1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18#include <linux/list.h>
19#include <linux/slab.h>
20#include <linux/spinlock.h>
21#include <net/dst.h>
22#include <net/xfrm.h>
23#include <net/mac80211.h>
24#include <net/ieee80211_radiotap.h>
25#include <linux/if_arp.h>
26#include <linux/rtnetlink.h>
27#include <linux/etherdevice.h>
28#include <linux/platform_device.h>
29#include <linux/debugfs.h>
30#include <linux/module.h>
31#include <linux/ktime.h>
32#include <net/genetlink.h>
33#include <net/net_namespace.h>
34#include <net/netns/generic.h>
35#include <linux/rhashtable.h>
36#include "mac80211_hwsim.h"
37
38#define WARN_QUEUE 100
39#define MAX_QUEUE 200
40
41MODULE_AUTHOR("Jouni Malinen");
42MODULE_DESCRIPTION("Software simulator of 802.11 radio(s) for mac80211");
43MODULE_LICENSE("GPL");
44
45static int radios = 2;
46module_param(radios, int, 0444);
47MODULE_PARM_DESC(radios, "Number of simulated radios");
48
49static int channels = 1;
50module_param(channels, int, 0444);
51MODULE_PARM_DESC(channels, "Number of concurrent channels");
52
53static bool paged_rx = false;
54module_param(paged_rx, bool, 0644);
55MODULE_PARM_DESC(paged_rx, "Use paged SKBs for RX instead of linear ones");
56
57static bool rctbl = false;
58module_param(rctbl, bool, 0444);
59MODULE_PARM_DESC(rctbl, "Handle rate control table");
60
61static bool support_p2p_device = true;
62module_param(support_p2p_device, bool, 0444);
63MODULE_PARM_DESC(support_p2p_device, "Support P2P-Device interface type");
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122enum hwsim_regtest {
123 HWSIM_REGTEST_DISABLED = 0,
124 HWSIM_REGTEST_DRIVER_REG_FOLLOW = 1,
125 HWSIM_REGTEST_DRIVER_REG_ALL = 2,
126 HWSIM_REGTEST_DIFF_COUNTRY = 3,
127 HWSIM_REGTEST_WORLD_ROAM = 4,
128 HWSIM_REGTEST_CUSTOM_WORLD = 5,
129 HWSIM_REGTEST_CUSTOM_WORLD_2 = 6,
130 HWSIM_REGTEST_STRICT_FOLLOW = 7,
131 HWSIM_REGTEST_STRICT_ALL = 8,
132 HWSIM_REGTEST_STRICT_AND_DRIVER_REG = 9,
133 HWSIM_REGTEST_ALL = 10,
134};
135
136
137static int regtest = HWSIM_REGTEST_DISABLED;
138module_param(regtest, int, 0444);
139MODULE_PARM_DESC(regtest, "The type of regulatory test we want to run");
140
141static const char *hwsim_alpha2s[] = {
142 "FI",
143 "AL",
144 "US",
145 "DE",
146 "JP",
147 "AL",
148};
149
150static const struct ieee80211_regdomain hwsim_world_regdom_custom_01 = {
151 .n_reg_rules = 4,
152 .alpha2 = "99",
153 .reg_rules = {
154 REG_RULE(2412-10, 2462+10, 40, 0, 20, 0),
155 REG_RULE(2484-10, 2484+10, 40, 0, 20, 0),
156 REG_RULE(5150-10, 5240+10, 40, 0, 30, 0),
157 REG_RULE(5745-10, 5825+10, 40, 0, 30, 0),
158 }
159};
160
161static const struct ieee80211_regdomain hwsim_world_regdom_custom_02 = {
162 .n_reg_rules = 2,
163 .alpha2 = "99",
164 .reg_rules = {
165 REG_RULE(2412-10, 2462+10, 40, 0, 20, 0),
166 REG_RULE(5725-10, 5850+10, 40, 0, 30,
167 NL80211_RRF_NO_IR),
168 }
169};
170
171static const struct ieee80211_regdomain *hwsim_world_regdom_custom[] = {
172 &hwsim_world_regdom_custom_01,
173 &hwsim_world_regdom_custom_02,
174};
175
176struct hwsim_vif_priv {
177 u32 magic;
178 u8 bssid[ETH_ALEN];
179 bool assoc;
180 bool bcn_en;
181 u16 aid;
182};
183
184#define HWSIM_VIF_MAGIC 0x69537748
185
186static inline void hwsim_check_magic(struct ieee80211_vif *vif)
187{
188 struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
189 WARN(vp->magic != HWSIM_VIF_MAGIC,
190 "Invalid VIF (%p) magic %#x, %pM, %d/%d\n",
191 vif, vp->magic, vif->addr, vif->type, vif->p2p);
192}
193
194static inline void hwsim_set_magic(struct ieee80211_vif *vif)
195{
196 struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
197 vp->magic = HWSIM_VIF_MAGIC;
198}
199
200static inline void hwsim_clear_magic(struct ieee80211_vif *vif)
201{
202 struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
203 vp->magic = 0;
204}
205
206struct hwsim_sta_priv {
207 u32 magic;
208};
209
210#define HWSIM_STA_MAGIC 0x6d537749
211
212static inline void hwsim_check_sta_magic(struct ieee80211_sta *sta)
213{
214 struct hwsim_sta_priv *sp = (void *)sta->drv_priv;
215 WARN_ON(sp->magic != HWSIM_STA_MAGIC);
216}
217
218static inline void hwsim_set_sta_magic(struct ieee80211_sta *sta)
219{
220 struct hwsim_sta_priv *sp = (void *)sta->drv_priv;
221 sp->magic = HWSIM_STA_MAGIC;
222}
223
224static inline void hwsim_clear_sta_magic(struct ieee80211_sta *sta)
225{
226 struct hwsim_sta_priv *sp = (void *)sta->drv_priv;
227 sp->magic = 0;
228}
229
230struct hwsim_chanctx_priv {
231 u32 magic;
232};
233
234#define HWSIM_CHANCTX_MAGIC 0x6d53774a
235
236static inline void hwsim_check_chanctx_magic(struct ieee80211_chanctx_conf *c)
237{
238 struct hwsim_chanctx_priv *cp = (void *)c->drv_priv;
239 WARN_ON(cp->magic != HWSIM_CHANCTX_MAGIC);
240}
241
242static inline void hwsim_set_chanctx_magic(struct ieee80211_chanctx_conf *c)
243{
244 struct hwsim_chanctx_priv *cp = (void *)c->drv_priv;
245 cp->magic = HWSIM_CHANCTX_MAGIC;
246}
247
248static inline void hwsim_clear_chanctx_magic(struct ieee80211_chanctx_conf *c)
249{
250 struct hwsim_chanctx_priv *cp = (void *)c->drv_priv;
251 cp->magic = 0;
252}
253
254static unsigned int hwsim_net_id;
255
256static DEFINE_IDA(hwsim_netgroup_ida);
257
258struct hwsim_net {
259 int netgroup;
260 u32 wmediumd;
261};
262
263static inline int hwsim_net_get_netgroup(struct net *net)
264{
265 struct hwsim_net *hwsim_net = net_generic(net, hwsim_net_id);
266
267 return hwsim_net->netgroup;
268}
269
270static inline int hwsim_net_set_netgroup(struct net *net)
271{
272 struct hwsim_net *hwsim_net = net_generic(net, hwsim_net_id);
273
274 hwsim_net->netgroup = ida_simple_get(&hwsim_netgroup_ida,
275 0, 0, GFP_KERNEL);
276 return hwsim_net->netgroup >= 0 ? 0 : -ENOMEM;
277}
278
279static inline u32 hwsim_net_get_wmediumd(struct net *net)
280{
281 struct hwsim_net *hwsim_net = net_generic(net, hwsim_net_id);
282
283 return hwsim_net->wmediumd;
284}
285
286static inline void hwsim_net_set_wmediumd(struct net *net, u32 portid)
287{
288 struct hwsim_net *hwsim_net = net_generic(net, hwsim_net_id);
289
290 hwsim_net->wmediumd = portid;
291}
292
293static struct class *hwsim_class;
294
295static struct net_device *hwsim_mon;
296
297#define CHAN2G(_freq) { \
298 .band = NL80211_BAND_2GHZ, \
299 .center_freq = (_freq), \
300 .hw_value = (_freq), \
301 .max_power = 20, \
302}
303
304#define CHAN5G(_freq) { \
305 .band = NL80211_BAND_5GHZ, \
306 .center_freq = (_freq), \
307 .hw_value = (_freq), \
308 .max_power = 20, \
309}
310
311static const struct ieee80211_channel hwsim_channels_2ghz[] = {
312 CHAN2G(2412),
313 CHAN2G(2417),
314 CHAN2G(2422),
315 CHAN2G(2427),
316 CHAN2G(2432),
317 CHAN2G(2437),
318 CHAN2G(2442),
319 CHAN2G(2447),
320 CHAN2G(2452),
321 CHAN2G(2457),
322 CHAN2G(2462),
323 CHAN2G(2467),
324 CHAN2G(2472),
325 CHAN2G(2484),
326};
327
328static const struct ieee80211_channel hwsim_channels_5ghz[] = {
329 CHAN5G(5180),
330 CHAN5G(5200),
331 CHAN5G(5220),
332 CHAN5G(5240),
333
334 CHAN5G(5260),
335 CHAN5G(5280),
336 CHAN5G(5300),
337 CHAN5G(5320),
338
339 CHAN5G(5500),
340 CHAN5G(5520),
341 CHAN5G(5540),
342 CHAN5G(5560),
343 CHAN5G(5580),
344 CHAN5G(5600),
345 CHAN5G(5620),
346 CHAN5G(5640),
347 CHAN5G(5660),
348 CHAN5G(5680),
349 CHAN5G(5700),
350
351 CHAN5G(5745),
352 CHAN5G(5765),
353 CHAN5G(5785),
354 CHAN5G(5805),
355 CHAN5G(5825),
356 CHAN5G(5845),
357};
358
359static const struct ieee80211_rate hwsim_rates[] = {
360 { .bitrate = 10 },
361 { .bitrate = 20, .flags = IEEE80211_RATE_SHORT_PREAMBLE },
362 { .bitrate = 55, .flags = IEEE80211_RATE_SHORT_PREAMBLE },
363 { .bitrate = 110, .flags = IEEE80211_RATE_SHORT_PREAMBLE },
364 { .bitrate = 60 },
365 { .bitrate = 90 },
366 { .bitrate = 120 },
367 { .bitrate = 180 },
368 { .bitrate = 240 },
369 { .bitrate = 360 },
370 { .bitrate = 480 },
371 { .bitrate = 540 }
372};
373
374#define OUI_QCA 0x001374
375#define QCA_NL80211_SUBCMD_TEST 1
376enum qca_nl80211_vendor_subcmds {
377 QCA_WLAN_VENDOR_ATTR_TEST = 8,
378 QCA_WLAN_VENDOR_ATTR_MAX = QCA_WLAN_VENDOR_ATTR_TEST
379};
380
381static const struct nla_policy
382hwsim_vendor_test_policy[QCA_WLAN_VENDOR_ATTR_MAX + 1] = {
383 [QCA_WLAN_VENDOR_ATTR_MAX] = { .type = NLA_U32 },
384};
385
386static int mac80211_hwsim_vendor_cmd_test(struct wiphy *wiphy,
387 struct wireless_dev *wdev,
388 const void *data, int data_len)
389{
390 struct sk_buff *skb;
391 struct nlattr *tb[QCA_WLAN_VENDOR_ATTR_MAX + 1];
392 int err;
393 u32 val;
394
395 err = nla_parse(tb, QCA_WLAN_VENDOR_ATTR_MAX, data, data_len,
396 hwsim_vendor_test_policy, NULL);
397 if (err)
398 return err;
399 if (!tb[QCA_WLAN_VENDOR_ATTR_TEST])
400 return -EINVAL;
401 val = nla_get_u32(tb[QCA_WLAN_VENDOR_ATTR_TEST]);
402 wiphy_dbg(wiphy, "%s: test=%u\n", __func__, val);
403
404
405
406
407
408
409
410
411 skb = cfg80211_vendor_event_alloc(wiphy, wdev, 100, 0, GFP_KERNEL);
412 if (skb) {
413
414
415
416
417
418 nla_put_u32(skb, QCA_WLAN_VENDOR_ATTR_TEST, val + 1);
419
420
421 cfg80211_vendor_event(skb, GFP_KERNEL);
422 }
423
424
425 skb = cfg80211_vendor_cmd_alloc_reply_skb(wiphy, 10);
426 if (!skb)
427 return -ENOMEM;
428
429
430
431
432 nla_put_u32(skb, QCA_WLAN_VENDOR_ATTR_TEST, val + 2);
433
434 return cfg80211_vendor_cmd_reply(skb);
435}
436
437static struct wiphy_vendor_command mac80211_hwsim_vendor_commands[] = {
438 {
439 .info = { .vendor_id = OUI_QCA,
440 .subcmd = QCA_NL80211_SUBCMD_TEST },
441 .flags = WIPHY_VENDOR_CMD_NEED_NETDEV,
442 .doit = mac80211_hwsim_vendor_cmd_test,
443 }
444};
445
446
447static const struct nl80211_vendor_cmd_info mac80211_hwsim_vendor_events[] = {
448 { .vendor_id = OUI_QCA, .subcmd = 1 },
449};
450
451static const struct ieee80211_iface_limit hwsim_if_limits[] = {
452 { .max = 1, .types = BIT(NL80211_IFTYPE_ADHOC) },
453 { .max = 2048, .types = BIT(NL80211_IFTYPE_STATION) |
454 BIT(NL80211_IFTYPE_P2P_CLIENT) |
455#ifdef CONFIG_MAC80211_MESH
456 BIT(NL80211_IFTYPE_MESH_POINT) |
457#endif
458 BIT(NL80211_IFTYPE_AP) |
459 BIT(NL80211_IFTYPE_P2P_GO) },
460
461 { .max = 1, .types = BIT(NL80211_IFTYPE_P2P_DEVICE) }
462};
463
464static const struct ieee80211_iface_combination hwsim_if_comb[] = {
465 {
466 .limits = hwsim_if_limits,
467
468 .n_limits = ARRAY_SIZE(hwsim_if_limits) - 1,
469 .max_interfaces = 2048,
470 .num_different_channels = 1,
471 .radar_detect_widths = BIT(NL80211_CHAN_WIDTH_20_NOHT) |
472 BIT(NL80211_CHAN_WIDTH_20) |
473 BIT(NL80211_CHAN_WIDTH_40) |
474 BIT(NL80211_CHAN_WIDTH_80) |
475 BIT(NL80211_CHAN_WIDTH_160),
476 },
477};
478
479static const struct ieee80211_iface_combination hwsim_if_comb_p2p_dev[] = {
480 {
481 .limits = hwsim_if_limits,
482 .n_limits = ARRAY_SIZE(hwsim_if_limits),
483 .max_interfaces = 2048,
484 .num_different_channels = 1,
485 .radar_detect_widths = BIT(NL80211_CHAN_WIDTH_20_NOHT) |
486 BIT(NL80211_CHAN_WIDTH_20) |
487 BIT(NL80211_CHAN_WIDTH_40) |
488 BIT(NL80211_CHAN_WIDTH_80) |
489 BIT(NL80211_CHAN_WIDTH_160),
490 },
491};
492
493static spinlock_t hwsim_radio_lock;
494static LIST_HEAD(hwsim_radios);
495static struct workqueue_struct *hwsim_wq;
496static struct rhashtable hwsim_radios_rht;
497static int hwsim_radio_idx;
498static int hwsim_radios_generation = 1;
499
500static struct platform_driver mac80211_hwsim_driver = {
501 .driver = {
502 .name = "mac80211_hwsim",
503 },
504};
505
506struct mac80211_hwsim_data {
507 struct list_head list;
508 struct rhash_head rht;
509 struct ieee80211_hw *hw;
510 struct device *dev;
511 struct ieee80211_supported_band bands[NUM_NL80211_BANDS];
512 struct ieee80211_channel channels_2ghz[ARRAY_SIZE(hwsim_channels_2ghz)];
513 struct ieee80211_channel channels_5ghz[ARRAY_SIZE(hwsim_channels_5ghz)];
514 struct ieee80211_rate rates[ARRAY_SIZE(hwsim_rates)];
515 struct ieee80211_iface_combination if_combination;
516
517 struct mac_address addresses[2];
518 int channels, idx;
519 bool use_chanctx;
520 bool destroy_on_close;
521 struct work_struct destroy_work;
522 u32 portid;
523 char alpha2[2];
524 const struct ieee80211_regdomain *regd;
525
526 struct ieee80211_channel *tmp_chan;
527 struct ieee80211_channel *roc_chan;
528 u32 roc_duration;
529 struct delayed_work roc_start;
530 struct delayed_work roc_done;
531 struct delayed_work hw_scan;
532 struct cfg80211_scan_request *hw_scan_request;
533 struct ieee80211_vif *hw_scan_vif;
534 int scan_chan_idx;
535 u8 scan_addr[ETH_ALEN];
536 struct {
537 struct ieee80211_channel *channel;
538 unsigned long next_start, start, end;
539 } survey_data[ARRAY_SIZE(hwsim_channels_2ghz) +
540 ARRAY_SIZE(hwsim_channels_5ghz)];
541
542 struct ieee80211_channel *channel;
543 u64 beacon_int ;
544 unsigned int rx_filter;
545 bool started, idle, scanning;
546 struct mutex mutex;
547 struct tasklet_hrtimer beacon_timer;
548 enum ps_mode {
