// SPDX-License-Identifier: GPL-2.0 /****************************************************************************** * * Copyright(c) 2007 - 2012 Realtek Corporation. All rights reserved. * ******************************************************************************/ #include #include #include #include #include #include #include #define RTL_IOCTL_WPA_SUPPLICANT (SIOCIWFIRSTPRIV+30) #define SCAN_ITEM_SIZE 768 #define MAX_CUSTOM_LEN 64 #define RATE_COUNT 4 /* combo scan */ #define WEXT_CSCAN_HEADER "CSCAN S\x01\x00\x00S\x00" #define WEXT_CSCAN_HEADER_SIZE 12 #define WEXT_CSCAN_SSID_SECTION 'S' #define WEXT_CSCAN_CHANNEL_SECTION 'C' #define WEXT_CSCAN_ACTV_DWELL_SECTION 'A' #define WEXT_CSCAN_PASV_DWELL_SECTION 'P' #define WEXT_CSCAN_HOME_DWELL_SECTION 'H' #define WEXT_CSCAN_TYPE_SECTION 'T' static int wpa_set_auth_algs(struct net_device *dev, u32 value) { struct adapter *padapter = rtw_netdev_priv(dev); int ret = 0; if ((value & IW_AUTH_ALG_SHARED_KEY) && (value & IW_AUTH_ALG_OPEN_SYSTEM)) { padapter->securitypriv.ndisencryptstatus = Ndis802_11Encryption1Enabled; padapter->securitypriv.ndisauthtype = Ndis802_11AuthModeAutoSwitch; padapter->securitypriv.dot11AuthAlgrthm = dot11AuthAlgrthm_Auto; } else if (value & IW_AUTH_ALG_SHARED_KEY) { padapter->securitypriv.ndisencryptstatus = Ndis802_11Encryption1Enabled; padapter->securitypriv.ndisauthtype = Ndis802_11AuthModeShared; padapter->securitypriv.dot11AuthAlgrthm = dot11AuthAlgrthm_Shared; } else if (value & IW_AUTH_ALG_OPEN_SYSTEM) { /* padapter->securitypriv.ndisencryptstatus = Ndis802_11EncryptionDisabled; */ if (padapter->securitypriv.ndisauthtype < Ndis802_11AuthModeWPAPSK) { padapter->securitypriv.ndisauthtype = Ndis802_11AuthModeOpen; padapter->securitypriv.dot11AuthAlgrthm = dot11AuthAlgrthm_Open; } } else { ret = -EINVAL; } return ret; } static int wpa_set_encryption(struct net_device *dev, struct ieee_param *param, u32 param_len) { int ret = 0; u8 max_idx; u32 wep_key_idx, wep_key_len, wep_total_len; struct ndis_802_11_wep *pwep = NULL; struct adapter *padapter = rtw_netdev_priv(dev); struct mlme_priv *pmlmepriv = &padapter->mlmepriv; struct security_priv *psecuritypriv = &padapter->securitypriv; param->u.crypt.err = 0; param->u.crypt.alg[IEEE_CRYPT_ALG_NAME_LEN - 1] = '\0'; if (param_len < (u32)((u8 *)param->u.crypt.key - (u8 *)param) + param->u.crypt.key_len) { ret = -EINVAL; goto exit; } if (param->sta_addr[0] != 0xff || param->sta_addr[1] != 0xff || param->sta_addr[2] != 0xff || param->sta_addr[3] != 0xff || param->sta_addr[4] != 0xff || param->sta_addr[5] != 0xff) { ret = -EINVAL; goto exit; } if (strcmp(param->u.crypt.alg, "WEP") == 0) max_idx = WEP_KEYS - 1; else max_idx = BIP_MAX_KEYID; if (param->u.crypt.idx > max_idx) { netdev_err(dev, "Error crypt.idx %d > %d\n", param->u.crypt.idx, max_idx); ret = -EINVAL; goto exit; } if (strcmp(param->u.crypt.alg, "WEP") == 0) { padapter->securitypriv.ndisencryptstatus = Ndis802_11Encryption1Enabled; padapter->securitypriv.dot11PrivacyAlgrthm = _WEP40_; padapter->securitypriv.dot118021XGrpPrivacy = _WEP40_; wep_key_idx = param->u.crypt.idx; wep_key_len = param->u.crypt.key_len; if (wep_key_len > 0) { wep_key_len = wep_key_len <= 5 ? 5 : 13; wep_total_len = wep_key_len + FIELD_OFFSET(struct ndis_802_11_wep, key_material); pwep = kzalloc(wep_total_len, GFP_KERNEL); if (!pwep) { ret = -ENOMEM; goto exit; } pwep->key_length = wep_key_len; pwep->length = wep_total_len; if (wep_key_len == 13) { padapter->securitypriv.dot11PrivacyAlgrthm = _WEP104_; padapter->securitypriv.dot118021XGrpPrivacy = _WEP104_; } } else { ret = -EINVAL; goto exit; } pwep->key_index = wep_key_idx; pwep->key_index |= 0x80000000; memcpy(pwep->key_material, param->u.crypt.key, pwep->key_length); if (param->u.crypt.set_tx) { if (rtw_set_802_11_add_wep(padapter, pwep) == (u8)_FAIL) ret = -EOPNOTSUPP; } else { /* don't update "psecuritypriv->dot11PrivacyAlgrthm" and */ /* psecuritypriv->dot11PrivacyKeyIndex =keyid", but can rtw_set_key to fw/cam */ if (wep_key_idx >= WEP_KEYS) { ret = -EOPNOTSUPP; goto exit; } memcpy(&(psecuritypriv->dot11DefKey[wep_key_idx].skey[0]), pwep->key_material, pwep->key_length); psecuritypriv->dot11DefKeylen[wep_key_idx] = pwep->key_length; rtw_set_key(padapter, psecuritypriv, wep_key_idx, 0, true); } goto exit; } if (padapter->securitypriv.dot11AuthAlgrthm == dot11AuthAlgrthm_8021X) { /* 802_1x */ struct sta_info *psta, *pbcmc_sta; struct sta_priv *pstapriv = &padapter->stapriv; if (check_fwstate(pmlmepriv, WIFI_STATION_STATE | WIFI_MP_STATE) == true) { /* sta mode */ psta = rtw_get_stainfo(pstapriv, get_bssid(pmlmepriv)); if (!psta) { /* DEBUG_ERR(("Set wpa_set_encryption: Obtain Sta_info fail\n")); */ } else { /* Jeff: don't disable ieee8021x_blocked while clearing key */ if (strcmp(param->u.crypt.alg, "none") != 0) psta->ieee8021x_blocked = false; if ((padapter->securitypriv.ndisencryptstatus == Ndis802_11Encryption2Enabled) || (padapter->securitypriv.ndisencryptstatus == Ndis802_11Encryption3Enabled)) { psta->dot118021XPrivacy = padapter->securitypriv.dot11PrivacyAlgrthm; } if (param->u.crypt.set_tx == 1) { /* pairwise key */ memcpy(psta->dot118021x_UncstKey.skey, param->u.crypt.key, (param->u.crypt.key_len > 16 ? 16 : param->u.crypt.key_len)); if (strcmp(param->u.crypt.alg, "TKIP") == 0) { /* set mic key */ /* DEBUG_ERR(("\nset key length :param->u.crypt.key_len =%d\n", param->u.crypt.key_len)); */ memcpy(psta->dot11tkiptxmickey.skey, &(param->u.crypt.key[16]), 8); memcpy(psta->dot11tkiprxmickey.skey, &(param->u.crypt.key[24]), 8); padapter->securitypriv.busetkipkey = false; /* _set_timer(&padapter->securitypriv.tkip_timer, 50); */ } rtw_setstakey_cmd(padapter, psta, true, true); } else { /* group key */ if (strcmp(param->u.crypt.alg, "TKIP") == 0 || strcmp(param->u.crypt.alg, "CCMP") == 0) { memcpy(padapter->securitypriv.dot118021XGrpKey[param->u.crypt.idx].skey, param->u.crypt.key, (param->u.crypt.key_len > 16 ? 16 : param->u.crypt.key_len)); /* only TKIP group key need to install this */ if (param->u.crypt.key_len > 16) { memcpy(padapter->securitypriv.dot118021XGrptxmickey[param->u.crypt.idx].skey, &(param->u.crypt.key[16]), 8); memcpy(padapter->securitypriv.dot118021XGrprxmickey[param->u.crypt.idx].skey, &(param->u.crypt.key[24]), 8); } padapter->securitypriv.binstallGrpkey = true; padapter->securitypriv.dot118021XGrpKeyid = param->u.crypt.idx; rtw_set_key(padapter, &padapter->securitypriv, param->u.crypt.idx, 1, true); } else if (strcmp(param->u.crypt.alg, "BIP") == 0) { /* printk("BIP key_len =%d , index =%d @@@@@@@@@@@@@@@@@@\n", param->u.crypt.key_len, param->u.crypt.idx); */ /* save the IGTK key, length 16 bytes */ memcpy(padapter->securitypriv.dot11wBIPKey[param->u.crypt.idx].skey, param->u.crypt.key, (param->u.crypt.key_len > 16 ? 16 : param->u.crypt.key_len)); /*printk("IGTK key below:\n"); for (no = 0;no<16;no++) printk(" %02x ", padapter->securitypriv.dot11wBIPKey[param->u.crypt.idx].skey[no]); printk("\n");*/ padapter->securitypriv.dot11wBIPKeyid = param->u.crypt.idx; padapter->securitypriv.binstallBIPkey = true; } } } pbcmc_sta = rtw_get_bcmc_stainfo(padapter); if (!pbcmc_sta) { /* DEBUG_ERR(("Set OID_802_11_ADD_KEY: bcmc stainfo is null\n")); */ } else { /* Jeff: don't disable ieee8021x_blocked while clearing key */ if (strcmp(param->u.crypt.alg, "none") != 0) pbcmc_sta->ieee8021x_blocked = false; if ((padapter->securitypriv.ndisencryptstatus == Ndis802_11Encryption2Enabled) || (padapter->securitypriv.ndisencryptstatus == Ndis802_11Encryption3Enabled)) { pbcmc_sta->dot118021XPrivacy = padapter->securitypriv.dot11PrivacyAlgrthm; } } } else if (check_fwstate(pmlmepriv, WIFI_ADHOC_STATE)) { /* adhoc mode */ } } exit: kfree(pwep); return ret; } static int rtw_set_wpa_ie(struct adapter *padapter, char *pie, unsigned short ielen) { u8 *buf = NULL; int group_cipher = 0, pairwise_cipher = 0; int ret = 0; u8 null_addr[] = {0, 0, 0, 0, 0, 0}; if (ielen > MAX_WPA_IE_LEN || !pie) { _clr_fwstate_(&padapter->mlmepriv, WIFI_UNDER_WPS); if (!pie) return ret; else return -EINVAL; } if (ielen) { buf = rtw_zmalloc(ielen); if (!buf) { ret = -ENOMEM; goto exit; } memcpy(buf, pie, ielen); if (ielen < RSN_HEADER_LEN) { ret = -1; goto exit; } if (rtw_parse_wpa_ie(buf, ielen, &group_cipher, &pairwise_cipher, NULL) == _SUCCESS) { padapter->securitypriv.dot11AuthAlgrthm = dot11AuthAlgrthm_8021X; padapter->securitypriv.ndisauthtype = Ndis802_11AuthModeWPAPSK; memcpy(padapter->securitypriv.supplicant_ie, &buf[0], ielen); } if (rtw_parse_wpa2_ie(buf, ielen, &group_cipher, &pairwise_cipher, NULL) == _SUCCESS) { padapter->securitypriv.dot11AuthAlgrthm = dot11AuthAlgrthm_8021X; padapter->securitypriv.ndisauthtype = Ndis802_11AuthModeWPA2PSK; memcpy(padapter->securitypriv.supplicant_ie, &buf[0], ielen); } if (group_cipher == 0) group_cipher = WPA_CIPHER_NONE; if (pairwise_cipher == 0) pairwise_cipher = WPA_CIPHER_NONE; switch (group_cipher) { case