mac80211: pid, fix memory corruption
[linux-2.6] / net / wireless / core.c
1 /*
2  * This is the linux wireless configuration interface.
3  *
4  * Copyright 2006-2008          Johannes Berg <johannes@sipsolutions.net>
5  */
6
7 #include <linux/if.h>
8 #include <linux/module.h>
9 #include <linux/err.h>
10 #include <linux/list.h>
11 #include <linux/nl80211.h>
12 #include <linux/debugfs.h>
13 #include <linux/notifier.h>
14 #include <linux/device.h>
15 #include <net/genetlink.h>
16 #include <net/cfg80211.h>
17 #include <net/wireless.h>
18 #include "nl80211.h"
19 #include "core.h"
20 #include "sysfs.h"
21
22 /* name for sysfs, %d is appended */
23 #define PHY_NAME "phy"
24
25 MODULE_AUTHOR("Johannes Berg");
26 MODULE_LICENSE("GPL");
27 MODULE_DESCRIPTION("wireless configuration support");
28
29 /* RCU might be appropriate here since we usually
30  * only read the list, and that can happen quite
31  * often because we need to do it for each command */
32 LIST_HEAD(cfg80211_drv_list);
33
34 /*
35  * This is used to protect the cfg80211_drv_list, cfg80211_regdomain,
36  * country_ie_regdomain, the reg_beacon_list and the the last regulatory
37  * request receipt (last_request).
38  */
39 DEFINE_MUTEX(cfg80211_mutex);
40
41 /* for debugfs */
42 static struct dentry *ieee80211_debugfs_dir;
43
44 /* requires cfg80211_mutex to be held! */
45 struct cfg80211_registered_device *cfg80211_drv_by_wiphy_idx(int wiphy_idx)
46 {
47         struct cfg80211_registered_device *result = NULL, *drv;
48
49         if (!wiphy_idx_valid(wiphy_idx))
50                 return NULL;
51
52         assert_cfg80211_lock();
53
54         list_for_each_entry(drv, &cfg80211_drv_list, list) {
55                 if (drv->wiphy_idx == wiphy_idx) {
56                         result = drv;
57                         break;
58                 }
59         }
60
61         return result;
62 }
63
64 int get_wiphy_idx(struct wiphy *wiphy)
65 {
66         struct cfg80211_registered_device *drv;
67         if (!wiphy)
68                 return WIPHY_IDX_STALE;
69         drv = wiphy_to_dev(wiphy);
70         return drv->wiphy_idx;
71 }
72
73 /* requires cfg80211_drv_mutex to be held! */
74 struct wiphy *wiphy_idx_to_wiphy(int wiphy_idx)
75 {
76         struct cfg80211_registered_device *drv;
77
78         if (!wiphy_idx_valid(wiphy_idx))
79                 return NULL;
80
81         assert_cfg80211_lock();
82
83         drv = cfg80211_drv_by_wiphy_idx(wiphy_idx);
84         if (!drv)
85                 return NULL;
86         return &drv->wiphy;
87 }
88
89 /* requires cfg80211_mutex to be held! */
90 struct cfg80211_registered_device *
91 __cfg80211_drv_from_info(struct genl_info *info)
92 {
93         int ifindex;
94         struct cfg80211_registered_device *bywiphyidx = NULL, *byifidx = NULL;
95         struct net_device *dev;
96         int err = -EINVAL;
97
98         assert_cfg80211_lock();
99
100         if (info->attrs[NL80211_ATTR_WIPHY]) {
101                 bywiphyidx = cfg80211_drv_by_wiphy_idx(
102                                 nla_get_u32(info->attrs[NL80211_ATTR_WIPHY]));
103                 err = -ENODEV;
104         }
105
106         if (info->attrs[NL80211_ATTR_IFINDEX]) {
107                 ifindex = nla_get_u32(info->attrs[NL80211_ATTR_IFINDEX]);
108                 dev = dev_get_by_index(&init_net, ifindex);
109                 if (dev) {
110                         if (dev->ieee80211_ptr)
111                                 byifidx =
112                                         wiphy_to_dev(dev->ieee80211_ptr->wiphy);
113                         dev_put(dev);
114                 }
115                 err = -ENODEV;
116         }
117
118         if (bywiphyidx && byifidx) {
119                 if (bywiphyidx != byifidx)
120                         return ERR_PTR(-EINVAL);
121                 else
122                         return bywiphyidx; /* == byifidx */
123         }
124         if (bywiphyidx)
125                 return bywiphyidx;
126
127         if (byifidx)
128                 return byifidx;
129
130         return ERR_PTR(err);
131 }
132
133 struct cfg80211_registered_device *
134 cfg80211_get_dev_from_info(struct genl_info *info)
135 {
136         struct cfg80211_registered_device *drv;
137
138         mutex_lock(&cfg80211_mutex);
139         drv = __cfg80211_drv_from_info(info);
