1 // SPDX-License-Identifier: GPL-2.0
3 * cfg80211 MLME SAP interface
5 * Copyright (c) 2009, Jouni Malinen <j@w1.fi>
6 * Copyright (c) 2015 Intel Deutschland GmbH
7 * Copyright (C) 2019-2020, 2022 Intel Corporation
10 #include <linux/kernel.h>
11 #include <linux/module.h>
12 #include <linux/etherdevice.h>
13 #include <linux/netdevice.h>
14 #include <linux/nl80211.h>
15 #include <linux/slab.h>
16 #include <linux/wireless.h>
17 #include <net/cfg80211.h>
18 #include <net/iw_handler.h>
24 void cfg80211_rx_assoc_resp(struct net_device *dev,
25 struct cfg80211_rx_assoc_resp *data)
27 struct wireless_dev *wdev = dev->ieee80211_ptr;
28 struct wiphy *wiphy = wdev->wiphy;
29 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
30 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)data->buf;
31 struct cfg80211_connect_resp_params cr = {
32 .timeout_reason = NL80211_TIMEOUT_UNSPECIFIED,
33 .req_ie = data->req_ies,
34 .req_ie_len = data->req_ies_len,
35 .resp_ie = mgmt->u.assoc_resp.variable,
36 .resp_ie_len = data->len -
37 offsetof(struct ieee80211_mgmt,
38 u.assoc_resp.variable),
39 .status = le16_to_cpu(mgmt->u.assoc_resp.status_code),
40 .ap_mld_addr = data->ap_mld_addr,
44 for (link_id = 0; link_id < ARRAY_SIZE(data->links); link_id++) {
45 cr.links[link_id].status = data->links[link_id].status;
46 cr.links[link_id].bss = data->links[link_id].bss;
48 WARN_ON_ONCE(cr.links[link_id].status != WLAN_STATUS_SUCCESS &&
49 (!cr.ap_mld_addr || !cr.links[link_id].bss));
51 if (!cr.links[link_id].bss)
53 cr.links[link_id].bssid = data->links[link_id].bss->bssid;
54 cr.links[link_id].addr = data->links[link_id].addr;
55 /* need to have local link addresses for MLO connections */
56 WARN_ON(cr.ap_mld_addr &&
57 !is_valid_ether_addr(cr.links[link_id].addr));
59 BUG_ON(!cr.links[link_id].bss->channel);
61 if (cr.links[link_id].bss->channel->band == NL80211_BAND_S1GHZ) {
63 cr.resp_ie = (u8 *)&mgmt->u.s1g_assoc_resp.variable;
64 cr.resp_ie_len = data->len -
65 offsetof(struct ieee80211_mgmt,
66 u.s1g_assoc_resp.variable);
70 cr.valid_links |= BIT(link_id);
73 trace_cfg80211_send_rx_assoc(dev, data);
76 * This is a bit of a hack, we don't notify userspace of
77 * a (re-)association reply if we tried to send a reassoc
78 * and got a reject -- we only try again with an assoc
79 * frame instead of reassoc.
81 if (cfg80211_sme_rx_assoc_resp(wdev, cr.status)) {
82 for (link_id = 0; link_id < ARRAY_SIZE(data->links); link_id++) {
83 struct cfg80211_bss *bss = data->links[link_id].bss;
88 cfg80211_unhold_bss(bss_from_pub(bss));
89 cfg80211_put_bss(wiphy, bss);
94 nl80211_send_rx_assoc(rdev, dev, data);
95 /* update current_bss etc., consumes the bss reference */
96 __cfg80211_connect_result(dev, &cr, cr.status == WLAN_STATUS_SUCCESS);
98 EXPORT_SYMBOL(cfg80211_rx_assoc_resp);
100 static void cfg80211_process_auth(struct wireless_dev *wdev,
101 const u8 *buf, size_t len)
103 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
105 nl80211_send_rx_auth(rdev, wdev->netdev, buf, len, GFP_KERNEL);
106 cfg80211_sme_rx_auth(wdev, buf, len);
109 static void cfg80211_process_deauth(struct wireless_dev *wdev,
110 const u8 *buf, size_t len,
113 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
114 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf;
115 const u8 *bssid = mgmt->bssid;
116 u16 reason_code = le16_to_cpu(mgmt->u.deauth.reason_code);
117 bool from_ap = !ether_addr_equal(mgmt->sa, wdev->netdev->dev_addr);
119 nl80211_send_deauth(rdev, wdev->netdev, buf, len, reconnect, GFP_KERNEL);
121 if (!wdev->connected || !ether_addr_equal(wdev->u.client.connected_addr, bssid))
