nl80211.c 109 KB
Newer Older
1 2 3
/*
 * This is the new netlink-based wireless configuration interface.
 *
4
 * Copyright 2006-2009	Johannes Berg <johannes@sipsolutions.net>
5 6 7 8 9 10 11 12 13 14 15
 */

#include <linux/if.h>
#include <linux/module.h>
#include <linux/err.h>
#include <linux/list.h>
#include <linux/if_ether.h>
#include <linux/ieee80211.h>
#include <linux/nl80211.h>
#include <linux/rtnetlink.h>
#include <linux/netlink.h>
16
#include <linux/etherdevice.h>
17 18 19 20
#include <net/genetlink.h>
#include <net/cfg80211.h>
#include "core.h"
#include "nl80211.h"
21
#include "reg.h"
22 23 24 25 26 27 28 29 30 31

/* the netlink family */
static struct genl_family nl80211_fam = {
	.id = GENL_ID_GENERATE,	/* don't bother with a hardcoded ID */
	.name = "nl80211",	/* have users key off the name instead */
	.hdrsize = 0,		/* no private header */
	.version = 1,		/* no particular meaning now */
	.maxattr = NL80211_ATTR_MAX,
};

32 33 34
/* internal helper: get rdev and dev */
static int get_rdev_dev_by_info_ifindex(struct nlattr **attrs,
				       struct cfg80211_registered_device **rdev,
35 36 37 38
				       struct net_device **dev)
{
	int ifindex;

Johannes Berg's avatar
Johannes Berg committed
39
	if (!attrs[NL80211_ATTR_IFINDEX])
40 41
		return -EINVAL;

Johannes Berg's avatar
Johannes Berg committed
42
	ifindex = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]);
43 44 45 46
	*dev = dev_get_by_index(&init_net, ifindex);
	if (!*dev)
		return -ENODEV;

47 48
	*rdev = cfg80211_get_dev_from_ifindex(ifindex);
	if (IS_ERR(*rdev)) {
49
		dev_put(*dev);
50
		return PTR_ERR(*rdev);
51 52 53 54 55 56 57 58 59
	}

	return 0;
}

/* policy for the attributes */
static struct nla_policy nl80211_policy[NL80211_ATTR_MAX+1] __read_mostly = {
	[NL80211_ATTR_WIPHY] = { .type = NLA_U32 },
	[NL80211_ATTR_WIPHY_NAME] = { .type = NLA_NUL_STRING,
60
				      .len = 20-1 },
61
	[NL80211_ATTR_WIPHY_TXQ_PARAMS] = { .type = NLA_NESTED },
62
	[NL80211_ATTR_WIPHY_FREQ] = { .type = NLA_U32 },
Sujith's avatar
Sujith committed
63
	[NL80211_ATTR_WIPHY_CHANNEL_TYPE] = { .type = NLA_U32 },
64 65 66 67
	[NL80211_ATTR_WIPHY_RETRY_SHORT] = { .type = NLA_U8 },
	[NL80211_ATTR_WIPHY_RETRY_LONG] = { .type = NLA_U8 },
	[NL80211_ATTR_WIPHY_FRAG_THRESHOLD] = { .type = NLA_U32 },
	[NL80211_ATTR_WIPHY_RTS_THRESHOLD] = { .type = NLA_U32 },
68 69 70 71

	[NL80211_ATTR_IFTYPE] = { .type = NLA_U32 },
	[NL80211_ATTR_IFINDEX] = { .type = NLA_U32 },
	[NL80211_ATTR_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ-1 },
72 73

	[NL80211_ATTR_MAC] = { .type = NLA_BINARY, .len = ETH_ALEN },
74
	[NL80211_ATTR_PREV_BSSID] = { .type = NLA_BINARY, .len = ETH_ALEN },
75

76
	[NL80211_ATTR_KEY] = { .type = NLA_NESTED, },
77 78 79 80 81
	[NL80211_ATTR_KEY_DATA] = { .type = NLA_BINARY,
				    .len = WLAN_MAX_KEY_LEN },
	[NL80211_ATTR_KEY_IDX] = { .type = NLA_U8 },
	[NL80211_ATTR_KEY_CIPHER] = { .type = NLA_U32 },
	[NL80211_ATTR_KEY_DEFAULT] = { .type = NLA_FLAG },
82
	[NL80211_ATTR_KEY_SEQ] = { .type = NLA_BINARY, .len = 8 },
83 84 85 86 87 88 89

	[NL80211_ATTR_BEACON_INTERVAL] = { .type = NLA_U32 },
	[NL80211_ATTR_DTIM_PERIOD] = { .type = NLA_U32 },
	[NL80211_ATTR_BEACON_HEAD] = { .type = NLA_BINARY,
				       .len = IEEE80211_MAX_DATA_LEN },
	[NL80211_ATTR_BEACON_TAIL] = { .type = NLA_BINARY,
				       .len = IEEE80211_MAX_DATA_LEN },
90 91 92 93 94
	[NL80211_ATTR_STA_AID] = { .type = NLA_U16 },
	[NL80211_ATTR_STA_FLAGS] = { .type = NLA_NESTED },
	[NL80211_ATTR_STA_LISTEN_INTERVAL] = { .type = NLA_U16 },
	[NL80211_ATTR_STA_SUPPORTED_RATES] = { .type = NLA_BINARY,
					       .len = NL80211_MAX_SUPP_RATES },
95
	[NL80211_ATTR_STA_PLINK_ACTION] = { .type = NLA_U8 },
96
	[NL80211_ATTR_STA_VLAN] = { .type = NLA_U32 },
Johannes Berg's avatar
Johannes Berg committed
97
	[NL80211_ATTR_MNTR_FLAGS] = { /* NLA_NESTED can't be empty */ },
98 99 100
	[NL80211_ATTR_MESH_ID] = { .type = NLA_BINARY,
				.len = IEEE80211_MAX_MESH_ID_LEN },
	[NL80211_ATTR_MPATH_NEXT_HOP] = { .type = NLA_U32 },
101

