Commit | Line | Data |
---|---|---|
1da177e4 LT |
1 | /* |
2 | * This file implement the Wireless Extensions APIs. | |
3 | * | |
4 | * Authors : Jean Tourrilhes - HPL - <jt@hpl.hp.com> | |
c2805fbb | 5 | * Copyright (c) 1997-2007 Jean Tourrilhes, All Rights Reserved. |
1da177e4 LT |
6 | * |
7 | * (As all part of the Linux kernel, this file is GPL) | |
8 | */ | |
9 | ||
10 | /************************** DOCUMENTATION **************************/ | |
11 | /* | |
12 | * API definition : | |
13 | * -------------- | |
14 | * See <linux/wireless.h> for details of the APIs and the rest. | |
15 | * | |
16 | * History : | |
17 | * ------- | |
18 | * | |
19 | * v1 - 5.12.01 - Jean II | |
20 | * o Created this file. | |
21 | * | |
22 | * v2 - 13.12.01 - Jean II | |
23 | * o Move /proc/net/wireless stuff from net/core/dev.c to here | |
24 | * o Make Wireless Extension IOCTLs go through here | |
25 | * o Added iw_handler handling ;-) | |
26 | * o Added standard ioctl description | |
27 | * o Initial dumb commit strategy based on orinoco.c | |
28 | * | |
29 | * v3 - 19.12.01 - Jean II | |
30 | * o Make sure we don't go out of standard_ioctl[] in ioctl_standard_call | |
31 | * o Add event dispatcher function | |
32 | * o Add event description | |
33 | * o Propagate events as rtnetlink IFLA_WIRELESS option | |
34 | * o Generate event on selected SET requests | |
35 | * | |
36 | * v4 - 18.04.02 - Jean II | |
37 | * o Fix stupid off by one in iw_ioctl_description : IW_ESSID_MAX_SIZE + 1 | |
38 | * | |
39 | * v5 - 21.06.02 - Jean II | |
40 | * o Add IW_PRIV_TYPE_ADDR in priv_type_size (+cleanup) | |
41 | * o Reshuffle IW_HEADER_TYPE_XXX to map IW_PRIV_TYPE_XXX changes | |
42 | * o Add IWEVCUSTOM for driver specific event/scanning token | |
43 | * o Turn on WE_STRICT_WRITE by default + kernel warning | |
44 | * o Fix WE_STRICT_WRITE in ioctl_export_private() (32 => iw_num) | |
45 | * o Fix off-by-one in test (extra_size <= IFNAMSIZ) | |
46 | * | |
47 | * v6 - 9.01.03 - Jean II | |
48 | * o Add common spy support : iw_handler_set_spy(), wireless_spy_update() | |
49 | * o Add enhanced spy support : iw_handler_set_thrspy() and event. | |
50 | * o Add WIRELESS_EXT version display in /proc/net/wireless | |
51 | * | |
52 | * v6 - 18.06.04 - Jean II | |
53 | * o Change get_spydata() method for added safety | |
54 | * o Remove spy #ifdef, they are always on -> cleaner code | |
55 | * o Allow any size GET request if user specifies length > max | |
56 | * and if request has IW_DESCR_FLAG_NOMAX flag or is SIOCGIWPRIV | |
57 | * o Start migrating get_wireless_stats to struct iw_handler_def | |
58 | * o Add wmb() in iw_handler_set_spy() for non-coherent archs/cpus | |
59 | * Based on patch from Pavel Roskin <proski@gnu.org> : | |
60 | * o Fix kernel data leak to user space in private handler handling | |
6582c164 JT |
61 | * |
62 | * v7 - 18.3.05 - Jean II | |
63 | * o Remove (struct iw_point *)->pointer from events and streams | |
64 | * o Remove spy_offset from struct iw_handler_def | |
65 | * o Start deprecating dev->get_wireless_stats, output a warning | |
66 | * o If IW_QUAL_DBM is set, show dBm values in /proc/net/wireless | |
67 | * o Don't loose INVALID/DBM flags when clearing UPDATED flags (iwstats) | |
711e2c33 JT |
68 | * |
69 | * v8 - 17.02.06 - Jean II | |
70 | * o RtNetlink requests support (SET/GET) | |
baef1865 JL |
71 | * |
72 | * v8b - 03.08.06 - Herbert Xu | |
73 | * o Fix Wireless Event locking issues. | |
74 | * | |
75 | * v9 - 14.3.06 - Jean II | |
76 | * o Change length in ESSID and NICK to strlen() instead of strlen()+1 | |
77 | * o Make standard_ioctl_num and standard_event_num unsigned | |
78 | * o Remove (struct net_device *)->get_wireless_stats() | |
c2805fbb JT |
79 | * |
80 | * v10 - 16.3.07 - Jean II | |
81 | * o Prevent leaking of kernel space in stream on 64 bits. | |
1da177e4 LT |
82 | */ |
83 | ||
84 | /***************************** INCLUDES *****************************/ | |
85 | ||
1da177e4 LT |
86 | #include <linux/module.h> |
87 | #include <linux/types.h> /* off_t */ | |
88 | #include <linux/netdevice.h> /* struct ifreq, dev_get_by_name() */ | |
89 | #include <linux/proc_fs.h> | |
90 | #include <linux/rtnetlink.h> /* rtnetlink stuff */ | |
91 | #include <linux/seq_file.h> | |
92 | #include <linux/init.h> /* for __init */ | |
93 | #include <linux/if_arp.h> /* ARPHRD_ETHER */ | |
9819d85c | 94 | #include <linux/etherdevice.h> /* compare_ether_addr */ |
782a6675 | 95 | #include <linux/interrupt.h> |
1da177e4 LT |
96 | |
97 | #include <linux/wireless.h> /* Pretty obvious */ | |
98 | #include <net/iw_handler.h> /* New driver API */ | |
bd5785ba | 99 | #include <net/netlink.h> |
1da177e4 LT |
100 | |
101 | #include <asm/uaccess.h> /* copy_to_user() */ | |
102 | ||
103 | /**************************** CONSTANTS ****************************/ | |
104 | ||
105 | /* Debugging stuff */ | |
106 | #undef WE_IOCTL_DEBUG /* Debug IOCTL API */ | |
711e2c33 | 107 | #undef WE_RTNETLINK_DEBUG /* Debug RtNetlink API */ |
1da177e4 LT |
108 | #undef WE_EVENT_DEBUG /* Debug Event dispatcher */ |
109 | #undef WE_SPY_DEBUG /* Debug enhanced spy support */ | |
110 | ||
111 | /* Options */ | |
711e2c33 JT |
112 | //CONFIG_NET_WIRELESS_RTNETLINK /* Wireless requests over RtNetlink */ |
113 | #define WE_EVENT_RTNETLINK /* Propagate events using RtNetlink */ | |
1da177e4 LT |
114 | #define WE_SET_EVENT /* Generate an event on some set commands */ |
115 | ||
116 | /************************* GLOBAL VARIABLES *************************/ | |
117 | /* | |
118 | * You should not use global variables, because of re-entrancy. | |
119 | * On our case, it's only const, so it's OK... | |
120 | */ | |
121 | /* | |
122 | * Meta-data about all the standard Wireless Extension request we | |
123 | * know about. | |
124 | */ | |
125 | static const struct iw_ioctl_description standard_ioctl[] = { | |
126 | [SIOCSIWCOMMIT - SIOCIWFIRST] = { | |
127 | .header_type = IW_HEADER_TYPE_NULL, | |
128 | }, | |
129 | [SIOCGIWNAME - SIOCIWFIRST] = { | |
130 | .header_type = IW_HEADER_TYPE_CHAR, | |
131 | .flags = IW_DESCR_FLAG_DUMP, | |
132 | }, | |
133 | [SIOCSIWNWID - SIOCIWFIRST] = { | |
134 | .header_type = IW_HEADER_TYPE_PARAM, | |
135 | .flags = IW_DESCR_FLAG_EVENT, | |
136 | }, | |
137 | [SIOCGIWNWID - SIOCIWFIRST] = { | |
138 | .header_type = IW_HEADER_TYPE_PARAM, | |
139 | .flags = IW_DESCR_FLAG_DUMP, | |
140 | }, | |
141 | [SIOCSIWFREQ - SIOCIWFIRST] = { | |
142 | .header_type = IW_HEADER_TYPE_FREQ, | |
143 | .flags = IW_DESCR_FLAG_EVENT, | |
144 | }, | |
145 | [SIOCGIWFREQ - SIOCIWFIRST] = { | |
146 | .header_type = IW_HEADER_TYPE_FREQ, | |
147 | .flags = IW_DESCR_FLAG_DUMP, | |
148 | }, | |
149 | [SIOCSIWMODE - SIOCIWFIRST] = { | |
150 | .header_type = IW_HEADER_TYPE_UINT, | |
151 | .flags = IW_DESCR_FLAG_EVENT, | |
152 | }, | |
153 | [SIOCGIWMODE - SIOCIWFIRST] = { | |
154 | .header_type = IW_HEADER_TYPE_UINT, | |
155 | .flags = IW_DESCR_FLAG_DUMP, | |
156 | }, | |
157 | [SIOCSIWSENS - SIOCIWFIRST] = { | |
158 | .header_type = IW_HEADER_TYPE_PARAM, | |
159 | }, | |
160 | [SIOCGIWSENS - SIOCIWFIRST] = { | |
161 | .header_type = IW_HEADER_TYPE_PARAM, | |
162 | }, | |
163 | [SIOCSIWRANGE - SIOCIWFIRST] = { | |
164 | .header_type = IW_HEADER_TYPE_NULL, | |
165 | }, | |
166 | [SIOCGIWRANGE - SIOCIWFIRST] = { | |
167 | .header_type = IW_HEADER_TYPE_POINT, | |
168 | .token_size = 1, | |
169 | .max_tokens = sizeof(struct iw_range), | |
170 | .flags = IW_DESCR_FLAG_DUMP, | |
171 | }, | |
172 | [SIOCSIWPRIV - SIOCIWFIRST] = { | |
173 | .header_type = IW_HEADER_TYPE_NULL, | |
174 | }, | |
175 | [SIOCGIWPRIV - SIOCIWFIRST] = { /* (handled directly by us) */ | |
711e2c33 JT |
176 | .header_type = IW_HEADER_TYPE_POINT, |
177 | .token_size = sizeof(struct iw_priv_args), | |
178 | .max_tokens = 16, | |
179 | .flags = IW_DESCR_FLAG_NOMAX, | |
1da177e4 LT |
180 | }, |
181 | [SIOCSIWSTATS - SIOCIWFIRST] = { | |
182 | .header_type = IW_HEADER_TYPE_NULL, | |
183 | }, | |
184 | [SIOCGIWSTATS - SIOCIWFIRST] = { /* (handled directly by us) */ | |
711e2c33 JT |
185 | .header_type = IW_HEADER_TYPE_POINT, |
186 | .token_size = 1, | |
187 | .max_tokens = sizeof(struct iw_statistics), | |
1da177e4 LT |
188 | .flags = IW_DESCR_FLAG_DUMP, |
189 | }, | |
190 | [SIOCSIWSPY - SIOCIWFIRST] = { | |
191 | .header_type = IW_HEADER_TYPE_POINT, | |
192 | .token_size = sizeof(struct sockaddr), | |
193 | .max_tokens = IW_MAX_SPY, | |
194 | }, | |
195 | [SIOCGIWSPY - SIOCIWFIRST] = { | |
196 | .header_type = IW_HEADER_TYPE_POINT, | |
197 | .token_size = sizeof(struct sockaddr) + | |
198 | sizeof(struct iw_quality), | |
199 | .max_tokens = IW_MAX_SPY, | |
200 | }, | |
201 | [SIOCSIWTHRSPY - SIOCIWFIRST] = { | |
202 | .header_type = IW_HEADER_TYPE_POINT, | |
203 | .token_size = sizeof(struct iw_thrspy), | |
204 | .min_tokens = 1, | |
205 | .max_tokens = 1, | |
206 | }, | |
207 | [SIOCGIWTHRSPY - SIOCIWFIRST] = { | |
208 | .header_type = IW_HEADER_TYPE_POINT, | |
209 | .token_size = sizeof(struct iw_thrspy), | |
210 | .min_tokens = 1, | |
211 | .max_tokens = 1, | |
212 | }, | |
213 | [SIOCSIWAP - SIOCIWFIRST] = { | |
214 | .header_type = IW_HEADER_TYPE_ADDR, | |
215 | }, | |
216 | [SIOCGIWAP - SIOCIWFIRST] = { | |
217 | .header_type = IW_HEADER_TYPE_ADDR, | |
218 | .flags = IW_DESCR_FLAG_DUMP, | |
219 | }, | |
fff9cfd9 | 220 | [SIOCSIWMLME - SIOCIWFIRST] = { |
221 | .header_type = IW_HEADER_TYPE_POINT, | |
222 | .token_size = 1, | |
223 | .min_tokens = sizeof(struct iw_mlme), | |
224 | .max_tokens = sizeof(struct iw_mlme), | |
225 | }, | |
1da177e4 LT |
226 | [SIOCGIWAPLIST - SIOCIWFIRST] = { |
227 | .header_type = IW_HEADER_TYPE_POINT, | |
228 | .token_size = sizeof(struct sockaddr) + | |
229 | sizeof(struct iw_quality), | |
230 | .max_tokens = IW_MAX_AP, | |
231 | .flags = IW_DESCR_FLAG_NOMAX, | |
232 | }, | |
233 | [SIOCSIWSCAN - SIOCIWFIRST] = { | |
fff9cfd9 | 234 | .header_type = IW_HEADER_TYPE_POINT, |
235 | .token_size = 1, | |
236 | .min_tokens = 0, | |
237 | .max_tokens = sizeof(struct iw_scan_req), | |
1da177e4 LT |
238 | }, |
239 | [SIOCGIWSCAN - SIOCIWFIRST] = { | |
240 | .header_type = IW_HEADER_TYPE_POINT, | |
241 | .token_size = 1, | |
242 | .max_tokens = IW_SCAN_MAX_DATA, | |
243 | .flags = IW_DESCR_FLAG_NOMAX, | |
244 | }, | |
245 | [SIOCSIWESSID - SIOCIWFIRST] = { | |
246 | .header_type = IW_HEADER_TYPE_POINT, | |
247 | .token_size = 1, | |
baef1865 | 248 | .max_tokens = IW_ESSID_MAX_SIZE, |
1da177e4 LT |
249 | .flags = IW_DESCR_FLAG_EVENT, |
250 | }, | |
251 | [SIOCGIWESSID - SIOCIWFIRST] = { | |
252 | .header_type = IW_HEADER_TYPE_POINT, | |
253 | .token_size = 1, | |
baef1865 | 254 | .max_tokens = IW_ESSID_MAX_SIZE, |
1da177e4 LT |
255 | .flags = IW_DESCR_FLAG_DUMP, |
256 | }, | |
257 | [SIOCSIWNICKN - SIOCIWFIRST] = { | |
258 | .header_type = IW_HEADER_TYPE_POINT, | |
259 | .token_size = 1, | |
baef1865 | 260 | .max_tokens = IW_ESSID_MAX_SIZE, |
1da177e4 LT |
261 | }, |
262 | [SIOCGIWNICKN - SIOCIWFIRST] = { | |
263 | .header_type = IW_HEADER_TYPE_POINT, | |
264 | .token_size = 1, | |
baef1865 | 265 | .max_tokens = IW_ESSID_MAX_SIZE, |
1da177e4 LT |
266 | }, |
267 | [SIOCSIWRATE - SIOCIWFIRST] = { | |
268 | .header_type = IW_HEADER_TYPE_PARAM, | |
269 | }, | |
270 | [SIOCGIWRATE - SIOCIWFIRST] = { | |
271 | .header_type = IW_HEADER_TYPE_PARAM, | |
272 | }, | |
273 | [SIOCSIWRTS - SIOCIWFIRST] = { | |
274 | .header_type = IW_HEADER_TYPE_PARAM, | |
275 | }, | |
276 | [SIOCGIWRTS - SIOCIWFIRST] = { | |
277 | .header_type = IW_HEADER_TYPE_PARAM, | |
278 | }, | |
279 | [SIOCSIWFRAG - SIOCIWFIRST] = { | |
280 | .header_type = IW_HEADER_TYPE_PARAM, | |
281 | }, | |
282 | [SIOCGIWFRAG - SIOCIWFIRST] = { | |
283 | .header_type = IW_HEADER_TYPE_PARAM, | |
284 | }, | |
285 | [SIOCSIWTXPOW - SIOCIWFIRST] = { | |
286 | .header_type = IW_HEADER_TYPE_PARAM, | |
287 | }, | |
288 | [SIOCGIWTXPOW - SIOCIWFIRST] = { | |
289 | .header_type = IW_HEADER_TYPE_PARAM, | |
290 | }, | |
291 | [SIOCSIWRETRY - SIOCIWFIRST] = { | |
292 | .header_type = IW_HEADER_TYPE_PARAM, | |
