]> git.proxmox.com Git - mirror_ubuntu-jammy-kernel.git/blame - net/wireless/wext.c
projects / mirror_ubuntu-jammy-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
wireless extensions: make netns aware
[mirror_ubuntu-jammy-kernel.git] / net / wireless / wext.c
CommitLineData
1da177e4
LT		 1/*
2 * This file implement the Wireless Extensions APIs.
3 *
4 * Authors : Jean Tourrilhes - HPL - <jt@hpl.hp.com>
c2805fbb 5 * Copyright (c) 1997-2007 Jean Tourrilhes, All Rights Reserved.
1da177e4
LT		 6 *
7 * (As all part of the Linux kernel, this file is GPL)
8 */
9
10/************************** DOCUMENTATION **************************/
11/*
12 * API definition :
13 * --------------
14 * See <linux/wireless.h> for details of the APIs and the rest.
15 *
16 * History :
17 * -------
18 *
19 * v1 - 5.12.01 - Jean II
20 * o Created this file.
21 *
22 * v2 - 13.12.01 - Jean II
23 * o Move /proc/net/wireless stuff from net/core/dev.c to here
24 * o Make Wireless Extension IOCTLs go through here
25 * o Added iw_handler handling ;-)
26 * o Added standard ioctl description
27 * o Initial dumb commit strategy based on orinoco.c
28 *
29 * v3 - 19.12.01 - Jean II
30 * o Make sure we don't go out of standard_ioctl[] in ioctl_standard_call
31 * o Add event dispatcher function
32 * o Add event description
33 * o Propagate events as rtnetlink IFLA_WIRELESS option
34 * o Generate event on selected SET requests
35 *
36 * v4 - 18.04.02 - Jean II
37 * o Fix stupid off by one in iw_ioctl_description : IW_ESSID_MAX_SIZE + 1
38 *
39 * v5 - 21.06.02 - Jean II
40 * o Add IW_PRIV_TYPE_ADDR in priv_type_size (+cleanup)
41 * o Reshuffle IW_HEADER_TYPE_XXX to map IW_PRIV_TYPE_XXX changes
42 * o Add IWEVCUSTOM for driver specific event/scanning token
43 * o Turn on WE_STRICT_WRITE by default + kernel warning
44 * o Fix WE_STRICT_WRITE in ioctl_export_private() (32 => iw_num)
45 * o Fix off-by-one in test (extra_size <= IFNAMSIZ)
46 *
47 * v6 - 9.01.03 - Jean II
48 * o Add common spy support : iw_handler_set_spy(), wireless_spy_update()
49 * o Add enhanced spy support : iw_handler_set_thrspy() and event.
50 * o Add WIRELESS_EXT version display in /proc/net/wireless
51 *
52 * v6 - 18.06.04 - Jean II
53 * o Change get_spydata() method for added safety
54 * o Remove spy #ifdef, they are always on -> cleaner code
55 * o Allow any size GET request if user specifies length > max
56 * and if request has IW_DESCR_FLAG_NOMAX flag or is SIOCGIWPRIV
57 * o Start migrating get_wireless_stats to struct iw_handler_def
58 * o Add wmb() in iw_handler_set_spy() for non-coherent archs/cpus
59 * Based on patch from Pavel Roskin <proski@gnu.org> :
60 * o Fix kernel data leak to user space in private handler handling
6582c164
JT		 61 *
62 * v7 - 18.3.05 - Jean II
63 * o Remove (struct iw_point *)->pointer from events and streams
64 * o Remove spy_offset from struct iw_handler_def
65 * o Start deprecating dev->get_wireless_stats, output a warning
66 * o If IW_QUAL_DBM is set, show dBm values in /proc/net/wireless
6c5cc8e0 67 * o Don't lose INVALID/DBM flags when clearing UPDATED flags (iwstats)
711e2c33
JT		 68 *
69 * v8 - 17.02.06 - Jean II
70 * o RtNetlink requests support (SET/GET)
baef1865
JL		 71 *
72 * v8b - 03.08.06 - Herbert Xu
73 * o Fix Wireless Event locking issues.
74 *
75 * v9 - 14.3.06 - Jean II
76 * o Change length in ESSID and NICK to strlen() instead of strlen()+1
77 * o Make standard_ioctl_num and standard_event_num unsigned
78 * o Remove (struct net_device *)->get_wireless_stats()
c2805fbb
JT		 79 *
80 * v10 - 16.3.07 - Jean II
81 * o Prevent leaking of kernel space in stream on 64 bits.
1da177e4
LT		 82 */
83
84/***************************** INCLUDES *****************************/
85
1da177e4
LT		 86#include <linux/module.h>
87#include <linux/types.h> /* off_t */
88#include <linux/netdevice.h> /* struct ifreq, dev_get_by_name() */
89#include <linux/proc_fs.h>
90#include <linux/rtnetlink.h> /* rtnetlink stuff */
91#include <linux/seq_file.h>
92#include <linux/init.h> /* for __init */
93#include <linux/if_arp.h> /* ARPHRD_ETHER */
9819d85c 94#include <linux/etherdevice.h> /* compare_ether_addr */
782a6675 95#include <linux/interrupt.h>
457c4cbc 96#include <net/net_namespace.h>
1da177e4
LT		 97
98#include <linux/wireless.h> /* Pretty obvious */
99#include <net/iw_handler.h> /* New driver API */
bd5785ba 100#include <net/netlink.h>
295f4a1f 101#include <net/wext.h>
1da177e4
LT		 102
103#include <asm/uaccess.h> /* copy_to_user() */
104
1da177e4
LT		 105/************************* GLOBAL VARIABLES *************************/
106/*
107 * You should not use global variables, because of re-entrancy.
108 * On our case, it's only const, so it's OK...
109 */
110/*
111 * Meta-data about all the standard Wireless Extension request we
112 * know about.
113 */
114static const struct iw_ioctl_description standard_ioctl[] = {
115 [SIOCSIWCOMMIT - SIOCIWFIRST] = {
116 .header_type = IW_HEADER_TYPE_NULL,
117 },
118 [SIOCGIWNAME - SIOCIWFIRST] = {
119 .header_type = IW_HEADER_TYPE_CHAR,
120 .flags = IW_DESCR_FLAG_DUMP,
121 },
122 [SIOCSIWNWID - SIOCIWFIRST] = {
123 .header_type = IW_HEADER_TYPE_PARAM,
124 .flags = IW_DESCR_FLAG_EVENT,
125 },
126 [SIOCGIWNWID - SIOCIWFIRST] = {
127 .header_type = IW_HEADER_TYPE_PARAM,
128 .flags = IW_DESCR_FLAG_DUMP,
129 },
130 [SIOCSIWFREQ - SIOCIWFIRST] = {
131 .header_type = IW_HEADER_TYPE_FREQ,
132 .flags = IW_DESCR_FLAG_EVENT,
133 },
134 [SIOCGIWFREQ - SIOCIWFIRST] = {
135 .header_type = IW_HEADER_TYPE_FREQ,
136 .flags = IW_DESCR_FLAG_DUMP,
137 },
138 [SIOCSIWMODE - SIOCIWFIRST] = {
139 .header_type = IW_HEADER_TYPE_UINT,
140 .flags = IW_DESCR_FLAG_EVENT,
141 },
142 [SIOCGIWMODE - SIOCIWFIRST] = {
143 .header_type = IW_HEADER_TYPE_UINT,
144 .flags = IW_DESCR_FLAG_DUMP,
145 },
146 [SIOCSIWSENS - SIOCIWFIRST] = {
147 .header_type = IW_HEADER_TYPE_PARAM,
148 },
149 [SIOCGIWSENS - SIOCIWFIRST] = {
150 .header_type = IW_HEADER_TYPE_PARAM,
151 },
152 [SIOCSIWRANGE - SIOCIWFIRST] = {
153 .header_type = IW_HEADER_TYPE_NULL,
154 },
