1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86#include <linux/module.h>
87#include <linux/types.h>
88#include <linux/netdevice.h>
89#include <linux/proc_fs.h>
90#include <linux/rtnetlink.h>
91#include <linux/seq_file.h>
92#include <linux/init.h>
93#include <linux/if_arp.h>
94#include <linux/etherdevice.h>
95#include <linux/interrupt.h>
96#include <net/net_namespace.h>
97
98#include <linux/wireless.h>
99#include <net/iw_handler.h>
100#include <net/netlink.h>
101#include <net/wext.h>
102
103#include <asm/uaccess.h>
104
105
106
107
108
109
110
111
112
113
114static const struct iw_ioctl_description standard_ioctl[] = {
115 [SIOCSIWCOMMIT - SIOCIWFIRST] = {
116 .header_type = IW_HEADER_TYPE_NULL,
117 },
118 [SIOCGIWNAME - SIOCIWFIRST] = {
119 .header_type = IW_HEADER_TYPE_CHAR,
120 .flags = IW_DESCR_FLAG_DUMP,
121 },
122 [SIOCSIWNWID - SIOCIWFIRST] = {
123 .header_type = IW_HEADER_TYPE_PARAM,
124 .flags = IW_DESCR_FLAG_EVENT,
125 },
126 [SIOCGIWNWID - SIOCIWFIRST] = {
127 .header_type = IW_HEADER_TYPE_PARAM,
128 .flags = IW_DESCR_FLAG_DUMP,
129 },
130 [SIOCSIWFREQ - SIOCIWFIRST] = {
131 .header_type = IW_HEADER_TYPE_FREQ,
132 .flags = IW_DESCR_FLAG_EVENT,
133 },
134 [SIOCGIWFREQ - SIOCIWFIRST] = {
135 .header_type = IW_HEADER_TYPE_FREQ,
136 .flags = IW_DESCR_FLAG_DUMP,
137 },
138 [SIOCSIWMODE - SIOCIWFIRST] = {
139 .header_type = IW_HEADER_TYPE_UINT,
140 .flags = IW_DESCR_FLAG_EVENT,
141 },
142 [SIOCGIWMODE - SIOCIWFIRST] = {
143 .header_type = IW_HEADER_TYPE_UINT,
144 .flags = IW_DESCR_FLAG_DUMP,
145 },
146 [SIOCSIWSENS - SIOCIWFIRST] = {
147 .header_type = IW_HEADER_TYPE_PARAM,
148 },
149 [SIOCGIWSENS - SIOCIWFIRST] = {
150 .header_type = IW_HEADER_TYPE_PARAM,
151 },
152 [SIOCSIWRANGE - SIOCIWFIRST] = {
153 .header_type = IW_HEADER_TYPE_NULL,
154 },
155 [SIOCGIWRANGE - SIOCIWFIRST] = {
156 .header_type = IW_HEADER_TYPE_POINT,
157 .token_size = 1,
158 .max_tokens = sizeof(struct iw_range),
159 .flags = IW_DESCR_FLAG_DUMP,
160 },
161 [SIOCSIWPRIV - SIOCIWFIRST] = {
162 .header_type = IW_HEADER_TYPE_NULL,
163 },
164 [SIOCGIWPRIV - SIOCIWFIRST] = {
165 .header_type = IW_HEADER_TYPE_POINT,
166 .token_size = sizeof(struct iw_priv_args),
167 .max_tokens = 16,
168 .flags = IW_DESCR_FLAG_NOMAX,
169 },
170 [SIOCSIWSTATS - SIOCIWFIRST] = {
171 .header_type = IW_HEADER_TYPE_NULL,
172 },
173 [SIOCGIWSTATS - SIOCIWFIRST] = {
174 .header_type = IW_HEADER_TYPE_POINT,
175 .token_size = 1,
176 .max_tokens = sizeof(struct iw_statistics),
177 .flags = IW_DESCR_FLAG_DUMP,
178 },
179 [SIOCSIWSPY - SIOCIWFIRST] = {
180 .header_type = IW_HEADER_TYPE_POINT,
181 .token_size = sizeof(struct sockaddr),
182 .max_tokens = IW_MAX_SPY,
183 },
184 [SIOCGIWSPY - SIOCIWFIRST] = {
185 .header_type = IW_HEADER_TYPE_POINT,
186 .token_size = sizeof(struct sockaddr) +
187 sizeof(struct iw_quality),
188 .max_tokens = IW_MAX_SPY,
189 },
190 [SIOCSIWTHRSPY - SIOCIWFIRST] = {
191 .header_type = IW_HEADER_TYPE_POINT,
192 .token_size = sizeof(struct iw_thrspy),
193 .min_tokens = 1,
194 .max_tokens = 1,
195 },
196 [SIOCGIWTHRSPY - SIOCIWFIRST] = {
197 .header_type = IW_HEADER_TYPE_POINT,
198 .token_size = sizeof(struct iw_thrspy),
199 .min_tokens = 1,
200 .max_tokens = 1,
201 },
202 [SIOCSIWAP - SIOCIWFIRST] = {
203 .header_type = IW_HEADER_TYPE_ADDR,
204 },
205 [SIOCGIWAP - SIOCIWFIRST] = {
206 .header_type = IW_HEADER_TYPE_ADDR,
207 .flags = IW_DESCR_FLAG_DUMP,
208 },
209 [SIOCSIWMLME - SIOCIWFIRST] = {
210 .header_type = IW_HEADER_TYPE_POINT,
211 .token_size = 1,
212 .min_tokens = sizeof(struct iw_mlme),
213 .max_tokens = sizeof(struct iw_mlme),
214 },
215 [SIOCGIWAPLIST - SIOCIWFIRST] = {
216 .header_type = IW_HEADER_TYPE_POINT,
217 .token_size = sizeof(struct sockaddr) +
218 sizeof(struct iw_quality),
219 .max_tokens = IW_MAX_AP,
220 .flags = IW_DESCR_FLAG_NOMAX,
221 },
222 [SIOCSIWSCAN - SIOCIWFIRST] = {
223 .header_type = IW_HEADER_TYPE_POINT,
224 .token_size = 1,
225 .min_tokens = 0,
226 .max_tokens = sizeof(struct iw_scan_req),
227 },
228 [SIOCGIWSCAN - SIOCIWFIRST] = {
229 .header_type = IW_HEADER_TYPE_POINT,
230 .token_size = 1,
231 .max_tokens = IW_SCAN_MAX_DATA,
232 .flags = IW_DESCR_FLAG_NOMAX,
233 },
234 [SIOCSIWESSID - SIOCIWFIRST] = {
235 .header_type = IW_HEADER_TYPE_POINT,
236 .token_size = 1,
237 .max_tokens = IW_ESSID_MAX_SIZE,
238 .flags = IW_DESCR_FLAG_EVENT,
239 },
240 [SIOCGIWESSID - SIOCIWFIRST] = {
241 .header_type = IW_HEADER_TYPE_POINT,
242 .token_size = 1,
243 .max_tokens = IW_ESSID_MAX_SIZE,
244 .flags = IW_DESCR_FLAG_DUMP,
245 },
246 [SIOCSIWNICKN - SIOCIWFIRST] = {
247 .header_type = IW_HEADER_TYPE_POINT,
248 .token_size = 1,
249 .max_tokens = IW_ESSID_MAX_SIZE,
250 },
251 [SIOCGIWNICKN - SIOCIWFIRST] = {