140
141         /* if it is not an error we grab the lock on
142          * it to assure it won't be going away while
143          * we operate on it */
144         if (!IS_ERR(drv))
145                 mutex_lock(&drv->mtx);
146
147         mutex_unlock(&cfg80211_mutex);
148
149         return drv;
150 }
151
152 struct cfg80211_registered_device *
153 cfg80211_get_dev_from_ifindex(int ifindex)
154 {
155         struct cfg80211_registered_device *drv = ERR_PTR(-ENODEV);
156         struct net_device *dev;
157
158         mutex_lock(&cfg80211_mutex);
159         dev = dev_get_by_index(&init_net, ifindex);
160         if (!dev)
161                 goto out;
162         if (dev->ieee80211_ptr) {
163                 drv = wiphy_to_dev(dev->ieee80211_ptr->wiphy);
164                 mutex_lock(&drv->mtx);
165         } else
166                 drv = ERR_PTR(-ENODEV);
167         dev_put(dev);
168  out:
169         mutex_unlock(&cfg80211_mutex);
170         return drv;
171 }
172
173 void cfg80211_put_dev(struct cfg80211_registered_device *drv)
174 {
175         BUG_ON(IS_ERR(drv));
176         mutex_unlock(&drv->mtx);
177 }
178
179 /* requires cfg80211_mutex to be held */
180 int cfg80211_dev_rename(struct cfg80211_registered_device *rdev,
181                         char *newname)
182 {
183         struct cfg80211_registered_device *drv;
184         int wiphy_idx, taken = -1, result, digits;
185
186         assert_cfg80211_lock();
187
188         /* prohibit calling the thing phy%d when %d is not its number */
189         sscanf(newname, PHY_NAME "%d%n", &wiphy_idx, &taken);
190         if (taken == strlen(newname) && wiphy_idx != rdev->wiphy_idx) {
191                 /* count number of places needed to print wiphy_idx */
192                 digits = 1;
193                 while (wiphy_idx /= 10)
194                         digits++;
195                 /*
196                  * deny the name if it is phy<idx> where <idx> is printed
197                  * without leading zeroes. taken == strlen(newname) here
198                  */
199                 if (taken == strlen(PHY_NAME) + digits)
200                         return -EINVAL;
201         }
202
203
204         /* Ignore nop renames */
205         if (strcmp(newname, dev_name(&rdev->wiphy.dev)) == 0)
206                 return 0;
207
208         /* Ensure another device does not already have this name. */
209         list_for_each_entry(drv, &cfg80211_drv_list, list)
210                 if (strcmp(newname, dev_name(&drv->wiphy.dev)) == 0)
211                         return -EINVAL;
212
213         result = device_rename(&rdev->wiphy.dev, newname);
214         if (result)
215                 return result;
216
217         if (rdev->wiphy.debugfsdir &&
218             !debugfs_rename(rdev->wiphy.debugfsdir->d_parent,
219                             rdev->wiphy.debugfsdir,
220                             rdev->wiphy.debugfsdir->d_parent,
221                             newname))
222                 printk(KERN_ERR "cfg80211: failed to rename debugfs dir to %s!\n",
223                        newname);
224
225         nl80211_notify_dev_rename(rdev);
226
227         return 0;
228 }
229
230 /* exported functions */
231
232 struct wiphy *wiphy_new(struct cfg80211_ops *ops, int sizeof_priv)
233 {
234         static int wiphy_counter;
235
236         struct cfg80211_registered_device *drv;
237         int alloc_size;
238
239         WARN_ON(!ops->add_key && ops->del_key);
240         WARN_ON(ops->add_key && !ops->del_key);
241
242         alloc_size = sizeof(*drv) + sizeof_priv;
243
244         drv = kzalloc(alloc_size, GFP_KERNEL);
245         if (!drv)
246                 return NULL;
247
248         drv->ops = ops;
249
250         mutex_lock(&cfg80211_mutex);
251
252         drv->wiphy_idx = wiphy_counter++;
253
254         if (unlikely(!wiphy_idx_valid(drv->wiphy_idx))) {
255                 wiphy_counter--;
256                 mutex_unlock(&cfg80211_mutex);
257                 /* ugh, wrapped! */
258                 kfree(drv);
259                 return NULL;
260         }
261
262         mutex_unlock(&cfg80211_mutex);
263
264         /* give it a proper name */
265         dev_set_name(&drv->wiphy.dev, PHY_NAME "%d", drv->wiphy_idx);
266
267         mutex_init(&drv->mtx);
268         mutex_init(&drv->devlist_mtx);
