]>
Commit | Line | Data |
---|---|---|
3f5285e8 JM |
1 | /* |
2 | * WPA Supplicant - driver interaction with Linux nl80211/cfg80211 | |
3 | * Copyright (c) 2003-2008, Jouni Malinen <j@w1.fi> | |
4 | * | |
5 | * This program is free software; you can redistribute it and/or modify | |
6 | * it under the terms of the GNU General Public License version 2 as | |
7 | * published by the Free Software Foundation. | |
8 | * | |
9 | * Alternatively, this software may be distributed under the terms of BSD | |
10 | * license. | |
11 | * | |
12 | * See README and COPYING for more details. | |
13 | */ | |
14 | ||
15 | #include "includes.h" | |
16 | #include <sys/ioctl.h> | |
17 | #include <net/if_arp.h> | |
18 | #include <netlink/genl/genl.h> | |
19 | #include <netlink/genl/family.h> | |
20 | #include <netlink/genl/ctrl.h> | |
21 | #include <linux/nl80211.h> | |
1c873584 JM |
22 | #ifdef CONFIG_CLIENT_MLME |
23 | #include <netpacket/packet.h> | |
24 | #include <linux/if_ether.h> | |
25 | #include "radiotap.h" | |
26 | #include "radiotap_iter.h" | |
27 | #endif /* CONFIG_CLIENT_MLME */ | |
3f5285e8 JM |
28 | |
29 | #include "wireless_copy.h" | |
30 | #include "common.h" | |
31 | #include "driver.h" | |
32 | #include "eloop.h" | |
33 | #include "ieee802_11_defs.h" | |
34 | ||
35 | #ifndef IFF_LOWER_UP | |
36 | #define IFF_LOWER_UP 0x10000 /* driver signals L1 up */ | |
37 | #endif | |
38 | #ifndef IFF_DORMANT | |
39 | #define IFF_DORMANT 0x20000 /* driver signals dormant */ | |
40 | #endif | |
41 | ||
42 | #ifndef IF_OPER_DORMANT | |
43 | #define IF_OPER_DORMANT 5 | |
44 | #endif | |
45 | #ifndef IF_OPER_UP | |
46 | #define IF_OPER_UP 6 | |
47 | #endif | |
48 | ||
49 | ||
50 | struct wpa_driver_nl80211_data { | |
51 | void *ctx; | |
52 | int event_sock; | |
53 | int ioctl_sock; | |
54 | char ifname[IFNAMSIZ + 1]; | |
55 | int ifindex; | |
7524cfb1 | 56 | int if_removed; |
3f5285e8 JM |
57 | u8 *assoc_req_ies; |
58 | size_t assoc_req_ies_len; | |
59 | u8 *assoc_resp_ies; | |
60 | size_t assoc_resp_ies_len; | |
61 | struct wpa_driver_capa capa; | |
62 | int has_capability; | |
63 | int we_version_compiled; | |
64 | ||
65 | /* for set_auth_alg fallback */ | |
66 | int use_crypt; | |
67 | int auth_alg_fallback; | |
68 | ||
69 | int operstate; | |
70 | ||
71 | char mlmedev[IFNAMSIZ + 1]; | |
72 | ||
73 | int scan_complete_events; | |
74 | ||
75 | struct nl_handle *nl_handle; | |
76 | struct nl_cache *nl_cache; | |
77 | struct nl_cb *nl_cb; | |
78 | struct genl_family *nl80211; | |
1c873584 JM |
79 | |
80 | #ifdef CONFIG_CLIENT_MLME | |
81 | int monitor_sock; /* socket for monitor */ | |
82 | int monitor_ifidx; | |
83 | #endif /* CONFIG_CLIENT_MLME */ | |
3f5285e8 JM |
84 | }; |
85 | ||
86 | ||
87 | static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx, | |
88 | void *timeout_ctx); | |
89 | static int wpa_driver_nl80211_set_mode(void *priv, int mode); | |
90 | static int wpa_driver_nl80211_flush_pmkid(void *priv); | |
91 | static int wpa_driver_nl80211_get_range(void *priv); | |
7524cfb1 JM |
92 | static void |
93 | wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv); | |
94 | ||
3f5285e8 | 95 | |
6241fcb1 JM |
96 | /* nl80211 code */ |
97 | static int ack_handler(struct nl_msg *msg, void *arg) | |
98 | { | |
99 | int *err = arg; | |
100 | *err = 0; | |
101 | return NL_STOP; | |
102 | } | |
103 | ||
104 | static int finish_handler(struct nl_msg *msg, void *arg) | |
105 | { | |
8e8df255 JM |
106 | int *ret = arg; |
107 | *ret = 0; | |
6241fcb1 JM |
108 | return NL_SKIP; |
109 | } | |
110 | ||
111 | static int error_handler(struct sockaddr_nl *nla, struct nlmsgerr *err, | |
112 | void *arg) | |
113 | { | |
114 | int *ret = arg; | |
115 | *ret = err->error; | |
116 | return NL_SKIP; | |
117 | } | |
118 | ||
119 | static int send_and_recv_msgs(struct wpa_driver_nl80211_data *drv, | |
120 | struct nl_msg *msg, | |
121 | int (*valid_handler)(struct nl_msg *, void *), | |
122 | void *valid_data) | |
123 | { | |
124 | struct nl_cb *cb; | |
125 | int err = -ENOMEM; | |
126 | ||
127 | cb = nl_cb_clone(drv->nl_cb); | |
128 | if (!cb) | |
129 | goto out; | |
130 | ||
131 | err = nl_send_auto_complete(drv->nl_handle, msg); | |
132 | if (err < 0) | |
133 | goto out; | |
134 | ||
135 | err = 1; | |
136 | ||
137 | nl_cb_err(cb, NL_CB_CUSTOM, error_handler, &err); | |
8e8df255 | 138 | nl_cb_set(cb, NL_CB_FINISH, NL_CB_CUSTOM, finish_handler, &err); |
6241fcb1 JM |
139 | nl_cb_set(cb, NL_CB_ACK, NL_CB_CUSTOM, ack_handler, &err); |
140 | ||
141 | if (valid_handler) | |
142 | nl_cb_set(cb, NL_CB_VALID, NL_CB_CUSTOM, | |
143 | valid_handler, valid_data); | |
144 | ||
145 | while (err > 0) | |
146 | nl_recvmsgs(drv->nl_handle, cb); | |
147 | out: | |
148 | nl_cb_put(cb); | |
149 | nlmsg_free(msg); | |
150 | return err; | |
151 | } | |
152 | ||
153 | ||
3f5285e8 JM |
154 | static int wpa_driver_nl80211_send_oper_ifla( |
155 | struct wpa_driver_nl80211_data *drv, | |
156 | int linkmode, int operstate) | |
157 | { | |
158 | struct { | |
159 | struct nlmsghdr hdr; | |
160 | struct ifinfomsg ifinfo; | |
161 | char opts[16]; | |
162 | } req; | |
163 | struct rtattr *rta; | |
164 | static int nl_seq; | |
165 | ssize_t ret; | |
166 | ||
167 | os_memset(&req, 0, sizeof(req)); | |
168 | ||
169 | req.hdr.nlmsg_len = NLMSG_LENGTH(sizeof(struct ifinfomsg)); | |
170 | req.hdr.nlmsg_type = RTM_SETLINK; | |
171 | req.hdr.nlmsg_flags = NLM_F_REQUEST; | |
172 | req.hdr.nlmsg_seq = ++nl_seq; | |
173 | req.hdr.nlmsg_pid = 0; | |
174 | ||
175 | req.ifinfo.ifi_family = AF_UNSPEC; | |
176 | req.ifinfo.ifi_type = 0; | |
177 | req.ifinfo.ifi_index = drv->ifindex; | |
178 | req.ifinfo.ifi_flags = 0; | |
179 | req.ifinfo.ifi_change = 0; | |
180 | ||
181 | if (linkmode != -1) { | |
182 | rta = (struct rtattr *) | |
183 | ((char *) &req + NLMSG_ALIGN(req.hdr.nlmsg_len)); | |
184 | rta->rta_type = IFLA_LINKMODE; | |
185 | rta->rta_len = RTA_LENGTH(sizeof(char)); | |
186 | *((char *) RTA_DATA(rta)) = linkmode; | |
187 | req.hdr.nlmsg_len = NLMSG_ALIGN(req.hdr.nlmsg_len) + | |
188 | RTA_LENGTH(sizeof(char)); | |
189 | } | |
190 | if (operstate != -1) { | |
191 | rta = (struct rtattr *) | |
192 | ((char *) &req + NLMSG_ALIGN(req.hdr.nlmsg_len)); | |
193 | rta->rta_type = IFLA_OPERSTATE; | |
194 | rta->rta_len = RTA_LENGTH(sizeof(char)); | |
195 | *((char *) RTA_DATA(rta)) = operstate; | |
196 | req.hdr.nlmsg_len = NLMSG_ALIGN(req.hdr.nlmsg_len) + | |
197 | RTA_LENGTH(sizeof(char)); | |
198 | } | |
199 | ||
200 | wpa_printf(MSG_DEBUG, "WEXT: Operstate: linkmode=%d, operstate=%d", | |
201 | linkmode, operstate); | |
202 | ||
203 | ret = send(drv->event_sock, &req, req.hdr.nlmsg_len, 0); | |
204 | if (ret < 0) { | |
205 | wpa_printf(MSG_DEBUG, "WEXT: Sending operstate IFLA failed: " | |
206 | "%s (assume operstate is not supported)", | |
207 | strerror(errno)); | |
208 | } | |
209 | ||
210 | return ret < 0 ? -1 : 0; | |
211 | } | |
212 | ||
213 | ||
214 | static int wpa_driver_nl80211_set_auth_param( | |
215 | struct wpa_driver_nl80211_data *drv, int idx, u32 value) | |
216 | { | |
217 | struct iwreq iwr; | |
218 | int ret = 0; | |
219 | ||
220 | os_memset(&iwr, 0, sizeof(iwr)); | |
221 | os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ); | |
222 | iwr.u.param.flags = idx & IW_AUTH_INDEX; | |
223 | iwr.u.param.value = value; | |
224 | ||
225 | if (ioctl(drv->ioctl_sock, SIOCSIWAUTH, &iwr) < 0) { | |
226 | if (errno != EOPNOTSUPP) { | |
227 | wpa_printf(MSG_DEBUG, "WEXT: SIOCSIWAUTH(param %d " | |
228 | "value 0x%x) failed: %s)", | |
229 | idx, value, strerror(errno)); | |
230 | } | |
231 | ret = errno == EOPNOTSUPP ? -2 : -1; | |
232 | } | |
233 | ||
234 | return ret; | |
235 | } | |
236 | ||
237 | ||
238 | static int wpa_driver_nl80211_get_bssid(void *priv, u8 *bssid) | |
239 | { | |
240 | struct wpa_driver_nl80211_data *drv = priv; | |
241 | struct iwreq iwr; | |
242 | int ret = 0; | |
243 | ||
244 | os_memset(&iwr, 0, sizeof(iwr)); | |
245 | os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ); | |
246 | ||
247 | if (ioctl(drv->ioctl_sock, SIOCGIWAP, &iwr) < 0) { | |
248 | perror("ioctl[SIOCGIWAP]"); | |
249 | ret = -1; | |
250 | } | |
251 | os_memcpy(bssid, iwr.u.ap_addr.sa_data, ETH_ALEN); | |
252 | ||
253 | return ret; | |
254 | } | |
255 | ||
256 | ||
257 | static int wpa_driver_nl80211_set_bssid(void *priv, const u8 *bssid) | |
258 | { | |
259 | struct wpa_driver_nl80211_data *drv = priv; | |
260 | struct iwreq iwr; | |
261 | int ret = 0; | |
262 | ||
263 | os_memset(&iwr, 0, sizeof(iwr)); | |
264 | os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ); | |
265 | iwr.u.ap_addr.sa_family = ARPHRD_ETHER; | |
266 | if (bssid) | |
267 | os_memcpy(iwr.u.ap_addr.sa_data, bssid, ETH_ALEN); | |
268 | else | |
269 | os_memset(iwr.u.ap_addr.sa_data, 0, ETH_ALEN); | |
270 | ||
271 | if (ioctl(drv->ioctl_sock, SIOCSIWAP, &iwr) < 0) { | |
272 | perror("ioctl[SIOCSIWAP]"); | |
273 | ret = -1; | |
274 | } | |
275 | ||
276 | return ret; | |
277 | } | |
278 | ||
279 | ||
280 | static int wpa_driver_nl80211_get_ssid(void *priv, u8 *ssid) | |
281 | { | |
282 | struct wpa_driver_nl80211_data *drv = priv; | |
283 | struct iwreq iwr; | |
284 | int ret = 0; | |
285 | ||
286 | os_memset(&iwr, 0, sizeof(iwr)); | |
287 | os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ); | |
288 | iwr.u.essid.pointer = (caddr_t) ssid; | |
289 | iwr.u.essid.length = 32; | |
290 | ||
291 | if (ioctl(drv->ioctl_sock, SIOCGIWESSID, &iwr) < 0) { | |
292 | perror("ioctl[SIOCGIWESSID]"); | |
293 | ret = -1; | |
294 | } else { | |
295 | ret = iwr.u.essid.length; | |
296 | if (ret > 32) | |
297 | ret = 32; | |
298 | /* Some drivers include nul termination in the SSID, so let's | |
299 | * remove it here before further processing. WE-21 changes this | |
300 | * to explicitly require the length _not_ to include nul | |
301 | * termination. */ | |
302 | if (ret > 0 && ssid[ret - 1] == '\0' && | |
303 | drv->we_version_compiled < 21) | |
304 | ret--; | |
305 | } | |
306 | ||
307 | return ret; | |
308 | } | |
309 | ||
310 | ||
311 | static int wpa_driver_nl80211_set_ssid(void *priv, const u8 *ssid, | |
312 | size_t ssid_len) | |
313 | { | |
314 | struct wpa_driver_nl80211_data *drv = priv; | |
315 | struct iwreq iwr; | |
316 | int ret = 0; | |
317 | char buf[33]; | |
318 | ||
319 | if (ssid_len > 32) | |
320 | return -1; | |
321 | ||
322 | os_memset(&iwr, 0, sizeof(iwr)); | |
323 | os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ); | |
324 | /* flags: 1 = ESSID is active, 0 = not (promiscuous) */ | |
325 | iwr.u.essid.flags = (ssid_len != 0); | |
326 | os_memset(buf, 0, sizeof(buf)); | |
327 | os_memcpy(buf, ssid, ssid_len); | |
328 | iwr.u.essid.pointer = (caddr_t) buf; | |
329 | if (drv->we_version_compiled < 21) { | |
330 | /* For historic reasons, set SSID length to include one extra | |
331 | * character, C string nul termination, even though SSID is | |
332 | * really an octet string that should not be presented as a C | |
333 | * string. Some Linux drivers decrement the length by one and | |
334 | * can thus end up missing the last octet of the SSID if the | |
335 | * length is not incremented here. WE-21 changes this to | |
336 | * explicitly require the length _not_ to include nul | |
337 | * termination. */ | |
338 | if (ssid_len) | |
339 | ssid_len++; | |
340 | } | |
341 | iwr.u.essid.length = ssid_len; | |
342 | ||
343 | if (ioctl(drv->ioctl_sock, SIOCSIWESSID, &iwr) < 0) { | |
344 | perror("ioctl[SIOCSIWESSID]"); | |
345 | ret = -1; | |
346 | } | |
347 | ||
348 | return ret; | |
349 | } | |
350 | ||
351 | ||
352 | static int wpa_driver_nl80211_set_freq(void *priv, int freq) | |
353 | { | |
354 | struct wpa_driver_nl80211_data *drv = priv; | |
355 | struct iwreq iwr; | |
356 | int ret = 0; | |
357 | ||
358 | os_memset(&iwr, 0, sizeof(iwr)); | |
359 | os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ); | |
360 | iwr.u.freq.m = freq * 100000; | |
361 | iwr.u.freq.e = 1; | |
362 | ||
363 | if (ioctl(drv->ioctl_sock, SIOCSIWFREQ, &iwr) < 0) { | |
364 | perror("ioctl[SIOCSIWFREQ]"); | |
365 | ret = -1; | |
366 | } | |
367 | ||
368 | return ret; | |
369 | } | |
370 | ||
371 | ||
372 | static void | |
373 | wpa_driver_nl80211_event_wireless_custom(void *ctx, char *custom) | |
374 | { | |
375 | union wpa_event_data data; | |
376 | ||
377 | wpa_printf(MSG_MSGDUMP, "WEXT: Custom wireless event: '%s'", | |
378 | custom); | |
379 | ||
380 | os_memset(&data, 0, sizeof(data)); | |
381 | /* Host AP driver */ | |