102 103 104
	[NL80211_ATTR_REG_ALPHA2] = { .type = NLA_STRING, .len = 2 },
	[NL80211_ATTR_REG_RULES] = { .type = NLA_NESTED },

105 106 107
	[NL80211_ATTR_BSS_CTS_PROT] = { .type = NLA_U8 },
	[NL80211_ATTR_BSS_SHORT_PREAMBLE] = { .type = NLA_U8 },
	[NL80211_ATTR_BSS_SHORT_SLOT_TIME] = { .type = NLA_U8 },
108 109
	[NL80211_ATTR_BSS_BASIC_RATES] = { .type = NLA_BINARY,
					   .len = NL80211_MAX_SUPP_RATES },
110

111 112
	[NL80211_ATTR_MESH_PARAMS] = { .type = NLA_NESTED },

113 114
	[NL80211_ATTR_HT_CAPABILITY] = { .type = NLA_BINARY,
					 .len = NL80211_HT_CAPABILITY_LEN },
115 116 117 118

	[NL80211_ATTR_MGMT_SUBTYPE] = { .type = NLA_U8 },
	[NL80211_ATTR_IE] = { .type = NLA_BINARY,
			      .len = IEEE80211_MAX_DATA_LEN },
119 120
	[NL80211_ATTR_SCAN_FREQUENCIES] = { .type = NLA_NESTED },
	[NL80211_ATTR_SCAN_SSIDS] = { .type = NLA_NESTED },
121 122 123 124 125

	[NL80211_ATTR_SSID] = { .type = NLA_BINARY,
				.len = IEEE80211_MAX_SSID_LEN },
	[NL80211_ATTR_AUTH_TYPE] = { .type = NLA_U32 },
	[NL80211_ATTR_REASON_CODE] = { .type = NLA_U16 },
Johannes Berg's avatar
Johannes Berg committed
126
	[NL80211_ATTR_FREQ_FIXED] = { .type = NLA_FLAG },
127
	[NL80211_ATTR_TIMED_OUT] = { .type = NLA_FLAG },
128
	[NL80211_ATTR_USE_MFP] = { .type = NLA_U32 },
129 130 131
	[NL80211_ATTR_STA_FLAGS2] = {
		.len = sizeof(struct nl80211_sta_flag_update),
	},
132
	[NL80211_ATTR_CONTROL_PORT] = { .type = NLA_FLAG },
133 134 135
	[NL80211_ATTR_PRIVACY] = { .type = NLA_FLAG },
	[NL80211_ATTR_CIPHER_SUITE_GROUP] = { .type = NLA_U32 },
	[NL80211_ATTR_WPA_VERSIONS] = { .type = NLA_U32 },
136 137
};

138 139 140 141 142 143 144 145 146 147 148 149
/* policy for the attributes */
static struct nla_policy
nl80211_key_policy[NL80211_KEY_MAX + 1] __read_mostly = {
	[NL80211_KEY_DATA] = { .type = NLA_BINARY,
				    .len = WLAN_MAX_KEY_LEN },
	[NL80211_KEY_IDX] = { .type = NLA_U8 },
	[NL80211_KEY_CIPHER] = { .type = NLA_U32 },
	[NL80211_KEY_SEQ] = { .type = NLA_BINARY, .len = 8 },
	[NL80211_KEY_DEFAULT] = { .type = NLA_FLAG },
	[NL80211_KEY_DEFAULT_MGMT] = { .type = NLA_FLAG },
};

150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179
/* IE validation */
static bool is_valid_ie_attr(const struct nlattr *attr)
{
	const u8 *pos;
	int len;

	if (!attr)
		return true;

	pos = nla_data(attr);
	len = nla_len(attr);

	while (len) {
		u8 elemlen;

		if (len < 2)
			return false;
		len -= 2;

		elemlen = pos[1];
		if (elemlen > len)
			return false;

		len -= elemlen;
		pos += 2 + elemlen;
	}

	return true;
}

180 181 182 183 184 185 186 187
/* message building helper */
static inline void *nl80211hdr_put(struct sk_buff *skb, u32 pid, u32 seq,
				   int flags, u8 cmd)
{
	/* since there is no private header just add the generic one */
	return genlmsg_put(skb, pid, seq, &nl80211_fam, flags, cmd);
}

188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211
static int nl80211_msg_put_channel(struct sk_buff *msg,
				   struct ieee80211_channel *chan)
{
	NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_FREQ,
		    chan->center_freq);

	if (chan->flags & IEEE80211_CHAN_DISABLED)
		NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_DISABLED);
	if (chan->flags & IEEE80211_CHAN_PASSIVE_SCAN)
		NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_PASSIVE_SCAN);
	if (chan->flags & IEEE80211_CHAN_NO_IBSS)
		NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_NO_IBSS);
	if (chan->flags & IEEE80211_CHAN_RADAR)
		NLA_PUT_FLAG(msg, NL80211_FREQUENCY_ATTR_RADAR);

	NLA_PUT_U32(msg, NL80211_FREQUENCY_ATTR_MAX_TX_POWER,
		    DBM_TO_MBM(chan->max_power));

	return 0;

 nla_put_failure:
	return -ENOBUFS;
}

212 213
/* netlink command implementations */

214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307
struct key_parse {
	struct key_params p;
	int idx;
	bool def, defmgmt;
};

static int nl80211_parse_key_new(struct nlattr *key, struct key_parse *k)
{
	struct nlattr *tb[NL80211_KEY_MAX + 1];
	int err = nla_parse_nested(tb, NL80211_KEY_MAX, key,
				   nl80211_key_policy);
	if (err)
		return err;

	k->def = !!tb[NL80211_KEY_DEFAULT];
	k->defmgmt = !!tb[NL80211_KEY_DEFAULT_MGMT];

	if (tb[NL80211_KEY_IDX])
		k->idx = nla_get_u8(tb[NL80211_KEY_IDX]);