252 .header_type = IW_HEADER_TYPE_POINT,
253 .token_size = 1,
254 .max_tokens = IW_ESSID_MAX_SIZE,
255 },
256 [SIOCSIWRATE - SIOCIWFIRST] = {
257 .header_type = IW_HEADER_TYPE_PARAM,
258 },
259 [SIOCGIWRATE - SIOCIWFIRST] = {
260 .header_type = IW_HEADER_TYPE_PARAM,
261 },
262 [SIOCSIWRTS - SIOCIWFIRST] = {
263 .header_type = IW_HEADER_TYPE_PARAM,
264 },
265 [SIOCGIWRTS - SIOCIWFIRST] = {
266 .header_type = IW_HEADER_TYPE_PARAM,
267 },
268 [SIOCSIWFRAG - SIOCIWFIRST] = {
269 .header_type = IW_HEADER_TYPE_PARAM,
270 },
271 [SIOCGIWFRAG - SIOCIWFIRST] = {
272 .header_type = IW_HEADER_TYPE_PARAM,
273 },
274 [SIOCSIWTXPOW - SIOCIWFIRST] = {
275 .header_type = IW_HEADER_TYPE_PARAM,
276 },
277 [SIOCGIWTXPOW - SIOCIWFIRST] = {
278 .header_type = IW_HEADER_TYPE_PARAM,
279 },
280 [SIOCSIWRETRY - SIOCIWFIRST] = {
281 .header_type = IW_HEADER_TYPE_PARAM,
282 },
283 [SIOCGIWRETRY - SIOCIWFIRST] = {
284 .header_type = IW_HEADER_TYPE_PARAM,
285 },
286 [SIOCSIWENCODE - SIOCIWFIRST] = {
287 .header_type = IW_HEADER_TYPE_POINT,
288 .token_size = 1,
289 .max_tokens = IW_ENCODING_TOKEN_MAX,
290 .flags = IW_DESCR_FLAG_EVENT | IW_DESCR_FLAG_RESTRICT,
291 },
292 [SIOCGIWENCODE - SIOCIWFIRST] = {
293 .header_type = IW_HEADER_TYPE_POINT,
294 .token_size = 1,
295 .max_tokens = IW_ENCODING_TOKEN_MAX,
296 .flags = IW_DESCR_FLAG_DUMP | IW_DESCR_FLAG_RESTRICT,
297 },
298 [SIOCSIWPOWER - SIOCIWFIRST] = {
299 .header_type = IW_HEADER_TYPE_PARAM,
300 },
301 [SIOCGIWPOWER - SIOCIWFIRST] = {
302 .header_type = IW_HEADER_TYPE_PARAM,
303 },
304 [SIOCSIWGENIE - SIOCIWFIRST] = {
305 .header_type = IW_HEADER_TYPE_POINT,
306 .token_size = 1,
307 .max_tokens = IW_GENERIC_IE_MAX,
308 },
309 [SIOCGIWGENIE - SIOCIWFIRST] = {
310 .header_type = IW_HEADER_TYPE_POINT,
311 .token_size = 1,
312 .max_tokens = IW_GENERIC_IE_MAX,
313 },
314 [SIOCSIWAUTH - SIOCIWFIRST] = {
315 .header_type = IW_HEADER_TYPE_PARAM,
316 },
317 [SIOCGIWAUTH - SIOCIWFIRST] = {
318 .header_type = IW_HEADER_TYPE_PARAM,
319 },
320 [SIOCSIWENCODEEXT - SIOCIWFIRST] = {
321 .header_type = IW_HEADER_TYPE_POINT,
322 .token_size = 1,
323 .min_tokens = sizeof(struct iw_encode_ext),
324 .max_tokens = sizeof(struct iw_encode_ext) +
325 IW_ENCODING_TOKEN_MAX,
326 },
327 [SIOCGIWENCODEEXT - SIOCIWFIRST] = {
328 .header_type = IW_HEADER_TYPE_POINT,
329 .token_size = 1,
330 .min_tokens = sizeof(struct iw_encode_ext),
331 .max_tokens = sizeof(struct iw_encode_ext) +
332 IW_ENCODING_TOKEN_MAX,
333 },
334 [SIOCSIWPMKSA - SIOCIWFIRST] = {
335 .header_type = IW_HEADER_TYPE_POINT,
336 .token_size = 1,
337 .min_tokens = sizeof(struct iw_pmksa),
338 .max_tokens = sizeof(struct iw_pmksa),
339 },
340};
341static const unsigned standard_ioctl_num = ARRAY_SIZE(standard_ioctl);
342
343
344
345
346
347static const struct iw_ioctl_description standard_event[] = {
348 [IWEVTXDROP - IWEVFIRST] = {
349 .header_type = IW_HEADER_TYPE_ADDR,
350 },
351 [IWEVQUAL - IWEVFIRST] = {
352 .header_type = IW_HEADER_TYPE_QUAL,
353 },
354 [IWEVCUSTOM - IWEVFIRST] = {
355 .header_type = IW_HEADER_TYPE_POINT,
356 .token_size = 1,
357 .max_tokens = IW_CUSTOM_MAX,
358 },
359 [IWEVREGISTERED - IWEVFIRST] = {
360 .header_type = IW_HEADER_TYPE_ADDR,
361 },
362 [IWEVEXPIRED - IWEVFIRST] = {
363 .header_type = IW_HEADER_TYPE_ADDR,
364 },
365 [IWEVGENIE - IWEVFIRST] = {
366 .header_type = IW_HEADER_TYPE_POINT,
367 .token_size = 1,
368 .max_tokens = IW_GENERIC_IE_MAX,
369 },
370 [IWEVMICHAELMICFAILURE - IWEVFIRST] = {
371 .header_type = IW_HEADER_TYPE_POINT,
372 .token_size = 1,
373 .max_tokens = sizeof(struct iw_michaelmicfailure),
374 },
375 [IWEVASSOCREQIE - IWEVFIRST] = {
376 .header_type = IW_HEADER_TYPE_POINT,
377 .token_size = 1,
378 .max_tokens = IW_GENERIC_IE_MAX,
379 },
380 [IWEVASSOCRESPIE - IWEVFIRST] = {
381 .header_type = IW_HEADER_TYPE_POINT,
382 .token_size = 1,
383 .max_tokens = IW_GENERIC_IE_MAX,
384 },
385 [IWEVPMKIDCAND - IWEVFIRST] = {
386 .header_type = IW_HEADER_TYPE_POINT,
387 .token_size = 1,
388 .max_tokens = sizeof(struct iw_pmkid_cand),
389 },
390};
391static const unsigned standard_event_num = ARRAY_SIZE(standard_event);
392
393
394static const char iw_priv_type_size[] = {
395 0,
396 1,
397 1,
398 0,
399 sizeof(__u32),
400 sizeof(struct iw_freq),
401 sizeof(struct sockaddr),
402 0,
403};
404
405
406static const int event_type_size[] = {
407 IW_EV_LCP_LEN,
408 0,
409 IW_EV_CHAR_LEN,
410 0,
411 IW_EV_UINT_LEN,
412 IW_EV_FREQ_LEN,
413 IW_EV_ADDR_LEN,
414 0,
415 IW_EV_POINT_LEN,
416 IW_EV_PARAM_LEN,
417 IW_EV_QUAL_LEN,
418};
419
420#ifdef CONFIG_COMPAT
421static const int compat_event_type_size[] = {
422 IW_EV_COMPAT_LCP_LEN,
423 0,
424 IW_EV_COMPAT_CHAR_LEN,
425 0,
426 IW_EV_COMPAT_UINT_LEN,