382 | if (os_strncmp(custom, "MLME-MICHAELMICFAILURE.indication", 33) == 0) { | |
383 | data.michael_mic_failure.unicast = | |
384 | os_strstr(custom, " unicast ") != NULL; | |
385 | /* TODO: parse parameters(?) */ | |
386 | wpa_supplicant_event(ctx, EVENT_MICHAEL_MIC_FAILURE, &data); | |
387 | } else if (os_strncmp(custom, "ASSOCINFO(ReqIEs=", 17) == 0) { | |
388 | char *spos; | |
389 | int bytes; | |
390 | ||
391 | spos = custom + 17; | |
392 | ||
393 | bytes = strspn(spos, "0123456789abcdefABCDEF"); | |
394 | if (!bytes || (bytes & 1)) | |
395 | return; | |
396 | bytes /= 2; | |
397 | ||
398 | data.assoc_info.req_ies = os_malloc(bytes); | |
399 | if (data.assoc_info.req_ies == NULL) | |
400 | return; | |
401 | ||
402 | data.assoc_info.req_ies_len = bytes; | |
403 | hexstr2bin(spos, data.assoc_info.req_ies, bytes); | |
404 | ||
405 | spos += bytes * 2; | |
406 | ||
407 | data.assoc_info.resp_ies = NULL; | |
408 | data.assoc_info.resp_ies_len = 0; | |
409 | ||
410 | if (os_strncmp(spos, " RespIEs=", 9) == 0) { | |
411 | spos += 9; | |
412 | ||
413 | bytes = strspn(spos, "0123456789abcdefABCDEF"); | |
414 | if (!bytes || (bytes & 1)) | |
415 | goto done; | |
416 | bytes /= 2; | |
417 | ||
418 | data.assoc_info.resp_ies = os_malloc(bytes); | |
419 | if (data.assoc_info.resp_ies == NULL) | |
420 | goto done; | |
421 | ||
422 | data.assoc_info.resp_ies_len = bytes; | |
423 | hexstr2bin(spos, data.assoc_info.resp_ies, bytes); | |
424 | } | |
425 | ||
426 | wpa_supplicant_event(ctx, EVENT_ASSOCINFO, &data); | |
427 | ||
428 | done: | |
429 | os_free(data.assoc_info.resp_ies); | |
430 | os_free(data.assoc_info.req_ies); | |
431 | #ifdef CONFIG_PEERKEY | |
432 | } else if (os_strncmp(custom, "STKSTART.request=", 17) == 0) { | |
433 | if (hwaddr_aton(custom + 17, data.stkstart.peer)) { | |
434 | wpa_printf(MSG_DEBUG, "WEXT: unrecognized " | |
435 | "STKSTART.request '%s'", custom + 17); | |
436 | return; | |
437 | } | |
438 | wpa_supplicant_event(ctx, EVENT_STKSTART, &data); | |
439 | #endif /* CONFIG_PEERKEY */ | |
440 | } | |
441 | } | |
442 | ||
443 | ||
444 | static int wpa_driver_nl80211_event_wireless_michaelmicfailure( | |
445 | void *ctx, const char *ev, size_t len) | |
446 | { | |
447 | const struct iw_michaelmicfailure *mic; | |
448 | union wpa_event_data data; | |
449 | ||
450 | if (len < sizeof(*mic)) | |
451 | return -1; | |
452 | ||
453 | mic = (const struct iw_michaelmicfailure *) ev; | |
454 | ||
455 | wpa_printf(MSG_DEBUG, "Michael MIC failure wireless event: " | |
456 | "flags=0x%x src_addr=" MACSTR, mic->flags, | |
457 | MAC2STR(mic->src_addr.sa_data)); | |
458 | ||
459 | os_memset(&data, 0, sizeof(data)); | |
460 | data.michael_mic_failure.unicast = !(mic->flags & IW_MICFAILURE_GROUP); | |
461 | wpa_supplicant_event(ctx, EVENT_MICHAEL_MIC_FAILURE, &data); | |
462 | ||
463 | return 0; | |
464 | } | |
465 | ||
466 | ||
467 | static int wpa_driver_nl80211_event_wireless_pmkidcand( | |
468 | struct wpa_driver_nl80211_data *drv, const char *ev, size_t len) | |
469 | { | |
470 | const struct iw_pmkid_cand *cand; | |
471 | union wpa_event_data data; | |
472 | const u8 *addr; | |
473 | ||
474 | if (len < sizeof(*cand)) | |
475 | return -1; | |
476 | ||
477 | cand = (const struct iw_pmkid_cand *) ev; | |
478 | addr = (const u8 *) cand->bssid.sa_data; | |
479 | ||
480 | wpa_printf(MSG_DEBUG, "PMKID candidate wireless event: " | |
481 | "flags=0x%x index=%d bssid=" MACSTR, cand->flags, | |
482 | cand->index, MAC2STR(addr)); | |
483 | ||
484 | os_memset(&data, 0, sizeof(data)); | |
485 | os_memcpy(data.pmkid_candidate.bssid, addr, ETH_ALEN); | |
486 | data.pmkid_candidate.index = cand->index; | |
487 | data.pmkid_candidate.preauth = cand->flags & IW_PMKID_CAND_PREAUTH; | |
488 | wpa_supplicant_event(drv->ctx, EVENT_PMKID_CANDIDATE, &data); | |
489 | ||
490 | return 0; | |
491 | } | |
492 | ||
493 | ||
494 | static int wpa_driver_nl80211_event_wireless_assocreqie( | |
495 | struct wpa_driver_nl80211_data *drv, const char *ev, int len) | |
496 | { | |
497 | if (len < 0) | |
498 | return -1; | |
499 | ||
500 | wpa_hexdump(MSG_DEBUG, "AssocReq IE wireless event", (const u8 *) ev, | |
501 | len); | |
502 | os_free(drv->assoc_req_ies); | |
503 | drv->assoc_req_ies = os_malloc(len); | |
504 | if (drv->assoc_req_ies == NULL) { | |
505 | drv->assoc_req_ies_len = 0; | |
506 | return -1; | |
507 | } | |
508 | os_memcpy(drv->assoc_req_ies, ev, len); | |
509 | drv->assoc_req_ies_len = len; | |
510 | ||
511 | return 0; | |
512 | } | |
513 | ||
514 | ||
515 | static int wpa_driver_nl80211_event_wireless_assocrespie( | |
516 | struct wpa_driver_nl80211_data *drv, const char *ev, int len) | |
517 | { | |
518 | if (len < 0) | |
519 | return -1; | |
520 | ||
521 | wpa_hexdump(MSG_DEBUG, "AssocResp IE wireless event", (const u8 *) ev, | |
522 | len); | |
523 | os_free(drv->assoc_resp_ies); | |
524 | drv->assoc_resp_ies = os_malloc(len); | |
525 | if (drv->assoc_resp_ies == NULL) { | |
526 | drv->assoc_resp_ies_len = 0; | |
527 | return -1; | |
528 | } | |
529 | os_memcpy(drv->assoc_resp_ies, ev, len); | |
530 | drv->assoc_resp_ies_len = len; | |
531 | ||
532 | return 0; | |
533 | } | |
534 | ||
535 | ||
536 | static void wpa_driver_nl80211_event_assoc_ies(struct wpa_driver_nl80211_data *drv) | |
537 | { | |
538 | union wpa_event_data data; | |
539 | ||
540 | if (drv->assoc_req_ies == NULL && drv->assoc_resp_ies == NULL) | |
541 | return; | |
542 | ||
543 | os_memset(&data, 0, sizeof(data)); | |
544 | if (drv->assoc_req_ies) { | |
545 | data.assoc_info.req_ies = drv->assoc_req_ies; | |
546 | drv->assoc_req_ies = NULL; | |
547 | data.assoc_info.req_ies_len = drv->assoc_req_ies_len; | |
548 | } | |
549 | if (drv->assoc_resp_ies) { | |
550 | data.assoc_info.resp_ies = drv->assoc_resp_ies; | |
551 | drv->assoc_resp_ies = NULL; | |
552 | data.assoc_info.resp_ies_len = drv->assoc_resp_ies_len; | |
553 | } | |
554 | ||
555 | wpa_supplicant_event(drv->ctx, EVENT_ASSOCINFO, &data); | |
556 | ||
557 | os_free(data.assoc_info.req_ies); | |
558 | os_free(data.assoc_info.resp_ies); | |
559 | } | |
560 | ||
561 | ||
562 | static void wpa_driver_nl80211_event_wireless(struct wpa_driver_nl80211_data *drv, | |
563 | void *ctx, char *data, int len) | |
564 | { | |
565 | struct iw_event iwe_buf, *iwe = &iwe_buf; | |
566 | char *pos, *end, *custom, *buf; | |
567 | ||
568 | pos = data; | |
569 | end = data + len; | |
570 | ||
571 | while (pos + IW_EV_LCP_LEN <= end) { | |
572 | /* Event data may be unaligned, so make a local, aligned copy | |
573 | * before processing. */ | |
574 | os_memcpy(&iwe_buf, pos, IW_EV_LCP_LEN); | |
575 | wpa_printf(MSG_DEBUG, "Wireless event: cmd=0x%x len=%d", | |
576 | iwe->cmd, iwe->len); | |
577 | if (iwe->len <= IW_EV_LCP_LEN) | |
578 | return; | |
579 | ||
580 | custom = pos + IW_EV_POINT_LEN; | |
581 | if (drv->we_version_compiled > 18 && | |
582 | (iwe->cmd == IWEVMICHAELMICFAILURE || | |
583 | iwe->cmd == IWEVCUSTOM || | |
584 | iwe->cmd == IWEVASSOCREQIE || | |
585 | iwe->cmd == IWEVASSOCRESPIE || | |
586 | iwe->cmd == IWEVPMKIDCAND)) { | |
587 | /* WE-19 removed the pointer from struct iw_point */ | |
588 | char *dpos = (char *) &iwe_buf.u.data.length; | |
589 | int dlen = dpos - (char *) &iwe_buf; | |
590 | os_memcpy(dpos, pos + IW_EV_LCP_LEN, | |
591 | sizeof(struct iw_event) - dlen); | |
592 | } else { | |
593 | os_memcpy(&iwe_buf, pos, sizeof(struct iw_event)); | |
594 | custom += IW_EV_POINT_OFF; | |
595 | } | |
596 | ||
597 | switch (iwe->cmd) { | |
598 | case SIOCGIWAP: | |
599 | wpa_printf(MSG_DEBUG, "Wireless event: new AP: " | |
600 | MACSTR, | |
601 | MAC2STR((u8 *) iwe->u.ap_addr.sa_data)); | |
602 | if (is_zero_ether_addr( | |
603 | (const u8 *) iwe->u.ap_addr.sa_data) || | |
604 | os_memcmp(iwe->u.ap_addr.sa_data, | |
605 | "\x44\x44\x44\x44\x44\x44", ETH_ALEN) == | |
606 | 0) { | |
607 | os_free(drv->assoc_req_ies); | |
608 | drv->assoc_req_ies = NULL; | |
609 | os_free(drv->assoc_resp_ies); | |
610 | drv->assoc_resp_ies = NULL; | |
611 | wpa_supplicant_event(ctx, EVENT_DISASSOC, | |
612 | NULL); | |
613 | ||
614 | } else { | |
615 | wpa_driver_nl80211_event_assoc_ies(drv); | |
616 | wpa_supplicant_event(ctx, EVENT_ASSOC, NULL); | |
617 | } | |
618 | break; | |
619 | case IWEVMICHAELMICFAILURE: | |
620 | wpa_driver_nl80211_event_wireless_michaelmicfailure( | |
621 | ctx, custom, iwe->u.data.length); | |
622 | break; | |
623 | case IWEVCUSTOM: | |
624 | if (custom + iwe->u.data.length > end) | |
625 | return; | |
626 | buf = os_malloc(iwe->u.data.length + 1); | |
627 | if (buf == NULL) | |
628 | return; | |
629 | os_memcpy(buf, custom, iwe->u.data.length); | |
630 | buf[iwe->u.data.length] = '\0'; | |
631 | wpa_driver_nl80211_event_wireless_custom(ctx, buf); | |
632 | os_free(buf); | |
633 | break; | |
634 | case SIOCGIWSCAN: | |
635 | drv->scan_complete_events = 1; | |
636 | eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, | |
637 | drv, ctx); | |
638 | wpa_supplicant_event(ctx, EVENT_SCAN_RESULTS, NULL); | |
639 | break; | |
640 | case IWEVASSOCREQIE: | |
641 | wpa_driver_nl80211_event_wireless_assocreqie( | |
642 | drv, custom, iwe->u.data.length); | |
643 | break; | |
644 | case IWEVASSOCRESPIE: | |
645 | wpa_driver_nl80211_event_wireless_assocrespie( | |
646 | drv, custom, iwe->u.data.length); | |
647 | break; | |
648 | case IWEVPMKIDCAND: | |
649 | wpa_driver_nl80211_event_wireless_pmkidcand( | |
650 | drv, custom, iwe->u.data.length); | |
651 | break; | |
652 | } | |
653 | ||
654 | pos += iwe->len; | |
655 | } | |
656 | } | |
657 | ||
658 | ||
7524cfb1 JM |
659 | static void wpa_driver_nl80211_event_link(struct wpa_driver_nl80211_data *drv, |
660 | void *ctx, char *buf, size_t len, | |
661 | int del) | |
3f5285e8 JM |
662 | { |
663 | union wpa_event_data event; | |
664 | ||
665 | os_memset(&event, 0, sizeof(event)); | |
666 | if (len > sizeof(event.interface_status.ifname)) | |
667 | len = sizeof(event.interface_status.ifname) - 1; | |
668 | os_memcpy(event.interface_status.ifname, buf, len); | |
669 | event.interface_status.ievent = del ? EVENT_INTERFACE_REMOVED : | |
670 | EVENT_INTERFACE_ADDED; | |
671 | ||
672 | wpa_printf(MSG_DEBUG, "RTM_%sLINK, IFLA_IFNAME: Interface '%s' %s", | |
673 | del ? "DEL" : "NEW", | |
674 | event.interface_status.ifname, | |
675 | del ? "removed" : "added"); | |
676 | ||
7524cfb1 JM |
677 | if (os_strcmp(drv->ifname, event.interface_status.ifname) == 0) { |
678 | if (del) | |
679 | drv->if_removed = 1; | |
680 | else | |
681 | drv->if_removed = 0; | |
682 | } | |
683 | ||
3f5285e8 JM |
684 | wpa_supplicant_event(ctx, EVENT_INTERFACE_STATUS, &event); |
685 | } | |
686 | ||
687 | ||
7524cfb1 JM |
688 | static int wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data *drv, |
689 | struct nlmsghdr *h) | |
690 | { | |
691 | struct ifinfomsg *ifi; | |
692 | int attrlen, _nlmsg_len, rta_len; | |
693 | struct rtattr *attr; | |
694 | ||
695 | ifi = NLMSG_DATA(h); | |
696 | ||
697 | _nlmsg_len = NLMSG_ALIGN(sizeof(struct ifinfomsg)); | |
698 | ||
699 | attrlen = h->nlmsg_len - _nlmsg_len; | |
700 | if (attrlen < 0) | |
701 | return 0; | |
702 | ||
703 | attr = (struct rtattr *) (((char *) ifi) + _nlmsg_len); | |
704 | ||
705 | rta_len = RTA_ALIGN(sizeof(struct rtattr)); | |
706 | while (RTA_OK(attr, attrlen)) { | |
707 | if (attr->rta_type == IFLA_IFNAME) { | |
708 | if (os_strcmp(((char *) attr) + rta_len, drv->ifname) | |
709 | == 0) | |
710 | return 1; | |
711 | else | |
712 | break; | |
713 | } | |
714 | attr = RTA_NEXT(attr, attrlen); | |
715 | } | |
716 | ||
717 | return 0; | |
718 | } | |
719 | ||
720 | ||
721 | static int wpa_driver_nl80211_own_ifindex(struct wpa_driver_nl80211_data *drv, | |
722 | int ifindex, struct nlmsghdr *h) | |
723 | { | |
724 | if (drv->ifindex == ifindex) | |
725 | return 1; | |
726 | ||
727 | if (drv->if_removed && wpa_driver_nl80211_own_ifname(drv, h)) { | |
728 | drv->ifindex = if_nametoindex(drv->ifname); | |
729 | wpa_printf(MSG_DEBUG, "nl80211: Update ifindex for a removed " | |
730 | "interface"); | |
731 | wpa_driver_nl80211_finish_drv_init(drv); | |
732 | return 1; | |
733 | } | |
734 | ||
735 | return 0; | |
736 | } | |
737 | ||
738 | ||
3f5285e8 JM |
739 | static void wpa_driver_nl80211_event_rtm_newlink(struct wpa_driver_nl80211_data *drv, |
740 | void *ctx, struct nlmsghdr *h, | |
741 | size_t len) | |
742 | { | |
743 | struct ifinfomsg *ifi; | |
744 | int attrlen, _nlmsg_len, rta_len; | |
745 | struct rtattr * attr; | |
746 | ||
