drivers/net/wireless/mac80211_hwsim.c at v4.0-rc2

tjh.dev / kernel
fork
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork
kernel / drivers / net / wireless / mac80211_hwsim.c
at v4.0-rc2 3223 lines 87 kB view raw
wrap content
   1/*
   2 * mac80211_hwsim - software simulator of 802.11 radio(s) for mac80211
   3 * Copyright (c) 2008, Jouni Malinen <j@w1.fi>
   4 * Copyright (c) 2011, Javier Lopez <jlopex@gmail.com>
   5 *
   6 * This program is free software; you can redistribute it and/or modify
   7 * it under the terms of the GNU General Public License version 2 as
   8 * published by the Free Software Foundation.
   9 */
  10
  11/*
  12 * TODO:
  13 * - Add TSF sync and fix IBSS beacon transmission by adding
  14 *   competition for "air time" at TBTT
  15 * - RX filtering based on filter configuration (data->rx_filter)
  16 */
  17
  18#include <linux/list.h>
  19#include <linux/slab.h>
  20#include <linux/spinlock.h>
  21#include <net/dst.h>
  22#include <net/xfrm.h>
  23#include <net/mac80211.h>
  24#include <net/ieee80211_radiotap.h>
  25#include <linux/if_arp.h>
  26#include <linux/rtnetlink.h>
  27#include <linux/etherdevice.h>
  28#include <linux/platform_device.h>
  29#include <linux/debugfs.h>
  30#include <linux/module.h>
  31#include <linux/ktime.h>
  32#include <net/genetlink.h>
  33#include "mac80211_hwsim.h"
  34
  35#define WARN_QUEUE 100
  36#define MAX_QUEUE 200
  37
  38MODULE_AUTHOR("Jouni Malinen");
  39MODULE_DESCRIPTION("Software simulator of 802.11 radio(s) for mac80211");
  40MODULE_LICENSE("GPL");
  41
  42static u32 wmediumd_portid;
  43
  44static int radios = 2;
  45module_param(radios, int, 0444);
  46MODULE_PARM_DESC(radios, "Number of simulated radios");
  47
  48static int channels = 1;
  49module_param(channels, int, 0444);
  50MODULE_PARM_DESC(channels, "Number of concurrent channels");
  51
  52static bool paged_rx = false;
  53module_param(paged_rx, bool, 0644);
  54MODULE_PARM_DESC(paged_rx, "Use paged SKBs for RX instead of linear ones");
  55
  56static bool rctbl = false;
  57module_param(rctbl, bool, 0444);
  58MODULE_PARM_DESC(rctbl, "Handle rate control table");
  59
  60static bool support_p2p_device = true;
  61module_param(support_p2p_device, bool, 0444);
  62MODULE_PARM_DESC(support_p2p_device, "Support P2P-Device interface type");
  63
  64/**
  65 * enum hwsim_regtest - the type of regulatory tests we offer
  66 *
  67 * These are the different values you can use for the regtest
  68 * module parameter. This is useful to help test world roaming
  69 * and the driver regulatory_hint() call and combinations of these.
  70 * If you want to do specific alpha2 regulatory domain tests simply
  71 * use the userspace regulatory request as that will be respected as
  72 * well without the need of this module parameter. This is designed
  73 * only for testing the driver regulatory request, world roaming
  74 * and all possible combinations.
  75 *
  76 * @HWSIM_REGTEST_DISABLED: No regulatory tests are performed,
  77 * 	this is the default value.
  78 * @HWSIM_REGTEST_DRIVER_REG_FOLLOW: Used for testing the driver regulatory
  79 *	hint, only one driver regulatory hint will be sent as such the
  80 * 	secondary radios are expected to follow.
  81 * @HWSIM_REGTEST_DRIVER_REG_ALL: Used for testing the driver regulatory
  82 * 	request with all radios reporting the same regulatory domain.
  83 * @HWSIM_REGTEST_DIFF_COUNTRY: Used for testing the drivers calling
  84 * 	different regulatory domains requests. Expected behaviour is for
  85 * 	an intersection to occur but each device will still use their
  86 * 	respective regulatory requested domains. Subsequent radios will
  87 * 	use the resulting intersection.
  88 * @HWSIM_REGTEST_WORLD_ROAM: Used for testing the world roaming. We accomplish
  89 *	this by using a custom beacon-capable regulatory domain for the first
  90 *	radio. All other device world roam.
  91 * @HWSIM_REGTEST_CUSTOM_WORLD: Used for testing the custom world regulatory
  92 * 	domain requests. All radios will adhere to this custom world regulatory
  93 * 	domain.
  94 * @HWSIM_REGTEST_CUSTOM_WORLD_2: Used for testing 2 custom world regulatory
  95 * 	domain requests. The first radio will adhere to the first custom world
  96 * 	regulatory domain, the second one to the second custom world regulatory
  97 * 	domain. All other devices will world roam.
  98 * @HWSIM_REGTEST_STRICT_FOLLOW_: Used for testing strict regulatory domain
  99 *	settings, only the first radio will send a regulatory domain request
 100 *	and use strict settings. The rest of the radios are expected to follow.
 101 * @HWSIM_REGTEST_STRICT_ALL: Used for testing strict regulatory domain
 102 *	settings. All radios will adhere to this.
 103 * @HWSIM_REGTEST_STRICT_AND_DRIVER_REG: Used for testing strict regulatory
 104 *	domain settings, combined with secondary driver regulatory domain
 105 *	settings. The first radio will get a strict regulatory domain setting
 106 *	using the first driver regulatory request and the second radio will use
 107 *	non-strict settings using the second driver regulatory request. All
 108 *	other devices should follow the intersection created between the
 109 *	first two.
 110 * @HWSIM_REGTEST_ALL: Used for testing every possible mix. You will need
 111 * 	at least 6 radios for a complete test. We will test in this order:
 112 * 	1 - driver custom world regulatory domain
 113 * 	2 - second custom world regulatory domain
 114 * 	3 - first driver regulatory domain request
 115 * 	4 - second driver regulatory domain request
 116 * 	5 - strict regulatory domain settings using the third driver regulatory
 117 * 	    domain request
 118 * 	6 and on - should follow the intersection of the 3rd, 4rth and 5th radio
 119 * 	           regulatory requests.
 120 */
 121enum hwsim_regtest {
 122	HWSIM_REGTEST_DISABLED = 0,
 123	HWSIM_REGTEST_DRIVER_REG_FOLLOW = 1,
 124	HWSIM_REGTEST_DRIVER_REG_ALL = 2,
 125	HWSIM_REGTEST_DIFF_COUNTRY = 3,
 126	HWSIM_REGTEST_WORLD_ROAM = 4,
 127	HWSIM_REGTEST_CUSTOM_WORLD = 5,
 128	HWSIM_REGTEST_CUSTOM_WORLD_2 = 6,
 129	HWSIM_REGTEST_STRICT_FOLLOW = 7,
 130	HWSIM_REGTEST_STRICT_ALL = 8,
 131	HWSIM_REGTEST_STRICT_AND_DRIVER_REG = 9,
 132	HWSIM_REGTEST_ALL = 10,
 133};
 134
 135/* Set to one of the HWSIM_REGTEST_* values above */
 136static int regtest = HWSIM_REGTEST_DISABLED;
 137module_param(regtest, int, 0444);
 138MODULE_PARM_DESC(regtest, "The type of regulatory test we want to run");
 139
 140static const char *hwsim_alpha2s[] = {
 141	"FI",
 142	"AL",
 143	"US",
 144	"DE",
 145	"JP",
 146	"AL",
 147};
 148
 149static const struct ieee80211_regdomain hwsim_world_regdom_custom_01 = {
 150	.n_reg_rules = 4,
 151	.alpha2 =  "99",
 152	.reg_rules = {
 153		REG_RULE(2412-10, 2462+10, 40, 0, 20, 0),
 154		REG_RULE(2484-10, 2484+10, 40, 0, 20, 0),
 155		REG_RULE(5150-10, 5240+10, 40, 0, 30, 0),
 156		REG_RULE(5745-10, 5825+10, 40, 0, 30, 0),
 157	}
 158};
 159
 160static const struct ieee80211_regdomain hwsim_world_regdom_custom_02 = {
 161	.n_reg_rules = 2,
 162	.alpha2 =  "99",
 163	.reg_rules = {
 164		REG_RULE(2412-10, 2462+10, 40, 0, 20, 0),
 165		REG_RULE(5725-10, 5850+10, 40, 0, 30,
 166			 NL80211_RRF_NO_IR),
 167	}
 168};
 169
 170static const struct ieee80211_regdomain *hwsim_world_regdom_custom[] = {
 171	&hwsim_world_regdom_custom_01,
 172	&hwsim_world_regdom_custom_02,
 173};
 174
 175struct hwsim_vif_priv {
 176	u32 magic;
 177	u8 bssid[ETH_ALEN];
 178	bool assoc;
 179	bool bcn_en;
 180	u16 aid;
 181};
 182
 183#define HWSIM_VIF_MAGIC	0x69537748
 184
 185static inline void hwsim_check_magic(struct ieee80211_vif *vif)
 186{
 187	struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
 188	WARN(vp->magic != HWSIM_VIF_MAGIC,
 189	     "Invalid VIF (%p) magic %#x, %pM, %d/%d\n",
 190	     vif, vp->magic, vif->addr, vif->type, vif->p2p);
 191}
 192
 193static inline void hwsim_set_magic(struct ieee80211_vif *vif)
 194{
 195	struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
 196	vp->magic = HWSIM_VIF_MAGIC;
 197}
 198
 199static inline void hwsim_clear_magic(struct ieee80211_vif *vif)
 200{
 201	struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
 202	vp->magic = 0;
 203}
 204
 205struct hwsim_sta_priv {
 206	u32 magic;
 207};
 208
 209#define HWSIM_STA_MAGIC	0x6d537749
 210
 211static inline void hwsim_check_sta_magic(struct ieee80211_sta *sta)
 212{
 213	struct hwsim_sta_priv *sp = (void *)sta->drv_priv;
 214	WARN_ON(sp->magic != HWSIM_STA_MAGIC);
 215}
 216
 217static inline void hwsim_set_sta_magic(struct ieee80211_sta *sta)
 218{
 219	struct hwsim_sta_priv *sp = (void *)sta->drv_priv;
 220	sp->magic = HWSIM_STA_MAGIC;
 221}
 222
 223static inline void hwsim_clear_sta_magic(struct ieee80211_sta *sta)
 224{
 225	struct hwsim_sta_priv *sp = (void *)sta->drv_priv;
 226	sp->magic = 0;
 227}
 228
 229struct hwsim_chanctx_priv {
 230	u32 magic;
 231};
 232
 233#define HWSIM_CHANCTX_MAGIC 0x6d53774a
 234
 235static inline void hwsim_check_chanctx_magic(struct ieee80211_chanctx_conf *c)
 236{
 237	struct hwsim_chanctx_priv *cp = (void *)c->drv_priv;
 238	WARN_ON(cp->magic != HWSIM_CHANCTX_MAGIC);
 239}
 240
 241static inline void hwsim_set_chanctx_magic(struct ieee80211_chanctx_conf *c)
 242{
 243	struct hwsim_chanctx_priv *cp = (void *)c->drv_priv;
 244	cp->magic = HWSIM_CHANCTX_MAGIC;
 245}
 246
 247static inline void hwsim_clear_chanctx_magic(struct ieee80211_chanctx_conf *c)
 248{
 249	struct hwsim_chanctx_priv *cp = (void *)c->drv_priv;
 250	cp->magic = 0;
 251}
 252
 253static struct class *hwsim_class;
 254
 255static struct net_device *hwsim_mon; /* global monitor netdev */
 256
 257#define CHAN2G(_freq)  { \
 258	.band = IEEE80211_BAND_2GHZ, \
 259	.center_freq = (_freq), \
 260	.hw_value = (_freq), \
 261	.max_power = 20, \
 262}
 263
 264#define CHAN5G(_freq) { \
 265	.band = IEEE80211_BAND_5GHZ, \
 266	.center_freq = (_freq), \
 267	.hw_value = (_freq), \
 268	.max_power = 20, \
 269}
 270
 271static const struct ieee80211_channel hwsim_channels_2ghz[] = {
 272	CHAN2G(2412), /* Channel 1 */
 273	CHAN2G(2417), /* Channel 2 */
 274	CHAN2G(2422), /* Channel 3 */
 275	CHAN2G(2427), /* Channel 4 */
 276	CHAN2G(2432), /* Channel 5 */
 277	CHAN2G(2437), /* Channel 6 */
 278	CHAN2G(2442), /* Channel 7 */
 279	CHAN2G(2447), /* Channel 8 */
 280	CHAN2G(2452), /* Channel 9 */
 281	CHAN2G(2457), /* Channel 10 */
 282	CHAN2G(2462), /* Channel 11 */
 283	CHAN2G(2467), /* Channel 12 */
 284	CHAN2G(2472), /* Channel 13 */
 285	CHAN2G(2484), /* Channel 14 */
 286};
 287
 288static const struct ieee80211_channel hwsim_channels_5ghz[] = {
 289	CHAN5G(5180), /* Channel 36 */
 290	CHAN5G(5200), /* Channel 40 */
 291	CHAN5G(5220), /* Channel 44 */
 292	CHAN5G(5240), /* Channel 48 */
 293
 294	CHAN5G(5260), /* Channel 52 */
 295	CHAN5G(5280), /* Channel 56 */
 296	CHAN5G(5300), /* Channel 60 */
 297	CHAN5G(5320), /* Channel 64 */
 298
 299	CHAN5G(5500), /* Channel 100 */
 300	CHAN5G(5520), /* Channel 104 */
 301	CHAN5G(5540), /* Channel 108 */
 302	CHAN5G(5560), /* Channel 112 */
 303	CHAN5G(5580), /* Channel 116 */
 304	CHAN5G(5600), /* Channel 120 */
 305	CHAN5G(5620), /* Channel 124 */
 306	CHAN5G(5640), /* Channel 128 */
 307	CHAN5G(5660), /* Channel 132 */
 308	CHAN5G(5680), /* Channel 136 */
 309	CHAN5G(5700), /* Channel 140 */
 310
 311	CHAN5G(5745), /* Channel 149 */
 312	CHAN5G(5765), /* Channel 153 */
 313	CHAN5G(5785), /* Channel 157 */
 314	CHAN5G(5805), /* Channel 161 */
 315	CHAN5G(5825), /* Channel 165 */
 316};
 317
 318static const struct ieee80211_rate hwsim_rates[] = {
 319	{ .bitrate = 10 },
 320	{ .bitrate = 20, .flags = IEEE80211_RATE_SHORT_PREAMBLE },
 321	{ .bitrate = 55, .flags = IEEE80211_RATE_SHORT_PREAMBLE },
 322	{ .bitrate = 110, .flags = IEEE80211_RATE_SHORT_PREAMBLE },
 323	{ .bitrate = 60 },
 324	{ .bitrate = 90 },
 325	{ .bitrate = 120 },
 326	{ .bitrate = 180 },
 327	{ .bitrate = 240 },
 328	{ .bitrate = 360 },
 329	{ .bitrate = 480 },
 330	{ .bitrate = 540 }
 331};
 332
 333static const struct ieee80211_iface_limit hwsim_if_limits[] = {
 334	{ .max = 1, .types = BIT(NL80211_IFTYPE_ADHOC) },
 335	{ .max = 2048,  .types = BIT(NL80211_IFTYPE_STATION) |
 336				 BIT(NL80211_IFTYPE_P2P_CLIENT) |
 337#ifdef CONFIG_MAC80211_MESH
 338				 BIT(NL80211_IFTYPE_MESH_POINT) |
 339#endif
 340				 BIT(NL80211_IFTYPE_AP) |
 341				 BIT(NL80211_IFTYPE_P2P_GO) },
 342	/* must be last, see hwsim_if_comb */
 343	{ .max = 1, .types = BIT(NL80211_IFTYPE_P2P_DEVICE) }
 344};
 345
 346static const struct ieee80211_iface_limit hwsim_if_dfs_limits[] = {
 347	{ .max = 8, .types = BIT(NL80211_IFTYPE_AP) },
 348};
 349
 350static const struct ieee80211_iface_combination hwsim_if_comb[] = {
 351	{
 352		.limits = hwsim_if_limits,
 353		/* remove the last entry which is P2P_DEVICE */
 354		.n_limits = ARRAY_SIZE(hwsim_if_limits) - 1,
 355		.max_interfaces = 2048,
 356		.num_different_channels = 1,
 357	},
 358	{
 359		.limits = hwsim_if_dfs_limits,
 360		.n_limits = ARRAY_SIZE(hwsim_if_dfs_limits),
 361		.max_interfaces = 8,
 362		.num_different_channels = 1,
 363		.radar_detect_widths = BIT(NL80211_CHAN_WIDTH_20_NOHT) |
 364				       BIT(NL80211_CHAN_WIDTH_20) |
 365				       BIT(NL80211_CHAN_WIDTH_40) |
 366				       BIT(NL80211_CHAN_WIDTH_80) |
 367				       BIT(NL80211_CHAN_WIDTH_160),
 368	}
 369};
 370
 371static const struct ieee80211_iface_combination hwsim_if_comb_p2p_dev[] = {
 372	{
 373		.limits = hwsim_if_limits,
 374		.n_limits = ARRAY_SIZE(hwsim_if_limits),
 375		.max_interfaces = 2048,
 376		.num_different_channels = 1,
 377	},
 378	{
 379		.limits = hwsim_if_dfs_limits,
 380		.n_limits = ARRAY_SIZE(hwsim_if_dfs_limits),
 381		.max_interfaces = 8,
 382		.num_different_channels = 1,
 383		.radar_detect_widths = BIT(NL80211_CHAN_WIDTH_20_NOHT) |
 384				       BIT(NL80211_CHAN_WIDTH_20) |
 385				       BIT(NL80211_CHAN_WIDTH_40) |
 386				       BIT(NL80211_CHAN_WIDTH_80) |
 387				       BIT(NL80211_CHAN_WIDTH_160),
 388	}
 389};
 390
 391static spinlock_t hwsim_radio_lock;
 392static struct list_head hwsim_radios;
 393static int hwsim_radio_idx;
 394
 395static struct platform_driver mac80211_hwsim_driver = {
 396	.driver = {
 397		.name = "mac80211_hwsim",
 398	},
 399};
 400
 401struct mac80211_hwsim_data {
 402	struct list_head list;
 403	struct ieee80211_hw *hw;
 404	struct device *dev;
 405	struct ieee80211_supported_band bands[IEEE80211_NUM_BANDS];
 406	struct ieee80211_channel channels_2ghz[ARRAY_SIZE(hwsim_channels_2ghz)];
 407	struct ieee80211_channel channels_5ghz[ARRAY_SIZE(hwsim_channels_5ghz)];
 408	struct ieee80211_rate rates[ARRAY_SIZE(hwsim_rates)];
 409	struct ieee80211_iface_combination if_combination;
 410
 411	struct mac_address addresses[2];
 412	int channels, idx;
 413	bool use_chanctx;
 414	bool destroy_on_close;
 415	struct work_struct destroy_work;
 416	u32 portid;
 417	char alpha2[2];
 418	const struct ieee80211_regdomain *regd;
 419
 420	struct ieee80211_channel *tmp_chan;
 421	struct delayed_work roc_done;
 422	struct delayed_work hw_scan;
 423	struct cfg80211_scan_request *hw_scan_request;
 424	struct ieee80211_vif *hw_scan_vif;
 425	int scan_chan_idx;
 426	u8 scan_addr[ETH_ALEN];
 427
 428	struct ieee80211_channel *channel;
 429	u64 beacon_int	/* beacon interval in us */;
 430	unsigned int rx_filter;
 431	bool started, idle, scanning;
 432	struct mutex mutex;
 433	struct tasklet_hrtimer beacon_timer;
 434	enum ps_mode {
 435		PS_DISABLED, PS_ENABLED, PS_AUTO_POLL, PS_MANUAL_POLL
 436	} ps;
 437	bool ps_poll_pending;
 438	struct dentry *debugfs;
 439
 440	struct sk_buff_head pending;	/* packets pending */
 441	/*
 442	 * Only radios in the same group can communicate together (the
 443	 * channel has to match too). Each bit represents a group. A
 444	 * radio can be in more than one group.
