_ATTR_TX_HW_TIMESTAMP,
  17338. status->tx_tstamp, NL80211_ATTR_PAD)) ||
  17339. (status->ack_tstamp &&
  17340. nla_put_u64_64bit(msg, NL80211_ATTR_RX_HW_TIMESTAMP,
  17341. status->ack_tstamp, NL80211_ATTR_PAD)))
  17342. goto nla_put_failure;
  17343. genlmsg_end(msg, hdr);
  17344. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  17345. NL80211_MCGRP_MLME, gfp);
  17346. return;
  17347. nla_put_failure:
  17348. nlmsg_free(msg);
  17349. }
  17350. void cfg80211_control_port_tx_status(struct wireless_dev *wdev, u64 cookie,
  17351. const u8 *buf, size_t len, bool ack,
  17352. gfp_t gfp)
  17353. {
  17354. struct cfg80211_tx_status status = {
  17355. .cookie = cookie,
  17356. .buf = buf,
  17357. .len = len,
  17358. .ack = ack
  17359. };
  17360. nl80211_frame_tx_status(wdev, &status, gfp,
  17361. NL80211_CMD_CONTROL_PORT_FRAME_TX_STATUS);
  17362. }
  17363. EXPORT_SYMBOL(cfg80211_control_port_tx_status);
  17364. void cfg80211_mgmt_tx_status_ext(struct wireless_dev *wdev,
  17365. struct cfg80211_tx_status *status, gfp_t gfp)
  17366. {
  17367. nl80211_frame_tx_status(wdev, status, gfp, NL80211_CMD_FRAME_TX_STATUS);
  17368. }
  17369. EXPORT_SYMBOL(cfg80211_mgmt_tx_status_ext);
  17370. static int __nl80211_rx_control_port(struct net_device *dev,
  17371. struct sk_buff *skb,
  17372. bool unencrypted,
  17373. int link_id,
  17374. gfp_t gfp)
  17375. {
  17376. struct wireless_dev *wdev = dev->ieee80211_ptr;
  17377. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
  17378. struct ethhdr *ehdr = eth_hdr(skb);
  17379. const u8 *addr = ehdr->h_source;
  17380. u16 proto = be16_to_cpu(skb->protocol);
  17381. struct sk_buff *msg;
  17382. void *hdr;
  17383. struct nlattr *frame;
  17384. u32 nlportid = READ_ONCE(wdev->conn_owner_nlportid);
  17385. if (!nlportid)
  17386. return -ENOENT;
  17387. msg = nlmsg_new(100 + skb->len, gfp);
  17388. if (!msg)
  17389. return -ENOMEM;
  17390. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONTROL_PORT_FRAME);
  17391. if (!hdr) {
  17392. nlmsg_free(msg);
  17393. return -ENOBUFS;
  17394. }
  17395. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  17396. nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
  17397. nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
  17398. NL80211_ATTR_PAD) ||
  17399. nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
  17400. nla_put_u16(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE, proto) ||
  17401. (link_id >= 0 &&
  17402. nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id)) ||
  17403. (unencrypted && nla_put_flag(msg,
  17404. NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT)))
  17405. goto nla_put_failure;
  17406. frame = nla_reserve(msg, NL80211_ATTR_FRAME, skb->len);
  17407. if (!frame)
  17408. goto nla_put_failure;
  17409. skb_copy_bits(skb, 0, nla_data(frame), skb->len);
  17410. genlmsg_end(msg, hdr);
  17411. return genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlportid);
  17412. nla_put_failure:
  17413. nlmsg_free(msg);
  17414. return -ENOBUFS;
  17415. }
  17416. bool cfg80211_rx_control_port(struct net_device *dev, struct sk_buff *skb,
  17417. bool unencrypted, int link_id)
  17418. {
  17419. int ret;
  17420. trace_cfg80211_rx_control_port(dev, skb, unencrypted, link_id);
  17421. ret = __nl80211_rx_control_port(dev, skb, unencrypted, link_id,
  17422. GFP_ATOMIC);
  17423. trace_cfg80211_return_bool(ret == 0);
  17424. return ret == 0;
  17425. }
  17426. EXPORT_SYMBOL(cfg80211_rx_control_port);
  17427. static struct sk_buff *cfg80211_prepare_cqm(struct net_device *dev,
  17428. const char *mac, gfp_t gfp)
  17429. {
  17430. struct wireless_dev *wdev = dev->ieee80211_ptr;
  17431. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
  17432. struct sk_buff *msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
  17433. void **cb;
  17434. if (!msg)
  17435. return NULL;
  17436. cb = (void **)msg->cb;
  17437. cb[0] = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM);
  17438. if (!cb[0]) {
  17439. nlmsg_free(msg);
  17440. return NULL;
  17441. }
  17442. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  17443. nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex))
  17444. goto nla_put_failure;
  17445. if (mac && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac))
  17446. goto nla_put_failure;
  17447. cb[1] = nla_nest_start_noflag(msg, NL80211_ATTR_CQM);
  17448. if (!cb[1])
  17449. goto nla_put_failure;
  17450. cb[2] = rdev;
  17451. return msg;
  17452. nla_put_failure:
  17453. nlmsg_free(msg);
  17454. return NULL;
  17455. }
  17456. static void cfg80211_send_cqm(struct sk_buff *msg, gfp_t gfp)
  17457. {
  17458. void **cb = (void **)msg->cb;
  17459. struct cfg80211_registered_device *rdev = cb[2];
  17460. nla_nest_end(msg, cb[1]);
  17461. genlmsg_end(msg, cb[0]);
  17462. memset(msg->cb, 0, sizeof(msg->cb));
  17463. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  17464. NL80211_MCGRP_MLME, gfp);
  17465. }
  17466. void cfg80211_cqm_rssi_notify(struct net_device *dev,
  17467. enum nl80211_cqm_rssi_threshold_event rssi_event,
  17468. s32 rssi_level, gfp_t gfp)
  17469. {
  17470. struct wireless_dev *wdev = dev->ieee80211_ptr;
  17471. struct cfg80211_cqm_config *cqm_config;
  17472. trace_cfg80211_cqm_rssi_notify(dev, rssi_event, rssi_level);
  17473. if (WARN_ON(rssi_event != NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW &&
