1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18#include <linux/list.h>
19#include <linux/slab.h>
20#include <linux/spinlock.h>
21#include <net/dst.h>
22#include <net/xfrm.h>
23#include <net/mac80211.h>
24#include <net/ieee80211_radiotap.h>
25#include <linux/if_arp.h>
26#include <linux/rtnetlink.h>
27#include <linux/etherdevice.h>
28#include <linux/platform_device.h>
29#include <linux/debugfs.h>
30#include <linux/module.h>
31#include <linux/ktime.h>
32#include <net/genetlink.h>
33#include "mac80211_hwsim.h"
34
35#define WARN_QUEUE 100
36#define MAX_QUEUE 200
37
38MODULE_AUTHOR("Jouni Malinen");
39MODULE_DESCRIPTION("Software simulator of 802.11 radio(s) for mac80211");
40MODULE_LICENSE("GPL");
41
42static u32 wmediumd_portid;
43
44static int radios = 2;
45module_param(radios, int, 0444);
46MODULE_PARM_DESC(radios, "Number of simulated radios");
47
48static int channels = 1;
49module_param(channels, int, 0444);
50MODULE_PARM_DESC(channels, "Number of concurrent channels");
51
52static bool paged_rx = false;
53module_param(paged_rx, bool, 0644);
54MODULE_PARM_DESC(paged_rx, "Use paged SKBs for RX instead of linear ones");
55
56static bool rctbl = false;
57module_param(rctbl, bool, 0444);
58MODULE_PARM_DESC(rctbl, "Handle rate control table");
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117enum hwsim_regtest {
118 HWSIM_REGTEST_DISABLED = 0,
119 HWSIM_REGTEST_DRIVER_REG_FOLLOW = 1,
120 HWSIM_REGTEST_DRIVER_REG_ALL = 2,
121 HWSIM_REGTEST_DIFF_COUNTRY = 3,
122 HWSIM_REGTEST_WORLD_ROAM = 4,
123 HWSIM_REGTEST_CUSTOM_WORLD = 5,
124 HWSIM_REGTEST_CUSTOM_WORLD_2 = 6,
125 HWSIM_REGTEST_STRICT_FOLLOW = 7,
126 HWSIM_REGTEST_STRICT_ALL = 8,
127 HWSIM_REGTEST_STRICT_AND_DRIVER_REG = 9,
128 HWSIM_REGTEST_ALL = 10,
129};
130
131
132static int regtest = HWSIM_REGTEST_DISABLED;
133module_param(regtest, int, 0444);
134MODULE_PARM_DESC(regtest, "The type of regulatory test we want to run");
135
136static const char *hwsim_alpha2s[] = {
137 "FI",
138 "AL",
139 "US",
140 "DE",
141 "JP",
142 "AL",
143};
144
145static const struct ieee80211_regdomain hwsim_world_regdom_custom_01 = {
146 .n_reg_rules = 4,
147 .alpha2 = "99",
148 .reg_rules = {
149 REG_RULE(2412-10, 2462+10, 40, 0, 20, 0),
150 REG_RULE(2484-10, 2484+10, 40, 0, 20, 0),
151 REG_RULE(5150-10, 5240+10, 40, 0, 30, 0),
152 REG_RULE(5745-10, 5825+10, 40, 0, 30, 0),
153 }
154};
155
156static const struct ieee80211_regdomain hwsim_world_regdom_custom_02 = {
157 .n_reg_rules = 2,
158 .alpha2 = "99",
159 .reg_rules = {
160 REG_RULE(2412-10, 2462+10, 40, 0, 20, 0),
161 REG_RULE(5725-10, 5850+10, 40, 0, 30,
162 NL80211_RRF_PASSIVE_SCAN | NL80211_RRF_NO_IBSS),
163 }
164};
165
166struct hwsim_vif_priv {
167 u32 magic;
168 u8 bssid[ETH_ALEN];
169 bool assoc;
170 u16 aid;
171};
172
173#define HWSIM_VIF_MAGIC 0x69537748
174
175static inline void hwsim_check_magic(struct ieee80211_vif *vif)
176{
177 struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
178 WARN(vp->magic != HWSIM_VIF_MAGIC,
179 "Invalid VIF (%p) magic %#x, %pM, %d/%d\n",
180 vif, vp->magic, vif->addr, vif->type, vif->p2p);
181}
182
183static inline void hwsim_set_magic(struct ieee80211_vif *vif)
184{
185 struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
186 vp->magic = HWSIM_VIF_MAGIC;
187}
188
189static inline void hwsim_clear_magic(struct ieee80211_vif *vif)
190{
191 struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
192 vp->magic = 0;
193}
194
195struct hwsim_sta_priv {
196 u32 magic;
197};
198
199#define HWSIM_STA_MAGIC 0x6d537749
200
201static inline void hwsim_check_sta_magic(struct ieee80211_sta *sta)
202{
203 struct hwsim_sta_priv *sp = (void *)sta->drv_priv;
204 WARN_ON(sp->magic != HWSIM_STA_MAGIC);
205}
206
207static inline void hwsim_set_sta_magic(struct ieee80211_sta *sta)
208{
209 struct hwsim_sta_priv *sp = (void *)sta->drv_priv;
210 sp->magic = HWSIM_STA_MAGIC;
211}
212
213static inline void hwsim_clear_sta_magic(struct ieee80211_sta *sta)
214{
215 struct hwsim_sta_priv *sp = (void *)sta->drv_priv;
216 sp->magic = 0;
217}
218
219struct hwsim_chanctx_priv {
220 u32 magic;
221};
222
223#define HWSIM_CHANCTX_MAGIC 0x6d53774a
224
225static inline void hwsim_check_chanctx_magic(struct ieee80211_chanctx_conf *c)
226{
227 struct hwsim_chanctx_priv *cp = (void *)c->drv_priv;
228 WARN_ON(cp->magic != HWSIM_CHANCTX_MAGIC);
229}
230
231static inline void hwsim_set_chanctx_magic(struct ieee80211_chanctx_conf *c)
232{
233 struct hwsim_chanctx_priv *cp = (void *)c->drv_priv;
234 cp->magic = HWSIM_CHANCTX_MAGIC;
235}
236
237static inline void hwsim_clear_chanctx_magic(struct ieee80211_chanctx_conf *c)
238{
239 struct hwsim_chanctx_priv *cp = (void *)c->drv_priv;
240 cp->magic = 0;
241}
242
243static struct class *hwsim_class;
244
245static struct net_device *hwsim_mon;
246
247#define CHAN2G(_freq) { \
248 .band = IEEE80211_BAND_2GHZ, \
249 .center_freq = (_freq), \
250 .hw_value = (_freq), \
251 .max_power = 20, \
252}
253
254#define CHAN5G(_freq) { \
255 .band = IEEE80211_BAND_5GHZ, \
256 .center_freq = (_freq), \
257 .hw_value = (_freq), \
258 .max_power = 20, \
259}
260
261static const struct ieee80211_channel hwsim_channels_2ghz[] = {
262 CHAN2G(2412),
263 CHAN2G(2417),
264 CHAN2G(2422),
265 CHAN2G(2427),
266 CHAN2G(2432),
267 CHAN2G(2437),
268 CHAN2G(2442),
269 CHAN2G(2447),
270 CHAN2G(2452),
271 CHAN2G(2457),
272 CHAN2G(2462),
273 CHAN2G(2467),
274 CHAN2G(2472),
275 CHAN2G(2484),
276};
277
278static const struct ieee80211_channel hwsim_channels_5ghz[] = {
279 CHAN5G(5180),
280 CHAN5G(5200),
281 CHAN5G(5220),
282 CHAN5G(5240),
283
284 CHAN5G(5260),
285 CHAN5G(5280),
286 CHAN5G(5300),
287 CHAN5G(5320),
288
289 CHAN5G(5500),
290 CHAN5G(5520),
291 CHAN5G(5540),
292 CHAN5G(5560),
293 CHAN5G(5580),
294 CHAN5G(5600),
295 CHAN5G(5620),
296 CHAN5G(5640),
297 CHAN5G(5660),
298 CHAN5G(5680),
299 CHAN5G(5700),
300
301 CHAN5G(5745),
302 CHAN5G(5765),
303 CHAN5G(5785),
304 CHAN5G(5805),
305 CHAN5G(5825),
306};
307
308static const struct ieee80211_rate hwsim_rates[] = {
309 { .bitrate = 10 },
310 { .bitrate = 20, .flags = IEEE80211_RATE_SHORT_PREAMBLE },
311 { .bitrate = 55, .flags = IEEE80211_RATE_SHORT_PREAMBLE },
312 { .bitrate = 110, .flags = IEEE80211_RATE_SHORT_PREAMBLE },
313 { .bitrate = 60 },
314 { .bitrate = 90 },
315 { .bitrate = 120 },
316 { .bitrate = 180 },
317 { .bitrate = 240 },
318 { .bitrate = 360 },
319 { .bitrate = 480 },
320 { .bitrate = 540 }
321};
322
323static spinlock_t hwsim_radio_lock;
324static struct list_head hwsim_radios;
325
326struct mac80211_hwsim_data {
327 struct list_head list;
328 struct ieee80211_hw *hw;
329 struct device *dev;
330 struct ieee80211_supported_band bands[IEEE80211_NUM_BANDS];
331 struct ieee80211_channel channels_2ghz[ARRAY_SIZE(hwsim_channels_2ghz)];
332 struct ieee80211_channel channels_5ghz[ARRAY_SIZE(hwsim_channels_5ghz)];
333 struct ieee80211_rate rates[ARRAY_SIZE(hwsim_rates)];
334
335 struct mac_address addresses[2];
336
337 struct ieee80211_channel *tmp_chan;
338 struct delayed_work roc_done;
339 struct delayed_work hw_scan;
340 struct cfg80211_scan_request *hw_scan_request;
341 struct ieee80211_vif *hw_scan_vif;
342 int scan_chan_idx;
343
344 struct ieee80211_channel *channel;
345 u64 beacon_int ;
346 unsigned int rx_filter;
347 bool started, idle, scanning;
348 struct mutex mutex;
349 struct tasklet_hrtimer beacon_timer;
350 enum ps_mode {
351 PS_DISABLED, PS_ENABLED, PS_AUTO_POLL, PS_MANUAL_POLL
352 } ps;
353 bool ps_poll_pending;
354 struct dentry *debugfs;
355 struct dentry *debugfs_ps;
356
357 struct sk_buff_head pending;
358
359
360
361
362
363 u64 group;
364 struct dentry *debugfs_group;
365
366 int power_level;
367
368
369 s64 tsf_offset;
370 s64 bcn_delta;
371
372 u64 abs_bcn_ts;
373};
374
375
376struct hwsim_radiotap_hdr {
377 struct ieee80211_radiotap_header hdr;
378 __le64 rt_tsft;
379 u8 rt_flags;
380 u8 rt_rate;
381 __le16 rt_channel;
382 __le16 rt_chbitmask;
383} __packed;
384
385
386static struct genl_family hwsim_genl_family = {
387 .id = GENL_ID_GENERATE,
388 .hdrsize = 0,
389 .name = "MAC80211_HWSIM",
390 .version = 1,
391 .maxattr = HWSIM_ATTR_MAX,
392};
393
394
395
396static struct nla_policy hwsim_genl_policy[HWSIM_ATTR_MAX + 1] = {
397 [HWSIM_ATTR_ADDR_RECEIVER] = { .type = NLA_UNSPEC,
398 .len = 6*sizeof(u8) },
399 [HWSIM_ATTR_ADDR_TRANSMITTER] = { .type = NLA_UNSPEC,
400 .len = 6*sizeof(u8) },
401 [HWSIM_ATTR_FRAME] = { .type = NLA_BINARY,
402 .len = IEEE80211_MAX_DATA_LEN },
403 [HWSIM_ATTR_FLAGS] = { .type = NLA_U32 },
404 [HWSIM_ATTR_RX_RATE] = { .type = NLA_U32 },
405 [HWSIM_ATTR_SIGNAL] = { .type = NLA_U32 },
