search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge branch 'mini2440-dev-unlikely' into mini2440-dev
[linux-2.6/mini2440.git] / net / wireless / wext.c
blob60fe57761ca94bb5d9faf0638c00d373618301e2
1 /*
2 * This file implement the Wireless Extensions APIs.
3 *
4 * Authors : Jean Tourrilhes - HPL - <jt@hpl.hp.com>
5 * Copyright (c) 1997-2007 Jean Tourrilhes, All Rights Reserved.
6 *
7 * (As all part of the Linux kernel, this file is GPL)
8 */
9
10 /************************** DOCUMENTATION **************************/
11 /*
12 * API definition :
13 * --------------
14 * See <linux/wireless.h> for details of the APIs and the rest.
15 *
16 * History :
17 * -------
18 *
19 * v1 - 5.12.01 - Jean II
20 * o Created this file.
21 *
22 * v2 - 13.12.01 - Jean II
23 * o Move /proc/net/wireless stuff from net/core/dev.c to here
24 * o Make Wireless Extension IOCTLs go through here
25 * o Added iw_handler handling ;-)
26 * o Added standard ioctl description
27 * o Initial dumb commit strategy based on orinoco.c
28 *
29 * v3 - 19.12.01 - Jean II
30 * o Make sure we don't go out of standard_ioctl[] in ioctl_standard_call
31 * o Add event dispatcher function
32 * o Add event description
33 * o Propagate events as rtnetlink IFLA_WIRELESS option
34 * o Generate event on selected SET requests
35 *
36 * v4 - 18.04.02 - Jean II
37 * o Fix stupid off by one in iw_ioctl_description : IW_ESSID_MAX_SIZE + 1
38 *
39 * v5 - 21.06.02 - Jean II
40 * o Add IW_PRIV_TYPE_ADDR in priv_type_size (+cleanup)
41 * o Reshuffle IW_HEADER_TYPE_XXX to map IW_PRIV_TYPE_XXX changes
42 * o Add IWEVCUSTOM for driver specific event/scanning token
43 * o Turn on WE_STRICT_WRITE by default + kernel warning
44 * o Fix WE_STRICT_WRITE in ioctl_export_private() (32 => iw_num)
45 * o Fix off-by-one in test (extra_size <= IFNAMSIZ)
46 *
47 * v6 - 9.01.03 - Jean II
48 * o Add common spy support : iw_handler_set_spy(), wireless_spy_update()
49 * o Add enhanced spy support : iw_handler_set_thrspy() and event.
50 * o Add WIRELESS_EXT version display in /proc/net/wireless
51 *
52 * v6 - 18.06.04 - Jean II
53 * o Change get_spydata() method for added safety
54 * o Remove spy #ifdef, they are always on -> cleaner code
55 * o Allow any size GET request if user specifies length > max
56 * and if request has IW_DESCR_FLAG_NOMAX flag or is SIOCGIWPRIV
57 * o Start migrating get_wireless_stats to struct iw_handler_def
58 * o Add wmb() in iw_handler_set_spy() for non-coherent archs/cpus
59 * Based on patch from Pavel Roskin <proski@gnu.org> :
60 * o Fix kernel data leak to user space in private handler handling
61 *
62 * v7 - 18.3.05 - Jean II
63 * o Remove (struct iw_point *)->pointer from events and streams
64 * o Remove spy_offset from struct iw_handler_def
65 * o Start deprecating dev->get_wireless_stats, output a warning
66 * o If IW_QUAL_DBM is set, show dBm values in /proc/net/wireless
67 * o Don't lose INVALID/DBM flags when clearing UPDATED flags (iwstats)
68 *
69 * v8 - 17.02.06 - Jean II
70 * o RtNetlink requests support (SET/GET)
71 *
72 * v8b - 03.08.06 - Herbert Xu
73 * o Fix Wireless Event locking issues.
74 *
75 * v9 - 14.3.06 - Jean II
76 * o Change length in ESSID and NICK to strlen() instead of strlen()+1
77 * o Make standard_ioctl_num and standard_event_num unsigned
78 * o Remove (struct net_device *)->get_wireless_stats()
79 *
80 * v10 - 16.3.07 - Jean II
81 * o Prevent leaking of kernel space in stream on 64 bits.
82 */
83
84 /***************************** INCLUDES *****************************/
85
86 #include <linux/module.h>
87 #include <linux/types.h> /* off_t */
88 #include <linux/netdevice.h> /* struct ifreq, dev_get_by_name() */
89 #include <linux/proc_fs.h>
90 #include <linux/rtnetlink.h> /* rtnetlink stuff */
91 #include <linux/seq_file.h>
92 #include <linux/init.h> /* for __init */
93 #include <linux/if_arp.h> /* ARPHRD_ETHER */
94 #include <linux/etherdevice.h> /* compare_ether_addr */
95 #include <linux/interrupt.h>
96 #include <net/net_namespace.h>
97
98 #include <linux/wireless.h> /* Pretty obvious */
99 #include <net/iw_handler.h> /* New driver API */
100 #include <net/netlink.h>
101 #include <net/wext.h>
102
103 #include <asm/uaccess.h> /* copy_to_user() */
104
105 /************************* GLOBAL VARIABLES *************************/
106 /*
107 * You should not use global variables, because of re-entrancy.
108 * On our case, it's only const, so it's OK...
109 */
110 /*
111 * Meta-data about all the standard Wireless Extension request we
112 * know about.
113 */
114 static const struct iw_ioctl_description standard_ioctl[] = {
115 [SIOCSIWCOMMIT - SIOCIWFIRST] = {
116 .header_type = IW_HEADER_TYPE_NULL,
117 },
118 [SIOCGIWNAME - SIOCIWFIRST] = {
119 .header_type = IW_HEADER_TYPE_CHAR,
120 .flags = IW_DESCR_FLAG_DUMP,
121 },
122 [SIOCSIWNWID - SIOCIWFIRST] = {
123 .header_type = IW_HEADER_TYPE_PARAM,
124 .flags = IW_DESCR_FLAG_EVENT,
125 },
126 [SIOCGIWNWID - SIOCIWFIRST] = {
127 .header_type = IW_HEADER_TYPE_PARAM,
128 .flags = IW_DESCR_FLAG_DUMP,
129 },
130 [SIOCSIWFREQ - SIOCIWFIRST] = {
131 .header_type = IW_HEADER_TYPE_FREQ,
132 .flags = IW_DESCR_FLAG_EVENT,
133 },
134 [SIOCGIWFREQ - SIOCIWFIRST] = {
135 .header_type = IW_HEADER_TYPE_FREQ,
136 .flags = IW_DESCR_FLAG_DUMP,
137 },
138 [SIOCSIWMODE - SIOCIWFIRST] = {
139 .header_type = IW_HEADER_TYPE_UINT,
140 .flags = IW_DESCR_FLAG_EVENT,
141 },
142 [SIOCGIWMODE - SIOCIWFIRST] = {
143 .header_type = IW_HEADER_TYPE_UINT,
144 .flags = IW_DESCR_FLAG_DUMP,
145 },
146 [SIOCSIWSENS - SIOCIWFIRST] = {
147 .header_type = IW_HEADER_TYPE_PARAM,
148 },
149 [SIOCGIWSENS - SIOCIWFIRST] = {
150 .header_type = IW_HEADER_TYPE_PARAM,
151 },
152 [SIOCSIWRANGE - SIOCIWFIRST] = {
153 .header_type = IW_HEADER_TYPE_NULL,
154 },
155 [SIOCGIWRANGE - SIOCIWFIRST] = {
