2 * Copyright (c) 2001 Atsushi Onoe
3 * Copyright (c) 2002-2005 Sam Leffler, Errno Consulting
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 * 3. The name of the author may not be used to endorse or promote products
15 * derived from this software without specific prior written permission.
17 * Alternatively, this software may be distributed under the terms of the
18 * GNU General Public License ("GPL") version 2 as published by the Free
19 * Software Foundation.
21 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
22 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
23 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
24 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
25 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
26 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
27 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
28 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
29 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
30 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
33 #include <sys/cdefs.h>
34 __FBSDID("$FreeBSD$");
36 #include "opt_compat.h"
39 * IEEE 802.11 ioctl support (FreeBSD-specific)
45 #include <sys/endian.h>
46 #include <sys/param.h>
47 #include <sys/kernel.h>
49 #include <sys/socket.h>
50 #include <sys/sockio.h>
51 #include <sys/systm.h>
54 #include <net/if_dl.h>
55 #include <net/if_media.h>
56 #include <net/ethernet.h>
59 #include <netinet/in.h>
60 #include <netinet/if_ether.h>
64 #include <netipx/ipx.h>
65 #include <netipx/ipx_if.h>
68 #include <net80211/ieee80211_var.h>
69 #include <net80211/ieee80211_ioctl.h>
71 #include <dev/wi/if_wavelan_ieee.h>
74 (((_ic)->ic_ifp->if_flags & IFF_UP) && \
75 ((_ic)->ic_ifp->if_drv_flags & IFF_DRV_RUNNING))
76 #define IS_UP_AUTO(_ic) \
77 (IS_UP(_ic) && (_ic)->ic_roaming == IEEE80211_ROAMING_AUTO)
81 * Wireless LAN specific configuration interface, which is compatible
85 struct wi_read_ap_args {
86 int i; /* result count */
87 struct wi_apinfo *ap; /* current entry in result buffer */
88 caddr_t max; /* result buffer bound */
92 wi_read_ap_result(void *arg, struct ieee80211_node *ni)
94 struct ieee80211com *ic = ni->ni_ic;
95 struct wi_read_ap_args *sa = arg;
96 struct wi_apinfo *ap = sa->ap;
97 struct ieee80211_rateset *rs;
100 if ((caddr_t)(ap + 1) > sa->max)
102 memset(ap, 0, sizeof(struct wi_apinfo));
103 if (ic->ic_opmode == IEEE80211_M_HOSTAP) {
104 IEEE80211_ADDR_COPY(ap->bssid, ni->ni_macaddr);
105 ap->namelen = ic->ic_des_esslen;
106 if (ic->ic_des_esslen)
107 memcpy(ap->name, ic->ic_des_essid,
110 IEEE80211_ADDR_COPY(ap->bssid, ni->ni_bssid);
111 ap->namelen = ni->ni_esslen;
113 memcpy(ap->name, ni->ni_essid,
116 ap->channel = ieee80211_chan2ieee(ic, ni->ni_chan);
117 ap->signal = ic->ic_node_getrssi(ni);
118 ap->capinfo = ni->ni_capinfo;
119 ap->interval = ni->ni_intval;
121 for (j = 0; j < rs->rs_nrates; j++) {
122 if (rs->rs_rates[j] & IEEE80211_RATE_BASIC) {
123 ap->rate = (rs->rs_rates[j] &
124 IEEE80211_RATE_VAL) * 5; /* XXX */
131 struct wi_read_prism2_args {
132 int i; /* result count */
133 struct wi_scan_res *res;/* current entry in result buffer */
134 caddr_t max; /* result buffer bound */
138 wi_read_prism2_result(void *arg, struct ieee80211_node *ni)
140 struct ieee80211com *ic = ni->ni_ic;
141 struct wi_read_prism2_args *sa = arg;
142 struct wi_scan_res *res = sa->res;
144 if ((caddr_t)(res + 1) > sa->max)
146 res->wi_chan = ieee80211_chan2ieee(ic, ni->ni_chan);
148 res->wi_signal = ic->ic_node_getrssi(ni);
149 IEEE80211_ADDR_COPY(res->wi_bssid, ni->ni_bssid);
150 res->wi_interval = ni->ni_intval;
151 res->wi_capinfo = ni->ni_capinfo;
152 res->wi_ssid_len = ni->ni_esslen;
153 memcpy(res->wi_ssid, ni->ni_essid, IEEE80211_NWID_LEN);
154 /* NB: assumes wi_srates holds <= ni->ni_rates */
155 memcpy(res->wi_srates, ni->ni_rates.rs_rates,
156 sizeof(res->wi_srates));
157 if (ni->ni_rates.rs_nrates < 10)
158 res->wi_srates[ni->ni_rates.rs_nrates] = 0;
159 res->wi_rate = ni->ni_rates.rs_rates[ni->ni_txrate];
166 struct wi_read_sigcache_args {
167 int i; /* result count */
168 struct wi_sigcache *wsc;/* current entry in result buffer */
169 caddr_t max; /* result buffer bound */
173 wi_read_sigcache(void *arg, struct ieee80211_node *ni)
175 struct ieee80211com *ic = ni->ni_ic;
176 struct wi_read_sigcache_args *sa = arg;
177 struct wi_sigcache *wsc = sa->wsc;
179 if ((caddr_t)(wsc + 1) > sa->max)
181 memset(wsc, 0, sizeof(struct wi_sigcache));
182 IEEE80211_ADDR_COPY(wsc->macsrc, ni->ni_macaddr);
183 wsc->signal = ic->ic_node_getrssi(ni);
190 ieee80211_cfgget(struct ieee80211com *ic, u_long cmd, caddr_t data)
192 struct ifnet *ifp = ic->ic_ifp;
194 struct ifreq *ifr = (struct ifreq *)data;
196 struct wi_ltv_keys *keys;
198 error = copyin(ifr->ifr_data, &wreq, sizeof(wreq));
202 switch (wreq.wi_type) {
203 case WI_RID_SERIALNO:
204 /* nothing appropriate */
206 case WI_RID_NODENAME:
207 strcpy((char *)&wreq.wi_val[1], hostname);
208 wreq.wi_val[0] = htole16(strlen(hostname));
209 wreq.wi_len = (1 + strlen(hostname) + 1) / 2;
211 case WI_RID_CURRENT_SSID:
212 if (ic->ic_state != IEEE80211_S_RUN) {
217 wreq.wi_val[0] = htole16(ic->ic_bss->ni_esslen);
218 memcpy(&wreq.wi_val[1], ic->ic_bss->ni_essid,
219 ic->ic_bss->ni_esslen);
220 wreq.wi_len = (1 + ic->ic_bss->ni_esslen + 1) / 2;
222 case WI_RID_OWN_SSID:
223 case WI_RID_DESIRED_SSID:
224 wreq.wi_val[0] = htole16(ic->ic_des_esslen);
225 memcpy(&wreq.wi_val[1], ic->ic_des_essid, ic->ic_des_esslen);
226 wreq.wi_len = (1 + ic->ic_des_esslen + 1) / 2;
228 case WI_RID_CURRENT_BSSID:
229 if (ic->ic_state == IEEE80211_S_RUN)
230 IEEE80211_ADDR_COPY(wreq.wi_val, ic->ic_bss->ni_bssid);
232 memset(wreq.wi_val, 0, IEEE80211_ADDR_LEN);
233 wreq.wi_len = IEEE80211_ADDR_LEN / 2;
235 case WI_RID_CHANNEL_LIST:
236 memset(wreq.wi_val, 0, sizeof(wreq.wi_val));
238 * Since channel 0 is not available for DS, channel 1
239 * is assigned to LSB on WaveLAN.
241 if (ic->ic_phytype == IEEE80211_T_DS)
245 for (j = 0; i <= IEEE80211_CHAN_MAX; i++, j++)
246 if (isset(ic->ic_chan_active, i)) {
247 setbit((u_int8_t *)wreq.wi_val, j);
248 wreq.wi_len = j / 16 + 1;
251 case WI_RID_OWN_CHNL:
252 wreq.wi_val[0] = htole16(
253 ieee80211_chan2ieee(ic, ic->ic_ibss_chan));
256 case WI_RID_CURRENT_CHAN:
257 wreq.wi_val[0] = htole16(
258 ieee80211_chan2ieee(ic, ic->ic_curchan));
261 case WI_RID_COMMS_QUALITY:
262 wreq.wi_val[0] = 0; /* quality */
263 wreq.wi_val[1] = htole16(ic->ic_node_getrssi(ic->ic_bss));
264 wreq.wi_val[2] = 0; /* noise */
268 wreq.wi_val[0] = htole16((ifp->if_flags & IFF_PROMISC) ? 1 : 0);
271 case WI_RID_PORTTYPE:
272 wreq.wi_val[0] = htole16(ic->ic_opmode);
275 case WI_RID_MAC_NODE:
276 IEEE80211_ADDR_COPY(wreq.wi_val, ic->ic_myaddr);
277 wreq.wi_len = IEEE80211_ADDR_LEN / 2;
280 if (ic->ic_fixed_rate == IEEE80211_FIXED_RATE_NONE)
281 wreq.wi_val[0] = 0; /* auto */
283 wreq.wi_val[0] = htole16(
284 (ic->ic_sup_rates[ic->ic_curmode].rs_rates[ic->ic_fixed_rate] &
285 IEEE80211_RATE_VAL) / 2);
288 case WI_RID_CUR_TX_RATE:
289 wreq.wi_val[0] = htole16(
290 (ic->ic_bss->ni_rates.rs_rates[ic->ic_bss->ni_txrate] &
291 IEEE80211_RATE_VAL) / 2);
294 case WI_RID_RTS_THRESH:
295 wreq.wi_val[0] = htole16(ic->ic_rtsthreshold);
298 case WI_RID_CREATE_IBSS:
300 htole16((ic->ic_flags & IEEE80211_F_IBSSON) ? 1 : 0);
303 case WI_RID_MICROWAVE_OVEN:
304 wreq.wi_val[0] = 0; /* no ... not supported */
307 case WI_RID_ROAMING_MODE:
308 wreq.wi_val[0] = htole16(ic->ic_roaming); /* XXX map */
311 case WI_RID_SYSTEM_SCALE:
312 wreq.wi_val[0] = htole16(1); /* low density ... not supp */
315 case WI_RID_PM_ENABLED:
317 htole16((ic->ic_flags & IEEE80211_F_PMGTON) ? 1 : 0);
320 case WI_RID_MAX_SLEEP:
321 wreq.wi_val[0] = htole16(ic->ic_lintval);
324 case WI_RID_CUR_BEACON_INT:
325 wreq.wi_val[0] = htole16(ic->ic_bss->ni_intval);
328 case WI_RID_WEP_AVAIL:
329 wreq.wi_val[0] = htole16(1); /* always available */
332 case WI_RID_CNFAUTHMODE:
333 wreq.wi_val[0] = htole16(1); /* TODO: open system only */
336 case WI_RID_ENCRYPTION:
338 htole16((ic->ic_flags & IEEE80211_F_PRIVACY) ? 1 : 0);
341 case WI_RID_TX_CRYPT_KEY:
342 wreq.wi_val[0] = htole16(ic->ic_def_txkey);
345 case WI_RID_DEFLT_CRYPT_KEYS:
346 keys = (struct wi_ltv_keys *)&wreq;
347 /* do not show keys to non-root user */
348 error = priv_check(curthread, PRIV_NET80211_GETKEY);
350 memset(keys, 0, sizeof(*keys));
354 for (i = 0; i < IEEE80211_WEP_NKID; i++) {
355 keys->wi_keys[i].wi_keylen =
356 htole16(ic->ic_nw_keys[i].wk_keylen);
357 memcpy(keys->wi_keys[i].wi_keydat,
358 ic->ic_nw_keys[i].wk_key,
359 ic->ic_nw_keys[i].wk_keylen);
361 wreq.wi_len = sizeof(*keys) / 2;
363 case WI_RID_MAX_DATALEN:
364 wreq.wi_val[0] = htole16(ic->ic_fragthreshold);
367 case WI_RID_IFACE_STATS:
368 /* XXX: should be implemented in lower drivers */
370 case WI_RID_READ_APS:
372 * Don't return results until active scan completes.
