1 // SPDX-License-Identifier: GPL-2.0
3 * cfg80211 MLME SAP interface
5 * Copyright (c) 2009, Jouni Malinen <j@w1.fi>
6 * Copyright (c) 2015 Intel Deutschland GmbH
7 * Copyright (C) 2019-2020, 2022 Intel Corporation
10 #include <linux/kernel.h>
11 #include <linux/module.h>
12 #include <linux/etherdevice.h>
13 #include <linux/netdevice.h>
14 #include <linux/nl80211.h>
15 #include <linux/slab.h>
16 #include <linux/wireless.h>
17 #include <net/cfg80211.h>
18 #include <net/iw_handler.h>
24 void cfg80211_rx_assoc_resp(struct net_device *dev,
25 struct cfg80211_rx_assoc_resp *data)
27 struct wireless_dev *wdev = dev->ieee80211_ptr;
28 struct wiphy *wiphy = wdev->wiphy;
29 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
30 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)data->buf;
31 struct cfg80211_connect_resp_params cr = {
32 .timeout_reason = NL80211_TIMEOUT_UNSPECIFIED,
33 .req_ie = data->req_ies,
34 .req_ie_len = data->req_ies_len,
35 .resp_ie = mgmt->u.assoc_resp.variable,
36 .resp_ie_len = data->len -
37 offsetof(struct ieee80211_mgmt,
38 u.assoc_resp.variable),
39 .status = le16_to_cpu(mgmt->u.assoc_resp.status_code),
40 .ap_mld_addr = data->ap_mld_addr,
44 for (link_id = 0; link_id < ARRAY_SIZE(data->links); link_id++) {
45 cr.links[link_id].status = data->links[link_id].status;
46 WARN_ON_ONCE(cr.links[link_id].status != WLAN_STATUS_SUCCESS &&
47 (!cr.ap_mld_addr || !cr.links[link_id].bss));
49 cr.links[link_id].bss = data->links[link_id].bss;
50 if (!cr.links[link_id].bss)
52 cr.links[link_id].bssid = data->links[link_id].bss->bssid;
53 cr.links[link_id].addr = data->links[link_id].addr;
54 /* need to have local link addresses for MLO connections */
55 WARN_ON(cr.ap_mld_addr && !cr.links[link_id].addr);
57 BUG_ON(!cr.links[link_id].bss->channel);
59 if (cr.links[link_id].bss->channel->band == NL80211_BAND_S1GHZ) {
61 cr.resp_ie = (u8 *)&mgmt->u.s1g_assoc_resp.variable;
62 cr.resp_ie_len = data->len -
63 offsetof(struct ieee80211_mgmt,
64 u.s1g_assoc_resp.variable);
68 cr.valid_links |= BIT(link_id);
71 trace_cfg80211_send_rx_assoc(dev, data);
74 * This is a bit of a hack, we don't notify userspace of
75 * a (re-)association reply if we tried to send a reassoc
76 * and got a reject -- we only try again with an assoc
77 * frame instead of reassoc.
79 if (cfg80211_sme_rx_assoc_resp(wdev, cr.status)) {
80 for (link_id = 0; link_id < ARRAY_SIZE(data->links); link_id++) {
81 struct cfg80211_bss *bss = data->links[link_id].bss;
86 cfg80211_unhold_bss(bss_from_pub(bss));
87 cfg80211_put_bss(wiphy, bss);
92 nl80211_send_rx_assoc(rdev, dev, data);
93 /* update current_bss etc., consumes the bss reference */
94 __cfg80211_connect_result(dev, &cr, cr.status == WLAN_STATUS_SUCCESS);
96 EXPORT_SYMBOL(cfg80211_rx_assoc_resp);
98 static void cfg80211_process_auth(struct wireless_dev *wdev,
99 const u8 *buf, size_t len)
101 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
103 nl80211_send_rx_auth(rdev, wdev->netdev, buf, len, GFP_KERNEL);
104 cfg80211_sme_rx_auth(wdev, buf, len);
107 static void cfg80211_process_deauth(struct wireless_dev *wdev,
108 const u8 *buf, size_t len,
111 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
112 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf;
113 const u8 *bssid = mgmt->bssid;
114 u16 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code);
115 bool from_ap = !ether_addr_equal(mgmt->sa, wdev->netdev->dev_addr);
117 nl80211_send_deauth(rdev, wdev->netdev, buf, len, reconnect, GFP_KERNEL);
119 if (!wdev->connected || !ether_addr_equal(wdev->u.client.connected_addr, bssid))
