之前在看wifi driver源代码时一直有一个疑惑就是net dev的wireless_handlers中(WEXT类型的接口)提供两个iw_handler接口,怎么知道上层是调用的是private中的函数还是standard中的SIOCSIWPRIV接口和SIOCGIWPRIV接口。
问Wifi的FAE,人家也不清楚,后来没办法只好在源代码中找,现在终于有点头绪与大家分享一下。
android 中有个system/netd/目录,在netd下有个softapController.cpp文件实际上该文件实现了程序iwpriv的功能,那么这个程序是干嘛的呢?嘿嘿从名字就可看出啦是给softap下control 命令的。至于这些命令从哪里来,待后续有机会再与大家分享netd部分时再讨论。
分析代码的从入口函数开始,构造函数
SoftapController::SoftapController()
mSock = socket(AF_INET,SOCK_DGRAM, 0); //socket调用,这个我们之前有分析过,这个mSock很重要,这就是socket关联的文件描述符接口,上层通过该接口与内核沟通。
其它函数除了getPrivFuncNum外基本都是开给上层的函数接口,用于和底层沟通。我们就分析打开softap执行的第一个函数startDriver
fnum = getPrivFuncNum(iface,"START");//函数用START作为参数,并返回该函数在driver中private中的第几个
ret = ioctl(mSock, fnum, &wrq);//执行指定的(”START”所对应的)程序
getPrivFuncNum函数
strncpy(wrq.ifr_name, iface, sizeof(wrq.ifr_name));//指定net device 比如wlan0/eth0
wrq.u.data.pointer = mBuf;
wrq.u.data.length = sizeof(mBuf) /sizeof(struct iw_priv_args);
wrq.u.data.flags = 0;
if ((ret = ioctl(mSock,SIOCGIWPRIV, &wrq)) < 0) {//获得driver private handler的iw_priv_args
LOGE("SIOCGIPRIV failed: %d",ret);
return ret;
}
priv_ptr = (struct iw_priv_args*)wrq.u.data.pointer;
for(i=0;(i < wrq.u.data.length);i++) {
if (strcmp(priv_ptr[i].name, fname) ==0)//找出指定CMD
return priv_ptr[i].cmd;
}
之前看这段代码时真是困惑死了,SIOCGIWPRIV明明是standard提供的一个标准接口且在我要调用的wifi driver中并没有实现怎么会调用结果是获得private 的iw_priv_args,目前我先将该疑问留着到后面自然会明白。
如下我只分析ioctl(mSock, SIOCGIWPRIV,&wrq)的流程,其它的ioctl流程基本一致只是过程中调用不同的函数。
如上调用实际上该函数最终通过系统调用调用到kernel space.如下所示
kernel/fs/Ioctl.c
SYSCALL_DEFINE3(ioctl, unsigned int, fd,unsigned int, cmd, unsigned long, arg)
{
……………………………………………………………………..
error= do_vfs_ioctl(filp, fd, cmd, arg);//调用虚拟文件系统的ioctl
……………………………………………………………..
}
如上系统调用ioctl
int do_vfs_ioctl(struct file *filp,unsigned int fd, unsigned int cmd,
unsigned long arg)
switch (cmd) {
…………………………………………..
