xref: /openbmc/linux/net/wireless/reg.c (revision 9d56dd3b083a3bec56e9da35ce07baca81030b03)
1 /*
2  * Copyright 2002-2005, Instant802 Networks, Inc.
3  * Copyright 2005-2006, Devicescape Software, Inc.
4  * Copyright 2007	Johannes Berg <johannes@sipsolutions.net>
5  * Copyright 2008	Luis R. Rodriguez <lrodriguz@atheros.com>
6  *
7  * This program is free software; you can redistribute it and/or modify
8  * it under the terms of the GNU General Public License version 2 as
9  * published by the Free Software Foundation.
10  */
11 
12 /**
13  * DOC: Wireless regulatory infrastructure
14  *
15  * The usual implementation is for a driver to read a device EEPROM to
16  * determine which regulatory domain it should be operating under, then
17  * looking up the allowable channels in a driver-local table and finally
18  * registering those channels in the wiphy structure.
19  *
20  * Another set of compliance enforcement is for drivers to use their
21  * own compliance limits which can be stored on the EEPROM. The host
22  * driver or firmware may ensure these are used.
23  *
24  * In addition to all this we provide an extra layer of regulatory
25  * conformance. For drivers which do not have any regulatory
26  * information CRDA provides the complete regulatory solution.
27  * For others it provides a community effort on further restrictions
28  * to enhance compliance.
29  *
30  * Note: When number of rules --> infinity we will not be able to
31  * index on alpha2 any more, instead we'll probably have to
32  * rely on some SHA1 checksum of the regdomain for example.
33  *
34  */
35 #include <linux/kernel.h>
36 #include <linux/list.h>
37 #include <linux/random.h>
38 #include <linux/nl80211.h>
39 #include <linux/platform_device.h>
40 #include <net/cfg80211.h>
41 #include "core.h"
42 #include "reg.h"
43 #include "nl80211.h"
44 
45 /* Receipt of information from last regulatory request */
46 static struct regulatory_request *last_request;
47 
48 /* To trigger userspace events */
49 static struct platform_device *reg_pdev;
50 
51 /*
52  * Central wireless core regulatory domains, we only need two,
53  * the current one and a world regulatory domain in case we have no
54  * information to give us an alpha2
55  */
56 const struct ieee80211_regdomain *cfg80211_regdomain;
57 
58 /*
59  * We use this as a place for the rd structure built from the
60  * last parsed country IE to rest until CRDA gets back to us with
61  * what it thinks should apply for the same country
62  */
63 static const struct ieee80211_regdomain *country_ie_regdomain;
64 
65 /*
66  * Protects static reg.c components:
67  *     - cfg80211_world_regdom
68  *     - cfg80211_regdom
69  *     - country_ie_regdomain
70  *     - last_request
71  */
72 DEFINE_MUTEX(reg_mutex);
73 #define assert_reg_lock() WARN_ON(!mutex_is_locked(&reg_mutex))
74 
75 /* Used to queue up regulatory hints */
76 static LIST_HEAD(reg_requests_list);
77 static spinlock_t reg_requests_lock;
78 
79 /* Used to queue up beacon hints for review */
80 static LIST_HEAD(reg_pending_beacons);
81 static spinlock_t reg_pending_beacons_lock;
82 
83 /* Used to keep track of processed beacon hints */
84 static LIST_HEAD(reg_beacon_list);
85 
86 struct reg_beacon {
87 	struct list_head list;
88 	struct ieee80211_channel chan;
89 };
90 
91 /* We keep a static world regulatory domain in case of the absence of CRDA */
92 static const struct ieee80211_regdomain world_regdom = {
93 	.n_reg_rules = 5,
94 	.alpha2 =  "00",
95 	.reg_rules = {
96 		/* IEEE 802.11b/g, channels 1..11 */
97 		REG_RULE(2412-10, 2462+10, 40, 6, 20, 0),
98 		/* IEEE 802.11b/g, channels 12..13. No HT40
99 		 * channel fits here. */
100 		REG_RULE(2467-10, 2472+10, 20, 6, 20,
101 			NL80211_RRF_PASSIVE_SCAN |
102 			NL80211_RRF_NO_IBSS),
103 		/* IEEE 802.11 channel 14 - Only JP enables
104 		 * this and for 802.11b only */
105 		REG_RULE(2484-10, 2484+10, 20, 6, 20,
106 			NL80211_RRF_PASSIVE_SCAN |
107 			NL80211_RRF_NO_IBSS |
108 			NL80211_RRF_NO_OFDM),
109 		/* IEEE 802.11a, channel 36..48 */
110 		REG_RULE(5180-10, 5240+10, 40, 6, 20,
111                         NL80211_RRF_PASSIVE_SCAN |
112                         NL80211_RRF_NO_IBSS),
113 
114 		/* NB: 5260 MHz - 5700 MHz requies DFS */
115 
116 		/* IEEE 802.11a, channel 149..165 */
117 		REG_RULE(5745-10, 5825+10, 40, 6, 20,
118 			NL80211_RRF_PASSIVE_SCAN |
119 			NL80211_RRF_NO_IBSS),
120 	}
121 };
122 
123 static const struct ieee80211_regdomain *cfg80211_world_regdom =
124 	&world_regdom;
125 
126 static char *ieee80211_regdom = "00";
127 
128 module_param(ieee80211_regdom, charp, 0444);
129 MODULE_PARM_DESC(ieee80211_regdom, "IEEE 802.11 regulatory domain code");
130 
131 #ifdef CONFIG_WIRELESS_OLD_REGULATORY
132 /*
133  * We assume 40 MHz bandwidth for the old regulatory work.
134  * We make emphasis we are using the exact same frequencies
135  * as before
136  */
137 
138 static const struct ieee80211_regdomain us_regdom = {
139 	.n_reg_rules = 6,
140 	.alpha2 =  "US",
141 	.reg_rules = {
142 		/* IEEE 802.11b/g, channels 1..11 */
143 		REG_RULE(2412-10, 2462+10, 40, 6, 27, 0),
144 		/* IEEE 802.11a, channel 36..48 */
145 		REG_RULE(5180-10, 5240+10, 40, 6, 17, 0),
146 		/* IEEE 802.11a, channels 48..64 */
147 		REG_RULE(5260-10, 5320+10, 40, 6, 20, NL80211_RRF_DFS),
148 		/* IEEE 802.11a, channels 100..124 */
149 		REG_RULE(5500-10, 5590+10, 40, 6, 20, NL80211_RRF_DFS),
150 		/* IEEE 802.11a, channels 132..144 */
151 		REG_RULE(5660-10, 5700+10, 40, 6, 20, NL80211_RRF_DFS),
152 		/* IEEE 802.11a, channels 149..165, outdoor */
153 		REG_RULE(5745-10, 5825+10, 40, 6, 30, 0),
154 	}
155 };
156 
157 static const struct ieee80211_regdomain jp_regdom = {
158 	.n_reg_rules = 6,
159 	.alpha2 =  "JP",
160 	.reg_rules = {
161 		/* IEEE 802.11b/g, channels 1..11 */
162 		REG_RULE(2412-10, 2462+10, 40, 6, 20, 0),
163 		/* IEEE 802.11b/g, channels 12..13 */
164 		REG_RULE(2467-10, 2472+10, 20, 6, 20, 0),
165 		/* IEEE 802.11b/g, channel 14 */
166 		REG_RULE(2484-10, 2484+10, 20, 6, 20, NL80211_RRF_NO_OFDM),
167 		/* IEEE 802.11a, channels 36..48 */
168 		REG_RULE(5180-10, 5240+10, 40, 6, 20, 0),
169 		/* IEEE 802.11a, channels 52..64 */
170 		REG_RULE(5260-10, 5320+10, 40, 6, 20, NL80211_RRF_DFS),
171 		/* IEEE 802.11a, channels 100..144 */
172 		REG_RULE(5500-10, 5700+10, 40, 6, 23, NL80211_RRF_DFS),
173 	}
174 };
175 
176 static const struct ieee80211_regdomain *static_regdom(char *alpha2)
177 {
178 	if (alpha2[0] == 'U' && alpha2[1] == 'S')
179 		return &us_regdom;
180 	if (alpha2[0] == 'J' && alpha2[1] == 'P')
181 		return &jp_regdom;
182 	/* Use world roaming rules for "EU", since it was a pseudo
183 	   domain anyway... */
184 	if (alpha2[0] == 'E' && alpha2[1] == 'U')
185 		return &world_regdom;
186 	/* Default, world roaming rules */
187 	return &world_regdom;
188 }
189 
190 static bool is_old_static_regdom(const struct ieee80211_regdomain *rd)
191 {
192 	if (rd == &us_regdom || rd == &jp_regdom || rd == &world_regdom)
193 		return true;
194 	return false;
195 }
196 #else
197 static inline bool is_old_static_regdom(const struct ieee80211_regdomain *rd)
198 {
199 	return false;
200 }
201 #endif
202 
203 static void reset_regdomains(void)
204 {
205 	/* avoid freeing static information or freeing something twice */
206 	if (cfg80211_regdomain == cfg80211_world_regdom)
207 		cfg80211_regdomain = NULL;
208 	if (cfg80211_world_regdom == &world_regdom)
209 		cfg80211_world_regdom = NULL;
210 	if (cfg80211_regdomain == &world_regdom)
211 		cfg80211_regdomain = NULL;
212 	if (is_old_static_regdom(cfg80211_regdomain))
213 		cfg80211_regdomain = NULL;
214 
215 	kfree(cfg80211_regdomain);
216 	kfree(cfg80211_world_regdom);
217 
218 	cfg80211_world_regdom = &world_regdom;
219 	cfg80211_regdomain = NULL;
220 }
221 
222 /*
223  * Dynamic world regulatory domain requested by the wireless
224  * core upon initialization
225  */
226 static void update_world_regdomain(const struct ieee80211_regdomain *rd)
227 {
228 	BUG_ON(!last_request);
229 
230 	reset_regdomains();
231 
232 	cfg80211_world_regdom = rd;
233 	cfg80211_regdomain = rd;
234 }
235 
236 bool is_world_regdom(const char *alpha2)
237 {
238 	if (!alpha2)
239 		return false;
240 	if (alpha2[0] == '0' && alpha2[1] == '0')
241 		return true;
242 	return false;
243 }
244 
245 static bool is_alpha2_set(const char *alpha2)
246 {
247 	if (!alpha2)
248 		return false;
249 	if (alpha2[0] != 0 && alpha2[1] != 0)
250 		return true;
251 	return false;
252 }
253 
254 static bool is_alpha_upper(char letter)
255 {
256 	/* ASCII A - Z */
257 	if (letter >= 65 && letter <= 90)
258 		return true;
259 	return false;
260 }
261 
262 static bool is_unknown_alpha2(const char *alpha2)
263 {
264 	if (!alpha2)
265 		return false;
266 	/*
267 	 * Special case where regulatory domain was built by driver
268 	 * but a specific alpha2 cannot be determined
269 	 */
270 	if (alpha2[0] == '9' && alpha2[1] == '9')
271 		return true;
272 	return false;
273 }
274 
275 static bool is_intersected_alpha2(const char *alpha2)
276 {
277 	if (!alpha2)
278 		return false;
279 	/*
280 	 * Special case where regulatory domain is the
281 	 * result of an intersection between two regulatory domain
282 	 * structures
283 	 */
284 	if (alpha2[0] == '9' && alpha2[1] == '8')
285 		return true;
286 	return false;
287 }
288 
289 static bool is_an_alpha2(const char *alpha2)
290 {
291 	if (!alpha2)
292 		return false;
293 	if (is_alpha_upper(alpha2[0]) && is_alpha_upper(alpha2[1]))
294 		return true;
295 	return false;
296 }
297 
298 static bool alpha2_equal(const char *alpha2_x, const char *alpha2_y)
299 {
300 	if (!alpha2_x || !alpha2_y)
301 		return false;
302 	if (alpha2_x[0] == alpha2_y[0] &&
303 		alpha2_x[1] == alpha2_y[1])
304 		return true;
305 	return false;
306 }
307 
308 static bool regdom_changes(const char *alpha2)
309 {
310 	assert_cfg80211_lock();
311 
312 	if (!cfg80211_regdomain)
313 		return true;
314 	if (alpha2_equal(cfg80211_regdomain->alpha2, alpha2))
315 		return false;
316 	return true;
317 }
318 
319 /**
320  * country_ie_integrity_changes - tells us if the country IE has changed
321  * @checksum: checksum of country IE of fields we are interested in
322  *
323  * If the country IE has not changed you can ignore it safely. This is
324  * useful to determine if two devices are seeing two different country IEs
325  * even on the same alpha2. Note that this will return false if no IE has
326  * been set on the wireless core yet.
