]> git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/blob - net/core/wireless.c
projects / mirror_ubuntu-artful-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
[NETLINK]: Use nlmsg_trim() where appropriate
[mirror_ubuntu-artful-kernel.git] / net / core / wireless.c
1 /*
2 * This file implement the Wireless Extensions APIs.
3 *
4 * Authors : Jean Tourrilhes - HPL - <jt@hpl.hp.com>
5 * Copyright (c) 1997-2007 Jean Tourrilhes, All Rights Reserved.
6 *
7 * (As all part of the Linux kernel, this file is GPL)
8 */
9
10 /************************** DOCUMENTATION **************************/
11 /*
12 * API definition :
13 * --------------
14 * See <linux/wireless.h> for details of the APIs and the rest.
15 *
16 * History :
17 * -------
18 *
19 * v1 - 5.12.01 - Jean II
20 * o Created this file.
21 *
22 * v2 - 13.12.01 - Jean II
23 * o Move /proc/net/wireless stuff from net/core/dev.c to here
24 * o Make Wireless Extension IOCTLs go through here
25 * o Added iw_handler handling ;-)
26 * o Added standard ioctl description
27 * o Initial dumb commit strategy based on orinoco.c
28 *
29 * v3 - 19.12.01 - Jean II
30 * o Make sure we don't go out of standard_ioctl[] in ioctl_standard_call
31 * o Add event dispatcher function
32 * o Add event description
33 * o Propagate events as rtnetlink IFLA_WIRELESS option
34 * o Generate event on selected SET requests
35 *
36 * v4 - 18.04.02 - Jean II
37 * o Fix stupid off by one in iw_ioctl_description : IW_ESSID_MAX_SIZE + 1
38 *
39 * v5 - 21.06.02 - Jean II
40 * o Add IW_PRIV_TYPE_ADDR in priv_type_size (+cleanup)
41 * o Reshuffle IW_HEADER_TYPE_XXX to map IW_PRIV_TYPE_XXX changes
42 * o Add IWEVCUSTOM for driver specific event/scanning token
43 * o Turn on WE_STRICT_WRITE by default + kernel warning
44 * o Fix WE_STRICT_WRITE in ioctl_export_private() (32 => iw_num)
45 * o Fix off-by-one in test (extra_size <= IFNAMSIZ)
46 *
47 * v6 - 9.01.03 - Jean II
48 * o Add common spy support : iw_handler_set_spy(), wireless_spy_update()
49 * o Add enhanced spy support : iw_handler_set_thrspy() and event.
50 * o Add WIRELESS_EXT version display in /proc/net/wireless
51 *
52 * v6 - 18.06.04 - Jean II
53 * o Change get_spydata() method for added safety
54 * o Remove spy #ifdef, they are always on -> cleaner code
55 * o Allow any size GET request if user specifies length > max
56 * and if request has IW_DESCR_FLAG_NOMAX flag or is SIOCGIWPRIV
57 * o Start migrating get_wireless_stats to struct iw_handler_def
58 * o Add wmb() in iw_handler_set_spy() for non-coherent archs/cpus
59 * Based on patch from Pavel Roskin <proski@gnu.org> :
60 * o Fix kernel data leak to user space in private handler handling
61 *
62 * v7 - 18.3.05 - Jean II
63 * o Remove (struct iw_point *)->pointer from events and streams
64 * o Remove spy_offset from struct iw_handler_def
65 * o Start deprecating dev->get_wireless_stats, output a warning
66 * o If IW_QUAL_DBM is set, show dBm values in /proc/net/wireless
67 * o Don't loose INVALID/DBM flags when clearing UPDATED flags (iwstats)
68 *
69 * v8 - 17.02.06 - Jean II
70 * o RtNetlink requests support (SET/GET)
71 *
72 * v8b - 03.08.06 - Herbert Xu
73 * o Fix Wireless Event locking issues.
74 *
75 * v9 - 14.3.06 - Jean II
76 * o Change length in ESSID and NICK to strlen() instead of strlen()+1
77 * o Make standard_ioctl_num and standard_event_num unsigned
78 * o Remove (struct net_device *)->get_wireless_stats()
79 *
80 * v10 - 16.3.07 - Jean II
81 * o Prevent leaking of kernel space in stream on 64 bits.
82 */
83
84 /***************************** INCLUDES *****************************/
85
86 #include <linux/module.h>
87 #include <linux/types.h> /* off_t */
88 #include <linux/netdevice.h> /* struct ifreq, dev_get_by_name() */
89 #include <linux/proc_fs.h>
90 #include <linux/rtnetlink.h> /* rtnetlink stuff */
91 #include <linux/seq_file.h>
92 #include <linux/init.h> /* for __init */
93 #include <linux/if_arp.h> /* ARPHRD_ETHER */
94 #include <linux/etherdevice.h> /* compare_ether_addr */
95 #include <linux/interrupt.h>
96
97 #include <linux/wireless.h> /* Pretty obvious */
98 #include <net/iw_handler.h> /* New driver API */
99 #include <net/netlink.h>
100
101 #include <asm/uaccess.h> /* copy_to_user() */
102
103 /**************************** CONSTANTS ****************************/
104
105 /* Debugging stuff */
106 #undef WE_IOCTL_DEBUG /* Debug IOCTL API */
107 #undef WE_RTNETLINK_DEBUG /* Debug RtNetlink API */
108 #undef WE_EVENT_DEBUG /* Debug Event dispatcher */
109 #undef WE_SPY_DEBUG /* Debug enhanced spy support */
110
111 /* Options */
112 //CONFIG_NET_WIRELESS_RTNETLINK /* Wireless requests over RtNetlink */
113 #define WE_EVENT_RTNETLINK /* Propagate events using RtNetlink */
114 #define WE_SET_EVENT /* Generate an event on some set commands */
115
116 /************************* GLOBAL VARIABLES *************************/
117 /*
118 * You should not use global variables, because of re-entrancy.
119 * On our case, it's only const, so it's OK...
120 */
121 /*
122 * Meta-data about all the standard Wireless Extension request we
123 * know about.
124 */
125 static const struct iw_ioctl_description standard_ioctl[] = {
126 [SIOCSIWCOMMIT - SIOCIWFIRST] = {
127 .header_type = IW_HEADER_TYPE_NULL,
128 },
129 [SIOCGIWNAME - SIOCIWFIRST] = {
130 .header_type = IW_HEADER_TYPE_CHAR,
131 .flags = IW_DESCR_FLAG_DUMP,
132 },
133 [SIOCSIWNWID - SIOCIWFIRST] = {
134 .header_type = IW_HEADER_TYPE_PARAM,
135 .flags = IW_DESCR_FLAG_EVENT,
136 },
137 [SIOCGIWNWID - SIOCIWFIRST] = {
138 .header_type = IW_HEADER_TYPE_PARAM,
139 .flags = IW_DESCR_FLAG_DUMP,
140 },
141 [SIOCSIWFREQ - SIOCIWFIRST] = {
142 .header_type = IW_HEADER_TYPE_FREQ,
143 .flags = IW_DESCR_FLAG_EVENT,
144 },
145 [SIOCGIWFREQ - SIOCIWFIRST] = {
146 .header_type = IW_HEADER_TYPE_FREQ,
147 .flags = IW_DESCR_FLAG_DUMP,
148 },
149 [SIOCSIWMODE - SIOCIWFIRST] = {
150 .header_type = IW_HEADER_TYPE_UINT,
151 .flags = IW_DESCR_FLAG_EVENT,
152 },
153 [SIOCGIWMODE - SIOCIWFIRST] = {
154 .header_type = IW_HEADER_TYPE_UINT,
155 .flags = IW_DESCR_FLAG_DUMP,
156 },
157 [SIOCSIWSENS - SIOCIWFIRST] = {
158 .header_type = IW_HEADER_TYPE_PARAM,
159 },
160 [SIOCGIWSENS - SIOCIWFIRST] = {
161 .header_type = IW_HEADER_TYPE_PARAM,
162 },
163 [SIOCSIWRANGE - SIOCIWFIRST] = {
164 .header_type = IW_HEADER_TYPE_NULL,
165 },
166 [SIOCGIWRANGE - SIOCIWFIRST] = {
167 .header_type = IW_HEADER_TYPE_POINT,
168 .token_size = 1,
169 .max_tokens = sizeof(struct iw_range),
170 .flags = IW_DESCR_FLAG_DUMP,
171 },
172 [SIOCSIWPRIV - SIOCIWFIRST] = {
173 .header_type = IW_HEADER_TYPE_NULL,
174 },
175 [SIOCGIWPRIV - SIOCIWFIRST] = { /* (handled directly by us) */
176 .header_type = IW_HEADER_TYPE_POINT,
177 .token_size = sizeof(struct iw_priv_args),
178 .max_tokens = 16,
179 .flags = IW_DESCR_FLAG_NOMAX,
180 },
181 [SIOCSIWSTATS - SIOCIWFIRST] = {
182 .header_type = IW_HEADER_TYPE_NULL,
183 },
184 [SIOCGIWSTATS - SIOCIWFIRST] = { /* (handled directly by us) */
185 .header_type = IW_HEADER_TYPE_POINT,
186 .token_size = 1,
187 .max_tokens = sizeof(struct iw_statistics),
188 .flags = IW_DESCR_FLAG_DUMP,
189 },
190 [SIOCSIWSPY - SIOCIWFIRST] = {
191 .header_type = IW_HEADER_TYPE_POINT,
192 .token_size = sizeof(struct sockaddr),
193 .max_tokens = IW_MAX_SPY,
194 },
195 [SIOCGIWSPY - SIOCIWFIRST] = {
196 .header_type = IW_HEADER_TYPE_POINT,
197 .token_size = sizeof(struct sockaddr) +
198 sizeof(struct iw_quality),
199 .max_tokens = IW_MAX_SPY,
200 },
201 [SIOCSIWTHRSPY - SIOCIWFIRST] = {
202 .header_type = IW_HEADER_TYPE_POINT,
203 .token_size = sizeof(struct iw_thrspy),
204 .min_tokens = 1,
205 .max_tokens = 1,
206 },
207 [SIOCGIWTHRSPY - SIOCIWFIRST] = {
208 .header_type = IW_HEADER_TYPE_POINT,
209 .token_size = sizeof(struct iw_thrspy),
210 .min_tokens = 1,
211 .max_tokens = 1,
212 },
213 [SIOCSIWAP - SIOCIWFIRST] = {
214 .header_type = IW_HEADER_TYPE_ADDR,
215 },
216 [SIOCGIWAP - SIOCIWFIRST] = {
217 .header_type = IW_HEADER_TYPE_ADDR,
218 .flags = IW_DESCR_FLAG_DUMP,
219 },
220 [SIOCSIWMLME - SIOCIWFIRST] = {
221 .header_type = IW_HEADER_TYPE_POINT,
222 .token_size = 1,
223 .min_tokens = sizeof(struct iw_mlme),
224 .max_tokens = sizeof(struct iw_mlme),
225 },
226 [SIOCGIWAPLIST - SIOCIWFIRST] = {
227 .header_type = IW_HEADER_TYPE_POINT,
228 .token_size = sizeof(struct sockaddr) +
229 sizeof(struct iw_quality),
230 .max_tokens = IW_MAX_AP,
231 .flags = IW_DESCR_FLAG_NOMAX,
232 },
233 [SIOCSIWSCAN - SIOCIWFIRST] = {
234 .header_type = IW_HEADER_TYPE_POINT,
235 .token_size = 1,
236 .min_tokens = 0,
237 .max_tokens = sizeof(struct iw_scan_req),
238 },
239 [SIOCGIWSCAN - SIOCIWFIRST] = {
240 .header_type = IW_HEADER_TYPE_POINT,
241 .token_size = 1,
242 .max_tokens = IW_SCAN_MAX_DATA,
