2 * Driver interaction with Linux nl80211/cfg80211
3 * Copyright (c) 2002-2010, Jouni Malinen <j@w1.fi>
4 * Copyright (c) 2003-2004, Instant802 Networks, Inc.
5 * Copyright (c) 2005-2006, Devicescape Software, Inc.
6 * Copyright (c) 2007, Johannes Berg <johannes@sipsolutions.net>
7 * Copyright (c) 2009-2010, Atheros Communications
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License version 2 as
11 * published by the Free Software Foundation.
13 * Alternatively, this software may be distributed under the terms of BSD
16 * See README and COPYING for more details.
20 #include <sys/ioctl.h>
22 #include <netlink/genl/genl.h>
23 #include <netlink/genl/family.h>
24 #include <netlink/genl/ctrl.h>
25 #include <linux/rtnetlink.h>
26 #include <netpacket/packet.h>
27 #include <linux/filter.h>
28 #include "nl80211_copy.h"
32 #include "common/ieee802_11_defs.h"
34 #include "linux_ioctl.h"
36 #include "radiotap_iter.h"
41 /* libnl 2.0 compatibility code */
42 #define nl_handle nl_sock
43 #define nl80211_handle_alloc nl_socket_alloc_cb
44 #define nl80211_handle_destroy nl_socket_free
47 * libnl 1.1 has a bug, it tries to allocate socket numbers densely
48 * but when you free a socket again it will mess up its bitmap and
49 * and use the wrong number the next time it needs a socket ID.
50 * Therefore, we wrap the handle alloc/destroy and add our own pid
53 static uint32_t port_bitmap
[32] = { 0 };
55 static struct nl_handle
*nl80211_handle_alloc(void *cb
)
57 struct nl_handle
*handle
;
58 uint32_t pid
= getpid() & 0x3FFFFF;
61 handle
= nl_handle_alloc_cb(cb
);
63 for (i
= 0; i
< 1024; i
++) {
64 if (port_bitmap
[i
/ 32] & (1 << (i
% 32)))
66 port_bitmap
[i
/ 32] |= 1 << (i
% 32);
71 nl_socket_set_local_port(handle
, pid
);
76 static void nl80211_handle_destroy(struct nl_handle
*handle
)
78 uint32_t port
= nl_socket_get_local_port(handle
);
81 port_bitmap
[port
/ 32] &= ~(1 << (port
% 32));
83 nl_handle_destroy(handle
);
85 #endif /* CONFIG_LIBNL20 */
89 #define IFF_LOWER_UP 0x10000 /* driver signals L1 up */
92 #define IFF_DORMANT 0x20000 /* driver signals dormant */
95 #ifndef IF_OPER_DORMANT
96 #define IF_OPER_DORMANT 5
103 struct wpa_driver_nl80211_data
*drv
;
104 struct i802_bss
*next
;
106 char ifname
[IFNAMSIZ
+ 1];
107 unsigned int beacon_set
:1;
110 struct wpa_driver_nl80211_data
{
112 struct netlink_data
*netlink
;
113 int ioctl_sock
; /* socket for ioctl() use */
114 char brname
[IFNAMSIZ
];
118 struct rfkill_data
*rfkill
;
119 struct wpa_driver_capa capa
;
124 int scan_complete_events
;
126 struct nl_handle
*nl_handle
;
127 struct nl_handle
*nl_handle_event
;
128 struct nl_handle
*nl_handle_preq
;
129 struct nl_cache
*nl_cache
;
130 struct nl_cache
*nl_cache_event
;
131 struct nl_cache
*nl_cache_preq
;
133 struct genl_family
*nl80211
;
135 u8 auth_bssid
[ETH_ALEN
];
141 int ap_scan_as_station
;
142 unsigned int assoc_freq
;
146 int disable_11b_rates
;
148 unsigned int pending_remain_on_chan
:1;
149 unsigned int added_bridge
:1;
150 unsigned int added_if_into_bridge
:1;
152 u64 remain_on_chan_cookie
;
153 u64 send_action_cookie
;
155 unsigned int last_mgmt_freq
;
157 struct wpa_driver_scan_filter
*filter_ssids
;
158 size_t num_filter_ssids
;
160 struct i802_bss first_bss
;
163 int eapol_sock
; /* socket for EAPOL frames */
165 int default_if_indices
[16];
175 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx
,
177 static int wpa_driver_nl80211_set_mode(void *priv
, int mode
);
179 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data
*drv
);
180 static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data
*drv
,
181 const u8
*addr
, int cmd
, u16 reason_code
,
182 int local_state_change
);
183 static void nl80211_remove_monitor_interface(
184 struct wpa_driver_nl80211_data
*drv
);
185 static int nl80211_send_frame_cmd(struct wpa_driver_nl80211_data
*drv
,
186 unsigned int freq
, const u8
*buf
,
187 size_t buf_len
, u64
*cookie
);
188 static int wpa_driver_nl80211_probe_req_report(void *priv
, int report
);
191 static void add_ifidx(struct wpa_driver_nl80211_data
*drv
, int ifidx
);
192 static void del_ifidx(struct wpa_driver_nl80211_data
*drv
, int ifidx
);
193 static int have_ifidx(struct wpa_driver_nl80211_data
*drv
, int ifidx
);
194 static int wpa_driver_nl80211_if_remove(void *priv
,
195 enum wpa_driver_if_type type
,
198 static int have_ifidx(struct wpa_driver_nl80211_data
*drv
, int ifidx
)
204 static int i802_set_freq(void *priv
, struct hostapd_freq_params
*freq
);
205 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data
*drv
,
206 int ifindex
, int disabled
);
210 static int ack_handler(struct nl_msg
*msg
, void *arg
)
217 static int finish_handler(struct nl_msg
*msg
, void *arg
)
224 static int error_handler(struct sockaddr_nl
*nla
, struct nlmsgerr
*err
,
233 static int no_seq_check(struct nl_msg
*msg
, void *arg
)
239 static int send_and_recv(struct wpa_driver_nl80211_data
*drv
,
240 struct nl_handle
*nl_handle
, struct nl_msg
*msg
,
241 int (*valid_handler
)(struct nl_msg
*, void *),
247 cb
= nl_cb_clone(drv
->nl_cb
);
251 err
= nl_send_auto_complete(nl_handle
, msg
);
257 nl_cb_err(cb
, NL_CB_CUSTOM
, error_handler
, &err
);
258 nl_cb_set(cb
, NL_CB_FINISH
, NL_CB_CUSTOM
, finish_handler
, &err
);
259 nl_cb_set(cb
, NL_CB_ACK
, NL_CB_CUSTOM
, ack_handler
, &err
);
262 nl_cb_set(cb
, NL_CB_VALID
, NL_CB_CUSTOM
,
263 valid_handler
, valid_data
);
266 nl_recvmsgs(nl_handle
, cb
);
274 static int send_and_recv_msgs(struct wpa_driver_nl80211_data
*drv
,
276 int (*valid_handler
)(struct nl_msg
*, void *),
279 return send_and_recv(drv
, drv
->nl_handle
, msg
, valid_handler
,
290 static int family_handler(struct nl_msg
*msg
, void *arg
)
292 struct family_data
*res
= arg
;
293 struct nlattr
*tb
[CTRL_ATTR_MAX
+ 1];
294 struct genlmsghdr
*gnlh
= nlmsg_data(nlmsg_hdr(msg
));
295 struct nlattr
*mcgrp
;
298 nla_parse(tb
, CTRL_ATTR_MAX
, genlmsg_attrdata(gnlh
, 0),
299 genlmsg_attrlen(gnlh
, 0), NULL
);
300 if (!tb
[CTRL_ATTR_MCAST_GROUPS
])
303 nla_for_each_nested(mcgrp
, tb
[CTRL_ATTR_MCAST_GROUPS
], i
) {
304 struct nlattr
*tb2
[CTRL_ATTR_MCAST_GRP_MAX
+ 1];
305 nla_parse(tb2
, CTRL_ATTR_MCAST_GRP_MAX
, nla_data(mcgrp
),
306 nla_len(mcgrp
), NULL
);
307 if (!tb2
[CTRL_ATTR_MCAST_GRP_NAME
] ||
308 !tb2
[CTRL_ATTR_MCAST_GRP_ID
] ||
309 os_strncmp(nla_data(tb2
[CTRL_ATTR_MCAST_GRP_NAME
]),
311 nla_len(tb2
[CTRL_ATTR_MCAST_GRP_NAME
])) != 0)
313 res
->id
= nla_get_u32(tb2
[CTRL_ATTR_MCAST_GRP_ID
]);
321 static int nl_get_multicast_id(struct wpa_driver_nl80211_data
*drv
,
322 const char *family
, const char *group
)
326 struct family_data res
= { group
, -ENOENT
};
331 genlmsg_put(msg
, 0, 0, genl_ctrl_resolve(drv
->nl_handle
, "nlctrl"),
332 0, 0, CTRL_CMD_GETFAMILY
, 0);
333 NLA_PUT_STRING(msg
, CTRL_ATTR_FAMILY_NAME
, family
);
335 ret
= send_and_recv_msgs(drv
, msg
, family_handler
, &res
);
346 static int wpa_driver_nl80211_get_bssid(void *priv
, u8
*bssid
)
348 struct i802_bss
*bss
= priv
;
349 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
350 if (!drv
->associated
)
352 os_memcpy(bssid
, drv
->bssid
, ETH_ALEN
);
357 static int wpa_driver_nl80211_get_ssid(void *priv
, u8
*ssid
)
359 struct i802_bss
*bss
= priv
;
360 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
361 if (!drv
->associated
)
363 os_memcpy(ssid
, drv
->ssid
, drv
->ssid_len
);
364 return drv
->ssid_len
;
368 static void wpa_driver_nl80211_event_link(struct wpa_driver_nl80211_data
*drv
,
369 char *buf
, size_t len
, int del
)
371 union wpa_event_data event
;
373 os_memset(&event
, 0, sizeof(event
));
374 if (len
> sizeof(event
.interface_status
.ifname
))
375 len
= sizeof(event
.interface_status
.ifname
) - 1;
376 os_memcpy(event
.interface_status
.ifname
, buf
, len
);
377 event
.interface_status
.ievent
= del
? EVENT_INTERFACE_REMOVED
:
378 EVENT_INTERFACE_ADDED
;
380 wpa_printf(MSG_DEBUG
, "RTM_%sLINK, IFLA_IFNAME: Interface '%s' %s",
382 event
.interface_status
.ifname
,
383 del
? "removed" : "added");
385 if (os_strcmp(drv
->first_bss
.ifname
, event
.interface_status
.ifname
) == 0) {
392 wpa_supplicant_event(drv
->ctx
, EVENT_INTERFACE_STATUS
, &event
);
396 static int wpa_driver_nl80211_own_ifname(struct wpa_driver_nl80211_data
*drv
,
399 int attrlen
, rta_len
;
403 attr
= (struct rtattr
*) buf
;
405 rta_len
= RTA_ALIGN(sizeof(struct rtattr
));
406 while (RTA_OK(attr
, attrlen
)) {
407 if (attr
->rta_type
== IFLA_IFNAME
) {
408 if (os_strcmp(((char *) attr
) + rta_len
, drv
->first_bss
.ifname
)
414 attr
= RTA_NEXT(attr
, attrlen
);
421 static int wpa_driver_nl80211_own_ifindex(struct wpa_driver_nl80211_data
*drv
,
422 int ifindex
, u8
*buf
, size_t len
)
424 if (drv
->ifindex
== ifindex
)
427 if (drv
->if_removed
&& wpa_driver_nl80211_own_ifname(drv
, buf
, len
)) {
428 drv
->first_bss
.ifindex
= if_nametoindex(drv
->first_bss
.ifname
);
429 wpa_printf(MSG_DEBUG
, "nl80211: Update ifindex for a removed "
431 wpa_driver_nl80211_finish_drv_init(drv
);
439 static void wpa_driver_nl80211_event_rtm_newlink(void *ctx
,
440 struct ifinfomsg
*ifi
,
443 struct wpa_driver_nl80211_data
*drv
= ctx
;
444 int attrlen
, rta_len
;
448 if (!wpa_driver_nl80211_own_ifindex(drv
, ifi
->ifi_index
, buf
, len
) &&
449 !have_ifidx(drv
, ifi
->ifi_index
)) {
450 wpa_printf(MSG_DEBUG
, "nl80211: Ignore event for foreign "
451 "ifindex %d", ifi
->ifi_index
);
455 wpa_printf(MSG_DEBUG
, "RTM_NEWLINK: operstate=%d ifi_flags=0x%x "
457 drv
->operstate
, ifi
->ifi_flags
,
458 (ifi
->ifi_flags
& IFF_UP
) ? "[UP]" : "",
459 (ifi
->ifi_flags
& IFF_RUNNING
) ? "[RUNNING]" : "",
460 (ifi
->ifi_flags
& IFF_LOWER_UP
) ? "[LOWER_UP]" : "",
461 (ifi
->ifi_flags
& IFF_DORMANT
) ? "[DORMANT]" : "");
463 if (!drv
->if_disabled
&& !(ifi
->ifi_flags
& IFF_UP
)) {
464 wpa_printf(MSG_DEBUG
, "nl80211: Interface down");
465 drv
->if_disabled
= 1;
466 wpa_supplicant_event(drv
->ctx
, EVENT_INTERFACE_DISABLED
, NULL
);
469 if (drv
->if_disabled
&& (ifi
->ifi_flags
& IFF_UP
)) {
470 wpa_printf(MSG_DEBUG
, "nl80211: Interface up");
471 drv
->if_disabled
= 0;
472 wpa_supplicant_event(drv
->ctx
, EVENT_INTERFACE_ENABLED
, NULL
);
476 * Some drivers send the association event before the operup event--in
477 * this case, lifting operstate in wpa_driver_nl80211_set_operstate()
478 * fails. This will hit us when wpa_supplicant does not need to do
479 * IEEE 802.1X authentication
481 if (drv
->operstate
== 1 &&
482 (ifi
->ifi_flags
& (IFF_LOWER_UP
| IFF_DORMANT
)) == IFF_LOWER_UP
&&
483 !(ifi
->ifi_flags
& IFF_RUNNING
))
484 netlink_send_oper_ifla(drv
->netlink
, drv
->ifindex
,
488 attr
= (struct rtattr
*) buf
;
489 rta_len
= RTA_ALIGN(sizeof(struct rtattr
));
490 while (RTA_OK(attr
, attrlen
)) {
491 if (attr
->rta_type
== IFLA_IFNAME
) {
492 wpa_driver_nl80211_event_link(
494 ((char *) attr
) + rta_len
,
495 attr
->rta_len
- rta_len
, 0);
496 } else if (attr
->rta_type
== IFLA_MASTER
)
497 brid
= nla_get_u32((struct nlattr
*) attr
);
498 attr
= RTA_NEXT(attr
, attrlen
);
502 if (ifi
->ifi_family
== AF_BRIDGE
&& brid
) {
503 /* device has been added to bridge */
504 char namebuf
[IFNAMSIZ
];
505 if_indextoname(brid
, namebuf
);
506 wpa_printf(MSG_DEBUG
, "nl80211: Add ifindex %u for bridge %s",
508 add_ifidx(drv
, brid
);
514 static void wpa_driver_nl80211_event_rtm_dellink(void *ctx
,
515 struct ifinfomsg
*ifi
,
518 struct wpa_driver_nl80211_data
*drv
= ctx
;
519 int attrlen
, rta_len
;
524 attr
= (struct rtattr
*) buf
;
526 rta_len
= RTA_ALIGN(sizeof(struct rtattr
));
527 while (RTA_OK(attr
, attrlen
)) {
528 if (attr
->rta_type
== IFLA_IFNAME
) {
529 wpa_driver_nl80211_event_link(
531 ((char *) attr
) + rta_len
,
532 attr
->rta_len
- rta_len
, 1);
533 } else if (attr
->rta_type
== IFLA_MASTER
)
534 brid
= nla_get_u32((struct nlattr
*) attr
);
535 attr
= RTA_NEXT(attr
, attrlen
);
539 if (ifi
->ifi_family
== AF_BRIDGE
&& brid
) {
540 /* device has been removed from bridge */
541 char namebuf
[IFNAMSIZ
];
542 if_indextoname(brid
, namebuf
);
543 wpa_printf(MSG_DEBUG
, "nl80211: Remove ifindex %u for bridge "
544 "%s", brid
, namebuf
);
545 del_ifidx(drv
, brid
);
551 static void mlme_event_auth(struct wpa_driver_nl80211_data
*drv
,
552 const u8
*frame
, size_t len
)
554 const struct ieee80211_mgmt
*mgmt
;
555 union wpa_event_data event
;
557 mgmt
= (const struct ieee80211_mgmt
*) frame
;
558 if (len
< 24 + sizeof(mgmt
->u
.auth
)) {
559 wpa_printf(MSG_DEBUG
, "nl80211: Too short association event "
564 os_memcpy(drv
->auth_bssid
, mgmt
->sa
, ETH_ALEN
);
565 os_memset(&event
, 0, sizeof(event
));
566 os_memcpy(event
.auth
.peer
, mgmt
->sa
, ETH_ALEN
);
567 event
.auth
.auth_type
= le_to_host16(mgmt
->u
.auth
.auth_alg
);
568 event
.auth
.status_code
= le_to_host16(mgmt
->u
.auth
.status_code
);
569 if (len
> 24 + sizeof(mgmt
->u
.auth
)) {
570 event
.auth
.ies
= mgmt
->u
.auth
.variable
;
571 event
.auth
.ies_len
= len
- 24 - sizeof(mgmt
->u
.auth
);
574 wpa_supplicant_event(drv
->ctx
, EVENT_AUTH
, &event
);
578 static void mlme_event_assoc(struct wpa_driver_nl80211_data
*drv
,
579 const u8
*frame
, size_t len
)
581 const struct ieee80211_mgmt
*mgmt
;
582 union wpa_event_data event
;
585 mgmt
= (const struct ieee80211_mgmt
*) frame
;
586 if (len
< 24 + sizeof(mgmt
->u
.assoc_resp
)) {
587 wpa_printf(MSG_DEBUG
, "nl80211: Too short association event "
592 status
= le_to_host16(mgmt
->u
.assoc_resp
.status_code
);
593 if (status
!= WLAN_STATUS_SUCCESS
) {
594 os_memset(&event
, 0, sizeof(event
));
595 event
.assoc_reject
.bssid
= mgmt
->bssid
;
596 if (len
> 24 + sizeof(mgmt
->u
.assoc_resp
)) {
597 event
.assoc_reject
.resp_ies
=
598 (u8
*) mgmt
->u
.assoc_resp
.variable
;
599 event
.assoc_reject
.resp_ies_len
=
600 len
- 24 - sizeof(mgmt
->u
.assoc_resp
);
602 event
.assoc_reject
.status_code
= status
;
604 wpa_supplicant_event(drv
->ctx
, EVENT_ASSOC_REJECT
, &event
);
609 os_memcpy(drv
->bssid
, mgmt
->sa
, ETH_ALEN
);
611 os_memset(&event
, 0, sizeof(event
));
612 if (len
> 24 + sizeof(mgmt
->u
.assoc_resp
)) {
613 event
.assoc_info
.resp_ies
= (u8
*) mgmt
->u
.assoc_resp
.variable
;
614 event
.assoc_info
.resp_ies_len
=
615 len
- 24 - sizeof(mgmt
->u
.assoc_resp
);
618 event
.assoc_info
.freq
= drv
->assoc_freq
;
620 wpa_supplicant_event(drv
->ctx
, EVENT_ASSOC
, &event
);
624 static void mlme_event_connect(struct wpa_driver_nl80211_data
*drv
,
625 enum nl80211_commands cmd
, struct nlattr
*status
,
626 struct nlattr
*addr
, struct nlattr
*req_ie
,
627 struct nlattr
*resp_ie
)
629 union wpa_event_data event
;
631 if (drv
->capa
.flags
& WPA_DRIVER_FLAGS_SME
) {
633 * Avoid reporting two association events that would confuse
636 wpa_printf(MSG_DEBUG
, "nl80211: Ignore connect event (cmd=%d) "
637 "when using userspace SME", cmd
);
641 os_memset(&event
, 0, sizeof(event
));
642 if (cmd
== NL80211_CMD_CONNECT
&&
643 nla_get_u16(status
) != WLAN_STATUS_SUCCESS
) {
645 event
.assoc_reject
.resp_ies
= nla_data(resp_ie
);
646 event
.assoc_reject
.resp_ies_len
= nla_len(resp_ie
);
648 event
.assoc_reject
.status_code
= nla_get_u16(status
);
649 wpa_supplicant_event(drv
->ctx
, EVENT_ASSOC_REJECT
, &event
);
655 os_memcpy(drv
->bssid
, nla_data(addr
), ETH_ALEN
);
658 event
.assoc_info
.req_ies
= nla_data(req_ie
);
659 event
.assoc_info
.req_ies_len
= nla_len(req_ie
);
662 event
.assoc_info
.resp_ies
= nla_data(resp_ie
);
663 event
.assoc_info
.resp_ies_len
= nla_len(resp_ie
);
666 wpa_supplicant_event(drv
->ctx
, EVENT_ASSOC
, &event
);
670 static void mlme_timeout_event(struct wpa_driver_nl80211_data
*drv
,
671 enum nl80211_commands cmd
, struct nlattr
*addr
)
673 union wpa_event_data event
;
674 enum wpa_event_type ev
;
676 if (nla_len(addr
) != ETH_ALEN
)
679 wpa_printf(MSG_DEBUG
, "nl80211: MLME event %d; timeout with " MACSTR
,
680 cmd
, MAC2STR((u8
*) nla_data(addr
)));
682 if (cmd
== NL80211_CMD_AUTHENTICATE
)
683 ev
= EVENT_AUTH_TIMED_OUT
;
684 else if (cmd
== NL80211_CMD_ASSOCIATE
)
685 ev
= EVENT_ASSOC_TIMED_OUT
;
689 os_memset(&event
, 0, sizeof(event
));
690 os_memcpy(event
.timeout_event
.addr
, nla_data(addr
), ETH_ALEN
);
691 wpa_supplicant_event(drv
->ctx
, ev
, &event
);
695 static void mlme_event_mgmt(struct wpa_driver_nl80211_data
*drv
,
696 struct nlattr
*freq
, const u8
*frame
, size_t len
)
698 const struct ieee80211_mgmt
*mgmt
;
699 union wpa_event_data event
;
702 mgmt
= (const struct ieee80211_mgmt
*) frame
;
704 wpa_printf(MSG_DEBUG
, "nl80211: Too short action frame");
708 fc
= le_to_host16(mgmt
->frame_control
);
709 stype
= WLAN_FC_GET_STYPE(fc
);
711 os_memset(&event
, 0, sizeof(event
));
713 event
.rx_action
.freq
= nla_get_u32(freq
);
714 drv
->last_mgmt_freq
= event
.rx_action
.freq
;
716 if (stype
== WLAN_FC_STYPE_ACTION
) {
717 event
.rx_action
.da
= mgmt
->da
;
718 event
.rx_action
.sa
= mgmt
->sa
;
719 event
.rx_action
.bssid
= mgmt
->bssid
;
720 event
.rx_action
.category
= mgmt
->u
.action
.category
;
721 event
.rx_action
.data
= &mgmt
->u
.action
.category
+ 1;
722 event
.rx_action
.len
= frame
+ len
- event
.rx_action
.data
;
723 wpa_supplicant_event(drv
->ctx
, EVENT_RX_ACTION
, &event
);
725 event
.rx_mgmt
.frame
= frame
;
726 event
.rx_mgmt
.frame_len
= len
;
727 wpa_supplicant_event(drv
->ctx
, EVENT_RX_MGMT
, &event
);
732 static void mlme_event_action_tx_status(struct wpa_driver_nl80211_data
*drv
,
733 struct nlattr
*cookie
, const u8
*frame
,
734 size_t len
, struct nlattr
*ack
)
736 union wpa_event_data event
;
737 const struct ieee80211_hdr
*hdr
;
744 cookie_val
= nla_get_u64(cookie
);
745 wpa_printf(MSG_DEBUG
, "nl80211: Action TX status: cookie=0%llx%s "
747 (long long unsigned int) cookie_val
,
748 cookie_val
== drv
->send_action_cookie
?