427 IW_EV_COMPAT_FREQ_LEN,
428 IW_EV_COMPAT_ADDR_LEN,
429 0,
430 IW_EV_COMPAT_POINT_LEN,
431 IW_EV_COMPAT_PARAM_LEN,
432 IW_EV_COMPAT_QUAL_LEN,
433};
434#endif
435
436
437
438
439
440
441
442
443
444
445
446static iw_handler get_handler(struct net_device *dev, unsigned int cmd)
447{
448
449 unsigned int index;
450
451
452 if (dev->wireless_handlers == NULL)
453 return NULL;
454
455
456 index = cmd - SIOCIWFIRST;
457 if (index < dev->wireless_handlers->num_standard)
458 return dev->wireless_handlers->standard[index];
459
460
461 index = cmd - SIOCIWFIRSTPRIV;
462 if (index < dev->wireless_handlers->num_private)
463 return dev->wireless_handlers->private[index];
464
465
466 return NULL;
467}
468
469
470
471
472
473struct iw_statistics *get_wireless_stats(struct net_device *dev)
474{
475
476 if ((dev->wireless_handlers != NULL) &&
477 (dev->wireless_handlers->get_wireless_stats != NULL))
478 return dev->wireless_handlers->get_wireless_stats(dev);
479
480
481 return NULL;
482}
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503static int call_commit_handler(struct net_device *dev)
504{
505 if ((netif_running(dev)) &&
506 (dev->wireless_handlers->standard[0] != NULL))
507
508 return dev->wireless_handlers->standard[0](dev, NULL,
509 NULL, NULL);
510 else
511 return 0;
512}
513
514
515
516
517
518static int get_priv_size(__u16 args)
519{
520 int num = args & IW_PRIV_SIZE_MASK;
521 int type = (args & IW_PRIV_TYPE_MASK) >> 12;
522
523 return num * iw_priv_type_size[type];
524}
525
526
527
528
529
530static int adjust_priv_size(__u16 args, struct iw_point *iwp)
531{
532 int num = iwp->length;
533 int max = args & IW_PRIV_SIZE_MASK;
534 int type = (args & IW_PRIV_TYPE_MASK) >> 12;
535
536
537 if (max < num)
538 num = max;
539
540 return num * iw_priv_type_size[type];
541}
542
543
544
545
546
547
548
549static int iw_handler_get_iwstats(struct net_device * dev,
550 struct iw_request_info * info,
551 union iwreq_data * wrqu,
552 char * extra)
553{
554
555 struct iw_statistics *stats;
556
557 stats = get_wireless_stats(dev);
558 if (stats) {
559
560 memcpy(extra, stats, sizeof(struct iw_statistics));
561 wrqu->data.length = sizeof(struct iw_statistics);
562
563
564 if (wrqu->data.flags != 0)
565 stats->qual.updated &= ~IW_QUAL_ALL_UPDATED;
566 return 0;
567 } else
568 return -EOPNOTSUPP;
569}
570
571
572
573
574
575
576
577static int iw_handler_get_private(struct net_device * dev,
578 struct iw_request_info * info,
579 union iwreq_data * wrqu,
580 char * extra)
581{
582
583 if ((dev->wireless_handlers->num_private_args == 0) ||
584 (dev->wireless_handlers->private_args == NULL))
585 return -EOPNOTSUPP;
586
587
588 if (wrqu->data.length < dev->wireless_handlers->num_private_args) {
589
590
591
592 wrqu->data.length = dev->wireless_handlers->num_private_args;
593 return -E2BIG;
594 }
595
596
597 wrqu->data.length = dev->wireless_handlers->num_private_args;
598
599
600 memcpy(extra, dev->wireless_handlers->private_args,
601 sizeof(struct iw_priv_args) * wrqu->data.length);
602
603 return 0;
604}
605
606
607
608
609
610
611
612
613
614
615
616
617#ifdef CONFIG_PROC_FS
618
619
620
621
622
623static void wireless_seq_printf_stats(struct seq_file *seq,
624 struct net_device *dev)
625{
626
627 struct iw_statistics *stats = get_wireless_stats(dev);
628 static struct iw_statistics nullstats = {};
629
630
631 if (!stats && dev->wireless_handlers)
632 stats = &nullstats;
633
634 if (stats) {
635 seq_printf(seq, "%6s: %04x %3d%c %3d%c %3d%c %6d %6d %6d "
636 "%6d %6d %6d\n",
637 dev->name, stats->status, stats->qual.qual,
638 stats->qual.updated & IW_QUAL_QUAL_UPDATED
639 ? '.' : ' ',
640 ((__s32) stats->qual.level) -
641 ((stats->qual.updated & IW_QUAL_DBM) ? 0x100 : 0),
642 stats->qual.updated & IW_QUAL_LEVEL_UPDATED
643 ? '.' : ' ',
644 ((__s32) stats->qual.noise) -
645 ((stats->qual.updated & IW_QUAL_DBM) ? 0x100 : 0),
646 stats->qual.updated & IW_QUAL_NOISE_UPDATED
647 ? '.' : ' ',
648 stats->discard.nwid, stats->discard.code,
649 stats->discard.fragment, stats->discard.retries,
650 stats->discard.misc, stats->miss.beacon);
651
652 if (stats != &nullstats)
653 stats->qual.updated &= ~IW_QUAL_ALL_UPDATED;
654 }
655}
656
657
658
659
660
661static int wireless_dev_seq_show(struct seq_file *seq, void *v)
662{
663 might_sleep();
664
665 if (v == SEQ_START_TOKEN)
666 seq_printf(seq, "Inter-| sta-| Quality | Discarded "
667 "packets | Missed | WE\n"
668 " face | tus | link level noise | nwid "
669 "crypt frag retry misc | beacon | %d\n",
670 WIRELESS_EXT);
671 else
672 wireless_seq_printf_stats(seq, v);
673 return 0;
674}
675
676static void *wireless_dev_seq_start(struct seq_file *seq, loff_t *pos)
677{
