2 * hostapd / Kernel driver communication via nl80211
3 * Copyright (c) 2002-2007, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2003-2004, Instant802 Networks, Inc.
5 * Copyright (c) 2005-2006, Devicescape Software, Inc.
6 * Copyright (c) 2007, Johannes Berg <johannes@sipsolutions.net>
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License version 2 as
10 * published by the Free Software Foundation.
12 * Alternatively, this software may be distributed under the terms of BSD
15 * See README and COPYING for more details.
20 #include <sys/ioctl.h>
21 #include <netlink/genl/genl.h>
22 #include <netlink/genl/family.h>
23 #include <netlink/genl/ctrl.h>
24 #include <netlink/msg.h>
25 #include <netlink/attr.h>
26 #include <linux/nl80211.h>
28 #include <linux/if_packet.h>
29 #include <linux/if_ether.h> /* The L2 protocols */
30 #include <linux/wireless.h>
31 #include <net/if_arp.h>
35 #include "ieee802_1x.h"
37 #include "ieee802_11.h"
39 #include "hw_features.h"
42 #include "radiotap_iter.h"
44 enum ieee80211_msg_type
{
45 ieee80211_msg_normal
= 0,
46 ieee80211_msg_tx_callback_ack
= 1,
47 ieee80211_msg_tx_callback_fail
= 2,
50 struct i802_driver_data
{
51 struct hostapd_data
*hapd
;
53 char iface
[IFNAMSIZ
+ 1];
54 int ioctl_sock
; /* socket for ioctl() use */
55 int wext_sock
; /* socket for wireless events */
56 int eapol_sock
; /* socket for EAPOL frames */
57 int monitor_sock
; /* socket for monitor */
60 int default_if_indices
[16];
65 struct nl_handle
*nl_handle
;
66 struct nl_cache
*nl_cache
;
67 struct genl_family
*nl80211
;
69 unsigned int beacon_set
:1;
70 unsigned int ieee802_1x_active
:1;
74 static void add_ifidx(struct i802_driver_data
*drv
, int ifidx
)
79 for (i
= 0; i
< drv
->num_if_indices
; i
++) {
80 if (drv
->if_indices
[i
] == 0) {
81 drv
->if_indices
[i
] = ifidx
;
86 if (drv
->if_indices
!= drv
->default_if_indices
)
87 old
= drv
->if_indices
;
91 drv
->if_indices
= realloc(old
,
92 sizeof(int) * (drv
->num_if_indices
+ 1));
93 if (!drv
->if_indices
) {
95 drv
->if_indices
= drv
->default_if_indices
;
97 drv
->if_indices
= old
;
98 wpa_printf(MSG_ERROR
, "Failed to reallocate memory for "
100 wpa_printf(MSG_ERROR
, "Ignoring EAPOL on interface %d", ifidx
);
103 drv
->if_indices
[drv
->num_if_indices
] = ifidx
;
104 drv
->num_if_indices
++;
108 static void del_ifidx(struct i802_driver_data
*drv
, int ifidx
)
112 for (i
= 0; i
< drv
->num_if_indices
; i
++) {
113 if (drv
->if_indices
[i
] == ifidx
) {
114 drv
->if_indices
[i
] = 0;
121 static int have_ifidx(struct i802_driver_data
*drv
, int ifidx
)
125 for (i
= 0; i
< drv
->num_if_indices
; i
++)
126 if (drv
->if_indices
[i
] == ifidx
)
133 /* helper for netlink get routines */
134 static int ack_wait_handler(struct nl_msg
*msg
, void *arg
)
143 static int hostapd_set_iface_flags(struct i802_driver_data
*drv
,
144 const char *ifname
, int dev_up
)
148 if (drv
->ioctl_sock
< 0)
151 memset(&ifr
, 0, sizeof(ifr
));
152 os_strlcpy(ifr
.ifr_name
, ifname
, IFNAMSIZ
);
154 if (ioctl(drv
->ioctl_sock
, SIOCGIFFLAGS
, &ifr
) != 0) {
155 perror("ioctl[SIOCGIFFLAGS]");
156 wpa_printf(MSG_DEBUG
, "Could not read interface flags (%s)",
162 ifr
.ifr_flags
|= IFF_UP
;
164 ifr
.ifr_flags
&= ~IFF_UP
;
166 if (ioctl(drv
->ioctl_sock
, SIOCSIFFLAGS
, &ifr
) != 0) {
167 perror("ioctl[SIOCSIFFLAGS]");
175 static int i802_set_encryption(const char *iface
, void *priv
, const char *alg
,
176 const u8
*addr
, int idx
, const u8
*key
,
177 size_t key_len
, int txkey
)
179 struct i802_driver_data
*drv
= priv
;
188 if (strcmp(alg
, "none") == 0) {
189 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
190 0, NL80211_CMD_DEL_KEY
, 0);
192 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
193 0, NL80211_CMD_NEW_KEY
, 0);
194 NLA_PUT(msg
, NL80211_ATTR_KEY_DATA
, key_len
, key
);
195 if (strcmp(alg
, "WEP") == 0) {
197 NLA_PUT_U32(msg
, NL80211_ATTR_KEY_CIPHER
,
200 NLA_PUT_U32(msg
, NL80211_ATTR_KEY_CIPHER
,
202 } else if (strcmp(alg
, "TKIP") == 0)
203 NLA_PUT_U32(msg
, NL80211_ATTR_KEY_CIPHER
, 0x000FAC02);
204 else if (strcmp(alg
, "CCMP") == 0)
205 NLA_PUT_U32(msg
, NL80211_ATTR_KEY_CIPHER
, 0x000FAC04);
211 NLA_PUT(msg
, NL80211_ATTR_MAC
, ETH_ALEN
, addr
);
212 NLA_PUT_U8(msg
, NL80211_ATTR_KEY_IDX
, idx
);
213 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, if_nametoindex(iface
));
215 if (nl_send_auto_complete(drv
->nl_handle
, msg
) < 0 ||
216 (err
= nl_wait_for_ack(drv
->nl_handle
)) < 0) {
217 if (err
!= -ENOENT
) {
224 * If we need to set the default TX key we do that below,
225 * otherwise we're done here.
227 if (!txkey
|| addr
) {
238 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
239 0, NL80211_CMD_SET_KEY
, 0);
240 NLA_PUT_U8(msg
, NL80211_ATTR_KEY_IDX
, idx
);
241 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, if_nametoindex(iface
));
242 NLA_PUT_FLAG(msg
, NL80211_ATTR_KEY_DEFAULT
);
244 if (nl_send_auto_complete(drv
->nl_handle
, msg
) < 0 ||
245 (err
= nl_wait_for_ack(drv
->nl_handle
)) < 0) {
246 if (err
!= -ENOENT
) {
261 static inline int min_int(int a
, int b
)
269 static int get_key_handler(struct nl_msg
*msg
, void *arg
)
271 struct nlattr
*tb
[NL80211_ATTR_MAX
];
272 struct genlmsghdr
*gnlh
= nlmsg_data(nlmsg_hdr(msg
));
274 nla_parse(tb
, NL80211_ATTR_MAX
, genlmsg_attrdata(gnlh
, 0),
275 genlmsg_attrlen(gnlh
, 0), NULL
);
278 * TODO: validate the key index and mac address!
279 * Otherwise, there's a race condition as soon as
280 * the kernel starts sending key notifications.