 445	 */
 446	u64 group;
 447
 448	int power_level;
 449
 450	/* difference between this hw's clock and the real clock, in usecs */
 451	s64 tsf_offset;
 452	s64 bcn_delta;
 453	/* absolute beacon transmission time. Used to cover up "tx" delay. */
 454	u64 abs_bcn_ts;
 455
 456	/* Stats */
 457	u64 tx_pkts;
 458	u64 rx_pkts;
 459	u64 tx_bytes;
 460	u64 rx_bytes;
 461	u64 tx_dropped;
 462	u64 tx_failed;
 463};
 464
 465
 466struct hwsim_radiotap_hdr {
 467	struct ieee80211_radiotap_header hdr;
 468	__le64 rt_tsft;
 469	u8 rt_flags;
 470	u8 rt_rate;
 471	__le16 rt_channel;
 472	__le16 rt_chbitmask;
 473} __packed;
 474
 475struct hwsim_radiotap_ack_hdr {
 476	struct ieee80211_radiotap_header hdr;
 477	u8 rt_flags;
 478	u8 pad;
 479	__le16 rt_channel;
 480	__le16 rt_chbitmask;
 481} __packed;
 482
 483/* MAC80211_HWSIM netlinf family */
 484static struct genl_family hwsim_genl_family = {
 485	.id = GENL_ID_GENERATE,
 486	.hdrsize = 0,
 487	.name = "MAC80211_HWSIM",
 488	.version = 1,
 489	.maxattr = HWSIM_ATTR_MAX,
 490};
 491
 492enum hwsim_multicast_groups {
 493	HWSIM_MCGRP_CONFIG,
 494};
 495
 496static const struct genl_multicast_group hwsim_mcgrps[] = {
 497	[HWSIM_MCGRP_CONFIG] = { .name = "config", },
 498};
 499
 500/* MAC80211_HWSIM netlink policy */
 501
 502static const struct nla_policy hwsim_genl_policy[HWSIM_ATTR_MAX + 1] = {
 503	[HWSIM_ATTR_ADDR_RECEIVER] = { .type = NLA_UNSPEC, .len = ETH_ALEN },
 504	[HWSIM_ATTR_ADDR_TRANSMITTER] = { .type = NLA_UNSPEC, .len = ETH_ALEN },
 505	[HWSIM_ATTR_FRAME] = { .type = NLA_BINARY,
 506			       .len = IEEE80211_MAX_DATA_LEN },
 507	[HWSIM_ATTR_FLAGS] = { .type = NLA_U32 },
 508	[HWSIM_ATTR_RX_RATE] = { .type = NLA_U32 },
 509	[HWSIM_ATTR_SIGNAL] = { .type = NLA_U32 },
 510	[HWSIM_ATTR_TX_INFO] = { .type = NLA_UNSPEC,
 511				 .len = IEEE80211_TX_MAX_RATES *
 512					sizeof(struct hwsim_tx_rate)},
 513	[HWSIM_ATTR_COOKIE] = { .type = NLA_U64 },
 514	[HWSIM_ATTR_CHANNELS] = { .type = NLA_U32 },
 515	[HWSIM_ATTR_RADIO_ID] = { .type = NLA_U32 },
 516	[HWSIM_ATTR_REG_HINT_ALPHA2] = { .type = NLA_STRING, .len = 2 },
 517	[HWSIM_ATTR_REG_CUSTOM_REG] = { .type = NLA_U32 },
 518	[HWSIM_ATTR_REG_STRICT_REG] = { .type = NLA_FLAG },
 519	[HWSIM_ATTR_SUPPORT_P2P_DEVICE] = { .type = NLA_FLAG },
 520	[HWSIM_ATTR_DESTROY_RADIO_ON_CLOSE] = { .type = NLA_FLAG },
 521	[HWSIM_ATTR_RADIO_NAME] = { .type = NLA_STRING },
 522	[HWSIM_ATTR_NO_VIF] = { .type = NLA_FLAG },
 523	[HWSIM_ATTR_FREQ] = { .type = NLA_U32 },
 524};
 525
 526static void mac80211_hwsim_tx_frame(struct ieee80211_hw *hw,
 527				    struct sk_buff *skb,
 528				    struct ieee80211_channel *chan);
 529
 530/* sysfs attributes */
 531static void hwsim_send_ps_poll(void *dat, u8 *mac, struct ieee80211_vif *vif)
 532{
 533	struct mac80211_hwsim_data *data = dat;
 534	struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
 535	struct sk_buff *skb;
 536	struct ieee80211_pspoll *pspoll;
 537
 538	if (!vp->assoc)
 539		return;
 540
 541	wiphy_debug(data->hw->wiphy,
 542		    "%s: send PS-Poll to %pM for aid %d\n",
 543		    __func__, vp->bssid, vp->aid);
 544
 545	skb = dev_alloc_skb(sizeof(*pspoll));
 546	if (!skb)
 547		return;
 548	pspoll = (void *) skb_put(skb, sizeof(*pspoll));
 549	pspoll->frame_control = cpu_to_le16(IEEE80211_FTYPE_CTL |
 550					    IEEE80211_STYPE_PSPOLL |
 551					    IEEE80211_FCTL_PM);
 552	pspoll->aid = cpu_to_le16(0xc000 | vp->aid);
 553	memcpy(pspoll->bssid, vp->bssid, ETH_ALEN);
 554	memcpy(pspoll->ta, mac, ETH_ALEN);
 555
 556	rcu_read_lock();
 557	mac80211_hwsim_tx_frame(data->hw, skb,
 558				rcu_dereference(vif->chanctx_conf)->def.chan);
 559	rcu_read_unlock();
 560}
 561
 562static void hwsim_send_nullfunc(struct mac80211_hwsim_data *data, u8 *mac,
 563				struct ieee80211_vif *vif, int ps)
 564{
 565	struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
 566	struct sk_buff *skb;
 567	struct ieee80211_hdr *hdr;
 568
 569	if (!vp->assoc)
 570		return;
 571
 572	wiphy_debug(data->hw->wiphy,
 573		    "%s: send data::nullfunc to %pM ps=%d\n",
 574		    __func__, vp->bssid, ps);
 575
 576	skb = dev_alloc_skb(sizeof(*hdr));
 577	if (!skb)
 578		return;
 579	hdr = (void *) skb_put(skb, sizeof(*hdr) - ETH_ALEN);
 580	hdr->frame_control = cpu_to_le16(IEEE80211_FTYPE_DATA |
 581					 IEEE80211_STYPE_NULLFUNC |
 582					 (ps ? IEEE80211_FCTL_PM : 0));
 583	hdr->duration_id = cpu_to_le16(0);
 584	memcpy(hdr->addr1, vp->bssid, ETH_ALEN);
 585	memcpy(hdr->addr2, mac, ETH_ALEN);
 586	memcpy(hdr->addr3, vp->bssid, ETH_ALEN);
 587
 588	rcu_read_lock();
 589	mac80211_hwsim_tx_frame(data->hw, skb,
 590				rcu_dereference(vif->chanctx_conf)->def.chan);
 591	rcu_read_unlock();
 592}
 593
 594
 595static void hwsim_send_nullfunc_ps(void *dat, u8 *mac,
 596				   struct ieee80211_vif *vif)
 597{
 598	struct mac80211_hwsim_data *data = dat;
 599	hwsim_send_nullfunc(data, mac, vif, 1);
 600}
 601
 602static void hwsim_send_nullfunc_no_ps(void *dat, u8 *mac,
 603				      struct ieee80211_vif *vif)
 604{
 605	struct mac80211_hwsim_data *data = dat;
 606	hwsim_send_nullfunc(data, mac, vif, 0);
 607}
 608
 609static int hwsim_fops_ps_read(void *dat, u64 *val)
 610{
 611	struct mac80211_hwsim_data *data = dat;
 612	*val = data->ps;
 613	return 0;
 614}
 615
 616static int hwsim_fops_ps_write(void *dat, u64 val)
 617{
 618	struct mac80211_hwsim_data *data = dat;
 619	enum ps_mode old_ps;
 620
 621	if (val != PS_DISABLED && val != PS_ENABLED && val != PS_AUTO_POLL &&
 622	    val != PS_MANUAL_POLL)
 623		return -EINVAL;
 624
 625	old_ps = data->ps;
 626	data->ps = val;
 627
 628	local_bh_disable();
 629	if (val == PS_MANUAL_POLL) {
 630		ieee80211_iterate_active_interfaces_atomic(
 631			data->hw, IEEE80211_IFACE_ITER_NORMAL,
 632			hwsim_send_ps_poll, data);
 633		data->ps_poll_pending = true;
 634	} else if (old_ps == PS_DISABLED && val != PS_DISABLED) {
 635		ieee80211_iterate_active_interfaces_atomic(
 636			data->hw, IEEE80211_IFACE_ITER_NORMAL,
 637			hwsim_send_nullfunc_ps, data);
 638	} else if (old_ps != PS_DISABLED && val == PS_DISABLED) {
 639		ieee80211_iterate_active_interfaces_atomic(
 640			data->hw, IEEE80211_IFACE_ITER_NORMAL,
 641			hwsim_send_nullfunc_no_ps, data);
 642	}
 643	local_bh_enable();
 644
 645	return 0;
 646}
 647
 648DEFINE_SIMPLE_ATTRIBUTE(hwsim_fops_ps, hwsim_fops_ps_read, hwsim_fops_ps_write,
 649			"%llu\n");
 650
 651static int hwsim_write_simulate_radar(void *dat, u64 val)
 652{
 653	struct mac80211_hwsim_data *data = dat;
 654
 655	ieee80211_radar_detected(data->hw);
 656
 657	return 0;
 658}
 659
 660DEFINE_SIMPLE_ATTRIBUTE(hwsim_simulate_radar, NULL,
 661			hwsim_write_simulate_radar, "%llu\n");
 662
 663static int hwsim_fops_group_read(void *dat, u64 *val)
 664{
 665	struct mac80211_hwsim_data *data = dat;
 666	*val = data->group;
 667	return 0;
 668}
 669
 670static int hwsim_fops_group_write(void *dat, u64 val)
 671{
 672	struct mac80211_hwsim_data *data = dat;
 673	data->group = val;
 674	return 0;
 675}
 676
 677DEFINE_SIMPLE_ATTRIBUTE(hwsim_fops_group,
 678			hwsim_fops_group_read, hwsim_fops_group_write,
 679			"%llx\n");
 680
 681static netdev_tx_t hwsim_mon_xmit(struct sk_buff *skb,
 682					struct net_device *dev)
 683{
 684	/* TODO: allow packet injection */
 685	dev_kfree_skb(skb);
 686	return NETDEV_TX_OK;
 687}
 688
 689static inline u64 mac80211_hwsim_get_tsf_raw(void)
 690{
 691	return ktime_to_us(ktime_get_real());
 692}
 693
 694static __le64 __mac80211_hwsim_get_tsf(struct mac80211_hwsim_data *data)
 695{
 696	u64 now = mac80211_hwsim_get_tsf_raw();
 697	return cpu_to_le64(now + data->tsf_offset);
 698}
 699
 700static u64 mac80211_hwsim_get_tsf(struct ieee80211_hw *hw,
 701				  struct ieee80211_vif *vif)
 702{
 703	struct mac80211_hwsim_data *data = hw->priv;
 704	return le64_to_cpu(__mac80211_hwsim_get_tsf(data));
 705}
 706
 707static void mac80211_hwsim_set_tsf(struct ieee80211_hw *hw,
 708		struct ieee80211_vif *vif, u64 tsf)
 709{
 710	struct mac80211_hwsim_data *data = hw->priv;
 711	u64 now = mac80211_hwsim_get_tsf(hw, vif);
 712	u32 bcn_int = data->beacon_int;
 713	u64 delta = abs64(tsf - now);
 714
 715	/* adjust after beaconing with new timestamp at old TBTT */
 716	if (tsf > now) {
 717		data->tsf_offset += delta;
 718		data->bcn_delta = do_div(delta, bcn_int);
 719	} else {
 720		data->tsf_offset -= delta;
 721		data->bcn_delta = -do_div(delta, bcn_int);
 722	}
 723}
 724
 725static void mac80211_hwsim_monitor_rx(struct ieee80211_hw *hw,
 726				      struct sk_buff *tx_skb,
 727				      struct ieee80211_channel *chan)
 728{
 729	struct mac80211_hwsim_data *data = hw->priv;
 730	struct sk_buff *skb;
 731	struct hwsim_radiotap_hdr *hdr;
 732	u16 flags;
 733	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(tx_skb);
 734	struct ieee80211_rate *txrate = ieee80211_get_tx_rate(hw, info);
 735
 736	if (!netif_running(hwsim_mon))
 737		return;
 738
 739	skb = skb_copy_expand(tx_skb, sizeof(*hdr), 0, GFP_ATOMIC);
 740	if (skb == NULL)
 741		return;
 742
 743	hdr = (struct hwsim_radiotap_hdr *) skb_push(skb, sizeof(*hdr));
 744	hdr->hdr.it_version = PKTHDR_RADIOTAP_VERSION;
 745	hdr->hdr.it_pad = 0;
 746	hdr->hdr.it_len = cpu_to_le16(sizeof(*hdr));
 747	hdr->hdr.it_present = cpu_to_le32((1 << IEEE80211_RADIOTAP_FLAGS) |
 748					  (1 << IEEE80211_RADIOTAP_RATE) |
 749					  (1 << IEEE80211_RADIOTAP_TSFT) |
 750					  (1 << IEEE80211_RADIOTAP_CHANNEL));
 751	hdr->rt_tsft = __mac80211_hwsim_get_tsf(data);
 752	hdr->rt_flags = 0;
 753	hdr->rt_rate = txrate->bitrate / 5;
 754	hdr->rt_channel = cpu_to_le16(chan->center_freq);
 755	flags = IEEE80211_CHAN_2GHZ;
 756	if (txrate->flags & IEEE80211_RATE_ERP_G)
 757		flags |= IEEE80211_CHAN_OFDM;
 758	else
 759		flags |= IEEE80211_CHAN_CCK;
 760	hdr->rt_chbitmask = cpu_to_le16(flags);
 761
 762	skb->dev = hwsim_mon;
 763	skb_set_mac_header(skb, 0);
 764	skb->ip_summed = CHECKSUM_UNNECESSARY;
 765	skb->pkt_type = PACKET_OTHERHOST;
 766	skb->protocol = htons(ETH_P_802_2);
 767	memset(skb->cb, 0, sizeof(skb->cb));
 768	netif_rx(skb);
 769}
 770
 771
 772static void mac80211_hwsim_monitor_ack(struct ieee80211_channel *chan,
