19 Jun, 2009
3 commits
-
When I disallowed interfering with stations on non-AP interfaces,
I not only forget mesh but also managed interfaces which need
this for the authorized flag. Let's actually validate everything
properly.This fixes an nl80211 regression introduced by the interfering,
under which wpa_supplicant -Dnl80211 could not properly connect.Signed-off-by: Johannes Berg
Signed-off-by: John W. Linville -
Mesh Point interfaces can also set parameters, for example plink_open is
used to manually establish peer links from user-space (currently via
iw). Add Mesh Point to the check in nl80211_set_station.Signed-off-by: Andrey Yurovsky
Signed-off-by: John W. Linville -
Commit b2a151a288 added a check that prevents adding or deleting
stations on non-AP interfaces. Adding and deleting stations is
supported for Mesh Point interfaces, so add Mesh Point to that check as
well.Signed-off-by: Andrey Yurovsky
Signed-off-by: John W. Linville
04 Jun, 2009
4 commits
-
nl80211_michael_mic_failure can be called in atomic context but
does a GFP_KERNEL allocation. Fixes the error below:[ 126.793225] BUG: sleeping function called from invalid context at mm/slab.c:3055
[ 126.793234] in_atomic(): 1, irqs_disabled(): 0, pid: 0, name: swapper
[ 126.793241] 2 locks held by swapper/0:
[ 126.793246] #0: (&sc->rxbuflock){+.-.+.}, at: [] ath5k_tasklet_rx+0x34/0x55e [ath5k]
[ 126.793294] #1: (rcu_read_lock){.+.+.+}, at: [] __ieee80211_rx+0x7e/0x563 [mac80211]
[ 126.793342] Pid: 0, comm: swapper Not tainted 2.6.30-rc7-wl #124
[ 126.793347] Call Trace:
[ 126.793361] [] ? __debug_show_held_locks+0x1e/0x20
[ 126.793380] [] __might_sleep+0x100/0x107
[ 126.793386] [] kmem_cache_alloc+0x35/0x170
[ 126.793393] [] ? __alloc_skb+0x2e/0x117
[ 126.793397] [] ? mark_held_locks+0x43/0x5b
[ 126.793402] [] __alloc_skb+0x2e/0x117
[ 126.793419] [] nl80211_michael_mic_failure+0x2a/0x1fa [cfg80211]
[ 126.793425] [] ? trace_hardirqs_on_caller+0xf6/0x130
[ 126.793430] [] ? trace_hardirqs_on+0xb/0xd
[ 126.793444] [] cfg80211_michael_mic_failure+0x30/0x38 [cfg80211]
[ 126.793463] [] mac80211_ev_michael_mic_failure+0xfd/0x108 [mac80211]
[ 126.793480] [] ieee80211_rx_h_michael_mic_verify+0xd4/0x117 [mac80211]
[ 126.793499] [] ieee80211_invoke_rx_handlers+0xdde/0x1963 [mac80211]
[ 126.793505] [] ? sched_clock+0x3f/0x64
[ 126.793511] [] ? sched_clock+0x3f/0x64
[ 126.793516] [] ? trace_hardirqs_off+0xb/0xd
[ 126.793521] [] ? sched_clock+0x3f/0x64
[ 126.793526] [] ? __lock_acquire+0x62c/0x1271
[ 126.793545] [] __ieee80211_rx_handle_packet+0x543/0x564 [mac80211]
[ 126.793564] [] __ieee80211_rx+0x4e2/0x563 [mac80211]
[ 126.793577] [] ath5k_tasklet_rx+0x4e4/0x55e [ath5k]
[ 126.793583] [] ? restore_nocheck_notrace+0x0/0xe
[ 126.793589] [] tasklet_action+0x92/0xe5
[ 126.793594] [] __do_softirq+0xb1/0x182
[ 126.793599] [] do_softirq+0x30/0x48
[ 126.793603] [] irq_exit+0x3d/0x74
[ 126.793609] [] do_IRQ+0x76/0x8c
[ 126.793613] [] common_interrupt+0x2e/0x34
[ 126.793618] [] ? timer_list_show+0x277/0x939
[ 126.793630] [] ? acpi_idle_enter_bm+0x266/0x291 [processor]
[ 126.793636] [] cpuidle_idle_call+0x6a/0x9c
[ 126.793640] [] cpu_idle+0x53/0x87
[ 126.793645] [] rest_init+0x6c/0x6e
[ 126.793651] [] start_kernel+0x286/0x28b
[ 126.793656] [] __init_begin+0x37/0x3cSigned-off-by: Bob Copeland
Signed-off-by: John W. Linville -
On non-AP interfaces userspace has no business interfering with
the station management, this can confuse mac80211 (and other
drivers probably wouldn't support it anyway). Allow adding and
removing stations only on AP interfaces.(Reconcile this w/ previous version of patch posted with same
subject... -- JWL)Signed-off-by: Johannes Berg
Signed-off-by: John W. Linville -
When a scan finishes only the program that asked for it
knows what kind of scan it was; let's tell everybody else
about the scan parameters as well so they can evaluate
the result of the scan better. Also helps with debugging.Signed-off-by: Johannes Berg
Signed-off-by: John W. Linville -
We have some validation code in mac80211 but said code will
