Ticket #517: madwifi-0.9.2-appie.diff

madwifi-0.9.2/ath/if_ath.c

@@ -1188 +1188 @@
-        struct ath_hal *ah = sc->sc_ah;
-        struct ath_vap *avp = ATH_VAP(vap);
-        int decrease = 1;
+        int i;
-        KASSERT(vap->iv_state == IEEE80211_S_INIT, ("vap not stopped"));
-
-        if (dev->flags & IFF_RUNNING) {
@@ -1261 +1262 @@
-        }
-#endif
-
+        for (i = 0; i < IEEE80211_APPIE_NUM_OF_FRAME; ++ i) {
+                if (vap->app_ie[i].ie != NULL) {
+                        FREE(vap->app_ie[i].ie, M_DEVBUF);
+                        vap->app_ie[i].ie = NULL;
+                        vap->app_ie[i].length = 0;
+                }
+        }
+
-        if (dev->flags & IFF_RUNNING) {
-                /*
-                 * Restart rx+tx machines if device is still running.

madwifi-0.9.2/net80211/ieee80211.h

@@ -353 +353 @@
-};
-
-/* 
+ * Generic information element
+ */
+struct ieee80211_ie {
+        u_int8_t id;
+        u_int8_t len;
+        u_int8_t info[];
+} __packed;
+
+/* 
- * Country information element.
- */
-#define IEEE80211_COUNTRY_MAX_TRIPLETS (83)

madwifi-0.9.2/net80211/ieee80211_beacon.c

@@ -183 +183 @@
-        if (vap->iv_xrvap && vap->iv_ath_cap & IEEE80211_ATHC_XR)       /* XR */
-                frm = ieee80211_add_xr_param(frm, vap);
-#endif
+        bo->bo_appie_buf = frm;
+        bo->bo_appie_buf_len = 0;
-        
-        bo->bo_tim_trailerlen = frm - bo->bo_tim_trailer;
-        bo->bo_chanswitch_trailerlen = frm - bo->bo_chanswitch;
@@ -524 +526 @@
-            IEEE80211_IS_CHAN_TURBO(ic->ic_curchan))
-                ieee80211_add_athAdvCap(bo->bo_ath_caps, vap->iv_bss->ni_ath_flags,
-                        vap->iv_bss->ni_ath_defkeyindex);
+        /* add APP_IE buffer if app updated it */
+        if (vap->iv_flags_ext & IEEE80211_FEXT_APPIE_UPDATE) {
+                /* adjust the buffer size if the size is changed */
+                if (vap->app_ie[IEEE80211_APPIE_FRAME_BEACON].length != bo->bo_appie_buf_len) {
+                        int diff_len;
+                        diff_len = vap->app_ie[IEEE80211_APPIE_FRAME_BEACON].length - bo->bo_appie_buf_len;
+
+                        if (diff_len > 0)
+                                skb_put(skb, diff_len);
+                        else
+                                skb_trim(skb, skb->len + diff_len);
+
+                        bo->bo_appie_buf_len = vap->app_ie[IEEE80211_APPIE_FRAME_BEACON].length;
+                        /* update the trailer lens */
+                        bo->bo_chanswitch_trailerlen += diff_len;
+                        bo->bo_tim_trailerlen += diff_len;
+
+                        len_changed = 1;
+                }
+                memcpy(bo->bo_appie_buf,vap->app_ie[IEEE80211_APPIE_FRAME_BEACON].ie,
+                        vap->app_ie[IEEE80211_APPIE_FRAME_BEACON].length);
+
+                vap->iv_flags_ext &= ~IEEE80211_FEXT_APPIE_UPDATE;
+        }
+
-        IEEE80211_UNLOCK(ic);
-
-        return len_changed;