124 __cfg80211_disconnected(wdev->netdev, NULL, 0, reason_code, from_ap);
125 cfg80211_sme_deauth(wdev);
128 static void cfg80211_process_disassoc(struct wireless_dev *wdev,
129 const u8 *buf, size_t len,
132 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
133 struct ieee80211_mgmt *mgmt = (struct ieee80211_mgmt *)buf;
134 const u8 *bssid = mgmt->bssid;
135 u16 reason_code = le16_to_cpu(mgmt->u.disassoc.reason_code);
136 bool from_ap = !ether_addr_equal(mgmt->sa, wdev->netdev->dev_addr);
138 nl80211_send_disassoc(rdev, wdev->netdev, buf, len, reconnect,
141 if (WARN_ON(!wdev->connected ||
142 !ether_addr_equal(wdev->u.client.connected_addr, bssid)))
145 __cfg80211_disconnected(wdev->netdev, NULL, 0, reason_code, from_ap);
146 cfg80211_sme_disassoc(wdev);
149 void cfg80211_rx_mlme_mgmt(struct net_device *dev, const u8 *buf, size_t len)
151 struct wireless_dev *wdev = dev->ieee80211_ptr;
152 struct ieee80211_mgmt *mgmt = (void *)buf;
154 ASSERT_WDEV_LOCK(wdev);
156 trace_cfg80211_rx_mlme_mgmt(dev, buf, len);
158 if (WARN_ON(len < 2))
161 if (ieee80211_is_auth(mgmt->frame_control))
162 cfg80211_process_auth(wdev, buf, len);
163 else if (ieee80211_is_deauth(mgmt->frame_control))
164 cfg80211_process_deauth(wdev, buf, len, false);
165 else if (ieee80211_is_disassoc(mgmt->frame_control))
166 cfg80211_process_disassoc(wdev, buf, len, false);
168 EXPORT_SYMBOL(cfg80211_rx_mlme_mgmt);
170 void cfg80211_auth_timeout(struct net_device *dev, const u8 *addr)
172 struct wireless_dev *wdev = dev->ieee80211_ptr;
173 struct wiphy *wiphy = wdev->wiphy;
174 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
176 trace_cfg80211_send_auth_timeout(dev, addr);
178 nl80211_send_auth_timeout(rdev, dev, addr, GFP_KERNEL);
179 cfg80211_sme_auth_timeout(wdev);
181 EXPORT_SYMBOL(cfg80211_auth_timeout);
183 void cfg80211_assoc_failure(struct net_device *dev,
184 struct cfg80211_assoc_failure *data)
186 struct wireless_dev *wdev = dev->ieee80211_ptr;
187 struct wiphy *wiphy = wdev->wiphy;
188 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
189 const u8 *addr = data->ap_mld_addr ?: data->bss[0]->bssid;
192 trace_cfg80211_send_assoc_failure(dev, data);
195 nl80211_send_assoc_timeout(rdev, dev, addr, GFP_KERNEL);
196 cfg80211_sme_assoc_timeout(wdev);
198 cfg80211_sme_abandon_assoc(wdev);
201 for (i = 0; i < ARRAY_SIZE(data->bss); i++) {
202 struct cfg80211_bss *bss = data->bss[i];
207 cfg80211_unhold_bss(bss_from_pub(bss));
208 cfg80211_put_bss(wiphy, bss);
211 EXPORT_SYMBOL(cfg80211_assoc_failure);
213 void cfg80211_tx_mlme_mgmt(struct net_device *dev, const u8 *buf, size_t len,
216 struct wireless_dev *wdev = dev->ieee80211_ptr;
217 struct ieee80211_mgmt *mgmt = (void *)buf;
219 ASSERT_WDEV_LOCK(wdev);
221 trace_cfg80211_tx_mlme_mgmt(dev, buf, len, reconnect);
223 if (WARN_ON(len < 2))
226 if (ieee80211_is_deauth(mgmt->frame_control))
227 cfg80211_process_deauth(wdev, buf, len, reconnect);
229 cfg80211_process_disassoc(wdev, buf, len, reconnect);
231 EXPORT_SYMBOL(cfg80211_tx_mlme_mgmt);
233 void cfg80211_michael_mic_failure(struct net_device *dev, const u8 *addr,
234 enum nl80211_key_type key_type, int key_id,
235 const u8 *tsc, gfp_t gfp)
237 struct wiphy *wiphy = dev->ieee80211_ptr->wiphy;
238 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
239 #ifdef CONFIG_CFG80211_WEXT
240 union iwreq_data wrqu;
241 char *buf = kmalloc(128, gfp);
244 sprintf(buf, "MLME-MICHAELMICFAILURE.indication("
245 "keyid=%d %scast addr=%pM)", key_id,
246 key_type == NL80211_KEYTYPE_GROUP ? "broad" : "uni",
248 memset(&wrqu, 0, sizeof(wrqu));
249 wrqu.data.length = strlen(buf);
250 wireless_send_event(dev, IWEVCUSTOM, &wrqu, buf);
