1
2
3
4
5
6
7
8
9
10
11
12
13
14
15#include <linux/list.h>
16#include <linux/slab.h>
17#include <linux/spinlock.h>
18#include <net/dst.h>
19#include <net/xfrm.h>
20#include <net/mac80211.h>
21#include <net/ieee80211_radiotap.h>
22#include <linux/if_arp.h>
23#include <linux/rtnetlink.h>
24#include <linux/etherdevice.h>
25#include <linux/platform_device.h>
26#include <linux/debugfs.h>
27#include <linux/module.h>
28#include <linux/ktime.h>
29#include <net/genetlink.h>
30#include <net/net_namespace.h>
31#include <net/netns/generic.h>
32#include <linux/rhashtable.h>
33#include <linux/nospec.h>
34#include "mac80211_hwsim.h"
35
36#define WARN_QUEUE 100
37#define MAX_QUEUE 200
38
39MODULE_AUTHOR("Jouni Malinen");
40MODULE_DESCRIPTION("Software simulator of 802.11 radio(s) for mac80211");
41MODULE_LICENSE("GPL");
42
43static int radios = 2;
44module_param(radios, int, 0444);
45MODULE_PARM_DESC(radios, "Number of simulated radios");
46
47static int channels = 1;
48module_param(channels, int, 0444);
49MODULE_PARM_DESC(channels, "Number of concurrent channels");
50
51static bool paged_rx = false;
52module_param(paged_rx, bool, 0644);
53MODULE_PARM_DESC(paged_rx, "Use paged SKBs for RX instead of linear ones");
54
55static bool rctbl = false;
56module_param(rctbl, bool, 0444);
57MODULE_PARM_DESC(rctbl, "Handle rate control table");
58
59static bool support_p2p_device = true;
60module_param(support_p2p_device, bool, 0444);
61MODULE_PARM_DESC(support_p2p_device, "Support P2P-Device interface type");
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120enum hwsim_regtest {
121 HWSIM_REGTEST_DISABLED = 0,
122 HWSIM_REGTEST_DRIVER_REG_FOLLOW = 1,
123 HWSIM_REGTEST_DRIVER_REG_ALL = 2,
124 HWSIM_REGTEST_DIFF_COUNTRY = 3,
125 HWSIM_REGTEST_WORLD_ROAM = 4,
126 HWSIM_REGTEST_CUSTOM_WORLD = 5,
127 HWSIM_REGTEST_CUSTOM_WORLD_2 = 6,
128 HWSIM_REGTEST_STRICT_FOLLOW = 7,
129 HWSIM_REGTEST_STRICT_ALL = 8,
130 HWSIM_REGTEST_STRICT_AND_DRIVER_REG = 9,
131 HWSIM_REGTEST_ALL = 10,
132};
133
134
135static int regtest = HWSIM_REGTEST_DISABLED;
136module_param(regtest, int, 0444);
137MODULE_PARM_DESC(regtest, "The type of regulatory test we want to run");
138
139static const char *hwsim_alpha2s[] = {
140 "FI",
141 "AL",
142 "US",
143 "DE",
144 "JP",
145 "AL",
146};
147
148static const struct ieee80211_regdomain hwsim_world_regdom_custom_01 = {
149 .n_reg_rules = 4,
150 .alpha2 = "99",
151 .reg_rules = {
152 REG_RULE(2412-10, 2462+10, 40, 0, 20, 0),
153 REG_RULE(2484-10, 2484+10, 40, 0, 20, 0),
154 REG_RULE(5150-10, 5240+10, 40, 0, 30, 0),
155 REG_RULE(5745-10, 5825+10, 40, 0, 30, 0),
156 }
157};
158
159static const struct ieee80211_regdomain hwsim_world_regdom_custom_02 = {
160 .n_reg_rules = 2,
161 .alpha2 = "99",
162 .reg_rules = {
163 REG_RULE(2412-10, 2462+10, 40, 0, 20, 0),
164 REG_RULE(5725-10, 5850+10, 40, 0, 30,
165 NL80211_RRF_NO_IR),
166 }
167};
168
169static const struct ieee80211_regdomain *hwsim_world_regdom_custom[] = {
170 &hwsim_world_regdom_custom_01,
171 &hwsim_world_regdom_custom_02,
172};
173
174struct hwsim_vif_priv {
175 u32 magic;
176 u8 bssid[ETH_ALEN];
177 bool assoc;
178 bool bcn_en;
179 u16 aid;
180};
181
182#define HWSIM_VIF_MAGIC 0x69537748
183
184static inline void hwsim_check_magic(struct ieee80211_vif *vif)
185{
186 struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
187 WARN(vp->magic != HWSIM_VIF_MAGIC,
188 "Invalid VIF (%p) magic %#x, %pM, %d/%d\n",
189 vif, vp->magic, vif->addr, vif->type, vif->p2p);
190}
191
192static inline void hwsim_set_magic(struct ieee80211_vif *vif)
193{
194 struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
195 vp->magic = HWSIM_VIF_MAGIC;
196}
197
198static inline void hwsim_clear_magic(struct ieee80211_vif *vif)
199{
200 struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
201 vp->magic = 0;
202}
203
204struct hwsim_sta_priv {
205 u32 magic;
206};
207
208#define HWSIM_STA_MAGIC 0x6d537749
209
210static inline void hwsim_check_sta_magic(struct ieee80211_sta *sta)
211{
212 struct hwsim_sta_priv *sp = (void *)sta->drv_priv;
213 WARN_ON(sp->magic != HWSIM_STA_MAGIC);
214}
215
216static inline void hwsim_set_sta_magic(struct ieee80211_sta *sta)
217{
218 struct hwsim_sta_priv *sp = (void *)sta->drv_priv;
219 sp->magic = HWSIM_STA_MAGIC;
220}
221
222static inline void hwsim_clear_sta_magic(struct ieee80211_sta *sta)
223{
224 struct hwsim_sta_priv *sp = (void *)sta->drv_priv;
225 sp->magic = 0;
226}
227
228struct hwsim_chanctx_priv {
229 u32 magic;
230};
231
232#define HWSIM_CHANCTX_MAGIC 0x6d53774a
233
234static inline void hwsim_check_chanctx_magic(struct ieee80211_chanctx_conf *c)
235{
236 struct hwsim_chanctx_priv *cp = (void *)c->drv_priv;
237 WARN_ON(cp->magic != HWSIM_CHANCTX_MAGIC);
238}
239
240static inline void hwsim_set_chanctx_magic(struct ieee80211_chanctx_conf *c)
241{
242 struct hwsim_chanctx_priv *cp = (void *)c->drv_priv;
243 cp->magic = HWSIM_CHANCTX_MAGIC;
244}
245
246static inline void hwsim_clear_chanctx_magic(struct ieee80211_chanctx_conf *c)
247{
248 struct hwsim_chanctx_priv *cp = (void *)c->drv_priv;
249 cp->magic = 0;
250}
251
252static unsigned int hwsim_net_id;
253
254static DEFINE_IDA(hwsim_netgroup_ida);
255
256struct hwsim_net {
257 int netgroup;
258 u32 wmediumd;
259};
260
261static inline int hwsim_net_get_netgroup(struct net *net)
262{
263 struct hwsim_net *hwsim_net = net_generic(net, hwsim_net_id);
264
265 return hwsim_net->netgroup;
266}
267
268static inline int hwsim_net_set_netgroup(struct net *net)
269{
270 struct hwsim_net *hwsim_net = net_generic(net, hwsim_net_id);
271
272 hwsim_net->netgroup = ida_simple_get(&hwsim_netgroup_ida,
273 0, 0, GFP_KERNEL);
274 return hwsim_net->netgroup >= 0 ? 0 : -ENOMEM;
275}
276
277static inline u32 hwsim_net_get_wmediumd(struct net *net)
278{
279 struct hwsim_net *hwsim_net = net_generic(net, hwsim_net_id);
280
281 return hwsim_net->wmediumd;
282}
283
284static inline void hwsim_net_set_wmediumd(struct net *net, u32 portid)
285{
286 struct hwsim_net *hwsim_net = net_generic(net, hwsim_net_id);
287
288 hwsim_net->wmediumd = portid;
289}
290
291static struct class *hwsim_class;
292
293static struct net_device *hwsim_mon;
294
295#define CHAN2G(_freq) { \
296 .band = NL80211_BAND_2GHZ, \
297 .center_freq = (_freq), \
298 .hw_value = (_freq), \
299 .max_power = 20, \
300}
301
302#define CHAN5G(_freq) { \
303 .band = NL80211_BAND_5GHZ, \
304 .center_freq = (_freq), \
305 .hw_value = (_freq), \
306 .max_power = 20, \
307}
308
309static const struct ieee80211_channel hwsim_channels_2ghz[] = {
310 CHAN2G(2412),
311 CHAN2G(2417),
312 CHAN2G(2422),
313 CHAN2G(2427),
314 CHAN2G(2432),
315 CHAN2G(2437),
316 CHAN2G(2442),
317 CHAN2G(2447),
318 CHAN2G(2452),
319 CHAN2G(2457),
320 CHAN2G(2462),
321 CHAN2G(2467),
322 CHAN2G(2472),
323 CHAN2G(2484),
324};
325
326static const struct ieee80211_channel hwsim_channels_5ghz[] = {
327 CHAN5G(5180),
328 CHAN5G(5200),
329 CHAN5G(5220),
330 CHAN5G(5240),
331
332 CHAN5G(5260),
333 CHAN5G(5280),
334 CHAN5G(5300),
335 CHAN5G(5320),
336
337 CHAN5G(5500),
338 CHAN5G(5520),
339 CHAN5G(5540),
340 CHAN5G(5560),
341 CHAN5G(5580),
342 CHAN5G(5600),
343 CHAN5G(5620),
344 CHAN5G(5640),
345 CHAN5G(5660),
346 CHAN5G(5680),
347 CHAN5G(5700),
348
349 CHAN5G(5745),
350 CHAN5G(5765),
351 CHAN5G(5785),
352 CHAN5G(5805),
353 CHAN5G(5825),
354 CHAN5G(5845),
355};
356
357static const struct ieee80211_rate hwsim_rates[] = {
358 { .bitrate = 10 },
359 { .bitrate = 20, .flags = IEEE80211_RATE_SHORT_PREAMBLE },
360 { .bitrate = 55, .flags = IEEE80211_RATE_SHORT_PREAMBLE },
361 { .bitrate = 110, .flags = IEEE80211_RATE_SHORT_PREAMBLE },
362 { .bitrate = 60 },
363 { .bitrate = 90 },
364 { .bitrate = 120 },
365 { .bitrate = 180 },
366 { .bitrate = 240 },
367 { .bitrate = 360 },
368 { .bitrate = 480 },
369 { .bitrate = 540 }
370};
371
372#define OUI_QCA 0x001374
373#define QCA_NL80211_SUBCMD_TEST 1
374enum qca_nl80211_vendor_subcmds {
375 QCA_WLAN_VENDOR_ATTR_TEST = 8,
376 QCA_WLAN_VENDOR_ATTR_MAX = QCA_WLAN_VENDOR_ATTR_TEST
377};
378
379static const struct nla_policy
380hwsim_vendor_test_policy[QCA_WLAN_VENDOR_ATTR_MAX + 1] = {
381 [QCA_WLAN_VENDOR_ATTR_MAX] = { .type = NLA_U32 },
382};
383
384static int mac80211_hwsim_vendor_cmd_test(struct wiphy *wiphy,
385 struct wireless_dev *wdev,
386 const void *data, int data_len)
387{
388 struct sk_buff *skb;
389 struct nlattr *tb[QCA_WLAN_VENDOR_ATTR_MAX + 1];
390 int err;
391 u32 val;
392
393 err = nla_parse_deprecated(tb, QCA_WLAN_VENDOR_ATTR_MAX, data,
394 data_len, hwsim_vendor_test_policy, NULL);
395 if (err)
396 return err;
397 if (!tb[QCA_WLAN_VENDOR_ATTR_TEST])
398 return -EINVAL;
399 val = nla_get_u32(tb[QCA_WLAN_VENDOR_ATTR_TEST]);
400 wiphy_dbg(wiphy, "%s: test=%u\n", __func__, val);
401
402
403
404
405
406
407
408
409 skb = cfg80211_vendor_event_alloc(wiphy, wdev, 100, 0, GFP_KERNEL);
410 if (skb) {
411
412
413
414
415
416 nla_put_u32(skb, QCA_WLAN_VENDOR_ATTR_TEST, val + 1);
417
418
419 cfg80211_vendor_event(skb, GFP_KERNEL);
420 }
421
422
423 skb = cfg80211_vendor_cmd_alloc_reply_skb(wiphy, 10);
424 if (!skb)
425 return -ENOMEM;
426
427
428
429
430 nla_put_u32(skb, QCA_WLAN_VENDOR_ATTR_TEST, val + 2);
431
432 return cfg80211_vendor_cmd_reply(skb);
433}
434
435static struct wiphy_vendor_command mac80211_hwsim_vendor_commands[] = {
436 {
437 .info = { .vendor_id = OUI_QCA,
438 .subcmd = QCA_NL80211_SUBCMD_TEST },
439 .flags = WIPHY_VENDOR_CMD_NEED_NETDEV,
440 .doit = mac80211_hwsim_vendor_cmd_test,
441 .policy = hwsim_vendor_test_policy,
442 .maxattr = QCA_WLAN_VENDOR_ATTR_MAX,
443 }
444};
445
446
447static const struct nl80211_vendor_cmd_info mac80211_hwsim_vendor_events[] = {
448 { .vendor_id = OUI_QCA, .subcmd = 1 },
449};
450
451static const struct ieee80211_iface_limit hwsim_if_limits[] = {
452 { .max = 1, .types = BIT(NL80211_IFTYPE_ADHOC) },
453 { .max = 2048, .types = BIT(NL80211_IFTYPE_STATION) |
454 BIT(NL80211_IFTYPE_P2P_CLIENT) |
455#ifdef CONFIG_MAC80211_MESH
456 BIT(NL80211_IFTYPE_MESH_POINT) |
457#endif
458 BIT(NL80211_IFTYPE_AP) |
459 BIT(NL80211_IFTYPE_P2P_GO) },
460
461 { .max = 1, .types = BIT(NL80211_IFTYPE_P2P_DEVICE) }
462};
463
464static const struct ieee80211_iface_combination hwsim_if_comb[] = {
465 {
466 .limits = hwsim_if_limits,
467
468 .n_limits = ARRAY_SIZE(hwsim_if_limits) - 1,
469 .max_interfaces = 2048,
470 .num_different_channels = 1,
471 .radar_detect_widths = BIT(NL80211_CHAN_WIDTH_20_NOHT) |
472 BIT(NL80211_CHAN_WIDTH_20) |
473 BIT(NL80211_CHAN_WIDTH_40) |
474 BIT(NL80211_CHAN_WIDTH_80) |
475 BIT(NL80211_CHAN_WIDTH_160),
476 },
477};
478
479static const struct ieee80211_iface_combination hwsim_if_comb_p2p_dev[] = {
480 {
481 .limits = hwsim_if_limits,
482 .n_limits = ARRAY_SIZE(hwsim_if_limits),
483 .max_interfaces = 2048,
484 .num_different_channels = 1,
485 .radar_detect_widths = BIT(NL80211_CHAN_WIDTH_20_NOHT) |
486 BIT(NL80211_CHAN_WIDTH_20) |
487 BIT(NL80211_CHAN_WIDTH_40) |
488 BIT(NL80211_CHAN_WIDTH_80) |
489 BIT(NL80211_CHAN_WIDTH_160),
490 },
491};
492
493static spinlock_t hwsim_radio_lock;
494static LIST_HEAD(hwsim_radios);
495static struct workqueue_struct *hwsim_wq;
496static struct rhashtable hwsim_radios_rht;
497static int hwsim_radio_idx;
498static int hwsim_radios_generation = 1;
499
500static struct platform_driver mac80211_hwsim_driver = {
501 .driver = {
502 .name = "mac80211_hwsim",
503 },
504};
505
506struct mac80211_hwsim_data {
507 struct list_head list;
508 struct rhash_head rht;
509 struct ieee80211_hw *hw;
510 struct device *dev;
511 struct ieee80211_supported_band bands[NUM_NL80211_BANDS];
512 struct ieee80211_channel channels_2ghz[ARRAY_SIZE(hwsim_channels_2ghz)];
513 struct ieee80211_channel channels_5ghz[ARRAY_SIZE(hwsim_channels_5ghz)];
514 struct ieee80211_rate rates[ARRAY_SIZE(hwsim_rates)];
515 struct ieee80211_iface_combination if_combination;
516
517 struct mac_address addresses[2];
518 int channels, idx;
519 bool use_chanctx;
520 bool destroy_on_close;
521 struct work_struct destroy_work;
522 u32 portid;
523 char alpha2[2];
524 const struct ieee80211_regdomain *regd;
525
526 struct ieee80211_channel *tmp_chan;
527 struct ieee80211_channel *roc_chan;
528 u32 roc_duration;
529 struct delayed_work roc_start;
530 struct delayed_work roc_done;
531 struct delayed_work hw_scan;
532 struct cfg80211_scan_request *hw_scan_request;
533 struct ieee80211_vif *hw_scan_vif;
534 int scan_chan_idx;
535 u8 scan_addr[ETH_ALEN];
536 struct {
537 struct ieee80211_channel *channel;
538 unsigned long next_start, start, end;
539 } survey_data[ARRAY_SIZE(hwsim_channels_2ghz) +
540 ARRAY_SIZE(hwsim_channels_5ghz)];
541
542 struct ieee80211_channel *channel;
543 u64 beacon_int ;
544 unsigned int rx_filter;
545 bool started, idle, scanning;
546 struct mutex mutex;
547 struct hrtimer beacon_timer;