406 [HWSIM_ATTR_TX_INFO] = { .type = NLA_UNSPEC,
407 .len = IEEE80211_TX_MAX_RATES*sizeof(
408 struct hwsim_tx_rate)},
409 [HWSIM_ATTR_COOKIE] = { .type = NLA_U64 },
410};
411
412static netdev_tx_t hwsim_mon_xmit(struct sk_buff *skb,
413 struct net_device *dev)
414{
415
416 dev_kfree_skb(skb);
417 return NETDEV_TX_OK;
418}
419
420static inline u64 mac80211_hwsim_get_tsf_raw(void)
421{
422 return ktime_to_us(ktime_get_real());
423}
424
425static __le64 __mac80211_hwsim_get_tsf(struct mac80211_hwsim_data *data)
426{
427 u64 now = mac80211_hwsim_get_tsf_raw();
428 return cpu_to_le64(now + data->tsf_offset);
429}
430
431static u64 mac80211_hwsim_get_tsf(struct ieee80211_hw *hw,
432 struct ieee80211_vif *vif)
433{
434 struct mac80211_hwsim_data *data = hw->priv;
435 return le64_to_cpu(__mac80211_hwsim_get_tsf(data));
436}
437
438static void mac80211_hwsim_set_tsf(struct ieee80211_hw *hw,
439 struct ieee80211_vif *vif, u64 tsf)
440{
441 struct mac80211_hwsim_data *data = hw->priv;
442 u64 now = mac80211_hwsim_get_tsf(hw, vif);
443 u32 bcn_int = data->beacon_int;
444 s64 delta = tsf - now;
445
446 data->tsf_offset += delta;
447
448 data->bcn_delta = do_div(delta, bcn_int);
449}
450
451static void mac80211_hwsim_monitor_rx(struct ieee80211_hw *hw,
452 struct sk_buff *tx_skb,
453 struct ieee80211_channel *chan)
454{
455 struct mac80211_hwsim_data *data = hw->priv;
456 struct sk_buff *skb;
457 struct hwsim_radiotap_hdr *hdr;
458 u16 flags;
459 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx_skb);
460 struct ieee80211_rate *txrate = ieee80211_get_tx_rate(hw, info);
461
462 if (!netif_running(hwsim_mon))
463 return;
464
465 skb = skb_copy_expand(tx_skb, sizeof(*hdr), 0, GFP_ATOMIC);
466 if (skb == NULL)
467 return;
468
469 hdr = (struct hwsim_radiotap_hdr *) skb_push(skb, sizeof(*hdr));
470 hdr->hdr.it_version = PKTHDR_RADIOTAP_VERSION;
471 hdr->hdr.it_pad = 0;
472 hdr->hdr.it_len = cpu_to_le16(sizeof(*hdr));
473 hdr->hdr.it_present = cpu_to_le32((1 << IEEE80211_RADIOTAP_FLAGS) |
474 (1 << IEEE80211_RADIOTAP_RATE) |
475 (1 << IEEE80211_RADIOTAP_TSFT) |
476 (1 << IEEE80211_RADIOTAP_CHANNEL));
477 hdr->rt_tsft = __mac80211_hwsim_get_tsf(data);
478 hdr->rt_flags = 0;
479 hdr->rt_rate = txrate->bitrate / 5;
480 hdr->rt_channel = cpu_to_le16(chan->center_freq);
481 flags = IEEE80211_CHAN_2GHZ;
482 if (txrate->flags & IEEE80211_RATE_ERP_G)
483 flags |= IEEE80211_CHAN_OFDM;
484 else
485 flags |= IEEE80211_CHAN_CCK;
486 hdr->rt_chbitmask = cpu_to_le16(flags);
487
488 skb->dev = hwsim_mon;
489 skb_set_mac_header(skb, 0);
490 skb->ip_summed = CHECKSUM_UNNECESSARY;
491 skb->pkt_type = PACKET_OTHERHOST;
492 skb->protocol = htons(ETH_P_802_2);
493 memset(skb->cb, 0, sizeof(skb->cb));
494 netif_rx(skb);
495}
496
497
498static void mac80211_hwsim_monitor_ack(struct ieee80211_channel *chan,
499 const u8 *addr)
500{
501 struct sk_buff *skb;
502 struct hwsim_radiotap_hdr *hdr;
503 u16 flags;
504 struct ieee80211_hdr *hdr11;
505
506 if (!netif_running(hwsim_mon))
507 return;
508
509 skb = dev_alloc_skb(100);
510 if (skb == NULL)
511 return;
512
513 hdr = (struct hwsim_radiotap_hdr *) skb_put(skb, sizeof(*hdr));
514 hdr->hdr.it_version = PKTHDR_RADIOTAP_VERSION;
515 hdr->hdr.it_pad = 0;
516 hdr->hdr.it_len = cpu_to_le16(sizeof(*hdr));
517 hdr->hdr.it_present = cpu_to_le32((1 << IEEE80211_RADIOTAP_FLAGS) |
518 (1 << IEEE80211_RADIOTAP_CHANNEL));
519 hdr->rt_flags = 0;
520 hdr->rt_rate = 0;
521 hdr->rt_channel = cpu_to_le16(chan->center_freq);
522 flags = IEEE80211_CHAN_2GHZ;
523 hdr->rt_chbitmask = cpu_to_le16(flags);
524
525 hdr11 = (struct ieee80211_hdr *) skb_put(skb, 10);
526 hdr11->frame_control = cpu_to_le16(IEEE80211_FTYPE_CTL |
527 IEEE80211_STYPE_ACK);
528 hdr11->duration_id = cpu_to_le16(0);
529 memcpy(hdr11->addr1, addr, ETH_ALEN);
530
531 skb->dev = hwsim_mon;
532 skb_set_mac_header(skb, 0);
533 skb->ip_summed = CHECKSUM_UNNECESSARY;
534 skb->pkt_type = PACKET_OTHERHOST;
535 skb->protocol = htons(ETH_P_802_2);
536 memset(skb->cb, 0, sizeof(skb->cb));
537 netif_rx(skb);
538}
539
540
541static bool hwsim_ps_rx_ok(struct mac80211_hwsim_data *data,
542 struct sk_buff *skb)
543{
544 switch (data->ps) {
545 case PS_DISABLED:
546 return true;
547 case PS_ENABLED:
548 return false;
549 case PS_AUTO_POLL:
550
551
552 return true;
553 case PS_MANUAL_POLL:
554
555
556 if (data->ps_poll_pending &&
557 memcmp(data->hw->wiphy->perm_addr, skb->data + 4,
558 ETH_ALEN) == 0) {
559 data->ps_poll_pending = false;
560 return true;
561 }
562 return false;
563 }
564
565 return true;
566}
567
568
569struct mac80211_hwsim_addr_match_data {
570 bool ret;
571 const u8 *addr;
572};
573
574static void mac80211_hwsim_addr_iter(void *data, u8 *mac,
575 struct ieee80211_vif *vif)
576{
577 struct mac80211_hwsim_addr_match_data *md = data;
578 if (memcmp(mac, md->addr, ETH_ALEN) == 0)
579 md->ret = true;
580}
581
582
583static bool mac80211_hwsim_addr_match(struct mac80211_hwsim_data *data,
584 const u8 *addr)
585{
586 struct mac80211_hwsim_addr_match_data md;
587
588 if (memcmp(addr, data->hw->wiphy->perm_addr, ETH_ALEN) == 0)
589 return true;
590
591 md.ret = false;
592 md.addr = addr;
593 ieee80211_iterate_active_interfaces_atomic(data->hw,
594 IEEE80211_IFACE_ITER_NORMAL,
595 mac80211_hwsim_addr_iter,
596 &md);
597
598 return md.ret;
599}
600
601static void mac80211_hwsim_tx_frame_nl(struct ieee80211_hw *hw,
602 struct sk_buff *my_skb,
603 int dst_portid)
604{
605 struct sk_buff *skb;
606 struct mac80211_hwsim_data *data = hw->priv;
607 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) my_skb->data;
608 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(my_skb);
609 void *msg_head;
610 unsigned int hwsim_flags = 0;
611 int i;
612 struct hwsim_tx_rate tx_attempts[IEEE80211_TX_MAX_RATES];
613
614 if (data->ps != PS_DISABLED)
615 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PM);
616
617 if (skb_queue_len(&data->pending) >= MAX_QUEUE) {
618
619 while (skb_queue_len(&data->pending) >= WARN_QUEUE)
620 skb_dequeue(&data->pending);
621 }
622
623 skb = genlmsg_new(GENLMSG_DEFAULT_SIZE, GFP_ATOMIC);
624 if (skb == NULL)
625 goto nla_put_failure;
626
627 msg_head = genlmsg_put(skb, 0, 0, &hwsim_genl_family, 0,
628 HWSIM_CMD_FRAME);
629 if (msg_head == NULL) {
630 printk(KERN_DEBUG "mac80211_hwsim: problem with msg_head\n");
631 goto nla_put_failure;
632 }
633
634 if (nla_put(skb, HWSIM_ATTR_ADDR_TRANSMITTER,
635 sizeof(struct mac_address), data->addresses[1].addr))
636 goto nla_put_failure;
637
638
639 if (nla_put(skb, HWSIM_ATTR_FRAME, my_skb->len, my_skb->data))
640 goto nla_put_failure;
641
642
643
644
645 if (info->flags & IEEE80211_TX_CTL_REQ_TX_STATUS)
646 hwsim_flags |= HWSIM_TX_CTL_REQ_TX_STATUS;
647
648 if (info->flags & IEEE80211_TX_CTL_NO_ACK)
649 hwsim_flags |= HWSIM_TX_CTL_NO_ACK;
650
651 if (nla_put_u32(skb, HWSIM_ATTR_FLAGS, hwsim_flags))
652 goto nla_put_failure;
653
654
655
656 for (i = 0; i < IEEE80211_TX_MAX_RATES; i++) {
657 tx_attempts[i].idx = info->status.rates[i].idx;
658 tx_attempts[i].count = info->status.rates[i].count;
659 }
660
661 if (nla_put(skb, HWSIM_ATTR_TX_INFO,
662 sizeof(struct hwsim_tx_rate)*IEEE80211_TX_MAX_RATES,
663 tx_attempts))
664 goto nla_put_failure;
665
666
667 if (nla_put_u64(skb, HWSIM_ATTR_COOKIE, (unsigned long) my_skb))
668 goto nla_put_failure;
669
670 genlmsg_end(skb, msg_head);
671 genlmsg_unicast(&init_net, skb, dst_portid);
672
673
674 skb_queue_tail(&data->pending, my_skb);
675 return;
676
677nla_put_failure:
678 printk(KERN_DEBUG "mac80211_hwsim: error occurred in %s\n", __func__);
679}
680
681static bool hwsim_chans_compat(struct ieee80211_channel *c1,
682 struct ieee80211_channel *c2)
683{
684 if (!c1 || !c2)
685 return false;
686
687 return c1->center_freq == c2->center_freq;
688}
689
690struct tx_iter_data {
691 struct ieee80211_channel *channel;
692 bool receive;
693};
694
695static void mac80211_hwsim_tx_iter(void *_data, u8 *addr,
696 struct ieee80211_vif *vif)
697{
698 struct tx_iter_data *data = _data;
699
700 if (!vif->chanctx_conf)
701 return;
702
703 if (!hwsim_chans_compat(data->channel,
704 rcu_dereference(vif->chanctx_conf)->def.chan))
705 return;
706
707 data->receive = true;
708}
709
710static bool mac80211_hwsim_tx_frame_no_nl(struct ieee80211_hw *hw,
711 struct sk_buff *skb,
712 struct ieee80211_channel *chan)
713{
714 struct mac80211_hwsim_data *data = hw->priv, *data2;
715 bool ack = false;
716 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
717 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
718 struct ieee80211_rx_status rx_status;
719 u64 now;
720
721 memset(&rx_status, 0, sizeof(rx_status));