  17474. rssi_event != NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH))
  17475. return;
  17476. rcu_read_lock();
  17477. cqm_config = rcu_dereference(wdev->cqm_config);
  17478. if (cqm_config) {
  17479. cqm_config->last_rssi_event_value = rssi_level;
  17480. cqm_config->last_rssi_event_type = rssi_event;
  17481. wiphy_work_queue(wdev->wiphy, &wdev->cqm_rssi_work);
  17482. }
  17483. rcu_read_unlock();
  17484. }
  17485. EXPORT_SYMBOL(cfg80211_cqm_rssi_notify);
  17486. void cfg80211_cqm_rssi_notify_work(struct wiphy *wiphy, struct wiphy_work *work)
  17487. {
  17488. struct wireless_dev *wdev = container_of(work, struct wireless_dev,
  17489. cqm_rssi_work);
  17490. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  17491. enum nl80211_cqm_rssi_threshold_event rssi_event;
  17492. struct cfg80211_cqm_config *cqm_config;
  17493. struct sk_buff *msg;
  17494. s32 rssi_level;
  17495. cqm_config = wiphy_dereference(wdev->wiphy, wdev->cqm_config);
  17496. if (!cqm_config)
  17497. return;
  17498. if (cqm_config->use_range_api)
  17499. cfg80211_cqm_rssi_update(rdev, wdev->netdev, cqm_config);
  17500. rssi_level = cqm_config->last_rssi_event_value;
  17501. rssi_event = cqm_config->last_rssi_event_type;
  17502. msg = cfg80211_prepare_cqm(wdev->netdev, NULL, GFP_KERNEL);
  17503. if (!msg)
  17504. return;
  17505. if (nla_put_u32(msg, NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT,
  17506. rssi_event))
  17507. goto nla_put_failure;
  17508. if (rssi_level && nla_put_s32(msg, NL80211_ATTR_CQM_RSSI_LEVEL,
  17509. rssi_level))
  17510. goto nla_put_failure;
  17511. cfg80211_send_cqm(msg, GFP_KERNEL);
  17512. return;
  17513. nla_put_failure:
  17514. nlmsg_free(msg);
  17515. }
  17516. void cfg80211_cqm_txe_notify(struct net_device *dev,
  17517. const u8 *peer, u32 num_packets,
  17518. u32 rate, u32 intvl, gfp_t gfp)
  17519. {
  17520. struct sk_buff *msg;
  17521. msg = cfg80211_prepare_cqm(dev, peer, gfp);
  17522. if (!msg)
  17523. return;
  17524. if (nla_put_u32(msg, NL80211_ATTR_CQM_TXE_PKTS, num_packets))
  17525. goto nla_put_failure;
  17526. if (nla_put_u32(msg, NL80211_ATTR_CQM_TXE_RATE, rate))
  17527. goto nla_put_failure;
  17528. if (nla_put_u32(msg, NL80211_ATTR_CQM_TXE_INTVL, intvl))
  17529. goto nla_put_failure;
  17530. cfg80211_send_cqm(msg, gfp);
  17531. return;
  17532. nla_put_failure:
  17533. nlmsg_free(msg);
  17534. }
  17535. EXPORT_SYMBOL(cfg80211_cqm_txe_notify);
  17536. void cfg80211_cqm_pktloss_notify(struct net_device *dev,
  17537. const u8 *peer, u32 num_packets, gfp_t gfp)
  17538. {
  17539. struct sk_buff *msg;
  17540. trace_cfg80211_cqm_pktloss_notify(dev, peer, num_packets);
  17541. msg = cfg80211_prepare_cqm(dev, peer, gfp);
  17542. if (!msg)
  17543. return;
  17544. if (nla_put_u32(msg, NL80211_ATTR_CQM_PKT_LOSS_EVENT, num_packets))
  17545. goto nla_put_failure;
  17546. cfg80211_send_cqm(msg, gfp);
  17547. return;
  17548. nla_put_failure:
  17549. nlmsg_free(msg);
  17550. }
  17551. EXPORT_SYMBOL(cfg80211_cqm_pktloss_notify);
  17552. void cfg80211_cqm_beacon_loss_notify(struct net_device *dev, gfp_t gfp)
  17553. {
  17554. struct sk_buff *msg;
  17555. msg = cfg80211_prepare_cqm(dev, NULL, gfp);
  17556. if (!msg)
  17557. return;
  17558. if (nla_put_flag(msg, NL80211_ATTR_CQM_BEACON_LOSS_EVENT))
  17559. goto nla_put_failure;
  17560. cfg80211_send_cqm(msg, gfp);
  17561. return;
  17562. nla_put_failure:
  17563. nlmsg_free(msg);
  17564. }
  17565. EXPORT_SYMBOL(cfg80211_cqm_beacon_loss_notify);
  17566. static void nl80211_gtk_rekey_notify(struct cfg80211_registered_device *rdev,
  17567. struct net_device *netdev, const u8 *bssid,
  17568. const u8 *replay_ctr, gfp_t gfp)
  17569. {
  17570. struct sk_buff *msg;
  17571. struct nlattr *rekey_attr;
  17572. void *hdr;
  17573. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
  17574. if (!msg)
  17575. return;
  17576. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_SET_REKEY_OFFLOAD);
  17577. if (!hdr) {
  17578. nlmsg_free(msg);
  17579. return;
  17580. }
  17581. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  17582. nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
  17583. nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid))
  17584. goto nla_put_failure;
  17585. rekey_attr = nla_nest_start_noflag(msg, NL80211_ATTR_REKEY_DATA);
  17586. if (!rekey_attr)
  17587. goto nla_put_failure;
  17588. if (nla_put(msg, NL80211_REKEY_DATA_REPLAY_CTR,
  17589. NL80211_REPLAY_CTR_LEN, replay_ctr))
  17590. goto nla_put_failure;
  17591. nla_nest_end(msg, rekey_attr);
  17592. genlmsg_end(msg, hdr);
  17593. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  17594. NL80211_MCGRP_MLME, gfp);
  17595. return;
  17596. nla_put_failure:
  17597. nlmsg_free(msg);
  17598. }
  17599. void cfg80211_gtk_rekey_notify(struct net_device *dev, const u8 *bssid,
  17600. const u8 *replay_ctr, gfp_t gfp)
  17601. {
  17602. struct wireless_dev *wdev = dev->ieee80211_ptr;
  17603. struct wiphy *wiphy = wdev->wiphy;
  17604. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  17605. trace_cfg80211_gtk_rekey_notify(dev, bssid);
  17606. nl80211_gtk_rekey_notify(rdev, dev, bssid, replay_ctr, gfp);
  17607. }
  17608. EXPORT_SYMBOL(cfg80211_gtk_rekey_notify);
  17609. static void
  17610. nl80211_pmksa_candidate_notify(struct cfg80211_registered_device *rdev,
