1 /* $NetBSD: ieee80211_ioctl.c,v 1.43 2006/11/16 01:33:40 christos Exp $ */
2 /*-
3 * Copyright (c) 2001 Atsushi Onoe
4 * Copyright (c) 2002-2005 Sam Leffler, Errno Consulting
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. The name of the author may not be used to endorse or promote products
16 * derived from this software without specific prior written permission.
17 *
18 * Alternatively, this software may be distributed under the terms of the
19 * GNU General Public License ("GPL") version 2 as published by the Free
20 * Software Foundation.
21 *
22 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
23 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
24 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
25 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
26 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
27 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
28 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
29 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
30 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
31 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
32 */
33
34 #include <sys/cdefs.h>
35 #ifdef __FreeBSD__
36 __FBSDID("$FreeBSD: src/sys/net80211/ieee80211_ioctl.c,v 1.35 2005/08/30 14:27:47 avatar Exp $");
37 #endif
38 #ifdef __NetBSD__
39 __KERNEL_RCSID(0, "$NetBSD: ieee80211_ioctl.c,v 1.43 2006/11/16 01:33:40 christos Exp $");
40 #endif
41
42 /*
43 * IEEE 802.11 ioctl support (FreeBSD-specific)
44 */
45
46 #include "opt_inet.h"
47
48 #include <sys/endian.h>
49 #include <sys/param.h>
50 #include <sys/kernel.h>
51 #include <sys/socket.h>
52 #include <sys/sockio.h>
53 #include <sys/systm.h>
54 #include <sys/proc.h>
55 #include <sys/kauth.h>
56
57 #include <net/if.h>
58 #include <net/if_arp.h>
59 #include <net/if_media.h>
60 #include <net/if_ether.h>
61
62 #ifdef INET
63 #include <netinet/in.h>
64 #include <netinet/if_inarp.h>
65 #endif
66
67 #include <net80211/ieee80211_var.h>
68 #include <net80211/ieee80211_ioctl.h>
69
70 #include <dev/ic/wi_ieee.h>
71
72 #ifdef __FreeBSD__
73 #define IS_UP(_ic) \
74 (((_ic)->ic_ifp->if_flags & IFF_UP) && \
75 ((_ic)->ic_ifp->if_drv_flags & IFF_DRV_RUNNING))
76 #endif
77 #ifdef __NetBSD__
78 #define IS_UP(_ic) \
79 (((_ic)->ic_ifp->if_flags & IFF_UP) && \
80 ((_ic)->ic_ifp->if_flags & IFF_RUNNING))
81 #endif
82 #define IS_UP_AUTO(_ic) \
83 (IS_UP(_ic) && (_ic)->ic_roaming == IEEE80211_ROAMING_AUTO)
84
85 /*
86 * XXX
87 * Wireless LAN specific configuration interface, which is compatible
88 * with wicontrol(8).
89 */
90
91 struct wi_read_ap_args {
92 int i; /* result count */
93 struct wi_apinfo *ap; /* current entry in result buffer */
94 caddr_t max; /* result buffer bound */
95 };
96
97 static void
98 wi_read_ap_result(void *arg, struct ieee80211_node *ni)
99 {
100 struct ieee80211com *ic = ni->ni_ic;
101 struct wi_read_ap_args *sa = arg;
102 struct wi_apinfo *ap = sa->ap;
103 struct ieee80211_rateset *rs;
104 int j;
105
106 if ((caddr_t)(ap + 1) > sa->max)
107 return;
108 memset(ap, 0, sizeof(struct wi_apinfo));
109 if (ic->ic_opmode == IEEE80211_M_HOSTAP) {
110 IEEE80211_ADDR_COPY(ap->bssid, ni->ni_macaddr);
111 ap->namelen = ic->ic_des_esslen;
112 if (ic->ic_des_esslen)
113 memcpy(ap->name, ic->ic_des_essid,
114 ic->ic_des_esslen);
115 } else {
116 IEEE80211_ADDR_COPY(ap->bssid, ni->ni_bssid);
117 ap->namelen = ni->ni_esslen;
118 if (ni->ni_esslen)
119 memcpy(ap->name, ni->ni_essid,
120 ni->ni_esslen);
121 }
122 ap->channel = ieee80211_chan2ieee(ic, ni->ni_chan);
123 ap->signal = ic->ic_node_getrssi(ni);
124 ap->capinfo = ni->ni_capinfo;
125 ap->interval = ni->ni_intval;
126 rs = &ni->ni_rates;
127 for (j = 0; j < rs->rs_nrates; j++) {
128 if (rs->rs_rates[j] & IEEE80211_RATE_BASIC) {
129 ap->rate = (rs->rs_rates[j] &
130 IEEE80211_RATE_VAL) * 5; /* XXX */
131 }
132 }
133 sa->i++;
134 sa->ap++;
135 }
136
137 struct wi_read_prism2_args {
138 int i; /* result count */
139 struct wi_scan_res *res;/* current entry in result buffer */
140 caddr_t max; /* result buffer bound */
141 };
142
143 #if 0
144 static void
145 wi_read_prism2_result(void *arg, struct ieee80211_node *ni)
146 {
147 struct ieee80211com *ic = ni->ni_ic;
148 struct wi_read_prism2_args *sa = arg;
149 struct wi_scan_res *res = sa->res;
150
151 if ((caddr_t)(res + 1) > sa->max)
152 return;
153 res->wi_chan = ieee80211_chan2ieee(ic, ni->ni_chan);
154 res->wi_noise = 0;
155 res->wi_signal = ic->ic_node_getrssi(ni);
156 IEEE80211_ADDR_COPY(res->wi_bssid, ni->ni_bssid);
157 res->wi_interval = ni->ni_intval;
158 res->wi_capinfo = ni->ni_capinfo;
159 res->wi_ssid_len = ni->ni_esslen;
160 memcpy(res->wi_ssid, ni->ni_essid, IEEE80211_NWID_LEN);
161 /* NB: assumes wi_srates holds <= ni->ni_rates */
162 memcpy(res->wi_srates, ni->ni_rates.rs_rates,
163 sizeof(res->wi_srates));
164 if (ni->ni_rates.rs_nrates < 10)
165 res->wi_srates[ni->ni_rates.rs_nrates] = 0;
166 res->wi_rate = ni->ni_rates.rs_rates[ni->ni_txrate];
167 res->wi_rsvd = 0;
168
169 sa->i++;
170 sa->res++;
171 }
172
173 struct wi_read_sigcache_args {
174 int i; /* result count */
175 struct wi_sigcache *wsc;/* current entry in result buffer */
176 caddr_t max; /* result buffer bound */
177 };
178
179 static void
180 wi_read_sigcache(void *arg, struct ieee80211_node *ni)
181 {
182 struct ieee80211com *ic = ni->ni_ic;
183 struct wi_read_sigcache_args *sa = arg;
184 struct wi_sigcache *wsc = sa->wsc;
185
186 if ((caddr_t)(wsc + 1) > sa->max)
187 return;
188 memset(wsc, 0, sizeof(struct wi_sigcache));
189 IEEE80211_ADDR_COPY(wsc->macsrc, ni->ni_macaddr);
190 wsc->signal = ic->ic_node_getrssi(ni);
191
192 sa->wsc++;
193 sa->i++;
194 }
195 #endif
196
197 int
198 ieee80211_cfgget(struct ieee80211com *ic, u_long cmd, caddr_t data)
199 {
200 struct ifnet *ifp = ic->ic_ifp;
201 int i, j, error;
202 struct ifreq *ifr = (struct ifreq *)data;
203 struct wi_req *wreq;
204 struct wi_ltv_keys *keys;
205
206 wreq = malloc(sizeof(*wreq), M_TEMP, M_WAITOK);
207 error = copyin(ifr->ifr_data, wreq, sizeof(*wreq));
208 if (error)
209 goto out;
210 wreq->wi_len = 0;
211 switch (wreq->wi_type) {
212 case WI_RID_SERIALNO:
213 case WI_RID_STA_IDENTITY:
214 /* nothing appropriate */
215 break;
216 case WI_RID_NODENAME:
217 strlcpy((char *)&wreq->wi_val[1], hostname,
218 sizeof(wreq->wi_val) - sizeof(wreq->wi_val[0]));
219 wreq->wi_val[0] = htole16(strlen(hostname));
220 wreq->wi_len = (1 + strlen(hostname) + 1) / 2;
221 break;
222 case WI_RID_CURRENT_SSID:
223 if (ic->ic_state != IEEE80211_S_RUN) {
224 wreq->wi_val[0] = 0;
225 wreq->wi_len = 1;
226 break;
227 }
228 wreq->wi_val[0] = htole16(ic->ic_bss->ni_esslen);
229 memcpy(&wreq->wi_val[1], ic->ic_bss->ni_essid,
230 ic->ic_bss->ni_esslen);
231 wreq->wi_len = (1 + ic->ic_bss->ni_esslen + 1) / 2;
232 break;
233 case WI_RID_OWN_SSID:
234 case WI_RID_DESIRED_SSID:
235 wreq->wi_val[0] = htole16(ic->ic_des_esslen);
236 memcpy(&wreq->wi_val[1], ic->ic_des_essid, ic->ic_des_esslen);
237 wreq->wi_len = (1 + ic->ic_des_esslen + 1) / 2;
238 break;
239 case WI_RID_CURRENT_BSSID:
240 if (ic->ic_state == IEEE80211_S_RUN)
241 IEEE80211_ADDR_COPY(wreq->wi_val, ic->ic_bss->ni_bssid);
242 else
243 memset(wreq->wi_val, 0, IEEE80211_ADDR_LEN);
244 wreq->wi_len = IEEE80211_ADDR_LEN / 2;
245 break;
246 case WI_RID_CHANNEL_LIST:
247 memset(wreq->wi_val, 0, sizeof(wreq->wi_val));
248 /*
249 * Since channel 0 is not available for DS, channel 1
250 * is assigned to LSB on WaveLAN.
251 */
252 if (ic->ic_phytype == IEEE80211_T_DS)
253 i = 1;
254 else
255 i = 0;
256 for (j = 0; i <= IEEE80211_CHAN_MAX; i++, j++)
257 if (isset(ic->ic_chan_active, i)) {
258 setbit((u_int8_t *)wreq->wi_val, j);
259 wreq->wi_len = j / 16 + 1;
260 }
261 break;
262 case WI_RID_OWN_CHNL:
263 wreq->wi_val[0] = htole16(
264 ieee80211_chan2ieee(ic, ic->ic_ibss_chan));
265 wreq->wi_len = 1;
266 break;
267 case WI_RID_CURRENT_CHAN:
268 wreq->wi_val[0] = htole16(
269 ieee80211_chan2ieee(ic, ic->ic_curchan));
270 wreq->wi_len = 1;
271 break;
272 case WI_RID_COMMS_QUALITY:
273 wreq->wi_val[0] = 0; /* quality */
274 wreq->wi_val[1] = htole16(ic->ic_node_getrssi(ic->ic_bss));
275 wreq->wi_val[2] = 0; /* noise */
276 wreq->wi_len = 3;
277 break;
278 case WI_RID_PROMISC:
279 wreq->wi_val[0] = htole16((ifp->if_flags & IFF_PROMISC) ? 1 : 0);
280 wreq->wi_len = 1;
281 break;
282 case WI_RID_PORTTYPE:
283 wreq->wi_val[0] = htole16(ic->ic_opmode);
284 wreq->wi_len = 1;
285 break;
286 case WI_RID_MAC_NODE:
287 IEEE80211_ADDR_COPY(wreq->wi_val, ic->ic_myaddr);
288 wreq->wi_len = IEEE80211_ADDR_LEN / 2;
289 break;
290 case WI_RID_TX_RATE:
291 if (ic->ic_fixed_rate == IEEE80211_FIXED_RATE_NONE)
292 wreq->wi_val[0] = 0; /* auto */
293 else
294 wreq->wi_val[0] = htole16(
295 (ic->ic_sup_rates[ic->ic_curmode].rs_rates[ic->ic_fixed_rate] &
296 IEEE80211_RATE_VAL) / 2);
297 wreq->wi_len = 1;
298 break;
299 case WI_RID_CUR_TX_RATE:
300 wreq->wi_val[0] = htole16(
301 (ic->ic_bss->ni_rates.rs_rates[ic->ic_bss->ni_txrate] &
302 IEEE80211_RATE_VAL) / 2);
303 wreq->wi_len = 1;
304 break;
305 case WI_RID_FRAG_THRESH:
306 wreq->wi_val[0] = htole16(ic->ic_fragthreshold);
307 wreq->wi_len = 1;
308 break;
309 case WI_RID_RTS_THRESH:
310 wreq->wi_val[0] = htole16(ic->ic_rtsthreshold);
311 wreq->wi_len = 1;
312 break;
313 case WI_RID_CREATE_IBSS:
314 wreq->wi_val[0] =
315 htole16((ic->ic_flags & IEEE80211_F_IBSSON) ? 1 : 0);
316 wreq->wi_len = 1;
317 break;
318 case WI_RID_MICROWAVE_OVEN:
319 wreq->wi_val[0] = 0; /* no ... not supported */
320 wreq->wi_len = 1;
321 break;
322 case WI_RID_ROAMING_MODE:
323 wreq->wi_val[0] = htole16(ic->ic_roaming); /* XXX map */
324 wreq->wi_len = 1;
325 break;
326 case WI_RID_SYSTEM_SCALE:
327 wreq->wi_val[0] = htole16(1); /* low density ... not supp */
328 wreq->wi_len = 1;
329 break;
330 case WI_RID_PM_ENABLED:
331 wreq->wi_val[0] =
332 htole16((ic->ic_flags & IEEE80211_F_PMGTON) ? 1 : 0);
333 wreq->wi_len = 1;
334 break;
335 case WI_RID_MAX_SLEEP:
336 wreq->wi_val[0] = htole16(ic->ic_lintval);
337 wreq->wi_len = 1;
338 break;
339 case WI_RID_CUR_BEACON_INT:
340 wreq->wi_val[0] = htole16(ic->ic_bss->ni_intval);
341 wreq->wi_len = 1;
342 break;
343 case WI_RID_WEP_AVAIL:
344 wreq->wi_val[0] = htole16(1); /* always available */
345 wreq->wi_len = 1;
346 break;
347 case WI_RID_CNFAUTHMODE:
348 wreq->wi_val[0] = htole16(1); /* TODO: open system only */
349 wreq->wi_len = 1;
350 break;
351 case WI_RID_ENCRYPTION:
352 wreq->wi_val[0] =
353 htole16((ic->ic_flags & IEEE80211_F_PRIVACY) ? 1 : 0);
354 wreq->wi_len = 1;
355 break;
356 case WI_RID_TX_CRYPT_KEY:
357 wreq->wi_val[0] = htole16(ic->ic_def_txkey);
358 wreq->wi_len = 1;
359 break;
360 case WI_RID_DEFLT_CRYPT_KEYS:
361 keys = (struct wi_ltv_keys *)wreq;
362 /* do not show keys to non-root user */
363 error = kauth_authorize_network(curlwp->l_cred,
364 KAUTH_NETWORK_INTERFACE,
365 KAUTH_REQ_NETWORK_INTERFACE_GETPRIV, ifp,
366 NULL, NULL);
367 if (error) {
368 memset(keys, 0, sizeof(*keys));
369 error = 0;
370 break;
371 }
372 for (i = 0; i < IEEE80211_WEP_NKID; i++) {
373 keys->wi_keys[i].wi_keylen =
374 htole16(ic->ic_nw_keys[i].wk_keylen);
375 memcpy(keys->wi_keys[i].wi_keydat,
376 ic->ic_nw_keys[i].wk_key,
377 ic->ic_nw_keys[i].wk_keylen);
378 }
379 wreq->wi_len = sizeof(*keys) / 2;
380 break;
381 case WI_RID_MAX_DATALEN:
382 wreq->wi_val[0] = htole16(ic->ic_fragthreshold);
383 wreq->wi_len = 1;
384 break;
385 case WI_RID_DBM_ADJUST:
386 /* not supported, we just pass rssi value from driver. */
387 break;
388 case WI_RID_IFACE_STATS:
389 /* XXX: should be implemented in lower drivers */
390 break;
391 case WI_RID_READ_APS:
392 /*
393 * Don't return results until active scan completes.