722 rx_status.flag |= RX_FLAG_MACTIME_START;
723 rx_status.freq = chan->center_freq;
724 rx_status.band = chan->band;
725 if (info->control.rates[0].flags & IEEE80211_TX_RC_VHT_MCS) {
726 rx_status.rate_idx =
727 ieee80211_rate_get_vht_mcs(&info->control.rates[0]);
728 rx_status.vht_nss =
729 ieee80211_rate_get_vht_nss(&info->control.rates[0]);
730 rx_status.flag |= RX_FLAG_VHT;
731 } else {
732 rx_status.rate_idx = info->control.rates[0].idx;
733 if (info->control.rates[0].flags & IEEE80211_TX_RC_MCS)
734 rx_status.flag |= RX_FLAG_HT;
735 }
736 if (info->control.rates[0].flags & IEEE80211_TX_RC_40_MHZ_WIDTH)
737 rx_status.flag |= RX_FLAG_40MHZ;
738 if (info->control.rates[0].flags & IEEE80211_TX_RC_SHORT_GI)
739 rx_status.flag |= RX_FLAG_SHORT_GI;
740
741 rx_status.signal = data->power_level - 50;
742
743 if (data->ps != PS_DISABLED)
744 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PM);
745
746
747 skb_orphan(skb);
748 skb_dst_drop(skb);
749 skb->mark = 0;
750 secpath_reset(skb);
751 nf_reset(skb);
752
753
754
755
756
757
758
759
760 if (ieee80211_is_beacon(hdr->frame_control) ||
761 ieee80211_is_probe_resp(hdr->frame_control))
762 now = data->abs_bcn_ts;
763 else
764 now = mac80211_hwsim_get_tsf_raw();
765
766
767 spin_lock(&hwsim_radio_lock);
768 list_for_each_entry(data2, &hwsim_radios, list) {
769 struct sk_buff *nskb;
770 struct tx_iter_data tx_iter_data = {
771 .receive = false,
772 .channel = chan,
773 };
774
775 if (data == data2)
776 continue;
777
778 if (!data2->started || (data2->idle && !data2->tmp_chan) ||
779 !hwsim_ps_rx_ok(data2, skb))
780 continue;
781
782 if (!(data->group & data2->group))
783 continue;
784
785 if (!hwsim_chans_compat(chan, data2->tmp_chan) &&
786 !hwsim_chans_compat(chan, data2->channel)) {
787 ieee80211_iterate_active_interfaces_atomic(
788 data2->hw, IEEE80211_IFACE_ITER_NORMAL,
789 mac80211_hwsim_tx_iter, &tx_iter_data);
790 if (!tx_iter_data.receive)
791 continue;
792 }
793
794
795
796
797
798 if (skb->len < PAGE_SIZE && paged_rx) {
799 struct page *page = alloc_page(GFP_ATOMIC);
800
801 if (!page)
802 continue;
803
804 nskb = dev_alloc_skb(128);
805 if (!nskb) {
806 __free_page(page);
807 continue;
808 }
809
810 memcpy(page_address(page), skb->data, skb->len);
811 skb_add_rx_frag(nskb, 0, page, 0, skb->len, skb->len);
812 } else {
813 nskb = skb_copy(skb, GFP_ATOMIC);
814 if (!nskb)
815 continue;
816 }
817
818 if (mac80211_hwsim_addr_match(data2, hdr->addr1))
819 ack = true;
820
821 rx_status.mactime = now + data2->tsf_offset;
822#if 0
823
824
825
826
827
828
829
830 rx_status.vendor_radiotap_oui[0] = 0x00;
831 rx_status.vendor_radiotap_oui[1] = 0x00;
832 rx_status.vendor_radiotap_oui[2] = 0x00;
833 rx_status.vendor_radiotap_subns = 127;
834
835
836
837
838
839
840 rx_status.vendor_radiotap_bitmap = BIT(0);
841
842 rx_status.vendor_radiotap_len = 8;
843
844 rx_status.vendor_radiotap_align = 8;
845
846 memcpy(skb_push(nskb, 8), "ABCDEFGH", 8);
847#endif
848
849 memcpy(IEEE80211_SKB_RXCB(nskb), &rx_status, sizeof(rx_status));
850 ieee80211_rx_irqsafe(data2->hw, nskb);
851 }
852 spin_unlock(&hwsim_radio_lock);
853
854 return ack;
855}
856
857static void mac80211_hwsim_tx(struct ieee80211_hw *hw,
858 struct ieee80211_tx_control *control,
859 struct sk_buff *skb)
860{
861 struct mac80211_hwsim_data *data = hw->priv;
862 struct ieee80211_tx_info *txi = IEEE80211_SKB_CB(skb);
863 struct ieee80211_chanctx_conf *chanctx_conf;
864 struct ieee80211_channel *channel;
865 bool ack;
866 u32 _portid;
867
868 if (WARN_ON(skb->len < 10)) {
869
870 dev_kfree_skb(skb);
871 return;
872 }
873
874 if (channels == 1) {
875 channel = data->channel;
876 } else if (txi->hw_queue == 4) {
877 channel = data->tmp_chan;
878 } else {
879 chanctx_conf = rcu_dereference(txi->control.vif->chanctx_conf);
880 if (chanctx_conf)
881 channel = chanctx_conf->def.chan;
882 else
883 channel = NULL;
884 }
885
886 if (WARN(!channel, "TX w/o channel - queue = %d\n", txi->hw_queue)) {
887 dev_kfree_skb(skb);
888 return;
889 }
890
891 if (data->idle && !data->tmp_chan) {
892 wiphy_debug(hw->wiphy, "Trying to TX when idle - reject\n");
893 dev_kfree_skb(skb);
894 return;
895 }
896
897 if (txi->control.vif)
898 hwsim_check_magic(txi->control.vif);
899 if (control->sta)
900 hwsim_check_sta_magic(control->sta);
901
902 if (rctbl)
903 ieee80211_get_tx_rates(txi->control.vif, control->sta, skb,
904 txi->control.rates,
905 ARRAY_SIZE(txi->control.rates));
906
907 txi->rate_driver_data[0] = channel;
908 mac80211_hwsim_monitor_rx(hw, skb, channel);
909
910
911 _portid = ACCESS_ONCE(wmediumd_portid);
912
913 if (_portid)
914 return mac80211_hwsim_tx_frame_nl(hw, skb, _portid);
915
916
917 ack = mac80211_hwsim_tx_frame_no_nl(hw, skb, channel);
918
919 if (ack && skb->len >= 16) {
920 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
921 mac80211_hwsim_monitor_ack(channel, hdr->addr2);
922 }
923
924 ieee80211_tx_info_clear_status(txi);
925
926
927 txi->control.rates[0].count = 1;
928 txi->control.rates[1].idx = -1;
929
930 if (!(txi->flags & IEEE80211_TX_CTL_NO_ACK) && ack)
931 txi->flags |= IEEE80211_TX_STAT_ACK;
932 ieee80211_tx_status_irqsafe(hw, skb);
933}
934
935
936static int mac80211_hwsim_start(struct ieee80211_hw *hw)
937{
938 struct mac80211_hwsim_data *data = hw->priv;
939 wiphy_debug(hw->wiphy, "%s\n", __func__);
940 data->started = true;
941 return 0;
942}
943
944
945static void mac80211_hwsim_stop(struct ieee80211_hw *hw)
946{
947 struct mac80211_hwsim_data *data = hw->priv;
948 data->started = false;
949 tasklet_hrtimer_cancel(&data->beacon_timer);
950 wiphy_debug(hw->wiphy, "%s\n", __func__);
951}
952
953
954static int mac80211_hwsim_add_interface(struct ieee80211_hw *hw,
955 struct ieee80211_vif *vif)
956{
957 wiphy_debug(hw->wiphy, "%s (type=%d mac_addr=%pM)\n",
958 __func__, ieee80211_vif_type_p2p(vif),
959 vif->addr);
960 hwsim_set_magic(vif);
961
962 vif->cab_queue = 0;
963 vif->hw_queue[IEEE80211_AC_VO] = 0;
964 vif->hw_queue[IEEE80211_AC_VI] = 1;
965 vif->hw_queue[IEEE80211_AC_BE] = 2;
966 vif->hw_queue[IEEE80211_AC_BK] = 3;
967
968 return 0;
969}
970
971
972static int mac80211_hwsim_change_interface(struct ieee80211_hw *hw,
973 struct ieee80211_vif *vif,
974 enum nl80211_iftype newtype,
975 bool newp2p)
976{
977 newtype = ieee80211_iftype_p2p(newtype, newp2p);
978 wiphy_debug(hw->wiphy,
979 "%s (old type=%d, new type=%d, mac_addr=%pM)\n",
980 __func__, ieee80211_vif_type_p2p(vif),
981 newtype, vif->addr);
982 hwsim_check_magic(vif);
983
984
985
986
987
988 vif->cab_queue = 0;
989
990 return 0;
991}
992
993static void mac80211_hwsim_remove_interface(
994 struct ieee80211_hw *hw, struct ieee80211_vif *vif)
995{
996 wiphy_debug(hw->wiphy, "%s (type=%d mac_addr=%pM)\n",
997 __func__, ieee80211_vif_type_p2p(vif),
998 vif->addr);
999 hwsim_check_magic(vif);
1000 hwsim_clear_magic(vif);
1001}
1002
1003static void mac80211_hwsim_tx_frame(struct ieee80211_hw *hw,
1004 struct sk_buff *skb,
1005 struct ieee80211_channel *chan)
1006{
1007 u32 _pid = ACCESS_ONCE(wmediumd_portid);
1008
1009 if (rctbl) {
1010 struct ieee80211_tx_info *txi = IEEE80211_SKB_CB(skb);
1011 ieee80211_get_tx_rates(txi->control.vif, NULL, skb,
1012 txi->control.rates,
1013 ARRAY_SIZE(txi->control.rates));
1014 }
1015
1016 mac80211_hwsim_monitor_rx(hw, skb, chan);
1017
1018 if (_pid)
1019 return mac80211_hwsim_tx_frame_nl(hw, skb, _pid);
1020
1021 mac80211_hwsim_tx_frame_no_nl(hw, skb, chan);
1022 dev_kfree_skb(skb);
1023}
1024
1025static void mac80211_hwsim_beacon_tx(void *arg, u8 *mac,
1026 struct ieee80211_vif *vif)
1027{
1028 struct mac80211_hwsim_data *data = arg;
1029 struct ieee80211_hw *hw = data->hw;
1030 struct ieee80211_tx_info *info;
1031 struct ieee80211_rate *txrate;
1032 struct ieee80211_mgmt *mgmt;
1033 struct sk_buff *skb;
1034
1035 hwsim_check_magic(vif);
1036
1037 if (vif->type != NL80211_IFTYPE_AP &&
1038 vif->type != NL80211_IFTYPE_MESH_POINT &&
1039 vif->type != NL80211_IFTYPE_ADHOC)
1040 return;
1041
1042 skb = ieee80211_beacon_get(hw, vif);
1043 if (skb == NULL)
1044 return;
1045 info = IEEE80211_SKB_CB(skb);
1046 if (rctbl)
1047 ieee80211_get_tx_rates(vif, NULL, skb,
1048 info->control.rates,
1049 ARRAY_SIZE(info->control.rates));
1050
1051 txrate = ieee80211_get_tx_rate(hw, info);
1052
1053 mgmt = (struct ieee80211_mgmt *) skb->data;
1054
1055 data->abs_bcn_ts = mac80211_hwsim_get_tsf_raw();
1056 mgmt->u.beacon.timestamp = cpu_to_le64(data->abs_bcn_ts +
1057 data->tsf_offset +
1058 24 * 8 * 10 / txrate->bitrate);
1059
1060 mac80211_hwsim_tx_frame(hw, skb,
1061 rcu_dereference(vif->chanctx_conf)->def.chan);
1062}
1063