 773				       const u8 *addr)
 774{
 775	struct sk_buff *skb;
 776	struct hwsim_radiotap_ack_hdr *hdr;
 777	u16 flags;
 778	struct ieee80211_hdr *hdr11;
 779
 780	if (!netif_running(hwsim_mon))
 781		return;
 782
 783	skb = dev_alloc_skb(100);
 784	if (skb == NULL)
 785		return;
 786
 787	hdr = (struct hwsim_radiotap_ack_hdr *) skb_put(skb, sizeof(*hdr));
 788	hdr->hdr.it_version = PKTHDR_RADIOTAP_VERSION;
 789	hdr->hdr.it_pad = 0;
 790	hdr->hdr.it_len = cpu_to_le16(sizeof(*hdr));
 791	hdr->hdr.it_present = cpu_to_le32((1 << IEEE80211_RADIOTAP_FLAGS) |
 792					  (1 << IEEE80211_RADIOTAP_CHANNEL));
 793	hdr->rt_flags = 0;
 794	hdr->pad = 0;
 795	hdr->rt_channel = cpu_to_le16(chan->center_freq);
 796	flags = IEEE80211_CHAN_2GHZ;
 797	hdr->rt_chbitmask = cpu_to_le16(flags);
 798
 799	hdr11 = (struct ieee80211_hdr *) skb_put(skb, 10);
 800	hdr11->frame_control = cpu_to_le16(IEEE80211_FTYPE_CTL |
 801					   IEEE80211_STYPE_ACK);
 802	hdr11->duration_id = cpu_to_le16(0);
 803	memcpy(hdr11->addr1, addr, ETH_ALEN);
 804
 805	skb->dev = hwsim_mon;
 806	skb_set_mac_header(skb, 0);
 807	skb->ip_summed = CHECKSUM_UNNECESSARY;
 808	skb->pkt_type = PACKET_OTHERHOST;
 809	skb->protocol = htons(ETH_P_802_2);
 810	memset(skb->cb, 0, sizeof(skb->cb));
 811	netif_rx(skb);
 812}
 813
 814struct mac80211_hwsim_addr_match_data {
 815	u8 addr[ETH_ALEN];
 816	bool ret;
 817};
 818
 819static void mac80211_hwsim_addr_iter(void *data, u8 *mac,
 820				     struct ieee80211_vif *vif)
 821{
 822	struct mac80211_hwsim_addr_match_data *md = data;
 823
 824	if (memcmp(mac, md->addr, ETH_ALEN) == 0)
 825		md->ret = true;
 826}
 827
 828static bool mac80211_hwsim_addr_match(struct mac80211_hwsim_data *data,
 829				      const u8 *addr)
 830{
 831	struct mac80211_hwsim_addr_match_data md = {
 832		.ret = false,
 833	};
 834
 835	if (data->scanning && memcmp(addr, data->scan_addr, ETH_ALEN) == 0)
 836		return true;
 837
 838	memcpy(md.addr, addr, ETH_ALEN);
 839
 840	ieee80211_iterate_active_interfaces_atomic(data->hw,
 841						   IEEE80211_IFACE_ITER_NORMAL,
 842						   mac80211_hwsim_addr_iter,
 843						   &md);
 844
 845	return md.ret;
 846}
 847
 848static bool hwsim_ps_rx_ok(struct mac80211_hwsim_data *data,
 849			   struct sk_buff *skb)
 850{
 851	switch (data->ps) {
 852	case PS_DISABLED:
 853		return true;
 854	case PS_ENABLED:
 855		return false;
 856	case PS_AUTO_POLL:
 857		/* TODO: accept (some) Beacons by default and other frames only
 858		 * if pending PS-Poll has been sent */
 859		return true;
 860	case PS_MANUAL_POLL:
 861		/* Allow unicast frames to own address if there is a pending
 862		 * PS-Poll */
 863		if (data->ps_poll_pending &&
 864		    mac80211_hwsim_addr_match(data, skb->data + 4)) {
 865			data->ps_poll_pending = false;
 866			return true;
 867		}
 868		return false;
 869	}
 870
 871	return true;
 872}
 873
 874static void mac80211_hwsim_tx_frame_nl(struct ieee80211_hw *hw,
 875				       struct sk_buff *my_skb,
 876				       int dst_portid)
 877{
 878	struct sk_buff *skb;
 879	struct mac80211_hwsim_data *data = hw->priv;
 880	struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) my_skb->data;
 881	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(my_skb);
 882	void *msg_head;
 883	unsigned int hwsim_flags = 0;
 884	int i;
 885	struct hwsim_tx_rate tx_attempts[IEEE80211_TX_MAX_RATES];
 886
 887	if (data->ps != PS_DISABLED)
 888		hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PM);
 889	/* If the queue contains MAX_QUEUE skb's drop some */
 890	if (skb_queue_len(&data->pending) >= MAX_QUEUE) {
 891		/* Droping until WARN_QUEUE level */
 892		while (skb_queue_len(&data->pending) >= WARN_QUEUE) {
 893			ieee80211_free_txskb(hw, skb_dequeue(&data->pending));
 894			data->tx_dropped++;
 895		}
 896	}
 897
 898	skb = genlmsg_new(GENLMSG_DEFAULT_SIZE, GFP_ATOMIC);
 899	if (skb == NULL)
 900		goto nla_put_failure;
 901
 902	msg_head = genlmsg_put(skb, 0, 0, &hwsim_genl_family, 0,
 903			       HWSIM_CMD_FRAME);
 904	if (msg_head == NULL) {
 905		printk(KERN_DEBUG "mac80211_hwsim: problem with msg_head\n");
 906		goto nla_put_failure;
 907	}
 908
 909	if (nla_put(skb, HWSIM_ATTR_ADDR_TRANSMITTER,
 910		    ETH_ALEN, data->addresses[1].addr))
 911		goto nla_put_failure;
 912
 913	/* We get the skb->data */
 914	if (nla_put(skb, HWSIM_ATTR_FRAME, my_skb->len, my_skb->data))
 915		goto nla_put_failure;
 916
 917	/* We get the flags for this transmission, and we translate them to
 918	   wmediumd flags  */
 919
 920	if (info->flags & IEEE80211_TX_CTL_REQ_TX_STATUS)
 921		hwsim_flags |= HWSIM_TX_CTL_REQ_TX_STATUS;
 922
 923	if (info->flags & IEEE80211_TX_CTL_NO_ACK)
 924		hwsim_flags |= HWSIM_TX_CTL_NO_ACK;
 925
 926	if (nla_put_u32(skb, HWSIM_ATTR_FLAGS, hwsim_flags))
 927		goto nla_put_failure;
 928
 929	if (nla_put_u32(skb, HWSIM_ATTR_FREQ, data->channel->center_freq))
 930		goto nla_put_failure;
 931
 932	/* We get the tx control (rate and retries) info*/
 933
 934	for (i = 0; i < IEEE80211_TX_MAX_RATES; i++) {
 935		tx_attempts[i].idx = info->status.rates[i].idx;
 936		tx_attempts[i].count = info->status.rates[i].count;
 937	}
 938
 939	if (nla_put(skb, HWSIM_ATTR_TX_INFO,
 940		    sizeof(struct hwsim_tx_rate)*IEEE80211_TX_MAX_RATES,
 941		    tx_attempts))
 942		goto nla_put_failure;
 943
 944	/* We create a cookie to identify this skb */
 945	if (nla_put_u64(skb, HWSIM_ATTR_COOKIE, (unsigned long) my_skb))
 946		goto nla_put_failure;
 947
 948	genlmsg_end(skb, msg_head);
 949	genlmsg_unicast(&init_net, skb, dst_portid);
 950
 951	/* Enqueue the packet */
 952	skb_queue_tail(&data->pending, my_skb);
 953	data->tx_pkts++;
 954	data->tx_bytes += my_skb->len;
 955	return;
 956
 957nla_put_failure:
 958	printk(KERN_DEBUG "mac80211_hwsim: error occurred in %s\n", __func__);
 959	ieee80211_free_txskb(hw, my_skb);
 960	data->tx_failed++;
 961}
 962
 963static bool hwsim_chans_compat(struct ieee80211_channel *c1,
 964			       struct ieee80211_channel *c2)
 965{
 966	if (!c1 || !c2)
 967		return false;
 968
 969	return c1->center_freq == c2->center_freq;
 970}
 971
 972struct tx_iter_data {
 973	struct ieee80211_channel *channel;
 974	bool receive;
 975};
 976
 977static void mac80211_hwsim_tx_iter(void *_data, u8 *addr,
 978				   struct ieee80211_vif *vif)
 979{
 980	struct tx_iter_data *data = _data;
 981
 982	if (!vif->chanctx_conf)
 983		return;
 984
 985	if (!hwsim_chans_compat(data->channel,
 986				rcu_dereference(vif->chanctx_conf)->def.chan))
 987		return;
 988
 989	data->receive = true;
 990}
 991
 992static void mac80211_hwsim_add_vendor_rtap(struct sk_buff *skb)
 993{
 994	/*
 995	 * To enable this code, #define the HWSIM_RADIOTAP_OUI,
 996	 * e.g. like this:
 997	 * #define HWSIM_RADIOTAP_OUI "\x02\x00\x00"
 998	 * (but you should use a valid OUI, not that)
 999	 *
1000	 * If anyone wants to 'donate' a radiotap OUI/subns code
1001	 * please send a patch removing this #ifdef and changing
1002	 * the values accordingly.
1003	 */
1004#ifdef HWSIM_RADIOTAP_OUI
1005	struct ieee80211_vendor_radiotap *rtap;
1006
1007	/*
1008	 * Note that this code requires the headroom in the SKB
1009	 * that was allocated earlier.
1010	 */
1011	rtap = (void *)skb_push(skb, sizeof(*rtap) + 8 + 4);
1012	rtap->oui[0] = HWSIM_RADIOTAP_OUI[0];
1013	rtap->oui[1] = HWSIM_RADIOTAP_OUI[1];
1014	rtap->oui[2] = HWSIM_RADIOTAP_OUI[2];
1015	rtap->subns = 127;
1016
1017	/*
1018	 * Radiotap vendor namespaces can (and should) also be
1019	 * split into fields by using the standard radiotap
1020	 * presence bitmap mechanism. Use just BIT(0) here for
1021	 * the presence bitmap.
1022	 */
1023	rtap->present = BIT(0);
1024	/* We have 8 bytes of (dummy) data */
1025	rtap->len = 8;
1026	/* For testing, also require it to be aligned */
1027	rtap->align = 8;
1028	/* And also test that padding works, 4 bytes */
1029	rtap->pad = 4;
1030	/* push the data */
1031	memcpy(rtap->data, "ABCDEFGH", 8);
1032	/* make sure to clear padding, mac80211 doesn't */
1033	memset(rtap->data + 8, 0, 4);
1034
1035	IEEE80211_SKB_RXCB(skb)->flag |= RX_FLAG_RADIOTAP_VENDOR_DATA;
1036#endif
1037}
1038
1039static bool mac80211_hwsim_tx_frame_no_nl(struct ieee80211_hw *hw,
1040					  struct sk_buff *skb,
1041					  struct ieee80211_channel *chan)
1042{
1043	struct mac80211_hwsim_data *data = hw->priv, *data2;
1044	bool ack = false;
1045	struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
1046	struct ieee80211_tx_info *info = IEEE80211_SKB_CB(skb);
1047	struct ieee80211_rx_status rx_status;
1048	u64 now;
1049
1050	memset(&rx_status, 0, sizeof(rx_status));
1051	rx_status.flag |= RX_FLAG_MACTIME_START;
1052	rx_status.freq = chan->center_freq;
1053	rx_status.band = chan->band;
1054	if (info->control.rates[0].flags & IEEE80211_TX_RC_VHT_MCS) {
1055		rx_status.rate_idx =
1056			ieee80211_rate_get_vht_mcs(&info->control.rates[0]);
1057		rx_status.vht_nss =
1058			ieee80211_rate_get_vht_nss(&info->control.rates[0]);
1059		rx_status.flag |= RX_FLAG_VHT;
1060	} else {
1061		rx_status.rate_idx = info->control.rates[0].idx;
1062		if (info->control.rates[0].flags & IEEE80211_TX_RC_MCS)
1063			rx_status.flag |= RX_FLAG_HT;
1064	}
1065	if (info->control.rates[0].flags & IEEE80211_TX_RC_40_MHZ_WIDTH)
1066		rx_status.flag |= RX_FLAG_40MHZ;
1067	if (info->control.rates[0].flags & IEEE80211_TX_RC_SHORT_GI)
1068		rx_status.flag |= RX_FLAG_SHORT_GI;
1069	/* TODO: simulate real signal strength (and optional packet loss) */
1070	rx_status.signal = data->power_level - 50;
1071
1072	if (data->ps != PS_DISABLED)
1073		hdr->frame_control |= cpu_to_le16(IEEE80211_FCTL_PM);
1074
1075	/* release the skb's source info */
1076	skb_orphan(skb);
1077	skb_dst_drop(skb);
1078	skb->mark = 0;
1079	secpath_reset(skb);
1080	nf_reset(skb);
1081
1082	/*
1083	 * Get absolute mactime here so all HWs RX at the "same time", and
1084	 * absolute TX time for beacon mactime so the timestamp matches.
1085	 * Giving beacons a different mactime than non-beacons looks messy, but
1086	 * it helps the Toffset be exact and a ~10us mactime discrepancy
1087	 * probably doesn't really matter.