293 | }, | |
294 | [SIOCGIWRETRY - SIOCIWFIRST] = { | |
295 | .header_type = IW_HEADER_TYPE_PARAM, | |
296 | }, | |
297 | [SIOCSIWENCODE - SIOCIWFIRST] = { | |
298 | .header_type = IW_HEADER_TYPE_POINT, | |
299 | .token_size = 1, | |
300 | .max_tokens = IW_ENCODING_TOKEN_MAX, | |
301 | .flags = IW_DESCR_FLAG_EVENT | IW_DESCR_FLAG_RESTRICT, | |
302 | }, | |
303 | [SIOCGIWENCODE - SIOCIWFIRST] = { | |
304 | .header_type = IW_HEADER_TYPE_POINT, | |
305 | .token_size = 1, | |
306 | .max_tokens = IW_ENCODING_TOKEN_MAX, | |
307 | .flags = IW_DESCR_FLAG_DUMP | IW_DESCR_FLAG_RESTRICT, | |
308 | }, | |
309 | [SIOCSIWPOWER - SIOCIWFIRST] = { | |
310 | .header_type = IW_HEADER_TYPE_PARAM, | |
311 | }, | |
312 | [SIOCGIWPOWER - SIOCIWFIRST] = { | |
313 | .header_type = IW_HEADER_TYPE_PARAM, | |
314 | }, | |
fff9cfd9 | 315 | [SIOCSIWGENIE - SIOCIWFIRST] = { |
316 | .header_type = IW_HEADER_TYPE_POINT, | |
317 | .token_size = 1, | |
318 | .max_tokens = IW_GENERIC_IE_MAX, | |
319 | }, | |
320 | [SIOCGIWGENIE - SIOCIWFIRST] = { | |
321 | .header_type = IW_HEADER_TYPE_POINT, | |
322 | .token_size = 1, | |
323 | .max_tokens = IW_GENERIC_IE_MAX, | |
324 | }, | |
325 | [SIOCSIWAUTH - SIOCIWFIRST] = { | |
326 | .header_type = IW_HEADER_TYPE_PARAM, | |
327 | }, | |
328 | [SIOCGIWAUTH - SIOCIWFIRST] = { | |
329 | .header_type = IW_HEADER_TYPE_PARAM, | |
330 | }, | |
331 | [SIOCSIWENCODEEXT - SIOCIWFIRST] = { | |
332 | .header_type = IW_HEADER_TYPE_POINT, | |
333 | .token_size = 1, | |
334 | .min_tokens = sizeof(struct iw_encode_ext), | |
335 | .max_tokens = sizeof(struct iw_encode_ext) + | |
336 | IW_ENCODING_TOKEN_MAX, | |
337 | }, | |
338 | [SIOCGIWENCODEEXT - SIOCIWFIRST] = { | |
339 | .header_type = IW_HEADER_TYPE_POINT, | |
340 | .token_size = 1, | |
341 | .min_tokens = sizeof(struct iw_encode_ext), | |
342 | .max_tokens = sizeof(struct iw_encode_ext) + | |
343 | IW_ENCODING_TOKEN_MAX, | |
344 | }, | |
345 | [SIOCSIWPMKSA - SIOCIWFIRST] = { | |
346 | .header_type = IW_HEADER_TYPE_POINT, | |
347 | .token_size = 1, | |
348 | .min_tokens = sizeof(struct iw_pmksa), | |
349 | .max_tokens = sizeof(struct iw_pmksa), | |
350 | }, | |
1da177e4 | 351 | }; |
baef1865 JL |
352 | static const unsigned standard_ioctl_num = (sizeof(standard_ioctl) / |
353 | sizeof(struct iw_ioctl_description)); | |
1da177e4 LT |
354 | |
355 | /* | |
356 | * Meta-data about all the additional standard Wireless Extension events | |
357 | * we know about. | |
358 | */ | |
359 | static const struct iw_ioctl_description standard_event[] = { | |
360 | [IWEVTXDROP - IWEVFIRST] = { | |
361 | .header_type = IW_HEADER_TYPE_ADDR, | |
362 | }, | |
363 | [IWEVQUAL - IWEVFIRST] = { | |
364 | .header_type = IW_HEADER_TYPE_QUAL, | |
365 | }, | |
366 | [IWEVCUSTOM - IWEVFIRST] = { | |
367 | .header_type = IW_HEADER_TYPE_POINT, | |
368 | .token_size = 1, | |
369 | .max_tokens = IW_CUSTOM_MAX, | |
370 | }, | |
371 | [IWEVREGISTERED - IWEVFIRST] = { | |
372 | .header_type = IW_HEADER_TYPE_ADDR, | |
373 | }, | |
374 | [IWEVEXPIRED - IWEVFIRST] = { | |
4ec93edb | 375 | .header_type = IW_HEADER_TYPE_ADDR, |
1da177e4 | 376 | }, |
fff9cfd9 | 377 | [IWEVGENIE - IWEVFIRST] = { |
378 | .header_type = IW_HEADER_TYPE_POINT, | |
379 | .token_size = 1, | |
380 | .max_tokens = IW_GENERIC_IE_MAX, | |
381 | }, | |
382 | [IWEVMICHAELMICFAILURE - IWEVFIRST] = { | |
4ec93edb | 383 | .header_type = IW_HEADER_TYPE_POINT, |
fff9cfd9 | 384 | .token_size = 1, |
385 | .max_tokens = sizeof(struct iw_michaelmicfailure), | |
386 | }, | |
387 | [IWEVASSOCREQIE - IWEVFIRST] = { | |
388 | .header_type = IW_HEADER_TYPE_POINT, | |
389 | .token_size = 1, | |
390 | .max_tokens = IW_GENERIC_IE_MAX, | |
391 | }, | |
392 | [IWEVASSOCRESPIE - IWEVFIRST] = { | |
393 | .header_type = IW_HEADER_TYPE_POINT, | |
394 | .token_size = 1, | |
395 | .max_tokens = IW_GENERIC_IE_MAX, | |
396 | }, | |
397 | [IWEVPMKIDCAND - IWEVFIRST] = { | |
398 | .header_type = IW_HEADER_TYPE_POINT, | |
399 | .token_size = 1, | |
400 | .max_tokens = sizeof(struct iw_pmkid_cand), | |
401 | }, | |
1da177e4 | 402 | }; |
baef1865 JL |
403 | static const unsigned standard_event_num = (sizeof(standard_event) / |
404 | sizeof(struct iw_ioctl_description)); | |
1da177e4 LT |
405 | |
406 | /* Size (in bytes) of the various private data types */ | |
407 | static const char iw_priv_type_size[] = { | |
408 | 0, /* IW_PRIV_TYPE_NONE */ | |
409 | 1, /* IW_PRIV_TYPE_BYTE */ | |
410 | 1, /* IW_PRIV_TYPE_CHAR */ | |
411 | 0, /* Not defined */ | |
412 | sizeof(__u32), /* IW_PRIV_TYPE_INT */ | |
413 | sizeof(struct iw_freq), /* IW_PRIV_TYPE_FLOAT */ | |
414 | sizeof(struct sockaddr), /* IW_PRIV_TYPE_ADDR */ | |
415 | 0, /* Not defined */ | |
416 | }; | |
417 | ||
418 | /* Size (in bytes) of various events */ | |
419 | static const int event_type_size[] = { | |
420 | IW_EV_LCP_LEN, /* IW_HEADER_TYPE_NULL */ | |
421 | 0, | |
422 | IW_EV_CHAR_LEN, /* IW_HEADER_TYPE_CHAR */ | |
423 | 0, | |
424 | IW_EV_UINT_LEN, /* IW_HEADER_TYPE_UINT */ | |
425 | IW_EV_FREQ_LEN, /* IW_HEADER_TYPE_FREQ */ | |
426 | IW_EV_ADDR_LEN, /* IW_HEADER_TYPE_ADDR */ | |
427 | 0, | |
428 | IW_EV_POINT_LEN, /* Without variable payload */ | |
429 | IW_EV_PARAM_LEN, /* IW_HEADER_TYPE_PARAM */ | |
430 | IW_EV_QUAL_LEN, /* IW_HEADER_TYPE_QUAL */ | |
431 | }; | |
432 | ||
c2805fbb JT |
433 | /* Size (in bytes) of various events, as packed */ |
434 | static const int event_type_pk_size[] = { | |
435 | IW_EV_LCP_PK_LEN, /* IW_HEADER_TYPE_NULL */ | |
436 | 0, | |
437 | IW_EV_CHAR_PK_LEN, /* IW_HEADER_TYPE_CHAR */ | |
438 | 0, | |
439 | IW_EV_UINT_PK_LEN, /* IW_HEADER_TYPE_UINT */ | |
440 | IW_EV_FREQ_PK_LEN, /* IW_HEADER_TYPE_FREQ */ | |
441 | IW_EV_ADDR_PK_LEN, /* IW_HEADER_TYPE_ADDR */ | |
442 | 0, | |
443 | IW_EV_POINT_PK_LEN, /* Without variable payload */ | |
444 | IW_EV_PARAM_PK_LEN, /* IW_HEADER_TYPE_PARAM */ | |
445 | IW_EV_QUAL_PK_LEN, /* IW_HEADER_TYPE_QUAL */ | |
446 | }; | |
447 | ||
1da177e4 LT |
448 | /************************ COMMON SUBROUTINES ************************/ |
449 | /* | |
450 | * Stuff that may be used in various place or doesn't fit in one | |
451 | * of the section below. | |
452 | */ | |
453 | ||
454 | /* ---------------------------------------------------------------- */ | |
455 | /* | |
456 | * Return the driver handler associated with a specific Wireless Extension. | |
457 | * Called from various place, so make sure it remains efficient. | |
458 | */ | |
459 | static inline iw_handler get_handler(struct net_device *dev, | |
460 | unsigned int cmd) | |
461 | { | |
462 | /* Don't "optimise" the following variable, it will crash */ | |
463 | unsigned int index; /* *MUST* be unsigned */ | |
464 | ||
465 | /* Check if we have some wireless handlers defined */ | |
e71a4783 | 466 | if (dev->wireless_handlers == NULL) |
1da177e4 LT |
467 | return NULL; |
468 | ||
469 | /* Try as a standard command */ | |
470 | index = cmd - SIOCIWFIRST; | |
e71a4783 | 471 | if (index < dev->wireless_handlers->num_standard) |
1da177e4 LT |
472 | return dev->wireless_handlers->standard[index]; |
473 | ||
474 | /* Try as a private command */ | |
475 | index = cmd - SIOCIWFIRSTPRIV; | |
e71a4783 | 476 | if (index < dev->wireless_handlers->num_private) |
1da177e4 LT |
477 | return dev->wireless_handlers->private[index]; |
478 | ||
479 | /* Not found */ | |
480 | return NULL; | |
481 | } | |
482 | ||
483 | /* ---------------------------------------------------------------- */ | |
484 | /* | |
485 | * Get statistics out of the driver | |
486 | */ | |
487 | static inline struct iw_statistics *get_wireless_stats(struct net_device *dev) | |
488 | { | |
489 | /* New location */ | |
e71a4783 | 490 | if ((dev->wireless_handlers != NULL) && |
1da177e4 LT |
491 | (dev->wireless_handlers->get_wireless_stats != NULL)) |
492 | return dev->wireless_handlers->get_wireless_stats(dev); | |
493 | ||
6582c164 JT |
494 | /* Not found */ |
495 | return (struct iw_statistics *) NULL; | |
1da177e4 LT |
496 | } |
497 | ||
498 | /* ---------------------------------------------------------------- */ | |
499 | /* | |
500 | * Call the commit handler in the driver | |
501 | * (if exist and if conditions are right) | |
502 | * | |
503 | * Note : our current commit strategy is currently pretty dumb, | |
504 | * but we will be able to improve on that... | |
505 | * The goal is to try to agreagate as many changes as possible | |
506 | * before doing the commit. Drivers that will define a commit handler | |
507 | * are usually those that need a reset after changing parameters, so | |
508 | * we want to minimise the number of reset. | |
509 | * A cool idea is to use a timer : at each "set" command, we re-set the | |
510 | * timer, when the timer eventually fires, we call the driver. | |
511 | * Hopefully, more on that later. | |
512 | * | |
513 | * Also, I'm waiting to see how many people will complain about the | |
514 | * netif_running(dev) test. I'm open on that one... | |
515 | * Hopefully, the driver will remember to do a commit in "open()" ;-) | |
516 | */ | |
517 | static inline int call_commit_handler(struct net_device * dev) | |
518 | { | |
e71a4783 | 519 | if ((netif_running(dev)) && |
1da177e4 LT |
520 | (dev->wireless_handlers->standard[0] != NULL)) { |
521 | /* Call the commit handler on the driver */ | |
522 | return dev->wireless_handlers->standard[0](dev, NULL, | |
523 | NULL, NULL); | |
524 | } else | |
525 | return 0; /* Command completed successfully */ | |
526 | } | |
527 | ||
528 | /* ---------------------------------------------------------------- */ | |
529 | /* | |
530 | * Calculate size of private arguments | |
531 | */ | |
532 | static inline int get_priv_size(__u16 args) | |
533 | { | |
534 | int num = args & IW_PRIV_SIZE_MASK; | |
535 | int type = (args & IW_PRIV_TYPE_MASK) >> 12; | |
536 | ||
537 | return num * iw_priv_type_size[type]; | |
538 | } | |
539 | ||
540 | /* ---------------------------------------------------------------- */ | |
541 | /* | |
542 | * Re-calculate the size of private arguments | |
543 | */ | |
544 | static inline int adjust_priv_size(__u16 args, | |
545 | union iwreq_data * wrqu) | |
546 | { | |
547 | int num = wrqu->data.length; | |
548 | int max = args & IW_PRIV_SIZE_MASK; | |
549 | int type = (args & IW_PRIV_TYPE_MASK) >> 12; | |
550 | ||
551 | /* Make sure the driver doesn't goof up */ | |
552 | if (max < num) | |
553 | num = max; | |
554 | ||
555 | return num * iw_priv_type_size[type]; | |
556 | } | |
557 | ||
711e2c33 JT |
558 | /* ---------------------------------------------------------------- */ |
559 | /* | |
560 | * Standard Wireless Handler : get wireless stats | |
561 | * Allow programatic access to /proc/net/wireless even if /proc | |
562 | * doesn't exist... Also more efficient... | |
563 | */ | |
564 | static int iw_handler_get_iwstats(struct net_device * dev, | |
565 | struct iw_request_info * info, | |
566 | union iwreq_data * wrqu, | |
567 | char * extra) | |
568 | { | |
569 | /* Get stats from the driver */ | |
570 | struct iw_statistics *stats; | |
571 | ||
572 | stats = get_wireless_stats(dev); | |
573 | if (stats != (struct iw_statistics *) NULL) { | |
574 | ||
575 | /* Copy statistics to extra */ | |
576 | memcpy(extra, stats, sizeof(struct iw_statistics)); | |
577 | wrqu->data.length = sizeof(struct iw_statistics); | |
578 | ||
579 | /* Check if we need to clear the updated flag */ | |
e71a4783 | 580 | if (wrqu->data.flags != 0) |
711e2c33 JT |
581 | stats->qual.updated &= ~IW_QUAL_ALL_UPDATED; |
582 | return 0; | |
583 | } else | |
584 | return -EOPNOTSUPP; | |
585 | } | |
586 | ||
587 | /* ---------------------------------------------------------------- */ | |
588 | /* | |
589 | * Standard Wireless Handler : get iwpriv definitions | |
590 | * Export the driver private handler definition | |
591 | * They will be picked up by tools like iwpriv... | |
592 | */ | |
593 | static int iw_handler_get_private(struct net_device * dev, | |
594 | struct iw_request_info * info, | |
595 | union iwreq_data * wrqu, | |