243 .flags = IW_DESCR_FLAG_NOMAX,
244 },
245 [SIOCSIWESSID - SIOCIWFIRST] = {
246 .header_type = IW_HEADER_TYPE_POINT,
247 .token_size = 1,
248 .max_tokens = IW_ESSID_MAX_SIZE,
249 .flags = IW_DESCR_FLAG_EVENT,
250 },
251 [SIOCGIWESSID - SIOCIWFIRST] = {
252 .header_type = IW_HEADER_TYPE_POINT,
253 .token_size = 1,
254 .max_tokens = IW_ESSID_MAX_SIZE,
255 .flags = IW_DESCR_FLAG_DUMP,
256 },
257 [SIOCSIWNICKN - SIOCIWFIRST] = {
258 .header_type = IW_HEADER_TYPE_POINT,
259 .token_size = 1,
260 .max_tokens = IW_ESSID_MAX_SIZE,
261 },
262 [SIOCGIWNICKN - SIOCIWFIRST] = {
263 .header_type = IW_HEADER_TYPE_POINT,
264 .token_size = 1,
265 .max_tokens = IW_ESSID_MAX_SIZE,
266 },
267 [SIOCSIWRATE - SIOCIWFIRST] = {
268 .header_type = IW_HEADER_TYPE_PARAM,
269 },
270 [SIOCGIWRATE - SIOCIWFIRST] = {
271 .header_type = IW_HEADER_TYPE_PARAM,
272 },
273 [SIOCSIWRTS - SIOCIWFIRST] = {
274 .header_type = IW_HEADER_TYPE_PARAM,
275 },
276 [SIOCGIWRTS - SIOCIWFIRST] = {
277 .header_type = IW_HEADER_TYPE_PARAM,
278 },
279 [SIOCSIWFRAG - SIOCIWFIRST] = {
280 .header_type = IW_HEADER_TYPE_PARAM,
281 },
282 [SIOCGIWFRAG - SIOCIWFIRST] = {
283 .header_type = IW_HEADER_TYPE_PARAM,
284 },
285 [SIOCSIWTXPOW - SIOCIWFIRST] = {
286 .header_type = IW_HEADER_TYPE_PARAM,
287 },
288 [SIOCGIWTXPOW - SIOCIWFIRST] = {
289 .header_type = IW_HEADER_TYPE_PARAM,
290 },
291 [SIOCSIWRETRY - SIOCIWFIRST] = {
292 .header_type = IW_HEADER_TYPE_PARAM,
293 },
294 [SIOCGIWRETRY - SIOCIWFIRST] = {
295 .header_type = IW_HEADER_TYPE_PARAM,
296 },
297 [SIOCSIWENCODE - SIOCIWFIRST] = {
298 .header_type = IW_HEADER_TYPE_POINT,
299 .token_size = 1,
300 .max_tokens = IW_ENCODING_TOKEN_MAX,
301 .flags = IW_DESCR_FLAG_EVENT | IW_DESCR_FLAG_RESTRICT,
302 },
303 [SIOCGIWENCODE - SIOCIWFIRST] = {
304 .header_type = IW_HEADER_TYPE_POINT,
305 .token_size = 1,
306 .max_tokens = IW_ENCODING_TOKEN_MAX,
307 .flags = IW_DESCR_FLAG_DUMP | IW_DESCR_FLAG_RESTRICT,
308 },
309 [SIOCSIWPOWER - SIOCIWFIRST] = {
310 .header_type = IW_HEADER_TYPE_PARAM,
311 },
312 [SIOCGIWPOWER - SIOCIWFIRST] = {
313 .header_type = IW_HEADER_TYPE_PARAM,
314 },
315 [SIOCSIWGENIE - SIOCIWFIRST] = {
316 .header_type = IW_HEADER_TYPE_POINT,
317 .token_size = 1,
318 .max_tokens = IW_GENERIC_IE_MAX,
319 },
320 [SIOCGIWGENIE - SIOCIWFIRST] = {
321 .header_type = IW_HEADER_TYPE_POINT,
322 .token_size = 1,
323 .max_tokens = IW_GENERIC_IE_MAX,
324 },
325 [SIOCSIWAUTH - SIOCIWFIRST] = {
326 .header_type = IW_HEADER_TYPE_PARAM,
327 },
328 [SIOCGIWAUTH - SIOCIWFIRST] = {
329 .header_type = IW_HEADER_TYPE_PARAM,
330 },
331 [SIOCSIWENCODEEXT - SIOCIWFIRST] = {
332 .header_type = IW_HEADER_TYPE_POINT,
333 .token_size = 1,
334 .min_tokens = sizeof(struct iw_encode_ext),
335 .max_tokens = sizeof(struct iw_encode_ext) +
336 IW_ENCODING_TOKEN_MAX,
337 },
338 [SIOCGIWENCODEEXT - SIOCIWFIRST] = {
339 .header_type = IW_HEADER_TYPE_POINT,
340 .token_size = 1,
341 .min_tokens = sizeof(struct iw_encode_ext),
342 .max_tokens = sizeof(struct iw_encode_ext) +
343 IW_ENCODING_TOKEN_MAX,
344 },
345 [SIOCSIWPMKSA - SIOCIWFIRST] = {
346 .header_type = IW_HEADER_TYPE_POINT,
347 .token_size = 1,
348 .min_tokens = sizeof(struct iw_pmksa),
349 .max_tokens = sizeof(struct iw_pmksa),
350 },
351 };
352 static const unsigned standard_ioctl_num = ARRAY_SIZE(standard_ioctl);
353
354 /*
355 * Meta-data about all the additional standard Wireless Extension events
356 * we know about.
357 */
358 static const struct iw_ioctl_description standard_event[] = {
359 [IWEVTXDROP - IWEVFIRST] = {
360 .header_type = IW_HEADER_TYPE_ADDR,
361 },
362 [IWEVQUAL - IWEVFIRST] = {
363 .header_type = IW_HEADER_TYPE_QUAL,
364 },
365 [IWEVCUSTOM - IWEVFIRST] = {
366 .header_type = IW_HEADER_TYPE_POINT,
367 .token_size = 1,
368 .max_tokens = IW_CUSTOM_MAX,
369 },
370 [IWEVREGISTERED - IWEVFIRST] = {
371 .header_type = IW_HEADER_TYPE_ADDR,
372 },
373 [IWEVEXPIRED - IWEVFIRST] = {
374 .header_type = IW_HEADER_TYPE_ADDR,
375 },
376 [IWEVGENIE - IWEVFIRST] = {
377 .header_type = IW_HEADER_TYPE_POINT,
378 .token_size = 1,
379 .max_tokens = IW_GENERIC_IE_MAX,
380 },
381 [IWEVMICHAELMICFAILURE - IWEVFIRST] = {
382 .header_type = IW_HEADER_TYPE_POINT,
383 .token_size = 1,
384 .max_tokens = sizeof(struct iw_michaelmicfailure),
385 },
386 [IWEVASSOCREQIE - IWEVFIRST] = {
387 .header_type = IW_HEADER_TYPE_POINT,
388 .token_size = 1,
389 .max_tokens = IW_GENERIC_IE_MAX,
390 },
391 [IWEVASSOCRESPIE - IWEVFIRST] = {
392 .header_type = IW_HEADER_TYPE_POINT,
393 .token_size = 1,
394 .max_tokens = IW_GENERIC_IE_MAX,
395 },
396 [IWEVPMKIDCAND - IWEVFIRST] = {
397 .header_type = IW_HEADER_TYPE_POINT,
398 .token_size = 1,
399 .max_tokens = sizeof(struct iw_pmkid_cand),
400 },
401 };
402 static const unsigned standard_event_num = ARRAY_SIZE(standard_event);
403
404 /* Size (in bytes) of the various private data types */
405 static const char iw_priv_type_size[] = {
406 0, /* IW_PRIV_TYPE_NONE */
407 1, /* IW_PRIV_TYPE_BYTE */
408 1, /* IW_PRIV_TYPE_CHAR */
409 0, /* Not defined */
410 sizeof(__u32), /* IW_PRIV_TYPE_INT */
411 sizeof(struct iw_freq), /* IW_PRIV_TYPE_FLOAT */
412 sizeof(struct sockaddr), /* IW_PRIV_TYPE_ADDR */
413 0, /* Not defined */
414 };
415
416 /* Size (in bytes) of various events */
417 static const int event_type_size[] = {
418 IW_EV_LCP_LEN, /* IW_HEADER_TYPE_NULL */
419 0,
420 IW_EV_CHAR_LEN, /* IW_HEADER_TYPE_CHAR */
421 0,
422 IW_EV_UINT_LEN, /* IW_HEADER_TYPE_UINT */
423 IW_EV_FREQ_LEN, /* IW_HEADER_TYPE_FREQ */
424 IW_EV_ADDR_LEN, /* IW_HEADER_TYPE_ADDR */
425 0,
426 IW_EV_POINT_LEN, /* Without variable payload */
427 IW_EV_PARAM_LEN, /* IW_HEADER_TYPE_PARAM */
428 IW_EV_QUAL_LEN, /* IW_HEADER_TYPE_QUAL */
429 };
430
431 /* Size (in bytes) of various events, as packed */
432 static const int event_type_pk_size[] = {
433 IW_EV_LCP_PK_LEN, /* IW_HEADER_TYPE_NULL */
434 0,
435 IW_EV_CHAR_PK_LEN, /* IW_HEADER_TYPE_CHAR */
436 0,
437 IW_EV_UINT_PK_LEN, /* IW_HEADER_TYPE_UINT */
438 IW_EV_FREQ_PK_LEN, /* IW_HEADER_TYPE_FREQ */
439 IW_EV_ADDR_PK_LEN, /* IW_HEADER_TYPE_ADDR */
440 0,
441 IW_EV_POINT_PK_LEN, /* Without variable payload */
442 IW_EV_PARAM_PK_LEN, /* IW_HEADER_TYPE_PARAM */
443 IW_EV_QUAL_PK_LEN, /* IW_HEADER_TYPE_QUAL */
444 };
445
446 /************************ COMMON SUBROUTINES ************************/
447 /*
448 * Stuff that may be used in various place or doesn't fit in one
449 * of the section below.
450 */
451
452 /* ---------------------------------------------------------------- */
453 /*
454 * Return the driver handler associated with a specific Wireless Extension.
455 * Called from various place, so make sure it remains efficient.
456 */
457 static inline iw_handler get_handler(struct net_device *dev,
458 unsigned int cmd)
459 {
460 /* Don't "optimise" the following variable, it will crash */
461 unsigned int index; /* *MUST* be unsigned */
462
463 /* Check if we have some wireless handlers defined */
464 if (dev->wireless_handlers == NULL)
465 return NULL;
466
467 /* Try as a standard command */
468 index = cmd - SIOCIWFIRST;
469 if (index < dev->wireless_handlers->num_standard)
470 return dev->wireless_handlers->standard[index];
471
472 /* Try as a private command */
473 index = cmd - SIOCIWFIRSTPRIV;
474 if (index < dev->wireless_handlers->num_private)
475 return dev->wireless_handlers->private[index];
476
477 /* Not found */
478 return NULL;
479 }
480
481 /* ---------------------------------------------------------------- */
482 /*
483 * Get statistics out of the driver
484 */
485 static inline struct iw_statistics *get_wireless_stats(struct net_device *dev)
486 {
487 /* New location */
488 if ((dev->wireless_handlers != NULL) &&
489 (dev->wireless_handlers->get_wireless_stats != NULL))
490 return dev->wireless_handlers->get_wireless_stats(dev);
491
492 /* Not found */
493 return (struct iw_statistics *) NULL;
494 }
495
496 /* ---------------------------------------------------------------- */
497 /*
498 * Call the commit handler in the driver
499 * (if exist and if conditions are right)
500 *
501 * Note : our current commit strategy is currently pretty dumb,
502 * but we will be able to improve on that...
503 * The goal is to try to agreagate as many changes as possible
504 * before doing the commit. Drivers that will define a commit handler
505 * are usually those that need a reset after changing parameters, so
506 * we want to minimise the number of reset.
507 * A cool idea is to use a timer : at each "set" command, we re-set the
508 * timer, when the timer eventually fires, we call the driver.
509 * Hopefully, more on that later.
510 *
511 * Also, I'm waiting to see how many people will complain about the
512 * netif_running(dev) test. I'm open on that one...