1088	 */
1089	if (ieee80211_is_beacon(hdr->frame_control) ||
1090	    ieee80211_is_probe_resp(hdr->frame_control))
1091		now = data->abs_bcn_ts;
1092	else
1093		now = mac80211_hwsim_get_tsf_raw();
1094
1095	/* Copy skb to all enabled radios that are on the current frequency */
1096	spin_lock(&hwsim_radio_lock);
1097	list_for_each_entry(data2, &hwsim_radios, list) {
1098		struct sk_buff *nskb;
1099		struct tx_iter_data tx_iter_data = {
1100			.receive = false,
1101			.channel = chan,
1102		};
1103
1104		if (data == data2)
1105			continue;
1106
1107		if (!data2->started || (data2->idle && !data2->tmp_chan) ||
1108		    !hwsim_ps_rx_ok(data2, skb))
1109			continue;
1110
1111		if (!(data->group & data2->group))
1112			continue;
1113
1114		if (!hwsim_chans_compat(chan, data2->tmp_chan) &&
1115		    !hwsim_chans_compat(chan, data2->channel)) {
1116			ieee80211_iterate_active_interfaces_atomic(
1117				data2->hw, IEEE80211_IFACE_ITER_NORMAL,
1118				mac80211_hwsim_tx_iter, &tx_iter_data);
1119			if (!tx_iter_data.receive)
1120				continue;
1121		}
1122
1123		/*
1124		 * reserve some space for our vendor and the normal
1125		 * radiotap header, since we're copying anyway
1126		 */
1127		if (skb->len < PAGE_SIZE && paged_rx) {
1128			struct page *page = alloc_page(GFP_ATOMIC);
1129
1130			if (!page)
1131				continue;
1132
1133			nskb = dev_alloc_skb(128);
1134			if (!nskb) {
1135				__free_page(page);
1136				continue;
1137			}
1138
1139			memcpy(page_address(page), skb->data, skb->len);
1140			skb_add_rx_frag(nskb, 0, page, 0, skb->len, skb->len);
1141		} else {
1142			nskb = skb_copy(skb, GFP_ATOMIC);
1143			if (!nskb)
1144				continue;
1145		}
1146
1147		if (mac80211_hwsim_addr_match(data2, hdr->addr1))
1148			ack = true;
1149
1150		rx_status.mactime = now + data2->tsf_offset;
1151
1152		memcpy(IEEE80211_SKB_RXCB(nskb), &rx_status, sizeof(rx_status));
1153
1154		mac80211_hwsim_add_vendor_rtap(nskb);
1155
1156		data2->rx_pkts++;
1157		data2->rx_bytes += nskb->len;
1158		ieee80211_rx_irqsafe(data2->hw, nskb);
1159	}
1160	spin_unlock(&hwsim_radio_lock);
1161
1162	return ack;
1163}
1164
1165static void mac80211_hwsim_tx(struct ieee80211_hw *hw,
1166			      struct ieee80211_tx_control *control,
1167			      struct sk_buff *skb)
1168{
1169	struct mac80211_hwsim_data *data = hw->priv;
1170	struct ieee80211_tx_info *txi = IEEE80211_SKB_CB(skb);
1171	struct ieee80211_chanctx_conf *chanctx_conf;
1172	struct ieee80211_channel *channel;
1173	bool ack;
1174	u32 _portid;
1175
1176	if (WARN_ON(skb->len < 10)) {
1177		/* Should not happen; just a sanity check for addr1 use */
1178		ieee80211_free_txskb(hw, skb);
1179		return;
1180	}
1181
1182	if (!data->use_chanctx) {
1183		channel = data->channel;
1184	} else if (txi->hw_queue == 4) {
1185		channel = data->tmp_chan;
1186	} else {
1187		chanctx_conf = rcu_dereference(txi->control.vif->chanctx_conf);
1188		if (chanctx_conf)
1189			channel = chanctx_conf->def.chan;
1190		else
1191			channel = NULL;
1192	}
1193
1194	if (WARN(!channel, "TX w/o channel - queue = %d\n", txi->hw_queue)) {
1195		ieee80211_free_txskb(hw, skb);
1196		return;
1197	}
1198
1199	if (data->idle && !data->tmp_chan) {
1200		wiphy_debug(hw->wiphy, "Trying to TX when idle - reject\n");
1201		ieee80211_free_txskb(hw, skb);
1202		return;
1203	}
1204
1205	if (txi->control.vif)
1206		hwsim_check_magic(txi->control.vif);
1207	if (control->sta)
1208		hwsim_check_sta_magic(control->sta);
1209
1210	if (hw->flags & IEEE80211_HW_SUPPORTS_RC_TABLE)
1211		ieee80211_get_tx_rates(txi->control.vif, control->sta, skb,
1212				       txi->control.rates,
1213				       ARRAY_SIZE(txi->control.rates));
1214
1215	txi->rate_driver_data[0] = channel;
1216	mac80211_hwsim_monitor_rx(hw, skb, channel);
1217
1218	/* wmediumd mode check */
1219	_portid = ACCESS_ONCE(wmediumd_portid);
1220
1221	if (_portid)
1222		return mac80211_hwsim_tx_frame_nl(hw, skb, _portid);
1223
1224	/* NO wmediumd detected, perfect medium simulation */
1225	data->tx_pkts++;
1226	data->tx_bytes += skb->len;
1227	ack = mac80211_hwsim_tx_frame_no_nl(hw, skb, channel);
1228
1229	if (ack && skb->len >= 16) {
1230		struct ieee80211_hdr *hdr = (struct ieee80211_hdr *) skb->data;
1231		mac80211_hwsim_monitor_ack(channel, hdr->addr2);
1232	}
1233
1234	ieee80211_tx_info_clear_status(txi);
1235
1236	/* frame was transmitted at most favorable rate at first attempt */
1237	txi->control.rates[0].count = 1;
1238	txi->control.rates[1].idx = -1;
1239
1240	if (!(txi->flags & IEEE80211_TX_CTL_NO_ACK) && ack)
1241		txi->flags |= IEEE80211_TX_STAT_ACK;
1242	ieee80211_tx_status_irqsafe(hw, skb);
1243}
1244
1245
1246static int mac80211_hwsim_start(struct ieee80211_hw *hw)
1247{
1248	struct mac80211_hwsim_data *data = hw->priv;
1249	wiphy_debug(hw->wiphy, "%s\n", __func__);
1250	data->started = true;
1251	return 0;
1252}
1253
1254
1255static void mac80211_hwsim_stop(struct ieee80211_hw *hw)
1256{
1257	struct mac80211_hwsim_data *data = hw->priv;
1258	data->started = false;
1259	tasklet_hrtimer_cancel(&data->beacon_timer);
1260	wiphy_debug(hw->wiphy, "%s\n", __func__);
1261}
1262
1263
1264static int mac80211_hwsim_add_interface(struct ieee80211_hw *hw,
1265					struct ieee80211_vif *vif)
1266{
1267	wiphy_debug(hw->wiphy, "%s (type=%d mac_addr=%pM)\n",
1268		    __func__, ieee80211_vif_type_p2p(vif),
1269		    vif->addr);
1270	hwsim_set_magic(vif);
1271
1272	vif->cab_queue = 0;
1273	vif->hw_queue[IEEE80211_AC_VO] = 0;
1274	vif->hw_queue[IEEE80211_AC_VI] = 1;
1275	vif->hw_queue[IEEE80211_AC_BE] = 2;
1276	vif->hw_queue[IEEE80211_AC_BK] = 3;
1277
1278	return 0;
1279}
1280
1281
1282static int mac80211_hwsim_change_interface(struct ieee80211_hw *hw,
1283					   struct ieee80211_vif *vif,
1284					   enum nl80211_iftype newtype,
1285					   bool newp2p)
1286{
1287	newtype = ieee80211_iftype_p2p(newtype, newp2p);
1288	wiphy_debug(hw->wiphy,
1289		    "%s (old type=%d, new type=%d, mac_addr=%pM)\n",
1290		    __func__, ieee80211_vif_type_p2p(vif),
1291		    newtype, vif->addr);
1292	hwsim_check_magic(vif);
1293
1294	/*
1295	 * interface may change from non-AP to AP in
1296	 * which case this needs to be set up again
1297	 */
1298	vif->cab_queue = 0;
1299
1300	return 0;
1301}
1302
1303static void mac80211_hwsim_remove_interface(
1304	struct ieee80211_hw *hw, struct ieee80211_vif *vif)
1305{
1306	wiphy_debug(hw->wiphy, "%s (type=%d mac_addr=%pM)\n",
1307		    __func__, ieee80211_vif_type_p2p(vif),
1308		    vif->addr);
1309	hwsim_check_magic(vif);
1310	hwsim_clear_magic(vif);
1311}
1312
1313static void mac80211_hwsim_tx_frame(struct ieee80211_hw *hw,
1314				    struct sk_buff *skb,
1315				    struct ieee80211_channel *chan)
1316{
1317	u32 _pid = ACCESS_ONCE(wmediumd_portid);
1318
1319	if (hw->flags & IEEE80211_HW_SUPPORTS_RC_TABLE) {
1320		struct ieee80211_tx_info *txi = IEEE80211_SKB_CB(skb);
1321		ieee80211_get_tx_rates(txi->control.vif, NULL, skb,
1322				       txi->control.rates,
1323				       ARRAY_SIZE(txi->control.rates));
1324	}
1325
1326	mac80211_hwsim_monitor_rx(hw, skb, chan);
1327
1328	if (_pid)
1329		return mac80211_hwsim_tx_frame_nl(hw, skb, _pid);
1330
1331	mac80211_hwsim_tx_frame_no_nl(hw, skb, chan);
1332	dev_kfree_skb(skb);
1333}
1334
1335static void mac80211_hwsim_beacon_tx(void *arg, u8 *mac,
1336				     struct ieee80211_vif *vif)
1337{
1338	struct mac80211_hwsim_data *data = arg;
1339	struct ieee80211_hw *hw = data->hw;
1340	struct ieee80211_tx_info *info;
1341	struct ieee80211_rate *txrate;
1342	struct ieee80211_mgmt *mgmt;
1343	struct sk_buff *skb;
1344
1345	hwsim_check_magic(vif);
1346
1347	if (vif->type != NL80211_IFTYPE_AP &&
1348	    vif->type != NL80211_IFTYPE_MESH_POINT &&
1349	    vif->type != NL80211_IFTYPE_ADHOC)
1350		return;
1351
1352	skb = ieee80211_beacon_get(hw, vif);
1353	if (skb == NULL)
1354		return;
1355	info = IEEE80211_SKB_CB(skb);
1356	if (hw->flags & IEEE80211_HW_SUPPORTS_RC_TABLE)
1357		ieee80211_get_tx_rates(vif, NULL, skb,
1358				       info->control.rates,
1359				       ARRAY_SIZE(info->control.rates));
1360
1361	txrate = ieee80211_get_tx_rate(hw, info);
1362
1363	mgmt = (struct ieee80211_mgmt *) skb->data;
1364	/* fake header transmission time */
1365	data->abs_bcn_ts = mac80211_hwsim_get_tsf_raw();
1366	mgmt->u.beacon.timestamp = cpu_to_le64(data->abs_bcn_ts +
1367					       data->tsf_offset +
1368					       24 * 8 * 10 / txrate->bitrate);
1369
1370	mac80211_hwsim_tx_frame(hw, skb,
1371				rcu_dereference(vif->chanctx_conf)->def.chan);
1372
1373	if (vif->csa_active && ieee80211_csa_is_complete(vif))
1374		ieee80211_csa_finish(vif);
1375}
1376
1377static enum hrtimer_restart
1378mac80211_hwsim_beacon(struct hrtimer *timer)
1379{
1380	struct mac80211_hwsim_data *data =
1381		container_of(timer, struct mac80211_hwsim_data,
1382			     beacon_timer.timer);
1383	struct ieee80211_hw *hw = data->hw;
1384	u64 bcn_int = data->beacon_int;
1385	ktime_t next_bcn;
1386
1387	if (!data->started)
1388		goto out;
1389
1390	ieee80211_iterate_active_interfaces_atomic(
1391		hw, IEEE80211_IFACE_ITER_NORMAL,
1392		mac80211_hwsim_beacon_tx, data);
1393
1394	/* beacon at new TBTT + beacon interval */
1395	if (data->bcn_delta) {
1396		bcn_int -= data->bcn_delta;
1397		data->bcn_delta = 0;
1398	}
1399
1400	next_bcn = ktime_add(hrtimer_get_expires(timer),
1401			     ns_to_ktime(bcn_int * 1000));
1402	tasklet_hrtimer_start(&data->beacon_timer, next_bcn, HRTIMER_MODE_ABS);
1403out:
1404	return HRTIMER_NORESTART;
1405}
1406
1407static const char * const hwsim_chanwidths[] = {
1408	[NL80211_CHAN_WIDTH_20_NOHT] = "noht",
1409	[NL80211_CHAN_WIDTH_20] = "ht20",
1410	[NL80211_CHAN_WIDTH_40] = "ht40",
1411	[NL80211_CHAN_WIDTH_80] = "vht80",
1412	[NL80211_CHAN_WIDTH_80P80] = "vht80p80",
1413	[NL80211_CHAN_WIDTH_160] = "vht160",
1414};
1415
1416static int mac80211_hwsim_config(struct ieee80211_hw *hw, u32 changed)
1417{
1418	struct mac80211_hwsim_data *data = hw->priv;
1419	struct ieee80211_conf *conf = &hw->conf;
1420	static const char *smps_modes[IEEE80211_SMPS_NUM_MODES] = {
1421		[IEEE80211_SMPS_AUTOMATIC] = "auto",
1422		[IEEE80211_SMPS_OFF] = "off",
1423		[IEEE80211_SMPS_STATIC] = "static",
1424		[IEEE80211_SMPS_DYNAMIC] = "dynamic",
1425	};
1426
1427	if (conf->chandef.chan)
1428		wiphy_debug(hw->wiphy,
1429			    "%s (freq=%d(%d - %d)/%s idle=%d ps=%d smps=%s)\n",
1430			    __func__,
1431			    conf->chandef.chan->center_freq,
1432			    conf->chandef.center_freq1,
1433			    conf->chandef.center_freq2,
1434			    hwsim_chanwidths[conf->chandef.width],
1435			    !!(conf->flags & IEEE80211_CONF_IDLE),
1436			    !!(conf->flags & IEEE80211_CONF_PS),
1437			    smps_modes[conf->smps_mode]);
1438	else
1439		wiphy_debug(hw->wiphy,
1440			    "%s (freq=0 idle=%d ps=%d smps=%s)\n",
1441			    __func__,
1442			    !!(conf->flags & IEEE80211_CONF_IDLE),
1443			    !!(conf->flags & IEEE80211_CONF_PS),
1444			    smps_modes[conf->smps_mode]);
1445
1446	data->idle = !!(conf->flags & IEEE80211_CONF_IDLE);
1447
1448	data->channel = conf->chandef.chan;
1449
1450	WARN_ON(data->channel && data->use_chanctx);
1451
1452	data->power_level = conf->power_level;
1453	if (!data->started || !data->beacon_int)
1454		tasklet_hrtimer_cancel(&data->beacon_timer);
1455	else if (!hrtimer_is_queued(&data->beacon_timer.timer)) {
1456		u64 tsf = mac80211_hwsim_get_tsf(hw, NULL);
1457		u32 bcn_int = data->beacon_int;
1458		u64 until_tbtt = bcn_int - do_div(tsf, bcn_int);
1459
1460		tasklet_hrtimer_start(&data->beacon_timer,
1461				      ns_to_ktime(until_tbtt * 1000),
1462				      HRTIMER_MODE_REL);
1463	}
1464
1465	return 0;
1466}
1467
1468
1469static void mac80211_hwsim_configure_filter(struct ieee80211_hw *hw,
1470					    unsigned int changed_flags,
1471					    unsigned int *total_flags,u64 multicast)
1472{
1473	struct mac80211_hwsim_data *data = hw->priv;
1474
1475	wiphy_debug(hw->wiphy, "%s\n", __func__);
1476
1477	data->rx_filter = 0;
1478	if (*total_flags & FIF_PROMISC_IN_BSS)
1479		data->rx_filter |= FIF_PROMISC_IN_BSS;
1480	if (*total_flags & FIF_ALLMULTI)
1481		data->rx_filter |= FIF_ALLMULTI;
1482
1483	*total_flags = data->rx_filter;
1484}
1485
1486static void mac80211_hwsim_bcn_en_iter(void *data, u8 *mac,
1487				       struct ieee80211_vif *vif)
1488{
1489	unsigned int *count = data;
1490	struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
1491
1492	if (vp->bcn_en)
1493		(*count)++;
1494}
1495
1496static void mac80211_hwsim_bss_info_changed(struct ieee80211_hw *hw,
1497					    struct ieee80211_vif *vif,
1498					    struct ieee80211_bss_conf *info,
1499					    u32 changed)
1500{
1501	struct hwsim_vif_priv *vp = (void *)vif->drv_priv;
1502	struct mac80211_hwsim_data *data = hw->priv;
1503
1504	hwsim_check_magic(vif);
1505
1506	wiphy_debug(hw->wiphy, "%s(changed=0x%x vif->addr=%pM)\n",
1507		    __func__, changed, vif->addr);
1508
1509	if (changed & BSS_CHANGED_BSSID) {
1510		wiphy_debug(hw->wiphy, "%s: BSSID changed: %pM\n",
1511			    __func__, info->bssid);
1512		memcpy(vp->bssid, info->bssid, ETH_ALEN);
1513	}
1514
1515	if (changed & BSS_CHANGED_ASSOC) {
1516		wiphy_debug(hw->wiphy, "  ASSOC: assoc=%d aid=%d\n",
1517			    info->assoc, info->aid);
1518		vp->assoc = info->assoc;
1519		vp->aid = info->aid;
1520	}
1521
1522	if (changed & BSS_CHANGED_BEACON_INT) {
1523		wiphy_debug(hw->wiphy, "  BCNINT: %d\n", info->beacon_int);
1524		data->beacon_int = info->beacon_int * 1024;
1525	}
1526
1527	if (changed & BSS_CHANGED_BEACON_ENABLED) {
1528		wiphy_debug(hw->wiphy, "  BCN EN: %d\n", info->enable_beacon);
1529		vp->bcn_en = info->enable_beacon;
1530		if (data->started &&
1531		    !hrtimer_is_queued(&data->beacon_timer.timer) &&
1532		    info->enable_beacon) {
1533			u64 tsf, until_tbtt;
1534			u32 bcn_int;
1535			if (WARN_ON(!data->beacon_int))
1536				data->beacon_int = 1000 * 1024;
1537			tsf = mac80211_hwsim_get_tsf(hw, vif);
1538			bcn_int = data->beacon_int;
1539			until_tbtt = bcn_int - do_div(tsf, bcn_int);
1540			tasklet_hrtimer_start(&data->beacon_timer,
1541					      ns_to_ktime(until_tbtt * 1000),
1542					      HRTIMER_MODE_REL);
1543		} else if (!info->enable_beacon) {
1544			unsigned int count = 0;
1545			ieee80211_iterate_active_interfaces_atomic(
1546				data->hw, IEEE80211_IFACE_ITER_NORMAL,
1547				mac80211_hwsim_bcn_en_iter, &count);
1548			wiphy_debug(hw->wiphy, "  beaconing vifs remaining: %u",
1549				    count);
1550			if (count == 0)
1551				tasklet_hrtimer_cancel(&data->beacon_timer);
1552		}
1553	}
1554
1555	if (changed & BSS_CHANGED_ERP_CTS_PROT) {
1556		wiphy_debug(hw->wiphy, "  ERP_CTS_PROT: %d\n",
1557			    info->use_cts_prot);
1558	}
1559
1560	if (changed & BSS_CHANGED_ERP_PREAMBLE) {
1561		wiphy_debug(hw->wiphy, "  ERP_PREAMBLE: %d\n",
1562			    info->use_short_preamble);
1563	}
1564
1565	if (changed & BSS_CHANGED_ERP_SLOT) {
1566		wiphy_debug(hw->wiphy, "  ERP_SLOT: %d\n", info->use_short_slot);
1567	}
1568
1569	if (changed & BSS_CHANGED_HT) {
1570		wiphy_debug(hw->wiphy, "  HT: op_mode=0x%x\n",
1571			    info->ht_operation_mode);
1572	}
1573
1574	if (changed & BSS_CHANGED_BASIC_RATES) {
1575		wiphy_debug(hw->wiphy, "  BASIC_RATES: 0x%llx\n",
1576			    (unsigned long long) info->basic_rates);
1577	}
1578
1579	if (changed & BSS_CHANGED_TXPOWER)
1580		wiphy_debug(hw->wiphy, "  TX Power: %d dBm\n", info->txpower);
1581}
1582
1583static int mac80211_hwsim_sta_add(struct ieee80211_hw *hw,
1584				  struct ieee80211_vif *vif,
1585				  struct ieee80211_sta *sta)
1586{
1587	hwsim_check_magic(vif);
1588	hwsim_set_sta_magic(sta);
1589
1590	return 0;
1591}
1592
1593static int mac80211_hwsim_sta_remove(struct ieee80211_hw *hw,
1594				     struct ieee80211_vif *vif,
1595				     struct ieee80211_sta *sta)
1596{
1597	hwsim_check_magic(vif);
1598	hwsim_clear_sta_magic(sta);
1599
1600	return 0;
1601}
1602
1603static void mac80211_hwsim_sta_notify(struct ieee80211_hw *hw,
1604				      struct ieee80211_vif *vif,
1605				      enum sta_notify_cmd cmd,
1606				      struct ieee80211_sta *sta)
1607{
1608	hwsim_check_magic(vif);
1609
1610	switch (cmd) {
1611	case STA_NOTIFY_SLEEP:
1612	case STA_NOTIFY_AWAKE:
1613		/* TODO: make good use of these flags */
1614		break;
1615	default:
1616		WARN(1, "Invalid sta notify: %d\n", cmd);
1617		break;
1618	}
1619}
1620
1621static int mac80211_hwsim_set_tim(struct ieee80211_hw *hw,
1622				  struct ieee80211_sta *sta,
1623				  bool set)
1624{
1625	hwsim_check_sta_magic(sta);
1626	return 0;
1627}
1628
1629static int mac80211_hwsim_conf_tx(
1630	struct ieee80211_hw *hw,
1631	struct ieee80211_vif *vif, u16 queue,
1632	const struct ieee80211_tx_queue_params *params)
1633{
1634	wiphy_debug(hw->wiphy,
1635		    "%s (queue=%d txop=%d cw_min=%d cw_max=%d aifs=%d)\n",
1636		    __func__, queue,
1637		    params->txop, params->cw_min,
1638		    params->cw_max, params->aifs);
1639	return 0;
1640}
1641
1642static int mac80211_hwsim_get_survey(
1643	struct ieee80211_hw *hw, int idx,
1644	struct survey_info *survey)
1645{
1646	struct ieee80211_conf *conf = &hw->conf;
1647
1648	wiphy_debug(hw->wiphy, "%s (idx=%d)\n", __func__, idx);
1649
1650	if (idx != 0)
1651		return -ENOENT;
1652
1653	/* Current channel */
1654	survey->channel = conf->chandef.chan;
1655
1656	/*
1657	 * Magically conjured noise level --- this is only ok for simulated hardware.