155 [SIOCGIWRANGE - SIOCIWFIRST] = {
156 .header_type = IW_HEADER_TYPE_POINT,
157 .token_size = 1,
158 .max_tokens = sizeof(struct iw_range),
159 .flags = IW_DESCR_FLAG_DUMP,
160 },
161 [SIOCSIWPRIV - SIOCIWFIRST] = {
162 .header_type = IW_HEADER_TYPE_NULL,
163 },
164 [SIOCGIWPRIV - SIOCIWFIRST] = { /* (handled directly by us) */
711e2c33
JT		 165 .header_type = IW_HEADER_TYPE_POINT,
166 .token_size = sizeof(struct iw_priv_args),
167 .max_tokens = 16,
168 .flags = IW_DESCR_FLAG_NOMAX,
1da177e4
LT		 169 },
170 [SIOCSIWSTATS - SIOCIWFIRST] = {
171 .header_type = IW_HEADER_TYPE_NULL,
172 },
173 [SIOCGIWSTATS - SIOCIWFIRST] = { /* (handled directly by us) */
711e2c33
JT		 174 .header_type = IW_HEADER_TYPE_POINT,
175 .token_size = 1,
176 .max_tokens = sizeof(struct iw_statistics),
1da177e4
LT		 177 .flags = IW_DESCR_FLAG_DUMP,
178 },
179 [SIOCSIWSPY - SIOCIWFIRST] = {
180 .header_type = IW_HEADER_TYPE_POINT,
181 .token_size = sizeof(struct sockaddr),
182 .max_tokens = IW_MAX_SPY,
183 },
184 [SIOCGIWSPY - SIOCIWFIRST] = {
185 .header_type = IW_HEADER_TYPE_POINT,
186 .token_size = sizeof(struct sockaddr) +
187 sizeof(struct iw_quality),
188 .max_tokens = IW_MAX_SPY,
189 },
190 [SIOCSIWTHRSPY - SIOCIWFIRST] = {
191 .header_type = IW_HEADER_TYPE_POINT,
192 .token_size = sizeof(struct iw_thrspy),
193 .min_tokens = 1,
194 .max_tokens = 1,
195 },
196 [SIOCGIWTHRSPY - SIOCIWFIRST] = {
197 .header_type = IW_HEADER_TYPE_POINT,
198 .token_size = sizeof(struct iw_thrspy),
199 .min_tokens = 1,
200 .max_tokens = 1,
201 },
202 [SIOCSIWAP - SIOCIWFIRST] = {
203 .header_type = IW_HEADER_TYPE_ADDR,
204 },
205 [SIOCGIWAP - SIOCIWFIRST] = {
206 .header_type = IW_HEADER_TYPE_ADDR,
207 .flags = IW_DESCR_FLAG_DUMP,
208 },
fff9cfd9
JT		 209 [SIOCSIWMLME - SIOCIWFIRST] = {
210 .header_type = IW_HEADER_TYPE_POINT,
211 .token_size = 1,
212 .min_tokens = sizeof(struct iw_mlme),
213 .max_tokens = sizeof(struct iw_mlme),
214 },
1da177e4
LT		 215 [SIOCGIWAPLIST - SIOCIWFIRST] = {
216 .header_type = IW_HEADER_TYPE_POINT,
217 .token_size = sizeof(struct sockaddr) +
218 sizeof(struct iw_quality),
219 .max_tokens = IW_MAX_AP,
220 .flags = IW_DESCR_FLAG_NOMAX,
221 },
222 [SIOCSIWSCAN - SIOCIWFIRST] = {
fff9cfd9
JT		 223 .header_type = IW_HEADER_TYPE_POINT,
224 .token_size = 1,
225 .min_tokens = 0,
226 .max_tokens = sizeof(struct iw_scan_req),
1da177e4
LT		 227 },
228 [SIOCGIWSCAN - SIOCIWFIRST] = {
229 .header_type = IW_HEADER_TYPE_POINT,
230 .token_size = 1,
231 .max_tokens = IW_SCAN_MAX_DATA,
232 .flags = IW_DESCR_FLAG_NOMAX,
233 },
234 [SIOCSIWESSID - SIOCIWFIRST] = {
235 .header_type = IW_HEADER_TYPE_POINT,
236 .token_size = 1,
baef1865 237 .max_tokens = IW_ESSID_MAX_SIZE,
1da177e4
LT		 238 .flags = IW_DESCR_FLAG_EVENT,
239 },
240 [SIOCGIWESSID - SIOCIWFIRST] = {
241 .header_type = IW_HEADER_TYPE_POINT,
242 .token_size = 1,
baef1865 243 .max_tokens = IW_ESSID_MAX_SIZE,
1da177e4
LT		 244 .flags = IW_DESCR_FLAG_DUMP,
245 },
246 [SIOCSIWNICKN - SIOCIWFIRST] = {
247 .header_type = IW_HEADER_TYPE_POINT,
248 .token_size = 1,
baef1865 249 .max_tokens = IW_ESSID_MAX_SIZE,
1da177e4
LT		 250 },
251 [SIOCGIWNICKN - SIOCIWFIRST] = {
252 .header_type = IW_HEADER_TYPE_POINT,
253 .token_size = 1,
baef1865 254 .max_tokens = IW_ESSID_MAX_SIZE,
1da177e4
LT		 255 },
256 [SIOCSIWRATE - SIOCIWFIRST] = {
257 .header_type = IW_HEADER_TYPE_PARAM,
258 },
259 [SIOCGIWRATE - SIOCIWFIRST] = {
260 .header_type = IW_HEADER_TYPE_PARAM,
261 },
262 [SIOCSIWRTS - SIOCIWFIRST] = {
263 .header_type = IW_HEADER_TYPE_PARAM,
264 },
265 [SIOCGIWRTS - SIOCIWFIRST] = {
266 .header_type = IW_HEADER_TYPE_PARAM,
267 },
268 [SIOCSIWFRAG - SIOCIWFIRST] = {
269 .header_type = IW_HEADER_TYPE_PARAM,
270 },
271 [SIOCGIWFRAG - SIOCIWFIRST] = {
272 .header_type = IW_HEADER_TYPE_PARAM,
273 },
274 [SIOCSIWTXPOW - SIOCIWFIRST] = {
275 .header_type = IW_HEADER_TYPE_PARAM,
276 },
277 [SIOCGIWTXPOW - SIOCIWFIRST] = {
278 .header_type = IW_HEADER_TYPE_PARAM,
279 },
280 [SIOCSIWRETRY - SIOCIWFIRST] = {
281 .header_type = IW_HEADER_TYPE_PARAM,
282 },
283 [SIOCGIWRETRY - SIOCIWFIRST] = {
284 .header_type = IW_HEADER_TYPE_PARAM,
285 },
286 [SIOCSIWENCODE - SIOCIWFIRST] = {
287 .header_type = IW_HEADER_TYPE_POINT,
288 .token_size = 1,
289 .max_tokens = IW_ENCODING_TOKEN_MAX,
290 .flags = IW_DESCR_FLAG_EVENT | IW_DESCR_FLAG_RESTRICT,
291 },
292 [SIOCGIWENCODE - SIOCIWFIRST] = {
293 .header_type = IW_HEADER_TYPE_POINT,
294 .token_size = 1,
295 .max_tokens = IW_ENCODING_TOKEN_MAX,
296 .flags = IW_DESCR_FLAG_DUMP | IW_DESCR_FLAG_RESTRICT,
297 },
298 [SIOCSIWPOWER - SIOCIWFIRST] = {
299 .header_type = IW_HEADER_TYPE_PARAM,
300 },
301 [SIOCGIWPOWER - SIOCIWFIRST] = {
302 .header_type = IW_HEADER_TYPE_PARAM,
303 },
fff9cfd9
JT		 304 [SIOCSIWGENIE - SIOCIWFIRST] = {
305 .header_type = IW_HEADER_TYPE_POINT,
306 .token_size = 1,
307 .max_tokens = IW_GENERIC_IE_MAX,
308 },
309 [SIOCGIWGENIE - SIOCIWFIRST] = {
310 .header_type = IW_HEADER_TYPE_POINT,
311 .token_size = 1,
312 .max_tokens = IW_GENERIC_IE_MAX,
313 },
314 [SIOCSIWAUTH - SIOCIWFIRST] = {
315 .header_type = IW_HEADER_TYPE_PARAM,
316 },
317 [SIOCGIWAUTH - SIOCIWFIRST] = {
318 .header_type = IW_HEADER_TYPE_PARAM,
319 },
320 [SIOCSIWENCODEEXT - SIOCIWFIRST] = {
321 .header_type = IW_HEADER_TYPE_POINT,
322 .token_size = 1,
323 .min_tokens = sizeof(struct iw_encode_ext),
324 .max_tokens = sizeof(struct iw_encode_ext) +
325 IW_ENCODING_TOKEN_MAX,
326 },
327 [SIOCGIWENCODEEXT - SIOCIWFIRST] = {
328 .header_type = IW_HEADER_TYPE_POINT,
329 .token_size = 1,
330 .min_tokens = sizeof(struct iw_encode_ext),
331 .max_tokens = sizeof(struct iw_encode_ext) +
332 IW_ENCODING_TOKEN_MAX,
333 },
334 [SIOCSIWPMKSA - SIOCIWFIRST] = {
335 .header_type = IW_HEADER_TYPE_POINT,
336 .token_size = 1,
337 .min_tokens = sizeof(struct iw_pmksa),
338 .max_tokens = sizeof(struct iw_pmksa),
339 },
1da177e4 340};
1ac58ee3 341static const unsigned standard_ioctl_num = ARRAY_SIZE(standard_ioctl);
1da177e4
LT		 342
343/*
344 * Meta-data about all the additional standard Wireless Extension events
345 * we know about.