394 */
395 if ((ic->ic_flags & (IEEE80211_F_SCAN|IEEE80211_F_ASCAN)) == 0) {
396 struct wi_read_ap_args args;
397
398 args.i = 0;
399 args.ap = (void *)((char *)wreq->wi_val + sizeof(i));
400 args.max = (void *)(wreq + 1);
401 ieee80211_iterate_nodes(&ic->ic_scan,
402 wi_read_ap_result, &args);
403 memcpy(wreq->wi_val, &args.i, sizeof(args.i));
404 wreq->wi_len = (sizeof(int) +
405 sizeof(struct wi_apinfo) * args.i) / 2;
406 } else
407 error = EINPROGRESS;
408 break;
409 #if 0
410 case WI_RID_SCAN_RES: /* compatibility interface */
411 if ((ic->ic_flags & (IEEE80211_F_SCAN|IEEE80211_F_ASCAN)) == 0) {
412 struct wi_read_prism2_args args;
413 struct wi_scan_p2_hdr *p2;
414
415 /* NB: use Prism2 format so we can include rate info */
416 p2 = (struct wi_scan_p2_hdr *)wreq->wi_val;
417 args.i = 0;
418 args.res = (void *)&p2[1];
419 args.max = (void *)(wreq + 1);
420 ieee80211_iterate_nodes(&ic->ic_scan,
421 wi_read_prism2_result, &args);
422 p2->wi_rsvd = 0;
423 p2->wi_reason = args.i;
424 wreq->wi_len = (sizeof(*p2) +
425 sizeof(struct wi_scan_res) * args.i) / 2;
426 } else
427 error = EINPROGRESS;
428 break;
429 case WI_RID_READ_CACHE: {
430 struct wi_read_sigcache_args args;
431 args.i = 0;
432 args.wsc = (struct wi_sigcache *) wreq->wi_val;
433 args.max = (void *)(wreq + 1);
434 ieee80211_iterate_nodes(&ic->ic_scan, wi_read_sigcache, &args);
435 wreq->wi_len = sizeof(struct wi_sigcache) * args.i / 2;
436 break;
437 }
438 #endif
439 default:
440 error = EINVAL;
441 break;
442 }
443 if (error == 0) {
444 wreq->wi_len++;
445 error = copyout(wreq, ifr->ifr_data, sizeof(*wreq));
446 }
447 out:
448 free(wreq, M_TEMP);
449 return error;
450 }
451
452 static int
453 findrate(struct ieee80211com *ic, enum ieee80211_phymode mode, int rate)
454 {
455 #define IEEERATE(_ic,_m,_i) \
456 ((_ic)->ic_sup_rates[_m].rs_rates[_i] & IEEE80211_RATE_VAL)
457 int i, nrates = ic->ic_sup_rates[mode].rs_nrates;
458 for (i = 0; i < nrates; i++)
459 if (IEEERATE(ic, mode, i) == rate)
460 return i;
461 return -1;
462 #undef IEEERATE
463 }
464
465 /*
466 * Prepare to do a user-initiated scan for AP's. If no
467 * current/default channel is setup or the current channel
468 * is invalid then pick the first available channel from
469 * the active list as the place to start the scan.
470 */
471 static int
472 ieee80211_setupscan(struct ieee80211com *ic, const u_int8_t chanlist[])
473 {
474
475 /*
476 * XXX don't permit a scan to be started unless we
477 * know the device is ready. For the moment this means
478 * the device is marked up as this is the required to
479 * initialize the hardware. It would be better to permit
480 * scanning prior to being up but that'll require some
481 * changes to the infrastructure.
482 */
483 if (!IS_UP(ic))
484 return EINVAL;
485 memcpy(ic->ic_chan_active, chanlist, sizeof(ic->ic_chan_active));
486 /*
487 * We force the state to INIT before calling ieee80211_new_state
488 * to get ieee80211_begin_scan called. We really want to scan w/o
489 * altering the current state but that's not possible right now.
490 */
491 /* XXX handle proberequest case */
492 ic->ic_state = IEEE80211_S_INIT; /* XXX bypass state machine */
493 return 0;
494 }
495
496 int
497 ieee80211_cfgset(struct ieee80211com *ic, u_long cmd, caddr_t data)
498 {
499 struct ifnet *ifp = ic->ic_ifp;
500 int i, j, len, error, rate;
501 struct ifreq *ifr = (struct ifreq *)data;
502 struct wi_ltv_keys *keys;
503 struct wi_req *wreq;
504 u_int8_t chanlist[IEEE80211_CHAN_BYTES];
505
506 wreq = malloc(sizeof(*wreq), M_TEMP, M_WAITOK);
507 error = copyin(ifr->ifr_data, wreq, sizeof(*wreq));
508 if (error)
509 goto out;
510 len = wreq->wi_len ? (wreq->wi_len - 1) * 2 : 0;
511 switch (wreq->wi_type) {
512 case WI_RID_SERIALNO:
513 case WI_RID_NODENAME:
514 case WI_RID_CURRENT_SSID:
515 error = EPERM;
516 goto out;
517 case WI_RID_OWN_SSID:
518 case WI_RID_DESIRED_SSID:
519 if (le16toh(wreq->wi_val[0]) * 2 > len ||
520 le16toh(wreq->wi_val[0]) > IEEE80211_NWID_LEN) {
521 error = ENOSPC;
522 break;
523 }
524 memset(ic->ic_des_essid, 0, sizeof(ic->ic_des_essid));
525 ic->ic_des_esslen = le16toh(wreq->wi_val[0]) * 2;
526 memcpy(ic->ic_des_essid, &wreq->wi_val[1], ic->ic_des_esslen);
527 error = ENETRESET;
528 break;
529 case WI_RID_CURRENT_BSSID:
530 error = EPERM;
531 goto out;
532 case WI_RID_OWN_CHNL:
533 if (len != 2)
534 goto invalid;
535 i = le16toh(wreq->wi_val[0]);
536 if (i < 0 ||
537 i > IEEE80211_CHAN_MAX ||
538 isclr(ic->ic_chan_active, i))
539 goto invalid;
540 ic->ic_ibss_chan = &ic->ic_channels[i];
541 if (ic->ic_opmode == IEEE80211_M_MONITOR)
542 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
543 else
544 error = ENETRESET;
545 break;
546 case WI_RID_CURRENT_CHAN:
547 case WI_RID_COMMS_QUALITY:
548 error = EPERM;
549 goto out;
550 case WI_RID_PROMISC:
551 if (len != 2)
552 goto invalid;
553 if (ifp->if_flags & IFF_PROMISC) {
554 if (wreq->wi_val[0] == 0) {
555 ifp->if_flags &= ~IFF_PROMISC;
556 error = ENETRESET;
557 }
558 } else {
559 if (wreq->wi_val[0] != 0) {
560 ifp->if_flags |= IFF_PROMISC;
561 error = ENETRESET;
562 }
563 }
564 break;
565 case WI_RID_PORTTYPE:
566 if (len != 2)
567 goto invalid;
568 switch (le16toh(wreq->wi_val[0])) {
569 case IEEE80211_M_STA:
570 break;
571 case IEEE80211_M_IBSS:
572 if (!(ic->ic_caps & IEEE80211_C_IBSS))
573 goto invalid;
574 break;
575 case IEEE80211_M_AHDEMO:
576 if (ic->ic_phytype != IEEE80211_T_DS ||
577 !(ic->ic_caps & IEEE80211_C_AHDEMO))
578 goto invalid;
579 break;
580 case IEEE80211_M_HOSTAP:
581 if (!(ic->ic_caps & IEEE80211_C_HOSTAP))
582 goto invalid;
583 break;
584 default:
585 goto invalid;
586 }
587 if (le16toh(wreq->wi_val[0]) != ic->ic_opmode) {
588 ic->ic_opmode = le16toh(wreq->wi_val[0]);
589 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
590 }
591 break;
592 #if 0
593 case WI_RID_MAC_NODE:
594 if (len != IEEE80211_ADDR_LEN)
595 goto invalid;
596 IEEE80211_ADDR_COPY(LLADDR(ifp->if_sadl), wreq->wi_val);
597 /* if_init will copy lladdr into ic_myaddr */
598 error = ENETRESET;
599 break;
600 #endif
601 case WI_RID_TX_RATE:
602 if (len != 2)
603 goto invalid;
604 if (wreq->wi_val[0] == 0) {
605 /* auto */
606 ic->ic_fixed_rate = IEEE80211_FIXED_RATE_NONE;
607 break;
608 }
609 rate = 2 * le16toh(wreq->wi_val[0]);
610 if (ic->ic_curmode == IEEE80211_MODE_AUTO) {
611 /*
612 * In autoselect mode search for the rate. We take
613 * the first instance which may not be right, but we
614 * are limited by the interface. Note that we also
615 * lock the mode to insure the rate is meaningful
616 * when it is used.
617 */
618 for (j = IEEE80211_MODE_11A;
619 j < IEEE80211_MODE_MAX; j++) {
620 if ((ic->ic_modecaps & (1<<j)) == 0)
621 continue;
622 i = findrate(ic, j, rate);
623 if (i != -1) {
624 /* lock mode too */
625 ic->ic_curmode = j;
626 goto setrate;
627 }
628 }
629 } else {
630 i = findrate(ic, ic->ic_curmode, rate);
631 if (i != -1)
632 goto setrate;
633 }
634 goto invalid;
635 setrate:
636 ic->ic_fixed_rate = i;
637 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
638 break;
639 case WI_RID_CUR_TX_RATE:
640 error = EPERM;
641 goto out;
642 case WI_RID_FRAG_THRESH:
643 if (len != 2)
644 goto invalid;
645 ic->ic_fragthreshold = le16toh(wreq->wi_val[0]);
646 error = ENETRESET;
647 break;
648 case WI_RID_RTS_THRESH:
649 if (len != 2)
650 goto invalid;
651 ic->ic_rtsthreshold = le16toh(wreq->wi_val[0]);
652 error = ENETRESET;
653 break;
654 case WI_RID_CREATE_IBSS:
655 if (len != 2)
656 goto invalid;
657 if (wreq->wi_val[0] != 0) {
658 if ((ic->ic_caps & IEEE80211_C_IBSS) == 0)
659 goto invalid;
660 if ((ic->ic_flags & IEEE80211_F_IBSSON) == 0) {
661 ic->ic_flags |= IEEE80211_F_IBSSON;
662 if (ic->ic_opmode == IEEE80211_M_IBSS &&
663 ic->ic_state == IEEE80211_S_SCAN)
664 error = IS_UP_AUTO(ic) ? ENETRESET : 0;
665 }
666 } else {
667 if (ic->ic_flags & IEEE80211_F_IBSSON) {
668 ic->ic_flags &= ~IEEE80211_F_IBSSON;
669 if (ic->ic_flags & IEEE80211_F_SIBSS) {
670 ic->ic_flags &= ~IEEE80211_F_SIBSS;
671 error = IS_UP_AUTO(ic) ? ENETRESET : 0;
672 }
673 }
674 }
675 break;
676 case WI_RID_MICROWAVE_OVEN:
677 if (len != 2)
678 goto invalid;
679 if (wreq->wi_val[0] != 0)
680 goto invalid; /* not supported */
681 break;
682 case WI_RID_ROAMING_MODE:
683 if (len != 2)
684 goto invalid;
685 i = le16toh(wreq->wi_val[0]);
686 if (i > IEEE80211_ROAMING_MANUAL)
687 goto invalid; /* not supported */
688 ic->ic_roaming = i;
689 break;
690 case WI_RID_SYSTEM_SCALE:
691 if (len != 2)
692 goto invalid;
693 if (le16toh(wreq->wi_val[0]) != 1)
694 goto invalid; /* not supported */
695 break;
696 case WI_RID_PM_ENABLED:
697 if (len != 2)
698 goto invalid;
699 if (wreq->wi_val[0] != 0) {
700 if ((ic->ic_caps & IEEE80211_C_PMGT) == 0)
701 goto invalid;
702 if ((ic->ic_flags & IEEE80211_F_PMGTON) == 0) {
703 ic->ic_flags |= IEEE80211_F_PMGTON;
704 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
705 }
706 } else {
707 if (ic->ic_flags & IEEE80211_F_PMGTON) {
708 ic->ic_flags &= ~IEEE80211_F_PMGTON;
709 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
710 }
711 }
712 break;
713 case WI_RID_MAX_SLEEP:
714 if (len != 2)
715 goto invalid;
716 ic->ic_lintval = le16toh(wreq->wi_val[0]);
717 if (ic->ic_flags & IEEE80211_F_PMGTON)
718 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
719 break;
720 case WI_RID_CUR_BEACON_INT:
721 case WI_RID_WEP_AVAIL:
722 error = EPERM;
723 goto out;
724 case WI_RID_CNFAUTHMODE:
725 if (len != 2)
726 goto invalid;
727 i = le16toh(wreq->wi_val[0]);
728 if (i > IEEE80211_AUTH_WPA)
729 goto invalid;
730 ic->ic_bss->ni_authmode = i; /* XXX ENETRESET? */
731 error = ENETRESET;
732 break;
733 case WI_RID_ENCRYPTION:
734 if (len != 2)
735 goto invalid;
736 if (wreq->wi_val[0] != 0) {
737 if ((ic->ic_caps & IEEE80211_C_WEP) == 0)
738 goto invalid;
739 if ((ic->ic_flags & IEEE80211_F_PRIVACY) == 0) {
740 ic->ic_flags |= IEEE80211_F_PRIVACY;
741 error = ENETRESET;
742 }
743 } else {
744 if (ic->ic_flags & IEEE80211_F_PRIVACY) {
745 ic->ic_flags &= ~IEEE80211_F_PRIVACY;
746 error = ENETRESET;
747 }
748 }
749 break;
750 case WI_RID_TX_CRYPT_KEY:
751 if (len != 2)
752 goto invalid;
753 i = le16toh(wreq->wi_val[0]);
754 if (i >= IEEE80211_WEP_NKID)
755 goto invalid;
756 ic->ic_def_txkey = i;
757 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
758 break;
759 case WI_RID_DEFLT_CRYPT_KEYS:
760 if (len != sizeof(struct wi_ltv_keys))
761 goto invalid;
762 keys = (struct wi_ltv_keys *)wreq;
763 for (i = 0; i < IEEE80211_WEP_NKID; i++) {
764 len = le16toh(keys->wi_keys[i].wi_keylen);
765 if (len != 0 && len < IEEE80211_WEP_KEYLEN)
766 goto invalid;
767 if (len > IEEE80211_KEYBUF_SIZE)
768 goto invalid;
769 }
770 for (i = 0; i < IEEE80211_WEP_NKID; i++) {
771 struct ieee80211_key *k = &ic->ic_nw_keys[i];
772
773 len = le16toh(keys->wi_keys[i].wi_keylen);
774 k->wk_keylen = len;
775 k->wk_flags = IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV;
776 memset(k->wk_key, 0, sizeof(k->wk_key));
777 memcpy(k->wk_key, keys->wi_keys[i].wi_keydat, len);
778 #if 0
779 k->wk_type = IEEE80211_CIPHER_WEP;
780 #endif
781 }
782 error = ENETRESET;
783 break;
784 case WI_RID_MAX_DATALEN:
785 if (len != 2)
786 goto invalid;
787 len = le16toh(wreq->wi_val[0]);
788 if (len < 350 /* ? */ || len > IEEE80211_MAX_LEN)
789 goto invalid;
790 ic->ic_fragthreshold = len;
791 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
792 break;
793 case WI_RID_IFACE_STATS:
794 error = EPERM;
795 break;
796 case WI_RID_SCAN_REQ: /* XXX wicontrol */
797 if (ic->ic_opmode == IEEE80211_M_HOSTAP)
798 break;
799 error = ieee80211_setupscan(ic, ic->ic_chan_avail);
800 if (error == 0)
801 error = ieee80211_new_state(ic, IEEE80211_S_SCAN, -1);
802 break;
803 case WI_RID_SCAN_APS:
804 if (ic->ic_opmode == IEEE80211_M_HOSTAP)
805 break;
806 len--; /* XXX: tx rate? */
807 /* FALLTHRU */
808 case WI_RID_CHANNEL_LIST:
809 memset(chanlist, 0, sizeof(chanlist));
810 /*
811 * Since channel 0 is not available for DS, channel 1
812 * is assigned to LSB on WaveLAN.