force an invalid AID to 0 which isn't a valid AID either;
instead require a valid AID (1-2007) to be passed in from
userspace in cfg80211 already. Also move the code before
the race comment since it can only be executed during STA
addition and thus is not racy.Signed-off-by: Johannes Berg
Signed-off-by: John W. Linville
27 May, 2009
1 commit
-
It's going away. Just leave the constant "20" here so that
behavior doesn't change.Signed-off-by: David S. Miller
25 May, 2009
1 commit
22 May, 2009
1 commit
-
Use genl_register_family_with_ops() instead of a copy.
Signed-off-by: Michał Mirosław
Signed-off-by: David S. Miller
21 May, 2009
5 commits
-
There is a race on access to last_request and its alpha2
through reg_is_valid_request() and us possibly processing
first another regulatory request on another CPU. We avoid
this improbably race by locking with the cfg80211_mutex as
we should have done in the first place. While at it add
the assert on locking on reg_is_valid_request().Cc: stable@kernel.org
Signed-off-by: Luis R. Rodriguez
Signed-off-by: John W. Linville -
This has no functional change, but it will make the race
fix easier to spot in my next patch.Cc: stable@kernel.org
Signed-off-by: Luis R. Rodriguez
Signed-off-by: John W. Linville -
This has no functional change except we save a kfree(rd) and
allows us to clean this code up a bit after this. We do
avoid an unnecessary kfree(NULL) but calling that was OK too.Cc: stable@kernel.org
Signed-off-by: Luis R. Rodriguez
Signed-off-by: John W. Linville -
Validate RSC (NL80211_ATTR_KEY_SEQ) length in nl80211/cfg80211 instead
of having to do this in all the drivers.Signed-off-by: Jouni Malinen
Signed-off-by: John W. Linville -
Thanks to nl80211 userspace can be very specific upon device
configuration. Before processing the request for the new HT40
channel types (HT40- or HT40+) we need to ensure we can use them
regulatory-wise. This wasn't required with wireless extensions as
specifying the channel type wasn't not available and configuration
was done towards the end implicitly upon association or reception
of beacons from the AP. For the new nl80211 we have to check this
when configuring the interfaces explicitly.Signed-off-by: Luis R. Rodriguez
Signed-off-by: John W. Linville
20 May, 2009
1 commit
-
nlmsg_new() adds the size of the netlink header to the value
that has been passed as parameter. If NLMSG_GOODSIZE is selected,
we request an allocation of one memory page plus the size of the
header. Instead, NLMSG_DEFAULT_SIZE should be used since it
already substracts the size of the Netlink header.I have the impression that the similar naming in both constant
is error prone when using it with nlmsg_new(). This is already
documented in include/net/netlink.hSigned-off-by: Pablo Neira Ayuso
Signed-off-by: David S. Miller
14 May, 2009
5 commits
-
When setting a key with NL80211_CMD_NEW_KEY, we should allow the key
sequence number (RSC) to be set in order to allow replay protection to
work correctly for group keys. This patch documents this use for
nl80211 and adds the couple of missing pieces in nl80211/cfg80211 and
mac80211 to support this. In addition, WEXT SIOCSIWENCODEEXT compat
processing in cfg80211 is extended to handle the RSC (this was already
specified in WEXT, but just not implemented in cfg80211/mac80211).Signed-off-by: Jouni Malinen
Signed-off-by: John W. Linville -
Add a new NL80211_ATTR_CONTROL_PORT flag for NL80211_CMD_ASSOCIATE to
allow user space to indicate that it will control the IEEE 802.1X port
in station mode. Previously, mac80211 was always marking the port
authorized in station mode. This was enough when drop_unencrypted flag
was set. However, drop_unencrypted can currently be controlled only
with WEXT and the current nl80211 design does not allow fully secure
configuration. Fix this by providing a mechanism for user space to
control the IEEE 802.1X port in station mode (i.e., do the same that
we are already doing in AP mode).Signed-off-by: Jouni Malinen
Signed-off-by: John W. Linville -
It is currently not possible to modify station flags, but that