  17611. struct net_device *netdev, int index,
  17612. const u8 *bssid, bool preauth, gfp_t gfp)
  17613. {
  17614. struct sk_buff *msg;
  17615. struct nlattr *attr;
  17616. void *hdr;
  17617. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
  17618. if (!msg)
  17619. return;
  17620. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_PMKSA_CANDIDATE);
  17621. if (!hdr) {
  17622. nlmsg_free(msg);
  17623. return;
  17624. }
  17625. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  17626. nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex))
  17627. goto nla_put_failure;
  17628. attr = nla_nest_start_noflag(msg, NL80211_ATTR_PMKSA_CANDIDATE);
  17629. if (!attr)
  17630. goto nla_put_failure;
  17631. if (nla_put_u32(msg, NL80211_PMKSA_CANDIDATE_INDEX, index) ||
  17632. nla_put(msg, NL80211_PMKSA_CANDIDATE_BSSID, ETH_ALEN, bssid) ||
  17633. (preauth &&
  17634. nla_put_flag(msg, NL80211_PMKSA_CANDIDATE_PREAUTH)))
  17635. goto nla_put_failure;
  17636. nla_nest_end(msg, attr);
  17637. genlmsg_end(msg, hdr);
  17638. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  17639. NL80211_MCGRP_MLME, gfp);
  17640. return;
  17641. nla_put_failure:
  17642. nlmsg_free(msg);
  17643. }
  17644. void cfg80211_pmksa_candidate_notify(struct net_device *dev, int index,
  17645. const u8 *bssid, bool preauth, gfp_t gfp)
  17646. {
  17647. struct wireless_dev *wdev = dev->ieee80211_ptr;
  17648. struct wiphy *wiphy = wdev->wiphy;
  17649. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  17650. trace_cfg80211_pmksa_candidate_notify(dev, index, bssid, preauth);
  17651. nl80211_pmksa_candidate_notify(rdev, dev, index, bssid, preauth, gfp);
  17652. }
  17653. EXPORT_SYMBOL(cfg80211_pmksa_candidate_notify);
  17654. static void nl80211_ch_switch_notify(struct cfg80211_registered_device *rdev,
  17655. struct net_device *netdev,
  17656. unsigned int link_id,
  17657. struct cfg80211_chan_def *chandef,
  17658. gfp_t gfp,
  17659. enum nl80211_commands notif,
  17660. u8 count, bool quiet)
  17661. {
  17662. struct wireless_dev *wdev = netdev->ieee80211_ptr;
  17663. struct sk_buff *msg;
  17664. void *hdr;
  17665. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
  17666. if (!msg)
  17667. return;
  17668. hdr = nl80211hdr_put(msg, 0, 0, 0, notif);
  17669. if (!hdr) {
  17670. nlmsg_free(msg);
  17671. return;
  17672. }
  17673. if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex))
  17674. goto nla_put_failure;
  17675. if (wdev->valid_links &&
  17676. nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id))
  17677. goto nla_put_failure;
  17678. if (nl80211_send_chandef(msg, chandef))
  17679. goto nla_put_failure;
  17680. if (notif == NL80211_CMD_CH_SWITCH_STARTED_NOTIFY) {
  17681. if (nla_put_u32(msg, NL80211_ATTR_CH_SWITCH_COUNT, count))
  17682. goto nla_put_failure;
  17683. if (quiet &&
  17684. nla_put_flag(msg, NL80211_ATTR_CH_SWITCH_BLOCK_TX))
  17685. goto nla_put_failure;
  17686. }
  17687. genlmsg_end(msg, hdr);
  17688. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  17689. NL80211_MCGRP_MLME, gfp);
  17690. return;
  17691. nla_put_failure:
  17692. nlmsg_free(msg);
  17693. }
  17694. void cfg80211_ch_switch_notify(struct net_device *dev,
  17695. struct cfg80211_chan_def *chandef,
  17696. unsigned int link_id)
  17697. {
  17698. struct wireless_dev *wdev = dev->ieee80211_ptr;
  17699. struct wiphy *wiphy = wdev->wiphy;
  17700. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  17701. lockdep_assert_wiphy(wdev->wiphy);
  17702. WARN_INVALID_LINK_ID(wdev, link_id);
  17703. trace_cfg80211_ch_switch_notify(dev, chandef, link_id);
  17704. switch (wdev->iftype) {
  17705. case NL80211_IFTYPE_STATION:
  17706. case NL80211_IFTYPE_P2P_CLIENT:
  17707. if (!WARN_ON(!wdev->links[link_id].client.current_bss))
  17708. cfg80211_update_assoc_bss_entry(wdev, link_id,
  17709. chandef->chan);
  17710. break;
  17711. case NL80211_IFTYPE_MESH_POINT:
  17712. wdev->u.mesh.chandef = *chandef;
  17713. wdev->u.mesh.preset_chandef = *chandef;
  17714. break;
  17715. case NL80211_IFTYPE_AP:
  17716. case NL80211_IFTYPE_P2P_GO:
  17717. wdev->links[link_id].ap.chandef = *chandef;
  17718. break;
  17719. case NL80211_IFTYPE_ADHOC:
  17720. wdev->u.ibss.chandef = *chandef;
  17721. break;
  17722. default:
  17723. WARN_ON(1);
  17724. break;
  17725. }
  17726. cfg80211_schedule_channels_check(wdev);
  17727. cfg80211_sched_dfs_chan_update(rdev);
  17728. nl80211_ch_switch_notify(rdev, dev, link_id, chandef, GFP_KERNEL,
  17729. NL80211_CMD_CH_SWITCH_NOTIFY, 0, false);
  17730. }
  17731. EXPORT_SYMBOL(cfg80211_ch_switch_notify);
  17732. void cfg80211_ch_switch_started_notify(struct net_device *dev,
  17733. struct cfg80211_chan_def *chandef,
  17734. unsigned int link_id, u8 count,
  17735. bool quiet)
  17736. {
  17737. struct wireless_dev *wdev = dev->ieee80211_ptr;
  17738. struct wiphy *wiphy = wdev->wiphy;
  17739. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  17740. lockdep_assert_wiphy(wdev->wiphy);
  17741. WARN_INVALID_LINK_ID(wdev, link_id);
  17742. trace_cfg80211_ch_switch_started_notify(dev, chandef, link_id);
  17743. nl80211_ch_switch_notify(rdev, dev, link_id, chandef, GFP_KERNEL,
  17744. NL80211_CMD_CH_SWITCH_STARTED_NOTIFY,
  17745. count, quiet);
  17746. }
  17747. EXPORT_SYMBOL(cfg80211_ch_switch_started_notify);
  17748. int cfg80211_bss_color_notify(struct net_device *dev,