122 __cfg80211_disconnected(wdev->netdev, NULL, 0, reason_code, from_ap);
123 cfg80211_sme_deauth(wdev);
126 static void cfg80211_process_disassoc(struct wireless_dev *wdev,
127 const u8 *buf, size_t len,
130 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
131 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf;
132 const u8 *bssid = mgmt->bssid;
133 u16 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code);
134 bool from_ap = !ether_addr_equal(mgmt->sa, wdev->netdev->dev_addr);
136 nl80211_send_disassoc(rdev, wdev->netdev, buf, len, reconnect,
139 if (WARN_ON(!wdev->connected ||
140 !ether_addr_equal(wdev->u.client.connected_addr, bssid)))
143 __cfg80211_disconnected(wdev->netdev, NULL, 0, reason_code, from_ap);
144 cfg80211_sme_disassoc(wdev);
147 void cfg80211_rx_mlme_mgmt(struct net_device *dev, const u8 *buf, size_t len)
149 struct wireless_dev *wdev = dev->ieee80211_ptr;
150 struct ieee80211_mgmt *mgmt = (void *)buf;
152 ASSERT_WDEV_LOCK(wdev);
154 trace_cfg80211_rx_mlme_mgmt(dev, buf, len);
156 if (WARN_ON(len < 2))
159 if (ieee80211_is_auth(mgmt->frame_control))
160 cfg80211_process_auth(wdev, buf, len);
161 else if (ieee80211_is_deauth(mgmt->frame_control))
162 cfg80211_process_deauth(wdev, buf, len, false);
163 else if (ieee80211_is_disassoc(mgmt->frame_control))
164 cfg80211_process_disassoc(wdev, buf, len, false);
166 EXPORT_SYMBOL(cfg80211_rx_mlme_mgmt);
168 void cfg80211_auth_timeout(struct net_device *dev, const u8 *addr)
170 struct wireless_dev *wdev = dev->ieee80211_ptr;
171 struct wiphy *wiphy = wdev->wiphy;
172 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
174 trace_cfg80211_send_auth_timeout(dev, addr);
176 nl80211_send_auth_timeout(rdev, dev, addr, GFP_KERNEL);
177 cfg80211_sme_auth_timeout(wdev);
179 EXPORT_SYMBOL(cfg80211_auth_timeout);
181 void cfg80211_assoc_failure(struct net_device *dev,
182 struct cfg80211_assoc_failure *data)
184 struct wireless_dev *wdev = dev->ieee80211_ptr;
185 struct wiphy *wiphy = wdev->wiphy;
186 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
187 const u8 *addr = data->ap_mld_addr ?: data->bss[0]->bssid;
190 trace_cfg80211_send_assoc_failure(dev, data);
193 nl80211_send_assoc_timeout(rdev, dev, addr, GFP_KERNEL);
194 cfg80211_sme_assoc_timeout(wdev);
196 cfg80211_sme_abandon_assoc(wdev);
199 for (i = 0; i < ARRAY_SIZE(data->bss); i++) {
200 struct cfg80211_bss *bss = data->bss[i];
205 cfg80211_unhold_bss(bss_from_pub(bss));
206 cfg80211_put_bss(wiphy, bss);
209 EXPORT_SYMBOL(cfg80211_assoc_failure);
211 void cfg80211_tx_mlme_mgmt(struct net_device *dev, const u8 *buf, size_t len,
214 struct wireless_dev *wdev = dev->ieee80211_ptr;
215 struct ieee80211_mgmt *mgmt = (void *)buf;
217 ASSERT_WDEV_LOCK(wdev);
219 trace_cfg80211_tx_mlme_mgmt(dev, buf, len, reconnect);
221 if (WARN_ON(len < 2))
224 if (ieee80211_is_deauth(mgmt->frame_control))
225 cfg80211_process_deauth(wdev, buf, len, reconnect);
227 cfg80211_process_disassoc(wdev, buf, len, reconnect);
229 EXPORT_SYMBOL(cfg80211_tx_mlme_mgmt);
231 void cfg80211_michael_mic_failure(struct net_device *dev, const u8 *addr,
232 enum nl80211_key_type key_type, int key_id,
233 const u8 *tsc, gfp_t gfp)
235 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy;
236 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
237 #ifdef CONFIG_CFG80211_WEXT
238 union iwreq_data wrqu;
239 char *buf = kmalloc(128, gfp);
242 sprintf(buf, "MLME-MICHAELMICFAILURE.indication("
243 "keyid=%d %scast addr=%pM)", key_id,
244 key_type == NL80211_KEYTYPE_GROUP ? "broad" : "uni",
246 memset(&wrqu, 0, sizeof(wrqu));
247 wrqu.data.length = strlen(buf);
248 wireless_send_event(dev, IWEVCUSTOM, &wrqu, buf);
