nl80211.c 224 KB
Newer Older
1 2 3
/*
 * This is the new netlink-based wireless configuration interface.
 *
4
 * Copyright 2006-2010	Johannes Berg <johannes@sipsolutions.net>
5 6 7 8 9
 */

#include <linux/if.h>
#include <linux/module.h>
#include <linux/err.h>
10
#include <linux/slab.h>
11 12 13 14 15 16
#include <linux/list.h>
#include <linux/if_ether.h>
#include <linux/ieee80211.h>
#include <linux/nl80211.h>
#include <linux/rtnetlink.h>
#include <linux/netlink.h>
17
#include <linux/etherdevice.h>
18
#include <net/net_namespace.h>
19 20
#include <net/genetlink.h>
#include <net/cfg80211.h>
21
#include <net/sock.h>
22 23
#include "core.h"
#include "nl80211.h"
24
#include "reg.h"
25

26 27 28 29 30 31
static bool nl80211_valid_auth_type(enum nl80211_auth_type auth_type);
static int nl80211_crypto_settings(struct cfg80211_registered_device *rdev,
				   struct genl_info *info,
				   struct cfg80211_crypto_settings *settings,
				   int cipher_limit);

32 33 34 35 36
static int nl80211_pre_doit(struct genl_ops *ops, struct sk_buff *skb,
			    struct genl_info *info);
static void nl80211_post_doit(struct genl_ops *ops, struct sk_buff *skb,
			      struct genl_info *info);

37 38 39 40 41 42 43
/* the netlink family */
static struct genl_family nl80211_fam = {
	.id = GENL_ID_GENERATE,	/* don't bother with a hardcoded ID */
	.name = "nl80211",	/* have users key off the name instead */
	.hdrsize = 0,		/* no private header */
	.version = 1,		/* no particular meaning now */
	.maxattr = NL80211_ATTR_MAX,
44
	.netnsok = true,
45 46
	.pre_doit = nl80211_pre_doit,
	.post_doit = nl80211_post_doit,
47 48
};

49
/* internal helper: get rdev and dev */
50 51 52
static int get_rdev_dev_by_ifindex(struct net *netns, struct nlattr **attrs,
				   struct cfg80211_registered_device **rdev,
				   struct net_device **dev)
53 54 55
{
	int ifindex;

Johannes Berg's avatar
Johannes Berg committed
56
	if (!attrs[NL80211_ATTR_IFINDEX])
57 58
		return -EINVAL;

Johannes Berg's avatar
Johannes Berg committed
59
	ifindex = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]);
60
	*dev = dev_get_by_index(netns, ifindex);
61 62 63
	if (!*dev)
		return -ENODEV;

64
	*rdev = cfg80211_get_dev_from_ifindex(netns, ifindex);
65
	if (IS_ERR(*rdev)) {
66
		dev_put(*dev);
67
		return PTR_ERR(*rdev);
68 69 70 71 72
	}

	return 0;
}

73
static struct cfg80211_registered_device *
74
__cfg80211_rdev_from_attrs(struct net *netns, struct nlattr **attrs)
75
{
76 77
	struct cfg80211_registered_device *rdev = NULL, *tmp;
	struct net_device *netdev;
78 79 80

	assert_cfg80211_lock();

81 82
	if (!attrs[NL80211_ATTR_WIPHY] &&
	    !attrs[NL80211_ATTR_IFINDEX])
83 84
		return ERR_PTR(-EINVAL);

85
	if (attrs[NL80211_ATTR_WIPHY])
86
		rdev = cfg80211_rdev_by_wiphy_idx(
87
				nla_get_u32(attrs[NL80211_ATTR_WIPHY]));
88

89 90
	if (attrs[NL80211_ATTR_IFINDEX]) {
		int ifindex = nla_get_u32(attrs[NL80211_ATTR_IFINDEX]);
Johannes Berg's avatar
Johannes Berg committed
91
		netdev = dev_get_by_index(netns, ifindex);
92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109
		if (netdev) {
			if (netdev->ieee80211_ptr)
				tmp = wiphy_to_dev(
						netdev->ieee80211_ptr->wiphy);
			else
				tmp = NULL;

			dev_put(netdev);

			/* not wireless device -- return error */
			if (!tmp)
				return ERR_PTR(-EINVAL);

			/* mismatch -- return error */
			if (rdev && tmp != rdev)
				return ERR_PTR(-EINVAL);

			rdev = tmp;
110 111 112
		}
	}

Johannes Berg's avatar
Johannes Berg committed
113 114
	if (!rdev)
		return ERR_PTR(-ENODEV);
115

Johannes Berg's avatar
Johannes Berg committed
116 117 118 119
	if (netns != wiphy_net(&rdev->wiphy))
		return ERR_PTR(-ENODEV);

	return rdev;
120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142
}

/*
 * This function returns a pointer to the driver
 * that the genl_info item that is passed refers to.
 * If successful, it returns non-NULL and also locks
 * the driver's mutex!
 *
 * This means that you need to call cfg80211_unlock_rdev()
 * before being allowed to acquire &cfg80211_mutex!
 *
 * This is necessary because we need to lock the global
 * mutex to get an item off the list safely, and then
 * we lock the rdev mutex so it doesn't go away under us.
 *
 * We don't want to keep cfg80211_mutex locked
 * for all the time in order to allow requests on
 * other interfaces to go through at the same time.
 *
 * The result of this can be a PTR_ERR and hence must
 * be checked with IS_ERR() for errors.
 */
static struct cfg80211_registered_device *
Johannes Berg's avatar
Johannes Berg committed
143
cfg80211_get_dev_from_info(struct net *netns, struct genl_info *info)
144 145 146 147
{
	struct cfg80211_registered_device *rdev;

	mutex_lock(&cfg80211_mutex);
148
	rdev = __cfg80211_rdev_from_attrs(netns, info->attrs);
149 150 151 152 153 154 155 156 157 158 159 160

	/* if it is not an error we grab the lock on
	 * it to assure it won't be going away while
	 * we operate on it */
	if (!IS_ERR(rdev))
		mutex_lock(&rdev->mtx);

	mutex_unlock(&cfg80211_mutex);

	return rdev;
}

161
/* policy for the attributes */
Alexey Dobriyan's avatar
Alexey Dobriyan committed
162
static const struct nla_policy nl80211_policy[NL80211_ATTR_MAX+1] = {
163 164
	[NL80211_ATTR_WIPHY] = { .type = NLA_U32 },
	[NL80211_ATTR_WIPHY_NAME] = { .type = NLA_NUL_STRING,
165
				      .len = 20-1 },
166
	[NL80211_ATTR_WIPHY_TXQ_PARAMS] = { .type = NLA_NESTED },
167
	[NL80211_ATTR_WIPHY_FREQ] = { .type = NLA_U32 },
Sujith's avatar
Sujith committed
168
	[NL80211_ATTR_WIPHY_CHANNEL_TYPE] = { .type = NLA_U32 },
169 170 171 172
	[NL80211_ATTR_WIPHY_RETRY_SHORT] = { .type = NLA_U8 },
	[NL80211_ATTR_WIPHY_RETRY_LONG] = { .type = NLA_U8 },
	[NL80211_ATTR_WIPHY_FRAG_THRESHOLD] = { .type = NLA_U32 },
	[NL80211_ATTR_WIPHY_RTS_THRESHOLD] = { .type = NLA_U32 },
173
	[NL80211_ATTR_WIPHY_COVERAGE_CLASS] = { .type = NLA_U8 },
174 175 176 177