749 " (match)" : " (unknown)", ack
!= NULL
);
750 if (cookie_val
!= drv
->send_action_cookie
)
753 hdr
= (const struct ieee80211_hdr
*) frame
;
754 fc
= le_to_host16(hdr
->frame_control
);
756 os_memset(&event
, 0, sizeof(event
));
757 event
.tx_status
.type
= WLAN_FC_GET_TYPE(fc
);
758 event
.tx_status
.stype
= WLAN_FC_GET_STYPE(fc
);
759 event
.tx_status
.dst
= hdr
->addr1
;
760 event
.tx_status
.data
= frame
;
761 event
.tx_status
.data_len
= len
;
762 event
.tx_status
.ack
= ack
!= NULL
;
763 wpa_supplicant_event(drv
->ctx
, EVENT_TX_STATUS
, &event
);
767 static void mlme_event_deauth_disassoc(struct wpa_driver_nl80211_data
*drv
,
768 enum wpa_event_type type
,
769 const u8
*frame
, size_t len
)
771 const struct ieee80211_mgmt
*mgmt
;
772 union wpa_event_data event
;
773 const u8
*bssid
= NULL
;
776 mgmt
= (const struct ieee80211_mgmt
*) frame
;
780 if (drv
->associated
!= 0 &&
781 os_memcmp(bssid
, drv
->bssid
, ETH_ALEN
) != 0 &&
782 os_memcmp(bssid
, drv
->auth_bssid
, ETH_ALEN
) != 0) {
784 * We have presumably received this deauth as a
785 * response to a clear_state_mismatch() outgoing
786 * deauth. Don't let it take us offline!
788 wpa_printf(MSG_DEBUG
, "nl80211: Deauth received "
789 "from Unknown BSSID " MACSTR
" -- ignoring",
796 os_memset(&event
, 0, sizeof(event
));
798 /* Note: Same offset for Reason Code in both frame subtypes */
799 if (len
>= 24 + sizeof(mgmt
->u
.deauth
))
800 reason_code
= le_to_host16(mgmt
->u
.deauth
.reason_code
);
802 if (type
== EVENT_DISASSOC
) {
803 event
.disassoc_info
.addr
= bssid
;
804 event
.disassoc_info
.reason_code
= reason_code
;
805 if (frame
+ len
> mgmt
->u
.disassoc
.variable
) {
806 event
.disassoc_info
.ie
= mgmt
->u
.disassoc
.variable
;
807 event
.disassoc_info
.ie_len
= frame
+ len
-
808 mgmt
->u
.disassoc
.variable
;
811 event
.deauth_info
.addr
= bssid
;
812 event
.deauth_info
.reason_code
= reason_code
;
813 if (frame
+ len
> mgmt
->u
.deauth
.variable
) {
814 event
.deauth_info
.ie
= mgmt
->u
.deauth
.variable
;
815 event
.deauth_info
.ie_len
= frame
+ len
-
816 mgmt
->u
.deauth
.variable
;
820 wpa_supplicant_event(drv
->ctx
, type
, &event
);
824 static void mlme_event(struct wpa_driver_nl80211_data
*drv
,
825 enum nl80211_commands cmd
, struct nlattr
*frame
,
826 struct nlattr
*addr
, struct nlattr
*timed_out
,
827 struct nlattr
*freq
, struct nlattr
*ack
,
828 struct nlattr
*cookie
)
830 if (timed_out
&& addr
) {
831 mlme_timeout_event(drv
, cmd
, addr
);
836 wpa_printf(MSG_DEBUG
, "nl80211: MLME event %d without frame "
841 wpa_printf(MSG_DEBUG
, "nl80211: MLME event %d", cmd
);
842 wpa_hexdump(MSG_MSGDUMP
, "nl80211: MLME event frame",
843 nla_data(frame
), nla_len(frame
));
846 case NL80211_CMD_AUTHENTICATE
:
847 mlme_event_auth(drv
, nla_data(frame
), nla_len(frame
));
849 case NL80211_CMD_ASSOCIATE
:
850 mlme_event_assoc(drv
, nla_data(frame
), nla_len(frame
));
852 case NL80211_CMD_DEAUTHENTICATE
:
853 mlme_event_deauth_disassoc(drv
, EVENT_DEAUTH
,
854 nla_data(frame
), nla_len(frame
));
856 case NL80211_CMD_DISASSOCIATE
:
857 mlme_event_deauth_disassoc(drv
, EVENT_DISASSOC
,
858 nla_data(frame
), nla_len(frame
));
860 case NL80211_CMD_FRAME
:
861 mlme_event_mgmt(drv
, freq
, nla_data(frame
), nla_len(frame
));
863 case NL80211_CMD_FRAME_TX_STATUS
:
864 mlme_event_action_tx_status(drv
, cookie
, nla_data(frame
),
865 nla_len(frame
), ack
);
873 static void mlme_event_michael_mic_failure(struct wpa_driver_nl80211_data
*drv
,
876 union wpa_event_data data
;
878 wpa_printf(MSG_DEBUG
, "nl80211: MLME event Michael MIC failure");
879 os_memset(&data
, 0, sizeof(data
));
880 if (tb
[NL80211_ATTR_MAC
]) {
881 wpa_hexdump(MSG_DEBUG
, "nl80211: Source MAC address",
882 nla_data(tb
[NL80211_ATTR_MAC
]),
883 nla_len(tb
[NL80211_ATTR_MAC
]));
884 data
.michael_mic_failure
.src
= nla_data(tb
[NL80211_ATTR_MAC
]);
886 if (tb
[NL80211_ATTR_KEY_SEQ
]) {
887 wpa_hexdump(MSG_DEBUG
, "nl80211: TSC",
888 nla_data(tb
[NL80211_ATTR_KEY_SEQ
]),
889 nla_len(tb
[NL80211_ATTR_KEY_SEQ
]));
891 if (tb
[NL80211_ATTR_KEY_TYPE
]) {
892 enum nl80211_key_type key_type
=
893 nla_get_u32(tb
[NL80211_ATTR_KEY_TYPE
]);
894 wpa_printf(MSG_DEBUG
, "nl80211: Key Type %d", key_type
);
895 if (key_type
== NL80211_KEYTYPE_PAIRWISE
)
896 data
.michael_mic_failure
.unicast
= 1;
898 data
.michael_mic_failure
.unicast
= 1;
900 if (tb
[NL80211_ATTR_KEY_IDX
]) {
901 u8 key_id
= nla_get_u8(tb
[NL80211_ATTR_KEY_IDX
]);
902 wpa_printf(MSG_DEBUG
, "nl80211: Key Id %d", key_id
);
905 wpa_supplicant_event(drv
->ctx
, EVENT_MICHAEL_MIC_FAILURE
, &data
);
909 static void mlme_event_join_ibss(struct wpa_driver_nl80211_data
*drv
,
912 if (tb
[NL80211_ATTR_MAC
] == NULL
) {
913 wpa_printf(MSG_DEBUG
, "nl80211: No address in IBSS joined "
917 os_memcpy(drv
->bssid
, nla_data(tb
[NL80211_ATTR_MAC
]), ETH_ALEN
);
919 wpa_printf(MSG_DEBUG
, "nl80211: IBSS " MACSTR
" joined",
920 MAC2STR(drv
->bssid
));
922 wpa_supplicant_event(drv
->ctx
, EVENT_ASSOC
, NULL
);
926 static void mlme_event_remain_on_channel(struct wpa_driver_nl80211_data
*drv
,
927 int cancel_event
, struct nlattr
*tb
[])
929 unsigned int freq
, chan_type
, duration
;
930 union wpa_event_data data
;
933 if (tb
[NL80211_ATTR_WIPHY_FREQ
])
934 freq
= nla_get_u32(tb
[NL80211_ATTR_WIPHY_FREQ
]);
938 if (tb
[NL80211_ATTR_WIPHY_CHANNEL_TYPE
])
939 chan_type
= nla_get_u32(tb
[NL80211_ATTR_WIPHY_CHANNEL_TYPE
]);
943 if (tb
[NL80211_ATTR_DURATION
])
944 duration
= nla_get_u32(tb
[NL80211_ATTR_DURATION
]);
948 if (tb
[NL80211_ATTR_COOKIE
])
949 cookie
= nla_get_u64(tb
[NL80211_ATTR_COOKIE
]);
953 wpa_printf(MSG_DEBUG
, "nl80211: Remain-on-channel event (cancel=%d "
954 "freq=%u channel_type=%u duration=%u cookie=0x%llx (%s))",
955 cancel_event
, freq
, chan_type
, duration
,
956 (long long unsigned int) cookie
,
957 cookie
== drv
->remain_on_chan_cookie
? "match" : "unknown");
959 if (cookie
!= drv
->remain_on_chan_cookie
)
960 return; /* not for us */
962 drv
->pending_remain_on_chan
= !cancel_event
;
964 os_memset(&data
, 0, sizeof(data
));
965 data
.remain_on_channel
.freq
= freq
;
966 data
.remain_on_channel
.duration
= duration
;
967 wpa_supplicant_event(drv
->ctx
, cancel_event
?
968 EVENT_CANCEL_REMAIN_ON_CHANNEL
:
969 EVENT_REMAIN_ON_CHANNEL
, &data
);
973 static void send_scan_event(struct wpa_driver_nl80211_data
*drv
, int aborted
,
976 union wpa_event_data event
;
979 struct scan_info
*info
;
980 #define MAX_REPORT_FREQS 50
981 int freqs
[MAX_REPORT_FREQS
];
984 os_memset(&event
, 0, sizeof(event
));
985 info
= &event
.scan_info
;
986 info
->aborted
= aborted
;
988 if (tb
[NL80211_ATTR_SCAN_SSIDS
]) {
989 nla_for_each_nested(nl
, tb
[NL80211_ATTR_SCAN_SSIDS
], rem
) {
990 struct wpa_driver_scan_ssid
*s
=
991 &info
->ssids
[info
->num_ssids
];
992 s
->ssid
= nla_data(nl
);
993 s
->ssid_len
= nla_len(nl
);
995 if (info
->num_ssids
== WPAS_MAX_SCAN_SSIDS
)
999 if (tb
[NL80211_ATTR_SCAN_FREQUENCIES
]) {
1000 nla_for_each_nested(nl
, tb
[NL80211_ATTR_SCAN_FREQUENCIES
], rem
)
1002 freqs
[num_freqs
] = nla_get_u32(nl
);
1004 if (num_freqs
== MAX_REPORT_FREQS
- 1)
1007 info
->freqs
= freqs
;
1008 info
->num_freqs
= num_freqs
;
1010 wpa_supplicant_event(drv
->ctx
, EVENT_SCAN_RESULTS
, &event
);
1014 static int get_link_signal(struct nl_msg
*msg
, void *arg
)
1016 struct nlattr
*tb
[NL80211_ATTR_MAX
+ 1];
1017 struct genlmsghdr
*gnlh
= nlmsg_data(nlmsg_hdr(msg
));
1018 struct nlattr
*sinfo
[NL80211_STA_INFO_MAX
+ 1];
1019 static struct nla_policy policy
[NL80211_STA_INFO_MAX
+ 1] = {
1020 [NL80211_STA_INFO_SIGNAL
] = { .type
= NLA_U8
},
1022 struct nlattr
*rinfo
[NL80211_RATE_INFO_MAX
+ 1];
1023 static struct nla_policy rate_policy
[NL80211_RATE_INFO_MAX
+ 1] = {
1024 [NL80211_RATE_INFO_BITRATE
] = { .type
= NLA_U16
},
1025 [NL80211_RATE_INFO_MCS
] = { .type
= NLA_U8
},
1026 [NL80211_RATE_INFO_40_MHZ_WIDTH
] = { .type
= NLA_FLAG
},
1027 [NL80211_RATE_INFO_SHORT_GI
] = { .type
= NLA_FLAG
},
1029 struct signal_change
*sig_change
= arg
;
1031 nla_parse(tb
, NL80211_ATTR_MAX
, genlmsg_attrdata(gnlh
, 0),
1032 genlmsg_attrlen(gnlh
, 0), NULL
);
1033 if (!tb
[NL80211_ATTR_STA_INFO
] ||
1034 nla_parse_nested(sinfo
, NL80211_STA_INFO_MAX
,
1035 tb
[NL80211_ATTR_STA_INFO
], policy
))
1037 if (!sinfo
[NL80211_STA_INFO_SIGNAL
])
1040 sig_change
->current_signal
=
1041 (s8
) nla_get_u8(sinfo
[NL80211_STA_INFO_SIGNAL
]);
1043 if (sinfo
[NL80211_STA_INFO_TX_BITRATE
]) {
1044 if (nla_parse_nested(rinfo
, NL80211_RATE_INFO_MAX
,
1045 sinfo
[NL80211_STA_INFO_TX_BITRATE
],
1047 sig_change
->current_txrate
= 0;
1049 if (rinfo
[NL80211_RATE_INFO_BITRATE
]) {
1050 sig_change
->current_txrate
=
1052 NL80211_RATE_INFO_BITRATE
]) * 100;
1061 static int nl80211_get_link_signal(struct wpa_driver_nl80211_data
*drv
,
1062 struct signal_change
*sig
)
1066 sig
->current_signal
= -9999;
1067 sig
->current_txrate
= 0;
1069 msg
= nlmsg_alloc();
1073 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
1074 0, NL80211_CMD_GET_STATION
, 0);
1076 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, drv
->ifindex
);
1077 NLA_PUT(msg
, NL80211_ATTR_MAC
, ETH_ALEN
, drv
->bssid
);
1079 return send_and_recv_msgs(drv
, msg
, get_link_signal
, sig
);
1085 static int get_link_noise(struct nl_msg
*msg
, void *arg
)
1087 struct nlattr
*tb
[NL80211_ATTR_MAX
+ 1];
1088 struct genlmsghdr
*gnlh
= nlmsg_data(nlmsg_hdr(msg
));
1089 struct nlattr
*sinfo
[NL80211_SURVEY_INFO_MAX
+ 1];
1090 static struct nla_policy survey_policy
[NL80211_SURVEY_INFO_MAX
+ 1] = {
1091 [NL80211_SURVEY_INFO_FREQUENCY
] = { .type
= NLA_U32
},
1092 [NL80211_SURVEY_INFO_NOISE
] = { .type
= NLA_U8
},
1094 struct signal_change
*sig_change
= arg
;
1096 nla_parse(tb
, NL80211_ATTR_MAX
, genlmsg_attrdata(gnlh
, 0),
1097 genlmsg_attrlen(gnlh
, 0), NULL
);
1099 if (!tb
[NL80211_ATTR_SURVEY_INFO
]) {
1100 wpa_printf(MSG_DEBUG
, "nl80211: survey data missing!");
1104 if (nla_parse_nested(sinfo
, NL80211_SURVEY_INFO_MAX
,
1105 tb
[NL80211_ATTR_SURVEY_INFO
],
1107 wpa_printf(MSG_DEBUG
, "nl80211: failed to parse nested "
1112 if (!sinfo
[NL80211_SURVEY_INFO_FREQUENCY
])
1115 if (nla_get_u32(sinfo
[NL80211_SURVEY_INFO_FREQUENCY
]) !=
1116 sig_change
->frequency
)
1119 if (!sinfo
[NL80211_SURVEY_INFO_NOISE
])
1122 sig_change
->current_noise
=
1123 (s8
) nla_get_u8(sinfo
[NL80211_SURVEY_INFO_NOISE
]);
1129 static int nl80211_get_link_noise(struct wpa_driver_nl80211_data
*drv
,
1130 struct signal_change
*sig_change
)
1134 sig_change
->current_noise
= 9999;
1135 sig_change
->frequency
= drv
->assoc_freq
;
1137 msg
= nlmsg_alloc();
1141 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
1142 NLM_F_DUMP
, NL80211_CMD_GET_SURVEY
, 0);
1144 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, drv
->ifindex
);
1146 return send_and_recv_msgs(drv
, msg
, get_link_noise
, sig_change
);
1152 static void nl80211_cqm_event(struct wpa_driver_nl80211_data
*drv
,
1153 struct nlattr
*tb
[])
1155 static struct nla_policy cqm_policy
[NL80211_ATTR_CQM_MAX
+ 1] = {
1156 [NL80211_ATTR_CQM_RSSI_THOLD
] = { .type
= NLA_U32
},
1157 [NL80211_ATTR_CQM_RSSI_HYST
] = { .type
= NLA_U8
},
1158 [NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT
] = { .type
= NLA_U32
},
1160 struct nlattr
*cqm
[NL80211_ATTR_CQM_MAX
+ 1];
1161 enum nl80211_cqm_rssi_threshold_event event
;
1162 union wpa_event_data ed
;
1163 struct signal_change sig
;
1166 if (tb
[NL80211_ATTR_CQM
] == NULL
||
1167 nla_parse_nested(cqm
, NL80211_ATTR_CQM_MAX
, tb
[NL80211_ATTR_CQM
],
1169 wpa_printf(MSG_DEBUG
, "nl80211: Ignore invalid CQM event");
1173 if (cqm
[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT
] == NULL
)
1175 event
= nla_get_u32(cqm
[NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT
]);
1177 os_memset(&ed
, 0, sizeof(ed
));
1179 if (event
== NL80211_CQM_RSSI_THRESHOLD_EVENT_HIGH
) {
1180 wpa_printf(MSG_DEBUG
, "nl80211: Connection quality monitor "
1181 "event: RSSI high");
1182 ed
.signal_change
.above_threshold
= 1;
1183 } else if (event
== NL80211_CQM_RSSI_THRESHOLD_EVENT_LOW
) {
1184 wpa_printf(MSG_DEBUG
, "nl80211: Connection quality monitor "
1186 ed
.signal_change
.above_threshold
= 0;
1190 res
= nl80211_get_link_signal(drv
, &sig
);
1192 ed
.signal_change
.current_signal
= sig
.current_signal
;
1193 ed
.signal_change
.current_txrate
= sig
.current_txrate
;
1194 wpa_printf(MSG_DEBUG
, "nl80211: Signal: %d dBm txrate: %d",
1195 sig
.current_signal
, sig
.current_txrate
);
1198 res
= nl80211_get_link_noise(drv
, &sig
);
1200 ed
.signal_change
.current_noise
= sig
.current_noise
;
1201 wpa_printf(MSG_DEBUG
, "nl80211: Noise: %d dBm",
1205 wpa_supplicant_event(drv
->ctx
, EVENT_SIGNAL_CHANGE
, &ed
);
1209 static int process_event(struct nl_msg
*msg
, void *arg
)
1211 struct wpa_driver_nl80211_data
*drv
= arg
;
1212 struct genlmsghdr
*gnlh
= nlmsg_data(nlmsg_hdr(msg
));
1213 struct nlattr
*tb
[NL80211_ATTR_MAX
+ 1];
1214 union wpa_event_data data
;
1216 nla_parse(tb
, NL80211_ATTR_MAX
, genlmsg_attrdata(gnlh
, 0),
1217 genlmsg_attrlen(gnlh
, 0), NULL
);
1219 if (tb
[NL80211_ATTR_IFINDEX
]) {
1220 int ifindex
= nla_get_u32(tb
[NL80211_ATTR_IFINDEX
]);
1221 if (ifindex
!= drv
->ifindex
&& !have_ifidx(drv
, ifindex
)) {
1222 wpa_printf(MSG_DEBUG
, "nl80211: Ignored event (cmd=%d)"
1223 " for foreign interface (ifindex %d)",
1224 gnlh
->cmd
, ifindex
);
1229 if (drv
->ap_scan_as_station
&&
1230 (gnlh
->cmd
== NL80211_CMD_NEW_SCAN_RESULTS
||
1231 gnlh
->cmd
== NL80211_CMD_SCAN_ABORTED
)) {
1232 wpa_driver_nl80211_set_mode(&drv
->first_bss
,
1234 drv
->ap_scan_as_station
= 0;
1237 switch (gnlh
->cmd
) {
1238 case NL80211_CMD_TRIGGER_SCAN
:
1239 wpa_printf(MSG_DEBUG
, "nl80211: Scan trigger");
1241 case NL80211_CMD_NEW_SCAN_RESULTS
:
1242 wpa_printf(MSG_DEBUG
, "nl80211: New scan results available");
1243 drv
->scan_complete_events
= 1;
1244 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout
, drv
,
1246 send_scan_event(drv
, 0, tb
);
1248 case NL80211_CMD_SCAN_ABORTED
:
1249 wpa_printf(MSG_DEBUG
, "nl80211: Scan aborted");
1251 * Need to indicate that scan results are available in order
1252 * not to make wpa_supplicant stop its scanning.
1254 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout
, drv
,
1256 send_scan_event(drv
, 1, tb
);
1258 case NL80211_CMD_AUTHENTICATE
:
1259 case NL80211_CMD_ASSOCIATE
:
1260 case NL80211_CMD_DEAUTHENTICATE
:
1261 case NL80211_CMD_DISASSOCIATE
:
1262 case NL80211_CMD_FRAME
:
1263 case NL80211_CMD_FRAME_TX_STATUS
:
1264 mlme_event(drv
, gnlh
->cmd
, tb
[NL80211_ATTR_FRAME
],
1265 tb
[NL80211_ATTR_MAC
], tb
[NL80211_ATTR_TIMED_OUT
],
1266 tb
[NL80211_ATTR_WIPHY_FREQ
], tb
[NL80211_ATTR_ACK
],
1267 tb
[NL80211_ATTR_COOKIE
]);
1269 case NL80211_CMD_CONNECT
:
1270 case NL80211_CMD_ROAM
:
1271 mlme_event_connect(drv
, gnlh
->cmd
,
1272 tb
[NL80211_ATTR_STATUS_CODE
],
1273 tb
[NL80211_ATTR_MAC
],
1274 tb
[NL80211_ATTR_REQ_IE
],
1275 tb
[NL80211_ATTR_RESP_IE
]);
1277 case NL80211_CMD_DISCONNECT
:
1278 if (drv
->capa
.flags
& WPA_DRIVER_FLAGS_SME
) {
1280 * Avoid reporting two disassociation events that could
1281 * confuse the core code.