327  */
328 static bool country_ie_integrity_changes(u32 checksum)
329 {
330 	/* If no IE has been set then the checksum doesn't change */
331 	if (unlikely(!last_request->country_ie_checksum))
332 		return false;
333 	if (unlikely(last_request->country_ie_checksum != checksum))
334 		return true;
335 	return false;
336 }
337 
338 /*
339  * This lets us keep regulatory code which is updated on a regulatory
340  * basis in userspace.
341  */
342 static int call_crda(const char *alpha2)
343 {
344 	char country_env[9 + 2] = "COUNTRY=";
345 	char *envp[] = {
346 		country_env,
347 		NULL
348 	};
349 
350 	if (!is_world_regdom((char *) alpha2))
351 		printk(KERN_INFO "cfg80211: Calling CRDA for country: %c%c\n",
352 			alpha2[0], alpha2[1]);
353 	else
354 		printk(KERN_INFO "cfg80211: Calling CRDA to update world "
355 			"regulatory domain\n");
356 
357 	country_env[8] = alpha2[0];
358 	country_env[9] = alpha2[1];
359 
360 	return kobject_uevent_env(&reg_pdev->dev.kobj, KOBJ_CHANGE, envp);
361 }
362 
363 /* Used by nl80211 before kmalloc'ing our regulatory domain */
364 bool reg_is_valid_request(const char *alpha2)
365 {
366 	assert_cfg80211_lock();
367 
368 	if (!last_request)
369 		return false;
370 
371 	return alpha2_equal(last_request->alpha2, alpha2);
372 }
373 
374 /* Sanity check on a regulatory rule */
375 static bool is_valid_reg_rule(const struct ieee80211_reg_rule *rule)
376 {
377 	const struct ieee80211_freq_range *freq_range = &rule->freq_range;
378 	u32 freq_diff;
379 
380 	if (freq_range->start_freq_khz <= 0 || freq_range->end_freq_khz <= 0)
381 		return false;
382 
383 	if (freq_range->start_freq_khz > freq_range->end_freq_khz)
384 		return false;
385 
386 	freq_diff = freq_range->end_freq_khz - freq_range->start_freq_khz;
387 
388 	if (freq_range->end_freq_khz <= freq_range->start_freq_khz ||
389 			freq_range->max_bandwidth_khz > freq_diff)
390 		return false;
391 
392 	return true;
393 }
394 
395 static bool is_valid_rd(const struct ieee80211_regdomain *rd)
396 {
397 	const struct ieee80211_reg_rule *reg_rule = NULL;
398 	unsigned int i;
399 
400 	if (!rd->n_reg_rules)
401 		return false;
402 
403 	if (WARN_ON(rd->n_reg_rules > NL80211_MAX_SUPP_REG_RULES))
404 		return false;
405 
406 	for (i = 0; i < rd->n_reg_rules; i++) {
407 		reg_rule = &rd->reg_rules[i];
408 		if (!is_valid_reg_rule(reg_rule))
409 			return false;
410 	}
411 
412 	return true;
413 }
414 
415 static bool reg_does_bw_fit(const struct ieee80211_freq_range *freq_range,
416 			    u32 center_freq_khz,
417 			    u32 bw_khz)
418 {
419 	u32 start_freq_khz, end_freq_khz;
420 
421 	start_freq_khz = center_freq_khz - (bw_khz/2);
422 	end_freq_khz = center_freq_khz + (bw_khz/2);
423 
424 	if (start_freq_khz >= freq_range->start_freq_khz &&
425 	    end_freq_khz <= freq_range->end_freq_khz)
426 		return true;
427 
428 	return false;
429 }
430 
431 /**
432  * freq_in_rule_band - tells us if a frequency is in a frequency band
433  * @freq_range: frequency rule we want to query
434  * @freq_khz: frequency we are inquiring about
435  *
436  * This lets us know if a specific frequency rule is or is not relevant to
437  * a specific frequency's band. Bands are device specific and artificial
438  * definitions (the "2.4 GHz band" and the "5 GHz band"), however it is
439  * safe for now to assume that a frequency rule should not be part of a
440  * frequency's band if the start freq or end freq are off by more than 2 GHz.
441  * This resolution can be lowered and should be considered as we add
442  * regulatory rule support for other "bands".
443  **/
444 static bool freq_in_rule_band(const struct ieee80211_freq_range *freq_range,
445 	u32 freq_khz)
446 {
447 #define ONE_GHZ_IN_KHZ	1000000
448 	if (abs(freq_khz - freq_range->start_freq_khz) <= (2 * ONE_GHZ_IN_KHZ))
449 		return true;
450 	if (abs(freq_khz - freq_range->end_freq_khz) <= (2 * ONE_GHZ_IN_KHZ))
451 		return true;
452 	return false;
453 #undef ONE_GHZ_IN_KHZ
454 }
455 
456 /*
457  * Converts a country IE to a regulatory domain. A regulatory domain
458  * structure has a lot of information which the IE doesn't yet have,
459  * so for the other values we use upper max values as we will intersect
460  * with our userspace regulatory agent to get lower bounds.
461  */
462 static struct ieee80211_regdomain *country_ie_2_rd(
463 				u8 *country_ie,
464 				u8 country_ie_len,
465 				u32 *checksum)
466 {
467 	struct ieee80211_regdomain *rd = NULL;
468 	unsigned int i = 0;
469 	char alpha2[2];
470 	u32 flags = 0;
471 	u32 num_rules = 0, size_of_regd = 0;
472 	u8 *triplets_start = NULL;
473 	u8 len_at_triplet = 0;
474 	/* the last channel we have registered in a subband (triplet) */
475 	int last_sub_max_channel = 0;
476 
477 	*checksum = 0xDEADBEEF;
478 
479 	/* Country IE requirements */
480 	BUG_ON(country_ie_len < IEEE80211_COUNTRY_IE_MIN_LEN ||
481 		country_ie_len & 0x01);
482 
483 	alpha2[0] = country_ie[0];
484 	alpha2[1] = country_ie[1];
485 
486 	/*
487 	 * Third octet can be:
488 	 *    'I' - Indoor
489 	 *    'O' - Outdoor
490 	 *
491 	 *  anything else we assume is no restrictions
492 	 */
493 	if (country_ie[2] == 'I')
494 		flags = NL80211_RRF_NO_OUTDOOR;
495 	else if (country_ie[2] == 'O')
496 		flags = NL80211_RRF_NO_INDOOR;
497 
498 	country_ie += 3;
499 	country_ie_len -= 3;
500 
501 	triplets_start = country_ie;
502 	len_at_triplet = country_ie_len;
503 
504 	*checksum ^= ((flags ^ alpha2[0] ^ alpha2[1]) << 8);
505 
506 	/*
507 	 * We need to build a reg rule for each triplet, but first we must
508 	 * calculate the number of reg rules we will need. We will need one
509 	 * for each channel subband
510 	 */
511 	while (country_ie_len >= 3) {
512 		int end_channel = 0;
513 		struct ieee80211_country_ie_triplet *triplet =
514 			(struct ieee80211_country_ie_triplet *) country_ie;
515 		int cur_sub_max_channel = 0, cur_channel = 0;
516 
517 		if (triplet->ext.reg_extension_id >=
518 				IEEE80211_COUNTRY_EXTENSION_ID) {
519 			country_ie += 3;
520 			country_ie_len -= 3;
521 			continue;
522 		}
523 
524 		/* 2 GHz */
525 		if (triplet->chans.first_channel <= 14)
526 			end_channel = triplet->chans.first_channel +
527 				triplet->chans.num_channels;
528 		else
529 			/*
530 			 * 5 GHz -- For example in country IEs if the first
531 			 * channel given is 36 and the number of channels is 4
532 			 * then the individual channel numbers defined for the
533 			 * 5 GHz PHY by these parameters are: 36, 40, 44, and 48
534 			 * and not 36, 37, 38, 39.