  17749. enum nl80211_commands cmd, u8 count,
  17750. u64 color_bitmap, u8 link_id)
  17751. {
  17752. struct wireless_dev *wdev = dev->ieee80211_ptr;
  17753. struct wiphy *wiphy = wdev->wiphy;
  17754. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  17755. struct sk_buff *msg;
  17756. void *hdr;
  17757. lockdep_assert_wiphy(wdev->wiphy);
  17758. trace_cfg80211_bss_color_notify(dev, cmd, count, color_bitmap);
  17759. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  17760. if (!msg)
  17761. return -ENOMEM;
  17762. hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
  17763. if (!hdr)
  17764. goto nla_put_failure;
  17765. if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex))
  17766. goto nla_put_failure;
  17767. if (wdev->valid_links &&
  17768. nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id))
  17769. goto nla_put_failure;
  17770. if (cmd == NL80211_CMD_COLOR_CHANGE_STARTED &&
  17771. nla_put_u32(msg, NL80211_ATTR_COLOR_CHANGE_COUNT, count))
  17772. goto nla_put_failure;
  17773. if (cmd == NL80211_CMD_OBSS_COLOR_COLLISION &&
  17774. nla_put_u64_64bit(msg, NL80211_ATTR_OBSS_COLOR_BITMAP,
  17775. color_bitmap, NL80211_ATTR_PAD))
  17776. goto nla_put_failure;
  17777. genlmsg_end(msg, hdr);
  17778. return genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy),
  17779. msg, 0, NL80211_MCGRP_MLME, GFP_KERNEL);
  17780. nla_put_failure:
  17781. nlmsg_free(msg);
  17782. return -EINVAL;
  17783. }
  17784. EXPORT_SYMBOL(cfg80211_bss_color_notify);
  17785. void
  17786. nl80211_radar_notify(struct cfg80211_registered_device *rdev,
  17787. const struct cfg80211_chan_def *chandef,
  17788. enum nl80211_radar_event event,
  17789. struct net_device *netdev, gfp_t gfp)
  17790. {
  17791. struct sk_buff *msg;
  17792. void *hdr;
  17793. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
  17794. if (!msg)
  17795. return;
  17796. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_RADAR_DETECT);
  17797. if (!hdr) {
  17798. nlmsg_free(msg);
  17799. return;
  17800. }
  17801. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx))
  17802. goto nla_put_failure;
  17803. /* NOP and radar events don't need a netdev parameter */
  17804. if (netdev) {
  17805. struct wireless_dev *wdev = netdev->ieee80211_ptr;
  17806. if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
  17807. nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
  17808. NL80211_ATTR_PAD))
  17809. goto nla_put_failure;
  17810. }
  17811. if (nla_put_u32(msg, NL80211_ATTR_RADAR_EVENT, event))
  17812. goto nla_put_failure;
  17813. if (nl80211_send_chandef(msg, chandef))
  17814. goto nla_put_failure;
  17815. genlmsg_end(msg, hdr);
  17816. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  17817. NL80211_MCGRP_MLME, gfp);
  17818. return;
  17819. nla_put_failure:
  17820. nlmsg_free(msg);
  17821. }
  17822. void cfg80211_sta_opmode_change_notify(struct net_device *dev, const u8 *mac,
  17823. struct sta_opmode_info *sta_opmode,
  17824. gfp_t gfp)
  17825. {
  17826. struct sk_buff *msg;
  17827. struct wireless_dev *wdev = dev->ieee80211_ptr;
  17828. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
  17829. void *hdr;
  17830. if (WARN_ON(!mac))
  17831. return;
  17832. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
  17833. if (!msg)
  17834. return;
  17835. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_STA_OPMODE_CHANGED);
  17836. if (!hdr) {
  17837. nlmsg_free(msg);
  17838. return;
  17839. }
  17840. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx))
  17841. goto nla_put_failure;
  17842. if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex))
  17843. goto nla_put_failure;
  17844. if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac))
  17845. goto nla_put_failure;
  17846. if ((sta_opmode->changed & STA_OPMODE_SMPS_MODE_CHANGED) &&
  17847. nla_put_u8(msg, NL80211_ATTR_SMPS_MODE, sta_opmode->smps_mode))
  17848. goto nla_put_failure;
  17849. if ((sta_opmode->changed & STA_OPMODE_MAX_BW_CHANGED) &&
  17850. nla_put_u32(msg, NL80211_ATTR_CHANNEL_WIDTH, sta_opmode->bw))
  17851. goto nla_put_failure;
  17852. if ((sta_opmode->changed & STA_OPMODE_N_SS_CHANGED) &&
  17853. nla_put_u8(msg, NL80211_ATTR_NSS, sta_opmode->rx_nss))
  17854. goto nla_put_failure;
  17855. genlmsg_end(msg, hdr);
  17856. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  17857. NL80211_MCGRP_MLME, gfp);
  17858. return;
  17859. nla_put_failure:
  17860. nlmsg_free(msg);
  17861. }
  17862. EXPORT_SYMBOL(cfg80211_sta_opmode_change_notify);
  17863. void cfg80211_probe_status(struct net_device *dev, const u8 *addr,
  17864. u64 cookie, bool acked, s32 ack_signal,
  17865. bool is_valid_ack_signal, gfp_t gfp)
  17866. {
  17867. struct wireless_dev *wdev = dev->ieee80211_ptr;
  17868. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
  17869. struct sk_buff *msg;
  17870. void *hdr;
  17871. trace_cfg80211_probe_status(dev, addr, cookie, acked);
  17872. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
  17873. if (!msg)
  17874. return;
  17875. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_PROBE_CLIENT);
  17876. if (!hdr) {
  17877. nlmsg_free(msg);
  17878. return;
  17879. }
  17880. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  17881. nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
  17882. nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