1283 wpa_printf(MSG_DEBUG
, "nl80211: Ignore disconnect "
1284 "event when using userspace SME");
1287 drv
->associated
= 0;
1288 os_memset(&data
, 0, sizeof(data
));
1289 if (tb
[NL80211_ATTR_REASON_CODE
])
1290 data
.disassoc_info
.reason_code
=
1291 nla_get_u16(tb
[NL80211_ATTR_REASON_CODE
]);
1292 wpa_supplicant_event(drv
->ctx
, EVENT_DISASSOC
, &data
);
1294 case NL80211_CMD_MICHAEL_MIC_FAILURE
:
1295 mlme_event_michael_mic_failure(drv
, tb
);
1297 case NL80211_CMD_JOIN_IBSS
:
1298 mlme_event_join_ibss(drv
, tb
);
1300 case NL80211_CMD_REMAIN_ON_CHANNEL
:
1301 mlme_event_remain_on_channel(drv
, 0, tb
);
1303 case NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL
:
1304 mlme_event_remain_on_channel(drv
, 1, tb
);
1306 case NL80211_CMD_NOTIFY_CQM
:
1307 nl80211_cqm_event(drv
, tb
);
1309 case NL80211_CMD_REG_CHANGE
:
1310 wpa_printf(MSG_DEBUG
, "nl80211: Regulatory domain change");
1311 wpa_supplicant_event(drv
->ctx
, EVENT_CHANNEL_LIST_CHANGED
,
1314 case NL80211_CMD_REG_BEACON_HINT
:
1315 wpa_printf(MSG_DEBUG
, "nl80211: Regulatory beacon hint");
1316 wpa_supplicant_event(drv
->ctx
, EVENT_CHANNEL_LIST_CHANGED
,
1320 wpa_printf(MSG_DEBUG
, "nl80211: Ignored unknown event "
1321 "(cmd=%d)", gnlh
->cmd
);
1329 static void wpa_driver_nl80211_event_receive(int sock
, void *eloop_ctx
,
1333 struct wpa_driver_nl80211_data
*drv
= eloop_ctx
;
1335 wpa_printf(MSG_DEBUG
, "nl80211: Event message available");
1337 cb
= nl_cb_clone(drv
->nl_cb
);
1340 nl_cb_set(cb
, NL_CB_SEQ_CHECK
, NL_CB_CUSTOM
, no_seq_check
, NULL
);
1341 nl_cb_set(cb
, NL_CB_VALID
, NL_CB_CUSTOM
, process_event
, drv
);
1342 nl_recvmsgs(handle
, cb
);
1348 * wpa_driver_nl80211_set_country - ask nl80211 to set the regulatory domain
1349 * @priv: driver_nl80211 private data
1350 * @alpha2_arg: country to which to switch to
1351 * Returns: 0 on success, -1 on failure
1353 * This asks nl80211 to set the regulatory domain for given
1354 * country ISO / IEC alpha2.
1356 static int wpa_driver_nl80211_set_country(void *priv
, const char *alpha2_arg
)
1358 struct i802_bss
*bss
= priv
;
1359 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
1363 msg
= nlmsg_alloc();
1367 alpha2
[0] = alpha2_arg
[0];
1368 alpha2
[1] = alpha2_arg
[1];
1371 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
1372 0, NL80211_CMD_REQ_SET_REG
, 0);
1374 NLA_PUT_STRING(msg
, NL80211_ATTR_REG_ALPHA2
, alpha2
);
1375 if (send_and_recv_msgs(drv
, msg
, NULL
, NULL
))
1384 struct wiphy_info_data
{
1388 int connect_supported
;
1392 static int wiphy_info_handler(struct nl_msg
*msg
, void *arg
)
1394 struct nlattr
*tb
[NL80211_ATTR_MAX
+ 1];
1395 struct genlmsghdr
*gnlh
= nlmsg_data(nlmsg_hdr(msg
));
1396 struct wiphy_info_data
*info
= arg
;
1398 nla_parse(tb
, NL80211_ATTR_MAX
, genlmsg_attrdata(gnlh
, 0),
1399 genlmsg_attrlen(gnlh
, 0), NULL
);
1401 if (tb
[NL80211_ATTR_MAX_NUM_SCAN_SSIDS
])
1402 info
->max_scan_ssids
=
1403 nla_get_u8(tb
[NL80211_ATTR_MAX_NUM_SCAN_SSIDS
]);
1405 if (tb
[NL80211_ATTR_SUPPORTED_IFTYPES
]) {
1406 struct nlattr
*nl_mode
;
1408 nla_for_each_nested(nl_mode
,
1409 tb
[NL80211_ATTR_SUPPORTED_IFTYPES
], i
) {
1410 if (nl_mode
->nla_type
== NL80211_IFTYPE_AP
) {
1411 info
->ap_supported
= 1;
1417 if (tb
[NL80211_ATTR_SUPPORTED_COMMANDS
]) {
1418 struct nlattr
*nl_cmd
;
1421 nla_for_each_nested(nl_cmd
,
1422 tb
[NL80211_ATTR_SUPPORTED_COMMANDS
], i
) {
1423 u32 cmd
= nla_get_u32(nl_cmd
);
1424 if (cmd
== NL80211_CMD_AUTHENTICATE
)
1425 info
->auth_supported
= 1;
1426 else if (cmd
== NL80211_CMD_CONNECT
)
1427 info
->connect_supported
= 1;
1435 static int wpa_driver_nl80211_get_info(struct wpa_driver_nl80211_data
*drv
,
1436 struct wiphy_info_data
*info
)
1440 os_memset(info
, 0, sizeof(*info
));
1441 msg
= nlmsg_alloc();
1445 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
1446 0, NL80211_CMD_GET_WIPHY
, 0);
1448 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, drv
->first_bss
.ifindex
);
1450 if (send_and_recv_msgs(drv
, msg
, wiphy_info_handler
, info
) == 0)
1459 static int wpa_driver_nl80211_capa(struct wpa_driver_nl80211_data
*drv
)
1461 struct wiphy_info_data info
;
1462 if (wpa_driver_nl80211_get_info(drv
, &info
))
1464 drv
->has_capability
= 1;
1465 /* For now, assume TKIP, CCMP, WPA, WPA2 are supported */
1466 drv
->capa
.key_mgmt
= WPA_DRIVER_CAPA_KEY_MGMT_WPA
|
1467 WPA_DRIVER_CAPA_KEY_MGMT_WPA_PSK
|
1468 WPA_DRIVER_CAPA_KEY_MGMT_WPA2
|
1469 WPA_DRIVER_CAPA_KEY_MGMT_WPA2_PSK
;
1470 drv
->capa
.enc
= WPA_DRIVER_CAPA_ENC_WEP40
|
1471 WPA_DRIVER_CAPA_ENC_WEP104
|
1472 WPA_DRIVER_CAPA_ENC_TKIP
|
1473 WPA_DRIVER_CAPA_ENC_CCMP
;
1474 drv
->capa
.auth
= WPA_DRIVER_AUTH_OPEN
|
1475 WPA_DRIVER_AUTH_SHARED
|
1476 WPA_DRIVER_AUTH_LEAP
;
1478 drv
->capa
.max_scan_ssids
= info
.max_scan_ssids
;
1479 if (info
.ap_supported
)
1480 drv
->capa
.flags
|= WPA_DRIVER_FLAGS_AP
;
1482 if (info
.auth_supported
)
1483 drv
->capa
.flags
|= WPA_DRIVER_FLAGS_SME
;
1484 else if (!info
.connect_supported
) {
1485 wpa_printf(MSG_INFO
, "nl80211: Driver does not support "
1486 "authentication/association or connect commands");
1490 drv
->capa
.flags
|= WPA_DRIVER_FLAGS_SET_KEYS_AFTER_ASSOC_DONE
;
1491 drv
->capa
.flags
|= WPA_DRIVER_FLAGS_P2P_CAPABLE
;
1492 drv
->capa
.max_remain_on_chan
= 5000;
1496 #endif /* HOSTAPD */
1499 static int wpa_driver_nl80211_init_nl(struct wpa_driver_nl80211_data
*drv
)
1503 /* Initialize generic netlink and nl80211 */
1505 drv
->nl_cb
= nl_cb_alloc(NL_CB_DEFAULT
);
1506 if (drv
->nl_cb
== NULL
) {
1507 wpa_printf(MSG_ERROR
, "nl80211: Failed to allocate netlink "
1512 drv
->nl_handle
= nl80211_handle_alloc(drv
->nl_cb
);
1513 if (drv
->nl_handle
== NULL
) {
1514 wpa_printf(MSG_ERROR
, "nl80211: Failed to allocate netlink "
1519 drv
->nl_handle_event
= nl80211_handle_alloc(drv
->nl_cb
);
1520 if (drv
->nl_handle_event
== NULL
) {
1521 wpa_printf(MSG_ERROR
, "nl80211: Failed to allocate netlink "
1522 "callbacks (event)");
1526 if (genl_connect(drv
->nl_handle
)) {
1527 wpa_printf(MSG_ERROR
, "nl80211: Failed to connect to generic "
1532 if (genl_connect(drv
->nl_handle_event
)) {
1533 wpa_printf(MSG_ERROR
, "nl80211: Failed to connect to generic "
1538 #ifdef CONFIG_LIBNL20
1539 if (genl_ctrl_alloc_cache(drv
->nl_handle
, &drv
->nl_cache
) < 0) {
1540 wpa_printf(MSG_ERROR
, "nl80211: Failed to allocate generic "
1544 if (genl_ctrl_alloc_cache(drv
->nl_handle_event
, &drv
->nl_cache_event
) <
1546 wpa_printf(MSG_ERROR
, "nl80211: Failed to allocate generic "
1547 "netlink cache (event)");
1550 #else /* CONFIG_LIBNL20 */
1551 drv
->nl_cache
= genl_ctrl_alloc_cache(drv
->nl_handle
);
1552 if (drv
->nl_cache
== NULL
) {
1553 wpa_printf(MSG_ERROR
, "nl80211: Failed to allocate generic "
1557 drv
->nl_cache_event
= genl_ctrl_alloc_cache(drv
->nl_handle_event
);
1558 if (drv
->nl_cache_event
== NULL
) {
1559 wpa_printf(MSG_ERROR
, "nl80211: Failed to allocate generic "
1560 "netlink cache (event)");
1563 #endif /* CONFIG_LIBNL20 */
1565 drv
->nl80211
= genl_ctrl_search_by_name(drv
->nl_cache
, "nl80211");
1566 if (drv
->nl80211
== NULL
) {
1567 wpa_printf(MSG_ERROR
, "nl80211: 'nl80211' generic netlink not "
1572 ret
= nl_get_multicast_id(drv
, "nl80211", "scan");
1574 ret
= nl_socket_add_membership(drv
->nl_handle_event
, ret
);
1576 wpa_printf(MSG_ERROR
, "nl80211: Could not add multicast "
1577 "membership for scan events: %d (%s)",
1578 ret
, strerror(-ret
));
1582 ret
= nl_get_multicast_id(drv
, "nl80211", "mlme");
1584 ret
= nl_socket_add_membership(drv
->nl_handle_event
, ret
);
1586 wpa_printf(MSG_ERROR
, "nl80211: Could not add multicast "
1587 "membership for mlme events: %d (%s)",
1588 ret
, strerror(-ret
));
1592 ret
= nl_get_multicast_id(drv
, "nl80211", "regulatory");
1594 ret
= nl_socket_add_membership(drv
->nl_handle_event
, ret
);
1596 wpa_printf(MSG_DEBUG
, "nl80211: Could not add multicast "
1597 "membership for regulatory events: %d (%s)",
1598 ret
, strerror(-ret
));
1599 /* Continue without regulatory events */
1602 eloop_register_read_sock(nl_socket_get_fd(drv
->nl_handle_event
),
1603 wpa_driver_nl80211_event_receive
, drv
,
1604 drv
->nl_handle_event
);
1609 nl_cache_free(drv
->nl_cache_event
);
1611 nl_cache_free(drv
->nl_cache
);
1613 nl80211_handle_destroy(drv
->nl_handle_event
);
1615 nl80211_handle_destroy(drv
->nl_handle
);
1617 nl_cb_put(drv
->nl_cb
);
1623 static void wpa_driver_nl80211_rfkill_blocked(void *ctx
)
1625 wpa_printf(MSG_DEBUG
, "nl80211: RFKILL blocked");
1627 * This may be for any interface; use ifdown event to disable
1633 static void wpa_driver_nl80211_rfkill_unblocked(void *ctx
)
1635 struct wpa_driver_nl80211_data
*drv
= ctx
;
1636 wpa_printf(MSG_DEBUG
, "nl80211: RFKILL unblocked");
1637 if (linux_set_iface_flags(drv
->ioctl_sock
, drv
->first_bss
.ifname
, 1)) {
1638 wpa_printf(MSG_DEBUG
, "nl80211: Could not set interface UP "
1639 "after rfkill unblock");
1642 /* rtnetlink ifup handler will report interface as enabled */
1647 * wpa_driver_nl80211_init - Initialize nl80211 driver interface
1648 * @ctx: context to be used when calling wpa_supplicant functions,
1649 * e.g., wpa_supplicant_event()
1650 * @ifname: interface name, e.g., wlan0
1651 * Returns: Pointer to private data, %NULL on failure
1653 static void * wpa_driver_nl80211_init(void *ctx
, const char *ifname
)
1655 struct wpa_driver_nl80211_data
*drv
;
1656 struct netlink_config
*cfg
;
1657 struct rfkill_config
*rcfg
;
1658 struct i802_bss
*bss
;
1660 drv
= os_zalloc(sizeof(*drv
));
1664 bss
= &drv
->first_bss
;
1666 os_strlcpy(bss
->ifname
, ifname
, sizeof(bss
->ifname
));
1667 drv
->monitor_ifidx
= -1;
1668 drv
->monitor_sock
= -1;
1669 drv
->ioctl_sock
= -1;
1671 if (wpa_driver_nl80211_init_nl(drv
)) {
1676 drv
->ioctl_sock
= socket(PF_INET
, SOCK_DGRAM
, 0);
1677 if (drv
->ioctl_sock
< 0) {
1678 perror("socket(PF_INET,SOCK_DGRAM)");
1682 cfg
= os_zalloc(sizeof(*cfg
));
1686 cfg
->newlink_cb
= wpa_driver_nl80211_event_rtm_newlink
;
1687 cfg
->dellink_cb
= wpa_driver_nl80211_event_rtm_dellink
;
1688 drv
->netlink
= netlink_init(cfg
);
1689 if (drv
->netlink
== NULL
) {
1694 rcfg
= os_zalloc(sizeof(*rcfg
));
1698 os_strlcpy(rcfg
->ifname
, ifname
, sizeof(rcfg
->ifname
));
1699 rcfg
->blocked_cb
= wpa_driver_nl80211_rfkill_blocked
;
1700 rcfg
->unblocked_cb
= wpa_driver_nl80211_rfkill_unblocked
;
1701 drv
->rfkill
= rfkill_init(rcfg
);
1702 if (drv
->rfkill
== NULL
) {
1703 wpa_printf(MSG_DEBUG
, "nl80211: RFKILL status not available");
1707 if (wpa_driver_nl80211_finish_drv_init(drv
))
1713 rfkill_deinit(drv
->rfkill
);
1714 netlink_deinit(drv
->netlink
);
1715 if (drv
->ioctl_sock
>= 0)
1716 close(drv
->ioctl_sock
);
1718 genl_family_put(drv
->nl80211
);
1719 nl_cache_free(drv
->nl_cache
);
1720 nl80211_handle_destroy(drv
->nl_handle
);
1721 nl_cb_put(drv
->nl_cb
);
1722 eloop_unregister_read_sock(nl_socket_get_fd(drv
->nl_handle_event
));
1729 static int nl80211_register_frame(struct wpa_driver_nl80211_data
*drv
,
1730 struct nl_handle
*nl_handle
,
1731 u16 type
, const u8
*match
, size_t match_len
)
1736 msg
= nlmsg_alloc();
1740 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0, 0,
1741 NL80211_CMD_REGISTER_ACTION
, 0);
1743 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, drv
->ifindex
);
1744 NLA_PUT_U16(msg
, NL80211_ATTR_FRAME_TYPE
, type
);
1745 NLA_PUT(msg
, NL80211_ATTR_FRAME_MATCH
, match_len
, match
);
1747 ret
= send_and_recv(drv
, nl_handle
, msg
, NULL
, NULL
);
1750 wpa_printf(MSG_DEBUG
, "nl80211: Register frame command "
1751 "failed (type=%u): ret=%d (%s)",
1752 type
, ret
, strerror(-ret
));
1753 wpa_hexdump(MSG_DEBUG
, "nl80211: Register frame match",
1755 goto nla_put_failure
;
1764 static int nl80211_register_action_frame(struct wpa_driver_nl80211_data
*drv
,
1765 const u8
*match
, size_t match_len
)
1767 u16 type
= (WLAN_FC_TYPE_MGMT
<< 2) | (WLAN_FC_STYPE_ACTION
<< 4);
1768 return nl80211_register_frame(drv
, drv
->nl_handle_event
,
1769 type
, match
, match_len
);
1773 static int nl80211_register_action_frames(struct wpa_driver_nl80211_data
*drv
)
1776 /* GAS Initial Request */
1777 if (nl80211_register_action_frame(drv
, (u8
*) "\x04\x0a", 2) < 0)
1779 /* GAS Initial Response */
1780 if (nl80211_register_action_frame(drv
, (u8
*) "\x04\x0b", 2) < 0)
1782 /* GAS Comeback Request */
1783 if (nl80211_register_action_frame(drv
, (u8
*) "\x04\x0c", 2) < 0)
1785 /* GAS Comeback Response */
1786 if (nl80211_register_action_frame(drv
, (u8
*) "\x04\x0d", 2) < 0)
1788 /* P2P Public Action */
1789 if (nl80211_register_action_frame(drv
,
1790 (u8
*) "\x04\x09\x50\x6f\x9a\x09",
1794 if (nl80211_register_action_frame(drv
,
1795 (u8
*) "\x7f\x50\x6f\x9a\x09",
1798 #endif /* CONFIG_P2P */
1800 /* FT Action frames */
1801 if (nl80211_register_action_frame(drv
, (u8
*) "\x06", 1) < 0)
1804 drv
->capa
.key_mgmt
|= WPA_DRIVER_CAPA_KEY_MGMT_FT
|
1805 WPA_DRIVER_CAPA_KEY_MGMT_FT_PSK
;
1811 static void wpa_driver_nl80211_send_rfkill(void *eloop_ctx
, void *timeout_ctx
)
1813 wpa_supplicant_event(timeout_ctx
, EVENT_INTERFACE_DISABLED
, NULL
);
1818 wpa_driver_nl80211_finish_drv_init(struct wpa_driver_nl80211_data
*drv
)
1820 struct i802_bss
*bss
= &drv
->first_bss
;
1821 int send_rfkill_event
= 0;
1823 drv
->ifindex
= if_nametoindex(bss
->ifname
);
1824 drv
->first_bss
.ifindex
= drv
->ifindex
;
1827 if (wpa_driver_nl80211_set_mode(bss
, IEEE80211_MODE_INFRA
) < 0) {
1828 wpa_printf(MSG_DEBUG
, "nl80211: Could not configure driver to "
1829 "use managed mode");
1832 if (linux_set_iface_flags(drv
->ioctl_sock
, bss
->ifname
, 1)) {
1833 if (rfkill_is_blocked(drv
->rfkill
)) {
1834 wpa_printf(MSG_DEBUG
, "nl80211: Could not yet enable "
1835 "interface '%s' due to rfkill",
1837 drv
->if_disabled
= 1;
1838 send_rfkill_event
= 1;
1840 wpa_printf(MSG_ERROR
, "nl80211: Could not set "
1841 "interface '%s' UP", bss
->ifname
);
1846 if (wpa_driver_nl80211_capa(drv
))
1849 netlink_send_oper_ifla(drv
->netlink
, drv
->ifindex
,
1850 1, IF_OPER_DORMANT
);
1851 #endif /* HOSTAPD */
1853 if (nl80211_register_action_frames(drv
) < 0) {
1854 wpa_printf(MSG_DEBUG
, "nl80211: Failed to register Action "
1855 "frame processing - ignore for now");
1857 * Older kernel versions did not support this, so ignore the
1858 * error for now. Some functionality may not be available
1863 if (send_rfkill_event
) {
1864 eloop_register_timeout(0, 0, wpa_driver_nl80211_send_rfkill
,
1872 static int wpa_driver_nl80211_del_beacon(struct wpa_driver_nl80211_data
*drv
)
1876 msg
= nlmsg_alloc();
1880 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
1881 0, NL80211_CMD_DEL_BEACON
, 0);
1882 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, drv
->ifindex
);
1884 return send_and_recv_msgs(drv
, msg
, NULL
, NULL
);
1891 * wpa_driver_nl80211_deinit - Deinitialize nl80211 driver interface
1892 * @priv: Pointer to private nl80211 data from wpa_driver_nl80211_init()
1894 * Shut down driver interface and processing of driver events. Free
1895 * private data buffer if one was allocated in wpa_driver_nl80211_init().
1897 static void wpa_driver_nl80211_deinit(void *priv
)
1899 struct i802_bss
*bss
= priv
;
1900 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
1902 if (drv
->nl_handle_preq
)
1903 wpa_driver_nl80211_probe_req_report(bss
, 0);
1904 if (drv
->added_if_into_bridge
) {
1905 if (linux_br_del_if(drv
->ioctl_sock
, drv
->brname
, bss
->ifname
)
1907 wpa_printf(MSG_INFO
, "nl80211: Failed to remove "
1908 "interface %s from bridge %s: %s",
1909 bss
->ifname
, drv
->brname
, strerror(errno
));
1911 if (drv
->added_bridge
) {
1912 if (linux_br_del(drv
->ioctl_sock
, drv
->brname
) < 0)
1913 wpa_printf(MSG_INFO
, "nl80211: Failed to remove "
1915 drv
->brname
, strerror(errno
));
1918 nl80211_remove_monitor_interface(drv
);
1920 if (drv
->nlmode
== NL80211_IFTYPE_AP
)
1921 wpa_driver_nl80211_del_beacon(drv
);
1924 if (drv
->last_freq_ht
) {
1925 /* Clear HT flags from the driver */
1926 struct hostapd_freq_params freq
;
1927 os_memset(&freq
, 0, sizeof(freq
));
1928 freq
.freq
= drv
->last_freq
;
1929 i802_set_freq(priv
, &freq
);
1932 if (drv
->eapol_sock
>= 0) {
1933 eloop_unregister_read_sock(drv
->eapol_sock
);
1934 close(drv
->eapol_sock
);
1937 if (drv
->if_indices
!= drv
->default_if_indices
)
1938 os_free(drv
->if_indices
);
1939 #endif /* HOSTAPD */
1941 if (drv
->disable_11b_rates
)
1942 nl80211_disable_11b_rates(drv
, drv
->ifindex
, 0);
1944 netlink_send_oper_ifla(drv
->netlink
, drv
->ifindex
, 0, IF_OPER_UP
);
1945 netlink_deinit(drv
->netlink
);
1946 rfkill_deinit(drv
->rfkill
);
1948 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout
, drv
, drv
->ctx
);
1950 (void) linux_set_iface_flags(drv
->ioctl_sock
, bss
->ifname
, 0);
1951 wpa_driver_nl80211_set_mode(bss
, IEEE80211_MODE_INFRA
);
1953 if (drv
->ioctl_sock
>= 0)
1954 close(drv
->ioctl_sock
);
1956 eloop_unregister_read_sock(nl_socket_get_fd(drv
->nl_handle_event
));
1957 genl_family_put(drv
->nl80211
);
1958 nl_cache_free(drv
->nl_cache
);
1959 nl_cache_free(drv
->nl_cache_event
);
1960 nl80211_handle_destroy(drv
->nl_handle
);
1961 nl80211_handle_destroy(drv
->nl_handle_event
);
1962 nl_cb_put(drv
->nl_cb
);
1964 os_free(drv
->filter_ssids
);
1971 * wpa_driver_nl80211_scan_timeout - Scan timeout to report scan completion
1972 * @eloop_ctx: Driver private data
1973 * @timeout_ctx: ctx argument given to wpa_driver_nl80211_init()
1975 * This function can be used as registered timeout when starting a scan to
1976 * generate a scan completed event if the driver does not report this.