747 | if (len < sizeof(*ifi)) | |
748 | return; | |
749 | ||
750 | ifi = NLMSG_DATA(h); | |
751 | ||
7524cfb1 | 752 | if (!wpa_driver_nl80211_own_ifindex(drv, ifi->ifi_index, h)) { |
3f5285e8 JM |
753 | wpa_printf(MSG_DEBUG, "Ignore event for foreign ifindex %d", |
754 | ifi->ifi_index); | |
755 | return; | |
756 | } | |
757 | ||
758 | wpa_printf(MSG_DEBUG, "RTM_NEWLINK: operstate=%d ifi_flags=0x%x " | |
759 | "(%s%s%s%s)", | |
760 | drv->operstate, ifi->ifi_flags, | |
761 | (ifi->ifi_flags & IFF_UP) ? "[UP]" : "", | |
762 | (ifi->ifi_flags & IFF_RUNNING) ? "[RUNNING]" : "", | |
763 | (ifi->ifi_flags & IFF_LOWER_UP) ? "[LOWER_UP]" : "", | |
764 | (ifi->ifi_flags & IFF_DORMANT) ? "[DORMANT]" : ""); | |
765 | /* | |
766 | * Some drivers send the association event before the operup event--in | |
767 | * this case, lifting operstate in wpa_driver_nl80211_set_operstate() | |
768 | * fails. This will hit us when wpa_supplicant does not need to do | |
769 | * IEEE 802.1X authentication | |
770 | */ | |
771 | if (drv->operstate == 1 && | |
772 | (ifi->ifi_flags & (IFF_LOWER_UP | IFF_DORMANT)) == IFF_LOWER_UP && | |
773 | !(ifi->ifi_flags & IFF_RUNNING)) | |
774 | wpa_driver_nl80211_send_oper_ifla(drv, -1, IF_OPER_UP); | |
775 | ||
776 | _nlmsg_len = NLMSG_ALIGN(sizeof(struct ifinfomsg)); | |
777 | ||
778 | attrlen = h->nlmsg_len - _nlmsg_len; | |
779 | if (attrlen < 0) | |
780 | return; | |
781 | ||
782 | attr = (struct rtattr *) (((char *) ifi) + _nlmsg_len); | |
783 | ||
784 | rta_len = RTA_ALIGN(sizeof(struct rtattr)); | |
785 | while (RTA_OK(attr, attrlen)) { | |
786 | if (attr->rta_type == IFLA_WIRELESS) { | |
787 | wpa_driver_nl80211_event_wireless( | |
788 | drv, ctx, ((char *) attr) + rta_len, | |
789 | attr->rta_len - rta_len); | |
790 | } else if (attr->rta_type == IFLA_IFNAME) { | |
7524cfb1 JM |
791 | wpa_driver_nl80211_event_link( |
792 | drv, ctx, | |
793 | ((char *) attr) + rta_len, | |
794 | attr->rta_len - rta_len, 0); | |
3f5285e8 JM |
795 | } |
796 | attr = RTA_NEXT(attr, attrlen); | |
797 | } | |
798 | } | |
799 | ||
800 | ||
801 | static void wpa_driver_nl80211_event_rtm_dellink(struct wpa_driver_nl80211_data *drv, | |
802 | void *ctx, struct nlmsghdr *h, | |
803 | size_t len) | |
804 | { | |
805 | struct ifinfomsg *ifi; | |
806 | int attrlen, _nlmsg_len, rta_len; | |
807 | struct rtattr * attr; | |
808 | ||
809 | if (len < sizeof(*ifi)) | |
810 | return; | |
811 | ||
812 | ifi = NLMSG_DATA(h); | |
813 | ||
814 | _nlmsg_len = NLMSG_ALIGN(sizeof(struct ifinfomsg)); | |
815 | ||
816 | attrlen = h->nlmsg_len - _nlmsg_len; | |
817 | if (attrlen < 0) | |
818 | return; | |
819 | ||
820 | attr = (struct rtattr *) (((char *) ifi) + _nlmsg_len); | |
821 | ||
822 | rta_len = RTA_ALIGN(sizeof(struct rtattr)); | |
823 | while (RTA_OK(attr, attrlen)) { | |
824 | if (attr->rta_type == IFLA_IFNAME) { | |
7524cfb1 JM |
825 | wpa_driver_nl80211_event_link( |
826 | drv, ctx, | |
827 | ((char *) attr) + rta_len, | |
828 | attr->rta_len - rta_len, 1); | |
3f5285e8 JM |
829 | } |
830 | attr = RTA_NEXT(attr, attrlen); | |
831 | } | |
832 | } | |
833 | ||
834 | ||
835 | static void wpa_driver_nl80211_event_receive(int sock, void *eloop_ctx, | |
836 | void *sock_ctx) | |
837 | { | |
838 | char buf[8192]; | |
839 | int left; | |
840 | struct sockaddr_nl from; | |
841 | socklen_t fromlen; | |
842 | struct nlmsghdr *h; | |
843 | int max_events = 10; | |
844 | ||
845 | try_again: | |
846 | fromlen = sizeof(from); | |
847 | left = recvfrom(sock, buf, sizeof(buf), MSG_DONTWAIT, | |
848 | (struct sockaddr *) &from, &fromlen); | |
849 | if (left < 0) { | |
850 | if (errno != EINTR && errno != EAGAIN) | |
851 | perror("recvfrom(netlink)"); | |
852 | return; | |
853 | } | |
854 | ||
855 | h = (struct nlmsghdr *) buf; | |
856 | while (left >= (int) sizeof(*h)) { | |
857 | int len, plen; | |
858 | ||
859 | len = h->nlmsg_len; | |
860 | plen = len - sizeof(*h); | |
861 | if (len > left || plen < 0) { | |
862 | wpa_printf(MSG_DEBUG, "Malformed netlink message: " | |
863 | "len=%d left=%d plen=%d", | |
864 | len, left, plen); | |
865 | break; | |
866 | } | |
867 | ||
868 | switch (h->nlmsg_type) { | |
869 | case RTM_NEWLINK: | |
870 | wpa_driver_nl80211_event_rtm_newlink(eloop_ctx, sock_ctx, | |
871 | h, plen); | |
872 | break; | |
873 | case RTM_DELLINK: | |
874 | wpa_driver_nl80211_event_rtm_dellink(eloop_ctx, sock_ctx, | |
875 | h, plen); | |
876 | break; | |
877 | } | |
878 | ||
879 | len = NLMSG_ALIGN(len); | |
880 | left -= len; | |
881 | h = (struct nlmsghdr *) ((char *) h + len); | |
882 | } | |
883 | ||
884 | if (left > 0) { | |
885 | wpa_printf(MSG_DEBUG, "%d extra bytes in the end of netlink " | |
886 | "message", left); | |
887 | } | |
888 | ||
889 | if (--max_events > 0) { | |
890 | /* | |
891 | * Try to receive all events in one eloop call in order to | |
892 | * limit race condition on cases where AssocInfo event, Assoc | |
893 | * event, and EAPOL frames are received more or less at the | |
894 | * same time. We want to process the event messages first | |
895 | * before starting EAPOL processing. | |
896 | */ | |
897 | goto try_again; | |
898 | } | |
899 | } | |
900 | ||
901 | ||
902 | static int wpa_driver_nl80211_get_ifflags_ifname(struct wpa_driver_nl80211_data *drv, | |
903 | const char *ifname, int *flags) | |
904 | { | |
905 | struct ifreq ifr; | |
906 | ||
907 | os_memset(&ifr, 0, sizeof(ifr)); | |
908 | os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ); | |
909 | if (ioctl(drv->ioctl_sock, SIOCGIFFLAGS, (caddr_t) &ifr) < 0) { | |
910 | perror("ioctl[SIOCGIFFLAGS]"); | |
911 | return -1; | |
912 | } | |
913 | *flags = ifr.ifr_flags & 0xffff; | |
914 | return 0; | |
915 | } | |
916 | ||
917 | ||
918 | /** | |
919 | * wpa_driver_nl80211_get_ifflags - Get interface flags (SIOCGIFFLAGS) | |
920 | * @drv: driver_nl80211 private data | |
921 | * @flags: Pointer to returned flags value | |
922 | * Returns: 0 on success, -1 on failure | |
923 | */ | |
924 | static int wpa_driver_nl80211_get_ifflags(struct wpa_driver_nl80211_data *drv, | |
925 | int *flags) | |
926 | { | |
927 | return wpa_driver_nl80211_get_ifflags_ifname(drv, drv->ifname, flags); | |
928 | } | |
929 | ||
930 | ||
931 | static int wpa_driver_nl80211_set_ifflags_ifname( | |
932 | struct wpa_driver_nl80211_data *drv, | |
933 | const char *ifname, int flags) | |
934 | { | |
935 | struct ifreq ifr; | |
936 | ||
937 | os_memset(&ifr, 0, sizeof(ifr)); | |
938 | os_strlcpy(ifr.ifr_name, ifname, IFNAMSIZ); | |
939 | ifr.ifr_flags = flags & 0xffff; | |
940 | if (ioctl(drv->ioctl_sock, SIOCSIFFLAGS, (caddr_t) &ifr) < 0) { | |
941 | perror("SIOCSIFFLAGS"); | |
942 | return -1; | |
943 | } | |
944 | return 0; | |
945 | } | |
946 | ||
947 | ||
948 | /** | |
949 | * wpa_driver_nl80211_set_ifflags - Set interface flags (SIOCSIFFLAGS) | |
950 | * @drv: driver_nl80211 private data | |
951 | * @flags: New value for flags | |
952 | * Returns: 0 on success, -1 on failure | |
953 | */ | |
954 | static int wpa_driver_nl80211_set_ifflags(struct wpa_driver_nl80211_data *drv, | |
955 | int flags) | |
956 | { | |
957 | return wpa_driver_nl80211_set_ifflags_ifname(drv, drv->ifname, flags); | |
958 | } | |
959 | ||
960 | ||
1c873584 JM |
961 | #ifdef CONFIG_CLIENT_MLME |
962 | ||
963 | static int nl80211_set_vif(struct wpa_driver_nl80211_data *drv, | |
964 | int drop_unencrypted, int userspace_mlme) | |
965 | { | |
966 | #ifdef NL80211_CMD_SET_VIF | |
967 | struct nl_msg *msg; | |
968 | int ret = -1; | |
969 | ||
970 | msg = nlmsg_alloc(); | |
971 | if (!msg) | |
6241fcb1 | 972 | return -ENOMEM; |
1c873584 JM |
973 | |
974 | genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0, | |
975 | NL80211_CMD_SET_VIF, 0); | |
976 | ||
977 | if (drop_unencrypted >= 0) | |
978 | NLA_PUT_U8(msg, NL80211_ATTR_VIF_DROP_UNENCRYPTED, | |
979 | drop_unencrypted); | |
980 | if (userspace_mlme >= 0) | |
981 | NLA_PUT_U8(msg, NL80211_ATTR_VIF_USERSPACE_MLME, | |
982 | userspace_mlme); | |
983 | ||
984 | ret = 0; | |
985 | ||
986 | NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex); | |
987 | ||
6241fcb1 JM |
988 | ret = send_and_recv_msgs(drv, msg, NULL, NULL); |
989 | return ret; | |
1c873584 JM |
990 | |
991 | nla_put_failure: | |
6241fcb1 | 992 | return -ENOBUFS; |
1c873584 JM |
993 | #else /* NL80211_CMD_SET_VIF */ |
994 | return -1; | |
995 | #endif /* NL80211_CMD_SET_VIF */ | |
996 | } | |
997 | ||
998 | ||
999 | static int wpa_driver_nl80211_set_userspace_mlme( | |
1000 | struct wpa_driver_nl80211_data *drv, int enabled) | |
1001 | { | |
1002 | return nl80211_set_vif(drv, -1, enabled); | |
1003 | } | |
1004 | ||
1005 | ||
1006 | static void nl80211_remove_iface(struct wpa_driver_nl80211_data *drv, | |
1007 | int ifidx) | |
1008 | { | |
1009 | struct nl_msg *msg; | |
1010 | ||
1011 | msg = nlmsg_alloc(); | |
1012 | if (!msg) | |
1013 | goto nla_put_failure; | |
1014 | ||
1015 | genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, | |
1016 | 0, NL80211_CMD_DEL_INTERFACE, 0); | |
1017 | NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, ifidx); | |
6241fcb1 JM |
1018 | if (send_and_recv_msgs(drv, msg, NULL, NULL) == 0) |
1019 | return; | |
1020 | nla_put_failure: | |
1021 | wpa_printf(MSG_ERROR, "nl80211: Failed to remove interface."); | |
1c873584 JM |
1022 | } |
1023 | ||
1024 | ||
1025 | static int nl80211_create_iface(struct wpa_driver_nl80211_data *drv, | |
1026 | const char *ifname, enum nl80211_iftype iftype) | |
1027 | { | |
1028 | struct nl_msg *msg, *flags = NULL; | |
1029 | int ifidx, err; | |
6241fcb1 | 1030 | int ret = -ENOBUFS; |
1c873584 JM |
1031 | |
1032 | msg = nlmsg_alloc(); | |
1033 | if (!msg) | |
1034 | return -1; | |
1035 | ||
1036 | genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, | |
1037 | 0, NL80211_CMD_NEW_INTERFACE, 0); | |
1038 | NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, if_nametoindex(drv->ifname)); | |
1039 | NLA_PUT_STRING(msg, NL80211_ATTR_IFNAME, ifname); | |
1040 | NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, iftype); | |
1041 | ||
1042 | if (iftype == NL80211_IFTYPE_MONITOR) { | |
1043 | flags = nlmsg_alloc(); | |
1044 | if (!flags) | |
1045 | goto nla_put_failure; | |
1046 | ||
1047 | NLA_PUT_FLAG(flags, NL80211_MNTR_FLAG_COOK_FRAMES); | |
1048 | ||
1049 | err = nla_put_nested(msg, NL80211_ATTR_MNTR_FLAGS, flags); | |
1050 | ||
1051 | nlmsg_free(flags); | |
1052 | ||
1053 | if (err) | |
1054 | goto nla_put_failure; | |
1055 | } | |
1056 | ||
6241fcb1 JM |
1057 | ret = send_and_recv_msgs(drv, msg, NULL, NULL); |
1058 | if (ret) { | |
1059 | nla_put_failure: | |
1060 | wpa_printf(MSG_ERROR, "nl80211: Failed to create interface %d", | |
1061 | ret); | |
1062 | return ret; | |
1c873584 JM |
1063 | } |
1064 | ||
1c873584 JM |
1065 | ifidx = if_nametoindex(ifname); |
1066 | if (ifidx <= 0) | |
1067 | return -1; | |
1068 | ||
1069 | return ifidx; | |
1070 | } | |
1071 | ||
1072 | ||
1073 | static void handle_monitor_read(int sock, void *eloop_ctx, void *sock_ctx) | |
1074 | { | |
1075 | struct wpa_driver_nl80211_data *drv = eloop_ctx; | |
1076 | int len; | |
1077 | unsigned char buf[3000]; | |
1078 | struct ieee80211_radiotap_iterator iter; | |
1079 | int ret; | |
1080 | int injected = 0, failed = 0, rxflags = 0; | |
1081 | struct ieee80211_rx_status rx_status; | |
1082 | ||
1083 | len = recv(sock, buf, sizeof(buf), 0); | |
1084 | if (len < 0) { | |
1085 | perror("recv"); | |
1086 | return; | |
1087 | } | |
1088 | ||
1089 | if (ieee80211_radiotap_iterator_init(&iter, (void *) buf, len)) { | |
1090 | wpa_printf(MSG_DEBUG, "nl80211: received invalid radiotap " | |
1091 | "frame"); | |
1092 | return; | |
1093 | } | |
1094 | ||
1095 | os_memset(&rx_status, 0, sizeof(rx_status)); | |
1096 | ||
1097 | while (1) { | |
1098 | ret = ieee80211_radiotap_iterator_next(&iter); | |
1099 | if (ret == -ENOENT) | |
1100 | break; | |
1101 | if (ret) { | |
1102 | wpa_printf(MSG_DEBUG, "nl80211: received invalid " | |
1103 | "radiotap frame (%d)", ret); | |
1104 | return; | |
1105 | } | |
1106 | switch (iter.this_arg_index) { | |
1107 | case IEEE80211_RADIOTAP_FLAGS: | |
1108 | if (*iter.this_arg & IEEE80211_RADIOTAP_F_FCS) | |
1109 | len -= 4; | |
1110 | break; | |
1111 | case IEEE80211_RADIOTAP_RX_FLAGS: | |
1112 | rxflags = 1; | |
1113 | break; | |
1114 | case IEEE80211_RADIOTAP_TX_FLAGS: | |
1115 | injected = 1; | |
1116 | failed = le_to_host16((*(u16 *) iter.this_arg)) & | |
1117 | IEEE80211_RADIOTAP_F_TX_FAIL; | |
1118 | break; | |