346 */
347static const struct iw_ioctl_description standard_event[] = {
348 [IWEVTXDROP - IWEVFIRST] = {
349 .header_type = IW_HEADER_TYPE_ADDR,
350 },
351 [IWEVQUAL - IWEVFIRST] = {
352 .header_type = IW_HEADER_TYPE_QUAL,
353 },
354 [IWEVCUSTOM - IWEVFIRST] = {
355 .header_type = IW_HEADER_TYPE_POINT,
356 .token_size = 1,
357 .max_tokens = IW_CUSTOM_MAX,
358 },
359 [IWEVREGISTERED - IWEVFIRST] = {
360 .header_type = IW_HEADER_TYPE_ADDR,
361 },
362 [IWEVEXPIRED - IWEVFIRST] = {
4ec93edb 363 .header_type = IW_HEADER_TYPE_ADDR,
1da177e4 364 },
fff9cfd9
JT		 365 [IWEVGENIE - IWEVFIRST] = {
366 .header_type = IW_HEADER_TYPE_POINT,
367 .token_size = 1,
368 .max_tokens = IW_GENERIC_IE_MAX,
369 },
370 [IWEVMICHAELMICFAILURE - IWEVFIRST] = {
4ec93edb 371 .header_type = IW_HEADER_TYPE_POINT,
fff9cfd9
JT		 372 .token_size = 1,
373 .max_tokens = sizeof(struct iw_michaelmicfailure),
374 },
375 [IWEVASSOCREQIE - IWEVFIRST] = {
376 .header_type = IW_HEADER_TYPE_POINT,
377 .token_size = 1,
378 .max_tokens = IW_GENERIC_IE_MAX,
379 },
380 [IWEVASSOCRESPIE - IWEVFIRST] = {
381 .header_type = IW_HEADER_TYPE_POINT,
382 .token_size = 1,
383 .max_tokens = IW_GENERIC_IE_MAX,
384 },
385 [IWEVPMKIDCAND - IWEVFIRST] = {
386 .header_type = IW_HEADER_TYPE_POINT,
387 .token_size = 1,
388 .max_tokens = sizeof(struct iw_pmkid_cand),
389 },
1da177e4 390};
1ac58ee3 391static const unsigned standard_event_num = ARRAY_SIZE(standard_event);
1da177e4
LT		 392
393/* Size (in bytes) of the various private data types */
394static const char iw_priv_type_size[] = {
395 0, /* IW_PRIV_TYPE_NONE */
396 1, /* IW_PRIV_TYPE_BYTE */
397 1, /* IW_PRIV_TYPE_CHAR */
398 0, /* Not defined */
399 sizeof(__u32), /* IW_PRIV_TYPE_INT */
400 sizeof(struct iw_freq), /* IW_PRIV_TYPE_FLOAT */
401 sizeof(struct sockaddr), /* IW_PRIV_TYPE_ADDR */
402 0, /* Not defined */
403};
404
405/* Size (in bytes) of various events */
406static const int event_type_size[] = {
407 IW_EV_LCP_LEN, /* IW_HEADER_TYPE_NULL */
408 0,
409 IW_EV_CHAR_LEN, /* IW_HEADER_TYPE_CHAR */
410 0,
411 IW_EV_UINT_LEN, /* IW_HEADER_TYPE_UINT */
412 IW_EV_FREQ_LEN, /* IW_HEADER_TYPE_FREQ */
413 IW_EV_ADDR_LEN, /* IW_HEADER_TYPE_ADDR */
414 0,
415 IW_EV_POINT_LEN, /* Without variable payload */
416 IW_EV_PARAM_LEN, /* IW_HEADER_TYPE_PARAM */
417 IW_EV_QUAL_LEN, /* IW_HEADER_TYPE_QUAL */
418};
419
c2805fbb 420
1da177e4
LT		 421/************************ COMMON SUBROUTINES ************************/
422/*
423 * Stuff that may be used in various place or doesn't fit in one
424 * of the section below.
425 */
426
427/* ---------------------------------------------------------------- */
428/*
429 * Return the driver handler associated with a specific Wireless Extension.
1da177e4 430 */
bdf51894 431static iw_handler get_handler(struct net_device *dev, unsigned int cmd)
1da177e4
LT		 432{
433 /* Don't "optimise" the following variable, it will crash */
434 unsigned int index; /* *MUST* be unsigned */
435
436 /* Check if we have some wireless handlers defined */
e71a4783 437 if (dev->wireless_handlers == NULL)
1da177e4
LT		 438 return NULL;
439
440 /* Try as a standard command */
441 index = cmd - SIOCIWFIRST;
e71a4783 442 if (index < dev->wireless_handlers->num_standard)
1da177e4
LT		 443 return dev->wireless_handlers->standard[index];
444
445 /* Try as a private command */
446 index = cmd - SIOCIWFIRSTPRIV;
e71a4783 447 if (index < dev->wireless_handlers->num_private)
1da177e4
LT		 448 return dev->wireless_handlers->private[index];
449
450 /* Not found */
451 return NULL;
452}
453
454/* ---------------------------------------------------------------- */
455/*
456 * Get statistics out of the driver
457 */
bdf51894 458static struct iw_statistics *get_wireless_stats(struct net_device *dev)
1da177e4
LT		 459{
460 /* New location */
e71a4783 461 if ((dev->wireless_handlers != NULL) &&
1da177e4
LT		 462 (dev->wireless_handlers->get_wireless_stats != NULL))
463 return dev->wireless_handlers->get_wireless_stats(dev);
464
6582c164 465 /* Not found */
4d44e0df 466 return NULL;
1da177e4
LT		 467}
468
469/* ---------------------------------------------------------------- */
470/*
471 * Call the commit handler in the driver
472 * (if exist and if conditions are right)
473 *
474 * Note : our current commit strategy is currently pretty dumb,
475 * but we will be able to improve on that...
476 * The goal is to try to agreagate as many changes as possible
477 * before doing the commit. Drivers that will define a commit handler
478 * are usually those that need a reset after changing parameters, so
479 * we want to minimise the number of reset.
480 * A cool idea is to use a timer : at each "set" command, we re-set the
481 * timer, when the timer eventually fires, we call the driver.
482 * Hopefully, more on that later.
483 *
484 * Also, I'm waiting to see how many people will complain about the
485 * netif_running(dev) test. I'm open on that one...
486 * Hopefully, the driver will remember to do a commit in "open()" ;-)
487 */
bdf51894 488static int call_commit_handler(struct net_device *dev)
1da177e4 489{
e71a4783 490 if ((netif_running(dev)) &&
4d44e0df 491 (dev->wireless_handlers->standard[0] != NULL))
1da177e4
LT		 492 /* Call the commit handler on the driver */
493 return dev->wireless_handlers->standard[0](dev, NULL,
494 NULL, NULL);
4d44e0df 495 else
1da177e4
LT		 496 return 0; /* Command completed successfully */
497}
498
499/* ---------------------------------------------------------------- */
500/*
501 * Calculate size of private arguments
502 */
25519a2a 503static int get_priv_size(__u16 args)
1da177e4
LT		 504{
505 int num = args & IW_PRIV_SIZE_MASK;
506 int type = (args & IW_PRIV_TYPE_MASK) >> 12;
507
508 return num * iw_priv_type_size[type];
509}
510
511/* ---------------------------------------------------------------- */
512/*
513 * Re-calculate the size of private arguments
514 */
208887d4 515static int adjust_priv_size(__u16 args, struct iw_point *iwp)
1da177e4 516{
208887d4 517 int num = iwp->length;
1da177e4
LT		 518 int max = args & IW_PRIV_SIZE_MASK;
519 int type = (args & IW_PRIV_TYPE_MASK) >> 12;
520
521 /* Make sure the driver doesn't goof up */
522 if (max < num)
523 num = max;
524
525 return num * iw_priv_type_size[type];
526}
527
711e2c33
JT		 528/* ---------------------------------------------------------------- */
529/*
530 * Standard Wireless Handler : get wireless stats
531 * Allow programatic access to /proc/net/wireless even if /proc
532 * doesn't exist... Also more efficient...
533 */
534static int iw_handler_get_iwstats(struct net_device * dev,
535 struct iw_request_info * info,
536 union iwreq_data * wrqu,
537 char * extra)
538{
539 /* Get stats from the driver */
540 struct iw_statistics *stats;
541
542 stats = get_wireless_stats(dev);
4d44e0df 543 if (stats) {
711e2c33
JT		 544 /* Copy statistics to extra */
545 memcpy(extra, stats, sizeof(struct iw_statistics));
546 wrqu->data.length = sizeof(struct iw_statistics);
547
548 /* Check if we need to clear the updated flag */
e71a4783 549 if (wrqu->data.flags != 0)
711e2c33
JT		 550 stats->qual.updated &= ~IW_QUAL_ALL_UPDATED;
551 return 0;
552 } else
553 return -EOPNOTSUPP;
554}
555
556/* ---------------------------------------------------------------- */
557/*
558 * Standard Wireless Handler : get iwpriv definitions
559 * Export the driver private handler definition
560 * They will be picked up by tools like iwpriv...
561 */
562static int iw_handler_get_private(struct net_device * dev,
563 struct iw_request_info * info,
564 union iwreq_data * wrqu,
565 char * extra)
566{
567 /* Check if the driver has something to export */
e71a4783 568 if ((dev->wireless_handlers->num_private_args == 0) ||
711e2c33
JT		 569 (dev->wireless_handlers->private_args == NULL))
570 return -EOPNOTSUPP;
571
572 /* Check if there is enough buffer up there */
e71a4783 573 if (wrqu->data.length < dev->wireless_handlers->num_private_args) {
711e2c33
JT		 574 /* User space can't know in advance how large the buffer
575 * needs to be. Give it a hint, so that we can support
576 * any size buffer we want somewhat efficiently... */
577 wrqu->data.length = dev->wireless_handlers->num_private_args;
578 return -E2BIG;
579 }
580
581 /* Set the number of available ioctls. */
582 wrqu->data.length = dev->wireless_handlers->num_private_args;
583
584 /* Copy structure to the user buffer. */
585 memcpy(extra, dev->wireless_handlers->private_args,
586 sizeof(struct iw_priv_args) * wrqu->data.length);
587
588 return 0;
589}
590
1da177e4
LT		 591
592/******************** /proc/net/wireless SUPPORT ********************/
593/*
594 * The /proc/net/wireless file is a human readable user-space interface
595 * exporting various wireless specific statistics from the wireless devices.
596 * This is the most popular part of the Wireless Extensions ;-)
597 *
598 * This interface is a pure clone of /proc/net/dev (in net/core/dev.c).