283 if (tb
[NL80211_ATTR_KEY_SEQ
])
284 memcpy(arg
, nla_data(tb
[NL80211_ATTR_KEY_SEQ
]),
285 min_int(nla_len(tb
[NL80211_ATTR_KEY_SEQ
]), 6));
290 static int i802_get_seqnum(const char *iface
, void *priv
, const u8
*addr
,
293 struct i802_driver_data
*drv
= priv
;
295 struct nl_cb
*cb
= NULL
;
304 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
305 0, NL80211_CMD_GET_KEY
, 0);
308 NLA_PUT(msg
, NL80211_ATTR_MAC
, ETH_ALEN
, addr
);
309 NLA_PUT_U8(msg
, NL80211_ATTR_KEY_IDX
, idx
);
310 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, if_nametoindex(iface
));
312 cb
= nl_cb_alloc(NL_CB_CUSTOM
);
318 if (nl_send_auto_complete(drv
->nl_handle
, msg
) < 0)
321 nl_cb_set(cb
, NL_CB_VALID
, NL_CB_CUSTOM
, get_key_handler
, seq
);
322 nl_cb_set(cb
, NL_CB_ACK
, NL_CB_CUSTOM
, ack_wait_handler
, &finished
);
324 err
= nl_recvmsgs(drv
->nl_handle
, cb
);
327 err
= nl_wait_for_ack(drv
->nl_handle
);
342 static int i802_set_rate_sets(void *priv
, int *supp_rates
, int *basic_rates
,
349 static int i802_set_ssid(const char *ifname
, void *priv
, const u8
*buf
,
352 struct i802_driver_data
*drv
= priv
;
355 memset(&iwr
, 0, sizeof(iwr
));
356 os_strlcpy(iwr
.ifr_name
, ifname
, IFNAMSIZ
);
357 iwr
.u
.essid
.flags
= 1; /* SSID active */
358 iwr
.u
.essid
.pointer
= (caddr_t
) buf
;
359 iwr
.u
.essid
.length
= len
;
361 if (ioctl(drv
->ioctl_sock
, SIOCSIWESSID
, &iwr
) < 0) {
362 perror("ioctl[SIOCSIWESSID]");
363 printf("len=%d\n", len
);
371 static int i802_send_mgmt_frame(void *priv
, const void *data
, size_t len
,
374 struct ieee80211_hdr
*hdr
= (void*) data
;
376 0x00, 0x00, /* radiotap version */
377 0x0e, 0x00, /* radiotap length */
378 0x02, 0xc0, 0x00, 0x00, /* bmap: flags, tx and rx flags */
379 0x0c, /* F_WEP | F_FRAG (encrypt/fragment if required) */
381 0x00, 0x00, /* RX and TX flags to indicate that */
382 0x00, 0x00, /* this is the injected frame directly */
384 struct i802_driver_data
*drv
= priv
;
385 struct iovec iov
[2] = {
387 .iov_base
= &rtap_hdr
,
388 .iov_len
= sizeof(rtap_hdr
),
391 .iov_base
= (void*)data
,
395 struct msghdr msg
= {
406 * ugh, guess what, the generic code sets one of the version
407 * bits to request tx callback
409 hdr
->frame_control
&= ~host_to_le16(BIT(1));
410 return sendmsg(drv
->monitor_sock
, &msg
, flags
);
414 /* Set kernel driver on given frequency (MHz) */
415 static int i802_set_freq(void *priv
, int mode
, int freq
)
417 struct i802_driver_data
*drv
= priv
;
420 memset(&iwr
, 0, sizeof(iwr
));
421 os_strlcpy(iwr
.ifr_name
, drv
->hapd
->conf
->iface
, IFNAMSIZ
);
425 if (ioctl(drv
->ioctl_sock
, SIOCSIWFREQ
, &iwr
) < 0) {
426 perror("ioctl[SIOCSIWFREQ]");
434 static int i802_set_rts(void *priv
, int rts
)
436 struct i802_driver_data
*drv
= priv
;
439 memset(&iwr
, 0, sizeof(iwr
));
440 os_strlcpy(iwr
.ifr_name
, drv
->hapd
->conf
->iface
, IFNAMSIZ
);
441 iwr
.u
.rts
.value
= rts
;
444 if (ioctl(drv
->ioctl_sock
, SIOCSIWRTS
, &iwr
) < 0) {
445 perror("ioctl[SIOCSIWRTS]");
453 static int i802_get_rts(void *priv
, int *rts
)
455 struct i802_driver_data
*drv
= priv
;
458 memset(&iwr
, 0, sizeof(iwr
));
459 os_strlcpy(iwr
.ifr_name
, drv
->hapd
->conf
->iface
, IFNAMSIZ
);
461 if (ioctl(drv
->ioctl_sock
, SIOCGIWRTS
, &iwr
) < 0) {
462 perror("ioctl[SIOCGIWRTS]");
466 *rts
= iwr
.u
.rts
.value
;
472 static int i802_set_frag(void *priv
, int frag
)
474 struct i802_driver_data
*drv
= priv
;
477 memset(&iwr
, 0, sizeof(iwr
));
478 os_strlcpy(iwr
.ifr_name
, drv
->hapd
->conf
->iface
, IFNAMSIZ
);
479 iwr
.u
.frag
.value
= frag
;
480 iwr
.u
.frag
.fixed
= 1;
482 if (ioctl(drv
->ioctl_sock
, SIOCSIWFRAG
, &iwr
) < 0) {
483 perror("ioctl[SIOCSIWFRAG]");
491 static int i802_get_frag(void *priv
, int *frag
)
493 struct i802_driver_data
*drv
= priv
;
496 memset(&iwr
, 0, sizeof(iwr
));
497 os_strlcpy(iwr
.ifr_name
, drv
->hapd
->conf
->iface
, IFNAMSIZ
);
499 if (ioctl(drv
->ioctl_sock
, SIOCGIWFRAG
, &iwr
) < 0) {
500 perror("ioctl[SIOCGIWFRAG]");
504 *frag
= iwr
.u
.frag
.value
;
510 static int i802_set_retry(void *priv
, int short_retry
, int long_retry
)
512 struct i802_driver_data
*drv
= priv
;
515 memset(&iwr
, 0, sizeof(iwr
));
516 os_strlcpy(iwr
.ifr_name
, drv
->hapd
->conf
->iface
, IFNAMSIZ
);
518 iwr
.u
.retry
.value
= short_retry
;
519 iwr
.u
.retry
.flags
= IW_RETRY_LIMIT
| IW_RETRY_MIN
;
520 if (ioctl(drv
->ioctl_sock
, SIOCSIWFRAG
, &iwr
) < 0) {
521 perror("ioctl[SIOCSIWRETRY(short)]");
525 iwr
.u
.retry
.value
= long_retry
;
526 iwr
.u
.retry
.flags
= IW_RETRY_LIMIT
| IW_RETRY_MAX
;
527 if (ioctl(drv
->ioctl_sock
, SIOCSIWFRAG
, &iwr
) < 0) {
528 perror("ioctl[SIOCSIWRETRY(long)]");
536 static int i802_get_retry(void *priv
, int *short_retry
, int *long_retry
)
538 struct i802_driver_data
*drv
= priv
;
541 memset(&iwr
, 0, sizeof(iwr
));
542 os_strlcpy(iwr
.ifr_name
, drv
->hapd
->conf
->iface
, IFNAMSIZ
);
544 iwr
.u
.retry
.flags
= IW_RETRY_LIMIT
| IW_RETRY_MIN
;
545 if (ioctl(drv
->ioctl_sock
, SIOCGIWRETRY
, &iwr
) < 0) {
546 perror("ioctl[SIOCGIWFRAG(short)]");
549 *short_retry
= iwr
.u
.retry
.value
;
551 iwr
.u
.retry
.flags
= IW_RETRY_LIMIT
| IW_RETRY_MAX
;
552 if (ioctl(drv
->ioctl_sock
, SIOCGIWRETRY
, &iwr
) < 0) {
553 perror("ioctl[SIOCGIWFRAG(long)]");
556 *long_retry
= iwr
.u
.retry
.value
;
562 static int i802_flush(void *priv
)
564 struct i802_driver_data
*drv
= priv
;
572 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
573 0, NL80211_CMD_NEW_STATION
, 0);
576 * XXX: FIX! this needs to flush all VLANs too
578 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
,
579 if_nametoindex(drv
->iface
));
583 if (nl_send_auto_complete(drv
->nl_handle
, msg
) < 0 ||
584 nl_wait_for_ack(drv
->nl_handle
) < 0) {
596 static int get_sta_handler(struct nl_msg
*msg
, void *arg
)
598 struct nlattr
*tb
[NL80211_ATTR_MAX
+ 1];
599 struct genlmsghdr
*gnlh
= nlmsg_data(nlmsg_hdr(msg
));
600 struct hostap_sta_driver_data
*data
= arg
;
601 struct nlattr
*stats
[NL80211_STA_STAT_MAX
+ 1];
602 static struct nla_policy stats_policy
[NL80211_STA_STAT_MAX
+ 1] = {
603 [NL80211_STA_STAT_INACTIVE_TIME
] = { .type
= NLA_U32
},
604 [NL80211_STA_STAT_RX_BYTES
] = { .type
= NLA_U32
},
605 [NL80211_STA_STAT_TX_BYTES
] = { .type
= NLA_U32
},
608 nla_parse(tb
, NL80211_ATTR_MAX
, genlmsg_attrdata(gnlh
, 0),
609 genlmsg_attrlen(gnlh
, 0), NULL
);
612 * TODO: validate the interface and mac address!
613 * Otherwise, there's a race condition as soon as
614 * the kernel starts sending station notifications.