1658	 *
1659	 * A real driver which cannot determine the real channel noise MUST NOT
1660	 * report any noise, especially not a magically conjured one :-)
1661	 */
1662	survey->filled = SURVEY_INFO_NOISE_DBM;
1663	survey->noise = -92;
1664
1665	return 0;
1666}
1667
1668#ifdef CONFIG_NL80211_TESTMODE
1669/*
1670 * This section contains example code for using netlink
1671 * attributes with the testmode command in nl80211.
1672 */
1673
1674/* These enums need to be kept in sync with userspace */
1675enum hwsim_testmode_attr {
1676	__HWSIM_TM_ATTR_INVALID	= 0,
1677	HWSIM_TM_ATTR_CMD	= 1,
1678	HWSIM_TM_ATTR_PS	= 2,
1679
1680	/* keep last */
1681	__HWSIM_TM_ATTR_AFTER_LAST,
1682	HWSIM_TM_ATTR_MAX	= __HWSIM_TM_ATTR_AFTER_LAST - 1
1683};
1684
1685enum hwsim_testmode_cmd {
1686	HWSIM_TM_CMD_SET_PS		= 0,
1687	HWSIM_TM_CMD_GET_PS		= 1,
1688	HWSIM_TM_CMD_STOP_QUEUES	= 2,
1689	HWSIM_TM_CMD_WAKE_QUEUES	= 3,
1690};
1691
1692static const struct nla_policy hwsim_testmode_policy[HWSIM_TM_ATTR_MAX + 1] = {
1693	[HWSIM_TM_ATTR_CMD] = { .type = NLA_U32 },
1694	[HWSIM_TM_ATTR_PS] = { .type = NLA_U32 },
1695};
1696
1697static int mac80211_hwsim_testmode_cmd(struct ieee80211_hw *hw,
1698				       struct ieee80211_vif *vif,
1699				       void *data, int len)
1700{
1701	struct mac80211_hwsim_data *hwsim = hw->priv;
1702	struct nlattr *tb[HWSIM_TM_ATTR_MAX + 1];
1703	struct sk_buff *skb;
1704	int err, ps;
1705
1706	err = nla_parse(tb, HWSIM_TM_ATTR_MAX, data, len,
1707			hwsim_testmode_policy);
1708	if (err)
1709		return err;
1710
1711	if (!tb[HWSIM_TM_ATTR_CMD])
1712		return -EINVAL;
1713
1714	switch (nla_get_u32(tb[HWSIM_TM_ATTR_CMD])) {
1715	case HWSIM_TM_CMD_SET_PS:
1716		if (!tb[HWSIM_TM_ATTR_PS])
1717			return -EINVAL;
1718		ps = nla_get_u32(tb[HWSIM_TM_ATTR_PS]);
1719		return hwsim_fops_ps_write(hwsim, ps);
1720	case HWSIM_TM_CMD_GET_PS:
1721		skb = cfg80211_testmode_alloc_reply_skb(hw->wiphy,
1722						nla_total_size(sizeof(u32)));
1723		if (!skb)
1724			return -ENOMEM;
1725		if (nla_put_u32(skb, HWSIM_TM_ATTR_PS, hwsim->ps))
1726			goto nla_put_failure;
1727		return cfg80211_testmode_reply(skb);
1728	case HWSIM_TM_CMD_STOP_QUEUES:
1729		ieee80211_stop_queues(hw);
1730		return 0;
1731	case HWSIM_TM_CMD_WAKE_QUEUES:
1732		ieee80211_wake_queues(hw);
1733		return 0;
1734	default:
1735		return -EOPNOTSUPP;
1736	}
1737
1738 nla_put_failure:
1739	kfree_skb(skb);
1740	return -ENOBUFS;
1741}
1742#endif
1743
1744static int mac80211_hwsim_ampdu_action(struct ieee80211_hw *hw,
1745				       struct ieee80211_vif *vif,
1746				       enum ieee80211_ampdu_mlme_action action,
1747				       struct ieee80211_sta *sta, u16 tid, u16 *ssn,
1748				       u8 buf_size)
1749{
1750	switch (action) {
1751	case IEEE80211_AMPDU_TX_START:
1752		ieee80211_start_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1753		break;
1754	case IEEE80211_AMPDU_TX_STOP_CONT:
1755	case IEEE80211_AMPDU_TX_STOP_FLUSH:
1756	case IEEE80211_AMPDU_TX_STOP_FLUSH_CONT:
1757		ieee80211_stop_tx_ba_cb_irqsafe(vif, sta->addr, tid);
1758		break;
1759	case IEEE80211_AMPDU_TX_OPERATIONAL:
1760		break;
1761	case IEEE80211_AMPDU_RX_START:
1762	case IEEE80211_AMPDU_RX_STOP:
1763		break;
1764	default:
1765		return -EOPNOTSUPP;
1766	}
1767
1768	return 0;
1769}
1770
1771static void mac80211_hwsim_flush(struct ieee80211_hw *hw,
1772				 struct ieee80211_vif *vif,
1773				 u32 queues, bool drop)
1774{
1775	/* Not implemented, queues only on kernel side */
1776}
1777
1778static void hw_scan_work(struct work_struct *work)
1779{
1780	struct mac80211_hwsim_data *hwsim =
1781		container_of(work, struct mac80211_hwsim_data, hw_scan.work);
1782	struct cfg80211_scan_request *req = hwsim->hw_scan_request;
1783	int dwell, i;
1784
1785	mutex_lock(&hwsim->mutex);
1786	if (hwsim->scan_chan_idx >= req->n_channels) {
1787		wiphy_debug(hwsim->hw->wiphy, "hw scan complete\n");
1788		ieee80211_scan_completed(hwsim->hw, false);
1789		hwsim->hw_scan_request = NULL;
1790		hwsim->hw_scan_vif = NULL;
1791		hwsim->tmp_chan = NULL;
1792		mutex_unlock(&hwsim->mutex);
1793		return;
1794	}
1795
1796	wiphy_debug(hwsim->hw->wiphy, "hw scan %d MHz\n",
1797		    req->channels[hwsim->scan_chan_idx]->center_freq);
1798
1799	hwsim->tmp_chan = req->channels[hwsim->scan_chan_idx];
1800	if (hwsim->tmp_chan->flags & IEEE80211_CHAN_NO_IR ||
1801	    !req->n_ssids) {
1802		dwell = 120;
1803	} else {
1804		dwell = 30;
1805		/* send probes */
1806		for (i = 0; i < req->n_ssids; i++) {
1807			struct sk_buff *probe;
1808
1809			probe = ieee80211_probereq_get(hwsim->hw,
1810						       hwsim->scan_addr,
1811						       req->ssids[i].ssid,
1812						       req->ssids[i].ssid_len,
1813						       req->ie_len);
1814			if (!probe)
1815				continue;
1816
1817			if (req->ie_len)
1818				memcpy(skb_put(probe, req->ie_len), req->ie,
1819				       req->ie_len);
1820
1821			local_bh_disable();
1822			mac80211_hwsim_tx_frame(hwsim->hw, probe,
1823						hwsim->tmp_chan);
1824			local_bh_enable();
1825		}
1826	}
1827	ieee80211_queue_delayed_work(hwsim->hw, &hwsim->hw_scan,
1828				     msecs_to_jiffies(dwell));
1829	hwsim->scan_chan_idx++;
1830	mutex_unlock(&hwsim->mutex);
1831}
1832
1833static int mac80211_hwsim_hw_scan(struct ieee80211_hw *hw,
1834				  struct ieee80211_vif *vif,
1835				  struct ieee80211_scan_request *hw_req)
1836{
1837	struct mac80211_hwsim_data *hwsim = hw->priv;
1838	struct cfg80211_scan_request *req = &hw_req->req;
1839
1840	mutex_lock(&hwsim->mutex);
1841	if (WARN_ON(hwsim->tmp_chan || hwsim->hw_scan_request)) {
1842		mutex_unlock(&hwsim->mutex);
1843		return -EBUSY;
1844	}
1845	hwsim->hw_scan_request = req;
1846	hwsim->hw_scan_vif = vif;
1847	hwsim->scan_chan_idx = 0;
1848	if (req->flags & NL80211_SCAN_FLAG_RANDOM_ADDR)
1849		get_random_mask_addr(hwsim->scan_addr,
1850				     hw_req->req.mac_addr,
1851				     hw_req->req.mac_addr_mask);
1852	else
1853		memcpy(hwsim->scan_addr, vif->addr, ETH_ALEN);
1854	mutex_unlock(&hwsim->mutex);
1855
1856	wiphy_debug(hw->wiphy, "hwsim hw_scan request\n");
1857
1858	ieee80211_queue_delayed_work(hwsim->hw, &hwsim->hw_scan, 0);
1859
1860	return 0;
1861}
1862
1863static void mac80211_hwsim_cancel_hw_scan(struct ieee80211_hw *hw,
1864					  struct ieee80211_vif *vif)
1865{
1866	struct mac80211_hwsim_data *hwsim = hw->priv;
1867
1868	wiphy_debug(hw->wiphy, "hwsim cancel_hw_scan\n");
1869
1870	cancel_delayed_work_sync(&hwsim->hw_scan);
1871
1872	mutex_lock(&hwsim->mutex);
1873	ieee80211_scan_completed(hwsim->hw, true);
1874	hwsim->tmp_chan = NULL;
1875	hwsim->hw_scan_request = NULL;
1876	hwsim->hw_scan_vif = NULL;
1877	mutex_unlock(&hwsim->mutex);
1878}
1879
1880static void mac80211_hwsim_sw_scan(struct ieee80211_hw *hw,
1881				   struct ieee80211_vif *vif,
1882				   const u8 *mac_addr)
1883{
1884	struct mac80211_hwsim_data *hwsim = hw->priv;
1885
1886	mutex_lock(&hwsim->mutex);
1887
1888	if (hwsim->scanning) {
1889		printk(KERN_DEBUG "two hwsim sw_scans detected!\n");
1890		goto out;
1891	}
1892
1893	printk(KERN_DEBUG "hwsim sw_scan request, prepping stuff\n");
1894
1895	memcpy(hwsim->scan_addr, mac_addr, ETH_ALEN);
1896	hwsim->scanning = true;
1897
1898out:
1899	mutex_unlock(&hwsim->mutex);
1900}
1901
1902static void mac80211_hwsim_sw_scan_complete(struct ieee80211_hw *hw,
1903					    struct ieee80211_vif *vif)
1904{
1905	struct mac80211_hwsim_data *hwsim = hw->priv;
1906
1907	mutex_lock(&hwsim->mutex);
1908
1909	printk(KERN_DEBUG "hwsim sw_scan_complete\n");
1910	hwsim->scanning = false;
1911	memset(hwsim->scan_addr, 0, ETH_ALEN);
1912
1913	mutex_unlock(&hwsim->mutex);
1914}
1915
1916static void hw_roc_done(struct work_struct *work)
1917{
1918	struct mac80211_hwsim_data *hwsim =
1919		container_of(work, struct mac80211_hwsim_data, roc_done.work);
1920
1921	mutex_lock(&hwsim->mutex);
1922	ieee80211_remain_on_channel_expired(hwsim->hw);
1923	hwsim->tmp_chan = NULL;
1924	mutex_unlock(&hwsim->mutex);
1925
1926	wiphy_debug(hwsim->hw->wiphy, "hwsim ROC expired\n");
1927}
1928
1929static int mac80211_hwsim_roc(struct ieee80211_hw *hw,
1930			      struct ieee80211_vif *vif,
1931			      struct ieee80211_channel *chan,
1932			      int duration,
1933			      enum ieee80211_roc_type type)
1934{
1935	struct mac80211_hwsim_data *hwsim = hw->priv;
1936
1937	mutex_lock(&hwsim->mutex);
1938	if (WARN_ON(hwsim->tmp_chan || hwsim->hw_scan_request)) {
1939		mutex_unlock(&hwsim->mutex);
1940		return -EBUSY;
1941	}
1942
1943	hwsim->tmp_chan = chan;
1944	mutex_unlock(&hwsim->mutex);
1945
1946	wiphy_debug(hw->wiphy, "hwsim ROC (%d MHz, %d ms)\n",
1947		    chan->center_freq, duration);
1948
1949	ieee80211_ready_on_channel(hw);
1950
1951	ieee80211_queue_delayed_work(hw, &hwsim->roc_done,
1952				     msecs_to_jiffies(duration));
1953	return 0;
1954}
1955
1956static int mac80211_hwsim_croc(struct ieee80211_hw *hw)
1957{
1958	struct mac80211_hwsim_data *hwsim = hw->priv;
1959
1960	cancel_delayed_work_sync(&hwsim->roc_done);
1961
1962	mutex_lock(&hwsim->mutex);
1963	hwsim->tmp_chan = NULL;
1964	mutex_unlock(&hwsim->mutex);
1965
1966	wiphy_debug(hw->wiphy, "hwsim ROC canceled\n");
1967
1968	return 0;
1969}
1970
1971static int mac80211_hwsim_add_chanctx(struct ieee80211_hw *hw,
1972				      struct ieee80211_chanctx_conf *ctx)
1973{
1974	hwsim_set_chanctx_magic(ctx);
1975	wiphy_debug(hw->wiphy,
1976		    "add channel context control: %d MHz/width: %d/cfreqs:%d/%d MHz\n",
1977		    ctx->def.chan->center_freq, ctx->def.width,
1978		    ctx->def.center_freq1, ctx->def.center_freq2);
1979	return 0;
1980}
1981
1982static void mac80211_hwsim_remove_chanctx(struct ieee80211_hw *hw,
1983					  struct ieee80211_chanctx_conf *ctx)
1984{
1985	wiphy_debug(hw->wiphy,
1986		    "remove channel context control: %d MHz/width: %d/cfreqs:%d/%d MHz\n",
1987		    ctx->def.chan->center_freq, ctx->def.width,
1988		    ctx->def.center_freq1, ctx->def.center_freq2);
1989	hwsim_check_chanctx_magic(ctx);
1990	hwsim_clear_chanctx_magic(ctx);
1991}
1992
1993static void mac80211_hwsim_change_chanctx(struct ieee80211_hw *hw,
1994					  struct ieee80211_chanctx_conf *ctx,
1995					  u32 changed)
1996{
1997	hwsim_check_chanctx_magic(ctx);
1998	wiphy_debug(hw->wiphy,
1999		    "change channel context control: %d MHz/width: %d/cfreqs:%d/%d MHz\n",
2000		    ctx->def.chan->center_freq, ctx->def.width,
2001		    ctx->def.center_freq1, ctx->def.center_freq2);
2002}
2003
2004static int mac80211_hwsim_assign_vif_chanctx(struct ieee80211_hw *hw,
2005					     struct ieee80211_vif *vif,
2006					     struct ieee80211_chanctx_conf *ctx)
2007{
2008	hwsim_check_magic(vif);
2009	hwsim_check_chanctx_magic(ctx);
2010
2011	return 0;
2012}
2013
2014static void mac80211_hwsim_unassign_vif_chanctx(struct ieee80211_hw *hw,
2015						struct ieee80211_vif *vif,
2016						struct ieee80211_chanctx_conf *ctx)
2017{
2018	hwsim_check_magic(vif);
2019	hwsim_check_chanctx_magic(ctx);
2020}
2021
2022static const char mac80211_hwsim_gstrings_stats[][ETH_GSTRING_LEN] = {
2023	"tx_pkts_nic",
2024	"tx_bytes_nic",
2025	"rx_pkts_nic",
2026	"rx_bytes_nic",
2027	"d_tx_dropped",
2028	"d_tx_failed",
2029	"d_ps_mode",
2030	"d_group",
2031	"d_tx_power",
2032};
2033
2034#define MAC80211_HWSIM_SSTATS_LEN ARRAY_SIZE(mac80211_hwsim_gstrings_stats)
2035
2036static void mac80211_hwsim_get_et_strings(struct ieee80211_hw *hw,
2037					  struct ieee80211_vif *vif,
2038					  u32 sset, u8 *data)
2039{
2040	if (sset == ETH_SS_STATS)
2041		memcpy(data, *mac80211_hwsim_gstrings_stats,
2042		       sizeof(mac80211_hwsim_gstrings_stats));
2043}
2044
2045static int mac80211_hwsim_get_et_sset_count(struct ieee80211_hw *hw,