madwifi-0.9.2/net80211/ieee80211_input.c

@@ -2209 +2209 @@
-#endif /* ATH_SUPERG_DYNTURBO */
-}
-
+static void
+forward_mgmt_to_app(struct ieee80211vap *vap, int subtype, struct sk_buff *skb,
+        struct ieee80211_frame *wh)
+{
+        struct net_device *dev = vap->iv_dev;
+        int filter_type = 0;
+
+        switch (subtype) {
+        case IEEE80211_FC0_SUBTYPE_BEACON:
+                filter_type = IEEE80211_FILTER_TYPE_BEACON;
+                break;
+        case IEEE80211_FC0_SUBTYPE_PROBE_REQ:
+                filter_type = IEEE80211_FILTER_TYPE_PROBE_REQ;
+                break;
+        case IEEE80211_FC0_SUBTYPE_PROBE_RESP:
+                filter_type = IEEE80211_FILTER_TYPE_PROBE_RESP;
+                break;
+        case IEEE80211_FC0_SUBTYPE_ASSOC_REQ:
+        case IEEE80211_FC0_SUBTYPE_REASSOC_REQ:
+                filter_type = IEEE80211_FILTER_TYPE_ASSOC_REQ;
+                break;
+        case IEEE80211_FC0_SUBTYPE_ASSOC_RESP:
+        case IEEE80211_FC0_SUBTYPE_REASSOC_RESP:
+                filter_type = IEEE80211_FILTER_TYPE_ASSOC_RESP;
+                break;
+        case IEEE80211_FC0_SUBTYPE_AUTH:
+                filter_type = IEEE80211_FILTER_TYPE_AUTH;
+                break;
+        case IEEE80211_FC0_SUBTYPE_DEAUTH:
+                filter_type = IEEE80211_FILTER_TYPE_DEAUTH;
+                break;
+        case IEEE80211_FC0_SUBTYPE_DISASSOC:
+                filter_type = IEEE80211_FILTER_TYPE_DISASSOC;
+                break;
+        default:
+                break;
+        }
+
+        if (filter_type && ((vap->app_filter & filter_type) == filter_type)) {
+                struct sk_buff *skb1;
+
+                skb1 = skb_copy(skb, GFP_ATOMIC);
+                if (skb1 == NULL)
+                        return;
+                skb1->dev = dev;
+                skb1->mac.raw = skb1->data;
+                skb1->ip_summed = CHECKSUM_NONE;
+                skb1->pkt_type = PACKET_OTHERHOST;
+                skb1->protocol = __constant_htons(0x0019);  /* ETH_P_80211_RAW */
+
+                netif_rx(skb1);
+        }
+}
+
-void
-ieee80211_saveath(struct ieee80211_node *ni, u_int8_t *ie)
-{
@@ -2380 +2434 @@
-        wh = (struct ieee80211_frame *) skb->data;
-        frm = (u_int8_t *)&wh[1];
-        efrm = skb->data + skb->len;
+
+        /* forward management frame to application */
+        if (vap->iv_opmode != IEEE80211_M_MONITOR)
+                forward_mgmt_to_app(vap, subtype, skb, wh);
+
-        switch (subtype) {
-        case IEEE80211_FC0_SUBTYPE_PROBE_RESP:
-        case IEEE80211_FC0_SUBTYPE_BEACON: {