255 trace_cfg80211_michael_mic_failure(dev, addr, key_type, key_id, tsc);
256 nl80211_michael_mic_failure(rdev, dev, addr, key_type, key_id, tsc, gfp);
258 EXPORT_SYMBOL(cfg80211_michael_mic_failure);
260 /* some MLME handling for userspace SME */
261 int cfg80211_mlme_auth(struct cfg80211_registered_device *rdev,
262 struct net_device *dev,
263 struct cfg80211_auth_request *req)
265 struct wireless_dev *wdev = dev->ieee80211_ptr;
267 ASSERT_WDEV_LOCK(wdev);
272 if (req->link_id >= 0 &&
273 !(wdev->wiphy->flags & WIPHY_FLAG_SUPPORTS_MLO))
276 if (req->auth_type == NL80211_AUTHTYPE_SHARED_KEY) {
277 if (!req->key || !req->key_len ||
278 req->key_idx < 0 || req->key_idx > 3)
282 if (wdev->connected &&
283 ether_addr_equal(req->bss->bssid, wdev->u.client.connected_addr))
286 if (ether_addr_equal(req->bss->bssid, dev->dev_addr) ||
287 (req->link_id >= 0 &&
288 ether_addr_equal(req->ap_mld_addr, dev->dev_addr)))
291 return rdev_auth(rdev, dev, req);
294 /* Do a logical ht_capa &= ht_capa_mask. */
295 void cfg80211_oper_and_ht_capa(struct ieee80211_ht_cap *ht_capa,
296 const struct ieee80211_ht_cap *ht_capa_mask)
301 memset(ht_capa, 0, sizeof(*ht_capa));
306 p2 = (u8*)(ht_capa_mask);
307 for (i = 0; i < sizeof(*ht_capa); i++)
311 /* Do a logical vht_capa &= vht_capa_mask. */
312 void cfg80211_oper_and_vht_capa(struct ieee80211_vht_cap *vht_capa,
313 const struct ieee80211_vht_cap *vht_capa_mask)
317 if (!vht_capa_mask) {
318 memset(vht_capa, 0, sizeof(*vht_capa));
322 p1 = (u8*)(vht_capa);
323 p2 = (u8*)(vht_capa_mask);
324 for (i = 0; i < sizeof(*vht_capa); i++)
328 /* Note: caller must cfg80211_put_bss() regardless of result */
329 int cfg80211_mlme_assoc(struct cfg80211_registered_device *rdev,
330 struct net_device *dev,
331 struct cfg80211_assoc_request *req)
333 struct wireless_dev *wdev = dev->ieee80211_ptr;
336 ASSERT_WDEV_LOCK(wdev);
338 for (i = 1; i < ARRAY_SIZE(req->links); i++) {
339 if (!req->links[i].bss)
341 for (j = 0; j < i; j++) {
342 if (req->links[i].bss == req->links[j].bss)
346 if (ether_addr_equal(req->links[i].bss->bssid, dev->dev_addr))
350 if (wdev->connected &&
352 !ether_addr_equal(wdev->u.client.connected_addr, req->prev_bssid)))
355 if ((req->bss && ether_addr_equal(req->bss->bssid, dev->dev_addr)) ||
356 (req->link_id >= 0 &&
357 ether_addr_equal(req->ap_mld_addr, dev->dev_addr)))
360 cfg80211_oper_and_ht_capa(&req->ht_capa_mask,
361 rdev->wiphy.ht_capa_mod_mask);
362 cfg80211_oper_and_vht_capa(&req->vht_capa_mask,
363 rdev->wiphy.vht_capa_mod_mask);
365 err = rdev_assoc(rdev, dev, req);
370 cfg80211_ref_bss(&rdev->wiphy, req->bss);
371 cfg80211_hold_bss(bss_from_pub(req->bss));
374 for (link_id = 0; link_id < ARRAY_SIZE(req->links); link_id++) {
375 if (!req->links[link_id].bss)
377 cfg80211_ref_bss(&rdev->wiphy, req->links[link_id].bss);
378 cfg80211_hold_bss(bss_from_pub(req->links[link_id].bss));
384 int cfg80211_mlme_deauth(struct cfg80211_registered_device *rdev,
385 struct net_device *dev, const u8 *bssid,
386 const u8 *ie, int ie_len, u16 reason,
387 bool local_state_change)
389 struct wireless_dev *wdev = dev->ieee80211_ptr;
390 struct cfg80211_deauth_request req = {
392 .reason_code = reason,
395 .local_state_change = local_state_change,
398 ASSERT_WDEV_LOCK(wdev);
400 if (local_state_change &&
402 !ether_addr_equal(wdev->u.client.connected_addr, bssid)))
405 if (ether_addr_equal(wdev->disconnect_bssid, bssid) ||
407 ether_addr_equal(wdev->u.client.connected_addr, bssid)))
408 wdev->conn_owner_nlportid = 0;
410 return rdev_deauth(rdev, dev, &req);
413 int cfg80211_mlme_disassoc(struct cfg80211_registered_device *rdev,