	if (tb[NL80211_KEY_DATA]) {
		k->p.key = nla_data(tb[NL80211_KEY_DATA]);
		k->p.key_len = nla_len(tb[NL80211_KEY_DATA]);
	}

	if (tb[NL80211_KEY_SEQ]) {
		k->p.seq = nla_data(tb[NL80211_KEY_SEQ]);
		k->p.seq_len = nla_len(tb[NL80211_KEY_SEQ]);
	}

	if (tb[NL80211_KEY_CIPHER])
		k->p.cipher = nla_get_u32(tb[NL80211_KEY_CIPHER]);

	return 0;
}

static int nl80211_parse_key_old(struct genl_info *info, struct key_parse *k)
{
	if (info->attrs[NL80211_ATTR_KEY_DATA]) {
		k->p.key = nla_data(info->attrs[NL80211_ATTR_KEY_DATA]);
		k->p.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]);
	}

	if (info->attrs[NL80211_ATTR_KEY_SEQ]) {
		k->p.seq = nla_data(info->attrs[NL80211_ATTR_KEY_SEQ]);
		k->p.seq_len = nla_len(info->attrs[NL80211_ATTR_KEY_SEQ]);
	}

	if (info->attrs[NL80211_ATTR_KEY_IDX])
		k->idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);

	if (info->attrs[NL80211_ATTR_KEY_CIPHER])
		k->p.cipher = nla_get_u32(info->attrs[NL80211_ATTR_KEY_CIPHER]);

	k->def = !!info->attrs[NL80211_ATTR_KEY_DEFAULT];
	k->defmgmt = !!info->attrs[NL80211_ATTR_KEY_DEFAULT_MGMT];

	return 0;
}

static int nl80211_parse_key(struct genl_info *info, struct key_parse *k)
{
	int err;

	memset(k, 0, sizeof(*k));
	k->idx = -1;

	if (info->attrs[NL80211_ATTR_KEY])
		err = nl80211_parse_key_new(info->attrs[NL80211_ATTR_KEY], k);
	else
		err = nl80211_parse_key_old(info, k);

	if (err)
		return err;

	if (k->def && k->defmgmt)
		return -EINVAL;

	if (k->idx != -1) {
		if (k->defmgmt) {
			if (k->idx < 4 || k->idx > 5)
				return -EINVAL;
		} else if (k->def) {
			if (k->idx < 0 || k->idx > 3)
				return -EINVAL;
		} else {
			if (k->idx < 0 || k->idx > 5)
				return -EINVAL;
		}
	}

	return 0;
}

308 309 310 311
static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags,
			      struct cfg80211_registered_device *dev)
{
	void *hdr;
312 313 314
	struct nlattr *nl_bands, *nl_band;
	struct nlattr *nl_freqs, *nl_freq;
	struct nlattr *nl_rates, *nl_rate;
315
	struct nlattr *nl_modes;
316
	struct nlattr *nl_cmds;
317 318 319 320
	enum ieee80211_band band;
	struct ieee80211_channel *chan;
	struct ieee80211_rate *rate;
	int i;
321
	u16 ifmodes = dev->wiphy.interface_modes;
322 323 324 325 326

	hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_WIPHY);
	if (!hdr)
		return -1;

327
	NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, dev->wiphy_idx);
328
	NLA_PUT_STRING(msg, NL80211_ATTR_WIPHY_NAME, wiphy_name(&dev->wiphy));
329 330 331 332 333 334 335 336 337 338

	NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_SHORT,
		   dev->wiphy.retry_short);
	NLA_PUT_U8(msg, NL80211_ATTR_WIPHY_RETRY_LONG,
		   dev->wiphy.retry_long);
	NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD,
		    dev->wiphy.frag_threshold);
	NLA_PUT_U32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD,
		    dev->wiphy.rts_threshold);

339 340
	NLA_PUT_U8(msg, NL80211_ATTR_MAX_NUM_SCAN_SSIDS,
		   dev->wiphy.max_scan_ssids);
341 342
	NLA_PUT_U16(msg, NL80211_ATTR_MAX_SCAN_IE_LEN,
		    dev->wiphy.max_scan_ie_len);
343

344 345 346 347
	NLA_PUT(msg, NL80211_ATTR_CIPHER_SUITES,
		sizeof(u32) * dev->wiphy.n_cipher_suites,
		dev->wiphy.cipher_suites);

348 349 350 351 352 353 354 355 356 357 358 359 360 361
	nl_modes = nla_nest_start(msg, NL80211_ATTR_SUPPORTED_IFTYPES);
	if (!nl_modes)
		goto nla_put_failure;

	i = 0;
	while (ifmodes) {
		if (ifmodes & 1)
			NLA_PUT_FLAG(msg, i);
		ifmodes >>= 1;
		i++;
	}

	nla_nest_end(msg, nl_modes);

362 363 364 365 366 367 368 369 370 371 372 373
	nl_bands = nla_nest_start(msg, NL80211_ATTR_WIPHY_BANDS);
	if (!nl_bands)
		goto nla_put_failure;

	for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
		if (!dev->wiphy.bands[band])
			continue;

		nl_band = nla_nest_start(msg, band);
		if (!nl_band)
			goto nla_put_failure;

374 375 376 377 378 379 380 381 382 383 384 385 386
		/* add HT info */
		if (dev->wiphy.bands[band]->ht_cap.ht_supported) {
			NLA_PUT(msg, NL80211_BAND_ATTR_HT_MCS_SET,
				sizeof(dev->wiphy.bands[band]->ht_cap.mcs),
				&dev->wiphy.bands[band]->ht_cap.mcs);
			NLA_PUT_U16(msg, NL80211_BAND_ATTR_HT_CAPA,
				dev->wiphy.bands[band]->ht_cap.cap);
			NLA_PUT_U8(msg, NL80211_BAND_ATTR_HT_AMPDU_FACTOR,
				dev->wiphy.bands[band]->ht_cap.ampdu_factor);
			NLA_PUT_U8(msg, NL80211_BAND_ATTR_HT_AMPDU_DENSITY,
				dev->wiphy.bands[band]->ht_cap.ampdu_density);
		}