374 if ((ic->ic_flags & (IEEE80211_F_SCAN|IEEE80211_F_ASCAN)) == 0) {
375 struct wi_read_ap_args args;
378 args.ap = (void *)((char *)wreq.wi_val + sizeof(i));
379 args.max = (void *)(&wreq + 1);
380 ieee80211_iterate_nodes(&ic->ic_scan,
381 wi_read_ap_result, &args);
382 memcpy(wreq.wi_val, &args.i, sizeof(args.i));
383 wreq.wi_len = (sizeof(int) +
384 sizeof(struct wi_apinfo) * args.i) / 2;
389 /* NB: we lie so WI_RID_SCAN_RES can include rates */
391 wreq.wi_len = sizeof(u_int16_t) / 2;
393 case WI_RID_SCAN_RES: /* compatibility interface */
394 if ((ic->ic_flags & (IEEE80211_F_SCAN|IEEE80211_F_ASCAN)) == 0) {
395 struct wi_read_prism2_args args;
396 struct wi_scan_p2_hdr *p2;
398 /* NB: use Prism2 format so we can include rate info */
399 p2 = (struct wi_scan_p2_hdr *)wreq.wi_val;
401 args.res = (void *)&p2[1];
402 args.max = (void *)(&wreq + 1);
403 ieee80211_iterate_nodes(&ic->ic_scan,
404 wi_read_prism2_result, &args);
406 p2->wi_reason = args.i;
407 wreq.wi_len = (sizeof(*p2) +
408 sizeof(struct wi_scan_res) * args.i) / 2;
412 case WI_RID_READ_CACHE: {
413 struct wi_read_sigcache_args args;
415 args.wsc = (struct wi_sigcache *) wreq.wi_val;
416 args.max = (void *)(&wreq + 1);
417 ieee80211_iterate_nodes(&ic->ic_scan, wi_read_sigcache, &args);
418 wreq.wi_len = sizeof(struct wi_sigcache) * args.i / 2;
427 error = copyout(&wreq, ifr->ifr_data, sizeof(wreq));
433 findrate(struct ieee80211com *ic, enum ieee80211_phymode mode, int rate)
435 #define IEEERATE(_ic,_m,_i) \
436 ((_ic)->ic_sup_rates[_m].rs_rates[_i] & IEEE80211_RATE_VAL)
437 int i, nrates = ic->ic_sup_rates[mode].rs_nrates;
438 for (i = 0; i < nrates; i++)
439 if (IEEERATE(ic, mode, i) == rate)
446 * Prepare to do a user-initiated scan for AP's. If no
447 * current/default channel is setup or the current channel
448 * is invalid then pick the first available channel from
449 * the active list as the place to start the scan.
452 ieee80211_setupscan(struct ieee80211com *ic, const u_int8_t chanlist[])
456 * XXX don't permit a scan to be started unless we
457 * know the device is ready. For the moment this means
458 * the device is marked up as this is the required to
459 * initialize the hardware. It would be better to permit
460 * scanning prior to being up but that'll require some
461 * changes to the infrastructure.
465 memcpy(ic->ic_chan_active, chanlist, sizeof(ic->ic_chan_active));
467 * We force the state to INIT before calling ieee80211_new_state
468 * to get ieee80211_begin_scan called. We really want to scan w/o
469 * altering the current state but that's not possible right now.
471 /* XXX handle proberequest case */
472 ic->ic_state = IEEE80211_S_INIT; /* XXX bypass state machine */
477 ieee80211_cfgset(struct ieee80211com *ic, u_long cmd, caddr_t data)
479 struct ifnet *ifp = ic->ic_ifp;
480 int i, j, len, error, rate;
481 struct ifreq *ifr = (struct ifreq *)data;
482 struct wi_ltv_keys *keys;
484 u_char chanlist[roundup(IEEE80211_CHAN_MAX, NBBY)];
486 error = copyin(ifr->ifr_data, &wreq, sizeof(wreq));
489 len = wreq.wi_len ? (wreq.wi_len - 1) * 2 : 0;
490 switch (wreq.wi_type) {
491 case WI_RID_SERIALNO:
492 case WI_RID_NODENAME:
494 case WI_RID_CURRENT_SSID:
496 case WI_RID_OWN_SSID:
497 case WI_RID_DESIRED_SSID:
498 if (le16toh(wreq.wi_val[0]) * 2 > len ||
499 le16toh(wreq.wi_val[0]) > IEEE80211_NWID_LEN) {
503 memset(ic->ic_des_essid, 0, sizeof(ic->ic_des_essid));
504 ic->ic_des_esslen = le16toh(wreq.wi_val[0]) * 2;
505 memcpy(ic->ic_des_essid, &wreq.wi_val[1], ic->ic_des_esslen);
508 case WI_RID_CURRENT_BSSID:
510 case WI_RID_OWN_CHNL:
513 i = le16toh(wreq.wi_val[0]);
515 i > IEEE80211_CHAN_MAX ||
516 isclr(ic->ic_chan_active, i))
518 ic->ic_ibss_chan = &ic->ic_channels[i];
519 if (ic->ic_opmode == IEEE80211_M_MONITOR)
520 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
524 case WI_RID_CURRENT_CHAN:
526 case WI_RID_COMMS_QUALITY:
531 if (ifp->if_flags & IFF_PROMISC) {
532 if (wreq.wi_val[0] == 0) {
533 ifp->if_flags &= ~IFF_PROMISC;
537 if (wreq.wi_val[0] != 0) {
538 ifp->if_flags |= IFF_PROMISC;
543 case WI_RID_PORTTYPE:
546 switch (le16toh(wreq.wi_val[0])) {
547 case IEEE80211_M_STA:
549 case IEEE80211_M_IBSS:
550 if (!(ic->ic_caps & IEEE80211_C_IBSS))
553 case IEEE80211_M_AHDEMO:
554 if (ic->ic_phytype != IEEE80211_T_DS ||
555 !(ic->ic_caps & IEEE80211_C_AHDEMO))
558 case IEEE80211_M_HOSTAP:
559 if (!(ic->ic_caps & IEEE80211_C_HOSTAP))
565 if (le16toh(wreq.wi_val[0]) != ic->ic_opmode) {
566 ic->ic_opmode = le16toh(wreq.wi_val[0]);
567 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
571 case WI_RID_MAC_NODE:
572 if (len != IEEE80211_ADDR_LEN)
574 IEEE80211_ADDR_COPY(LLADDR(ifp->if_sadl), wreq.wi_val);
575 /* if_init will copy lladdr into ic_myaddr */
582 if (wreq.wi_val[0] == 0) {
584 ic->ic_fixed_rate = IEEE80211_FIXED_RATE_NONE;
587 rate = 2 * le16toh(wreq.wi_val[0]);
588 if (ic->ic_curmode == IEEE80211_MODE_AUTO) {
590 * In autoselect mode search for the rate. We take
591 * the first instance which may not be right, but we
592 * are limited by the interface. Note that we also
593 * lock the mode to insure the rate is meaningful
596 for (j = IEEE80211_MODE_11A;
597 j < IEEE80211_MODE_MAX; j++) {
598 if ((ic->ic_modecaps & (1<<j)) == 0)
600 i = findrate(ic, j, rate);
608 i = findrate(ic, ic->ic_curmode, rate);
614 ic->ic_fixed_rate = i;
615 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
617 case WI_RID_CUR_TX_RATE:
619 case WI_RID_RTS_THRESH:
622 if (le16toh(wreq.wi_val[0]) != IEEE80211_MAX_LEN)
623 return EINVAL; /* TODO: RTS */
625 case WI_RID_CREATE_IBSS:
628 if (wreq.wi_val[0] != 0) {
629 if ((ic->ic_caps & IEEE80211_C_IBSS) == 0)
631 if ((ic->ic_flags & IEEE80211_F_IBSSON) == 0) {
632 ic->ic_flags |= IEEE80211_F_IBSSON;
633 if (ic->ic_opmode == IEEE80211_M_IBSS &&
634 ic->ic_state == IEEE80211_S_SCAN)
635 error = IS_UP_AUTO(ic) ? ENETRESET : 0;
638 if (ic->ic_flags & IEEE80211_F_IBSSON) {
639 ic->ic_flags &= ~IEEE80211_F_IBSSON;
640 if (ic->ic_flags & IEEE80211_F_SIBSS) {
641 ic->ic_flags &= ~IEEE80211_F_SIBSS;
642 error = IS_UP_AUTO(ic) ? ENETRESET : 0;
647 case WI_RID_MICROWAVE_OVEN:
650 if (wreq.wi_val[0] != 0)
651 return EINVAL; /* not supported */
653 case WI_RID_ROAMING_MODE:
656 i = le16toh(wreq.wi_val[0]);
657 if (i > IEEE80211_ROAMING_MANUAL)
658 return EINVAL; /* not supported */
661 case WI_RID_SYSTEM_SCALE:
664 if (le16toh(wreq.wi_val[0]) != 1)
665 return EINVAL; /* not supported */
667 case WI_RID_PM_ENABLED:
670 if (wreq.wi_val[0] != 0) {
671 if ((ic->ic_caps & IEEE80211_C_PMGT) == 0)
673 if ((ic->ic_flags & IEEE80211_F_PMGTON) == 0) {
674 ic->ic_flags |= IEEE80211_F_PMGTON;
675 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
678 if (ic->ic_flags & IEEE80211_F_PMGTON) {
679 ic->ic_flags &= ~IEEE80211_F_PMGTON;
680 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
684 case WI_RID_MAX_SLEEP:
687 ic->ic_lintval = le16toh(wreq.wi_val[0]);
688 if (ic->ic_flags & IEEE80211_F_PMGTON)
689 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
691 case WI_RID_CUR_BEACON_INT:
693 case WI_RID_WEP_AVAIL:
695 case WI_RID_CNFAUTHMODE:
698 i = le16toh(wreq.wi_val[0]);
699 if (i > IEEE80211_AUTH_WPA)
701 ic->ic_bss->ni_authmode = i; /* XXX ENETRESET? */
704 case WI_RID_ENCRYPTION:
707 if (wreq.wi_val[0] != 0) {
708 if ((ic->ic_caps & IEEE80211_C_WEP) == 0)
710 if ((ic->ic_flags & IEEE80211_F_PRIVACY) == 0) {
711 ic->ic_flags |= IEEE80211_F_PRIVACY;
715 if (ic->ic_flags & IEEE80211_F_PRIVACY) {
716 ic->ic_flags &= ~IEEE80211_F_PRIVACY;
721 case WI_RID_TX_CRYPT_KEY:
724 i = le16toh(wreq.wi_val[0]);
725 if (i >= IEEE80211_WEP_NKID)
727 ic->ic_def_txkey = i;
728 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
730 case WI_RID_DEFLT_CRYPT_KEYS:
731 if (len != sizeof(struct wi_ltv_keys))
733 keys = (struct wi_ltv_keys *)&wreq;
734 for (i = 0; i < IEEE80211_WEP_NKID; i++) {
735 len = le16toh(keys->wi_keys[i].wi_keylen);
736 if (len != 0 && len < IEEE80211_WEP_KEYLEN)
738 if (len > IEEE80211_KEYBUF_SIZE)
741 for (i = 0; i < IEEE80211_WEP_NKID; i++) {
742 struct ieee80211_key *k = &ic->ic_nw_keys[i];
744 len = le16toh(keys->wi_keys[i].wi_keylen);
746 k->wk_flags = IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV;
747 memset(k->wk_key, 0, sizeof(k->wk_key));
748 memcpy(k->wk_key, keys->wi_keys[i].wi_keydat, len);
750 k->wk_type = IEEE80211_CIPHER_WEP;
755 case WI_RID_MAX_DATALEN:
758 len = le16toh(wreq.wi_val[0]);
759 if (len < 350 /* ? */ || len > IEEE80211_MAX_LEN)
761 ic->ic_fragthreshold = len;
762 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
764 case WI_RID_IFACE_STATS:
767 case WI_RID_SCAN_REQ: /* XXX wicontrol */
768 if (ic->ic_opmode == IEEE80211_M_HOSTAP)
770 error = ieee80211_setupscan(ic, ic->ic_chan_avail);
772 error = ieee80211_new_state(ic, IEEE80211_S_SCAN, -1);
774 case WI_RID_SCAN_APS:
775 if (ic->ic_opmode == IEEE80211_M_HOSTAP)
777 len--; /* XXX: tx rate? */
779 case WI_RID_CHANNEL_LIST:
780 memset(chanlist, 0, sizeof(chanlist));
782 * Since channel 0 is not available for DS, channel 1
783 * is assigned to LSB on WaveLAN.