678 struct net *net = seq_file_net(seq);
679 loff_t off;
680 struct net_device *dev;
681
682 rtnl_lock();
683 if (!*pos)
684 return SEQ_START_TOKEN;
685
686 off = 1;
687 for_each_netdev(net, dev)
688 if (off++ == *pos)
689 return dev;
690 return NULL;
691}
692
693static void *wireless_dev_seq_next(struct seq_file *seq, void *v, loff_t *pos)
694{
695 struct net *net = seq_file_net(seq);
696
697 ++*pos;
698
699 return v == SEQ_START_TOKEN ?
700 first_net_device(net) : next_net_device(v);
701}
702
703static void wireless_dev_seq_stop(struct seq_file *seq, void *v)
704{
705 rtnl_unlock();
706}
707
708static const struct seq_operations wireless_seq_ops = {
709 .start = wireless_dev_seq_start,
710 .next = wireless_dev_seq_next,
711 .stop = wireless_dev_seq_stop,
712 .show = wireless_dev_seq_show,
713};
714
715static int seq_open_wireless(struct inode *inode, struct file *file)
716{
717 return seq_open_net(inode, file, &wireless_seq_ops,
718 sizeof(struct seq_net_private));
719}
720
721static const struct file_operations wireless_seq_fops = {
722 .owner = THIS_MODULE,
723 .open = seq_open_wireless,
724 .read = seq_read,
725 .llseek = seq_lseek,
726 .release = seq_release_net,
727};
728
729int wext_proc_init(struct net *net)
730{
731
732 if (!proc_net_fops_create(net, "wireless", S_IRUGO, &wireless_seq_fops))
733 return -ENOMEM;
734
735 return 0;
736}
737
738void wext_proc_exit(struct net *net)
739{
740 proc_net_remove(net, "wireless");
741}
742#endif
743
744
745
746
747
748
749
750
751
752
753static int ioctl_standard_iw_point(struct iw_point *iwp, unsigned int cmd,
754 const struct iw_ioctl_description *descr,
755 iw_handler handler, struct net_device *dev,
756 struct iw_request_info *info)
757{
758 int err, extra_size, user_length = 0, essid_compat = 0;
759 char *extra;
760
761
762
763
764 extra_size = descr->max_tokens * descr->token_size;
765
766
767 switch (cmd) {
768 case SIOCSIWESSID:
769 case SIOCGIWESSID:
770 case SIOCSIWNICKN:
771 case SIOCGIWNICKN:
772 if (iwp->length == descr->max_tokens + 1)
773 essid_compat = 1;
774 else if (IW_IS_SET(cmd) && (iwp->length != 0)) {
775 char essid[IW_ESSID_MAX_SIZE + 1];
776 unsigned int len;
777 len = iwp->length * descr->token_size;
778
779 if (len > IW_ESSID_MAX_SIZE)
780 return -EFAULT;
781
782 err = copy_from_user(essid, iwp->pointer, len);
783 if (err)
784 return -EFAULT;
785
786 if (essid[iwp->length - 1] == '\0')
787 essid_compat = 1;
788 }
789 break;
790 default:
791 break;
792 }
793
794 iwp->length -= essid_compat;
795
796
797 if (IW_IS_SET(cmd)) {
798
799 if (!iwp->pointer && iwp->length != 0)
800 return -EFAULT;
801
802 if (iwp->length > descr->max_tokens)
803 return -E2BIG;
804 if (iwp->length < descr->min_tokens)
805 return -EINVAL;
806 } else {
807
808 if (!iwp->pointer)
809 return -EFAULT;
810
811 user_length = iwp->length;
812
813
814
815
816
817
818
819 if ((descr->flags & IW_DESCR_FLAG_NOMAX) &&
820 (user_length > descr->max_tokens)) {
821
822
823
824
825 extra_size = user_length * descr->token_size;
826
827
828
829
830
831
832 }
833 }
834
835
836 extra = kzalloc(extra_size, GFP_KERNEL);
837 if (!extra)
838 return -ENOMEM;
839
840
841 if (IW_IS_SET(cmd) && (iwp->length != 0)) {
842 if (copy_from_user(extra, iwp->pointer,
843 iwp->length *
844 descr->token_size)) {
845 err = -EFAULT;
846 goto out;
847 }
848
849 if (cmd == SIOCSIWENCODEEXT) {
850 struct iw_encode_ext *ee = (void *) extra;
851
852 if (iwp->length < sizeof(*ee) + ee->key_len)
853 return -EFAULT;
854 }
855 }
856
857 err = handler(dev, info, (union iwreq_data *) iwp, extra);
858
859 iwp->length += essid_compat;
860
861
862 if (!err && IW_IS_GET(cmd)) {
863
864 if (user_length < iwp->length) {
865 err = -E2BIG;
866 goto out;
867 }
868
869 if (copy_to_user(iwp->pointer, extra,
870 iwp->length *
871 descr->token_size)) {
872 err = -EFAULT;
873 goto out;
874 }
875 }
876
877
878 if ((descr->flags & IW_DESCR_FLAG_EVENT) && err == -EIWCOMMIT) {
879 union iwreq_data *data = (union iwreq_data *) iwp;
880
881 if (descr->flags & IW_DESCR_FLAG_RESTRICT)
882
883
884
885 wireless_send_event(dev, cmd, data, NULL);
886 else
887 wireless_send_event(dev, cmd, data, extra);
888 }
889
890out:
891 kfree(extra);
892 return err;
893}
894
895
896
897
898
899
900static int ioctl_standard_call(struct net_device * dev,
901 struct iwreq *iwr,
902 unsigned int cmd,
903 struct iw_request_info *info,
904 iw_handler handler)
905{
906 const struct iw_ioctl_description * descr;
907 int ret = -EINVAL;
908
909
910 if ((cmd - SIOCIWFIRST) >= standard_ioctl_num)
911 return -EOPNOTSUPP;
912 descr = &(standard_ioctl[cmd - SIOCIWFIRST]);
913
914
915 if (descr->header_type != IW_HEADER_TYPE_POINT) {
916
917