414 struct net_device *dev, const u8 *ap_addr,
415 const u8 *ie, int ie_len, u16 reason,
416 bool local_state_change)
418 struct wireless_dev *wdev = dev->ieee80211_ptr;
419 struct cfg80211_disassoc_request req = {
420 .reason_code = reason,
421 .local_state_change = local_state_change,
428 ASSERT_WDEV_LOCK(wdev);
430 if (!wdev->connected)
433 if (memcmp(wdev->u.client.connected_addr, ap_addr, ETH_ALEN))
436 err = rdev_disassoc(rdev, dev, &req);
440 /* driver should have reported the disassoc */
441 WARN_ON(wdev->connected);
445 void cfg80211_mlme_down(struct cfg80211_registered_device *rdev,
446 struct net_device *dev)
448 struct wireless_dev *wdev = dev->ieee80211_ptr;
451 ASSERT_WDEV_LOCK(wdev);
453 if (!rdev->ops->deauth)
456 if (!wdev->connected)
459 memcpy(bssid, wdev->u.client.connected_addr, ETH_ALEN);
460 cfg80211_mlme_deauth(rdev, dev, bssid, NULL, 0,
461 WLAN_REASON_DEAUTH_LEAVING, false);
464 struct cfg80211_mgmt_registration {
465 struct list_head list;
466 struct wireless_dev *wdev;
479 static void cfg80211_mgmt_registrations_update(struct wireless_dev *wdev)
481 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
482 struct wireless_dev *tmp;
483 struct cfg80211_mgmt_registration *reg;
484 struct mgmt_frame_regs upd = {};
486 lockdep_assert_held(&rdev->wiphy.mtx);
488 spin_lock_bh(&rdev->mgmt_registrations_lock);
489 if (!wdev->mgmt_registrations_need_update) {
490 spin_unlock_bh(&rdev->mgmt_registrations_lock);
495 list_for_each_entry_rcu(tmp, &rdev->wiphy.wdev_list, list) {
496 list_for_each_entry(reg, &tmp->mgmt_registrations, list) {
497 u32 mask = BIT(le16_to_cpu(reg->frame_type) >> 4);
500 if (reg->multicast_rx)
503 upd.global_stypes |= mask;
504 upd.global_mcast_stypes |= mcast_mask;
507 upd.interface_stypes |= mask;
508 upd.interface_mcast_stypes |= mcast_mask;
514 wdev->mgmt_registrations_need_update = 0;
515 spin_unlock_bh(&rdev->mgmt_registrations_lock);
517 rdev_update_mgmt_frame_registrations(rdev, wdev, &upd);
520 void cfg80211_mgmt_registrations_update_wk(struct work_struct *wk)
522 struct cfg80211_registered_device *rdev;
523 struct wireless_dev *wdev;
525 rdev = container_of(wk, struct cfg80211_registered_device,
526 mgmt_registrations_update_wk);
528 wiphy_lock(&rdev->wiphy);
529 list_for_each_entry(wdev, &rdev->wiphy.wdev_list, list)
530 cfg80211_mgmt_registrations_update(wdev);
531 wiphy_unlock(&rdev->wiphy);
534 int cfg80211_mlme_register_mgmt(struct wireless_dev *wdev, u32 snd_portid,
535 u16 frame_type, const u8 *match_data,
536 int match_len, bool multicast_rx,
537 struct netlink_ext_ack *extack)
539 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
540 struct cfg80211_mgmt_registration *reg, *nreg;
543 bool update_multicast = false;
545 if (!wdev->wiphy->mgmt_stypes)
548 if ((frame_type & IEEE80211_FCTL_FTYPE) != IEEE80211_FTYPE_MGMT) {
549 NL_SET_ERR_MSG(extack, "frame type not management");
553 if (frame_type & ~(IEEE80211_FCTL_FTYPE | IEEE80211_FCTL_STYPE)) {
554 NL_SET_ERR_MSG(extack, "Invalid frame type");
558 mgmt_type = (frame_type & IEEE80211_FCTL_STYPE) >> 4;
559 if (!(wdev->wiphy->mgmt_stypes[wdev->iftype].rx & BIT(mgmt_type))) {
560 NL_SET_ERR_MSG(extack,
561 "Registration to specific type not supported");
566 * To support Pre Association Security Negotiation (PASN), registration
567 * for authentication frames should be supported. However, as some
568 * versions of the user space daemons wrongly register to all types of
569 * authentication frames (which might result in unexpected behavior)
570 * allow such registration if the request is for a specific
571 * authentication algorithm number.