253 trace_cfg80211_michael_mic_failure(dev, addr, key_type, key_id, tsc);
254 nl80211_michael_mic_failure(rdev, dev, addr, key_type, key_id, tsc, gfp);
256 EXPORT_SYMBOL(cfg80211_michael_mic_failure);
258 /* some MLME handling for userspace SME */
259 int cfg80211_mlme_auth(struct cfg80211_registered_device *rdev,
260 struct net_device *dev,
261 struct cfg80211_auth_request *req)
263 struct wireless_dev *wdev = dev->ieee80211_ptr;
265 ASSERT_WDEV_LOCK(wdev);
270 if (req->link_id >= 0 &&
271 !(wdev->wiphy->flags & WIPHY_FLAG_SUPPORTS_MLO))
274 if (req->auth_type == NL80211_AUTHTYPE_SHARED_KEY) {
275 if (!req->key || !req->key_len ||
276 req->key_idx < 0 || req->key_idx > 3)
280 if (wdev->connected &&
281 ether_addr_equal(req->bss->bssid, wdev->u.client.connected_addr))
284 if (ether_addr_equal(req->bss->bssid, dev->dev_addr) ||
285 (req->link_id >= 0 &&
286 ether_addr_equal(req->ap_mld_addr, dev->dev_addr)))
289 return rdev_auth(rdev, dev, req);
292 /* Do a logical ht_capa &= ht_capa_mask. */
293 void cfg80211_oper_and_ht_capa(struct ieee80211_ht_cap *ht_capa,
294 const struct ieee80211_ht_cap *ht_capa_mask)
299 memset(ht_capa, 0, sizeof(*ht_capa));
304 p2 = (u8*)(ht_capa_mask);
305 for (i = 0; i < sizeof(*ht_capa); i++)
309 /* Do a logical vht_capa &= vht_capa_mask. */
310 void cfg80211_oper_and_vht_capa(struct ieee80211_vht_cap *vht_capa,
311 const struct ieee80211_vht_cap *vht_capa_mask)
315 if (!vht_capa_mask) {
316 memset(vht_capa, 0, sizeof(*vht_capa));
320 p1 = (u8*)(vht_capa);
321 p2 = (u8*)(vht_capa_mask);
322 for (i = 0; i < sizeof(*vht_capa); i++)
326 /* Note: caller must cfg80211_put_bss() regardless of result */
327 int cfg80211_mlme_assoc(struct cfg80211_registered_device *rdev,
328 struct net_device *dev,
329 struct cfg80211_assoc_request *req)
331 struct wireless_dev *wdev = dev->ieee80211_ptr;
334 ASSERT_WDEV_LOCK(wdev);
336 for (i = 1; i < ARRAY_SIZE(req->links); i++) {
337 if (!req->links[i].bss)
339 for (j = 0; j < i; j++) {
340 if (req->links[i].bss == req->links[j].bss)
344 if (ether_addr_equal(req->links[i].bss->bssid, dev->dev_addr))
348 if (wdev->connected &&
350 !ether_addr_equal(wdev->u.client.connected_addr, req->prev_bssid)))
353 if ((req->bss && ether_addr_equal(req->bss->bssid, dev->dev_addr)) ||
354 (req->link_id >= 0 &&
355 ether_addr_equal(req->ap_mld_addr, dev->dev_addr)))
358 cfg80211_oper_and_ht_capa(&req->ht_capa_mask,
359 rdev->wiphy.ht_capa_mod_mask);
360 cfg80211_oper_and_vht_capa(&req->vht_capa_mask,
361 rdev->wiphy.vht_capa_mod_mask);
363 err = rdev_assoc(rdev, dev, req);
368 cfg80211_ref_bss(&rdev->wiphy, req->bss);
369 cfg80211_hold_bss(bss_from_pub(req->bss));
372 for (link_id = 0; link_id < ARRAY_SIZE(req->links); link_id++) {
373 if (!req->links[link_id].bss)
375 cfg80211_ref_bss(&rdev->wiphy, req->links[link_id].bss);
376 cfg80211_hold_bss(bss_from_pub(req->links[link_id].bss));
382 int cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev,
383 struct net_device *dev, const u8 *bssid,
384 const u8 *ie, int ie_len, u16 reason,
385 bool local_state_change)
387 struct wireless_dev *wdev = dev->ieee80211_ptr;
388 struct cfg80211_deauth_request req = {
390 .reason_code = reason,
393 .local_state_change = local_state_change,
396 ASSERT_WDEV_LOCK(wdev);
398 if (local_state_change &&
400 !ether_addr_equal(wdev->u.client.connected_addr, bssid)))
403 if (ether_addr_equal(wdev->disconnect_bssid, bssid) ||
405 ether_addr_equal(wdev->u.client.connected_addr, bssid)))
406 wdev->conn_owner_nlportid = 0;
408 return rdev_deauth(rdev, dev, &req);
411 int cfg80211_mlme_disassoc(struct cfg80211_registered_device *rdev,