156 .header_type = IW_HEADER_TYPE_POINT,
157 .token_size = 1,
158 .max_tokens = sizeof(struct iw_range),
159 .flags = IW_DESCR_FLAG_DUMP,
160 },
161 [SIOCSIWPRIV - SIOCIWFIRST] = {
162 .header_type = IW_HEADER_TYPE_NULL,
163 },
164 [SIOCGIWPRIV - SIOCIWFIRST] = { /* (handled directly by us) */
165 .header_type = IW_HEADER_TYPE_POINT,
166 .token_size = sizeof(struct iw_priv_args),
167 .max_tokens = 16,
168 .flags = IW_DESCR_FLAG_NOMAX,
169 },
170 [SIOCSIWSTATS - SIOCIWFIRST] = {
171 .header_type = IW_HEADER_TYPE_NULL,
172 },
173 [SIOCGIWSTATS - SIOCIWFIRST] = { /* (handled directly by us) */
174 .header_type = IW_HEADER_TYPE_POINT,
175 .token_size = 1,
176 .max_tokens = sizeof(struct iw_statistics),
177 .flags = IW_DESCR_FLAG_DUMP,
178 },
179 [SIOCSIWSPY - SIOCIWFIRST] = {
180 .header_type = IW_HEADER_TYPE_POINT,
181 .token_size = sizeof(struct sockaddr),
182 .max_tokens = IW_MAX_SPY,
183 },
184 [SIOCGIWSPY - SIOCIWFIRST] = {
185 .header_type = IW_HEADER_TYPE_POINT,
186 .token_size = sizeof(struct sockaddr) +
187 sizeof(struct iw_quality),
188 .max_tokens = IW_MAX_SPY,
189 },
190 [SIOCSIWTHRSPY - SIOCIWFIRST] = {
191 .header_type = IW_HEADER_TYPE_POINT,
192 .token_size = sizeof(struct iw_thrspy),
193 .min_tokens = 1,
194 .max_tokens = 1,
195 },
196 [SIOCGIWTHRSPY - SIOCIWFIRST] = {
197 .header_type = IW_HEADER_TYPE_POINT,
198 .token_size = sizeof(struct iw_thrspy),
199 .min_tokens = 1,
200 .max_tokens = 1,
201 },
202 [SIOCSIWAP - SIOCIWFIRST] = {
203 .header_type = IW_HEADER_TYPE_ADDR,
204 },
205 [SIOCGIWAP - SIOCIWFIRST] = {
206 .header_type = IW_HEADER_TYPE_ADDR,
207 .flags = IW_DESCR_FLAG_DUMP,
208 },
209 [SIOCSIWMLME - SIOCIWFIRST] = {
210 .header_type = IW_HEADER_TYPE_POINT,
211 .token_size = 1,
212 .min_tokens = sizeof(struct iw_mlme),
213 .max_tokens = sizeof(struct iw_mlme),
214 },
215 [SIOCGIWAPLIST - SIOCIWFIRST] = {
216 .header_type = IW_HEADER_TYPE_POINT,
217 .token_size = sizeof(struct sockaddr) +
218 sizeof(struct iw_quality),
219 .max_tokens = IW_MAX_AP,
220 .flags = IW_DESCR_FLAG_NOMAX,
221 },
222 [SIOCSIWSCAN - SIOCIWFIRST] = {
223 .header_type = IW_HEADER_TYPE_POINT,
224 .token_size = 1,
225 .min_tokens = 0,
226 .max_tokens = sizeof(struct iw_scan_req),
227 },
228 [SIOCGIWSCAN - SIOCIWFIRST] = {
229 .header_type = IW_HEADER_TYPE_POINT,
230 .token_size = 1,
231 .max_tokens = IW_SCAN_MAX_DATA,
232 .flags = IW_DESCR_FLAG_NOMAX,
233 },
234 [SIOCSIWESSID - SIOCIWFIRST] = {
235 .header_type = IW_HEADER_TYPE_POINT,
236 .token_size = 1,
237 .max_tokens = IW_ESSID_MAX_SIZE,
238 .flags = IW_DESCR_FLAG_EVENT,
239 },
240 [SIOCGIWESSID - SIOCIWFIRST] = {
241 .header_type = IW_HEADER_TYPE_POINT,
242 .token_size = 1,
243 .max_tokens = IW_ESSID_MAX_SIZE,
244 .flags = IW_DESCR_FLAG_DUMP,
245 },
246 [SIOCSIWNICKN - SIOCIWFIRST] = {
247 .header_type = IW_HEADER_TYPE_POINT,
248 .token_size = 1,
249 .max_tokens = IW_ESSID_MAX_SIZE,
250 },
251 [SIOCGIWNICKN - SIOCIWFIRST] = {
252 .header_type = IW_HEADER_TYPE_POINT,
253 .token_size = 1,
254 .max_tokens = IW_ESSID_MAX_SIZE,
255 },
256 [SIOCSIWRATE - SIOCIWFIRST] = {
257 .header_type = IW_HEADER_TYPE_PARAM,
258 },
259 [SIOCGIWRATE - SIOCIWFIRST] = {
260 .header_type = IW_HEADER_TYPE_PARAM,
261 },
262 [SIOCSIWRTS - SIOCIWFIRST] = {
263 .header_type = IW_HEADER_TYPE_PARAM,
264 },
265 [SIOCGIWRTS - SIOCIWFIRST] = {
266 .header_type = IW_HEADER_TYPE_PARAM,
267 },
268 [SIOCSIWFRAG - SIOCIWFIRST] = {
269 .header_type = IW_HEADER_TYPE_PARAM,
270 },
271 [SIOCGIWFRAG - SIOCIWFIRST] = {
272 .header_type = IW_HEADER_TYPE_PARAM,
273 },
274 [SIOCSIWTXPOW - SIOCIWFIRST] = {
275 .header_type = IW_HEADER_TYPE_PARAM,
276 },
277 [SIOCGIWTXPOW - SIOCIWFIRST] = {
278 .header_type = IW_HEADER_TYPE_PARAM,
279 },
280 [SIOCSIWRETRY - SIOCIWFIRST] = {
281 .header_type = IW_HEADER_TYPE_PARAM,
282 },
283 [SIOCGIWRETRY - SIOCIWFIRST] = {
284 .header_type = IW_HEADER_TYPE_PARAM,
285 },
286 [SIOCSIWENCODE - SIOCIWFIRST] = {
287 .header_type = IW_HEADER_TYPE_POINT,
288 .token_size = 1,
289 .max_tokens = IW_ENCODING_TOKEN_MAX,
290 .flags = IW_DESCR_FLAG_EVENT | IW_DESCR_FLAG_RESTRICT,
291 },
292 [SIOCGIWENCODE - SIOCIWFIRST] = {
293 .header_type = IW_HEADER_TYPE_POINT,
294 .token_size = 1,
295 .max_tokens = IW_ENCODING_TOKEN_MAX,
296 .flags = IW_DESCR_FLAG_DUMP | IW_DESCR_FLAG_RESTRICT,
297 },
298 [SIOCSIWPOWER - SIOCIWFIRST] = {
299 .header_type = IW_HEADER_TYPE_PARAM,
300 },
301 [SIOCGIWPOWER - SIOCIWFIRST] = {
302 .header_type = IW_HEADER_TYPE_PARAM,
303 },
304 [SIOCSIWGENIE - SIOCIWFIRST] = {
305 .header_type = IW_HEADER_TYPE_POINT,
306 .token_size = 1,
307 .max_tokens = IW_GENERIC_IE_MAX,
308 },
309 [SIOCGIWGENIE - SIOCIWFIRST] = {
310 .header_type = IW_HEADER_TYPE_POINT,
311 .token_size = 1,
312 .max_tokens = IW_GENERIC_IE_MAX,
313 },
314 [SIOCSIWAUTH - SIOCIWFIRST] = {
315 .header_type = IW_HEADER_TYPE_PARAM,
316 },
317 [SIOCGIWAUTH - SIOCIWFIRST] = {
318 .header_type = IW_HEADER_TYPE_PARAM,
319 },
320 [SIOCSIWENCODEEXT - SIOCIWFIRST] = {
321 .header_type = IW_HEADER_TYPE_POINT,
322 .token_size = 1,
323 .min_tokens = sizeof(struct iw_encode_ext),
324 .max_tokens = sizeof(struct iw_encode_ext) +
325 IW_ENCODING_TOKEN_MAX,
326 },
327 [SIOCGIWENCODEEXT - SIOCIWFIRST] = {
328 .header_type = IW_HEADER_TYPE_POINT,
329 .token_size = 1,
330 .min_tokens = sizeof(struct iw_encode_ext),
331 .max_tokens = sizeof(struct iw_encode_ext) +
332 IW_ENCODING_TOKEN_MAX,
333 },
334 [SIOCSIWPMKSA - SIOCIWFIRST] = {
335 .header_type = IW_HEADER_TYPE_POINT,
336 .token_size = 1,
337 .min_tokens = sizeof(struct iw_pmksa),
338 .max_tokens = sizeof(struct iw_pmksa),
339 },
340 };
341 static const unsigned standard_ioctl_num = ARRAY_SIZE(standard_ioctl);
342
343 /*
344 * Meta-data about all the additional standard Wireless Extension events
345 * we know about.