madwifi-0.9.2/net80211/ieee80211_ioctl.h

@@ -471 +471 @@
-#define IEEE80211_IOC_DELMAC            55      /* del sta from MAC ACL table */
-#define IEEE80211_IOC_FF                56      /* ATH fast frames (on, off) */
-#define IEEE80211_IOC_TURBOP            57      /* ATH turbo' (on, off) */
+#define IEEE80211_IOC_APPIEBUF          58      /* IE in the management frame */
+#define IEEE80211_IOC_FILTERFRAME       59      /* management frame filter */
-
-/*
- * Scan result data returned for IEEE80211_IOC_SCAN_RESULTS.
@@ -514 +516 @@
-#define IEEE80211_IOCTL_SETCHANLIST     (SIOCIWFIRSTPRIV+6)
-#define IEEE80211_IOCTL_GETCHANLIST     (SIOCIWFIRSTPRIV+7)
-#define IEEE80211_IOCTL_CHANSWITCH      (SIOCIWFIRSTPRIV+8)
+#define IEEE80211_IOCTL_GET_APPIEBUF    (SIOCIWFIRSTPRIV+9)
+#define IEEE80211_IOCTL_SET_APPIEBUF    (SIOCIWFIRSTPRIV+10)
+#define IEEE80211_IOCTL_FILTERFRAME     (SIOCIWFIRSTPRIV+12)
-#define IEEE80211_IOCTL_GETCHANINFO     (SIOCIWFIRSTPRIV+13)
-#define IEEE80211_IOCTL_SETOPTIE        (SIOCIWFIRSTPRIV+14)
-#define IEEE80211_IOCTL_GETOPTIE        (SIOCIWFIRSTPRIV+15)
@@ -525 +530 @@
-#define IEEE80211_IOCTL_WDSADDMAC       (SIOCIWFIRSTPRIV+26)
-#define IEEE80211_IOCTL_WDSDELMAC       (SIOCIWFIRSTPRIV+28)
-#define IEEE80211_IOCTL_KICKMAC         (SIOCIWFIRSTPRIV+30)
+
-enum {
-        IEEE80211_WMMPARAMS_CWMIN       = 1,
-        IEEE80211_WMMPARAMS_CWMAX       = 2,
@@ -612 +618 @@
-#define IEEE80211_NO_STABEACONS 0x0002          /* Do not setup the station beacon timers */
-};
-
+/* APPIEBUF related definitions */
+
+/* Management frame type to which application IE is added */
+enum {
+        IEEE80211_APPIE_FRAME_BEACON            = 0,
+        IEEE80211_APPIE_FRAME_PROBE_REQ         = 1,
+        IEEE80211_APPIE_FRAME_PROBE_RESP        = 2,
+        IEEE80211_APPIE_FRAME_ASSOC_REQ         = 3,
+        IEEE80211_APPIE_FRAME_ASSOC_RESP        = 4,
+        IEEE80211_APPIE_NUM_OF_FRAME            = 5
+};
+
+struct ieee80211req_getset_appiebuf {
+        u_int32_t       app_frmtype;            /* management frame type for which buffer is added */
+        u_int32_t       app_buflen;             /* application-supplied buffer length */
+        u_int8_t        app_buf[];              /* application-supplied IE(s) */
+};
+
+/* Flags ORed by application to set filter for receiving management frames */
+enum {
+        IEEE80211_FILTER_TYPE_BEACON            = 1<<0,
+        IEEE80211_FILTER_TYPE_PROBE_REQ         = 1<<1,
+        IEEE80211_FILTER_TYPE_PROBE_RESP        = 1<<2,
+        IEEE80211_FILTER_TYPE_ASSOC_REQ         = 1<<3,
+        IEEE80211_FILTER_TYPE_ASSOC_RESP        = 1<<4,
+        IEEE80211_FILTER_TYPE_AUTH              = 1<<5,
+        IEEE80211_FILTER_TYPE_DEAUTH            = 1<<6,
+        IEEE80211_FILTER_TYPE_DISASSOC          = 1<<7,
+        IEEE80211_FILTER_TYPE_ALL               = 0xFF  /* used to check the valid filter bits */
+};
+
+struct ieee80211req_set_filter {
+        u_int32_t app_filterype;                /* management frame filter type */
+};
+
+
-#endif /* __linux__ */
-
-#endif /* _NET80211_IEEE80211_IOCTL_H_ */

