+static int nl80211_set_mgmt_extra_ie(struct sk_buff *skb,
+ struct genl_info *info)
+{
+ struct cfg80211_registered_device *drv;
+ int err;
+ struct net_device *dev;
+ struct mgmt_extra_ie_params params;
+
+ memset(¶ms, 0, sizeof(params));
+
+ if (!info->attrs[NL80211_ATTR_MGMT_SUBTYPE])
+ return -EINVAL;
+ params.subtype = nla_get_u8(info->attrs[NL80211_ATTR_MGMT_SUBTYPE]);
+ if (params.subtype > 15)
+ return -EINVAL; /* FC Subtype field is 4 bits (0..15) */
+
+ if (info->attrs[NL80211_ATTR_IE]) {
+ params.ies = nla_data(info->attrs[NL80211_ATTR_IE]);
+ params.ies_len = nla_len(info->attrs[NL80211_ATTR_IE]);
+ }
+
+ err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev);
+ if (err)
+ return err;
+
+ if (drv->ops->set_mgmt_extra_ie) {
+ rtnl_lock();
+ err = drv->ops->set_mgmt_extra_ie(&drv->wiphy, dev, ¶ms);
+ rtnl_unlock();
+ } else
+ err = -EOPNOTSUPP;
+
+ cfg80211_put_dev(drv);
+ dev_put(dev);
+ return err;
+}
+
+static int nl80211_trigger_scan(struct sk_buff *skb, struct genl_info *info)
+{
+ struct cfg80211_registered_device *drv;
+ struct net_device *dev;
+ struct cfg80211_scan_request *request;
+ struct cfg80211_ssid *ssid;
+ struct ieee80211_channel *channel;
+ struct nlattr *attr;
+ struct wiphy *wiphy;
+ int err, tmp, n_ssids = 0, n_channels = 0, i;
+ enum ieee80211_band band;
+
+ err = get_drv_dev_by_info_ifindex(info->attrs, &drv, &dev);
+ if (err)
+ return err;
+
+ wiphy = &drv->wiphy;
+
+ if (!drv->ops->scan) {
+ err = -EOPNOTSUPP;
+ goto out;
+ }
+
+ rtnl_lock();
+
+ if (drv->scan_req) {
+ err = -EBUSY;
+ goto out_unlock;
+ }
+
+ if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
+ nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_FREQUENCIES], tmp)
+ n_channels++;
+ if (!n_channels) {
+ err = -EINVAL;
+ goto out_unlock;
+ }
+ } else {
+ for (band = 0; band < IEEE80211_NUM_BANDS; band++)
+ if (wiphy->bands[band])
+ n_channels += wiphy->bands[band]->n_channels;
+ }
+
+ if (info->attrs[NL80211_ATTR_SCAN_SSIDS])
+ nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp)
+ n_ssids++;
+
+ if (n_ssids > wiphy->max_scan_ssids) {
+ err = -EINVAL;
+ goto out_unlock;
+ }
+
+ request = kzalloc(sizeof(*request)
+ + sizeof(*ssid) * n_ssids
+ + sizeof(channel) * n_channels, GFP_KERNEL);
+ if (!request) {
+ err = -ENOMEM;
+ goto out_unlock;
+ }
+
+ request->channels = (void *)((char *)request + sizeof(*request));
+ request->n_channels = n_channels;
+ if (n_ssids)
+ request->ssids = (void *)(request->channels + n_channels);
+ request->n_ssids = n_ssids;
+
+ if (info->attrs[NL80211_ATTR_SCAN_FREQUENCIES]) {
+ /* user specified, bail out if channel not found */
+ request->n_channels = n_channels;
+ i = 0;
+ nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_FREQUENCIES], tmp) {
+ request->channels[i] = ieee80211_get_channel(wiphy, nla_get_u32(attr));
+ if (!request->channels[i]) {
+ err = -EINVAL;
+ goto out_free;
+ }
+ i++;
+ }
+ } else {
+ /* all channels */
+ i = 0;
+ for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
+ int j;
+ if (!wiphy->bands[band])
+ continue;
+ for (j = 0; j < wiphy->bands[band]->n_channels; j++) {
+ request->channels[i] = &wiphy->bands[band]->channels[j];
+ i++;
+ }
+ }
+ }
+
+ i = 0;
+ if (info->attrs[NL80211_ATTR_SCAN_SSIDS]) {
+ nla_for_each_nested(attr, info->attrs[NL80211_ATTR_SCAN_SSIDS], tmp) {
+ if (request->ssids[i].ssid_len > IEEE80211_MAX_SSID_LEN) {