596 | char * extra) | |
597 | { | |
598 | /* Check if the driver has something to export */ | |
e71a4783 | 599 | if ((dev->wireless_handlers->num_private_args == 0) || |
711e2c33 JT |
600 | (dev->wireless_handlers->private_args == NULL)) |
601 | return -EOPNOTSUPP; | |
602 | ||
603 | /* Check if there is enough buffer up there */ | |
e71a4783 | 604 | if (wrqu->data.length < dev->wireless_handlers->num_private_args) { |
711e2c33 JT |
605 | /* User space can't know in advance how large the buffer |
606 | * needs to be. Give it a hint, so that we can support | |
607 | * any size buffer we want somewhat efficiently... */ | |
608 | wrqu->data.length = dev->wireless_handlers->num_private_args; | |
609 | return -E2BIG; | |
610 | } | |
611 | ||
612 | /* Set the number of available ioctls. */ | |
613 | wrqu->data.length = dev->wireless_handlers->num_private_args; | |
614 | ||
615 | /* Copy structure to the user buffer. */ | |
616 | memcpy(extra, dev->wireless_handlers->private_args, | |
617 | sizeof(struct iw_priv_args) * wrqu->data.length); | |
618 | ||
619 | return 0; | |
620 | } | |
621 | ||
1da177e4 LT |
622 | |
623 | /******************** /proc/net/wireless SUPPORT ********************/ | |
624 | /* | |
625 | * The /proc/net/wireless file is a human readable user-space interface | |
626 | * exporting various wireless specific statistics from the wireless devices. | |
627 | * This is the most popular part of the Wireless Extensions ;-) | |
628 | * | |
629 | * This interface is a pure clone of /proc/net/dev (in net/core/dev.c). | |
630 | * The content of the file is basically the content of "struct iw_statistics". | |
631 | */ | |
632 | ||
633 | #ifdef CONFIG_PROC_FS | |
634 | ||
635 | /* ---------------------------------------------------------------- */ | |
636 | /* | |
637 | * Print one entry (line) of /proc/net/wireless | |
638 | */ | |
639 | static __inline__ void wireless_seq_printf_stats(struct seq_file *seq, | |
640 | struct net_device *dev) | |
641 | { | |
642 | /* Get stats from the driver */ | |
643 | struct iw_statistics *stats = get_wireless_stats(dev); | |
644 | ||
645 | if (stats) { | |
646 | seq_printf(seq, "%6s: %04x %3d%c %3d%c %3d%c %6d %6d %6d " | |
647 | "%6d %6d %6d\n", | |
648 | dev->name, stats->status, stats->qual.qual, | |
649 | stats->qual.updated & IW_QUAL_QUAL_UPDATED | |
650 | ? '.' : ' ', | |
4ec93edb | 651 | ((__s32) stats->qual.level) - |
6582c164 | 652 | ((stats->qual.updated & IW_QUAL_DBM) ? 0x100 : 0), |
1da177e4 LT |
653 | stats->qual.updated & IW_QUAL_LEVEL_UPDATED |
654 | ? '.' : ' ', | |
4ec93edb | 655 | ((__s32) stats->qual.noise) - |
6582c164 | 656 | ((stats->qual.updated & IW_QUAL_DBM) ? 0x100 : 0), |
1da177e4 LT |
657 | stats->qual.updated & IW_QUAL_NOISE_UPDATED |
658 | ? '.' : ' ', | |
659 | stats->discard.nwid, stats->discard.code, | |
660 | stats->discard.fragment, stats->discard.retries, | |
661 | stats->discard.misc, stats->miss.beacon); | |
6582c164 | 662 | stats->qual.updated &= ~IW_QUAL_ALL_UPDATED; |
1da177e4 LT |
663 | } |
664 | } | |
665 | ||
666 | /* ---------------------------------------------------------------- */ | |
667 | /* | |
668 | * Print info for /proc/net/wireless (print all entries) | |
669 | */ | |
670 | static int wireless_seq_show(struct seq_file *seq, void *v) | |
671 | { | |
672 | if (v == SEQ_START_TOKEN) | |
673 | seq_printf(seq, "Inter-| sta-| Quality | Discarded " | |
674 | "packets | Missed | WE\n" | |
675 | " face | tus | link level noise | nwid " | |
676 | "crypt frag retry misc | beacon | %d\n", | |
677 | WIRELESS_EXT); | |
678 | else | |
679 | wireless_seq_printf_stats(seq, v); | |
680 | return 0; | |
681 | } | |
682 | ||
1da177e4 LT |
683 | static struct seq_operations wireless_seq_ops = { |
684 | .start = dev_seq_start, | |
685 | .next = dev_seq_next, | |
686 | .stop = dev_seq_stop, | |
687 | .show = wireless_seq_show, | |
688 | }; | |
689 | ||
690 | static int wireless_seq_open(struct inode *inode, struct file *file) | |
691 | { | |
692 | return seq_open(file, &wireless_seq_ops); | |
693 | } | |
694 | ||
9a32144e | 695 | static const struct file_operations wireless_seq_fops = { |
1da177e4 LT |
696 | .owner = THIS_MODULE, |
697 | .open = wireless_seq_open, | |
698 | .read = seq_read, | |
699 | .llseek = seq_lseek, | |
700 | .release = seq_release, | |
701 | }; | |
702 | ||
703 | int __init wireless_proc_init(void) | |
704 | { | |
6582c164 | 705 | /* Create /proc/net/wireless entry */ |
1da177e4 LT |
706 | if (!proc_net_fops_create("wireless", S_IRUGO, &wireless_seq_fops)) |
707 | return -ENOMEM; | |
708 | ||
709 | return 0; | |
710 | } | |
711 | #endif /* CONFIG_PROC_FS */ | |
712 | ||
713 | /************************** IOCTL SUPPORT **************************/ | |
714 | /* | |
715 | * The original user space API to configure all those Wireless Extensions | |
716 | * is through IOCTLs. | |
717 | * In there, we check if we need to call the new driver API (iw_handler) | |
718 | * or just call the driver ioctl handler. | |
719 | */ | |
720 | ||
1da177e4 LT |
721 | /* ---------------------------------------------------------------- */ |
722 | /* | |
723 | * Wrapper to call a standard Wireless Extension handler. | |
724 | * We do various checks and also take care of moving data between | |
725 | * user space and kernel space. | |
726 | */ | |
711e2c33 JT |
727 | static int ioctl_standard_call(struct net_device * dev, |
728 | struct ifreq * ifr, | |
729 | unsigned int cmd, | |
730 | iw_handler handler) | |
1da177e4 LT |
731 | { |
732 | struct iwreq * iwr = (struct iwreq *) ifr; | |
733 | const struct iw_ioctl_description * descr; | |
734 | struct iw_request_info info; | |
735 | int ret = -EINVAL; | |
736 | ||
737 | /* Get the description of the IOCTL */ | |
e71a4783 | 738 | if ((cmd - SIOCIWFIRST) >= standard_ioctl_num) |
1da177e4 LT |
739 | return -EOPNOTSUPP; |
740 | descr = &(standard_ioctl[cmd - SIOCIWFIRST]); | |
741 | ||
742 | #ifdef WE_IOCTL_DEBUG | |
743 | printk(KERN_DEBUG "%s (WE) : Found standard handler for 0x%04X\n", | |
744 | ifr->ifr_name, cmd); | |
745 | printk(KERN_DEBUG "%s (WE) : Header type : %d, Token type : %d, size : %d, token : %d\n", dev->name, descr->header_type, descr->token_type, descr->token_size, descr->max_tokens); | |
746 | #endif /* WE_IOCTL_DEBUG */ | |
747 | ||
748 | /* Prepare the call */ | |
749 | info.cmd = cmd; | |
750 | info.flags = 0; | |
751 | ||
752 | /* Check if we have a pointer to user space data or not */ | |
e71a4783 | 753 | if (descr->header_type != IW_HEADER_TYPE_POINT) { |
1da177e4 LT |
754 | |
755 | /* No extra arguments. Trivial to handle */ | |
756 | ret = handler(dev, &info, &(iwr->u), NULL); | |
757 | ||
758 | #ifdef WE_SET_EVENT | |
759 | /* Generate an event to notify listeners of the change */ | |
e71a4783 | 760 | if ((descr->flags & IW_DESCR_FLAG_EVENT) && |
1da177e4 LT |
761 | ((ret == 0) || (ret == -EIWCOMMIT))) |
762 | wireless_send_event(dev, cmd, &(iwr->u), NULL); | |
763 | #endif /* WE_SET_EVENT */ | |
764 | } else { | |
765 | char * extra; | |
766 | int extra_size; | |
767 | int user_length = 0; | |
768 | int err; | |
98978edb | 769 | int essid_compat = 0; |
1da177e4 LT |
770 | |
771 | /* Calculate space needed by arguments. Always allocate | |
772 | * for max space. Easier, and won't last long... */ | |
773 | extra_size = descr->max_tokens * descr->token_size; | |
774 | ||
98978edb JL |
775 | /* Check need for ESSID compatibility for WE < 21 */ |
776 | switch (cmd) { | |
777 | case SIOCSIWESSID: | |
778 | case SIOCGIWESSID: | |
779 | case SIOCSIWNICKN: | |
780 | case SIOCGIWNICKN: | |
781 | if (iwr->u.data.length == descr->max_tokens + 1) | |
782 | essid_compat = 1; | |
783 | else if (IW_IS_SET(cmd) && (iwr->u.data.length != 0)) { | |
784 | char essid[IW_ESSID_MAX_SIZE + 1]; | |
785 | ||
786 | err = copy_from_user(essid, iwr->u.data.pointer, | |
787 | iwr->u.data.length * | |
788 | descr->token_size); | |
789 | if (err) | |
790 | return -EFAULT; | |
791 | ||
792 | if (essid[iwr->u.data.length - 1] == '\0') | |
793 | essid_compat = 1; | |
794 | } | |
795 | break; | |
796 | default: | |
797 | break; | |
798 | } | |
799 | ||
800 | iwr->u.data.length -= essid_compat; | |
801 | ||
1da177e4 | 802 | /* Check what user space is giving us */ |
e71a4783 | 803 | if (IW_IS_SET(cmd)) { |
1da177e4 | 804 | /* Check NULL pointer */ |
e71a4783 | 805 | if ((iwr->u.data.pointer == NULL) && |
1da177e4 LT |
806 | (iwr->u.data.length != 0)) |
807 | return -EFAULT; | |
808 | /* Check if number of token fits within bounds */ | |
e71a4783 | 809 | if (iwr->u.data.length > descr->max_tokens) |
1da177e4 | 810 | return -E2BIG; |
e71a4783 | 811 | if (iwr->u.data.length < descr->min_tokens) |
1da177e4 LT |
812 | return -EINVAL; |
813 | } else { | |
814 | /* Check NULL pointer */ | |
e71a4783 | 815 | if (iwr->u.data.pointer == NULL) |
1da177e4 LT |
816 | return -EFAULT; |
817 | /* Save user space buffer size for checking */ | |
818 | user_length = iwr->u.data.length; | |
819 | ||
820 | /* Don't check if user_length > max to allow forward | |
821 | * compatibility. The test user_length < min is | |
822 | * implied by the test at the end. */ | |
823 | ||
824 | /* Support for very large requests */ | |
e71a4783 | 825 | if ((descr->flags & IW_DESCR_FLAG_NOMAX) && |
1da177e4 LT |
826 | (user_length > descr->max_tokens)) { |
827 | /* Allow userspace to GET more than max so | |
828 | * we can support any size GET requests. | |
829 | * There is still a limit : -ENOMEM. */ | |
830 | extra_size = user_length * descr->token_size; | |
831 | /* Note : user_length is originally a __u16, | |
832 | * and token_size is controlled by us, | |
833 | * so extra_size won't get negative and | |
834 | * won't overflow... */ | |
835 | } | |
836 | } | |
837 | ||
838 | #ifdef WE_IOCTL_DEBUG | |
839 | printk(KERN_DEBUG "%s (WE) : Malloc %d bytes\n", | |
840 | dev->name, extra_size); | |
841 | #endif /* WE_IOCTL_DEBUG */ | |
842 | ||
843 | /* Create the kernel buffer */ | |
98978edb JL |
844 | /* kzalloc ensures NULL-termination for essid_compat */ |
845 | extra = kzalloc(extra_size, GFP_KERNEL); | |
1da177e4 LT |
846 | if (extra == NULL) { |
847 | return -ENOMEM; | |
848 | } | |
849 | ||
850 | /* If it is a SET, get all the extra data in here */ | |
e71a4783 | 851 | if (IW_IS_SET(cmd) && (iwr->u.data.length != 0)) { |
1da177e4 LT |
852 | err = copy_from_user(extra, iwr->u.data.pointer, |
853 | iwr->u.data.length * | |
854 | descr->token_size); | |
855 | if (err) { | |
856 | kfree(extra); | |
857 | return -EFAULT; | |
858 | } | |
859 | #ifdef WE_IOCTL_DEBUG | |
860 | printk(KERN_DEBUG "%s (WE) : Got %d bytes\n", | |
861 | dev->name, | |
862 | iwr->u.data.length * descr->token_size); | |
863 | #endif /* WE_IOCTL_DEBUG */ | |
864 | } | |
865 | ||
866 | /* Call the handler */ | |
867 | ret = handler(dev, &info, &(iwr->u), extra); | |
868 | ||
98978edb JL |
869 | iwr->u.data.length += essid_compat; |
870 | ||
1da177e4 LT |
871 | /* If we have something to return to the user */ |
872 | if (!ret && IW_IS_GET(cmd)) { | |
873 | /* Check if there is enough buffer up there */ | |
e71a4783 | 874 | if (user_length < iwr->u.data.length) { |
1da177e4 LT |
875 | kfree(extra); |
876 | return -E2BIG; | |
877 | } | |
878 | ||
879 | err = copy_to_user(iwr->u.data.pointer, extra, | |
880 | iwr->u.data.length * | |
881 | descr->token_size); | |
882 | if (err) | |
4ec93edb | 883 | ret = -EFAULT; |
1da177e4 LT |
884 | #ifdef WE_IOCTL_DEBUG |
885 | printk(KERN_DEBUG "%s (WE) : Wrote %d bytes\n", | |
886 | dev->name, | |
887 | iwr->u.data.length * descr->token_size); | |
888 | #endif /* WE_IOCTL_DEBUG */ | |
889 | } | |
890 | ||
891 | #ifdef WE_SET_EVENT | |
892 | /* Generate an event to notify listeners of the change */ | |
e71a4783 | 893 | if ((descr->flags & IW_DESCR_FLAG_EVENT) && |
1da177e4 | 894 | ((ret == 0) || (ret == -EIWCOMMIT))) { |
e71a4783 | 895 | if (descr->flags & IW_DESCR_FLAG_RESTRICT) |
1da177e4 LT |
896 | /* If the event is restricted, don't |
897 | * export the payload */ | |
898 | wireless_send_event(dev, cmd, &(iwr->u), NULL); | |