549 PS_DISABLED, PS_ENABLED, PS_AUTO_POLL, PS_MANUAL_POLL
550 } ps;
551 bool ps_poll_pending;
552 struct dentry *debugfs;
553
554 uintptr_t pending_cookie;
555 struct sk_buff_head pending;
556
557
558
559
560
561 u64 group;
562
563
564 int netgroup;
565
566 u32 wmediumd;
567
568
569 s64 tsf_offset;
570 s64 bcn_delta;
571
572 u64 abs_bcn_ts;
573
574
575 u64 tx_pkts;
576 u64 rx_pkts;
577 u64 tx_bytes;
578 u64 rx_bytes;
579 u64 tx_dropped;
580 u64 tx_failed;
581};
582
583static const struct rhashtable_params hwsim_rht_params = {
584 .nelem_hint = 2,
585 .automatic_shrinking = true,
586 .key_len = ETH_ALEN,
587 .key_offset = offsetof(struct mac80211_hwsim_data, addresses[1]),
588 .head_offset = offsetof(struct mac80211_hwsim_data, rht),
589};
590
591struct hwsim_radiotap_hdr {
592 struct ieee80211_radiotap_header hdr;
593 __le64 rt_tsft;
594 u8 rt_flags;
595 u8 rt_rate;
596 __le16 rt_channel;
597 __le16 rt_chbitmask;
598} __packed;
599
600struct hwsim_radiotap_ack_hdr {
601 struct ieee80211_radiotap_header hdr;
602 u8 rt_flags;
603 u8 pad;
604 __le16 rt_channel;
605 __le16 rt_chbitmask;
606} __packed;
607
608
609static struct genl_family hwsim_genl_family;
610
611enum hwsim_multicast_groups {
612 HWSIM_MCGRP_CONFIG,
613};
614
615static const struct genl_multicast_group hwsim_mcgrps[] = {
616 [HWSIM_MCGRP_CONFIG] = { .name = "config", },
617};
618
619
620
621static const struct nla_policy hwsim_genl_policy[HWSIM_ATTR_MAX + 1] = {
622 [HWSIM_ATTR_ADDR_RECEIVER] = { .type = NLA_UNSPEC, .len = ETH_ALEN },
623 [HWSIM_ATTR_ADDR_TRANSMITTER] = { .type = NLA_UNSPEC, .len = ETH_ALEN },
624 [HWSIM_ATTR_FRAME] = { .type = NLA_BINARY,
625 .len = IEEE80211_MAX_DATA_LEN },
626 [HWSIM_ATTR_FLAGS] = { .type = NLA_U32 },
627 [HWSIM_ATTR_RX_RATE] = { .type = NLA_U32 },
628 [HWSIM_ATTR_SIGNAL] = { .type = NLA_U32 },
629 [HWSIM_ATTR_TX_INFO] = { .type = NLA_UNSPEC,
630 .len = IEEE80211_TX_MAX_RATES *
631 sizeof(struct hwsim_tx_rate)},
632 [HWSIM_ATTR_COOKIE] = { .type = NLA_U64 },
633 [HWSIM_ATTR_CHANNELS] = { .type = NLA_U32 },
634 [HWSIM_ATTR_RADIO_ID] = { .type = NLA_U32 },
635 [HWSIM_ATTR_REG_HINT_ALPHA2] = { .type = NLA_STRING, .len = 2 },
636 [HWSIM_ATTR_REG_CUSTOM_REG] = { .type = NLA_U32 },
637 [HWSIM_ATTR_REG_STRICT_REG] = { .type = NLA_FLAG },
638 [HWSIM_ATTR_SUPPORT_P2P_DEVICE] = { .type = NLA_FLAG },
639 [HWSIM_ATTR_DESTROY_RADIO_ON_CLOSE] = { .type = NLA_FLAG },
640 [HWSIM_ATTR_RADIO_NAME] = { .type = NLA_STRING },
641 [HWSIM_ATTR_NO_VIF] = { .type = NLA_FLAG },
642 [HWSIM_ATTR_FREQ] = { .type = NLA_U32 },
643 [HWSIM_ATTR_PERM_ADDR] = { .type = NLA_UNSPEC, .len = ETH_ALEN },
644};
645
646static void mac80211_hwsim_tx_frame(struct ieee80211_hw *hw,
647 struct sk_buff *skb,
648 struct ieee80211_channel *chan);
649
650
651static void hwsim_send_ps_poll(void *dat, u8 *mac, struct ieee80211_vif *vif)
652{
653 struct mac80211_hwsim_data *data = dat;
654 struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
655 struct sk_buff *skb;
656 struct ieee80211_pspoll *pspoll;
657
658 if (!vp->assoc)
659 return;
660
661 wiphy_dbg(data->hw->wiphy,
662 "%s: send PS-Poll to %pM for aid %d\n",
663 __func__, vp->bssid, vp->aid);
664
665 skb = dev_alloc_skb(sizeof(*pspoll));
666 if (!skb)
667 return;
668 pspoll = skb_put(skb, sizeof(*pspoll));
669 pspoll->frame_control = cpu_to_le16(IEEE80211_FTYPE_CTL |
670 IEEE80211_STYPE_PSPOLL |
671 IEEE80211_FCTL_PM);
672 pspoll->aid = cpu_to_le16(0xc000 | vp->aid);
673 memcpy(pspoll->bssid, vp->bssid, ETH_ALEN);
674 memcpy(pspoll->ta, mac, ETH_ALEN);
675
676 rcu_read_lock();
677 mac80211_hwsim_tx_frame(data->hw, skb,
678 rcu_dereference(vif->chanctx_conf)->def.chan);
679 rcu_read_unlock();
680}
681
682static void hwsim_send_nullfunc(struct mac80211_hwsim_data *data, u8 *mac,
683 struct ieee80211_vif *vif, int ps)
684{
685 struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
686 struct sk_buff *skb;
687 struct ieee80211_hdr *hdr;
688
689 if (!vp->assoc)
690 return;
691
692 wiphy_dbg(data->hw->wiphy,
693 "%s: send data::nullfunc to %pM ps=%d\n",
694 __func__, vp->bssid, ps);
695
696 skb = dev_alloc_skb(sizeof(*hdr));
697 if (!skb)
698 return;
699 hdr = skb_put(skb, sizeof(*hdr) - ETH_ALEN);
700 hdr->frame_control = cpu_to_le16(IEEE80211_FTYPE_DATA |
701 IEEE80211_STYPE_NULLFUNC |
702 IEEE80211_FCTL_TODS |
703 (ps ? IEEE80211_FCTL_PM : 0));
704 hdr->duration_id = cpu_to_le16(0);
705 memcpy(hdr->addr1, vp->bssid, ETH_ALEN);
706 memcpy(hdr->addr2, mac, ETH_ALEN);
707 memcpy(hdr->addr3, vp->bssid, ETH_ALEN);
708
709 rcu_read_lock();
710 mac80211_hwsim_tx_frame(data->hw, skb,
711 rcu_dereference(vif->chanctx_conf)->def.chan);
712 rcu_read_unlock();
713}
714
715
716static void hwsim_send_nullfunc_ps(void *dat, u8 *mac,
717 struct ieee80211_vif *vif)
718{
719 struct mac80211_hwsim_data *data = dat;
720 hwsim_send_nullfunc(data, mac, vif, 1);
721}
722
723static void hwsim_send_nullfunc_no_ps(void *dat, u8 *mac,
724 struct ieee80211_vif *vif)
725{
726 struct mac80211_hwsim_data *data = dat;
727 hwsim_send_nullfunc(data, mac, vif, 0);
728}
729
730static int hwsim_fops_ps_read(void *dat, u64 *val)
731{
732 struct mac80211_hwsim_data *data = dat;
733 *val = data->ps;
734 return 0;
735}
736
737static int hwsim_fops_ps_write(void *dat, u64 val)
738{
739 struct mac80211_hwsim_data *data = dat;
740 enum ps_mode old_ps;
741
742 if (val != PS_DISABLED && val != PS_ENABLED && val != PS_AUTO_POLL &&
743 val != PS_MANUAL_POLL)
744 return -EINVAL;
745
746 if (val == PS_MANUAL_POLL) {
747 if (data->ps != PS_ENABLED)
748 return -EINVAL;
749 local_bh_disable();
750 ieee80211_iterate_active_interfaces_atomic(
751 data->hw, IEEE80211_IFACE_ITER_NORMAL,
752 hwsim_send_ps_poll, data);
753 local_bh_enable();
754 return 0;
755 }
756 old_ps = data->ps;
757 data->ps = val;
758
759 local_bh_disable();
760 if (old_ps == PS_DISABLED && val != PS_DISABLED) {
761 ieee80211_iterate_active_interfaces_atomic(
762 data->hw, IEEE80211_IFACE_ITER_NORMAL,
763 hwsim_send_nullfunc_ps, data);
764 } else if (old_ps != PS_DISABLED && val == PS_DISABLED) {
765 ieee80211_iterate_active_interfaces_atomic(
766 data->hw, IEEE80211_IFACE_ITER_NORMAL,
767 hwsim_send_nullfunc_no_ps, data);
768 }
769 local_bh_enable();
770
771 return 0;
772}
773
774DEFINE_SIMPLE_ATTRIBUTE(hwsim_fops_ps, hwsim_fops_ps_read, hwsim_fops_ps_write,
775 "%llu\n");
776
777static int hwsim_write_simulate_radar(void *dat, u64 val)
778{
779 struct mac80211_hwsim_data *data = dat;
780
781 ieee80211_radar_detected(data->hw);
782
783 return 0;
784}
785
786DEFINE_SIMPLE_ATTRIBUTE(hwsim_simulate_radar, NULL,
787 hwsim_write_simulate_radar, "%llu\n");
788
789static int hwsim_fops_group_read(void *dat, u64 *val)
790{
791 struct mac80211_hwsim_data *data = dat;
792 *val = data->group;
793 return 0;
794}
795
796static int hwsim_fops_group_write(void *dat, u64 val)
797{
798 struct mac80211_hwsim_data *data = dat;
799 data->group = val;
800 return 0;
801}
802
803DEFINE_SIMPLE_ATTRIBUTE(hwsim_fops_group,
804 hwsim_fops_group_read, hwsim_fops_group_write,
805 "%llx\n");
806
807static netdev_tx_t hwsim_mon_xmit(struct sk_buff *skb,
808 struct net_device *dev)
809{
810
811 dev_kfree_skb(skb);
812 return NETDEV_TX_OK;
813}
814
815static inline u64 mac80211_hwsim_get_tsf_raw(void)
816{
817 return ktime_to_us(ktime_get_real());
818}
819
820static __le64 __mac80211_hwsim_get_tsf(struct mac80211_hwsim_data *data)
821{
822 u64 now = mac80211_hwsim_get_tsf_raw();
823 return cpu_to_le64(now + data->tsf_offset);
824}
825
826static u64 mac80211_hwsim_get_tsf(struct ieee80211_hw *hw,
827 struct ieee80211_vif *vif)
828{
829 struct mac80211_hwsim_data *data = hw->priv;
830 return le64_to_cpu(__mac80211_hwsim_get_tsf(data));
831}
832
833static void mac80211_hwsim_set_tsf(struct ieee80211_hw *hw,
834 struct ieee80211_vif *vif, u64 tsf)
835{
836 struct mac80211_hwsim_data *data = hw->priv;
837 u64 now = mac80211_hwsim_get_tsf(hw, vif);
838 u32 bcn_int = data->beacon_int;
839 u64 delta = abs(tsf - now);
840
841
842 if (tsf > now) {
843 data->tsf_offset += delta;
844 data->bcn_delta = do_div(delta, bcn_int);
845 } else {
846 data->tsf_offset -= delta;
847 data->bcn_delta = -(s64)do_div(delta, bcn_int);
848 }
849}
850
851static void mac80211_hwsim_monitor_rx(struct ieee80211_hw *hw,
852 struct sk_buff *tx_skb,
853 struct ieee80211_channel *chan)
854{
855 struct mac80211_hwsim_data *data = hw->priv;
856 struct sk_buff *skb;
857 struct hwsim_radiotap_hdr *hdr;
858 u16 flags;
859 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx_skb);
860 struct ieee80211_rate *txrate = ieee80211_get_tx_rate(hw, info);
861
862 if (WARN_ON(!txrate))
863 return;
864
865 if (!netif_running(hwsim_mon))
866 return;
867
868 skb = skb_copy_expand(tx_skb, sizeof(*hdr), 0, GFP_ATOMIC);
869 if (skb == NULL)
870 return;
871
872 hdr = skb_push(skb, sizeof(*hdr));
873 hdr->hdr.it_version = PKTHDR_RADIOTAP_VERSION;
874 hdr->hdr.it_pad = 0;
875 hdr->hdr.it_len = cpu_to_le16(sizeof(*hdr));
876 hdr->hdr.it_present = cpu_to_le32((1 << IEEE80211_RADIOTAP_FLAGS) |
877 (1 << IEEE80211_RADIOTAP_RATE) |
878 (1 << IEEE80211_RADIOTAP_TSFT) |
879 (1 << IEEE80211_RADIOTAP_CHANNEL));
880 hdr->rt_tsft = __mac80211_hwsim_get_tsf(data);
881 hdr->rt_flags = 0;
882 hdr->rt_rate = txrate->bitrate / 5;
883 hdr->rt_channel = cpu_to_le16(chan->center_freq);
884 flags = IEEE80211_CHAN_2GHZ;
885 if (txrate->flags & IEEE80211_RATE_ERP_G)
886 flags |= IEEE80211_CHAN_OFDM;
887 else
888 flags |= IEEE80211_CHAN_CCK;
889 hdr->rt_chbitmask = cpu_to_le16(flags);
890
891 skb->dev = hwsim_mon;
892 skb_reset_mac_header(skb);
893 skb->ip_summed = CHECKSUM_UNNECESSARY;
894 skb->pkt_type = PACKET_OTHERHOST;
895 skb->protocol = htons(ETH_P_802_2);
896 memset(skb->cb, 0, sizeof(skb->cb));
897 netif_rx(skb);
898}
899
900
901static void mac80211_hwsim_monitor_ack(struct ieee80211_channel *chan,
902 const u8 *addr)
903{
904 struct sk_buff *skb;
905 struct hwsim_radiotap_ack_hdr *hdr;
906 u16 flags;
907 struct ieee80211_hdr *hdr11;
908
909 if (!netif_running(hwsim_mon))
910 return;
911
912 skb = dev_alloc_skb(100);
913 if (skb == NULL)
914 return;
915
916 hdr = skb_put(skb, sizeof(*hdr));
917 hdr->hdr.it_version = PKTHDR_RADIOTAP_VERSION;
918 hdr->hdr.it_pad = 0;
919 hdr->hdr.it_len = cpu_to_le16(sizeof(*hdr));
920 hdr->hdr.it_present = cpu_to_le32((1 << IEEE80211_RADIOTAP_FLAGS) |
921 (1 << IEEE80211_RADIOTAP_CHANNEL));
922 hdr->rt_flags = 0;
923 hdr->pad = 0;
924 hdr->rt_channel = cpu_to_le16(chan->center_freq);
925 flags = IEEE80211_CHAN_2GHZ;
926 hdr->rt_chbitmask = cpu_to_le16(flags);
927
928 hdr11 = skb_put(skb, 10);
929 hdr11->frame_control = cpu_to_le16(IEEE80211_FTYPE_CTL |
930 IEEE80211_STYPE_ACK);
931 hdr11->duration_id = cpu_to_le16(0);
932 memcpy(hdr11->addr1, addr, ETH_ALEN);
933
934 skb->dev = hwsim_mon;
935 skb_reset_mac_header(skb);
936 skb->ip_summed = CHECKSUM_UNNECESSARY;
937 skb->pkt_type = PACKET_OTHERHOST;
938 skb->protocol = htons(ETH_P_802_2);
939 memset(skb->cb, 0, sizeof(skb->cb));
940 netif_rx(skb);
941}
942
943struct mac80211_hwsim_addr_match_data {
944 u8 addr[ETH_ALEN];
945 bool ret;
946};
947
948static void mac80211_hwsim_addr_iter(void *data, u8 *mac,
949 struct ieee80211_vif *vif)
950{
951 struct mac80211_hwsim_addr_match_data *md = data;
952
953 if (memcmp(mac, md->addr, ETH_ALEN) == 0)
954 md->ret = true;
955}
956
957static bool mac80211_hwsim_addr_match(struct mac80211_hwsim_data *data,
958 const u8 *addr)
959{
960 struct mac80211_hwsim_addr_match_data md = {
961 .ret = false,
962 };
963
964 if (data->scanning && memcmp(addr, data->scan_addr, ETH_ALEN) == 0)
965 return true;
966
967 memcpy(md.addr, addr, ETH_ALEN);
968
969 ieee80211_iterate_active_interfaces_atomic(data->hw,
970 IEEE80211_IFACE_ITER_NORMAL,
971 mac80211_hwsim_addr_iter,
972 &md);
973
974 return md.ret;
975}
976
977static bool hwsim_ps_rx_ok(struct mac80211_hwsim_data *data,
978 struct sk_buff *skb)
979{
980 switch (data->ps) {
981 case PS_DISABLED:
982 return true;
983 case PS_ENABLED:
984 return false;
985 case PS_AUTO_POLL:
986
987
988 return true;
989 case PS_MANUAL_POLL:
990
991
992 if (data->ps_poll_pending &&
993 mac80211_hwsim_addr_match(data, skb->data + 4)) {
994 data->ps_poll_pending = false;
995 return true;
996 }
997 return false;
998 }
999
1000 return true;
1001}
1002
1003static int hwsim_unicast_netgroup(struct mac80211_hwsim_data *data,
1004 struct sk_buff *skb, int portid)
1005{
1006 struct net *net;
1007 bool found = false;
1008 int res = -ENOENT;
1009
1010 rcu_read_lock();
1011 for_each_net_rcu(net) {
1012 if (data->netgroup == hwsim_net_get_netgroup(net)) {
1013 res = genlmsg_unicast(net, skb, portid);
1014 found = true;
1015 break;
1016 }
1017 }
1018 rcu_read_unlock();
1019
1020 if (!found)
1021 nlmsg_free(skb);
1022