918 ret = handler(dev, info, &(iwr->u), NULL);
919
920
921 if ((descr->flags & IW_DESCR_FLAG_EVENT) &&
922 ((ret == 0) || (ret == -EIWCOMMIT)))
923 wireless_send_event(dev, cmd, &(iwr->u), NULL);
924 } else {
925 ret = ioctl_standard_iw_point(&iwr->u.data, cmd, descr,
926 handler, dev, info);
927 }
928
929
930 if (ret == -EIWCOMMIT)
931 ret = call_commit_handler(dev);
932
933
934
935 return ret;
936}
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954static int get_priv_descr_and_size(struct net_device *dev, unsigned int cmd,
955 const struct iw_priv_args **descrp)
956{
957 const struct iw_priv_args *descr;
958 int i, extra_size;
959
960 descr = NULL;
961 for (i = 0; i < dev->wireless_handlers->num_private_args; i++) {
962 if (cmd == dev->wireless_handlers->private_args[i].cmd) {
963 descr = &dev->wireless_handlers->private_args[i];
964 break;
965 }
966 }
967
968 extra_size = 0;
969 if (descr) {
970 if (IW_IS_SET(cmd)) {
971 int offset = 0;
972
973 if (descr->name[0] == '\0')
974
975 offset = sizeof(__u32);
976
977
978 extra_size = get_priv_size(descr->set_args);
979
980
981 if ((descr->set_args & IW_PRIV_SIZE_FIXED) &&
982 ((extra_size + offset) <= IFNAMSIZ))
983 extra_size = 0;
984 } else {
985
986 extra_size = get_priv_size(descr->get_args);
987
988
989 if ((descr->get_args & IW_PRIV_SIZE_FIXED) &&
990 (extra_size <= IFNAMSIZ))
991 extra_size = 0;
992 }
993 }
994 *descrp = descr;
995 return extra_size;
996}
997
998static int ioctl_private_iw_point(struct iw_point *iwp, unsigned int cmd,
999 const struct iw_priv_args *descr,
1000 iw_handler handler, struct net_device *dev,
1001 struct iw_request_info *info, int extra_size)
1002{
1003 char *extra;
1004 int err;
1005
1006
1007 if (IW_IS_SET(cmd)) {
1008 if (!iwp->pointer && iwp->length != 0)
1009 return -EFAULT;
1010
1011 if (iwp->length > (descr->set_args & IW_PRIV_SIZE_MASK))
1012 return -E2BIG;
1013 } else if (!iwp->pointer)
1014 return -EFAULT;
1015
1016 extra = kmalloc(extra_size, GFP_KERNEL);
1017 if (!extra)
1018 return -ENOMEM;
1019
1020
1021 if (IW_IS_SET(cmd) && (iwp->length != 0)) {
1022 if (copy_from_user(extra, iwp->pointer, extra_size)) {
1023 err = -EFAULT;
1024 goto out;
1025 }
1026 }
1027
1028
1029 err = handler(dev, info, (union iwreq_data *) iwp, extra);
1030
1031
1032 if (!err && IW_IS_GET(cmd)) {
1033
1034
1035
1036 if (!(descr->get_args & IW_PRIV_SIZE_FIXED))
1037 extra_size = adjust_priv_size(descr->get_args, iwp);
1038
1039 if (copy_to_user(iwp->pointer, extra, extra_size))
1040 err = -EFAULT;
1041 }
1042
1043out:
1044 kfree(extra);
1045 return err;
1046}
1047
1048static int ioctl_private_call(struct net_device *dev, struct iwreq *iwr,
1049 unsigned int cmd, struct iw_request_info *info,
1050 iw_handler handler)
1051{
1052 int extra_size = 0, ret = -EINVAL;
1053 const struct iw_priv_args *descr;
1054
1055 extra_size = get_priv_descr_and_size(dev, cmd, &descr);
1056
1057
1058 if (extra_size == 0) {
1059
1060 ret = handler(dev, info, &(iwr->u), (char *) &(iwr->u));
1061 } else {
1062 ret = ioctl_private_iw_point(&iwr->u.data, cmd, descr,
1063 handler, dev, info, extra_size);
1064 }
1065
1066
1067 if (ret == -EIWCOMMIT)
1068 ret = call_commit_handler(dev);
1069
1070 return ret;
1071}
1072
1073
1074typedef int (*wext_ioctl_func)(struct net_device *, struct iwreq *,
1075 unsigned int, struct iw_request_info *,
1076 iw_handler);
1077
1078
1079
1080
1081
1082static int wireless_process_ioctl(struct net *net, struct ifreq *ifr,
1083 unsigned int cmd,
1084 struct iw_request_info *info,
1085 wext_ioctl_func standard,
1086 wext_ioctl_func private)
1087{
1088 struct iwreq *iwr = (struct iwreq *) ifr;
1089 struct net_device *dev;
1090 iw_handler handler;
1091
1092
1093
1094
1095
1096 if ((dev = __dev_get_by_name(net, ifr->ifr_name)) == NULL)
1097 return -ENODEV;
1098
1099
1100
1101
1102 if (cmd == SIOCGIWSTATS)
1103 return standard(dev, iwr, cmd, info,
1104 &iw_handler_get_iwstats);
1105
1106 if (cmd == SIOCGIWPRIV && dev->wireless_handlers)
1107 return standard(dev, iwr, cmd, info,
1108 &iw_handler_get_private);
1109
1110
1111 if (!netif_device_present(dev))
1112 return -ENODEV;
1113
1114
1115 handler = get_handler(dev, cmd);
1116 if (handler) {
1117
1118 if (cmd < SIOCIWFIRSTPRIV)
1119 return standard(dev, iwr, cmd, info, handler);
1120 else
1121 return private(dev, iwr, cmd, info, handler);
1122 }
1123
1124 if (dev->netdev_ops->ndo_do_ioctl)
1125 return dev->netdev_ops->ndo_do_ioctl(dev, ifr, cmd);
1126 return -EOPNOTSUPP;
1127}
1128
1129
1130
1131
1132static int wext_permission_check(unsigned int cmd)
1133{
1134 if ((IW_IS_SET(cmd) || cmd == SIOCGIWENCODE || cmd == SIOCGIWENCODEEXT)
1135 && !capable(CAP_NET_ADMIN))
1136 return -EPERM;