387 388 389 390 391 392 393 394 395 396 397
		/* add frequencies */
		nl_freqs = nla_nest_start(msg, NL80211_BAND_ATTR_FREQS);
		if (!nl_freqs)
			goto nla_put_failure;

		for (i = 0; i < dev->wiphy.bands[band]->n_channels; i++) {
			nl_freq = nla_nest_start(msg, i);
			if (!nl_freq)
				goto nla_put_failure;

			chan = &dev->wiphy.bands[band]->channels[i];
398 399 400

			if (nl80211_msg_put_channel(msg, chan))
				goto nla_put_failure;
401

402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432
			nla_nest_end(msg, nl_freq);
		}

		nla_nest_end(msg, nl_freqs);

		/* add bitrates */
		nl_rates = nla_nest_start(msg, NL80211_BAND_ATTR_RATES);
		if (!nl_rates)
			goto nla_put_failure;

		for (i = 0; i < dev->wiphy.bands[band]->n_bitrates; i++) {
			nl_rate = nla_nest_start(msg, i);
			if (!nl_rate)
				goto nla_put_failure;

			rate = &dev->wiphy.bands[band]->bitrates[i];
			NLA_PUT_U32(msg, NL80211_BITRATE_ATTR_RATE,
				    rate->bitrate);
			if (rate->flags & IEEE80211_RATE_SHORT_PREAMBLE)
				NLA_PUT_FLAG(msg,
					NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE);

			nla_nest_end(msg, nl_rate);
		}

		nla_nest_end(msg, nl_rates);

		nla_nest_end(msg, nl_band);
	}
	nla_nest_end(msg, nl_bands);

433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453
	nl_cmds = nla_nest_start(msg, NL80211_ATTR_SUPPORTED_COMMANDS);
	if (!nl_cmds)
		goto nla_put_failure;

	i = 0;
#define CMD(op, n)						\
	 do {							\
		if (dev->ops->op) {				\
			i++;					\
			NLA_PUT_U32(msg, i, NL80211_CMD_ ## n);	\
		}						\
	} while (0)

	CMD(add_virtual_intf, NEW_INTERFACE);
	CMD(change_virtual_intf, SET_INTERFACE);
	CMD(add_key, NEW_KEY);
	CMD(add_beacon, NEW_BEACON);
	CMD(add_station, NEW_STATION);
	CMD(add_mpath, NEW_MPATH);
	CMD(set_mesh_params, SET_MESH_PARAMS);
	CMD(change_bss, SET_BSS);
454 455 456 457
	CMD(auth, AUTHENTICATE);
	CMD(assoc, ASSOCIATE);
	CMD(deauth, DEAUTHENTICATE);
	CMD(disassoc, DISASSOCIATE);
Johannes Berg's avatar
Johannes Berg committed
458
	CMD(join_ibss, JOIN_IBSS);
459 460

#undef CMD
461

462
	if (dev->ops->connect || dev->ops->auth) {
463 464 465 466
		i++;
		NLA_PUT_U32(msg, i, NL80211_CMD_CONNECT);
	}

467
	if (dev->ops->disconnect || dev->ops->deauth) {
468 469 470 471
		i++;
		NLA_PUT_U32(msg, i, NL80211_CMD_DISCONNECT);
	}

472 473
	nla_nest_end(msg, nl_cmds);

474 475 476
	return genlmsg_end(msg, hdr);

 nla_put_failure:
477 478
	genlmsg_cancel(msg, hdr);
	return -EMSGSIZE;
479 480 481 482 483 484 485 486
}

static int nl80211_dump_wiphy(struct sk_buff *skb, struct netlink_callback *cb)
{
	int idx = 0;
	int start = cb->args[0];
	struct cfg80211_registered_device *dev;

487
	mutex_lock(&cfg80211_mutex);
488
	list_for_each_entry(dev, &cfg80211_rdev_list, list) {
489
		if (++idx <= start)
490 491 492
			continue;
		if (nl80211_send_wiphy(skb, NETLINK_CB(cb->skb).pid,
				       cb->nlh->nlmsg_seq, NLM_F_MULTI,
493 494
				       dev) < 0) {
			idx--;
495
			break;
496
		}
497
	}
498
	mutex_unlock(&cfg80211_mutex);
499 500 501 502 503 504 505 506 507 508 509 510 511 512 513

	cb->args[0] = idx;

	return skb->len;
}

static int nl80211_get_wiphy(struct sk_buff *skb, struct genl_info *info)
{
	struct sk_buff *msg;
	struct cfg80211_registered_device *dev;

	dev = cfg80211_get_dev_from_info(info);
	if (IS_ERR(dev))
		return PTR_ERR(dev);

514
	msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
515 516 517 518 519 520
	if (!msg)
		goto out_err;

	if (nl80211_send_wiphy(msg, info->snd_pid, info->snd_seq, 0, dev) < 0)
		goto out_free;

521
	cfg80211_unlock_rdev(dev);
522

Johannes Berg's avatar
Johannes Berg committed
523
	return genlmsg_reply(msg, info);
524 525 526 527

 out_free:
	nlmsg_free(msg);
 out_err:
528
	cfg80211_unlock_rdev(dev);
529 530 531
	return -ENOBUFS;
}