1978 static void wpa_driver_nl80211_scan_timeout(void *eloop_ctx
, void *timeout_ctx
)
1980 struct wpa_driver_nl80211_data
*drv
= eloop_ctx
;
1981 if (drv
->ap_scan_as_station
) {
1982 wpa_driver_nl80211_set_mode(&drv
->first_bss
,
1984 drv
->ap_scan_as_station
= 0;
1986 wpa_printf(MSG_DEBUG
, "Scan timeout - try to get results");
1987 wpa_supplicant_event(timeout_ctx
, EVENT_SCAN_RESULTS
, NULL
);
1992 * wpa_driver_nl80211_scan - Request the driver to initiate scan
1993 * @priv: Pointer to private driver data from wpa_driver_nl80211_init()
1994 * @params: Scan parameters
1995 * Returns: 0 on success, -1 on failure
1997 static int wpa_driver_nl80211_scan(void *priv
,
1998 struct wpa_driver_scan_params
*params
)
2000 struct i802_bss
*bss
= priv
;
2001 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
2002 int ret
= 0, timeout
;
2003 struct nl_msg
*msg
, *ssids
, *freqs
;
2006 msg
= nlmsg_alloc();
2007 ssids
= nlmsg_alloc();
2008 freqs
= nlmsg_alloc();
2009 if (!msg
|| !ssids
|| !freqs
) {
2016 os_free(drv
->filter_ssids
);
2017 drv
->filter_ssids
= params
->filter_ssids
;
2018 params
->filter_ssids
= NULL
;
2019 drv
->num_filter_ssids
= params
->num_filter_ssids
;
2021 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0, 0,
2022 NL80211_CMD_TRIGGER_SCAN
, 0);
2024 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, drv
->ifindex
);
2026 for (i
= 0; i
< params
->num_ssids
; i
++) {
2027 wpa_hexdump_ascii(MSG_MSGDUMP
, "nl80211: Scan SSID",
2028 params
->ssids
[i
].ssid
,
2029 params
->ssids
[i
].ssid_len
);
2030 NLA_PUT(ssids
, i
+ 1, params
->ssids
[i
].ssid_len
,
2031 params
->ssids
[i
].ssid
);
2033 if (params
->num_ssids
)
2034 nla_put_nested(msg
, NL80211_ATTR_SCAN_SSIDS
, ssids
);
2036 if (params
->extra_ies
) {
2037 wpa_hexdump_ascii(MSG_MSGDUMP
, "nl80211: Scan extra IEs",
2038 params
->extra_ies
, params
->extra_ies_len
);
2039 NLA_PUT(msg
, NL80211_ATTR_IE
, params
->extra_ies_len
,
2043 if (params
->freqs
) {
2044 for (i
= 0; params
->freqs
[i
]; i
++) {
2045 wpa_printf(MSG_MSGDUMP
, "nl80211: Scan frequency %u "
2046 "MHz", params
->freqs
[i
]);
2047 NLA_PUT_U32(freqs
, i
+ 1, params
->freqs
[i
]);
2049 nla_put_nested(msg
, NL80211_ATTR_SCAN_FREQUENCIES
, freqs
);
2052 ret
= send_and_recv_msgs(drv
, msg
, NULL
, NULL
);
2055 wpa_printf(MSG_DEBUG
, "nl80211: Scan trigger failed: ret=%d "
2056 "(%s)", ret
, strerror(-ret
));
2058 if (drv
->nlmode
== NL80211_IFTYPE_AP
) {
2060 * mac80211 does not allow scan requests in AP mode, so
2061 * try to do this in station mode.
2063 if (wpa_driver_nl80211_set_mode(bss
,
2064 IEEE80211_MODE_INFRA
))
2065 goto nla_put_failure
;
2067 if (wpa_driver_nl80211_scan(drv
, params
)) {
2068 wpa_driver_nl80211_set_mode(bss
,
2070 goto nla_put_failure
;
2073 /* Restore AP mode when processing scan results */
2074 drv
->ap_scan_as_station
= 1;
2077 goto nla_put_failure
;
2079 goto nla_put_failure
;
2080 #endif /* HOSTAPD */
2083 /* Not all drivers generate "scan completed" wireless event, so try to
2084 * read results after a timeout. */
2086 if (drv
->scan_complete_events
) {
2088 * The driver seems to deliver events to notify when scan is
2089 * complete, so use longer timeout to avoid race conditions
2090 * with scanning and following association request.
2094 wpa_printf(MSG_DEBUG
, "Scan requested (ret=%d) - scan timeout %d "
2095 "seconds", ret
, timeout
);
2096 eloop_cancel_timeout(wpa_driver_nl80211_scan_timeout
, drv
, drv
->ctx
);
2097 eloop_register_timeout(timeout
, 0, wpa_driver_nl80211_scan_timeout
,
2108 static const u8
* nl80211_get_ie(const u8
*ies
, size_t ies_len
, u8 ie
)
2110 const u8
*end
, *pos
;
2116 end
= ies
+ ies_len
;
2118 while (pos
+ 1 < end
) {
2119 if (pos
+ 2 + pos
[1] > end
)
2130 static int nl80211_scan_filtered(struct wpa_driver_nl80211_data
*drv
,
2131 const u8
*ie
, size_t ie_len
)
2136 if (drv
->filter_ssids
== NULL
)
2139 ssid
= nl80211_get_ie(ie
, ie_len
, WLAN_EID_SSID
);
2143 for (i
= 0; i
< drv
->num_filter_ssids
; i
++) {
2144 if (ssid
[1] == drv
->filter_ssids
[i
].ssid_len
&&
2145 os_memcmp(ssid
+ 2, drv
->filter_ssids
[i
].ssid
, ssid
[1]) ==
2154 struct nl80211_bss_info_arg
{
2155 struct wpa_driver_nl80211_data
*drv
;
2156 struct wpa_scan_results
*res
;
2159 static int bss_info_handler(struct nl_msg
*msg
, void *arg
)
2161 struct nlattr
*tb
[NL80211_ATTR_MAX
+ 1];
2162 struct genlmsghdr
*gnlh
= nlmsg_data(nlmsg_hdr(msg
));
2163 struct nlattr
*bss
[NL80211_BSS_MAX
+ 1];
2164 static struct nla_policy bss_policy
[NL80211_BSS_MAX
+ 1] = {
2165 [NL80211_BSS_BSSID
] = { .type
= NLA_UNSPEC
},
2166 [NL80211_BSS_FREQUENCY
] = { .type
= NLA_U32
},
2167 [NL80211_BSS_TSF
] = { .type
= NLA_U64
},
2168 [NL80211_BSS_BEACON_INTERVAL
] = { .type
= NLA_U16
},
2169 [NL80211_BSS_CAPABILITY
] = { .type
= NLA_U16
},
2170 [NL80211_BSS_INFORMATION_ELEMENTS
] = { .type
= NLA_UNSPEC
},
2171 [NL80211_BSS_SIGNAL_MBM
] = { .type
= NLA_U32
},
2172 [NL80211_BSS_SIGNAL_UNSPEC
] = { .type
= NLA_U8
},
2173 [NL80211_BSS_STATUS
] = { .type
= NLA_U32
},
2174 [NL80211_BSS_SEEN_MS_AGO
] = { .type
= NLA_U32
},
2175 [NL80211_BSS_BEACON_IES
] = { .type
= NLA_UNSPEC
},
2177 struct nl80211_bss_info_arg
*_arg
= arg
;
2178 struct wpa_scan_results
*res
= _arg
->res
;
2179 struct wpa_scan_res
**tmp
;
2180 struct wpa_scan_res
*r
;
2181 const u8
*ie
, *beacon_ie
;
2182 size_t ie_len
, beacon_ie_len
;
2185 nla_parse(tb
, NL80211_ATTR_MAX
, genlmsg_attrdata(gnlh
, 0),
2186 genlmsg_attrlen(gnlh
, 0), NULL
);
2187 if (!tb
[NL80211_ATTR_BSS
])
2189 if (nla_parse_nested(bss
, NL80211_BSS_MAX
, tb
[NL80211_ATTR_BSS
],
2192 if (bss
[NL80211_BSS_INFORMATION_ELEMENTS
]) {
2193 ie
= nla_data(bss
[NL80211_BSS_INFORMATION_ELEMENTS
]);
2194 ie_len
= nla_len(bss
[NL80211_BSS_INFORMATION_ELEMENTS
]);
2199 if (bss
[NL80211_BSS_BEACON_IES
]) {
2200 beacon_ie
= nla_data(bss
[NL80211_BSS_BEACON_IES
]);
2201 beacon_ie_len
= nla_len(bss
[NL80211_BSS_BEACON_IES
]);
2207 if (nl80211_scan_filtered(_arg
->drv
, ie
? ie
: beacon_ie
,
2208 ie
? ie_len
: beacon_ie_len
))
2211 r
= os_zalloc(sizeof(*r
) + ie_len
+ beacon_ie_len
);
2214 if (bss
[NL80211_BSS_BSSID
])
2215 os_memcpy(r
->bssid
, nla_data(bss
[NL80211_BSS_BSSID
]),
2217 if (bss
[NL80211_BSS_FREQUENCY
])
2218 r
->freq
= nla_get_u32(bss
[NL80211_BSS_FREQUENCY
]);
2219 if (bss
[NL80211_BSS_BEACON_INTERVAL
])
2220 r
->beacon_int
= nla_get_u16(bss
[NL80211_BSS_BEACON_INTERVAL
]);
2221 if (bss
[NL80211_BSS_CAPABILITY
])
2222 r
->caps
= nla_get_u16(bss
[NL80211_BSS_CAPABILITY
]);
2223 r
->flags
|= WPA_SCAN_NOISE_INVALID
;
2224 if (bss
[NL80211_BSS_SIGNAL_MBM
]) {
2225 r
->level
= nla_get_u32(bss
[NL80211_BSS_SIGNAL_MBM
]);
2226 r
->level
/= 100; /* mBm to dBm */
2227 r
->flags
|= WPA_SCAN_LEVEL_DBM
| WPA_SCAN_QUAL_INVALID
;
2228 } else if (bss
[NL80211_BSS_SIGNAL_UNSPEC
]) {
2229 r
->level
= nla_get_u8(bss
[NL80211_BSS_SIGNAL_UNSPEC
]);
2230 r
->flags
|= WPA_SCAN_LEVEL_INVALID
;
2232 r
->flags
|= WPA_SCAN_LEVEL_INVALID
| WPA_SCAN_QUAL_INVALID
;
2233 if (bss
[NL80211_BSS_TSF
])
2234 r
->tsf
= nla_get_u64(bss
[NL80211_BSS_TSF
]);
2235 if (bss
[NL80211_BSS_SEEN_MS_AGO
])
2236 r
->age
= nla_get_u32(bss
[NL80211_BSS_SEEN_MS_AGO
]);
2238 pos
= (u8
*) (r
+ 1);
2240 os_memcpy(pos
, ie
, ie_len
);
2243 r
->beacon_ie_len
= beacon_ie_len
;
2245 os_memcpy(pos
, beacon_ie
, beacon_ie_len
);
2247 if (bss
[NL80211_BSS_STATUS
]) {
2248 enum nl80211_bss_status status
;
2249 status
= nla_get_u32(bss
[NL80211_BSS_STATUS
]);
2251 case NL80211_BSS_STATUS_AUTHENTICATED
:
2252 r
->flags
|= WPA_SCAN_AUTHENTICATED
;
2254 case NL80211_BSS_STATUS_ASSOCIATED
:
2255 r
->flags
|= WPA_SCAN_ASSOCIATED
;
2262 tmp
= os_realloc(res
->res
,
2263 (res
->num
+ 1) * sizeof(struct wpa_scan_res
*));
2268 tmp
[res
->num
++] = r
;
2275 static void clear_state_mismatch(struct wpa_driver_nl80211_data
*drv
,
2278 if (drv
->capa
.flags
& WPA_DRIVER_FLAGS_SME
) {
2279 wpa_printf(MSG_DEBUG
, "nl80211: Clear possible state "
2280 "mismatch (" MACSTR
")", MAC2STR(addr
));
2281 wpa_driver_nl80211_mlme(drv
, addr
,
2282 NL80211_CMD_DEAUTHENTICATE
,
2283 WLAN_REASON_PREV_AUTH_NOT_VALID
, 1);
2288 static void wpa_driver_nl80211_check_bss_status(
2289 struct wpa_driver_nl80211_data
*drv
, struct wpa_scan_results
*res
)
2293 for (i
= 0; i
< res
->num
; i
++) {
2294 struct wpa_scan_res
*r
= res
->res
[i
];
2295 if (r
->flags
& WPA_SCAN_AUTHENTICATED
) {
2296 wpa_printf(MSG_DEBUG
, "nl80211: Scan results "
2297 "indicates BSS status with " MACSTR
2298 " as authenticated",
2300 if (drv
->nlmode
== NL80211_IFTYPE_STATION
&&
2301 os_memcmp(r
->bssid
, drv
->bssid
, ETH_ALEN
) != 0 &&
2302 os_memcmp(r
->bssid
, drv
->auth_bssid
, ETH_ALEN
) !=
2304 wpa_printf(MSG_DEBUG
, "nl80211: Unknown BSSID"
2305 " in local state (auth=" MACSTR
2306 " assoc=" MACSTR
")",
2307 MAC2STR(drv
->auth_bssid
),
2308 MAC2STR(drv
->bssid
));
2309 clear_state_mismatch(drv
, r
->bssid
);
2313 if (r
->flags
& WPA_SCAN_ASSOCIATED
) {
2314 wpa_printf(MSG_DEBUG
, "nl80211: Scan results "
2315 "indicate BSS status with " MACSTR
2318 if (drv
->nlmode
== NL80211_IFTYPE_STATION
&&
2320 wpa_printf(MSG_DEBUG
, "nl80211: Local state "
2321 "(not associated) does not match "
2323 clear_state_mismatch(drv
, r
->bssid
);
2324 } else if (drv
->nlmode
== NL80211_IFTYPE_STATION
&&
2325 os_memcmp(drv
->bssid
, r
->bssid
, ETH_ALEN
) !=
2327 wpa_printf(MSG_DEBUG
, "nl80211: Local state "
2328 "(associated with " MACSTR
") does "
2329 "not match with BSS state",
2330 MAC2STR(drv
->bssid
));
2331 clear_state_mismatch(drv
, r
->bssid
);
2332 clear_state_mismatch(drv
, drv
->bssid
);
2339 static void wpa_scan_results_free(struct wpa_scan_results
*res
)
2346 for (i
= 0; i
< res
->num
; i
++)
2347 os_free(res
->res
[i
]);
2353 static struct wpa_scan_results
*
2354 nl80211_get_scan_results(struct wpa_driver_nl80211_data
*drv
)
2357 struct wpa_scan_results
*res
;
2359 struct nl80211_bss_info_arg arg
;
2361 res
= os_zalloc(sizeof(*res
));
2364 msg
= nlmsg_alloc();
2366 goto nla_put_failure
;
2368 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0, NLM_F_DUMP
,
2369 NL80211_CMD_GET_SCAN
, 0);
2370 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, drv
->ifindex
);
2374 ret
= send_and_recv_msgs(drv
, msg
, bss_info_handler
, &arg
);
2377 wpa_printf(MSG_DEBUG
, "Received scan results (%lu BSSes)",
2378 (unsigned long) res
->num
);
2381 wpa_printf(MSG_DEBUG
, "nl80211: Scan result fetch failed: ret=%d "
2382 "(%s)", ret
, strerror(-ret
));
2385 wpa_scan_results_free(res
);
2391 * wpa_driver_nl80211_get_scan_results - Fetch the latest scan results
2392 * @priv: Pointer to private wext data from wpa_driver_nl80211_init()
2393 * Returns: Scan results on success, -1 on failure
2395 static struct wpa_scan_results
*
2396 wpa_driver_nl80211_get_scan_results(void *priv
)
2398 struct i802_bss
*bss
= priv
;
2399 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
2400 struct wpa_scan_results
*res
;
2402 res
= nl80211_get_scan_results(drv
);
2404 wpa_driver_nl80211_check_bss_status(drv
, res
);
2409 static void nl80211_dump_scan(struct wpa_driver_nl80211_data
*drv
)
2411 struct wpa_scan_results
*res
;
2414 res
= nl80211_get_scan_results(drv
);
2416 wpa_printf(MSG_DEBUG
, "nl80211: Failed to get scan results");
2420 wpa_printf(MSG_DEBUG
, "nl80211: Scan result dump");
2421 for (i
= 0; i
< res
->num
; i
++) {
2422 struct wpa_scan_res
*r
= res
->res
[i
];
2423 wpa_printf(MSG_DEBUG
, "nl80211: %d/%d " MACSTR
"%s%s",
2424 (int) i
, (int) res
->num
, MAC2STR(r
->bssid
),
2425 r
->flags
& WPA_SCAN_AUTHENTICATED
? " [auth]" : "",
2426 r
->flags
& WPA_SCAN_ASSOCIATED
? " [assoc]" : "");
2429 wpa_scan_results_free(res
);
2433 static int wpa_driver_nl80211_set_key(const char *ifname
, void *priv
,
2434 enum wpa_alg alg
, const u8
*addr
,
2435 int key_idx
, int set_tx
,
2436 const u8
*seq
, size_t seq_len
,
2437 const u8
*key
, size_t key_len
)
2439 struct i802_bss
*bss
= priv
;
2440 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
2441 int ifindex
= if_nametoindex(ifname
);
2445 wpa_printf(MSG_DEBUG
, "%s: ifindex=%d alg=%d addr=%p key_idx=%d "
2446 "set_tx=%d seq_len=%lu key_len=%lu",
2447 __func__
, ifindex
, alg
, addr
, key_idx
, set_tx
,
2448 (unsigned long) seq_len
, (unsigned long) key_len
);
2450 msg
= nlmsg_alloc();
2454 if (alg
== WPA_ALG_NONE
) {
2455 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
2456 0, NL80211_CMD_DEL_KEY
, 0);
2458 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
2459 0, NL80211_CMD_NEW_KEY
, 0);
2460 NLA_PUT(msg
, NL80211_ATTR_KEY_DATA
, key_len
, key
);
2464 NLA_PUT_U32(msg
, NL80211_ATTR_KEY_CIPHER
,
2465 WLAN_CIPHER_SUITE_WEP40
);
2467 NLA_PUT_U32(msg
, NL80211_ATTR_KEY_CIPHER
,
2468 WLAN_CIPHER_SUITE_WEP104
);
2471 NLA_PUT_U32(msg
, NL80211_ATTR_KEY_CIPHER
,
2472 WLAN_CIPHER_SUITE_TKIP
);
2475 NLA_PUT_U32(msg
, NL80211_ATTR_KEY_CIPHER
,
2476 WLAN_CIPHER_SUITE_CCMP
);
2479 NLA_PUT_U32(msg
, NL80211_ATTR_KEY_CIPHER
,
2480 WLAN_CIPHER_SUITE_AES_CMAC
);
2483 wpa_printf(MSG_ERROR
, "%s: Unsupported encryption "
2484 "algorithm %d", __func__
, alg
);
2491 NLA_PUT(msg
, NL80211_ATTR_KEY_SEQ
, seq_len
, seq
);
2493 if (addr
&& os_memcmp(addr
, "\xff\xff\xff\xff\xff\xff", ETH_ALEN
) != 0)
2495 wpa_printf(MSG_DEBUG
, " addr=" MACSTR
, MAC2STR(addr
));
2496 NLA_PUT(msg
, NL80211_ATTR_MAC
, ETH_ALEN
, addr
);
2498 NLA_PUT_U8(msg
, NL80211_ATTR_KEY_IDX
, key_idx
);
2499 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, ifindex
);
2501 ret
= send_and_recv_msgs(drv
, msg
, NULL
, NULL
);
2502 if ((ret
== -ENOENT
|| ret
== -ENOLINK
) && alg
== WPA_ALG_NONE
)
2505 wpa_printf(MSG_DEBUG
, "nl80211: set_key failed; err=%d %s)",
2506 ret
, strerror(-ret
));
2509 * If we failed or don't need to set the default TX key (below),
2512 if (ret
|| !set_tx
|| alg
== WPA_ALG_NONE
)
2518 if (drv
->nlmode
== NL80211_IFTYPE_AP
&& addr
)
2520 #endif /* HOSTAPD */
2522 msg
= nlmsg_alloc();
2526 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
2527 0, NL80211_CMD_SET_KEY
, 0);
2528 NLA_PUT_U8(msg
, NL80211_ATTR_KEY_IDX
, key_idx
);
2529 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, ifindex
);
2530 if (alg
== WPA_ALG_IGTK
)
2531 NLA_PUT_FLAG(msg
, NL80211_ATTR_KEY_DEFAULT_MGMT
);
2533 NLA_PUT_FLAG(msg
, NL80211_ATTR_KEY_DEFAULT
);
2535 ret
= send_and_recv_msgs(drv
, msg
, NULL
, NULL
);
2539 wpa_printf(MSG_DEBUG
, "nl80211: set_key default failed; "
2540 "err=%d %s)", ret
, strerror(-ret
));
2548 static int nl_add_key(struct nl_msg
*msg
, enum wpa_alg alg
,
2549 int key_idx
, int defkey
,
2550 const u8
*seq
, size_t seq_len
,
2551 const u8
*key
, size_t key_len
)
2553 struct nlattr
*key_attr
= nla_nest_start(msg
, NL80211_ATTR_KEY
);
2557 if (defkey
&& alg
== WPA_ALG_IGTK
)
2558 NLA_PUT_FLAG(msg
, NL80211_KEY_DEFAULT_MGMT
);
2560 NLA_PUT_FLAG(msg
, NL80211_KEY_DEFAULT
);
2562 NLA_PUT_U8(msg
, NL80211_KEY_IDX
, key_idx
);
2567 NLA_PUT_U32(msg
, NL80211_KEY_CIPHER
,
2568 WLAN_CIPHER_SUITE_WEP40
);
2570 NLA_PUT_U32(msg
, NL80211_KEY_CIPHER
,
2571 WLAN_CIPHER_SUITE_WEP104
);
2574 NLA_PUT_U32(msg
, NL80211_KEY_CIPHER
, WLAN_CIPHER_SUITE_TKIP
);
2577 NLA_PUT_U32(msg
, NL80211_KEY_CIPHER
, WLAN_CIPHER_SUITE_CCMP
);
2580 NLA_PUT_U32(msg
, NL80211_KEY_CIPHER
,
2581 WLAN_CIPHER_SUITE_AES_CMAC
);
2584 wpa_printf(MSG_ERROR
, "%s: Unsupported encryption "
2585 "algorithm %d", __func__
, alg
);
2590 NLA_PUT(msg
, NL80211_KEY_SEQ
, seq_len
, seq
);
2592 NLA_PUT(msg
, NL80211_KEY_DATA
, key_len
, key
);
2594 nla_nest_end(msg
, key_attr
);
2602 static int nl80211_set_conn_keys(struct wpa_driver_associate_params
*params
,
2606 struct nlattr
*nl_keys
, *nl_key
;
2608 for (i
= 0; i
< 4; i
++) {