  17883. nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, cookie,
  17884. NL80211_ATTR_PAD) ||
  17885. (acked && nla_put_flag(msg, NL80211_ATTR_ACK)) ||
  17886. (is_valid_ack_signal && nla_put_s32(msg, NL80211_ATTR_ACK_SIGNAL,
  17887. ack_signal)))
  17888. goto nla_put_failure;
  17889. genlmsg_end(msg, hdr);
  17890. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  17891. NL80211_MCGRP_MLME, gfp);
  17892. return;
  17893. nla_put_failure:
  17894. nlmsg_free(msg);
  17895. }
  17896. EXPORT_SYMBOL(cfg80211_probe_status);
  17897. void cfg80211_report_obss_beacon_khz(struct wiphy *wiphy, const u8 *frame,
  17898. size_t len, int freq, int sig_dbm)
  17899. {
  17900. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  17901. struct sk_buff *msg;
  17902. void *hdr;
  17903. struct cfg80211_beacon_registration *reg;
  17904. trace_cfg80211_report_obss_beacon(wiphy, frame, len, freq, sig_dbm);
  17905. spin_lock_bh(&rdev->beacon_registrations_lock);
  17906. list_for_each_entry(reg, &rdev->beacon_registrations, list) {
  17907. msg = nlmsg_new(len + 100, GFP_ATOMIC);
  17908. if (!msg) {
  17909. spin_unlock_bh(&rdev->beacon_registrations_lock);
  17910. return;
  17911. }
  17912. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME);
  17913. if (!hdr)
  17914. goto nla_put_failure;
  17915. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  17916. (freq &&
  17917. (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ,
  17918. KHZ_TO_MHZ(freq)) ||
  17919. nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ_OFFSET,
  17920. freq % 1000))) ||
  17921. (sig_dbm &&
  17922. nla_put_u32(msg, NL80211_ATTR_RX_SIGNAL_DBM, sig_dbm)) ||
  17923. nla_put(msg, NL80211_ATTR_FRAME, len, frame))
  17924. goto nla_put_failure;
  17925. genlmsg_end(msg, hdr);
  17926. genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, reg->nlportid);
  17927. }
  17928. spin_unlock_bh(&rdev->beacon_registrations_lock);
  17929. return;
  17930. nla_put_failure:
  17931. spin_unlock_bh(&rdev->beacon_registrations_lock);
  17932. nlmsg_free(msg);
  17933. }
  17934. EXPORT_SYMBOL(cfg80211_report_obss_beacon_khz);
  17935. #ifdef CONFIG_PM
  17936. static int cfg80211_net_detect_results(struct sk_buff *msg,
  17937. struct cfg80211_wowlan_wakeup *wakeup)
  17938. {
  17939. struct cfg80211_wowlan_nd_info *nd = wakeup->net_detect;
  17940. struct nlattr *nl_results, *nl_match, *nl_freqs;
  17941. int i, j;
  17942. nl_results = nla_nest_start_noflag(msg,
  17943. NL80211_WOWLAN_TRIG_NET_DETECT_RESULTS);
  17944. if (!nl_results)
  17945. return -EMSGSIZE;
  17946. for (i = 0; i < nd->n_matches; i++) {
  17947. struct cfg80211_wowlan_nd_match *match = nd->matches[i];
  17948. nl_match = nla_nest_start_noflag(msg, i);
  17949. if (!nl_match)
  17950. break;
  17951. /* The SSID attribute is optional in nl80211, but for
  17952. * simplicity reasons it's always present in the
  17953. * cfg80211 structure. If a driver can't pass the
  17954. * SSID, that needs to be changed. A zero length SSID
  17955. * is still a valid SSID (wildcard), so it cannot be
  17956. * used for this purpose.
  17957. */
  17958. if (nla_put(msg, NL80211_ATTR_SSID, match->ssid.ssid_len,
  17959. match->ssid.ssid)) {
  17960. nla_nest_cancel(msg, nl_match);
  17961. goto out;
  17962. }
  17963. if (match->n_channels) {
  17964. nl_freqs = nla_nest_start_noflag(msg,
  17965. NL80211_ATTR_SCAN_FREQUENCIES);
  17966. if (!nl_freqs) {
  17967. nla_nest_cancel(msg, nl_match);
  17968. goto out;
  17969. }
  17970. for (j = 0; j < match->n_channels; j++) {
  17971. if (nla_put_u32(msg, j, match->channels[j])) {
  17972. nla_nest_cancel(msg, nl_freqs);
  17973. nla_nest_cancel(msg, nl_match);
  17974. goto out;
  17975. }
  17976. }
  17977. nla_nest_end(msg, nl_freqs);
  17978. }
  17979. nla_nest_end(msg, nl_match);
  17980. }
  17981. out:
  17982. nla_nest_end(msg, nl_results);
  17983. return 0;
  17984. }
  17985. void cfg80211_report_wowlan_wakeup(struct wireless_dev *wdev,
  17986. struct cfg80211_wowlan_wakeup *wakeup,
  17987. gfp_t gfp)
  17988. {
  17989. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
  17990. struct sk_buff *msg;
  17991. void *hdr;
  17992. int size = 200;
  17993. trace_cfg80211_report_wowlan_wakeup(wdev->wiphy, wdev, wakeup);
  17994. if (wakeup)
  17995. size += wakeup->packet_present_len;
  17996. msg = nlmsg_new(size, gfp);
  17997. if (!msg)
  17998. return;
  17999. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_SET_WOWLAN);
  18000. if (!hdr)
  18001. goto free_msg;
  18002. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  18003. nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
  18004. NL80211_ATTR_PAD))
  18005. goto free_msg;
  18006. if (wdev->netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
  18007. wdev->netdev->ifindex))
  18008. goto free_msg;
  18009. if (wakeup) {
  18010. struct nlattr *reasons;
  18011. reasons = nla_nest_start_noflag(msg,
  18012. NL80211_ATTR_WOWLAN_TRIGGERS);
  18013. if (!reasons)
  18014. goto free_msg;
  18015. if (wakeup->disconnect &&
  18016. nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT))
  18017. goto free_msg;
  18018. if (wakeup->magic_pkt &&
  18019. nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT))
  18020. goto free_msg;
  18021. if (wakeup->gtk_rekey_failure &&
  18022. nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE))