	[NL80211_ATTR_IFTYPE] = { .type = NLA_U32 },
	[NL80211_ATTR_IFINDEX] = { .type = NLA_U32 },
	[NL80211_ATTR_IFNAME] = { .type = NLA_NUL_STRING, .len = IFNAMSIZ-1 },
178

179 180
	[NL80211_ATTR_MAC] = { .len = ETH_ALEN },
	[NL80211_ATTR_PREV_BSSID] = { .len = ETH_ALEN },
181

182
	[NL80211_ATTR_KEY] = { .type = NLA_NESTED, },
183 184 185 186 187
	[NL80211_ATTR_KEY_DATA] = { .type = NLA_BINARY,
				    .len = WLAN_MAX_KEY_LEN },
	[NL80211_ATTR_KEY_IDX] = { .type = NLA_U8 },
	[NL80211_ATTR_KEY_CIPHER] = { .type = NLA_U32 },
	[NL80211_ATTR_KEY_DEFAULT] = { .type = NLA_FLAG },
188
	[NL80211_ATTR_KEY_SEQ] = { .type = NLA_BINARY, .len = 16 },
189
	[NL80211_ATTR_KEY_TYPE] = { .type = NLA_U32 },
190 191 192 193 194 195 196

	[NL80211_ATTR_BEACON_INTERVAL] = { .type = NLA_U32 },
	[NL80211_ATTR_DTIM_PERIOD] = { .type = NLA_U32 },
	[NL80211_ATTR_BEACON_HEAD] = { .type = NLA_BINARY,
				       .len = IEEE80211_MAX_DATA_LEN },
	[NL80211_ATTR_BEACON_TAIL] = { .type = NLA_BINARY,
				       .len = IEEE80211_MAX_DATA_LEN },
197 198 199 200 201
	[NL80211_ATTR_STA_AID] = { .type = NLA_U16 },
	[NL80211_ATTR_STA_FLAGS] = { .type = NLA_NESTED },
	[NL80211_ATTR_STA_LISTEN_INTERVAL] = { .type = NLA_U16 },
	[NL80211_ATTR_STA_SUPPORTED_RATES] = { .type = NLA_BINARY,
					       .len = NL80211_MAX_SUPP_RATES },
202
	[NL80211_ATTR_STA_PLINK_ACTION] = { .type = NLA_U8 },
203
	[NL80211_ATTR_STA_VLAN] = { .type = NLA_U32 },
Johannes Berg's avatar
Johannes Berg committed
204
	[NL80211_ATTR_MNTR_FLAGS] = { /* NLA_NESTED can't be empty */ },
205
	[NL80211_ATTR_MESH_ID] = { .type = NLA_BINARY,
206
				   .len = IEEE80211_MAX_MESH_ID_LEN },
207
	[NL80211_ATTR_MPATH_NEXT_HOP] = { .type = NLA_U32 },
208

209 210 211
	[NL80211_ATTR_REG_ALPHA2] = { .type = NLA_STRING, .len = 2 },
	[NL80211_ATTR_REG_RULES] = { .type = NLA_NESTED },

212 213 214
	[NL80211_ATTR_BSS_CTS_PROT] = { .type = NLA_U8 },
	[NL80211_ATTR_BSS_SHORT_PREAMBLE] = { .type = NLA_U8 },
	[NL80211_ATTR_BSS_SHORT_SLOT_TIME] = { .type = NLA_U8 },
215 216
	[NL80211_ATTR_BSS_BASIC_RATES] = { .type = NLA_BINARY,
					   .len = NL80211_MAX_SUPP_RATES },
217
	[NL80211_ATTR_BSS_HT_OPMODE] = { .type = NLA_U16 },
218

219
	[NL80211_ATTR_MESH_CONFIG] = { .type = NLA_NESTED },
220
	[NL80211_ATTR_SUPPORT_MESH_AUTH] = { .type = NLA_FLAG },
221

222
	[NL80211_ATTR_HT_CAPABILITY] = { .len = NL80211_HT_CAPABILITY_LEN },
223 224 225 226

	[NL80211_ATTR_MGMT_SUBTYPE] = { .type = NLA_U8 },
	[NL80211_ATTR_IE] = { .type = NLA_BINARY,
			      .len = IEEE80211_MAX_DATA_LEN },
227 228
	[NL80211_ATTR_SCAN_FREQUENCIES] = { .type = NLA_NESTED },
	[NL80211_ATTR_SCAN_SSIDS] = { .type = NLA_NESTED },
229 230 231 232 233