2046					    struct ieee80211_vif *vif, int sset)
2047{
2048	if (sset == ETH_SS_STATS)
2049		return MAC80211_HWSIM_SSTATS_LEN;
2050	return 0;
2051}
2052
2053static void mac80211_hwsim_get_et_stats(struct ieee80211_hw *hw,
2054					struct ieee80211_vif *vif,
2055					struct ethtool_stats *stats, u64 *data)
2056{
2057	struct mac80211_hwsim_data *ar = hw->priv;
2058	int i = 0;
2059
2060	data[i++] = ar->tx_pkts;
2061	data[i++] = ar->tx_bytes;
2062	data[i++] = ar->rx_pkts;
2063	data[i++] = ar->rx_bytes;
2064	data[i++] = ar->tx_dropped;
2065	data[i++] = ar->tx_failed;
2066	data[i++] = ar->ps;
2067	data[i++] = ar->group;
2068	data[i++] = ar->power_level;
2069
2070	WARN_ON(i != MAC80211_HWSIM_SSTATS_LEN);
2071}
2072
2073static const struct ieee80211_ops mac80211_hwsim_ops = {
2074	.tx = mac80211_hwsim_tx,
2075	.start = mac80211_hwsim_start,
2076	.stop = mac80211_hwsim_stop,
2077	.add_interface = mac80211_hwsim_add_interface,
2078	.change_interface = mac80211_hwsim_change_interface,
2079	.remove_interface = mac80211_hwsim_remove_interface,
2080	.config = mac80211_hwsim_config,
2081	.configure_filter = mac80211_hwsim_configure_filter,
2082	.bss_info_changed = mac80211_hwsim_bss_info_changed,
2083	.sta_add = mac80211_hwsim_sta_add,
2084	.sta_remove = mac80211_hwsim_sta_remove,
2085	.sta_notify = mac80211_hwsim_sta_notify,
2086	.set_tim = mac80211_hwsim_set_tim,
2087	.conf_tx = mac80211_hwsim_conf_tx,
2088	.get_survey = mac80211_hwsim_get_survey,
2089	CFG80211_TESTMODE_CMD(mac80211_hwsim_testmode_cmd)
2090	.ampdu_action = mac80211_hwsim_ampdu_action,
2091	.sw_scan_start = mac80211_hwsim_sw_scan,
2092	.sw_scan_complete = mac80211_hwsim_sw_scan_complete,
2093	.flush = mac80211_hwsim_flush,
2094	.get_tsf = mac80211_hwsim_get_tsf,
2095	.set_tsf = mac80211_hwsim_set_tsf,
2096	.get_et_sset_count = mac80211_hwsim_get_et_sset_count,
2097	.get_et_stats = mac80211_hwsim_get_et_stats,
2098	.get_et_strings = mac80211_hwsim_get_et_strings,
2099};
2100
2101static struct ieee80211_ops mac80211_hwsim_mchan_ops;
2102
2103struct hwsim_new_radio_params {
2104	unsigned int channels;
2105	const char *reg_alpha2;
2106	const struct ieee80211_regdomain *regd;
2107	bool reg_strict;
2108	bool p2p_device;
2109	bool use_chanctx;
2110	bool destroy_on_close;
2111	const char *hwname;
2112	bool no_vif;
2113};
2114
2115static void hwsim_mcast_config_msg(struct sk_buff *mcast_skb,
2116				   struct genl_info *info)
2117{
2118	if (info)
2119		genl_notify(&hwsim_genl_family, mcast_skb,
2120			    genl_info_net(info), info->snd_portid,
2121			    HWSIM_MCGRP_CONFIG, info->nlhdr, GFP_KERNEL);
2122	else
2123		genlmsg_multicast(&hwsim_genl_family, mcast_skb, 0,
2124				  HWSIM_MCGRP_CONFIG, GFP_KERNEL);
2125}
2126
2127static int append_radio_msg(struct sk_buff *skb, int id,
2128			    struct hwsim_new_radio_params *param)
2129{
2130	int ret;
2131
2132	ret = nla_put_u32(skb, HWSIM_ATTR_RADIO_ID, id);
2133	if (ret < 0)
2134		return ret;
2135
2136	if (param->channels) {
2137		ret = nla_put_u32(skb, HWSIM_ATTR_CHANNELS, param->channels);
2138		if (ret < 0)
2139			return ret;
2140	}
2141
2142	if (param->reg_alpha2) {
2143		ret = nla_put(skb, HWSIM_ATTR_REG_HINT_ALPHA2, 2,
2144			      param->reg_alpha2);
2145		if (ret < 0)
2146			return ret;
2147	}
2148
2149	if (param->regd) {
2150		int i;
2151
2152		for (i = 0; i < ARRAY_SIZE(hwsim_world_regdom_custom); i++) {
2153			if (hwsim_world_regdom_custom[i] != param->regd)
2154				continue;
2155
2156			ret = nla_put_u32(skb, HWSIM_ATTR_REG_CUSTOM_REG, i);
2157			if (ret < 0)
2158				return ret;
2159			break;
2160		}
2161	}
2162
2163	if (param->reg_strict) {
2164		ret = nla_put_flag(skb, HWSIM_ATTR_REG_STRICT_REG);
2165		if (ret < 0)
2166			return ret;
2167	}
2168
2169	if (param->p2p_device) {
2170		ret = nla_put_flag(skb, HWSIM_ATTR_SUPPORT_P2P_DEVICE);
2171		if (ret < 0)
2172			return ret;
2173	}
2174
2175	if (param->use_chanctx) {
2176		ret = nla_put_flag(skb, HWSIM_ATTR_USE_CHANCTX);
2177		if (ret < 0)
2178			return ret;
2179	}
2180
2181	if (param->hwname) {
2182		ret = nla_put(skb, HWSIM_ATTR_RADIO_NAME,
2183			      strlen(param->hwname), param->hwname);
2184		if (ret < 0)
2185			return ret;
2186	}
2187
2188	return 0;
2189}
2190
2191static void hwsim_mcast_new_radio(int id, struct genl_info *info,
2192				  struct hwsim_new_radio_params *param)
2193{
2194	struct sk_buff *mcast_skb;
2195	void *data;
2196
2197	mcast_skb = genlmsg_new(GENLMSG_DEFAULT_SIZE, GFP_KERNEL);
2198	if (!mcast_skb)
2199		return;
2200
2201	data = genlmsg_put(mcast_skb, 0, 0, &hwsim_genl_family, 0,
2202			   HWSIM_CMD_NEW_RADIO);
2203	if (!data)
2204		goto out_err;
2205
2206	if (append_radio_msg(mcast_skb, id, param) < 0)
2207		goto out_err;
2208
2209	genlmsg_end(mcast_skb, data);
2210
2211	hwsim_mcast_config_msg(mcast_skb, info);
2212	return;
2213
2214out_err:
2215	genlmsg_cancel(mcast_skb, data);
2216	nlmsg_free(mcast_skb);
2217}
2218
2219static int mac80211_hwsim_new_radio(struct genl_info *info,
2220				    struct hwsim_new_radio_params *param)
2221{
2222	int err;
2223	u8 addr[ETH_ALEN];
2224	struct mac80211_hwsim_data *data;
2225	struct ieee80211_hw *hw;
2226	enum ieee80211_band band;
2227	const struct ieee80211_ops *ops = &mac80211_hwsim_ops;
2228	int idx;
2229
2230	if (WARN_ON(param->channels > 1 && !param->use_chanctx))
2231		return -EINVAL;
2232
2233	spin_lock_bh(&hwsim_radio_lock);
2234	idx = hwsim_radio_idx++;
2235	spin_unlock_bh(&hwsim_radio_lock);
2236
2237	if (param->use_chanctx)
2238		ops = &mac80211_hwsim_mchan_ops;
2239	hw = ieee80211_alloc_hw_nm(sizeof(*data), ops, param->hwname);
2240	if (!hw) {
2241		printk(KERN_DEBUG "mac80211_hwsim: ieee80211_alloc_hw failed\n");
2242		err = -ENOMEM;
2243		goto failed;
2244	}
2245	data = hw->priv;
2246	data->hw = hw;
2247
2248	data->dev = device_create(hwsim_class, NULL, 0, hw, "hwsim%d", idx);
2249	if (IS_ERR(data->dev)) {
2250		printk(KERN_DEBUG
2251		       "mac80211_hwsim: device_create failed (%ld)\n",
2252		       PTR_ERR(data->dev));
2253		err = -ENOMEM;
2254		goto failed_drvdata;
2255	}
2256	data->dev->driver = &mac80211_hwsim_driver.driver;
2257	err = device_bind_driver(data->dev);
2258	if (err != 0) {
2259		printk(KERN_DEBUG "mac80211_hwsim: device_bind_driver failed (%d)\n",
2260		       err);
2261		goto failed_bind;
2262	}
2263
2264	skb_queue_head_init(&data->pending);
2265
2266	SET_IEEE80211_DEV(hw, data->dev);
2267	memset(addr, 0, ETH_ALEN);
2268	addr[0] = 0x02;
2269	addr[3] = idx >> 8;
2270	addr[4] = idx;
2271	memcpy(data->addresses[0].addr, addr, ETH_ALEN);
2272	memcpy(data->addresses[1].addr, addr, ETH_ALEN);
2273	data->addresses[1].addr[0] |= 0x40;
2274	hw->wiphy->n_addresses = 2;
2275	hw->wiphy->addresses = data->addresses;
2276
2277	data->channels = param->channels;
2278	data->use_chanctx = param->use_chanctx;
2279	data->idx = idx;
2280	data->destroy_on_close = param->destroy_on_close;
2281	if (info)
2282		data->portid = info->snd_portid;
2283
2284	if (data->use_chanctx) {
2285		hw->wiphy->max_scan_ssids = 255;
2286		hw->wiphy->max_scan_ie_len = IEEE80211_MAX_DATA_LEN;
2287		hw->wiphy->max_remain_on_channel_duration = 1000;
2288		/* For channels > 1 DFS is not allowed */
2289		hw->wiphy->n_iface_combinations = 1;
2290		hw->wiphy->iface_combinations = &data->if_combination;
2291		if (param->p2p_device)
2292			data->if_combination = hwsim_if_comb_p2p_dev[0];
2293		else
2294			data->if_combination = hwsim_if_comb[0];
2295		data->if_combination.num_different_channels = data->channels;
2296	} else if (param->p2p_device) {
2297		hw->wiphy->iface_combinations = hwsim_if_comb_p2p_dev;
2298		hw->wiphy->n_iface_combinations =
2299			ARRAY_SIZE(hwsim_if_comb_p2p_dev);
2300	} else {
2301		hw->wiphy->iface_combinations = hwsim_if_comb;
2302		hw->wiphy->n_iface_combinations = ARRAY_SIZE(hwsim_if_comb);
2303	}
2304
2305	INIT_DELAYED_WORK(&data->roc_done, hw_roc_done);
2306	INIT_DELAYED_WORK(&data->hw_scan, hw_scan_work);
2307
2308	hw->queues = 5;
2309	hw->offchannel_tx_hw_queue = 4;
2310	hw->wiphy->interface_modes = BIT(NL80211_IFTYPE_STATION) |
2311				     BIT(NL80211_IFTYPE_AP) |
2312				     BIT(NL80211_IFTYPE_P2P_CLIENT) |
2313				     BIT(NL80211_IFTYPE_P2P_GO) |
2314				     BIT(NL80211_IFTYPE_ADHOC) |
2315				     BIT(NL80211_IFTYPE_MESH_POINT);
2316
2317	if (param->p2p_device)
2318		hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_P2P_DEVICE);
2319
2320	hw->flags = IEEE80211_HW_MFP_CAPABLE |
2321		    IEEE80211_HW_SIGNAL_DBM |
2322		    IEEE80211_HW_AMPDU_AGGREGATION |
2323		    IEEE80211_HW_WANT_MONITOR_VIF |
2324		    IEEE80211_HW_QUEUE_CONTROL |
2325		    IEEE80211_HW_SUPPORTS_HT_CCK_RATES |
2326		    IEEE80211_HW_CHANCTX_STA_CSA;
2327	if (rctbl)
2328		hw->flags |= IEEE80211_HW_SUPPORTS_RC_TABLE;
2329
2330	hw->wiphy->flags |= WIPHY_FLAG_SUPPORTS_TDLS |
2331			    WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL |
2332			    WIPHY_FLAG_AP_UAPSD |
2333			    WIPHY_FLAG_HAS_CHANNEL_SWITCH;
2334	hw->wiphy->features |= NL80211_FEATURE_ACTIVE_MONITOR |
2335			       NL80211_FEATURE_AP_MODE_CHAN_WIDTH_CHANGE |
2336			       NL80211_FEATURE_STATIC_SMPS |
2337			       NL80211_FEATURE_DYNAMIC_SMPS |
2338			       NL80211_FEATURE_SCAN_RANDOM_MAC_ADDR;
2339
2340	/* ask mac80211 to reserve space for magic */
2341	hw->vif_data_size = sizeof(struct hwsim_vif_priv);
2342	hw->sta_data_size = sizeof(struct hwsim_sta_priv);
2343	hw->chanctx_data_size = sizeof(struct hwsim_chanctx_priv);
2344
2345	memcpy(data->channels_2ghz, hwsim_channels_2ghz,
2346		sizeof(hwsim_channels_2ghz));
2347	memcpy(data->channels_5ghz, hwsim_channels_5ghz,
2348		sizeof(hwsim_channels_5ghz));
2349	memcpy(data->rates, hwsim_rates, sizeof(hwsim_rates));
2350
2351	for (band = IEEE80211_BAND_2GHZ; band < IEEE80211_NUM_BANDS; band++) {
2352		struct ieee80211_supported_band *sband = &data->bands[band];
2353		switch (band) {
2354		case IEEE80211_BAND_2GHZ:
2355			sband->channels = data->channels_2ghz;
2356			sband->n_channels = ARRAY_SIZE(hwsim_channels_2ghz);
2357			sband->bitrates = data->rates;
2358			sband->n_bitrates = ARRAY_SIZE(hwsim_rates);
2359			break;
2360		case IEEE80211_BAND_5GHZ:
2361			sband->channels = data->channels_5ghz;
2362			sband->n_channels = ARRAY_SIZE(hwsim_channels_5ghz);
2363			sband->bitrates = data->rates + 4;
2364			sband->n_bitrates = ARRAY_SIZE(hwsim_rates) - 4;
2365			break;
2366		default:
2367			continue;
2368		}
2369
2370		sband->ht_cap.ht_supported = true;
2371		sband->ht_cap.cap = IEEE80211_HT_CAP_SUP_WIDTH_20_40 |
2372				    IEEE80211_HT_CAP_GRN_FLD |
2373				    IEEE80211_HT_CAP_SGI_20 |
2374				    IEEE80211_HT_CAP_SGI_40 |
2375				    IEEE80211_HT_CAP_DSSSCCK40;
2376		sband->ht_cap.ampdu_factor = 0x3;
2377		sband->ht_cap.ampdu_density = 0x6;
2378		memset(&sband->ht_cap.mcs, 0,
2379		       sizeof(sband->ht_cap.mcs));
2380		sband->ht_cap.mcs.rx_mask[0] = 0xff;
2381		sband->ht_cap.mcs.rx_mask[1] = 0xff;
2382		sband->ht_cap.mcs.tx_params = IEEE80211_HT_MCS_TX_DEFINED;
2383
2384		hw->wiphy->bands[band] = sband;
2385
2386		sband->vht_cap.vht_supported = true;
2387		sband->vht_cap.cap =
2388			IEEE80211_VHT_CAP_MAX_MPDU_LENGTH_11454 |
2389			IEEE80211_VHT_CAP_SUPP_CHAN_WIDTH_160_80PLUS80MHZ |
2390			IEEE80211_VHT_CAP_RXLDPC |
2391			IEEE80211_VHT_CAP_SHORT_GI_80 |
2392			IEEE80211_VHT_CAP_SHORT_GI_160 |
2393			IEEE80211_VHT_CAP_TXSTBC |
2394			IEEE80211_VHT_CAP_RXSTBC_1 |
2395			IEEE80211_VHT_CAP_RXSTBC_2 |
2396			IEEE80211_VHT_CAP_RXSTBC_3 |
2397			IEEE80211_VHT_CAP_RXSTBC_4 |
2398			IEEE80211_VHT_CAP_MAX_A_MPDU_LENGTH_EXPONENT_MASK;
2399		sband->vht_cap.vht_mcs.rx_mcs_map =