412 struct net_device *dev, const u8 *ap_addr,
413 const u8 *ie, int ie_len, u16 reason,
414 bool local_state_change)
416 struct wireless_dev *wdev = dev->ieee80211_ptr;
417 struct cfg80211_disassoc_request req = {
418 .reason_code = reason,
419 .local_state_change = local_state_change,
426 ASSERT_WDEV_LOCK(wdev);
428 if (!wdev->connected)
431 if (memcmp(wdev->u.client.connected_addr, ap_addr, ETH_ALEN))
434 err = rdev_disassoc(rdev, dev, &req);
438 /* driver should have reported the disassoc */
439 WARN_ON(wdev->connected);
443 void cfg80211_mlme_down(struct cfg80211_registered_device *rdev,
444 struct net_device *dev)
446 struct wireless_dev *wdev = dev->ieee80211_ptr;
449 ASSERT_WDEV_LOCK(wdev);
451 if (!rdev->ops->deauth)
454 if (!wdev->connected)
457 memcpy(bssid, wdev->u.client.connected_addr, ETH_ALEN);
458 cfg80211_mlme_deauth(rdev, dev, bssid, NULL, 0,
459 WLAN_REASON_DEAUTH_LEAVING, false);
462 struct cfg80211_mgmt_registration {
463 struct list_head list;
464 struct wireless_dev *wdev;
477 static void cfg80211_mgmt_registrations_update(struct wireless_dev *wdev)
479 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
480 struct wireless_dev *tmp;
481 struct cfg80211_mgmt_registration *reg;
482 struct mgmt_frame_regs upd = {};
484 lockdep_assert_held(&rdev->wiphy.mtx);
486 spin_lock_bh(&rdev->mgmt_registrations_lock);
487 if (!wdev->mgmt_registrations_need_update) {
488 spin_unlock_bh(&rdev->mgmt_registrations_lock);
493 list_for_each_entry_rcu(tmp, &rdev->wiphy.wdev_list, list) {
494 list_for_each_entry(reg, &tmp->mgmt_registrations, list) {
495 u32 mask = BIT(le16_to_cpu(reg->frame_type) >> 4);
498 if (reg->multicast_rx)
501 upd.global_stypes |= mask;
502 upd.global_mcast_stypes |= mcast_mask;
505 upd.interface_stypes |= mask;
506 upd.interface_mcast_stypes |= mcast_mask;
512 wdev->mgmt_registrations_need_update = 0;
513 spin_unlock_bh(&rdev->mgmt_registrations_lock);
515 rdev_update_mgmt_frame_registrations(rdev, wdev, &upd);
518 void cfg80211_mgmt_registrations_update_wk(struct work_struct *wk)
520 struct cfg80211_registered_device *rdev;
521 struct wireless_dev *wdev;
523 rdev = container_of(wk, struct cfg80211_registered_device,
524 mgmt_registrations_update_wk);
526 wiphy_lock(&rdev->wiphy);
527 list_for_each_entry(wdev, &rdev->wiphy.wdev_list, list)
528 cfg80211_mgmt_registrations_update(wdev);
529 wiphy_unlock(&rdev->wiphy);
532 int cfg80211_mlme_register_mgmt(struct wireless_dev *wdev, u32 snd_portid,
533 u16 frame_type, const u8 *match_data,
534 int match_len, bool multicast_rx,
535 struct netlink_ext_ack *extack)
537 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
538 struct cfg80211_mgmt_registration *reg, *nreg;
541 bool update_multicast = false;
543 if (!wdev->wiphy->mgmt_stypes)
546 if ((frame_type & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT) {
547 NL_SET_ERR_MSG(extack, "frame type not management");
551 if (frame_type & ~(IEEE80211_FCTL_FTYPE | IEEE80211_FCTL_STYPE)) {
552 NL_SET_ERR_MSG(extack, "Invalid frame type");
556 mgmt_type = (frame_type & IEEE80211_FCTL_STYPE) >> 4;
557 if (!(wdev->wiphy->mgmt_stypes[wdev->iftype].rx & BIT(mgmt_type))) {
558 NL_SET_ERR_MSG(extack,
559 "Registration to specific type not supported");
564 * To support Pre Association Security Negotiation (PASN), registration
565 * for authentication frames should be supported. However, as some
566 * versions of the user space daemons wrongly register to all types of
567 * authentication frames (which might result in unexpected behavior)
568 * allow such registration if the request is for a specific
569 * authentication algorithm number.