	[NL80211_ATTR_SSID] = { .type = NLA_BINARY,
				.len = IEEE80211_MAX_SSID_LEN },
	[NL80211_ATTR_AUTH_TYPE] = { .type = NLA_U32 },
	[NL80211_ATTR_REASON_CODE] = { .type = NLA_U16 },
Johannes Berg's avatar
Johannes Berg committed
234
	[NL80211_ATTR_FREQ_FIXED] = { .type = NLA_FLAG },
235
	[NL80211_ATTR_TIMED_OUT] = { .type = NLA_FLAG },
236
	[NL80211_ATTR_USE_MFP] = { .type = NLA_U32 },
237 238 239
	[NL80211_ATTR_STA_FLAGS2] = {
		.len = sizeof(struct nl80211_sta_flag_update),
	},
240
	[NL80211_ATTR_CONTROL_PORT] = { .type = NLA_FLAG },
241 242
	[NL80211_ATTR_CONTROL_PORT_ETHERTYPE] = { .type = NLA_U16 },
	[NL80211_ATTR_CONTROL_PORT_NO_ENCRYPT] = { .type = NLA_FLAG },
243 244 245
	[NL80211_ATTR_PRIVACY] = { .type = NLA_FLAG },
	[NL80211_ATTR_CIPHER_SUITE_GROUP] = { .type = NLA_U32 },
	[NL80211_ATTR_WPA_VERSIONS] = { .type = NLA_U32 },
246
	[NL80211_ATTR_PID] = { .type = NLA_U32 },
247
	[NL80211_ATTR_4ADDR] = { .type = NLA_U8 },
Samuel Ortiz's avatar
Samuel Ortiz committed
248 249
	[NL80211_ATTR_PMKID] = { .type = NLA_BINARY,
				 .len = WLAN_PMKID_LEN },
250 251
	[NL80211_ATTR_DURATION] = { .type = NLA_U32 },
	[NL80211_ATTR_COOKIE] = { .type = NLA_U64 },
252
	[NL80211_ATTR_TX_RATES] = { .type = NLA_NESTED },
253 254 255
	[NL80211_ATTR_FRAME] = { .type = NLA_BINARY,
				 .len = IEEE80211_MAX_DATA_LEN },
	[NL80211_ATTR_FRAME_MATCH] = { .type = NLA_BINARY, },
Kalle Valo's avatar
Kalle Valo committed
256
	[NL80211_ATTR_PS_STATE] = { .type = NLA_U32 },
257
	[NL80211_ATTR_CQM] = { .type = NLA_NESTED, },
258
	[NL80211_ATTR_LOCAL_STATE_CHANGE] = { .type = NLA_FLAG },
259
	[NL80211_ATTR_AP_ISOLATE] = { .type = NLA_U8 },
260 261
	[NL80211_ATTR_WIPHY_TX_POWER_SETTING] = { .type = NLA_U32 },
	[NL80211_ATTR_WIPHY_TX_POWER_LEVEL] = { .type = NLA_U32 },
262
	[NL80211_ATTR_FRAME_TYPE] = { .type = NLA_U16 },
263 264
	[NL80211_ATTR_WIPHY_ANTENNA_TX] = { .type = NLA_U32 },
	[NL80211_ATTR_WIPHY_ANTENNA_RX] = { .type = NLA_U32 },
265
	[NL80211_ATTR_MCAST_RATE] = { .type = NLA_U32 },
266
	[NL80211_ATTR_OFFCHANNEL_TX_OK] = { .type = NLA_FLAG },
267
	[NL80211_ATTR_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED },
268
	[NL80211_ATTR_WOWLAN_TRIGGERS] = { .type = NLA_NESTED },
269
	[NL80211_ATTR_STA_PLINK_STATE] = { .type = NLA_U8 },
270
	[NL80211_ATTR_SCHED_SCAN_INTERVAL] = { .type = NLA_U32 },
271
	[NL80211_ATTR_REKEY_DATA] = { .type = NLA_NESTED },
272
	[NL80211_ATTR_SCAN_SUPP_RATES] = { .type = NLA_NESTED },
273
	[NL80211_ATTR_HIDDEN_SSID] = { .type = NLA_U32 },
274 275 276 277
	[NL80211_ATTR_IE_PROBE_RESP] = { .type = NLA_BINARY,
					 .len = IEEE80211_MAX_DATA_LEN },
	[NL80211_ATTR_IE_ASSOC_RESP] = { .type = NLA_BINARY,
					 .len = IEEE80211_MAX_DATA_LEN },
278
	[NL80211_ATTR_ROAM_SUPPORT] = { .type = NLA_FLAG },
279
	[NL80211_ATTR_SCHED_SCAN_MATCH] = { .type = NLA_NESTED },
280
	[NL80211_ATTR_TX_NO_CCK_RATE] = { .type = NLA_FLAG },
281 282 283 284 285
	[NL80211_ATTR_TDLS_ACTION] = { .type = NLA_U8 },
	[NL80211_ATTR_TDLS_DIALOG_TOKEN] = { .type = NLA_U8 },
	[NL80211_ATTR_TDLS_OPERATION] = { .type = NLA_U8 },
	[NL80211_ATTR_TDLS_SUPPORT] = { .type = NLA_FLAG },
	[NL80211_ATTR_TDLS_EXTERNAL_SETUP] = { .type = NLA_FLAG },
286
	[NL80211_ATTR_DONT_WAIT_FOR_ACK] = { .type = NLA_FLAG },
287 288
	[NL80211_ATTR_PROBE_RESP] = { .type = NLA_BINARY,
				      .len = IEEE80211_MAX_DATA_LEN },
289
	[NL80211_ATTR_DFS_REGION] = { .type = NLA_U8 },
290 291 292 293
	[NL80211_ATTR_DISABLE_HT] = { .type = NLA_FLAG },
	[NL80211_ATTR_HT_CAPABILITY_MASK] = {
		.len = NL80211_HT_CAPABILITY_LEN
	},
294
	[NL80211_ATTR_NOACK_MAP] = { .type = NLA_U16 },
295
	[NL80211_ATTR_INACTIVITY_TIMEOUT] = { .type = NLA_U16 },
296
	[NL80211_ATTR_BG_SCAN_PERIOD] = { .type = NLA_U16 },
297 298
};

299
/* policy for the key attributes */
Alexey Dobriyan's avatar
Alexey Dobriyan committed
300
static const struct nla_policy nl80211_key_policy[NL80211_KEY_MAX + 1] = {
Johannes Berg's avatar
Johannes Berg committed
301
	[NL80211_KEY_DATA] = { .type = NLA_BINARY, .len = WLAN_MAX_KEY_LEN },
302 303
	[NL80211_KEY_IDX] = { .type = NLA_U8 },
	[NL80211_KEY_CIPHER] = { .type = NLA_U32 },
304
	[NL80211_KEY_SEQ] = { .type = NLA_BINARY, .len = 16 },
305 306
	[NL80211_KEY_DEFAULT] = { .type = NLA_FLAG },
	[NL80211_KEY_DEFAULT_MGMT] = { .type = NLA_FLAG },
307
	[NL80211_KEY_TYPE] = { .type = NLA_U32 },
308 309 310 311 312 313 314 315
	[NL80211_KEY_DEFAULT_TYPES] = { .type = NLA_NESTED },
};

/* policy for the key default flags */
static const struct nla_policy
nl80211_key_default_policy[NUM_NL80211_KEY_DEFAULT_TYPES] = {
	[NL80211_KEY_DEFAULT_TYPE_UNICAST] = { .type = NLA_FLAG },
	[NL80211_KEY_DEFAULT_TYPE_MULTICAST] = { .type = NLA_FLAG },
316 317
};

318 319 320 321 322 323 324
/* policy for WoWLAN attributes */
static const struct nla_policy
nl80211_wowlan_policy[NUM_NL80211_WOWLAN_TRIG] = {
	[NL80211_WOWLAN_TRIG_ANY] = { .type = NLA_FLAG },
	[NL80211_WOWLAN_TRIG_DISCONNECT] = { .type = NLA_FLAG },
	[NL80211_WOWLAN_TRIG_MAGIC_PKT] = { .type = NLA_FLAG },
	[NL80211_WOWLAN_TRIG_PKT_PATTERN] = { .type = NLA_NESTED },
325 326 327 328
	[NL80211_WOWLAN_TRIG_GTK_REKEY_FAILURE] = { .type = NLA_FLAG },
	[NL80211_WOWLAN_TRIG_EAP_IDENT_REQUEST] = { .type = NLA_FLAG },
	[NL80211_WOWLAN_TRIG_4WAY_HANDSHAKE] = { .type = NLA_FLAG },
	[NL80211_WOWLAN_TRIG_RFKILL_RELEASE] = { .type = NLA_FLAG },
329 330
};