548 enum ps_mode {
549 PS_DISABLED, PS_ENABLED, PS_AUTO_POLL, PS_MANUAL_POLL
550 } ps;
551 bool ps_poll_pending;
552 struct dentry *debugfs;
553
554 uintptr_t pending_cookie;
555 struct sk_buff_head pending;
556
557
558
559
560
561 u64 group;
562
563
564 int netgroup;
565
566 u32 wmediumd;
567
568
569 s64 tsf_offset;
570 s64 bcn_delta;
571
572 u64 abs_bcn_ts;
573
574
575 u64 tx_pkts;
576 u64 rx_pkts;
577 u64 tx_bytes;
578 u64 rx_bytes;
579 u64 tx_dropped;
580 u64 tx_failed;
581};
582
583static const struct rhashtable_params hwsim_rht_params = {
584 .nelem_hint = 2,
585 .automatic_shrinking = true,
586 .key_len = ETH_ALEN,
587 .key_offset = offsetof(struct mac80211_hwsim_data, addresses[1]),
588 .head_offset = offsetof(struct mac80211_hwsim_data, rht),
589};
590
591struct hwsim_radiotap_hdr {
592 struct ieee80211_radiotap_header hdr;
593 __le64 rt_tsft;
594 u8 rt_flags;
595 u8 rt_rate;
596 __le16 rt_channel;
597 __le16 rt_chbitmask;
598} __packed;
599
600struct hwsim_radiotap_ack_hdr {
601 struct ieee80211_radiotap_header hdr;
602 u8 rt_flags;
603 u8 pad;
604 __le16 rt_channel;
605 __le16 rt_chbitmask;
606} __packed;
607
608
609static struct genl_family hwsim_genl_family;
610
611enum hwsim_multicast_groups {
612 HWSIM_MCGRP_CONFIG,
613};
614
615static const struct genl_multicast_group hwsim_mcgrps[] = {
616 [HWSIM_MCGRP_CONFIG] = { .name = "config", },
617};
618
619
620
621static const struct nla_policy hwsim_genl_policy[HWSIM_ATTR_MAX + 1] = {
622 [HWSIM_ATTR_ADDR_RECEIVER] = { .type = NLA_UNSPEC, .len = ETH_ALEN },
623 [HWSIM_ATTR_ADDR_TRANSMITTER] = { .type = NLA_UNSPEC, .len = ETH_ALEN },
624 [HWSIM_ATTR_FRAME] = { .type = NLA_BINARY,
625 .len = IEEE80211_MAX_DATA_LEN },
626 [HWSIM_ATTR_FLAGS] = { .type = NLA_U32 },
627 [HWSIM_ATTR_RX_RATE] = { .type = NLA_U32 },
628 [HWSIM_ATTR_SIGNAL] = { .type = NLA_U32 },
629 [HWSIM_ATTR_TX_INFO] = { .type = NLA_UNSPEC,
630 .len = IEEE80211_TX_MAX_RATES *
631 sizeof(struct hwsim_tx_rate)},
632 [HWSIM_ATTR_COOKIE] = { .type = NLA_U64 },
633 [HWSIM_ATTR_CHANNELS] = { .type = NLA_U32 },
634 [HWSIM_ATTR_RADIO_ID] = { .type = NLA_U32 },
635 [HWSIM_ATTR_REG_HINT_ALPHA2] = { .type = NLA_STRING, .len = 2 },
636 [HWSIM_ATTR_REG_CUSTOM_REG] = { .type = NLA_U32 },
637 [HWSIM_ATTR_REG_STRICT_REG] = { .type = NLA_FLAG },
638 [HWSIM_ATTR_SUPPORT_P2P_DEVICE] = { .type = NLA_FLAG },
639 [HWSIM_ATTR_DESTROY_RADIO_ON_CLOSE] = { .type = NLA_FLAG },
640 [HWSIM_ATTR_RADIO_NAME] = { .type = NLA_STRING },
641 [HWSIM_ATTR_NO_VIF] = { .type = NLA_FLAG },
642 [HWSIM_ATTR_FREQ] = { .type = NLA_U32 },
643 [HWSIM_ATTR_PERM_ADDR] = { .type = NLA_UNSPEC, .len = ETH_ALEN },
644};
645
646static void mac80211_hwsim_tx_frame(struct ieee80211_hw *hw,
647 struct sk_buff *skb,
648 struct ieee80211_channel *chan);
649
650
651static void hwsim_send_ps_poll(void *dat, u8 *mac, struct ieee80211_vif *vif)
652{
653 struct mac80211_hwsim_data *data = dat;
654 struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
655 struct sk_buff *skb;
656 struct ieee80211_pspoll *pspoll;
657
658 if (!vp->assoc)
659 return;
660
661 wiphy_dbg(data->hw->wiphy,
662 "%s: send PS-Poll to %pM for aid %d\n",
663 __func__, vp->bssid, vp->aid);
664
665 skb = dev_alloc_skb(sizeof(*pspoll));
666 if (!skb)
667 return;
668 pspoll = skb_put(skb, sizeof(*pspoll));
669 pspoll->frame_control = cpu_to_le16(IEEE80211_FTYPE_CTL |
670 IEEE80211_STYPE_PSPOLL |
671 IEEE80211_FCTL_PM);
672 pspoll->aid = cpu_to_le16(0xc000 | vp->aid);
673 memcpy(pspoll->bssid, vp->bssid, ETH_ALEN);
674 memcpy(pspoll->ta, mac, ETH_ALEN);
675
676 rcu_read_lock();
677 mac80211_hwsim_tx_frame(data->hw, skb,
678 rcu_dereference(vif->chanctx_conf)->def.chan);
679 rcu_read_unlock();
680}
681
682static void hwsim_send_nullfunc(struct mac80211_hwsim_data *data, u8 *mac,
683 struct ieee80211_vif *vif, int ps)
684{
685 struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
686 struct sk_buff *skb;
687 struct ieee80211_hdr *hdr;
688
689 if (!vp->assoc)
690 return;
691
692 wiphy_dbg(data->hw->wiphy,
693 "%s: send data::nullfunc to %pM ps=%d\n",
694 __func__, vp->bssid, ps);
695
696 skb = dev_alloc_skb(sizeof(*hdr));
697 if (!skb)
698 return;
699 hdr = skb_put(skb, sizeof(*hdr) - ETH_ALEN);
700 hdr->frame_control = cpu_to_le16(IEEE80211_FTYPE_DATA |
701 IEEE80211_STYPE_NULLFUNC |
702 IEEE80211_FCTL_TODS |
703 (ps ? IEEE80211_FCTL_PM : 0));
704 hdr->duration_id = cpu_to_le16(0);
705 memcpy(hdr->addr1, vp->bssid, ETH_ALEN);
706 memcpy(hdr->addr2, mac, ETH_ALEN);
707 memcpy(hdr->addr3, vp->bssid, ETH_ALEN);
708
709 rcu_read_lock();
710 mac80211_hwsim_tx_frame(data->hw, skb,
711 rcu_dereference(vif->chanctx_conf)->def.chan);
712 rcu_read_unlock();
713}
714
715
716static void hwsim_send_nullfunc_ps(void *dat, u8 *mac,
717 struct ieee80211_vif *vif)
718{
719 struct mac80211_hwsim_data *data = dat;
720 hwsim_send_nullfunc(data, mac, vif, 1);
721}
722
723static void hwsim_send_nullfunc_no_ps(void *dat, u8 *mac,
724 struct ieee80211_vif *vif)
725{
726 struct mac80211_hwsim_data *data = dat;
727 hwsim_send_nullfunc(data, mac, vif, 0);
728}
729
730static int hwsim_fops_ps_read(void *dat, u64 *val)
731{
732 struct mac80211_hwsim_data *data = dat;
733 *val = data->ps;
734 return 0;
735}
736
737static int hwsim_fops_ps_write(void *dat, u64 val)
738{
739 struct mac80211_hwsim_data *data = dat;
740 enum ps_mode old_ps;
741
742 if (val != PS_DISABLED && val != PS_ENABLED && val != PS_AUTO_POLL &&
743 val != PS_MANUAL_POLL)
744 return -EINVAL;
745
746 if (val == PS_MANUAL_POLL) {
747 if (data->ps != PS_ENABLED)
748 return -EINVAL;
749 local_bh_disable();
750 ieee80211_iterate_active_interfaces_atomic(
751 data->hw, IEEE80211_IFACE_ITER_NORMAL,
752 hwsim_send_ps_poll, data);
753 local_bh_enable();
754 return 0;
755 }
756 old_ps = data->ps;
757 data->ps = val;
758
759 local_bh_disable();
760 if (old_ps == PS_DISABLED && val != PS_DISABLED) {
761 ieee80211_iterate_active_interfaces_atomic(
762 data->hw, IEEE80211_IFACE_ITER_NORMAL,
763 hwsim_send_nullfunc_ps, data);
764 } else if (old_ps != PS_DISABLED && val == PS_DISABLED) {
765 ieee80211_iterate_active_interfaces_atomic(
766 data->hw, IEEE80211_IFACE_ITER_NORMAL,
767 hwsim_send_nullfunc_no_ps, data);
768 }
769 local_bh_enable();
770
771 return 0;
772}
773
774DEFINE_SIMPLE_ATTRIBUTE(hwsim_fops_ps, hwsim_fops_ps_read, hwsim_fops_ps_write,
775 "%llu\n");
776
777static int hwsim_write_simulate_radar(void *dat, u64 val)
778{
779 struct mac80211_hwsim_data *data = dat;
780
781 ieee80211_radar_detected(data->hw);
782
783 return 0;
784}
785
786DEFINE_SIMPLE_ATTRIBUTE(hwsim_simulate_radar, NULL,
787 hwsim_write_simulate_radar, "%llu\n");
788
789static int hwsim_fops_group_read(void *dat, u64 *val)
790{
791 struct mac80211_hwsim_data *data = dat;
792 *val = data->group;
793 return 0;
794}
795
796static int hwsim_fops_group_write(void *dat, u64 val)
797{
798 struct mac80211_hwsim_data *data = dat;
799 data->group = val;
800 return 0;
801}
802
803DEFINE_SIMPLE_ATTRIBUTE(hwsim_fops_group,
804 hwsim_fops_group_read, hwsim_fops_group_write,
805 "%llx\n");
806
807static netdev_tx_t hwsim_mon_xmit(struct sk_buff *skb,
808 struct net_device *dev)
809{
810
811 dev_kfree_skb(skb);
812 return NETDEV_TX_OK;
813}
814
815static inline u64 mac80211_hwsim_get_tsf_raw(void)
816{
817 return ktime_to_us(ktime_get_real());
818}
819
820static __le64 __mac80211_hwsim_get_tsf(struct mac80211_hwsim_data *data)
821{
822 u64 now = mac80211_hwsim_get_tsf_raw();
823 return cpu_to_le64(now + data->tsf_offset);
824}
825
826static u64 mac80211_hwsim_get_tsf(struct ieee80211_hw *hw,
827 struct ieee80211_vif *vif)
828{
829 struct mac80211_hwsim_data *data = hw->priv;
830 return le64_to_cpu(__mac80211_hwsim_get_tsf(data));
831}
832
833static void mac80211_hwsim_set_tsf(struct ieee80211_hw *hw,
834 struct ieee80211_vif *vif, u64 tsf)
835{
836 struct mac80211_hwsim_data *data = hw->priv;
837 u64 now = mac80211_hwsim_get_tsf(hw, vif);
838 u32 bcn_int = data->beacon_int;
839 u64 delta = abs(tsf - now);
840
841
842 if (tsf > now) {
843 data->tsf_offset += delta;
844 data->bcn_delta = do_div(delta, bcn_int);
845 } else {
846 data->tsf_offset -= delta;
847 data->bcn_delta = -(s64)do_div(delta, bcn_int);
848 }
849}
850
851static void mac80211_hwsim_monitor_rx(struct ieee80211_hw *hw,
852 struct sk_buff *tx_skb,
853 struct ieee80211_channel *chan)
854{
855 struct mac80211_hwsim_data *data = hw->priv;
856 struct sk_buff *skb;
857 struct hwsim_radiotap_hdr *hdr;
858 u16 flags;
859 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx_skb);
860 struct ieee80211_rate *txrate = ieee80211_get_tx_rate(hw, info);
861
862 if (WARN_ON(!txrate))
863 return;
864
865 if (!netif_running(hwsim_mon))
866 return;
867
868 skb = skb_copy_expand(tx_skb, sizeof(*hdr), 0, GFP_ATOMIC);
869 if (skb == NULL)
870 return;
871
872 hdr = skb_push(skb, sizeof(*hdr));
873 hdr->hdr.it_version = PKTHDR_RADIOTAP_VERSION;
874 hdr->hdr.it_pad = 0;
875 hdr->hdr.it_len = cpu_to_le16(sizeof(*hdr));
876 hdr->hdr.it_present = cpu_to_le32((1 << IEEE80211_RADIOTAP_FLAGS) |
877 (1 << IEEE80211_RADIOTAP_RATE) |
878 (1 << IEEE80211_RADIOTAP_TSFT) |
879 (1 << IEEE80211_RADIOTAP_CHANNEL));
880 hdr->rt_tsft = __mac80211_hwsim_get_tsf(data);
881 hdr->rt_flags = 0;
882 hdr->rt_rate = txrate->bitrate / 5;
883 hdr->rt_channel = cpu_to_le16(chan->center_freq);
884 flags = IEEE80211_CHAN_2GHZ;
885 if (txrate->flags & IEEE80211_RATE_ERP_G)
886 flags |= IEEE80211_CHAN_OFDM;
887 else
888 flags |= IEEE80211_CHAN_CCK;
889 hdr->rt_chbitmask = cpu_to_le16(flags);
890
891 skb->dev = hwsim_mon;
892 skb_reset_mac_header(skb);
893 skb->ip_summed = CHECKSUM_UNNECESSARY;
894 skb->pkt_type = PACKET_OTHERHOST;
895 skb->protocol = htons(ETH_P_802_2);
896 memset(skb->cb, 0, sizeof(skb->cb));
897 netif_rx(skb);
898}
899
900
901static void mac80211_hwsim_monitor_ack(struct ieee80211_channel *chan,
902 const u8 *addr)
903{
904 struct sk_buff *skb;
905 struct hwsim_radiotap_ack_hdr *hdr;
906 u16 flags;
907 struct ieee80211_hdr *hdr11;
908
909 if (!netif_running(hwsim_mon))
910 return;
911
912 skb = dev_alloc_skb(100);
913 if (skb == NULL)
914 return;
915
916 hdr = skb_put(skb, sizeof(*hdr));
917 hdr->hdr.it_version = PKTHDR_RADIOTAP_VERSION;
918 hdr->hdr.it_pad = 0;
919 hdr->hdr.it_len = cpu_to_le16(sizeof(*hdr));
920 hdr->hdr.it_present = cpu_to_le32((1 << IEEE80211_RADIOTAP_FLAGS) |
921 (1 << IEEE80211_RADIOTAP_CHANNEL));
922 hdr->rt_flags = 0;
923 hdr->pad = 0;
924 hdr->rt_channel = cpu_to_le16(chan->center_freq);
925 flags = IEEE80211_CHAN_2GHZ;
926 hdr->rt_chbitmask = cpu_to_le16(flags);
927
928 hdr11 = skb_put(skb, 10);
929 hdr11->frame_control = cpu_to_le16(IEEE80211_FTYPE_CTL |
930 IEEE80211_STYPE_ACK);
931 hdr11->duration_id = cpu_to_le16(0);
932 memcpy(hdr11->addr1, addr, ETH_ALEN);
933
934 skb->dev = hwsim_mon;
935 skb_reset_mac_header(skb);
936 skb->ip_summed = CHECKSUM_UNNECESSARY;
937 skb->pkt_type = PACKET_OTHERHOST;
938 skb->protocol = htons(ETH_P_802_2);
939 memset(skb->cb, 0, sizeof(skb->cb));
940 netif_rx(skb);
941}
942
943struct mac80211_hwsim_addr_match_data {
944 u8 addr[ETH_ALEN];
945 bool ret;
946};
947
948static void mac80211_hwsim_addr_iter(void *data, u8 *mac,
949 struct ieee80211_vif *vif)
950{
951 struct mac80211_hwsim_addr_match_data *md = data;
952
953 if (memcmp(mac, md->addr, ETH_ALEN) == 0)
954 md->ret = true;
955}
956
957static bool mac80211_hwsim_addr_match(struct mac80211_hwsim_data *data,
958 const u8 *addr)
959{
960 struct mac80211_hwsim_addr_match_data md = {
961 .ret = false,
962 };
963
964 if (data->scanning && memcmp(addr, data->scan_addr, ETH_ALEN) == 0)
965 return true;
966
967 memcpy(md.addr, addr, ETH_ALEN);
968
969 ieee80211_iterate_active_interfaces_atomic(data->hw,
970 IEEE80211_IFACE_ITER_NORMAL,
971 mac80211_hwsim_addr_iter,
972 &md);
973
974 return md.ret;
975}
976
977static bool hwsim_ps_rx_ok(struct mac80211_hwsim_data *data,
978 struct sk_buff *skb)
979{
980 switch (data->ps) {
981 case PS_DISABLED:
982 return true;
983 case PS_ENABLED:
984 return false;
985 case PS_AUTO_POLL:
986
987
988 return true;
989 case PS_MANUAL_POLL:
990
991
992 if (data->ps_poll_pending &&
993 mac80211_hwsim_addr_match(data, skb->data + 4)) {
994 data->ps_poll_pending = false;
995 return true;
996 }
997 return false;
998 }
999
1000 return true;
1001}
1002
1003static int hwsim_unicast_netgroup(struct mac80211_hwsim_data *data,
1004 struct sk_buff *skb, int portid)
1005{
1006 struct net *net;
1007 bool found = false;
1008 int res = -ENOENT;
1009
1010 rcu_read_lock();
1011 for_each_net_rcu(net) {
1012 if (data->netgroup == hwsim_net_get_netgroup(net)) {
1013 res = genlmsg_unicast(net, skb, portid);
1014 found = true;
1015 break;
1016 }
1017 }
1018 rcu_read_unlock();
1019
1020 if (!found)
1021 nlmsg_free(skb);
1022
1023 return res;
1024}
1025