571 if (wdev->iftype == NL80211_IFTYPE_STATION &&
572 (frame_type & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_AUTH &&
573 !(match_data && match_len >= 2)) {
574 NL_SET_ERR_MSG(extack,
575 "Authentication algorithm number required");
579 nreg = kzalloc(sizeof(*reg) + match_len, GFP_KERNEL);
583 spin_lock_bh(&rdev->mgmt_registrations_lock);
585 list_for_each_entry(reg, &wdev->mgmt_registrations, list) {
586 int mlen = min(match_len, reg->match_len);
588 if (frame_type != le16_to_cpu(reg->frame_type))
591 if (memcmp(reg->match, match_data, mlen) == 0) {
592 if (reg->multicast_rx != multicast_rx) {
593 update_multicast = true;
594 reg->multicast_rx = multicast_rx;
597 NL_SET_ERR_MSG(extack, "Match already configured");
606 if (update_multicast) {
609 memcpy(nreg->match, match_data, match_len);
610 nreg->match_len = match_len;
611 nreg->nlportid = snd_portid;
612 nreg->frame_type = cpu_to_le16(frame_type);
614 nreg->multicast_rx = multicast_rx;
615 list_add(&nreg->list, &wdev->mgmt_registrations);
617 wdev->mgmt_registrations_need_update = 1;
618 spin_unlock_bh(&rdev->mgmt_registrations_lock);
620 cfg80211_mgmt_registrations_update(wdev);
626 spin_unlock_bh(&rdev->mgmt_registrations_lock);
631 void cfg80211_mlme_unregister_socket(struct wireless_dev *wdev, u32 nlportid)
633 struct wiphy *wiphy = wdev->wiphy;
634 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
635 struct cfg80211_mgmt_registration *reg, *tmp;
637 spin_lock_bh(&rdev->mgmt_registrations_lock);
639 list_for_each_entry_safe(reg, tmp, &wdev->mgmt_registrations, list) {
640 if (reg->nlportid != nlportid)
643 list_del(®->list);
646 wdev->mgmt_registrations_need_update = 1;
647 schedule_work(&rdev->mgmt_registrations_update_wk);
650 spin_unlock_bh(&rdev->mgmt_registrations_lock);
652 if (nlportid && rdev->crit_proto_nlportid == nlportid) {
653 rdev->crit_proto_nlportid = 0;
654 rdev_crit_proto_stop(rdev, wdev);
657 if (nlportid == wdev->ap_unexpected_nlportid)
658 wdev->ap_unexpected_nlportid = 0;
661 void cfg80211_mlme_purge_registrations(struct wireless_dev *wdev)
663 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
664 struct cfg80211_mgmt_registration *reg, *tmp;
666 spin_lock_bh(&rdev->mgmt_registrations_lock);
667 list_for_each_entry_safe(reg, tmp, &wdev->mgmt_registrations, list) {
668 list_del(®->list);
671 wdev->mgmt_registrations_need_update = 1;
672 spin_unlock_bh(&rdev->mgmt_registrations_lock);
674 cfg80211_mgmt_registrations_update(wdev);
677 static bool cfg80211_allowed_address(struct wireless_dev *wdev, const u8 *addr)
681 for_each_valid_link(wdev, i) {
682 if (ether_addr_equal(addr, wdev->links[i].addr))
686 return ether_addr_equal(addr, wdev_address(wdev));
689 static bool cfg80211_allowed_random_address(struct wireless_dev *wdev,
690 const struct ieee80211_mgmt *mgmt)
692 if (ieee80211_is_auth(mgmt->frame_control) ||
693 ieee80211_is_deauth(mgmt->frame_control)) {
694 /* Allow random TA to be used with authentication and
695 * deauthentication frames if the driver has indicated support.
697 if (wiphy_ext_feature_isset(
699 NL80211_EXT_FEATURE_AUTH_AND_DEAUTH_RANDOM_TA))
701 } else if (ieee80211_is_action(mgmt->frame_control) &&
702 mgmt->u.action.category == WLAN_CATEGORY_PUBLIC) {
703 /* Allow random TA to be used with Public Action frames if the
704 * driver has indicated support.
