~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/net/mac80211/cfg.c

Version: ~ [ linux-4.15-rc8 ] ~ [ linux-4.14.13 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.76 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.111 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.48 ] ~ [ linux-4.0.9 ] ~ [ linux-3.19.8 ] ~ [ linux-3.18.91 ] ~ [ linux-3.17.8 ] ~ [ linux-3.16.53 ] ~ [ linux-3.15.10 ] ~ [ linux-3.14.79 ] ~ [ linux-3.13.11 ] ~ [ linux-3.12.74 ] ~ [ linux-3.11.10 ] ~ [ linux-3.10.108 ] ~ [ linux-3.9.11 ] ~ [ linux-3.8.13 ] ~ [ linux-3.7.10 ] ~ [ linux-3.6.11 ] ~ [ linux-3.5.7 ] ~ [ linux-3.4.113 ] ~ [ linux-3.3.8 ] ~ [ linux-3.2.98 ] ~ [ linux-3.1.10 ] ~ [ linux-3.0.101 ] ~ [ linux-2.6.39.4 ] ~ [ linux-2.6.38.8 ] ~ [ linux-2.6.37.6 ] ~ [ linux-2.6.36.4 ] ~ [ linux-2.6.35.14 ] ~ [ linux-2.6.34.15 ] ~ [ linux-2.6.33.20 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.27.62 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 /*
  2  * mac80211 configuration hooks for cfg80211
  3  *
  4  * Copyright 2006-2010  Johannes Berg <johannes@sipsolutions.net>
  5  * Copyright 2013-2015  Intel Mobile Communications GmbH
  6  * Copyright (C) 2015-2017 Intel Deutschland GmbH
  7  *
  8  * This file is GPLv2 as found in COPYING.
  9  */
 10 
 11 #include <linux/ieee80211.h>
 12 #include <linux/nl80211.h>
 13 #include <linux/rtnetlink.h>
 14 #include <linux/slab.h>
 15 #include <net/net_namespace.h>
 16 #include <linux/rcupdate.h>
 17 #include <linux/if_ether.h>
 18 #include <net/cfg80211.h>
 19 #include "ieee80211_i.h"
 20 #include "driver-ops.h"
 21 #include "rate.h"
 22 #include "mesh.h"
 23 #include "wme.h"
 24 
 25 static void ieee80211_set_mu_mimo_follow(struct ieee80211_sub_if_data *sdata,
 26                                          struct vif_params *params)
 27 {
 28         bool mu_mimo_groups = false;
 29         bool mu_mimo_follow = false;
 30 
 31         if (params->vht_mumimo_groups) {
 32                 u64 membership;
 33 
 34                 BUILD_BUG_ON(sizeof(membership) != WLAN_MEMBERSHIP_LEN);
 35 
 36                 memcpy(sdata->vif.bss_conf.mu_group.membership,
 37                        params->vht_mumimo_groups, WLAN_MEMBERSHIP_LEN);
 38                 memcpy(sdata->vif.bss_conf.mu_group.position,
 39                        params->vht_mumimo_groups + WLAN_MEMBERSHIP_LEN,
 40                        WLAN_USER_POSITION_LEN);
 41                 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_MU_GROUPS);
 42                 /* don't care about endianness - just check for 0 */
 43                 memcpy(&membership, params->vht_mumimo_groups,
 44                        WLAN_MEMBERSHIP_LEN);
 45                 mu_mimo_groups = membership != 0;
 46         }
 47 
 48         if (params->vht_mumimo_follow_addr) {
 49                 mu_mimo_follow =
 50                         is_valid_ether_addr(params->vht_mumimo_follow_addr);
 51                 ether_addr_copy(sdata->u.mntr.mu_follow_addr,
 52                                 params->vht_mumimo_follow_addr);
 53         }
 54 
 55         sdata->vif.mu_mimo_owner = mu_mimo_groups || mu_mimo_follow;
 56 }
 57 
 58 static int ieee80211_set_mon_options(struct ieee80211_sub_if_data *sdata,
 59                                      struct vif_params *params)
 60 {
 61         struct ieee80211_local *local = sdata->local;
 62         struct ieee80211_sub_if_data *monitor_sdata;
 63 
 64         /* check flags first */
 65         if (params->flags && ieee80211_sdata_running(sdata)) {
 66                 u32 mask = MONITOR_FLAG_COOK_FRAMES | MONITOR_FLAG_ACTIVE;
 67 
 68                 /*
 69                  * Prohibit MONITOR_FLAG_COOK_FRAMES and
 70                  * MONITOR_FLAG_ACTIVE to be changed while the
 71                  * interface is up.
 72                  * Else we would need to add a lot of cruft
 73                  * to update everything:
 74                  *      cooked_mntrs, monitor and all fif_* counters
 75                  *      reconfigure hardware
 76                  */
 77                 if ((params->flags & mask) != (sdata->u.mntr.flags & mask))
 78                         return -EBUSY;
 79         }
 80 
 81         /* also validate MU-MIMO change */
 82         monitor_sdata = rtnl_dereference(local->monitor_sdata);
 83 
 84         if (!monitor_sdata &&
 85             (params->vht_mumimo_groups || params->vht_mumimo_follow_addr))
 86                 return -EOPNOTSUPP;
 87 
 88         /* apply all changes now - no failures allowed */
 89 
 90         if (monitor_sdata)
 91                 ieee80211_set_mu_mimo_follow(monitor_sdata, params);
 92 
 93         if (params->flags) {
 94                 if (ieee80211_sdata_running(sdata)) {
 95                         ieee80211_adjust_monitor_flags(sdata, -1);
 96                         sdata->u.mntr.flags = params->flags;
 97                         ieee80211_adjust_monitor_flags(sdata, 1);
 98 
 99                         ieee80211_configure_filter(local);
100                 } else {
101                         /*
102                          * Because the interface is down, ieee80211_do_stop
103                          * and ieee80211_do_open take care of "everything"
104                          * mentioned in the comment above.
105                          */
106                         sdata->u.mntr.flags = params->flags;
107                 }
108         }
109 
110         return 0;
111 }
112 
113 static struct wireless_dev *ieee80211_add_iface(struct wiphy *wiphy,
114                                                 const char *name,
115                                                 unsigned char name_assign_type,
116                                                 enum nl80211_iftype type,
117                                                 struct vif_params *params)
118 {
119         struct ieee80211_local *local = wiphy_priv(wiphy);
120         struct wireless_dev *wdev;
121         struct ieee80211_sub_if_data *sdata;
122         int err;
123 
124         err = ieee80211_if_add(local, name, name_assign_type, &wdev, type, params);
125         if (err)
126                 return ERR_PTR(err);
127 
128         sdata = IEEE80211_WDEV_TO_SUB_IF(wdev);
129 
130         if (type == NL80211_IFTYPE_MONITOR) {
131                 err = ieee80211_set_mon_options(sdata, params);
132                 if (err) {
133                         ieee80211_if_remove(sdata);
134                         return NULL;
135                 }
136         }
137 
138         return wdev;
139 }
140 
141 static int ieee80211_del_iface(struct wiphy *wiphy, struct wireless_dev *wdev)
142 {
143         ieee80211_if_remove(IEEE80211_WDEV_TO_SUB_IF(wdev));
144 
145         return 0;
146 }
147 
148 static int ieee80211_change_iface(struct wiphy *wiphy,
149                                   struct net_device *dev,
150                                   enum nl80211_iftype type,
151                                   struct vif_params *params)
152 {
153         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
154         int ret;
155 
156         ret = ieee80211_if_change_type(sdata, type);
157         if (ret)
158                 return ret;
159 
160         if (type == NL80211_IFTYPE_AP_VLAN &&
161             params && params->use_4addr == 0) {
162                 RCU_INIT_POINTER(sdata->u.vlan.sta, NULL);
163                 ieee80211_check_fast_rx_iface(sdata);
164         } else if (type == NL80211_IFTYPE_STATION &&
165                    params && params->use_4addr >= 0) {
166                 sdata->u.mgd.use_4addr = params->use_4addr;
167         }
168 
169         if (sdata->vif.type == NL80211_IFTYPE_MONITOR) {
170                 ret = ieee80211_set_mon_options(sdata, params);
171                 if (ret)
172                         return ret;
173         }
174 
175         return 0;
176 }
177 
178 static int ieee80211_start_p2p_device(struct wiphy *wiphy,
179                                       struct wireless_dev *wdev)
180 {
181         struct ieee80211_sub_if_data *sdata = IEEE80211_WDEV_TO_SUB_IF(wdev);
182         int ret;
183 
184         mutex_lock(&sdata->local->chanctx_mtx);
185         ret = ieee80211_check_combinations(sdata, NULL, 0, 0);
186         mutex_unlock(&sdata->local->chanctx_mtx);
187         if (ret < 0)
188                 return ret;
189 
190         return ieee80211_do_open(wdev, true);
191 }
192 
193 static void ieee80211_stop_p2p_device(struct wiphy *wiphy,
194                                       struct wireless_dev *wdev)
195 {
196         ieee80211_sdata_stop(IEEE80211_WDEV_TO_SUB_IF(wdev));
197 }
198 
199 static int ieee80211_start_nan(struct wiphy *wiphy,
200                                struct wireless_dev *wdev,
201                                struct cfg80211_nan_conf *conf)
202 {
203         struct ieee80211_sub_if_data *sdata = IEEE80211_WDEV_TO_SUB_IF(wdev);
204         int ret;
205 
206         mutex_lock(&sdata->local->chanctx_mtx);
207         ret = ieee80211_check_combinations(sdata, NULL, 0, 0);
208         mutex_unlock(&sdata->local->chanctx_mtx);
209         if (ret < 0)
210                 return ret;
211 
212         ret = ieee80211_do_open(wdev, true);
213         if (ret)
214                 return ret;
215 
216         ret = drv_start_nan(sdata->local, sdata, conf);
217         if (ret)
218                 ieee80211_sdata_stop(sdata);
219 
220         sdata->u.nan.conf = *conf;
221 
222         return ret;
223 }
224 
225 static void ieee80211_stop_nan(struct wiphy *wiphy,
226                                struct wireless_dev *wdev)
227 {
228         struct ieee80211_sub_if_data *sdata = IEEE80211_WDEV_TO_SUB_IF(wdev);
229 
230         drv_stop_nan(sdata->local, sdata);
231         ieee80211_sdata_stop(sdata);
232 }
233 
234 static int ieee80211_nan_change_conf(struct wiphy *wiphy,
235                                      struct wireless_dev *wdev,
236                                      struct cfg80211_nan_conf *conf,
237                                      u32 changes)
238 {
239         struct ieee80211_sub_if_data *sdata = IEEE80211_WDEV_TO_SUB_IF(wdev);
240         struct cfg80211_nan_conf new_conf;
241         int ret = 0;
242 
243         if (sdata->vif.type != NL80211_IFTYPE_NAN)
244                 return -EOPNOTSUPP;
245 
246         if (!ieee80211_sdata_running(sdata))
247                 return -ENETDOWN;
248 
249         new_conf = sdata->u.nan.conf;
250 
251         if (changes & CFG80211_NAN_CONF_CHANGED_PREF)
252                 new_conf.master_pref = conf->master_pref;
253 
254         if (changes & CFG80211_NAN_CONF_CHANGED_BANDS)
255                 new_conf.bands = conf->bands;
256 
257         ret = drv_nan_change_conf(sdata->local, sdata, &new_conf, changes);
258         if (!ret)
259                 sdata->u.nan.conf = new_conf;
260 
261         return ret;
262 }
263 
264 static int ieee80211_add_nan_func(struct wiphy *wiphy,
265                                   struct wireless_dev *wdev,
266                                   struct cfg80211_nan_func *nan_func)
267 {
268         struct ieee80211_sub_if_data *sdata = IEEE80211_WDEV_TO_SUB_IF(wdev);
269         int ret;
270 
271         if (sdata->vif.type != NL80211_IFTYPE_NAN)
272                 return -EOPNOTSUPP;
273 
274         if (!ieee80211_sdata_running(sdata))
275                 return -ENETDOWN;
276 
277         spin_lock_bh(&sdata->u.nan.func_lock);
278 
279         ret = idr_alloc(&sdata->u.nan.function_inst_ids,
280                         nan_func, 1, sdata->local->hw.max_nan_de_entries + 1,
281                         GFP_ATOMIC);
282         spin_unlock_bh(&sdata->u.nan.func_lock);
283 
284         if (ret < 0)
285                 return ret;
286 
287         nan_func->instance_id = ret;
288 
289         WARN_ON(nan_func->instance_id == 0);
290 
291         ret = drv_add_nan_func(sdata->local, sdata, nan_func);
292         if (ret) {
293                 spin_lock_bh(&sdata->u.nan.func_lock);
294                 idr_remove(&sdata->u.nan.function_inst_ids,
295                            nan_func->instance_id);
296                 spin_unlock_bh(&sdata->u.nan.func_lock);
297         }
298 
299         return ret;
300 }
301 
302 static struct cfg80211_nan_func *
303 ieee80211_find_nan_func_by_cookie(struct ieee80211_sub_if_data *sdata,
304                                   u64 cookie)
305 {
306         struct cfg80211_nan_func *func;
307         int id;
308 
309         lockdep_assert_held(&sdata->u.nan.func_lock);
310 
311         idr_for_each_entry(&sdata->u.nan.function_inst_ids, func, id) {
312                 if (func->cookie == cookie)
313                         return func;
314         }
315 
316         return NULL;
317 }
318 
319 static void ieee80211_del_nan_func(struct wiphy *wiphy,
320                                   struct wireless_dev *wdev, u64 cookie)
321 {
322         struct ieee80211_sub_if_data *sdata = IEEE80211_WDEV_TO_SUB_IF(wdev);
323         struct cfg80211_nan_func *func;
324         u8 instance_id = 0;
325 
326         if (sdata->vif.type != NL80211_IFTYPE_NAN ||
327             !ieee80211_sdata_running(sdata))
328                 return;
329 
330         spin_lock_bh(&sdata->u.nan.func_lock);
331 
332         func = ieee80211_find_nan_func_by_cookie(sdata, cookie);
333         if (func)
334                 instance_id = func->instance_id;
335 
336         spin_unlock_bh(&sdata->u.nan.func_lock);
337 
338         if (instance_id)
339                 drv_del_nan_func(sdata->local, sdata, instance_id);
340 }
341 
342 static int ieee80211_set_noack_map(struct wiphy *wiphy,
343                                   struct net_device *dev,
344                                   u16 noack_map)
345 {
346         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
347 
348         sdata->noack_map = noack_map;
349 
350         ieee80211_check_fast_xmit_iface(sdata);
351 
352         return 0;
353 }
354 
355 static int ieee80211_add_key(struct wiphy *wiphy, struct net_device *dev,
356                              u8 key_idx, bool pairwise, const u8 *mac_addr,
357                              struct key_params *params)
358 {
359         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
360         struct ieee80211_local *local = sdata->local;
361         struct sta_info *sta = NULL;
362         const struct ieee80211_cipher_scheme *cs = NULL;
363         struct ieee80211_key *key;
364         int err;
365 
366         if (!ieee80211_sdata_running(sdata))
367                 return -ENETDOWN;
368 
369         /* reject WEP and TKIP keys if WEP failed to initialize */
370         switch (params->cipher) {
371         case WLAN_CIPHER_SUITE_WEP40:
372         case WLAN_CIPHER_SUITE_TKIP:
373         case WLAN_CIPHER_SUITE_WEP104:
374                 if (IS_ERR(local->wep_tx_tfm))
375                         return -EINVAL;
376                 break;
377         case WLAN_CIPHER_SUITE_CCMP:
378         case WLAN_CIPHER_SUITE_CCMP_256:
379         case WLAN_CIPHER_SUITE_AES_CMAC:
380         case WLAN_CIPHER_SUITE_BIP_CMAC_256:
381         case WLAN_CIPHER_SUITE_BIP_GMAC_128:
382         case WLAN_CIPHER_SUITE_BIP_GMAC_256:
383         case WLAN_CIPHER_SUITE_GCMP:
384         case WLAN_CIPHER_SUITE_GCMP_256:
385                 break;
386         default:
387                 cs = ieee80211_cs_get(local, params->cipher, sdata->vif.type);
388                 break;
389         }
390 
391         key = ieee80211_key_alloc(params->cipher, key_idx, params->key_len,
392                                   params->key, params->seq_len, params->seq,
393                                   cs);
394         if (IS_ERR(key))
395                 return PTR_ERR(key);
396 
397         if (pairwise)
398                 key->conf.flags |= IEEE80211_KEY_FLAG_PAIRWISE;
399 
400         mutex_lock(&local->sta_mtx);
401 
402         if (mac_addr) {
403                 sta = sta_info_get_bss(sdata, mac_addr);
404                 /*
405                  * The ASSOC test makes sure the driver is ready to
406                  * receive the key. When wpa_supplicant has roamed
407                  * using FT, it attempts to set the key before
408                  * association has completed, this rejects that attempt
409                  * so it will set the key again after association.
410                  *
411                  * TODO: accept the key if we have a station entry and
412                  *       add it to the device after the station.
