1 // SPDX-License-Identifier: GPL-2.0-only
3 * This is the new netlink-based wireless configuration interface.
5 * Copyright 2006-2010 Johannes Berg <johannes@sipsolutions.net>
6 * Copyright 2013-2014 Intel Mobile Communications GmbH
7 * Copyright 2015-2017 Intel Deutschland GmbH
8 * Copyright (C) 2018-2022 Intel Corporation
12 #include <linux/module.h>
13 #include <linux/err.h>
14 #include <linux/slab.h>
15 #include <linux/list.h>
16 #include <linux/if_ether.h>
17 #include <linux/ieee80211.h>
18 #include <linux/nl80211.h>
19 #include <linux/rtnetlink.h>
20 #include <linux/netlink.h>
21 #include <linux/nospec.h>
22 #include <linux/etherdevice.h>
23 #include <linux/if_vlan.h>
24 #include <net/net_namespace.h>
25 #include <net/genetlink.h>
26 #include <net/cfg80211.h>
28 #include <net/inet_connection_sock.h>
34 static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev,
35 struct genl_info *info,
36 struct cfg80211_crypto_settings *settings,
39 /* the netlink family */
40 static struct genl_family nl80211_fam;
42 /* multicast groups */
43 enum nl80211_multicast_groups {
46 NL80211_MCGRP_REGULATORY,
50 NL80211_MCGRP_TESTMODE /* keep last - ifdef! */
53 static const struct genl_multicast_group nl80211_mcgrps[] = {
54 [NL80211_MCGRP_CONFIG] = { .name = NL80211_MULTICAST_GROUP_CONFIG },
55 [NL80211_MCGRP_SCAN] = { .name = NL80211_MULTICAST_GROUP_SCAN },
56 [NL80211_MCGRP_REGULATORY] = { .name = NL80211_MULTICAST_GROUP_REG },
57 [NL80211_MCGRP_MLME] = { .name = NL80211_MULTICAST_GROUP_MLME },
58 [NL80211_MCGRP_VENDOR] = { .name = NL80211_MULTICAST_GROUP_VENDOR },
59 [NL80211_MCGRP_NAN] = { .name = NL80211_MULTICAST_GROUP_NAN },
60 #ifdef CONFIG_NL80211_TESTMODE
61 [NL80211_MCGRP_TESTMODE] = { .name = NL80211_MULTICAST_GROUP_TESTMODE }
65 /* returns ERR_PTR values */
66 static struct wireless_dev *
67 __cfg80211_wdev_from_attrs(struct cfg80211_registered_device *rdev,
68 struct net *netns, struct nlattr **attrs)
70 struct wireless_dev *result = NULL;
71 bool have_ifidx = attrs[NL80211_ATTR_IFINDEX];
72 bool have_wdev_id = attrs[NL80211_ATTR_WDEV];
77 if (!have_ifidx && !have_wdev_id)
78 return ERR_PTR(-EINVAL);
81 ifidx = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]);
83 wdev_id = nla_get_u64(attrs[NL80211_ATTR_WDEV]);
84 wiphy_idx = wdev_id >> 32;
88 struct wireless_dev *wdev;
90 lockdep_assert_held(&rdev->wiphy.mtx);
92 list_for_each_entry(wdev, &rdev->wiphy.wdev_list, list) {
93 if (have_ifidx && wdev->netdev &&
94 wdev->netdev->ifindex == ifidx) {
98 if (have_wdev_id && wdev->identifier == (u32)wdev_id) {
104 return result ?: ERR_PTR(-ENODEV);
109 list_for_each_entry(rdev, &cfg80211_rdev_list, list) {
110 struct wireless_dev *wdev;
112 if (wiphy_net(&rdev->wiphy) != netns)
115 if (have_wdev_id && rdev->wiphy_idx != wiphy_idx)
118 list_for_each_entry(wdev, &rdev->wiphy.wdev_list, list) {
119 if (have_ifidx && wdev->netdev &&
120 wdev->netdev->ifindex == ifidx) {
124 if (have_wdev_id && wdev->identifier == (u32)wdev_id) {
136 return ERR_PTR(-ENODEV);
139 static struct cfg80211_registered_device *
140 __cfg80211_rdev_from_attrs(struct net *netns, struct nlattr **attrs)
142 struct cfg80211_registered_device *rdev = NULL, *tmp;
143 struct net_device *netdev;
147 if (!attrs[NL80211_ATTR_WIPHY] &&
148 !attrs[NL80211_ATTR_IFINDEX] &&
149 !attrs[NL80211_ATTR_WDEV])
150 return ERR_PTR(-EINVAL);
152 if (attrs[NL80211_ATTR_WIPHY])
153 rdev = cfg80211_rdev_by_wiphy_idx(
154 nla_get_u32(attrs[NL80211_ATTR_WIPHY]));
156 if (attrs[NL80211_ATTR_WDEV]) {
157 u64 wdev_id = nla_get_u64(attrs[NL80211_ATTR_WDEV]);
158 struct wireless_dev *wdev;
161 tmp = cfg80211_rdev_by_wiphy_idx(wdev_id >> 32);
163 /* make sure wdev exists */
164 list_for_each_entry(wdev, &tmp->wiphy.wdev_list, list) {
165 if (wdev->identifier != (u32)wdev_id)
174 if (rdev && tmp != rdev)
175 return ERR_PTR(-EINVAL);
180 if (attrs[NL80211_ATTR_IFINDEX]) {
181 int ifindex = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]);
183 netdev = __dev_get_by_index(netns, ifindex);
185 if (netdev->ieee80211_ptr)
187 netdev->ieee80211_ptr->wiphy);
191 /* not wireless device -- return error */
193 return ERR_PTR(-EINVAL);
195 /* mismatch -- return error */
196 if (rdev && tmp != rdev)
197 return ERR_PTR(-EINVAL);
204 return ERR_PTR(-ENODEV);
206 if (netns != wiphy_net(&rdev->wiphy))
207 return ERR_PTR(-ENODEV);
213 * This function returns a pointer to the driver
214 * that the genl_info item that is passed refers to.
216 * The result of this can be a PTR_ERR and hence must
217 * be checked with IS_ERR() for errors.
219 static struct cfg80211_registered_device *
220 cfg80211_get_dev_from_info(struct net *netns, struct genl_info *info)
222 return __cfg80211_rdev_from_attrs(netns, info->attrs);
225 static int validate_beacon_head(const struct nlattr *attr,
226 struct netlink_ext_ack *extack)
228 const u8 *data = nla_data(attr);
229 unsigned int len = nla_len(attr);
230 const struct element *elem;
231 const struct ieee80211_mgmt *mgmt = (void *)data;
232 unsigned int fixedlen, hdrlen;
235 if (len < offsetofend(typeof(*mgmt), frame_control))
238 s1g_bcn = ieee80211_is_s1g_beacon(mgmt->frame_control);
240 fixedlen = offsetof(struct ieee80211_ext,
241 u.s1g_beacon.variable);
242 hdrlen = offsetof(struct ieee80211_ext, u.s1g_beacon);
244 fixedlen = offsetof(struct ieee80211_mgmt,
246 hdrlen = offsetof(struct ieee80211_mgmt, u.beacon);
252 if (ieee80211_hdrlen(mgmt->frame_control) != hdrlen)
258 for_each_element(elem, data, len) {
262 if (for_each_element_completed(elem, data, len))
266 NL_SET_ERR_MSG_ATTR(extack, attr, "malformed beacon head");
270 static int validate_ie_attr(const struct nlattr *attr,
271 struct netlink_ext_ack *extack)
273 const u8 *data = nla_data(attr);
274 unsigned int len = nla_len(attr);
275 const struct element *elem;
277 for_each_element(elem, data, len) {
281 if (for_each_element_completed(elem, data, len))
284 NL_SET_ERR_MSG_ATTR(extack, attr, "malformed information elements");
288 static int validate_he_capa(const struct nlattr *attr,
289 struct netlink_ext_ack *extack)
291 if (!ieee80211_he_capa_size_ok(nla_data(attr), nla_len(attr)))
297 /* policy for the attributes */
298 static const struct nla_policy nl80211_policy[NUM_NL80211_ATTR];
300 static const struct nla_policy
301 nl80211_ftm_responder_policy[NL80211_FTM_RESP_ATTR_MAX + 1] = {
302 [NL80211_FTM_RESP_ATTR_ENABLED] = { .type = NLA_FLAG, },
303 [NL80211_FTM_RESP_ATTR_LCI] = { .type = NLA_BINARY,
305 [NL80211_FTM_RESP_ATTR_CIVICLOC] = { .type = NLA_BINARY,
309 static const struct nla_policy
310 nl80211_pmsr_ftm_req_attr_policy[NL80211_PMSR_FTM_REQ_ATTR_MAX + 1] = {
311 [NL80211_PMSR_FTM_REQ_ATTR_ASAP] = { .type = NLA_FLAG },
312 [NL80211_PMSR_FTM_REQ_ATTR_PREAMBLE] = { .type = NLA_U32 },
313 [NL80211_PMSR_FTM_REQ_ATTR_NUM_BURSTS_EXP] =
314 NLA_POLICY_MAX(NLA_U8, 15),
315 [NL80211_PMSR_FTM_REQ_ATTR_BURST_PERIOD] = { .type = NLA_U16 },
316 [NL80211_PMSR_FTM_REQ_ATTR_BURST_DURATION] =
317 NLA_POLICY_MAX(NLA_U8, 15),
318 [NL80211_PMSR_FTM_REQ_ATTR_FTMS_PER_BURST] =
319 NLA_POLICY_MAX(NLA_U8, 31),
320 [NL80211_PMSR_FTM_REQ_ATTR_NUM_FTMR_RETRIES] = { .type = NLA_U8 },
321 [NL80211_PMSR_FTM_REQ_ATTR_REQUEST_LCI] = { .type = NLA_FLAG },
322 [NL80211_PMSR_FTM_REQ_ATTR_REQUEST_CIVICLOC] = { .type = NLA_FLAG },
323 [NL80211_PMSR_FTM_REQ_ATTR_TRIGGER_BASED] = { .type = NLA_FLAG },
324 [NL80211_PMSR_FTM_REQ_ATTR_NON_TRIGGER_BASED] = { .type = NLA_FLAG },
325 [NL80211_PMSR_FTM_REQ_ATTR_LMR_FEEDBACK] = { .type = NLA_FLAG },
326 [NL80211_PMSR_FTM_REQ_ATTR_BSS_COLOR] = { .type = NLA_U8 },
329 static const struct nla_policy
330 nl80211_pmsr_req_data_policy[NL80211_PMSR_TYPE_MAX + 1] = {
331 [NL80211_PMSR_TYPE_FTM] =
332 NLA_POLICY_NESTED(nl80211_pmsr_ftm_req_attr_policy),
335 static const struct nla_policy
336 nl80211_pmsr_req_attr_policy[NL80211_PMSR_REQ_ATTR_MAX + 1] = {
337 [NL80211_PMSR_REQ_ATTR_DATA] =
338 NLA_POLICY_NESTED(nl80211_pmsr_req_data_policy),
339 [NL80211_PMSR_REQ_ATTR_GET_AP_TSF] = { .type = NLA_FLAG },
342 static const struct nla_policy
343 nl80211_pmsr_peer_attr_policy[NL80211_PMSR_PEER_ATTR_MAX + 1] = {
344 [NL80211_PMSR_PEER_ATTR_ADDR] = NLA_POLICY_ETH_ADDR,
345 [NL80211_PMSR_PEER_ATTR_CHAN] = NLA_POLICY_NESTED(nl80211_policy),
346 [NL80211_PMSR_PEER_ATTR_REQ] =
347 NLA_POLICY_NESTED(nl80211_pmsr_req_attr_policy),
348 [NL80211_PMSR_PEER_ATTR_RESP] = { .type = NLA_REJECT },
351 static const struct nla_policy
352 nl80211_pmsr_attr_policy[NL80211_PMSR_ATTR_MAX + 1] = {
353 [NL80211_PMSR_ATTR_MAX_PEERS] = { .type = NLA_REJECT },
354 [NL80211_PMSR_ATTR_REPORT_AP_TSF] = { .type = NLA_REJECT },
355 [NL80211_PMSR_ATTR_RANDOMIZE_MAC_ADDR] = { .type = NLA_REJECT },
356 [NL80211_PMSR_ATTR_TYPE_CAPA] = { .type = NLA_REJECT },
357 [NL80211_PMSR_ATTR_PEERS] =
358 NLA_POLICY_NESTED_ARRAY(nl80211_pmsr_peer_attr_policy),
361 static const struct nla_policy
362 he_obss_pd_policy[NL80211_HE_OBSS_PD_ATTR_MAX + 1] = {
363 [NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET] =
364 NLA_POLICY_RANGE(NLA_U8, 1, 20),
365 [NL80211_HE_OBSS_PD_ATTR_MAX_OFFSET] =
366 NLA_POLICY_RANGE(NLA_U8, 1, 20),
367 [NL80211_HE_OBSS_PD_ATTR_NON_SRG_MAX_OFFSET] =
368 NLA_POLICY_RANGE(NLA_U8, 1, 20),
369 [NL80211_HE_OBSS_PD_ATTR_BSS_COLOR_BITMAP] =
370 NLA_POLICY_EXACT_LEN(8),
371 [NL80211_HE_OBSS_PD_ATTR_PARTIAL_BSSID_BITMAP] =
372 NLA_POLICY_EXACT_LEN(8),
373 [NL80211_HE_OBSS_PD_ATTR_SR_CTRL] = { .type = NLA_U8 },
376 static const struct nla_policy
377 he_bss_color_policy[NL80211_HE_BSS_COLOR_ATTR_MAX + 1] = {
378 [NL80211_HE_BSS_COLOR_ATTR_COLOR] = NLA_POLICY_RANGE(NLA_U8, 1, 63),
379 [NL80211_HE_BSS_COLOR_ATTR_DISABLED] = { .type = NLA_FLAG },
380 [NL80211_HE_BSS_COLOR_ATTR_PARTIAL] = { .type = NLA_FLAG },
383 static const struct nla_policy nl80211_txattr_policy[NL80211_TXRATE_MAX + 1] = {
384 [NL80211_TXRATE_LEGACY] = { .type = NLA_BINARY,
385 .len = NL80211_MAX_SUPP_RATES },
386 [NL80211_TXRATE_HT] = { .type = NLA_BINARY,
387 .len = NL80211_MAX_SUPP_HT_RATES },
388 [NL80211_TXRATE_VHT] = NLA_POLICY_EXACT_LEN_WARN(sizeof(struct nl80211_txrate_vht)),
389 [NL80211_TXRATE_GI] = { .type = NLA_U8 },
390 [NL80211_TXRATE_HE] = NLA_POLICY_EXACT_LEN(sizeof(struct nl80211_txrate_he)),
391 [NL80211_TXRATE_HE_GI] = NLA_POLICY_RANGE(NLA_U8,
392 NL80211_RATE_INFO_HE_GI_0_8,
393 NL80211_RATE_INFO_HE_GI_3_2),
394 [NL80211_TXRATE_HE_LTF] = NLA_POLICY_RANGE(NLA_U8,
395 NL80211_RATE_INFO_HE_1XLTF,
396 NL80211_RATE_INFO_HE_4XLTF),
399 static const struct nla_policy
400 nl80211_tid_config_attr_policy[NL80211_TID_CONFIG_ATTR_MAX + 1] = {
401 [NL80211_TID_CONFIG_ATTR_VIF_SUPP] = { .type = NLA_U64 },
402 [NL80211_TID_CONFIG_ATTR_PEER_SUPP] = { .type = NLA_U64 },
403 [NL80211_TID_CONFIG_ATTR_OVERRIDE] = { .type = NLA_FLAG },
404 [NL80211_TID_CONFIG_ATTR_TIDS] = NLA_POLICY_RANGE(NLA_U16, 1, 0xff),
405 [NL80211_TID_CONFIG_ATTR_NOACK] =
406 NLA_POLICY_MAX(NLA_U8, NL80211_TID_CONFIG_DISABLE),
407 [NL80211_TID_CONFIG_ATTR_RETRY_SHORT] = NLA_POLICY_MIN(NLA_U8, 1),
408 [NL80211_TID_CONFIG_ATTR_RETRY_LONG] = NLA_POLICY_MIN(NLA_U8, 1),
409 [NL80211_TID_CONFIG_ATTR_AMPDU_CTRL] =
410 NLA_POLICY_MAX(NLA_U8, NL80211_TID_CONFIG_DISABLE),
411 [NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL] =
412 NLA_POLICY_MAX(NLA_U8, NL80211_TID_CONFIG_DISABLE),
413 [NL80211_TID_CONFIG_ATTR_AMSDU_CTRL] =
414 NLA_POLICY_MAX(NLA_U8, NL80211_TID_CONFIG_DISABLE),
415 [NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE] =
416 NLA_POLICY_MAX(NLA_U8, NL80211_TX_RATE_FIXED),
417 [NL80211_TID_CONFIG_ATTR_TX_RATE] =
418 NLA_POLICY_NESTED(nl80211_txattr_policy),
421 static const struct nla_policy
422 nl80211_fils_discovery_policy[NL80211_FILS_DISCOVERY_ATTR_MAX + 1] = {
423 [NL80211_FILS_DISCOVERY_ATTR_INT_MIN] = NLA_POLICY_MAX(NLA_U32, 10000),
424 [NL80211_FILS_DISCOVERY_ATTR_INT_MAX] = NLA_POLICY_MAX(NLA_U32, 10000),
425 [NL80211_FILS_DISCOVERY_ATTR_TMPL] =
426 NLA_POLICY_RANGE(NLA_BINARY,
427 NL80211_FILS_DISCOVERY_TMPL_MIN_LEN,
428 IEEE80211_MAX_DATA_LEN),
431 static const struct nla_policy
432 nl80211_unsol_bcast_probe_resp_policy[NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_MAX + 1] = {
433 [NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_INT] = NLA_POLICY_MAX(NLA_U32, 20),
434 [NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_TMPL] = { .type = NLA_BINARY,
435 .len = IEEE80211_MAX_DATA_LEN }
438 static const struct nla_policy
439 sar_specs_policy[NL80211_SAR_ATTR_SPECS_MAX + 1] = {
440 [NL80211_SAR_ATTR_SPECS_POWER] = { .type = NLA_S32 },
441 [NL80211_SAR_ATTR_SPECS_RANGE_INDEX] = {.type = NLA_U32 },
444 static const struct nla_policy
445 sar_policy[NL80211_SAR_ATTR_MAX + 1] = {
446 [NL80211_SAR_ATTR_TYPE] = NLA_POLICY_MAX(NLA_U32, NUM_NL80211_SAR_TYPE),
447 [NL80211_SAR_ATTR_SPECS] = NLA_POLICY_NESTED_ARRAY(sar_specs_policy),
450 static const struct nla_policy
451 nl80211_mbssid_config_policy[NL80211_MBSSID_CONFIG_ATTR_MAX + 1] = {
452 [NL80211_MBSSID_CONFIG_ATTR_MAX_INTERFACES] = NLA_POLICY_MIN(NLA_U8, 2),
453 [NL80211_MBSSID_CONFIG_ATTR_MAX_EMA_PROFILE_PERIODICITY] =
454 NLA_POLICY_MIN(NLA_U8, 1),
455 [NL80211_MBSSID_CONFIG_ATTR_INDEX] = { .type = NLA_U8 },
456 [NL80211_MBSSID_CONFIG_ATTR_TX_IFINDEX] = { .type = NLA_U32 },
457 [NL80211_MBSSID_CONFIG_ATTR_EMA] = { .type = NLA_FLAG },
460 static const struct nla_policy
461 nl80211_sta_wme_policy[NL80211_STA_WME_MAX + 1] = {
462 [NL80211_STA_WME_UAPSD_QUEUES] = { .type = NLA_U8 },
463 [NL80211_STA_WME_MAX_SP] = { .type = NLA_U8 },
466 static const struct nla_policy nl80211_policy[NUM_NL80211_ATTR] = {
467 [0] = { .strict_start_type = NL80211_ATTR_HE_OBSS_PD },
468 [NL80211_ATTR_WIPHY] = { .type = NLA_U32 },
469 [NL80211_ATTR_WIPHY_NAME] = { .type = NLA_NUL_STRING,
471 [NL80211_ATTR_WIPHY_TXQ_PARAMS] = { .type = NLA_NESTED },
473 [NL80211_ATTR_WIPHY_FREQ] = { .type = NLA_U32 },
474 [NL80211_ATTR_WIPHY_CHANNEL_TYPE] = { .type = NLA_U32 },
475 [NL80211_ATTR_WIPHY_EDMG_CHANNELS] = NLA_POLICY_RANGE(NLA_U8,
476 NL80211_EDMG_CHANNELS_MIN,
477 NL80211_EDMG_CHANNELS_MAX),
478 [NL80211_ATTR_WIPHY_EDMG_BW_CONFIG] = NLA_POLICY_RANGE(NLA_U8,
479 NL80211_EDMG_BW_CONFIG_MIN,
480 NL80211_EDMG_BW_CONFIG_MAX),
482 [NL80211_ATTR_CHANNEL_WIDTH] = { .type = NLA_U32 },
483 [NL80211_ATTR_CENTER_FREQ1] = { .type = NLA_U32 },
484 [NL80211_ATTR_CENTER_FREQ1_OFFSET] = NLA_POLICY_RANGE(NLA_U32, 0, 999),
485 [NL80211_ATTR_CENTER_FREQ2] = { .type = NLA_U32 },
487 [NL80211_ATTR_WIPHY_RETRY_SHORT] = NLA_POLICY_MIN(NLA_U8, 1),
488 [NL80211_ATTR_WIPHY_RETRY_LONG] = NLA_POLICY_MIN(NLA_U8, 1),
489 [NL80211_ATTR_WIPHY_FRAG_THRESHOLD] = { .type = NLA_U32 },
490 [NL80211_ATTR_WIPHY_RTS_THRESHOLD] = { .type = NLA_U32 },
491 [NL80211_ATTR_WIPHY_COVERAGE_CLASS] = { .type = NLA_U8 },
492 [NL80211_ATTR_WIPHY_DYN_ACK] = { .type = NLA_FLAG },
494 [NL80211_ATTR_IFTYPE] = NLA_POLICY_MAX(NLA_U32, NL80211_IFTYPE_MAX),
495 [NL80211_ATTR_IFINDEX] = { .type = NLA_U32 },
496 [NL80211_ATTR_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ-1 },
498 [NL80211_ATTR_MAC] = NLA_POLICY_EXACT_LEN_WARN(ETH_ALEN),
499 [NL80211_ATTR_PREV_BSSID] = NLA_POLICY_EXACT_LEN_WARN(ETH_ALEN),
501 [NL80211_ATTR_KEY] = { .type = NLA_NESTED, },
502 [NL80211_ATTR_KEY_DATA] = { .type = NLA_BINARY,
503 .len = WLAN_MAX_KEY_LEN },
504 [NL80211_ATTR_KEY_IDX] = NLA_POLICY_MAX(NLA_U8, 7),
505 [NL80211_ATTR_KEY_CIPHER] = { .type = NLA_U32 },
506 [NL80211_ATTR_KEY_DEFAULT] = { .type = NLA_FLAG },
507 [NL80211_ATTR_KEY_SEQ] = { .type = NLA_BINARY, .len = 16 },
508 [NL80211_ATTR_KEY_TYPE] =
509 NLA_POLICY_MAX(NLA_U32, NUM_NL80211_KEYTYPES),
511 [NL80211_ATTR_BEACON_INTERVAL] = { .type = NLA_U32 },
512 [NL80211_ATTR_DTIM_PERIOD] = { .type = NLA_U32 },
513 [NL80211_ATTR_BEACON_HEAD] =
514 NLA_POLICY_VALIDATE_FN(NLA_BINARY, validate_beacon_head,
515 IEEE80211_MAX_DATA_LEN),
516 [NL80211_ATTR_BEACON_TAIL] =
517 NLA_POLICY_VALIDATE_FN(NLA_BINARY, validate_ie_attr,
518 IEEE80211_MAX_DATA_LEN),
519 [NL80211_ATTR_STA_AID] =
520 NLA_POLICY_RANGE(NLA_U16, 1, IEEE80211_MAX_AID),
521 [NL80211_ATTR_STA_FLAGS] = { .type = NLA_NESTED },
522 [NL80211_ATTR_STA_LISTEN_INTERVAL] = { .type = NLA_U16 },
523 [NL80211_ATTR_STA_SUPPORTED_RATES] = { .type = NLA_BINARY,
524 .len = NL80211_MAX_SUPP_RATES },
525 [NL80211_ATTR_STA_PLINK_ACTION] =
526 NLA_POLICY_MAX(NLA_U8, NUM_NL80211_PLINK_ACTIONS - 1),
527 [NL80211_ATTR_STA_TX_POWER_SETTING] =
528 NLA_POLICY_RANGE(NLA_U8,
529 NL80211_TX_POWER_AUTOMATIC,
530 NL80211_TX_POWER_FIXED),
531 [NL80211_ATTR_STA_TX_POWER] = { .type = NLA_S16 },
532 [NL80211_ATTR_STA_VLAN] = { .type = NLA_U32 },
533 [NL80211_ATTR_MNTR_FLAGS] = { /* NLA_NESTED can't be empty */ },
534 [NL80211_ATTR_MESH_ID] = { .type = NLA_BINARY,
535 .len = IEEE80211_MAX_MESH_ID_LEN },
536 [NL80211_ATTR_MPATH_NEXT_HOP] = NLA_POLICY_ETH_ADDR_COMPAT,
538 /* allow 3 for NUL-termination, we used to declare this NLA_STRING */
539 [NL80211_ATTR_REG_ALPHA2] = NLA_POLICY_RANGE(NLA_BINARY, 2, 3),
540 [NL80211_ATTR_REG_RULES] = { .type = NLA_NESTED },
542 [NL80211_ATTR_BSS_CTS_PROT] = { .type = NLA_U8 },
543 [NL80211_ATTR_BSS_SHORT_PREAMBLE] = { .type = NLA_U8 },
544 [NL80211_ATTR_BSS_SHORT_SLOT_TIME] = { .type = NLA_U8 },
545 [NL80211_ATTR_BSS_BASIC_RATES] = { .type = NLA_BINARY,
546 .len = NL80211_MAX_SUPP_RATES },
547 [NL80211_ATTR_BSS_HT_OPMODE] = { .type = NLA_U16 },
549 [NL80211_ATTR_MESH_CONFIG] = { .type = NLA_NESTED },
550 [NL80211_ATTR_SUPPORT_MESH_AUTH] = { .type = NLA_FLAG },
552 [NL80211_ATTR_HT_CAPABILITY] = NLA_POLICY_EXACT_LEN_WARN(NL80211_HT_CAPABILITY_LEN),
554 [NL80211_ATTR_MGMT_SUBTYPE] = { .type = NLA_U8 },
555 [NL80211_ATTR_IE] = NLA_POLICY_VALIDATE_FN(NLA_BINARY,
557 IEEE80211_MAX_DATA_LEN),
558 [NL80211_ATTR_SCAN_FREQUENCIES] = { .type = NLA_NESTED },
559 [NL80211_ATTR_SCAN_SSIDS] = { .type = NLA_NESTED },
561 [NL80211_ATTR_SSID] = { .type = NLA_BINARY,
562 .len = IEEE80211_MAX_SSID_LEN },
563 [NL80211_ATTR_AUTH_TYPE] = { .type = NLA_U32 },
564 [NL80211_ATTR_REASON_CODE] = { .type = NLA_U16 },
565 [NL80211_ATTR_FREQ_FIXED] = { .type = NLA_FLAG },
566 [NL80211_ATTR_TIMED_OUT] = { .type = NLA_FLAG },
567 [NL80211_ATTR_USE_MFP] = NLA_POLICY_RANGE(NLA_U32,
569 NL80211_MFP_OPTIONAL),
570 [NL80211_ATTR_STA_FLAGS2] =
571 NLA_POLICY_EXACT_LEN_WARN(sizeof(struct nl80211_sta_flag_update)),
572 [NL80211_ATTR_CONTROL_PORT] = { .type = NLA_FLAG },
573 [NL80211_ATTR_CONTROL_PORT_ETHERTYPE] = { .type = NLA_U16 },
574 [NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT] = { .type = NLA_FLAG },
575 [NL80211_ATTR_CONTROL_PORT_OVER_NL80211] = { .type = NLA_FLAG },
576 [NL80211_ATTR_PRIVACY] = { .type = NLA_FLAG },
577 [NL80211_ATTR_STATUS_CODE] = { .type = NLA_U16 },
578 [NL80211_ATTR_CIPHER_SUITE_GROUP] = { .type = NLA_U32 },
579 [NL80211_ATTR_WPA_VERSIONS] = { .type = NLA_U32 },
580 [NL80211_ATTR_PID] = { .type = NLA_U32 },
581 [NL80211_ATTR_4ADDR] = { .type = NLA_U8 },
582 [NL80211_ATTR_PMKID] = NLA_POLICY_EXACT_LEN_WARN(WLAN_PMKID_LEN),
583 [NL80211_ATTR_DURATION] = { .type = NLA_U32 },
584 [NL80211_ATTR_COOKIE] = { .type = NLA_U64 },
585 [NL80211_ATTR_TX_RATES] = { .type = NLA_NESTED },
586 [NL80211_ATTR_FRAME] = { .type = NLA_BINARY,
587 .len = IEEE80211_MAX_DATA_LEN },
588 [NL80211_ATTR_FRAME_MATCH] = { .type = NLA_BINARY, },
589 [NL80211_ATTR_PS_STATE] = NLA_POLICY_RANGE(NLA_U32,
592 [NL80211_ATTR_CQM] = { .type = NLA_NESTED, },
593 [NL80211_ATTR_LOCAL_STATE_CHANGE] = { .type = NLA_FLAG },
594 [NL80211_ATTR_AP_ISOLATE] = { .type = NLA_U8 },
595 [NL80211_ATTR_WIPHY_TX_POWER_SETTING] = { .type = NLA_U32 },
596 [NL80211_ATTR_WIPHY_TX_POWER_LEVEL] = { .type = NLA_U32 },
597 [NL80211_ATTR_FRAME_TYPE] = { .type = NLA_U16 },
598 [NL80211_ATTR_WIPHY_ANTENNA_TX] = { .type = NLA_U32 },
599 [NL80211_ATTR_WIPHY_ANTENNA_RX] = { .type = NLA_U32 },
600 [NL80211_ATTR_MCAST_RATE] = { .type = NLA_U32 },
601 [NL80211_ATTR_OFFCHANNEL_TX_OK] = { .type = NLA_FLAG },
602 [NL80211_ATTR_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED },
603 [NL80211_ATTR_WOWLAN_TRIGGERS] = { .type = NLA_NESTED },
604 [NL80211_ATTR_STA_PLINK_STATE] =
605 NLA_POLICY_MAX(NLA_U8, NUM_NL80211_PLINK_STATES - 1),
606 [NL80211_ATTR_MEASUREMENT_DURATION] = { .type = NLA_U16 },
607 [NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY] = { .type = NLA_FLAG },
608 [NL80211_ATTR_MESH_PEER_AID] =
609 NLA_POLICY_RANGE(NLA_U16, 1, IEEE80211_MAX_AID),
610 [NL80211_ATTR_SCHED_SCAN_INTERVAL] = { .type = NLA_U32 },
611 [NL80211_ATTR_REKEY_DATA] = { .type = NLA_NESTED },
612 [NL80211_ATTR_SCAN_SUPP_RATES] = { .type = NLA_NESTED },
613 [NL80211_ATTR_HIDDEN_SSID] =
614 NLA_POLICY_RANGE(NLA_U32,
615 NL80211_HIDDEN_SSID_NOT_IN_USE,
616 NL80211_HIDDEN_SSID_ZERO_CONTENTS),
617 [NL80211_ATTR_IE_PROBE_RESP] =
618 NLA_POLICY_VALIDATE_FN(NLA_BINARY, validate_ie_attr,
619 IEEE80211_MAX_DATA_LEN),
620 [NL80211_ATTR_IE_ASSOC_RESP] =
621 NLA_POLICY_VALIDATE_FN(NLA_BINARY, validate_ie_attr,
622 IEEE80211_MAX_DATA_LEN),
623 [NL80211_ATTR_ROAM_SUPPORT] = { .type = NLA_FLAG },
624 [NL80211_ATTR_STA_WME] = NLA_POLICY_NESTED(nl80211_sta_wme_policy),
625 [NL80211_ATTR_SCHED_SCAN_MATCH] = { .type = NLA_NESTED },
626 [NL80211_ATTR_TX_NO_CCK_RATE] = { .type = NLA_FLAG },
627 [NL80211_ATTR_TDLS_ACTION] = { .type = NLA_U8 },
628 [NL80211_ATTR_TDLS_DIALOG_TOKEN] = { .type = NLA_U8 },
629 [NL80211_ATTR_TDLS_OPERATION] = { .type = NLA_U8 },
630 [NL80211_ATTR_TDLS_SUPPORT] = { .type = NLA_FLAG },
631 [NL80211_ATTR_TDLS_EXTERNAL_SETUP] = { .type = NLA_FLAG },
632 [NL80211_ATTR_TDLS_INITIATOR] = { .type = NLA_FLAG },
633 [NL80211_ATTR_DONT_WAIT_FOR_ACK] = { .type = NLA_FLAG },
634 [NL80211_ATTR_PROBE_RESP] = { .type = NLA_BINARY,
635 .len = IEEE80211_MAX_DATA_LEN },
636 [NL80211_ATTR_DFS_REGION] = { .type = NLA_U8 },
637 [NL80211_ATTR_DISABLE_HT] = { .type = NLA_FLAG },
638 [NL80211_ATTR_HT_CAPABILITY_MASK] = {
639 .len = NL80211_HT_CAPABILITY_LEN
641 [NL80211_ATTR_NOACK_MAP] = { .type = NLA_U16 },
642 [NL80211_ATTR_INACTIVITY_TIMEOUT] = { .type = NLA_U16 },
643 [NL80211_ATTR_BG_SCAN_PERIOD] = { .type = NLA_U16 },
644 [NL80211_ATTR_WDEV] = { .type = NLA_U64 },
645 [NL80211_ATTR_USER_REG_HINT_TYPE] = { .type = NLA_U32 },
647 /* need to include at least Auth Transaction and Status Code */
648 [NL80211_ATTR_AUTH_DATA] = NLA_POLICY_MIN_LEN(4),
650 [NL80211_ATTR_VHT_CAPABILITY] = NLA_POLICY_EXACT_LEN_WARN(NL80211_VHT_CAPABILITY_LEN),
651 [NL80211_ATTR_SCAN_FLAGS] = { .type = NLA_U32 },
652 [NL80211_ATTR_P2P_CTWINDOW] = NLA_POLICY_MAX(NLA_U8, 127),
653 [NL80211_ATTR_P2P_OPPPS] = NLA_POLICY_MAX(NLA_U8, 1),
654 [NL80211_ATTR_LOCAL_MESH_POWER_MODE] =
655 NLA_POLICY_RANGE(NLA_U32,
656 NL80211_MESH_POWER_UNKNOWN + 1,
657 NL80211_MESH_POWER_MAX),
658 [NL80211_ATTR_ACL_POLICY] = {. type = NLA_U32 },
659 [NL80211_ATTR_MAC_ADDRS] = { .type = NLA_NESTED },
660 [NL80211_ATTR_STA_CAPABILITY] = { .type = NLA_U16 },
661 [NL80211_ATTR_STA_EXT_CAPABILITY] = { .type = NLA_BINARY, },
662 [NL80211_ATTR_SPLIT_WIPHY_DUMP] = { .type = NLA_FLAG, },
663 [NL80211_ATTR_DISABLE_VHT] = { .type = NLA_FLAG },
664 [NL80211_ATTR_VHT_CAPABILITY_MASK] = {
665 .len = NL80211_VHT_CAPABILITY_LEN,
667 [NL80211_ATTR_MDID] = { .type = NLA_U16 },
668 [NL80211_ATTR_IE_RIC] = { .type = NLA_BINARY,
669 .len = IEEE80211_MAX_DATA_LEN },
670 [NL80211_ATTR_CRIT_PROT_ID] = { .type = NLA_U16 },
671 [NL80211_ATTR_MAX_CRIT_PROT_DURATION] =
672 NLA_POLICY_MAX(NLA_U16, NL80211_CRIT_PROTO_MAX_DURATION),
673 [NL80211_ATTR_PEER_AID] =
674 NLA_POLICY_RANGE(NLA_U16, 1, IEEE80211_MAX_AID),
675 [NL80211_ATTR_CH_SWITCH_COUNT] = { .type = NLA_U32 },
676 [NL80211_ATTR_CH_SWITCH_BLOCK_TX] = { .type = NLA_FLAG },
677 [NL80211_ATTR_CSA_IES] = { .type = NLA_NESTED },
678 [NL80211_ATTR_CNTDWN_OFFS_BEACON] = { .type = NLA_BINARY },
679 [NL80211_ATTR_CNTDWN_OFFS_PRESP] = { .type = NLA_BINARY },
680 [NL80211_ATTR_STA_SUPPORTED_CHANNELS] = NLA_POLICY_MIN_LEN(2),
682 * The value of the Length field of the Supported Operating
683 * Classes element is between 2 and 253.
685 [NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES] =
686 NLA_POLICY_RANGE(NLA_BINARY, 2, 253),
687 [NL80211_ATTR_HANDLE_DFS] = { .type = NLA_FLAG },
688 [NL80211_ATTR_OPMODE_NOTIF] = { .type = NLA_U8 },
689 [NL80211_ATTR_VENDOR_ID] = { .type = NLA_U32 },
690 [NL80211_ATTR_VENDOR_SUBCMD] = { .type = NLA_U32 },
691 [NL80211_ATTR_VENDOR_DATA] = { .type = NLA_BINARY },
692 [NL80211_ATTR_QOS_MAP] = NLA_POLICY_RANGE(NLA_BINARY,
693 IEEE80211_QOS_MAP_LEN_MIN,
694 IEEE80211_QOS_MAP_LEN_MAX),
695 [NL80211_ATTR_MAC_HINT] = NLA_POLICY_EXACT_LEN_WARN(ETH_ALEN),
696 [NL80211_ATTR_WIPHY_FREQ_HINT] = { .type = NLA_U32 },
697 [NL80211_ATTR_TDLS_PEER_CAPABILITY] = { .type = NLA_U32 },
698 [NL80211_ATTR_SOCKET_OWNER] = { .type = NLA_FLAG },
699 [NL80211_ATTR_CSA_C_OFFSETS_TX] = { .type = NLA_BINARY },
700 [NL80211_ATTR_USE_RRM] = { .type = NLA_FLAG },
701 [NL80211_ATTR_TSID] = NLA_POLICY_MAX(NLA_U8, IEEE80211_NUM_TIDS - 1),
702 [NL80211_ATTR_USER_PRIO] =
703 NLA_POLICY_MAX(NLA_U8, IEEE80211_NUM_UPS - 1),
704 [NL80211_ATTR_ADMITTED_TIME] = { .type = NLA_U16 },
705 [NL80211_ATTR_SMPS_MODE] = { .type = NLA_U8 },
706 [NL80211_ATTR_OPER_CLASS] = { .type = NLA_U8 },
707 [NL80211_ATTR_MAC_MASK] = NLA_POLICY_EXACT_LEN_WARN(ETH_ALEN),
708 [NL80211_ATTR_WIPHY_SELF_MANAGED_REG] = { .type = NLA_FLAG },
709 [NL80211_ATTR_NETNS_FD] = { .type = NLA_U32 },
710 [NL80211_ATTR_SCHED_SCAN_DELAY] = { .type = NLA_U32 },
711 [NL80211_ATTR_REG_INDOOR] = { .type = NLA_FLAG },
712 [NL80211_ATTR_PBSS] = { .type = NLA_FLAG },
713 [NL80211_ATTR_BSS_SELECT] = { .type = NLA_NESTED },
714 [NL80211_ATTR_STA_SUPPORT_P2P_PS] =
715 NLA_POLICY_MAX(NLA_U8, NUM_NL80211_P2P_PS_STATUS - 1),
716 [NL80211_ATTR_MU_MIMO_GROUP_DATA] = {
717 .len = VHT_MUMIMO_GROUPS_DATA_LEN
719 [NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR] = NLA_POLICY_EXACT_LEN_WARN(ETH_ALEN),
720 [NL80211_ATTR_NAN_MASTER_PREF] = NLA_POLICY_MIN(NLA_U8, 1),
721 [NL80211_ATTR_BANDS] = { .type = NLA_U32 },
722 [NL80211_ATTR_NAN_FUNC] = { .type = NLA_NESTED },
723 [NL80211_ATTR_FILS_KEK] = { .type = NLA_BINARY,
724 .len = FILS_MAX_KEK_LEN },
725 [NL80211_ATTR_FILS_NONCES] = NLA_POLICY_EXACT_LEN_WARN(2 * FILS_NONCE_LEN),
726 [NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED] = { .type = NLA_FLAG, },
727 [NL80211_ATTR_BSSID] = NLA_POLICY_EXACT_LEN_WARN(ETH_ALEN),
728 [NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI] = { .type = NLA_S8 },
729 [NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST] = {
730 .len = sizeof(struct nl80211_bss_select_rssi_adjust)
732 [NL80211_ATTR_TIMEOUT_REASON] = { .type = NLA_U32 },
733 [NL80211_ATTR_FILS_ERP_USERNAME] = { .type = NLA_BINARY,
734 .len = FILS_ERP_MAX_USERNAME_LEN },
735 [NL80211_ATTR_FILS_ERP_REALM] = { .type = NLA_BINARY,
736 .len = FILS_ERP_MAX_REALM_LEN },
737 [NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM] = { .type = NLA_U16 },
738 [NL80211_ATTR_FILS_ERP_RRK] = { .type = NLA_BINARY,
739 .len = FILS_ERP_MAX_RRK_LEN },
740 [NL80211_ATTR_FILS_CACHE_ID] = NLA_POLICY_EXACT_LEN_WARN(2),
741 [NL80211_ATTR_PMK] = { .type = NLA_BINARY, .len = PMK_MAX_LEN },
742 [NL80211_ATTR_PMKR0_NAME] = NLA_POLICY_EXACT_LEN(WLAN_PMK_NAME_LEN),
743 [NL80211_ATTR_SCHED_SCAN_MULTI] = { .type = NLA_FLAG },
744 [NL80211_ATTR_EXTERNAL_AUTH_SUPPORT] = { .type = NLA_FLAG },
746 [NL80211_ATTR_TXQ_LIMIT] = { .type = NLA_U32 },
747 [NL80211_ATTR_TXQ_MEMORY_LIMIT] = { .type = NLA_U32 },
748 [NL80211_ATTR_TXQ_QUANTUM] = { .type = NLA_U32 },
749 [NL80211_ATTR_HE_CAPABILITY] =
750 NLA_POLICY_VALIDATE_FN(NLA_BINARY, validate_he_capa,
751 NL80211_HE_MAX_CAPABILITY_LEN),
752 [NL80211_ATTR_FTM_RESPONDER] =
753 NLA_POLICY_NESTED(nl80211_ftm_responder_policy),
754 [NL80211_ATTR_TIMEOUT] = NLA_POLICY_MIN(NLA_U32, 1),
755 [NL80211_ATTR_PEER_MEASUREMENTS] =
756 NLA_POLICY_NESTED(nl80211_pmsr_attr_policy),
757 [NL80211_ATTR_AIRTIME_WEIGHT] = NLA_POLICY_MIN(NLA_U16, 1),
758 [NL80211_ATTR_SAE_PASSWORD] = { .type = NLA_BINARY,
759 .len = SAE_PASSWORD_MAX_LEN },
760 [NL80211_ATTR_TWT_RESPONDER] = { .type = NLA_FLAG },
761 [NL80211_ATTR_HE_OBSS_PD] = NLA_POLICY_NESTED(he_obss_pd_policy),
762 [NL80211_ATTR_VLAN_ID] = NLA_POLICY_RANGE(NLA_U16, 1, VLAN_N_VID - 2),
763 [NL80211_ATTR_HE_BSS_COLOR] = NLA_POLICY_NESTED(he_bss_color_policy),
764 [NL80211_ATTR_TID_CONFIG] =
765 NLA_POLICY_NESTED_ARRAY(nl80211_tid_config_attr_policy),
766 [NL80211_ATTR_CONTROL_PORT_NO_PREAUTH] = { .type = NLA_FLAG },
767 [NL80211_ATTR_PMK_LIFETIME] = NLA_POLICY_MIN(NLA_U32, 1),
768 [NL80211_ATTR_PMK_REAUTH_THRESHOLD] = NLA_POLICY_RANGE(NLA_U8, 1, 100),
769 [NL80211_ATTR_RECEIVE_MULTICAST] = { .type = NLA_FLAG },
770 [NL80211_ATTR_WIPHY_FREQ_OFFSET] = NLA_POLICY_RANGE(NLA_U32, 0, 999),
771 [NL80211_ATTR_SCAN_FREQ_KHZ] = { .type = NLA_NESTED },
772 [NL80211_ATTR_HE_6GHZ_CAPABILITY] =
773 NLA_POLICY_EXACT_LEN(sizeof(struct ieee80211_he_6ghz_capa)),
774 [NL80211_ATTR_FILS_DISCOVERY] =
775 NLA_POLICY_NESTED(nl80211_fils_discovery_policy),
776 [NL80211_ATTR_UNSOL_BCAST_PROBE_RESP] =
777 NLA_POLICY_NESTED(nl80211_unsol_bcast_probe_resp_policy),
778 [NL80211_ATTR_S1G_CAPABILITY] =
779 NLA_POLICY_EXACT_LEN(IEEE80211_S1G_CAPABILITY_LEN),
780 [NL80211_ATTR_S1G_CAPABILITY_MASK] =
781 NLA_POLICY_EXACT_LEN(IEEE80211_S1G_CAPABILITY_LEN),
782 [NL80211_ATTR_SAE_PWE] =
783 NLA_POLICY_RANGE(NLA_U8, NL80211_SAE_PWE_HUNT_AND_PECK,
784 NL80211_SAE_PWE_BOTH),
785 [NL80211_ATTR_RECONNECT_REQUESTED] = { .type = NLA_REJECT },
786 [NL80211_ATTR_SAR_SPEC] = NLA_POLICY_NESTED(sar_policy),
787 [NL80211_ATTR_DISABLE_HE] = { .type = NLA_FLAG },
788 [NL80211_ATTR_OBSS_COLOR_BITMAP] = { .type = NLA_U64 },
789 [NL80211_ATTR_COLOR_CHANGE_COUNT] = { .type = NLA_U8 },
790 [NL80211_ATTR_COLOR_CHANGE_COLOR] = { .type = NLA_U8 },
791 [NL80211_ATTR_COLOR_CHANGE_ELEMS] = NLA_POLICY_NESTED(nl80211_policy),
792 [NL80211_ATTR_MBSSID_CONFIG] =
793 NLA_POLICY_NESTED(nl80211_mbssid_config_policy),
794 [NL80211_ATTR_MBSSID_ELEMS] = { .type = NLA_NESTED },
795 [NL80211_ATTR_RADAR_BACKGROUND] = { .type = NLA_FLAG },
796 [NL80211_ATTR_AP_SETTINGS_FLAGS] = { .type = NLA_U32 },
797 [NL80211_ATTR_EHT_CAPABILITY] =
798 NLA_POLICY_RANGE(NLA_BINARY,
799 NL80211_EHT_MIN_CAPABILITY_LEN,
800 NL80211_EHT_MAX_CAPABILITY_LEN),
801 [NL80211_ATTR_DISABLE_EHT] = { .type = NLA_FLAG },
802 [NL80211_ATTR_MLO_LINKS] =
803 NLA_POLICY_NESTED_ARRAY(nl80211_policy),
804 [NL80211_ATTR_MLO_LINK_ID] =
805 NLA_POLICY_RANGE(NLA_U8, 0, IEEE80211_MLD_MAX_NUM_LINKS),
806 [NL80211_ATTR_MLD_ADDR] = NLA_POLICY_EXACT_LEN(ETH_ALEN),
807 [NL80211_ATTR_MLO_SUPPORT] = { .type = NLA_FLAG },
808 [NL80211_ATTR_MAX_NUM_AKM_SUITES] = { .type = NLA_REJECT },
811 /* policy for the key attributes */
812 static const struct nla_policy nl80211_key_policy[NL80211_KEY_MAX + 1] = {
813 [NL80211_KEY_DATA] = { .type = NLA_BINARY, .len = WLAN_MAX_KEY_LEN },
814 [NL80211_KEY_IDX] = { .type = NLA_U8 },
815 [NL80211_KEY_CIPHER] = { .type = NLA_U32 },
816 [NL80211_KEY_SEQ] = { .type = NLA_BINARY, .len = 16 },
817 [NL80211_KEY_DEFAULT] = { .type = NLA_FLAG },
818 [NL80211_KEY_DEFAULT_MGMT] = { .type = NLA_FLAG },
819 [NL80211_KEY_TYPE] = NLA_POLICY_MAX(NLA_U32, NUM_NL80211_KEYTYPES - 1),
820 [NL80211_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED },
821 [NL80211_KEY_MODE] = NLA_POLICY_RANGE(NLA_U8, 0, NL80211_KEY_SET_TX),
824 /* policy for the key default flags */
825 static const struct nla_policy
826 nl80211_key_default_policy[NUM_NL80211_KEY_DEFAULT_TYPES] = {
827 [NL80211_KEY_DEFAULT_TYPE_UNICAST] = { .type = NLA_FLAG },
828 [NL80211_KEY_DEFAULT_TYPE_MULTICAST] = { .type = NLA_FLAG },
832 /* policy for WoWLAN attributes */
833 static const struct nla_policy
834 nl80211_wowlan_policy[NUM_NL80211_WOWLAN_TRIG] = {
835 [NL80211_WOWLAN_TRIG_ANY] = { .type = NLA_FLAG },
836 [NL80211_WOWLAN_TRIG_DISCONNECT] = { .type = NLA_FLAG },
837 [NL80211_WOWLAN_TRIG_MAGIC_PKT] = { .type = NLA_FLAG },
838 [NL80211_WOWLAN_TRIG_PKT_PATTERN] = { .type = NLA_NESTED },
839 [NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE] = { .type = NLA_FLAG },
840 [NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST] = { .type = NLA_FLAG },
841 [NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE] = { .type = NLA_FLAG },
842 [NL80211_WOWLAN_TRIG_RFKILL_RELEASE] = { .type = NLA_FLAG },
843 [NL80211_WOWLAN_TRIG_TCP_CONNECTION] = { .type = NLA_NESTED },
844 [NL80211_WOWLAN_TRIG_NET_DETECT] = { .type = NLA_NESTED },
847 static const struct nla_policy
848 nl80211_wowlan_tcp_policy[NUM_NL80211_WOWLAN_TCP] = {
849 [NL80211_WOWLAN_TCP_SRC_IPV4] = { .type = NLA_U32 },
850 [NL80211_WOWLAN_TCP_DST_IPV4] = { .type = NLA_U32 },
851 [NL80211_WOWLAN_TCP_DST_MAC] = NLA_POLICY_EXACT_LEN_WARN(ETH_ALEN),
852 [NL80211_WOWLAN_TCP_SRC_PORT] = { .type = NLA_U16 },
853 [NL80211_WOWLAN_TCP_DST_PORT] = { .type = NLA_U16 },
854 [NL80211_WOWLAN_TCP_DATA_PAYLOAD] = NLA_POLICY_MIN_LEN(1),
855 [NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ] = {
856 .len = sizeof(struct nl80211_wowlan_tcp_data_seq)
858 [NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN] = {
859 .len = sizeof(struct nl80211_wowlan_tcp_data_token)
861 [NL80211_WOWLAN_TCP_DATA_INTERVAL] = { .type = NLA_U32 },
862 [NL80211_WOWLAN_TCP_WAKE_PAYLOAD] = NLA_POLICY_MIN_LEN(1),
863 [NL80211_WOWLAN_TCP_WAKE_MASK] = NLA_POLICY_MIN_LEN(1),
865 #endif /* CONFIG_PM */
867 /* policy for coalesce rule attributes */
868 static const struct nla_policy
869 nl80211_coalesce_policy[NUM_NL80211_ATTR_COALESCE_RULE] = {
870 [NL80211_ATTR_COALESCE_RULE_DELAY] = { .type = NLA_U32 },
871 [NL80211_ATTR_COALESCE_RULE_CONDITION] =
872 NLA_POLICY_RANGE(NLA_U32,
873 NL80211_COALESCE_CONDITION_MATCH,
874 NL80211_COALESCE_CONDITION_NO_MATCH),
875 [NL80211_ATTR_COALESCE_RULE_PKT_PATTERN] = { .type = NLA_NESTED },
878 /* policy for GTK rekey offload attributes */
879 static const struct nla_policy
880 nl80211_rekey_policy[NUM_NL80211_REKEY_DATA] = {
881 [NL80211_REKEY_DATA_KEK] = {
883 .len = NL80211_KEK_EXT_LEN
885 [NL80211_REKEY_DATA_KCK] = {
887 .len = NL80211_KCK_EXT_LEN
889 [NL80211_REKEY_DATA_REPLAY_CTR] = NLA_POLICY_EXACT_LEN(NL80211_REPLAY_CTR_LEN),
890 [NL80211_REKEY_DATA_AKM] = { .type = NLA_U32 },
893 static const struct nla_policy
894 nl80211_match_band_rssi_policy[NUM_NL80211_BANDS] = {
895 [NL80211_BAND_2GHZ] = { .type = NLA_S32 },
896 [NL80211_BAND_5GHZ] = { .type = NLA_S32 },
897 [NL80211_BAND_6GHZ] = { .type = NLA_S32 },
898 [NL80211_BAND_60GHZ] = { .type = NLA_S32 },
899 [NL80211_BAND_LC] = { .type = NLA_S32 },
902 static const struct nla_policy
903 nl80211_match_policy[NL80211_SCHED_SCAN_MATCH_ATTR_MAX + 1] = {
904 [NL80211_SCHED_SCAN_MATCH_ATTR_SSID] = { .type = NLA_BINARY,
905 .len = IEEE80211_MAX_SSID_LEN },
906 [NL80211_SCHED_SCAN_MATCH_ATTR_BSSID] = NLA_POLICY_EXACT_LEN_WARN(ETH_ALEN),
907 [NL80211_SCHED_SCAN_MATCH_ATTR_RSSI] = { .type = NLA_U32 },
908 [NL80211_SCHED_SCAN_MATCH_PER_BAND_RSSI] =
909 NLA_POLICY_NESTED(nl80211_match_band_rssi_policy),
912 static const struct nla_policy
913 nl80211_plan_policy[NL80211_SCHED_SCAN_PLAN_MAX + 1] = {
914 [NL80211_SCHED_SCAN_PLAN_INTERVAL] = { .type = NLA_U32 },
915 [NL80211_SCHED_SCAN_PLAN_ITERATIONS] = { .type = NLA_U32 },
918 static const struct nla_policy
919 nl80211_bss_select_policy[NL80211_BSS_SELECT_ATTR_MAX + 1] = {
920 [NL80211_BSS_SELECT_ATTR_RSSI] = { .type = NLA_FLAG },
921 [NL80211_BSS_SELECT_ATTR_BAND_PREF] = { .type = NLA_U32 },
922 [NL80211_BSS_SELECT_ATTR_RSSI_ADJUST] = {
923 .len = sizeof(struct nl80211_bss_select_rssi_adjust)
927 /* policy for NAN function attributes */
928 static const struct nla_policy
929 nl80211_nan_func_policy[NL80211_NAN_FUNC_ATTR_MAX + 1] = {
930 [NL80211_NAN_FUNC_TYPE] =
931 NLA_POLICY_MAX(NLA_U8, NL80211_NAN_FUNC_MAX_TYPE),
932 [NL80211_NAN_FUNC_SERVICE_ID] = {
933 .len = NL80211_NAN_FUNC_SERVICE_ID_LEN },
934 [NL80211_NAN_FUNC_PUBLISH_TYPE] = { .type = NLA_U8 },
935 [NL80211_NAN_FUNC_PUBLISH_BCAST] = { .type = NLA_FLAG },
936 [NL80211_NAN_FUNC_SUBSCRIBE_ACTIVE] = { .type = NLA_FLAG },
937 [NL80211_NAN_FUNC_FOLLOW_UP_ID] = { .type = NLA_U8 },
938 [NL80211_NAN_FUNC_FOLLOW_UP_REQ_ID] = { .type = NLA_U8 },
939 [NL80211_NAN_FUNC_FOLLOW_UP_DEST] = NLA_POLICY_EXACT_LEN_WARN(ETH_ALEN),
940 [NL80211_NAN_FUNC_CLOSE_RANGE] = { .type = NLA_FLAG },
941 [NL80211_NAN_FUNC_TTL] = { .type = NLA_U32 },
942 [NL80211_NAN_FUNC_SERVICE_INFO] = { .type = NLA_BINARY,
943 .len = NL80211_NAN_FUNC_SERVICE_SPEC_INFO_MAX_LEN },
944 [NL80211_NAN_FUNC_SRF] = { .type = NLA_NESTED },
945 [NL80211_NAN_FUNC_RX_MATCH_FILTER] = { .type = NLA_NESTED },
946 [NL80211_NAN_FUNC_TX_MATCH_FILTER] = { .type = NLA_NESTED },
947 [NL80211_NAN_FUNC_INSTANCE_ID] = { .type = NLA_U8 },
948 [NL80211_NAN_FUNC_TERM_REASON] = { .type = NLA_U8 },
951 /* policy for Service Response Filter attributes */
952 static const struct nla_policy
953 nl80211_nan_srf_policy[NL80211_NAN_SRF_ATTR_MAX + 1] = {
954 [NL80211_NAN_SRF_INCLUDE] = { .type = NLA_FLAG },
955 [NL80211_NAN_SRF_BF] = { .type = NLA_BINARY,
956 .len = NL80211_NAN_FUNC_SRF_MAX_LEN },
957 [NL80211_NAN_SRF_BF_IDX] = { .type = NLA_U8 },
958 [NL80211_NAN_SRF_MAC_ADDRS] = { .type = NLA_NESTED },
961 /* policy for packet pattern attributes */
962 static const struct nla_policy
963 nl80211_packet_pattern_policy[MAX_NL80211_PKTPAT + 1] = {
964 [NL80211_PKTPAT_MASK] = { .type = NLA_BINARY, },
965 [NL80211_PKTPAT_PATTERN] = { .type = NLA_BINARY, },
966 [NL80211_PKTPAT_OFFSET] = { .type = NLA_U32 },
969 static int nl80211_prepare_wdev_dump(struct netlink_callback *cb,
970 struct cfg80211_registered_device **rdev,
971 struct wireless_dev **wdev,
972 struct nlattr **attrbuf)
977 struct nlattr **attrbuf_free = NULL;
980 attrbuf = kcalloc(NUM_NL80211_ATTR, sizeof(*attrbuf),
984 attrbuf_free = attrbuf;
987 err = nlmsg_parse_deprecated(cb->nlh,
988 GENL_HDRLEN + nl80211_fam.hdrsize,
989 attrbuf, nl80211_fam.maxattr,
990 nl80211_policy, NULL);
997 *wdev = __cfg80211_wdev_from_attrs(NULL, sock_net(cb->skb->sk),
1000 if (IS_ERR(*wdev)) {
1002 return PTR_ERR(*wdev);
1004 *rdev = wiphy_to_rdev((*wdev)->wiphy);
1005 mutex_lock(&(*rdev)->wiphy.mtx);
1007 /* 0 is the first index - add 1 to parse only once */
1008 cb->args[0] = (*rdev)->wiphy_idx + 1;
1009 cb->args[1] = (*wdev)->identifier;
1011 /* subtract the 1 again here */
1012 struct wiphy *wiphy;
1013 struct wireless_dev *tmp;
1016 wiphy = wiphy_idx_to_wiphy(cb->args[0] - 1);
1021 *rdev = wiphy_to_rdev(wiphy);
1024 list_for_each_entry(tmp, &(*rdev)->wiphy.wdev_list, list) {
1025 if (tmp->identifier == cb->args[1]) {
1035 mutex_lock(&(*rdev)->wiphy.mtx);
1042 /* message building helper */
1043 void *nl80211hdr_put(struct sk_buff *skb, u32 portid, u32 seq,
1046 /* since there is no private header just add the generic one */
1047 return genlmsg_put(skb, portid, seq, &nl80211_fam, flags, cmd);
1050 static int nl80211_msg_put_wmm_rules(struct sk_buff *msg,
1051 const struct ieee80211_reg_rule *rule)
1054 struct nlattr *nl_wmm_rules =
1055 nla_nest_start_noflag(msg, NL80211_FREQUENCY_ATTR_WMM);
1058 goto nla_put_failure;
1060 for (j = 0; j < IEEE80211_NUM_ACS; j++) {
1061 struct nlattr *nl_wmm_rule = nla_nest_start_noflag(msg, j);
1064 goto nla_put_failure;
1066 if (nla_put_u16(msg, NL80211_WMMR_CW_MIN,
1067 rule->wmm_rule.client[j].cw_min) ||
1068 nla_put_u16(msg, NL80211_WMMR_CW_MAX,
1069 rule->wmm_rule.client[j].cw_max) ||
1070 nla_put_u8(msg, NL80211_WMMR_AIFSN,
1071 rule->wmm_rule.client[j].aifsn) ||
1072 nla_put_u16(msg, NL80211_WMMR_TXOP,
1073 rule->wmm_rule.client[j].cot))
1074 goto nla_put_failure;
1076 nla_nest_end(msg, nl_wmm_rule);
1078 nla_nest_end(msg, nl_wmm_rules);
1086 static int nl80211_msg_put_channel(struct sk_buff *msg, struct wiphy *wiphy,
1087 struct ieee80211_channel *chan,
1090 /* Some channels must be completely excluded from the
1091 * list to protect old user-space tools from breaking
1093 if (!large && chan->flags &
1094 (IEEE80211_CHAN_NO_10MHZ | IEEE80211_CHAN_NO_20MHZ))
1096 if (!large && chan->freq_offset)
1099 if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_FREQ,
1101 goto nla_put_failure;
1103 if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_OFFSET, chan->freq_offset))
1104 goto nla_put_failure;
1106 if ((chan->flags & IEEE80211_CHAN_DISABLED) &&
1107 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_DISABLED))
1108 goto nla_put_failure;
1109 if (chan->flags & IEEE80211_CHAN_NO_IR) {
1110 if (nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_IR))
1111 goto nla_put_failure;
1112 if (nla_put_flag(msg, __NL80211_FREQUENCY_ATTR_NO_IBSS))
1113 goto nla_put_failure;
1115 if (chan->flags & IEEE80211_CHAN_RADAR) {
1116 if (nla_put_flag(msg, NL80211_FREQUENCY_ATTR_RADAR))
1117 goto nla_put_failure;
1121 time = elapsed_jiffies_msecs(chan->dfs_state_entered);
1123 if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_DFS_STATE,
1125 goto nla_put_failure;
1126 if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_DFS_TIME,
1128 goto nla_put_failure;
1129 if (nla_put_u32(msg,
1130 NL80211_FREQUENCY_ATTR_DFS_CAC_TIME,
1132 goto nla_put_failure;
1137 if ((chan->flags & IEEE80211_CHAN_NO_HT40MINUS) &&
1138 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_HT40_MINUS))
1139 goto nla_put_failure;
1140 if ((chan->flags & IEEE80211_CHAN_NO_HT40PLUS) &&
1141 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_HT40_PLUS))
1142 goto nla_put_failure;
1143 if ((chan->flags & IEEE80211_CHAN_NO_80MHZ) &&
1144 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_80MHZ))
1145 goto nla_put_failure;
1146 if ((chan->flags & IEEE80211_CHAN_NO_160MHZ) &&
1147 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_160MHZ))
1148 goto nla_put_failure;
1149 if ((chan->flags & IEEE80211_CHAN_INDOOR_ONLY) &&
1150 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_INDOOR_ONLY))
1151 goto nla_put_failure;
1152 if ((chan->flags & IEEE80211_CHAN_IR_CONCURRENT) &&
1153 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_IR_CONCURRENT))
1154 goto nla_put_failure;
1155 if ((chan->flags & IEEE80211_CHAN_NO_20MHZ) &&
1156 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_20MHZ))
1157 goto nla_put_failure;
1158 if ((chan->flags & IEEE80211_CHAN_NO_10MHZ) &&
1159 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_10MHZ))
1160 goto nla_put_failure;
1161 if ((chan->flags & IEEE80211_CHAN_NO_HE) &&
1162 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_HE))
1163 goto nla_put_failure;
1164 if ((chan->flags & IEEE80211_CHAN_1MHZ) &&
1165 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_1MHZ))
1166 goto nla_put_failure;
1167 if ((chan->flags & IEEE80211_CHAN_2MHZ) &&
1168 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_2MHZ))
1169 goto nla_put_failure;
1170 if ((chan->flags & IEEE80211_CHAN_4MHZ) &&
1171 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_4MHZ))
1172 goto nla_put_failure;
1173 if ((chan->flags & IEEE80211_CHAN_8MHZ) &&
1174 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_8MHZ))
1175 goto nla_put_failure;
1176 if ((chan->flags & IEEE80211_CHAN_16MHZ) &&
1177 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_16MHZ))
1178 goto nla_put_failure;
1179 if ((chan->flags & IEEE80211_CHAN_NO_320MHZ) &&
1180 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_320MHZ))
1181 goto nla_put_failure;
1182 if ((chan->flags & IEEE80211_CHAN_NO_EHT) &&
1183 nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_EHT))
1184 goto nla_put_failure;
1187 if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_MAX_TX_POWER,
1188 DBM_TO_MBM(chan->max_power)))
1189 goto nla_put_failure;
1192 const struct ieee80211_reg_rule *rule =
1193 freq_reg_info(wiphy, MHZ_TO_KHZ(chan->center_freq));
1195 if (!IS_ERR_OR_NULL(rule) && rule->has_wmm) {
1196 if (nl80211_msg_put_wmm_rules(msg, rule))
1197 goto nla_put_failure;
1207 static bool nl80211_put_txq_stats(struct sk_buff *msg,
1208 struct cfg80211_txq_stats *txqstats,
1211 struct nlattr *txqattr;
1213 #define PUT_TXQVAL_U32(attr, memb) do { \
1214 if (txqstats->filled & BIT(NL80211_TXQ_STATS_ ## attr) && \
1215 nla_put_u32(msg, NL80211_TXQ_STATS_ ## attr, txqstats->memb)) \
1219 txqattr = nla_nest_start_noflag(msg, attrtype);
1223 PUT_TXQVAL_U32(BACKLOG_BYTES, backlog_bytes);
1224 PUT_TXQVAL_U32(BACKLOG_PACKETS, backlog_packets);
1225 PUT_TXQVAL_U32(FLOWS, flows);
1226 PUT_TXQVAL_U32(DROPS, drops);
1227 PUT_TXQVAL_U32(ECN_MARKS, ecn_marks);
1228 PUT_TXQVAL_U32(OVERLIMIT, overlimit);
1229 PUT_TXQVAL_U32(OVERMEMORY, overmemory);
1230 PUT_TXQVAL_U32(COLLISIONS, collisions);
1231 PUT_TXQVAL_U32(TX_BYTES, tx_bytes);
1232 PUT_TXQVAL_U32(TX_PACKETS, tx_packets);
1233 PUT_TXQVAL_U32(MAX_FLOWS, max_flows);
1234 nla_nest_end(msg, txqattr);
1236 #undef PUT_TXQVAL_U32
1240 /* netlink command implementations */
1243 * nl80211_link_id - return link ID
1244 * @attrs: attributes to look at
1246 * Returns: the link ID or 0 if not given
1248 * Note this function doesn't do any validation of the link
1249 * ID validity wrt. links that were actually added, so it must
1250 * be called only from ops with %NL80211_FLAG_MLO_VALID_LINK_ID
1251 * or if additional validation is done.
1253 static unsigned int nl80211_link_id(struct nlattr **attrs)
1255 struct nlattr *linkid = attrs[NL80211_ATTR_MLO_LINK_ID];
1260 return nla_get_u8(linkid);
1263 static int nl80211_link_id_or_invalid(struct nlattr **attrs)
1265 struct nlattr *linkid = attrs[NL80211_ATTR_MLO_LINK_ID];
1270 return nla_get_u8(linkid);
1274 struct key_params p;
1277 bool def, defmgmt, defbeacon;
1278 bool def_uni, def_multi;
1281 static int nl80211_parse_key_new(struct genl_info *info, struct nlattr *key,
1282 struct key_parse *k)
1284 struct nlattr *tb[NL80211_KEY_MAX + 1];
1285 int err = nla_parse_nested_deprecated(tb, NL80211_KEY_MAX, key,
1291 k->def = !!tb[NL80211_KEY_DEFAULT];
1292 k->defmgmt = !!tb[NL80211_KEY_DEFAULT_MGMT];
1293 k->defbeacon = !!tb[NL80211_KEY_DEFAULT_BEACON];
1297 k->def_multi = true;
1299 if (k->defmgmt || k->defbeacon)
1300 k->def_multi = true;
1302 if (tb[NL80211_KEY_IDX])
1303 k->idx = nla_get_u8(tb[NL80211_KEY_IDX]);
1305 if (tb[NL80211_KEY_DATA]) {
1306 k->p.key = nla_data(tb[NL80211_KEY_DATA]);
1307 k->p.key_len = nla_len(tb[NL80211_KEY_DATA]);
1310 if (tb[NL80211_KEY_SEQ]) {
1311 k->p.seq = nla_data(tb[NL80211_KEY_SEQ]);
1312 k->p.seq_len = nla_len(tb[NL80211_KEY_SEQ]);
1315 if (tb[NL80211_KEY_CIPHER])
1316 k->p.cipher = nla_get_u32(tb[NL80211_KEY_CIPHER]);
1318 if (tb[NL80211_KEY_TYPE])
1319 k->type = nla_get_u32(tb[NL80211_KEY_TYPE]);
1321 if (tb[NL80211_KEY_DEFAULT_TYPES]) {
1322 struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES];
1324 err = nla_parse_nested_deprecated(kdt,
1325 NUM_NL80211_KEY_DEFAULT_TYPES - 1,
1326 tb[NL80211_KEY_DEFAULT_TYPES],
1327 nl80211_key_default_policy,
1332 k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST];
1333 k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST];
1336 if (tb[NL80211_KEY_MODE])
1337 k->p.mode = nla_get_u8(tb[NL80211_KEY_MODE]);
1342 static int nl80211_parse_key_old(struct genl_info *info, struct key_parse *k)
1344 if (info->attrs[NL80211_ATTR_KEY_DATA]) {
1345 k->p.key = nla_data(info->attrs[NL80211_ATTR_KEY_DATA]);
1346 k->p.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]);
1349 if (info->attrs[NL80211_ATTR_KEY_SEQ]) {
1350 k->p.seq = nla_data(info->attrs[NL80211_ATTR_KEY_SEQ]);
1351 k->p.seq_len = nla_len(info->attrs[NL80211_ATTR_KEY_SEQ]);
1354 if (info->attrs[NL80211_ATTR_KEY_IDX])
1355 k->idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);
1357 if (info->attrs[NL80211_ATTR_KEY_CIPHER])
1358 k->p.cipher = nla_get_u32(info->attrs[NL80211_ATTR_KEY_CIPHER]);
1360 k->def = !!info->attrs[NL80211_ATTR_KEY_DEFAULT];
1361 k->defmgmt = !!info->attrs[NL80211_ATTR_KEY_DEFAULT_MGMT];
1365 k->def_multi = true;
1368 k->def_multi = true;
1370 if (info->attrs[NL80211_ATTR_KEY_TYPE])
1371 k->type = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]);
1373 if (info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES]) {
1374 struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES];
1375 int err = nla_parse_nested_deprecated(kdt,
1376 NUM_NL80211_KEY_DEFAULT_TYPES - 1,
1377 info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES],
1378 nl80211_key_default_policy,
1383 k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST];
1384 k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST];
1390 static int nl80211_parse_key(struct genl_info *info, struct key_parse *k)
1394 memset(k, 0, sizeof(*k));
1398 if (info->attrs[NL80211_ATTR_KEY])
1399 err = nl80211_parse_key_new(info, info->attrs[NL80211_ATTR_KEY], k);
1401 err = nl80211_parse_key_old(info, k);
1406 if ((k->def ? 1 : 0) + (k->defmgmt ? 1 : 0) +
1407 (k->defbeacon ? 1 : 0) > 1) {
1408 GENL_SET_ERR_MSG(info,
1409 "key with multiple default flags is invalid");
1413 if (k->defmgmt || k->defbeacon) {
1414 if (k->def_uni || !k->def_multi) {
1415 GENL_SET_ERR_MSG(info,
1416 "defmgmt/defbeacon key must be mcast");
1423 if (k->idx < 4 || k->idx > 5) {
1424 GENL_SET_ERR_MSG(info,
1425 "defmgmt key idx not 4 or 5");
1428 } else if (k->defbeacon) {
1429 if (k->idx < 6 || k->idx > 7) {
1430 GENL_SET_ERR_MSG(info,
1431 "defbeacon key idx not 6 or 7");
1434 } else if (k->def) {
1435 if (k->idx < 0 || k->idx > 3) {
1436 GENL_SET_ERR_MSG(info, "def key idx not 0-3");
1440 if (k->idx < 0 || k->idx > 7) {
1441 GENL_SET_ERR_MSG(info, "key idx not 0-7");
1450 static struct cfg80211_cached_keys *
1451 nl80211_parse_connkeys(struct cfg80211_registered_device *rdev,
1452 struct genl_info *info, bool *no_ht)
1454 struct nlattr *keys = info->attrs[NL80211_ATTR_KEYS];
1455 struct key_parse parse;
1457 struct cfg80211_cached_keys *result;
1458 int rem, err, def = 0;
1459 bool have_key = false;
1461 nla_for_each_nested(key, keys, rem) {
1469 result = kzalloc(sizeof(*result), GFP_KERNEL);
1471 return ERR_PTR(-ENOMEM);
1475 nla_for_each_nested(key, keys, rem) {
1476 memset(&parse, 0, sizeof(parse));
1479 err = nl80211_parse_key_new(info, key, &parse);
1485 if (parse.idx < 0 || parse.idx > 3) {
1486 GENL_SET_ERR_MSG(info, "key index out of range [0-3]");
1491 GENL_SET_ERR_MSG(info,
1492 "only one key can be default");
1496 result->def = parse.idx;
1497 if (!parse.def_uni || !parse.def_multi)
1499 } else if (parse.defmgmt)
1501 err = cfg80211_validate_key_settings(rdev, &parse.p,
1502 parse.idx, false, NULL);
1505 if (parse.p.cipher != WLAN_CIPHER_SUITE_WEP40 &&
1506 parse.p.cipher != WLAN_CIPHER_SUITE_WEP104) {
1507 GENL_SET_ERR_MSG(info, "connect key must be WEP");
1511 result->params[parse.idx].cipher = parse.p.cipher;
1512 result->params[parse.idx].key_len = parse.p.key_len;
1513 result->params[parse.idx].key = result->data[parse.idx];
1514 memcpy(result->data[parse.idx], parse.p.key, parse.p.key_len);
1516 /* must be WEP key if we got here */
1521 if (result->def < 0) {
1523 GENL_SET_ERR_MSG(info, "need a default/TX key");
1530 return ERR_PTR(err);
1533 static int nl80211_key_allowed(struct wireless_dev *wdev)
1535 ASSERT_WDEV_LOCK(wdev);
1537 switch (wdev->iftype) {
1538 case NL80211_IFTYPE_AP:
1539 case NL80211_IFTYPE_AP_VLAN:
1540 case NL80211_IFTYPE_P2P_GO:
1541 case NL80211_IFTYPE_MESH_POINT:
1543 case NL80211_IFTYPE_ADHOC:
1544 if (wdev->u.ibss.current_bss)
1547 case NL80211_IFTYPE_STATION:
1548 case NL80211_IFTYPE_P2P_CLIENT:
1549 if (wdev->connected)
1552 case NL80211_IFTYPE_UNSPECIFIED:
1553 case NL80211_IFTYPE_OCB:
1554 case NL80211_IFTYPE_MONITOR:
1555 case NL80211_IFTYPE_NAN:
1556 case NL80211_IFTYPE_P2P_DEVICE:
1557 case NL80211_IFTYPE_WDS:
1558 case NUM_NL80211_IFTYPES:
1565 static struct ieee80211_channel *nl80211_get_valid_chan(struct wiphy *wiphy,
1568 struct ieee80211_channel *chan;
1570 chan = ieee80211_get_channel_khz(wiphy, freq);
1571 if (!chan || chan->flags & IEEE80211_CHAN_DISABLED)
1576 static int nl80211_put_iftypes(struct sk_buff *msg, u32 attr, u16 ifmodes)
1578 struct nlattr *nl_modes = nla_nest_start_noflag(msg, attr);
1582 goto nla_put_failure;
1586 if ((ifmodes & 1) && nla_put_flag(msg, i))
1587 goto nla_put_failure;
1592 nla_nest_end(msg, nl_modes);
1599 static int nl80211_put_iface_combinations(struct wiphy *wiphy,
1600 struct sk_buff *msg,
1603 struct nlattr *nl_combis;
1606 nl_combis = nla_nest_start_noflag(msg,
1607 NL80211_ATTR_INTERFACE_COMBINATIONS);
1609 goto nla_put_failure;
1611 for (i = 0; i < wiphy->n_iface_combinations; i++) {
1612 const struct ieee80211_iface_combination *c;
1613 struct nlattr *nl_combi, *nl_limits;
1615 c = &wiphy->iface_combinations[i];
1617 nl_combi = nla_nest_start_noflag(msg, i + 1);
1619 goto nla_put_failure;
1621 nl_limits = nla_nest_start_noflag(msg,
1622 NL80211_IFACE_COMB_LIMITS);
1624 goto nla_put_failure;
1626 for (j = 0; j < c->n_limits; j++) {
1627 struct nlattr *nl_limit;
1629 nl_limit = nla_nest_start_noflag(msg, j + 1);
1631 goto nla_put_failure;
1632 if (nla_put_u32(msg, NL80211_IFACE_LIMIT_MAX,
1634 goto nla_put_failure;
1635 if (nl80211_put_iftypes(msg, NL80211_IFACE_LIMIT_TYPES,
1636 c->limits[j].types))
1637 goto nla_put_failure;
1638 nla_nest_end(msg, nl_limit);
1641 nla_nest_end(msg, nl_limits);
1643 if (c->beacon_int_infra_match &&
1644 nla_put_flag(msg, NL80211_IFACE_COMB_STA_AP_BI_MATCH))
1645 goto nla_put_failure;
1646 if (nla_put_u32(msg, NL80211_IFACE_COMB_NUM_CHANNELS,
1647 c->num_different_channels) ||
1648 nla_put_u32(msg, NL80211_IFACE_COMB_MAXNUM,
1650 goto nla_put_failure;
1652 (nla_put_u32(msg, NL80211_IFACE_COMB_RADAR_DETECT_WIDTHS,
1653 c->radar_detect_widths) ||
1654 nla_put_u32(msg, NL80211_IFACE_COMB_RADAR_DETECT_REGIONS,
1655 c->radar_detect_regions)))
1656 goto nla_put_failure;
1657 if (c->beacon_int_min_gcd &&
1658 nla_put_u32(msg, NL80211_IFACE_COMB_BI_MIN_GCD,
1659 c->beacon_int_min_gcd))
1660 goto nla_put_failure;
1662 nla_nest_end(msg, nl_combi);
1665 nla_nest_end(msg, nl_combis);
1673 static int nl80211_send_wowlan_tcp_caps(struct cfg80211_registered_device *rdev,
1674 struct sk_buff *msg)
1676 const struct wiphy_wowlan_tcp_support *tcp = rdev->wiphy.wowlan->tcp;
1677 struct nlattr *nl_tcp;
1682 nl_tcp = nla_nest_start_noflag(msg,
1683 NL80211_WOWLAN_TRIG_TCP_CONNECTION);
1687 if (nla_put_u32(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD,
1688 tcp->data_payload_max))
1691 if (nla_put_u32(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD,
1692 tcp->data_payload_max))
1695 if (tcp->seq && nla_put_flag(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ))
1698 if (tcp->tok && nla_put(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN,
1699 sizeof(*tcp->tok), tcp->tok))
1702 if (nla_put_u32(msg, NL80211_WOWLAN_TCP_DATA_INTERVAL,
1703 tcp->data_interval_max))
1706 if (nla_put_u32(msg, NL80211_WOWLAN_TCP_WAKE_PAYLOAD,
1707 tcp->wake_payload_max))
1710 nla_nest_end(msg, nl_tcp);
1714 static int nl80211_send_wowlan(struct sk_buff *msg,
1715 struct cfg80211_registered_device *rdev,
1718 struct nlattr *nl_wowlan;
1720 if (!rdev->wiphy.wowlan)
1723 nl_wowlan = nla_nest_start_noflag(msg,
1724 NL80211_ATTR_WOWLAN_TRIGGERS_SUPPORTED);
1728 if (((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_ANY) &&
1729 nla_put_flag(msg, NL80211_WOWLAN_TRIG_ANY)) ||
1730 ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_DISCONNECT) &&
1731 nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT)) ||
1732 ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_MAGIC_PKT) &&
1733 nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT)) ||
1734 ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_SUPPORTS_GTK_REKEY) &&
1735 nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_SUPPORTED)) ||
1736 ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_GTK_REKEY_FAILURE) &&
1737 nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE)) ||
1738 ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_EAP_IDENTITY_REQ) &&
1739 nla_put_flag(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST)) ||
1740 ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_4WAY_HANDSHAKE) &&
1741 nla_put_flag(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE)) ||
1742 ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_RFKILL_RELEASE) &&
1743 nla_put_flag(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE)))
1746 if (rdev->wiphy.wowlan->n_patterns) {
1747 struct nl80211_pattern_support pat = {
1748 .max_patterns = rdev->wiphy.wowlan->n_patterns,
1749 .min_pattern_len = rdev->wiphy.wowlan->pattern_min_len,
1750 .max_pattern_len = rdev->wiphy.wowlan->pattern_max_len,
1751 .max_pkt_offset = rdev->wiphy.wowlan->max_pkt_offset,
1754 if (nla_put(msg, NL80211_WOWLAN_TRIG_PKT_PATTERN,
1759 if ((rdev->wiphy.wowlan->flags & WIPHY_WOWLAN_NET_DETECT) &&
1760 nla_put_u32(msg, NL80211_WOWLAN_TRIG_NET_DETECT,
1761 rdev->wiphy.wowlan->max_nd_match_sets))
1764 if (large && nl80211_send_wowlan_tcp_caps(rdev, msg))
1767 nla_nest_end(msg, nl_wowlan);
1773 static int nl80211_send_coalesce(struct sk_buff *msg,
1774 struct cfg80211_registered_device *rdev)
1776 struct nl80211_coalesce_rule_support rule;
1778 if (!rdev->wiphy.coalesce)
1781 rule.max_rules = rdev->wiphy.coalesce->n_rules;
1782 rule.max_delay = rdev->wiphy.coalesce->max_delay;
1783 rule.pat.max_patterns = rdev->wiphy.coalesce->n_patterns;
1784 rule.pat.min_pattern_len = rdev->wiphy.coalesce->pattern_min_len;
1785 rule.pat.max_pattern_len = rdev->wiphy.coalesce->pattern_max_len;
1786 rule.pat.max_pkt_offset = rdev->wiphy.coalesce->max_pkt_offset;
1788 if (nla_put(msg, NL80211_ATTR_COALESCE_RULE, sizeof(rule), &rule))
1795 nl80211_send_iftype_data(struct sk_buff *msg,
1796 const struct ieee80211_supported_band *sband,
1797 const struct ieee80211_sband_iftype_data *iftdata)
1799 const struct ieee80211_sta_he_cap *he_cap = &iftdata->he_cap;
1800 const struct ieee80211_sta_eht_cap *eht_cap = &iftdata->eht_cap;
1802 if (nl80211_put_iftypes(msg, NL80211_BAND_IFTYPE_ATTR_IFTYPES,
1803 iftdata->types_mask))
1806 if (he_cap->has_he) {
1807 if (nla_put(msg, NL80211_BAND_IFTYPE_ATTR_HE_CAP_MAC,
1808 sizeof(he_cap->he_cap_elem.mac_cap_info),
1809 he_cap->he_cap_elem.mac_cap_info) ||
1810 nla_put(msg, NL80211_BAND_IFTYPE_ATTR_HE_CAP_PHY,
1811 sizeof(he_cap->he_cap_elem.phy_cap_info),
1812 he_cap->he_cap_elem.phy_cap_info) ||
1813 nla_put(msg, NL80211_BAND_IFTYPE_ATTR_HE_CAP_MCS_SET,
1814 sizeof(he_cap->he_mcs_nss_supp),
1815 &he_cap->he_mcs_nss_supp) ||
1816 nla_put(msg, NL80211_BAND_IFTYPE_ATTR_HE_CAP_PPE,
1817 sizeof(he_cap->ppe_thres), he_cap->ppe_thres))
1821 if (eht_cap->has_eht && he_cap->has_he) {
1822 u8 mcs_nss_size, ppe_thresh_size;
1826 is_ap = iftdata->types_mask & BIT(NL80211_IFTYPE_AP) ||
1827 iftdata->types_mask & BIT(NL80211_IFTYPE_P2P_GO);
1830 ieee80211_eht_mcs_nss_size(&he_cap->he_cap_elem,
1831 &eht_cap->eht_cap_elem,
1834 ppe_thres_hdr = get_unaligned_le16(&eht_cap->eht_ppe_thres[0]);
1836 ieee80211_eht_ppe_size(ppe_thres_hdr,
1837 eht_cap->eht_cap_elem.phy_cap_info);
1839 if (nla_put(msg, NL80211_BAND_IFTYPE_ATTR_EHT_CAP_MAC,
1840 sizeof(eht_cap->eht_cap_elem.mac_cap_info),
1841 eht_cap->eht_cap_elem.mac_cap_info) ||
1842 nla_put(msg, NL80211_BAND_IFTYPE_ATTR_EHT_CAP_PHY,
1843 sizeof(eht_cap->eht_cap_elem.phy_cap_info),
1844 eht_cap->eht_cap_elem.phy_cap_info) ||
1845 nla_put(msg, NL80211_BAND_IFTYPE_ATTR_EHT_CAP_MCS_SET,
1846 mcs_nss_size, &eht_cap->eht_mcs_nss_supp) ||
1847 nla_put(msg, NL80211_BAND_IFTYPE_ATTR_EHT_CAP_PPE,
1848 ppe_thresh_size, eht_cap->eht_ppe_thres))
1852 if (sband->band == NL80211_BAND_6GHZ &&
1853 nla_put(msg, NL80211_BAND_IFTYPE_ATTR_HE_6GHZ_CAPA,
1854 sizeof(iftdata->he_6ghz_capa),
1855 &iftdata->he_6ghz_capa))
1858 if (iftdata->vendor_elems.data && iftdata->vendor_elems.len &&
1859 nla_put(msg, NL80211_BAND_IFTYPE_ATTR_VENDOR_ELEMS,
1860 iftdata->vendor_elems.len, iftdata->vendor_elems.data))
1866 static int nl80211_send_band_rateinfo(struct sk_buff *msg,
1867 struct ieee80211_supported_band *sband,
1870 struct nlattr *nl_rates, *nl_rate;
1871 struct ieee80211_rate *rate;
1875 if (sband->ht_cap.ht_supported &&
1876 (nla_put(msg, NL80211_BAND_ATTR_HT_MCS_SET,
1877 sizeof(sband->ht_cap.mcs),
1878 &sband->ht_cap.mcs) ||
1879 nla_put_u16(msg, NL80211_BAND_ATTR_HT_CAPA,
1880 sband->ht_cap.cap) ||
1881 nla_put_u8(msg, NL80211_BAND_ATTR_HT_AMPDU_FACTOR,
1882 sband->ht_cap.ampdu_factor) ||
1883 nla_put_u8(msg, NL80211_BAND_ATTR_HT_AMPDU_DENSITY,
1884 sband->ht_cap.ampdu_density)))
1888 if (sband->vht_cap.vht_supported &&
1889 (nla_put(msg, NL80211_BAND_ATTR_VHT_MCS_SET,
1890 sizeof(sband->vht_cap.vht_mcs),
1891 &sband->vht_cap.vht_mcs) ||
1892 nla_put_u32(msg, NL80211_BAND_ATTR_VHT_CAPA,
1893 sband->vht_cap.cap)))
1896 if (large && sband->n_iftype_data) {
1897 struct nlattr *nl_iftype_data =
1898 nla_nest_start_noflag(msg,
1899 NL80211_BAND_ATTR_IFTYPE_DATA);
1902 if (!nl_iftype_data)
1905 for (i = 0; i < sband->n_iftype_data; i++) {
1906 struct nlattr *iftdata;
1908 iftdata = nla_nest_start_noflag(msg, i + 1);
1912 err = nl80211_send_iftype_data(msg, sband,
1913 &sband->iftype_data[i]);
1917 nla_nest_end(msg, iftdata);
1920 nla_nest_end(msg, nl_iftype_data);
1924 if (large && sband->edmg_cap.channels &&
1925 (nla_put_u8(msg, NL80211_BAND_ATTR_EDMG_CHANNELS,
1926 sband->edmg_cap.channels) ||
1927 nla_put_u8(msg, NL80211_BAND_ATTR_EDMG_BW_CONFIG,
1928 sband->edmg_cap.bw_config)))
1933 nl_rates = nla_nest_start_noflag(msg, NL80211_BAND_ATTR_RATES);
1937 for (i = 0; i < sband->n_bitrates; i++) {
1938 nl_rate = nla_nest_start_noflag(msg, i);
1942 rate = &sband->bitrates[i];
1943 if (nla_put_u32(msg, NL80211_BITRATE_ATTR_RATE,
1946 if ((rate->flags & IEEE80211_RATE_SHORT_PREAMBLE) &&
1948 NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE))
1951 nla_nest_end(msg, nl_rate);
1954 nla_nest_end(msg, nl_rates);
1960 nl80211_send_mgmt_stypes(struct sk_buff *msg,
1961 const struct ieee80211_txrx_stypes *mgmt_stypes)
1964 struct nlattr *nl_ftypes, *nl_ifs;
1965 enum nl80211_iftype ift;
1971 nl_ifs = nla_nest_start_noflag(msg, NL80211_ATTR_TX_FRAME_TYPES);
1975 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) {
1976 nl_ftypes = nla_nest_start_noflag(msg, ift);
1980 stypes = mgmt_stypes[ift].tx;
1983 nla_put_u16(msg, NL80211_ATTR_FRAME_TYPE,
1984 (i << 4) | IEEE80211_FTYPE_MGMT))
1989 nla_nest_end(msg, nl_ftypes);
1992 nla_nest_end(msg, nl_ifs);
1994 nl_ifs = nla_nest_start_noflag(msg, NL80211_ATTR_RX_FRAME_TYPES);
1998 for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) {
1999 nl_ftypes = nla_nest_start_noflag(msg, ift);
2003 stypes = mgmt_stypes[ift].rx;
2006 nla_put_u16(msg, NL80211_ATTR_FRAME_TYPE,
2007 (i << 4) | IEEE80211_FTYPE_MGMT))
2012 nla_nest_end(msg, nl_ftypes);
2014 nla_nest_end(msg, nl_ifs);
2019 #define CMD(op, n) \
2021 if (rdev->ops->op) { \
2023 if (nla_put_u32(msg, i, NL80211_CMD_ ## n)) \
2024 goto nla_put_failure; \
2028 static int nl80211_add_commands_unsplit(struct cfg80211_registered_device *rdev,
2029 struct sk_buff *msg)
2034 * do *NOT* add anything into this function, new things need to be
2035 * advertised only to new versions of userspace that can deal with
2036 * the split (and they can't possibly care about new features...