513 * Hopefully, the driver will remember to do a commit in "open()" ;-)
514 */
515 static inline int call_commit_handler(struct net_device * dev)
516 {
517 if ((netif_running(dev)) &&
518 (dev->wireless_handlers->standard[0] != NULL)) {
519 /* Call the commit handler on the driver */
520 return dev->wireless_handlers->standard[0](dev, NULL,
521 NULL, NULL);
522 } else
523 return 0; /* Command completed successfully */
524 }
525
526 /* ---------------------------------------------------------------- */
527 /*
528 * Calculate size of private arguments
529 */
530 static inline int get_priv_size(__u16 args)
531 {
532 int num = args & IW_PRIV_SIZE_MASK;
533 int type = (args & IW_PRIV_TYPE_MASK) >> 12;
534
535 return num * iw_priv_type_size[type];
536 }
537
538 /* ---------------------------------------------------------------- */
539 /*
540 * Re-calculate the size of private arguments
541 */
542 static inline int adjust_priv_size(__u16 args,
543 union iwreq_data * wrqu)
544 {
545 int num = wrqu->data.length;
546 int max = args & IW_PRIV_SIZE_MASK;
547 int type = (args & IW_PRIV_TYPE_MASK) >> 12;
548
549 /* Make sure the driver doesn't goof up */
550 if (max < num)
551 num = max;
552
553 return num * iw_priv_type_size[type];
554 }
555
556 /* ---------------------------------------------------------------- */
557 /*
558 * Standard Wireless Handler : get wireless stats
559 * Allow programatic access to /proc/net/wireless even if /proc
560 * doesn't exist... Also more efficient...
561 */
562 static int iw_handler_get_iwstats(struct net_device * dev,
563 struct iw_request_info * info,
564 union iwreq_data * wrqu,
565 char * extra)
566 {
567 /* Get stats from the driver */
568 struct iw_statistics *stats;
569
570 stats = get_wireless_stats(dev);
571 if (stats != (struct iw_statistics *) NULL) {
572
573 /* Copy statistics to extra */
574 memcpy(extra, stats, sizeof(struct iw_statistics));
575 wrqu->data.length = sizeof(struct iw_statistics);
576
577 /* Check if we need to clear the updated flag */
578 if (wrqu->data.flags != 0)
579 stats->qual.updated &= ~IW_QUAL_ALL_UPDATED;
580 return 0;
581 } else
582 return -EOPNOTSUPP;
583 }
584
585 /* ---------------------------------------------------------------- */
586 /*
587 * Standard Wireless Handler : get iwpriv definitions
588 * Export the driver private handler definition
589 * They will be picked up by tools like iwpriv...
590 */
591 static int iw_handler_get_private(struct net_device * dev,
592 struct iw_request_info * info,
593 union iwreq_data * wrqu,
594 char * extra)
595 {
596 /* Check if the driver has something to export */
597 if ((dev->wireless_handlers->num_private_args == 0) ||
598 (dev->wireless_handlers->private_args == NULL))
599 return -EOPNOTSUPP;
600
601 /* Check if there is enough buffer up there */
602 if (wrqu->data.length < dev->wireless_handlers->num_private_args) {
603 /* User space can't know in advance how large the buffer
604 * needs to be. Give it a hint, so that we can support
605 * any size buffer we want somewhat efficiently... */
606 wrqu->data.length = dev->wireless_handlers->num_private_args;
607 return -E2BIG;
608 }
609
610 /* Set the number of available ioctls. */
611 wrqu->data.length = dev->wireless_handlers->num_private_args;
612
613 /* Copy structure to the user buffer. */
614 memcpy(extra, dev->wireless_handlers->private_args,
615 sizeof(struct iw_priv_args) * wrqu->data.length);
616
617 return 0;
618 }
619
620
621 /******************** /proc/net/wireless SUPPORT ********************/
622 /*
623 * The /proc/net/wireless file is a human readable user-space interface
624 * exporting various wireless specific statistics from the wireless devices.
625 * This is the most popular part of the Wireless Extensions ;-)
626 *
627 * This interface is a pure clone of /proc/net/dev (in net/core/dev.c).
628 * The content of the file is basically the content of "struct iw_statistics".
629 */
630
631 #ifdef CONFIG_PROC_FS
632
633 /* ---------------------------------------------------------------- */
634 /*
635 * Print one entry (line) of /proc/net/wireless
636 */
637 static __inline__ void wireless_seq_printf_stats(struct seq_file *seq,
638 struct net_device *dev)
639 {
640 /* Get stats from the driver */
641 struct iw_statistics *stats = get_wireless_stats(dev);
642
643 if (stats) {
644 seq_printf(seq, "%6s: %04x %3d%c %3d%c %3d%c %6d %6d %6d "
645 "%6d %6d %6d\n",
646 dev->name, stats->status, stats->qual.qual,
647 stats->qual.updated & IW_QUAL_QUAL_UPDATED
648 ? '.' : ' ',
649 ((__s32) stats->qual.level) -
650 ((stats->qual.updated & IW_QUAL_DBM) ? 0x100 : 0),
651 stats->qual.updated & IW_QUAL_LEVEL_UPDATED
652 ? '.' : ' ',
653 ((__s32) stats->qual.noise) -
654 ((stats->qual.updated & IW_QUAL_DBM) ? 0x100 : 0),
655 stats->qual.updated & IW_QUAL_NOISE_UPDATED
656 ? '.' : ' ',
657 stats->discard.nwid, stats->discard.code,
658 stats->discard.fragment, stats->discard.retries,
659 stats->discard.misc, stats->miss.beacon);
660 stats->qual.updated &= ~IW_QUAL_ALL_UPDATED;
661 }
662 }
663
664 /* ---------------------------------------------------------------- */
665 /*
666 * Print info for /proc/net/wireless (print all entries)
667 */
668 static int wireless_seq_show(struct seq_file *seq, void *v)
669 {
670 if (v == SEQ_START_TOKEN)
671 seq_printf(seq, "Inter-| sta-| Quality | Discarded "
672 "packets | Missed | WE\n"
673 " face | tus | link level noise | nwid "
674 "crypt frag retry misc | beacon | %d\n",
675 WIRELESS_EXT);
676 else
677 wireless_seq_printf_stats(seq, v);
678 return 0;
679 }
680
681 static const struct seq_operations wireless_seq_ops = {
682 .start = dev_seq_start,
683 .next = dev_seq_next,
684 .stop = dev_seq_stop,
685 .show = wireless_seq_show,
686 };
687
688 static int wireless_seq_open(struct inode *inode, struct file *file)
689 {
690 return seq_open(file, &wireless_seq_ops);
691 }
692
693 static const struct file_operations wireless_seq_fops = {
694 .owner = THIS_MODULE,
695 .open = wireless_seq_open,
696 .read = seq_read,
697 .llseek = seq_lseek,
698 .release = seq_release,
699 };
700
701 int __init wireless_proc_init(void)
702 {
703 /* Create /proc/net/wireless entry */
704 if (!proc_net_fops_create("wireless", S_IRUGO, &wireless_seq_fops))
705 return -ENOMEM;
706
707 return 0;
708 }
709 #endif /* CONFIG_PROC_FS */
710
711 /************************** IOCTL SUPPORT **************************/
712 /*
713 * The original user space API to configure all those Wireless Extensions
714 * is through IOCTLs.
715 * In there, we check if we need to call the new driver API (iw_handler)
716 * or just call the driver ioctl handler.
717 */
718
719 /* ---------------------------------------------------------------- */
720 /*
721 * Wrapper to call a standard Wireless Extension handler.
722 * We do various checks and also take care of moving data between
723 * user space and kernel space.
724 */
725 static int ioctl_standard_call(struct net_device * dev,
726 struct ifreq * ifr,
727 unsigned int cmd,
728 iw_handler handler)
729 {
730 struct iwreq * iwr = (struct iwreq *) ifr;
731 const struct iw_ioctl_description * descr;
732 struct iw_request_info info;
733 int ret = -EINVAL;
734
735 /* Get the description of the IOCTL */
736 if ((cmd - SIOCIWFIRST) >= standard_ioctl_num)
737 return -EOPNOTSUPP;
738 descr = &(standard_ioctl[cmd - SIOCIWFIRST]);
739
740 #ifdef WE_IOCTL_DEBUG
741 printk(KERN_DEBUG "%s (WE) : Found standard handler for 0x%04X\n",
742 ifr->ifr_name, cmd);
743 printk(KERN_DEBUG "%s (WE) : Header type : %d, Token type : %d, size : %d, token : %d\n", dev->name, descr->header_type, descr->token_type, descr->token_size, descr->max_tokens);
744 #endif /* WE_IOCTL_DEBUG */
745
746 /* Prepare the call */
747 info.cmd = cmd;
748 info.flags = 0;
749
750 /* Check if we have a pointer to user space data or not */
751 if (descr->header_type != IW_HEADER_TYPE_POINT) {
752
753 /* No extra arguments. Trivial to handle */
754 ret = handler(dev, &info, &(iwr->u), NULL);
755
756 #ifdef WE_SET_EVENT
757 /* Generate an event to notify listeners of the change */
758 if ((descr->flags & IW_DESCR_FLAG_EVENT) &&
759 ((ret == 0) || (ret == -EIWCOMMIT)))
760 wireless_send_event(dev, cmd, &(iwr->u), NULL);
761 #endif /* WE_SET_EVENT */
762 } else {
763 char * extra;
764 int extra_size;
765 int user_length = 0;
766 int err;
767 int essid_compat = 0;
768
769 /* Calculate space needed by arguments. Always allocate
770 * for max space. Easier, and won't last long... */
771 extra_size = descr->max_tokens * descr->token_size;
772
773 /* Check need for ESSID compatibility for WE < 21 */
774 switch (cmd) {
775 case SIOCSIWESSID:
776 case SIOCGIWESSID:
777 case SIOCSIWNICKN:
778 case SIOCGIWNICKN:
779 if (iwr->u.data.length == descr->max_tokens + 1)
780 essid_compat = 1;
781 else if (IW_IS_SET(cmd) && (iwr->u.data.length != 0)) {
782 char essid[IW_ESSID_MAX_SIZE + 1];
783
784 err = copy_from_user(essid, iwr->u.data.pointer,
785 iwr->u.data.length *
786 descr->token_size);
787 if (err)
788 return -EFAULT;
789
790 if (essid[iwr->u.data.length - 1] == '\0')
791 essid_compat = 1;
792 }
793 break;
794 default:
795 break;
796 }
797
798 iwr->u.data.length -= essid_compat;
799
800 /* Check what user space is giving us */
801 if (IW_IS_SET(cmd)) {
802 /* Check NULL pointer */
803 if ((iwr->u.data.pointer == NULL) &&
804 (iwr->u.data.length != 0))
805 return -EFAULT;
806 /* Check if number of token fits within bounds */
807 if (iwr->u.data.length > descr->max_tokens)
808 return -E2BIG;
809 if (iwr->u.data.length < descr->min_tokens)
810 return -EINVAL;
811 } else {
812 /* Check NULL pointer */
813 if (iwr->u.data.pointer == NULL)
814 return -EFAULT;
815 /* Save user space buffer size for checking */
816 user_length = iwr->u.data.length;
817
818 /* Don't check if user_length > max to allow forward
819 * compatibility. The test user_length < min is
820 * implied by the test at the end. */
821
822 /* Support for very large requests */
823 if ((descr->flags & IW_DESCR_FLAG_NOMAX) &&
824 (user_length > descr->max_tokens)) {
825 /* Allow userspace to GET more than max so
826 * we can support any size GET requests.