269         INIT_LIST_HEAD(&drv->netdev_list);
270         spin_lock_init(&drv->bss_lock);
271         INIT_LIST_HEAD(&drv->bss_list);
272
273         device_initialize(&drv->wiphy.dev);
274         drv->wiphy.dev.class = &ieee80211_class;
275         drv->wiphy.dev.platform_data = drv;
276
277         return &drv->wiphy;
278 }
279 EXPORT_SYMBOL(wiphy_new);
280
281 int wiphy_register(struct wiphy *wiphy)
282 {
283         struct cfg80211_registered_device *drv = wiphy_to_dev(wiphy);
284         int res;
285         enum ieee80211_band band;
286         struct ieee80211_supported_band *sband;
287         bool have_band = false;
288         int i;
289         u16 ifmodes = wiphy->interface_modes;
290
291         if (WARN_ON(wiphy->max_scan_ssids < 1))
292                 return -EINVAL;
293
294         /* sanity check ifmodes */
295         WARN_ON(!ifmodes);
296         ifmodes &= ((1 << __NL80211_IFTYPE_AFTER_LAST) - 1) & ~1;
297         if (WARN_ON(ifmodes != wiphy->interface_modes))
298                 wiphy->interface_modes = ifmodes;
299
300         /* sanity check supported bands/channels */
301         for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
302                 sband = wiphy->bands[band];
303                 if (!sband)
304                         continue;
305
306                 sband->band = band;
307
308                 if (WARN_ON(!sband->n_channels || !sband->n_bitrates))
309                         return -EINVAL;
310
311                 /*
312                  * Since we use a u32 for rate bitmaps in
313                  * ieee80211_get_response_rate, we cannot
314                  * have more than 32 legacy rates.
315                  */
316                 if (WARN_ON(sband->n_bitrates > 32))
317                         return -EINVAL;
318
319                 for (i = 0; i < sband->n_channels; i++) {
320                         sband->channels[i].orig_flags =
321                                 sband->channels[i].flags;
322                         sband->channels[i].orig_mag =
323                                 sband->channels[i].max_antenna_gain;
324                         sband->channels[i].orig_mpwr =
325                                 sband->channels[i].max_power;
326                         sband->channels[i].band = band;
327                 }
328
329                 have_band = true;
330         }
331
332         if (!have_band) {
333                 WARN_ON(1);
334                 return -EINVAL;
335         }
336
337         /* check and set up bitrates */
338         ieee80211_set_bitrate_flags(wiphy);
339
340         mutex_lock(&cfg80211_mutex);
341
342         /* set up regulatory info */
343         wiphy_update_regulatory(wiphy, NL80211_REGDOM_SET_BY_CORE);
344
345         res = device_add(&drv->wiphy.dev);
346         if (res)
347                 goto out_unlock;
348
349         list_add(&drv->list, &cfg80211_drv_list);
350
351         /* add to debugfs */
352         drv->wiphy.debugfsdir =
353                 debugfs_create_dir(wiphy_name(&drv->wiphy),
354                                    ieee80211_debugfs_dir);
355         if (IS_ERR(drv->wiphy.debugfsdir))
356                 drv->wiphy.debugfsdir = NULL;
357
358         if (wiphy->custom_regulatory) {
359                 struct regulatory_request request;
360
361                 request.wiphy_idx = get_wiphy_idx(wiphy);
362                 request.initiator = NL80211_REGDOM_SET_BY_DRIVER;
363                 request.alpha2[0] = '9';
364                 request.alpha2[1] = '9';
365
366                 nl80211_send_reg_change_event(&request);
367         }
368
369         res = 0;
370 out_unlock:
371         mutex_unlock(&cfg80211_mutex);
372         return res;
373 }
374 EXPORT_SYMBOL(wiphy_register);
375
376 void wiphy_unregister(struct wiphy *wiphy)
377 {
378         struct cfg80211_registered_device *drv = wiphy_to_dev(wiphy);
379
380         /* protect the device list */
381         mutex_lock(&cfg80211_mutex);
382
383         BUG_ON(!list_empty(&drv->netdev_list));
384
385         /*
386          * Try to grab drv->mtx. If a command is still in progress,
387          * hopefully the driver will refuse it since it's tearing
388          * down the device already. We wait for this command to complete
389          * before unlinking the item from the list.