  18023. goto free_msg;
  18024. if (wakeup->eap_identity_req &&
  18025. nla_put_flag(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST))
  18026. goto free_msg;
  18027. if (wakeup->four_way_handshake &&
  18028. nla_put_flag(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE))
  18029. goto free_msg;
  18030. if (wakeup->rfkill_release &&
  18031. nla_put_flag(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE))
  18032. goto free_msg;
  18033. if (wakeup->pattern_idx >= 0 &&
  18034. nla_put_u32(msg, NL80211_WOWLAN_TRIG_PKT_PATTERN,
  18035. wakeup->pattern_idx))
  18036. goto free_msg;
  18037. if (wakeup->tcp_match &&
  18038. nla_put_flag(msg, NL80211_WOWLAN_TRIG_WAKEUP_TCP_MATCH))
  18039. goto free_msg;
  18040. if (wakeup->tcp_connlost &&
  18041. nla_put_flag(msg, NL80211_WOWLAN_TRIG_WAKEUP_TCP_CONNLOST))
  18042. goto free_msg;
  18043. if (wakeup->tcp_nomoretokens &&
  18044. nla_put_flag(msg,
  18045. NL80211_WOWLAN_TRIG_WAKEUP_TCP_NOMORETOKENS))
  18046. goto free_msg;
  18047. if (wakeup->unprot_deauth_disassoc &&
  18048. nla_put_flag(msg,
  18049. NL80211_WOWLAN_TRIG_UNPROTECTED_DEAUTH_DISASSOC))
  18050. goto free_msg;
  18051. if (wakeup->packet) {
  18052. u32 pkt_attr = NL80211_WOWLAN_TRIG_WAKEUP_PKT_80211;
  18053. u32 len_attr = NL80211_WOWLAN_TRIG_WAKEUP_PKT_80211_LEN;
  18054. if (!wakeup->packet_80211) {
  18055. pkt_attr =
  18056. NL80211_WOWLAN_TRIG_WAKEUP_PKT_8023;
  18057. len_attr =
  18058. NL80211_WOWLAN_TRIG_WAKEUP_PKT_8023_LEN;
  18059. }
  18060. if (wakeup->packet_len &&
  18061. nla_put_u32(msg, len_attr, wakeup->packet_len))
  18062. goto free_msg;
  18063. if (nla_put(msg, pkt_attr, wakeup->packet_present_len,
  18064. wakeup->packet))
  18065. goto free_msg;
  18066. }
  18067. if (wakeup->net_detect &&
  18068. cfg80211_net_detect_results(msg, wakeup))
  18069. goto free_msg;
  18070. nla_nest_end(msg, reasons);
  18071. }
  18072. genlmsg_end(msg, hdr);
  18073. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  18074. NL80211_MCGRP_MLME, gfp);
  18075. return;
  18076. free_msg:
  18077. nlmsg_free(msg);
  18078. }
  18079. EXPORT_SYMBOL(cfg80211_report_wowlan_wakeup);
  18080. #endif
  18081. void cfg80211_tdls_oper_request(struct net_device *dev, const u8 *peer,
  18082. enum nl80211_tdls_operation oper,
  18083. u16 reason_code, gfp_t gfp)
  18084. {
  18085. struct wireless_dev *wdev = dev->ieee80211_ptr;
  18086. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
  18087. struct sk_buff *msg;
  18088. void *hdr;
  18089. trace_cfg80211_tdls_oper_request(wdev->wiphy, dev, peer, oper,
  18090. reason_code);
  18091. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
  18092. if (!msg)
  18093. return;
  18094. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_TDLS_OPER);
  18095. if (!hdr) {
  18096. nlmsg_free(msg);
  18097. return;
  18098. }
  18099. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  18100. nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
  18101. nla_put_u8(msg, NL80211_ATTR_TDLS_OPERATION, oper) ||
  18102. nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, peer) ||
  18103. (reason_code > 0 &&
  18104. nla_put_u16(msg, NL80211_ATTR_REASON_CODE, reason_code)))
  18105. goto nla_put_failure;
  18106. genlmsg_end(msg, hdr);
  18107. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  18108. NL80211_MCGRP_MLME, gfp);
  18109. return;
  18110. nla_put_failure:
  18111. nlmsg_free(msg);
  18112. }
  18113. EXPORT_SYMBOL(cfg80211_tdls_oper_request);
  18114. static int nl80211_netlink_notify(struct notifier_block * nb,
  18115. unsigned long state,
  18116. void *_notify)
  18117. {
  18118. struct netlink_notify *notify = _notify;
  18119. struct cfg80211_registered_device *rdev;
  18120. struct wireless_dev *wdev;
  18121. struct cfg80211_beacon_registration *reg, *tmp;
  18122. if (state != NETLINK_URELEASE || notify->protocol != NETLINK_GENERIC)
  18123. return NOTIFY_DONE;
  18124. rcu_read_lock();
  18125. list_for_each_entry_rcu(rdev, &cfg80211_rdev_list, list) {
  18126. struct cfg80211_sched_scan_request *sched_scan_req;
  18127. list_for_each_entry_rcu(sched_scan_req,
  18128. &rdev->sched_scan_req_list,
  18129. list) {
  18130. if (sched_scan_req->owner_nlportid == notify->portid) {
  18131. sched_scan_req->nl_owner_dead = true;
  18132. wiphy_work_queue(&rdev->wiphy,
  18133. &rdev->sched_scan_stop_wk);
  18134. }
  18135. }
  18136. list_for_each_entry_rcu(wdev, &rdev->wiphy.wdev_list, list) {
  18137. cfg80211_mlme_unregister_socket(wdev, notify->portid);
  18138. if (wdev->owner_nlportid == notify->portid) {
  18139. wdev->nl_owner_dead = true;
  18140. schedule_work(&rdev->destroy_work);
  18141. } else if (wdev->conn_owner_nlportid == notify->portid) {
  18142. schedule_work(&wdev->disconnect_wk);
  18143. }
  18144. cfg80211_release_pmsr(wdev, notify->portid);
  18145. }
  18146. spin_lock_bh(&rdev->beacon_registrations_lock);
  18147. list_for_each_entry_safe(reg, tmp, &rdev->beacon_registrations,
  18148. list) {
  18149. if (reg->nlportid == notify->portid) {
  18150. list_del(&reg->list);
  18151. kfree(reg);
  18152. break;
  18153. }
  18154. }
  18155. spin_unlock_bh(&rdev->beacon_registrations_lock);
  18156. }
  18157. rcu_read_unlock();
  18158. /*
  18159. * It is possible that the user space process that is controlling the
  18160. * indoor setting disappeared, so notify the regulatory core.