599 * The content of the file is basically the content of "struct iw_statistics".
600 */
601
602#ifdef CONFIG_PROC_FS
603
604/* ---------------------------------------------------------------- */
605/*
606 * Print one entry (line) of /proc/net/wireless
607 */
bdf51894
JB		 608static void wireless_seq_printf_stats(struct seq_file *seq,
609 struct net_device *dev)
1da177e4
LT		 610{
611 /* Get stats from the driver */
612 struct iw_statistics *stats = get_wireless_stats(dev);
df2b35b6
JB		 613 static struct iw_statistics nullstats = {};
614
615 /* show device if it's wireless regardless of current stats */
616 if (!stats && dev->wireless_handlers)
617 stats = &nullstats;
1da177e4
LT		 618
619 if (stats) {
620 seq_printf(seq, "%6s: %04x %3d%c %3d%c %3d%c %6d %6d %6d "
621 "%6d %6d %6d\n",
622 dev->name, stats->status, stats->qual.qual,
623 stats->qual.updated & IW_QUAL_QUAL_UPDATED
624 ? '.' : ' ',
4ec93edb 625 ((__s32) stats->qual.level) -
6582c164 626 ((stats->qual.updated & IW_QUAL_DBM) ? 0x100 : 0),
1da177e4
LT		 627 stats->qual.updated & IW_QUAL_LEVEL_UPDATED
628 ? '.' : ' ',
4ec93edb 629 ((__s32) stats->qual.noise) -
6582c164 630 ((stats->qual.updated & IW_QUAL_DBM) ? 0x100 : 0),
1da177e4
LT		 631 stats->qual.updated & IW_QUAL_NOISE_UPDATED
632 ? '.' : ' ',
633 stats->discard.nwid, stats->discard.code,
634 stats->discard.fragment, stats->discard.retries,
635 stats->discard.misc, stats->miss.beacon);
df2b35b6
JB		 636
637 if (stats != &nullstats)
638 stats->qual.updated &= ~IW_QUAL_ALL_UPDATED;
1da177e4
LT		 639 }
640}
641
642/* ---------------------------------------------------------------- */
643/*
644 * Print info for /proc/net/wireless (print all entries)
645 */
87057825 646static int wireless_dev_seq_show(struct seq_file *seq, void *v)
1da177e4 647{
87057825
JB		 648 might_sleep();
649
1da177e4
LT		 650 if (v == SEQ_START_TOKEN)
651 seq_printf(seq, "Inter-| sta-| Quality | Discarded "
652 "packets | Missed | WE\n"
653 " face | tus | link level noise | nwid "
654 "crypt frag retry misc | beacon | %d\n",
655 WIRELESS_EXT);
656 else
657 wireless_seq_printf_stats(seq, v);
658 return 0;
659}
660
7be69c0b 661static void *wireless_dev_seq_start(struct seq_file *seq, loff_t *pos)
7be69c0b 662{
87057825
JB		 663 struct net *net = seq_file_net(seq);
664 loff_t off;
665 struct net_device *dev;
666
7be69c0b 667 rtnl_lock();
87057825
JB		 668 if (!*pos)
669 return SEQ_START_TOKEN;
670
671 off = 1;
672 for_each_netdev(net, dev)
673 if (off++ == *pos)
674 return dev;
675 return NULL;
676}
677
678static void *wireless_dev_seq_next(struct seq_file *seq, void *v, loff_t *pos)
679{
680 struct net *net = seq_file_net(seq);
681
682 ++*pos;
683
684 return v == SEQ_START_TOKEN ?
685 first_net_device(net) : next_net_device(v);
7be69c0b
JB		 686}
687
688static void wireless_dev_seq_stop(struct seq_file *seq, void *v)
7be69c0b 689{
7be69c0b
JB		 690 rtnl_unlock();
691}
692
f690808e 693static const struct seq_operations wireless_seq_ops = {
7be69c0b 694 .start = wireless_dev_seq_start,
87057825 695 .next = wireless_dev_seq_next,
7be69c0b 696 .stop = wireless_dev_seq_stop,
87057825 697 .show = wireless_dev_seq_show,
1da177e4
LT		 698};
699
7be69c0b 700static int seq_open_wireless(struct inode *inode, struct file *file)
1da177e4 701{
e372c414
DL		 702 return seq_open_net(inode, file, &wireless_seq_ops,
703 sizeof(struct seq_net_private));
1da177e4
LT		 704}
705
9a32144e 706static const struct file_operations wireless_seq_fops = {
1da177e4 707 .owner = THIS_MODULE,
7be69c0b 708 .open = seq_open_wireless,
1da177e4
LT		 709 .read = seq_read,
710 .llseek = seq_lseek,
e372c414 711 .release = seq_release_net,
1da177e4
LT		 712};
713
881d966b 714int wext_proc_init(struct net *net)
1da177e4 715{
6582c164 716 /* Create /proc/net/wireless entry */
881d966b 717 if (!proc_net_fops_create(net, "wireless", S_IRUGO, &wireless_seq_fops))
1da177e4
LT		 718 return -ENOMEM;
719
720 return 0;
721}
881d966b
EB		 722
723void wext_proc_exit(struct net *net)
724{
725 proc_net_remove(net, "wireless");
726}
1da177e4
LT		 727#endif /* CONFIG_PROC_FS */
728
729/************************** IOCTL SUPPORT **************************/
730/*
731 * The original user space API to configure all those Wireless Extensions
732 * is through IOCTLs.
733 * In there, we check if we need to call the new driver API (iw_handler)
734 * or just call the driver ioctl handler.
735 */
736
1da177e4 737/* ---------------------------------------------------------------- */
84149b0f
DM		 738static int ioctl_standard_iw_point(struct iw_point *iwp, unsigned int cmd,
739 const struct iw_ioctl_description *descr,
740 iw_handler handler, struct net_device *dev,
741 struct iw_request_info *info)
742{
743 int err, extra_size, user_length = 0, essid_compat = 0;
744 char *extra;
745
746 /* Calculate space needed by arguments. Always allocate
747 * for max space.
748 */
749 extra_size = descr->max_tokens * descr->token_size;
750
751 /* Check need for ESSID compatibility for WE < 21 */
752 switch (cmd) {
753 case SIOCSIWESSID:
754 case SIOCGIWESSID:
755 case SIOCSIWNICKN:
756 case SIOCGIWNICKN:
757 if (iwp->length == descr->max_tokens + 1)
758 essid_compat = 1;
759 else if (IW_IS_SET(cmd) && (iwp->length != 0)) {
760 char essid[IW_ESSID_MAX_SIZE + 1];
761
762 err = copy_from_user(essid, iwp->pointer,
763 iwp->length *
764 descr->token_size);
765 if (err)
766 return -EFAULT;
767
768 if (essid[iwp->length - 1] == '\0')
769 essid_compat = 1;
770 }
771 break;
772 default:
773 break;
774 }
775
776 iwp->length -= essid_compat;
777
778 /* Check what user space is giving us */
779 if (IW_IS_SET(cmd)) {
780 /* Check NULL pointer */
781 if (!iwp->pointer && iwp->length != 0)
782 return -EFAULT;
783 /* Check if number of token fits within bounds */
784 if (iwp->length > descr->max_tokens)
785 return -E2BIG;
786 if (iwp->length < descr->min_tokens)
787 return -EINVAL;
788 } else {
789 /* Check NULL pointer */
790 if (!iwp->pointer)
791 return -EFAULT;
792 /* Save user space buffer size for checking */
793 user_length = iwp->length;
794
795 /* Don't check if user_length > max to allow forward
796 * compatibility. The test user_length < min is
797 * implied by the test at the end.
798 */
799
800 /* Support for very large requests */
801 if ((descr->flags & IW_DESCR_FLAG_NOMAX) &&
802 (user_length > descr->max_tokens)) {
803 /* Allow userspace to GET more than max so
804 * we can support any size GET requests.
805 * There is still a limit : -ENOMEM.
806 */
807 extra_size = user_length * descr->token_size;
808
809 /* Note : user_length is originally a __u16,
810 * and token_size is controlled by us,
811 * so extra_size won't get negative and
812 * won't overflow...
813 */
814 }
815 }
816
817 /* kzalloc() ensures NULL-termination for essid_compat. */
818 extra = kzalloc(extra_size, GFP_KERNEL);
819 if (!extra)
820 return -ENOMEM;
821
822 /* If it is a SET, get all the extra data in here */
823 if (IW_IS_SET(cmd) && (iwp->length != 0)) {
824 if (copy_from_user(extra, iwp->pointer,
825 iwp->length *
826 descr->token_size)) {
827 err = -EFAULT;
828 goto out;
829 }
88f16db7
JB		 830
831 if (cmd == SIOCSIWENCODEEXT) {
832 struct iw_encode_ext *ee = (void *) extra;
833
834 if (iwp->length < sizeof(*ee) + ee->key_len)
835 return -EFAULT;
836 }
84149b0f
DM		 837 }
838
839 err = handler(dev, info, (union iwreq_data *) iwp, extra);
840
841 iwp->length += essid_compat;
842
843 /* If we have something to return to the user */
844 if (!err && IW_IS_GET(cmd)) {
845 /* Check if there is enough buffer up there */
846 if (user_length < iwp->length) {
847 err = -E2BIG;
848 goto out;
849 }
850
851 if (copy_to_user(iwp->pointer, extra,
852 iwp->length *
853 descr->token_size)) {
854 err = -EFAULT;
855 goto out;
856 }
857 }
858
859 /* Generate an event to notify listeners of the change */
860 if ((descr->flags & IW_DESCR_FLAG_EVENT) && err == -EIWCOMMIT) {
861 union iwreq_data *data = (union iwreq_data *) iwp;
862
863 if (descr->flags & IW_DESCR_FLAG_RESTRICT)
864 /* If the event is restricted, don't
865 * export the payload.