813 */
814 if (ic->ic_phytype == IEEE80211_T_DS)
815 i = 1;
816 else
817 i = 0;
818 for (j = 0; i <= IEEE80211_CHAN_MAX; i++, j++) {
819 if ((j / 8) >= len)
820 break;
821 if (isclr((u_int8_t *)wreq->wi_val, j))
822 continue;
823 if (isclr(ic->ic_chan_active, i)) {
824 if (wreq->wi_type != WI_RID_CHANNEL_LIST)
825 continue;
826 if (isclr(ic->ic_chan_avail, i)) {
827 error = EPERM;
828 goto out;
829 }
830 }
831 setbit(chanlist, i);
832 }
833 error = ieee80211_setupscan(ic, chanlist);
834 if (wreq->wi_type == WI_RID_CHANNEL_LIST) {
835 /* NB: ignore error from ieee80211_setupscan */
836 error = ENETRESET;
837 } else if (error == 0)
838 error = ieee80211_new_state(ic, IEEE80211_S_SCAN, -1);
839 break;
840 default:
841 goto invalid;
842 }
843 if (error == ENETRESET && !IS_UP_AUTO(ic))
844 error = 0;
845 out:
846 free(wreq, M_TEMP);
847 return error;
848 invalid:
849 free(wreq, M_TEMP);
850 return EINVAL;
851 }
852
853 static int
854 cap2cipher(int flag)
855 {
856 switch (flag) {
857 case IEEE80211_C_WEP: return IEEE80211_CIPHER_WEP;
858 case IEEE80211_C_AES: return IEEE80211_CIPHER_AES_OCB;
859 case IEEE80211_C_AES_CCM: return IEEE80211_CIPHER_AES_CCM;
860 case IEEE80211_C_CKIP: return IEEE80211_CIPHER_CKIP;
861 case IEEE80211_C_TKIP: return IEEE80211_CIPHER_TKIP;
862 }
863 return -1;
864 }
865
866 static int
867 ieee80211_ioctl_getkey(struct ieee80211com *ic, struct ieee80211req *ireq)
868 {
869 struct ieee80211_node *ni;
870 struct ieee80211req_key ik;
871 struct ieee80211_key *wk;
872 const struct ieee80211_cipher *cip;
873 u_int kid;
874 int error;
875
876 if (ireq->i_len != sizeof(ik))
877 return EINVAL;
878 error = copyin(ireq->i_data, &ik, sizeof(ik));
879 if (error)
880 return error;
881 kid = ik.ik_keyix;
882 if (kid == IEEE80211_KEYIX_NONE) {
883 ni = ieee80211_find_node(&ic->ic_sta, ik.ik_macaddr);
884 if (ni == NULL)
885 return EINVAL; /* XXX */
886 wk = &ni->ni_ucastkey;
887 } else {
888 if (kid >= IEEE80211_WEP_NKID)
889 return EINVAL;
890 wk = &ic->ic_nw_keys[kid];
891 IEEE80211_ADDR_COPY(&ik.ik_macaddr, ic->ic_bss->ni_macaddr);
892 ni = NULL;
893 }
894 cip = wk->wk_cipher;
895 ik.ik_type = cip->ic_cipher;
896 ik.ik_keylen = wk->wk_keylen;
897 ik.ik_flags = wk->wk_flags & (IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV);
898 if (wk->wk_keyix == ic->ic_def_txkey)
899 ik.ik_flags |= IEEE80211_KEY_DEFAULT;
900 if (kauth_authorize_network(curlwp->l_cred, KAUTH_NETWORK_INTERFACE,
901 KAUTH_REQ_NETWORK_INTERFACE_GETPRIV, ic->ic_ifp, NULL, NULL) == 0) {
902 /* NB: only root can read key data */
903 ik.ik_keyrsc = wk->wk_keyrsc;
904 ik.ik_keytsc = wk->wk_keytsc;
905 memcpy(ik.ik_keydata, wk->wk_key, wk->wk_keylen);
906 if (cip->ic_cipher == IEEE80211_CIPHER_TKIP) {
907 memcpy(ik.ik_keydata+wk->wk_keylen,
908 wk->wk_key + IEEE80211_KEYBUF_SIZE,
909 IEEE80211_MICBUF_SIZE);
910 ik.ik_keylen += IEEE80211_MICBUF_SIZE;
911 }
912 } else {
913 ik.ik_keyrsc = 0;
914 ik.ik_keytsc = 0;
915 memset(ik.ik_keydata, 0, sizeof(ik.ik_keydata));
916 }
917 if (ni != NULL)
918 ieee80211_free_node(ni);
919 return copyout(&ik, ireq->i_data, sizeof(ik));
920 }
921
922 static int
923 ieee80211_ioctl_getchanlist(struct ieee80211com *ic, struct ieee80211req *ireq)
924 {
925 size_t len = ireq->i_len;
926
927 if (sizeof(ic->ic_chan_active) < len) {
928 len = sizeof(ic->ic_chan_active);
929 }
930 return copyout(&ic->ic_chan_active, ireq->i_data, len);
931 }
932
933 static int
934 ieee80211_ioctl_getchaninfo(struct ieee80211com *ic, struct ieee80211req *ireq)
935 {
936 struct ieee80211req_chaninfo *chans;
937 int i, space, error;
938
939 /*
940 * Since channel 0 is not available for DS, channel 1
941 * is assigned to LSB on WaveLAN.
942 */
943 if (ic->ic_phytype == IEEE80211_T_DS)
944 i = 1;
945 else
946 i = 0;
947
948 chans = malloc(sizeof(*chans), M_TEMP, M_WAITOK|M_ZERO);
949
950 for (; i <= IEEE80211_CHAN_MAX; i++)
951 if (isset(ic->ic_chan_avail, i)) {
952 struct ieee80211_channel *c = &ic->ic_channels[i];
953 chans->ic_chans[chans->ic_nchans].ic_freq = c->ic_freq;
954 chans->ic_chans[chans->ic_nchans].ic_flags = c->ic_flags;
955 chans->ic_nchans++;
956 }
957 space = __offsetof(struct ieee80211req_chaninfo,
958 ic_chans[chans->ic_nchans]);
959 if (space > ireq->i_len)
960 space = ireq->i_len;
961 error = copyout(chans, ireq->i_data, space);
962 free(chans, M_TEMP);
963 return error;
964 }
965
966 static int
967 ieee80211_ioctl_getwpaie(struct ieee80211com *ic, struct ieee80211req *ireq)
968 {
969 struct ieee80211_node *ni;
970 struct ieee80211req_wpaie wpaie;
971 int error;
972
973 if (ireq->i_len < IEEE80211_ADDR_LEN)
974 return EINVAL;
975 error = copyin(ireq->i_data, wpaie.wpa_macaddr, IEEE80211_ADDR_LEN);
976 if (error != 0)
977 return error;
978 ni = ieee80211_find_node(&ic->ic_sta, wpaie.wpa_macaddr);
979 if (ni == NULL)
980 return EINVAL; /* XXX */
981 memset(wpaie.wpa_ie, 0, sizeof(wpaie.wpa_ie));
982 if (ni->ni_wpa_ie != NULL) {
983 int ielen = ni->ni_wpa_ie[1] + 2;
984 if (ielen > sizeof(wpaie.wpa_ie))
985 ielen = sizeof(wpaie.wpa_ie);
986 memcpy(wpaie.wpa_ie, ni->ni_wpa_ie, ielen);
987 }
988 ieee80211_free_node(ni);
989 if (ireq->i_len > sizeof(wpaie))
990 ireq->i_len = sizeof(wpaie);
991 return copyout(&wpaie, ireq->i_data, ireq->i_len);
992 }
993
994 static int
995 ieee80211_ioctl_getstastats(struct ieee80211com *ic, struct ieee80211req *ireq)
996 {
997 struct ieee80211_node *ni;
998 u_int8_t macaddr[IEEE80211_ADDR_LEN];
999 const int off = __offsetof(struct ieee80211req_sta_stats, is_stats);
1000 int error;
1001
1002 if (ireq->i_len < off)
1003 return EINVAL;
1004 error = copyin(ireq->i_data, macaddr, IEEE80211_ADDR_LEN);
1005 if (error != 0)
1006 return error;
1007 ni = ieee80211_find_node(&ic->ic_sta, macaddr);
1008 if (ni == NULL)
1009 return EINVAL; /* XXX */
1010 if (ireq->i_len > sizeof(struct ieee80211req_sta_stats))
1011 ireq->i_len = sizeof(struct ieee80211req_sta_stats);
1012 /* NB: copy out only the statistics */
1013 error = copyout(&ni->ni_stats, (u_int8_t *) ireq->i_data + off,
1014 ireq->i_len - off);
1015 ieee80211_free_node(ni);
1016 return error;
1017 }
1018
1019 static void
1020 get_scan_result(struct ieee80211req_scan_result *sr,
1021 const struct ieee80211_node *ni)
1022 {
1023 struct ieee80211com *ic = ni->ni_ic;
1024 u_int ielen = 0;
1025
1026 memset(sr, 0, sizeof(*sr));
1027 sr->isr_ssid_len = ni->ni_esslen;
1028 if (ni->ni_wpa_ie != NULL)
1029 ielen += 2+ni->ni_wpa_ie[1];
1030 if (ni->ni_wme_ie != NULL)
1031 ielen += 2+ni->ni_wme_ie[1];
1032
1033 /*
1034 * The value sr->isr_ie_len is defined as a uint8_t, so we
1035 * need to be careful to avoid an integer overflow. If the
1036 * value would overflow, we will set isr_ie_len to zero, and
1037 * ieee80211_ioctl_getscanresults (below) will avoid copying
1038 * the (overflowing) data.
1039 */
1040 if (ielen > 255)
1041 ielen = 0;
1042 sr->isr_ie_len = ielen;
1043 sr->isr_len = sizeof(*sr) + sr->isr_ssid_len + sr->isr_ie_len;
1044 sr->isr_len = roundup(sr->isr_len, sizeof(u_int32_t));
1045 if (ni->ni_chan != IEEE80211_CHAN_ANYC) {
1046 sr->isr_freq = ni->ni_chan->ic_freq;
1047 sr->isr_flags = ni->ni_chan->ic_flags;
1048 }
1049 sr->isr_rssi = ic->ic_node_getrssi(ni);
1050 sr->isr_intval = ni->ni_intval;
1051 sr->isr_capinfo = ni->ni_capinfo;
1052 sr->isr_erp = ni->ni_erp;
1053 IEEE80211_ADDR_COPY(sr->isr_bssid, ni->ni_bssid);
1054 sr->isr_nrates = ni->ni_rates.rs_nrates;
1055 if (sr->isr_nrates > 15)
1056 sr->isr_nrates = 15;
1057 memcpy(sr->isr_rates, ni->ni_rates.rs_rates, sr->isr_nrates);
1058 }
1059
1060 static int
1061 ieee80211_ioctl_getscanresults(struct ieee80211com *ic, struct ieee80211req *ireq)
1062 {
1063 union {
1064 struct ieee80211req_scan_result res;
1065 char data[sizeof(struct ieee80211req_scan_result) + IEEE80211_NWID_LEN + 256 * 2];
1066 } u;
1067 struct ieee80211req_scan_result *sr = &u.res;
1068 struct ieee80211_node_table *nt;
1069 struct ieee80211_node *ni;
1070 int error, space;
1071 u_int8_t *p, *cp;
1072
1073 p = ireq->i_data;
1074 space = ireq->i_len;
1075 error = 0;
1076 /* XXX locking */
1077 nt = &ic->ic_scan;
1078 TAILQ_FOREACH(ni, &nt->nt_node, ni_list) {
1079 /* NB: skip pre-scan node state */
1080 if (ni->ni_chan == IEEE80211_CHAN_ANYC)
1081 continue;
1082 get_scan_result(sr, ni);
1083 if (sr->isr_len > sizeof(u))
1084 continue; /* XXX */
1085 if (space < sr->isr_len)
1086 break;
1087 cp = (u_int8_t *)(sr+1);
1088 memcpy(cp, ni->ni_essid, ni->ni_esslen);
1089 cp += ni->ni_esslen;
1090 if (sr->isr_ie_len > 0 && ni->ni_wpa_ie != NULL) {
1091 memcpy(cp, ni->ni_wpa_ie, 2+ni->ni_wpa_ie[1]);
1092 cp += 2+ni->ni_wpa_ie[1];
1093 }
1094 if (sr->isr_ie_len > 0 && ni->ni_wme_ie != NULL) {
1095 memcpy(cp, ni->ni_wme_ie, 2+ni->ni_wme_ie[1]);
1096 cp += 2+ni->ni_wme_ie[1];
1097 }
1098 error = copyout(sr, p, sr->isr_len);
1099 if (error)
1100 break;
1101 p += sr->isr_len;
1102 space -= sr->isr_len;
1103 }
1104 ireq->i_len -= space;
1105 return error;
1106 }
1107
1108 struct stainforeq {
1109 struct ieee80211com *ic;
1110 struct ieee80211req_sta_info *si;
1111 size_t space;
1112 };
1113
1114 static size_t
1115 sta_space(const struct ieee80211_node *ni, size_t *ielen)
1116 {
1117 *ielen = 0;
1118 if (ni->ni_wpa_ie != NULL)
1119 *ielen += 2+ni->ni_wpa_ie[1];
1120 if (ni->ni_wme_ie != NULL)
1121 *ielen += 2+ni->ni_wme_ie[1];
1122 return roundup(sizeof(struct ieee80211req_sta_info) + *ielen,
1123 sizeof(u_int32_t));
1124 }
1125
1126 static void
1127 get_sta_space(void *arg, struct ieee80211_node *ni)
1128 {
1129 struct stainforeq *req = arg;
1130 struct ieee80211com *ic = ni->ni_ic;
1131 size_t ielen;
1132
1133 if (ic->ic_opmode == IEEE80211_M_HOSTAP &&
1134 ni->ni_associd == 0) /* only associated stations */
1135 return;
1136 req->space += sta_space(ni, &ielen);
1137 }
1138
1139 static void
1140 get_sta_info(void *arg, struct ieee80211_node *ni)
1141 {
1142 struct stainforeq *req = arg;
1143 struct ieee80211com *ic = ni->ni_ic;
1144 struct ieee80211req_sta_info *si;
1145 size_t ielen, len;
1146 u_int8_t *cp;
1147
1148 if (ic->ic_opmode == IEEE80211_M_HOSTAP &&
1149 ni->ni_associd == 0) /* only associated stations */
1150 return;
1151 if (ni->ni_chan == IEEE80211_CHAN_ANYC) /* XXX bogus entry */
1152 return;
1153 len = sta_space(ni, &ielen);
1154 if (len > req->space)
1155 return;
1156 si = req->si;
1157 si->isi_len = len;
1158 si->isi_ie_len = ielen;
1159 si->isi_freq = ni->ni_chan->ic_freq;
1160 si->isi_flags = ni->ni_chan->ic_flags;
1161 si->isi_state = ni->ni_flags;
1162 si->isi_authmode = ni->ni_authmode;
1163 si->isi_rssi = ic->ic_node_getrssi(ni);
1164 si->isi_capinfo = ni->ni_capinfo;
1165 si->isi_erp = ni->ni_erp;
1166 IEEE80211_ADDR_COPY(si->isi_macaddr, ni->ni_macaddr);
1167 si->isi_nrates = ni->ni_rates.rs_nrates;
1168 if (si->isi_nrates > 15)
1169 si->isi_nrates = 15;
1170 memcpy(si->isi_rates, ni->ni_rates.rs_rates, si->isi_nrates);
1171 si->isi_txrate = ni->ni_txrate;
1172 si->isi_associd = ni->ni_associd;
1173 si->isi_txpower = ni->ni_txpower;