1119 | case IEEE80211_RADIOTAP_DATA_RETRIES: | |
1120 | break; | |
1121 | case IEEE80211_RADIOTAP_CHANNEL: | |
1122 | /* TODO convert from freq/flags to channel number | |
1123 | * rx_status.channel = XXX; | |
1124 | */ | |
1125 | break; | |
1126 | case IEEE80211_RADIOTAP_RATE: | |
1127 | break; | |
1128 | case IEEE80211_RADIOTAP_DB_ANTSIGNAL: | |
1129 | rx_status.ssi = *iter.this_arg; | |
1130 | break; | |
1131 | } | |
1132 | } | |
1133 | ||
1134 | if (rxflags && injected) | |
1135 | return; | |
1136 | ||
1137 | if (!injected) { | |
1138 | wpa_supplicant_sta_rx(drv->ctx, buf + iter.max_length, | |
1139 | len - iter.max_length, &rx_status); | |
1140 | } else if (failed) { | |
1141 | /* TX failure callback */ | |
1142 | } else { | |
1143 | /* TX success (ACK) callback */ | |
1144 | } | |
1145 | } | |
1146 | ||
1147 | ||
1148 | static int wpa_driver_nl80211_create_monitor_interface( | |
1149 | struct wpa_driver_nl80211_data *drv) | |
1150 | { | |
1151 | char buf[IFNAMSIZ]; | |
1152 | struct sockaddr_ll ll; | |
1153 | int optval, flags; | |
1154 | socklen_t optlen; | |
1155 | ||
1156 | os_snprintf(buf, IFNAMSIZ, "mon.%s", drv->ifname); | |
1157 | buf[IFNAMSIZ - 1] = '\0'; | |
1158 | ||
1159 | drv->monitor_ifidx = | |
1160 | nl80211_create_iface(drv, buf, NL80211_IFTYPE_MONITOR); | |
1161 | ||
1162 | if (drv->monitor_ifidx < 0) | |
1163 | return -1; | |
1164 | ||
1165 | if (wpa_driver_nl80211_get_ifflags_ifname(drv, buf, &flags) != 0 || | |
1166 | wpa_driver_nl80211_set_ifflags_ifname(drv, buf, flags | IFF_UP) != | |
1167 | 0) { | |
1168 | wpa_printf(MSG_ERROR, "nl80211: Could not set interface '%s' " | |
1169 | "UP", buf); | |
1170 | goto error; | |
1171 | } | |
1172 | ||
1173 | os_memset(&ll, 0, sizeof(ll)); | |
1174 | ll.sll_family = AF_PACKET; | |
1175 | ll.sll_ifindex = drv->monitor_ifidx; | |
1176 | drv->monitor_sock = socket(PF_PACKET, SOCK_RAW, htons(ETH_P_ALL)); | |
1177 | if (drv->monitor_sock < 0) { | |
1178 | perror("socket[PF_PACKET,SOCK_RAW]"); | |
1179 | goto error; | |
1180 | } | |
1181 | ||
1182 | if (bind(drv->monitor_sock, (struct sockaddr *) &ll, | |
1183 | sizeof(ll)) < 0) { | |
1184 | perror("monitor socket bind"); | |
1185 | goto error; | |
1186 | } | |
1187 | ||
1188 | optlen = sizeof(optval); | |
1189 | optval = 20; | |
1190 | if (setsockopt | |
1191 | (drv->monitor_sock, SOL_SOCKET, SO_PRIORITY, &optval, optlen)) { | |
1192 | perror("Failed to set socket priority"); | |
1193 | goto error; | |
1194 | } | |
1195 | ||
1196 | if (eloop_register_read_sock(drv->monitor_sock, handle_monitor_read, | |
1197 | drv, NULL)) { | |
1198 | wpa_printf(MSG_ERROR, "nl80211: Could not register monitor " | |
1199 | "read socket"); | |
1200 | goto error; | |
1201 | } | |
1202 | ||
1203 | return 0; | |
1204 | ||
1205 | error: | |
1206 | nl80211_remove_iface(drv, drv->monitor_ifidx); | |
1207 | return -1; | |
1208 | } | |
1209 | ||
1210 | #endif /* CONFIG_CLIENT_MLME */ | |
1211 | ||
1212 | ||
3f5285e8 JM |
1213 | /** |
1214 | * wpa_driver_nl80211_init - Initialize WE driver interface | |
1215 | * @ctx: context to be used when calling wpa_supplicant functions, | |
1216 | * e.g., wpa_supplicant_event() | |
1217 | * @ifname: interface name, e.g., wlan0 | |
1218 | * Returns: Pointer to private data, %NULL on failure | |
1219 | */ | |
1220 | void * wpa_driver_nl80211_init(void *ctx, const char *ifname) | |
1221 | { | |
7524cfb1 | 1222 | int s; |
3f5285e8 JM |
1223 | struct sockaddr_nl local; |
1224 | struct wpa_driver_nl80211_data *drv; | |
1225 | ||
1226 | drv = os_zalloc(sizeof(*drv)); | |
1227 | if (drv == NULL) | |
1228 | return NULL; | |
1229 | drv->ctx = ctx; | |
1230 | os_strlcpy(drv->ifname, ifname, sizeof(drv->ifname)); | |
1231 | ||
1232 | drv->nl_cb = nl_cb_alloc(NL_CB_DEFAULT); | |
1233 | if (drv->nl_cb == NULL) { | |
1234 | wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink " | |
1235 | "callbacks"); | |
1236 | goto err1; | |
1237 | } | |
1238 | ||
1239 | drv->nl_handle = nl_handle_alloc_cb(drv->nl_cb); | |
1240 | if (drv->nl_handle == NULL) { | |
1241 | wpa_printf(MSG_ERROR, "nl80211: Failed to allocate netlink " | |
1242 | "callbacks"); | |
1243 | goto err2; | |
1244 | } | |
1245 | ||
1246 | if (genl_connect(drv->nl_handle)) { | |
1247 | wpa_printf(MSG_ERROR, "nl80211: Failed to connect to generic " | |
1248 | "netlink"); | |
1249 | goto err3; | |
1250 | } | |
1251 | ||
1252 | drv->nl_cache = genl_ctrl_alloc_cache(drv->nl_handle); | |
1253 | if (drv->nl_cache == NULL) { | |
1254 | wpa_printf(MSG_ERROR, "nl80211: Failed to allocate generic " | |
1255 | "netlink cache"); | |
1256 | goto err3; | |
1257 | } | |
1258 | ||
1259 | drv->nl80211 = genl_ctrl_search_by_name(drv->nl_cache, "nl80211"); | |
1260 | if (drv->nl80211 == NULL) { | |
1261 | wpa_printf(MSG_ERROR, "nl80211: 'nl80211' generic netlink not " | |
1262 | "found"); | |
1263 | goto err4; | |
1264 | } | |
1265 | ||
1266 | drv->ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0); | |
1267 | if (drv->ioctl_sock < 0) { | |
1268 | perror("socket(PF_INET,SOCK_DGRAM)"); | |
1269 | goto err5; | |
1270 | } | |
1271 | ||
1272 | s = socket(PF_NETLINK, SOCK_RAW, NETLINK_ROUTE); | |
1273 | if (s < 0) { | |
1274 | perror("socket(PF_NETLINK,SOCK_RAW,NETLINK_ROUTE)"); | |
1275 | goto err6; | |
1276 | } | |
1277 | ||
1278 | os_memset(&local, 0, sizeof(local)); | |
1279 | local.nl_family = AF_NETLINK; | |
1280 | local.nl_groups = RTMGRP_LINK; | |
1281 | if (bind(s, (struct sockaddr *) &local, sizeof(local)) < 0) { | |
1282 | perror("bind(netlink)"); | |
1283 | close(s); | |
1284 | goto err6; | |
1285 | } | |
1286 | ||
1287 | eloop_register_read_sock(s, wpa_driver_nl80211_event_receive, drv, | |
1288 | ctx); | |
1289 | drv->event_sock = s; | |
1290 | ||
7524cfb1 JM |
1291 | wpa_driver_nl80211_finish_drv_init(drv); |
1292 | ||
1293 | return drv; | |
1294 | ||
1295 | err6: | |
1296 | close(drv->ioctl_sock); | |
1297 | err5: | |
1298 | genl_family_put(drv->nl80211); | |
1299 | err4: | |
1300 | nl_cache_free(drv->nl_cache); | |
1301 | err3: | |
1302 | nl_handle_destroy(drv->nl_handle); | |
1303 | err2: | |
1304 | nl_cb_put(drv->nl_cb); | |
1305 | err1: | |
1306 | os_free(drv); | |
1307 | return NULL; | |
1308 | } | |
1309 | ||
1310 | ||
1311 | static void | |
1312 | wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data *drv) | |
1313 | { | |
1314 | int flags; | |
1315 | ||
3f5285e8 JM |
1316 | if (wpa_driver_nl80211_get_ifflags(drv, &flags) != 0) |
1317 | printf("Could not get interface '%s' flags\n", drv->ifname); | |
1318 | else if (!(flags & IFF_UP)) { | |
1319 | if (wpa_driver_nl80211_set_ifflags(drv, flags | IFF_UP) != 0) { | |
1320 | printf("Could not set interface '%s' UP\n", | |
1321 | drv->ifname); | |
1322 | } else { | |
1323 | /* | |
1324 | * Wait some time to allow driver to initialize before | |
1325 | * starting configuring the driver. This seems to be | |
1326 | * needed at least some drivers that load firmware etc. | |
1327 | * when the interface is set up. | |
1328 | */ | |
1329 | wpa_printf(MSG_DEBUG, "Interface %s set UP - waiting " | |
1330 | "a second for the driver to complete " | |
1331 | "initialization", drv->ifname); | |
1332 | sleep(1); | |
1333 | } | |
1334 | } | |
1335 | ||
1336 | /* | |
1337 | * Make sure that the driver does not have any obsolete PMKID entries. | |
1338 | */ | |
1339 | wpa_driver_nl80211_flush_pmkid(drv); | |
1340 | ||
1341 | if (wpa_driver_nl80211_set_mode(drv, 0) < 0) { | |
1342 | printf("Could not configure driver to use managed mode\n"); | |
1343 | } | |
1344 | ||
1345 | wpa_driver_nl80211_get_range(drv); | |
1346 | ||
1347 | drv->ifindex = if_nametoindex(drv->ifname); | |
1348 | ||
1349 | wpa_driver_nl80211_send_oper_ifla(drv, 1, IF_OPER_DORMANT); | |
3f5285e8 JM |
1350 | } |
1351 | ||
1352 | ||
1353 | /** | |
1354 | * wpa_driver_nl80211_deinit - Deinitialize WE driver interface | |
1355 | * @priv: Pointer to private wext data from wpa_driver_nl80211_init() | |
1356 | * | |
1357 | * Shut down driver interface and processing of driver events. Free | |
1358 | * private data buffer if one was allocated in wpa_driver_nl80211_init(). | |
1359 | */ | |
1360 | void wpa_driver_nl80211_deinit(void *priv) | |
1361 | { | |
1362 | struct wpa_driver_nl80211_data *drv = priv; | |
1363 | int flags; | |
1364 | ||
1c873584 JM |
1365 | #ifdef CONFIG_CLIENT_MLME |
1366 | if (drv->monitor_sock >= 0) { | |
1367 | eloop_unregister_read_sock(drv->monitor_sock); | |
1368 | close(drv->monitor_sock); | |
1369 | } | |
1370 | if (drv->monitor_ifidx > 0) | |
1371 | nl80211_remove_iface(drv, drv->monitor_ifidx); | |
1372 | if (drv->capa.flags & WPA_DRIVER_FLAGS_USER_SPACE_MLME) | |
1373 | wpa_driver_nl80211_set_userspace_mlme(drv, 0); | |
1374 | #endif /* CONFIG_CLIENT_MLME */ | |
1375 | ||
3f5285e8 JM |
1376 | eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx); |
1377 | ||
1378 | /* | |
1379 | * Clear possibly configured driver parameters in order to make it | |
1380 | * easier to use the driver after wpa_supplicant has been terminated. | |
1381 | */ | |
1382 | (void) wpa_driver_nl80211_set_bssid(drv, | |
1383 | (u8 *) "\x00\x00\x00\x00\x00\x00"); | |
1384 | ||
1385 | wpa_driver_nl80211_send_oper_ifla(priv, 0, IF_OPER_UP); | |
1386 | ||
1387 | eloop_unregister_read_sock(drv->event_sock); | |
1388 | ||
1389 | if (wpa_driver_nl80211_get_ifflags(drv, &flags) == 0) | |
1390 | (void) wpa_driver_nl80211_set_ifflags(drv, flags & ~IFF_UP); | |
1391 | ||
1392 | close(drv->event_sock); | |
1393 | close(drv->ioctl_sock); | |
1394 | os_free(drv->assoc_req_ies); | |
1395 | os_free(drv->assoc_resp_ies); | |
1396 | ||
1397 | genl_family_put(drv->nl80211); | |
1398 | nl_cache_free(drv->nl_cache); | |
1399 | nl_handle_destroy(drv->nl_handle); | |
1400 | nl_cb_put(drv->nl_cb); | |
1401 | ||
1402 | os_free(drv); | |
1403 | } | |
1404 | ||
1405 | ||
1406 | /** | |
1407 | * wpa_driver_nl80211_scan_timeout - Scan timeout to report scan completion | |
1408 | * @eloop_ctx: Unused | |
1409 | * @timeout_ctx: ctx argument given to wpa_driver_nl80211_init() | |
1410 | * | |
1411 | * This function can be used as registered timeout when starting a scan to | |
1412 | * generate a scan completed event if the driver does not report this. | |
1413 | */ | |
1414 | static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx, void *timeout_ctx) | |
1415 | { | |
1416 | wpa_printf(MSG_DEBUG, "Scan timeout - try to get results"); | |
1417 | wpa_supplicant_event(timeout_ctx, EVENT_SCAN_RESULTS, NULL); | |
1418 | } | |
1419 | ||
1420 | ||
1421 | /** | |
1422 | * wpa_driver_nl80211_scan - Request the driver to initiate scan | |
1423 | * @priv: Pointer to private wext data from wpa_driver_nl80211_init() | |
1424 | * @ssid: Specific SSID to scan for (ProbeReq) or %NULL to scan for | |
1425 | * all SSIDs (either active scan with broadcast SSID or passive | |
1426 | * scan | |
1427 | * @ssid_len: Length of the SSID | |
1428 | * Returns: 0 on success, -1 on failure | |
1429 | */ | |
1430 | static int wpa_driver_nl80211_scan(void *priv, const u8 *ssid, size_t ssid_len) | |
1431 | { | |
1432 | struct wpa_driver_nl80211_data *drv = priv; | |
1433 | struct iwreq iwr; | |
1434 | int ret = 0, timeout; | |
1435 | struct iw_scan_req req; | |
1436 | ||
1437 | if (ssid_len > IW_ESSID_MAX_SIZE) { | |
1438 | wpa_printf(MSG_DEBUG, "%s: too long SSID (%lu)", | |
1439 | __FUNCTION__, (unsigned long) ssid_len); | |
1440 | return -1; | |
1441 | } | |
1442 | ||
1443 | os_memset(&iwr, 0, sizeof(iwr)); | |
1444 | os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ); | |
1445 | ||
1446 | if (ssid && ssid_len) { | |
1447 | os_memset(&req, 0, sizeof(req)); | |
1448 | req.essid_len = ssid_len; | |
1449 | req.bssid.sa_family = ARPHRD_ETHER; | |
1450 | os_memset(req.bssid.sa_data, 0xff, ETH_ALEN); | |
1451 | os_memcpy(req.essid, ssid, ssid_len); | |
1452 | iwr.u.data.pointer = (caddr_t) &req; | |
1453 | iwr.u.data.length = sizeof(req); | |
1454 | iwr.u.data.flags = IW_SCAN_THIS_ESSID; | |
1455 | } | |
1456 | ||
1457 | if (ioctl(drv->ioctl_sock, SIOCSIWSCAN, &iwr) < 0) { | |
1458 | perror("ioctl[SIOCSIWSCAN]"); | |
1459 | ret = -1; | |
1460 | } | |
1461 | ||
1462 | /* Not all drivers generate "scan completed" wireless event, so try to | |
1463 | * read results after a timeout. */ | |
1464 | timeout = 5; | |
1465 | if (drv->scan_complete_events) { | |
1466 | /* | |
1467 | * The driver seems to deliver SIOCGIWSCAN events to notify | |
1468 | * when scan is complete, so use longer timeout to avoid race | |