827 * There is still a limit : -ENOMEM. */
828 extra_size = user_length * descr->token_size;
829 /* Note : user_length is originally a __u16,
830 * and token_size is controlled by us,
831 * so extra_size won't get negative and
832 * won't overflow... */
833 }
834 }
835
836 #ifdef WE_IOCTL_DEBUG
837 printk(KERN_DEBUG "%s (WE) : Malloc %d bytes\n",
838 dev->name, extra_size);
839 #endif /* WE_IOCTL_DEBUG */
840
841 /* Create the kernel buffer */
842 /* kzalloc ensures NULL-termination for essid_compat */
843 extra = kzalloc(extra_size, GFP_KERNEL);
844 if (extra == NULL) {
845 return -ENOMEM;
846 }
847
848 /* If it is a SET, get all the extra data in here */
849 if (IW_IS_SET(cmd) && (iwr->u.data.length != 0)) {
850 err = copy_from_user(extra, iwr->u.data.pointer,
851 iwr->u.data.length *
852 descr->token_size);
853 if (err) {
854 kfree(extra);
855 return -EFAULT;
856 }
857 #ifdef WE_IOCTL_DEBUG
858 printk(KERN_DEBUG "%s (WE) : Got %d bytes\n",
859 dev->name,
860 iwr->u.data.length * descr->token_size);
861 #endif /* WE_IOCTL_DEBUG */
862 }
863
864 /* Call the handler */
865 ret = handler(dev, &info, &(iwr->u), extra);
866
867 iwr->u.data.length += essid_compat;
868
869 /* If we have something to return to the user */
870 if (!ret && IW_IS_GET(cmd)) {
871 /* Check if there is enough buffer up there */
872 if (user_length < iwr->u.data.length) {
873 kfree(extra);
874 return -E2BIG;
875 }
876
877 err = copy_to_user(iwr->u.data.pointer, extra,
878 iwr->u.data.length *
879 descr->token_size);
880 if (err)
881 ret = -EFAULT;
882 #ifdef WE_IOCTL_DEBUG
883 printk(KERN_DEBUG "%s (WE) : Wrote %d bytes\n",
884 dev->name,
885 iwr->u.data.length * descr->token_size);
886 #endif /* WE_IOCTL_DEBUG */
887 }
888
889 #ifdef WE_SET_EVENT
890 /* Generate an event to notify listeners of the change */
891 if ((descr->flags & IW_DESCR_FLAG_EVENT) &&
892 ((ret == 0) || (ret == -EIWCOMMIT))) {
893 if (descr->flags & IW_DESCR_FLAG_RESTRICT)
894 /* If the event is restricted, don't
895 * export the payload */
896 wireless_send_event(dev, cmd, &(iwr->u), NULL);
897 else
898 wireless_send_event(dev, cmd, &(iwr->u),
899 extra);
900 }
901 #endif /* WE_SET_EVENT */
902
903 /* Cleanup - I told you it wasn't that long ;-) */
904 kfree(extra);
905 }
906
907 /* Call commit handler if needed and defined */
908 if (ret == -EIWCOMMIT)
909 ret = call_commit_handler(dev);
910
911 /* Here, we will generate the appropriate event if needed */
912
913 return ret;
914 }
915
916 /* ---------------------------------------------------------------- */
917 /*
918 * Wrapper to call a private Wireless Extension handler.
919 * We do various checks and also take care of moving data between
920 * user space and kernel space.
921 * It's not as nice and slimline as the standard wrapper. The cause
922 * is struct iw_priv_args, which was not really designed for the
923 * job we are going here.
924 *
925 * IMPORTANT : This function prevent to set and get data on the same
926 * IOCTL and enforce the SET/GET convention. Not doing it would be
927 * far too hairy...
928 * If you need to set and get data at the same time, please don't use
929 * a iw_handler but process it in your ioctl handler (i.e. use the
930 * old driver API).
931 */
932 static inline int ioctl_private_call(struct net_device * dev,
933 struct ifreq * ifr,
934 unsigned int cmd,
935 iw_handler handler)
936 {
937 struct iwreq * iwr = (struct iwreq *) ifr;
938 const struct iw_priv_args * descr = NULL;
939 struct iw_request_info info;
940 int extra_size = 0;
941 int i;
942 int ret = -EINVAL;
943
944 /* Get the description of the IOCTL */
945 for (i = 0; i < dev->wireless_handlers->num_private_args; i++)
946 if (cmd == dev->wireless_handlers->private_args[i].cmd) {
947 descr = &(dev->wireless_handlers->private_args[i]);
948 break;
949 }
950
951 #ifdef WE_IOCTL_DEBUG
952 printk(KERN_DEBUG "%s (WE) : Found private handler for 0x%04X\n",
953 ifr->ifr_name, cmd);
954 if (descr) {
955 printk(KERN_DEBUG "%s (WE) : Name %s, set %X, get %X\n",
956 dev->name, descr->name,
957 descr->set_args, descr->get_args);
958 }
959 #endif /* WE_IOCTL_DEBUG */
960
961 /* Compute the size of the set/get arguments */
962 if (descr != NULL) {
963 if (IW_IS_SET(cmd)) {
964 int offset = 0; /* For sub-ioctls */
965 /* Check for sub-ioctl handler */
966 if (descr->name[0] == '\0')
967 /* Reserve one int for sub-ioctl index */
968 offset = sizeof(__u32);
969
970 /* Size of set arguments */
971 extra_size = get_priv_size(descr->set_args);
972
973 /* Does it fits in iwr ? */
974 if ((descr->set_args & IW_PRIV_SIZE_FIXED) &&
975 ((extra_size + offset) <= IFNAMSIZ))
976 extra_size = 0;
977 } else {
978 /* Size of get arguments */
979 extra_size = get_priv_size(descr->get_args);
980
981 /* Does it fits in iwr ? */
982 if ((descr->get_args & IW_PRIV_SIZE_FIXED) &&
983 (extra_size <= IFNAMSIZ))
984 extra_size = 0;
985 }
986 }
987
988 /* Prepare the call */
989 info.cmd = cmd;
990 info.flags = 0;
991
992 /* Check if we have a pointer to user space data or not. */
993 if (extra_size == 0) {
994 /* No extra arguments. Trivial to handle */
995 ret = handler(dev, &info, &(iwr->u), (char *) &(iwr->u));
996 } else {
997 char * extra;
998 int err;
999
1000 /* Check what user space is giving us */
1001 if (IW_IS_SET(cmd)) {
1002 /* Check NULL pointer */
1003 if ((iwr->u.data.pointer == NULL) &&
1004 (iwr->u.data.length != 0))
1005 return -EFAULT;
1006
1007 /* Does it fits within bounds ? */
1008 if (iwr->u.data.length > (descr->set_args &
1009 IW_PRIV_SIZE_MASK))
1010 return -E2BIG;
1011 } else {
1012 /* Check NULL pointer */
1013 if (iwr->u.data.pointer == NULL)
1014 return -EFAULT;
1015 }
1016
1017 #ifdef WE_IOCTL_DEBUG
1018 printk(KERN_DEBUG "%s (WE) : Malloc %d bytes\n",
1019 dev->name, extra_size);
1020 #endif /* WE_IOCTL_DEBUG */
1021
1022 /* Always allocate for max space. Easier, and won't last
1023 * long... */
1024 extra = kmalloc(extra_size, GFP_KERNEL);
1025 if (extra == NULL) {
1026 return -ENOMEM;
1027 }
1028
1029 /* If it is a SET, get all the extra data in here */
1030 if (IW_IS_SET(cmd) && (iwr->u.data.length != 0)) {
1031 err = copy_from_user(extra, iwr->u.data.pointer,
1032 extra_size);
1033 if (err) {
1034 kfree(extra);
1035 return -EFAULT;
1036 }
1037 #ifdef WE_IOCTL_DEBUG
1038 printk(KERN_DEBUG "%s (WE) : Got %d elem\n",
1039 dev->name, iwr->u.data.length);
1040 #endif /* WE_IOCTL_DEBUG */
1041 }
1042
1043 /* Call the handler */
1044 ret = handler(dev, &info, &(iwr->u), extra);
1045
1046 /* If we have something to return to the user */
1047 if (!ret && IW_IS_GET(cmd)) {
1048
1049 /* Adjust for the actual length if it's variable,
1050 * avoid leaking kernel bits outside. */
1051 if (!(descr->get_args & IW_PRIV_SIZE_FIXED)) {
1052 extra_size = adjust_priv_size(descr->get_args,
1053 &(iwr->u));
1054 }
1055
1056 err = copy_to_user(iwr->u.data.pointer, extra,
1057 extra_size);
1058 if (err)
1059 ret = -EFAULT;
1060 #ifdef WE_IOCTL_DEBUG
1061 printk(KERN_DEBUG "%s (WE) : Wrote %d elem\n",
1062 dev->name, iwr->u.data.length);
1063 #endif /* WE_IOCTL_DEBUG */
1064 }
1065
1066 /* Cleanup - I told you it wasn't that long ;-) */
1067 kfree(extra);
1068 }
1069
1070
1071 /* Call commit handler if needed and defined */
1072 if (ret == -EIWCOMMIT)
1073 ret = call_commit_handler(dev);
1074
1075 return ret;
1076 }
1077
1078 /* ---------------------------------------------------------------- */
1079 /*
1080 * Main IOCTl dispatcher. Called from the main networking code
1081 * (dev_ioctl() in net/core/dev.c).
1082 * Check the type of IOCTL and call the appropriate wrapper...
1083 */
1084 int wireless_process_ioctl(struct ifreq *ifr, unsigned int cmd)
1085 {
1086 struct net_device *dev;
1087 iw_handler handler;
1088
1089 /* Permissions are already checked in dev_ioctl() before calling us.
1090 * The copy_to/from_user() of ifr is also dealt with in there */
1091
1092 /* Make sure the device exist */
1093 if ((dev = __dev_get_by_name(ifr->ifr_name)) == NULL)
1094 return -ENODEV;
1095
1096 /* A bunch of special cases, then the generic case...
1097 * Note that 'cmd' is already filtered in dev_ioctl() with
1098 * (cmd >= SIOCIWFIRST && cmd <= SIOCIWLAST) */
1099 switch (cmd) {
1100 case SIOCGIWSTATS:
1101 /* Get Wireless Stats */
1102 return ioctl_standard_call(dev,
1103 ifr,
1104 cmd,
1105 &iw_handler_get_iwstats);
1106
1107 case SIOCGIWPRIV:
1108 /* Check if we have some wireless handlers defined */
1109 if (dev->wireless_handlers != NULL) {
1110 /* We export to user space the definition of
1111 * the private handler ourselves */
1112 return ioctl_standard_call(dev,
1113 ifr,
1114 cmd,
1115 &iw_handler_get_private);
1116 }
1117 // ## Fall-through for old API ##
1118 default:
1119 /* Generic IOCTL */
1120 /* Basic check */
1121 if (!netif_device_present(dev))
1122 return -ENODEV;
1123 /* New driver API : try to find the handler */
1124 handler = get_handler(dev, cmd);
1125 if (handler != NULL) {
1126 /* Standard and private are not the same */
1127 if (cmd < SIOCIWFIRSTPRIV)
1128 return ioctl_standard_call(dev,
1129 ifr,
1130 cmd,
1131 handler);
1132 else
1133 return ioctl_private_call(dev,
1134 ifr,
1135 cmd,
1136 handler);
1137 }
1138 /* Old driver API : call driver ioctl handler */
1139 if (dev->do_ioctl) {
1140 return dev->do_ioctl(dev, ifr, cmd);
1141 }
1142 return -EOPNOTSUPP;
1143 }
1144 /* Not reached */
1145 return -EINVAL;
1146 }
1147
1148 /********************** RTNETLINK REQUEST API **********************/
1149 /*
1150 * The alternate user space API to configure all those Wireless Extensions
1151 * is through RtNetlink.
1152 * This API support only the new driver API (iw_handler).
1153 *
1154 * This RtNetlink API use the same query/reply model as the ioctl API.
1155 * Maximum effort has been done to fit in the RtNetlink model, and
1156 * we support both RtNetlink Set and RtNelink Get operations.
1157 * On the other hand, we don't offer Dump operations because of the
1158 * following reasons :
1159 * o Large number of parameters, most optional
1160 * o Large size of some parameters (> 100 bytes)
1161 * o Each parameters need to be extracted from hardware
1162 * o Scan requests can take seconds and disable network activity.
1163 * Because of this high cost/overhead, we want to return only the
1164 * parameters the user application is really interested in.
1165 * We could offer partial Dump using the IW_DESCR_FLAG_DUMP flag.
1166 *
1167 * The API uses the standard RtNetlink socket. When the RtNetlink code
1168 * find a IFLA_WIRELESS field in a RtNetlink SET_LINK request,
1169 * it calls here.
1170 */
1171
1172 #ifdef CONFIG_NET_WIRELESS_RTNETLINK
1173 /* ---------------------------------------------------------------- */
1174 /*
1175 * Wrapper to call a standard Wireless Extension GET handler.
1176 * We do various checks and call the handler with the proper args.