WPA_CIPHER_NONE: padapter->securitypriv.dot118021XGrpPrivacy = _NO_PRIVACY_; padapter->securitypriv.ndisencryptstatus = Ndis802_11EncryptionDisabled; break; case WPA_CIPHER_WEP40: padapter->securitypriv.dot118021XGrpPrivacy = _WEP40_; padapter->securitypriv.ndisencryptstatus = Ndis802_11Encryption1Enabled; break; case WPA_CIPHER_TKIP: padapter->securitypriv.dot118021XGrpPrivacy = _TKIP_; padapter->securitypriv.ndisencryptstatus = Ndis802_11Encryption2Enabled; break; case WPA_CIPHER_CCMP: padapter->securitypriv.dot118021XGrpPrivacy = _AES_; padapter->securitypriv.ndisencryptstatus = Ndis802_11Encryption3Enabled; break; case WPA_CIPHER_WEP104: padapter->securitypriv.dot118021XGrpPrivacy = _WEP104_; padapter->securitypriv.ndisencryptstatus = Ndis802_11Encryption1Enabled; break; } switch (pairwise_cipher) { case WPA_CIPHER_NONE: padapter->securitypriv.dot11PrivacyAlgrthm = _NO_PRIVACY_; padapter->securitypriv.ndisencryptstatus = Ndis802_11EncryptionDisabled; break; case WPA_CIPHER_WEP40: padapter->securitypriv.dot11PrivacyAlgrthm = _WEP40_; padapter->securitypriv.ndisencryptstatus = Ndis802_11Encryption1Enabled; break; case WPA_CIPHER_TKIP: padapter->securitypriv.dot11PrivacyAlgrthm = _TKIP_; padapter->securitypriv.ndisencryptstatus = Ndis802_11Encryption2Enabled; break; case WPA_CIPHER_CCMP: padapter->securitypriv.dot11PrivacyAlgrthm = _AES_; padapter->securitypriv.ndisencryptstatus = Ndis802_11Encryption3Enabled; break; case WPA_CIPHER_WEP104: padapter->securitypriv.dot11PrivacyAlgrthm = _WEP104_; padapter->securitypriv.ndisencryptstatus = Ndis802_11Encryption1Enabled; break; } _clr_fwstate_(&padapter->mlmepriv, WIFI_UNDER_WPS); {/* set wps_ie */ u16 cnt = 0; u8 eid, wps_oui[4] = {0x0, 0x50, 0xf2, 0x04}; while (cnt < ielen) { eid = buf[cnt]; if ((eid == WLAN_EID_VENDOR_SPECIFIC) && (!memcmp(&buf[cnt+2], wps_oui, 4))) { padapter->securitypriv.wps_ie_len = ((buf[cnt+1]+2) < MAX_WPS_IE_LEN) ? (buf[cnt+1]+2):MAX_WPS_IE_LEN; memcpy(padapter->securitypriv.wps_ie, &buf[cnt], padapter->securitypriv.wps_ie_len); set_fwstate(&padapter->mlmepriv, WIFI_UNDER_WPS); cnt += buf[cnt+1]+2; break; } else { cnt += buf[cnt+1]+2; /* goto next */ } } } } /* TKIP and AES disallow multicast packets until installing group key */ if (padapter->securitypriv.dot11PrivacyAlgrthm == _TKIP_ || padapter->securitypriv.dot11PrivacyAlgrthm == _TKIP_WTMIC_ || padapter->securitypriv.dot11PrivacyAlgrthm == _AES_) /* WPS open need to enable multicast */ /* check_fwstate(&padapter->mlmepriv, WIFI_UNDER_WPS) == true) */ rtw_hal_set_hwreg(padapter, HW_VAR_OFF_RCR_AM, null_addr); exit: kfree(buf); return ret; } static int wpa_set_param(struct net_device *dev, u8 name, u32 value) { uint ret = 0; struct adapter *padapter = rtw_netdev_priv(dev); switch (name) { case IEEE_PARAM_WPA_ENABLED: padapter->securitypriv.dot11AuthAlgrthm = dot11AuthAlgrthm_8021X; /* 802.1x */ /* ret = ieee80211_wpa_enable(ieee, value); */ switch ((value)&0xff) { case 1: /* WPA */ padapter->securitypriv.ndisauthtype = Ndis802_11AuthModeWPAPSK; /* WPA_PSK */ padapter->securitypriv.ndisencryptstatus = Ndis802_11Encryption2Enabled; break; case 2: /* WPA2 */ padapter->securitypriv.ndisauthtype = Ndis802_11AuthModeWPA2PSK; /* WPA2_PSK */ padapter->securitypriv.ndisencryptstatus = Ndis802_11Encryption3Enabled; break; } break; case IEEE_PARAM_TKIP_COUNTERMEASURES: /* ieee->tkip_countermeasures =value; */ break; case IEEE_PARAM_DROP_UNENCRYPTED: { /* HACK: * * wpa_supplicant calls set_wpa_enabled when the driver * is loaded and unloaded, regardless of if WPA is being * used. No other calls are made which can be used to * determine if encryption will be used or not prior to * association being expected. If encryption is not being * used, drop_unencrypted is set to false, else true -- we * can use this to determine if the CAP_PRIVACY_ON bit should * be set. */ break; } case IEEE_PARAM_PRIVACY_INVOKED: /* ieee->privacy_invoked =value; */ break; case IEEE_PARAM_AUTH_ALGS: ret = wpa_set_auth_algs(dev, value); break; case IEEE_PARAM_IEEE_802_1X: /* ieee->ieee802_1x =value; */ break; case IEEE_PARAM_WPAX_SELECT: /* added for WPA2 mixed mode */ /* spin_lock_irqsave(&ieee->wpax_suitlist_lock, flags); ieee->wpax_type_set = 1; ieee->wpax_type_notify = value; spin_unlock_irqrestore(&ieee->wpax_suitlist_lock, flags); */ break; default: ret = -EOPNOTSUPP; break; } return ret; } static int wpa_mlme(struct net_device *dev, u32 command, u32 reason) { int ret = 