535 			 *
536 			 * See: http://tinyurl.com/11d-clarification
537 			 */
538 			end_channel =  triplet->chans.first_channel +
539 				(4 * (triplet->chans.num_channels - 1));
540 
541 		cur_channel = triplet->chans.first_channel;
542 		cur_sub_max_channel = end_channel;
543 
544 		/* Basic sanity check */
545 		if (cur_sub_max_channel < cur_channel)
546 			return NULL;
547 
548 		/*
549 		 * Do not allow overlapping channels. Also channels
550 		 * passed in each subband must be monotonically
551 		 * increasing
552 		 */
553 		if (last_sub_max_channel) {
554 			if (cur_channel <= last_sub_max_channel)
555 				return NULL;
556 			if (cur_sub_max_channel <= last_sub_max_channel)
557 				return NULL;
558 		}
559 
560 		/*
561 		 * When dot11RegulatoryClassesRequired is supported
562 		 * we can throw ext triplets as part of this soup,
563 		 * for now we don't care when those change as we
564 		 * don't support them
565 		 */
566 		*checksum ^= ((cur_channel ^ cur_sub_max_channel) << 8) |
567 		  ((cur_sub_max_channel ^ cur_sub_max_channel) << 16) |
568 		  ((triplet->chans.max_power ^ cur_sub_max_channel) << 24);
569 
570 		last_sub_max_channel = cur_sub_max_channel;
571 
572 		country_ie += 3;
573 		country_ie_len -= 3;
574 		num_rules++;
575 
576 		/*
577 		 * Note: this is not a IEEE requirement but
578 		 * simply a memory requirement
579 		 */
580 		if (num_rules > NL80211_MAX_SUPP_REG_RULES)
581 			return NULL;
582 	}
583 
584 	country_ie = triplets_start;
585 	country_ie_len = len_at_triplet;
586 
587 	size_of_regd = sizeof(struct ieee80211_regdomain) +
588 		(num_rules * sizeof(struct ieee80211_reg_rule));
589 
590 	rd = kzalloc(size_of_regd, GFP_KERNEL);
591 	if (!rd)
592 		return NULL;
593 
594 	rd->n_reg_rules = num_rules;
595 	rd->alpha2[0] = alpha2[0];
596 	rd->alpha2[1] = alpha2[1];
597 
598 	/* This time around we fill in the rd */
599 	while (country_ie_len >= 3) {
600 		int end_channel = 0;
601 		struct ieee80211_country_ie_triplet *triplet =
602 			(struct ieee80211_country_ie_triplet *) country_ie;
603 		struct ieee80211_reg_rule *reg_rule = NULL;
604 		struct ieee80211_freq_range *freq_range = NULL;
605 		struct ieee80211_power_rule *power_rule = NULL;
606 
607 		/*
608 		 * Must parse if dot11RegulatoryClassesRequired is true,
609 		 * we don't support this yet
610 		 */
611 		if (triplet->ext.reg_extension_id >=
612 				IEEE80211_COUNTRY_EXTENSION_ID) {
613 			country_ie += 3;
614 			country_ie_len -= 3;
615 			continue;
616 		}
617 
618 		reg_rule = &rd->reg_rules[i];
619 		freq_range = &reg_rule->freq_range;
620 		power_rule = &reg_rule->power_rule;
621 
622 		reg_rule->flags = flags;
623 
624 		/* 2 GHz */
625 		if (triplet->chans.first_channel <= 14)
626 			end_channel = triplet->chans.first_channel +
627 				triplet->chans.num_channels;
628 		else
629 			end_channel =  triplet->chans.first_channel +
630 				(4 * (triplet->chans.num_channels - 1));
631 
632 		/*
633 		 * The +10 is since the regulatory domain expects
634 		 * the actual band edge, not the center of freq for
635 		 * its start and end freqs, assuming 20 MHz bandwidth on
636 		 * the channels passed
637 		 */
638 		freq_range->start_freq_khz =
639 			MHZ_TO_KHZ(ieee80211_channel_to_frequency(
640 				triplet->chans.first_channel) - 10);
641 		freq_range->end_freq_khz =
642 			MHZ_TO_KHZ(ieee80211_channel_to_frequency(
643 				end_channel) + 10);
644 
645 		/*
646 		 * These are large arbitrary values we use to intersect later.
647 		 * Increment this if we ever support >= 40 MHz channels
648 		 * in IEEE 802.11
649 		 */
650 		freq_range->max_bandwidth_khz = MHZ_TO_KHZ(40);
651 		power_rule->max_antenna_gain = DBI_TO_MBI(100);
652 		power_rule->max_eirp = DBM_TO_MBM(100);
653 
654 		country_ie += 3;
655 		country_ie_len -= 3;
656 		i++;
657 
658 		BUG_ON(i > NL80211_MAX_SUPP_REG_RULES);
659 	}
660 
661 	return rd;
662 }
663 
664 
665 /*
666  * Helper for regdom_intersect(), this does the real
667  * mathematical intersection fun
668  */
669 static int reg_rules_intersect(
670 	const struct ieee80211_reg_rule *rule1,
671 	const struct ieee80211_reg_rule *rule2,
672 	struct ieee80211_reg_rule *intersected_rule)
673 {
674 	const struct ieee80211_freq_range *freq_range1, *freq_range2;
675 	struct ieee80211_freq_range *freq_range;
676 	const struct ieee80211_power_rule *power_rule1, *power_rule2;
677 	struct ieee80211_power_rule *power_rule;
678 	u32 freq_diff;
679 
680 	freq_range1 = &rule1->freq_range;
681 	freq_range2 = &rule2->freq_range;
682 	freq_range = &intersected_rule->freq_range;
683 
684 	power_rule1 = &rule1->power_rule;
685 	power_rule2 = &rule2->power_rule;
686 	power_rule = &intersected_rule->power_rule;
687 
688 	freq_range->start_freq_khz = max(freq_range1->start_freq_khz,
689 		freq_range2->start_freq_khz);
690 	freq_range->end_freq_khz = min(freq_range1->end_freq_khz,
691 		freq_range2->end_freq_khz);
692 	freq_range->max_bandwidth_khz = min(freq_range1->max_bandwidth_khz,
693 		freq_range2->max_bandwidth_khz);
694 
695 	freq_diff = freq_range->end_freq_khz - freq_range->start_freq_khz;
696 	if (freq_range->max_bandwidth_khz > freq_diff)
697 		freq_range->max_bandwidth_khz = freq_diff;
698 
699 	power_rule->max_eirp = min(power_rule1->max_eirp,
700 		power_rule2->max_eirp);
701 	power_rule->max_antenna_gain = min(power_rule1->max_antenna_gain,
702 		power_rule2->max_antenna_gain);
703 
704 	intersected_rule->flags = (rule1->flags | rule2->flags);
705 
706 	if (!is_valid_reg_rule(intersected_rule))
707 		return -EINVAL;
708 
709 	return 0;
710 }
711 
712 /**
713  * regdom_intersect - do the intersection between two regulatory domains
714  * @rd1: first regulatory domain
715  * @rd2: second regulatory domain
716  *
717  * Use this function to get the intersection between two regulatory domains.
718  * Once completed we will mark the alpha2 for the rd as intersected, "98",
719  * as no one single alpha2 can represent this regulatory domain.
720  *
721  * Returns a pointer to the regulatory domain structure which will hold the
722  * resulting intersection of rules between rd1 and rd2. We will
723  * kzalloc() this structure for you.
724  */
725 static struct ieee80211_regdomain *regdom_intersect(
726 	const struct ieee80211_regdomain *rd1,
727 	const struct ieee80211_regdomain *rd2)
728 {
729 	int r, size_of_regd;
730 	unsigned int x, y;
731 	unsigned int num_rules = 0, rule_idx = 0;
732 	const struct ieee80211_reg_rule *rule1, *rule2;
733 	struct ieee80211_reg_rule *intersected_rule;
734 	struct ieee80211_regdomain *rd;
735 	/* This is just a dummy holder to help us count */
736 	struct ieee80211_reg_rule irule;
737 
738 	/* Uses the stack temporarily for counter arithmetic */
739 	intersected_rule = &irule;
740 
741 	memset(intersected_rule, 0, sizeof(struct ieee80211_reg_rule));
742 
743 	if (!rd1 || !rd2)
744 		return NULL;
745 
746 	/*
747 	 * First we get a count of the rules we'll need, then we actually
748 	 * build them. This is to so we can malloc() and free() a
749 	 * regdomain once. The reason we use reg_rules_intersect() here
750 	 * is it will return -EINVAL if the rule computed makes no sense.
751 	 * All rules that do check out OK are valid.
752 	 */
753 
754 	for (x = 0; x < rd1->n_reg_rules; x++) {
755 		rule1 = &rd1->reg_rules[x];
756 		for (y = 0; y < rd2->n_reg_rules; y++) {
757 			rule2 = &rd2->reg_rules[y];
758 			if (!reg_rules_intersect(rule1, rule2,
759 					intersected_rule))
760 				num_rules++;
761 			memset(intersected_rule, 0,
762 					sizeof(struct ieee80211_reg_rule));
763 		}
764 	}
765 
766 	if (!num_rules)
767 		return NULL;
768 
769 	size_of_regd = sizeof(struct ieee80211_regdomain) +
770 		((num_rules + 1) * sizeof(struct ieee80211_reg_rule));
771 
772 	rd = kzalloc(size_of_regd, GFP_KERNEL);
773 	if (!rd)
774 		return NULL;
775 
776 	for (x = 0; x < rd1->n_reg_rules; x++) {
777 		rule1 = &rd1->reg_rules[x];
778 		for (y = 0; y < rd2->n_reg_rules; y++) {
779 			rule2 = &rd2->reg_rules[y];
780 			/*
781 			 * This time around instead of using the stack lets
782 			 * write to the target rule directly saving ourselves
783 			 * a memcpy()
784 			 */
785 			intersected_rule = &rd->reg_rules[rule_idx];
786 			r = reg_rules_intersect(rule1, rule2,
787 				intersected_rule);
788 			/*
789 			 * No need to memset here the intersected rule here as
790 			 * we're not using the stack anymore
791 			 */
792 			if (r)
793 				continue;
794 			rule_idx++;
795 		}
796 	}
797 
798 	if (rule_idx != num_rules) {
799 		kfree(rd);
800 		return NULL;
801 	}
802 
803 	rd->n_reg_rules = num_rules;
804 	rd->alpha2[0] = '9';
805 	rd->alpha2[1] = '8';
806 
807 	return rd;
808 }
809 
810 /*
811  * XXX: add support for the rest of enum nl80211_reg_rule_flags, we may
812  * want to just have the channel structure use these
813  */
814 static u32 map_regdom_flags(u32 rd_flags)
815 {
816 	u32 channel_flags = 0;
817 	if (rd_flags & NL80211_RRF_PASSIVE_SCAN)
818 		channel_flags |= IEEE80211_CHAN_PASSIVE_SCAN;
819 	if (rd_flags & NL80211_RRF_NO_IBSS)
820 		channel_flags |= IEEE80211_CHAN_NO_IBSS;
821 	if (rd_flags & NL80211_RRF_DFS)
822 		channel_flags |= IEEE80211_CHAN_RADAR;
823 	return channel_flags;
824 }
825 
826 static int freq_reg_info_regd(struct wiphy *wiphy,
827 			      u32 center_freq,
828 			      u32 desired_bw_khz,
829 			      const struct ieee80211_reg_rule **reg_rule,
830 			      const struct ieee80211_regdomain *custom_regd)
831 {
832 	int i;
833 	bool band_rule_found = false;
834 	const struct ieee80211_regdomain *regd;
835 	bool bw_fits = false;
836 
837 	if (!desired_bw_khz)
838 		desired_bw_khz = MHZ_TO_KHZ(20);
839 
840 	regd = custom_regd ? custom_regd : cfg80211_regdomain;
841 
842 	/*
843 	 * Follow the driver's regulatory domain, if present, unless a country
844 	 * IE has been processed or a user wants to help complaince further
845 	 */
846 	if (last_request->initiator != NL80211_REGDOM_SET_BY_COUNTRY_IE &&
847 	    last_request->initiator != NL80211_REGDOM_SET_BY_USER &&
848 	    wiphy->regd)
849 		regd = wiphy->regd;
850 
851 	if (!regd)
852 		return -EINVAL;
853 
854 	for (i = 0; i < regd->n_reg_rules; i++) {
855 		const struct ieee80211_reg_rule *rr;
856 		const struct ieee80211_freq_range *fr = NULL;
857 		const struct ieee80211_power_rule *pr = NULL;
858 
859 		rr = &regd->reg_rules[i];
860 		fr = &rr->freq_range;
861 		pr = &rr->power_rule;
862 
863 		/*
864 		 * We only need to know if one frequency rule was
865 		 * was in center_freq's band, that's enough, so lets
866 		 * not overwrite it once found
867 		 */
868 		if (!band_rule_found)
869 			band_rule_found = freq_in_rule_band(fr, center_freq);
870 
871 		bw_fits = reg_does_bw_fit(fr,
872 					  center_freq,
873 					  desired_bw_khz);
874 
875 		if (band_rule_found && bw_fits) {
876 			*reg_rule = rr;
877 			return 0;
878 		}
879 	}
880 
881 	if (!band_rule_found)
882 		return -ERANGE;
883 
884 	return -EINVAL;
885 }
886 EXPORT_SYMBOL(freq_reg_info);
887 
888 int freq_reg_info(struct wiphy *wiphy,
889 		  u32 center_freq,
890 		  u32 desired_bw_khz,
891 		  const struct ieee80211_reg_rule **reg_rule)
892 {
893 	assert_cfg80211_lock();
894 	return freq_reg_info_regd(wiphy,
895 				  center_freq,
896 				  desired_bw_khz,
897 				  reg_rule,
898 				  NULL);
899 }
900 
901 /*
902  * Note that right now we assume the desired channel bandwidth
903  * is always 20 MHz for each individual channel (HT40 uses 20 MHz
904  * per channel, the primary and the extension channel). To support
905  * smaller custom bandwidths such as 5 MHz or 10 MHz we'll need a
906  * new ieee80211_channel.target_bw and re run the regulatory check
907  * on the wiphy with the target_bw specified. Then we can simply use
908  * that below for the desired_bw_khz below.