1174 si->isi_vlan = ni->ni_vlan;
1175 if (ni->ni_flags & IEEE80211_NODE_QOS) {
1176 memcpy(si->isi_txseqs, ni->ni_txseqs, sizeof(ni->ni_txseqs));
1177 memcpy(si->isi_rxseqs, ni->ni_rxseqs, sizeof(ni->ni_rxseqs));
1178 } else {
1179 si->isi_txseqs[0] = ni->ni_txseqs[0];
1180 si->isi_rxseqs[0] = ni->ni_rxseqs[0];
1181 }
1182 /* NB: leave all cases in case we relax ni_associd == 0 check */
1183 if (ieee80211_node_is_authorized(ni))
1184 si->isi_inact = ic->ic_inact_run;
1185 else if (ni->ni_associd != 0)
1186 si->isi_inact = ic->ic_inact_auth;
1187 else
1188 si->isi_inact = ic->ic_inact_init;
1189 si->isi_inact = (si->isi_inact - ni->ni_inact) * IEEE80211_INACT_WAIT;
1190
1191 cp = (u_int8_t *)(si+1);
1192 if (ni->ni_wpa_ie != NULL) {
1193 memcpy(cp, ni->ni_wpa_ie, 2+ni->ni_wpa_ie[1]);
1194 cp += 2+ni->ni_wpa_ie[1];
1195 }
1196 if (ni->ni_wme_ie != NULL) {
1197 memcpy(cp, ni->ni_wme_ie, 2+ni->ni_wme_ie[1]);
1198 cp += 2+ni->ni_wme_ie[1];
1199 }
1200
1201 req->si = (struct ieee80211req_sta_info *)(((u_int8_t *)si) + len);
1202 req->space -= len;
1203 }
1204
1205 static int
1206 ieee80211_ioctl_getstainfo(struct ieee80211com *ic, struct ieee80211req *ireq)
1207 {
1208 struct stainforeq req;
1209 int error;
1210
1211 if (ireq->i_len < sizeof(struct stainforeq))
1212 return EFAULT;
1213
1214 error = 0;
1215 req.space = 0;
1216 ieee80211_iterate_nodes(&ic->ic_sta, get_sta_space, &req);
1217 if (req.space > ireq->i_len)
1218 req.space = ireq->i_len;
1219 if (req.space > 0) {
1220 size_t space;
1221 void *p;
1222
1223 space = req.space;
1224 /* XXX M_WAITOK after driver lock released */
1225 p = malloc(space, M_TEMP, M_NOWAIT);
1226 if (p == NULL)
1227 return ENOMEM;
1228 req.si = p;
1229 ieee80211_iterate_nodes(&ic->ic_sta, get_sta_info, &req);
1230 ireq->i_len = space - req.space;
1231 error = copyout(p, ireq->i_data, ireq->i_len);
1232 FREE(p, M_TEMP);
1233 } else
1234 ireq->i_len = 0;
1235
1236 return error;
1237 }
1238
1239 static int
1240 ieee80211_ioctl_getstatxpow(struct ieee80211com *ic, struct ieee80211req *ireq)
1241 {
1242 struct ieee80211_node *ni;
1243 struct ieee80211req_sta_txpow txpow;
1244 int error;
1245
1246 if (ireq->i_len != sizeof(txpow))
1247 return EINVAL;
1248 error = copyin(ireq->i_data, &txpow, sizeof(txpow));
1249 if (error != 0)
1250 return error;
1251 ni = ieee80211_find_node(&ic->ic_sta, txpow.it_macaddr);
1252 if (ni == NULL)
1253 return EINVAL; /* XXX */
1254 txpow.it_txpow = ni->ni_txpower;
1255 error = copyout(&txpow, ireq->i_data, sizeof(txpow));
1256 ieee80211_free_node(ni);
1257 return error;
1258 }
1259
1260 static int
1261 ieee80211_ioctl_getwmeparam(struct ieee80211com *ic, struct ieee80211req *ireq)
1262 {
1263 struct ieee80211_wme_state *wme = &ic->ic_wme;
1264 struct wmeParams *wmep;
1265 int ac;
1266
1267 if ((ic->ic_caps & IEEE80211_C_WME) == 0)
1268 return EINVAL;
1269
1270 ac = (ireq->i_len & IEEE80211_WMEPARAM_VAL);
1271 if (ac >= WME_NUM_AC)
1272 ac = WME_AC_BE;
1273 if (ireq->i_len & IEEE80211_WMEPARAM_BSS)
1274 wmep = &wme->wme_wmeBssChanParams.cap_wmeParams[ac];
1275 else
1276 wmep = &wme->wme_wmeChanParams.cap_wmeParams[ac];
1277 switch (ireq->i_type) {
1278 case IEEE80211_IOC_WME_CWMIN: /* WME: CWmin */
1279 ireq->i_val = wmep->wmep_logcwmin;
1280 break;
1281 case IEEE80211_IOC_WME_CWMAX: /* WME: CWmax */
1282 ireq->i_val = wmep->wmep_logcwmax;
1283 break;
1284 case IEEE80211_IOC_WME_AIFS: /* WME: AIFS */
1285 ireq->i_val = wmep->wmep_aifsn;
1286 break;
1287 case IEEE80211_IOC_WME_TXOPLIMIT: /* WME: txops limit */
1288 ireq->i_val = wmep->wmep_txopLimit;
1289 break;
1290 case IEEE80211_IOC_WME_ACM: /* WME: ACM (bss only) */
1291 wmep = &wme->wme_wmeBssChanParams.cap_wmeParams[ac];
1292 ireq->i_val = wmep->wmep_acm;
1293 break;
1294 case IEEE80211_IOC_WME_ACKPOLICY: /* WME: ACK policy (!bss only)*/
1295 wmep = &wme->wme_wmeChanParams.cap_wmeParams[ac];
1296 ireq->i_val = !wmep->wmep_noackPolicy;
1297 break;
1298 }
1299 return 0;
1300 }
1301
1302 static int
1303 ieee80211_ioctl_getmaccmd(struct ieee80211com *ic, struct ieee80211req *ireq)
1304 {
1305 const struct ieee80211_aclator *acl = ic->ic_acl;
1306
1307 return (acl == NULL ? EINVAL : acl->iac_getioctl(ic, ireq));
1308 }
1309
1310 /*
1311 * When building the kernel with -O2 on the i386 architecture, gcc
1312 * seems to want to inline this function into ieee80211_ioctl()
1313 * (which is the only routine that calls it). When this happens,
1314 * ieee80211_ioctl() ends up consuming an additional 2K of stack
1315 * space. (Exactly why it needs so much is unclear.) The problem
1316 * is that it's possible for ieee80211_ioctl() to invoke other
1317 * routines (including driver init functions) which could then find
1318 * themselves perilously close to exhausting the stack.
1319 *
1320 * To avoid this, we deliberately prevent gcc from inlining this
1321 * routine. Another way to avoid this is to use less agressive
1322 * optimization when compiling this file (i.e. -O instead of -O2)
1323 * but special-casing the compilation of this one module in the
1324 * build system would be awkward.
1325 */
1326 #ifdef __GNUC__
1327 __attribute__ ((__noinline__))
1328 #endif
1329 static int
1330 ieee80211_ioctl_get80211(struct ieee80211com *ic, u_long cmd,
1331 struct ieee80211req *ireq)
1332 {
1333 const struct ieee80211_rsnparms *rsn = &ic->ic_bss->ni_rsn;
1334 int error = 0;
1335 #if defined(__FreeBSD__) || defined(COMPAT_FREEBSD_NET80211)
1336 u_int kid, len;
1337 u_int8_t tmpkey[IEEE80211_KEYBUF_SIZE];
1338 char tmpssid[IEEE80211_NWID_LEN];
1339 #endif /* __FreeBSD__ || COMPAT_FREEBSD_NET80211 */
1340 u_int m;
1341
1342 switch (ireq->i_type) {
1343 #if defined(__FreeBSD__) || defined(COMPAT_FREEBSD_NET80211)
1344 case IEEE80211_IOC_SSID:
1345 switch (ic->ic_state) {
1346 case IEEE80211_S_INIT:
1347 case IEEE80211_S_SCAN:
1348 ireq->i_len = ic->ic_des_esslen;
1349 memcpy(tmpssid, ic->ic_des_essid, ireq->i_len);
1350 break;
1351 default:
1352 ireq->i_len = ic->ic_bss->ni_esslen;
1353 memcpy(tmpssid, ic->ic_bss->ni_essid,
1354 ireq->i_len);
1355 break;
1356 }
1357 error = copyout(tmpssid, ireq->i_data, ireq->i_len);
1358 break;
1359 case IEEE80211_IOC_NUMSSIDS:
1360 ireq->i_val = 1;
1361 break;
1362 case IEEE80211_IOC_WEP:
1363 if ((ic->ic_flags & IEEE80211_F_PRIVACY) == 0)
1364 ireq->i_val = IEEE80211_WEP_OFF;
1365 else if (ic->ic_flags & IEEE80211_F_DROPUNENC)
1366 ireq->i_val = IEEE80211_WEP_ON;
1367 else
1368 ireq->i_val = IEEE80211_WEP_MIXED;
1369 break;
1370 case IEEE80211_IOC_WEPKEY:
1371 kid = (u_int) ireq->i_val;
1372 if (kid >= IEEE80211_WEP_NKID)
1373 return EINVAL;
1374 len = (u_int) ic->ic_nw_keys[kid].wk_keylen;
1375 /* NB: only root can read WEP keys */
1376 if (kauth_authorize_network(curlwp->l_cred,
1377 KAUTH_NETWORK_INTERFACE,
1378 KAUTH_REQ_NETWORK_INTERFACE_GETPRIV, ifp, NULL,
1379 NULL) == 0) {
1380 bcopy(ic->ic_nw_keys[kid].wk_key, tmpkey, len);
1381 } else {
1382 bzero(tmpkey, len);
1383 }
1384 ireq->i_len = len;
1385 error = copyout(tmpkey, ireq->i_data, len);
1386 break;
1387 case IEEE80211_IOC_NUMWEPKEYS:
1388 ireq->i_val = IEEE80211_WEP_NKID;
1389 break;
1390 case IEEE80211_IOC_WEPTXKEY:
1391 ireq->i_val = ic->ic_def_txkey;
1392 break;
1393 #endif /* __FreeBSD__ || COMPAT_FREEBSD_NET80211 */
1394 case IEEE80211_IOC_AUTHMODE:
1395 if (ic->ic_flags & IEEE80211_F_WPA)
1396 ireq->i_val = IEEE80211_AUTH_WPA;
1397 else
1398 ireq->i_val = ic->ic_bss->ni_authmode;
1399 break;
1400 #if defined(__FreeBSD__) || defined(COMPAT_FREEBSD_NET80211)
1401 case IEEE80211_IOC_CHANNEL:
1402 ireq->i_val = ieee80211_chan2ieee(ic, ic->ic_curchan);
1403 break;
1404 case IEEE80211_IOC_POWERSAVE:
1405 if (ic->ic_flags & IEEE80211_F_PMGTON)
1406 ireq->i_val = IEEE80211_POWERSAVE_ON;
1407 else
1408 ireq->i_val = IEEE80211_POWERSAVE_OFF;
1409 break;
1410 case IEEE80211_IOC_POWERSAVESLEEP:
1411 ireq->i_val = ic->ic_lintval;
1412 break;
1413 #endif /* __FreeBSD__ || COMPAT_FREEBSD_NET80211 */
1414 case IEEE80211_IOC_RTSTHRESHOLD:
1415 ireq->i_val = ic->ic_rtsthreshold;
1416 break;
1417 case IEEE80211_IOC_PROTMODE:
1418 ireq->i_val = ic->ic_protmode;
1419 break;
1420 case IEEE80211_IOC_TXPOWER:
1421 if ((ic->ic_caps & IEEE80211_C_TXPMGT) == 0)
1422 return EINVAL;
1423 ireq->i_val = ic->ic_txpowlimit;
1424 break;
1425 case IEEE80211_IOC_MCASTCIPHER:
1426 ireq->i_val = rsn->rsn_mcastcipher;
1427 break;
1428 case IEEE80211_IOC_MCASTKEYLEN:
1429 ireq->i_val = rsn->rsn_mcastkeylen;
1430 break;
1431 case IEEE80211_IOC_UCASTCIPHERS:
1432 ireq->i_val = 0;
1433 for (m = 0x1; m != 0; m <<= 1)
1434 if (rsn->rsn_ucastcipherset & m)
1435 ireq->i_val |= 1<<cap2cipher(m);
1436 break;
1437 case IEEE80211_IOC_UCASTCIPHER:
1438 ireq->i_val = rsn->rsn_ucastcipher;
1439 break;
1440 case IEEE80211_IOC_UCASTKEYLEN:
1441 ireq->i_val = rsn->rsn_ucastkeylen;
1442 break;
1443 case IEEE80211_IOC_KEYMGTALGS:
1444 ireq->i_val = rsn->rsn_keymgmtset;
1445 break;
1446 case IEEE80211_IOC_RSNCAPS:
1447 ireq->i_val = rsn->rsn_caps;
1448 break;
1449 case IEEE80211_IOC_WPA:
1450 switch (ic->ic_flags & IEEE80211_F_WPA) {
1451 case IEEE80211_F_WPA1:
1452 ireq->i_val = 1;
1453 break;
1454 case IEEE80211_F_WPA2:
1455 ireq->i_val = 2;
1456 break;
1457 case IEEE80211_F_WPA1 | IEEE80211_F_WPA2:
1458 ireq->i_val = 3;
1459 break;
1460 default:
1461 ireq->i_val = 0;
1462 break;
1463 }
1464 break;
1465 case IEEE80211_IOC_CHANLIST:
1466 error = ieee80211_ioctl_getchanlist(ic, ireq);
1467 break;
1468 case IEEE80211_IOC_ROAMING:
1469 ireq->i_val = ic->ic_roaming;
1470 break;
1471 case IEEE80211_IOC_PRIVACY:
1472 ireq->i_val = (ic->ic_flags & IEEE80211_F_PRIVACY) != 0;
1473 break;
1474 case IEEE80211_IOC_DROPUNENCRYPTED:
1475 ireq->i_val = (ic->ic_flags & IEEE80211_F_DROPUNENC) != 0;
1476 break;
1477 case IEEE80211_IOC_COUNTERMEASURES:
1478 ireq->i_val = (ic->ic_flags & IEEE80211_F_COUNTERM) != 0;
1479 break;
1480 case IEEE80211_IOC_DRIVER_CAPS:
1481 ireq->i_val = ic->ic_caps>>16;
1482 ireq->i_len = ic->ic_caps&0xffff;
1483 break;
1484 case IEEE80211_IOC_WME:
1485 ireq->i_val = (ic->ic_flags & IEEE80211_F_WME) != 0;
1486 break;
1487 case IEEE80211_IOC_HIDESSID:
1488 ireq->i_val = (ic->ic_flags & IEEE80211_F_HIDESSID) != 0;
1489 break;
1490 case IEEE80211_IOC_APBRIDGE:
1491 ireq->i_val = (ic->ic_flags & IEEE80211_F_NOBRIDGE) == 0;
1492 break;
1493 case IEEE80211_IOC_OPTIE:
1494 if (ic->ic_opt_ie == NULL)
1495 return EINVAL;
1496 /* NB: truncate, caller can check length */
1497 if (ireq->i_len > ic->ic_opt_ie_len)
1498 ireq->i_len = ic->ic_opt_ie_len;
1499 error = copyout(ic->ic_opt_ie, ireq->i_data, ireq->i_len);
1500 break;
1501 case IEEE80211_IOC_WPAKEY:
1502 error = ieee80211_ioctl_getkey(ic, ireq);
1503 break;
1504 case IEEE80211_IOC_CHANINFO:
1505 error = ieee80211_ioctl_getchaninfo(ic, ireq);
1506 break;
1507 #if defined(__FreeBSD__) || defined(COMPAT_FREEBSD_NET80211)
1508 case IEEE80211_IOC_BSSID:
1509 if (ireq->i_len != IEEE80211_ADDR_LEN)
1510 return EINVAL;
1511 error = copyout(ic->ic_state == IEEE80211_S_RUN ?