1469 | * conditions with scanning and following association request. | |
1470 | */ | |
1471 | timeout = 30; | |
1472 | } | |
1473 | wpa_printf(MSG_DEBUG, "Scan requested (ret=%d) - scan timeout %d " | |
1474 | "seconds", ret, timeout); | |
1475 | eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout, drv, drv->ctx); | |
1476 | eloop_register_timeout(timeout, 0, wpa_driver_nl80211_scan_timeout, drv, | |
1477 | drv->ctx); | |
1478 | ||
1479 | return ret; | |
1480 | } | |
1481 | ||
1482 | ||
1483 | static u8 * wpa_driver_nl80211_giwscan(struct wpa_driver_nl80211_data *drv, | |
1484 | size_t *len) | |
1485 | { | |
1486 | struct iwreq iwr; | |
1487 | u8 *res_buf; | |
1488 | size_t res_buf_len; | |
1489 | ||
1490 | res_buf_len = IW_SCAN_MAX_DATA; | |
1491 | for (;;) { | |
1492 | res_buf = os_malloc(res_buf_len); | |
1493 | if (res_buf == NULL) | |
1494 | return NULL; | |
1495 | os_memset(&iwr, 0, sizeof(iwr)); | |
1496 | os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ); | |
1497 | iwr.u.data.pointer = res_buf; | |
1498 | iwr.u.data.length = res_buf_len; | |
1499 | ||
1500 | if (ioctl(drv->ioctl_sock, SIOCGIWSCAN, &iwr) == 0) | |
1501 | break; | |
1502 | ||
1503 | if (errno == E2BIG && res_buf_len < 100000) { | |
1504 | os_free(res_buf); | |
1505 | res_buf = NULL; | |
1506 | res_buf_len *= 2; | |
1507 | wpa_printf(MSG_DEBUG, "Scan results did not fit - " | |
1508 | "trying larger buffer (%lu bytes)", | |
1509 | (unsigned long) res_buf_len); | |
1510 | } else { | |
1511 | perror("ioctl[SIOCGIWSCAN]"); | |
1512 | os_free(res_buf); | |
1513 | return NULL; | |
1514 | } | |
1515 | } | |
1516 | ||
1517 | if (iwr.u.data.length > res_buf_len) { | |
1518 | os_free(res_buf); | |
1519 | return NULL; | |
1520 | } | |
1521 | *len = iwr.u.data.length; | |
1522 | ||
1523 | return res_buf; | |
1524 | } | |
1525 | ||
1526 | ||
1527 | /* | |
1528 | * Data structure for collecting WEXT scan results. This is needed to allow | |
1529 | * the various methods of reporting IEs to be combined into a single IE buffer. | |
1530 | */ | |
1531 | struct wext_scan_data { | |
1532 | struct wpa_scan_res res; | |
1533 | u8 *ie; | |
1534 | size_t ie_len; | |
1535 | u8 ssid[32]; | |
1536 | size_t ssid_len; | |
1537 | int maxrate; | |
1538 | }; | |
1539 | ||
1540 | ||
1541 | static void wext_get_scan_mode(struct iw_event *iwe, | |
1542 | struct wext_scan_data *res) | |
1543 | { | |
1544 | if (iwe->u.mode == IW_MODE_ADHOC) | |
1545 | res->res.caps |= IEEE80211_CAP_IBSS; | |
1546 | else if (iwe->u.mode == IW_MODE_MASTER || iwe->u.mode == IW_MODE_INFRA) | |
1547 | res->res.caps |= IEEE80211_CAP_ESS; | |
1548 | } | |
1549 | ||
1550 | ||
1551 | static void wext_get_scan_ssid(struct iw_event *iwe, | |
1552 | struct wext_scan_data *res, char *custom, | |
1553 | char *end) | |
1554 | { | |
1555 | int ssid_len = iwe->u.essid.length; | |
1556 | if (custom + ssid_len > end) | |
1557 | return; | |
1558 | if (iwe->u.essid.flags && | |
1559 | ssid_len > 0 && | |
1560 | ssid_len <= IW_ESSID_MAX_SIZE) { | |
1561 | os_memcpy(res->ssid, custom, ssid_len); | |
1562 | res->ssid_len = ssid_len; | |
1563 | } | |
1564 | } | |
1565 | ||
1566 | ||
1567 | static void wext_get_scan_freq(struct iw_event *iwe, | |
1568 | struct wext_scan_data *res) | |
1569 | { | |
1570 | int divi = 1000000, i; | |
1571 | ||
1572 | if (iwe->u.freq.e == 0) { | |
1573 | /* | |
1574 | * Some drivers do not report frequency, but a channel. | |
1575 | * Try to map this to frequency by assuming they are using | |
1576 | * IEEE 802.11b/g. But don't overwrite a previously parsed | |
1577 | * frequency if the driver sends both frequency and channel, | |
1578 | * since the driver may be sending an A-band channel that we | |
1579 | * don't handle here. | |
1580 | */ | |
1581 | ||
1582 | if (res->res.freq) | |
1583 | return; | |
1584 | ||
1585 | if (iwe->u.freq.m >= 1 && iwe->u.freq.m <= 13) { | |
1586 | res->res.freq = 2407 + 5 * iwe->u.freq.m; | |
1587 | return; | |
1588 | } else if (iwe->u.freq.m == 14) { | |
1589 | res->res.freq = 2484; | |
1590 | return; | |
1591 | } | |
1592 | } | |
1593 | ||
1594 | if (iwe->u.freq.e > 6) { | |
1595 | wpa_printf(MSG_DEBUG, "Invalid freq in scan results (BSSID=" | |
1596 | MACSTR " m=%d e=%d)", | |
1597 | MAC2STR(res->res.bssid), iwe->u.freq.m, | |
1598 | iwe->u.freq.e); | |
1599 | return; | |
1600 | } | |
1601 | ||
1602 | for (i = 0; i < iwe->u.freq.e; i++) | |
1603 | divi /= 10; | |
1604 | res->res.freq = iwe->u.freq.m / divi; | |
1605 | } | |
1606 | ||
1607 | ||
1608 | static void wext_get_scan_qual(struct iw_event *iwe, | |
1609 | struct wext_scan_data *res) | |
1610 | { | |
1611 | res->res.qual = iwe->u.qual.qual; | |
1612 | res->res.noise = iwe->u.qual.noise; | |
1613 | res->res.level = iwe->u.qual.level; | |
1614 | } | |
1615 | ||
1616 | ||
1617 | static void wext_get_scan_encode(struct iw_event *iwe, | |
1618 | struct wext_scan_data *res) | |
1619 | { | |
1620 | if (!(iwe->u.data.flags & IW_ENCODE_DISABLED)) | |
1621 | res->res.caps |= IEEE80211_CAP_PRIVACY; | |
1622 | } | |
1623 | ||
1624 | ||
1625 | static void wext_get_scan_rate(struct iw_event *iwe, | |
1626 | struct wext_scan_data *res, char *pos, | |
1627 | char *end) | |
1628 | { | |
1629 | int maxrate; | |
1630 | char *custom = pos + IW_EV_LCP_LEN; | |
1631 | struct iw_param p; | |
1632 | size_t clen; | |
1633 | ||
1634 | clen = iwe->len; | |
1635 | if (custom + clen > end) | |
1636 | return; | |
1637 | maxrate = 0; | |
1638 | while (((ssize_t) clen) >= (ssize_t) sizeof(struct iw_param)) { | |
1639 | /* Note: may be misaligned, make a local, aligned copy */ | |
1640 | os_memcpy(&p, custom, sizeof(struct iw_param)); | |
1641 | if (p.value > maxrate) | |
1642 | maxrate = p.value; | |
1643 | clen -= sizeof(struct iw_param); | |
1644 | custom += sizeof(struct iw_param); | |
1645 | } | |
93ef879f DW |
1646 | |
1647 | /* Convert the maxrate from WE-style (b/s units) to | |
1648 | * 802.11 rates (500000 b/s units). | |
1649 | */ | |
1650 | res->maxrate = maxrate / 500000; | |
3f5285e8 JM |
1651 | } |
1652 | ||
1653 | ||
1654 | static void wext_get_scan_iwevgenie(struct iw_event *iwe, | |
1655 | struct wext_scan_data *res, char *custom, | |
1656 | char *end) | |
1657 | { | |
1658 | char *genie, *gpos, *gend; | |
1659 | u8 *tmp; | |
1660 | ||
fd630bc1 JM |
1661 | if (iwe->u.data.length == 0) |
1662 | return; | |
1663 | ||
3f5285e8 JM |
1664 | gpos = genie = custom; |
1665 | gend = genie + iwe->u.data.length; | |
1666 | if (gend > end) { | |
1667 | wpa_printf(MSG_INFO, "IWEVGENIE overflow"); | |
1668 | return; | |
1669 | } | |
1670 | ||
1671 | tmp = os_realloc(res->ie, res->ie_len + gend - gpos); | |
1672 | if (tmp == NULL) | |
1673 | return; | |
1674 | os_memcpy(tmp + res->ie_len, gpos, gend - gpos); | |
1675 | res->ie = tmp; | |
1676 | res->ie_len += gend - gpos; | |
1677 | } | |
1678 | ||
1679 | ||
1680 | static void wext_get_scan_custom(struct iw_event *iwe, | |
1681 | struct wext_scan_data *res, char *custom, | |
1682 | char *end) | |
1683 | { | |
1684 | size_t clen; | |
1685 | u8 *tmp; | |
1686 | ||
1687 | clen = iwe->u.data.length; | |
1688 | if (custom + clen > end) | |
1689 | return; | |
1690 | ||
1691 | if (clen > 7 && os_strncmp(custom, "wpa_ie=", 7) == 0) { | |
1692 | char *spos; | |
1693 | int bytes; | |
1694 | spos = custom + 7; | |
1695 | bytes = custom + clen - spos; | |
fd630bc1 | 1696 | if (bytes & 1 || bytes == 0) |
3f5285e8 JM |
1697 | return; |
1698 | bytes /= 2; | |
1699 | tmp = os_realloc(res->ie, res->ie_len + bytes); | |
1700 | if (tmp == NULL) | |
1701 | return; | |
1702 | hexstr2bin(spos, tmp + res->ie_len, bytes); | |
1703 | res->ie = tmp; | |
1704 | res->ie_len += bytes; | |
1705 | } else if (clen > 7 && os_strncmp(custom, "rsn_ie=", 7) == 0) { | |
1706 | char *spos; | |
1707 | int bytes; | |
1708 | spos = custom + 7; | |
1709 | bytes = custom + clen - spos; | |
fd630bc1 | 1710 | if (bytes & 1 || bytes == 0) |
3f5285e8 JM |
1711 | return; |
1712 | bytes /= 2; | |
1713 | tmp = os_realloc(res->ie, res->ie_len + bytes); | |
1714 | if (tmp == NULL) | |
1715 | return; | |
1716 | hexstr2bin(spos, tmp + res->ie_len, bytes); | |
1717 | res->ie = tmp; | |
1718 | res->ie_len += bytes; | |
1719 | } else if (clen > 4 && os_strncmp(custom, "tsf=", 4) == 0) { | |
1720 | char *spos; | |
1721 | int bytes; | |
1722 | u8 bin[8]; | |
1723 | spos = custom + 4; | |
1724 | bytes = custom + clen - spos; | |
1725 | if (bytes != 16) { | |
1726 | wpa_printf(MSG_INFO, "Invalid TSF length (%d)", bytes); | |
1727 | return; | |
1728 | } | |
1729 | bytes /= 2; | |
1730 | hexstr2bin(spos, bin, bytes); | |
1731 | res->res.tsf += WPA_GET_BE64(bin); | |
1732 | } | |
1733 | } | |
1734 | ||
1735 | ||
1736 | static int wext_19_iw_point(struct wpa_driver_nl80211_data *drv, u16 cmd) | |
1737 | { | |
1738 | return drv->we_version_compiled > 18 && | |
1739 | (cmd == SIOCGIWESSID || cmd == SIOCGIWENCODE || | |
1740 | cmd == IWEVGENIE || cmd == IWEVCUSTOM); | |
1741 | } | |
1742 | ||
1743 | ||
1744 | static void wpa_driver_nl80211_add_scan_entry(struct wpa_scan_results *res, | |
1745 | struct wext_scan_data *data) | |
1746 | { | |
1747 | struct wpa_scan_res **tmp; | |
1748 | struct wpa_scan_res *r; | |
1749 | size_t extra_len; | |
1750 | u8 *pos, *end, *ssid_ie = NULL, *rate_ie = NULL; | |
1751 | ||
1752 | /* Figure out whether we need to fake any IEs */ | |
1753 | pos = data->ie; | |
1754 | end = pos + data->ie_len; | |
1755 | while (pos && pos + 1 < end) { | |
1756 | if (pos + 2 + pos[1] > end) | |
1757 | break; | |
1758 | if (pos[0] == WLAN_EID_SSID) | |
1759 | ssid_ie = pos; | |
1760 | else if (pos[0] == WLAN_EID_SUPP_RATES) | |
1761 | rate_ie = pos; | |
1762 | else if (pos[0] == WLAN_EID_EXT_SUPP_RATES) | |
1763 | rate_ie = pos; | |
1764 | pos += 2 + pos[1]; | |
1765 | } | |
1766 | ||
1767 | extra_len = 0; | |
1768 | if (ssid_ie == NULL) | |
1769 | extra_len += 2 + data->ssid_len; | |
1770 | if (rate_ie == NULL && data->maxrate) | |
1771 | extra_len += 3; | |
1772 | ||
1773 | r = os_zalloc(sizeof(*r) + extra_len + data->ie_len); | |
1774 | if (r == NULL) | |
1775 | return; | |
1776 | os_memcpy(r, &data->res, sizeof(*r)); | |
1777 | r->ie_len = extra_len + data->ie_len; | |
1778 | pos = (u8 *) (r + 1); | |
1779 | if (ssid_ie == NULL) { | |
1780 | /* | |
1781 | * Generate a fake SSID IE since the driver did not report | |
1782 | * a full IE list. | |
1783 | */ | |
1784 | *pos++ = WLAN_EID_SSID; | |
1785 | *pos++ = data->ssid_len; | |
1786 | os_memcpy(pos, data->ssid, data->ssid_len); | |
1787 | pos += data->ssid_len; | |
1788 | } | |
1789 | if (rate_ie == NULL && data->maxrate) { | |
1790 | /* | |
1791 | * Generate a fake Supported Rates IE since the driver did not | |
1792 | * report a full IE list. | |
1793 | */ | |
1794 | *pos++ = WLAN_EID_SUPP_RATES; | |
1795 | *pos++ = 1; | |
1796 | *pos++ = data->maxrate; | |
1797 | } | |
1798 | if (data->ie) | |
1799 | os_memcpy(pos, data->ie, data->ie_len); | |
1800 | ||
1801 | tmp = os_realloc(res->res, | |
1802 | (res->num + 1) * sizeof(struct wpa_scan_res *)); | |
1803 | if (tmp == NULL) { | |
1804 | os_free(r); | |
1805 | return; | |
1806 | } | |
1807 | tmp[res->num++] = r; | |
1808 | res->res = tmp; | |
1809 | } | |
1810 | ||
1811 | ||
1812 | /** | |
1813 | * wpa_driver_nl80211_get_scan_results - Fetch the latest scan results | |
1814 | * @priv: Pointer to private wext data from wpa_driver_nl80211_init() | |
1815 | * Returns: Scan results on success, -1 on failure | |
1816 | */ | |
1817 | struct wpa_scan_results * wpa_driver_nl80211_get_scan_results(void *priv) | |
1818 | { | |
1819 | struct wpa_driver_nl80211_data *drv = priv; | |
1820 | size_t ap_num = 0, len; | |
1821 | int first; | |
1822 | u8 *res_buf; | |
1823 | struct iw_event iwe_buf, *iwe = &iwe_buf; | |
1824 | char *pos, *end, *custom; | |
1825 | struct wpa_scan_results *res; | |
1826 | struct wext_scan_data data; | |
1827 | ||
1828 | res_buf = wpa_driver_nl80211_giwscan(drv, &len); | |
1829 | if (res_buf == NULL) | |
1830 | return NULL; | |
1831 | ||
1832 | ap_num = 0; | |
1833 | first = 1; | |
1834 | ||
1835 | res = os_zalloc(sizeof(*res)); | |
1836 | if (res == NULL) { | |
1837 | os_free(res_buf); | |
1838 | return NULL; | |
1839 | } | |
1840 | ||
1841 | pos = (char *) res_buf; | |
1842 | end = (char *) res_buf + len; | |
1843 | os_memset(&data, 0, sizeof(data)); | |
1844 | ||
1845 | while (pos + IW_EV_LCP_LEN <= end) { | |
1846 | /* Event data may be unaligned, so make a local, aligned copy | |
1847 | * before processing. */ | |
1848 | os_memcpy(&iwe_buf, pos, IW_EV_LCP_LEN); | |