909  */
910 static void handle_channel(struct wiphy *wiphy, enum ieee80211_band band,
911 			   unsigned int chan_idx)
912 {
913 	int r;
914 	u32 flags, bw_flags = 0;
915 	u32 desired_bw_khz = MHZ_TO_KHZ(20);
916 	const struct ieee80211_reg_rule *reg_rule = NULL;
917 	const struct ieee80211_power_rule *power_rule = NULL;
918 	const struct ieee80211_freq_range *freq_range = NULL;
919 	struct ieee80211_supported_band *sband;
920 	struct ieee80211_channel *chan;
921 	struct wiphy *request_wiphy = NULL;
922 
923 	assert_cfg80211_lock();
924 
925 	request_wiphy = wiphy_idx_to_wiphy(last_request->wiphy_idx);
926 
927 	sband = wiphy->bands[band];
928 	BUG_ON(chan_idx >= sband->n_channels);
929 	chan = &sband->channels[chan_idx];
930 
931 	flags = chan->orig_flags;
932 
933 	r = freq_reg_info(wiphy,
934 			  MHZ_TO_KHZ(chan->center_freq),
935 			  desired_bw_khz,
936 			  &reg_rule);
937 
938 	if (r) {
939 		/*
940 		 * This means no regulatory rule was found in the country IE
941 		 * with a frequency range on the center_freq's band, since
942 		 * IEEE-802.11 allows for a country IE to have a subset of the
943 		 * regulatory information provided in a country we ignore
944 		 * disabling the channel unless at least one reg rule was
945 		 * found on the center_freq's band. For details see this
946 		 * clarification:
947 		 *
948 		 * http://tinyurl.com/11d-clarification
949 		 */
950 		if (r == -ERANGE &&
951 		    last_request->initiator ==
952 		    NL80211_REGDOM_SET_BY_COUNTRY_IE) {
953 #ifdef CONFIG_CFG80211_REG_DEBUG
954 			printk(KERN_DEBUG "cfg80211: Leaving channel %d MHz "
955 				"intact on %s - no rule found in band on "
956 				"Country IE\n",
957 				chan->center_freq, wiphy_name(wiphy));
958 #endif
959 		} else {
960 		/*
961 		 * In this case we know the country IE has at least one reg rule
962 		 * for the band so we respect its band definitions
963 		 */
964 #ifdef CONFIG_CFG80211_REG_DEBUG
965 			if (last_request->initiator ==
966 			    NL80211_REGDOM_SET_BY_COUNTRY_IE)
967 				printk(KERN_DEBUG "cfg80211: Disabling "
968 					"channel %d MHz on %s due to "
969 					"Country IE\n",
970 					chan->center_freq, wiphy_name(wiphy));
971 #endif
972 			flags |= IEEE80211_CHAN_DISABLED;
973 			chan->flags = flags;
974 		}
975 		return;
976 	}
977 
978 	power_rule = &reg_rule->power_rule;
979 	freq_range = &reg_rule->freq_range;
980 
981 	if (freq_range->max_bandwidth_khz < MHZ_TO_KHZ(40))
982 		bw_flags = IEEE80211_CHAN_NO_HT40;
983 
984 	if (last_request->initiator == NL80211_REGDOM_SET_BY_DRIVER &&
985 	    request_wiphy && request_wiphy == wiphy &&
986 	    request_wiphy->flags & WIPHY_FLAG_STRICT_REGULATORY) {
987 		/*
988 		 * This gaurantees the driver's requested regulatory domain
989 		 * will always be used as a base for further regulatory
990 		 * settings
991 		 */
992 		chan->flags = chan->orig_flags =
993 			map_regdom_flags(reg_rule->flags) | bw_flags;
994 		chan->max_antenna_gain = chan->orig_mag =
995 			(int) MBI_TO_DBI(power_rule->max_antenna_gain);
996 		chan->max_power = chan->orig_mpwr =
997 			(int) MBM_TO_DBM(power_rule->max_eirp);
998 		return;
999 	}
1000 
1001 	chan->flags = flags | bw_flags | map_regdom_flags(reg_rule->flags);
1002 	chan->max_antenna_gain = min(chan->orig_mag,
1003 		(int) MBI_TO_DBI(power_rule->max_antenna_gain));
1004 	if (chan->orig_mpwr)
1005 		chan->max_power = min(chan->orig_mpwr,
1006 			(int) MBM_TO_DBM(power_rule->max_eirp));
1007 	else
1008 		chan->max_power = (int) MBM_TO_DBM(power_rule->max_eirp);
1009 }
1010 
1011 static void handle_band(struct wiphy *wiphy, enum ieee80211_band band)
1012 {
1013 	unsigned int i;
1014 	struct ieee80211_supported_band *sband;
1015 
1016 	BUG_ON(!wiphy->bands[band]);
1017 	sband = wiphy->bands[band];
1018 
1019 	for (i = 0; i < sband->n_channels; i++)
1020 		handle_channel(wiphy, band, i);
1021 }
1022 
1023 static bool ignore_reg_update(struct wiphy *wiphy,
1024 			      enum nl80211_reg_initiator initiator)
1025 {
1026 	if (!last_request)
1027 		return true;
1028 	if (initiator == NL80211_REGDOM_SET_BY_CORE &&
1029 	    wiphy->flags & WIPHY_FLAG_CUSTOM_REGULATORY)
1030 		return true;
1031 	/*
1032 	 * wiphy->regd will be set once the device has its own
1033 	 * desired regulatory domain set
1034 	 */
1035 	if (wiphy->flags & WIPHY_FLAG_STRICT_REGULATORY && !wiphy->regd &&
1036 	    !is_world_regdom(last_request->alpha2))
1037 		return true;
1038 	return false;
1039 }
1040 
1041 static void update_all_wiphy_regulatory(enum nl80211_reg_initiator initiator)
1042 {
1043 	struct cfg80211_registered_device *rdev;
1044 
1045 	list_for_each_entry(rdev, &cfg80211_rdev_list, list)
1046 		wiphy_update_regulatory(&rdev->wiphy, initiator);
1047 }
1048 
1049 static void handle_reg_beacon(struct wiphy *wiphy,
1050 			      unsigned int chan_idx,
1051 			      struct reg_beacon *reg_beacon)
1052 {
1053 	struct ieee80211_supported_band *sband;
1054 	struct ieee80211_channel *chan;
1055 	bool channel_changed = false;
1056 	struct ieee80211_channel chan_before;
1057 
1058 	assert_cfg80211_lock();
1059 
1060 	sband = wiphy->bands[reg_beacon->chan.band];
1061 	chan = &sband->channels[chan_idx];
1062 
1063 	if (likely(chan->center_freq != reg_beacon->chan.center_freq))
1064 		return;
1065 
1066 	if (chan->beacon_found)
1067 		return;
1068 
1069 	chan->beacon_found = true;
1070 
1071 	if (wiphy->flags & WIPHY_FLAG_DISABLE_BEACON_HINTS)
1072 		return;
1073 
1074 	chan_before.center_freq = chan->center_freq;
1075 	chan_before.flags = chan->flags;
1076 
1077 	if (chan->flags & IEEE80211_CHAN_PASSIVE_SCAN) {
1078 		chan->flags &= ~IEEE80211_CHAN_PASSIVE_SCAN;
1079 		channel_changed = true;
1080 	}
1081 
1082 	if (chan->flags & IEEE80211_CHAN_NO_IBSS) {
1083 		chan->flags &= ~IEEE80211_CHAN_NO_IBSS;
1084 		channel_changed = true;
1085 	}
1086 
1087 	if (channel_changed)
1088 		nl80211_send_beacon_hint_event(wiphy, &chan_before, chan);
1089 }
1090 
1091 /*
1092  * Called when a scan on a wiphy finds a beacon on
1093  * new channel
1094  */
1095 static void wiphy_update_new_beacon(struct wiphy *wiphy,
1096 				    struct reg_beacon *reg_beacon)
1097 {
1098 	unsigned int i;
1099 	struct ieee80211_supported_band *sband;
1100 
1101 	assert_cfg80211_lock();
1102 
1103 	if (!wiphy->bands[reg_beacon->chan.band])
1104 		return;
1105 
1106 	sband = wiphy->bands[reg_beacon->chan.band];
1107 
1108 	for (i = 0; i < sband->n_channels; i++)
1109 		handle_reg_beacon(wiphy, i, reg_beacon);
1110 }
1111 
1112 /*
1113  * Called upon reg changes or a new wiphy is added
1114  */
1115 static void wiphy_update_beacon_reg(struct wiphy *wiphy)
1116 {
1117 	unsigned int i;
1118 	struct ieee80211_supported_band *sband;
1119 	struct reg_beacon *reg_beacon;
1120 
1121 	assert_cfg80211_lock();
1122 
1123 	if (list_empty(&reg_beacon_list))
1124 		return;
1125 
1126 	list_for_each_entry(reg_beacon, &reg_beacon_list, list) {
1127 		if (!wiphy->bands[reg_beacon->chan.band])
1128 			continue;
1129 		sband = wiphy->bands[reg_beacon->chan.band];
1130 		for (i = 0; i < sband->n_channels; i++)
1131 			handle_reg_beacon(wiphy, i, reg_beacon);
1132 	}
1133 }
1134 
1135 static bool reg_is_world_roaming(struct wiphy *wiphy)
1136 {
1137 	if (is_world_regdom(cfg80211_regdomain->alpha2) ||
1138 	    (wiphy->regd && is_world_regdom(wiphy->regd->alpha2)))
1139 		return true;
1140 	if (last_request &&
1141 	    last_request->initiator != NL80211_REGDOM_SET_BY_COUNTRY_IE &&
1142 	    wiphy->flags & WIPHY_FLAG_CUSTOM_REGULATORY)
1143 		return true;
1144 	return false;
1145 }
1146 
1147 /* Reap the advantages of previously found beacons */
1148 static void reg_process_beacons(struct wiphy *wiphy)
1149 {
1150 	/*
1151 	 * Means we are just firing up cfg80211, so no beacons would
1152 	 * have been processed yet.