346 */
347 static const struct iw_ioctl_description standard_event[] = {
348 [IWEVTXDROP - IWEVFIRST] = {
349 .header_type = IW_HEADER_TYPE_ADDR,
350 },
351 [IWEVQUAL - IWEVFIRST] = {
352 .header_type = IW_HEADER_TYPE_QUAL,
353 },
354 [IWEVCUSTOM - IWEVFIRST] = {
355 .header_type = IW_HEADER_TYPE_POINT,
356 .token_size = 1,
357 .max_tokens = IW_CUSTOM_MAX,
358 },
359 [IWEVREGISTERED - IWEVFIRST] = {
360 .header_type = IW_HEADER_TYPE_ADDR,
361 },
362 [IWEVEXPIRED - IWEVFIRST] = {
363 .header_type = IW_HEADER_TYPE_ADDR,
364 },
365 [IWEVGENIE - IWEVFIRST] = {
366 .header_type = IW_HEADER_TYPE_POINT,
367 .token_size = 1,
368 .max_tokens = IW_GENERIC_IE_MAX,
369 },
370 [IWEVMICHAELMICFAILURE - IWEVFIRST] = {
371 .header_type = IW_HEADER_TYPE_POINT,
372 .token_size = 1,
373 .max_tokens = sizeof(struct iw_michaelmicfailure),
374 },
375 [IWEVASSOCREQIE - IWEVFIRST] = {
376 .header_type = IW_HEADER_TYPE_POINT,
377 .token_size = 1,
378 .max_tokens = IW_GENERIC_IE_MAX,
379 },
380 [IWEVASSOCRESPIE - IWEVFIRST] = {
381 .header_type = IW_HEADER_TYPE_POINT,
382 .token_size = 1,
383 .max_tokens = IW_GENERIC_IE_MAX,
384 },
385 [IWEVPMKIDCAND - IWEVFIRST] = {
386 .header_type = IW_HEADER_TYPE_POINT,
387 .token_size = 1,
388 .max_tokens = sizeof(struct iw_pmkid_cand),
389 },
390 };
391 static const unsigned standard_event_num = ARRAY_SIZE(standard_event);
392
393 /* Size (in bytes) of the various private data types */
394 static const char iw_priv_type_size[] = {
395 0, /* IW_PRIV_TYPE_NONE */
396 1, /* IW_PRIV_TYPE_BYTE */
397 1, /* IW_PRIV_TYPE_CHAR */
398 0, /* Not defined */
399 sizeof(__u32), /* IW_PRIV_TYPE_INT */
400 sizeof(struct iw_freq), /* IW_PRIV_TYPE_FLOAT */
401 sizeof(struct sockaddr), /* IW_PRIV_TYPE_ADDR */
402 0, /* Not defined */
403 };
404
405 /* Size (in bytes) of various events */
406 static const int event_type_size[] = {
407 IW_EV_LCP_LEN, /* IW_HEADER_TYPE_NULL */
408 0,
409 IW_EV_CHAR_LEN, /* IW_HEADER_TYPE_CHAR */
410 0,
411 IW_EV_UINT_LEN, /* IW_HEADER_TYPE_UINT */
412 IW_EV_FREQ_LEN, /* IW_HEADER_TYPE_FREQ */
413 IW_EV_ADDR_LEN, /* IW_HEADER_TYPE_ADDR */
414 0,
415 IW_EV_POINT_LEN, /* Without variable payload */
416 IW_EV_PARAM_LEN, /* IW_HEADER_TYPE_PARAM */
417 IW_EV_QUAL_LEN, /* IW_HEADER_TYPE_QUAL */
418 };
419
420 #ifdef CONFIG_COMPAT
421 static const int compat_event_type_size[] = {
422 IW_EV_COMPAT_LCP_LEN, /* IW_HEADER_TYPE_NULL */
423 0,
424 IW_EV_COMPAT_CHAR_LEN, /* IW_HEADER_TYPE_CHAR */
425 0,
426 IW_EV_COMPAT_UINT_LEN, /* IW_HEADER_TYPE_UINT */
427 IW_EV_COMPAT_FREQ_LEN, /* IW_HEADER_TYPE_FREQ */
428 IW_EV_COMPAT_ADDR_LEN, /* IW_HEADER_TYPE_ADDR */
429 0,
430 IW_EV_COMPAT_POINT_LEN, /* Without variable payload */
431 IW_EV_COMPAT_PARAM_LEN, /* IW_HEADER_TYPE_PARAM */
432 IW_EV_COMPAT_QUAL_LEN, /* IW_HEADER_TYPE_QUAL */
433 };
434 #endif
435
436 /************************ COMMON SUBROUTINES ************************/
437 /*
438 * Stuff that may be used in various place or doesn't fit in one
439 * of the section below.
440 */
441
442 /* ---------------------------------------------------------------- */
443 /*
444 * Return the driver handler associated with a specific Wireless Extension.
445 */
446 static iw_handler get_handler(struct net_device *dev, unsigned int cmd)
447 {
448 /* Don't "optimise" the following variable, it will crash */
449 unsigned int index; /* *MUST* be unsigned */
450
451 /* Check if we have some wireless handlers defined */
452 if (dev->wireless_handlers == NULL)
453 return NULL;
454
455 /* Try as a standard command */
456 index = cmd - SIOCIWFIRST;
457 if (index < dev->wireless_handlers->num_standard)
458 return dev->wireless_handlers->standard[index];
459
460 /* Try as a private command */
461 index = cmd - SIOCIWFIRSTPRIV;
462 if (index < dev->wireless_handlers->num_private)
463 return dev->wireless_handlers->private[index];
464
465 /* Not found */
466 return NULL;
467 }
468
469 /* ---------------------------------------------------------------- */
470 /*
471 * Get statistics out of the driver
472 */
473 struct iw_statistics *get_wireless_stats(struct net_device *dev)
474 {
475 /* New location */
476 if ((dev->wireless_handlers != NULL) &&
477 (dev->wireless_handlers->get_wireless_stats != NULL))
478 return dev->wireless_handlers->get_wireless_stats(dev);
479
480 /* Not found */
481 return NULL;
482 }
483
484 /* ---------------------------------------------------------------- */
485 /*
486 * Call the commit handler in the driver
487 * (if exist and if conditions are right)
488 *
489 * Note : our current commit strategy is currently pretty dumb,
490 * but we will be able to improve on that...
491 * The goal is to try to agreagate as many changes as possible
492 * before doing the commit. Drivers that will define a commit handler
493 * are usually those that need a reset after changing parameters, so
494 * we want to minimise the number of reset.
495 * A cool idea is to use a timer : at each "set" command, we re-set the
496 * timer, when the timer eventually fires, we call the driver.
497 * Hopefully, more on that later.
498 *
499 * Also, I'm waiting to see how many people will complain about the
500 * netif_running(dev) test. I'm open on that one...
501 * Hopefully, the driver will remember to do a commit in "open()" ;-)
502 */
503 static int call_commit_handler(struct net_device *dev)
504 {
505 if ((netif_running(dev)) &&
506 (dev->wireless_handlers->standard[0] != NULL))
507 /* Call the commit handler on the driver */
508 return dev->wireless_handlers->standard[0](dev, NULL,
509 NULL, NULL);
510 else
511 return 0; /* Command completed successfully */
512 }
513
514 /* ---------------------------------------------------------------- */
515 /*
516 * Calculate size of private arguments
517 */
518 static int get_priv_size(__u16 args)
519 {
520 int num = args & IW_PRIV_SIZE_MASK;
521 int type = (args & IW_PRIV_TYPE_MASK) >> 12;
522
523 return num * iw_priv_type_size[type];
524 }
525
526 /* ---------------------------------------------------------------- */
527 /*
528 * Re-calculate the size of private arguments
529 */
530 static int adjust_priv_size(__u16 args, struct iw_point *iwp)
531 {
532 int num = iwp->length;
533 int max = args & IW_PRIV_SIZE_MASK;
534 int type = (args & IW_PRIV_TYPE_MASK) >> 12;
535
536 /* Make sure the driver doesn't goof up */
537 if (max < num)
538 num = max;
539
540 return num * iw_priv_type_size[type];
541 }
542
543 /* ---------------------------------------------------------------- */
544 /*
545 * Standard Wireless Handler : get wireless stats
546 * Allow programatic access to /proc/net/wireless even if /proc
547 * doesn't exist... Also more efficient...
548 */
549 static int iw_handler_get_iwstats(struct net_device * dev,
550 struct iw_request_info * info,
551 union iwreq_data * wrqu,
552 char * extra)
553 {
554 /* Get stats from the driver */
555 struct iw_statistics *stats;
556
557 stats = get_wireless_stats(dev);
558 if (stats) {
559 /* Copy statistics to extra */
560 memcpy(extra, stats, sizeof(struct iw_statistics));
561 wrqu->data.length = sizeof(struct iw_statistics);
562
563 /* Check if we need to clear the updated flag */
564 if (wrqu->data.flags != 0)
565 stats->qual.updated &= ~IW_QUAL_ALL_UPDATED;
566 return 0;
567 } else
568 return -EOPNOTSUPP;
569 }
570
571 /* ---------------------------------------------------------------- */
572 /*
573 * Standard Wireless Handler : get iwpriv definitions
574 * Export the driver private handler definition
575 * They will be picked up by tools like iwpriv...