413                  */
414                 if (!sta || !test_sta_flag(sta, WLAN_STA_ASSOC)) {
415                         ieee80211_key_free_unused(key);
416                         err = -ENOENT;
417                         goto out_unlock;
418                 }
419         }
420 
421         switch (sdata->vif.type) {
422         case NL80211_IFTYPE_STATION:
423                 if (sdata->u.mgd.mfp != IEEE80211_MFP_DISABLED)
424                         key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT;
425                 break;
426         case NL80211_IFTYPE_AP:
427         case NL80211_IFTYPE_AP_VLAN:
428                 /* Keys without a station are used for TX only */
429                 if (key->sta && test_sta_flag(key->sta, WLAN_STA_MFP))
430                         key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT;
431                 break;
432         case NL80211_IFTYPE_ADHOC:
433                 /* no MFP (yet) */
434                 break;
435         case NL80211_IFTYPE_MESH_POINT:
436 #ifdef CONFIG_MAC80211_MESH
437                 if (sdata->u.mesh.security != IEEE80211_MESH_SEC_NONE)
438                         key->conf.flags |= IEEE80211_KEY_FLAG_RX_MGMT;
439                 break;
440 #endif
441         case NL80211_IFTYPE_WDS:
442         case NL80211_IFTYPE_MONITOR:
443         case NL80211_IFTYPE_P2P_DEVICE:
444         case NL80211_IFTYPE_NAN:
445         case NL80211_IFTYPE_UNSPECIFIED:
446         case NUM_NL80211_IFTYPES:
447         case NL80211_IFTYPE_P2P_CLIENT:
448         case NL80211_IFTYPE_P2P_GO:
449         case NL80211_IFTYPE_OCB:
450                 /* shouldn't happen */
451                 WARN_ON_ONCE(1);
452                 break;
453         }
454 
455         if (sta)
456                 sta->cipher_scheme = cs;
457 
458         err = ieee80211_key_link(key, sdata, sta);
459 
460  out_unlock:
461         mutex_unlock(&local->sta_mtx);
462 
463         return err;
464 }
465 
466 static int ieee80211_del_key(struct wiphy *wiphy, struct net_device *dev,
467                              u8 key_idx, bool pairwise, const u8 *mac_addr)
468 {
469         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
470         struct ieee80211_local *local = sdata->local;
471         struct sta_info *sta;
472         struct ieee80211_key *key = NULL;
473         int ret;
474 
475         mutex_lock(&local->sta_mtx);
476         mutex_lock(&local->key_mtx);
477 
478         if (mac_addr) {
479                 ret = -ENOENT;
480 
481                 sta = sta_info_get_bss(sdata, mac_addr);
482                 if (!sta)
483                         goto out_unlock;
484 
485                 if (pairwise)
486                         key = key_mtx_dereference(local, sta->ptk[key_idx]);
487                 else
488                         key = key_mtx_dereference(local, sta->gtk[key_idx]);
489         } else
490                 key = key_mtx_dereference(local, sdata->keys[key_idx]);
491 
492         if (!key) {
493                 ret = -ENOENT;
494                 goto out_unlock;
495         }
496 
497         ieee80211_key_free(key, true);
498 
499         ret = 0;
500  out_unlock:
501         mutex_unlock(&local->key_mtx);
502         mutex_unlock(&local->sta_mtx);
503 
504         return ret;
505 }
506 
507 static int ieee80211_get_key(struct wiphy *wiphy, struct net_device *dev,
508                              u8 key_idx, bool pairwise, const u8 *mac_addr,
509                              void *cookie,
510                              void (*callback)(void *cookie,
511                                               struct key_params *params))
512 {
513         struct ieee80211_sub_if_data *sdata;
514         struct sta_info *sta = NULL;
515         u8 seq[6] = {0};
516         struct key_params params;
517         struct ieee80211_key *key = NULL;
518         u64 pn64;
519         u32 iv32;
520         u16 iv16;
521         int err = -ENOENT;
522         struct ieee80211_key_seq kseq = {};
523 
524         sdata = IEEE80211_DEV_TO_SUB_IF(dev);
525 
526         rcu_read_lock();
527 
528         if (mac_addr) {
529                 sta = sta_info_get_bss(sdata, mac_addr);
530                 if (!sta)
531                         goto out;
532 
533                 if (pairwise && key_idx < NUM_DEFAULT_KEYS)
534                         key = rcu_dereference(sta->ptk[key_idx]);
535                 else if (!pairwise &&
536                          key_idx < NUM_DEFAULT_KEYS + NUM_DEFAULT_MGMT_KEYS)
537                         key = rcu_dereference(sta->gtk[key_idx]);
538         } else
539                 key = rcu_dereference(sdata->keys[key_idx]);
540 
541         if (!key)
542                 goto out;
543 
544         memset(&params, 0, sizeof(params));
545 
546         params.cipher = key->conf.cipher;
547 
548         switch (key->conf.cipher) {
549         case WLAN_CIPHER_SUITE_TKIP:
550                 pn64 = atomic64_read(&key->conf.tx_pn);
551                 iv32 = TKIP_PN_TO_IV32(pn64);
552                 iv16 = TKIP_PN_TO_IV16(pn64);
553 
554                 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE &&
555                     !(key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)) {
556                         drv_get_key_seq(sdata->local, key, &kseq);
557                         iv32 = kseq.tkip.iv32;
558                         iv16 = kseq.tkip.iv16;
559                 }
560 
561                 seq[0] = iv16 & 0xff;
562                 seq[1] = (iv16 >> 8) & 0xff;
563                 seq[2] = iv32 & 0xff;
564                 seq[3] = (iv32 >> 8) & 0xff;
565                 seq[4] = (iv32 >> 16) & 0xff;
566                 seq[5] = (iv32 >> 24) & 0xff;
567                 params.seq = seq;
568                 params.seq_len = 6;
569                 break;
570         case WLAN_CIPHER_SUITE_CCMP:
571         case WLAN_CIPHER_SUITE_CCMP_256:
572         case WLAN_CIPHER_SUITE_AES_CMAC:
573         case WLAN_CIPHER_SUITE_BIP_CMAC_256:
574                 BUILD_BUG_ON(offsetof(typeof(kseq), ccmp) !=
575                              offsetof(typeof(kseq), aes_cmac));
576         case WLAN_CIPHER_SUITE_BIP_GMAC_128:
577         case WLAN_CIPHER_SUITE_BIP_GMAC_256:
578                 BUILD_BUG_ON(offsetof(typeof(kseq), ccmp) !=
579                              offsetof(typeof(kseq), aes_gmac));
580         case WLAN_CIPHER_SUITE_GCMP:
581         case WLAN_CIPHER_SUITE_GCMP_256:
582                 BUILD_BUG_ON(offsetof(typeof(kseq), ccmp) !=
583                              offsetof(typeof(kseq), gcmp));
584 
585                 if (key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE &&
586                     !(key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV)) {
587                         drv_get_key_seq(sdata->local, key, &kseq);
588                         memcpy(seq, kseq.ccmp.pn, 6);
589                 } else {
590                         pn64 = atomic64_read(&key->conf.tx_pn);
591                         seq[0] = pn64;
592                         seq[1] = pn64 >> 8;
593                         seq[2] = pn64 >> 16;
594                         seq[3] = pn64 >> 24;
595                         seq[4] = pn64 >> 32;
596                         seq[5] = pn64 >> 40;
597                 }
598                 params.seq = seq;
599                 params.seq_len = 6;
600                 break;
601         default:
602                 if (!(key->flags & KEY_FLAG_UPLOADED_TO_HARDWARE))
603                         break;
604                 if (WARN_ON(key->conf.flags & IEEE80211_KEY_FLAG_GENERATE_IV))
605                         break;
606                 drv_get_key_seq(sdata->local, key, &kseq);
607                 params.seq = kseq.hw.seq;
608                 params.seq_len = kseq.hw.seq_len;
609                 break;
610         }
611 
612         params.key = key->conf.key;
613         params.key_len = key->conf.keylen;
614 
615         callback(cookie, &params);
616         err = 0;
617 
618  out:
619         rcu_read_unlock();
620         return err;
621 }
622 
623 static int ieee80211_config_default_key(struct wiphy *wiphy,
624                                         struct net_device *dev,
625                                         u8 key_idx, bool uni,
626                                         bool multi)
627 {
628         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
629 
630         ieee80211_set_default_key(sdata, key_idx, uni, multi);
631 
632         return 0;
633 }
634 
635 static int ieee80211_config_default_mgmt_key(struct wiphy *wiphy,
636                                              struct net_device *dev,
637                                              u8 key_idx)
638 {
639         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
640 
641         ieee80211_set_default_mgmt_key(sdata, key_idx);
642 
643         return 0;
644 }
645 
646 void sta_set_rate_info_tx(struct sta_info *sta,
647                           const struct ieee80211_tx_rate *rate,
648                           struct rate_info *rinfo)
649 {
650         rinfo->flags = 0;
651         if (rate->flags & IEEE80211_TX_RC_MCS) {
652                 rinfo->flags |= RATE_INFO_FLAGS_MCS;
653                 rinfo->mcs = rate->idx;
654         } else if (rate->flags & IEEE80211_TX_RC_VHT_MCS) {
655                 rinfo->flags |= RATE_INFO_FLAGS_VHT_MCS;
656                 rinfo->mcs = ieee80211_rate_get_vht_mcs(rate);
657                 rinfo->nss = ieee80211_rate_get_vht_nss(rate);
658         } else {
659                 struct ieee80211_supported_band *sband;
660                 int shift = ieee80211_vif_get_shift(&sta->sdata->vif);
661                 u16 brate;
662 
663                 sband = ieee80211_get_sband(sta->sdata);
664                 if (sband) {
665                         brate = sband->bitrates[rate->idx].bitrate;
666                         rinfo->legacy = DIV_ROUND_UP(brate, 1 << shift);
667                 }
668         }
669         if (rate->flags & IEEE80211_TX_RC_40_MHZ_WIDTH)
670                 rinfo->bw = RATE_INFO_BW_40;
671         else if (rate->flags & IEEE80211_TX_RC_80_MHZ_WIDTH)
672                 rinfo->bw = RATE_INFO_BW_80;
673         else if (rate->flags & IEEE80211_TX_RC_160_MHZ_WIDTH)
674                 rinfo->bw = RATE_INFO_BW_160;
675         else
676                 rinfo->bw = RATE_INFO_BW_20;
677         if (rate->flags & IEEE80211_TX_RC_SHORT_GI)
678                 rinfo->flags |= RATE_INFO_FLAGS_SHORT_GI;
679 }
680 
681 static int ieee80211_dump_station(struct wiphy *wiphy, struct net_device *dev,
682                                   int idx, u8 *mac, struct station_info *sinfo)
683 {
684         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
685         struct ieee80211_local *local = sdata->local;
686         struct sta_info *sta;
687         int ret = -ENOENT;
688 
689         mutex_lock(&local->sta_mtx);
690 
691         sta = sta_info_get_by_idx(sdata, idx);
692         if (sta) {
693                 ret = 0;
694                 memcpy(mac, sta->sta.addr, ETH_ALEN);
695                 sta_set_sinfo(sta, sinfo);
696         }
697 
698         mutex_unlock(&local->sta_mtx);
699 
700         return ret;
701 }
702 
703 static int ieee80211_dump_survey(struct wiphy *wiphy, struct net_device *dev,
704                                  int idx, struct survey_info *survey)
705 {
706         struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
707 
708         return drv_get_survey(local, idx, survey);
709 }
710 
711 static int ieee80211_get_station(struct wiphy *wiphy, struct net_device *dev,
712                                  const u8 *mac, struct station_info *sinfo)
713 {
714         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
715         struct ieee80211_local *local = sdata->local;
716         struct sta_info *sta;
717         int ret = -ENOENT;
718 
719         mutex_lock(&local->sta_mtx);
720 
721         sta = sta_info_get_bss(sdata, mac);
722         if (sta) {
723                 ret = 0;
724                 sta_set_sinfo(sta, sinfo);
725         }
726 
727         mutex_unlock(&local->sta_mtx);
728 
729         return ret;
730 }
731 
732 static int ieee80211_set_monitor_channel(struct wiphy *wiphy,
733                                          struct cfg80211_chan_def *chandef)
734 {
735         struct ieee80211_local *local = wiphy_priv(wiphy);
736         struct ieee80211_sub_if_data *sdata;
737         int ret = 0;
738 
739         if (cfg80211_chandef_identical(&local->monitor_chandef, chandef))
740                 return 0;
741 
742         mutex_lock(&local->mtx);
743         if (local->use_chanctx) {
744                 sdata = rtnl_dereference(local->monitor_sdata);
745                 if (sdata) {
746                         ieee80211_vif_release_channel(sdata);
747                         ret = ieee80211_vif_use_channel(sdata, chandef,
748                                         IEEE80211_CHANCTX_EXCLUSIVE);
749                 }
750         } else if (local->open_count == local->monitors) {
751                 local->_oper_chandef = *chandef;
752                 ieee80211_hw_config(local, 0);
753         }
754 
755         if (ret == 0)
756                 local->monitor_chandef = *chandef;
757         mutex_unlock(&local->mtx);
758 
759         return ret;
760 }
761 
762 static int ieee80211_set_probe_resp(struct ieee80211_sub_if_data *sdata,
763                                     const u8 *resp, size_t resp_len,
764                                     const struct ieee80211_csa_settings *csa)
765 {
766         struct probe_resp *new, *old;
767 
768         if (!resp || !resp_len)
769                 return 1;
770 
771         old = sdata_dereference(sdata->u.ap.probe_resp, sdata);
772 
773         new = kzalloc(sizeof(struct probe_resp) + resp_len, GFP_KERNEL);
774         if (!new)
775                 return -ENOMEM;
776 
777         new->len = resp_len;
778         memcpy(new->data, resp, resp_len);
779 
780         if (csa)
781                 memcpy(new->csa_counter_offsets, csa->counter_offsets_presp,
782                        csa->n_counter_offsets_presp *
783                        sizeof(new->csa_counter_offsets[0]));
784 
785         rcu_assign_pointer(sdata->u.ap.probe_resp, new);
786         if (old)
787                 kfree_rcu(old, rcu_head);
788 
789         return 0;
790 }
791 
792 static int ieee80211_assign_beacon(struct ieee80211_sub_if_data *sdata,
793                                    struct cfg80211_beacon_data *params,
794                                    const struct ieee80211_csa_settings *csa)
795 {
796         struct beacon_data *new, *old;
797         int new_head_len, new_tail_len;
798         int size, err;
799         u32 changed = BSS_CHANGED_BEACON;
800 
801         old = sdata_dereference(sdata->u.ap.beacon, sdata);
802 
803 
804         /* Need to have a beacon head if we don't have one yet */
805         if (!params->head && !old)
806                 return -EINVAL;
807 
808         /* new or old head? */
809         if (params->head)
810                 new_head_len = params->head_len;
811         else
812                 new_head_len = old->head_len;
813 
814         /* new or old tail? */
815         if (params->tail || !old)
816                 /* params->tail_len will be zero for !params->tail */
817                 new_tail_len = params->tail_len;
818         else
819                 new_tail_len = old->tail_len;
820 
821         size = sizeof(*new) + new_head_len + new_tail_len;
822 
823         new = kzalloc(size, GFP_KERNEL);
824         if (!new)
825                 return -ENOMEM;
826 
827         /* start filling the new info now */
828 
829         /*
830          * pointers go into the block we allocated,
831          * memory is | beacon_data | head | tail |
832          */
833         new->head = ((u8 *) new) + sizeof(*new);
834         new->tail = new->head + new_head_len;
835         new->head_len = new_head_len;
836         new->tail_len = new_tail_len;
837 
838         if (csa) {
839                 new->csa_current_counter = csa->count;
840                 memcpy(new->csa_counter_offsets, csa->counter_offsets_beacon,
841                        csa->n_counter_offsets_beacon *
842                        sizeof(new->csa_counter_offsets[0]));
843         }
844 
845         /* copy in head */
846         if (params->head)
847                 memcpy(new->head, params->head, new_head_len);
848         else
849                 memcpy(new->head, old->head, new_head_len);
850 
851         /* copy in optional tail */
852         if (params->tail)
853                 memcpy(new->tail, params->tail, new_tail_len);
854         else
855                 if (old)
856                         memcpy(new->tail, old->tail, new_tail_len);
857 
858         err = ieee80211_set_probe_resp(sdata, params->probe_resp,
859                                        params->probe_resp_len, csa);
860         if (err < 0)
861                 return err;
862         if (err == 0)
863                 changed |= BSS_CHANGED_AP_PROBE_RESP;
864 
865         rcu_assign_pointer(sdata->u.ap.beacon, new);
866 
867         if (old)
868                 kfree_rcu(old, rcu_head);
869 
870         return changed;
871 }
872 
873 static int ieee80211_start_ap(struct wiphy *wiphy, struct net_device *dev,
874                               struct cfg80211_ap_settings *params)
875 {
876         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
877         struct ieee80211_local *local = sdata->local;
878         struct beacon_data *old;
879         struct ieee80211_sub_if_data *vlan;
880         u32 changed = BSS_CHANGED_BEACON_INT |
881                       BSS_CHANGED_BEACON_ENABLED |
882                       BSS_CHANGED_BEACON |
883                       BSS_CHANGED_SSID |
884                       BSS_CHANGED_P2P_PS |
885                       BSS_CHANGED_TXPOWER;
886         int err;
887 
888         old = sdata_dereference(sdata->u.ap.beacon, sdata);
889         if (old)
890                 return -EALREADY;
891 
892         switch (params->smps_mode) {
893         case NL80211_SMPS_OFF:
894                 sdata->smps_mode = IEEE80211_SMPS_OFF;
895                 break;
896         case NL80211_SMPS_STATIC:
897                 sdata->smps_mode = IEEE80211_SMPS_STATIC;
898                 break;
899         case NL80211_SMPS_DYNAMIC:
900                 sdata->smps_mode = IEEE80211_SMPS_DYNAMIC;
901                 break;
902         default:
903                 return -EINVAL;
904         }
905         sdata->u.ap.req_smps = sdata->smps_mode;
906 
907         sdata->needed_rx_chains = sdata->local->rx_chains;
908 
909         sdata->vif.bss_conf.beacon_int = params->beacon_interval;
910 
911         mutex_lock(&local->mtx);
912         err = ieee80211_vif_use_channel(sdata, &params->chandef,
913                                         IEEE80211_CHANCTX_SHARED);
914         if (!err)
915                 ieee80211_vif_copy_chanctx_to_vlans(sdata, false);
916         mutex_unlock(&local->mtx);
917         if (err)
918                 return err;
919 
920         /*
921          * Apply control port protocol, this allows us to
922          * not encrypt dynamic WEP control frames.