1177 */
1178 static int rtnetlink_standard_get(struct net_device * dev,
1179 struct iw_event * request,
1180 int request_len,
1181 iw_handler handler,
1182 char ** p_buf,
1183 int * p_len)
1184 {
1185 const struct iw_ioctl_description * descr = NULL;
1186 unsigned int cmd;
1187 union iwreq_data * wrqu;
1188 int hdr_len;
1189 struct iw_request_info info;
1190 char * buffer = NULL;
1191 int buffer_size = 0;
1192 int ret = -EINVAL;
1193
1194 /* Get the description of the Request */
1195 cmd = request->cmd;
1196 if ((cmd - SIOCIWFIRST) >= standard_ioctl_num)
1197 return -EOPNOTSUPP;
1198 descr = &(standard_ioctl[cmd - SIOCIWFIRST]);
1199
1200 #ifdef WE_RTNETLINK_DEBUG
1201 printk(KERN_DEBUG "%s (WE.r) : Found standard handler for 0x%04X\n",
1202 dev->name, cmd);
1203 printk(KERN_DEBUG "%s (WE.r) : Header type : %d, Token type : %d, size : %d, token : %d\n", dev->name, descr->header_type, descr->token_type, descr->token_size, descr->max_tokens);
1204 #endif /* WE_RTNETLINK_DEBUG */
1205
1206 /* Check if wrqu is complete */
1207 hdr_len = event_type_size[descr->header_type];
1208 if (request_len < hdr_len) {
1209 #ifdef WE_RTNETLINK_DEBUG
1210 printk(KERN_DEBUG
1211 "%s (WE.r) : Wireless request too short (%d)\n",
1212 dev->name, request_len);
1213 #endif /* WE_RTNETLINK_DEBUG */
1214 return -EINVAL;
1215 }
1216
1217 /* Prepare the call */
1218 info.cmd = cmd;
1219 info.flags = 0;
1220
1221 /* Check if we have extra data in the reply or not */
1222 if (descr->header_type != IW_HEADER_TYPE_POINT) {
1223
1224 /* Create the kernel buffer that we will return.
1225 * It's at an offset to match the TYPE_POINT case... */
1226 buffer_size = request_len + IW_EV_POINT_OFF;
1227 buffer = kmalloc(buffer_size, GFP_KERNEL);
1228 if (buffer == NULL) {
1229 return -ENOMEM;
1230 }
1231 /* Copy event data */
1232 memcpy(buffer + IW_EV_POINT_OFF, request, request_len);
1233 /* Use our own copy of wrqu */
1234 wrqu = (union iwreq_data *) (buffer + IW_EV_POINT_OFF
1235 + IW_EV_LCP_PK_LEN);
1236
1237 /* No extra arguments. Trivial to handle */
1238 ret = handler(dev, &info, wrqu, NULL);
1239
1240 } else {
1241 union iwreq_data wrqu_point;
1242 char * extra = NULL;
1243 int extra_size = 0;
1244
1245 /* Get a temp copy of wrqu (skip pointer) */
1246 memcpy(((char *) &wrqu_point) + IW_EV_POINT_OFF,
1247 ((char *) request) + IW_EV_LCP_PK_LEN,
1248 IW_EV_POINT_LEN - IW_EV_LCP_PK_LEN);
1249
1250 /* Calculate space needed by arguments. Always allocate
1251 * for max space. Easier, and won't last long... */
1252 extra_size = descr->max_tokens * descr->token_size;
1253 /* Support for very large requests */
1254 if ((descr->flags & IW_DESCR_FLAG_NOMAX) &&
1255 (wrqu_point.data.length > descr->max_tokens))
1256 extra_size = (wrqu_point.data.length
1257 * descr->token_size);
1258 buffer_size = extra_size + IW_EV_POINT_PK_LEN + IW_EV_POINT_OFF;
1259 #ifdef WE_RTNETLINK_DEBUG
1260 printk(KERN_DEBUG "%s (WE.r) : Malloc %d bytes (%d bytes)\n",
1261 dev->name, extra_size, buffer_size);
1262 #endif /* WE_RTNETLINK_DEBUG */
1263
1264 /* Create the kernel buffer that we will return */
1265 buffer = kmalloc(buffer_size, GFP_KERNEL);
1266 if (buffer == NULL) {
1267 return -ENOMEM;
1268 }
1269
1270 /* Put wrqu in the right place (just before extra).
1271 * Leave space for IWE header and dummy pointer...
1272 * Note that IW_EV_LCP_PK_LEN==4 bytes, so it's still aligned.
1273 */
1274 memcpy(buffer + IW_EV_LCP_PK_LEN + IW_EV_POINT_OFF,
1275 ((char *) &wrqu_point) + IW_EV_POINT_OFF,
1276 IW_EV_POINT_PK_LEN - IW_EV_LCP_PK_LEN);
1277 wrqu = (union iwreq_data *) (buffer + IW_EV_LCP_PK_LEN);
1278
1279 /* Extra comes logically after that. Offset +12 bytes. */
1280 extra = buffer + IW_EV_POINT_OFF + IW_EV_POINT_PK_LEN;
1281
1282 /* Call the handler */
1283 ret = handler(dev, &info, wrqu, extra);
1284
1285 /* Calculate real returned length */
1286 extra_size = (wrqu->data.length * descr->token_size);
1287 /* Re-adjust reply size */
1288 request->len = extra_size + IW_EV_POINT_PK_LEN;
1289
1290 /* Put the iwe header where it should, i.e. scrap the
1291 * dummy pointer. */
1292 memcpy(buffer + IW_EV_POINT_OFF, request, IW_EV_LCP_PK_LEN);
1293
1294 #ifdef WE_RTNETLINK_DEBUG
1295 printk(KERN_DEBUG "%s (WE.r) : Reply 0x%04X, hdr_len %d, tokens %d, extra_size %d, buffer_size %d\n", dev->name, cmd, hdr_len, wrqu->data.length, extra_size, buffer_size);
1296 #endif /* WE_RTNETLINK_DEBUG */
1297
1298 /* Check if there is enough buffer up there */
1299 if (wrqu_point.data.length < wrqu->data.length)
1300 ret = -E2BIG;
1301 }
1302
1303 /* Return the buffer to the caller */
1304 if (!ret) {
1305 *p_buf = buffer;
1306 *p_len = request->len;
1307 } else {
1308 /* Cleanup */
1309 if (buffer)
1310 kfree(buffer);
1311 }
1312
1313 return ret;
1314 }
1315
1316 /* ---------------------------------------------------------------- */
1317 /*
1318 * Wrapper to call a standard Wireless Extension SET handler.
1319 * We do various checks and call the handler with the proper args.
1320 */
1321 static inline int rtnetlink_standard_set(struct net_device * dev,
1322 struct iw_event * request,
1323 int request_len,
1324 iw_handler handler)
1325 {
1326 const struct iw_ioctl_description * descr = NULL;
1327 unsigned int cmd;
1328 union iwreq_data * wrqu;
1329 union iwreq_data wrqu_point;
1330 int hdr_len;
1331 char * extra = NULL;
1332 int extra_size = 0;
1333 struct iw_request_info info;
1334 int ret = -EINVAL;
1335
1336 /* Get the description of the Request */
1337 cmd = request->cmd;
1338 if ((cmd - SIOCIWFIRST) >= standard_ioctl_num)
1339 return -EOPNOTSUPP;
1340 descr = &(standard_ioctl[cmd - SIOCIWFIRST]);
1341
1342 #ifdef WE_RTNETLINK_DEBUG
1343 printk(KERN_DEBUG "%s (WE.r) : Found standard SET handler for 0x%04X\n",
1344 dev->name, cmd);
1345 printk(KERN_DEBUG "%s (WE.r) : Header type : %d, Token type : %d, size : %d, token : %d\n", dev->name, descr->header_type, descr->token_type, descr->token_size, descr->max_tokens);
1346 #endif /* WE_RTNETLINK_DEBUG */
1347
1348 /* Extract fixed header from request. This is properly aligned. */
1349 wrqu = (union iwreq_data *) (((char *) request) + IW_EV_LCP_PK_LEN);
1350
1351 /* Check if wrqu is complete */
1352 hdr_len = event_type_pk_size[descr->header_type];
1353 if (request_len < hdr_len) {
1354 #ifdef WE_RTNETLINK_DEBUG
1355 printk(KERN_DEBUG
1356 "%s (WE.r) : Wireless request too short (%d)\n",
1357 dev->name, request_len);
1358 #endif /* WE_RTNETLINK_DEBUG */
1359 return -EINVAL;
1360 }
1361
1362 /* Prepare the call */
1363 info.cmd = cmd;
1364 info.flags = 0;
1365
1366 /* Check if we have extra data in the request or not */
1367 if (descr->header_type != IW_HEADER_TYPE_POINT) {
1368
1369 /* No extra arguments. Trivial to handle */
1370 ret = handler(dev, &info, wrqu, NULL);
1371
1372 } else {
1373 int extra_len;
1374
1375 /* Put wrqu in the right place (skip pointer) */
1376 memcpy(((char *) &wrqu_point) + IW_EV_POINT_OFF,
1377 wrqu, IW_EV_POINT_PK_LEN - IW_EV_LCP_PK_LEN);
1378 /* Don't forget about the event code... */
1379 wrqu = &wrqu_point;
1380
1381 /* Check if number of token fits within bounds */
1382 if (wrqu_point.data.length > descr->max_tokens)
1383 return -E2BIG;
1384 if (wrqu_point.data.length < descr->min_tokens)
1385 return -EINVAL;
1386
1387 /* Real length of payload */
1388 extra_len = wrqu_point.data.length * descr->token_size;
1389
1390 /* Check if request is self consistent */
1391 if ((request_len - hdr_len) < extra_len) {
1392 #ifdef WE_RTNETLINK_DEBUG
1393 printk(KERN_DEBUG "%s (WE.r) : Wireless request data too short (%d)\n",
1394 dev->name, extra_size);
1395 #endif /* WE_RTNETLINK_DEBUG */
1396 return -EINVAL;
1397 }
1398
1399 #ifdef WE_RTNETLINK_DEBUG
1400 printk(KERN_DEBUG "%s (WE.r) : Malloc %d bytes\n",
1401 dev->name, extra_size);
1402 #endif /* WE_RTNETLINK_DEBUG */
1403
1404 /* Always allocate for max space. Easier, and won't last
1405 * long... */
1406 extra_size = descr->max_tokens * descr->token_size;
1407 extra = kmalloc(extra_size, GFP_KERNEL);
1408 if (extra == NULL)
1409 return -ENOMEM;
1410
1411 /* Copy extra in aligned buffer */
1412 memcpy(extra, ((char *) request) + hdr_len, extra_len);
1413
1414 /* Call the handler */
1415 ret = handler(dev, &info, &wrqu_point, extra);
1416 }
1417
1418 #ifdef WE_SET_EVENT
1419 /* Generate an event to notify listeners of the change */
1420 if ((descr->flags & IW_DESCR_FLAG_EVENT) &&
1421 ((ret == 0) || (ret == -EIWCOMMIT))) {
1422 if (descr->flags & IW_DESCR_FLAG_RESTRICT)
1423 /* If the event is restricted, don't
1424 * export the payload */
1425 wireless_send_event(dev, cmd, wrqu, NULL);
1426 else
1427 wireless_send_event(dev, cmd, wrqu, extra);
1428 }
1429 #endif /* WE_SET_EVENT */
1430
1431 /* Cleanup - I told you it wasn't that long ;-) */
1432 if (extra)
1433 kfree(extra);
1434
1435 /* Call commit handler if needed and defined */
1436 if (ret == -EIWCOMMIT)
1437 ret = call_commit_handler(dev);
1438
1439 return ret;
1440 }
1441
1442 /* ---------------------------------------------------------------- */
1443 /*
1444 * Wrapper to call a private Wireless Extension GET handler.
1445 * Same as above...
1446 * It's not as nice and slimline as the standard wrapper. The cause
1447 * is struct iw_priv_args, which was not really designed for the
1448 * job we are going here.
1449 *
1450 * IMPORTANT : This function prevent to set and get data on the same
1451 * IOCTL and enforce the SET/GET convention. Not doing it would be
1452 * far too hairy...
1453 * If you need to set and get data at the same time, please don't use
1454 * a iw_handler but process it in your ioctl handler (i.e. use the
1455 * old driver API).