1023 return res;
1024}
1025
1026static inline u16 trans_tx_rate_flags_ieee2hwsim(struct ieee80211_tx_rate *rate)
1027{
1028 u16 result = 0;
1029
1030 if (rate->flags & IEEE80211_TX_RC_USE_RTS_CTS)
1031 result |= MAC80211_HWSIM_TX_RC_USE_RTS_CTS;
1032 if (rate->flags & IEEE80211_TX_RC_USE_CTS_PROTECT)
1033 result |= MAC80211_HWSIM_TX_RC_USE_CTS_PROTECT;
1034 if (rate->flags & IEEE80211_TX_RC_USE_SHORT_PREAMBLE)
1035 result |= MAC80211_HWSIM_TX_RC_USE_SHORT_PREAMBLE;
1036 if (rate->flags & IEEE80211_TX_RC_MCS)
1037 result |= MAC80211_HWSIM_TX_RC_MCS;
1038 if (rate->flags & IEEE80211_TX_RC_GREEN_FIELD)
1039 result |= MAC80211_HWSIM_TX_RC_GREEN_FIELD;
1040 if (rate->flags & IEEE80211_TX_RC_40_MHZ_WIDTH)
1041 result |= MAC80211_HWSIM_TX_RC_40_MHZ_WIDTH;
1042 if (rate->flags & IEEE80211_TX_RC_DUP_DATA)
1043 result |= MAC80211_HWSIM_TX_RC_DUP_DATA;
1044 if (rate->flags & IEEE80211_TX_RC_SHORT_GI)
1045 result |= MAC80211_HWSIM_TX_RC_SHORT_GI;
1046 if (rate->flags & IEEE80211_TX_RC_VHT_MCS)
1047 result |= MAC80211_HWSIM_TX_RC_VHT_MCS;
1048 if (rate->flags & IEEE80211_TX_RC_80_MHZ_WIDTH)
1049 result |= MAC80211_HWSIM_TX_RC_80_MHZ_WIDTH;
1050 if (rate->flags & IEEE80211_TX_RC_160_MHZ_WIDTH)
1051 result |= MAC80211_HWSIM_TX_RC_160_MHZ_WIDTH;
1052
1053 return result;
1054}
1055
1056static void mac80211_hwsim_tx_frame_nl(struct ieee80211_hw *hw,
1057 struct sk_buff *my_skb,
1058 int dst_portid)
1059{
1060 struct sk_buff *skb;
1061 struct mac80211_hwsim_data *data = hw->priv;
1062 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) my_skb->data;
1063 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(my_skb);
1064 void *msg_head;
1065 unsigned int hwsim_flags = 0;
1066 int i;
1067 struct hwsim_tx_rate tx_attempts[IEEE80211_TX_MAX_RATES];
1068 struct hwsim_tx_rate_flag tx_attempts_flags[IEEE80211_TX_MAX_RATES];
1069 uintptr_t cookie;
1070
1071 if (data->ps != PS_DISABLED)
1072 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PM);
1073
1074 if (skb_queue_len(&data->pending) >= MAX_QUEUE) {
1075
1076 while (skb_queue_len(&data->pending) >= WARN_QUEUE) {
1077 ieee80211_free_txskb(hw, skb_dequeue(&data->pending));
1078 data->tx_dropped++;
1079 }
1080 }
1081
1082 skb = genlmsg_new(GENLMSG_DEFAULT_SIZE, GFP_ATOMIC);
1083 if (skb == NULL)
1084 goto nla_put_failure;
1085
1086 msg_head = genlmsg_put(skb, 0, 0, &hwsim_genl_family, 0,
1087 HWSIM_CMD_FRAME);
1088 if (msg_head == NULL) {
1089 pr_debug("mac80211_hwsim: problem with msg_head\n");
1090 goto nla_put_failure;
1091 }
1092
1093 if (nla_put(skb, HWSIM_ATTR_ADDR_TRANSMITTER,
1094 ETH_ALEN, data->addresses[1].addr))
1095 goto nla_put_failure;
1096
1097
1098 if (nla_put(skb, HWSIM_ATTR_FRAME, my_skb->len, my_skb->data))
1099 goto nla_put_failure;
1100
1101
1102
1103
1104 if (info->flags & IEEE80211_TX_CTL_REQ_TX_STATUS)
1105 hwsim_flags |= HWSIM_TX_CTL_REQ_TX_STATUS;
1106
1107 if (info->flags & IEEE80211_TX_CTL_NO_ACK)
1108 hwsim_flags |= HWSIM_TX_CTL_NO_ACK;
1109
1110 if (nla_put_u32(skb, HWSIM_ATTR_FLAGS, hwsim_flags))
1111 goto nla_put_failure;
1112
1113 if (nla_put_u32(skb, HWSIM_ATTR_FREQ, data->channel->center_freq))
1114 goto nla_put_failure;
1115
1116
1117
1118 for (i = 0; i < IEEE80211_TX_MAX_RATES; i++) {
1119 tx_attempts[i].idx = info->status.rates[i].idx;
1120 tx_attempts_flags[i].idx = info->status.rates[i].idx;
1121 tx_attempts[i].count = info->status.rates[i].count;
1122 tx_attempts_flags[i].flags =
1123 trans_tx_rate_flags_ieee2hwsim(
1124 &info->status.rates[i]);
1125 }
1126
1127 if (nla_put(skb, HWSIM_ATTR_TX_INFO,
1128 sizeof(struct hwsim_tx_rate)*IEEE80211_TX_MAX_RATES,
1129 tx_attempts))
1130 goto nla_put_failure;
1131
1132 if (nla_put(skb, HWSIM_ATTR_TX_INFO_FLAGS,
1133 sizeof(struct hwsim_tx_rate_flag) * IEEE80211_TX_MAX_RATES,
1134 tx_attempts_flags))
1135 goto nla_put_failure;
1136
1137
1138 data->pending_cookie++;
1139 cookie = data->pending_cookie;
1140 info->rate_driver_data[0] = (void *)cookie;
1141 if (nla_put_u64_64bit(skb, HWSIM_ATTR_COOKIE, cookie, HWSIM_ATTR_PAD))
1142 goto nla_put_failure;
1143
1144 genlmsg_end(skb, msg_head);
1145 if (hwsim_unicast_netgroup(data, skb, dst_portid))
1146 goto err_free_txskb;
1147
1148
1149 skb_queue_tail(&data->pending, my_skb);
1150 data->tx_pkts++;
1151 data->tx_bytes += my_skb->len;
1152 return;
1153
1154nla_put_failure:
1155 nlmsg_free(skb);
1156err_free_txskb:
1157 pr_debug("mac80211_hwsim: error occurred in %s\n", __func__);
1158 ieee80211_free_txskb(hw, my_skb);
1159 data->tx_failed++;
1160}
1161
1162static bool hwsim_chans_compat(struct ieee80211_channel *c1,
1163 struct ieee80211_channel *c2)
1164{
1165 if (!c1 || !c2)
1166 return false;
1167
1168 return c1->center_freq == c2->center_freq;
1169}
1170
1171struct tx_iter_data {
1172 struct ieee80211_channel *channel;
1173 bool receive;
1174};
1175
1176static void mac80211_hwsim_tx_iter(void *_data, u8 *addr,
1177 struct ieee80211_vif *vif)
1178{
1179 struct tx_iter_data *data = _data;
1180
1181 if (!vif->chanctx_conf)
1182 return;
1183
1184 if (!hwsim_chans_compat(data->channel,
1185 rcu_dereference(vif->chanctx_conf)->def.chan))
1186 return;
1187
1188 data->receive = true;
1189}
1190
1191static void mac80211_hwsim_add_vendor_rtap(struct sk_buff *skb)
1192{
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203#ifdef HWSIM_RADIOTAP_OUI
1204 struct ieee80211_vendor_radiotap *rtap;
1205
1206
1207
1208
1209
1210 rtap = skb_push(skb, sizeof(*rtap) + 8 + 4);
1211 rtap->oui[0] = HWSIM_RADIOTAP_OUI[0];
1212 rtap->oui[1] = HWSIM_RADIOTAP_OUI[1];
1213 rtap->oui[2] = HWSIM_RADIOTAP_OUI[2];
1214 rtap->subns = 127;
1215
1216
1217
1218
1219
1220
1221
1222 rtap->present = BIT(0);
1223
1224 rtap->len = 8;
1225
1226 rtap->align = 8;
1227
1228 rtap->pad = 4;
1229
1230 memcpy(rtap->data, "ABCDEFGH", 8);
1231
1232 memset(rtap->data + 8, 0, 4);
1233
1234 IEEE80211_SKB_RXCB(skb)->flag |= RX_FLAG_RADIOTAP_VENDOR_DATA;
1235#endif
1236}
1237
1238static bool mac80211_hwsim_tx_frame_no_nl(struct ieee80211_hw *hw,
1239 struct sk_buff *skb,
1240 struct ieee80211_channel *chan)
1241{
1242 struct mac80211_hwsim_data *data = hw->priv, *data2;
1243 bool ack = false;
1244 struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
1245 struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1246 struct ieee80211_rx_status rx_status;
1247 u64 now;
1248
1249 memset(&rx_status, 0, sizeof(rx_status));
1250 rx_status.flag |= RX_FLAG_MACTIME_START;
1251 rx_status.freq = chan->center_freq;
1252 rx_status.band = chan->band;
1253 if (info->control.rates[0].flags & IEEE80211_TX_RC_VHT_MCS) {
1254 rx_status.rate_idx =
1255 ieee80211_rate_get_vht_mcs(&info->control.rates[0]);
1256 rx_status.nss =
1257 ieee80211_rate_get_vht_nss(&info->control.rates[0]);
1258 rx_status.encoding = RX_ENC_VHT;
1259 } else {
1260 rx_status.rate_idx = info->control.rates[0].idx;
1261 if (info->control.rates[0].flags & IEEE80211_TX_RC_MCS)
1262 rx_status.encoding = RX_ENC_HT;
1263 }
1264 if (info->control.rates[0].flags & IEEE80211_TX_RC_40_MHZ_WIDTH)
1265 rx_status.bw = RATE_INFO_BW_40;
1266 else if (info->control.rates[0].flags & IEEE80211_TX_RC_80_MHZ_WIDTH)
1267 rx_status.bw = RATE_INFO_BW_80;
1268 else if (info->control.rates[0].flags & IEEE80211_TX_RC_160_MHZ_WIDTH)
1269 rx_status.bw = RATE_INFO_BW_160;
1270 else
1271 rx_status.bw = RATE_INFO_BW_20;
1272 if (info->control.rates[0].flags & IEEE80211_TX_RC_SHORT_GI)
1273 rx_status.enc_flags |= RX_ENC_FLAG_SHORT_GI;
1274
1275 rx_status.signal = -50;
1276 if (info->control.vif)
1277 rx_status.signal += info->control.vif->bss_conf.txpower;
1278
1279 if (data->ps != PS_DISABLED)
1280 hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PM);
1281
1282
1283 skb_orphan(skb);
1284 skb_dst_drop(skb);
1285 skb->mark = 0;
1286 secpath_reset(skb);
1287 nf_reset(skb);
1288
1289
1290
1291
1292
1293
1294
1295
1296 if (ieee80211_is_beacon(hdr->frame_control) ||
1297 ieee80211_is_probe_resp(hdr->frame_control))
1298 now = data->abs_bcn_ts;
1299 else
1300 now = mac80211_hwsim_get_tsf_raw();
1301
1302
1303 spin_lock(&hwsim_radio_lock);
1304 list_for_each_entry(data2, &hwsim_radios, list) {
1305 struct sk_buff *nskb;
1306 struct tx_iter_data tx_iter_data = {
1307 .receive = false,
1308 .channel = chan,
1309 };
1310
1311 if (data == data2)
1312 continue;
1313
1314 if (!data2->started || (data2->idle && !data2->tmp_chan) ||
1315 !hwsim_ps_rx_ok(data2, skb))
1316 continue;
1317
1318 if (!(data->group & data2->group))
1319 continue;
1320
1321 if (data->netgroup != data2->netgroup)
1322 continue;
1323
1324 if (!hwsim_chans_compat(chan, data2->tmp_chan) &&
1325 !hwsim_chans_compat(chan, data2->channel)) {
1326 ieee80211_iterate_active_interfaces_atomic(
1327 data2->hw, IEEE80211_IFACE_ITER_NORMAL,
1328 mac80211_hwsim_tx_iter, &tx_iter_data);
1329 if (!tx_iter_data.receive)
1330 continue;
1331 }
1332
1333
1334
1335
1336
1337 if (skb->len < PAGE_SIZE && paged_rx) {
1338 struct page *page = alloc_page(GFP_ATOMIC);
1339
1340 if (!page)
1341 continue;
1342
1343 nskb = dev_alloc_skb(128);
1344 if (!nskb) {
1345 __free_page(page);
1346 continue;
1347 }
1348
1349 memcpy(page_address(page), skb->data, skb->len);
1350 skb_add_rx_frag(nskb, 0, page, 0, skb->len, skb->len);
1351 } else {
1352 nskb = skb_copy(skb, GFP_ATOMIC);
1353 if (!nskb)
1354 continue;
1355 }
1356
1357 if (mac80211_hwsim_addr_match(data2, hdr->addr1))
1358 ack = true;
1359
1360 rx_status.mactime = now + data2->tsf_offset;
1361
1362 memcpy(IEEE80211_SKB_RXCB(nskb), &rx_status, sizeof(rx_status));
1363
1364 mac80211_hwsim_add_vendor_rtap(nskb);
1365
1366 data2->rx_pkts++;
1367 data2->rx_bytes += nskb->len;
1368 ieee80211_rx_irqsafe(data2->hw, nskb);
1369 }
1370 spin_unlock(&hwsim_radio_lock);
1371
1372 return ack;
1373}
1374
1375static void mac80211_hwsim_tx(struct ieee80211_hw *hw,
1376 struct ieee80211_tx_control *control,
1377 struct sk_buff *skb)
1378{
1379 struct mac80211_hwsim_data *data = hw->priv;
1380 struct ieee80211_tx_info *txi = IEEE80211_SKB_CB(skb);
1381 struct ieee80211_hdr *hdr = (void *)skb->data;
1382 struct ieee80211_chanctx_conf *chanctx_conf;
1383 struct ieee80211_channel *channel;
1384 bool ack;
1385 u32 _portid;
1386
1387 if (WARN_ON(skb->len < 10)) {
1388
1389 ieee80211_free_txskb(hw, skb);
1390 return;
1391 }
1392
1393 if (!data->use_chanctx) {
1394 channel = data->channel;
1395 } else if (txi->hw_queue == 4) {
1396 channel = data->tmp_chan;
1397 } else {
1398 chanctx_conf = rcu_dereference(txi->control.vif->chanctx_conf);
1399 if (chanctx_conf)
1400 channel = chanctx_conf->def.chan;
1401 else
1402 channel = NULL;
1403 }
1404
1405 if (WARN(!channel, "TX w/o channel - queue = %d\n", txi->hw_queue)) {
1406 ieee80211_free_txskb(hw, skb);
1407 return;
1408 }
1409
1410 if (data->idle && !data->tmp_chan) {
1411 wiphy_dbg(hw->wiphy, "Trying to TX when idle - reject\n");
1412 ieee80211_free_txskb(hw, skb);
1413 return;
1414 }
1415
1416 if (txi->control.vif)
1417 hwsim_check_magic(txi->control.vif);
1418 if (control->sta)
1419 hwsim_check_sta_magic(control->sta);
1420
1421 if (ieee80211_hw_check(hw, SUPPORTS_RC_TABLE))
1422 ieee80211_get_tx_rates(txi->control.vif, control->sta, skb,
1423 txi->control.rates,
1424 ARRAY_SIZE(txi->control.rates));
1425
1426 if (skb->len >= 24 + 8 &&
1427 ieee80211_is_probe_resp(hdr->frame_control)) {
1428
1429 struct ieee80211_mgmt *mgmt;
1430 struct ieee80211_rate *txrate;
1431 u64 ts;
1432
1433 mgmt = (struct ieee80211_mgmt *)skb->data;
1434 txrate = ieee80211_get_tx_rate(hw, txi);
1435 ts = mac80211_hwsim_get_tsf_raw();
1436 mgmt->u.probe_resp.timestamp =
1437 cpu_to_le64(ts + data->tsf_offset +
1438 24 * 8 * 10 / txrate->bitrate);
1439 }
1440
1441 mac80211_hwsim_monitor_rx(hw, skb, channel);
1442
1443
1444 _portid = READ_ONCE(data->wmediumd);
1445
1446 if (_portid)
1447 return mac80211_hwsim_tx_frame_nl(hw, skb, _portid);
1448
1449
1450 data->tx_pkts++;
1451 data->tx_bytes += skb->len;
1452 ack = mac80211_hwsim_tx_frame_no_nl(hw, skb, channel);
1453
1454 if (ack && skb->len >= 16)
1455 mac80211_hwsim_monitor_ack(channel, hdr->addr2);
1456
1457 ieee80211_tx_info_clear_status(txi);
1458
1459
1460 txi->control.rates[0].count = 1;
1461 txi->control.rates[1].idx = -1;
1462
1463 if (!(txi->flags & IEEE80211_TX_CTL_NO_ACK) && ack)
1464 txi->flags |= IEEE80211_TX_STAT_ACK;
1465 ieee80211_tx_status_irqsafe(hw, skb);
1466}
1467
1468
1469static int mac80211_hwsim_start(struct ieee80211_hw *hw)
1470{
1471 struct mac80211_hwsim_data *data = hw->priv;
1472 wiphy_dbg(hw->wiphy, "%s\n", __func__);
1473 data->started = true;
1474 return 0;
1475}
1476
1477
1478static void mac80211_hwsim_stop(struct ieee80211_hw *hw)
1479{
1480 struct mac80211_hwsim_data *data = hw->priv;
1481 data->started = false;
1482 tasklet_hrtimer_cancel(&data->beacon_timer);