617 if (!tb
[NL80211_ATTR_STA_STATS
]) {
618 wpa_printf(MSG_DEBUG
, "sta stats missing!");
621 if (nla_parse_nested(stats
, NL80211_STA_STAT_MAX
,
622 tb
[NL80211_ATTR_STA_STATS
],
624 wpa_printf(MSG_DEBUG
, "failed to parse nested attributes!");
628 if (stats
[NL80211_STA_STAT_INACTIVE_TIME
])
629 data
->inactive_msec
=
630 nla_get_u32(stats
[NL80211_STA_STAT_INACTIVE_TIME
]);
631 if (stats
[NL80211_STA_STAT_RX_BYTES
])
632 data
->rx_bytes
= nla_get_u32(stats
[NL80211_STA_STAT_RX_BYTES
]);
633 if (stats
[NL80211_STA_STAT_TX_BYTES
])
634 data
->rx_bytes
= nla_get_u32(stats
[NL80211_STA_STAT_TX_BYTES
]);
639 static int i802_read_sta_data(void *priv
, struct hostap_sta_driver_data
*data
,
642 struct i802_driver_data
*drv
= priv
;
644 struct nl_cb
*cb
= NULL
;
653 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
654 0, NL80211_CMD_GET_STATION
, 0);
656 NLA_PUT(msg
, NL80211_ATTR_MAC
, ETH_ALEN
, addr
);
657 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, if_nametoindex(drv
->iface
));
659 cb
= nl_cb_alloc(NL_CB_CUSTOM
);
663 if (nl_send_auto_complete(drv
->nl_handle
, msg
) < 0)
666 nl_cb_set(cb
, NL_CB_VALID
, NL_CB_CUSTOM
, get_sta_handler
, data
);
667 nl_cb_set(cb
, NL_CB_ACK
, NL_CB_CUSTOM
, ack_wait_handler
, &finished
);
669 err
= nl_recvmsgs(drv
->nl_handle
, cb
);
672 err
= nl_wait_for_ack(drv
->nl_handle
);
688 static int i802_send_eapol(void *priv
, const u8
*addr
, const u8
*data
,
689 size_t data_len
, int encrypt
, const u8
*own_addr
)
691 struct i802_driver_data
*drv
= priv
;
692 struct ieee80211_hdr
*hdr
;
697 int qos
= sta
->flags
& WLAN_STA_WME
;
702 len
= sizeof(*hdr
) + (qos
? 2 : 0) + sizeof(rfc1042_header
) + 2 +
704 hdr
= os_zalloc(len
);
706 printf("malloc() failed for i802_send_data(len=%lu)\n",
707 (unsigned long) len
);
712 IEEE80211_FC(WLAN_FC_TYPE_DATA
, WLAN_FC_STYPE_DATA
);
713 hdr
->frame_control
|= host_to_le16(WLAN_FC_FROMDS
);
715 hdr
->frame_control
|= host_to_le16(WLAN_FC_ISWEP
);
716 #if 0 /* To be enabled if qos determination is added above */
718 hdr
->frame_control
|=
719 host_to_le16(WLAN_FC_STYPE_QOS_DATA
<< 4);
723 memcpy(hdr
->IEEE80211_DA_FROMDS
, addr
, ETH_ALEN
);
724 memcpy(hdr
->IEEE80211_BSSID_FROMDS
, own_addr
, ETH_ALEN
);
725 memcpy(hdr
->IEEE80211_SA_FROMDS
, own_addr
, ETH_ALEN
);
726 pos
= (u8
*) (hdr
+ 1);
728 #if 0 /* To be enabled if qos determination is added above */
730 /* add an empty QoS header if needed */
737 memcpy(pos
, rfc1042_header
, sizeof(rfc1042_header
));
738 pos
+= sizeof(rfc1042_header
);
739 WPA_PUT_BE16(pos
, ETH_P_PAE
);
741 memcpy(pos
, data
, data_len
);
743 res
= i802_send_mgmt_frame(drv
, (u8
*) hdr
, len
, 0);
747 perror("i802_send_eapol: send");
748 printf("i802_send_eapol - packet len: %lu - failed\n",
749 (unsigned long) len
);
756 static int i802_sta_add(const char *ifname
, void *priv
, const u8
*addr
,
757 u16 aid
, u16 capability
, u8
*supp_rates
,
758 size_t supp_rates_len
, int flags
)
760 struct i802_driver_data
*drv
= priv
;
768 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
769 0, NL80211_CMD_NEW_STATION
, 0);
771 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
,
772 if_nametoindex(drv
->iface
));
773 NLA_PUT(msg
, NL80211_ATTR_MAC
, ETH_ALEN
, addr
);
774 NLA_PUT_U16(msg
, NL80211_ATTR_STA_AID
, aid
);
775 NLA_PUT(msg
, NL80211_ATTR_STA_SUPPORTED_RATES
, supp_rates_len
,
777 NLA_PUT_U16(msg
, NL80211_ATTR_STA_LISTEN_INTERVAL
, 0);
779 ret
= nl_send_auto_complete(drv
->nl_handle
, msg
);
781 goto nla_put_failure
;
783 ret
= nl_wait_for_ack(drv
->nl_handle
);
784 /* ignore EEXIST, this happens if a STA associates while associated */
785 if (ret
== -EEXIST
|| ret
>= 0)
796 static int i802_sta_remove(void *priv
, const u8
*addr
)
798 struct i802_driver_data
*drv
= priv
;
806 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
807 0, NL80211_CMD_DEL_STATION
, 0);
809 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
,
810 if_nametoindex(drv
->iface
));
811 NLA_PUT(msg
, NL80211_ATTR_MAC
, ETH_ALEN
, addr
);
815 if (nl_send_auto_complete(drv
->nl_handle
, msg
) < 0 ||
816 nl_wait_for_ack(drv
->nl_handle
) < 0) {
828 static int i802_sta_set_flags(void *priv
, const u8
*addr
,
829 int total_flags
, int flags_or
, int flags_and
)
831 struct i802_driver_data
*drv
= priv
;
832 struct nl_msg
*msg
, *flags
= NULL
;
839 flags
= nlmsg_alloc();
843 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
844 0, NL80211_CMD_SET_STATION
, 0);
846 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
,
847 if_nametoindex(drv
->iface
));
848 NLA_PUT(msg
, NL80211_ATTR_MAC
, ETH_ALEN
, addr
);
850 if (total_flags
& WLAN_STA_AUTHORIZED
|| !drv
->ieee802_1x_active
)
851 NLA_PUT_FLAG(flags
, NL80211_STA_FLAG_AUTHORIZED
);
853 if (total_flags
& WLAN_STA_WME
)
854 NLA_PUT_FLAG(flags
, NL80211_STA_FLAG_WME
);
856 if (total_flags
& WLAN_STA_SHORT_PREAMBLE
)
857 NLA_PUT_FLAG(flags
, NL80211_STA_FLAG_SHORT_PREAMBLE
);
859 if (nla_put_nested(msg
, NL80211_ATTR_STA_FLAGS
, flags
))
860 goto nla_put_failure
;
864 if (nl_send_auto_complete(drv
->nl_handle
, msg
) < 0 ||
865 nl_wait_for_ack(drv
->nl_handle
) < 0) {
880 static int i802_set_channel_flag(void *priv
, int mode
, int chan
, int flag
,
881 unsigned char power_level
,
882 unsigned char antenna_max
)
888 static int i802_set_regulatory_domain(void *priv
, unsigned int rd
)
894 static int i802_set_tx_queue_params(void *priv
, int queue
, int aifs
,
895 int cw_min
, int cw_max
, int burst_time
)
901 static void nl80211_remove_iface(struct i802_driver_data
*drv
, int ifidx
)
905 /* stop listening for EAPOL on this interface */
906 del_ifidx(drv
, ifidx
);
910 goto nla_put_failure
;
912 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
913 0, NL80211_CMD_DEL_INTERFACE
, 0);
914 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, ifidx
);
915 if (nl_send_auto_complete(drv
->nl_handle
, msg
) < 0 ||
916 nl_wait_for_ack(drv
->nl_handle
) < 0)
918 printf("Failed to remove interface.\n");
923 static int nl80211_create_iface(struct i802_driver_data
*drv
,
925 enum nl80211_iftype iftype
,
928 struct nl_msg
*msg
, *flags
= NULL
;
937 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
938 0, NL80211_CMD_NEW_INTERFACE
, 0);
939 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
,
940 if_nametoindex(drv
->hapd
->conf
->iface
));
941 NLA_PUT_STRING(msg
, NL80211_ATTR_IFNAME
, ifname
);
942 NLA_PUT_U32(msg
, NL80211_ATTR_IFTYPE
, iftype
);
944 if (iftype
== NL80211_IFTYPE_MONITOR
) {
947 flags
= nlmsg_alloc();
949 goto nla_put_failure
;
951 NLA_PUT_FLAG(flags
, NL80211_MNTR_FLAG_COOK_FRAMES
);
953 err
= nla_put_nested(msg
, NL80211_ATTR_MNTR_FLAGS
, flags
);
958 goto nla_put_failure
;
961 if (nl_send_auto_complete(drv
->nl_handle
, msg
) < 0 ||
962 nl_wait_for_ack(drv
->nl_handle
) < 0) {
964 printf("Failed to create interface %s.\n", ifname
);
971 ifidx
= if_nametoindex(ifname
);
976 /* start listening for EAPOL on this interface */
977 add_ifidx(drv
, ifidx
);
981 case NL80211_IFTYPE_AP
:
982 os_strlcpy(ifreq
.ifr_name
, ifname
, IFNAMSIZ
);
983 memcpy(ifreq
.ifr_hwaddr
.sa_data
, addr
, ETH_ALEN
);
984 ifreq
.ifr_hwaddr
.sa_family
= ARPHRD_ETHER
;
986 if (ioctl(drv
->ioctl_sock
, SIOCSIFHWADDR
, &ifreq
)) {
987 nl80211_remove_iface(drv
, ifidx
);
991 case NL80211_IFTYPE_WDS
:
992 memset(&iwr
, 0, sizeof(iwr
));
993 os_strlcpy(iwr
.ifr_name
, ifname
, IFNAMSIZ
);
994 iwr
.u
.addr
.sa_family
= ARPHRD_ETHER
;
995 memcpy(iwr
.u
.addr
.sa_data
, addr
, ETH_ALEN
);
996 if (ioctl(drv
->ioctl_sock
, SIOCSIWAP
, &iwr
))
1009 static int i802_bss_add(void *priv
, const char *ifname
, const u8
*bssid
)
1014 * The kernel supports that when the low-level driver does,
1015 * but we currently don't because we need per-BSS data that
1016 * currently we can't handle easily.