1849 | if (iwe->len <= IW_EV_LCP_LEN) | |
1850 | break; | |
1851 | ||
1852 | custom = pos + IW_EV_POINT_LEN; | |
1853 | if (wext_19_iw_point(drv, iwe->cmd)) { | |
1854 | /* WE-19 removed the pointer from struct iw_point */ | |
1855 | char *dpos = (char *) &iwe_buf.u.data.length; | |
1856 | int dlen = dpos - (char *) &iwe_buf; | |
1857 | os_memcpy(dpos, pos + IW_EV_LCP_LEN, | |
1858 | sizeof(struct iw_event) - dlen); | |
1859 | } else { | |
1860 | os_memcpy(&iwe_buf, pos, sizeof(struct iw_event)); | |
1861 | custom += IW_EV_POINT_OFF; | |
1862 | } | |
1863 | ||
1864 | switch (iwe->cmd) { | |
1865 | case SIOCGIWAP: | |
1866 | if (!first) | |
1867 | wpa_driver_nl80211_add_scan_entry(res, &data); | |
1868 | first = 0; | |
1869 | os_free(data.ie); | |
1870 | os_memset(&data, 0, sizeof(data)); | |
1871 | os_memcpy(data.res.bssid, | |
1872 | iwe->u.ap_addr.sa_data, ETH_ALEN); | |
1873 | break; | |
1874 | case SIOCGIWMODE: | |
1875 | wext_get_scan_mode(iwe, &data); | |
1876 | break; | |
1877 | case SIOCGIWESSID: | |
1878 | wext_get_scan_ssid(iwe, &data, custom, end); | |
1879 | break; | |
1880 | case SIOCGIWFREQ: | |
1881 | wext_get_scan_freq(iwe, &data); | |
1882 | break; | |
1883 | case IWEVQUAL: | |
1884 | wext_get_scan_qual(iwe, &data); | |
1885 | break; | |
1886 | case SIOCGIWENCODE: | |
1887 | wext_get_scan_encode(iwe, &data); | |
1888 | break; | |
1889 | case SIOCGIWRATE: | |
1890 | wext_get_scan_rate(iwe, &data, pos, end); | |
1891 | break; | |
1892 | case IWEVGENIE: | |
1893 | wext_get_scan_iwevgenie(iwe, &data, custom, end); | |
1894 | break; | |
1895 | case IWEVCUSTOM: | |
1896 | wext_get_scan_custom(iwe, &data, custom, end); | |
1897 | break; | |
1898 | } | |
1899 | ||
1900 | pos += iwe->len; | |
1901 | } | |
1902 | os_free(res_buf); | |
1903 | res_buf = NULL; | |
1904 | if (!first) | |
1905 | wpa_driver_nl80211_add_scan_entry(res, &data); | |
1906 | os_free(data.ie); | |
1907 | ||
1908 | wpa_printf(MSG_DEBUG, "Received %lu bytes of scan results (%lu BSSes)", | |
1909 | (unsigned long) len, (unsigned long) res->num); | |
1910 | ||
1911 | return res; | |
1912 | } | |
1913 | ||
1914 | ||
1915 | static int wpa_driver_nl80211_get_range(void *priv) | |
1916 | { | |
1917 | struct wpa_driver_nl80211_data *drv = priv; | |
1918 | struct iw_range *range; | |
1919 | struct iwreq iwr; | |
1920 | int minlen; | |
1921 | size_t buflen; | |
1922 | ||
1923 | /* | |
1924 | * Use larger buffer than struct iw_range in order to allow the | |
1925 | * structure to grow in the future. | |
1926 | */ | |
1927 | buflen = sizeof(struct iw_range) + 500; | |
1928 | range = os_zalloc(buflen); | |
1929 | if (range == NULL) | |
1930 | return -1; | |
1931 | ||
1932 | os_memset(&iwr, 0, sizeof(iwr)); | |
1933 | os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ); | |
1934 | iwr.u.data.pointer = (caddr_t) range; | |
1935 | iwr.u.data.length = buflen; | |
1936 | ||
1937 | minlen = ((char *) &range->enc_capa) - (char *) range + | |
1938 | sizeof(range->enc_capa); | |
1939 | ||
1940 | if (ioctl(drv->ioctl_sock, SIOCGIWRANGE, &iwr) < 0) { | |
1941 | perror("ioctl[SIOCGIWRANGE]"); | |
1942 | os_free(range); | |
1943 | return -1; | |
1944 | } else if (iwr.u.data.length >= minlen && | |
1945 | range->we_version_compiled >= 18) { | |
1946 | wpa_printf(MSG_DEBUG, "SIOCGIWRANGE: WE(compiled)=%d " | |
1947 | "WE(source)=%d enc_capa=0x%x", | |
1948 | range->we_version_compiled, | |
1949 | range->we_version_source, | |
1950 | range->enc_capa); | |
1951 | drv->has_capability = 1; | |
1952 | drv->we_version_compiled = range->we_version_compiled; | |
1953 | if (range->enc_capa & IW_ENC_CAPA_WPA) { | |
1954 | drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_WPA | | |
1955 | WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK; | |
1956 | } | |
1957 | if (range->enc_capa & IW_ENC_CAPA_WPA2) { | |
1958 | drv->capa.key_mgmt |= WPA_DRIVER_CAPA_KEY_MGMT_WPA2 | | |
1959 | WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK; | |
1960 | } | |
1961 | drv->capa.enc |= WPA_DRIVER_CAPA_ENC_WEP40 | | |
1962 | WPA_DRIVER_CAPA_ENC_WEP104; | |
1963 | if (range->enc_capa & IW_ENC_CAPA_CIPHER_TKIP) | |
1964 | drv->capa.enc |= WPA_DRIVER_CAPA_ENC_TKIP; | |
1965 | if (range->enc_capa & IW_ENC_CAPA_CIPHER_CCMP) | |
1966 | drv->capa.enc |= WPA_DRIVER_CAPA_ENC_CCMP; | |
1967 | wpa_printf(MSG_DEBUG, " capabilities: key_mgmt 0x%x enc 0x%x", | |
1968 | drv->capa.key_mgmt, drv->capa.enc); | |
1969 | } else { | |
1970 | wpa_printf(MSG_DEBUG, "SIOCGIWRANGE: too old (short) data - " | |
1971 | "assuming WPA is not supported"); | |
1972 | } | |
1973 | ||
1974 | os_free(range); | |
1975 | return 0; | |
1976 | } | |
1977 | ||
1978 | ||
1979 | static int wpa_driver_nl80211_set_wpa(void *priv, int enabled) | |
1980 | { | |
1981 | struct wpa_driver_nl80211_data *drv = priv; | |
1982 | wpa_printf(MSG_DEBUG, "%s", __FUNCTION__); | |
1983 | ||
1984 | return wpa_driver_nl80211_set_auth_param(drv, IW_AUTH_WPA_ENABLED, | |
1985 | enabled); | |
1986 | } | |
1987 | ||
1988 | ||
1989 | static int wpa_driver_nl80211_set_key(void *priv, wpa_alg alg, | |
1990 | const u8 *addr, int key_idx, | |
1991 | int set_tx, const u8 *seq, | |
1992 | size_t seq_len, | |
1993 | const u8 *key, size_t key_len) | |
1994 | { | |
1995 | struct wpa_driver_nl80211_data *drv = priv; | |
6241fcb1 | 1996 | int err; |
3f5285e8 JM |
1997 | struct nl_msg *msg; |
1998 | ||
1999 | wpa_printf(MSG_DEBUG, "%s: alg=%d addr=%p key_idx=%d set_tx=%d " | |
2000 | "seq_len=%lu key_len=%lu", | |
2001 | __func__, alg, addr, key_idx, set_tx, | |
2002 | (unsigned long) seq_len, (unsigned long) key_len); | |
2003 | ||
2004 | msg = nlmsg_alloc(); | |
2005 | if (msg == NULL) | |
2006 | return -1; | |
2007 | ||
2008 | if (alg == WPA_ALG_NONE) { | |
2009 | genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0, | |
2010 | NL80211_CMD_DEL_KEY, 0); | |
2011 | } else { | |
2012 | genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, 0, | |
2013 | NL80211_CMD_NEW_KEY, 0); | |
2014 | NLA_PUT(msg, NL80211_ATTR_KEY_DATA, key_len, key); | |
2015 | switch (alg) { | |
2016 | case WPA_ALG_WEP: | |
2017 | if (key_len == 5) | |
2018 | NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER, | |
2019 | 0x000FAC01); | |
2020 | else | |
2021 | NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER, | |
2022 | 0x000FAC05); | |
2023 | break; | |
2024 | case WPA_ALG_TKIP: | |
2025 | NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER, 0x000FAC02); | |
2026 | break; | |
2027 | case WPA_ALG_CCMP: | |
2028 | NLA_PUT_U32(msg, NL80211_ATTR_KEY_CIPHER, 0x000FAC04); | |
2029 | break; | |
2030 | default: | |
2031 | nlmsg_free(msg); | |
2032 | return -1; | |
2033 | } | |
2034 | } | |
2035 | ||
2036 | if (addr && os_memcmp(addr, "\xff\xff\xff\xff\xff\xff", ETH_ALEN) != 0) | |
2037 | { | |
2038 | wpa_printf(MSG_DEBUG, " addr=" MACSTR, MAC2STR(addr)); | |
2039 | NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); | |
2040 | } | |
2041 | NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx); | |
2042 | NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex); | |
2043 | ||
6241fcb1 JM |
2044 | err = send_and_recv_msgs(drv, msg, NULL, NULL); |
2045 | if (err) { | |
3f5285e8 | 2046 | wpa_printf(MSG_DEBUG, "nl80211: set_key failed; err=%d", err); |
3f5285e8 JM |
2047 | return -1; |
2048 | } | |
2049 | ||
2050 | if (set_tx && alg != WPA_ALG_NONE) { | |
3f5285e8 JM |
2051 | msg = nlmsg_alloc(); |
2052 | if (msg == NULL) | |
2053 | return -1; | |
2054 | ||
2055 | genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, | |
2056 | 0, NL80211_CMD_SET_KEY, 0); | |
2057 | NLA_PUT_U8(msg, NL80211_ATTR_KEY_IDX, key_idx); | |
2058 | NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex); | |
2059 | NLA_PUT_FLAG(msg, NL80211_ATTR_KEY_DEFAULT); | |
2060 | ||
6241fcb1 JM |
2061 | err = send_and_recv_msgs(drv, msg, NULL, NULL); |
2062 | if (err) { | |
3f5285e8 JM |
2063 | wpa_printf(MSG_DEBUG, "nl80211: set default key " |
2064 | "failed; err=%d", err); | |
3f5285e8 JM |
2065 | return -1; |
2066 | } | |
2067 | } | |
2068 | ||
6241fcb1 | 2069 | return 0; |
3f5285e8 JM |
2070 | |
2071 | nla_put_failure: | |
6241fcb1 | 2072 | return -ENOBUFS; |
3f5285e8 JM |
2073 | } |
2074 | ||
2075 | ||
2076 | static int wpa_driver_nl80211_set_countermeasures(void *priv, | |
2077 | int enabled) | |
2078 | { | |
2079 | struct wpa_driver_nl80211_data *drv = priv; | |
2080 | wpa_printf(MSG_DEBUG, "%s", __FUNCTION__); | |
2081 | return wpa_driver_nl80211_set_auth_param(drv, | |
2082 | IW_AUTH_TKIP_COUNTERMEASURES, | |
2083 | enabled); | |
2084 | } | |
2085 | ||
2086 | ||
2087 | static int wpa_driver_nl80211_set_drop_unencrypted(void *priv, | |
2088 | int enabled) | |
2089 | { | |
2090 | struct wpa_driver_nl80211_data *drv = priv; | |
2091 | wpa_printf(MSG_DEBUG, "%s", __FUNCTION__); | |
2092 | drv->use_crypt = enabled; | |
2093 | return wpa_driver_nl80211_set_auth_param(drv, IW_AUTH_DROP_UNENCRYPTED, | |
2094 | enabled); | |
2095 | } | |
2096 | ||
2097 | ||
2098 | static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data *drv, | |
2099 | const u8 *addr, int cmd, int reason_code) | |
2100 | { | |
2101 | struct iwreq iwr; | |
2102 | struct iw_mlme mlme; | |
2103 | int ret = 0; | |
2104 | ||
2105 | os_memset(&iwr, 0, sizeof(iwr)); | |
2106 | os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ); | |
2107 | os_memset(&mlme, 0, sizeof(mlme)); | |
2108 | mlme.cmd = cmd; | |
2109 | mlme.reason_code = reason_code; | |
2110 | mlme.addr.sa_family = ARPHRD_ETHER; | |
2111 | os_memcpy(mlme.addr.sa_data, addr, ETH_ALEN); | |
2112 | iwr.u.data.pointer = (caddr_t) &mlme; | |
2113 | iwr.u.data.length = sizeof(mlme); | |
2114 | ||
2115 | if (ioctl(drv->ioctl_sock, SIOCSIWMLME, &iwr) < 0) { | |
2116 | perror("ioctl[SIOCSIWMLME]"); | |
2117 | ret = -1; | |
2118 | } | |
2119 | ||
2120 | return ret; | |
2121 | } | |
2122 | ||
2123 | ||
2124 | static int wpa_driver_nl80211_deauthenticate(void *priv, const u8 *addr, | |
2125 | int reason_code) | |
2126 | { | |
2127 | struct wpa_driver_nl80211_data *drv = priv; | |
2128 | wpa_printf(MSG_DEBUG, "%s", __FUNCTION__); | |
2129 | return wpa_driver_nl80211_mlme(drv, addr, IW_MLME_DEAUTH, reason_code); | |
2130 | } | |
2131 | ||
2132 | ||
2133 | static int wpa_driver_nl80211_disassociate(void *priv, const u8 *addr, | |
2134 | int reason_code) | |
2135 | { | |
2136 | struct wpa_driver_nl80211_data *drv = priv; | |
2137 | wpa_printf(MSG_DEBUG, "%s", __FUNCTION__); | |
2138 | return wpa_driver_nl80211_mlme(drv, addr, IW_MLME_DISASSOC, | |
2139 | reason_code); | |
2140 | } | |
2141 | ||
2142 | ||
2143 | static int wpa_driver_nl80211_set_gen_ie(void *priv, const u8 *ie, | |
2144 | size_t ie_len) | |
2145 | { | |
2146 | struct wpa_driver_nl80211_data *drv = priv; | |
2147 | struct iwreq iwr; | |
2148 | int ret = 0; | |
2149 | ||
2150 | os_memset(&iwr, 0, sizeof(iwr)); | |
2151 | os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ); | |
2152 | iwr.u.data.pointer = (caddr_t) ie; | |
2153 | iwr.u.data.length = ie_len; | |
2154 | ||
2155 | if (ioctl(drv->ioctl_sock, SIOCSIWGENIE, &iwr) < 0) { | |
2156 | perror("ioctl[SIOCSIWGENIE]"); | |
2157 | ret = -1; | |
2158 | } | |
2159 | ||
2160 | return ret; | |
2161 | } | |
2162 | ||
2163 | ||
2164 | static int wpa_driver_nl80211_cipher2wext(int cipher) | |
2165 | { | |
2166 | switch (cipher) { | |
2167 | case CIPHER_NONE: | |
2168 | return IW_AUTH_CIPHER_NONE; | |
2169 | case CIPHER_WEP40: | |
2170 | return IW_AUTH_CIPHER_WEP40; | |
2171 | case CIPHER_TKIP: | |
2172 | return IW_AUTH_CIPHER_TKIP; | |
2173 | case CIPHER_CCMP: | |
2174 | return IW_AUTH_CIPHER_CCMP; | |
2175 | case CIPHER_WEP104: | |
2176 | return IW_AUTH_CIPHER_WEP104; | |
2177 | default: | |
2178 | return 0; | |
2179 | } | |
2180 | } | |
2181 | ||
2182 | ||
2183 | static int wpa_driver_nl80211_keymgmt2wext(int keymgmt) | |
2184 | { | |
2185 | switch (keymgmt) { | |
2186 | case KEY_MGMT_802_1X: | |
2187 | case KEY_MGMT_802_1X_NO_WPA: | |
2188 | return IW_AUTH_KEY_MGMT_802_1X; | |
2189 | case KEY_MGMT_PSK: | |
2190 | return IW_AUTH_KEY_MGMT_PSK; | |
2191 | default: | |
2192 | return 0; | |
2193 | } | |
2194 | } | |
2195 | ||
2196 | ||
2197 | static int | |
2198 | wpa_driver_nl80211_auth_alg_fallback(struct wpa_driver_nl80211_data *drv, | |
2199 | struct wpa_driver_associate_params *params) | |
2200 | { | |
2201 | struct iwreq iwr; | |
2202 | int ret = 0; | |
2203 | ||
2204 | wpa_printf(MSG_DEBUG, "WEXT: Driver did not support " | |