1026static inline u16 trans_tx_rate_flags_ieee2hwsim(struct ieee80211_tx_rate *rate)
1027{
1028 u16 result = 0;
1029
1030 if (rate->flags & IEEE80211_TX_RC_USE_RTS_CTS)
1031 result |= MAC80211_HWSIM_TX_RC_USE_RTS_CTS;
1032 if (rate->flags & IEEE80211_TX_RC_USE_CTS_PROTECT)
1033 result |= MAC80211_HWSIM_TX_RC_USE_CTS_PROTECT;
1034 if (rate->flags & IEEE80211_TX_RC_USE_SHORT_PREAMBLE)
1035 result |= MAC80211_HWSIM_TX_RC_USE_SHORT_PREAMBLE;
1036 if (rate->flags & IEEE80211_TX_RC_MCS)
1037 result |= MAC80211_HWSIM_TX_RC_MCS;
1038 if (rate->flags & IEEE80211_TX_RC_GREEN_FIELD)
1039 result |= MAC80211_HWSIM_TX_RC_GREEN_FIELD;
1040 if (rate->flags & IEEE80211_TX_RC_40_MHZ_WIDTH)
1041 result |= MAC80211_HWSIM_TX_RC_40_MHZ_WIDTH;
1042 if (rate->flags & IEEE80211_TX_RC_DUP_DATA)
1043 result |= MAC80211_HWSIM_TX_RC_DUP_DATA;
1044 if (rate->flags & IEEE80211_TX_RC_SHORT_GI)
1045 result |= MAC80211_HWSIM_TX_RC_SHORT_GI;
1046 if (rate->flags & IEEE80211_TX_RC_VHT_MCS)
1047 result |= MAC80211_HWSIM_TX_RC_VHT_MCS;
1048 if (rate->flags & IEEE80211_TX_RC_80_MHZ_WIDTH)
1049 result |= MAC80211_HWSIM_TX_RC_80_MHZ_WIDTH;
1050 if (rate->flags & IEEE80211_TX_RC_160_MHZ_WIDTH)
1051 result |= MAC80211_HWSIM_TX_RC_160_MHZ_WIDTH;
1052
1053 return result;
1054}
1055
1056static void mac80211_hwsim_tx_frame_nl(struct ieee80211_hw *hw,
1057 struct sk_buff *my_skb,
1058 int dst_portid)
1059{
1060 struct sk_buff *skb;
1061 struct mac80211_hwsim_data *data = hw->priv;
1062 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) my_skb->data;
1063 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(my_skb);
1064 void *msg_head;
1065 unsigned int hwsim_flags = 0;
1066 int i;
1067 struct hwsim_tx_rate tx_attempts[IEEE80211_TX_MAX_RATES];
1068 struct hwsim_tx_rate_flag tx_attempts_flags[IEEE80211_TX_MAX_RATES];
1069 uintptr_t cookie;
1070
1071 if (data->ps != PS_DISABLED)
1072 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PM);
1073
1074 if (skb_queue_len(&data->pending) >= MAX_QUEUE) {
1075
1076 while (skb_queue_len(&data->pending) >= WARN_QUEUE) {
1077 ieee80211_free_txskb(hw, skb_dequeue(&data->pending));
1078 data->tx_dropped++;
1079 }
1080 }
1081
1082 skb = genlmsg_new(GENLMSG_DEFAULT_SIZE, GFP_ATOMIC);
1083 if (skb == NULL)
1084 goto nla_put_failure;
1085
1086 msg_head = genlmsg_put(skb, 0, 0, &hwsim_genl_family, 0,
1087 HWSIM_CMD_FRAME);
1088 if (msg_head == NULL) {
1089 pr_debug("mac80211_hwsim: problem with msg_head\n");
1090 goto nla_put_failure;
1091 }
1092
1093 if (nla_put(skb, HWSIM_ATTR_ADDR_TRANSMITTER,
1094 ETH_ALEN, data->addresses[1].addr))
1095 goto nla_put_failure;
1096
1097
1098 if (nla_put(skb, HWSIM_ATTR_FRAME, my_skb->len, my_skb->data))
1099 goto nla_put_failure;
1100
1101
1102
1103
1104 if (info->flags & IEEE80211_TX_CTL_REQ_TX_STATUS)
1105 hwsim_flags |= HWSIM_TX_CTL_REQ_TX_STATUS;
1106
1107 if (info->flags & IEEE80211_TX_CTL_NO_ACK)
1108 hwsim_flags |= HWSIM_TX_CTL_NO_ACK;
1109
1110 if (nla_put_u32(skb, HWSIM_ATTR_FLAGS, hwsim_flags))
1111 goto nla_put_failure;
1112
1113 if (nla_put_u32(skb, HWSIM_ATTR_FREQ, data->channel->center_freq))
1114 goto nla_put_failure;
1115
1116
1117
1118 for (i = 0; i < IEEE80211_TX_MAX_RATES; i++) {
1119 tx_attempts[i].idx = info->status.rates[i].idx;
1120 tx_attempts_flags[i].idx = info->status.rates[i].idx;
1121 tx_attempts[i].count = info->status.rates[i].count;
1122 tx_attempts_flags[i].flags =
1123 trans_tx_rate_flags_ieee2hwsim(
1124 &info->status.rates[i]);
1125 }
1126
1127 if (nla_put(skb, HWSIM_ATTR_TX_INFO,
1128 sizeof(struct hwsim_tx_rate)*IEEE80211_TX_MAX_RATES,
1129 tx_attempts))
1130 goto nla_put_failure;
1131
1132 if (nla_put(skb, HWSIM_ATTR_TX_INFO_FLAGS,
1133 sizeof(struct hwsim_tx_rate_flag) * IEEE80211_TX_MAX_RATES,
1134 tx_attempts_flags))
1135 goto nla_put_failure;
1136
1137
1138 data->pending_cookie++;
1139 cookie = data->pending_cookie;
1140 info->rate_driver_data[0] = (void *)cookie;
1141 if (nla_put_u64_64bit(skb, HWSIM_ATTR_COOKIE, cookie, HWSIM_ATTR_PAD))
1142 goto nla_put_failure;
1143
1144 genlmsg_end(skb, msg_head);
1145 if (hwsim_unicast_netgroup(data, skb, dst_portid))
1146 goto err_free_txskb;
1147
1148
1149 skb_queue_tail(&data->pending, my_skb);
1150 data->tx_pkts++;
1151 data->tx_bytes += my_skb->len;
1152 return;
1153
1154nla_put_failure:
1155 nlmsg_free(skb);
1156err_free_txskb:
1157 pr_debug("mac80211_hwsim: error occurred in %s\n", __func__);
1158 ieee80211_free_txskb(hw, my_skb);
1159 data->tx_failed++;
1160}
1161
1162static bool hwsim_chans_compat(struct ieee80211_channel *c1,
1163 struct ieee80211_channel *c2)
1164{
1165 if (!c1 || !c2)
1166 return false;
1167
1168 return c1->center_freq == c2->center_freq;
1169}
1170
1171struct tx_iter_data {
1172 struct ieee80211_channel *channel;
1173 bool receive;
1174};
1175
1176static void mac80211_hwsim_tx_iter(void *_data, u8 *addr,
1177 struct ieee80211_vif *vif)
1178{
1179 struct tx_iter_data *data = _data;
1180
1181 if (!vif->chanctx_conf)
1182 return;
1183
1184 if (!hwsim_chans_compat(data->channel,
1185 rcu_dereference(vif->chanctx_conf)->def.chan))
1186 return;
1187
1188 data->receive = true;
1189}
1190
1191static void mac80211_hwsim_add_vendor_rtap(struct sk_buff *skb)
1192{
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203#ifdef HWSIM_RADIOTAP_OUI
1204 struct ieee80211_vendor_radiotap *rtap;
1205
1206
1207
1208
1209
1210 rtap = skb_push(skb, sizeof(*rtap) + 8 + 4);
1211 rtap->oui[0] = HWSIM_RADIOTAP_OUI[0];
1212 rtap->oui[1] = HWSIM_RADIOTAP_OUI[1];
1213 rtap->oui[2] = HWSIM_RADIOTAP_OUI[2];
1214 rtap->subns = 127;
1215
1216
1217
1218
1219
1220
1221
1222 rtap->present = BIT(0);
1223
1224 rtap->len = 8;
1225
1226 rtap->align = 8;
1227
1228 rtap->pad = 4;
1229
1230 memcpy(rtap->data, "ABCDEFGH", 8);
1231
1232 memset(rtap->data + 8, 0, 4);
1233
1234 IEEE80211_SKB_RXCB(skb)->flag |= RX_FLAG_RADIOTAP_VENDOR_DATA;
1235#endif
1236}
1237
1238static bool mac80211_hwsim_tx_frame_no_nl(struct ieee80211_hw *hw,
1239 struct sk_buff *skb,
1240 struct ieee80211_channel *chan)
1241{
1242 struct mac80211_hwsim_data *data = hw->priv, *data2;
1243 bool ack = false;
1244 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
1245 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1246 struct ieee80211_rx_status rx_status;
1247 u64 now;
1248
1249 memset(&rx_status, 0, sizeof(rx_status));
1250 rx_status.flag |= RX_FLAG_MACTIME_START;
1251 rx_status.freq = chan->center_freq;
1252 rx_status.band = chan->band;
1253 if (info->control.rates[0].flags & IEEE80211_TX_RC_VHT_MCS) {
1254 rx_status.rate_idx =
1255 ieee80211_rate_get_vht_mcs(&info->control.rates[0]);
1256 rx_status.nss =
1257 ieee80211_rate_get_vht_nss(&info->control.rates[0]);
1258 rx_status.encoding = RX_ENC_VHT;
1259 } else {
1260 rx_status.rate_idx = info->control.rates[0].idx;
1261 if (info->control.rates[0].flags & IEEE80211_TX_RC_MCS)
1262 rx_status.encoding = RX_ENC_HT;
1263 }
1264 if (info->control.rates[0].flags & IEEE80211_TX_RC_40_MHZ_WIDTH)
1265 rx_status.bw = RATE_INFO_BW_40;
1266 else if (info->control.rates[0].flags & IEEE80211_TX_RC_80_MHZ_WIDTH)
1267 rx_status.bw = RATE_INFO_BW_80;
1268 else if (info->control.rates[0].flags & IEEE80211_TX_RC_160_MHZ_WIDTH)
1269 rx_status.bw = RATE_INFO_BW_160;
1270 else
1271 rx_status.bw = RATE_INFO_BW_20;
1272 if (info->control.rates[0].flags & IEEE80211_TX_RC_SHORT_GI)
1273 rx_status.enc_flags |= RX_ENC_FLAG_SHORT_GI;
1274
1275 rx_status.signal = -50;
1276 if (info->control.vif)
1277 rx_status.signal += info->control.vif->bss_conf.txpower;
1278
1279 if (data->ps != PS_DISABLED)
1280 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PM);
1281
1282
1283 skb_orphan(skb);
1284 skb_dst_drop(skb);
1285 skb->mark = 0;
1286 secpath_reset(skb);
1287 nf_reset(skb);
1288
1289
1290
1291
1292
1293
1294
1295
1296 if (ieee80211_is_beacon(hdr->frame_control) ||
1297 ieee80211_is_probe_resp(hdr->frame_control))
1298 now = data->abs_bcn_ts;
1299 else
1300 now = mac80211_hwsim_get_tsf_raw();
1301
1302
1303 spin_lock(&hwsim_radio_lock);
1304 list_for_each_entry(data2, &hwsim_radios, list) {
1305 struct sk_buff *nskb;
1306 struct tx_iter_data tx_iter_data = {
1307 .receive = false,
1308 .channel = chan,
1309 };
1310
1311 if (data == data2)
1312 continue;
1313
1314 if (!data2->started || (data2->idle && !data2->tmp_chan) ||
1315 !hwsim_ps_rx_ok(data2, skb))
1316 continue;
1317
1318 if (!(data->group & data2->group))
1319 continue;
1320
1321 if (data->netgroup != data2->netgroup)
1322 continue;
1323
1324 if (!hwsim_chans_compat(chan, data2->tmp_chan) &&
1325 !hwsim_chans_compat(chan, data2->channel)) {
1326 ieee80211_iterate_active_interfaces_atomic(
1327 data2->hw, IEEE80211_IFACE_ITER_NORMAL,
1328 mac80211_hwsim_tx_iter, &tx_iter_data);
1329 if (!tx_iter_data.receive)
1330 continue;
1331 }
1332
1333
1334
1335
1336
1337 if (skb->len < PAGE_SIZE && paged_rx) {
1338 struct page *page = alloc_page(GFP_ATOMIC);
1339
1340 if (!page)
1341 continue;
1342
1343 nskb = dev_alloc_skb(128);
1344 if (!nskb) {
1345 __free_page(page);
1346 continue;
1347 }
1348
1349 memcpy(page_address(page), skb->data, skb->len);
1350 skb_add_rx_frag(nskb, 0, page, 0, skb->len, skb->len);
1351 } else {
1352 nskb = skb_copy(skb, GFP_ATOMIC);
1353 if (!nskb)
1354 continue;
1355 }
1356
1357 if (mac80211_hwsim_addr_match(data2, hdr->addr1))
1358 ack = true;
1359
1360 rx_status.mactime = now + data2->tsf_offset;
1361
1362 memcpy(IEEE80211_SKB_RXCB(nskb), &rx_status, sizeof(rx_status));
1363
1364 mac80211_hwsim_add_vendor_rtap(nskb);
1365
1366 data2->rx_pkts++;
1367 data2->rx_bytes += nskb->len;
1368 ieee80211_rx_irqsafe(data2->hw, nskb);
1369 }
1370 spin_unlock(&hwsim_radio_lock);
1371
1372 return ack;
1373}
1374
1375static void mac80211_hwsim_tx(struct ieee80211_hw *hw,
1376 struct ieee80211_tx_control *control,
1377 struct sk_buff *skb)
1378{
1379 struct mac80211_hwsim_data *data = hw->priv;
1380 struct ieee80211_tx_info *txi = IEEE80211_SKB_CB(skb);
1381 struct ieee80211_hdr *hdr = (void *)skb->data;
1382 struct ieee80211_chanctx_conf *chanctx_conf;
1383 struct ieee80211_channel *channel;
1384 bool ack;
1385 u32 _portid;
1386
1387 if (WARN_ON(skb->len < 10)) {
1388
1389 ieee80211_free_txskb(hw, skb);
1390 return;
1391 }
1392
1393 if (!data->use_chanctx) {
1394 channel = data->channel;
1395 } else if (txi->hw_queue == 4) {
1396 channel = data->tmp_chan;
1397 } else {
1398 chanctx_conf = rcu_dereference(txi->control.vif->chanctx_conf);
1399 if (chanctx_conf)
1400 channel = chanctx_conf->def.chan;
1401 else
1402 channel = NULL;
1403 }
1404
1405 if (WARN(!channel, "TX w/o channel - queue = %d\n", txi->hw_queue)) {
1406 ieee80211_free_txskb(hw, skb);
1407 return;
1408 }
1409
1410 if (data->idle && !data->tmp_chan) {
1411 wiphy_dbg(hw->wiphy, "Trying to TX when idle - reject\n");
1412 ieee80211_free_txskb(hw, skb);
1413 return;
1414 }
1415
1416 if (txi->control.vif)
1417 hwsim_check_magic(txi->control.vif);
1418 if (control->sta)
1419 hwsim_check_sta_magic(control->sta);
1420
1421 if (ieee80211_hw_check(hw, SUPPORTS_RC_TABLE))
1422 ieee80211_get_tx_rates(txi->control.vif, control->sta, skb,
1423 txi->control.rates,
1424 ARRAY_SIZE(txi->control.rates));
1425
1426 if (skb->len >= 24 + 8 &&
1427 ieee80211_is_probe_resp(hdr->frame_control)) {
1428
1429 struct ieee80211_mgmt *mgmt;
1430 struct ieee80211_rate *txrate;
1431 u64 ts;
1432
1433 mgmt = (struct ieee80211_mgmt *)skb->data;
1434 txrate = ieee80211_get_tx_rate(hw, txi);
1435 ts = mac80211_hwsim_get_tsf_raw();
1436 mgmt->u.probe_resp.timestamp =
1437 cpu_to_le64(ts + data->tsf_offset +
1438 24 * 8 * 10 / txrate->bitrate);
1439 }
1440
1441 mac80211_hwsim_monitor_rx(hw, skb, channel);
1442
1443
1444 _portid = READ_ONCE(data->wmediumd);
1445
1446 if (_portid)
1447 return mac80211_hwsim_tx_frame_nl(hw, skb, _portid);
1448
1449
1450 data->tx_pkts++;
1451 data->tx_bytes += skb->len;
1452 ack = mac80211_hwsim_tx_frame_no_nl(hw, skb, channel);
1453
1454 if (ack && skb->len >= 16)
1455 mac80211_hwsim_monitor_ack(channel, hdr->addr2);
1456
1457 ieee80211_tx_info_clear_status(txi);
1458
1459
1460 txi->control.rates[0].count = 1;
1461 txi->control.rates[1].idx = -1;
1462
1463 if (!(txi->flags & IEEE80211_TX_CTL_NO_ACK) && ack)
1464 txi->flags |= IEEE80211_TX_STAT_ACK;
1465 ieee80211_tx_status_irqsafe(hw, skb);
1466}
1467
1468
1469static int mac80211_hwsim_start(struct ieee80211_hw *hw)
1470{
1471 struct mac80211_hwsim_data *data = hw->priv;
1472 wiphy_dbg(hw->wiphy, "%s\n", __func__);
1473 data->started = true;
1474 return 0;
1475}
1476
1477
1478static void mac80211_hwsim_stop(struct ieee80211_hw *hw)
1479{
1480 struct mac80211_hwsim_data *data = hw->priv;
1481 data->started = false;
1482 hrtimer_cancel(&data->beacon_timer);
1483 wiphy_dbg(hw->wiphy, "%s\n", __func__);
1484}
1485
1486
1487static int mac80211_hwsim_add_interface(struct ieee80211_hw *hw,