1137
1138 return 0;
1139}
1140
1141
1142static int wext_ioctl_dispatch(struct net *net, struct ifreq *ifr,
1143 unsigned int cmd, struct iw_request_info *info,
1144 wext_ioctl_func standard,
1145 wext_ioctl_func private)
1146{
1147 int ret = wext_permission_check(cmd);
1148
1149 if (ret)
1150 return ret;
1151
1152 dev_load(net, ifr->ifr_name);
1153 rtnl_lock();
1154 ret = wireless_process_ioctl(net, ifr, cmd, info, standard, private);
1155 rtnl_unlock();
1156
1157 return ret;
1158}
1159
1160int wext_handle_ioctl(struct net *net, struct ifreq *ifr, unsigned int cmd,
1161 void __user *arg)
1162{
1163 struct iw_request_info info = { .cmd = cmd, .flags = 0 };
1164 int ret;
1165
1166 ret = wext_ioctl_dispatch(net, ifr, cmd, &info,
1167 ioctl_standard_call,
1168 ioctl_private_call);
1169 if (ret >= 0 &&
1170 IW_IS_GET(cmd) &&
1171 copy_to_user(arg, ifr, sizeof(struct iwreq)))
1172 return -EFAULT;
1173
1174 return ret;
1175}
1176
1177#ifdef CONFIG_COMPAT
1178static int compat_standard_call(struct net_device *dev,
1179 struct iwreq *iwr,
1180 unsigned int cmd,
1181 struct iw_request_info *info,
1182 iw_handler handler)
1183{
1184 const struct iw_ioctl_description *descr;
1185 struct compat_iw_point *iwp_compat;
1186 struct iw_point iwp;
1187 int err;
1188
1189 descr = standard_ioctl + (cmd - SIOCIWFIRST);
1190
1191 if (descr->header_type != IW_HEADER_TYPE_POINT)
1192 return ioctl_standard_call(dev, iwr, cmd, info, handler);
1193
1194 iwp_compat = (struct compat_iw_point *) &iwr->u.data;
1195 iwp.pointer = compat_ptr(iwp_compat->pointer);
1196 iwp.length = iwp_compat->length;
1197 iwp.flags = iwp_compat->flags;
1198
1199 err = ioctl_standard_iw_point(&iwp, cmd, descr, handler, dev, info);
1200
1201 iwp_compat->pointer = ptr_to_compat(iwp.pointer);
1202 iwp_compat->length = iwp.length;
1203 iwp_compat->flags = iwp.flags;
1204
1205 return err;
1206}
1207
1208static int compat_private_call(struct net_device *dev, struct iwreq *iwr,
1209 unsigned int cmd, struct iw_request_info *info,
1210 iw_handler handler)
1211{
1212 const struct iw_priv_args *descr;
1213 int ret, extra_size;
1214
1215 extra_size = get_priv_descr_and_size(dev, cmd, &descr);
1216
1217
1218 if (extra_size == 0) {
1219
1220 ret = handler(dev, info, &(iwr->u), (char *) &(iwr->u));
1221 } else {
1222 struct compat_iw_point *iwp_compat;
1223 struct iw_point iwp;
1224
1225 iwp_compat = (struct compat_iw_point *) &iwr->u.data;
1226 iwp.pointer = compat_ptr(iwp_compat->pointer);
1227 iwp.length = iwp_compat->length;
1228 iwp.flags = iwp_compat->flags;
1229
1230 ret = ioctl_private_iw_point(&iwp, cmd, descr,
1231 handler, dev, info, extra_size);
1232
1233 iwp_compat->pointer = ptr_to_compat(iwp.pointer);
1234 iwp_compat->length = iwp.length;
1235 iwp_compat->flags = iwp.flags;
1236 }
1237
1238
1239 if (ret == -EIWCOMMIT)
1240 ret = call_commit_handler(dev);
1241
1242 return ret;
1243}
1244
1245int compat_wext_handle_ioctl(struct net *net, unsigned int cmd,
1246 unsigned long arg)
1247{
1248 void __user *argp = (void __user *)arg;
1249 struct iw_request_info info;
1250 struct iwreq iwr;
1251 char *colon;
1252 int ret;
1253
1254 if (copy_from_user(&iwr, argp, sizeof(struct iwreq)))
1255 return -EFAULT;
1256
1257 iwr.ifr_name[IFNAMSIZ-1] = 0;
1258 colon = strchr(iwr.ifr_name, ':');
1259 if (colon)
1260 *colon = 0;
1261
1262 info.cmd = cmd;
1263 info.flags = IW_REQUEST_FLAG_COMPAT;
1264
1265 ret = wext_ioctl_dispatch(net, (struct ifreq *) &iwr, cmd, &info,
1266 compat_standard_call,
1267 compat_private_call);
1268
1269 if (ret >= 0 &&
1270 IW_IS_GET(cmd) &&
1271 copy_to_user(argp, &iwr, sizeof(struct iwreq)))
1272 return -EFAULT;
1273
1274 return ret;
1275}
1276#endif
1277
1278static int __net_init wext_pernet_init(struct net *net)
1279{
1280 skb_queue_head_init(&net->wext_nlevents);
1281 return 0;
1282}
1283
1284static void __net_exit wext_pernet_exit(struct net *net)
1285{
1286 skb_queue_purge(&net->wext_nlevents);
1287}
1288
1289static struct pernet_operations wext_pernet_ops = {
1290 .init = wext_pernet_init,
1291 .exit = wext_pernet_exit,
1292};
1293
1294static int __init wireless_nlevent_init(void)
1295{
1296 return register_pernet_subsys(&wext_pernet_ops);
1297}
1298
1299subsys_initcall(wireless_nlevent_init);
1300
1301
1302static void wireless_nlevent_process(struct work_struct *work)
1303{
1304 struct sk_buff *skb;
1305 struct net *net;
1306
1307 rtnl_lock();
1308
1309 for_each_net(net) {
1310 while ((skb = skb_dequeue(&net->wext_nlevents)))
1311 rtnl_notify(skb, net, 0, RTNLGRP_LINK, NULL,
1312 GFP_KERNEL);
1313 }
1314
1315 rtnl_unlock();
1316}
1317
1318static DECLARE_WORK(wireless_nlevent_work, wireless_nlevent_process);
1319