1020 ifidx
= nl80211_create_iface(priv
, ifname
, NL80211_IFTYPE_AP
, bssid
);
1023 if (hostapd_set_iface_flags(priv
, ifname
, 1)) {
1024 nl80211_remove_iface(priv
, ifidx
);
1031 static int i802_bss_remove(void *priv
, const char *ifname
)
1033 nl80211_remove_iface(priv
, if_nametoindex(ifname
));
1038 static int i802_set_beacon(const char *iface
, void *priv
,
1039 u8
*head
, size_t head_len
,
1040 u8
*tail
, size_t tail_len
)
1042 struct i802_driver_data
*drv
= priv
;
1044 u8 cmd
= NL80211_CMD_NEW_BEACON
;
1047 msg
= nlmsg_alloc();
1051 if (drv
->beacon_set
)
1052 cmd
= NL80211_CMD_SET_BEACON
;
1054 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
1056 NLA_PUT(msg
, NL80211_ATTR_BEACON_HEAD
, head_len
, head
);
1057 NLA_PUT(msg
, NL80211_ATTR_BEACON_TAIL
, tail_len
, tail
);
1058 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, if_nametoindex(iface
));
1059 NLA_PUT_U32(msg
, NL80211_ATTR_BEACON_INTERVAL
, 1000);
1061 if (!drv
->dtim_period
)
1062 drv
->dtim_period
= 2;
1063 NLA_PUT_U32(msg
, NL80211_ATTR_DTIM_PERIOD
, drv
->dtim_period
);
1065 if (nl_send_auto_complete(drv
->nl_handle
, msg
) < 0 ||
1066 nl_wait_for_ack(drv
->nl_handle
) < 0)
1071 drv
->beacon_set
= 1;
1080 static int i802_del_beacon(struct i802_driver_data
*drv
)
1085 msg
= nlmsg_alloc();
1089 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
1090 0, NL80211_CMD_DEL_BEACON
, 0);
1091 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, if_nametoindex(drv
->iface
));
1093 if (nl_send_auto_complete(drv
->nl_handle
, msg
) < 0 ||
1094 nl_wait_for_ack(drv
->nl_handle
) < 0)
1106 static int i802_set_ieee8021x(const char *ifname
, void *priv
, int enabled
)
1108 struct i802_driver_data
*drv
= priv
;
1111 * FIXME: This needs to be per interface (BSS)
1113 drv
->ieee802_1x_active
= enabled
;
1118 static int i802_set_privacy(const char *ifname
, void *priv
, int enabled
)
1120 struct i802_driver_data
*drv
= priv
;
1123 memset(&iwr
, 0, sizeof(iwr
));
1125 os_strlcpy(iwr
.ifr_name
, ifname
, IFNAMSIZ
);
1126 iwr
.u
.param
.flags
= IW_AUTH_PRIVACY_INVOKED
;
1127 iwr
.u
.param
.value
= enabled
;
1129 ioctl(drv
->ioctl_sock
, SIOCSIWAUTH
, &iwr
);
1131 /* ignore errors, the kernel/driver might not care */
1136 static int i802_set_internal_bridge(void *priv
, int value
)
1142 static int i802_set_beacon_int(void *priv
, int value
)
1144 struct i802_driver_data
*drv
= priv
;
1148 msg
= nlmsg_alloc();
1152 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
1153 0, NL80211_CMD_SET_BEACON
, 0);
1154 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, if_nametoindex(drv
->iface
));
1156 NLA_PUT_U32(msg
, NL80211_ATTR_BEACON_INTERVAL
, value
);
1158 if (nl_send_auto_complete(drv
->nl_handle
, msg
) < 0 ||
1159 nl_wait_for_ack(drv
->nl_handle
) < 0)
1171 static int i802_set_dtim_period(const char *iface
, void *priv
, int value
)
1173 struct i802_driver_data
*drv
= priv
;
1177 msg
= nlmsg_alloc();
1181 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
1182 0, NL80211_CMD_SET_BEACON
, 0);
1183 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, if_nametoindex(iface
));
1185 drv
->dtim_period
= value
;
1186 NLA_PUT_U32(msg
, NL80211_ATTR_DTIM_PERIOD
, drv
->dtim_period
);
1188 if (nl_send_auto_complete(drv
->nl_handle
, msg
) < 0 ||
1189 nl_wait_for_ack(drv
->nl_handle
) < 0)
1201 static int i802_set_cts_protect(void *priv
, int value
)
1207 static int i802_set_preamble(void *priv
, int value
)
1213 static int i802_set_short_slot_time(void *priv
, int value
)
1219 static enum nl80211_iftype
i802_if_type(enum hostapd_driver_if_type type
)
1222 case HOSTAPD_IF_VLAN
:
1223 return NL80211_IFTYPE_AP_VLAN
;
1224 case HOSTAPD_IF_WDS
:
1225 return NL80211_IFTYPE_WDS
;
1231 static int i802_if_add(const char *iface
, void *priv
,
1232 enum hostapd_driver_if_type type
, char *ifname
,
1235 if (nl80211_create_iface(priv
, ifname
, i802_if_type(type
), addr
) < 0)
1241 static int i802_if_update(void *priv
, enum hostapd_driver_if_type type
,
1242 char *ifname
, const u8
*addr
)
1244 /* unused at the moment */
1249 static int i802_if_remove(void *priv
, enum hostapd_driver_if_type type
,
1250 const char *ifname
, const u8
*addr
)
1252 nl80211_remove_iface(priv
, if_nametoindex(ifname
));
1257 struct phy_info_arg
{
1259 struct hostapd_hw_modes
*modes
;
1263 static int phy_info_handler(struct nl_msg
*msg
, void *arg
)
1265 struct nlattr
*tb_msg
[NL80211_ATTR_MAX
+ 1];
1266 struct genlmsghdr
*gnlh
= nlmsg_data(nlmsg_hdr(msg
));
1267 struct phy_info_arg
*phy_info
= arg
;
1269 struct nlattr
*tb_band
[NL80211_BAND_ATTR_MAX
+ 1];
1271 struct nlattr
*tb_freq
[NL80211_FREQUENCY_ATTR_MAX
+ 1];
1272 static struct nla_policy freq_policy
[NL80211_FREQUENCY_ATTR_MAX
+ 1] = {
1273 [NL80211_FREQUENCY_ATTR_FREQ
] = { .type
= NLA_U32
},
1274 [NL80211_FREQUENCY_ATTR_DISABLED
] = { .type
= NLA_FLAG
},
1275 [NL80211_FREQUENCY_ATTR_PASSIVE_SCAN
] = { .type
= NLA_FLAG
},
1276 [NL80211_FREQUENCY_ATTR_NO_IBSS
] = { .type
= NLA_FLAG
},
1277 [NL80211_FREQUENCY_ATTR_RADAR
] = { .type
= NLA_FLAG
},
1280 struct nlattr
*tb_rate
[NL80211_BITRATE_ATTR_MAX
+ 1];
1281 static struct nla_policy rate_policy
[NL80211_BITRATE_ATTR_MAX
+ 1] = {
1282 [NL80211_BITRATE_ATTR_RATE
] = { .type
= NLA_U32
},
1283 [NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE
] = { .type
= NLA_FLAG
},
1286 struct nlattr
*nl_band
;
1287 struct nlattr
*nl_freq
;
1288 struct nlattr
*nl_rate
;
1289 int rem_band
, rem_freq
, rem_rate
;
1290 struct hostapd_hw_modes
*mode
;
1291 int idx
, mode_is_set
;
1293 nla_parse(tb_msg
, NL80211_ATTR_MAX
, genlmsg_attrdata(gnlh
, 0),
1294 genlmsg_attrlen(gnlh
, 0), NULL
);
1296 if (!tb_msg
[NL80211_ATTR_WIPHY_BANDS
])
1299 nla_for_each_nested(nl_band
, tb_msg
[NL80211_ATTR_WIPHY_BANDS
], rem_band
) {
1300 mode
= realloc(phy_info
->modes
, (*phy_info
->num_modes
+ 1) * sizeof(*mode
));
1303 phy_info
->modes
= mode
;
1307 mode
= &phy_info
->modes
[*(phy_info
->num_modes
)];
1308 memset(mode
, 0, sizeof(*mode
));
1309 *(phy_info
->num_modes
) += 1;
1311 nla_parse(tb_band
, NL80211_BAND_ATTR_MAX
, nla_data(nl_band
),
1312 nla_len(nl_band
), NULL
);
1314 nla_for_each_nested(nl_freq
, tb_band
[NL80211_BAND_ATTR_FREQS
], rem_freq