1488 struct ieee80211_vif *vif)
1489{
1490 wiphy_dbg(hw->wiphy, "%s (type=%d mac_addr=%pM)\n",
1491 __func__, ieee80211_vif_type_p2p(vif),
1492 vif->addr);
1493 hwsim_set_magic(vif);
1494
1495 vif->cab_queue = 0;
1496 vif->hw_queue[IEEE80211_AC_VO] = 0;
1497 vif->hw_queue[IEEE80211_AC_VI] = 1;
1498 vif->hw_queue[IEEE80211_AC_BE] = 2;
1499 vif->hw_queue[IEEE80211_AC_BK] = 3;
1500
1501 return 0;
1502}
1503
1504
1505static int mac80211_hwsim_change_interface(struct ieee80211_hw *hw,
1506 struct ieee80211_vif *vif,
1507 enum nl80211_iftype newtype,
1508 bool newp2p)
1509{
1510 newtype = ieee80211_iftype_p2p(newtype, newp2p);
1511 wiphy_dbg(hw->wiphy,
1512 "%s (old type=%d, new type=%d, mac_addr=%pM)\n",
1513 __func__, ieee80211_vif_type_p2p(vif),
1514 newtype, vif->addr);
1515 hwsim_check_magic(vif);
1516
1517
1518
1519
1520
1521 vif->cab_queue = 0;
1522
1523 return 0;
1524}
1525
1526static void mac80211_hwsim_remove_interface(
1527 struct ieee80211_hw *hw, struct ieee80211_vif *vif)
1528{
1529 wiphy_dbg(hw->wiphy, "%s (type=%d mac_addr=%pM)\n",
1530 __func__, ieee80211_vif_type_p2p(vif),
1531 vif->addr);
1532 hwsim_check_magic(vif);
1533 hwsim_clear_magic(vif);
1534}
1535
1536static void mac80211_hwsim_tx_frame(struct ieee80211_hw *hw,
1537 struct sk_buff *skb,
1538 struct ieee80211_channel *chan)
1539{
1540 struct mac80211_hwsim_data *data = hw->priv;
1541 u32 _pid = READ_ONCE(data->wmediumd);
1542
1543 if (ieee80211_hw_check(hw, SUPPORTS_RC_TABLE)) {
1544 struct ieee80211_tx_info *txi = IEEE80211_SKB_CB(skb);
1545 ieee80211_get_tx_rates(txi->control.vif, NULL, skb,
1546 txi->control.rates,
1547 ARRAY_SIZE(txi->control.rates));
1548 }
1549
1550 mac80211_hwsim_monitor_rx(hw, skb, chan);
1551
1552 if (_pid)
1553 return mac80211_hwsim_tx_frame_nl(hw, skb, _pid);
1554
1555 mac80211_hwsim_tx_frame_no_nl(hw, skb, chan);
1556 dev_kfree_skb(skb);
1557}
1558
1559static void mac80211_hwsim_beacon_tx(void *arg, u8 *mac,
1560 struct ieee80211_vif *vif)
1561{
1562 struct mac80211_hwsim_data *data = arg;
1563 struct ieee80211_hw *hw = data->hw;
1564 struct ieee80211_tx_info *info;
1565 struct ieee80211_rate *txrate;
1566 struct ieee80211_mgmt *mgmt;
1567 struct sk_buff *skb;
1568
1569 hwsim_check_magic(vif);
1570
1571 if (vif->type != NL80211_IFTYPE_AP &&
1572 vif->type != NL80211_IFTYPE_MESH_POINT &&
1573 vif->type != NL80211_IFTYPE_ADHOC)
1574 return;
1575
1576 skb = ieee80211_beacon_get(hw, vif);
1577 if (skb == NULL)
1578 return;
1579 info = IEEE80211_SKB_CB(skb);
1580 if (ieee80211_hw_check(hw, SUPPORTS_RC_TABLE))
1581 ieee80211_get_tx_rates(vif, NULL, skb,
1582 info->control.rates,
1583 ARRAY_SIZE(info->control.rates));
1584
1585 txrate = ieee80211_get_tx_rate(hw, info);
1586
1587 mgmt = (struct ieee80211_mgmt *) skb->data;
1588
1589 data->abs_bcn_ts = mac80211_hwsim_get_tsf_raw();
1590 mgmt->u.beacon.timestamp = cpu_to_le64(data->abs_bcn_ts +
1591 data->tsf_offset +
1592 24 * 8 * 10 / txrate->bitrate);
1593
1594 mac80211_hwsim_tx_frame(hw, skb,
1595 rcu_dereference(vif->chanctx_conf)->def.chan);
1596
1597 if (vif->csa_active && ieee80211_csa_is_complete(vif))
1598 ieee80211_csa_finish(vif);
1599}
1600
1601static enum hrtimer_restart
1602mac80211_hwsim_beacon(struct hrtimer *timer)
1603{
1604 struct mac80211_hwsim_data *data =
1605 container_of(timer, struct mac80211_hwsim_data, beacon_timer);
1606 struct ieee80211_hw *hw = data->hw;
1607 u64 bcn_int = data->beacon_int;
1608
1609 if (!data->started)
1610 return HRTIMER_NORESTART;
1611
1612 ieee80211_iterate_active_interfaces_atomic(
1613 hw, IEEE80211_IFACE_ITER_NORMAL,
1614 mac80211_hwsim_beacon_tx, data);
1615
1616
1617 if (data->bcn_delta) {
1618 bcn_int -= data->bcn_delta;
1619 data->bcn_delta = 0;
1620 }
1621 hrtimer_forward(&data->beacon_timer, hrtimer_get_expires(timer),
1622 ns_to_ktime(bcn_int * NSEC_PER_USEC));
1623 return HRTIMER_RESTART;
1624}
1625
1626static const char * const hwsim_chanwidths[] = {
1627 [NL80211_CHAN_WIDTH_20_NOHT] = "noht",
1628 [NL80211_CHAN_WIDTH_20] = "ht20",
1629 [NL80211_CHAN_WIDTH_40] = "ht40",
1630 [NL80211_CHAN_WIDTH_80] = "vht80",
1631 [NL80211_CHAN_WIDTH_80P80] = "vht80p80",
1632 [NL80211_CHAN_WIDTH_160] = "vht160",
1633};
1634
1635static int mac80211_hwsim_config(struct ieee80211_hw *hw, u32 changed)
1636{
1637 struct mac80211_hwsim_data *data = hw->priv;
1638 struct ieee80211_conf *conf = &hw->conf;
1639 static const char *smps_modes[IEEE80211_SMPS_NUM_MODES] = {
1640 [IEEE80211_SMPS_AUTOMATIC] = "auto",
1641 [IEEE80211_SMPS_OFF] = "off",
1642 [IEEE80211_SMPS_STATIC] = "static",
1643 [IEEE80211_SMPS_DYNAMIC] = "dynamic",
1644 };
1645 int idx;
1646
1647 if (conf->chandef.chan)
1648 wiphy_dbg(hw->wiphy,
1649 "%s (freq=%d(%d - %d)/%s idle=%d ps=%d smps=%s)\n",
1650 __func__,
1651 conf->chandef.chan->center_freq,
1652 conf->chandef.center_freq1,
1653 conf->chandef.center_freq2,
1654 hwsim_chanwidths[conf->chandef.width],
1655 !!(conf->flags & IEEE80211_CONF_IDLE),
1656 !!(conf->flags & IEEE80211_CONF_PS),
1657 smps_modes[conf->smps_mode]);
1658 else
1659 wiphy_dbg(hw->wiphy,
1660 "%s (freq=0 idle=%d ps=%d smps=%s)\n",
1661 __func__,
1662 !!(conf->flags & IEEE80211_CONF_IDLE),
1663 !!(conf->flags & IEEE80211_CONF_PS),
1664 smps_modes[conf->smps_mode]);
1665
1666 data->idle = !!(conf->flags & IEEE80211_CONF_IDLE);
1667
1668 WARN_ON(conf->chandef.chan && data->use_chanctx);
1669
1670 mutex_lock(&data->mutex);
1671 if (data->scanning && conf->chandef.chan) {
1672 for (idx = 0; idx < ARRAY_SIZE(data->survey_data); idx++) {
1673 if (data->survey_data[idx].channel == data->channel) {
1674 data->survey_data[idx].start =
1675 data->survey_data[idx].next_start;
1676 data->survey_data[idx].end = jiffies;
1677 break;
1678 }
1679 }
1680
1681 data->channel = conf->chandef.chan;
1682
1683 for (idx = 0; idx < ARRAY_SIZE(data->survey_data); idx++) {
1684 if (data->survey_data[idx].channel &&
1685 data->survey_data[idx].channel != data->channel)
1686 continue;
1687 data->survey_data[idx].channel = data->channel;
1688 data->survey_data[idx].next_start = jiffies;
1689 break;
1690 }
1691 } else {
1692 data->channel = conf->chandef.chan;
1693 }
1694 mutex_unlock(&data->mutex);
1695
1696 if (!data->started || !data->beacon_int)
1697 hrtimer_cancel(&data->beacon_timer);
1698 else if (!hrtimer_is_queued(&data->beacon_timer)) {
1699 u64 tsf = mac80211_hwsim_get_tsf(hw, NULL);
1700 u32 bcn_int = data->beacon_int;
1701 u64 until_tbtt = bcn_int - do_div(tsf, bcn_int);
1702
1703 hrtimer_start(&data->beacon_timer,
1704 ns_to_ktime(until_tbtt * NSEC_PER_USEC),
1705 HRTIMER_MODE_REL_SOFT);
1706 }
1707
1708 return 0;
1709}
1710
1711
1712static void mac80211_hwsim_configure_filter(struct ieee80211_hw *hw,
1713 unsigned int changed_flags,
1714 unsigned int *total_flags,u64 multicast)
1715{
1716 struct mac80211_hwsim_data *data = hw->priv;
1717
1718 wiphy_dbg(hw->wiphy, "%s\n", __func__);
1719
1720 data->rx_filter = 0;
1721 if (*total_flags & FIF_ALLMULTI)
1722 data->rx_filter |= FIF_ALLMULTI;
1723
1724 *total_flags = data->rx_filter;
1725}
1726
1727static void mac80211_hwsim_bcn_en_iter(void *data, u8 *mac,
1728 struct ieee80211_vif *vif)
1729{
1730 unsigned int *count = data;
1731 struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
1732
1733 if (vp->bcn_en)
1734 (*count)++;
1735}
1736
1737static void mac80211_hwsim_bss_info_changed(struct ieee80211_hw *hw,
1738 struct ieee80211_vif *vif,
1739 struct ieee80211_bss_conf *info,
1740 u32 changed)
1741{
1742 struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
1743 struct mac80211_hwsim_data *data = hw->priv;
1744
1745 hwsim_check_magic(vif);
1746
1747 wiphy_dbg(hw->wiphy, "%s(changed=0x%x vif->addr=%pM)\n",
1748 __func__, changed, vif->addr);
1749
1750 if (changed & BSS_CHANGED_BSSID) {
1751 wiphy_dbg(hw->wiphy, "%s: BSSID changed: %pM\n",
1752 __func__, info->bssid);
1753 memcpy(vp->bssid, info->bssid, ETH_ALEN);
1754 }
1755
1756 if (changed & BSS_CHANGED_ASSOC) {
1757 wiphy_dbg(hw->wiphy, " ASSOC: assoc=%d aid=%d\n",
1758 info->assoc, info->aid);
1759 vp->assoc = info->assoc;
1760 vp->aid = info->aid;
1761 }
1762
1763 if (changed & BSS_CHANGED_BEACON_ENABLED) {
1764 wiphy_dbg(hw->wiphy, " BCN EN: %d (BI=%u)\n",
1765 info->enable_beacon, info->beacon_int);
1766 vp->bcn_en = info->enable_beacon;
1767 if (data->started &&
1768 !hrtimer_is_queued(&data->beacon_timer) &&
1769 info->enable_beacon) {
1770 u64 tsf, until_tbtt;
1771 u32 bcn_int;
1772 data->beacon_int = info->beacon_int * 1024;
1773 tsf = mac80211_hwsim_get_tsf(hw, vif);
1774 bcn_int = data->beacon_int;
1775 until_tbtt = bcn_int - do_div(tsf, bcn_int);
1776
1777 hrtimer_start(&data->beacon_timer,
1778 ns_to_ktime(until_tbtt * NSEC_PER_USEC),
1779 HRTIMER_MODE_REL_SOFT);
1780 } else if (!info->enable_beacon) {
1781 unsigned int count = 0;
1782 ieee80211_iterate_active_interfaces_atomic(
1783 data->hw, IEEE80211_IFACE_ITER_NORMAL,
1784 mac80211_hwsim_bcn_en_iter, &count);
1785 wiphy_dbg(hw->wiphy, " beaconing vifs remaining: %u",
1786 count);
1787 if (count == 0) {
1788 hrtimer_cancel(&data->beacon_timer);
1789 data->beacon_int = 0;
1790 }
1791 }
1792 }
1793
1794 if (changed & BSS_CHANGED_ERP_CTS_PROT) {
1795 wiphy_dbg(hw->wiphy, " ERP_CTS_PROT: %d\n",
1796 info->use_cts_prot);
1797 }
1798
1799 if (changed & BSS_CHANGED_ERP_PREAMBLE) {
1800 wiphy_dbg(hw->wiphy, " ERP_PREAMBLE: %d\n",
1801 info->use_short_preamble);
1802 }
1803
1804 if (changed & BSS_CHANGED_ERP_SLOT) {
1805 wiphy_dbg(hw->wiphy, " ERP_SLOT: %d\n", info->use_short_slot);
1806 }
1807
1808 if (changed & BSS_CHANGED_HT) {
1809 wiphy_dbg(hw->wiphy, " HT: op_mode=0x%x\n",
1810 info->ht_operation_mode);
1811 }
1812
1813 if (changed & BSS_CHANGED_BASIC_RATES) {
1814 wiphy_dbg(hw->wiphy, " BASIC_RATES: 0x%llx\n",
1815 (unsigned long long) info->basic_rates);
1816 }
1817
1818 if (changed & BSS_CHANGED_TXPOWER)
1819 wiphy_dbg(hw->wiphy, " TX Power: %d dBm\n", info->txpower);
1820}
1821
1822static int mac80211_hwsim_sta_add(struct ieee80211_hw *hw,
1823 struct ieee80211_vif *vif,
1824 struct ieee80211_sta *sta)
1825{
1826 hwsim_check_magic(vif);
1827 hwsim_set_sta_magic(sta);
1828
1829 return 0;
1830}
1831
1832static int mac80211_hwsim_sta_remove(struct ieee80211_hw *hw,
1833 struct ieee80211_vif *vif,
1834 struct ieee80211_sta *sta)
1835{
1836 hwsim_check_magic(vif);
1837 hwsim_clear_sta_magic(sta);
1838
1839 return 0;
1840}
1841
1842static void mac80211_hwsim_sta_notify(struct ieee80211_hw *hw,
1843 struct ieee80211_vif *vif,
1844 enum sta_notify_cmd cmd,
1845 struct ieee80211_sta *sta)
1846{
1847 hwsim_check_magic(vif);
1848
1849 switch (cmd) {
1850 case STA_NOTIFY_SLEEP:
1851 case STA_NOTIFY_AWAKE:
1852
1853 break;
1854 default:
1855 WARN(1, "Invalid sta notify: %d\n", cmd);
1856 break;
1857 }
1858}
1859
1860static int mac80211_hwsim_set_tim(struct ieee80211_hw *hw,
1861 struct ieee80211_sta *sta,
1862 bool set)
1863{
1864 hwsim_check_sta_magic(sta);
1865 return 0;
1866}
1867
1868static int mac80211_hwsim_conf_tx(
1869 struct ieee80211_hw *hw,
1870 struct ieee80211_vif *vif, u16 queue,
1871 const struct ieee80211_tx_queue_params *params)
1872{
1873 wiphy_dbg(hw->wiphy,
1874 "%s (queue=%d txop=%d cw_min=%d cw_max=%d aifs=%d)\n",
1875 __func__, queue,
1876 params->txop, params->cw_min,
1877 params->cw_max, params->aifs);
1878 return 0;
1879}
1880
1881static int mac80211_hwsim_get_survey(struct ieee80211_hw *hw, int idx,
1882 struct survey_info *survey)
1883{
1884 struct mac80211_hwsim_data *hwsim = hw->priv;
1885
1886 if (idx < 0 || idx >= ARRAY_SIZE(hwsim->survey_data))
1887 return -ENOENT;
1888
1889 mutex_lock(&hwsim->mutex);
1890 survey->channel = hwsim->survey_data[idx].channel;
1891 if (!survey->channel) {
1892 mutex_unlock(&hwsim->mutex);
1893 return -ENOENT;
1894 }
1895
1896
1897
1898
1899
1900
1901
1902 survey->filled = SURVEY_INFO_NOISE_DBM |
1903 SURVEY_INFO_TIME |
1904 SURVEY_INFO_TIME_BUSY;
1905 survey->noise = -92;
1906 survey->time =
1907 jiffies_to_msecs(hwsim->survey_data[idx].end -
1908 hwsim->survey_data[idx].start);
1909
1910 survey->time_busy = survey->time/8;
1911 mutex_unlock(&hwsim->mutex);
1912
1913 return 0;
1914}
1915
1916#ifdef CONFIG_NL80211_TESTMODE
1917
1918
1919
1920
1921
1922
1923enum hwsim_testmode_attr {
1924 __HWSIM_TM_ATTR_INVALID = 0,
1925 HWSIM_TM_ATTR_CMD = 1,
1926 HWSIM_TM_ATTR_PS = 2,
1927
1928
1929 __HWSIM_TM_ATTR_AFTER_LAST,
1930 HWSIM_TM_ATTR_MAX = __HWSIM_TM_ATTR_AFTER_LAST - 1
1931};
1932
1933enum hwsim_testmode_cmd {
1934 HWSIM_TM_CMD_SET_PS = 0,
1935 HWSIM_TM_CMD_GET_PS = 1,
1936 HWSIM_TM_CMD_STOP_QUEUES = 2,
1937 HWSIM_TM_CMD_WAKE_QUEUES = 3,
1938};
1939
1940static const struct nla_policy hwsim_testmode_policy[HWSIM_TM_ATTR_MAX + 1] = {
1941 [HWSIM_TM_ATTR_CMD] = { .type = NLA_U32 },
1942 [HWSIM_TM_ATTR_PS] = { .type = NLA_U32 },