1483 wiphy_dbg(hw->wiphy, "%s\n", __func__);
1484}
1485
1486
1487static int mac80211_hwsim_add_interface(struct ieee80211_hw *hw,
1488 struct ieee80211_vif *vif)
1489{
1490 wiphy_dbg(hw->wiphy, "%s (type=%d mac_addr=%pM)\n",
1491 __func__, ieee80211_vif_type_p2p(vif),
1492 vif->addr);
1493 hwsim_set_magic(vif);
1494
1495 vif->cab_queue = 0;
1496 vif->hw_queue[IEEE80211_AC_VO] = 0;
1497 vif->hw_queue[IEEE80211_AC_VI] = 1;
1498 vif->hw_queue[IEEE80211_AC_BE] = 2;
1499 vif->hw_queue[IEEE80211_AC_BK] = 3;
1500
1501 return 0;
1502}
1503
1504
1505static int mac80211_hwsim_change_interface(struct ieee80211_hw *hw,
1506 struct ieee80211_vif *vif,
1507 enum nl80211_iftype newtype,
1508 bool newp2p)
1509{
1510 newtype = ieee80211_iftype_p2p(newtype, newp2p);
1511 wiphy_dbg(hw->wiphy,
1512 "%s (old type=%d, new type=%d, mac_addr=%pM)\n",
1513 __func__, ieee80211_vif_type_p2p(vif),
1514 newtype, vif->addr);
1515 hwsim_check_magic(vif);
1516
1517
1518
1519
1520
1521 vif->cab_queue = 0;
1522
1523 return 0;
1524}
1525
1526static void mac80211_hwsim_remove_interface(
1527 struct ieee80211_hw *hw, struct ieee80211_vif *vif)
1528{
1529 wiphy_dbg(hw->wiphy, "%s (type=%d mac_addr=%pM)\n",
1530 __func__, ieee80211_vif_type_p2p(vif),
1531 vif->addr);
1532 hwsim_check_magic(vif);
1533 hwsim_clear_magic(vif);
1534}
1535
1536static void mac80211_hwsim_tx_frame(struct ieee80211_hw *hw,
1537 struct sk_buff *skb,
1538 struct ieee80211_channel *chan)
1539{
1540 struct mac80211_hwsim_data *data = hw->priv;
1541 u32 _pid = READ_ONCE(data->wmediumd);
1542
1543 if (ieee80211_hw_check(hw, SUPPORTS_RC_TABLE)) {
1544 struct ieee80211_tx_info *txi = IEEE80211_SKB_CB(skb);
1545 ieee80211_get_tx_rates(txi->control.vif, NULL, skb,
1546 txi->control.rates,
1547 ARRAY_SIZE(txi->control.rates));
1548 }
1549
1550 mac80211_hwsim_monitor_rx(hw, skb, chan);
1551
1552 if (_pid)
1553 return mac80211_hwsim_tx_frame_nl(hw, skb, _pid);
1554
1555 mac80211_hwsim_tx_frame_no_nl(hw, skb, chan);
1556 dev_kfree_skb(skb);
1557}
1558
1559static void mac80211_hwsim_beacon_tx(void *arg, u8 *mac,
1560 struct ieee80211_vif *vif)
1561{
1562 struct mac80211_hwsim_data *data = arg;
1563 struct ieee80211_hw *hw = data->hw;
1564 struct ieee80211_tx_info *info;
1565 struct ieee80211_rate *txrate;
1566 struct ieee80211_mgmt *mgmt;
1567 struct sk_buff *skb;
1568
1569 hwsim_check_magic(vif);
1570
1571 if (vif->type != NL80211_IFTYPE_AP &&
1572 vif->type != NL80211_IFTYPE_MESH_POINT &&
1573 vif->type != NL80211_IFTYPE_ADHOC)
1574 return;
1575
1576 skb = ieee80211_beacon_get(hw, vif);
1577 if (skb == NULL)
1578 return;
1579 info = IEEE80211_SKB_CB(skb);
1580 if (ieee80211_hw_check(hw, SUPPORTS_RC_TABLE))
1581 ieee80211_get_tx_rates(vif, NULL, skb,
1582 info->control.rates,
1583 ARRAY_SIZE(info->control.rates));
1584
1585 txrate = ieee80211_get_tx_rate(hw, info);
1586
1587 mgmt = (struct ieee80211_mgmt *) skb->data;
1588
1589 data->abs_bcn_ts = mac80211_hwsim_get_tsf_raw();
1590 mgmt->u.beacon.timestamp = cpu_to_le64(data->abs_bcn_ts +
1591 data->tsf_offset +
1592 24 * 8 * 10 / txrate->bitrate);
1593
1594 mac80211_hwsim_tx_frame(hw, skb,
1595 rcu_dereference(vif->chanctx_conf)->def.chan);
1596
1597 if (vif->csa_active && ieee80211_csa_is_complete(vif))
1598 ieee80211_csa_finish(vif);
1599}
1600
1601static enum hrtimer_restart
1602mac80211_hwsim_beacon(struct hrtimer *timer)
1603{
1604 struct mac80211_hwsim_data *data =
1605 container_of(timer, struct mac80211_hwsim_data,
1606 beacon_timer.timer);
1607 struct ieee80211_hw *hw = data->hw;
1608 u64 bcn_int = data->beacon_int;
1609 ktime_t next_bcn;
1610
1611 if (!data->started)
1612 goto out;
1613
1614 ieee80211_iterate_active_interfaces_atomic(
1615 hw, IEEE80211_IFACE_ITER_NORMAL,
1616 mac80211_hwsim_beacon_tx, data);
1617
1618
1619 if (data->bcn_delta) {
1620 bcn_int -= data->bcn_delta;
1621 data->bcn_delta = 0;
1622 }
1623
1624 next_bcn = ktime_add(hrtimer_get_expires(timer),
1625 ns_to_ktime(bcn_int * 1000));
1626 tasklet_hrtimer_start(&data->beacon_timer, next_bcn, HRTIMER_MODE_ABS);
1627out:
1628 return HRTIMER_NORESTART;
1629}
1630
1631static const char * const hwsim_chanwidths[] = {
1632 [NL80211_CHAN_WIDTH_20_NOHT] = "noht",
1633 [NL80211_CHAN_WIDTH_20] = "ht20",
1634 [NL80211_CHAN_WIDTH_40] = "ht40",
1635 [NL80211_CHAN_WIDTH_80] = "vht80",
1636 [NL80211_CHAN_WIDTH_80P80] = "vht80p80",
1637 [NL80211_CHAN_WIDTH_160] = "vht160",
1638};
1639
1640static int mac80211_hwsim_config(struct ieee80211_hw *hw, u32 changed)
1641{
1642 struct mac80211_hwsim_data *data = hw->priv;
1643 struct ieee80211_conf *conf = &hw->conf;
1644 static const char *smps_modes[IEEE80211_SMPS_NUM_MODES] = {
1645 [IEEE80211_SMPS_AUTOMATIC] = "auto",
1646 [IEEE80211_SMPS_OFF] = "off",
1647 [IEEE80211_SMPS_STATIC] = "static",
1648 [IEEE80211_SMPS_DYNAMIC] = "dynamic",
1649 };
1650 int idx;
1651
1652 if (conf->chandef.chan)
1653 wiphy_dbg(hw->wiphy,
1654 "%s (freq=%d(%d - %d)/%s idle=%d ps=%d smps=%s)\n",
1655 __func__,
1656 conf->chandef.chan->center_freq,
1657 conf->chandef.center_freq1,
1658 conf->chandef.center_freq2,
1659 hwsim_chanwidths[conf->chandef.width],
1660 !!(conf->flags & IEEE80211_CONF_IDLE),
1661 !!(conf->flags & IEEE80211_CONF_PS),
1662 smps_modes[conf->smps_mode]);
1663 else
1664 wiphy_dbg(hw->wiphy,
1665 "%s (freq=0 idle=%d ps=%d smps=%s)\n",
1666 __func__,
1667 !!(conf->flags & IEEE80211_CONF_IDLE),
1668 !!(conf->flags & IEEE80211_CONF_PS),
1669 smps_modes[conf->smps_mode]);
1670
1671 data->idle = !!(conf->flags & IEEE80211_CONF_IDLE);
1672
1673 WARN_ON(conf->chandef.chan && data->use_chanctx);
1674
1675 mutex_lock(&data->mutex);
1676 if (data->scanning && conf->chandef.chan) {
1677 for (idx = 0; idx < ARRAY_SIZE(data->survey_data); idx++) {
1678 if (data->survey_data[idx].channel == data->channel) {
1679 data->survey_data[idx].start =
1680 data->survey_data[idx].next_start;
1681 data->survey_data[idx].end = jiffies;
1682 break;
1683 }
1684 }
1685
1686 data->channel = conf->chandef.chan;
1687
1688 for (idx = 0; idx < ARRAY_SIZE(data->survey_data); idx++) {
1689 if (data->survey_data[idx].channel &&
1690 data->survey_data[idx].channel != data->channel)
1691 continue;
1692 data->survey_data[idx].channel = data->channel;
1693 data->survey_data[idx].next_start = jiffies;
1694 break;
1695 }
1696 } else {
1697 data->channel = conf->chandef.chan;
1698 }
1699 mutex_unlock(&data->mutex);
1700
1701 if (!data->started || !data->beacon_int)
1702 tasklet_hrtimer_cancel(&data->beacon_timer);
1703 else if (!hrtimer_is_queued(&data->beacon_timer.timer)) {
1704 u64 tsf = mac80211_hwsim_get_tsf(hw, NULL);
1705 u32 bcn_int = data->beacon_int;
1706 u64 until_tbtt = bcn_int - do_div(tsf, bcn_int);
1707
1708 tasklet_hrtimer_start(&data->beacon_timer,
1709 ns_to_ktime(until_tbtt * 1000),
1710 HRTIMER_MODE_REL);
1711 }
1712
1713 return 0;
1714}
1715
1716
1717static void mac80211_hwsim_configure_filter(struct ieee80211_hw *hw,
1718 unsigned int changed_flags,
1719 unsigned int *total_flags,u64 multicast)
1720{
1721 struct mac80211_hwsim_data *data = hw->priv;
1722
1723 wiphy_dbg(hw->wiphy, "%s\n", __func__);
1724
1725 data->rx_filter = 0;
1726 if (*total_flags & FIF_ALLMULTI)
1727 data->rx_filter |= FIF_ALLMULTI;
1728
1729 *total_flags = data->rx_filter;
1730}
1731
1732static void mac80211_hwsim_bcn_en_iter(void *data, u8 *mac,
1733 struct ieee80211_vif *vif)
1734{
1735 unsigned int *count = data;
1736 struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
1737
1738 if (vp->bcn_en)
1739 (*count)++;
1740}
1741
1742static void mac80211_hwsim_bss_info_changed(struct ieee80211_hw *hw,
1743 struct ieee80211_vif *vif,
1744 struct ieee80211_bss_conf *info,
1745 u32 changed)
1746{
1747 struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
1748 struct mac80211_hwsim_data *data = hw->priv;
1749
1750 hwsim_check_magic(vif);
1751
1752 wiphy_dbg(hw->wiphy, "%s(changed=0x%x vif->addr=%pM)\n",
1753 __func__, changed, vif->addr);
1754
1755 if (changed & BSS_CHANGED_BSSID) {
1756 wiphy_dbg(hw->wiphy, "%s: BSSID changed: %pM\n",
1757 __func__, info->bssid);
1758 memcpy(vp->bssid, info->bssid, ETH_ALEN);
1759 }
1760
1761 if (changed & BSS_CHANGED_ASSOC) {
1762 wiphy_dbg(hw->wiphy, " ASSOC: assoc=%d aid=%d\n",
1763 info->assoc, info->aid);
1764 vp->assoc = info->assoc;
1765 vp->aid = info->aid;
1766 }
1767
1768 if (changed & BSS_CHANGED_BEACON_ENABLED) {
1769 wiphy_dbg(hw->wiphy, " BCN EN: %d (BI=%u)\n",
1770 info->enable_beacon, info->beacon_int);
1771 vp->bcn_en = info->enable_beacon;
1772 if (data->started &&
1773 !hrtimer_is_queued(&data->beacon_timer.timer) &&
1774 info->enable_beacon) {
1775 u64 tsf, until_tbtt;
1776 u32 bcn_int;
1777 data->beacon_int = info->beacon_int * 1024;
1778 tsf = mac80211_hwsim_get_tsf(hw, vif);
1779 bcn_int = data->beacon_int;
1780 until_tbtt = bcn_int - do_div(tsf, bcn_int);
1781 tasklet_hrtimer_start(&data->beacon_timer,
1782 ns_to_ktime(until_tbtt * 1000),
1783 HRTIMER_MODE_REL);
1784 } else if (!info->enable_beacon) {
1785 unsigned int count = 0;
1786 ieee80211_iterate_active_interfaces_atomic(
1787 data->hw, IEEE80211_IFACE_ITER_NORMAL,
1788 mac80211_hwsim_bcn_en_iter, &count);
1789 wiphy_dbg(hw->wiphy, " beaconing vifs remaining: %u",
1790 count);
1791 if (count == 0) {
1792 tasklet_hrtimer_cancel(&data->beacon_timer);
1793 data->beacon_int = 0;
1794 }
1795 }
1796 }
1797
1798 if (changed & BSS_CHANGED_ERP_CTS_PROT) {
1799 wiphy_dbg(hw->wiphy, " ERP_CTS_PROT: %d\n",
1800 info->use_cts_prot);
1801 }
1802
1803 if (changed & BSS_CHANGED_ERP_PREAMBLE) {
1804 wiphy_dbg(hw->wiphy, " ERP_PREAMBLE: %d\n",
1805 info->use_short_preamble);
1806 }
1807
1808 if (changed & BSS_CHANGED_ERP_SLOT) {
1809 wiphy_dbg(hw->wiphy, " ERP_SLOT: %d\n", info->use_short_slot);
1810 }
1811
1812 if (changed & BSS_CHANGED_HT) {
1813 wiphy_dbg(hw->wiphy, " HT: op_mode=0x%x\n",
1814 info->ht_operation_mode);
1815 }
1816
1817 if (changed & BSS_CHANGED_BASIC_RATES) {
1818 wiphy_dbg(hw->wiphy, " BASIC_RATES: 0x%llx\n",
1819 (unsigned long long) info->basic_rates);
1820 }
1821
1822 if (changed & BSS_CHANGED_TXPOWER)
1823 wiphy_dbg(hw->wiphy, " TX Power: %d dBm\n", info->txpower);
1824}
1825
1826static int mac80211_hwsim_sta_add(struct ieee80211_hw *hw,
1827 struct ieee80211_vif *vif,
1828 struct ieee80211_sta *sta)
1829{
1830 hwsim_check_magic(vif);
1831 hwsim_set_sta_magic(sta);
1832
1833 return 0;
1834}
1835
1836static int mac80211_hwsim_sta_remove(struct ieee80211_hw *hw,
1837 struct ieee80211_vif *vif,
1838 struct ieee80211_sta *sta)
1839{
1840 hwsim_check_magic(vif);
1841 hwsim_clear_sta_magic(sta);
1842
1843 return 0;
1844}
1845
1846static void mac80211_hwsim_sta_notify(struct ieee80211_hw *hw,
1847 struct ieee80211_vif *vif,
1848 enum sta_notify_cmd cmd,
1849 struct ieee80211_sta *sta)
1850{
1851 hwsim_check_magic(vif);
1852
1853 switch (cmd) {
1854 case STA_NOTIFY_SLEEP:
1855 case STA_NOTIFY_AWAKE:
1856
1857 break;
1858 default:
1859 WARN(1, "Invalid sta notify: %d\n", cmd);
1860 break;
1861 }
1862}
1863
1864static int mac80211_hwsim_set_tim(struct ieee80211_hw *hw,
1865 struct ieee80211_sta *sta,
1866 bool set)
1867{
1868 hwsim_check_sta_magic(sta);
1869 return 0;
1870}
1871
1872static int mac80211_hwsim_conf_tx(
1873 struct ieee80211_hw *hw,
1874 struct ieee80211_vif *vif, u16 queue,
1875 const struct ieee80211_tx_queue_params *params)
1876{
1877 wiphy_dbg(hw->wiphy,
1878 "%s (queue=%d txop=%d cw_min=%d cw_max=%d aifs=%d)\n",
1879 __func__, queue,
1880 params->txop, params->cw_min,
1881 params->cw_max, params->aifs);
1882 return 0;
1883}
1884
1885static int mac80211_hwsim_get_survey(struct ieee80211_hw *hw, int idx,
1886 struct survey_info *survey)
1887{
1888 struct mac80211_hwsim_data *hwsim = hw->priv;
1889
1890 if (idx < 0 || idx >= ARRAY_SIZE(hwsim->survey_data))
1891 return -ENOENT;
1892
1893 mutex_lock(&hwsim->mutex);
1894 survey->channel = hwsim->survey_data[idx].channel;
1895 if (!survey->channel) {
1896 mutex_unlock(&hwsim->mutex);
1897 return -ENOENT;
1898 }
1899
1900
1901
1902
1903
1904
1905
1906 survey->filled = SURVEY_INFO_NOISE_DBM |
1907 SURVEY_INFO_TIME |
1908 SURVEY_INFO_TIME_BUSY;
1909 survey->noise = -92;
1910 survey->time =
1911 jiffies_to_msecs(hwsim->survey_data[idx].end -
1912 hwsim->survey_data[idx].start);
1913
1914 survey->time_busy = survey->time/8;
1915 mutex_unlock(&hwsim->mutex);
1916
1917 return 0;
1918}
1919
1920#ifdef CONFIG_NL80211_TESTMODE
1921
1922
1923
1924
1925
1926
1927enum hwsim_testmode_attr {
1928 __HWSIM_TM_ATTR_INVALID = 0,
1929 HWSIM_TM_ATTR_CMD = 1,
1930 HWSIM_TM_ATTR_PS = 2,
1931
1932
1933 __HWSIM_TM_ATTR_AFTER_LAST,
1934 HWSIM_TM_ATTR_MAX = __HWSIM_TM_ATTR_AFTER_LAST - 1
1935};
1936
1937enum hwsim_testmode_cmd {
1938 HWSIM_TM_CMD_SET_PS = 0,