1456 */
1457 static inline int rtnetlink_private_get(struct net_device * dev,
1458 struct iw_event * request,
1459 int request_len,
1460 iw_handler handler,
1461 char ** p_buf,
1462 int * p_len)
1463 {
1464 const struct iw_priv_args * descr = NULL;
1465 unsigned int cmd;
1466 union iwreq_data * wrqu;
1467 int hdr_len;
1468 struct iw_request_info info;
1469 int extra_size = 0;
1470 int i;
1471 char * buffer = NULL;
1472 int buffer_size = 0;
1473 int ret = -EINVAL;
1474
1475 /* Get the description of the Request */
1476 cmd = request->cmd;
1477 for (i = 0; i < dev->wireless_handlers->num_private_args; i++)
1478 if (cmd == dev->wireless_handlers->private_args[i].cmd) {
1479 descr = &(dev->wireless_handlers->private_args[i]);
1480 break;
1481 }
1482 if (descr == NULL)
1483 return -EOPNOTSUPP;
1484
1485 #ifdef WE_RTNETLINK_DEBUG
1486 printk(KERN_DEBUG "%s (WE.r) : Found private handler for 0x%04X\n",
1487 dev->name, cmd);
1488 printk(KERN_DEBUG "%s (WE.r) : Name %s, set %X, get %X\n",
1489 dev->name, descr->name, descr->set_args, descr->get_args);
1490 #endif /* WE_RTNETLINK_DEBUG */
1491
1492 /* Compute the max size of the get arguments */
1493 extra_size = get_priv_size(descr->get_args);
1494
1495 /* Does it fits in wrqu ? */
1496 if ((descr->get_args & IW_PRIV_SIZE_FIXED) &&
1497 (extra_size <= IFNAMSIZ)) {
1498 hdr_len = extra_size;
1499 extra_size = 0;
1500 } else {
1501 hdr_len = IW_EV_POINT_PK_LEN;
1502 }
1503
1504 /* Check if wrqu is complete */
1505 if (request_len < hdr_len) {
1506 #ifdef WE_RTNETLINK_DEBUG
1507 printk(KERN_DEBUG
1508 "%s (WE.r) : Wireless request too short (%d)\n",
1509 dev->name, request_len);
1510 #endif /* WE_RTNETLINK_DEBUG */
1511 return -EINVAL;
1512 }
1513
1514 /* Prepare the call */
1515 info.cmd = cmd;
1516 info.flags = 0;
1517
1518 /* Check if we have a pointer to user space data or not. */
1519 if (extra_size == 0) {
1520
1521 /* Create the kernel buffer that we will return.
1522 * It's at an offset to match the TYPE_POINT case... */
1523 buffer_size = request_len + IW_EV_POINT_OFF;
1524 buffer = kmalloc(buffer_size, GFP_KERNEL);
1525 if (buffer == NULL) {
1526 return -ENOMEM;
1527 }
1528 /* Copy event data */
1529 memcpy(buffer + IW_EV_POINT_OFF, request, request_len);
1530 /* Use our own copy of wrqu */
1531 wrqu = (union iwreq_data *) (buffer + IW_EV_POINT_OFF
1532 + IW_EV_LCP_PK_LEN);
1533
1534 /* No extra arguments. Trivial to handle */
1535 ret = handler(dev, &info, wrqu, (char *) wrqu);
1536
1537 } else {
1538 char * extra;
1539
1540 /* Buffer for full reply */
1541 buffer_size = extra_size + IW_EV_POINT_PK_LEN + IW_EV_POINT_OFF;
1542
1543 #ifdef WE_RTNETLINK_DEBUG
1544 printk(KERN_DEBUG "%s (WE.r) : Malloc %d bytes (%d bytes)\n",
1545 dev->name, extra_size, buffer_size);
1546 #endif /* WE_RTNETLINK_DEBUG */
1547
1548 /* Create the kernel buffer that we will return */
1549 buffer = kmalloc(buffer_size, GFP_KERNEL);
1550 if (buffer == NULL) {
1551 return -ENOMEM;
1552 }
1553
1554 /* Put wrqu in the right place (just before extra).
1555 * Leave space for IWE header and dummy pointer...
1556 * Note that IW_EV_LCP_PK_LEN==4 bytes, so it's still aligned.
1557 */
1558 memcpy(buffer + IW_EV_LCP_PK_LEN + IW_EV_POINT_OFF,
1559 ((char *) request) + IW_EV_LCP_PK_LEN,
1560 IW_EV_POINT_PK_LEN - IW_EV_LCP_PK_LEN);
1561 wrqu = (union iwreq_data *) (buffer + IW_EV_LCP_PK_LEN);
1562
1563 /* Extra comes logically after that. Offset +12 bytes. */
1564 extra = buffer + IW_EV_POINT_OFF + IW_EV_POINT_PK_LEN;
1565
1566 /* Call the handler */
1567 ret = handler(dev, &info, wrqu, extra);
1568
1569 /* Adjust for the actual length if it's variable,
1570 * avoid leaking kernel bits outside. */
1571 if (!(descr->get_args & IW_PRIV_SIZE_FIXED))
1572 extra_size = adjust_priv_size(descr->get_args, wrqu);
1573 /* Re-adjust reply size */
1574 request->len = extra_size + IW_EV_POINT_PK_LEN;
1575
1576 /* Put the iwe header where it should, i.e. scrap the
1577 * dummy pointer. */
1578 memcpy(buffer + IW_EV_POINT_OFF, request, IW_EV_LCP_PK_LEN);
1579
1580 #ifdef WE_RTNETLINK_DEBUG
1581 printk(KERN_DEBUG "%s (WE.r) : Reply 0x%04X, hdr_len %d, tokens %d, extra_size %d, buffer_size %d\n", dev->name, cmd, hdr_len, wrqu->data.length, extra_size, buffer_size);
1582 #endif /* WE_RTNETLINK_DEBUG */
1583 }
1584
1585 /* Return the buffer to the caller */
1586 if (!ret) {
1587 *p_buf = buffer;
1588 *p_len = request->len;
1589 } else {
1590 /* Cleanup */
1591 if (buffer)
1592 kfree(buffer);
1593 }
1594
1595 return ret;
1596 }
1597
1598 /* ---------------------------------------------------------------- */
1599 /*
1600 * Wrapper to call a private Wireless Extension SET handler.
1601 * Same as above...
1602 * It's not as nice and slimline as the standard wrapper. The cause
1603 * is struct iw_priv_args, which was not really designed for the
1604 * job we are going here.
1605 *
1606 * IMPORTANT : This function prevent to set and get data on the same
1607 * IOCTL and enforce the SET/GET convention. Not doing it would be
1608 * far too hairy...
1609 * If you need to set and get data at the same time, please don't use
1610 * a iw_handler but process it in your ioctl handler (i.e. use the
1611 * old driver API).
1612 */
1613 static inline int rtnetlink_private_set(struct net_device * dev,
1614 struct iw_event * request,
1615 int request_len,
1616 iw_handler handler)
1617 {
1618 const struct iw_priv_args * descr = NULL;
1619 unsigned int cmd;
1620 union iwreq_data * wrqu;
1621 union iwreq_data wrqu_point;
1622 int hdr_len;
1623 char * extra = NULL;
1624 int extra_size = 0;
1625 int offset = 0; /* For sub-ioctls */
1626 struct iw_request_info info;
1627 int i;
1628 int ret = -EINVAL;
1629
1630 /* Get the description of the Request */
1631 cmd = request->cmd;
1632 for (i = 0; i < dev->wireless_handlers->num_private_args; i++)
1633 if (cmd == dev->wireless_handlers->private_args[i].cmd) {
1634 descr = &(dev->wireless_handlers->private_args[i]);
1635 break;
1636 }
1637 if (descr == NULL)
1638 return -EOPNOTSUPP;
1639
1640 #ifdef WE_RTNETLINK_DEBUG
1641 printk(KERN_DEBUG "%s (WE.r) : Found private handler for 0x%04X\n",
1642 ifr->ifr_name, cmd);
1643 printk(KERN_DEBUG "%s (WE.r) : Name %s, set %X, get %X\n",
1644 dev->name, descr->name, descr->set_args, descr->get_args);
1645 #endif /* WE_RTNETLINK_DEBUG */
1646
1647 /* Compute the size of the set arguments */
1648 /* Check for sub-ioctl handler */
1649 if (descr->name[0] == '\0')
1650 /* Reserve one int for sub-ioctl index */
1651 offset = sizeof(__u32);
1652
1653 /* Size of set arguments */
1654 extra_size = get_priv_size(descr->set_args);
1655
1656 /* Does it fits in wrqu ? */
1657 if ((descr->set_args & IW_PRIV_SIZE_FIXED) &&
1658 (extra_size <= IFNAMSIZ)) {
1659 hdr_len = IW_EV_LCP_PK_LEN + extra_size;
1660 extra_size = 0;
1661 } else {
1662 hdr_len = IW_EV_POINT_PK_LEN;
1663 }
1664
1665 /* Extract fixed header from request. This is properly aligned. */
1666 wrqu = (union iwreq_data *) (((char *) request) + IW_EV_LCP_PK_LEN);
1667
1668 /* Check if wrqu is complete */
1669 if (request_len < hdr_len) {
1670 #ifdef WE_RTNETLINK_DEBUG
1671 printk(KERN_DEBUG
1672 "%s (WE.r) : Wireless request too short (%d)\n",
1673 dev->name, request_len);
1674 #endif /* WE_RTNETLINK_DEBUG */
1675 return -EINVAL;
1676 }
1677
1678 /* Prepare the call */
1679 info.cmd = cmd;
1680 info.flags = 0;
1681
1682 /* Check if we have a pointer to user space data or not. */
1683 if (extra_size == 0) {
1684
1685 /* No extra arguments. Trivial to handle */
1686 ret = handler(dev, &info, wrqu, (char *) wrqu);
1687
1688 } else {
1689 int extra_len;
1690
1691 /* Put wrqu in the right place (skip pointer) */
1692 memcpy(((char *) &wrqu_point) + IW_EV_POINT_OFF,
1693 wrqu, IW_EV_POINT_PK_LEN - IW_EV_LCP_PK_LEN);
1694
1695 /* Does it fits within bounds ? */
1696 if (wrqu_point.data.length > (descr->set_args &
1697 IW_PRIV_SIZE_MASK))
1698 return -E2BIG;
1699
1700 /* Real length of payload */
1701 extra_len = adjust_priv_size(descr->set_args, &wrqu_point);
1702
1703 /* Check if request is self consistent */
1704 if ((request_len - hdr_len) < extra_len) {
1705 #ifdef WE_RTNETLINK_DEBUG
1706 printk(KERN_DEBUG "%s (WE.r) : Wireless request data too short (%d)\n",
1707 dev->name, extra_size);
1708 #endif /* WE_RTNETLINK_DEBUG */
1709 return -EINVAL;
1710 }
1711
1712 #ifdef WE_RTNETLINK_DEBUG
1713 printk(KERN_DEBUG "%s (WE.r) : Malloc %d bytes\n",
1714 dev->name, extra_size);
1715 #endif /* WE_RTNETLINK_DEBUG */
1716
1717 /* Always allocate for max space. Easier, and won't last
1718 * long... */
1719 extra = kmalloc(extra_size, GFP_KERNEL);
1720 if (extra == NULL)
1721 return -ENOMEM;
1722
1723 /* Copy extra in aligned buffer */
1724 memcpy(extra, ((char *) request) + hdr_len, extra_len);
1725
1726 /* Call the handler */
1727 ret = handler(dev, &info, &wrqu_point, extra);
1728
1729 /* Cleanup - I told you it wasn't that long ;-) */
1730 kfree(extra);
1731 }
1732
1733 /* Call commit handler if needed and defined */
1734 if (ret == -EIWCOMMIT)
1735 ret = call_commit_handler(dev);
1736
1737 return ret;
1738 }
1739
1740 /* ---------------------------------------------------------------- */
1741 /*
1742 * Main RtNetlink dispatcher. Called from the main networking code
1743 * (do_getlink() in net/core/rtnetlink.c).
1744 * Check the type of Request and call the appropriate wrapper...