2038 CMD(add_virtual_intf, NEW_INTERFACE);
2039 CMD(change_virtual_intf, SET_INTERFACE);
2040 CMD(add_key, NEW_KEY);
2041 CMD(start_ap, START_AP);
2042 CMD(add_station, NEW_STATION);
2043 CMD(add_mpath, NEW_MPATH);
2044 CMD(update_mesh_config, SET_MESH_CONFIG);
2045 CMD(change_bss, SET_BSS);
2046 CMD(auth, AUTHENTICATE);
2047 CMD(assoc, ASSOCIATE);
2048 CMD(deauth, DEAUTHENTICATE);
2049 CMD(disassoc, DISASSOCIATE);
2050 CMD(join_ibss, JOIN_IBSS);
2051 CMD(join_mesh, JOIN_MESH);
2052 CMD(set_pmksa, SET_PMKSA);
2053 CMD(del_pmksa, DEL_PMKSA);
2054 CMD(flush_pmksa, FLUSH_PMKSA);
2055 if (rdev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL)
2056 CMD(remain_on_channel, REMAIN_ON_CHANNEL);
2057 CMD(set_bitrate_mask, SET_TX_BITRATE_MASK);
2058 CMD(mgmt_tx, FRAME);
2059 CMD(mgmt_tx_cancel_wait, FRAME_WAIT_CANCEL);
2060 if (rdev->wiphy.flags & WIPHY_FLAG_NETNS_OK) {
2062 if (nla_put_u32(msg, i, NL80211_CMD_SET_WIPHY_NETNS))
2063 goto nla_put_failure;
2065 if (rdev->ops->set_monitor_channel || rdev->ops->start_ap ||
2066 rdev->ops->join_mesh) {
2068 if (nla_put_u32(msg, i, NL80211_CMD_SET_CHANNEL))
2069 goto nla_put_failure;
2071 if (rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) {
2072 CMD(tdls_mgmt, TDLS_MGMT);
2073 CMD(tdls_oper, TDLS_OPER);
2075 if (rdev->wiphy.max_sched_scan_reqs)
2076 CMD(sched_scan_start, START_SCHED_SCAN);
2077 CMD(probe_client, PROBE_CLIENT);
2078 CMD(set_noack_map, SET_NOACK_MAP);
2079 if (rdev->wiphy.flags & WIPHY_FLAG_REPORTS_OBSS) {
2081 if (nla_put_u32(msg, i, NL80211_CMD_REGISTER_BEACONS))
2082 goto nla_put_failure;
2084 CMD(start_p2p_device, START_P2P_DEVICE);
2085 CMD(set_mcast_rate, SET_MCAST_RATE);
2086 #ifdef CONFIG_NL80211_TESTMODE
2087 CMD(testmode_cmd, TESTMODE);
2090 if (rdev->ops->connect || rdev->ops->auth) {
2092 if (nla_put_u32(msg, i, NL80211_CMD_CONNECT))
2093 goto nla_put_failure;
2096 if (rdev->ops->disconnect || rdev->ops->deauth) {
2098 if (nla_put_u32(msg, i, NL80211_CMD_DISCONNECT))
2099 goto nla_put_failure;
2108 nl80211_send_pmsr_ftm_capa(const struct cfg80211_pmsr_capabilities *cap,
2109 struct sk_buff *msg)
2113 if (!cap->ftm.supported)
2116 ftm = nla_nest_start_noflag(msg, NL80211_PMSR_TYPE_FTM);
2120 if (cap->ftm.asap && nla_put_flag(msg, NL80211_PMSR_FTM_CAPA_ATTR_ASAP))
2122 if (cap->ftm.non_asap &&
2123 nla_put_flag(msg, NL80211_PMSR_FTM_CAPA_ATTR_NON_ASAP))
2125 if (cap->ftm.request_lci &&
2126 nla_put_flag(msg, NL80211_PMSR_FTM_CAPA_ATTR_REQ_LCI))
2128 if (cap->ftm.request_civicloc &&
2129 nla_put_flag(msg, NL80211_PMSR_FTM_CAPA_ATTR_REQ_CIVICLOC))
2131 if (nla_put_u32(msg, NL80211_PMSR_FTM_CAPA_ATTR_PREAMBLES,
2132 cap->ftm.preambles))
2134 if (nla_put_u32(msg, NL80211_PMSR_FTM_CAPA_ATTR_BANDWIDTHS,
2135 cap->ftm.bandwidths))
2137 if (cap->ftm.max_bursts_exponent >= 0 &&
2138 nla_put_u32(msg, NL80211_PMSR_FTM_CAPA_ATTR_MAX_BURSTS_EXPONENT,
2139 cap->ftm.max_bursts_exponent))
2141 if (cap->ftm.max_ftms_per_burst &&
2142 nla_put_u32(msg, NL80211_PMSR_FTM_CAPA_ATTR_MAX_FTMS_PER_BURST,
2143 cap->ftm.max_ftms_per_burst))
2145 if (cap->ftm.trigger_based &&
2146 nla_put_flag(msg, NL80211_PMSR_FTM_CAPA_ATTR_TRIGGER_BASED))
2148 if (cap->ftm.non_trigger_based &&
2149 nla_put_flag(msg, NL80211_PMSR_FTM_CAPA_ATTR_NON_TRIGGER_BASED))
2152 nla_nest_end(msg, ftm);
2156 static int nl80211_send_pmsr_capa(struct cfg80211_registered_device *rdev,
2157 struct sk_buff *msg)
2159 const struct cfg80211_pmsr_capabilities *cap = rdev->wiphy.pmsr_capa;
2160 struct nlattr *pmsr, *caps;
2166 * we don't need to clean up anything here since the caller
2167 * will genlmsg_cancel() if we fail
2170 pmsr = nla_nest_start_noflag(msg, NL80211_ATTR_PEER_MEASUREMENTS);
2174 if (nla_put_u32(msg, NL80211_PMSR_ATTR_MAX_PEERS, cap->max_peers))
2177 if (cap->report_ap_tsf &&
2178 nla_put_flag(msg, NL80211_PMSR_ATTR_REPORT_AP_TSF))
2181 if (cap->randomize_mac_addr &&
2182 nla_put_flag(msg, NL80211_PMSR_ATTR_RANDOMIZE_MAC_ADDR))
2185 caps = nla_nest_start_noflag(msg, NL80211_PMSR_ATTR_TYPE_CAPA);
2189 if (nl80211_send_pmsr_ftm_capa(cap, msg))
2192 nla_nest_end(msg, caps);
2193 nla_nest_end(msg, pmsr);
2199 nl80211_put_iftype_akm_suites(struct cfg80211_registered_device *rdev,
2200 struct sk_buff *msg)
2203 struct nlattr *nested, *nested_akms;
2204 const struct wiphy_iftype_akm_suites *iftype_akms;
2206 if (!rdev->wiphy.num_iftype_akm_suites ||
2207 !rdev->wiphy.iftype_akm_suites)
2210 nested = nla_nest_start(msg, NL80211_ATTR_IFTYPE_AKM_SUITES);
2214 for (i = 0; i < rdev->wiphy.num_iftype_akm_suites; i++) {
2215 nested_akms = nla_nest_start(msg, i + 1);
2219 iftype_akms = &rdev->wiphy.iftype_akm_suites[i];
2221 if (nl80211_put_iftypes(msg, NL80211_IFTYPE_AKM_ATTR_IFTYPES,
2222 iftype_akms->iftypes_mask))
2225 if (nla_put(msg, NL80211_IFTYPE_AKM_ATTR_SUITES,
2226 sizeof(u32) * iftype_akms->n_akm_suites,
2227 iftype_akms->akm_suites)) {
2230 nla_nest_end(msg, nested_akms);
2233 nla_nest_end(msg, nested);
2239 nl80211_put_tid_config_support(struct cfg80211_registered_device *rdev,
2240 struct sk_buff *msg)
2242 struct nlattr *supp;
2244 if (!rdev->wiphy.tid_config_support.vif &&
2245 !rdev->wiphy.tid_config_support.peer)
2248 supp = nla_nest_start(msg, NL80211_ATTR_TID_CONFIG);
2252 if (rdev->wiphy.tid_config_support.vif &&
2253 nla_put_u64_64bit(msg, NL80211_TID_CONFIG_ATTR_VIF_SUPP,
2254 rdev->wiphy.tid_config_support.vif,
2255 NL80211_TID_CONFIG_ATTR_PAD))
2258 if (rdev->wiphy.tid_config_support.peer &&
2259 nla_put_u64_64bit(msg, NL80211_TID_CONFIG_ATTR_PEER_SUPP,
2260 rdev->wiphy.tid_config_support.peer,
2261 NL80211_TID_CONFIG_ATTR_PAD))
2264 /* for now we just use the same value ... makes more sense */
2265 if (nla_put_u8(msg, NL80211_TID_CONFIG_ATTR_RETRY_SHORT,
2266 rdev->wiphy.tid_config_support.max_retry))
2268 if (nla_put_u8(msg, NL80211_TID_CONFIG_ATTR_RETRY_LONG,
2269 rdev->wiphy.tid_config_support.max_retry))
2272 nla_nest_end(msg, supp);
2276 nla_nest_cancel(msg, supp);
2281 nl80211_put_sar_specs(struct cfg80211_registered_device *rdev,
2282 struct sk_buff *msg)
2284 struct nlattr *sar_capa, *specs, *sub_freq_range;
2288 if (!rdev->wiphy.sar_capa)
2291 num_freq_ranges = rdev->wiphy.sar_capa->num_freq_ranges;
2293 sar_capa = nla_nest_start(msg, NL80211_ATTR_SAR_SPEC);
2297 if (nla_put_u32(msg, NL80211_SAR_ATTR_TYPE, rdev->wiphy.sar_capa->type))
2300 specs = nla_nest_start(msg, NL80211_SAR_ATTR_SPECS);
2304 /* report supported freq_ranges */
2305 for (i = 0; i < num_freq_ranges; i++) {
2306 sub_freq_range = nla_nest_start(msg, i + 1);
2307 if (!sub_freq_range)
2310 if (nla_put_u32(msg, NL80211_SAR_ATTR_SPECS_START_FREQ,
2311 rdev->wiphy.sar_capa->freq_ranges[i].start_freq))
2314 if (nla_put_u32(msg, NL80211_SAR_ATTR_SPECS_END_FREQ,
2315 rdev->wiphy.sar_capa->freq_ranges[i].end_freq))
2318 nla_nest_end(msg, sub_freq_range);
2321 nla_nest_end(msg, specs);
2322 nla_nest_end(msg, sar_capa);
2326 nla_nest_cancel(msg, sar_capa);
2330 static int nl80211_put_mbssid_support(struct wiphy *wiphy, struct sk_buff *msg)
2332 struct nlattr *config;
2334 if (!wiphy->mbssid_max_interfaces)
2337 config = nla_nest_start(msg, NL80211_ATTR_MBSSID_CONFIG);
2341 if (nla_put_u8(msg, NL80211_MBSSID_CONFIG_ATTR_MAX_INTERFACES,
2342 wiphy->mbssid_max_interfaces))
2345 if (wiphy->ema_max_profile_periodicity &&
2347 NL80211_MBSSID_CONFIG_ATTR_MAX_EMA_PROFILE_PERIODICITY,
2348 wiphy->ema_max_profile_periodicity))
2351 nla_nest_end(msg, config);
2355 nla_nest_cancel(msg, config);
2359 struct nl80211_dump_wiphy_state {
2362 long split_start, band_start, chan_start, capa_start;
2366 static int nl80211_send_wiphy(struct cfg80211_registered_device *rdev,
2367 enum nl80211_commands cmd,
2368 struct sk_buff *msg, u32 portid, u32 seq,
2369 int flags, struct nl80211_dump_wiphy_state *state)
2372 struct nlattr *nl_bands, *nl_band;
2373 struct nlattr *nl_freqs, *nl_freq;
2374 struct nlattr *nl_cmds;
2375 enum nl80211_band band;
2376 struct ieee80211_channel *chan;
2378 const struct ieee80211_txrx_stypes *mgmt_stypes =
2379 rdev->wiphy.mgmt_stypes;
2382 hdr = nl80211hdr_put(msg, portid, seq, flags, cmd);
2386 if (WARN_ON(!state))
2389 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
2390 nla_put_string(msg, NL80211_ATTR_WIPHY_NAME,
2391 wiphy_name(&rdev->wiphy)) ||
2392 nla_put_u32(msg, NL80211_ATTR_GENERATION,
2393 cfg80211_rdev_list_generation))
2394 goto nla_put_failure;
2396 if (cmd != NL80211_CMD_NEW_WIPHY)
2399 switch (state->split_start) {
2401 if (nla_put_u8(msg, NL80211_ATTR_WIPHY_RETRY_SHORT,
2402 rdev->wiphy.retry_short) ||
2403 nla_put_u8(msg, NL80211_ATTR_WIPHY_RETRY_LONG,
2404 rdev->wiphy.retry_long) ||
2405 nla_put_u32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD,
2406 rdev->wiphy.frag_threshold) ||
2407 nla_put_u32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD,
2408 rdev->wiphy.rts_threshold) ||
2409 nla_put_u8(msg, NL80211_ATTR_WIPHY_COVERAGE_CLASS,
2410 rdev->wiphy.coverage_class) ||
2411 nla_put_u8(msg, NL80211_ATTR_MAX_NUM_SCAN_SSIDS,
2412 rdev->wiphy.max_scan_ssids) ||
2413 nla_put_u8(msg, NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS,
2414 rdev->wiphy.max_sched_scan_ssids) ||
2415 nla_put_u16(msg, NL80211_ATTR_MAX_SCAN_IE_LEN,
2416 rdev->wiphy.max_scan_ie_len) ||
2417 nla_put_u16(msg, NL80211_ATTR_MAX_SCHED_SCAN_IE_LEN,
2418 rdev->wiphy.max_sched_scan_ie_len) ||
2419 nla_put_u8(msg, NL80211_ATTR_MAX_MATCH_SETS,
2420 rdev->wiphy.max_match_sets))
2421 goto nla_put_failure;
2423 if ((rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN) &&
2424 nla_put_flag(msg, NL80211_ATTR_SUPPORT_IBSS_RSN))
2425 goto nla_put_failure;
2426 if ((rdev->wiphy.flags & WIPHY_FLAG_MESH_AUTH) &&
2427 nla_put_flag(msg, NL80211_ATTR_SUPPORT_MESH_AUTH))
2428 goto nla_put_failure;
2429 if ((rdev->wiphy.flags & WIPHY_FLAG_AP_UAPSD) &&
2430 nla_put_flag(msg, NL80211_ATTR_SUPPORT_AP_UAPSD))
2431 goto nla_put_failure;
2432 if ((rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_FW_ROAM) &&
2433 nla_put_flag(msg, NL80211_ATTR_ROAM_SUPPORT))
2434 goto nla_put_failure;
2435 if ((rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) &&
2436 nla_put_flag(msg, NL80211_ATTR_TDLS_SUPPORT))
2437 goto nla_put_failure;
2438 if ((rdev->wiphy.flags & WIPHY_FLAG_TDLS_EXTERNAL_SETUP) &&
2439 nla_put_flag(msg, NL80211_ATTR_TDLS_EXTERNAL_SETUP))
2440 goto nla_put_failure;
2441 state->split_start++;
2446 if (nla_put(msg, NL80211_ATTR_CIPHER_SUITES,
2447 sizeof(u32) * rdev->wiphy.n_cipher_suites,
2448 rdev->wiphy.cipher_suites))
2449 goto nla_put_failure;
2451 if (nla_put_u8(msg, NL80211_ATTR_MAX_NUM_PMKIDS,
2452 rdev->wiphy.max_num_pmkids))
2453 goto nla_put_failure;
2455 if ((rdev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) &&
2456 nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE))
2457 goto nla_put_failure;
2459 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_TX,
2460 rdev->wiphy.available_antennas_tx) ||
2461 nla_put_u32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_RX,
2462 rdev->wiphy.available_antennas_rx))
2463 goto nla_put_failure;
2465 if ((rdev->wiphy.flags & WIPHY_FLAG_AP_PROBE_RESP_OFFLOAD) &&
2466 nla_put_u32(msg, NL80211_ATTR_PROBE_RESP_OFFLOAD,
2467 rdev->wiphy.probe_resp_offload))
2468 goto nla_put_failure;
2470 if ((rdev->wiphy.available_antennas_tx ||
2471 rdev->wiphy.available_antennas_rx) &&
2472 rdev->ops->get_antenna) {
2473 u32 tx_ant = 0, rx_ant = 0;
2476 res = rdev_get_antenna(rdev, &tx_ant, &rx_ant);
2478 if (nla_put_u32(msg,
2479 NL80211_ATTR_WIPHY_ANTENNA_TX,
2482 NL80211_ATTR_WIPHY_ANTENNA_RX,
2484 goto nla_put_failure;
2488 state->split_start++;
2493 if (nl80211_put_iftypes(msg, NL80211_ATTR_SUPPORTED_IFTYPES,
2494 rdev->wiphy.interface_modes))
2495 goto nla_put_failure;
2496 state->split_start++;
2501 nl_bands = nla_nest_start_noflag(msg,
2502 NL80211_ATTR_WIPHY_BANDS);
2504 goto nla_put_failure;
2506 for (band = state->band_start;
2507 band < (state->split ?
2509 NL80211_BAND_60GHZ + 1);
2511 struct ieee80211_supported_band *sband;
2513 /* omit higher bands for ancient software */
2514 if (band > NL80211_BAND_5GHZ && !state->split)
2517 sband = rdev->wiphy.bands[band];
2522 nl_band = nla_nest_start_noflag(msg, band);
2524 goto nla_put_failure;
2526 switch (state->chan_start) {
2528 if (nl80211_send_band_rateinfo(msg, sband,
2530 goto nla_put_failure;
2531 state->chan_start++;
2536 /* add frequencies */
2537 nl_freqs = nla_nest_start_noflag(msg,
2538 NL80211_BAND_ATTR_FREQS);
2540 goto nla_put_failure;
2542 for (i = state->chan_start - 1;
2543 i < sband->n_channels;
2545 nl_freq = nla_nest_start_noflag(msg,
2548 goto nla_put_failure;
2550 chan = &sband->channels[i];
2552 if (nl80211_msg_put_channel(
2553 msg, &rdev->wiphy, chan,
2555 goto nla_put_failure;
2557 nla_nest_end(msg, nl_freq);
2561 if (i < sband->n_channels)
2562 state->chan_start = i + 2;
2564 state->chan_start = 0;
2565 nla_nest_end(msg, nl_freqs);
2568 nla_nest_end(msg, nl_band);
2571 /* start again here */
2572 if (state->chan_start)
2577 nla_nest_end(msg, nl_bands);
2579 if (band < NUM_NL80211_BANDS)
2580 state->band_start = band + 1;
2582 state->band_start = 0;
2584 /* if bands & channels are done, continue outside */
2585 if (state->band_start == 0 && state->chan_start == 0)
2586 state->split_start++;
2591 nl_cmds = nla_nest_start_noflag(msg,
2592 NL80211_ATTR_SUPPORTED_COMMANDS);
2594 goto nla_put_failure;
2596 i = nl80211_add_commands_unsplit(rdev, msg);
2598 goto nla_put_failure;
2600 CMD(crit_proto_start, CRIT_PROTOCOL_START);
2601 CMD(crit_proto_stop, CRIT_PROTOCOL_STOP);
2602 if (rdev->wiphy.flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH)
2603 CMD(channel_switch, CHANNEL_SWITCH);
2604 CMD(set_qos_map, SET_QOS_MAP);
2605 if (rdev->wiphy.features &
2606 NL80211_FEATURE_SUPPORTS_WMM_ADMISSION)
2607 CMD(add_tx_ts, ADD_TX_TS);
2608 CMD(set_multicast_to_unicast, SET_MULTICAST_TO_UNICAST);
2609 CMD(update_connect_params, UPDATE_CONNECT_PARAMS);
2610 CMD(update_ft_ies, UPDATE_FT_IES);
2611 if (rdev->wiphy.sar_capa)
2612 CMD(set_sar_specs, SET_SAR_SPECS);
2616 nla_nest_end(msg, nl_cmds);
2617 state->split_start++;
2622 if (rdev->ops->remain_on_channel &&
2623 (rdev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL) &&
2625 NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION,
2626 rdev->wiphy.max_remain_on_channel_duration))
2627 goto nla_put_failure;
2629 if ((rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX) &&
2630 nla_put_flag(msg, NL80211_ATTR_OFFCHANNEL_TX_OK))
2631 goto nla_put_failure;
2633 state->split_start++;
2639 if (nl80211_send_wowlan(msg, rdev, state->split))
2640 goto nla_put_failure;
2641 state->split_start++;
2645 state->split_start++;
2649 if (nl80211_put_iftypes(msg, NL80211_ATTR_SOFTWARE_IFTYPES,
2650 rdev->wiphy.software_iftypes))
2651 goto nla_put_failure;
2653 if (nl80211_put_iface_combinations(&rdev->wiphy, msg,
2655 goto nla_put_failure;
2657 state->split_start++;
2662 if ((rdev->wiphy.flags & WIPHY_FLAG_HAVE_AP_SME) &&
2663 nla_put_u32(msg, NL80211_ATTR_DEVICE_AP_SME,
2664 rdev->wiphy.ap_sme_capa))
2665 goto nla_put_failure;
2667 features = rdev->wiphy.features;
2669 * We can only add the per-channel limit information if the
2670 * dump is split, otherwise it makes it too big. Therefore
2671 * only advertise it in that case.
2674 features |= NL80211_FEATURE_ADVERTISE_CHAN_LIMITS;
2675 if (nla_put_u32(msg, NL80211_ATTR_FEATURE_FLAGS, features))
2676 goto nla_put_failure;
2678 if (rdev->wiphy.ht_capa_mod_mask &&
2679 nla_put(msg, NL80211_ATTR_HT_CAPABILITY_MASK,
2680 sizeof(*rdev->wiphy.ht_capa_mod_mask),
2681 rdev->wiphy.ht_capa_mod_mask))
2682 goto nla_put_failure;
2684 if (rdev->wiphy.flags & WIPHY_FLAG_HAVE_AP_SME &&
2685 rdev->wiphy.max_acl_mac_addrs &&
2686 nla_put_u32(msg, NL80211_ATTR_MAC_ACL_MAX,
2687 rdev->wiphy.max_acl_mac_addrs))
2688 goto nla_put_failure;
2691 * Any information below this point is only available to
2692 * applications that can deal with it being split. This
2693 * helps ensure that newly added capabilities don't break
2694 * older tools by overrunning their buffers.
2696 * We still increment split_start so that in the split
2697 * case we'll continue with more data in the next round,
2698 * but break unconditionally so unsplit data stops here.
2701 state->split_start++;
2703 state->split_start = 0;
2706 if (nl80211_send_mgmt_stypes(msg, mgmt_stypes))
2707 goto nla_put_failure;
2709 if (nla_put_u32(msg, NL80211_ATTR_MAX_NUM_SCHED_SCAN_PLANS,
2710 rdev->wiphy.max_sched_scan_plans) ||
2711 nla_put_u32(msg, NL80211_ATTR_MAX_SCAN_PLAN_INTERVAL,
2712 rdev->wiphy.max_sched_scan_plan_interval) ||
2713 nla_put_u32(msg, NL80211_ATTR_MAX_SCAN_PLAN_ITERATIONS,
2714 rdev->wiphy.max_sched_scan_plan_iterations))
2715 goto nla_put_failure;
2717 if (rdev->wiphy.extended_capabilities &&
2718 (nla_put(msg, NL80211_ATTR_EXT_CAPA,
2719 rdev->wiphy.extended_capabilities_len,
2720 rdev->wiphy.extended_capabilities) ||
2721 nla_put(msg, NL80211_ATTR_EXT_CAPA_MASK,
2722 rdev->wiphy.extended_capabilities_len,
2723 rdev->wiphy.extended_capabilities_mask)))
2724 goto nla_put_failure;
2726 if (rdev->wiphy.vht_capa_mod_mask &&
2727 nla_put(msg, NL80211_ATTR_VHT_CAPABILITY_MASK,
2728 sizeof(*rdev->wiphy.vht_capa_mod_mask),
2729 rdev->wiphy.vht_capa_mod_mask))
2730 goto nla_put_failure;
2732 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN,
2733 rdev->wiphy.perm_addr))
2734 goto nla_put_failure;
2736 if (!is_zero_ether_addr(rdev->wiphy.addr_mask) &&
2737 nla_put(msg, NL80211_ATTR_MAC_MASK, ETH_ALEN,
2738 rdev->wiphy.addr_mask))
2739 goto nla_put_failure;
2741 if (rdev->wiphy.n_addresses > 1) {
2744 attr = nla_nest_start(msg, NL80211_ATTR_MAC_ADDRS);
2746 goto nla_put_failure;
2748 for (i = 0; i < rdev->wiphy.n_addresses; i++)
2749 if (nla_put(msg, i + 1, ETH_ALEN,
2750 rdev->wiphy.addresses[i].addr))
2751 goto nla_put_failure;
2753 nla_nest_end(msg, attr);
2756 state->split_start++;
2759 if (nl80211_send_coalesce(msg, rdev))
2760 goto nla_put_failure;
2762 if ((rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_5_10_MHZ) &&
2763 (nla_put_flag(msg, NL80211_ATTR_SUPPORT_5_MHZ) ||
2764 nla_put_flag(msg, NL80211_ATTR_SUPPORT_10_MHZ)))
2765 goto nla_put_failure;
2767 if (rdev->wiphy.max_ap_assoc_sta &&
2768 nla_put_u32(msg, NL80211_ATTR_MAX_AP_ASSOC_STA,
2769 rdev->wiphy.max_ap_assoc_sta))
2770 goto nla_put_failure;
2772 state->split_start++;
2775 if (rdev->wiphy.n_vendor_commands) {
2776 const struct nl80211_vendor_cmd_info *info;
2777 struct nlattr *nested;
2779 nested = nla_nest_start_noflag(msg,
2780 NL80211_ATTR_VENDOR_DATA);
2782 goto nla_put_failure;
2784 for (i = 0; i < rdev->wiphy.n_vendor_commands; i++) {
2785 info = &rdev->wiphy.vendor_commands[i].info;
2786 if (nla_put(msg, i + 1, sizeof(*info), info))
2787 goto nla_put_failure;
2789 nla_nest_end(msg, nested);
2792 if (rdev->wiphy.n_vendor_events) {
2793 const struct nl80211_vendor_cmd_info *info;
2794 struct nlattr *nested;
2796 nested = nla_nest_start_noflag(msg,
2797 NL80211_ATTR_VENDOR_EVENTS);
2799 goto nla_put_failure;
2801 for (i = 0; i < rdev->wiphy.n_vendor_events; i++) {
2802 info = &rdev->wiphy.vendor_events[i];
2803 if (nla_put(msg, i + 1, sizeof(*info), info))
2804 goto nla_put_failure;
2806 nla_nest_end(msg, nested);
2808 state->split_start++;
2811 if (rdev->wiphy.flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH &&
2812 nla_put_u8(msg, NL80211_ATTR_MAX_CSA_COUNTERS,
2813 rdev->wiphy.max_num_csa_counters))
2814 goto nla_put_failure;
2816 if (rdev->wiphy.regulatory_flags & REGULATORY_WIPHY_SELF_MANAGED &&
2817 nla_put_flag(msg, NL80211_ATTR_WIPHY_SELF_MANAGED_REG))
2818 goto nla_put_failure;
2820 if (rdev->wiphy.max_sched_scan_reqs &&
2821 nla_put_u32(msg, NL80211_ATTR_SCHED_SCAN_MAX_REQS,
2822 rdev->wiphy.max_sched_scan_reqs))
2823 goto nla_put_failure;
2825 if (nla_put(msg, NL80211_ATTR_EXT_FEATURES,
2826 sizeof(rdev->wiphy.ext_features),
2827 rdev->wiphy.ext_features))
2828 goto nla_put_failure;
2830 if (rdev->wiphy.bss_select_support) {
2831 struct nlattr *nested;
2832 u32 bss_select_support = rdev->wiphy.bss_select_support;
2834 nested = nla_nest_start_noflag(msg,
2835 NL80211_ATTR_BSS_SELECT);
2837 goto nla_put_failure;
2840 while (bss_select_support) {
2841 if ((bss_select_support & 1) &&
2842 nla_put_flag(msg, i))
2843 goto nla_put_failure;
2845 bss_select_support >>= 1;
2847 nla_nest_end(msg, nested);
2850 state->split_start++;
2853 if (rdev->wiphy.num_iftype_ext_capab &&
2854 rdev->wiphy.iftype_ext_capab) {
2855 struct nlattr *nested_ext_capab, *nested;
2857 nested = nla_nest_start_noflag(msg,
2858 NL80211_ATTR_IFTYPE_EXT_CAPA);
2860 goto nla_put_failure;
2862 for (i = state->capa_start;
2863 i < rdev->wiphy.num_iftype_ext_capab; i++) {
2864 const struct wiphy_iftype_ext_capab *capab;
2866 capab = &rdev->wiphy.iftype_ext_capab[i];
2868 nested_ext_capab = nla_nest_start_noflag(msg,
2870 if (!nested_ext_capab ||
2871 nla_put_u32(msg, NL80211_ATTR_IFTYPE,
2873 nla_put(msg, NL80211_ATTR_EXT_CAPA,
2874 capab->extended_capabilities_len,
2875 capab->extended_capabilities) ||
2876 nla_put(msg, NL80211_ATTR_EXT_CAPA_MASK,
2877 capab->extended_capabilities_len,
2878 capab->extended_capabilities_mask))
2879 goto nla_put_failure;
2881 if (rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_MLO &&
2883 NL80211_ATTR_EML_CAPABILITY,
2884 capab->eml_capabilities) ||
2886 NL80211_ATTR_MLD_CAPA_AND_OPS,
2887 capab->mld_capa_and_ops)))
2888 goto nla_put_failure;
2890 nla_nest_end(msg, nested_ext_capab);
2894 nla_nest_end(msg, nested);
2895 if (i < rdev->wiphy.num_iftype_ext_capab) {
2896 state->capa_start = i + 1;
2901 if (nla_put_u32(msg, NL80211_ATTR_BANDS,
2902 rdev->wiphy.nan_supported_bands))
2903 goto nla_put_failure;
2905 if (wiphy_ext_feature_isset(&rdev->wiphy,
2906 NL80211_EXT_FEATURE_TXQS)) {
2907 struct cfg80211_txq_stats txqstats = {};
2910 res = rdev_get_txq_stats(rdev, NULL, &txqstats);
2912 !nl80211_put_txq_stats(msg, &txqstats,
2913 NL80211_ATTR_TXQ_STATS))
2914 goto nla_put_failure;
2916 if (nla_put_u32(msg, NL80211_ATTR_TXQ_LIMIT,
2917 rdev->wiphy.txq_limit))
2918 goto nla_put_failure;
2919 if (nla_put_u32(msg, NL80211_ATTR_TXQ_MEMORY_LIMIT,
2920 rdev->wiphy.txq_memory_limit))
2921 goto nla_put_failure;
2922 if (nla_put_u32(msg, NL80211_ATTR_TXQ_QUANTUM,
2923 rdev->wiphy.txq_quantum))
2924 goto nla_put_failure;
2927 state->split_start++;
2930 if (nl80211_send_pmsr_capa(rdev, msg))
2931 goto nla_put_failure;
2933 state->split_start++;
2936 if (rdev->wiphy.akm_suites &&
2937 nla_put(msg, NL80211_ATTR_AKM_SUITES,
2938 sizeof(u32) * rdev->wiphy.n_akm_suites,
2939 rdev->wiphy.akm_suites))
2940 goto nla_put_failure;
2942 if (nl80211_put_iftype_akm_suites(rdev, msg))
2943 goto nla_put_failure;
2945 if (nl80211_put_tid_config_support(rdev, msg))
2946 goto nla_put_failure;
2947 state->split_start++;
2950 if (nl80211_put_sar_specs(rdev, msg))
2951 goto nla_put_failure;
2953 if (nl80211_put_mbssid_support(&rdev->wiphy, msg))
2954 goto nla_put_failure;
2956 if (nla_put_u16(msg, NL80211_ATTR_MAX_NUM_AKM_SUITES,
2957 rdev->wiphy.max_num_akm_suites))
2958 goto nla_put_failure;
2960 if (rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_MLO)
2961 nla_put_flag(msg, NL80211_ATTR_MLO_SUPPORT);
2964 state->split_start = 0;
2968 genlmsg_end(msg, hdr);
2972 genlmsg_cancel(msg, hdr);
2976 static int nl80211_dump_wiphy_parse(struct sk_buff *skb,
2977 struct netlink_callback *cb,
2978 struct nl80211_dump_wiphy_state *state)
2980 struct nlattr **tb = kcalloc(NUM_NL80211_ATTR, sizeof(*tb), GFP_KERNEL);
2986 ret = nlmsg_parse_deprecated(cb->nlh,
2987 GENL_HDRLEN + nl80211_fam.hdrsize,
2988 tb, nl80211_fam.maxattr,
2989 nl80211_policy, NULL);
2990 /* ignore parse errors for backward compatibility */
2996 state->split = tb[NL80211_ATTR_SPLIT_WIPHY_DUMP];
2997 if (tb[NL80211_ATTR_WIPHY])
2998 state->filter_wiphy = nla_get_u32(tb[NL80211_ATTR_WIPHY]);
2999 if (tb[NL80211_ATTR_WDEV])
3000 state->filter_wiphy = nla_get_u64(tb[NL80211_ATTR_WDEV]) >> 32;
3001 if (tb[NL80211_ATTR_IFINDEX]) {
3002 struct net_device *netdev;
3003 struct cfg80211_registered_device *rdev;
3004 int ifidx = nla_get_u32(tb[NL80211_ATTR_IFINDEX]);
3006 netdev = __dev_get_by_index(sock_net(skb->sk), ifidx);
3011 if (netdev->ieee80211_ptr) {
3012 rdev = wiphy_to_rdev(
3013 netdev->ieee80211_ptr->wiphy);
3014 state->filter_wiphy = rdev->wiphy_idx;
3024 static int nl80211_dump_wiphy(struct sk_buff *skb, struct netlink_callback *cb)
3027 struct nl80211_dump_wiphy_state *state = (void *)cb->args[0];
3028 struct cfg80211_registered_device *rdev;
3032 state = kzalloc(sizeof(*state), GFP_KERNEL);
3037 state->filter_wiphy = -1;
3038 ret = nl80211_dump_wiphy_parse(skb, cb, state);
3044 cb->args[0] = (long)state;
3047 list_for_each_entry(rdev, &cfg80211_rdev_list, list) {
3048 if (!net_eq(wiphy_net(&rdev->wiphy), sock_net(skb->sk)))
3050 if (++idx <= state->start)
3052 if (state->filter_wiphy != -1 &&
3053 state->filter_wiphy != rdev->wiphy_idx)
3055 /* attempt to fit multiple wiphy data chunks into the skb */
3057 ret = nl80211_send_wiphy(rdev, NL80211_CMD_NEW_WIPHY,
3059 NETLINK_CB(cb->skb).portid,
3061 NLM_F_MULTI, state);
3064 * If sending the wiphy data didn't fit (ENOBUFS
3065 * or EMSGSIZE returned), this SKB is still
3066 * empty (so it's not too big because another
3067 * wiphy dataset is already in the skb) and
3068 * we've not tried to adjust the dump allocation
3069 * yet ... then adjust the alloc size to be
3070 * bigger, and return 1 but with the empty skb.
3071 * This results in an empty message being RX'ed
3072 * in userspace, but that is ignored.
3074 * We can then retry with the larger buffer.
3076 if ((ret == -ENOBUFS || ret == -EMSGSIZE) &&
3077 !skb->len && !state->split &&
3078 cb->min_dump_alloc < 4096) {
3079 cb->min_dump_alloc = 4096;
3080 state->split_start = 0;
3087 } while (state->split_start > 0);
3097 static int nl80211_dump_wiphy_done(struct netlink_callback *cb)
3099 kfree((void *)cb->args[0]);
3103 static int nl80211_get_wiphy(struct sk_buff *skb, struct genl_info *info)
3105 struct sk_buff *msg;
3106 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3107 struct nl80211_dump_wiphy_state state = {};
3109 msg = nlmsg_new(4096, GFP_KERNEL);
3113 if (nl80211_send_wiphy(rdev, NL80211_CMD_NEW_WIPHY, msg,
3114 info->snd_portid, info->snd_seq, 0,
3120 return genlmsg_reply(msg, info);
3123 static const struct nla_policy txq_params_policy[NL80211_TXQ_ATTR_MAX + 1] = {
3124 [NL80211_TXQ_ATTR_QUEUE] = { .type = NLA_U8 },
3125 [NL80211_TXQ_ATTR_TXOP] = { .type = NLA_U16 },
3126 [NL80211_TXQ_ATTR_CWMIN] = { .type = NLA_U16 },
3127 [NL80211_TXQ_ATTR_CWMAX] = { .type = NLA_U16 },
3128 [NL80211_TXQ_ATTR_AIFS] = { .type = NLA_U8 },
3131 static int parse_txq_params(struct nlattr *tb[],
3132 struct ieee80211_txq_params *txq_params)
3136 if (!tb[NL80211_TXQ_ATTR_AC] || !tb[NL80211_TXQ_ATTR_TXOP] ||
3137 !tb[NL80211_TXQ_ATTR_CWMIN] || !tb[NL80211_TXQ_ATTR_CWMAX] ||
3138 !tb[NL80211_TXQ_ATTR_AIFS])
3141 ac = nla_get_u8(tb[NL80211_TXQ_ATTR_AC]);
3142 txq_params->txop = nla_get_u16(tb[NL80211_TXQ_ATTR_TXOP]);
3143 txq_params->cwmin = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMIN]);
3144 txq_params->cwmax = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMAX]);
3145 txq_params->aifs = nla_get_u8(tb[NL80211_TXQ_ATTR_AIFS]);
3147 if (ac >= NL80211_NUM_ACS)
3149 txq_params->ac = array_index_nospec(ac, NL80211_NUM_ACS);
3153 static bool nl80211_can_set_dev_channel(struct wireless_dev *wdev)
3156 * You can only set the channel explicitly for some interfaces,
3157 * most have their channel managed via their respective
3158 * "establish a connection" command (connect, join, ...)
3160 * For AP/GO and mesh mode, the channel can be set with the
3161 * channel userspace API, but is only stored and passed to the
3162 * low-level driver when the AP starts or the mesh is joined.
3163 * This is for backward compatibility, userspace can also give
3164 * the channel in the start-ap or join-mesh commands instead.
3166 * Monitors are special as they are normally slaved to
3167 * whatever else is going on, so they have their own special
3168 * operation to set the monitor channel if possible.
3171 wdev->iftype == NL80211_IFTYPE_AP ||
3172 wdev->iftype == NL80211_IFTYPE_MESH_POINT ||
3173 wdev->iftype == NL80211_IFTYPE_MONITOR ||
3174 wdev->iftype == NL80211_IFTYPE_P2P_GO;
3177 int nl80211_parse_chandef(struct cfg80211_registered_device *rdev,
3178 struct genl_info *info,
3179 struct cfg80211_chan_def *chandef)
3181 struct netlink_ext_ack *extack = info->extack;
3182 struct nlattr **attrs = info->attrs;
3185 if (!attrs[NL80211_ATTR_WIPHY_FREQ])
3188 control_freq = MHZ_TO_KHZ(
3189 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]));
3190 if (info->attrs[NL80211_ATTR_WIPHY_FREQ_OFFSET])
3192 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ_OFFSET]);
3194 memset(chandef, 0, sizeof(*chandef));
3195 chandef->chan = ieee80211_get_channel_khz(&rdev->wiphy, control_freq);
3196 chandef->width = NL80211_CHAN_WIDTH_20_NOHT;
3197 chandef->center_freq1 = KHZ_TO_MHZ(control_freq);
3198 chandef->freq1_offset = control_freq % 1000;
3199 chandef->center_freq2 = 0;
3201 /* Primary channel not allowed */
3202 if (!chandef->chan || chandef->chan->flags & IEEE80211_CHAN_DISABLED) {
3203 NL_SET_ERR_MSG_ATTR(extack, attrs[NL80211_ATTR_WIPHY_FREQ],
3204 "Channel is disabled");
3208 if (attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) {
3209 enum nl80211_channel_type chantype;
3211 chantype = nla_get_u32(attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
3214 case NL80211_CHAN_NO_HT:
3215 case NL80211_CHAN_HT20:
3216 case NL80211_CHAN_HT40PLUS:
3217 case NL80211_CHAN_HT40MINUS:
3218 cfg80211_chandef_create(chandef, chandef->chan,
3220 /* user input for center_freq is incorrect */
3221 if (attrs[NL80211_ATTR_CENTER_FREQ1] &&
3222 chandef->center_freq1 != nla_get_u32(attrs[NL80211_ATTR_CENTER_FREQ1])) {
3223 NL_SET_ERR_MSG_ATTR(extack,
3224 attrs[NL80211_ATTR_CENTER_FREQ1],
3225 "bad center frequency 1");
3228 /* center_freq2 must be zero */
3229 if (attrs[NL80211_ATTR_CENTER_FREQ2] &&
3230 nla_get_u32(attrs[NL80211_ATTR_CENTER_FREQ2])) {
3231 NL_SET_ERR_MSG_ATTR(extack,
3232 attrs[NL80211_ATTR_CENTER_FREQ2],
3233 "center frequency 2 can't be used");
3238 NL_SET_ERR_MSG_ATTR(extack,
3239 attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE],
3240 "invalid channel type");
3243 } else if (attrs[NL80211_ATTR_CHANNEL_WIDTH]) {
3245 nla_get_u32(attrs[NL80211_ATTR_CHANNEL_WIDTH]);
3246 if (chandef->chan->band == NL80211_BAND_S1GHZ) {
3247 /* User input error for channel width doesn't match channel */
3248 if (chandef->width != ieee80211_s1g_channel_width(chandef->chan)) {
3249 NL_SET_ERR_MSG_ATTR(extack,
3250 attrs[NL80211_ATTR_CHANNEL_WIDTH],
3251 "bad channel width");
3255 if (attrs[NL80211_ATTR_CENTER_FREQ1]) {
3256 chandef->center_freq1 =
3257 nla_get_u32(attrs[NL80211_ATTR_CENTER_FREQ1]);
3258 if (attrs[NL80211_ATTR_CENTER_FREQ1_OFFSET])
3259 chandef->freq1_offset = nla_get_u32(
3260 attrs[NL80211_ATTR_CENTER_FREQ1_OFFSET]);
3262 chandef->freq1_offset = 0;
3264 if (attrs[NL80211_ATTR_CENTER_FREQ2])
3265 chandef->center_freq2 =
3266 nla_get_u32(attrs[NL80211_ATTR_CENTER_FREQ2]);
3269 if (info->attrs[NL80211_ATTR_WIPHY_EDMG_CHANNELS]) {
3270 chandef->edmg.channels =
3271 nla_get_u8(info->attrs[NL80211_ATTR_WIPHY_EDMG_CHANNELS]);
3273 if (info->attrs[NL80211_ATTR_WIPHY_EDMG_BW_CONFIG])
3274 chandef->edmg.bw_config =
3275 nla_get_u8(info->attrs[NL80211_ATTR_WIPHY_EDMG_BW_CONFIG]);
3277 chandef->edmg.bw_config = 0;
3278 chandef->edmg.channels = 0;
3281 if (!cfg80211_chandef_valid(chandef)) {
3282 NL_SET_ERR_MSG(extack, "invalid channel definition");
3286 if (!cfg80211_chandef_usable(&rdev->wiphy, chandef,
3287 IEEE80211_CHAN_DISABLED)) {
3288 NL_SET_ERR_MSG(extack, "(extension) channel is disabled");
3292 if ((chandef->width == NL80211_CHAN_WIDTH_5 ||
3293 chandef->width == NL80211_CHAN_WIDTH_10) &&
3294 !(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_5_10_MHZ)) {
3295 NL_SET_ERR_MSG(extack, "5/10 MHz not supported");
3302 static int __nl80211_set_channel(struct cfg80211_registered_device *rdev,
3303 struct net_device *dev,
3304 struct genl_info *info,
3307 struct cfg80211_chan_def chandef;
3309 enum nl80211_iftype iftype = NL80211_IFTYPE_MONITOR;
3310 struct wireless_dev *wdev = NULL;
3311 int link_id = _link_id;
3314 wdev = dev->ieee80211_ptr;
3315 if (!nl80211_can_set_dev_channel(wdev))
3318 iftype = wdev->iftype;
3321 if (wdev && wdev->valid_links)
3326 result = nl80211_parse_chandef(rdev, info, &chandef);
3331 case NL80211_IFTYPE_AP:
3332 case NL80211_IFTYPE_P2P_GO:
3333 if (!cfg80211_reg_can_beacon_relax(&rdev->wiphy, &chandef,
3336 if (wdev->links[link_id].ap.beacon_interval) {
3337 struct ieee80211_channel *cur_chan;
3339 if (!dev || !rdev->ops->set_ap_chanwidth ||
3340 !(rdev->wiphy.features &
3341 NL80211_FEATURE_AP_MODE_CHAN_WIDTH_CHANGE))
3344 /* Only allow dynamic channel width changes */
3345 cur_chan = wdev->links[link_id].ap.chandef.chan;
3346 if (chandef.chan != cur_chan)
3349 result = rdev_set_ap_chanwidth(rdev, dev, link_id,
3353 wdev->links[link_id].ap.chandef = chandef;
3355 wdev->u.ap.preset_chandef = chandef;
3358 case NL80211_IFTYPE_MESH_POINT:
3359 return cfg80211_set_mesh_channel(rdev, wdev, &chandef);
3360 case NL80211_IFTYPE_MONITOR:
3361 return cfg80211_set_monitor_channel(rdev, &chandef);
3369 static int nl80211_set_channel(struct sk_buff *skb, struct genl_info *info)
3371 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3372 int link_id = nl80211_link_id_or_invalid(info->attrs);
3373 struct net_device *netdev = info->user_ptr[1];
3376 wdev_lock(netdev->ieee80211_ptr);
3377 ret = __nl80211_set_channel(rdev, netdev, info, link_id);
3378 wdev_unlock(netdev->ieee80211_ptr);
3383 static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info)
3385 struct cfg80211_registered_device *rdev = NULL;
3386 struct net_device *netdev = NULL;
3387 struct wireless_dev *wdev;
3388 int result = 0, rem_txq_params = 0;
3389 struct nlattr *nl_txq_params;
3391 u8 retry_short = 0, retry_long = 0;
3392 u32 frag_threshold = 0, rts_threshold = 0;
3393 u8 coverage_class = 0;
3394 u32 txq_limit = 0, txq_memory_limit = 0, txq_quantum = 0;
3398 * Try to find the wiphy and netdev. Normally this
3399 * function shouldn't need the netdev, but this is
3400 * done for backward compatibility -- previously
3401 * setting the channel was done per wiphy, but now
3402 * it is per netdev. Previous userland like hostapd
3403 * also passed a netdev to set_wiphy, so that it is
3404 * possible to let that go to the right netdev!
3407 if (info->attrs[NL80211_ATTR_IFINDEX]) {
3408 int ifindex = nla_get_u32(info->attrs[NL80211_ATTR_IFINDEX]);
3410 netdev = __dev_get_by_index(genl_info_net(info), ifindex);
3411 if (netdev && netdev->ieee80211_ptr)
3412 rdev = wiphy_to_rdev(netdev->ieee80211_ptr->wiphy);
3418 rdev = __cfg80211_rdev_from_attrs(genl_info_net(info),
3422 return PTR_ERR(rdev);
3428 wdev = netdev->ieee80211_ptr;
3430 wiphy_lock(&rdev->wiphy);
3433 * end workaround code, by now the rdev is available
3434 * and locked, and wdev may or may not be NULL.
3437 if (info->attrs[NL80211_ATTR_WIPHY_NAME])
3438 result = cfg80211_dev_rename(
3439 rdev, nla_data(info->attrs[NL80211_ATTR_WIPHY_NAME]));
3445 if (info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS]) {
3446 struct ieee80211_txq_params txq_params;
3447 struct nlattr *tb[NL80211_TXQ_ATTR_MAX + 1];
3449 if (!rdev->ops->set_txq_params) {
3450 result = -EOPNOTSUPP;
3459 if (netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
3460 netdev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) {
3465 if (!netif_running(netdev)) {
3470 nla_for_each_nested(nl_txq_params,
3471 info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS],
3473 result = nla_parse_nested_deprecated(tb,
3474 NL80211_TXQ_ATTR_MAX,
3480 result = parse_txq_params(tb, &txq_params);
3484 txq_params.link_id =
3485 nl80211_link_id_or_invalid(info->attrs);
3487 wdev_lock(netdev->ieee80211_ptr);
3488 if (txq_params.link_id >= 0 &&
3489 !(netdev->ieee80211_ptr->valid_links &
3490 BIT(txq_params.link_id)))
3492 else if (txq_params.link_id >= 0 &&
3493 !netdev->ieee80211_ptr->valid_links)
3496 result = rdev_set_txq_params(rdev, netdev,
3498 wdev_unlock(netdev->ieee80211_ptr);
3504 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
3505 int link_id = nl80211_link_id_or_invalid(info->attrs);
3509 result = __nl80211_set_channel(
3511 nl80211_can_set_dev_channel(wdev) ? netdev : NULL,
3515 result = __nl80211_set_channel(rdev, netdev, info, link_id);
3522 if (info->attrs[NL80211_ATTR_WIPHY_TX_POWER_SETTING]) {
3523 struct wireless_dev *txp_wdev = wdev;
3524 enum nl80211_tx_power_setting type;
3527 if (!(rdev->wiphy.features & NL80211_FEATURE_VIF_TXPOWER))
3530 if (!rdev->ops->set_tx_power) {
3531 result = -EOPNOTSUPP;
3535 idx = NL80211_ATTR_WIPHY_TX_POWER_SETTING;
3536 type = nla_get_u32(info->attrs[idx]);
3538 if (!info->attrs[NL80211_ATTR_WIPHY_TX_POWER_LEVEL] &&
3539 (type != NL80211_TX_POWER_AUTOMATIC)) {
3544 if (type != NL80211_TX_POWER_AUTOMATIC) {
3545 idx = NL80211_ATTR_WIPHY_TX_POWER_LEVEL;
3546 mbm = nla_get_u32(info->attrs[idx]);
3549 result = rdev_set_tx_power(rdev, txp_wdev, type, mbm);
3554 if (info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX] &&
3555 info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]) {
3558 if ((!rdev->wiphy.available_antennas_tx &&
3559 !rdev->wiphy.available_antennas_rx) ||
3560 !rdev->ops->set_antenna) {
3561 result = -EOPNOTSUPP;
3565 tx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_TX]);
3566 rx_ant = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_ANTENNA_RX]);
3568 /* reject antenna configurations which don't match the
3569 * available antenna masks, except for the "all" mask */
3570 if ((~tx_ant && (tx_ant & ~rdev->wiphy.available_antennas_tx)) ||
3571 (~rx_ant && (rx_ant & ~rdev->wiphy.available_antennas_rx))) {
3576 tx_ant = tx_ant & rdev->wiphy.available_antennas_tx;
3577 rx_ant = rx_ant & rdev->wiphy.available_antennas_rx;
3579 result = rdev_set_antenna(rdev, tx_ant, rx_ant);
3586 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]) {
3587 retry_short = nla_get_u8(
3588 info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]);
3590 changed |= WIPHY_PARAM_RETRY_SHORT;
3593 if (info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]) {
3594 retry_long = nla_get_u8(
3595 info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]);
3597 changed |= WIPHY_PARAM_RETRY_LONG;
3600 if (info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]) {
3601 frag_threshold = nla_get_u32(
3602 info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]);
3603 if (frag_threshold < 256) {
3608 if (frag_threshold != (u32) -1) {
3610 * Fragments (apart from the last one) are required to
3611 * have even length. Make the fragmentation code
3612 * simpler by stripping LSB should someone try to use
3613 * odd threshold value.
3615 frag_threshold &= ~0x1;
3617 changed |= WIPHY_PARAM_FRAG_THRESHOLD;
3620 if (info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]) {
3621 rts_threshold = nla_get_u32(
3622 info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]);
3623 changed |= WIPHY_PARAM_RTS_THRESHOLD;
3626 if (info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]) {
3627 if (info->attrs[NL80211_ATTR_WIPHY_DYN_ACK]) {
3632 coverage_class = nla_get_u8(
3633 info->attrs[NL80211_ATTR_WIPHY_COVERAGE_CLASS]);
3634 changed |= WIPHY_PARAM_COVERAGE_CLASS;
3637 if (info->attrs[NL80211_ATTR_WIPHY_DYN_ACK]) {
3638 if (!(rdev->wiphy.features & NL80211_FEATURE_ACKTO_ESTIMATION)) {
3639 result = -EOPNOTSUPP;
3643 changed |= WIPHY_PARAM_DYN_ACK;
3646 if (info->attrs[NL80211_ATTR_TXQ_LIMIT]) {
3647 if (!wiphy_ext_feature_isset(&rdev->wiphy,
3648 NL80211_EXT_FEATURE_TXQS)) {
3649 result = -EOPNOTSUPP;
3652 txq_limit = nla_get_u32(
3653 info->attrs[NL80211_ATTR_TXQ_LIMIT]);
3654 changed |= WIPHY_PARAM_TXQ_LIMIT;
3657 if (info->attrs[NL80211_ATTR_TXQ_MEMORY_LIMIT]) {
3658 if (!wiphy_ext_feature_isset(&rdev->wiphy,
3659 NL80211_EXT_FEATURE_TXQS)) {
3660 result = -EOPNOTSUPP;
3663 txq_memory_limit = nla_get_u32(
3664 info->attrs[NL80211_ATTR_TXQ_MEMORY_LIMIT]);
3665 changed |= WIPHY_PARAM_TXQ_MEMORY_LIMIT;
3668 if (info->attrs[NL80211_ATTR_TXQ_QUANTUM]) {
3669 if (!wiphy_ext_feature_isset(&rdev->wiphy,
3670 NL80211_EXT_FEATURE_TXQS)) {
3671 result = -EOPNOTSUPP;
3674 txq_quantum = nla_get_u32(
3675 info->attrs[NL80211_ATTR_TXQ_QUANTUM]);
3676 changed |= WIPHY_PARAM_TXQ_QUANTUM;
3680 u8 old_retry_short, old_retry_long;
3681 u32 old_frag_threshold, old_rts_threshold;
3682 u8 old_coverage_class;
3683 u32 old_txq_limit, old_txq_memory_limit, old_txq_quantum;
3685 if (!rdev->ops->set_wiphy_params) {
3686 result = -EOPNOTSUPP;
3690 old_retry_short = rdev->wiphy.retry_short;
3691 old_retry_long = rdev->wiphy.retry_long;
3692 old_frag_threshold = rdev->wiphy.frag_threshold;
3693 old_rts_threshold = rdev->wiphy.rts_threshold;
3694 old_coverage_class = rdev->wiphy.coverage_class;
3695 old_txq_limit = rdev->wiphy.txq_limit;
3696 old_txq_memory_limit = rdev->wiphy.txq_memory_limit;
3697 old_txq_quantum = rdev->wiphy.txq_quantum;
3699 if (changed & WIPHY_PARAM_RETRY_SHORT)
3700 rdev->wiphy.retry_short = retry_short;
3701 if (changed & WIPHY_PARAM_RETRY_LONG)
3702 rdev->wiphy.retry_long = retry_long;
3703 if (changed & WIPHY_PARAM_FRAG_THRESHOLD)
3704 rdev->wiphy.frag_threshold = frag_threshold;
3705 if (changed & WIPHY_PARAM_RTS_THRESHOLD)
3706 rdev->wiphy.rts_threshold = rts_threshold;
3707 if (changed & WIPHY_PARAM_COVERAGE_CLASS)
3708 rdev->wiphy.coverage_class = coverage_class;
3709 if (changed & WIPHY_PARAM_TXQ_LIMIT)
3710 rdev->wiphy.txq_limit = txq_limit;
3711 if (changed & WIPHY_PARAM_TXQ_MEMORY_LIMIT)
3712 rdev->wiphy.txq_memory_limit = txq_memory_limit;
3713 if (changed & WIPHY_PARAM_TXQ_QUANTUM)
3714 rdev->wiphy.txq_quantum = txq_quantum;
3716 result = rdev_set_wiphy_params(rdev, changed);
3718 rdev->wiphy.retry_short = old_retry_short;
3719 rdev->wiphy.retry_long = old_retry_long;
3720 rdev->wiphy.frag_threshold = old_frag_threshold;
3721 rdev->wiphy.rts_threshold = old_rts_threshold;
3722 rdev->wiphy.coverage_class = old_coverage_class;
3723 rdev->wiphy.txq_limit = old_txq_limit;
3724 rdev->wiphy.txq_memory_limit = old_txq_memory_limit;
3725 rdev->wiphy.txq_quantum = old_txq_quantum;
3733 wiphy_unlock(&rdev->wiphy);
3737 static int nl80211_send_chandef(struct sk_buff *msg,
3738 const struct cfg80211_chan_def *chandef)
3740 if (WARN_ON(!cfg80211_chandef_valid(chandef)))
3743 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ,
3744 chandef->chan->center_freq))
3746 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ_OFFSET,
3747 chandef->chan->freq_offset))
3749 switch (chandef->width) {
3750 case NL80211_CHAN_WIDTH_20_NOHT:
3751 case NL80211_CHAN_WIDTH_20:
3752 case NL80211_CHAN_WIDTH_40:
3753 if (nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
3754 cfg80211_get_chandef_type(chandef)))
3760 if (nla_put_u32(msg, NL80211_ATTR_CHANNEL_WIDTH, chandef->width))
3762 if (nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ1, chandef->center_freq1))
3764 if (chandef->center_freq2 &&
3765 nla_put_u32(msg, NL80211_ATTR_CENTER_FREQ2, chandef->center_freq2))
3770 static int nl80211_send_iface(struct sk_buff *msg, u32 portid, u32 seq, int flags,
3771 struct cfg80211_registered_device *rdev,
3772 struct wireless_dev *wdev,
3773 enum nl80211_commands cmd)
3775 struct net_device *dev = wdev->netdev;
3778 WARN_ON(cmd != NL80211_CMD_NEW_INTERFACE &&
3779 cmd != NL80211_CMD_DEL_INTERFACE &&
3780 cmd != NL80211_CMD_SET_INTERFACE);
3782 hdr = nl80211hdr_put(msg, portid, seq, flags, cmd);
3787 (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
3788 nla_put_string(msg, NL80211_ATTR_IFNAME, dev->name)))
3789 goto nla_put_failure;
3791 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
3792 nla_put_u32(msg, NL80211_ATTR_IFTYPE, wdev->iftype) ||
3793 nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
3794 NL80211_ATTR_PAD) ||
3795 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, wdev_address(wdev)) ||
3796 nla_put_u32(msg, NL80211_ATTR_GENERATION,
3797 rdev->devlist_generation ^
3798 (cfg80211_rdev_list_generation << 2)) ||
3799 nla_put_u8(msg, NL80211_ATTR_4ADDR, wdev->use_4addr))
3800 goto nla_put_failure;
3802 if (rdev->ops->get_channel && !wdev->valid_links) {
3803 struct cfg80211_chan_def chandef = {};
3806 ret = rdev_get_channel(rdev, wdev, 0, &chandef);
3807 if (ret == 0 && nl80211_send_chandef(msg, &chandef))
3808 goto nla_put_failure;
3811 if (rdev->ops->get_tx_power) {
3814 ret = rdev_get_tx_power(rdev, wdev, &dbm);
3816 nla_put_u32(msg, NL80211_ATTR_WIPHY_TX_POWER_LEVEL,
3818 goto nla_put_failure;
3822 switch (wdev->iftype) {
3823 case NL80211_IFTYPE_AP:
3824 case NL80211_IFTYPE_P2P_GO:
3825 if (wdev->u.ap.ssid_len &&
3826 nla_put(msg, NL80211_ATTR_SSID, wdev->u.ap.ssid_len,
3828 goto nla_put_failure_locked;
3830 case NL80211_IFTYPE_STATION:
3831 case NL80211_IFTYPE_P2P_CLIENT:
3832 if (wdev->u.client.ssid_len &&
3833 nla_put(msg, NL80211_ATTR_SSID, wdev->u.client.ssid_len,
3834 wdev->u.client.ssid))
3835 goto nla_put_failure_locked;
3837 case NL80211_IFTYPE_ADHOC:
3838 if (wdev->u.ibss.ssid_len &&
3839 nla_put(msg, NL80211_ATTR_SSID, wdev->u.ibss.ssid_len,
3841 goto nla_put_failure_locked;
3849 if (rdev->ops->get_txq_stats) {
3850 struct cfg80211_txq_stats txqstats = {};
3851 int ret = rdev_get_txq_stats(rdev, wdev, &txqstats);
3854 !nl80211_put_txq_stats(msg, &txqstats,
3855 NL80211_ATTR_TXQ_STATS))
3856 goto nla_put_failure;
3859 if (wdev->valid_links) {
3860 unsigned int link_id;
3861 struct nlattr *links = nla_nest_start(msg,
3862 NL80211_ATTR_MLO_LINKS);
3865 goto nla_put_failure;
3867 for_each_valid_link(wdev, link_id) {
3868 struct nlattr *link = nla_nest_start(msg, link_id + 1);
3869 struct cfg80211_chan_def chandef = {};
3873 goto nla_put_failure;
3875 if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id))
3876 goto nla_put_failure;
3877 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN,
3878 wdev->links[link_id].addr))
3879 goto nla_put_failure;
3881 ret = rdev_get_channel(rdev, wdev, link_id, &chandef);
3882 if (ret == 0 && nl80211_send_chandef(msg, &chandef))
3883 goto nla_put_failure;
3885 nla_nest_end(msg, link);
3888 nla_nest_end(msg, links);
3891 genlmsg_end(msg, hdr);
3894 nla_put_failure_locked:
3897 genlmsg_cancel(msg, hdr);
3901 static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback *cb)
3905 int wp_start = cb->args[0];
3906 int if_start = cb->args[1];
3907 int filter_wiphy = -1;
3908 struct cfg80211_registered_device *rdev;
3909 struct wireless_dev *wdev;
3914 struct nl80211_dump_wiphy_state state = {
3918 ret = nl80211_dump_wiphy_parse(skb, cb, &state);
3922 filter_wiphy = state.filter_wiphy;
3925 * if filtering, set cb->args[2] to +1 since 0 is the default
3926 * value needed to determine that parsing is necessary.
3928 if (filter_wiphy >= 0)
3929 cb->args[2] = filter_wiphy + 1;
3932 } else if (cb->args[2] > 0) {
3933 filter_wiphy = cb->args[2] - 1;
3936 list_for_each_entry(rdev, &cfg80211_rdev_list, list) {
3937 if (!net_eq(wiphy_net(&rdev->wiphy), sock_net(skb->sk)))
3939 if (wp_idx < wp_start) {
3944 if (filter_wiphy >= 0 && filter_wiphy != rdev->wiphy_idx)
3949 list_for_each_entry(wdev, &rdev->wiphy.wdev_list, list) {
3950 if (if_idx < if_start) {
3954 if (nl80211_send_iface(skb, NETLINK_CB(cb->skb).portid,
3955 cb->nlh->nlmsg_seq, NLM_F_MULTI,
3957 NL80211_CMD_NEW_INTERFACE) < 0) {
3967 cb->args[0] = wp_idx;
3968 cb->args[1] = if_idx;
3977 static int nl80211_get_interface(struct sk_buff *skb, struct genl_info *info)
3979 struct sk_buff *msg;
3980 struct cfg80211_registered_device *rdev = info->user_ptr[0];
3981 struct wireless_dev *wdev = info->user_ptr[1];
3983 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
3987 if (nl80211_send_iface(msg, info->snd_portid, info->snd_seq, 0,
3988 rdev, wdev, NL80211_CMD_NEW_INTERFACE) < 0) {
3993 return genlmsg_reply(msg, info);
3996 static const struct nla_policy mntr_flags_policy[NL80211_MNTR_FLAG_MAX + 1] = {
3997 [NL80211_MNTR_FLAG_FCSFAIL] = { .type = NLA_FLAG },
3998 [NL80211_MNTR_FLAG_PLCPFAIL] = { .type = NLA_FLAG },
3999 [NL80211_MNTR_FLAG_CONTROL] = { .type = NLA_FLAG },
4000 [NL80211_MNTR_FLAG_OTHER_BSS] = { .type = NLA_FLAG },
4001 [NL80211_MNTR_FLAG_COOK_FRAMES] = { .type = NLA_FLAG },
4002 [NL80211_MNTR_FLAG_ACTIVE] = { .type = NLA_FLAG },
4005 static int parse_monitor_flags(struct nlattr *nla, u32 *mntrflags)
4007 struct nlattr *flags[NL80211_MNTR_FLAG_MAX + 1];
4015 if (nla_parse_nested_deprecated(flags, NL80211_MNTR_FLAG_MAX, nla, mntr_flags_policy, NULL))
4018 for (flag = 1; flag <= NL80211_MNTR_FLAG_MAX; flag++)
4020 *mntrflags |= (1<<flag);
4022 *mntrflags |= MONITOR_FLAG_CHANGED;
4027 static int nl80211_parse_mon_options(struct cfg80211_registered_device *rdev,
4028 enum nl80211_iftype type,
4029 struct genl_info *info,
4030 struct vif_params *params)
4032 bool change = false;
4035 if (info->attrs[NL80211_ATTR_MNTR_FLAGS]) {
4036 if (type != NL80211_IFTYPE_MONITOR)
4039 err = parse_monitor_flags(info->attrs[NL80211_ATTR_MNTR_FLAGS],
4047 if (params->flags & MONITOR_FLAG_ACTIVE &&
4048 !(rdev->wiphy.features & NL80211_FEATURE_ACTIVE_MONITOR))
4051 if (info->attrs[NL80211_ATTR_MU_MIMO_GROUP_DATA]) {
4052 const u8 *mumimo_groups;
4053 u32 cap_flag = NL80211_EXT_FEATURE_MU_MIMO_AIR_SNIFFER;
4055 if (type != NL80211_IFTYPE_MONITOR)
4058 if (!wiphy_ext_feature_isset(&rdev->wiphy, cap_flag))
4062 nla_data(info->attrs[NL80211_ATTR_MU_MIMO_GROUP_DATA]);
4064 /* bits 0 and 63 are reserved and must be zero */
4065 if ((mumimo_groups[0] & BIT(0)) ||
4066 (mumimo_groups[VHT_MUMIMO_GROUPS_DATA_LEN - 1] & BIT(7)))
4069 params->vht_mumimo_groups = mumimo_groups;
4073 if (info->attrs[NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR]) {
4074 u32 cap_flag = NL80211_EXT_FEATURE_MU_MIMO_AIR_SNIFFER;
4076 if (type != NL80211_IFTYPE_MONITOR)
4079 if (!wiphy_ext_feature_isset(&rdev->wiphy, cap_flag))
4082 params->vht_mumimo_follow_addr =
4083 nla_data(info->attrs[NL80211_ATTR_MU_MIMO_FOLLOW_MAC_ADDR]);
4087 return change ? 1 : 0;
4090 static int nl80211_valid_4addr(struct cfg80211_registered_device *rdev,
4091 struct net_device *netdev, u8 use_4addr,
4092 enum nl80211_iftype iftype)
4095 if (netdev && netif_is_bridge_port(netdev))
4101 case NL80211_IFTYPE_AP_VLAN:
4102 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_AP)
4105 case NL80211_IFTYPE_STATION:
4106 if (rdev->wiphy.flags & WIPHY_FLAG_4ADDR_STATION)
4116 static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
4118 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4119 struct vif_params params;
4121 enum nl80211_iftype otype, ntype;
4122 struct net_device *dev = info->user_ptr[1];
4123 bool change = false;
4125 memset(¶ms, 0, sizeof(params));
4127 otype = ntype = dev->ieee80211_ptr->iftype;
4129 if (info->attrs[NL80211_ATTR_IFTYPE]) {
4130 ntype = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]);
4135 if (info->attrs[NL80211_ATTR_MESH_ID]) {
4136 struct wireless_dev *wdev = dev->ieee80211_ptr;
4138 if (ntype != NL80211_IFTYPE_MESH_POINT)
4140 if (otype != NL80211_IFTYPE_MESH_POINT)
4142 if (netif_running(dev))
4146 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN !=
4147 IEEE80211_MAX_MESH_ID_LEN);
4148 wdev->u.mesh.id_up_len =
4149 nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
4150 memcpy(wdev->u.mesh.id,
4151 nla_data(info->attrs[NL80211_ATTR_MESH_ID]),
4152 wdev->u.mesh.id_up_len);
4156 if (info->attrs[NL80211_ATTR_4ADDR]) {
4157 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]);
4159 err = nl80211_valid_4addr(rdev, dev, params.use_4addr, ntype);
4163 params.use_4addr = -1;
4166 err = nl80211_parse_mon_options(rdev, ntype, info, ¶ms);
4173 err = cfg80211_change_iface(rdev, dev, ntype, ¶ms);
4177 if (!err && params.use_4addr != -1)
4178 dev->ieee80211_ptr->use_4addr = params.use_4addr;
4180 if (change && !err) {
4181 struct wireless_dev *wdev = dev->ieee80211_ptr;
4183 nl80211_notify_iface(rdev, wdev, NL80211_CMD_SET_INTERFACE);
4189 static int _nl80211_new_interface(struct sk_buff *skb, struct genl_info *info)
4191 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4192 struct vif_params params;
4193 struct wireless_dev *wdev;
4194 struct sk_buff *msg;
4196 enum nl80211_iftype type = NL80211_IFTYPE_UNSPECIFIED;
4198 memset(¶ms, 0, sizeof(params));
4200 if (!info->attrs[NL80211_ATTR_IFNAME])
4203 if (info->attrs[NL80211_ATTR_IFTYPE])
4204 type = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]);
4206 if (!rdev->ops->add_virtual_intf)
4209 if ((type == NL80211_IFTYPE_P2P_DEVICE || type == NL80211_IFTYPE_NAN ||
4210 rdev->wiphy.features & NL80211_FEATURE_MAC_ON_CREATE) &&
4211 info->attrs[NL80211_ATTR_MAC]) {
4212 nla_memcpy(params.macaddr, info->attrs[NL80211_ATTR_MAC],
4214 if (!is_valid_ether_addr(params.macaddr))
4215 return -EADDRNOTAVAIL;
4218 if (info->attrs[NL80211_ATTR_4ADDR]) {
4219 params.use_4addr = !!nla_get_u8(info->attrs[NL80211_ATTR_4ADDR]);
4220 err = nl80211_valid_4addr(rdev, NULL, params.use_4addr, type);
4225 if (!cfg80211_iftype_allowed(&rdev->wiphy, type, params.use_4addr, 0))
4228 err = nl80211_parse_mon_options(rdev, type, info, ¶ms);
4232 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
4236 wdev = rdev_add_virtual_intf(rdev,
4237 nla_data(info->attrs[NL80211_ATTR_IFNAME]),
4238 NET_NAME_USER, type, ¶ms);
4239 if (WARN_ON(!wdev)) {
4242 } else if (IS_ERR(wdev)) {
4244 return PTR_ERR(wdev);
4247 if (info->attrs[NL80211_ATTR_SOCKET_OWNER])
4248 wdev->owner_nlportid = info->snd_portid;
4251 case NL80211_IFTYPE_MESH_POINT:
4252 if (!info->attrs[NL80211_ATTR_MESH_ID])
4255 BUILD_BUG_ON(IEEE80211_MAX_SSID_LEN !=
4256 IEEE80211_MAX_MESH_ID_LEN);
4257 wdev->u.mesh.id_up_len =
4258 nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
4259 memcpy(wdev->u.mesh.id,
4260 nla_data(info->attrs[NL80211_ATTR_MESH_ID]),
4261 wdev->u.mesh.id_up_len);
4264 case NL80211_IFTYPE_NAN:
4265 case NL80211_IFTYPE_P2P_DEVICE:
4267 * P2P Device and NAN do not have a netdev, so don't go
4268 * through the netdev notifier and must be added here
4270 cfg80211_init_wdev(wdev);
4271 cfg80211_register_wdev(rdev, wdev);
4277 if (nl80211_send_iface(msg, info->snd_portid, info->snd_seq, 0,
4278 rdev, wdev, NL80211_CMD_NEW_INTERFACE) < 0) {
4283 return genlmsg_reply(msg, info);
4286 static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info)
4288 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4291 /* to avoid failing a new interface creation due to pending removal */
4292 cfg80211_destroy_ifaces(rdev);
4294 wiphy_lock(&rdev->wiphy);
4295 ret = _nl80211_new_interface(skb, info);
4296 wiphy_unlock(&rdev->wiphy);
4301 static int nl80211_del_interface(struct sk_buff *skb, struct genl_info *info)
4303 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4304 struct wireless_dev *wdev = info->user_ptr[1];
4306 if (!rdev->ops->del_virtual_intf)
4310 * We hold RTNL, so this is safe, without RTNL opencount cannot
4311 * reach 0, and thus the rdev cannot be deleted.