331 332 333 334 335 336 337 338
/* policy for GTK rekey offload attributes */
static const struct nla_policy
nl80211_rekey_policy[NUM_NL80211_REKEY_DATA] = {
	[NL80211_REKEY_DATA_KEK] = { .len = NL80211_KEK_LEN },
	[NL80211_REKEY_DATA_KCK] = { .len = NL80211_KCK_LEN },
	[NL80211_REKEY_DATA_REPLAY_CTR] = { .len = NL80211_REPLAY_CTR_LEN },
};

339 340
static const struct nla_policy
nl80211_match_policy[NL80211_SCHED_SCAN_MATCH_ATTR_MAX + 1] = {
341
	[NL80211_SCHED_SCAN_MATCH_ATTR_SSID] = { .type = NLA_BINARY,
342
						 .len = IEEE80211_MAX_SSID_LEN },
343
	[NL80211_SCHED_SCAN_MATCH_ATTR_RSSI] = { .type = NLA_U32 },
344 345
};

346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365
/* ifidx get helper */
static int nl80211_get_ifidx(struct netlink_callback *cb)
{
	int res;

	res = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize,
			  nl80211_fam.attrbuf, nl80211_fam.maxattr,
			  nl80211_policy);
	if (res)
		return res;

	if (!nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX])
		return -EINVAL;

	res = nla_get_u32(nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX]);
	if (!res)
		return -EINVAL;
	return res;
}

366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389
static int nl80211_prepare_netdev_dump(struct sk_buff *skb,
				       struct netlink_callback *cb,
				       struct cfg80211_registered_device **rdev,
				       struct net_device **dev)
{
	int ifidx = cb->args[0];
	int err;

	if (!ifidx)
		ifidx = nl80211_get_ifidx(cb);
	if (ifidx < 0)
		return ifidx;

	cb->args[0] = ifidx;

	rtnl_lock();

	*dev = __dev_get_by_index(sock_net(skb->sk), ifidx);
	if (!*dev) {
		err = -ENODEV;
		goto out_rtnl;
	}

	*rdev = cfg80211_get_dev_from_ifindex(sock_net(skb->sk), ifidx);
390 391
	if (IS_ERR(*rdev)) {
		err = PTR_ERR(*rdev);
392 393 394 395 396 397 398 399 400 401 402 403 404 405 406
		goto out_rtnl;
	}

	return 0;
 out_rtnl:
	rtnl_unlock();
	return err;
}

static void nl80211_finish_netdev_dump(struct cfg80211_registered_device *rdev)
{
	cfg80211_unlock_rdev(rdev);
	rtnl_unlock();
}

407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436
/* IE validation */
static bool is_valid_ie_attr(const struct nlattr *attr)
{
	const u8 *pos;
	int len;

	if (!attr)
		return true;

	pos = nla_data(attr);
	len = nla_len(attr);

	while (len) {
		u8 elemlen;

		if (len < 2)
			return false;
		len -= 2;

		elemlen = pos[1];
		if (elemlen > len)
			return false;

		len -= elemlen;
		pos += 2 + elemlen;
	}

	return true;
}

437 438 439 440 441 442 443 444
/* message building helper */
static inline void *nl80211hdr_put(struct sk_buff *skb, u32 pid, u32 seq,
				   int flags, u8 cmd)
{
	/* since there is no private header just add the generic one */
	return genlmsg_put(skb, pid, seq, &nl80211_fam, flags, cmd);
}

445 446 447
static int nl80211_msg_put_channel(struct sk_buff *msg,
				   struct ieee80211_channel *chan)
{
448 449 450
	if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_FREQ,
			chan->center_freq))
		goto nla_put_failure;
451

452 453 454 455 456 457 458 459 460 461 462 463
	if ((chan->flags & IEEE80211_CHAN_DISABLED) &&
	    nla_put_flag(msg, NL80211_FREQUENCY_ATTR_DISABLED))
		goto nla_put_failure;
	if ((chan->flags & IEEE80211_CHAN_PASSIVE_SCAN) &&
	    nla_put_flag(msg, NL80211_FREQUENCY_ATTR_PASSIVE_SCAN))
		goto nla_put_failure;
	if ((chan->flags & IEEE80211_CHAN_NO_IBSS) &&
	    nla_put_flag(msg, NL80211_FREQUENCY_ATTR_NO_IBSS))
		goto nla_put_failure;
	if ((chan->flags & IEEE80211_CHAN_RADAR) &&
	    nla_put_flag(msg, NL80211_FREQUENCY_ATTR_RADAR))
		goto nla_put_failure;
464

465 466 467
	if (nla_put_u32(msg, NL80211_FREQUENCY_ATTR_MAX_TX_POWER,
			DBM_TO_MBM(chan->max_power)))
		goto nla_put_failure;
468 469 470 471 472 473 474

	return 0;

 nla_put_failure:
	return -ENOBUFS;
}

475 476
/* netlink command implementations */

477 478 479
struct key_parse {
	struct key_params p;
	int idx;
480
	int type;
481
	bool def, defmgmt;
482
	bool def_uni, def_multi;
483 484 485 486 487 488 489 490 491 492 493 494 495
};

static int nl80211_parse_key_new(struct nlattr *key, struct key_parse *k)
{
	struct nlattr *tb[NL80211_KEY_MAX + 1];
	int err = nla_parse_nested(tb, NL80211_KEY_MAX, key,
				   nl80211_key_policy);
	if (err)
		return err;

	k->def = !!tb[NL80211_KEY_DEFAULT];
	k->defmgmt = !!tb[NL80211_KEY_DEFAULT_MGMT];

496 497 498 499 500 501 502
	if (k->def) {
		k->def_uni = true;
		k->def_multi = true;
	}
	if (k->defmgmt)
		k->def_multi = true;

503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518
	if (tb[NL80211_KEY_IDX])
		k->idx = nla_get_u8(tb[NL80211_KEY_IDX]);

	if (tb[NL80211_KEY_DATA]) {
		k->p.key = nla_data(tb[NL80211_KEY_DATA]);
		k->p.key_len = nla_len(tb[NL80211_KEY_DATA]);
	}

	if (tb[NL80211_KEY_SEQ]) {
		k->p.seq = nla_data(tb[NL80211_KEY_SEQ]);
		k->p.seq_len = nla_len(tb[NL80211_KEY_SEQ]);
	}

	if (tb[NL80211_KEY_CIPHER])
		k->p.cipher = nla_get_u32(tb[NL80211_KEY_CIPHER]);