0; struct adapter *padapter = rtw_netdev_priv(dev); switch (command) { case IEEE_MLME_STA_DEAUTH: if (!rtw_set_802_11_disassociate(padapter)) ret = -1; break; case IEEE_MLME_STA_DISASSOC: if (!rtw_set_802_11_disassociate(padapter)) ret = -1; break; default: ret = -EOPNOTSUPP; break; } return ret; } static int wpa_supplicant_ioctl(struct net_device *dev, struct iw_point *p) { struct ieee_param *param; uint ret = 0; /* down(&ieee->wx_sem); */ if (!p->pointer || p->length != sizeof(struct ieee_param)) return -EINVAL; param = rtw_malloc(p->length); if (!param) return -ENOMEM; if (copy_from_user(param, p->pointer, p->length)) { kfree(param); return -EFAULT; } switch (param->cmd) { case IEEE_CMD_SET_WPA_PARAM: ret = wpa_set_param(dev, param->u.wpa_param.name, param->u.wpa_param.value); break; case IEEE_CMD_SET_WPA_IE: /* ret = wpa_set_wpa_ie(dev, param, p->length); */ ret = rtw_set_wpa_ie(rtw_netdev_priv(dev), (char *)param->u.wpa_ie.data, (u16)param->u.wpa_ie.len); break; case IEEE_CMD_SET_ENCRYPTION: ret = wpa_set_encryption(dev, param, p->length); break; case IEEE_CMD_MLME: ret = wpa_mlme(dev, param->u.mlme.command, param->u.mlme.reason_code); break; default: ret = -EOPNOTSUPP; break; } if (ret == 0 && copy_to_user(p->pointer, param, p->length)) ret = -EFAULT; kfree(param); /* up(&ieee->wx_sem); */ return ret; } static int rtw_set_encryption(struct net_device *dev, struct ieee_param *param, u32 param_len) { int ret = 0; u32 wep_key_idx, wep_key_len, wep_total_len; struct ndis_802_11_wep *pwep = NULL; struct sta_info *psta = NULL, *pbcmc_sta = NULL; struct adapter *padapter = rtw_netdev_priv(dev); struct mlme_priv *pmlmepriv = &padapter->mlmepriv; struct security_priv *psecuritypriv = &(padapter->securitypriv); struct sta_priv *pstapriv = &padapter->stapriv; char *txkey = padapter->securitypriv.dot118021XGrptxmickey[param->u.crypt.idx].skey; char *rxkey = padapter->securitypriv.dot118021XGrprxmickey[param->u.crypt.idx].skey; char *grpkey = psecuritypriv->dot118021XGrpKey[param->u.crypt.idx].skey; param->u.crypt.err = 0; param->u.crypt.alg[IEEE_CRYPT_ALG_NAME_LEN - 1] = '\0'; /* sizeof(struct ieee_param) = 64 bytes; */ /* if (param_len != (u32) ((u8 *) param->u.crypt.key - (u8 *) param) + param->u.crypt.key_len) */ if (param_len != sizeof(struct ieee_param) + param->u.crypt.key_len) { ret = -EINVAL; goto exit; } if (param->sta_addr[0] == 0xff && param->sta_addr[1] == 0xff && param->sta_addr[2] == 0xff && param->sta_addr[3] == 0xff && param->sta_addr[4] == 0xff && param->sta_addr[5] == 0xff) { if (param->u.crypt.idx >= WEP_KEYS) { ret = -EINVAL; goto exit; } } else { psta = rtw_get_stainfo(pstapriv, param->sta_addr); if (!psta) /* ret = -EINVAL; */ goto exit; } if (strcmp(param->u.crypt.alg, "none") == 0 && !psta) { /* todo:clear default encryption keys */ psecuritypriv->dot11AuthAlgrthm = dot11AuthAlgrthm_Open; psecuritypriv->ndisencryptstatus = Ndis802_11EncryptionDisabled; psecuritypriv->dot11PrivacyAlgrthm = _NO_PRIVACY_; psecuritypriv->dot118021XGrpPrivacy = _NO_PRIVACY_; goto exit; } if (strcmp(param->u.crypt.alg, "WEP") == 0 && !psta) { wep_key_idx = param->u.crypt.idx; wep_key_len = param->u.crypt.key_len; if ((wep_key_idx >= WEP_KEYS) || (wep_key_len <= 0)) { ret = -EINVAL; goto exit; } if (wep_key_len > 0) { wep_key_len = wep_key_len <= 5 ? 5 : 13; wep_total_len = wep_key_len + FIELD_OFFSET(struct ndis_802_11_wep, key_material); pwep = kzalloc(wep_total_len, GFP_KERNEL); if (!pwep) goto exit; pwep->key_length = wep_key_len; pwep->length = wep_total_len; } pwep->key_index = wep_key_idx; memcpy(pwep->key_material, param->u.crypt.key, pwep->key_length); if (param->u.crypt.set_tx) { psecuritypriv->dot11AuthAlgrthm = dot11AuthAlgrthm_Auto; psecuritypriv->ndisencryptstatus = Ndis802_11Encryption1Enabled; psecuritypriv->dot11PrivacyAlgrthm = _WEP40_; psecuritypriv->dot118021XGrpPrivacy = _WEP40_; if (pwep->key_length == 13) { psecuritypriv->dot11PrivacyAlgrthm = _WEP104_; psecuritypriv->dot118021XGrpPrivacy = _WEP104_; } psecuritypriv->dot11PrivacyKeyIndex = wep_key_idx; memcpy(&(psecuritypriv->dot11DefKey[wep_key_idx].skey[0]), pwep->key_material, pwep->key_length); psecuritypriv->dot11DefKeylen[wep_key_idx] = pwep->key_length; rtw_ap_set_wep_key(padapter, pwep->key_material, pwep->key_length, wep_key_idx, 1); } else { /* don't update "psecuritypriv->dot11PrivacyAlgrthm" and */ /* psecuritypriv->dot11PrivacyKeyIndex =keyid", but can rtw_set_key to cam */ memcpy(&(psecuritypriv->dot11DefKey[wep_key_idx].skey[0]), pwep->key_material, pwep->key_length); psecuritypriv->dot11DefKeylen[wep_key_idx] = pwep->key_length; rtw_ap_set_wep_key(padapter, pwep->key_material, pwep->key_length, wep_key_idx, 0); } goto exit; } if (!psta && check_fwstate(pmlmepriv, WIFI_AP_STATE)) { /* group key */ if (param->u.crypt.set_tx == 1) { if (strcmp(param->u.crypt.alg, "WEP") == 0) { memcpy(grpkey, param->u.crypt.key, (param->u.crypt.key_len > 16 ? 