573 if (wdev->iftype == NL80211_IFTYPE_STATION &&
574 (frame_type & IEEE80211_FCTL_STYPE) == IEEE80211_STYPE_AUTH &&
575 !(match_data && match_len >= 2)) {
576 NL_SET_ERR_MSG(extack,
577 "Authentication algorithm number required");
581 nreg = kzalloc(sizeof(*reg) + match_len, GFP_KERNEL);
585 spin_lock_bh(&rdev->mgmt_registrations_lock);
587 list_for_each_entry(reg, &wdev->mgmt_registrations, list) {
588 int mlen = min(match_len, reg->match_len);
590 if (frame_type != le16_to_cpu(reg->frame_type))
593 if (memcmp(reg->match, match_data, mlen) == 0) {
594 if (reg->multicast_rx != multicast_rx) {
595 update_multicast = true;
596 reg->multicast_rx = multicast_rx;
599 NL_SET_ERR_MSG(extack, "Match already configured");
608 if (update_multicast) {
611 memcpy(nreg->match, match_data, match_len);
612 nreg->match_len = match_len;
613 nreg->nlportid = snd_portid;
614 nreg->frame_type = cpu_to_le16(frame_type);
616 nreg->multicast_rx = multicast_rx;
617 list_add(&nreg->list, &wdev->mgmt_registrations);
619 wdev->mgmt_registrations_need_update = 1;
620 spin_unlock_bh(&rdev->mgmt_registrations_lock);
622 cfg80211_mgmt_registrations_update(wdev);
628 spin_unlock_bh(&rdev->mgmt_registrations_lock);
633 void cfg80211_mlme_unregister_socket(struct wireless_dev *wdev, u32 nlportid)
635 struct wiphy *wiphy = wdev->wiphy;
636 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
637 struct cfg80211_mgmt_registration *reg, *tmp;
639 spin_lock_bh(&rdev->mgmt_registrations_lock);
641 list_for_each_entry_safe(reg, tmp, &wdev->mgmt_registrations, list) {
642 if (reg->nlportid != nlportid)
645 list_del(®->list);
648 wdev->mgmt_registrations_need_update = 1;
649 schedule_work(&rdev->mgmt_registrations_update_wk);
652 spin_unlock_bh(&rdev->mgmt_registrations_lock);
654 if (nlportid && rdev->crit_proto_nlportid == nlportid) {
655 rdev->crit_proto_nlportid = 0;
656 rdev_crit_proto_stop(rdev, wdev);
659 if (nlportid == wdev->ap_unexpected_nlportid)
660 wdev->ap_unexpected_nlportid = 0;
663 void cfg80211_mlme_purge_registrations(struct wireless_dev *wdev)
665 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wdev->wiphy);
666 struct cfg80211_mgmt_registration *reg, *tmp;
668 spin_lock_bh(&rdev->mgmt_registrations_lock);
669 list_for_each_entry_safe(reg, tmp, &wdev->mgmt_registrations, list) {
670 list_del(®->list);
673 wdev->mgmt_registrations_need_update = 1;
674 spin_unlock_bh(&rdev->mgmt_registrations_lock);
676 cfg80211_mgmt_registrations_update(wdev);
679 static bool cfg80211_allowed_address(struct wireless_dev *wdev, const u8 *addr)
683 for_each_valid_link(wdev, i) {
684 if (ether_addr_equal(addr, wdev->links[i].addr))
688 return ether_addr_equal(addr, wdev_address(wdev));
691 static bool cfg80211_allowed_random_address(struct wireless_dev *wdev,
692 const struct ieee80211_mgmt *mgmt)
694 if (ieee80211_is_auth(mgmt->frame_control) ||
695 ieee80211_is_deauth(mgmt->frame_control)) {
696 /* Allow random TA to be used with authentication and
697 * deauthentication frames if the driver has indicated support.
699 if (wiphy_ext_feature_isset(
701 NL80211_EXT_FEATURE_AUTH_AND_DEAUTH_RANDOM_TA))
703 } else if (ieee80211_is_action(mgmt->frame_control) &&
704 mgmt->u.action.category == WLAN_CATEGORY_PUBLIC) {
705 /* Allow random TA to be used with Public Action frames if the
706 * driver has indicated support.