519 520 521 522 523 524
	if (tb[NL80211_KEY_TYPE]) {
		k->type = nla_get_u32(tb[NL80211_KEY_TYPE]);
		if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES)
			return -EINVAL;
	}

525 526
	if (tb[NL80211_KEY_DEFAULT_TYPES]) {
		struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES];
527 528 529
		err = nla_parse_nested(kdt, NUM_NL80211_KEY_DEFAULT_TYPES - 1,
				       tb[NL80211_KEY_DEFAULT_TYPES],
				       nl80211_key_default_policy);
530 531 532 533 534 535 536
		if (err)
			return err;

		k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST];
		k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST];
	}

537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560
	return 0;
}

static int nl80211_parse_key_old(struct genl_info *info, struct key_parse *k)
{
	if (info->attrs[NL80211_ATTR_KEY_DATA]) {
		k->p.key = nla_data(info->attrs[NL80211_ATTR_KEY_DATA]);
		k->p.key_len = nla_len(info->attrs[NL80211_ATTR_KEY_DATA]);
	}

	if (info->attrs[NL80211_ATTR_KEY_SEQ]) {
		k->p.seq = nla_data(info->attrs[NL80211_ATTR_KEY_SEQ]);
		k->p.seq_len = nla_len(info->attrs[NL80211_ATTR_KEY_SEQ]);
	}

	if (info->attrs[NL80211_ATTR_KEY_IDX])
		k->idx = nla_get_u8(info->attrs[NL80211_ATTR_KEY_IDX]);

	if (info->attrs[NL80211_ATTR_KEY_CIPHER])
		k->p.cipher = nla_get_u32(info->attrs[NL80211_ATTR_KEY_CIPHER]);

	k->def = !!info->attrs[NL80211_ATTR_KEY_DEFAULT];
	k->defmgmt = !!info->attrs[NL80211_ATTR_KEY_DEFAULT_MGMT];

561 562 563 564 565 566 567
	if (k->def) {
		k->def_uni = true;
		k->def_multi = true;
	}
	if (k->defmgmt)
		k->def_multi = true;

568 569 570 571 572 573
	if (info->attrs[NL80211_ATTR_KEY_TYPE]) {
		k->type = nla_get_u32(info->attrs[NL80211_ATTR_KEY_TYPE]);
		if (k->type < 0 || k->type >= NUM_NL80211_KEYTYPES)
			return -EINVAL;
	}

574 575 576 577 578 579 580 581 582 583 584 585 586
	if (info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES]) {
		struct nlattr *kdt[NUM_NL80211_KEY_DEFAULT_TYPES];
		int err = nla_parse_nested(
				kdt, NUM_NL80211_KEY_DEFAULT_TYPES - 1,
				info->attrs[NL80211_ATTR_KEY_DEFAULT_TYPES],
				nl80211_key_default_policy);
		if (err)
			return err;

		k->def_uni = kdt[NL80211_KEY_DEFAULT_TYPE_UNICAST];
		k->def_multi = kdt[NL80211_KEY_DEFAULT_TYPE_MULTICAST];
	}

587 588 589 590 591 592 593 594 595
	return 0;
}

static int nl80211_parse_key(struct genl_info *info, struct key_parse *k)
{
	int err;

	memset(k, 0, sizeof(*k));
	k->idx = -1;
596
	k->type = -1;
597 598 599 600 601 602 603 604 605 606 607 608

	if (info->attrs[NL80211_ATTR_KEY])
		err = nl80211_parse_key_new(info->attrs[NL80211_ATTR_KEY], k);
	else
		err = nl80211_parse_key_old(info, k);

	if (err)
		return err;

	if (k->def && k->defmgmt)
		return -EINVAL;

609 610 611 612 613
	if (k->defmgmt) {
		if (k->def_uni || !k->def_multi)
			return -EINVAL;
	}

614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629
	if (k->idx != -1) {
		if (k->defmgmt) {
			if (k->idx < 4 || k->idx > 5)
				return -EINVAL;
		} else if (k->def) {
			if (k->idx < 0 || k->idx > 3)
				return -EINVAL;
		} else {
			if (k->idx < 0 || k->idx > 5)
				return -EINVAL;
		}
	}

	return 0;
}

Johannes Berg's avatar
Johannes Berg committed
630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662
static struct cfg80211_cached_keys *
nl80211_parse_connkeys(struct cfg80211_registered_device *rdev,
		       struct nlattr *keys)
{
	struct key_parse parse;
	struct nlattr *key;
	struct cfg80211_cached_keys *result;
	int rem, err, def = 0;

	result = kzalloc(sizeof(*result), GFP_KERNEL);
	if (!result)
		return ERR_PTR(-ENOMEM);

	result->def = -1;
	result->defmgmt = -1;

	nla_for_each_nested(key, keys, rem) {
		memset(&parse, 0, sizeof(parse));
		parse.idx = -1;

		err = nl80211_parse_key_new(key, &parse);
		if (err)
			goto error;
		err = -EINVAL;
		if (!parse.p.key)
			goto error;
		if (parse.idx < 0 || parse.idx > 4)
			goto error;
		if (parse.def) {
			if (def)
				goto error;
			def = 1;
			result->def = parse.idx;
663 664
			if (!parse.def_uni || !parse.def_multi)
				goto error;
Johannes Berg's avatar
Johannes Berg committed
665 666 667
		} else if (parse.defmgmt)
			goto error;
		err = cfg80211_validate_key_settings(rdev, &parse.p,
668
						     parse.idx, false, NULL);
Johannes Berg's avatar
Johannes Berg committed
669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689
		if (err)
			goto error;
		result->params[parse.idx].cipher = parse.p.cipher;
		result->params[parse.idx].key_len = parse.p.key_len;
		result->params[parse.idx].key = result->data[parse.idx];
		memcpy(result->data[parse.idx], parse.p.key, parse.p.key_len);
	}

	return result;
 error:
	kfree(result);
	return ERR_PTR(err);
}

static int nl80211_key_allowed(struct wireless_dev *wdev)
{
	ASSERT_WDEV_LOCK(wdev);

	switch (wdev->iftype) {
	case NL80211_IFTYPE_AP:
	case NL80211_IFTYPE_AP_VLAN:
690
	case NL80211_IFTYPE_P2P_GO:
691
	case NL80211_IFTYPE_MESH_POINT:
Johannes Berg's avatar
Johannes Berg committed
692 693 694 695 696 697
		break;
	case NL80211_IFTYPE_ADHOC:
		if (!wdev->current_bss)
			return -ENOLINK;
		break;
	case NL80211_IFTYPE_STATION:
698
	case NL80211_IFTYPE_P2P_CLIENT:
Johannes Berg's avatar
Johannes Berg committed
699 700 701 702 703 704 705 706 707 708
		if (wdev->sme_state != CFG80211_SME_CONNECTED)
			return -ENOLINK;
		break;
	default:
		return -EINVAL;
	}