785 if (ic->ic_phytype == IEEE80211_T_DS)
789 for (j = 0; i <= IEEE80211_CHAN_MAX; i++, j++) {
792 if (isclr((u_int8_t *)wreq.wi_val, j))
794 if (isclr(ic->ic_chan_active, i)) {
795 if (wreq.wi_type != WI_RID_CHANNEL_LIST)
797 if (isclr(ic->ic_chan_avail, i))
802 error = ieee80211_setupscan(ic, chanlist);
803 if (wreq.wi_type == WI_RID_CHANNEL_LIST) {
804 /* NB: ignore error from ieee80211_setupscan */
806 } else if (error == 0)
807 error = ieee80211_new_state(ic, IEEE80211_S_SCAN, -1);
813 if (error == ENETRESET && !IS_UP_AUTO(ic))
822 case IEEE80211_C_WEP: return IEEE80211_CIPHER_WEP;
823 case IEEE80211_C_AES: return IEEE80211_CIPHER_AES_OCB;
824 case IEEE80211_C_AES_CCM: return IEEE80211_CIPHER_AES_CCM;
825 case IEEE80211_C_CKIP: return IEEE80211_CIPHER_CKIP;
826 case IEEE80211_C_TKIP: return IEEE80211_CIPHER_TKIP;
832 ieee80211_ioctl_getkey(struct ieee80211com *ic, struct ieee80211req *ireq)
834 struct ieee80211_node *ni;
835 struct ieee80211req_key ik;
836 struct ieee80211_key *wk;
837 const struct ieee80211_cipher *cip;
841 if (ireq->i_len != sizeof(ik))
843 error = copyin(ireq->i_data, &ik, sizeof(ik));
847 if (kid == IEEE80211_KEYIX_NONE) {
848 ni = ieee80211_find_node(&ic->ic_sta, ik.ik_macaddr);
850 return EINVAL; /* XXX */
851 wk = &ni->ni_ucastkey;
853 if (kid >= IEEE80211_WEP_NKID)
855 wk = &ic->ic_nw_keys[kid];
856 IEEE80211_ADDR_COPY(&ik.ik_macaddr, ic->ic_bss->ni_macaddr);
860 ik.ik_type = cip->ic_cipher;
861 ik.ik_keylen = wk->wk_keylen;
862 ik.ik_flags = wk->wk_flags & (IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV);
863 if (wk->wk_keyix == ic->ic_def_txkey)
864 ik.ik_flags |= IEEE80211_KEY_DEFAULT;
865 if (priv_check(curthread, PRIV_NET80211_GETKEY) == 0) {
866 /* NB: only root can read key data */
867 ik.ik_keyrsc = wk->wk_keyrsc;
868 ik.ik_keytsc = wk->wk_keytsc;
869 memcpy(ik.ik_keydata, wk->wk_key, wk->wk_keylen);
870 if (cip->ic_cipher == IEEE80211_CIPHER_TKIP) {
871 memcpy(ik.ik_keydata+wk->wk_keylen,
872 wk->wk_key + IEEE80211_KEYBUF_SIZE,
873 IEEE80211_MICBUF_SIZE);
874 ik.ik_keylen += IEEE80211_MICBUF_SIZE;
879 memset(ik.ik_keydata, 0, sizeof(ik.ik_keydata));
882 ieee80211_free_node(ni);
883 return copyout(&ik, ireq->i_data, sizeof(ik));
887 ieee80211_ioctl_getchanlist(struct ieee80211com *ic, struct ieee80211req *ireq)
890 if (sizeof(ic->ic_chan_active) < ireq->i_len)
891 ireq->i_len = sizeof(ic->ic_chan_active);
892 return copyout(&ic->ic_chan_active, ireq->i_data, ireq->i_len);
896 ieee80211_ioctl_getchaninfo(struct ieee80211com *ic, struct ieee80211req *ireq)
898 struct ieee80211req_chaninfo chans; /* XXX off stack? */
902 * Since channel 0 is not available for DS, channel 1
903 * is assigned to LSB on WaveLAN.
905 if (ic->ic_phytype == IEEE80211_T_DS)
909 memset(&chans, 0, sizeof(chans));
910 for (; i <= IEEE80211_CHAN_MAX; i++)
911 if (isset(ic->ic_chan_avail, i)) {
912 struct ieee80211_channel *c = &ic->ic_channels[i];
913 chans.ic_chans[chans.ic_nchans].ic_freq = c->ic_freq;
914 chans.ic_chans[chans.ic_nchans].ic_flags = c->ic_flags;
917 space = __offsetof(struct ieee80211req_chaninfo,
918 ic_chans[chans.ic_nchans]);
919 if (space > ireq->i_len)
921 return copyout(&chans, ireq->i_data, space);
925 ieee80211_ioctl_getwpaie(struct ieee80211com *ic, struct ieee80211req *ireq)
927 struct ieee80211_node *ni;
928 struct ieee80211req_wpaie wpaie;
931 if (ireq->i_len < IEEE80211_ADDR_LEN)
933 error = copyin(ireq->i_data, wpaie.wpa_macaddr, IEEE80211_ADDR_LEN);
936 ni = ieee80211_find_node(&ic->ic_sta, wpaie.wpa_macaddr);
938 return EINVAL; /* XXX */
939 memset(wpaie.wpa_ie, 0, sizeof(wpaie.wpa_ie));
940 if (ni->ni_wpa_ie != NULL) {
941 int ielen = ni->ni_wpa_ie[1] + 2;
942 if (ielen > sizeof(wpaie.wpa_ie))
943 ielen = sizeof(wpaie.wpa_ie);
944 memcpy(wpaie.wpa_ie, ni->ni_wpa_ie, ielen);
946 ieee80211_free_node(ni);
947 if (ireq->i_len > sizeof(wpaie))
948 ireq->i_len = sizeof(wpaie);
949 return copyout(&wpaie, ireq->i_data, ireq->i_len);
953 ieee80211_ioctl_getstastats(struct ieee80211com *ic, struct ieee80211req *ireq)
955 struct ieee80211_node *ni;
956 u_int8_t macaddr[IEEE80211_ADDR_LEN];
957 const int off = __offsetof(struct ieee80211req_sta_stats, is_stats);
960 if (ireq->i_len < off)
962 error = copyin(ireq->i_data, macaddr, IEEE80211_ADDR_LEN);
965 ni = ieee80211_find_node(&ic->ic_sta, macaddr);
967 /* XXX special-case sta-mode until bss is node in ic_sta */
968 if (ic->ic_opmode != IEEE80211_M_STA)
970 ni = ieee80211_ref_node(ic->ic_bss);
972 if (ireq->i_len > sizeof(struct ieee80211req_sta_stats))
973 ireq->i_len = sizeof(struct ieee80211req_sta_stats);
974 /* NB: copy out only the statistics */
975 error = copyout(&ni->ni_stats, (u_int8_t *) ireq->i_data + off,
977 ieee80211_free_node(ni);
981 #ifdef COMPAT_FREEBSD6
982 #define IEEE80211_IOC_SCAN_RESULTS_OLD 24
984 struct scan_result_old {
985 u_int16_t isr_len; /* length (mult of 4) */
986 u_int16_t isr_freq; /* MHz */
987 u_int16_t isr_flags; /* channel flags */
990 u_int8_t isr_intval; /* beacon interval */
991 u_int8_t isr_capinfo; /* capabilities */
992 u_int8_t isr_erp; /* ERP element */
993 u_int8_t isr_bssid[IEEE80211_ADDR_LEN];
995 u_int8_t isr_rates[IEEE80211_RATE_MAXSIZE];
996 u_int8_t isr_ssid_len; /* SSID length */
997 u_int8_t isr_ie_len; /* IE length */
999 /* variable length SSID followed by IE data */
1003 old_get_scan_result(struct scan_result_old *sr,
1004 const struct ieee80211_node *ni)
1006 struct ieee80211com *ic = ni->ni_ic;
1009 memset(sr, 0, sizeof(*sr));
1010 sr->isr_ssid_len = ni->ni_esslen;
1012 if (ni->ni_wpa_ie != NULL)
1013 ielen += 2+ni->ni_wpa_ie[1];
1014 if (ni->ni_wme_ie != NULL)
1015 ielen += 2+ni->ni_wme_ie[1];
1016 /* NB: beware of overflow, isr_ie_len is 8 bits */
1017 sr->isr_ie_len = (ielen > 255 ? 0 : ielen);
1018 sr->isr_len = sizeof(*sr) + sr->isr_ssid_len + sr->isr_ie_len;
1019 sr->isr_len = roundup(sr->isr_len, sizeof(u_int32_t));
1020 if (ni->ni_chan != IEEE80211_CHAN_ANYC) {
1021 sr->isr_freq = ni->ni_chan->ic_freq;
1022 sr->isr_flags = ni->ni_chan->ic_flags;
1024 sr->isr_rssi = ic->ic_node_getrssi(ni);
1025 sr->isr_intval = ni->ni_intval;
1026 sr->isr_capinfo = ni->ni_capinfo;
1027 sr->isr_erp = ni->ni_erp;
1028 IEEE80211_ADDR_COPY(sr->isr_bssid, ni->ni_bssid);
1029 sr->isr_nrates = ni->ni_rates.rs_nrates;
1030 if (sr->isr_nrates > 15)
1031 sr->isr_nrates = 15;
1032 memcpy(sr->isr_rates, ni->ni_rates.rs_rates, sr->isr_nrates);
1036 old_getscanresults(struct ieee80211com *ic, struct ieee80211req *ireq)
1039 struct scan_result_old res;
1040 char data[512]; /* XXX shrink? */
1042 struct scan_result_old *sr = &u.res;
1043 struct ieee80211_node_table *nt;
1044 struct ieee80211_node *ni;
1049 space = ireq->i_len;
1053 TAILQ_FOREACH(ni, &nt->nt_node, ni_list) {
1054 /* NB: skip pre-scan node state */
1055 if (ni->ni_chan == IEEE80211_CHAN_ANYC)
1057 old_get_scan_result(sr, ni);
1058 if (sr->isr_len > sizeof(u))
1060 if (space < sr->isr_len)
1062 cp = (u_int8_t *)(sr+1);
1063 memcpy(cp, ni->ni_essid, ni->ni_esslen);
1064 cp += ni->ni_esslen;
1065 if (sr->isr_ie_len) {
1066 if (ni->ni_wpa_ie != NULL) {
1067 memcpy(cp, ni->ni_wpa_ie, 2+ni->ni_wpa_ie[1]);
1068 cp += 2+ni->ni_wpa_ie[1];
1070 if (ni->ni_wme_ie != NULL) {
1071 memcpy(cp, ni->ni_wme_ie, 2+ni->ni_wme_ie[1]);
1072 cp += 2+ni->ni_wme_ie[1];
1075 error = copyout(sr, p, sr->isr_len);
1079 space -= sr->isr_len;
1081 ireq->i_len -= space;
1084 #endif /* COMPAT_FREEBSD6 */
1086 struct scanresultsreq {
1087 struct ieee80211req_scan_result *sr;
1092 scan_space(const struct ieee80211_node *ni, size_t *ielen)
1097 if (ni->ni_wpa_ie != NULL)
1098 *ielen += 2+ni->ni_wpa_ie[1];
1099 if (ni->ni_wme_ie != NULL)
1100 *ielen += 2+ni->ni_wme_ie[1];
1102 * NB: ie's can be no more than 255 bytes and the max 802.11
1103 * packet is <3Kbytes so we are sure this doesn't overflow
1104 * 16-bits; if this is a concern we can drop the ie's.