706 if (!wdev->connected &&
707 wiphy_ext_feature_isset(
709 NL80211_EXT_FEATURE_MGMT_TX_RANDOM_TA))
712 if (wdev->connected &&
713 wiphy_ext_feature_isset(
715 NL80211_EXT_FEATURE_MGMT_TX_RANDOM_TA_CONNECTED))
722 int cfg80211_mlme_mgmt_tx(struct cfg80211_registered_device *rdev,
723 struct wireless_dev *wdev,
724 struct cfg80211_mgmt_tx_params *params, u64 *cookie)
726 const struct ieee80211_mgmt *mgmt;
729 if (!wdev->wiphy->mgmt_stypes)
732 if (!rdev->ops->mgmt_tx)
735 if (params->len < 24 + 1)
738 mgmt = (const struct ieee80211_mgmt *)params->buf;
740 if (!ieee80211_is_mgmt(mgmt->frame_control))
743 stype = le16_to_cpu(mgmt->frame_control) & IEEE80211_FCTL_STYPE;
744 if (!(wdev->wiphy->mgmt_stypes[wdev->iftype].tx & BIT(stype >> 4)))
747 if (ieee80211_is_action(mgmt->frame_control) &&
748 mgmt->u.action.category != WLAN_CATEGORY_PUBLIC) {
753 switch (wdev->iftype) {
754 case NL80211_IFTYPE_ADHOC:
756 * check for IBSS DA must be done by driver as
757 * cfg80211 doesn't track the stations
759 if (!wdev->u.ibss.current_bss ||
760 !ether_addr_equal(wdev->u.ibss.current_bss->pub.bssid,
766 case NL80211_IFTYPE_STATION:
767 case NL80211_IFTYPE_P2P_CLIENT:
768 if (!wdev->connected) {
773 /* FIXME: MLD may address this differently */
775 if (!ether_addr_equal(wdev->u.client.connected_addr,
781 /* for station, check that DA is the AP */
782 if (!ether_addr_equal(wdev->u.client.connected_addr,
788 case NL80211_IFTYPE_AP:
789 case NL80211_IFTYPE_P2P_GO:
790 case NL80211_IFTYPE_AP_VLAN:
791 if (!ether_addr_equal(mgmt->bssid, wdev_address(wdev)) &&
792 (params->link_id < 0 ||
793 !ether_addr_equal(mgmt->bssid,
794 wdev->links[params->link_id].addr)))
797 case NL80211_IFTYPE_MESH_POINT:
798 if (!ether_addr_equal(mgmt->sa, mgmt->bssid)) {
803 * check for mesh DA must be done by driver as
804 * cfg80211 doesn't track the stations
807 case NL80211_IFTYPE_P2P_DEVICE:
809 * fall through, P2P device only supports
810 * public action frames
812 case NL80211_IFTYPE_NAN:
823 if (!cfg80211_allowed_address(wdev, mgmt->sa) &&
824 !cfg80211_allowed_random_address(wdev, mgmt))
827 /* Transmit the management frame as requested by user space */
828 return rdev_mgmt_tx(rdev, wdev, params, cookie);
831 bool cfg80211_rx_mgmt_ext(struct wireless_dev *wdev,
832 struct cfg80211_rx_info *info)
834 struct wiphy *wiphy = wdev->wiphy;
835 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
836 struct cfg80211_mgmt_registration *reg;
837 const struct ieee80211_txrx_stypes *stypes =
838 &wiphy->mgmt_stypes[wdev->iftype];
839 struct ieee80211_mgmt *mgmt = (void *)info->buf;
843 __le16 ftype = mgmt->frame_control &
844 cpu_to_le16(IEEE80211_FCTL_FTYPE | IEEE80211_FCTL_STYPE);
847 trace_cfg80211_rx_mgmt(wdev, info);
848 stype = (le16_to_cpu(mgmt->frame_control) & IEEE80211_FCTL_STYPE) >> 4;
850 if (!(stypes->rx & BIT(stype))) {
851 trace_cfg80211_return_bool(false);
855 data = info->buf + ieee80211_hdrlen(mgmt->frame_control);
856 data_len = info->len - ieee80211_hdrlen(mgmt->frame_control);
858 spin_lock_bh(&rdev->mgmt_registrations_lock);
860 list_for_each_entry(reg, &wdev->mgmt_registrations, list) {
861 if (reg->frame_type != ftype)
864 if (reg->match_len > data_len)
867 if (memcmp(reg->match, data, reg->match_len))
872 /* Indicate the received Action frame to user space */
873 if (nl80211_send_mgmt(rdev, wdev, reg->nlportid, info,
881 spin_unlock_bh(&rdev->mgmt_registrations_lock);
883 trace_cfg80211_return_bool(result);
886 EXPORT_SYMBOL(cfg80211_rx_mgmt_ext);
888 void cfg80211_sched_dfs_chan_update(struct cfg80211_registered_device *rdev)
890 cancel_delayed_work(&rdev->dfs_update_channels_wk);
891 queue_delayed_work(cfg80211_wq, &rdev->dfs_update_channels_wk, 0);
894 void cfg80211_dfs_channels_update_work(struct work_struct *work)