1064static enum hrtimer_restart
1065mac80211_hwsim_beacon(struct hrtimer *timer)
1066{
1067 struct mac80211_hwsim_data *data =
1068 container_of(timer, struct mac80211_hwsim_data,
1069 beacon_timer.timer);
1070 struct ieee80211_hw *hw = data->hw;
1071 u64 bcn_int = data->beacon_int;
1072 ktime_t next_bcn;
1073
1074 if (!data->started)
1075 goto out;
1076
1077 ieee80211_iterate_active_interfaces_atomic(
1078 hw, IEEE80211_IFACE_ITER_NORMAL,
1079 mac80211_hwsim_beacon_tx, data);
1080
1081
1082 if (data->bcn_delta) {
1083 bcn_int -= data->bcn_delta;
1084 data->bcn_delta = 0;
1085 }
1086
1087 next_bcn = ktime_add(hrtimer_get_expires(timer),
1088 ns_to_ktime(bcn_int * 1000));
1089 tasklet_hrtimer_start(&data->beacon_timer, next_bcn, HRTIMER_MODE_ABS);
1090out:
1091 return HRTIMER_NORESTART;
1092}
1093
1094static const char * const hwsim_chanwidths[] = {
1095 [NL80211_CHAN_WIDTH_20_NOHT] = "noht",
1096 [NL80211_CHAN_WIDTH_20] = "ht20",
1097 [NL80211_CHAN_WIDTH_40] = "ht40",
1098 [NL80211_CHAN_WIDTH_80] = "vht80",
1099 [NL80211_CHAN_WIDTH_80P80] = "vht80p80",
1100 [NL80211_CHAN_WIDTH_160] = "vht160",
1101};
1102
1103static int mac80211_hwsim_config(struct ieee80211_hw *hw, u32 changed)
1104{
1105 struct mac80211_hwsim_data *data = hw->priv;
1106 struct ieee80211_conf *conf = &hw->conf;
1107 static const char *smps_modes[IEEE80211_SMPS_NUM_MODES] = {
1108 [IEEE80211_SMPS_AUTOMATIC] = "auto",
1109 [IEEE80211_SMPS_OFF] = "off",
1110 [IEEE80211_SMPS_STATIC] = "static",
1111 [IEEE80211_SMPS_DYNAMIC] = "dynamic",
1112 };
1113
1114 if (conf->chandef.chan)
1115 wiphy_debug(hw->wiphy,
1116 "%s (freq=%d(%d - %d)/%s idle=%d ps=%d smps=%s)\n",
1117 __func__,
1118 conf->chandef.chan->center_freq,
1119 conf->chandef.center_freq1,
1120 conf->chandef.center_freq2,
1121 hwsim_chanwidths[conf->chandef.width],
1122 !!(conf->flags & IEEE80211_CONF_IDLE),
1123 !!(conf->flags & IEEE80211_CONF_PS),
1124 smps_modes[conf->smps_mode]);
1125 else
1126 wiphy_debug(hw->wiphy,
1127 "%s (freq=0 idle=%d ps=%d smps=%s)\n",
1128 __func__,
1129 !!(conf->flags & IEEE80211_CONF_IDLE),
1130 !!(conf->flags & IEEE80211_CONF_PS),
1131 smps_modes[conf->smps_mode]);
1132
1133 data->idle = !!(conf->flags & IEEE80211_CONF_IDLE);
1134
1135 data->channel = conf->chandef.chan;
1136
1137 WARN_ON(data->channel && channels > 1);
1138
1139 data->power_level = conf->power_level;
1140 if (!data->started || !data->beacon_int)
1141 tasklet_hrtimer_cancel(&data->beacon_timer);
1142 else if (!hrtimer_is_queued(&data->beacon_timer.timer)) {
1143 u64 tsf = mac80211_hwsim_get_tsf(hw, NULL);
1144 u32 bcn_int = data->beacon_int;
1145 u64 until_tbtt = bcn_int - do_div(tsf, bcn_int);
1146
1147 tasklet_hrtimer_start(&data->beacon_timer,
1148 ns_to_ktime(until_tbtt * 1000),
1149 HRTIMER_MODE_REL);
1150 }
1151
1152 return 0;
1153}
1154
1155
1156static void mac80211_hwsim_configure_filter(struct ieee80211_hw *hw,
1157 unsigned int changed_flags,
1158 unsigned int *total_flags,u64 multicast)
1159{
1160 struct mac80211_hwsim_data *data = hw->priv;
1161
1162 wiphy_debug(hw->wiphy, "%s\n", __func__);
1163
1164 data->rx_filter = 0;
1165 if (*total_flags & FIF_PROMISC_IN_BSS)
1166 data->rx_filter |= FIF_PROMISC_IN_BSS;
1167 if (*total_flags & FIF_ALLMULTI)
1168 data->rx_filter |= FIF_ALLMULTI;
1169
1170 *total_flags = data->rx_filter;
1171}
1172
1173static void mac80211_hwsim_bss_info_changed(struct ieee80211_hw *hw,
1174 struct ieee80211_vif *vif,
1175 struct ieee80211_bss_conf *info,
1176 u32 changed)
1177{
1178 struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
1179 struct mac80211_hwsim_data *data = hw->priv;
1180
1181 hwsim_check_magic(vif);
1182
1183 wiphy_debug(hw->wiphy, "%s(changed=0x%x)\n", __func__, changed);
1184
1185 if (changed & BSS_CHANGED_BSSID) {
1186 wiphy_debug(hw->wiphy, "%s: BSSID changed: %pM\n",
1187 __func__, info->bssid);
1188 memcpy(vp->bssid, info->bssid, ETH_ALEN);
1189 }
1190
1191 if (changed & BSS_CHANGED_ASSOC) {
1192 wiphy_debug(hw->wiphy, " ASSOC: assoc=%d aid=%d\n",
1193 info->assoc, info->aid);
1194 vp->assoc = info->assoc;
1195 vp->aid = info->aid;
1196 }
1197
1198 if (changed & BSS_CHANGED_BEACON_INT) {
1199 wiphy_debug(hw->wiphy, " BCNINT: %d\n", info->beacon_int);
1200 data->beacon_int = info->beacon_int * 1024;
1201 }
1202
1203 if (changed & BSS_CHANGED_BEACON_ENABLED) {
1204 wiphy_debug(hw->wiphy, " BCN EN: %d\n", info->enable_beacon);
1205 if (data->started &&
1206 !hrtimer_is_queued(&data->beacon_timer.timer) &&
1207 info->enable_beacon) {
1208 u64 tsf, until_tbtt;
1209 u32 bcn_int;
1210 if (WARN_ON(!data->beacon_int))
1211 data->beacon_int = 1000 * 1024;
1212 tsf = mac80211_hwsim_get_tsf(hw, vif);
1213 bcn_int = data->beacon_int;
1214 until_tbtt = bcn_int - do_div(tsf, bcn_int);
1215 tasklet_hrtimer_start(&data->beacon_timer,
1216 ns_to_ktime(until_tbtt * 1000),
1217 HRTIMER_MODE_REL);
1218 } else if (!info->enable_beacon)
1219 tasklet_hrtimer_cancel(&data->beacon_timer);
1220 }
1221
1222 if (changed & BSS_CHANGED_ERP_CTS_PROT) {
1223 wiphy_debug(hw->wiphy, " ERP_CTS_PROT: %d\n",
1224 info->use_cts_prot);
1225 }
1226
1227 if (changed & BSS_CHANGED_ERP_PREAMBLE) {
1228 wiphy_debug(hw->wiphy, " ERP_PREAMBLE: %d\n",
1229 info->use_short_preamble);
1230 }
1231
1232 if (changed & BSS_CHANGED_ERP_SLOT) {
1233 wiphy_debug(hw->wiphy, " ERP_SLOT: %d\n", info->use_short_slot);
1234 }
1235
1236 if (changed & BSS_CHANGED_HT) {
1237 wiphy_debug(hw->wiphy, " HT: op_mode=0x%x\n",
1238 info->ht_operation_mode);
1239 }
1240
1241 if (changed & BSS_CHANGED_BASIC_RATES) {
1242 wiphy_debug(hw->wiphy, " BASIC_RATES: 0x%llx\n",
1243 (unsigned long long) info->basic_rates);
1244 }
1245
1246 if (changed & BSS_CHANGED_TXPOWER)
1247 wiphy_debug(hw->wiphy, " TX Power: %d dBm\n", info->txpower);
1248}
1249
1250static int mac80211_hwsim_sta_add(struct ieee80211_hw *hw,
1251 struct ieee80211_vif *vif,
1252 struct ieee80211_sta *sta)
1253{
1254 hwsim_check_magic(vif);
1255 hwsim_set_sta_magic(sta);
1256
1257 return 0;
1258}
1259
1260static int mac80211_hwsim_sta_remove(struct ieee80211_hw *hw,
1261 struct ieee80211_vif *vif,
1262 struct ieee80211_sta *sta)
1263{
1264 hwsim_check_magic(vif);
1265 hwsim_clear_sta_magic(sta);
1266
1267 return 0;
1268}
1269
1270static void mac80211_hwsim_sta_notify(struct ieee80211_hw *hw,
1271 struct ieee80211_vif *vif,
1272 enum sta_notify_cmd cmd,
1273 struct ieee80211_sta *sta)
1274{
1275 hwsim_check_magic(vif);
1276
1277 switch (cmd) {
1278 case STA_NOTIFY_SLEEP:
1279 case STA_NOTIFY_AWAKE:
1280
1281 break;
1282 default:
1283 WARN(1, "Invalid sta notify: %d\n", cmd);
1284 break;
1285 }
1286}
1287
1288static int mac80211_hwsim_set_tim(struct ieee80211_hw *hw,
1289 struct ieee80211_sta *sta,
1290 bool set)
1291{
1292 hwsim_check_sta_magic(sta);
1293 return 0;
1294}
1295
1296static int mac80211_hwsim_conf_tx(
1297 struct ieee80211_hw *hw,
1298 struct ieee80211_vif *vif, u16 queue,
1299 const struct ieee80211_tx_queue_params *params)
1300{
1301 wiphy_debug(hw->wiphy,
1302 "%s (queue=%d txop=%d cw_min=%d cw_max=%d aifs=%d)\n",
1303 __func__, queue,
1304 params->txop, params->cw_min,
1305 params->cw_max, params->aifs);
1306 return 0;
1307}
1308
1309static int mac80211_hwsim_get_survey(
1310 struct ieee80211_hw *hw, int idx,
1311 struct survey_info *survey)
1312{
1313 struct ieee80211_conf *conf = &hw->conf;
1314
1315 wiphy_debug(hw->wiphy, "%s (idx=%d)\n", __func__, idx);
1316
1317 if (idx != 0)
1318 return -ENOENT;
1319
1320
1321 survey->channel = conf->chandef.chan;
1322
1323
1324
1325
1326
1327
1328
1329 survey->filled = SURVEY_INFO_NOISE_DBM;
1330 survey->noise = -92;
1331
1332 return 0;
1333}
1334
1335#ifdef CONFIG_NL80211_TESTMODE
1336
1337
1338
1339
1340
1341
1342enum hwsim_testmode_attr {
1343 __HWSIM_TM_ATTR_INVALID = 0,
1344 HWSIM_TM_ATTR_CMD = 1,
1345 HWSIM_TM_ATTR_PS = 2,
1346
1347
1348 __HWSIM_TM_ATTR_AFTER_LAST,
1349 HWSIM_TM_ATTR_MAX = __HWSIM_TM_ATTR_AFTER_LAST - 1
1350};
1351
1352enum hwsim_testmode_cmd {
1353 HWSIM_TM_CMD_SET_PS = 0,
1354 HWSIM_TM_CMD_GET_PS = 1,
1355 HWSIM_TM_CMD_STOP_QUEUES = 2,
1356 HWSIM_TM_CMD_WAKE_QUEUES = 3,
1357};
1358
1359static const struct nla_policy hwsim_testmode_policy[HWSIM_TM_ATTR_MAX + 1] = {
1360 [HWSIM_TM_ATTR_CMD] = { .type = NLA_U32 },
1361 [HWSIM_TM_ATTR_PS] = { .type = NLA_U32 },
1362};
1363
1364static int hwsim_fops_ps_write(void *dat, u64 val);
1365
1366static int mac80211_hwsim_testmode_cmd(struct ieee80211_hw *hw,
1367 void *data, int len)
1368{
1369 struct mac80211_hwsim_data *hwsim = hw->priv;
1370 struct nlattr *tb[HWSIM_TM_ATTR_MAX + 1];
1371 struct sk_buff *skb;
1372 int err, ps;
1373