899 | else | |
900 | wireless_send_event(dev, cmd, &(iwr->u), | |
901 | extra); | |
902 | } | |
903 | #endif /* WE_SET_EVENT */ | |
904 | ||
905 | /* Cleanup - I told you it wasn't that long ;-) */ | |
906 | kfree(extra); | |
907 | } | |
908 | ||
909 | /* Call commit handler if needed and defined */ | |
e71a4783 | 910 | if (ret == -EIWCOMMIT) |
1da177e4 LT |
911 | ret = call_commit_handler(dev); |
912 | ||
913 | /* Here, we will generate the appropriate event if needed */ | |
914 | ||
915 | return ret; | |
916 | } | |
917 | ||
918 | /* ---------------------------------------------------------------- */ | |
919 | /* | |
920 | * Wrapper to call a private Wireless Extension handler. | |
921 | * We do various checks and also take care of moving data between | |
922 | * user space and kernel space. | |
923 | * It's not as nice and slimline as the standard wrapper. The cause | |
924 | * is struct iw_priv_args, which was not really designed for the | |
925 | * job we are going here. | |
926 | * | |
927 | * IMPORTANT : This function prevent to set and get data on the same | |
928 | * IOCTL and enforce the SET/GET convention. Not doing it would be | |
929 | * far too hairy... | |
930 | * If you need to set and get data at the same time, please don't use | |
931 | * a iw_handler but process it in your ioctl handler (i.e. use the | |
932 | * old driver API). | |
933 | */ | |
934 | static inline int ioctl_private_call(struct net_device * dev, | |
935 | struct ifreq * ifr, | |
936 | unsigned int cmd, | |
937 | iw_handler handler) | |
938 | { | |
939 | struct iwreq * iwr = (struct iwreq *) ifr; | |
940 | const struct iw_priv_args * descr = NULL; | |
941 | struct iw_request_info info; | |
942 | int extra_size = 0; | |
943 | int i; | |
944 | int ret = -EINVAL; | |
945 | ||
946 | /* Get the description of the IOCTL */ | |
e71a4783 SH |
947 | for (i = 0; i < dev->wireless_handlers->num_private_args; i++) |
948 | if (cmd == dev->wireless_handlers->private_args[i].cmd) { | |
1da177e4 LT |
949 | descr = &(dev->wireless_handlers->private_args[i]); |
950 | break; | |
951 | } | |
952 | ||
953 | #ifdef WE_IOCTL_DEBUG | |
954 | printk(KERN_DEBUG "%s (WE) : Found private handler for 0x%04X\n", | |
955 | ifr->ifr_name, cmd); | |
e71a4783 | 956 | if (descr) { |
1da177e4 LT |
957 | printk(KERN_DEBUG "%s (WE) : Name %s, set %X, get %X\n", |
958 | dev->name, descr->name, | |
959 | descr->set_args, descr->get_args); | |
960 | } | |
961 | #endif /* WE_IOCTL_DEBUG */ | |
962 | ||
963 | /* Compute the size of the set/get arguments */ | |
e71a4783 SH |
964 | if (descr != NULL) { |
965 | if (IW_IS_SET(cmd)) { | |
1da177e4 LT |
966 | int offset = 0; /* For sub-ioctls */ |
967 | /* Check for sub-ioctl handler */ | |
e71a4783 | 968 | if (descr->name[0] == '\0') |
1da177e4 LT |
969 | /* Reserve one int for sub-ioctl index */ |
970 | offset = sizeof(__u32); | |
971 | ||
972 | /* Size of set arguments */ | |
973 | extra_size = get_priv_size(descr->set_args); | |
974 | ||
975 | /* Does it fits in iwr ? */ | |
e71a4783 | 976 | if ((descr->set_args & IW_PRIV_SIZE_FIXED) && |
1da177e4 LT |
977 | ((extra_size + offset) <= IFNAMSIZ)) |
978 | extra_size = 0; | |
979 | } else { | |
980 | /* Size of get arguments */ | |
981 | extra_size = get_priv_size(descr->get_args); | |
982 | ||
983 | /* Does it fits in iwr ? */ | |
e71a4783 | 984 | if ((descr->get_args & IW_PRIV_SIZE_FIXED) && |
1da177e4 LT |
985 | (extra_size <= IFNAMSIZ)) |
986 | extra_size = 0; | |
987 | } | |
988 | } | |
989 | ||
990 | /* Prepare the call */ | |
991 | info.cmd = cmd; | |
992 | info.flags = 0; | |
993 | ||
994 | /* Check if we have a pointer to user space data or not. */ | |
e71a4783 | 995 | if (extra_size == 0) { |
1da177e4 LT |
996 | /* No extra arguments. Trivial to handle */ |
997 | ret = handler(dev, &info, &(iwr->u), (char *) &(iwr->u)); | |
998 | } else { | |
999 | char * extra; | |
1000 | int err; | |
1001 | ||
1002 | /* Check what user space is giving us */ | |
e71a4783 | 1003 | if (IW_IS_SET(cmd)) { |
1da177e4 | 1004 | /* Check NULL pointer */ |
e71a4783 | 1005 | if ((iwr->u.data.pointer == NULL) && |
1da177e4 LT |
1006 | (iwr->u.data.length != 0)) |
1007 | return -EFAULT; | |
1008 | ||
1009 | /* Does it fits within bounds ? */ | |
e71a4783 | 1010 | if (iwr->u.data.length > (descr->set_args & |
1da177e4 LT |
1011 | IW_PRIV_SIZE_MASK)) |
1012 | return -E2BIG; | |
1013 | } else { | |
1014 | /* Check NULL pointer */ | |
e71a4783 | 1015 | if (iwr->u.data.pointer == NULL) |
1da177e4 LT |
1016 | return -EFAULT; |
1017 | } | |
1018 | ||
1019 | #ifdef WE_IOCTL_DEBUG | |
1020 | printk(KERN_DEBUG "%s (WE) : Malloc %d bytes\n", | |
1021 | dev->name, extra_size); | |
1022 | #endif /* WE_IOCTL_DEBUG */ | |
1023 | ||
1024 | /* Always allocate for max space. Easier, and won't last | |
1025 | * long... */ | |
1026 | extra = kmalloc(extra_size, GFP_KERNEL); | |
1027 | if (extra == NULL) { | |
1028 | return -ENOMEM; | |
1029 | } | |
1030 | ||
1031 | /* If it is a SET, get all the extra data in here */ | |
e71a4783 | 1032 | if (IW_IS_SET(cmd) && (iwr->u.data.length != 0)) { |
1da177e4 LT |
1033 | err = copy_from_user(extra, iwr->u.data.pointer, |
1034 | extra_size); | |
1035 | if (err) { | |
1036 | kfree(extra); | |
1037 | return -EFAULT; | |
1038 | } | |
1039 | #ifdef WE_IOCTL_DEBUG | |
1040 | printk(KERN_DEBUG "%s (WE) : Got %d elem\n", | |
1041 | dev->name, iwr->u.data.length); | |
1042 | #endif /* WE_IOCTL_DEBUG */ | |
1043 | } | |
1044 | ||
1045 | /* Call the handler */ | |
1046 | ret = handler(dev, &info, &(iwr->u), extra); | |
1047 | ||
1048 | /* If we have something to return to the user */ | |
1049 | if (!ret && IW_IS_GET(cmd)) { | |
1050 | ||
1051 | /* Adjust for the actual length if it's variable, | |
1052 | * avoid leaking kernel bits outside. */ | |
1053 | if (!(descr->get_args & IW_PRIV_SIZE_FIXED)) { | |
1054 | extra_size = adjust_priv_size(descr->get_args, | |
1055 | &(iwr->u)); | |
1056 | } | |
1057 | ||
1058 | err = copy_to_user(iwr->u.data.pointer, extra, | |
1059 | extra_size); | |
1060 | if (err) | |
4ec93edb | 1061 | ret = -EFAULT; |
1da177e4 LT |
1062 | #ifdef WE_IOCTL_DEBUG |
1063 | printk(KERN_DEBUG "%s (WE) : Wrote %d elem\n", | |
1064 | dev->name, iwr->u.data.length); | |
1065 | #endif /* WE_IOCTL_DEBUG */ | |
1066 | } | |
1067 | ||
1068 | /* Cleanup - I told you it wasn't that long ;-) */ | |
1069 | kfree(extra); | |
1070 | } | |
1071 | ||
1072 | ||
1073 | /* Call commit handler if needed and defined */ | |
e71a4783 | 1074 | if (ret == -EIWCOMMIT) |
1da177e4 LT |
1075 | ret = call_commit_handler(dev); |
1076 | ||
1077 | return ret; | |
1078 | } | |
1079 | ||
1080 | /* ---------------------------------------------------------------- */ | |
1081 | /* | |
1082 | * Main IOCTl dispatcher. Called from the main networking code | |
1083 | * (dev_ioctl() in net/core/dev.c). | |
1084 | * Check the type of IOCTL and call the appropriate wrapper... | |
1085 | */ | |
1086 | int wireless_process_ioctl(struct ifreq *ifr, unsigned int cmd) | |
1087 | { | |
1088 | struct net_device *dev; | |
1089 | iw_handler handler; | |
1090 | ||
1091 | /* Permissions are already checked in dev_ioctl() before calling us. | |
1092 | * The copy_to/from_user() of ifr is also dealt with in there */ | |
1093 | ||
1094 | /* Make sure the device exist */ | |
1095 | if ((dev = __dev_get_by_name(ifr->ifr_name)) == NULL) | |
1096 | return -ENODEV; | |
1097 | ||
1098 | /* A bunch of special cases, then the generic case... | |
1099 | * Note that 'cmd' is already filtered in dev_ioctl() with | |
1100 | * (cmd >= SIOCIWFIRST && cmd <= SIOCIWLAST) */ | |
e71a4783 SH |
1101 | switch (cmd) { |
1102 | case SIOCGIWSTATS: | |
1103 | /* Get Wireless Stats */ | |
1104 | return ioctl_standard_call(dev, | |
1105 | ifr, | |
1106 | cmd, | |
1107 | &iw_handler_get_iwstats); | |
1108 | ||
1109 | case SIOCGIWPRIV: | |
1110 | /* Check if we have some wireless handlers defined */ | |
1111 | if (dev->wireless_handlers != NULL) { | |
1112 | /* We export to user space the definition of | |
1113 | * the private handler ourselves */ | |
711e2c33 JT |
1114 | return ioctl_standard_call(dev, |
1115 | ifr, | |
1116 | cmd, | |
e71a4783 SH |
1117 | &iw_handler_get_private); |
1118 | } | |
1119 | // ## Fall-through for old API ## | |
1120 | default: | |
1121 | /* Generic IOCTL */ | |
1122 | /* Basic check */ | |
1123 | if (!netif_device_present(dev)) | |
1124 | return -ENODEV; | |
1125 | /* New driver API : try to find the handler */ | |
1126 | handler = get_handler(dev, cmd); | |
1127 | if (handler != NULL) { | |
1128 | /* Standard and private are not the same */ | |
1129 | if (cmd < SIOCIWFIRSTPRIV) | |
711e2c33 JT |
1130 | return ioctl_standard_call(dev, |
1131 | ifr, | |
1132 | cmd, | |
e71a4783 SH |
1133 | handler); |
1134 | else | |
1135 | return ioctl_private_call(dev, | |
1136 | ifr, | |
1137 | cmd, | |
1138 | handler); | |
1139 | } | |
1140 | /* Old driver API : call driver ioctl handler */ | |
1141 | if (dev->do_ioctl) { | |
1142 | return dev->do_ioctl(dev, ifr, cmd); | |
1143 | } | |
1144 | return -EOPNOTSUPP; | |
1da177e4 LT |
1145 | } |
1146 | /* Not reached */ | |
1147 | return -EINVAL; | |
1148 | } | |
1149 | ||
711e2c33 JT |
1150 | /********************** RTNETLINK REQUEST API **********************/ |
1151 | /* | |
1152 | * The alternate user space API to configure all those Wireless Extensions | |
1153 | * is through RtNetlink. | |
1154 | * This API support only the new driver API (iw_handler). | |
1155 | * | |
1156 | * This RtNetlink API use the same query/reply model as the ioctl API. | |
1157 | * Maximum effort has been done to fit in the RtNetlink model, and | |
1158 | * we support both RtNetlink Set and RtNelink Get operations. | |
1159 | * On the other hand, we don't offer Dump operations because of the | |
1160 | * following reasons : | |
1161 | * o Large number of parameters, most optional | |
1162 | * o Large size of some parameters (> 100 bytes) | |
1163 | * o Each parameters need to be extracted from hardware | |
1164 | * o Scan requests can take seconds and disable network activity. | |
1165 | * Because of this high cost/overhead, we want to return only the | |
1166 | * parameters the user application is really interested in. | |
1167 | * We could offer partial Dump using the IW_DESCR_FLAG_DUMP flag. | |
1168 | * | |
1169 | * The API uses the standard RtNetlink socket. When the RtNetlink code | |
1170 | * find a IFLA_WIRELESS field in a RtNetlink SET_LINK request, | |
1171 | * it calls here. | |
1172 | */ | |
1173 | ||
1174 | #ifdef CONFIG_NET_WIRELESS_RTNETLINK | |
1175 | /* ---------------------------------------------------------------- */ | |
1176 | /* | |
1177 | * Wrapper to call a standard Wireless Extension GET handler. | |
1178 | * We do various checks and call the handler with the proper args. | |
1179 | */ | |
1180 | static int rtnetlink_standard_get(struct net_device * dev, | |
1181 | struct iw_event * request, | |
1182 | int request_len, | |
1183 | iw_handler handler, | |
1184 | char ** p_buf, | |
1185 | int * p_len) | |
1186 | { | |
1187 | const struct iw_ioctl_description * descr = NULL; | |
1188 | unsigned int cmd; | |
1189 | union iwreq_data * wrqu; | |
1190 | int hdr_len; | |
1191 | struct iw_request_info info; | |
1192 | char * buffer = NULL; | |
1193 | int buffer_size = 0; | |
1194 | int ret = -EINVAL; | |
1195 | ||
1196 | /* Get the description of the Request */ | |
1197 | cmd = request->cmd; | |
e71a4783 | 1198 | if ((cmd - SIOCIWFIRST) >= standard_ioctl_num) |
711e2c33 JT |
1199 | return -EOPNOTSUPP; |
1200 | descr = &(standard_ioctl[cmd - SIOCIWFIRST]); | |
1201 | ||
1202 | #ifdef WE_RTNETLINK_DEBUG | |
1203 | printk(KERN_DEBUG "%s (WE.r) : Found standard handler for 0x%04X\n", | |
1204 | dev->name, cmd); | |
1205 | printk(KERN_DEBUG "%s (WE.r) : Header type : %d, Token type : %d, size : %d, token : %d\n", dev->name, descr->header_type, descr->token_type, descr->token_size, descr->max_tokens); | |
1206 | #endif /* WE_RTNETLINK_DEBUG */ | |