madwifi-0.9.2/net80211/ieee80211_output.c

@@ -1719 +1719 @@
-        skb = ieee80211_getmgtframe(&frm, 2 + IEEE80211_NWID_LEN + 
-               2 + IEEE80211_RATE_SIZE + 
-               2 + (IEEE80211_RATE_MAXSIZE - IEEE80211_RATE_SIZE) + 
-
+
+
-        if (skb == NULL) {
-                vap->iv_stats.is_tx_nobuf++;
-                ieee80211_free_node(ni);
@@ -1735 +1736 @@
-                memcpy(frm, optie, optielen);
-                frm += optielen;
-        }
+
+        if (vap->app_ie[IEEE80211_APPIE_FRAME_PROBE_REQ].ie) {
+                memcpy(frm, vap->app_ie[IEEE80211_APPIE_FRAME_PROBE_REQ].ie,
+                        vap->app_ie[IEEE80211_APPIE_FRAME_PROBE_REQ].length);
+                frm += vap->app_ie[IEEE80211_APPIE_FRAME_PROBE_REQ].length;
+        }
+
-        skb_trim(skb, frm - skb->data);
-
-        cb = (struct ieee80211_cb *)skb->cb;
@@ -1831 +1839 @@
-                        + (vap->iv_ath_cap & IEEE80211_ATHC_XR ?        /* XR */
-                                sizeof(struct ieee80211_xr_param) : 0)
-#endif
+                        + vap->app_ie[IEEE80211_APPIE_FRAME_PROBE_RESP].length
-                );
-                if (skb == NULL)
-                        senderr(ENOMEM, is_tx_nobuf);
@@ -1926 +1935 @@
-                if (vap->iv_xrvap && vap->iv_ath_cap & IEEE80211_ATHC_XR)
-                        frm = ieee80211_add_xr_param(frm, vap);
-#endif
+                if (vap->app_ie[IEEE80211_APPIE_FRAME_PROBE_RESP].ie) {
+                        memcpy(frm, vap->app_ie[IEEE80211_APPIE_FRAME_PROBE_RESP].ie,
+                                vap->app_ie[IEEE80211_APPIE_FRAME_PROBE_RESP].length);
+                        frm += vap->app_ie[IEEE80211_APPIE_FRAME_PROBE_RESP].length;
+                }
+
-                skb_trim(skb, frm - skb->data);
-                break;
-
@@ -2026 +2041 @@
-                        2 + (IEEE80211_RATE_MAXSIZE - IEEE80211_RATE_SIZE) +
-                        sizeof(struct ieee80211_ie_wme) +
-                        sizeof(struct ieee80211_ie_athAdvCap) +
-
+
+
-                if (skb == NULL)
-                        senderr(ENOMEM, is_tx_nobuf);
-
@@ -2097 +2113 @@
-                        memcpy(frm, vap->iv_opt_ie, vap->iv_opt_ie_len);
-                        frm += vap->iv_opt_ie_len;
-                }
+
+                if (vap->app_ie[IEEE80211_APPIE_FRAME_ASSOC_REQ].ie) {
+                        memcpy(frm, vap->app_ie[IEEE80211_APPIE_FRAME_ASSOC_REQ].ie,
+                                vap->app_ie[IEEE80211_APPIE_FRAME_ASSOC_REQ].length);
+                        frm += vap->app_ie[IEEE80211_APPIE_FRAME_ASSOC_REQ].length;
+                }
+
-                skb_trim(skb, frm - skb->data);
-
-                timer = IEEE80211_TRANS_WAIT;
@@ -2119 +2142 @@
-                        2 + IEEE80211_RATE_SIZE +
-                        2 + (IEEE80211_RATE_MAXSIZE - IEEE80211_RATE_SIZE) +
-                        sizeof(struct ieee80211_wme_param) +
-
+
+
-                if (skb == NULL)
-                        senderr(ENOMEM, is_tx_nobuf);
-
@@ -2164 +2188 @@
-                                vap->iv_ath_cap & ni->ni_ath_flags,
-                                ni->ni_ath_defkeyindex); 
-
+                if (vap->app_ie[IEEE80211_APPIE_FRAME_ASSOC_RESP].ie) {
+                        memcpy(frm, vap->app_ie[IEEE80211_APPIE_FRAME_ASSOC_RESP].ie,
+                                vap->app_ie[IEEE80211_APPIE_FRAME_ASSOC_RESP].length);
+                        frm += vap->app_ie[IEEE80211_APPIE_FRAME_ASSOC_RESP].length;
+                }
+
-                skb_trim(skb, frm - skb->data);
-                break;
-