1512 ic->ic_bss->ni_bssid :
1513 ic->ic_des_bssid,
1514 ireq->i_data, ireq->i_len);
1515 break;
1516 #endif /* __FreeBSD__ || COMPAT_FREEBSD_NET80211 */
1517 case IEEE80211_IOC_WPAIE:
1518 error = ieee80211_ioctl_getwpaie(ic, ireq);
1519 break;
1520 case IEEE80211_IOC_SCAN_RESULTS:
1521 error = ieee80211_ioctl_getscanresults(ic, ireq);
1522 break;
1523 case IEEE80211_IOC_STA_STATS:
1524 error = ieee80211_ioctl_getstastats(ic, ireq);
1525 break;
1526 case IEEE80211_IOC_TXPOWMAX:
1527 ireq->i_val = ic->ic_bss->ni_txpower;
1528 break;
1529 case IEEE80211_IOC_STA_TXPOW:
1530 error = ieee80211_ioctl_getstatxpow(ic, ireq);
1531 break;
1532 case IEEE80211_IOC_STA_INFO:
1533 error = ieee80211_ioctl_getstainfo(ic, ireq);
1534 break;
1535 case IEEE80211_IOC_WME_CWMIN: /* WME: CWmin */
1536 case IEEE80211_IOC_WME_CWMAX: /* WME: CWmax */
1537 case IEEE80211_IOC_WME_AIFS: /* WME: AIFS */
1538 case IEEE80211_IOC_WME_TXOPLIMIT: /* WME: txops limit */
1539 case IEEE80211_IOC_WME_ACM: /* WME: ACM (bss only) */
1540 case IEEE80211_IOC_WME_ACKPOLICY: /* WME: ACK policy (bss only) */
1541 error = ieee80211_ioctl_getwmeparam(ic, ireq);
1542 break;
1543 case IEEE80211_IOC_DTIM_PERIOD:
1544 ireq->i_val = ic->ic_dtim_period;
1545 break;
1546 case IEEE80211_IOC_BEACON_INTERVAL:
1547 /* NB: get from ic_bss for station mode */
1548 ireq->i_val = ic->ic_bss->ni_intval;
1549 break;
1550 case IEEE80211_IOC_PUREG:
1551 ireq->i_val = (ic->ic_flags & IEEE80211_F_PUREG) != 0;
1552 break;
1553 case IEEE80211_IOC_MCAST_RATE:
1554 ireq->i_val = ic->ic_mcast_rate;
1555 break;
1556 case IEEE80211_IOC_FRAGTHRESHOLD:
1557 ireq->i_val = ic->ic_fragthreshold;
1558 break;
1559 case IEEE80211_IOC_MACCMD:
1560 error = ieee80211_ioctl_getmaccmd(ic, ireq);
1561 break;
1562 default:
1563 error = EINVAL;
1564 break;
1565 }
1566 return error;
1567 }
1568
1569 static int
1570 ieee80211_ioctl_setoptie(struct ieee80211com *ic, struct ieee80211req *ireq)
1571 {
1572 int error;
1573 void *ie;
1574
1575 /*
1576 * NB: Doing this for ap operation could be useful (e.g. for
1577 * WPA and/or WME) except that it typically is worthless
1578 * without being able to intervene when processing
1579 * association response frames--so disallow it for now.
1580 */
1581 if (ic->ic_opmode != IEEE80211_M_STA)
1582 return EINVAL;
1583 if (ireq->i_len > IEEE80211_MAX_OPT_IE)
1584 return EINVAL;
1585 /* NB: data.length is validated by the wireless extensions code */
1586 ie = malloc(ireq->i_len, M_DEVBUF, M_WAITOK);
1587 if (ie == NULL)
1588 return ENOMEM;
1589 error = copyin(ireq->i_data, ie, ireq->i_len);
1590 /* XXX sanity check data? */
1591 if (ic->ic_opt_ie != NULL)
1592 FREE(ic->ic_opt_ie, M_DEVBUF);
1593 ic->ic_opt_ie = ie;
1594 ic->ic_opt_ie_len = ireq->i_len;
1595 return 0;
1596 }
1597
1598 static int
1599 ieee80211_ioctl_setkey(struct ieee80211com *ic, struct ieee80211req *ireq)
1600 {
1601 struct ieee80211req_key ik;
1602 struct ieee80211_node *ni;
1603 struct ieee80211_key *wk;
1604 u_int16_t kid;
1605 int error;
1606
1607 if (ireq->i_len != sizeof(ik))
1608 return EINVAL;
1609 error = copyin(ireq->i_data, &ik, sizeof(ik));
1610 if (error)
1611 return error;
1612 /* NB: cipher support is verified by ieee80211_crypt_newkey */
1613 /* NB: this also checks ik->ik_keylen > sizeof(wk->wk_key) */
1614 if (ik.ik_keylen > sizeof(ik.ik_keydata))
1615 return E2BIG;
1616 kid = ik.ik_keyix;
1617 if (kid == IEEE80211_KEYIX_NONE) {
1618 /* XXX unicast keys currently must be tx/rx */
1619 if (ik.ik_flags != (IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV))
1620 return EINVAL;
1621 if (ic->ic_opmode == IEEE80211_M_STA) {
1622 ni = ieee80211_ref_node(ic->ic_bss);
1623 if (!IEEE80211_ADDR_EQ(ik.ik_macaddr, ni->ni_bssid)) {
1624 ieee80211_free_node(ni);
1625 return EADDRNOTAVAIL;
1626 }
1627 } else {
1628 ni = ieee80211_find_node(&ic->ic_sta, ik.ik_macaddr);
1629 if (ni == NULL)
1630 return ENOENT;
1631 }
1632 wk = &ni->ni_ucastkey;
1633 } else {
1634 if (kid >= IEEE80211_WEP_NKID)
1635 return EINVAL;
1636 wk = &ic->ic_nw_keys[kid];
1637 ni = NULL;
1638 }
1639 error = 0;
1640 ieee80211_key_update_begin(ic);
1641 if (ieee80211_crypto_newkey(ic, ik.ik_type, ik.ik_flags, wk)) {
1642 wk->wk_keylen = ik.ik_keylen;
1643 /* NB: MIC presence is implied by cipher type */
1644 if (wk->wk_keylen > IEEE80211_KEYBUF_SIZE)
1645 wk->wk_keylen = IEEE80211_KEYBUF_SIZE;
1646 wk->wk_keyrsc = ik.ik_keyrsc;
1647 wk->wk_keytsc = 0; /* new key, reset */
1648 memset(wk->wk_key, 0, sizeof(wk->wk_key));
1649 memcpy(wk->wk_key, ik.ik_keydata, ik.ik_keylen);
1650 if (!ieee80211_crypto_setkey(ic, wk,
1651 ni != NULL ? ni->ni_macaddr : ik.ik_macaddr))
1652 error = EIO;
1653 else if ((ik.ik_flags & IEEE80211_KEY_DEFAULT))
1654 ic->ic_def_txkey = kid;
1655 } else
1656 error = ENXIO;
1657 ieee80211_key_update_end(ic);
1658 if (ni != NULL)
1659 ieee80211_free_node(ni);
1660 return error;
1661 }
1662
1663 static int
1664 ieee80211_ioctl_delkey(struct ieee80211com *ic, struct ieee80211req *ireq)
1665 {
1666 struct ieee80211req_del_key dk;
1667 int kid, error;
1668
1669 if (ireq->i_len != sizeof(dk))
1670 return EINVAL;
1671 error = copyin(ireq->i_data, &dk, sizeof(dk));
1672 if (error)
1673 return error;
1674 kid = dk.idk_keyix;
1675 /* XXX u_int8_t -> u_int16_t */
1676 if (dk.idk_keyix == (u_int8_t) IEEE80211_KEYIX_NONE) {
1677 struct ieee80211_node *ni;
1678
1679 if (ic->ic_opmode == IEEE80211_M_STA) {
1680 ni = ieee80211_ref_node(ic->ic_bss);
1681 if (!IEEE80211_ADDR_EQ(dk.idk_macaddr, ni->ni_bssid)) {
1682 ieee80211_free_node(ni);
1683 return EADDRNOTAVAIL;
1684 }
1685 } else {
1686 ni = ieee80211_find_node(&ic->ic_sta, dk.idk_macaddr);
1687 if (ni == NULL)
1688 return ENOENT;
1689 }
1690 /* XXX error return */
1691 ieee80211_node_delucastkey(ni);
1692 ieee80211_free_node(ni);
1693 } else {
1694 if (kid >= IEEE80211_WEP_NKID)
1695 return EINVAL;
1696 /* XXX error return */
1697 ieee80211_crypto_delkey(ic, &ic->ic_nw_keys[kid]);
1698 }
1699 return 0;
1700 }
1701
1702 #ifndef IEEE80211_NO_HOSTAP
1703 static void
1704 domlme(void *arg, struct ieee80211_node *ni)
1705 {
1706 struct ieee80211com *ic = ni->ni_ic;
1707 struct ieee80211req_mlme *mlme = arg;
1708
1709 if (ni->ni_associd != 0) {
1710 IEEE80211_SEND_MGMT(ic, ni,
1711 mlme->im_op == IEEE80211_MLME_DEAUTH ?
1712 IEEE80211_FC0_SUBTYPE_DEAUTH :
1713 IEEE80211_FC0_SUBTYPE_DISASSOC,
1714 mlme->im_reason);
1715 }
1716 ieee80211_node_leave(ic, ni);
1717 }
1718 #endif /* !IEEE80211_NO_HOSTAP */
1719
1720 static int
1721 ieee80211_ioctl_setmlme(struct ieee80211com *ic, struct ieee80211req *ireq)
1722 {
1723 struct ieee80211req_mlme mlme;
1724 struct ieee80211_node *ni;
1725 int error;
1726
1727 if (ireq->i_len != sizeof(mlme))
1728 return EINVAL;
1729 error = copyin(ireq->i_data, &mlme, sizeof(mlme));
1730 if (error)
1731 return error;
1732 switch (mlme.im_op) {
1733 case IEEE80211_MLME_ASSOC:
1734 if (ic->ic_opmode != IEEE80211_M_STA)
1735 return EINVAL;
1736 /* XXX must be in S_SCAN state? */
1737
1738 if (mlme.im_ssid_len != 0) {
1739 /*
1740 * Desired ssid specified; must match both bssid and
1741 * ssid to distinguish ap advertising multiple ssid's.
1742 */
1743 ni = ieee80211_find_node_with_ssid(&ic->ic_scan,
1744 mlme.im_macaddr,
1745 mlme.im_ssid_len, mlme.im_ssid);
1746 } else {
1747 /*
1748 * Normal case; just match bssid.
1749 */
1750 ni = ieee80211_find_node(&ic->ic_scan, mlme.im_macaddr);
1751 }
1752 if (ni == NULL)
1753 return EINVAL;
1754 if (!ieee80211_sta_join(ic, ni)) {
1755 ieee80211_free_node(ni);
1756 return EINVAL;
1757 }
1758 break;
1759 case IEEE80211_MLME_DISASSOC:
1760 case IEEE80211_MLME_DEAUTH:
1761 switch (ic->ic_opmode) {
1762 case IEEE80211_M_STA:
1763 /* XXX not quite right */
1764 ieee80211_new_state(ic, IEEE80211_S_INIT,
1765 mlme.im_reason);
1766 break;
1767 case IEEE80211_M_HOSTAP:
1768 #ifndef IEEE80211_NO_HOSTAP
1769 /* NB: the broadcast address means do 'em all */
1770 if (!IEEE80211_ADDR_EQ(mlme.im_macaddr, ic->ic_ifp->if_broadcastaddr)) {
1771 if ((ni = ieee80211_find_node(&ic->ic_sta,
1772 mlme.im_macaddr)) == NULL)
1773 return EINVAL;
1774 domlme(&mlme, ni);
1775 ieee80211_free_node(ni);
1776 } else {
1777 ieee80211_iterate_nodes(&ic->ic_sta,
1778 domlme, &mlme);
1779 }
1780 #endif /* !IEEE80211_NO_HOSTAP */
1781 break;
1782 default:
1783 return EINVAL;
1784 }
1785 break;
1786 case IEEE80211_MLME_AUTHORIZE:
1787 case IEEE80211_MLME_UNAUTHORIZE:
1788 if (ic->ic_opmode != IEEE80211_M_HOSTAP)
1789 return EINVAL;
1790 ni = ieee80211_find_node(&ic->ic_sta, mlme.im_macaddr);
1791 if (ni == NULL)
1792 return EINVAL;
1793 if (mlme.im_op == IEEE80211_MLME_AUTHORIZE)
1794 ieee80211_node_authorize(ni);
1795 else
1796 ieee80211_node_unauthorize(ni);
1797 ieee80211_free_node(ni);
1798 break;
1799 default:
1800 return EINVAL;
1801 }
1802 return 0;
1803 }
1804
1805 static int
1806 ieee80211_ioctl_macmac(struct ieee80211com *ic, struct ieee80211req *ireq)
1807 {
1808 u_int8_t mac[IEEE80211_ADDR_LEN];
1809 const struct ieee80211_aclator *acl = ic->ic_acl;
1810 int error;
1811
1812 if (ireq->i_len != sizeof(mac))
1813 return EINVAL;
1814 error = copyin(ireq->i_data, mac, ireq->i_len);
1815 if (error)
1816 return error;
1817 if (acl == NULL) {
1818 acl = ieee80211_aclator_get("mac");
1819 if (acl == NULL || !acl->iac_attach(ic))
1820 return EINVAL;
1821 ic->ic_acl = acl;
1822 }
1823 if (ireq->i_type == IEEE80211_IOC_ADDMAC)
1824 acl->iac_add(ic, mac);
1825 else
1826 acl->iac_remove(ic, mac);
1827 return 0;
1828 }
1829
1830 static int
1831 ieee80211_ioctl_setmaccmd(struct ieee80211com *ic, struct ieee80211req *ireq)
1832 {
1833 const struct ieee80211_aclator *acl = ic->ic_acl;
1834
1835 switch (ireq->i_val) {
1836 case IEEE80211_MACCMD_POLICY_OPEN:
1837 case IEEE80211_MACCMD_POLICY_ALLOW:
1838 case IEEE80211_MACCMD_POLICY_DENY:
1839 if (acl == NULL) {
1840 acl = ieee80211_aclator_get("mac");
1841 if (acl == NULL || !acl->iac_attach(ic))
1842 return EINVAL;
1843 ic->ic_acl = acl;
1844 }
1845 acl->iac_setpolicy(ic, ireq->i_val);
1846 break;
1847 case IEEE80211_MACCMD_FLUSH:
1848 if (acl != NULL)
1849 acl->iac_flush(ic);
1850 /* NB: silently ignore when not in use */
1851 break;
1852 case IEEE80211_MACCMD_DETACH:
1853 if (acl != NULL) {
1854 ic->ic_acl = NULL;
1855 acl->iac_detach(ic);
1856 }
1857 break;
1858 default:
1859 if (acl == NULL)
1860 return EINVAL;
1861 else
1862 return acl->iac_setioctl(ic, ireq);
1863 }
1864 return 0;
1865 }
1866
1867 static int
1868 ieee80211_ioctl_setchanlist(struct ieee80211com *ic, struct ieee80211req *ireq)
1869 {
1870 struct ieee80211req_chanlist list;
1871 u_int8_t chanlist[IEEE80211_CHAN_BYTES];
1872 int i, j, error;
1873
1874 if (ireq->i_len != sizeof(list))
1875 return EINVAL;
1876 error = copyin(ireq->i_data, &list, sizeof(list));
1877 if (error)
1878 return error;
1879 memset(chanlist, 0, sizeof(chanlist));
1880 /*
1881 * Since channel 0 is not available for DS, channel 1
1882 * is assigned to LSB on WaveLAN.
1883 */
1884 if (ic->ic_phytype == IEEE80211_T_DS)
1885 i = 1;
1886 else
1887 i = 0;
1888 for (j = 0; i <= IEEE80211_CHAN_MAX; i++, j++) {
1889 /*
1890 * NB: silently discard unavailable channels so users
1891 * can specify 1-255 to get all available channels.