	return 0;
}

709 710 711 712 713 714 715 716 717 718
static int nl80211_put_iftypes(struct sk_buff *msg, u32 attr, u16 ifmodes)
{
	struct nlattr *nl_modes = nla_nest_start(msg, attr);
	int i;

	if (!nl_modes)
		goto nla_put_failure;

	i = 0;
	while (ifmodes) {
719 720
		if ((ifmodes & 1) && nla_put_flag(msg, i))
			goto nla_put_failure;
721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 749 750 751 752 753 754 755 756 757 758 759 760 761 762
		ifmodes >>= 1;
		i++;
	}

	nla_nest_end(msg, nl_modes);
	return 0;

nla_put_failure:
	return -ENOBUFS;
}

static int nl80211_put_iface_combinations(struct wiphy *wiphy,
					  struct sk_buff *msg)
{
	struct nlattr *nl_combis;
	int i, j;

	nl_combis = nla_nest_start(msg,
				NL80211_ATTR_INTERFACE_COMBINATIONS);
	if (!nl_combis)
		goto nla_put_failure;

	for (i = 0; i < wiphy->n_iface_combinations; i++) {
		const struct ieee80211_iface_combination *c;
		struct nlattr *nl_combi, *nl_limits;

		c = &wiphy->iface_combinations[i];

		nl_combi = nla_nest_start(msg, i + 1);
		if (!nl_combi)
			goto nla_put_failure;

		nl_limits = nla_nest_start(msg, NL80211_IFACE_COMB_LIMITS);
		if (!nl_limits)
			goto nla_put_failure;

		for (j = 0; j < c->n_limits; j++) {
			struct nlattr *nl_limit;

			nl_limit = nla_nest_start(msg, j + 1);
			if (!nl_limit)
				goto nla_put_failure;
763 764 765
			if (nla_put_u32(msg, NL80211_IFACE_LIMIT_MAX,
					c->limits[j].max))
				goto nla_put_failure;
766 767 768 769 770 771 772 773
			if (nl80211_put_iftypes(msg, NL80211_IFACE_LIMIT_TYPES,
						c->limits[j].types))
				goto nla_put_failure;
			nla_nest_end(msg, nl_limit);
		}

		nla_nest_end(msg, nl_limits);

774 775 776 777 778 779 780 781
		if (c->beacon_int_infra_match &&
		    nla_put_flag(msg, NL80211_IFACE_COMB_STA_AP_BI_MATCH))
			goto nla_put_failure;
		if (nla_put_u32(msg, NL80211_IFACE_COMB_NUM_CHANNELS,
				c->num_different_channels) ||
		    nla_put_u32(msg, NL80211_IFACE_COMB_MAXNUM,
				c->max_interfaces))
			goto nla_put_failure;
782 783 784 785 786 787 788 789 790 791 792

		nla_nest_end(msg, nl_combi);
	}

	nla_nest_end(msg, nl_combis);

	return 0;
nla_put_failure:
	return -ENOBUFS;
}

793 794 795 796
static int nl80211_send_wiphy(struct sk_buff *msg, u32 pid, u32 seq, int flags,
			      struct cfg80211_registered_device *dev)
{
	void *hdr;
797 798 799
	struct nlattr *nl_bands, *nl_band;
	struct nlattr *nl_freqs, *nl_freq;
	struct nlattr *nl_rates, *nl_rate;
800
	struct nlattr *nl_cmds;
801 802 803 804
	enum ieee80211_band band;
	struct ieee80211_channel *chan;
	struct ieee80211_rate *rate;
	int i;
805 806
	const struct ieee80211_txrx_stypes *mgmt_stypes =
				dev->wiphy.mgmt_stypes;
807 808 809 810 811

	hdr = nl80211hdr_put(msg, pid, seq, flags, NL80211_CMD_NEW_WIPHY);
	if (!hdr)
		return -1;

812 813 814 815 816 817 818 819 820 821 822 823 824 825 826 827 828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843 844 845 846 847 848 849 850 851 852 853 854 855 856 857 858 859 860 861 862 863 864 865 866 867 868 869 870 871 872 873 874 875 876 877 878 879
	if (nla_put_u32(msg, NL80211_ATTR_WIPHY, dev->wiphy_idx) ||
	    nla_put_string(msg, NL80211_ATTR_WIPHY_NAME, wiphy_name(&dev->wiphy)) ||
	    nla_put_u32(msg, NL80211_ATTR_GENERATION,
			cfg80211_rdev_list_generation) ||
	    nla_put_u8(msg, NL80211_ATTR_WIPHY_RETRY_SHORT,
		       dev->wiphy.retry_short) ||
	    nla_put_u8(msg, NL80211_ATTR_WIPHY_RETRY_LONG,
		       dev->wiphy.retry_long) ||
	    nla_put_u32(msg, NL80211_ATTR_WIPHY_FRAG_THRESHOLD,
			dev->wiphy.frag_threshold) ||
	    nla_put_u32(msg, NL80211_ATTR_WIPHY_RTS_THRESHOLD,
			dev->wiphy.rts_threshold) ||
	    nla_put_u8(msg, NL80211_ATTR_WIPHY_COVERAGE_CLASS,
		       dev->wiphy.coverage_class) ||
	    nla_put_u8(msg, NL80211_ATTR_MAX_NUM_SCAN_SSIDS,
		       dev->wiphy.max_scan_ssids) ||
	    nla_put_u8(msg, NL80211_ATTR_MAX_NUM_SCHED_SCAN_SSIDS,
		       dev->wiphy.max_sched_scan_ssids) ||
	    nla_put_u16(msg, NL80211_ATTR_MAX_SCAN_IE_LEN,
			dev->wiphy.max_scan_ie_len) ||
	    nla_put_u16(msg, NL80211_ATTR_MAX_SCHED_SCAN_IE_LEN,
			dev->wiphy.max_sched_scan_ie_len) ||
	    nla_put_u8(msg, NL80211_ATTR_MAX_MATCH_SETS,
		       dev->wiphy.max_match_sets))
		goto nla_put_failure;

	if ((dev->wiphy.flags & WIPHY_FLAG_IBSS_RSN) &&
	    nla_put_flag(msg, NL80211_ATTR_SUPPORT_IBSS_RSN))
		goto nla_put_failure;
	if ((dev->wiphy.flags & WIPHY_FLAG_MESH_AUTH) &&
	    nla_put_flag(msg, NL80211_ATTR_SUPPORT_MESH_AUTH))
		goto nla_put_failure;
	if ((dev->wiphy.flags & WIPHY_FLAG_AP_UAPSD) &&
	    nla_put_flag(msg, NL80211_ATTR_SUPPORT_AP_UAPSD))
		goto nla_put_failure;
	if ((dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_FW_ROAM) &&
	    nla_put_flag(msg, NL80211_ATTR_ROAM_SUPPORT))
		goto nla_put_failure;
	if ((dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) &&
	    nla_put_flag(msg, NL80211_ATTR_TDLS_SUPPORT))
		goto nla_put_failure;
	if ((dev->wiphy.flags & WIPHY_FLAG_TDLS_EXTERNAL_SETUP) &&
	    nla_put_flag(msg, NL80211_ATTR_TDLS_EXTERNAL_SETUP))
		goto nla_put_failure;