4313 * We need to do it for the dev_close(), since that will call
4314 * the netdev notifiers, and we need to acquire the mutex there
4315 * but don't know if we get there from here or from some other
4316 * place (e.g. "ip link set ... down").
4318 mutex_unlock(&rdev->wiphy.mtx);
4321 * If we remove a wireless device without a netdev then clear
4322 * user_ptr[1] so that nl80211_post_doit won't dereference it
4323 * to check if it needs to do dev_put(). Otherwise it crashes
4324 * since the wdev has been freed, unlike with a netdev where
4325 * we need the dev_put() for the netdev to really be freed.
4328 info->user_ptr[1] = NULL;
4330 dev_close(wdev->netdev);
4332 mutex_lock(&rdev->wiphy.mtx);
4334 return cfg80211_remove_virtual_intf(rdev, wdev);
4337 static int nl80211_set_noack_map(struct sk_buff *skb, struct genl_info *info)
4339 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4340 struct net_device *dev = info->user_ptr[1];
4343 if (!info->attrs[NL80211_ATTR_NOACK_MAP])
4346 if (!rdev->ops->set_noack_map)
4349 noack_map = nla_get_u16(info->attrs[NL80211_ATTR_NOACK_MAP]);
4351 return rdev_set_noack_map(rdev, dev, noack_map);
4354 static int nl80211_validate_key_link_id(struct genl_info *info,
4355 struct wireless_dev *wdev,
4356 int link_id, bool pairwise)
4359 if (link_id != -1) {
4360 GENL_SET_ERR_MSG(info,
4361 "link ID not allowed for pairwise key");
4368 if (wdev->valid_links) {
4369 if (link_id == -1) {
4370 GENL_SET_ERR_MSG(info,
4371 "link ID must for MLO group key");
4374 if (!(wdev->valid_links & BIT(link_id))) {
4375 GENL_SET_ERR_MSG(info, "invalid link ID for MLO group key");
4378 } else if (link_id != -1) {
4379 GENL_SET_ERR_MSG(info, "link ID not allowed for non-MLO group key");
4386 struct get_key_cookie {
4387 struct sk_buff *msg;
4392 static void get_key_callback(void *c, struct key_params *params)
4395 struct get_key_cookie *cookie = c;
4398 nla_put(cookie->msg, NL80211_ATTR_KEY_DATA,
4399 params->key_len, params->key)) ||
4401 nla_put(cookie->msg, NL80211_ATTR_KEY_SEQ,
4402 params->seq_len, params->seq)) ||
4404 nla_put_u32(cookie->msg, NL80211_ATTR_KEY_CIPHER,
4406 goto nla_put_failure;
4408 key = nla_nest_start_noflag(cookie->msg, NL80211_ATTR_KEY);
4410 goto nla_put_failure;
4413 nla_put(cookie->msg, NL80211_KEY_DATA,
4414 params->key_len, params->key)) ||
4416 nla_put(cookie->msg, NL80211_KEY_SEQ,
4417 params->seq_len, params->seq)) ||
4419 nla_put_u32(cookie->msg, NL80211_KEY_CIPHER,
4421 goto nla_put_failure;
4423 if (nla_put_u8(cookie->msg, NL80211_KEY_IDX, cookie->idx))
4424 goto nla_put_failure;
4426 nla_nest_end(cookie->msg, key);
4433 static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info)
4435 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4437 struct net_device *dev = info->user_ptr[1];
4439 const u8 *mac_addr = NULL;
4441 struct get_key_cookie cookie = {
4445 struct sk_buff *msg;
4446 bool bigtk_support = false;
4447 int link_id = nl80211_link_id_or_invalid(info->attrs);
4448 struct wireless_dev *wdev = dev->ieee80211_ptr;
4450 if (wiphy_ext_feature_isset(&rdev->wiphy,
4451 NL80211_EXT_FEATURE_BEACON_PROTECTION))
4452 bigtk_support = true;
4454 if ((wdev->iftype == NL80211_IFTYPE_STATION ||
4455 wdev->iftype == NL80211_IFTYPE_P2P_CLIENT) &&
4456 wiphy_ext_feature_isset(&rdev->wiphy,
4457 NL80211_EXT_FEATURE_BEACON_PROTECTION_CLIENT))
4458 bigtk_support = true;
4460 if (info->attrs[NL80211_ATTR_KEY_IDX]) {
4461 key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);
4463 if (key_idx >= 6 && key_idx <= 7 && !bigtk_support) {
4464 GENL_SET_ERR_MSG(info, "BIGTK not supported");
4469 if (info->attrs[NL80211_ATTR_MAC])
4470 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
4472 pairwise = !!mac_addr;
4473 if (info->attrs[NL80211_ATTR_KEY_TYPE]) {
4474 u32 kt = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]);
4476 if (kt != NL80211_KEYTYPE_GROUP &&
4477 kt != NL80211_KEYTYPE_PAIRWISE)
4479 pairwise = kt == NL80211_KEYTYPE_PAIRWISE;
4482 if (!rdev->ops->get_key)
4485 if (!pairwise && mac_addr && !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN))
4488 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
4492 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
4493 NL80211_CMD_NEW_KEY);
4495 goto nla_put_failure;
4498 cookie.idx = key_idx;
4500 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
4501 nla_put_u8(msg, NL80211_ATTR_KEY_IDX, key_idx))
4502 goto nla_put_failure;
4504 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr))
4505 goto nla_put_failure;
4507 err = nl80211_validate_key_link_id(info, wdev, link_id, pairwise);
4511 err = rdev_get_key(rdev, dev, link_id, key_idx, pairwise, mac_addr,
4512 &cookie, get_key_callback);
4518 goto nla_put_failure;
4520 genlmsg_end(msg, hdr);
4521 return genlmsg_reply(msg, info);
4530 static int nl80211_set_key(struct sk_buff *skb, struct genl_info *info)
4532 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4533 struct key_parse key;
4535 struct net_device *dev = info->user_ptr[1];
4536 int link_id = nl80211_link_id_or_invalid(info->attrs);
4537 struct wireless_dev *wdev = dev->ieee80211_ptr;
4539 err = nl80211_parse_key(info, &key);
4546 /* Only support setting default key and
4547 * Extended Key ID action NL80211_KEY_SET_TX.
4549 if (!key.def && !key.defmgmt && !key.defbeacon &&
4550 !(key.p.mode == NL80211_KEY_SET_TX))
4556 if (!rdev->ops->set_default_key) {
4561 err = nl80211_key_allowed(wdev);
4565 err = nl80211_validate_key_link_id(info, wdev, link_id, false);
4569 err = rdev_set_default_key(rdev, dev, link_id, key.idx,
4570 key.def_uni, key.def_multi);
4575 #ifdef CONFIG_CFG80211_WEXT
4576 wdev->wext.default_key = key.idx;
4578 } else if (key.defmgmt) {
4579 if (key.def_uni || !key.def_multi) {
4584 if (!rdev->ops->set_default_mgmt_key) {
4589 err = nl80211_key_allowed(wdev);
4593 err = nl80211_validate_key_link_id(info, wdev, link_id, false);
4597 err = rdev_set_default_mgmt_key(rdev, dev, link_id, key.idx);
4601 #ifdef CONFIG_CFG80211_WEXT
4602 wdev->wext.default_mgmt_key = key.idx;
4604 } else if (key.defbeacon) {
4605 if (key.def_uni || !key.def_multi) {
4610 if (!rdev->ops->set_default_beacon_key) {
4615 err = nl80211_key_allowed(wdev);
4619 err = nl80211_validate_key_link_id(info, wdev, link_id, false);
4623 err = rdev_set_default_beacon_key(rdev, dev, link_id, key.idx);
4626 } else if (key.p.mode == NL80211_KEY_SET_TX &&
4627 wiphy_ext_feature_isset(&rdev->wiphy,
4628 NL80211_EXT_FEATURE_EXT_KEY_ID)) {
4629 u8 *mac_addr = NULL;
4631 if (info->attrs[NL80211_ATTR_MAC])
4632 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
4634 if (!mac_addr || key.idx < 0 || key.idx > 1) {
4639 err = nl80211_validate_key_link_id(info, wdev, link_id, true);
4643 err = rdev_add_key(rdev, dev, link_id, key.idx,
4644 NL80211_KEYTYPE_PAIRWISE,
4655 static int nl80211_new_key(struct sk_buff *skb, struct genl_info *info)
4657 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4659 struct net_device *dev = info->user_ptr[1];
4660 struct key_parse key;
4661 const u8 *mac_addr = NULL;
4662 int link_id = nl80211_link_id_or_invalid(info->attrs);
4663 struct wireless_dev *wdev = dev->ieee80211_ptr;
4665 err = nl80211_parse_key(info, &key);
4670 GENL_SET_ERR_MSG(info, "no key");
4674 if (info->attrs[NL80211_ATTR_MAC])
4675 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
4677 if (key.type == -1) {
4679 key.type = NL80211_KEYTYPE_PAIRWISE;
4681 key.type = NL80211_KEYTYPE_GROUP;
4685 if (key.type != NL80211_KEYTYPE_PAIRWISE &&
4686 key.type != NL80211_KEYTYPE_GROUP) {
4687 GENL_SET_ERR_MSG(info, "key type not pairwise or group");
4691 if (key.type == NL80211_KEYTYPE_GROUP &&
4692 info->attrs[NL80211_ATTR_VLAN_ID])
4693 key.p.vlan_id = nla_get_u16(info->attrs[NL80211_ATTR_VLAN_ID]);
4695 if (!rdev->ops->add_key)
4698 if (cfg80211_validate_key_settings(rdev, &key.p, key.idx,
4699 key.type == NL80211_KEYTYPE_PAIRWISE,
4701 GENL_SET_ERR_MSG(info, "key setting validation failed");
4706 err = nl80211_key_allowed(wdev);
4708 GENL_SET_ERR_MSG(info, "key not allowed");
4711 err = nl80211_validate_key_link_id(info, wdev, link_id,
4712 key.type == NL80211_KEYTYPE_PAIRWISE);
4715 err = rdev_add_key(rdev, dev, link_id, key.idx,
4716 key.type == NL80211_KEYTYPE_PAIRWISE,
4719 GENL_SET_ERR_MSG(info, "key addition failed");
4726 static int nl80211_del_key(struct sk_buff *skb, struct genl_info *info)
4728 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4730 struct net_device *dev = info->user_ptr[1];
4731 u8 *mac_addr = NULL;
4732 struct key_parse key;
4733 int link_id = nl80211_link_id_or_invalid(info->attrs);
4734 struct wireless_dev *wdev = dev->ieee80211_ptr;
4736 err = nl80211_parse_key(info, &key);
4740 if (info->attrs[NL80211_ATTR_MAC])
4741 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
4743 if (key.type == -1) {
4745 key.type = NL80211_KEYTYPE_PAIRWISE;
4747 key.type = NL80211_KEYTYPE_GROUP;
4751 if (key.type != NL80211_KEYTYPE_PAIRWISE &&
4752 key.type != NL80211_KEYTYPE_GROUP)
4755 if (!cfg80211_valid_key_idx(rdev, key.idx,
4756 key.type == NL80211_KEYTYPE_PAIRWISE))
4759 if (!rdev->ops->del_key)
4763 err = nl80211_key_allowed(wdev);
4765 if (key.type == NL80211_KEYTYPE_GROUP && mac_addr &&
4766 !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN))
4770 err = nl80211_validate_key_link_id(info, wdev, link_id,
4771 key.type == NL80211_KEYTYPE_PAIRWISE);
4774 err = rdev_del_key(rdev, dev, link_id, key.idx,
4775 key.type == NL80211_KEYTYPE_PAIRWISE,
4778 #ifdef CONFIG_CFG80211_WEXT
4780 if (key.idx == wdev->wext.default_key)
4781 wdev->wext.default_key = -1;
4782 else if (key.idx == wdev->wext.default_mgmt_key)
4783 wdev->wext.default_mgmt_key = -1;
4791 /* This function returns an error or the number of nested attributes */
4792 static int validate_acl_mac_addrs(struct nlattr *nl_attr)
4794 struct nlattr *attr;
4795 int n_entries = 0, tmp;
4797 nla_for_each_nested(attr, nl_attr, tmp) {
4798 if (nla_len(attr) != ETH_ALEN)
4808 * This function parses ACL information and allocates memory for ACL data.
4809 * On successful return, the calling function is responsible to free the
4810 * ACL buffer returned by this function.
4812 static struct cfg80211_acl_data *parse_acl_data(struct wiphy *wiphy,
4813 struct genl_info *info)
4815 enum nl80211_acl_policy acl_policy;
4816 struct nlattr *attr;
4817 struct cfg80211_acl_data *acl;
4818 int i = 0, n_entries, tmp;
4820 if (!wiphy->max_acl_mac_addrs)
4821 return ERR_PTR(-EOPNOTSUPP);
4823 if (!info->attrs[NL80211_ATTR_ACL_POLICY])
4824 return ERR_PTR(-EINVAL);
4826 acl_policy = nla_get_u32(info->attrs[NL80211_ATTR_ACL_POLICY]);
4827 if (acl_policy != NL80211_ACL_POLICY_ACCEPT_UNLESS_LISTED &&
4828 acl_policy != NL80211_ACL_POLICY_DENY_UNLESS_LISTED)
4829 return ERR_PTR(-EINVAL);
4831 if (!info->attrs[NL80211_ATTR_MAC_ADDRS])
4832 return ERR_PTR(-EINVAL);
4834 n_entries = validate_acl_mac_addrs(info->attrs[NL80211_ATTR_MAC_ADDRS]);
4836 return ERR_PTR(n_entries);
4838 if (n_entries > wiphy->max_acl_mac_addrs)
4839 return ERR_PTR(-ENOTSUPP);
4841 acl = kzalloc(struct_size(acl, mac_addrs, n_entries), GFP_KERNEL);
4843 return ERR_PTR(-ENOMEM);
4845 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_MAC_ADDRS], tmp) {
4846 memcpy(acl->mac_addrs[i].addr, nla_data(attr), ETH_ALEN);
4850 acl->n_acl_entries = n_entries;
4851 acl->acl_policy = acl_policy;
4856 static int nl80211_set_mac_acl(struct sk_buff *skb, struct genl_info *info)
4858 struct cfg80211_registered_device *rdev = info->user_ptr[0];
4859 struct net_device *dev = info->user_ptr[1];
4860 struct cfg80211_acl_data *acl;
4863 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
4864 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
4867 if (!dev->ieee80211_ptr->links[0].ap.beacon_interval)
4870 acl = parse_acl_data(&rdev->wiphy, info);
4872 return PTR_ERR(acl);
4874 err = rdev_set_mac_acl(rdev, dev, acl);
4881 static u32 rateset_to_mask(struct ieee80211_supported_band *sband,
4882 u8 *rates, u8 rates_len)
4887 for (i = 0; i < rates_len; i++) {
4888 int rate = (rates[i] & 0x7f) * 5;
4891 for (ridx = 0; ridx < sband->n_bitrates; ridx++) {
4892 struct ieee80211_rate *srate =
4893 &sband->bitrates[ridx];
4894 if (rate == srate->bitrate) {
4899 if (ridx == sband->n_bitrates)
4900 return 0; /* rate not found */
4906 static bool ht_rateset_to_mask(struct ieee80211_supported_band *sband,
4907 u8 *rates, u8 rates_len,
4908 u8 mcs[IEEE80211_HT_MCS_MASK_LEN])
4912 memset(mcs, 0, IEEE80211_HT_MCS_MASK_LEN);
4914 for (i = 0; i < rates_len; i++) {
4917 ridx = rates[i] / 8;
4918 rbit = BIT(rates[i] % 8);
4920 /* check validity */
4921 if ((ridx < 0) || (ridx >= IEEE80211_HT_MCS_MASK_LEN))
4924 /* check availability */
4925 ridx = array_index_nospec(ridx, IEEE80211_HT_MCS_MASK_LEN);
4926 if (sband->ht_cap.mcs.rx_mask[ridx] & rbit)
4935 static u16 vht_mcs_map_to_mcs_mask(u8 vht_mcs_map)
4939 switch (vht_mcs_map) {
4940 case IEEE80211_VHT_MCS_NOT_SUPPORTED:
4942 case IEEE80211_VHT_MCS_SUPPORT_0_7:
4945 case IEEE80211_VHT_MCS_SUPPORT_0_8:
4948 case IEEE80211_VHT_MCS_SUPPORT_0_9:
4958 static void vht_build_mcs_mask(u16 vht_mcs_map,
4959 u16 vht_mcs_mask[NL80211_VHT_NSS_MAX])
4963 for (nss = 0; nss < NL80211_VHT_NSS_MAX; nss++) {
4964 vht_mcs_mask[nss] = vht_mcs_map_to_mcs_mask(vht_mcs_map & 0x03);
4969 static bool vht_set_mcs_mask(struct ieee80211_supported_band *sband,
4970 struct nl80211_txrate_vht *txrate,
4971 u16 mcs[NL80211_VHT_NSS_MAX])
4973 u16 tx_mcs_map = le16_to_cpu(sband->vht_cap.vht_mcs.tx_mcs_map);
4974 u16 tx_mcs_mask[NL80211_VHT_NSS_MAX] = {};
4977 if (!sband->vht_cap.vht_supported)
4980 memset(mcs, 0, sizeof(u16) * NL80211_VHT_NSS_MAX);
4982 /* Build vht_mcs_mask from VHT capabilities */
4983 vht_build_mcs_mask(tx_mcs_map, tx_mcs_mask);
4985 for (i = 0; i < NL80211_VHT_NSS_MAX; i++) {
4986 if ((tx_mcs_mask[i] & txrate->mcs[i]) == txrate->mcs[i])
4987 mcs[i] = txrate->mcs[i];
4995 static u16 he_mcs_map_to_mcs_mask(u8 he_mcs_map)
4997 switch (he_mcs_map) {
4998 case IEEE80211_HE_MCS_NOT_SUPPORTED:
5000 case IEEE80211_HE_MCS_SUPPORT_0_7:
5002 case IEEE80211_HE_MCS_SUPPORT_0_9:
5004 case IEEE80211_HE_MCS_SUPPORT_0_11:
5012 static void he_build_mcs_mask(u16 he_mcs_map,
5013 u16 he_mcs_mask[NL80211_HE_NSS_MAX])
5017 for (nss = 0; nss < NL80211_HE_NSS_MAX; nss++) {
5018 he_mcs_mask[nss] = he_mcs_map_to_mcs_mask(he_mcs_map & 0x03);
5023 static u16 he_get_txmcsmap(struct genl_info *info, unsigned int link_id,
5024 const struct ieee80211_sta_he_cap *he_cap)
5026 struct net_device *dev = info->user_ptr[1];
5027 struct wireless_dev *wdev = dev->ieee80211_ptr;
5028 struct cfg80211_chan_def *chandef;
5031 chandef = wdev_chandef(wdev, link_id);
5034 * This is probably broken, but we never maintained
5035 * a chandef in these cases, so it always was.
5037 return le16_to_cpu(he_cap->he_mcs_nss_supp.tx_mcs_80);
5040 switch (chandef->width) {
5041 case NL80211_CHAN_WIDTH_80P80:
5042 tx_mcs = he_cap->he_mcs_nss_supp.tx_mcs_80p80;
5044 case NL80211_CHAN_WIDTH_160:
5045 tx_mcs = he_cap->he_mcs_nss_supp.tx_mcs_160;
5048 tx_mcs = he_cap->he_mcs_nss_supp.tx_mcs_80;
5052 return le16_to_cpu(tx_mcs);
5055 static bool he_set_mcs_mask(struct genl_info *info,
5056 struct wireless_dev *wdev,
5057 struct ieee80211_supported_band *sband,
5058 struct nl80211_txrate_he *txrate,
5059 u16 mcs[NL80211_HE_NSS_MAX],
5060 unsigned int link_id)
5062 const struct ieee80211_sta_he_cap *he_cap;
5063 u16 tx_mcs_mask[NL80211_HE_NSS_MAX] = {};
5067 he_cap = ieee80211_get_he_iftype_cap(sband, wdev->iftype);
5071 memset(mcs, 0, sizeof(u16) * NL80211_HE_NSS_MAX);
5073 tx_mcs_map = he_get_txmcsmap(info, link_id, he_cap);
5075 /* Build he_mcs_mask from HE capabilities */
5076 he_build_mcs_mask(tx_mcs_map, tx_mcs_mask);
5078 for (i = 0; i < NL80211_HE_NSS_MAX; i++) {
5079 if ((tx_mcs_mask[i] & txrate->mcs[i]) == txrate->mcs[i])
5080 mcs[i] = txrate->mcs[i];
5088 static int nl80211_parse_tx_bitrate_mask(struct genl_info *info,
5089 struct nlattr *attrs[],
5090 enum nl80211_attrs attr,
5091 struct cfg80211_bitrate_mask *mask,
5092 struct net_device *dev,
5093 bool default_all_enabled,
5094 unsigned int link_id)
5096 struct nlattr *tb[NL80211_TXRATE_MAX + 1];
5097 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5098 struct wireless_dev *wdev = dev->ieee80211_ptr;
5100 struct nlattr *tx_rates;
5101 struct ieee80211_supported_band *sband;
5102 u16 vht_tx_mcs_map, he_tx_mcs_map;
5104 memset(mask, 0, sizeof(*mask));
5105 /* Default to all rates enabled */
5106 for (i = 0; i < NUM_NL80211_BANDS; i++) {
5107 const struct ieee80211_sta_he_cap *he_cap;
5109 if (!default_all_enabled)
5112 sband = rdev->wiphy.bands[i];
5117 mask->control[i].legacy = (1 << sband->n_bitrates) - 1;
5118 memcpy(mask->control[i].ht_mcs,
5119 sband->ht_cap.mcs.rx_mask,
5120 sizeof(mask->control[i].ht_mcs));
5122 if (sband->vht_cap.vht_supported) {
5123 vht_tx_mcs_map = le16_to_cpu(sband->vht_cap.vht_mcs.tx_mcs_map);
5124 vht_build_mcs_mask(vht_tx_mcs_map, mask->control[i].vht_mcs);
5127 he_cap = ieee80211_get_he_iftype_cap(sband, wdev->iftype);
5131 he_tx_mcs_map = he_get_txmcsmap(info, link_id, he_cap);
5132 he_build_mcs_mask(he_tx_mcs_map, mask->control[i].he_mcs);
5134 mask->control[i].he_gi = 0xFF;
5135 mask->control[i].he_ltf = 0xFF;
5138 /* if no rates are given set it back to the defaults */
5142 /* The nested attribute uses enum nl80211_band as the index. This maps
5143 * directly to the enum nl80211_band values used in cfg80211.
5145 BUILD_BUG_ON(NL80211_MAX_SUPP_HT_RATES > IEEE80211_HT_MCS_MASK_LEN * 8);
5146 nla_for_each_nested(tx_rates, attrs[attr], rem) {
5147 enum nl80211_band band = nla_type(tx_rates);
5150 if (band < 0 || band >= NUM_NL80211_BANDS)
5152 sband = rdev->wiphy.bands[band];
5155 err = nla_parse_nested_deprecated(tb, NL80211_TXRATE_MAX,
5157 nl80211_txattr_policy,
5161 if (tb[NL80211_TXRATE_LEGACY]) {
5162 mask->control[band].legacy = rateset_to_mask(
5164 nla_data(tb[NL80211_TXRATE_LEGACY]),
5165 nla_len(tb[NL80211_TXRATE_LEGACY]));
5166 if ((mask->control[band].legacy == 0) &&
5167 nla_len(tb[NL80211_TXRATE_LEGACY]))
5170 if (tb[NL80211_TXRATE_HT]) {
5171 if (!ht_rateset_to_mask(
5173 nla_data(tb[NL80211_TXRATE_HT]),
5174 nla_len(tb[NL80211_TXRATE_HT]),
5175 mask->control[band].ht_mcs))
5179 if (tb[NL80211_TXRATE_VHT]) {
5180 if (!vht_set_mcs_mask(
5182 nla_data(tb[NL80211_TXRATE_VHT]),
5183 mask->control[band].vht_mcs))
5187 if (tb[NL80211_TXRATE_GI]) {
5188 mask->control[band].gi =
5189 nla_get_u8(tb[NL80211_TXRATE_GI]);
5190 if (mask->control[band].gi > NL80211_TXRATE_FORCE_LGI)
5193 if (tb[NL80211_TXRATE_HE] &&
5194 !he_set_mcs_mask(info, wdev, sband,
5195 nla_data(tb[NL80211_TXRATE_HE]),
5196 mask->control[band].he_mcs,
5200 if (tb[NL80211_TXRATE_HE_GI])
5201 mask->control[band].he_gi =
5202 nla_get_u8(tb[NL80211_TXRATE_HE_GI]);
5203 if (tb[NL80211_TXRATE_HE_LTF])
5204 mask->control[band].he_ltf =
5205 nla_get_u8(tb[NL80211_TXRATE_HE_LTF]);
5207 if (mask->control[band].legacy == 0) {
5208 /* don't allow empty legacy rates if HT, VHT or HE
5209 * are not even supported.
5211 if (!(rdev->wiphy.bands[band]->ht_cap.ht_supported ||
5212 rdev->wiphy.bands[band]->vht_cap.vht_supported ||
5213 ieee80211_get_he_iftype_cap(sband, wdev->iftype)))
5216 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++)
5217 if (mask->control[band].ht_mcs[i])
5220 for (i = 0; i < NL80211_VHT_NSS_MAX; i++)
5221 if (mask->control[band].vht_mcs[i])
5224 for (i = 0; i < NL80211_HE_NSS_MAX; i++)
5225 if (mask->control[band].he_mcs[i])
5228 /* legacy and mcs rates may not be both empty */
5237 static int validate_beacon_tx_rate(struct cfg80211_registered_device *rdev,
5238 enum nl80211_band band,
5239 struct cfg80211_bitrate_mask *beacon_rate)
5241 u32 count_ht, count_vht, count_he, i;
5242 u32 rate = beacon_rate->control[band].legacy;
5244 /* Allow only one rate */
5245 if (hweight32(rate) > 1)
5249 for (i = 0; i < IEEE80211_HT_MCS_MASK_LEN; i++) {
5250 if (hweight8(beacon_rate->control[band].ht_mcs[i]) > 1) {
5252 } else if (beacon_rate->control[band].ht_mcs[i]) {
5257 if (count_ht && rate)
5262 for (i = 0; i < NL80211_VHT_NSS_MAX; i++) {
5263 if (hweight16(beacon_rate->control[band].vht_mcs[i]) > 1) {
5265 } else if (beacon_rate->control[band].vht_mcs[i]) {
5270 if (count_vht && rate)
5275 for (i = 0; i < NL80211_HE_NSS_MAX; i++) {
5276 if (hweight16(beacon_rate->control[band].he_mcs[i]) > 1) {
5278 } else if (beacon_rate->control[band].he_mcs[i]) {
5283 if (count_he && rate)
5287 if ((count_ht && count_vht && count_he) ||
5288 (!rate && !count_ht && !count_vht && !count_he))
5292 !wiphy_ext_feature_isset(&rdev->wiphy,
5293 NL80211_EXT_FEATURE_BEACON_RATE_LEGACY))
5296 !wiphy_ext_feature_isset(&rdev->wiphy,
5297 NL80211_EXT_FEATURE_BEACON_RATE_HT))
5300 !wiphy_ext_feature_isset(&rdev->wiphy,
5301 NL80211_EXT_FEATURE_BEACON_RATE_VHT))
5304 !wiphy_ext_feature_isset(&rdev->wiphy,
5305 NL80211_EXT_FEATURE_BEACON_RATE_HE))
5311 static int nl80211_parse_mbssid_config(struct wiphy *wiphy,
5312 struct net_device *dev,
5313 struct nlattr *attrs,
5314 struct cfg80211_mbssid_config *config,
5317 struct nlattr *tb[NL80211_MBSSID_CONFIG_ATTR_MAX + 1];
5319 if (!wiphy->mbssid_max_interfaces)
5322 if (nla_parse_nested(tb, NL80211_MBSSID_CONFIG_ATTR_MAX, attrs, NULL,
5324 !tb[NL80211_MBSSID_CONFIG_ATTR_INDEX])
5327 config->ema = nla_get_flag(tb[NL80211_MBSSID_CONFIG_ATTR_EMA]);
5329 if (!wiphy->ema_max_profile_periodicity)
5332 if (num_elems > wiphy->ema_max_profile_periodicity)
5336 config->index = nla_get_u8(tb[NL80211_MBSSID_CONFIG_ATTR_INDEX]);
5337 if (config->index >= wiphy->mbssid_max_interfaces ||
5338 (!config->index && !num_elems))
5341 if (tb[NL80211_MBSSID_CONFIG_ATTR_TX_IFINDEX]) {
5343 nla_get_u32(tb[NL80211_MBSSID_CONFIG_ATTR_TX_IFINDEX]);
5345 if ((!config->index && tx_ifindex != dev->ifindex) ||
5346 (config->index && tx_ifindex == dev->ifindex))
5349 if (tx_ifindex != dev->ifindex) {
5350 struct net_device *tx_netdev =
5351 dev_get_by_index(wiphy_net(wiphy), tx_ifindex);
5353 if (!tx_netdev || !tx_netdev->ieee80211_ptr ||
5354 tx_netdev->ieee80211_ptr->wiphy != wiphy ||
5355 tx_netdev->ieee80211_ptr->iftype !=
5356 NL80211_IFTYPE_AP) {
5361 config->tx_wdev = tx_netdev->ieee80211_ptr;
5363 config->tx_wdev = dev->ieee80211_ptr;
5365 } else if (!config->index) {
5366 config->tx_wdev = dev->ieee80211_ptr;
5374 static struct cfg80211_mbssid_elems *
5375 nl80211_parse_mbssid_elems(struct wiphy *wiphy, struct nlattr *attrs)
5377 struct nlattr *nl_elems;
5378 struct cfg80211_mbssid_elems *elems;
5380 u8 i = 0, num_elems = 0;
5382 if (!wiphy->mbssid_max_interfaces)
5383 return ERR_PTR(-EINVAL);
5385 nla_for_each_nested(nl_elems, attrs, rem_elems) {
5386 if (num_elems >= 255)
5387 return ERR_PTR(-EINVAL);
5391 elems = kzalloc(struct_size(elems, elem, num_elems), GFP_KERNEL);
5393 return ERR_PTR(-ENOMEM);
5395 nla_for_each_nested(nl_elems, attrs, rem_elems) {
5396 elems->elem[i].data = nla_data(nl_elems);
5397 elems->elem[i].len = nla_len(nl_elems);
5400 elems->cnt = num_elems;
5404 static int nl80211_parse_he_bss_color(struct nlattr *attrs,
5405 struct cfg80211_he_bss_color *he_bss_color)
5407 struct nlattr *tb[NL80211_HE_BSS_COLOR_ATTR_MAX + 1];
5410 err = nla_parse_nested(tb, NL80211_HE_BSS_COLOR_ATTR_MAX, attrs,
5411 he_bss_color_policy, NULL);
5415 if (!tb[NL80211_HE_BSS_COLOR_ATTR_COLOR])
5418 he_bss_color->color =
5419 nla_get_u8(tb[NL80211_HE_BSS_COLOR_ATTR_COLOR]);
5420 he_bss_color->enabled =
5421 !nla_get_flag(tb[NL80211_HE_BSS_COLOR_ATTR_DISABLED]);
5422 he_bss_color->partial =
5423 nla_get_flag(tb[NL80211_HE_BSS_COLOR_ATTR_PARTIAL]);
5428 static int nl80211_parse_beacon(struct cfg80211_registered_device *rdev,
5429 struct nlattr *attrs[],
5430 struct cfg80211_beacon_data *bcn)
5432 bool haveinfo = false;
5435 memset(bcn, 0, sizeof(*bcn));
5437 bcn->link_id = nl80211_link_id(attrs);
5439 if (attrs[NL80211_ATTR_BEACON_HEAD]) {
5440 bcn->head = nla_data(attrs[NL80211_ATTR_BEACON_HEAD]);
5441 bcn->head_len = nla_len(attrs[NL80211_ATTR_BEACON_HEAD]);
5447 if (attrs[NL80211_ATTR_BEACON_TAIL]) {
5448 bcn->tail = nla_data(attrs[NL80211_ATTR_BEACON_TAIL]);
5449 bcn->tail_len = nla_len(attrs[NL80211_ATTR_BEACON_TAIL]);
5456 if (attrs[NL80211_ATTR_IE]) {
5457 bcn->beacon_ies = nla_data(attrs[NL80211_ATTR_IE]);
5458 bcn->beacon_ies_len = nla_len(attrs[NL80211_ATTR_IE]);
5461 if (attrs[NL80211_ATTR_IE_PROBE_RESP]) {
5462 bcn->proberesp_ies =
5463 nla_data(attrs[NL80211_ATTR_IE_PROBE_RESP]);
5464 bcn->proberesp_ies_len =
5465 nla_len(attrs[NL80211_ATTR_IE_PROBE_RESP]);
5468 if (attrs[NL80211_ATTR_IE_ASSOC_RESP]) {
5469 bcn->assocresp_ies =
5470 nla_data(attrs[NL80211_ATTR_IE_ASSOC_RESP]);
5471 bcn->assocresp_ies_len =
5472 nla_len(attrs[NL80211_ATTR_IE_ASSOC_RESP]);
5475 if (attrs[NL80211_ATTR_PROBE_RESP]) {
5476 bcn->probe_resp = nla_data(attrs[NL80211_ATTR_PROBE_RESP]);
5477 bcn->probe_resp_len = nla_len(attrs[NL80211_ATTR_PROBE_RESP]);
5480 if (attrs[NL80211_ATTR_FTM_RESPONDER]) {
5481 struct nlattr *tb[NL80211_FTM_RESP_ATTR_MAX + 1];
5483 err = nla_parse_nested_deprecated(tb,
5484 NL80211_FTM_RESP_ATTR_MAX,
5485 attrs[NL80211_ATTR_FTM_RESPONDER],
5490 if (tb[NL80211_FTM_RESP_ATTR_ENABLED] &&
5491 wiphy_ext_feature_isset(&rdev->wiphy,
5492 NL80211_EXT_FEATURE_ENABLE_FTM_RESPONDER))
5493 bcn->ftm_responder = 1;
5497 if (tb[NL80211_FTM_RESP_ATTR_LCI]) {
5498 bcn->lci = nla_data(tb[NL80211_FTM_RESP_ATTR_LCI]);
5499 bcn->lci_len = nla_len(tb[NL80211_FTM_RESP_ATTR_LCI]);
5502 if (tb[NL80211_FTM_RESP_ATTR_CIVICLOC]) {
5503 bcn->civicloc = nla_data(tb[NL80211_FTM_RESP_ATTR_CIVICLOC]);
5504 bcn->civicloc_len = nla_len(tb[NL80211_FTM_RESP_ATTR_CIVICLOC]);
5507 bcn->ftm_responder = -1;
5510 if (attrs[NL80211_ATTR_HE_BSS_COLOR]) {
5511 err = nl80211_parse_he_bss_color(attrs[NL80211_ATTR_HE_BSS_COLOR],
5512 &bcn->he_bss_color);
5515 bcn->he_bss_color_valid = true;
5518 if (attrs[NL80211_ATTR_MBSSID_ELEMS]) {
5519 struct cfg80211_mbssid_elems *mbssid =
5520 nl80211_parse_mbssid_elems(&rdev->wiphy,
5521 attrs[NL80211_ATTR_MBSSID_ELEMS]);
5524 return PTR_ERR(mbssid);
5526 bcn->mbssid_ies = mbssid;
5532 static int nl80211_parse_he_obss_pd(struct nlattr *attrs,
5533 struct ieee80211_he_obss_pd *he_obss_pd)
5535 struct nlattr *tb[NL80211_HE_OBSS_PD_ATTR_MAX + 1];
5538 err = nla_parse_nested(tb, NL80211_HE_OBSS_PD_ATTR_MAX, attrs,
5539 he_obss_pd_policy, NULL);
5543 if (!tb[NL80211_HE_OBSS_PD_ATTR_SR_CTRL])
5546 he_obss_pd->sr_ctrl = nla_get_u8(tb[NL80211_HE_OBSS_PD_ATTR_SR_CTRL]);
5548 if (tb[NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET])
5549 he_obss_pd->min_offset =
5550 nla_get_u8(tb[NL80211_HE_OBSS_PD_ATTR_MIN_OFFSET]);
5551 if (tb[NL80211_HE_OBSS_PD_ATTR_MAX_OFFSET])
5552 he_obss_pd->max_offset =
5553 nla_get_u8(tb[NL80211_HE_OBSS_PD_ATTR_MAX_OFFSET]);
5554 if (tb[NL80211_HE_OBSS_PD_ATTR_NON_SRG_MAX_OFFSET])
5555 he_obss_pd->non_srg_max_offset =
5556 nla_get_u8(tb[NL80211_HE_OBSS_PD_ATTR_NON_SRG_MAX_OFFSET]);
5558 if (he_obss_pd->min_offset > he_obss_pd->max_offset)
5561 if (tb[NL80211_HE_OBSS_PD_ATTR_BSS_COLOR_BITMAP])
5562 memcpy(he_obss_pd->bss_color_bitmap,
5563 nla_data(tb[NL80211_HE_OBSS_PD_ATTR_BSS_COLOR_BITMAP]),
5564 sizeof(he_obss_pd->bss_color_bitmap));
5566 if (tb[NL80211_HE_OBSS_PD_ATTR_PARTIAL_BSSID_BITMAP])
5567 memcpy(he_obss_pd->partial_bssid_bitmap,
5568 nla_data(tb[NL80211_HE_OBSS_PD_ATTR_PARTIAL_BSSID_BITMAP]),
5569 sizeof(he_obss_pd->partial_bssid_bitmap));
5571 he_obss_pd->enable = true;
5576 static int nl80211_parse_fils_discovery(struct cfg80211_registered_device *rdev,
5577 struct nlattr *attrs,
5578 struct cfg80211_ap_settings *params)
5580 struct nlattr *tb[NL80211_FILS_DISCOVERY_ATTR_MAX + 1];
5582 struct cfg80211_fils_discovery *fd = ¶ms->fils_discovery;
5584 if (!wiphy_ext_feature_isset(&rdev->wiphy,
5585 NL80211_EXT_FEATURE_FILS_DISCOVERY))
5588 ret = nla_parse_nested(tb, NL80211_FILS_DISCOVERY_ATTR_MAX, attrs,
5593 if (!tb[NL80211_FILS_DISCOVERY_ATTR_INT_MIN] ||
5594 !tb[NL80211_FILS_DISCOVERY_ATTR_INT_MAX] ||
5595 !tb[NL80211_FILS_DISCOVERY_ATTR_TMPL])
5598 fd->tmpl_len = nla_len(tb[NL80211_FILS_DISCOVERY_ATTR_TMPL]);
5599 fd->tmpl = nla_data(tb[NL80211_FILS_DISCOVERY_ATTR_TMPL]);
5600 fd->min_interval = nla_get_u32(tb[NL80211_FILS_DISCOVERY_ATTR_INT_MIN]);
5601 fd->max_interval = nla_get_u32(tb[NL80211_FILS_DISCOVERY_ATTR_INT_MAX]);
5607 nl80211_parse_unsol_bcast_probe_resp(struct cfg80211_registered_device *rdev,
5608 struct nlattr *attrs,
5609 struct cfg80211_ap_settings *params)
5611 struct nlattr *tb[NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_MAX + 1];
5613 struct cfg80211_unsol_bcast_probe_resp *presp =
5614 ¶ms->unsol_bcast_probe_resp;
5616 if (!wiphy_ext_feature_isset(&rdev->wiphy,
5617 NL80211_EXT_FEATURE_UNSOL_BCAST_PROBE_RESP))
5620 ret = nla_parse_nested(tb, NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_MAX,
5625 if (!tb[NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_INT] ||
5626 !tb[NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_TMPL])
5629 presp->tmpl = nla_data(tb[NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_TMPL]);
5630 presp->tmpl_len = nla_len(tb[NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_TMPL]);
5631 presp->interval = nla_get_u32(tb[NL80211_UNSOL_BCAST_PROBE_RESP_ATTR_INT]);
5635 static void nl80211_check_ap_rate_selectors(struct cfg80211_ap_settings *params,
5636 const struct element *rates)
5643 for (i = 0; i < rates->datalen; i++) {
5644 if (rates->data[i] == BSS_MEMBERSHIP_SELECTOR_HT_PHY)
5645 params->ht_required = true;
5646 if (rates->data[i] == BSS_MEMBERSHIP_SELECTOR_VHT_PHY)
5647 params->vht_required = true;
5648 if (rates->data[i] == BSS_MEMBERSHIP_SELECTOR_HE_PHY)
5649 params->he_required = true;
5650 if (rates->data[i] == BSS_MEMBERSHIP_SELECTOR_SAE_H2E)
5651 params->sae_h2e_required = true;
5656 * Since the nl80211 API didn't include, from the beginning, attributes about
5657 * HT/VHT requirements/capabilities, we parse them out of the IEs for the
5658 * benefit of drivers that rebuild IEs in the firmware.
5660 static int nl80211_calculate_ap_params(struct cfg80211_ap_settings *params)
5662 const struct cfg80211_beacon_data *bcn = ¶ms->beacon;
5663 size_t ies_len = bcn->tail_len;
5664 const u8 *ies = bcn->tail;
5665 const struct element *rates;
5666 const struct element *cap;
5668 rates = cfg80211_find_elem(WLAN_EID_SUPP_RATES, ies, ies_len);
5669 nl80211_check_ap_rate_selectors(params, rates);
5671 rates = cfg80211_find_elem(WLAN_EID_EXT_SUPP_RATES, ies, ies_len);
5672 nl80211_check_ap_rate_selectors(params, rates);
5674 cap = cfg80211_find_elem(WLAN_EID_HT_CAPABILITY, ies, ies_len);
5675 if (cap && cap->datalen >= sizeof(*params->ht_cap))
5676 params->ht_cap = (void *)cap->data;
5677 cap = cfg80211_find_elem(WLAN_EID_VHT_CAPABILITY, ies, ies_len);
5678 if (cap && cap->datalen >= sizeof(*params->vht_cap))
5679 params->vht_cap = (void *)cap->data;
5680 cap = cfg80211_find_ext_elem(WLAN_EID_EXT_HE_CAPABILITY, ies, ies_len);
5681 if (cap && cap->datalen >= sizeof(*params->he_cap) + 1)
5682 params->he_cap = (void *)(cap->data + 1);
5683 cap = cfg80211_find_ext_elem(WLAN_EID_EXT_HE_OPERATION, ies, ies_len);
5684 if (cap && cap->datalen >= sizeof(*params->he_oper) + 1)
5685 params->he_oper = (void *)(cap->data + 1);
5686 cap = cfg80211_find_ext_elem(WLAN_EID_EXT_EHT_CAPABILITY, ies, ies_len);
5690 params->eht_cap = (void *)(cap->data + 1);
5691 if (!ieee80211_eht_capa_size_ok((const u8 *)params->he_cap,
5692 (const u8 *)params->eht_cap,
5693 cap->datalen - 1, true))
5696 cap = cfg80211_find_ext_elem(WLAN_EID_EXT_EHT_OPERATION, ies, ies_len);
5700 params->eht_oper = (void *)(cap->data + 1);
5701 if (!ieee80211_eht_oper_size_ok((const u8 *)params->eht_oper,
5708 static bool nl80211_get_ap_channel(struct cfg80211_registered_device *rdev,
5709 struct cfg80211_ap_settings *params)
5711 struct wireless_dev *wdev;
5713 list_for_each_entry(wdev, &rdev->wiphy.wdev_list, list) {
5714 if (wdev->iftype != NL80211_IFTYPE_AP &&
5715 wdev->iftype != NL80211_IFTYPE_P2P_GO)
5718 if (!wdev->u.ap.preset_chandef.chan)
5721 params->chandef = wdev->u.ap.preset_chandef;
5728 static bool nl80211_valid_auth_type(struct cfg80211_registered_device *rdev,
5729 enum nl80211_auth_type auth_type,
5730 enum nl80211_commands cmd)
5732 if (auth_type > NL80211_AUTHTYPE_MAX)
5736 case NL80211_CMD_AUTHENTICATE:
5737 if (!(rdev->wiphy.features & NL80211_FEATURE_SAE) &&
5738 auth_type == NL80211_AUTHTYPE_SAE)
5740 if (!wiphy_ext_feature_isset(&rdev->wiphy,
5741 NL80211_EXT_FEATURE_FILS_STA) &&
5742 (auth_type == NL80211_AUTHTYPE_FILS_SK ||
5743 auth_type == NL80211_AUTHTYPE_FILS_SK_PFS ||
5744 auth_type == NL80211_AUTHTYPE_FILS_PK))
5747 case NL80211_CMD_CONNECT:
5748 if (!(rdev->wiphy.features & NL80211_FEATURE_SAE) &&
5749 !wiphy_ext_feature_isset(&rdev->wiphy,
5750 NL80211_EXT_FEATURE_SAE_OFFLOAD) &&
5751 auth_type == NL80211_AUTHTYPE_SAE)
5754 /* FILS with SK PFS or PK not supported yet */
5755 if (auth_type == NL80211_AUTHTYPE_FILS_SK_PFS ||
5756 auth_type == NL80211_AUTHTYPE_FILS_PK)
5758 if (!wiphy_ext_feature_isset(
5760 NL80211_EXT_FEATURE_FILS_SK_OFFLOAD) &&
5761 auth_type == NL80211_AUTHTYPE_FILS_SK)
5764 case NL80211_CMD_START_AP:
5765 if (!wiphy_ext_feature_isset(&rdev->wiphy,
5766 NL80211_EXT_FEATURE_SAE_OFFLOAD_AP) &&
5767 auth_type == NL80211_AUTHTYPE_SAE)
5769 /* FILS not supported yet */
5770 if (auth_type == NL80211_AUTHTYPE_FILS_SK ||
5771 auth_type == NL80211_AUTHTYPE_FILS_SK_PFS ||
5772 auth_type == NL80211_AUTHTYPE_FILS_PK)
5780 static int nl80211_start_ap(struct sk_buff *skb, struct genl_info *info)
5782 struct cfg80211_registered_device *rdev = info->user_ptr[0];
5783 unsigned int link_id = nl80211_link_id(info->attrs);
5784 struct net_device *dev = info->user_ptr[1];
5785 struct wireless_dev *wdev = dev->ieee80211_ptr;
5786 struct cfg80211_ap_settings *params;
5789 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
5790 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
5793 if (!rdev->ops->start_ap)
5796 if (wdev->links[link_id].ap.beacon_interval)
5799 /* these are required for START_AP */
5800 if (!info->attrs[NL80211_ATTR_BEACON_INTERVAL] ||
5801 !info->attrs[NL80211_ATTR_DTIM_PERIOD] ||
5802 !info->attrs[NL80211_ATTR_BEACON_HEAD])
5805 params = kzalloc(sizeof(*params), GFP_KERNEL);
5809 err = nl80211_parse_beacon(rdev, info->attrs, ¶ms->beacon);
5813 params->beacon_interval =
5814 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]);
5815 params->dtim_period =
5816 nla_get_u32(info->attrs[NL80211_ATTR_DTIM_PERIOD]);
5818 err = cfg80211_validate_beacon_int(rdev, dev->ieee80211_ptr->iftype,
5819 params->beacon_interval);
5824 * In theory, some of these attributes should be required here
5825 * but since they were not used when the command was originally
5826 * added, keep them optional for old user space programs to let
5827 * them continue to work with drivers that do not need the
5828 * additional information -- drivers must check!
5830 if (info->attrs[NL80211_ATTR_SSID]) {
5831 params->ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
5833 nla_len(info->attrs[NL80211_ATTR_SSID]);
5834 if (params->ssid_len == 0) {
5839 if (wdev->u.ap.ssid_len &&
5840 (wdev->u.ap.ssid_len != params->ssid_len ||
5841 memcmp(wdev->u.ap.ssid, params->ssid, params->ssid_len))) {
5842 /* require identical SSID for MLO */
5846 } else if (wdev->valid_links) {
5847 /* require SSID for MLO */
5852 if (info->attrs[NL80211_ATTR_HIDDEN_SSID])
5853 params->hidden_ssid = nla_get_u32(
5854 info->attrs[NL80211_ATTR_HIDDEN_SSID]);
5856 params->privacy = !!info->attrs[NL80211_ATTR_PRIVACY];
5858 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) {
5859 params->auth_type = nla_get_u32(
5860 info->attrs[NL80211_ATTR_AUTH_TYPE]);
5861 if (!nl80211_valid_auth_type(rdev, params->auth_type,
5862 NL80211_CMD_START_AP)) {
5867 params->auth_type = NL80211_AUTHTYPE_AUTOMATIC;
5869 err = nl80211_crypto_settings(rdev, info, ¶ms->crypto,
5870 NL80211_MAX_NR_CIPHER_SUITES);
5874 if (info->attrs[NL80211_ATTR_INACTIVITY_TIMEOUT]) {
5875 if (!(rdev->wiphy.features & NL80211_FEATURE_INACTIVITY_TIMER)) {
5879 params->inactivity_timeout = nla_get_u16(
5880 info->attrs[NL80211_ATTR_INACTIVITY_TIMEOUT]);
5883 if (info->attrs[NL80211_ATTR_P2P_CTWINDOW]) {
5884 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) {
5888 params->p2p_ctwindow =
5889 nla_get_u8(info->attrs[NL80211_ATTR_P2P_CTWINDOW]);
5890 if (params->p2p_ctwindow != 0 &&
5891 !(rdev->wiphy.features & NL80211_FEATURE_P2P_GO_CTWIN)) {
5897 if (info->attrs[NL80211_ATTR_P2P_OPPPS]) {
5900 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) {
5904 tmp = nla_get_u8(info->attrs[NL80211_ATTR_P2P_OPPPS]);
5905 params->p2p_opp_ps = tmp;
5906 if (params->p2p_opp_ps != 0 &&
5907 !(rdev->wiphy.features & NL80211_FEATURE_P2P_GO_OPPPS)) {
5913 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
5914 err = nl80211_parse_chandef(rdev, info, ¶ms->chandef);
5917 } else if (wdev->valid_links) {
5918 /* with MLD need to specify the channel configuration */
5921 } else if (wdev->u.ap.preset_chandef.chan) {
5922 params->chandef = wdev->u.ap.preset_chandef;
5923 } else if (!nl80211_get_ap_channel(rdev, params)) {
5928 if (!cfg80211_reg_can_beacon_relax(&rdev->wiphy, ¶ms->chandef,
5936 if (info->attrs[NL80211_ATTR_TX_RATES]) {
5937 err = nl80211_parse_tx_bitrate_mask(info, info->attrs,
5938 NL80211_ATTR_TX_RATES,
5939 ¶ms->beacon_rate,
5940 dev, false, link_id);
5944 err = validate_beacon_tx_rate(rdev, params->chandef.chan->band,
5945 ¶ms->beacon_rate);
5950 if (info->attrs[NL80211_ATTR_SMPS_MODE]) {
5952 nla_get_u8(info->attrs[NL80211_ATTR_SMPS_MODE]);
5953 switch (params->smps_mode) {
5954 case NL80211_SMPS_OFF:
5956 case NL80211_SMPS_STATIC:
5957 if (!(rdev->wiphy.features &
5958 NL80211_FEATURE_STATIC_SMPS)) {
5963 case NL80211_SMPS_DYNAMIC:
5964 if (!(rdev->wiphy.features &
5965 NL80211_FEATURE_DYNAMIC_SMPS)) {
5975 params->smps_mode = NL80211_SMPS_OFF;
5978 params->pbss = nla_get_flag(info->attrs[NL80211_ATTR_PBSS]);
5979 if (params->pbss && !rdev->wiphy.bands[NL80211_BAND_60GHZ]) {
5984 if (info->attrs[NL80211_ATTR_ACL_POLICY]) {
5985 params->acl = parse_acl_data(&rdev->wiphy, info);
5986 if (IS_ERR(params->acl)) {
5987 err = PTR_ERR(params->acl);
5993 params->twt_responder =
5994 nla_get_flag(info->attrs[NL80211_ATTR_TWT_RESPONDER]);
5996 if (info->attrs[NL80211_ATTR_HE_OBSS_PD]) {
5997 err = nl80211_parse_he_obss_pd(
5998 info->attrs[NL80211_ATTR_HE_OBSS_PD],
5999 ¶ms->he_obss_pd);
6004 if (info->attrs[NL80211_ATTR_FILS_DISCOVERY]) {
6005 err = nl80211_parse_fils_discovery(rdev,
6006 info->attrs[NL80211_ATTR_FILS_DISCOVERY],
6012 if (info->attrs[NL80211_ATTR_UNSOL_BCAST_PROBE_RESP]) {
6013 err = nl80211_parse_unsol_bcast_probe_resp(
6014 rdev, info->attrs[NL80211_ATTR_UNSOL_BCAST_PROBE_RESP],
6020 if (info->attrs[NL80211_ATTR_MBSSID_CONFIG]) {
6021 err = nl80211_parse_mbssid_config(&rdev->wiphy, dev,
6022 info->attrs[NL80211_ATTR_MBSSID_CONFIG],
6023 ¶ms->mbssid_config,
6024 params->beacon.mbssid_ies ?
6025 params->beacon.mbssid_ies->cnt :
6031 err = nl80211_calculate_ap_params(params);
6035 if (info->attrs[NL80211_ATTR_AP_SETTINGS_FLAGS])
6036 params->flags = nla_get_u32(
6037 info->attrs[NL80211_ATTR_AP_SETTINGS_FLAGS]);
6038 else if (info->attrs[NL80211_ATTR_EXTERNAL_AUTH_SUPPORT])
6039 params->flags |= NL80211_AP_SETTINGS_EXTERNAL_AUTH_SUPPORT;
6041 if (wdev->conn_owner_nlportid &&
6042 info->attrs[NL80211_ATTR_SOCKET_OWNER] &&
6043 wdev->conn_owner_nlportid != info->snd_portid) {
6048 /* FIXME: validate MLO/link-id against driver capabilities */
6050 err = rdev_start_ap(rdev, dev, params);
6052 wdev->links[link_id].ap.beacon_interval = params->beacon_interval;
6053 wdev->links[link_id].ap.chandef = params->chandef;
6054 wdev->u.ap.ssid_len = params->ssid_len;
6055 memcpy(wdev->u.ap.ssid, params->ssid,
6058 if (info->attrs[NL80211_ATTR_SOCKET_OWNER])
6059 wdev->conn_owner_nlportid = info->snd_portid;
6065 kfree(params->beacon.mbssid_ies);
6066 if (params->mbssid_config.tx_wdev &&
6067 params->mbssid_config.tx_wdev->netdev &&
6068 params->mbssid_config.tx_wdev->netdev != dev)
6069 dev_put(params->mbssid_config.tx_wdev->netdev);
6075 static int nl80211_set_beacon(struct sk_buff *skb, struct genl_info *info)
6077 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6078 unsigned int link_id = nl80211_link_id(info->attrs);
6079 struct net_device *dev = info->user_ptr[1];
6080 struct wireless_dev *wdev = dev->ieee80211_ptr;
6081 struct cfg80211_beacon_data params;
6084 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
6085 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
6088 if (!rdev->ops->change_beacon)
6091 if (!wdev->links[link_id].ap.beacon_interval)
6094 err = nl80211_parse_beacon(rdev, info->attrs, ¶ms);
6099 err = rdev_change_beacon(rdev, dev, ¶ms);
6103 kfree(params.mbssid_ies);
6107 static int nl80211_stop_ap(struct sk_buff *skb, struct genl_info *info)
6109 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6110 unsigned int link_id = nl80211_link_id(info->attrs);
6111 struct net_device *dev = info->user_ptr[1];
6113 return cfg80211_stop_ap(rdev, dev, link_id, false);
6116 static const struct nla_policy sta_flags_policy[NL80211_STA_FLAG_MAX + 1] = {
6117 [NL80211_STA_FLAG_AUTHORIZED] = { .type = NLA_FLAG },
6118 [NL80211_STA_FLAG_SHORT_PREAMBLE] = { .type = NLA_FLAG },
6119 [NL80211_STA_FLAG_WME] = { .type = NLA_FLAG },
6120 [NL80211_STA_FLAG_MFP] = { .type = NLA_FLAG },
6121 [NL80211_STA_FLAG_AUTHENTICATED] = { .type = NLA_FLAG },
6122 [NL80211_STA_FLAG_TDLS_PEER] = { .type = NLA_FLAG },
6125 static int parse_station_flags(struct genl_info *info,
6126 enum nl80211_iftype iftype,
6127 struct station_parameters *params)
6129 struct nlattr *flags[NL80211_STA_FLAG_MAX + 1];
6134 * Try parsing the new attribute first so userspace
6135 * can specify both for older kernels.
6137 nla = info->attrs[NL80211_ATTR_STA_FLAGS2];
6139 struct nl80211_sta_flag_update *sta_flags;
6141 sta_flags = nla_data(nla);
6142 params->sta_flags_mask = sta_flags->mask;
6143 params->sta_flags_set = sta_flags->set;
6144 params->sta_flags_set &= params->sta_flags_mask;
6145 if ((params->sta_flags_mask |
6146 params->sta_flags_set) & BIT(__NL80211_STA_FLAG_INVALID))
6151 /* if present, parse the old attribute */
6153 nla = info->attrs[NL80211_ATTR_STA_FLAGS];
6157 if (nla_parse_nested_deprecated(flags, NL80211_STA_FLAG_MAX, nla, sta_flags_policy, info->extack))
6161 * Only allow certain flags for interface types so that
6162 * other attributes are silently ignored. Remember that
6163 * this is backward compatibility code with old userspace
6164 * and shouldn't be hit in other cases anyway.
6167 case NL80211_IFTYPE_AP:
6168 case NL80211_IFTYPE_AP_VLAN:
6169 case NL80211_IFTYPE_P2P_GO:
6170 params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHORIZED) |
6171 BIT(NL80211_STA_FLAG_SHORT_PREAMBLE) |
6172 BIT(NL80211_STA_FLAG_WME) |
6173 BIT(NL80211_STA_FLAG_MFP);
6175 case NL80211_IFTYPE_P2P_CLIENT:
6176 case NL80211_IFTYPE_STATION:
6177 params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHORIZED) |
6178 BIT(NL80211_STA_FLAG_TDLS_PEER);
6180 case NL80211_IFTYPE_MESH_POINT:
6181 params->sta_flags_mask = BIT(NL80211_STA_FLAG_AUTHENTICATED) |
6182 BIT(NL80211_STA_FLAG_MFP) |
6183 BIT(NL80211_STA_FLAG_AUTHORIZED);
6189 for (flag = 1; flag <= NL80211_STA_FLAG_MAX; flag++) {
6191 params->sta_flags_set |= (1<<flag);
6193 /* no longer support new API additions in old API */
6194 if (flag > NL80211_STA_FLAG_MAX_OLD_API)
6202 bool nl80211_put_sta_rate(struct sk_buff *msg, struct rate_info *info, int attr)
6204 struct nlattr *rate;
6207 enum nl80211_rate_info rate_flg;
6209 rate = nla_nest_start_noflag(msg, attr);
6213 /* cfg80211_calculate_bitrate will return 0 for mcs >= 32 */
6214 bitrate = cfg80211_calculate_bitrate(info);
6215 /* report 16-bit bitrate only if we can */
6216 bitrate_compat = bitrate < (1UL << 16) ? bitrate : 0;
6218 nla_put_u32(msg, NL80211_RATE_INFO_BITRATE32, bitrate))
6220 if (bitrate_compat > 0 &&
6221 nla_put_u16(msg, NL80211_RATE_INFO_BITRATE, bitrate_compat))
6225 case RATE_INFO_BW_5:
6226 rate_flg = NL80211_RATE_INFO_5_MHZ_WIDTH;
6228 case RATE_INFO_BW_10:
6229 rate_flg = NL80211_RATE_INFO_10_MHZ_WIDTH;
6234 case RATE_INFO_BW_20:
6237 case RATE_INFO_BW_40:
6238 rate_flg = NL80211_RATE_INFO_40_MHZ_WIDTH;
6240 case RATE_INFO_BW_80:
6241 rate_flg = NL80211_RATE_INFO_80_MHZ_WIDTH;
6243 case RATE_INFO_BW_160:
6244 rate_flg = NL80211_RATE_INFO_160_MHZ_WIDTH;
6246 case RATE_INFO_BW_HE_RU:
6248 WARN_ON(!(info->flags & RATE_INFO_FLAGS_HE_MCS));
6250 case RATE_INFO_BW_320:
6251 rate_flg = NL80211_RATE_INFO_320_MHZ_WIDTH;
6253 case RATE_INFO_BW_EHT_RU:
6255 WARN_ON(!(info->flags & RATE_INFO_FLAGS_EHT_MCS));
6259 if (rate_flg && nla_put_flag(msg, rate_flg))
6262 if (info->flags & RATE_INFO_FLAGS_MCS) {
6263 if (nla_put_u8(msg, NL80211_RATE_INFO_MCS, info->mcs))
6265 if (info->flags & RATE_INFO_FLAGS_SHORT_GI &&
6266 nla_put_flag(msg, NL80211_RATE_INFO_SHORT_GI))
6268 } else if (info->flags & RATE_INFO_FLAGS_VHT_MCS) {
6269 if (nla_put_u8(msg, NL80211_RATE_INFO_VHT_MCS, info->mcs))
6271 if (nla_put_u8(msg, NL80211_RATE_INFO_VHT_NSS, info->nss))
6273 if (info->flags & RATE_INFO_FLAGS_SHORT_GI &&
6274 nla_put_flag(msg, NL80211_RATE_INFO_SHORT_GI))
6276 } else if (info->flags & RATE_INFO_FLAGS_HE_MCS) {
6277 if (nla_put_u8(msg, NL80211_RATE_INFO_HE_MCS, info->mcs))
6279 if (nla_put_u8(msg, NL80211_RATE_INFO_HE_NSS, info->nss))
6281 if (nla_put_u8(msg, NL80211_RATE_INFO_HE_GI, info->he_gi))
6283 if (nla_put_u8(msg, NL80211_RATE_INFO_HE_DCM, info->he_dcm))
6285 if (info->bw == RATE_INFO_BW_HE_RU &&
6286 nla_put_u8(msg, NL80211_RATE_INFO_HE_RU_ALLOC,
6289 } else if (info->flags & RATE_INFO_FLAGS_EHT_MCS) {
6290 if (nla_put_u8(msg, NL80211_RATE_INFO_EHT_MCS, info->mcs))
6292 if (nla_put_u8(msg, NL80211_RATE_INFO_EHT_NSS, info->nss))
6294 if (nla_put_u8(msg, NL80211_RATE_INFO_EHT_GI, info->eht_gi))
6296 if (info->bw == RATE_INFO_BW_EHT_RU &&
6297 nla_put_u8(msg, NL80211_RATE_INFO_EHT_RU_ALLOC,
6298 info->eht_ru_alloc))
6302 nla_nest_end(msg, rate);
6306 static bool nl80211_put_signal(struct sk_buff *msg, u8 mask, s8 *signal,
6315 attr = nla_nest_start_noflag(msg, id);
6319 for (i = 0; i < IEEE80211_MAX_CHAINS; i++) {
6320 if (!(mask & BIT(i)))
6323 if (nla_put_u8(msg, i, signal[i]))
6327 nla_nest_end(msg, attr);
6332 static int nl80211_send_station(struct sk_buff *msg, u32 cmd, u32 portid,
6334 struct cfg80211_registered_device *rdev,
6335 struct net_device *dev,
6336 const u8 *mac_addr, struct station_info *sinfo)
6339 struct nlattr *sinfoattr, *bss_param;
6341 hdr = nl80211hdr_put(msg, portid, seq, flags, cmd);
6343 cfg80211_sinfo_release_content(sinfo);
6347 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
6348 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr) ||
6349 nla_put_u32(msg, NL80211_ATTR_GENERATION, sinfo->generation))
6350 goto nla_put_failure;
6352 sinfoattr = nla_nest_start_noflag(msg, NL80211_ATTR_STA_INFO);
6354 goto nla_put_failure;
6356 #define PUT_SINFO(attr, memb, type) do { \
6357 BUILD_BUG_ON(sizeof(type) == sizeof(u64)); \
6358 if (sinfo->filled & BIT_ULL(NL80211_STA_INFO_ ## attr) && \
6359 nla_put_ ## type(msg, NL80211_STA_INFO_ ## attr, \
6361 goto nla_put_failure; \
6363 #define PUT_SINFO_U64(attr, memb) do { \
6364 if (sinfo->filled & BIT_ULL(NL80211_STA_INFO_ ## attr) && \
6365 nla_put_u64_64bit(msg, NL80211_STA_INFO_ ## attr, \
6366 sinfo->memb, NL80211_STA_INFO_PAD)) \
6367 goto nla_put_failure; \
6370 PUT_SINFO(CONNECTED_TIME, connected_time, u32);
6371 PUT_SINFO(INACTIVE_TIME, inactive_time, u32);
6372 PUT_SINFO_U64(ASSOC_AT_BOOTTIME, assoc_at);
6374 if (sinfo->filled & (BIT_ULL(NL80211_STA_INFO_RX_BYTES) |
6375 BIT_ULL(NL80211_STA_INFO_RX_BYTES64)) &&
6376 nla_put_u32(msg, NL80211_STA_INFO_RX_BYTES,
6377 (u32)sinfo->rx_bytes))
6378 goto nla_put_failure;
6380 if (sinfo->filled & (BIT_ULL(NL80211_STA_INFO_TX_BYTES) |
6381 BIT_ULL(NL80211_STA_INFO_TX_BYTES64)) &&
6382 nla_put_u32(msg, NL80211_STA_INFO_TX_BYTES,
6383 (u32)sinfo->tx_bytes))
6384 goto nla_put_failure;
6386 PUT_SINFO_U64(RX_BYTES64, rx_bytes);
6387 PUT_SINFO_U64(TX_BYTES64, tx_bytes);
6388 PUT_SINFO(LLID, llid, u16);
6389 PUT_SINFO(PLID, plid, u16);
6390 PUT_SINFO(PLINK_STATE, plink_state, u8);
6391 PUT_SINFO_U64(RX_DURATION, rx_duration);
6392 PUT_SINFO_U64(TX_DURATION, tx_duration);
6394 if (wiphy_ext_feature_isset(&rdev->wiphy,
6395 NL80211_EXT_FEATURE_AIRTIME_FAIRNESS))
6396 PUT_SINFO(AIRTIME_WEIGHT, airtime_weight, u16);
6398 switch (rdev->wiphy.signal_type) {
6399 case CFG80211_SIGNAL_TYPE_MBM:
6400 PUT_SINFO(SIGNAL, signal, u8);
6401 PUT_SINFO(SIGNAL_AVG, signal_avg, u8);
6406 if (sinfo->filled & BIT_ULL(NL80211_STA_INFO_CHAIN_SIGNAL)) {
6407 if (!nl80211_put_signal(msg, sinfo->chains,
6408 sinfo->chain_signal,
6409 NL80211_STA_INFO_CHAIN_SIGNAL))
6410 goto nla_put_failure;
6412 if (sinfo->filled & BIT_ULL(NL80211_STA_INFO_CHAIN_SIGNAL_AVG)) {
6413 if (!nl80211_put_signal(msg, sinfo->chains,
6414 sinfo->chain_signal_avg,
6415 NL80211_STA_INFO_CHAIN_SIGNAL_AVG))
6416 goto nla_put_failure;
6418 if (sinfo->filled & BIT_ULL(NL80211_STA_INFO_TX_BITRATE)) {
6419 if (!nl80211_put_sta_rate(msg, &sinfo->txrate,
6420 NL80211_STA_INFO_TX_BITRATE))
6421 goto nla_put_failure;
6423 if (sinfo->filled & BIT_ULL(NL80211_STA_INFO_RX_BITRATE)) {
6424 if (!nl80211_put_sta_rate(msg, &sinfo->rxrate,
6425 NL80211_STA_INFO_RX_BITRATE))
6426 goto nla_put_failure;
6429 PUT_SINFO(RX_PACKETS, rx_packets, u32);
6430 PUT_SINFO(TX_PACKETS, tx_packets, u32);
6431 PUT_SINFO(TX_RETRIES, tx_retries, u32);
6432 PUT_SINFO(TX_FAILED, tx_failed, u32);
6433 PUT_SINFO(EXPECTED_THROUGHPUT, expected_throughput, u32);
6434 PUT_SINFO(AIRTIME_LINK_METRIC, airtime_link_metric, u32);
6435 PUT_SINFO(BEACON_LOSS, beacon_loss_count, u32);
6436 PUT_SINFO(LOCAL_PM, local_pm, u32);
6437 PUT_SINFO(PEER_PM, peer_pm, u32);
6438 PUT_SINFO(NONPEER_PM, nonpeer_pm, u32);
6439 PUT_SINFO(CONNECTED_TO_GATE, connected_to_gate, u8);
6440 PUT_SINFO(CONNECTED_TO_AS, connected_to_as, u8);
6442 if (sinfo->filled & BIT_ULL(NL80211_STA_INFO_BSS_PARAM)) {
6443 bss_param = nla_nest_start_noflag(msg,
6444 NL80211_STA_INFO_BSS_PARAM);
6446 goto nla_put_failure;
6448 if (((sinfo->bss_param.flags & BSS_PARAM_FLAGS_CTS_PROT) &&
6449 nla_put_flag(msg, NL80211_STA_BSS_PARAM_CTS_PROT)) ||
6450 ((sinfo->bss_param.flags & BSS_PARAM_FLAGS_SHORT_PREAMBLE) &&
6451 nla_put_flag(msg, NL80211_STA_BSS_PARAM_SHORT_PREAMBLE)) ||
6452 ((sinfo->bss_param.flags & BSS_PARAM_FLAGS_SHORT_SLOT_TIME) &&
6453 nla_put_flag(msg, NL80211_STA_BSS_PARAM_SHORT_SLOT_TIME)) ||
6454 nla_put_u8(msg, NL80211_STA_BSS_PARAM_DTIM_PERIOD,
6455 sinfo->bss_param.dtim_period) ||
6456 nla_put_u16(msg, NL80211_STA_BSS_PARAM_BEACON_INTERVAL,
6457 sinfo->bss_param.beacon_interval))
6458 goto nla_put_failure;
6460 nla_nest_end(msg, bss_param);
6462 if ((sinfo->filled & BIT_ULL(NL80211_STA_INFO_STA_FLAGS)) &&
6463 nla_put(msg, NL80211_STA_INFO_STA_FLAGS,
6464 sizeof(struct nl80211_sta_flag_update),
6466 goto nla_put_failure;
6468 PUT_SINFO_U64(T_OFFSET, t_offset);
6469 PUT_SINFO_U64(RX_DROP_MISC, rx_dropped_misc);
6470 PUT_SINFO_U64(BEACON_RX, rx_beacon);
6471 PUT_SINFO(BEACON_SIGNAL_AVG, rx_beacon_signal_avg, u8);
6472 PUT_SINFO(RX_MPDUS, rx_mpdu_count, u32);
6473 PUT_SINFO(FCS_ERROR_COUNT, fcs_err_count, u32);
6474 if (wiphy_ext_feature_isset(&rdev->wiphy,
6475 NL80211_EXT_FEATURE_ACK_SIGNAL_SUPPORT)) {
6476 PUT_SINFO(ACK_SIGNAL, ack_signal, u8);
6477 PUT_SINFO(ACK_SIGNAL_AVG, avg_ack_signal, s8);
6481 #undef PUT_SINFO_U64
6483 if (sinfo->pertid) {
6484 struct nlattr *tidsattr;
6487 tidsattr = nla_nest_start_noflag(msg,
6488 NL80211_STA_INFO_TID_STATS);
6490 goto nla_put_failure;
6492 for (tid = 0; tid < IEEE80211_NUM_TIDS + 1; tid++) {
6493 struct cfg80211_tid_stats *tidstats;
6494 struct nlattr *tidattr;
6496 tidstats = &sinfo->pertid[tid];
6498 if (!tidstats->filled)
6501 tidattr = nla_nest_start_noflag(msg, tid + 1);
6503 goto nla_put_failure;
6505 #define PUT_TIDVAL_U64(attr, memb) do { \
6506 if (tidstats->filled & BIT(NL80211_TID_STATS_ ## attr) && \
6507 nla_put_u64_64bit(msg, NL80211_TID_STATS_ ## attr, \
6508 tidstats->memb, NL80211_TID_STATS_PAD)) \
6509 goto nla_put_failure; \
6512 PUT_TIDVAL_U64(RX_MSDU, rx_msdu);
6513 PUT_TIDVAL_U64(TX_MSDU, tx_msdu);
6514 PUT_TIDVAL_U64(TX_MSDU_RETRIES, tx_msdu_retries);
6515 PUT_TIDVAL_U64(TX_MSDU_FAILED, tx_msdu_failed);
6517 #undef PUT_TIDVAL_U64
6518 if ((tidstats->filled &
6519 BIT(NL80211_TID_STATS_TXQ_STATS)) &&
6520 !nl80211_put_txq_stats(msg, &tidstats->txq_stats,
6521 NL80211_TID_STATS_TXQ_STATS))
6522 goto nla_put_failure;
6524 nla_nest_end(msg, tidattr);
6527 nla_nest_end(msg, tidsattr);
6530 nla_nest_end(msg, sinfoattr);
6532 if (sinfo->assoc_req_ies_len &&
6533 nla_put(msg, NL80211_ATTR_IE, sinfo->assoc_req_ies_len,
6534 sinfo->assoc_req_ies))
6535 goto nla_put_failure;
6537 cfg80211_sinfo_release_content(sinfo);
6538 genlmsg_end(msg, hdr);
6542 cfg80211_sinfo_release_content(sinfo);
6543 genlmsg_cancel(msg, hdr);
6547 static int nl80211_dump_station(struct sk_buff *skb,
6548 struct netlink_callback *cb)
6550 struct station_info sinfo;
6551 struct cfg80211_registered_device *rdev;
6552 struct wireless_dev *wdev;
6553 u8 mac_addr[ETH_ALEN];
6554 int sta_idx = cb->args[2];
6557 err = nl80211_prepare_wdev_dump(cb, &rdev, &wdev, NULL);
6560 /* nl80211_prepare_wdev_dump acquired it in the successful case */
6561 __acquire(&rdev->wiphy.mtx);
6563 if (!wdev->netdev) {
6568 if (!rdev->ops->dump_station) {
6574 memset(&sinfo, 0, sizeof(sinfo));
6575 err = rdev_dump_station(rdev, wdev->netdev, sta_idx,
6582 if (nl80211_send_station(skb, NL80211_CMD_NEW_STATION,
6583 NETLINK_CB(cb->skb).portid,
6584 cb->nlh->nlmsg_seq, NLM_F_MULTI,
6585 rdev, wdev->netdev, mac_addr,
6593 cb->args[2] = sta_idx;
6596 wiphy_unlock(&rdev->wiphy);
6601 static int nl80211_get_station(struct sk_buff *skb, struct genl_info *info)
6603 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6604 struct net_device *dev = info->user_ptr[1];
6605 struct station_info sinfo;
6606 struct sk_buff *msg;
6607 u8 *mac_addr = NULL;
6610 memset(&sinfo, 0, sizeof(sinfo));
6612 if (!info->attrs[NL80211_ATTR_MAC])
6615 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
6617 if (!rdev->ops->get_station)
6620 err = rdev_get_station(rdev, dev, mac_addr, &sinfo);
6624 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
6626 cfg80211_sinfo_release_content(&sinfo);
6630 if (nl80211_send_station(msg, NL80211_CMD_NEW_STATION,
6631 info->snd_portid, info->snd_seq, 0,
6632 rdev, dev, mac_addr, &sinfo) < 0) {
6637 return genlmsg_reply(msg, info);
6640 int cfg80211_check_station_change(struct wiphy *wiphy,
6641 struct station_parameters *params,
6642 enum cfg80211_station_type statype)
6644 if (params->listen_interval != -1 &&
6645 statype != CFG80211_STA_AP_CLIENT_UNASSOC)
6648 if (params->support_p2p_ps != -1 &&
6649 statype != CFG80211_STA_AP_CLIENT_UNASSOC)
6653 !(params->sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) &&
6654 statype != CFG80211_STA_AP_CLIENT_UNASSOC)
6657 /* When you run into this, adjust the code below for the new flag */
6658 BUILD_BUG_ON(NL80211_STA_FLAG_MAX != 7);
6661 case CFG80211_STA_MESH_PEER_KERNEL:
6662 case CFG80211_STA_MESH_PEER_USER:
6664 * No ignoring the TDLS flag here -- the userspace mesh
6665 * code doesn't have the bug of including TDLS in the
6668 if (params->sta_flags_mask &
6669 ~(BIT(NL80211_STA_FLAG_AUTHENTICATED) |
6670 BIT(NL80211_STA_FLAG_MFP) |
6671 BIT(NL80211_STA_FLAG_AUTHORIZED)))
6674 case CFG80211_STA_TDLS_PEER_SETUP:
6675 case CFG80211_STA_TDLS_PEER_ACTIVE:
6676 if (!(params->sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)))
6678 /* ignore since it can't change */
6679 params->sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
6682 /* disallow mesh-specific things */
6683 if (params->plink_action != NL80211_PLINK_ACTION_NO_ACTION)
6685 if (params->local_pm)
6687 if (params->sta_modify_mask & STATION_PARAM_APPLY_PLINK_STATE)
6691 if (statype != CFG80211_STA_TDLS_PEER_SETUP &&
6692 statype != CFG80211_STA_TDLS_PEER_ACTIVE) {
6693 /* TDLS can't be set, ... */
6694 if (params->sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER))
6697 * ... but don't bother the driver with it. This works around
6698 * a hostapd/wpa_supplicant issue -- it always includes the
6699 * TLDS_PEER flag in the mask even for AP mode.
6701 params->sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
6704 if (statype != CFG80211_STA_TDLS_PEER_SETUP &&
6705 statype != CFG80211_STA_AP_CLIENT_UNASSOC) {
6706 /* reject other things that can't change */
6707 if (params->sta_modify_mask & STATION_PARAM_APPLY_UAPSD)
6709 if (params->sta_modify_mask & STATION_PARAM_APPLY_CAPABILITY)
6711 if (params->link_sta_params.supported_rates)
6713 if (params->ext_capab || params->link_sta_params.ht_capa ||
6714 params->link_sta_params.vht_capa ||
6715 params->link_sta_params.he_capa ||
6716 params->link_sta_params.eht_capa)
6720 if (statype != CFG80211_STA_AP_CLIENT &&
6721 statype != CFG80211_STA_AP_CLIENT_UNASSOC) {
6727 case CFG80211_STA_AP_MLME_CLIENT:
6728 /* Use this only for authorizing/unauthorizing a station */
6729 if (!(params->sta_flags_mask & BIT(NL80211_STA_FLAG_AUTHORIZED)))
6732 case CFG80211_STA_AP_CLIENT:
6733 case CFG80211_STA_AP_CLIENT_UNASSOC:
6734 /* accept only the listed bits */
6735 if (params->sta_flags_mask &
6736 ~(BIT(NL80211_STA_FLAG_AUTHORIZED) |
6737 BIT(NL80211_STA_FLAG_AUTHENTICATED) |
6738 BIT(NL80211_STA_FLAG_ASSOCIATED) |
6739 BIT(NL80211_STA_FLAG_SHORT_PREAMBLE) |
6740 BIT(NL80211_STA_FLAG_WME) |
6741 BIT(NL80211_STA_FLAG_MFP)))
6744 /* but authenticated/associated only if driver handles it */
6745 if (!(wiphy->features & NL80211_FEATURE_FULL_AP_CLIENT_STATE) &&
6746 params->sta_flags_mask &
6747 (BIT(NL80211_STA_FLAG_AUTHENTICATED) |
6748 BIT(NL80211_STA_FLAG_ASSOCIATED)))
6751 case CFG80211_STA_IBSS:
6752 case CFG80211_STA_AP_STA:
6753 /* reject any changes other than AUTHORIZED */
6754 if (params->sta_flags_mask & ~BIT(NL80211_STA_FLAG_AUTHORIZED))
6757 case CFG80211_STA_TDLS_PEER_SETUP:
6758 /* reject any changes other than AUTHORIZED or WME */
6759 if (params->sta_flags_mask & ~(BIT(NL80211_STA_FLAG_AUTHORIZED) |
6760 BIT(NL80211_STA_FLAG_WME)))
6762 /* force (at least) rates when authorizing */
6763 if (params->sta_flags_set & BIT(NL80211_STA_FLAG_AUTHORIZED) &&
6764 !params->link_sta_params.supported_rates)
6767 case CFG80211_STA_TDLS_PEER_ACTIVE:
6768 /* reject any changes */
6770 case CFG80211_STA_MESH_PEER_KERNEL:
6771 if (params->sta_modify_mask & STATION_PARAM_APPLY_PLINK_STATE)
6774 case CFG80211_STA_MESH_PEER_USER:
6775 if (params->plink_action != NL80211_PLINK_ACTION_NO_ACTION &&
6776 params->plink_action != NL80211_PLINK_ACTION_BLOCK)
6782 * Older kernel versions ignored this attribute entirely, so don't
6783 * reject attempts to update it but mark it as unused instead so the
6784 * driver won't look at the data.