  18161. */
  18162. regulatory_netlink_notify(notify->portid);
  18163. return NOTIFY_OK;
  18164. }
  18165. static struct notifier_block nl80211_netlink_notifier = {
  18166. .notifier_call = nl80211_netlink_notify,
  18167. };
  18168. void cfg80211_ft_event(struct net_device *netdev,
  18169. struct cfg80211_ft_event_params *ft_event)
  18170. {
  18171. struct wiphy *wiphy = netdev->ieee80211_ptr->wiphy;
  18172. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  18173. struct sk_buff *msg;
  18174. void *hdr;
  18175. trace_cfg80211_ft_event(wiphy, netdev, ft_event);
  18176. if (!ft_event->target_ap)
  18177. return;
  18178. msg = nlmsg_new(100 + ft_event->ies_len + ft_event->ric_ies_len,
  18179. GFP_KERNEL);
  18180. if (!msg)
  18181. return;
  18182. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FT_EVENT);
  18183. if (!hdr)
  18184. goto out;
  18185. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  18186. nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
  18187. nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, ft_event->target_ap))
  18188. goto out;
  18189. if (ft_event->ies &&
  18190. nla_put(msg, NL80211_ATTR_IE, ft_event->ies_len, ft_event->ies))
  18191. goto out;
  18192. if (ft_event->ric_ies &&
  18193. nla_put(msg, NL80211_ATTR_IE_RIC, ft_event->ric_ies_len,
  18194. ft_event->ric_ies))
  18195. goto out;
  18196. genlmsg_end(msg, hdr);
  18197. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  18198. NL80211_MCGRP_MLME, GFP_KERNEL);
  18199. return;
  18200. out:
  18201. nlmsg_free(msg);
  18202. }
  18203. EXPORT_SYMBOL(cfg80211_ft_event);
  18204. void cfg80211_crit_proto_stopped(struct wireless_dev *wdev, gfp_t gfp)
  18205. {
  18206. struct cfg80211_registered_device *rdev;
  18207. struct sk_buff *msg;
  18208. void *hdr;
  18209. u32 nlportid;
  18210. rdev = wiphy_to_rdev(wdev->wiphy);
  18211. if (!rdev->crit_proto_nlportid)
  18212. return;
  18213. nlportid = rdev->crit_proto_nlportid;
  18214. rdev->crit_proto_nlportid = 0;
  18215. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
  18216. if (!msg)
  18217. return;
  18218. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CRIT_PROTOCOL_STOP);
  18219. if (!hdr)
  18220. goto nla_put_failure;
  18221. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  18222. nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
  18223. NL80211_ATTR_PAD))
  18224. goto nla_put_failure;
  18225. genlmsg_end(msg, hdr);
  18226. genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlportid);
  18227. return;
  18228. nla_put_failure:
  18229. nlmsg_free(msg);
  18230. }
  18231. EXPORT_SYMBOL(cfg80211_crit_proto_stopped);
  18232. void nl80211_send_ap_stopped(struct wireless_dev *wdev, unsigned int link_id)
  18233. {
  18234. struct wiphy *wiphy = wdev->wiphy;
  18235. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  18236. struct sk_buff *msg;
  18237. void *hdr;
  18238. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  18239. if (!msg)
  18240. return;
  18241. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_STOP_AP);
  18242. if (!hdr)
  18243. goto out;
  18244. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  18245. nla_put_u32(msg, NL80211_ATTR_IFINDEX, wdev->netdev->ifindex) ||
  18246. nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
  18247. NL80211_ATTR_PAD) ||
  18248. (wdev->valid_links &&
  18249. nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id)))
  18250. goto out;
  18251. genlmsg_end(msg, hdr);
  18252. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(wiphy), msg, 0,
  18253. NL80211_MCGRP_MLME, GFP_KERNEL);
  18254. return;
  18255. out:
  18256. nlmsg_free(msg);
  18257. }
  18258. int cfg80211_external_auth_request(struct net_device *dev,
  18259. struct cfg80211_external_auth_params *params,
  18260. gfp_t gfp)
  18261. {
  18262. struct wireless_dev *wdev = dev->ieee80211_ptr;
  18263. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
  18264. struct sk_buff *msg;
  18265. void *hdr;
  18266. if (!wdev->conn_owner_nlportid)
  18267. return -EINVAL;
  18268. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
  18269. if (!msg)
  18270. return -ENOMEM;
  18271. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_EXTERNAL_AUTH);
  18272. if (!hdr)
  18273. goto nla_put_failure;
  18274. /* Some historical mistakes in drivers <-> userspace interface (notably
  18275. * between drivers and wpa_supplicant) led to a big-endian conversion
  18276. * being needed on NL80211_ATTR_AKM_SUITES _only_ when its value is
  18277. * WLAN_AKM_SUITE_SAE. This is now fixed on userspace side, but for the
  18278. * benefit of older wpa_supplicant versions, send this particular value
  18279. * in big-endian. Note that newer wpa_supplicant will also detect this
  18280. * particular value in big endian still, so it all continues to work.
  18281. */
  18282. if (params->key_mgmt_suite == WLAN_AKM_SUITE_SAE) {
  18283. if (nla_put_be32(msg, NL80211_ATTR_AKM_SUITES,
  18284. cpu_to_be32(WLAN_AKM_SUITE_SAE)))
  18285. goto nla_put_failure;
  18286. } else {
  18287. if (nla_put_u32(msg, NL80211_ATTR_AKM_SUITES,
  18288. params->key_mgmt_suite))
  18289. goto nla_put_failure;
  18290. }
  18291. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  18292. nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
  18293. nla_put_u32(msg, NL80211_ATTR_EXTERNAL_AUTH_ACTION,
  18294. params->action) ||
  18295. nla_put(msg, NL80211_ATTR_BSSID, ETH_ALEN, params->bssid) ||
  18296. nla_put(msg, NL80211_ATTR_SSID, params->ssid.ssid_len,
  18297. params->ssid.ssid) ||
  18298. (!is_zero_ether_addr(params->mld_addr) &&
  18299. nla_put(msg, NL80211_ATTR_MLD_ADDR, ETH_ALEN, params->mld_addr)))
  18300. goto nla_put_failure;
  18301. genlmsg_end(msg, hdr);
  18302. genlmsg_unicast(wiphy_net(&rdev->wiphy), msg,
  18303. wdev->conn_owner_nlportid);
  18304. return 0;
  18305. nla_put_failure:
  18306. nlmsg_free(msg);
  18307. return -ENOBUFS;
  18308. }
  18309. EXPORT_SYMBOL(cfg80211_external_auth_request);
  18310. void cfg80211_update_owe_info_event(struct net_device *netdev,
  18311. struct cfg80211_update_owe_info *owe_info,
  18312. gfp_t gfp)
  18313. {