2609 if (!params
->wep_key
[i
])
2617 NLA_PUT_FLAG(msg
, NL80211_ATTR_PRIVACY
);
2619 nl_keys
= nla_nest_start(msg
, NL80211_ATTR_KEYS
);
2621 goto nla_put_failure
;
2623 for (i
= 0; i
< 4; i
++) {
2624 if (!params
->wep_key
[i
])
2627 nl_key
= nla_nest_start(msg
, i
);
2629 goto nla_put_failure
;
2631 NLA_PUT(msg
, NL80211_KEY_DATA
, params
->wep_key_len
[i
],
2632 params
->wep_key
[i
]);
2633 if (params
->wep_key_len
[i
] == 5)
2634 NLA_PUT_U32(msg
, NL80211_KEY_CIPHER
,
2635 WLAN_CIPHER_SUITE_WEP40
);
2637 NLA_PUT_U32(msg
, NL80211_KEY_CIPHER
,
2638 WLAN_CIPHER_SUITE_WEP104
);
2640 NLA_PUT_U8(msg
, NL80211_KEY_IDX
, i
);
2642 if (i
== params
->wep_tx_keyidx
)
2643 NLA_PUT_FLAG(msg
, NL80211_KEY_DEFAULT
);
2645 nla_nest_end(msg
, nl_key
);
2647 nla_nest_end(msg
, nl_keys
);
2656 static int wpa_driver_nl80211_mlme(struct wpa_driver_nl80211_data
*drv
,
2657 const u8
*addr
, int cmd
, u16 reason_code
,
2658 int local_state_change
)
2663 msg
= nlmsg_alloc();
2667 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0, 0, cmd
, 0);
2669 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, drv
->ifindex
);
2670 NLA_PUT_U16(msg
, NL80211_ATTR_REASON_CODE
, reason_code
);
2671 NLA_PUT(msg
, NL80211_ATTR_MAC
, ETH_ALEN
, addr
);
2672 if (local_state_change
)
2673 NLA_PUT_FLAG(msg
, NL80211_ATTR_LOCAL_STATE_CHANGE
);
2675 ret
= send_and_recv_msgs(drv
, msg
, NULL
, NULL
);
2678 wpa_printf(MSG_DEBUG
, "nl80211: MLME command failed: ret=%d "
2679 "(%s)", ret
, strerror(-ret
));
2680 goto nla_put_failure
;
2690 static int wpa_driver_nl80211_disconnect(struct wpa_driver_nl80211_data
*drv
,
2691 const u8
*addr
, int reason_code
)
2693 wpa_printf(MSG_DEBUG
, "%s(addr=" MACSTR
" reason_code=%d)",
2694 __func__
, MAC2STR(addr
), reason_code
);
2695 drv
->associated
= 0;
2696 return wpa_driver_nl80211_mlme(drv
, addr
, NL80211_CMD_DISCONNECT
,
2701 static int wpa_driver_nl80211_deauthenticate(void *priv
, const u8
*addr
,
2704 struct i802_bss
*bss
= priv
;
2705 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
2706 if (!(drv
->capa
.flags
& WPA_DRIVER_FLAGS_SME
))
2707 return wpa_driver_nl80211_disconnect(drv
, addr
, reason_code
);
2708 wpa_printf(MSG_DEBUG
, "%s(addr=" MACSTR
" reason_code=%d)",
2709 __func__
, MAC2STR(addr
), reason_code
);
2710 drv
->associated
= 0;
2711 return wpa_driver_nl80211_mlme(drv
, addr
, NL80211_CMD_DEAUTHENTICATE
,
2716 static int wpa_driver_nl80211_disassociate(void *priv
, const u8
*addr
,
2719 struct i802_bss
*bss
= priv
;
2720 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
2721 if (!(drv
->capa
.flags
& WPA_DRIVER_FLAGS_SME
))
2722 return wpa_driver_nl80211_disconnect(drv
, addr
, reason_code
);
2723 wpa_printf(MSG_DEBUG
, "%s", __func__
);
2724 drv
->associated
= 0;
2725 return wpa_driver_nl80211_mlme(drv
, addr
, NL80211_CMD_DISASSOCIATE
,
2730 static int wpa_driver_nl80211_authenticate(
2731 void *priv
, struct wpa_driver_auth_params
*params
)
2733 struct i802_bss
*bss
= priv
;
2734 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
2737 enum nl80211_auth_type type
;
2740 drv
->associated
= 0;
2741 os_memset(drv
->auth_bssid
, 0, ETH_ALEN
);
2742 /* FIX: IBSS mode */
2743 if (drv
->nlmode
!= NL80211_IFTYPE_STATION
)
2744 wpa_driver_nl80211_set_mode(priv
, IEEE80211_MODE_INFRA
);
2746 if (wpa_driver_nl80211_set_mode(priv
, IEEE80211_MODE_INFRA
) < 0)
2750 msg
= nlmsg_alloc();
2754 wpa_printf(MSG_DEBUG
, "nl80211: Authenticate (ifindex=%d)",
2757 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0, 0,
2758 NL80211_CMD_AUTHENTICATE
, 0);
2760 for (i
= 0; i
< 4; i
++) {
2761 if (!params
->wep_key
[i
])
2763 wpa_driver_nl80211_set_key(bss
->ifname
, priv
, WPA_ALG_WEP
,
2765 i
== params
->wep_tx_keyidx
, NULL
, 0,
2767 params
->wep_key_len
[i
]);
2768 if (params
->wep_tx_keyidx
!= i
)
2770 if (nl_add_key(msg
, WPA_ALG_WEP
, i
, 1, NULL
, 0,
2771 params
->wep_key
[i
], params
->wep_key_len
[i
])) {
2777 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, drv
->ifindex
);
2778 if (params
->bssid
) {
2779 wpa_printf(MSG_DEBUG
, " * bssid=" MACSTR
,
2780 MAC2STR(params
->bssid
));
2781 NLA_PUT(msg
, NL80211_ATTR_MAC
, ETH_ALEN
, params
->bssid
);
2784 wpa_printf(MSG_DEBUG
, " * freq=%d", params
->freq
);
2785 NLA_PUT_U32(msg
, NL80211_ATTR_WIPHY_FREQ
, params
->freq
);
2788 wpa_hexdump_ascii(MSG_DEBUG
, " * SSID",
2789 params
->ssid
, params
->ssid_len
);
2790 NLA_PUT(msg
, NL80211_ATTR_SSID
, params
->ssid_len
,
2793 wpa_hexdump(MSG_DEBUG
, " * IEs", params
->ie
, params
->ie_len
);
2795 NLA_PUT(msg
, NL80211_ATTR_IE
, params
->ie_len
, params
->ie
);
2796 if (params
->auth_alg
& WPA_AUTH_ALG_OPEN
)
2797 type
= NL80211_AUTHTYPE_OPEN_SYSTEM
;
2798 else if (params
->auth_alg
& WPA_AUTH_ALG_SHARED
)
2799 type
= NL80211_AUTHTYPE_SHARED_KEY
;
2800 else if (params
->auth_alg
& WPA_AUTH_ALG_LEAP
)
2801 type
= NL80211_AUTHTYPE_NETWORK_EAP
;
2802 else if (params
->auth_alg
& WPA_AUTH_ALG_FT
)
2803 type
= NL80211_AUTHTYPE_FT
;
2805 goto nla_put_failure
;
2806 wpa_printf(MSG_DEBUG
, " * Auth Type %d", type
);
2807 NLA_PUT_U32(msg
, NL80211_ATTR_AUTH_TYPE
, type
);
2808 if (params
->local_state_change
) {
2809 wpa_printf(MSG_DEBUG
, " * Local state change only");
2810 NLA_PUT_FLAG(msg
, NL80211_ATTR_LOCAL_STATE_CHANGE
);
2813 ret
= send_and_recv_msgs(drv
, msg
, NULL
, NULL
);
2816 wpa_printf(MSG_DEBUG
, "nl80211: MLME command failed: ret=%d "
2817 "(%s)", ret
, strerror(-ret
));
2819 if (ret
== -EALREADY
&& count
== 1 && params
->bssid
&&
2820 !params
->local_state_change
) {
2822 * mac80211 does not currently accept new
2823 * authentication if we are already authenticated. As a
2824 * workaround, force deauthentication and try again.
2826 wpa_printf(MSG_DEBUG
, "nl80211: Retry authentication "
2827 "after forced deauthentication");
2828 wpa_driver_nl80211_deauthenticate(
2830 WLAN_REASON_PREV_AUTH_NOT_VALID
);
2834 goto nla_put_failure
;
2837 wpa_printf(MSG_DEBUG
, "nl80211: Authentication request send "
2846 struct phy_info_arg
{
2848 struct hostapd_hw_modes
*modes
;
2851 static int phy_info_handler(struct nl_msg
*msg
, void *arg
)
2853 struct nlattr
*tb_msg
[NL80211_ATTR_MAX
+ 1];
2854 struct genlmsghdr
*gnlh
= nlmsg_data(nlmsg_hdr(msg
));
2855 struct phy_info_arg
*phy_info
= arg
;
2857 struct nlattr
*tb_band
[NL80211_BAND_ATTR_MAX
+ 1];
2859 struct nlattr
*tb_freq
[NL80211_FREQUENCY_ATTR_MAX
+ 1];
2860 static struct nla_policy freq_policy
[NL80211_FREQUENCY_ATTR_MAX
+ 1] = {
2861 [NL80211_FREQUENCY_ATTR_FREQ
] = { .type
= NLA_U32
},
2862 [NL80211_FREQUENCY_ATTR_DISABLED
] = { .type
= NLA_FLAG
},
2863 [NL80211_FREQUENCY_ATTR_PASSIVE_SCAN
] = { .type
= NLA_FLAG
},
2864 [NL80211_FREQUENCY_ATTR_NO_IBSS
] = { .type
= NLA_FLAG
},
2865 [NL80211_FREQUENCY_ATTR_RADAR
] = { .type
= NLA_FLAG
},
2866 [NL80211_FREQUENCY_ATTR_MAX_TX_POWER
] = { .type
= NLA_U32
},
2869 struct nlattr
*tb_rate
[NL80211_BITRATE_ATTR_MAX
+ 1];
2870 static struct nla_policy rate_policy
[NL80211_BITRATE_ATTR_MAX
+ 1] = {
2871 [NL80211_BITRATE_ATTR_RATE
] = { .type
= NLA_U32
},
2872 [NL80211_BITRATE_ATTR_2GHZ_SHORTPREAMBLE
] = { .type
= NLA_FLAG
},
2875 struct nlattr
*nl_band
;
2876 struct nlattr
*nl_freq
;
2877 struct nlattr
*nl_rate
;
2878 int rem_band
, rem_freq
, rem_rate
;
2879 struct hostapd_hw_modes
*mode
;
2880 int idx
, mode_is_set
;
2882 nla_parse(tb_msg
, NL80211_ATTR_MAX
, genlmsg_attrdata(gnlh
, 0),
2883 genlmsg_attrlen(gnlh
, 0), NULL
);
2885 if (!tb_msg
[NL80211_ATTR_WIPHY_BANDS
])
2888 nla_for_each_nested(nl_band
, tb_msg
[NL80211_ATTR_WIPHY_BANDS
], rem_band
) {
2889 mode
= os_realloc(phy_info
->modes
, (*phy_info
->num_modes
+ 1) * sizeof(*mode
));
2892 phy_info
->modes
= mode
;
2896 mode
= &phy_info
->modes
[*(phy_info
->num_modes
)];
2897 memset(mode
, 0, sizeof(*mode
));
2898 *(phy_info
->num_modes
) += 1;
2900 nla_parse(tb_band
, NL80211_BAND_ATTR_MAX
, nla_data(nl_band
),
2901 nla_len(nl_band
), NULL
);
2903 if (tb_band
[NL80211_BAND_ATTR_HT_CAPA
]) {
2904 mode
->ht_capab
= nla_get_u16(
2905 tb_band
[NL80211_BAND_ATTR_HT_CAPA
]);
2908 if (tb_band
[NL80211_BAND_ATTR_HT_AMPDU_FACTOR
]) {
2909 mode
->a_mpdu_params
|= nla_get_u8(
2910 tb_band
[NL80211_BAND_ATTR_HT_AMPDU_FACTOR
]) &
2914 if (tb_band
[NL80211_BAND_ATTR_HT_AMPDU_DENSITY
]) {
2915 mode
->a_mpdu_params
|= nla_get_u8(
2916 tb_band
[NL80211_BAND_ATTR_HT_AMPDU_DENSITY
]) <<
2920 if (tb_band
[NL80211_BAND_ATTR_HT_MCS_SET
] &&
2921 nla_len(tb_band
[NL80211_BAND_ATTR_HT_MCS_SET
])) {
2923 mcs
= nla_data(tb_band
[NL80211_BAND_ATTR_HT_MCS_SET
]);
2924 os_memcpy(mode
->mcs_set
, mcs
, 16);
2927 nla_for_each_nested(nl_freq
, tb_band
[NL80211_BAND_ATTR_FREQS
], rem_freq
) {
2928 nla_parse(tb_freq
, NL80211_FREQUENCY_ATTR_MAX
, nla_data(nl_freq
),
2929 nla_len(nl_freq
), freq_policy
);
2930 if (!tb_freq
[NL80211_FREQUENCY_ATTR_FREQ
])
2932 mode
->num_channels
++;
2935 mode
->channels
= os_zalloc(mode
->num_channels
* sizeof(struct hostapd_channel_data
));
2936 if (!mode
->channels
)
2941 nla_for_each_nested(nl_freq
, tb_band
[NL80211_BAND_ATTR_FREQS
], rem_freq
) {
2942 nla_parse(tb_freq
, NL80211_FREQUENCY_ATTR_MAX
, nla_data(nl_freq
),
2943 nla_len(nl_freq
), freq_policy
);
2944 if (!tb_freq
[NL80211_FREQUENCY_ATTR_FREQ
])
2947 mode
->channels
[idx
].freq
= nla_get_u32(tb_freq
[NL80211_FREQUENCY_ATTR_FREQ
]);
2948 mode
->channels
[idx
].flag
= 0;
2951 /* crude heuristic */
2952 if (mode
->channels
[idx
].freq
< 4000)
2953 mode
->mode
= HOSTAPD_MODE_IEEE80211B
;
2955 mode
->mode
= HOSTAPD_MODE_IEEE80211A
;
2959 /* crude heuristic */
2960 if (mode
->channels
[idx
].freq
< 4000)
2961 if (mode
->channels
[idx
].freq
== 2484)
2962 mode
->channels
[idx
].chan
= 14;
2964 mode
->channels
[idx
].chan
= (mode
->channels
[idx
].freq
- 2407) / 5;
2966 mode
->channels
[idx
].chan
= mode
->channels
[idx
].freq
/5 - 1000;
2968 if (tb_freq
[NL80211_FREQUENCY_ATTR_DISABLED
])
2969 mode
->channels
[idx
].flag
|=
2970 HOSTAPD_CHAN_DISABLED
;
2971 if (tb_freq
[NL80211_FREQUENCY_ATTR_PASSIVE_SCAN
])
2972 mode
->channels
[idx
].flag
|=
2973 HOSTAPD_CHAN_PASSIVE_SCAN
;
2974 if (tb_freq
[NL80211_FREQUENCY_ATTR_NO_IBSS
])
2975 mode
->channels
[idx
].flag
|=
2976 HOSTAPD_CHAN_NO_IBSS
;
2977 if (tb_freq
[NL80211_FREQUENCY_ATTR_RADAR
])
2978 mode
->channels
[idx
].flag
|=
2981 if (tb_freq
[NL80211_FREQUENCY_ATTR_MAX_TX_POWER
] &&
2982 !tb_freq
[NL80211_FREQUENCY_ATTR_DISABLED
])
2983 mode
->channels
[idx
].max_tx_power
=
2984 nla_get_u32(tb_freq
[NL80211_FREQUENCY_ATTR_MAX_TX_POWER
]) / 100;
2989 nla_for_each_nested(nl_rate
, tb_band
[NL80211_BAND_ATTR_RATES
], rem_rate
) {
2990 nla_parse(tb_rate
, NL80211_BITRATE_ATTR_MAX
, nla_data(nl_rate
),
2991 nla_len(nl_rate
), rate_policy
);
2992 if (!tb_rate
[NL80211_BITRATE_ATTR_RATE
])
2997 mode
->rates
= os_zalloc(mode
->num_rates
* sizeof(int));
3003 nla_for_each_nested(nl_rate
, tb_band
[NL80211_BAND_ATTR_RATES
], rem_rate
) {
3004 nla_parse(tb_rate
, NL80211_BITRATE_ATTR_MAX
, nla_data(nl_rate
),
3005 nla_len(nl_rate
), rate_policy
);
3006 if (!tb_rate
[NL80211_BITRATE_ATTR_RATE
])
3008 mode
->rates
[idx
] = nla_get_u32(tb_rate
[NL80211_BITRATE_ATTR_RATE
]);
3010 /* crude heuristic */
3011 if (mode
->mode
== HOSTAPD_MODE_IEEE80211B
&&
3012 mode
->rates
[idx
] > 200)
3013 mode
->mode
= HOSTAPD_MODE_IEEE80211G
;
3022 static struct hostapd_hw_modes
*
3023 wpa_driver_nl80211_add_11b(struct hostapd_hw_modes
*modes
, u16
*num_modes
)
3026 struct hostapd_hw_modes
*mode11g
= NULL
, *nmodes
, *mode
;
3027 int i
, mode11g_idx
= -1;
3029 /* If only 802.11g mode is included, use it to construct matching
3030 * 802.11b mode data. */
3032 for (m
= 0; m
< *num_modes
; m
++) {
3033 if (modes
[m
].mode
== HOSTAPD_MODE_IEEE80211B
)
3034 return modes
; /* 802.11b already included */
3035 if (modes
[m
].mode
== HOSTAPD_MODE_IEEE80211G
)
3039 if (mode11g_idx
< 0)
3040 return modes
; /* 2.4 GHz band not supported at all */
3042 nmodes
= os_realloc(modes
, (*num_modes
+ 1) * sizeof(*nmodes
));
3044 return modes
; /* Could not add 802.11b mode */
3046 mode
= &nmodes
[*num_modes
];
3047 os_memset(mode
, 0, sizeof(*mode
));
3051 mode
->mode
= HOSTAPD_MODE_IEEE80211B
;
3053 mode11g
= &modes
[mode11g_idx
];
3054 mode
->num_channels
= mode11g
->num_channels
;
3055 mode
->channels
= os_malloc(mode11g
->num_channels
*
3056 sizeof(struct hostapd_channel_data
));
3057 if (mode
->channels
== NULL
) {
3059 return modes
; /* Could not add 802.11b mode */
3061 os_memcpy(mode
->channels
, mode11g
->channels
,
3062 mode11g
->num_channels
* sizeof(struct hostapd_channel_data
));
3064 mode
->num_rates
= 0;
3065 mode
->rates
= os_malloc(4 * sizeof(int));
3066 if (mode
->rates
== NULL
) {
3067 os_free(mode
->channels
);
3069 return modes
; /* Could not add 802.11b mode */
3072 for (i
= 0; i
< mode11g
->num_rates
; i
++) {
3073 if (mode11g
->rates
[i
] != 10 && mode11g
->rates
[i
] != 20 &&
3074 mode11g
->rates
[i
] != 55 && mode11g
->rates
[i
] != 110)
3076 mode
->rates
[mode
->num_rates
] = mode11g
->rates
[i
];
3078 if (mode
->num_rates
== 4)
3082 if (mode
->num_rates
== 0) {
3083 os_free(mode
->channels
);
3084 os_free(mode
->rates
);
3086 return modes
; /* No 802.11b rates */
3089 wpa_printf(MSG_DEBUG
, "nl80211: Added 802.11b mode based on 802.11g "
3096 static struct hostapd_hw_modes
*
3097 wpa_driver_nl80211_get_hw_feature_data(void *priv
, u16
*num_modes
, u16
*flags
)
3099 struct i802_bss
*bss
= priv
;
3100 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
3102 struct phy_info_arg result
= {
3103 .num_modes
= num_modes
,
3110 msg
= nlmsg_alloc();
3114 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
3115 0, NL80211_CMD_GET_WIPHY
, 0);
3117 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, drv
->ifindex
);
3119 if (send_and_recv_msgs(drv
, msg
, phy_info_handler
, &result
) == 0)
3120 return wpa_driver_nl80211_add_11b(result
.modes
, num_modes
);
3126 static int wpa_driver_nl80211_send_frame(struct wpa_driver_nl80211_data
*drv
,
3127 const void *data
, size_t len
,
3131 0x00, 0x00, /* radiotap version */
3132 0x0e, 0x00, /* radiotap length */
3133 0x02, 0xc0, 0x00, 0x00, /* bmap: flags, tx and rx flags */
3134 IEEE80211_RADIOTAP_F_FRAG
, /* F_FRAG (fragment if required) */
3136 0x00, 0x00, /* RX and TX flags to indicate that */
3137 0x00, 0x00, /* this is the injected frame directly */
3139 struct iovec iov
[2] = {
3141 .iov_base
= &rtap_hdr
,
3142 .iov_len
= sizeof(rtap_hdr
),
3145 .iov_base
= (void *) data
,
3149 struct msghdr msg
= {
3154 .msg_control
= NULL
,
3155 .msg_controllen
= 0,
3160 rtap_hdr
[8] |= IEEE80211_RADIOTAP_F_WEP
;
3162 return sendmsg(drv
->monitor_sock
, &msg
, 0);
3166 static int wpa_driver_nl80211_send_mlme(void *priv
, const u8
*data
,
3169 struct i802_bss
*bss
= priv
;
3170 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
3171 struct ieee80211_mgmt
*mgmt
;
3175 mgmt
= (struct ieee80211_mgmt
*) data
;
3176 fc
= le_to_host16(mgmt
->frame_control
);
3178 if (drv
->nlmode
== NL80211_IFTYPE_STATION
&&
3179 WLAN_FC_GET_TYPE(fc
) == WLAN_FC_TYPE_MGMT
&&
3180 WLAN_FC_GET_STYPE(fc
) == WLAN_FC_STYPE_PROBE_RESP
) {
3182 * The use of last_mgmt_freq is a bit of a hack,
3183 * but it works due to the single-threaded nature
3184 * of wpa_supplicant.
3186 return nl80211_send_frame_cmd(drv
, drv
->last_mgmt_freq
,
3187 data
, data_len
, NULL
);
3190 if (WLAN_FC_GET_TYPE(fc
) == WLAN_FC_TYPE_MGMT
&&
3191 WLAN_FC_GET_STYPE(fc
) == WLAN_FC_STYPE_AUTH
) {
3193 * Only one of the authentication frame types is encrypted.
3194 * In order for static WEP encryption to work properly (i.e.,
3195 * to not encrypt the frame), we need to tell mac80211 about
3196 * the frames that must not be encrypted.