) {
1315 nla_parse(tb_freq
, NL80211_FREQUENCY_ATTR_MAX
, nla_data(nl_freq
),
1316 nla_len(nl_freq
), freq_policy
);
1317 if (!tb_freq
[NL80211_FREQUENCY_ATTR_FREQ
])
1319 mode
->num_channels
++;
1322 mode
->channels
= calloc(mode
->num_channels
, sizeof(struct hostapd_channel_data
));
1323 if (!mode
->channels
)
1328 nla_for_each_nested(nl_freq
, tb_band
[NL80211_BAND_ATTR_FREQS
], rem_freq
) {
1329 nla_parse(tb_freq
, NL80211_FREQUENCY_ATTR_MAX
, nla_data(nl_freq
),
1330 nla_len(nl_freq
), freq_policy
);
1331 if (!tb_freq
[NL80211_FREQUENCY_ATTR_FREQ
])
1334 mode
->channels
[idx
].freq
= nla_get_u32(tb_freq
[NL80211_FREQUENCY_ATTR_FREQ
]);
1335 mode
->channels
[idx
].flag
|= HOSTAPD_CHAN_W_SCAN
|
1336 HOSTAPD_CHAN_W_ACTIVE_SCAN
|
1337 HOSTAPD_CHAN_W_IBSS
;
1340 /* crude heuristic */
1341 if (mode
->channels
[idx
].freq
< 4000)
1342 mode
->mode
= HOSTAPD_MODE_IEEE80211B
;
1344 mode
->mode
= HOSTAPD_MODE_IEEE80211A
;
1348 /* crude heuristic */
1349 if (mode
->channels
[idx
].freq
< 4000)
1350 if (mode
->channels
[idx
].freq
== 2848)
1351 mode
->channels
[idx
].chan
= 14;
1353 mode
->channels
[idx
].chan
= (mode
->channels
[idx
].freq
- 2407) / 5;
1355 mode
->channels
[idx
].chan
= mode
->channels
[idx
].freq
/5 - 1000;
1357 if (tb_freq
[NL80211_FREQUENCY_ATTR_DISABLED
])
1358 mode
->channels
[idx
].flag
&= ~HOSTAPD_CHAN_W_SCAN
;
1359 if (tb_freq
[NL80211_FREQUENCY_ATTR_PASSIVE_SCAN
])
1360 mode
->channels
[idx
].flag
&= ~HOSTAPD_CHAN_W_ACTIVE_SCAN
;
1361 if (tb_freq
[NL80211_FREQUENCY_ATTR_NO_IBSS
])
1362 mode
->channels
[idx
].flag
&= ~HOSTAPD_CHAN_W_IBSS
;
1366 nla_for_each_nested(nl_rate
, tb_band
[NL80211_BAND_ATTR_RATES
], rem_rate
) {
1367 nla_parse(tb_rate
, NL80211_BITRATE_ATTR_MAX
, nla_data(nl_rate
),
1368 nla_len(nl_rate
), rate_policy
);
1369 if (!tb_rate
[NL80211_BITRATE_ATTR_RATE
])
1374 mode
->rates
= calloc(mode
->num_rates
, sizeof(struct hostapd_rate_data
));
1380 nla_for_each_nested(nl_rate
, tb_band
[NL80211_BAND_ATTR_RATES
], rem_rate
) {
1381 nla_parse(tb_rate
, NL80211_BITRATE_ATTR_MAX
, nla_data(nl_rate
),
1382 nla_len(nl_rate
), rate_policy
);
1383 if (!tb_rate
[NL80211_BITRATE_ATTR_RATE
])
1385 mode
->rates
[idx
].rate
= nla_get_u32(tb_rate
[NL80211_BITRATE_ATTR_RATE
]);
1387 /* crude heuristic */
1388 if (mode
->mode
== HOSTAPD_MODE_IEEE80211B
&&
1389 mode
->rates
[idx
].rate
> 200)
1390 mode
->mode
= HOSTAPD_MODE_IEEE80211G
;
1392 if (tb_rate
[NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE
])
1393 mode
->rates
[idx
].flags
|= HOSTAPD_RATE_PREAMBLE2
;
1399 phy_info
->error
= 0;
1404 static struct hostapd_hw_modes
*i802_get_hw_feature_data(void *priv
,
1408 struct i802_driver_data
*drv
= priv
;
1411 struct nl_cb
*cb
= NULL
;
1413 struct phy_info_arg result
= {
1414 .num_modes
= num_modes
,
1422 msg
= nlmsg_alloc();
1426 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
1427 0, NL80211_CMD_GET_WIPHY
, 0);
1429 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, if_nametoindex(drv
->iface
));
1431 cb
= nl_cb_alloc(NL_CB_CUSTOM
);
1435 if (nl_send_auto_complete(drv
->nl_handle
, msg
) < 0)
1438 nl_cb_set(cb
, NL_CB_VALID
, NL_CB_CUSTOM
, phy_info_handler
, &result
);
1439 nl_cb_set(cb
, NL_CB_ACK
, NL_CB_CUSTOM
, ack_wait_handler
, &finished
);
1441 err
= nl_recvmsgs(drv
->nl_handle
, cb
);
1444 err
= nl_wait_for_ack(drv
->nl_handle
);
1446 if (err
< 0 || result
.error
) {
1447 hostapd_free_hw_features(result
.modes
, *num_modes
);
1448 result
.modes
= NULL
;
1455 fprintf(stderr
, "failed to get information: %d\n", err
);
1457 return result
.modes
;
1461 static int i802_set_sta_vlan(void *priv
, const u8
*addr
,
1462 const char *ifname
, int vlan_id
)
1464 struct i802_driver_data
*drv
= priv
;
1468 msg
= nlmsg_alloc();
1472 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
1473 0, NL80211_CMD_SET_STATION
, 0);
1475 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
,
1476 if_nametoindex(drv
->iface
));
1477 NLA_PUT(msg
, NL80211_ATTR_MAC
, ETH_ALEN
, addr
);
1478 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
,
1479 if_nametoindex(ifname
));
1483 if (nl_send_auto_complete(drv
->nl_handle
, msg
) < 0 ||
1484 (errno
= nl_wait_for_ack(drv
->nl_handle
) < 0)) {
1496 static void handle_unknown_sta(struct hostapd_data
*hapd
, u8
*ta
)
1498 struct sta_info
*sta
;
1500 sta
= ap_get_sta(hapd
, ta
);
1501 if (!sta
|| !(sta
->flags
& WLAN_STA_ASSOC
)) {
1502 printf("Data/PS-poll frame from not associated STA "
1503 MACSTR
"\n", MAC2STR(ta
));
1504 if (sta
&& (sta
->flags
& WLAN_STA_AUTH
))
1505 hostapd_sta_disassoc(
1507 WLAN_REASON_CLASS3_FRAME_FROM_NONASSOC_STA
);
1511 WLAN_REASON_CLASS3_FRAME_FROM_NONASSOC_STA
);
1516 static void handle_tx_callback(struct hostapd_data
*hapd
, u8
*buf
, size_t len
,
1519 struct ieee80211_hdr
*hdr
;
1520 u16 fc
, type
, stype
;
1521 struct sta_info
*sta
;
1523 hdr
= (struct ieee80211_hdr
*) buf
;
1524 fc
= le_to_host16(hdr
->frame_control
);
1526 type
= WLAN_FC_GET_TYPE(fc
);
1527 stype
= WLAN_FC_GET_STYPE(fc
);
1530 case WLAN_FC_TYPE_MGMT
:
1531 wpa_printf(MSG_DEBUG
, "MGMT (TX callback) %s",
1532 ok
? "ACK" : "fail");
1533 ieee802_11_mgmt_cb(hapd
, buf
, len
, stype
, ok
);
1535 case WLAN_FC_TYPE_CTRL
:
1536 wpa_printf(MSG_DEBUG
, "CTRL (TX callback) %s",
1537 ok
? "ACK" : "fail");
1539 case WLAN_FC_TYPE_DATA
:
1540 wpa_printf(MSG_DEBUG
, "DATA (TX callback) %s",
1541 ok
? "ACK" : "fail");
1542 sta
= ap_get_sta(hapd
, hdr
->addr1
);
1543 if (sta
&& sta
->flags
& WLAN_STA_PENDING_POLL
) {
1544 wpa_printf(MSG_DEBUG
, "STA " MACSTR
" %s pending "
1545 "activity poll", MAC2STR(sta
->addr
),
1546 ok
? "ACKed" : "did not ACK");
1548 sta
->flags
&= ~WLAN_STA_PENDING_POLL
;
1551 ieee802_1x_tx_status(hapd
, sta
, buf
, len
, ok
);
1554 printf("unknown TX callback frame type %d\n", type
);
1560 static void handle_frame(struct hostapd_iface
*iface
, u8
*buf
, size_t len
,
1561 struct hostapd_frame_info
*hfi
,
1562 enum ieee80211_msg_type msg_type
)
1564 struct ieee80211_hdr
*hdr
;
1565 u16 fc
, type
, stype
;
1566 size_t data_len
= len
;
1567 struct hostapd_data
*hapd
= NULL
;
1568 int broadcast_bssid
= 0;
1573 * PS-Poll frames are 16 bytes. All other frames are
1574 * 24 bytes or longer.