1892 */
1893 if (isset(list.ic_channels, j) && isset(ic->ic_chan_avail, i))
1894 setbit(chanlist, i);
1895 }
1896 if (ic->ic_ibss_chan == NULL ||
1897 isclr(chanlist, ieee80211_chan2ieee(ic, ic->ic_ibss_chan))) {
1898 for (i = 0; i <= IEEE80211_CHAN_MAX; i++)
1899 if (isset(chanlist, i)) {
1900 ic->ic_ibss_chan = &ic->ic_channels[i];
1901 goto found;
1902 }
1903 return EINVAL; /* no active channels */
1904 found:
1905 ;
1906 }
1907 memcpy(ic->ic_chan_active, chanlist, sizeof(ic->ic_chan_active));
1908 return IS_UP_AUTO(ic) ? ENETRESET : 0;
1909 }
1910
1911 static int
1912 ieee80211_ioctl_setstatxpow(struct ieee80211com *ic, struct ieee80211req *ireq)
1913 {
1914 struct ieee80211_node *ni;
1915 struct ieee80211req_sta_txpow txpow;
1916 int error;
1917
1918 if (ireq->i_len != sizeof(txpow))
1919 return EINVAL;
1920 error = copyin(ireq->i_data, &txpow, sizeof(txpow));
1921 if (error != 0)
1922 return error;
1923 ni = ieee80211_find_node(&ic->ic_sta, txpow.it_macaddr);
1924 if (ni == NULL)
1925 return EINVAL; /* XXX */
1926 ni->ni_txpower = txpow.it_txpow;
1927 ieee80211_free_node(ni);
1928 return error;
1929 }
1930
1931 static int
1932 ieee80211_ioctl_setwmeparam(struct ieee80211com *ic, struct ieee80211req *ireq)
1933 {
1934 struct ieee80211_wme_state *wme = &ic->ic_wme;
1935 struct wmeParams *wmep, *chanp;
1936 int isbss, ac;
1937
1938 if ((ic->ic_caps & IEEE80211_C_WME) == 0)
1939 return EINVAL;
1940
1941 isbss = (ireq->i_len & IEEE80211_WMEPARAM_BSS);
1942 ac = (ireq->i_len & IEEE80211_WMEPARAM_VAL);
1943 if (ac >= WME_NUM_AC)
1944 ac = WME_AC_BE;
1945 if (isbss) {
1946 chanp = &wme->wme_bssChanParams.cap_wmeParams[ac];
1947 wmep = &wme->wme_wmeBssChanParams.cap_wmeParams[ac];
1948 } else {
1949 chanp = &wme->wme_chanParams.cap_wmeParams[ac];
1950 wmep = &wme->wme_wmeChanParams.cap_wmeParams[ac];
1951 }
1952 switch (ireq->i_type) {
1953 case IEEE80211_IOC_WME_CWMIN: /* WME: CWmin */
1954 if (isbss) {
1955 wmep->wmep_logcwmin = ireq->i_val;
1956 if ((wme->wme_flags & WME_F_AGGRMODE) == 0)
1957 chanp->wmep_logcwmin = ireq->i_val;
1958 } else {
1959 wmep->wmep_logcwmin = chanp->wmep_logcwmin =
1960 ireq->i_val;
1961 }
1962 break;
1963 case IEEE80211_IOC_WME_CWMAX: /* WME: CWmax */
1964 if (isbss) {
1965 wmep->wmep_logcwmax = ireq->i_val;
1966 if ((wme->wme_flags & WME_F_AGGRMODE) == 0)
1967 chanp->wmep_logcwmax = ireq->i_val;
1968 } else {
1969 wmep->wmep_logcwmax = chanp->wmep_logcwmax =
1970 ireq->i_val;
1971 }
1972 break;
1973 case IEEE80211_IOC_WME_AIFS: /* WME: AIFS */
1974 if (isbss) {
1975 wmep->wmep_aifsn = ireq->i_val;
1976 if ((wme->wme_flags & WME_F_AGGRMODE) == 0)
1977 chanp->wmep_aifsn = ireq->i_val;
1978 } else {
1979 wmep->wmep_aifsn = chanp->wmep_aifsn = ireq->i_val;
1980 }
1981 break;
1982 case IEEE80211_IOC_WME_TXOPLIMIT: /* WME: txops limit */
1983 if (isbss) {
1984 wmep->wmep_txopLimit = ireq->i_val;
1985 if ((wme->wme_flags & WME_F_AGGRMODE) == 0)
1986 chanp->wmep_txopLimit = ireq->i_val;
1987 } else {
1988 wmep->wmep_txopLimit = chanp->wmep_txopLimit =
1989 ireq->i_val;
1990 }
1991 break;
1992 case IEEE80211_IOC_WME_ACM: /* WME: ACM (bss only) */
1993 wmep->wmep_acm = ireq->i_val;
1994 if ((wme->wme_flags & WME_F_AGGRMODE) == 0)
1995 chanp->wmep_acm = ireq->i_val;
1996 break;
1997 case IEEE80211_IOC_WME_ACKPOLICY: /* WME: ACK policy (!bss only)*/
1998 wmep->wmep_noackPolicy = chanp->wmep_noackPolicy =
1999 (ireq->i_val) == 0;
2000 break;
2001 }
2002 ieee80211_wme_updateparams(ic);
2003 return 0;
2004 }
2005
2006 static int
2007 cipher2cap(int cipher)
2008 {
2009 switch (cipher) {
2010 case IEEE80211_CIPHER_WEP: return IEEE80211_C_WEP;
2011 case IEEE80211_CIPHER_AES_OCB: return IEEE80211_C_AES;
2012 case IEEE80211_CIPHER_AES_CCM: return IEEE80211_C_AES_CCM;
2013 case IEEE80211_CIPHER_CKIP: return IEEE80211_C_CKIP;
2014 case IEEE80211_CIPHER_TKIP: return IEEE80211_C_TKIP;
2015 }
2016 return 0;
2017 }
2018
2019 static int
2020 ieee80211_ioctl_set80211(struct ieee80211com *ic, u_long cmd,
2021 struct ieee80211req *ireq)
2022 {
2023 #if defined(__FreeBSD__) || defined(COMPAT_FREEBSD_NET80211)
2024 static const u_int8_t zerobssid[IEEE80211_ADDR_LEN];
2025 u_int8_t tmpkey[IEEE80211_KEYBUF_SIZE];
2026 char tmpssid[IEEE80211_NWID_LEN];
2027 u_int8_t tmpbssid[IEEE80211_ADDR_LEN];
2028 struct ieee80211_key *k;
2029 u_int kid;
2030 #endif /* __FreeBSD__ || COMPAT_FREEBSD_NET80211 */
2031 struct ieee80211_rsnparms *rsn = &ic->ic_bss->ni_rsn;
2032 int error;
2033 const struct ieee80211_authenticator *auth;
2034 int j, caps;
2035
2036 error = 0;
2037 switch (ireq->i_type) {
2038 #if defined(__FreeBSD__) || defined(COMPAT_FREEBSD_NET80211)
2039 case IEEE80211_IOC_SSID:
2040 if (ireq->i_val != 0 ||
2041 ireq->i_len > IEEE80211_NWID_LEN)
2042 return EINVAL;
2043 error = copyin(ireq->i_data, tmpssid, ireq->i_len);
2044 if (error)
2045 break;
2046 memset(ic->ic_des_essid, 0, IEEE80211_NWID_LEN);
2047 ic->ic_des_esslen = ireq->i_len;
2048 memcpy(ic->ic_des_essid, tmpssid, ireq->i_len);
2049 error = ENETRESET;
2050 break;
2051 #endif /* __FreeBSD__ || COMPAT_FREEBSD_NET80211 */
2052 case IEEE80211_IOC_WEP:
2053 switch (ireq->i_val) {
2054 case IEEE80211_WEP_OFF:
2055 ic->ic_flags &= ~IEEE80211_F_PRIVACY;
2056 ic->ic_flags &= ~IEEE80211_F_DROPUNENC;
2057 break;
2058 case IEEE80211_WEP_ON:
2059 ic->ic_flags |= IEEE80211_F_PRIVACY;
2060 ic->ic_flags |= IEEE80211_F_DROPUNENC;
2061 break;
2062 case IEEE80211_WEP_MIXED:
2063 ic->ic_flags |= IEEE80211_F_PRIVACY;
2064 ic->ic_flags &= ~IEEE80211_F_DROPUNENC;
2065 break;
2066 }
2067 error = ENETRESET;
2068 break;
2069 #if defined(__FreeBSD__) || defined(COMPAT_FREEBSD_NET80211)
2070 case IEEE80211_IOC_WEPKEY:
2071 kid = (u_int) ireq->i_val;
2072 if (kid >= IEEE80211_WEP_NKID)
2073 return EINVAL;
2074 k = &ic->ic_nw_keys[kid];
2075 if (ireq->i_len == 0) {
2076 /* zero-len =>'s delete any existing key */
2077 (void) ieee80211_crypto_delkey(ic, k);
2078 break;
2079 }
2080 if (ireq->i_len > sizeof(tmpkey))
2081 return EINVAL;
2082 memset(tmpkey, 0, sizeof(tmpkey));
2083 error = copyin(ireq->i_data, tmpkey, ireq->i_len);
2084 if (error)
2085 break;
2086 ieee80211_key_update_begin(ic);
2087 k->wk_keyix = kid; /* NB: force fixed key id */
2088 if (ieee80211_crypto_newkey(ic, IEEE80211_CIPHER_WEP,
2089 IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV, k)) {
2090 k->wk_keylen = ireq->i_len;
2091 memcpy(k->wk_key, tmpkey, sizeof(tmpkey));
2092 if (!ieee80211_crypto_setkey(ic, k, ic->ic_myaddr))
2093 error = EINVAL;
2094 } else
2095 error = EINVAL;
2096 ieee80211_key_update_end(ic);
2097 if (!error) /* NB: for compatibility */
2098 error = ENETRESET;
2099 break;
2100 case IEEE80211_IOC_WEPTXKEY:
2101 kid = (u_int) ireq->i_val;
2102 if (kid >= IEEE80211_WEP_NKID &&
2103 (u_int16_t) kid != IEEE80211_KEYIX_NONE)
2104 return EINVAL;
2105 ic->ic_def_txkey = kid;
2106 error = ENETRESET; /* push to hardware */
2107 break;
2108 #endif /* __FreeBSD__ || COMPAT_FREEBSD_NET80211 */
2109 case IEEE80211_IOC_AUTHMODE:
2110 switch (ireq->i_val) {
2111 case IEEE80211_AUTH_WPA:
2112 case IEEE80211_AUTH_8021X: /* 802.1x */
2113 case IEEE80211_AUTH_OPEN: /* open */
2114 case IEEE80211_AUTH_SHARED: /* shared-key */
2115 case IEEE80211_AUTH_AUTO: /* auto */
2116 auth = ieee80211_authenticator_get(ireq->i_val);
2117 if (auth == NULL)
2118 return EINVAL;
2119 break;
2120 default:
2121 return EINVAL;
2122 }
2123 switch (ireq->i_val) {
2124 case IEEE80211_AUTH_WPA: /* WPA w/ 802.1x */
2125 ic->ic_flags |= IEEE80211_F_PRIVACY;
2126 ireq->i_val = IEEE80211_AUTH_8021X;
2127 break;
2128 case IEEE80211_AUTH_OPEN: /* open */
2129 ic->ic_flags &= ~(IEEE80211_F_WPA|IEEE80211_F_PRIVACY);
2130 break;
2131 case IEEE80211_AUTH_SHARED: /* shared-key */
2132 case IEEE80211_AUTH_8021X: /* 802.1x */
2133 ic->ic_flags &= ~IEEE80211_F_WPA;
2134 /* both require a key so mark the PRIVACY capability */
2135 ic->ic_flags |= IEEE80211_F_PRIVACY;
2136 break;
2137 case IEEE80211_AUTH_AUTO: /* auto */
2138 ic->ic_flags &= ~IEEE80211_F_WPA;
2139 /* XXX PRIVACY handling? */
2140 /* XXX what's the right way to do this? */
2141 break;
2142 }
2143 /* NB: authenticator attach/detach happens on state change */
2144 ic->ic_bss->ni_authmode = ireq->i_val;
2145 /* XXX mixed/mode/usage? */
2146 ic->ic_auth = auth;
2147 error = ENETRESET;
2148 break;
2149 #if defined(__FreeBSD__) || defined(COMPAT_FREEBSD_NET80211)
2150 case IEEE80211_IOC_CHANNEL:
2151 /* XXX 0xffff overflows 16-bit signed */
2152 if (ireq->i_val == 0 ||
2153 ireq->i_val == (int16_t) IEEE80211_CHAN_ANY)
2154 ic->ic_des_chan = IEEE80211_CHAN_ANYC;
2155 else if ((u_int) ireq->i_val > IEEE80211_CHAN_MAX ||
2156 isclr(ic->ic_chan_active, ireq->i_val)) {
2157 return EINVAL;
2158 } else
2159 ic->ic_ibss_chan = ic->ic_des_chan =
2160 &ic->ic_channels[ireq->i_val];
2161 switch (ic->ic_state) {
2162 case IEEE80211_S_INIT:
2163 case IEEE80211_S_SCAN:
2164 error = ENETRESET;
2165 break;
2166 default:
2167 /*
2168 * If the desired channel has changed (to something
2169 * other than any) and we're not already scanning,
2170 * then kick the state machine.
2171 */
2172 if (ic->ic_des_chan != IEEE80211_CHAN_ANYC &&
2173 ic->ic_bss->ni_chan != ic->ic_des_chan &&
2174 (ic->ic_flags & IEEE80211_F_SCAN) == 0)
2175 error = ENETRESET;
2176 break;
2177 }
2178 if (error == ENETRESET &&
2179 ic->ic_opmode == IEEE80211_M_MONITOR) {
2180 if (IS_UP(ic)) {
2181 /*
2182 * Monitor mode can switch directly.