532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556
static const struct nla_policy txq_params_policy[NL80211_TXQ_ATTR_MAX + 1] = {
	[NL80211_TXQ_ATTR_QUEUE]		= { .type = NLA_U8 },
	[NL80211_TXQ_ATTR_TXOP]			= { .type = NLA_U16 },
	[NL80211_TXQ_ATTR_CWMIN]		= { .type = NLA_U16 },
	[NL80211_TXQ_ATTR_CWMAX]		= { .type = NLA_U16 },
	[NL80211_TXQ_ATTR_AIFS]			= { .type = NLA_U8 },
};

static int parse_txq_params(struct nlattr *tb[],
			    struct ieee80211_txq_params *txq_params)
{
	if (!tb[NL80211_TXQ_ATTR_QUEUE] || !tb[NL80211_TXQ_ATTR_TXOP] ||
	    !tb[NL80211_TXQ_ATTR_CWMIN] || !tb[NL80211_TXQ_ATTR_CWMAX] ||
	    !tb[NL80211_TXQ_ATTR_AIFS])
		return -EINVAL;

	txq_params->queue = nla_get_u8(tb[NL80211_TXQ_ATTR_QUEUE]);
	txq_params->txop = nla_get_u16(tb[NL80211_TXQ_ATTR_TXOP]);
	txq_params->cwmin = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMIN]);
	txq_params->cwmax = nla_get_u16(tb[NL80211_TXQ_ATTR_CWMAX]);
	txq_params->aifs = nla_get_u8(tb[NL80211_TXQ_ATTR_AIFS]);

	return 0;
}

557 558 559
static int nl80211_set_wiphy(struct sk_buff *skb, struct genl_info *info)
{
	struct cfg80211_registered_device *rdev;
560 561
	int result = 0, rem_txq_params = 0;
	struct nlattr *nl_txq_params;
562 563 564
	u32 changed;
	u8 retry_short = 0, retry_long = 0;
	u32 frag_threshold = 0, rts_threshold = 0;
565

566
	rtnl_lock();
567

568 569
	mutex_lock(&cfg80211_mutex);

570
	rdev = __cfg80211_rdev_from_info(info);
571
	if (IS_ERR(rdev)) {
572
		mutex_unlock(&cfg80211_mutex);
573 574 575 576 577 578 579
		result = PTR_ERR(rdev);
		goto unlock;
	}

	mutex_lock(&rdev->mtx);

	if (info->attrs[NL80211_ATTR_WIPHY_NAME])
580 581
		result = cfg80211_dev_rename(
			rdev, nla_data(info->attrs[NL80211_ATTR_WIPHY_NAME]));
582 583 584 585 586

	mutex_unlock(&cfg80211_mutex);

	if (result)
		goto bad_res;
587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613

	if (info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS]) {
		struct ieee80211_txq_params txq_params;
		struct nlattr *tb[NL80211_TXQ_ATTR_MAX + 1];

		if (!rdev->ops->set_txq_params) {
			result = -EOPNOTSUPP;
			goto bad_res;
		}

		nla_for_each_nested(nl_txq_params,
				    info->attrs[NL80211_ATTR_WIPHY_TXQ_PARAMS],
				    rem_txq_params) {
			nla_parse(tb, NL80211_TXQ_ATTR_MAX,
				  nla_data(nl_txq_params),
				  nla_len(nl_txq_params),
				  txq_params_policy);
			result = parse_txq_params(tb, &txq_params);
			if (result)
				goto bad_res;

			result = rdev->ops->set_txq_params(&rdev->wiphy,
							   &txq_params);
			if (result)
				goto bad_res;
		}
	}
614

615
	if (info->attrs[NL80211_ATTR_WIPHY_FREQ]) {
Sujith's avatar
Sujith committed
616
		enum nl80211_channel_type channel_type = NL80211_CHAN_NO_HT;
617
		struct ieee80211_channel *chan;
618
		struct ieee80211_sta_ht_cap *ht_cap;
619
		u32 freq;
620 621 622 623 624 625

		if (!rdev->ops->set_channel) {
			result = -EOPNOTSUPP;
			goto bad_res;
		}

626 627
		result = -EINVAL;

Sujith's avatar
Sujith committed
628 629 630 631 632 633 634
		if (info->attrs[NL80211_ATTR_WIPHY_CHANNEL_TYPE]) {
			channel_type = nla_get_u32(info->attrs[
					   NL80211_ATTR_WIPHY_CHANNEL_TYPE]);
			if (channel_type != NL80211_CHAN_NO_HT &&
			    channel_type != NL80211_CHAN_HT20 &&
			    channel_type != NL80211_CHAN_HT40PLUS &&
			    channel_type != NL80211_CHAN_HT40MINUS)
635 636 637 638 639
				goto bad_res;
		}

		freq = nla_get_u32(info->attrs[NL80211_ATTR_WIPHY_FREQ]);
		chan = ieee80211_get_channel(&rdev->wiphy, freq);
640 641 642

		/* Primary channel not allowed */
		if (!chan || chan->flags & IEEE80211_CHAN_DISABLED)
643
			goto bad_res;
644

645 646
		if (channel_type == NL80211_CHAN_HT40MINUS &&
		    (chan->flags & IEEE80211_CHAN_NO_HT40MINUS))
647
			goto bad_res;
648 649
		else if (channel_type == NL80211_CHAN_HT40PLUS &&
			 (chan->flags & IEEE80211_CHAN_NO_HT40PLUS))
650 651
			goto bad_res;

652 653 654 655 656
		/*
		 * At this point we know if that if HT40 was requested
		 * we are allowed to use it and the extension channel
		 * exists.
		 */
657

658
		ht_cap = &rdev->wiphy.bands[chan->band]->ht_cap;
659

660 661 662 663
		/* no HT capabilities or intolerant */
		if (channel_type != NL80211_CHAN_NO_HT) {
			if (!ht_cap->ht_supported)
				goto bad_res;
664 665 666
			if (!(ht_cap->cap & IEEE80211_HT_CAP_SUP_WIDTH_20_40) ||
			    (ht_cap->cap & IEEE80211_HT_CAP_40MHZ_INTOLERANT))
				goto bad_res;
667 668 669
		}

		result = rdev->ops->set_channel(&rdev->wiphy, chan,
Sujith's avatar
Sujith committed
670
						channel_type);
671 672 673 674
		if (result)
			goto bad_res;
	}