6786 if (statype != CFG80211_STA_AP_CLIENT_UNASSOC &&
6787 statype != CFG80211_STA_TDLS_PEER_SETUP)
6788 params->link_sta_params.opmode_notif_used = false;
6792 EXPORT_SYMBOL(cfg80211_check_station_change);
6795 * Get vlan interface making sure it is running and on the right wiphy.
6797 static struct net_device *get_vlan(struct genl_info *info,
6798 struct cfg80211_registered_device *rdev)
6800 struct nlattr *vlanattr = info->attrs[NL80211_ATTR_STA_VLAN];
6801 struct net_device *v;
6807 v = dev_get_by_index(genl_info_net(info), nla_get_u32(vlanattr));
6809 return ERR_PTR(-ENODEV);
6811 if (!v->ieee80211_ptr || v->ieee80211_ptr->wiphy != &rdev->wiphy) {
6816 if (v->ieee80211_ptr->iftype != NL80211_IFTYPE_AP_VLAN &&
6817 v->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
6818 v->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO) {
6823 if (!netif_running(v)) {
6831 return ERR_PTR(ret);
6834 static int nl80211_parse_sta_wme(struct genl_info *info,
6835 struct station_parameters *params)
6837 struct nlattr *tb[NL80211_STA_WME_MAX + 1];
6841 /* parse WME attributes if present */
6842 if (!info->attrs[NL80211_ATTR_STA_WME])
6845 nla = info->attrs[NL80211_ATTR_STA_WME];
6846 err = nla_parse_nested_deprecated(tb, NL80211_STA_WME_MAX, nla,
6847 nl80211_sta_wme_policy,
6852 if (tb[NL80211_STA_WME_UAPSD_QUEUES])
6853 params->uapsd_queues = nla_get_u8(
6854 tb[NL80211_STA_WME_UAPSD_QUEUES]);
6855 if (params->uapsd_queues & ~IEEE80211_WMM_IE_STA_QOSINFO_AC_MASK)
6858 if (tb[NL80211_STA_WME_MAX_SP])
6859 params->max_sp = nla_get_u8(tb[NL80211_STA_WME_MAX_SP]);
6861 if (params->max_sp & ~IEEE80211_WMM_IE_STA_QOSINFO_SP_MASK)
6864 params->sta_modify_mask |= STATION_PARAM_APPLY_UAPSD;
6869 static int nl80211_parse_sta_channel_info(struct genl_info *info,
6870 struct station_parameters *params)
6872 if (info->attrs[NL80211_ATTR_STA_SUPPORTED_CHANNELS]) {
6873 params->supported_channels =
6874 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_CHANNELS]);
6875 params->supported_channels_len =
6876 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_CHANNELS]);
6878 * Need to include at least one (first channel, number of
6879 * channels) tuple for each subband (checked in policy),
6880 * and must have proper tuples for the rest of the data as well.
6882 if (params->supported_channels_len % 2)
6886 if (info->attrs[NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES]) {
6887 params->supported_oper_classes =
6888 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES]);
6889 params->supported_oper_classes_len =
6890 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_OPER_CLASSES]);
6895 static int nl80211_set_station_tdls(struct genl_info *info,
6896 struct station_parameters *params)
6899 /* Dummy STA entry gets updated once the peer capabilities are known */
6900 if (info->attrs[NL80211_ATTR_PEER_AID])
6901 params->aid = nla_get_u16(info->attrs[NL80211_ATTR_PEER_AID]);
6902 if (info->attrs[NL80211_ATTR_HT_CAPABILITY])
6903 params->link_sta_params.ht_capa =
6904 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]);
6905 if (info->attrs[NL80211_ATTR_VHT_CAPABILITY])
6906 params->link_sta_params.vht_capa =
6907 nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY]);
6908 if (info->attrs[NL80211_ATTR_HE_CAPABILITY]) {
6909 params->link_sta_params.he_capa =
6910 nla_data(info->attrs[NL80211_ATTR_HE_CAPABILITY]);
6911 params->link_sta_params.he_capa_len =
6912 nla_len(info->attrs[NL80211_ATTR_HE_CAPABILITY]);
6914 if (info->attrs[NL80211_ATTR_EHT_CAPABILITY]) {
6915 params->link_sta_params.eht_capa =
6916 nla_data(info->attrs[NL80211_ATTR_EHT_CAPABILITY]);
6917 params->link_sta_params.eht_capa_len =
6918 nla_len(info->attrs[NL80211_ATTR_EHT_CAPABILITY]);
6920 if (!ieee80211_eht_capa_size_ok((const u8 *)params->link_sta_params.he_capa,
6921 (const u8 *)params->link_sta_params.eht_capa,
6922 params->link_sta_params.eht_capa_len,
6928 err = nl80211_parse_sta_channel_info(info, params);
6932 return nl80211_parse_sta_wme(info, params);
6935 static int nl80211_parse_sta_txpower_setting(struct genl_info *info,
6936 struct sta_txpwr *txpwr,
6939 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6942 if (info->attrs[NL80211_ATTR_STA_TX_POWER_SETTING]) {
6943 if (!rdev->ops->set_tx_power ||
6944 !wiphy_ext_feature_isset(&rdev->wiphy,
6945 NL80211_EXT_FEATURE_STA_TX_PWR))
6948 idx = NL80211_ATTR_STA_TX_POWER_SETTING;
6949 txpwr->type = nla_get_u8(info->attrs[idx]);
6951 if (txpwr->type == NL80211_TX_POWER_LIMITED) {
6952 idx = NL80211_ATTR_STA_TX_POWER;
6954 if (info->attrs[idx])
6955 txpwr->power = nla_get_s16(info->attrs[idx]);
6968 static int nl80211_set_station(struct sk_buff *skb, struct genl_info *info)
6970 struct cfg80211_registered_device *rdev = info->user_ptr[0];
6971 struct net_device *dev = info->user_ptr[1];
6972 struct station_parameters params;
6976 memset(¶ms, 0, sizeof(params));
6978 if (!rdev->ops->change_station)
6982 * AID and listen_interval properties can be set only for unassociated
6983 * station. Include these parameters here and will check them in
6984 * cfg80211_check_station_change().
6986 if (info->attrs[NL80211_ATTR_STA_AID])
6987 params.aid = nla_get_u16(info->attrs[NL80211_ATTR_STA_AID]);
6989 if (info->attrs[NL80211_ATTR_VLAN_ID])
6990 params.vlan_id = nla_get_u16(info->attrs[NL80211_ATTR_VLAN_ID]);
6992 if (info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL])
6993 params.listen_interval =
6994 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]);
6996 params.listen_interval = -1;
6998 if (info->attrs[NL80211_ATTR_STA_SUPPORT_P2P_PS])
6999 params.support_p2p_ps =
7000 nla_get_u8(info->attrs[NL80211_ATTR_STA_SUPPORT_P2P_PS]);
7002 params.support_p2p_ps = -1;
7004 if (!info->attrs[NL80211_ATTR_MAC])
7007 params.link_sta_params.link_id =
7008 nl80211_link_id_or_invalid(info->attrs);
7010 if (info->attrs[NL80211_ATTR_MLD_ADDR]) {
7011 /* If MLD_ADDR attribute is set then this is an MLD station
7012 * and the MLD_ADDR attribute holds the MLD address and the
7013 * MAC attribute holds for the LINK address.
7014 * In that case, the link_id is also expected to be valid.
7016 if (params.link_sta_params.link_id < 0)
7019 mac_addr = nla_data(info->attrs[NL80211_ATTR_MLD_ADDR]);
7020 params.link_sta_params.mld_mac = mac_addr;
7021 params.link_sta_params.link_mac =
7022 nla_data(info->attrs[NL80211_ATTR_MAC]);
7023 if (!is_valid_ether_addr(params.link_sta_params.link_mac))
7026 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
7030 if (info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) {
7031 params.link_sta_params.supported_rates =
7032 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
7033 params.link_sta_params.supported_rates_len =
7034 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
7037 if (info->attrs[NL80211_ATTR_STA_CAPABILITY]) {
7039 nla_get_u16(info->attrs[NL80211_ATTR_STA_CAPABILITY]);
7040 params.sta_modify_mask |= STATION_PARAM_APPLY_CAPABILITY;
7043 if (info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]) {
7045 nla_data(info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]);
7046 params.ext_capab_len =
7047 nla_len(info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]);
7050 if (parse_station_flags(info, dev->ieee80211_ptr->iftype, ¶ms))
7053 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION])
7054 params.plink_action =
7055 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]);
7057 if (info->attrs[NL80211_ATTR_STA_PLINK_STATE]) {
7058 params.plink_state =
7059 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_STATE]);
7060 if (info->attrs[NL80211_ATTR_MESH_PEER_AID])
7061 params.peer_aid = nla_get_u16(
7062 info->attrs[NL80211_ATTR_MESH_PEER_AID]);
7063 params.sta_modify_mask |= STATION_PARAM_APPLY_PLINK_STATE;
7066 if (info->attrs[NL80211_ATTR_LOCAL_MESH_POWER_MODE])
7067 params.local_pm = nla_get_u32(
7068 info->attrs[NL80211_ATTR_LOCAL_MESH_POWER_MODE]);
7070 if (info->attrs[NL80211_ATTR_OPMODE_NOTIF]) {
7071 params.link_sta_params.opmode_notif_used = true;
7072 params.link_sta_params.opmode_notif =
7073 nla_get_u8(info->attrs[NL80211_ATTR_OPMODE_NOTIF]);
7076 if (info->attrs[NL80211_ATTR_HE_6GHZ_CAPABILITY])
7077 params.link_sta_params.he_6ghz_capa =
7078 nla_data(info->attrs[NL80211_ATTR_HE_6GHZ_CAPABILITY]);
7080 if (info->attrs[NL80211_ATTR_AIRTIME_WEIGHT])
7081 params.airtime_weight =
7082 nla_get_u16(info->attrs[NL80211_ATTR_AIRTIME_WEIGHT]);
7084 if (params.airtime_weight &&
7085 !wiphy_ext_feature_isset(&rdev->wiphy,
7086 NL80211_EXT_FEATURE_AIRTIME_FAIRNESS))
7089 err = nl80211_parse_sta_txpower_setting(info,
7090 ¶ms.link_sta_params.txpwr,
7091 ¶ms.link_sta_params.txpwr_set);
7095 /* Include parameters for TDLS peer (will check later) */
7096 err = nl80211_set_station_tdls(info, ¶ms);
7100 params.vlan = get_vlan(info, rdev);
7101 if (IS_ERR(params.vlan))
7102 return PTR_ERR(params.vlan);
7104 switch (dev->ieee80211_ptr->iftype) {
7105 case NL80211_IFTYPE_AP:
7106 case NL80211_IFTYPE_AP_VLAN:
7107 case NL80211_IFTYPE_P2P_GO:
7108 case NL80211_IFTYPE_P2P_CLIENT:
7109 case NL80211_IFTYPE_STATION:
7110 case NL80211_IFTYPE_ADHOC:
7111 case NL80211_IFTYPE_MESH_POINT:
7118 /* driver will call cfg80211_check_station_change() */
7119 wdev_lock(dev->ieee80211_ptr);
7120 err = rdev_change_station(rdev, dev, mac_addr, ¶ms);
7121 wdev_unlock(dev->ieee80211_ptr);
7124 dev_put(params.vlan);
7129 static int nl80211_new_station(struct sk_buff *skb, struct genl_info *info)
7131 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7133 struct net_device *dev = info->user_ptr[1];
7134 struct wireless_dev *wdev = dev->ieee80211_ptr;
7135 struct station_parameters params;
7136 u8 *mac_addr = NULL;
7137 u32 auth_assoc = BIT(NL80211_STA_FLAG_AUTHENTICATED) |
7138 BIT(NL80211_STA_FLAG_ASSOCIATED);
7140 memset(¶ms, 0, sizeof(params));
7142 if (!rdev->ops->add_station)
7145 if (!info->attrs[NL80211_ATTR_MAC])
7148 if (!info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL])
7151 if (!info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES])
7154 if (!info->attrs[NL80211_ATTR_STA_AID] &&
7155 !info->attrs[NL80211_ATTR_PEER_AID])
7158 params.link_sta_params.link_id =
7159 nl80211_link_id_or_invalid(info->attrs);
7161 if (info->attrs[NL80211_ATTR_MLD_ADDR]) {
7162 mac_addr = nla_data(info->attrs[NL80211_ATTR_MLD_ADDR]);
7163 params.link_sta_params.mld_mac = mac_addr;
7164 params.link_sta_params.link_mac =
7165 nla_data(info->attrs[NL80211_ATTR_MAC]);
7166 if (!is_valid_ether_addr(params.link_sta_params.link_mac))
7169 mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
7172 params.link_sta_params.supported_rates =
7173 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
7174 params.link_sta_params.supported_rates_len =
7175 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
7176 params.listen_interval =
7177 nla_get_u16(info->attrs[NL80211_ATTR_STA_LISTEN_INTERVAL]);
7179 if (info->attrs[NL80211_ATTR_VLAN_ID])
7180 params.vlan_id = nla_get_u16(info->attrs[NL80211_ATTR_VLAN_ID]);
7182 if (info->attrs[NL80211_ATTR_STA_SUPPORT_P2P_PS]) {
7183 params.support_p2p_ps =
7184 nla_get_u8(info->attrs[NL80211_ATTR_STA_SUPPORT_P2P_PS]);
7187 * if not specified, assume it's supported for P2P GO interface,
7188 * and is NOT supported for AP interface
7190 params.support_p2p_ps =
7191 dev->ieee80211_ptr->iftype == NL80211_IFTYPE_P2P_GO;
7194 if (info->attrs[NL80211_ATTR_PEER_AID])
7195 params.aid = nla_get_u16(info->attrs[NL80211_ATTR_PEER_AID]);
7197 params.aid = nla_get_u16(info->attrs[NL80211_ATTR_STA_AID]);
7199 if (info->attrs[NL80211_ATTR_STA_CAPABILITY]) {
7201 nla_get_u16(info->attrs[NL80211_ATTR_STA_CAPABILITY]);
7202 params.sta_modify_mask |= STATION_PARAM_APPLY_CAPABILITY;
7205 if (info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]) {
7207 nla_data(info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]);
7208 params.ext_capab_len =
7209 nla_len(info->attrs[NL80211_ATTR_STA_EXT_CAPABILITY]);
7212 if (info->attrs[NL80211_ATTR_HT_CAPABILITY])
7213 params.link_sta_params.ht_capa =
7214 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]);
7216 if (info->attrs[NL80211_ATTR_VHT_CAPABILITY])
7217 params.link_sta_params.vht_capa =
7218 nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY]);
7220 if (info->attrs[NL80211_ATTR_HE_CAPABILITY]) {
7221 params.link_sta_params.he_capa =
7222 nla_data(info->attrs[NL80211_ATTR_HE_CAPABILITY]);
7223 params.link_sta_params.he_capa_len =
7224 nla_len(info->attrs[NL80211_ATTR_HE_CAPABILITY]);
7226 if (info->attrs[NL80211_ATTR_EHT_CAPABILITY]) {
7227 params.link_sta_params.eht_capa =
7228 nla_data(info->attrs[NL80211_ATTR_EHT_CAPABILITY]);
7229 params.link_sta_params.eht_capa_len =
7230 nla_len(info->attrs[NL80211_ATTR_EHT_CAPABILITY]);
7232 if (!ieee80211_eht_capa_size_ok((const u8 *)params.link_sta_params.he_capa,
7233 (const u8 *)params.link_sta_params.eht_capa,
7234 params.link_sta_params.eht_capa_len,
7240 if (info->attrs[NL80211_ATTR_HE_6GHZ_CAPABILITY])
7241 params.link_sta_params.he_6ghz_capa =
7242 nla_data(info->attrs[NL80211_ATTR_HE_6GHZ_CAPABILITY]);
7244 if (info->attrs[NL80211_ATTR_OPMODE_NOTIF]) {
7245 params.link_sta_params.opmode_notif_used = true;
7246 params.link_sta_params.opmode_notif =
7247 nla_get_u8(info->attrs[NL80211_ATTR_OPMODE_NOTIF]);
7250 if (info->attrs[NL80211_ATTR_STA_PLINK_ACTION])
7251 params.plink_action =
7252 nla_get_u8(info->attrs[NL80211_ATTR_STA_PLINK_ACTION]);
7254 if (info->attrs[NL80211_ATTR_AIRTIME_WEIGHT])
7255 params.airtime_weight =
7256 nla_get_u16(info->attrs[NL80211_ATTR_AIRTIME_WEIGHT]);
7258 if (params.airtime_weight &&
7259 !wiphy_ext_feature_isset(&rdev->wiphy,
7260 NL80211_EXT_FEATURE_AIRTIME_FAIRNESS))
7263 err = nl80211_parse_sta_txpower_setting(info,
7264 ¶ms.link_sta_params.txpwr,
7265 ¶ms.link_sta_params.txpwr_set);
7269 err = nl80211_parse_sta_channel_info(info, ¶ms);
7273 err = nl80211_parse_sta_wme(info, ¶ms);
7277 if (parse_station_flags(info, dev->ieee80211_ptr->iftype, ¶ms))
7280 /* HT/VHT requires QoS, but if we don't have that just ignore HT/VHT
7281 * as userspace might just pass through the capabilities from the IEs
7282 * directly, rather than enforcing this restriction and returning an
7283 * error in this case.
7285 if (!(params.sta_flags_set & BIT(NL80211_STA_FLAG_WME))) {
7286 params.link_sta_params.ht_capa = NULL;
7287 params.link_sta_params.vht_capa = NULL;
7289 /* HE and EHT require WME */
7290 if (params.link_sta_params.he_capa_len ||
7291 params.link_sta_params.he_6ghz_capa ||
7292 params.link_sta_params.eht_capa_len)
7296 /* Ensure that HT/VHT capabilities are not set for 6 GHz HE STA */
7297 if (params.link_sta_params.he_6ghz_capa &&
7298 (params.link_sta_params.ht_capa || params.link_sta_params.vht_capa))
7301 /* When you run into this, adjust the code below for the new flag */
7302 BUILD_BUG_ON(NL80211_STA_FLAG_MAX != 7);
7304 switch (dev->ieee80211_ptr->iftype) {
7305 case NL80211_IFTYPE_AP:
7306 case NL80211_IFTYPE_AP_VLAN:
7307 case NL80211_IFTYPE_P2P_GO:
7308 /* ignore WME attributes if iface/sta is not capable */
7309 if (!(rdev->wiphy.flags & WIPHY_FLAG_AP_UAPSD) ||
7310 !(params.sta_flags_set & BIT(NL80211_STA_FLAG_WME)))
7311 params.sta_modify_mask &= ~STATION_PARAM_APPLY_UAPSD;
7313 /* TDLS peers cannot be added */
7314 if ((params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) ||
7315 info->attrs[NL80211_ATTR_PEER_AID])
7317 /* but don't bother the driver with it */
7318 params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_TDLS_PEER);
7320 /* allow authenticated/associated only if driver handles it */
7321 if (!(rdev->wiphy.features &
7322 NL80211_FEATURE_FULL_AP_CLIENT_STATE) &&
7323 params.sta_flags_mask & auth_assoc)
7326 /* Older userspace, or userspace wanting to be compatible with
7327 * !NL80211_FEATURE_FULL_AP_CLIENT_STATE, will not set the auth
7328 * and assoc flags in the mask, but assumes the station will be
7329 * added as associated anyway since this was the required driver
7330 * behaviour before NL80211_FEATURE_FULL_AP_CLIENT_STATE was
7332 * In order to not bother drivers with this quirk in the API
7333 * set the flags in both the mask and set for new stations in
7336 if (!(params.sta_flags_mask & auth_assoc)) {
7337 params.sta_flags_mask |= auth_assoc;
7338 params.sta_flags_set |= auth_assoc;
7341 /* must be last in here for error handling */
7342 params.vlan = get_vlan(info, rdev);
7343 if (IS_ERR(params.vlan))
7344 return PTR_ERR(params.vlan);
7346 case NL80211_IFTYPE_MESH_POINT:
7347 /* ignore uAPSD data */
7348 params.sta_modify_mask &= ~STATION_PARAM_APPLY_UAPSD;
7350 /* associated is disallowed */
7351 if (params.sta_flags_mask & BIT(NL80211_STA_FLAG_ASSOCIATED))
7353 /* TDLS peers cannot be added */
7354 if ((params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)) ||
7355 info->attrs[NL80211_ATTR_PEER_AID])
7358 case NL80211_IFTYPE_STATION:
7359 case NL80211_IFTYPE_P2P_CLIENT:
7360 /* ignore uAPSD data */
7361 params.sta_modify_mask &= ~STATION_PARAM_APPLY_UAPSD;
7363 /* these are disallowed */
7364 if (params.sta_flags_mask &
7365 (BIT(NL80211_STA_FLAG_ASSOCIATED) |
7366 BIT(NL80211_STA_FLAG_AUTHENTICATED)))
7368 /* Only TDLS peers can be added */
7369 if (!(params.sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER)))
7371 /* Can only add if TDLS ... */
7372 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS))
7374 /* ... with external setup is supported */
7375 if (!(rdev->wiphy.flags & WIPHY_FLAG_TDLS_EXTERNAL_SETUP))
7378 * Older wpa_supplicant versions always mark the TDLS peer
7379 * as authorized, but it shouldn't yet be.
7381 params.sta_flags_mask &= ~BIT(NL80211_STA_FLAG_AUTHORIZED);
7387 /* be aware of params.vlan when changing code here */
7389 wdev_lock(dev->ieee80211_ptr);
7390 if (wdev->valid_links) {
7391 if (params.link_sta_params.link_id < 0) {
7395 if (!(wdev->valid_links & BIT(params.link_sta_params.link_id))) {
7400 if (params.link_sta_params.link_id >= 0) {
7405 err = rdev_add_station(rdev, dev, mac_addr, ¶ms);
7407 wdev_unlock(dev->ieee80211_ptr);
7408 dev_put(params.vlan);
7412 static int nl80211_del_station(struct sk_buff *skb, struct genl_info *info)
7414 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7415 struct net_device *dev = info->user_ptr[1];
7416 struct station_del_parameters params;
7419 memset(¶ms, 0, sizeof(params));
7421 if (info->attrs[NL80211_ATTR_MAC])
7422 params.mac = nla_data(info->attrs[NL80211_ATTR_MAC]);
7424 switch (dev->ieee80211_ptr->iftype) {
7425 case NL80211_IFTYPE_AP:
7426 case NL80211_IFTYPE_AP_VLAN:
7427 case NL80211_IFTYPE_MESH_POINT:
7428 case NL80211_IFTYPE_P2P_GO:
7429 /* always accept these */
7431 case NL80211_IFTYPE_ADHOC:
7432 /* conditionally accept */
7433 if (wiphy_ext_feature_isset(&rdev->wiphy,
7434 NL80211_EXT_FEATURE_DEL_IBSS_STA))
7441 if (!rdev->ops->del_station)
7444 if (info->attrs[NL80211_ATTR_MGMT_SUBTYPE]) {
7446 nla_get_u8(info->attrs[NL80211_ATTR_MGMT_SUBTYPE]);
7447 if (params.subtype != IEEE80211_STYPE_DISASSOC >> 4 &&
7448 params.subtype != IEEE80211_STYPE_DEAUTH >> 4)
7451 /* Default to Deauthentication frame */
7452 params.subtype = IEEE80211_STYPE_DEAUTH >> 4;
7455 if (info->attrs[NL80211_ATTR_REASON_CODE]) {
7456 params.reason_code =
7457 nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
7458 if (params.reason_code == 0)
7459 return -EINVAL; /* 0 is reserved */
7461 /* Default to reason code 2 */
7462 params.reason_code = WLAN_REASON_PREV_AUTH_NOT_VALID;
7465 wdev_lock(dev->ieee80211_ptr);
7466 ret = rdev_del_station(rdev, dev, ¶ms);
7467 wdev_unlock(dev->ieee80211_ptr);
7472 static int nl80211_send_mpath(struct sk_buff *msg, u32 portid, u32 seq,
7473 int flags, struct net_device *dev,
7474 u8 *dst, u8 *next_hop,
7475 struct mpath_info *pinfo)
7478 struct nlattr *pinfoattr;
7480 hdr = nl80211hdr_put(msg, portid, seq, flags, NL80211_CMD_NEW_MPATH);
7484 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
7485 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, dst) ||
7486 nla_put(msg, NL80211_ATTR_MPATH_NEXT_HOP, ETH_ALEN, next_hop) ||
7487 nla_put_u32(msg, NL80211_ATTR_GENERATION, pinfo->generation))
7488 goto nla_put_failure;
7490 pinfoattr = nla_nest_start_noflag(msg, NL80211_ATTR_MPATH_INFO);
7492 goto nla_put_failure;
7493 if ((pinfo->filled & MPATH_INFO_FRAME_QLEN) &&
7494 nla_put_u32(msg, NL80211_MPATH_INFO_FRAME_QLEN,
7496 goto nla_put_failure;
7497 if (((pinfo->filled & MPATH_INFO_SN) &&
7498 nla_put_u32(msg, NL80211_MPATH_INFO_SN, pinfo->sn)) ||
7499 ((pinfo->filled & MPATH_INFO_METRIC) &&
7500 nla_put_u32(msg, NL80211_MPATH_INFO_METRIC,
7502 ((pinfo->filled & MPATH_INFO_EXPTIME) &&
7503 nla_put_u32(msg, NL80211_MPATH_INFO_EXPTIME,
7505 ((pinfo->filled & MPATH_INFO_FLAGS) &&
7506 nla_put_u8(msg, NL80211_MPATH_INFO_FLAGS,
7508 ((pinfo->filled & MPATH_INFO_DISCOVERY_TIMEOUT) &&
7509 nla_put_u32(msg, NL80211_MPATH_INFO_DISCOVERY_TIMEOUT,
7510 pinfo->discovery_timeout)) ||
7511 ((pinfo->filled & MPATH_INFO_DISCOVERY_RETRIES) &&
7512 nla_put_u8(msg, NL80211_MPATH_INFO_DISCOVERY_RETRIES,
7513 pinfo->discovery_retries)) ||
7514 ((pinfo->filled & MPATH_INFO_HOP_COUNT) &&
7515 nla_put_u8(msg, NL80211_MPATH_INFO_HOP_COUNT,
7516 pinfo->hop_count)) ||
7517 ((pinfo->filled & MPATH_INFO_PATH_CHANGE) &&
7518 nla_put_u32(msg, NL80211_MPATH_INFO_PATH_CHANGE,
7519 pinfo->path_change_count)))
7520 goto nla_put_failure;
7522 nla_nest_end(msg, pinfoattr);
7524 genlmsg_end(msg, hdr);
7528 genlmsg_cancel(msg, hdr);
7532 static int nl80211_dump_mpath(struct sk_buff *skb,
7533 struct netlink_callback *cb)
7535 struct mpath_info pinfo;
7536 struct cfg80211_registered_device *rdev;
7537 struct wireless_dev *wdev;
7539 u8 next_hop[ETH_ALEN];
7540 int path_idx = cb->args[2];
7543 err = nl80211_prepare_wdev_dump(cb, &rdev, &wdev, NULL);
7546 /* nl80211_prepare_wdev_dump acquired it in the successful case */
7547 __acquire(&rdev->wiphy.mtx);
7549 if (!rdev->ops->dump_mpath) {
7554 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT) {
7560 err = rdev_dump_mpath(rdev, wdev->netdev, path_idx, dst,
7567 if (nl80211_send_mpath(skb, NETLINK_CB(cb->skb).portid,
7568 cb->nlh->nlmsg_seq, NLM_F_MULTI,
7569 wdev->netdev, dst, next_hop,
7577 cb->args[2] = path_idx;
7580 wiphy_unlock(&rdev->wiphy);
7584 static int nl80211_get_mpath(struct sk_buff *skb, struct genl_info *info)
7586 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7588 struct net_device *dev = info->user_ptr[1];
7589 struct mpath_info pinfo;
7590 struct sk_buff *msg;
7592 u8 next_hop[ETH_ALEN];
7594 memset(&pinfo, 0, sizeof(pinfo));
7596 if (!info->attrs[NL80211_ATTR_MAC])
7599 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
7601 if (!rdev->ops->get_mpath)
7604 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
7607 err = rdev_get_mpath(rdev, dev, dst, next_hop, &pinfo);
7611 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
7615 if (nl80211_send_mpath(msg, info->snd_portid, info->snd_seq, 0,
7616 dev, dst, next_hop, &pinfo) < 0) {
7621 return genlmsg_reply(msg, info);
7624 static int nl80211_set_mpath(struct sk_buff *skb, struct genl_info *info)
7626 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7627 struct net_device *dev = info->user_ptr[1];
7629 u8 *next_hop = NULL;
7631 if (!info->attrs[NL80211_ATTR_MAC])
7634 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP])
7637 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
7638 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]);
7640 if (!rdev->ops->change_mpath)
7643 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
7646 return rdev_change_mpath(rdev, dev, dst, next_hop);
7649 static int nl80211_new_mpath(struct sk_buff *skb, struct genl_info *info)
7651 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7652 struct net_device *dev = info->user_ptr[1];
7654 u8 *next_hop = NULL;
7656 if (!info->attrs[NL80211_ATTR_MAC])
7659 if (!info->attrs[NL80211_ATTR_MPATH_NEXT_HOP])
7662 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
7663 next_hop = nla_data(info->attrs[NL80211_ATTR_MPATH_NEXT_HOP]);
7665 if (!rdev->ops->add_mpath)
7668 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
7671 return rdev_add_mpath(rdev, dev, dst, next_hop);
7674 static int nl80211_del_mpath(struct sk_buff *skb, struct genl_info *info)
7676 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7677 struct net_device *dev = info->user_ptr[1];
7680 if (info->attrs[NL80211_ATTR_MAC])
7681 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
7683 if (!rdev->ops->del_mpath)
7686 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
7689 return rdev_del_mpath(rdev, dev, dst);
7692 static int nl80211_get_mpp(struct sk_buff *skb, struct genl_info *info)
7694 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7696 struct net_device *dev = info->user_ptr[1];
7697 struct mpath_info pinfo;
7698 struct sk_buff *msg;
7702 memset(&pinfo, 0, sizeof(pinfo));
7704 if (!info->attrs[NL80211_ATTR_MAC])
7707 dst = nla_data(info->attrs[NL80211_ATTR_MAC]);
7709 if (!rdev->ops->get_mpp)
7712 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT)
7715 err = rdev_get_mpp(rdev, dev, dst, mpp, &pinfo);
7719 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
7723 if (nl80211_send_mpath(msg, info->snd_portid, info->snd_seq, 0,
7724 dev, dst, mpp, &pinfo) < 0) {
7729 return genlmsg_reply(msg, info);
7732 static int nl80211_dump_mpp(struct sk_buff *skb,
7733 struct netlink_callback *cb)
7735 struct mpath_info pinfo;
7736 struct cfg80211_registered_device *rdev;
7737 struct wireless_dev *wdev;
7740 int path_idx = cb->args[2];
7743 err = nl80211_prepare_wdev_dump(cb, &rdev, &wdev, NULL);
7746 /* nl80211_prepare_wdev_dump acquired it in the successful case */
7747 __acquire(&rdev->wiphy.mtx);
7749 if (!rdev->ops->dump_mpp) {
7754 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT) {
7760 err = rdev_dump_mpp(rdev, wdev->netdev, path_idx, dst,
7767 if (nl80211_send_mpath(skb, NETLINK_CB(cb->skb).portid,
7768 cb->nlh->nlmsg_seq, NLM_F_MULTI,
7769 wdev->netdev, dst, mpp,
7777 cb->args[2] = path_idx;
7780 wiphy_unlock(&rdev->wiphy);
7784 static int nl80211_set_bss(struct sk_buff *skb, struct genl_info *info)
7786 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7787 struct net_device *dev = info->user_ptr[1];
7788 struct wireless_dev *wdev = dev->ieee80211_ptr;
7789 struct bss_parameters params;
7792 memset(¶ms, 0, sizeof(params));
7793 /* default to not changing parameters */
7794 params.use_cts_prot = -1;
7795 params.use_short_preamble = -1;
7796 params.use_short_slot_time = -1;
7797 params.ap_isolate = -1;
7798 params.ht_opmode = -1;
7799 params.p2p_ctwindow = -1;
7800 params.p2p_opp_ps = -1;
7802 if (info->attrs[NL80211_ATTR_BSS_CTS_PROT])
7803 params.use_cts_prot =
7804 nla_get_u8(info->attrs[NL80211_ATTR_BSS_CTS_PROT]);
7805 if (info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE])
7806 params.use_short_preamble =
7807 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_PREAMBLE]);
7808 if (info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME])
7809 params.use_short_slot_time =
7810 nla_get_u8(info->attrs[NL80211_ATTR_BSS_SHORT_SLOT_TIME]);
7811 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) {
7812 params.basic_rates =
7813 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
7814 params.basic_rates_len =
7815 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
7817 if (info->attrs[NL80211_ATTR_AP_ISOLATE])
7818 params.ap_isolate = !!nla_get_u8(info->attrs[NL80211_ATTR_AP_ISOLATE]);
7819 if (info->attrs[NL80211_ATTR_BSS_HT_OPMODE])
7821 nla_get_u16(info->attrs[NL80211_ATTR_BSS_HT_OPMODE]);
7823 if (info->attrs[NL80211_ATTR_P2P_CTWINDOW]) {
7824 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
7826 params.p2p_ctwindow =
7827 nla_get_u8(info->attrs[NL80211_ATTR_P2P_CTWINDOW]);
7828 if (params.p2p_ctwindow != 0 &&
7829 !(rdev->wiphy.features & NL80211_FEATURE_P2P_GO_CTWIN))
7833 if (info->attrs[NL80211_ATTR_P2P_OPPPS]) {
7836 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
7838 tmp = nla_get_u8(info->attrs[NL80211_ATTR_P2P_OPPPS]);
7839 params.p2p_opp_ps = tmp;
7840 if (params.p2p_opp_ps &&
7841 !(rdev->wiphy.features & NL80211_FEATURE_P2P_GO_OPPPS))
7845 if (!rdev->ops->change_bss)
7848 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
7849 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
7853 err = rdev_change_bss(rdev, dev, ¶ms);
7859 static int nl80211_req_set_reg(struct sk_buff *skb, struct genl_info *info)
7863 enum nl80211_user_reg_hint_type user_reg_hint_type;
7867 * You should only get this when cfg80211 hasn't yet initialized
7868 * completely when built-in to the kernel right between the time
7869 * window between nl80211_init() and regulatory_init(), if that is
7872 if (unlikely(!rcu_access_pointer(cfg80211_regdomain)))
7873 return -EINPROGRESS;
7875 if (info->attrs[NL80211_ATTR_USER_REG_HINT_TYPE])
7876 user_reg_hint_type =
7877 nla_get_u32(info->attrs[NL80211_ATTR_USER_REG_HINT_TYPE]);
7879 user_reg_hint_type = NL80211_USER_REG_HINT_USER;
7881 switch (user_reg_hint_type) {
7882 case NL80211_USER_REG_HINT_USER:
7883 case NL80211_USER_REG_HINT_CELL_BASE:
7884 if (!info->attrs[NL80211_ATTR_REG_ALPHA2])
7887 data = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]);
7888 return regulatory_hint_user(data, user_reg_hint_type);
7889 case NL80211_USER_REG_HINT_INDOOR:
7890 if (info->attrs[NL80211_ATTR_SOCKET_OWNER]) {
7891 owner_nlportid = info->snd_portid;
7892 is_indoor = !!info->attrs[NL80211_ATTR_REG_INDOOR];
7898 return regulatory_hint_indoor(is_indoor, owner_nlportid);
7904 static int nl80211_reload_regdb(struct sk_buff *skb, struct genl_info *info)
7906 return reg_reload_regdb();
7909 static int nl80211_get_mesh_config(struct sk_buff *skb,
7910 struct genl_info *info)
7912 struct cfg80211_registered_device *rdev = info->user_ptr[0];
7913 struct net_device *dev = info->user_ptr[1];
7914 struct wireless_dev *wdev = dev->ieee80211_ptr;
7915 struct mesh_config cur_params;
7918 struct nlattr *pinfoattr;
7919 struct sk_buff *msg;
7921 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT)
7924 if (!rdev->ops->get_mesh_config)
7928 /* If not connected, get default parameters */
7929 if (!wdev->u.mesh.id_len)
7930 memcpy(&cur_params, &default_mesh_config, sizeof(cur_params));
7932 err = rdev_get_mesh_config(rdev, dev, &cur_params);
7938 /* Draw up a netlink message to send back */
7939 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
7942 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
7943 NL80211_CMD_GET_MESH_CONFIG);
7946 pinfoattr = nla_nest_start_noflag(msg, NL80211_ATTR_MESH_CONFIG);
7948 goto nla_put_failure;
7949 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
7950 nla_put_u16(msg, NL80211_MESHCONF_RETRY_TIMEOUT,
7951 cur_params.dot11MeshRetryTimeout) ||
7952 nla_put_u16(msg, NL80211_MESHCONF_CONFIRM_TIMEOUT,
7953 cur_params.dot11MeshConfirmTimeout) ||
7954 nla_put_u16(msg, NL80211_MESHCONF_HOLDING_TIMEOUT,
7955 cur_params.dot11MeshHoldingTimeout) ||
7956 nla_put_u16(msg, NL80211_MESHCONF_MAX_PEER_LINKS,
7957 cur_params.dot11MeshMaxPeerLinks) ||
7958 nla_put_u8(msg, NL80211_MESHCONF_MAX_RETRIES,
7959 cur_params.dot11MeshMaxRetries) ||
7960 nla_put_u8(msg, NL80211_MESHCONF_TTL,
7961 cur_params.dot11MeshTTL) ||
7962 nla_put_u8(msg, NL80211_MESHCONF_ELEMENT_TTL,
7963 cur_params.element_ttl) ||
7964 nla_put_u8(msg, NL80211_MESHCONF_AUTO_OPEN_PLINKS,
7965 cur_params.auto_open_plinks) ||
7966 nla_put_u32(msg, NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR,
7967 cur_params.dot11MeshNbrOffsetMaxNeighbor) ||
7968 nla_put_u8(msg, NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES,
7969 cur_params.dot11MeshHWMPmaxPREQretries) ||
7970 nla_put_u32(msg, NL80211_MESHCONF_PATH_REFRESH_TIME,
7971 cur_params.path_refresh_time) ||
7972 nla_put_u16(msg, NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT,
7973 cur_params.min_discovery_timeout) ||
7974 nla_put_u32(msg, NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT,
7975 cur_params.dot11MeshHWMPactivePathTimeout) ||
7976 nla_put_u16(msg, NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL,
7977 cur_params.dot11MeshHWMPpreqMinInterval) ||
7978 nla_put_u16(msg, NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL,
7979 cur_params.dot11MeshHWMPperrMinInterval) ||
7980 nla_put_u16(msg, NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME,
7981 cur_params.dot11MeshHWMPnetDiameterTraversalTime) ||
7982 nla_put_u8(msg, NL80211_MESHCONF_HWMP_ROOTMODE,
7983 cur_params.dot11MeshHWMPRootMode) ||
7984 nla_put_u16(msg, NL80211_MESHCONF_HWMP_RANN_INTERVAL,
7985 cur_params.dot11MeshHWMPRannInterval) ||
7986 nla_put_u8(msg, NL80211_MESHCONF_GATE_ANNOUNCEMENTS,
7987 cur_params.dot11MeshGateAnnouncementProtocol) ||
7988 nla_put_u8(msg, NL80211_MESHCONF_FORWARDING,
7989 cur_params.dot11MeshForwarding) ||
7990 nla_put_s32(msg, NL80211_MESHCONF_RSSI_THRESHOLD,
7991 cur_params.rssi_threshold) ||
7992 nla_put_u32(msg, NL80211_MESHCONF_HT_OPMODE,
7993 cur_params.ht_opmode) ||
7994 nla_put_u32(msg, NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT,
7995 cur_params.dot11MeshHWMPactivePathToRootTimeout) ||
7996 nla_put_u16(msg, NL80211_MESHCONF_HWMP_ROOT_INTERVAL,
7997 cur_params.dot11MeshHWMProotInterval) ||
7998 nla_put_u16(msg, NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL,
7999 cur_params.dot11MeshHWMPconfirmationInterval) ||
8000 nla_put_u32(msg, NL80211_MESHCONF_POWER_MODE,
8001 cur_params.power_mode) ||
8002 nla_put_u16(msg, NL80211_MESHCONF_AWAKE_WINDOW,
8003 cur_params.dot11MeshAwakeWindowDuration) ||
8004 nla_put_u32(msg, NL80211_MESHCONF_PLINK_TIMEOUT,
8005 cur_params.plink_timeout) ||
8006 nla_put_u8(msg, NL80211_MESHCONF_CONNECTED_TO_GATE,
8007 cur_params.dot11MeshConnectedToMeshGate) ||
8008 nla_put_u8(msg, NL80211_MESHCONF_NOLEARN,
8009 cur_params.dot11MeshNolearn) ||
8010 nla_put_u8(msg, NL80211_MESHCONF_CONNECTED_TO_AS,
8011 cur_params.dot11MeshConnectedToAuthServer))
8012 goto nla_put_failure;
8013 nla_nest_end(msg, pinfoattr);
8014 genlmsg_end(msg, hdr);
8015 return genlmsg_reply(msg, info);
8023 static const struct nla_policy
8024 nl80211_meshconf_params_policy[NL80211_MESHCONF_ATTR_MAX+1] = {
8025 [NL80211_MESHCONF_RETRY_TIMEOUT] =
8026 NLA_POLICY_RANGE(NLA_U16, 1, 255),
8027 [NL80211_MESHCONF_CONFIRM_TIMEOUT] =
8028 NLA_POLICY_RANGE(NLA_U16, 1, 255),
8029 [NL80211_MESHCONF_HOLDING_TIMEOUT] =
8030 NLA_POLICY_RANGE(NLA_U16, 1, 255),
8031 [NL80211_MESHCONF_MAX_PEER_LINKS] =
8032 NLA_POLICY_RANGE(NLA_U16, 0, 255),
8033 [NL80211_MESHCONF_MAX_RETRIES] = NLA_POLICY_MAX(NLA_U8, 16),
8034 [NL80211_MESHCONF_TTL] = NLA_POLICY_MIN(NLA_U8, 1),
8035 [NL80211_MESHCONF_ELEMENT_TTL] = NLA_POLICY_MIN(NLA_U8, 1),
8036 [NL80211_MESHCONF_AUTO_OPEN_PLINKS] = NLA_POLICY_MAX(NLA_U8, 1),
8037 [NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR] =
8038 NLA_POLICY_RANGE(NLA_U32, 1, 255),
8039 [NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES] = { .type = NLA_U8 },
8040 [NL80211_MESHCONF_PATH_REFRESH_TIME] = { .type = NLA_U32 },
8041 [NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT] = NLA_POLICY_MIN(NLA_U16, 1),
8042 [NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT] = { .type = NLA_U32 },
8043 [NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL] =
8044 NLA_POLICY_MIN(NLA_U16, 1),
8045 [NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL] =
8046 NLA_POLICY_MIN(NLA_U16, 1),
8047 [NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME] =
8048 NLA_POLICY_MIN(NLA_U16, 1),
8049 [NL80211_MESHCONF_HWMP_ROOTMODE] = NLA_POLICY_MAX(NLA_U8, 4),
8050 [NL80211_MESHCONF_HWMP_RANN_INTERVAL] =
8051 NLA_POLICY_MIN(NLA_U16, 1),
8052 [NL80211_MESHCONF_GATE_ANNOUNCEMENTS] = NLA_POLICY_MAX(NLA_U8, 1),
8053 [NL80211_MESHCONF_FORWARDING] = NLA_POLICY_MAX(NLA_U8, 1),
8054 [NL80211_MESHCONF_RSSI_THRESHOLD] =
8055 NLA_POLICY_RANGE(NLA_S32, -255, 0),
8056 [NL80211_MESHCONF_HT_OPMODE] = { .type = NLA_U16 },
8057 [NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT] = { .type = NLA_U32 },
8058 [NL80211_MESHCONF_HWMP_ROOT_INTERVAL] =
8059 NLA_POLICY_MIN(NLA_U16, 1),
8060 [NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL] =
8061 NLA_POLICY_MIN(NLA_U16, 1),
8062 [NL80211_MESHCONF_POWER_MODE] =
8063 NLA_POLICY_RANGE(NLA_U32,
8064 NL80211_MESH_POWER_ACTIVE,
8065 NL80211_MESH_POWER_MAX),
8066 [NL80211_MESHCONF_AWAKE_WINDOW] = { .type = NLA_U16 },
8067 [NL80211_MESHCONF_PLINK_TIMEOUT] = { .type = NLA_U32 },
8068 [NL80211_MESHCONF_CONNECTED_TO_GATE] = NLA_POLICY_RANGE(NLA_U8, 0, 1),
8069 [NL80211_MESHCONF_NOLEARN] = NLA_POLICY_RANGE(NLA_U8, 0, 1),
8070 [NL80211_MESHCONF_CONNECTED_TO_AS] = NLA_POLICY_RANGE(NLA_U8, 0, 1),
8073 static const struct nla_policy
8074 nl80211_mesh_setup_params_policy[NL80211_MESH_SETUP_ATTR_MAX+1] = {
8075 [NL80211_MESH_SETUP_ENABLE_VENDOR_SYNC] = { .type = NLA_U8 },
8076 [NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL] = { .type = NLA_U8 },
8077 [NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC] = { .type = NLA_U8 },
8078 [NL80211_MESH_SETUP_USERSPACE_AUTH] = { .type = NLA_FLAG },
8079 [NL80211_MESH_SETUP_AUTH_PROTOCOL] = { .type = NLA_U8 },
8080 [NL80211_MESH_SETUP_USERSPACE_MPM] = { .type = NLA_FLAG },
8081 [NL80211_MESH_SETUP_IE] =
8082 NLA_POLICY_VALIDATE_FN(NLA_BINARY, validate_ie_attr,
8083 IEEE80211_MAX_DATA_LEN),
8084 [NL80211_MESH_SETUP_USERSPACE_AMPE] = { .type = NLA_FLAG },
8087 static int nl80211_parse_mesh_config(struct genl_info *info,
8088 struct mesh_config *cfg,
8091 struct nlattr *tb[NL80211_MESHCONF_ATTR_MAX + 1];
8095 #define FILL_IN_MESH_PARAM_IF_SET(tb, cfg, param, mask, attr, fn) \
8098 cfg->param = fn(tb[attr]); \
8099 mask |= BIT((attr) - 1); \
8103 if (!info->attrs[NL80211_ATTR_MESH_CONFIG])
8105 if (nla_parse_nested_deprecated(tb, NL80211_MESHCONF_ATTR_MAX, info->attrs[NL80211_ATTR_MESH_CONFIG], nl80211_meshconf_params_policy, info->extack))
8108 /* This makes sure that there aren't more than 32 mesh config
8109 * parameters (otherwise our bitfield scheme would not work.) */
8110 BUILD_BUG_ON(NL80211_MESHCONF_ATTR_MAX > 32);
8112 /* Fill in the params struct */
8113 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshRetryTimeout, mask,
8114 NL80211_MESHCONF_RETRY_TIMEOUT, nla_get_u16);
8115 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshConfirmTimeout, mask,
8116 NL80211_MESHCONF_CONFIRM_TIMEOUT,
8118 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHoldingTimeout, mask,
8119 NL80211_MESHCONF_HOLDING_TIMEOUT,
8121 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxPeerLinks, mask,
8122 NL80211_MESHCONF_MAX_PEER_LINKS,
8124 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshMaxRetries, mask,
8125 NL80211_MESHCONF_MAX_RETRIES, nla_get_u8);
8126 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshTTL, mask,
8127 NL80211_MESHCONF_TTL, nla_get_u8);
8128 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, element_ttl, mask,
8129 NL80211_MESHCONF_ELEMENT_TTL, nla_get_u8);
8130 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, auto_open_plinks, mask,
8131 NL80211_MESHCONF_AUTO_OPEN_PLINKS,
8133 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshNbrOffsetMaxNeighbor,
8135 NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR,
8137 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPmaxPREQretries, mask,
8138 NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES,
8140 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, path_refresh_time, mask,
8141 NL80211_MESHCONF_PATH_REFRESH_TIME,
8143 if (mask & BIT(NL80211_MESHCONF_PATH_REFRESH_TIME) &&
8144 (cfg->path_refresh_time < 1 || cfg->path_refresh_time > 65535))
8146 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, min_discovery_timeout, mask,
8147 NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT,
8149 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPactivePathTimeout,
8151 NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT,
8153 if (mask & BIT(NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT) &&
8154 (cfg->dot11MeshHWMPactivePathTimeout < 1 ||
8155 cfg->dot11MeshHWMPactivePathTimeout > 65535))
8157 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPpreqMinInterval, mask,
8158 NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL,
8160 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPperrMinInterval, mask,
8161 NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL,
8163 FILL_IN_MESH_PARAM_IF_SET(tb, cfg,
8164 dot11MeshHWMPnetDiameterTraversalTime, mask,
8165 NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME,
8167 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPRootMode, mask,
8168 NL80211_MESHCONF_HWMP_ROOTMODE, nla_get_u8);
8169 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPRannInterval, mask,
8170 NL80211_MESHCONF_HWMP_RANN_INTERVAL,
8172 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshGateAnnouncementProtocol,
8173 mask, NL80211_MESHCONF_GATE_ANNOUNCEMENTS,
8175 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshForwarding, mask,
8176 NL80211_MESHCONF_FORWARDING, nla_get_u8);
8177 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, rssi_threshold, mask,
8178 NL80211_MESHCONF_RSSI_THRESHOLD,
8180 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshConnectedToMeshGate, mask,
8181 NL80211_MESHCONF_CONNECTED_TO_GATE,
8183 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshConnectedToAuthServer, mask,
8184 NL80211_MESHCONF_CONNECTED_TO_AS,
8187 * Check HT operation mode based on
8188 * IEEE 802.11-2016 9.4.2.57 HT Operation element.
8190 if (tb[NL80211_MESHCONF_HT_OPMODE]) {
8191 ht_opmode = nla_get_u16(tb[NL80211_MESHCONF_HT_OPMODE]);
8193 if (ht_opmode & ~(IEEE80211_HT_OP_MODE_PROTECTION |
8194 IEEE80211_HT_OP_MODE_NON_GF_STA_PRSNT |
8195 IEEE80211_HT_OP_MODE_NON_HT_STA_PRSNT))
8198 /* NON_HT_STA bit is reserved, but some programs set it */
8199 ht_opmode &= ~IEEE80211_HT_OP_MODE_NON_HT_STA_PRSNT;
8201 cfg->ht_opmode = ht_opmode;
8202 mask |= (1 << (NL80211_MESHCONF_HT_OPMODE - 1));
8204 FILL_IN_MESH_PARAM_IF_SET(tb, cfg,
8205 dot11MeshHWMPactivePathToRootTimeout, mask,
8206 NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT,
8208 if (mask & BIT(NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT) &&
8209 (cfg->dot11MeshHWMPactivePathToRootTimeout < 1 ||
8210 cfg->dot11MeshHWMPactivePathToRootTimeout > 65535))
8212 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMProotInterval, mask,
8213 NL80211_MESHCONF_HWMP_ROOT_INTERVAL,
8215 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshHWMPconfirmationInterval,
8217 NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL,
8219 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, power_mode, mask,
8220 NL80211_MESHCONF_POWER_MODE, nla_get_u32);
8221 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshAwakeWindowDuration, mask,
8222 NL80211_MESHCONF_AWAKE_WINDOW, nla_get_u16);
8223 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, plink_timeout, mask,
8224 NL80211_MESHCONF_PLINK_TIMEOUT, nla_get_u32);
8225 FILL_IN_MESH_PARAM_IF_SET(tb, cfg, dot11MeshNolearn, mask,
8226 NL80211_MESHCONF_NOLEARN, nla_get_u8);
8232 #undef FILL_IN_MESH_PARAM_IF_SET
8235 static int nl80211_parse_mesh_setup(struct genl_info *info,
8236 struct mesh_setup *setup)
8238 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8239 struct nlattr *tb[NL80211_MESH_SETUP_ATTR_MAX + 1];
8241 if (!info->attrs[NL80211_ATTR_MESH_SETUP])
8243 if (nla_parse_nested_deprecated(tb, NL80211_MESH_SETUP_ATTR_MAX, info->attrs[NL80211_ATTR_MESH_SETUP], nl80211_mesh_setup_params_policy, info->extack))
8246 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_SYNC])
8247 setup->sync_method =
8248 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_SYNC])) ?
8249 IEEE80211_SYNC_METHOD_VENDOR :
8250 IEEE80211_SYNC_METHOD_NEIGHBOR_OFFSET;
8252 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL])
8253 setup->path_sel_proto =
8254 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_PATH_SEL])) ?
8255 IEEE80211_PATH_PROTOCOL_VENDOR :
8256 IEEE80211_PATH_PROTOCOL_HWMP;
8258 if (tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC])
8259 setup->path_metric =
8260 (nla_get_u8(tb[NL80211_MESH_SETUP_ENABLE_VENDOR_METRIC])) ?
8261 IEEE80211_PATH_METRIC_VENDOR :
8262 IEEE80211_PATH_METRIC_AIRTIME;
8264 if (tb[NL80211_MESH_SETUP_IE]) {
8265 struct nlattr *ieattr =
8266 tb[NL80211_MESH_SETUP_IE];
8267 setup->ie = nla_data(ieattr);
8268 setup->ie_len = nla_len(ieattr);
8270 if (tb[NL80211_MESH_SETUP_USERSPACE_MPM] &&
8271 !(rdev->wiphy.features & NL80211_FEATURE_USERSPACE_MPM))
8273 setup->user_mpm = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_MPM]);
8274 setup->is_authenticated = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_AUTH]);
8275 setup->is_secure = nla_get_flag(tb[NL80211_MESH_SETUP_USERSPACE_AMPE]);
8276 if (setup->is_secure)
8277 setup->user_mpm = true;
8279 if (tb[NL80211_MESH_SETUP_AUTH_PROTOCOL]) {
8280 if (!setup->user_mpm)
8283 nla_get_u8(tb[NL80211_MESH_SETUP_AUTH_PROTOCOL]);
8289 static int nl80211_update_mesh_config(struct sk_buff *skb,
8290 struct genl_info *info)
8292 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8293 struct net_device *dev = info->user_ptr[1];
8294 struct wireless_dev *wdev = dev->ieee80211_ptr;
8295 struct mesh_config cfg = {};
8299 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT)
8302 if (!rdev->ops->update_mesh_config)
8305 err = nl80211_parse_mesh_config(info, &cfg, &mask);
8310 if (!wdev->u.mesh.id_len)
8314 err = rdev_update_mesh_config(rdev, dev, mask, &cfg);
8321 static int nl80211_put_regdom(const struct ieee80211_regdomain *regdom,
8322 struct sk_buff *msg)
8324 struct nlattr *nl_reg_rules;
8327 if (nla_put_string(msg, NL80211_ATTR_REG_ALPHA2, regdom->alpha2) ||
8328 (regdom->dfs_region &&
8329 nla_put_u8(msg, NL80211_ATTR_DFS_REGION, regdom->dfs_region)))
8330 goto nla_put_failure;
8332 nl_reg_rules = nla_nest_start_noflag(msg, NL80211_ATTR_REG_RULES);
8334 goto nla_put_failure;
8336 for (i = 0; i < regdom->n_reg_rules; i++) {
8337 struct nlattr *nl_reg_rule;
8338 const struct ieee80211_reg_rule *reg_rule;
8339 const struct ieee80211_freq_range *freq_range;
8340 const struct ieee80211_power_rule *power_rule;
8341 unsigned int max_bandwidth_khz;
8343 reg_rule = ®dom->reg_rules[i];
8344 freq_range = ®_rule->freq_range;
8345 power_rule = ®_rule->power_rule;
8347 nl_reg_rule = nla_nest_start_noflag(msg, i);
8349 goto nla_put_failure;
8351 max_bandwidth_khz = freq_range->max_bandwidth_khz;
8352 if (!max_bandwidth_khz)
8353 max_bandwidth_khz = reg_get_max_bandwidth(regdom,
8356 if (nla_put_u32(msg, NL80211_ATTR_REG_RULE_FLAGS,
8358 nla_put_u32(msg, NL80211_ATTR_FREQ_RANGE_START,
8359 freq_range->start_freq_khz) ||
8360 nla_put_u32(msg, NL80211_ATTR_FREQ_RANGE_END,
8361 freq_range->end_freq_khz) ||
8362 nla_put_u32(msg, NL80211_ATTR_FREQ_RANGE_MAX_BW,
8363 max_bandwidth_khz) ||
8364 nla_put_u32(msg, NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN,
8365 power_rule->max_antenna_gain) ||
8366 nla_put_u32(msg, NL80211_ATTR_POWER_RULE_MAX_EIRP,
8367 power_rule->max_eirp) ||
8368 nla_put_u32(msg, NL80211_ATTR_DFS_CAC_TIME,
8369 reg_rule->dfs_cac_ms))
8370 goto nla_put_failure;
8372 nla_nest_end(msg, nl_reg_rule);
8375 nla_nest_end(msg, nl_reg_rules);
8382 static int nl80211_get_reg_do(struct sk_buff *skb, struct genl_info *info)
8384 const struct ieee80211_regdomain *regdom = NULL;
8385 struct cfg80211_registered_device *rdev;
8386 struct wiphy *wiphy = NULL;
8387 struct sk_buff *msg;
8388 int err = -EMSGSIZE;
8391 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
8395 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
8396 NL80211_CMD_GET_REG);
8402 if (info->attrs[NL80211_ATTR_WIPHY]) {
8405 rdev = cfg80211_get_dev_from_info(genl_info_net(info), info);
8407 err = PTR_ERR(rdev);
8408 goto nla_put_failure;
8411 wiphy = &rdev->wiphy;
8412 self_managed = wiphy->regulatory_flags &
8413 REGULATORY_WIPHY_SELF_MANAGED;
8417 regdom = get_wiphy_regdom(wiphy);
8419 /* a self-managed-reg device must have a private regdom */
8420 if (WARN_ON(!regdom && self_managed)) {
8422 goto nla_put_failure_rcu;
8426 nla_put_u32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy)))
8427 goto nla_put_failure_rcu;
8432 if (!wiphy && reg_last_request_cell_base() &&
8433 nla_put_u32(msg, NL80211_ATTR_USER_REG_HINT_TYPE,
8434 NL80211_USER_REG_HINT_CELL_BASE))
8435 goto nla_put_failure_rcu;
8438 regdom = rcu_dereference(cfg80211_regdomain);
8440 if (nl80211_put_regdom(regdom, msg))
8441 goto nla_put_failure_rcu;
8445 genlmsg_end(msg, hdr);
8447 return genlmsg_reply(msg, info);
8449 nla_put_failure_rcu:
8458 static int nl80211_send_regdom(struct sk_buff *msg, struct netlink_callback *cb,
8459 u32 seq, int flags, struct wiphy *wiphy,
8460 const struct ieee80211_regdomain *regdom)
8462 void *hdr = nl80211hdr_put(msg, NETLINK_CB(cb->skb).portid, seq, flags,
8463 NL80211_CMD_GET_REG);
8468 genl_dump_check_consistent(cb, hdr);
8470 if (nl80211_put_regdom(regdom, msg))
8471 goto nla_put_failure;
8473 if (!wiphy && reg_last_request_cell_base() &&
8474 nla_put_u32(msg, NL80211_ATTR_USER_REG_HINT_TYPE,
8475 NL80211_USER_REG_HINT_CELL_BASE))
8476 goto nla_put_failure;
8479 nla_put_u32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy)))
8480 goto nla_put_failure;
8482 if (wiphy && wiphy->regulatory_flags & REGULATORY_WIPHY_SELF_MANAGED &&
8483 nla_put_flag(msg, NL80211_ATTR_WIPHY_SELF_MANAGED_REG))
8484 goto nla_put_failure;
8486 genlmsg_end(msg, hdr);
8490 genlmsg_cancel(msg, hdr);
8494 static int nl80211_get_reg_dump(struct sk_buff *skb,
8495 struct netlink_callback *cb)
8497 const struct ieee80211_regdomain *regdom = NULL;
8498 struct cfg80211_registered_device *rdev;
8499 int err, reg_idx, start = cb->args[2];
8503 if (cfg80211_regdomain && start == 0) {
8504 err = nl80211_send_regdom(skb, cb, cb->nlh->nlmsg_seq,
8506 rcu_dereference(cfg80211_regdomain));
8511 /* the global regdom is idx 0 */
8513 list_for_each_entry_rcu(rdev, &cfg80211_rdev_list, list) {
8514 regdom = get_wiphy_regdom(&rdev->wiphy);
8518 if (++reg_idx <= start)
8521 err = nl80211_send_regdom(skb, cb, cb->nlh->nlmsg_seq,
8522 NLM_F_MULTI, &rdev->wiphy, regdom);
8529 cb->args[2] = reg_idx;
8536 #ifdef CONFIG_CFG80211_CRDA_SUPPORT
8537 static const struct nla_policy reg_rule_policy[NL80211_REG_RULE_ATTR_MAX + 1] = {
8538 [NL80211_ATTR_REG_RULE_FLAGS] = { .type = NLA_U32 },
8539 [NL80211_ATTR_FREQ_RANGE_START] = { .type = NLA_U32 },
8540 [NL80211_ATTR_FREQ_RANGE_END] = { .type = NLA_U32 },
8541 [NL80211_ATTR_FREQ_RANGE_MAX_BW] = { .type = NLA_U32 },
8542 [NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN] = { .type = NLA_U32 },
8543 [NL80211_ATTR_POWER_RULE_MAX_EIRP] = { .type = NLA_U32 },
8544 [NL80211_ATTR_DFS_CAC_TIME] = { .type = NLA_U32 },
8547 static int parse_reg_rule(struct nlattr *tb[],
8548 struct ieee80211_reg_rule *reg_rule)
8550 struct ieee80211_freq_range *freq_range = ®_rule->freq_range;
8551 struct ieee80211_power_rule *power_rule = ®_rule->power_rule;
8553 if (!tb[NL80211_ATTR_REG_RULE_FLAGS])
8555 if (!tb[NL80211_ATTR_FREQ_RANGE_START])
8557 if (!tb[NL80211_ATTR_FREQ_RANGE_END])
8559 if (!tb[NL80211_ATTR_FREQ_RANGE_MAX_BW])
8561 if (!tb[NL80211_ATTR_POWER_RULE_MAX_EIRP])
8564 reg_rule->flags = nla_get_u32(tb[NL80211_ATTR_REG_RULE_FLAGS]);
8566 freq_range->start_freq_khz =
8567 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_START]);
8568 freq_range->end_freq_khz =
8569 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_END]);
8570 freq_range->max_bandwidth_khz =
8571 nla_get_u32(tb[NL80211_ATTR_FREQ_RANGE_MAX_BW]);
8573 power_rule->max_eirp =
8574 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_EIRP]);
8576 if (tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN])
8577 power_rule->max_antenna_gain =
8578 nla_get_u32(tb[NL80211_ATTR_POWER_RULE_MAX_ANT_GAIN]);
8580 if (tb[NL80211_ATTR_DFS_CAC_TIME])
8581 reg_rule->dfs_cac_ms =
8582 nla_get_u32(tb[NL80211_ATTR_DFS_CAC_TIME]);
8587 static int nl80211_set_reg(struct sk_buff *skb, struct genl_info *info)
8589 struct nlattr *tb[NL80211_REG_RULE_ATTR_MAX + 1];
8590 struct nlattr *nl_reg_rule;
8592 int rem_reg_rules, r;
8593 u32 num_rules = 0, rule_idx = 0;
8594 enum nl80211_dfs_regions dfs_region = NL80211_DFS_UNSET;
8595 struct ieee80211_regdomain *rd;
8597 if (!info->attrs[NL80211_ATTR_REG_ALPHA2])
8600 if (!info->attrs[NL80211_ATTR_REG_RULES])
8603 alpha2 = nla_data(info->attrs[NL80211_ATTR_REG_ALPHA2]);
8605 if (info->attrs[NL80211_ATTR_DFS_REGION])
8606 dfs_region = nla_get_u8(info->attrs[NL80211_ATTR_DFS_REGION]);
8608 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES],
8611 if (num_rules > NL80211_MAX_SUPP_REG_RULES)
8616 if (!reg_is_valid_request(alpha2)) {
8621 rd = kzalloc(struct_size(rd, reg_rules, num_rules), GFP_KERNEL);
8627 rd->n_reg_rules = num_rules;
8628 rd->alpha2[0] = alpha2[0];
8629 rd->alpha2[1] = alpha2[1];
8632 * Disable DFS master mode if the DFS region was
8633 * not supported or known on this kernel.
8635 if (reg_supported_dfs_region(dfs_region))
8636 rd->dfs_region = dfs_region;
8638 nla_for_each_nested(nl_reg_rule, info->attrs[NL80211_ATTR_REG_RULES],
8640 r = nla_parse_nested_deprecated(tb, NL80211_REG_RULE_ATTR_MAX,
8641 nl_reg_rule, reg_rule_policy,
8645 r = parse_reg_rule(tb, &rd->reg_rules[rule_idx]);
8651 if (rule_idx > NL80211_MAX_SUPP_REG_RULES) {
8657 r = set_regdom(rd, REGD_SOURCE_CRDA);
8658 /* set_regdom takes ownership of rd */
8666 #endif /* CONFIG_CFG80211_CRDA_SUPPORT */
8668 static int validate_scan_freqs(struct nlattr *freqs)
8670 struct nlattr *attr1, *attr2;
8671 int n_channels = 0, tmp1, tmp2;
8673 nla_for_each_nested(attr1, freqs, tmp1)
8674 if (nla_len(attr1) != sizeof(u32))
8677 nla_for_each_nested(attr1, freqs, tmp1) {
8680 * Some hardware has a limited channel list for
8681 * scanning, and it is pretty much nonsensical
8682 * to scan for a channel twice, so disallow that
8683 * and don't require drivers to check that the
8684 * channel list they get isn't longer than what
8685 * they can scan, as long as they can scan all
8686 * the channels they registered at once.
8688 nla_for_each_nested(attr2, freqs, tmp2)
8689 if (attr1 != attr2 &&
8690 nla_get_u32(attr1) == nla_get_u32(attr2))
8697 static bool is_band_valid(struct wiphy *wiphy, enum nl80211_band b)
8699 return b < NUM_NL80211_BANDS && wiphy->bands[b];
8702 static int parse_bss_select(struct nlattr *nla, struct wiphy *wiphy,
8703 struct cfg80211_bss_selection *bss_select)
8705 struct nlattr *attr[NL80211_BSS_SELECT_ATTR_MAX + 1];
8706 struct nlattr *nest;
8711 /* only process one nested attribute */
8712 nest = nla_data(nla);
8713 if (!nla_ok(nest, nla_len(nest)))
8716 err = nla_parse_nested_deprecated(attr, NL80211_BSS_SELECT_ATTR_MAX,
8717 nest, nl80211_bss_select_policy,
8722 /* only one attribute may be given */
8723 for (i = 0; i <= NL80211_BSS_SELECT_ATTR_MAX; i++) {
8731 bss_select->behaviour = __NL80211_BSS_SELECT_ATTR_INVALID;
8733 if (attr[NL80211_BSS_SELECT_ATTR_RSSI])
8734 bss_select->behaviour = NL80211_BSS_SELECT_ATTR_RSSI;
8736 if (attr[NL80211_BSS_SELECT_ATTR_BAND_PREF]) {
8737 bss_select->behaviour = NL80211_BSS_SELECT_ATTR_BAND_PREF;
8738 bss_select->param.band_pref =
8739 nla_get_u32(attr[NL80211_BSS_SELECT_ATTR_BAND_PREF]);
8740 if (!is_band_valid(wiphy, bss_select->param.band_pref))
8744 if (attr[NL80211_BSS_SELECT_ATTR_RSSI_ADJUST]) {
8745 struct nl80211_bss_select_rssi_adjust *adj_param;
8747 adj_param = nla_data(attr[NL80211_BSS_SELECT_ATTR_RSSI_ADJUST]);
8748 bss_select->behaviour = NL80211_BSS_SELECT_ATTR_RSSI_ADJUST;
8749 bss_select->param.adjust.band = adj_param->band;
8750 bss_select->param.adjust.delta = adj_param->delta;
8751 if (!is_band_valid(wiphy, bss_select->param.adjust.band))
8755 /* user-space did not provide behaviour attribute */
8756 if (bss_select->behaviour == __NL80211_BSS_SELECT_ATTR_INVALID)
8759 if (!(wiphy->bss_select_support & BIT(bss_select->behaviour)))
8765 int nl80211_parse_random_mac(struct nlattr **attrs,
8766 u8 *mac_addr, u8 *mac_addr_mask)
8770 if (!attrs[NL80211_ATTR_MAC] && !attrs[NL80211_ATTR_MAC_MASK]) {
8771 eth_zero_addr(mac_addr);
8772 eth_zero_addr(mac_addr_mask);
8774 mac_addr_mask[0] = 0x3;
8779 /* need both or none */
8780 if (!attrs[NL80211_ATTR_MAC] || !attrs[NL80211_ATTR_MAC_MASK])
8783 memcpy(mac_addr, nla_data(attrs[NL80211_ATTR_MAC]), ETH_ALEN);
8784 memcpy(mac_addr_mask, nla_data(attrs[NL80211_ATTR_MAC_MASK]), ETH_ALEN);
8786 /* don't allow or configure an mcast address */
8787 if (!is_multicast_ether_addr(mac_addr_mask) ||
8788 is_multicast_ether_addr(mac_addr))
8792 * allow users to pass a MAC address that has bits set outside
8793 * of the mask, but don't bother drivers with having to deal
8796 for (i = 0; i < ETH_ALEN; i++)
8797 mac_addr[i] &= mac_addr_mask[i];
8802 static bool cfg80211_off_channel_oper_allowed(struct wireless_dev *wdev,
8803 struct ieee80211_channel *chan)
8805 unsigned int link_id;
8808 ASSERT_WDEV_LOCK(wdev);
8810 if (!cfg80211_beaconing_iface_active(wdev))
8814 * FIXME: check if we have a free HW resource/link for chan
8816 * This, as well as the FIXME below, requires knowing the link
8817 * capabilities of the hardware.
8820 /* we cannot leave radar channels */
8821 for_each_valid_link(wdev, link_id) {
8822 struct cfg80211_chan_def *chandef;
8824 chandef = wdev_chandef(wdev, link_id);
8825 if (!chandef || !chandef->chan)
8829 * FIXME: don't require all_ok, but rather check only the
8830 * correct HW resource/link onto which 'chan' falls,
8831 * as only that link leaves the channel for doing
8832 * the off-channel operation.
8835 if (chandef->chan->flags & IEEE80211_CHAN_RADAR)
8842 return regulatory_pre_cac_allowed(wdev->wiphy);
8845 static bool nl80211_check_scan_feat(struct wiphy *wiphy, u32 flags, u32 flag,
8846 enum nl80211_ext_feature_index feat)
8848 if (!(flags & flag))
8850 if (wiphy_ext_feature_isset(wiphy, feat))
8856 nl80211_check_scan_flags(struct wiphy *wiphy, struct wireless_dev *wdev,
8857 void *request, struct nlattr **attrs,
8860 u8 *mac_addr, *mac_addr_mask;
8862 enum nl80211_feature_flags randomness_flag;
8864 if (!attrs[NL80211_ATTR_SCAN_FLAGS])
8867 if (is_sched_scan) {
8868 struct cfg80211_sched_scan_request *req = request;
8870 randomness_flag = wdev ?
8871 NL80211_FEATURE_SCHED_SCAN_RANDOM_MAC_ADDR :
8872 NL80211_FEATURE_ND_RANDOM_MAC_ADDR;
8873 flags = &req->flags;
8874 mac_addr = req->mac_addr;
8875 mac_addr_mask = req->mac_addr_mask;
8877 struct cfg80211_scan_request *req = request;
8879 randomness_flag = NL80211_FEATURE_SCAN_RANDOM_MAC_ADDR;
8880 flags = &req->flags;
8881 mac_addr = req->mac_addr;
8882 mac_addr_mask = req->mac_addr_mask;
8885 *flags = nla_get_u32(attrs[NL80211_ATTR_SCAN_FLAGS]);
8887 if (((*flags & NL80211_SCAN_FLAG_LOW_PRIORITY) &&
8888 !(wiphy->features & NL80211_FEATURE_LOW_PRIORITY_SCAN)) ||
8889 !nl80211_check_scan_feat(wiphy, *flags,
8890 NL80211_SCAN_FLAG_LOW_SPAN,
8891 NL80211_EXT_FEATURE_LOW_SPAN_SCAN) ||
8892 !nl80211_check_scan_feat(wiphy, *flags,
8893 NL80211_SCAN_FLAG_LOW_POWER,
8894 NL80211_EXT_FEATURE_LOW_POWER_SCAN) ||
8895 !nl80211_check_scan_feat(wiphy, *flags,
8896 NL80211_SCAN_FLAG_HIGH_ACCURACY,
8897 NL80211_EXT_FEATURE_HIGH_ACCURACY_SCAN) ||
8898 !nl80211_check_scan_feat(wiphy, *flags,
8899 NL80211_SCAN_FLAG_FILS_MAX_CHANNEL_TIME,
8900 NL80211_EXT_FEATURE_FILS_MAX_CHANNEL_TIME) ||
8901 !nl80211_check_scan_feat(wiphy, *flags,
8902 NL80211_SCAN_FLAG_ACCEPT_BCAST_PROBE_RESP,
8903 NL80211_EXT_FEATURE_ACCEPT_BCAST_PROBE_RESP) ||
8904 !nl80211_check_scan_feat(wiphy, *flags,
8905 NL80211_SCAN_FLAG_OCE_PROBE_REQ_DEFERRAL_SUPPRESSION,
8906 NL80211_EXT_FEATURE_OCE_PROBE_REQ_DEFERRAL_SUPPRESSION) ||
8907 !nl80211_check_scan_feat(wiphy, *flags,
8908 NL80211_SCAN_FLAG_OCE_PROBE_REQ_HIGH_TX_RATE,
8909 NL80211_EXT_FEATURE_OCE_PROBE_REQ_HIGH_TX_RATE) ||
8910 !nl80211_check_scan_feat(wiphy, *flags,
8911 NL80211_SCAN_FLAG_RANDOM_SN,
8912 NL80211_EXT_FEATURE_SCAN_RANDOM_SN) ||
8913 !nl80211_check_scan_feat(wiphy, *flags,
8914 NL80211_SCAN_FLAG_MIN_PREQ_CONTENT,
8915 NL80211_EXT_FEATURE_SCAN_MIN_PREQ_CONTENT))
8918 if (*flags & NL80211_SCAN_FLAG_RANDOM_ADDR) {
8921 if (!(wiphy->features & randomness_flag) ||
8922 (wdev && wdev->connected))
8925 err = nl80211_parse_random_mac(attrs, mac_addr, mac_addr_mask);
8933 static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info)
8935 struct cfg80211_registered_device *rdev = info->user_ptr[0];
8936 struct wireless_dev *wdev = info->user_ptr[1];
8937 struct cfg80211_scan_request *request;
8938 struct nlattr *scan_freqs = NULL;
8939 bool scan_freqs_khz = false;
8940 struct nlattr *attr;
8941 struct wiphy *wiphy;
8942 int err, tmp, n_ssids = 0, n_channels, i;
8945 wiphy = &rdev->wiphy;
8947 if (wdev->iftype == NL80211_IFTYPE_NAN)
8950 if (!rdev->ops->scan)
8953 if (rdev->scan_req || rdev->scan_msg)
8956 if (info->attrs[NL80211_ATTR_SCAN_FREQ_KHZ]) {
8957 if (!wiphy_ext_feature_isset(wiphy,
8958 NL80211_EXT_FEATURE_SCAN_FREQ_KHZ))
8960 scan_freqs = info->attrs[NL80211_ATTR_SCAN_FREQ_KHZ];
8961 scan_freqs_khz = true;
8962 } else if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES])
8963 scan_freqs = info->attrs[NL80211_ATTR_SCAN_FREQUENCIES];
8966 n_channels = validate_scan_freqs(scan_freqs);
8970 n_channels = ieee80211_get_num_supported_channels(wiphy);
8973 if (info->attrs[NL80211_ATTR_SCAN_SSIDS])
8974 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp)
8977 if (n_ssids > wiphy->max_scan_ssids)
8980 if (info->attrs[NL80211_ATTR_IE])
8981 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
8985 if (ie_len > wiphy->max_scan_ie_len)
8988 request = kzalloc(sizeof(*request)
8989 + sizeof(*request->ssids) * n_ssids
8990 + sizeof(*request->channels) * n_channels
8991 + ie_len, GFP_KERNEL);
8996 request->ssids = (void *)&request->channels[n_channels];
8997 request->n_ssids = n_ssids;
9000 request->ie = (void *)(request->ssids + n_ssids);
9002 request->ie = (void *)(request->channels + n_channels);
9007 /* user specified, bail out if channel not found */
9008 nla_for_each_nested(attr, scan_freqs, tmp) {
9009 struct ieee80211_channel *chan;
9010 int freq = nla_get_u32(attr);
9012 if (!scan_freqs_khz)
9013 freq = MHZ_TO_KHZ(freq);
9015 chan = ieee80211_get_channel_khz(wiphy, freq);
9021 /* ignore disabled channels */
9022 if (chan->flags & IEEE80211_CHAN_DISABLED)
9025 request->channels[i] = chan;
9029 enum nl80211_band band;
9032 for (band = 0; band < NUM_NL80211_BANDS; band++) {
9035 if (!wiphy->bands[band])
9037 for (j = 0; j < wiphy->bands[band]->n_channels; j++) {
9038 struct ieee80211_channel *chan;
9040 chan = &wiphy->bands[band]->channels[j];
9042 if (chan->flags & IEEE80211_CHAN_DISABLED)
9045 request->channels[i] = chan;
9056 request->n_channels = i;
9059 for (i = 0; i < request->n_channels; i++) {
9060 struct ieee80211_channel *chan = request->channels[i];
9062 /* if we can go off-channel to the target channel we're good */
9063 if (cfg80211_off_channel_oper_allowed(wdev, chan))
9066 if (!cfg80211_wdev_on_sub_chan(wdev, chan, true)) {
9076 nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) {
9077 if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) {
9081 request->ssids[i].ssid_len = nla_len(attr);
9082 memcpy(request->ssids[i].ssid, nla_data(attr), nla_len(attr));
9087 if (info->attrs[NL80211_ATTR_IE]) {
9088 request->ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
9089 memcpy((void *)request->ie,
9090 nla_data(info->attrs[NL80211_ATTR_IE]),
9094 for (i = 0; i < NUM_NL80211_BANDS; i++)
9095 if (wiphy->bands[i])
9097 (1 << wiphy->bands[i]->n_bitrates) - 1;
9099 if (info->attrs[NL80211_ATTR_SCAN_SUPP_RATES]) {
9100 nla_for_each_nested(attr,
9101 info->attrs[NL80211_ATTR_SCAN_SUPP_RATES],
9103 enum nl80211_band band = nla_type(attr);
9105 if (band < 0 || band >= NUM_NL80211_BANDS) {
9110 if (!wiphy->bands[band])
9113 err = ieee80211_get_ratemask(wiphy->bands[band],
9116 &request->rates[band]);
9122 if (info->attrs[NL80211_ATTR_MEASUREMENT_DURATION]) {
9124 nla_get_u16(info->attrs[NL80211_ATTR_MEASUREMENT_DURATION]);
9125 request->duration_mandatory =
9126 nla_get_flag(info->attrs[NL80211_ATTR_MEASUREMENT_DURATION_MANDATORY]);
9129 err = nl80211_check_scan_flags(wiphy, wdev, request, info->attrs,
9135 nla_get_flag(info->attrs[NL80211_ATTR_TX_NO_CCK_RATE]);
9137 /* Initial implementation used NL80211_ATTR_MAC to set the specific
9138 * BSSID to scan for. This was problematic because that same attribute
9139 * was already used for another purpose (local random MAC address). The
9140 * NL80211_ATTR_BSSID attribute was added to fix this. For backwards
9141 * compatibility with older userspace components, also use the
9142 * NL80211_ATTR_MAC value here if it can be determined to be used for
9143 * the specific BSSID use case instead of the random MAC address
9144 * (NL80211_ATTR_SCAN_FLAGS is used to enable random MAC address use).