708 if (!wdev->connected &&
709 wiphy_ext_feature_isset(
711 NL80211_EXT_FEATURE_MGMT_TX_RANDOM_TA))
714 if (wdev->connected &&
715 wiphy_ext_feature_isset(
717 NL80211_EXT_FEATURE_MGMT_TX_RANDOM_TA_CONNECTED))
724 int cfg80211_mlme_mgmt_tx(struct cfg80211_registered_device *rdev,
725 struct wireless_dev *wdev,
726 struct cfg80211_mgmt_tx_params *params, u64 *cookie)
728 const struct ieee80211_mgmt *mgmt;
731 if (!wdev->wiphy->mgmt_stypes)
734 if (!rdev->ops->mgmt_tx)
737 if (params->len < 24 + 1)
740 mgmt = (const struct ieee80211_mgmt *)params->buf;
742 if (!ieee80211_is_mgmt(mgmt->frame_control))
745 stype = le16_to_cpu(mgmt->frame_control) & IEEE80211_FCTL_STYPE;
746 if (!(wdev->wiphy->mgmt_stypes[wdev->iftype].tx & BIT(stype >> 4)))
749 if (ieee80211_is_action(mgmt->frame_control) &&
750 mgmt->u.action.category != WLAN_CATEGORY_PUBLIC) {
755 switch (wdev->iftype) {
756 case NL80211_IFTYPE_ADHOC:
758 * check for IBSS DA must be done by driver as
759 * cfg80211 doesn't track the stations
761 if (!wdev->u.ibss.current_bss ||
762 !ether_addr_equal(wdev->u.ibss.current_bss->pub.bssid,
768 case NL80211_IFTYPE_STATION:
769 case NL80211_IFTYPE_P2P_CLIENT:
770 if (!wdev->connected) {
775 /* FIXME: MLD may address this differently */
777 if (!ether_addr_equal(wdev->u.client.connected_addr,
783 /* for station, check that DA is the AP */
784 if (!ether_addr_equal(wdev->u.client.connected_addr,
790 case NL80211_IFTYPE_AP:
791 case NL80211_IFTYPE_P2P_GO:
792 case NL80211_IFTYPE_AP_VLAN:
793 if (!ether_addr_equal(mgmt->bssid, wdev_address(wdev)) &&
794 (params->link_id < 0 ||
795 !ether_addr_equal(mgmt->bssid,
796 wdev->links[params->link_id].addr)))
799 case NL80211_IFTYPE_MESH_POINT:
800 if (!ether_addr_equal(mgmt->sa, mgmt->bssid)) {
805 * check for mesh DA must be done by driver as
806 * cfg80211 doesn't track the stations
809 case NL80211_IFTYPE_P2P_DEVICE:
811 * fall through, P2P device only supports
812 * public action frames
814 case NL80211_IFTYPE_NAN:
825 if (!cfg80211_allowed_address(wdev, mgmt->sa) &&
826 !cfg80211_allowed_random_address(wdev, mgmt))
829 /* Transmit the management frame as requested by user space */
830 return rdev_mgmt_tx(rdev, wdev, params, cookie);
833 bool cfg80211_rx_mgmt_ext(struct wireless_dev *wdev,
834 struct cfg80211_rx_info *info)
836 struct wiphy *wiphy = wdev->wiphy;
837 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
838 struct cfg80211_mgmt_registration *reg;
839 const struct ieee80211_txrx_stypes *stypes =
840 &wiphy->mgmt_stypes[wdev->iftype];
841 struct ieee80211_mgmt *mgmt = (void *)info->buf;
845 __le16 ftype = mgmt->frame_control &
846 cpu_to_le16(IEEE80211_FCTL_FTYPE | IEEE80211_FCTL_STYPE);
849 trace_cfg80211_rx_mgmt(wdev, info);
850 stype = (le16_to_cpu(mgmt->frame_control) & IEEE80211_FCTL_STYPE) >> 4;
852 if (!(stypes->rx & BIT(stype))) {
853 trace_cfg80211_return_bool(false);
857 data = info->buf + ieee80211_hdrlen(mgmt->frame_control);
858 data_len = info->len - ieee80211_hdrlen(mgmt->frame_control);
860 spin_lock_bh(&rdev->mgmt_registrations_lock);
862 list_for_each_entry(reg, &wdev->mgmt_registrations, list) {
863 if (reg->frame_type != ftype)
866 if (reg->match_len > data_len)
869 if (memcmp(reg->match, data, reg->match_len))
874 /* Indicate the received Action frame to user space */
875 if (nl80211_send_mgmt(rdev, wdev, reg->nlportid, info,
883 spin_unlock_bh(&rdev->mgmt_registrations_lock);
885 trace_cfg80211_return_bool(result);
888 EXPORT_SYMBOL(cfg80211_rx_mgmt_ext);
890 void cfg80211_sched_dfs_chan_update(struct cfg80211_registered_device *rdev)
892 cancel_delayed_work(&rdev->dfs_update_channels_wk);
893 queue_delayed_work(cfg80211_wq, &rdev->dfs_update_channels_wk, 0);
896 void cfg80211_dfs_channels_update_work(struct work_struct *work)