1153 	 */
1154 	if (!last_request)
1155 		return;
1156 	if (!reg_is_world_roaming(wiphy))
1157 		return;
1158 	wiphy_update_beacon_reg(wiphy);
1159 }
1160 
1161 static bool is_ht40_not_allowed(struct ieee80211_channel *chan)
1162 {
1163 	if (!chan)
1164 		return true;
1165 	if (chan->flags & IEEE80211_CHAN_DISABLED)
1166 		return true;
1167 	/* This would happen when regulatory rules disallow HT40 completely */
1168 	if (IEEE80211_CHAN_NO_HT40 == (chan->flags & (IEEE80211_CHAN_NO_HT40)))
1169 		return true;
1170 	return false;
1171 }
1172 
1173 static void reg_process_ht_flags_channel(struct wiphy *wiphy,
1174 					 enum ieee80211_band band,
1175 					 unsigned int chan_idx)
1176 {
1177 	struct ieee80211_supported_band *sband;
1178 	struct ieee80211_channel *channel;
1179 	struct ieee80211_channel *channel_before = NULL, *channel_after = NULL;
1180 	unsigned int i;
1181 
1182 	assert_cfg80211_lock();
1183 
1184 	sband = wiphy->bands[band];
1185 	BUG_ON(chan_idx >= sband->n_channels);
1186 	channel = &sband->channels[chan_idx];
1187 
1188 	if (is_ht40_not_allowed(channel)) {
1189 		channel->flags |= IEEE80211_CHAN_NO_HT40;
1190 		return;
1191 	}
1192 
1193 	/*
1194 	 * We need to ensure the extension channels exist to
1195 	 * be able to use HT40- or HT40+, this finds them (or not)
1196 	 */
1197 	for (i = 0; i < sband->n_channels; i++) {
1198 		struct ieee80211_channel *c = &sband->channels[i];
1199 		if (c->center_freq == (channel->center_freq - 20))
1200 			channel_before = c;
1201 		if (c->center_freq == (channel->center_freq + 20))
1202 			channel_after = c;
1203 	}
1204 
1205 	/*
1206 	 * Please note that this assumes target bandwidth is 20 MHz,
1207 	 * if that ever changes we also need to change the below logic
1208 	 * to include that as well.
1209 	 */
1210 	if (is_ht40_not_allowed(channel_before))
1211 		channel->flags |= IEEE80211_CHAN_NO_HT40MINUS;
1212 	else
1213 		channel->flags &= ~IEEE80211_CHAN_NO_HT40MINUS;
1214 
1215 	if (is_ht40_not_allowed(channel_after))
1216 		channel->flags |= IEEE80211_CHAN_NO_HT40PLUS;
1217 	else
1218 		channel->flags &= ~IEEE80211_CHAN_NO_HT40PLUS;
1219 }
1220 
1221 static void reg_process_ht_flags_band(struct wiphy *wiphy,
1222 				      enum ieee80211_band band)
1223 {
1224 	unsigned int i;
1225 	struct ieee80211_supported_band *sband;
1226 
1227 	BUG_ON(!wiphy->bands[band]);
1228 	sband = wiphy->bands[band];
1229 
1230 	for (i = 0; i < sband->n_channels; i++)
1231 		reg_process_ht_flags_channel(wiphy, band, i);
1232 }
1233 
1234 static void reg_process_ht_flags(struct wiphy *wiphy)
1235 {
1236 	enum ieee80211_band band;
1237 
1238 	if (!wiphy)
1239 		return;
1240 
1241 	for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
1242 		if (wiphy->bands[band])
1243 			reg_process_ht_flags_band(wiphy, band);
1244 	}
1245 
1246 }
1247 
1248 void wiphy_update_regulatory(struct wiphy *wiphy,
1249 			     enum nl80211_reg_initiator initiator)
1250 {
1251 	enum ieee80211_band band;
1252 
1253 	if (ignore_reg_update(wiphy, initiator))
1254 		goto out;
1255 	for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
1256 		if (wiphy->bands[band])
1257 			handle_band(wiphy, band);
1258 	}
1259 out:
1260 	reg_process_beacons(wiphy);
1261 	reg_process_ht_flags(wiphy);
1262 	if (wiphy->reg_notifier)
1263 		wiphy->reg_notifier(wiphy, last_request);
1264 }
1265 
1266 static void handle_channel_custom(struct wiphy *wiphy,
1267 				  enum ieee80211_band band,
1268 				  unsigned int chan_idx,
1269 				  const struct ieee80211_regdomain *regd)
1270 {
1271 	int r;
1272 	u32 desired_bw_khz = MHZ_TO_KHZ(20);
1273 	u32 bw_flags = 0;
1274 	const struct ieee80211_reg_rule *reg_rule = NULL;
1275 	const struct ieee80211_power_rule *power_rule = NULL;
1276 	const struct ieee80211_freq_range *freq_range = NULL;
1277 	struct ieee80211_supported_band *sband;
1278 	struct ieee80211_channel *chan;
1279 
1280 	assert_reg_lock();
1281 
1282 	sband = wiphy->bands[band];
1283 	BUG_ON(chan_idx >= sband->n_channels);
1284 	chan = &sband->channels[chan_idx];
1285 
1286 	r = freq_reg_info_regd(wiphy,
1287 			       MHZ_TO_KHZ(chan->center_freq),
1288 			       desired_bw_khz,
1289 			       &reg_rule,
1290 			       regd);
1291 
1292 	if (r) {
1293 		chan->flags = IEEE80211_CHAN_DISABLED;
1294 		return;
1295 	}
1296 
1297 	power_rule = &reg_rule->power_rule;
1298 	freq_range = &reg_rule->freq_range;
1299 
1300 	if (freq_range->max_bandwidth_khz < MHZ_TO_KHZ(40))
1301 		bw_flags = IEEE80211_CHAN_NO_HT40;
1302 
1303 	chan->flags |= map_regdom_flags(reg_rule->flags) | bw_flags;
1304 	chan->max_antenna_gain = (int) MBI_TO_DBI(power_rule->max_antenna_gain);
1305 	chan->max_power = (int) MBM_TO_DBM(power_rule->max_eirp);
1306 }
1307 
1308 static void handle_band_custom(struct wiphy *wiphy, enum ieee80211_band band,
1309 			       const struct ieee80211_regdomain *regd)
1310 {
1311 	unsigned int i;
1312 	struct ieee80211_supported_band *sband;
1313 
1314 	BUG_ON(!wiphy->bands[band]);
1315 	sband = wiphy->bands[band];
1316 
1317 	for (i = 0; i < sband->n_channels; i++)
1318 		handle_channel_custom(wiphy, band, i, regd);
1319 }
1320 
1321 /* Used by drivers prior to wiphy registration */
1322 void wiphy_apply_custom_regulatory(struct wiphy *wiphy,
1323 				   const struct ieee80211_regdomain *regd)
1324 {
1325 	enum ieee80211_band band;
1326 	unsigned int bands_set = 0;
1327 
1328 	mutex_lock(&reg_mutex);
1329 	for (band = 0; band < IEEE80211_NUM_BANDS; band++) {
1330 		if (!wiphy->bands[band])
1331 			continue;
1332 		handle_band_custom(wiphy, band, regd);
1333 		bands_set++;
1334 	}
1335 	mutex_unlock(&reg_mutex);
1336 
1337 	/*
1338 	 * no point in calling this if it won't have any effect
1339 	 * on your device's supportd bands.
1340 	 */
1341 	WARN_ON(!bands_set);
1342 }
1343 EXPORT_SYMBOL(wiphy_apply_custom_regulatory);
1344 
1345 static int reg_copy_regd(const struct ieee80211_regdomain **dst_regd,
1346 			 const struct ieee80211_regdomain *src_regd)
1347 {
1348 	struct ieee80211_regdomain *regd;
1349 	int size_of_regd = 0;
1350 	unsigned int i;
1351 
1352 	size_of_regd = sizeof(struct ieee80211_regdomain) +
1353 	  ((src_regd->n_reg_rules + 1) * sizeof(struct ieee80211_reg_rule));
1354 
1355 	regd = kzalloc(size_of_regd, GFP_KERNEL);
1356 	if (!regd)
1357 		return -ENOMEM;
1358 
1359 	memcpy(regd, src_regd, sizeof(struct ieee80211_regdomain));
1360 
1361 	for (i = 0; i < src_regd->n_reg_rules; i++)
1362 		memcpy(&regd->reg_rules[i], &src_regd->reg_rules[i],
1363 			sizeof(struct ieee80211_reg_rule));
1364 
1365 	*dst_regd = regd;
1366 	return 0;
1367 }
1368 
1369 /*
1370  * Return value which can be used by ignore_request() to indicate
1371  * it has been determined we should intersect two regulatory domains
1372  */
1373 #define REG_INTERSECT	1
1374 
1375 /* This has the logic which determines when a new request
1376  * should be ignored. */
1377 static int ignore_request(struct wiphy *wiphy,
1378 			  struct regulatory_request *pending_request)
1379 {
1380 	struct wiphy *last_wiphy = NULL;
1381 
1382 	assert_cfg80211_lock();
1383 
1384 	/* All initial requests are respected */
1385 	if (!last_request)
1386 		return 0;
1387 
1388 	switch (pending_request->initiator) {
1389 	case NL80211_REGDOM_SET_BY_CORE:
1390 		return -EINVAL;
1391 	case NL80211_REGDOM_SET_BY_COUNTRY_IE:
1392 
1393 		last_wiphy = wiphy_idx_to_wiphy(last_request->wiphy_idx);
1394 
1395 		if (unlikely(!is_an_alpha2(pending_request->alpha2)))
1396 			return -EINVAL;
1397 		if (last_request->initiator ==
1398 		    NL80211_REGDOM_SET_BY_COUNTRY_IE) {
1399 			if (last_wiphy != wiphy) {
1400 				/*
1401 				 * Two cards with two APs claiming different
1402 				 * Country IE alpha2s. We could
1403 				 * intersect them, but that seems unlikely
1404 				 * to be correct. Reject second one for now.
1405 				 */
1406 				if (regdom_changes(pending_request->alpha2))
1407 					return -EOPNOTSUPP;
1408 				return -EALREADY;
1409 			}
1410 			/*
1411 			 * Two consecutive Country IE hints on the same wiphy.
1412 			 * This should be picked up early by the driver/stack
1413 			 */
1414 			if (WARN_ON(regdom_changes(pending_request->alpha2)))
1415 				return 0;
1416 			return -EALREADY;
1417 		}
1418 		return REG_INTERSECT;
1419 	case NL80211_REGDOM_SET_BY_DRIVER:
1420 		if (last_request->initiator == NL80211_REGDOM_SET_BY_CORE) {
1421 			if (is_old_static_regdom(cfg80211_regdomain))
1422 				return 0;
1423 			if (regdom_changes(pending_request->alpha2))
1424 				return 0;
1425 			return -EALREADY;
1426 		}
1427 
1428 		/*
1429 		 * This would happen if you unplug and plug your card
1430 		 * back in or if you add a new device for which the previously
1431 		 * loaded card also agrees on the regulatory domain.