9146 if (info->attrs[NL80211_ATTR_BSSID])
9147 memcpy(request->bssid,
9148 nla_data(info->attrs[NL80211_ATTR_BSSID]), ETH_ALEN);
9149 else if (!(request->flags & NL80211_SCAN_FLAG_RANDOM_ADDR) &&
9150 info->attrs[NL80211_ATTR_MAC])
9151 memcpy(request->bssid, nla_data(info->attrs[NL80211_ATTR_MAC]),
9154 eth_broadcast_addr(request->bssid);
9156 request->wdev = wdev;
9157 request->wiphy = &rdev->wiphy;
9158 request->scan_start = jiffies;
9160 rdev->scan_req = request;
9161 err = cfg80211_scan(rdev);
9166 nl80211_send_scan_start(rdev, wdev);
9167 dev_hold(wdev->netdev);
9172 rdev->scan_req = NULL;
9178 static int nl80211_abort_scan(struct sk_buff *skb, struct genl_info *info)
9180 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9181 struct wireless_dev *wdev = info->user_ptr[1];
9183 if (!rdev->ops->abort_scan)
9189 if (!rdev->scan_req)
9192 rdev_abort_scan(rdev, wdev);
9197 nl80211_parse_sched_scan_plans(struct wiphy *wiphy, int n_plans,
9198 struct cfg80211_sched_scan_request *request,
9199 struct nlattr **attrs)
9201 int tmp, err, i = 0;
9202 struct nlattr *attr;
9204 if (!attrs[NL80211_ATTR_SCHED_SCAN_PLANS]) {
9208 * If scan plans are not specified,
9209 * %NL80211_ATTR_SCHED_SCAN_INTERVAL will be specified. In this
9210 * case one scan plan will be set with the specified scan
9211 * interval and infinite number of iterations.
9213 interval = nla_get_u32(attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL]);
9217 request->scan_plans[0].interval =
9218 DIV_ROUND_UP(interval, MSEC_PER_SEC);
9219 if (!request->scan_plans[0].interval)
9222 if (request->scan_plans[0].interval >
9223 wiphy->max_sched_scan_plan_interval)
9224 request->scan_plans[0].interval =
9225 wiphy->max_sched_scan_plan_interval;
9230 nla_for_each_nested(attr, attrs[NL80211_ATTR_SCHED_SCAN_PLANS], tmp) {
9231 struct nlattr *plan[NL80211_SCHED_SCAN_PLAN_MAX + 1];
9233 if (WARN_ON(i >= n_plans))
9236 err = nla_parse_nested_deprecated(plan,
9237 NL80211_SCHED_SCAN_PLAN_MAX,
9238 attr, nl80211_plan_policy,
9243 if (!plan[NL80211_SCHED_SCAN_PLAN_INTERVAL])
9246 request->scan_plans[i].interval =
9247 nla_get_u32(plan[NL80211_SCHED_SCAN_PLAN_INTERVAL]);
9248 if (!request->scan_plans[i].interval ||
9249 request->scan_plans[i].interval >
9250 wiphy->max_sched_scan_plan_interval)
9253 if (plan[NL80211_SCHED_SCAN_PLAN_ITERATIONS]) {
9254 request->scan_plans[i].iterations =
9255 nla_get_u32(plan[NL80211_SCHED_SCAN_PLAN_ITERATIONS]);
9256 if (!request->scan_plans[i].iterations ||
9257 (request->scan_plans[i].iterations >
9258 wiphy->max_sched_scan_plan_iterations))
9260 } else if (i < n_plans - 1) {
9262 * All scan plans but the last one must specify
9263 * a finite number of iterations
9272 * The last scan plan must not specify the number of
9273 * iterations, it is supposed to run infinitely
9275 if (request->scan_plans[n_plans - 1].iterations)
9282 nl80211_parse_sched_scan_per_band_rssi(struct wiphy *wiphy,
9283 struct cfg80211_match_set *match_sets,
9284 struct nlattr *tb_band_rssi,
9287 struct nlattr *attr;
9288 int i, tmp, ret = 0;
9290 if (!wiphy_ext_feature_isset(wiphy,
9291 NL80211_EXT_FEATURE_SCHED_SCAN_BAND_SPECIFIC_RSSI_THOLD)) {
9295 for (i = 0; i < NUM_NL80211_BANDS; i++)
9296 match_sets->per_band_rssi_thold[i] =
9297 NL80211_SCAN_RSSI_THOLD_OFF;
9301 for (i = 0; i < NUM_NL80211_BANDS; i++)
9302 match_sets->per_band_rssi_thold[i] = rssi_thold;
9304 nla_for_each_nested(attr, tb_band_rssi, tmp) {
9305 enum nl80211_band band = nla_type(attr);
9307 if (band < 0 || band >= NUM_NL80211_BANDS)
9310 match_sets->per_band_rssi_thold[band] = nla_get_s32(attr);
9316 static struct cfg80211_sched_scan_request *
9317 nl80211_parse_sched_scan(struct wiphy *wiphy, struct wireless_dev *wdev,
9318 struct nlattr **attrs, int max_match_sets)
9320 struct cfg80211_sched_scan_request *request;
9321 struct nlattr *attr;
9322 int err, tmp, n_ssids = 0, n_match_sets = 0, n_channels, i, n_plans = 0;
9323 enum nl80211_band band;
9325 struct nlattr *tb[NL80211_SCHED_SCAN_MATCH_ATTR_MAX + 1];
9326 s32 default_match_rssi = NL80211_SCAN_RSSI_THOLD_OFF;
9328 if (attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
9329 n_channels = validate_scan_freqs(
9330 attrs[NL80211_ATTR_SCAN_FREQUENCIES]);
9332 return ERR_PTR(-EINVAL);
9334 n_channels = ieee80211_get_num_supported_channels(wiphy);
9337 if (attrs[NL80211_ATTR_SCAN_SSIDS])
9338 nla_for_each_nested(attr, attrs[NL80211_ATTR_SCAN_SSIDS],
9342 if (n_ssids > wiphy->max_sched_scan_ssids)
9343 return ERR_PTR(-EINVAL);
9346 * First, count the number of 'real' matchsets. Due to an issue with
9347 * the old implementation, matchsets containing only the RSSI attribute
9348 * (NL80211_SCHED_SCAN_MATCH_ATTR_RSSI) are considered as the 'default'
9349 * RSSI for all matchsets, rather than their own matchset for reporting
9350 * all APs with a strong RSSI. This is needed to be compatible with
9351 * older userspace that treated a matchset with only the RSSI as the
9352 * global RSSI for all other matchsets - if there are other matchsets.
9354 if (attrs[NL80211_ATTR_SCHED_SCAN_MATCH]) {
9355 nla_for_each_nested(attr,
9356 attrs[NL80211_ATTR_SCHED_SCAN_MATCH],
9358 struct nlattr *rssi;
9360 err = nla_parse_nested_deprecated(tb,
9361 NL80211_SCHED_SCAN_MATCH_ATTR_MAX,
9363 nl80211_match_policy,
9366 return ERR_PTR(err);
9368 /* SSID and BSSID are mutually exclusive */
9369 if (tb[NL80211_SCHED_SCAN_MATCH_ATTR_SSID] &&
9370 tb[NL80211_SCHED_SCAN_MATCH_ATTR_BSSID])
9371 return ERR_PTR(-EINVAL);
9373 /* add other standalone attributes here */
9374 if (tb[NL80211_SCHED_SCAN_MATCH_ATTR_SSID] ||
9375 tb[NL80211_SCHED_SCAN_MATCH_ATTR_BSSID]) {
9379 rssi = tb[NL80211_SCHED_SCAN_MATCH_ATTR_RSSI];
9381 default_match_rssi = nla_get_s32(rssi);
9385 /* However, if there's no other matchset, add the RSSI one */
9386 if (!n_match_sets && default_match_rssi != NL80211_SCAN_RSSI_THOLD_OFF)
9389 if (n_match_sets > max_match_sets)
9390 return ERR_PTR(-EINVAL);
9392 if (attrs[NL80211_ATTR_IE])
9393 ie_len = nla_len(attrs[NL80211_ATTR_IE]);
9397 if (ie_len > wiphy->max_sched_scan_ie_len)
9398 return ERR_PTR(-EINVAL);
9400 if (attrs[NL80211_ATTR_SCHED_SCAN_PLANS]) {
9402 * NL80211_ATTR_SCHED_SCAN_INTERVAL must not be specified since
9403 * each scan plan already specifies its own interval
9405 if (attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL])
9406 return ERR_PTR(-EINVAL);
9408 nla_for_each_nested(attr,
9409 attrs[NL80211_ATTR_SCHED_SCAN_PLANS], tmp)
9413 * The scan interval attribute is kept for backward
9414 * compatibility. If no scan plans are specified and sched scan
9415 * interval is specified, one scan plan will be set with this
9416 * scan interval and infinite number of iterations.
9418 if (!attrs[NL80211_ATTR_SCHED_SCAN_INTERVAL])
9419 return ERR_PTR(-EINVAL);
9424 if (!n_plans || n_plans > wiphy->max_sched_scan_plans)
9425 return ERR_PTR(-EINVAL);
9427 if (!wiphy_ext_feature_isset(
9428 wiphy, NL80211_EXT_FEATURE_SCHED_SCAN_RELATIVE_RSSI) &&
9429 (attrs[NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI] ||
9430 attrs[NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST]))
9431 return ERR_PTR(-EINVAL);
9433 request = kzalloc(sizeof(*request)
9434 + sizeof(*request->ssids) * n_ssids
9435 + sizeof(*request->match_sets) * n_match_sets
9436 + sizeof(*request->scan_plans) * n_plans
9437 + sizeof(*request->channels) * n_channels
9438 + ie_len, GFP_KERNEL);
9440 return ERR_PTR(-ENOMEM);
9443 request->ssids = (void *)&request->channels[n_channels];
9444 request->n_ssids = n_ssids;
9447 request->ie = (void *)(request->ssids + n_ssids);
9449 request->ie = (void *)(request->channels + n_channels);
9454 request->match_sets = (void *)(request->ie + ie_len);
9456 request->match_sets =
9457 (void *)(request->ssids + n_ssids);
9459 request->match_sets =
9460 (void *)(request->channels + n_channels);
9462 request->n_match_sets = n_match_sets;
9465 request->scan_plans = (void *)(request->match_sets +
9467 else if (request->ie)
9468 request->scan_plans = (void *)(request->ie + ie_len);
9470 request->scan_plans = (void *)(request->ssids + n_ssids);
9472 request->scan_plans = (void *)(request->channels + n_channels);
9474 request->n_scan_plans = n_plans;
9477 if (attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
9478 /* user specified, bail out if channel not found */
9479 nla_for_each_nested(attr,
9480 attrs[NL80211_ATTR_SCAN_FREQUENCIES],
9482 struct ieee80211_channel *chan;
9484 chan = ieee80211_get_channel(wiphy, nla_get_u32(attr));
9491 /* ignore disabled channels */
9492 if (chan->flags & IEEE80211_CHAN_DISABLED)
9495 request->channels[i] = chan;
9500 for (band = 0; band < NUM_NL80211_BANDS; band++) {
9503 if (!wiphy->bands[band])
9505 for (j = 0; j < wiphy->bands[band]->n_channels; j++) {
9506 struct ieee80211_channel *chan;
9508 chan = &wiphy->bands[band]->channels[j];
9510 if (chan->flags & IEEE80211_CHAN_DISABLED)
9513 request->channels[i] = chan;
9524 request->n_channels = i;
9528 nla_for_each_nested(attr, attrs[NL80211_ATTR_SCAN_SSIDS],
9530 if (nla_len(attr) > IEEE80211_MAX_SSID_LEN) {
9534 request->ssids[i].ssid_len = nla_len(attr);
9535 memcpy(request->ssids[i].ssid, nla_data(attr),
9542 if (attrs[NL80211_ATTR_SCHED_SCAN_MATCH]) {
9543 nla_for_each_nested(attr,
9544 attrs[NL80211_ATTR_SCHED_SCAN_MATCH],
9546 struct nlattr *ssid, *bssid, *rssi;
9548 err = nla_parse_nested_deprecated(tb,
9549 NL80211_SCHED_SCAN_MATCH_ATTR_MAX,
9551 nl80211_match_policy,
9555 ssid = tb[NL80211_SCHED_SCAN_MATCH_ATTR_SSID];
9556 bssid = tb[NL80211_SCHED_SCAN_MATCH_ATTR_BSSID];
9558 if (!ssid && !bssid) {
9563 if (WARN_ON(i >= n_match_sets)) {
9564 /* this indicates a programming error,
9565 * the loop above should have verified
9573 memcpy(request->match_sets[i].ssid.ssid,
9574 nla_data(ssid), nla_len(ssid));
9575 request->match_sets[i].ssid.ssid_len =
9579 memcpy(request->match_sets[i].bssid,
9580 nla_data(bssid), ETH_ALEN);
9582 /* special attribute - old implementation w/a */
9583 request->match_sets[i].rssi_thold = default_match_rssi;
9584 rssi = tb[NL80211_SCHED_SCAN_MATCH_ATTR_RSSI];
9586 request->match_sets[i].rssi_thold =
9589 /* Parse per band RSSI attribute */
9590 err = nl80211_parse_sched_scan_per_band_rssi(wiphy,
9591 &request->match_sets[i],
9592 tb[NL80211_SCHED_SCAN_MATCH_PER_BAND_RSSI],
9593 request->match_sets[i].rssi_thold);
9600 /* there was no other matchset, so the RSSI one is alone */
9601 if (i == 0 && n_match_sets)
9602 request->match_sets[0].rssi_thold = default_match_rssi;
9604 request->min_rssi_thold = INT_MAX;
9605 for (i = 0; i < n_match_sets; i++)
9606 request->min_rssi_thold =
9607 min(request->match_sets[i].rssi_thold,
9608 request->min_rssi_thold);
9610 request->min_rssi_thold = NL80211_SCAN_RSSI_THOLD_OFF;
9614 request->ie_len = ie_len;
9615 memcpy((void *)request->ie,
9616 nla_data(attrs[NL80211_ATTR_IE]),
9620 err = nl80211_check_scan_flags(wiphy, wdev, request, attrs, true);
9624 if (attrs[NL80211_ATTR_SCHED_SCAN_DELAY])
9626 nla_get_u32(attrs[NL80211_ATTR_SCHED_SCAN_DELAY]);
9628 if (attrs[NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI]) {
9629 request->relative_rssi = nla_get_s8(
9630 attrs[NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI]);
9631 request->relative_rssi_set = true;
9634 if (request->relative_rssi_set &&
9635 attrs[NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST]) {
9636 struct nl80211_bss_select_rssi_adjust *rssi_adjust;
9638 rssi_adjust = nla_data(
9639 attrs[NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST]);
9640 request->rssi_adjust.band = rssi_adjust->band;
9641 request->rssi_adjust.delta = rssi_adjust->delta;
9642 if (!is_band_valid(wiphy, request->rssi_adjust.band)) {
9648 err = nl80211_parse_sched_scan_plans(wiphy, n_plans, request, attrs);
9652 request->scan_start = jiffies;
9658 return ERR_PTR(err);
9661 static int nl80211_start_sched_scan(struct sk_buff *skb,
9662 struct genl_info *info)
9664 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9665 struct net_device *dev = info->user_ptr[1];
9666 struct wireless_dev *wdev = dev->ieee80211_ptr;
9667 struct cfg80211_sched_scan_request *sched_scan_req;
9671 if (!rdev->wiphy.max_sched_scan_reqs || !rdev->ops->sched_scan_start)
9674 want_multi = info->attrs[NL80211_ATTR_SCHED_SCAN_MULTI];
9675 err = cfg80211_sched_scan_req_possible(rdev, want_multi);
9679 sched_scan_req = nl80211_parse_sched_scan(&rdev->wiphy, wdev,
9681 rdev->wiphy.max_match_sets);
9683 err = PTR_ERR_OR_ZERO(sched_scan_req);
9687 /* leave request id zero for legacy request
9688 * or if driver does not support multi-scheduled scan
9690 if (want_multi && rdev->wiphy.max_sched_scan_reqs > 1)
9691 sched_scan_req->reqid = cfg80211_assign_cookie(rdev);
9693 err = rdev_sched_scan_start(rdev, dev, sched_scan_req);
9697 sched_scan_req->dev = dev;
9698 sched_scan_req->wiphy = &rdev->wiphy;
9700 if (info->attrs[NL80211_ATTR_SOCKET_OWNER])
9701 sched_scan_req->owner_nlportid = info->snd_portid;
9703 cfg80211_add_sched_scan_req(rdev, sched_scan_req);
9705 nl80211_send_sched_scan(sched_scan_req, NL80211_CMD_START_SCHED_SCAN);
9709 kfree(sched_scan_req);
9714 static int nl80211_stop_sched_scan(struct sk_buff *skb,
9715 struct genl_info *info)
9717 struct cfg80211_sched_scan_request *req;
9718 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9721 if (!rdev->wiphy.max_sched_scan_reqs || !rdev->ops->sched_scan_stop)
9724 if (info->attrs[NL80211_ATTR_COOKIE]) {
9725 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]);
9726 return __cfg80211_stop_sched_scan(rdev, cookie, false);
9729 req = list_first_or_null_rcu(&rdev->sched_scan_req_list,
9730 struct cfg80211_sched_scan_request,
9732 if (!req || req->reqid ||
9733 (req->owner_nlportid &&
9734 req->owner_nlportid != info->snd_portid))
9737 return cfg80211_stop_sched_scan_req(rdev, req, false);
9740 static int nl80211_start_radar_detection(struct sk_buff *skb,
9741 struct genl_info *info)
9743 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9744 struct net_device *dev = info->user_ptr[1];
9745 struct wireless_dev *wdev = dev->ieee80211_ptr;
9746 struct wiphy *wiphy = wdev->wiphy;
9747 struct cfg80211_chan_def chandef;
9748 enum nl80211_dfs_regions dfs_region;
9749 unsigned int cac_time_ms;
9752 flush_delayed_work(&rdev->dfs_update_channels_wk);
9756 dfs_region = reg_get_dfs_region(wiphy);
9757 if (dfs_region == NL80211_DFS_UNSET)
9760 err = nl80211_parse_chandef(rdev, info, &chandef);
9764 err = cfg80211_chandef_dfs_required(wiphy, &chandef, wdev->iftype);
9773 if (!cfg80211_chandef_dfs_usable(wiphy, &chandef)) {
9778 if (nla_get_flag(info->attrs[NL80211_ATTR_RADAR_BACKGROUND])) {
9779 err = cfg80211_start_background_radar_detection(rdev, wdev,
9784 if (netif_carrier_ok(dev)) {
9789 if (wdev->cac_started) {
9794 /* CAC start is offloaded to HW and can't be started manually */
9795 if (wiphy_ext_feature_isset(wiphy, NL80211_EXT_FEATURE_DFS_OFFLOAD)) {
9800 if (!rdev->ops->start_radar_detection) {
9805 cac_time_ms = cfg80211_chandef_dfs_cac_time(&rdev->wiphy, &chandef);
9806 if (WARN_ON(!cac_time_ms))
9807 cac_time_ms = IEEE80211_DFS_MIN_CAC_TIME_MS;
9809 err = rdev_start_radar_detection(rdev, dev, &chandef, cac_time_ms);
9811 wdev->links[0].ap.chandef = chandef;
9812 wdev->cac_started = true;
9813 wdev->cac_start_time = jiffies;
9814 wdev->cac_time_ms = cac_time_ms;
9817 wiphy_unlock(wiphy);
9822 static int nl80211_notify_radar_detection(struct sk_buff *skb,
9823 struct genl_info *info)
9825 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9826 struct net_device *dev = info->user_ptr[1];
9827 struct wireless_dev *wdev = dev->ieee80211_ptr;
9828 struct wiphy *wiphy = wdev->wiphy;
9829 struct cfg80211_chan_def chandef;
9830 enum nl80211_dfs_regions dfs_region;
9833 dfs_region = reg_get_dfs_region(wiphy);
9834 if (dfs_region == NL80211_DFS_UNSET) {
9835 GENL_SET_ERR_MSG(info,
9836 "DFS Region is not set. Unexpected Radar indication");
9840 err = nl80211_parse_chandef(rdev, info, &chandef);
9842 GENL_SET_ERR_MSG(info, "Unable to extract chandef info");
9846 err = cfg80211_chandef_dfs_required(wiphy, &chandef, wdev->iftype);
9848 GENL_SET_ERR_MSG(info, "chandef is invalid");
9853 GENL_SET_ERR_MSG(info,
9854 "Unexpected Radar indication for chandef/iftype");
9858 /* Do not process this notification if radar is already detected
9859 * by kernel on this channel, and return success.
9861 if (chandef.chan->dfs_state == NL80211_DFS_UNAVAILABLE)
9864 cfg80211_set_dfs_state(wiphy, &chandef, NL80211_DFS_UNAVAILABLE);
9866 cfg80211_sched_dfs_chan_update(rdev);
9868 rdev->radar_chandef = chandef;
9870 /* Propagate this notification to other radios as well */
9871 queue_work(cfg80211_wq, &rdev->propagate_radar_detect_wk);
9876 static int nl80211_channel_switch(struct sk_buff *skb, struct genl_info *info)
9878 struct cfg80211_registered_device *rdev = info->user_ptr[0];
9879 unsigned int link_id = nl80211_link_id(info->attrs);
9880 struct net_device *dev = info->user_ptr[1];
9881 struct wireless_dev *wdev = dev->ieee80211_ptr;
9882 struct cfg80211_csa_settings params;
9883 struct nlattr **csa_attrs = NULL;
9885 bool need_new_beacon = false;
9886 bool need_handle_dfs_flag = true;
9890 if (!rdev->ops->channel_switch ||
9891 !(rdev->wiphy.flags & WIPHY_FLAG_HAS_CHANNEL_SWITCH))
9894 switch (dev->ieee80211_ptr->iftype) {
9895 case NL80211_IFTYPE_AP:
9896 case NL80211_IFTYPE_P2P_GO:
9897 need_new_beacon = true;
9898 /* For all modes except AP the handle_dfs flag needs to be
9899 * supplied to tell the kernel that userspace will handle radar
9900 * events when they happen. Otherwise a switch to a channel
9901 * requiring DFS will be rejected.
9903 need_handle_dfs_flag = false;
9905 /* useless if AP is not running */
9906 if (!wdev->links[link_id].ap.beacon_interval)
9909 case NL80211_IFTYPE_ADHOC:
9910 if (!wdev->u.ibss.ssid_len)
9913 case NL80211_IFTYPE_MESH_POINT:
9914 if (!wdev->u.mesh.id_len)
9921 memset(¶ms, 0, sizeof(params));
9922 params.beacon_csa.ftm_responder = -1;
9924 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] ||
9925 !info->attrs[NL80211_ATTR_CH_SWITCH_COUNT])
9928 /* only important for AP, IBSS and mesh create IEs internally */
9929 if (need_new_beacon && !info->attrs[NL80211_ATTR_CSA_IES])
9932 /* Even though the attribute is u32, the specification says
9933 * u8, so let's make sure we don't overflow.
9935 cs_count = nla_get_u32(info->attrs[NL80211_ATTR_CH_SWITCH_COUNT]);
9939 params.count = cs_count;
9941 if (!need_new_beacon)
9944 err = nl80211_parse_beacon(rdev, info->attrs, ¶ms.beacon_after);
9948 csa_attrs = kcalloc(NL80211_ATTR_MAX + 1, sizeof(*csa_attrs),
9955 err = nla_parse_nested_deprecated(csa_attrs, NL80211_ATTR_MAX,
9956 info->attrs[NL80211_ATTR_CSA_IES],
9957 nl80211_policy, info->extack);
9961 err = nl80211_parse_beacon(rdev, csa_attrs, ¶ms.beacon_csa);
9965 if (!csa_attrs[NL80211_ATTR_CNTDWN_OFFS_BEACON]) {
9970 len = nla_len(csa_attrs[NL80211_ATTR_CNTDWN_OFFS_BEACON]);
9971 if (!len || (len % sizeof(u16))) {
9976 params.n_counter_offsets_beacon = len / sizeof(u16);
9977 if (rdev->wiphy.max_num_csa_counters &&
9978 (params.n_counter_offsets_beacon >
9979 rdev->wiphy.max_num_csa_counters)) {
9984 params.counter_offsets_beacon =
9985 nla_data(csa_attrs[NL80211_ATTR_CNTDWN_OFFS_BEACON]);
9987 /* sanity checks - counters should fit and be the same */
9988 for (i = 0; i < params.n_counter_offsets_beacon; i++) {
9989 u16 offset = params.counter_offsets_beacon[i];
9991 if (offset >= params.beacon_csa.tail_len) {
9996 if (params.beacon_csa.tail[offset] != params.count) {
10002 if (csa_attrs[NL80211_ATTR_CNTDWN_OFFS_PRESP]) {
10003 len = nla_len(csa_attrs[NL80211_ATTR_CNTDWN_OFFS_PRESP]);
10004 if (!len || (len % sizeof(u16))) {
10009 params.n_counter_offsets_presp = len / sizeof(u16);
10010 if (rdev->wiphy.max_num_csa_counters &&
10011 (params.n_counter_offsets_presp >
10012 rdev->wiphy.max_num_csa_counters)) {
10017 params.counter_offsets_presp =
10018 nla_data(csa_attrs[NL80211_ATTR_CNTDWN_OFFS_PRESP]);
10020 /* sanity checks - counters should fit and be the same */
10021 for (i = 0; i < params.n_counter_offsets_presp; i++) {
10022 u16 offset = params.counter_offsets_presp[i];
10024 if (offset >= params.beacon_csa.probe_resp_len) {
10029 if (params.beacon_csa.probe_resp[offset] !=
10038 err = nl80211_parse_chandef(rdev, info, ¶ms.chandef);
10042 if (!cfg80211_reg_can_beacon_relax(&rdev->wiphy, ¶ms.chandef,
10048 err = cfg80211_chandef_dfs_required(wdev->wiphy,
10055 params.radar_required = true;
10056 if (need_handle_dfs_flag &&
10057 !nla_get_flag(info->attrs[NL80211_ATTR_HANDLE_DFS])) {
10063 if (info->attrs[NL80211_ATTR_CH_SWITCH_BLOCK_TX])
10064 params.block_tx = true;
10067 err = rdev_channel_switch(rdev, dev, ¶ms);
10071 kfree(params.beacon_after.mbssid_ies);
10072 kfree(params.beacon_csa.mbssid_ies);
10077 static int nl80211_send_bss(struct sk_buff *msg, struct netlink_callback *cb,
10078 u32 seq, int flags,
10079 struct cfg80211_registered_device *rdev,
10080 struct wireless_dev *wdev,
10081 struct cfg80211_internal_bss *intbss)
10083 struct cfg80211_bss *res = &intbss->pub;
10084 const struct cfg80211_bss_ies *ies;
10085 unsigned int link_id;
10087 struct nlattr *bss;
10089 ASSERT_WDEV_LOCK(wdev);
10091 hdr = nl80211hdr_put(msg, NETLINK_CB(cb->skb).portid, seq, flags,
10092 NL80211_CMD_NEW_SCAN_RESULTS);
10096 genl_dump_check_consistent(cb, hdr);
10098 if (nla_put_u32(msg, NL80211_ATTR_GENERATION, rdev->bss_generation))
10099 goto nla_put_failure;
10100 if (wdev->netdev &&
10101 nla_put_u32(msg, NL80211_ATTR_IFINDEX, wdev->netdev->ifindex))
10102 goto nla_put_failure;
10103 if (nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
10105 goto nla_put_failure;
10107 bss = nla_nest_start_noflag(msg, NL80211_ATTR_BSS);
10109 goto nla_put_failure;
10110 if ((!is_zero_ether_addr(res->bssid) &&
10111 nla_put(msg, NL80211_BSS_BSSID, ETH_ALEN, res->bssid)))
10112 goto nla_put_failure;
10115 /* indicate whether we have probe response data or not */
10116 if (rcu_access_pointer(res->proberesp_ies) &&
10117 nla_put_flag(msg, NL80211_BSS_PRESP_DATA))
10118 goto fail_unlock_rcu;
10120 /* this pointer prefers to be pointed to probe response data
10121 * but is always valid
10123 ies = rcu_dereference(res->ies);
10125 if (nla_put_u64_64bit(msg, NL80211_BSS_TSF, ies->tsf,
10127 goto fail_unlock_rcu;
10128 if (ies->len && nla_put(msg, NL80211_BSS_INFORMATION_ELEMENTS,
10129 ies->len, ies->data))
10130 goto fail_unlock_rcu;
10133 /* and this pointer is always (unless driver didn't know) beacon data */
10134 ies = rcu_dereference(res->beacon_ies);
10135 if (ies && ies->from_beacon) {
10136 if (nla_put_u64_64bit(msg, NL80211_BSS_BEACON_TSF, ies->tsf,
10138 goto fail_unlock_rcu;
10139 if (ies->len && nla_put(msg, NL80211_BSS_BEACON_IES,
10140 ies->len, ies->data))
10141 goto fail_unlock_rcu;
10145 if (res->beacon_interval &&
10146 nla_put_u16(msg, NL80211_BSS_BEACON_INTERVAL, res->beacon_interval))
10147 goto nla_put_failure;
10148 if (nla_put_u16(msg, NL80211_BSS_CAPABILITY, res->capability) ||
10149 nla_put_u32(msg, NL80211_BSS_FREQUENCY, res->channel->center_freq) ||
10150 nla_put_u32(msg, NL80211_BSS_FREQUENCY_OFFSET,
10151 res->channel->freq_offset) ||
10152 nla_put_u32(msg, NL80211_BSS_CHAN_WIDTH, res->scan_width) ||
10153 nla_put_u32(msg, NL80211_BSS_SEEN_MS_AGO,
10154 jiffies_to_msecs(jiffies - intbss->ts)))
10155 goto nla_put_failure;
10157 if (intbss->parent_tsf &&
10158 (nla_put_u64_64bit(msg, NL80211_BSS_PARENT_TSF,
10159 intbss->parent_tsf, NL80211_BSS_PAD) ||
10160 nla_put(msg, NL80211_BSS_PARENT_BSSID, ETH_ALEN,
10161 intbss->parent_bssid)))
10162 goto nla_put_failure;
10164 if (intbss->ts_boottime &&
10165 nla_put_u64_64bit(msg, NL80211_BSS_LAST_SEEN_BOOTTIME,
10166 intbss->ts_boottime, NL80211_BSS_PAD))
10167 goto nla_put_failure;
10169 if (!nl80211_put_signal(msg, intbss->pub.chains,
10170 intbss->pub.chain_signal,
10171 NL80211_BSS_CHAIN_SIGNAL))
10172 goto nla_put_failure;
10174 switch (rdev->wiphy.signal_type) {
10175 case CFG80211_SIGNAL_TYPE_MBM:
10176 if (nla_put_u32(msg, NL80211_BSS_SIGNAL_MBM, res->signal))
10177 goto nla_put_failure;
10179 case CFG80211_SIGNAL_TYPE_UNSPEC:
10180 if (nla_put_u8(msg, NL80211_BSS_SIGNAL_UNSPEC, res->signal))
10181 goto nla_put_failure;
10187 switch (wdev->iftype) {
10188 case NL80211_IFTYPE_P2P_CLIENT:
10189 case NL80211_IFTYPE_STATION:
10190 for_each_valid_link(wdev, link_id) {
10191 if (intbss == wdev->links[link_id].client.current_bss &&
10192 (nla_put_u32(msg, NL80211_BSS_STATUS,
10193 NL80211_BSS_STATUS_ASSOCIATED) ||
10194 (wdev->valid_links &&
10195 (nla_put_u8(msg, NL80211_BSS_MLO_LINK_ID,
10197 nla_put(msg, NL80211_BSS_MLD_ADDR, ETH_ALEN,
10198 wdev->u.client.connected_addr)))))
10199 goto nla_put_failure;
10202 case NL80211_IFTYPE_ADHOC:
10203 if (intbss == wdev->u.ibss.current_bss &&
10204 nla_put_u32(msg, NL80211_BSS_STATUS,
10205 NL80211_BSS_STATUS_IBSS_JOINED))
10206 goto nla_put_failure;
10212 nla_nest_end(msg, bss);
10214 genlmsg_end(msg, hdr);
10220 genlmsg_cancel(msg, hdr);
10224 static int nl80211_dump_scan(struct sk_buff *skb, struct netlink_callback *cb)
10226 struct cfg80211_registered_device *rdev;
10227 struct cfg80211_internal_bss *scan;
10228 struct wireless_dev *wdev;
10229 int start = cb->args[2], idx = 0;
10232 err = nl80211_prepare_wdev_dump(cb, &rdev, &wdev, NULL);
10235 /* nl80211_prepare_wdev_dump acquired it in the successful case */
10236 __acquire(&rdev->wiphy.mtx);
10239 spin_lock_bh(&rdev->bss_lock);
10242 * dump_scan will be called multiple times to break up the scan results
10243 * into multiple messages. It is unlikely that any more bss-es will be
10244 * expired after the first call, so only call only call this on the
10245 * first dump_scan invocation.
10248 cfg80211_bss_expire(rdev);
10250 cb->seq = rdev->bss_generation;
10252 list_for_each_entry(scan, &rdev->bss_list, list) {
10253 if (++idx <= start)
10255 if (nl80211_send_bss(skb, cb,
10256 cb->nlh->nlmsg_seq, NLM_F_MULTI,
10257 rdev, wdev, scan) < 0) {
10263 spin_unlock_bh(&rdev->bss_lock);
10267 wiphy_unlock(&rdev->wiphy);
10272 static int nl80211_send_survey(struct sk_buff *msg, u32 portid, u32 seq,
10273 int flags, struct net_device *dev,
10274 bool allow_radio_stats,
10275 struct survey_info *survey)
10278 struct nlattr *infoattr;
10280 /* skip radio stats if userspace didn't request them */
10281 if (!survey->channel && !allow_radio_stats)
10284 hdr = nl80211hdr_put(msg, portid, seq, flags,
10285 NL80211_CMD_NEW_SURVEY_RESULTS);
10289 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex))
10290 goto nla_put_failure;
10292 infoattr = nla_nest_start_noflag(msg, NL80211_ATTR_SURVEY_INFO);
10294 goto nla_put_failure;
10296 if (survey->channel &&
10297 nla_put_u32(msg, NL80211_SURVEY_INFO_FREQUENCY,
10298 survey->channel->center_freq))
10299 goto nla_put_failure;
10301 if (survey->channel && survey->channel->freq_offset &&
10302 nla_put_u32(msg, NL80211_SURVEY_INFO_FREQUENCY_OFFSET,
10303 survey->channel->freq_offset))
10304 goto nla_put_failure;
10306 if ((survey->filled & SURVEY_INFO_NOISE_DBM) &&
10307 nla_put_u8(msg, NL80211_SURVEY_INFO_NOISE, survey->noise))
10308 goto nla_put_failure;
10309 if ((survey->filled & SURVEY_INFO_IN_USE) &&
10310 nla_put_flag(msg, NL80211_SURVEY_INFO_IN_USE))
10311 goto nla_put_failure;
10312 if ((survey->filled & SURVEY_INFO_TIME) &&
10313 nla_put_u64_64bit(msg, NL80211_SURVEY_INFO_TIME,
10314 survey->time, NL80211_SURVEY_INFO_PAD))
10315 goto nla_put_failure;
10316 if ((survey->filled & SURVEY_INFO_TIME_BUSY) &&
10317 nla_put_u64_64bit(msg, NL80211_SURVEY_INFO_TIME_BUSY,
10318 survey->time_busy, NL80211_SURVEY_INFO_PAD))
10319 goto nla_put_failure;
10320 if ((survey->filled & SURVEY_INFO_TIME_EXT_BUSY) &&
10321 nla_put_u64_64bit(msg, NL80211_SURVEY_INFO_TIME_EXT_BUSY,
10322 survey->time_ext_busy, NL80211_SURVEY_INFO_PAD))
10323 goto nla_put_failure;
10324 if ((survey->filled & SURVEY_INFO_TIME_RX) &&
10325 nla_put_u64_64bit(msg, NL80211_SURVEY_INFO_TIME_RX,
10326 survey->time_rx, NL80211_SURVEY_INFO_PAD))
10327 goto nla_put_failure;
10328 if ((survey->filled & SURVEY_INFO_TIME_TX) &&
10329 nla_put_u64_64bit(msg, NL80211_SURVEY_INFO_TIME_TX,
10330 survey->time_tx, NL80211_SURVEY_INFO_PAD))
10331 goto nla_put_failure;
10332 if ((survey->filled & SURVEY_INFO_TIME_SCAN) &&
10333 nla_put_u64_64bit(msg, NL80211_SURVEY_INFO_TIME_SCAN,
10334 survey->time_scan, NL80211_SURVEY_INFO_PAD))
10335 goto nla_put_failure;
10336 if ((survey->filled & SURVEY_INFO_TIME_BSS_RX) &&
10337 nla_put_u64_64bit(msg, NL80211_SURVEY_INFO_TIME_BSS_RX,
10338 survey->time_bss_rx, NL80211_SURVEY_INFO_PAD))
10339 goto nla_put_failure;
10341 nla_nest_end(msg, infoattr);
10343 genlmsg_end(msg, hdr);
10347 genlmsg_cancel(msg, hdr);
10351 static int nl80211_dump_survey(struct sk_buff *skb, struct netlink_callback *cb)
10353 struct nlattr **attrbuf;
10354 struct survey_info survey;
10355 struct cfg80211_registered_device *rdev;
10356 struct wireless_dev *wdev;
10357 int survey_idx = cb->args[2];
10361 attrbuf = kcalloc(NUM_NL80211_ATTR, sizeof(*attrbuf), GFP_KERNEL);
10365 res = nl80211_prepare_wdev_dump(cb, &rdev, &wdev, attrbuf);
10370 /* nl80211_prepare_wdev_dump acquired it in the successful case */
10371 __acquire(&rdev->wiphy.mtx);
10373 /* prepare_wdev_dump parsed the attributes */
10374 radio_stats = attrbuf[NL80211_ATTR_SURVEY_RADIO_STATS];
10376 if (!wdev->netdev) {
10381 if (!rdev->ops->dump_survey) {
10388 res = rdev_dump_survey(rdev, wdev->netdev, survey_idx, &survey);
10390 if (res == -ENOENT)
10395 /* don't send disabled channels, but do send non-channel data */
10396 if (survey.channel &&
10397 survey.channel->flags & IEEE80211_CHAN_DISABLED) {
10402 if (nl80211_send_survey(skb,
10403 NETLINK_CB(cb->skb).portid,
10404 cb->nlh->nlmsg_seq, NLM_F_MULTI,
10405 wdev->netdev, radio_stats, &survey) < 0)
10411 cb->args[2] = survey_idx;
10415 wiphy_unlock(&rdev->wiphy);
10419 static bool nl80211_valid_wpa_versions(u32 wpa_versions)
10421 return !(wpa_versions & ~(NL80211_WPA_VERSION_1 |
10422 NL80211_WPA_VERSION_2 |
10423 NL80211_WPA_VERSION_3));
10426 static int nl80211_authenticate(struct sk_buff *skb, struct genl_info *info)
10428 struct cfg80211_registered_device *rdev = info->user_ptr[0];
10429 struct net_device *dev = info->user_ptr[1];
10430 struct ieee80211_channel *chan;
10431 const u8 *bssid, *ssid;
10433 enum nl80211_auth_type auth_type;
10434 struct key_parse key;
10435 bool local_state_change;
10436 struct cfg80211_auth_request req = {};
10439 if (!info->attrs[NL80211_ATTR_MAC])
10442 if (!info->attrs[NL80211_ATTR_AUTH_TYPE])
10445 if (!info->attrs[NL80211_ATTR_SSID])
10448 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ])
10451 err = nl80211_parse_key(info, &key);
10455 if (key.idx >= 0) {
10456 if (key.type != -1 && key.type != NL80211_KEYTYPE_GROUP)
10458 if (!key.p.key || !key.p.key_len)
10460 if ((key.p.cipher != WLAN_CIPHER_SUITE_WEP40 ||
10461 key.p.key_len != WLAN_KEY_LEN_WEP40) &&
10462 (key.p.cipher != WLAN_CIPHER_SUITE_WEP104 ||
10463 key.p.key_len != WLAN_KEY_LEN_WEP104))
10472 if (key.idx >= 0) {
10476 for (i = 0; i < rdev->wiphy.n_cipher_suites; i++) {
10477 if (key.p.cipher == rdev->wiphy.cipher_suites[i]) {
10486 if (!rdev->ops->auth)
10487 return -EOPNOTSUPP;
10489 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
10490 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
10491 return -EOPNOTSUPP;
10493 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
10494 freq = MHZ_TO_KHZ(nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]));
10495 if (info->attrs[NL80211_ATTR_WIPHY_FREQ_OFFSET])
10497 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ_OFFSET]);
10499 chan = nl80211_get_valid_chan(&rdev->wiphy, freq);
10503 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
10504 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
10506 if (info->attrs[NL80211_ATTR_IE]) {
10507 req.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
10508 req.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
10511 auth_type = nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]);
10512 if (!nl80211_valid_auth_type(rdev, auth_type, NL80211_CMD_AUTHENTICATE))
10515 if ((auth_type == NL80211_AUTHTYPE_SAE ||
10516 auth_type == NL80211_AUTHTYPE_FILS_SK ||
10517 auth_type == NL80211_AUTHTYPE_FILS_SK_PFS ||
10518 auth_type == NL80211_AUTHTYPE_FILS_PK) &&
10519 !info->attrs[NL80211_ATTR_AUTH_DATA])
10522 if (info->attrs[NL80211_ATTR_AUTH_DATA]) {
10523 if (auth_type != NL80211_AUTHTYPE_SAE &&
10524 auth_type != NL80211_AUTHTYPE_FILS_SK &&
10525 auth_type != NL80211_AUTHTYPE_FILS_SK_PFS &&
10526 auth_type != NL80211_AUTHTYPE_FILS_PK)
10528 req.auth_data = nla_data(info->attrs[NL80211_ATTR_AUTH_DATA]);
10529 req.auth_data_len = nla_len(info->attrs[NL80211_ATTR_AUTH_DATA]);
10532 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE];
10535 * Since we no longer track auth state, ignore
10536 * requests to only change local state.
10538 if (local_state_change)
10541 req.auth_type = auth_type;
10542 req.key = key.p.key;
10543 req.key_len = key.p.key_len;
10544 req.key_idx = key.idx;
10545 req.link_id = nl80211_link_id_or_invalid(info->attrs);
10546 if (req.link_id >= 0) {
10547 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_MLO))
10549 if (!info->attrs[NL80211_ATTR_MLD_ADDR])
10551 req.ap_mld_addr = nla_data(info->attrs[NL80211_ATTR_MLD_ADDR]);
10552 if (!is_valid_ether_addr(req.ap_mld_addr))
10556 req.bss = cfg80211_get_bss(&rdev->wiphy, chan, bssid, ssid, ssid_len,
10557 IEEE80211_BSS_TYPE_ESS,
10558 IEEE80211_PRIVACY_ANY);
10562 wdev_lock(dev->ieee80211_ptr);
10563 err = cfg80211_mlme_auth(rdev, dev, &req);
10564 wdev_unlock(dev->ieee80211_ptr);
10566 cfg80211_put_bss(&rdev->wiphy, req.bss);
10571 static int validate_pae_over_nl80211(struct cfg80211_registered_device *rdev,
10572 struct genl_info *info)
10574 if (!info->attrs[NL80211_ATTR_SOCKET_OWNER]) {
10575 GENL_SET_ERR_MSG(info, "SOCKET_OWNER not set");
10579 if (!rdev->ops->tx_control_port ||
10580 !wiphy_ext_feature_isset(&rdev->wiphy,
10581 NL80211_EXT_FEATURE_CONTROL_PORT_OVER_NL80211))
10582 return -EOPNOTSUPP;
10587 static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev,
10588 struct genl_info *info,
10589 struct cfg80211_crypto_settings *settings,
10592 memset(settings, 0, sizeof(*settings));
10594 settings->control_port = info->attrs[NL80211_ATTR_CONTROL_PORT];
10596 if (info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]) {
10599 proto = nla_get_u16(
10600 info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]);
10601 settings->control_port_ethertype = cpu_to_be16(proto);
10602 if (!(rdev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) &&
10603 proto != ETH_P_PAE)
10605 if (info->attrs[NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT])
10606 settings->control_port_no_encrypt = true;
10608 settings->control_port_ethertype = cpu_to_be16(ETH_P_PAE);
10610 if (info->attrs[NL80211_ATTR_CONTROL_PORT_OVER_NL80211]) {
10611 int r = validate_pae_over_nl80211(rdev, info);
10616 settings->control_port_over_nl80211 = true;
10618 if (info->attrs[NL80211_ATTR_CONTROL_PORT_NO_PREAUTH])
10619 settings->control_port_no_preauth = true;
10622 if (info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]) {
10626 data = nla_data(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]);
10627 len = nla_len(info->attrs[NL80211_ATTR_CIPHER_SUITES_PAIRWISE]);
10628 settings->n_ciphers_pairwise = len / sizeof(u32);
10630 if (len % sizeof(u32))
10633 if (settings->n_ciphers_pairwise > cipher_limit)
10636 memcpy(settings->ciphers_pairwise, data, len);
10638 for (i = 0; i < settings->n_ciphers_pairwise; i++)
10639 if (!cfg80211_supported_cipher_suite(
10641 settings->ciphers_pairwise[i]))
10645 if (info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]) {
10646 settings->cipher_group =
10647 nla_get_u32(info->attrs[NL80211_ATTR_CIPHER_SUITE_GROUP]);
10648 if (!cfg80211_supported_cipher_suite(&rdev->wiphy,
10649 settings->cipher_group))
10653 if (info->attrs[NL80211_ATTR_WPA_VERSIONS]) {
10654 settings->wpa_versions =
10655 nla_get_u32(info->attrs[NL80211_ATTR_WPA_VERSIONS]);
10656 if (!nl80211_valid_wpa_versions(settings->wpa_versions))
10660 if (info->attrs[NL80211_ATTR_AKM_SUITES]) {
10664 data = nla_data(info->attrs[NL80211_ATTR_AKM_SUITES]);
10665 len = nla_len(info->attrs[NL80211_ATTR_AKM_SUITES]);
10666 settings->n_akm_suites = len / sizeof(u32);
10668 if (len % sizeof(u32))
10671 if (settings->n_akm_suites > rdev->wiphy.max_num_akm_suites)
10674 memcpy(settings->akm_suites, data, len);
10677 if (info->attrs[NL80211_ATTR_PMK]) {
10678 if (nla_len(info->attrs[NL80211_ATTR_PMK]) != WLAN_PMK_LEN)
10680 if (!wiphy_ext_feature_isset(&rdev->wiphy,
10681 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_PSK) &&
10682 !wiphy_ext_feature_isset(&rdev->wiphy,
10683 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_AP_PSK))
10685 settings->psk = nla_data(info->attrs[NL80211_ATTR_PMK]);
10688 if (info->attrs[NL80211_ATTR_SAE_PASSWORD]) {
10689 if (!wiphy_ext_feature_isset(&rdev->wiphy,
10690 NL80211_EXT_FEATURE_SAE_OFFLOAD) &&
10691 !wiphy_ext_feature_isset(&rdev->wiphy,
10692 NL80211_EXT_FEATURE_SAE_OFFLOAD_AP))
10694 settings->sae_pwd =
10695 nla_data(info->attrs[NL80211_ATTR_SAE_PASSWORD]);
10696 settings->sae_pwd_len =
10697 nla_len(info->attrs[NL80211_ATTR_SAE_PASSWORD]);
10700 if (info->attrs[NL80211_ATTR_SAE_PWE])
10701 settings->sae_pwe =
10702 nla_get_u8(info->attrs[NL80211_ATTR_SAE_PWE]);
10704 settings->sae_pwe = NL80211_SAE_PWE_UNSPECIFIED;
10709 static struct cfg80211_bss *nl80211_assoc_bss(struct cfg80211_registered_device *rdev,
10710 const u8 *ssid, int ssid_len,
10711 struct nlattr **attrs)
10713 struct ieee80211_channel *chan;
10714 struct cfg80211_bss *bss;
10718 if (!attrs[NL80211_ATTR_MAC] || !attrs[NL80211_ATTR_WIPHY_FREQ])
10719 return ERR_PTR(-EINVAL);
10721 bssid = nla_data(attrs[NL80211_ATTR_MAC]);
10723 freq = MHZ_TO_KHZ(nla_get_u32(attrs[NL80211_ATTR_WIPHY_FREQ]));
10724 if (attrs[NL80211_ATTR_WIPHY_FREQ_OFFSET])
10725 freq += nla_get_u32(attrs[NL80211_ATTR_WIPHY_FREQ_OFFSET]);
10727 chan = nl80211_get_valid_chan(&rdev->wiphy, freq);
10729 return ERR_PTR(-EINVAL);
10731 bss = cfg80211_get_bss(&rdev->wiphy, chan, bssid,
10733 IEEE80211_BSS_TYPE_ESS,
10734 IEEE80211_PRIVACY_ANY);
10736 return ERR_PTR(-ENOENT);
10741 static int nl80211_associate(struct sk_buff *skb, struct genl_info *info)
10743 struct cfg80211_registered_device *rdev = info->user_ptr[0];
10744 struct net_device *dev = info->user_ptr[1];
10745 struct cfg80211_assoc_request req = {};
10746 struct nlattr **attrs = NULL;
10747 const u8 *ap_addr, *ssid;
10748 unsigned int link_id;
10751 if (dev->ieee80211_ptr->conn_owner_nlportid &&
10752 dev->ieee80211_ptr->conn_owner_nlportid != info->snd_portid)
10755 if (!info->attrs[NL80211_ATTR_SSID])
10758 if (!rdev->ops->assoc)
10759 return -EOPNOTSUPP;
10761 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
10762 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
10763 return -EOPNOTSUPP;
10765 ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
10766 ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
10768 if (info->attrs[NL80211_ATTR_IE]) {
10769 req.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
10770 req.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
10772 if (cfg80211_find_ext_elem(WLAN_EID_EXT_NON_INHERITANCE,
10773 req.ie, req.ie_len)) {
10774 GENL_SET_ERR_MSG(info,
10775 "non-inheritance makes no sense");
10780 if (info->attrs[NL80211_ATTR_USE_MFP]) {
10781 enum nl80211_mfp mfp =
10782 nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]);
10783 if (mfp == NL80211_MFP_REQUIRED)
10784 req.use_mfp = true;
10785 else if (mfp != NL80211_MFP_NO)
10789 if (info->attrs[NL80211_ATTR_PREV_BSSID])
10790 req.prev_bssid = nla_data(info->attrs[NL80211_ATTR_PREV_BSSID]);
10792 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_HT]))
10793 req.flags |= ASSOC_REQ_DISABLE_HT;
10795 if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
10796 memcpy(&req.ht_capa_mask,
10797 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]),
10798 sizeof(req.ht_capa_mask));
10800 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) {
10801 if (!info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
10803 memcpy(&req.ht_capa,
10804 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]),
10805 sizeof(req.ht_capa));
10808 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_VHT]))
10809 req.flags |= ASSOC_REQ_DISABLE_VHT;
10811 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_HE]))
10812 req.flags |= ASSOC_REQ_DISABLE_HE;
10814 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_EHT]))
10815 req.flags |= ASSOC_REQ_DISABLE_EHT;
10817 if (info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK])
10818 memcpy(&req.vht_capa_mask,
10819 nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK]),
10820 sizeof(req.vht_capa_mask));
10822 if (info->attrs[NL80211_ATTR_VHT_CAPABILITY]) {
10823 if (!info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK])
10825 memcpy(&req.vht_capa,
10826 nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY]),
10827 sizeof(req.vht_capa));
10830 if (nla_get_flag(info->attrs[NL80211_ATTR_USE_RRM])) {
10831 if (!((rdev->wiphy.features &
10832 NL80211_FEATURE_DS_PARAM_SET_IE_IN_PROBES) &&
10833 (rdev->wiphy.features & NL80211_FEATURE_QUIET)) &&
10834 !wiphy_ext_feature_isset(&rdev->wiphy,
10835 NL80211_EXT_FEATURE_RRM))
10837 req.flags |= ASSOC_REQ_USE_RRM;
10840 if (info->attrs[NL80211_ATTR_FILS_KEK]) {
10841 req.fils_kek = nla_data(info->attrs[NL80211_ATTR_FILS_KEK]);
10842 req.fils_kek_len = nla_len(info->attrs[NL80211_ATTR_FILS_KEK]);
10843 if (!info->attrs[NL80211_ATTR_FILS_NONCES])
10846 nla_data(info->attrs[NL80211_ATTR_FILS_NONCES]);
10849 if (info->attrs[NL80211_ATTR_S1G_CAPABILITY_MASK]) {
10850 if (!info->attrs[NL80211_ATTR_S1G_CAPABILITY])
10852 memcpy(&req.s1g_capa_mask,
10853 nla_data(info->attrs[NL80211_ATTR_S1G_CAPABILITY_MASK]),
10854 sizeof(req.s1g_capa_mask));
10857 if (info->attrs[NL80211_ATTR_S1G_CAPABILITY]) {
10858 if (!info->attrs[NL80211_ATTR_S1G_CAPABILITY_MASK])
10860 memcpy(&req.s1g_capa,
10861 nla_data(info->attrs[NL80211_ATTR_S1G_CAPABILITY]),
10862 sizeof(req.s1g_capa));
10865 req.link_id = nl80211_link_id_or_invalid(info->attrs);
10867 if (info->attrs[NL80211_ATTR_MLO_LINKS]) {
10868 unsigned int attrsize = NUM_NL80211_ATTR * sizeof(*attrs);
10869 struct nlattr *link;
10872 if (req.link_id < 0)
10875 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_MLO))
10878 if (info->attrs[NL80211_ATTR_MAC] ||
10879 info->attrs[NL80211_ATTR_WIPHY_FREQ] ||
10880 !info->attrs[NL80211_ATTR_MLD_ADDR])
10883 req.ap_mld_addr = nla_data(info->attrs[NL80211_ATTR_MLD_ADDR]);
10884 ap_addr = req.ap_mld_addr;
10886 attrs = kzalloc(attrsize, GFP_KERNEL);
10890 nla_for_each_nested(link,
10891 info->attrs[NL80211_ATTR_MLO_LINKS],
10893 memset(attrs, 0, attrsize);
10895 nla_parse_nested(attrs, NL80211_ATTR_MAX,
10898 if (!attrs[NL80211_ATTR_MLO_LINK_ID]) {
10903 link_id = nla_get_u8(attrs[NL80211_ATTR_MLO_LINK_ID]);
10904 /* cannot use the same link ID again */
10905 if (req.links[link_id].bss) {
10909 req.links[link_id].bss =
10910 nl80211_assoc_bss(rdev, ssid, ssid_len, attrs);
10911 if (IS_ERR(req.links[link_id].bss)) {
10912 err = PTR_ERR(req.links[link_id].bss);
10913 req.links[link_id].bss = NULL;
10917 if (attrs[NL80211_ATTR_IE]) {
10918 req.links[link_id].elems =
10919 nla_data(attrs[NL80211_ATTR_IE]);
10920 req.links[link_id].elems_len =
10921 nla_len(attrs[NL80211_ATTR_IE]);
10923 if (cfg80211_find_elem(WLAN_EID_FRAGMENT,
10924 req.links[link_id].elems,
10925 req.links[link_id].elems_len)) {
10926 GENL_SET_ERR_MSG(info,
10927 "cannot deal with fragmentation");
10932 if (cfg80211_find_ext_elem(WLAN_EID_EXT_NON_INHERITANCE,
10933 req.links[link_id].elems,
10934 req.links[link_id].elems_len)) {
10935 GENL_SET_ERR_MSG(info,
10936 "cannot deal with non-inheritance");
10943 if (!req.links[req.link_id].bss) {
10948 if (req.links[req.link_id].elems_len) {
10949 GENL_SET_ERR_MSG(info,
10950 "cannot have per-link elems on assoc link");
10958 if (req.link_id >= 0)
10961 req.bss = nl80211_assoc_bss(rdev, ssid, ssid_len, info->attrs);
10962 if (IS_ERR(req.bss))
10963 return PTR_ERR(req.bss);
10964 ap_addr = req.bss->bssid;
10967 err = nl80211_crypto_settings(rdev, info, &req.crypto, 1);
10969 wdev_lock(dev->ieee80211_ptr);
10971 err = cfg80211_mlme_assoc(rdev, dev, &req);
10973 if (!err && info->attrs[NL80211_ATTR_SOCKET_OWNER]) {
10974 dev->ieee80211_ptr->conn_owner_nlportid =
10976 memcpy(dev->ieee80211_ptr->disconnect_bssid,
10977 ap_addr, ETH_ALEN);
10980 wdev_unlock(dev->ieee80211_ptr);
10984 for (link_id = 0; link_id < ARRAY_SIZE(req.links); link_id++)
10985 cfg80211_put_bss(&rdev->wiphy, req.links[link_id].bss);
10986 cfg80211_put_bss(&rdev->wiphy, req.bss);
10992 static int nl80211_deauthenticate(struct sk_buff *skb, struct genl_info *info)
10994 struct cfg80211_registered_device *rdev = info->user_ptr[0];
10995 struct net_device *dev = info->user_ptr[1];
10996 const u8 *ie = NULL, *bssid;
10997 int ie_len = 0, err;
10999 bool local_state_change;
11001 if (dev->ieee80211_ptr->conn_owner_nlportid &&
11002 dev->ieee80211_ptr->conn_owner_nlportid != info->snd_portid)
11005 if (!info->attrs[NL80211_ATTR_MAC])
11008 if (!info->attrs[NL80211_ATTR_REASON_CODE])
11011 if (!rdev->ops->deauth)
11012 return -EOPNOTSUPP;
11014 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
11015 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
11016 return -EOPNOTSUPP;
11018 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
11020 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
11021 if (reason_code == 0) {
11022 /* Reason Code 0 is reserved */
11026 if (info->attrs[NL80211_ATTR_IE]) {
11027 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
11028 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
11031 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE];
11033 wdev_lock(dev->ieee80211_ptr);
11034 err = cfg80211_mlme_deauth(rdev, dev, bssid, ie, ie_len, reason_code,
11035 local_state_change);
11036 wdev_unlock(dev->ieee80211_ptr);
11040 static int nl80211_disassociate(struct sk_buff *skb, struct genl_info *info)
11042 struct cfg80211_registered_device *rdev = info->user_ptr[0];
11043 struct net_device *dev = info->user_ptr[1];
11044 const u8 *ie = NULL, *bssid;
11045 int ie_len = 0, err;
11047 bool local_state_change;
11049 if (dev->ieee80211_ptr->conn_owner_nlportid &&
11050 dev->ieee80211_ptr->conn_owner_nlportid != info->snd_portid)
11053 if (!info->attrs[NL80211_ATTR_MAC])
11056 if (!info->attrs[NL80211_ATTR_REASON_CODE])
11059 if (!rdev->ops->disassoc)
11060 return -EOPNOTSUPP;
11062 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
11063 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
11064 return -EOPNOTSUPP;
11066 bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
11068 reason_code = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
11069 if (reason_code == 0) {
11070 /* Reason Code 0 is reserved */
11074 if (info->attrs[NL80211_ATTR_IE]) {
11075 ie = nla_data(info->attrs[NL80211_ATTR_IE]);
11076 ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
11079 local_state_change = !!info->attrs[NL80211_ATTR_LOCAL_STATE_CHANGE];
11081 wdev_lock(dev->ieee80211_ptr);
11082 err = cfg80211_mlme_disassoc(rdev, dev, bssid, ie, ie_len, reason_code,
11083 local_state_change);
11084 wdev_unlock(dev->ieee80211_ptr);
11089 nl80211_parse_mcast_rate(struct cfg80211_registered_device *rdev,
11090 int mcast_rate[NUM_NL80211_BANDS],
11093 struct wiphy *wiphy = &rdev->wiphy;
11094 bool found = false;
11097 for (band = 0; band < NUM_NL80211_BANDS; band++) {
11098 struct ieee80211_supported_band *sband;
11100 sband = wiphy->bands[band];
11104 for (i = 0; i < sband->n_bitrates; i++) {
11105 if (sband->bitrates[i].bitrate == rateval) {
11106 mcast_rate[band] = i + 1;
11116 static int nl80211_join_ibss(struct sk_buff *skb, struct genl_info *info)
11118 struct cfg80211_registered_device *rdev = info->user_ptr[0];
11119 struct net_device *dev = info->user_ptr[1];
11120 struct cfg80211_ibss_params ibss;
11121 struct wiphy *wiphy;
11122 struct cfg80211_cached_keys *connkeys = NULL;
11125 memset(&ibss, 0, sizeof(ibss));
11127 if (!info->attrs[NL80211_ATTR_SSID] ||
11128 !nla_len(info->attrs[NL80211_ATTR_SSID]))
11131 ibss.beacon_interval = 100;
11133 if (info->attrs[NL80211_ATTR_BEACON_INTERVAL])
11134 ibss.beacon_interval =
11135 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]);
11137 err = cfg80211_validate_beacon_int(rdev, NL80211_IFTYPE_ADHOC,
11138 ibss.beacon_interval);
11142 if (!rdev->ops->join_ibss)
11143 return -EOPNOTSUPP;
11145 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC)
11146 return -EOPNOTSUPP;
11148 wiphy = &rdev->wiphy;
11150 if (info->attrs[NL80211_ATTR_MAC]) {
11151 ibss.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
11153 if (!is_valid_ether_addr(ibss.bssid))
11156 ibss.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
11157 ibss.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
11159 if (info->attrs[NL80211_ATTR_IE]) {
11160 ibss.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
11161 ibss.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
11164 err = nl80211_parse_chandef(rdev, info, &ibss.chandef);
11168 if (!cfg80211_reg_can_beacon(&rdev->wiphy, &ibss.chandef,
11169 NL80211_IFTYPE_ADHOC))
11172 switch (ibss.chandef.width) {
11173 case NL80211_CHAN_WIDTH_5:
11174 case NL80211_CHAN_WIDTH_10:
11175 case NL80211_CHAN_WIDTH_20_NOHT:
11177 case NL80211_CHAN_WIDTH_20:
11178 case NL80211_CHAN_WIDTH_40:
11179 if (!(rdev->wiphy.features & NL80211_FEATURE_HT_IBSS))
11182 case NL80211_CHAN_WIDTH_80:
11183 case NL80211_CHAN_WIDTH_80P80:
11184 case NL80211_CHAN_WIDTH_160:
11185 if (!(rdev->wiphy.features & NL80211_FEATURE_HT_IBSS))
11187 if (!wiphy_ext_feature_isset(&rdev->wiphy,
11188 NL80211_EXT_FEATURE_VHT_IBSS))
11191 case NL80211_CHAN_WIDTH_320:
11197 ibss.channel_fixed = !!info->attrs[NL80211_ATTR_FREQ_FIXED];
11198 ibss.privacy = !!info->attrs[NL80211_ATTR_PRIVACY];
11200 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) {
11202 nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
11204 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
11205 struct ieee80211_supported_band *sband =
11206 wiphy->bands[ibss.chandef.chan->band];
11208 err = ieee80211_get_ratemask(sband, rates, n_rates,
11209 &ibss.basic_rates);
11214 if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
11215 memcpy(&ibss.ht_capa_mask,
11216 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]),
11217 sizeof(ibss.ht_capa_mask));
11219 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) {
11220 if (!info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
11222 memcpy(&ibss.ht_capa,
11223 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]),
11224 sizeof(ibss.ht_capa));
11227 if (info->attrs[NL80211_ATTR_MCAST_RATE] &&
11228 !nl80211_parse_mcast_rate(rdev, ibss.mcast_rate,
11229 nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE])))
11232 if (ibss.privacy && info->attrs[NL80211_ATTR_KEYS]) {
11233 bool no_ht = false;
11235 connkeys = nl80211_parse_connkeys(rdev, info, &no_ht);
11236 if (IS_ERR(connkeys))
11237 return PTR_ERR(connkeys);
11239 if ((ibss.chandef.width != NL80211_CHAN_WIDTH_20_NOHT) &&
11241 kfree_sensitive(connkeys);
11246 ibss.control_port =
11247 nla_get_flag(info->attrs[NL80211_ATTR_CONTROL_PORT]);
11249 if (info->attrs[NL80211_ATTR_CONTROL_PORT_OVER_NL80211]) {
11250 int r = validate_pae_over_nl80211(rdev, info);
11253 kfree_sensitive(connkeys);
11257 ibss.control_port_over_nl80211 = true;
11260 ibss.userspace_handles_dfs =
11261 nla_get_flag(info->attrs[NL80211_ATTR_HANDLE_DFS]);
11263 wdev_lock(dev->ieee80211_ptr);
11264 err = __cfg80211_join_ibss(rdev, dev, &ibss, connkeys);
11266 kfree_sensitive(connkeys);
11267 else if (info->attrs[NL80211_ATTR_SOCKET_OWNER])
11268 dev->ieee80211_ptr->conn_owner_nlportid = info->snd_portid;
11269 wdev_unlock(dev->ieee80211_ptr);
11274 static int nl80211_leave_ibss(struct sk_buff *skb, struct genl_info *info)
11276 struct cfg80211_registered_device *rdev = info->user_ptr[0];
11277 struct net_device *dev = info->user_ptr[1];
11279 if (!rdev->ops->leave_ibss)
11280 return -EOPNOTSUPP;
11282 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC)
11283 return -EOPNOTSUPP;
11285 return cfg80211_leave_ibss(rdev, dev, false);
11288 static int nl80211_set_mcast_rate(struct sk_buff *skb, struct genl_info *info)
11290 struct cfg80211_registered_device *rdev = info->user_ptr[0];
11291 struct net_device *dev = info->user_ptr[1];
11292 int mcast_rate[NUM_NL80211_BANDS];
11295 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_ADHOC &&
11296 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_MESH_POINT &&
11297 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_OCB)
11298 return -EOPNOTSUPP;
11300 if (!rdev->ops->set_mcast_rate)
11301 return -EOPNOTSUPP;
11303 memset(mcast_rate, 0, sizeof(mcast_rate));
11305 if (!info->attrs[NL80211_ATTR_MCAST_RATE])
11308 nla_rate = nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE]);
11309 if (!nl80211_parse_mcast_rate(rdev, mcast_rate, nla_rate))
11312 return rdev_set_mcast_rate(rdev, dev, mcast_rate);
11315 static struct sk_buff *
11316 __cfg80211_alloc_vendor_skb(struct cfg80211_registered_device *rdev,
11317 struct wireless_dev *wdev, int approxlen,
11318 u32 portid, u32 seq, enum nl80211_commands cmd,
11319 enum nl80211_attrs attr,
11320 const struct nl80211_vendor_cmd_info *info,
11323 struct sk_buff *skb;
11325 struct nlattr *data;
11327 skb = nlmsg_new(approxlen + 100, gfp);
11331 hdr = nl80211hdr_put(skb, portid, seq, 0, cmd);
11337 if (nla_put_u32(skb, NL80211_ATTR_WIPHY, rdev->wiphy_idx))
11338 goto nla_put_failure;
11341 if (nla_put_u32(skb, NL80211_ATTR_VENDOR_ID,
11343 goto nla_put_failure;
11344 if (nla_put_u32(skb, NL80211_ATTR_VENDOR_SUBCMD,
11346 goto nla_put_failure;
11350 if (nla_put_u64_64bit(skb, NL80211_ATTR_WDEV,
11351 wdev_id(wdev), NL80211_ATTR_PAD))
11352 goto nla_put_failure;
11353 if (wdev->netdev &&
11354 nla_put_u32(skb, NL80211_ATTR_IFINDEX,
11355 wdev->netdev->ifindex))
11356 goto nla_put_failure;
11359 data = nla_nest_start_noflag(skb, attr);
11361 goto nla_put_failure;
11363 ((void **)skb->cb)[0] = rdev;
11364 ((void **)skb->cb)[1] = hdr;
11365 ((void **)skb->cb)[2] = data;
11374 struct sk_buff *__cfg80211_alloc_event_skb(struct wiphy *wiphy,
11375 struct wireless_dev *wdev,
11376 enum nl80211_commands cmd,
11377 enum nl80211_attrs attr,
11378 unsigned int portid,
11379 int vendor_event_idx,
11380 int approxlen, gfp_t gfp)
11382 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
11383 const struct nl80211_vendor_cmd_info *info;
11386 case NL80211_CMD_TESTMODE:
11387 if (WARN_ON(vendor_event_idx != -1))
11391 case NL80211_CMD_VENDOR:
11392 if (WARN_ON(vendor_event_idx < 0 ||
11393 vendor_event_idx >= wiphy->n_vendor_events))
11395 info = &wiphy->vendor_events[vendor_event_idx];
11402 return __cfg80211_alloc_vendor_skb(rdev, wdev, approxlen, portid, 0,
11403 cmd, attr, info, gfp);
11405 EXPORT_SYMBOL(__cfg80211_alloc_event_skb);
11407 void __cfg80211_send_event_skb(struct sk_buff *skb, gfp_t gfp)
11409 struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0];
11410 void *hdr = ((void **)skb->cb)[1];
11411 struct nlmsghdr *nlhdr = nlmsg_hdr(skb);
11412 struct nlattr *data = ((void **)skb->cb)[2];
11413 enum nl80211_multicast_groups mcgrp = NL80211_MCGRP_TESTMODE;
11415 /* clear CB data for netlink core to own from now on */
11416 memset(skb->cb, 0, sizeof(skb->cb));
11418 nla_nest_end(skb, data);
11419 genlmsg_end(skb, hdr);
11421 if (nlhdr->nlmsg_pid) {
11422 genlmsg_unicast(wiphy_net(&rdev->wiphy), skb,
11425 if (data->nla_type == NL80211_ATTR_VENDOR_DATA)
11426 mcgrp = NL80211_MCGRP_VENDOR;
11428 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy),
11429 skb, 0, mcgrp, gfp);
11432 EXPORT_SYMBOL(__cfg80211_send_event_skb);
11434 #ifdef CONFIG_NL80211_TESTMODE
11435 static int nl80211_testmode_do(struct sk_buff *skb, struct genl_info *info)
11437 struct cfg80211_registered_device *rdev = info->user_ptr[0];
11438 struct wireless_dev *wdev;
11441 lockdep_assert_held(&rdev->wiphy.mtx);
11443 wdev = __cfg80211_wdev_from_attrs(rdev, genl_info_net(info),
11446 if (!rdev->ops->testmode_cmd)
11447 return -EOPNOTSUPP;
11449 if (IS_ERR(wdev)) {
11450 err = PTR_ERR(wdev);
11451 if (err != -EINVAL)
11454 } else if (wdev->wiphy != &rdev->wiphy) {
11458 if (!info->attrs[NL80211_ATTR_TESTDATA])
11461 rdev->cur_cmd_info = info;
11462 err = rdev_testmode_cmd(rdev, wdev,
11463 nla_data(info->attrs[NL80211_ATTR_TESTDATA]),
11464 nla_len(info->attrs[NL80211_ATTR_TESTDATA]));
11465 rdev->cur_cmd_info = NULL;
11470 static int nl80211_testmode_dump(struct sk_buff *skb,
11471 struct netlink_callback *cb)
11473 struct cfg80211_registered_device *rdev;
11474 struct nlattr **attrbuf = NULL;
11484 * 0 is a valid index, but not valid for args[0],
11485 * so we need to offset by 1.
11487 phy_idx = cb->args[0] - 1;
11489 rdev = cfg80211_rdev_by_wiphy_idx(phy_idx);
11495 attrbuf = kcalloc(NUM_NL80211_ATTR, sizeof(*attrbuf),
11502 err = nlmsg_parse_deprecated(cb->nlh,
11503 GENL_HDRLEN + nl80211_fam.hdrsize,
11504 attrbuf, nl80211_fam.maxattr,
11505 nl80211_policy, NULL);
11509 rdev = __cfg80211_rdev_from_attrs(sock_net(skb->sk), attrbuf);
11510 if (IS_ERR(rdev)) {
11511 err = PTR_ERR(rdev);
11514 phy_idx = rdev->wiphy_idx;
11516 if (attrbuf[NL80211_ATTR_TESTDATA])
11517 cb->args[1] = (long)attrbuf[NL80211_ATTR_TESTDATA];
11521 data = nla_data((void *)cb->args[1]);
11522 data_len = nla_len((void *)cb->args[1]);
11525 if (!rdev->ops->testmode_dump) {
11531 void *hdr = nl80211hdr_put(skb, NETLINK_CB(cb->skb).portid,
11532 cb->nlh->nlmsg_seq, NLM_F_MULTI,
11533 NL80211_CMD_TESTMODE);
11534 struct nlattr *tmdata;
11539 if (nla_put_u32(skb, NL80211_ATTR_WIPHY, phy_idx)) {
11540 genlmsg_cancel(skb, hdr);
11544 tmdata = nla_nest_start_noflag(skb, NL80211_ATTR_TESTDATA);
11546 genlmsg_cancel(skb, hdr);
11549 err = rdev_testmode_dump(rdev, skb, cb, data, data_len);
11550 nla_nest_end(skb, tmdata);
11552 if (err == -ENOBUFS || err == -ENOENT) {
11553 genlmsg_cancel(skb, hdr);
11556 genlmsg_cancel(skb, hdr);
11560 genlmsg_end(skb, hdr);
11565 cb->args[0] = phy_idx + 1;
11573 static int nl80211_connect(struct sk_buff *skb, struct genl_info *info)
11575 struct cfg80211_registered_device *rdev = info->user_ptr[0];
11576 struct net_device *dev = info->user_ptr[1];
11577 struct cfg80211_connect_params connect;
11578 struct wiphy *wiphy;
11579 struct cfg80211_cached_keys *connkeys = NULL;
11583 memset(&connect, 0, sizeof(connect));
11585 if (!info->attrs[NL80211_ATTR_SSID] ||
11586 !nla_len(info->attrs[NL80211_ATTR_SSID]))
11589 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) {
11590 connect.auth_type =
11591 nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]);
11592 if (!nl80211_valid_auth_type(rdev, connect.auth_type,
11593 NL80211_CMD_CONNECT))
11596 connect.auth_type = NL80211_AUTHTYPE_AUTOMATIC;
11598 connect.privacy = info->attrs[NL80211_ATTR_PRIVACY];
11600 if (info->attrs[NL80211_ATTR_WANT_1X_4WAY_HS] &&
11601 !wiphy_ext_feature_isset(&rdev->wiphy,
11602 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X))
11604 connect.want_1x = info->attrs[NL80211_ATTR_WANT_1X_4WAY_HS];
11606 err = nl80211_crypto_settings(rdev, info, &connect.crypto,
11607 NL80211_MAX_NR_CIPHER_SUITES);
11611 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
11612 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
11613 return -EOPNOTSUPP;
11615 wiphy = &rdev->wiphy;
11617 connect.bg_scan_period = -1;
11618 if (info->attrs[NL80211_ATTR_BG_SCAN_PERIOD] &&
11619 (wiphy->flags & WIPHY_FLAG_SUPPORTS_FW_ROAM)) {
11620 connect.bg_scan_period =
11621 nla_get_u16(info->attrs[NL80211_ATTR_BG_SCAN_PERIOD]);
11624 if (info->attrs[NL80211_ATTR_MAC])
11625 connect.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
11626 else if (info->attrs[NL80211_ATTR_MAC_HINT])
11627 connect.bssid_hint =
11628 nla_data(info->attrs[NL80211_ATTR_MAC_HINT]);
11629 connect.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
11630 connect.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
11632 if (info->attrs[NL80211_ATTR_IE]) {
11633 connect.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
11634 connect.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
11637 if (info->attrs[NL80211_ATTR_USE_MFP]) {
11638 connect.mfp = nla_get_u32(info->attrs[NL80211_ATTR_USE_MFP]);
11639 if (connect.mfp == NL80211_MFP_OPTIONAL &&
11640 !wiphy_ext_feature_isset(&rdev->wiphy,
11641 NL80211_EXT_FEATURE_MFP_OPTIONAL))
11642 return -EOPNOTSUPP;
11644 connect.mfp = NL80211_MFP_NO;
11647 if (info->attrs[NL80211_ATTR_PREV_BSSID])
11648 connect.prev_bssid =
11649 nla_data(info->attrs[NL80211_ATTR_PREV_BSSID]);
11651 if (info->attrs[NL80211_ATTR_WIPHY_FREQ])
11652 freq = MHZ_TO_KHZ(nla_get_u32(
11653 info->attrs[NL80211_ATTR_WIPHY_FREQ]));
11654 if (info->attrs[NL80211_ATTR_WIPHY_FREQ_OFFSET])
11656 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ_OFFSET]);
11659 connect.channel = nl80211_get_valid_chan(wiphy, freq);
11660 if (!connect.channel)
11662 } else if (info->attrs[NL80211_ATTR_WIPHY_FREQ_HINT]) {
11663 freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ_HINT]);
11664 freq = MHZ_TO_KHZ(freq);
11665 connect.channel_hint = nl80211_get_valid_chan(wiphy, freq);
11666 if (!connect.channel_hint)
11670 if (info->attrs[NL80211_ATTR_WIPHY_EDMG_CHANNELS]) {
11671 connect.edmg.channels =
11672 nla_get_u8(info->attrs[NL80211_ATTR_WIPHY_EDMG_CHANNELS]);
11674 if (info->attrs[NL80211_ATTR_WIPHY_EDMG_BW_CONFIG])
11675 connect.edmg.bw_config =
11676 nla_get_u8(info->attrs[NL80211_ATTR_WIPHY_EDMG_BW_CONFIG]);
11679 if (connect.privacy && info->attrs[NL80211_ATTR_KEYS]) {
11680 connkeys = nl80211_parse_connkeys(rdev, info, NULL);
11681 if (IS_ERR(connkeys))
11682 return PTR_ERR(connkeys);
11685 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_HT]))
11686 connect.flags |= ASSOC_REQ_DISABLE_HT;
11688 if (info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK])
11689 memcpy(&connect.ht_capa_mask,
11690 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]),
11691 sizeof(connect.ht_capa_mask));
11693 if (info->attrs[NL80211_ATTR_HT_CAPABILITY]) {
11694 if (!info->attrs[NL80211_ATTR_HT_CAPABILITY_MASK]) {
11695 kfree_sensitive(connkeys);
11698 memcpy(&connect.ht_capa,
11699 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]),
11700 sizeof(connect.ht_capa));
11703 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_VHT]))
11704 connect.flags |= ASSOC_REQ_DISABLE_VHT;
11706 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_HE]))
11707 connect.flags |= ASSOC_REQ_DISABLE_HE;
11709 if (nla_get_flag(info->attrs[NL80211_ATTR_DISABLE_EHT]))
11710 connect.flags |= ASSOC_REQ_DISABLE_EHT;
11712 if (info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK])
11713 memcpy(&connect.vht_capa_mask,
11714 nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK]),
11715 sizeof(connect.vht_capa_mask));
11717 if (info->attrs[NL80211_ATTR_VHT_CAPABILITY]) {
11718 if (!info->attrs[NL80211_ATTR_VHT_CAPABILITY_MASK]) {
11719 kfree_sensitive(connkeys);
11722 memcpy(&connect.vht_capa,
11723 nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY]),
11724 sizeof(connect.vht_capa));
11727 if (nla_get_flag(info->attrs[NL80211_ATTR_USE_RRM])) {
11728 if (!((rdev->wiphy.features &
11729 NL80211_FEATURE_DS_PARAM_SET_IE_IN_PROBES) &&
11730 (rdev->wiphy.features & NL80211_FEATURE_QUIET)) &&
11731 !wiphy_ext_feature_isset(&rdev->wiphy,
11732 NL80211_EXT_FEATURE_RRM)) {
11733 kfree_sensitive(connkeys);
11736 connect.flags |= ASSOC_REQ_USE_RRM;
11739 connect.pbss = nla_get_flag(info->attrs[NL80211_ATTR_PBSS]);
11740 if (connect.pbss && !rdev->wiphy.bands[NL80211_BAND_60GHZ]) {
11741 kfree_sensitive(connkeys);
11742 return -EOPNOTSUPP;
11745 if (info->attrs[NL80211_ATTR_BSS_SELECT]) {
11746 /* bss selection makes no sense if bssid is set */
11747 if (connect.bssid) {
11748 kfree_sensitive(connkeys);
11752 err = parse_bss_select(info->attrs[NL80211_ATTR_BSS_SELECT],
11753 wiphy, &connect.bss_select);
11755 kfree_sensitive(connkeys);
11760 if (wiphy_ext_feature_isset(&rdev->wiphy,
11761 NL80211_EXT_FEATURE_FILS_SK_OFFLOAD) &&
11762 info->attrs[NL80211_ATTR_FILS_ERP_USERNAME] &&
11763 info->attrs[NL80211_ATTR_FILS_ERP_REALM] &&
11764 info->attrs[NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM] &&
11765 info->attrs[NL80211_ATTR_FILS_ERP_RRK]) {
11766 connect.fils_erp_username =
11767 nla_data(info->attrs[NL80211_ATTR_FILS_ERP_USERNAME]);
11768 connect.fils_erp_username_len =
11769 nla_len(info->attrs[NL80211_ATTR_FILS_ERP_USERNAME]);
11770 connect.fils_erp_realm =
11771 nla_data(info->attrs[NL80211_ATTR_FILS_ERP_REALM]);
11772 connect.fils_erp_realm_len =
11773 nla_len(info->attrs[NL80211_ATTR_FILS_ERP_REALM]);
11774 connect.fils_erp_next_seq_num =
11776 info->attrs[NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM]);
11777 connect.fils_erp_rrk =
11778 nla_data(info->attrs[NL80211_ATTR_FILS_ERP_RRK]);
11779 connect.fils_erp_rrk_len =
11780 nla_len(info->attrs[NL80211_ATTR_FILS_ERP_RRK]);
11781 } else if (info->attrs[NL80211_ATTR_FILS_ERP_USERNAME] ||
11782 info->attrs[NL80211_ATTR_FILS_ERP_REALM] ||
11783 info->attrs[NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM] ||
11784 info->attrs[NL80211_ATTR_FILS_ERP_RRK]) {
11785 kfree_sensitive(connkeys);
11789 if (nla_get_flag(info->attrs[NL80211_ATTR_EXTERNAL_AUTH_SUPPORT])) {
11790 if (!info->attrs[NL80211_ATTR_SOCKET_OWNER]) {
11791 kfree_sensitive(connkeys);
11792 GENL_SET_ERR_MSG(info,
11793 "external auth requires connection ownership");
11796 connect.flags |= CONNECT_REQ_EXTERNAL_AUTH_SUPPORT;
11799 if (nla_get_flag(info->attrs[NL80211_ATTR_MLO_SUPPORT]))
11800 connect.flags |= CONNECT_REQ_MLO_SUPPORT;
11802 wdev_lock(dev->ieee80211_ptr);
11804 err = cfg80211_connect(rdev, dev, &connect, connkeys,
11805 connect.prev_bssid);
11807 kfree_sensitive(connkeys);
11809 if (!err && info->attrs[NL80211_ATTR_SOCKET_OWNER]) {
11810 dev->ieee80211_ptr->conn_owner_nlportid = info->snd_portid;
11812 memcpy(dev->ieee80211_ptr->disconnect_bssid,
11813 connect.bssid, ETH_ALEN);
11815 eth_zero_addr(dev->ieee80211_ptr->disconnect_bssid);
11818 wdev_unlock(dev->ieee80211_ptr);
11823 static int nl80211_update_connect_params(struct sk_buff *skb,
11824 struct genl_info *info)
11826 struct cfg80211_connect_params connect = {};
11827 struct cfg80211_registered_device *rdev = info->user_ptr[0];
11828 struct net_device *dev = info->user_ptr[1];
11829 struct wireless_dev *wdev = dev->ieee80211_ptr;
11830 bool fils_sk_offload;
11835 if (!rdev->ops->update_connect_params)
11836 return -EOPNOTSUPP;
11838 if (info->attrs[NL80211_ATTR_IE]) {
11839 connect.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
11840 connect.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
11841 changed |= UPDATE_ASSOC_IES;
11844 fils_sk_offload = wiphy_ext_feature_isset(&rdev->wiphy,
11845 NL80211_EXT_FEATURE_FILS_SK_OFFLOAD);
11848 * when driver supports fils-sk offload all attributes must be
11849 * provided. So the else covers "fils-sk-not-all" and
11850 * "no-fils-sk-any".