1374 err = nla_parse(tb, HWSIM_TM_ATTR_MAX, data, len,
1375 hwsim_testmode_policy);
1376 if (err)
1377 return err;
1378
1379 if (!tb[HWSIM_TM_ATTR_CMD])
1380 return -EINVAL;
1381
1382 switch (nla_get_u32(tb[HWSIM_TM_ATTR_CMD])) {
1383 case HWSIM_TM_CMD_SET_PS:
1384 if (!tb[HWSIM_TM_ATTR_PS])
1385 return -EINVAL;
1386 ps = nla_get_u32(tb[HWSIM_TM_ATTR_PS]);
1387 return hwsim_fops_ps_write(hwsim, ps);
1388 case HWSIM_TM_CMD_GET_PS:
1389 skb = cfg80211_testmode_alloc_reply_skb(hw->wiphy,
1390 nla_total_size(sizeof(u32)));
1391 if (!skb)
1392 return -ENOMEM;
1393 if (nla_put_u32(skb, HWSIM_TM_ATTR_PS, hwsim->ps))
1394 goto nla_put_failure;
1395 return cfg80211_testmode_reply(skb);
1396 case HWSIM_TM_CMD_STOP_QUEUES:
1397 ieee80211_stop_queues(hw);
1398 return 0;
1399 case HWSIM_TM_CMD_WAKE_QUEUES:
1400 ieee80211_wake_queues(hw);
1401 return 0;
1402 default:
1403 return -EOPNOTSUPP;
1404 }
1405
1406 nla_put_failure:
1407 kfree_skb(skb);
1408 return -ENOBUFS;
1409}
1410#endif
1411
1412static int mac80211_hwsim_ampdu_action(struct ieee80211_hw *hw,
1413 struct ieee80211_vif *vif,
1414 enum ieee80211_ampdu_mlme_action action,
1415 struct ieee80211_sta *sta, u16 tid, u16 *ssn,
1416 u8 buf_size)
1417{
1418 switch (action) {
1419 case IEEE80211_AMPDU_TX_START:
1420 ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1421 break;
1422 case IEEE80211_AMPDU_TX_STOP_CONT:
1423 case IEEE80211_AMPDU_TX_STOP_FLUSH:
1424 case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
1425 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1426 break;
1427 case IEEE80211_AMPDU_TX_OPERATIONAL:
1428 break;
1429 case IEEE80211_AMPDU_RX_START:
1430 case IEEE80211_AMPDU_RX_STOP:
1431 break;
1432 default:
1433 return -EOPNOTSUPP;
1434 }
1435
1436 return 0;
1437}
1438
1439static void mac80211_hwsim_flush(struct ieee80211_hw *hw, u32 queues, bool drop)
1440{
1441
1442}
1443
1444static void hw_scan_work(struct work_struct *work)
1445{
1446 struct mac80211_hwsim_data *hwsim =
1447 container_of(work, struct mac80211_hwsim_data, hw_scan.work);
1448 struct cfg80211_scan_request *req = hwsim->hw_scan_request;
1449 int dwell, i;
1450
1451 mutex_lock(&hwsim->mutex);
1452 if (hwsim->scan_chan_idx >= req->n_channels) {
1453 wiphy_debug(hwsim->hw->wiphy, "hw scan complete\n");
1454 ieee80211_scan_completed(hwsim->hw, false);
1455 hwsim->hw_scan_request = NULL;
1456 hwsim->hw_scan_vif = NULL;
1457 hwsim->tmp_chan = NULL;
1458 mutex_unlock(&hwsim->mutex);
1459 return;
1460 }
1461
1462 wiphy_debug(hwsim->hw->wiphy, "hw scan %d MHz\n",
1463 req->channels[hwsim->scan_chan_idx]->center_freq);
1464
1465 hwsim->tmp_chan = req->channels[hwsim->scan_chan_idx];
1466 if (hwsim->tmp_chan->flags & IEEE80211_CHAN_PASSIVE_SCAN ||
1467 !req->n_ssids) {
1468 dwell = 120;
1469 } else {
1470 dwell = 30;
1471
1472 for (i = 0; i < req->n_ssids; i++) {
1473 struct sk_buff *probe;
1474
1475 probe = ieee80211_probereq_get(hwsim->hw,
1476 hwsim->hw_scan_vif,
1477 req->ssids[i].ssid,
1478 req->ssids[i].ssid_len,
1479 req->ie_len);
1480 if (!probe)
1481 continue;
1482
1483 if (req->ie_len)
1484 memcpy(skb_put(probe, req->ie_len), req->ie,
1485 req->ie_len);
1486
1487 local_bh_disable();
1488 mac80211_hwsim_tx_frame(hwsim->hw, probe,
1489 hwsim->tmp_chan);
1490 local_bh_enable();
1491 }
1492 }
1493 ieee80211_queue_delayed_work(hwsim->hw, &hwsim->hw_scan,
1494 msecs_to_jiffies(dwell));
1495 hwsim->scan_chan_idx++;
1496 mutex_unlock(&hwsim->mutex);
1497}
1498
1499static int mac80211_hwsim_hw_scan(struct ieee80211_hw *hw,
1500 struct ieee80211_vif *vif,
1501 struct cfg80211_scan_request *req)
1502{
1503 struct mac80211_hwsim_data *hwsim = hw->priv;
1504
1505 mutex_lock(&hwsim->mutex);
1506 if (WARN_ON(hwsim->tmp_chan || hwsim->hw_scan_request)) {
1507 mutex_unlock(&hwsim->mutex);
1508 return -EBUSY;
1509 }
1510 hwsim->hw_scan_request = req;
1511 hwsim->hw_scan_vif = vif;
1512 hwsim->scan_chan_idx = 0;
1513 mutex_unlock(&hwsim->mutex);
1514
1515 wiphy_debug(hw->wiphy, "hwsim hw_scan request\n");
1516
1517 ieee80211_queue_delayed_work(hwsim->hw, &hwsim->hw_scan, 0);
1518
1519 return 0;
1520}
1521
1522static void mac80211_hwsim_cancel_hw_scan(struct ieee80211_hw *hw,
1523 struct ieee80211_vif *vif)
1524{
1525 struct mac80211_hwsim_data *hwsim = hw->priv;
1526
1527 wiphy_debug(hw->wiphy, "hwsim cancel_hw_scan\n");
1528
1529 cancel_delayed_work_sync(&hwsim->hw_scan);
1530
1531 mutex_lock(&hwsim->mutex);
1532 ieee80211_scan_completed(hwsim->hw, true);
1533 hwsim->tmp_chan = NULL;
1534 hwsim->hw_scan_request = NULL;
1535 hwsim->hw_scan_vif = NULL;
1536 mutex_unlock(&hwsim->mutex);
1537}
1538
1539static void mac80211_hwsim_sw_scan(struct ieee80211_hw *hw)
1540{
1541 struct mac80211_hwsim_data *hwsim = hw->priv;
1542
1543 mutex_lock(&hwsim->mutex);
1544
1545 if (hwsim->scanning) {
1546 printk(KERN_DEBUG "two hwsim sw_scans detected!\n");
1547 goto out;
1548 }
1549
1550 printk(KERN_DEBUG "hwsim sw_scan request, prepping stuff\n");
1551 hwsim->scanning = true;
1552
1553out:
1554 mutex_unlock(&hwsim->mutex);
1555}
1556
1557static void mac80211_hwsim_sw_scan_complete(struct ieee80211_hw *hw)
1558{
1559 struct mac80211_hwsim_data *hwsim = hw->priv;
1560
1561 mutex_lock(&hwsim->mutex);
1562
1563 printk(KERN_DEBUG "hwsim sw_scan_complete\n");
1564 hwsim->scanning = false;
1565
1566 mutex_unlock(&hwsim->mutex);
1567}
1568
1569static void hw_roc_done(struct work_struct *work)
1570{
1571 struct mac80211_hwsim_data *hwsim =
1572 container_of(work, struct mac80211_hwsim_data, roc_done.work);
1573
1574 mutex_lock(&hwsim->mutex);
1575 ieee80211_remain_on_channel_expired(hwsim->hw);
1576 hwsim->tmp_chan = NULL;
1577 mutex_unlock(&hwsim->mutex);
1578
1579 wiphy_debug(hwsim->hw->wiphy, "hwsim ROC expired\n");
1580}
1581
1582static int mac80211_hwsim_roc(struct ieee80211_hw *hw,
1583 struct ieee80211_vif *vif,
1584 struct ieee80211_channel *chan,
1585 int duration,
1586 enum ieee80211_roc_type type)
1587{
1588 struct mac80211_hwsim_data *hwsim = hw->priv;
1589
1590 mutex_lock(&hwsim->mutex);
1591 if (WARN_ON(hwsim->tmp_chan || hwsim->hw_scan_request)) {
1592 mutex_unlock(&hwsim->mutex);
1593 return -EBUSY;
1594 }
1595
1596 hwsim->tmp_chan = chan;
1597 mutex_unlock(&hwsim->mutex);
1598
1599 wiphy_debug(hw->wiphy, "hwsim ROC (%d MHz, %d ms)\n",
1600 chan->center_freq, duration);
1601
1602 ieee80211_ready_on_channel(hw);
1603
1604 ieee80211_queue_delayed_work(hw, &hwsim->roc_done,
1605 msecs_to_jiffies(duration));
1606 return 0;
1607}
1608
1609static int mac80211_hwsim_croc(struct ieee80211_hw *hw)
1610{
1611 struct mac80211_hwsim_data *hwsim = hw->priv;
1612
1613 cancel_delayed_work_sync(&hwsim->roc_done);
1614
1615 mutex_lock(&hwsim->mutex);
1616 hwsim->tmp_chan = NULL;
1617 mutex_unlock(&hwsim->mutex);
1618
1619 wiphy_debug(hw->wiphy, "hwsim ROC canceled\n");
1620
1621 return 0;
1622}
1623
1624static int mac80211_hwsim_add_chanctx(struct ieee80211_hw *hw,
1625 struct ieee80211_chanctx_conf *ctx)
1626{
1627 hwsim_set_chanctx_magic(ctx);
1628 wiphy_debug(hw->wiphy,
1629 "add channel context control: %d MHz/width: %d/cfreqs:%d/%d MHz\n",
1630 ctx->def.chan->center_freq, ctx->def.width,
1631 ctx->def.center_freq1, ctx->def.center_freq2);
1632 return 0;
1633}
1634
1635static void mac80211_hwsim_remove_chanctx(struct ieee80211_hw *hw,
1636 struct ieee80211_chanctx_conf *ctx)
1637{
1638 wiphy_debug(hw->wiphy,
1639 "remove channel context control: %d MHz/width: %d/cfreqs:%d/%d MHz\n",
1640 ctx->def.chan->center_freq, ctx->def.width,
1641 ctx->def.center_freq1, ctx->def.center_freq2);
1642 hwsim_check_chanctx_magic(ctx);
1643 hwsim_clear_chanctx_magic(ctx);
1644}
1645
1646static void mac80211_hwsim_change_chanctx(struct ieee80211_hw *hw,
1647 struct ieee80211_chanctx_conf *ctx,
1648 u32 changed)
1649{
1650 hwsim_check_chanctx_magic(ctx);
1651 wiphy_debug(hw->wiphy,
1652 "change channel context control: %d MHz/width: %d/cfreqs:%d/%d MHz\n",
1653 ctx->def.chan->center_freq, ctx->def.width,
1654 ctx->def.center_freq1, ctx->def.center_freq2);
1655}
1656
1657static int mac80211_hwsim_assign_vif_chanctx(struct ieee80211_hw *hw,
1658 struct ieee80211_vif *vif,
1659 struct ieee80211_chanctx_conf *ctx)
1660{
1661 hwsim_check_magic(vif);
1662 hwsim_check_chanctx_magic(ctx);
1663
1664 return 0;
1665}
1666
1667static void mac80211_hwsim_unassign_vif_chanctx(struct ieee80211_hw *hw,
1668 struct ieee80211_vif *vif,
1669 struct ieee80211_chanctx_conf *ctx)
1670{
1671 hwsim_check_magic(vif);
1672 hwsim_check_chanctx_magic(ctx);
1673}
1674
1675static struct ieee80211_ops mac80211_hwsim_ops =
1676{
1677 .tx = mac80211_hwsim_tx,
1678 .start = mac80211_hwsim_start,