1943};
1944
1945static int mac80211_hwsim_testmode_cmd(struct ieee80211_hw *hw,
1946 struct ieee80211_vif *vif,
1947 void *data, int len)
1948{
1949 struct mac80211_hwsim_data *hwsim = hw->priv;
1950 struct nlattr *tb[HWSIM_TM_ATTR_MAX + 1];
1951 struct sk_buff *skb;
1952 int err, ps;
1953
1954 err = nla_parse_deprecated(tb, HWSIM_TM_ATTR_MAX, data, len,
1955 hwsim_testmode_policy, NULL);
1956 if (err)
1957 return err;
1958
1959 if (!tb[HWSIM_TM_ATTR_CMD])
1960 return -EINVAL;
1961
1962 switch (nla_get_u32(tb[HWSIM_TM_ATTR_CMD])) {
1963 case HWSIM_TM_CMD_SET_PS:
1964 if (!tb[HWSIM_TM_ATTR_PS])
1965 return -EINVAL;
1966 ps = nla_get_u32(tb[HWSIM_TM_ATTR_PS]);
1967 return hwsim_fops_ps_write(hwsim, ps);
1968 case HWSIM_TM_CMD_GET_PS:
1969 skb = cfg80211_testmode_alloc_reply_skb(hw->wiphy,
1970 nla_total_size(sizeof(u32)));
1971 if (!skb)
1972 return -ENOMEM;
1973 if (nla_put_u32(skb, HWSIM_TM_ATTR_PS, hwsim->ps))
1974 goto nla_put_failure;
1975 return cfg80211_testmode_reply(skb);
1976 case HWSIM_TM_CMD_STOP_QUEUES:
1977 ieee80211_stop_queues(hw);
1978 return 0;
1979 case HWSIM_TM_CMD_WAKE_QUEUES:
1980 ieee80211_wake_queues(hw);
1981 return 0;
1982 default:
1983 return -EOPNOTSUPP;
1984 }
1985
1986 nla_put_failure:
1987 kfree_skb(skb);
1988 return -ENOBUFS;
1989}
1990#endif
1991
1992static int mac80211_hwsim_ampdu_action(struct ieee80211_hw *hw,
1993 struct ieee80211_vif *vif,
1994 struct ieee80211_ampdu_params *params)
1995{
1996 struct ieee80211_sta *sta = params->sta;
1997 enum ieee80211_ampdu_mlme_action action = params->action;
1998 u16 tid = params->tid;
1999
2000 switch (action) {
2001 case IEEE80211_AMPDU_TX_START:
2002 return IEEE80211_AMPDU_TX_START_IMMEDIATE;
2003 case IEEE80211_AMPDU_TX_STOP_CONT:
2004 case IEEE80211_AMPDU_TX_STOP_FLUSH:
2005 case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
2006 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
2007 break;
2008 case IEEE80211_AMPDU_TX_OPERATIONAL:
2009 break;
2010 case IEEE80211_AMPDU_RX_START:
2011 case IEEE80211_AMPDU_RX_STOP:
2012 break;
2013 default:
2014 return -EOPNOTSUPP;
2015 }
2016
2017 return 0;
2018}
2019
2020static void mac80211_hwsim_flush(struct ieee80211_hw *hw,
2021 struct ieee80211_vif *vif,
2022 u32 queues, bool drop)
2023{
2024
2025}
2026
2027static void hw_scan_work(struct work_struct *work)
2028{
2029 struct mac80211_hwsim_data *hwsim =
2030 container_of(work, struct mac80211_hwsim_data, hw_scan.work);
2031 struct cfg80211_scan_request *req = hwsim->hw_scan_request;
2032 int dwell, i;
2033
2034 mutex_lock(&hwsim->mutex);
2035 if (hwsim->scan_chan_idx >= req->n_channels) {
2036 struct cfg80211_scan_info info = {
2037 .aborted = false,
2038 };
2039
2040 wiphy_dbg(hwsim->hw->wiphy, "hw scan complete\n");
2041 ieee80211_scan_completed(hwsim->hw, &info);
2042 hwsim->hw_scan_request = NULL;
2043 hwsim->hw_scan_vif = NULL;
2044 hwsim->tmp_chan = NULL;
2045 mutex_unlock(&hwsim->mutex);
2046 return;
2047 }
2048
2049 wiphy_dbg(hwsim->hw->wiphy, "hw scan %d MHz\n",
2050 req->channels[hwsim->scan_chan_idx]->center_freq);
2051
2052 hwsim->tmp_chan = req->channels[hwsim->scan_chan_idx];
2053 if (hwsim->tmp_chan->flags & (IEEE80211_CHAN_NO_IR |
2054 IEEE80211_CHAN_RADAR) ||
2055 !req->n_ssids) {
2056 dwell = 120;
2057 } else {
2058 dwell = 30;
2059
2060 for (i = 0; i < req->n_ssids; i++) {
2061 struct sk_buff *probe;
2062 struct ieee80211_mgmt *mgmt;
2063
2064 probe = ieee80211_probereq_get(hwsim->hw,
2065 hwsim->scan_addr,
2066 req->ssids[i].ssid,
2067 req->ssids[i].ssid_len,
2068 req->ie_len);
2069 if (!probe)
2070 continue;
2071
2072 mgmt = (struct ieee80211_mgmt *) probe->data;
2073 memcpy(mgmt->da, req->bssid, ETH_ALEN);
2074 memcpy(mgmt->bssid, req->bssid, ETH_ALEN);
2075
2076 if (req->ie_len)
2077 skb_put_data(probe, req->ie, req->ie_len);
2078
2079 local_bh_disable();
2080 mac80211_hwsim_tx_frame(hwsim->hw, probe,
2081 hwsim->tmp_chan);
2082 local_bh_enable();
2083 }
2084 }
2085 ieee80211_queue_delayed_work(hwsim->hw, &hwsim->hw_scan,
2086 msecs_to_jiffies(dwell));
2087 hwsim->survey_data[hwsim->scan_chan_idx].channel = hwsim->tmp_chan;
2088 hwsim->survey_data[hwsim->scan_chan_idx].start = jiffies;
2089 hwsim->survey_data[hwsim->scan_chan_idx].end =
2090 jiffies + msecs_to_jiffies(dwell);
2091 hwsim->scan_chan_idx++;
2092 mutex_unlock(&hwsim->mutex);
2093}
2094
2095static int mac80211_hwsim_hw_scan(struct ieee80211_hw *hw,
2096 struct ieee80211_vif *vif,
2097 struct ieee80211_scan_request *hw_req)
2098{
2099 struct mac80211_hwsim_data *hwsim = hw->priv;
2100 struct cfg80211_scan_request *req = &hw_req->req;
2101
2102 mutex_lock(&hwsim->mutex);
2103 if (WARN_ON(hwsim->tmp_chan || hwsim->hw_scan_request)) {
2104 mutex_unlock(&hwsim->mutex);
2105 return -EBUSY;
2106 }
2107 hwsim->hw_scan_request = req;
2108 hwsim->hw_scan_vif = vif;
2109 hwsim->scan_chan_idx = 0;
2110 if (req->flags & NL80211_SCAN_FLAG_RANDOM_ADDR)
2111 get_random_mask_addr(hwsim->scan_addr,
2112 hw_req->req.mac_addr,
2113 hw_req->req.mac_addr_mask);
2114 else
2115 memcpy(hwsim->scan_addr, vif->addr, ETH_ALEN);
2116 memset(hwsim->survey_data, 0, sizeof(hwsim->survey_data));
2117 mutex_unlock(&hwsim->mutex);
2118
2119 wiphy_dbg(hw->wiphy, "hwsim hw_scan request\n");
2120
2121 ieee80211_queue_delayed_work(hwsim->hw, &hwsim->hw_scan, 0);
2122
2123 return 0;
2124}
2125
2126static void mac80211_hwsim_cancel_hw_scan(struct ieee80211_hw *hw,
2127 struct ieee80211_vif *vif)
2128{
2129 struct mac80211_hwsim_data *hwsim = hw->priv;
2130 struct cfg80211_scan_info info = {
2131 .aborted = true,
2132 };
2133
2134 wiphy_dbg(hw->wiphy, "hwsim cancel_hw_scan\n");
2135
2136 cancel_delayed_work_sync(&hwsim->hw_scan);
2137
2138 mutex_lock(&hwsim->mutex);
2139 ieee80211_scan_completed(hwsim->hw, &info);
2140 hwsim->tmp_chan = NULL;
2141 hwsim->hw_scan_request = NULL;
2142 hwsim->hw_scan_vif = NULL;
2143 mutex_unlock(&hwsim->mutex);
2144}
2145
2146static void mac80211_hwsim_sw_scan(struct ieee80211_hw *hw,
2147 struct ieee80211_vif *vif,
2148 const u8 *mac_addr)
2149{
2150 struct mac80211_hwsim_data *hwsim = hw->priv;
2151
2152 mutex_lock(&hwsim->mutex);
2153
2154 if (hwsim->scanning) {
2155 pr_debug("two hwsim sw_scans detected!\n");
2156 goto out;
2157 }
2158
2159 pr_debug("hwsim sw_scan request, prepping stuff\n");
2160
2161 memcpy(hwsim->scan_addr, mac_addr, ETH_ALEN);
2162 hwsim->scanning = true;
2163 memset(hwsim->survey_data, 0, sizeof(hwsim->survey_data));
2164
2165out:
2166 mutex_unlock(&hwsim->mutex);
2167}
2168
2169static void mac80211_hwsim_sw_scan_complete(struct ieee80211_hw *hw,
2170 struct ieee80211_vif *vif)
2171{
2172 struct mac80211_hwsim_data *hwsim = hw->priv;
2173
2174 mutex_lock(&hwsim->mutex);
2175
2176 pr_debug("hwsim sw_scan_complete\n");
2177 hwsim->scanning = false;
2178 eth_zero_addr(hwsim->scan_addr);
2179
2180 mutex_unlock(&hwsim->mutex);
2181}
2182
2183static void hw_roc_start(struct work_struct *work)
2184{
2185 struct mac80211_hwsim_data *hwsim =
2186 container_of(work, struct mac80211_hwsim_data, roc_start.work);
2187
2188 mutex_lock(&hwsim->mutex);
2189
2190 wiphy_dbg(hwsim->hw->wiphy, "hwsim ROC begins\n");
2191 hwsim->tmp_chan = hwsim->roc_chan;
2192 ieee80211_ready_on_channel(hwsim->hw);
2193
2194 ieee80211_queue_delayed_work(hwsim->hw, &hwsim->roc_done,
2195 msecs_to_jiffies(hwsim->roc_duration));
2196
2197 mutex_unlock(&hwsim->mutex);
2198}
2199
2200static void hw_roc_done(struct work_struct *work)
2201{
2202 struct mac80211_hwsim_data *hwsim =
2203 container_of(work, struct mac80211_hwsim_data, roc_done.work);
2204
2205 mutex_lock(&hwsim->mutex);
2206 ieee80211_remain_on_channel_expired(hwsim->hw);
2207 hwsim->tmp_chan = NULL;
2208 mutex_unlock(&hwsim->mutex);
2209
2210 wiphy_dbg(hwsim->hw->wiphy, "hwsim ROC expired\n");
2211}
2212
2213static int mac80211_hwsim_roc(struct ieee80211_hw *hw,
2214 struct ieee80211_vif *vif,
2215 struct ieee80211_channel *chan,
2216 int duration,
2217 enum ieee80211_roc_type type)
2218{
2219 struct mac80211_hwsim_data *hwsim = hw->priv;
2220
2221 mutex_lock(&hwsim->mutex);
2222 if (WARN_ON(hwsim->tmp_chan || hwsim->hw_scan_request)) {
2223 mutex_unlock(&hwsim->mutex);
2224 return -EBUSY;
2225 }
2226
2227 hwsim->roc_chan = chan;
2228 hwsim->roc_duration = duration;
2229 mutex_unlock(&hwsim->mutex);
2230
2231 wiphy_dbg(hw->wiphy, "hwsim ROC (%d MHz, %d ms)\n",
2232 chan->center_freq, duration);
2233 ieee80211_queue_delayed_work(hw, &hwsim->roc_start, HZ/50);
2234
2235 return 0;
2236}
2237
2238static int mac80211_hwsim_croc(struct ieee80211_hw *hw,
2239 struct ieee80211_vif *vif)
2240{
2241 struct mac80211_hwsim_data *hwsim = hw->priv;
2242
2243 cancel_delayed_work_sync(&hwsim->roc_start);
2244 cancel_delayed_work_sync(&hwsim->roc_done);
2245
2246 mutex_lock(&hwsim->mutex);
2247 hwsim->tmp_chan = NULL;
2248 mutex_unlock(&hwsim->mutex);
2249
2250 wiphy_dbg(hw->wiphy, "hwsim ROC canceled\n");
2251
2252 return 0;
2253}
2254
2255static int mac80211_hwsim_add_chanctx(struct ieee80211_hw *hw,
2256 struct ieee80211_chanctx_conf *ctx)
2257{
2258 hwsim_set_chanctx_magic(ctx);
2259 wiphy_dbg(hw->wiphy,
2260 "add channel context control: %d MHz/width: %d/cfreqs:%d/%d MHz\n",
2261 ctx->def.chan->center_freq, ctx->def.width,
2262 ctx->def.center_freq1, ctx->def.center_freq2);
2263 return 0;
2264}
2265
2266static void mac80211_hwsim_remove_chanctx(struct ieee80211_hw *hw,
2267 struct ieee80211_chanctx_conf *ctx)
2268{
2269 wiphy_dbg(hw->wiphy,
2270 "remove channel context control: %d MHz/width: %d/cfreqs:%d/%d MHz\n",
2271 ctx->def.chan->center_freq, ctx->def.width,
2272 ctx->def.center_freq1, ctx->def.center_freq2);
2273 hwsim_check_chanctx_magic(ctx);
2274 hwsim_clear_chanctx_magic(ctx);
2275}
2276
2277static void mac80211_hwsim_change_chanctx(struct ieee80211_hw *hw,
2278 struct ieee80211_chanctx_conf *ctx,
2279 u32 changed)
2280{
2281 hwsim_check_chanctx_magic(ctx);
2282 wiphy_dbg(hw->wiphy,
2283 "change channel context control: %d MHz/width: %d/cfreqs:%d/%d MHz\n",
2284 ctx->def.chan->center_freq, ctx->def.width,
2285 ctx->def.center_freq1, ctx->def.center_freq2);
2286}
2287
2288static int mac80211_hwsim_assign_vif_chanctx(struct ieee80211_hw *hw,
2289 struct ieee80211_vif *vif,
2290 struct ieee80211_chanctx_conf *ctx)
2291{
2292 hwsim_check_magic(vif);
2293 hwsim_check_chanctx_magic(ctx);
2294
2295 return 0;
2296}
2297
2298static void mac80211_hwsim_unassign_vif_chanctx(struct ieee80211_hw *hw,
2299 struct ieee80211_vif *vif,
2300 struct ieee80211_chanctx_conf *ctx)
2301{
2302 hwsim_check_magic(vif);
2303 hwsim_check_chanctx_magic(ctx);
2304}
2305
2306static const char mac80211_hwsim_gstrings_stats[][ETH_GSTRING_LEN] = {
2307 "tx_pkts_nic",
2308 "tx_bytes_nic",
2309 "rx_pkts_nic",
2310 "rx_bytes_nic",
2311 "d_tx_dropped",
2312 "d_tx_failed",
2313 "d_ps_mode",
2314 "d_group",
2315};
2316
2317#define MAC80211_HWSIM_SSTATS_LEN ARRAY_SIZE(mac80211_hwsim_gstrings_stats)
2318
2319static void mac80211_hwsim_get_et_strings(struct ieee80211_hw *hw,
2320 struct ieee80211_vif *vif,
2321 u32 sset, u8 *data)
2322{
2323 if (sset == ETH_SS_STATS)
2324 memcpy(data, *mac80211_hwsim_gstrings_stats,
2325 sizeof(mac80211_hwsim_gstrings_stats));
2326}
2327
2328static int mac80211_hwsim_get_et_sset_count(struct ieee80211_hw *hw,
2329 struct ieee80211_vif *vif, int sset)
2330{
2331 if (sset == ETH_SS_STATS)
2332 return MAC80211_HWSIM_SSTATS_LEN;
2333 return 0;
2334}
2335
2336static void mac80211_hwsim_get_et_stats(struct ieee80211_hw *hw,
2337 struct ieee80211_vif *vif,
2338 struct ethtool_stats *stats, u64 *data)
2339{
2340 struct mac80211_hwsim_data *ar = hw->priv;
2341 int i = 0;
2342
2343 data[i++] = ar->tx_pkts;
2344 data[i++] = ar->tx_bytes;
2345 data[i++] = ar->rx_pkts;
2346 data[i++] = ar->rx_bytes;
2347 data[i++] = ar->tx_dropped;
2348 data[i++] = ar->tx_failed;
2349 data[i++] = ar->ps;
2350 data[i++] = ar->group;
2351
2352 WARN_ON(i != MAC80211_HWSIM_SSTATS_LEN);
2353}
2354
2355#define HWSIM_COMMON_OPS \
2356 .tx = mac80211_hwsim_tx, \
2357 .start = mac80211_hwsim_start, \
2358 .stop = mac80211_hwsim_stop, \
2359 .add_interface = mac80211_hwsim_add_interface, \
2360 .change_interface = mac80211_hwsim_change_interface, \
2361 .remove_interface = mac80211_hwsim_remove_interface, \
2362 .config = mac80211_hwsim_config, \
2363 .configure_filter = mac80211_hwsim_configure_filter, \
2364 .bss_info_changed = mac80211_hwsim_bss_info_changed, \
2365 .sta_add = mac80211_hwsim_sta_add, \
2366 .sta_remove = mac80211_hwsim_sta_remove, \
2367 .sta_notify = mac80211_hwsim_sta_notify, \
2368 .set_tim = mac80211_hwsim_set_tim, \
2369 .conf_tx = mac80211_hwsim_conf_tx, \
2370 .get_survey = mac80211_hwsim_get_survey, \
2371 CFG80211_TESTMODE_CMD(mac80211_hwsim_testmode_cmd) \
2372 .ampdu_action = mac80211_hwsim_ampdu_action, \