11852 if (fils_sk_offload &&
11853 info->attrs[NL80211_ATTR_FILS_ERP_USERNAME] &&
11854 info->attrs[NL80211_ATTR_FILS_ERP_REALM] &&
11855 info->attrs[NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM] &&
11856 info->attrs[NL80211_ATTR_FILS_ERP_RRK]) {
11857 connect.fils_erp_username =
11858 nla_data(info->attrs[NL80211_ATTR_FILS_ERP_USERNAME]);
11859 connect.fils_erp_username_len =
11860 nla_len(info->attrs[NL80211_ATTR_FILS_ERP_USERNAME]);
11861 connect.fils_erp_realm =
11862 nla_data(info->attrs[NL80211_ATTR_FILS_ERP_REALM]);
11863 connect.fils_erp_realm_len =
11864 nla_len(info->attrs[NL80211_ATTR_FILS_ERP_REALM]);
11865 connect.fils_erp_next_seq_num =
11867 info->attrs[NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM]);
11868 connect.fils_erp_rrk =
11869 nla_data(info->attrs[NL80211_ATTR_FILS_ERP_RRK]);
11870 connect.fils_erp_rrk_len =
11871 nla_len(info->attrs[NL80211_ATTR_FILS_ERP_RRK]);
11872 changed |= UPDATE_FILS_ERP_INFO;
11873 } else if (info->attrs[NL80211_ATTR_FILS_ERP_USERNAME] ||
11874 info->attrs[NL80211_ATTR_FILS_ERP_REALM] ||
11875 info->attrs[NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM] ||
11876 info->attrs[NL80211_ATTR_FILS_ERP_RRK]) {
11880 if (info->attrs[NL80211_ATTR_AUTH_TYPE]) {
11881 auth_type = nla_get_u32(info->attrs[NL80211_ATTR_AUTH_TYPE]);
11882 if (!nl80211_valid_auth_type(rdev, auth_type,
11883 NL80211_CMD_CONNECT))
11886 if (auth_type == NL80211_AUTHTYPE_FILS_SK &&
11887 fils_sk_offload && !(changed & UPDATE_FILS_ERP_INFO))
11890 connect.auth_type = auth_type;
11891 changed |= UPDATE_AUTH_TYPE;
11894 wdev_lock(dev->ieee80211_ptr);
11895 if (!wdev->connected)
11898 ret = rdev_update_connect_params(rdev, dev, &connect, changed);
11899 wdev_unlock(dev->ieee80211_ptr);
11904 static int nl80211_disconnect(struct sk_buff *skb, struct genl_info *info)
11906 struct cfg80211_registered_device *rdev = info->user_ptr[0];
11907 struct net_device *dev = info->user_ptr[1];
11911 if (dev->ieee80211_ptr->conn_owner_nlportid &&
11912 dev->ieee80211_ptr->conn_owner_nlportid != info->snd_portid)
11915 if (!info->attrs[NL80211_ATTR_REASON_CODE])
11916 reason = WLAN_REASON_DEAUTH_LEAVING;
11918 reason = nla_get_u16(info->attrs[NL80211_ATTR_REASON_CODE]);
11923 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
11924 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
11925 return -EOPNOTSUPP;
11927 wdev_lock(dev->ieee80211_ptr);
11928 ret = cfg80211_disconnect(rdev, dev, reason, true);
11929 wdev_unlock(dev->ieee80211_ptr);
11933 static int nl80211_wiphy_netns(struct sk_buff *skb, struct genl_info *info)
11935 struct cfg80211_registered_device *rdev = info->user_ptr[0];
11939 if (info->attrs[NL80211_ATTR_PID]) {
11940 u32 pid = nla_get_u32(info->attrs[NL80211_ATTR_PID]);
11942 net = get_net_ns_by_pid(pid);
11943 } else if (info->attrs[NL80211_ATTR_NETNS_FD]) {
11944 u32 fd = nla_get_u32(info->attrs[NL80211_ATTR_NETNS_FD]);
11946 net = get_net_ns_by_fd(fd);
11952 return PTR_ERR(net);
11956 /* check if anything to do */
11957 if (!net_eq(wiphy_net(&rdev->wiphy), net))
11958 err = cfg80211_switch_netns(rdev, net);
11964 static int nl80211_setdel_pmksa(struct sk_buff *skb, struct genl_info *info)
11966 struct cfg80211_registered_device *rdev = info->user_ptr[0];
11967 int (*rdev_ops)(struct wiphy *wiphy, struct net_device *dev,
11968 struct cfg80211_pmksa *pmksa) = NULL;
11969 struct net_device *dev = info->user_ptr[1];
11970 struct cfg80211_pmksa pmksa;
11972 memset(&pmksa, 0, sizeof(struct cfg80211_pmksa));
11974 if (!info->attrs[NL80211_ATTR_PMKID])
11977 pmksa.pmkid = nla_data(info->attrs[NL80211_ATTR_PMKID]);
11979 if (info->attrs[NL80211_ATTR_MAC]) {
11980 pmksa.bssid = nla_data(info->attrs[NL80211_ATTR_MAC]);
11981 } else if (info->attrs[NL80211_ATTR_SSID] &&
11982 info->attrs[NL80211_ATTR_FILS_CACHE_ID] &&
11983 (info->genlhdr->cmd == NL80211_CMD_DEL_PMKSA ||
11984 info->attrs[NL80211_ATTR_PMK])) {
11985 pmksa.ssid = nla_data(info->attrs[NL80211_ATTR_SSID]);
11986 pmksa.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
11988 nla_data(info->attrs[NL80211_ATTR_FILS_CACHE_ID]);
11992 if (info->attrs[NL80211_ATTR_PMK]) {
11993 pmksa.pmk = nla_data(info->attrs[NL80211_ATTR_PMK]);
11994 pmksa.pmk_len = nla_len(info->attrs[NL80211_ATTR_PMK]);
11997 if (info->attrs[NL80211_ATTR_PMK_LIFETIME])
11998 pmksa.pmk_lifetime =
11999 nla_get_u32(info->attrs[NL80211_ATTR_PMK_LIFETIME]);
12001 if (info->attrs[NL80211_ATTR_PMK_REAUTH_THRESHOLD])
12002 pmksa.pmk_reauth_threshold =
12004 info->attrs[NL80211_ATTR_PMK_REAUTH_THRESHOLD]);
12006 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
12007 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT &&
12008 !(dev->ieee80211_ptr->iftype == NL80211_IFTYPE_AP &&
12009 wiphy_ext_feature_isset(&rdev->wiphy,
12010 NL80211_EXT_FEATURE_AP_PMKSA_CACHING)))
12011 return -EOPNOTSUPP;
12013 switch (info->genlhdr->cmd) {
12014 case NL80211_CMD_SET_PMKSA:
12015 rdev_ops = rdev->ops->set_pmksa;
12017 case NL80211_CMD_DEL_PMKSA:
12018 rdev_ops = rdev->ops->del_pmksa;
12026 return -EOPNOTSUPP;
12028 return rdev_ops(&rdev->wiphy, dev, &pmksa);
12031 static int nl80211_flush_pmksa(struct sk_buff *skb, struct genl_info *info)
12033 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12034 struct net_device *dev = info->user_ptr[1];
12036 if (dev->ieee80211_ptr->iftype != NL80211_IFTYPE_STATION &&
12037 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_CLIENT)
12038 return -EOPNOTSUPP;
12040 if (!rdev->ops->flush_pmksa)
12041 return -EOPNOTSUPP;
12043 return rdev_flush_pmksa(rdev, dev);
12046 static int nl80211_tdls_mgmt(struct sk_buff *skb, struct genl_info *info)
12048 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12049 struct net_device *dev = info->user_ptr[1];
12050 u8 action_code, dialog_token;
12051 u32 peer_capability = 0;
12056 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) ||
12057 !rdev->ops->tdls_mgmt)
12058 return -EOPNOTSUPP;
12060 if (!info->attrs[NL80211_ATTR_TDLS_ACTION] ||
12061 !info->attrs[NL80211_ATTR_STATUS_CODE] ||
12062 !info->attrs[NL80211_ATTR_TDLS_DIALOG_TOKEN] ||
12063 !info->attrs[NL80211_ATTR_IE] ||
12064 !info->attrs[NL80211_ATTR_MAC])
12067 peer = nla_data(info->attrs[NL80211_ATTR_MAC]);
12068 action_code = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_ACTION]);
12069 status_code = nla_get_u16(info->attrs[NL80211_ATTR_STATUS_CODE]);
12070 dialog_token = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_DIALOG_TOKEN]);
12071 initiator = nla_get_flag(info->attrs[NL80211_ATTR_TDLS_INITIATOR]);
12072 if (info->attrs[NL80211_ATTR_TDLS_PEER_CAPABILITY])
12074 nla_get_u32(info->attrs[NL80211_ATTR_TDLS_PEER_CAPABILITY]);
12076 return rdev_tdls_mgmt(rdev, dev, peer, action_code,
12077 dialog_token, status_code, peer_capability,
12079 nla_data(info->attrs[NL80211_ATTR_IE]),
12080 nla_len(info->attrs[NL80211_ATTR_IE]));
12083 static int nl80211_tdls_oper(struct sk_buff *skb, struct genl_info *info)
12085 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12086 struct net_device *dev = info->user_ptr[1];
12087 enum nl80211_tdls_operation operation;
12090 if (!(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) ||
12091 !rdev->ops->tdls_oper)
12092 return -EOPNOTSUPP;
12094 if (!info->attrs[NL80211_ATTR_TDLS_OPERATION] ||
12095 !info->attrs[NL80211_ATTR_MAC])
12098 operation = nla_get_u8(info->attrs[NL80211_ATTR_TDLS_OPERATION]);
12099 peer = nla_data(info->attrs[NL80211_ATTR_MAC]);
12101 return rdev_tdls_oper(rdev, dev, peer, operation);
12104 static int nl80211_remain_on_channel(struct sk_buff *skb,
12105 struct genl_info *info)
12107 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12108 unsigned int link_id = nl80211_link_id(info->attrs);
12109 struct wireless_dev *wdev = info->user_ptr[1];
12110 struct cfg80211_chan_def chandef;
12111 struct sk_buff *msg;
12117 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ] ||
12118 !info->attrs[NL80211_ATTR_DURATION])
12121 duration = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]);
12123 if (!rdev->ops->remain_on_channel ||
12124 !(rdev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL))
12125 return -EOPNOTSUPP;
12128 * We should be on that channel for at least a minimum amount of
12129 * time (10ms) but no longer than the driver supports.
12131 if (duration < NL80211_MIN_REMAIN_ON_CHANNEL_TIME ||
12132 duration > rdev->wiphy.max_remain_on_channel_duration)
12135 err = nl80211_parse_chandef(rdev, info, &chandef);
12140 if (!cfg80211_off_channel_oper_allowed(wdev, chandef.chan)) {
12141 const struct cfg80211_chan_def *oper_chandef, *compat_chandef;
12143 oper_chandef = wdev_chandef(wdev, link_id);
12145 if (WARN_ON(!oper_chandef)) {
12146 /* cannot happen since we must beacon to get here */
12152 /* note: returns first one if identical chandefs */
12153 compat_chandef = cfg80211_chandef_compatible(&chandef,
12156 if (compat_chandef != &chandef) {
12163 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
12167 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
12168 NL80211_CMD_REMAIN_ON_CHANNEL);
12174 err = rdev_remain_on_channel(rdev, wdev, chandef.chan,
12175 duration, &cookie);
12180 if (nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, cookie,
12182 goto nla_put_failure;
12184 genlmsg_end(msg, hdr);
12186 return genlmsg_reply(msg, info);
12195 static int nl80211_cancel_remain_on_channel(struct sk_buff *skb,
12196 struct genl_info *info)
12198 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12199 struct wireless_dev *wdev = info->user_ptr[1];
12202 if (!info->attrs[NL80211_ATTR_COOKIE])
12205 if (!rdev->ops->cancel_remain_on_channel)
12206 return -EOPNOTSUPP;
12208 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]);
12210 return rdev_cancel_remain_on_channel(rdev, wdev, cookie);
12213 static int nl80211_set_tx_bitrate_mask(struct sk_buff *skb,
12214 struct genl_info *info)
12216 struct cfg80211_bitrate_mask mask;
12217 unsigned int link_id = nl80211_link_id(info->attrs);
12218 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12219 struct net_device *dev = info->user_ptr[1];
12220 struct wireless_dev *wdev = dev->ieee80211_ptr;
12223 if (!rdev->ops->set_bitrate_mask)
12224 return -EOPNOTSUPP;
12227 err = nl80211_parse_tx_bitrate_mask(info, info->attrs,
12228 NL80211_ATTR_TX_RATES, &mask,
12229 dev, true, link_id);
12233 err = rdev_set_bitrate_mask(rdev, dev, link_id, NULL, &mask);
12239 static int nl80211_register_mgmt(struct sk_buff *skb, struct genl_info *info)
12241 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12242 struct wireless_dev *wdev = info->user_ptr[1];
12243 u16 frame_type = IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_ACTION;
12245 if (!info->attrs[NL80211_ATTR_FRAME_MATCH])
12248 if (info->attrs[NL80211_ATTR_FRAME_TYPE])
12249 frame_type = nla_get_u16(info->attrs[NL80211_ATTR_FRAME_TYPE]);
12251 switch (wdev->iftype) {
12252 case NL80211_IFTYPE_STATION:
12253 case NL80211_IFTYPE_ADHOC:
12254 case NL80211_IFTYPE_P2P_CLIENT:
12255 case NL80211_IFTYPE_AP:
12256 case NL80211_IFTYPE_AP_VLAN:
12257 case NL80211_IFTYPE_MESH_POINT:
12258 case NL80211_IFTYPE_P2P_GO:
12259 case NL80211_IFTYPE_P2P_DEVICE:
12261 case NL80211_IFTYPE_NAN:
12263 return -EOPNOTSUPP;
12266 /* not much point in registering if we can't reply */
12267 if (!rdev->ops->mgmt_tx)
12268 return -EOPNOTSUPP;
12270 if (info->attrs[NL80211_ATTR_RECEIVE_MULTICAST] &&
12271 !wiphy_ext_feature_isset(&rdev->wiphy,
12272 NL80211_EXT_FEATURE_MULTICAST_REGISTRATIONS)) {
12273 GENL_SET_ERR_MSG(info,
12274 "multicast RX registrations are not supported");
12275 return -EOPNOTSUPP;
12278 return cfg80211_mlme_register_mgmt(wdev, info->snd_portid, frame_type,
12279 nla_data(info->attrs[NL80211_ATTR_FRAME_MATCH]),
12280 nla_len(info->attrs[NL80211_ATTR_FRAME_MATCH]),
12281 info->attrs[NL80211_ATTR_RECEIVE_MULTICAST],
12285 static int nl80211_tx_mgmt(struct sk_buff *skb, struct genl_info *info)
12287 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12288 struct wireless_dev *wdev = info->user_ptr[1];
12289 struct cfg80211_chan_def chandef;
12293 struct sk_buff *msg = NULL;
12294 struct cfg80211_mgmt_tx_params params = {
12295 .dont_wait_for_ack =
12296 info->attrs[NL80211_ATTR_DONT_WAIT_FOR_ACK],
12299 if (!info->attrs[NL80211_ATTR_FRAME])
12302 if (!rdev->ops->mgmt_tx)
12303 return -EOPNOTSUPP;
12305 switch (wdev->iftype) {
12306 case NL80211_IFTYPE_P2P_DEVICE:
12307 if (!info->attrs[NL80211_ATTR_WIPHY_FREQ])
12310 case NL80211_IFTYPE_STATION:
12311 case NL80211_IFTYPE_ADHOC:
12312 case NL80211_IFTYPE_P2P_CLIENT:
12313 case NL80211_IFTYPE_AP:
12314 case NL80211_IFTYPE_AP_VLAN:
12315 case NL80211_IFTYPE_MESH_POINT:
12316 case NL80211_IFTYPE_P2P_GO:
12318 case NL80211_IFTYPE_NAN:
12320 return -EOPNOTSUPP;
12323 if (info->attrs[NL80211_ATTR_DURATION]) {
12324 if (!(rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX))
12326 params.wait = nla_get_u32(info->attrs[NL80211_ATTR_DURATION]);
12329 * We should wait on the channel for at least a minimum amount
12330 * of time (10ms) but no longer than the driver supports.
12332 if (params.wait < NL80211_MIN_REMAIN_ON_CHANNEL_TIME ||
12333 params.wait > rdev->wiphy.max_remain_on_channel_duration)
12337 params.offchan = info->attrs[NL80211_ATTR_OFFCHANNEL_TX_OK];
12339 if (params.offchan && !(rdev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX))
12342 params.no_cck = nla_get_flag(info->attrs[NL80211_ATTR_TX_NO_CCK_RATE]);
12344 /* get the channel if any has been specified, otherwise pass NULL to
12345 * the driver. The latter will use the current one
12347 chandef.chan = NULL;
12348 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
12349 err = nl80211_parse_chandef(rdev, info, &chandef);
12354 if (!chandef.chan && params.offchan)
12358 if (params.offchan &&
12359 !cfg80211_off_channel_oper_allowed(wdev, chandef.chan)) {
12364 params.link_id = nl80211_link_id_or_invalid(info->attrs);
12366 * This now races due to the unlock, but we cannot check
12367 * the valid links for the _station_ anyway, so that's up
12370 if (params.link_id >= 0 &&
12371 !(wdev->valid_links & BIT(params.link_id))) {
12377 params.buf = nla_data(info->attrs[NL80211_ATTR_FRAME]);
12378 params.len = nla_len(info->attrs[NL80211_ATTR_FRAME]);
12380 if (info->attrs[NL80211_ATTR_CSA_C_OFFSETS_TX]) {
12381 int len = nla_len(info->attrs[NL80211_ATTR_CSA_C_OFFSETS_TX]);
12384 if (len % sizeof(u16))
12387 params.n_csa_offsets = len / sizeof(u16);
12388 params.csa_offsets =
12389 nla_data(info->attrs[NL80211_ATTR_CSA_C_OFFSETS_TX]);
12391 /* check that all the offsets fit the frame */
12392 for (i = 0; i < params.n_csa_offsets; i++) {
12393 if (params.csa_offsets[i] >= params.len)
12398 if (!params.dont_wait_for_ack) {
12399 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
12403 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
12404 NL80211_CMD_FRAME);
12411 params.chan = chandef.chan;
12412 err = cfg80211_mlme_mgmt_tx(rdev, wdev, ¶ms, &cookie);
12417 if (nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, cookie,
12419 goto nla_put_failure;
12421 genlmsg_end(msg, hdr);
12422 return genlmsg_reply(msg, info);
12434 static int nl80211_tx_mgmt_cancel_wait(struct sk_buff *skb, struct genl_info *info)
12436 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12437 struct wireless_dev *wdev = info->user_ptr[1];
12440 if (!info->attrs[NL80211_ATTR_COOKIE])
12443 if (!rdev->ops->mgmt_tx_cancel_wait)
12444 return -EOPNOTSUPP;
12446 switch (wdev->iftype) {
12447 case NL80211_IFTYPE_STATION:
12448 case NL80211_IFTYPE_ADHOC:
12449 case NL80211_IFTYPE_P2P_CLIENT:
12450 case NL80211_IFTYPE_AP:
12451 case NL80211_IFTYPE_AP_VLAN:
12452 case NL80211_IFTYPE_P2P_GO:
12453 case NL80211_IFTYPE_P2P_DEVICE:
12455 case NL80211_IFTYPE_NAN:
12457 return -EOPNOTSUPP;
12460 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]);
12462 return rdev_mgmt_tx_cancel_wait(rdev, wdev, cookie);
12465 static int nl80211_set_power_save(struct sk_buff *skb, struct genl_info *info)
12467 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12468 struct wireless_dev *wdev;
12469 struct net_device *dev = info->user_ptr[1];
12474 if (!info->attrs[NL80211_ATTR_PS_STATE])
12477 ps_state = nla_get_u32(info->attrs[NL80211_ATTR_PS_STATE]);
12479 wdev = dev->ieee80211_ptr;
12481 if (!rdev->ops->set_power_mgmt)
12482 return -EOPNOTSUPP;
12484 state = (ps_state == NL80211_PS_ENABLED) ? true : false;
12486 if (state == wdev->ps)
12489 err = rdev_set_power_mgmt(rdev, dev, state, wdev->ps_timeout);
12495 static int nl80211_get_power_save(struct sk_buff *skb, struct genl_info *info)
12497 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12498 enum nl80211_ps_state ps_state;
12499 struct wireless_dev *wdev;
12500 struct net_device *dev = info->user_ptr[1];
12501 struct sk_buff *msg;
12505 wdev = dev->ieee80211_ptr;
12507 if (!rdev->ops->set_power_mgmt)
12508 return -EOPNOTSUPP;
12510 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
12514 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
12515 NL80211_CMD_GET_POWER_SAVE);
12522 ps_state = NL80211_PS_ENABLED;
12524 ps_state = NL80211_PS_DISABLED;
12526 if (nla_put_u32(msg, NL80211_ATTR_PS_STATE, ps_state))
12527 goto nla_put_failure;
12529 genlmsg_end(msg, hdr);
12530 return genlmsg_reply(msg, info);
12539 static const struct nla_policy
12540 nl80211_attr_cqm_policy[NL80211_ATTR_CQM_MAX + 1] = {
12541 [NL80211_ATTR_CQM_RSSI_THOLD] = { .type = NLA_BINARY },
12542 [NL80211_ATTR_CQM_RSSI_HYST] = { .type = NLA_U32 },
12543 [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT] = { .type = NLA_U32 },
12544 [NL80211_ATTR_CQM_TXE_RATE] = { .type = NLA_U32 },
12545 [NL80211_ATTR_CQM_TXE_PKTS] = { .type = NLA_U32 },
12546 [NL80211_ATTR_CQM_TXE_INTVL] = { .type = NLA_U32 },
12547 [NL80211_ATTR_CQM_RSSI_LEVEL] = { .type = NLA_S32 },
12550 static int nl80211_set_cqm_txe(struct genl_info *info,
12551 u32 rate, u32 pkts, u32 intvl)
12553 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12554 struct net_device *dev = info->user_ptr[1];
12555 struct wireless_dev *wdev = dev->ieee80211_ptr;
12557 if (rate > 100 || intvl > NL80211_CQM_TXE_MAX_INTVL)
12560 if (!rdev->ops->set_cqm_txe_config)
12561 return -EOPNOTSUPP;
12563 if (wdev->iftype != NL80211_IFTYPE_STATION &&
12564 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT)
12565 return -EOPNOTSUPP;
12567 return rdev_set_cqm_txe_config(rdev, dev, rate, pkts, intvl);
12570 static int cfg80211_cqm_rssi_update(struct cfg80211_registered_device *rdev,
12571 struct net_device *dev,
12572 struct cfg80211_cqm_config *cqm_config)
12574 struct wireless_dev *wdev = dev->ieee80211_ptr;
12575 s32 last, low, high;
12577 int i, n, low_index;
12581 * Obtain current RSSI value if possible, if not and no RSSI threshold
12582 * event has been received yet, we should receive an event after a
12583 * connection is established and enough beacons received to calculate
12586 if (!cqm_config->last_rssi_event_value &&
12587 wdev->links[0].client.current_bss &&
12588 rdev->ops->get_station) {
12589 struct station_info sinfo = {};
12592 mac_addr = wdev->links[0].client.current_bss->pub.bssid;
12594 err = rdev_get_station(rdev, dev, mac_addr, &sinfo);
12598 cfg80211_sinfo_release_content(&sinfo);
12599 if (sinfo.filled & BIT_ULL(NL80211_STA_INFO_BEACON_SIGNAL_AVG))
12600 cqm_config->last_rssi_event_value =
12601 (s8) sinfo.rx_beacon_signal_avg;
12604 last = cqm_config->last_rssi_event_value;
12605 hyst = cqm_config->rssi_hyst;
12606 n = cqm_config->n_rssi_thresholds;
12608 for (i = 0; i < n; i++) {
12609 i = array_index_nospec(i, n);
12610 if (last < cqm_config->rssi_thresholds[i])
12615 if (low_index >= 0) {
12616 low_index = array_index_nospec(low_index, n);
12617 low = cqm_config->rssi_thresholds[low_index] - hyst;
12622 i = array_index_nospec(i, n);
12623 high = cqm_config->rssi_thresholds[i] + hyst - 1;
12628 return rdev_set_cqm_rssi_range_config(rdev, dev, low, high);
12631 static int nl80211_set_cqm_rssi(struct genl_info *info,
12632 const s32 *thresholds, int n_thresholds,
12635 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12636 struct cfg80211_cqm_config *cqm_config = NULL, *old;
12637 struct net_device *dev = info->user_ptr[1];
12638 struct wireless_dev *wdev = dev->ieee80211_ptr;
12640 s32 prev = S32_MIN;
12642 /* Check all values negative and sorted */
12643 for (i = 0; i < n_thresholds; i++) {
12644 if (thresholds[i] > 0 || thresholds[i] <= prev)
12647 prev = thresholds[i];
12650 if (wdev->iftype != NL80211_IFTYPE_STATION &&
12651 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT)
12652 return -EOPNOTSUPP;
12654 if (n_thresholds == 1 && thresholds[0] == 0) /* Disabling */
12658 old = rcu_dereference_protected(wdev->cqm_config,
12659 lockdep_is_held(&wdev->mtx));
12661 /* if already disabled just succeed */
12662 if (!n_thresholds && !old) {
12667 if (n_thresholds > 1) {
12668 if (!wiphy_ext_feature_isset(&rdev->wiphy,
12669 NL80211_EXT_FEATURE_CQM_RSSI_LIST) ||
12670 !rdev->ops->set_cqm_rssi_range_config) {
12675 if (!rdev->ops->set_cqm_rssi_config) {
12681 if (n_thresholds) {
12682 cqm_config = kzalloc(struct_size(cqm_config, rssi_thresholds,
12690 cqm_config->rssi_hyst = hysteresis;
12691 cqm_config->n_rssi_thresholds = n_thresholds;
12692 memcpy(cqm_config->rssi_thresholds, thresholds,
12693 flex_array_size(cqm_config, rssi_thresholds,
12695 cqm_config->use_range_api = n_thresholds > 1 ||
12696 !rdev->ops->set_cqm_rssi_config;
12698 rcu_assign_pointer(wdev->cqm_config, cqm_config);
12700 if (cqm_config->use_range_api)
12701 err = cfg80211_cqm_rssi_update(rdev, dev, cqm_config);
12703 err = rdev_set_cqm_rssi_config(rdev, dev,
12707 RCU_INIT_POINTER(wdev->cqm_config, NULL);
12708 /* if enabled as range also disable via range */
12709 if (old->use_range_api)
12710 err = rdev_set_cqm_rssi_range_config(rdev, dev, 0, 0);
12712 err = rdev_set_cqm_rssi_config(rdev, dev, 0, 0);
12716 rcu_assign_pointer(wdev->cqm_config, old);
12717 kfree_rcu(cqm_config, rcu_head);
12719 kfree_rcu(old, rcu_head);
12727 static int nl80211_set_cqm(struct sk_buff *skb, struct genl_info *info)
12729 struct nlattr *attrs[NL80211_ATTR_CQM_MAX + 1];
12730 struct nlattr *cqm;
12733 cqm = info->attrs[NL80211_ATTR_CQM];
12737 err = nla_parse_nested_deprecated(attrs, NL80211_ATTR_CQM_MAX, cqm,
12738 nl80211_attr_cqm_policy,
12743 if (attrs[NL80211_ATTR_CQM_RSSI_THOLD] &&
12744 attrs[NL80211_ATTR_CQM_RSSI_HYST]) {
12745 const s32 *thresholds =
12746 nla_data(attrs[NL80211_ATTR_CQM_RSSI_THOLD]);
12747 int len = nla_len(attrs[NL80211_ATTR_CQM_RSSI_THOLD]);
12748 u32 hysteresis = nla_get_u32(attrs[NL80211_ATTR_CQM_RSSI_HYST]);
12753 return nl80211_set_cqm_rssi(info, thresholds, len / 4,
12757 if (attrs[NL80211_ATTR_CQM_TXE_RATE] &&
12758 attrs[NL80211_ATTR_CQM_TXE_PKTS] &&
12759 attrs[NL80211_ATTR_CQM_TXE_INTVL]) {
12760 u32 rate = nla_get_u32(attrs[NL80211_ATTR_CQM_TXE_RATE]);
12761 u32 pkts = nla_get_u32(attrs[NL80211_ATTR_CQM_TXE_PKTS]);
12762 u32 intvl = nla_get_u32(attrs[NL80211_ATTR_CQM_TXE_INTVL]);
12764 return nl80211_set_cqm_txe(info, rate, pkts, intvl);
12770 static int nl80211_join_ocb(struct sk_buff *skb, struct genl_info *info)
12772 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12773 struct net_device *dev = info->user_ptr[1];
12774 struct ocb_setup setup = {};
12777 err = nl80211_parse_chandef(rdev, info, &setup.chandef);
12781 return cfg80211_join_ocb(rdev, dev, &setup);
12784 static int nl80211_leave_ocb(struct sk_buff *skb, struct genl_info *info)
12786 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12787 struct net_device *dev = info->user_ptr[1];
12789 return cfg80211_leave_ocb(rdev, dev);
12792 static int nl80211_join_mesh(struct sk_buff *skb, struct genl_info *info)
12794 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12795 struct net_device *dev = info->user_ptr[1];
12796 struct mesh_config cfg;
12797 struct mesh_setup setup;
12800 /* start with default */
12801 memcpy(&cfg, &default_mesh_config, sizeof(cfg));
12802 memcpy(&setup, &default_mesh_setup, sizeof(setup));
12804 if (info->attrs[NL80211_ATTR_MESH_CONFIG]) {
12805 /* and parse parameters if given */
12806 err = nl80211_parse_mesh_config(info, &cfg, NULL);
12811 if (!info->attrs[NL80211_ATTR_MESH_ID] ||
12812 !nla_len(info->attrs[NL80211_ATTR_MESH_ID]))
12815 setup.mesh_id = nla_data(info->attrs[NL80211_ATTR_MESH_ID]);
12816 setup.mesh_id_len = nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
12818 if (info->attrs[NL80211_ATTR_MCAST_RATE] &&
12819 !nl80211_parse_mcast_rate(rdev, setup.mcast_rate,
12820 nla_get_u32(info->attrs[NL80211_ATTR_MCAST_RATE])))
12823 if (info->attrs[NL80211_ATTR_BEACON_INTERVAL]) {
12824 setup.beacon_interval =
12825 nla_get_u32(info->attrs[NL80211_ATTR_BEACON_INTERVAL]);
12827 err = cfg80211_validate_beacon_int(rdev,
12828 NL80211_IFTYPE_MESH_POINT,
12829 setup.beacon_interval);
12834 if (info->attrs[NL80211_ATTR_DTIM_PERIOD]) {
12835 setup.dtim_period =
12836 nla_get_u32(info->attrs[NL80211_ATTR_DTIM_PERIOD]);
12837 if (setup.dtim_period < 1 || setup.dtim_period > 100)
12841 if (info->attrs[NL80211_ATTR_MESH_SETUP]) {
12842 /* parse additional setup parameters if given */
12843 err = nl80211_parse_mesh_setup(info, &setup);
12848 if (setup.user_mpm)
12849 cfg.auto_open_plinks = false;
12851 if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
12852 err = nl80211_parse_chandef(rdev, info, &setup.chandef);
12856 /* __cfg80211_join_mesh() will sort it out */
12857 setup.chandef.chan = NULL;
12860 if (info->attrs[NL80211_ATTR_BSS_BASIC_RATES]) {
12861 u8 *rates = nla_data(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
12863 nla_len(info->attrs[NL80211_ATTR_BSS_BASIC_RATES]);
12864 struct ieee80211_supported_band *sband;
12866 if (!setup.chandef.chan)
12869 sband = rdev->wiphy.bands[setup.chandef.chan->band];
12871 err = ieee80211_get_ratemask(sband, rates, n_rates,
12872 &setup.basic_rates);
12877 if (info->attrs[NL80211_ATTR_TX_RATES]) {
12878 err = nl80211_parse_tx_bitrate_mask(info, info->attrs,
12879 NL80211_ATTR_TX_RATES,
12880 &setup.beacon_rate,
12885 if (!setup.chandef.chan)
12888 err = validate_beacon_tx_rate(rdev, setup.chandef.chan->band,
12889 &setup.beacon_rate);
12894 setup.userspace_handles_dfs =
12895 nla_get_flag(info->attrs[NL80211_ATTR_HANDLE_DFS]);
12897 if (info->attrs[NL80211_ATTR_CONTROL_PORT_OVER_NL80211]) {
12898 int r = validate_pae_over_nl80211(rdev, info);
12903 setup.control_port_over_nl80211 = true;
12906 wdev_lock(dev->ieee80211_ptr);
12907 err = __cfg80211_join_mesh(rdev, dev, &setup, &cfg);
12908 if (!err && info->attrs[NL80211_ATTR_SOCKET_OWNER])
12909 dev->ieee80211_ptr->conn_owner_nlportid = info->snd_portid;
12910 wdev_unlock(dev->ieee80211_ptr);
12915 static int nl80211_leave_mesh(struct sk_buff *skb, struct genl_info *info)
12917 struct cfg80211_registered_device *rdev = info->user_ptr[0];
12918 struct net_device *dev = info->user_ptr[1];
12920 return cfg80211_leave_mesh(rdev, dev);
12924 static int nl80211_send_wowlan_patterns(struct sk_buff *msg,
12925 struct cfg80211_registered_device *rdev)
12927 struct cfg80211_wowlan *wowlan = rdev->wiphy.wowlan_config;
12928 struct nlattr *nl_pats, *nl_pat;
12931 if (!wowlan->n_patterns)
12934 nl_pats = nla_nest_start_noflag(msg, NL80211_WOWLAN_TRIG_PKT_PATTERN);
12938 for (i = 0; i < wowlan->n_patterns; i++) {
12939 nl_pat = nla_nest_start_noflag(msg, i + 1);
12942 pat_len = wowlan->patterns[i].pattern_len;
12943 if (nla_put(msg, NL80211_PKTPAT_MASK, DIV_ROUND_UP(pat_len, 8),
12944 wowlan->patterns[i].mask) ||
12945 nla_put(msg, NL80211_PKTPAT_PATTERN, pat_len,
12946 wowlan->patterns[i].pattern) ||
12947 nla_put_u32(msg, NL80211_PKTPAT_OFFSET,
12948 wowlan->patterns[i].pkt_offset))
12950 nla_nest_end(msg, nl_pat);
12952 nla_nest_end(msg, nl_pats);
12957 static int nl80211_send_wowlan_tcp(struct sk_buff *msg,
12958 struct cfg80211_wowlan_tcp *tcp)
12960 struct nlattr *nl_tcp;
12965 nl_tcp = nla_nest_start_noflag(msg,
12966 NL80211_WOWLAN_TRIG_TCP_CONNECTION);
12970 if (nla_put_in_addr(msg, NL80211_WOWLAN_TCP_SRC_IPV4, tcp->src) ||
12971 nla_put_in_addr(msg, NL80211_WOWLAN_TCP_DST_IPV4, tcp->dst) ||
12972 nla_put(msg, NL80211_WOWLAN_TCP_DST_MAC, ETH_ALEN, tcp->dst_mac) ||
12973 nla_put_u16(msg, NL80211_WOWLAN_TCP_SRC_PORT, tcp->src_port) ||
12974 nla_put_u16(msg, NL80211_WOWLAN_TCP_DST_PORT, tcp->dst_port) ||
12975 nla_put(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD,
12976 tcp->payload_len, tcp->payload) ||
12977 nla_put_u32(msg, NL80211_WOWLAN_TCP_DATA_INTERVAL,
12978 tcp->data_interval) ||
12979 nla_put(msg, NL80211_WOWLAN_TCP_WAKE_PAYLOAD,
12980 tcp->wake_len, tcp->wake_data) ||
12981 nla_put(msg, NL80211_WOWLAN_TCP_WAKE_MASK,
12982 DIV_ROUND_UP(tcp->wake_len, 8), tcp->wake_mask))
12985 if (tcp->payload_seq.len &&
12986 nla_put(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ,
12987 sizeof(tcp->payload_seq), &tcp->payload_seq))
12990 if (tcp->payload_tok.len &&
12991 nla_put(msg, NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN,
12992 sizeof(tcp->payload_tok) + tcp->tokens_size,
12993 &tcp->payload_tok))
12996 nla_nest_end(msg, nl_tcp);
13001 static int nl80211_send_wowlan_nd(struct sk_buff *msg,
13002 struct cfg80211_sched_scan_request *req)
13004 struct nlattr *nd, *freqs, *matches, *match, *scan_plans, *scan_plan;
13010 nd = nla_nest_start_noflag(msg, NL80211_WOWLAN_TRIG_NET_DETECT);
13014 if (req->n_scan_plans == 1 &&
13015 nla_put_u32(msg, NL80211_ATTR_SCHED_SCAN_INTERVAL,
13016 req->scan_plans[0].interval * 1000))
13019 if (nla_put_u32(msg, NL80211_ATTR_SCHED_SCAN_DELAY, req->delay))
13022 if (req->relative_rssi_set) {
13023 struct nl80211_bss_select_rssi_adjust rssi_adjust;
13025 if (nla_put_s8(msg, NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI,
13026 req->relative_rssi))
13029 rssi_adjust.band = req->rssi_adjust.band;
13030 rssi_adjust.delta = req->rssi_adjust.delta;
13031 if (nla_put(msg, NL80211_ATTR_SCHED_SCAN_RSSI_ADJUST,
13032 sizeof(rssi_adjust), &rssi_adjust))
13036 freqs = nla_nest_start_noflag(msg, NL80211_ATTR_SCAN_FREQUENCIES);
13040 for (i = 0; i < req->n_channels; i++) {
13041 if (nla_put_u32(msg, i, req->channels[i]->center_freq))
13045 nla_nest_end(msg, freqs);
13047 if (req->n_match_sets) {
13048 matches = nla_nest_start_noflag(msg,
13049 NL80211_ATTR_SCHED_SCAN_MATCH);
13053 for (i = 0; i < req->n_match_sets; i++) {
13054 match = nla_nest_start_noflag(msg, i);
13058 if (nla_put(msg, NL80211_SCHED_SCAN_MATCH_ATTR_SSID,
13059 req->match_sets[i].ssid.ssid_len,
13060 req->match_sets[i].ssid.ssid))
13062 nla_nest_end(msg, match);
13064 nla_nest_end(msg, matches);
13067 scan_plans = nla_nest_start_noflag(msg, NL80211_ATTR_SCHED_SCAN_PLANS);
13071 for (i = 0; i < req->n_scan_plans; i++) {
13072 scan_plan = nla_nest_start_noflag(msg, i + 1);
13076 if (nla_put_u32(msg, NL80211_SCHED_SCAN_PLAN_INTERVAL,
13077 req->scan_plans[i].interval) ||
13078 (req->scan_plans[i].iterations &&
13079 nla_put_u32(msg, NL80211_SCHED_SCAN_PLAN_ITERATIONS,
13080 req->scan_plans[i].iterations)))
13082 nla_nest_end(msg, scan_plan);
13084 nla_nest_end(msg, scan_plans);
13086 nla_nest_end(msg, nd);
13091 static int nl80211_get_wowlan(struct sk_buff *skb, struct genl_info *info)
13093 struct cfg80211_registered_device *rdev = info->user_ptr[0];
13094 struct sk_buff *msg;
13096 u32 size = NLMSG_DEFAULT_SIZE;
13098 if (!rdev->wiphy.wowlan)
13099 return -EOPNOTSUPP;
13101 if (rdev->wiphy.wowlan_config && rdev->wiphy.wowlan_config->tcp) {
13102 /* adjust size to have room for all the data */
13103 size += rdev->wiphy.wowlan_config->tcp->tokens_size +
13104 rdev->wiphy.wowlan_config->tcp->payload_len +
13105 rdev->wiphy.wowlan_config->tcp->wake_len +
13106 rdev->wiphy.wowlan_config->tcp->wake_len / 8;
13109 msg = nlmsg_new(size, GFP_KERNEL);
13113 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
13114 NL80211_CMD_GET_WOWLAN);
13116 goto nla_put_failure;
13118 if (rdev->wiphy.wowlan_config) {
13119 struct nlattr *nl_wowlan;
13121 nl_wowlan = nla_nest_start_noflag(msg,
13122 NL80211_ATTR_WOWLAN_TRIGGERS);
13124 goto nla_put_failure;
13126 if ((rdev->wiphy.wowlan_config->any &&
13127 nla_put_flag(msg, NL80211_WOWLAN_TRIG_ANY)) ||
13128 (rdev->wiphy.wowlan_config->disconnect &&
13129 nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT)) ||
13130 (rdev->wiphy.wowlan_config->magic_pkt &&
13131 nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT)) ||
13132 (rdev->wiphy.wowlan_config->gtk_rekey_failure &&
13133 nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE)) ||
13134 (rdev->wiphy.wowlan_config->eap_identity_req &&
13135 nla_put_flag(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST)) ||
13136 (rdev->wiphy.wowlan_config->four_way_handshake &&
13137 nla_put_flag(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE)) ||
13138 (rdev->wiphy.wowlan_config->rfkill_release &&
13139 nla_put_flag(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE)))
13140 goto nla_put_failure;
13142 if (nl80211_send_wowlan_patterns(msg, rdev))
13143 goto nla_put_failure;
13145 if (nl80211_send_wowlan_tcp(msg,
13146 rdev->wiphy.wowlan_config->tcp))
13147 goto nla_put_failure;
13149 if (nl80211_send_wowlan_nd(
13151 rdev->wiphy.wowlan_config->nd_config))
13152 goto nla_put_failure;
13154 nla_nest_end(msg, nl_wowlan);
13157 genlmsg_end(msg, hdr);
13158 return genlmsg_reply(msg, info);
13165 static int nl80211_parse_wowlan_tcp(struct cfg80211_registered_device *rdev,
13166 struct nlattr *attr,
13167 struct cfg80211_wowlan *trig)
13169 struct nlattr *tb[NUM_NL80211_WOWLAN_TCP];
13170 struct cfg80211_wowlan_tcp *cfg;
13171 struct nl80211_wowlan_tcp_data_token *tok = NULL;
13172 struct nl80211_wowlan_tcp_data_seq *seq = NULL;
13174 u32 data_size, wake_size, tokens_size = 0, wake_mask_size;
13177 if (!rdev->wiphy.wowlan->tcp)
13180 err = nla_parse_nested_deprecated(tb, MAX_NL80211_WOWLAN_TCP, attr,
13181 nl80211_wowlan_tcp_policy, NULL);
13185 if (!tb[NL80211_WOWLAN_TCP_SRC_IPV4] ||
13186 !tb[NL80211_WOWLAN_TCP_DST_IPV4] ||
13187 !tb[NL80211_WOWLAN_TCP_DST_MAC] ||
13188 !tb[NL80211_WOWLAN_TCP_DST_PORT] ||
13189 !tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD] ||
13190 !tb[NL80211_WOWLAN_TCP_DATA_INTERVAL] ||
13191 !tb[NL80211_WOWLAN_TCP_WAKE_PAYLOAD] ||
13192 !tb[NL80211_WOWLAN_TCP_WAKE_MASK])
13195 data_size = nla_len(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD]);
13196 if (data_size > rdev->wiphy.wowlan->tcp->data_payload_max)
13199 if (nla_get_u32(tb[NL80211_WOWLAN_TCP_DATA_INTERVAL]) >
13200 rdev->wiphy.wowlan->tcp->data_interval_max ||
13201 nla_get_u32(tb[NL80211_WOWLAN_TCP_DATA_INTERVAL]) == 0)
13204 wake_size = nla_len(tb[NL80211_WOWLAN_TCP_WAKE_PAYLOAD]);
13205 if (wake_size > rdev->wiphy.wowlan->tcp->wake_payload_max)
13208 wake_mask_size = nla_len(tb[NL80211_WOWLAN_TCP_WAKE_MASK]);
13209 if (wake_mask_size != DIV_ROUND_UP(wake_size, 8))
13212 if (tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN]) {
13213 u32 tokln = nla_len(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN]);
13215 tok = nla_data(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_TOKEN]);
13216 tokens_size = tokln - sizeof(*tok);
13218 if (!tok->len || tokens_size % tok->len)
13220 if (!rdev->wiphy.wowlan->tcp->tok)
13222 if (tok->len > rdev->wiphy.wowlan->tcp->tok->max_len)
13224 if (tok->len < rdev->wiphy.wowlan->tcp->tok->min_len)
13226 if (tokens_size > rdev->wiphy.wowlan->tcp->tok->bufsize)
13228 if (tok->offset + tok->len > data_size)
13232 if (tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ]) {
13233 seq = nla_data(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD_SEQ]);
13234 if (!rdev->wiphy.wowlan->tcp->seq)
13236 if (seq->len == 0 || seq->len > 4)
13238 if (seq->len + seq->offset > data_size)
13242 size = sizeof(*cfg);
13244 size += wake_size + wake_mask_size;
13245 size += tokens_size;
13247 cfg = kzalloc(size, GFP_KERNEL);
13250 cfg->src = nla_get_in_addr(tb[NL80211_WOWLAN_TCP_SRC_IPV4]);
13251 cfg->dst = nla_get_in_addr(tb[NL80211_WOWLAN_TCP_DST_IPV4]);
13252 memcpy(cfg->dst_mac, nla_data(tb[NL80211_WOWLAN_TCP_DST_MAC]),
13254 if (tb[NL80211_WOWLAN_TCP_SRC_PORT])
13255 port = nla_get_u16(tb[NL80211_WOWLAN_TCP_SRC_PORT]);
13259 /* allocate a socket and port for it and use it */
13260 err = __sock_create(wiphy_net(&rdev->wiphy), PF_INET, SOCK_STREAM,
13261 IPPROTO_TCP, &cfg->sock, 1);
13266 if (inet_csk_get_port(cfg->sock->sk, port)) {
13267 sock_release(cfg->sock);
13269 return -EADDRINUSE;
13271 cfg->src_port = inet_sk(cfg->sock->sk)->inet_num;
13277 cfg->src_port = port;
13280 cfg->dst_port = nla_get_u16(tb[NL80211_WOWLAN_TCP_DST_PORT]);
13281 cfg->payload_len = data_size;
13282 cfg->payload = (u8 *)cfg + sizeof(*cfg) + tokens_size;
13283 memcpy((void *)cfg->payload,
13284 nla_data(tb[NL80211_WOWLAN_TCP_DATA_PAYLOAD]),
13287 cfg->payload_seq = *seq;
13288 cfg->data_interval = nla_get_u32(tb[NL80211_WOWLAN_TCP_DATA_INTERVAL]);
13289 cfg->wake_len = wake_size;
13290 cfg->wake_data = (u8 *)cfg + sizeof(*cfg) + tokens_size + data_size;
13291 memcpy((void *)cfg->wake_data,
13292 nla_data(tb[NL80211_WOWLAN_TCP_WAKE_PAYLOAD]),
13294 cfg->wake_mask = (u8 *)cfg + sizeof(*cfg) + tokens_size +
13295 data_size + wake_size;
13296 memcpy((void *)cfg->wake_mask,
13297 nla_data(tb[NL80211_WOWLAN_TCP_WAKE_MASK]),
13300 cfg->tokens_size = tokens_size;
13301 cfg->payload_tok = *tok;
13302 memcpy(cfg->payload_tok.token_stream, tok->token_stream,
13311 static int nl80211_parse_wowlan_nd(struct cfg80211_registered_device *rdev,
13312 const struct wiphy_wowlan_support *wowlan,
13313 struct nlattr *attr,
13314 struct cfg80211_wowlan *trig)
13316 struct nlattr **tb;
13319 tb = kcalloc(NUM_NL80211_ATTR, sizeof(*tb), GFP_KERNEL);
13323 if (!(wowlan->flags & WIPHY_WOWLAN_NET_DETECT)) {
13328 err = nla_parse_nested_deprecated(tb, NL80211_ATTR_MAX, attr,
13329 nl80211_policy, NULL);
13333 trig->nd_config = nl80211_parse_sched_scan(&rdev->wiphy, NULL, tb,
13334 wowlan->max_nd_match_sets);
13335 err = PTR_ERR_OR_ZERO(trig->nd_config);
13337 trig->nd_config = NULL;
13344 static int nl80211_set_wowlan(struct sk_buff *skb, struct genl_info *info)
13346 struct cfg80211_registered_device *rdev = info->user_ptr[0];
13347 struct nlattr *tb[NUM_NL80211_WOWLAN_TRIG];
13348 struct cfg80211_wowlan new_triggers = {};
13349 struct cfg80211_wowlan *ntrig;
13350 const struct wiphy_wowlan_support *wowlan = rdev->wiphy.wowlan;
13352 bool prev_enabled = rdev->wiphy.wowlan_config;
13353 bool regular = false;
13356 return -EOPNOTSUPP;
13358 if (!info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS]) {
13359 cfg80211_rdev_free_wowlan(rdev);
13360 rdev->wiphy.wowlan_config = NULL;
13364 err = nla_parse_nested_deprecated(tb, MAX_NL80211_WOWLAN_TRIG,
13365 info->attrs[NL80211_ATTR_WOWLAN_TRIGGERS],
13366 nl80211_wowlan_policy, info->extack);
13370 if (tb[NL80211_WOWLAN_TRIG_ANY]) {
13371 if (!(wowlan->flags & WIPHY_WOWLAN_ANY))
13373 new_triggers.any = true;
13376 if (tb[NL80211_WOWLAN_TRIG_DISCONNECT]) {
13377 if (!(wowlan->flags & WIPHY_WOWLAN_DISCONNECT))
13379 new_triggers.disconnect = true;
13383 if (tb[NL80211_WOWLAN_TRIG_MAGIC_PKT]) {
13384 if (!(wowlan->flags & WIPHY_WOWLAN_MAGIC_PKT))
13386 new_triggers.magic_pkt = true;
13390 if (tb[NL80211_WOWLAN_TRIG_GTK_REKEY_SUPPORTED])
13393 if (tb[NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE]) {
13394 if (!(wowlan->flags & WIPHY_WOWLAN_GTK_REKEY_FAILURE))
13396 new_triggers.gtk_rekey_failure = true;
13400 if (tb[NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST]) {
13401 if (!(wowlan->flags & WIPHY_WOWLAN_EAP_IDENTITY_REQ))
13403 new_triggers.eap_identity_req = true;
13407 if (tb[NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE]) {
13408 if (!(wowlan->flags & WIPHY_WOWLAN_4WAY_HANDSHAKE))
13410 new_triggers.four_way_handshake = true;
13414 if (tb[NL80211_WOWLAN_TRIG_RFKILL_RELEASE]) {
13415 if (!(wowlan->flags & WIPHY_WOWLAN_RFKILL_RELEASE))
13417 new_triggers.rfkill_release = true;
13421 if (tb[NL80211_WOWLAN_TRIG_PKT_PATTERN]) {
13422 struct nlattr *pat;
13423 int n_patterns = 0;
13424 int rem, pat_len, mask_len, pkt_offset;
13425 struct nlattr *pat_tb[NUM_NL80211_PKTPAT];
13429 nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN],
13432 if (n_patterns > wowlan->n_patterns)
13435 new_triggers.patterns = kcalloc(n_patterns,
13436 sizeof(new_triggers.patterns[0]),
13438 if (!new_triggers.patterns)
13441 new_triggers.n_patterns = n_patterns;
13444 nla_for_each_nested(pat, tb[NL80211_WOWLAN_TRIG_PKT_PATTERN],
13448 err = nla_parse_nested_deprecated(pat_tb,
13449 MAX_NL80211_PKTPAT,
13451 nl80211_packet_pattern_policy,
13457 if (!pat_tb[NL80211_PKTPAT_MASK] ||
13458 !pat_tb[NL80211_PKTPAT_PATTERN])
13460 pat_len = nla_len(pat_tb[NL80211_PKTPAT_PATTERN]);
13461 mask_len = DIV_ROUND_UP(pat_len, 8);
13462 if (nla_len(pat_tb[NL80211_PKTPAT_MASK]) != mask_len)
13464 if (pat_len > wowlan->pattern_max_len ||
13465 pat_len < wowlan->pattern_min_len)
13468 if (!pat_tb[NL80211_PKTPAT_OFFSET])
13471 pkt_offset = nla_get_u32(
13472 pat_tb[NL80211_PKTPAT_OFFSET]);
13473 if (pkt_offset > wowlan->max_pkt_offset)
13475 new_triggers.patterns[i].pkt_offset = pkt_offset;
13477 mask_pat = kmalloc(mask_len + pat_len, GFP_KERNEL);
13482 new_triggers.patterns[i].mask = mask_pat;
13483 memcpy(mask_pat, nla_data(pat_tb[NL80211_PKTPAT_MASK]),
13485 mask_pat += mask_len;
13486 new_triggers.patterns[i].pattern = mask_pat;
13487 new_triggers.patterns[i].pattern_len = pat_len;
13489 nla_data(pat_tb[NL80211_PKTPAT_PATTERN]),
13495 if (tb[NL80211_WOWLAN_TRIG_TCP_CONNECTION]) {
13497 err = nl80211_parse_wowlan_tcp(
13498 rdev, tb[NL80211_WOWLAN_TRIG_TCP_CONNECTION],
13504 if (tb[NL80211_WOWLAN_TRIG_NET_DETECT]) {
13506 err = nl80211_parse_wowlan_nd(
13507 rdev, wowlan, tb[NL80211_WOWLAN_TRIG_NET_DETECT],
13513 /* The 'any' trigger means the device continues operating more or less
13514 * as in its normal operation mode and wakes up the host on most of the
13515 * normal interrupts (like packet RX, ...)
13516 * It therefore makes little sense to combine with the more constrained
13517 * wakeup trigger modes.
13519 if (new_triggers.any && regular) {
13524 ntrig = kmemdup(&new_triggers, sizeof(new_triggers), GFP_KERNEL);
13529 cfg80211_rdev_free_wowlan(rdev);
13530 rdev->wiphy.wowlan_config = ntrig;
13533 if (rdev->ops->set_wakeup &&
13534 prev_enabled != !!rdev->wiphy.wowlan_config)
13535 rdev_set_wakeup(rdev, rdev->wiphy.wowlan_config);
13539 for (i = 0; i < new_triggers.n_patterns; i++)
13540 kfree(new_triggers.patterns[i].mask);
13541 kfree(new_triggers.patterns);
13542 if (new_triggers.tcp && new_triggers.tcp->sock)
13543 sock_release(new_triggers.tcp->sock);
13544 kfree(new_triggers.tcp);
13545 kfree(new_triggers.nd_config);
13550 static int nl80211_send_coalesce_rules(struct sk_buff *msg,
13551 struct cfg80211_registered_device *rdev)
13553 struct nlattr *nl_pats, *nl_pat, *nl_rule, *nl_rules;
13555 struct cfg80211_coalesce_rules *rule;
13557 if (!rdev->coalesce->n_rules)
13560 nl_rules = nla_nest_start_noflag(msg, NL80211_ATTR_COALESCE_RULE);
13564 for (i = 0; i < rdev->coalesce->n_rules; i++) {
13565 nl_rule = nla_nest_start_noflag(msg, i + 1);
13569 rule = &rdev->coalesce->rules[i];
13570 if (nla_put_u32(msg, NL80211_ATTR_COALESCE_RULE_DELAY,
13574 if (nla_put_u32(msg, NL80211_ATTR_COALESCE_RULE_CONDITION,
13578 nl_pats = nla_nest_start_noflag(msg,
13579 NL80211_ATTR_COALESCE_RULE_PKT_PATTERN);
13583 for (j = 0; j < rule->n_patterns; j++) {
13584 nl_pat = nla_nest_start_noflag(msg, j + 1);
13587 pat_len = rule->patterns[j].pattern_len;
13588 if (nla_put(msg, NL80211_PKTPAT_MASK,
13589 DIV_ROUND_UP(pat_len, 8),
13590 rule->patterns[j].mask) ||
13591 nla_put(msg, NL80211_PKTPAT_PATTERN, pat_len,
13592 rule->patterns[j].pattern) ||
13593 nla_put_u32(msg, NL80211_PKTPAT_OFFSET,
13594 rule->patterns[j].pkt_offset))
13596 nla_nest_end(msg, nl_pat);
13598 nla_nest_end(msg, nl_pats);
13599 nla_nest_end(msg, nl_rule);
13601 nla_nest_end(msg, nl_rules);
13606 static int nl80211_get_coalesce(struct sk_buff *skb, struct genl_info *info)
13608 struct cfg80211_registered_device *rdev = info->user_ptr[0];
13609 struct sk_buff *msg;
13612 if (!rdev->wiphy.coalesce)
13613 return -EOPNOTSUPP;
13615 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
13619 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
13620 NL80211_CMD_GET_COALESCE);
13622 goto nla_put_failure;
13624 if (rdev->coalesce && nl80211_send_coalesce_rules(msg, rdev))
13625 goto nla_put_failure;
13627 genlmsg_end(msg, hdr);
13628 return genlmsg_reply(msg, info);
13635 void cfg80211_rdev_free_coalesce(struct cfg80211_registered_device *rdev)
13637 struct cfg80211_coalesce *coalesce = rdev->coalesce;
13639 struct cfg80211_coalesce_rules *rule;
13644 for (i = 0; i < coalesce->n_rules; i++) {
13645 rule = &coalesce->rules[i];
13646 for (j = 0; j < rule->n_patterns; j++)
13647 kfree(rule->patterns[j].mask);
13648 kfree(rule->patterns);
13650 kfree(coalesce->rules);
13652 rdev->coalesce = NULL;
13655 static int nl80211_parse_coalesce_rule(struct cfg80211_registered_device *rdev,
13656 struct nlattr *rule,
13657 struct cfg80211_coalesce_rules *new_rule)
13660 const struct wiphy_coalesce_support *coalesce = rdev->wiphy.coalesce;
13661 struct nlattr *tb[NUM_NL80211_ATTR_COALESCE_RULE], *pat;
13662 int rem, pat_len, mask_len, pkt_offset, n_patterns = 0;
13663 struct nlattr *pat_tb[NUM_NL80211_PKTPAT];
13665 err = nla_parse_nested_deprecated(tb, NL80211_ATTR_COALESCE_RULE_MAX,
13666 rule, nl80211_coalesce_policy, NULL);
13670 if (tb[NL80211_ATTR_COALESCE_RULE_DELAY])
13672 nla_get_u32(tb[NL80211_ATTR_COALESCE_RULE_DELAY]);
13673 if (new_rule->delay > coalesce->max_delay)
13676 if (tb[NL80211_ATTR_COALESCE_RULE_CONDITION])
13677 new_rule->condition =
13678 nla_get_u32(tb[NL80211_ATTR_COALESCE_RULE_CONDITION]);
13680 if (!tb[NL80211_ATTR_COALESCE_RULE_PKT_PATTERN])
13683 nla_for_each_nested(pat, tb[NL80211_ATTR_COALESCE_RULE_PKT_PATTERN],
13686 if (n_patterns > coalesce->n_patterns)
13689 new_rule->patterns = kcalloc(n_patterns, sizeof(new_rule->patterns[0]),
13691 if (!new_rule->patterns)
13694 new_rule->n_patterns = n_patterns;
13697 nla_for_each_nested(pat, tb[NL80211_ATTR_COALESCE_RULE_PKT_PATTERN],
13701 err = nla_parse_nested_deprecated(pat_tb, MAX_NL80211_PKTPAT,
13703 nl80211_packet_pattern_policy,
13708 if (!pat_tb[NL80211_PKTPAT_MASK] ||
13709 !pat_tb[NL80211_PKTPAT_PATTERN])
13711 pat_len = nla_len(pat_tb[NL80211_PKTPAT_PATTERN]);
13712 mask_len = DIV_ROUND_UP(pat_len, 8);
13713 if (nla_len(pat_tb[NL80211_PKTPAT_MASK]) != mask_len)
13715 if (pat_len > coalesce->pattern_max_len ||
13716 pat_len < coalesce->pattern_min_len)
13719 if (!pat_tb[NL80211_PKTPAT_OFFSET])
13722 pkt_offset = nla_get_u32(pat_tb[NL80211_PKTPAT_OFFSET]);
13723 if (pkt_offset > coalesce->max_pkt_offset)
13725 new_rule->patterns[i].pkt_offset = pkt_offset;
13727 mask_pat = kmalloc(mask_len + pat_len, GFP_KERNEL);
13731 new_rule->patterns[i].mask = mask_pat;
13732 memcpy(mask_pat, nla_data(pat_tb[NL80211_PKTPAT_MASK]),
13735 mask_pat += mask_len;
13736 new_rule->patterns[i].pattern = mask_pat;
13737 new_rule->patterns[i].pattern_len = pat_len;
13738 memcpy(mask_pat, nla_data(pat_tb[NL80211_PKTPAT_PATTERN]),
13746 static int nl80211_set_coalesce(struct sk_buff *skb, struct genl_info *info)
13748 struct cfg80211_registered_device *rdev = info->user_ptr[0];
13749 const struct wiphy_coalesce_support *coalesce = rdev->wiphy.coalesce;
13750 struct cfg80211_coalesce new_coalesce = {};
13751 struct cfg80211_coalesce *n_coalesce;
13752 int err, rem_rule, n_rules = 0, i, j;
13753 struct nlattr *rule;
13754 struct cfg80211_coalesce_rules *tmp_rule;
13756 if (!rdev->wiphy.coalesce || !rdev->ops->set_coalesce)
13757 return -EOPNOTSUPP;
13759 if (!info->attrs[NL80211_ATTR_COALESCE_RULE]) {
13760 cfg80211_rdev_free_coalesce(rdev);
13761 rdev_set_coalesce(rdev, NULL);
13765 nla_for_each_nested(rule, info->attrs[NL80211_ATTR_COALESCE_RULE],
13768 if (n_rules > coalesce->n_rules)
13771 new_coalesce.rules = kcalloc(n_rules, sizeof(new_coalesce.rules[0]),
13773 if (!new_coalesce.rules)
13776 new_coalesce.n_rules = n_rules;
13779 nla_for_each_nested(rule, info->attrs[NL80211_ATTR_COALESCE_RULE],
13781 err = nl80211_parse_coalesce_rule(rdev, rule,
13782 &new_coalesce.rules[i]);
13789 err = rdev_set_coalesce(rdev, &new_coalesce);
13793 n_coalesce = kmemdup(&new_coalesce, sizeof(new_coalesce), GFP_KERNEL);
13798 cfg80211_rdev_free_coalesce(rdev);
13799 rdev->coalesce = n_coalesce;
13803 for (i = 0; i < new_coalesce.n_rules; i++) {
13804 tmp_rule = &new_coalesce.rules[i];
13805 for (j = 0; j < tmp_rule->n_patterns; j++)
13806 kfree(tmp_rule->patterns[j].mask);
13807 kfree(tmp_rule->patterns);
13809 kfree(new_coalesce.rules);
13814 static int nl80211_set_rekey_data(struct sk_buff *skb, struct genl_info *info)
13816 struct cfg80211_registered_device *rdev = info->user_ptr[0];
13817 struct net_device *dev = info->user_ptr[1];
13818 struct wireless_dev *wdev = dev->ieee80211_ptr;
13819 struct nlattr *tb[NUM_NL80211_REKEY_DATA];
13820 struct cfg80211_gtk_rekey_data rekey_data = {};
13823 if (!info->attrs[NL80211_ATTR_REKEY_DATA])
13826 err = nla_parse_nested_deprecated(tb, MAX_NL80211_REKEY_DATA,
13827 info->attrs[NL80211_ATTR_REKEY_DATA],
13828 nl80211_rekey_policy, info->extack);
13832 if (!tb[NL80211_REKEY_DATA_REPLAY_CTR] || !tb[NL80211_REKEY_DATA_KEK] ||
13833 !tb[NL80211_REKEY_DATA_KCK])
13835 if (nla_len(tb[NL80211_REKEY_DATA_KEK]) != NL80211_KEK_LEN &&
13836 !(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_EXT_KEK_KCK &&
13837 nla_len(tb[NL80211_REKEY_DATA_KEK]) == NL80211_KEK_EXT_LEN))
13839 if (nla_len(tb[NL80211_REKEY_DATA_KCK]) != NL80211_KCK_LEN &&
13840 !(rdev->wiphy.flags & WIPHY_FLAG_SUPPORTS_EXT_KEK_KCK &&
13841 nla_len(tb[NL80211_REKEY_DATA_KCK]) == NL80211_KCK_EXT_LEN))
13844 rekey_data.kek = nla_data(tb[NL80211_REKEY_DATA_KEK]);
13845 rekey_data.kck = nla_data(tb[NL80211_REKEY_DATA_KCK]);
13846 rekey_data.replay_ctr = nla_data(tb[NL80211_REKEY_DATA_REPLAY_CTR]);
13847 rekey_data.kek_len = nla_len(tb[NL80211_REKEY_DATA_KEK]);
13848 rekey_data.kck_len = nla_len(tb[NL80211_REKEY_DATA_KCK]);
13849 if (tb[NL80211_REKEY_DATA_AKM])
13850 rekey_data.akm = nla_get_u32(tb[NL80211_REKEY_DATA_AKM]);
13853 if (!wdev->connected) {
13858 if (!rdev->ops->set_rekey_data) {
13863 err = rdev_set_rekey_data(rdev, dev, &rekey_data);
13869 static int nl80211_register_unexpected_frame(struct sk_buff *skb,
13870 struct genl_info *info)
13872 struct net_device *dev = info->user_ptr[1];
13873 struct wireless_dev *wdev = dev->ieee80211_ptr;
13875 if (wdev->iftype != NL80211_IFTYPE_AP &&
13876 wdev->iftype != NL80211_IFTYPE_P2P_GO)
13879 if (wdev->ap_unexpected_nlportid)
13882 wdev->ap_unexpected_nlportid = info->snd_portid;
13886 static int nl80211_probe_client(struct sk_buff *skb,
13887 struct genl_info *info)
13889 struct cfg80211_registered_device *rdev = info->user_ptr[0];
13890 struct net_device *dev = info->user_ptr[1];
13891 struct wireless_dev *wdev = dev->ieee80211_ptr;
13892 struct sk_buff *msg;
13898 if (wdev->iftype != NL80211_IFTYPE_AP &&
13899 wdev->iftype != NL80211_IFTYPE_P2P_GO)
13900 return -EOPNOTSUPP;
13902 if (!info->attrs[NL80211_ATTR_MAC])
13905 if (!rdev->ops->probe_client)
13906 return -EOPNOTSUPP;
13908 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
13912 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
13913 NL80211_CMD_PROBE_CLIENT);
13919 addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
13921 err = rdev_probe_client(rdev, dev, addr, &cookie);
13925 if (nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, cookie,
13927 goto nla_put_failure;
13929 genlmsg_end(msg, hdr);
13931 return genlmsg_reply(msg, info);
13940 static int nl80211_register_beacons(struct sk_buff *skb, struct genl_info *info)
13942 struct cfg80211_registered_device *rdev = info->user_ptr[0];
13943 struct cfg80211_beacon_registration *reg, *nreg;
13946 if (!(rdev->wiphy.flags & WIPHY_FLAG_REPORTS_OBSS))
13947 return -EOPNOTSUPP;
13949 nreg = kzalloc(sizeof(*nreg), GFP_KERNEL);
13953 /* First, check if already registered. */
13954 spin_lock_bh(&rdev->beacon_registrations_lock);
13955 list_for_each_entry(reg, &rdev->beacon_registrations, list) {
13956 if (reg->nlportid == info->snd_portid) {
13961 /* Add it to the list */
13962 nreg->nlportid = info->snd_portid;
13963 list_add(&nreg->list, &rdev->beacon_registrations);
13965 spin_unlock_bh(&rdev->beacon_registrations_lock);
13969 spin_unlock_bh(&rdev->beacon_registrations_lock);
13974 static int nl80211_start_p2p_device(struct sk_buff *skb, struct genl_info *info)
13976 struct cfg80211_registered_device *rdev = info->user_ptr[0];
13977 struct wireless_dev *wdev = info->user_ptr[1];
13980 if (!rdev->ops->start_p2p_device)
13981 return -EOPNOTSUPP;
13983 if (wdev->iftype != NL80211_IFTYPE_P2P_DEVICE)
13984 return -EOPNOTSUPP;
13986 if (wdev_running(wdev))
13989 if (rfkill_blocked(rdev->wiphy.rfkill))
13992 err = rdev_start_p2p_device(rdev, wdev);
13996 wdev->is_running = true;
14002 static int nl80211_stop_p2p_device(struct sk_buff *skb, struct genl_info *info)
14004 struct cfg80211_registered_device *rdev = info->user_ptr[0];
14005 struct wireless_dev *wdev = info->user_ptr[1];
14007 if (wdev->iftype != NL80211_IFTYPE_P2P_DEVICE)
14008 return -EOPNOTSUPP;
14010 if (!rdev->ops->stop_p2p_device)
14011 return -EOPNOTSUPP;
14013 cfg80211_stop_p2p_device(rdev, wdev);
14018 static int nl80211_start_nan(struct sk_buff *skb, struct genl_info *info)
14020 struct cfg80211_registered_device *rdev = info->user_ptr[0];
14021 struct wireless_dev *wdev = info->user_ptr[1];
14022 struct cfg80211_nan_conf conf = {};
14025 if (wdev->iftype != NL80211_IFTYPE_NAN)
14026 return -EOPNOTSUPP;
14028 if (wdev_running(wdev))
14031 if (rfkill_blocked(rdev->wiphy.rfkill))
14034 if (!info->attrs[NL80211_ATTR_NAN_MASTER_PREF])
14038 nla_get_u8(info->attrs[NL80211_ATTR_NAN_MASTER_PREF]);
14040 if (info->attrs[NL80211_ATTR_BANDS]) {
14041 u32 bands = nla_get_u32(info->attrs[NL80211_ATTR_BANDS]);
14043 if (bands & ~(u32)wdev->wiphy->nan_supported_bands)
14044 return -EOPNOTSUPP;
14046 if (bands && !(bands & BIT(NL80211_BAND_2GHZ)))
14049 conf.bands = bands;
14052 err = rdev_start_nan(rdev, wdev, &conf);
14056 wdev->is_running = true;
14062 static int nl80211_stop_nan(struct sk_buff *skb, struct genl_info *info)
14064 struct cfg80211_registered_device *rdev = info->user_ptr[0];
14065 struct wireless_dev *wdev = info->user_ptr[1];
14067 if (wdev->iftype != NL80211_IFTYPE_NAN)
14068 return -EOPNOTSUPP;
14070 cfg80211_stop_nan(rdev, wdev);
14075 static int validate_nan_filter(struct nlattr *filter_attr)
14077 struct nlattr *attr;
14078 int len = 0, n_entries = 0, rem;
14080 nla_for_each_nested(attr, filter_attr, rem) {
14081 len += nla_len(attr);
14091 static int handle_nan_filter(struct nlattr *attr_filter,
14092 struct cfg80211_nan_func *func,
14095 struct nlattr *attr;
14096 int n_entries, rem, i;
14097 struct cfg80211_nan_func_filter *filter;
14099 n_entries = validate_nan_filter(attr_filter);
14103 BUILD_BUG_ON(sizeof(*func->rx_filters) != sizeof(*func->tx_filters));
14105 filter = kcalloc(n_entries, sizeof(*func->rx_filters), GFP_KERNEL);
14110 nla_for_each_nested(attr, attr_filter, rem) {
14111 filter[i].filter = nla_memdup(attr, GFP_KERNEL);
14112 if (!filter[i].filter)
14115 filter[i].len = nla_len(attr);
14119 func->num_tx_filters = n_entries;
14120 func->tx_filters = filter;
14122 func->num_rx_filters = n_entries;
14123 func->rx_filters = filter;
14130 nla_for_each_nested(attr, attr_filter, rem) {
14131 kfree(filter[i].filter);
14138 static int nl80211_nan_add_func(struct sk_buff *skb,
14139 struct genl_info *info)
14141 struct cfg80211_registered_device *rdev = info->user_ptr[0];
14142 struct wireless_dev *wdev = info->user_ptr[1];
14143 struct nlattr *tb[NUM_NL80211_NAN_FUNC_ATTR], *func_attr;
14144 struct cfg80211_nan_func *func;
14145 struct sk_buff *msg = NULL;
14149 if (wdev->iftype != NL80211_IFTYPE_NAN)
14150 return -EOPNOTSUPP;
14152 if (!wdev_running(wdev))
14155 if (!info->attrs[NL80211_ATTR_NAN_FUNC])
14158 err = nla_parse_nested_deprecated(tb, NL80211_NAN_FUNC_ATTR_MAX,
14159 info->attrs[NL80211_ATTR_NAN_FUNC],
14160 nl80211_nan_func_policy,
14165 func = kzalloc(sizeof(*func), GFP_KERNEL);
14169 func->cookie = cfg80211_assign_cookie(rdev);
14171 if (!tb[NL80211_NAN_FUNC_TYPE]) {
14177 func->type = nla_get_u8(tb[NL80211_NAN_FUNC_TYPE]);
14179 if (!tb[NL80211_NAN_FUNC_SERVICE_ID]) {
14184 memcpy(func->service_id, nla_data(tb[NL80211_NAN_FUNC_SERVICE_ID]),
14185 sizeof(func->service_id));
14187 func->close_range =
14188 nla_get_flag(tb[NL80211_NAN_FUNC_CLOSE_RANGE]);
14190 if (tb[NL80211_NAN_FUNC_SERVICE_INFO]) {
14191 func->serv_spec_info_len =
14192 nla_len(tb[NL80211_NAN_FUNC_SERVICE_INFO]);
14193 func->serv_spec_info =
14194 kmemdup(nla_data(tb[NL80211_NAN_FUNC_SERVICE_INFO]),
14195 func->serv_spec_info_len,
14197 if (!func->serv_spec_info) {
14203 if (tb[NL80211_NAN_FUNC_TTL])
14204 func->ttl = nla_get_u32(tb[NL80211_NAN_FUNC_TTL]);
14206 switch (func->type) {
14207 case NL80211_NAN_FUNC_PUBLISH:
14208 if (!tb[NL80211_NAN_FUNC_PUBLISH_TYPE]) {
14213 func->publish_type =
14214 nla_get_u8(tb[NL80211_NAN_FUNC_PUBLISH_TYPE]);
14215 func->publish_bcast =
14216 nla_get_flag(tb[NL80211_NAN_FUNC_PUBLISH_BCAST]);
14218 if ((!(func->publish_type & NL80211_NAN_SOLICITED_PUBLISH)) &&
14219 func->publish_bcast) {
14224 case NL80211_NAN_FUNC_SUBSCRIBE:
14225 func->subscribe_active =
14226 nla_get_flag(tb[NL80211_NAN_FUNC_SUBSCRIBE_ACTIVE]);
14228 case NL80211_NAN_FUNC_FOLLOW_UP:
14229 if (!tb[NL80211_NAN_FUNC_FOLLOW_UP_ID] ||
14230 !tb[NL80211_NAN_FUNC_FOLLOW_UP_REQ_ID] ||
14231 !tb[NL80211_NAN_FUNC_FOLLOW_UP_DEST]) {
14236 func->followup_id =
14237 nla_get_u8(tb[NL80211_NAN_FUNC_FOLLOW_UP_ID]);
14238 func->followup_reqid =
14239 nla_get_u8(tb[NL80211_NAN_FUNC_FOLLOW_UP_REQ_ID]);
14240 memcpy(func->followup_dest.addr,
14241 nla_data(tb[NL80211_NAN_FUNC_FOLLOW_UP_DEST]),
14242 sizeof(func->followup_dest.addr));
14253 if (tb[NL80211_NAN_FUNC_SRF]) {
14254 struct nlattr *srf_tb[NUM_NL80211_NAN_SRF_ATTR];
14256 err = nla_parse_nested_deprecated(srf_tb,
14257 NL80211_NAN_SRF_ATTR_MAX,
14258 tb[NL80211_NAN_FUNC_SRF],
14259 nl80211_nan_srf_policy,
14264 func->srf_include =
14265 nla_get_flag(srf_tb[NL80211_NAN_SRF_INCLUDE]);
14267 if (srf_tb[NL80211_NAN_SRF_BF]) {
14268 if (srf_tb[NL80211_NAN_SRF_MAC_ADDRS] ||
14269 !srf_tb[NL80211_NAN_SRF_BF_IDX]) {
14275 nla_len(srf_tb[NL80211_NAN_SRF_BF]);
14277 kmemdup(nla_data(srf_tb[NL80211_NAN_SRF_BF]),
14278 func->srf_bf_len, GFP_KERNEL);
14279 if (!func->srf_bf) {
14285 nla_get_u8(srf_tb[NL80211_NAN_SRF_BF_IDX]);
14287 struct nlattr *attr, *mac_attr =
14288 srf_tb[NL80211_NAN_SRF_MAC_ADDRS];
14289 int n_entries, rem, i = 0;
14296 n_entries = validate_acl_mac_addrs(mac_attr);
14297 if (n_entries <= 0) {
14302 func->srf_num_macs = n_entries;
14304 kcalloc(n_entries, sizeof(*func->srf_macs),
14306 if (!func->srf_macs) {
14311 nla_for_each_nested(attr, mac_attr, rem)
14312 memcpy(func->srf_macs[i++].addr, nla_data(attr),
14313 sizeof(*func->srf_macs));
14317 if (tb[NL80211_NAN_FUNC_TX_MATCH_FILTER]) {
14318 err = handle_nan_filter(tb[NL80211_NAN_FUNC_TX_MATCH_FILTER],
14324 if (tb[NL80211_NAN_FUNC_RX_MATCH_FILTER]) {
14325 err = handle_nan_filter(tb[NL80211_NAN_FUNC_RX_MATCH_FILTER],
14331 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
14337 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
14338 NL80211_CMD_ADD_NAN_FUNCTION);
14339 /* This can't really happen - we just allocated 4KB */
14340 if (WARN_ON(!hdr)) {
14345 err = rdev_add_nan_func(rdev, wdev, func);
14348 cfg80211_free_nan_func(func);
14353 /* propagate the instance id and cookie to userspace */
14354 if (nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, func->cookie,
14356 goto nla_put_failure;
14358 func_attr = nla_nest_start_noflag(msg, NL80211_ATTR_NAN_FUNC);
14360 goto nla_put_failure;
14362 if (nla_put_u8(msg, NL80211_NAN_FUNC_INSTANCE_ID,
14363 func->instance_id))
14364 goto nla_put_failure;
14366 nla_nest_end(msg, func_attr);
14368 genlmsg_end(msg, hdr);
14369 return genlmsg_reply(msg, info);
14376 static int nl80211_nan_del_func(struct sk_buff *skb,
14377 struct genl_info *info)
14379 struct cfg80211_registered_device *rdev = info->user_ptr[0];
14380 struct wireless_dev *wdev = info->user_ptr[1];
14383 if (wdev->iftype != NL80211_IFTYPE_NAN)
14384 return -EOPNOTSUPP;
14386 if (!wdev_running(wdev))
14389 if (!info->attrs[NL80211_ATTR_COOKIE])
14392 cookie = nla_get_u64(info->attrs[NL80211_ATTR_COOKIE]);
14394 rdev_del_nan_func(rdev, wdev, cookie);
14399 static int nl80211_nan_change_config(struct sk_buff *skb,
14400 struct genl_info *info)
14402 struct cfg80211_registered_device *rdev = info->user_ptr[0];
14403 struct wireless_dev *wdev = info->user_ptr[1];
14404 struct cfg80211_nan_conf conf = {};
14407 if (wdev->iftype != NL80211_IFTYPE_NAN)
14408 return -EOPNOTSUPP;
14410 if (!wdev_running(wdev))
14413 if (info->attrs[NL80211_ATTR_NAN_MASTER_PREF]) {
14415 nla_get_u8(info->attrs[NL80211_ATTR_NAN_MASTER_PREF]);
14416 if (conf.master_pref <= 1 || conf.master_pref == 255)
14419 changed |= CFG80211_NAN_CONF_CHANGED_PREF;
14422 if (info->attrs[NL80211_ATTR_BANDS]) {
14423 u32 bands = nla_get_u32(info->attrs[NL80211_ATTR_BANDS]);
14425 if (bands & ~(u32)wdev->wiphy->nan_supported_bands)
14426 return -EOPNOTSUPP;
14428 if (bands && !(bands & BIT(NL80211_BAND_2GHZ)))
14431 conf.bands = bands;
14432 changed |= CFG80211_NAN_CONF_CHANGED_BANDS;
14438 return rdev_nan_change_conf(rdev, wdev, &conf, changed);
14441 void cfg80211_nan_match(struct wireless_dev *wdev,
14442 struct cfg80211_nan_match_params *match, gfp_t gfp)
14444 struct wiphy *wiphy = wdev->wiphy;
14445 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
14446 struct nlattr *match_attr, *local_func_attr, *peer_func_attr;
14447 struct sk_buff *msg;
14450 if (WARN_ON(!match->inst_id || !match->peer_inst_id || !match->addr))
14453 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
14457 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NAN_MATCH);
14463 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
14464 (wdev->netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
14465 wdev->netdev->ifindex)) ||
14466 nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
14468 goto nla_put_failure;
14470 if (nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, match->cookie,
14471 NL80211_ATTR_PAD) ||
14472 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, match->addr))
14473 goto nla_put_failure;
14475 match_attr = nla_nest_start_noflag(msg, NL80211_ATTR_NAN_MATCH);
14477 goto nla_put_failure;
14479 local_func_attr = nla_nest_start_noflag(msg,
14480 NL80211_NAN_MATCH_FUNC_LOCAL);
14481 if (!local_func_attr)
14482 goto nla_put_failure;
14484 if (nla_put_u8(msg, NL80211_NAN_FUNC_INSTANCE_ID, match->inst_id))
14485 goto nla_put_failure;
14487 nla_nest_end(msg, local_func_attr);
14489 peer_func_attr = nla_nest_start_noflag(msg,
14490 NL80211_NAN_MATCH_FUNC_PEER);
14491 if (!peer_func_attr)
14492 goto nla_put_failure;
14494 if (nla_put_u8(msg, NL80211_NAN_FUNC_TYPE, match->type) ||
14495 nla_put_u8(msg, NL80211_NAN_FUNC_INSTANCE_ID, match->peer_inst_id))
14496 goto nla_put_failure;
14498 if (match->info && match->info_len &&
14499 nla_put(msg, NL80211_NAN_FUNC_SERVICE_INFO, match->info_len,
14501 goto nla_put_failure;
14503 nla_nest_end(msg, peer_func_attr);
14504 nla_nest_end(msg, match_attr);
14505 genlmsg_end(msg, hdr);
14507 if (!wdev->owner_nlportid)
14508 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy),
14509 msg, 0, NL80211_MCGRP_NAN, gfp);
14511 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg,
14512 wdev->owner_nlportid);
14519 EXPORT_SYMBOL(cfg80211_nan_match);
14521 void cfg80211_nan_func_terminated(struct wireless_dev *wdev,
14523 enum nl80211_nan_func_term_reason reason,
14524 u64 cookie, gfp_t gfp)
14526 struct wiphy *wiphy = wdev->wiphy;
14527 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
14528 struct sk_buff *msg;
14529 struct nlattr *func_attr;
14532 if (WARN_ON(!inst_id))
14535 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
14539 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DEL_NAN_FUNCTION);
14545 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
14546 (wdev->netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
14547 wdev->netdev->ifindex)) ||
14548 nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
14550 goto nla_put_failure;
14552 if (nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, cookie,
14554 goto nla_put_failure;
14556 func_attr = nla_nest_start_noflag(msg, NL80211_ATTR_NAN_FUNC);
14558 goto nla_put_failure;
14560 if (nla_put_u8(msg, NL80211_NAN_FUNC_INSTANCE_ID, inst_id) ||
14561 nla_put_u8(msg, NL80211_NAN_FUNC_TERM_REASON, reason))
14562 goto nla_put_failure;
14564 nla_nest_end(msg, func_attr);
14565 genlmsg_end(msg, hdr);
14567 if (!wdev->owner_nlportid)
14568 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy),
14569 msg, 0, NL80211_MCGRP_NAN, gfp);
14571 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg,
14572 wdev->owner_nlportid);
14579 EXPORT_SYMBOL(cfg80211_nan_func_terminated);
14581 static int nl80211_get_protocol_features(struct sk_buff *skb,
14582 struct genl_info *info)
14585 struct sk_buff *msg;
14587 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
14591 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
14592 NL80211_CMD_GET_PROTOCOL_FEATURES);
14594 goto nla_put_failure;
14596 if (nla_put_u32(msg, NL80211_ATTR_PROTOCOL_FEATURES,
14597 NL80211_PROTOCOL_FEATURE_SPLIT_WIPHY_DUMP))
14598 goto nla_put_failure;
14600 genlmsg_end(msg, hdr);
14601 return genlmsg_reply(msg, info);
14608 static int nl80211_update_ft_ies(struct sk_buff *skb, struct genl_info *info)
14610 struct cfg80211_registered_device *rdev = info->user_ptr[0];
14611 struct cfg80211_update_ft_ies_params ft_params;
14612 struct net_device *dev = info->user_ptr[1];
14614 if (!rdev->ops->update_ft_ies)
14615 return -EOPNOTSUPP;
14617 if (!info->attrs[NL80211_ATTR_MDID] ||
14618 !info->attrs[NL80211_ATTR_IE])
14621 memset(&ft_params, 0, sizeof(ft_params));
14622 ft_params.md = nla_get_u16(info->attrs[NL80211_ATTR_MDID]);
14623 ft_params.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
14624 ft_params.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
14626 return rdev_update_ft_ies(rdev, dev, &ft_params);
14629 static int nl80211_crit_protocol_start(struct sk_buff *skb,
14630 struct genl_info *info)
14632 struct cfg80211_registered_device *rdev = info->user_ptr[0];
14633 struct wireless_dev *wdev = info->user_ptr[1];
14634 enum nl80211_crit_proto_id proto = NL80211_CRIT_PROTO_UNSPEC;
14638 if (!rdev->ops->crit_proto_start)
14639 return -EOPNOTSUPP;
14641 if (WARN_ON(!rdev->ops->crit_proto_stop))
14644 if (rdev->crit_proto_nlportid)
14647 /* determine protocol if provided */
14648 if (info->attrs[NL80211_ATTR_CRIT_PROT_ID])
14649 proto = nla_get_u16(info->attrs[NL80211_ATTR_CRIT_PROT_ID]);
14651 if (proto >= NUM_NL80211_CRIT_PROTO)
14654 /* timeout must be provided */
14655 if (!info->attrs[NL80211_ATTR_MAX_CRIT_PROT_DURATION])
14659 nla_get_u16(info->attrs[NL80211_ATTR_MAX_CRIT_PROT_DURATION]);
14661 ret = rdev_crit_proto_start(rdev, wdev, proto, duration);
14663 rdev->crit_proto_nlportid = info->snd_portid;
14668 static int nl80211_crit_protocol_stop(struct sk_buff *skb,
14669 struct genl_info *info)
14671 struct cfg80211_registered_device *rdev = info->user_ptr[0];
14672 struct wireless_dev *wdev = info->user_ptr[1];
14674 if (!rdev->ops->crit_proto_stop)
14675 return -EOPNOTSUPP;
14677 if (rdev->crit_proto_nlportid) {
14678 rdev->crit_proto_nlportid = 0;
14679 rdev_crit_proto_stop(rdev, wdev);
14684 static int nl80211_vendor_check_policy(const struct wiphy_vendor_command *vcmd,
14685 struct nlattr *attr,
14686 struct netlink_ext_ack *extack)
14688 if (vcmd->policy == VENDOR_CMD_RAW_DATA) {
14689 if (attr->nla_type & NLA_F_NESTED) {
14690 NL_SET_ERR_MSG_ATTR(extack, attr,
14691 "unexpected nested data");
14698 if (!(attr->nla_type & NLA_F_NESTED)) {
14699 NL_SET_ERR_MSG_ATTR(extack, attr, "expected nested data");
14703 return nla_validate_nested(attr, vcmd->maxattr, vcmd->policy, extack);
14706 static int nl80211_vendor_cmd(struct sk_buff *skb, struct genl_info *info)
14708 struct cfg80211_registered_device *rdev = info->user_ptr[0];
14709 struct wireless_dev *wdev =
14710 __cfg80211_wdev_from_attrs(rdev, genl_info_net(info),
14715 if (!rdev->wiphy.vendor_commands)
14716 return -EOPNOTSUPP;
14718 if (IS_ERR(wdev)) {
14719 err = PTR_ERR(wdev);
14720 if (err != -EINVAL)
14723 } else if (wdev->wiphy != &rdev->wiphy) {
14727 if (!info->attrs[NL80211_ATTR_VENDOR_ID] ||
14728 !info->attrs[NL80211_ATTR_VENDOR_SUBCMD])
14731 vid = nla_get_u32(info->attrs[NL80211_ATTR_VENDOR_ID]);
14732 subcmd = nla_get_u32(info->attrs[NL80211_ATTR_VENDOR_SUBCMD]);
14733 for (i = 0; i < rdev->wiphy.n_vendor_commands; i++) {
14734 const struct wiphy_vendor_command *vcmd;
14738 vcmd = &rdev->wiphy.vendor_commands[i];
14740 if (vcmd->info.vendor_id != vid || vcmd->info.subcmd != subcmd)
14743 if (vcmd->flags & (WIPHY_VENDOR_CMD_NEED_WDEV |
14744 WIPHY_VENDOR_CMD_NEED_NETDEV)) {
14747 if (vcmd->flags & WIPHY_VENDOR_CMD_NEED_NETDEV &&
14751 if (vcmd->flags & WIPHY_VENDOR_CMD_NEED_RUNNING) {
14752 if (!wdev_running(wdev))
14760 return -EOPNOTSUPP;
14762 if (info->attrs[NL80211_ATTR_VENDOR_DATA]) {
14763 data = nla_data(info->attrs[NL80211_ATTR_VENDOR_DATA]);
14764 len = nla_len(info->attrs[NL80211_ATTR_VENDOR_DATA]);
14766 err = nl80211_vendor_check_policy(vcmd,
14767 info->attrs[NL80211_ATTR_VENDOR_DATA],
14773 rdev->cur_cmd_info = info;
14774 err = vcmd->doit(&rdev->wiphy, wdev, data, len);
14775 rdev->cur_cmd_info = NULL;
14779 return -EOPNOTSUPP;
14782 static int nl80211_prepare_vendor_dump(struct sk_buff *skb,
14783 struct netlink_callback *cb,
14784 struct cfg80211_registered_device **rdev,
14785 struct wireless_dev **wdev)
14787 struct nlattr **attrbuf;
14793 unsigned int data_len = 0;
14796 /* subtract the 1 again here */
14797 struct wiphy *wiphy = wiphy_idx_to_wiphy(cb->args[0] - 1);
14798 struct wireless_dev *tmp;
14802 *rdev = wiphy_to_rdev(wiphy);
14806 list_for_each_entry(tmp, &wiphy->wdev_list, list) {
14807 if (tmp->identifier == cb->args[1] - 1) {
14814 /* keep rtnl locked in successful case */
14818 attrbuf = kcalloc(NUM_NL80211_ATTR, sizeof(*attrbuf), GFP_KERNEL);
14822 err = nlmsg_parse_deprecated(cb->nlh,
14823 GENL_HDRLEN + nl80211_fam.hdrsize,
14824 attrbuf, nl80211_fam.maxattr,
14825 nl80211_policy, NULL);
14829 if (!attrbuf[NL80211_ATTR_VENDOR_ID] ||
14830 !attrbuf[NL80211_ATTR_VENDOR_SUBCMD]) {
14835 *wdev = __cfg80211_wdev_from_attrs(NULL, sock_net(skb->sk), attrbuf);
14839 *rdev = __cfg80211_rdev_from_attrs(sock_net(skb->sk), attrbuf);
14840 if (IS_ERR(*rdev)) {
14841 err = PTR_ERR(*rdev);
14845 vid = nla_get_u32(attrbuf[NL80211_ATTR_VENDOR_ID]);
14846 subcmd = nla_get_u32(attrbuf[NL80211_ATTR_VENDOR_SUBCMD]);
14848 for (i = 0; i < (*rdev)->wiphy.n_vendor_commands; i++) {
14849 const struct wiphy_vendor_command *vcmd;
14851 vcmd = &(*rdev)->wiphy.vendor_commands[i];
14853 if (vcmd->info.vendor_id != vid || vcmd->info.subcmd != subcmd)
14856 if (!vcmd->dumpit) {
14865 if (vcmd_idx < 0) {
14870 if (attrbuf[NL80211_ATTR_VENDOR_DATA]) {
14871 data = nla_data(attrbuf[NL80211_ATTR_VENDOR_DATA]);
14872 data_len = nla_len(attrbuf[NL80211_ATTR_VENDOR_DATA]);
14874 err = nl80211_vendor_check_policy(
14875 &(*rdev)->wiphy.vendor_commands[vcmd_idx],
14876 attrbuf[NL80211_ATTR_VENDOR_DATA],
14882 /* 0 is the first index - add 1 to parse only once */
14883 cb->args[0] = (*rdev)->wiphy_idx + 1;
14884 /* add 1 to know if it was NULL */
14885 cb->args[1] = *wdev ? (*wdev)->identifier + 1 : 0;
14886 cb->args[2] = vcmd_idx;
14887 cb->args[3] = (unsigned long)data;
14888 cb->args[4] = data_len;
14890 /* keep rtnl locked in successful case */
14897 static int nl80211_vendor_cmd_dump(struct sk_buff *skb,
14898 struct netlink_callback *cb)
14900 struct cfg80211_registered_device *rdev;
14901 struct wireless_dev *wdev;
14902 unsigned int vcmd_idx;
14903 const struct wiphy_vendor_command *vcmd;
14907 struct nlattr *vendor_data;
14910 err = nl80211_prepare_vendor_dump(skb, cb, &rdev, &wdev);
14914 vcmd_idx = cb->args[2];
14915 data = (void *)cb->args[3];
14916 data_len = cb->args[4];
14917 vcmd = &rdev->wiphy.vendor_commands[vcmd_idx];
14919 if (vcmd->flags & (WIPHY_VENDOR_CMD_NEED_WDEV |
14920 WIPHY_VENDOR_CMD_NEED_NETDEV)) {
14925 if (vcmd->flags & WIPHY_VENDOR_CMD_NEED_NETDEV &&
14931 if (vcmd->flags & WIPHY_VENDOR_CMD_NEED_RUNNING) {
14932 if (!wdev_running(wdev)) {
14940 void *hdr = nl80211hdr_put(skb, NETLINK_CB(cb->skb).portid,
14941 cb->nlh->nlmsg_seq, NLM_F_MULTI,
14942 NL80211_CMD_VENDOR);
14946 if (nla_put_u32(skb, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
14947 (wdev && nla_put_u64_64bit(skb, NL80211_ATTR_WDEV,
14949 NL80211_ATTR_PAD))) {
14950 genlmsg_cancel(skb, hdr);
14954 vendor_data = nla_nest_start_noflag(skb,
14955 NL80211_ATTR_VENDOR_DATA);
14956 if (!vendor_data) {
14957 genlmsg_cancel(skb, hdr);
14961 err = vcmd->dumpit(&rdev->wiphy, wdev, skb, data, data_len,
14962 (unsigned long *)&cb->args[5]);
14963 nla_nest_end(skb, vendor_data);
14965 if (err == -ENOBUFS || err == -ENOENT) {
14966 genlmsg_cancel(skb, hdr);
14968 } else if (err <= 0) {
14969 genlmsg_cancel(skb, hdr);
14973 genlmsg_end(skb, hdr);
14982 struct sk_buff *__cfg80211_alloc_reply_skb(struct wiphy *wiphy,
14983 enum nl80211_commands cmd,
14984 enum nl80211_attrs attr,
14987 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
14989 if (WARN_ON(!rdev->cur_cmd_info))
14992 return __cfg80211_alloc_vendor_skb(rdev, NULL, approxlen,
14993 rdev->cur_cmd_info->snd_portid,
14994 rdev->cur_cmd_info->snd_seq,
14995 cmd, attr, NULL, GFP_KERNEL);
14997 EXPORT_SYMBOL(__cfg80211_alloc_reply_skb);
14999 int cfg80211_vendor_cmd_reply(struct sk_buff *skb)
15001 struct cfg80211_registered_device *rdev = ((void **)skb->cb)[0];
15002 void *hdr = ((void **)skb->cb)[1];
15003 struct nlattr *data = ((void **)skb->cb)[2];
15005 /* clear CB data for netlink core to own from now on */
15006 memset(skb->cb, 0, sizeof(skb->cb));
15008 if (WARN_ON(!rdev->cur_cmd_info)) {
15013 nla_nest_end(skb, data);
15014 genlmsg_end(skb, hdr);
15015 return genlmsg_reply(skb, rdev->cur_cmd_info);
15017 EXPORT_SYMBOL_GPL(cfg80211_vendor_cmd_reply);
15019 unsigned int cfg80211_vendor_cmd_get_sender(struct wiphy *wiphy)
15021 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
15023 if (WARN_ON(!rdev->cur_cmd_info))
15026 return rdev->cur_cmd_info->snd_portid;
15028 EXPORT_SYMBOL_GPL(cfg80211_vendor_cmd_get_sender);
15030 static int nl80211_set_qos_map(struct sk_buff *skb,
15031 struct genl_info *info)
15033 struct cfg80211_registered_device *rdev = info->user_ptr[0];
15034 struct cfg80211_qos_map *qos_map = NULL;
15035 struct net_device *dev = info->user_ptr[1];
15036 u8 *pos, len, num_des, des_len, des;
15039 if (!rdev->ops->set_qos_map)
15040 return -EOPNOTSUPP;
15042 if (info->attrs[NL80211_ATTR_QOS_MAP]) {
15043 pos = nla_data(info->attrs[NL80211_ATTR_QOS_MAP]);
15044 len = nla_len(info->attrs[NL80211_ATTR_QOS_MAP]);
15049 qos_map = kzalloc(sizeof(struct cfg80211_qos_map), GFP_KERNEL);
15053 num_des = (len - IEEE80211_QOS_MAP_LEN_MIN) >> 1;
15055 des_len = num_des *
15056 sizeof(struct cfg80211_dscp_exception);
15057 memcpy(qos_map->dscp_exception, pos, des_len);
15058 qos_map->num_des = num_des;
15059 for (des = 0; des < num_des; des++) {
15060 if (qos_map->dscp_exception[des].up > 7) {
15067 memcpy(qos_map->up, pos, IEEE80211_QOS_MAP_LEN_MIN);
15070 wdev_lock(dev->ieee80211_ptr);
15071 ret = nl80211_key_allowed(dev->ieee80211_ptr);
15073 ret = rdev_set_qos_map(rdev, dev, qos_map);
15074 wdev_unlock(dev->ieee80211_ptr);
15080 static int nl80211_add_tx_ts(struct sk_buff *skb, struct genl_info *info)
15082 struct cfg80211_registered_device *rdev = info->user_ptr[0];
15083 struct net_device *dev = info->user_ptr[1];
15084 struct wireless_dev *wdev = dev->ieee80211_ptr;
15087 u16 admitted_time = 0;
15090 if (!(rdev->wiphy.features & NL80211_FEATURE_SUPPORTS_WMM_ADMISSION))
15091 return -EOPNOTSUPP;
15093 if (!info->attrs[NL80211_ATTR_TSID] || !info->attrs[NL80211_ATTR_MAC] ||
15094 !info->attrs[NL80211_ATTR_USER_PRIO])
15097 tsid = nla_get_u8(info->attrs[NL80211_ATTR_TSID]);
15098 up = nla_get_u8(info->attrs[NL80211_ATTR_USER_PRIO]);
15100 /* WMM uses TIDs 0-7 even for TSPEC */
15101 if (tsid >= IEEE80211_FIRST_TSPEC_TSID) {
15102 /* TODO: handle 802.11 TSPEC/admission control
15103 * need more attributes for that (e.g. BA session requirement);
15104 * change the WMM adminssion test above to allow both then
15109 peer = nla_data(info->attrs[NL80211_ATTR_MAC]);
15111 if (info->attrs[NL80211_ATTR_ADMITTED_TIME]) {
15113 nla_get_u16(info->attrs[NL80211_ATTR_ADMITTED_TIME]);
15114 if (!admitted_time)
15119 switch (wdev->iftype) {
15120 case NL80211_IFTYPE_STATION:
15121 case NL80211_IFTYPE_P2P_CLIENT:
15122 if (wdev->connected)
15131 err = rdev_add_tx_ts(rdev, dev, tsid, peer, up, admitted_time);
15138 static int nl80211_del_tx_ts(struct sk_buff *skb, struct genl_info *info)
15140 struct cfg80211_registered_device *rdev = info->user_ptr[0];
15141 struct net_device *dev = info->user_ptr[1];
15142 struct wireless_dev *wdev = dev->ieee80211_ptr;
15147 if (!info->attrs[NL80211_ATTR_TSID] || !info->attrs[NL80211_ATTR_MAC])
15150 tsid = nla_get_u8(info->attrs[NL80211_ATTR_TSID]);
15151 peer = nla_data(info->attrs[NL80211_ATTR_MAC]);
15154 err = rdev_del_tx_ts(rdev, dev, tsid, peer);
15160 static int nl80211_tdls_channel_switch(struct sk_buff *skb,
15161 struct genl_info *info)
15163 struct cfg80211_registered_device *rdev = info->user_ptr[0];
15164 struct net_device *dev = info->user_ptr[1];
15165 struct wireless_dev *wdev = dev->ieee80211_ptr;
15166 struct cfg80211_chan_def chandef = {};
15171 if (!rdev->ops->tdls_channel_switch ||
15172 !(rdev->wiphy.features & NL80211_FEATURE_TDLS_CHANNEL_SWITCH))
15173 return -EOPNOTSUPP;
15175 switch (dev->ieee80211_ptr->iftype) {
15176 case NL80211_IFTYPE_STATION:
15177 case NL80211_IFTYPE_P2P_CLIENT:
15180 return -EOPNOTSUPP;
15183 if (!info->attrs[NL80211_ATTR_MAC] ||
15184 !info->attrs[NL80211_ATTR_OPER_CLASS])
15187 err = nl80211_parse_chandef(rdev, info, &chandef);
15192 * Don't allow wide channels on the 2.4Ghz band, as per IEEE802.11-2012
15193 * section 10.22.6.2.1. Disallow 5/10Mhz channels as well for now, the
15194 * specification is not defined for them.