1432 		 */
1433 		if (last_request->initiator == NL80211_REGDOM_SET_BY_DRIVER &&
1434 		    !regdom_changes(pending_request->alpha2))
1435 			return -EALREADY;
1436 
1437 		return REG_INTERSECT;
1438 	case NL80211_REGDOM_SET_BY_USER:
1439 		if (last_request->initiator == NL80211_REGDOM_SET_BY_COUNTRY_IE)
1440 			return REG_INTERSECT;
1441 		/*
1442 		 * If the user knows better the user should set the regdom
1443 		 * to their country before the IE is picked up
1444 		 */
1445 		if (last_request->initiator == NL80211_REGDOM_SET_BY_USER &&
1446 			  last_request->intersect)
1447 			return -EOPNOTSUPP;
1448 		/*
1449 		 * Process user requests only after previous user/driver/core
1450 		 * requests have been processed
1451 		 */
1452 		if (last_request->initiator == NL80211_REGDOM_SET_BY_CORE ||
1453 		    last_request->initiator == NL80211_REGDOM_SET_BY_DRIVER ||
1454 		    last_request->initiator == NL80211_REGDOM_SET_BY_USER) {
1455 			if (regdom_changes(last_request->alpha2))
1456 				return -EAGAIN;
1457 		}
1458 
1459 		if (!is_old_static_regdom(cfg80211_regdomain) &&
1460 		    !regdom_changes(pending_request->alpha2))
1461 			return -EALREADY;
1462 
1463 		return 0;
1464 	}
1465 
1466 	return -EINVAL;
1467 }
1468 
1469 /**
1470  * __regulatory_hint - hint to the wireless core a regulatory domain
1471  * @wiphy: if the hint comes from country information from an AP, this
1472  *	is required to be set to the wiphy that received the information
1473  * @pending_request: the regulatory request currently being processed
1474  *
1475  * The Wireless subsystem can use this function to hint to the wireless core
1476  * what it believes should be the current regulatory domain.
1477  *
1478  * Returns zero if all went fine, %-EALREADY if a regulatory domain had
1479  * already been set or other standard error codes.
1480  *
1481  * Caller must hold &cfg80211_mutex and &reg_mutex
1482  */
1483 static int __regulatory_hint(struct wiphy *wiphy,
1484 			     struct regulatory_request *pending_request)
1485 {
1486 	bool intersect = false;
1487 	int r = 0;
1488 
1489 	assert_cfg80211_lock();
1490 
1491 	r = ignore_request(wiphy, pending_request);
1492 
1493 	if (r == REG_INTERSECT) {
1494 		if (pending_request->initiator ==
1495 		    NL80211_REGDOM_SET_BY_DRIVER) {
1496 			r = reg_copy_regd(&wiphy->regd, cfg80211_regdomain);
1497 			if (r) {
1498 				kfree(pending_request);
1499 				return r;
1500 			}
1501 		}
1502 		intersect = true;
1503 	} else if (r) {
1504 		/*
1505 		 * If the regulatory domain being requested by the
1506 		 * driver has already been set just copy it to the
1507 		 * wiphy
1508 		 */
1509 		if (r == -EALREADY &&
1510 		    pending_request->initiator ==
1511 		    NL80211_REGDOM_SET_BY_DRIVER) {
1512 			r = reg_copy_regd(&wiphy->regd, cfg80211_regdomain);
1513 			if (r) {
1514 				kfree(pending_request);
1515 				return r;
1516 			}
1517 			r = -EALREADY;
1518 			goto new_request;
1519 		}
1520 		kfree(pending_request);
1521 		return r;
1522 	}
1523 
1524 new_request:
1525 	kfree(last_request);
1526 
1527 	last_request = pending_request;
1528 	last_request->intersect = intersect;
1529 
1530 	pending_request = NULL;
1531 
1532 	/* When r == REG_INTERSECT we do need to call CRDA */
1533 	if (r < 0) {
1534 		/*
1535 		 * Since CRDA will not be called in this case as we already
1536 		 * have applied the requested regulatory domain before we just
1537 		 * inform userspace we have processed the request
1538 		 */
1539 		if (r == -EALREADY)
1540 			nl80211_send_reg_change_event(last_request);
1541 		return r;
1542 	}
1543 
1544 	return call_crda(last_request->alpha2);
1545 }
1546 
1547 /* This processes *all* regulatory hints */
1548 static void reg_process_hint(struct regulatory_request *reg_request)
1549 {
1550 	int r = 0;
1551 	struct wiphy *wiphy = NULL;
1552 
1553 	BUG_ON(!reg_request->alpha2);
1554 
1555 	mutex_lock(&cfg80211_mutex);
1556 	mutex_lock(&reg_mutex);
1557 
1558 	if (wiphy_idx_valid(reg_request->wiphy_idx))
1559 		wiphy = wiphy_idx_to_wiphy(reg_request->wiphy_idx);
1560 
1561 	if (reg_request->initiator == NL80211_REGDOM_SET_BY_DRIVER &&
1562 	    !wiphy) {
1563 		kfree(reg_request);
1564 		goto out;
1565 	}
1566 
1567 	r = __regulatory_hint(wiphy, reg_request);
1568 	/* This is required so that the orig_* parameters are saved */
1569 	if (r == -EALREADY && wiphy &&
1570 	    wiphy->flags & WIPHY_FLAG_STRICT_REGULATORY)
1571 		wiphy_update_regulatory(wiphy, reg_request->initiator);
1572 out:
1573 	mutex_unlock(&reg_mutex);
1574 	mutex_unlock(&cfg80211_mutex);
1575 }
1576 
1577 /* Processes regulatory hints, this is all the NL80211_REGDOM_SET_BY_* */
1578 static void reg_process_pending_hints(void)
1579 	{
1580 	struct regulatory_request *reg_request;
1581 
1582 	spin_lock(&reg_requests_lock);
1583 	while (!list_empty(&reg_requests_list)) {
1584 		reg_request = list_first_entry(&reg_requests_list,
1585 					       struct regulatory_request,
1586 					       list);
1587 		list_del_init(&reg_request->list);
1588 
1589 		spin_unlock(&reg_requests_lock);
1590 		reg_process_hint(reg_request);
1591 		spin_lock(&reg_requests_lock);
1592 	}
1593 	spin_unlock(&reg_requests_lock);
1594 }
1595 
1596 /* Processes beacon hints -- this has nothing to do with country IEs */
1597 static void reg_process_pending_beacon_hints(void)
1598 {
1599 	struct cfg80211_registered_device *rdev;
1600 	struct reg_beacon *pending_beacon, *tmp;
1601 
1602 	/*
1603 	 * No need to hold the reg_mutex here as we just touch wiphys
1604 	 * and do not read or access regulatory variables.
1605 	 */
1606 	mutex_lock(&cfg80211_mutex);
1607 
1608 	/* This goes through the _pending_ beacon list */
1609 	spin_lock_bh(&reg_pending_beacons_lock);
1610 
1611 	if (list_empty(&reg_pending_beacons)) {
1612 		spin_unlock_bh(&reg_pending_beacons_lock);
1613 		goto out;
1614 	}
1615 
1616 	list_for_each_entry_safe(pending_beacon, tmp,
1617 				 &reg_pending_beacons, list) {
1618 
1619 		list_del_init(&pending_beacon->list);
1620 
1621 		/* Applies the beacon hint to current wiphys */
1622 		list_for_each_entry(rdev, &cfg80211_rdev_list, list)
1623 			wiphy_update_new_beacon(&rdev->wiphy, pending_beacon);
1624 
1625 		/* Remembers the beacon hint for new wiphys or reg changes */
1626 		list_add_tail(&pending_beacon->list, &reg_beacon_list);
1627 	}
1628 
1629 	spin_unlock_bh(&reg_pending_beacons_lock);
1630 out:
1631 	mutex_unlock(&cfg80211_mutex);
1632 }
1633 
1634 static void reg_todo(struct work_struct *work)
1635 {
1636 	reg_process_pending_hints();
1637 	reg_process_pending_beacon_hints();
1638 }
1639 
1640 static DECLARE_WORK(reg_work, reg_todo);
1641 
1642 static void queue_regulatory_request(struct regulatory_request *request)
1643 {
1644 	spin_lock(&reg_requests_lock);
1645 	list_add_tail(&request->list, &reg_requests_list);
1646 	spin_unlock(&reg_requests_lock);
1647 
1648 	schedule_work(&reg_work);
1649 }
1650 
1651 /* Core regulatory hint -- happens once during cfg80211_init() */
1652 static int regulatory_hint_core(const char *alpha2)
1653 {
1654 	struct regulatory_request *request;
1655 
1656 	BUG_ON(last_request);
1657 
1658 	request = kzalloc(sizeof(struct regulatory_request),
1659 			  GFP_KERNEL);
1660 	if (!request)
1661 		return -ENOMEM;
1662 
1663 	request->alpha2[0] = alpha2[0];
1664 	request->alpha2[1] = alpha2[1];
1665 	request->initiator = NL80211_REGDOM_SET_BY_CORE;
1666 
1667 	queue_regulatory_request(request);
1668 
1669 	/*
1670 	 * This ensures last_request is populated once modules
1671 	 * come swinging in and calling regulatory hints and
1672 	 * wiphy_apply_custom_regulatory().
1673 	 */
1674 	flush_scheduled_work();
1675 
1676 	return 0;
1677 }
1678 
1679 /* User hints */
1680 int regulatory_hint_user(const char *alpha2)
1681 {
1682 	struct regulatory_request *request;
1683 
1684 	BUG_ON(!alpha2);
1685 
1686 	request = kzalloc(sizeof(struct regulatory_request), GFP_KERNEL);
1687 	if (!request)
1688 		return -ENOMEM;
1689 
1690 	request->wiphy_idx = WIPHY_IDX_STALE;
1691 	request->alpha2[0] = alpha2[0];
1692 	request->alpha2[1] = alpha2[1];
1693 	request->initiator = NL80211_REGDOM_SET_BY_USER;
1694 
1695 	queue_regulatory_request(request);
1696 
1697 	return 0;
1698 }
1699 
1700 /* Driver hints */
1701 int regulatory_hint(struct wiphy *wiphy, const char *alpha2)
1702 {
1703 	struct regulatory_request *request;
1704 
1705 	BUG_ON(!alpha2);
1706 	BUG_ON(!wiphy);
1707 
1708 	request = kzalloc(sizeof(struct regulatory_request), GFP_KERNEL);
1709 	if (!request)
1710 		return -ENOMEM;
1711 
1712 	request->wiphy_idx = get_wiphy_idx(wiphy);
1713 
1714 	/* Must have registered wiphy first */
1715 	BUG_ON(!wiphy_idx_valid(request->wiphy_idx));
1716 
1717 	request->alpha2[0] = alpha2[0];
1718 	request->alpha2[1] = alpha2[1];
1719 	request->initiator = NL80211_REGDOM_SET_BY_DRIVER;
1720 
1721 	queue_regulatory_request(request);
1722 
1723 	return 0;
1724 }
1725 EXPORT_SYMBOL(regulatory_hint);
1726 
1727 /* Caller must hold reg_mutex */
1728 static bool reg_same_country_ie_hint(struct wiphy *wiphy,
1729 			u32 country_ie_checksum)
1730 {
1731 	struct wiphy *request_wiphy;
1732 
1733 	assert_reg_lock();
1734 
1735 	if (unlikely(last_request->initiator !=
1736 	    NL80211_REGDOM_SET_BY_COUNTRY_IE))
1737 		return false;
1738 
1739 	request_wiphy = wiphy_idx_to_wiphy(last_request->wiphy_idx);
1740 
1741 	if (!request_wiphy)
1742 		return false;
1743 
1744 	if (likely(request_wiphy != wiphy))
1745 		return !country_ie_integrity_changes(country_ie_checksum);
1746 	/*
1747 	 * We should not have let these through at this point, they
1748 	 * should have been picked up earlier by the first alpha2 check
1749 	 * on the device
1750 	 */
1751 	if (WARN_ON(!country_ie_integrity_changes(country_ie_checksum)))
1752 		return true;
1753 	return false;
1754 }
1755 
1756 /*
1757  * We hold wdev_lock() here so we cannot hold cfg80211_mutex() and
1758  * therefore cannot iterate over the rdev list here.