898 struct delayed_work *delayed_work = to_delayed_work(work);
899 struct cfg80211_registered_device *rdev;
900 struct cfg80211_chan_def chandef;
901 struct ieee80211_supported_band *sband;
902 struct ieee80211_channel *c;
904 bool check_again = false;
905 unsigned long timeout, next_time = 0;
906 unsigned long time_dfs_update;
907 enum nl80211_radar_event radar_event;
910 rdev = container_of(delayed_work, struct cfg80211_registered_device,
911 dfs_update_channels_wk);
912 wiphy = &rdev->wiphy;
915 for (bandid = 0; bandid < NUM_NL80211_BANDS; bandid++) {
916 sband = wiphy->bands[bandid];
920 for (i = 0; i < sband->n_channels; i++) {
921 c = &sband->channels[i];
923 if (!(c->flags & IEEE80211_CHAN_RADAR))
926 if (c->dfs_state != NL80211_DFS_UNAVAILABLE &&
927 c->dfs_state != NL80211_DFS_AVAILABLE)
930 if (c->dfs_state == NL80211_DFS_UNAVAILABLE) {
931 time_dfs_update = IEEE80211_DFS_MIN_NOP_TIME_MS;
932 radar_event = NL80211_RADAR_NOP_FINISHED;
934 if (regulatory_pre_cac_allowed(wiphy) ||
935 cfg80211_any_wiphy_oper_chan(wiphy, c))
938 time_dfs_update = REG_PRE_CAC_EXPIRY_GRACE_MS;
939 radar_event = NL80211_RADAR_PRE_CAC_EXPIRED;
942 timeout = c->dfs_state_entered +
943 msecs_to_jiffies(time_dfs_update);
945 if (time_after_eq(jiffies, timeout)) {
946 c->dfs_state = NL80211_DFS_USABLE;
947 c->dfs_state_entered = jiffies;
949 cfg80211_chandef_create(&chandef, c,
952 nl80211_radar_notify(rdev, &chandef,
956 regulatory_propagate_dfs_state(wiphy, &chandef,
963 next_time = timeout - jiffies;
965 next_time = min(next_time, timeout - jiffies);
971 /* reschedule if there are other channels waiting to be cleared again */
973 queue_delayed_work(cfg80211_wq, &rdev->dfs_update_channels_wk,
978 void __cfg80211_radar_event(struct wiphy *wiphy,
979 struct cfg80211_chan_def *chandef,
980 bool offchan, gfp_t gfp)
982 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
984 trace_cfg80211_radar_event(wiphy, chandef, offchan);
986 /* only set the chandef supplied channel to unavailable, in
987 * case the radar is detected on only one of multiple channels
988 * spanned by the chandef.
990 cfg80211_set_dfs_state(wiphy, chandef, NL80211_DFS_UNAVAILABLE);
993 queue_work(cfg80211_wq, &rdev->background_cac_abort_wk);
995 cfg80211_sched_dfs_chan_update(rdev);
997 nl80211_radar_notify(rdev, chandef, NL80211_RADAR_DETECTED, NULL, gfp);
999 memcpy(&rdev->radar_chandef, chandef, sizeof(struct cfg80211_chan_def));
1000 queue_work(cfg80211_wq, &rdev->propagate_radar_detect_wk);
1002 EXPORT_SYMBOL(__cfg80211_radar_event);
1004 void cfg80211_cac_event(struct net_device *netdev,
1005 const struct cfg80211_chan_def *chandef,
1006 enum nl80211_radar_event event, gfp_t gfp)
1008 struct wireless_dev *wdev = netdev->ieee80211_ptr;
1009 struct wiphy *wiphy = wdev->wiphy;
1010 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
1011 unsigned long timeout;
1013 /* not yet supported */
1014 if (wdev->valid_links)
1017 trace_cfg80211_cac_event(netdev, event);
1019 if (WARN_ON(!wdev->cac_started && event != NL80211_RADAR_CAC_STARTED))
1023 case NL80211_RADAR_CAC_FINISHED:
1024 timeout = wdev->cac_start_time +
1025 msecs_to_jiffies(wdev->cac_time_ms);
1026 WARN_ON(!time_after_eq(jiffies, timeout));
1027 cfg80211_set_dfs_state(wiphy, chandef, NL80211_DFS_AVAILABLE);
1028 memcpy(&rdev->cac_done_chandef, chandef,
1029 sizeof(struct cfg80211_chan_def));
1030 queue_work(cfg80211_wq, &rdev->propagate_cac_done_wk);
1031 cfg80211_sched_dfs_chan_update(rdev);
1033 case NL80211_RADAR_CAC_ABORTED:
1034 wdev->cac_started = false;
1036 case NL80211_RADAR_CAC_STARTED:
1037 wdev->cac_started = true;
1044 nl80211_radar_notify(rdev, chandef, event, netdev, gfp);
1046 EXPORT_SYMBOL(cfg80211_cac_event);
1049 __cfg80211_background_cac_event(struct cfg80211_registered_device *rdev,
1050 struct wireless_dev *wdev,