390          * Note: as codified by the BUG_ON above we cannot get here if
391          * a virtual interface is still associated. Hence, we can only
392          * get to lock contention here if userspace issues a command
393          * that identified the hardware by wiphy index.
394          */
395         mutex_lock(&drv->mtx);
396         /* unlock again before freeing */
397         mutex_unlock(&drv->mtx);
398
399         /* If this device got a regulatory hint tell core its
400          * free to listen now to a new shiny device regulatory hint */
401         reg_device_remove(wiphy);
402
403         list_del(&drv->list);
404         device_del(&drv->wiphy.dev);
405         debugfs_remove(drv->wiphy.debugfsdir);
406
407         mutex_unlock(&cfg80211_mutex);
408 }
409 EXPORT_SYMBOL(wiphy_unregister);
410
411 void cfg80211_dev_free(struct cfg80211_registered_device *drv)
412 {
413         struct cfg80211_internal_bss *scan, *tmp;
414         mutex_destroy(&drv->mtx);
415         mutex_destroy(&drv->devlist_mtx);
416         list_for_each_entry_safe(scan, tmp, &drv->bss_list, list)
417                 cfg80211_put_bss(&scan->pub);
418         kfree(drv);
419 }
420
421 void wiphy_free(struct wiphy *wiphy)
422 {
423         put_device(&wiphy->dev);
424 }
425 EXPORT_SYMBOL(wiphy_free);
426
427 static int cfg80211_netdev_notifier_call(struct notifier_block * nb,
428                                          unsigned long state,
429                                          void *ndev)
430 {
431         struct net_device *dev = ndev;
432         struct cfg80211_registered_device *rdev;
433
434         if (!dev->ieee80211_ptr)
435                 return 0;
436
437         rdev = wiphy_to_dev(dev->ieee80211_ptr->wiphy);
438
439         WARN_ON(dev->ieee80211_ptr->iftype == NL80211_IFTYPE_UNSPECIFIED);
440
441         switch (state) {
442         case NETDEV_REGISTER:
443                 mutex_lock(&rdev->devlist_mtx);
444                 list_add(&dev->ieee80211_ptr->list, &rdev->netdev_list);
445                 if (sysfs_create_link(&dev->dev.kobj, &rdev->wiphy.dev.kobj,
446                                       "phy80211")) {
447                         printk(KERN_ERR "wireless: failed to add phy80211 "
448                                 "symlink to netdev!\n");
449                 }
450                 dev->ieee80211_ptr->netdev = dev;
451                 mutex_unlock(&rdev->devlist_mtx);
452                 break;
453         case NETDEV_UNREGISTER:
454                 mutex_lock(&rdev->devlist_mtx);
455                 if (!list_empty(&dev->ieee80211_ptr->list)) {
456                         sysfs_remove_link(&dev->dev.kobj, "phy80211");
457                         list_del_init(&dev->ieee80211_ptr->list);
458                 }
459                 mutex_unlock(&rdev->devlist_mtx);
460                 break;
461         }
462
463         return 0;
464 }
465
466 static struct notifier_block cfg80211_netdev_notifier = {
467         .notifier_call = cfg80211_netdev_notifier_call,
468 };
469
470 static int cfg80211_init(void)
471 {
472         int err;
473
474         err = wiphy_sysfs_init();
475         if (err)
476                 goto out_fail_sysfs;
477
478         err = register_netdevice_notifier(&cfg80211_netdev_notifier);
479         if (err)
480                 goto out_fail_notifier;
481
482         err = nl80211_init();
483         if (err)
484                 goto out_fail_nl80211;
485
486         ieee80211_debugfs_dir = debugfs_create_dir("ieee80211", NULL);
487
488         err = regulatory_init();
489         if (err)
490                 goto out_fail_reg;
491
492         return 0;
493
494 out_fail_reg:
495         debugfs_remove(ieee80211_debugfs_dir);
496 out_fail_nl80211:
497         unregister_netdevice_notifier(&cfg80211_netdev_notifier);
498 out_fail_notifier:
499         wiphy_sysfs_exit();
500 out_fail_sysfs:
501         return err;
502 }
503
504 subsys_initcall(cfg80211_init);
505
506 static void cfg80211_exit(void)
507 {
508         debugfs_remove(ieee80211_debugfs_dir);
509         nl80211_exit();
510         unregister_netdevice_notifier(&cfg80211_netdev_notifier);
511         wiphy_sysfs_exit();
512         regulatory_exit();
513 }
514 module_exit(cfg80211_exit);