15196 if (chandef.chan->band == NL80211_BAND_2GHZ &&
15197 chandef.width != NL80211_CHAN_WIDTH_20_NOHT &&
15198 chandef.width != NL80211_CHAN_WIDTH_20)
15201 /* we will be active on the TDLS link */
15202 if (!cfg80211_reg_can_beacon_relax(&rdev->wiphy, &chandef,
15206 /* don't allow switching to DFS channels */
15207 if (cfg80211_chandef_dfs_required(wdev->wiphy, &chandef, wdev->iftype))
15210 addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
15211 oper_class = nla_get_u8(info->attrs[NL80211_ATTR_OPER_CLASS]);
15214 err = rdev_tdls_channel_switch(rdev, dev, addr, oper_class, &chandef);
15220 static int nl80211_tdls_cancel_channel_switch(struct sk_buff *skb,
15221 struct genl_info *info)
15223 struct cfg80211_registered_device *rdev = info->user_ptr[0];
15224 struct net_device *dev = info->user_ptr[1];
15225 struct wireless_dev *wdev = dev->ieee80211_ptr;
15228 if (!rdev->ops->tdls_channel_switch ||
15229 !rdev->ops->tdls_cancel_channel_switch ||
15230 !(rdev->wiphy.features & NL80211_FEATURE_TDLS_CHANNEL_SWITCH))
15231 return -EOPNOTSUPP;
15233 switch (dev->ieee80211_ptr->iftype) {
15234 case NL80211_IFTYPE_STATION:
15235 case NL80211_IFTYPE_P2P_CLIENT:
15238 return -EOPNOTSUPP;
15241 if (!info->attrs[NL80211_ATTR_MAC])
15244 addr = nla_data(info->attrs[NL80211_ATTR_MAC]);
15247 rdev_tdls_cancel_channel_switch(rdev, dev, addr);
15253 static int nl80211_set_multicast_to_unicast(struct sk_buff *skb,
15254 struct genl_info *info)
15256 struct cfg80211_registered_device *rdev = info->user_ptr[0];
15257 struct net_device *dev = info->user_ptr[1];
15258 struct wireless_dev *wdev = dev->ieee80211_ptr;
15259 const struct nlattr *nla;
15262 if (!rdev->ops->set_multicast_to_unicast)
15263 return -EOPNOTSUPP;
15265 if (wdev->iftype != NL80211_IFTYPE_AP &&
15266 wdev->iftype != NL80211_IFTYPE_P2P_GO)
15267 return -EOPNOTSUPP;
15269 nla = info->attrs[NL80211_ATTR_MULTICAST_TO_UNICAST_ENABLED];
15270 enabled = nla_get_flag(nla);
15272 return rdev_set_multicast_to_unicast(rdev, dev, enabled);
15275 static int nl80211_set_pmk(struct sk_buff *skb, struct genl_info *info)
15277 struct cfg80211_registered_device *rdev = info->user_ptr[0];
15278 struct net_device *dev = info->user_ptr[1];
15279 struct wireless_dev *wdev = dev->ieee80211_ptr;
15280 struct cfg80211_pmk_conf pmk_conf = {};
15283 if (wdev->iftype != NL80211_IFTYPE_STATION &&
15284 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT)
15285 return -EOPNOTSUPP;
15287 if (!wiphy_ext_feature_isset(&rdev->wiphy,
15288 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X))
15289 return -EOPNOTSUPP;
15291 if (!info->attrs[NL80211_ATTR_MAC] || !info->attrs[NL80211_ATTR_PMK])
15295 if (!wdev->connected) {
15300 pmk_conf.aa = nla_data(info->attrs[NL80211_ATTR_MAC]);
15301 if (memcmp(pmk_conf.aa, wdev->u.client.connected_addr, ETH_ALEN)) {
15306 pmk_conf.pmk = nla_data(info->attrs[NL80211_ATTR_PMK]);
15307 pmk_conf.pmk_len = nla_len(info->attrs[NL80211_ATTR_PMK]);
15308 if (pmk_conf.pmk_len != WLAN_PMK_LEN &&
15309 pmk_conf.pmk_len != WLAN_PMK_LEN_SUITE_B_192) {
15314 if (info->attrs[NL80211_ATTR_PMKR0_NAME])
15315 pmk_conf.pmk_r0_name =
15316 nla_data(info->attrs[NL80211_ATTR_PMKR0_NAME]);
15318 ret = rdev_set_pmk(rdev, dev, &pmk_conf);
15324 static int nl80211_del_pmk(struct sk_buff *skb, struct genl_info *info)
15326 struct cfg80211_registered_device *rdev = info->user_ptr[0];
15327 struct net_device *dev = info->user_ptr[1];
15328 struct wireless_dev *wdev = dev->ieee80211_ptr;
15332 if (wdev->iftype != NL80211_IFTYPE_STATION &&
15333 wdev->iftype != NL80211_IFTYPE_P2P_CLIENT)
15334 return -EOPNOTSUPP;
15336 if (!wiphy_ext_feature_isset(&rdev->wiphy,
15337 NL80211_EXT_FEATURE_4WAY_HANDSHAKE_STA_1X))
15338 return -EOPNOTSUPP;
15340 if (!info->attrs[NL80211_ATTR_MAC])
15344 aa = nla_data(info->attrs[NL80211_ATTR_MAC]);
15345 ret = rdev_del_pmk(rdev, dev, aa);
15351 static int nl80211_external_auth(struct sk_buff *skb, struct genl_info *info)
15353 struct cfg80211_registered_device *rdev = info->user_ptr[0];
15354 struct net_device *dev = info->user_ptr[1];
15355 struct cfg80211_external_auth_params params;
15357 if (!rdev->ops->external_auth)
15358 return -EOPNOTSUPP;
15360 if (!info->attrs[NL80211_ATTR_SSID] &&
15361 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_AP &&
15362 dev->ieee80211_ptr->iftype != NL80211_IFTYPE_P2P_GO)
15365 if (!info->attrs[NL80211_ATTR_BSSID])
15368 if (!info->attrs[NL80211_ATTR_STATUS_CODE])
15371 memset(¶ms, 0, sizeof(params));
15373 if (info->attrs[NL80211_ATTR_SSID]) {
15374 params.ssid.ssid_len = nla_len(info->attrs[NL80211_ATTR_SSID]);
15375 if (params.ssid.ssid_len == 0)
15377 memcpy(params.ssid.ssid,
15378 nla_data(info->attrs[NL80211_ATTR_SSID]),
15379 params.ssid.ssid_len);
15382 memcpy(params.bssid, nla_data(info->attrs[NL80211_ATTR_BSSID]),
15385 params.status = nla_get_u16(info->attrs[NL80211_ATTR_STATUS_CODE]);
15387 if (info->attrs[NL80211_ATTR_PMKID])
15388 params.pmkid = nla_data(info->attrs[NL80211_ATTR_PMKID]);
15390 return rdev_external_auth(rdev, dev, ¶ms);
15393 static int nl80211_tx_control_port(struct sk_buff *skb, struct genl_info *info)
15395 bool dont_wait_for_ack = info->attrs[NL80211_ATTR_DONT_WAIT_FOR_ACK];
15396 struct cfg80211_registered_device *rdev = info->user_ptr[0];
15397 struct net_device *dev = info->user_ptr[1];
15398 struct wireless_dev *wdev = dev->ieee80211_ptr;
15408 if (!wiphy_ext_feature_isset(&rdev->wiphy,
15409 NL80211_EXT_FEATURE_CONTROL_PORT_OVER_NL80211))
15410 return -EOPNOTSUPP;
15412 if (!rdev->ops->tx_control_port)
15413 return -EOPNOTSUPP;
15415 if (!info->attrs[NL80211_ATTR_FRAME] ||
15416 !info->attrs[NL80211_ATTR_MAC] ||
15417 !info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]) {
15418 GENL_SET_ERR_MSG(info, "Frame, MAC or ethertype missing");
15424 switch (wdev->iftype) {
15425 case NL80211_IFTYPE_AP:
15426 case NL80211_IFTYPE_P2P_GO:
15427 case NL80211_IFTYPE_MESH_POINT:
15429 case NL80211_IFTYPE_ADHOC:
15430 if (wdev->u.ibss.current_bss)
15434 case NL80211_IFTYPE_STATION:
15435 case NL80211_IFTYPE_P2P_CLIENT:
15436 if (wdev->connected)
15447 buf = nla_data(info->attrs[NL80211_ATTR_FRAME]);
15448 len = nla_len(info->attrs[NL80211_ATTR_FRAME]);
15449 dest = nla_data(info->attrs[NL80211_ATTR_MAC]);
15450 proto = nla_get_u16(info->attrs[NL80211_ATTR_CONTROL_PORT_ETHERTYPE]);
15452 nla_get_flag(info->attrs[NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT]);
15454 link_id = nl80211_link_id_or_invalid(info->attrs);
15456 err = rdev_tx_control_port(rdev, dev, buf, len,
15457 dest, cpu_to_be16(proto), noencrypt, link_id,
15458 dont_wait_for_ack ? NULL : &cookie);
15459 if (!err && !dont_wait_for_ack)
15460 nl_set_extack_cookie_u64(info->extack, cookie);
15467 static int nl80211_get_ftm_responder_stats(struct sk_buff *skb,
15468 struct genl_info *info)
15470 struct cfg80211_registered_device *rdev = info->user_ptr[0];
15471 struct net_device *dev = info->user_ptr[1];
15472 struct wireless_dev *wdev = dev->ieee80211_ptr;
15473 struct cfg80211_ftm_responder_stats ftm_stats = {};
15474 unsigned int link_id = nl80211_link_id(info->attrs);
15475 struct sk_buff *msg;
15477 struct nlattr *ftm_stats_attr;
15480 if (wdev->iftype != NL80211_IFTYPE_AP ||
15481 !wdev->links[link_id].ap.beacon_interval)
15482 return -EOPNOTSUPP;
15484 err = rdev_get_ftm_responder_stats(rdev, dev, &ftm_stats);
15488 if (!ftm_stats.filled)
15491 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
15495 hdr = nl80211hdr_put(msg, info->snd_portid, info->snd_seq, 0,
15496 NL80211_CMD_GET_FTM_RESPONDER_STATS);
15498 goto nla_put_failure;
15500 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex))
15501 goto nla_put_failure;
15503 ftm_stats_attr = nla_nest_start_noflag(msg,
15504 NL80211_ATTR_FTM_RESPONDER_STATS);
15505 if (!ftm_stats_attr)
15506 goto nla_put_failure;
15508 #define SET_FTM(field, name, type) \
15509 do { if ((ftm_stats.filled & BIT(NL80211_FTM_STATS_ ## name)) && \
15510 nla_put_ ## type(msg, NL80211_FTM_STATS_ ## name, \
15511 ftm_stats.field)) \
15512 goto nla_put_failure; } while (0)
15513 #define SET_FTM_U64(field, name) \
15514 do { if ((ftm_stats.filled & BIT(NL80211_FTM_STATS_ ## name)) && \
15515 nla_put_u64_64bit(msg, NL80211_FTM_STATS_ ## name, \
15516 ftm_stats.field, NL80211_FTM_STATS_PAD)) \
15517 goto nla_put_failure; } while (0)
15519 SET_FTM(success_num, SUCCESS_NUM, u32);
15520 SET_FTM(partial_num, PARTIAL_NUM, u32);
15521 SET_FTM(failed_num, FAILED_NUM, u32);
15522 SET_FTM(asap_num, ASAP_NUM, u32);
15523 SET_FTM(non_asap_num, NON_ASAP_NUM, u32);
15524 SET_FTM_U64(total_duration_ms, TOTAL_DURATION_MSEC);
15525 SET_FTM(unknown_triggers_num, UNKNOWN_TRIGGERS_NUM, u32);
15526 SET_FTM(reschedule_requests_num, RESCHEDULE_REQUESTS_NUM, u32);
15527 SET_FTM(out_of_window_triggers_num, OUT_OF_WINDOW_TRIGGERS_NUM, u32);
15530 nla_nest_end(msg, ftm_stats_attr);
15532 genlmsg_end(msg, hdr);
15533 return genlmsg_reply(msg, info);
15540 static int nl80211_update_owe_info(struct sk_buff *skb, struct genl_info *info)
15542 struct cfg80211_registered_device *rdev = info->user_ptr[0];
15543 struct cfg80211_update_owe_info owe_info;
15544 struct net_device *dev = info->user_ptr[1];
15546 if (!rdev->ops->update_owe_info)
15547 return -EOPNOTSUPP;
15549 if (!info->attrs[NL80211_ATTR_STATUS_CODE] ||
15550 !info->attrs[NL80211_ATTR_MAC])
15553 memset(&owe_info, 0, sizeof(owe_info));
15554 owe_info.status = nla_get_u16(info->attrs[NL80211_ATTR_STATUS_CODE]);
15555 nla_memcpy(owe_info.peer, info->attrs[NL80211_ATTR_MAC], ETH_ALEN);
15557 if (info->attrs[NL80211_ATTR_IE]) {
15558 owe_info.ie = nla_data(info->attrs[NL80211_ATTR_IE]);
15559 owe_info.ie_len = nla_len(info->attrs[NL80211_ATTR_IE]);
15562 return rdev_update_owe_info(rdev, dev, &owe_info);
15565 static int nl80211_probe_mesh_link(struct sk_buff *skb, struct genl_info *info)
15567 struct cfg80211_registered_device *rdev = info->user_ptr[0];
15568 struct net_device *dev = info->user_ptr[1];
15569 struct wireless_dev *wdev = dev->ieee80211_ptr;
15570 struct station_info sinfo = {};
15576 if (!rdev->ops->probe_mesh_link || !rdev->ops->get_station)
15577 return -EOPNOTSUPP;
15579 if (!info->attrs[NL80211_ATTR_MAC] ||
15580 !info->attrs[NL80211_ATTR_FRAME]) {
15581 GENL_SET_ERR_MSG(info, "Frame or MAC missing");
15585 if (wdev->iftype != NL80211_IFTYPE_MESH_POINT)
15586 return -EOPNOTSUPP;
15588 dest = nla_data(info->attrs[NL80211_ATTR_MAC]);
15589 buf = nla_data(info->attrs[NL80211_ATTR_FRAME]);
15590 len = nla_len(info->attrs[NL80211_ATTR_FRAME]);
15592 if (len < sizeof(struct ethhdr))
15595 if (!ether_addr_equal(buf, dest) || is_multicast_ether_addr(buf) ||
15596 !ether_addr_equal(buf + ETH_ALEN, dev->dev_addr))
15599 err = rdev_get_station(rdev, dev, dest, &sinfo);
15603 cfg80211_sinfo_release_content(&sinfo);
15605 return rdev_probe_mesh_link(rdev, dev, dest, buf, len);
15608 static int parse_tid_conf(struct cfg80211_registered_device *rdev,
15609 struct nlattr *attrs[], struct net_device *dev,
15610 struct cfg80211_tid_cfg *tid_conf,
15611 struct genl_info *info, const u8 *peer,
15612 unsigned int link_id)
15614 struct netlink_ext_ack *extack = info->extack;
15618 if (!attrs[NL80211_TID_CONFIG_ATTR_TIDS])
15621 tid_conf->config_override =
15622 nla_get_flag(attrs[NL80211_TID_CONFIG_ATTR_OVERRIDE]);
15623 tid_conf->tids = nla_get_u16(attrs[NL80211_TID_CONFIG_ATTR_TIDS]);
15625 if (tid_conf->config_override) {
15626 if (rdev->ops->reset_tid_config) {
15627 err = rdev_reset_tid_config(rdev, dev, peer,
15636 if (attrs[NL80211_TID_CONFIG_ATTR_NOACK]) {
15637 tid_conf->mask |= BIT(NL80211_TID_CONFIG_ATTR_NOACK);
15639 nla_get_u8(attrs[NL80211_TID_CONFIG_ATTR_NOACK]);
15642 if (attrs[NL80211_TID_CONFIG_ATTR_RETRY_SHORT]) {
15643 tid_conf->mask |= BIT(NL80211_TID_CONFIG_ATTR_RETRY_SHORT);
15644 tid_conf->retry_short =
15645 nla_get_u8(attrs[NL80211_TID_CONFIG_ATTR_RETRY_SHORT]);
15647 if (tid_conf->retry_short > rdev->wiphy.max_data_retry_count)
15651 if (attrs[NL80211_TID_CONFIG_ATTR_RETRY_LONG]) {
15652 tid_conf->mask |= BIT(NL80211_TID_CONFIG_ATTR_RETRY_LONG);
15653 tid_conf->retry_long =
15654 nla_get_u8(attrs[NL80211_TID_CONFIG_ATTR_RETRY_LONG]);
15656 if (tid_conf->retry_long > rdev->wiphy.max_data_retry_count)
15660 if (attrs[NL80211_TID_CONFIG_ATTR_AMPDU_CTRL]) {
15661 tid_conf->mask |= BIT(NL80211_TID_CONFIG_ATTR_AMPDU_CTRL);
15663 nla_get_u8(attrs[NL80211_TID_CONFIG_ATTR_AMPDU_CTRL]);
15666 if (attrs[NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL]) {
15667 tid_conf->mask |= BIT(NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL);
15669 nla_get_u8(attrs[NL80211_TID_CONFIG_ATTR_RTSCTS_CTRL]);
15672 if (attrs[NL80211_TID_CONFIG_ATTR_AMSDU_CTRL]) {
15673 tid_conf->mask |= BIT(NL80211_TID_CONFIG_ATTR_AMSDU_CTRL);
15675 nla_get_u8(attrs[NL80211_TID_CONFIG_ATTR_AMSDU_CTRL]);
15678 if (attrs[NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE]) {
15679 u32 idx = NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE, attr;
15681 tid_conf->txrate_type = nla_get_u8(attrs[idx]);
15683 if (tid_conf->txrate_type != NL80211_TX_RATE_AUTOMATIC) {
15684 attr = NL80211_TID_CONFIG_ATTR_TX_RATE;
15685 err = nl80211_parse_tx_bitrate_mask(info, attrs, attr,
15686 &tid_conf->txrate_mask, dev,
15691 tid_conf->mask |= BIT(NL80211_TID_CONFIG_ATTR_TX_RATE);
15693 tid_conf->mask |= BIT(NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE);
15697 mask = rdev->wiphy.tid_config_support.peer;
15699 mask = rdev->wiphy.tid_config_support.vif;
15701 if (tid_conf->mask & ~mask) {
15702 NL_SET_ERR_MSG(extack, "unsupported TID configuration");
15709 static int nl80211_set_tid_config(struct sk_buff *skb,
15710 struct genl_info *info)
15712 struct cfg80211_registered_device *rdev = info->user_ptr[0];
15713 struct nlattr *attrs[NL80211_TID_CONFIG_ATTR_MAX + 1];
15714 unsigned int link_id = nl80211_link_id(info->attrs);
15715 struct net_device *dev = info->user_ptr[1];
15716 struct cfg80211_tid_config *tid_config;
15717 struct nlattr *tid;
15718 int conf_idx = 0, rem_conf;
15722 if (!info->attrs[NL80211_ATTR_TID_CONFIG])
15725 if (!rdev->ops->set_tid_config)
15726 return -EOPNOTSUPP;
15728 nla_for_each_nested(tid, info->attrs[NL80211_ATTR_TID_CONFIG],
15732 tid_config = kzalloc(struct_size(tid_config, tid_conf, num_conf),
15737 tid_config->n_tid_conf = num_conf;
15739 if (info->attrs[NL80211_ATTR_MAC])
15740 tid_config->peer = nla_data(info->attrs[NL80211_ATTR_MAC]);
15742 wdev_lock(dev->ieee80211_ptr);
15744 nla_for_each_nested(tid, info->attrs[NL80211_ATTR_TID_CONFIG],
15746 ret = nla_parse_nested(attrs, NL80211_TID_CONFIG_ATTR_MAX,
15752 ret = parse_tid_conf(rdev, attrs, dev,
15753 &tid_config->tid_conf[conf_idx],
15754 info, tid_config->peer, link_id);
15761 ret = rdev_set_tid_config(rdev, dev, tid_config);
15765 wdev_unlock(dev->ieee80211_ptr);
15769 static int nl80211_color_change(struct sk_buff *skb, struct genl_info *info)
15771 struct cfg80211_registered_device *rdev = info->user_ptr[0];
15772 struct cfg80211_color_change_settings params = {};
15773 struct net_device *dev = info->user_ptr[1];
15774 struct wireless_dev *wdev = dev->ieee80211_ptr;
15775 struct nlattr **tb;
15779 if (!rdev->ops->color_change)
15780 return -EOPNOTSUPP;
15782 if (!wiphy_ext_feature_isset(&rdev->wiphy,
15783 NL80211_EXT_FEATURE_BSS_COLOR))
15784 return -EOPNOTSUPP;
15786 if (wdev->iftype != NL80211_IFTYPE_AP)
15787 return -EOPNOTSUPP;
15789 if (!info->attrs[NL80211_ATTR_COLOR_CHANGE_COUNT] ||
15790 !info->attrs[NL80211_ATTR_COLOR_CHANGE_COLOR] ||
15791 !info->attrs[NL80211_ATTR_COLOR_CHANGE_ELEMS])
15794 params.count = nla_get_u8(info->attrs[NL80211_ATTR_COLOR_CHANGE_COUNT]);
15795 params.color = nla_get_u8(info->attrs[NL80211_ATTR_COLOR_CHANGE_COLOR]);
15797 err = nl80211_parse_beacon(rdev, info->attrs, ¶ms.beacon_next);
15801 tb = kcalloc(NL80211_ATTR_MAX + 1, sizeof(*tb), GFP_KERNEL);
15805 err = nla_parse_nested(tb, NL80211_ATTR_MAX,
15806 info->attrs[NL80211_ATTR_COLOR_CHANGE_ELEMS],
15807 nl80211_policy, info->extack);
15811 err = nl80211_parse_beacon(rdev, tb, ¶ms.beacon_color_change);
15815 if (!tb[NL80211_ATTR_CNTDWN_OFFS_BEACON]) {
15820 if (nla_len(tb[NL80211_ATTR_CNTDWN_OFFS_BEACON]) != sizeof(u16)) {
15825 offset = nla_get_u16(tb[NL80211_ATTR_CNTDWN_OFFS_BEACON]);
15826 if (offset >= params.beacon_color_change.tail_len) {
15831 if (params.beacon_color_change.tail[offset] != params.count) {
15836 params.counter_offset_beacon = offset;
15838 if (tb[NL80211_ATTR_CNTDWN_OFFS_PRESP]) {
15839 if (nla_len(tb[NL80211_ATTR_CNTDWN_OFFS_PRESP]) !=
15845 offset = nla_get_u16(tb[NL80211_ATTR_CNTDWN_OFFS_PRESP]);
15846 if (offset >= params.beacon_color_change.probe_resp_len) {
15851 if (params.beacon_color_change.probe_resp[offset] !=
15857 params.counter_offset_presp = offset;
15861 err = rdev_color_change(rdev, dev, ¶ms);
15865 kfree(params.beacon_next.mbssid_ies);
15866 kfree(params.beacon_color_change.mbssid_ies);
15871 static int nl80211_set_fils_aad(struct sk_buff *skb,
15872 struct genl_info *info)
15874 struct cfg80211_registered_device *rdev = info->user_ptr[0];
15875 struct net_device *dev = info->user_ptr[1];
15876 struct cfg80211_fils_aad fils_aad = {};
15879 if (!info->attrs[NL80211_ATTR_MAC] ||
15880 !info->attrs[NL80211_ATTR_FILS_KEK] ||
15881 !info->attrs[NL80211_ATTR_FILS_NONCES])
15884 fils_aad.macaddr = nla_data(info->attrs[NL80211_ATTR_MAC]);
15885 fils_aad.kek_len = nla_len(info->attrs[NL80211_ATTR_FILS_KEK]);
15886 fils_aad.kek = nla_data(info->attrs[NL80211_ATTR_FILS_KEK]);
15887 nonces = nla_data(info->attrs[NL80211_ATTR_FILS_NONCES]);
15888 fils_aad.snonce = nonces;
15889 fils_aad.anonce = nonces + FILS_NONCE_LEN;
15891 return rdev_set_fils_aad(rdev, dev, &fils_aad);
15894 static int nl80211_add_link(struct sk_buff *skb, struct genl_info *info)
15896 struct cfg80211_registered_device *rdev = info->user_ptr[0];
15897 unsigned int link_id = nl80211_link_id(info->attrs);
15898 struct net_device *dev = info->user_ptr[1];
15899 struct wireless_dev *wdev = dev->ieee80211_ptr;
15902 if (!(wdev->wiphy->flags & WIPHY_FLAG_SUPPORTS_MLO))
15905 switch (wdev->iftype) {
15906 case NL80211_IFTYPE_AP:
15912 if (!info->attrs[NL80211_ATTR_MAC] ||
15913 !is_valid_ether_addr(nla_data(info->attrs[NL80211_ATTR_MAC])))
15917 wdev->valid_links |= BIT(link_id);
15918 ether_addr_copy(wdev->links[link_id].addr,
15919 nla_data(info->attrs[NL80211_ATTR_MAC]));
15921 ret = rdev_add_intf_link(rdev, wdev, link_id);
15923 wdev->valid_links &= ~BIT(link_id);
15924 eth_zero_addr(wdev->links[link_id].addr);
15931 static int nl80211_remove_link(struct sk_buff *skb, struct genl_info *info)
15933 unsigned int link_id = nl80211_link_id(info->attrs);
15934 struct net_device *dev = info->user_ptr[1];
15935 struct wireless_dev *wdev = dev->ieee80211_ptr;
15937 /* cannot remove if there's no link */
15938 if (!info->attrs[NL80211_ATTR_MLO_LINK_ID])
15941 switch (wdev->iftype) {
15942 case NL80211_IFTYPE_AP:
15949 cfg80211_remove_link(wdev, link_id);
15956 nl80211_add_mod_link_station(struct sk_buff *skb, struct genl_info *info,
15959 struct link_station_parameters params = {};
15960 struct cfg80211_registered_device *rdev = info->user_ptr[0];
15961 struct net_device *dev = info->user_ptr[1];
15964 if ((add && !rdev->ops->add_link_station) ||
15965 (!add && !rdev->ops->mod_link_station))
15966 return -EOPNOTSUPP;
15968 if (add && !info->attrs[NL80211_ATTR_MAC])
15971 if (!info->attrs[NL80211_ATTR_MLD_ADDR])
15974 if (add && !info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES])
15977 params.mld_mac = nla_data(info->attrs[NL80211_ATTR_MLD_ADDR]);
15979 if (info->attrs[NL80211_ATTR_MAC]) {
15980 params.link_mac = nla_data(info->attrs[NL80211_ATTR_MAC]);
15981 if (!is_valid_ether_addr(params.link_mac))
15985 if (!info->attrs[NL80211_ATTR_MLO_LINK_ID])
15988 params.link_id = nla_get_u8(info->attrs[NL80211_ATTR_MLO_LINK_ID]);
15990 if (info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]) {
15991 params.supported_rates =
15992 nla_data(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
15993 params.supported_rates_len =
15994 nla_len(info->attrs[NL80211_ATTR_STA_SUPPORTED_RATES]);
15997 if (info->attrs[NL80211_ATTR_HT_CAPABILITY])
15999 nla_data(info->attrs[NL80211_ATTR_HT_CAPABILITY]);
16001 if (info->attrs[NL80211_ATTR_VHT_CAPABILITY])
16003 nla_data(info->attrs[NL80211_ATTR_VHT_CAPABILITY]);
16005 if (info->attrs[NL80211_ATTR_HE_CAPABILITY]) {
16007 nla_data(info->attrs[NL80211_ATTR_HE_CAPABILITY]);
16008 params.he_capa_len =
16009 nla_len(info->attrs[NL80211_ATTR_HE_CAPABILITY]);
16011 if (info->attrs[NL80211_ATTR_EHT_CAPABILITY]) {
16013 nla_data(info->attrs[NL80211_ATTR_EHT_CAPABILITY]);
16014 params.eht_capa_len =
16015 nla_len(info->attrs[NL80211_ATTR_EHT_CAPABILITY]);
16017 if (!ieee80211_eht_capa_size_ok((const u8 *)params.he_capa,
16018 (const u8 *)params.eht_capa,
16019 params.eht_capa_len,
16025 if (info->attrs[NL80211_ATTR_HE_6GHZ_CAPABILITY])
16026 params.he_6ghz_capa =
16027 nla_data(info->attrs[NL80211_ATTR_HE_6GHZ_CAPABILITY]);
16029 if (info->attrs[NL80211_ATTR_OPMODE_NOTIF]) {
16030 params.opmode_notif_used = true;
16031 params.opmode_notif =
16032 nla_get_u8(info->attrs[NL80211_ATTR_OPMODE_NOTIF]);
16035 err = nl80211_parse_sta_txpower_setting(info, ¶ms.txpwr,
16036 ¶ms.txpwr_set);
16040 wdev_lock(dev->ieee80211_ptr);
16042 err = rdev_add_link_station(rdev, dev, ¶ms);
16044 err = rdev_mod_link_station(rdev, dev, ¶ms);
16045 wdev_unlock(dev->ieee80211_ptr);
16051 nl80211_add_link_station(struct sk_buff *skb, struct genl_info *info)
16053 return nl80211_add_mod_link_station(skb, info, true);
16057 nl80211_modify_link_station(struct sk_buff *skb, struct genl_info *info)
16059 return nl80211_add_mod_link_station(skb, info, false);
16063 nl80211_remove_link_station(struct sk_buff *skb, struct genl_info *info)
16065 struct link_station_del_parameters params = {};
16066 struct cfg80211_registered_device *rdev = info->user_ptr[0];
16067 struct net_device *dev = info->user_ptr[1];
16070 if (!rdev->ops->del_link_station)
16071 return -EOPNOTSUPP;
16073 if (!info->attrs[NL80211_ATTR_MLD_ADDR] ||
16074 !info->attrs[NL80211_ATTR_MLO_LINK_ID])
16077 params.mld_mac = nla_data(info->attrs[NL80211_ATTR_MLD_ADDR]);
16078 params.link_id = nla_get_u8(info->attrs[NL80211_ATTR_MLO_LINK_ID]);
16080 wdev_lock(dev->ieee80211_ptr);
16081 ret = rdev_del_link_station(rdev, dev, ¶ms);
16082 wdev_unlock(dev->ieee80211_ptr);
16087 #define NL80211_FLAG_NEED_WIPHY 0x01
16088 #define NL80211_FLAG_NEED_NETDEV 0x02
16089 #define NL80211_FLAG_NEED_RTNL 0x04
16090 #define NL80211_FLAG_CHECK_NETDEV_UP 0x08
16091 #define NL80211_FLAG_NEED_NETDEV_UP (NL80211_FLAG_NEED_NETDEV |\
16092 NL80211_FLAG_CHECK_NETDEV_UP)
16093 #define NL80211_FLAG_NEED_WDEV 0x10
16094 /* If a netdev is associated, it must be UP, P2P must be started */
16095 #define NL80211_FLAG_NEED_WDEV_UP (NL80211_FLAG_NEED_WDEV |\
16096 NL80211_FLAG_CHECK_NETDEV_UP)
16097 #define NL80211_FLAG_CLEAR_SKB 0x20
16098 #define NL80211_FLAG_NO_WIPHY_MTX 0x40
16099 #define NL80211_FLAG_MLO_VALID_LINK_ID 0x80
16100 #define NL80211_FLAG_MLO_UNSUPPORTED 0x100
16102 #define INTERNAL_FLAG_SELECTORS(__sel) \
16103 SELECTOR(__sel, NONE, 0) /* must be first */ \
16104 SELECTOR(__sel, WIPHY, \
16105 NL80211_FLAG_NEED_WIPHY) \
16106 SELECTOR(__sel, WDEV, \
16107 NL80211_FLAG_NEED_WDEV) \
16108 SELECTOR(__sel, NETDEV, \
16109 NL80211_FLAG_NEED_NETDEV) \
16110 SELECTOR(__sel, NETDEV_LINK, \
16111 NL80211_FLAG_NEED_NETDEV | \
16112 NL80211_FLAG_MLO_VALID_LINK_ID) \
16113 SELECTOR(__sel, NETDEV_NO_MLO, \
16114 NL80211_FLAG_NEED_NETDEV | \
16115 NL80211_FLAG_MLO_UNSUPPORTED) \
16116 SELECTOR(__sel, WIPHY_RTNL, \
16117 NL80211_FLAG_NEED_WIPHY | \
16118 NL80211_FLAG_NEED_RTNL) \
16119 SELECTOR(__sel, WIPHY_RTNL_NOMTX, \
16120 NL80211_FLAG_NEED_WIPHY | \
16121 NL80211_FLAG_NEED_RTNL | \
16122 NL80211_FLAG_NO_WIPHY_MTX) \
16123 SELECTOR(__sel, WDEV_RTNL, \
16124 NL80211_FLAG_NEED_WDEV | \
16125 NL80211_FLAG_NEED_RTNL) \
16126 SELECTOR(__sel, NETDEV_RTNL, \
16127 NL80211_FLAG_NEED_NETDEV | \
16128 NL80211_FLAG_NEED_RTNL) \
16129 SELECTOR(__sel, NETDEV_UP, \
16130 NL80211_FLAG_NEED_NETDEV_UP) \
16131 SELECTOR(__sel, NETDEV_UP_LINK, \
16132 NL80211_FLAG_NEED_NETDEV_UP | \
16133 NL80211_FLAG_MLO_VALID_LINK_ID) \
16134 SELECTOR(__sel, NETDEV_UP_NO_MLO, \
16135 NL80211_FLAG_NEED_NETDEV_UP | \
16136 NL80211_FLAG_MLO_UNSUPPORTED) \
16137 SELECTOR(__sel, NETDEV_UP_NO_MLO_CLEAR, \
16138 NL80211_FLAG_NEED_NETDEV_UP | \
16139 NL80211_FLAG_CLEAR_SKB | \
16140 NL80211_FLAG_MLO_UNSUPPORTED) \
16141 SELECTOR(__sel, NETDEV_UP_NOTMX, \
16142 NL80211_FLAG_NEED_NETDEV_UP | \
16143 NL80211_FLAG_NO_WIPHY_MTX) \
16144 SELECTOR(__sel, NETDEV_UP_NOTMX_NOMLO, \
16145 NL80211_FLAG_NEED_NETDEV_UP | \
16146 NL80211_FLAG_NO_WIPHY_MTX | \
16147 NL80211_FLAG_MLO_UNSUPPORTED) \
16148 SELECTOR(__sel, NETDEV_UP_CLEAR, \
16149 NL80211_FLAG_NEED_NETDEV_UP | \
16150 NL80211_FLAG_CLEAR_SKB) \
16151 SELECTOR(__sel, WDEV_UP, \
16152 NL80211_FLAG_NEED_WDEV_UP) \
16153 SELECTOR(__sel, WDEV_UP_LINK, \
16154 NL80211_FLAG_NEED_WDEV_UP | \
16155 NL80211_FLAG_MLO_VALID_LINK_ID) \
16156 SELECTOR(__sel, WDEV_UP_RTNL, \
16157 NL80211_FLAG_NEED_WDEV_UP | \
16158 NL80211_FLAG_NEED_RTNL) \
16159 SELECTOR(__sel, WIPHY_CLEAR, \
16160 NL80211_FLAG_NEED_WIPHY | \
16161 NL80211_FLAG_CLEAR_SKB)
16163 enum nl80211_internal_flags_selector {
16164 #define SELECTOR(_, name, value) NL80211_IFL_SEL_##name,
16165 INTERNAL_FLAG_SELECTORS(_)
16169 static u32 nl80211_internal_flags[] = {
16170 #define SELECTOR(_, name, value) [NL80211_IFL_SEL_##name] = value,
16171 INTERNAL_FLAG_SELECTORS(_)
16175 static int nl80211_pre_doit(const struct genl_ops *ops, struct sk_buff *skb,
16176 struct genl_info *info)
16178 struct cfg80211_registered_device *rdev = NULL;
16179 struct wireless_dev *wdev = NULL;
16180 struct net_device *dev = NULL;
16181 u32 internal_flags;
16184 if (WARN_ON(ops->internal_flags >= ARRAY_SIZE(nl80211_internal_flags)))
16187 internal_flags = nl80211_internal_flags[ops->internal_flags];
16190 if (internal_flags & NL80211_FLAG_NEED_WIPHY) {
16191 rdev = cfg80211_get_dev_from_info(genl_info_net(info), info);
16192 if (IS_ERR(rdev)) {
16193 err = PTR_ERR(rdev);
16196 info->user_ptr[0] = rdev;
16197 } else if (internal_flags & NL80211_FLAG_NEED_NETDEV ||
16198 internal_flags & NL80211_FLAG_NEED_WDEV) {
16199 wdev = __cfg80211_wdev_from_attrs(NULL, genl_info_net(info),
16201 if (IS_ERR(wdev)) {
16202 err = PTR_ERR(wdev);
16206 dev = wdev->netdev;
16208 rdev = wiphy_to_rdev(wdev->wiphy);
16210 if (internal_flags & NL80211_FLAG_NEED_NETDEV) {
16216 info->user_ptr[1] = dev;
16218 info->user_ptr[1] = wdev;
16221 if (internal_flags & NL80211_FLAG_CHECK_NETDEV_UP &&
16222 !wdev_running(wdev)) {
16227 info->user_ptr[0] = rdev;
16230 if (internal_flags & NL80211_FLAG_MLO_VALID_LINK_ID) {
16231 struct nlattr *link_id = info->attrs[NL80211_ATTR_MLO_LINK_ID];
16238 /* MLO -> require valid link ID */
16239 if (wdev->valid_links &&
16241 !(wdev->valid_links & BIT(nla_get_u8(link_id))))) {
16246 /* non-MLO -> no link ID attribute accepted */
16247 if (!wdev->valid_links && link_id) {
16253 if (internal_flags & NL80211_FLAG_MLO_UNSUPPORTED) {
16254 if (info->attrs[NL80211_ATTR_MLO_LINK_ID] ||
16255 (wdev && wdev->valid_links)) {
16261 if (rdev && !(internal_flags & NL80211_FLAG_NO_WIPHY_MTX)) {
16262 wiphy_lock(&rdev->wiphy);
16263 /* we keep the mutex locked until post_doit */
16264 __release(&rdev->wiphy.mtx);
16266 if (!(internal_flags & NL80211_FLAG_NEED_RTNL))
16276 static void nl80211_post_doit(const struct genl_ops *ops, struct sk_buff *skb,
16277 struct genl_info *info)
16279 u32 internal_flags = nl80211_internal_flags[ops->internal_flags];
16281 if (info->user_ptr[1]) {
16282 if (internal_flags & NL80211_FLAG_NEED_WDEV) {
16283 struct wireless_dev *wdev = info->user_ptr[1];
16285 dev_put(wdev->netdev);
16287 dev_put(info->user_ptr[1]);
16291 if (info->user_ptr[0] &&
16292 !(internal_flags & NL80211_FLAG_NO_WIPHY_MTX)) {
16293 struct cfg80211_registered_device *rdev = info->user_ptr[0];
16295 /* we kept the mutex locked since pre_doit */
16296 __acquire(&rdev->wiphy.mtx);
16297 wiphy_unlock(&rdev->wiphy);
16300 if (internal_flags & NL80211_FLAG_NEED_RTNL)
16303 /* If needed, clear the netlink message payload from the SKB
16304 * as it might contain key data that shouldn't stick around on
16305 * the heap after the SKB is freed. The netlink message header
16306 * is still needed for further processing, so leave it intact.