2205 | "SIOCSIWAUTH for AUTH_ALG, trying SIOCSIWENCODE"); | |
2206 | ||
2207 | os_memset(&iwr, 0, sizeof(iwr)); | |
2208 | os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ); | |
2209 | /* Just changing mode, not actual keys */ | |
2210 | iwr.u.encoding.flags = 0; | |
2211 | iwr.u.encoding.pointer = (caddr_t) NULL; | |
2212 | iwr.u.encoding.length = 0; | |
2213 | ||
2214 | /* | |
2215 | * Note: IW_ENCODE_{OPEN,RESTRICTED} can be interpreted to mean two | |
2216 | * different things. Here they are used to indicate Open System vs. | |
2217 | * Shared Key authentication algorithm. However, some drivers may use | |
2218 | * them to select between open/restricted WEP encrypted (open = allow | |
2219 | * both unencrypted and encrypted frames; restricted = only allow | |
2220 | * encrypted frames). | |
2221 | */ | |
2222 | ||
2223 | if (!drv->use_crypt) { | |
2224 | iwr.u.encoding.flags |= IW_ENCODE_DISABLED; | |
2225 | } else { | |
2226 | if (params->auth_alg & AUTH_ALG_OPEN_SYSTEM) | |
2227 | iwr.u.encoding.flags |= IW_ENCODE_OPEN; | |
2228 | if (params->auth_alg & AUTH_ALG_SHARED_KEY) | |
2229 | iwr.u.encoding.flags |= IW_ENCODE_RESTRICTED; | |
2230 | } | |
2231 | ||
2232 | if (ioctl(drv->ioctl_sock, SIOCSIWENCODE, &iwr) < 0) { | |
2233 | perror("ioctl[SIOCSIWENCODE]"); | |
2234 | ret = -1; | |
2235 | } | |
2236 | ||
2237 | return ret; | |
2238 | } | |
2239 | ||
2240 | ||
2241 | static int wpa_driver_nl80211_associate( | |
2242 | void *priv, struct wpa_driver_associate_params *params) | |
2243 | { | |
2244 | struct wpa_driver_nl80211_data *drv = priv; | |
2245 | int ret = 0; | |
2246 | int allow_unencrypted_eapol; | |
2247 | int value; | |
2248 | ||
2249 | wpa_printf(MSG_DEBUG, "%s", __FUNCTION__); | |
2250 | ||
2251 | /* | |
2252 | * If the driver did not support SIOCSIWAUTH, fallback to | |
2253 | * SIOCSIWENCODE here. | |
2254 | */ | |
2255 | if (drv->auth_alg_fallback && | |
2256 | wpa_driver_nl80211_auth_alg_fallback(drv, params) < 0) | |
2257 | ret = -1; | |
2258 | ||
2259 | if (!params->bssid && | |
2260 | wpa_driver_nl80211_set_bssid(drv, NULL) < 0) | |
2261 | ret = -1; | |
2262 | ||
3f5285e8 JM |
2263 | /* TODO: should consider getting wpa version and cipher/key_mgmt suites |
2264 | * from configuration, not from here, where only the selected suite is | |
2265 | * available */ | |
2266 | if (wpa_driver_nl80211_set_gen_ie(drv, params->wpa_ie, params->wpa_ie_len) | |
2267 | < 0) | |
2268 | ret = -1; | |
2269 | if (params->wpa_ie == NULL || params->wpa_ie_len == 0) | |
2270 | value = IW_AUTH_WPA_VERSION_DISABLED; | |
2271 | else if (params->wpa_ie[0] == WLAN_EID_RSN) | |
2272 | value = IW_AUTH_WPA_VERSION_WPA2; | |
2273 | else | |
2274 | value = IW_AUTH_WPA_VERSION_WPA; | |
2275 | if (wpa_driver_nl80211_set_auth_param(drv, | |
2276 | IW_AUTH_WPA_VERSION, value) < 0) | |
2277 | ret = -1; | |
2278 | value = wpa_driver_nl80211_cipher2wext(params->pairwise_suite); | |
2279 | if (wpa_driver_nl80211_set_auth_param(drv, | |
2280 | IW_AUTH_CIPHER_PAIRWISE, value) < 0) | |
2281 | ret = -1; | |
2282 | value = wpa_driver_nl80211_cipher2wext(params->group_suite); | |
2283 | if (wpa_driver_nl80211_set_auth_param(drv, | |
2284 | IW_AUTH_CIPHER_GROUP, value) < 0) | |
2285 | ret = -1; | |
2286 | value = wpa_driver_nl80211_keymgmt2wext(params->key_mgmt_suite); | |
2287 | if (wpa_driver_nl80211_set_auth_param(drv, | |
2288 | IW_AUTH_KEY_MGMT, value) < 0) | |
2289 | ret = -1; | |
2290 | value = params->key_mgmt_suite != KEY_MGMT_NONE || | |
2291 | params->pairwise_suite != CIPHER_NONE || | |
2292 | params->group_suite != CIPHER_NONE || | |
2293 | params->wpa_ie_len; | |
2294 | if (wpa_driver_nl80211_set_auth_param(drv, | |
2295 | IW_AUTH_PRIVACY_INVOKED, value) < 0) | |
2296 | ret = -1; | |
2297 | ||
2298 | /* Allow unencrypted EAPOL messages even if pairwise keys are set when | |
2299 | * not using WPA. IEEE 802.1X specifies that these frames are not | |
2300 | * encrypted, but WPA encrypts them when pairwise keys are in use. */ | |
2301 | if (params->key_mgmt_suite == KEY_MGMT_802_1X || | |
2302 | params->key_mgmt_suite == KEY_MGMT_PSK) | |
2303 | allow_unencrypted_eapol = 0; | |
2304 | else | |
2305 | allow_unencrypted_eapol = 1; | |
2306 | ||
2307 | if (wpa_driver_nl80211_set_auth_param(drv, | |
2308 | IW_AUTH_RX_UNENCRYPTED_EAPOL, | |
2309 | allow_unencrypted_eapol) < 0) | |
2310 | ret = -1; | |
2311 | if (params->freq && wpa_driver_nl80211_set_freq(drv, params->freq) < 0) | |
2312 | ret = -1; | |
2313 | if (wpa_driver_nl80211_set_ssid(drv, params->ssid, params->ssid_len) < 0) | |
2314 | ret = -1; | |
2315 | if (params->bssid && | |
2316 | wpa_driver_nl80211_set_bssid(drv, params->bssid) < 0) | |
2317 | ret = -1; | |
2318 | ||
2319 | return ret; | |
2320 | } | |
2321 | ||
2322 | ||
2323 | static int wpa_driver_nl80211_set_auth_alg(void *priv, int auth_alg) | |
2324 | { | |
2325 | struct wpa_driver_nl80211_data *drv = priv; | |
2326 | int algs = 0, res; | |
2327 | ||
2328 | if (auth_alg & AUTH_ALG_OPEN_SYSTEM) | |
2329 | algs |= IW_AUTH_ALG_OPEN_SYSTEM; | |
2330 | if (auth_alg & AUTH_ALG_SHARED_KEY) | |
2331 | algs |= IW_AUTH_ALG_SHARED_KEY; | |
2332 | if (auth_alg & AUTH_ALG_LEAP) | |
2333 | algs |= IW_AUTH_ALG_LEAP; | |
2334 | if (algs == 0) { | |
2335 | /* at least one algorithm should be set */ | |
2336 | algs = IW_AUTH_ALG_OPEN_SYSTEM; | |
2337 | } | |
2338 | ||
2339 | res = wpa_driver_nl80211_set_auth_param(drv, IW_AUTH_80211_AUTH_ALG, | |
2340 | algs); | |
2341 | drv->auth_alg_fallback = res == -2; | |
2342 | return res; | |
2343 | } | |
2344 | ||
2345 | ||
2346 | /** | |
2347 | * wpa_driver_nl80211_set_mode - Set wireless mode (infra/adhoc), SIOCSIWMODE | |
2348 | * @priv: Pointer to private wext data from wpa_driver_nl80211_init() | |
2349 | * @mode: 0 = infra/BSS (associate with an AP), 1 = adhoc/IBSS | |
2350 | * Returns: 0 on success, -1 on failure | |
2351 | */ | |
2352 | static int wpa_driver_nl80211_set_mode(void *priv, int mode) | |
2353 | { | |
2354 | struct wpa_driver_nl80211_data *drv = priv; | |
2355 | int ret = -1, flags; | |
2356 | struct nl_msg *msg; | |
2357 | ||
2358 | msg = nlmsg_alloc(); | |
2359 | if (!msg) | |
2360 | return -1; | |
2361 | ||
2362 | genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, | |
2363 | 0, NL80211_CMD_SET_INTERFACE, 0); | |
2364 | NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex); | |
0a4e6cbf JM |
2365 | NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, |
2366 | mode ? NL80211_IFTYPE_ADHOC : NL80211_IFTYPE_STATION); | |
3f5285e8 | 2367 | |
6241fcb1 JM |
2368 | ret = send_and_recv_msgs(drv, msg, NULL, NULL); |
2369 | if (!ret) | |
2370 | return 0; | |
2371 | else | |
3f5285e8 JM |
2372 | goto try_again; |
2373 | ||
3f5285e8 | 2374 | nla_put_failure: |
6241fcb1 | 2375 | wpa_printf(MSG_ERROR, "nl80211: Failed to set interface mode"); |
3f5285e8 JM |
2376 | return -1; |
2377 | ||
2378 | try_again: | |
2379 | /* mac80211 doesn't allow mode changes while the device is up, so | |
2380 | * take the device down, try to set the mode again, and bring the | |
2381 | * device back up. | |
2382 | */ | |
2383 | if (wpa_driver_nl80211_get_ifflags(drv, &flags) == 0) { | |
2384 | (void) wpa_driver_nl80211_set_ifflags(drv, flags & ~IFF_UP); | |
2385 | ||
2386 | /* Try to set the mode again while the interface is down */ | |
6241fcb1 JM |
2387 | msg = nlmsg_alloc(); |
2388 | if (!msg) | |
2389 | return -1; | |
2390 | ||
2391 | genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, | |
2392 | 0, NL80211_CMD_SET_INTERFACE, 0); | |
2393 | NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex); | |
2394 | NLA_PUT_U32(msg, NL80211_ATTR_IFTYPE, | |
2395 | mode ? NL80211_IFTYPE_ADHOC : | |
2396 | NL80211_IFTYPE_STATION); | |
2397 | ret = send_and_recv_msgs(drv, msg, NULL, NULL); | |
2398 | if (ret) { | |
3f5285e8 JM |
2399 | wpa_printf(MSG_ERROR, "Failed to set interface %s " |
2400 | "mode", drv->ifname); | |
6241fcb1 | 2401 | } |
3f5285e8 JM |
2402 | |
2403 | /* Ignore return value of get_ifflags to ensure that the device | |
2404 | * is always up like it was before this function was called. | |
2405 | */ | |
2406 | (void) wpa_driver_nl80211_get_ifflags(drv, &flags); | |
2407 | (void) wpa_driver_nl80211_set_ifflags(drv, flags | IFF_UP); | |
2408 | } | |
2409 | ||
3f5285e8 JM |
2410 | return ret; |
2411 | } | |
2412 | ||
2413 | ||
2414 | static int wpa_driver_nl80211_pmksa(struct wpa_driver_nl80211_data *drv, | |
2415 | u32 cmd, const u8 *bssid, const u8 *pmkid) | |
2416 | { | |
2417 | struct iwreq iwr; | |
2418 | struct iw_pmksa pmksa; | |
2419 | int ret = 0; | |
2420 | ||
2421 | os_memset(&iwr, 0, sizeof(iwr)); | |
2422 | os_strlcpy(iwr.ifr_name, drv->ifname, IFNAMSIZ); | |
2423 | os_memset(&pmksa, 0, sizeof(pmksa)); | |
2424 | pmksa.cmd = cmd; | |
2425 | pmksa.bssid.sa_family = ARPHRD_ETHER; | |
2426 | if (bssid) | |
2427 | os_memcpy(pmksa.bssid.sa_data, bssid, ETH_ALEN); | |
2428 | if (pmkid) | |
2429 | os_memcpy(pmksa.pmkid, pmkid, IW_PMKID_LEN); | |
2430 | iwr.u.data.pointer = (caddr_t) &pmksa; | |
2431 | iwr.u.data.length = sizeof(pmksa); | |
2432 | ||
2433 | if (ioctl(drv->ioctl_sock, SIOCSIWPMKSA, &iwr) < 0) { | |
2434 | if (errno != EOPNOTSUPP) | |
2435 | perror("ioctl[SIOCSIWPMKSA]"); | |
2436 | ret = -1; | |
2437 | } | |
2438 | ||
2439 | return ret; | |
2440 | } | |
2441 | ||
2442 | ||
2443 | static int wpa_driver_nl80211_add_pmkid(void *priv, const u8 *bssid, | |
2444 | const u8 *pmkid) | |
2445 | { | |
2446 | struct wpa_driver_nl80211_data *drv = priv; | |
2447 | return wpa_driver_nl80211_pmksa(drv, IW_PMKSA_ADD, bssid, pmkid); | |
2448 | } | |
2449 | ||
2450 | ||
2451 | static int wpa_driver_nl80211_remove_pmkid(void *priv, const u8 *bssid, | |
2452 | const u8 *pmkid) | |
2453 | { | |
2454 | struct wpa_driver_nl80211_data *drv = priv; | |
2455 | return wpa_driver_nl80211_pmksa(drv, IW_PMKSA_REMOVE, bssid, pmkid); | |
2456 | } | |
2457 | ||
2458 | ||
2459 | static int wpa_driver_nl80211_flush_pmkid(void *priv) | |
2460 | { | |
2461 | struct wpa_driver_nl80211_data *drv = priv; | |
2462 | return wpa_driver_nl80211_pmksa(drv, IW_PMKSA_FLUSH, NULL, NULL); | |
2463 | } | |
2464 | ||
2465 | ||
2466 | static int wpa_driver_nl80211_get_capa(void *priv, | |
2467 | struct wpa_driver_capa *capa) | |
2468 | { | |
2469 | struct wpa_driver_nl80211_data *drv = priv; | |
2470 | if (!drv->has_capability) | |
2471 | return -1; | |
2472 | os_memcpy(capa, &drv->capa, sizeof(*capa)); | |
2473 | return 0; | |
2474 | } | |
2475 | ||
2476 | ||
2477 | static int wpa_driver_nl80211_set_operstate(void *priv, int state) | |
2478 | { | |
2479 | struct wpa_driver_nl80211_data *drv = priv; | |
2480 | ||
2481 | wpa_printf(MSG_DEBUG, "%s: operstate %d->%d (%s)", | |
2482 | __func__, drv->operstate, state, state ? "UP" : "DORMANT"); | |
2483 | drv->operstate = state; | |
2484 | return wpa_driver_nl80211_send_oper_ifla( | |
2485 | drv, -1, state ? IF_OPER_UP : IF_OPER_DORMANT); | |
2486 | } | |
2487 | ||
2488 | ||
1c873584 JM |
2489 | #ifdef CONFIG_CLIENT_MLME |
2490 | static int wpa_driver_nl80211_open_mlme(struct wpa_driver_nl80211_data *drv) | |
2491 | { | |
2492 | if (wpa_driver_nl80211_set_userspace_mlme(drv, 1) < 0) { | |
2493 | wpa_printf(MSG_ERROR, "nl80211: Failed to enable userspace " | |
2494 | "MLME"); | |
2495 | return -1; | |
2496 | } | |
2497 | if (wpa_driver_nl80211_create_monitor_interface(drv)) { | |
2498 | wpa_printf(MSG_ERROR, "nl80211: Failed to create monitor " | |
2499 | "interface"); | |
2500 | return -1; | |
2501 | } | |
2502 | return 0; | |
2503 | } | |
2504 | #endif /* CONFIG_CLIENT_MLME */ | |
2505 | ||
2506 | ||
2507 | static int wpa_driver_nl80211_set_param(void *priv, const char *param) | |
2508 | { | |
2509 | #ifdef CONFIG_CLIENT_MLME | |
2510 | struct wpa_driver_nl80211_data *drv = priv; | |
2511 | ||
2512 | if (param == NULL) | |
2513 | return 0; | |
2514 | ||
2515 | wpa_printf(MSG_DEBUG, "%s: param='%s'", __func__, param); | |
2516 | ||
2517 | if (os_strstr(param, "use_mlme=1")) { | |
2518 | wpa_printf(MSG_DEBUG, "nl80211: Using user space MLME"); | |
2519 | drv->capa.flags |= WPA_DRIVER_FLAGS_USER_SPACE_MLME; | |
2520 | ||
2521 | if (wpa_driver_nl80211_open_mlme(drv)) | |
2522 | return -1; | |
2523 | } | |
2524 | #endif /* CONFIG_CLIENT_MLME */ | |
2525 | ||
2526 | return 0; | |
2527 | } | |
2528 | ||
2529 | ||
2530 | #ifdef CONFIG_CLIENT_MLME | |
2531 | ||
1c873584 JM |
2532 | struct phy_info_arg { |
2533 | u16 *num_modes; | |
2534 | struct wpa_hw_modes *modes; | |
1c873584 JM |
2535 | }; |