1679 .stop = mac80211_hwsim_stop,
1680 .add_interface = mac80211_hwsim_add_interface,
1681 .change_interface = mac80211_hwsim_change_interface,
1682 .remove_interface = mac80211_hwsim_remove_interface,
1683 .config = mac80211_hwsim_config,
1684 .configure_filter = mac80211_hwsim_configure_filter,
1685 .bss_info_changed = mac80211_hwsim_bss_info_changed,
1686 .sta_add = mac80211_hwsim_sta_add,
1687 .sta_remove = mac80211_hwsim_sta_remove,
1688 .sta_notify = mac80211_hwsim_sta_notify,
1689 .set_tim = mac80211_hwsim_set_tim,
1690 .conf_tx = mac80211_hwsim_conf_tx,
1691 .get_survey = mac80211_hwsim_get_survey,
1692 CFG80211_TESTMODE_CMD(mac80211_hwsim_testmode_cmd)
1693 .ampdu_action = mac80211_hwsim_ampdu_action,
1694 .sw_scan_start = mac80211_hwsim_sw_scan,
1695 .sw_scan_complete = mac80211_hwsim_sw_scan_complete,
1696 .flush = mac80211_hwsim_flush,
1697 .get_tsf = mac80211_hwsim_get_tsf,
1698 .set_tsf = mac80211_hwsim_set_tsf,
1699};
1700
1701
1702static void mac80211_hwsim_free(void)
1703{
1704 struct list_head tmplist, *i, *tmp;
1705 struct mac80211_hwsim_data *data, *tmpdata;
1706
1707 INIT_LIST_HEAD(&tmplist);
1708
1709 spin_lock_bh(&hwsim_radio_lock);
1710 list_for_each_safe(i, tmp, &hwsim_radios)
1711 list_move(i, &tmplist);
1712 spin_unlock_bh(&hwsim_radio_lock);
1713
1714 list_for_each_entry_safe(data, tmpdata, &tmplist, list) {
1715 debugfs_remove(data->debugfs_group);
1716 debugfs_remove(data->debugfs_ps);
1717 debugfs_remove(data->debugfs);
1718 ieee80211_unregister_hw(data->hw);
1719 device_release_driver(data->dev);
1720 device_unregister(data->dev);
1721 ieee80211_free_hw(data->hw);
1722 }
1723 class_destroy(hwsim_class);
1724}
1725
1726static struct platform_driver mac80211_hwsim_driver = {
1727 .driver = {
1728 .name = "mac80211_hwsim",
1729 .owner = THIS_MODULE,
1730 },
1731};
1732
1733static const struct net_device_ops hwsim_netdev_ops = {
1734 .ndo_start_xmit = hwsim_mon_xmit,
1735 .ndo_change_mtu = eth_change_mtu,
1736 .ndo_set_mac_address = eth_mac_addr,
1737 .ndo_validate_addr = eth_validate_addr,
1738};
1739
1740static void hwsim_mon_setup(struct net_device *dev)
1741{
1742 dev->netdev_ops = &hwsim_netdev_ops;
1743 dev->destructor = free_netdev;
1744 ether_setup(dev);
1745 dev->tx_queue_len = 0;
1746 dev->type = ARPHRD_IEEE80211_RADIOTAP;
1747 memset(dev->dev_addr, 0, ETH_ALEN);
1748 dev->dev_addr[0] = 0x12;
1749}
1750
1751
1752static void hwsim_send_ps_poll(void *dat, u8 *mac, struct ieee80211_vif *vif)
1753{
1754 struct mac80211_hwsim_data *data = dat;
1755 struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
1756 struct sk_buff *skb;
1757 struct ieee80211_pspoll *pspoll;
1758
1759 if (!vp->assoc)
1760 return;
1761
1762 wiphy_debug(data->hw->wiphy,
1763 "%s: send PS-Poll to %pM for aid %d\n",
1764 __func__, vp->bssid, vp->aid);
1765
1766 skb = dev_alloc_skb(sizeof(*pspoll));
1767 if (!skb)
1768 return;
1769 pspoll = (void *) skb_put(skb, sizeof(*pspoll));
1770 pspoll->frame_control = cpu_to_le16(IEEE80211_FTYPE_CTL |
1771 IEEE80211_STYPE_PSPOLL |
1772 IEEE80211_FCTL_PM);
1773 pspoll->aid = cpu_to_le16(0xc000 | vp->aid);
1774 memcpy(pspoll->bssid, vp->bssid, ETH_ALEN);
1775 memcpy(pspoll->ta, mac, ETH_ALEN);
1776
1777 rcu_read_lock();
1778 mac80211_hwsim_tx_frame(data->hw, skb,
1779 rcu_dereference(vif->chanctx_conf)->def.chan);
1780 rcu_read_unlock();
1781}
1782
1783static void hwsim_send_nullfunc(struct mac80211_hwsim_data *data, u8 *mac,
1784 struct ieee80211_vif *vif, int ps)
1785{
1786 struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
1787 struct sk_buff *skb;
1788 struct ieee80211_hdr *hdr;
1789
1790 if (!vp->assoc)
1791 return;
1792
1793 wiphy_debug(data->hw->wiphy,
1794 "%s: send data::nullfunc to %pM ps=%d\n",
1795 __func__, vp->bssid, ps);
1796
1797 skb = dev_alloc_skb(sizeof(*hdr));
1798 if (!skb)
1799 return;
1800 hdr = (void *) skb_put(skb, sizeof(*hdr) - ETH_ALEN);
1801 hdr->frame_control = cpu_to_le16(IEEE80211_FTYPE_DATA |
1802 IEEE80211_STYPE_NULLFUNC |
1803 (ps ? IEEE80211_FCTL_PM : 0));
1804 hdr->duration_id = cpu_to_le16(0);
1805 memcpy(hdr->addr1, vp->bssid, ETH_ALEN);
1806 memcpy(hdr->addr2, mac, ETH_ALEN);
1807 memcpy(hdr->addr3, vp->bssid, ETH_ALEN);
1808
1809 rcu_read_lock();
1810 mac80211_hwsim_tx_frame(data->hw, skb,
1811 rcu_dereference(vif->chanctx_conf)->def.chan);
1812 rcu_read_unlock();
1813}
1814
1815
1816static void hwsim_send_nullfunc_ps(void *dat, u8 *mac,
1817 struct ieee80211_vif *vif)
1818{
1819 struct mac80211_hwsim_data *data = dat;
1820 hwsim_send_nullfunc(data, mac, vif, 1);
1821}
1822
1823
1824static void hwsim_send_nullfunc_no_ps(void *dat, u8 *mac,
1825 struct ieee80211_vif *vif)
1826{
1827 struct mac80211_hwsim_data *data = dat;
1828 hwsim_send_nullfunc(data, mac, vif, 0);
1829}
1830
1831
1832static int hwsim_fops_ps_read(void *dat, u64 *val)
1833{
1834 struct mac80211_hwsim_data *data = dat;
1835 *val = data->ps;
1836 return 0;
1837}
1838
1839static int hwsim_fops_ps_write(void *dat, u64 val)
1840{
1841 struct mac80211_hwsim_data *data = dat;
1842 enum ps_mode old_ps;
1843
1844 if (val != PS_DISABLED && val != PS_ENABLED && val != PS_AUTO_POLL &&
1845 val != PS_MANUAL_POLL)
1846 return -EINVAL;
1847
1848 old_ps = data->ps;
1849 data->ps = val;
1850
1851 if (val == PS_MANUAL_POLL) {
1852 ieee80211_iterate_active_interfaces(data->hw,
1853 IEEE80211_IFACE_ITER_NORMAL,
1854 hwsim_send_ps_poll, data);
1855 data->ps_poll_pending = true;
1856 } else if (old_ps == PS_DISABLED && val != PS_DISABLED) {
1857 ieee80211_iterate_active_interfaces(data->hw,
1858 IEEE80211_IFACE_ITER_NORMAL,
1859 hwsim_send_nullfunc_ps,
1860 data);
1861 } else if (old_ps != PS_DISABLED && val == PS_DISABLED) {
1862 ieee80211_iterate_active_interfaces(data->hw,
1863 IEEE80211_IFACE_ITER_NORMAL,
1864 hwsim_send_nullfunc_no_ps,
1865 data);
1866 }
1867
1868 return 0;
1869}
1870
1871DEFINE_SIMPLE_ATTRIBUTE(hwsim_fops_ps, hwsim_fops_ps_read, hwsim_fops_ps_write,
1872 "%llu\n");
1873
1874
1875static int hwsim_fops_group_read(void *dat, u64 *val)
1876{
1877 struct mac80211_hwsim_data *data = dat;
1878 *val = data->group;
1879 return 0;
1880}
1881
1882static int hwsim_fops_group_write(void *dat, u64 val)
1883{
1884 struct mac80211_hwsim_data *data = dat;
1885 data->group = val;
1886 return 0;
1887}
1888
1889DEFINE_SIMPLE_ATTRIBUTE(hwsim_fops_group,
1890 hwsim_fops_group_read, hwsim_fops_group_write,
1891 "%llx\n");
1892
1893static struct mac80211_hwsim_data *get_hwsim_data_ref_from_addr(
1894 struct mac_address *addr)
1895{
1896 struct mac80211_hwsim_data *data;
1897 bool _found = false;
1898
1899 spin_lock_bh(&hwsim_radio_lock);
1900 list_for_each_entry(data, &hwsim_radios, list) {
1901 if (memcmp(data->addresses[1].addr, addr,
1902 sizeof(struct mac_address)) == 0) {
1903 _found = true;
1904 break;
1905 }
1906 }
1907 spin_unlock_bh(&hwsim_radio_lock);
1908
1909 if (!_found)
1910 return NULL;
1911
1912 return data;
1913}
1914
1915static int hwsim_tx_info_frame_received_nl(struct sk_buff *skb_2,
1916 struct genl_info *info)
1917{
1918
1919 struct ieee80211_hdr *hdr;
1920 struct mac80211_hwsim_data *data2;
1921 struct ieee80211_tx_info *txi;
1922 struct hwsim_tx_rate *tx_attempts;
1923 unsigned long ret_skb_ptr;
1924 struct sk_buff *skb, *tmp;
1925 struct mac_address *src;
1926 unsigned int hwsim_flags;
1927
1928 int i;
1929 bool found = false;
1930
1931 if (!info->attrs[HWSIM_ATTR_ADDR_TRANSMITTER] ||
1932 !info->attrs[HWSIM_ATTR_FLAGS] ||
1933 !info->attrs[HWSIM_ATTR_COOKIE] ||
1934 !info->attrs[HWSIM_ATTR_TX_INFO])
1935 goto out;
1936
1937 src = (struct mac_address *)nla_data(
1938 info->attrs[HWSIM_ATTR_ADDR_TRANSMITTER]);
1939 hwsim_flags = nla_get_u32(info->attrs[HWSIM_ATTR_FLAGS]);
1940
1941 ret_skb_ptr = nla_get_u64(info->attrs[HWSIM_ATTR_COOKIE]);
1942
1943 data2 = get_hwsim_data_ref_from_addr(src);
1944
1945 if (data2 == NULL)
1946 goto out;
1947
1948
1949 skb_queue_walk_safe(&data2->pending, skb, tmp) {
1950 if ((unsigned long)skb == ret_skb_ptr) {
1951 skb_unlink(skb, &data2->pending);
1952 found = true;
1953 break;
1954 }
1955 }
1956
1957
1958 if (!found)
1959 goto out;
1960
1961
1962
1963
1964 tx_attempts = (struct hwsim_tx_rate *)nla_data(
1965 info->attrs[HWSIM_ATTR_TX_INFO]);
1966
1967
1968 txi = IEEE80211_SKB_CB(skb);
1969
1970 ieee80211_tx_info_clear_status(txi);
1971
1972 for (i = 0; i < IEEE80211_TX_MAX_RATES; i++) {
1973 txi->status.rates[i].idx = tx_attempts[i].idx;
1974 txi->status.rates[i].count = tx_attempts[i].count;
1975
1976 }
1977
1978 txi->status.ack_signal = nla_get_u32(info->attrs[HWSIM_ATTR_SIGNAL]);
1979
1980 if (!(hwsim_flags & HWSIM_TX_CTL_NO_ACK) &&