1939 HWSIM_TM_CMD_GET_PS = 1,
1940 HWSIM_TM_CMD_STOP_QUEUES = 2,
1941 HWSIM_TM_CMD_WAKE_QUEUES = 3,
1942};
1943
1944static const struct nla_policy hwsim_testmode_policy[HWSIM_TM_ATTR_MAX + 1] = {
1945 [HWSIM_TM_ATTR_CMD] = { .type = NLA_U32 },
1946 [HWSIM_TM_ATTR_PS] = { .type = NLA_U32 },
1947};
1948
1949static int mac80211_hwsim_testmode_cmd(struct ieee80211_hw *hw,
1950 struct ieee80211_vif *vif,
1951 void *data, int len)
1952{
1953 struct mac80211_hwsim_data *hwsim = hw->priv;
1954 struct nlattr *tb[HWSIM_TM_ATTR_MAX + 1];
1955 struct sk_buff *skb;
1956 int err, ps;
1957
1958 err = nla_parse(tb, HWSIM_TM_ATTR_MAX, data, len,
1959 hwsim_testmode_policy, NULL);
1960 if (err)
1961 return err;
1962
1963 if (!tb[HWSIM_TM_ATTR_CMD])
1964 return -EINVAL;
1965
1966 switch (nla_get_u32(tb[HWSIM_TM_ATTR_CMD])) {
1967 case HWSIM_TM_CMD_SET_PS:
1968 if (!tb[HWSIM_TM_ATTR_PS])
1969 return -EINVAL;
1970 ps = nla_get_u32(tb[HWSIM_TM_ATTR_PS]);
1971 return hwsim_fops_ps_write(hwsim, ps);
1972 case HWSIM_TM_CMD_GET_PS:
1973 skb = cfg80211_testmode_alloc_reply_skb(hw->wiphy,
1974 nla_total_size(sizeof(u32)));
1975 if (!skb)
1976 return -ENOMEM;
1977 if (nla_put_u32(skb, HWSIM_TM_ATTR_PS, hwsim->ps))
1978 goto nla_put_failure;
1979 return cfg80211_testmode_reply(skb);
1980 case HWSIM_TM_CMD_STOP_QUEUES:
1981 ieee80211_stop_queues(hw);
1982 return 0;
1983 case HWSIM_TM_CMD_WAKE_QUEUES:
1984 ieee80211_wake_queues(hw);
1985 return 0;
1986 default:
1987 return -EOPNOTSUPP;
1988 }
1989
1990 nla_put_failure:
1991 kfree_skb(skb);
1992 return -ENOBUFS;
1993}
1994#endif
1995
1996static int mac80211_hwsim_ampdu_action(struct ieee80211_hw *hw,
1997 struct ieee80211_vif *vif,
1998 struct ieee80211_ampdu_params *params)
1999{
2000 struct ieee80211_sta *sta = params->sta;
2001 enum ieee80211_ampdu_mlme_action action = params->action;
2002 u16 tid = params->tid;
2003
2004 switch (action) {
2005 case IEEE80211_AMPDU_TX_START:
2006 ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid);
2007 break;
2008 case IEEE80211_AMPDU_TX_STOP_CONT:
2009 case IEEE80211_AMPDU_TX_STOP_FLUSH:
2010 case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
2011 ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
2012 break;
2013 case IEEE80211_AMPDU_TX_OPERATIONAL:
2014 break;
2015 case IEEE80211_AMPDU_RX_START:
2016 case IEEE80211_AMPDU_RX_STOP:
2017 break;
2018 default:
2019 return -EOPNOTSUPP;
2020 }
2021
2022 return 0;
2023}
2024
2025static void mac80211_hwsim_flush(struct ieee80211_hw *hw,
2026 struct ieee80211_vif *vif,
2027 u32 queues, bool drop)
2028{
2029
2030}
2031
2032static void hw_scan_work(struct work_struct *work)
2033{
2034 struct mac80211_hwsim_data *hwsim =
2035 container_of(work, struct mac80211_hwsim_data, hw_scan.work);
2036 struct cfg80211_scan_request *req = hwsim->hw_scan_request;
2037 int dwell, i;
2038
2039 mutex_lock(&hwsim->mutex);
2040 if (hwsim->scan_chan_idx >= req->n_channels) {
2041 struct cfg80211_scan_info info = {
2042 .aborted = false,
2043 };
2044
2045 wiphy_dbg(hwsim->hw->wiphy, "hw scan complete\n");
2046 ieee80211_scan_completed(hwsim->hw, &info);
2047 hwsim->hw_scan_request = NULL;
2048 hwsim->hw_scan_vif = NULL;
2049 hwsim->tmp_chan = NULL;
2050 mutex_unlock(&hwsim->mutex);
2051 return;
2052 }
2053
2054 wiphy_dbg(hwsim->hw->wiphy, "hw scan %d MHz\n",
2055 req->channels[hwsim->scan_chan_idx]->center_freq);
2056
2057 hwsim->tmp_chan = req->channels[hwsim->scan_chan_idx];
2058 if (hwsim->tmp_chan->flags & (IEEE80211_CHAN_NO_IR |
2059 IEEE80211_CHAN_RADAR) ||
2060 !req->n_ssids) {
2061 dwell = 120;
2062 } else {
2063 dwell = 30;
2064
2065 for (i = 0; i < req->n_ssids; i++) {
2066 struct sk_buff *probe;
2067 struct ieee80211_mgmt *mgmt;
2068
2069 probe = ieee80211_probereq_get(hwsim->hw,
2070 hwsim->scan_addr,
2071 req->ssids[i].ssid,
2072 req->ssids[i].ssid_len,
2073 req->ie_len);
2074 if (!probe)
2075 continue;
2076
2077 mgmt = (struct ieee80211_mgmt *) probe->data;
2078 memcpy(mgmt->da, req->bssid, ETH_ALEN);
2079 memcpy(mgmt->bssid, req->bssid, ETH_ALEN);
2080
2081 if (req->ie_len)
2082 skb_put_data(probe, req->ie, req->ie_len);
2083
2084 local_bh_disable();
2085 mac80211_hwsim_tx_frame(hwsim->hw, probe,
2086 hwsim->tmp_chan);
2087 local_bh_enable();
2088 }
2089 }
2090 ieee80211_queue_delayed_work(hwsim->hw, &hwsim->hw_scan,
2091 msecs_to_jiffies(dwell));
2092 hwsim->survey_data[hwsim->scan_chan_idx].channel = hwsim->tmp_chan;
2093 hwsim->survey_data[hwsim->scan_chan_idx].start = jiffies;
2094 hwsim->survey_data[hwsim->scan_chan_idx].end =
2095 jiffies + msecs_to_jiffies(dwell);
2096 hwsim->scan_chan_idx++;
2097 mutex_unlock(&hwsim->mutex);
2098}
2099
2100static int mac80211_hwsim_hw_scan(struct ieee80211_hw *hw,
2101 struct ieee80211_vif *vif,
2102 struct ieee80211_scan_request *hw_req)
2103{
2104 struct mac80211_hwsim_data *hwsim = hw->priv;
2105 struct cfg80211_scan_request *req = &hw_req->req;
2106
2107 mutex_lock(&hwsim->mutex);
2108 if (WARN_ON(hwsim->tmp_chan || hwsim->hw_scan_request)) {
2109 mutex_unlock(&hwsim->mutex);
2110 return -EBUSY;
2111 }
2112 hwsim->hw_scan_request = req;
2113 hwsim->hw_scan_vif = vif;
2114 hwsim->scan_chan_idx = 0;
2115 if (req->flags & NL80211_SCAN_FLAG_RANDOM_ADDR)
2116 get_random_mask_addr(hwsim->scan_addr,
2117 hw_req->req.mac_addr,
2118 hw_req->req.mac_addr_mask);
2119 else
2120 memcpy(hwsim->scan_addr, vif->addr, ETH_ALEN);
2121 memset(hwsim->survey_data, 0, sizeof(hwsim->survey_data));
2122 mutex_unlock(&hwsim->mutex);
2123
2124 wiphy_dbg(hw->wiphy, "hwsim hw_scan request\n");
2125
2126 ieee80211_queue_delayed_work(hwsim->hw, &hwsim->hw_scan, 0);
2127
2128 return 0;
2129}
2130
2131static void mac80211_hwsim_cancel_hw_scan(struct ieee80211_hw *hw,
2132 struct ieee80211_vif *vif)
2133{
2134 struct mac80211_hwsim_data *hwsim = hw->priv;
2135 struct cfg80211_scan_info info = {
2136 .aborted = true,
2137 };
2138
2139 wiphy_dbg(hw->wiphy, "hwsim cancel_hw_scan\n");
2140
2141 cancel_delayed_work_sync(&hwsim->hw_scan);
2142
2143 mutex_lock(&hwsim->mutex);
2144 ieee80211_scan_completed(hwsim->hw, &info);
2145 hwsim->tmp_chan = NULL;
2146 hwsim->hw_scan_request = NULL;
2147 hwsim->hw_scan_vif = NULL;
2148 mutex_unlock(&hwsim->mutex);
2149}
2150
2151static void mac80211_hwsim_sw_scan(struct ieee80211_hw *hw,
2152 struct ieee80211_vif *vif,
2153 const u8 *mac_addr)
2154{
2155 struct mac80211_hwsim_data *hwsim = hw->priv;
2156
2157 mutex_lock(&hwsim->mutex);
2158
2159 if (hwsim->scanning) {
2160 pr_debug("two hwsim sw_scans detected!\n");
2161 goto out;
2162 }
2163
2164 pr_debug("hwsim sw_scan request, prepping stuff\n");
2165
2166 memcpy(hwsim->scan_addr, mac_addr, ETH_ALEN);
2167 hwsim->scanning = true;
2168 memset(hwsim->survey_data, 0, sizeof(hwsim->survey_data));
2169
2170out:
2171 mutex_unlock(&hwsim->mutex);
2172}
2173
2174static void mac80211_hwsim_sw_scan_complete(struct ieee80211_hw *hw,
2175 struct ieee80211_vif *vif)
2176{
2177 struct mac80211_hwsim_data *hwsim = hw->priv;
2178
2179 mutex_lock(&hwsim->mutex);
2180
2181 pr_debug("hwsim sw_scan_complete\n");
2182 hwsim->scanning = false;
2183 eth_zero_addr(hwsim->scan_addr);
2184
2185 mutex_unlock(&hwsim->mutex);
2186}
2187
2188static void hw_roc_start(struct work_struct *work)
2189{
2190 struct mac80211_hwsim_data *hwsim =
2191 container_of(work, struct mac80211_hwsim_data, roc_start.work);
2192
2193 mutex_lock(&hwsim->mutex);
2194
2195 wiphy_dbg(hwsim->hw->wiphy, "hwsim ROC begins\n");
2196 hwsim->tmp_chan = hwsim->roc_chan;
2197 ieee80211_ready_on_channel(hwsim->hw);
2198
2199 ieee80211_queue_delayed_work(hwsim->hw, &hwsim->roc_done,
2200 msecs_to_jiffies(hwsim->roc_duration));
2201
2202 mutex_unlock(&hwsim->mutex);
2203}
2204
2205static void hw_roc_done(struct work_struct *work)
2206{
2207 struct mac80211_hwsim_data *hwsim =
2208 container_of(work, struct mac80211_hwsim_data, roc_done.work);
2209
2210 mutex_lock(&hwsim->mutex);
2211 ieee80211_remain_on_channel_expired(hwsim->hw);
2212 hwsim->tmp_chan = NULL;
2213 mutex_unlock(&hwsim->mutex);
2214
2215 wiphy_dbg(hwsim->hw->wiphy, "hwsim ROC expired\n");
2216}
2217
2218static int mac80211_hwsim_roc(struct ieee80211_hw *hw,
2219 struct ieee80211_vif *vif,
2220 struct ieee80211_channel *chan,
2221 int duration,
2222 enum ieee80211_roc_type type)
2223{
2224 struct mac80211_hwsim_data *hwsim = hw->priv;
2225
2226 mutex_lock(&hwsim->mutex);
2227 if (WARN_ON(hwsim->tmp_chan || hwsim->hw_scan_request)) {
2228 mutex_unlock(&hwsim->mutex);
2229 return -EBUSY;
2230 }
2231
2232 hwsim->roc_chan = chan;
2233 hwsim->roc_duration = duration;
2234 mutex_unlock(&hwsim->mutex);
2235
2236 wiphy_dbg(hw->wiphy, "hwsim ROC (%d MHz, %d ms)\n",
2237 chan->center_freq, duration);
2238 ieee80211_queue_delayed_work(hw, &hwsim->roc_start, HZ/50);
2239
2240 return 0;
2241}
2242
2243static int mac80211_hwsim_croc(struct ieee80211_hw *hw)
2244{
2245 struct mac80211_hwsim_data *hwsim = hw->priv;
2246
2247 cancel_delayed_work_sync(&hwsim->roc_start);
2248 cancel_delayed_work_sync(&hwsim->roc_done);
2249
2250 mutex_lock(&hwsim->mutex);
2251 hwsim->tmp_chan = NULL;
2252 mutex_unlock(&hwsim->mutex);
2253
2254 wiphy_dbg(hw->wiphy, "hwsim ROC canceled\n");
2255
2256 return 0;
2257}
2258
2259static int mac80211_hwsim_add_chanctx(struct ieee80211_hw *hw,
2260 struct ieee80211_chanctx_conf *ctx)
2261{
2262 hwsim_set_chanctx_magic(ctx);
2263 wiphy_dbg(hw->wiphy,
2264 "add channel context control: %d MHz/width: %d/cfreqs:%d/%d MHz\n",
2265 ctx->def.chan->center_freq, ctx->def.width,
2266 ctx->def.center_freq1, ctx->def.center_freq2);
2267 return 0;
2268}
2269
2270static void mac80211_hwsim_remove_chanctx(struct ieee80211_hw *hw,
2271 struct ieee80211_chanctx_conf *ctx)
2272{
2273 wiphy_dbg(hw->wiphy,
2274 "remove channel context control: %d MHz/width: %d/cfreqs:%d/%d MHz\n",
2275 ctx->def.chan->center_freq, ctx->def.width,
2276 ctx->def.center_freq1, ctx->def.center_freq2);
2277 hwsim_check_chanctx_magic(ctx);
2278 hwsim_clear_chanctx_magic(ctx);
2279}
2280
2281static void mac80211_hwsim_change_chanctx(struct ieee80211_hw *hw,
2282 struct ieee80211_chanctx_conf *ctx,
2283 u32 changed)
2284{
2285 hwsim_check_chanctx_magic(ctx);
2286 wiphy_dbg(hw->wiphy,
2287 "change channel context control: %d MHz/width: %d/cfreqs:%d/%d MHz\n",
2288 ctx->def.chan->center_freq, ctx->def.width,
2289 ctx->def.center_freq1, ctx->def.center_freq2);
2290}
2291
2292static int mac80211_hwsim_assign_vif_chanctx(struct ieee80211_hw *hw,
2293 struct ieee80211_vif *vif,
2294 struct ieee80211_chanctx_conf *ctx)
2295{
2296 hwsim_check_magic(vif);
2297 hwsim_check_chanctx_magic(ctx);
2298
2299 return 0;
2300}
2301
2302static void mac80211_hwsim_unassign_vif_chanctx(struct ieee80211_hw *hw,
2303 struct ieee80211_vif *vif,
2304 struct ieee80211_chanctx_conf *ctx)
2305{
2306 hwsim_check_magic(vif);
2307 hwsim_check_chanctx_magic(ctx);
2308}
2309
2310static const char mac80211_hwsim_gstrings_stats[][ETH_GSTRING_LEN] = {
2311 "tx_pkts_nic",
2312 "tx_bytes_nic",
2313 "rx_pkts_nic",
2314 "rx_bytes_nic",
2315 "d_tx_dropped",
2316 "d_tx_failed",
2317 "d_ps_mode",
2318 "d_group",
2319};
2320
2321#define MAC80211_HWSIM_SSTATS_LEN ARRAY_SIZE(mac80211_hwsim_gstrings_stats)
2322
2323static void mac80211_hwsim_get_et_strings(struct ieee80211_hw *hw,
2324 struct ieee80211_vif *vif,
2325 u32 sset, u8 *data)
2326{
2327 if (sset == ETH_SS_STATS)
2328 memcpy(data, *mac80211_hwsim_gstrings_stats,
2329 sizeof(mac80211_hwsim_gstrings_stats));
2330}
2331
2332static int mac80211_hwsim_get_et_sset_count(struct ieee80211_hw *hw,
2333 struct ieee80211_vif *vif, int sset)
2334{
2335 if (sset == ETH_SS_STATS)
2336 return MAC80211_HWSIM_SSTATS_LEN;
2337 return 0;
2338}
2339
2340static void mac80211_hwsim_get_et_stats(struct ieee80211_hw *hw,
2341 struct ieee80211_vif *vif,
2342 struct ethtool_stats *stats, u64 *data)
2343{
2344 struct mac80211_hwsim_data *ar = hw->priv;
2345 int i = 0;
2346
2347 data[i++] = ar->tx_pkts;
2348 data[i++] = ar->tx_bytes;
2349 data[i++] = ar->rx_pkts;
2350 data[i++] = ar->rx_bytes;
2351 data[i++] = ar->tx_dropped;
2352 data[i++] = ar->tx_failed;
2353 data[i++] = ar->ps;
2354 data[i++] = ar->group;
2355
2356 WARN_ON(i != MAC80211_HWSIM_SSTATS_LEN);
2357}
2358
2359#define HWSIM_COMMON_OPS \
2360 .tx = mac80211_hwsim_tx, \
2361 .start = mac80211_hwsim_start, \
2362 .stop = mac80211_hwsim_stop, \
2363 .add_interface = mac80211_hwsim_add_interface, \
2364 .change_interface = mac80211_hwsim_change_interface, \
2365 .remove_interface = mac80211_hwsim_remove_interface, \
2366 .config = mac80211_hwsim_config, \
2367 .configure_filter = mac80211_hwsim_configure_filter, \
2368 .bss_info_changed = mac80211_hwsim_bss_info_changed, \
2369 .sta_add = mac80211_hwsim_sta_add, \
2370 .sta_remove = mac80211_hwsim_sta_remove, \