923          */
924         sdata->control_port_protocol = params->crypto.control_port_ethertype;
925         sdata->control_port_no_encrypt = params->crypto.control_port_no_encrypt;
926         sdata->encrypt_headroom = ieee80211_cs_headroom(sdata->local,
927                                                         &params->crypto,
928                                                         sdata->vif.type);
929 
930         list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list) {
931                 vlan->control_port_protocol =
932                         params->crypto.control_port_ethertype;
933                 vlan->control_port_no_encrypt =
934                         params->crypto.control_port_no_encrypt;
935                 vlan->encrypt_headroom =
936                         ieee80211_cs_headroom(sdata->local,
937                                               &params->crypto,
938                                               vlan->vif.type);
939         }
940 
941         sdata->vif.bss_conf.dtim_period = params->dtim_period;
942         sdata->vif.bss_conf.enable_beacon = true;
943         sdata->vif.bss_conf.allow_p2p_go_ps = sdata->vif.p2p;
944 
945         sdata->vif.bss_conf.ssid_len = params->ssid_len;
946         if (params->ssid_len)
947                 memcpy(sdata->vif.bss_conf.ssid, params->ssid,
948                        params->ssid_len);
949         sdata->vif.bss_conf.hidden_ssid =
950                 (params->hidden_ssid != NL80211_HIDDEN_SSID_NOT_IN_USE);
951 
952         memset(&sdata->vif.bss_conf.p2p_noa_attr, 0,
953                sizeof(sdata->vif.bss_conf.p2p_noa_attr));
954         sdata->vif.bss_conf.p2p_noa_attr.oppps_ctwindow =
955                 params->p2p_ctwindow & IEEE80211_P2P_OPPPS_CTWINDOW_MASK;
956         if (params->p2p_opp_ps)
957                 sdata->vif.bss_conf.p2p_noa_attr.oppps_ctwindow |=
958                                         IEEE80211_P2P_OPPPS_ENABLE_BIT;
959 
960         err = ieee80211_assign_beacon(sdata, &params->beacon, NULL);
961         if (err < 0) {
962                 ieee80211_vif_release_channel(sdata);
963                 return err;
964         }
965         changed |= err;
966 
967         err = drv_start_ap(sdata->local, sdata);
968         if (err) {
969                 old = sdata_dereference(sdata->u.ap.beacon, sdata);
970 
971                 if (old)
972                         kfree_rcu(old, rcu_head);
973                 RCU_INIT_POINTER(sdata->u.ap.beacon, NULL);
974                 ieee80211_vif_release_channel(sdata);
975                 return err;
976         }
977 
978         ieee80211_recalc_dtim(local, sdata);
979         ieee80211_bss_info_change_notify(sdata, changed);
980 
981         netif_carrier_on(dev);
982         list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
983                 netif_carrier_on(vlan->dev);
984 
985         return 0;
986 }
987 
988 static int ieee80211_change_beacon(struct wiphy *wiphy, struct net_device *dev,
989                                    struct cfg80211_beacon_data *params)
990 {
991         struct ieee80211_sub_if_data *sdata;
992         struct beacon_data *old;
993         int err;
994 
995         sdata = IEEE80211_DEV_TO_SUB_IF(dev);
996         sdata_assert_lock(sdata);
997 
998         /* don't allow changing the beacon while CSA is in place - offset
999          * of channel switch counter may change
1000          */
1001         if (sdata->vif.csa_active)
1002                 return -EBUSY;
1003 
1004         old = sdata_dereference(sdata->u.ap.beacon, sdata);
1005         if (!old)
1006                 return -ENOENT;
1007 
1008         err = ieee80211_assign_beacon(sdata, params, NULL);
1009         if (err < 0)
1010                 return err;
1011         ieee80211_bss_info_change_notify(sdata, err);
1012         return 0;
1013 }
1014 
1015 static int ieee80211_stop_ap(struct wiphy *wiphy, struct net_device *dev)
1016 {
1017         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1018         struct ieee80211_sub_if_data *vlan;
1019         struct ieee80211_local *local = sdata->local;
1020         struct beacon_data *old_beacon;
1021         struct probe_resp *old_probe_resp;
1022         struct cfg80211_chan_def chandef;
1023 
1024         sdata_assert_lock(sdata);
1025 
1026         old_beacon = sdata_dereference(sdata->u.ap.beacon, sdata);
1027         if (!old_beacon)
1028                 return -ENOENT;
1029         old_probe_resp = sdata_dereference(sdata->u.ap.probe_resp, sdata);
1030 
1031         /* abort any running channel switch */
1032         mutex_lock(&local->mtx);
1033         sdata->vif.csa_active = false;
1034         if (sdata->csa_block_tx) {
1035                 ieee80211_wake_vif_queues(local, sdata,
1036                                           IEEE80211_QUEUE_STOP_REASON_CSA);
1037                 sdata->csa_block_tx = false;
1038         }
1039 
1040         mutex_unlock(&local->mtx);
1041 
1042         kfree(sdata->u.ap.next_beacon);
1043         sdata->u.ap.next_beacon = NULL;
1044 
1045         /* turn off carrier for this interface and dependent VLANs */
1046         list_for_each_entry(vlan, &sdata->u.ap.vlans, u.vlan.list)
1047                 netif_carrier_off(vlan->dev);
1048         netif_carrier_off(dev);
1049 
1050         /* remove beacon and probe response */
1051         RCU_INIT_POINTER(sdata->u.ap.beacon, NULL);
1052         RCU_INIT_POINTER(sdata->u.ap.probe_resp, NULL);
1053         kfree_rcu(old_beacon, rcu_head);
1054         if (old_probe_resp)
1055                 kfree_rcu(old_probe_resp, rcu_head);
1056         sdata->u.ap.driver_smps_mode = IEEE80211_SMPS_OFF;
1057 
1058         __sta_info_flush(sdata, true);
1059         ieee80211_free_keys(sdata, true);
1060 
1061         sdata->vif.bss_conf.enable_beacon = false;
1062         sdata->vif.bss_conf.ssid_len = 0;
1063         clear_bit(SDATA_STATE_OFFCHANNEL_BEACON_STOPPED, &sdata->state);
1064         ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_BEACON_ENABLED);
1065 
1066         if (sdata->wdev.cac_started) {
1067                 chandef = sdata->vif.bss_conf.chandef;
1068                 cancel_delayed_work_sync(&sdata->dfs_cac_timer_work);
1069                 cfg80211_cac_event(sdata->dev, &chandef,
1070                                    NL80211_RADAR_CAC_ABORTED,
1071                                    GFP_KERNEL);
1072         }
1073 
1074         drv_stop_ap(sdata->local, sdata);
1075 
1076         /* free all potentially still buffered bcast frames */
1077         local->total_ps_buffered -= skb_queue_len(&sdata->u.ap.ps.bc_buf);
1078         ieee80211_purge_tx_queue(&local->hw, &sdata->u.ap.ps.bc_buf);
1079 
1080         mutex_lock(&local->mtx);
1081         ieee80211_vif_copy_chanctx_to_vlans(sdata, true);
1082         ieee80211_vif_release_channel(sdata);
1083         mutex_unlock(&local->mtx);
1084 
1085         return 0;
1086 }
1087 
1088 /* Layer 2 Update frame (802.2 Type 1 LLC XID Update response) */
1089 struct iapp_layer2_update {
1090         u8 da[ETH_ALEN];        /* broadcast */
1091         u8 sa[ETH_ALEN];        /* STA addr */
1092         __be16 len;             /* 6 */
1093         u8 dsap;                /* 0 */
1094         u8 ssap;                /* 0 */
1095         u8 control;
1096         u8 xid_info[3];
1097 } __packed;
1098 
1099 static void ieee80211_send_layer2_update(struct sta_info *sta)
1100 {
1101         struct iapp_layer2_update *msg;
1102         struct sk_buff *skb;
1103 
1104         /* Send Level 2 Update Frame to update forwarding tables in layer 2
1105          * bridge devices */
1106 
1107         skb = dev_alloc_skb(sizeof(*msg));
1108         if (!skb)
1109                 return;
1110         msg = skb_put(skb, sizeof(*msg));
1111 
1112         /* 802.2 Type 1 Logical Link Control (LLC) Exchange Identifier (XID)
1113          * Update response frame; IEEE Std 802.2-1998, 5.4.1.2.1 */
1114 
1115         eth_broadcast_addr(msg->da);
1116         memcpy(msg->sa, sta->sta.addr, ETH_ALEN);
1117         msg->len = htons(6);
1118         msg->dsap = 0;
1119         msg->ssap = 0x01;       /* NULL LSAP, CR Bit: Response */
1120         msg->control = 0xaf;    /* XID response lsb.1111F101.
1121                                  * F=0 (no poll command; unsolicited frame) */
1122         msg->xid_info[0] = 0x81;        /* XID format identifier */
1123         msg->xid_info[1] = 1;   /* LLC types/classes: Type 1 LLC */
1124         msg->xid_info[2] = 0;   /* XID sender's receive window size (RW) */
1125 
1126         skb->dev = sta->sdata->dev;
1127         skb->protocol = eth_type_trans(skb, sta->sdata->dev);
1128         memset(skb->cb, 0, sizeof(skb->cb));
1129         netif_rx_ni(skb);
1130 }
1131 
1132 static int sta_apply_auth_flags(struct ieee80211_local *local,
1133                                 struct sta_info *sta,
1134                                 u32 mask, u32 set)
1135 {
1136         int ret;
1137 
1138         if (mask & BIT(NL80211_STA_FLAG_AUTHENTICATED) &&
1139             set & BIT(NL80211_STA_FLAG_AUTHENTICATED) &&
1140             !test_sta_flag(sta, WLAN_STA_AUTH)) {
1141                 ret = sta_info_move_state(sta, IEEE80211_STA_AUTH);
1142                 if (ret)
1143                         return ret;
1144         }
1145 
1146         if (mask & BIT(NL80211_STA_FLAG_ASSOCIATED) &&
1147             set & BIT(NL80211_STA_FLAG_ASSOCIATED) &&
1148             !test_sta_flag(sta, WLAN_STA_ASSOC)) {
1149                 /*
1150                  * When peer becomes associated, init rate control as
1151                  * well. Some drivers require rate control initialized
1152                  * before drv_sta_state() is called.
1153                  */
1154                 if (!test_sta_flag(sta, WLAN_STA_RATE_CONTROL))
1155                         rate_control_rate_init(sta);
1156 
1157                 ret = sta_info_move_state(sta, IEEE80211_STA_ASSOC);
1158                 if (ret)
1159                         return ret;
1160         }
1161 
1162         if (mask & BIT(NL80211_STA_FLAG_AUTHORIZED)) {
1163                 if (set & BIT(NL80211_STA_FLAG_AUTHORIZED))
1164                         ret = sta_info_move_state(sta, IEEE80211_STA_AUTHORIZED);
1165                 else if (test_sta_flag(sta, WLAN_STA_AUTHORIZED))
1166                         ret = sta_info_move_state(sta, IEEE80211_STA_ASSOC);
1167                 else
1168                         ret = 0;
1169                 if (ret)
1170                         return ret;
1171         }
1172 
1173         if (mask & BIT(NL80211_STA_FLAG_ASSOCIATED) &&
1174             !(set & BIT(NL80211_STA_FLAG_ASSOCIATED)) &&
1175             test_sta_flag(sta, WLAN_STA_ASSOC)) {
1176                 ret = sta_info_move_state(sta, IEEE80211_STA_AUTH);
1177                 if (ret)
1178                         return ret;
1179         }
1180 
1181         if (mask & BIT(NL80211_STA_FLAG_AUTHENTICATED) &&
1182             !(set & BIT(NL80211_STA_FLAG_AUTHENTICATED)) &&
1183             test_sta_flag(sta, WLAN_STA_AUTH)) {
1184                 ret = sta_info_move_state(sta, IEEE80211_STA_NONE);
1185                 if (ret)
1186                         return ret;
1187         }
1188 
1189         return 0;
1190 }
1191 
1192 static void sta_apply_mesh_params(struct ieee80211_local *local,
1193                                   struct sta_info *sta,
1194                                   struct station_parameters *params)
1195 {
1196 #ifdef CONFIG_MAC80211_MESH
1197         struct ieee80211_sub_if_data *sdata = sta->sdata;
1198         u32 changed = 0;
1199 
1200         if (params->sta_modify_mask & STATION_PARAM_APPLY_PLINK_STATE) {
1201                 switch (params->plink_state) {
1202                 case NL80211_PLINK_ESTAB:
1203                         if (sta->mesh->plink_state != NL80211_PLINK_ESTAB)
1204                                 changed = mesh_plink_inc_estab_count(sdata);
1205                         sta->mesh->plink_state = params->plink_state;
1206                         sta->mesh->aid = params->peer_aid;
1207 
1208                         ieee80211_mps_sta_status_update(sta);
1209                         changed |= ieee80211_mps_set_sta_local_pm(sta,
1210                                       sdata->u.mesh.mshcfg.power_mode);
1211                         break;
1212                 case NL80211_PLINK_LISTEN:
1213                 case NL80211_PLINK_BLOCKED:
1214                 case NL80211_PLINK_OPN_SNT:
1215                 case NL80211_PLINK_OPN_RCVD:
1216                 case NL80211_PLINK_CNF_RCVD:
1217                 case NL80211_PLINK_HOLDING:
1218                         if (sta->mesh->plink_state == NL80211_PLINK_ESTAB)
1219                                 changed = mesh_plink_dec_estab_count(sdata);
1220                         sta->mesh->plink_state = params->plink_state;
1221 
1222                         ieee80211_mps_sta_status_update(sta);
1223                         changed |= ieee80211_mps_set_sta_local_pm(sta,
1224                                         NL80211_MESH_POWER_UNKNOWN);
1225                         break;
1226                 default:
1227                         /*  nothing  */
1228                         break;
1229                 }
1230         }
1231 
1232         switch (params->plink_action) {
1233         case NL80211_PLINK_ACTION_NO_ACTION:
1234                 /* nothing */
1235                 break;
1236         case NL80211_PLINK_ACTION_OPEN:
1237                 changed |= mesh_plink_open(sta);
1238                 break;
1239         case NL80211_PLINK_ACTION_BLOCK:
1240                 changed |= mesh_plink_block(sta);
1241                 break;
1242         }
1243 
1244         if (params->local_pm)
1245                 changed |= ieee80211_mps_set_sta_local_pm(sta,
1246                                                           params->local_pm);
1247 
1248         ieee80211_mbss_info_change_notify(sdata, changed);
1249 #endif
1250 }
1251 
1252 static int sta_apply_parameters(struct ieee80211_local *local,
1253                                 struct sta_info *sta,
1254                                 struct station_parameters *params)
1255 {
1256         int ret = 0;
1257         struct ieee80211_supported_band *sband;
1258         struct ieee80211_sub_if_data *sdata = sta->sdata;
1259         u32 mask, set;
1260 
1261         sband = ieee80211_get_sband(sdata);
1262         if (!sband)
1263                 return -EINVAL;
1264 
1265         mask = params->sta_flags_mask;
1266         set = params->sta_flags_set;
1267 
1268         if (ieee80211_vif_is_mesh(&sdata->vif)) {
1269                 /*
1270                  * In mesh mode, ASSOCIATED isn't part of the nl80211
1271                  * API but must follow AUTHENTICATED for driver state.
1272                  */
1273                 if (mask & BIT(NL80211_STA_FLAG_AUTHENTICATED))
1274                         mask |= BIT(NL80211_STA_FLAG_ASSOCIATED);
1275                 if (set & BIT(NL80211_STA_FLAG_AUTHENTICATED))
1276                         set |= BIT(NL80211_STA_FLAG_ASSOCIATED);
1277         } else if (test_sta_flag(sta, WLAN_STA_TDLS_PEER)) {
1278                 /*
1279                  * TDLS -- everything follows authorized, but
1280                  * only becoming authorized is possible, not
1281                  * going back
1282                  */
1283                 if (set & BIT(NL80211_STA_FLAG_AUTHORIZED)) {
1284                         set |= BIT(NL80211_STA_FLAG_AUTHENTICATED) |
1285                                BIT(NL80211_STA_FLAG_ASSOCIATED);
1286                         mask |= BIT(NL80211_STA_FLAG_AUTHENTICATED) |
1287                                 BIT(NL80211_STA_FLAG_ASSOCIATED);
1288                 }
1289         }
1290 
1291         if (mask & BIT(NL80211_STA_FLAG_WME) &&
1292             local->hw.queues >= IEEE80211_NUM_ACS)
1293                 sta->sta.wme = set & BIT(NL80211_STA_FLAG_WME);
1294 
1295         /* auth flags will be set later for TDLS,
1296          * and for unassociated stations that move to assocaited */
1297         if (!test_sta_flag(sta, WLAN_STA_TDLS_PEER) &&
1298             !((mask & BIT(NL80211_STA_FLAG_ASSOCIATED)) &&
1299               (set & BIT(NL80211_STA_FLAG_ASSOCIATED)))) {
1300                 ret = sta_apply_auth_flags(local, sta, mask, set);
1301                 if (ret)
1302                         return ret;
1303         }
1304 
1305         if (mask & BIT(NL80211_STA_FLAG_SHORT_PREAMBLE)) {
1306                 if (set & BIT(NL80211_STA_FLAG_SHORT_PREAMBLE))
1307                         set_sta_flag(sta, WLAN_STA_SHORT_PREAMBLE);
1308                 else
1309                         clear_sta_flag(sta, WLAN_STA_SHORT_PREAMBLE);
1310         }
1311 
1312         if (mask & BIT(NL80211_STA_FLAG_MFP)) {
1313                 sta->sta.mfp = !!(set & BIT(NL80211_STA_FLAG_MFP));
1314                 if (set & BIT(NL80211_STA_FLAG_MFP))
1315                         set_sta_flag(sta, WLAN_STA_MFP);
1316                 else
1317                         clear_sta_flag(sta, WLAN_STA_MFP);
1318         }
1319 
1320         if (mask & BIT(NL80211_STA_FLAG_TDLS_PEER)) {
1321                 if (set & BIT(NL80211_STA_FLAG_TDLS_PEER))
1322                         set_sta_flag(sta, WLAN_STA_TDLS_PEER);
1323                 else
1324                         clear_sta_flag(sta, WLAN_STA_TDLS_PEER);
1325         }
1326 
1327         /* mark TDLS channel switch support, if the AP allows it */
1328         if (test_sta_flag(sta, WLAN_STA_TDLS_PEER) &&
1329             !sdata->u.mgd.tdls_chan_switch_prohibited &&
1330             params->ext_capab_len >= 4 &&
1331             params->ext_capab[3] & WLAN_EXT_CAPA4_TDLS_CHAN_SWITCH)
1332                 set_sta_flag(sta, WLAN_STA_TDLS_CHAN_SWITCH);
1333 
1334         if (test_sta_flag(sta, WLAN_STA_TDLS_PEER) &&
1335             !sdata->u.mgd.tdls_wider_bw_prohibited &&
1336             ieee80211_hw_check(&local->hw, TDLS_WIDER_BW) &&
1337             params->ext_capab_len >= 8 &&
1338             params->ext_capab[7] & WLAN_EXT_CAPA8_TDLS_WIDE_BW_ENABLED)
1339                 set_sta_flag(sta, WLAN_STA_TDLS_WIDER_BW);
1340 
1341         if (params->sta_modify_mask & STATION_PARAM_APPLY_UAPSD) {
1342                 sta->sta.uapsd_queues = params->uapsd_queues;
1343                 sta->sta.max_sp = params->max_sp;
1344         }
1345 
1346         /* The sender might not have sent the last bit, consider it to be 0 */
1347         if (params->ext_capab_len >= 8) {
1348                 u8 val = (params->ext_capab[7] &
1349                           WLAN_EXT_CAPA8_MAX_MSDU_IN_AMSDU_LSB) >> 7;
1350 
1351                 /* we did get all the bits, take the MSB as well */
1352                 if (params->ext_capab_len >= 9) {
1353                         u8 val_msb = params->ext_capab[8] &
1354                                 WLAN_EXT_CAPA9_MAX_MSDU_IN_AMSDU_MSB;
1355                         val_msb <<= 1;
1356                         val |= val_msb;
1357                 }
1358 
1359                 switch (val) {
1360                 case 1:
1361                         sta->sta.max_amsdu_subframes = 32;
1362                         break;
1363                 case 2:
1364                         sta->sta.max_amsdu_subframes = 16;
1365                         break;
1366                 case 3:
1367                         sta->sta.max_amsdu_subframes = 8;
1368                         break;
1369                 default:
1370                         sta->sta.max_amsdu_subframes = 0;
1371                 }
1372         }
1373 
1374         /*
1375          * cfg80211 validates this (1-2007) and allows setting the AID
1376          * only when creating a new station entry
1377          */
1378         if (params->aid)
1379                 sta->sta.aid = params->aid;
1380 
1381         /*
1382          * Some of the following updates would be racy if called on an
1383          * existing station, via ieee80211_change_station(). However,
1384          * all such changes are rejected by cfg80211 except for updates
1385          * changing the supported rates on an existing but not yet used
1386          * TDLS peer.