3198 u16 auth_alg
= le_to_host16(mgmt
->u
.auth
.auth_alg
);
3199 u16 auth_trans
= le_to_host16(mgmt
->u
.auth
.auth_transaction
);
3200 if (auth_alg
!= WLAN_AUTH_SHARED_KEY
|| auth_trans
!= 3)
3204 return wpa_driver_nl80211_send_frame(drv
, data
, data_len
, encrypt
);
3208 static int wpa_driver_nl80211_set_beacon(void *priv
,
3209 const u8
*head
, size_t head_len
,
3210 const u8
*tail
, size_t tail_len
,
3211 int dtim_period
, int beacon_int
)
3213 struct i802_bss
*bss
= priv
;
3214 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
3216 u8 cmd
= NL80211_CMD_NEW_BEACON
;
3219 int ifindex
= if_nametoindex(bss
->ifname
);
3221 beacon_set
= bss
->beacon_set
;
3223 msg
= nlmsg_alloc();
3227 wpa_printf(MSG_DEBUG
, "nl80211: Set beacon (beacon_set=%d)",
3230 cmd
= NL80211_CMD_SET_BEACON
;
3232 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
3234 NLA_PUT(msg
, NL80211_ATTR_BEACON_HEAD
, head_len
, head
);
3235 NLA_PUT(msg
, NL80211_ATTR_BEACON_TAIL
, tail_len
, tail
);
3236 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, ifindex
);
3237 NLA_PUT_U32(msg
, NL80211_ATTR_BEACON_INTERVAL
, beacon_int
);
3238 NLA_PUT_U32(msg
, NL80211_ATTR_DTIM_PERIOD
, dtim_period
);
3240 ret
= send_and_recv_msgs(drv
, msg
, NULL
, NULL
);
3242 wpa_printf(MSG_DEBUG
, "nl80211: Beacon set failed: %d (%s)",
3243 ret
, strerror(-ret
));
3245 bss
->beacon_set
= 1;
3253 static int wpa_driver_nl80211_set_freq(struct wpa_driver_nl80211_data
*drv
,
3254 int freq
, int ht_enabled
,
3255 int sec_channel_offset
)
3260 msg
= nlmsg_alloc();
3264 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0, 0,
3265 NL80211_CMD_SET_WIPHY
, 0);
3267 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, drv
->ifindex
);
3268 NLA_PUT_U32(msg
, NL80211_ATTR_WIPHY_FREQ
, freq
);
3270 switch (sec_channel_offset
) {
3272 NLA_PUT_U32(msg
, NL80211_ATTR_WIPHY_CHANNEL_TYPE
,
3273 NL80211_CHAN_HT40MINUS
);
3276 NLA_PUT_U32(msg
, NL80211_ATTR_WIPHY_CHANNEL_TYPE
,
3277 NL80211_CHAN_HT40PLUS
);
3280 NLA_PUT_U32(msg
, NL80211_ATTR_WIPHY_CHANNEL_TYPE
,
3286 ret
= send_and_recv_msgs(drv
, msg
, NULL
, NULL
);
3289 wpa_printf(MSG_DEBUG
, "nl80211: Failed to set channel (freq=%d): "
3290 "%d (%s)", freq
, ret
, strerror(-ret
));
3296 static int wpa_driver_nl80211_sta_add(void *priv
,
3297 struct hostapd_sta_add_params
*params
)
3299 struct i802_bss
*bss
= priv
;
3300 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
3304 msg
= nlmsg_alloc();
3308 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
3309 0, NL80211_CMD_NEW_STATION
, 0);
3311 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, if_nametoindex(bss
->ifname
));
3312 NLA_PUT(msg
, NL80211_ATTR_MAC
, ETH_ALEN
, params
->addr
);
3313 NLA_PUT_U16(msg
, NL80211_ATTR_STA_AID
, params
->aid
);
3314 NLA_PUT(msg
, NL80211_ATTR_STA_SUPPORTED_RATES
, params
->supp_rates_len
,
3315 params
->supp_rates
);
3316 NLA_PUT_U16(msg
, NL80211_ATTR_STA_LISTEN_INTERVAL
,
3317 params
->listen_interval
);
3318 if (params
->ht_capabilities
) {
3319 NLA_PUT(msg
, NL80211_ATTR_HT_CAPABILITY
,
3320 sizeof(*params
->ht_capabilities
),
3321 params
->ht_capabilities
);
3324 ret
= send_and_recv_msgs(drv
, msg
, NULL
, NULL
);
3326 wpa_printf(MSG_DEBUG
, "nl80211: NL80211_CMD_NEW_STATION "
3327 "result: %d (%s)", ret
, strerror(-ret
));
3335 static int wpa_driver_nl80211_sta_remove(void *priv
, const u8
*addr
)
3337 struct i802_bss
*bss
= priv
;
3338 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
3342 msg
= nlmsg_alloc();
3346 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
3347 0, NL80211_CMD_DEL_STATION
, 0);
3349 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
,
3350 if_nametoindex(bss
->ifname
));
3351 NLA_PUT(msg
, NL80211_ATTR_MAC
, ETH_ALEN
, addr
);
3353 ret
= send_and_recv_msgs(drv
, msg
, NULL
, NULL
);
3362 static void nl80211_remove_iface(struct wpa_driver_nl80211_data
*drv
,
3367 wpa_printf(MSG_DEBUG
, "nl80211: Remove interface ifindex=%d", ifidx
);
3370 /* stop listening for EAPOL on this interface */
3371 del_ifidx(drv
, ifidx
);
3372 #endif /* HOSTAPD */
3374 msg
= nlmsg_alloc();
3376 goto nla_put_failure
;
3378 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
3379 0, NL80211_CMD_DEL_INTERFACE
, 0);
3380 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, ifidx
);
3382 if (send_and_recv_msgs(drv
, msg
, NULL
, NULL
) == 0)
3385 wpa_printf(MSG_ERROR
, "Failed to remove interface (ifidx=%d)", ifidx
);
3389 static int nl80211_create_iface_once(struct wpa_driver_nl80211_data
*drv
,
3391 enum nl80211_iftype iftype
,
3392 const u8
*addr
, int wds
)
3394 struct nl_msg
*msg
, *flags
= NULL
;
3398 msg
= nlmsg_alloc();
3402 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
3403 0, NL80211_CMD_NEW_INTERFACE
, 0);
3404 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, drv
->ifindex
);
3405 NLA_PUT_STRING(msg
, NL80211_ATTR_IFNAME
, ifname
);
3406 NLA_PUT_U32(msg
, NL80211_ATTR_IFTYPE
, iftype
);
3408 if (iftype
== NL80211_IFTYPE_MONITOR
) {
3411 flags
= nlmsg_alloc();
3413 goto nla_put_failure
;
3415 NLA_PUT_FLAG(flags
, NL80211_MNTR_FLAG_COOK_FRAMES
);
3417 err
= nla_put_nested(msg
, NL80211_ATTR_MNTR_FLAGS
, flags
);
3422 goto nla_put_failure
;
3424 NLA_PUT_U8(msg
, NL80211_ATTR_4ADDR
, wds
);
3427 ret
= send_and_recv_msgs(drv
, msg
, NULL
, NULL
);
3430 wpa_printf(MSG_ERROR
, "Failed to create interface %s: %d (%s)",
3431 ifname
, ret
, strerror(-ret
));
3435 ifidx
= if_nametoindex(ifname
);
3436 wpa_printf(MSG_DEBUG
, "nl80211: New interface %s created: ifindex=%d",
3443 /* start listening for EAPOL on this interface */
3444 add_ifidx(drv
, ifidx
);
3445 #endif /* HOSTAPD */
3447 if (addr
&& iftype
!= NL80211_IFTYPE_MONITOR
&&
3448 linux_set_ifhwaddr(drv
->ioctl_sock
, ifname
, addr
)) {
3449 nl80211_remove_iface(drv
, ifidx
);
3457 static int nl80211_create_iface(struct wpa_driver_nl80211_data
*drv
,
3458 const char *ifname
, enum nl80211_iftype iftype
,
3459 const u8
*addr
, int wds
)
3463 ret
= nl80211_create_iface_once(drv
, ifname
, iftype
, addr
, wds
);
3465 /* if error occured and interface exists already */
3466 if (ret
== -ENFILE
&& if_nametoindex(ifname
)) {
3467 wpa_printf(MSG_INFO
, "Try to remove and re-create %s", ifname
);
3469 /* Try to remove the interface that was already there. */
3470 nl80211_remove_iface(drv
, if_nametoindex(ifname
));
3472 /* Try to create the interface again */
3473 ret
= nl80211_create_iface_once(drv
, ifname
, iftype
, addr
,
3477 if (ret
>= 0 && drv
->disable_11b_rates
)
3478 nl80211_disable_11b_rates(drv
, ret
, 1);
3484 static void handle_tx_callback(void *ctx
, u8
*buf
, size_t len
, int ok
)
3486 struct ieee80211_hdr
*hdr
;
3488 union wpa_event_data event
;
3490 hdr
= (struct ieee80211_hdr
*) buf
;
3491 fc
= le_to_host16(hdr
->frame_control
);
3493 os_memset(&event
, 0, sizeof(event
));
3494 event
.tx_status
.type
= WLAN_FC_GET_TYPE(fc
);
3495 event
.tx_status
.stype
= WLAN_FC_GET_STYPE(fc
);
3496 event
.tx_status
.dst
= hdr
->addr1
;
3497 event
.tx_status
.data
= buf
;
3498 event
.tx_status
.data_len
= len
;
3499 event
.tx_status
.ack
= ok
;
3500 wpa_supplicant_event(ctx
, EVENT_TX_STATUS
, &event
);
3504 static void from_unknown_sta(struct wpa_driver_nl80211_data
*drv
,
3505 u8
*buf
, size_t len
)
3507 union wpa_event_data event
;
3508 os_memset(&event
, 0, sizeof(event
));
3509 event
.rx_from_unknown
.frame
= buf
;
3510 event
.rx_from_unknown
.len
= len
;
3511 wpa_supplicant_event(drv
->ctx
, EVENT_RX_FROM_UNKNOWN
, &event
);
3515 static void handle_frame(struct wpa_driver_nl80211_data
*drv
,
3516 u8
*buf
, size_t len
, int datarate
, int ssi_signal
)
3518 struct ieee80211_hdr
*hdr
;
3520 union wpa_event_data event
;
3522 hdr
= (struct ieee80211_hdr
*) buf
;
3523 fc
= le_to_host16(hdr
->frame_control
);
3525 switch (WLAN_FC_GET_TYPE(fc
)) {
3526 case WLAN_FC_TYPE_MGMT
:
3527 os_memset(&event
, 0, sizeof(event
));
3528 event
.rx_mgmt
.frame
= buf
;
3529 event
.rx_mgmt
.frame_len
= len
;
3530 event
.rx_mgmt
.datarate
= datarate
;
3531 event
.rx_mgmt
.ssi_signal
= ssi_signal
;
3532 wpa_supplicant_event(drv
->ctx
, EVENT_RX_MGMT
, &event
);
3534 case WLAN_FC_TYPE_CTRL
:
3535 /* can only get here with PS-Poll frames */
3536 wpa_printf(MSG_DEBUG
, "CTRL");
3537 from_unknown_sta(drv
, buf
, len
);
3539 case WLAN_FC_TYPE_DATA
:
3540 from_unknown_sta(drv
, buf
, len
);
3546 static void handle_monitor_read(int sock
, void *eloop_ctx
, void *sock_ctx
)
3548 struct wpa_driver_nl80211_data
*drv
= eloop_ctx
;
3550 unsigned char buf
[3000];
3551 struct ieee80211_radiotap_iterator iter
;
3553 int datarate
= 0, ssi_signal
= 0;
3554 int injected
= 0, failed
= 0, rxflags
= 0;
3556 len
= recv(sock
, buf
, sizeof(buf
), 0);
3562 if (ieee80211_radiotap_iterator_init(&iter
, (void*)buf
, len
)) {
3563 printf("received invalid radiotap frame\n");
3568 ret
= ieee80211_radiotap_iterator_next(&iter
);
3572 printf("received invalid radiotap frame (%d)\n", ret
);
3575 switch (iter
.this_arg_index
) {
3576 case IEEE80211_RADIOTAP_FLAGS
:
3577 if (*iter
.this_arg
& IEEE80211_RADIOTAP_F_FCS
)
3580 case IEEE80211_RADIOTAP_RX_FLAGS
:
3583 case IEEE80211_RADIOTAP_TX_FLAGS
:
3585 failed
= le_to_host16((*(uint16_t *) iter
.this_arg
)) &
3586 IEEE80211_RADIOTAP_F_TX_FAIL
;
3588 case IEEE80211_RADIOTAP_DATA_RETRIES
:
3590 case IEEE80211_RADIOTAP_CHANNEL
:
3591 /* TODO: convert from freq/flags to channel number */
3593 case IEEE80211_RADIOTAP_RATE
:
3594 datarate
= *iter
.this_arg
* 5;
3596 case IEEE80211_RADIOTAP_DB_ANTSIGNAL
:
3597 ssi_signal
= *iter
.this_arg
;
3602 if (rxflags
&& injected
)
3606 handle_frame(drv
, buf
+ iter
.max_length
,
3607 len
- iter
.max_length
, datarate
, ssi_signal
);
3609 handle_tx_callback(drv
->ctx
, buf
+ iter
.max_length
,
3610 len
- iter
.max_length
, !failed
);
3615 * we post-process the filter code later and rewrite
3616 * this to the offset to the last instruction
3621 static struct sock_filter msock_filter_insns
[] = {
3623 * do a little-endian load of the radiotap length field
3625 /* load lower byte into A */
3626 BPF_STMT(BPF_LD
| BPF_B
| BPF_ABS
, 2),
3627 /* put it into X (== index register) */
3628 BPF_STMT(BPF_MISC
| BPF_TAX
, 0),
3629 /* load upper byte into A */
3630 BPF_STMT(BPF_LD
| BPF_B
| BPF_ABS
, 3),
3631 /* left-shift it by 8 */
3632 BPF_STMT(BPF_ALU
| BPF_LSH
| BPF_K
, 8),
3634 BPF_STMT(BPF_ALU
| BPF_OR
| BPF_X
, 0),
3635 /* put result into X */
3636 BPF_STMT(BPF_MISC
| BPF_TAX
, 0),
3639 * Allow management frames through, this also gives us those
3640 * management frames that we sent ourselves with status
3642 /* load the lower byte of the IEEE 802.11 frame control field */
3643 BPF_STMT(BPF_LD
| BPF_B
| BPF_IND
, 0),
3644 /* mask off frame type and version */
3645 BPF_STMT(BPF_ALU
| BPF_AND
| BPF_K
, 0xF),
3646 /* accept frame if it's both 0, fall through otherwise */
3647 BPF_JUMP(BPF_JMP
| BPF_JEQ
| BPF_K
, 0, PASS
, 0),
3650 * TODO: add a bit to radiotap RX flags that indicates
3651 * that the sending station is not associated, then
3652 * add a filter here that filters on our DA and that flag
3653 * to allow us to deauth frames to that bad station.
3655 * For now allow all To DS data frames through.
3657 /* load the IEEE 802.11 frame control field */
3658 BPF_STMT(BPF_LD
| BPF_H
| BPF_IND
, 0),
3659 /* mask off frame type, version and DS status */
3660 BPF_STMT(BPF_ALU
| BPF_AND
| BPF_K
, 0x0F03),
3661 /* accept frame if version 0, type 2 and To DS, fall through otherwise
3663 BPF_JUMP(BPF_JMP
| BPF_JEQ
| BPF_K
, 0x0801, PASS
, 0),
3667 * drop non-data frames
3669 /* load the lower byte of the frame control field */
3670 BPF_STMT(BPF_LD
| BPF_B
| BPF_IND
, 0),
3671 /* mask off QoS bit */
3672 BPF_STMT(BPF_ALU
| BPF_AND
| BPF_K
, 0x0c),
3673 /* drop non-data frames */
3674 BPF_JUMP(BPF_JMP
| BPF_JEQ
| BPF_K
, 8, 0, FAIL
),
3676 /* load the upper byte of the frame control field */
3677 BPF_STMT(BPF_LD
| BPF_B
| BPF_IND
, 1),
3678 /* mask off toDS/fromDS */
3679 BPF_STMT(BPF_ALU
| BPF_AND
| BPF_K
, 0x03),
3680 /* accept WDS frames */
3681 BPF_JUMP(BPF_JMP
| BPF_JEQ
| BPF_K
, 3, PASS
, 0),
3684 * add header length to index
3686 /* load the lower byte of the frame control field */
3687 BPF_STMT(BPF_LD
| BPF_B
| BPF_IND
, 0),
3688 /* mask off QoS bit */
3689 BPF_STMT(BPF_ALU
| BPF_AND
| BPF_K
, 0x80),
3690 /* right shift it by 6 to give 0 or 2 */
3691 BPF_STMT(BPF_ALU
| BPF_RSH
| BPF_K
, 6),
3692 /* add data frame header length */
3693 BPF_STMT(BPF_ALU
| BPF_ADD
| BPF_K
, 24),
3694 /* add index, was start of 802.11 header */
3695 BPF_STMT(BPF_ALU
| BPF_ADD
| BPF_X
, 0),
3696 /* move to index, now start of LL header */
3697 BPF_STMT(BPF_MISC
| BPF_TAX
, 0),
3700 * Accept empty data frames, we use those for
3703 BPF_STMT(BPF_LD
| BPF_W
| BPF_LEN
, 0),
3704 BPF_JUMP(BPF_JMP
| BPF_JEQ
| BPF_X
, 0, PASS
, 0),
3707 * Accept EAPOL frames
3709 BPF_STMT(BPF_LD
| BPF_W
| BPF_IND
, 0),
3710 BPF_JUMP(BPF_JMP
| BPF_JEQ
| BPF_K
, 0xAAAA0300, 0, FAIL
),
3711 BPF_STMT(BPF_LD
| BPF_W
| BPF_IND
, 4),
3712 BPF_JUMP(BPF_JMP
| BPF_JEQ
| BPF_K
, 0x0000888E, PASS
, FAIL
),
3714 /* keep these last two statements or change the code below */
3715 /* return 0 == "DROP" */
3716 BPF_STMT(BPF_RET
| BPF_K
, 0),
3717 /* return ~0 == "keep all" */
3718 BPF_STMT(BPF_RET
| BPF_K
, ~0),
3721 static struct sock_fprog msock_filter
= {
3722 .len
= sizeof(msock_filter_insns
)/sizeof(msock_filter_insns
[0]),
3723 .filter
= msock_filter_insns
,
3727 static int add_monitor_filter(int s
)
3731 /* rewrite all PASS/FAIL jump offsets */
3732 for (idx
= 0; idx
< msock_filter
.len
; idx
++) {
3733 struct sock_filter
*insn
= &msock_filter_insns
[idx
];
3735 if (BPF_CLASS(insn
->code
) == BPF_JMP
) {
3736 if (insn
->code
== (BPF_JMP
|BPF_JA
)) {
3737 if (insn
->k
== PASS
)
3738 insn
->k
= msock_filter
.len
- idx
- 2;
3739 else if (insn
->k
== FAIL
)
3740 insn
->k
= msock_filter
.len
- idx
- 3;
3743 if (insn
->jt
== PASS
)
3744 insn
->jt
= msock_filter
.len
- idx
- 2;
3745 else if (insn
->jt
== FAIL
)
3746 insn
->jt
= msock_filter
.len
- idx
- 3;
3748 if (insn
->jf
== PASS
)
3749 insn
->jf
= msock_filter
.len
- idx
- 2;
3750 else if (insn
->jf
== FAIL
)
3751 insn
->jf
= msock_filter
.len
- idx
- 3;
3755 if (setsockopt(s
, SOL_SOCKET
, SO_ATTACH_FILTER
,
3756 &msock_filter
, sizeof(msock_filter
))) {
3757 perror("SO_ATTACH_FILTER");
3765 static void nl80211_remove_monitor_interface(
3766 struct wpa_driver_nl80211_data
*drv
)
3768 if (drv
->monitor_ifidx
>= 0) {
3769 nl80211_remove_iface(drv
, drv
->monitor_ifidx
);
3770 drv
->monitor_ifidx
= -1;
3772 if (drv
->monitor_sock
>= 0) {
3773 eloop_unregister_read_sock(drv
->monitor_sock
);
3774 close(drv
->monitor_sock
);
3775 drv
->monitor_sock
= -1;
3781 nl80211_create_monitor_interface(struct wpa_driver_nl80211_data
*drv
)
3784 struct sockaddr_ll ll
;
3788 snprintf(buf
, IFNAMSIZ
, "mon.%s", drv
->first_bss
.ifname
);
3789 buf
[IFNAMSIZ
- 1] = '\0';
3791 drv
->monitor_ifidx
=
3792 nl80211_create_iface(drv
, buf
, NL80211_IFTYPE_MONITOR
, NULL
,
3795 if (drv
->monitor_ifidx
< 0)
3798 if (linux_set_iface_flags(drv
->ioctl_sock
, buf
, 1))
3801 memset(&ll
, 0, sizeof(ll
));
3802 ll
.sll_family
= AF_PACKET
;
3803 ll
.sll_ifindex
= drv
->monitor_ifidx
;
3804 drv
->monitor_sock
= socket(PF_PACKET
, SOCK_RAW
, htons(ETH_P_ALL
));
3805 if (drv
->monitor_sock
< 0) {
3806 perror("socket[PF_PACKET,SOCK_RAW]");
3810 if (add_monitor_filter(drv
->monitor_sock
)) {
3811 wpa_printf(MSG_INFO
, "Failed to set socket filter for monitor "
3812 "interface; do filtering in user space");
3813 /* This works, but will cost in performance. */
3816 if (bind(drv
->monitor_sock
, (struct sockaddr
*) &ll
, sizeof(ll
)) < 0) {
3817 perror("monitor socket bind");
3821 optlen
= sizeof(optval
);
3824 (drv
->monitor_sock
, SOL_SOCKET
, SO_PRIORITY
, &optval
, optlen
)) {
3825 perror("Failed to set socket priority");
3829 if (eloop_register_read_sock(drv
->monitor_sock
, handle_monitor_read
,
3831 printf("Could not register monitor read socket\n");
3837 nl80211_remove_monitor_interface(drv
);
3842 static const u8 rfc1042_header
[6] = { 0xaa, 0xaa, 0x03, 0x00, 0x00, 0x00 };
3844 static int wpa_driver_nl80211_hapd_send_eapol(
3845 void *priv
, const u8
*addr
, const u8
*data
,
3846 size_t data_len
, int encrypt
, const u8
*own_addr
)
3848 struct i802_bss
*bss
= priv
;
3849 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
3850 struct ieee80211_hdr
*hdr
;
3855 int qos
= sta
->flags
& WPA_STA_WMM
;
3860 len
= sizeof(*hdr
) + (qos
? 2 : 0) + sizeof(rfc1042_header
) + 2 +
3862 hdr
= os_zalloc(len
);
3864 printf("malloc() failed for i802_send_data(len=%lu)\n",
3865 (unsigned long) len
);
3869 hdr
->frame_control
=
3870 IEEE80211_FC(WLAN_FC_TYPE_DATA
, WLAN_FC_STYPE_DATA
);
3871 hdr
->frame_control
|= host_to_le16(WLAN_FC_FROMDS
);
3873 hdr
->frame_control
|= host_to_le16(WLAN_FC_ISWEP
);
3874 #if 0 /* To be enabled if qos determination is added above */
3876 hdr
->frame_control
|=
3877 host_to_le16(WLAN_FC_STYPE_QOS_DATA
<< 4);
3881 memcpy(hdr
->IEEE80211_DA_FROMDS
, addr
, ETH_ALEN
);
3882 memcpy(hdr
->IEEE80211_BSSID_FROMDS
, own_addr
, ETH_ALEN
);
3883 memcpy(hdr
->IEEE80211_SA_FROMDS
, own_addr
, ETH_ALEN
);
3884 pos
= (u8
*) (hdr
+ 1);
3886 #if 0 /* To be enabled if qos determination is added above */
3888 /* add an empty QoS header if needed */
3895 memcpy(pos
, rfc1042_header
, sizeof(rfc1042_header
));
3896 pos
+= sizeof(rfc1042_header
);
3897 WPA_PUT_BE16(pos
, ETH_P_PAE
);
3899 memcpy(pos
, data
, data_len
);
3901 res
= wpa_driver_nl80211_send_frame(drv
, (u8
*) hdr
, len
, encrypt
);
3903 wpa_printf(MSG_ERROR
, "i802_send_eapol - packet len: %lu - "
3905 (unsigned long) len
, errno
, strerror(errno
));
3913 static u32
sta_flags_nl80211(int flags
)
3917 if (flags
& WPA_STA_AUTHORIZED
)
3918 f
|= BIT(NL80211_STA_FLAG_AUTHORIZED
);
3919 if (flags
& WPA_STA_WMM
)
3920 f
|= BIT(NL80211_STA_FLAG_WME
);
3921 if (flags
& WPA_STA_SHORT_PREAMBLE
)
3922 f
|= BIT(NL80211_STA_FLAG_SHORT_PREAMBLE
);
3923 if (flags
& WPA_STA_MFP
)
3924 f
|= BIT(NL80211_STA_FLAG_MFP
);
3930 static int wpa_driver_nl80211_sta_set_flags(void *priv
, const u8
*addr
,
3932 int flags_or
, int flags_and
)
3934 struct i802_bss
*bss
= priv
;
3935 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
3936 struct nl_msg
*msg
, *flags
= NULL
;
3937 struct nl80211_sta_flag_update upd
;
3939 msg
= nlmsg_alloc();
3943 flags
= nlmsg_alloc();
3949 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
3950 0, NL80211_CMD_SET_STATION
, 0);
3952 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
,
3953 if_nametoindex(bss
->ifname
));
3954 NLA_PUT(msg
, NL80211_ATTR_MAC
, ETH_ALEN
, addr
);
3957 * Backwards compatibility version using NL80211_ATTR_STA_FLAGS. This
3958 * can be removed eventually.