2536 | ||
2537 | ||
2538 | static int phy_info_handler(struct nl_msg *msg, void *arg) | |
2539 | { | |
2540 | struct nlattr *tb_msg[NL80211_ATTR_MAX + 1]; | |
2541 | struct genlmsghdr *gnlh = nlmsg_data(nlmsg_hdr(msg)); | |
2542 | struct phy_info_arg *phy_info = arg; | |
2543 | ||
2544 | struct nlattr *tb_band[NL80211_BAND_ATTR_MAX + 1]; | |
2545 | ||
2546 | struct nlattr *tb_freq[NL80211_FREQUENCY_ATTR_MAX + 1]; | |
2547 | static struct nla_policy freq_policy[NL80211_FREQUENCY_ATTR_MAX + 1] | |
2548 | = { | |
2549 | [NL80211_FREQUENCY_ATTR_FREQ] = { .type = NLA_U32 }, | |
2550 | [NL80211_FREQUENCY_ATTR_DISABLED] = { .type = NLA_FLAG }, | |
2551 | [NL80211_FREQUENCY_ATTR_PASSIVE_SCAN] = { .type = NLA_FLAG }, | |
2552 | [NL80211_FREQUENCY_ATTR_NO_IBSS] = { .type = NLA_FLAG }, | |
2553 | [NL80211_FREQUENCY_ATTR_RADAR] = { .type = NLA_FLAG }, | |
2554 | }; | |
2555 | ||
2556 | struct nlattr *tb_rate[NL80211_BITRATE_ATTR_MAX + 1]; | |
2557 | static struct nla_policy rate_policy[NL80211_BITRATE_ATTR_MAX + 1] = { | |
2558 | [NL80211_BITRATE_ATTR_RATE] = { .type = NLA_U32 }, | |
2559 | [NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE] = | |
2560 | { .type = NLA_FLAG }, | |
2561 | }; | |
2562 | ||
2563 | struct nlattr *nl_band; | |
2564 | struct nlattr *nl_freq; | |
2565 | struct nlattr *nl_rate; | |
2566 | int rem_band, rem_freq, rem_rate; | |
2567 | struct wpa_hw_modes *mode; | |
2568 | int idx, mode_is_set; | |
2569 | ||
2570 | nla_parse(tb_msg, NL80211_ATTR_MAX, genlmsg_attrdata(gnlh, 0), | |
2571 | genlmsg_attrlen(gnlh, 0), NULL); | |
2572 | ||
2573 | if (!tb_msg[NL80211_ATTR_WIPHY_BANDS]) | |
2574 | return NL_SKIP; | |
2575 | ||
2576 | nla_for_each_nested(nl_band, tb_msg[NL80211_ATTR_WIPHY_BANDS], | |
2577 | rem_band) { | |
2578 | mode = os_realloc(phy_info->modes, | |
2579 | (*phy_info->num_modes + 1) * sizeof(*mode)); | |
2580 | if (!mode) | |
2581 | return NL_SKIP; | |
2582 | phy_info->modes = mode; | |
2583 | ||
2584 | mode_is_set = 0; | |
2585 | ||
2586 | mode = &phy_info->modes[*(phy_info->num_modes)]; | |
2587 | os_memset(mode, 0, sizeof(*mode)); | |
2588 | *(phy_info->num_modes) += 1; | |
2589 | ||
2590 | nla_parse(tb_band, NL80211_BAND_ATTR_MAX, nla_data(nl_band), | |
2591 | nla_len(nl_band), NULL); | |
2592 | ||
2593 | nla_for_each_nested(nl_freq, tb_band[NL80211_BAND_ATTR_FREQS], | |
2594 | rem_freq) { | |
2595 | nla_parse(tb_freq, NL80211_FREQUENCY_ATTR_MAX, | |
2596 | nla_data(nl_freq), nla_len(nl_freq), | |
2597 | freq_policy); | |
2598 | if (!tb_freq[NL80211_FREQUENCY_ATTR_FREQ]) | |
2599 | continue; | |
2600 | mode->num_channels++; | |
2601 | } | |
2602 | ||
2603 | mode->channels = os_zalloc(mode->num_channels * | |
2604 | sizeof(struct wpa_channel_data)); | |
2605 | if (!mode->channels) | |
2606 | return NL_SKIP; | |
2607 | ||
2608 | idx = 0; | |
2609 | ||
2610 | nla_for_each_nested(nl_freq, tb_band[NL80211_BAND_ATTR_FREQS], | |
2611 | rem_freq) { | |
2612 | nla_parse(tb_freq, NL80211_FREQUENCY_ATTR_MAX, | |
2613 | nla_data(nl_freq), nla_len(nl_freq), | |
2614 | freq_policy); | |
2615 | if (!tb_freq[NL80211_FREQUENCY_ATTR_FREQ]) | |
2616 | continue; | |
2617 | ||
2618 | mode->channels[idx].freq = nla_get_u32( | |
2619 | tb_freq[NL80211_FREQUENCY_ATTR_FREQ]); | |
2620 | mode->channels[idx].flag |= WPA_CHAN_W_SCAN | | |
2621 | WPA_CHAN_W_ACTIVE_SCAN | | |
2622 | WPA_CHAN_W_IBSS; | |
2623 | ||
2624 | if (!mode_is_set) { | |
2625 | /* crude heuristic */ | |
2626 | if (mode->channels[idx].freq < 4000) | |
2627 | mode->mode = WPA_MODE_IEEE80211B; | |
2628 | else | |
2629 | mode->mode = WPA_MODE_IEEE80211A; | |
2630 | mode_is_set = 1; | |
2631 | } | |
2632 | ||
2633 | /* crude heuristic */ | |
2634 | if (mode->channels[idx].freq < 4000) { | |
2635 | if (mode->channels[idx].freq == 2848) | |
2636 | mode->channels[idx].chan = 14; | |
2637 | else | |
2638 | mode->channels[idx].chan = | |
2639 | (mode->channels[idx].freq - | |
2640 | 2407) / 5; | |
2641 | } else | |
2642 | mode->channels[idx].chan = | |
2643 | mode->channels[idx].freq / 5 - 1000; | |
2644 | ||
2645 | if (tb_freq[NL80211_FREQUENCY_ATTR_DISABLED]) | |
2646 | mode->channels[idx].flag &= ~WPA_CHAN_W_SCAN; | |
2647 | if (tb_freq[NL80211_FREQUENCY_ATTR_PASSIVE_SCAN]) | |
2648 | mode->channels[idx].flag &= | |
2649 | ~WPA_CHAN_W_ACTIVE_SCAN; | |
2650 | if (tb_freq[NL80211_FREQUENCY_ATTR_NO_IBSS]) | |
2651 | mode->channels[idx].flag &= ~WPA_CHAN_W_IBSS; | |
2652 | idx++; | |
2653 | } | |
2654 | ||
2655 | nla_for_each_nested(nl_rate, tb_band[NL80211_BAND_ATTR_RATES], | |
2656 | rem_rate) { | |
2657 | nla_parse(tb_rate, NL80211_BITRATE_ATTR_MAX, | |
2658 | nla_data(nl_rate), nla_len(nl_rate), | |
2659 | rate_policy); | |
2660 | if (!tb_rate[NL80211_BITRATE_ATTR_RATE]) | |
2661 | continue; | |
2662 | mode->num_rates++; | |
2663 | } | |
2664 | ||
2665 | mode->rates = os_zalloc(mode->num_rates * | |
2666 | sizeof(struct wpa_rate_data)); | |
2667 | if (!mode->rates) | |
2668 | return NL_SKIP; | |
2669 | ||
2670 | idx = 0; | |
2671 | ||
2672 | nla_for_each_nested(nl_rate, tb_band[NL80211_BAND_ATTR_RATES], | |
2673 | rem_rate) { | |
2674 | nla_parse(tb_rate, NL80211_BITRATE_ATTR_MAX, | |
2675 | nla_data(nl_rate), nla_len(nl_rate), | |
2676 | rate_policy); | |
2677 | if (!tb_rate[NL80211_BITRATE_ATTR_RATE]) | |
2678 | continue; | |
2679 | mode->rates[idx].rate = nla_get_u32( | |
2680 | tb_rate[NL80211_BITRATE_ATTR_RATE]); | |
2681 | ||
2682 | /* crude heuristic */ | |
2683 | if (mode->mode == WPA_MODE_IEEE80211B && | |
2684 | mode->rates[idx].rate > 200) | |
2685 | mode->mode = WPA_MODE_IEEE80211G; | |
2686 | ||
2687 | if (tb_rate[NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE]) | |
2688 | mode->rates[idx].flags |= WPA_RATE_PREAMBLE2; | |
2689 | ||
2690 | idx++; | |
2691 | } | |
2692 | } | |
2693 | ||
1c873584 JM |
2694 | return NL_SKIP; |
2695 | } | |
2696 | ||
2697 | ||
2698 | static struct wpa_hw_modes * | |
2699 | wpa_driver_nl80211_get_hw_feature_data(void *priv, u16 *num_modes, u16 *flags) | |
2700 | { | |
2701 | struct wpa_driver_nl80211_data *drv = priv; | |
2702 | struct nl_msg *msg; | |
1c873584 JM |
2703 | struct phy_info_arg result = { |
2704 | .num_modes = num_modes, | |
2705 | .modes = NULL, | |
1c873584 JM |
2706 | }; |
2707 | ||
2708 | *num_modes = 0; | |
2709 | *flags = 0; | |
2710 | ||
2711 | msg = nlmsg_alloc(); | |
2712 | if (!msg) | |
2713 | return NULL; | |
2714 | ||
2715 | genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, | |
2716 | 0, NL80211_CMD_GET_WIPHY, 0); | |
2717 | ||
2718 | NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex); | |
2719 | ||
6241fcb1 JM |
2720 | if (send_and_recv_msgs(drv, msg, phy_info_handler, &result) == 0) |
2721 | return result.modes; | |
2722 | nla_put_failure: | |
2723 | return NULL; | |
1c873584 JM |
2724 | } |
2725 | ||
2726 | ||
2727 | static int wpa_driver_nl80211_set_channel(void *priv, wpa_hw_mode phymode, | |
2728 | int chan, int freq) | |
2729 | { | |
2730 | return wpa_driver_nl80211_set_freq(priv, freq); | |
2731 | } | |
2732 | ||
2733 | ||
2734 | static int wpa_driver_nl80211_send_mlme(void *priv, const u8 *data, | |
2735 | size_t data_len) | |
2736 | { | |
2737 | struct wpa_driver_nl80211_data *drv = priv; | |
2738 | __u8 rtap_hdr[] = { | |
2739 | 0x00, 0x00, /* radiotap version */ | |
2740 | 0x0e, 0x00, /* radiotap length */ | |
2741 | 0x02, 0xc0, 0x00, 0x00, /* bmap: flags, tx and rx flags */ | |
2742 | 0x0c, /* F_WEP | F_FRAG (encrypt/fragment if required) */ | |
2743 | 0x00, /* padding */ | |
2744 | 0x00, 0x00, /* RX and TX flags to indicate that */ | |
2745 | 0x00, 0x00, /* this is the injected frame directly */ | |
2746 | }; | |
2747 | struct iovec iov[2] = { | |
2748 | { | |
2749 | .iov_base = &rtap_hdr, | |
2750 | .iov_len = sizeof(rtap_hdr), | |
2751 | }, | |
2752 | { | |
2753 | .iov_base = (void *) data, | |
2754 | .iov_len = data_len, | |
2755 | } | |
2756 | }; | |
2757 | struct msghdr msg = { | |
2758 | .msg_name = NULL, | |
2759 | .msg_namelen = 0, | |
2760 | .msg_iov = iov, | |
2761 | .msg_iovlen = 2, | |
2762 | .msg_control = NULL, | |
2763 | .msg_controllen = 0, | |
2764 | .msg_flags = 0, | |
2765 | }; | |
2766 | ||
2767 | if (sendmsg(drv->monitor_sock, &msg, 0) < 0) { | |
2768 | perror("send[MLME]"); | |
2769 | return -1; | |
2770 | } | |
2771 | ||
2772 | return 0; | |
2773 | } | |
2774 | ||
3c83f19c JM |
2775 | |
2776 | static int wpa_driver_nl80211_mlme_add_sta(void *priv, const u8 *addr, | |
2777 | const u8 *supp_rates, | |
2778 | size_t supp_rates_len) | |
2779 | { | |
2780 | struct wpa_driver_nl80211_data *drv = priv; | |
2781 | struct nl_msg *msg; | |
2782 | int ret = -1; | |
2783 | ||
2784 | msg = nlmsg_alloc(); | |
2785 | if (!msg) | |
6241fcb1 | 2786 | return -ENOMEM; |
3c83f19c JM |
2787 | |
2788 | genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, | |
2789 | 0, NL80211_CMD_NEW_STATION, 0); | |
2790 | ||
2791 | NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex); | |
2792 | NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); | |
2793 | /* TODO: Get proper Association ID and listen interval */ | |
2794 | NLA_PUT_U16(msg, NL80211_ATTR_STA_AID, 1); | |
2795 | NLA_PUT(msg, NL80211_ATTR_STA_SUPPORTED_RATES, supp_rates_len, | |
2796 | supp_rates); | |
2797 | NLA_PUT_U16(msg, NL80211_ATTR_STA_LISTEN_INTERVAL, 1); | |
2798 | ||
6241fcb1 | 2799 | ret = send_and_recv_msgs(drv, msg, NULL, NULL); |
3c83f19c JM |
2800 | /* ignore EEXIST, this happens if a STA associates while associated */ |
2801 | if (ret == -EEXIST || ret >= 0) | |
2802 | ret = 0; | |
2803 | ||
6241fcb1 | 2804 | nla_put_failure: |
3c83f19c JM |
2805 | return ret; |
2806 | } | |
2807 | ||
2808 | ||
2809 | static int wpa_driver_nl80211_mlme_remove_sta(void *priv, const u8 *addr) | |
2810 | { | |
2811 | struct wpa_driver_nl80211_data *drv = priv; | |
2812 | struct nl_msg *msg; | |
2813 | int ret = -1; | |
2814 | ||
2815 | msg = nlmsg_alloc(); | |
2816 | if (!msg) | |
6241fcb1 | 2817 | return -ENOMEM; |
3c83f19c JM |
2818 | |
2819 | genlmsg_put(msg, 0, 0, genl_family_get_id(drv->nl80211), 0, | |
2820 | 0, NL80211_CMD_DEL_STATION, 0); | |
2821 | ||
2822 | NLA_PUT_U32(msg, NL80211_ATTR_IFINDEX, drv->ifindex); | |
2823 | NLA_PUT(msg, NL80211_ATTR_MAC, ETH_ALEN, addr); | |
2824 | ||
2825 | ret = 0; | |
2826 | ||
6241fcb1 | 2827 | ret = send_and_recv_msgs(drv, msg, NULL, NULL); |
3c83f19c | 2828 | return ret; |
6241fcb1 JM |
2829 | |
2830 | nla_put_failure: | |
2831 | return -ENOBUFS; | |
3c83f19c JM |
2832 | } |
2833 | ||
1c873584 JM |
2834 | #endif /* CONFIG_CLIENT_MLME */ |
2835 | ||
2836 | ||
3f5285e8 JM |
2837 | const struct wpa_driver_ops wpa_driver_nl80211_ops = { |
2838 | .name = "nl80211", | |
2839 | .desc = "Linux nl80211/cfg80211", | |
2840 | .get_bssid = wpa_driver_nl80211_get_bssid, | |
2841 | .get_ssid = wpa_driver_nl80211_get_ssid, | |
2842 | .set_wpa = wpa_driver_nl80211_set_wpa, | |
2843 | .set_key = wpa_driver_nl80211_set_key, | |
2844 | .set_countermeasures = wpa_driver_nl80211_set_countermeasures, | |
2845 | .set_drop_unencrypted = wpa_driver_nl80211_set_drop_unencrypted, | |
2846 | .scan = wpa_driver_nl80211_scan, | |
2847 | .get_scan_results2 = wpa_driver_nl80211_get_scan_results, | |
2848 | .deauthenticate = wpa_driver_nl80211_deauthenticate, | |
2849 | .disassociate = wpa_driver_nl80211_disassociate, | |
ec5f180a | 2850 | .set_mode = wpa_driver_nl80211_set_mode, |
3f5285e8 JM |
2851 | .associate = wpa_driver_nl80211_associate, |
2852 | .set_auth_alg = wpa_driver_nl80211_set_auth_alg, | |
2853 | .init = wpa_driver_nl80211_init, | |
2854 | .deinit = wpa_driver_nl80211_deinit, | |
1c873584 | 2855 | .set_param = wpa_driver_nl80211_set_param, |
3f5285e8 JM |
2856 | .add_pmkid = wpa_driver_nl80211_add_pmkid, |
2857 | .remove_pmkid = wpa_driver_nl80211_remove_pmkid, | |
2858 | .flush_pmkid = wpa_driver_nl80211_flush_pmkid, | |
2859 | .get_capa = wpa_driver_nl80211_get_capa, | |
2860 | .set_operstate = wpa_driver_nl80211_set_operstate, | |
1c873584 JM |
2861 | #ifdef CONFIG_CLIENT_MLME |
2862 | .get_hw_feature_data = wpa_driver_nl80211_get_hw_feature_data, | |
2863 | .set_channel = wpa_driver_nl80211_set_channel, | |
2864 | .set_ssid = wpa_driver_nl80211_set_ssid, | |
2865 | .set_bssid = wpa_driver_nl80211_set_bssid, | |
2866 | .send_mlme = wpa_driver_nl80211_send_mlme, | |
3c83f19c JM |
2867 | .mlme_add_sta = wpa_driver_nl80211_mlme_add_sta, |
2868 | .mlme_remove_sta = wpa_driver_nl80211_mlme_remove_sta, | |
1c873584 | 2869 | #endif /* CONFIG_CLIENT_MLME */ |
3f5285e8 | 2870 | }; |