1387          */
1388 
1389         if (params->listen_interval >= 0)
1390                 sta->listen_interval = params->listen_interval;
1391 
1392         if (params->supported_rates) {
1393                 ieee80211_parse_bitrates(&sdata->vif.bss_conf.chandef,
1394                                          sband, params->supported_rates,
1395                                          params->supported_rates_len,
1396                                          &sta->sta.supp_rates[sband->band]);
1397         }
1398 
1399         if (params->ht_capa)
1400                 ieee80211_ht_cap_ie_to_sta_ht_cap(sdata, sband,
1401                                                   params->ht_capa, sta);
1402 
1403         /* VHT can override some HT caps such as the A-MSDU max length */
1404         if (params->vht_capa)
1405                 ieee80211_vht_cap_ie_to_sta_vht_cap(sdata, sband,
1406                                                     params->vht_capa, sta);
1407 
1408         if (params->opmode_notif_used) {
1409                 /* returned value is only needed for rc update, but the
1410                  * rc isn't initialized here yet, so ignore it
1411                  */
1412                 __ieee80211_vht_handle_opmode(sdata, sta, params->opmode_notif,
1413                                               sband->band);
1414         }
1415 
1416         if (params->support_p2p_ps >= 0)
1417                 sta->sta.support_p2p_ps = params->support_p2p_ps;
1418 
1419         if (ieee80211_vif_is_mesh(&sdata->vif))
1420                 sta_apply_mesh_params(local, sta, params);
1421 
1422         /* set the STA state after all sta info from usermode has been set */
1423         if (test_sta_flag(sta, WLAN_STA_TDLS_PEER) ||
1424             set & BIT(NL80211_STA_FLAG_ASSOCIATED)) {
1425                 ret = sta_apply_auth_flags(local, sta, mask, set);
1426                 if (ret)
1427                         return ret;
1428         }
1429 
1430         return 0;
1431 }
1432 
1433 static int ieee80211_add_station(struct wiphy *wiphy, struct net_device *dev,
1434                                  const u8 *mac,
1435                                  struct station_parameters *params)
1436 {
1437         struct ieee80211_local *local = wiphy_priv(wiphy);
1438         struct sta_info *sta;
1439         struct ieee80211_sub_if_data *sdata;
1440         int err;
1441         int layer2_update;
1442 
1443         if (params->vlan) {
1444                 sdata = IEEE80211_DEV_TO_SUB_IF(params->vlan);
1445 
1446                 if (sdata->vif.type != NL80211_IFTYPE_AP_VLAN &&
1447                     sdata->vif.type != NL80211_IFTYPE_AP)
1448                         return -EINVAL;
1449         } else
1450                 sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1451 
1452         if (ether_addr_equal(mac, sdata->vif.addr))
1453                 return -EINVAL;
1454 
1455         if (is_multicast_ether_addr(mac))
1456                 return -EINVAL;
1457 
1458         sta = sta_info_alloc(sdata, mac, GFP_KERNEL);
1459         if (!sta)
1460                 return -ENOMEM;
1461 
1462         if (params->sta_flags_set & BIT(NL80211_STA_FLAG_TDLS_PEER))
1463                 sta->sta.tdls = true;
1464 
1465         err = sta_apply_parameters(local, sta, params);
1466         if (err) {
1467                 sta_info_free(local, sta);
1468                 return err;
1469         }
1470 
1471         /*
1472          * for TDLS and for unassociated station, rate control should be
1473          * initialized only when rates are known and station is marked
1474          * authorized/associated
1475          */
1476         if (!test_sta_flag(sta, WLAN_STA_TDLS_PEER) &&
1477             test_sta_flag(sta, WLAN_STA_ASSOC))
1478                 rate_control_rate_init(sta);
1479 
1480         layer2_update = sdata->vif.type == NL80211_IFTYPE_AP_VLAN ||
1481                 sdata->vif.type == NL80211_IFTYPE_AP;
1482 
1483         err = sta_info_insert_rcu(sta);
1484         if (err) {
1485                 rcu_read_unlock();
1486                 return err;
1487         }
1488 
1489         if (layer2_update)
1490                 ieee80211_send_layer2_update(sta);
1491 
1492         rcu_read_unlock();
1493 
1494         return 0;
1495 }
1496 
1497 static int ieee80211_del_station(struct wiphy *wiphy, struct net_device *dev,
1498                                  struct station_del_parameters *params)
1499 {
1500         struct ieee80211_sub_if_data *sdata;
1501 
1502         sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1503 
1504         if (params->mac)
1505                 return sta_info_destroy_addr_bss(sdata, params->mac);
1506 
1507         sta_info_flush(sdata);
1508         return 0;
1509 }
1510 
1511 static int ieee80211_change_station(struct wiphy *wiphy,
1512                                     struct net_device *dev, const u8 *mac,
1513                                     struct station_parameters *params)
1514 {
1515         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1516         struct ieee80211_local *local = wiphy_priv(wiphy);
1517         struct sta_info *sta;
1518         struct ieee80211_sub_if_data *vlansdata;
1519         enum cfg80211_station_type statype;
1520         int err;
1521 
1522         mutex_lock(&local->sta_mtx);
1523 
1524         sta = sta_info_get_bss(sdata, mac);
1525         if (!sta) {
1526                 err = -ENOENT;
1527                 goto out_err;
1528         }
1529 
1530         switch (sdata->vif.type) {
1531         case NL80211_IFTYPE_MESH_POINT:
1532                 if (sdata->u.mesh.user_mpm)
1533                         statype = CFG80211_STA_MESH_PEER_USER;
1534                 else
1535                         statype = CFG80211_STA_MESH_PEER_KERNEL;
1536                 break;
1537         case NL80211_IFTYPE_ADHOC:
1538                 statype = CFG80211_STA_IBSS;
1539                 break;
1540         case NL80211_IFTYPE_STATION:
1541                 if (!test_sta_flag(sta, WLAN_STA_TDLS_PEER)) {
1542                         statype = CFG80211_STA_AP_STA;
1543                         break;
1544                 }
1545                 if (test_sta_flag(sta, WLAN_STA_AUTHORIZED))
1546                         statype = CFG80211_STA_TDLS_PEER_ACTIVE;
1547                 else
1548                         statype = CFG80211_STA_TDLS_PEER_SETUP;
1549                 break;
1550         case NL80211_IFTYPE_AP:
1551         case NL80211_IFTYPE_AP_VLAN:
1552                 if (test_sta_flag(sta, WLAN_STA_ASSOC))
1553                         statype = CFG80211_STA_AP_CLIENT;
1554                 else
1555                         statype = CFG80211_STA_AP_CLIENT_UNASSOC;
1556                 break;
1557         default:
1558                 err = -EOPNOTSUPP;
1559                 goto out_err;
1560         }
1561 
1562         err = cfg80211_check_station_change(wiphy, params, statype);
1563         if (err)
1564                 goto out_err;
1565 
1566         if (params->vlan && params->vlan != sta->sdata->dev) {
1567                 vlansdata = IEEE80211_DEV_TO_SUB_IF(params->vlan);
1568 
1569                 if (params->vlan->ieee80211_ptr->use_4addr) {
1570                         if (vlansdata->u.vlan.sta) {
1571                                 err = -EBUSY;
1572                                 goto out_err;
1573                         }
1574 
1575                         rcu_assign_pointer(vlansdata->u.vlan.sta, sta);
1576                         __ieee80211_check_fast_rx_iface(vlansdata);
1577                 }
1578 
1579                 if (sta->sdata->vif.type == NL80211_IFTYPE_AP_VLAN &&
1580                     sta->sdata->u.vlan.sta)
1581                         RCU_INIT_POINTER(sta->sdata->u.vlan.sta, NULL);
1582 
1583                 if (test_sta_flag(sta, WLAN_STA_AUTHORIZED))
1584                         ieee80211_vif_dec_num_mcast(sta->sdata);
1585 
1586                 sta->sdata = vlansdata;
1587                 ieee80211_check_fast_xmit(sta);
1588 
1589                 if (test_sta_flag(sta, WLAN_STA_AUTHORIZED))
1590                         ieee80211_vif_inc_num_mcast(sta->sdata);
1591 
1592                 ieee80211_send_layer2_update(sta);
1593         }
1594 
1595         err = sta_apply_parameters(local, sta, params);
1596         if (err)
1597                 goto out_err;
1598 
1599         mutex_unlock(&local->sta_mtx);
1600 
1601         if ((sdata->vif.type == NL80211_IFTYPE_AP ||
1602              sdata->vif.type == NL80211_IFTYPE_AP_VLAN) &&
1603             sta->known_smps_mode != sta->sdata->bss->req_smps &&
1604             test_sta_flag(sta, WLAN_STA_AUTHORIZED) &&
1605             sta_info_tx_streams(sta) != 1) {
1606                 ht_dbg(sta->sdata,
1607                        "%pM just authorized and MIMO capable - update SMPS\n",
1608                        sta->sta.addr);
1609                 ieee80211_send_smps_action(sta->sdata,
1610                         sta->sdata->bss->req_smps,
1611                         sta->sta.addr,
1612                         sta->sdata->vif.bss_conf.bssid);
1613         }
1614 
1615         if (sdata->vif.type == NL80211_IFTYPE_STATION &&
1616             params->sta_flags_mask & BIT(NL80211_STA_FLAG_AUTHORIZED)) {
1617                 ieee80211_recalc_ps(local);
1618                 ieee80211_recalc_ps_vif(sdata);
1619         }
1620 
1621         return 0;
1622 out_err:
1623         mutex_unlock(&local->sta_mtx);
1624         return err;
1625 }
1626 
1627 #ifdef CONFIG_MAC80211_MESH
1628 static int ieee80211_add_mpath(struct wiphy *wiphy, struct net_device *dev,
1629                                const u8 *dst, const u8 *next_hop)
1630 {
1631         struct ieee80211_sub_if_data *sdata;
1632         struct mesh_path *mpath;
1633         struct sta_info *sta;
1634 
1635         sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1636 
1637         rcu_read_lock();
1638         sta = sta_info_get(sdata, next_hop);
1639         if (!sta) {
1640                 rcu_read_unlock();
1641                 return -ENOENT;
1642         }
1643 
1644         mpath = mesh_path_add(sdata, dst);
1645         if (IS_ERR(mpath)) {
1646                 rcu_read_unlock();
1647                 return PTR_ERR(mpath);
1648         }
1649 
1650         mesh_path_fix_nexthop(mpath, sta);
1651 
1652         rcu_read_unlock();
1653         return 0;
1654 }
1655 
1656 static int ieee80211_del_mpath(struct wiphy *wiphy, struct net_device *dev,
1657                                const u8 *dst)
1658 {
1659         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1660 
1661         if (dst)
1662                 return mesh_path_del(sdata, dst);
1663 
1664         mesh_path_flush_by_iface(sdata);
1665         return 0;
1666 }
1667 
1668 static int ieee80211_change_mpath(struct wiphy *wiphy, struct net_device *dev,
1669                                   const u8 *dst, const u8 *next_hop)
1670 {
1671         struct ieee80211_sub_if_data *sdata;
1672         struct mesh_path *mpath;
1673         struct sta_info *sta;
1674 
1675         sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1676 
1677         rcu_read_lock();
1678 
1679         sta = sta_info_get(sdata, next_hop);
1680         if (!sta) {
1681                 rcu_read_unlock();
1682                 return -ENOENT;
1683         }
1684 
1685         mpath = mesh_path_lookup(sdata, dst);
1686         if (!mpath) {
1687                 rcu_read_unlock();
1688                 return -ENOENT;
1689         }
1690 
1691         mesh_path_fix_nexthop(mpath, sta);
1692 
1693         rcu_read_unlock();
1694         return 0;
1695 }
1696 
1697 static void mpath_set_pinfo(struct mesh_path *mpath, u8 *next_hop,
1698                             struct mpath_info *pinfo)
1699 {
1700         struct sta_info *next_hop_sta = rcu_dereference(mpath->next_hop);
1701 
1702         if (next_hop_sta)
1703                 memcpy(next_hop, next_hop_sta->sta.addr, ETH_ALEN);
1704         else
1705                 eth_zero_addr(next_hop);
1706 
1707         memset(pinfo, 0, sizeof(*pinfo));
1708 
1709         pinfo->generation = mpath->sdata->u.mesh.mesh_paths_generation;
1710 
1711         pinfo->filled = MPATH_INFO_FRAME_QLEN |
1712                         MPATH_INFO_SN |
1713                         MPATH_INFO_METRIC |
1714                         MPATH_INFO_EXPTIME |
1715                         MPATH_INFO_DISCOVERY_TIMEOUT |
1716                         MPATH_INFO_DISCOVERY_RETRIES |
1717                         MPATH_INFO_FLAGS;
1718 
1719         pinfo->frame_qlen = mpath->frame_queue.qlen;
1720         pinfo->sn = mpath->sn;
1721         pinfo->metric = mpath->metric;
1722         if (time_before(jiffies, mpath->exp_time))
1723                 pinfo->exptime = jiffies_to_msecs(mpath->exp_time - jiffies);
1724         pinfo->discovery_timeout =
1725                         jiffies_to_msecs(mpath->discovery_timeout);
1726         pinfo->discovery_retries = mpath->discovery_retries;
1727         if (mpath->flags & MESH_PATH_ACTIVE)
1728                 pinfo->flags |= NL80211_MPATH_FLAG_ACTIVE;
1729         if (mpath->flags & MESH_PATH_RESOLVING)
1730                 pinfo->flags |= NL80211_MPATH_FLAG_RESOLVING;
1731         if (mpath->flags & MESH_PATH_SN_VALID)
1732                 pinfo->flags |= NL80211_MPATH_FLAG_SN_VALID;
1733         if (mpath->flags & MESH_PATH_FIXED)
1734                 pinfo->flags |= NL80211_MPATH_FLAG_FIXED;
1735         if (mpath->flags & MESH_PATH_RESOLVED)
1736                 pinfo->flags |= NL80211_MPATH_FLAG_RESOLVED;
1737 }
1738 
1739 static int ieee80211_get_mpath(struct wiphy *wiphy, struct net_device *dev,
1740                                u8 *dst, u8 *next_hop, struct mpath_info *pinfo)
1741 
1742 {
1743         struct ieee80211_sub_if_data *sdata;
1744         struct mesh_path *mpath;
1745 
1746         sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1747 
1748         rcu_read_lock();
1749         mpath = mesh_path_lookup(sdata, dst);
1750         if (!mpath) {
1751                 rcu_read_unlock();
1752                 return -ENOENT;
1753         }
1754         memcpy(dst, mpath->dst, ETH_ALEN);
1755         mpath_set_pinfo(mpath, next_hop, pinfo);
1756         rcu_read_unlock();
1757         return 0;
1758 }
1759 
1760 static int ieee80211_dump_mpath(struct wiphy *wiphy, struct net_device *dev,
1761                                 int idx, u8 *dst, u8 *next_hop,
1762                                 struct mpath_info *pinfo)
1763 {
1764         struct ieee80211_sub_if_data *sdata;
1765         struct mesh_path *mpath;
1766 
1767         sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1768 
1769         rcu_read_lock();
1770         mpath = mesh_path_lookup_by_idx(sdata, idx);
1771         if (!mpath) {
1772                 rcu_read_unlock();
1773                 return -ENOENT;
1774         }
1775         memcpy(dst, mpath->dst, ETH_ALEN);
1776         mpath_set_pinfo(mpath, next_hop, pinfo);
1777         rcu_read_unlock();
1778         return 0;
1779 }
1780 
1781 static void mpp_set_pinfo(struct mesh_path *mpath, u8 *mpp,
1782                           struct mpath_info *pinfo)
1783 {
1784         memset(pinfo, 0, sizeof(*pinfo));
1785         memcpy(mpp, mpath->mpp, ETH_ALEN);
1786 
1787         pinfo->generation = mpath->sdata->u.mesh.mpp_paths_generation;
1788 }
1789 
1790 static int ieee80211_get_mpp(struct wiphy *wiphy, struct net_device *dev,
1791                              u8 *dst, u8 *mpp, struct mpath_info *pinfo)
1792 
1793 {
1794         struct ieee80211_sub_if_data *sdata;
1795         struct mesh_path *mpath;
1796 
1797         sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1798 
1799         rcu_read_lock();
1800         mpath = mpp_path_lookup(sdata, dst);
1801         if (!mpath) {
1802                 rcu_read_unlock();
1803                 return -ENOENT;
1804         }
1805         memcpy(dst, mpath->dst, ETH_ALEN);
1806         mpp_set_pinfo(mpath, mpp, pinfo);
1807         rcu_read_unlock();
1808         return 0;
1809 }
1810 
1811 static int ieee80211_dump_mpp(struct wiphy *wiphy, struct net_device *dev,
1812                               int idx, u8 *dst, u8 *mpp,
1813                               struct mpath_info *pinfo)
1814 {
1815         struct ieee80211_sub_if_data *sdata;
1816         struct mesh_path *mpath;
1817 
1818         sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1819 
1820         rcu_read_lock();
1821         mpath = mpp_path_lookup_by_idx(sdata, idx);
1822         if (!mpath) {
1823                 rcu_read_unlock();
1824                 return -ENOENT;
1825         }
1826         memcpy(dst, mpath->dst, ETH_ALEN);
1827         mpp_set_pinfo(mpath, mpp, pinfo);
1828         rcu_read_unlock();
1829         return 0;
1830 }
1831 
1832 static int ieee80211_get_mesh_config(struct wiphy *wiphy,
1833                                 struct net_device *dev,
1834                                 struct mesh_config *conf)
1835 {
1836         struct ieee80211_sub_if_data *sdata;
1837         sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1838 
1839         memcpy(conf, &(sdata->u.mesh.mshcfg), sizeof(struct mesh_config));
1840         return 0;
1841 }
1842 
1843 static inline bool _chg_mesh_attr(enum nl80211_meshconf_params parm, u32 mask)
1844 {
1845         return (mask >> (parm-1)) & 0x1;
1846 }
1847 
1848 static int copy_mesh_setup(struct ieee80211_if_mesh *ifmsh,
1849                 const struct mesh_setup *setup)
1850 {
1851         u8 *new_ie;
1852         const u8 *old_ie;
1853         struct ieee80211_sub_if_data *sdata = container_of(ifmsh,
1854                                         struct ieee80211_sub_if_data, u.mesh);
1855 
1856         /* allocate information elements */
1857         new_ie = NULL;
1858         old_ie = ifmsh->ie;
1859 
1860         if (setup->ie_len) {
1861                 new_ie = kmemdup(setup->ie, setup->ie_len,
1862                                 GFP_KERNEL);
1863                 if (!new_ie)
1864                         return -ENOMEM;
1865         }
1866         ifmsh->ie_len = setup->ie_len;
1867         ifmsh->ie = new_ie;
1868         kfree(old_ie);
1869 
1870         /* now copy the rest of the setup parameters */
1871         ifmsh->mesh_id_len = setup->mesh_id_len;
1872         memcpy(ifmsh->mesh_id, setup->mesh_id, ifmsh->mesh_id_len);
1873         ifmsh->mesh_sp_id = setup->sync_method;
1874         ifmsh->mesh_pp_id = setup->path_sel_proto;
1875         ifmsh->mesh_pm_id = setup->path_metric;
1876         ifmsh->user_mpm = setup->user_mpm;
1877         ifmsh->mesh_auth_id = setup->auth_id;
1878         ifmsh->security = IEEE80211_MESH_SEC_NONE;
1879         ifmsh->userspace_handles_dfs = setup->userspace_handles_dfs;
1880         if (setup->is_authenticated)
1881                 ifmsh->security |= IEEE80211_MESH_SEC_AUTHED;
1882         if (setup->is_secure)
1883                 ifmsh->security |= IEEE80211_MESH_SEC_SECURED;
1884 
1885         /* mcast rate setting in Mesh Node */
1886         memcpy(sdata->vif.bss_conf.mcast_rate, setup->mcast_rate,
1887                                                 sizeof(setup->mcast_rate));
1888         sdata->vif.bss_conf.basic_rates = setup->basic_rates;
1889 
1890         sdata->vif.bss_conf.beacon_int = setup->beacon_interval;
1891         sdata->vif.bss_conf.dtim_period = setup->dtim_period;
1892 
1893         return 0;
1894 }
1895 
1896 static int ieee80211_update_mesh_config(struct wiphy *wiphy,
1897                                         struct net_device *dev, u32 mask,
1898                                         const struct mesh_config *nconf)
1899 {
1900         struct mesh_config *conf;
1901         struct ieee80211_sub_if_data *sdata;
1902         struct ieee80211_if_mesh *ifmsh;
1903 
1904         sdata = IEEE80211_DEV_TO_SUB_IF(dev);
1905         ifmsh = &sdata->u.mesh;
1906 
1907         /* Set the config options which we are interested in setting */
1908         conf = &(sdata->u.mesh.mshcfg);
1909         if (_chg_mesh_attr(NL80211_MESHCONF_RETRY_TIMEOUT, mask))
1910                 conf->dot11MeshRetryTimeout = nconf->dot11MeshRetryTimeout;
1911         if (_chg_mesh_attr(NL80211_MESHCONF_CONFIRM_TIMEOUT, mask))
1912                 conf->dot11MeshConfirmTimeout = nconf->dot11MeshConfirmTimeout;
1913         if (_chg_mesh_attr(NL80211_MESHCONF_HOLDING_TIMEOUT, mask))
1914                 conf->dot11MeshHoldingTimeout = nconf->dot11MeshHoldingTimeout;
1915         if (_chg_mesh_attr(NL80211_MESHCONF_MAX_PEER_LINKS, mask))
1916                 conf->dot11MeshMaxPeerLinks = nconf->dot11MeshMaxPeerLinks;
1917         if (_chg_mesh_attr(NL80211_MESHCONF_MAX_RETRIES, mask))
1918                 conf->dot11MeshMaxRetries = nconf->dot11MeshMaxRetries;
1919         if (_chg_mesh_attr(NL80211_MESHCONF_TTL, mask))
1920                 conf->dot11MeshTTL = nconf->dot11MeshTTL;
1921         if (_chg_mesh_attr(NL80211_MESHCONF_ELEMENT_TTL, mask))
1922                 conf->element_ttl = nconf->element_ttl;
1923         if (_chg_mesh_attr(NL80211_MESHCONF_AUTO_OPEN_PLINKS, mask)) {
1924                 if (ifmsh->user_mpm)
1925                         return -EBUSY;
1926                 conf->auto_open_plinks = nconf->auto_open_plinks;
1927         }
1928         if (_chg_mesh_attr(NL80211_MESHCONF_SYNC_OFFSET_MAX_NEIGHBOR, mask))
1929                 conf->dot11MeshNbrOffsetMaxNeighbor =
1930                         nconf->dot11MeshNbrOffsetMaxNeighbor;
1931         if (_chg_mesh_attr(NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES, mask))
1932                 conf->dot11MeshHWMPmaxPREQretries =
1933                         nconf->dot11MeshHWMPmaxPREQretries;
1934         if (_chg_mesh_attr(NL80211_MESHCONF_PATH_REFRESH_TIME, mask))
1935                 conf->path_refresh_time = nconf->path_refresh_time;
1936         if (_chg_mesh_attr(NL80211_MESHCONF_MIN_DISCOVERY_TIMEOUT, mask))
1937                 conf->min_discovery_timeout = nconf->min_discovery_timeout;
1938         if (_chg_mesh_attr(NL80211_MESHCONF_HWMP_ACTIVE_PATH_TIMEOUT, mask))
1939                 conf->dot11MeshHWMPactivePathTimeout =
1940                         nconf->dot11MeshHWMPactivePathTimeout;
1941         if (_chg_mesh_attr(NL80211_MESHCONF_HWMP_PREQ_MIN_INTERVAL, mask))
1942                 conf->dot11MeshHWMPpreqMinInterval =
1943                         nconf->dot11MeshHWMPpreqMinInterval;
1944         if (_chg_mesh_attr(NL80211_MESHCONF_HWMP_PERR_MIN_INTERVAL, mask))
1945                 conf->dot11MeshHWMPperrMinInterval =
1946                         nconf->dot11MeshHWMPperrMinInterval;
1947         if (_chg_mesh_attr(NL80211_MESHCONF_HWMP_NET_DIAM_TRVS_TIME,
1948                            mask))
1949                 conf->dot11MeshHWMPnetDiameterTraversalTime =
1950                         nconf->dot11MeshHWMPnetDiameterTraversalTime;
1951         if (_chg_mesh_attr(NL80211_MESHCONF_HWMP_ROOTMODE, mask)) {
1952                 conf->dot11MeshHWMPRootMode = nconf->dot11MeshHWMPRootMode;
1953                 ieee80211_mesh_root_setup(ifmsh);
1954         }
1955         if (_chg_mesh_attr(NL80211_MESHCONF_GATE_ANNOUNCEMENTS, mask)) {
1956                 /* our current gate announcement implementation rides on root
1957                  * announcements, so require this ifmsh to also be a root node
1958                  * */
1959                 if (nconf->dot11MeshGateAnnouncementProtocol &&
1960                     !(conf->dot11MeshHWMPRootMode > IEEE80211_ROOTMODE_ROOT)) {
1961                         conf->dot11MeshHWMPRootMode = IEEE80211_PROACTIVE_RANN;
1962                         ieee80211_mesh_root_setup(ifmsh);
1963                 }
1964                 conf->dot11MeshGateAnnouncementProtocol =
1965                         nconf->dot11MeshGateAnnouncementProtocol;
1966         }
1967         if (_chg_mesh_attr(NL80211_MESHCONF_HWMP_RANN_INTERVAL, mask))
1968                 conf->dot11MeshHWMPRannInterval =
1969                         nconf->dot11MeshHWMPRannInterval;
1970         if (_chg_mesh_attr(NL80211_MESHCONF_FORWARDING, mask))
1971                 conf->dot11MeshForwarding = nconf->dot11MeshForwarding;
1972         if (_chg_mesh_attr(NL80211_MESHCONF_RSSI_THRESHOLD, mask)) {
1973                 /* our RSSI threshold implementation is supported only for
1974                  * devices that report signal in dBm.