576 */
577 static int iw_handler_get_private(struct net_device * dev,
578 struct iw_request_info * info,
579 union iwreq_data * wrqu,
580 char * extra)
581 {
582 /* Check if the driver has something to export */
583 if ((dev->wireless_handlers->num_private_args == 0) ||
584 (dev->wireless_handlers->private_args == NULL))
585 return -EOPNOTSUPP;
586
587 /* Check if there is enough buffer up there */
588 if (wrqu->data.length < dev->wireless_handlers->num_private_args) {
589 /* User space can't know in advance how large the buffer
590 * needs to be. Give it a hint, so that we can support
591 * any size buffer we want somewhat efficiently... */
592 wrqu->data.length = dev->wireless_handlers->num_private_args;
593 return -E2BIG;
594 }
595
596 /* Set the number of available ioctls. */
597 wrqu->data.length = dev->wireless_handlers->num_private_args;
598
599 /* Copy structure to the user buffer. */
600 memcpy(extra, dev->wireless_handlers->private_args,
601 sizeof(struct iw_priv_args) * wrqu->data.length);
602
603 return 0;
604 }
605
606
607 /******************** /proc/net/wireless SUPPORT ********************/
608 /*
609 * The /proc/net/wireless file is a human readable user-space interface
610 * exporting various wireless specific statistics from the wireless devices.
611 * This is the most popular part of the Wireless Extensions ;-)
612 *
613 * This interface is a pure clone of /proc/net/dev (in net/core/dev.c).
614 * The content of the file is basically the content of "struct iw_statistics".
615 */
616
617 #ifdef CONFIG_PROC_FS
618
619 /* ---------------------------------------------------------------- */
620 /*
621 * Print one entry (line) of /proc/net/wireless
622 */
623 static void wireless_seq_printf_stats(struct seq_file *seq,
624 struct net_device *dev)
625 {
626 /* Get stats from the driver */
627 struct iw_statistics *stats = get_wireless_stats(dev);
628 static struct iw_statistics nullstats = {};
629
630 /* show device if it's wireless regardless of current stats */
631 if (!stats && dev->wireless_handlers)
632 stats = &nullstats;
633
634 if (stats) {
635 seq_printf(seq, "%6s: %04x %3d%c %3d%c %3d%c %6d %6d %6d "
636 "%6d %6d %6d\n",
637 dev->name, stats->status, stats->qual.qual,
638 stats->qual.updated & IW_QUAL_QUAL_UPDATED
639 ? '.' : ' ',
640 ((__s32) stats->qual.level) -
641 ((stats->qual.updated & IW_QUAL_DBM) ? 0x100 : 0),
642 stats->qual.updated & IW_QUAL_LEVEL_UPDATED
643 ? '.' : ' ',
644 ((__s32) stats->qual.noise) -
645 ((stats->qual.updated & IW_QUAL_DBM) ? 0x100 : 0),
646 stats->qual.updated & IW_QUAL_NOISE_UPDATED
647 ? '.' : ' ',
648 stats->discard.nwid, stats->discard.code,
649 stats->discard.fragment, stats->discard.retries,
650 stats->discard.misc, stats->miss.beacon);
651
652 if (stats != &nullstats)
653 stats->qual.updated &= ~IW_QUAL_ALL_UPDATED;
654 }
655 }
656
657 /* ---------------------------------------------------------------- */
658 /*
659 * Print info for /proc/net/wireless (print all entries)
660 */
661 static int wireless_dev_seq_show(struct seq_file *seq, void *v)
662 {
663 might_sleep();
664
665 if (v == SEQ_START_TOKEN)
666 seq_printf(seq, "Inter-| sta-| Quality | Discarded "
667 "packets | Missed | WE\n"
668 " face | tus | link level noise | nwid "
669 "crypt frag retry misc | beacon | %d\n",
670 WIRELESS_EXT);
671 else
672 wireless_seq_printf_stats(seq, v);
673 return 0;
674 }
675
676 static void *wireless_dev_seq_start(struct seq_file *seq, loff_t *pos)
677 {
678 struct net *net = seq_file_net(seq);
679 loff_t off;
680 struct net_device *dev;
681
682 rtnl_lock();
683 if (!*pos)
684 return SEQ_START_TOKEN;
685
686 off = 1;
687 for_each_netdev(net, dev)
688 if (off++ == *pos)
689 return dev;
690 return NULL;
691 }
692
693 static void *wireless_dev_seq_next(struct seq_file *seq, void *v, loff_t *pos)
694 {
695 struct net *net = seq_file_net(seq);
696
697 ++*pos;
698
699 return v == SEQ_START_TOKEN ?
700 first_net_device(net) : next_net_device(v);
701 }
702
703 static void wireless_dev_seq_stop(struct seq_file *seq, void *v)
704 {
705 rtnl_unlock();
706 }
707
708 static const struct seq_operations wireless_seq_ops = {
709 .start = wireless_dev_seq_start,
710 .next = wireless_dev_seq_next,
711 .stop = wireless_dev_seq_stop,
712 .show = wireless_dev_seq_show,
713 };
714
715 static int seq_open_wireless(struct inode *inode, struct file *file)
716 {
717 return seq_open_net(inode, file, &wireless_seq_ops,
718 sizeof(struct seq_net_private));
719 }
720
721 static const struct file_operations wireless_seq_fops = {
722 .owner = THIS_MODULE,
723 .open = seq_open_wireless,
724 .read = seq_read,
725 .llseek = seq_lseek,
726 .release = seq_release_net,
727 };
728
729 int wext_proc_init(struct net *net)
730 {
731 /* Create /proc/net/wireless entry */
732 if (!proc_net_fops_create(net, "wireless", S_IRUGO, &wireless_seq_fops))
733 return -ENOMEM;
734
735 return 0;
736 }
737
738 void wext_proc_exit(struct net *net)
739 {
740 proc_net_remove(net, "wireless");
741 }
742 #endif /* CONFIG_PROC_FS */
743
744 /************************** IOCTL SUPPORT **************************/
745 /*
746 * The original user space API to configure all those Wireless Extensions
747 * is through IOCTLs.
748 * In there, we check if we need to call the new driver API (iw_handler)
749 * or just call the driver ioctl handler.
750 */
751
752 /* ---------------------------------------------------------------- */
753 static int ioctl_standard_iw_point(struct iw_point *iwp, unsigned int cmd,
754 const struct iw_ioctl_description *descr,
755 iw_handler handler, struct net_device *dev,
756 struct iw_request_info *info)
757 {
758 int err, extra_size, user_length = 0, essid_compat = 0;
759 char *extra;
760
761 /* Calculate space needed by arguments. Always allocate
762 * for max space.
763 */
764 extra_size = descr->max_tokens * descr->token_size;
765
766 /* Check need for ESSID compatibility for WE < 21 */
767 switch (cmd) {
768 case SIOCSIWESSID:
769 case SIOCGIWESSID:
770 case SIOCSIWNICKN:
771 case SIOCGIWNICKN:
772 if (iwp->length == descr->max_tokens + 1)
773 essid_compat = 1;
774 else if (IW_IS_SET(cmd) && (iwp->length != 0)) {
775 char essid[IW_ESSID_MAX_SIZE + 1];
776 unsigned int len;
777 len = iwp->length * descr->token_size;
778
779 if (len > IW_ESSID_MAX_SIZE)
780 return -EFAULT;
781
782 err = copy_from_user(essid, iwp->pointer, len);
783 if (err)
784 return -EFAULT;
785
786 if (essid[iwp->length - 1] == '\0')
787 essid_compat = 1;
788 }
789 break;
790 default:
791 break;
792 }
793
794 iwp->length -= essid_compat;
795
796 /* Check what user space is giving us */
797 if (IW_IS_SET(cmd)) {
798 /* Check NULL pointer */
799 if (!iwp->pointer && iwp->length != 0)
800 return -EFAULT;
801 /* Check if number of token fits within bounds */
802 if (iwp->length > descr->max_tokens)
803 return -E2BIG;
804 if (iwp->length < descr->min_tokens)
805 return -EINVAL;
806 } else {
807 /* Check NULL pointer */
808 if (!iwp->pointer)
809 return -EFAULT;
810 /* Save user space buffer size for checking */
811 user_length = iwp->length;
812
813 /* Don't check if user_length > max to allow forward
814 * compatibility. The test user_length < min is
815 * implied by the test at the end.
816 */
817
818 /* Support for very large requests */
819 if ((descr->flags & IW_DESCR_FLAG_NOMAX) &&
820 (user_length > descr->max_tokens)) {
821 /* Allow userspace to GET more than max so
822 * we can support any size GET requests.
823 * There is still a limit : -ENOMEM.
824 */
825 extra_size = user_length * descr->token_size;
826
827 /* Note : user_length is originally a __u16,
828 * and token_size is controlled by us,
829 * so extra_size won't get negative and
830 * won't overflow...