3960 if (total_flags
& WPA_STA_AUTHORIZED
)
3961 NLA_PUT_FLAG(flags
, NL80211_STA_FLAG_AUTHORIZED
);
3963 if (total_flags
& WPA_STA_WMM
)
3964 NLA_PUT_FLAG(flags
, NL80211_STA_FLAG_WME
);
3966 if (total_flags
& WPA_STA_SHORT_PREAMBLE
)
3967 NLA_PUT_FLAG(flags
, NL80211_STA_FLAG_SHORT_PREAMBLE
);
3969 if (total_flags
& WPA_STA_MFP
)
3970 NLA_PUT_FLAG(flags
, NL80211_STA_FLAG_MFP
);
3972 if (nla_put_nested(msg
, NL80211_ATTR_STA_FLAGS
, flags
))
3973 goto nla_put_failure
;
3975 os_memset(&upd
, 0, sizeof(upd
));
3976 upd
.mask
= sta_flags_nl80211(flags_or
| ~flags_and
);
3977 upd
.set
= sta_flags_nl80211(flags_or
);
3978 NLA_PUT(msg
, NL80211_ATTR_STA_FLAGS2
, sizeof(upd
), &upd
);
3982 return send_and_recv_msgs(drv
, msg
, NULL
, NULL
);
3989 static int wpa_driver_nl80211_ap(struct wpa_driver_nl80211_data
*drv
,
3990 struct wpa_driver_associate_params
*params
)
3993 wpa_printf(MSG_DEBUG
, "nl80211: Setup AP operations for P2P "
3995 if (wpa_driver_nl80211_set_mode(&drv
->first_bss
, params
->mode
) ||
3996 wpa_driver_nl80211_set_freq(drv
, params
->freq
, 0, 0)) {
3997 nl80211_remove_monitor_interface(drv
);
4001 /* TODO: setup monitor interface (and add code somewhere to remove this
4002 * when AP mode is stopped; associate with mode != 2 or drv_deinit) */
4008 static int nl80211_leave_ibss(struct wpa_driver_nl80211_data
*drv
)
4013 msg
= nlmsg_alloc();
4017 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0, 0,
4018 NL80211_CMD_LEAVE_IBSS
, 0);
4019 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, drv
->ifindex
);
4020 ret
= send_and_recv_msgs(drv
, msg
, NULL
, NULL
);
4023 wpa_printf(MSG_DEBUG
, "nl80211: Leave IBSS failed: ret=%d "
4024 "(%s)", ret
, strerror(-ret
));
4025 goto nla_put_failure
;
4029 wpa_printf(MSG_DEBUG
, "nl80211: Leave IBSS request sent successfully");
4037 static int wpa_driver_nl80211_ibss(struct wpa_driver_nl80211_data
*drv
,
4038 struct wpa_driver_associate_params
*params
)
4044 wpa_printf(MSG_DEBUG
, "nl80211: Join IBSS (ifindex=%d)", drv
->ifindex
);
4046 if (wpa_driver_nl80211_set_mode(&drv
->first_bss
, params
->mode
)) {
4047 wpa_printf(MSG_INFO
, "nl80211: Failed to set interface into "
4053 msg
= nlmsg_alloc();
4057 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0, 0,
4058 NL80211_CMD_JOIN_IBSS
, 0);
4059 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, drv
->ifindex
);
4061 if (params
->ssid
== NULL
|| params
->ssid_len
> sizeof(drv
->ssid
))
4062 goto nla_put_failure
;
4064 wpa_hexdump_ascii(MSG_DEBUG
, " * SSID",
4065 params
->ssid
, params
->ssid_len
);
4066 NLA_PUT(msg
, NL80211_ATTR_SSID
, params
->ssid_len
,
4068 os_memcpy(drv
->ssid
, params
->ssid
, params
->ssid_len
);
4069 drv
->ssid_len
= params
->ssid_len
;
4071 wpa_printf(MSG_DEBUG
, " * freq=%d", params
->freq
);
4072 NLA_PUT_U32(msg
, NL80211_ATTR_WIPHY_FREQ
, params
->freq
);
4074 ret
= nl80211_set_conn_keys(params
, msg
);
4076 goto nla_put_failure
;
4078 if (params
->wpa_ie
) {
4079 wpa_hexdump(MSG_DEBUG
,
4080 " * Extra IEs for Beacon/Probe Response frames",
4081 params
->wpa_ie
, params
->wpa_ie_len
);
4082 NLA_PUT(msg
, NL80211_ATTR_IE
, params
->wpa_ie_len
,
4086 ret
= send_and_recv_msgs(drv
, msg
, NULL
, NULL
);
4089 wpa_printf(MSG_DEBUG
, "nl80211: Join IBSS failed: ret=%d (%s)",
4090 ret
, strerror(-ret
));
4092 if (ret
== -EALREADY
&& count
== 1) {
4093 wpa_printf(MSG_DEBUG
, "nl80211: Retry IBSS join after "
4095 nl80211_leave_ibss(drv
);
4100 goto nla_put_failure
;
4103 wpa_printf(MSG_DEBUG
, "nl80211: Join IBSS request sent successfully");
4111 static int wpa_driver_nl80211_connect(
4112 struct wpa_driver_nl80211_data
*drv
,
4113 struct wpa_driver_associate_params
*params
)
4116 enum nl80211_auth_type type
;
4119 msg
= nlmsg_alloc();
4123 wpa_printf(MSG_DEBUG
, "nl80211: Connect (ifindex=%d)", drv
->ifindex
);
4124 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0, 0,
4125 NL80211_CMD_CONNECT
, 0);
4127 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, drv
->ifindex
);
4128 if (params
->bssid
) {
4129 wpa_printf(MSG_DEBUG
, " * bssid=" MACSTR
,
4130 MAC2STR(params
->bssid
));
4131 NLA_PUT(msg
, NL80211_ATTR_MAC
, ETH_ALEN
, params
->bssid
);
4134 wpa_printf(MSG_DEBUG
, " * freq=%d", params
->freq
);
4135 NLA_PUT_U32(msg
, NL80211_ATTR_WIPHY_FREQ
, params
->freq
);
4138 wpa_hexdump_ascii(MSG_DEBUG
, " * SSID",
4139 params
->ssid
, params
->ssid_len
);
4140 NLA_PUT(msg
, NL80211_ATTR_SSID
, params
->ssid_len
,
4142 if (params
->ssid_len
> sizeof(drv
->ssid
))
4143 goto nla_put_failure
;
4144 os_memcpy(drv
->ssid
, params
->ssid
, params
->ssid_len
);
4145 drv
->ssid_len
= params
->ssid_len
;
4147 wpa_hexdump(MSG_DEBUG
, " * IEs", params
->wpa_ie
, params
->wpa_ie_len
);
4149 NLA_PUT(msg
, NL80211_ATTR_IE
, params
->wpa_ie_len
,
4152 if (params
->auth_alg
& WPA_AUTH_ALG_OPEN
)
4153 type
= NL80211_AUTHTYPE_OPEN_SYSTEM
;
4154 else if (params
->auth_alg
& WPA_AUTH_ALG_SHARED
)
4155 type
= NL80211_AUTHTYPE_SHARED_KEY
;
4156 else if (params
->auth_alg
& WPA_AUTH_ALG_LEAP
)
4157 type
= NL80211_AUTHTYPE_NETWORK_EAP
;
4158 else if (params
->auth_alg
& WPA_AUTH_ALG_FT
)
4159 type
= NL80211_AUTHTYPE_FT
;
4161 goto nla_put_failure
;
4163 wpa_printf(MSG_DEBUG
, " * Auth Type %d", type
);
4164 NLA_PUT_U32(msg
, NL80211_ATTR_AUTH_TYPE
, type
);
4166 if (params
->wpa_ie
&& params
->wpa_ie_len
) {
4167 enum nl80211_wpa_versions ver
;
4169 if (params
->wpa_ie
[0] == WLAN_EID_RSN
)
4170 ver
= NL80211_WPA_VERSION_2
;
4172 ver
= NL80211_WPA_VERSION_1
;
4174 wpa_printf(MSG_DEBUG
, " * WPA Version %d", ver
);
4175 NLA_PUT_U32(msg
, NL80211_ATTR_WPA_VERSIONS
, ver
);
4178 if (params
->pairwise_suite
!= CIPHER_NONE
) {
4181 switch (params
->pairwise_suite
) {
4183 cipher
= WLAN_CIPHER_SUITE_WEP40
;
4186 cipher
= WLAN_CIPHER_SUITE_WEP104
;
4189 cipher
= WLAN_CIPHER_SUITE_CCMP
;
4193 cipher
= WLAN_CIPHER_SUITE_TKIP
;
4196 NLA_PUT_U32(msg
, NL80211_ATTR_CIPHER_SUITES_PAIRWISE
, cipher
);
4199 if (params
->group_suite
!= CIPHER_NONE
) {
4202 switch (params
->group_suite
) {
4204 cipher
= WLAN_CIPHER_SUITE_WEP40
;
4207 cipher
= WLAN_CIPHER_SUITE_WEP104
;
4210 cipher
= WLAN_CIPHER_SUITE_CCMP
;
4214 cipher
= WLAN_CIPHER_SUITE_TKIP
;
4217 NLA_PUT_U32(msg
, NL80211_ATTR_CIPHER_SUITE_GROUP
, cipher
);
4220 if (params
->key_mgmt_suite
== KEY_MGMT_802_1X
||
4221 params
->key_mgmt_suite
== KEY_MGMT_PSK
) {
4222 int mgmt
= WLAN_AKM_SUITE_PSK
;
4224 switch (params
->key_mgmt_suite
) {
4225 case KEY_MGMT_802_1X
:
4226 mgmt
= WLAN_AKM_SUITE_8021X
;
4230 mgmt
= WLAN_AKM_SUITE_PSK
;
4233 NLA_PUT_U32(msg
, NL80211_ATTR_AKM_SUITES
, mgmt
);
4236 ret
= nl80211_set_conn_keys(params
, msg
);
4238 goto nla_put_failure
;
4240 ret
= send_and_recv_msgs(drv
, msg
, NULL
, NULL
);
4243 wpa_printf(MSG_DEBUG
, "nl80211: MLME connect failed: ret=%d "
4244 "(%s)", ret
, strerror(-ret
));
4245 goto nla_put_failure
;
4248 wpa_printf(MSG_DEBUG
, "nl80211: Connect request send successfully");
4257 static int wpa_driver_nl80211_associate(
4258 void *priv
, struct wpa_driver_associate_params
*params
)
4260 struct i802_bss
*bss
= priv
;
4261 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
4265 if (params
->mode
== IEEE80211_MODE_AP
)
4266 return wpa_driver_nl80211_ap(drv
, params
);
4268 if (params
->mode
== IEEE80211_MODE_IBSS
)
4269 return wpa_driver_nl80211_ibss(drv
, params
);
4271 if (!(drv
->capa
.flags
& WPA_DRIVER_FLAGS_SME
)) {
4272 if (wpa_driver_nl80211_set_mode(priv
, params
->mode
) < 0)
4274 return wpa_driver_nl80211_connect(drv
, params
);
4277 drv
->associated
= 0;
4279 msg
= nlmsg_alloc();
4283 wpa_printf(MSG_DEBUG
, "nl80211: Associate (ifindex=%d)",
4285 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0, 0,
4286 NL80211_CMD_ASSOCIATE
, 0);
4288 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, drv
->ifindex
);
4289 if (params
->bssid
) {
4290 wpa_printf(MSG_DEBUG
, " * bssid=" MACSTR
,
4291 MAC2STR(params
->bssid
));
4292 NLA_PUT(msg
, NL80211_ATTR_MAC
, ETH_ALEN
, params
->bssid
);
4295 wpa_printf(MSG_DEBUG
, " * freq=%d", params
->freq
);
4296 NLA_PUT_U32(msg
, NL80211_ATTR_WIPHY_FREQ
, params
->freq
);
4297 drv
->assoc_freq
= params
->freq
;
4299 drv
->assoc_freq
= 0;
4301 wpa_hexdump_ascii(MSG_DEBUG
, " * SSID",
4302 params
->ssid
, params
->ssid_len
);
4303 NLA_PUT(msg
, NL80211_ATTR_SSID
, params
->ssid_len
,
4305 if (params
->ssid_len
> sizeof(drv
->ssid
))
4306 goto nla_put_failure
;
4307 os_memcpy(drv
->ssid
, params
->ssid
, params
->ssid_len
);
4308 drv
->ssid_len
= params
->ssid_len
;
4310 wpa_hexdump(MSG_DEBUG
, " * IEs", params
->wpa_ie
, params
->wpa_ie_len
);
4312 NLA_PUT(msg
, NL80211_ATTR_IE
, params
->wpa_ie_len
,
4315 #ifdef CONFIG_IEEE80211W
4316 if (params
->mgmt_frame_protection
== MGMT_FRAME_PROTECTION_REQUIRED
)
4317 NLA_PUT_U32(msg
, NL80211_ATTR_USE_MFP
, NL80211_MFP_REQUIRED
);
4318 #endif /* CONFIG_IEEE80211W */
4320 NLA_PUT_FLAG(msg
, NL80211_ATTR_CONTROL_PORT
);
4322 if (params
->prev_bssid
) {
4323 wpa_printf(MSG_DEBUG
, " * prev_bssid=" MACSTR
,
4324 MAC2STR(params
->prev_bssid
));
4325 NLA_PUT(msg
, NL80211_ATTR_PREV_BSSID
, ETH_ALEN
,
4326 params
->prev_bssid
);
4330 wpa_printf(MSG_DEBUG
, " * P2P group");
4332 ret
= send_and_recv_msgs(drv
, msg
, NULL
, NULL
);
4335 wpa_printf(MSG_DEBUG
, "nl80211: MLME command failed: ret=%d "
4336 "(%s)", ret
, strerror(-ret
));
4337 nl80211_dump_scan(drv
);
4338 goto nla_put_failure
;
4341 wpa_printf(MSG_DEBUG
, "nl80211: Association request send "
4350 static int nl80211_set_mode(struct wpa_driver_nl80211_data
*drv
,
4351 int ifindex
, int mode
)
4356 msg
= nlmsg_alloc();
4360 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
4361 0, NL80211_CMD_SET_INTERFACE
, 0);
4362 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, ifindex
);
4363 NLA_PUT_U32(msg
, NL80211_ATTR_IFTYPE
, mode
);
4365 ret
= send_and_recv_msgs(drv
, msg
, NULL
, NULL
);
4369 wpa_printf(MSG_DEBUG
, "nl80211: Failed to set interface %d to mode %d:"
4370 " %d (%s)", ifindex
, mode
, ret
, strerror(-ret
));
4375 static int wpa_driver_nl80211_set_mode(void *priv
, int mode
)
4377 struct i802_bss
*bss
= priv
;
4378 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
4385 nlmode
= NL80211_IFTYPE_STATION
;
4388 nlmode
= NL80211_IFTYPE_ADHOC
;
4391 nlmode
= NL80211_IFTYPE_AP
;
4397 if (nl80211_set_mode(drv
, drv
->ifindex
, nlmode
) == 0) {
4398 drv
->nlmode
= nlmode
;
4403 if (nlmode
== drv
->nlmode
) {
4404 wpa_printf(MSG_DEBUG
, "nl80211: Interface already in "
4405 "requested mode - ignore error");
4407 goto done
; /* Already in the requested mode */
4410 /* mac80211 doesn't allow mode changes while the device is up, so
4411 * take the device down, try to set the mode again, and bring the
4414 wpa_printf(MSG_DEBUG
, "nl80211: Try mode change after setting "
4416 for (i
= 0; i
< 10; i
++) {
4417 if (linux_set_iface_flags(drv
->ioctl_sock
, bss
->ifname
, 0) ==
4419 /* Try to set the mode again while the interface is
4421 ret
= nl80211_set_mode(drv
, drv
->ifindex
, nlmode
);
4422 if (linux_set_iface_flags(drv
->ioctl_sock
, bss
->ifname
,
4428 wpa_printf(MSG_DEBUG
, "nl80211: Failed to set "
4430 os_sleep(0, 100000);
4434 wpa_printf(MSG_DEBUG
, "nl80211: Mode change succeeded while "
4435 "interface is down");
4436 drv
->nlmode
= nlmode
;
4440 if (!ret
&& nlmode
== NL80211_IFTYPE_AP
) {
4441 /* Setup additional AP mode functionality if needed */
4442 if (drv
->monitor_ifidx
< 0 &&
4443 nl80211_create_monitor_interface(drv
))
4445 } else if (!ret
&& nlmode
!= NL80211_IFTYPE_AP
) {
4446 /* Remove additional AP mode functionality */
4447 nl80211_remove_monitor_interface(drv
);
4448 bss
->beacon_set
= 0;
4452 wpa_printf(MSG_DEBUG
, "nl80211: Interface mode change to %d "
4453 "from %d failed", nlmode
, drv
->nlmode
);
4459 static int wpa_driver_nl80211_get_capa(void *priv
,
4460 struct wpa_driver_capa
*capa
)
4462 struct i802_bss
*bss
= priv
;
4463 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
4464 if (!drv
->has_capability
)
4466 os_memcpy(capa
, &drv
->capa
, sizeof(*capa
));
4471 static int wpa_driver_nl80211_set_operstate(void *priv
, int state
)
4473 struct i802_bss
*bss
= priv
;
4474 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
4476 wpa_printf(MSG_DEBUG
, "%s: operstate %d->%d (%s)",
4477 __func__
, drv
->operstate
, state
, state
? "UP" : "DORMANT");
4478 drv
->operstate
= state
;
4479 return netlink_send_oper_ifla(drv
->netlink
, drv
->ifindex
, -1,
4480 state
? IF_OPER_UP
: IF_OPER_DORMANT
);
4484 static int wpa_driver_nl80211_set_supp_port(void *priv
, int authorized
)
4486 struct i802_bss
*bss
= priv
;
4487 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
4489 struct nl80211_sta_flag_update upd
;
4491 msg
= nlmsg_alloc();
4495 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
4496 0, NL80211_CMD_SET_STATION
, 0);
4498 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
,
4499 if_nametoindex(bss
->ifname
));
4500 NLA_PUT(msg
, NL80211_ATTR_MAC
, ETH_ALEN
, drv
->bssid
);
4502 os_memset(&upd
, 0, sizeof(upd
));
4503 upd
.mask
= BIT(NL80211_STA_FLAG_AUTHORIZED
);
4505 upd
.set
= BIT(NL80211_STA_FLAG_AUTHORIZED
);
4506 NLA_PUT(msg
, NL80211_ATTR_STA_FLAGS2
, sizeof(upd
), &upd
);
4508 return send_and_recv_msgs(drv
, msg
, NULL
, NULL
);
4516 static void add_ifidx(struct wpa_driver_nl80211_data
*drv
, int ifidx
)
4521 wpa_printf(MSG_DEBUG
, "nl80211: Add own interface ifindex %d",
4523 for (i
= 0; i
< drv
->num_if_indices
; i
++) {
4524 if (drv
->if_indices
[i
] == 0) {
4525 drv
->if_indices
[i
] = ifidx
;
4530 if (drv
->if_indices
!= drv
->default_if_indices
)
4531 old
= drv
->if_indices
;
4535 drv
->if_indices
= os_realloc(old
,
4536 sizeof(int) * (drv
->num_if_indices
+ 1));
4537 if (!drv
->if_indices
) {
4539 drv
->if_indices
= drv
->default_if_indices
;
4541 drv
->if_indices
= old
;
4542 wpa_printf(MSG_ERROR
, "Failed to reallocate memory for "
4544 wpa_printf(MSG_ERROR
, "Ignoring EAPOL on interface %d", ifidx
);
4547 os_memcpy(drv
->if_indices
, drv
->default_if_indices
,
4548 sizeof(drv
->default_if_indices
));
4549 drv
->if_indices
[drv
->num_if_indices
] = ifidx
;
4550 drv
->num_if_indices
++;
4554 static void del_ifidx(struct wpa_driver_nl80211_data
*drv
, int ifidx
)
4558 for (i
= 0; i
< drv
->num_if_indices
; i
++) {
4559 if (drv
->if_indices
[i
] == ifidx
) {
4560 drv
->if_indices
[i
] = 0;
4567 static int have_ifidx(struct wpa_driver_nl80211_data
*drv
, int ifidx
)
4571 for (i
= 0; i
< drv
->num_if_indices
; i
++)
4572 if (drv
->if_indices
[i
] == ifidx
)
4579 static inline int min_int(int a
, int b
)
4587 static int get_key_handler(struct nl_msg
*msg
, void *arg
)
4589 struct nlattr
*tb
[NL80211_ATTR_MAX
+ 1];
4590 struct genlmsghdr
*gnlh
= nlmsg_data(nlmsg_hdr(msg
));
4592 nla_parse(tb
, NL80211_ATTR_MAX
, genlmsg_attrdata(gnlh
, 0),
4593 genlmsg_attrlen(gnlh
, 0), NULL
);
4596 * TODO: validate the key index and mac address!
4597 * Otherwise, there's a race condition as soon as
4598 * the kernel starts sending key notifications.