16308 if (internal_flags & NL80211_FLAG_CLEAR_SKB) {
16309 struct nlmsghdr *nlh = nlmsg_hdr(skb);
16311 memset(nlmsg_data(nlh), 0, nlmsg_len(nlh));
16315 static int nl80211_set_sar_sub_specs(struct cfg80211_registered_device *rdev,
16316 struct cfg80211_sar_specs *sar_specs,
16317 struct nlattr *spec[], int index)
16319 u32 range_index, i;
16321 if (!sar_specs || !spec)
16324 if (!spec[NL80211_SAR_ATTR_SPECS_POWER] ||
16325 !spec[NL80211_SAR_ATTR_SPECS_RANGE_INDEX])
16328 range_index = nla_get_u32(spec[NL80211_SAR_ATTR_SPECS_RANGE_INDEX]);
16330 /* check if range_index exceeds num_freq_ranges */
16331 if (range_index >= rdev->wiphy.sar_capa->num_freq_ranges)
16334 /* check if range_index duplicates */
16335 for (i = 0; i < index; i++) {
16336 if (sar_specs->sub_specs[i].freq_range_index == range_index)
16340 sar_specs->sub_specs[index].power =
16341 nla_get_s32(spec[NL80211_SAR_ATTR_SPECS_POWER]);
16343 sar_specs->sub_specs[index].freq_range_index = range_index;
16348 static int nl80211_set_sar_specs(struct sk_buff *skb, struct genl_info *info)
16350 struct cfg80211_registered_device *rdev = info->user_ptr[0];
16351 struct nlattr *spec[NL80211_SAR_ATTR_SPECS_MAX + 1];
16352 struct nlattr *tb[NL80211_SAR_ATTR_MAX + 1];
16353 struct cfg80211_sar_specs *sar_spec;
16354 enum nl80211_sar_type type;
16355 struct nlattr *spec_list;
16359 if (!rdev->wiphy.sar_capa || !rdev->ops->set_sar_specs)
16360 return -EOPNOTSUPP;
16362 if (!info->attrs[NL80211_ATTR_SAR_SPEC])
16365 nla_parse_nested(tb, NL80211_SAR_ATTR_MAX,
16366 info->attrs[NL80211_ATTR_SAR_SPEC],
16369 if (!tb[NL80211_SAR_ATTR_TYPE] || !tb[NL80211_SAR_ATTR_SPECS])
16372 type = nla_get_u32(tb[NL80211_SAR_ATTR_TYPE]);
16373 if (type != rdev->wiphy.sar_capa->type)
16377 nla_for_each_nested(spec_list, tb[NL80211_SAR_ATTR_SPECS], rem)
16380 if (specs > rdev->wiphy.sar_capa->num_freq_ranges)
16383 sar_spec = kzalloc(struct_size(sar_spec, sub_specs, specs), GFP_KERNEL);
16387 sar_spec->type = type;
16389 nla_for_each_nested(spec_list, tb[NL80211_SAR_ATTR_SPECS], rem) {
16390 nla_parse_nested(spec, NL80211_SAR_ATTR_SPECS_MAX,
16391 spec_list, NULL, NULL);
16394 case NL80211_SAR_TYPE_POWER:
16395 if (nl80211_set_sar_sub_specs(rdev, sar_spec,
16408 sar_spec->num_sub_specs = specs;
16410 rdev->cur_cmd_info = info;
16411 err = rdev_set_sar_specs(rdev, sar_spec);
16412 rdev->cur_cmd_info = NULL;
16418 #define SELECTOR(__sel, name, value) \
16419 ((__sel) == (value)) ? NL80211_IFL_SEL_##name :
16420 int __missing_selector(void);
16421 #define IFLAGS(__val) INTERNAL_FLAG_SELECTORS(__val) __missing_selector()
16423 static const struct genl_ops nl80211_ops[] = {
16425 .cmd = NL80211_CMD_GET_WIPHY,
16426 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16427 .doit = nl80211_get_wiphy,
16428 .dumpit = nl80211_dump_wiphy,
16429 .done = nl80211_dump_wiphy_done,
16430 /* can be retrieved by unprivileged users */
16431 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WIPHY),
16435 static const struct genl_small_ops nl80211_small_ops[] = {
16437 .cmd = NL80211_CMD_SET_WIPHY,
16438 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16439 .doit = nl80211_set_wiphy,
16440 .flags = GENL_UNS_ADMIN_PERM,
16443 .cmd = NL80211_CMD_GET_INTERFACE,
16444 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16445 .doit = nl80211_get_interface,
16446 .dumpit = nl80211_dump_interface,
16447 /* can be retrieved by unprivileged users */
16448 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV),
16451 .cmd = NL80211_CMD_SET_INTERFACE,
16452 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16453 .doit = nl80211_set_interface,
16454 .flags = GENL_UNS_ADMIN_PERM,
16455 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV |
16456 NL80211_FLAG_NEED_RTNL),
16459 .cmd = NL80211_CMD_NEW_INTERFACE,
16460 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16461 .doit = nl80211_new_interface,
16462 .flags = GENL_UNS_ADMIN_PERM,
16464 IFLAGS(NL80211_FLAG_NEED_WIPHY |
16465 NL80211_FLAG_NEED_RTNL |
16466 /* we take the wiphy mutex later ourselves */
16467 NL80211_FLAG_NO_WIPHY_MTX),
16470 .cmd = NL80211_CMD_DEL_INTERFACE,
16471 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16472 .doit = nl80211_del_interface,
16473 .flags = GENL_UNS_ADMIN_PERM,
16474 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV |
16475 NL80211_FLAG_NEED_RTNL),
16478 .cmd = NL80211_CMD_GET_KEY,
16479 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16480 .doit = nl80211_get_key,
16481 .flags = GENL_UNS_ADMIN_PERM,
16482 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16485 .cmd = NL80211_CMD_SET_KEY,
16486 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16487 .doit = nl80211_set_key,
16488 .flags = GENL_UNS_ADMIN_PERM,
16489 /* cannot use NL80211_FLAG_MLO_VALID_LINK_ID, depends on key */
16490 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
16491 NL80211_FLAG_CLEAR_SKB),
16494 .cmd = NL80211_CMD_NEW_KEY,
16495 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16496 .doit = nl80211_new_key,
16497 .flags = GENL_UNS_ADMIN_PERM,
16498 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
16499 NL80211_FLAG_CLEAR_SKB),
16502 .cmd = NL80211_CMD_DEL_KEY,
16503 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16504 .doit = nl80211_del_key,
16505 .flags = GENL_UNS_ADMIN_PERM,
16506 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16509 .cmd = NL80211_CMD_SET_BEACON,
16510 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16511 .flags = GENL_UNS_ADMIN_PERM,
16512 .doit = nl80211_set_beacon,
16513 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
16514 NL80211_FLAG_MLO_VALID_LINK_ID),
16517 .cmd = NL80211_CMD_START_AP,
16518 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16519 .flags = GENL_UNS_ADMIN_PERM,
16520 .doit = nl80211_start_ap,
16521 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
16522 NL80211_FLAG_MLO_VALID_LINK_ID),
16525 .cmd = NL80211_CMD_STOP_AP,
16526 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16527 .flags = GENL_UNS_ADMIN_PERM,
16528 .doit = nl80211_stop_ap,
16529 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
16530 NL80211_FLAG_MLO_VALID_LINK_ID),
16533 .cmd = NL80211_CMD_GET_STATION,
16534 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16535 .doit = nl80211_get_station,
16536 .dumpit = nl80211_dump_station,
16537 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV),
16540 .cmd = NL80211_CMD_SET_STATION,
16541 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16542 .doit = nl80211_set_station,
16543 .flags = GENL_UNS_ADMIN_PERM,
16544 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16547 .cmd = NL80211_CMD_NEW_STATION,
16548 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16549 .doit = nl80211_new_station,
16550 .flags = GENL_UNS_ADMIN_PERM,
16551 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16554 .cmd = NL80211_CMD_DEL_STATION,
16555 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16556 .doit = nl80211_del_station,
16557 .flags = GENL_UNS_ADMIN_PERM,
16558 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16561 .cmd = NL80211_CMD_GET_MPATH,
16562 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16563 .doit = nl80211_get_mpath,
16564 .dumpit = nl80211_dump_mpath,
16565 .flags = GENL_UNS_ADMIN_PERM,
16566 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16569 .cmd = NL80211_CMD_GET_MPP,
16570 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16571 .doit = nl80211_get_mpp,
16572 .dumpit = nl80211_dump_mpp,
16573 .flags = GENL_UNS_ADMIN_PERM,
16574 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16577 .cmd = NL80211_CMD_SET_MPATH,
16578 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16579 .doit = nl80211_set_mpath,
16580 .flags = GENL_UNS_ADMIN_PERM,
16581 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16584 .cmd = NL80211_CMD_NEW_MPATH,
16585 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16586 .doit = nl80211_new_mpath,
16587 .flags = GENL_UNS_ADMIN_PERM,
16588 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16591 .cmd = NL80211_CMD_DEL_MPATH,
16592 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16593 .doit = nl80211_del_mpath,
16594 .flags = GENL_UNS_ADMIN_PERM,
16595 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16598 .cmd = NL80211_CMD_SET_BSS,
16599 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16600 .doit = nl80211_set_bss,
16601 .flags = GENL_UNS_ADMIN_PERM,
16602 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16605 .cmd = NL80211_CMD_GET_REG,
16606 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16607 .doit = nl80211_get_reg_do,
16608 .dumpit = nl80211_get_reg_dump,
16609 /* can be retrieved by unprivileged users */
16611 #ifdef CONFIG_CFG80211_CRDA_SUPPORT
16613 .cmd = NL80211_CMD_SET_REG,
16614 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16615 .doit = nl80211_set_reg,
16616 .flags = GENL_ADMIN_PERM,
16620 .cmd = NL80211_CMD_REQ_SET_REG,
16621 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16622 .doit = nl80211_req_set_reg,
16623 .flags = GENL_ADMIN_PERM,
16626 .cmd = NL80211_CMD_RELOAD_REGDB,
16627 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16628 .doit = nl80211_reload_regdb,
16629 .flags = GENL_ADMIN_PERM,
16632 .cmd = NL80211_CMD_GET_MESH_CONFIG,
16633 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16634 .doit = nl80211_get_mesh_config,
16635 /* can be retrieved by unprivileged users */
16636 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16639 .cmd = NL80211_CMD_SET_MESH_CONFIG,
16640 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16641 .doit = nl80211_update_mesh_config,
16642 .flags = GENL_UNS_ADMIN_PERM,
16643 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16646 .cmd = NL80211_CMD_TRIGGER_SCAN,
16647 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16648 .doit = nl80211_trigger_scan,
16649 .flags = GENL_UNS_ADMIN_PERM,
16650 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP),
16653 .cmd = NL80211_CMD_ABORT_SCAN,
16654 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16655 .doit = nl80211_abort_scan,
16656 .flags = GENL_UNS_ADMIN_PERM,
16657 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP),
16660 .cmd = NL80211_CMD_GET_SCAN,
16661 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16662 .dumpit = nl80211_dump_scan,
16665 .cmd = NL80211_CMD_START_SCHED_SCAN,
16666 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16667 .doit = nl80211_start_sched_scan,
16668 .flags = GENL_UNS_ADMIN_PERM,
16669 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16672 .cmd = NL80211_CMD_STOP_SCHED_SCAN,
16673 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16674 .doit = nl80211_stop_sched_scan,
16675 .flags = GENL_UNS_ADMIN_PERM,
16676 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16679 .cmd = NL80211_CMD_AUTHENTICATE,
16680 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16681 .doit = nl80211_authenticate,
16682 .flags = GENL_UNS_ADMIN_PERM,
16683 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
16684 NL80211_FLAG_CLEAR_SKB),
16687 .cmd = NL80211_CMD_ASSOCIATE,
16688 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16689 .doit = nl80211_associate,
16690 .flags = GENL_UNS_ADMIN_PERM,
16691 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
16692 NL80211_FLAG_CLEAR_SKB),
16695 .cmd = NL80211_CMD_DEAUTHENTICATE,
16696 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16697 .doit = nl80211_deauthenticate,
16698 .flags = GENL_UNS_ADMIN_PERM,
16699 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16702 .cmd = NL80211_CMD_DISASSOCIATE,
16703 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16704 .doit = nl80211_disassociate,
16705 .flags = GENL_UNS_ADMIN_PERM,
16706 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16709 .cmd = NL80211_CMD_JOIN_IBSS,
16710 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16711 .doit = nl80211_join_ibss,
16712 .flags = GENL_UNS_ADMIN_PERM,
16713 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16716 .cmd = NL80211_CMD_LEAVE_IBSS,
16717 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16718 .doit = nl80211_leave_ibss,
16719 .flags = GENL_UNS_ADMIN_PERM,
16720 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16722 #ifdef CONFIG_NL80211_TESTMODE
16724 .cmd = NL80211_CMD_TESTMODE,
16725 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16726 .doit = nl80211_testmode_do,
16727 .dumpit = nl80211_testmode_dump,
16728 .flags = GENL_UNS_ADMIN_PERM,
16729 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WIPHY),
16733 .cmd = NL80211_CMD_CONNECT,
16734 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16735 .doit = nl80211_connect,
16736 .flags = GENL_UNS_ADMIN_PERM,
16737 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
16738 NL80211_FLAG_CLEAR_SKB),
16741 .cmd = NL80211_CMD_UPDATE_CONNECT_PARAMS,
16742 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16743 .doit = nl80211_update_connect_params,
16744 .flags = GENL_ADMIN_PERM,
16745 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
16746 NL80211_FLAG_CLEAR_SKB),
16749 .cmd = NL80211_CMD_DISCONNECT,
16750 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16751 .doit = nl80211_disconnect,
16752 .flags = GENL_UNS_ADMIN_PERM,
16753 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16756 .cmd = NL80211_CMD_SET_WIPHY_NETNS,
16757 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16758 .doit = nl80211_wiphy_netns,
16759 .flags = GENL_UNS_ADMIN_PERM,
16760 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WIPHY |
16761 NL80211_FLAG_NEED_RTNL |
16762 NL80211_FLAG_NO_WIPHY_MTX),
16765 .cmd = NL80211_CMD_GET_SURVEY,
16766 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16767 .dumpit = nl80211_dump_survey,
16770 .cmd = NL80211_CMD_SET_PMKSA,
16771 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16772 .doit = nl80211_setdel_pmksa,
16773 .flags = GENL_UNS_ADMIN_PERM,
16774 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
16775 NL80211_FLAG_CLEAR_SKB),
16778 .cmd = NL80211_CMD_DEL_PMKSA,
16779 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16780 .doit = nl80211_setdel_pmksa,
16781 .flags = GENL_UNS_ADMIN_PERM,
16782 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16785 .cmd = NL80211_CMD_FLUSH_PMKSA,
16786 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16787 .doit = nl80211_flush_pmksa,
16788 .flags = GENL_UNS_ADMIN_PERM,
16789 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16792 .cmd = NL80211_CMD_REMAIN_ON_CHANNEL,
16793 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16794 .doit = nl80211_remain_on_channel,
16795 .flags = GENL_UNS_ADMIN_PERM,
16796 /* FIXME: requiring a link ID here is probably not good */
16797 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP |
16798 NL80211_FLAG_MLO_VALID_LINK_ID),
16801 .cmd = NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL,
16802 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16803 .doit = nl80211_cancel_remain_on_channel,
16804 .flags = GENL_UNS_ADMIN_PERM,
16805 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP),
16808 .cmd = NL80211_CMD_SET_TX_BITRATE_MASK,
16809 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16810 .doit = nl80211_set_tx_bitrate_mask,
16811 .flags = GENL_UNS_ADMIN_PERM,
16812 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV |
16813 NL80211_FLAG_MLO_VALID_LINK_ID),
16816 .cmd = NL80211_CMD_REGISTER_FRAME,
16817 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16818 .doit = nl80211_register_mgmt,
16819 .flags = GENL_UNS_ADMIN_PERM,
16820 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV),
16823 .cmd = NL80211_CMD_FRAME,
16824 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16825 .doit = nl80211_tx_mgmt,
16826 .flags = GENL_UNS_ADMIN_PERM,
16827 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP),
16830 .cmd = NL80211_CMD_FRAME_WAIT_CANCEL,
16831 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16832 .doit = nl80211_tx_mgmt_cancel_wait,
16833 .flags = GENL_UNS_ADMIN_PERM,
16834 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP),
16837 .cmd = NL80211_CMD_SET_POWER_SAVE,
16838 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16839 .doit = nl80211_set_power_save,
16840 .flags = GENL_UNS_ADMIN_PERM,
16841 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV),
16844 .cmd = NL80211_CMD_GET_POWER_SAVE,
16845 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16846 .doit = nl80211_get_power_save,
16847 /* can be retrieved by unprivileged users */
16848 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV),
16851 .cmd = NL80211_CMD_SET_CQM,
16852 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16853 .doit = nl80211_set_cqm,
16854 .flags = GENL_UNS_ADMIN_PERM,
16855 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV),
16858 .cmd = NL80211_CMD_SET_CHANNEL,
16859 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16860 .doit = nl80211_set_channel,
16861 .flags = GENL_UNS_ADMIN_PERM,
16862 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV |
16863 NL80211_FLAG_MLO_VALID_LINK_ID),
16866 .cmd = NL80211_CMD_JOIN_MESH,
16867 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16868 .doit = nl80211_join_mesh,
16869 .flags = GENL_UNS_ADMIN_PERM,
16870 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16873 .cmd = NL80211_CMD_LEAVE_MESH,
16874 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16875 .doit = nl80211_leave_mesh,
16876 .flags = GENL_UNS_ADMIN_PERM,
16877 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16880 .cmd = NL80211_CMD_JOIN_OCB,
16881 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16882 .doit = nl80211_join_ocb,
16883 .flags = GENL_UNS_ADMIN_PERM,
16884 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16887 .cmd = NL80211_CMD_LEAVE_OCB,
16888 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16889 .doit = nl80211_leave_ocb,
16890 .flags = GENL_UNS_ADMIN_PERM,
16891 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16895 .cmd = NL80211_CMD_GET_WOWLAN,
16896 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16897 .doit = nl80211_get_wowlan,
16898 /* can be retrieved by unprivileged users */
16899 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WIPHY),
16902 .cmd = NL80211_CMD_SET_WOWLAN,
16903 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16904 .doit = nl80211_set_wowlan,
16905 .flags = GENL_UNS_ADMIN_PERM,
16906 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WIPHY),
16910 .cmd = NL80211_CMD_SET_REKEY_OFFLOAD,
16911 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16912 .doit = nl80211_set_rekey_data,
16913 .flags = GENL_UNS_ADMIN_PERM,
16914 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
16915 NL80211_FLAG_CLEAR_SKB),
16918 .cmd = NL80211_CMD_TDLS_MGMT,
16919 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16920 .doit = nl80211_tdls_mgmt,
16921 .flags = GENL_UNS_ADMIN_PERM,
16922 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16925 .cmd = NL80211_CMD_TDLS_OPER,
16926 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16927 .doit = nl80211_tdls_oper,
16928 .flags = GENL_UNS_ADMIN_PERM,
16929 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16932 .cmd = NL80211_CMD_UNEXPECTED_FRAME,
16933 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16934 .doit = nl80211_register_unexpected_frame,
16935 .flags = GENL_UNS_ADMIN_PERM,
16936 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV),
16939 .cmd = NL80211_CMD_PROBE_CLIENT,
16940 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16941 .doit = nl80211_probe_client,
16942 .flags = GENL_UNS_ADMIN_PERM,
16943 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
16946 .cmd = NL80211_CMD_REGISTER_BEACONS,
16947 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16948 .doit = nl80211_register_beacons,
16949 .flags = GENL_UNS_ADMIN_PERM,
16950 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WIPHY),
16953 .cmd = NL80211_CMD_SET_NOACK_MAP,
16954 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16955 .doit = nl80211_set_noack_map,
16956 .flags = GENL_UNS_ADMIN_PERM,
16957 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV),
16960 .cmd = NL80211_CMD_START_P2P_DEVICE,
16961 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16962 .doit = nl80211_start_p2p_device,
16963 .flags = GENL_UNS_ADMIN_PERM,
16964 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV |
16965 NL80211_FLAG_NEED_RTNL),
16968 .cmd = NL80211_CMD_STOP_P2P_DEVICE,
16969 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16970 .doit = nl80211_stop_p2p_device,
16971 .flags = GENL_UNS_ADMIN_PERM,
16972 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP |
16973 NL80211_FLAG_NEED_RTNL),
16976 .cmd = NL80211_CMD_START_NAN,
16977 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16978 .doit = nl80211_start_nan,
16979 .flags = GENL_ADMIN_PERM,
16980 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV |
16981 NL80211_FLAG_NEED_RTNL),
16984 .cmd = NL80211_CMD_STOP_NAN,
16985 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16986 .doit = nl80211_stop_nan,
16987 .flags = GENL_ADMIN_PERM,
16988 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP |
16989 NL80211_FLAG_NEED_RTNL),
16992 .cmd = NL80211_CMD_ADD_NAN_FUNCTION,
16993 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
16994 .doit = nl80211_nan_add_func,
16995 .flags = GENL_ADMIN_PERM,
16996 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP),
16999 .cmd = NL80211_CMD_DEL_NAN_FUNCTION,
17000 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17001 .doit = nl80211_nan_del_func,
17002 .flags = GENL_ADMIN_PERM,
17003 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP),
17006 .cmd = NL80211_CMD_CHANGE_NAN_CONFIG,
17007 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17008 .doit = nl80211_nan_change_config,
17009 .flags = GENL_ADMIN_PERM,
17010 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP),
17013 .cmd = NL80211_CMD_SET_MCAST_RATE,
17014 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17015 .doit = nl80211_set_mcast_rate,
17016 .flags = GENL_UNS_ADMIN_PERM,
17017 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV),
17020 .cmd = NL80211_CMD_SET_MAC_ACL,
17021 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17022 .doit = nl80211_set_mac_acl,
17023 .flags = GENL_UNS_ADMIN_PERM,
17024 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV |
17025 NL80211_FLAG_MLO_UNSUPPORTED),
17028 .cmd = NL80211_CMD_RADAR_DETECT,
17029 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17030 .doit = nl80211_start_radar_detection,
17031 .flags = GENL_UNS_ADMIN_PERM,
17032 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
17033 NL80211_FLAG_NO_WIPHY_MTX |
17034 NL80211_FLAG_MLO_UNSUPPORTED),
17037 .cmd = NL80211_CMD_GET_PROTOCOL_FEATURES,
17038 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17039 .doit = nl80211_get_protocol_features,
17042 .cmd = NL80211_CMD_UPDATE_FT_IES,
17043 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17044 .doit = nl80211_update_ft_ies,
17045 .flags = GENL_UNS_ADMIN_PERM,
17046 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
17049 .cmd = NL80211_CMD_CRIT_PROTOCOL_START,
17050 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17051 .doit = nl80211_crit_protocol_start,
17052 .flags = GENL_UNS_ADMIN_PERM,
17053 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP),
17056 .cmd = NL80211_CMD_CRIT_PROTOCOL_STOP,
17057 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17058 .doit = nl80211_crit_protocol_stop,
17059 .flags = GENL_UNS_ADMIN_PERM,
17060 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP),
17063 .cmd = NL80211_CMD_GET_COALESCE,
17064 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17065 .doit = nl80211_get_coalesce,
17066 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WIPHY),
17069 .cmd = NL80211_CMD_SET_COALESCE,
17070 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17071 .doit = nl80211_set_coalesce,
17072 .flags = GENL_UNS_ADMIN_PERM,
17073 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WIPHY),
17076 .cmd = NL80211_CMD_CHANNEL_SWITCH,
17077 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17078 .doit = nl80211_channel_switch,
17079 .flags = GENL_UNS_ADMIN_PERM,
17080 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
17081 NL80211_FLAG_MLO_VALID_LINK_ID),
17084 .cmd = NL80211_CMD_VENDOR,
17085 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17086 .doit = nl80211_vendor_cmd,
17087 .dumpit = nl80211_vendor_cmd_dump,
17088 .flags = GENL_UNS_ADMIN_PERM,
17089 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WIPHY |
17090 NL80211_FLAG_CLEAR_SKB),
17093 .cmd = NL80211_CMD_SET_QOS_MAP,
17094 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17095 .doit = nl80211_set_qos_map,
17096 .flags = GENL_UNS_ADMIN_PERM,
17097 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
17100 .cmd = NL80211_CMD_ADD_TX_TS,
17101 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17102 .doit = nl80211_add_tx_ts,
17103 .flags = GENL_UNS_ADMIN_PERM,
17104 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
17105 NL80211_FLAG_MLO_UNSUPPORTED),
17108 .cmd = NL80211_CMD_DEL_TX_TS,
17109 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17110 .doit = nl80211_del_tx_ts,
17111 .flags = GENL_UNS_ADMIN_PERM,
17112 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
17115 .cmd = NL80211_CMD_TDLS_CHANNEL_SWITCH,
17116 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17117 .doit = nl80211_tdls_channel_switch,
17118 .flags = GENL_UNS_ADMIN_PERM,
17119 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
17122 .cmd = NL80211_CMD_TDLS_CANCEL_CHANNEL_SWITCH,
17123 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17124 .doit = nl80211_tdls_cancel_channel_switch,
17125 .flags = GENL_UNS_ADMIN_PERM,
17126 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
17129 .cmd = NL80211_CMD_SET_MULTICAST_TO_UNICAST,
17130 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17131 .doit = nl80211_set_multicast_to_unicast,
17132 .flags = GENL_UNS_ADMIN_PERM,
17133 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV),
17136 .cmd = NL80211_CMD_SET_PMK,
17137 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17138 .doit = nl80211_set_pmk,
17139 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
17140 NL80211_FLAG_CLEAR_SKB),
17143 .cmd = NL80211_CMD_DEL_PMK,
17144 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17145 .doit = nl80211_del_pmk,
17146 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
17149 .cmd = NL80211_CMD_EXTERNAL_AUTH,
17150 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17151 .doit = nl80211_external_auth,
17152 .flags = GENL_ADMIN_PERM,
17153 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
17156 .cmd = NL80211_CMD_CONTROL_PORT_FRAME,
17157 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17158 .doit = nl80211_tx_control_port,
17159 .flags = GENL_UNS_ADMIN_PERM,
17160 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
17163 .cmd = NL80211_CMD_GET_FTM_RESPONDER_STATS,
17164 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17165 .doit = nl80211_get_ftm_responder_stats,
17166 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV |
17167 NL80211_FLAG_MLO_VALID_LINK_ID),
17170 .cmd = NL80211_CMD_PEER_MEASUREMENT_START,
17171 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17172 .doit = nl80211_pmsr_start,
17173 .flags = GENL_UNS_ADMIN_PERM,
17174 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WDEV_UP),
17177 .cmd = NL80211_CMD_NOTIFY_RADAR,
17178 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17179 .doit = nl80211_notify_radar_detection,
17180 .flags = GENL_UNS_ADMIN_PERM,
17181 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
17184 .cmd = NL80211_CMD_UPDATE_OWE_INFO,
17185 .doit = nl80211_update_owe_info,
17186 .flags = GENL_ADMIN_PERM,
17187 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
17190 .cmd = NL80211_CMD_PROBE_MESH_LINK,
17191 .doit = nl80211_probe_mesh_link,
17192 .flags = GENL_UNS_ADMIN_PERM,
17193 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
17196 .cmd = NL80211_CMD_SET_TID_CONFIG,
17197 .doit = nl80211_set_tid_config,
17198 .flags = GENL_UNS_ADMIN_PERM,
17199 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV |
17200 NL80211_FLAG_MLO_VALID_LINK_ID),
17203 .cmd = NL80211_CMD_SET_SAR_SPECS,
17204 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17205 .doit = nl80211_set_sar_specs,
17206 .flags = GENL_UNS_ADMIN_PERM,
17207 .internal_flags = IFLAGS(NL80211_FLAG_NEED_WIPHY |
17208 NL80211_FLAG_NEED_RTNL),
17211 .cmd = NL80211_CMD_COLOR_CHANGE_REQUEST,
17212 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17213 .doit = nl80211_color_change,
17214 .flags = GENL_UNS_ADMIN_PERM,
17215 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
17218 .cmd = NL80211_CMD_SET_FILS_AAD,
17219 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
17220 .doit = nl80211_set_fils_aad,
17221 .flags = GENL_UNS_ADMIN_PERM,
17222 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
17225 .cmd = NL80211_CMD_ADD_LINK,
17226 .doit = nl80211_add_link,
17227 .flags = GENL_UNS_ADMIN_PERM,
17228 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP),
17231 .cmd = NL80211_CMD_REMOVE_LINK,
17232 .doit = nl80211_remove_link,
17233 .flags = GENL_UNS_ADMIN_PERM,
17234 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
17235 NL80211_FLAG_MLO_VALID_LINK_ID),
17238 .cmd = NL80211_CMD_ADD_LINK_STA,
17239 .doit = nl80211_add_link_station,
17240 .flags = GENL_UNS_ADMIN_PERM,
17241 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
17242 NL80211_FLAG_MLO_VALID_LINK_ID),
17245 .cmd = NL80211_CMD_MODIFY_LINK_STA,
17246 .doit = nl80211_modify_link_station,
17247 .flags = GENL_UNS_ADMIN_PERM,
17248 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
17249 NL80211_FLAG_MLO_VALID_LINK_ID),
17252 .cmd = NL80211_CMD_REMOVE_LINK_STA,
17253 .doit = nl80211_remove_link_station,
17254 .flags = GENL_UNS_ADMIN_PERM,
17255 .internal_flags = IFLAGS(NL80211_FLAG_NEED_NETDEV_UP |
17256 NL80211_FLAG_MLO_VALID_LINK_ID),
17260 static struct genl_family nl80211_fam __ro_after_init = {
17261 .name = NL80211_GENL_NAME, /* have users key off the name instead */
17262 .hdrsize = 0, /* no private header */
17263 .version = 1, /* no particular meaning now */
17264 .maxattr = NL80211_ATTR_MAX,
17265 .policy = nl80211_policy,
17267 .pre_doit = nl80211_pre_doit,
17268 .post_doit = nl80211_post_doit,
17269 .module = THIS_MODULE,
17270 .ops = nl80211_ops,
17271 .n_ops = ARRAY_SIZE(nl80211_ops),
17272 .small_ops = nl80211_small_ops,
17273 .n_small_ops = ARRAY_SIZE(nl80211_small_ops),
17274 .resv_start_op = NL80211_CMD_REMOVE_LINK_STA + 1,
17275 .mcgrps = nl80211_mcgrps,
17276 .n_mcgrps = ARRAY_SIZE(nl80211_mcgrps),
17277 .parallel_ops = true,
17280 /* notification functions */
17282 void nl80211_notify_wiphy(struct cfg80211_registered_device *rdev,
17283 enum nl80211_commands cmd)
17285 struct sk_buff *msg;
17286 struct nl80211_dump_wiphy_state state = {};
17288 WARN_ON(cmd != NL80211_CMD_NEW_WIPHY &&
17289 cmd != NL80211_CMD_DEL_WIPHY);
17291 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
17295 if (nl80211_send_wiphy(rdev, cmd, msg, 0, 0, 0, &state) < 0) {
17300 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
17301 NL80211_MCGRP_CONFIG, GFP_KERNEL);
17304 void nl80211_notify_iface(struct cfg80211_registered_device *rdev,
17305 struct wireless_dev *wdev,
17306 enum nl80211_commands cmd)
17308 struct sk_buff *msg;
17310 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
17314 if (nl80211_send_iface(msg, 0, 0, 0, rdev, wdev, cmd) < 0) {
17319 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
17320 NL80211_MCGRP_CONFIG, GFP_KERNEL);
17323 static int nl80211_add_scan_req(struct sk_buff *msg,
17324 struct cfg80211_registered_device *rdev)
17326 struct cfg80211_scan_request *req = rdev->scan_req;
17327 struct nlattr *nest;
17329 struct cfg80211_scan_info *info;
17334 nest = nla_nest_start_noflag(msg, NL80211_ATTR_SCAN_SSIDS);
17336 goto nla_put_failure;
17337 for (i = 0; i < req->n_ssids; i++) {
17338 if (nla_put(msg, i, req->ssids[i].ssid_len, req->ssids[i].ssid))
17339 goto nla_put_failure;
17341 nla_nest_end(msg, nest);
17343 if (req->flags & NL80211_SCAN_FLAG_FREQ_KHZ) {
17344 nest = nla_nest_start(msg, NL80211_ATTR_SCAN_FREQ_KHZ);
17346 goto nla_put_failure;
17347 for (i = 0; i < req->n_channels; i++) {
17348 if (nla_put_u32(msg, i,
17349 ieee80211_channel_to_khz(req->channels[i])))
17350 goto nla_put_failure;
17352 nla_nest_end(msg, nest);
17354 nest = nla_nest_start_noflag(msg,
17355 NL80211_ATTR_SCAN_FREQUENCIES);
17357 goto nla_put_failure;
17358 for (i = 0; i < req->n_channels; i++) {
17359 if (nla_put_u32(msg, i, req->channels[i]->center_freq))
17360 goto nla_put_failure;
17362 nla_nest_end(msg, nest);
17366 nla_put(msg, NL80211_ATTR_IE, req->ie_len, req->ie))
17367 goto nla_put_failure;
17370 nla_put_u32(msg, NL80211_ATTR_SCAN_FLAGS, req->flags))
17371 goto nla_put_failure;
17373 info = rdev->int_scan_req ? &rdev->int_scan_req->info :
17374 &rdev->scan_req->info;
17375 if (info->scan_start_tsf &&
17376 (nla_put_u64_64bit(msg, NL80211_ATTR_SCAN_START_TIME_TSF,
17377 info->scan_start_tsf, NL80211_BSS_PAD) ||
17378 nla_put(msg, NL80211_ATTR_SCAN_START_TIME_TSF_BSSID, ETH_ALEN,
17380 goto nla_put_failure;
17387 static int nl80211_prep_scan_msg(struct sk_buff *msg,
17388 struct cfg80211_registered_device *rdev,
17389 struct wireless_dev *wdev,
17390 u32 portid, u32 seq, int flags,
17395 hdr = nl80211hdr_put(msg, portid, seq, flags, cmd);
17399 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
17400 (wdev->netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
17401 wdev->netdev->ifindex)) ||
17402 nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
17404 goto nla_put_failure;
17406 /* ignore errors and send incomplete event anyway */
17407 nl80211_add_scan_req(msg, rdev);
17409 genlmsg_end(msg, hdr);
17413 genlmsg_cancel(msg, hdr);
17418 nl80211_prep_sched_scan_msg(struct sk_buff *msg,
17419 struct cfg80211_sched_scan_request *req, u32 cmd)
17423 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
17427 if (nla_put_u32(msg, NL80211_ATTR_WIPHY,
17428 wiphy_to_rdev(req->wiphy)->wiphy_idx) ||
17429 nla_put_u32(msg, NL80211_ATTR_IFINDEX, req->dev->ifindex) ||
17430 nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, req->reqid,
17432 goto nla_put_failure;
17434 genlmsg_end(msg, hdr);
17438 genlmsg_cancel(msg, hdr);
17442 void nl80211_send_scan_start(struct cfg80211_registered_device *rdev,
17443 struct wireless_dev *wdev)
17445 struct sk_buff *msg;
17447 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
17451 if (nl80211_prep_scan_msg(msg, rdev, wdev, 0, 0, 0,
17452 NL80211_CMD_TRIGGER_SCAN) < 0) {
17457 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
17458 NL80211_MCGRP_SCAN, GFP_KERNEL);
17461 struct sk_buff *nl80211_build_scan_msg(struct cfg80211_registered_device *rdev,
17462 struct wireless_dev *wdev, bool aborted)
17464 struct sk_buff *msg;
17466 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
17470 if (nl80211_prep_scan_msg(msg, rdev, wdev, 0, 0, 0,
17471 aborted ? NL80211_CMD_SCAN_ABORTED :
17472 NL80211_CMD_NEW_SCAN_RESULTS) < 0) {
17480 /* send message created by nl80211_build_scan_msg() */
17481 void nl80211_send_scan_msg(struct cfg80211_registered_device *rdev,
17482 struct sk_buff *msg)
17487 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
17488 NL80211_MCGRP_SCAN, GFP_KERNEL);
17491 void nl80211_send_sched_scan(struct cfg80211_sched_scan_request *req, u32 cmd)
17493 struct sk_buff *msg;
17495 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
17499 if (nl80211_prep_sched_scan_msg(msg, req, cmd) < 0) {
17504 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(req->wiphy), msg, 0,
17505 NL80211_MCGRP_SCAN, GFP_KERNEL);
17508 static bool nl80211_reg_change_event_fill(struct sk_buff *msg,
17509 struct regulatory_request *request)
17511 /* Userspace can always count this one always being set */
17512 if (nla_put_u8(msg, NL80211_ATTR_REG_INITIATOR, request->initiator))
17513 goto nla_put_failure;
17515 if (request->alpha2[0] == '0' && request->alpha2[1] == '0') {
17516 if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE,
17517 NL80211_REGDOM_TYPE_WORLD))
17518 goto nla_put_failure;
17519 } else if (request->alpha2[0] == '9' && request->alpha2[1] == '9') {
17520 if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE,
17521 NL80211_REGDOM_TYPE_CUSTOM_WORLD))
17522 goto nla_put_failure;
17523 } else if ((request->alpha2[0] == '9' && request->alpha2[1] == '8') ||
17524 request->intersect) {
17525 if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE,
17526 NL80211_REGDOM_TYPE_INTERSECTION))
17527 goto nla_put_failure;
17529 if (nla_put_u8(msg, NL80211_ATTR_REG_TYPE,
17530 NL80211_REGDOM_TYPE_COUNTRY) ||
17531 nla_put_string(msg, NL80211_ATTR_REG_ALPHA2,
17533 goto nla_put_failure;
17536 if (request->wiphy_idx != WIPHY_IDX_INVALID) {
17537 struct wiphy *wiphy = wiphy_idx_to_wiphy(request->wiphy_idx);
17540 nla_put_u32(msg, NL80211_ATTR_WIPHY, request->wiphy_idx))
17541 goto nla_put_failure;
17544 wiphy->regulatory_flags & REGULATORY_WIPHY_SELF_MANAGED &&
17545 nla_put_flag(msg, NL80211_ATTR_WIPHY_SELF_MANAGED_REG))
17546 goto nla_put_failure;
17556 * This can happen on global regulatory changes or device specific settings
17557 * based on custom regulatory domains.
17559 void nl80211_common_reg_change_event(enum nl80211_commands cmd_id,
17560 struct regulatory_request *request)
17562 struct sk_buff *msg;
17565 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
17569 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd_id);
17571 goto nla_put_failure;
17573 if (!nl80211_reg_change_event_fill(msg, request))
17574 goto nla_put_failure;
17576 genlmsg_end(msg, hdr);
17579 genlmsg_multicast_allns(&nl80211_fam, msg, 0,
17580 NL80211_MCGRP_REGULATORY, GFP_ATOMIC);
17589 static void nl80211_send_mlme_event(struct cfg80211_registered_device *rdev,
17590 struct net_device *netdev,
17591 const u8 *buf, size_t len,
17592 enum nl80211_commands cmd, gfp_t gfp,
17593 int uapsd_queues, const u8 *req_ies,
17594 size_t req_ies_len, bool reconnect)
17596 struct sk_buff *msg;
17599 msg = nlmsg_new(100 + len + req_ies_len, gfp);
17603 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
17609 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
17610 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
17611 nla_put(msg, NL80211_ATTR_FRAME, len, buf) ||
17613 nla_put(msg, NL80211_ATTR_REQ_IE, req_ies_len, req_ies)))
17614 goto nla_put_failure;
17616 if (reconnect && nla_put_flag(msg, NL80211_ATTR_RECONNECT_REQUESTED))
17617 goto nla_put_failure;
17619 if (uapsd_queues >= 0) {
17620 struct nlattr *nla_wmm =
17621 nla_nest_start_noflag(msg, NL80211_ATTR_STA_WME);
17623 goto nla_put_failure;
17625 if (nla_put_u8(msg, NL80211_STA_WME_UAPSD_QUEUES,
17627 goto nla_put_failure;
17629 nla_nest_end(msg, nla_wmm);
17632 genlmsg_end(msg, hdr);
17634 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
17635 NL80211_MCGRP_MLME, gfp);
17642 void nl80211_send_rx_auth(struct cfg80211_registered_device *rdev,
17643 struct net_device *netdev, const u8 *buf,
17644 size_t len, gfp_t gfp)
17646 nl80211_send_mlme_event(rdev, netdev, buf, len,
17647 NL80211_CMD_AUTHENTICATE, gfp, -1, NULL, 0,
17651 void nl80211_send_rx_assoc(struct cfg80211_registered_device *rdev,
17652 struct net_device *netdev,
17653 struct cfg80211_rx_assoc_resp *data)
17655 nl80211_send_mlme_event(rdev, netdev, data->buf, data->len,
17656 NL80211_CMD_ASSOCIATE, GFP_KERNEL,
17657 data->uapsd_queues,
17658 data->req_ies, data->req_ies_len, false);
17661 void nl80211_send_deauth(struct cfg80211_registered_device *rdev,
17662 struct net_device *netdev, const u8 *buf,
17663 size_t len, bool reconnect, gfp_t gfp)
17665 nl80211_send_mlme_event(rdev, netdev, buf, len,
17666 NL80211_CMD_DEAUTHENTICATE, gfp, -1, NULL, 0,
17670 void nl80211_send_disassoc(struct cfg80211_registered_device *rdev,
17671 struct net_device *netdev, const u8 *buf,
17672 size_t len, bool reconnect, gfp_t gfp)
17674 nl80211_send_mlme_event(rdev, netdev, buf, len,
17675 NL80211_CMD_DISASSOCIATE, gfp, -1, NULL, 0,
17679 void cfg80211_rx_unprot_mlme_mgmt(struct net_device *dev, const u8 *buf,
17682 struct wireless_dev *wdev = dev->ieee80211_ptr;
17683 struct wiphy *wiphy = wdev->wiphy;
17684 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
17685 const struct ieee80211_mgmt *mgmt = (void *)buf;
17688 if (WARN_ON(len < 2))
17691 if (ieee80211_is_deauth(mgmt->frame_control)) {
17692 cmd = NL80211_CMD_UNPROT_DEAUTHENTICATE;
17693 } else if (ieee80211_is_disassoc(mgmt->frame_control)) {
17694 cmd = NL80211_CMD_UNPROT_DISASSOCIATE;
17695 } else if (ieee80211_is_beacon(mgmt->frame_control)) {
17696 if (wdev->unprot_beacon_reported &&
17697 elapsed_jiffies_msecs(wdev->unprot_beacon_reported) < 10000)
17699 cmd = NL80211_CMD_UNPROT_BEACON;
17700 wdev->unprot_beacon_reported = jiffies;
17705 trace_cfg80211_rx_unprot_mlme_mgmt(dev, buf, len);
17706 nl80211_send_mlme_event(rdev, dev, buf, len, cmd, GFP_ATOMIC, -1,
17709 EXPORT_SYMBOL(cfg80211_rx_unprot_mlme_mgmt);
17711 static void nl80211_send_mlme_timeout(struct cfg80211_registered_device *rdev,
17712 struct net_device *netdev, int cmd,
17713 const u8 *addr, gfp_t gfp)
17715 struct sk_buff *msg;
17718 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
17722 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
17728 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
17729 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
17730 nla_put_flag(msg, NL80211_ATTR_TIMED_OUT) ||
17731 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr))
17732 goto nla_put_failure;
17734 genlmsg_end(msg, hdr);
17736 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
17737 NL80211_MCGRP_MLME, gfp);
17744 void nl80211_send_auth_timeout(struct cfg80211_registered_device *rdev,
17745 struct net_device *netdev, const u8 *addr,
17748 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_AUTHENTICATE,
17752 void nl80211_send_assoc_timeout(struct cfg80211_registered_device *rdev,
17753 struct net_device *netdev, const u8 *addr,
17756 nl80211_send_mlme_timeout(rdev, netdev, NL80211_CMD_ASSOCIATE,
17760 void nl80211_send_connect_result(struct cfg80211_registered_device *rdev,
17761 struct net_device *netdev,
17762 struct cfg80211_connect_resp_params *cr,
17765 struct sk_buff *msg;
17768 size_t link_info_size = 0;
17769 const u8 *connected_addr = cr->valid_links ?
17770 cr->ap_mld_addr : cr->links[0].bssid;
17772 if (cr->valid_links) {
17773 for_each_valid_link(cr, link) {
17774 /* Nested attribute header */
17775 link_info_size += NLA_HDRLEN;
17777 link_info_size += nla_total_size(sizeof(u8));
17778 link_info_size += cr->links[link].addr ?
17779 nla_total_size(ETH_ALEN) : 0;
17780 link_info_size += (cr->links[link].bssid ||
17781 cr->links[link].bss) ?
17782 nla_total_size(ETH_ALEN) : 0;
17786 msg = nlmsg_new(100 + cr->req_ie_len + cr->resp_ie_len +
17787 cr->fils.kek_len + cr->fils.pmk_len +
17788 (cr->fils.pmkid ? WLAN_PMKID_LEN : 0) + link_info_size,
17793 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONNECT);
17799 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
17800 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
17802 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, connected_addr)) ||
17803 nla_put_u16(msg, NL80211_ATTR_STATUS_CODE,
17804 cr->status < 0 ? WLAN_STATUS_UNSPECIFIED_FAILURE :
17807 (nla_put_flag(msg, NL80211_ATTR_TIMED_OUT) ||
17808 nla_put_u32(msg, NL80211_ATTR_TIMEOUT_REASON,
17809 cr->timeout_reason))) ||
17811 nla_put(msg, NL80211_ATTR_REQ_IE, cr->req_ie_len, cr->req_ie)) ||
17813 nla_put(msg, NL80211_ATTR_RESP_IE, cr->resp_ie_len,
17815 (cr->fils.update_erp_next_seq_num &&
17816 nla_put_u16(msg, NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM,
17817 cr->fils.erp_next_seq_num)) ||
17818 (cr->status == WLAN_STATUS_SUCCESS &&
17820 nla_put(msg, NL80211_ATTR_FILS_KEK, cr->fils.kek_len,
17823 nla_put(msg, NL80211_ATTR_PMK, cr->fils.pmk_len, cr->fils.pmk)) ||
17825 nla_put(msg, NL80211_ATTR_PMKID, WLAN_PMKID_LEN, cr->fils.pmkid)))))
17826 goto nla_put_failure;
17828 if (cr->valid_links) {
17830 struct nlattr *nested;
17832 nested = nla_nest_start(msg, NL80211_ATTR_MLO_LINKS);
17834 goto nla_put_failure;
17836 for_each_valid_link(cr, link) {
17837 struct nlattr *nested_mlo_links;
17838 const u8 *bssid = cr->links[link].bss ?
17839 cr->links[link].bss->bssid :
17840 cr->links[link].bssid;
17842 nested_mlo_links = nla_nest_start(msg, i);
17843 if (!nested_mlo_links)
17844 goto nla_put_failure;
17846 if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link) ||
17848 nla_put(msg, NL80211_ATTR_BSSID, ETH_ALEN, bssid)) ||
17849 (cr->links[link].addr &&
17850 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN,
17851 cr->links[link].addr)))
17852 goto nla_put_failure;
17854 nla_nest_end(msg, nested_mlo_links);
17857 nla_nest_end(msg, nested);
17860 genlmsg_end(msg, hdr);
17862 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
17863 NL80211_MCGRP_MLME, gfp);
17870 void nl80211_send_roamed(struct cfg80211_registered_device *rdev,
17871 struct net_device *netdev,
17872 struct cfg80211_roam_info *info, gfp_t gfp)
17874 struct sk_buff *msg;
17876 size_t link_info_size = 0;
17878 const u8 *connected_addr = info->ap_mld_addr ?
17879 info->ap_mld_addr :
17880 (info->links[0].bss ?
17881 info->links[0].bss->bssid :
17882 info->links[0].bssid);
17884 if (info->valid_links) {
17885 for_each_valid_link(info, link) {
17886 /* Nested attribute header */
17887 link_info_size += NLA_HDRLEN;
17889 link_info_size += nla_total_size(sizeof(u8));
17890 link_info_size += info->links[link].addr ?
17891 nla_total_size(ETH_ALEN) : 0;
17892 link_info_size += (info->links[link].bssid ||
17893 info->links[link].bss) ?
17894 nla_total_size(ETH_ALEN) : 0;
17898 msg = nlmsg_new(100 + info->req_ie_len + info->resp_ie_len +
17899 info->fils.kek_len + info->fils.pmk_len +
17900 (info->fils.pmkid ? WLAN_PMKID_LEN : 0) +
17901 link_info_size, gfp);
17905 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_ROAM);
17911 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
17912 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
17913 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, connected_addr) ||
17915 nla_put(msg, NL80211_ATTR_REQ_IE, info->req_ie_len,
17918 nla_put(msg, NL80211_ATTR_RESP_IE, info->resp_ie_len,
17920 (info->fils.update_erp_next_seq_num &&
17921 nla_put_u16(msg, NL80211_ATTR_FILS_ERP_NEXT_SEQ_NUM,
17922 info->fils.erp_next_seq_num)) ||
17924 nla_put(msg, NL80211_ATTR_FILS_KEK, info->fils.kek_len,
17925 info->fils.kek)) ||
17927 nla_put(msg, NL80211_ATTR_PMK, info->fils.pmk_len, info->fils.pmk)) ||
17928 (info->fils.pmkid &&
17929 nla_put(msg, NL80211_ATTR_PMKID, WLAN_PMKID_LEN, info->fils.pmkid)))
17930 goto nla_put_failure;
17932 if (info->valid_links) {
17934 struct nlattr *nested;
17936 nested = nla_nest_start(msg, NL80211_ATTR_MLO_LINKS);
17938 goto nla_put_failure;
17940 for_each_valid_link(info, link) {
17941 struct nlattr *nested_mlo_links;
17942 const u8 *bssid = info->links[link].bss ?
17943 info->links[link].bss->bssid :
17944 info->links[link].bssid;
17946 nested_mlo_links = nla_nest_start(msg, i);
17947 if (!nested_mlo_links)
17948 goto nla_put_failure;
17950 if (nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link) ||
17952 nla_put(msg, NL80211_ATTR_BSSID, ETH_ALEN, bssid)) ||
17953 (info->links[link].addr &&
17954 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN,
17955 info->links[link].addr)))
17956 goto nla_put_failure;
17958 nla_nest_end(msg, nested_mlo_links);
17961 nla_nest_end(msg, nested);
17964 genlmsg_end(msg, hdr);
17966 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
17967 NL80211_MCGRP_MLME, gfp);
17974 void nl80211_send_port_authorized(struct cfg80211_registered_device *rdev,
17975 struct net_device *netdev, const u8 *bssid)
17977 struct sk_buff *msg;
17980 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
17984 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_PORT_AUTHORIZED);
17990 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
17991 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
17992 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid))
17993 goto nla_put_failure;
17995 genlmsg_end(msg, hdr);
17997 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
17998 NL80211_MCGRP_MLME, GFP_KERNEL);
18005 void nl80211_send_disconnected(struct cfg80211_registered_device *rdev,
18006 struct net_device *netdev, u16 reason,
18007 const u8 *ie, size_t ie_len, bool from_ap)
18009 struct sk_buff *msg;
18012 msg = nlmsg_new(100 + ie_len, GFP_KERNEL);
18016 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_DISCONNECT);
18022 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
18023 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
18025 nla_put_u16(msg, NL80211_ATTR_REASON_CODE, reason)) ||
18027 nla_put_flag(msg, NL80211_ATTR_DISCONNECTED_BY_AP)) ||
18028 (ie && nla_put(msg, NL80211_ATTR_IE, ie_len, ie)))
18029 goto nla_put_failure;
18031 genlmsg_end(msg, hdr);
18033 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
18034 NL80211_MCGRP_MLME, GFP_KERNEL);
18041 void nl80211_send_ibss_bssid(struct cfg80211_registered_device *rdev,
18042 struct net_device *netdev, const u8 *bssid,
18045 struct sk_buff *msg;
18048 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
18052 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_JOIN_IBSS);
18058 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
18059 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
18060 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid))
18061 goto nla_put_failure;
18063 genlmsg_end(msg, hdr);
18065 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
18066 NL80211_MCGRP_MLME, gfp);
18073 void cfg80211_notify_new_peer_candidate(struct net_device *dev, const u8 *addr,
18074 const u8 *ie, u8 ie_len,
18075 int sig_dbm, gfp_t gfp)
18077 struct wireless_dev *wdev = dev->ieee80211_ptr;
18078 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
18079 struct sk_buff *msg;
18082 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_MESH_POINT))
18085 trace_cfg80211_notify_new_peer_candidate(dev, addr);
18087 msg = nlmsg_new(100 + ie_len, gfp);
18091 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NEW_PEER_CANDIDATE);
18097 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
18098 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
18099 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
18101 nla_put(msg, NL80211_ATTR_IE, ie_len, ie)) ||
18103 nla_put_u32(msg, NL80211_ATTR_RX_SIGNAL_DBM, sig_dbm)))
18104 goto nla_put_failure;
18106 genlmsg_end(msg, hdr);
18108 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
18109 NL80211_MCGRP_MLME, gfp);
18115 EXPORT_SYMBOL(cfg80211_notify_new_peer_candidate);
18117 void nl80211_michael_mic_failure(struct cfg80211_registered_device *rdev,
18118 struct net_device *netdev, const u8 *addr,
18119 enum nl80211_key_type key_type, int key_id,
18120 const u8 *tsc, gfp_t gfp)
18122 struct sk_buff *msg;
18125 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
18129 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_MICHAEL_MIC_FAILURE);
18135 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
18136 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
18137 (addr && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr)) ||
18138 nla_put_u32(msg, NL80211_ATTR_KEY_TYPE, key_type) ||
18140 nla_put_u8(msg, NL80211_ATTR_KEY_IDX, key_id)) ||
18141 (tsc && nla_put(msg, NL80211_ATTR_KEY_SEQ, 6, tsc)))
18142 goto nla_put_failure;
18144 genlmsg_end(msg, hdr);
18146 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
18147 NL80211_MCGRP_MLME, gfp);
18154 void nl80211_send_beacon_hint_event(struct wiphy *wiphy,
18155 struct ieee80211_channel *channel_before,
18156 struct ieee80211_channel *channel_after)
18158 struct sk_buff *msg;
18160 struct nlattr *nl_freq;
18162 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC);
18166 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_REG_BEACON_HINT);
18173 * Since we are applying the beacon hint to a wiphy we know its
18174 * wiphy_idx is valid
18176 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, get_wiphy_idx(wiphy)))
18177 goto nla_put_failure;
18180 nl_freq = nla_nest_start_noflag(msg, NL80211_ATTR_FREQ_BEFORE);
18182 goto nla_put_failure;
18184 if (nl80211_msg_put_channel(msg, wiphy, channel_before, false))
18185 goto nla_put_failure;
18186 nla_nest_end(msg, nl_freq);
18189 nl_freq = nla_nest_start_noflag(msg, NL80211_ATTR_FREQ_AFTER);
18191 goto nla_put_failure;
18193 if (nl80211_msg_put_channel(msg, wiphy, channel_after, false))
18194 goto nla_put_failure;
18195 nla_nest_end(msg, nl_freq);
18197 genlmsg_end(msg, hdr);
18200 genlmsg_multicast_allns(&nl80211_fam, msg, 0,
18201 NL80211_MCGRP_REGULATORY, GFP_ATOMIC);
18210 static void nl80211_send_remain_on_chan_event(
18211 int cmd, struct cfg80211_registered_device *rdev,
18212 struct wireless_dev *wdev, u64 cookie,
18213 struct ieee80211_channel *chan,
18214 unsigned int duration, gfp_t gfp)
18216 struct sk_buff *msg;
18219 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
18223 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
18229 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
18230 (wdev->netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
18231 wdev->netdev->ifindex)) ||
18232 nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
18233 NL80211_ATTR_PAD) ||
18234 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, chan->center_freq) ||
18235 nla_put_u32(msg, NL80211_ATTR_WIPHY_CHANNEL_TYPE,
18236 NL80211_CHAN_NO_HT) ||
18237 nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, cookie,
18239 goto nla_put_failure;
18241 if (cmd == NL80211_CMD_REMAIN_ON_CHANNEL &&
18242 nla_put_u32(msg, NL80211_ATTR_DURATION, duration))
18243 goto nla_put_failure;
18245 genlmsg_end(msg, hdr);
18247 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
18248 NL80211_MCGRP_MLME, gfp);
18255 void cfg80211_assoc_comeback(struct net_device *netdev,
18256 const u8 *ap_addr, u32 timeout)
18258 struct wireless_dev *wdev = netdev->ieee80211_ptr;
18259 struct wiphy *wiphy = wdev->wiphy;
18260 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
18261 struct sk_buff *msg;
18264 trace_cfg80211_assoc_comeback(wdev, ap_addr, timeout);
18266 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
18270 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_ASSOC_COMEBACK);
18276 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
18277 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
18278 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, ap_addr) ||
18279 nla_put_u32(msg, NL80211_ATTR_TIMEOUT, timeout))
18280 goto nla_put_failure;
18282 genlmsg_end(msg, hdr);
18284 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
18285 NL80211_MCGRP_MLME, GFP_KERNEL);
18291 EXPORT_SYMBOL(cfg80211_assoc_comeback);
18293 void cfg80211_ready_on_channel(struct wireless_dev *wdev, u64 cookie,
18294 struct ieee80211_channel *chan,
18295 unsigned int duration, gfp_t gfp)
18297 struct wiphy *wiphy = wdev->wiphy;
18298 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
18300 trace_cfg80211_ready_on_channel(wdev, cookie, chan, duration);
18301 nl80211_send_remain_on_chan_event(NL80211_CMD_REMAIN_ON_CHANNEL,
18302 rdev, wdev, cookie, chan,
18305 EXPORT_SYMBOL(cfg80211_ready_on_channel);
18307 void cfg80211_remain_on_channel_expired(struct wireless_dev *wdev, u64 cookie,
18308 struct ieee80211_channel *chan,
18311 struct wiphy *wiphy = wdev->wiphy;
18312 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
18314 trace_cfg80211_ready_on_channel_expired(wdev, cookie, chan);
18315 nl80211_send_remain_on_chan_event(NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL,
18316 rdev, wdev, cookie, chan, 0, gfp);
18318 EXPORT_SYMBOL(cfg80211_remain_on_channel_expired);
18320 void cfg80211_tx_mgmt_expired(struct wireless_dev *wdev, u64 cookie,
18321 struct ieee80211_channel *chan,
18324 struct wiphy *wiphy = wdev->wiphy;
18325 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
18327 trace_cfg80211_tx_mgmt_expired(wdev, cookie, chan);
18328 nl80211_send_remain_on_chan_event(NL80211_CMD_FRAME_WAIT_CANCEL,
18329 rdev, wdev, cookie, chan, 0, gfp);
18331 EXPORT_SYMBOL(cfg80211_tx_mgmt_expired);
18333 void cfg80211_new_sta(struct net_device *dev, const u8 *mac_addr,
18334 struct station_info *sinfo, gfp_t gfp)
18336 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy;
18337 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
18338 struct sk_buff *msg;
18340 trace_cfg80211_new_sta(dev, mac_addr, sinfo);
18342 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
18346 if (nl80211_send_station(msg, NL80211_CMD_NEW_STATION, 0, 0, 0,
18347 rdev, dev, mac_addr, sinfo) < 0) {
18352 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
18353 NL80211_MCGRP_MLME, gfp);
18355 EXPORT_SYMBOL(cfg80211_new_sta);
18357 void cfg80211_del_sta_sinfo(struct net_device *dev, const u8 *mac_addr,
18358 struct station_info *sinfo, gfp_t gfp)
18360 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy;
18361 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
18362 struct sk_buff *msg;
18363 struct station_info empty_sinfo = {};
18366 sinfo = &empty_sinfo;
18368 trace_cfg80211_del_sta(dev, mac_addr);
18370 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
18372 cfg80211_sinfo_release_content(sinfo);
18376 if (nl80211_send_station(msg, NL80211_CMD_DEL_STATION, 0, 0, 0,
18377 rdev, dev, mac_addr, sinfo) < 0) {
18382 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
18383 NL80211_MCGRP_MLME, gfp);
18385 EXPORT_SYMBOL(cfg80211_del_sta_sinfo);
18387 void cfg80211_conn_failed(struct net_device *dev, const u8 *mac_addr,
18388 enum nl80211_connect_failed_reason reason,
18391 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy;
18392 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
18393 struct sk_buff *msg;
18396 msg = nlmsg_new(NLMSG_GOODSIZE, gfp);
18400 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONN_FAILED);
18406 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
18407 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac_addr) ||
18408 nla_put_u32(msg, NL80211_ATTR_CONN_FAILED_REASON, reason))
18409 goto nla_put_failure;
18411 genlmsg_end(msg, hdr);
18413 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
18414 NL80211_MCGRP_MLME, gfp);
18420 EXPORT_SYMBOL(cfg80211_conn_failed);
18422 static bool __nl80211_unexpected_frame(struct net_device *dev, u8 cmd,
18423 const u8 *addr, gfp_t gfp)
18425 struct wireless_dev *wdev = dev->ieee80211_ptr;
18426 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
18427 struct sk_buff *msg;
18429 u32 nlportid = READ_ONCE(wdev->ap_unexpected_nlportid);
18434 msg = nlmsg_new(100, gfp);
18438 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
18444 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
18445 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
18446 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr))
18447 goto nla_put_failure;
18449 genlmsg_end(msg, hdr);
18450 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlportid);
18458 bool cfg80211_rx_spurious_frame(struct net_device *dev,
18459 const u8 *addr, gfp_t gfp)
18461 struct wireless_dev *wdev = dev->ieee80211_ptr;
18464 trace_cfg80211_rx_spurious_frame(dev, addr);
18466 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_AP &&
18467 wdev->iftype != NL80211_IFTYPE_P2P_GO)) {
18468 trace_cfg80211_return_bool(false);
18471 ret = __nl80211_unexpected_frame(dev, NL80211_CMD_UNEXPECTED_FRAME,
18473 trace_cfg80211_return_bool(ret);
18476 EXPORT_SYMBOL(cfg80211_rx_spurious_frame);
18478 bool cfg80211_rx_unexpected_4addr_frame(struct net_device *dev,
18479 const u8 *addr, gfp_t gfp)
18481 struct wireless_dev *wdev = dev->ieee80211_ptr;
18484 trace_cfg80211_rx_unexpected_4addr_frame(dev, addr);
18486 if (WARN_ON(wdev->iftype != NL80211_IFTYPE_AP &&
18487 wdev->iftype != NL80211_IFTYPE_P2P_GO &&
18488 wdev->iftype != NL80211_IFTYPE_AP_VLAN)) {
18489 trace_cfg80211_return_bool(false);
18492 ret = __nl80211_unexpected_frame(dev,
18493 NL80211_CMD_UNEXPECTED_4ADDR_FRAME,
18495 trace_cfg80211_return_bool(ret);
18498 EXPORT_SYMBOL(cfg80211_rx_unexpected_4addr_frame);
18500 int nl80211_send_mgmt(struct cfg80211_registered_device *rdev,
18501 struct wireless_dev *wdev, u32 nlportid,
18502 struct cfg80211_rx_info *info, gfp_t gfp)
18504 struct net_device *netdev = wdev->netdev;
18505 struct sk_buff *msg;
18508 msg = nlmsg_new(100 + info->len, gfp);
18512 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME);
18518 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
18519 (netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
18520 netdev->ifindex)) ||
18521 nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
18522 NL80211_ATTR_PAD) ||
18523 (info->have_link_id &&
18524 nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, info->link_id)) ||
18525 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ, KHZ_TO_MHZ(info->freq)) ||
18526 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ_OFFSET, info->freq % 1000) ||
18528 nla_put_u32(msg, NL80211_ATTR_RX_SIGNAL_DBM, info->sig_dbm)) ||
18529 nla_put(msg, NL80211_ATTR_FRAME, info->len, info->buf) ||
18531 nla_put_u32(msg, NL80211_ATTR_RXMGMT_FLAGS, info->flags)) ||
18532 (info->rx_tstamp && nla_put_u64_64bit(msg,
18533 NL80211_ATTR_RX_HW_TIMESTAMP,
18535 NL80211_ATTR_PAD)) ||
18536 (info->ack_tstamp && nla_put_u64_64bit(msg,
18537 NL80211_ATTR_TX_HW_TIMESTAMP,
18539 NL80211_ATTR_PAD)))
18540 goto nla_put_failure;
18542 genlmsg_end(msg, hdr);
18544 return genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlportid);
18551 static void nl80211_frame_tx_status(struct wireless_dev *wdev,
18552 struct cfg80211_tx_status *status,
18553 gfp_t gfp, enum nl80211_commands command)
18555 struct wiphy *wiphy = wdev->wiphy;
18556 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
18557 struct net_device *netdev = wdev->netdev;
18558 struct sk_buff *msg;
18561 if (command == NL80211_CMD_FRAME_TX_STATUS)
18562 trace_cfg80211_mgmt_tx_status(wdev, status->cookie,
18565 trace_cfg80211_control_port_tx_status(wdev, status->cookie,
18568 msg = nlmsg_new(100 + status->len, gfp);
18572 hdr = nl80211hdr_put(msg, 0, 0, 0, command);
18578 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
18579 (netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
18580 netdev->ifindex)) ||
18581 nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
18582 NL80211_ATTR_PAD) ||
18583 nla_put(msg, NL80211_ATTR_FRAME, status->len, status->buf) ||
18584 nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, status->cookie,
18585 NL80211_ATTR_PAD) ||
18586 (status->ack && nla_put_flag(msg, NL80211_ATTR_ACK)) ||
18587 (status->tx_tstamp &&
18588 nla_put_u64_64bit(msg, NL80211_ATTR_TX_HW_TIMESTAMP,
18589 status->tx_tstamp, NL80211_ATTR_PAD)) ||
18590 (status->ack_tstamp &&
18591 nla_put_u64_64bit(msg, NL80211_ATTR_RX_HW_TIMESTAMP,
18592 status->ack_tstamp, NL80211_ATTR_PAD)))
18593 goto nla_put_failure;
18595 genlmsg_end(msg, hdr);
18597 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
18598 NL80211_MCGRP_MLME, gfp);
18605 void cfg80211_control_port_tx_status(struct wireless_dev *wdev, u64 cookie,
18606 const u8 *buf, size_t len, bool ack,
18609 struct cfg80211_tx_status status = {
18616 nl80211_frame_tx_status(wdev, &status, gfp,
18617 NL80211_CMD_CONTROL_PORT_FRAME_TX_STATUS);
18619 EXPORT_SYMBOL(cfg80211_control_port_tx_status);
18621 void cfg80211_mgmt_tx_status_ext(struct wireless_dev *wdev,
18622 struct cfg80211_tx_status *status, gfp_t gfp)
18624 nl80211_frame_tx_status(wdev, status, gfp, NL80211_CMD_FRAME_TX_STATUS);
18626 EXPORT_SYMBOL(cfg80211_mgmt_tx_status_ext);
18628 static int __nl80211_rx_control_port(struct net_device *dev,
18629 struct sk_buff *skb,
18630 bool unencrypted, gfp_t gfp)
18632 struct wireless_dev *wdev = dev->ieee80211_ptr;
18633 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
18634 struct ethhdr *ehdr = eth_hdr(skb);
18635 const u8 *addr = ehdr->h_source;
18636 u16 proto = be16_to_cpu(skb->protocol);
18637 struct sk_buff *msg;
18639 struct nlattr *frame;
18641 u32 nlportid = READ_ONCE(wdev->conn_owner_nlportid);
18646 msg = nlmsg_new(100 + skb->len, gfp);
18650 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CONTROL_PORT_FRAME);
18656 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
18657 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
18658 nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
18659 NL80211_ATTR_PAD) ||
18660 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
18661 nla_put_u16(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE, proto) ||
18662 (unencrypted && nla_put_flag(msg,
18663 NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT)))
18664 goto nla_put_failure;
18666 frame = nla_reserve(msg, NL80211_ATTR_FRAME, skb->len);
18668 goto nla_put_failure;
18670 skb_copy_bits(skb, 0, nla_data(frame), skb->len);
18671 genlmsg_end(msg, hdr);
18673 return genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlportid);
18680 bool cfg80211_rx_control_port(struct net_device *dev,
18681 struct sk_buff *skb, bool unencrypted)
18685 trace_cfg80211_rx_control_port(dev, skb, unencrypted);
18686 ret = __nl80211_rx_control_port(dev, skb, unencrypted, GFP_ATOMIC);
18687 trace_cfg80211_return_bool(ret == 0);
18690 EXPORT_SYMBOL(cfg80211_rx_control_port);
18692 static struct sk_buff *cfg80211_prepare_cqm(struct net_device *dev,
18693 const char *mac, gfp_t gfp)
18695 struct wireless_dev *wdev = dev->ieee80211_ptr;
18696 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
18697 struct sk_buff *msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
18703 cb = (void **)msg->cb;
18705 cb[0] = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_NOTIFY_CQM);
18711 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
18712 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex))
18713 goto nla_put_failure;
18715 if (mac && nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac))
18716 goto nla_put_failure;
18718 cb[1] = nla_nest_start_noflag(msg, NL80211_ATTR_CQM);
18720 goto nla_put_failure;
18730 static void cfg80211_send_cqm(struct sk_buff *msg, gfp_t gfp)
18732 void **cb = (void **)msg->cb;
18733 struct cfg80211_registered_device *rdev = cb[2];
18735 nla_nest_end(msg, cb[1]);
18736 genlmsg_end(msg, cb[0]);
18738 memset(msg->cb, 0, sizeof(msg->cb));
18740 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
18741 NL80211_MCGRP_MLME, gfp);
18744 void cfg80211_cqm_rssi_notify(struct net_device *dev,
18745 enum nl80211_cqm_rssi_threshold_event rssi_event,
18746 s32 rssi_level, gfp_t gfp)
18748 struct wireless_dev *wdev = dev->ieee80211_ptr;
18749 struct cfg80211_cqm_config *cqm_config;
18751 trace_cfg80211_cqm_rssi_notify(dev, rssi_event, rssi_level);
18753 if (WARN_ON(rssi_event != NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW &&
18754 rssi_event != NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH))
18758 cqm_config = rcu_dereference(wdev->cqm_config);
18760 cqm_config->last_rssi_event_value = rssi_level;
18761 cqm_config->last_rssi_event_type = rssi_event;
18762 wiphy_work_queue(wdev->wiphy, &wdev->cqm_rssi_work);
18766 EXPORT_SYMBOL(cfg80211_cqm_rssi_notify);
18768 void cfg80211_cqm_rssi_notify_work(struct wiphy *wiphy, struct wiphy_work *work)
18770 struct wireless_dev *wdev = container_of(work, struct wireless_dev,
18772 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
18773 enum nl80211_cqm_rssi_threshold_event rssi_event;
18774 struct cfg80211_cqm_config *cqm_config;
18775 struct sk_buff *msg;
18779 cqm_config = rcu_dereference_protected(wdev->cqm_config,
18780 lockdep_is_held(&wdev->mtx));
18784 if (cqm_config->use_range_api)
18785 cfg80211_cqm_rssi_update(rdev, wdev->netdev, cqm_config);
18787 rssi_level = cqm_config->last_rssi_event_value;
18788 rssi_event = cqm_config->last_rssi_event_type;
18790 msg = cfg80211_prepare_cqm(wdev->netdev, NULL, GFP_KERNEL);
18794 if (nla_put_u32(msg, NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT,
18796 goto nla_put_failure;
18798 if (rssi_level && nla_put_s32(msg, NL80211_ATTR_CQM_RSSI_LEVEL,
18800 goto nla_put_failure;
18802 cfg80211_send_cqm(msg, GFP_KERNEL);
18812 void cfg80211_cqm_txe_notify(struct net_device *dev,
18813 const u8 *peer, u32 num_packets,
18814 u32 rate, u32 intvl, gfp_t gfp)
18816 struct sk_buff *msg;
18818 msg = cfg80211_prepare_cqm(dev, peer, gfp);
18822 if (nla_put_u32(msg, NL80211_ATTR_CQM_TXE_PKTS, num_packets))
18823 goto nla_put_failure;
18825 if (nla_put_u32(msg, NL80211_ATTR_CQM_TXE_RATE, rate))
18826 goto nla_put_failure;
18828 if (nla_put_u32(msg, NL80211_ATTR_CQM_TXE_INTVL, intvl))
18829 goto nla_put_failure;
18831 cfg80211_send_cqm(msg, gfp);
18837 EXPORT_SYMBOL(cfg80211_cqm_txe_notify);
18839 void cfg80211_cqm_pktloss_notify(struct net_device *dev,
18840 const u8 *peer, u32 num_packets, gfp_t gfp)
18842 struct sk_buff *msg;
18844 trace_cfg80211_cqm_pktloss_notify(dev, peer, num_packets);
18846 msg = cfg80211_prepare_cqm(dev, peer, gfp);
18850 if (nla_put_u32(msg, NL80211_ATTR_CQM_PKT_LOSS_EVENT, num_packets))
18851 goto nla_put_failure;
18853 cfg80211_send_cqm(msg, gfp);
18859 EXPORT_SYMBOL(cfg80211_cqm_pktloss_notify);
18861 void cfg80211_cqm_beacon_loss_notify(struct net_device *dev, gfp_t gfp)
18863 struct sk_buff *msg;
18865 msg = cfg80211_prepare_cqm(dev, NULL, gfp);
18869 if (nla_put_flag(msg, NL80211_ATTR_CQM_BEACON_LOSS_EVENT))
18870 goto nla_put_failure;
18872 cfg80211_send_cqm(msg, gfp);
18878 EXPORT_SYMBOL(cfg80211_cqm_beacon_loss_notify);
18880 static void nl80211_gtk_rekey_notify(struct cfg80211_registered_device *rdev,
18881 struct net_device *netdev, const u8 *bssid,
18882 const u8 *replay_ctr, gfp_t gfp)
18884 struct sk_buff *msg;
18885 struct nlattr *rekey_attr;
18888 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
18892 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_SET_REKEY_OFFLOAD);
18898 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
18899 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
18900 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, bssid))
18901 goto nla_put_failure;
18903 rekey_attr = nla_nest_start_noflag(msg, NL80211_ATTR_REKEY_DATA);
18905 goto nla_put_failure;
18907 if (nla_put(msg, NL80211_REKEY_DATA_REPLAY_CTR,
18908 NL80211_REPLAY_CTR_LEN, replay_ctr))
18909 goto nla_put_failure;
18911 nla_nest_end(msg, rekey_attr);
18913 genlmsg_end(msg, hdr);
18915 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
18916 NL80211_MCGRP_MLME, gfp);
18923 void cfg80211_gtk_rekey_notify(struct net_device *dev, const u8 *bssid,
18924 const u8 *replay_ctr, gfp_t gfp)
18926 struct wireless_dev *wdev = dev->ieee80211_ptr;
18927 struct wiphy *wiphy = wdev->wiphy;
18928 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
18930 trace_cfg80211_gtk_rekey_notify(dev, bssid);
18931 nl80211_gtk_rekey_notify(rdev, dev, bssid, replay_ctr, gfp);
18933 EXPORT_SYMBOL(cfg80211_gtk_rekey_notify);
18936 nl80211_pmksa_candidate_notify(struct cfg80211_registered_device *rdev,
18937 struct net_device *netdev, int index,
18938 const u8 *bssid, bool preauth, gfp_t gfp)
18940 struct sk_buff *msg;
18941 struct nlattr *attr;
18944 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
18948 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_PMKSA_CANDIDATE);
18954 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
18955 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex))
18956 goto nla_put_failure;
18958 attr = nla_nest_start_noflag(msg, NL80211_ATTR_PMKSA_CANDIDATE);
18960 goto nla_put_failure;
18962 if (nla_put_u32(msg, NL80211_PMKSA_CANDIDATE_INDEX, index) ||
18963 nla_put(msg, NL80211_PMKSA_CANDIDATE_BSSID, ETH_ALEN, bssid) ||
18965 nla_put_flag(msg, NL80211_PMKSA_CANDIDATE_PREAUTH)))
18966 goto nla_put_failure;
18968 nla_nest_end(msg, attr);
18970 genlmsg_end(msg, hdr);
18972 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
18973 NL80211_MCGRP_MLME, gfp);
18980 void cfg80211_pmksa_candidate_notify(struct net_device *dev, int index,
18981 const u8 *bssid, bool preauth, gfp_t gfp)
18983 struct wireless_dev *wdev = dev->ieee80211_ptr;
18984 struct wiphy *wiphy = wdev->wiphy;
18985 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
18987 trace_cfg80211_pmksa_candidate_notify(dev, index, bssid, preauth);
18988 nl80211_pmksa_candidate_notify(rdev, dev, index, bssid, preauth, gfp);
18990 EXPORT_SYMBOL(cfg80211_pmksa_candidate_notify);
18992 static void nl80211_ch_switch_notify(struct cfg80211_registered_device *rdev,
18993 struct net_device *netdev,
18994 unsigned int link_id,
18995 struct cfg80211_chan_def *chandef,
18997 enum nl80211_commands notif,
18998 u8 count, bool quiet)
19000 struct wireless_dev *wdev = netdev->ieee80211_ptr;
19001 struct sk_buff *msg;
19004 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
19008 hdr = nl80211hdr_put(msg, 0, 0, 0, notif);
19014 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex))
19015 goto nla_put_failure;
19017 if (wdev->valid_links &&
19018 nla_put_u8(msg, NL80211_ATTR_MLO_LINK_ID, link_id))
19019 goto nla_put_failure;
19021 if (nl80211_send_chandef(msg, chandef))
19022 goto nla_put_failure;
19024 if (notif == NL80211_CMD_CH_SWITCH_STARTED_NOTIFY) {
19025 if (nla_put_u32(msg, NL80211_ATTR_CH_SWITCH_COUNT, count))
19026 goto nla_put_failure;
19028 nla_put_flag(msg, NL80211_ATTR_CH_SWITCH_BLOCK_TX))
19029 goto nla_put_failure;
19032 genlmsg_end(msg, hdr);
19034 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
19035 NL80211_MCGRP_MLME, gfp);
19042 void cfg80211_ch_switch_notify(struct net_device *dev,
19043 struct cfg80211_chan_def *chandef,
19044 unsigned int link_id)
19046 struct wireless_dev *wdev = dev->ieee80211_ptr;
19047 struct wiphy *wiphy = wdev->wiphy;
19048 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
19050 ASSERT_WDEV_LOCK(wdev);
19051 WARN_INVALID_LINK_ID(wdev, link_id);
19053 trace_cfg80211_ch_switch_notify(dev, chandef, link_id);
19055 switch (wdev->iftype) {
19056 case NL80211_IFTYPE_STATION:
19057 case NL80211_IFTYPE_P2P_CLIENT:
19058 if (!WARN_ON(!wdev->links[link_id].client.current_bss))
19059 cfg80211_update_assoc_bss_entry(wdev, link_id,
19062 case NL80211_IFTYPE_MESH_POINT:
19063 wdev->u.mesh.chandef = *chandef;
19064 wdev->u.mesh.preset_chandef = *chandef;
19066 case NL80211_IFTYPE_AP:
19067 case NL80211_IFTYPE_P2P_GO:
19068 wdev->links[link_id].ap.chandef = *chandef;
19070 case NL80211_IFTYPE_ADHOC:
19071 wdev->u.ibss.chandef = *chandef;
19078 cfg80211_sched_dfs_chan_update(rdev);
19080 nl80211_ch_switch_notify(rdev, dev, link_id, chandef, GFP_KERNEL,
19081 NL80211_CMD_CH_SWITCH_NOTIFY, 0, false);
19083 EXPORT_SYMBOL(cfg80211_ch_switch_notify);
19085 void cfg80211_ch_switch_started_notify(struct net_device *dev,
19086 struct cfg80211_chan_def *chandef,
19087 unsigned int link_id, u8 count,
19090 struct wireless_dev *wdev = dev->ieee80211_ptr;
19091 struct wiphy *wiphy = wdev->wiphy;
19092 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
19094 ASSERT_WDEV_LOCK(wdev);
19095 WARN_INVALID_LINK_ID(wdev, link_id);
19097 trace_cfg80211_ch_switch_started_notify(dev, chandef, link_id);
19099 nl80211_ch_switch_notify(rdev, dev, link_id, chandef, GFP_KERNEL,
19100 NL80211_CMD_CH_SWITCH_STARTED_NOTIFY,
19103 EXPORT_SYMBOL(cfg80211_ch_switch_started_notify);
19105 int cfg80211_bss_color_notify(struct net_device *dev, gfp_t gfp,
19106 enum nl80211_commands cmd, u8 count,
19109 struct wireless_dev *wdev = dev->ieee80211_ptr;
19110 struct wiphy *wiphy = wdev->wiphy;
19111 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
19112 struct sk_buff *msg;
19115 ASSERT_WDEV_LOCK(wdev);
19117 trace_cfg80211_bss_color_notify(dev, cmd, count, color_bitmap);
19119 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
19123 hdr = nl80211hdr_put(msg, 0, 0, 0, cmd);
19125 goto nla_put_failure;
19127 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex))
19128 goto nla_put_failure;
19130 if (cmd == NL80211_CMD_COLOR_CHANGE_STARTED &&
19131 nla_put_u32(msg, NL80211_ATTR_COLOR_CHANGE_COUNT, count))
19132 goto nla_put_failure;
19134 if (cmd == NL80211_CMD_OBSS_COLOR_COLLISION &&
19135 nla_put_u64_64bit(msg, NL80211_ATTR_OBSS_COLOR_BITMAP,
19136 color_bitmap, NL80211_ATTR_PAD))
19137 goto nla_put_failure;
19139 genlmsg_end(msg, hdr);
19141 return genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy),
19142 msg, 0, NL80211_MCGRP_MLME, gfp);
19148 EXPORT_SYMBOL(cfg80211_bss_color_notify);
19151 nl80211_radar_notify(struct cfg80211_registered_device *rdev,
19152 const struct cfg80211_chan_def *chandef,
19153 enum nl80211_radar_event event,
19154 struct net_device *netdev, gfp_t gfp)
19156 struct sk_buff *msg;
19159 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
19163 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_RADAR_DETECT);
19169 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx))
19170 goto nla_put_failure;
19172 /* NOP and radar events don't need a netdev parameter */
19174 struct wireless_dev *wdev = netdev->ieee80211_ptr;
19176 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
19177 nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
19179 goto nla_put_failure;
19182 if (nla_put_u32(msg, NL80211_ATTR_RADAR_EVENT, event))
19183 goto nla_put_failure;
19185 if (nl80211_send_chandef(msg, chandef))
19186 goto nla_put_failure;
19188 genlmsg_end(msg, hdr);
19190 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
19191 NL80211_MCGRP_MLME, gfp);
19198 void cfg80211_sta_opmode_change_notify(struct net_device *dev, const u8 *mac,
19199 struct sta_opmode_info *sta_opmode,
19202 struct sk_buff *msg;
19203 struct wireless_dev *wdev = dev->ieee80211_ptr;
19204 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
19210 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
19214 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_STA_OPMODE_CHANGED);
19220 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx))
19221 goto nla_put_failure;
19223 if (nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex))
19224 goto nla_put_failure;
19226 if (nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, mac))
19227 goto nla_put_failure;
19229 if ((sta_opmode->changed & STA_OPMODE_SMPS_MODE_CHANGED) &&
19230 nla_put_u8(msg, NL80211_ATTR_SMPS_MODE, sta_opmode->smps_mode))
19231 goto nla_put_failure;
19233 if ((sta_opmode->changed & STA_OPMODE_MAX_BW_CHANGED) &&
19234 nla_put_u32(msg, NL80211_ATTR_CHANNEL_WIDTH, sta_opmode->bw))
19235 goto nla_put_failure;
19237 if ((sta_opmode->changed & STA_OPMODE_N_SS_CHANGED) &&
19238 nla_put_u8(msg, NL80211_ATTR_NSS, sta_opmode->rx_nss))
19239 goto nla_put_failure;
19241 genlmsg_end(msg, hdr);
19243 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
19244 NL80211_MCGRP_MLME, gfp);
19251 EXPORT_SYMBOL(cfg80211_sta_opmode_change_notify);
19253 void cfg80211_probe_status(struct net_device *dev, const u8 *addr,
19254 u64 cookie, bool acked, s32 ack_signal,
19255 bool is_valid_ack_signal, gfp_t gfp)
19257 struct wireless_dev *wdev = dev->ieee80211_ptr;
19258 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
19259 struct sk_buff *msg;
19262 trace_cfg80211_probe_status(dev, addr, cookie, acked);
19264 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
19269 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_PROBE_CLIENT);
19275 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
19276 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
19277 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, addr) ||
19278 nla_put_u64_64bit(msg, NL80211_ATTR_COOKIE, cookie,
19279 NL80211_ATTR_PAD) ||
19280 (acked && nla_put_flag(msg, NL80211_ATTR_ACK)) ||
19281 (is_valid_ack_signal && nla_put_s32(msg, NL80211_ATTR_ACK_SIGNAL,
19283 goto nla_put_failure;
19285 genlmsg_end(msg, hdr);
19287 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
19288 NL80211_MCGRP_MLME, gfp);
19294 EXPORT_SYMBOL(cfg80211_probe_status);
19296 void cfg80211_report_obss_beacon_khz(struct wiphy *wiphy, const u8 *frame,
19297 size_t len, int freq, int sig_dbm)
19299 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
19300 struct sk_buff *msg;
19302 struct cfg80211_beacon_registration *reg;
19304 trace_cfg80211_report_obss_beacon(wiphy, frame, len, freq, sig_dbm);
19306 spin_lock_bh(&rdev->beacon_registrations_lock);
19307 list_for_each_entry(reg, &rdev->beacon_registrations, list) {
19308 msg = nlmsg_new(len + 100, GFP_ATOMIC);
19310 spin_unlock_bh(&rdev->beacon_registrations_lock);
19314 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FRAME);
19316 goto nla_put_failure;
19318 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
19320 (nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ,
19321 KHZ_TO_MHZ(freq)) ||
19322 nla_put_u32(msg, NL80211_ATTR_WIPHY_FREQ_OFFSET,
19325 nla_put_u32(msg, NL80211_ATTR_RX_SIGNAL_DBM, sig_dbm)) ||
19326 nla_put(msg, NL80211_ATTR_FRAME, len, frame))
19327 goto nla_put_failure;
19329 genlmsg_end(msg, hdr);
19331 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, reg->nlportid);
19333 spin_unlock_bh(&rdev->beacon_registrations_lock);
19337 spin_unlock_bh(&rdev->beacon_registrations_lock);
19340 EXPORT_SYMBOL(cfg80211_report_obss_beacon_khz);
19343 static int cfg80211_net_detect_results(struct sk_buff *msg,
19344 struct cfg80211_wowlan_wakeup *wakeup)
19346 struct cfg80211_wowlan_nd_info *nd = wakeup->net_detect;
19347 struct nlattr *nl_results, *nl_match, *nl_freqs;
19350 nl_results = nla_nest_start_noflag(msg,
19351 NL80211_WOWLAN_TRIG_NET_DETECT_RESULTS);
19355 for (i = 0; i < nd->n_matches; i++) {
19356 struct cfg80211_wowlan_nd_match *match = nd->matches[i];
19358 nl_match = nla_nest_start_noflag(msg, i);
19362 /* The SSID attribute is optional in nl80211, but for
19363 * simplicity reasons it's always present in the
19364 * cfg80211 structure. If a driver can't pass the
19365 * SSID, that needs to be changed. A zero length SSID
19366 * is still a valid SSID (wildcard), so it cannot be
19367 * used for this purpose.
19369 if (nla_put(msg, NL80211_ATTR_SSID, match->ssid.ssid_len,
19370 match->ssid.ssid)) {
19371 nla_nest_cancel(msg, nl_match);
19375 if (match->n_channels) {
19376 nl_freqs = nla_nest_start_noflag(msg,
19377 NL80211_ATTR_SCAN_FREQUENCIES);
19379 nla_nest_cancel(msg, nl_match);
19383 for (j = 0; j < match->n_channels; j++) {
19384 if (nla_put_u32(msg, j, match->channels[j])) {
19385 nla_nest_cancel(msg, nl_freqs);
19386 nla_nest_cancel(msg, nl_match);
19391 nla_nest_end(msg, nl_freqs);
19394 nla_nest_end(msg, nl_match);
19398 nla_nest_end(msg, nl_results);
19402 void cfg80211_report_wowlan_wakeup(struct wireless_dev *wdev,
19403 struct cfg80211_wowlan_wakeup *wakeup,
19406 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
19407 struct sk_buff *msg;
19411 trace_cfg80211_report_wowlan_wakeup(wdev->wiphy, wdev, wakeup);
19414 size += wakeup->packet_present_len;
19416 msg = nlmsg_new(size, gfp);
19420 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_SET_WOWLAN);
19424 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
19425 nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
19429 if (wdev->netdev && nla_put_u32(msg, NL80211_ATTR_IFINDEX,
19430 wdev->netdev->ifindex))
19434 struct nlattr *reasons;
19436 reasons = nla_nest_start_noflag(msg,
19437 NL80211_ATTR_WOWLAN_TRIGGERS);
19441 if (wakeup->disconnect &&
19442 nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT))
19444 if (wakeup->magic_pkt &&
19445 nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT))
19447 if (wakeup->gtk_rekey_failure &&
19448 nla_put_flag(msg, NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE))
19450 if (wakeup->eap_identity_req &&
19451 nla_put_flag(msg, NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST))
19453 if (wakeup->four_way_handshake &&
19454 nla_put_flag(msg, NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE))
19456 if (wakeup->rfkill_release &&
19457 nla_put_flag(msg, NL80211_WOWLAN_TRIG_RFKILL_RELEASE))
19460 if (wakeup->pattern_idx >= 0 &&
19461 nla_put_u32(msg, NL80211_WOWLAN_TRIG_PKT_PATTERN,
19462 wakeup->pattern_idx))
19465 if (wakeup->tcp_match &&
19466 nla_put_flag(msg, NL80211_WOWLAN_TRIG_WAKEUP_TCP_MATCH))
19469 if (wakeup->tcp_connlost &&
19470 nla_put_flag(msg, NL80211_WOWLAN_TRIG_WAKEUP_TCP_CONNLOST))
19473 if (wakeup->tcp_nomoretokens &&
19475 NL80211_WOWLAN_TRIG_WAKEUP_TCP_NOMORETOKENS))
19478 if (wakeup->packet) {
19479 u32 pkt_attr = NL80211_WOWLAN_TRIG_WAKEUP_PKT_80211;
19480 u32 len_attr = NL80211_WOWLAN_TRIG_WAKEUP_PKT_80211_LEN;
19482 if (!wakeup->packet_80211) {
19484 NL80211_WOWLAN_TRIG_WAKEUP_PKT_8023;
19486 NL80211_WOWLAN_TRIG_WAKEUP_PKT_8023_LEN;
19489 if (wakeup->packet_len &&
19490 nla_put_u32(msg, len_attr, wakeup->packet_len))
19493 if (nla_put(msg, pkt_attr, wakeup->packet_present_len,
19498 if (wakeup->net_detect &&
19499 cfg80211_net_detect_results(msg, wakeup))
19502 nla_nest_end(msg, reasons);
19505 genlmsg_end(msg, hdr);
19507 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
19508 NL80211_MCGRP_MLME, gfp);
19514 EXPORT_SYMBOL(cfg80211_report_wowlan_wakeup);
19517 void cfg80211_tdls_oper_request(struct net_device *dev, const u8 *peer,
19518 enum nl80211_tdls_operation oper,
19519 u16 reason_code, gfp_t gfp)
19521 struct wireless_dev *wdev = dev->ieee80211_ptr;
19522 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
19523 struct sk_buff *msg;
19526 trace_cfg80211_tdls_oper_request(wdev->wiphy, dev, peer, oper,
19529 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
19533 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_TDLS_OPER);
19539 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
19540 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
19541 nla_put_u8(msg, NL80211_ATTR_TDLS_OPERATION, oper) ||
19542 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, peer) ||
19543 (reason_code > 0 &&
19544 nla_put_u16(msg, NL80211_ATTR_REASON_CODE, reason_code)))
19545 goto nla_put_failure;
19547 genlmsg_end(msg, hdr);
19549 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
19550 NL80211_MCGRP_MLME, gfp);
19556 EXPORT_SYMBOL(cfg80211_tdls_oper_request);
19558 static int nl80211_netlink_notify(struct notifier_block * nb,
19559 unsigned long state,
19562 struct netlink_notify *notify = _notify;
19563 struct cfg80211_registered_device *rdev;
19564 struct wireless_dev *wdev;
19565 struct cfg80211_beacon_registration *reg, *tmp;
19567 if (state != NETLINK_URELEASE || notify->protocol != NETLINK_GENERIC)
19568 return NOTIFY_DONE;
19572 list_for_each_entry_rcu(rdev, &cfg80211_rdev_list, list) {
19573 struct cfg80211_sched_scan_request *sched_scan_req;
19575 list_for_each_entry_rcu(sched_scan_req,
19576 &rdev->sched_scan_req_list,
19578 if (sched_scan_req->owner_nlportid == notify->portid) {
19579 sched_scan_req->nl_owner_dead = true;
19580 schedule_work(&rdev->sched_scan_stop_wk);
19584 list_for_each_entry_rcu(wdev, &rdev->wiphy.wdev_list, list) {
19585 cfg80211_mlme_unregister_socket(wdev, notify->portid);
19587 if (wdev->owner_nlportid == notify->portid) {
19588 wdev->nl_owner_dead = true;
19589 schedule_work(&rdev->destroy_work);
19590 } else if (wdev->conn_owner_nlportid == notify->portid) {
19591 schedule_work(&wdev->disconnect_wk);
19594 cfg80211_release_pmsr(wdev, notify->portid);
19597 spin_lock_bh(&rdev->beacon_registrations_lock);
19598 list_for_each_entry_safe(reg, tmp, &rdev->beacon_registrations,
19600 if (reg->nlportid == notify->portid) {
19601 list_del(®->list);
19606 spin_unlock_bh(&rdev->beacon_registrations_lock);
19612 * It is possible that the user space process that is controlling the
19613 * indoor setting disappeared, so notify the regulatory core.
19615 regulatory_netlink_notify(notify->portid);
19619 static struct notifier_block nl80211_netlink_notifier = {
19620 .notifier_call = nl80211_netlink_notify,
19623 void cfg80211_ft_event(struct net_device *netdev,
19624 struct cfg80211_ft_event_params *ft_event)
19626 struct wiphy *wiphy = netdev->ieee80211_ptr->wiphy;
19627 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
19628 struct sk_buff *msg;
19631 trace_cfg80211_ft_event(wiphy, netdev, ft_event);
19633 if (!ft_event->target_ap)
19636 msg = nlmsg_new(100 + ft_event->ies_len + ft_event->ric_ies_len,
19641 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_FT_EVENT);
19645 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
19646 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
19647 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, ft_event->target_ap))
19650 if (ft_event->ies &&
19651 nla_put(msg, NL80211_ATTR_IE, ft_event->ies_len, ft_event->ies))
19653 if (ft_event->ric_ies &&
19654 nla_put(msg, NL80211_ATTR_IE_RIC, ft_event->ric_ies_len,
19655 ft_event->ric_ies))
19658 genlmsg_end(msg, hdr);
19660 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
19661 NL80211_MCGRP_MLME, GFP_KERNEL);
19666 EXPORT_SYMBOL(cfg80211_ft_event);
19668 void cfg80211_crit_proto_stopped(struct wireless_dev *wdev, gfp_t gfp)
19670 struct cfg80211_registered_device *rdev;
19671 struct sk_buff *msg;
19675 rdev = wiphy_to_rdev(wdev->wiphy);
19676 if (!rdev->crit_proto_nlportid)
19679 nlportid = rdev->crit_proto_nlportid;
19680 rdev->crit_proto_nlportid = 0;
19682 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
19686 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_CRIT_PROTOCOL_STOP);
19688 goto nla_put_failure;
19690 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
19691 nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
19693 goto nla_put_failure;
19695 genlmsg_end(msg, hdr);
19697 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg, nlportid);
19703 EXPORT_SYMBOL(cfg80211_crit_proto_stopped);
19705 void nl80211_send_ap_stopped(struct wireless_dev *wdev)
19707 struct wiphy *wiphy = wdev->wiphy;
19708 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
19709 struct sk_buff *msg;
19712 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
19716 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_STOP_AP);
19720 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
19721 nla_put_u32(msg, NL80211_ATTR_IFINDEX, wdev->netdev->ifindex) ||
19722 nla_put_u64_64bit(msg, NL80211_ATTR_WDEV, wdev_id(wdev),
19726 genlmsg_end(msg, hdr);
19728 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(wiphy), msg, 0,
19729 NL80211_MCGRP_MLME, GFP_KERNEL);
19735 int cfg80211_external_auth_request(struct net_device *dev,
19736 struct cfg80211_external_auth_params *params,
19739 struct wireless_dev *wdev = dev->ieee80211_ptr;
19740 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
19741 struct sk_buff *msg;
19744 if (!wdev->conn_owner_nlportid)
19747 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
19751 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_EXTERNAL_AUTH);
19753 goto nla_put_failure;
19755 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
19756 nla_put_u32(msg, NL80211_ATTR_IFINDEX, dev->ifindex) ||
19757 nla_put_u32(msg, NL80211_ATTR_AKM_SUITES, params->key_mgmt_suite) ||
19758 nla_put_u32(msg, NL80211_ATTR_EXTERNAL_AUTH_ACTION,
19760 nla_put(msg, NL80211_ATTR_BSSID, ETH_ALEN, params->bssid) ||
19761 nla_put(msg, NL80211_ATTR_SSID, params->ssid.ssid_len,
19762 params->ssid.ssid))
19763 goto nla_put_failure;
19765 genlmsg_end(msg, hdr);
19766 genlmsg_unicast(wiphy_net(&rdev->wiphy), msg,
19767 wdev->conn_owner_nlportid);
19774 EXPORT_SYMBOL(cfg80211_external_auth_request);
19776 void cfg80211_update_owe_info_event(struct net_device *netdev,
19777 struct cfg80211_update_owe_info *owe_info,
19780 struct wiphy *wiphy = netdev->ieee80211_ptr->wiphy;
19781 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
19782 struct sk_buff *msg;
19785 trace_cfg80211_update_owe_info_event(wiphy, netdev, owe_info);
19787 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, gfp);
19791 hdr = nl80211hdr_put(msg, 0, 0, 0, NL80211_CMD_UPDATE_OWE_INFO);
19793 goto nla_put_failure;
19795 if (nla_put_u32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx) ||
19796 nla_put_u32(msg, NL80211_ATTR_IFINDEX, netdev->ifindex) ||
19797 nla_put(msg, NL80211_ATTR_MAC, ETH_ALEN, owe_info->peer))
19798 goto nla_put_failure;
19800 if (!owe_info->ie_len ||
19801 nla_put(msg, NL80211_ATTR_IE, owe_info->ie_len, owe_info->ie))
19802 goto nla_put_failure;
19804 genlmsg_end(msg, hdr);
19806 genlmsg_multicast_netns(&nl80211_fam, wiphy_net(&rdev->wiphy), msg, 0,
19807 NL80211_MCGRP_MLME, gfp);
19811 genlmsg_cancel(msg, hdr);
19814 EXPORT_SYMBOL(cfg80211_update_owe_info_event);
19816 /* initialisation/exit functions */
19818 int __init nl80211_init(void)
19822 err = genl_register_family(&nl80211_fam);
19826 err = netlink_register_notifier(&nl80211_netlink_notifier);
19832 genl_unregister_family(&nl80211_fam);
19836 void nl80211_exit(void)
19838 netlink_unregister_notifier(&nl80211_netlink_notifier);
19839 genl_unregister_family(&nl80211_fam);
projects / releases.git / blob