2400			cpu_to_le16(IEEE80211_VHT_MCS_SUPPORT_0_8 << 0 |
2401				    IEEE80211_VHT_MCS_SUPPORT_0_8 << 2 |
2402				    IEEE80211_VHT_MCS_SUPPORT_0_9 << 4 |
2403				    IEEE80211_VHT_MCS_SUPPORT_0_8 << 6 |
2404				    IEEE80211_VHT_MCS_SUPPORT_0_8 << 8 |
2405				    IEEE80211_VHT_MCS_SUPPORT_0_9 << 10 |
2406				    IEEE80211_VHT_MCS_SUPPORT_0_9 << 12 |
2407				    IEEE80211_VHT_MCS_SUPPORT_0_8 << 14);
2408		sband->vht_cap.vht_mcs.tx_mcs_map =
2409			sband->vht_cap.vht_mcs.rx_mcs_map;
2410	}
2411
2412	/* By default all radios belong to the first group */
2413	data->group = 1;
2414	mutex_init(&data->mutex);
2415
2416	/* Enable frame retransmissions for lossy channels */
2417	hw->max_rates = 4;
2418	hw->max_rate_tries = 11;
2419
2420	if (param->reg_strict)
2421		hw->wiphy->regulatory_flags |= REGULATORY_STRICT_REG;
2422	if (param->regd) {
2423		data->regd = param->regd;
2424		hw->wiphy->regulatory_flags |= REGULATORY_CUSTOM_REG;
2425		wiphy_apply_custom_regulatory(hw->wiphy, param->regd);
2426		/* give the regulatory workqueue a chance to run */
2427		schedule_timeout_interruptible(1);
2428	}
2429
2430	if (param->no_vif)
2431		hw->flags |= IEEE80211_HW_NO_AUTO_VIF;
2432
2433	err = ieee80211_register_hw(hw);
2434	if (err < 0) {
2435		printk(KERN_DEBUG "mac80211_hwsim: ieee80211_register_hw failed (%d)\n",
2436		       err);
2437		goto failed_hw;
2438	}
2439
2440	wiphy_debug(hw->wiphy, "hwaddr %pM registered\n", hw->wiphy->perm_addr);
2441
2442	if (param->reg_alpha2) {
2443		data->alpha2[0] = param->reg_alpha2[0];
2444		data->alpha2[1] = param->reg_alpha2[1];
2445		regulatory_hint(hw->wiphy, param->reg_alpha2);
2446	}
2447
2448	data->debugfs = debugfs_create_dir("hwsim", hw->wiphy->debugfsdir);
2449	debugfs_create_file("ps", 0666, data->debugfs, data, &hwsim_fops_ps);
2450	debugfs_create_file("group", 0666, data->debugfs, data,
2451			    &hwsim_fops_group);
2452	if (!data->use_chanctx)
2453		debugfs_create_file("dfs_simulate_radar", 0222,
2454				    data->debugfs,
2455				    data, &hwsim_simulate_radar);
2456
2457	tasklet_hrtimer_init(&data->beacon_timer,
2458			     mac80211_hwsim_beacon,
2459			     CLOCK_MONOTONIC_RAW, HRTIMER_MODE_ABS);
2460
2461	spin_lock_bh(&hwsim_radio_lock);
2462	list_add_tail(&data->list, &hwsim_radios);
2463	spin_unlock_bh(&hwsim_radio_lock);
2464
2465	if (idx > 0)
2466		hwsim_mcast_new_radio(idx, info, param);
2467
2468	return idx;
2469
2470failed_hw:
2471	device_release_driver(data->dev);
2472failed_bind:
2473	device_unregister(data->dev);
2474failed_drvdata:
2475	ieee80211_free_hw(hw);
2476failed:
2477	return err;
2478}
2479
2480static void hwsim_mcast_del_radio(int id, const char *hwname,
2481				  struct genl_info *info)
2482{
2483	struct sk_buff *skb;
2484	void *data;
2485	int ret;
2486
2487	skb = genlmsg_new(GENLMSG_DEFAULT_SIZE, GFP_KERNEL);
2488	if (!skb)
2489		return;
2490
2491	data = genlmsg_put(skb, 0, 0, &hwsim_genl_family, 0,
2492			   HWSIM_CMD_DEL_RADIO);
2493	if (!data)
2494		goto error;
2495
2496	ret = nla_put_u32(skb, HWSIM_ATTR_RADIO_ID, id);
2497	if (ret < 0)
2498		goto error;
2499
2500	ret = nla_put(skb, HWSIM_ATTR_RADIO_NAME, strlen(hwname),
2501		      hwname);
2502	if (ret < 0)
2503		goto error;
2504
2505	genlmsg_end(skb, data);
2506
2507	hwsim_mcast_config_msg(skb, info);
2508
2509	return;
2510
2511error:
2512	nlmsg_free(skb);
2513}
2514
2515static void mac80211_hwsim_del_radio(struct mac80211_hwsim_data *data,
2516				     const char *hwname,
2517				     struct genl_info *info)
2518{
2519	hwsim_mcast_del_radio(data->idx, hwname, info);
2520	debugfs_remove_recursive(data->debugfs);
2521	ieee80211_unregister_hw(data->hw);
2522	device_release_driver(data->dev);
2523	device_unregister(data->dev);
2524	ieee80211_free_hw(data->hw);
2525}
2526
2527static int mac80211_hwsim_get_radio(struct sk_buff *skb,
2528				    struct mac80211_hwsim_data *data,
2529				    u32 portid, u32 seq,
2530				    struct netlink_callback *cb, int flags)
2531{
2532	void *hdr;
2533	struct hwsim_new_radio_params param = { };
2534	int res = -EMSGSIZE;
2535
2536	hdr = genlmsg_put(skb, portid, seq, &hwsim_genl_family, flags,
2537			  HWSIM_CMD_GET_RADIO);
2538	if (!hdr)
2539		return -EMSGSIZE;
2540
2541	if (cb)
2542		genl_dump_check_consistent(cb, hdr, &hwsim_genl_family);
2543
2544	if (data->alpha2[0] && data->alpha2[1])
2545		param.reg_alpha2 = data->alpha2;
2546
2547	param.reg_strict = !!(data->hw->wiphy->regulatory_flags &
2548					REGULATORY_STRICT_REG);
2549	param.p2p_device = !!(data->hw->wiphy->interface_modes &
2550					BIT(NL80211_IFTYPE_P2P_DEVICE));
2551	param.use_chanctx = data->use_chanctx;
2552	param.regd = data->regd;
2553	param.channels = data->channels;
2554	param.hwname = wiphy_name(data->hw->wiphy);
2555
2556	res = append_radio_msg(skb, data->idx, &param);
2557	if (res < 0)
2558		goto out_err;
2559
2560	genlmsg_end(skb, hdr);
2561	return 0;
2562
2563out_err:
2564	genlmsg_cancel(skb, hdr);
2565	return res;
2566}
2567
2568static void mac80211_hwsim_free(void)
2569{
2570	struct mac80211_hwsim_data *data;
2571
2572	spin_lock_bh(&hwsim_radio_lock);
2573	while ((data = list_first_entry_or_null(&hwsim_radios,
2574						struct mac80211_hwsim_data,
2575						list))) {
2576		list_del(&data->list);
2577		spin_unlock_bh(&hwsim_radio_lock);
2578		mac80211_hwsim_del_radio(data, wiphy_name(data->hw->wiphy),
2579					 NULL);
2580		spin_lock_bh(&hwsim_radio_lock);
2581	}
2582	spin_unlock_bh(&hwsim_radio_lock);
2583	class_destroy(hwsim_class);
2584}
2585
2586static const struct net_device_ops hwsim_netdev_ops = {
2587	.ndo_start_xmit 	= hwsim_mon_xmit,
2588	.ndo_change_mtu		= eth_change_mtu,
2589	.ndo_set_mac_address 	= eth_mac_addr,
2590	.ndo_validate_addr	= eth_validate_addr,
2591};
2592
2593static void hwsim_mon_setup(struct net_device *dev)
2594{
2595	dev->netdev_ops = &hwsim_netdev_ops;
2596	dev->destructor = free_netdev;
2597	ether_setup(dev);
2598	dev->tx_queue_len = 0;
2599	dev->type = ARPHRD_IEEE80211_RADIOTAP;
2600	memset(dev->dev_addr, 0, ETH_ALEN);
2601	dev->dev_addr[0] = 0x12;
2602}
2603
2604static struct mac80211_hwsim_data *get_hwsim_data_ref_from_addr(const u8 *addr)
2605{
2606	struct mac80211_hwsim_data *data;
2607	bool _found = false;
2608
2609	spin_lock_bh(&hwsim_radio_lock);
2610	list_for_each_entry(data, &hwsim_radios, list) {
2611		if (memcmp(data->addresses[1].addr, addr, ETH_ALEN) == 0) {
2612			_found = true;
2613			break;
2614		}
2615	}
2616	spin_unlock_bh(&hwsim_radio_lock);
2617
2618	if (!_found)
2619		return NULL;
2620
2621	return data;
2622}
2623
2624static int hwsim_tx_info_frame_received_nl(struct sk_buff *skb_2,
2625					   struct genl_info *info)
2626{
2627
2628	struct ieee80211_hdr *hdr;
2629	struct mac80211_hwsim_data *data2;
2630	struct ieee80211_tx_info *txi;
2631	struct hwsim_tx_rate *tx_attempts;
2632	unsigned long ret_skb_ptr;
2633	struct sk_buff *skb, *tmp;
2634	const u8 *src;
2635	unsigned int hwsim_flags;
2636	int i;
2637	bool found = false;
2638
2639	if (info->snd_portid != wmediumd_portid)
2640		return -EINVAL;
2641
2642	if (!info->attrs[HWSIM_ATTR_ADDR_TRANSMITTER] ||
2643	    !info->attrs[HWSIM_ATTR_FLAGS] ||
2644	    !info->attrs[HWSIM_ATTR_COOKIE] ||
2645	    !info->attrs[HWSIM_ATTR_TX_INFO])
2646		goto out;
2647
2648	src = (void *)nla_data(info->attrs[HWSIM_ATTR_ADDR_TRANSMITTER]);
2649	hwsim_flags = nla_get_u32(info->attrs[HWSIM_ATTR_FLAGS]);
2650	ret_skb_ptr = nla_get_u64(info->attrs[HWSIM_ATTR_COOKIE]);
2651
2652	data2 = get_hwsim_data_ref_from_addr(src);
2653	if (!data2)
2654		goto out;
2655
2656	/* look for the skb matching the cookie passed back from user */
2657	skb_queue_walk_safe(&data2->pending, skb, tmp) {
2658		if ((unsigned long)skb == ret_skb_ptr) {
2659			skb_unlink(skb, &data2->pending);
2660			found = true;
2661			break;
2662		}
2663	}
2664
2665	/* not found */
2666	if (!found)
2667		goto out;
2668
2669	/* Tx info received because the frame was broadcasted on user space,
2670	 so we get all the necessary info: tx attempts and skb control buff */
2671
2672	tx_attempts = (struct hwsim_tx_rate *)nla_data(
2673		       info->attrs[HWSIM_ATTR_TX_INFO]);
2674
2675	/* now send back TX status */
2676	txi = IEEE80211_SKB_CB(skb);
2677
2678	ieee80211_tx_info_clear_status(txi);
2679
2680	for (i = 0; i < IEEE80211_TX_MAX_RATES; i++) {
2681		txi->status.rates[i].idx = tx_attempts[i].idx;
2682		txi->status.rates[i].count = tx_attempts[i].count;
2683		/*txi->status.rates[i].flags = 0;*/
2684	}
2685
2686	txi->status.ack_signal = nla_get_u32(info->attrs[HWSIM_ATTR_SIGNAL]);
2687
2688	if (!(hwsim_flags & HWSIM_TX_CTL_NO_ACK) &&
2689	   (hwsim_flags & HWSIM_TX_STAT_ACK)) {
2690		if (skb->len >= 16) {
2691			hdr = (struct ieee80211_hdr *) skb->data;
2692			mac80211_hwsim_monitor_ack(data2->channel,
2693						   hdr->addr2);
2694		}
2695		txi->flags |= IEEE80211_TX_STAT_ACK;
2696	}
2697	ieee80211_tx_status_irqsafe(data2->hw, skb);
2698	return 0;
2699out:
2700	return -EINVAL;
2701
2702}
2703
2704static int hwsim_cloned_frame_received_nl(struct sk_buff *skb_2,
2705					  struct genl_info *info)
2706{
2707	struct mac80211_hwsim_data *data2;
2708	struct ieee80211_rx_status rx_status;
2709	const u8 *dst;
2710	int frame_data_len;
2711	void *frame_data;
2712	struct sk_buff *skb = NULL;
2713
2714	if (info->snd_portid != wmediumd_portid)
2715		return -EINVAL;
2716
2717	if (!info->attrs[HWSIM_ATTR_ADDR_RECEIVER] ||
2718	    !info->attrs[HWSIM_ATTR_FRAME] ||
2719	    !info->attrs[HWSIM_ATTR_RX_RATE] ||
2720	    !info->attrs[HWSIM_ATTR_SIGNAL])
2721		goto out;
2722
2723	dst = (void *)nla_data(info->attrs[HWSIM_ATTR_ADDR_RECEIVER]);
2724	frame_data_len = nla_len(info->attrs[HWSIM_ATTR_FRAME]);
2725	frame_data = (void *)nla_data(info->attrs[HWSIM_ATTR_FRAME]);
2726
2727	/* Allocate new skb here */
2728	skb = alloc_skb(frame_data_len, GFP_KERNEL);
2729	if (skb == NULL)
2730		goto err;
2731
2732	if (frame_data_len > IEEE80211_MAX_DATA_LEN)
2733		goto err;
2734
2735	/* Copy the data */
2736	memcpy(skb_put(skb, frame_data_len), frame_data, frame_data_len);
2737
2738	data2 = get_hwsim_data_ref_from_addr(dst);
2739	if (!data2)
2740		goto out;
2741
2742	/* check if radio is configured properly */
2743
2744	if (data2->idle || !data2->started)
2745		goto out;
2746
2747	/* A frame is received from user space */
2748	memset(&rx_status, 0, sizeof(rx_status));
2749	/* TODO: Check ATTR_FREQ if it exists, and maybe throw away off-channel
2750	 * packets?
2751	 */
2752	rx_status.freq = data2->channel->center_freq;
2753	rx_status.band = data2->channel->band;
2754	rx_status.rate_idx = nla_get_u32(info->attrs[HWSIM_ATTR_RX_RATE]);
2755	rx_status.signal = nla_get_u32(info->attrs[HWSIM_ATTR_SIGNAL]);
2756
2757	memcpy(IEEE80211_SKB_RXCB(skb), &rx_status, sizeof(rx_status));
2758	data2->rx_pkts++;
2759	data2->rx_bytes += skb->len;
2760	ieee80211_rx_irqsafe(data2->hw, skb);
2761
2762	return 0;
2763err:
2764	printk(KERN_DEBUG "mac80211_hwsim: error occurred in %s\n", __func__);
2765out:
2766	dev_kfree_skb(skb);
2767	return -EINVAL;
2768}
2769
2770static int hwsim_register_received_nl(struct sk_buff *skb_2,
2771				      struct genl_info *info)
2772{
2773	struct mac80211_hwsim_data *data;
2774	int chans = 1;
2775
2776	spin_lock_bh(&hwsim_radio_lock);
2777	list_for_each_entry(data, &hwsim_radios, list)
2778		chans = max(chans, data->channels);
2779	spin_unlock_bh(&hwsim_radio_lock);
2780
2781	/* In the future we should revise the userspace API and allow it
2782	 * to set a flag that it does support multi-channel, then we can
2783	 * let this pass conditionally on the flag.