2371 .sta_notify = mac80211_hwsim_sta_notify, \
2372 .set_tim = mac80211_hwsim_set_tim, \
2373 .conf_tx = mac80211_hwsim_conf_tx, \
2374 .get_survey = mac80211_hwsim_get_survey, \
2375 CFG80211_TESTMODE_CMD(mac80211_hwsim_testmode_cmd) \
2376 .ampdu_action = mac80211_hwsim_ampdu_action, \
2377 .flush = mac80211_hwsim_flush, \
2378 .get_tsf = mac80211_hwsim_get_tsf, \
2379 .set_tsf = mac80211_hwsim_set_tsf, \
2380 .get_et_sset_count = mac80211_hwsim_get_et_sset_count, \
2381 .get_et_stats = mac80211_hwsim_get_et_stats, \
2382 .get_et_strings = mac80211_hwsim_get_et_strings,
2383
2384static const struct ieee80211_ops mac80211_hwsim_ops = {
2385 HWSIM_COMMON_OPS
2386 .sw_scan_start = mac80211_hwsim_sw_scan,
2387 .sw_scan_complete = mac80211_hwsim_sw_scan_complete,
2388};
2389
2390static const struct ieee80211_ops mac80211_hwsim_mchan_ops = {
2391 HWSIM_COMMON_OPS
2392 .hw_scan = mac80211_hwsim_hw_scan,
2393 .cancel_hw_scan = mac80211_hwsim_cancel_hw_scan,
2394 .sw_scan_start = NULL,
2395 .sw_scan_complete = NULL,
2396 .remain_on_channel = mac80211_hwsim_roc,
2397 .cancel_remain_on_channel = mac80211_hwsim_croc,
2398 .add_chanctx = mac80211_hwsim_add_chanctx,
2399 .remove_chanctx = mac80211_hwsim_remove_chanctx,
2400 .change_chanctx = mac80211_hwsim_change_chanctx,
2401 .assign_vif_chanctx = mac80211_hwsim_assign_vif_chanctx,
2402 .unassign_vif_chanctx = mac80211_hwsim_unassign_vif_chanctx,
2403};
2404
2405struct hwsim_new_radio_params {
2406 unsigned int channels;
2407 const char *reg_alpha2;
2408 const struct ieee80211_regdomain *regd;
2409 bool reg_strict;
2410 bool p2p_device;
2411 bool use_chanctx;
2412 bool destroy_on_close;
2413 const char *hwname;
2414 bool no_vif;
2415 const u8 *perm_addr;
2416};
2417
2418static void hwsim_mcast_config_msg(struct sk_buff *mcast_skb,
2419 struct genl_info *info)
2420{
2421 if (info)
2422 genl_notify(&hwsim_genl_family, mcast_skb, info,
2423 HWSIM_MCGRP_CONFIG, GFP_KERNEL);
2424 else
2425 genlmsg_multicast(&hwsim_genl_family, mcast_skb, 0,
2426 HWSIM_MCGRP_CONFIG, GFP_KERNEL);
2427}
2428
2429static int append_radio_msg(struct sk_buff *skb, int id,
2430 struct hwsim_new_radio_params *param)
2431{
2432 int ret;
2433
2434 ret = nla_put_u32(skb, HWSIM_ATTR_RADIO_ID, id);
2435 if (ret < 0)
2436 return ret;
2437
2438 if (param->channels) {
2439 ret = nla_put_u32(skb, HWSIM_ATTR_CHANNELS, param->channels);
2440 if (ret < 0)
2441 return ret;
2442 }
2443
2444 if (param->reg_alpha2) {
2445 ret = nla_put(skb, HWSIM_ATTR_REG_HINT_ALPHA2, 2,
2446 param->reg_alpha2);
2447 if (ret < 0)
2448 return ret;
2449 }
2450
2451 if (param->regd) {
2452 int i;
2453
2454 for (i = 0; i < ARRAY_SIZE(hwsim_world_regdom_custom); i++) {
2455 if (hwsim_world_regdom_custom[i] != param->regd)
2456 continue;
2457
2458 ret = nla_put_u32(skb, HWSIM_ATTR_REG_CUSTOM_REG, i);
2459 if (ret < 0)
2460 return ret;
2461 break;
2462 }
2463 }
2464
2465 if (param->reg_strict) {
2466 ret = nla_put_flag(skb, HWSIM_ATTR_REG_STRICT_REG);
2467 if (ret < 0)
2468 return ret;
2469 }
2470
2471 if (param->p2p_device) {
2472 ret = nla_put_flag(skb, HWSIM_ATTR_SUPPORT_P2P_DEVICE);
2473 if (ret < 0)
2474 return ret;
2475 }
2476
2477 if (param->use_chanctx) {
2478 ret = nla_put_flag(skb, HWSIM_ATTR_USE_CHANCTX);
2479 if (ret < 0)
2480 return ret;
2481 }
2482
2483 if (param->hwname) {
2484 ret = nla_put(skb, HWSIM_ATTR_RADIO_NAME,
2485 strlen(param->hwname), param->hwname);
2486 if (ret < 0)
2487 return ret;
2488 }
2489
2490 return 0;
2491}
2492
2493static void hwsim_mcast_new_radio(int id, struct genl_info *info,
2494 struct hwsim_new_radio_params *param)
2495{
2496 struct sk_buff *mcast_skb;
2497 void *data;
2498
2499 mcast_skb = genlmsg_new(GENLMSG_DEFAULT_SIZE, GFP_KERNEL);
2500 if (!mcast_skb)
2501 return;
2502
2503 data = genlmsg_put(mcast_skb, 0, 0, &hwsim_genl_family, 0,
2504 HWSIM_CMD_NEW_RADIO);
2505 if (!data)
2506 goto out_err;
2507
2508 if (append_radio_msg(mcast_skb, id, param) < 0)
2509 goto out_err;
2510
2511 genlmsg_end(mcast_skb, data);
2512
2513 hwsim_mcast_config_msg(mcast_skb, info);
2514 return;
2515
2516out_err:
2517 genlmsg_cancel(mcast_skb, data);
2518 nlmsg_free(mcast_skb);
2519}
2520
2521static int mac80211_hwsim_new_radio(struct genl_info *info,
2522 struct hwsim_new_radio_params *param)
2523{
2524 int err;
2525 u8 addr[ETH_ALEN];
2526 struct mac80211_hwsim_data *data;
2527 struct ieee80211_hw *hw;
2528 enum nl80211_band band;
2529 const struct ieee80211_ops *ops = &mac80211_hwsim_ops;
2530 struct net *net;
2531 int idx;
2532
2533 if (WARN_ON(param->channels > 1 && !param->use_chanctx))
2534 return -EINVAL;
2535
2536 spin_lock_bh(&hwsim_radio_lock);
2537 idx = hwsim_radio_idx++;
2538 spin_unlock_bh(&hwsim_radio_lock);
2539
2540 if (param->use_chanctx)
2541 ops = &mac80211_hwsim_mchan_ops;
2542 hw = ieee80211_alloc_hw_nm(sizeof(*data), ops, param->hwname);
2543 if (!hw) {
2544 pr_debug("mac80211_hwsim: ieee80211_alloc_hw failed\n");
2545 err = -ENOMEM;
2546 goto failed;
2547 }
2548
2549
2550 param->hwname = wiphy_name(hw->wiphy);
2551
2552 if (info)
2553 net = genl_info_net(info);
2554 else
2555 net = &init_net;
2556 wiphy_net_set(hw->wiphy, net);
2557
2558 data = hw->priv;
2559 data->hw = hw;
2560
2561 data->dev = device_create(hwsim_class, NULL, 0, hw, "hwsim%d", idx);
2562 if (IS_ERR(data->dev)) {
2563 printk(KERN_DEBUG
2564 "mac80211_hwsim: device_create failed (%ld)\n",
2565 PTR_ERR(data->dev));
2566 err = -ENOMEM;
2567 goto failed_drvdata;
2568 }
2569 data->dev->driver = &mac80211_hwsim_driver.driver;
2570 err = device_bind_driver(data->dev);
2571 if (err != 0) {
2572 pr_debug("mac80211_hwsim: device_bind_driver failed (%d)\n",
2573 err);
2574 goto failed_bind;
2575 }
2576
2577 skb_queue_head_init(&data->pending);
2578
2579 SET_IEEE80211_DEV(hw, data->dev);
2580 if (!param->perm_addr) {
2581 eth_zero_addr(addr);
2582 addr[0] = 0x02;
2583 addr[3] = idx >> 8;
2584 addr[4] = idx;
2585 memcpy(data->addresses[0].addr, addr, ETH_ALEN);
2586
2587 memcpy(data->addresses[1].addr, addr, ETH_ALEN);
2588 data->addresses[1].addr[0] |= 0x40;
2589 hw->wiphy->n_addresses = 2;
2590 hw->wiphy->addresses = data->addresses;
2591
2592 } else {
2593 memcpy(data->addresses[0].addr, param->perm_addr, ETH_ALEN);
2594
2595 memcpy(data->addresses[1].addr, param->perm_addr, ETH_ALEN);
2596 hw->wiphy->n_addresses = 2;
2597 hw->wiphy->addresses = data->addresses;
2598 }
2599
2600 data->channels = param->channels;
2601 data->use_chanctx = param->use_chanctx;
2602 data->idx = idx;
2603 data->destroy_on_close = param->destroy_on_close;
2604 if (info)
2605 data->portid = info->snd_portid;
2606
2607 if (data->use_chanctx) {
2608 hw->wiphy->max_scan_ssids = 255;
2609 hw->wiphy->max_scan_ie_len = IEEE80211_MAX_DATA_LEN;
2610 hw->wiphy->max_remain_on_channel_duration = 1000;
2611 hw->wiphy->iface_combinations = &data->if_combination;
2612 if (param->p2p_device)
2613 data->if_combination = hwsim_if_comb_p2p_dev[0];
2614 else
2615 data->if_combination = hwsim_if_comb[0];
2616 hw->wiphy->n_iface_combinations = 1;
2617
2618 data->if_combination.radar_detect_widths = 0;
2619 data->if_combination.num_different_channels = data->channels;
2620 } else if (param->p2p_device) {
2621 hw->wiphy->iface_combinations = hwsim_if_comb_p2p_dev;
2622 hw->wiphy->n_iface_combinations =
2623 ARRAY_SIZE(hwsim_if_comb_p2p_dev);
2624 } else {
2625 hw->wiphy->iface_combinations = hwsim_if_comb;
2626 hw->wiphy->n_iface_combinations = ARRAY_SIZE(hwsim_if_comb);
2627 }
2628
2629 INIT_DELAYED_WORK(&data->roc_start, hw_roc_start);
2630 INIT_DELAYED_WORK(&data->roc_done, hw_roc_done);
2631 INIT_DELAYED_WORK(&data->hw_scan, hw_scan_work);
2632
2633 hw->queues = 5;
2634 hw->offchannel_tx_hw_queue = 4;
2635 hw->wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) |
2636 BIT(NL80211_IFTYPE_AP) |
2637 BIT(NL80211_IFTYPE_P2P_CLIENT) |
2638 BIT(NL80211_IFTYPE_P2P_GO) |
2639 BIT(NL80211_IFTYPE_ADHOC) |
2640 BIT(NL80211_IFTYPE_MESH_POINT);
2641
2642 if (param->p2p_device)
2643 hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_P2P_DEVICE);
2644
2645 ieee80211_hw_set(hw, SUPPORT_FAST_XMIT);
2646 ieee80211_hw_set(hw, CHANCTX_STA_CSA);
2647 ieee80211_hw_set(hw, SUPPORTS_HT_CCK_RATES);
2648 ieee80211_hw_set(hw, QUEUE_CONTROL);
2649 ieee80211_hw_set(hw, WANT_MONITOR_VIF);
2650 ieee80211_hw_set(hw, AMPDU_AGGREGATION);
2651 ieee80211_hw_set(hw, MFP_CAPABLE);
2652 ieee80211_hw_set(hw, SIGNAL_DBM);
2653 ieee80211_hw_set(hw, TDLS_WIDER_BW);
2654 if (rctbl)
2655 ieee80211_hw_set(hw, SUPPORTS_RC_TABLE);
2656
2657 hw->wiphy->flags |= WIPHY_FLAG_SUPPORTS_TDLS |
2658 WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL |
2659 WIPHY_FLAG_AP_UAPSD |
2660 WIPHY_FLAG_HAS_CHANNEL_SWITCH;
2661 hw->wiphy->features |= NL80211_FEATURE_ACTIVE_MONITOR |
2662 NL80211_FEATURE_AP_MODE_CHAN_WIDTH_CHANGE |
2663 NL80211_FEATURE_STATIC_SMPS |
2664 NL80211_FEATURE_DYNAMIC_SMPS |
2665 NL80211_FEATURE_SCAN_RANDOM_MAC_ADDR;
2666 wiphy_ext_feature_set(hw->wiphy, NL80211_EXT_FEATURE_VHT_IBSS);
2667
2668
2669 hw->vif_data_size = sizeof(struct hwsim_vif_priv);
2670 hw->sta_data_size = sizeof(struct hwsim_sta_priv);
2671 hw->chanctx_data_size = sizeof(struct hwsim_chanctx_priv);
2672
2673 memcpy(data->channels_2ghz, hwsim_channels_2ghz,
2674 sizeof(hwsim_channels_2ghz));
2675 memcpy(data->channels_5ghz, hwsim_channels_5ghz,
2676 sizeof(hwsim_channels_5ghz));
2677 memcpy(data->rates, hwsim_rates, sizeof(hwsim_rates));
2678
2679 for (band = NL80211_BAND_2GHZ; band < NUM_NL80211_BANDS; band++) {
2680 struct ieee80211_supported_band *sband = &data->bands[band];
2681 switch (band) {
2682 case NL80211_BAND_2GHZ:
2683 sband->channels = data->channels_2ghz;
2684 sband->n_channels = ARRAY_SIZE(hwsim_channels_2ghz);
2685 sband->bitrates = data->rates;
2686 sband->n_bitrates = ARRAY_SIZE(hwsim_rates);
2687 break;
2688 case NL80211_BAND_5GHZ:
2689 sband->channels = data->channels_5ghz;
2690 sband->n_channels = ARRAY_SIZE(hwsim_channels_5ghz);
2691 sband->bitrates = data->rates + 4;
2692 sband->n_bitrates = ARRAY_SIZE(hwsim_rates) - 4;
2693
2694 sband->vht_cap.vht_supported = true;
2695 sband->vht_cap.cap =
2696 IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_11454 |
2697 IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ |
2698 IEEE80211_VHT_CAP_RXLDPC |
2699 IEEE80211_VHT_CAP_SHORT_GI_80 |
2700 IEEE80211_VHT_CAP_SHORT_GI_160 |
2701 IEEE80211_VHT_CAP_TXSTBC |
2702 IEEE80211_VHT_CAP_RXSTBC_1 |
2703 IEEE80211_VHT_CAP_RXSTBC_2 |
2704 IEEE80211_VHT_CAP_RXSTBC_3 |
2705 IEEE80211_VHT_CAP_RXSTBC_4 |
2706 IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK;
2707 sband->vht_cap.vht_mcs.rx_mcs_map =
2708 cpu_to_le16(IEEE80211_VHT_MCS_SUPPORT_0_9 << 0 |
2709 IEEE80211_VHT_MCS_SUPPORT_0_9 << 2 |
2710 IEEE80211_VHT_MCS_SUPPORT_0_9 << 4 |
2711 IEEE80211_VHT_MCS_SUPPORT_0_9 << 6 |
2712 IEEE80211_VHT_MCS_SUPPORT_0_9 << 8 |
2713 IEEE80211_VHT_MCS_SUPPORT_0_9 << 10 |
2714 IEEE80211_VHT_MCS_SUPPORT_0_9 << 12 |
2715 IEEE80211_VHT_MCS_SUPPORT_0_9 << 14);
2716 sband->vht_cap.vht_mcs.tx_mcs_map =
2717 sband->vht_cap.vht_mcs.rx_mcs_map;
2718 break;
2719 default:
2720 continue;
2721 }
2722
2723 sband->ht_cap.ht_supported = true;
2724 sband->ht_cap.cap = IEEE80211_HT_CAP_SUP_WIDTH_20_40 |
2725 IEEE80211_HT_CAP_GRN_FLD |
2726 IEEE80211_HT_CAP_SGI_20 |
2727 IEEE80211_HT_CAP_SGI_40 |
2728 IEEE80211_HT_CAP_DSSSCCK40;
2729 sband->ht_cap.ampdu_factor = 0x3;
2730 sband->ht_cap.ampdu_density = 0x6;
2731 memset(&sband->ht_cap.mcs, 0,
2732 sizeof(sband->ht_cap.mcs));
2733 sband->ht_cap.mcs.rx_mask[0] = 0xff;
2734 sband->ht_cap.mcs.rx_mask[1] = 0xff;
2735 sband->ht_cap.mcs.tx_params = IEEE80211_HT_MCS_TX_DEFINED;
2736
2737 hw->wiphy->bands[band] = sband;
2738 }
2739
2740
2741 data->group = 1;
2742 mutex_init(&data->mutex);
2743
2744 data->netgroup = hwsim_net_get_netgroup(net);
2745 data->wmediumd = hwsim_net_get_wmediumd(net);
2746
2747
2748 hw->max_rates = 4;
2749 hw->max_rate_tries = 11;
2750
2751 hw->wiphy->vendor_commands = mac80211_hwsim_vendor_commands;
2752 hw->wiphy->n_vendor_commands =
2753 ARRAY_SIZE(mac80211_hwsim_vendor_commands);
2754 hw->wiphy->vendor_events = mac80211_hwsim_vendor_events;
2755 hw->wiphy->n_vendor_events = ARRAY_SIZE(mac80211_hwsim_vendor_events);
2756
2757 if (param->reg_strict)
2758 hw->wiphy->regulatory_flags |= REGULATORY_STRICT_REG;
2759 if (param->regd) {
2760 data->regd = param->regd;
2761 hw->wiphy->regulatory_flags |= REGULATORY_CUSTOM_REG;
2762 wiphy_apply_custom_regulatory(hw->wiphy, param->regd);
2763
2764 schedule_timeout_interruptible(1);
2765 }
2766
2767 if (param->no_vif)
2768 ieee80211_hw_set(hw, NO_AUTO_VIF);
2769
2770 wiphy_ext_feature_set(hw->wiphy, NL80211_EXT_FEATURE_CQM_RSSI_LIST);
2771
2772 err = ieee80211_register_hw(hw);