2373 .flush = mac80211_hwsim_flush, \
2374 .get_tsf = mac80211_hwsim_get_tsf, \
2375 .set_tsf = mac80211_hwsim_set_tsf, \
2376 .get_et_sset_count = mac80211_hwsim_get_et_sset_count, \
2377 .get_et_stats = mac80211_hwsim_get_et_stats, \
2378 .get_et_strings = mac80211_hwsim_get_et_strings,
2379
2380static const struct ieee80211_ops mac80211_hwsim_ops = {
2381 HWSIM_COMMON_OPS
2382 .sw_scan_start = mac80211_hwsim_sw_scan,
2383 .sw_scan_complete = mac80211_hwsim_sw_scan_complete,
2384};
2385
2386static const struct ieee80211_ops mac80211_hwsim_mchan_ops = {
2387 HWSIM_COMMON_OPS
2388 .hw_scan = mac80211_hwsim_hw_scan,
2389 .cancel_hw_scan = mac80211_hwsim_cancel_hw_scan,
2390 .sw_scan_start = NULL,
2391 .sw_scan_complete = NULL,
2392 .remain_on_channel = mac80211_hwsim_roc,
2393 .cancel_remain_on_channel = mac80211_hwsim_croc,
2394 .add_chanctx = mac80211_hwsim_add_chanctx,
2395 .remove_chanctx = mac80211_hwsim_remove_chanctx,
2396 .change_chanctx = mac80211_hwsim_change_chanctx,
2397 .assign_vif_chanctx = mac80211_hwsim_assign_vif_chanctx,
2398 .unassign_vif_chanctx = mac80211_hwsim_unassign_vif_chanctx,
2399};
2400
2401struct hwsim_new_radio_params {
2402 unsigned int channels;
2403 const char *reg_alpha2;
2404 const struct ieee80211_regdomain *regd;
2405 bool reg_strict;
2406 bool p2p_device;
2407 bool use_chanctx;
2408 bool destroy_on_close;
2409 const char *hwname;
2410 bool no_vif;
2411 const u8 *perm_addr;
2412};
2413
2414static void hwsim_mcast_config_msg(struct sk_buff *mcast_skb,
2415 struct genl_info *info)
2416{
2417 if (info)
2418 genl_notify(&hwsim_genl_family, mcast_skb, info,
2419 HWSIM_MCGRP_CONFIG, GFP_KERNEL);
2420 else
2421 genlmsg_multicast(&hwsim_genl_family, mcast_skb, 0,
2422 HWSIM_MCGRP_CONFIG, GFP_KERNEL);
2423}
2424
2425static int append_radio_msg(struct sk_buff *skb, int id,
2426 struct hwsim_new_radio_params *param)
2427{
2428 int ret;
2429
2430 ret = nla_put_u32(skb, HWSIM_ATTR_RADIO_ID, id);
2431 if (ret < 0)
2432 return ret;
2433
2434 if (param->channels) {
2435 ret = nla_put_u32(skb, HWSIM_ATTR_CHANNELS, param->channels);
2436 if (ret < 0)
2437 return ret;
2438 }
2439
2440 if (param->reg_alpha2) {
2441 ret = nla_put(skb, HWSIM_ATTR_REG_HINT_ALPHA2, 2,
2442 param->reg_alpha2);
2443 if (ret < 0)
2444 return ret;
2445 }
2446
2447 if (param->regd) {
2448 int i;
2449
2450 for (i = 0; i < ARRAY_SIZE(hwsim_world_regdom_custom); i++) {
2451 if (hwsim_world_regdom_custom[i] != param->regd)
2452 continue;
2453
2454 ret = nla_put_u32(skb, HWSIM_ATTR_REG_CUSTOM_REG, i);
2455 if (ret < 0)
2456 return ret;
2457 break;
2458 }
2459 }
2460
2461 if (param->reg_strict) {
2462 ret = nla_put_flag(skb, HWSIM_ATTR_REG_STRICT_REG);
2463 if (ret < 0)
2464 return ret;
2465 }
2466
2467 if (param->p2p_device) {
2468 ret = nla_put_flag(skb, HWSIM_ATTR_SUPPORT_P2P_DEVICE);
2469 if (ret < 0)
2470 return ret;
2471 }
2472
2473 if (param->use_chanctx) {
2474 ret = nla_put_flag(skb, HWSIM_ATTR_USE_CHANCTX);
2475 if (ret < 0)
2476 return ret;
2477 }
2478
2479 if (param->hwname) {
2480 ret = nla_put(skb, HWSIM_ATTR_RADIO_NAME,
2481 strlen(param->hwname), param->hwname);
2482 if (ret < 0)
2483 return ret;
2484 }
2485
2486 return 0;
2487}
2488
2489static void hwsim_mcast_new_radio(int id, struct genl_info *info,
2490 struct hwsim_new_radio_params *param)
2491{
2492 struct sk_buff *mcast_skb;
2493 void *data;
2494
2495 mcast_skb = genlmsg_new(GENLMSG_DEFAULT_SIZE, GFP_KERNEL);
2496 if (!mcast_skb)
2497 return;
2498
2499 data = genlmsg_put(mcast_skb, 0, 0, &hwsim_genl_family, 0,
2500 HWSIM_CMD_NEW_RADIO);
2501 if (!data)
2502 goto out_err;
2503
2504 if (append_radio_msg(mcast_skb, id, param) < 0)
2505 goto out_err;
2506
2507 genlmsg_end(mcast_skb, data);
2508
2509 hwsim_mcast_config_msg(mcast_skb, info);
2510 return;
2511
2512out_err:
2513 nlmsg_free(mcast_skb);
2514}
2515
2516static int mac80211_hwsim_new_radio(struct genl_info *info,
2517 struct hwsim_new_radio_params *param)
2518{
2519 int err;
2520 u8 addr[ETH_ALEN];
2521 struct mac80211_hwsim_data *data;
2522 struct ieee80211_hw *hw;
2523 enum nl80211_band band;
2524 const struct ieee80211_ops *ops = &mac80211_hwsim_ops;
2525 struct net *net;
2526 int idx;
2527
2528 if (WARN_ON(param->channels > 1 && !param->use_chanctx))
2529 return -EINVAL;
2530
2531 spin_lock_bh(&hwsim_radio_lock);
2532 idx = hwsim_radio_idx++;
2533 spin_unlock_bh(&hwsim_radio_lock);
2534
2535 if (param->use_chanctx)
2536 ops = &mac80211_hwsim_mchan_ops;
2537 hw = ieee80211_alloc_hw_nm(sizeof(*data), ops, param->hwname);
2538 if (!hw) {
2539 pr_debug("mac80211_hwsim: ieee80211_alloc_hw failed\n");
2540 err = -ENOMEM;
2541 goto failed;
2542 }
2543
2544
2545 param->hwname = wiphy_name(hw->wiphy);
2546
2547 if (info)
2548 net = genl_info_net(info);
2549 else
2550 net = &init_net;
2551 wiphy_net_set(hw->wiphy, net);
2552
2553 data = hw->priv;
2554 data->hw = hw;
2555
2556 data->dev = device_create(hwsim_class, NULL, 0, hw, "hwsim%d", idx);
2557 if (IS_ERR(data->dev)) {
2558 printk(KERN_DEBUG
2559 "mac80211_hwsim: device_create failed (%ld)\n",
2560 PTR_ERR(data->dev));
2561 err = -ENOMEM;
2562 goto failed_drvdata;
2563 }
2564 data->dev->driver = &mac80211_hwsim_driver.driver;
2565 err = device_bind_driver(data->dev);
2566 if (err != 0) {
2567 pr_debug("mac80211_hwsim: device_bind_driver failed (%d)\n",
2568 err);
2569 goto failed_bind;
2570 }
2571
2572 skb_queue_head_init(&data->pending);
2573
2574 SET_IEEE80211_DEV(hw, data->dev);
2575 if (!param->perm_addr) {
2576 eth_zero_addr(addr);
2577 addr[0] = 0x02;
2578 addr[3] = idx >> 8;
2579 addr[4] = idx;
2580 memcpy(data->addresses[0].addr, addr, ETH_ALEN);
2581
2582 memcpy(data->addresses[1].addr, addr, ETH_ALEN);
2583 data->addresses[1].addr[0] |= 0x40;
2584 hw->wiphy->n_addresses = 2;
2585 hw->wiphy->addresses = data->addresses;
2586
2587 } else {
2588 memcpy(data->addresses[0].addr, param->perm_addr, ETH_ALEN);
2589
2590 memcpy(data->addresses[1].addr, param->perm_addr, ETH_ALEN);
2591 hw->wiphy->n_addresses = 2;
2592 hw->wiphy->addresses = data->addresses;
2593 }
2594
2595 data->channels = param->channels;
2596 data->use_chanctx = param->use_chanctx;
2597 data->idx = idx;
2598 data->destroy_on_close = param->destroy_on_close;
2599 if (info)
2600 data->portid = info->snd_portid;
2601
2602 if (data->use_chanctx) {
2603 hw->wiphy->max_scan_ssids = 255;
2604 hw->wiphy->max_scan_ie_len = IEEE80211_MAX_DATA_LEN;
2605 hw->wiphy->max_remain_on_channel_duration = 1000;
2606 hw->wiphy->iface_combinations = &data->if_combination;
2607 if (param->p2p_device)
2608 data->if_combination = hwsim_if_comb_p2p_dev[0];
2609 else
2610 data->if_combination = hwsim_if_comb[0];
2611 hw->wiphy->n_iface_combinations = 1;
2612
2613 data->if_combination.radar_detect_widths = 0;
2614 data->if_combination.num_different_channels = data->channels;
2615 } else if (param->p2p_device) {
2616 hw->wiphy->iface_combinations = hwsim_if_comb_p2p_dev;
2617 hw->wiphy->n_iface_combinations =
2618 ARRAY_SIZE(hwsim_if_comb_p2p_dev);
2619 } else {
2620 hw->wiphy->iface_combinations = hwsim_if_comb;
2621 hw->wiphy->n_iface_combinations = ARRAY_SIZE(hwsim_if_comb);
2622 }
2623
2624 INIT_DELAYED_WORK(&data->roc_start, hw_roc_start);
2625 INIT_DELAYED_WORK(&data->roc_done, hw_roc_done);
2626 INIT_DELAYED_WORK(&data->hw_scan, hw_scan_work);
2627
2628 hw->queues = 5;
2629 hw->offchannel_tx_hw_queue = 4;
2630 hw->wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) |
2631 BIT(NL80211_IFTYPE_AP) |
2632 BIT(NL80211_IFTYPE_P2P_CLIENT) |
2633 BIT(NL80211_IFTYPE_P2P_GO) |
2634 BIT(NL80211_IFTYPE_ADHOC) |
2635 BIT(NL80211_IFTYPE_MESH_POINT);
2636
2637 if (param->p2p_device)
2638 hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_P2P_DEVICE);
2639
2640 ieee80211_hw_set(hw, SUPPORT_FAST_XMIT);
2641 ieee80211_hw_set(hw, CHANCTX_STA_CSA);
2642 ieee80211_hw_set(hw, SUPPORTS_HT_CCK_RATES);
2643 ieee80211_hw_set(hw, QUEUE_CONTROL);
2644 ieee80211_hw_set(hw, WANT_MONITOR_VIF);
2645 ieee80211_hw_set(hw, AMPDU_AGGREGATION);
2646 ieee80211_hw_set(hw, MFP_CAPABLE);
2647 ieee80211_hw_set(hw, SIGNAL_DBM);
2648 ieee80211_hw_set(hw, SUPPORTS_PS);
2649 ieee80211_hw_set(hw, TDLS_WIDER_BW);
2650 if (rctbl)
2651 ieee80211_hw_set(hw, SUPPORTS_RC_TABLE);
2652
2653 hw->wiphy->flags |= WIPHY_FLAG_SUPPORTS_TDLS |
2654 WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL |
2655 WIPHY_FLAG_AP_UAPSD |
2656 WIPHY_FLAG_HAS_CHANNEL_SWITCH;
2657 hw->wiphy->features |= NL80211_FEATURE_ACTIVE_MONITOR |
2658 NL80211_FEATURE_AP_MODE_CHAN_WIDTH_CHANGE |
2659 NL80211_FEATURE_STATIC_SMPS |
2660 NL80211_FEATURE_DYNAMIC_SMPS |
2661 NL80211_FEATURE_SCAN_RANDOM_MAC_ADDR;
2662 wiphy_ext_feature_set(hw->wiphy, NL80211_EXT_FEATURE_VHT_IBSS);
2663
2664
2665 hw->vif_data_size = sizeof(struct hwsim_vif_priv);
2666 hw->sta_data_size = sizeof(struct hwsim_sta_priv);
2667 hw->chanctx_data_size = sizeof(struct hwsim_chanctx_priv);
2668
2669 memcpy(data->channels_2ghz, hwsim_channels_2ghz,
2670 sizeof(hwsim_channels_2ghz));
2671 memcpy(data->channels_5ghz, hwsim_channels_5ghz,
2672 sizeof(hwsim_channels_5ghz));
2673 memcpy(data->rates, hwsim_rates, sizeof(hwsim_rates));
2674
2675 for (band = NL80211_BAND_2GHZ; band < NUM_NL80211_BANDS; band++) {
2676 struct ieee80211_supported_band *sband = &data->bands[band];
2677 switch (band) {
2678 case NL80211_BAND_2GHZ:
2679 sband->channels = data->channels_2ghz;
2680 sband->n_channels = ARRAY_SIZE(hwsim_channels_2ghz);
2681 sband->bitrates = data->rates;
2682 sband->n_bitrates = ARRAY_SIZE(hwsim_rates);
2683 break;
2684 case NL80211_BAND_5GHZ:
2685 sband->channels = data->channels_5ghz;
2686 sband->n_channels = ARRAY_SIZE(hwsim_channels_5ghz);
2687 sband->bitrates = data->rates + 4;
2688 sband->n_bitrates = ARRAY_SIZE(hwsim_rates) - 4;
2689
2690 sband->vht_cap.vht_supported = true;
2691 sband->vht_cap.cap =
2692 IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_11454 |
2693 IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ |
2694 IEEE80211_VHT_CAP_RXLDPC |
2695 IEEE80211_VHT_CAP_SHORT_GI_80 |
2696 IEEE80211_VHT_CAP_SHORT_GI_160 |
2697 IEEE80211_VHT_CAP_TXSTBC |
2698 IEEE80211_VHT_CAP_RXSTBC_1 |
2699 IEEE80211_VHT_CAP_RXSTBC_2 |
2700 IEEE80211_VHT_CAP_RXSTBC_3 |
2701 IEEE80211_VHT_CAP_RXSTBC_4 |
2702 IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK;
2703 sband->vht_cap.vht_mcs.rx_mcs_map =
2704 cpu_to_le16(IEEE80211_VHT_MCS_SUPPORT_0_9 << 0 |
2705 IEEE80211_VHT_MCS_SUPPORT_0_9 << 2 |
2706 IEEE80211_VHT_MCS_SUPPORT_0_9 << 4 |
2707 IEEE80211_VHT_MCS_SUPPORT_0_9 << 6 |
2708 IEEE80211_VHT_MCS_SUPPORT_0_9 << 8 |
2709 IEEE80211_VHT_MCS_SUPPORT_0_9 << 10 |
2710 IEEE80211_VHT_MCS_SUPPORT_0_9 << 12 |
2711 IEEE80211_VHT_MCS_SUPPORT_0_9 << 14);
2712 sband->vht_cap.vht_mcs.tx_mcs_map =
2713 sband->vht_cap.vht_mcs.rx_mcs_map;
2714 break;
2715 default:
2716 continue;
2717 }
2718
2719 sband->ht_cap.ht_supported = true;
2720 sband->ht_cap.cap = IEEE80211_HT_CAP_SUP_WIDTH_20_40 |
2721 IEEE80211_HT_CAP_GRN_FLD |
2722 IEEE80211_HT_CAP_SGI_20 |
2723 IEEE80211_HT_CAP_SGI_40 |
2724 IEEE80211_HT_CAP_DSSSCCK40;
2725 sband->ht_cap.ampdu_factor = 0x3;
2726 sband->ht_cap.ampdu_density = 0x6;
2727 memset(&sband->ht_cap.mcs, 0,
2728 sizeof(sband->ht_cap.mcs));
2729 sband->ht_cap.mcs.rx_mask[0] = 0xff;
2730 sband->ht_cap.mcs.rx_mask[1] = 0xff;
2731 sband->ht_cap.mcs.tx_params = IEEE80211_HT_MCS_TX_DEFINED;
2732
2733 hw->wiphy->bands[band] = sband;
2734 }
2735
2736
2737 data->group = 1;
2738 mutex_init(&data->mutex);
2739
2740 data->netgroup = hwsim_net_get_netgroup(net);
2741 data->wmediumd = hwsim_net_get_wmediumd(net);
2742
2743
2744 hw->max_rates = 4;
2745 hw->max_rate_tries = 11;
2746
2747 hw->wiphy->vendor_commands = mac80211_hwsim_vendor_commands;
2748 hw->wiphy->n_vendor_commands =
2749 ARRAY_SIZE(mac80211_hwsim_vendor_commands);
2750 hw->wiphy->vendor_events = mac80211_hwsim_vendor_events;
2751 hw->wiphy->n_vendor_events = ARRAY_SIZE(mac80211_hwsim_vendor_events);
2752
2753 if (param->reg_strict)
2754 hw->wiphy->regulatory_flags |= REGULATORY_STRICT_REG;
2755 if (param->regd) {
2756 data->regd = param->regd;
2757 hw->wiphy->regulatory_flags |= REGULATORY_CUSTOM_REG;
2758 wiphy_apply_custom_regulatory(hw->wiphy, param->regd);
2759
2760 schedule_timeout_interruptible(1);
2761 }
2762
2763 if (param->no_vif)
2764 ieee80211_hw_set(hw, NO_AUTO_VIF);
2765
2766 wiphy_ext_feature_set(hw->wiphy, NL80211_EXT_FEATURE_CQM_RSSI_LIST);
2767
2768 hrtimer_init(&data->beacon_timer, CLOCK_MONOTONIC,
2769 HRTIMER_MODE_ABS_SOFT);
2770 data->beacon_timer.function = mac80211_hwsim_beacon;
2771
2772 err = ieee80211_register_hw(hw);
2773 if (err < 0) {
2774 pr_debug("mac80211_hwsim: ieee80211_register_hw failed (%d)\n",
2775 err);
2776 goto failed_hw;
2777 }
2778
2779 wiphy_dbg(hw->wiphy, "hwaddr %pM registered\n", hw->wiphy->perm_addr);
2780