866 */
867 wireless_send_event(dev, cmd, data, NULL);
868 else
869 wireless_send_event(dev, cmd, data, extra);
870 }
871
872out:
873 kfree(extra);
874 return err;
875}
876
1da177e4
LT		 877/*
878 * Wrapper to call a standard Wireless Extension handler.
879 * We do various checks and also take care of moving data between
880 * user space and kernel space.
881 */
711e2c33 882static int ioctl_standard_call(struct net_device * dev,
d2911255 883 struct iwreq *iwr,
711e2c33 884 unsigned int cmd,
0f5cabba 885 struct iw_request_info *info,
711e2c33 886 iw_handler handler)
1da177e4 887{
1da177e4 888 const struct iw_ioctl_description * descr;
1da177e4
LT		 889 int ret = -EINVAL;
890
891 /* Get the description of the IOCTL */
e71a4783 892 if ((cmd - SIOCIWFIRST) >= standard_ioctl_num)
1da177e4
LT		 893 return -EOPNOTSUPP;
894 descr = &(standard_ioctl[cmd - SIOCIWFIRST]);
895
1da177e4 896 /* Check if we have a pointer to user space data or not */
e71a4783 897 if (descr->header_type != IW_HEADER_TYPE_POINT) {
1da177e4
LT		 898
899 /* No extra arguments. Trivial to handle */
0f5cabba 900 ret = handler(dev, info, &(iwr->u), NULL);
1da177e4 901
1da177e4 902 /* Generate an event to notify listeners of the change */
e71a4783 903 if ((descr->flags & IW_DESCR_FLAG_EVENT) &&
1da177e4
LT		 904 ((ret == 0) || (ret == -EIWCOMMIT)))
905 wireless_send_event(dev, cmd, &(iwr->u), NULL);
1da177e4 906 } else {
84149b0f 907 ret = ioctl_standard_iw_point(&iwr->u.data, cmd, descr,
0f5cabba 908 handler, dev, info);
1da177e4
LT		 909 }
910
911 /* Call commit handler if needed and defined */
e71a4783 912 if (ret == -EIWCOMMIT)
1da177e4
LT		 913 ret = call_commit_handler(dev);
914
915 /* Here, we will generate the appropriate event if needed */
916
917 return ret;
918}
919
920/* ---------------------------------------------------------------- */
921/*
922 * Wrapper to call a private Wireless Extension handler.
923 * We do various checks and also take care of moving data between
924 * user space and kernel space.
925 * It's not as nice and slimline as the standard wrapper. The cause
926 * is struct iw_priv_args, which was not really designed for the
927 * job we are going here.
928 *
929 * IMPORTANT : This function prevent to set and get data on the same
930 * IOCTL and enforce the SET/GET convention. Not doing it would be
931 * far too hairy...
932 * If you need to set and get data at the same time, please don't use
933 * a iw_handler but process it in your ioctl handler (i.e. use the
934 * old driver API).
935 */
d88174e4
DM		 936static int get_priv_descr_and_size(struct net_device *dev, unsigned int cmd,
937 const struct iw_priv_args **descrp)
1da177e4 938{
d88174e4
DM		 939 const struct iw_priv_args *descr;
940 int i, extra_size;
1da177e4 941
d88174e4
DM		 942 descr = NULL;
943 for (i = 0; i < dev->wireless_handlers->num_private_args; i++) {
e71a4783 944 if (cmd == dev->wireless_handlers->private_args[i].cmd) {
d88174e4 945 descr = &dev->wireless_handlers->private_args[i];
1da177e4
LT		 946 break;
947 }
d88174e4 948 }
1da177e4 949
d88174e4
DM		 950 extra_size = 0;
951 if (descr) {
e71a4783 952 if (IW_IS_SET(cmd)) {
1da177e4
LT		 953 int offset = 0; /* For sub-ioctls */
954 /* Check for sub-ioctl handler */
e71a4783 955 if (descr->name[0] == '\0')
1da177e4
LT		 956 /* Reserve one int for sub-ioctl index */
957 offset = sizeof(__u32);
958
959 /* Size of set arguments */
960 extra_size = get_priv_size(descr->set_args);
961
962 /* Does it fits in iwr ? */
e71a4783 963 if ((descr->set_args & IW_PRIV_SIZE_FIXED) &&
1da177e4
LT		 964 ((extra_size + offset) <= IFNAMSIZ))
965 extra_size = 0;
966 } else {
967 /* Size of get arguments */
968 extra_size = get_priv_size(descr->get_args);
969
970 /* Does it fits in iwr ? */
e71a4783 971 if ((descr->get_args & IW_PRIV_SIZE_FIXED) &&
1da177e4
LT		 972 (extra_size <= IFNAMSIZ))
973 extra_size = 0;
974 }
975 }
d88174e4
DM		 976 *descrp = descr;
977 return extra_size;
978}
1da177e4 979
d88174e4
DM		 980static int ioctl_private_iw_point(struct iw_point *iwp, unsigned int cmd,
981 const struct iw_priv_args *descr,
982 iw_handler handler, struct net_device *dev,
983 struct iw_request_info *info, int extra_size)
984{
985 char *extra;
986 int err;
1da177e4 987
d88174e4
DM		 988 /* Check what user space is giving us */
989 if (IW_IS_SET(cmd)) {
990 if (!iwp->pointer && iwp->length != 0)
991 return -EFAULT;
1da177e4 992
d88174e4
DM		 993 if (iwp->length > (descr->set_args & IW_PRIV_SIZE_MASK))
994 return -E2BIG;
995 } else if (!iwp->pointer)
996 return -EFAULT;
1da177e4 997
d88174e4
DM		 998 extra = kmalloc(extra_size, GFP_KERNEL);
999 if (!extra)
1000 return -ENOMEM;
1da177e4 1001
d88174e4
DM		 1002 /* If it is a SET, get all the extra data in here */
1003 if (IW_IS_SET(cmd) && (iwp->length != 0)) {
1004 if (copy_from_user(extra, iwp->pointer, extra_size)) {
1005 err = -EFAULT;
1006 goto out;
1da177e4 1007 }
d88174e4 1008 }
1da177e4 1009
d88174e4
DM		 1010 /* Call the handler */
1011 err = handler(dev, info, (union iwreq_data *) iwp, extra);
1da177e4 1012
d88174e4
DM		 1013 /* If we have something to return to the user */
1014 if (!err && IW_IS_GET(cmd)) {
1015 /* Adjust for the actual length if it's variable,
1016 * avoid leaking kernel bits outside.
1017 */
1018 if (!(descr->get_args & IW_PRIV_SIZE_FIXED))
1019 extra_size = adjust_priv_size(descr->get_args, iwp);
1da177e4 1020
d88174e4
DM		 1021 if (copy_to_user(iwp->pointer, extra, extra_size))
1022 err = -EFAULT;
1023 }
1da177e4 1024
d88174e4
DM		 1025out:
1026 kfree(extra);
1027 return err;
1028}
1da177e4 1029
d2911255 1030static int ioctl_private_call(struct net_device *dev, struct iwreq *iwr,
0f5cabba
DM		 1031 unsigned int cmd, struct iw_request_info *info,
1032 iw_handler handler)
d88174e4 1033{
d88174e4
DM		 1034 int extra_size = 0, ret = -EINVAL;
1035 const struct iw_priv_args *descr;
d88174e4
DM		 1036
1037 extra_size = get_priv_descr_and_size(dev, cmd, &descr);
1038
d88174e4
DM		 1039 /* Check if we have a pointer to user space data or not. */
1040 if (extra_size == 0) {
1041 /* No extra arguments. Trivial to handle */
0f5cabba 1042 ret = handler(dev, info, &(iwr->u), (char *) &(iwr->u));
d88174e4
DM		 1043 } else {
1044 ret = ioctl_private_iw_point(&iwr->u.data, cmd, descr,
0f5cabba 1045 handler, dev, info, extra_size);
d88174e4 1046 }
1da177e4
LT		 1047
1048 /* Call commit handler if needed and defined */
e71a4783 1049 if (ret == -EIWCOMMIT)
1da177e4
LT		 1050 ret = call_commit_handler(dev);
1051
1052 return ret;
1053}
1054
1055/* ---------------------------------------------------------------- */
d2911255 1056typedef int (*wext_ioctl_func)(struct net_device *, struct iwreq *,
0f5cabba
DM		 1057 unsigned int, struct iw_request_info *,
1058 iw_handler);
ca1e8bb8 1059
1da177e4 1060/*
295f4a1f 1061 * Main IOCTl dispatcher.
1da177e4
LT		 1062 * Check the type of IOCTL and call the appropriate wrapper...
1063 */
ca1e8bb8
DM		 1064static int wireless_process_ioctl(struct net *net, struct ifreq *ifr,
1065 unsigned int cmd,
0f5cabba 1066 struct iw_request_info *info,
ca1e8bb8
DM		 1067 wext_ioctl_func standard,
1068 wext_ioctl_func private)
1da177e4 1069{
d2911255 1070 struct iwreq *iwr = (struct iwreq *) ifr;
1da177e4
LT		 1071 struct net_device *dev;
1072 iw_handler handler;
1073
1074 /* Permissions are already checked in dev_ioctl() before calling us.