1320static struct nlmsghdr *rtnetlink_ifinfo_prep(struct net_device *dev,
1321 struct sk_buff *skb)
1322{
1323 struct ifinfomsg *r;
1324 struct nlmsghdr *nlh;
1325
1326 nlh = nlmsg_put(skb, 0, 0, RTM_NEWLINK, sizeof(*r), 0);
1327 if (!nlh)
1328 return NULL;
1329
1330 r = nlmsg_data(nlh);
1331 r->ifi_family = AF_UNSPEC;
1332 r->__ifi_pad = 0;
1333 r->ifi_type = dev->type;
1334 r->ifi_index = dev->ifindex;
1335 r->ifi_flags = dev_get_flags(dev);
1336 r->ifi_change = 0;
1337
1338 NLA_PUT_STRING(skb, IFLA_IFNAME, dev->name);
1339
1340 return nlh;
1341 nla_put_failure:
1342 nlmsg_cancel(skb, nlh);
1343 return NULL;
1344}
1345
1346
1347
1348
1349
1350
1351
1352void wireless_send_event(struct net_device * dev,
1353 unsigned int cmd,
1354 union iwreq_data * wrqu,
1355 const char * extra)
1356{
1357 const struct iw_ioctl_description * descr = NULL;
1358 int extra_len = 0;
1359 struct iw_event *event;
1360 int event_len;
1361 int hdr_len;
1362 int wrqu_off = 0;
1363
1364 unsigned cmd_index;
1365 struct sk_buff *skb;
1366 struct nlmsghdr *nlh;
1367 struct nlattr *nla;
1368#ifdef CONFIG_COMPAT
1369 struct __compat_iw_event *compat_event;
1370 struct compat_iw_point compat_wrqu;
1371 struct sk_buff *compskb;
1372#endif
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382 if (WARN_ON(cmd == SIOCGIWSCAN && extra))
1383 extra = NULL;
1384
1385
1386 if (cmd <= SIOCIWLAST) {
1387 cmd_index = cmd - SIOCIWFIRST;
1388 if (cmd_index < standard_ioctl_num)
1389 descr = &(standard_ioctl[cmd_index]);
1390 } else {
1391 cmd_index = cmd - IWEVFIRST;
1392 if (cmd_index < standard_event_num)
1393 descr = &(standard_event[cmd_index]);
1394 }
1395
1396 if (descr == NULL) {
1397
1398
1399
1400
1401
1402
1403
1404 printk(KERN_ERR "%s (WE) : Invalid/Unknown Wireless Event (0x%04X)\n",
1405 dev->name, cmd);
1406 return;
1407 }
1408
1409
1410 if (descr->header_type == IW_HEADER_TYPE_POINT) {
1411
1412 if (wrqu->data.length > descr->max_tokens) {
1413 printk(KERN_ERR "%s (WE) : Wireless Event too big (%d)\n", dev->name, wrqu->data.length);
1414 return;
1415 }
1416 if (wrqu->data.length < descr->min_tokens) {
1417 printk(KERN_ERR "%s (WE) : Wireless Event too small (%d)\n", dev->name, wrqu->data.length);
1418 return;
1419 }
1420
1421 if (extra != NULL)
1422 extra_len = wrqu->data.length * descr->token_size;
1423
1424 wrqu_off = IW_EV_POINT_OFF;
1425 }
1426
1427
1428 hdr_len = event_type_size[descr->header_type];
1429 event_len = hdr_len + extra_len;
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454 skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC);
1455 if (!skb)
1456 return;
1457
1458
1459 nlh = rtnetlink_ifinfo_prep(dev, skb);
1460 if (WARN_ON(!nlh)) {
1461 kfree_skb(skb);
1462 return;
1463 }
1464
1465
1466 nla = nla_reserve(skb, IFLA_WIRELESS, event_len);
1467 if (!nla) {
1468 kfree_skb(skb);
1469 return;
1470 }
1471 event = nla_data(nla);
1472
1473
1474 memset(event, 0, hdr_len);
1475 event->len = event_len;
1476 event->cmd = cmd;
1477 memcpy(&event->u, ((char *) wrqu) + wrqu_off, hdr_len - IW_EV_LCP_LEN);
1478 if (extra_len)
1479 memcpy(((char *) event) + hdr_len, extra, extra_len);
1480
1481 nlmsg_end(skb, nlh);
1482#ifdef CONFIG_COMPAT
1483 hdr_len = compat_event_type_size[descr->header_type];
1484 event_len = hdr_len + extra_len;
1485
1486 compskb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC);
1487 if (!compskb) {
1488 kfree_skb(skb);
1489 return;
1490 }
1491
1492
1493 nlh = rtnetlink_ifinfo_prep(dev, compskb);
1494 if (WARN_ON(!nlh)) {
1495 kfree_skb(skb);
1496 kfree_skb(compskb);
1497 return;
1498 }
1499
1500
1501 nla = nla_reserve(compskb, IFLA_WIRELESS, event_len);
1502 if (!nla) {
1503 kfree_skb(skb);
1504 kfree_skb(compskb);
1505 return;
1506 }
1507 compat_event = nla_data(nla);
1508
1509 compat_event->len = event_len;
1510 compat_event->cmd = cmd;
1511 if (descr->header_type == IW_HEADER_TYPE_POINT) {
1512 compat_wrqu.length = wrqu->data.length;
1513 compat_wrqu.flags = wrqu->data.flags;
1514 memcpy(&compat_event->pointer,
1515 ((char *) &compat_wrqu) + IW_EV_COMPAT_POINT_OFF,
1516 hdr_len - IW_EV_COMPAT_LCP_LEN);
1517 if (extra_len)
1518 memcpy(((char *) compat_event) + hdr_len,
1519 extra, extra_len);
1520 } else {
1521
1522 memcpy(&compat_event->pointer, wrqu,
1523 hdr_len - IW_EV_COMPAT_LCP_LEN);
1524 }
1525
1526 nlmsg_end(compskb, nlh);
1527
1528 skb_shinfo(skb)->frag_list = compskb;
1529#endif
1530 skb_queue_tail(&dev_net(dev)->wext_nlevents, skb);
1531 schedule_work(&wireless_nlevent_work);
1532}
1533EXPORT_SYMBOL(wireless_send_event);
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553static inline struct iw_spy_data *get_spydata(struct net_device *dev)
1554{
1555