2781 if (param->reg_alpha2) {
2782 data->alpha2[0] = param->reg_alpha2[0];
2783 data->alpha2[1] = param->reg_alpha2[1];
2784 regulatory_hint(hw->wiphy, param->reg_alpha2);
2785 }
2786
2787 data->debugfs = debugfs_create_dir("hwsim", hw->wiphy->debugfsdir);
2788 debugfs_create_file("ps", 0666, data->debugfs, data, &hwsim_fops_ps);
2789 debugfs_create_file("group", 0666, data->debugfs, data,
2790 &hwsim_fops_group);
2791 if (!data->use_chanctx)
2792 debugfs_create_file("dfs_simulate_radar", 0222,
2793 data->debugfs,
2794 data, &hwsim_simulate_radar);
2795
2796 spin_lock_bh(&hwsim_radio_lock);
2797 err = rhashtable_insert_fast(&hwsim_radios_rht, &data->rht,
2798 hwsim_rht_params);
2799 if (err < 0) {
2800 if (info) {
2801 GENL_SET_ERR_MSG(info, "perm addr already present");
2802 NL_SET_BAD_ATTR(info->extack,
2803 info->attrs[HWSIM_ATTR_PERM_ADDR]);
2804 }
2805 spin_unlock_bh(&hwsim_radio_lock);
2806 goto failed_final_insert;
2807 }
2808
2809 list_add_tail(&data->list, &hwsim_radios);
2810 hwsim_radios_generation++;
2811 spin_unlock_bh(&hwsim_radio_lock);
2812
2813 if (idx > 0)
2814 hwsim_mcast_new_radio(idx, info, param);
2815
2816 return idx;
2817
2818failed_final_insert:
2819 debugfs_remove_recursive(data->debugfs);
2820 ieee80211_unregister_hw(data->hw);
2821failed_hw:
2822 device_release_driver(data->dev);
2823failed_bind:
2824 device_unregister(data->dev);
2825failed_drvdata:
2826 ieee80211_free_hw(hw);
2827failed:
2828 return err;
2829}
2830
2831static void hwsim_mcast_del_radio(int id, const char *hwname,
2832 struct genl_info *info)
2833{
2834 struct sk_buff *skb;
2835 void *data;
2836 int ret;
2837
2838 skb = genlmsg_new(GENLMSG_DEFAULT_SIZE, GFP_KERNEL);
2839 if (!skb)
2840 return;
2841
2842 data = genlmsg_put(skb, 0, 0, &hwsim_genl_family, 0,
2843 HWSIM_CMD_DEL_RADIO);
2844 if (!data)
2845 goto error;
2846
2847 ret = nla_put_u32(skb, HWSIM_ATTR_RADIO_ID, id);
2848 if (ret < 0)
2849 goto error;
2850
2851 ret = nla_put(skb, HWSIM_ATTR_RADIO_NAME, strlen(hwname),
2852 hwname);
2853 if (ret < 0)
2854 goto error;
2855
2856 genlmsg_end(skb, data);
2857
2858 hwsim_mcast_config_msg(skb, info);
2859
2860 return;
2861
2862error:
2863 nlmsg_free(skb);
2864}
2865
2866static void mac80211_hwsim_del_radio(struct mac80211_hwsim_data *data,
2867 const char *hwname,
2868 struct genl_info *info)
2869{
2870 hwsim_mcast_del_radio(data->idx, hwname, info);
2871 debugfs_remove_recursive(data->debugfs);
2872 ieee80211_unregister_hw(data->hw);
2873 device_release_driver(data->dev);
2874 device_unregister(data->dev);
2875 ieee80211_free_hw(data->hw);
2876}
2877
2878static int mac80211_hwsim_get_radio(struct sk_buff *skb,
2879 struct mac80211_hwsim_data *data,
2880 u32 portid, u32 seq,
2881 struct netlink_callback *cb, int flags)
2882{
2883 void *hdr;
2884 struct hwsim_new_radio_params param = { };
2885 int res = -EMSGSIZE;
2886
2887 hdr = genlmsg_put(skb, portid, seq, &hwsim_genl_family, flags,
2888 HWSIM_CMD_GET_RADIO);
2889 if (!hdr)
2890 return -EMSGSIZE;
2891
2892 if (cb)
2893 genl_dump_check_consistent(cb, hdr);
2894
2895 if (data->alpha2[0] && data->alpha2[1])
2896 param.reg_alpha2 = data->alpha2;
2897
2898 param.reg_strict = !!(data->hw->wiphy->regulatory_flags &
2899 REGULATORY_STRICT_REG);
2900 param.p2p_device = !!(data->hw->wiphy->interface_modes &
2901 BIT(NL80211_IFTYPE_P2P_DEVICE));
2902 param.use_chanctx = data->use_chanctx;
2903 param.regd = data->regd;
2904 param.channels = data->channels;
2905 param.hwname = wiphy_name(data->hw->wiphy);
2906
2907 res = append_radio_msg(skb, data->idx, ¶m);
2908 if (res < 0)
2909 goto out_err;
2910
2911 genlmsg_end(skb, hdr);
2912 return 0;
2913
2914out_err:
2915 genlmsg_cancel(skb, hdr);
2916 return res;
2917}
2918
2919static void mac80211_hwsim_free(void)
2920{
2921 struct mac80211_hwsim_data *data;
2922
2923 spin_lock_bh(&hwsim_radio_lock);
2924 while ((data = list_first_entry_or_null(&hwsim_radios,
2925 struct mac80211_hwsim_data,
2926 list))) {
2927 list_del(&data->list);
2928 spin_unlock_bh(&hwsim_radio_lock);
2929 mac80211_hwsim_del_radio(data, wiphy_name(data->hw->wiphy),
2930 NULL);
2931 spin_lock_bh(&hwsim_radio_lock);
2932 }
2933 spin_unlock_bh(&hwsim_radio_lock);
2934 class_destroy(hwsim_class);
2935}
2936
2937static const struct net_device_ops hwsim_netdev_ops = {
2938 .ndo_start_xmit = hwsim_mon_xmit,
2939 .ndo_set_mac_address = eth_mac_addr,
2940 .ndo_validate_addr = eth_validate_addr,
2941};
2942
2943static void hwsim_mon_setup(struct net_device *dev)
2944{
2945 dev->netdev_ops = &hwsim_netdev_ops;
2946 dev->needs_free_netdev = true;
2947 ether_setup(dev);
2948 dev->priv_flags |= IFF_NO_QUEUE;
2949 dev->type = ARPHRD_IEEE80211_RADIOTAP;
2950 eth_zero_addr(dev->dev_addr);
2951 dev->dev_addr[0] = 0x12;
2952}
2953
2954static struct mac80211_hwsim_data *get_hwsim_data_ref_from_addr(const u8 *addr)
2955{
2956 return rhashtable_lookup_fast(&hwsim_radios_rht,
2957 addr,
2958 hwsim_rht_params);
2959}
2960
2961static void hwsim_register_wmediumd(struct net *net, u32 portid)
2962{
2963 struct mac80211_hwsim_data *data;
2964
2965 hwsim_net_set_wmediumd(net, portid);
2966
2967 spin_lock_bh(&hwsim_radio_lock);
2968 list_for_each_entry(data, &hwsim_radios, list) {
2969 if (data->netgroup == hwsim_net_get_netgroup(net))
2970 data->wmediumd = portid;
2971 }
2972 spin_unlock_bh(&hwsim_radio_lock);
2973}
2974
2975static int hwsim_tx_info_frame_received_nl(struct sk_buff *skb_2,
2976 struct genl_info *info)
2977{
2978
2979 struct ieee80211_hdr *hdr;
2980 struct mac80211_hwsim_data *data2;
2981 struct ieee80211_tx_info *txi;
2982 struct hwsim_tx_rate *tx_attempts;
2983 u64 ret_skb_cookie;
2984 struct sk_buff *skb, *tmp;
2985 const u8 *src;
2986 unsigned int hwsim_flags;
2987 int i;
2988 bool found = false;
2989
2990 if (!info->attrs[HWSIM_ATTR_ADDR_TRANSMITTER] ||
2991 !info->attrs[HWSIM_ATTR_FLAGS] ||
2992 !info->attrs[HWSIM_ATTR_COOKIE] ||
2993 !info->attrs[HWSIM_ATTR_SIGNAL] ||
2994 !info->attrs[HWSIM_ATTR_TX_INFO])
2995 goto out;
2996
2997 src = (void *)nla_data(info->attrs[HWSIM_ATTR_ADDR_TRANSMITTER]);
2998 hwsim_flags = nla_get_u32(info->attrs[HWSIM_ATTR_FLAGS]);
2999 ret_skb_cookie = nla_get_u64(info->attrs[HWSIM_ATTR_COOKIE]);
3000
3001 data2 = get_hwsim_data_ref_from_addr(src);
3002 if (!data2)
3003 goto out;
3004
3005 if (hwsim_net_get_netgroup(genl_info_net(info)) != data2->netgroup)
3006 goto out;
3007
3008 if (info->snd_portid != data2->wmediumd)
3009 goto out;
3010
3011
3012 skb_queue_walk_safe(&data2->pending, skb, tmp) {
3013 u64 skb_cookie;
3014
3015 txi = IEEE80211_SKB_CB(skb);
3016 skb_cookie = (u64)(uintptr_t)txi->rate_driver_data[0];
3017
3018 if (skb_cookie == ret_skb_cookie) {
3019 skb_unlink(skb, &data2->pending);
3020 found = true;
3021 break;
3022 }
3023 }
3024
3025
3026 if (!found)
3027 goto out;
3028
3029
3030
3031
3032 tx_attempts = (struct hwsim_tx_rate *)nla_data(
3033 info->attrs[HWSIM_ATTR_TX_INFO]);
3034
3035
3036 txi = IEEE80211_SKB_CB(skb);
3037
3038 ieee80211_tx_info_clear_status(txi);
3039
3040 for (i = 0; i < IEEE80211_TX_MAX_RATES; i++) {
3041 txi->status.rates[i].idx = tx_attempts[i].idx;
3042 txi->status.rates[i].count = tx_attempts[i].count;
3043 }
3044
3045 txi->status.ack_signal = nla_get_u32(info->attrs[HWSIM_ATTR_SIGNAL]);
3046
3047 if (!(hwsim_flags & HWSIM_TX_CTL_NO_ACK) &&
3048 (hwsim_flags & HWSIM_TX_STAT_ACK)) {
3049 if (skb->len >= 16) {
3050 hdr = (struct ieee80211_hdr *) skb->data;
3051 mac80211_hwsim_monitor_ack(data2->channel,
3052 hdr->addr2);
3053 }
3054 txi->flags |= IEEE80211_TX_STAT_ACK;
3055 }
3056 ieee80211_tx_status_irqsafe(data2->hw, skb);
3057 return 0;
3058out:
3059 return -EINVAL;
3060
3061}
3062
3063static int hwsim_cloned_frame_received_nl(struct sk_buff *skb_2,
3064 struct genl_info *info)
3065{
3066 struct mac80211_hwsim_data *data2;
3067 struct ieee80211_rx_status rx_status;
3068 const u8 *dst;
3069 int frame_data_len;
3070 void *frame_data;
3071 struct sk_buff *skb = NULL;
3072
3073 if (!info->attrs[HWSIM_ATTR_ADDR_RECEIVER] ||
3074 !info->attrs[HWSIM_ATTR_FRAME] ||
3075 !info->attrs[HWSIM_ATTR_RX_RATE] ||
3076 !info->attrs[HWSIM_ATTR_SIGNAL])
3077 goto out;
3078
3079 dst = (void *)nla_data(info->attrs[HWSIM_ATTR_ADDR_RECEIVER]);
3080 frame_data_len = nla_len(info->attrs[HWSIM_ATTR_FRAME]);
3081 frame_data = (void *)nla_data(info->attrs[HWSIM_ATTR_FRAME]);
3082
3083
3084 skb = alloc_skb(frame_data_len, GFP_KERNEL);
3085 if (skb == NULL)
3086 goto err;
3087
3088 if (frame_data_len > IEEE80211_MAX_DATA_LEN)
3089 goto err;
3090
3091
3092 skb_put_data(skb, frame_data, frame_data_len);
3093
3094 data2 = get_hwsim_data_ref_from_addr(dst);
3095 if (!data2)
3096 goto out;
3097
3098 if (hwsim_net_get_netgroup(genl_info_net(info)) != data2->netgroup)
3099 goto out;
3100
3101 if (info->snd_portid != data2->wmediumd)
3102 goto out;
3103
3104
3105
3106 if (data2->idle || !data2->started)
3107 goto out;
3108
3109
3110 memset(&rx_status, 0, sizeof(rx_status));
3111 if (info->attrs[HWSIM_ATTR_FREQ]) {
3112
3113
3114
3115
3116 mutex_lock(&data2->mutex);
3117 rx_status.freq = nla_get_u32(info->attrs[HWSIM_ATTR_FREQ]);
3118
3119 if (rx_status.freq != data2->channel->center_freq &&
3120 (!data2->tmp_chan ||
3121 rx_status.freq != data2->tmp_chan->center_freq)) {
3122 mutex_unlock(&data2->mutex);
3123 goto out;
3124 }
3125 mutex_unlock(&data2->mutex);
3126 } else {
3127 rx_status.freq = data2->channel->center_freq;
3128 }
3129
3130 rx_status.band = data2->channel->band;
3131 rx_status.rate_idx = nla_get_u32(info->attrs[HWSIM_ATTR_RX_RATE]);
3132 rx_status.signal = nla_get_u32(info->attrs[HWSIM_ATTR_SIGNAL]);
3133
3134 memcpy(IEEE80211_SKB_RXCB(skb), &rx_status, sizeof(rx_status));
3135 data2->rx_pkts++;
3136 data2->rx_bytes += skb->len;
3137 ieee80211_rx_irqsafe(data2->hw, skb);
3138
3139 return 0;
3140err:
3141 pr_debug("mac80211_hwsim: error occurred in %s\n", __func__);
3142out:
3143 dev_kfree_skb(skb);
3144 return -EINVAL;
3145}
3146
3147static int hwsim_register_received_nl(struct sk_buff *skb_2,
3148 struct genl_info *info)
3149{
3150 struct net *net = genl_info_net(info);
3151 struct mac80211_hwsim_data *data;
3152 int chans = 1;
3153
3154 spin_lock_bh(&hwsim_radio_lock);
3155 list_for_each_entry(data, &hwsim_radios, list)
3156 chans = max(chans, data->channels);
3157 spin_unlock_bh(&hwsim_radio_lock);
3158
3159
3160
3161
3162
3163
3164 if (chans > 1)
3165 return -EOPNOTSUPP;
3166
3167 if (hwsim_net_get_wmediumd(net))
3168 return -EBUSY;
3169
3170 hwsim_register_wmediumd(net, info->snd_portid);
3171
3172 pr_debug("mac80211_hwsim: received a REGISTER, "
3173 "switching to wmediumd mode with pid %d\n", info->snd_portid);
3174
3175 return 0;
3176}
3177
3178static int hwsim_new_radio_nl(struct sk_buff *msg, struct genl_info *info)
3179{
3180 struct hwsim_new_radio_params param = { 0 };
3181 const char *hwname = NULL;
3182 int ret;
3183
3184 param.reg_strict = info->attrs[HWSIM_ATTR_REG_STRICT_REG];
3185 param.p2p_device = info->attrs[HWSIM_ATTR_SUPPORT_P2P_DEVICE];
3186 param.channels = channels;
3187 param.destroy_on_close =
3188 info->attrs[HWSIM_ATTR_DESTROY_RADIO_ON_CLOSE];
3189
3190 if (info->attrs[HWSIM_ATTR_CHANNELS])
3191 param.channels = nla_get_u32(info->attrs[HWSIM_ATTR_CHANNELS]);
3192
3193 if (param.channels > CFG80211_MAX_NUM_DIFFERENT_CHANNELS) {
3194 GENL_SET_ERR_MSG(info, "too many channels specified");
3195 return -EINVAL;
3196 }
3197
3198 if (info->attrs[HWSIM_ATTR_NO_VIF])
3199 param.no_vif = true;
3200
3201 if (info->attrs[HWSIM_ATTR_RADIO_NAME]) {
3202 hwname = kasprintf(GFP_KERNEL, "%.*s",
3203 nla_len(info->attrs[HWSIM_ATTR_RADIO_NAME]),
3204 (char *)nla_data(info->attrs[HWSIM_ATTR_RADIO_NAME]));
3205 if (!hwname)
3206 return -ENOMEM;
3207 param.hwname = hwname;
3208 }
3209
3210 if (info->attrs[HWSIM_ATTR_USE_CHANCTX])
3211 param.use_chanctx = true;
3212 else
3213 param.use_chanctx = (param.channels > 1);
3214
3215 if (info->attrs[HWSIM_ATTR_REG_HINT_ALPHA2])
3216 param.reg_alpha2 =
3217 nla_data(info->attrs[HWSIM_ATTR_REG_HINT_ALPHA2]);
3218
3219 if (info->attrs[HWSIM_ATTR_REG_CUSTOM_REG]) {
3220 u32 idx = nla_get_u32(info->attrs[HWSIM_ATTR_REG_CUSTOM_REG]);
3221
3222 if (idx >= ARRAY_SIZE(hwsim_world_regdom_custom)) {
3223 kfree(hwname);
3224 return -EINVAL;
3225 }
3226
3227 idx = array_index_nospec(idx,
3228 ARRAY_SIZE(hwsim_world_regdom_custom));
3229 param.regd = hwsim_world_regdom_custom[idx];
3230 }
3231
3232 if (info->attrs[HWSIM_ATTR_PERM_ADDR]) {
3233 if (!is_valid_ether_addr(
3234 nla_data(info->attrs[HWSIM_ATTR_PERM_ADDR]))) {
3235 GENL_SET_ERR_MSG(info,"MAC is no valid source addr");
3236 NL_SET_BAD_ATTR(info->extack,
3237 info->attrs[HWSIM_ATTR_PERM_ADDR]);
3238 kfree(hwname);
3239 return -EINVAL;
3240 }
3241
3242
3243 param.perm_addr = nla_data(info->attrs[HWSIM_ATTR_PERM_ADDR]);
3244 }