1106 len = sizeof(struct ieee80211req_scan_result) + ni->ni_esslen + *ielen;
1107 return roundup(len, sizeof(u_int32_t));
1111 get_scan_space(void *arg, struct ieee80211_node *ni)
1113 struct scanresultsreq *req = arg;
1116 req->space += scan_space(ni, &ielen);
1120 get_scan_result(void *arg, struct ieee80211_node *ni)
1122 struct scanresultsreq *req = arg;
1123 struct ieee80211com *ic = ni->ni_ic;
1124 struct ieee80211req_scan_result *sr;
1128 len = scan_space(ni, &ielen);
1129 if (len > req->space)
1132 KASSERT(len <= 65535 && ielen <= 65535,
1133 ("len %zu ssid %u ie %zu", len, ni->ni_esslen, ielen));
1135 sr->isr_ssid_len = ni->ni_esslen;
1136 sr->isr_ie_len = ielen;
1137 if (ni->ni_chan != IEEE80211_CHAN_ANYC) {
1138 sr->isr_freq = ni->ni_chan->ic_freq;
1139 sr->isr_flags = ni->ni_chan->ic_flags;
1141 /* XXX need to rev driver apis for signal data */
1142 sr->isr_rssi = (int8_t) ic->ic_node_getrssi(ni);
1143 sr->isr_intval = ni->ni_intval;
1144 sr->isr_capinfo = ni->ni_capinfo;
1145 sr->isr_erp = ni->ni_erp;
1146 IEEE80211_ADDR_COPY(sr->isr_bssid, ni->ni_bssid);
1147 sr->isr_nrates = ni->ni_rates.rs_nrates;
1148 if (sr->isr_nrates > 15)
1149 sr->isr_nrates = 15;
1150 memcpy(sr->isr_rates, ni->ni_rates.rs_rates, sr->isr_nrates);
1151 cp = (u_int8_t *)(sr+1);
1152 memcpy(cp, ni->ni_essid, ni->ni_esslen);
1153 cp += ni->ni_esslen;
1154 if (sr->isr_ie_len) {
1155 if (ni->ni_wpa_ie != NULL) {
1156 memcpy(cp, ni->ni_wpa_ie, 2+ni->ni_wpa_ie[1]);
1157 cp += 2+ni->ni_wpa_ie[1];
1159 if (ni->ni_wme_ie != NULL) {
1160 memcpy(cp, ni->ni_wme_ie, 2+ni->ni_wme_ie[1]);
1161 cp += 2+ni->ni_wme_ie[1];
1165 req->sr = (struct ieee80211req_scan_result *)(((u_int8_t *)sr) + len);
1170 ieee80211_ioctl_getscanresults(struct ieee80211com *ic, struct ieee80211req *ireq)
1172 struct scanresultsreq req;
1175 if (ireq->i_len < sizeof(struct scanresultsreq))
1180 ieee80211_iterate_nodes(&ic->ic_scan, get_scan_space, &req);
1181 if (req.space > ireq->i_len)
1182 req.space = ireq->i_len;
1183 if (req.space > 0) {
1188 /* XXX M_WAITOK after driver lock released */
1189 MALLOC(p, void *, space, M_TEMP, M_NOWAIT | M_ZERO);
1193 ieee80211_iterate_nodes(&ic->ic_scan, get_scan_result, &req);
1194 ireq->i_len = space - req.space;
1195 error = copyout(p, ireq->i_data, ireq->i_len);
1204 struct ieee80211com *ic;
1205 struct ieee80211req_sta_info *si;
1210 sta_space(const struct ieee80211_node *ni, size_t *ielen)
1213 if (ni->ni_wpa_ie != NULL)
1214 *ielen += 2+ni->ni_wpa_ie[1];
1215 if (ni->ni_wme_ie != NULL)
1216 *ielen += 2+ni->ni_wme_ie[1];
1217 return roundup(sizeof(struct ieee80211req_sta_info) + *ielen,
1222 get_sta_space(void *arg, struct ieee80211_node *ni)
1224 struct stainforeq *req = arg;
1225 struct ieee80211com *ic = ni->ni_ic;
1228 if (ic->ic_opmode == IEEE80211_M_HOSTAP &&
1229 ni->ni_associd == 0) /* only associated stations */
1231 req->space += sta_space(ni, &ielen);
1235 get_sta_info(void *arg, struct ieee80211_node *ni)
1237 struct stainforeq *req = arg;
1238 struct ieee80211com *ic = ni->ni_ic;
1239 struct ieee80211req_sta_info *si;
1243 if (ic->ic_opmode == IEEE80211_M_HOSTAP &&
1244 ni->ni_associd == 0) /* only associated stations */
1246 if (ni->ni_chan == IEEE80211_CHAN_ANYC) /* XXX bogus entry */
1248 len = sta_space(ni, &ielen);
1249 if (len > req->space)
1252 KASSERT(len <= 65535 && ielen <= 65535, ("len %zu ie %zu", len, ielen));
1254 si->isi_ie_len = ielen;
1255 si->isi_freq = ni->ni_chan->ic_freq;
1256 si->isi_flags = ni->ni_chan->ic_flags;
1257 si->isi_state = ni->ni_flags;
1258 si->isi_authmode = ni->ni_authmode;
1259 si->isi_rssi = ic->ic_node_getrssi(ni);
1260 si->isi_noise = 0; /* XXX */
1261 si->isi_capinfo = ni->ni_capinfo;
1262 si->isi_erp = ni->ni_erp;
1263 IEEE80211_ADDR_COPY(si->isi_macaddr, ni->ni_macaddr);
1264 si->isi_nrates = ni->ni_rates.rs_nrates;
1265 if (si->isi_nrates > 15)
1266 si->isi_nrates = 15;
1267 memcpy(si->isi_rates, ni->ni_rates.rs_rates, si->isi_nrates);
1268 si->isi_txrate = ni->ni_txrate;
1269 si->isi_associd = ni->ni_associd;
1270 si->isi_txpower = ni->ni_txpower;
1271 si->isi_vlan = ni->ni_vlan;
1272 if (ni->ni_flags & IEEE80211_NODE_QOS) {
1273 memcpy(si->isi_txseqs, ni->ni_txseqs, sizeof(ni->ni_txseqs));
1274 memcpy(si->isi_rxseqs, ni->ni_rxseqs, sizeof(ni->ni_rxseqs));
1276 si->isi_txseqs[0] = ni->ni_txseqs[0];
1277 si->isi_rxseqs[0] = ni->ni_rxseqs[0];
1279 /* NB: leave all cases in case we relax ni_associd == 0 check */
1280 if (ieee80211_node_is_authorized(ni))
1281 si->isi_inact = ic->ic_inact_run;
1282 else if (ni->ni_associd != 0)
1283 si->isi_inact = ic->ic_inact_auth;
1285 si->isi_inact = ic->ic_inact_init;
1286 si->isi_inact = (si->isi_inact - ni->ni_inact) * IEEE80211_INACT_WAIT;
1288 cp = (u_int8_t *)(si+1);
1289 if (ni->ni_wpa_ie != NULL) {
1290 memcpy(cp, ni->ni_wpa_ie, 2+ni->ni_wpa_ie[1]);
1291 cp += 2+ni->ni_wpa_ie[1];
1293 if (ni->ni_wme_ie != NULL) {
1294 memcpy(cp, ni->ni_wme_ie, 2+ni->ni_wme_ie[1]);
1295 cp += 2+ni->ni_wme_ie[1];
1298 req->si = (struct ieee80211req_sta_info *)(((u_int8_t *)si) + len);
1303 getstainfo_common(struct ieee80211com *ic, struct ieee80211req *ireq,
1304 struct ieee80211_node *ni, int off)
1306 struct stainforeq req;
1314 ieee80211_iterate_nodes(&ic->ic_sta, get_sta_space, &req);
1316 get_sta_space(&req, ni);
1317 if (req.space > ireq->i_len)
1318 req.space = ireq->i_len;
1319 if (req.space > 0) {
1321 /* XXX M_WAITOK after driver lock released */
1322 MALLOC(p, void *, space, M_TEMP, M_NOWAIT);
1329 ieee80211_iterate_nodes(&ic->ic_sta, get_sta_info, &req);
1331 get_sta_info(&req, ni);
1332 ireq->i_len = space - req.space;
1333 error = copyout(p, (u_int8_t *) ireq->i_data+off, ireq->i_len);
1339 ieee80211_free_node(ni);
1344 ieee80211_ioctl_getstainfo(struct ieee80211com *ic, struct ieee80211req *ireq)
1346 u_int8_t macaddr[IEEE80211_ADDR_LEN];
1347 const int off = __offsetof(struct ieee80211req_sta_req, info);
1348 struct ieee80211_node *ni;
1351 if (ireq->i_len < sizeof(struct ieee80211req_sta_req))
1353 error = copyin(ireq->i_data, macaddr, IEEE80211_ADDR_LEN);
1356 if (IEEE80211_ADDR_EQ(macaddr, ic->ic_ifp->if_broadcastaddr)) {
1359 ni = ieee80211_find_node(&ic->ic_sta, macaddr);
1361 /* XXX special-case sta-mode until bss is in ic_sta */
1362 if (ic->ic_opmode != IEEE80211_M_STA)
1363 return EINVAL; /* XXX */
1364 ni = ieee80211_ref_node(ic->ic_bss);
1367 return getstainfo_common(ic, ireq, ni, off);
1370 #ifdef COMPAT_FREEBSD6
1371 #define IEEE80211_IOC_STA_INFO_OLD 45
1374 old_getstainfo(struct ieee80211com *ic, struct ieee80211req *ireq)
1376 if (ireq->i_len < sizeof(struct ieee80211req_sta_info))
1378 return getstainfo_common(ic, ireq, NULL, 0);
1380 #endif /* COMPAT_FREEBSD6 */
1383 ieee80211_ioctl_getstatxpow(struct ieee80211com *ic, struct ieee80211req *ireq)
1385 struct ieee80211_node *ni;
1386 struct ieee80211req_sta_txpow txpow;
1389 if (ireq->i_len != sizeof(txpow))
1391 error = copyin(ireq->i_data, &txpow, sizeof(txpow));
1394 ni = ieee80211_find_node(&ic->ic_sta, txpow.it_macaddr);
1396 return EINVAL; /* XXX */
1397 txpow.it_txpow = ni->ni_txpower;
1398 error = copyout(&txpow, ireq->i_data, sizeof(txpow));
1399 ieee80211_free_node(ni);
1404 ieee80211_ioctl_getwmeparam(struct ieee80211com *ic, struct ieee80211req *ireq)
1406 struct ieee80211_wme_state *wme = &ic->ic_wme;
1407 struct wmeParams *wmep;
1410 if ((ic->ic_caps & IEEE80211_C_WME) == 0)
1413 ac = (ireq->i_len & IEEE80211_WMEPARAM_VAL);
1414 if (ac >= WME_NUM_AC)
1416 if (ireq->i_len & IEEE80211_WMEPARAM_BSS)
1417 wmep = &wme->wme_wmeBssChanParams.cap_wmeParams[ac];
1419 wmep = &wme->wme_wmeChanParams.cap_wmeParams[ac];
1420 switch (ireq->i_type) {
1421 case IEEE80211_IOC_WME_CWMIN: /* WME: CWmin */
1422 ireq->i_val = wmep->wmep_logcwmin;
1424 case IEEE80211_IOC_WME_CWMAX: /* WME: CWmax */
1425 ireq->i_val = wmep->wmep_logcwmax;
1427 case IEEE80211_IOC_WME_AIFS: /* WME: AIFS */
1428 ireq->i_val = wmep->wmep_aifsn;
1430 case IEEE80211_IOC_WME_TXOPLIMIT: /* WME: txops limit */
1431 ireq->i_val = wmep->wmep_txopLimit;
1433 case IEEE80211_IOC_WME_ACM: /* WME: ACM (bss only) */
1434 wmep = &wme->wme_wmeBssChanParams.cap_wmeParams[ac];
1435 ireq->i_val = wmep->wmep_acm;
1437 case IEEE80211_IOC_WME_ACKPOLICY: /* WME: ACK policy (!bss only)*/
1438 wmep = &wme->wme_wmeChanParams.cap_wmeParams[ac];
1439 ireq->i_val = !wmep->wmep_noackPolicy;
1446 ieee80211_ioctl_getmaccmd(struct ieee80211com *ic, struct ieee80211req *ireq)
1448 const struct ieee80211_aclator *acl = ic->ic_acl;
1450 return (acl == NULL ? EINVAL : acl->iac_getioctl(ic, ireq));
1454 * When building the kernel with -O2 on the i386 architecture, gcc
1455 * seems to want to inline this function into ieee80211_ioctl()
1456 * (which is the only routine that calls it). When this happens,
1457 * ieee80211_ioctl() ends up consuming an additional 2K of stack
1458 * space. (Exactly why it needs so much is unclear.) The problem
1459 * is that it's possible for ieee80211_ioctl() to invoke other
1460 * routines (including driver init functions) which could then find
1461 * themselves perilously close to exhausting the stack.