1745 */
1746 int wireless_rtnetlink_get(struct net_device * dev,
1747 char * data,
1748 int len,
1749 char ** p_buf,
1750 int * p_len)
1751 {
1752 struct iw_event * request = (struct iw_event *) data;
1753 iw_handler handler;
1754
1755 /* Check length */
1756 if (len < IW_EV_LCP_PK_LEN) {
1757 printk(KERN_DEBUG "%s (WE.r) : RtNetlink request too short (%d)\n",
1758 dev->name, len);
1759 return -EINVAL;
1760 }
1761
1762 /* ReCheck length (len may have padding) */
1763 if (request->len > len) {
1764 printk(KERN_DEBUG "%s (WE.r) : RtNetlink request len invalid (%d-%d)\n",
1765 dev->name, request->len, len);
1766 return -EINVAL;
1767 }
1768
1769 /* Only accept GET requests in here */
1770 if (!IW_IS_GET(request->cmd))
1771 return -EOPNOTSUPP;
1772
1773 /* If command is `get the encoding parameters', check if
1774 * the user has the right to do it */
1775 if (request->cmd == SIOCGIWENCODE ||
1776 request->cmd == SIOCGIWENCODEEXT) {
1777 if (!capable(CAP_NET_ADMIN))
1778 return -EPERM;
1779 }
1780
1781 /* Special cases */
1782 if (request->cmd == SIOCGIWSTATS)
1783 /* Get Wireless Stats */
1784 return rtnetlink_standard_get(dev,
1785 request,
1786 request->len,
1787 &iw_handler_get_iwstats,
1788 p_buf, p_len);
1789 if (request->cmd == SIOCGIWPRIV) {
1790 /* Check if we have some wireless handlers defined */
1791 if (dev->wireless_handlers == NULL)
1792 return -EOPNOTSUPP;
1793 /* Get Wireless Stats */
1794 return rtnetlink_standard_get(dev,
1795 request,
1796 request->len,
1797 &iw_handler_get_private,
1798 p_buf, p_len);
1799 }
1800
1801 /* Basic check */
1802 if (!netif_device_present(dev))
1803 return -ENODEV;
1804
1805 /* Try to find the handler */
1806 handler = get_handler(dev, request->cmd);
1807 if (handler != NULL) {
1808 /* Standard and private are not the same */
1809 if (request->cmd < SIOCIWFIRSTPRIV)
1810 return rtnetlink_standard_get(dev,
1811 request,
1812 request->len,
1813 handler,
1814 p_buf, p_len);
1815 else
1816 return rtnetlink_private_get(dev,
1817 request,
1818 request->len,
1819 handler,
1820 p_buf, p_len);
1821 }
1822
1823 return -EOPNOTSUPP;
1824 }
1825
1826 /* ---------------------------------------------------------------- */
1827 /*
1828 * Main RtNetlink dispatcher. Called from the main networking code
1829 * (do_setlink() in net/core/rtnetlink.c).
1830 * Check the type of Request and call the appropriate wrapper...
1831 */
1832 int wireless_rtnetlink_set(struct net_device * dev,
1833 char * data,
1834 int len)
1835 {
1836 struct iw_event * request = (struct iw_event *) data;
1837 iw_handler handler;
1838
1839 /* Check length */
1840 if (len < IW_EV_LCP_PK_LEN) {
1841 printk(KERN_DEBUG "%s (WE.r) : RtNetlink request too short (%d)\n",
1842 dev->name, len);
1843 return -EINVAL;
1844 }
1845
1846 /* ReCheck length (len may have padding) */
1847 if (request->len > len) {
1848 printk(KERN_DEBUG "%s (WE.r) : RtNetlink request len invalid (%d-%d)\n",
1849 dev->name, request->len, len);
1850 return -EINVAL;
1851 }
1852
1853 /* Only accept SET requests in here */
1854 if (!IW_IS_SET(request->cmd))
1855 return -EOPNOTSUPP;
1856
1857 /* Basic check */
1858 if (!netif_device_present(dev))
1859 return -ENODEV;
1860
1861 /* New driver API : try to find the handler */
1862 handler = get_handler(dev, request->cmd);
1863 if (handler != NULL) {
1864 /* Standard and private are not the same */
1865 if (request->cmd < SIOCIWFIRSTPRIV)
1866 return rtnetlink_standard_set(dev,
1867 request,
1868 request->len,
1869 handler);
1870 else
1871 return rtnetlink_private_set(dev,
1872 request,
1873 request->len,
1874 handler);
1875 }
1876
1877 return -EOPNOTSUPP;
1878 }
1879 #endif /* CONFIG_NET_WIRELESS_RTNETLINK */
1880
1881
1882 /************************* EVENT PROCESSING *************************/
1883 /*
1884 * Process events generated by the wireless layer or the driver.
1885 * Most often, the event will be propagated through rtnetlink
1886 */
1887
1888 #ifdef WE_EVENT_RTNETLINK
1889 /* ---------------------------------------------------------------- */
1890 /*
1891 * Locking...
1892 * ----------
1893 *
1894 * Thanks to Herbert Xu <herbert@gondor.apana.org.au> for fixing
1895 * the locking issue in here and implementing this code !
1896 *
1897 * The issue : wireless_send_event() is often called in interrupt context,
1898 * while the Netlink layer can never be called in interrupt context.
1899 * The fully formed RtNetlink events are queued, and then a tasklet is run
1900 * to feed those to Netlink.
1901 * The skb_queue is interrupt safe, and its lock is not held while calling
1902 * Netlink, so there is no possibility of dealock.
1903 * Jean II
1904 */
1905
1906 static struct sk_buff_head wireless_nlevent_queue;
1907
1908 static int __init wireless_nlevent_init(void)
1909 {
1910 skb_queue_head_init(&wireless_nlevent_queue);
1911 return 0;
1912 }
1913
1914 subsys_initcall(wireless_nlevent_init);
1915
1916 static void wireless_nlevent_process(unsigned long data)
1917 {
1918 struct sk_buff *skb;
1919
1920 while ((skb = skb_dequeue(&wireless_nlevent_queue)))
1921 rtnl_notify(skb, 0, RTNLGRP_LINK, NULL, GFP_ATOMIC);
1922 }
1923
1924 static DECLARE_TASKLET(wireless_nlevent_tasklet, wireless_nlevent_process, 0);
1925
1926 /* ---------------------------------------------------------------- */
1927 /*
1928 * Fill a rtnetlink message with our event data.
1929 * Note that we propage only the specified event and don't dump the
1930 * current wireless config. Dumping the wireless config is far too
1931 * expensive (for each parameter, the driver need to query the hardware).
1932 */
1933 static inline int rtnetlink_fill_iwinfo(struct sk_buff * skb,
1934 struct net_device * dev,
1935 int type,
1936 char * event,
1937 int event_len)
1938 {
1939 struct ifinfomsg *r;
1940 struct nlmsghdr *nlh;
1941 unsigned char *b = skb_tail_pointer(skb);
1942
1943 nlh = NLMSG_PUT(skb, 0, 0, type, sizeof(*r));
1944 r = NLMSG_DATA(nlh);
1945 r->ifi_family = AF_UNSPEC;
1946 r->__ifi_pad = 0;
1947 r->ifi_type = dev->type;
1948 r->ifi_index = dev->ifindex;
1949 r->ifi_flags = dev_get_flags(dev);
1950 r->ifi_change = 0; /* Wireless changes don't affect those flags */
1951
1952 /* Add the wireless events in the netlink packet */
1953 RTA_PUT(skb, IFLA_WIRELESS, event_len, event);
1954
1955 nlh->nlmsg_len = skb_tail_pointer(skb) - b;
1956 return skb->len;
1957
1958 nlmsg_failure:
1959 rtattr_failure:
1960 nlmsg_trim(skb, b);
1961 return -1;
1962 }
1963
1964 /* ---------------------------------------------------------------- */
1965 /*
1966 * Create and broadcast and send it on the standard rtnetlink socket
1967 * This is a pure clone rtmsg_ifinfo() in net/core/rtnetlink.c
1968 * Andrzej Krzysztofowicz mandated that I used a IFLA_XXX field
1969 * within a RTM_NEWLINK event.
1970 */
1971 static inline void rtmsg_iwinfo(struct net_device * dev,
1972 char * event,
1973 int event_len)
1974 {
1975 struct sk_buff *skb;
1976 int size = NLMSG_GOODSIZE;
1977
1978 skb = alloc_skb(size, GFP_ATOMIC);
1979 if (!skb)
1980 return;
1981
1982 if (rtnetlink_fill_iwinfo(skb, dev, RTM_NEWLINK,
1983 event, event_len) < 0) {
1984 kfree_skb(skb);
1985 return;
1986 }
1987 NETLINK_CB(skb).dst_group = RTNLGRP_LINK;
1988 skb_queue_tail(&wireless_nlevent_queue, skb);
1989 tasklet_schedule(&wireless_nlevent_tasklet);
1990 }
1991
1992 #endif /* WE_EVENT_RTNETLINK */
1993
1994 /* ---------------------------------------------------------------- */
1995 /*
1996 * Main event dispatcher. Called from other parts and drivers.
1997 * Send the event on the appropriate channels.
1998 * May be called from interrupt context.
1999 */
2000 void wireless_send_event(struct net_device * dev,
2001 unsigned int cmd,
2002 union iwreq_data * wrqu,
2003 char * extra)
2004 {
2005 const struct iw_ioctl_description * descr = NULL;
2006 int extra_len = 0;
2007 struct iw_event *event; /* Mallocated whole event */
2008 int event_len; /* Its size */
2009 int hdr_len; /* Size of the event header */
2010 int wrqu_off = 0; /* Offset in wrqu */
2011 /* Don't "optimise" the following variable, it will crash */
2012 unsigned cmd_index; /* *MUST* be unsigned */
2013
2014 /* Get the description of the Event */
2015 if (cmd <= SIOCIWLAST) {
2016 cmd_index = cmd - SIOCIWFIRST;
2017 if (cmd_index < standard_ioctl_num)
2018 descr = &(standard_ioctl[cmd_index]);
2019 } else {
2020 cmd_index = cmd - IWEVFIRST;
2021 if (cmd_index < standard_event_num)
2022 descr = &(standard_event[cmd_index]);
2023 }
2024 /* Don't accept unknown events */
2025 if (descr == NULL) {
2026 /* Note : we don't return an error to the driver, because
2027 * the driver would not know what to do about it. It can't
2028 * return an error to the user, because the event is not
2029 * initiated by a user request.
2030 * The best the driver could do is to log an error message.
2031 * We will do it ourselves instead...
2032 */
2033 printk(KERN_ERR "%s (WE) : Invalid/Unknown Wireless Event (0x%04X)\n",
2034 dev->name, cmd);
2035 return;
2036 }
2037 #ifdef WE_EVENT_DEBUG
2038 printk(KERN_DEBUG "%s (WE) : Got event 0x%04X\n",
2039 dev->name, cmd);
2040 printk(KERN_DEBUG "%s (WE) : Header type : %d, Token type : %d, size : %d, token : %d\n", dev->name, descr->header_type, descr->token_type, descr->token_size, descr->max_tokens);
2041 #endif /* WE_EVENT_DEBUG */
2042
2043 /* Check extra parameters and set extra_len */
2044 if (descr->header_type == IW_HEADER_TYPE_POINT) {
2045 /* Check if number of token fits within bounds */
2046 if (wrqu->data.length > descr->max_tokens) {
2047 printk(KERN_ERR "%s (WE) : Wireless Event too big (%d)\n", dev->name, wrqu->data.length);
2048 return;
2049 }
2050 if (wrqu->data.length < descr->min_tokens) {
2051 printk(KERN_ERR "%s (WE) : Wireless Event too small (%d)\n", dev->name, wrqu->data.length);
2052 return;
2053 }
2054 /* Calculate extra_len - extra is NULL for restricted events */
2055 if (extra != NULL)
2056 extra_len = wrqu->data.length * descr->token_size;
2057 /* Always at an offset in wrqu */
2058 wrqu_off = IW_EV_POINT_OFF;
2059 #ifdef WE_EVENT_DEBUG
2060 printk(KERN_DEBUG "%s (WE) : Event 0x%04X, tokens %d, extra_len %d\n", dev->name, cmd, wrqu->data.length, extra_len);
2061 #endif /* WE_EVENT_DEBUG */
2062 }
2063
2064 /* Total length of the event */
2065 hdr_len = event_type_size[descr->header_type];
2066 event_len = hdr_len + extra_len;
2067
2068 #ifdef WE_EVENT_DEBUG
2069 printk(KERN_DEBUG "%s (WE) : Event 0x%04X, hdr_len %d, wrqu_off %d, event_len %d\n", dev->name, cmd, hdr_len, wrqu_off, event_len);
2070 #endif /* WE_EVENT_DEBUG */
2071
2072 /* Create temporary buffer to hold the event */
2073 event = kmalloc(event_len, GFP_ATOMIC);
2074 if (event == NULL)
2075 return;
2076
2077 /* Fill event */
2078 event->len = event_len;
2079 event->cmd = cmd;
2080 memcpy(&event->u, ((char *) wrqu) + wrqu_off, hdr_len - IW_EV_LCP_LEN);
2081 if (extra != NULL)
2082 memcpy(((char *) event) + hdr_len, extra, extra_len);
2083
2084 #ifdef WE_EVENT_RTNETLINK
2085 /* Send via the RtNetlink event channel */
2086 rtmsg_iwinfo(dev, (char *) event, event_len);
2087 #endif /* WE_EVENT_RTNETLINK */
2088
2089 /* Cleanup */
2090 kfree(event);
2091
2092 return; /* Always success, I guess ;-) */
2093 }
2094
2095 /********************** ENHANCED IWSPY SUPPORT **********************/
2096 /*
2097 * In the old days, the driver was handling spy support all by itself.