1075 * The copy_to/from_user() of ifr is also dealt with in there */
1076
1077 /* Make sure the device exist */
881d966b 1078 if ((dev = __dev_get_by_name(net, ifr->ifr_name)) == NULL)
1da177e4
LT		 1079 return -ENODEV;
1080
1081 /* A bunch of special cases, then the generic case...
1082 * Note that 'cmd' is already filtered in dev_ioctl() with
1083 * (cmd >= SIOCIWFIRST && cmd <= SIOCIWLAST) */
dd8ceabc 1084 if (cmd == SIOCGIWSTATS)
0f5cabba 1085 return standard(dev, iwr, cmd, info,
ca1e8bb8 1086 &iw_handler_get_iwstats);
e71a4783 1087
dd8ceabc 1088 if (cmd == SIOCGIWPRIV && dev->wireless_handlers)
0f5cabba 1089 return standard(dev, iwr, cmd, info,
ca1e8bb8 1090 &iw_handler_get_private);
dd8ceabc
JB		 1091
1092 /* Basic check */
1093 if (!netif_device_present(dev))
1094 return -ENODEV;
1095
1096 /* New driver API : try to find the handler */
1097 handler = get_handler(dev, cmd);
1098 if (handler) {
1099 /* Standard and private are not the same */
1100 if (cmd < SIOCIWFIRSTPRIV)
0f5cabba 1101 return standard(dev, iwr, cmd, info, handler);
dd8ceabc 1102 else
0f5cabba 1103 return private(dev, iwr, cmd, info, handler);
1da177e4 1104 }
dd8ceabc 1105 /* Old driver API : call driver ioctl handler */
148bc430
SH		 1106 if (dev->netdev_ops->ndo_do_ioctl)
1107 return dev->netdev_ops->ndo_do_ioctl(dev, ifr, cmd);
dd8ceabc 1108 return -EOPNOTSUPP;
1da177e4
LT		 1109}
1110
67dd7608
DM		 1111/* If command is `set a parameter', or `get the encoding parameters',
1112 * check if the user has the right to do it.
1113 */
1114static int wext_permission_check(unsigned int cmd)
1115{
1116 if ((IW_IS_SET(cmd) || cmd == SIOCGIWENCODE || cmd == SIOCGIWENCODEEXT)
1117 && !capable(CAP_NET_ADMIN))
1118 return -EPERM;
1119
1120 return 0;
1121}
1122
295f4a1f 1123/* entry point from dev ioctl */
a67fa76d 1124static int wext_ioctl_dispatch(struct net *net, struct ifreq *ifr,
0f5cabba 1125 unsigned int cmd, struct iw_request_info *info,
a67fa76d
DM		 1126 wext_ioctl_func standard,
1127 wext_ioctl_func private)
295f4a1f 1128{
67dd7608 1129 int ret = wext_permission_check(cmd);
295f4a1f 1130
67dd7608
DM		 1131 if (ret)
1132 return ret;
dd8ceabc 1133
881d966b 1134 dev_load(net, ifr->ifr_name);
295f4a1f 1135 rtnl_lock();
0f5cabba 1136 ret = wireless_process_ioctl(net, ifr, cmd, info, standard, private);
295f4a1f 1137 rtnl_unlock();
a67fa76d
DM		 1138
1139 return ret;
1140}
1141
1142int wext_handle_ioctl(struct net *net, struct ifreq *ifr, unsigned int cmd,
1143 void __user *arg)
1144{
0f5cabba
DM		 1145 struct iw_request_info info = { .cmd = cmd, .flags = 0 };
1146 int ret;
a67fa76d 1147
0f5cabba
DM		 1148 ret = wext_ioctl_dispatch(net, ifr, cmd, &info,
1149 ioctl_standard_call,
1150 ioctl_private_call);
a67fa76d
DM		 1151 if (ret >= 0 &&
1152 IW_IS_GET(cmd) &&
1153 copy_to_user(arg, ifr, sizeof(struct iwreq)))
295f4a1f 1154 return -EFAULT;
a67fa76d 1155
295f4a1f
JB		 1156 return ret;
1157}
711e2c33 1158
87de87d5
DM		 1159#ifdef CONFIG_COMPAT
1160static int compat_standard_call(struct net_device *dev,
1161 struct iwreq *iwr,
1162 unsigned int cmd,
0f5cabba 1163 struct iw_request_info *info,
87de87d5
DM		 1164 iw_handler handler)
1165{
1166 const struct iw_ioctl_description *descr;
1167 struct compat_iw_point *iwp_compat;
87de87d5
DM		 1168 struct iw_point iwp;
1169 int err;
1170
1171 descr = standard_ioctl + (cmd - SIOCIWFIRST);
1172
1173 if (descr->header_type != IW_HEADER_TYPE_POINT)
0f5cabba 1174 return ioctl_standard_call(dev, iwr, cmd, info, handler);
87de87d5
DM		 1175
1176 iwp_compat = (struct compat_iw_point *) &iwr->u.data;
1177 iwp.pointer = compat_ptr(iwp_compat->pointer);
1178 iwp.length = iwp_compat->length;
1179 iwp.flags = iwp_compat->flags;
1180
0f5cabba 1181 err = ioctl_standard_iw_point(&iwp, cmd, descr, handler, dev, info);
87de87d5
DM		 1182
1183 iwp_compat->pointer = ptr_to_compat(iwp.pointer);
1184 iwp_compat->length = iwp.length;
1185 iwp_compat->flags = iwp.flags;
1186
1187 return err;
1188}
1189
1190static int compat_private_call(struct net_device *dev, struct iwreq *iwr,
0f5cabba
DM		 1191 unsigned int cmd, struct iw_request_info *info,
1192 iw_handler handler)
87de87d5
DM		 1193{
1194 const struct iw_priv_args *descr;
87de87d5
DM		 1195 int ret, extra_size;
1196
1197 extra_size = get_priv_descr_and_size(dev, cmd, &descr);
1198
87de87d5
DM		 1199 /* Check if we have a pointer to user space data or not. */
1200 if (extra_size == 0) {
1201 /* No extra arguments. Trivial to handle */
0f5cabba 1202 ret = handler(dev, info, &(iwr->u), (char *) &(iwr->u));
87de87d5
DM		 1203 } else {
1204 struct compat_iw_point *iwp_compat;
1205 struct iw_point iwp;
1206
1207 iwp_compat = (struct compat_iw_point *) &iwr->u.data;
1208 iwp.pointer = compat_ptr(iwp_compat->pointer);
1209 iwp.length = iwp_compat->length;
1210 iwp.flags = iwp_compat->flags;
1211
1212 ret = ioctl_private_iw_point(&iwp, cmd, descr,
0f5cabba 1213 handler, dev, info, extra_size);
87de87d5
DM		 1214
1215 iwp_compat->pointer = ptr_to_compat(iwp.pointer);
1216 iwp_compat->length = iwp.length;
1217 iwp_compat->flags = iwp.flags;
1218 }
1219
1220 /* Call commit handler if needed and defined */
1221 if (ret == -EIWCOMMIT)
1222 ret = call_commit_handler(dev);
1223
1224 return ret;
1225}
1226
1227int compat_wext_handle_ioctl(struct net *net, unsigned int cmd,
1228 unsigned long arg)
1229{
1230 void __user *argp = (void __user *)arg;
0f5cabba 1231 struct iw_request_info info;
87de87d5
DM		 1232 struct iwreq iwr;
1233 char *colon;
1234 int ret;
1235
1236 if (copy_from_user(&iwr, argp, sizeof(struct iwreq)))
1237 return -EFAULT;
1238
1239 iwr.ifr_name[IFNAMSIZ-1] = 0;
1240 colon = strchr(iwr.ifr_name, ':');
1241 if (colon)
1242 *colon = 0;
1243
0f5cabba
DM		 1244 info.cmd = cmd;
1245 info.flags = IW_REQUEST_FLAG_COMPAT;
1246
1247 ret = wext_ioctl_dispatch(net, (struct ifreq *) &iwr, cmd, &info,
87de87d5
DM		 1248 compat_standard_call,
1249 compat_private_call);
1250
1251 if (ret >= 0 &&
1252 IW_IS_GET(cmd) &&
1253 copy_to_user(argp, &iwr, sizeof(struct iwreq)))
1254 return -EFAULT;
1255
1256 return ret;
1257}
1258#endif
1259
b333b3d2
JB		 1260static int __net_init wext_pernet_init(struct net *net)
1261{
1262 skb_queue_head_init(&net->wext_nlevents);
1263 return 0;
1264}
1da177e4 1265
b333b3d2
JB		 1266static void __net_exit wext_pernet_exit(struct net *net)
1267{
1268 skb_queue_purge(&net->wext_nlevents);
1269}
baef1865 1270
b333b3d2
JB		 1271static struct pernet_operations wext_pernet_ops = {
1272 .init = wext_pernet_init,
1273 .exit = wext_pernet_exit,
1274};
782a6675 1275
baef1865
JL		 1276static int __init wireless_nlevent_init(void)
1277{
b333b3d2 1278 return register_pernet_subsys(&wext_pernet_ops);
baef1865
JL		 1279 return 0;
1280}
1281
1282subsys_initcall(wireless_nlevent_init);
1283
b333b3d2
JB		 1284/* Process events generated by the wireless layer or the driver. */
1285static void wireless_nlevent_process(struct work_struct *work)
782a6675
HX		 1286{
1287 struct sk_buff *skb;
b333b3d2
JB		 1288 struct net *net;
1289
1290 rtnl_lock();
782a6675 1291
b333b3d2
JB		 1292 for_each_net(net) {
1293 while ((skb = skb_dequeue(&net->wext_nlevents)))
1294 rtnl_notify(skb, net, 0, RTNLGRP_LINK, NULL,
1295 GFP_KERNEL);
1296 }
1297
1298 rtnl_unlock();
782a6675
HX		 1299}
1300
b333b3d2 1301static DECLARE_WORK(wireless_nlevent_work, wireless_nlevent_process);
782a6675 1302
1da177e4
LT		 1303/* ---------------------------------------------------------------- */
1304/*
1305 * Fill a rtnetlink message with our event data.