896 struct delayed_work *delayed_work = to_delayed_work(work);
897 struct cfg80211_registered_device *rdev;
898 struct cfg80211_chan_def chandef;
899 struct ieee80211_supported_band *sband;
900 struct ieee80211_channel *c;
902 bool check_again = false;
903 unsigned long timeout, next_time = 0;
904 unsigned long time_dfs_update;
905 enum nl80211_radar_event radar_event;
908 rdev = container_of(delayed_work, struct cfg80211_registered_device,
909 dfs_update_channels_wk);
910 wiphy = &rdev->wiphy;
913 for (bandid = 0; bandid < NUM_NL80211_BANDS; bandid++) {
914 sband = wiphy->bands[bandid];
918 for (i = 0; i < sband->n_channels; i++) {
919 c = &sband->channels[i];
921 if (!(c->flags & IEEE80211_CHAN_RADAR))
924 if (c->dfs_state != NL80211_DFS_UNAVAILABLE &&
925 c->dfs_state != NL80211_DFS_AVAILABLE)
928 if (c->dfs_state == NL80211_DFS_UNAVAILABLE) {
929 time_dfs_update = IEEE80211_DFS_MIN_NOP_TIME_MS;
930 radar_event = NL80211_RADAR_NOP_FINISHED;
932 if (regulatory_pre_cac_allowed(wiphy) ||
933 cfg80211_any_wiphy_oper_chan(wiphy, c))
936 time_dfs_update = REG_PRE_CAC_EXPIRY_GRACE_MS;
937 radar_event = NL80211_RADAR_PRE_CAC_EXPIRED;
940 timeout = c->dfs_state_entered +
941 msecs_to_jiffies(time_dfs_update);
943 if (time_after_eq(jiffies, timeout)) {
944 c->dfs_state = NL80211_DFS_USABLE;
945 c->dfs_state_entered = jiffies;
947 cfg80211_chandef_create(&chandef, c,
950 nl80211_radar_notify(rdev, &chandef,
954 regulatory_propagate_dfs_state(wiphy, &chandef,
961 next_time = timeout - jiffies;
963 next_time = min(next_time, timeout - jiffies);
969 /* reschedule if there are other channels waiting to be cleared again */
971 queue_delayed_work(cfg80211_wq, &rdev->dfs_update_channels_wk,
976 void __cfg80211_radar_event(struct wiphy *wiphy,
977 struct cfg80211_chan_def *chandef,
978 bool offchan, gfp_t gfp)
980 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
982 trace_cfg80211_radar_event(wiphy, chandef, offchan);
984 /* only set the chandef supplied channel to unavailable, in
985 * case the radar is detected on only one of multiple channels
986 * spanned by the chandef.
988 cfg80211_set_dfs_state(wiphy, chandef, NL80211_DFS_UNAVAILABLE);
991 queue_work(cfg80211_wq, &rdev->background_cac_abort_wk);
993 cfg80211_sched_dfs_chan_update(rdev);
995 nl80211_radar_notify(rdev, chandef, NL80211_RADAR_DETECTED, NULL, gfp);
997 memcpy(&rdev->radar_chandef, chandef, sizeof(struct cfg80211_chan_def));
998 queue_work(cfg80211_wq, &rdev->propagate_radar_detect_wk);
1000 EXPORT_SYMBOL(__cfg80211_radar_event);
1002 void cfg80211_cac_event(struct net_device *netdev,
1003 const struct cfg80211_chan_def *chandef,
1004 enum nl80211_radar_event event, gfp_t gfp)
1006 struct wireless_dev *wdev = netdev->ieee80211_ptr;
1007 struct wiphy *wiphy = wdev->wiphy;
1008 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
1009 unsigned long timeout;
1011 /* not yet supported */
1012 if (wdev->valid_links)
1015 trace_cfg80211_cac_event(netdev, event);
1017 if (WARN_ON(!wdev->cac_started && event != NL80211_RADAR_CAC_STARTED))
1021 case NL80211_RADAR_CAC_FINISHED:
1022 timeout = wdev->cac_start_time +
1023 msecs_to_jiffies(wdev->cac_time_ms);
1024 WARN_ON(!time_after_eq(jiffies, timeout));
1025 cfg80211_set_dfs_state(wiphy, chandef, NL80211_DFS_AVAILABLE);
1026 memcpy(&rdev->cac_done_chandef, chandef,
1027 sizeof(struct cfg80211_chan_def));
1028 queue_work(cfg80211_wq, &rdev->propagate_cac_done_wk);
1029 cfg80211_sched_dfs_chan_update(rdev);
1031 case NL80211_RADAR_CAC_ABORTED:
1032 wdev->cac_started = false;
1034 case NL80211_RADAR_CAC_STARTED:
1035 wdev->cac_started = true;
1042 nl80211_radar_notify(rdev, chandef, event, netdev, gfp);
1044 EXPORT_SYMBOL(cfg80211_cac_event);
1047 __cfg80211_background_cac_event(struct cfg80211_registered_device *rdev,
1048 struct wireless_dev *wdev,