675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752
	changed = 0;

	if (info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]) {
		retry_short = nla_get_u8(
			info->attrs[NL80211_ATTR_WIPHY_RETRY_SHORT]);
		if (retry_short == 0) {
			result = -EINVAL;
			goto bad_res;
		}
		changed |= WIPHY_PARAM_RETRY_SHORT;
	}

	if (info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]) {
		retry_long = nla_get_u8(
			info->attrs[NL80211_ATTR_WIPHY_RETRY_LONG]);
		if (retry_long == 0) {
			result = -EINVAL;
			goto bad_res;
		}
		changed |= WIPHY_PARAM_RETRY_LONG;
	}

	if (info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]) {
		frag_threshold = nla_get_u32(
			info->attrs[NL80211_ATTR_WIPHY_FRAG_THRESHOLD]);
		if (frag_threshold < 256) {
			result = -EINVAL;
			goto bad_res;
		}
		if (frag_threshold != (u32) -1) {
			/*
			 * Fragments (apart from the last one) are required to
			 * have even length. Make the fragmentation code
			 * simpler by stripping LSB should someone try to use
			 * odd threshold value.
			 */
			frag_threshold &= ~0x1;
		}
		changed |= WIPHY_PARAM_FRAG_THRESHOLD;
	}

	if (info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]) {
		rts_threshold = nla_get_u32(
			info->attrs[NL80211_ATTR_WIPHY_RTS_THRESHOLD]);
		changed |= WIPHY_PARAM_RTS_THRESHOLD;
	}

	if (changed) {
		u8 old_retry_short, old_retry_long;
		u32 old_frag_threshold, old_rts_threshold;

		if (!rdev->ops->set_wiphy_params) {
			result = -EOPNOTSUPP;
			goto bad_res;
		}

		old_retry_short = rdev->wiphy.retry_short;
		old_retry_long = rdev->wiphy.retry_long;
		old_frag_threshold = rdev->wiphy.frag_threshold;
		old_rts_threshold = rdev->wiphy.rts_threshold;

		if (changed & WIPHY_PARAM_RETRY_SHORT)
			rdev->wiphy.retry_short = retry_short;
		if (changed & WIPHY_PARAM_RETRY_LONG)
			rdev->wiphy.retry_long = retry_long;
		if (changed & WIPHY_PARAM_FRAG_THRESHOLD)
			rdev->wiphy.frag_threshold = frag_threshold;
		if (changed & WIPHY_PARAM_RTS_THRESHOLD)
			rdev->wiphy.rts_threshold = rts_threshold;

		result = rdev->ops->set_wiphy_params(&rdev->wiphy, changed);
		if (result) {
			rdev->wiphy.retry_short = old_retry_short;
			rdev->wiphy.retry_long = old_retry_long;
			rdev->wiphy.frag_threshold = old_frag_threshold;
			rdev->wiphy.rts_threshold = old_rts_threshold;
		}
	}
753

754
 bad_res:
755 756 757
	mutex_unlock(&rdev->mtx);
 unlock:
	rtnl_unlock();
758 759 760 761 762
	return result;
}


static int nl80211_send_iface(struct sk_buff *msg, u32 pid, u32 seq, int flags,
763
			      struct cfg80211_registered_device *rdev,
764 765 766 767 768 769 770 771 772
			      struct net_device *dev)
{
	void *hdr;

	hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_INTERFACE);
	if (!hdr)
		return -1;

	NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex);
773
	NLA_PUT_U32(msg, NL80211_ATTR_WIPHY, rdev->wiphy_idx);
774
	NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, dev->name);
Johannes Berg's avatar
Johannes Berg committed
775
	NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, dev->ieee80211_ptr->iftype);
776 777 778
	return genlmsg_end(msg, hdr);

 nla_put_failure:
779 780
	genlmsg_cancel(msg, hdr);
	return -EMSGSIZE;
781 782 783 784 785 786 787 788 789 790 791
}

static int nl80211_dump_interface(struct sk_buff *skb, struct netlink_callback *cb)
{
	int wp_idx = 0;
	int if_idx = 0;
	int wp_start = cb->args[0];
	int if_start = cb->args[1];
	struct cfg80211_registered_device *dev;
	struct wireless_dev *wdev;

792
	mutex_lock(&cfg80211_mutex);
793
	list_for_each_entry(dev, &cfg80211_rdev_list, list) {
Johannes Berg's avatar
Johannes Berg committed
794 795
		if (wp_idx < wp_start) {
			wp_idx++;
796
			continue;
Johannes Berg's avatar
Johannes Berg committed
797
		}
798 799 800 801
		if_idx = 0;

		mutex_lock(&dev->devlist_mtx);
		list_for_each_entry(wdev, &dev->netdev_list, list) {
Johannes Berg's avatar
Johannes Berg committed
802 803
			if (if_idx < if_start) {
				if_idx++;
804
				continue;
Johannes Berg's avatar
Johannes Berg committed
805
			}
806 807
			if (nl80211_send_iface(skb, NETLINK_CB(cb->skb).pid,
					       cb->nlh->nlmsg_seq, NLM_F_MULTI,
808
					       dev, wdev->netdev) < 0) {
Johannes Berg's avatar
Johannes Berg committed
809 810 811 812
				mutex_unlock(&dev->devlist_mtx);
				goto out;
			}
			if_idx++;
813 814
		}
		mutex_unlock(&dev->devlist_mtx);
Johannes Berg's avatar
Johannes Berg committed
815 816

		wp_idx++;
817
	}
Johannes Berg's avatar
Johannes Berg committed
818
 out:
819
	mutex_unlock(&cfg80211_mutex);
820 821 822 823 824 825 826 827 828 829 830 831 832 833

	cb->args[0] = wp_idx;
	cb->args[1] = if_idx;

	return skb->len;
}

static int nl80211_get_interface(struct sk_buff *skb, struct genl_info *info)
{
	struct sk_buff *msg;
	struct cfg80211_registered_device *dev;
	struct net_device *netdev;
	int err;