1306 * Note that we propage only the specified event and don't dump the
1307 * current wireless config. Dumping the wireless config is far too
1308 * expensive (for each parameter, the driver need to query the hardware).
1309 */
bdf51894
JB		 1310static int rtnetlink_fill_iwinfo(struct sk_buff *skb, struct net_device *dev,
1311 int type, char *event, int event_len)
1da177e4
LT		 1312{
1313 struct ifinfomsg *r;
1314 struct nlmsghdr *nlh;
1da177e4 1315
744b096e
TG		 1316 nlh = nlmsg_put(skb, 0, 0, type, sizeof(*r), 0);
1317 if (nlh == NULL)
1318 return -EMSGSIZE;
1319
1320 r = nlmsg_data(nlh);
1da177e4 1321 r->ifi_family = AF_UNSPEC;
9ef1d4c7 1322 r->__ifi_pad = 0;
1da177e4
LT		 1323 r->ifi_type = dev->type;
1324 r->ifi_index = dev->ifindex;
711e2c33 1325 r->ifi_flags = dev_get_flags(dev);
1da177e4
LT		 1326 r->ifi_change = 0; /* Wireless changes don't affect those flags */
1327
317900cb 1328 NLA_PUT_STRING(skb, IFLA_IFNAME, dev->name);
1da177e4 1329 /* Add the wireless events in the netlink packet */
744b096e 1330 NLA_PUT(skb, IFLA_WIRELESS, event_len, event);
1da177e4 1331
744b096e 1332 return nlmsg_end(skb, nlh);
1da177e4 1333
744b096e
TG		 1334nla_put_failure:
1335 nlmsg_cancel(skb, nlh);
1336 return -EMSGSIZE;
1da177e4
LT		 1337}
1338
1339/* ---------------------------------------------------------------- */
1340/*
1341 * Create and broadcast and send it on the standard rtnetlink socket
1342 * This is a pure clone rtmsg_ifinfo() in net/core/rtnetlink.c
1343 * Andrzej Krzysztofowicz mandated that I used a IFLA_XXX field
1344 * within a RTM_NEWLINK event.
1345 */
bdf51894 1346static void rtmsg_iwinfo(struct net_device *dev, char *event, int event_len)
1da177e4
LT		 1347{
1348 struct sk_buff *skb;
744b096e 1349 int err;
1da177e4 1350
744b096e 1351 skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC);
1da177e4
LT		 1352 if (!skb)
1353 return;
1354
744b096e
TG		 1355 err = rtnetlink_fill_iwinfo(skb, dev, RTM_NEWLINK, event, event_len);
1356 if (err < 0) {
1357 WARN_ON(err == -EMSGSIZE);
1da177e4
LT		 1358 kfree_skb(skb);
1359 return;
1360 }
744b096e 1361
ac6d439d 1362 NETLINK_CB(skb).dst_group = RTNLGRP_LINK;
b333b3d2
JB		 1363 skb_queue_tail(&dev_net(dev)->wext_nlevents, skb);
1364 schedule_work(&wireless_nlevent_work);
782a6675
HX		 1365}
1366
1da177e4
LT		 1367/* ---------------------------------------------------------------- */
1368/*
1369 * Main event dispatcher. Called from other parts and drivers.
1370 * Send the event on the appropriate channels.
1371 * May be called from interrupt context.
1372 */
1373void wireless_send_event(struct net_device * dev,
1374 unsigned int cmd,
1375 union iwreq_data * wrqu,
5121ea04 1376 const char * extra)
1da177e4
LT		 1377{
1378 const struct iw_ioctl_description * descr = NULL;
1379 int extra_len = 0;
1380 struct iw_event *event; /* Mallocated whole event */
1381 int event_len; /* Its size */
1382 int hdr_len; /* Size of the event header */
6582c164 1383 int wrqu_off = 0; /* Offset in wrqu */
1da177e4
LT		 1384 /* Don't "optimise" the following variable, it will crash */
1385 unsigned cmd_index; /* *MUST* be unsigned */
1386
6582c164 1387 /* Get the description of the Event */
e71a4783 1388 if (cmd <= SIOCIWLAST) {
1da177e4 1389 cmd_index = cmd - SIOCIWFIRST;
e71a4783 1390 if (cmd_index < standard_ioctl_num)
1da177e4
LT		 1391 descr = &(standard_ioctl[cmd_index]);
1392 } else {
1393 cmd_index = cmd - IWEVFIRST;
e71a4783 1394 if (cmd_index < standard_event_num)
1da177e4
LT		 1395 descr = &(standard_event[cmd_index]);
1396 }
1397 /* Don't accept unknown events */
e71a4783 1398 if (descr == NULL) {
1da177e4
LT		 1399 /* Note : we don't return an error to the driver, because
1400 * the driver would not know what to do about it. It can't
1401 * return an error to the user, because the event is not
1402 * initiated by a user request.
1403 * The best the driver could do is to log an error message.
1404 * We will do it ourselves instead...
1405 */
4ec93edb 1406 printk(KERN_ERR "%s (WE) : Invalid/Unknown Wireless Event (0x%04X)\n",
1da177e4
LT		 1407 dev->name, cmd);
1408 return;
1409 }
1da177e4
LT		 1410
1411 /* Check extra parameters and set extra_len */
e71a4783 1412 if (descr->header_type == IW_HEADER_TYPE_POINT) {
1da177e4 1413 /* Check if number of token fits within bounds */
e71a4783 1414 if (wrqu->data.length > descr->max_tokens) {
4ec93edb 1415 printk(KERN_ERR "%s (WE) : Wireless Event too big (%d)\n", dev->name, wrqu->data.length);
1da177e4
LT		 1416 return;
1417 }
e71a4783 1418 if (wrqu->data.length < descr->min_tokens) {
4ec93edb 1419 printk(KERN_ERR "%s (WE) : Wireless Event too small (%d)\n", dev->name, wrqu->data.length);
1da177e4
LT		 1420 return;
1421 }
1422 /* Calculate extra_len - extra is NULL for restricted events */
e71a4783 1423 if (extra != NULL)
1da177e4 1424 extra_len = wrqu->data.length * descr->token_size;
6582c164
JT		 1425 /* Always at an offset in wrqu */
1426 wrqu_off = IW_EV_POINT_OFF;
1da177e4
LT		 1427 }
1428
1429 /* Total length of the event */
1430 hdr_len = event_type_size[descr->header_type];
1431 event_len = hdr_len + extra_len;
1432
1da177e4
LT		 1433 /* Create temporary buffer to hold the event */
1434 event = kmalloc(event_len, GFP_ATOMIC);
e71a4783 1435 if (event == NULL)
1da177e4
LT		 1436 return;
1437
1438 /* Fill event */
1439 event->len = event_len;
1440 event->cmd = cmd;
6582c164 1441 memcpy(&event->u, ((char *) wrqu) + wrqu_off, hdr_len - IW_EV_LCP_LEN);
4d44e0df 1442 if (extra)
1da177e4
LT		 1443 memcpy(((char *) event) + hdr_len, extra, extra_len);
1444
711e2c33 1445 /* Send via the RtNetlink event channel */
1da177e4 1446 rtmsg_iwinfo(dev, (char *) event, event_len);
1da177e4
LT		 1447
1448 /* Cleanup */
1449 kfree(event);
1450
1451 return; /* Always success, I guess ;-) */
1452}
7a9df167 1453EXPORT_SYMBOL(wireless_send_event);
1da177e4
LT		 1454
1455/********************** ENHANCED IWSPY SUPPORT **********************/
1456/*
1457 * In the old days, the driver was handling spy support all by itself.
1458 * Now, the driver can delegate this task to Wireless Extensions.
1459 * It needs to use those standard spy iw_handler in struct iw_handler_def,
1460 * push data to us via wireless_spy_update() and include struct iw_spy_data
6582c164 1461 * in its private part (and export it in net_device->wireless_data->spy_data).
1da177e4
LT		 1462 * One of the main advantage of centralising spy support here is that
1463 * it becomes much easier to improve and extend it without having to touch
1464 * the drivers. One example is the addition of the Spy-Threshold events.
1465 */
1466
1467/* ---------------------------------------------------------------- */
1468/*
1469 * Return the pointer to the spy data in the driver.
1470 * Because this is called on the Rx path via wireless_spy_update(),
1471 * we want it to be efficient...