1463 * To avoid this, we deliberately prevent gcc from inlining this
1464 * routine. Another way to avoid this is to use less agressive
1465 * optimization when compiling this file (i.e. -O instead of -O2)
1466 * but special-casing the compilation of this one module in the
1467 * build system would be awkward.
1470 __attribute__ ((noinline))
1473 ieee80211_ioctl_get80211(struct ieee80211com *ic, u_long cmd, struct ieee80211req *ireq)
1475 const struct ieee80211_rsnparms *rsn = &ic->ic_bss->ni_rsn;
1478 u_int8_t tmpkey[IEEE80211_KEYBUF_SIZE];
1479 char tmpssid[IEEE80211_NWID_LEN];
1481 switch (ireq->i_type) {
1482 case IEEE80211_IOC_SSID:
1483 switch (ic->ic_state) {
1484 case IEEE80211_S_INIT:
1485 case IEEE80211_S_SCAN:
1486 ireq->i_len = ic->ic_des_esslen;
1487 memcpy(tmpssid, ic->ic_des_essid, ireq->i_len);
1490 ireq->i_len = ic->ic_bss->ni_esslen;
1491 memcpy(tmpssid, ic->ic_bss->ni_essid,
1495 error = copyout(tmpssid, ireq->i_data, ireq->i_len);
1497 case IEEE80211_IOC_NUMSSIDS:
1500 case IEEE80211_IOC_WEP:
1501 if ((ic->ic_flags & IEEE80211_F_PRIVACY) == 0)
1502 ireq->i_val = IEEE80211_WEP_OFF;
1503 else if (ic->ic_flags & IEEE80211_F_DROPUNENC)
1504 ireq->i_val = IEEE80211_WEP_ON;
1506 ireq->i_val = IEEE80211_WEP_MIXED;
1508 case IEEE80211_IOC_WEPKEY:
1509 kid = (u_int) ireq->i_val;
1510 if (kid >= IEEE80211_WEP_NKID)
1512 len = (u_int) ic->ic_nw_keys[kid].wk_keylen;
1513 /* NB: only root can read WEP keys */
1514 if (priv_check(curthread, PRIV_NET80211_GETKEY) == 0) {
1515 bcopy(ic->ic_nw_keys[kid].wk_key, tmpkey, len);
1520 error = copyout(tmpkey, ireq->i_data, len);
1522 case IEEE80211_IOC_NUMWEPKEYS:
1523 ireq->i_val = IEEE80211_WEP_NKID;
1525 case IEEE80211_IOC_WEPTXKEY:
1526 ireq->i_val = ic->ic_def_txkey;
1528 case IEEE80211_IOC_AUTHMODE:
1529 if (ic->ic_flags & IEEE80211_F_WPA)
1530 ireq->i_val = IEEE80211_AUTH_WPA;
1532 ireq->i_val = ic->ic_bss->ni_authmode;
1534 case IEEE80211_IOC_CHANNEL:
1535 ireq->i_val = ieee80211_chan2ieee(ic, ic->ic_curchan);
1537 case IEEE80211_IOC_POWERSAVE:
1538 if (ic->ic_flags & IEEE80211_F_PMGTON)
1539 ireq->i_val = IEEE80211_POWERSAVE_ON;
1541 ireq->i_val = IEEE80211_POWERSAVE_OFF;
1543 case IEEE80211_IOC_POWERSAVESLEEP:
1544 ireq->i_val = ic->ic_lintval;
1546 case IEEE80211_IOC_RTSTHRESHOLD:
1547 ireq->i_val = ic->ic_rtsthreshold;
1549 case IEEE80211_IOC_PROTMODE:
1550 ireq->i_val = ic->ic_protmode;
1552 case IEEE80211_IOC_TXPOWER:
1553 if ((ic->ic_caps & IEEE80211_C_TXPMGT) == 0)
1555 ireq->i_val = ic->ic_txpowlimit;
1557 case IEEE80211_IOC_MCASTCIPHER:
1558 ireq->i_val = rsn->rsn_mcastcipher;
1560 case IEEE80211_IOC_MCASTKEYLEN:
1561 ireq->i_val = rsn->rsn_mcastkeylen;
1563 case IEEE80211_IOC_UCASTCIPHERS:
1565 for (m = 0x1; m != 0; m <<= 1)
1566 if (rsn->rsn_ucastcipherset & m)
1567 ireq->i_val |= 1<<cap2cipher(m);
1569 case IEEE80211_IOC_UCASTCIPHER:
1570 ireq->i_val = rsn->rsn_ucastcipher;
1572 case IEEE80211_IOC_UCASTKEYLEN:
1573 ireq->i_val = rsn->rsn_ucastkeylen;
1575 case IEEE80211_IOC_KEYMGTALGS:
1576 ireq->i_val = rsn->rsn_keymgmtset;
1578 case IEEE80211_IOC_RSNCAPS:
1579 ireq->i_val = rsn->rsn_caps;
1581 case IEEE80211_IOC_WPA:
1582 switch (ic->ic_flags & IEEE80211_F_WPA) {
1583 case IEEE80211_F_WPA1:
1586 case IEEE80211_F_WPA2:
1589 case IEEE80211_F_WPA1 | IEEE80211_F_WPA2:
1597 case IEEE80211_IOC_CHANLIST:
1598 error = ieee80211_ioctl_getchanlist(ic, ireq);
1600 case IEEE80211_IOC_ROAMING:
1601 ireq->i_val = ic->ic_roaming;
1603 case IEEE80211_IOC_PRIVACY:
1604 ireq->i_val = (ic->ic_flags & IEEE80211_F_PRIVACY) != 0;
1606 case IEEE80211_IOC_DROPUNENCRYPTED:
1607 ireq->i_val = (ic->ic_flags & IEEE80211_F_DROPUNENC) != 0;
1609 case IEEE80211_IOC_COUNTERMEASURES:
1610 ireq->i_val = (ic->ic_flags & IEEE80211_F_COUNTERM) != 0;
1612 case IEEE80211_IOC_DRIVER_CAPS:
1613 ireq->i_val = ic->ic_caps>>16;
1614 ireq->i_len = ic->ic_caps&0xffff;
1616 case IEEE80211_IOC_WME:
1617 ireq->i_val = (ic->ic_flags & IEEE80211_F_WME) != 0;
1619 case IEEE80211_IOC_HIDESSID:
1620 ireq->i_val = (ic->ic_flags & IEEE80211_F_HIDESSID) != 0;
1622 case IEEE80211_IOC_APBRIDGE:
1623 ireq->i_val = (ic->ic_flags & IEEE80211_F_NOBRIDGE) == 0;
1625 case IEEE80211_IOC_OPTIE:
1626 if (ic->ic_opt_ie == NULL)
1628 /* NB: truncate, caller can check length */
1629 if (ireq->i_len > ic->ic_opt_ie_len)
1630 ireq->i_len = ic->ic_opt_ie_len;
1631 error = copyout(ic->ic_opt_ie, ireq->i_data, ireq->i_len);
1633 case IEEE80211_IOC_WPAKEY:
1634 error = ieee80211_ioctl_getkey(ic, ireq);
1636 case IEEE80211_IOC_CHANINFO:
1637 error = ieee80211_ioctl_getchaninfo(ic, ireq);
1639 case IEEE80211_IOC_BSSID:
1640 if (ireq->i_len != IEEE80211_ADDR_LEN)
1642 error = copyout(ic->ic_state == IEEE80211_S_RUN ?
1643 ic->ic_bss->ni_bssid :
1645 ireq->i_data, ireq->i_len);
1647 case IEEE80211_IOC_WPAIE:
1648 error = ieee80211_ioctl_getwpaie(ic, ireq);
1650 #ifdef COMPAT_FREEBSD6
1651 case IEEE80211_IOC_SCAN_RESULTS_OLD:
1652 error = old_getscanresults(ic, ireq);
1655 case IEEE80211_IOC_SCAN_RESULTS:
1656 error = ieee80211_ioctl_getscanresults(ic, ireq);
1658 case IEEE80211_IOC_STA_STATS:
1659 error = ieee80211_ioctl_getstastats(ic, ireq);
1661 case IEEE80211_IOC_TXPOWMAX:
1662 ireq->i_val = ic->ic_bss->ni_txpower;
1664 case IEEE80211_IOC_STA_TXPOW:
1665 error = ieee80211_ioctl_getstatxpow(ic, ireq);
1667 #ifdef COMPAT_FREEBSD6
1668 case IEEE80211_IOC_STA_INFO_OLD:
1669 error = old_getstainfo(ic, ireq);
1672 case IEEE80211_IOC_STA_INFO:
1673 error = ieee80211_ioctl_getstainfo(ic, ireq);
1675 case IEEE80211_IOC_WME_CWMIN: /* WME: CWmin */
1676 case IEEE80211_IOC_WME_CWMAX: /* WME: CWmax */
1677 case IEEE80211_IOC_WME_AIFS: /* WME: AIFS */
1678 case IEEE80211_IOC_WME_TXOPLIMIT: /* WME: txops limit */
1679 case IEEE80211_IOC_WME_ACM: /* WME: ACM (bss only) */
1680 case IEEE80211_IOC_WME_ACKPOLICY: /* WME: ACK policy (bss only) */
1681 error = ieee80211_ioctl_getwmeparam(ic, ireq);
1683 case IEEE80211_IOC_DTIM_PERIOD:
1684 ireq->i_val = ic->ic_dtim_period;
1686 case IEEE80211_IOC_BEACON_INTERVAL:
1687 /* NB: get from ic_bss for station mode */
1688 ireq->i_val = ic->ic_bss->ni_intval;
1690 case IEEE80211_IOC_PUREG:
1691 ireq->i_val = (ic->ic_flags & IEEE80211_F_PUREG) != 0;
1693 case IEEE80211_IOC_MCAST_RATE:
1694 ireq->i_val = ic->ic_mcast_rate;
1696 case IEEE80211_IOC_FRAGTHRESHOLD:
1697 ireq->i_val = ic->ic_fragthreshold;
1699 case IEEE80211_IOC_MACCMD:
1700 error = ieee80211_ioctl_getmaccmd(ic, ireq);
1702 case IEEE80211_IOC_BURST:
1703 ireq->i_val = (ic->ic_flags & IEEE80211_F_BURST) != 0;
1705 case IEEE80211_IOC_BMISSTHRESHOLD:
1706 ireq->i_val = ic->ic_bmissthreshold;
1716 ieee80211_ioctl_setoptie(struct ieee80211com *ic, struct ieee80211req *ireq)
1722 * NB: Doing this for ap operation could be useful (e.g. for
1723 * WPA and/or WME) except that it typically is worthless
1724 * without being able to intervene when processing
1725 * association response frames--so disallow it for now.