831 */
832 }
833 }
834
835 /* kzalloc() ensures NULL-termination for essid_compat. */
836 extra = kzalloc(extra_size, GFP_KERNEL);
837 if (!extra)
838 return -ENOMEM;
839
840 /* If it is a SET, get all the extra data in here */
841 if (IW_IS_SET(cmd) && (iwp->length != 0)) {
842 if (copy_from_user(extra, iwp->pointer,
843 iwp->length *
844 descr->token_size)) {
845 err = -EFAULT;
846 goto out;
847 }
848
849 if (cmd == SIOCSIWENCODEEXT) {
850 struct iw_encode_ext *ee = (void *) extra;
851
852 if (iwp->length < sizeof(*ee) + ee->key_len)
853 return -EFAULT;
854 }
855 }
856
857 err = handler(dev, info, (union iwreq_data *) iwp, extra);
858
859 iwp->length += essid_compat;
860
861 /* If we have something to return to the user */
862 if (!err && IW_IS_GET(cmd)) {
863 /* Check if there is enough buffer up there */
864 if (user_length < iwp->length) {
865 err = -E2BIG;
866 goto out;
867 }
868
869 if (copy_to_user(iwp->pointer, extra,
870 iwp->length *
871 descr->token_size)) {
872 err = -EFAULT;
873 goto out;
874 }
875 }
876
877 /* Generate an event to notify listeners of the change */
878 if ((descr->flags & IW_DESCR_FLAG_EVENT) && err == -EIWCOMMIT) {
879 union iwreq_data *data = (union iwreq_data *) iwp;
880
881 if (descr->flags & IW_DESCR_FLAG_RESTRICT)
882 /* If the event is restricted, don't
883 * export the payload.
884 */
885 wireless_send_event(dev, cmd, data, NULL);
886 else
887 wireless_send_event(dev, cmd, data, extra);
888 }
889
890 out:
891 kfree(extra);
892 return err;
893 }
894
895 /*
896 * Wrapper to call a standard Wireless Extension handler.
897 * We do various checks and also take care of moving data between
898 * user space and kernel space.
899 */
900 static int ioctl_standard_call(struct net_device * dev,
901 struct iwreq *iwr,
902 unsigned int cmd,
903 struct iw_request_info *info,
904 iw_handler handler)
905 {
906 const struct iw_ioctl_description * descr;
907 int ret = -EINVAL;
908
909 /* Get the description of the IOCTL */
910 if ((cmd - SIOCIWFIRST) >= standard_ioctl_num)
911 return -EOPNOTSUPP;
912 descr = &(standard_ioctl[cmd - SIOCIWFIRST]);
913
914 /* Check if we have a pointer to user space data or not */
915 if (descr->header_type != IW_HEADER_TYPE_POINT) {
916
917 /* No extra arguments. Trivial to handle */
918 ret = handler(dev, info, &(iwr->u), NULL);
919
920 /* Generate an event to notify listeners of the change */
921 if ((descr->flags & IW_DESCR_FLAG_EVENT) &&
922 ((ret == 0) || (ret == -EIWCOMMIT)))
923 wireless_send_event(dev, cmd, &(iwr->u), NULL);
924 } else {
925 ret = ioctl_standard_iw_point(&iwr->u.data, cmd, descr,
926 handler, dev, info);
927 }
928
929 /* Call commit handler if needed and defined */
930 if (ret == -EIWCOMMIT)
931 ret = call_commit_handler(dev);
932
933 /* Here, we will generate the appropriate event if needed */
934
935 return ret;
936 }
937
938 /* ---------------------------------------------------------------- */
939 /*
940 * Wrapper to call a private Wireless Extension handler.
941 * We do various checks and also take care of moving data between
942 * user space and kernel space.
943 * It's not as nice and slimline as the standard wrapper. The cause
944 * is struct iw_priv_args, which was not really designed for the
945 * job we are going here.
946 *
947 * IMPORTANT : This function prevent to set and get data on the same
948 * IOCTL and enforce the SET/GET convention. Not doing it would be
949 * far too hairy...
950 * If you need to set and get data at the same time, please don't use
951 * a iw_handler but process it in your ioctl handler (i.e. use the
952 * old driver API).
953 */
954 static int get_priv_descr_and_size(struct net_device *dev, unsigned int cmd,
955 const struct iw_priv_args **descrp)
956 {
957 const struct iw_priv_args *descr;
958 int i, extra_size;
959
960 descr = NULL;
961 for (i = 0; i < dev->wireless_handlers->num_private_args; i++) {
962 if (cmd == dev->wireless_handlers->private_args[i].cmd) {
963 descr = &dev->wireless_handlers->private_args[i];
964 break;
965 }
966 }
967
968 extra_size = 0;
969 if (descr) {
970 if (IW_IS_SET(cmd)) {
971 int offset = 0; /* For sub-ioctls */
972 /* Check for sub-ioctl handler */
973 if (descr->name[0] == '\0')
974 /* Reserve one int for sub-ioctl index */
975 offset = sizeof(__u32);
976
977 /* Size of set arguments */
978 extra_size = get_priv_size(descr->set_args);
979
980 /* Does it fits in iwr ? */
981 if ((descr->set_args & IW_PRIV_SIZE_FIXED) &&
982 ((extra_size + offset) <= IFNAMSIZ))
983 extra_size = 0;
984 } else {
985 /* Size of get arguments */
986 extra_size = get_priv_size(descr->get_args);
987
988 /* Does it fits in iwr ? */
989 if ((descr->get_args & IW_PRIV_SIZE_FIXED) &&
990 (extra_size <= IFNAMSIZ))
991 extra_size = 0;
992 }
993 }
994 *descrp = descr;
995 return extra_size;
996 }
997
998 static int ioctl_private_iw_point(struct iw_point *iwp, unsigned int cmd,
999 const struct iw_priv_args *descr,
1000 iw_handler handler, struct net_device *dev,
1001 struct iw_request_info *info, int extra_size)
1002 {
1003 char *extra;
1004 int err;
1005
1006 /* Check what user space is giving us */
1007 if (IW_IS_SET(cmd)) {
1008 if (!iwp->pointer && iwp->length != 0)
1009 return -EFAULT;
1010
1011 if (iwp->length > (descr->set_args & IW_PRIV_SIZE_MASK))
1012 return -E2BIG;
1013 } else if (!iwp->pointer)
1014 return -EFAULT;
1015
1016 extra = kmalloc(extra_size, GFP_KERNEL);
1017 if (!extra)
1018 return -ENOMEM;
1019
1020 /* If it is a SET, get all the extra data in here */
1021 if (IW_IS_SET(cmd) && (iwp->length != 0)) {
1022 if (copy_from_user(extra, iwp->pointer, extra_size)) {
1023 err = -EFAULT;
1024 goto out;
1025 }
1026 }
1027
1028 /* Call the handler */
1029 err = handler(dev, info, (union iwreq_data *) iwp, extra);
1030
1031 /* If we have something to return to the user */
1032 if (!err && IW_IS_GET(cmd)) {
1033 /* Adjust for the actual length if it's variable,
1034 * avoid leaking kernel bits outside.
1035 */
1036 if (!(descr->get_args & IW_PRIV_SIZE_FIXED))
1037 extra_size = adjust_priv_size(descr->get_args, iwp);
1038
1039 if (copy_to_user(iwp->pointer, extra, extra_size))
1040 err = -EFAULT;
1041 }
1042
1043 out:
1044 kfree(extra);
1045 return err;
1046 }
1047
1048 static int ioctl_private_call(struct net_device *dev, struct iwreq *iwr,
1049 unsigned int cmd, struct iw_request_info *info,
1050 iw_handler handler)
1051 {
1052 int extra_size = 0, ret = -EINVAL;
1053 const struct iw_priv_args *descr;
1054
1055 extra_size = get_priv_descr_and_size(dev, cmd, &descr);
1056
1057 /* Check if we have a pointer to user space data or not. */
1058 if (extra_size == 0) {
1059 /* No extra arguments. Trivial to handle */
1060 ret = handler(dev, info, &(iwr->u), (char *) &(iwr->u));
1061 } else {
1062 ret = ioctl_private_iw_point(&iwr->u.data, cmd, descr,
1063 handler, dev, info, extra_size);
1064 }
1065
1066 /* Call commit handler if needed and defined */
1067 if (ret == -EIWCOMMIT)
1068 ret = call_commit_handler(dev);
1069
1070 return ret;
1071 }
1072
1073 /* ---------------------------------------------------------------- */
1074 typedef int (*wext_ioctl_func)(struct net_device *, struct iwreq *,
1075 unsigned int, struct iw_request_info *,
1076 iw_handler);
1077
1078 /*
1079 * Main IOCTl dispatcher.
1080 * Check the type of IOCTL and call the appropriate wrapper...
1081 */
1082 static int wireless_process_ioctl(struct net *net, struct ifreq *ifr,
1083 unsigned int cmd,
1084 struct iw_request_info *info,
1085 wext_ioctl_func standard,
1086 wext_ioctl_func private)
1087 {
1088 struct iwreq *iwr = (struct iwreq *) ifr;
1089 struct net_device *dev;
1090 iw_handler handler;
1091
1092 /* Permissions are already checked in dev_ioctl() before calling us.