madwifi-0.9.2/net80211/ieee80211_proto.h

@@ -265 +265 @@
-        u_int8_t *bo_ath_caps;          /* where ath caps is */
-        u_int8_t *bo_xr;                        /* start of xr element */
-        u_int8_t *bo_erp;               /* start of ERP element */
+        u_int8_t *bo_appie_buf;         /* start of APP IE buf */
+        u_int16_t bo_appie_buf_len;     /* APP IE buf length in bytes */
-        u_int16_t bo_chanswitch_trailerlen;
-};
-struct sk_buff *ieee80211_beacon_alloc(struct ieee80211_node *,

madwifi-0.9.2/net80211/ieee80211_var.h

@@ -88 +88 @@
-#define IEEE80211_TU_TO_MS(x)   (((x) * 1024) / 1000)
-#define IEEE80211_TU_TO_JIFFIES(x) ((IEEE80211_TU_TO_MS(x) * HZ) / 1000)
-
+#define IEEE80211_APPIE_MAX     1024
+
-#define IEEE80211_PWRCONSTRAINT_VAL(ic) \
-        (((ic)->ic_bsschan->ic_maxregpower > (ic)->ic_curchanmaxpwr) ? \
-            (ic)->ic_bsschan->ic_maxregpower - (ic)->ic_curchanmaxpwr : 0)
@@ -289 +291 @@
-};
-#endif
-
+struct ieee80211_app_ie_t {
+        u_int32_t               length;         /* buffer length */
+        struct ieee80211_ie    *ie;             /* buffer containing one or more IEs */
+};
+
-struct ieee80211vap {
-        struct net_device *iv_dev;              /* associated device */
-        struct net_device_stats iv_devstats;    /* interface statistics */
@@ -392 +399 @@
-        unsigned int iv_nsdone;                 /* Done with scheduled newstate tasklet */
-        uint8_t wds_mac[IEEE80211_ADDR_LEN];
-        struct ieee80211_spy iv_spy;            /* IWSPY support */
+        struct ieee80211_app_ie_t app_ie[IEEE80211_APPIE_NUM_OF_FRAME]; /* app-specified IEs by frame type */
+        u_int32_t app_filter;                   /* filters which management frames are forwarded to app */
+
-};
-MALLOC_DECLARE(M_80211_VAP);
-
@@ -451 +461 @@
-#define IEEE80211_FEXT_ERPUPDATE 0x00000200     /* STATUS: update ERP element */
-#define IEEE80211_FEXT_SWBMISS 0x00000400       /* CONF: use software beacon timer */
-#define IEEE80211_FEXT_DROPUNENC_EAPOL 0x00000800      /* CONF: drop unencrypted eapol frames */
+#define IEEE80211_FEXT_APPIE_UPDATE 0x00001000  /* STATE: beacon APP IE updated */
-
-#define IEEE80211_COM_UAPSD_ENABLE(_ic)         ((_ic)->ic_flags_ext |= IEEE80211_FEXT_UAPSD)
-#define IEEE80211_COM_UAPSD_DISABLE(_ic)        ((_ic)->ic_flags_ext &= ~IEEE80211_FEXT_UAPSD)