1727 if (ic->ic_opmode != IEEE80211_M_STA)
1729 if (ireq->i_len > IEEE80211_MAX_OPT_IE)
1731 if (ireq->i_len > 0) {
1732 MALLOC(ie, void *, ireq->i_len, M_DEVBUF, M_NOWAIT);
1735 error = copyin(ireq->i_data, ie, ireq->i_len);
1744 /* XXX sanity check data? */
1745 oie = ic->ic_opt_ie;
1747 ic->ic_opt_ie_len = ireq->i_len;
1749 FREE(oie, M_DEVBUF);
1754 ieee80211_ioctl_setkey(struct ieee80211com *ic, struct ieee80211req *ireq)
1756 struct ieee80211req_key ik;
1757 struct ieee80211_node *ni;
1758 struct ieee80211_key *wk;
1762 if (ireq->i_len != sizeof(ik))
1764 error = copyin(ireq->i_data, &ik, sizeof(ik));
1767 /* NB: cipher support is verified by ieee80211_crypt_newkey */
1768 /* NB: this also checks ik->ik_keylen > sizeof(wk->wk_key) */
1769 if (ik.ik_keylen > sizeof(ik.ik_keydata))
1772 if (kid == IEEE80211_KEYIX_NONE) {
1773 /* XXX unicast keys currently must be tx/rx */
1774 if (ik.ik_flags != (IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV))
1776 if (ic->ic_opmode == IEEE80211_M_STA) {
1777 ni = ieee80211_ref_node(ic->ic_bss);
1778 if (!IEEE80211_ADDR_EQ(ik.ik_macaddr, ni->ni_bssid)) {
1779 ieee80211_free_node(ni);
1780 return EADDRNOTAVAIL;
1783 ni = ieee80211_find_node(&ic->ic_sta, ik.ik_macaddr);
1787 wk = &ni->ni_ucastkey;
1789 if (kid >= IEEE80211_WEP_NKID)
1791 wk = &ic->ic_nw_keys[kid];
1793 * Global slots start off w/o any assigned key index.
1794 * Force one here for consistency with IEEE80211_IOC_WEPKEY.
1796 if (wk->wk_keyix == IEEE80211_KEYIX_NONE)
1801 ieee80211_key_update_begin(ic);
1802 if (ieee80211_crypto_newkey(ic, ik.ik_type, ik.ik_flags, wk)) {
1803 wk->wk_keylen = ik.ik_keylen;
1804 /* NB: MIC presence is implied by cipher type */
1805 if (wk->wk_keylen > IEEE80211_KEYBUF_SIZE)
1806 wk->wk_keylen = IEEE80211_KEYBUF_SIZE;
1807 wk->wk_keyrsc = ik.ik_keyrsc;
1808 wk->wk_keytsc = 0; /* new key, reset */
1809 memset(wk->wk_key, 0, sizeof(wk->wk_key));
1810 memcpy(wk->wk_key, ik.ik_keydata, ik.ik_keylen);
1811 if (!ieee80211_crypto_setkey(ic, wk,
1812 ni != NULL ? ni->ni_macaddr : ik.ik_macaddr))
1814 else if ((ik.ik_flags & IEEE80211_KEY_DEFAULT))
1815 ic->ic_def_txkey = kid;
1818 ieee80211_key_update_end(ic);
1820 ieee80211_free_node(ni);
1825 ieee80211_ioctl_delkey(struct ieee80211com *ic, struct ieee80211req *ireq)
1827 struct ieee80211req_del_key dk;
1830 if (ireq->i_len != sizeof(dk))
1832 error = copyin(ireq->i_data, &dk, sizeof(dk));
1836 /* XXX u_int8_t -> u_int16_t */
1837 if (dk.idk_keyix == (u_int8_t) IEEE80211_KEYIX_NONE) {
1838 struct ieee80211_node *ni;
1840 if (ic->ic_opmode == IEEE80211_M_STA) {
1841 ni = ieee80211_ref_node(ic->ic_bss);
1842 if (!IEEE80211_ADDR_EQ(dk.idk_macaddr, ni->ni_bssid)) {
1843 ieee80211_free_node(ni);
1844 return EADDRNOTAVAIL;
1847 ni = ieee80211_find_node(&ic->ic_sta, dk.idk_macaddr);
1851 /* XXX error return */
1852 ieee80211_node_delucastkey(ni);
1853 ieee80211_free_node(ni);
1855 if (kid >= IEEE80211_WEP_NKID)
1857 /* XXX error return */
1858 ieee80211_crypto_delkey(ic, &ic->ic_nw_keys[kid]);
1864 domlme(void *arg, struct ieee80211_node *ni)
1866 struct ieee80211com *ic = ni->ni_ic;
1867 struct ieee80211req_mlme *mlme = arg;
1869 if (ni->ni_associd != 0) {
1870 IEEE80211_SEND_MGMT(ic, ni,
1871 mlme->im_op == IEEE80211_MLME_DEAUTH ?
1872 IEEE80211_FC0_SUBTYPE_DEAUTH :
1873 IEEE80211_FC0_SUBTYPE_DISASSOC,
1876 ieee80211_node_leave(ic, ni);
1880 ieee80211_ioctl_setmlme(struct ieee80211com *ic, struct ieee80211req *ireq)
1882 struct ieee80211req_mlme mlme;
1883 struct ieee80211_node *ni;
1886 if (ireq->i_len != sizeof(mlme))
1888 error = copyin(ireq->i_data, &mlme, sizeof(mlme));
1891 switch (mlme.im_op) {
1892 case IEEE80211_MLME_ASSOC:
1893 if (ic->ic_opmode != IEEE80211_M_STA)
1895 /* XXX must be in S_SCAN state? */
1897 if (mlme.im_ssid_len != 0) {
1899 * Desired ssid specified; must match both bssid and
1900 * ssid to distinguish ap advertising multiple ssid's.
1902 ni = ieee80211_find_node_with_ssid(&ic->ic_scan,
1904 mlme.im_ssid_len, mlme.im_ssid);
1907 * Normal case; just match bssid.
1909 ni = ieee80211_find_node(&ic->ic_scan, mlme.im_macaddr);
1913 if (!ieee80211_sta_join(ic, ni)) {
1914 ieee80211_free_node(ni);
1918 case IEEE80211_MLME_DISASSOC:
1919 case IEEE80211_MLME_DEAUTH:
1920 switch (ic->ic_opmode) {
1921 case IEEE80211_M_STA:
1922 /* XXX not quite right */
1923 ieee80211_new_state(ic, IEEE80211_S_INIT,
1926 case IEEE80211_M_HOSTAP:
1927 /* NB: the broadcast address means do 'em all */
1928 if (!IEEE80211_ADDR_EQ(mlme.im_macaddr, ic->ic_ifp->if_broadcastaddr)) {
1929 if ((ni = ieee80211_find_node(&ic->ic_sta,
1930 mlme.im_macaddr)) == NULL)
1933 ieee80211_free_node(ni);
1935 ieee80211_iterate_nodes(&ic->ic_sta,
1943 case IEEE80211_MLME_AUTHORIZE:
1944 case IEEE80211_MLME_UNAUTHORIZE:
1945 if (ic->ic_opmode != IEEE80211_M_HOSTAP)
1947 ni = ieee80211_find_node(&ic->ic_sta, mlme.im_macaddr);
1950 if (mlme.im_op == IEEE80211_MLME_AUTHORIZE)
1951 ieee80211_node_authorize(ni);
1953 ieee80211_node_unauthorize(ni);
1954 ieee80211_free_node(ni);
1963 ieee80211_ioctl_macmac(struct ieee80211com *ic, struct ieee80211req *ireq)
1965 u_int8_t mac[IEEE80211_ADDR_LEN];
1966 const struct ieee80211_aclator *acl = ic->ic_acl;
1969 if (ireq->i_len != sizeof(mac))
1971 error = copyin(ireq->i_data, mac, ireq->i_len);
1975 acl = ieee80211_aclator_get("mac");
1976 if (acl == NULL || !acl->iac_attach(ic))
1980 if (ireq->i_type == IEEE80211_IOC_ADDMAC)
1981 acl->iac_add(ic, mac);
1983 acl->iac_remove(ic, mac);
1988 ieee80211_ioctl_setmaccmd(struct ieee80211com *ic, struct ieee80211req *ireq)
1990 const struct ieee80211_aclator *acl = ic->ic_acl;
1992 switch (ireq->i_val) {
1993 case IEEE80211_MACCMD_POLICY_OPEN:
1994 case IEEE80211_MACCMD_POLICY_ALLOW:
1995 case IEEE80211_MACCMD_POLICY_DENY:
1997 acl = ieee80211_aclator_get("mac");
1998 if (acl == NULL || !acl->iac_attach(ic))
2002 acl->iac_setpolicy(ic, ireq->i_val);
2004 case IEEE80211_MACCMD_FLUSH:
2007 /* NB: silently ignore when not in use */
2009 case IEEE80211_MACCMD_DETACH:
2012 acl->iac_detach(ic);
2019 return acl->iac_setioctl(ic, ireq);
2025 ieee80211_ioctl_setchanlist(struct ieee80211com *ic, struct ieee80211req *ireq)
2027 struct ieee80211req_chanlist list;
2028 u_char chanlist[IEEE80211_CHAN_BYTES];
2031 if (ireq->i_len != sizeof(list))
2033 error = copyin(ireq->i_data, &list, sizeof(list));
2036 memset(chanlist, 0, sizeof(chanlist));
2038 * Since channel 0 is not available for DS, channel 1
2039 * is assigned to LSB on WaveLAN.
2041 if (ic->ic_phytype == IEEE80211_T_DS)
2045 for (j = 0; i <= IEEE80211_CHAN_MAX; i++, j++) {
2047 * NB: silently discard unavailable channels so users
2048 * can specify 1-255 to get all available channels.
2050 if (isset(list.ic_channels, j) && isset(ic->ic_chan_avail, i))
2051 setbit(chanlist, i);
2053 if (ic->ic_ibss_chan == NULL ||
2054 isclr(chanlist, ieee80211_chan2ieee(ic, ic->ic_ibss_chan))) {
2055 for (i = 0; i <= IEEE80211_CHAN_MAX; i++)
2056 if (isset(chanlist, i)) {
2057 ic->ic_ibss_chan = &ic->ic_channels[i];
2060 return EINVAL; /* no active channels */
2064 memcpy(ic->ic_chan_active, chanlist, sizeof(ic->ic_chan_active));
2065 return IS_UP_AUTO(ic) ? ENETRESET : 0;
2069 ieee80211_ioctl_setstastats(struct ieee80211com *ic, struct ieee80211req *ireq)
2071 struct ieee80211_node *ni;
2072 u_int8_t macaddr[IEEE80211_ADDR_LEN];
2076 * NB: we could copyin ieee80211req_sta_stats so apps
2077 * could make selective changes but that's overkill;
2078 * just clear all stats for now.