default:
if(S_ISREG(filp->f_path.dentry->d_inode->i_mode))
error= file_ioctl(filp, cmd, arg);
else
error= vfs_ioctl(filp, cmd, arg);
break;
staticlong vfs_ioctl(struct file *filp, unsigned int cmd,
unsigned long arg)
{
int error = -ENOTTY;
if (!filp->f_op)
goto out;
if (filp->f_op->unlocked_ioctl) {
error = filp->f_op->unlocked_ioctl(filp, cmd, arg);//此处调用的文件描述符接口在创建socket时init_file中赋值file->f_op = fop;
if (error == -ENOIOCTLCMD)
error = -EINVAL;
goto out;
在本例中如上实际上调用了socket的文件描述符,该描述符在创建socket时就提供如“android基于Socket的系统调用实现”中描述。
socket_file_ops. unlocked_ioctl = sock_ioctl
如下列出部分commond的宏定义,具体在kernel/include/linux/Wireless.h中定义。
#define SIOCGIWPRIV 0x8B0D
#define SIOCIWFIRSTPRIV 0x8BE0//第一个privatecommand对应位址
#define SIOCIWLASTPRIV 0x8BFF
#define SIOCIWFIRST 0x8B00
#define SIOCIWLAST SIOCIWLASTPRIV
static longsock_ioctl(struct file *file, unsigned cmd, unsigned long arg)
#ifdef CONFIG_WIRELESS_EXT
if(cmd >= SIOCIWFIRST && cmd <= SIOCIWLAST) {// 很明显SIOCGIWPRIV是在条件之内的。
err= dev_ioctl(net, cmd, argp);
}else
#endif
kernel/net/core/Dev.c
int dev_ioctl(struct net*net, unsigned int cmd, void __user *arg)
/* Take care of Wireless Extensions */
if(cmd >= SIOCIWFIRST && cmd <= SIOCIWLAST)
return wext_handle_ioctl(net, &ifr, cmd, arg);
kernel/net/wireless/Wext.c
intwext_handle_ioctl(struct net *net, struct ifreq *ifr, unsigned int cmd,
void __user *arg)
ret= wext_ioctl_dispatch(net, ifr, cmd, &info,
ioctl_standard_call,//调用执行driver提供的standard handler
ioctl_private_call);// 调用执行driver提供的private handler
if(ret >= 0 &&
IW_IS_GET(cmd) &&
copy_to_user(arg, ifr, sizeof(structiwreq)))
static int wext_ioctl_dispatch(struct net*net, struct ifreq *ifr,
unsigned int cmd, struct iw_request_info*info,
wext_ioctl_func standard,
wext_ioctl_func private)
dev_load(net, ifr->ifr_name);//根据名字得到net
rtnl_lock();
ret= wireless_process_ioctl(net, ifr, cmd, info, standard, private);
rtnl_unlock();
void dev_load(struct net *net, const char*name)
{
structnet_device *dev;
read_lock(&dev_base_lock);
dev= __dev_get_by_name(net, name);
read_unlock(&dev_base_lock);
if(!dev && capable(CAP_NET_ADMIN))
request_module("%s",name);
}
//dev_load通过name获取net的dev,name就是softapcontroller.cpp中getPrivFuncNum的第一个参数iface
static int wireless_process_ioctl(structnet *net, struct ifreq *ifr,
unsigned int cmd,
struct iw_request_info *info,
wext_ioctl_func standard,
wext_ioctl_func private)
if(cmd == SIOCGIWSTATS)
return standard(dev, iwr,cmd, info,
&iw_handler_get_iwstats);//get status,和SIOCGIWPRIV一样是个特殊的command,从代码跟下去看,wifidriver提供了指定接口。
if (cmd == SIOCGIWPRIV &&dev->wireless_handlers)
return standard(dev, iwr, cmd,info,
&iw_handler_get_private); //get private handle的信息(句柄,参数等)
static int ioctl_standard_call(structnet_device * dev,
struct iwreq *iwr,
unsigned int cmd,
struct iw_request_info *info,
iw_handler handler)
descr = &(standard_ioctl[cmd- SIOCIWFIRST]);//获得指定cmd的一些信息如下有描述该结构体数组
/*Check if we have a pointer to user space data or not */
if(descr->header_type != IW_HEADER_TYPE_POINT){
/*No extra arguments. Trivial to handle */
ret= handler(dev, info, &(iwr->u), NULL);
/*Generate an event to notify listeners of the change */
if((descr->flags & IW_DESCR_FLAG_EVENT) &&
((ret== 0) || (ret == -EIWCOMMIT)))
wireless_send_event(dev,cmd, &(iwr->u), NULL);
}else {// SIOCGIWPRIV调用下面的函数,其中handler为iw_handler_get_private
ret= ioctl_standard_iw_point(&iwr->u.data, cmd, descr,
handler,dev, info);
}
static const struct iw_ioctl_description standard_ioctl[] = {
[SIOCSIWCOMMIT - SIOCIWFIRST] = {
.header_type = IW_HEADER_TYPE_NULL,
},
-----------------------------------省略号-----------------------------------------------------
[SIOCGIWPRIV -SIOCIWFIRST] = { /* (handled directly by us) *///看见原注释没,实际作用是获得driver中提供的private handle的个数及对应cmd的位置,以便调用到指定private handle。
.header_type = IW_HEADER_TYPE_POINT,
.token_size = sizeof(struct iw_priv_args),
.max_tokens = 16,
.flags = IW_DESCR_FLAG_NOMAX,
},
[SIOCSIWSTATS - SIOCIWFIRST] = {
.header_type = IW_HEADER_TYPE_NULL,
},
[SIOCGIWSTATS -SIOCIWFIRST] = { /* (handled directly by us) */ //get status command
.header_type = IW_HEADER_TYPE_POINT,
.token_size = 1,
.max_tokens = sizeof(struct iw_statistics),
.flags = IW_DESCR_FLAG_DUMP,
},
-----------------------------------省略号-----------------------------------------------------
static int ioctl_standard_iw_point(structiw_point *iwp, unsigned int cmd,
const struct iw_ioctl_description *descr,
iw_handler handler, struct net_device *dev,
struct iw_request_info *info)
err = handler(dev,info, (union iwreq_data *) iwp, extra);
/*---------------------------------------------------------------- */
/*
* Standard Wireless Handler : get iwpriv definitions
* Export the driver private handler definition
* They will be picked up by tools like iwpriv...