834
	err = get_rdev_dev_by_info_ifindex(info->attrs, &dev, &netdev);
835 836 837
	if (err)
		return err;

838
	msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
839 840 841
	if (!msg)
		goto out_err;

842 843
	if (nl80211_send_iface(msg, info->snd_pid, info->snd_seq, 0,
			       dev, netdev) < 0)
844 845 846
		goto out_free;

	dev_put(netdev);
847
	cfg80211_unlock_rdev(dev);
848

Johannes Berg's avatar
Johannes Berg committed
849
	return genlmsg_reply(msg, info);
850 851 852 853 854

 out_free:
	nlmsg_free(msg);
 out_err:
	dev_put(netdev);
855
	cfg80211_unlock_rdev(dev);
856 857 858
	return -ENOBUFS;
}

859 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879 880 881 882 883 884 885 886 887
static const struct nla_policy mntr_flags_policy[NL80211_MNTR_FLAG_MAX + 1] = {
	[NL80211_MNTR_FLAG_FCSFAIL] = { .type = NLA_FLAG },
	[NL80211_MNTR_FLAG_PLCPFAIL] = { .type = NLA_FLAG },
	[NL80211_MNTR_FLAG_CONTROL] = { .type = NLA_FLAG },
	[NL80211_MNTR_FLAG_OTHER_BSS] = { .type = NLA_FLAG },
	[NL80211_MNTR_FLAG_COOK_FRAMES] = { .type = NLA_FLAG },
};

static int parse_monitor_flags(struct nlattr *nla, u32 *mntrflags)
{
	struct nlattr *flags[NL80211_MNTR_FLAG_MAX + 1];
	int flag;

	*mntrflags = 0;

	if (!nla)
		return -EINVAL;

	if (nla_parse_nested(flags, NL80211_MNTR_FLAG_MAX,
			     nla, mntr_flags_policy))
		return -EINVAL;

	for (flag = 1; flag <= NL80211_MNTR_FLAG_MAX; flag++)
		if (flags[flag])
			*mntrflags |= (1<<flag);

	return 0;
}

888 889
static int nl80211_set_interface(struct sk_buff *skb, struct genl_info *info)
{
890
	struct cfg80211_registered_device *rdev;
891
	struct vif_params params;
892
	int err;
Johannes Berg's avatar
Johannes Berg committed
893
	enum nl80211_iftype otype, ntype;
894
	struct net_device *dev;
895
	u32 _flags, *flags = NULL;
896
	bool change = false;
897

898 899
	memset(&params, 0, sizeof(params));

Johannes Berg's avatar
Johannes Berg committed
900 901
	rtnl_lock();

902
	err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
903
	if (err)
Johannes Berg's avatar
Johannes Berg committed
904 905
		goto unlock_rtnl;

Johannes Berg's avatar
Johannes Berg committed
906
	otype = ntype = dev->ieee80211_ptr->iftype;
907

908
	if (info->attrs[NL80211_ATTR_IFTYPE]) {
909
		ntype = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]);
Johannes Berg's avatar
Johannes Berg committed
910
		if (otype != ntype)
911
			change = true;
Johannes Berg's avatar
Johannes Berg committed
912
		if (ntype > NL80211_IFTYPE_MAX) {
913
			err = -EINVAL;
914
			goto unlock;
915
		}
916 917
	}

918 919
	if (!rdev->ops->change_virtual_intf ||
	    !(rdev->wiphy.interface_modes & (1 << ntype))) {
920 921 922 923
		err = -EOPNOTSUPP;
		goto unlock;
	}

924
	if (info->attrs[NL80211_ATTR_MESH_ID]) {
Johannes Berg's avatar
Johannes Berg committed
925
		if (ntype != NL80211_IFTYPE_MESH_POINT) {
926 927 928
			err = -EINVAL;
			goto unlock;
		}
929 930
		params.mesh_id = nla_data(info->attrs[NL80211_ATTR_MESH_ID]);
		params.mesh_id_len = nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
931
		change = true;
932 933
	}

934
	if (info->attrs[NL80211_ATTR_MNTR_FLAGS]) {
Johannes Berg's avatar
Johannes Berg committed
935
		if (ntype != NL80211_IFTYPE_MONITOR) {
936 937 938 939 940
			err = -EINVAL;
			goto unlock;
		}
		err = parse_monitor_flags(info->attrs[NL80211_ATTR_MNTR_FLAGS],
					  &_flags);
941 942 943 944 945
		if (err)
			goto unlock;

		flags = &_flags;
		change = true;
946
	}
Johannes Berg's avatar
Johannes Berg committed
947

948
	if (change)
949
		err = rdev->ops->change_virtual_intf(&rdev->wiphy, dev,
Johannes Berg's avatar
Johannes Berg committed
950
						    ntype, flags, &params);
951 952
	else
		err = 0;
Johannes Berg's avatar
Johannes Berg committed
953

954
	WARN_ON(!err && dev->ieee80211_ptr->iftype != ntype);
Johannes Berg's avatar
Johannes Berg committed
955

956
	if (!err && (ntype != otype)) {
Johannes Berg's avatar
Johannes Berg committed
957
		if (otype == NL80211_IFTYPE_ADHOC)
958
			cfg80211_clear_ibss(dev, false);
Johannes Berg's avatar
Johannes Berg committed
959
	}
Johannes Berg's avatar
Johannes Berg committed
960

961
 unlock:
962
	dev_put(dev);
963
	cfg80211_unlock_rdev(rdev);
Johannes Berg's avatar
Johannes Berg committed
964 965
 unlock_rtnl:
	rtnl_unlock();
966 967 968 969 970
	return err;
}

static int nl80211_new_interface(struct sk_buff *skb, struct genl_info *info)
{
971
	struct cfg80211_registered_device *rdev;
972
	struct vif_params params;
973 974
	int err;
	enum nl80211_iftype type = NL80211_IFTYPE_UNSPECIFIED;
975
	u32 flags;
976