1207 | ||
1208 | /* Check if wrqu is complete */ | |
1209 | hdr_len = event_type_size[descr->header_type]; | |
e71a4783 | 1210 | if (request_len < hdr_len) { |
711e2c33 JT |
1211 | #ifdef WE_RTNETLINK_DEBUG |
1212 | printk(KERN_DEBUG | |
1213 | "%s (WE.r) : Wireless request too short (%d)\n", | |
1214 | dev->name, request_len); | |
1215 | #endif /* WE_RTNETLINK_DEBUG */ | |
1216 | return -EINVAL; | |
1217 | } | |
1218 | ||
1219 | /* Prepare the call */ | |
1220 | info.cmd = cmd; | |
1221 | info.flags = 0; | |
1222 | ||
1223 | /* Check if we have extra data in the reply or not */ | |
e71a4783 | 1224 | if (descr->header_type != IW_HEADER_TYPE_POINT) { |
711e2c33 JT |
1225 | |
1226 | /* Create the kernel buffer that we will return. | |
1227 | * It's at an offset to match the TYPE_POINT case... */ | |
1228 | buffer_size = request_len + IW_EV_POINT_OFF; | |
1229 | buffer = kmalloc(buffer_size, GFP_KERNEL); | |
1230 | if (buffer == NULL) { | |
1231 | return -ENOMEM; | |
1232 | } | |
1233 | /* Copy event data */ | |
1234 | memcpy(buffer + IW_EV_POINT_OFF, request, request_len); | |
1235 | /* Use our own copy of wrqu */ | |
1236 | wrqu = (union iwreq_data *) (buffer + IW_EV_POINT_OFF | |
c2805fbb | 1237 | + IW_EV_LCP_PK_LEN); |
711e2c33 JT |
1238 | |
1239 | /* No extra arguments. Trivial to handle */ | |
1240 | ret = handler(dev, &info, wrqu, NULL); | |
1241 | ||
1242 | } else { | |
1243 | union iwreq_data wrqu_point; | |
1244 | char * extra = NULL; | |
1245 | int extra_size = 0; | |
1246 | ||
1247 | /* Get a temp copy of wrqu (skip pointer) */ | |
1248 | memcpy(((char *) &wrqu_point) + IW_EV_POINT_OFF, | |
c2805fbb JT |
1249 | ((char *) request) + IW_EV_LCP_PK_LEN, |
1250 | IW_EV_POINT_LEN - IW_EV_LCP_PK_LEN); | |
711e2c33 JT |
1251 | |
1252 | /* Calculate space needed by arguments. Always allocate | |
1253 | * for max space. Easier, and won't last long... */ | |
1254 | extra_size = descr->max_tokens * descr->token_size; | |
1255 | /* Support for very large requests */ | |
e71a4783 | 1256 | if ((descr->flags & IW_DESCR_FLAG_NOMAX) && |
711e2c33 JT |
1257 | (wrqu_point.data.length > descr->max_tokens)) |
1258 | extra_size = (wrqu_point.data.length | |
1259 | * descr->token_size); | |
c2805fbb | 1260 | buffer_size = extra_size + IW_EV_POINT_PK_LEN + IW_EV_POINT_OFF; |
711e2c33 JT |
1261 | #ifdef WE_RTNETLINK_DEBUG |
1262 | printk(KERN_DEBUG "%s (WE.r) : Malloc %d bytes (%d bytes)\n", | |
1263 | dev->name, extra_size, buffer_size); | |
1264 | #endif /* WE_RTNETLINK_DEBUG */ | |
1265 | ||
1266 | /* Create the kernel buffer that we will return */ | |
1267 | buffer = kmalloc(buffer_size, GFP_KERNEL); | |
1268 | if (buffer == NULL) { | |
1269 | return -ENOMEM; | |
1270 | } | |
1271 | ||
1272 | /* Put wrqu in the right place (just before extra). | |
1273 | * Leave space for IWE header and dummy pointer... | |
c2805fbb | 1274 | * Note that IW_EV_LCP_PK_LEN==4 bytes, so it's still aligned. |
711e2c33 | 1275 | */ |
c2805fbb | 1276 | memcpy(buffer + IW_EV_LCP_PK_LEN + IW_EV_POINT_OFF, |
711e2c33 | 1277 | ((char *) &wrqu_point) + IW_EV_POINT_OFF, |
c2805fbb JT |
1278 | IW_EV_POINT_PK_LEN - IW_EV_LCP_PK_LEN); |
1279 | wrqu = (union iwreq_data *) (buffer + IW_EV_LCP_PK_LEN); | |
711e2c33 JT |
1280 | |
1281 | /* Extra comes logically after that. Offset +12 bytes. */ | |
c2805fbb | 1282 | extra = buffer + IW_EV_POINT_OFF + IW_EV_POINT_PK_LEN; |
711e2c33 JT |
1283 | |
1284 | /* Call the handler */ | |
1285 | ret = handler(dev, &info, wrqu, extra); | |
1286 | ||
1287 | /* Calculate real returned length */ | |
1288 | extra_size = (wrqu->data.length * descr->token_size); | |
1289 | /* Re-adjust reply size */ | |
c2805fbb | 1290 | request->len = extra_size + IW_EV_POINT_PK_LEN; |
711e2c33 JT |
1291 | |
1292 | /* Put the iwe header where it should, i.e. scrap the | |
1293 | * dummy pointer. */ | |
c2805fbb | 1294 | memcpy(buffer + IW_EV_POINT_OFF, request, IW_EV_LCP_PK_LEN); |
711e2c33 JT |
1295 | |
1296 | #ifdef WE_RTNETLINK_DEBUG | |
1297 | printk(KERN_DEBUG "%s (WE.r) : Reply 0x%04X, hdr_len %d, tokens %d, extra_size %d, buffer_size %d\n", dev->name, cmd, hdr_len, wrqu->data.length, extra_size, buffer_size); | |
1298 | #endif /* WE_RTNETLINK_DEBUG */ | |
1299 | ||
1300 | /* Check if there is enough buffer up there */ | |
e71a4783 | 1301 | if (wrqu_point.data.length < wrqu->data.length) |
711e2c33 JT |
1302 | ret = -E2BIG; |
1303 | } | |
1304 | ||
1305 | /* Return the buffer to the caller */ | |
1306 | if (!ret) { | |
1307 | *p_buf = buffer; | |
1308 | *p_len = request->len; | |
1309 | } else { | |
1310 | /* Cleanup */ | |
e71a4783 | 1311 | if (buffer) |
711e2c33 JT |
1312 | kfree(buffer); |
1313 | } | |
1314 | ||
1315 | return ret; | |
1316 | } | |
1317 | ||
1318 | /* ---------------------------------------------------------------- */ | |
1319 | /* | |
1320 | * Wrapper to call a standard Wireless Extension SET handler. | |
1321 | * We do various checks and call the handler with the proper args. | |
1322 | */ | |
1323 | static inline int rtnetlink_standard_set(struct net_device * dev, | |
1324 | struct iw_event * request, | |
1325 | int request_len, | |
1326 | iw_handler handler) | |
1327 | { | |
1328 | const struct iw_ioctl_description * descr = NULL; | |
1329 | unsigned int cmd; | |
1330 | union iwreq_data * wrqu; | |
1331 | union iwreq_data wrqu_point; | |
1332 | int hdr_len; | |
1333 | char * extra = NULL; | |
1334 | int extra_size = 0; | |
1335 | struct iw_request_info info; | |
1336 | int ret = -EINVAL; | |
1337 | ||
1338 | /* Get the description of the Request */ | |
1339 | cmd = request->cmd; | |
e71a4783 | 1340 | if ((cmd - SIOCIWFIRST) >= standard_ioctl_num) |
711e2c33 JT |
1341 | return -EOPNOTSUPP; |
1342 | descr = &(standard_ioctl[cmd - SIOCIWFIRST]); | |
1343 | ||
1344 | #ifdef WE_RTNETLINK_DEBUG | |
1345 | printk(KERN_DEBUG "%s (WE.r) : Found standard SET handler for 0x%04X\n", | |
1346 | dev->name, cmd); | |
1347 | printk(KERN_DEBUG "%s (WE.r) : Header type : %d, Token type : %d, size : %d, token : %d\n", dev->name, descr->header_type, descr->token_type, descr->token_size, descr->max_tokens); | |
1348 | #endif /* WE_RTNETLINK_DEBUG */ | |
1349 | ||
1350 | /* Extract fixed header from request. This is properly aligned. */ | |
c2805fbb | 1351 | wrqu = (union iwreq_data *) (((char *) request) + IW_EV_LCP_PK_LEN); |
711e2c33 JT |
1352 | |
1353 | /* Check if wrqu is complete */ | |
c2805fbb | 1354 | hdr_len = event_type_pk_size[descr->header_type]; |
e71a4783 | 1355 | if (request_len < hdr_len) { |
711e2c33 JT |
1356 | #ifdef WE_RTNETLINK_DEBUG |
1357 | printk(KERN_DEBUG | |
1358 | "%s (WE.r) : Wireless request too short (%d)\n", | |
1359 | dev->name, request_len); | |
1360 | #endif /* WE_RTNETLINK_DEBUG */ | |
1361 | return -EINVAL; | |
1362 | } | |
1363 | ||
1364 | /* Prepare the call */ | |
1365 | info.cmd = cmd; | |
1366 | info.flags = 0; | |
1367 | ||
1368 | /* Check if we have extra data in the request or not */ | |
e71a4783 | 1369 | if (descr->header_type != IW_HEADER_TYPE_POINT) { |
711e2c33 JT |
1370 | |
1371 | /* No extra arguments. Trivial to handle */ | |
1372 | ret = handler(dev, &info, wrqu, NULL); | |
1373 | ||
1374 | } else { | |
1375 | int extra_len; | |
1376 | ||
1377 | /* Put wrqu in the right place (skip pointer) */ | |
1378 | memcpy(((char *) &wrqu_point) + IW_EV_POINT_OFF, | |
c2805fbb | 1379 | wrqu, IW_EV_POINT_PK_LEN - IW_EV_LCP_PK_LEN); |
711e2c33 JT |
1380 | /* Don't forget about the event code... */ |
1381 | wrqu = &wrqu_point; | |
1382 | ||
1383 | /* Check if number of token fits within bounds */ | |
e71a4783 | 1384 | if (wrqu_point.data.length > descr->max_tokens) |
711e2c33 | 1385 | return -E2BIG; |
e71a4783 | 1386 | if (wrqu_point.data.length < descr->min_tokens) |
711e2c33 JT |
1387 | return -EINVAL; |
1388 | ||
1389 | /* Real length of payload */ | |
1390 | extra_len = wrqu_point.data.length * descr->token_size; | |
1391 | ||
1392 | /* Check if request is self consistent */ | |
e71a4783 | 1393 | if ((request_len - hdr_len) < extra_len) { |
711e2c33 JT |
1394 | #ifdef WE_RTNETLINK_DEBUG |
1395 | printk(KERN_DEBUG "%s (WE.r) : Wireless request data too short (%d)\n", | |
1396 | dev->name, extra_size); | |
1397 | #endif /* WE_RTNETLINK_DEBUG */ | |
1398 | return -EINVAL; | |
1399 | } | |
1400 | ||
1401 | #ifdef WE_RTNETLINK_DEBUG | |
1402 | printk(KERN_DEBUG "%s (WE.r) : Malloc %d bytes\n", | |
1403 | dev->name, extra_size); | |
1404 | #endif /* WE_RTNETLINK_DEBUG */ | |
1405 | ||
1406 | /* Always allocate for max space. Easier, and won't last | |
1407 | * long... */ | |
1408 | extra_size = descr->max_tokens * descr->token_size; | |
1409 | extra = kmalloc(extra_size, GFP_KERNEL); | |
1410 | if (extra == NULL) | |
1411 | return -ENOMEM; | |
1412 | ||
1413 | /* Copy extra in aligned buffer */ | |
1414 | memcpy(extra, ((char *) request) + hdr_len, extra_len); | |
1415 | ||
1416 | /* Call the handler */ | |
1417 | ret = handler(dev, &info, &wrqu_point, extra); | |
1418 | } | |
1419 | ||
1420 | #ifdef WE_SET_EVENT | |
1421 | /* Generate an event to notify listeners of the change */ | |
e71a4783 | 1422 | if ((descr->flags & IW_DESCR_FLAG_EVENT) && |
711e2c33 | 1423 | ((ret == 0) || (ret == -EIWCOMMIT))) { |
e71a4783 | 1424 | if (descr->flags & IW_DESCR_FLAG_RESTRICT) |
711e2c33 JT |
1425 | /* If the event is restricted, don't |
1426 | * export the payload */ | |
1427 | wireless_send_event(dev, cmd, wrqu, NULL); | |
1428 | else | |
1429 | wireless_send_event(dev, cmd, wrqu, extra); | |
1430 | } | |
1431 | #endif /* WE_SET_EVENT */ | |
1432 | ||
1433 | /* Cleanup - I told you it wasn't that long ;-) */ | |
e71a4783 | 1434 | if (extra) |
711e2c33 JT |
1435 | kfree(extra); |
1436 | ||
1437 | /* Call commit handler if needed and defined */ | |
e71a4783 | 1438 | if (ret == -EIWCOMMIT) |
711e2c33 JT |
1439 | ret = call_commit_handler(dev); |
1440 | ||
1441 | return ret; | |
1442 | } | |
1443 | ||
1444 | /* ---------------------------------------------------------------- */ | |
1445 | /* | |
1446 | * Wrapper to call a private Wireless Extension GET handler. | |
1447 | * Same as above... | |
1448 | * It's not as nice and slimline as the standard wrapper. The cause | |
1449 | * is struct iw_priv_args, which was not really designed for the | |
1450 | * job we are going here. | |
1451 | * | |
1452 | * IMPORTANT : This function prevent to set and get data on the same | |
1453 | * IOCTL and enforce the SET/GET convention. Not doing it would be | |
1454 | * far too hairy... | |
1455 | * If you need to set and get data at the same time, please don't use | |
1456 | * a iw_handler but process it in your ioctl handler (i.e. use the | |
1457 | * old driver API). | |
1458 | */ | |
1459 | static inline int rtnetlink_private_get(struct net_device * dev, | |
1460 | struct iw_event * request, | |
1461 | int request_len, | |
1462 | iw_handler handler, | |
1463 | char ** p_buf, | |
1464 | int * p_len) | |
1465 | { | |
1466 | const struct iw_priv_args * descr = NULL; | |
1467 | unsigned int cmd; | |
1468 | union iwreq_data * wrqu; | |
1469 | int hdr_len; | |
1470 | struct iw_request_info info; | |
1471 | int extra_size = 0; | |
1472 | int i; | |
1473 | char * buffer = NULL; | |
1474 | int buffer_size = 0; | |
1475 | int ret = -EINVAL; | |
1476 | ||
1477 | /* Get the description of the Request */ | |
1478 | cmd = request->cmd; | |
e71a4783 SH |
1479 | for (i = 0; i < dev->wireless_handlers->num_private_args; i++) |
1480 | if (cmd == dev->wireless_handlers->private_args[i].cmd) { | |
711e2c33 JT |
1481 | descr = &(dev->wireless_handlers->private_args[i]); |
1482 | break; | |
1483 | } | |
e71a4783 | 1484 | if (descr == NULL) |
711e2c33 JT |
1485 | return -EOPNOTSUPP; |
1486 | ||
1487 | #ifdef WE_RTNETLINK_DEBUG | |
1488 | printk(KERN_DEBUG "%s (WE.r) : Found private handler for 0x%04X\n", | |
1489 | dev->name, cmd); | |
1490 | printk(KERN_DEBUG "%s (WE.r) : Name %s, set %X, get %X\n", | |
1491 | dev->name, descr->name, descr->set_args, descr->get_args); | |
1492 | #endif /* WE_RTNETLINK_DEBUG */ | |