1472 */
4d44e0df 1473static inline struct iw_spy_data *get_spydata(struct net_device *dev)
1da177e4
LT		 1474{
1475 /* This is the new way */
e71a4783 1476 if (dev->wireless_data)
4d44e0df 1477 return dev->wireless_data->spy_data;
6582c164 1478 return NULL;
1da177e4
LT		 1479}
1480
1481/*------------------------------------------------------------------*/
1482/*
1483 * Standard Wireless Handler : set Spy List
1484 */
1485int iw_handler_set_spy(struct net_device * dev,
1486 struct iw_request_info * info,
1487 union iwreq_data * wrqu,
1488 char * extra)
1489{
1490 struct iw_spy_data * spydata = get_spydata(dev);
1491 struct sockaddr * address = (struct sockaddr *) extra;
1492
1da177e4 1493 /* Make sure driver is not buggy or using the old API */
e71a4783 1494 if (!spydata)
1da177e4
LT		 1495 return -EOPNOTSUPP;
1496
1497 /* Disable spy collection while we copy the addresses.
1498 * While we copy addresses, any call to wireless_spy_update()
1499 * will NOP. This is OK, as anyway the addresses are changing. */
1500 spydata->spy_number = 0;
1501
1502 /* We want to operate without locking, because wireless_spy_update()
1503 * most likely will happen in the interrupt handler, and therefore
1504 * have its own locking constraints and needs performance.
1505 * The rtnl_lock() make sure we don't race with the other iw_handlers.
1506 * This make sure wireless_spy_update() "see" that the spy list
1507 * is temporarily disabled. */
e16aa207 1508 smp_wmb();
1da177e4
LT		 1509
1510 /* Are there are addresses to copy? */
e71a4783 1511 if (wrqu->data.length > 0) {
1da177e4
LT		 1512 int i;
1513
1514 /* Copy addresses */
e71a4783 1515 for (i = 0; i < wrqu->data.length; i++)
1da177e4
LT		 1516 memcpy(spydata->spy_address[i], address[i].sa_data,
1517 ETH_ALEN);
1518 /* Reset stats */
1519 memset(spydata->spy_stat, 0,
1520 sizeof(struct iw_quality) * IW_MAX_SPY);
1da177e4
LT		 1521 }
1522
1523 /* Make sure above is updated before re-enabling */
e16aa207 1524 smp_wmb();
1da177e4
LT		 1525
1526 /* Enable addresses */
1527 spydata->spy_number = wrqu->data.length;
1528
1529 return 0;
1530}
7a9df167 1531EXPORT_SYMBOL(iw_handler_set_spy);
1da177e4
LT		 1532
1533/*------------------------------------------------------------------*/
1534/*
1535 * Standard Wireless Handler : get Spy List
1536 */
1537int iw_handler_get_spy(struct net_device * dev,
1538 struct iw_request_info * info,
1539 union iwreq_data * wrqu,
1540 char * extra)
1541{
1542 struct iw_spy_data * spydata = get_spydata(dev);
1543 struct sockaddr * address = (struct sockaddr *) extra;
1544 int i;
1545
1546 /* Make sure driver is not buggy or using the old API */
e71a4783 1547 if (!spydata)
1da177e4
LT		 1548 return -EOPNOTSUPP;
1549
1550 wrqu->data.length = spydata->spy_number;
1551
1552 /* Copy addresses. */
e71a4783 1553 for (i = 0; i < spydata->spy_number; i++) {
1da177e4
LT		 1554 memcpy(address[i].sa_data, spydata->spy_address[i], ETH_ALEN);
1555 address[i].sa_family = AF_UNIX;
1556 }
1557 /* Copy stats to the user buffer (just after). */
e71a4783 1558 if (spydata->spy_number > 0)
1da177e4
LT		 1559 memcpy(extra + (sizeof(struct sockaddr) *spydata->spy_number),
1560 spydata->spy_stat,
1561 sizeof(struct iw_quality) * spydata->spy_number);
1562 /* Reset updated flags. */
e71a4783 1563 for (i = 0; i < spydata->spy_number; i++)
6582c164 1564 spydata->spy_stat[i].updated &= ~IW_QUAL_ALL_UPDATED;
1da177e4
LT		 1565 return 0;
1566}
7a9df167 1567EXPORT_SYMBOL(iw_handler_get_spy);
1da177e4
LT		 1568
1569/*------------------------------------------------------------------*/
1570/*
1571 * Standard Wireless Handler : set spy threshold
1572 */
1573int iw_handler_set_thrspy(struct net_device * dev,
1574 struct iw_request_info *info,
1575 union iwreq_data * wrqu,
1576 char * extra)
1577{
1578 struct iw_spy_data * spydata = get_spydata(dev);
1579 struct iw_thrspy * threshold = (struct iw_thrspy *) extra;
1580
1581 /* Make sure driver is not buggy or using the old API */
e71a4783 1582 if (!spydata)
1da177e4
LT		 1583 return -EOPNOTSUPP;
1584
1585 /* Just do it */
1586 memcpy(&(spydata->spy_thr_low), &(threshold->low),
1587 2 * sizeof(struct iw_quality));
1588
1589 /* Clear flag */
1590 memset(spydata->spy_thr_under, '\0', sizeof(spydata->spy_thr_under));
1591
1da177e4
LT		 1592 return 0;
1593}
7a9df167 1594EXPORT_SYMBOL(iw_handler_set_thrspy);
1da177e4
LT		 1595
1596/*------------------------------------------------------------------*/
1597/*
1598 * Standard Wireless Handler : get spy threshold
1599 */
1600int iw_handler_get_thrspy(struct net_device * dev,
1601 struct iw_request_info *info,
1602 union iwreq_data * wrqu,
1603 char * extra)
1604{
1605 struct iw_spy_data * spydata = get_spydata(dev);
1606 struct iw_thrspy * threshold = (struct iw_thrspy *) extra;
1607
1608 /* Make sure driver is not buggy or using the old API */
e71a4783 1609 if (!spydata)
1da177e4
LT		 1610 return -EOPNOTSUPP;
1611
1612 /* Just do it */
1613 memcpy(&(threshold->low), &(spydata->spy_thr_low),
1614 2 * sizeof(struct iw_quality));
1615
1616 return 0;
1617}
7a9df167 1618EXPORT_SYMBOL(iw_handler_get_thrspy);
1da177e4
LT		 1619
1620/*------------------------------------------------------------------*/
1621/*
1622 * Prepare and send a Spy Threshold event
1623 */
1624static void iw_send_thrspy_event(struct net_device * dev,
1625 struct iw_spy_data * spydata,
1626 unsigned char * address,
1627 struct iw_quality * wstats)
1628{
1629 union iwreq_data wrqu;
1630 struct iw_thrspy threshold;
1631
1632 /* Init */
1633 wrqu.data.length = 1;
1634 wrqu.data.flags = 0;
1635 /* Copy address */
1636 memcpy(threshold.addr.sa_data, address, ETH_ALEN);
1637 threshold.addr.sa_family = ARPHRD_ETHER;
1638 /* Copy stats */
1639 memcpy(&(threshold.qual), wstats, sizeof(struct iw_quality));
1640 /* Copy also thresholds */
1641 memcpy(&(threshold.low), &(spydata->spy_thr_low),
1642 2 * sizeof(struct iw_quality));
1643
1da177e4
LT		 1644 /* Send event to user space */
1645 wireless_send_event(dev, SIOCGIWTHRSPY, &wrqu, (char *) &threshold);
1646}
1647
1648/* ---------------------------------------------------------------- */
1649/*
1650 * Call for the driver to update the spy data.
1651 * For now, the spy data is a simple array. As the size of the array is
1652 * small, this is good enough. If we wanted to support larger number of
1653 * spy addresses, we should use something more efficient...
1654 */
1655void wireless_spy_update(struct net_device * dev,
1656 unsigned char * address,
1657 struct iw_quality * wstats)
1658{
1659 struct iw_spy_data * spydata = get_spydata(dev);
1660 int i;
1661 int match = -1;
1662
1663 /* Make sure driver is not buggy or using the old API */
e71a4783 1664 if (!spydata)
1da177e4
LT		 1665 return;
1666
1da177e4 1667 /* Update all records that match */
e71a4783
SH		 1668 for (i = 0; i < spydata->spy_number; i++)
1669 if (!compare_ether_addr(address, spydata->spy_address[i])) {
1da177e4
LT		 1670 memcpy(&(spydata->spy_stat[i]), wstats,
1671 sizeof(struct iw_quality));
1672 match = i;
1673 }
1674
1675 /* Generate an event if we cross the spy threshold.
1676 * To avoid event storms, we have a simple hysteresis : we generate
1677 * event only when we go under the low threshold or above the
1678 * high threshold. */
e71a4783
SH		 1679 if (match >= 0) {
1680 if (spydata->spy_thr_under[match]) {
1681 if (wstats->level > spydata->spy_thr_high.level) {
1da177e4
LT		 1682 spydata->spy_thr_under[match] = 0;
1683 iw_send_thrspy_event(dev, spydata,
1684 address, wstats);
1685 }
1686 } else {
e71a4783 1687 if (wstats->level < spydata->spy_thr_low.level) {
1da177e4
LT		 1688 spydata->spy_thr_under[match] = 1;
1689 iw_send_thrspy_event(dev, spydata,
1690 address, wstats);
1691 }
1692 }
1693 }
1694}
1da177e4 1695EXPORT_SYMBOL(wireless_spy_update);
Ubuntu Jammy Linux kernel mirror