1093 * The copy_to/from_user() of ifr is also dealt with in there */
1094
1095 /* Make sure the device exist */
1096 if ((dev = __dev_get_by_name(net, ifr->ifr_name)) == NULL)
1097 return -ENODEV;
1098
1099 /* A bunch of special cases, then the generic case...
1100 * Note that 'cmd' is already filtered in dev_ioctl() with
1101 * (cmd >= SIOCIWFIRST && cmd <= SIOCIWLAST) */
1102 if (cmd == SIOCGIWSTATS)
1103 return standard(dev, iwr, cmd, info,
1104 &iw_handler_get_iwstats);
1105
1106 if (cmd == SIOCGIWPRIV && dev->wireless_handlers)
1107 return standard(dev, iwr, cmd, info,
1108 &iw_handler_get_private);
1109
1110 /* Basic check */
1111 if (!netif_device_present(dev))
1112 return -ENODEV;
1113
1114 /* New driver API : try to find the handler */
1115 handler = get_handler(dev, cmd);
1116 if (handler) {
1117 /* Standard and private are not the same */
1118 if (cmd < SIOCIWFIRSTPRIV)
1119 return standard(dev, iwr, cmd, info, handler);
1120 else
1121 return private(dev, iwr, cmd, info, handler);
1122 }
1123 /* Old driver API : call driver ioctl handler */
1124 if (dev->netdev_ops->ndo_do_ioctl)
1125 return dev->netdev_ops->ndo_do_ioctl(dev, ifr, cmd);
1126 return -EOPNOTSUPP;
1127 }
1128
1129 /* If command is `set a parameter', or `get the encoding parameters',
1130 * check if the user has the right to do it.
1131 */
1132 static int wext_permission_check(unsigned int cmd)
1133 {
1134 if ((IW_IS_SET(cmd) || cmd == SIOCGIWENCODE || cmd == SIOCGIWENCODEEXT)
1135 && !capable(CAP_NET_ADMIN))
1136 return -EPERM;
1137
1138 return 0;
1139 }
1140
1141 /* entry point from dev ioctl */
1142 static int wext_ioctl_dispatch(struct net *net, struct ifreq *ifr,
1143 unsigned int cmd, struct iw_request_info *info,
1144 wext_ioctl_func standard,
1145 wext_ioctl_func private)
1146 {
1147 int ret = wext_permission_check(cmd);
1148
1149 if (ret)
1150 return ret;
1151
1152 dev_load(net, ifr->ifr_name);
1153 rtnl_lock();
1154 ret = wireless_process_ioctl(net, ifr, cmd, info, standard, private);
1155 rtnl_unlock();
1156
1157 return ret;
1158 }
1159
1160 int wext_handle_ioctl(struct net *net, struct ifreq *ifr, unsigned int cmd,
1161 void __user *arg)
1162 {
1163 struct iw_request_info info = { .cmd = cmd, .flags = 0 };
1164 int ret;
1165
1166 ret = wext_ioctl_dispatch(net, ifr, cmd, &info,
1167 ioctl_standard_call,
1168 ioctl_private_call);
1169 if (ret >= 0 &&
1170 IW_IS_GET(cmd) &&
1171 copy_to_user(arg, ifr, sizeof(struct iwreq)))
1172 return -EFAULT;
1173
1174 return ret;
1175 }
1176
1177 #ifdef CONFIG_COMPAT
1178 static int compat_standard_call(struct net_device *dev,
1179 struct iwreq *iwr,
1180 unsigned int cmd,
1181 struct iw_request_info *info,
1182 iw_handler handler)
1183 {
1184 const struct iw_ioctl_description *descr;
1185 struct compat_iw_point *iwp_compat;
1186 struct iw_point iwp;
1187 int err;
1188
1189 descr = standard_ioctl + (cmd - SIOCIWFIRST);
1190
1191 if (descr->header_type != IW_HEADER_TYPE_POINT)
1192 return ioctl_standard_call(dev, iwr, cmd, info, handler);
1193
1194 iwp_compat = (struct compat_iw_point *) &iwr->u.data;
1195 iwp.pointer = compat_ptr(iwp_compat->pointer);
1196 iwp.length = iwp_compat->length;
1197 iwp.flags = iwp_compat->flags;
1198
1199 err = ioctl_standard_iw_point(&iwp, cmd, descr, handler, dev, info);
1200
1201 iwp_compat->pointer = ptr_to_compat(iwp.pointer);
1202 iwp_compat->length = iwp.length;
1203 iwp_compat->flags = iwp.flags;
1204
1205 return err;
1206 }
1207
1208 static int compat_private_call(struct net_device *dev, struct iwreq *iwr,
1209 unsigned int cmd, struct iw_request_info *info,
1210 iw_handler handler)
1211 {
1212 const struct iw_priv_args *descr;
1213 int ret, extra_size;
1214
1215 extra_size = get_priv_descr_and_size(dev, cmd, &descr);
1216
1217 /* Check if we have a pointer to user space data or not. */
1218 if (extra_size == 0) {
1219 /* No extra arguments. Trivial to handle */
1220 ret = handler(dev, info, &(iwr->u), (char *) &(iwr->u));
1221 } else {
1222 struct compat_iw_point *iwp_compat;
1223 struct iw_point iwp;
1224
1225 iwp_compat = (struct compat_iw_point *) &iwr->u.data;
1226 iwp.pointer = compat_ptr(iwp_compat->pointer);
1227 iwp.length = iwp_compat->length;
1228 iwp.flags = iwp_compat->flags;
1229
1230 ret = ioctl_private_iw_point(&iwp, cmd, descr,
1231 handler, dev, info, extra_size);
1232
1233 iwp_compat->pointer = ptr_to_compat(iwp.pointer);
1234 iwp_compat->length = iwp.length;
1235 iwp_compat->flags = iwp.flags;
1236 }
1237
1238 /* Call commit handler if needed and defined */
1239 if (ret == -EIWCOMMIT)
1240 ret = call_commit_handler(dev);
1241
1242 return ret;
1243 }
1244
1245 int compat_wext_handle_ioctl(struct net *net, unsigned int cmd,
1246 unsigned long arg)
1247 {
1248 void __user *argp = (void __user *)arg;
1249 struct iw_request_info info;
1250 struct iwreq iwr;
1251 char *colon;
1252 int ret;
1253
1254 if (copy_from_user(&iwr, argp, sizeof(struct iwreq)))
1255 return -EFAULT;
1256
1257 iwr.ifr_name[IFNAMSIZ-1] = 0;
1258 colon = strchr(iwr.ifr_name, ':');
1259 if (colon)
1260 *colon = 0;
1261
1262 info.cmd = cmd;
1263 info.flags = IW_REQUEST_FLAG_COMPAT;
1264
1265 ret = wext_ioctl_dispatch(net, (struct ifreq *) &iwr, cmd, &info,
1266 compat_standard_call,
1267 compat_private_call);
1268
1269 if (ret >= 0 &&
1270 IW_IS_GET(cmd) &&
1271 copy_to_user(argp, &iwr, sizeof(struct iwreq)))
1272 return -EFAULT;
1273
1274 return ret;
1275 }
1276 #endif
1277
1278 static int __net_init wext_pernet_init(struct net *net)
1279 {
1280 skb_queue_head_init(&net->wext_nlevents);
1281 return 0;
1282 }
1283
1284 static void __net_exit wext_pernet_exit(struct net *net)
1285 {
1286 skb_queue_purge(&net->wext_nlevents);
1287 }
1288
1289 static struct pernet_operations wext_pernet_ops = {
1290 .init = wext_pernet_init,
1291 .exit = wext_pernet_exit,
1292 };
1293
1294 static int __init wireless_nlevent_init(void)
1295 {
1296 return register_pernet_subsys(&wext_pernet_ops);
1297 }
1298
1299 subsys_initcall(wireless_nlevent_init);
1300
1301 /* Process events generated by the wireless layer or the driver. */
1302 static void wireless_nlevent_process(struct work_struct *work)
1303 {
1304 struct sk_buff *skb;
1305 struct net *net;
1306
1307 rtnl_lock();
1308
1309 for_each_net(net) {
1310 while ((skb = skb_dequeue(&net->wext_nlevents)))
1311 rtnl_notify(skb, net, 0, RTNLGRP_LINK, NULL,
1312 GFP_KERNEL);
1313 }
1314
1315 rtnl_unlock();
1316 }
1317
1318 static DECLARE_WORK(wireless_nlevent_work, wireless_nlevent_process);
1319
1320 static struct nlmsghdr *rtnetlink_ifinfo_prep(struct net_device *dev,
1321 struct sk_buff *skb)
1322 {
1323 struct ifinfomsg *r;
1324 struct nlmsghdr *nlh;
1325
1326 nlh = nlmsg_put(skb, 0, 0, RTM_NEWLINK, sizeof(*r), 0);
1327 if (!nlh)
1328 return NULL;
1329
1330 r = nlmsg_data(nlh);
1331 r->ifi_family = AF_UNSPEC;
1332 r->__ifi_pad = 0;
1333 r->ifi_type = dev->type;
1334 r->ifi_index = dev->ifindex;
1335 r->ifi_flags = dev_get_flags(dev);
1336 r->ifi_change = 0; /* Wireless changes don't affect those flags */
1337
1338 NLA_PUT_STRING(skb, IFLA_IFNAME, dev->name);
1339
1340 return nlh;
1341 nla_put_failure:
1342 nlmsg_cancel(skb, nlh);
1343 return NULL;
1344 }
1345
1346
1347 /*
1348 * Main event dispatcher. Called from other parts and drivers.