2773 if (err < 0) {
2774 pr_debug("mac80211_hwsim: ieee80211_register_hw failed (%d)\n",
2775 err);
2776 goto failed_hw;
2777 }
2778
2779 wiphy_dbg(hw->wiphy, "hwaddr %pM registered\n", hw->wiphy->perm_addr);
2780
2781 if (param->reg_alpha2) {
2782 data->alpha2[0] = param->reg_alpha2[0];
2783 data->alpha2[1] = param->reg_alpha2[1];
2784 regulatory_hint(hw->wiphy, param->reg_alpha2);
2785 }
2786
2787 data->debugfs = debugfs_create_dir("hwsim", hw->wiphy->debugfsdir);
2788 debugfs_create_file("ps", 0666, data->debugfs, data, &hwsim_fops_ps);
2789 debugfs_create_file("group", 0666, data->debugfs, data,
2790 &hwsim_fops_group);
2791 if (!data->use_chanctx)
2792 debugfs_create_file("dfs_simulate_radar", 0222,
2793 data->debugfs,
2794 data, &hwsim_simulate_radar);
2795
2796 tasklet_hrtimer_init(&data->beacon_timer,
2797 mac80211_hwsim_beacon,
2798 CLOCK_MONOTONIC, HRTIMER_MODE_ABS);
2799
2800 spin_lock_bh(&hwsim_radio_lock);
2801 err = rhashtable_insert_fast(&hwsim_radios_rht, &data->rht,
2802 hwsim_rht_params);
2803 if (err < 0) {
2804 if (info) {
2805 GENL_SET_ERR_MSG(info, "perm addr already present");
2806 NL_SET_BAD_ATTR(info->extack,
2807 info->attrs[HWSIM_ATTR_PERM_ADDR]);
2808 }
2809 spin_unlock_bh(&hwsim_radio_lock);
2810 goto failed_final_insert;
2811 }
2812
2813 list_add_tail(&data->list, &hwsim_radios);
2814 hwsim_radios_generation++;
2815 spin_unlock_bh(&hwsim_radio_lock);
2816
2817 if (idx > 0)
2818 hwsim_mcast_new_radio(idx, info, param);
2819
2820 return idx;
2821
2822failed_final_insert:
2823 debugfs_remove_recursive(data->debugfs);
2824 ieee80211_unregister_hw(data->hw);
2825failed_hw:
2826 device_release_driver(data->dev);
2827failed_bind:
2828 device_unregister(data->dev);
2829failed_drvdata:
2830 ieee80211_free_hw(hw);
2831failed:
2832 return err;
2833}
2834
2835static void hwsim_mcast_del_radio(int id, const char *hwname,
2836 struct genl_info *info)
2837{
2838 struct sk_buff *skb;
2839 void *data;
2840 int ret;
2841
2842 skb = genlmsg_new(GENLMSG_DEFAULT_SIZE, GFP_KERNEL);
2843 if (!skb)
2844 return;
2845
2846 data = genlmsg_put(skb, 0, 0, &hwsim_genl_family, 0,
2847 HWSIM_CMD_DEL_RADIO);
2848 if (!data)
2849 goto error;
2850
2851 ret = nla_put_u32(skb, HWSIM_ATTR_RADIO_ID, id);
2852 if (ret < 0)
2853 goto error;
2854
2855 ret = nla_put(skb, HWSIM_ATTR_RADIO_NAME, strlen(hwname),
2856 hwname);
2857 if (ret < 0)
2858 goto error;
2859
2860 genlmsg_end(skb, data);
2861
2862 hwsim_mcast_config_msg(skb, info);
2863
2864 return;
2865
2866error:
2867 nlmsg_free(skb);
2868}
2869
2870static void mac80211_hwsim_del_radio(struct mac80211_hwsim_data *data,
2871 const char *hwname,
2872 struct genl_info *info)
2873{
2874 hwsim_mcast_del_radio(data->idx, hwname, info);
2875 debugfs_remove_recursive(data->debugfs);
2876 ieee80211_unregister_hw(data->hw);
2877 device_release_driver(data->dev);
2878 device_unregister(data->dev);
2879 ieee80211_free_hw(data->hw);
2880}
2881
2882static int mac80211_hwsim_get_radio(struct sk_buff *skb,
2883 struct mac80211_hwsim_data *data,
2884 u32 portid, u32 seq,
2885 struct netlink_callback *cb, int flags)
2886{
2887 void *hdr;
2888 struct hwsim_new_radio_params param = { };
2889 int res = -EMSGSIZE;
2890
2891 hdr = genlmsg_put(skb, portid, seq, &hwsim_genl_family, flags,
2892 HWSIM_CMD_GET_RADIO);
2893 if (!hdr)
2894 return -EMSGSIZE;
2895
2896 if (cb)
2897 genl_dump_check_consistent(cb, hdr);
2898
2899 if (data->alpha2[0] && data->alpha2[1])
2900 param.reg_alpha2 = data->alpha2;
2901
2902 param.reg_strict = !!(data->hw->wiphy->regulatory_flags &
2903 REGULATORY_STRICT_REG);
2904 param.p2p_device = !!(data->hw->wiphy->interface_modes &
2905 BIT(NL80211_IFTYPE_P2P_DEVICE));
2906 param.use_chanctx = data->use_chanctx;
2907 param.regd = data->regd;
2908 param.channels = data->channels;
2909 param.hwname = wiphy_name(data->hw->wiphy);
2910
2911 res = append_radio_msg(skb, data->idx, ¶m);
2912 if (res < 0)
2913 goto out_err;
2914
2915 genlmsg_end(skb, hdr);
2916 return 0;
2917
2918out_err:
2919 genlmsg_cancel(skb, hdr);
2920 return res;
2921}
2922
2923static void mac80211_hwsim_free(void)
2924{
2925 struct mac80211_hwsim_data *data;
2926
2927 spin_lock_bh(&hwsim_radio_lock);
2928 while ((data = list_first_entry_or_null(&hwsim_radios,
2929 struct mac80211_hwsim_data,
2930 list))) {
2931 list_del(&data->list);
2932 spin_unlock_bh(&hwsim_radio_lock);
2933 mac80211_hwsim_del_radio(data, wiphy_name(data->hw->wiphy),
2934 NULL);
2935 spin_lock_bh(&hwsim_radio_lock);
2936 }
2937 spin_unlock_bh(&hwsim_radio_lock);
2938 class_destroy(hwsim_class);
2939}
2940
2941static const struct net_device_ops hwsim_netdev_ops = {
2942 .ndo_start_xmit = hwsim_mon_xmit,
2943 .ndo_set_mac_address = eth_mac_addr,
2944 .ndo_validate_addr = eth_validate_addr,
2945};
2946
2947static void hwsim_mon_setup(struct net_device *dev)
2948{
2949 dev->netdev_ops = &hwsim_netdev_ops;
2950 dev->needs_free_netdev = true;
2951 ether_setup(dev);
2952 dev->priv_flags |= IFF_NO_QUEUE;
2953 dev->type = ARPHRD_IEEE80211_RADIOTAP;
2954 eth_zero_addr(dev->dev_addr);
2955 dev->dev_addr[0] = 0x12;
2956}
2957
2958static struct mac80211_hwsim_data *get_hwsim_data_ref_from_addr(const u8 *addr)
2959{
2960 return rhashtable_lookup_fast(&hwsim_radios_rht,
2961 addr,
2962 hwsim_rht_params);
2963}
2964
2965static void hwsim_register_wmediumd(struct net *net, u32 portid)
2966{
2967 struct mac80211_hwsim_data *data;
2968
2969 hwsim_net_set_wmediumd(net, portid);
2970
2971 spin_lock_bh(&hwsim_radio_lock);
2972 list_for_each_entry(data, &hwsim_radios, list) {
2973 if (data->netgroup == hwsim_net_get_netgroup(net))
2974 data->wmediumd = portid;
2975 }
2976 spin_unlock_bh(&hwsim_radio_lock);
2977}
2978
2979static int hwsim_tx_info_frame_received_nl(struct sk_buff *skb_2,
2980 struct genl_info *info)
2981{
2982
2983 struct ieee80211_hdr *hdr;
2984 struct mac80211_hwsim_data *data2;
2985 struct ieee80211_tx_info *txi;
2986 struct hwsim_tx_rate *tx_attempts;
2987 u64 ret_skb_cookie;
2988 struct sk_buff *skb, *tmp;
2989 const u8 *src;
2990 unsigned int hwsim_flags;
2991 int i;
2992 bool found = false;
2993
2994 if (!info->attrs[HWSIM_ATTR_ADDR_TRANSMITTER] ||
2995 !info->attrs[HWSIM_ATTR_FLAGS] ||
2996 !info->attrs[HWSIM_ATTR_COOKIE] ||
2997 !info->attrs[HWSIM_ATTR_SIGNAL] ||
2998 !info->attrs[HWSIM_ATTR_TX_INFO])
2999 goto out;
3000
3001 src = (void *)nla_data(info->attrs[HWSIM_ATTR_ADDR_TRANSMITTER]);
3002 hwsim_flags = nla_get_u32(info->attrs[HWSIM_ATTR_FLAGS]);
3003 ret_skb_cookie = nla_get_u64(info->attrs[HWSIM_ATTR_COOKIE]);
3004
3005 data2 = get_hwsim_data_ref_from_addr(src);
3006 if (!data2)
3007 goto out;
3008
3009 if (hwsim_net_get_netgroup(genl_info_net(info)) != data2->netgroup)
3010 goto out;
3011
3012 if (info->snd_portid != data2->wmediumd)
3013 goto out;
3014
3015
3016 skb_queue_walk_safe(&data2->pending, skb, tmp) {
3017 u64 skb_cookie;
3018
3019 txi = IEEE80211_SKB_CB(skb);
3020 skb_cookie = (u64)(uintptr_t)txi->rate_driver_data[0];
3021
3022 if (skb_cookie == ret_skb_cookie) {
3023 skb_unlink(skb, &data2->pending);
3024 found = true;
3025 break;
3026 }
3027 }
3028
3029
3030 if (!found)
3031 goto out;
3032
3033
3034
3035
3036 tx_attempts = (struct hwsim_tx_rate *)nla_data(
3037 info->attrs[HWSIM_ATTR_TX_INFO]);
3038
3039
3040 txi = IEEE80211_SKB_CB(skb);
3041
3042 ieee80211_tx_info_clear_status(txi);
3043
3044 for (i = 0; i < IEEE80211_TX_MAX_RATES; i++) {
3045 txi->status.rates[i].idx = tx_attempts[i].idx;
3046 txi->status.rates[i].count = tx_attempts[i].count;
3047 }
3048
3049 txi->status.ack_signal = nla_get_u32(info->attrs[HWSIM_ATTR_SIGNAL]);
3050
3051 if (!(hwsim_flags & HWSIM_TX_CTL_NO_ACK) &&
3052 (hwsim_flags & HWSIM_TX_STAT_ACK)) {
3053 if (skb->len >= 16) {
3054 hdr = (struct ieee80211_hdr *) skb->data;
3055 mac80211_hwsim_monitor_ack(data2->channel,
3056 hdr->addr2);
3057 }
3058 txi->flags |= IEEE80211_TX_STAT_ACK;
3059 }
3060 ieee80211_tx_status_irqsafe(data2->hw, skb);
3061 return 0;
3062out:
3063 return -EINVAL;
3064
3065}
3066
3067static int hwsim_cloned_frame_received_nl(struct sk_buff *skb_2,
3068 struct genl_info *info)
3069{
3070 struct mac80211_hwsim_data *data2;
3071 struct ieee80211_rx_status rx_status;
3072 const u8 *dst;
3073 int frame_data_len;
3074 void *frame_data;
3075 struct sk_buff *skb = NULL;
3076
3077 if (!info->attrs[HWSIM_ATTR_ADDR_RECEIVER] ||
3078 !info->attrs[HWSIM_ATTR_FRAME] ||
3079 !info->attrs[HWSIM_ATTR_RX_RATE] ||
3080 !info->attrs[HWSIM_ATTR_SIGNAL])
3081 goto out;
3082
3083 dst = (void *)nla_data(info->attrs[HWSIM_ATTR_ADDR_RECEIVER]);
3084 frame_data_len = nla_len(info->attrs[HWSIM_ATTR_FRAME]);
3085 frame_data = (void *)nla_data(info->attrs[HWSIM_ATTR_FRAME]);
3086
3087
3088 skb = alloc_skb(frame_data_len, GFP_KERNEL);
3089 if (skb == NULL)
3090 goto err;
3091
3092 if (frame_data_len > IEEE80211_MAX_DATA_LEN)
3093 goto err;
3094
3095
3096 skb_put_data(skb, frame_data, frame_data_len);
3097
3098 data2 = get_hwsim_data_ref_from_addr(dst);
3099 if (!data2)
3100 goto out;
3101
3102 if (hwsim_net_get_netgroup(genl_info_net(info)) != data2->netgroup)
3103 goto out;
3104
3105 if (info->snd_portid != data2->wmediumd)
3106 goto out;
3107
3108
3109
3110 if (data2->idle || !data2->started)
3111 goto out;
3112
3113
3114 memset(&rx_status, 0, sizeof(rx_status));
3115 if (info->attrs[HWSIM_ATTR_FREQ]) {
3116
3117
3118
3119
3120 mutex_lock(&data2->mutex);
3121 rx_status.freq = nla_get_u32(info->attrs[HWSIM_ATTR_FREQ]);
3122
3123 if (rx_status.freq != data2->channel->center_freq &&
3124 (!data2->tmp_chan ||
3125 rx_status.freq != data2->tmp_chan->center_freq)) {
3126 mutex_unlock(&data2->mutex);
3127 goto out;
3128 }
3129 mutex_unlock(&data2->mutex);
3130 } else {
3131 rx_status.freq = data2->channel->center_freq;
3132 }
3133
3134 rx_status.band = data2->channel->band;
3135 rx_status.rate_idx = nla_get_u32(info->attrs[HWSIM_ATTR_RX_RATE]);
3136 rx_status.signal = nla_get_u32(info->attrs[HWSIM_ATTR_SIGNAL]);
3137
3138 memcpy(IEEE80211_SKB_RXCB(skb), &rx_status, sizeof(rx_status));
3139 data2->rx_pkts++;
3140 data2->rx_bytes += skb->len;
3141 ieee80211_rx_irqsafe(data2->hw, skb);
3142
3143 return 0;
3144err:
3145 pr_debug("mac80211_hwsim: error occurred in %s\n", __func__);
3146out:
3147 dev_kfree_skb(skb);
3148 return -EINVAL;
3149}
3150
3151static int hwsim_register_received_nl(struct sk_buff *skb_2,
3152 struct genl_info *info)
3153{
3154 struct net *net = genl_info_net(info);
3155 struct mac80211_hwsim_data *data;
3156 int chans = 1;
3157
3158 spin_lock_bh(&hwsim_radio_lock);
3159 list_for_each_entry(data, &hwsim_radios, list)
3160 chans = max(chans, data->channels);
3161 spin_unlock_bh(&hwsim_radio_lock);
3162
3163
3164
3165
3166
3167
3168 if (chans > 1)
3169 return -EOPNOTSUPP;
3170
3171 if (hwsim_net_get_wmediumd(net))
3172 return -EBUSY;
3173
3174 hwsim_register_wmediumd(net, info->snd_portid);
3175
3176 pr_debug("mac80211_hwsim: received a REGISTER, "
3177 "switching to wmediumd mode with pid %d\n", info->snd_portid);
3178
3179 return 0;
3180}
3181
3182static int hwsim_new_radio_nl(struct sk_buff *msg, struct genl_info *info)
3183{
3184 struct hwsim_new_radio_params param = { 0 };
3185 const char *hwname = NULL;
3186 int ret;
3187
3188 param.reg_strict = info->attrs[HWSIM_ATTR_REG_STRICT_REG];
3189 param.p2p_device = info->attrs[HWSIM_ATTR_SUPPORT_P2P_DEVICE];
3190 param.channels = channels;
3191 param.destroy_on_close =
3192 info->attrs[HWSIM_ATTR_DESTROY_RADIO_ON_CLOSE];
3193
3194 if (info->attrs[HWSIM_ATTR_CHANNELS])
3195 param.channels = nla_get_u32(info->attrs[HWSIM_ATTR_CHANNELS]);
3196
3197 if (param.channels > CFG80211_MAX_NUM_DIFFERENT_CHANNELS) {
3198 GENL_SET_ERR_MSG(info, "too many channels specified");
3199 return -EINVAL;
3200 }
3201
3202 if (info->attrs[HWSIM_ATTR_NO_VIF])
3203 param.no_vif = true;
3204
3205 if (info->attrs[HWSIM_ATTR_RADIO_NAME]) {
3206 hwname = kasprintf(GFP_KERNEL, "%.*s",
3207 nla_len(info->attrs[HWSIM_ATTR_RADIO_NAME]),
3208 (char *)nla_data(info->attrs[HWSIM_ATTR_RADIO_NAME]));
3209 if (!hwname)
3210 return -ENOMEM;
3211 param.hwname = hwname;
3212 }
3213
3214 if (info->attrs[HWSIM_ATTR_USE_CHANCTX])
3215 param.use_chanctx = true;
3216 else
3217 param.use_chanctx = (param.channels > 1);
3218
3219 if (info->attrs[HWSIM_ATTR_REG_HINT_ALPHA2])
3220 param.reg_alpha2 =
3221 nla_data(info->attrs[HWSIM_ATTR_REG_HINT_ALPHA2]);
3222
3223 if (info->attrs[HWSIM_ATTR_REG_CUSTOM_REG]) {
3224 u32 idx = nla_get_u32(info->attrs[HWSIM_ATTR_REG_CUSTOM_REG]);
3225
3226 if (idx >= ARRAY_SIZE(hwsim_world_regdom_custom)) {
3227 kfree(hwname);
3228 return -EINVAL;
3229 }
3230 param.regd = hwsim_world_regdom_custom[idx];
3231 }
3232
3233 if (info->attrs[HWSIM_ATTR_PERM_ADDR]) {
3234 if (!is_valid_ether_addr(