1975                  */
1976                 if (!ieee80211_hw_check(&sdata->local->hw, SIGNAL_DBM))
1977                         return -ENOTSUPP;
1978                 conf->rssi_threshold = nconf->rssi_threshold;
1979         }
1980         if (_chg_mesh_attr(NL80211_MESHCONF_HT_OPMODE, mask)) {
1981                 conf->ht_opmode = nconf->ht_opmode;
1982                 sdata->vif.bss_conf.ht_operation_mode = nconf->ht_opmode;
1983                 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_HT);
1984         }
1985         if (_chg_mesh_attr(NL80211_MESHCONF_HWMP_PATH_TO_ROOT_TIMEOUT, mask))
1986                 conf->dot11MeshHWMPactivePathToRootTimeout =
1987                         nconf->dot11MeshHWMPactivePathToRootTimeout;
1988         if (_chg_mesh_attr(NL80211_MESHCONF_HWMP_ROOT_INTERVAL, mask))
1989                 conf->dot11MeshHWMProotInterval =
1990                         nconf->dot11MeshHWMProotInterval;
1991         if (_chg_mesh_attr(NL80211_MESHCONF_HWMP_CONFIRMATION_INTERVAL, mask))
1992                 conf->dot11MeshHWMPconfirmationInterval =
1993                         nconf->dot11MeshHWMPconfirmationInterval;
1994         if (_chg_mesh_attr(NL80211_MESHCONF_POWER_MODE, mask)) {
1995                 conf->power_mode = nconf->power_mode;
1996                 ieee80211_mps_local_status_update(sdata);
1997         }
1998         if (_chg_mesh_attr(NL80211_MESHCONF_AWAKE_WINDOW, mask))
1999                 conf->dot11MeshAwakeWindowDuration =
2000                         nconf->dot11MeshAwakeWindowDuration;
2001         if (_chg_mesh_attr(NL80211_MESHCONF_PLINK_TIMEOUT, mask))
2002                 conf->plink_timeout = nconf->plink_timeout;
2003         ieee80211_mbss_info_change_notify(sdata, BSS_CHANGED_BEACON);
2004         return 0;
2005 }
2006 
2007 static int ieee80211_join_mesh(struct wiphy *wiphy, struct net_device *dev,
2008                                const struct mesh_config *conf,
2009                                const struct mesh_setup *setup)
2010 {
2011         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2012         struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
2013         int err;
2014 
2015         memcpy(&ifmsh->mshcfg, conf, sizeof(struct mesh_config));
2016         err = copy_mesh_setup(ifmsh, setup);
2017         if (err)
2018                 return err;
2019 
2020         /* can mesh use other SMPS modes? */
2021         sdata->smps_mode = IEEE80211_SMPS_OFF;
2022         sdata->needed_rx_chains = sdata->local->rx_chains;
2023 
2024         mutex_lock(&sdata->local->mtx);
2025         err = ieee80211_vif_use_channel(sdata, &setup->chandef,
2026                                         IEEE80211_CHANCTX_SHARED);
2027         mutex_unlock(&sdata->local->mtx);
2028         if (err)
2029                 return err;
2030 
2031         return ieee80211_start_mesh(sdata);
2032 }
2033 
2034 static int ieee80211_leave_mesh(struct wiphy *wiphy, struct net_device *dev)
2035 {
2036         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2037 
2038         ieee80211_stop_mesh(sdata);
2039         mutex_lock(&sdata->local->mtx);
2040         ieee80211_vif_release_channel(sdata);
2041         mutex_unlock(&sdata->local->mtx);
2042 
2043         return 0;
2044 }
2045 #endif
2046 
2047 static int ieee80211_change_bss(struct wiphy *wiphy,
2048                                 struct net_device *dev,
2049                                 struct bss_parameters *params)
2050 {
2051         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2052         struct ieee80211_supported_band *sband;
2053         u32 changed = 0;
2054 
2055         if (!sdata_dereference(sdata->u.ap.beacon, sdata))
2056                 return -ENOENT;
2057 
2058         sband = ieee80211_get_sband(sdata);
2059         if (!sband)
2060                 return -EINVAL;
2061 
2062         if (params->use_cts_prot >= 0) {
2063                 sdata->vif.bss_conf.use_cts_prot = params->use_cts_prot;
2064                 changed |= BSS_CHANGED_ERP_CTS_PROT;
2065         }
2066         if (params->use_short_preamble >= 0) {
2067                 sdata->vif.bss_conf.use_short_preamble =
2068                         params->use_short_preamble;
2069                 changed |= BSS_CHANGED_ERP_PREAMBLE;
2070         }
2071 
2072         if (!sdata->vif.bss_conf.use_short_slot &&
2073             sband->band == NL80211_BAND_5GHZ) {
2074                 sdata->vif.bss_conf.use_short_slot = true;
2075                 changed |= BSS_CHANGED_ERP_SLOT;
2076         }
2077 
2078         if (params->use_short_slot_time >= 0) {
2079                 sdata->vif.bss_conf.use_short_slot =
2080                         params->use_short_slot_time;
2081                 changed |= BSS_CHANGED_ERP_SLOT;
2082         }
2083 
2084         if (params->basic_rates) {
2085                 ieee80211_parse_bitrates(&sdata->vif.bss_conf.chandef,
2086                                          wiphy->bands[sband->band],
2087                                          params->basic_rates,
2088                                          params->basic_rates_len,
2089                                          &sdata->vif.bss_conf.basic_rates);
2090                 changed |= BSS_CHANGED_BASIC_RATES;
2091                 ieee80211_check_rate_mask(sdata);
2092         }
2093 
2094         if (params->ap_isolate >= 0) {
2095                 if (params->ap_isolate)
2096                         sdata->flags |= IEEE80211_SDATA_DONT_BRIDGE_PACKETS;
2097                 else
2098                         sdata->flags &= ~IEEE80211_SDATA_DONT_BRIDGE_PACKETS;
2099                 ieee80211_check_fast_rx_iface(sdata);
2100         }
2101 
2102         if (params->ht_opmode >= 0) {
2103                 sdata->vif.bss_conf.ht_operation_mode =
2104                         (u16) params->ht_opmode;
2105                 changed |= BSS_CHANGED_HT;
2106         }
2107 
2108         if (params->p2p_ctwindow >= 0) {
2109                 sdata->vif.bss_conf.p2p_noa_attr.oppps_ctwindow &=
2110                                         ~IEEE80211_P2P_OPPPS_CTWINDOW_MASK;
2111                 sdata->vif.bss_conf.p2p_noa_attr.oppps_ctwindow |=
2112                         params->p2p_ctwindow & IEEE80211_P2P_OPPPS_CTWINDOW_MASK;
2113                 changed |= BSS_CHANGED_P2P_PS;
2114         }
2115 
2116         if (params->p2p_opp_ps > 0) {
2117                 sdata->vif.bss_conf.p2p_noa_attr.oppps_ctwindow |=
2118                                         IEEE80211_P2P_OPPPS_ENABLE_BIT;
2119                 changed |= BSS_CHANGED_P2P_PS;
2120         } else if (params->p2p_opp_ps == 0) {
2121                 sdata->vif.bss_conf.p2p_noa_attr.oppps_ctwindow &=
2122                                         ~IEEE80211_P2P_OPPPS_ENABLE_BIT;
2123                 changed |= BSS_CHANGED_P2P_PS;
2124         }
2125 
2126         ieee80211_bss_info_change_notify(sdata, changed);
2127 
2128         return 0;
2129 }
2130 
2131 static int ieee80211_set_txq_params(struct wiphy *wiphy,
2132                                     struct net_device *dev,
2133                                     struct ieee80211_txq_params *params)
2134 {
2135         struct ieee80211_local *local = wiphy_priv(wiphy);
2136         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2137         struct ieee80211_tx_queue_params p;
2138 
2139         if (!local->ops->conf_tx)
2140                 return -EOPNOTSUPP;
2141 
2142         if (local->hw.queues < IEEE80211_NUM_ACS)
2143                 return -EOPNOTSUPP;
2144 
2145         memset(&p, 0, sizeof(p));
2146         p.aifs = params->aifs;
2147         p.cw_max = params->cwmax;
2148         p.cw_min = params->cwmin;
2149         p.txop = params->txop;
2150 
2151         /*
2152          * Setting tx queue params disables u-apsd because it's only
2153          * called in master mode.
2154          */
2155         p.uapsd = false;
2156 
2157         sdata->tx_conf[params->ac] = p;
2158         if (drv_conf_tx(local, sdata, params->ac, &p)) {
2159                 wiphy_debug(local->hw.wiphy,
2160                             "failed to set TX queue parameters for AC %d\n",
2161                             params->ac);
2162                 return -EINVAL;
2163         }
2164 
2165         ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_QOS);
2166 
2167         return 0;
2168 }
2169 
2170 #ifdef CONFIG_PM
2171 static int ieee80211_suspend(struct wiphy *wiphy,
2172                              struct cfg80211_wowlan *wowlan)
2173 {
2174         return __ieee80211_suspend(wiphy_priv(wiphy), wowlan);
2175 }
2176 
2177 static int ieee80211_resume(struct wiphy *wiphy)
2178 {
2179         return __ieee80211_resume(wiphy_priv(wiphy));
2180 }
2181 #else
2182 #define ieee80211_suspend NULL
2183 #define ieee80211_resume NULL
2184 #endif
2185 
2186 static int ieee80211_scan(struct wiphy *wiphy,
2187                           struct cfg80211_scan_request *req)
2188 {
2189         struct ieee80211_sub_if_data *sdata;
2190 
2191         sdata = IEEE80211_WDEV_TO_SUB_IF(req->wdev);
2192 
2193         switch (ieee80211_vif_type_p2p(&sdata->vif)) {
2194         case NL80211_IFTYPE_STATION:
2195         case NL80211_IFTYPE_ADHOC:
2196         case NL80211_IFTYPE_MESH_POINT:
2197         case NL80211_IFTYPE_P2P_CLIENT:
2198         case NL80211_IFTYPE_P2P_DEVICE:
2199                 break;
2200         case NL80211_IFTYPE_P2P_GO:
2201                 if (sdata->local->ops->hw_scan)
2202                         break;
2203                 /*
2204                  * FIXME: implement NoA while scanning in software,
2205                  * for now fall through to allow scanning only when
2206                  * beaconing hasn't been configured yet
2207                  */
2208         case NL80211_IFTYPE_AP:
2209                 /*
2210                  * If the scan has been forced (and the driver supports
2211                  * forcing), don't care about being beaconing already.
2212                  * This will create problems to the attached stations (e.g. all
2213                  * the  frames sent while scanning on other channel will be
2214                  * lost)
2215                  */
2216                 if (sdata->u.ap.beacon &&
2217                     (!(wiphy->features & NL80211_FEATURE_AP_SCAN) ||
2218                      !(req->flags & NL80211_SCAN_FLAG_AP)))
2219                         return -EOPNOTSUPP;
2220                 break;
2221         case NL80211_IFTYPE_NAN:
2222         default:
2223                 return -EOPNOTSUPP;
2224         }
2225 
2226         return ieee80211_request_scan(sdata, req);
2227 }
2228 
2229 static void ieee80211_abort_scan(struct wiphy *wiphy, struct wireless_dev *wdev)
2230 {
2231         ieee80211_scan_cancel(wiphy_priv(wiphy));
2232 }
2233 
2234 static int
2235 ieee80211_sched_scan_start(struct wiphy *wiphy,
2236                            struct net_device *dev,
2237                            struct cfg80211_sched_scan_request *req)
2238 {
2239         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2240 
2241         if (!sdata->local->ops->sched_scan_start)
2242                 return -EOPNOTSUPP;
2243 
2244         return ieee80211_request_sched_scan_start(sdata, req);
2245 }
2246 
2247 static int
2248 ieee80211_sched_scan_stop(struct wiphy *wiphy, struct net_device *dev,
2249                           u64 reqid)
2250 {
2251         struct ieee80211_local *local = wiphy_priv(wiphy);
2252 
2253         if (!local->ops->sched_scan_stop)
2254                 return -EOPNOTSUPP;
2255 
2256         return ieee80211_request_sched_scan_stop(local);
2257 }
2258 
2259 static int ieee80211_auth(struct wiphy *wiphy, struct net_device *dev,
2260                           struct cfg80211_auth_request *req)
2261 {
2262         return ieee80211_mgd_auth(IEEE80211_DEV_TO_SUB_IF(dev), req);
2263 }
2264 
2265 static int ieee80211_assoc(struct wiphy *wiphy, struct net_device *dev,
2266                            struct cfg80211_assoc_request *req)
2267 {
2268         return ieee80211_mgd_assoc(IEEE80211_DEV_TO_SUB_IF(dev), req);
2269 }
2270 
2271 static int ieee80211_deauth(struct wiphy *wiphy, struct net_device *dev,
2272                             struct cfg80211_deauth_request *req)
2273 {
2274         return ieee80211_mgd_deauth(IEEE80211_DEV_TO_SUB_IF(dev), req);
2275 }
2276 
2277 static int ieee80211_disassoc(struct wiphy *wiphy, struct net_device *dev,
2278                               struct cfg80211_disassoc_request *req)
2279 {
2280         return ieee80211_mgd_disassoc(IEEE80211_DEV_TO_SUB_IF(dev), req);
2281 }
2282 
2283 static int ieee80211_join_ibss(struct wiphy *wiphy, struct net_device *dev,
2284                                struct cfg80211_ibss_params *params)
2285 {
2286         return ieee80211_ibss_join(IEEE80211_DEV_TO_SUB_IF(dev), params);
2287 }
2288 
2289 static int ieee80211_leave_ibss(struct wiphy *wiphy, struct net_device *dev)
2290 {
2291         return ieee80211_ibss_leave(IEEE80211_DEV_TO_SUB_IF(dev));
2292 }
2293 
2294 static int ieee80211_join_ocb(struct wiphy *wiphy, struct net_device *dev,
2295                               struct ocb_setup *setup)
2296 {
2297         return ieee80211_ocb_join(IEEE80211_DEV_TO_SUB_IF(dev), setup);
2298 }
2299 
2300 static int ieee80211_leave_ocb(struct wiphy *wiphy, struct net_device *dev)
2301 {
2302         return ieee80211_ocb_leave(IEEE80211_DEV_TO_SUB_IF(dev));
2303 }
2304 
2305 static int ieee80211_set_mcast_rate(struct wiphy *wiphy, struct net_device *dev,
2306                                     int rate[NUM_NL80211_BANDS])
2307 {
2308         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2309 
2310         memcpy(sdata->vif.bss_conf.mcast_rate, rate,
2311                sizeof(int) * NUM_NL80211_BANDS);
2312 
2313         return 0;
2314 }
2315 
2316 static int ieee80211_set_wiphy_params(struct wiphy *wiphy, u32 changed)
2317 {
2318         struct ieee80211_local *local = wiphy_priv(wiphy);
2319         int err;
2320 
2321         if (changed & WIPHY_PARAM_FRAG_THRESHOLD) {
2322                 ieee80211_check_fast_xmit_all(local);
2323 
2324                 err = drv_set_frag_threshold(local, wiphy->frag_threshold);
2325 
2326                 if (err) {
2327                         ieee80211_check_fast_xmit_all(local);
2328                         return err;
2329                 }
2330         }
2331 
2332         if ((changed & WIPHY_PARAM_COVERAGE_CLASS) ||
2333             (changed & WIPHY_PARAM_DYN_ACK)) {
2334                 s16 coverage_class;
2335 
2336                 coverage_class = changed & WIPHY_PARAM_COVERAGE_CLASS ?