+ err = -EINVAL;
+ goto out_free;
+ }
+ memcpy(request->ssids[i].ssid, nla_data(attr), nla_len(attr));
+ request->ssids[i].ssid_len = nla_len(attr);
+ i++;
+ }
+ }
+
+ request->ifidx = dev->ifindex;
+ request->wiphy = &drv->wiphy;
+
+ drv->scan_req = request;
+ err = drv->ops->scan(&drv->wiphy, dev, request);
+
+ out_free:
+ if (err) {
+ drv->scan_req = NULL;
+ kfree(request);
+ }
+ out_unlock:
+ rtnl_unlock();
+ out:
+ cfg80211_put_dev(drv);
+ dev_put(dev);
+ return err;
+}
+
+static int nl80211_send_bss(struct sk_buff *msg, u32 pid, u32 seq, int flags,
+ struct cfg80211_registered_device *rdev,
+ struct net_device *dev,
+ struct cfg80211_bss *res)
+{
+ void *hdr;
+ struct nlattr *bss;
+
+ hdr = nl80211hdr_put(msg, pid, seq, flags,
+ NL80211_CMD_NEW_SCAN_RESULTS);
+ if (!hdr)
+ return -1;
+
+ NLA_PUT_U32(msg, NL80211_ATTR_SCAN_GENERATION,
+ rdev->bss_generation);
+ NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, dev->ifindex);
+
+ bss = nla_nest_start(msg, NL80211_ATTR_BSS);
+ if (!bss)
+ goto nla_put_failure;
+ if (!is_zero_ether_addr(res->bssid))
+ NLA_PUT(msg, NL80211_BSS_BSSID, ETH_ALEN, res->bssid);
+ if (res->information_elements && res->len_information_elements)
+ NLA_PUT(msg, NL80211_BSS_INFORMATION_ELEMENTS,
+ res->len_information_elements,
+ res->information_elements);
+ if (res->tsf)
+ NLA_PUT_U64(msg, NL80211_BSS_TSF, res->tsf);
+ if (res->beacon_interval)
+ NLA_PUT_U16(msg, NL80211_BSS_BEACON_INTERVAL, res->beacon_interval);
+ NLA_PUT_U16(msg, NL80211_BSS_CAPABILITY, res->capability);
+ NLA_PUT_U32(msg, NL80211_BSS_FREQUENCY, res->channel->center_freq);
+
+ switch (res->signal_type) {
+ case CFG80211_SIGNAL_TYPE_MBM:
+ NLA_PUT_U32(msg, NL80211_BSS_SIGNAL_MBM, res->signal);
+ break;
+ case CFG80211_SIGNAL_TYPE_UNSPEC:
+ NLA_PUT_U8(msg, NL80211_BSS_SIGNAL_UNSPEC, res->signal);
+ break;
+ default:
+ break;
+ }
+
+ nla_nest_end(msg, bss);
+
+ return genlmsg_end(msg, hdr);
+
+ nla_put_failure:
+ genlmsg_cancel(msg, hdr);
+ return -EMSGSIZE;
+}
+
+static int nl80211_dump_scan(struct sk_buff *skb,
+ struct netlink_callback *cb)
+{
+ struct cfg80211_registered_device *dev;
+ struct net_device *netdev;
+ struct cfg80211_internal_bss *scan;
+ int ifidx = cb->args[0];
+ int start = cb->args[1], idx = 0;
+ int err;
+
+ if (!ifidx) {
+ err = nlmsg_parse(cb->nlh, GENL_HDRLEN + nl80211_fam.hdrsize,
+ nl80211_fam.attrbuf, nl80211_fam.maxattr,
+ nl80211_policy);
+ if (err)
+ return err;
+
+ if (!nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX])
+ return -EINVAL;
+
+ ifidx = nla_get_u32(nl80211_fam.attrbuf[NL80211_ATTR_IFINDEX]);
+ if (!ifidx)
+ return -EINVAL;
+ cb->args[0] = ifidx;
+ }
+
+ netdev = dev_get_by_index(&init_net, ifidx);
+ if (!netdev)
+ return -ENODEV;
+
+ dev = cfg80211_get_dev_from_ifindex(ifidx);
+ if (IS_ERR(dev)) {
+ err = PTR_ERR(dev);
+ goto out_put_netdev;
+ }
+
+ spin_lock_bh(&dev->bss_lock);
+ cfg80211_bss_expire(dev);
+
+ list_for_each_entry(scan, &dev->bss_list, list) {
+ if (++idx <= start)
+ continue;
+ if (nl80211_send_bss(skb,
+ NETLINK_CB(cb->skb).pid,
+ cb->nlh->nlmsg_seq, NLM_F_MULTI,
+ dev, netdev, &scan->pub) < 0) {
+ idx--;
+ goto out;
+ }
+ }
+
+ out:
+ spin_unlock_bh(&dev->bss_lock);
+
+ cb->args[1] = idx;
+ err = skb->len;
+ cfg80211_put_dev(dev);
+ out_put_netdev:
+ dev_put(netdev);
+
+ return err;
+}
+