  18314. struct wiphy *wiphy = netdev->ieee80211_ptr->wiphy;
  18315. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  18316. struct sk_buff *msg;
  18317. void *hdr;
  18318. trace_cfg80211_update_owe_info_event(wiphy, netdev, owe_info);
  18319. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
  18320. if (!msg)
  18321. return;
  18322. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_UPDATE_OWE_INFO);
  18323. if (!hdr)
  18324. goto nla_put_failure;
  18325. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  18326. nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
  18327. nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, owe_info->peer))
  18328. goto nla_put_failure;
  18329. if (!owe_info->ie_len ||
  18330. nla_put(msg, NL80211_ATTR_IE, owe_info->ie_len, owe_info->ie))
  18331. goto nla_put_failure;
  18332. if (owe_info->assoc_link_id != -1) {
  18333. if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID,
  18334. owe_info->assoc_link_id))
  18335. goto nla_put_failure;
  18336. if (!is_zero_ether_addr(owe_info->peer_mld_addr) &&
  18337. nla_put(msg, NL80211_ATTR_MLD_ADDR, ETH_ALEN,
  18338. owe_info->peer_mld_addr))
  18339. goto nla_put_failure;
  18340. }
  18341. genlmsg_end(msg, hdr);
  18342. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  18343. NL80211_MCGRP_MLME, gfp);
  18344. return;
  18345. nla_put_failure:
  18346. genlmsg_cancel(msg, hdr);
  18347. nlmsg_free(msg);
  18348. }
  18349. EXPORT_SYMBOL(cfg80211_update_owe_info_event);
  18350. void cfg80211_schedule_channels_check(struct wireless_dev *wdev)
  18351. {
  18352. struct wiphy *wiphy = wdev->wiphy;
  18353. /* Schedule channels check if NO_IR or DFS relaxations are supported */
  18354. if (wdev->iftype == NL80211_IFTYPE_STATION &&
  18355. (wiphy_ext_feature_isset(wiphy,
  18356. NL80211_EXT_FEATURE_DFS_CONCURRENT) ||
  18357. (IS_ENABLED(CONFIG_CFG80211_REG_RELAX_NO_IR) &&
  18358. wiphy->regulatory_flags & REGULATORY_ENABLE_RELAX_NO_IR)))
  18359. reg_check_channels();
  18360. }
  18361. EXPORT_SYMBOL(cfg80211_schedule_channels_check);
  18362. void cfg80211_epcs_changed(struct net_device *netdev, bool enabled)
  18363. {
  18364. struct wireless_dev *wdev = netdev->ieee80211_ptr;
  18365. struct wiphy *wiphy = wdev->wiphy;
  18366. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  18367. struct sk_buff *msg;
  18368. void *hdr;
  18369. trace_cfg80211_epcs_changed(wdev, enabled);
  18370. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
  18371. if (!msg)
  18372. return;
  18373. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_EPCS_CFG);
  18374. if (!hdr) {
  18375. nlmsg_free(msg);
  18376. return;
  18377. }
  18378. if (enabled && nla_put_flag(msg, NL80211_ATTR_EPCS))
  18379. goto nla_put_failure;
  18380. genlmsg_end(msg, hdr);
  18381. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
  18382. NL80211_MCGRP_MLME, GFP_KERNEL);
  18383. return;
  18384. nla_put_failure:
  18385. nlmsg_free(msg);
  18386. }
  18387. EXPORT_SYMBOL(cfg80211_epcs_changed);
  18388. void cfg80211_next_nan_dw_notif(struct wireless_dev *wdev,
  18389. struct ieee80211_channel *chan, gfp_t gfp)
  18390. {
  18391. struct wiphy *wiphy = wdev->wiphy;
  18392. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  18393. struct sk_buff *msg;
  18394. void *hdr;
  18395. trace_cfg80211_next_nan_dw_notif(wdev, chan);
  18396. if (!wdev->owner_nlportid)
  18397. return;
  18398. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
  18399. if (!msg)
  18400. return;
  18401. hdr = nl80211hdr_put(msg, 0, 0, 0,
  18402. NL80211_CMD_NAN_NEXT_DW_NOTIFICATION);
  18403. if (!hdr)
  18404. goto nla_put_failure;
  18405. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  18406. nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
  18407. NL80211_ATTR_PAD) ||
  18408. nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, chan->center_freq))
  18409. goto nla_put_failure;
  18410. genlmsg_end(msg, hdr);
  18411. genlmsg_unicast(wiphy_net(wiphy), msg, wdev->owner_nlportid);
  18412. return;
  18413. nla_put_failure:
  18414. nlmsg_free(msg);
  18415. }
  18416. EXPORT_SYMBOL(cfg80211_next_nan_dw_notif);
  18417. void cfg80211_nan_cluster_joined(struct wireless_dev *wdev,
  18418. const u8 *cluster_id, bool new_cluster,
  18419. gfp_t gfp)
  18420. {
  18421. struct wiphy *wiphy = wdev->wiphy;
  18422. struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
  18423. struct sk_buff *msg;
  18424. void *hdr;
  18425. trace_cfg80211_nan_cluster_joined(wdev, cluster_id, new_cluster);
  18426. memcpy(wdev->u.nan.cluster_id, cluster_id, ETH_ALEN);
  18427. msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
  18428. if (!msg)
  18429. return;
  18430. hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NAN_CLUSTER_JOINED);
  18431. if (!hdr)
  18432. goto nla_put_failure;
  18433. if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
  18434. nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
  18435. NL80211_ATTR_PAD) ||
  18436. nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, cluster_id) ||
  18437. (new_cluster && nla_put_flag(msg, NL80211_ATTR_NAN_NEW_CLUSTER)))
  18438. goto nla_put_failure;
  18439. genlmsg_end(msg, hdr);
  18440. if (!wdev->owner_nlportid)
  18441. genlmsg_multicast_netns(&nl80211_fam, wiphy_net(wiphy),
  18442. msg, 0, NL80211_MCGRP_NAN, gfp);
  18443. else
  18444. genlmsg_unicast(wiphy_net(wiphy), msg,
  18445. wdev->owner_nlportid);
  18446. return;
  18447. nla_put_failure:
  18448. nlmsg_free(msg);
  18449. }
  18450. EXPORT_SYMBOL(cfg80211_nan_cluster_joined);
  18451. /* initialisation/exit functions */
  18452. int __init nl80211_init(void)
  18453. {
  18454. int err;
  18455. err = genl_register_family(&nl80211_fam);
  18456. if (err)
  18457. return err;
  18458. err = netlink_register_notifier(&nl80211_netlink_notifier);
  18459. if (err)
  18460. goto err_out;
  18461. return 0;
  18462. err_out:
  18463. genl_unregister_family(&nl80211_fam);
  18464. return err;
  18465. }
  18466. void nl80211_exit(void)
  18467. {
  18468. netlink_unregister_notifier(&nl80211_netlink_notifier);
  18469. genl_unregister_family(&nl80211_fam);
  18470. }