	if (nla_put(msg, NL80211_ATTR_CIPHER_SUITES,
		    sizeof(u32) * dev->wiphy.n_cipher_suites,
		    dev->wiphy.cipher_suites))
		goto nla_put_failure;

	if (nla_put_u8(msg, NL80211_ATTR_MAX_NUM_PMKIDS,
		       dev->wiphy.max_num_pmkids))
		goto nla_put_failure;

	if ((dev->wiphy.flags & WIPHY_FLAG_CONTROL_PORT_PROTOCOL) &&
	    nla_put_flag(msg, NL80211_ATTR_CONTROL_PORT_ETHERTYPE))
		goto nla_put_failure;

	if (nla_put_u32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_TX,
			dev->wiphy.available_antennas_tx) ||
	    nla_put_u32(msg, NL80211_ATTR_WIPHY_ANTENNA_AVAIL_RX,
			dev->wiphy.available_antennas_rx))
		goto nla_put_failure;

	if ((dev->wiphy.flags & WIPHY_FLAG_AP_PROBE_RESP_OFFLOAD) &&
	    nla_put_u32(msg, NL80211_ATTR_PROBE_RESP_OFFLOAD,
			dev->wiphy.probe_resp_offload))
		goto nla_put_failure;
880

881 882
	if ((dev->wiphy.available_antennas_tx ||
	     dev->wiphy.available_antennas_rx) && dev->ops->get_antenna) {
883 884 885 886
		u32 tx_ant = 0, rx_ant = 0;
		int res;
		res = dev->ops->get_antenna(&dev->wiphy, &tx_ant, &rx_ant);
		if (!res) {
887 888 889 890 891
			if (nla_put_u32(msg, NL80211_ATTR_WIPHY_ANTENNA_TX,
					tx_ant) ||
			    nla_put_u32(msg, NL80211_ATTR_WIPHY_ANTENNA_RX,
					rx_ant))
				goto nla_put_failure;
892 893 894
		}
	}

895 896
	if (nl80211_put_iftypes(msg, NL80211_ATTR_SUPPORTED_IFTYPES,
				dev->wiphy.interface_modes))
897 898
		goto nla_put_failure;

899 900 901 902 903 904 905 906 907 908 909 910
	nl_bands = nla_nest_start(msg, NL80211_ATTR_WIPHY_BANDS);
	if (!nl_bands)
		goto nla_put_failure;

	for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
		if (!dev->wiphy.bands[band])
			continue;

		nl_band = nla_nest_start(msg, band);
		if (!nl_band)
			goto nla_put_failure;

911
		/* add HT info */
912 913 914 915 916 917 918 919 920 921 922
		if (dev->wiphy.bands[band]->ht_cap.ht_supported &&
		    (nla_put(msg, NL80211_BAND_ATTR_HT_MCS_SET,
			     sizeof(dev->wiphy.bands[band]->ht_cap.mcs),
			     &dev->wiphy.bands[band]->ht_cap.mcs) ||
		     nla_put_u16(msg, NL80211_BAND_ATTR_HT_CAPA,
				 dev->wiphy.bands[band]->ht_cap.cap) ||
		     nla_put_u8(msg, NL80211_BAND_ATTR_HT_AMPDU_FACTOR,
				dev->wiphy.bands[band]->ht_cap.ampdu_factor) ||
		     nla_put_u8(msg, NL80211_BAND_ATTR_HT_AMPDU_DENSITY,
				dev->wiphy.bands[band]->ht_cap.ampdu_density)))
			goto nla_put_failure;
923

924 925 926 927 928 929 930 931 932 933 934
		/* add frequencies */
		nl_freqs = nla_nest_start(msg, NL80211_BAND_ATTR_FREQS);
		if (!nl_freqs)
			goto nla_put_failure;

		for (i = 0; i < dev->wiphy.bands[band]->n_channels; i++) {
			nl_freq = nla_nest_start(msg, i);
			if (!nl_freq)
				goto nla_put_failure;

			chan = &dev->wiphy.bands[band]->channels[i];
935 936 937

			if (nl80211_msg_put_channel(msg, chan))
				goto nla_put_failure;
938

939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954
			nla_nest_end(msg, nl_freq);
		}

		nla_nest_end(msg, nl_freqs);

		/* add bitrates */
		nl_rates = nla_nest_start(msg, NL80211_BAND_ATTR_RATES);
		if (!nl_rates)
			goto nla_put_failure;

		for (i = 0; i < dev->wiphy.bands[band]->n_bitrates; i++) {
			nl_rate = nla_nest_start(msg, i);
			if (!nl_rate)
				goto nla_put_failure;

			rate = &dev->wiphy.bands[band]->bitrates[i];
955 956 957 958 959 960 961
			if (nla_put_u32(msg, NL80211_BITRATE_ATTR_RATE,
					rate->bitrate))
				goto nla_put_failure;
			if ((rate->flags & IEEE80211_RATE_SHORT_PREAMBLE) &&
			    nla_put_flag(msg,
					 NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE))
				goto nla_put_failure;
962 963 964 965 966 967 968 969 970 971

			nla_nest_end(msg, nl_rate);
		}

		nla_nest_end(msg, nl_rates);

		nla_nest_end(msg, nl_band);
	}
	nla_nest_end(msg, nl_bands);

972 973 974 975 976 977 978 979 980
	nl_cmds = nla_nest_start(msg, NL80211_ATTR_SUPPORTED_COMMANDS);
	if (!nl_cmds)
		goto nla_put_failure;

	i = 0;
#define CMD(op, n)						\
	 do {							\
		if (dev->ops->op) {				\
			i++;					\
981 982
			if (nla_put_u32(msg, i, NL80211_CMD_ ## n)) \
				goto nla_put_failure;		\
983 984 985 986 987 988
		}						\
	} while (0)