1759  */
1760 void regulatory_hint_11d(struct wiphy *wiphy,
1761 			u8 *country_ie,
1762 			u8 country_ie_len)
1763 {
1764 	struct ieee80211_regdomain *rd = NULL;
1765 	char alpha2[2];
1766 	u32 checksum = 0;
1767 	enum environment_cap env = ENVIRON_ANY;
1768 	struct regulatory_request *request;
1769 
1770 	mutex_lock(&reg_mutex);
1771 
1772 	if (unlikely(!last_request))
1773 		goto out;
1774 
1775 	/* IE len must be evenly divisible by 2 */
1776 	if (country_ie_len & 0x01)
1777 		goto out;
1778 
1779 	if (country_ie_len < IEEE80211_COUNTRY_IE_MIN_LEN)
1780 		goto out;
1781 
1782 	/*
1783 	 * Pending country IE processing, this can happen after we
1784 	 * call CRDA and wait for a response if a beacon was received before
1785 	 * we were able to process the last regulatory_hint_11d() call
1786 	 */
1787 	if (country_ie_regdomain)
1788 		goto out;
1789 
1790 	alpha2[0] = country_ie[0];
1791 	alpha2[1] = country_ie[1];
1792 
1793 	if (country_ie[2] == 'I')
1794 		env = ENVIRON_INDOOR;
1795 	else if (country_ie[2] == 'O')
1796 		env = ENVIRON_OUTDOOR;
1797 
1798 	/*
1799 	 * We will run this only upon a successful connection on cfg80211.
1800 	 * We leave conflict resolution to the workqueue, where can hold
1801 	 * cfg80211_mutex.
1802 	 */
1803 	if (likely(last_request->initiator ==
1804 	    NL80211_REGDOM_SET_BY_COUNTRY_IE &&
1805 	    wiphy_idx_valid(last_request->wiphy_idx)))
1806 		goto out;
1807 
1808 	rd = country_ie_2_rd(country_ie, country_ie_len, &checksum);
1809 	if (!rd)
1810 		goto out;
1811 
1812 	/*
1813 	 * This will not happen right now but we leave it here for the
1814 	 * the future when we want to add suspend/resume support and having
1815 	 * the user move to another country after doing so, or having the user
1816 	 * move to another AP. Right now we just trust the first AP.
1817 	 *
1818 	 * If we hit this before we add this support we want to be informed of
1819 	 * it as it would indicate a mistake in the current design
1820 	 */
1821 	if (WARN_ON(reg_same_country_ie_hint(wiphy, checksum)))
1822 		goto free_rd_out;
1823 
1824 	request = kzalloc(sizeof(struct regulatory_request), GFP_KERNEL);
1825 	if (!request)
1826 		goto free_rd_out;
1827 
1828 	/*
1829 	 * We keep this around for when CRDA comes back with a response so
1830 	 * we can intersect with that
1831 	 */
1832 	country_ie_regdomain = rd;
1833 
1834 	request->wiphy_idx = get_wiphy_idx(wiphy);
1835 	request->alpha2[0] = rd->alpha2[0];
1836 	request->alpha2[1] = rd->alpha2[1];
1837 	request->initiator = NL80211_REGDOM_SET_BY_COUNTRY_IE;
1838 	request->country_ie_checksum = checksum;
1839 	request->country_ie_env = env;
1840 
1841 	mutex_unlock(&reg_mutex);
1842 
1843 	queue_regulatory_request(request);
1844 
1845 	return;
1846 
1847 free_rd_out:
1848 	kfree(rd);
1849 out:
1850 	mutex_unlock(&reg_mutex);
1851 }
1852 
1853 static bool freq_is_chan_12_13_14(u16 freq)
1854 {
1855 	if (freq == ieee80211_channel_to_frequency(12) ||
1856 	    freq == ieee80211_channel_to_frequency(13) ||
1857 	    freq == ieee80211_channel_to_frequency(14))
1858 		return true;
1859 	return false;
1860 }
1861 
1862 int regulatory_hint_found_beacon(struct wiphy *wiphy,
1863 				 struct ieee80211_channel *beacon_chan,
1864 				 gfp_t gfp)
1865 {
1866 	struct reg_beacon *reg_beacon;
1867 
1868 	if (likely((beacon_chan->beacon_found ||
1869 	    (beacon_chan->flags & IEEE80211_CHAN_RADAR) ||
1870 	    (beacon_chan->band == IEEE80211_BAND_2GHZ &&
1871 	     !freq_is_chan_12_13_14(beacon_chan->center_freq)))))
1872 		return 0;
1873 
1874 	reg_beacon = kzalloc(sizeof(struct reg_beacon), gfp);
1875 	if (!reg_beacon)
1876 		return -ENOMEM;
1877 
1878 #ifdef CONFIG_CFG80211_REG_DEBUG
1879 	printk(KERN_DEBUG "cfg80211: Found new beacon on "
1880 		"frequency: %d MHz (Ch %d) on %s\n",
1881 		beacon_chan->center_freq,
1882 		ieee80211_frequency_to_channel(beacon_chan->center_freq),
1883 		wiphy_name(wiphy));
1884 #endif
1885 	memcpy(&reg_beacon->chan, beacon_chan,
1886 		sizeof(struct ieee80211_channel));
1887 
1888 
1889 	/*
1890 	 * Since we can be called from BH or and non-BH context
1891 	 * we must use spin_lock_bh()
1892 	 */
1893 	spin_lock_bh(&reg_pending_beacons_lock);
1894 	list_add_tail(&reg_beacon->list, &reg_pending_beacons);
1895 	spin_unlock_bh(&reg_pending_beacons_lock);
1896 
1897 	schedule_work(&reg_work);
1898 
1899 	return 0;
1900 }
1901 
1902 static void print_rd_rules(const struct ieee80211_regdomain *rd)
1903 {
1904 	unsigned int i;
1905 	const struct ieee80211_reg_rule *reg_rule = NULL;
1906 	const struct ieee80211_freq_range *freq_range = NULL;
1907 	const struct ieee80211_power_rule *power_rule = NULL;
1908 
1909 	printk(KERN_INFO "    (start_freq - end_freq @ bandwidth), "
1910 		"(max_antenna_gain, max_eirp)\n");
1911 
1912 	for (i = 0; i < rd->n_reg_rules; i++) {
1913 		reg_rule = &rd->reg_rules[i];
1914 		freq_range = &reg_rule->freq_range;
1915 		power_rule = &reg_rule->power_rule;
1916 
1917 		/*
1918 		 * There may not be documentation for max antenna gain
1919 		 * in certain regions
1920 		 */
1921 		if (power_rule->max_antenna_gain)
1922 			printk(KERN_INFO "    (%d KHz - %d KHz @ %d KHz), "
1923 				"(%d mBi, %d mBm)\n",
1924 				freq_range->start_freq_khz,
1925 				freq_range->end_freq_khz,
1926 				freq_range->max_bandwidth_khz,
1927 				power_rule->max_antenna_gain,
1928 				power_rule->max_eirp);
1929 		else
1930 			printk(KERN_INFO "    (%d KHz - %d KHz @ %d KHz), "
1931 				"(N/A, %d mBm)\n",
1932 				freq_range->start_freq_khz,
1933 				freq_range->end_freq_khz,
1934 				freq_range->max_bandwidth_khz,
1935 				power_rule->max_eirp);
1936 	}
1937 }
1938 
1939 static void print_regdomain(const struct ieee80211_regdomain *rd)
1940 {
1941 
1942 	if (is_intersected_alpha2(rd->alpha2)) {
1943 
1944 		if (last_request->initiator ==
1945 		    NL80211_REGDOM_SET_BY_COUNTRY_IE) {
1946 			struct cfg80211_registered_device *rdev;
1947 			rdev = cfg80211_rdev_by_wiphy_idx(
1948 				last_request->wiphy_idx);
1949 			if (rdev) {
1950 				printk(KERN_INFO "cfg80211: Current regulatory "
1951 					"domain updated by AP to: %c%c\n",
1952 					rdev->country_ie_alpha2[0],
1953 					rdev->country_ie_alpha2[1]);
1954 			} else
1955 				printk(KERN_INFO "cfg80211: Current regulatory "
1956 					"domain intersected: \n");
1957 		} else
1958 				printk(KERN_INFO "cfg80211: Current regulatory "
1959 					"domain intersected: \n");
1960 	} else if (is_world_regdom(rd->alpha2))
1961 		printk(KERN_INFO "cfg80211: World regulatory "
1962 			"domain updated:\n");
1963 	else {
1964 		if (is_unknown_alpha2(rd->alpha2))
1965 			printk(KERN_INFO "cfg80211: Regulatory domain "
1966 				"changed to driver built-in settings "
1967 				"(unknown country)\n");
1968 		else
1969 			printk(KERN_INFO "cfg80211: Regulatory domain "
1970 				"changed to country: %c%c\n",
1971 				rd->alpha2[0], rd->alpha2[1]);
1972 	}
1973 	print_rd_rules(rd);
1974 }
1975 
1976 static void print_regdomain_info(const struct ieee80211_regdomain *rd)
1977 {
1978 	printk(KERN_INFO "cfg80211: Regulatory domain: %c%c\n",
1979 		rd->alpha2[0], rd->alpha2[1]);
1980 	print_rd_rules(rd);
1981 }
1982 
1983 #ifdef CONFIG_CFG80211_REG_DEBUG
1984 static void reg_country_ie_process_debug(
1985 	const struct ieee80211_regdomain *rd,
1986 	const struct ieee80211_regdomain *country_ie_regdomain,
1987 	const struct ieee80211_regdomain *intersected_rd)
1988 {
1989 	printk(KERN_DEBUG "cfg80211: Received country IE:\n");
1990 	print_regdomain_info(country_ie_regdomain);
1991 	printk(KERN_DEBUG "cfg80211: CRDA thinks this should applied:\n");
1992 	print_regdomain_info(rd);
1993 	if (intersected_rd) {
1994 		printk(KERN_DEBUG "cfg80211: We intersect both of these "
1995 			"and get:\n");
1996 		print_regdomain_info(intersected_rd);
1997 		return;
1998 	}
1999 	printk(KERN_DEBUG "cfg80211: Intersection between both failed\n");
2000 }
2001 #else
2002 static inline void reg_country_ie_process_debug(
2003 	const struct ieee80211_regdomain *rd,
2004 	const struct ieee80211_regdomain *country_ie_regdomain,
2005 	const struct ieee80211_regdomain *intersected_rd)
2006 {
2007 }
2008 #endif
2009 
2010 /* Takes ownership of rd only if it doesn't fail */
2011 static int __set_regdom(const struct ieee80211_regdomain *rd)
2012 {
2013 	const struct ieee80211_regdomain *intersected_rd = NULL;
2014 	struct cfg80211_registered_device *rdev = NULL;
2015 	struct wiphy *request_wiphy;
2016 	/* Some basic sanity checks first */
2017 
2018 	if (is_world_regdom(rd->alpha2)) {
2019 		if (WARN_ON(!reg_is_valid_request(rd->alpha2)))
2020 			return -EINVAL;
2021 		update_world_regdomain(rd);
2022 		return 0;
2023 	}
2024 
2025 	if (!is_alpha2_set(rd->alpha2) && !is_an_alpha2(rd->alpha2) &&
2026 			!is_unknown_alpha2(rd->alpha2))
2027 		return -EINVAL;
2028 
2029 	if (!last_request)
2030 		return -EINVAL;
2031 
2032 	/*
2033 	 * Lets only bother proceeding on the same alpha2 if the current
2034 	 * rd is non static (it means CRDA was present and was used last)
2035 	 * and the pending request came in from a country IE
2036 	 */
2037 	if (last_request->initiator != NL80211_REGDOM_SET_BY_COUNTRY_IE) {
2038 		/*
2039 		 * If someone else asked us to change the rd lets only bother
2040 		 * checking if the alpha2 changes if CRDA was already called
2041 		 */
2042 		if (!is_old_static_regdom(cfg80211_regdomain) &&
2043 		    !regdom_changes(rd->alpha2))
2044 			return -EINVAL;
2045 	}
2046 
2047 	/*
2048 	 * Now lets set the regulatory domain, update all driver channels
2049 	 * and finally inform them of what we have done, in case they want
2050 	 * to review or adjust their own settings based on their own
2051 	 * internal EEPROM data
2052 	 */
2053 
2054 	if (WARN_ON(!reg_is_valid_request(rd->alpha2)))
2055 		return -EINVAL;
2056 
2057 	if (!is_valid_rd(rd)) {
2058 		printk(KERN_ERR "cfg80211: Invalid "
2059 			"regulatory domain detected:\n");
2060 		print_regdomain_info(rd);
2061 		return -EINVAL;
2062 	}
2063 
2064 	request_wiphy = wiphy_idx_to_wiphy(last_request->wiphy_idx);
2065 
2066 	if (!last_request->intersect) {
2067 		int r;
2068 
2069 		if (last_request->initiator != NL80211_REGDOM_SET_BY_DRIVER) {
2070 			reset_regdomains();
2071 			cfg80211_regdomain = rd;
2072 			return 0;
2073 		}
2074 
2075 		/*
2076 		 * For a driver hint, lets copy the regulatory domain the
2077 		 * driver wanted to the wiphy to deal with conflicts
2078 		 */
2079 
2080 		/*
2081 		 * Userspace could have sent two replies with only
2082 		 * one kernel request.