1981 (hwsim_flags & HWSIM_TX_STAT_ACK)) {
1982 if (skb->len >= 16) {
1983 hdr = (struct ieee80211_hdr *) skb->data;
1984 mac80211_hwsim_monitor_ack(txi->rate_driver_data[0],
1985 hdr->addr2);
1986 }
1987 txi->flags |= IEEE80211_TX_STAT_ACK;
1988 }
1989 ieee80211_tx_status_irqsafe(data2->hw, skb);
1990 return 0;
1991out:
1992 return -EINVAL;
1993
1994}
1995
1996static int hwsim_cloned_frame_received_nl(struct sk_buff *skb_2,
1997 struct genl_info *info)
1998{
1999
2000 struct mac80211_hwsim_data *data2;
2001 struct ieee80211_rx_status rx_status;
2002 struct mac_address *dst;
2003 int frame_data_len;
2004 char *frame_data;
2005 struct sk_buff *skb = NULL;
2006
2007 if (!info->attrs[HWSIM_ATTR_ADDR_RECEIVER] ||
2008 !info->attrs[HWSIM_ATTR_FRAME] ||
2009 !info->attrs[HWSIM_ATTR_RX_RATE] ||
2010 !info->attrs[HWSIM_ATTR_SIGNAL])
2011 goto out;
2012
2013 dst = (struct mac_address *)nla_data(
2014 info->attrs[HWSIM_ATTR_ADDR_RECEIVER]);
2015
2016 frame_data_len = nla_len(info->attrs[HWSIM_ATTR_FRAME]);
2017 frame_data = (char *)nla_data(info->attrs[HWSIM_ATTR_FRAME]);
2018
2019
2020 skb = alloc_skb(frame_data_len, GFP_KERNEL);
2021 if (skb == NULL)
2022 goto err;
2023
2024 if (frame_data_len <= IEEE80211_MAX_DATA_LEN) {
2025
2026 memcpy(skb_put(skb, frame_data_len), frame_data,
2027 frame_data_len);
2028 } else
2029 goto err;
2030
2031 data2 = get_hwsim_data_ref_from_addr(dst);
2032
2033 if (data2 == NULL)
2034 goto out;
2035
2036
2037
2038 if (data2->idle || !data2->started)
2039 goto out;
2040
2041
2042 memset(&rx_status, 0, sizeof(rx_status));
2043 rx_status.freq = data2->channel->center_freq;
2044 rx_status.band = data2->channel->band;
2045 rx_status.rate_idx = nla_get_u32(info->attrs[HWSIM_ATTR_RX_RATE]);
2046 rx_status.signal = nla_get_u32(info->attrs[HWSIM_ATTR_SIGNAL]);
2047
2048 memcpy(IEEE80211_SKB_RXCB(skb), &rx_status, sizeof(rx_status));
2049 ieee80211_rx_irqsafe(data2->hw, skb);
2050
2051 return 0;
2052err:
2053 printk(KERN_DEBUG "mac80211_hwsim: error occurred in %s\n", __func__);
2054 goto out;
2055out:
2056 dev_kfree_skb(skb);
2057 return -EINVAL;
2058}
2059
2060static int hwsim_register_received_nl(struct sk_buff *skb_2,
2061 struct genl_info *info)
2062{
2063 if (info == NULL)
2064 goto out;
2065
2066 wmediumd_portid = info->snd_portid;
2067
2068 printk(KERN_DEBUG "mac80211_hwsim: received a REGISTER, "
2069 "switching to wmediumd mode with pid %d\n", info->snd_portid);
2070
2071 return 0;
2072out:
2073 printk(KERN_DEBUG "mac80211_hwsim: error occurred in %s\n", __func__);
2074 return -EINVAL;
2075}
2076
2077
2078static struct genl_ops hwsim_ops[] = {
2079 {
2080 .cmd = HWSIM_CMD_REGISTER,
2081 .policy = hwsim_genl_policy,
2082 .doit = hwsim_register_received_nl,
2083 .flags = GENL_ADMIN_PERM,
2084 },
2085 {
2086 .cmd = HWSIM_CMD_FRAME,
2087 .policy = hwsim_genl_policy,
2088 .doit = hwsim_cloned_frame_received_nl,
2089 },
2090 {
2091 .cmd = HWSIM_CMD_TX_INFO_FRAME,
2092 .policy = hwsim_genl_policy,
2093 .doit = hwsim_tx_info_frame_received_nl,
2094 },
2095};
2096
2097static int mac80211_hwsim_netlink_notify(struct notifier_block *nb,
2098 unsigned long state,
2099 void *_notify)
2100{
2101 struct netlink_notify *notify = _notify;
2102
2103 if (state != NETLINK_URELEASE)
2104 return NOTIFY_DONE;
2105
2106 if (notify->portid == wmediumd_portid) {
2107 printk(KERN_INFO "mac80211_hwsim: wmediumd released netlink"
2108 " socket, switching to perfect channel medium\n");
2109 wmediumd_portid = 0;
2110 }
2111 return NOTIFY_DONE;
2112
2113}
2114
2115static struct notifier_block hwsim_netlink_notifier = {
2116 .notifier_call = mac80211_hwsim_netlink_notify,
2117};
2118
2119static int hwsim_init_netlink(void)
2120{
2121 int rc;
2122
2123
2124 if (channels > 1)
2125 return 0;
2126
2127 printk(KERN_INFO "mac80211_hwsim: initializing netlink\n");
2128
2129 rc = genl_register_family_with_ops(&hwsim_genl_family,
2130 hwsim_ops, ARRAY_SIZE(hwsim_ops));
2131 if (rc)
2132 goto failure;
2133
2134 rc = netlink_register_notifier(&hwsim_netlink_notifier);
2135 if (rc)
2136 goto failure;
2137
2138 return 0;
2139
2140failure:
2141 printk(KERN_DEBUG "mac80211_hwsim: error occurred in %s\n", __func__);
2142 return -EINVAL;
2143}
2144
2145static void hwsim_exit_netlink(void)
2146{
2147 int ret;
2148
2149
2150 if (channels > 1)
2151 return;
2152
2153 printk(KERN_INFO "mac80211_hwsim: closing netlink\n");
2154
2155 netlink_unregister_notifier(&hwsim_netlink_notifier);
2156
2157 ret = genl_unregister_family(&hwsim_genl_family);
2158 if (ret)
2159 printk(KERN_DEBUG "mac80211_hwsim: "
2160 "unregister family %i\n", ret);
2161}
2162
2163static const struct ieee80211_iface_limit hwsim_if_limits[] = {
2164 { .max = 1, .types = BIT(NL80211_IFTYPE_ADHOC) },
2165 { .max = 2048, .types = BIT(NL80211_IFTYPE_STATION) |
2166 BIT(NL80211_IFTYPE_P2P_CLIENT) |
2167#ifdef CONFIG_MAC80211_MESH
2168 BIT(NL80211_IFTYPE_MESH_POINT) |
2169#endif
2170 BIT(NL80211_IFTYPE_AP) |
2171 BIT(NL80211_IFTYPE_P2P_GO) },
2172 { .max = 1, .types = BIT(NL80211_IFTYPE_P2P_DEVICE) },
2173};
2174
2175static struct ieee80211_iface_combination hwsim_if_comb = {
2176 .limits = hwsim_if_limits,
2177 .n_limits = ARRAY_SIZE(hwsim_if_limits),
2178 .max_interfaces = 2048,
2179 .num_different_channels = 1,
2180};
2181
2182static int __init init_mac80211_hwsim(void)
2183{
2184 int i, err = 0;
2185 u8 addr[ETH_ALEN];
2186 struct mac80211_hwsim_data *data;
2187 struct ieee80211_hw *hw;
2188 enum ieee80211_band band;
2189
2190 if (radios < 1 || radios > 100)
2191 return -EINVAL;
2192
2193 if (channels < 1)
2194 return -EINVAL;
2195
2196 if (channels > 1) {
2197 hwsim_if_comb.num_different_channels = channels;
2198 mac80211_hwsim_ops.hw_scan = mac80211_hwsim_hw_scan;
2199 mac80211_hwsim_ops.cancel_hw_scan =
2200 mac80211_hwsim_cancel_hw_scan;
2201 mac80211_hwsim_ops.sw_scan_start = NULL;
2202 mac80211_hwsim_ops.sw_scan_complete = NULL;
2203 mac80211_hwsim_ops.remain_on_channel =
2204 mac80211_hwsim_roc;
2205 mac80211_hwsim_ops.cancel_remain_on_channel =
2206 mac80211_hwsim_croc;
2207 mac80211_hwsim_ops.add_chanctx =
2208 mac80211_hwsim_add_chanctx;
2209 mac80211_hwsim_ops.remove_chanctx =
2210 mac80211_hwsim_remove_chanctx;
2211 mac80211_hwsim_ops.change_chanctx =
2212 mac80211_hwsim_change_chanctx;
2213 mac80211_hwsim_ops.assign_vif_chanctx =
2214 mac80211_hwsim_assign_vif_chanctx;
2215 mac80211_hwsim_ops.unassign_vif_chanctx =
2216 mac80211_hwsim_unassign_vif_chanctx;
2217 }
2218
2219 spin_lock_init(&hwsim_radio_lock);
2220 INIT_LIST_HEAD(&hwsim_radios);
2221
2222 err = platform_driver_register(&mac80211_hwsim_driver);
2223 if (err)
2224 return err;
2225
2226 hwsim_class = class_create(THIS_MODULE, "mac80211_hwsim");
2227 if (IS_ERR(hwsim_class)) {
2228 err = PTR_ERR(hwsim_class);
2229 goto failed_unregister_driver;
2230 }
2231
2232 memset(addr, 0, ETH_ALEN);
2233 addr[0] = 0x02;
2234
2235 for (i = 0; i < radios; i++) {
2236 printk(KERN_DEBUG "mac80211_hwsim: Initializing radio %d\n",
2237 i);
2238 hw = ieee80211_alloc_hw(sizeof(*data), &mac80211_hwsim_ops);
2239 if (!hw) {
2240 printk(KERN_DEBUG "mac80211_hwsim: ieee80211_alloc_hw "
2241 "failed\n");
2242 err = -ENOMEM;
2243 goto failed;
2244 }
2245 data = hw->priv;
2246 data->hw = hw;
2247
2248 data->dev = device_create(hwsim_class, NULL, 0, hw,
2249 "hwsim%d", i);
2250 if (IS_ERR(data->dev)) {
2251 printk(KERN_DEBUG
2252 "mac80211_hwsim: device_create failed (%ld)\n",
2253 PTR_ERR(data->dev));
2254 err = -ENOMEM;
2255 goto failed_drvdata;
2256 }
2257 data->dev->driver = &mac80211_hwsim_driver.driver;
2258 err = device_bind_driver(data->dev);
2259 if (err != 0) {
2260 printk(KERN_DEBUG
2261 "mac80211_hwsim: device_bind_driver failed (%d)\n",
2262 err);
2263 goto failed_hw;
2264 }
2265
2266 skb_queue_head_init(&data->pending);
2267
2268 SET_IEEE80211_DEV(hw, data->dev);
2269 addr[3] = i >> 8;
2270 addr[4] = i;
2271 memcpy(data->addresses[0].addr, addr, ETH_ALEN);
2272 memcpy(data->addresses[1].addr, addr, ETH_ALEN);
2273 data->addresses[1].addr[0] |= 0x40;
2274 hw->wiphy->n_addresses = 2;
2275 hw->wiphy->addresses = data->addresses;
2276
2277 hw->wiphy->iface_combinations = &hwsim_if_comb;
2278 hw->wiphy->n_iface_combinations = 1;
2279
2280 if (channels > 1) {
2281 hw->wiphy->max_scan_ssids = 255;
2282 hw->wiphy->max_scan_ie_len = IEEE80211_MAX_DATA_LEN;
2283 hw->wiphy->max_remain_on_channel_duration = 1000;
2284 }
2285
2286 INIT_DELAYED_WORK(&data->roc_done, hw_roc_done);
2287 INIT_DELAYED_WORK(&data->hw_scan, hw_scan_work);
2288
2289 hw->channel_change_time = 1;
2290 hw->queues = 5;
2291 hw->offchannel_tx_hw_queue = 4;
2292 hw->wiphy->interface_modes =