1493 | ||
1494 | /* Compute the max size of the get arguments */ | |
1495 | extra_size = get_priv_size(descr->get_args); | |
1496 | ||
1497 | /* Does it fits in wrqu ? */ | |
e71a4783 | 1498 | if ((descr->get_args & IW_PRIV_SIZE_FIXED) && |
711e2c33 JT |
1499 | (extra_size <= IFNAMSIZ)) { |
1500 | hdr_len = extra_size; | |
1501 | extra_size = 0; | |
1502 | } else { | |
c2805fbb | 1503 | hdr_len = IW_EV_POINT_PK_LEN; |
711e2c33 JT |
1504 | } |
1505 | ||
1506 | /* Check if wrqu is complete */ | |
e71a4783 | 1507 | if (request_len < hdr_len) { |
711e2c33 JT |
1508 | #ifdef WE_RTNETLINK_DEBUG |
1509 | printk(KERN_DEBUG | |
1510 | "%s (WE.r) : Wireless request too short (%d)\n", | |
1511 | dev->name, request_len); | |
1512 | #endif /* WE_RTNETLINK_DEBUG */ | |
1513 | return -EINVAL; | |
1514 | } | |
1515 | ||
1516 | /* Prepare the call */ | |
1517 | info.cmd = cmd; | |
1518 | info.flags = 0; | |
1519 | ||
1520 | /* Check if we have a pointer to user space data or not. */ | |
e71a4783 | 1521 | if (extra_size == 0) { |
711e2c33 JT |
1522 | |
1523 | /* Create the kernel buffer that we will return. | |
1524 | * It's at an offset to match the TYPE_POINT case... */ | |
1525 | buffer_size = request_len + IW_EV_POINT_OFF; | |
1526 | buffer = kmalloc(buffer_size, GFP_KERNEL); | |
1527 | if (buffer == NULL) { | |
1528 | return -ENOMEM; | |
1529 | } | |
1530 | /* Copy event data */ | |
1531 | memcpy(buffer + IW_EV_POINT_OFF, request, request_len); | |
1532 | /* Use our own copy of wrqu */ | |
1533 | wrqu = (union iwreq_data *) (buffer + IW_EV_POINT_OFF | |
c2805fbb | 1534 | + IW_EV_LCP_PK_LEN); |
711e2c33 JT |
1535 | |
1536 | /* No extra arguments. Trivial to handle */ | |
1537 | ret = handler(dev, &info, wrqu, (char *) wrqu); | |
1538 | ||
1539 | } else { | |
1540 | char * extra; | |
1541 | ||
1542 | /* Buffer for full reply */ | |
c2805fbb | 1543 | buffer_size = extra_size + IW_EV_POINT_PK_LEN + IW_EV_POINT_OFF; |
711e2c33 JT |
1544 | |
1545 | #ifdef WE_RTNETLINK_DEBUG | |
1546 | printk(KERN_DEBUG "%s (WE.r) : Malloc %d bytes (%d bytes)\n", | |
1547 | dev->name, extra_size, buffer_size); | |
1548 | #endif /* WE_RTNETLINK_DEBUG */ | |
1549 | ||
1550 | /* Create the kernel buffer that we will return */ | |
1551 | buffer = kmalloc(buffer_size, GFP_KERNEL); | |
1552 | if (buffer == NULL) { | |
1553 | return -ENOMEM; | |
1554 | } | |
1555 | ||
1556 | /* Put wrqu in the right place (just before extra). | |
1557 | * Leave space for IWE header and dummy pointer... | |
c2805fbb | 1558 | * Note that IW_EV_LCP_PK_LEN==4 bytes, so it's still aligned. |
711e2c33 | 1559 | */ |
c2805fbb JT |
1560 | memcpy(buffer + IW_EV_LCP_PK_LEN + IW_EV_POINT_OFF, |
1561 | ((char *) request) + IW_EV_LCP_PK_LEN, | |
1562 | IW_EV_POINT_PK_LEN - IW_EV_LCP_PK_LEN); | |
1563 | wrqu = (union iwreq_data *) (buffer + IW_EV_LCP_PK_LEN); | |
711e2c33 JT |
1564 | |
1565 | /* Extra comes logically after that. Offset +12 bytes. */ | |
c2805fbb | 1566 | extra = buffer + IW_EV_POINT_OFF + IW_EV_POINT_PK_LEN; |
711e2c33 JT |
1567 | |
1568 | /* Call the handler */ | |
1569 | ret = handler(dev, &info, wrqu, extra); | |
1570 | ||
1571 | /* Adjust for the actual length if it's variable, | |
1572 | * avoid leaking kernel bits outside. */ | |
1573 | if (!(descr->get_args & IW_PRIV_SIZE_FIXED)) | |
1574 | extra_size = adjust_priv_size(descr->get_args, wrqu); | |
1575 | /* Re-adjust reply size */ | |
c2805fbb | 1576 | request->len = extra_size + IW_EV_POINT_PK_LEN; |
711e2c33 JT |
1577 | |
1578 | /* Put the iwe header where it should, i.e. scrap the | |
1579 | * dummy pointer. */ | |
c2805fbb | 1580 | memcpy(buffer + IW_EV_POINT_OFF, request, IW_EV_LCP_PK_LEN); |
711e2c33 JT |
1581 | |
1582 | #ifdef WE_RTNETLINK_DEBUG | |
1583 | printk(KERN_DEBUG "%s (WE.r) : Reply 0x%04X, hdr_len %d, tokens %d, extra_size %d, buffer_size %d\n", dev->name, cmd, hdr_len, wrqu->data.length, extra_size, buffer_size); | |
1584 | #endif /* WE_RTNETLINK_DEBUG */ | |
1585 | } | |
1586 | ||
1587 | /* Return the buffer to the caller */ | |
1588 | if (!ret) { | |
1589 | *p_buf = buffer; | |
1590 | *p_len = request->len; | |
1591 | } else { | |
1592 | /* Cleanup */ | |
e71a4783 | 1593 | if (buffer) |
711e2c33 JT |
1594 | kfree(buffer); |
1595 | } | |
1596 | ||
1597 | return ret; | |
1598 | } | |
1599 | ||
1600 | /* ---------------------------------------------------------------- */ | |
1601 | /* | |
1602 | * Wrapper to call a private Wireless Extension SET handler. | |
1603 | * Same as above... | |
1604 | * It's not as nice and slimline as the standard wrapper. The cause | |
1605 | * is struct iw_priv_args, which was not really designed for the | |
1606 | * job we are going here. | |
1607 | * | |
1608 | * IMPORTANT : This function prevent to set and get data on the same | |
1609 | * IOCTL and enforce the SET/GET convention. Not doing it would be | |
1610 | * far too hairy... | |
1611 | * If you need to set and get data at the same time, please don't use | |
1612 | * a iw_handler but process it in your ioctl handler (i.e. use the | |
1613 | * old driver API). | |
1614 | */ | |
1615 | static inline int rtnetlink_private_set(struct net_device * dev, | |
1616 | struct iw_event * request, | |
1617 | int request_len, | |
1618 | iw_handler handler) | |
1619 | { | |
1620 | const struct iw_priv_args * descr = NULL; | |
1621 | unsigned int cmd; | |
1622 | union iwreq_data * wrqu; | |
1623 | union iwreq_data wrqu_point; | |
1624 | int hdr_len; | |
1625 | char * extra = NULL; | |
1626 | int extra_size = 0; | |
1627 | int offset = 0; /* For sub-ioctls */ | |
1628 | struct iw_request_info info; | |
1629 | int i; | |
1630 | int ret = -EINVAL; | |
1631 | ||
1632 | /* Get the description of the Request */ | |
1633 | cmd = request->cmd; | |
e71a4783 SH |
1634 | for (i = 0; i < dev->wireless_handlers->num_private_args; i++) |
1635 | if (cmd == dev->wireless_handlers->private_args[i].cmd) { | |
711e2c33 JT |
1636 | descr = &(dev->wireless_handlers->private_args[i]); |
1637 | break; | |
1638 | } | |
e71a4783 | 1639 | if (descr == NULL) |
711e2c33 JT |
1640 | return -EOPNOTSUPP; |
1641 | ||
1642 | #ifdef WE_RTNETLINK_DEBUG | |
1643 | printk(KERN_DEBUG "%s (WE.r) : Found private handler for 0x%04X\n", | |
1644 | ifr->ifr_name, cmd); | |
1645 | printk(KERN_DEBUG "%s (WE.r) : Name %s, set %X, get %X\n", | |
1646 | dev->name, descr->name, descr->set_args, descr->get_args); | |
1647 | #endif /* WE_RTNETLINK_DEBUG */ | |
1648 | ||
1649 | /* Compute the size of the set arguments */ | |
1650 | /* Check for sub-ioctl handler */ | |
e71a4783 | 1651 | if (descr->name[0] == '\0') |
711e2c33 JT |
1652 | /* Reserve one int for sub-ioctl index */ |
1653 | offset = sizeof(__u32); | |
1654 | ||
1655 | /* Size of set arguments */ | |
1656 | extra_size = get_priv_size(descr->set_args); | |
1657 | ||
1658 | /* Does it fits in wrqu ? */ | |
e71a4783 | 1659 | if ((descr->set_args & IW_PRIV_SIZE_FIXED) && |
711e2c33 | 1660 | (extra_size <= IFNAMSIZ)) { |
c2805fbb | 1661 | hdr_len = IW_EV_LCP_PK_LEN + extra_size; |
711e2c33 JT |
1662 | extra_size = 0; |
1663 | } else { | |
c2805fbb | 1664 | hdr_len = IW_EV_POINT_PK_LEN; |
711e2c33 JT |
1665 | } |
1666 | ||
1667 | /* Extract fixed header from request. This is properly aligned. */ | |
c2805fbb | 1668 | wrqu = (union iwreq_data *) (((char *) request) + IW_EV_LCP_PK_LEN); |
711e2c33 JT |
1669 | |
1670 | /* Check if wrqu is complete */ | |
e71a4783 | 1671 | if (request_len < hdr_len) { |
711e2c33 JT |
1672 | #ifdef WE_RTNETLINK_DEBUG |
1673 | printk(KERN_DEBUG | |
1674 | "%s (WE.r) : Wireless request too short (%d)\n", | |
1675 | dev->name, request_len); | |
1676 | #endif /* WE_RTNETLINK_DEBUG */ | |
1677 | return -EINVAL; | |
1678 | } | |
1679 | ||
1680 | /* Prepare the call */ | |
1681 | info.cmd = cmd; | |
1682 | info.flags = 0; | |
1683 | ||
1684 | /* Check if we have a pointer to user space data or not. */ | |
e71a4783 | 1685 | if (extra_size == 0) { |
711e2c33 JT |
1686 | |
1687 | /* No extra arguments. Trivial to handle */ | |
1688 | ret = handler(dev, &info, wrqu, (char *) wrqu); | |
1689 | ||
1690 | } else { | |
1691 | int extra_len; | |
1692 | ||
1693 | /* Put wrqu in the right place (skip pointer) */ | |
1694 | memcpy(((char *) &wrqu_point) + IW_EV_POINT_OFF, | |
c2805fbb | 1695 | wrqu, IW_EV_POINT_PK_LEN - IW_EV_LCP_PK_LEN); |
711e2c33 JT |
1696 | |
1697 | /* Does it fits within bounds ? */ | |
e71a4783 | 1698 | if (wrqu_point.data.length > (descr->set_args & |
711e2c33 JT |
1699 | IW_PRIV_SIZE_MASK)) |
1700 | return -E2BIG; | |
1701 | ||
1702 | /* Real length of payload */ | |
1703 | extra_len = adjust_priv_size(descr->set_args, &wrqu_point); | |
1704 | ||
1705 | /* Check if request is self consistent */ | |
e71a4783 | 1706 | if ((request_len - hdr_len) < extra_len) { |
711e2c33 JT |
1707 | #ifdef WE_RTNETLINK_DEBUG |
1708 | printk(KERN_DEBUG "%s (WE.r) : Wireless request data too short (%d)\n", | |
1709 | dev->name, extra_size); | |
1710 | #endif /* WE_RTNETLINK_DEBUG */ | |
1711 | return -EINVAL; | |
1712 | } | |
1713 | ||
1714 | #ifdef WE_RTNETLINK_DEBUG | |
1715 | printk(KERN_DEBUG "%s (WE.r) : Malloc %d bytes\n", | |
1716 | dev->name, extra_size); | |
1717 | #endif /* WE_RTNETLINK_DEBUG */ | |
1718 | ||
1719 | /* Always allocate for max space. Easier, and won't last | |
1720 | * long... */ | |
1721 | extra = kmalloc(extra_size, GFP_KERNEL); | |
1722 | if (extra == NULL) | |
1723 | return -ENOMEM; | |
1724 | ||
1725 | /* Copy extra in aligned buffer */ | |
1726 | memcpy(extra, ((char *) request) + hdr_len, extra_len); | |
1727 | ||
1728 | /* Call the handler */ | |
1729 | ret = handler(dev, &info, &wrqu_point, extra); | |
1730 | ||
1731 | /* Cleanup - I told you it wasn't that long ;-) */ | |
1732 | kfree(extra); | |
1733 | } | |
1734 | ||
1735 | /* Call commit handler if needed and defined */ | |
e71a4783 | 1736 | if (ret == -EIWCOMMIT) |
711e2c33 JT |
1737 | ret = call_commit_handler(dev); |
1738 | ||
1739 | return ret; | |
1740 | } | |
1741 | ||
1742 | /* ---------------------------------------------------------------- */ | |
1743 | /* | |
1744 | * Main RtNetlink dispatcher. Called from the main networking code | |
1745 | * (do_getlink() in net/core/rtnetlink.c). | |
1746 | * Check the type of Request and call the appropriate wrapper... | |
1747 | */ | |
1748 | int wireless_rtnetlink_get(struct net_device * dev, | |
1749 | char * data, | |
1750 | int len, | |
1751 | char ** p_buf, | |
1752 | int * p_len) | |
1753 | { | |
1754 | struct iw_event * request = (struct iw_event *) data; | |
1755 | iw_handler handler; | |
1756 | ||
1757 | /* Check length */ | |
e71a4783 | 1758 | if (len < IW_EV_LCP_PK_LEN) { |
711e2c33 JT |
1759 | printk(KERN_DEBUG "%s (WE.r) : RtNetlink request too short (%d)\n", |
1760 | dev->name, len); | |
1761 | return -EINVAL; | |
1762 | } | |
1763 | ||
1764 | /* ReCheck length (len may have padding) */ | |
e71a4783 | 1765 | if (request->len > len) { |
711e2c33 JT |
1766 | printk(KERN_DEBUG "%s (WE.r) : RtNetlink request len invalid (%d-%d)\n", |
1767 | dev->name, request->len, len); | |
1768 | return -EINVAL; | |
1769 | } | |
1770 | ||
1771 | /* Only accept GET requests in here */ | |
e71a4783 | 1772 | if (!IW_IS_GET(request->cmd)) |
711e2c33 JT |
1773 | return -EOPNOTSUPP; |
1774 | ||
848ef855 JT |
1775 | /* If command is `get the encoding parameters', check if |
1776 | * the user has the right to do it */ | |
1777 | if (request->cmd == SIOCGIWENCODE || | |
1778 | request->cmd == SIOCGIWENCODEEXT) { | |
1779 | if (!capable(CAP_NET_ADMIN)) | |
1780 | return -EPERM; | |
1781 | } | |
1782 | ||
711e2c33 | 1783 | /* Special cases */ |
e71a4783 | 1784 | if (request->cmd == SIOCGIWSTATS) |
711e2c33 JT |
1785 | /* Get Wireless Stats */ |
1786 | return rtnetlink_standard_get(dev, | |
1787 | request, | |
1788 | request->len, | |
1789 | &iw_handler_get_iwstats, | |
1790 | p_buf, p_len); | |
e71a4783 | 1791 | if (request->cmd == SIOCGIWPRIV) { |
711e2c33 | 1792 | /* Check if we have some wireless handlers defined */ |