1049 const struct cfg80211_chan_def *chandef,
1050 enum nl80211_radar_event event)
1052 struct wiphy *wiphy = &rdev->wiphy;
1053 struct net_device *netdev;
1055 lockdep_assert_wiphy(&rdev->wiphy);
1057 if (!cfg80211_chandef_valid(chandef))
1060 if (!rdev->background_radar_wdev)
1064 case NL80211_RADAR_CAC_FINISHED:
1065 cfg80211_set_dfs_state(wiphy, chandef, NL80211_DFS_AVAILABLE);
1066 memcpy(&rdev->cac_done_chandef, chandef, sizeof(*chandef));
1067 queue_work(cfg80211_wq, &rdev->propagate_cac_done_wk);
1068 cfg80211_sched_dfs_chan_update(rdev);
1069 wdev = rdev->background_radar_wdev;
1071 case NL80211_RADAR_CAC_ABORTED:
1072 if (!cancel_delayed_work(&rdev->background_cac_done_wk))
1074 wdev = rdev->background_radar_wdev;
1076 case NL80211_RADAR_CAC_STARTED:
1082 netdev = wdev ? wdev->netdev : NULL;
1083 nl80211_radar_notify(rdev, chandef, event, netdev, GFP_KERNEL);
1087 cfg80211_background_cac_event(struct cfg80211_registered_device *rdev,
1088 const struct cfg80211_chan_def *chandef,
1089 enum nl80211_radar_event event)
1091 wiphy_lock(&rdev->wiphy);
1092 __cfg80211_background_cac_event(rdev, rdev->background_radar_wdev,
1094 wiphy_unlock(&rdev->wiphy);
1097 void cfg80211_background_cac_done_wk(struct work_struct *work)
1099 struct delayed_work *delayed_work = to_delayed_work(work);
1100 struct cfg80211_registered_device *rdev;
1102 rdev = container_of(delayed_work, struct cfg80211_registered_device,
1103 background_cac_done_wk);
1104 cfg80211_background_cac_event(rdev, &rdev->background_radar_chandef,
1105 NL80211_RADAR_CAC_FINISHED);
1108 void cfg80211_background_cac_abort_wk(struct work_struct *work)
1110 struct cfg80211_registered_device *rdev;
1112 rdev = container_of(work, struct cfg80211_registered_device,
1113 background_cac_abort_wk);
1114 cfg80211_background_cac_event(rdev, &rdev->background_radar_chandef,
1115 NL80211_RADAR_CAC_ABORTED);
1118 void cfg80211_background_cac_abort(struct wiphy *wiphy)
1120 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
1122 queue_work(cfg80211_wq, &rdev->background_cac_abort_wk);
1124 EXPORT_SYMBOL(cfg80211_background_cac_abort);
1127 cfg80211_start_background_radar_detection(struct cfg80211_registered_device *rdev,
1128 struct wireless_dev *wdev,
1129 struct cfg80211_chan_def *chandef)
1131 unsigned int cac_time_ms;
1134 lockdep_assert_wiphy(&rdev->wiphy);
1136 if (!wiphy_ext_feature_isset(&rdev->wiphy,
1137 NL80211_EXT_FEATURE_RADAR_BACKGROUND))
1140 /* Offchannel chain already locked by another wdev */
1141 if (rdev->background_radar_wdev && rdev->background_radar_wdev != wdev)
1144 /* CAC already in progress on the offchannel chain */
1145 if (rdev->background_radar_wdev == wdev &&
1146 delayed_work_pending(&rdev->background_cac_done_wk))
1149 err = rdev_set_radar_background(rdev, chandef);
1153 cac_time_ms = cfg80211_chandef_dfs_cac_time(&rdev->wiphy, chandef);
1155 cac_time_ms = IEEE80211_DFS_MIN_CAC_TIME_MS;
1157 rdev->background_radar_chandef = *chandef;
1158 rdev->background_radar_wdev = wdev; /* Get offchain ownership */
1160 __cfg80211_background_cac_event(rdev, wdev, chandef,
1161 NL80211_RADAR_CAC_STARTED);
1162 queue_delayed_work(cfg80211_wq, &rdev->background_cac_done_wk,
1163 msecs_to_jiffies(cac_time_ms));
1168 void cfg80211_stop_background_radar_detection(struct wireless_dev *wdev)
1170 struct wiphy *wiphy = wdev->wiphy;
1171 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
1173 lockdep_assert_wiphy(wiphy);
1175 if (wdev != rdev->background_radar_wdev)
1178 rdev_set_radar_background(rdev, NULL);
1179 rdev->background_radar_wdev = NULL; /* Release offchain ownership */
1181 __cfg80211_background_cac_event(rdev, wdev,
1182 &rdev->background_radar_chandef,
1183 NL80211_RADAR_CAC_ABORTED);
git.samba.org / sfrench / cifs-2.6.git / blob