1349 * Send the event on the appropriate channels.
1350 * May be called from interrupt context.
1351 */
1352 void wireless_send_event(struct net_device * dev,
1353 unsigned int cmd,
1354 union iwreq_data * wrqu,
1355 const char * extra)
1356 {
1357 const struct iw_ioctl_description * descr = NULL;
1358 int extra_len = 0;
1359 struct iw_event *event; /* Mallocated whole event */
1360 int event_len; /* Its size */
1361 int hdr_len; /* Size of the event header */
1362 int wrqu_off = 0; /* Offset in wrqu */
1363 /* Don't "optimise" the following variable, it will crash */
1364 unsigned cmd_index; /* *MUST* be unsigned */
1365 struct sk_buff *skb;
1366 struct nlmsghdr *nlh;
1367 struct nlattr *nla;
1368 #ifdef CONFIG_COMPAT
1369 struct __compat_iw_event *compat_event;
1370 struct compat_iw_point compat_wrqu;
1371 struct sk_buff *compskb;
1372 #endif
1373
1374 /*
1375 * Nothing in the kernel sends scan events with data, be safe.
1376 * This is necessary because we cannot fix up scan event data
1377 * for compat, due to being contained in 'extra', but normally
1378 * applications are required to retrieve the scan data anyway
1379 * and no data is included in the event, this codifies that
1380 * practice.
1381 */
1382 if (WARN_ON(cmd == SIOCGIWSCAN && extra))
1383 extra = NULL;
1384
1385 /* Get the description of the Event */
1386 if (cmd <= SIOCIWLAST) {
1387 cmd_index = cmd - SIOCIWFIRST;
1388 if (cmd_index < standard_ioctl_num)
1389 descr = &(standard_ioctl[cmd_index]);
1390 } else {
1391 cmd_index = cmd - IWEVFIRST;
1392 if (cmd_index < standard_event_num)
1393 descr = &(standard_event[cmd_index]);
1394 }
1395 /* Don't accept unknown events */
1396 if (descr == NULL) {
1397 /* Note : we don't return an error to the driver, because
1398 * the driver would not know what to do about it. It can't
1399 * return an error to the user, because the event is not
1400 * initiated by a user request.
1401 * The best the driver could do is to log an error message.
1402 * We will do it ourselves instead...
1403 */
1404 printk(KERN_ERR "%s (WE) : Invalid/Unknown Wireless Event (0x%04X)\n",
1405 dev->name, cmd);
1406 return;
1407 }
1408
1409 /* Check extra parameters and set extra_len */
1410 if (descr->header_type == IW_HEADER_TYPE_POINT) {
1411 /* Check if number of token fits within bounds */
1412 if (wrqu->data.length > descr->max_tokens) {
1413 printk(KERN_ERR "%s (WE) : Wireless Event too big (%d)\n", dev->name, wrqu->data.length);
1414 return;
1415 }
1416 if (wrqu->data.length < descr->min_tokens) {
1417 printk(KERN_ERR "%s (WE) : Wireless Event too small (%d)\n", dev->name, wrqu->data.length);
1418 return;
1419 }
1420 /* Calculate extra_len - extra is NULL for restricted events */
1421 if (extra != NULL)
1422 extra_len = wrqu->data.length * descr->token_size;
1423 /* Always at an offset in wrqu */
1424 wrqu_off = IW_EV_POINT_OFF;
1425 }
1426
1427 /* Total length of the event */
1428 hdr_len = event_type_size[descr->header_type];
1429 event_len = hdr_len + extra_len;
1430
1431 /*
1432 * The problem for 64/32 bit.
1433 *
1434 * On 64-bit, a regular event is laid out as follows:
1435 * | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 |
1436 * | event.len | event.cmd | p a d d i n g |
1437 * | wrqu data ... (with the correct size) |
1438 *
1439 * This padding exists because we manipulate event->u,
1440 * and 'event' is not packed.
1441 *
1442 * An iw_point event is laid out like this instead:
1443 * | 0 | 1 | 2 | 3 | 4 | 5 | 6 | 7 |
1444 * | event.len | event.cmd | p a d d i n g |
1445 * | iwpnt.len | iwpnt.flg | p a d d i n g |
1446 * | extra data ...
1447 *
1448 * The second padding exists because struct iw_point is extended,
1449 * but this depends on the platform...
1450 *
1451 * On 32-bit, all the padding shouldn't be there.
1452 */
1453
1454 skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC);
1455 if (!skb)
1456 return;
1457
1458 /* Send via the RtNetlink event channel */
1459 nlh = rtnetlink_ifinfo_prep(dev, skb);
1460 if (WARN_ON(!nlh)) {
1461 kfree_skb(skb);
1462 return;
1463 }
1464
1465 /* Add the wireless events in the netlink packet */
1466 nla = nla_reserve(skb, IFLA_WIRELESS, event_len);
1467 if (!nla) {
1468 kfree_skb(skb);
1469 return;
1470 }
1471 event = nla_data(nla);
1472
1473 /* Fill event - first clear to avoid data leaking */
1474 memset(event, 0, hdr_len);
1475 event->len = event_len;
1476 event->cmd = cmd;
1477 memcpy(&event->u, ((char *) wrqu) + wrqu_off, hdr_len - IW_EV_LCP_LEN);
1478 if (extra_len)
1479 memcpy(((char *) event) + hdr_len, extra, extra_len);
1480
1481 nlmsg_end(skb, nlh);
1482 #ifdef CONFIG_COMPAT
1483 hdr_len = compat_event_type_size[descr->header_type];
1484 event_len = hdr_len + extra_len;
1485
1486 compskb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC);
1487 if (!compskb) {
1488 kfree_skb(skb);
1489 return;
1490 }
1491
1492 /* Send via the RtNetlink event channel */
1493 nlh = rtnetlink_ifinfo_prep(dev, compskb);
1494 if (WARN_ON(!nlh)) {
1495 kfree_skb(skb);
1496 kfree_skb(compskb);
1497 return;
1498 }
1499
1500 /* Add the wireless events in the netlink packet */
1501 nla = nla_reserve(compskb, IFLA_WIRELESS, event_len);
1502 if (!nla) {
1503 kfree_skb(skb);
1504 kfree_skb(compskb);
1505 return;
1506 }
1507 compat_event = nla_data(nla);
1508
1509 compat_event->len = event_len;
1510 compat_event->cmd = cmd;
1511 if (descr->header_type == IW_HEADER_TYPE_POINT) {
1512 compat_wrqu.length = wrqu->data.length;
1513 compat_wrqu.flags = wrqu->data.flags;
1514 memcpy(&compat_event->pointer,
1515 ((char *) &compat_wrqu) + IW_EV_COMPAT_POINT_OFF,
1516 hdr_len - IW_EV_COMPAT_LCP_LEN);
1517 if (extra_len)
1518 memcpy(((char *) compat_event) + hdr_len,
1519 extra, extra_len);
1520 } else {
1521 /* extra_len must be zero, so no if (extra) needed */
1522 memcpy(&compat_event->pointer, wrqu,
1523 hdr_len - IW_EV_COMPAT_LCP_LEN);
1524 }
1525
1526 nlmsg_end(compskb, nlh);
1527
1528 skb_shinfo(skb)->frag_list = compskb;
1529 #endif
1530 skb_queue_tail(&dev_net(dev)->wext_nlevents, skb);
1531 schedule_work(&wireless_nlevent_work);
1532 }
1533 EXPORT_SYMBOL(wireless_send_event);
1534
1535 /********************** ENHANCED IWSPY SUPPORT **********************/
1536 /*
1537 * In the old days, the driver was handling spy support all by itself.
1538 * Now, the driver can delegate this task to Wireless Extensions.
1539 * It needs to use those standard spy iw_handler in struct iw_handler_def,
1540 * push data to us via wireless_spy_update() and include struct iw_spy_data
1541 * in its private part (and export it in net_device->wireless_data->spy_data).
1542 * One of the main advantage of centralising spy support here is that
1543 * it becomes much easier to improve and extend it without having to touch
1544 * the drivers. One example is the addition of the Spy-Threshold events.