capability would be very useful. This patch introduces a new
nl80211 attribute that contains a set/mask for station flags,
and updates the internal API (and mac80211) to mirror that.The new attribute is parsed before falling back to the old so
that userspace can specify both (if it can) to work on all
kernels.Signed-off-by: Johannes Berg
Signed-off-by: Jouni Malinen
Signed-off-by: John W. Linville -
NL80211_STA_FLAG_MFP was forgotten from sta_flags_policy. The previous
version added the flag due to the loop used in parse_station_flags,
but the proper behavior would be to allow nla_parse_nested() to go
through the policy for all flags.Signed-off-by: Jouni Malinen
Signed-off-by: John W. Linville -
Move key handling wireless extension ioctls from mac80211 to cfg80211
so that all drivers that implement the cfg80211 operations get wext
compatibility.Note that this drops the SIOCGIWENCODE ioctl support for getting
IW_ENCODE_RESTRICTED/IW_ENCODE_OPEN. This means that iwconfig will
no longer report "Security mode:open" or "Security mode:restricted"
for mac80211. However, what we displayed there (the authentication
algo used) was actually wrong -- linux/wireless.h states that this
setting is meant to differentiate between "Refuse non-encoded packets"
and "Accept non-encoded packets".(Combined with "cfg80211: fix a couple of bugs with key ioctls". -- JWL)
Signed-off-by: Johannes Berg
Signed-off-by: John W. Linville
12 May, 2009
2 commits
-
On non-AP interfaces userspace has no business interfering with
the station management, this can confuse mac80211 (and other
drivers probably wouldn't support it anyway). Allow adding and
removing stations only on AP interfaces.Signed-off-by: Johannes Berg
Signed-off-by: John W. Linville -
NL80211_CMD_ASSOCIATE request must be able to indicate whether
management frame protection (IEEE 802.11w) is being used. mac80211 was
able to use MFP in client mode only with WEXT, but the new
NL80211_ATTR_USE_MFP attribute will allow this to be done with
nl80211, too.Since we are currently using nl80211 for MFP only with drivers that
use user space SME, only MFP disabled and required values are
used. However, the NL80211_ATTR_USE_MFP attribute is an enum that can
be extended with MFP optional in the future, if that is needed with
some drivers (e.g., if the RSN IE is generated by the driver).Signed-off-by: Jouni Malinen
Signed-off-by: John W. Linville
07 May, 2009
1 commit
-
Fixes sparse complaint:
CHECK net/wireless/nl80211.c
net/wireless/nl80211.c:3694:6:
warning: symbol 'nl80211_send_mlme_timeout'
was not declared. Should it be static?Signed-off-by: Luis R. Rodriguez
Signed-off-by: John W. Linville
23 Apr, 2009
15 commits
-
SME needs to be notified when the authentication or association
attempt times out and MLME has stopped processing in order to allow
the SME to decide what to do next.Signed-off-by: Jouni Malinen
Signed-off-by: John W. Linville -
Make the JOIN_IBSS command look at the beacon interval
attribute to see if the user requested a specific beacon
interval, if not default to 100 TU (wext too).Signed-off-by: Johannes Berg
Signed-off-by: John W. Linville -
When we leave an IBSS, we should clear the SSID and not just the
BSSID, but since WEXT allows configuring while the interface is
down we must not clear it when leaving due to taking the iface
down, so some complications are needed.Signed-off-by: Johannes Berg
Signed-off-by: John W. Linville -
Add new nl80211 attributes that can be used with NL80211_CMD_SET_WIPHY
and NL80211_CMD_GET_WIPHY to manage fragmentation/RTS threshold and
retry limits.Since these values are stored in struct wiphy, remove the local copy
from mac80211 where feasible (frag & rts threshold). The retry limits
are currently needed in struct ieee80211_conf, but these could be
eventually removed since the driver should have access to the values
in struct wiphy.Signed-off-by: Jouni Malinen
Signed-off-by: Johannes Berg
Signed-off-by: John W. Linville -
This adds IBSS API along with (preliminary) wext handlers.
The wext handlers can only do IBSS so you need to call them
from your own wext handlers if the mode is IBSS.The nl80211 API requires
* an SSID
* a channel (frequency) for the case that a new IBSS
has to be createdIt optionally supports
* a flag to fix the channel
* a fixed BSSIDThe cfg80211 code also takes care to leave the IBSS before
the netdev is set down. If wireless extensions are used, it
also caches values when the interface is down and instructs
the driver to join when the interface is set up.Signed-off-by: Johannes Berg
Signed-off-by: John W. Linville -
When listing all wireless netdevs in the system this
is useful to print which wiphy they belong to. Just
add the attribute, any program that doesn't care will
just ignore it.Signed-off-by: Johannes Berg
Signed-off-by: John W. Linville -
This adds the necessary code and fields to let drivers specify
their cipher capabilities and exports them to userspace. Also
update mac80211 to export the ciphers it has.Signed-off-by: Johannes Berg
Signed-off-by: John W. Linville -
This informs userspace when a change has occured on a world
roaming wiphy's channel which has lifted some restrictions
due to a regulatory beacon hint.Because this is now sent to userspace through the regulatory
multicast group we remove the debug prints we used to use as
they are no longer necessary.Acked-by: Johannes Berg
Signed-off-by: Luis R. Rodriguez
Signed-off-by: John W. Linville -
This adds a netlink channel put helper, nl80211_msg_put_channel(),
which we will also make use of later for the beacon hints events.Acked-by: Johannes Berg
Signed-off-by: Luis R. Rodriguez
Signed-off-by: John W. Linville -
Instead of just passing the cfg80211-requested IEs, pass
the locally generated ones as well.Signed-off-by: Johannes Berg
Signed-off-by: John W. Linville -
This patch introduces a new attribute for a wiphy that tells
userspace how long the information elements added to a probe
request frame can be at most. It also updates the at76 to
advertise that it cannot support that, and, for now until I
can fix that, iwlwifi too.Signed-off-by: Johannes Berg
Signed-off-by: John W. Linville -
Define a new nl80211 event, NL80211_CMD_MICHAEL_MIC_FAILURE, to be
used to notify user space about locally detected Michael MIC failures.
This matches with the MLME-MICHAELMICFAILURE.indication() primitive.Since we do not actually have TSC in the skb anymore when
mac80211_ev_michael_mic_failure() is called, that function is changed
to take in the TSC as an optional parameter instead of as a
requirement to include the TSC after the hdr field (which we did not
really follow). For now, TSC is not included in the events from
mac80211, but it could be added at some point.Signed-off-by: Jouni Malinen
Signed-off-by: John W. Linville -
Previously, nl80211 mlme events were generated only for received
deauthentication and disassociation frames. We need to do the same for
locally generated ones in order to let applications know that we
disconnected (e.g., when AP does not reply to a probe). Rename the
nl80211 and cfg80211 functions (s/rx_//) to make it clearer that they
are used for both received and locally generated frames.Signed-off-by: Jouni Malinen
Signed-off-by: John W. Linville -
NL80211_ATTR_AUTH_TYPE is a required parameter for
NL80211_CMD_AUTHENTICATE. We are currently (by chance) defaulting to
open system authentication if the attribute is not specified. It is
better to just reject the invalid command.Signed-off-by: Jouni Malinen
Signed-off-by: John W. Linville -
This patch changes nl80211 to:
* validate that any IE input is a valid IE (stream)
* move some validation code before locking
* require that a reason code is given for both deauth/disassocSigned-off-by: Johannes Berg
Signed-off-by: John W. Linville
21 Apr, 2009
1 commit
-
One of the code paths sending deauth/disassoc events ends up calling
this function with rcu_read_lock held, so we must use GFP_ATOMIC in
allocation routines.Reported-by: Johannes Berg
Signed-off-by: Jouni Malinen
Signed-off-by: John W. Linville