1051 const struct cfg80211_chan_def *chandef,
1052 enum nl80211_radar_event event)
1054 struct wiphy *wiphy = &rdev->wiphy;
1055 struct net_device *netdev;
1057 lockdep_assert_wiphy(&rdev->wiphy);
1059 if (!cfg80211_chandef_valid(chandef))
1062 if (!rdev->background_radar_wdev)
1066 case NL80211_RADAR_CAC_FINISHED:
1067 cfg80211_set_dfs_state(wiphy, chandef, NL80211_DFS_AVAILABLE);
1068 memcpy(&rdev->cac_done_chandef, chandef, sizeof(*chandef));
1069 queue_work(cfg80211_wq, &rdev->propagate_cac_done_wk);
1070 cfg80211_sched_dfs_chan_update(rdev);
1071 wdev = rdev->background_radar_wdev;
1073 case NL80211_RADAR_CAC_ABORTED:
1074 if (!cancel_delayed_work(&rdev->background_cac_done_wk))
1076 wdev = rdev->background_radar_wdev;
1078 case NL80211_RADAR_CAC_STARTED:
1084 netdev = wdev ? wdev->netdev : NULL;
1085 nl80211_radar_notify(rdev, chandef, event, netdev, GFP_KERNEL);
1089 cfg80211_background_cac_event(struct cfg80211_registered_device *rdev,
1090 const struct cfg80211_chan_def *chandef,
1091 enum nl80211_radar_event event)
1093 wiphy_lock(&rdev->wiphy);
1094 __cfg80211_background_cac_event(rdev, rdev->background_radar_wdev,
1096 wiphy_unlock(&rdev->wiphy);
1099 void cfg80211_background_cac_done_wk(struct work_struct *work)
1101 struct delayed_work *delayed_work = to_delayed_work(work);
1102 struct cfg80211_registered_device *rdev;
1104 rdev = container_of(delayed_work, struct cfg80211_registered_device,
1105 background_cac_done_wk);
1106 cfg80211_background_cac_event(rdev, &rdev->background_radar_chandef,
1107 NL80211_RADAR_CAC_FINISHED);
1110 void cfg80211_background_cac_abort_wk(struct work_struct *work)
1112 struct cfg80211_registered_device *rdev;
1114 rdev = container_of(work, struct cfg80211_registered_device,
1115 background_cac_abort_wk);
1116 cfg80211_background_cac_event(rdev, &rdev->background_radar_chandef,
1117 NL80211_RADAR_CAC_ABORTED);
1120 void cfg80211_background_cac_abort(struct wiphy *wiphy)
1122 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
1124 queue_work(cfg80211_wq, &rdev->background_cac_abort_wk);
1126 EXPORT_SYMBOL(cfg80211_background_cac_abort);
1129 cfg80211_start_background_radar_detection(struct cfg80211_registered_device *rdev,
1130 struct wireless_dev *wdev,
1131 struct cfg80211_chan_def *chandef)
1133 unsigned int cac_time_ms;
1136 lockdep_assert_wiphy(&rdev->wiphy);
1138 if (!wiphy_ext_feature_isset(&rdev->wiphy,
1139 NL80211_EXT_FEATURE_RADAR_BACKGROUND))
1142 /* Offchannel chain already locked by another wdev */
1143 if (rdev->background_radar_wdev && rdev->background_radar_wdev != wdev)
1146 /* CAC already in progress on the offchannel chain */
1147 if (rdev->background_radar_wdev == wdev &&
1148 delayed_work_pending(&rdev->background_cac_done_wk))
1151 err = rdev_set_radar_background(rdev, chandef);
1155 cac_time_ms = cfg80211_chandef_dfs_cac_time(&rdev->wiphy, chandef);
1157 cac_time_ms = IEEE80211_DFS_MIN_CAC_TIME_MS;
1159 rdev->background_radar_chandef = *chandef;
1160 rdev->background_radar_wdev = wdev; /* Get offchain ownership */
1162 __cfg80211_background_cac_event(rdev, wdev, chandef,
1163 NL80211_RADAR_CAC_STARTED);
1164 queue_delayed_work(cfg80211_wq, &rdev->background_cac_done_wk,
1165 msecs_to_jiffies(cac_time_ms));
1170 void cfg80211_stop_background_radar_detection(struct wireless_dev *wdev)
1172 struct wiphy *wiphy = wdev->wiphy;
1173 struct cfg80211_registered_device *rdev = wiphy_to_rdev(wiphy);
1175 lockdep_assert_wiphy(wiphy);
1177 if (wdev != rdev->background_radar_wdev)
1180 rdev_set_radar_background(rdev, NULL);
1181 rdev->background_radar_wdev = NULL; /* Release offchain ownership */
1183 __cfg80211_background_cac_event(rdev, wdev,
1184 &rdev->background_radar_chandef,
1185 NL80211_RADAR_CAC_ABORTED);
projects / platform / kernel / linux-rpi.git / blob