1556 if (dev->wireless_data)
1557 return dev->wireless_data->spy_data;
1558 return NULL;
1559}
1560
1561
1562
1563
1564
1565int iw_handler_set_spy(struct net_device * dev,
1566 struct iw_request_info * info,
1567 union iwreq_data * wrqu,
1568 char * extra)
1569{
1570 struct iw_spy_data * spydata = get_spydata(dev);
1571 struct sockaddr * address = (struct sockaddr *) extra;
1572
1573
1574 if (!spydata)
1575 return -EOPNOTSUPP;
1576
1577
1578
1579
1580 spydata->spy_number = 0;
1581
1582
1583
1584
1585
1586
1587
1588 smp_wmb();
1589
1590
1591 if (wrqu->data.length > 0) {
1592 int i;
1593
1594
1595 for (i = 0; i < wrqu->data.length; i++)
1596 memcpy(spydata->spy_address[i], address[i].sa_data,
1597 ETH_ALEN);
1598
1599 memset(spydata->spy_stat, 0,
1600 sizeof(struct iw_quality) * IW_MAX_SPY);
1601 }
1602
1603
1604 smp_wmb();
1605
1606
1607 spydata->spy_number = wrqu->data.length;
1608
1609 return 0;
1610}
1611EXPORT_SYMBOL(iw_handler_set_spy);
1612
1613
1614
1615
1616
1617int iw_handler_get_spy(struct net_device * dev,
1618 struct iw_request_info * info,
1619 union iwreq_data * wrqu,
1620 char * extra)
1621{
1622 struct iw_spy_data * spydata = get_spydata(dev);
1623 struct sockaddr * address = (struct sockaddr *) extra;
1624 int i;
1625
1626
1627 if (!spydata)
1628 return -EOPNOTSUPP;
1629
1630 wrqu->data.length = spydata->spy_number;
1631
1632
1633 for (i = 0; i < spydata->spy_number; i++) {
1634 memcpy(address[i].sa_data, spydata->spy_address[i], ETH_ALEN);
1635 address[i].sa_family = AF_UNIX;
1636 }
1637
1638 if (spydata->spy_number > 0)
1639 memcpy(extra + (sizeof(struct sockaddr) *spydata->spy_number),
1640 spydata->spy_stat,
1641 sizeof(struct iw_quality) * spydata->spy_number);
1642
1643 for (i = 0; i < spydata->spy_number; i++)
1644 spydata->spy_stat[i].updated &= ~IW_QUAL_ALL_UPDATED;
1645 return 0;
1646}
1647EXPORT_SYMBOL(iw_handler_get_spy);
1648
1649
1650
1651
1652
1653int iw_handler_set_thrspy(struct net_device * dev,
1654 struct iw_request_info *info,
1655 union iwreq_data * wrqu,
1656 char * extra)
1657{
1658 struct iw_spy_data * spydata = get_spydata(dev);
1659 struct iw_thrspy * threshold = (struct iw_thrspy *) extra;
1660
1661
1662 if (!spydata)
1663 return -EOPNOTSUPP;
1664
1665
1666 memcpy(&(spydata->spy_thr_low), &(threshold->low),
1667 2 * sizeof(struct iw_quality));
1668
1669
1670 memset(spydata->spy_thr_under, '\0', sizeof(spydata->spy_thr_under));
1671
1672 return 0;
1673}
1674EXPORT_SYMBOL(iw_handler_set_thrspy);
1675
1676
1677
1678
1679
1680int iw_handler_get_thrspy(struct net_device * dev,
1681 struct iw_request_info *info,
1682 union iwreq_data * wrqu,
1683 char * extra)
1684{
1685 struct iw_spy_data * spydata = get_spydata(dev);
1686 struct iw_thrspy * threshold = (struct iw_thrspy *) extra;
1687
1688
1689 if (!spydata)
1690 return -EOPNOTSUPP;
1691
1692
1693 memcpy(&(threshold->low), &(spydata->spy_thr_low),
1694 2 * sizeof(struct iw_quality));
1695
1696 return 0;
1697}
1698EXPORT_SYMBOL(iw_handler_get_thrspy);
1699
1700
1701
1702
1703
1704static void iw_send_thrspy_event(struct net_device * dev,
1705 struct iw_spy_data * spydata,
1706 unsigned char * address,
1707 struct iw_quality * wstats)
1708{
1709 union iwreq_data wrqu;
1710 struct iw_thrspy threshold;
1711
1712
1713 wrqu.data.length = 1;
1714 wrqu.data.flags = 0;
1715
1716 memcpy(threshold.addr.sa_data, address, ETH_ALEN);
1717 threshold.addr.sa_family = ARPHRD_ETHER;
1718
1719 memcpy(&(threshold.qual), wstats, sizeof(struct iw_quality));
1720
1721 memcpy(&(threshold.low), &(spydata->spy_thr_low),
1722 2 * sizeof(struct iw_quality));
1723
1724
1725 wireless_send_event(dev, SIOCGIWTHRSPY, &wrqu, (char *) &threshold);
1726}
1727
1728
1729
1730
1731
1732
1733
1734
1735void wireless_spy_update(struct net_device * dev,
1736 unsigned char * address,
1737 struct iw_quality * wstats)
1738{
1739 struct iw_spy_data * spydata = get_spydata(dev);
1740 int i;
1741 int match = -1;
1742
1743
1744 if (!spydata)
1745 return;
1746
1747
1748 for (i = 0; i < spydata->spy_number; i++)
1749 if (!compare_ether_addr(address, spydata->spy_address[i])) {
1750 memcpy(&(spydata->spy_stat[i]), wstats,
1751 sizeof(struct iw_quality));
1752 match = i;
1753 }
1754
1755
1756
1757
1758
1759 if (match >= 0) {
1760 if (spydata->spy_thr_under[match]) {
1761 if (wstats->level > spydata->spy_thr_high.level) {
1762 spydata->spy_thr_under[match] = 0;
1763 iw_send_thrspy_event(dev, spydata,
1764 address, wstats);
1765 }
1766 } else {
1767 if (wstats->level < spydata->spy_thr_low.level) {
1768 spydata->spy_thr_under[match] = 1;
1769 iw_send_thrspy_event(dev, spydata,
1770 address, wstats);
1771 }
1772 }
1773 }
1774}
1775EXPORT_SYMBOL(wireless_spy_update);
1776