madwifi-0.9.2/net80211/ieee80211_wireless.c

@@ -2747 +2747 @@
-        return 0;
-}
-
+/* returns non-zero if ID is for a system IE (not for app use) */
+static int
+is_sys_ie(u_int8_t ie_id)
+{
+        /* XXX review this list */
+        switch (ie_id) {
+        case IEEE80211_ELEMID_SSID:
+        case IEEE80211_ELEMID_RATES:
+        case IEEE80211_ELEMID_FHPARMS:
+        case IEEE80211_ELEMID_DSPARMS:
+        case IEEE80211_ELEMID_CFPARMS:
+        case IEEE80211_ELEMID_TIM:
+        case IEEE80211_ELEMID_IBSSPARMS:
+        case IEEE80211_ELEMID_COUNTRY:
+        case IEEE80211_ELEMID_REQINFO:
+        case IEEE80211_ELEMID_CHALLENGE:
+        case IEEE80211_ELEMID_PWRCNSTR:
+        case IEEE80211_ELEMID_PWRCAP:
+        case IEEE80211_ELEMID_TPCREQ:
+        case IEEE80211_ELEMID_TPCREP:
+        case IEEE80211_ELEMID_SUPPCHAN:
+        case IEEE80211_ELEMID_CHANSWITCHANN:
+        case IEEE80211_ELEMID_MEASREQ:
+        case IEEE80211_ELEMID_MEASREP:
+        case IEEE80211_ELEMID_QUIET:
+        case IEEE80211_ELEMID_IBSSDFS:
+        case IEEE80211_ELEMID_ERP:
+        case IEEE80211_ELEMID_RSN:
+        case IEEE80211_ELEMID_XRATES:
+        case IEEE80211_ELEMID_TPC:
+        case IEEE80211_ELEMID_CCKM:
+                return 1;
+        default:
+                return 0;
+        }
+}
+
+/* returns non-zero if the buffer appears to contain a valid IE list */
+static int
+is_valid_ie_list(u_int32_t buf_len, void *buf, int exclude_sys_ies)
+{
+        struct ieee80211_ie *ie = (struct ieee80211_ie *)buf;
+
+        while (buf_len >= sizeof(*ie)) {
+                int ie_elem_len = sizeof(*ie) + ie->len;
+                if (buf_len < ie_elem_len)
+                        break;
+                if (exclude_sys_ies && is_sys_ie(ie->id))
+                        break;
+                buf_len -= ie_elem_len;
+                ie = (struct ieee80211_ie *)(ie->info + ie->len);
+        }
+
+        return (buf_len == 0) ? 1 : 0;
+}
+
-static int
-ieee80211_ioctl_setoptie(struct net_device *dev, struct iw_request_info *info,
-        struct iw_point *wri, char *extra)
@@ -2762 +2818 @@
-         */
-        if (vap->iv_opmode != IEEE80211_M_STA)
-                return -EINVAL;
+        if (! is_valid_ie_list(wri->length, extra, 0))
+                return -EINVAL;
-        /* NB: wri->length is validated by the wireless extensions code */
-        MALLOC(ie, void *, wri->length, M_DEVBUF, M_WAITOK);
-        if (ie == NULL)
-                return -ENOMEM;
-        memcpy(ie, extra, wri->length);
-        /* XXX sanity check data? */
-        if (vap->iv_opt_ie != NULL)
-                FREE(vap->iv_opt_ie, M_DEVBUF);
-        vap->iv_opt_ie = ie;
@@ -2795 +2852 @@
-        return 0;
-}
-
+/* the following functions are used by the set/get appiebuf functions */
+static int
+add_app_ie(unsigned int frame_type_index, struct ieee80211vap *vap,
+        struct ieee80211req_getset_appiebuf *iebuf)
+{
+        struct ieee80211_ie *ie;
+