1579 hdr
= (struct ieee80211_hdr
*) buf
;
1580 fc
= le_to_host16(hdr
->frame_control
);
1582 type
= WLAN_FC_GET_TYPE(fc
);
1583 stype
= WLAN_FC_GET_STYPE(fc
);
1586 case WLAN_FC_TYPE_DATA
:
1589 switch (fc
& (WLAN_FC_FROMDS
| WLAN_FC_TODS
)) {
1598 case WLAN_FC_TYPE_CTRL
:
1599 /* discard non-ps-poll frames */
1600 if (stype
!= WLAN_FC_STYPE_PSPOLL
)
1604 case WLAN_FC_TYPE_MGMT
:
1612 /* find interface frame belongs to */
1613 for (i
= 0; i
< iface
->num_bss
; i
++) {
1614 if (memcmp(bssid
, iface
->bss
[i
]->own_addr
, ETH_ALEN
) == 0) {
1615 hapd
= iface
->bss
[i
];
1621 hapd
= iface
->bss
[0];
1623 if (bssid
[0] != 0xff || bssid
[1] != 0xff ||
1624 bssid
[2] != 0xff || bssid
[3] != 0xff ||
1625 bssid
[4] != 0xff || bssid
[5] != 0xff) {
1627 * Unknown BSSID - drop frame if this is not from
1628 * passive scanning or a beacon (at least ProbeReq
1629 * frames to other APs may be allowed through RX
1630 * filtering in the wlan hw/driver)
1632 if ((type
!= WLAN_FC_TYPE_MGMT
||
1633 stype
!= WLAN_FC_STYPE_BEACON
))
1636 broadcast_bssid
= 1;
1640 case ieee80211_msg_normal
:
1641 /* continue processing */
1643 case ieee80211_msg_tx_callback_ack
:
1644 handle_tx_callback(hapd
, buf
, data_len
, 1);
1646 case ieee80211_msg_tx_callback_fail
:
1647 handle_tx_callback(hapd
, buf
, data_len
, 0);
1652 case WLAN_FC_TYPE_MGMT
:
1653 if (stype
!= WLAN_FC_STYPE_BEACON
&&
1654 stype
!= WLAN_FC_STYPE_PROBE_REQ
)
1655 wpa_printf(MSG_MSGDUMP
, "MGMT");
1656 if (broadcast_bssid
) {
1657 for (i
= 0; i
< iface
->num_bss
; i
++)
1658 ieee802_11_mgmt(iface
->bss
[i
], buf
, data_len
,
1661 ieee802_11_mgmt(hapd
, buf
, data_len
, stype
, hfi
);
1663 case WLAN_FC_TYPE_CTRL
:
1664 /* can only get here with PS-Poll frames */
1665 wpa_printf(MSG_DEBUG
, "CTRL");
1666 handle_unknown_sta(hapd
, hdr
->addr2
);
1668 case WLAN_FC_TYPE_DATA
:
1669 wpa_printf(MSG_DEBUG
, "DATA");
1670 handle_unknown_sta(hapd
, hdr
->addr2
);
1676 static void handle_eapol(int sock
, void *eloop_ctx
, void *sock_ctx
)
1678 struct i802_driver_data
*drv
= eloop_ctx
;
1679 struct hostapd_data
*hapd
= drv
->hapd
;
1680 struct sockaddr_ll lladdr
;
1681 unsigned char buf
[3000];
1683 socklen_t fromlen
= sizeof(lladdr
);
1685 len
= recvfrom(sock
, buf
, sizeof(buf
), 0,
1686 (struct sockaddr
*)&lladdr
, &fromlen
);
1692 if (have_ifidx(drv
, lladdr
.sll_ifindex
))
1693 ieee802_1x_receive(hapd
, lladdr
.sll_addr
, buf
, len
);
1697 static void handle_monitor_read(int sock
, void *eloop_ctx
, void *sock_ctx
)
1699 struct i802_driver_data
*drv
= eloop_ctx
;
1701 unsigned char buf
[3000];
1702 struct hostapd_data
*hapd
= drv
->hapd
;
1703 struct ieee80211_radiotap_iterator iter
;
1705 struct hostapd_frame_info hfi
;
1706 int injected
= 0, failed
= 0, msg_type
, rxflags
= 0;
1708 len
= recv(sock
, buf
, sizeof(buf
), 0);
1714 if (ieee80211_radiotap_iterator_init(&iter
, (void*)buf
, len
)) {
1715 printf("received invalid radiotap frame\n");
1719 memset(&hfi
, 0, sizeof(hfi
));
1722 ret
= ieee80211_radiotap_iterator_next(&iter
);
1726 printf("received invalid radiotap frame (%d)\n", ret
);
1729 switch (iter
.this_arg_index
) {
1730 case IEEE80211_RADIOTAP_FLAGS
:
1731 if (*iter
.this_arg
& IEEE80211_RADIOTAP_F_FCS
)
1734 case IEEE80211_RADIOTAP_RX_FLAGS
:
1737 case IEEE80211_RADIOTAP_TX_FLAGS
:
1739 failed
= le_to_host16((*(uint16_t *) iter
.this_arg
)) &
1740 IEEE80211_RADIOTAP_F_TX_FAIL
;
1742 case IEEE80211_RADIOTAP_DATA_RETRIES
:
1744 case IEEE80211_RADIOTAP_CHANNEL
:
1745 /* TODO convert from freq/flags to channel number
1750 case IEEE80211_RADIOTAP_RATE
:
1751 hfi
.datarate
= *iter
.this_arg
* 5;
1753 case IEEE80211_RADIOTAP_DB_ANTSIGNAL
:
1754 hfi
.ssi_signal
= *iter
.this_arg
;
1759 if (rxflags
&& injected
)
1763 msg_type
= ieee80211_msg_normal
;
1765 msg_type
= ieee80211_msg_tx_callback_fail
;
1767 msg_type
= ieee80211_msg_tx_callback_ack
;
1769 handle_frame(hapd
->iface
, buf
+ iter
.max_length
,
1770 len
- iter
.max_length
, &hfi
, msg_type
);
1774 static int nl80211_create_monitor_interface(struct i802_driver_data
*drv
)
1777 struct sockaddr_ll ll
;
1781 snprintf(buf
, IFNAMSIZ
, "mon.%s", drv
->iface
);
1782 buf
[IFNAMSIZ
- 1] = '\0';
1784 drv
->monitor_ifidx
=
1785 nl80211_create_iface(drv
, buf
, NL80211_IFTYPE_MONITOR
, NULL
);
1787 if (drv
->monitor_ifidx
< 0)
1790 if (hostapd_set_iface_flags(drv
, buf
, 1))
1793 memset(&ll
, 0, sizeof(ll
));
1794 ll
.sll_family
= AF_PACKET
;
1795 ll
.sll_ifindex
= drv
->monitor_ifidx
;
1796 drv
->monitor_sock
= socket(PF_PACKET
, SOCK_RAW
, htons(ETH_P_ALL
));
1797 if (drv
->monitor_sock
< 0) {
1798 perror("socket[PF_PACKET,SOCK_RAW]");
1802 if (bind(drv
->monitor_sock
, (struct sockaddr
*) &ll
,
1804 perror("monitor socket bind");
1808 optlen
= sizeof(optval
);
1811 (drv
->monitor_sock
, SOL_SOCKET
, SO_PRIORITY
, &optval
, optlen
)) {
1812 perror("Failed to set socket priority");
1816 if (eloop_register_read_sock(drv
->monitor_sock
, handle_monitor_read
,
1818 printf("Could not register monitor read socket\n");
1824 nl80211_remove_iface(drv
, drv
->monitor_ifidx
);
1829 static int nl80211_set_master_mode(struct i802_driver_data
*drv
,
1834 msg
= nlmsg_alloc();
1838 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
1839 0, NL80211_CMD_SET_INTERFACE
, 0);
1840 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
,
1841 if_nametoindex(ifname
));
1842 NLA_PUT_U32(msg
, NL80211_ATTR_IFTYPE
, NL80211_IFTYPE_AP
);
1844 if (nl_send_auto_complete(drv
->nl_handle
, msg
) < 0 ||
1845 nl_wait_for_ack(drv
->nl_handle
) < 0) {
1847 wpa_printf(MSG_ERROR
, "Failed to set interface %s to master "
1859 static int i802_init_sockets(struct i802_driver_data
*drv
, const u8
*bssid
)
1862 struct sockaddr_ll addr
;
1864 drv
->ioctl_sock
= -1;
1866 drv
->ioctl_sock
= socket(PF_INET
, SOCK_DGRAM
, 0);
1867 if (drv
->ioctl_sock
< 0) {
1868 perror("socket[PF_INET,SOCK_DGRAM]");
1872 /* start listening for EAPOL on the default AP interface */
1873 add_ifidx(drv
, if_nametoindex(drv
->iface
));
1875 if (hostapd_set_iface_flags(drv