16 : param->u.crypt.key_len)); psecuritypriv->dot118021XGrpPrivacy = _WEP40_; if (param->u.crypt.key_len == 13) psecuritypriv->dot118021XGrpPrivacy = _WEP104_; } else if (strcmp(param->u.crypt.alg, "TKIP") == 0) { psecuritypriv->dot118021XGrpPrivacy = _TKIP_; memcpy(grpkey, param->u.crypt.key, (param->u.crypt.key_len > 16 ? 16 : param->u.crypt.key_len)); /* DEBUG_ERR("set key length :param->u.crypt.key_len =%d\n", param->u.crypt.key_len); */ /* set mic key */ memcpy(txkey, &(param->u.crypt.key[16]), 8); memcpy(psecuritypriv->dot118021XGrprxmickey[param->u.crypt.idx].skey, &(param->u.crypt.key[24]), 8); psecuritypriv->busetkipkey = true; } else if (strcmp(param->u.crypt.alg, "CCMP") == 0) { psecuritypriv->dot118021XGrpPrivacy = _AES_; memcpy(grpkey, param->u.crypt.key, (param->u.crypt.key_len > 16 ? 16 : param->u.crypt.key_len)); } else { psecuritypriv->dot118021XGrpPrivacy = _NO_PRIVACY_; } psecuritypriv->dot118021XGrpKeyid = param->u.crypt.idx; psecuritypriv->binstallGrpkey = true; psecuritypriv->dot11PrivacyAlgrthm = psecuritypriv->dot118021XGrpPrivacy;/* */ rtw_ap_set_group_key(padapter, param->u.crypt.key, psecuritypriv->dot118021XGrpPrivacy, param->u.crypt.idx); pbcmc_sta = rtw_get_bcmc_stainfo(padapter); if (pbcmc_sta) { pbcmc_sta->ieee8021x_blocked = false; pbcmc_sta->dot118021XPrivacy = psecuritypriv->dot118021XGrpPrivacy;/* rx will use bmc_sta's dot118021XPrivacy */ } } goto exit; } if (psecuritypriv->dot11AuthAlgrthm == dot11AuthAlgrthm_8021X && psta) { /* psk/802_1x */ if (check_fwstate(pmlmepriv, WIFI_AP_STATE)) { if (param->u.crypt.set_tx == 1) { memcpy(psta->dot118021x_UncstKey.skey, param->u.crypt.key, (param->u.crypt.key_len > 16 ? 16 : param->u.crypt.key_len)); if (strcmp(param->u.crypt.alg, "WEP") == 0) { psta->dot118021XPrivacy = _WEP40_; if (param->u.crypt.key_len == 13) psta->dot118021XPrivacy = _WEP104_; } else if (strcmp(param->u.crypt.alg, "TKIP") == 0) { psta->dot118021XPrivacy = _TKIP_; /* DEBUG_ERR("set key length :param->u.crypt.key_len =%d\n", param->u.crypt.key_len); */ /* set mic key */ memcpy(psta->dot11tkiptxmickey.skey, &(param->u.crypt.key[16]), 8); memcpy(psta->dot11tkiprxmickey.skey, &(param->u.crypt.key[24]), 8); psecuritypriv->busetkipkey = true; } else if (strcmp(param->u.crypt.alg, "CCMP") == 0) { psta->dot118021XPrivacy = _AES_; } else { psta->dot118021XPrivacy = _NO_PRIVACY_; } rtw_ap_set_pairwise_key(padapter, psta); psta->ieee8021x_blocked = false; } else { /* group key??? */ if (strcmp(param->u.crypt.alg, "WEP") == 0) { memcpy(grpkey, param->u.crypt.key, (param->u.crypt.key_len > 16 ? 16 : param->u.crypt.key_len)); psecuritypriv->dot118021XGrpPrivacy = _WEP40_; if (param->u.crypt.key_len == 13) psecuritypriv->dot118021XGrpPrivacy = _WEP104_; } else if (strcmp(param->u.crypt.alg, "TKIP") == 0) { psecuritypriv->dot118021XGrpPrivacy = _TKIP_; memcpy(grpkey, param->u.crypt.key, (param->u.crypt.key_len > 16 ? 16 : param->u.crypt.key_len)); /* DEBUG_ERR("set key length :param->u.crypt.key_len =%d\n", param->u.crypt.key_len); */ /* set mic key */ memcpy(txkey, &(param->u.crypt.key[16]), 8); memcpy(rxkey, &(param->u.crypt.key[24]), 8); psecuritypriv->busetkipkey = true; } else if (strcmp(param->u.crypt.alg, "CCMP") == 0) { psecuritypriv->dot118021XGrpPrivacy = _AES_; memcpy(grpkey, param->u.crypt.key, (param->u.crypt.key_len > 16 ? 