+        if (! is_valid_ie_list(iebuf->app_buflen, iebuf->app_buf, 1))
+                return -EINVAL;
+        /* NB: data.length is validated by the wireless extensions code */
+        MALLOC(ie, struct ieee80211_ie *, iebuf->app_buflen, M_DEVBUF, M_WAITOK);
+        if (ie == NULL)
+                return -ENOMEM;
+
+        memcpy(ie, iebuf->app_buf, iebuf->app_buflen);
+        if (vap->app_ie[frame_type_index].ie != NULL)
+                FREE(vap->app_ie[frame_type_index].ie, M_DEVBUF);
+        vap->app_ie[frame_type_index].ie = ie;
+        vap->app_ie[frame_type_index].length = iebuf->app_buflen;
+
+        return 0;
+}
+
+static int
+remove_app_ie(unsigned int frame_type_index, struct ieee80211vap *vap)
+{
+        struct ieee80211_app_ie_t *app_ie = &vap->app_ie[frame_type_index];
+        if (app_ie->ie != NULL) {
+                FREE(app_ie->ie, M_DEVBUF);
+                app_ie->ie = NULL;
+                app_ie->length = 0;
+        }
+        return 0;
+}
+
+static int
+get_app_ie(unsigned int frame_type_index, struct ieee80211vap *vap,
+        struct ieee80211req_getset_appiebuf *iebuf)
+{
+        struct ieee80211_app_ie_t *app_ie = &vap->app_ie[frame_type_index];
+        if (iebuf->app_buflen < app_ie->length)
+                return -EINVAL;
+
+        iebuf->app_buflen = app_ie->length;
+        memcpy(iebuf->app_buf, app_ie->ie, app_ie->length);
+        return 0;
+}
+
+static int
+ieee80211_ioctl_setappiebuf(struct net_device *dev,
+        struct iw_request_info *info,
+        void *w, char *extra)
+{
+        struct ieee80211vap *vap = dev->priv;
+        struct ieee80211req_getset_appiebuf *iebuf =
+                (struct ieee80211req_getset_appiebuf *)extra;
+        enum ieee80211_opmode chk_opmode;
+        int rc = 0;
+
+        if (iebuf->app_buflen > IEEE80211_APPIE_MAX)
+                return -EINVAL;
+
+        switch (iebuf->app_frmtype) {
+        case IEEE80211_APPIE_FRAME_BEACON:
+        case IEEE80211_APPIE_FRAME_PROBE_RESP:
+        case IEEE80211_APPIE_FRAME_ASSOC_RESP:
+                chk_opmode = IEEE80211_M_HOSTAP;
+                break;
+        case IEEE80211_APPIE_FRAME_PROBE_REQ:
+        case IEEE80211_APPIE_FRAME_ASSOC_REQ:
+                chk_opmode = IEEE80211_M_STA;
+                break;
+        default:
+                return -EINVAL;
+        }
+        if (vap->iv_opmode != chk_opmode)
+                return -EINVAL;
+
+        if (iebuf->app_buflen)
+                rc = add_app_ie(iebuf->app_frmtype, vap, iebuf);
+        else
+                rc = remove_app_ie(iebuf->app_frmtype, vap);
+        if ((iebuf->app_frmtype == IEEE80211_APPIE_FRAME_BEACON) && (rc == 0))
+                vap->iv_flags_ext |= IEEE80211_FEXT_APPIE_UPDATE;
+
+        return rc;
+}
+
+static int
+ieee80211_ioctl_getappiebuf(struct net_device *dev, struct iw_request_info *info,
+        void *w, char *extra)
+{
+        struct ieee80211vap *vap = dev->priv;
+        struct ieee80211req_getset_appiebuf *iebuf =
+                (struct ieee80211req_getset_appiebuf *)extra;