, drv
->iface
, 0))
1879 os_strlcpy(ifr
.ifr_name
, drv
->iface
, IFNAMSIZ
);
1880 memcpy(ifr
.ifr_hwaddr
.sa_data
, bssid
, ETH_ALEN
);
1881 ifr
.ifr_hwaddr
.sa_family
= ARPHRD_ETHER
;
1883 if (ioctl(drv
->ioctl_sock
, SIOCSIFHWADDR
, &ifr
)) {
1884 perror("ioctl(SIOCSIFHWADDR)");
1890 * initialise generic netlink and nl80211
1892 drv
->nl_handle
= nl_handle_alloc();
1893 if (!drv
->nl_handle
) {
1894 printf("Failed to allocate netlink handle.\n");
1898 if (genl_connect(drv
->nl_handle
)) {
1899 printf("Failed to connect to generic netlink.\n");
1903 drv
->nl_cache
= genl_ctrl_alloc_cache(drv
->nl_handle
);
1904 if (!drv
->nl_cache
) {
1905 printf("Failed to allocate generic netlink cache.\n");
1909 drv
->nl80211
= genl_ctrl_search_by_name(drv
->nl_cache
, "nl80211");
1910 if (!drv
->nl80211
) {
1911 printf("nl80211 not found.\n");
1915 /* Initialise a monitor interface */
1916 if (nl80211_create_monitor_interface(drv
))
1919 if (nl80211_set_master_mode(drv
, drv
->iface
))
1922 if (hostapd_set_iface_flags(drv
, drv
->iface
, 1))
1925 memset(&addr
, 0, sizeof(addr
));
1926 addr
.sll_family
= AF_PACKET
;
1927 addr
.sll_ifindex
= ifr
.ifr_ifindex
;
1928 wpa_printf(MSG_DEBUG
, "Opening raw packet socket for ifindex %d",
1931 drv
->eapol_sock
= socket(PF_PACKET
, SOCK_DGRAM
, htons(ETH_P_PAE
));
1932 if (drv
->eapol_sock
< 0) {
1933 perror("socket(PF_PACKET, SOCK_DGRAM, ETH_P_PAE)");
1937 if (eloop_register_read_sock(drv
->eapol_sock
, handle_eapol
, drv
, NULL
))
1939 printf("Could not register read socket for eapol\n");
1943 memset(&ifr
, 0, sizeof(ifr
));
1944 os_strlcpy(ifr
.ifr_name
, drv
->iface
, sizeof(ifr
.ifr_name
));
1945 if (ioctl(drv
->ioctl_sock
, SIOCGIFHWADDR
, &ifr
) != 0) {
1946 perror("ioctl(SIOCGIFHWADDR)");
1950 if (ifr
.ifr_hwaddr
.sa_family
!= ARPHRD_ETHER
) {
1951 printf("Invalid HW-addr family 0x%04x\n",
1952 ifr
.ifr_hwaddr
.sa_family
);
1955 memcpy(drv
->hapd
->own_addr
, ifr
.ifr_hwaddr
.sa_data
, ETH_ALEN
);
1961 static int i802_get_inact_sec(void *priv
, const u8
*addr
)
1963 struct hostap_sta_driver_data data
;
1966 data
.inactive_msec
= (unsigned long) -1;
1967 ret
= i802_read_sta_data(priv
, &data
, addr
);
1968 if (ret
|| data
.inactive_msec
== (unsigned long) -1)
1970 return data
.inactive_msec
/ 1000;
1974 static int i802_sta_clear_stats(void *priv
, const u8
*addr
)
1984 hostapd_wireless_event_wireless_custom(struct i802_driver_data
*drv
,
1987 wpa_printf(MSG_DEBUG
, "Custom wireless event: '%s'", custom
);
1989 if (strncmp(custom
, "MLME-MICHAELMICFAILURE.indication", 33) == 0) {
1992 pos
= strstr(custom
, "addr=");
1994 wpa_printf(MSG_DEBUG
,
1995 "MLME-MICHAELMICFAILURE.indication "
1996 "without sender address ignored");
2000 if (hwaddr_aton(pos
, addr
) == 0) {
2001 ieee80211_michael_mic_failure(drv
->hapd
, addr
, 1);
2003 wpa_printf(MSG_DEBUG
,
2004 "MLME-MICHAELMICFAILURE.indication "
2005 "with invalid MAC address");
2011 static void hostapd_wireless_event_wireless(struct i802_driver_data
*drv
,
2012 char *data
, int len
)
2014 struct iw_event iwe_buf
, *iwe
= &iwe_buf
;
2015 char *pos
, *end
, *custom
, *buf
;
2020 while (pos
+ IW_EV_LCP_LEN
<= end
) {
2021 /* Event data may be unaligned, so make a local, aligned copy
2022 * before processing. */
2023 memcpy(&iwe_buf
, pos
, IW_EV_LCP_LEN
);
2024 wpa_printf(MSG_DEBUG
, "Wireless event: cmd=0x%x len=%d",
2025 iwe
->cmd
, iwe
->len
);
2026 if (iwe
->len
<= IW_EV_LCP_LEN
)
2029 custom
= pos
+ IW_EV_POINT_LEN
;
2030 if (drv
->we_version
> 18 &&
2031 (iwe
->cmd
== IWEVMICHAELMICFAILURE
||
2032 iwe
->cmd
== IWEVCUSTOM
)) {
2033 /* WE-19 removed the pointer from struct iw_point */
2034 char *dpos
= (char *) &iwe_buf
.u
.data
.length
;
2035 int dlen
= dpos
- (char *) &iwe_buf
;
2036 memcpy(dpos
, pos
+ IW_EV_LCP_LEN
,
2037 sizeof(struct iw_event
) - dlen
);
2039 memcpy(&iwe_buf
, pos
, sizeof(struct iw_event
));
2040 custom
+= IW_EV_POINT_OFF
;
2045 if (custom
+ iwe
->u
.data
.length
> end
)
2047 buf
= malloc(iwe
->u
.data
.length
+ 1);
2050 memcpy(buf
, custom
, iwe
->u
.data
.length
);
2051 buf
[iwe
->u
.data
.length
] = '\0';
2052 hostapd_wireless_event_wireless_custom(drv
, buf
);
2062 static void hostapd_wireless_event_rtm_newlink(struct i802_driver_data
*drv
,
2063 struct nlmsghdr
*h
, int len
)
2065 struct ifinfomsg
*ifi
;
2066 int attrlen
, nlmsg_len
, rta_len
;
2067 struct rtattr
*attr
;
2069 if (len
< (int) sizeof(*ifi
))
2072 ifi
= NLMSG_DATA(h
);
2074 /* TODO: use ifi->ifi_index to filter out wireless events from other
2077 nlmsg_len
= NLMSG_ALIGN(sizeof(struct ifinfomsg
));
2079 attrlen
= h
->nlmsg_len
- nlmsg_len
;
2083 attr
= (struct rtattr
*) (((char *) ifi
) + nlmsg_len
);
2085 rta_len
= RTA_ALIGN(sizeof(struct rtattr
));
2086 while (RTA_OK(attr
, attrlen
)) {
2087 if (attr
->rta_type
== IFLA_WIRELESS
) {
2088 hostapd_wireless_event_wireless(
2089 drv
, ((char *) attr
) + rta_len
,
2090 attr
->rta_len
- rta_len
);
2092 attr
= RTA_NEXT(attr
, attrlen
);
2097 static void hostapd_wireless_event_receive(int sock
, void *eloop_ctx
,
2102 struct sockaddr_nl from
;
2105 struct i802_driver_data
*drv
= eloop_ctx
;
2107 fromlen
= sizeof(from
);
2108 left
= recvfrom(sock
, buf
, sizeof(buf
), MSG_DONTWAIT
,
2109 (struct sockaddr
*) &from
, &fromlen
);
2111 if (errno
!= EINTR
&& errno
!= EAGAIN
)
2112 perror("recvfrom(netlink)");
2116 h
= (struct nlmsghdr
*) buf
;
2117 while (left
>= (int) sizeof(*h
)) {
2121 plen
= len
- sizeof(*h
);
2122 if (len
> left
|| plen
< 0) {
2123 printf("Malformed netlink message: "
2124 "len=%d left=%d plen=%d\n",
2129 switch (h
->nlmsg_type
) {
2131 hostapd_wireless_event_rtm_newlink(drv
, h
, plen
);
2135 len
= NLMSG_ALIGN(len
);
2137 h
= (struct nlmsghdr
*) ((char *) h
+ len
);
2141 printf("%d extra bytes in the end of netlink message\n", left
);
2146 static int hostap_get_we_version(struct i802_driver_data
*drv
)
2148 struct iw_range
*range
;
2153 drv
->we_version
= 0;
2156 * Use larger buffer than struct iw_range in order to allow the
2157 * structure to grow in the future.