16 : param->u.crypt.key_len)); } else { psecuritypriv->dot118021XGrpPrivacy = _NO_PRIVACY_; } psecuritypriv->dot118021XGrpKeyid = param->u.crypt.idx; psecuritypriv->binstallGrpkey = true; psecuritypriv->dot11PrivacyAlgrthm = psecuritypriv->dot118021XGrpPrivacy;/* */ rtw_ap_set_group_key(padapter, param->u.crypt.key, psecuritypriv->dot118021XGrpPrivacy, param->u.crypt.idx); pbcmc_sta = rtw_get_bcmc_stainfo(padapter); if (pbcmc_sta) { pbcmc_sta->ieee8021x_blocked = false; pbcmc_sta->dot118021XPrivacy = psecuritypriv->dot118021XGrpPrivacy;/* rx will use bmc_sta's dot118021XPrivacy */ } } } } exit: kfree(pwep); return ret; } static int rtw_set_beacon(struct net_device *dev, struct ieee_param *param, int len) { int ret = 0; struct adapter *padapter = rtw_netdev_priv(dev); struct mlme_priv *pmlmepriv = &(padapter->mlmepriv); struct sta_priv *pstapriv = &padapter->stapriv; unsigned char *pbuf = param->u.bcn_ie.buf; if (check_fwstate(pmlmepriv, WIFI_AP_STATE) != true) return -EINVAL; memcpy(&pstapriv->max_num_sta, param->u.bcn_ie.reserved, 2); if ((pstapriv->max_num_sta > NUM_STA) || (pstapriv->max_num_sta <= 0)) pstapriv->max_num_sta = NUM_STA; if (rtw_check_beacon_data(padapter, pbuf, (len-12-2)) == _SUCCESS)/* 12 = param header, 2:no packed */ ret = 0; else ret = -EINVAL; return ret; } static void rtw_hostapd_sta_flush(struct net_device *dev) { /* _irqL irqL; */ /* struct list_head *phead, *plist; */ /* struct sta_info *psta = NULL; */ struct adapter *padapter = rtw_netdev_priv(dev); /* struct sta_priv *pstapriv = &padapter->stapriv; */ flush_all_cam_entry(padapter); /* clear CAM */ rtw_sta_flush(padapter); } static int rtw_add_sta(struct net_device *dev, struct ieee_param *param) { int ret = 0; struct sta_info *psta = NULL; struct adapter *padapter = rtw_netdev_priv(dev); struct mlme_priv *pmlmepriv = &(padapter->mlmepriv); struct sta_priv *pstapriv = &padapter->stapriv; if (check_fwstate(pmlmepriv, (_FW_LINKED|WIFI_AP_STATE)) != true) return -EINVAL; if (param->sta_addr[0] == 0xff && param->sta_addr[1] == 0xff && param->sta_addr[2] == 0xff && param->sta_addr[3] == 0xff && param->sta_addr[4] == 0xff && param->sta_addr[5] == 0xff) { return -EINVAL; } /* psta = rtw_get_stainfo(pstapriv, param->sta_addr); if (psta) { rtw_free_stainfo(padapter, psta); psta = NULL; } */ /* psta = rtw_alloc_stainfo(pstapriv, param->sta_addr); */ psta = rtw_get_stainfo(pstapriv, param->sta_addr); if (psta) { int flags = param->u.add_sta.flags; psta->aid = param->u.add_sta.aid;/* aid = 1~2007 */ memcpy(psta->bssrateset, param->u.add_sta.tx_supp_rates, 16); /* check wmm cap. */ if (WLAN_STA_WME&flags) psta->qos_option = 1; else psta->qos_option = 0; if (pmlmepriv->qospriv.qos_option == 0) psta->qos_option = 0; /* chec 802.11n ht cap. */ if (WLAN_STA_HT&flags) { psta->htpriv.ht_option = true; psta->qos_option = 1; memcpy((void *)&psta->htpriv.ht_cap, (void *)¶m->u.add_sta.ht_cap, sizeof(struct ieee80211_ht_cap)); } else { psta->htpriv.ht_option = false; } if (pmlmepriv->htpriv.ht_option == false) psta->htpriv.ht_option = false; update_sta_info_apmode(padapter, psta); } else { ret = -ENOMEM; } return ret; } static int rtw_del_sta(struct net_device *dev, struct ieee_param *param) { int ret = 0; struct sta_info *psta = NULL; struct adapter *padapter = rtw_netdev_priv(dev); struct mlme_priv *pmlmepriv = &(padapter->mlmepriv); struct sta_priv *pstapriv = &padapter->stapriv; if (check_fwstate(pmlmepriv, (_FW_LINKED|WIFI_AP_STATE)) != true) return -EINVAL; if (param->sta_addr[0] == 0xff && param->sta_addr[1] == 0xff && param->sta_addr[2] == 0xff && param->sta_addr[3] == 0xff && param->sta_addr[4] == 0xff && param->sta_addr[5] == 0xff) { return -EINVAL; } psta = rtw_get_stainfo(pstapriv, param->sta_addr); if (psta) { u8 updated = false; spin_lock_bh(&pstapriv->asoc_list_lock); if (list_empty(&psta->asoc_list) == false) { list_del_init(&psta->asoc_list); pstapriv->asoc_list_cnt--; updated = ap_free_sta(padapter, psta, true, WLAN_REASON_DEAUTH_LEAVING); } spin_unlock_bh(&pstapriv->asoc_list_lock); associated_clients_update(padapter, updated); psta = NULL; } return ret; } static int rtw_ioctl_get_sta_data(struct net_device *dev, struct ieee_param *param, int len) { int ret = 0; struct sta_info *psta = NULL; struct adapter *padapter = rtw_netdev_priv(dev); struct mlme_priv *pmlmepriv = &(padapter->mlmepriv); struct sta_priv *pstapriv = &padapter->stapriv; struct ieee_param_ex *param_ex = (struct ieee_param_ex *)param; struct sta_data *psta_data = (struct sta_data *)param_ex->data; if (check_fwstate(pmlmepriv, (_FW_LINKED|WIFI_AP_STATE)) != true) return -EINVAL; if (param_ex->sta_addr[0] == 0xff && param_ex->sta_addr[1] == 0xff && param_ex->sta_addr[2] == 0xff && param_ex->sta_addr[3] == 0xff && param_ex->sta_addr[4] == 0xff && param_ex->sta_addr[5] == 0xff) { return -EINVAL; } psta = rtw_get_stainfo(pstapriv, param_ex->sta_addr); if (psta) { psta_data->aid = (u16)psta->aid; psta_data->capability = psta->capability; psta_data->flags = psta->flags; /* nonerp_set : BIT(0) no_short_slot_time_set : BIT(1) no_short_preamble_set : BIT(2) no_ht_gf_set : BIT(3) no_ht_set : BIT(4) ht_20mhz_set : BIT(5) */ psta_data->sta_set = ((psta->nonerp_set) | (psta->no_short_slot_time_set << 1) | (psta->no_short_preamble_set << 2) | (psta->no_ht_gf_set << 3) | (psta->no_ht_set << 4) | (psta->ht_20mhz_set << 5)); psta_data->tx_supp_rates_len = psta->bssratelen; memcpy(psta_data->tx_supp_rates, psta->bssrateset, psta->bssratelen); memcpy(&psta_data->ht_cap, &psta->htpriv.ht_cap, sizeof(struct ieee80211_ht_cap)); psta_data->rx_pkts = psta->sta_stats.rx_data_pkts; psta_data->rx_bytes = psta->sta_stats.rx_bytes; psta_data->rx_drops = psta->sta_stats.rx_drops; psta_data->tx_pkts = psta->sta_stats.tx_pkts; psta_data->tx_bytes = psta->sta_stats.tx_bytes; psta_data->tx_drops = psta->sta_stats.tx_drops; } else { ret = -1; } return ret; } static int rtw_get_sta_wpaie(struct net_device *dev, struct ieee_param *param) { int ret = 0; struct sta_info *psta = NULL; struct adapter *padapter = rtw_netdev_priv(dev); struct mlme_priv *pmlmepriv = &(padapter->mlmepriv); struct sta_priv *pstapriv = &padapter->stapriv; if (check_fwstate(pmlmepriv, (_FW_LINKED|WIFI_AP_STATE)) != true) return -EINVAL; if (param->sta_addr[0] == 0xff && param->sta_addr[1] == 0xff && param->sta_addr[2] == 0xff && param->sta_addr[3] == 0xff && param->sta_addr[4] == 0xff && param->sta_addr[5] == 0xff) { return -EINVAL; } psta = rtw_get_stainfo(pstapriv, param->sta_addr); if (psta) { if ((psta->wpa_ie[0] == WLAN_EID_RSN) || (psta->wpa_ie[0] == WLAN_EID_VENDOR_SPECIFIC)) { int wpa_ie_len; int copy_len; wpa_ie_len = psta->wpa_ie[1]; copy_len = ((wpa_ie_len+2) > sizeof(psta->wpa_ie)) ? (sizeof(psta->wpa_ie)):(wpa_ie_len+2); param->u.wpa_ie.len = copy_len; memcpy(param->u.wpa_ie.reserved, psta->wpa_ie, copy_len); } } else { ret = -1; } return ret; } static int rtw_set_wps_beacon(struct net_device *dev, struct ieee_param *param, int len) { int ret = 0; unsigned char wps_oui[4] = {0x0, 0x50, 0xf2, 0x04}; struct adapter *padapter = rtw_netdev_priv(dev); struct mlme_priv *pmlmepriv = &(padapter->mlmepriv); struct mlme_ext_priv *pmlmeext = &(padapter->mlmeextpriv); int ie_len; if (check_fwstate(pmlmepriv, WIFI_AP_STATE) != true) return -EINVAL; ie_len = len-12-2;/* 12 = param header, 2:no packed */ kfree(pmlmepriv->wps_beacon_ie); pmlmepriv->wps_beacon_ie = NULL; if (ie_len > 0) { pmlmepriv->wps_beacon_ie = rtw_malloc(ie_len); pmlmepriv->wps_beacon_ie_len = ie_len; if (!pmlmepriv->wps_beacon_ie) return -EINVAL; memcpy(pmlmepriv->wps_beacon_ie, param->u.bcn_ie.buf, ie_len); update_beacon(padapter, WLAN_EID_VENDOR_SPECIFIC, wps_oui, true); pmlmeext->bstart_bss = true; } return ret; } static int rtw_set_wps_probe_resp(struct net_device *dev, struct ieee_param *param, int len) { int ret = 0; struct adapter *padapter = rtw_netdev_priv(dev); struct mlme_priv *pmlmepriv = &(padapter->mlmepriv); int ie_len; if (check_fwstate(pmlmepriv, WIFI_AP_STATE) != true) return -EINVAL; ie_len = len-12-2;/* 12 = param header, 2:no packed */ kfree(pmlmepriv->wps_probe_resp_ie); pmlmepriv->wps_probe_resp_ie = NULL; if (ie_len > 0) { pmlmepriv->wps_probe_resp_ie = rtw_malloc(ie_len); pmlmepriv->wps_probe_resp_ie_len = ie_len; if (!pmlmepriv->wps_probe_resp_ie) return -EINVAL; memcpy(pmlmepriv->wps_probe_resp_ie, param->u.bcn_ie.buf, ie_len); } return ret; } static int rtw_set_wps_assoc_resp(struct net_device *dev, struct ieee_param *param, int len) { int ret = 0; struct adapter *padapter = rtw_netdev_priv(dev); struct mlme_priv *pmlmepriv = &(padapter->mlmepriv); int ie_len; if (check_fwstate(pmlmepriv, WIFI_AP_STATE) != true) return -EINVAL; ie_len = len-12-2;/* 12 = param header, 2:no packed */ kfree(pmlmepriv->wps_assoc_resp_ie); pmlmepriv->wps_assoc_resp_ie = NULL; if (ie_len > 0) { pmlmepriv->wps_assoc_resp_ie = rtw_malloc(ie_len); pmlmepriv->wps_assoc_resp_ie_len = ie_len; if (!pmlmepriv->wps_assoc_resp_ie) return -EINVAL; memcpy(pmlmepriv->wps_assoc_resp_ie, param->u.bcn_ie.buf, ie_len); } return ret; } static int rtw_set_hidden_ssid(struct net_device *dev, struct ieee_param *param, int len) { int ret = 0; struct adapter *adapter = rtw_netdev_priv(dev); struct mlme_priv *mlmepriv = &(adapter->mlmepriv); struct mlme_ext_priv *mlmeext = &(adapter->mlmeextpriv); struct mlme_ext_info *mlmeinfo = &(mlmeext->mlmext_info); int ie_len; u8 *ssid_ie; char ssid[NDIS_802_11_LENGTH_SSID + 1]; signed int ssid_len; u8 ignore_broadcast_ssid; if (check_fwstate(mlmepriv, WIFI_AP_STATE) != true) return -EPERM; if (param->u.bcn_ie.reserved[0] != 