1545 */
1546
1547 /* ---------------------------------------------------------------- */
1548 /*
1549 * Return the pointer to the spy data in the driver.
1550 * Because this is called on the Rx path via wireless_spy_update(),
1551 * we want it to be efficient...
1552 */
1553 static inline struct iw_spy_data *get_spydata(struct net_device *dev)
1554 {
1555 /* This is the new way */
1556 if (dev->wireless_data)
1557 return dev->wireless_data->spy_data;
1558 return NULL;
1559 }
1560
1561 /*------------------------------------------------------------------*/
1562 /*
1563 * Standard Wireless Handler : set Spy List
1564 */
1565 int iw_handler_set_spy(struct net_device * dev,
1566 struct iw_request_info * info,
1567 union iwreq_data * wrqu,
1568 char * extra)
1569 {
1570 struct iw_spy_data * spydata = get_spydata(dev);
1571 struct sockaddr * address = (struct sockaddr *) extra;
1572
1573 /* Make sure driver is not buggy or using the old API */
1574 if (!spydata)
1575 return -EOPNOTSUPP;
1576
1577 /* Disable spy collection while we copy the addresses.
1578 * While we copy addresses, any call to wireless_spy_update()
1579 * will NOP. This is OK, as anyway the addresses are changing. */
1580 spydata->spy_number = 0;
1581
1582 /* We want to operate without locking, because wireless_spy_update()
1583 * most likely will happen in the interrupt handler, and therefore
1584 * have its own locking constraints and needs performance.
1585 * The rtnl_lock() make sure we don't race with the other iw_handlers.
1586 * This make sure wireless_spy_update() "see" that the spy list
1587 * is temporarily disabled. */
1588 smp_wmb();
1589
1590 /* Are there are addresses to copy? */
1591 if (wrqu->data.length > 0) {
1592 int i;
1593
1594 /* Copy addresses */
1595 for (i = 0; i < wrqu->data.length; i++)
1596 memcpy(spydata->spy_address[i], address[i].sa_data,
1597 ETH_ALEN);
1598 /* Reset stats */
1599 memset(spydata->spy_stat, 0,
1600 sizeof(struct iw_quality) * IW_MAX_SPY);
1601 }
1602
1603 /* Make sure above is updated before re-enabling */
1604 smp_wmb();
1605
1606 /* Enable addresses */
1607 spydata->spy_number = wrqu->data.length;
1608
1609 return 0;
1610 }
1611 EXPORT_SYMBOL(iw_handler_set_spy);
1612
1613 /*------------------------------------------------------------------*/
1614 /*
1615 * Standard Wireless Handler : get Spy List
1616 */
1617 int iw_handler_get_spy(struct net_device * dev,
1618 struct iw_request_info * info,
1619 union iwreq_data * wrqu,
1620 char * extra)
1621 {
1622 struct iw_spy_data * spydata = get_spydata(dev);
1623 struct sockaddr * address = (struct sockaddr *) extra;
1624 int i;
1625
1626 /* Make sure driver is not buggy or using the old API */
1627 if (!spydata)
1628 return -EOPNOTSUPP;
1629
1630 wrqu->data.length = spydata->spy_number;
1631
1632 /* Copy addresses. */
1633 for (i = 0; i < spydata->spy_number; i++) {
1634 memcpy(address[i].sa_data, spydata->spy_address[i], ETH_ALEN);
1635 address[i].sa_family = AF_UNIX;
1636 }
1637 /* Copy stats to the user buffer (just after). */
1638 if (spydata->spy_number > 0)
1639 memcpy(extra + (sizeof(struct sockaddr) *spydata->spy_number),
1640 spydata->spy_stat,
1641 sizeof(struct iw_quality) * spydata->spy_number);
1642 /* Reset updated flags. */
1643 for (i = 0; i < spydata->spy_number; i++)
1644 spydata->spy_stat[i].updated &= ~IW_QUAL_ALL_UPDATED;
1645 return 0;
1646 }
1647 EXPORT_SYMBOL(iw_handler_get_spy);
1648
1649 /*------------------------------------------------------------------*/
1650 /*
1651 * Standard Wireless Handler : set spy threshold
1652 */
1653 int iw_handler_set_thrspy(struct net_device * dev,
1654 struct iw_request_info *info,
1655 union iwreq_data * wrqu,
1656 char * extra)
1657 {
1658 struct iw_spy_data * spydata = get_spydata(dev);
1659 struct iw_thrspy * threshold = (struct iw_thrspy *) extra;
1660
1661 /* Make sure driver is not buggy or using the old API */
1662 if (!spydata)
1663 return -EOPNOTSUPP;
1664
1665 /* Just do it */
1666 memcpy(&(spydata->spy_thr_low), &(threshold->low),
1667 2 * sizeof(struct iw_quality));
1668
1669 /* Clear flag */
1670 memset(spydata->spy_thr_under, '\0', sizeof(spydata->spy_thr_under));
1671
1672 return 0;
1673 }
1674 EXPORT_SYMBOL(iw_handler_set_thrspy);
1675
1676 /*------------------------------------------------------------------*/
1677 /*
1678 * Standard Wireless Handler : get spy threshold
1679 */
1680 int iw_handler_get_thrspy(struct net_device * dev,
1681 struct iw_request_info *info,
1682 union iwreq_data * wrqu,
1683 char * extra)
1684 {
1685 struct iw_spy_data * spydata = get_spydata(dev);
1686 struct iw_thrspy * threshold = (struct iw_thrspy *) extra;
1687
1688 /* Make sure driver is not buggy or using the old API */
1689 if (!spydata)
1690 return -EOPNOTSUPP;
1691
1692 /* Just do it */
1693 memcpy(&(threshold->low), &(spydata->spy_thr_low),
1694 2 * sizeof(struct iw_quality));
1695
1696 return 0;
1697 }
1698 EXPORT_SYMBOL(iw_handler_get_thrspy);
1699
1700 /*------------------------------------------------------------------*/
1701 /*
1702 * Prepare and send a Spy Threshold event
1703 */
1704 static void iw_send_thrspy_event(struct net_device * dev,
1705 struct iw_spy_data * spydata,
1706 unsigned char * address,
1707 struct iw_quality * wstats)
1708 {
1709 union iwreq_data wrqu;
1710 struct iw_thrspy threshold;
1711
1712 /* Init */
1713 wrqu.data.length = 1;
1714 wrqu.data.flags = 0;
1715 /* Copy address */
1716 memcpy(threshold.addr.sa_data, address, ETH_ALEN);
1717 threshold.addr.sa_family = ARPHRD_ETHER;
1718 /* Copy stats */
1719 memcpy(&(threshold.qual), wstats, sizeof(struct iw_quality));
1720 /* Copy also thresholds */
1721 memcpy(&(threshold.low), &(spydata->spy_thr_low),
1722 2 * sizeof(struct iw_quality));
1723
1724 /* Send event to user space */
1725 wireless_send_event(dev, SIOCGIWTHRSPY, &wrqu, (char *) &threshold);
1726 }
1727
1728 /* ---------------------------------------------------------------- */
1729 /*
1730 * Call for the driver to update the spy data.
1731 * For now, the spy data is a simple array. As the size of the array is
1732 * small, this is good enough. If we wanted to support larger number of
1733 * spy addresses, we should use something more efficient...
1734 */
1735 void wireless_spy_update(struct net_device * dev,
1736 unsigned char * address,
1737 struct iw_quality * wstats)
1738 {
1739 struct iw_spy_data * spydata = get_spydata(dev);
1740 int i;
1741 int match = -1;
1742
1743 /* Make sure driver is not buggy or using the old API */
1744 if (!spydata)
1745 return;
1746
1747 /* Update all records that match */
1748 for (i = 0; i < spydata->spy_number; i++)
1749 if (!compare_ether_addr(address, spydata->spy_address[i])) {
1750 memcpy(&(spydata->spy_stat[i]), wstats,
1751 sizeof(struct iw_quality));
1752 match = i;
1753 }
1754
1755 /* Generate an event if we cross the spy threshold.
1756 * To avoid event storms, we have a simple hysteresis : we generate
1757 * event only when we go under the low threshold or above the
1758 * high threshold. */
1759 if (match >= 0) {
1760 if (spydata->spy_thr_under[match]) {
1761 if (wstats->level > spydata->spy_thr_high.level) {
1762 spydata->spy_thr_under[match] = 0;
1763 iw_send_thrspy_event(dev, spydata,
1764 address, wstats);
1765 }
1766 } else {
1767 if (wstats->level < spydata->spy_thr_low.level) {
1768 spydata->spy_thr_under[match] = 1;
1769 iw_send_thrspy_event(dev, spydata,
1770 address, wstats);
1771 }
1772 }
1773 }
1774 }
1775 EXPORT_SYMBOL(wireless_spy_update);
Support for the Chinese Samsung S3C2440 based development boards