2159 buflen
= sizeof(struct iw_range
) + 500;
2160 range
= os_zalloc(buflen
);
2164 memset(&iwr
, 0, sizeof(iwr
));
2165 os_strlcpy(iwr
.ifr_name
, drv
->iface
, IFNAMSIZ
);
2166 iwr
.u
.data
.pointer
= (caddr_t
) range
;
2167 iwr
.u
.data
.length
= buflen
;
2169 minlen
= ((char *) &range
->enc_capa
) - (char *) range
+
2170 sizeof(range
->enc_capa
);
2172 if (ioctl(drv
->ioctl_sock
, SIOCGIWRANGE
, &iwr
) < 0) {
2173 perror("ioctl[SIOCGIWRANGE]");
2176 } else if (iwr
.u
.data
.length
>= minlen
&&
2177 range
->we_version_compiled
>= 18) {
2178 wpa_printf(MSG_DEBUG
, "SIOCGIWRANGE: WE(compiled)=%d "
2179 "WE(source)=%d enc_capa=0x%x",
2180 range
->we_version_compiled
,
2181 range
->we_version_source
,
2183 drv
->we_version
= range
->we_version_compiled
;
2191 static int i802_wireless_event_init(void *priv
)
2193 struct i802_driver_data
*drv
= priv
;
2195 struct sockaddr_nl local
;
2197 hostap_get_we_version(drv
);
2199 drv
->wext_sock
= -1;
2201 s
= socket(PF_NETLINK
, SOCK_RAW
, NETLINK_ROUTE
);
2203 perror("socket(PF_NETLINK,SOCK_RAW,NETLINK_ROUTE)");
2207 memset(&local
, 0, sizeof(local
));
2208 local
.nl_family
= AF_NETLINK
;
2209 local
.nl_groups
= RTMGRP_LINK
;
2210 if (bind(s
, (struct sockaddr
*) &local
, sizeof(local
)) < 0) {
2211 perror("bind(netlink)");
2216 eloop_register_read_sock(s
, hostapd_wireless_event_receive
, drv
,
2224 static void i802_wireless_event_deinit(void *priv
)
2226 struct i802_driver_data
*drv
= priv
;
2227 if (drv
->wext_sock
< 0)
2229 eloop_unregister_read_sock(drv
->wext_sock
);
2230 close(drv
->wext_sock
);
2234 static int i802_sta_deauth(void *priv
, const u8
*addr
, int reason
)
2236 struct i802_driver_data
*drv
= priv
;
2237 struct ieee80211_mgmt mgmt
;
2239 memset(&mgmt
, 0, sizeof(mgmt
));
2240 mgmt
.frame_control
= IEEE80211_FC(WLAN_FC_TYPE_MGMT
,
2241 WLAN_FC_STYPE_DEAUTH
);
2242 memcpy(mgmt
.da
, addr
, ETH_ALEN
);
2243 memcpy(mgmt
.sa
, drv
->hapd
->own_addr
, ETH_ALEN
);
2244 memcpy(mgmt
.bssid
, drv
->hapd
->own_addr
, ETH_ALEN
);
2245 mgmt
.u
.deauth
.reason_code
= host_to_le16(reason
);
2246 return i802_send_mgmt_frame(drv
, &mgmt
, IEEE80211_HDRLEN
+
2247 sizeof(mgmt
.u
.deauth
), 0);
2251 static int i802_sta_disassoc(void *priv
, const u8
*addr
, int reason
)
2253 struct i802_driver_data
*drv
= priv
;
2254 struct ieee80211_mgmt mgmt
;
2256 memset(&mgmt
, 0, sizeof(mgmt
));
2257 mgmt
.frame_control
= IEEE80211_FC(WLAN_FC_TYPE_MGMT
,
2258 WLAN_FC_STYPE_DISASSOC
);
2259 memcpy(mgmt
.da
, addr
, ETH_ALEN
);
2260 memcpy(mgmt
.sa
, drv
->hapd
->own_addr
, ETH_ALEN
);
2261 memcpy(mgmt
.bssid
, drv
->hapd
->own_addr
, ETH_ALEN
);
2262 mgmt
.u
.disassoc
.reason_code
= host_to_le16(reason
);
2263 return i802_send_mgmt_frame(drv
, &mgmt
, IEEE80211_HDRLEN
+
2264 sizeof(mgmt
.u
.disassoc
), 0);
2268 static void *i802_init_bssid(struct hostapd_data
*hapd
, const u8
*bssid
)
2270 struct i802_driver_data
*drv
;
2272 drv
= os_zalloc(sizeof(struct i802_driver_data
));
2274 printf("Could not allocate memory for i802 driver data\n");
2279 memcpy(drv
->iface
, hapd
->conf
->iface
, sizeof(drv
->iface
));
2281 drv
->num_if_indices
= sizeof(drv
->default_if_indices
) / sizeof(int);
2282 drv
->if_indices
= drv
->default_if_indices
;
2284 if (i802_init_sockets(drv
, bssid
))
2295 static void *i802_init(struct hostapd_data
*hapd
)
2297 return i802_init_bssid(hapd
, NULL
);
2301 static void i802_deinit(void *priv
)
2303 struct i802_driver_data
*drv
= priv
;
2305 i802_del_beacon(drv
);
2307 /* remove monitor interface */
2308 nl80211_remove_iface(drv
, drv
->monitor_ifidx
);
2310 (void) hostapd_set_iface_flags(drv
, drv
->iface
, 0);
2312 if (drv
->monitor_sock
>= 0) {
2313 eloop_unregister_read_sock(drv
->monitor_sock
);
2314 close(drv
->monitor_sock
);
2316 if (drv
->ioctl_sock
>= 0)
2317 close(drv
->ioctl_sock
);
2318 if (drv
->eapol_sock
>= 0) {
2319 eloop_unregister_read_sock(drv
->eapol_sock
);
2320 close(drv
->eapol_sock
);
2323 genl_family_put(drv
->nl80211
);
2324 nl_cache_free(drv
->nl_cache
);
2325 nl_handle_destroy(drv
->nl_handle
);
2327 if (drv
->if_indices
!= drv
->default_if_indices
)
2328 free(drv
->if_indices
);
2334 const struct wpa_driver_ops wpa_driver_nl80211_ops
= {
2337 .init_bssid
= i802_init_bssid
,
2338 .deinit
= i802_deinit
,
2339 .wireless_event_init
= i802_wireless_event_init
,
2340 .wireless_event_deinit
= i802_wireless_event_deinit
,
2341 .set_ieee8021x
= i802_set_ieee8021x
,
2342 .set_privacy
= i802_set_privacy
,
2343 .set_encryption
= i802_set_encryption
,
2344 .get_seqnum
= i802_get_seqnum
,
2345 .flush
= i802_flush
,
2346 .read_sta_data
= i802_read_sta_data
,
2347 .send_eapol
= i802_send_eapol
,
2348 .sta_set_flags
= i802_sta_set_flags
,
2349 .sta_deauth
= i802_sta_deauth
,
2350 .sta_disassoc
= i802_sta_disassoc
,
2351 .sta_remove
= i802_sta_remove
,
2352 .set_ssid
= i802_set_ssid
,
2353 .send_mgmt_frame
= i802_send_mgmt_frame
,
2354 .sta_add
= i802_sta_add
,
2355 .get_inact_sec
= i802_get_inact_sec
,
2356 .sta_clear_stats
= i802_sta_clear_stats
,
2357 .set_freq
= i802_set_freq
,
2358 .set_rts
= i802_set_rts
,
2359 .get_rts
= i802_get_rts
,
2360 .set_frag
= i802_set_frag
,
2361 .get_frag
= i802_get_frag
,
2362 .set_retry
= i802_set_retry
,
2363 .get_retry
= i802_get_retry
,
2364 .set_rate_sets
= i802_set_rate_sets
,
2365 .set_channel_flag
= i802_set_channel_flag
,
2366 .set_regulatory_domain
= i802_set_regulatory_domain
,
2367 .set_beacon
= i802_set_beacon
,
2368 .set_internal_bridge
= i802_set_internal_bridge
,
2369 .set_beacon_int
= i802_set_beacon_int
,
2370 .set_dtim_period
= i802_set_dtim_period
,
2371 .set_cts_protect
= i802_set_cts_protect
,
2372 .set_preamble
= i802_set_preamble
,
2373 .set_short_slot_time
= i802_set_short_slot_time
,
2374 .set_tx_queue_params
= i802_set_tx_queue_params
,
2375 .bss_add
= i802_bss_add
,
2376 .bss_remove
= i802_bss_remove
,
2377 .if_add
= i802_if_add
,
2378 .if_update
= i802_if_update
,
2379 .if_remove
= i802_if_remove
,
2380 .get_hw_feature_data
= i802_get_hw_feature_data
,
2381 .set_sta_vlan
= i802_set_sta_vlan
,