2337                                         wiphy->coverage_class : -1;
2338                 err = drv_set_coverage_class(local, coverage_class);
2339 
2340                 if (err)
2341                         return err;
2342         }
2343 
2344         if (changed & WIPHY_PARAM_RTS_THRESHOLD) {
2345                 err = drv_set_rts_threshold(local, wiphy->rts_threshold);
2346 
2347                 if (err)
2348                         return err;
2349         }
2350 
2351         if (changed & WIPHY_PARAM_RETRY_SHORT) {
2352                 if (wiphy->retry_short > IEEE80211_MAX_TX_RETRY)
2353                         return -EINVAL;
2354                 local->hw.conf.short_frame_max_tx_count = wiphy->retry_short;
2355         }
2356         if (changed & WIPHY_PARAM_RETRY_LONG) {
2357                 if (wiphy->retry_long > IEEE80211_MAX_TX_RETRY)
2358                         return -EINVAL;
2359                 local->hw.conf.long_frame_max_tx_count = wiphy->retry_long;
2360         }
2361         if (changed &
2362             (WIPHY_PARAM_RETRY_SHORT | WIPHY_PARAM_RETRY_LONG))
2363                 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_RETRY_LIMITS);
2364 
2365         return 0;
2366 }
2367 
2368 static int ieee80211_set_tx_power(struct wiphy *wiphy,
2369                                   struct wireless_dev *wdev,
2370                                   enum nl80211_tx_power_setting type, int mbm)
2371 {
2372         struct ieee80211_local *local = wiphy_priv(wiphy);
2373         struct ieee80211_sub_if_data *sdata;
2374         enum nl80211_tx_power_setting txp_type = type;
2375         bool update_txp_type = false;
2376 
2377         if (wdev) {
2378                 sdata = IEEE80211_WDEV_TO_SUB_IF(wdev);
2379 
2380                 switch (type) {
2381                 case NL80211_TX_POWER_AUTOMATIC:
2382                         sdata->user_power_level = IEEE80211_UNSET_POWER_LEVEL;
2383                         txp_type = NL80211_TX_POWER_LIMITED;
2384                         break;
2385                 case NL80211_TX_POWER_LIMITED:
2386                 case NL80211_TX_POWER_FIXED:
2387                         if (mbm < 0 || (mbm % 100))
2388                                 return -EOPNOTSUPP;
2389                         sdata->user_power_level = MBM_TO_DBM(mbm);
2390                         break;
2391                 }
2392 
2393                 if (txp_type != sdata->vif.bss_conf.txpower_type) {
2394                         update_txp_type = true;
2395                         sdata->vif.bss_conf.txpower_type = txp_type;
2396                 }
2397 
2398                 ieee80211_recalc_txpower(sdata, update_txp_type);
2399 
2400                 return 0;
2401         }
2402 
2403         switch (type) {
2404         case NL80211_TX_POWER_AUTOMATIC:
2405                 local->user_power_level = IEEE80211_UNSET_POWER_LEVEL;
2406                 txp_type = NL80211_TX_POWER_LIMITED;
2407                 break;
2408         case NL80211_TX_POWER_LIMITED:
2409         case NL80211_TX_POWER_FIXED:
2410                 if (mbm < 0 || (mbm % 100))
2411                         return -EOPNOTSUPP;
2412                 local->user_power_level = MBM_TO_DBM(mbm);
2413                 break;
2414         }
2415 
2416         mutex_lock(&local->iflist_mtx);
2417         list_for_each_entry(sdata, &local->interfaces, list) {
2418                 sdata->user_power_level = local->user_power_level;
2419                 if (txp_type != sdata->vif.bss_conf.txpower_type)
2420                         update_txp_type = true;
2421                 sdata->vif.bss_conf.txpower_type = txp_type;
2422         }
2423         list_for_each_entry(sdata, &local->interfaces, list)
2424                 ieee80211_recalc_txpower(sdata, update_txp_type);
2425         mutex_unlock(&local->iflist_mtx);
2426 
2427         return 0;
2428 }
2429 
2430 static int ieee80211_get_tx_power(struct wiphy *wiphy,
2431                                   struct wireless_dev *wdev,
2432                                   int *dbm)
2433 {
2434         struct ieee80211_local *local = wiphy_priv(wiphy);
2435         struct ieee80211_sub_if_data *sdata = IEEE80211_WDEV_TO_SUB_IF(wdev);
2436 
2437         if (local->ops->get_txpower)
2438                 return drv_get_txpower(local, sdata, dbm);
2439 
2440         if (!local->use_chanctx)
2441                 *dbm = local->hw.conf.power_level;
2442         else
2443                 *dbm = sdata->vif.bss_conf.txpower;
2444 
2445         return 0;
2446 }
2447 
2448 static int ieee80211_set_wds_peer(struct wiphy *wiphy, struct net_device *dev,
2449                                   const u8 *addr)
2450 {
2451         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2452 
2453         memcpy(&sdata->u.wds.remote_addr, addr, ETH_ALEN);
2454 
2455         return 0;
2456 }
2457 
2458 static void ieee80211_rfkill_poll(struct wiphy *wiphy)
2459 {
2460         struct ieee80211_local *local = wiphy_priv(wiphy);
2461 
2462         drv_rfkill_poll(local);
2463 }
2464 
2465 #ifdef CONFIG_NL80211_TESTMODE
2466 static int ieee80211_testmode_cmd(struct wiphy *wiphy,
2467                                   struct wireless_dev *wdev,
2468                                   void *data, int len)
2469 {
2470         struct ieee80211_local *local = wiphy_priv(wiphy);
2471         struct ieee80211_vif *vif = NULL;
2472 
2473         if (!local->ops->testmode_cmd)
2474                 return -EOPNOTSUPP;
2475 
2476         if (wdev) {
2477                 struct ieee80211_sub_if_data *sdata;
2478 
2479                 sdata = IEEE80211_WDEV_TO_SUB_IF(wdev);
2480                 if (sdata->flags & IEEE80211_SDATA_IN_DRIVER)
2481                         vif = &sdata->vif;
2482         }
2483 
2484         return local->ops->testmode_cmd(&local->hw, vif, data, len);
2485 }
2486 
2487 static int ieee80211_testmode_dump(struct wiphy *wiphy,
2488                                    struct sk_buff *skb,
2489                                    struct netlink_callback *cb,
2490                                    void *data, int len)
2491 {
2492         struct ieee80211_local *local = wiphy_priv(wiphy);
2493 
2494         if (!local->ops->testmode_dump)
2495                 return -EOPNOTSUPP;
2496 
2497         return local->ops->testmode_dump(&local->hw, skb, cb, data, len);
2498 }
2499 #endif
2500 
2501 int __ieee80211_request_smps_ap(struct ieee80211_sub_if_data *sdata,
2502                                 enum ieee80211_smps_mode smps_mode)
2503 {
2504         struct sta_info *sta;
2505         enum ieee80211_smps_mode old_req;
2506 
2507         if (WARN_ON_ONCE(sdata->vif.type != NL80211_IFTYPE_AP))
2508                 return -EINVAL;
2509 
2510         if (sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_20_NOHT)
2511                 return 0;
2512 
2513         old_req = sdata->u.ap.req_smps;
2514         sdata->u.ap.req_smps = smps_mode;
2515 
2516         /* AUTOMATIC doesn't mean much for AP - don't allow it */
2517         if (old_req == smps_mode ||
2518             smps_mode == IEEE80211_SMPS_AUTOMATIC)
2519                 return 0;
2520 
2521         ht_dbg(sdata,
2522                "SMPS %d requested in AP mode, sending Action frame to %d stations\n",
2523                smps_mode, atomic_read(&sdata->u.ap.num_mcast_sta));
2524 
2525         mutex_lock(&sdata->local->sta_mtx);
2526         list_for_each_entry(sta, &sdata->local->sta_list, list) {
2527                 /*
2528                  * Only stations associated to our AP and
2529                  * associated VLANs
2530                  */
2531                 if (sta->sdata->bss != &sdata->u.ap)
2532                         continue;
2533 
2534                 /* This station doesn't support MIMO - skip it */
2535                 if (sta_info_tx_streams(sta) == 1)
2536                         continue;
2537 
2538                 /*
2539                  * Don't wake up a STA just to send the action frame
2540                  * unless we are getting more restrictive.
2541                  */
2542                 if (test_sta_flag(sta, WLAN_STA_PS_STA) &&
2543                     !ieee80211_smps_is_restrictive(sta->known_smps_mode,
2544                                                    smps_mode)) {
2545                         ht_dbg(sdata, "Won't send SMPS to sleeping STA %pM\n",
2546                                sta->sta.addr);
2547                         continue;
2548                 }
2549 
2550                 /*
2551                  * If the STA is not authorized, wait until it gets
2552                  * authorized and the action frame will be sent then.
2553                  */
2554                 if (!test_sta_flag(sta, WLAN_STA_AUTHORIZED))
2555                         continue;
2556 
2557                 ht_dbg(sdata, "Sending SMPS to %pM\n", sta->sta.addr);
2558                 ieee80211_send_smps_action(sdata, smps_mode, sta->sta.addr,
2559                                            sdata->vif.bss_conf.bssid);
2560         }
2561         mutex_unlock(&sdata->local->sta_mtx);
2562 
2563         sdata->smps_mode = smps_mode;
2564         ieee80211_queue_work(&sdata->local->hw, &sdata->recalc_smps);
2565 
2566         return 0;
2567 }
2568 
2569 int __ieee80211_request_smps_mgd(struct ieee80211_sub_if_data *sdata,
2570                                  enum ieee80211_smps_mode smps_mode)
2571 {
2572         const u8 *ap;
2573         enum ieee80211_smps_mode old_req;
2574         int err;
2575         struct sta_info *sta;
2576         bool tdls_peer_found = false;
2577 
2578         lockdep_assert_held(&sdata->wdev.mtx);
2579 
2580         if (WARN_ON_ONCE(sdata->vif.type != NL80211_IFTYPE_STATION))
2581                 return -EINVAL;
2582 
2583         old_req = sdata->u.mgd.req_smps;
2584         sdata->u.mgd.req_smps = smps_mode;
2585 
2586         if (old_req == smps_mode &&
2587             smps_mode != IEEE80211_SMPS_AUTOMATIC)
2588                 return 0;
2589 
2590         /*
2591          * If not associated, or current association is not an HT
2592          * association, there's no need to do anything, just store
2593          * the new value until we associate.
2594          */
2595         if (!sdata->u.mgd.associated ||
2596             sdata->vif.bss_conf.chandef.width == NL80211_CHAN_WIDTH_20_NOHT)
2597                 return 0;
2598 
2599         ap = sdata->u.mgd.associated->bssid;
2600 
2601         rcu_read_lock();
2602         list_for_each_entry_rcu(sta, &sdata->local->sta_list, list) {
2603                 if (!sta->sta.tdls || sta->sdata != sdata || !sta->uploaded ||
2604                     !test_sta_flag(sta, WLAN_STA_AUTHORIZED))
2605                         continue;
2606 
2607                 tdls_peer_found = true;
2608                 break;
2609         }
2610         rcu_read_unlock();
2611 
2612         if (smps_mode == IEEE80211_SMPS_AUTOMATIC) {
2613                 if (tdls_peer_found || !sdata->u.mgd.powersave)
2614                         smps_mode = IEEE80211_SMPS_OFF;
2615                 else
2616                         smps_mode = IEEE80211_SMPS_DYNAMIC;
2617         }
2618 
2619         /* send SM PS frame to AP */
2620         err = ieee80211_send_smps_action(sdata, smps_mode,
2621                                          ap, ap);
2622         if (err)
2623                 sdata->u.mgd.req_smps = old_req;
2624         else if (smps_mode != IEEE80211_SMPS_OFF && tdls_peer_found)
2625                 ieee80211_teardown_tdls_peers(sdata);
2626 
2627         return err;
2628 }
2629 
2630 static int ieee80211_set_power_mgmt(struct wiphy *wiphy, struct net_device *dev,
2631                                     bool enabled, int timeout)
2632 {
2633         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2634         struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2635 
2636         if (sdata->vif.type != NL80211_IFTYPE_STATION)
2637                 return -EOPNOTSUPP;
2638 
2639         if (!ieee80211_hw_check(&local->hw, SUPPORTS_PS))
2640                 return -EOPNOTSUPP;
2641 
2642         if (enabled == sdata->u.mgd.powersave &&
2643             timeout == local->dynamic_ps_forced_timeout)
2644                 return 0;
2645 
2646         sdata->u.mgd.powersave = enabled;
2647         local->dynamic_ps_forced_timeout = timeout;
2648 
2649         /* no change, but if automatic follow powersave */
2650         sdata_lock(sdata);
2651         __ieee80211_request_smps_mgd(sdata, sdata->u.mgd.req_smps);
2652         sdata_unlock(sdata);
2653 
2654         if (ieee80211_hw_check(&local->hw, SUPPORTS_DYNAMIC_PS))
2655                 ieee80211_hw_config(local, IEEE80211_CONF_CHANGE_PS);
2656 
2657         ieee80211_recalc_ps(local);
2658         ieee80211_recalc_ps_vif(sdata);
2659 
2660         return 0;
2661 }
2662 
2663 static int ieee80211_set_cqm_rssi_config(struct wiphy *wiphy,
2664                                          struct net_device *dev,
2665                                          s32 rssi_thold, u32 rssi_hyst)
2666 {
2667         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2668         struct ieee80211_vif *vif = &sdata->vif;
2669         struct ieee80211_bss_conf *bss_conf = &vif->bss_conf;
2670 
2671         if (rssi_thold == bss_conf->cqm_rssi_thold &&
2672             rssi_hyst == bss_conf->cqm_rssi_hyst)
2673                 return 0;
2674 
2675         if (sdata->vif.driver_flags & IEEE80211_VIF_BEACON_FILTER &&
2676             !(sdata->vif.driver_flags & IEEE80211_VIF_SUPPORTS_CQM_RSSI))
2677                 return -EOPNOTSUPP;
2678 
2679         bss_conf->cqm_rssi_thold = rssi_thold;
2680         bss_conf->cqm_rssi_hyst = rssi_hyst;
2681         bss_conf->cqm_rssi_low = 0;
2682         bss_conf->cqm_rssi_high = 0;
2683         sdata->u.mgd.last_cqm_event_signal = 0;
2684 
2685         /* tell the driver upon association, unless already associated */
2686         if (sdata->u.mgd.associated &&
2687             sdata->vif.driver_flags & IEEE80211_VIF_SUPPORTS_CQM_RSSI)
2688                 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_CQM);
2689 
2690         return 0;
2691 }
2692 
2693 static int ieee80211_set_cqm_rssi_range_config(struct wiphy *wiphy,
2694                                                struct net_device *dev,
2695                                                s32 rssi_low, s32 rssi_high)
2696 {
2697         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2698         struct ieee80211_vif *vif = &sdata->vif;
2699         struct ieee80211_bss_conf *bss_conf = &vif->bss_conf;
2700 
2701         if (sdata->vif.driver_flags & IEEE80211_VIF_BEACON_FILTER)
2702                 return -EOPNOTSUPP;
2703 
2704         bss_conf->cqm_rssi_low = rssi_low;
2705         bss_conf->cqm_rssi_high = rssi_high;
2706         bss_conf->cqm_rssi_thold = 0;
2707         bss_conf->cqm_rssi_hyst = 0;
2708         sdata->u.mgd.last_cqm_event_signal = 0;
2709 
2710         /* tell the driver upon association, unless already associated */
2711         if (sdata->u.mgd.associated &&
2712             sdata->vif.driver_flags & IEEE80211_VIF_SUPPORTS_CQM_RSSI)
2713                 ieee80211_bss_info_change_notify(sdata, BSS_CHANGED_CQM);
2714 
2715         return 0;
2716 }
2717 
2718 static int ieee80211_set_bitrate_mask(struct wiphy *wiphy,
2719                                       struct net_device *dev,
2720                                       const u8 *addr,
2721                                       const struct cfg80211_bitrate_mask *mask)
2722 {
2723         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2724         struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);
2725         int i, ret;
2726 
2727         if (!ieee80211_sdata_running(sdata))
2728                 return -ENETDOWN;
2729 
2730         /*
2731          * If active validate the setting and reject it if it doesn't leave
2732          * at least one basic rate usable, since we really have to be able
2733          * to send something, and if we're an AP we have to be able to do
2734          * so at a basic rate so that all clients can receive it.