3245
3246 ret = mac80211_hwsim_new_radio(info, ¶m);
3247 kfree(hwname);
3248 return ret;
3249}
3250
3251static int hwsim_del_radio_nl(struct sk_buff *msg, struct genl_info *info)
3252{
3253 struct mac80211_hwsim_data *data;
3254 s64 idx = -1;
3255 const char *hwname = NULL;
3256
3257 if (info->attrs[HWSIM_ATTR_RADIO_ID]) {
3258 idx = nla_get_u32(info->attrs[HWSIM_ATTR_RADIO_ID]);
3259 } else if (info->attrs[HWSIM_ATTR_RADIO_NAME]) {
3260 hwname = kasprintf(GFP_KERNEL, "%.*s",
3261 nla_len(info->attrs[HWSIM_ATTR_RADIO_NAME]),
3262 (char *)nla_data(info->attrs[HWSIM_ATTR_RADIO_NAME]));
3263 if (!hwname)
3264 return -ENOMEM;
3265 } else
3266 return -EINVAL;
3267
3268 spin_lock_bh(&hwsim_radio_lock);
3269 list_for_each_entry(data, &hwsim_radios, list) {
3270 if (idx >= 0) {
3271 if (data->idx != idx)
3272 continue;
3273 } else {
3274 if (!hwname ||
3275 strcmp(hwname, wiphy_name(data->hw->wiphy)))
3276 continue;
3277 }
3278
3279 if (!net_eq(wiphy_net(data->hw->wiphy), genl_info_net(info)))
3280 continue;
3281
3282 list_del(&data->list);
3283 rhashtable_remove_fast(&hwsim_radios_rht, &data->rht,
3284 hwsim_rht_params);
3285 hwsim_radios_generation++;
3286 spin_unlock_bh(&hwsim_radio_lock);
3287 mac80211_hwsim_del_radio(data, wiphy_name(data->hw->wiphy),
3288 info);
3289 kfree(hwname);
3290 return 0;
3291 }
3292 spin_unlock_bh(&hwsim_radio_lock);
3293
3294 kfree(hwname);
3295 return -ENODEV;
3296}
3297
3298static int hwsim_get_radio_nl(struct sk_buff *msg, struct genl_info *info)
3299{
3300 struct mac80211_hwsim_data *data;
3301 struct sk_buff *skb;
3302 int idx, res = -ENODEV;
3303
3304 if (!info->attrs[HWSIM_ATTR_RADIO_ID])
3305 return -EINVAL;
3306 idx = nla_get_u32(info->attrs[HWSIM_ATTR_RADIO_ID]);
3307
3308 spin_lock_bh(&hwsim_radio_lock);
3309 list_for_each_entry(data, &hwsim_radios, list) {
3310 if (data->idx != idx)
3311 continue;
3312
3313 if (!net_eq(wiphy_net(data->hw->wiphy), genl_info_net(info)))
3314 continue;
3315
3316 skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC);
3317 if (!skb) {
3318 res = -ENOMEM;
3319 goto out_err;
3320 }
3321
3322 res = mac80211_hwsim_get_radio(skb, data, info->snd_portid,
3323 info->snd_seq, NULL, 0);
3324 if (res < 0) {
3325 nlmsg_free(skb);
3326 goto out_err;
3327 }
3328
3329 genlmsg_reply(skb, info);
3330 break;
3331 }
3332
3333out_err:
3334 spin_unlock_bh(&hwsim_radio_lock);
3335
3336 return res;
3337}
3338
3339static int hwsim_dump_radio_nl(struct sk_buff *skb,
3340 struct netlink_callback *cb)
3341{
3342 int last_idx = cb->args[0] - 1;
3343 struct mac80211_hwsim_data *data = NULL;
3344 int res = 0;
3345 void *hdr;
3346
3347 spin_lock_bh(&hwsim_radio_lock);
3348 cb->seq = hwsim_radios_generation;
3349
3350 if (last_idx >= hwsim_radio_idx-1)
3351 goto done;
3352
3353 list_for_each_entry(data, &hwsim_radios, list) {
3354 if (data->idx <= last_idx)
3355 continue;
3356
3357 if (!net_eq(wiphy_net(data->hw->wiphy), sock_net(skb->sk)))
3358 continue;
3359
3360 res = mac80211_hwsim_get_radio(skb, data,
3361 NETLINK_CB(cb->skb).portid,
3362 cb->nlh->nlmsg_seq, cb,
3363 NLM_F_MULTI);
3364 if (res < 0)
3365 break;
3366
3367 last_idx = data->idx;
3368 }
3369
3370 cb->args[0] = last_idx + 1;
3371
3372
3373 if (skb->len == 0 && cb->prev_seq && cb->seq != cb->prev_seq) {
3374 hdr = genlmsg_put(skb, NETLINK_CB(cb->skb).portid,
3375 cb->nlh->nlmsg_seq, &hwsim_genl_family,
3376 NLM_F_MULTI, HWSIM_CMD_GET_RADIO);
3377 if (!hdr)
3378 res = -EMSGSIZE;
3379 genl_dump_check_consistent(cb, hdr);
3380 genlmsg_end(skb, hdr);
3381 }
3382
3383done:
3384 spin_unlock_bh(&hwsim_radio_lock);
3385 return res ?: skb->len;
3386}
3387
3388
3389static const struct genl_ops hwsim_ops[] = {
3390 {
3391 .cmd = HWSIM_CMD_REGISTER,
3392 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
3393 .doit = hwsim_register_received_nl,
3394 .flags = GENL_UNS_ADMIN_PERM,
3395 },
3396 {
3397 .cmd = HWSIM_CMD_FRAME,
3398 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
3399 .doit = hwsim_cloned_frame_received_nl,
3400 },
3401 {
3402 .cmd = HWSIM_CMD_TX_INFO_FRAME,
3403 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
3404 .doit = hwsim_tx_info_frame_received_nl,
3405 },
3406 {
3407 .cmd = HWSIM_CMD_NEW_RADIO,
3408 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
3409 .doit = hwsim_new_radio_nl,
3410 .flags = GENL_UNS_ADMIN_PERM,
3411 },
3412 {
3413 .cmd = HWSIM_CMD_DEL_RADIO,
3414 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
3415 .doit = hwsim_del_radio_nl,
3416 .flags = GENL_UNS_ADMIN_PERM,
3417 },
3418 {
3419 .cmd = HWSIM_CMD_GET_RADIO,
3420 .validate = GENL_DONT_VALIDATE_STRICT | GENL_DONT_VALIDATE_DUMP,
3421 .doit = hwsim_get_radio_nl,
3422 .dumpit = hwsim_dump_radio_nl,
3423 },
3424};
3425
3426static struct genl_family hwsim_genl_family __ro_after_init = {
3427 .name = "MAC80211_HWSIM",
3428 .version = 1,
3429 .maxattr = HWSIM_ATTR_MAX,
3430 .policy = hwsim_genl_policy,
3431 .netnsok = true,
3432 .module = THIS_MODULE,
3433 .ops = hwsim_ops,
3434 .n_ops = ARRAY_SIZE(hwsim_ops),
3435 .mcgrps = hwsim_mcgrps,
3436 .n_mcgrps = ARRAY_SIZE(hwsim_mcgrps),
3437};
3438
3439static void destroy_radio(struct work_struct *work)
3440{
3441 struct mac80211_hwsim_data *data =
3442 container_of(work, struct mac80211_hwsim_data, destroy_work);
3443
3444 hwsim_radios_generation++;
3445 mac80211_hwsim_del_radio(data, wiphy_name(data->hw->wiphy), NULL);
3446}
3447
3448static void remove_user_radios(u32 portid)
3449{
3450 struct mac80211_hwsim_data *entry, *tmp;
3451
3452 spin_lock_bh(&hwsim_radio_lock);
3453 list_for_each_entry_safe(entry, tmp, &hwsim_radios, list) {
3454 if (entry->destroy_on_close && entry->portid == portid) {
3455 list_del(&entry->list);
3456 rhashtable_remove_fast(&hwsim_radios_rht, &entry->rht,
3457 hwsim_rht_params);
3458 INIT_WORK(&entry->destroy_work, destroy_radio);
3459 queue_work(hwsim_wq, &entry->destroy_work);
3460 }
3461 }
3462 spin_unlock_bh(&hwsim_radio_lock);
3463}
3464
3465static int mac80211_hwsim_netlink_notify(struct notifier_block *nb,
3466 unsigned long state,
3467 void *_notify)
3468{
3469 struct netlink_notify *notify = _notify;
3470
3471 if (state != NETLINK_URELEASE)
3472 return NOTIFY_DONE;
3473
3474 remove_user_radios(notify->portid);
3475
3476 if (notify->portid == hwsim_net_get_wmediumd(notify->net)) {
3477 printk(KERN_INFO "mac80211_hwsim: wmediumd released netlink"
3478 " socket, switching to perfect channel medium\n");
3479 hwsim_register_wmediumd(notify->net, 0);
3480 }
3481 return NOTIFY_DONE;
3482
3483}
3484
3485static struct notifier_block hwsim_netlink_notifier = {
3486 .notifier_call = mac80211_hwsim_netlink_notify,
3487};
3488
3489static int __init hwsim_init_netlink(void)
3490{
3491 int rc;
3492
3493 printk(KERN_INFO "mac80211_hwsim: initializing netlink\n");
3494
3495 rc = genl_register_family(&hwsim_genl_family);
3496 if (rc)
3497 goto failure;
3498
3499 rc = netlink_register_notifier(&hwsim_netlink_notifier);
3500 if (rc) {
3501 genl_unregister_family(&hwsim_genl_family);
3502 goto failure;
3503 }
3504
3505 return 0;
3506
3507failure:
3508 pr_debug("mac80211_hwsim: error occurred in %s\n", __func__);
3509 return -EINVAL;
3510}
3511
3512static __net_init int hwsim_init_net(struct net *net)
3513{
3514 return hwsim_net_set_netgroup(net);
3515}
3516
3517static void __net_exit hwsim_exit_net(struct net *net)
3518{
3519 struct mac80211_hwsim_data *data, *tmp;
3520
3521 spin_lock_bh(&hwsim_radio_lock);
3522 list_for_each_entry_safe(data, tmp, &hwsim_radios, list) {
3523 if (!net_eq(wiphy_net(data->hw->wiphy), net))
3524 continue;
3525
3526
3527 if (data->netgroup == hwsim_net_get_netgroup(&init_net))
3528 continue;
3529
3530 list_del(&data->list);
3531 rhashtable_remove_fast(&hwsim_radios_rht, &data->rht,
3532 hwsim_rht_params);
3533 hwsim_radios_generation++;
3534 spin_unlock_bh(&hwsim_radio_lock);
3535 mac80211_hwsim_del_radio(data,
3536 wiphy_name(data->hw->wiphy),
3537 NULL);
3538 spin_lock_bh(&hwsim_radio_lock);
3539 }
3540 spin_unlock_bh(&hwsim_radio_lock);
3541
3542 ida_simple_remove(&hwsim_netgroup_ida, hwsim_net_get_netgroup(net));
3543}
3544
3545static struct pernet_operations hwsim_net_ops = {
3546 .init = hwsim_init_net,
3547 .exit = hwsim_exit_net,
3548 .id = &hwsim_net_id,
3549 .size = sizeof(struct hwsim_net),
3550};
3551
3552static void hwsim_exit_netlink(void)
3553{
3554
3555 netlink_unregister_notifier(&hwsim_netlink_notifier);
3556
3557 genl_unregister_family(&hwsim_genl_family);
3558}
3559
3560static int __init init_mac80211_hwsim(void)
3561{
3562 int i, err;
3563
3564 if (radios < 0 || radios > 100)
3565 return -EINVAL;
3566
3567 if (channels < 1)
3568 return -EINVAL;
3569
3570 spin_lock_init(&hwsim_radio_lock);
3571
3572 hwsim_wq = alloc_workqueue("hwsim_wq", 0, 0);
3573 if (!hwsim_wq)
3574 return -ENOMEM;
3575
3576 err = rhashtable_init(&hwsim_radios_rht, &hwsim_rht_params);
3577 if (err)
3578 goto out_free_wq;
3579
3580 err = register_pernet_device(&hwsim_net_ops);
3581 if (err)
3582 goto out_free_rht;
3583
3584 err = platform_driver_register(&mac80211_hwsim_driver);
3585 if (err)
3586 goto out_unregister_pernet;
3587
3588 hwsim_class = class_create(THIS_MODULE, "mac80211_hwsim");
3589 if (IS_ERR(hwsim_class)) {
3590 err = PTR_ERR(hwsim_class);
3591 goto out_unregister_driver;
3592 }
3593
3594 err = hwsim_init_netlink();
3595 if (err < 0)
3596 goto out_unregister_driver;
3597
3598 for (i = 0; i < radios; i++) {
3599 struct hwsim_new_radio_params param = { 0 };
3600
3601 param.channels = channels;
3602
3603 switch (regtest) {
3604 case HWSIM_REGTEST_DIFF_COUNTRY:
3605 if (i < ARRAY_SIZE(hwsim_alpha2s))
3606 param.reg_alpha2 = hwsim_alpha2s[i];
3607 break;
3608 case HWSIM_REGTEST_DRIVER_REG_FOLLOW:
3609 if (!i)
3610 param.reg_alpha2 = hwsim_alpha2s[0];
3611 break;
3612 case HWSIM_REGTEST_STRICT_ALL:
3613 param.reg_strict = true;
3614 fallthrough;
3615 case HWSIM_REGTEST_DRIVER_REG_ALL:
3616 param.reg_alpha2 = hwsim_alpha2s[0];
3617 break;
3618 case HWSIM_REGTEST_WORLD_ROAM:
3619 if (i == 0)
3620 param.regd = &hwsim_world_regdom_custom_01;
3621 break;
3622 case HWSIM_REGTEST_CUSTOM_WORLD:
3623 param.regd = &hwsim_world_regdom_custom_01;
3624 break;
3625 case HWSIM_REGTEST_CUSTOM_WORLD_2:
3626 if (i == 0)
3627 param.regd = &hwsim_world_regdom_custom_01;
3628 else if (i == 1)
3629 param.regd = &hwsim_world_regdom_custom_02;
3630 break;
3631 case HWSIM_REGTEST_STRICT_FOLLOW:
3632 if (i == 0) {
3633 param.reg_strict = true;
3634 param.reg_alpha2 = hwsim_alpha2s[0];
3635 }
3636 break;
3637 case HWSIM_REGTEST_STRICT_AND_DRIVER_REG:
3638 if (i == 0) {
3639 param.reg_strict = true;
3640 param.reg_alpha2 = hwsim_alpha2s[0];
3641 } else if (i == 1) {
3642 param.reg_alpha2 = hwsim_alpha2s[1];
3643 }
3644 break;
3645 case HWSIM_REGTEST_ALL:
3646 switch (i) {
3647 case 0:
3648 param.regd = &hwsim_world_regdom_custom_01;
3649 break;
3650 case 1:
3651 param.regd = &hwsim_world_regdom_custom_02;
3652 break;
3653 case 2:
3654 param.reg_alpha2 = hwsim_alpha2s[0];
3655 break;
3656 case 3:
3657 param.reg_alpha2 = hwsim_alpha2s[1];
3658 break;
3659 case 4:
3660 param.reg_strict = true;
3661 param.reg_alpha2 = hwsim_alpha2s[2];
3662 break;
3663 }
3664 break;
3665 default:
3666 break;
3667 }
3668
3669 param.p2p_device = support_p2p_device;
3670 param.use_chanctx = channels > 1;
3671
3672 err = mac80211_hwsim_new_radio(NULL, ¶m);
3673 if (err < 0)
3674 goto out_free_radios;
3675 }
3676
3677 hwsim_mon = alloc_netdev(0, "hwsim%d", NET_NAME_UNKNOWN,
3678 hwsim_mon_setup);
3679 if (hwsim_mon == NULL) {
3680 err = -ENOMEM;
3681 goto out_free_radios;
3682 }
3683
3684 rtnl_lock();
3685 err = dev_alloc_name(hwsim_mon, hwsim_mon->name);
3686 if (err < 0) {
3687 rtnl_unlock();
3688 goto out_free_radios;
3689 }
3690
3691 err = register_netdevice(hwsim_mon);
3692 if (err < 0) {
3693 rtnl_unlock();
3694 goto out_free_mon;
3695 }
3696 rtnl_unlock();
3697
3698 return 0;
3699
3700out_free_mon:
3701 free_netdev(hwsim_mon);
3702out_free_radios:
3703 mac80211_hwsim_free();
3704out_unregister_driver:
3705 platform_driver_unregister(&mac80211_hwsim_driver);
3706out_unregister_pernet:
3707 unregister_pernet_device(&hwsim_net_ops);
3708out_free_rht:
3709 rhashtable_destroy(&hwsim_radios_rht);
3710out_free_wq:
3711 destroy_workqueue(hwsim_wq);
3712 return err;
3713}
3714module_init(init_mac80211_hwsim);
3715
3716static void __exit exit_mac80211_hwsim(void)
3717{
3718 pr_debug("mac80211_hwsim: unregister radios\n");
3719
3720 hwsim_exit_netlink();
3721
3722 mac80211_hwsim_free();
3723 flush_workqueue(hwsim_wq);
3724
3725 rhashtable_destroy(&hwsim_radios_rht);
3726 unregister_netdev(hwsim_mon);
3727 platform_driver_unregister(&mac80211_hwsim_driver);
3728 unregister_pernet_device(&hwsim_net_ops);
3729 destroy_workqueue(hwsim_wq);
3730}
3731module_exit(exit_mac80211_hwsim);
3732