	CMD(add_virtual_intf, NEW_INTERFACE);
	CMD(change_virtual_intf, SET_INTERFACE);
	CMD(add_key, NEW_KEY);
989
	CMD(start_ap, START_AP);
990 991
	CMD(add_station, NEW_STATION);
	CMD(add_mpath, NEW_MPATH);
992
	CMD(update_mesh_config, SET_MESH_CONFIG);
993
	CMD(change_bss, SET_BSS);
994 995 996 997
	CMD(auth, AUTHENTICATE);
	CMD(assoc, ASSOCIATE);
	CMD(deauth, DEAUTHENTICATE);
	CMD(disassoc, DISASSOCIATE);
Johannes Berg's avatar
Johannes Berg committed
998
	CMD(join_ibss, JOIN_IBSS);
999
	CMD(join_mesh, JOIN_MESH);
Samuel Ortiz's avatar
Samuel Ortiz committed
1000 1001 1002
	CMD(set_pmksa, SET_PMKSA);
	CMD(del_pmksa, DEL_PMKSA);
	CMD(flush_pmksa, FLUSH_PMKSA);
1003 1004
	if (dev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL)
		CMD(remain_on_channel, REMAIN_ON_CHANNEL);
1005
	CMD(set_bitrate_mask, SET_TX_BITRATE_MASK);
1006
	CMD(mgmt_tx, FRAME);
1007
	CMD(mgmt_tx_cancel_wait, FRAME_WAIT_CANCEL);
1008
	if (dev->wiphy.flags & WIPHY_FLAG_NETNS_OK) {
1009
		i++;
1010 1011
		if (nla_put_u32(msg, i, NL80211_CMD_SET_WIPHY_NETNS))
			goto nla_put_failure;
1012
	}
1013
	if (dev->ops->set_monitor_channel || dev->ops->start_ap ||
1014
	    dev->ops->join_mesh) {
1015 1016 1017 1018
		i++;
		if (nla_put_u32(msg, i, NL80211_CMD_SET_CHANNEL))
			goto nla_put_failure;
	}
1019
	CMD(set_wds_peer, SET_WDS_PEER);
1020 1021 1022 1023
	if (dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_TDLS) {
		CMD(tdls_mgmt, TDLS_MGMT);
		CMD(tdls_oper, TDLS_OPER);
	}
1024 1025
	if (dev->wiphy.flags & WIPHY_FLAG_SUPPORTS_SCHED_SCAN)
		CMD(sched_scan_start, START_SCHED_SCAN);
1026
	CMD(probe_client, PROBE_CLIENT);
1027
	CMD(set_noack_map, SET_NOACK_MAP);
1028 1029
	if (dev->wiphy.flags & WIPHY_FLAG_REPORTS_OBSS) {
		i++;
1030 1031
		if (nla_put_u32(msg, i, NL80211_CMD_REGISTER_BEACONS))
			goto nla_put_failure;
1032
	}
1033

1034 1035 1036 1037
#ifdef CONFIG_NL80211_TESTMODE
	CMD(testmode_cmd, TESTMODE);
#endif

1038
#undef CMD
1039

1040
	if (dev->ops->connect || dev->ops->auth) {
1041
		i++;
1042 1043
		if (nla_put_u32(msg, i, NL80211_CMD_CONNECT))
			goto nla_put_failure;
1044 1045
	}

1046
	if (dev->ops->disconnect || dev->ops->deauth) {
1047
		i++;
1048 1049
		if (nla_put_u32(msg, i, NL80211_CMD_DISCONNECT))
			goto nla_put_failure;
1050 1051
	}

1052 1053
	nla_nest_end(msg, nl_cmds);

1054
	if (dev->ops->remain_on_channel &&
1055 1056 1057 1058
	    (dev->wiphy.flags & WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL) &&
	    nla_put_u32(msg, NL80211_ATTR_MAX_REMAIN_ON_CHANNEL_DURATION,
			dev->wiphy.max_remain_on_channel_duration))
		goto nla_put_failure;
1059

1060 1061 1062
	if ((dev->wiphy.flags & WIPHY_FLAG_OFFCHAN_TX) &&
	    nla_put_flag(msg, NL80211_ATTR_OFFCHANNEL_TX_OK))
		goto nla_put_failure;
1063

1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079
	if (mgmt_stypes) {
		u16 stypes;
		struct nlattr *nl_ftypes, *nl_ifs;
		enum nl80211_iftype ift;

		nl_ifs = nla_nest_start(msg, NL80211_ATTR_TX_FRAME_TYPES);
		if (!nl_ifs)
			goto nla_put_failure;

		for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) {
			nl_ftypes = nla_nest_start(msg, ift);
			if (!nl_ftypes)
				goto nla_put_failure;
			i = 0;
			stypes = mgmt_stypes[ift].tx;
			while (stypes) {
1080 1081 1082 1083
				if ((stypes & 1) &&
				    nla_put_u16(msg, NL80211_ATTR_FRAME_TYPE,
						(i << 4) | IEEE80211_FTYPE_MGMT))
					goto nla_put_failure;
1084 1085 1086 1087 1088 1089
				stypes >>= 1;
				i++;
			}
			nla_nest_end(msg, nl_ftypes);
		}

Johannes Berg's avatar
Johannes Berg committed
1090 1091
		nla_nest_end(msg, nl_ifs);

1092 1093 1094 1095 1096 1097 1098 1099 1100 1101 1102
		nl_ifs = nla_nest_start(msg, NL80211_ATTR_RX_FRAME_TYPES);
		if (!nl_ifs)
			goto nla_put_failure;

		for (ift = 0; ift < NUM_NL80211_IFTYPES; ift++) {
			nl_ftypes = nla_nest_start(msg, ift);
			if (!nl_ftypes)
				goto nla_put_failure;
			i = 0;
			stypes = mgmt_stypes[ift].rx;
			while (stypes) {
1103 1104 1105 1106
				if ((stypes & 1) &&
				    nla_put_u16(msg, NL80211_ATTR_FRAME_TYPE,
						(i << 4) | IEEE80211_FTYPE_MGMT))
					goto nla_put_failure;
1107 1108 1109 1110 1111 1112 1113 1114
				stypes >>= 1;
				i++;
			}
			nla_nest_end(msg, nl_ftypes);
		}
		nla_nest_end(msg, nl_ifs);
	}

1115
#ifdef CONFIG_PM
1116 1117 1118 1119 1120 1121 1122 1123
	if (dev->wiphy.wowlan.flags || dev->wiphy.wowlan.n_patterns) {
		struct nlattr *nl_wowlan;

		nl_wowlan = nla_nest_start(msg,
				NL80211_ATTR_WOWLAN_TRIGGERS_SUPPORTED);
		if (!nl_wowlan)
			goto nla_put_failure;

1124 1125 1126 1127 1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140
		if (((dev->wiphy.wowlan.flags & WIPHY_WOWLAN_ANY) &&
		     nla_put_flag(msg, NL80211_WOWLAN_TRIG_ANY)) ||
		    ((dev->wiphy.wowlan.flags & WIPHY_WOWLAN_DISCONNECT) &&
		     nla_put_flag(msg, NL80211_WOWLAN_TRIG_DISCONNECT)) ||
		    ((dev->wiphy.wowlan.flags & WIPHY_WOWLAN_MAGIC_PKT) &&
		     nla_put_flag(msg, NL80211_WOWLAN_TRIG_MAGIC_PKT)) ||