e71a4783 | 1793 | if (dev->wireless_handlers == NULL) |
711e2c33 JT |
1794 | return -EOPNOTSUPP; |
1795 | /* Get Wireless Stats */ | |
1796 | return rtnetlink_standard_get(dev, | |
1797 | request, | |
1798 | request->len, | |
1799 | &iw_handler_get_private, | |
1800 | p_buf, p_len); | |
1801 | } | |
1802 | ||
1803 | /* Basic check */ | |
1804 | if (!netif_device_present(dev)) | |
1805 | return -ENODEV; | |
1806 | ||
1807 | /* Try to find the handler */ | |
1808 | handler = get_handler(dev, request->cmd); | |
e71a4783 | 1809 | if (handler != NULL) { |
711e2c33 | 1810 | /* Standard and private are not the same */ |
e71a4783 | 1811 | if (request->cmd < SIOCIWFIRSTPRIV) |
711e2c33 JT |
1812 | return rtnetlink_standard_get(dev, |
1813 | request, | |
1814 | request->len, | |
1815 | handler, | |
1816 | p_buf, p_len); | |
1817 | else | |
1818 | return rtnetlink_private_get(dev, | |
1819 | request, | |
1820 | request->len, | |
1821 | handler, | |
1822 | p_buf, p_len); | |
1823 | } | |
1824 | ||
1825 | return -EOPNOTSUPP; | |
1826 | } | |
1827 | ||
1828 | /* ---------------------------------------------------------------- */ | |
1829 | /* | |
1830 | * Main RtNetlink dispatcher. Called from the main networking code | |
1831 | * (do_setlink() in net/core/rtnetlink.c). | |
1832 | * Check the type of Request and call the appropriate wrapper... | |
1833 | */ | |
1834 | int wireless_rtnetlink_set(struct net_device * dev, | |
1835 | char * data, | |
1836 | int len) | |
1837 | { | |
1838 | struct iw_event * request = (struct iw_event *) data; | |
1839 | iw_handler handler; | |
1840 | ||
1841 | /* Check length */ | |
e71a4783 | 1842 | if (len < IW_EV_LCP_PK_LEN) { |
711e2c33 JT |
1843 | printk(KERN_DEBUG "%s (WE.r) : RtNetlink request too short (%d)\n", |
1844 | dev->name, len); | |
1845 | return -EINVAL; | |
1846 | } | |
1847 | ||
1848 | /* ReCheck length (len may have padding) */ | |
e71a4783 | 1849 | if (request->len > len) { |
711e2c33 JT |
1850 | printk(KERN_DEBUG "%s (WE.r) : RtNetlink request len invalid (%d-%d)\n", |
1851 | dev->name, request->len, len); | |
1852 | return -EINVAL; | |
1853 | } | |
1854 | ||
1855 | /* Only accept SET requests in here */ | |
e71a4783 | 1856 | if (!IW_IS_SET(request->cmd)) |
711e2c33 JT |
1857 | return -EOPNOTSUPP; |
1858 | ||
1859 | /* Basic check */ | |
1860 | if (!netif_device_present(dev)) | |
1861 | return -ENODEV; | |
1862 | ||
1863 | /* New driver API : try to find the handler */ | |
1864 | handler = get_handler(dev, request->cmd); | |
e71a4783 | 1865 | if (handler != NULL) { |
711e2c33 | 1866 | /* Standard and private are not the same */ |
e71a4783 | 1867 | if (request->cmd < SIOCIWFIRSTPRIV) |
711e2c33 JT |
1868 | return rtnetlink_standard_set(dev, |
1869 | request, | |
1870 | request->len, | |
1871 | handler); | |
1872 | else | |
1873 | return rtnetlink_private_set(dev, | |
1874 | request, | |
1875 | request->len, | |
1876 | handler); | |
1877 | } | |
1878 | ||
1879 | return -EOPNOTSUPP; | |
1880 | } | |
1881 | #endif /* CONFIG_NET_WIRELESS_RTNETLINK */ | |
1882 | ||
1883 | ||
1da177e4 LT |
1884 | /************************* EVENT PROCESSING *************************/ |
1885 | /* | |
1886 | * Process events generated by the wireless layer or the driver. | |
1887 | * Most often, the event will be propagated through rtnetlink | |
1888 | */ | |
1889 | ||
711e2c33 | 1890 | #ifdef WE_EVENT_RTNETLINK |
baef1865 JL |
1891 | /* ---------------------------------------------------------------- */ |
1892 | /* | |
1893 | * Locking... | |
1894 | * ---------- | |
1895 | * | |
1896 | * Thanks to Herbert Xu <herbert@gondor.apana.org.au> for fixing | |
1897 | * the locking issue in here and implementing this code ! | |
1898 | * | |
1899 | * The issue : wireless_send_event() is often called in interrupt context, | |
1900 | * while the Netlink layer can never be called in interrupt context. | |
1901 | * The fully formed RtNetlink events are queued, and then a tasklet is run | |
1902 | * to feed those to Netlink. | |
1903 | * The skb_queue is interrupt safe, and its lock is not held while calling | |
1904 | * Netlink, so there is no possibility of dealock. | |
1905 | * Jean II | |
1906 | */ | |
1907 | ||
782a6675 HX |
1908 | static struct sk_buff_head wireless_nlevent_queue; |
1909 | ||
baef1865 JL |
1910 | static int __init wireless_nlevent_init(void) |
1911 | { | |
1912 | skb_queue_head_init(&wireless_nlevent_queue); | |
1913 | return 0; | |
1914 | } | |
1915 | ||
1916 | subsys_initcall(wireless_nlevent_init); | |
1917 | ||
782a6675 HX |
1918 | static void wireless_nlevent_process(unsigned long data) |
1919 | { | |
1920 | struct sk_buff *skb; | |
1921 | ||
1922 | while ((skb = skb_dequeue(&wireless_nlevent_queue))) | |
bd5785ba | 1923 | rtnl_notify(skb, 0, RTNLGRP_LINK, NULL, GFP_ATOMIC); |
782a6675 HX |
1924 | } |
1925 | ||
1926 | static DECLARE_TASKLET(wireless_nlevent_tasklet, wireless_nlevent_process, 0); | |
1927 | ||
1da177e4 LT |
1928 | /* ---------------------------------------------------------------- */ |
1929 | /* | |
1930 | * Fill a rtnetlink message with our event data. | |
1931 | * Note that we propage only the specified event and don't dump the | |
1932 | * current wireless config. Dumping the wireless config is far too | |
1933 | * expensive (for each parameter, the driver need to query the hardware). | |
1934 | */ | |
1935 | static inline int rtnetlink_fill_iwinfo(struct sk_buff * skb, | |
1936 | struct net_device * dev, | |
1937 | int type, | |
1938 | char * event, | |
1939 | int event_len) | |
1940 | { | |
1941 | struct ifinfomsg *r; | |
1942 | struct nlmsghdr *nlh; | |
1943 | unsigned char *b = skb->tail; | |
1944 | ||
1945 | nlh = NLMSG_PUT(skb, 0, 0, type, sizeof(*r)); | |
1946 | r = NLMSG_DATA(nlh); | |
1947 | r->ifi_family = AF_UNSPEC; | |
9ef1d4c7 | 1948 | r->__ifi_pad = 0; |
1da177e4 LT |
1949 | r->ifi_type = dev->type; |
1950 | r->ifi_index = dev->ifindex; | |
711e2c33 | 1951 | r->ifi_flags = dev_get_flags(dev); |
1da177e4 LT |
1952 | r->ifi_change = 0; /* Wireless changes don't affect those flags */ |
1953 | ||
1954 | /* Add the wireless events in the netlink packet */ | |
711e2c33 | 1955 | RTA_PUT(skb, IFLA_WIRELESS, event_len, event); |
1da177e4 LT |
1956 | |
1957 | nlh->nlmsg_len = skb->tail - b; | |
1958 | return skb->len; | |
1959 | ||
1960 | nlmsg_failure: | |
1961 | rtattr_failure: | |
1962 | skb_trim(skb, b - skb->data); | |
1963 | return -1; | |
1964 | } | |
1965 | ||
1966 | /* ---------------------------------------------------------------- */ | |
1967 | /* | |
1968 | * Create and broadcast and send it on the standard rtnetlink socket | |
1969 | * This is a pure clone rtmsg_ifinfo() in net/core/rtnetlink.c | |
1970 | * Andrzej Krzysztofowicz mandated that I used a IFLA_XXX field | |
1971 | * within a RTM_NEWLINK event. | |
1972 | */ | |
1973 | static inline void rtmsg_iwinfo(struct net_device * dev, | |
1974 | char * event, | |
1975 | int event_len) | |
1976 | { | |
1977 | struct sk_buff *skb; | |
1978 | int size = NLMSG_GOODSIZE; | |
1979 | ||
1980 | skb = alloc_skb(size, GFP_ATOMIC); | |
1981 | if (!skb) | |
1982 | return; | |
1983 | ||
1984 | if (rtnetlink_fill_iwinfo(skb, dev, RTM_NEWLINK, | |
1985 | event, event_len) < 0) { | |
1986 | kfree_skb(skb); | |
1987 | return; | |
1988 | } | |
ac6d439d | 1989 | NETLINK_CB(skb).dst_group = RTNLGRP_LINK; |
782a6675 HX |
1990 | skb_queue_tail(&wireless_nlevent_queue, skb); |
1991 | tasklet_schedule(&wireless_nlevent_tasklet); | |
1992 | } | |
1993 | ||
711e2c33 | 1994 | #endif /* WE_EVENT_RTNETLINK */ |
1da177e4 LT |
1995 | |
1996 | /* ---------------------------------------------------------------- */ | |
1997 | /* | |
1998 | * Main event dispatcher. Called from other parts and drivers. | |
1999 | * Send the event on the appropriate channels. | |
2000 | * May be called from interrupt context. | |
2001 | */ | |
2002 | void wireless_send_event(struct net_device * dev, | |
2003 | unsigned int cmd, | |
2004 | union iwreq_data * wrqu, | |
2005 | char * extra) | |
2006 | { | |
2007 | const struct iw_ioctl_description * descr = NULL; | |
2008 | int extra_len = 0; | |
2009 | struct iw_event *event; /* Mallocated whole event */ | |
2010 | int event_len; /* Its size */ | |
2011 | int hdr_len; /* Size of the event header */ | |
6582c164 | 2012 | int wrqu_off = 0; /* Offset in wrqu */ |
1da177e4 LT |
2013 | /* Don't "optimise" the following variable, it will crash */ |
2014 | unsigned cmd_index; /* *MUST* be unsigned */ | |
2015 | ||
6582c164 | 2016 | /* Get the description of the Event */ |
e71a4783 | 2017 | if (cmd <= SIOCIWLAST) { |
1da177e4 | 2018 | cmd_index = cmd - SIOCIWFIRST; |
e71a4783 | 2019 | if (cmd_index < standard_ioctl_num) |
1da177e4 LT |
2020 | descr = &(standard_ioctl[cmd_index]); |
2021 | } else { | |
2022 | cmd_index = cmd - IWEVFIRST; | |
e71a4783 | 2023 | if (cmd_index < standard_event_num) |
1da177e4 LT |
2024 | descr = &(standard_event[cmd_index]); |
2025 | } | |
2026 | /* Don't accept unknown events */ | |
e71a4783 | 2027 | if (descr == NULL) { |
1da177e4 LT |
2028 | /* Note : we don't return an error to the driver, because |
2029 | * the driver would not know what to do about it. It can't | |
2030 | * return an error to the user, because the event is not | |
2031 | * initiated by a user request. | |
2032 | * The best the driver could do is to log an error message. | |
2033 | * We will do it ourselves instead... | |
2034 | */ | |
4ec93edb | 2035 | printk(KERN_ERR "%s (WE) : Invalid/Unknown Wireless Event (0x%04X)\n", |
1da177e4 LT |
2036 | dev->name, cmd); |
2037 | return; | |
2038 | } | |
2039 | #ifdef WE_EVENT_DEBUG | |
2040 | printk(KERN_DEBUG "%s (WE) : Got event 0x%04X\n", | |
2041 | dev->name, cmd); | |
2042 | printk(KERN_DEBUG "%s (WE) : Header type : %d, Token type : %d, size : %d, token : %d\n", dev->name, descr->header_type, descr->token_type, descr->token_size, descr->max_tokens); | |
2043 | #endif /* WE_EVENT_DEBUG */ | |
2044 | ||
2045 | /* Check extra parameters and set extra_len */ | |
e71a4783 | 2046 | if (descr->header_type == IW_HEADER_TYPE_POINT) { |
1da177e4 | 2047 | /* Check if number of token fits within bounds */ |
e71a4783 | 2048 | if (wrqu->data.length > descr->max_tokens) { |
4ec93edb | 2049 | printk(KERN_ERR "%s (WE) : Wireless Event too big (%d)\n", dev->name, wrqu->data.length); |
1da177e4 LT |
2050 | return; |
2051 | } | |
e71a4783 | 2052 | if (wrqu->data.length < descr->min_tokens) { |
4ec93edb | 2053 | printk(KERN_ERR "%s (WE) : Wireless Event too small (%d)\n", dev->name, wrqu->data.length); |
1da177e4 LT |
2054 | return; |
2055 | } | |
2056 | /* Calculate extra_len - extra is NULL for restricted events */ | |
e71a4783 | 2057 | if (extra != NULL) |
1da177e4 | 2058 | extra_len = wrqu->data.length * descr->token_size; |
6582c164 JT |
2059 | /* Always at an offset in wrqu */ |
2060 | wrqu_off = IW_EV_POINT_OFF; | |
1da177e4 LT |
2061 | #ifdef WE_EVENT_DEBUG |
2062 | printk(KERN_DEBUG "%s (WE) : Event 0x%04X, tokens %d, extra_len %d\n", dev->name, cmd, wrqu->data.length, extra_len); | |
2063 | #endif /* WE_EVENT_DEBUG */ | |
2064 | } | |
2065 | ||
2066 | /* Total length of the event */ | |
2067 | hdr_len = event_type_size[descr->header_type]; | |
2068 | event_len = hdr_len + extra_len; | |
2069 | ||
2070 | #ifdef WE_EVENT_DEBUG | |
6582c164 | 2071 | printk(KERN_DEBUG "%s (WE) : Event 0x%04X, hdr_len %d, wrqu_off %d, event_len %d\n", dev->name, cmd, hdr_len, wrqu_off, event_len); |
1da177e4 LT |
2072 | #endif /* WE_EVENT_DEBUG */ |
2073 | ||
2074 | /* Create temporary buffer to hold the event */ | |
2075 | event = kmalloc(event_len, GFP_ATOMIC); | |
e71a4783 | 2076 | if (event == NULL) |
1da177e4 LT |
2077 | return; |
2078 | ||
2079 | /* Fill event */ | |
2080 | event->len = event_len; | |
2081 | event->cmd = cmd; | |
6582c164 | 2082 | memcpy(&event->u, ((char *) wrqu) + wrqu_off, hdr_len - IW_EV_LCP_LEN); |
e71a4783 | 2083 | if (extra != NULL) |
1da177e4 LT |
2084 | memcpy(((char *) event) + hdr_len, extra, extra_len); |
2085 | ||
711e2c33 JT |