2735          */
2736         if (rcu_access_pointer(sdata->vif.chanctx_conf) &&
2737             sdata->vif.bss_conf.chandef.chan) {
2738                 u32 basic_rates = sdata->vif.bss_conf.basic_rates;
2739                 enum nl80211_band band = sdata->vif.bss_conf.chandef.chan->band;
2740 
2741                 if (!(mask->control[band].legacy & basic_rates))
2742                         return -EINVAL;
2743         }
2744 
2745         if (ieee80211_hw_check(&local->hw, HAS_RATE_CONTROL)) {
2746                 ret = drv_set_bitrate_mask(local, sdata, mask);
2747                 if (ret)
2748                         return ret;
2749         }
2750 
2751         for (i = 0; i < NUM_NL80211_BANDS; i++) {
2752                 struct ieee80211_supported_band *sband = wiphy->bands[i];
2753                 int j;
2754 
2755                 sdata->rc_rateidx_mask[i] = mask->control[i].legacy;
2756                 memcpy(sdata->rc_rateidx_mcs_mask[i], mask->control[i].ht_mcs,
2757                        sizeof(mask->control[i].ht_mcs));
2758                 memcpy(sdata->rc_rateidx_vht_mcs_mask[i],
2759                        mask->control[i].vht_mcs,
2760                        sizeof(mask->control[i].vht_mcs));
2761 
2762                 sdata->rc_has_mcs_mask[i] = false;
2763                 sdata->rc_has_vht_mcs_mask[i] = false;
2764                 if (!sband)
2765                         continue;
2766 
2767                 for (j = 0; j < IEEE80211_HT_MCS_MASK_LEN; j++) {
2768                         if (~sdata->rc_rateidx_mcs_mask[i][j]) {
2769                                 sdata->rc_has_mcs_mask[i] = true;
2770                                 break;
2771                         }
2772                 }
2773 
2774                 for (j = 0; j < NL80211_VHT_NSS_MAX; j++) {
2775                         if (~sdata->rc_rateidx_vht_mcs_mask[i][j]) {
2776                                 sdata->rc_has_vht_mcs_mask[i] = true;
2777                                 break;
2778                         }
2779                 }
2780         }
2781 
2782         return 0;
2783 }
2784 
2785 static int ieee80211_start_radar_detection(struct wiphy *wiphy,
2786                                            struct net_device *dev,
2787                                            struct cfg80211_chan_def *chandef,
2788                                            u32 cac_time_ms)
2789 {
2790         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
2791         struct ieee80211_local *local = sdata->local;
2792         int err;
2793 
2794         mutex_lock(&local->mtx);
2795         if (!list_empty(&local->roc_list) || local->scanning) {
2796                 err = -EBUSY;
2797                 goto out_unlock;
2798         }
2799 
2800         /* whatever, but channel contexts should not complain about that one */
2801         sdata->smps_mode = IEEE80211_SMPS_OFF;
2802         sdata->needed_rx_chains = local->rx_chains;
2803 
2804         err = ieee80211_vif_use_channel(sdata, chandef,
2805                                         IEEE80211_CHANCTX_SHARED);
2806         if (err)
2807                 goto out_unlock;
2808 
2809         ieee80211_queue_delayed_work(&sdata->local->hw,
2810                                      &sdata->dfs_cac_timer_work,
2811                                      msecs_to_jiffies(cac_time_ms));
2812 
2813  out_unlock:
2814         mutex_unlock(&local->mtx);
2815         return err;
2816 }
2817 
2818 static struct cfg80211_beacon_data *
2819 cfg80211_beacon_dup(struct cfg80211_beacon_data *beacon)
2820 {
2821         struct cfg80211_beacon_data *new_beacon;
2822         u8 *pos;
2823         int len;
2824 
2825         len = beacon->head_len + beacon->tail_len + beacon->beacon_ies_len +
2826               beacon->proberesp_ies_len + beacon->assocresp_ies_len +
2827               beacon->probe_resp_len;
2828 
2829         new_beacon = kzalloc(sizeof(*new_beacon) + len, GFP_KERNEL);
2830         if (!new_beacon)
2831                 return NULL;
2832 
2833         pos = (u8 *)(new_beacon + 1);
2834         if (beacon->head_len) {
2835                 new_beacon->head_len = beacon->head_len;
2836                 new_beacon->head = pos;
2837                 memcpy(pos, beacon->head, beacon->head_len);
2838                 pos += beacon->head_len;
2839         }
2840         if (beacon->tail_len) {
2841                 new_beacon->tail_len = beacon->tail_len;
2842                 new_beacon->tail = pos;
2843                 memcpy(pos, beacon->tail, beacon->tail_len);
2844                 pos += beacon->tail_len;
2845         }
2846         if (beacon->beacon_ies_len) {
2847                 new_beacon->beacon_ies_len = beacon->beacon_ies_len;
2848                 new_beacon->beacon_ies = pos;
2849                 memcpy(pos, beacon->beacon_ies, beacon->beacon_ies_len);
2850                 pos += beacon->beacon_ies_len;
2851         }
2852         if (beacon->proberesp_ies_len) {
2853                 new_beacon->proberesp_ies_len = beacon->proberesp_ies_len;
2854                 new_beacon->proberesp_ies = pos;
2855                 memcpy(pos, beacon->proberesp_ies, beacon->proberesp_ies_len);
2856                 pos += beacon->proberesp_ies_len;
2857         }
2858         if (beacon->assocresp_ies_len) {
2859                 new_beacon->assocresp_ies_len = beacon->assocresp_ies_len;
2860                 new_beacon->assocresp_ies = pos;
2861                 memcpy(pos, beacon->assocresp_ies, beacon->assocresp_ies_len);
2862                 pos += beacon->assocresp_ies_len;
2863         }
2864         if (beacon->probe_resp_len) {
2865                 new_beacon->probe_resp_len = beacon->probe_resp_len;
2866                 beacon->probe_resp = pos;
2867                 memcpy(pos, beacon->probe_resp, beacon->probe_resp_len);
2868                 pos += beacon->probe_resp_len;
2869         }
2870 
2871         return new_beacon;
2872 }
2873 
2874 void ieee80211_csa_finish(struct ieee80211_vif *vif)
2875 {
2876         struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
2877 
2878         ieee80211_queue_work(&sdata->local->hw,
2879                              &sdata->csa_finalize_work);
2880 }
2881 EXPORT_SYMBOL(ieee80211_csa_finish);
2882 
2883 static int ieee80211_set_after_csa_beacon(struct ieee80211_sub_if_data *sdata,
2884                                           u32 *changed)
2885 {
2886         int err;
2887 
2888         switch (sdata->vif.type) {
2889         case NL80211_IFTYPE_AP:
2890                 err = ieee80211_assign_beacon(sdata, sdata->u.ap.next_beacon,
2891                                               NULL);
2892                 kfree(sdata->u.ap.next_beacon);
2893                 sdata->u.ap.next_beacon = NULL;
2894 
2895                 if (err < 0)
2896                         return err;
2897                 *changed |= err;
2898                 break;
2899         case NL80211_IFTYPE_ADHOC:
2900                 err = ieee80211_ibss_finish_csa(sdata);
2901                 if (err < 0)
2902                         return err;
2903                 *changed |= err;
2904                 break;
2905 #ifdef CONFIG_MAC80211_MESH
2906         case NL80211_IFTYPE_MESH_POINT:
2907                 err = ieee80211_mesh_finish_csa(sdata);
2908                 if (err < 0)
2909                         return err;
2910                 *changed |= err;
2911                 break;
2912 #endif
2913         default:
2914                 WARN_ON(1);
2915                 return -EINVAL;
2916         }
2917 
2918         return 0;
2919 }
2920 
2921 static int __ieee80211_csa_finalize(struct ieee80211_sub_if_data *sdata)
2922 {
2923         struct ieee80211_local *local = sdata->local;
2924         u32 changed = 0;
2925         int err;
2926 
2927         sdata_assert_lock(sdata);
2928         lockdep_assert_held(&local->mtx);
2929         lockdep_assert_held(&local->chanctx_mtx);
2930 
2931         /*
2932          * using reservation isn't immediate as it may be deferred until later
2933          * with multi-vif. once reservation is complete it will re-schedule the
2934          * work with no reserved_chanctx so verify chandef to check if it
2935          * completed successfully
2936          */
2937 
2938         if (sdata->reserved_chanctx) {
2939                 /*
2940                  * with multi-vif csa driver may call ieee80211_csa_finish()
2941                  * many times while waiting for other interfaces to use their
2942                  * reservations
2943                  */
2944                 if (sdata->reserved_ready)
2945                         return 0;
2946 
2947                 return ieee80211_vif_use_reserved_context(sdata);
2948         }
2949 
2950         if (!cfg80211_chandef_identical(&sdata->vif.bss_conf.chandef,
2951                                         &sdata->csa_chandef))
2952                 return -EINVAL;
2953 
2954         sdata->vif.csa_active = false;
2955 
2956         err = ieee80211_set_after_csa_beacon(sdata, &changed);
2957         if (err)
2958                 return err;
2959 
2960         ieee80211_bss_info_change_notify(sdata, changed);
2961 
2962         if (sdata->csa_block_tx) {
2963                 ieee80211_wake_vif_queues(local, sdata,
2964                                           IEEE80211_QUEUE_STOP_REASON_CSA);
2965                 sdata->csa_block_tx = false;
2966         }
2967 
2968         err = drv_post_channel_switch(sdata);
2969         if (err)
2970                 return err;
2971 
2972         cfg80211_ch_switch_notify(sdata->dev, &sdata->csa_chandef);
2973 
2974         return 0;
2975 }
2976 
2977 static void ieee80211_csa_finalize(struct ieee80211_sub_if_data *sdata)
2978 {
2979         if (__ieee80211_csa_finalize(sdata)) {
2980                 sdata_info(sdata, "failed to finalize CSA, disconnecting\n");
2981                 cfg80211_stop_iface(sdata->local->hw.wiphy, &sdata->wdev,
2982                                     GFP_KERNEL);
2983         }
2984 }
2985 
2986 void ieee80211_csa_finalize_work(struct work_struct *work)
2987 {
2988         struct ieee80211_sub_if_data *sdata =
2989                 container_of(work, struct ieee80211_sub_if_data,
2990                              csa_finalize_work);
2991         struct ieee80211_local *local = sdata->local;
2992 
2993         sdata_lock(sdata);
2994         mutex_lock(&local->mtx);
2995         mutex_lock(&local->chanctx_mtx);
2996 
2997         /* AP might have been stopped while waiting for the lock. */
2998         if (!sdata->vif.csa_active)
2999                 goto unlock;
3000 
3001         if (!ieee80211_sdata_running(sdata))
3002                 goto unlock;
3003 
3004         ieee80211_csa_finalize(sdata);
3005 
3006 unlock:
3007         mutex_unlock(&local->chanctx_mtx);
3008         mutex_unlock(&local->mtx);
3009         sdata_unlock(sdata);
3010 }
3011 
3012 static int ieee80211_set_csa_beacon(struct ieee80211_sub_if_data *sdata,
3013                                     struct cfg80211_csa_settings *params,
3014                                     u32 *changed)
3015 {
3016         struct ieee80211_csa_settings csa = {};
3017         int err;
3018 
3019         switch (sdata->vif.type) {
3020         case NL80211_IFTYPE_AP:
3021                 sdata->u.ap.next_beacon =
3022                         cfg80211_beacon_dup(&params->beacon_after);
3023                 if (!sdata->u.ap.next_beacon)
3024                         return -ENOMEM;
3025 
3026                 /*
3027                  * With a count of 0, we don't have to wait for any
3028                  * TBTT before switching, so complete the CSA
3029                  * immediately.  In theory, with a count == 1 we
3030                  * should delay the switch until just before the next
3031                  * TBTT, but that would complicate things so we switch
3032                  * immediately too.  If we would delay the switch
3033                  * until the next TBTT, we would have to set the probe
3034                  * response here.
3035                  *
3036                  * TODO: A channel switch with count <= 1 without
3037                  * sending a CSA action frame is kind of useless,
3038                  * because the clients won't know we're changing
3039                  * channels.  The action frame must be implemented
3040                  * either here or in the userspace.
3041                  */
3042                 if (params->count <= 1)
3043                         break;
3044 
3045                 if ((params->n_counter_offsets_beacon >
3046                      IEEE80211_MAX_CSA_COUNTERS_NUM) ||
3047                     (params->n_counter_offsets_presp >
3048                      IEEE80211_MAX_CSA_COUNTERS_NUM))
3049                         return -EINVAL;
3050 
3051                 csa.counter_offsets_beacon = params->counter_offsets_beacon;
3052                 csa.counter_offsets_presp = params->counter_offsets_presp;
3053                 csa.n_counter_offsets_beacon = params->n_counter_offsets_beacon;
3054                 csa.n_counter_offsets_presp = params->n_counter_offsets_presp;
3055                 csa.count = params->count;
3056 
3057                 err = ieee80211_assign_beacon(sdata, &params->beacon_csa, &csa);
3058                 if (err < 0) {
3059                         kfree(sdata->u.ap.next_beacon);
3060                         return err;
3061                 }
3062                 *changed |= err;
3063 
3064                 break;
3065         case NL80211_IFTYPE_ADHOC:
3066                 if (!sdata->vif.bss_conf.ibss_joined)
3067                         return -EINVAL;
3068 
3069                 if (params->chandef.width != sdata->u.ibss.chandef.width)
3070                         return -EINVAL;
3071 
3072                 switch (params->chandef.width) {
3073                 case NL80211_CHAN_WIDTH_40:
3074                         if (cfg80211_get_chandef_type(&params->chandef) !=
3075                             cfg80211_get_chandef_type(&sdata->u.ibss.chandef))
3076                                 return -EINVAL;
3077                 case NL80211_CHAN_WIDTH_5:
3078                 case NL80211_CHAN_WIDTH_10:
3079                 case NL80211_CHAN_WIDTH_20_NOHT:
3080                 case NL80211_CHAN_WIDTH_20:
3081                         break;
3082                 default:
3083                         return -EINVAL;
3084                 }
3085 
3086                 /* changes into another band are not supported */
3087                 if (sdata->u.ibss.chandef.chan->band !=
3088                     params->chandef.chan->band)
3089                         return -EINVAL;
3090 
3091                 /* see comments in the NL80211_IFTYPE_AP block */
3092                 if (params->count > 1) {
3093                         err = ieee80211_ibss_csa_beacon(sdata, params);
3094                         if (err < 0)
3095                                 return err;
3096                         *changed |= err;
3097                 }
3098 
3099                 ieee80211_send_action_csa(sdata, params);
3100 
3101                 break;
3102 #ifdef CONFIG_MAC80211_MESH
3103         case NL80211_IFTYPE_MESH_POINT: {
3104                 struct ieee80211_if_mesh *ifmsh = &sdata->u.mesh;
3105 
3106                 if (params->chandef.width != sdata->vif.bss_conf.chandef.width)
3107                         return -EINVAL;
3108 
3109                 /* changes into another band are not supported */
3110                 if (sdata->vif.bss_conf.chandef.chan->band !=
3111                     params->chandef.chan->band)
3112                         return -EINVAL;
3113 
3114                 if (ifmsh->csa_role == IEEE80211_MESH_CSA_ROLE_NONE) {
3115                         ifmsh->csa_role = IEEE80211_MESH_CSA_ROLE_INIT;
3116                         if (!ifmsh->pre_value)
3117                                 ifmsh->pre_value = 1;
3118                         else
3119                                 ifmsh->pre_value++;
3120                 }
3121 
3122                 /* see comments in the NL80211_IFTYPE_AP block */
3123                 if (params->count > 1) {
3124                         err = ieee80211_mesh_csa_beacon(sdata, params);
3125                         if (err < 0) {
3126                                 ifmsh->csa_role = IEEE80211_MESH_CSA_ROLE_NONE;
3127                                 return err;
3128                         }
3129                         *changed |= err;
3130                 }
3131 
3132                 if (ifmsh->csa_role == IEEE80211_MESH_CSA_ROLE_INIT)
3133                         ieee80211_send_action_csa(sdata, params);
3134 
3135                 break;
3136                 }
3137 #endif
3138         default:
3139                 return -EOPNOTSUPP;
3140         }
3141 
3142         return 0;
3143 }
3144 
3145 static int
3146 __ieee80211_channel_switch(struct wiphy *wiphy, struct net_device *dev,
3147                            struct cfg80211_csa_settings *params)
3148 {
3149         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3150         struct ieee80211_local *local = sdata->local;
3151         struct ieee80211_channel_switch ch_switch;
3152         struct ieee80211_chanctx_conf *conf;
3153         struct ieee80211_chanctx *chanctx;
3154         u32 changed = 0;
3155         int err;
3156 
3157         sdata_assert_lock(sdata);
3158         lockdep_assert_held(&local->mtx);
3159 
3160         if (!list_empty(&local->roc_list) || local->scanning)
3161                 return -EBUSY;
3162 
3163         if (sdata->wdev.cac_started)
3164                 return -EBUSY;
3165 
3166         if (cfg80211_chandef_identical(&params->chandef,
3167                                        &sdata->vif.bss_conf.chandef))
3168                 return -EINVAL;
3169 
3170         /* don't allow another channel switch if one is already active. */
3171         if (sdata->vif.csa_active)
3172                 return -EBUSY;
3173 
3174         mutex_lock(&local->chanctx_mtx);
3175         conf = rcu_dereference_protected(sdata->vif.chanctx_conf,
3176                                          lockdep_is_held(&local->chanctx_mtx));
3177         if (!conf) {
3178                 err = -EBUSY;
3179                 goto out;
3180         }
3181 
3182         chanctx = container_of(conf, struct ieee80211_chanctx, conf);
3183 
3184         ch_switch.timestamp = 0;
3185         ch_switch.device_timestamp = 0;
3186         ch_switch.block_tx = params->block_tx;
3187         ch_switch.chandef = params->chandef;
3188         ch_switch.count = params->count;
3189 
3190         err = drv_pre_channel_switch(sdata, &ch_switch);
3191         if (err)
3192                 goto out;
3193 
3194         err = ieee80211_vif_reserve_chanctx(sdata, &params->chandef,
3195                                             chanctx->mode,
3196                                             params->radar_required);
3197         if (err)
3198                 goto out;
3199 
3200         /* if reservation is invalid then this will fail */
3201         err = ieee80211_check_combinations(sdata, NULL, chanctx->mode, 0);
3202         if (err) {
3203                 ieee80211_vif_unreserve_chanctx(sdata);
3204                 goto out;
3205         }
3206 
3207         err = ieee80211_set_csa_beacon(sdata, params, &changed);
3208         if (err) {
3209                 ieee80211_vif_unreserve_chanctx(sdata);
3210                 goto out;
3211         }
3212 
3213         sdata->csa_chandef = params->chandef;
3214         sdata->csa_block_tx = params->block_tx;
3215         sdata->vif.csa_active = true;
3216 
3217         if (sdata->csa_block_tx)
3218                 ieee80211_stop_vif_queues(local, sdata,
3219                                           IEEE80211_QUEUE_STOP_REASON_CSA);
3220 
3221         cfg80211_ch_switch_started_notify(sdata->dev, &sdata->csa_chandef,
3222                                           params->count);
3223 
3224         if (changed) {
3225                 ieee80211_bss_info_change_notify(sdata, changed);
3226                 drv_channel_switch_beacon(sdata, &params->chandef);
3227         } else {
3228                 /* if the beacon didn't change, we can finalize immediately */
3229                 ieee80211_csa_finalize(sdata);
3230         }
3231 
3232 out:
3233         mutex_unlock(&local->chanctx_mtx);
3234         return err;
3235 }
3236 
3237 int ieee80211_channel_switch(struct wiphy *wiphy, struct net_device *dev,
3238                              struct cfg80211_csa_settings *params)
3239 {