3235 nla_data(info->attrs[HWSIM_ATTR_PERM_ADDR]))) {
3236 GENL_SET_ERR_MSG(info,"MAC is no valid source addr");
3237 NL_SET_BAD_ATTR(info->extack,
3238 info->attrs[HWSIM_ATTR_PERM_ADDR]);
3239 kfree(hwname);
3240 return -EINVAL;
3241 }
3242
3243
3244 param.perm_addr = nla_data(info->attrs[HWSIM_ATTR_PERM_ADDR]);
3245 }
3246
3247 ret = mac80211_hwsim_new_radio(info, ¶m);
3248 kfree(hwname);
3249 return ret;
3250}
3251
3252static int hwsim_del_radio_nl(struct sk_buff *msg, struct genl_info *info)
3253{
3254 struct mac80211_hwsim_data *data;
3255 s64 idx = -1;
3256 const char *hwname = NULL;
3257
3258 if (info->attrs[HWSIM_ATTR_RADIO_ID]) {
3259 idx = nla_get_u32(info->attrs[HWSIM_ATTR_RADIO_ID]);
3260 } else if (info->attrs[HWSIM_ATTR_RADIO_NAME]) {
3261 hwname = kasprintf(GFP_KERNEL, "%.*s",
3262 nla_len(info->attrs[HWSIM_ATTR_RADIO_NAME]),
3263 (char *)nla_data(info->attrs[HWSIM_ATTR_RADIO_NAME]));
3264 if (!hwname)
3265 return -ENOMEM;
3266 } else
3267 return -EINVAL;
3268
3269 spin_lock_bh(&hwsim_radio_lock);
3270 list_for_each_entry(data, &hwsim_radios, list) {
3271 if (idx >= 0) {
3272 if (data->idx != idx)
3273 continue;
3274 } else {
3275 if (!hwname ||
3276 strcmp(hwname, wiphy_name(data->hw->wiphy)))
3277 continue;
3278 }
3279
3280 if (!net_eq(wiphy_net(data->hw->wiphy), genl_info_net(info)))
3281 continue;
3282
3283 list_del(&data->list);
3284 rhashtable_remove_fast(&hwsim_radios_rht, &data->rht,
3285 hwsim_rht_params);
3286 hwsim_radios_generation++;
3287 spin_unlock_bh(&hwsim_radio_lock);
3288 mac80211_hwsim_del_radio(data, wiphy_name(data->hw->wiphy),
3289 info);
3290 kfree(hwname);
3291 return 0;
3292 }
3293 spin_unlock_bh(&hwsim_radio_lock);
3294
3295 kfree(hwname);
3296 return -ENODEV;
3297}
3298
3299static int hwsim_get_radio_nl(struct sk_buff *msg, struct genl_info *info)
3300{
3301 struct mac80211_hwsim_data *data;
3302 struct sk_buff *skb;
3303 int idx, res = -ENODEV;
3304
3305 if (!info->attrs[HWSIM_ATTR_RADIO_ID])
3306 return -EINVAL;
3307 idx = nla_get_u32(info->attrs[HWSIM_ATTR_RADIO_ID]);
3308
3309 spin_lock_bh(&hwsim_radio_lock);
3310 list_for_each_entry(data, &hwsim_radios, list) {
3311 if (data->idx != idx)
3312 continue;
3313
3314 if (!net_eq(wiphy_net(data->hw->wiphy), genl_info_net(info)))
3315 continue;
3316
3317 skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_ATOMIC);
3318 if (!skb) {
3319 res = -ENOMEM;
3320 goto out_err;
3321 }
3322
3323 res = mac80211_hwsim_get_radio(skb, data, info->snd_portid,
3324 info->snd_seq, NULL, 0);
3325 if (res < 0) {
3326 nlmsg_free(skb);
3327 goto out_err;
3328 }
3329
3330 genlmsg_reply(skb, info);
3331 break;
3332 }
3333
3334out_err:
3335 spin_unlock_bh(&hwsim_radio_lock);
3336
3337 return res;
3338}
3339
3340static int hwsim_dump_radio_nl(struct sk_buff *skb,
3341 struct netlink_callback *cb)
3342{
3343 int last_idx = cb->args[0] - 1;
3344 struct mac80211_hwsim_data *data = NULL;
3345 int res = 0;
3346 void *hdr;
3347
3348 spin_lock_bh(&hwsim_radio_lock);
3349 cb->seq = hwsim_radios_generation;
3350
3351 if (last_idx >= hwsim_radio_idx-1)
3352 goto done;
3353
3354 list_for_each_entry(data, &hwsim_radios, list) {
3355 if (data->idx <= last_idx)
3356 continue;
3357
3358 if (!net_eq(wiphy_net(data->hw->wiphy), sock_net(skb->sk)))
3359 continue;
3360
3361 res = mac80211_hwsim_get_radio(skb, data,
3362 NETLINK_CB(cb->skb).portid,
3363 cb->nlh->nlmsg_seq, cb,
3364 NLM_F_MULTI);
3365 if (res < 0)
3366 break;
3367
3368 last_idx = data->idx;
3369 }
3370
3371 cb->args[0] = last_idx + 1;
3372
3373
3374 if (skb->len == 0 && cb->prev_seq && cb->seq != cb->prev_seq) {
3375 hdr = genlmsg_put(skb, NETLINK_CB(cb->skb).portid,
3376 cb->nlh->nlmsg_seq, &hwsim_genl_family,
3377 NLM_F_MULTI, HWSIM_CMD_GET_RADIO);
3378 if (!hdr)
3379 res = -EMSGSIZE;
3380 genl_dump_check_consistent(cb, hdr);
3381 genlmsg_end(skb, hdr);
3382 }
3383
3384done:
3385 spin_unlock_bh(&hwsim_radio_lock);
3386 return res ?: skb->len;
3387}
3388
3389
3390static const struct genl_ops hwsim_ops[] = {
3391 {
3392 .cmd = HWSIM_CMD_REGISTER,
3393 .policy = hwsim_genl_policy,
3394 .doit = hwsim_register_received_nl,
3395 .flags = GENL_UNS_ADMIN_PERM,
3396 },
3397 {
3398 .cmd = HWSIM_CMD_FRAME,
3399 .policy = hwsim_genl_policy,
3400 .doit = hwsim_cloned_frame_received_nl,
3401 },
3402 {
3403 .cmd = HWSIM_CMD_TX_INFO_FRAME,
3404 .policy = hwsim_genl_policy,
3405 .doit = hwsim_tx_info_frame_received_nl,
3406 },
3407 {
3408 .cmd = HWSIM_CMD_NEW_RADIO,
3409 .policy = hwsim_genl_policy,
3410 .doit = hwsim_new_radio_nl,
3411 .flags = GENL_UNS_ADMIN_PERM,
3412 },
3413 {
3414 .cmd = HWSIM_CMD_DEL_RADIO,
3415 .policy = hwsim_genl_policy,
3416 .doit = hwsim_del_radio_nl,
3417 .flags = GENL_UNS_ADMIN_PERM,
3418 },
3419 {
3420 .cmd = HWSIM_CMD_GET_RADIO,
3421 .policy = hwsim_genl_policy,
3422 .doit = hwsim_get_radio_nl,
3423 .dumpit = hwsim_dump_radio_nl,
3424 },
3425};
3426
3427static struct genl_family hwsim_genl_family __ro_after_init = {
3428 .name = "MAC80211_HWSIM",
3429 .version = 1,
3430 .maxattr = HWSIM_ATTR_MAX,
3431 .netnsok = true,
3432 .module = THIS_MODULE,
3433 .ops = hwsim_ops,
3434 .n_ops = ARRAY_SIZE(hwsim_ops),
3435 .mcgrps = hwsim_mcgrps,
3436 .n_mcgrps = ARRAY_SIZE(hwsim_mcgrps),
3437};
3438
3439static void destroy_radio(struct work_struct *work)
3440{
3441 struct mac80211_hwsim_data *data =
3442 container_of(work, struct mac80211_hwsim_data, destroy_work);
3443
3444 hwsim_radios_generation++;
3445 mac80211_hwsim_del_radio(data, wiphy_name(data->hw->wiphy), NULL);
3446}
3447
3448static void remove_user_radios(u32 portid)
3449{
3450 struct mac80211_hwsim_data *entry, *tmp;
3451
3452 spin_lock_bh(&hwsim_radio_lock);
3453 list_for_each_entry_safe(entry, tmp, &hwsim_radios, list) {
3454 if (entry->destroy_on_close && entry->portid == portid) {
3455 list_del(&entry->list);
3456 rhashtable_remove_fast(&hwsim_radios_rht, &entry->rht,
3457 hwsim_rht_params);
3458 INIT_WORK(&entry->destroy_work, destroy_radio);
3459 queue_work(hwsim_wq, &entry->destroy_work);
3460 }
3461 }
3462 spin_unlock_bh(&hwsim_radio_lock);
3463}
3464
3465static int mac80211_hwsim_netlink_notify(struct notifier_block *nb,
3466 unsigned long state,
3467 void *_notify)
3468{
3469 struct netlink_notify *notify = _notify;
3470
3471 if (state != NETLINK_URELEASE)
3472 return NOTIFY_DONE;
3473
3474 remove_user_radios(notify->portid);
3475
3476 if (notify->portid == hwsim_net_get_wmediumd(notify->net)) {
3477 printk(KERN_INFO "mac80211_hwsim: wmediumd released netlink"
3478 " socket, switching to perfect channel medium\n");
3479 hwsim_register_wmediumd(notify->net, 0);
3480 }
3481 return NOTIFY_DONE;
3482
3483}
3484
3485static struct notifier_block hwsim_netlink_notifier = {
3486 .notifier_call = mac80211_hwsim_netlink_notify,
3487};
3488
3489static int __init hwsim_init_netlink(void)
3490{
3491 int rc;
3492
3493 printk(KERN_INFO "mac80211_hwsim: initializing netlink\n");
3494
3495 rc = genl_register_family(&hwsim_genl_family);
3496 if (rc)
3497 goto failure;
3498
3499 rc = netlink_register_notifier(&hwsim_netlink_notifier);
3500 if (rc) {
3501 genl_unregister_family(&hwsim_genl_family);
3502 goto failure;
3503 }
3504
3505 return 0;
3506
3507failure:
3508 pr_debug("mac80211_hwsim: error occurred in %s\n", __func__);
3509 return -EINVAL;
3510}
3511
3512static __net_init int hwsim_init_net(struct net *net)
3513{
3514 return hwsim_net_set_netgroup(net);
3515}
3516
3517static void __net_exit hwsim_exit_net(struct net *net)
3518{
3519 struct mac80211_hwsim_data *data, *tmp;
3520
3521 spin_lock_bh(&hwsim_radio_lock);
3522 list_for_each_entry_safe(data, tmp, &hwsim_radios, list) {
3523 if (!net_eq(wiphy_net(data->hw->wiphy), net))
3524 continue;
3525
3526
3527 if (data->netgroup == hwsim_net_get_netgroup(&init_net))
3528 continue;
3529
3530 list_del(&data->list);
3531 rhashtable_remove_fast(&hwsim_radios_rht, &data->rht,
3532 hwsim_rht_params);
3533 hwsim_radios_generation++;
3534 spin_unlock_bh(&hwsim_radio_lock);
3535 mac80211_hwsim_del_radio(data,
3536 wiphy_name(data->hw->wiphy),
3537 NULL);
3538 spin_lock_bh(&hwsim_radio_lock);
3539 }
3540 spin_unlock_bh(&hwsim_radio_lock);
3541
3542 ida_simple_remove(&hwsim_netgroup_ida, hwsim_net_get_netgroup(net));
3543}
3544
3545static struct pernet_operations hwsim_net_ops = {
3546 .init = hwsim_init_net,
3547 .exit = hwsim_exit_net,
3548 .id = &hwsim_net_id,
3549 .size = sizeof(struct hwsim_net),
3550};
3551
3552static void hwsim_exit_netlink(void)
3553{
3554
3555 netlink_unregister_notifier(&hwsim_netlink_notifier);
3556
3557 genl_unregister_family(&hwsim_genl_family);
3558}
3559
3560static int __init init_mac80211_hwsim(void)
3561{
3562 int i, err;
3563
3564 if (radios < 0 || radios > 100)
3565 return -EINVAL;
3566
3567 if (channels < 1)
3568 return -EINVAL;
3569
3570 spin_lock_init(&hwsim_radio_lock);
3571
3572 hwsim_wq = alloc_workqueue("hwsim_wq", 0, 0);
3573 if (!hwsim_wq)
3574 return -ENOMEM;
3575 rhashtable_init(&hwsim_radios_rht, &hwsim_rht_params);
3576
3577 err = register_pernet_device(&hwsim_net_ops);
3578 if (err)
3579 return err;
3580
3581 err = platform_driver_register(&mac80211_hwsim_driver);
3582 if (err)
3583 goto out_unregister_pernet;
3584
3585 hwsim_class = class_create(THIS_MODULE, "mac80211_hwsim");
3586 if (IS_ERR(hwsim_class)) {
3587 err = PTR_ERR(hwsim_class);
3588 goto out_unregister_driver;
3589 }
3590
3591 err = hwsim_init_netlink();
3592 if (err < 0)
3593 goto out_unregister_driver;
3594
3595 for (i = 0; i < radios; i++) {
3596 struct hwsim_new_radio_params param = { 0 };
3597
3598 param.channels = channels;
3599
3600 switch (regtest) {
3601 case HWSIM_REGTEST_DIFF_COUNTRY:
3602 if (i < ARRAY_SIZE(hwsim_alpha2s))
3603 param.reg_alpha2 = hwsim_alpha2s[i];
3604 break;
3605 case HWSIM_REGTEST_DRIVER_REG_FOLLOW:
3606 if (!i)
3607 param.reg_alpha2 = hwsim_alpha2s[0];
3608 break;
3609 case HWSIM_REGTEST_STRICT_ALL:
3610 param.reg_strict = true;
3611 case HWSIM_REGTEST_DRIVER_REG_ALL:
3612 param.reg_alpha2 = hwsim_alpha2s[0];
3613 break;
3614 case HWSIM_REGTEST_WORLD_ROAM:
3615 if (i == 0)
3616 param.regd = &hwsim_world_regdom_custom_01;
3617 break;
3618 case HWSIM_REGTEST_CUSTOM_WORLD:
3619 param.regd = &hwsim_world_regdom_custom_01;
3620 break;
3621 case HWSIM_REGTEST_CUSTOM_WORLD_2:
3622 if (i == 0)
3623 param.regd = &hwsim_world_regdom_custom_01;
3624 else if (i == 1)
3625 param.regd = &hwsim_world_regdom_custom_02;
3626 break;
3627 case HWSIM_REGTEST_STRICT_FOLLOW:
3628 if (i == 0) {
3629 param.reg_strict = true;
3630 param.reg_alpha2 = hwsim_alpha2s[0];
3631 }
3632 break;
3633 case HWSIM_REGTEST_STRICT_AND_DRIVER_REG:
3634 if (i == 0) {
3635 param.reg_strict = true;
3636 param.reg_alpha2 = hwsim_alpha2s[0];
3637 } else if (i == 1) {
3638 param.reg_alpha2 = hwsim_alpha2s[1];
3639 }
3640 break;
3641 case HWSIM_REGTEST_ALL:
3642 switch (i) {
3643 case 0:
3644 param.regd = &hwsim_world_regdom_custom_01;
3645 break;
3646 case 1:
3647 param.regd = &hwsim_world_regdom_custom_02;
3648 break;
3649 case 2:
3650 param.reg_alpha2 = hwsim_alpha2s[0];
3651 break;
3652 case 3:
3653 param.reg_alpha2 = hwsim_alpha2s[1];
3654 break;
3655 case 4:
3656 param.reg_strict = true;
3657 param.reg_alpha2 = hwsim_alpha2s[2];
3658 break;
3659 }
3660 break;
3661 default:
3662 break;
3663 }
3664
3665 param.p2p_device = support_p2p_device;
3666 param.use_chanctx = channels > 1;
3667
3668 err = mac80211_hwsim_new_radio(NULL, ¶m);
3669 if (err < 0)
3670 goto out_free_radios;
3671 }
3672
3673 hwsim_mon = alloc_netdev(0, "hwsim%d", NET_NAME_UNKNOWN,
3674 hwsim_mon_setup);
3675 if (hwsim_mon == NULL) {
3676 err = -ENOMEM;
3677 goto out_free_radios;
3678 }
3679
3680 rtnl_lock();
3681 err = dev_alloc_name(hwsim_mon, hwsim_mon->name);
3682 if (err < 0) {
3683 rtnl_unlock();
3684 goto out_free_radios;
3685 }
3686
3687 err = register_netdevice(hwsim_mon);
3688 if (err < 0) {
3689 rtnl_unlock();
3690 goto out_free_mon;
3691 }
3692 rtnl_unlock();
3693
3694 return 0;
3695
3696out_free_mon:
3697 free_netdev(hwsim_mon);
3698out_free_radios:
3699 mac80211_hwsim_free();
3700out_unregister_driver:
3701 platform_driver_unregister(&mac80211_hwsim_driver);
3702out_unregister_pernet:
3703 unregister_pernet_device(&hwsim_net_ops);
3704 return err;
3705}
3706module_init(init_mac80211_hwsim);
3707
3708static void __exit exit_mac80211_hwsim(void)
3709{
3710 pr_debug("mac80211_hwsim: unregister radios\n");
3711
3712 hwsim_exit_netlink();
3713
3714 mac80211_hwsim_free();
3715 flush_workqueue(hwsim_wq);
3716
3717 rhashtable_destroy(&hwsim_radios_rht);
3718 unregister_netdev(hwsim_mon);
3719 platform_driver_unregister(&mac80211_hwsim_driver);
3720 unregister_pernet_device(&hwsim_net_ops);
3721 destroy_workqueue(hwsim_wq);
3722}
3723module_exit(exit_mac80211_hwsim);
3724