2086 | #ifdef WE_EVENT_RTNETLINK |
2087 | /* Send via the RtNetlink event channel */ | |
1da177e4 | 2088 | rtmsg_iwinfo(dev, (char *) event, event_len); |
711e2c33 | 2089 | #endif /* WE_EVENT_RTNETLINK */ |
1da177e4 LT |
2090 | |
2091 | /* Cleanup */ | |
2092 | kfree(event); | |
2093 | ||
2094 | return; /* Always success, I guess ;-) */ | |
2095 | } | |
2096 | ||
2097 | /********************** ENHANCED IWSPY SUPPORT **********************/ | |
2098 | /* | |
2099 | * In the old days, the driver was handling spy support all by itself. | |
2100 | * Now, the driver can delegate this task to Wireless Extensions. | |
2101 | * It needs to use those standard spy iw_handler in struct iw_handler_def, | |
2102 | * push data to us via wireless_spy_update() and include struct iw_spy_data | |
6582c164 | 2103 | * in its private part (and export it in net_device->wireless_data->spy_data). |
1da177e4 LT |
2104 | * One of the main advantage of centralising spy support here is that |
2105 | * it becomes much easier to improve and extend it without having to touch | |
2106 | * the drivers. One example is the addition of the Spy-Threshold events. | |
2107 | */ | |
2108 | ||
2109 | /* ---------------------------------------------------------------- */ | |
2110 | /* | |
2111 | * Return the pointer to the spy data in the driver. | |
2112 | * Because this is called on the Rx path via wireless_spy_update(), | |
2113 | * we want it to be efficient... | |
2114 | */ | |
2115 | static inline struct iw_spy_data * get_spydata(struct net_device *dev) | |
2116 | { | |
2117 | /* This is the new way */ | |
e71a4783 | 2118 | if (dev->wireless_data) |
1da177e4 | 2119 | return(dev->wireless_data->spy_data); |
6582c164 | 2120 | return NULL; |
1da177e4 LT |
2121 | } |
2122 | ||
2123 | /*------------------------------------------------------------------*/ | |
2124 | /* | |
2125 | * Standard Wireless Handler : set Spy List | |
2126 | */ | |
2127 | int iw_handler_set_spy(struct net_device * dev, | |
2128 | struct iw_request_info * info, | |
2129 | union iwreq_data * wrqu, | |
2130 | char * extra) | |
2131 | { | |
2132 | struct iw_spy_data * spydata = get_spydata(dev); | |
2133 | struct sockaddr * address = (struct sockaddr *) extra; | |
2134 | ||
1da177e4 | 2135 | /* Make sure driver is not buggy or using the old API */ |
e71a4783 | 2136 | if (!spydata) |
1da177e4 LT |
2137 | return -EOPNOTSUPP; |
2138 | ||
2139 | /* Disable spy collection while we copy the addresses. | |
2140 | * While we copy addresses, any call to wireless_spy_update() | |
2141 | * will NOP. This is OK, as anyway the addresses are changing. */ | |
2142 | spydata->spy_number = 0; | |
2143 | ||
2144 | /* We want to operate without locking, because wireless_spy_update() | |
2145 | * most likely will happen in the interrupt handler, and therefore | |
2146 | * have its own locking constraints and needs performance. | |
2147 | * The rtnl_lock() make sure we don't race with the other iw_handlers. | |
2148 | * This make sure wireless_spy_update() "see" that the spy list | |
2149 | * is temporarily disabled. */ | |
e16aa207 | 2150 | smp_wmb(); |
1da177e4 LT |
2151 | |
2152 | /* Are there are addresses to copy? */ | |
e71a4783 | 2153 | if (wrqu->data.length > 0) { |
1da177e4 LT |
2154 | int i; |
2155 | ||
2156 | /* Copy addresses */ | |
e71a4783 | 2157 | for (i = 0; i < wrqu->data.length; i++) |
1da177e4 LT |
2158 | memcpy(spydata->spy_address[i], address[i].sa_data, |
2159 | ETH_ALEN); | |
2160 | /* Reset stats */ | |
2161 | memset(spydata->spy_stat, 0, | |
2162 | sizeof(struct iw_quality) * IW_MAX_SPY); | |
2163 | ||
2164 | #ifdef WE_SPY_DEBUG | |
6582c164 | 2165 | printk(KERN_DEBUG "iw_handler_set_spy() : wireless_data %p, spydata %p, num %d\n", dev->wireless_data, spydata, wrqu->data.length); |
1da177e4 LT |
2166 | for (i = 0; i < wrqu->data.length; i++) |
2167 | printk(KERN_DEBUG | |
2168 | "%02X:%02X:%02X:%02X:%02X:%02X \n", | |
2169 | spydata->spy_address[i][0], | |
2170 | spydata->spy_address[i][1], | |
2171 | spydata->spy_address[i][2], | |
2172 | spydata->spy_address[i][3], | |
2173 | spydata->spy_address[i][4], | |
2174 | spydata->spy_address[i][5]); | |
2175 | #endif /* WE_SPY_DEBUG */ | |
2176 | } | |
2177 | ||
2178 | /* Make sure above is updated before re-enabling */ | |
e16aa207 | 2179 | smp_wmb(); |
1da177e4 LT |
2180 | |
2181 | /* Enable addresses */ | |
2182 | spydata->spy_number = wrqu->data.length; | |
2183 | ||
2184 | return 0; | |
2185 | } | |
2186 | ||
2187 | /*------------------------------------------------------------------*/ | |
2188 | /* | |
2189 | * Standard Wireless Handler : get Spy List | |
2190 | */ | |
2191 | int iw_handler_get_spy(struct net_device * dev, | |
2192 | struct iw_request_info * info, | |
2193 | union iwreq_data * wrqu, | |
2194 | char * extra) | |
2195 | { | |
2196 | struct iw_spy_data * spydata = get_spydata(dev); | |
2197 | struct sockaddr * address = (struct sockaddr *) extra; | |
2198 | int i; | |
2199 | ||
2200 | /* Make sure driver is not buggy or using the old API */ | |
e71a4783 | 2201 | if (!spydata) |
1da177e4 LT |
2202 | return -EOPNOTSUPP; |
2203 | ||
2204 | wrqu->data.length = spydata->spy_number; | |
2205 | ||
2206 | /* Copy addresses. */ | |
e71a4783 | 2207 | for (i = 0; i < spydata->spy_number; i++) { |
1da177e4 LT |
2208 | memcpy(address[i].sa_data, spydata->spy_address[i], ETH_ALEN); |
2209 | address[i].sa_family = AF_UNIX; | |
2210 | } | |
2211 | /* Copy stats to the user buffer (just after). */ | |
e71a4783 | 2212 | if (spydata->spy_number > 0) |
1da177e4 LT |
2213 | memcpy(extra + (sizeof(struct sockaddr) *spydata->spy_number), |
2214 | spydata->spy_stat, | |
2215 | sizeof(struct iw_quality) * spydata->spy_number); | |
2216 | /* Reset updated flags. */ | |
e71a4783 | 2217 | for (i = 0; i < spydata->spy_number; i++) |
6582c164 | 2218 | spydata->spy_stat[i].updated &= ~IW_QUAL_ALL_UPDATED; |
1da177e4 LT |
2219 | return 0; |
2220 | } | |
2221 | ||
2222 | /*------------------------------------------------------------------*/ | |
2223 | /* | |
2224 | * Standard Wireless Handler : set spy threshold | |
2225 | */ | |
2226 | int iw_handler_set_thrspy(struct net_device * dev, | |
2227 | struct iw_request_info *info, | |
2228 | union iwreq_data * wrqu, | |
2229 | char * extra) | |
2230 | { | |
2231 | struct iw_spy_data * spydata = get_spydata(dev); | |
2232 | struct iw_thrspy * threshold = (struct iw_thrspy *) extra; | |
2233 | ||
2234 | /* Make sure driver is not buggy or using the old API */ | |
e71a4783 | 2235 | if (!spydata) |
1da177e4 LT |
2236 | return -EOPNOTSUPP; |
2237 | ||
2238 | /* Just do it */ | |
2239 | memcpy(&(spydata->spy_thr_low), &(threshold->low), | |
2240 | 2 * sizeof(struct iw_quality)); | |
2241 | ||
2242 | /* Clear flag */ | |
2243 | memset(spydata->spy_thr_under, '\0', sizeof(spydata->spy_thr_under)); | |
2244 | ||
2245 | #ifdef WE_SPY_DEBUG | |
2246 | printk(KERN_DEBUG "iw_handler_set_thrspy() : low %d ; high %d\n", spydata->spy_thr_low.level, spydata->spy_thr_high.level); | |
2247 | #endif /* WE_SPY_DEBUG */ | |
2248 | ||
2249 | return 0; | |
2250 | } | |
2251 | ||
2252 | /*------------------------------------------------------------------*/ | |
2253 | /* | |
2254 | * Standard Wireless Handler : get spy threshold | |
2255 | */ | |
2256 | int iw_handler_get_thrspy(struct net_device * dev, | |
2257 | struct iw_request_info *info, | |
2258 | union iwreq_data * wrqu, | |
2259 | char * extra) | |
2260 | { | |
2261 | struct iw_spy_data * spydata = get_spydata(dev); | |
2262 | struct iw_thrspy * threshold = (struct iw_thrspy *) extra; | |
2263 | ||
2264 | /* Make sure driver is not buggy or using the old API */ | |
e71a4783 | 2265 | if (!spydata) |
1da177e4 LT |
2266 | return -EOPNOTSUPP; |
2267 | ||
2268 | /* Just do it */ | |
2269 | memcpy(&(threshold->low), &(spydata->spy_thr_low), | |
2270 | 2 * sizeof(struct iw_quality)); | |
2271 | ||
2272 | return 0; | |
2273 | } | |
2274 | ||
2275 | /*------------------------------------------------------------------*/ | |
2276 | /* | |
2277 | * Prepare and send a Spy Threshold event | |
2278 | */ | |
2279 | static void iw_send_thrspy_event(struct net_device * dev, | |
2280 | struct iw_spy_data * spydata, | |
2281 | unsigned char * address, | |
2282 | struct iw_quality * wstats) | |
2283 | { | |
2284 | union iwreq_data wrqu; | |
2285 | struct iw_thrspy threshold; | |
2286 | ||
2287 | /* Init */ | |
2288 | wrqu.data.length = 1; | |
2289 | wrqu.data.flags = 0; | |
2290 | /* Copy address */ | |
2291 | memcpy(threshold.addr.sa_data, address, ETH_ALEN); | |
2292 | threshold.addr.sa_family = ARPHRD_ETHER; | |
2293 | /* Copy stats */ | |
2294 | memcpy(&(threshold.qual), wstats, sizeof(struct iw_quality)); | |
2295 | /* Copy also thresholds */ | |
2296 | memcpy(&(threshold.low), &(spydata->spy_thr_low), | |
2297 | 2 * sizeof(struct iw_quality)); | |
2298 | ||
2299 | #ifdef WE_SPY_DEBUG | |
2300 | printk(KERN_DEBUG "iw_send_thrspy_event() : address %02X:%02X:%02X:%02X:%02X:%02X, level %d, up = %d\n", | |
2301 | threshold.addr.sa_data[0], | |
2302 | threshold.addr.sa_data[1], | |
2303 | threshold.addr.sa_data[2], | |
2304 | threshold.addr.sa_data[3], | |
2305 | threshold.addr.sa_data[4], | |
2306 | threshold.addr.sa_data[5], threshold.qual.level); | |
2307 | #endif /* WE_SPY_DEBUG */ | |
2308 | ||
2309 | /* Send event to user space */ | |
2310 | wireless_send_event(dev, SIOCGIWTHRSPY, &wrqu, (char *) &threshold); | |
2311 | } | |
2312 | ||
2313 | /* ---------------------------------------------------------------- */ | |
2314 | /* | |
2315 | * Call for the driver to update the spy data. | |
2316 | * For now, the spy data is a simple array. As the size of the array is | |
2317 | * small, this is good enough. If we wanted to support larger number of | |
2318 | * spy addresses, we should use something more efficient... | |
2319 | */ | |
2320 | void wireless_spy_update(struct net_device * dev, | |
2321 | unsigned char * address, | |
2322 | struct iw_quality * wstats) | |
2323 | { | |
2324 | struct iw_spy_data * spydata = get_spydata(dev); | |
2325 | int i; | |
2326 | int match = -1; | |
2327 | ||
2328 | /* Make sure driver is not buggy or using the old API */ | |
e71a4783 | 2329 | if (!spydata) |
1da177e4 LT |
2330 | return; |
2331 | ||
2332 | #ifdef WE_SPY_DEBUG | |
6582c164 | 2333 | printk(KERN_DEBUG "wireless_spy_update() : wireless_data %p, spydata %p, address %02X:%02X:%02X:%02X:%02X:%02X\n", dev->wireless_data, spydata, address[0], address[1], address[2], address[3], address[4], address[5]); |
1da177e4 LT |
2334 | #endif /* WE_SPY_DEBUG */ |
2335 | ||
2336 | /* Update all records that match */ | |
e71a4783 SH |
2337 | for (i = 0; i < spydata->spy_number; i++) |
2338 | if (!compare_ether_addr(address, spydata->spy_address[i])) { | |
1da177e4 LT |
2339 | memcpy(&(spydata->spy_stat[i]), wstats, |
2340 | sizeof(struct iw_quality)); | |
2341 | match = i; | |
2342 | } | |
2343 | ||
2344 | /* Generate an event if we cross the spy threshold. | |
2345 | * To avoid event storms, we have a simple hysteresis : we generate | |
2346 | * event only when we go under the low threshold or above the | |
2347 | * high threshold. */ | |
e71a4783 SH |
2348 | if (match >= 0) { |
2349 | if (spydata->spy_thr_under[match]) { | |
2350 | if (wstats->level > spydata->spy_thr_high.level) { | |
1da177e4 LT |
2351 | spydata->spy_thr_under[match] = 0; |
2352 | iw_send_thrspy_event(dev, spydata, | |
2353 | address, wstats); | |
2354 | } | |
2355 | } else { | |
e71a4783 | 2356 | if (wstats->level < spydata->spy_thr_low.level) { |
1da177e4 LT |
2357 | spydata->spy_thr_under[match] = 1; |
2358 | iw_send_thrspy_event(dev, spydata, | |
2359 | address, wstats); | |
2360 | } | |
2361 | } | |
2362 | } | |
2363 | } | |
2364 | ||
2365 | EXPORT_SYMBOL(iw_handler_get_spy); | |
2366 | EXPORT_SYMBOL(iw_handler_get_thrspy); | |
2367 | EXPORT_SYMBOL(iw_handler_set_spy); | |
2368 | EXPORT_SYMBOL(iw_handler_set_thrspy); | |
2369 | EXPORT_SYMBOL(wireless_send_event); | |
2370 | EXPORT_SYMBOL(wireless_spy_update); |