*/
static int iw_handler_get_private(structnet_device * dev,
struct iw_request_info * info,
union iwreq_data * wrqu,
char * extra)
{
/*Check if the driver has something to export */
if((dev->wireless_handlers->num_private_args == 0) ||
(dev->wireless_handlers->private_args== NULL))
return-EOPNOTSUPP;
/*Check if there is enough buffer up there */
if(wrqu->data.length < dev->wireless_handlers->num_private_args) {
/*User space can't know in advance how large the buffer
* needs to be. Give it a hint, so that we cansupport
* any size buffer we want somewhatefficiently... */
wrqu->data.length= dev->wireless_handlers->num_private_args;
return-E2BIG;
}
/* Set the number of available ioctls. */
wrqu->data.length =dev->wireless_handlers->num_private_args;
/* Copy structure to the user buffer. */
memcpy(extra, dev->wireless_handlers->private_args,
sizeof(structiw_priv_args) * wrqu->data.length);
return0;
}
如下为某wifi driver中定义的wext接口
const struct iw_handler_defwl_iw_handler_def =
{
.num_standard= ARRAYSIZE(wl_iw_handler),
.standard= (iw_handler *) wl_iw_handler,
.num_private= ARRAYSIZE(wl_iw_priv_handler),
.num_private_args = ARRAY_SIZE(wl_iw_priv_args),
.private= (iw_handler *)wl_iw_priv_handler,
.private_args = (void *) wl_iw_priv_args,
#if WIRELESS_EXT >= 19
get_wireless_stats:dhd_get_wireless_stats,// SIOCGIWSTATS执行的接口
#endif
};
#endif
至此可知道SIOCGIWPRIV实际上是将iface作为net设备名所对应的driver num_private_args及private_args传给上层。接下来再调用对应的privatehandler中的函数.
如start ioctl_private_call
#if WIRELESS_EXT > 12
static const iw_handlerwl_iw_priv_handler[] = {
NULL,//SIOCIWFIRSTPRIV+0
(iw_handler)wl_iw_set_active_scan,//SIOCIWFIRSTPRIV+1
NULL,
(iw_handler)wl_iw_get_rssi,//SIOCIWFIRSTPRIV+3
NULL,
(iw_handler)wl_iw_set_passive_scan,//SIOCIWFIRSTPRIV+5
NULL,
(iw_handler)wl_iw_get_link_speed,//SIOCIWFIRSTPRIV+7
NULL,
(iw_handler)wl_iw_get_macaddr,//SIOCIWFIRSTPRIV+9
NULL,
(iw_handler)wl_iw_control_wl_off,//SIOCIWFIRSTPRIV+11
NULL,
(iw_handler)wl_iw_control_wl_on,//SIOCIWFIRSTPRIV+13 所以调用start就是调用driver中该函数。
#ifdef SOFTAP
NULL,
(iw_handler)iwpriv_set_ap_config,
NULL,
(iw_handler)iwpriv_get_assoc_list,
NULL,
(iw_handler)iwpriv_set_mac_filters,
NULL,
(iw_handler)iwpriv_en_ap_bss,
NULL,
(iw_handler)iwpriv_wpasupp_loop_tst,
NULL,
(iw_handler)iwpriv_softap_stop,
NULL,
(iw_handler)iwpriv_fw_reload,
#endif
#if defined(CSCAN)
NULL,
(iw_handler)iwpriv_set_cscan
#endif
};
//start command在如下中定义。
static const struct iw_priv_argswl_iw_priv_args[] =
{
…………………………………………………………………………………………….
{
WL_IW_SET_START,//start 对应command,该command在wifi driver中有定义位址,可根据SIOCIWFIRSTPRIV(第一个privatecmd位址)来计算偏移。该driver中定义:#define WL_IW_SET_START (SIOCIWFIRSTPRIV+13)
0,
IW_PRIV_TYPE_CHAR| IW_PRIV_SIZE_FIXED | MAX_WX_STRING,
"START"
},
from:http://blog.csdn.net/zjjdyb/article/details/20993117