+
+        switch (iebuf->app_frmtype) {
+        case IEEE80211_APPIE_FRAME_BEACON:
+        case IEEE80211_APPIE_FRAME_PROBE_RESP:
+        case IEEE80211_APPIE_FRAME_ASSOC_RESP:
+                if (vap->iv_opmode == IEEE80211_M_STA)
+                        return -EINVAL;
+                break;
+        case IEEE80211_APPIE_FRAME_PROBE_REQ:
+        case IEEE80211_APPIE_FRAME_ASSOC_REQ:
+                if (vap->iv_opmode != IEEE80211_M_STA)
+                        return -EINVAL;
+                break;
+        default:
+                return -EINVAL;
+        }
+
+        return get_app_ie(iebuf->app_frmtype, vap, iebuf);
+}
+
+static int
+ieee80211_ioctl_setfilter(struct net_device *dev, struct iw_request_info *info,
+        void *w, char *extra)
+{
+        struct ieee80211vap *vap = dev->priv;
+        struct ieee80211req_set_filter *app_filter = (struct ieee80211req_set_filter *)extra;
+
+        if ((extra == NULL) || (app_filter->app_filterype & ~IEEE80211_FILTER_TYPE_ALL))
+                return -EINVAL;
+
+        vap->app_filter = app_filter->app_filterype;
+
+        return 0;
+}
+
-static int
-ieee80211_ioctl_setkey(struct net_device *dev, struct iw_request_info *info,
-        void *w, char *extra)
@@ -4506 +4693 @@
-        IW_PRIV_TYPE_BYTE | sizeof(struct ieee80211req_chanlist)
-#define IW_PRIV_TYPE_CHANINFO \
-        IW_PRIV_TYPE_BYTE | sizeof(struct ieee80211req_chaninfo)
+#define IW_PRIV_TYPE_APPIEBUF \
+        (IW_PRIV_TYPE_BYTE | IEEE80211_APPIE_MAX)
+#define IW_PRIV_TYPE_FILTER \
+        IW_PRIV_TYPE_BYTE | sizeof(struct ieee80211req_set_filter)
-
-static const struct iw_priv_args ieee80211_priv_args[] = {
-        /* NB: setoptie & getoptie are !IW_PRIV_SIZE_FIXED */
@@ -4832 +5023 @@
-          IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, 0, "markdfs" },
-        { IEEE80211_PARAM_MARKDFS,
-          0, IW_PRIV_TYPE_INT | IW_PRIV_SIZE_FIXED | 1, "get_markdfs" },
+        { IEEE80211_IOCTL_SET_APPIEBUF,
+          IW_PRIV_TYPE_APPIEBUF, 0, "setiebuf" },
+        { IEEE80211_IOCTL_GET_APPIEBUF,
+          0, IW_PRIV_TYPE_APPIEBUF, "getiebuf" },
+        { IEEE80211_IOCTL_FILTERFRAME,
+          IW_PRIV_TYPE_FILTER , 0, "setfilter" },
-
-#endif /* WIRELESS_EXT >= 12 */
-};
@@ -4913 +5110 @@
-        (iw_handler) ieee80211_ioctl_setchanlist,       /* SIOCIWFIRSTPRIV+6 */
-        (iw_handler) ieee80211_ioctl_getchanlist,       /* SIOCIWFIRSTPRIV+7 */
-        (iw_handler) ieee80211_ioctl_chanswitch,        /* SIOCIWFIRSTPRIV+8 */
-NULL,                     
-NULL,                     
+ieee80211_ioctl_getappiebuf,
+ieee80211_ioctl_setappiebuf,
-        (iw_handler) ieee80211_ioctl_getscanresults,    /* SIOCIWFIRSTPRIV+11 */
-NULL,             
+ieee80211_ioctl_setfilter,
-        (iw_handler) ieee80211_ioctl_getchaninfo,       /* SIOCIWFIRSTPRIV+13 */
-        (iw_handler) ieee80211_ioctl_setoptie,          /* SIOCIWFIRSTPRIV+14 */
-        (iw_handler) ieee80211_ioctl_getoptie,          /* SIOCIWFIRSTPRIV+15 */