2098 * Now, the driver can delegate this task to Wireless Extensions.
2099 * It needs to use those standard spy iw_handler in struct iw_handler_def,
2100 * push data to us via wireless_spy_update() and include struct iw_spy_data
2101 * in its private part (and export it in net_device->wireless_data->spy_data).
2102 * One of the main advantage of centralising spy support here is that
2103 * it becomes much easier to improve and extend it without having to touch
2104 * the drivers. One example is the addition of the Spy-Threshold events.
2105 */
2106
2107 /* ---------------------------------------------------------------- */
2108 /*
2109 * Return the pointer to the spy data in the driver.
2110 * Because this is called on the Rx path via wireless_spy_update(),
2111 * we want it to be efficient...
2112 */
2113 static inline struct iw_spy_data * get_spydata(struct net_device *dev)
2114 {
2115 /* This is the new way */
2116 if (dev->wireless_data)
2117 return(dev->wireless_data->spy_data);
2118 return NULL;
2119 }
2120
2121 /*------------------------------------------------------------------*/
2122 /*
2123 * Standard Wireless Handler : set Spy List
2124 */
2125 int iw_handler_set_spy(struct net_device * dev,
2126 struct iw_request_info * info,
2127 union iwreq_data * wrqu,
2128 char * extra)
2129 {
2130 struct iw_spy_data * spydata = get_spydata(dev);
2131 struct sockaddr * address = (struct sockaddr *) extra;
2132
2133 /* Make sure driver is not buggy or using the old API */
2134 if (!spydata)
2135 return -EOPNOTSUPP;
2136
2137 /* Disable spy collection while we copy the addresses.
2138 * While we copy addresses, any call to wireless_spy_update()
2139 * will NOP. This is OK, as anyway the addresses are changing. */
2140 spydata->spy_number = 0;
2141
2142 /* We want to operate without locking, because wireless_spy_update()
2143 * most likely will happen in the interrupt handler, and therefore
2144 * have its own locking constraints and needs performance.
2145 * The rtnl_lock() make sure we don't race with the other iw_handlers.
2146 * This make sure wireless_spy_update() "see" that the spy list
2147 * is temporarily disabled. */
2148 smp_wmb();
2149
2150 /* Are there are addresses to copy? */
2151 if (wrqu->data.length > 0) {
2152 int i;
2153
2154 /* Copy addresses */
2155 for (i = 0; i < wrqu->data.length; i++)
2156 memcpy(spydata->spy_address[i], address[i].sa_data,
2157 ETH_ALEN);
2158 /* Reset stats */
2159 memset(spydata->spy_stat, 0,
2160 sizeof(struct iw_quality) * IW_MAX_SPY);
2161
2162 #ifdef WE_SPY_DEBUG
2163 printk(KERN_DEBUG "iw_handler_set_spy() : wireless_data %p, spydata %p, num %d\n", dev->wireless_data, spydata, wrqu->data.length);
2164 for (i = 0; i < wrqu->data.length; i++)
2165 printk(KERN_DEBUG
2166 "%02X:%02X:%02X:%02X:%02X:%02X \n",
2167 spydata->spy_address[i][0],
2168 spydata->spy_address[i][1],
2169 spydata->spy_address[i][2],
2170 spydata->spy_address[i][3],
2171 spydata->spy_address[i][4],
2172 spydata->spy_address[i][5]);
2173 #endif /* WE_SPY_DEBUG */
2174 }
2175
2176 /* Make sure above is updated before re-enabling */
2177 smp_wmb();
2178
2179 /* Enable addresses */
2180 spydata->spy_number = wrqu->data.length;
2181
2182 return 0;
2183 }
2184
2185 /*------------------------------------------------------------------*/
2186 /*
2187 * Standard Wireless Handler : get Spy List
2188 */
2189 int iw_handler_get_spy(struct net_device * dev,
2190 struct iw_request_info * info,
2191 union iwreq_data * wrqu,
2192 char * extra)
2193 {
2194 struct iw_spy_data * spydata = get_spydata(dev);
2195 struct sockaddr * address = (struct sockaddr *) extra;
2196 int i;
2197
2198 /* Make sure driver is not buggy or using the old API */
2199 if (!spydata)
2200 return -EOPNOTSUPP;
2201
2202 wrqu->data.length = spydata->spy_number;
2203
2204 /* Copy addresses. */
2205 for (i = 0; i < spydata->spy_number; i++) {
2206 memcpy(address[i].sa_data, spydata->spy_address[i], ETH_ALEN);
2207 address[i].sa_family = AF_UNIX;
2208 }
2209 /* Copy stats to the user buffer (just after). */
2210 if (spydata->spy_number > 0)
2211 memcpy(extra + (sizeof(struct sockaddr) *spydata->spy_number),
2212 spydata->spy_stat,
2213 sizeof(struct iw_quality) * spydata->spy_number);
2214 /* Reset updated flags. */
2215 for (i = 0; i < spydata->spy_number; i++)
2216 spydata->spy_stat[i].updated &= ~IW_QUAL_ALL_UPDATED;
2217 return 0;
2218 }
2219
2220 /*------------------------------------------------------------------*/
2221 /*
2222 * Standard Wireless Handler : set spy threshold
2223 */
2224 int iw_handler_set_thrspy(struct net_device * dev,
2225 struct iw_request_info *info,
2226 union iwreq_data * wrqu,
2227 char * extra)
2228 {
2229 struct iw_spy_data * spydata = get_spydata(dev);
2230 struct iw_thrspy * threshold = (struct iw_thrspy *) extra;
2231
2232 /* Make sure driver is not buggy or using the old API */
2233 if (!spydata)
2234 return -EOPNOTSUPP;
2235
2236 /* Just do it */
2237 memcpy(&(spydata->spy_thr_low), &(threshold->low),
2238 2 * sizeof(struct iw_quality));
2239
2240 /* Clear flag */
2241 memset(spydata->spy_thr_under, '\0', sizeof(spydata->spy_thr_under));
2242
2243 #ifdef WE_SPY_DEBUG
2244 printk(KERN_DEBUG "iw_handler_set_thrspy() : low %d ; high %d\n", spydata->spy_thr_low.level, spydata->spy_thr_high.level);
2245 #endif /* WE_SPY_DEBUG */
2246
2247 return 0;
2248 }
2249
2250 /*------------------------------------------------------------------*/
2251 /*
2252 * Standard Wireless Handler : get spy threshold
2253 */
2254 int iw_handler_get_thrspy(struct net_device * dev,
2255 struct iw_request_info *info,
2256 union iwreq_data * wrqu,
2257 char * extra)
2258 {
2259 struct iw_spy_data * spydata = get_spydata(dev);
2260 struct iw_thrspy * threshold = (struct iw_thrspy *) extra;
2261
2262 /* Make sure driver is not buggy or using the old API */
2263 if (!spydata)
2264 return -EOPNOTSUPP;
2265
2266 /* Just do it */
2267 memcpy(&(threshold->low), &(spydata->spy_thr_low),
2268 2 * sizeof(struct iw_quality));
2269
2270 return 0;
2271 }
2272
2273 /*------------------------------------------------------------------*/
2274 /*
2275 * Prepare and send a Spy Threshold event
2276 */
2277 static void iw_send_thrspy_event(struct net_device * dev,
2278 struct iw_spy_data * spydata,
2279 unsigned char * address,
2280 struct iw_quality * wstats)
2281 {
2282 union iwreq_data wrqu;
2283 struct iw_thrspy threshold;
2284
2285 /* Init */
2286 wrqu.data.length = 1;
2287 wrqu.data.flags = 0;
2288 /* Copy address */
2289 memcpy(threshold.addr.sa_data, address, ETH_ALEN);
2290 threshold.addr.sa_family = ARPHRD_ETHER;
2291 /* Copy stats */
2292 memcpy(&(threshold.qual), wstats, sizeof(struct iw_quality));
2293 /* Copy also thresholds */
2294 memcpy(&(threshold.low), &(spydata->spy_thr_low),
2295 2 * sizeof(struct iw_quality));
2296
2297 #ifdef WE_SPY_DEBUG
2298 printk(KERN_DEBUG "iw_send_thrspy_event() : address %02X:%02X:%02X:%02X:%02X:%02X, level %d, up = %d\n",
2299 threshold.addr.sa_data[0],
2300 threshold.addr.sa_data[1],
2301 threshold.addr.sa_data[2],
2302 threshold.addr.sa_data[3],
2303 threshold.addr.sa_data[4],
2304 threshold.addr.sa_data[5], threshold.qual.level);
2305 #endif /* WE_SPY_DEBUG */
2306
2307 /* Send event to user space */
2308 wireless_send_event(dev, SIOCGIWTHRSPY, &wrqu, (char *) &threshold);
2309 }
2310
2311 /* ---------------------------------------------------------------- */
2312 /*
2313 * Call for the driver to update the spy data.
2314 * For now, the spy data is a simple array. As the size of the array is
2315 * small, this is good enough. If we wanted to support larger number of
2316 * spy addresses, we should use something more efficient...
2317 */
2318 void wireless_spy_update(struct net_device * dev,
2319 unsigned char * address,
2320 struct iw_quality * wstats)
2321 {
2322 struct iw_spy_data * spydata = get_spydata(dev);
2323 int i;
2324 int match = -1;
2325
2326 /* Make sure driver is not buggy or using the old API */
2327 if (!spydata)
2328 return;
2329
2330 #ifdef WE_SPY_DEBUG
2331 printk(KERN_DEBUG "wireless_spy_update() : wireless_data %p, spydata %p, address %02X:%02X:%02X:%02X:%02X:%02X\n", dev->wireless_data, spydata, address[0], address[1], address[2], address[3], address[4], address[5]);
2332 #endif /* WE_SPY_DEBUG */
2333
2334 /* Update all records that match */
2335 for (i = 0; i < spydata->spy_number; i++)
2336 if (!compare_ether_addr(address, spydata->spy_address[i])) {
2337 memcpy(&(spydata->spy_stat[i]), wstats,
2338 sizeof(struct iw_quality));
2339 match = i;
2340 }
2341
2342 /* Generate an event if we cross the spy threshold.
2343 * To avoid event storms, we have a simple hysteresis : we generate
2344 * event only when we go under the low threshold or above the
2345 * high threshold. */
2346 if (match >= 0) {
2347 if (spydata->spy_thr_under[match]) {
2348 if (wstats->level > spydata->spy_thr_high.level) {
2349 spydata->spy_thr_under[match] = 0;
2350 iw_send_thrspy_event(dev, spydata,
2351 address, wstats);
2352 }
2353 } else {
2354 if (wstats->level < spydata->spy_thr_low.level) {
2355 spydata->spy_thr_under[match] = 1;
2356 iw_send_thrspy_event(dev, spydata,
2357 address, wstats);
2358 }
2359 }
2360 }
2361 }
2362
2363 EXPORT_SYMBOL(iw_handler_get_spy);
2364 EXPORT_SYMBOL(iw_handler_get_thrspy);
2365 EXPORT_SYMBOL(iw_handler_set_spy);
2366 EXPORT_SYMBOL(iw_handler_set_thrspy);
2367 EXPORT_SYMBOL(wireless_send_event);
2368 EXPORT_SYMBOL(wireless_spy_update);
Ubuntu Artful kernel mirror