2080 if (ireq->i_len < IEEE80211_ADDR_LEN)
2082 error = copyin(ireq->i_data, macaddr, IEEE80211_ADDR_LEN);
2085 ni = ieee80211_find_node(&ic->ic_sta, macaddr);
2087 return EINVAL; /* XXX */
2088 memset(&ni->ni_stats, 0, sizeof(ni->ni_stats));
2089 ieee80211_free_node(ni);
2094 ieee80211_ioctl_setstatxpow(struct ieee80211com *ic, struct ieee80211req *ireq)
2096 struct ieee80211_node *ni;
2097 struct ieee80211req_sta_txpow txpow;
2100 if (ireq->i_len != sizeof(txpow))
2102 error = copyin(ireq->i_data, &txpow, sizeof(txpow));
2105 ni = ieee80211_find_node(&ic->ic_sta, txpow.it_macaddr);
2107 return EINVAL; /* XXX */
2108 ni->ni_txpower = txpow.it_txpow;
2109 ieee80211_free_node(ni);
2114 ieee80211_ioctl_setwmeparam(struct ieee80211com *ic, struct ieee80211req *ireq)
2116 struct ieee80211_wme_state *wme = &ic->ic_wme;
2117 struct wmeParams *wmep, *chanp;
2120 if ((ic->ic_caps & IEEE80211_C_WME) == 0)
2123 isbss = (ireq->i_len & IEEE80211_WMEPARAM_BSS);
2124 ac = (ireq->i_len & IEEE80211_WMEPARAM_VAL);
2125 if (ac >= WME_NUM_AC)
2128 chanp = &wme->wme_bssChanParams.cap_wmeParams[ac];
2129 wmep = &wme->wme_wmeBssChanParams.cap_wmeParams[ac];
2131 chanp = &wme->wme_chanParams.cap_wmeParams[ac];
2132 wmep = &wme->wme_wmeChanParams.cap_wmeParams[ac];
2134 switch (ireq->i_type) {
2135 case IEEE80211_IOC_WME_CWMIN: /* WME: CWmin */
2137 wmep->wmep_logcwmin = ireq->i_val;
2138 if ((wme->wme_flags & WME_F_AGGRMODE) == 0)
2139 chanp->wmep_logcwmin = ireq->i_val;
2141 wmep->wmep_logcwmin = chanp->wmep_logcwmin =
2145 case IEEE80211_IOC_WME_CWMAX: /* WME: CWmax */
2147 wmep->wmep_logcwmax = ireq->i_val;
2148 if ((wme->wme_flags & WME_F_AGGRMODE) == 0)
2149 chanp->wmep_logcwmax = ireq->i_val;
2151 wmep->wmep_logcwmax = chanp->wmep_logcwmax =
2155 case IEEE80211_IOC_WME_AIFS: /* WME: AIFS */
2157 wmep->wmep_aifsn = ireq->i_val;
2158 if ((wme->wme_flags & WME_F_AGGRMODE) == 0)
2159 chanp->wmep_aifsn = ireq->i_val;
2161 wmep->wmep_aifsn = chanp->wmep_aifsn = ireq->i_val;
2164 case IEEE80211_IOC_WME_TXOPLIMIT: /* WME: txops limit */
2166 wmep->wmep_txopLimit = ireq->i_val;
2167 if ((wme->wme_flags & WME_F_AGGRMODE) == 0)
2168 chanp->wmep_txopLimit = ireq->i_val;
2170 wmep->wmep_txopLimit = chanp->wmep_txopLimit =
2174 case IEEE80211_IOC_WME_ACM: /* WME: ACM (bss only) */
2175 wmep->wmep_acm = ireq->i_val;
2176 if ((wme->wme_flags & WME_F_AGGRMODE) == 0)
2177 chanp->wmep_acm = ireq->i_val;
2179 case IEEE80211_IOC_WME_ACKPOLICY: /* WME: ACK policy (!bss only)*/
2180 wmep->wmep_noackPolicy = chanp->wmep_noackPolicy =
2184 ieee80211_wme_updateparams(ic);
2189 cipher2cap(int cipher)
2192 case IEEE80211_CIPHER_WEP: return IEEE80211_C_WEP;
2193 case IEEE80211_CIPHER_AES_OCB: return IEEE80211_C_AES;
2194 case IEEE80211_CIPHER_AES_CCM: return IEEE80211_C_AES_CCM;
2195 case IEEE80211_CIPHER_CKIP: return IEEE80211_C_CKIP;
2196 case IEEE80211_CIPHER_TKIP: return IEEE80211_C_TKIP;
2202 ieee80211_ioctl_set80211(struct ieee80211com *ic, u_long cmd, struct ieee80211req *ireq)
2204 static const u_int8_t zerobssid[IEEE80211_ADDR_LEN];
2205 struct ieee80211_rsnparms *rsn = &ic->ic_bss->ni_rsn;
2207 const struct ieee80211_authenticator *auth;
2208 u_int8_t tmpkey[IEEE80211_KEYBUF_SIZE];
2209 char tmpssid[IEEE80211_NWID_LEN];
2210 u_int8_t tmpbssid[IEEE80211_ADDR_LEN];
2211 struct ieee80211_key *k;
2216 switch (ireq->i_type) {
2217 case IEEE80211_IOC_SSID:
2218 if (ireq->i_val != 0 ||
2219 ireq->i_len > IEEE80211_NWID_LEN)
2221 error = copyin(ireq->i_data, tmpssid, ireq->i_len);
2224 memset(ic->ic_des_essid, 0, IEEE80211_NWID_LEN);
2225 ic->ic_des_esslen = ireq->i_len;
2226 memcpy(ic->ic_des_essid, tmpssid, ireq->i_len);
2229 case IEEE80211_IOC_WEP:
2230 switch (ireq->i_val) {
2231 case IEEE80211_WEP_OFF:
2232 ic->ic_flags &= ~IEEE80211_F_PRIVACY;
2233 ic->ic_flags &= ~IEEE80211_F_DROPUNENC;
2235 case IEEE80211_WEP_ON:
2236 ic->ic_flags |= IEEE80211_F_PRIVACY;
2237 ic->ic_flags |= IEEE80211_F_DROPUNENC;
2239 case IEEE80211_WEP_MIXED:
2240 ic->ic_flags |= IEEE80211_F_PRIVACY;
2241 ic->ic_flags &= ~IEEE80211_F_DROPUNENC;
2246 case IEEE80211_IOC_WEPKEY:
2247 kid = (u_int) ireq->i_val;
2248 if (kid >= IEEE80211_WEP_NKID)
2250 k = &ic->ic_nw_keys[kid];
2251 if (ireq->i_len == 0) {
2252 /* zero-len =>'s delete any existing key */
2253 (void) ieee80211_crypto_delkey(ic, k);
2256 if (ireq->i_len > sizeof(tmpkey))
2258 memset(tmpkey, 0, sizeof(tmpkey));
2259 error = copyin(ireq->i_data, tmpkey, ireq->i_len);
2262 ieee80211_key_update_begin(ic);
2263 k->wk_keyix = kid; /* NB: force fixed key id */
2264 if (ieee80211_crypto_newkey(ic, IEEE80211_CIPHER_WEP,
2265 IEEE80211_KEY_XMIT | IEEE80211_KEY_RECV, k)) {
2266 k->wk_keylen = ireq->i_len;
2267 memcpy(k->wk_key, tmpkey, sizeof(tmpkey));
2268 if (!ieee80211_crypto_setkey(ic, k, ic->ic_myaddr))
2272 ieee80211_key_update_end(ic);
2273 if (!error) /* NB: for compatibility */
2276 case IEEE80211_IOC_WEPTXKEY:
2277 kid = (u_int) ireq->i_val;
2278 if (kid >= IEEE80211_WEP_NKID &&
2279 (u_int16_t) kid != IEEE80211_KEYIX_NONE)
2281 ic->ic_def_txkey = kid;
2282 error = ENETRESET; /* push to hardware */
2284 case IEEE80211_IOC_AUTHMODE:
2285 switch (ireq->i_val) {
2286 case IEEE80211_AUTH_WPA:
2287 case IEEE80211_AUTH_8021X: /* 802.1x */
2288 case IEEE80211_AUTH_OPEN: /* open */
2289 case IEEE80211_AUTH_SHARED: /* shared-key */
2290 case IEEE80211_AUTH_AUTO: /* auto */
2291 auth = ieee80211_authenticator_get(ireq->i_val);
2298 switch (ireq->i_val) {
2299 case IEEE80211_AUTH_WPA: /* WPA w/ 802.1x */
2300 ic->ic_flags |= IEEE80211_F_PRIVACY;
2301 ireq->i_val = IEEE80211_AUTH_8021X;
2303 case IEEE80211_AUTH_OPEN: /* open */
2304 ic->ic_flags &= ~(IEEE80211_F_WPA|IEEE80211_F_PRIVACY);
2306 case IEEE80211_AUTH_SHARED: /* shared-key */
2307 case IEEE80211_AUTH_8021X: /* 802.1x */
2308 ic->ic_flags &= ~IEEE80211_F_WPA;
2309 /* both require a key so mark the PRIVACY capability */
2310 ic->ic_flags |= IEEE80211_F_PRIVACY;
2312 case IEEE80211_AUTH_AUTO: /* auto */
2313 ic->ic_flags &= ~IEEE80211_F_WPA;
2314 /* XXX PRIVACY handling? */
2315 /* XXX what's the right way to do this? */
2318 /* NB: authenticator attach/detach happens on state change */
2319 ic->ic_bss->ni_authmode = ireq->i_val;
2320 /* XXX mixed/mode/usage? */
2324 case IEEE80211_IOC_CHANNEL:
2325 /* XXX 0xffff overflows 16-bit signed */
2326 if (ireq->i_val == 0 ||
2327 ireq->i_val == (int16_t) IEEE80211_CHAN_ANY)
2328 ic->ic_des_chan = IEEE80211_CHAN_ANYC;
2329 else if ((u_int) ireq->i_val > IEEE80211_CHAN_MAX ||
2330 isclr(ic->ic_chan_active, ireq->i_val)) {
2333 ic->ic_ibss_chan = ic->ic_des_chan =
2334 &ic->ic_channels[ireq->i_val];
2335 switch (ic->ic_state) {
2336 case IEEE80211_S_INIT:
2337 case IEEE80211_S_SCAN:
2342 * If the desired channel has changed (to something
2343 * other than any) and we're not already scanning,
2344 * then kick the state machine.
2346 if (ic->ic_des_chan != IEEE80211_CHAN_ANYC &&
2347 ic->ic_bss->ni_chan != ic->ic_des_chan &&
2348 (ic->ic_flags & IEEE80211_F_SCAN) == 0)
2352 if (error == ENETRESET &&
2353 ic->ic_opmode == IEEE80211_M_MONITOR) {
2356 * Monitor mode can switch directly.
2358 if (ic->ic_des_chan != IEEE80211_CHAN_ANYC)
2359 ic->ic_curchan = ic->ic_des_chan;
2360 error = ic->ic_reset(ic->ic_ifp);
2365 case IEEE80211_IOC_POWERSAVE:
2366 switch (ireq->i_val) {
2367 case IEEE80211_POWERSAVE_OFF:
2368 if (ic->ic_flags & IEEE80211_F_PMGTON) {
2369 ic->ic_flags &= ~IEEE80211_F_PMGTON;
2373 case IEEE80211_POWERSAVE_ON:
2374 if ((ic->ic_caps & IEEE80211_C_PMGT) == 0)
2376 else if ((ic->ic_flags & IEEE80211_F_PMGTON) == 0) {
2377 ic->ic_flags |= IEEE80211_F_PMGTON;
2385 if (error == ENETRESET) {
2387 * Switching in+out of power save mode
2388 * should not require a state change.