2183 */
2184 if (ic->ic_des_chan != IEEE80211_CHAN_ANYC)
2185 ic->ic_curchan = ic->ic_des_chan;
2186 error = ic->ic_reset(ic->ic_ifp);
2187 } else
2188 error = 0;
2189 }
2190 break;
2191 case IEEE80211_IOC_POWERSAVE:
2192 switch (ireq->i_val) {
2193 case IEEE80211_POWERSAVE_OFF:
2194 if (ic->ic_flags & IEEE80211_F_PMGTON) {
2195 ic->ic_flags &= ~IEEE80211_F_PMGTON;
2196 error = ENETRESET;
2197 }
2198 break;
2199 case IEEE80211_POWERSAVE_ON:
2200 if ((ic->ic_caps & IEEE80211_C_PMGT) == 0)
2201 error = EINVAL;
2202 else if ((ic->ic_flags & IEEE80211_F_PMGTON) == 0) {
2203 ic->ic_flags |= IEEE80211_F_PMGTON;
2204 error = ENETRESET;
2205 }
2206 break;
2207 default:
2208 error = EINVAL;
2209 break;
2210 }
2211 break;
2212 case IEEE80211_IOC_POWERSAVESLEEP:
2213 if (ireq->i_val < 0)
2214 return EINVAL;
2215 ic->ic_lintval = ireq->i_val;
2216 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
2217 break;
2218 #endif /* __FreeBSD__ || COMPAT_FREEBSD_NET80211 */
2219 case IEEE80211_IOC_RTSTHRESHOLD:
2220 if (!(IEEE80211_RTS_MIN <= ireq->i_val &&
2221 ireq->i_val <= IEEE80211_RTS_MAX))
2222 return EINVAL;
2223 ic->ic_rtsthreshold = ireq->i_val;
2224 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
2225 break;
2226 case IEEE80211_IOC_PROTMODE:
2227 if (ireq->i_val > IEEE80211_PROT_RTSCTS)
2228 return EINVAL;
2229 ic->ic_protmode = ireq->i_val;
2230 /* NB: if not operating in 11g this can wait */
2231 if (ic->ic_curmode == IEEE80211_MODE_11G)
2232 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
2233 break;
2234 case IEEE80211_IOC_TXPOWER:
2235 if ((ic->ic_caps & IEEE80211_C_TXPMGT) == 0)
2236 return EINVAL;
2237 if (!(IEEE80211_TXPOWER_MIN < ireq->i_val &&
2238 ireq->i_val < IEEE80211_TXPOWER_MAX))
2239 return EINVAL;
2240 ic->ic_txpowlimit = ireq->i_val;
2241 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
2242 break;
2243 case IEEE80211_IOC_ROAMING:
2244 if (!(IEEE80211_ROAMING_DEVICE <= ireq->i_val &&
2245 ireq->i_val <= IEEE80211_ROAMING_MANUAL))
2246 return EINVAL;
2247 ic->ic_roaming = ireq->i_val;
2248 /* XXXX reset? */
2249 break;
2250 case IEEE80211_IOC_PRIVACY:
2251 if (ireq->i_val) {
2252 /* XXX check for key state? */
2253 ic->ic_flags |= IEEE80211_F_PRIVACY;
2254 } else
2255 ic->ic_flags &= ~IEEE80211_F_PRIVACY;
2256 break;
2257 case IEEE80211_IOC_DROPUNENCRYPTED:
2258 if (ireq->i_val)
2259 ic->ic_flags |= IEEE80211_F_DROPUNENC;
2260 else
2261 ic->ic_flags &= ~IEEE80211_F_DROPUNENC;
2262 break;
2263 case IEEE80211_IOC_WPAKEY:
2264 error = ieee80211_ioctl_setkey(ic, ireq);
2265 break;
2266 case IEEE80211_IOC_DELKEY:
2267 error = ieee80211_ioctl_delkey(ic, ireq);
2268 break;
2269 case IEEE80211_IOC_MLME:
2270 error = ieee80211_ioctl_setmlme(ic, ireq);
2271 break;
2272 case IEEE80211_IOC_OPTIE:
2273 error = ieee80211_ioctl_setoptie(ic, ireq);
2274 break;
2275 case IEEE80211_IOC_COUNTERMEASURES:
2276 if (ireq->i_val) {
2277 if ((ic->ic_flags & IEEE80211_F_WPA) == 0)
2278 return EINVAL;
2279 ic->ic_flags |= IEEE80211_F_COUNTERM;
2280 } else
2281 ic->ic_flags &= ~IEEE80211_F_COUNTERM;
2282 break;
2283 case IEEE80211_IOC_WPA:
2284 if (ireq->i_val > 3)
2285 return EINVAL;
2286 /* XXX verify ciphers available */
2287 ic->ic_flags &= ~IEEE80211_F_WPA;
2288 switch (ireq->i_val) {
2289 case 1:
2290 ic->ic_flags |= IEEE80211_F_WPA1;
2291 break;
2292 case 2:
2293 ic->ic_flags |= IEEE80211_F_WPA2;
2294 break;
2295 case 3:
2296 ic->ic_flags |= IEEE80211_F_WPA1 | IEEE80211_F_WPA2;
2297 break;
2298 }
2299 error = ENETRESET; /* XXX? */
2300 break;
2301 case IEEE80211_IOC_WME:
2302 if (ireq->i_val) {
2303 if ((ic->ic_caps & IEEE80211_C_WME) == 0)
2304 return EINVAL;
2305 ic->ic_flags |= IEEE80211_F_WME;
2306 } else
2307 ic->ic_flags &= ~IEEE80211_F_WME;
2308 error = ENETRESET; /* XXX maybe not for station? */
2309 break;
2310 case IEEE80211_IOC_HIDESSID:
2311 if (ireq->i_val)
2312 ic->ic_flags |= IEEE80211_F_HIDESSID;
2313 else
2314 ic->ic_flags &= ~IEEE80211_F_HIDESSID;
2315 error = ENETRESET;
2316 break;
2317 case IEEE80211_IOC_APBRIDGE:
2318 if (ireq->i_val == 0)
2319 ic->ic_flags |= IEEE80211_F_NOBRIDGE;
2320 else
2321 ic->ic_flags &= ~IEEE80211_F_NOBRIDGE;
2322 break;
2323 case IEEE80211_IOC_MCASTCIPHER:
2324 if ((ic->ic_caps & cipher2cap(ireq->i_val)) == 0 &&
2325 !ieee80211_crypto_available(ireq->i_val))
2326 return EINVAL;
2327 rsn->rsn_mcastcipher = ireq->i_val;
2328 error = (ic->ic_flags & IEEE80211_F_WPA) ? ENETRESET : 0;
2329 break;
2330 case IEEE80211_IOC_MCASTKEYLEN:
2331 if (!(0 < ireq->i_val && ireq->i_val < IEEE80211_KEYBUF_SIZE))
2332 return EINVAL;
2333 /* XXX no way to verify driver capability */
2334 rsn->rsn_mcastkeylen = ireq->i_val;
2335 error = (ic->ic_flags & IEEE80211_F_WPA) ? ENETRESET : 0;
2336 break;
2337 case IEEE80211_IOC_UCASTCIPHERS:
2338 /*
2339 * Convert user-specified cipher set to the set
2340 * we can support (via hardware or software).
2341 * NB: this logic intentionally ignores unknown and
2342 * unsupported ciphers so folks can specify 0xff or
2343 * similar and get all available ciphers.
2344 */
2345 caps = 0;
2346 for (j = 1; j < 32; j++) /* NB: skip WEP */
2347 if ((ireq->i_val & (1<<j)) &&
2348 ((ic->ic_caps & cipher2cap(j)) ||
2349 ieee80211_crypto_available(j)))
2350 caps |= 1<<j;
2351 if (caps == 0) /* nothing available */
2352 return EINVAL;
2353 /* XXX verify ciphers ok for unicast use? */
2354 /* XXX disallow if running as it'll have no effect */
2355 rsn->rsn_ucastcipherset = caps;
2356 error = (ic->ic_flags & IEEE80211_F_WPA) ? ENETRESET : 0;
2357 break;
2358 case IEEE80211_IOC_UCASTCIPHER:
2359 if ((rsn->rsn_ucastcipherset & cipher2cap(ireq->i_val)) == 0)
2360 return EINVAL;
2361 rsn->rsn_ucastcipher = ireq->i_val;
2362 break;
2363 case IEEE80211_IOC_UCASTKEYLEN:
2364 if (!(0 < ireq->i_val && ireq->i_val < IEEE80211_KEYBUF_SIZE))
2365 return EINVAL;
2366 /* XXX no way to verify driver capability */
2367 rsn->rsn_ucastkeylen = ireq->i_val;
2368 break;
2369 case IEEE80211_IOC_DRIVER_CAPS:
2370 /* NB: for testing */
2371 ic->ic_caps = (((u_int16_t) ireq->i_val) << 16) |
2372 ((u_int16_t) ireq->i_len);
2373 break;
2374 case IEEE80211_IOC_KEYMGTALGS:
2375 /* XXX check */
2376 rsn->rsn_keymgmtset = ireq->i_val;
2377 error = (ic->ic_flags & IEEE80211_F_WPA) ? ENETRESET : 0;
2378 break;
2379 case IEEE80211_IOC_RSNCAPS:
2380 /* XXX check */
2381 rsn->rsn_caps = ireq->i_val;
2382 error = (ic->ic_flags & IEEE80211_F_WPA) ? ENETRESET : 0;
2383 break;
2384 #if defined(__FreeBSD__) || defined(COMPAT_FREEBSD_NET80211)
2385 case IEEE80211_IOC_BSSID:
2386 /* NB: should only be set when in STA mode */
2387 if (ic->ic_opmode != IEEE80211_M_STA)
2388 return EINVAL;
2389 if (ireq->i_len != sizeof(tmpbssid))
2390 return EINVAL;
2391 error = copyin(ireq->i_data, tmpbssid, ireq->i_len);
2392 if (error)
2393 break;
2394 IEEE80211_ADDR_COPY(ic->ic_des_bssid, tmpbssid);
2395 if (IEEE80211_ADDR_EQ(ic->ic_des_bssid, zerobssid))
2396 ic->ic_flags &= ~IEEE80211_F_DESBSSID;
2397 else
2398 ic->ic_flags |= IEEE80211_F_DESBSSID;
2399 error = ENETRESET;
2400 break;
2401 #endif /* __FreeBSD__ || COMPAT_FREEBSD_NET80211 */
2402 case IEEE80211_IOC_CHANLIST:
2403 error = ieee80211_ioctl_setchanlist(ic, ireq);
2404 break;
2405 case IEEE80211_IOC_SCAN_REQ:
2406 if (ic->ic_opmode == IEEE80211_M_HOSTAP) /* XXX ignore */
2407 break;
2408 error = ieee80211_setupscan(ic, ic->ic_chan_avail);
2409 if (error == 0) /* XXX background scan */
2410 error = ieee80211_new_state(ic, IEEE80211_S_SCAN, -1);
2411 break;
2412 case IEEE80211_IOC_ADDMAC:
2413 case IEEE80211_IOC_DELMAC:
2414 error = ieee80211_ioctl_macmac(ic, ireq);
2415 break;
2416 case IEEE80211_IOC_MACCMD:
2417 error = ieee80211_ioctl_setmaccmd(ic, ireq);
2418 break;
2419 case IEEE80211_IOC_STA_TXPOW:
2420 error = ieee80211_ioctl_setstatxpow(ic, ireq);
2421 break;
2422 case IEEE80211_IOC_WME_CWMIN: /* WME: CWmin */
2423 case IEEE80211_IOC_WME_CWMAX: /* WME: CWmax */
2424 case IEEE80211_IOC_WME_AIFS: /* WME: AIFS */
2425 case IEEE80211_IOC_WME_TXOPLIMIT: /* WME: txops limit */
2426 case IEEE80211_IOC_WME_ACM: /* WME: ACM (bss only) */
2427 case IEEE80211_IOC_WME_ACKPOLICY: /* WME: ACK policy (bss only) */
2428 error = ieee80211_ioctl_setwmeparam(ic, ireq);
2429 break;
2430 case IEEE80211_IOC_DTIM_PERIOD:
2431 if (ic->ic_opmode != IEEE80211_M_HOSTAP &&
2432 ic->ic_opmode != IEEE80211_M_IBSS)
2433 return EINVAL;
2434 if (IEEE80211_DTIM_MIN <= ireq->i_val &&
2435 ireq->i_val <= IEEE80211_DTIM_MAX) {
2436 ic->ic_dtim_period = ireq->i_val;
2437 error = ENETRESET; /* requires restart */
2438 } else
2439 error = EINVAL;
2440 break;
2441 case IEEE80211_IOC_BEACON_INTERVAL:
2442 if (ic->ic_opmode != IEEE80211_M_HOSTAP &&
2443 ic->ic_opmode != IEEE80211_M_IBSS)
2444 return EINVAL;
2445 if (IEEE80211_BINTVAL_MIN <= ireq->i_val &&
2446 ireq->i_val <= IEEE80211_BINTVAL_MAX) {
2447 ic->ic_bintval = ireq->i_val;
2448 error = ENETRESET; /* requires restart */
2449 } else
2450 error = EINVAL;
2451 break;
2452 case IEEE80211_IOC_PUREG:
2453 if (ireq->i_val)
2454 ic->ic_flags |= IEEE80211_F_PUREG;
2455 else
2456 ic->ic_flags &= ~IEEE80211_F_PUREG;
2457 /* NB: reset only if we're operating on an 11g channel */
2458 if (ic->ic_curmode == IEEE80211_MODE_11G)
2459 error = ENETRESET;
2460 break;
2461 case IEEE80211_IOC_MCAST_RATE:
2462 ic->ic_mcast_rate = ireq->i_val & IEEE80211_RATE_VAL;
2463 break;
2464 case IEEE80211_IOC_FRAGTHRESHOLD:
2465 if ((ic->ic_caps & IEEE80211_C_TXFRAG) == 0 &&
2466 ireq->i_val != IEEE80211_FRAG_MAX)
2467 return EINVAL;
2468 if (!(IEEE80211_FRAG_MIN <= ireq->i_val &&
2469 ireq->i_val <= IEEE80211_FRAG_MAX))
2470 return EINVAL;
2471 ic->ic_fragthreshold = ireq->i_val;
2472 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
2473 break;
2474 default:
2475 error = EINVAL;
2476 break;
2477 }
2478 if (error == ENETRESET && !IS_UP_AUTO(ic))
2479 error = 0;
2480 return error;
2481 }
2482
2483 #ifdef __FreeBSD__
2484 int
2485 ieee80211_ioctl(struct ieee80211com *ic, u_long cmd, caddr_t data)
2486 {
2487 struct ifnet *ifp = ic->ic_ifp;
2488 int error = 0;
2489 struct ifreq *ifr;
2490 struct ifaddr *ifa; /* XXX */
2491
2492 switch (cmd) {
2493 case SIOCSIFMEDIA:
2494 case SIOCGIFMEDIA:
2495 error = ifmedia_ioctl(ifp, (struct ifreq *) data,
2496 &ic->ic_media, cmd);
2497 break;
2498 case SIOCG80211:
2499 error = ieee80211_ioctl_get80211(ic, cmd,
2500 (struct ieee80211req *) data);
2501 break;
2502 case SIOCS80211:
2503 error = suser(curthread);
2504 if (error == 0)
2505 error = ieee80211_ioctl_set80211(ic, cmd,
2506 (struct ieee80211req *) data);
2507 break;
2508 case SIOCGIFGENERIC:
2509 error = ieee80211_cfgget(ic, cmd, data);
2510 break;
2511 case SIOCSIFGENERIC:
2512 error = suser(curthread);
2513 if (error)
2514 break;
2515 error = ieee80211_cfgset(ic, cmd, data);
2516 break;
2517 case SIOCG80211STATS:
2518 ifr = (struct ifreq *)data;
2519 copyout(&ic->ic_stats, ifr->ifr_data, sizeof (ic->ic_stats));
2520 break;
2521 case SIOCSIFMTU:
2522 ifr = (struct ifreq *)data;
2523 if (!(IEEE80211_MTU_MIN <= ifr->ifr_mtu &&
2524 ifr->ifr_mtu <= IEEE80211_MTU_MAX))
2525 error = EINVAL;
2526 else
2527 ifp->if_mtu = ifr->ifr_mtu;
2528 break;
2529 case SIOCSIFADDR:
2530 /*
2531 * XXX Handle this directly so we can supress if_init calls.
2532 * XXX This should be done in ether_ioctl but for the moment
2533 * XXX there are too many other parts of the system that
2534 * XXX set IFF_UP and so supress if_init being called when
2535 * XXX it should be.
2536 */
2537 ifa = (struct ifaddr *) data;
2538 switch (ifa->ifa_addr->sa_family) {
2539 #ifdef INET
2540 case AF_INET:
2541 if ((ifp->if_flags & IFF_UP) == 0) {
2542 ifp->if_flags |= IFF_UP;
2543 ifp->if_init(ifp->if_softc);
2544 }
2545 arp_ifinit(ifp, ifa);
2546 break;
2547 #endif
2548 #ifdef IPX
2549 /*
2550 * XXX - This code is probably wrong,
2551 * but has been copied many times.