0xea) return -EINVAL; mlmeinfo->hidden_ssid_mode = ignore_broadcast_ssid = param->u.bcn_ie.reserved[1]; ie_len = len-12-2;/* 12 = param header, 2:no packed */ ssid_ie = rtw_get_ie(param->u.bcn_ie.buf, WLAN_EID_SSID, &ssid_len, ie_len); if (ssid_ie && ssid_len > 0 && ssid_len <= NDIS_802_11_LENGTH_SSID) { struct wlan_bssid_ex *pbss_network = &mlmepriv->cur_network.network; struct wlan_bssid_ex *pbss_network_ext = &mlmeinfo->network; memcpy(ssid, ssid_ie+2, ssid_len); ssid[ssid_len] = 0x0; memcpy(pbss_network->ssid.ssid, (void *)ssid, ssid_len); pbss_network->ssid.ssid_length = ssid_len; memcpy(pbss_network_ext->ssid.ssid, (void *)ssid, ssid_len); pbss_network_ext->ssid.ssid_length = ssid_len; } return ret; } static int rtw_ioctl_acl_remove_sta(struct net_device *dev, struct ieee_param *param, int len) { struct adapter *padapter = rtw_netdev_priv(dev); struct mlme_priv *pmlmepriv = &(padapter->mlmepriv); if (check_fwstate(pmlmepriv, WIFI_AP_STATE) != true) return -EINVAL; if (param->sta_addr[0] == 0xff && param->sta_addr[1] == 0xff && param->sta_addr[2] == 0xff && param->sta_addr[3] == 0xff && param->sta_addr[4] == 0xff && param->sta_addr[5] == 0xff) { return -EINVAL; } rtw_acl_remove_sta(padapter, param->sta_addr); return 0; } static int rtw_ioctl_acl_add_sta(struct net_device *dev, struct ieee_param *param, int len) { struct adapter *padapter = rtw_netdev_priv(dev); struct mlme_priv *pmlmepriv = &(padapter->mlmepriv); if (check_fwstate(pmlmepriv, WIFI_AP_STATE) != true) return -EINVAL; if (param->sta_addr[0] == 0xff && param->sta_addr[1] == 0xff && param->sta_addr[2] == 0xff && param->sta_addr[3] == 0xff && param->sta_addr[4] == 0xff && param->sta_addr[5] == 0xff) { return -EINVAL; } return rtw_acl_add_sta(padapter, param->sta_addr); } static int rtw_ioctl_set_macaddr_acl(struct net_device *dev, struct ieee_param *param, int len) { int ret = 0; struct adapter *padapter = rtw_netdev_priv(dev); struct mlme_priv *pmlmepriv = &(padapter->mlmepriv); if (check_fwstate(pmlmepriv, WIFI_AP_STATE) != true) return -EINVAL; rtw_set_macaddr_acl(padapter, param->u.mlme.command); return ret; } static int rtw_hostapd_ioctl(struct net_device *dev, struct iw_point *p) { struct ieee_param *param; int ret = 0; struct adapter *padapter = rtw_netdev_priv(dev); /* * this function is expect to call in master mode, which allows no power saving * so, we just check hw_init_completed */ if (!padapter->hw_init_completed) return -EPERM; if (!p->pointer || p->length != sizeof(*param)) return -EINVAL; param = rtw_malloc(p->length); if (!param) return -ENOMEM; if (copy_from_user(param, p->pointer, p->length)) { kfree(param); return -EFAULT; } switch (param->cmd) { case RTL871X_HOSTAPD_FLUSH: rtw_hostapd_sta_flush(dev); break; case RTL871X_HOSTAPD_ADD_STA: ret = rtw_add_sta(dev, param); break; case RTL871X_HOSTAPD_REMOVE_STA: ret = rtw_del_sta(dev, param); break; case RTL871X_HOSTAPD_SET_BEACON: ret = rtw_set_beacon(dev, param, p->length); break; case RTL871X_SET_ENCRYPTION: ret = rtw_set_encryption(dev, param, p->length); break; case RTL871X_HOSTAPD_GET_WPAIE_STA: ret = rtw_get_sta_wpaie(dev, param); break; case RTL871X_HOSTAPD_SET_WPS_BEACON: ret = rtw_set_wps_beacon(dev, param, p->length); break; case RTL871X_HOSTAPD_SET_WPS_PROBE_RESP: ret = rtw_set_wps_probe_resp(dev, param, p->length); break; case RTL871X_HOSTAPD_SET_WPS_ASSOC_RESP: ret = rtw_set_wps_assoc_resp(dev, param, p->length); break; case RTL871X_HOSTAPD_SET_HIDDEN_SSID: ret = rtw_set_hidden_ssid(dev, param, p->length); break; case RTL871X_HOSTAPD_GET_INFO_STA: ret = rtw_ioctl_get_sta_data(dev, param, p->length); break; case RTL871X_HOSTAPD_SET_MACADDR_ACL: ret = rtw_ioctl_set_macaddr_acl(dev, param, p->length); break; case RTL871X_HOSTAPD_ACL_ADD_STA: ret = rtw_ioctl_acl_add_sta(dev, param, p->length); break; case RTL871X_HOSTAPD_ACL_REMOVE_STA: ret = rtw_ioctl_acl_remove_sta(dev, param, p->length); break; default: ret = -EOPNOTSUPP; break; } if (ret == 0 && copy_to_user(p->pointer, param, p->length)) ret = -EFAULT; kfree(param); return ret; } /* copy from net/wireless/wext.c end */ int rtw_ioctl(struct net_device *dev, struct ifreq *rq, int cmd) { struct iwreq *wrq = (struct iwreq *)rq; int ret = 0; switch (cmd) { case RTL_IOCTL_WPA_SUPPLICANT: ret = wpa_supplicant_ioctl(dev, &wrq->u.data); break; case RTL_IOCTL_HOSTAPD: ret = rtw_hostapd_ioctl(dev, &wrq->u.data); break; default: ret = -EOPNOTSUPP; break; } return ret; }