2083 		 */
2084 		if (request_wiphy->regd)
2085 			return -EALREADY;
2086 
2087 		r = reg_copy_regd(&request_wiphy->regd, rd);
2088 		if (r)
2089 			return r;
2090 
2091 		reset_regdomains();
2092 		cfg80211_regdomain = rd;
2093 		return 0;
2094 	}
2095 
2096 	/* Intersection requires a bit more work */
2097 
2098 	if (last_request->initiator != NL80211_REGDOM_SET_BY_COUNTRY_IE) {
2099 
2100 		intersected_rd = regdom_intersect(rd, cfg80211_regdomain);
2101 		if (!intersected_rd)
2102 			return -EINVAL;
2103 
2104 		/*
2105 		 * We can trash what CRDA provided now.
2106 		 * However if a driver requested this specific regulatory
2107 		 * domain we keep it for its private use
2108 		 */
2109 		if (last_request->initiator == NL80211_REGDOM_SET_BY_DRIVER)
2110 			request_wiphy->regd = rd;
2111 		else
2112 			kfree(rd);
2113 
2114 		rd = NULL;
2115 
2116 		reset_regdomains();
2117 		cfg80211_regdomain = intersected_rd;
2118 
2119 		return 0;
2120 	}
2121 
2122 	/*
2123 	 * Country IE requests are handled a bit differently, we intersect
2124 	 * the country IE rd with what CRDA believes that country should have
2125 	 */
2126 
2127 	/*
2128 	 * Userspace could have sent two replies with only
2129 	 * one kernel request. By the second reply we would have
2130 	 * already processed and consumed the country_ie_regdomain.
2131 	 */
2132 	if (!country_ie_regdomain)
2133 		return -EALREADY;
2134 	BUG_ON(rd == country_ie_regdomain);
2135 
2136 	/*
2137 	 * Intersect what CRDA returned and our what we
2138 	 * had built from the Country IE received
2139 	 */
2140 
2141 	intersected_rd = regdom_intersect(rd, country_ie_regdomain);
2142 
2143 	reg_country_ie_process_debug(rd,
2144 				     country_ie_regdomain,
2145 				     intersected_rd);
2146 
2147 	kfree(country_ie_regdomain);
2148 	country_ie_regdomain = NULL;
2149 
2150 	if (!intersected_rd)
2151 		return -EINVAL;
2152 
2153 	rdev = wiphy_to_dev(request_wiphy);
2154 
2155 	rdev->country_ie_alpha2[0] = rd->alpha2[0];
2156 	rdev->country_ie_alpha2[1] = rd->alpha2[1];
2157 	rdev->env = last_request->country_ie_env;
2158 
2159 	BUG_ON(intersected_rd == rd);
2160 
2161 	kfree(rd);
2162 	rd = NULL;
2163 
2164 	reset_regdomains();
2165 	cfg80211_regdomain = intersected_rd;
2166 
2167 	return 0;
2168 }
2169 
2170 
2171 /*
2172  * Use this call to set the current regulatory domain. Conflicts with
2173  * multiple drivers can be ironed out later. Caller must've already
2174  * kmalloc'd the rd structure. Caller must hold cfg80211_mutex
2175  */
2176 int set_regdom(const struct ieee80211_regdomain *rd)
2177 {
2178 	int r;
2179 
2180 	assert_cfg80211_lock();
2181 
2182 	mutex_lock(&reg_mutex);
2183 
2184 	/* Note that this doesn't update the wiphys, this is done below */
2185 	r = __set_regdom(rd);
2186 	if (r) {
2187 		kfree(rd);
2188 		mutex_unlock(&reg_mutex);
2189 		return r;
2190 	}
2191 
2192 	/* This would make this whole thing pointless */
2193 	if (!last_request->intersect)
2194 		BUG_ON(rd != cfg80211_regdomain);
2195 
2196 	/* update all wiphys now with the new established regulatory domain */
2197 	update_all_wiphy_regulatory(last_request->initiator);
2198 
2199 	print_regdomain(cfg80211_regdomain);
2200 
2201 	nl80211_send_reg_change_event(last_request);
2202 
2203 	mutex_unlock(&reg_mutex);
2204 
2205 	return r;
2206 }
2207 
2208 /* Caller must hold cfg80211_mutex */
2209 void reg_device_remove(struct wiphy *wiphy)
2210 {
2211 	struct wiphy *request_wiphy = NULL;
2212 
2213 	assert_cfg80211_lock();
2214 
2215 	mutex_lock(&reg_mutex);
2216 
2217 	kfree(wiphy->regd);
2218 
2219 	if (last_request)
2220 		request_wiphy = wiphy_idx_to_wiphy(last_request->wiphy_idx);
2221 
2222 	if (!request_wiphy || request_wiphy != wiphy)
2223 		goto out;
2224 
2225 	last_request->wiphy_idx = WIPHY_IDX_STALE;
2226 	last_request->country_ie_env = ENVIRON_ANY;
2227 out:
2228 	mutex_unlock(&reg_mutex);
2229 }
2230 
2231 int regulatory_init(void)
2232 {
2233 	int err = 0;
2234 
2235 	reg_pdev = platform_device_register_simple("regulatory", 0, NULL, 0);
2236 	if (IS_ERR(reg_pdev))
2237 		return PTR_ERR(reg_pdev);
2238 
2239 	spin_lock_init(&reg_requests_lock);
2240 	spin_lock_init(&reg_pending_beacons_lock);
2241 
2242 #ifdef CONFIG_WIRELESS_OLD_REGULATORY
2243 	cfg80211_regdomain = static_regdom(ieee80211_regdom);
2244 
2245 	printk(KERN_INFO "cfg80211: Using static regulatory domain info\n");
2246 	print_regdomain_info(cfg80211_regdomain);
2247 #else
2248 	cfg80211_regdomain = cfg80211_world_regdom;
2249 
2250 #endif
2251 	/* We always try to get an update for the static regdomain */
2252 	err = regulatory_hint_core(cfg80211_regdomain->alpha2);
2253 	if (err) {
2254 		if (err == -ENOMEM)
2255 			return err;
2256 		/*
2257 		 * N.B. kobject_uevent_env() can fail mainly for when we're out
2258 		 * memory which is handled and propagated appropriately above
2259 		 * but it can also fail during a netlink_broadcast() or during
2260 		 * early boot for call_usermodehelper(). For now treat these
2261 		 * errors as non-fatal.
2262 		 */
2263 		printk(KERN_ERR "cfg80211: kobject_uevent_env() was unable "
2264 			"to call CRDA during init");
2265 #ifdef CONFIG_CFG80211_REG_DEBUG
2266 		/* We want to find out exactly why when debugging */
2267 		WARN_ON(err);
2268 #endif
2269 	}
2270 
2271 	/*
2272 	 * Finally, if the user set the module parameter treat it
2273 	 * as a user hint.
2274 	 */
2275 	if (!is_world_regdom(ieee80211_regdom))
2276 		regulatory_hint_user(ieee80211_regdom);
2277 
2278 	return 0;
2279 }
2280 
2281 void regulatory_exit(void)
2282 {
2283 	struct regulatory_request *reg_request, *tmp;
2284 	struct reg_beacon *reg_beacon, *btmp;
2285 
2286 	cancel_work_sync(&reg_work);
2287 
2288 	mutex_lock(&cfg80211_mutex);
2289 	mutex_lock(&reg_mutex);
2290 
2291 	reset_regdomains();
2292 
2293 	kfree(country_ie_regdomain);
2294 	country_ie_regdomain = NULL;
2295 
2296 	kfree(last_request);
2297 
2298 	platform_device_unregister(reg_pdev);
2299 
2300 	spin_lock_bh(&reg_pending_beacons_lock);
2301 	if (!list_empty(&reg_pending_beacons)) {
2302 		list_for_each_entry_safe(reg_beacon, btmp,
2303 					 &reg_pending_beacons, list) {
2304 			list_del(&reg_beacon->list);
2305 			kfree(reg_beacon);
2306 		}
2307 	}
2308 	spin_unlock_bh(&reg_pending_beacons_lock);
2309 
2310 	if (!list_empty(&reg_beacon_list)) {
2311 		list_for_each_entry_safe(reg_beacon, btmp,
2312 					 &reg_beacon_list, list) {
2313 			list_del(&reg_beacon->list);
2314 			kfree(reg_beacon);
2315 		}
2316 	}
2317 
2318 	spin_lock(&reg_requests_lock);
2319 	if (!list_empty(&reg_requests_list)) {
2320 		list_for_each_entry_safe(reg_request, tmp,
2321 					 &reg_requests_list, list) {
2322 			list_del(&reg_request->list);
2323 			kfree(reg_request);
2324 		}
2325 	}
2326 	spin_unlock(&reg_requests_lock);
2327 
2328 	mutex_unlock(&reg_mutex);
2329 	mutex_unlock(&cfg80211_mutex);
2330 }
2331