977 978
	memset(&params, 0, sizeof(params));

979 980 981 982 983 984 985 986 987
	if (!info->attrs[NL80211_ATTR_IFNAME])
		return -EINVAL;

	if (info->attrs[NL80211_ATTR_IFTYPE]) {
		type = nla_get_u32(info->attrs[NL80211_ATTR_IFTYPE]);
		if (type > NL80211_IFTYPE_MAX)
			return -EINVAL;
	}

Johannes Berg's avatar
Johannes Berg committed
988 989
	rtnl_lock();

990 991 992
	rdev = cfg80211_get_dev_from_info(info);
	if (IS_ERR(rdev)) {
		err = PTR_ERR(rdev);
Johannes Berg's avatar
Johannes Berg committed
993 994
		goto unlock_rtnl;
	}
995

996 997
	if (!rdev->ops->add_virtual_intf ||
	    !(rdev->wiphy.interface_modes & (1 << type))) {
998 999 1000 1001
		err = -EOPNOTSUPP;
		goto unlock;
	}

1002 1003 1004 1005 1006 1007
	if (type == NL80211_IFTYPE_MESH_POINT &&
	    info->attrs[NL80211_ATTR_MESH_ID]) {
		params.mesh_id = nla_data(info->attrs[NL80211_ATTR_MESH_ID]);
		params.mesh_id_len = nla_len(info->attrs[NL80211_ATTR_MESH_ID]);
	}

1008 1009 1010
	err = parse_monitor_flags(type == NL80211_IFTYPE_MONITOR ?
				  info->attrs[NL80211_ATTR_MNTR_FLAGS] : NULL,
				  &flags);
1011
	err = rdev->ops->add_virtual_intf(&rdev->wiphy,
1012
		nla_data(info->attrs[NL80211_ATTR_IFNAME]),
1013 1014
		type, err ? NULL : &flags, &params);

1015
 unlock:
1016
	cfg80211_unlock_rdev(rdev);
Johannes Berg's avatar
Johannes Berg committed
1017 1018
 unlock_rtnl:
	rtnl_unlock();
1019 1020 1021 1022 1023
	return err;
}

static int nl80211_del_interface(struct sk_buff *skb, struct genl_info *info)
{
1024
	struct cfg80211_registered_device *rdev;
1025 1026 1027
	int ifindex, err;
	struct net_device *dev;

Johannes Berg's avatar
Johannes Berg committed
1028 1029
	rtnl_lock();

1030
	err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
1031
	if (err)
Johannes Berg's avatar
Johannes Berg committed
1032
		goto unlock_rtnl;
1033 1034 1035
	ifindex = dev->ifindex;
	dev_put(dev);

1036
	if (!rdev->ops->del_virtual_intf) {
1037 1038 1039 1040
		err = -EOPNOTSUPP;
		goto out;
	}

1041
	err = rdev->ops->del_virtual_intf(&rdev->wiphy, ifindex);
1042 1043

 out:
1044
	cfg80211_unlock_rdev(rdev);
Johannes Berg's avatar
Johannes Berg committed
1045 1046
 unlock_rtnl:
	rtnl_unlock();
1047 1048 1049
	return err;
}

1050 1051 1052
struct get_key_cookie {
	struct sk_buff *msg;
	int error;
1053
	int idx;
1054 1055 1056 1057
};

static void get_key_callback(void *c, struct key_params *params)
{
1058
	struct nlattr *key;
1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072
	struct get_key_cookie *cookie = c;

	if (params->key)
		NLA_PUT(cookie->msg, NL80211_ATTR_KEY_DATA,
			params->key_len, params->key);

	if (params->seq)
		NLA_PUT(cookie->msg, NL80211_ATTR_KEY_SEQ,
			params->seq_len, params->seq);

	if (params->cipher)
		NLA_PUT_U32(cookie->msg, NL80211_ATTR_KEY_CIPHER,
			    params->cipher);

1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 1085 1086 1087 1088 1089 1090 1091 1092
	key = nla_nest_start(cookie->msg, NL80211_ATTR_KEY);
	if (!key)
		goto nla_put_failure;

	if (params->key)
		NLA_PUT(cookie->msg, NL80211_KEY_DATA,
			params->key_len, params->key);

	if (params->seq)
		NLA_PUT(cookie->msg, NL80211_KEY_SEQ,
			params->seq_len, params->seq);

	if (params->cipher)
		NLA_PUT_U32(cookie->msg, NL80211_KEY_CIPHER,
			    params->cipher);

	NLA_PUT_U8(cookie->msg, NL80211_ATTR_KEY_IDX, cookie->idx);

	nla_nest_end(cookie->msg, key);

1093 1094 1095 1096 1097 1098 1099
	return;
 nla_put_failure:
	cookie->error = 1;
}

static int nl80211_get_key(struct sk_buff *skb, struct genl_info *info)
{
1100
	struct cfg80211_registered_device *rdev;
1101 1102 1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 1113
	int err;
	struct net_device *dev;
	u8 key_idx = 0;
	u8 *mac_addr = NULL;
	struct get_key_cookie cookie = {
		.error = 0,
	};
	void *hdr;
	struct sk_buff *msg;

	if (info->attrs[NL80211_ATTR_KEY_IDX])
		key_idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);

1114
	if (key_idx > 5)
1115 1116 1117 1118 1119
		return -EINVAL;

	if (info->attrs[NL80211_ATTR_MAC])
		mac_addr = nla_data(info->attrs[NL80211_ATTR_MAC]);

Johannes Berg's avatar
Johannes Berg committed
1120 1121
	rtnl_lock();

1122
	err = get_rdev_dev_by_info_ifindex(info->attrs, &rdev, &dev);
1123
	if (err)
Johannes Berg's avatar
Johannes Berg committed
1124
		goto unlock_rtnl;
1125

1126
	if (!rdev->ops->get_key) {
1127