3240         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3241         struct ieee80211_local *local = sdata->local;
3242         int err;
3243 
3244         mutex_lock(&local->mtx);
3245         err = __ieee80211_channel_switch(wiphy, dev, params);
3246         mutex_unlock(&local->mtx);
3247 
3248         return err;
3249 }
3250 
3251 u64 ieee80211_mgmt_tx_cookie(struct ieee80211_local *local)
3252 {
3253         lockdep_assert_held(&local->mtx);
3254 
3255         local->roc_cookie_counter++;
3256 
3257         /* wow, you wrapped 64 bits ... more likely a bug */
3258         if (WARN_ON(local->roc_cookie_counter == 0))
3259                 local->roc_cookie_counter++;
3260 
3261         return local->roc_cookie_counter;
3262 }
3263 
3264 int ieee80211_attach_ack_skb(struct ieee80211_local *local, struct sk_buff *skb,
3265                              u64 *cookie, gfp_t gfp)
3266 {
3267         unsigned long spin_flags;
3268         struct sk_buff *ack_skb;
3269         int id;
3270 
3271         ack_skb = skb_copy(skb, gfp);
3272         if (!ack_skb)
3273                 return -ENOMEM;
3274 
3275         spin_lock_irqsave(&local->ack_status_lock, spin_flags);
3276         id = idr_alloc(&local->ack_status_frames, ack_skb,
3277                        1, 0x10000, GFP_ATOMIC);
3278         spin_unlock_irqrestore(&local->ack_status_lock, spin_flags);
3279 
3280         if (id < 0) {
3281                 kfree_skb(ack_skb);
3282                 return -ENOMEM;
3283         }
3284 
3285         IEEE80211_SKB_CB(skb)->ack_frame_id = id;
3286 
3287         *cookie = ieee80211_mgmt_tx_cookie(local);
3288         IEEE80211_SKB_CB(ack_skb)->ack.cookie = *cookie;
3289 
3290         return 0;
3291 }
3292 
3293 static void ieee80211_mgmt_frame_register(struct wiphy *wiphy,
3294                                           struct wireless_dev *wdev,
3295                                           u16 frame_type, bool reg)
3296 {
3297         struct ieee80211_local *local = wiphy_priv(wiphy);
3298         struct ieee80211_sub_if_data *sdata = IEEE80211_WDEV_TO_SUB_IF(wdev);
3299 
3300         switch (frame_type) {
3301         case IEEE80211_FTYPE_MGMT | IEEE80211_STYPE_PROBE_REQ:
3302                 if (reg) {
3303                         local->probe_req_reg++;
3304                         sdata->vif.probe_req_reg++;
3305                 } else {
3306                         if (local->probe_req_reg)
3307                                 local->probe_req_reg--;
3308 
3309                         if (sdata->vif.probe_req_reg)
3310                                 sdata->vif.probe_req_reg--;
3311                 }
3312 
3313                 if (!local->open_count)
3314                         break;
3315 
3316                 if (sdata->vif.probe_req_reg == 1)
3317                         drv_config_iface_filter(local, sdata, FIF_PROBE_REQ,
3318                                                 FIF_PROBE_REQ);
3319                 else if (sdata->vif.probe_req_reg == 0)
3320                         drv_config_iface_filter(local, sdata, 0,
3321                                                 FIF_PROBE_REQ);
3322 
3323                 ieee80211_configure_filter(local);
3324                 break;
3325         default:
3326                 break;
3327         }
3328 }
3329 
3330 static int ieee80211_set_antenna(struct wiphy *wiphy, u32 tx_ant, u32 rx_ant)
3331 {
3332         struct ieee80211_local *local = wiphy_priv(wiphy);
3333 
3334         if (local->started)
3335                 return -EOPNOTSUPP;
3336 
3337         return drv_set_antenna(local, tx_ant, rx_ant);
3338 }
3339 
3340 static int ieee80211_get_antenna(struct wiphy *wiphy, u32 *tx_ant, u32 *rx_ant)
3341 {
3342         struct ieee80211_local *local = wiphy_priv(wiphy);
3343 
3344         return drv_get_antenna(local, tx_ant, rx_ant);
3345 }
3346 
3347 static int ieee80211_set_rekey_data(struct wiphy *wiphy,
3348                                     struct net_device *dev,
3349                                     struct cfg80211_gtk_rekey_data *data)
3350 {
3351         struct ieee80211_local *local = wiphy_priv(wiphy);
3352         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3353 
3354         if (!local->ops->set_rekey_data)
3355                 return -EOPNOTSUPP;
3356 
3357         drv_set_rekey_data(local, sdata, data);
3358 
3359         return 0;
3360 }
3361 
3362 static int ieee80211_probe_client(struct wiphy *wiphy, struct net_device *dev,
3363                                   const u8 *peer, u64 *cookie)
3364 {
3365         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3366         struct ieee80211_local *local = sdata->local;
3367         struct ieee80211_qos_hdr *nullfunc;
3368         struct sk_buff *skb;
3369         int size = sizeof(*nullfunc);
3370         __le16 fc;
3371         bool qos;
3372         struct ieee80211_tx_info *info;
3373         struct sta_info *sta;
3374         struct ieee80211_chanctx_conf *chanctx_conf;
3375         enum nl80211_band band;
3376         int ret;
3377 
3378         /* the lock is needed to assign the cookie later */
3379         mutex_lock(&local->mtx);
3380 
3381         rcu_read_lock();
3382         chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
3383         if (WARN_ON(!chanctx_conf)) {
3384                 ret = -EINVAL;
3385                 goto unlock;
3386         }
3387         band = chanctx_conf->def.chan->band;
3388         sta = sta_info_get_bss(sdata, peer);
3389         if (sta) {
3390                 qos = sta->sta.wme;
3391         } else {
3392                 ret = -ENOLINK;
3393                 goto unlock;
3394         }
3395 
3396         if (qos) {
3397                 fc = cpu_to_le16(IEEE80211_FTYPE_DATA |
3398                                  IEEE80211_STYPE_QOS_NULLFUNC |
3399                                  IEEE80211_FCTL_FROMDS);
3400         } else {
3401                 size -= 2;
3402                 fc = cpu_to_le16(IEEE80211_FTYPE_DATA |
3403                                  IEEE80211_STYPE_NULLFUNC |
3404                                  IEEE80211_FCTL_FROMDS);
3405         }
3406 
3407         skb = dev_alloc_skb(local->hw.extra_tx_headroom + size);
3408         if (!skb) {
3409                 ret = -ENOMEM;
3410                 goto unlock;
3411         }
3412 
3413         skb->dev = dev;
3414 
3415         skb_reserve(skb, local->hw.extra_tx_headroom);
3416 
3417         nullfunc = skb_put(skb, size);
3418         nullfunc->frame_control = fc;
3419         nullfunc->duration_id = 0;
3420         memcpy(nullfunc->addr1, sta->sta.addr, ETH_ALEN);
3421         memcpy(nullfunc->addr2, sdata->vif.addr, ETH_ALEN);
3422         memcpy(nullfunc->addr3, sdata->vif.addr, ETH_ALEN);
3423         nullfunc->seq_ctrl = 0;
3424 
3425         info = IEEE80211_SKB_CB(skb);
3426 
3427         info->flags |= IEEE80211_TX_CTL_REQ_TX_STATUS |
3428                        IEEE80211_TX_INTFL_NL80211_FRAME_TX;
3429         info->band = band;
3430 
3431         skb_set_queue_mapping(skb, IEEE80211_AC_VO);
3432         skb->priority = 7;
3433         if (qos)
3434                 nullfunc->qos_ctrl = cpu_to_le16(7);
3435 
3436         ret = ieee80211_attach_ack_skb(local, skb, cookie, GFP_ATOMIC);
3437         if (ret) {
3438                 kfree_skb(skb);
3439                 goto unlock;
3440         }
3441 
3442         local_bh_disable();
3443         ieee80211_xmit(sdata, sta, skb);
3444         local_bh_enable();
3445 
3446         ret = 0;
3447 unlock:
3448         rcu_read_unlock();
3449         mutex_unlock(&local->mtx);
3450 
3451         return ret;
3452 }
3453 
3454 static int ieee80211_cfg_get_channel(struct wiphy *wiphy,
3455                                      struct wireless_dev *wdev,
3456                                      struct cfg80211_chan_def *chandef)
3457 {
3458         struct ieee80211_sub_if_data *sdata = IEEE80211_WDEV_TO_SUB_IF(wdev);
3459         struct ieee80211_local *local = wiphy_priv(wiphy);
3460         struct ieee80211_chanctx_conf *chanctx_conf;
3461         int ret = -ENODATA;
3462 
3463         rcu_read_lock();
3464         chanctx_conf = rcu_dereference(sdata->vif.chanctx_conf);
3465         if (chanctx_conf) {
3466                 *chandef = sdata->vif.bss_conf.chandef;
3467                 ret = 0;
3468         } else if (local->open_count > 0 &&
3469                    local->open_count == local->monitors &&
3470                    sdata->vif.type == NL80211_IFTYPE_MONITOR) {
3471                 if (local->use_chanctx)
3472                         *chandef = local->monitor_chandef;
3473                 else
3474                         *chandef = local->_oper_chandef;
3475                 ret = 0;
3476         }
3477         rcu_read_unlock();
3478 
3479         return ret;
3480 }
3481 
3482 #ifdef CONFIG_PM
3483 static void ieee80211_set_wakeup(struct wiphy *wiphy, bool enabled)
3484 {
3485         drv_set_wakeup(wiphy_priv(wiphy), enabled);
3486 }
3487 #endif
3488 
3489 static int ieee80211_set_qos_map(struct wiphy *wiphy,
3490                                  struct net_device *dev,
3491                                  struct cfg80211_qos_map *qos_map)
3492 {
3493         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3494         struct mac80211_qos_map *new_qos_map, *old_qos_map;
3495 
3496         if (qos_map) {
3497                 new_qos_map = kzalloc(sizeof(*new_qos_map), GFP_KERNEL);
3498                 if (!new_qos_map)
3499                         return -ENOMEM;
3500                 memcpy(&new_qos_map->qos_map, qos_map, sizeof(*qos_map));
3501         } else {
3502                 /* A NULL qos_map was passed to disable QoS mapping */
3503                 new_qos_map = NULL;
3504         }
3505 
3506         old_qos_map = sdata_dereference(sdata->qos_map, sdata);
3507         rcu_assign_pointer(sdata->qos_map, new_qos_map);
3508         if (old_qos_map)
3509                 kfree_rcu(old_qos_map, rcu_head);
3510 
3511         return 0;
3512 }
3513 
3514 static int ieee80211_set_ap_chanwidth(struct wiphy *wiphy,
3515                                       struct net_device *dev,
3516                                       struct cfg80211_chan_def *chandef)
3517 {
3518         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3519         int ret;
3520         u32 changed = 0;
3521 
3522         ret = ieee80211_vif_change_bandwidth(sdata, chandef, &changed);
3523         if (ret == 0)
3524                 ieee80211_bss_info_change_notify(sdata, changed);
3525 
3526         return ret;
3527 }
3528 
3529 static int ieee80211_add_tx_ts(struct wiphy *wiphy, struct net_device *dev,
3530                                u8 tsid, const u8 *peer, u8 up,
3531                                u16 admitted_time)
3532 {
3533         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3534         struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
3535         int ac = ieee802_1d_to_ac[up];
3536 
3537         if (sdata->vif.type != NL80211_IFTYPE_STATION)
3538                 return -EOPNOTSUPP;
3539 
3540         if (!(sdata->wmm_acm & BIT(up)))
3541                 return -EINVAL;
3542 
3543         if (ifmgd->tx_tspec[ac].admitted_time)
3544                 return -EBUSY;
3545 
3546         if (admitted_time) {
3547                 ifmgd->tx_tspec[ac].admitted_time = 32 * admitted_time;
3548                 ifmgd->tx_tspec[ac].tsid = tsid;
3549                 ifmgd->tx_tspec[ac].up = up;
3550         }
3551 
3552         return 0;
3553 }
3554 
3555 static int ieee80211_del_tx_ts(struct wiphy *wiphy, struct net_device *dev,
3556                                u8 tsid, const u8 *peer)
3557 {
3558         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3559         struct ieee80211_if_managed *ifmgd = &sdata->u.mgd;
3560         struct ieee80211_local *local = wiphy_priv(wiphy);
3561         int ac;
3562 
3563         for (ac = 0; ac < IEEE80211_NUM_ACS; ac++) {
3564                 struct ieee80211_sta_tx_tspec *tx_tspec = &ifmgd->tx_tspec[ac];
3565 
3566                 /* skip unused entries */
3567                 if (!tx_tspec->admitted_time)
3568                         continue;
3569 
3570                 if (tx_tspec->tsid != tsid)
3571                         continue;
3572 
3573                 /* due to this new packets will be reassigned to non-ACM ACs */
3574                 tx_tspec->up = -1;
3575 
3576                 /* Make sure that all packets have been sent to avoid to
3577                  * restore the QoS params on packets that are still on the
3578                  * queues.
3579                  */
3580                 synchronize_net();
3581                 ieee80211_flush_queues(local, sdata, false);
3582 
3583                 /* restore the normal QoS parameters
3584                  * (unconditionally to avoid races)
3585                  */
3586                 tx_tspec->action = TX_TSPEC_ACTION_STOP_DOWNGRADE;
3587                 tx_tspec->downgraded = false;
3588                 ieee80211_sta_handle_tspec_ac_params(sdata);
3589 
3590                 /* finally clear all the data */
3591                 memset(tx_tspec, 0, sizeof(*tx_tspec));
3592 
3593                 return 0;
3594         }
3595 
3596         return -ENOENT;
3597 }
3598 
3599 void ieee80211_nan_func_terminated(struct ieee80211_vif *vif,
3600                                    u8 inst_id,
3601                                    enum nl80211_nan_func_term_reason reason,
3602                                    gfp_t gfp)
3603 {
3604         struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
3605         struct cfg80211_nan_func *func;
3606         u64 cookie;
3607 
3608         if (WARN_ON(vif->type != NL80211_IFTYPE_NAN))
3609                 return;
3610 
3611         spin_lock_bh(&sdata->u.nan.func_lock);
3612 
3613         func = idr_find(&sdata->u.nan.function_inst_ids, inst_id);
3614         if (WARN_ON(!func)) {
3615                 spin_unlock_bh(&sdata->u.nan.func_lock);
3616                 return;
3617         }
3618 
3619         cookie = func->cookie;
3620         idr_remove(&sdata->u.nan.function_inst_ids, inst_id);
3621 
3622         spin_unlock_bh(&sdata->u.nan.func_lock);
3623 
3624         cfg80211_free_nan_func(func);
3625 
3626         cfg80211_nan_func_terminated(ieee80211_vif_to_wdev(vif), inst_id,
3627                                      reason, cookie, gfp);
3628 }
3629 EXPORT_SYMBOL(ieee80211_nan_func_terminated);
3630 
3631 void ieee80211_nan_func_match(struct ieee80211_vif *vif,
3632                               struct cfg80211_nan_match_params *match,
3633                               gfp_t gfp)
3634 {
3635         struct ieee80211_sub_if_data *sdata = vif_to_sdata(vif);
3636         struct cfg80211_nan_func *func;
3637 
3638         if (WARN_ON(vif->type != NL80211_IFTYPE_NAN))
3639                 return;
3640 
3641         spin_lock_bh(&sdata->u.nan.func_lock);
3642 
3643         func = idr_find(&sdata->u.nan.function_inst_ids,  match->inst_id);
3644         if (WARN_ON(!func)) {
3645                 spin_unlock_bh(&sdata->u.nan.func_lock);
3646                 return;
3647         }
3648         match->cookie = func->cookie;
3649 
3650         spin_unlock_bh(&sdata->u.nan.func_lock);
3651 
3652         cfg80211_nan_match(ieee80211_vif_to_wdev(vif), match, gfp);
3653 }
3654 EXPORT_SYMBOL(ieee80211_nan_func_match);
3655 
3656 static int ieee80211_set_multicast_to_unicast(struct wiphy *wiphy,
3657                                               struct net_device *dev,
3658                                               const bool enabled)
3659 {
3660         struct ieee80211_sub_if_data *sdata = IEEE80211_DEV_TO_SUB_IF(dev);
3661 
3662         sdata->u.ap.multicast_to_unicast = enabled;
3663 
3664         return 0;
3665 }
3666 
3667 const struct cfg80211_ops mac80211_config_ops = {
3668         .add_virtual_intf = ieee80211_add_iface,
3669         .del_virtual_intf = ieee80211_del_iface,
3670         .change_virtual_intf = ieee80211_change_iface,
3671         .start_p2p_device = ieee80211_start_p2p_device,
3672         .stop_p2p_device = ieee80211_stop_p2p_device,
3673         .add_key = ieee80211_add_key,
3674         .del_key = ieee80211_del_key,
3675         .get_key = ieee80211_get_key,
3676         .set_default_key = ieee80211_config_default_key,
3677         .set_default_mgmt_key = ieee80211_config_default_mgmt_key,
3678         .start_ap = ieee80211_start_ap,
3679         .change_beacon = ieee80211_change_beacon,
3680         .stop_ap = ieee80211_stop_ap,
3681         .add_station = ieee80211_add_station,
3682         .del_station = ieee80211_del_station,
3683         .change_station = ieee80211_change_station,
3684         .get_station = ieee80211_get_station,
3685         .dump_station = ieee80211_dump_station,
3686         .dump_survey = ieee80211_dump_survey,
3687 #ifdef CONFIG_MAC80211_MESH
3688         .add_mpath = ieee80211_add_mpath,
3689         .del_mpath = ieee80211_del_mpath,
3690         .change_mpath = ieee80211_change_mpath,
3691         .get_mpath = ieee80211_get_mpath,
3692         .dump_mpath = ieee80211_dump_mpath,
3693         .get_mpp = ieee80211_get_mpp,
3694         .dump_mpp = ieee80211_dump_mpp,
3695         .update_mesh_config = ieee80211_update_mesh_config,
3696         .get_mesh_config = ieee80211_get_mesh_config,
3697         .join_mesh = ieee80211_join_mesh,
3698         .leave_mesh = ieee80211_leave_mesh,
3699 #endif
3700         .join_ocb = ieee80211_join_ocb,
3701         .leave_ocb = ieee80211_leave_ocb,
3702         .change_bss = ieee80211_change_bss,
3703         .set_txq_params = ieee80211_set_txq_params,
3704         .set_monitor_channel = ieee80211_set_monitor_channel,
3705         .suspend = ieee80211_suspend,
3706         .resume = ieee80211_resume,
3707         .scan = ieee80211_scan,
3708         .abort_scan = ieee80211_abort_scan,
3709         .sched_scan_start = ieee80211_sched_scan_start,
3710         .sched_scan_stop = ieee80211_sched_scan_stop,
3711         .auth = ieee80211_auth,
3712         .assoc = ieee80211_assoc,
3713         .deauth = ieee80211_deauth,
3714         .disassoc = ieee80211_disassoc,
3715         .join_ibss = ieee80211_join_ibss,
3716         .leave_ibss = ieee80211_leave_ibss,
3717         .set_mcast_rate = ieee80211_set_mcast_rate,
3718         .set_wiphy_params = ieee80211_set_wiphy_params,
3719         .set_tx_power = ieee80211_set_tx_power,
3720         .get_tx_power = ieee80211_get_tx_power,
3721         .set_wds_peer = ieee80211_set_wds_peer,
3722         .rfkill_poll = ieee80211_rfkill_poll,
3723         CFG80211_TESTMODE_CMD(ieee80211_testmode_cmd)
3724         CFG80211_TESTMODE_DUMP(ieee80211_testmode_dump)
3725         .set_power_mgmt = ieee80211_set_power_mgmt,
3726         .set_bitrate_mask = ieee80211_set_bitrate_mask,
3727         .remain_on_channel = ieee80211_remain_on_channel,
3728         .cancel_remain_on_channel = ieee80211_cancel_remain_on_channel,
3729         .mgmt_tx = ieee80211_mgmt_tx,
3730         .mgmt_tx_cancel_wait = ieee80211_mgmt_tx_cancel_wait,
3731         .set_cqm_rssi_config = ieee80211_set_cqm_rssi_config,
3732         .set_cqm_rssi_range_config = ieee80211_set_cqm_rssi_range_config,
3733         .mgmt_frame_register = ieee80211_mgmt_frame_register,
3734         .set_antenna = ieee80211_set_antenna,
3735         .get_antenna = ieee80211_get_antenna,
3736         .set_rekey_data = ieee80211_set_rekey_data,
3737         .tdls_oper = ieee80211_tdls_oper,
3738         .tdls_mgmt = ieee80211_tdls_mgmt,
3739         .tdls_channel_switch = ieee80211_tdls_channel_switch,
3740         .tdls_cancel_channel_switch = ieee80211_tdls_cancel_channel_switch,
3741         .probe_client = ieee80211_probe_client,
3742         .set_noack_map = ieee80211_set_noack_map,
3743 #ifdef CONFIG_PM
3744         .set_wakeup = ieee80211_set_wakeup,
3745 #endif
3746         .get_channel = ieee80211_cfg_get_channel,
3747         .start_radar_detection = ieee80211_start_radar_detection,
3748         .channel_switch = ieee80211_channel_switch,
3749         .set_qos_map = ieee80211_set_qos_map,
3750         .set_ap_chanwidth = ieee80211_set_ap_chanwidth,
3751         .add_tx_ts = ieee80211_add_tx_ts,
3752         .del_tx_ts = ieee80211_del_tx_ts,
3753         .start_nan = ieee80211_start_nan,
3754         .stop_nan = ieee80211_stop_nan,
3755         .nan_change_conf = ieee80211_nan_change_conf,
3756         .add_nan_func = ieee80211_add_nan_func,
3757         .del_nan_func = ieee80211_del_nan_func,
3758         .set_multicast_to_unicast = ieee80211_set_multicast_to_unicast,
3759 };
3760 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp