conststruct ieee80211_rate *
ieee80211_get_response_rate(struct ieee80211_supported_band *sband,
u32 basic_rates, int bitrate)
{ struct ieee80211_rate *result = &sband->bitrates[0]; int i;
for (i = 0; i < sband->n_bitrates; i++) { if (!(basic_rates & BIT(i))) continue; if (sband->bitrates[i].bitrate > bitrate) continue;
result = &sband->bitrates[i];
}
for (band = 0; band < NUM_NL80211_BANDS; band++) if (wiphy->bands[band])
set_mandatory_flags_band(wiphy->bands[band]);
}
bool cfg80211_supported_cipher_suite(struct wiphy *wiphy, u32 cipher)
{ int i; for (i = 0; i < wiphy->n_cipher_suites; i++) if (cipher == wiphy->cipher_suites[i]) returntrue; returnfalse;
}
for (i = 0; i < wiphy->n_cipher_suites; i++) { switch (wiphy->cipher_suites[i]) { case WLAN_CIPHER_SUITE_AES_CMAC: case WLAN_CIPHER_SUITE_BIP_CMAC_256: case WLAN_CIPHER_SUITE_BIP_GMAC_128: case WLAN_CIPHER_SUITE_BIP_GMAC_256: returntrue;
}
}
returnfalse;
}
bool cfg80211_valid_key_idx(struct cfg80211_registered_device *rdev, int key_idx, bool pairwise)
{ int max_key_idx;
if (key_idx < 0 || key_idx > max_key_idx) returnfalse;
returntrue;
}
int cfg80211_validate_key_settings(struct cfg80211_registered_device *rdev, struct key_params *params, int key_idx, bool pairwise, const u8 *mac_addr)
{ if (!cfg80211_valid_key_idx(rdev, key_idx, pairwise)) return -EINVAL;
if (!pairwise && mac_addr && !(rdev->wiphy.flags & WIPHY_FLAG_IBSS_RSN)) return -EINVAL;
if (pairwise && !mac_addr) return -EINVAL;
switch (params->cipher) { case WLAN_CIPHER_SUITE_TKIP: /* Extended Key ID can only be used with CCMP/GCMP ciphers */ if ((pairwise && key_idx) ||
params->mode != NL80211_KEY_RX_TX) return -EINVAL; break; case WLAN_CIPHER_SUITE_CCMP: case WLAN_CIPHER_SUITE_CCMP_256: case WLAN_CIPHER_SUITE_GCMP: case WLAN_CIPHER_SUITE_GCMP_256: /* IEEE802.11-2016 allows only 0 and - when supporting * Extended Key ID - 1 as index for pairwise keys. * @NL80211_KEY_NO_TX is only allowed for pairwise keys when * the driver supports Extended Key ID. * @NL80211_KEY_SET_TX can't be set when installing and * validating a key.
*/ if ((params->mode == NL80211_KEY_NO_TX && !pairwise) ||
params->mode == NL80211_KEY_SET_TX) return -EINVAL; if (wiphy_ext_feature_isset(&rdev->wiphy,
NL80211_EXT_FEATURE_EXT_KEY_ID)) { if (pairwise && (key_idx < 0 || key_idx > 1)) return -EINVAL;
} elseif (pairwise && key_idx) { return -EINVAL;
} break; case WLAN_CIPHER_SUITE_AES_CMAC: case WLAN_CIPHER_SUITE_BIP_CMAC_256: case WLAN_CIPHER_SUITE_BIP_GMAC_128: case WLAN_CIPHER_SUITE_BIP_GMAC_256: /* Disallow BIP (group-only) cipher as pairwise cipher */ if (pairwise) return -EINVAL; if (key_idx < 4) return -EINVAL; break; case WLAN_CIPHER_SUITE_WEP40: case WLAN_CIPHER_SUITE_WEP104: if (key_idx > 3) return -EINVAL; break; default: break;
}
switch (params->cipher) { case WLAN_CIPHER_SUITE_WEP40: if (params->key_len != WLAN_KEY_LEN_WEP40) return -EINVAL; break; case WLAN_CIPHER_SUITE_TKIP: if (params->key_len != WLAN_KEY_LEN_TKIP) return -EINVAL; break; case WLAN_CIPHER_SUITE_CCMP: if (params->key_len != WLAN_KEY_LEN_CCMP) return -EINVAL; break; case WLAN_CIPHER_SUITE_CCMP_256: if (params->key_len != WLAN_KEY_LEN_CCMP_256) return -EINVAL; break; case WLAN_CIPHER_SUITE_GCMP: if (params->key_len != WLAN_KEY_LEN_GCMP) return -EINVAL; break; case WLAN_CIPHER_SUITE_GCMP_256: if (params->key_len != WLAN_KEY_LEN_GCMP_256) return -EINVAL; break; case WLAN_CIPHER_SUITE_WEP104: if (params->key_len != WLAN_KEY_LEN_WEP104) return -EINVAL; break; case WLAN_CIPHER_SUITE_AES_CMAC: if (params->key_len != WLAN_KEY_LEN_AES_CMAC) return -EINVAL; break; case WLAN_CIPHER_SUITE_BIP_CMAC_256: if (params->key_len != WLAN_KEY_LEN_BIP_CMAC_256) return -EINVAL; break; case WLAN_CIPHER_SUITE_BIP_GMAC_128: if (params->key_len != WLAN_KEY_LEN_BIP_GMAC_128) return -EINVAL; break; case WLAN_CIPHER_SUITE_BIP_GMAC_256: if (params->key_len != WLAN_KEY_LEN_BIP_GMAC_256) return -EINVAL; break; default: /* * We don't know anything about this algorithm, * allow using it -- but the driver must check * all parameters! We still check below whether * or not the driver supports this algorithm, * of course.
*/ break;
}
if (params->seq) { switch (params->cipher) { case WLAN_CIPHER_SUITE_WEP40: case WLAN_CIPHER_SUITE_WEP104: /* These ciphers do not use key sequence */ return -EINVAL; case WLAN_CIPHER_SUITE_TKIP: case WLAN_CIPHER_SUITE_CCMP: case WLAN_CIPHER_SUITE_CCMP_256: case WLAN_CIPHER_SUITE_GCMP: case WLAN_CIPHER_SUITE_GCMP_256: case WLAN_CIPHER_SUITE_AES_CMAC: case WLAN_CIPHER_SUITE_BIP_CMAC_256: case WLAN_CIPHER_SUITE_BIP_GMAC_128: case WLAN_CIPHER_SUITE_BIP_GMAC_256: if (params->seq_len != 6) return -EINVAL; break;
}
}
if (!cfg80211_supported_cipher_suite(&rdev->wiphy, params->cipher)) return -EINVAL;
if (ieee80211_is_ext(fc)) {
hdrlen = 4; goto out;
}
if (ieee80211_is_data(fc)) { if (ieee80211_has_a4(fc))
hdrlen = 30; if (ieee80211_is_data_qos(fc)) {
hdrlen += IEEE80211_QOS_CTL_LEN; if (ieee80211_has_order(fc))
hdrlen += IEEE80211_HT_CTL_LEN;
} goto out;
}
if (ieee80211_is_mgmt(fc)) { if (ieee80211_has_order(fc))
hdrlen += IEEE80211_HT_CTL_LEN; goto out;
}
if (ieee80211_is_ctl(fc)) { /* * ACK and CTS are 10 bytes, all others 16. To see how * to get this condition consider * subtype mask: 0b0000000011110000 (0x00F0) * ACK subtype: 0b0000000011010000 (0x00D0) * CTS subtype: 0b0000000011000000 (0x00C0) * bits that matter: ^^^ (0x00E0) * value of those: 0b0000000011000000 (0x00C0)
*/ if ((fc & cpu_to_le16(0x00E0)) == cpu_to_le16(0x00C0))
hdrlen = 10; else
hdrlen = 16;
}
out: return hdrlen;
}
EXPORT_SYMBOL(ieee80211_hdrlen);
/* convert IEEE 802.11 header + possible LLC headers into Ethernet * header * IEEE 802.11 address fields: * ToDS FromDS Addr1 Addr2 Addr3 Addr4 * 0 0 DA SA BSSID n/a * 0 1 DA BSSID SA n/a * 1 0 BSSID SA DA n/a * 1 1 RA TA DA SA
*/
memcpy(tmp.h_dest, ieee80211_get_DA(hdr), ETH_ALEN);
memcpy(tmp.h_source, ieee80211_get_SA(hdr), ETH_ALEN);
staticstruct sk_buff *
__ieee80211_amsdu_copy(struct sk_buff *skb, unsignedint hlen, int offset, int len, bool reuse_frag, int min_len)
{ struct sk_buff *frame; int cur_len = len;
if (skb->len - offset < len) return NULL;
/* * When reusing fragments, copy some data to the head to simplify * ethernet header handling and speed up protocol header processing * in the stack later.
*/ if (reuse_frag)
cur_len = min_t(int, len, min_len);
/* * Allocate and reserve two bytes more for payload * alignment since sizeof(struct ethhdr) is 14.
*/
frame = dev_alloc_skb(hlen + sizeof(struct ethhdr) + 2 + cur_len); if (!frame) return NULL;
/* * Detects if an MSDU frame was maliciously converted into an A-MSDU * frame by an adversary. This is done by parsing the received frame * as if it were a regular MSDU, even though the A-MSDU flag is set. * * For non-mesh interfaces, detection involves checking whether the * payload, when interpreted as an MSDU, begins with a valid RFC1042 * header. This is done by comparing the A-MSDU subheader's destination * address to the start of the RFC1042 header. * * For mesh interfaces, the MSDU includes a 6-byte Mesh Control field * and an optional variable-length Mesh Address Extension field before * the RFC1042 header. The position of the RFC1042 header must therefore * be calculated based on the mesh header length. * * Since this function intentionally parses an A-MSDU frame as an MSDU, * it only assumes that the A-MSDU subframe header is present, and * beyond this it performs its own bounds checks under the assumption * that the frame is instead parsed as a non-aggregated MSDU.
*/ staticbool
is_amsdu_aggregation_attack(struct ethhdr *eth, struct sk_buff *skb, enum nl80211_iftype iftype)
{ int offset;
/* Non-mesh case can be directly compared */ if (iftype != NL80211_IFTYPE_MESH_POINT) return ether_addr_equal(eth->h_dest, rfc1042_header);
offset = __ieee80211_get_mesh_hdrlen(eth->h_dest[0]); if (offset == 6) { /* Mesh case with empty address extension field */ return ether_addr_equal(eth->h_source, rfc1042_header);
} elseif (offset + ETH_ALEN <= skb->len) { /* Mesh case with non-empty address extension field */
u8 temp[ETH_ALEN];
/* the last MSDU has no padding */ if (subframe_len > remaining) goto purge; /* mitigate A-MSDU aggregation injection attacks, to be * checked when processing first subframe (offset == 0).
*/ if (offset == 0 && is_amsdu_aggregation_attack(&hdr.eth, skb, iftype)) goto purge;
/* Given a data frame determine the 802.1p/1d tag to use. */ unsignedint cfg80211_classify8021d(struct sk_buff *skb, struct cfg80211_qos_map *qos_map)
{ unsignedint dscp; unsignedchar vlan_priority; unsignedint ret;
/* skb->priority values from 256->263 are magic values to * directly indicate a specific 802.1d priority. This is used * to allow 802.1d priority to be passed directly in from VLAN * tags, etc.
*/ if (skb->priority >= 256 && skb->priority <= 263) {
ret = skb->priority - 256; goto out;
}
if (skb_vlan_tag_present(skb)) {
vlan_priority = (skb_vlan_tag_get(skb) & VLAN_PRIO_MASK)
>> VLAN_PRIO_SHIFT; if (vlan_priority > 0) {
ret = vlan_priority; goto out;
}
}
switch (skb->protocol) { case htons(ETH_P_IP):
dscp = ipv4_get_dsfield(ip_hdr(skb)) & 0xfc; break; case htons(ETH_P_IPV6):
dscp = ipv6_get_dsfield(ipv6_hdr(skb)) & 0xfc; break; case htons(ETH_P_MPLS_UC): case htons(ETH_P_MPLS_MC): { struct mpls_label mpls_tmp, *mpls;
ret = (ntohl(mpls->entry) & MPLS_LS_TC_MASK)
>> MPLS_LS_TC_SHIFT; goto out;
} case htons(ETH_P_80221): /* 802.21 is always network control traffic */ return 7; default: return 0;
}
if (qos_map) { unsignedint i, tmp_dscp = dscp >> 2;
for (i = 0; i < qos_map->num_des; i++) { if (tmp_dscp == qos_map->dscp_exception[i].dscp) {
ret = qos_map->dscp_exception[i].up; goto out;
}
}
for (i = 0; i < 8; i++) { if (tmp_dscp >= qos_map->up[i].low &&
tmp_dscp <= qos_map->up[i].high) {
ret = i; goto out;
}
}
}
/* The default mapping as defined Section 2.3 in RFC8325: The three * Most Significant Bits (MSBs) of the DSCP are used as the * corresponding L2 markings.
*/
ret = dscp >> 5;
/* Handle specific DSCP values for which the default mapping (as * described above) doesn't adhere to the intended usage of the DSCP * value. See section 4 in RFC8325. Specifically, for the following * Diffserv Service Classes no update is needed: * - Standard: DF * - Low Priority Data: CS1 * - Multimedia Conferencing: AF41, AF42, AF43 * - Network Control Traffic: CS7 * - Real-Time Interactive: CS4 * - Signaling: CS5
*/ switch (dscp >> 2) { case 10: case 12: case 14: /* High throughput data: AF11, AF12, AF13 */
ret = 0; break; case 16: /* Operations, Administration, and Maintenance and Provisioning: * CS2
*/
ret = 0; break; case 18: case 20: case 22: /* Low latency data: AF21, AF22, AF23 */
ret = 3; break; case 24: /* Broadcasting video: CS3 */
ret = 4; break; case 26: case 28: case 30: /* Multimedia Streaming: AF31, AF32, AF33 */
ret = 4; break; case 44: /* Voice Admit: VA */
ret = 6; break; case 46: /* Telephony traffic: EF */
ret = 6; break; case 48: /* Network Control Traffic: CS6 */
ret = 7; break;
}
out: return array_index_nospec(ret, IEEE80211_NUM_TIDS);
}
EXPORT_SYMBOL(cfg80211_classify8021d);
for (i = 0; i < 4; i++) { if (!wdev->connect_keys->params[i].cipher) continue; if (rdev_add_key(rdev, dev, -1, i, false, NULL,
&wdev->connect_keys->params[i])) {
netdev_err(dev, "failed to set key %d\n", i); continue;
} if (wdev->connect_keys->def == i &&
rdev_set_default_key(rdev, dev, -1, i, true, true)) {
netdev_err(dev, "failed to set defkey %d\n", i); continue;
}
}
/* don't support changing VLANs, you just re-create them */ if (otype == NL80211_IFTYPE_AP_VLAN) return -EOPNOTSUPP;
/* cannot change into P2P device or NAN */ if (ntype == NL80211_IFTYPE_P2P_DEVICE ||
ntype == NL80211_IFTYPE_NAN) return -EOPNOTSUPP;
if (!rdev->ops->change_virtual_intf ||
!(rdev->wiphy.interface_modes & (1 << ntype))) return -EOPNOTSUPP;
if (ntype != otype) { /* if it's part of a bridge, reject changing type to station/ibss */ if (netif_is_bridge_port(dev) &&
(ntype == NL80211_IFTYPE_ADHOC ||
ntype == NL80211_IFTYPE_STATION ||
ntype == NL80211_IFTYPE_P2P_CLIENT)) return -EBUSY;
switch (otype) { case NL80211_IFTYPE_AP: case NL80211_IFTYPE_P2P_GO:
cfg80211_stop_ap(rdev, dev, -1, true); break; case NL80211_IFTYPE_ADHOC:
cfg80211_leave_ibss(rdev, dev, false); break; case NL80211_IFTYPE_STATION: case NL80211_IFTYPE_P2P_CLIENT:
cfg80211_disconnect(rdev, dev,
WLAN_REASON_DEAUTH_LEAVING, true); break; case NL80211_IFTYPE_MESH_POINT: /* mesh should be handled? */ break; case NL80211_IFTYPE_OCB:
cfg80211_leave_ocb(rdev, dev); break; default: break;
}
if (!err) {
dev->priv_flags &= ~IFF_DONT_BRIDGE; switch (ntype) { case NL80211_IFTYPE_STATION: if (dev->ieee80211_ptr->use_4addr) break;
fallthrough; case NL80211_IFTYPE_OCB: case NL80211_IFTYPE_P2P_CLIENT: case NL80211_IFTYPE_ADHOC:
dev->priv_flags |= IFF_DONT_BRIDGE; break; case NL80211_IFTYPE_P2P_GO: case NL80211_IFTYPE_AP: case NL80211_IFTYPE_AP_VLAN: case NL80211_IFTYPE_MESH_POINT: /* bridging OK */ break; case NL80211_IFTYPE_MONITOR: /* monitor can't bridge anyway */ break; case NL80211_IFTYPE_UNSPECIFIED: case NUM_NL80211_IFTYPES: /* not happening */ break; case NL80211_IFTYPE_P2P_DEVICE: case NL80211_IFTYPE_WDS: case NL80211_IFTYPE_NAN:
WARN_ON(1); break;
}
}
switch (rate->bw) { case RATE_INFO_BW_16:
idx = 4; break; case RATE_INFO_BW_8:
idx = 3; break; case RATE_INFO_BW_4:
idx = 2; break; case RATE_INFO_BW_2:
idx = 1; break; case RATE_INFO_BW_1:
idx = 0; break; case RATE_INFO_BW_5: case RATE_INFO_BW_10: case RATE_INFO_BW_20: case RATE_INFO_BW_40: case RATE_INFO_BW_80: case RATE_INFO_BW_160: default: goto warn;
}
while (elem_len > 255) { /* this one is 255 */
*len_pos = 255; /* remaining data gets smaller */
elem_len -= 255; /* make space for the fragment ID/len in SKB */
skb_put(skb, 2); /* shift back the remaining data to place fragment ID/len */
memmove(len_pos + 255 + 3, len_pos + 255 + 1, elem_len); /* place the fragment ID */
len_pos += 255 + 1;
*len_pos = frag_id; /* and point to fragment length to update later */
len_pos++;
}
if (new_beacon_int && *beacon_int_gcd != new_beacon_int) { if (*beacon_int_gcd)
*beacon_int_different = true;
*beacon_int_gcd = gcd(*beacon_int_gcd, new_beacon_int);
}
}
int cfg80211_validate_beacon_int(struct cfg80211_registered_device *rdev, enum nl80211_iftype iftype, u32 beacon_int)
{ /* * This is just a basic pre-condition check; if interface combinations * are possible the driver must already be checking those with a call * to cfg80211_check_combinations(), in which case we'll validate more * through the cfg80211_calculate_bi_data() call and code in * cfg80211_iter_combinations().
*/
if (beacon_int < 10 || beacon_int > 10000) return -EINVAL;
return 0;
}
int cfg80211_iter_combinations(struct wiphy *wiphy, struct iface_combination_params *params, void (*iter)(conststruct ieee80211_iface_combination *c, void *data), void *data)
{ conststruct wiphy_radio *radio = NULL; conststruct ieee80211_iface_combination *c, *cs; conststruct ieee80211_regdomain *regdom; enum nl80211_dfs_regions region = 0; int i, j, n, iftype; int num_interfaces = 0;
u32 used_iftypes = 0;
u32 beacon_int_gcd; bool beacon_int_different;
if (params->radio_idx >= 0)
radio = &wiphy->radio[params->radio_idx];
/* * This is a bit strange, since the iteration used to rely only on * the data given by the driver, but here it now relies on context, * in form of the currently operating interfaces. * This is OK for all current users, and saves us from having to * push the GCD calculations into all the drivers. * In the future, this should probably rely more on data that's in * cfg80211 already - the only thing not would appear to be any new * interfaces (while being brought up) and channel/radar data.
*/
cfg80211_calculate_bi_data(wiphy, params->new_beacon_int,
&beacon_int_gcd, &beacon_int_different,
params->radio_idx);
if (params->radar_detect) {
rcu_read_lock();
regdom = rcu_dereference(cfg80211_regdomain); if (regdom)
region = regdom->dfs_region;
rcu_read_unlock();
}
if (radio) {
cs = radio->iface_combinations;
n = radio->n_iface_combinations;
} else {
cs = wiphy->iface_combinations;
n = wiphy->n_iface_combinations;
} for (i = 0; i < n; i++) { struct ieee80211_iface_limit *limits;
u32 all_iftypes = 0;
c = &cs[i]; if (num_interfaces > c->max_interfaces) continue; if (params->num_different_channels > c->num_different_channels) continue;
limits = kmemdup_array(c->limits, c->n_limits, sizeof(*limits),
GFP_KERNEL); if (!limits) return -ENOMEM;
for (iftype = 0; iftype < NUM_NL80211_IFTYPES; iftype++) { if (cfg80211_iftype_allowed(wiphy, iftype, 0, 1)) continue; for (j = 0; j < c->n_limits; j++) {
all_iftypes |= limits[j].types; if (!(limits[j].types & BIT(iftype))) continue; if (limits[j].max < params->iftype_num[iftype]) goto cont;
limits[j].max -= params->iftype_num[iftype];
}
}
if (params->radar_detect !=
(c->radar_detect_widths & params->radar_detect)) goto cont;
if (params->radar_detect && c->radar_detect_regions &&
!(c->radar_detect_regions & BIT(region))) goto cont;
/* Finally check that all iftypes that we're currently * using are actually part of this combination. If they * aren't then we can't use this combination and have * to continue to the next.
*/ if ((all_iftypes & used_iftypes) != used_iftypes) goto cont;
if (beacon_int_gcd) { if (c->beacon_int_min_gcd &&
beacon_int_gcd < c->beacon_int_min_gcd) goto cont; if (!c->beacon_int_min_gcd && beacon_int_different) goto cont;
}
/* This combination covered all interface types and * supported the requested numbers, so we're good.
*/
int ieee80211_get_vht_max_nss(struct ieee80211_vht_cap *cap, enum ieee80211_vht_chanwidth bw, int mcs, bool ext_nss_bw_capable, unsignedint max_vht_nss)
{
u16 map = le16_to_cpu(cap->supp_mcs.rx_mcs_map); int ext_nss_bw; int supp_width; int i, mcs_encoding;
/* * links are controlled by upper layers (userspace/cfg) * only for AP mode, so only remove them here for AP
*/ if (wdev->iftype != NL80211_IFTYPE_AP) return;
if (wdev->valid_links) {
for_each_valid_link(wdev, link_id)
cfg80211_remove_link(wdev, link_id);
}
}
int cfg80211_remove_virtual_intf(struct cfg80211_registered_device *rdev, struct wireless_dev *wdev)
{
cfg80211_remove_links(wdev);
Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.
Bemerkung:
Die farbliche Syntaxdarstellung und die Messung sind noch experimentell.