2784	 * For current userspace, prohibit it since it won't work right.
2785	 */
2786	if (chans > 1)
2787		return -EOPNOTSUPP;
2788
2789	if (wmediumd_portid)
2790		return -EBUSY;
2791
2792	wmediumd_portid = info->snd_portid;
2793
2794	printk(KERN_DEBUG "mac80211_hwsim: received a REGISTER, "
2795	       "switching to wmediumd mode with pid %d\n", info->snd_portid);
2796
2797	return 0;
2798}
2799
2800static int hwsim_new_radio_nl(struct sk_buff *msg, struct genl_info *info)
2801{
2802	struct hwsim_new_radio_params param = { 0 };
2803
2804	param.reg_strict = info->attrs[HWSIM_ATTR_REG_STRICT_REG];
2805	param.p2p_device = info->attrs[HWSIM_ATTR_SUPPORT_P2P_DEVICE];
2806	param.channels = channels;
2807	param.destroy_on_close =
2808		info->attrs[HWSIM_ATTR_DESTROY_RADIO_ON_CLOSE];
2809
2810	if (info->attrs[HWSIM_ATTR_CHANNELS])
2811		param.channels = nla_get_u32(info->attrs[HWSIM_ATTR_CHANNELS]);
2812
2813	if (info->attrs[HWSIM_ATTR_NO_VIF])
2814		param.no_vif = true;
2815
2816	if (info->attrs[HWSIM_ATTR_RADIO_NAME])
2817		param.hwname = nla_data(info->attrs[HWSIM_ATTR_RADIO_NAME]);
2818
2819	if (info->attrs[HWSIM_ATTR_USE_CHANCTX])
2820		param.use_chanctx = true;
2821	else
2822		param.use_chanctx = (param.channels > 1);
2823
2824	if (info->attrs[HWSIM_ATTR_REG_HINT_ALPHA2])
2825		param.reg_alpha2 =
2826			nla_data(info->attrs[HWSIM_ATTR_REG_HINT_ALPHA2]);
2827
2828	if (info->attrs[HWSIM_ATTR_REG_CUSTOM_REG]) {
2829		u32 idx = nla_get_u32(info->attrs[HWSIM_ATTR_REG_CUSTOM_REG]);
2830
2831		if (idx >= ARRAY_SIZE(hwsim_world_regdom_custom))
2832			return -EINVAL;
2833		param.regd = hwsim_world_regdom_custom[idx];
2834	}
2835
2836	return mac80211_hwsim_new_radio(info, &param);
2837}
2838
2839static int hwsim_del_radio_nl(struct sk_buff *msg, struct genl_info *info)
2840{
2841	struct mac80211_hwsim_data *data;
2842	s64 idx = -1;
2843	const char *hwname = NULL;
2844
2845	if (info->attrs[HWSIM_ATTR_RADIO_ID])
2846		idx = nla_get_u32(info->attrs[HWSIM_ATTR_RADIO_ID]);
2847	else if (info->attrs[HWSIM_ATTR_RADIO_NAME])
2848		hwname = (void *)nla_data(info->attrs[HWSIM_ATTR_RADIO_NAME]);
2849	else
2850		return -EINVAL;
2851
2852	spin_lock_bh(&hwsim_radio_lock);
2853	list_for_each_entry(data, &hwsim_radios, list) {
2854		if (idx >= 0) {
2855			if (data->idx != idx)
2856				continue;
2857		} else {
2858			if (strcmp(hwname, wiphy_name(data->hw->wiphy)))
2859				continue;
2860		}
2861
2862		list_del(&data->list);
2863		spin_unlock_bh(&hwsim_radio_lock);
2864		mac80211_hwsim_del_radio(data, wiphy_name(data->hw->wiphy),
2865					 info);
2866		return 0;
2867	}
2868	spin_unlock_bh(&hwsim_radio_lock);
2869
2870	return -ENODEV;
2871}
2872
2873static int hwsim_get_radio_nl(struct sk_buff *msg, struct genl_info *info)
2874{
2875	struct mac80211_hwsim_data *data;
2876	struct sk_buff *skb;
2877	int idx, res = -ENODEV;
2878
2879	if (!info->attrs[HWSIM_ATTR_RADIO_ID])
2880		return -EINVAL;
2881	idx = nla_get_u32(info->attrs[HWSIM_ATTR_RADIO_ID]);
2882
2883	spin_lock_bh(&hwsim_radio_lock);
2884	list_for_each_entry(data, &hwsim_radios, list) {
2885		if (data->idx != idx)
2886			continue;
2887
2888		skb = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
2889		if (!skb) {
2890			res = -ENOMEM;
2891			goto out_err;
2892		}
2893
2894		res = mac80211_hwsim_get_radio(skb, data, info->snd_portid,
2895					       info->snd_seq, NULL, 0);
2896		if (res < 0) {
2897			nlmsg_free(skb);
2898			goto out_err;
2899		}
2900
2901		genlmsg_reply(skb, info);
2902		break;
2903	}
2904
2905out_err:
2906	spin_unlock_bh(&hwsim_radio_lock);
2907
2908	return res;
2909}
2910
2911static int hwsim_dump_radio_nl(struct sk_buff *skb,
2912			       struct netlink_callback *cb)
2913{
2914	int idx = cb->args[0];
2915	struct mac80211_hwsim_data *data = NULL;
2916	int res;
2917
2918	spin_lock_bh(&hwsim_radio_lock);
2919
2920	if (idx == hwsim_radio_idx)
2921		goto done;
2922
2923	list_for_each_entry(data, &hwsim_radios, list) {
2924		if (data->idx < idx)
2925			continue;
2926
2927		res = mac80211_hwsim_get_radio(skb, data,
2928					       NETLINK_CB(cb->skb).portid,
2929					       cb->nlh->nlmsg_seq, cb,
2930					       NLM_F_MULTI);
2931		if (res < 0)
2932			break;
2933
2934		idx = data->idx + 1;
2935	}
2936
2937	cb->args[0] = idx;
2938
2939done:
2940	spin_unlock_bh(&hwsim_radio_lock);
2941	return skb->len;
2942}
2943
2944/* Generic Netlink operations array */
2945static const struct genl_ops hwsim_ops[] = {
2946	{
2947		.cmd = HWSIM_CMD_REGISTER,
2948		.policy = hwsim_genl_policy,
2949		.doit = hwsim_register_received_nl,
2950		.flags = GENL_ADMIN_PERM,
2951	},
2952	{
2953		.cmd = HWSIM_CMD_FRAME,
2954		.policy = hwsim_genl_policy,
2955		.doit = hwsim_cloned_frame_received_nl,
2956	},
2957	{
2958		.cmd = HWSIM_CMD_TX_INFO_FRAME,
2959		.policy = hwsim_genl_policy,
2960		.doit = hwsim_tx_info_frame_received_nl,
2961	},
2962	{
2963		.cmd = HWSIM_CMD_NEW_RADIO,
2964		.policy = hwsim_genl_policy,
2965		.doit = hwsim_new_radio_nl,
2966		.flags = GENL_ADMIN_PERM,
2967	},
2968	{
2969		.cmd = HWSIM_CMD_DEL_RADIO,
2970		.policy = hwsim_genl_policy,
2971		.doit = hwsim_del_radio_nl,
2972		.flags = GENL_ADMIN_PERM,
2973	},
2974	{
2975		.cmd = HWSIM_CMD_GET_RADIO,
2976		.policy = hwsim_genl_policy,
2977		.doit = hwsim_get_radio_nl,
2978		.dumpit = hwsim_dump_radio_nl,
2979	},
2980};
2981
2982static void destroy_radio(struct work_struct *work)
2983{
2984	struct mac80211_hwsim_data *data =
2985		container_of(work, struct mac80211_hwsim_data, destroy_work);
2986
2987	mac80211_hwsim_del_radio(data, wiphy_name(data->hw->wiphy), NULL);
2988}
2989
2990static void remove_user_radios(u32 portid)
2991{
2992	struct mac80211_hwsim_data *entry, *tmp;
2993
2994	spin_lock_bh(&hwsim_radio_lock);
2995	list_for_each_entry_safe(entry, tmp, &hwsim_radios, list) {
2996		if (entry->destroy_on_close && entry->portid == portid) {
2997			list_del(&entry->list);
2998			INIT_WORK(&entry->destroy_work, destroy_radio);
2999			schedule_work(&entry->destroy_work);
3000		}
3001	}
3002	spin_unlock_bh(&hwsim_radio_lock);
3003}
3004
3005static int mac80211_hwsim_netlink_notify(struct notifier_block *nb,
3006					 unsigned long state,
3007					 void *_notify)
3008{
3009	struct netlink_notify *notify = _notify;
3010
3011	if (state != NETLINK_URELEASE)
3012		return NOTIFY_DONE;
3013
3014	remove_user_radios(notify->portid);
3015
3016	if (notify->portid == wmediumd_portid) {
3017		printk(KERN_INFO "mac80211_hwsim: wmediumd released netlink"
3018		       " socket, switching to perfect channel medium\n");
3019		wmediumd_portid = 0;
3020	}
3021	return NOTIFY_DONE;
3022
3023}
3024
3025static struct notifier_block hwsim_netlink_notifier = {
3026	.notifier_call = mac80211_hwsim_netlink_notify,
3027};
3028
3029static int hwsim_init_netlink(void)
3030{
3031	int rc;
3032
3033	printk(KERN_INFO "mac80211_hwsim: initializing netlink\n");
3034
3035	rc = genl_register_family_with_ops_groups(&hwsim_genl_family,
3036						  hwsim_ops,
3037						  hwsim_mcgrps);
3038	if (rc)
3039		goto failure;
3040
3041	rc = netlink_register_notifier(&hwsim_netlink_notifier);
3042	if (rc)
3043		goto failure;
3044
3045	return 0;
3046
3047failure:
3048	printk(KERN_DEBUG "mac80211_hwsim: error occurred in %s\n", __func__);
3049	return -EINVAL;
3050}
3051
3052static void hwsim_exit_netlink(void)
3053{
3054	/* unregister the notifier */
3055	netlink_unregister_notifier(&hwsim_netlink_notifier);
3056	/* unregister the family */
3057	genl_unregister_family(&hwsim_genl_family);
3058}
3059
3060static int __init init_mac80211_hwsim(void)
3061{
3062	int i, err;
3063
3064	if (radios < 0 || radios > 100)
3065		return -EINVAL;
3066
3067	if (channels < 1)
3068		return -EINVAL;
3069
3070	mac80211_hwsim_mchan_ops = mac80211_hwsim_ops;
3071	mac80211_hwsim_mchan_ops.hw_scan = mac80211_hwsim_hw_scan;
3072	mac80211_hwsim_mchan_ops.cancel_hw_scan = mac80211_hwsim_cancel_hw_scan;
3073	mac80211_hwsim_mchan_ops.sw_scan_start = NULL;
3074	mac80211_hwsim_mchan_ops.sw_scan_complete = NULL;
3075	mac80211_hwsim_mchan_ops.remain_on_channel = mac80211_hwsim_roc;
3076	mac80211_hwsim_mchan_ops.cancel_remain_on_channel = mac80211_hwsim_croc;
3077	mac80211_hwsim_mchan_ops.add_chanctx = mac80211_hwsim_add_chanctx;
3078	mac80211_hwsim_mchan_ops.remove_chanctx = mac80211_hwsim_remove_chanctx;
3079	mac80211_hwsim_mchan_ops.change_chanctx = mac80211_hwsim_change_chanctx;
3080	mac80211_hwsim_mchan_ops.assign_vif_chanctx =
3081		mac80211_hwsim_assign_vif_chanctx;
3082	mac80211_hwsim_mchan_ops.unassign_vif_chanctx =
3083		mac80211_hwsim_unassign_vif_chanctx;
3084
3085	spin_lock_init(&hwsim_radio_lock);
3086	INIT_LIST_HEAD(&hwsim_radios);
3087
3088	err = platform_driver_register(&mac80211_hwsim_driver);
3089	if (err)
3090		return err;
3091
3092	hwsim_class = class_create(THIS_MODULE, "mac80211_hwsim");
3093	if (IS_ERR(hwsim_class)) {
3094		err = PTR_ERR(hwsim_class);
3095		goto out_unregister_driver;
3096	}
3097
3098	err = hwsim_init_netlink();
3099	if (err < 0)
3100		goto out_unregister_driver;
3101
3102	for (i = 0; i < radios; i++) {
3103		struct hwsim_new_radio_params param = { 0 };
3104
3105		param.channels = channels;
3106
3107		switch (regtest) {
3108		case HWSIM_REGTEST_DIFF_COUNTRY:
3109			if (i < ARRAY_SIZE(hwsim_alpha2s))
3110				param.reg_alpha2 = hwsim_alpha2s[i];
3111			break;
3112		case HWSIM_REGTEST_DRIVER_REG_FOLLOW:
3113			if (!i)
3114				param.reg_alpha2 = hwsim_alpha2s[0];
3115			break;
3116		case HWSIM_REGTEST_STRICT_ALL:
3117			param.reg_strict = true;
3118		case HWSIM_REGTEST_DRIVER_REG_ALL:
3119			param.reg_alpha2 = hwsim_alpha2s[0];
3120			break;
3121		case HWSIM_REGTEST_WORLD_ROAM:
3122			if (i == 0)
3123				param.regd = &hwsim_world_regdom_custom_01;
3124			break;
3125		case HWSIM_REGTEST_CUSTOM_WORLD:
3126			param.regd = &hwsim_world_regdom_custom_01;
3127			break;
3128		case HWSIM_REGTEST_CUSTOM_WORLD_2:
3129			if (i == 0)
3130				param.regd = &hwsim_world_regdom_custom_01;
3131			else if (i == 1)
3132				param.regd = &hwsim_world_regdom_custom_02;
3133			break;
3134		case HWSIM_REGTEST_STRICT_FOLLOW:
3135			if (i == 0) {
3136				param.reg_strict = true;
3137				param.reg_alpha2 = hwsim_alpha2s[0];
3138			}
3139			break;
3140		case HWSIM_REGTEST_STRICT_AND_DRIVER_REG:
3141			if (i == 0) {
3142				param.reg_strict = true;
3143				param.reg_alpha2 = hwsim_alpha2s[0];
3144			} else if (i == 1) {
3145				param.reg_alpha2 = hwsim_alpha2s[1];
3146			}
3147			break;
3148		case HWSIM_REGTEST_ALL:
3149			switch (i) {
3150			case 0:
3151				param.regd = &hwsim_world_regdom_custom_01;
3152				break;
3153			case 1:
3154				param.regd = &hwsim_world_regdom_custom_02;
3155				break;
3156			case 2:
3157				param.reg_alpha2 = hwsim_alpha2s[0];
3158				break;
3159			case 3:
3160				param.reg_alpha2 = hwsim_alpha2s[1];
3161				break;
3162			case 4:
3163				param.reg_strict = true;
3164				param.reg_alpha2 = hwsim_alpha2s[2];
3165				break;
3166			}
3167			break;
3168		default:
3169			break;
3170		}
3171
3172		param.p2p_device = support_p2p_device;
3173		param.use_chanctx = channels > 1;
3174
3175		err = mac80211_hwsim_new_radio(NULL, &param);
3176		if (err < 0)
3177			goto out_free_radios;
3178	}
3179
3180	hwsim_mon = alloc_netdev(0, "hwsim%d", NET_NAME_UNKNOWN,
3181				 hwsim_mon_setup);
3182	if (hwsim_mon == NULL) {
3183		err = -ENOMEM;
3184		goto out_free_radios;
3185	}
3186
3187	rtnl_lock();
3188	err = dev_alloc_name(hwsim_mon, hwsim_mon->name);
3189	if (err < 0) {
3190		rtnl_unlock();
3191		goto out_free_radios;
3192	}
3193
3194	err = register_netdevice(hwsim_mon);
3195	if (err < 0) {
3196		rtnl_unlock();
3197		goto out_free_mon;
3198	}
3199	rtnl_unlock();
3200
3201	return 0;
3202
3203out_free_mon:
3204	free_netdev(hwsim_mon);
3205out_free_radios:
3206	mac80211_hwsim_free();
3207out_unregister_driver:
3208	platform_driver_unregister(&mac80211_hwsim_driver);
3209	return err;
3210}
3211module_init(init_mac80211_hwsim);
3212
3213static void __exit exit_mac80211_hwsim(void)
3214{
3215	printk(KERN_DEBUG "mac80211_hwsim: unregister radios\n");
3216
3217	hwsim_exit_netlink();
3218
3219	mac80211_hwsim_free();
3220	unregister_netdev(hwsim_mon);
3221	platform_driver_unregister(&mac80211_hwsim_driver);
3222}
3223module_exit(exit_mac80211_hwsim);
Configure Feed

Configure Feed