2293 BIT(NL80211_IFTYPE_STATION) |
2294 BIT(NL80211_IFTYPE_AP) |
2295 BIT(NL80211_IFTYPE_P2P_CLIENT) |
2296 BIT(NL80211_IFTYPE_P2P_GO) |
2297 BIT(NL80211_IFTYPE_ADHOC) |
2298 BIT(NL80211_IFTYPE_MESH_POINT) |
2299 BIT(NL80211_IFTYPE_P2P_DEVICE);
2300
2301 hw->flags = IEEE80211_HW_MFP_CAPABLE |
2302 IEEE80211_HW_SIGNAL_DBM |
2303 IEEE80211_HW_SUPPORTS_STATIC_SMPS |
2304 IEEE80211_HW_SUPPORTS_DYNAMIC_SMPS |
2305 IEEE80211_HW_AMPDU_AGGREGATION |
2306 IEEE80211_HW_WANT_MONITOR_VIF |
2307 IEEE80211_HW_QUEUE_CONTROL;
2308 if (rctbl)
2309 hw->flags |= IEEE80211_HW_SUPPORTS_RC_TABLE;
2310
2311 hw->wiphy->flags |= WIPHY_FLAG_SUPPORTS_TDLS |
2312 WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL;
2313
2314
2315 hw->vif_data_size = sizeof(struct hwsim_vif_priv);
2316 hw->sta_data_size = sizeof(struct hwsim_sta_priv);
2317 hw->chanctx_data_size = sizeof(struct hwsim_chanctx_priv);
2318
2319 memcpy(data->channels_2ghz, hwsim_channels_2ghz,
2320 sizeof(hwsim_channels_2ghz));
2321 memcpy(data->channels_5ghz, hwsim_channels_5ghz,
2322 sizeof(hwsim_channels_5ghz));
2323 memcpy(data->rates, hwsim_rates, sizeof(hwsim_rates));
2324
2325 for (band = IEEE80211_BAND_2GHZ; band < IEEE80211_NUM_BANDS; band++) {
2326 struct ieee80211_supported_band *sband = &data->bands[band];
2327 switch (band) {
2328 case IEEE80211_BAND_2GHZ:
2329 sband->channels = data->channels_2ghz;
2330 sband->n_channels =
2331 ARRAY_SIZE(hwsim_channels_2ghz);
2332 sband->bitrates = data->rates;
2333 sband->n_bitrates = ARRAY_SIZE(hwsim_rates);
2334 break;
2335 case IEEE80211_BAND_5GHZ:
2336 sband->channels = data->channels_5ghz;
2337 sband->n_channels =
2338 ARRAY_SIZE(hwsim_channels_5ghz);
2339 sband->bitrates = data->rates + 4;
2340 sband->n_bitrates = ARRAY_SIZE(hwsim_rates) - 4;
2341 break;
2342 default:
2343 continue;
2344 }
2345
2346 sband->ht_cap.ht_supported = true;
2347 sband->ht_cap.cap = IEEE80211_HT_CAP_SUP_WIDTH_20_40 |
2348 IEEE80211_HT_CAP_GRN_FLD |
2349 IEEE80211_HT_CAP_SGI_40 |
2350 IEEE80211_HT_CAP_DSSSCCK40;
2351 sband->ht_cap.ampdu_factor = 0x3;
2352 sband->ht_cap.ampdu_density = 0x6;
2353 memset(&sband->ht_cap.mcs, 0,
2354 sizeof(sband->ht_cap.mcs));
2355 sband->ht_cap.mcs.rx_mask[0] = 0xff;
2356 sband->ht_cap.mcs.rx_mask[1] = 0xff;
2357 sband->ht_cap.mcs.tx_params = IEEE80211_HT_MCS_TX_DEFINED;
2358
2359 hw->wiphy->bands[band] = sband;
2360
2361 sband->vht_cap.vht_supported = true;
2362 sband->vht_cap.cap =
2363 IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_11454 |
2364 IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ |
2365 IEEE80211_VHT_CAP_RXLDPC |
2366 IEEE80211_VHT_CAP_SHORT_GI_80 |
2367 IEEE80211_VHT_CAP_SHORT_GI_160 |
2368 IEEE80211_VHT_CAP_TXSTBC |
2369 IEEE80211_VHT_CAP_RXSTBC_1 |
2370 IEEE80211_VHT_CAP_RXSTBC_2 |
2371 IEEE80211_VHT_CAP_RXSTBC_3 |
2372 IEEE80211_VHT_CAP_RXSTBC_4 |
2373 IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK;
2374 sband->vht_cap.vht_mcs.rx_mcs_map =
2375 cpu_to_le16(IEEE80211_VHT_MCS_SUPPORT_0_8 << 0 |
2376 IEEE80211_VHT_MCS_SUPPORT_0_8 << 2 |
2377 IEEE80211_VHT_MCS_SUPPORT_0_9 << 4 |
2378 IEEE80211_VHT_MCS_SUPPORT_0_8 << 6 |
2379 IEEE80211_VHT_MCS_SUPPORT_0_8 << 8 |
2380 IEEE80211_VHT_MCS_SUPPORT_0_9 << 10 |
2381 IEEE80211_VHT_MCS_SUPPORT_0_9 << 12 |
2382 IEEE80211_VHT_MCS_SUPPORT_0_8 << 14);
2383 sband->vht_cap.vht_mcs.tx_mcs_map =
2384 sband->vht_cap.vht_mcs.rx_mcs_map;
2385 }
2386
2387 data->group = 1;
2388 mutex_init(&data->mutex);
2389
2390
2391 hw->max_rates = 4;
2392 hw->max_rate_tries = 11;
2393
2394
2395 switch (regtest) {
2396 case HWSIM_REGTEST_DISABLED:
2397 case HWSIM_REGTEST_DRIVER_REG_FOLLOW:
2398 case HWSIM_REGTEST_DRIVER_REG_ALL:
2399 case HWSIM_REGTEST_DIFF_COUNTRY:
2400
2401
2402
2403
2404 break;
2405 case HWSIM_REGTEST_WORLD_ROAM:
2406 if (i == 0) {
2407 hw->wiphy->flags |= WIPHY_FLAG_CUSTOM_REGULATORY;
2408 wiphy_apply_custom_regulatory(hw->wiphy,
2409 &hwsim_world_regdom_custom_01);
2410 }
2411 break;
2412 case HWSIM_REGTEST_CUSTOM_WORLD:
2413 hw->wiphy->flags |= WIPHY_FLAG_CUSTOM_REGULATORY;
2414 wiphy_apply_custom_regulatory(hw->wiphy,
2415 &hwsim_world_regdom_custom_01);
2416 break;
2417 case HWSIM_REGTEST_CUSTOM_WORLD_2:
2418 if (i == 0) {
2419 hw->wiphy->flags |= WIPHY_FLAG_CUSTOM_REGULATORY;
2420 wiphy_apply_custom_regulatory(hw->wiphy,
2421 &hwsim_world_regdom_custom_01);
2422 } else if (i == 1) {
2423 hw->wiphy->flags |= WIPHY_FLAG_CUSTOM_REGULATORY;
2424 wiphy_apply_custom_regulatory(hw->wiphy,
2425 &hwsim_world_regdom_custom_02);
2426 }
2427 break;
2428 case HWSIM_REGTEST_STRICT_ALL:
2429 hw->wiphy->flags |= WIPHY_FLAG_STRICT_REGULATORY;
2430 break;
2431 case HWSIM_REGTEST_STRICT_FOLLOW:
2432 case HWSIM_REGTEST_STRICT_AND_DRIVER_REG:
2433 if (i == 0)
2434 hw->wiphy->flags |= WIPHY_FLAG_STRICT_REGULATORY;
2435 break;
2436 case HWSIM_REGTEST_ALL:
2437 if (i == 0) {
2438 hw->wiphy->flags |= WIPHY_FLAG_CUSTOM_REGULATORY;
2439 wiphy_apply_custom_regulatory(hw->wiphy,
2440 &hwsim_world_regdom_custom_01);
2441 } else if (i == 1) {
2442 hw->wiphy->flags |= WIPHY_FLAG_CUSTOM_REGULATORY;
2443 wiphy_apply_custom_regulatory(hw->wiphy,
2444 &hwsim_world_regdom_custom_02);
2445 } else if (i == 4)
2446 hw->wiphy->flags |= WIPHY_FLAG_STRICT_REGULATORY;
2447 break;
2448 default:
2449 break;
2450 }
2451
2452
2453 if (regtest)
2454 schedule_timeout_interruptible(1);
2455 err = ieee80211_register_hw(hw);
2456 if (err < 0) {
2457 printk(KERN_DEBUG "mac80211_hwsim: "
2458 "ieee80211_register_hw failed (%d)\n", err);
2459 goto failed_hw;
2460 }
2461
2462
2463 switch (regtest) {
2464 case HWSIM_REGTEST_WORLD_ROAM:
2465 case HWSIM_REGTEST_DISABLED:
2466 break;
2467 case HWSIM_REGTEST_DRIVER_REG_FOLLOW:
2468 if (!i)
2469 regulatory_hint(hw->wiphy, hwsim_alpha2s[0]);
2470 break;
2471 case HWSIM_REGTEST_DRIVER_REG_ALL:
2472 case HWSIM_REGTEST_STRICT_ALL:
2473 regulatory_hint(hw->wiphy, hwsim_alpha2s[0]);
2474 break;
2475 case HWSIM_REGTEST_DIFF_COUNTRY:
2476 if (i < ARRAY_SIZE(hwsim_alpha2s))
2477 regulatory_hint(hw->wiphy, hwsim_alpha2s[i]);
2478 break;
2479 case HWSIM_REGTEST_CUSTOM_WORLD:
2480 case HWSIM_REGTEST_CUSTOM_WORLD_2:
2481
2482
2483
2484
2485 break;
2486 case HWSIM_REGTEST_STRICT_FOLLOW:
2487 if (i == 0)
2488 regulatory_hint(hw->wiphy, hwsim_alpha2s[0]);
2489 break;
2490 case HWSIM_REGTEST_STRICT_AND_DRIVER_REG:
2491 if (i == 0)
2492 regulatory_hint(hw->wiphy, hwsim_alpha2s[0]);
2493 else if (i == 1)
2494 regulatory_hint(hw->wiphy, hwsim_alpha2s[1]);
2495 break;
2496 case HWSIM_REGTEST_ALL:
2497 if (i == 2)
2498 regulatory_hint(hw->wiphy, hwsim_alpha2s[0]);
2499 else if (i == 3)
2500 regulatory_hint(hw->wiphy, hwsim_alpha2s[1]);
2501 else if (i == 4)
2502 regulatory_hint(hw->wiphy, hwsim_alpha2s[2]);
2503 break;
2504 default:
2505 break;
2506 }
2507
2508 wiphy_debug(hw->wiphy, "hwaddr %pm registered\n",
2509 hw->wiphy->perm_addr);
2510
2511 data->debugfs = debugfs_create_dir("hwsim",
2512 hw->wiphy->debugfsdir);
2513 data->debugfs_ps = debugfs_create_file("ps", 0666,
2514 data->debugfs, data,
2515 &hwsim_fops_ps);
2516 data->debugfs_group = debugfs_create_file("group", 0666,
2517 data->debugfs, data,
2518 &hwsim_fops_group);
2519
2520 tasklet_hrtimer_init(&data->beacon_timer,
2521 mac80211_hwsim_beacon,
2522 CLOCK_REALTIME, HRTIMER_MODE_ABS);
2523
2524 list_add_tail(&data->list, &hwsim_radios);
2525 }
2526
2527 hwsim_mon = alloc_netdev(0, "hwsim%d", hwsim_mon_setup);
2528 if (hwsim_mon == NULL)
2529 goto failed;
2530
2531 rtnl_lock();
2532
2533 err = dev_alloc_name(hwsim_mon, hwsim_mon->name);
2534 if (err < 0)
2535 goto failed_mon;
2536
2537
2538 err = register_netdevice(hwsim_mon);
2539 if (err < 0)
2540 goto failed_mon;
2541
2542 rtnl_unlock();
2543
2544 err = hwsim_init_netlink();
2545 if (err < 0)
2546 goto failed_nl;
2547
2548 return 0;
2549
2550failed_nl:
2551 printk(KERN_DEBUG "mac_80211_hwsim: failed initializing netlink\n");
2552 return err;
2553
2554failed_mon:
2555 rtnl_unlock();
2556 free_netdev(hwsim_mon);
2557 mac80211_hwsim_free();
2558 return err;
2559
2560failed_hw:
2561 device_unregister(data->dev);
2562failed_drvdata:
2563 ieee80211_free_hw(hw);
2564failed:
2565 mac80211_hwsim_free();
2566failed_unregister_driver:
2567 platform_driver_unregister(&mac80211_hwsim_driver);
2568 return err;
2569}
2570module_init(init_mac80211_hwsim);
2571
2572static void __exit exit_mac80211_hwsim(void)
2573{
2574 printk(KERN_DEBUG "mac80211_hwsim: unregister radios\n");
2575
2576 hwsim_exit_netlink();
2577
2578 mac80211_hwsim_free();
2579 unregister_netdev(hwsim_mon);
2580 platform_driver_unregister(&mac80211_hwsim_driver);
2581}
2582module_exit(exit_mac80211_hwsim);
2583