2390 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
2393 case IEEE80211_IOC_POWERSAVESLEEP:
2394 if (ireq->i_val < 0)
2396 ic->ic_lintval = ireq->i_val;
2397 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
2399 case IEEE80211_IOC_RTSTHRESHOLD:
2400 if (!(IEEE80211_RTS_MIN <= ireq->i_val &&
2401 ireq->i_val <= IEEE80211_RTS_MAX))
2403 ic->ic_rtsthreshold = ireq->i_val;
2404 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
2406 case IEEE80211_IOC_PROTMODE:
2407 if (ireq->i_val > IEEE80211_PROT_RTSCTS)
2409 ic->ic_protmode = ireq->i_val;
2410 /* NB: if not operating in 11g this can wait */
2411 if (ic->ic_curmode == IEEE80211_MODE_11G)
2412 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
2414 case IEEE80211_IOC_TXPOWER:
2415 if ((ic->ic_caps & IEEE80211_C_TXPMGT) == 0)
2417 if (!(IEEE80211_TXPOWER_MIN < ireq->i_val &&
2418 ireq->i_val < IEEE80211_TXPOWER_MAX))
2420 ic->ic_txpowlimit = ireq->i_val;
2421 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
2423 case IEEE80211_IOC_ROAMING:
2424 if (!(IEEE80211_ROAMING_DEVICE <= ireq->i_val &&
2425 ireq->i_val <= IEEE80211_ROAMING_MANUAL))
2427 ic->ic_roaming = ireq->i_val;
2430 case IEEE80211_IOC_PRIVACY:
2432 /* XXX check for key state? */
2433 ic->ic_flags |= IEEE80211_F_PRIVACY;
2435 ic->ic_flags &= ~IEEE80211_F_PRIVACY;
2437 case IEEE80211_IOC_DROPUNENCRYPTED:
2439 ic->ic_flags |= IEEE80211_F_DROPUNENC;
2441 ic->ic_flags &= ~IEEE80211_F_DROPUNENC;
2443 case IEEE80211_IOC_WPAKEY:
2444 error = ieee80211_ioctl_setkey(ic, ireq);
2446 case IEEE80211_IOC_DELKEY:
2447 error = ieee80211_ioctl_delkey(ic, ireq);
2449 case IEEE80211_IOC_MLME:
2450 error = ieee80211_ioctl_setmlme(ic, ireq);
2452 case IEEE80211_IOC_OPTIE:
2453 error = ieee80211_ioctl_setoptie(ic, ireq);
2455 case IEEE80211_IOC_COUNTERMEASURES:
2457 if ((ic->ic_flags & IEEE80211_F_WPA) == 0)
2459 ic->ic_flags |= IEEE80211_F_COUNTERM;
2461 ic->ic_flags &= ~IEEE80211_F_COUNTERM;
2463 case IEEE80211_IOC_WPA:
2464 if (ireq->i_val > 3)
2466 /* XXX verify ciphers available */
2467 ic->ic_flags &= ~IEEE80211_F_WPA;
2468 switch (ireq->i_val) {
2470 ic->ic_flags |= IEEE80211_F_WPA1;
2473 ic->ic_flags |= IEEE80211_F_WPA2;
2476 ic->ic_flags |= IEEE80211_F_WPA1 | IEEE80211_F_WPA2;
2479 error = ENETRESET; /* XXX? */
2481 case IEEE80211_IOC_WME:
2483 if ((ic->ic_caps & IEEE80211_C_WME) == 0)
2485 ic->ic_flags |= IEEE80211_F_WME;
2487 ic->ic_flags &= ~IEEE80211_F_WME;
2488 error = ENETRESET; /* XXX maybe not for station? */
2490 case IEEE80211_IOC_HIDESSID:
2492 ic->ic_flags |= IEEE80211_F_HIDESSID;
2494 ic->ic_flags &= ~IEEE80211_F_HIDESSID;
2497 case IEEE80211_IOC_APBRIDGE:
2498 if (ireq->i_val == 0)
2499 ic->ic_flags |= IEEE80211_F_NOBRIDGE;
2501 ic->ic_flags &= ~IEEE80211_F_NOBRIDGE;
2503 case IEEE80211_IOC_MCASTCIPHER:
2504 if ((ic->ic_caps & cipher2cap(ireq->i_val)) == 0 &&
2505 !ieee80211_crypto_available(ireq->i_val))
2507 rsn->rsn_mcastcipher = ireq->i_val;
2508 error = (ic->ic_flags & IEEE80211_F_WPA) ? ENETRESET : 0;
2510 case IEEE80211_IOC_MCASTKEYLEN:
2511 if (!(0 < ireq->i_val && ireq->i_val < IEEE80211_KEYBUF_SIZE))
2513 /* XXX no way to verify driver capability */
2514 rsn->rsn_mcastkeylen = ireq->i_val;
2515 error = (ic->ic_flags & IEEE80211_F_WPA) ? ENETRESET : 0;
2517 case IEEE80211_IOC_UCASTCIPHERS:
2519 * Convert user-specified cipher set to the set
2520 * we can support (via hardware or software).
2521 * NB: this logic intentionally ignores unknown and
2522 * unsupported ciphers so folks can specify 0xff or
2523 * similar and get all available ciphers.
2526 for (j = 1; j < 32; j++) /* NB: skip WEP */
2527 if ((ireq->i_val & (1<<j)) &&
2528 ((ic->ic_caps & cipher2cap(j)) ||
2529 ieee80211_crypto_available(j)))
2531 if (caps == 0) /* nothing available */
2533 /* XXX verify ciphers ok for unicast use? */
2534 /* XXX disallow if running as it'll have no effect */
2535 rsn->rsn_ucastcipherset = caps;
2536 error = (ic->ic_flags & IEEE80211_F_WPA) ? ENETRESET : 0;
2538 case IEEE80211_IOC_UCASTCIPHER:
2539 if ((rsn->rsn_ucastcipherset & cipher2cap(ireq->i_val)) == 0)
2541 rsn->rsn_ucastcipher = ireq->i_val;
2543 case IEEE80211_IOC_UCASTKEYLEN:
2544 if (!(0 < ireq->i_val && ireq->i_val < IEEE80211_KEYBUF_SIZE))
2546 /* XXX no way to verify driver capability */
2547 rsn->rsn_ucastkeylen = ireq->i_val;
2549 case IEEE80211_IOC_DRIVER_CAPS:
2550 /* NB: for testing */
2551 ic->ic_caps = (((u_int16_t) ireq->i_val) << 16) |
2552 ((u_int16_t) ireq->i_len);
2554 case IEEE80211_IOC_KEYMGTALGS:
2556 rsn->rsn_keymgmtset = ireq->i_val;
2557 error = (ic->ic_flags & IEEE80211_F_WPA) ? ENETRESET : 0;
2559 case IEEE80211_IOC_RSNCAPS:
2561 rsn->rsn_caps = ireq->i_val;
2562 error = (ic->ic_flags & IEEE80211_F_WPA) ? ENETRESET : 0;
2564 case IEEE80211_IOC_BSSID:
2565 if (ireq->i_len != sizeof(tmpbssid))
2567 error = copyin(ireq->i_data, tmpbssid, ireq->i_len);
2570 IEEE80211_ADDR_COPY(ic->ic_des_bssid, tmpbssid);
2571 if (IEEE80211_ADDR_EQ(ic->ic_des_bssid, zerobssid))
2572 ic->ic_flags &= ~IEEE80211_F_DESBSSID;
2574 ic->ic_flags |= IEEE80211_F_DESBSSID;
2577 case IEEE80211_IOC_CHANLIST:
2578 error = ieee80211_ioctl_setchanlist(ic, ireq);
2580 case IEEE80211_IOC_SCAN_REQ:
2581 if (ic->ic_opmode == IEEE80211_M_HOSTAP) /* XXX ignore */
2583 error = ieee80211_setupscan(ic, ic->ic_chan_avail);
2584 if (error == 0) /* XXX background scan */
2585 error = ieee80211_new_state(ic, IEEE80211_S_SCAN, -1);
2587 case IEEE80211_IOC_ADDMAC:
2588 case IEEE80211_IOC_DELMAC:
2589 error = ieee80211_ioctl_macmac(ic, ireq);
2591 case IEEE80211_IOC_MACCMD:
2592 error = ieee80211_ioctl_setmaccmd(ic, ireq);
2594 case IEEE80211_IOC_STA_STATS:
2595 error = ieee80211_ioctl_setstastats(ic, ireq);
2597 case IEEE80211_IOC_STA_TXPOW:
2598 error = ieee80211_ioctl_setstatxpow(ic, ireq);
2600 case IEEE80211_IOC_WME_CWMIN: /* WME: CWmin */
2601 case IEEE80211_IOC_WME_CWMAX: /* WME: CWmax */
2602 case IEEE80211_IOC_WME_AIFS: /* WME: AIFS */
2603 case IEEE80211_IOC_WME_TXOPLIMIT: /* WME: txops limit */
2604 case IEEE80211_IOC_WME_ACM: /* WME: ACM (bss only) */
2605 case IEEE80211_IOC_WME_ACKPOLICY: /* WME: ACK policy (bss only) */
2606 error = ieee80211_ioctl_setwmeparam(ic, ireq);
2608 case IEEE80211_IOC_DTIM_PERIOD:
2609 if (ic->ic_opmode != IEEE80211_M_HOSTAP &&
2610 ic->ic_opmode != IEEE80211_M_IBSS)
2612 if (IEEE80211_DTIM_MIN <= ireq->i_val &&
2613 ireq->i_val <= IEEE80211_DTIM_MAX) {
2614 ic->ic_dtim_period = ireq->i_val;
2615 error = ENETRESET; /* requires restart */
2619 case IEEE80211_IOC_BEACON_INTERVAL:
2620 if (ic->ic_opmode != IEEE80211_M_HOSTAP &&
2621 ic->ic_opmode != IEEE80211_M_IBSS)
2623 if (IEEE80211_BINTVAL_MIN <= ireq->i_val &&
2624 ireq->i_val <= IEEE80211_BINTVAL_MAX) {
2625 ic->ic_bintval = ireq->i_val;
2626 error = ENETRESET; /* requires restart */
2630 case IEEE80211_IOC_PUREG:
2632 ic->ic_flags |= IEEE80211_F_PUREG;
2634 ic->ic_flags &= ~IEEE80211_F_PUREG;
2635 /* NB: reset only if we're operating on an 11g channel */
2636 if (ic->ic_curmode == IEEE80211_MODE_11G)
2639 case IEEE80211_IOC_MCAST_RATE:
2640 ic->ic_mcast_rate = ireq->i_val & IEEE80211_RATE_VAL;
2642 case IEEE80211_IOC_FRAGTHRESHOLD:
2643 if ((ic->ic_caps & IEEE80211_C_TXFRAG) == 0 &&
2644 ireq->i_val != IEEE80211_FRAG_MAX)
2646 if (!(IEEE80211_FRAG_MIN <= ireq->i_val &&
2647 ireq->i_val <= IEEE80211_FRAG_MAX))
2649 ic->ic_fragthreshold = ireq->i_val;
2650 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
2652 case IEEE80211_IOC_BURST:
2654 if ((ic->ic_caps & IEEE80211_C_BURST) == 0)
2656 ic->ic_flags |= IEEE80211_F_BURST;
2658 ic->ic_flags &= ~IEEE80211_F_BURST;
2659 error = ENETRESET; /* XXX maybe not for station? */
2661 case IEEE80211_IOC_BMISSTHRESHOLD:
2662 if (!(IEEE80211_HWBMISS_MIN <= ireq->i_val &&
2663 ireq->i_val <= IEEE80211_HWBMISS_MAX))
2665 ic->ic_bmissthreshold = ireq->i_val;
2666 error = IS_UP(ic) ? ic->ic_reset(ic->ic_ifp) : 0;
2672 if (error == ENETRESET && !IS_UP_AUTO(ic))
2678 ieee80211_ioctl(struct ieee80211com *ic, u_long cmd, caddr_t data)
2680 struct ifnet *ifp = ic->ic_ifp;
2683 struct ifaddr *ifa; /* XXX */
2688 error = ifmedia_ioctl(ifp, (struct ifreq *) data,
2689 &ic->ic_media, cmd);
2692 error = ieee80211_ioctl_get80211(ic, cmd,
2693 (struct ieee80211req *) data);
2696 error = priv_check(curthread, PRIV_NET80211_MANAGE);
2698 error = ieee80211_ioctl_set80211(ic, cmd,
2699 (struct ieee80211req *) data);
2701 case SIOCGIFGENERIC:
2702 error = ieee80211_cfgget(ic, cmd, data);
2704 case SIOCSIFGENERIC:
2705 error = priv_check(curthread, PRIV_NET80211_MANAGE);
2708 error = ieee80211_cfgset(ic, cmd, data);
2710 case SIOCG80211STATS:
2711 ifr = (struct ifreq *)data;
2712 copyout(&ic->ic_stats, ifr->ifr_data, sizeof (ic->ic_stats));
2715 ifr = (struct ifreq *)data;
2716 if (!(IEEE80211_MTU_MIN <= ifr->ifr_mtu &&
2717 ifr->ifr_mtu <= IEEE80211_MTU_MAX))
2720 ifp->if_mtu = ifr->ifr_mtu;
2724 * XXX Handle this directly so we can supress if_init calls.
2725 * XXX This should be done in ether_ioctl but for the moment
2726 * XXX there are too many other parts of the system that
2727 * XXX set IFF_UP and so supress if_init being called when
2730 ifa = (struct ifaddr *) data;
2731 switch (ifa->ifa_addr->sa_family) {
2734 if ((ifp->if_flags & IFF_UP) == 0) {
2735 ifp->if_flags |= IFF_UP;
2736 ifp->if_init(ifp->if_softc);
2738 arp_ifinit(ifp, ifa);
2743 * XXX - This code is probably wrong,
2744 * but has been copied many times.
2747 struct ipx_addr *ina = &(IA_SIPX(ifa)->sipx_addr);
2749 if (ipx_nullhost(*ina))
2750 ina->x_host = *(union ipx_host *)
2753 bcopy((caddr_t) ina->x_host.c_host,
2754 (caddr_t) IF_LLADDR(ifp),
2760 if ((ifp->if_flags & IFF_UP) == 0) {
2761 ifp->if_flags |= IFF_UP;
2762 ifp->if_init(ifp->if_softc);
2768 error = ether_ioctl(ifp, cmd, data);