2552 */
2553 case AF_IPX: {
2554 struct ipx_addr *ina = &(IA_SIPX(ifa)->sipx_addr);
2555
2556 if (ipx_nullhost(*ina))
2557 ina->x_host = *(union ipx_host *)
2558 IFP2ENADDR(ifp);
2559 else
2560 bcopy((caddr_t) ina->x_host.c_host,
2561 (caddr_t) IFP2ENADDR(ifp),
2562 ETHER_ADDR_LEN);
2563 /* fall thru... */
2564 }
2565 #endif
2566 default:
2567 if ((ifp->if_flags & IFF_UP) == 0) {
2568 ifp->if_flags |= IFF_UP;
2569 ifp->if_init(ifp->if_softc);
2570 }
2571 break;
2572 }
2573 break;
2574 default:
2575 error = ether_ioctl(ifp, cmd, data);
2576 break;
2577 }
2578 return error;
2579 }
2580 #endif /* __FreeBSD__ */
2581
2582 #ifdef COMPAT_20
2583 static void
2584 ieee80211_get_ostats(struct ieee80211_ostats *ostats,
2585 struct ieee80211_stats *stats)
2586 {
2587 #define COPYSTATS1(__ostats, __nstats, __dstmemb, __srcmemb, __lastmemb)\
2588 (void)memcpy(&(__ostats)->__dstmemb, &(__nstats)->__srcmemb, \
2589 offsetof(struct ieee80211_stats, __lastmemb) - \
2590 offsetof(struct ieee80211_stats, __srcmemb))
2591 #define COPYSTATS(__ostats, __nstats, __dstmemb, __lastmemb) \
2592 COPYSTATS1(__ostats, __nstats, __dstmemb, __dstmemb, __lastmemb)
2593
2594 COPYSTATS(ostats, stats, is_rx_badversion, is_rx_unencrypted);
2595 COPYSTATS(ostats, stats, is_rx_wepfail, is_rx_beacon);
2596 COPYSTATS(ostats, stats, is_rx_rstoobig, is_rx_auth_countermeasures);
2597 COPYSTATS(ostats, stats, is_rx_assoc_bss, is_rx_assoc_badwpaie);
2598 COPYSTATS(ostats, stats, is_rx_deauth, is_rx_unauth);
2599 COPYSTATS1(ostats, stats, is_tx_nombuf, is_tx_nobuf, is_tx_badcipher);
2600 COPYSTATS(ostats, stats, is_scan_active, is_crypto_tkip);
2601 }
2602 #endif /* COMPAT_20 */
2603
2604 #ifdef __NetBSD__
2605 int
2606 ieee80211_ioctl(struct ieee80211com *ic, u_long cmd, caddr_t data)
2607 {
2608 struct ifnet *ifp = ic->ic_ifp;
2609 struct ifreq *ifr = (struct ifreq *)data;
2610 int i, error = 0, kid, klen, s;
2611 struct ieee80211_key *k;
2612 struct ieee80211_nwid nwid;
2613 struct ieee80211_nwkey *nwkey;
2614 struct ieee80211_power *power;
2615 struct ieee80211_bssid *bssid;
2616 struct ieee80211chanreq *chanreq;
2617 struct ieee80211_channel *chan;
2618 uint32_t oflags;
2619 #ifdef COMPAT_20
2620 struct ieee80211_ostats ostats;
2621 #endif /* COMPAT_20 */
2622 static const u_int8_t zerobssid[IEEE80211_ADDR_LEN];
2623 u_int8_t tmpkey[IEEE80211_WEP_NKID][IEEE80211_KEYBUF_SIZE];
2624
2625 switch (cmd) {
2626 case SIOCSIFMEDIA:
2627 case SIOCGIFMEDIA:
2628 error = ifmedia_ioctl(ifp, ifr, &ic->ic_media, cmd);
2629 break;
2630 case SIOCG80211:
2631 error = ieee80211_ioctl_get80211(ic, cmd,
2632 (struct ieee80211req *) data);
2633 break;
2634 case SIOCS80211:
2635 if ((error = kauth_authorize_network(curlwp->l_cred,
2636 KAUTH_NETWORK_INTERFACE,
2637 KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, (void *)cmd,
2638 NULL) != 0))
2639 break;
2640 error = ieee80211_ioctl_set80211(ic, cmd,
2641 (struct ieee80211req *) data);
2642 break;
2643 case SIOCS80211NWID:
2644 if ((error = copyin(ifr->ifr_data, &nwid, sizeof(nwid))) != 0)
2645 break;
2646 if (nwid.i_len > IEEE80211_NWID_LEN) {
2647 error = EINVAL;
2648 break;
2649 }
2650 memset(ic->ic_des_essid, 0, IEEE80211_NWID_LEN);
2651 ic->ic_des_esslen = nwid.i_len;
2652 memcpy(ic->ic_des_essid, nwid.i_nwid, nwid.i_len);
2653 error = ENETRESET;
2654 break;
2655 case SIOCG80211NWID:
2656 memset(&nwid, 0, sizeof(nwid));
2657 switch (ic->ic_state) {
2658 case IEEE80211_S_INIT:
2659 case IEEE80211_S_SCAN:
2660 nwid.i_len = ic->ic_des_esslen;
2661 memcpy(nwid.i_nwid, ic->ic_des_essid, nwid.i_len);
2662 break;
2663 default:
2664 nwid.i_len = ic->ic_bss->ni_esslen;
2665 memcpy(nwid.i_nwid, ic->ic_bss->ni_essid, nwid.i_len);
2666 break;
2667 }
2668 error = copyout(&nwid, ifr->ifr_data, sizeof(nwid));
2669 break;
2670 case SIOCS80211NWKEY:
2671 nwkey = (struct ieee80211_nwkey *)data;
2672 /* transmit key index out of range? */
2673 kid = nwkey->i_defkid - 1;
2674 if (kid < 0 || kid >= IEEE80211_WEP_NKID) {
2675 error = EINVAL;
2676 break;
2677 }
2678 /* no such transmit key is set? */
2679 if (nwkey->i_key[kid].i_keylen == 0 ||
2680 (nwkey->i_key[kid].i_keylen == -1 &&
2681 ic->ic_nw_keys[kid].wk_keylen == 0)) {
2682 if (nwkey->i_wepon != IEEE80211_NWKEY_OPEN) {
2683 error = EINVAL;
2684 break;
2685 }
2686 }
2687 /* check key lengths */
2688 for (kid = 0; kid < IEEE80211_WEP_NKID; kid++) {
2689 klen = nwkey->i_key[kid].i_keylen;
2690 if ((klen > 0 &&
2691 klen < IEEE80211_WEP_KEYLEN) ||
2692 klen > sizeof(ic->ic_nw_keys[kid].wk_key)) {
2693 error = EINVAL;
2694 break;
2695 }
2696 }
2697
2698 if (error)
2699 break;
2700
2701 /* copy in keys */
2702 (void)memset(tmpkey, 0, sizeof(tmpkey));
2703 for (kid = 0; kid < IEEE80211_WEP_NKID; kid++) {
2704 klen = nwkey->i_key[kid].i_keylen;
2705 if (klen <= 0)
2706 continue;
2707 if ((error = copyin(nwkey->i_key[kid].i_keydat,
2708 tmpkey[kid], klen)) != 0)
2709 break;
2710 }
2711
2712 if (error)
2713 break;
2714
2715 /* set keys */
2716 ieee80211_key_update_begin(ic);
2717 for (kid = 0; kid < IEEE80211_WEP_NKID; kid++) {
2718 klen = nwkey->i_key[kid].i_keylen;
2719 if (klen <= 0)
2720 continue;
2721 k = &ic->ic_nw_keys[kid];
2722 k->wk_keyix = kid;
2723 if (!ieee80211_crypto_newkey(ic, IEEE80211_CIPHER_WEP,
2724 IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV, k)) {
2725 error = EINVAL;
2726 continue;
2727 }
2728 k->wk_keylen = nwkey->i_key[kid].i_keylen;
2729 (void)memcpy(k->wk_key, tmpkey[kid],
2730 sizeof(tmpkey[kid]));
2731 if (!ieee80211_crypto_setkey(ic, k, ic->ic_myaddr))
2732 error = EINVAL;
2733 }
2734 ieee80211_key_update_end(ic);
2735
2736 if (error)
2737 break;
2738
2739 /* delete keys */
2740 for (kid = 0; kid < IEEE80211_WEP_NKID; kid++) {
2741 klen = nwkey->i_key[kid].i_keylen;
2742 k = &ic->ic_nw_keys[kid];
2743 if (klen <= 0)
2744 (void)ieee80211_crypto_delkey(ic, k);
2745 }
2746
2747 /* set transmit key */
2748 kid = nwkey->i_defkid - 1;
2749 if (ic->ic_def_txkey != kid) {
2750 ic->ic_def_txkey = kid;
2751 error = ENETRESET;
2752 }
2753 oflags = ic->ic_flags;
2754 if (nwkey->i_wepon == IEEE80211_NWKEY_OPEN) {
2755 ic->ic_flags &= ~IEEE80211_F_PRIVACY;
2756 ic->ic_flags &= ~IEEE80211_F_DROPUNENC;
2757 } else {
2758 ic->ic_flags |= IEEE80211_F_PRIVACY;
2759 ic->ic_flags |= IEEE80211_F_DROPUNENC;
2760 }
2761 if (oflags != ic->ic_flags)
2762 error = ENETRESET;
2763 break;
2764 case SIOCG80211NWKEY:
2765 nwkey = (struct ieee80211_nwkey *)data;
2766 if (ic->ic_flags & IEEE80211_F_PRIVACY)
2767 nwkey->i_wepon = IEEE80211_NWKEY_WEP;
2768 else
2769 nwkey->i_wepon = IEEE80211_NWKEY_OPEN;
2770 nwkey->i_defkid = ic->ic_def_txkey + 1;
2771 for (i = 0; i < IEEE80211_WEP_NKID; i++) {
2772 if (nwkey->i_key[i].i_keydat == NULL)
2773 continue;
2774 /* do not show any keys to non-root user */
2775 if ((error = kauth_authorize_network(curlwp->l_cred,
2776 KAUTH_NETWORK_INTERFACE,
2777 KAUTH_REQ_NETWORK_INTERFACE_GETPRIV, ifp,
2778 (void *)cmd, NULL)) != 0)
2779 break;
2780 nwkey->i_key[i].i_keylen = ic->ic_nw_keys[i].wk_keylen;
2781 if ((error = copyout(ic->ic_nw_keys[i].wk_key,
2782 nwkey->i_key[i].i_keydat,
2783 ic->ic_nw_keys[i].wk_keylen)) != 0)
2784 break;
2785 }
2786 break;
2787 case SIOCS80211POWER:
2788 power = (struct ieee80211_power *)data;
2789 ic->ic_lintval = power->i_maxsleep;
2790 if (power->i_enabled != 0) {
2791 if ((ic->ic_caps & IEEE80211_C_PMGT) == 0)
2792 error = EINVAL;
2793 else if ((ic->ic_flags & IEEE80211_F_PMGTON) == 0) {
2794 ic->ic_flags |= IEEE80211_F_PMGTON;
2795 error = ENETRESET;
2796 }
2797 } else {
2798 if (ic->ic_flags & IEEE80211_F_PMGTON) {
2799 ic->ic_flags &= ~IEEE80211_F_PMGTON;
2800 error = ENETRESET;
2801 }
2802 }
2803 break;
2804 case SIOCG80211POWER:
2805 power = (struct ieee80211_power *)data;
2806 power->i_enabled = (ic->ic_flags & IEEE80211_F_PMGTON) ? 1 : 0;
2807 power->i_maxsleep = ic->ic_lintval;
2808 break;
2809 case SIOCS80211BSSID:
2810 bssid = (struct ieee80211_bssid *)data;
2811 IEEE80211_ADDR_COPY(ic->ic_des_bssid, bssid->i_bssid);
2812 if (IEEE80211_ADDR_EQ(ic->ic_des_bssid, zerobssid))
2813 ic->ic_flags &= ~IEEE80211_F_DESBSSID;
2814 else
2815 ic->ic_flags |= IEEE80211_F_DESBSSID;
2816 error = ENETRESET;
2817 break;
2818 case SIOCG80211BSSID:
2819 bssid = (struct ieee80211_bssid *)data;
2820 switch (ic->ic_state) {
2821 case IEEE80211_S_INIT:
2822 case IEEE80211_S_SCAN:
2823 if (ic->ic_opmode == IEEE80211_M_HOSTAP)
2824 IEEE80211_ADDR_COPY(bssid->i_bssid,
2825 ic->ic_myaddr);
2826 else if (ic->ic_flags & IEEE80211_F_DESBSSID)
2827 IEEE80211_ADDR_COPY(bssid->i_bssid,
2828 ic->ic_des_bssid);
2829 else
2830 memset(bssid->i_bssid, 0, IEEE80211_ADDR_LEN);
2831 break;
2832 default:
2833 IEEE80211_ADDR_COPY(bssid->i_bssid,
2834 ic->ic_bss->ni_bssid);
2835 break;
2836 }
2837 break;
2838 case SIOCS80211CHANNEL:
2839 chanreq = (struct ieee80211chanreq *)data;
2840 if (chanreq->i_channel == IEEE80211_CHAN_ANY)
2841 ic->ic_des_chan = IEEE80211_CHAN_ANYC;
2842 else if (chanreq->i_channel > IEEE80211_CHAN_MAX ||
2843 isclr(ic->ic_chan_active, chanreq->i_channel)) {
2844 error = EINVAL;
2845 break;
2846 } else
2847 ic->ic_ibss_chan = ic->ic_des_chan =
2848 &ic->ic_channels[chanreq->i_channel];
2849 switch (ic->ic_state) {
2850 case IEEE80211_S_INIT:
2851 case IEEE80211_S_SCAN:
2852 error = ENETRESET;
2853 break;
2854 default:
2855 if (ic->ic_opmode == IEEE80211_M_STA) {
2856 if (ic->ic_des_chan != IEEE80211_CHAN_ANYC &&
2857 ic->ic_bss->ni_chan != ic->ic_des_chan)
2858 error = ENETRESET;
2859 } else {
2860 if (ic->ic_bss->ni_chan != ic->ic_ibss_chan)
2861 error = ENETRESET;
2862 }
2863 break;
2864 }
2865 break;
2866 case SIOCG80211CHANNEL:
2867 chanreq = (struct ieee80211chanreq *)data;
2868 switch (ic->ic_state) {
2869 case IEEE80211_S_INIT:
2870 case IEEE80211_S_SCAN:
2871 if (ic->ic_opmode == IEEE80211_M_STA)
2872 chan = ic->ic_des_chan;
2873 else
2874 chan = ic->ic_ibss_chan;
2875 break;
2876 default:
2877 chan = ic->ic_curchan;
2878 break;
2879 }
2880 chanreq->i_channel = ieee80211_chan2ieee(ic, chan);
2881 break;
2882 case SIOCGIFGENERIC:
2883 error = ieee80211_cfgget(ic, cmd, data);
2884 break;
2885 case SIOCSIFGENERIC:
2886 error = kauth_authorize_network(curlwp->l_cred,
2887 KAUTH_NETWORK_INTERFACE,
2888 KAUTH_REQ_NETWORK_INTERFACE_SETPRIV, ifp, (void *)cmd,
2889 NULL);
2890 if (error)
2891 break;
2892 error = ieee80211_cfgset(ic, cmd, data);
2893 break;
2894 #ifdef COMPAT_20
2895 case OSIOCG80211STATS:
2896 case OSIOCG80211ZSTATS:
2897 ifr = (struct ifreq *)data;
2898 s = splnet();
2899 ieee80211_get_ostats(&ostats, &ic->ic_stats);
2900 error = copyout(&ostats, ifr->ifr_data, sizeof(ostats));
2901 if (error == 0 && cmd == OSIOCG80211ZSTATS)
2902 (void)memset(&ic->ic_stats, 0, sizeof(ic->ic_stats));
2903 splx(s);
2904 break;
2905 #endif /* COMPAT_20 */
2906 case SIOCG80211ZSTATS:
2907 case SIOCG80211STATS:
2908 ifr = (struct ifreq *)data;
2909 s = splnet();
2910 error = copyout(&ic->ic_stats, ifr->ifr_buf,
2911 MIN(sizeof(ic->ic_stats), ifr->ifr_buflen));
2912 if (error == 0 && cmd == SIOCG80211ZSTATS)
2913 (void)memset(&ic->ic_stats, 0, sizeof(ic->ic_stats));
2914 splx(s);
2915 break;
2916 case SIOCSIFMTU:
2917 ifr = (struct ifreq *)data;
2918 if (!(IEEE80211_MTU_MIN <= ifr->ifr_mtu &&
2919 ifr->ifr_mtu <= IEEE80211_MTU_MAX))
2920 error = EINVAL;
2921 else
2922 ifp->if_mtu = ifr->ifr_mtu;
2923 break;
2924 default:
2925 error = ether_ioctl(ifp, cmd, data);
2926 break;
2927 }
2928 return error;
2929 }
2930 #endif /* __NetBSD__ */
Cache object: c6996f6d14a563604f8d005a48bad647
|