4601 if (tb
[NL80211_ATTR_KEY_SEQ
])
4602 memcpy(arg
, nla_data(tb
[NL80211_ATTR_KEY_SEQ
]),
4603 min_int(nla_len(tb
[NL80211_ATTR_KEY_SEQ
]), 6));
4608 static int i802_get_seqnum(const char *iface
, void *priv
, const u8
*addr
,
4611 struct i802_bss
*bss
= priv
;
4612 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
4615 msg
= nlmsg_alloc();
4619 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
4620 0, NL80211_CMD_GET_KEY
, 0);
4623 NLA_PUT(msg
, NL80211_ATTR_MAC
, ETH_ALEN
, addr
);
4624 NLA_PUT_U8(msg
, NL80211_ATTR_KEY_IDX
, idx
);
4625 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, if_nametoindex(iface
));
4629 return send_and_recv_msgs(drv
, msg
, get_key_handler
, seq
);
4635 static int i802_set_rate_sets(void *priv
, int *supp_rates
, int *basic_rates
,
4638 struct i802_bss
*bss
= priv
;
4639 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
4641 u8 rates
[NL80211_MAX_SUPP_RATES
];
4645 msg
= nlmsg_alloc();
4649 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0, 0,
4650 NL80211_CMD_SET_BSS
, 0);
4652 for (i
= 0; i
< NL80211_MAX_SUPP_RATES
&& basic_rates
[i
] >= 0; i
++)
4653 rates
[rates_len
++] = basic_rates
[i
] / 5;
4655 NLA_PUT(msg
, NL80211_ATTR_BSS_BASIC_RATES
, rates_len
, rates
);
4657 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, if_nametoindex(bss
->ifname
));
4659 return send_and_recv_msgs(drv
, msg
, NULL
, NULL
);
4664 #endif /* HOSTAPD */
4667 /* Set kernel driver on given frequency (MHz) */
4668 static int i802_set_freq(void *priv
, struct hostapd_freq_params
*freq
)
4670 struct i802_bss
*bss
= priv
;
4671 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
4672 return wpa_driver_nl80211_set_freq(drv
, freq
->freq
, freq
->ht_enabled
,
4673 freq
->sec_channel_offset
);
4679 static int i802_set_rts(void *priv
, int rts
)
4681 struct i802_bss
*bss
= priv
;
4682 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
4687 msg
= nlmsg_alloc();
4696 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
4697 0, NL80211_CMD_SET_WIPHY
, 0);
4698 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, drv
->ifindex
);
4699 NLA_PUT_U32(msg
, NL80211_ATTR_WIPHY_RTS_THRESHOLD
, val
);
4701 ret
= send_and_recv_msgs(drv
, msg
, NULL
, NULL
);
4705 wpa_printf(MSG_DEBUG
, "nl80211: Failed to set RTS threshold %d: "
4706 "%d (%s)", rts
, ret
, strerror(-ret
));
4711 static int i802_set_frag(void *priv
, int frag
)
4713 struct i802_bss
*bss
= priv
;
4714 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
4719 msg
= nlmsg_alloc();
4728 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
4729 0, NL80211_CMD_SET_WIPHY
, 0);
4730 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, drv
->ifindex
);
4731 NLA_PUT_U32(msg
, NL80211_ATTR_WIPHY_FRAG_THRESHOLD
, val
);
4733 ret
= send_and_recv_msgs(drv
, msg
, NULL
, NULL
);
4737 wpa_printf(MSG_DEBUG
, "nl80211: Failed to set fragmentation threshold "
4738 "%d: %d (%s)", frag
, ret
, strerror(-ret
));
4743 static int i802_flush(void *priv
)
4745 struct i802_bss
*bss
= priv
;
4746 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
4749 msg
= nlmsg_alloc();
4753 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
4754 0, NL80211_CMD_DEL_STATION
, 0);
4757 * XXX: FIX! this needs to flush all VLANs too
4759 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
,
4760 if_nametoindex(bss
->ifname
));
4762 return send_and_recv_msgs(drv
, msg
, NULL
, NULL
);
4768 static int get_sta_handler(struct nl_msg
*msg
, void *arg
)
4770 struct nlattr
*tb
[NL80211_ATTR_MAX
+ 1];
4771 struct genlmsghdr
*gnlh
= nlmsg_data(nlmsg_hdr(msg
));
4772 struct hostap_sta_driver_data
*data
= arg
;
4773 struct nlattr
*stats
[NL80211_STA_INFO_MAX
+ 1];
4774 static struct nla_policy stats_policy
[NL80211_STA_INFO_MAX
+ 1] = {
4775 [NL80211_STA_INFO_INACTIVE_TIME
] = { .type
= NLA_U32
},
4776 [NL80211_STA_INFO_RX_BYTES
] = { .type
= NLA_U32
},
4777 [NL80211_STA_INFO_TX_BYTES
] = { .type
= NLA_U32
},
4778 [NL80211_STA_INFO_RX_PACKETS
] = { .type
= NLA_U32
},
4779 [NL80211_STA_INFO_TX_PACKETS
] = { .type
= NLA_U32
},
4782 nla_parse(tb
, NL80211_ATTR_MAX
, genlmsg_attrdata(gnlh
, 0),
4783 genlmsg_attrlen(gnlh
, 0), NULL
);
4786 * TODO: validate the interface and mac address!
4787 * Otherwise, there's a race condition as soon as
4788 * the kernel starts sending station notifications.
4791 if (!tb
[NL80211_ATTR_STA_INFO
]) {
4792 wpa_printf(MSG_DEBUG
, "sta stats missing!");
4795 if (nla_parse_nested(stats
, NL80211_STA_INFO_MAX
,
4796 tb
[NL80211_ATTR_STA_INFO
],
4798 wpa_printf(MSG_DEBUG
, "failed to parse nested attributes!");
4802 if (stats
[NL80211_STA_INFO_INACTIVE_TIME
])
4803 data
->inactive_msec
=
4804 nla_get_u32(stats
[NL80211_STA_INFO_INACTIVE_TIME
]);
4805 if (stats
[NL80211_STA_INFO_RX_BYTES
])
4806 data
->rx_bytes
= nla_get_u32(stats
[NL80211_STA_INFO_RX_BYTES
]);
4807 if (stats
[NL80211_STA_INFO_TX_BYTES
])
4808 data
->tx_bytes
= nla_get_u32(stats
[NL80211_STA_INFO_TX_BYTES
]);
4809 if (stats
[NL80211_STA_INFO_RX_PACKETS
])
4811 nla_get_u32(stats
[NL80211_STA_INFO_RX_PACKETS
]);
4812 if (stats
[NL80211_STA_INFO_TX_PACKETS
])
4814 nla_get_u32(stats
[NL80211_STA_INFO_TX_PACKETS
]);
4819 static int i802_read_sta_data(void *priv
, struct hostap_sta_driver_data
*data
,
4822 struct i802_bss
*bss
= priv
;
4823 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
4826 os_memset(data
, 0, sizeof(*data
));
4827 msg
= nlmsg_alloc();
4831 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
4832 0, NL80211_CMD_GET_STATION
, 0);
4834 NLA_PUT(msg
, NL80211_ATTR_MAC
, ETH_ALEN
, addr
);
4835 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, if_nametoindex(bss
->ifname
));
4837 return send_and_recv_msgs(drv
, msg
, get_sta_handler
, data
);
4843 static int i802_set_tx_queue_params(void *priv
, int queue
, int aifs
,
4844 int cw_min
, int cw_max
, int burst_time
)
4846 struct i802_bss
*bss
= priv
;
4847 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
4849 struct nlattr
*txq
, *params
;
4851 msg
= nlmsg_alloc();
4855 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
4856 0, NL80211_CMD_SET_WIPHY
, 0);
4858 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, if_nametoindex(bss
->ifname
));
4860 txq
= nla_nest_start(msg
, NL80211_ATTR_WIPHY_TXQ_PARAMS
);
4862 goto nla_put_failure
;
4864 /* We are only sending parameters for a single TXQ at a time */
4865 params
= nla_nest_start(msg
, 1);
4867 goto nla_put_failure
;
4869 NLA_PUT_U8(msg
, NL80211_TXQ_ATTR_QUEUE
, queue
);
4870 /* Burst time is configured in units of 0.1 msec and TXOP parameter in
4871 * 32 usec, so need to convert the value here. */
4872 NLA_PUT_U16(msg
, NL80211_TXQ_ATTR_TXOP
, (burst_time
* 100 + 16) / 32);
4873 NLA_PUT_U16(msg
, NL80211_TXQ_ATTR_CWMIN
, cw_min
);
4874 NLA_PUT_U16(msg
, NL80211_TXQ_ATTR_CWMAX
, cw_max
);
4875 NLA_PUT_U8(msg
, NL80211_TXQ_ATTR_AIFS
, aifs
);
4877 nla_nest_end(msg
, params
);
4879 nla_nest_end(msg
, txq
);
4881 if (send_and_recv_msgs(drv
, msg
, NULL
, NULL
) == 0)
4888 static int i802_set_bss(void *priv
, int cts
, int preamble
, int slot
)
4890 struct i802_bss
*bss
= priv
;
4891 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
4894 msg
= nlmsg_alloc();
4898 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0, 0,
4899 NL80211_CMD_SET_BSS
, 0);
4902 NLA_PUT_U8(msg
, NL80211_ATTR_BSS_CTS_PROT
, cts
);
4904 NLA_PUT_U8(msg
, NL80211_ATTR_BSS_SHORT_PREAMBLE
, preamble
);
4906 NLA_PUT_U8(msg
, NL80211_ATTR_BSS_SHORT_SLOT_TIME
, slot
);
4908 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, if_nametoindex(bss
->ifname
));
4910 return send_and_recv_msgs(drv
, msg
, NULL
, NULL
);
4916 static int i802_set_cts_protect(void *priv
, int value
)
4918 return i802_set_bss(priv
, value
, -1, -1);
4922 static int i802_set_preamble(void *priv
, int value
)
4924 return i802_set_bss(priv
, -1, value
, -1);
4928 static int i802_set_short_slot_time(void *priv
, int value
)
4930 return i802_set_bss(priv
, -1, -1, value
);
4934 static int i802_set_sta_vlan(void *priv
, const u8
*addr
,
4935 const char *ifname
, int vlan_id
)
4937 struct i802_bss
*bss
= priv
;
4938 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
4942 msg
= nlmsg_alloc();
4946 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
4947 0, NL80211_CMD_SET_STATION
, 0);
4949 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
,
4950 if_nametoindex(bss
->ifname
));
4951 NLA_PUT(msg
, NL80211_ATTR_MAC
, ETH_ALEN
, addr
);
4952 NLA_PUT_U32(msg
, NL80211_ATTR_STA_VLAN
,
4953 if_nametoindex(ifname
));
4955 ret
= send_and_recv_msgs(drv
, msg
, NULL
, NULL
);
4957 wpa_printf(MSG_ERROR
, "nl80211: NL80211_ATTR_STA_VLAN (addr="
4958 MACSTR
" ifname=%s vlan_id=%d) failed: %d (%s)",
4959 MAC2STR(addr
), ifname
, vlan_id
, ret
,
4967 static int i802_set_wds_sta(void *priv
, const u8
*addr
, int aid
, int val
)
4969 struct i802_bss
*bss
= priv
;
4970 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
4971 char name
[IFNAMSIZ
+ 1];
4973 os_snprintf(name
, sizeof(name
), "%s.sta%d", bss
->ifname
, aid
);
4974 wpa_printf(MSG_DEBUG
, "nl80211: Set WDS STA addr=" MACSTR
4975 " aid=%d val=%d name=%s", MAC2STR(addr
), aid
, val
, name
);
4977 if (nl80211_create_iface(drv
, name
, NL80211_IFTYPE_AP_VLAN
,
4980 linux_set_iface_flags(drv
->ioctl_sock
, name
, 1);
4981 return i802_set_sta_vlan(priv
, addr
, name
, 0);
4983 i802_set_sta_vlan(priv
, addr
, bss
->ifname
, 0);
4984 return wpa_driver_nl80211_if_remove(priv
, WPA_IF_AP_VLAN
,
4990 static void handle_eapol(int sock
, void *eloop_ctx
, void *sock_ctx
)
4992 struct wpa_driver_nl80211_data
*drv
= eloop_ctx
;
4993 struct sockaddr_ll lladdr
;
4994 unsigned char buf
[3000];
4996 socklen_t fromlen
= sizeof(lladdr
);
4998 len
= recvfrom(sock
, buf
, sizeof(buf
), 0,
4999 (struct sockaddr
*)&lladdr
, &fromlen
);
5005 if (have_ifidx(drv
, lladdr
.sll_ifindex
))
5006 drv_event_eapol_rx(drv
->ctx
, lladdr
.sll_addr
, buf
, len
);
5010 static int i802_get_inact_sec(void *priv
, const u8
*addr
)
5012 struct hostap_sta_driver_data data
;
5015 data
.inactive_msec
= (unsigned long) -1;
5016 ret
= i802_read_sta_data(priv
, &data
, addr
);
5017 if (ret
|| data
.inactive_msec
== (unsigned long) -1)
5019 return data
.inactive_msec
/ 1000;
5023 static int i802_sta_clear_stats(void *priv
, const u8
*addr
)
5032 static int i802_sta_deauth(void *priv
, const u8
*own_addr
, const u8
*addr
,
5035 struct i802_bss
*bss
= priv
;
5036 struct ieee80211_mgmt mgmt
;
5038 memset(&mgmt
, 0, sizeof(mgmt
));
5039 mgmt
.frame_control
= IEEE80211_FC(WLAN_FC_TYPE_MGMT
,
5040 WLAN_FC_STYPE_DEAUTH
);
5041 memcpy(mgmt
.da
, addr
, ETH_ALEN
);
5042 memcpy(mgmt
.sa
, own_addr
, ETH_ALEN
);
5043 memcpy(mgmt
.bssid
, own_addr
, ETH_ALEN
);
5044 mgmt
.u
.deauth
.reason_code
= host_to_le16(reason
);
5045 return wpa_driver_nl80211_send_mlme(bss
, (u8
*) &mgmt
,
5047 sizeof(mgmt
.u
.deauth
));
5051 static int i802_sta_disassoc(void *priv
, const u8
*own_addr
, const u8
*addr
,
5054 struct i802_bss
*bss
= priv
;
5055 struct ieee80211_mgmt mgmt
;
5057 memset(&mgmt
, 0, sizeof(mgmt
));
5058 mgmt
.frame_control
= IEEE80211_FC(WLAN_FC_TYPE_MGMT
,
5059 WLAN_FC_STYPE_DISASSOC
);
5060 memcpy(mgmt
.da
, addr
, ETH_ALEN
);
5061 memcpy(mgmt
.sa
, own_addr
, ETH_ALEN
);
5062 memcpy(mgmt
.bssid
, own_addr
, ETH_ALEN
);
5063 mgmt
.u
.disassoc
.reason_code
= host_to_le16(reason
);
5064 return wpa_driver_nl80211_send_mlme(bss
, (u8
*) &mgmt
,
5066 sizeof(mgmt
.u
.disassoc
));
5070 static int i802_check_bridge(struct wpa_driver_nl80211_data
*drv
,
5071 const char *brname
, const char *ifname
)
5074 char in_br
[IFNAMSIZ
];
5076 os_strlcpy(drv
->brname
, brname
, IFNAMSIZ
);
5077 ifindex
= if_nametoindex(brname
);
5080 * Bridge was configured, but the bridge device does
5081 * not exist. Try to add it now.
5083 if (linux_br_add(drv
->ioctl_sock
, brname
) < 0) {
5084 wpa_printf(MSG_ERROR
, "nl80211: Failed to add the "
5085 "bridge interface %s: %s",
5086 brname
, strerror(errno
));
5089 drv
->added_bridge
= 1;
5090 add_ifidx(drv
, if_nametoindex(brname
));
5093 if (linux_br_get(in_br
, ifname
) == 0) {
5094 if (os_strcmp(in_br
, brname
) == 0)
5095 return 0; /* already in the bridge */
5097 wpa_printf(MSG_DEBUG
, "nl80211: Removing interface %s from "
5098 "bridge %s", ifname
, in_br
);
5099 if (linux_br_del_if(drv
->ioctl_sock
, in_br
, ifname
) < 0) {
5100 wpa_printf(MSG_ERROR
, "nl80211: Failed to "
5101 "remove interface %s from bridge "
5103 ifname
, brname
, strerror(errno
));
5108 wpa_printf(MSG_DEBUG
, "nl80211: Adding interface %s into bridge %s",
5110 if (linux_br_add_if(drv
->ioctl_sock
, brname
, ifname
) < 0) {
5111 wpa_printf(MSG_ERROR
, "nl80211: Failed to add interface %s "
5112 "into bridge %s: %s",
5113 ifname
, brname
, strerror(errno
));
5116 drv
->added_if_into_bridge
= 1;
5122 static void *i802_init(struct hostapd_data
*hapd
,
5123 struct wpa_init_params
*params
)
5125 struct wpa_driver_nl80211_data
*drv
;
5126 struct i802_bss
*bss
;
5128 char brname
[IFNAMSIZ
];
5129 int ifindex
, br_ifindex
;
5132 bss
= wpa_driver_nl80211_init(hapd
, params
->ifname
);
5137 if (linux_br_get(brname
, params
->ifname
) == 0) {
5138 wpa_printf(MSG_DEBUG
, "nl80211: Interface %s is in bridge %s",
5139 params
->ifname
, brname
);
5140 br_ifindex
= if_nametoindex(brname
);
5146 drv
->num_if_indices
= sizeof(drv
->default_if_indices
) / sizeof(int);
5147 drv
->if_indices
= drv
->default_if_indices
;
5148 for (i
= 0; i
< params
->num_bridge
; i
++) {
5149 if (params
->bridge
[i
]) {
5150 ifindex
= if_nametoindex(params
->bridge
[i
]);
5152 add_ifidx(drv
, ifindex
);
5153 if (ifindex
== br_ifindex
)
5157 if (!br_added
&& br_ifindex
&&
5158 (params
->num_bridge
== 0 || !params
->bridge
[0]))
5159 add_ifidx(drv
, br_ifindex
);
5161 /* start listening for EAPOL on the default AP interface */
5162 add_ifidx(drv
, drv
->ifindex
);
5164 if (linux_set_iface_flags(drv
->ioctl_sock
, bss
->ifname
, 0))
5167 if (params
->bssid
) {
5168 if (linux_set_ifhwaddr(drv
->ioctl_sock
, bss
->ifname
,
5173 if (wpa_driver_nl80211_set_mode(bss
, IEEE80211_MODE_AP
)) {
5174 wpa_printf(MSG_ERROR
, "nl80211: Failed to set interface %s "
5175 "into AP mode", bss
->ifname
);
5179 if (params
->num_bridge
&& params
->bridge
[0] &&
5180 i802_check_bridge(drv
, params
->bridge
[0], params
->ifname
) < 0)
5183 if (linux_set_iface_flags(drv
->ioctl_sock
, bss
->ifname
, 1))
5186 drv
->eapol_sock
= socket(PF_PACKET
, SOCK_DGRAM
, htons(ETH_P_PAE
));
5187 if (drv
->eapol_sock
< 0) {
5188 perror("socket(PF_PACKET, SOCK_DGRAM, ETH_P_PAE)");
5192 if (eloop_register_read_sock(drv
->eapol_sock
, handle_eapol
, drv
, NULL
))
5194 printf("Could not register read socket for eapol\n");
5198 if (linux_get_ifhwaddr(drv
->ioctl_sock
, bss
->ifname
, params
->own_addr
))
5204 nl80211_remove_monitor_interface(drv
);
5205 if (drv
->ioctl_sock
>= 0)
5206 close(drv
->ioctl_sock
);
5208 genl_family_put(drv
->nl80211
);
5209 nl_cache_free(drv
->nl_cache
);
5210 nl80211_handle_destroy(drv
->nl_handle
);
5211 nl_cb_put(drv
->nl_cb
);
5218 static void i802_deinit(void *priv
)
5220 wpa_driver_nl80211_deinit(priv
);
5223 #endif /* HOSTAPD */
5226 static enum nl80211_iftype
wpa_driver_nl80211_if_type(
5227 enum wpa_driver_if_type type
)
5230 case WPA_IF_STATION
:
5231 case WPA_IF_P2P_CLIENT
:
5232 case WPA_IF_P2P_GROUP
:
5233 return NL80211_IFTYPE_STATION
;
5234 case WPA_IF_AP_VLAN
:
5235 return NL80211_IFTYPE_AP_VLAN
;
5238 return NL80211_IFTYPE_AP
;
5244 static int wpa_driver_nl80211_if_add(void *priv
, enum wpa_driver_if_type type
,
5245 const char *ifname
, const u8
*addr
,
5246 void *bss_ctx
, void **drv_priv
,
5247 char *force_ifname
, u8
*if_addr
)
5249 struct i802_bss
*bss
= priv
;
5250 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
5253 struct i802_bss
*new_bss
= NULL
;
5255 if (type
== WPA_IF_AP_BSS
) {
5256 new_bss
= os_zalloc(sizeof(*new_bss
));
5257 if (new_bss
== NULL
)
5260 #endif /* HOSTAPD */
5263 os_memcpy(if_addr
, addr
, ETH_ALEN
);
5264 ifidx
= nl80211_create_iface(drv
, ifname
,
5265 wpa_driver_nl80211_if_type(type
), addr
,
5270 #endif /* HOSTAPD */
5275 linux_get_ifhwaddr(drv
->ioctl_sock
, bss
->ifname
, if_addr
) < 0)
5279 if (type
== WPA_IF_AP_BSS
) {
5280 if (linux_set_iface_flags(drv
->ioctl_sock
, ifname
, 1)) {
5281 nl80211_remove_iface(drv
, ifidx
);
5285 os_strlcpy(new_bss
->ifname
, ifname
, IFNAMSIZ
);
5286 new_bss
->ifindex
= ifidx
;
5288 new_bss
->next
= drv
->first_bss
.next
;
5289 drv
->first_bss
.next
= new_bss
;
5291 *drv_priv
= new_bss
;
5293 #endif /* HOSTAPD */
5299 static int wpa_driver_nl80211_if_remove(void *priv
,
5300 enum wpa_driver_if_type type
,
5303 struct i802_bss
*bss
= priv
;
5304 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
5305 int ifindex
= if_nametoindex(ifname
);
5307 wpa_printf(MSG_DEBUG
, "nl80211: %s(type=%d ifname=%s) ifindex=%d",
5308 __func__
, type
, ifname
, ifindex
);
5311 nl80211_remove_iface(drv
, ifindex
);
5314 if (type
!= WPA_IF_AP_BSS
)
5317 if (bss
!= &drv
->first_bss
) {
5318 struct i802_bss
*tbss
= &drv
->first_bss
;
5321 if (tbss
->next
!= bss
)
5324 tbss
->next
= bss
->next
;
5329 #endif /* HOSTAPD */
5335 static int cookie_handler(struct nl_msg
*msg
, void *arg
)
5337 struct nlattr
*tb
[NL80211_ATTR_MAX
+ 1];
5338 struct genlmsghdr
*gnlh
= nlmsg_data(nlmsg_hdr(msg
));
5340 nla_parse(tb
, NL80211_ATTR_MAX
, genlmsg_attrdata(gnlh
, 0),
5341 genlmsg_attrlen(gnlh
, 0), NULL
);
5342 if (tb
[NL80211_ATTR_COOKIE
])
5343 *cookie
= nla_get_u64(tb
[NL80211_ATTR_COOKIE
]);
5348 static int nl80211_send_frame_cmd(struct wpa_driver_nl80211_data
*drv
,
5349 unsigned int freq
, const u8
*buf
,
5350 size_t buf_len
, u64
*cookie_out
)
5356 msg
= nlmsg_alloc();
5360 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0, 0,
5361 NL80211_CMD_FRAME
, 0);
5363 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, drv
->ifindex
);
5364 NLA_PUT_U32(msg
, NL80211_ATTR_WIPHY_FREQ
, freq
);
5365 NLA_PUT(msg
, NL80211_ATTR_FRAME
, buf_len
, buf
);
5368 ret
= send_and_recv_msgs(drv
, msg
, cookie_handler
, &cookie
);
5371 wpa_printf(MSG_DEBUG
, "nl80211: Frame command failed: ret=%d "
5372 "(%s)", ret
, strerror(-ret
));
5373 goto nla_put_failure
;
5375 wpa_printf(MSG_DEBUG
, "nl80211: Frame TX command accepted; "
5376 "cookie 0x%llx", (long long unsigned int) cookie
);
5379 *cookie_out
= cookie
;
5387 static int wpa_driver_nl80211_send_action(void *priv
, unsigned int freq
,
5388 const u8
*dst
, const u8
*src
,
5390 const u8
*data
, size_t data_len
)
5392 struct i802_bss
*bss
= priv
;
5393 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
5396 struct ieee80211_hdr
*hdr
;
5398 wpa_printf(MSG_DEBUG
, "nl80211: Send Action frame (ifindex=%d)",
5401 buf
= os_zalloc(24 + data_len
);
5404 os_memcpy(buf
+ 24, data
, data_len
);
5405 hdr
= (struct ieee80211_hdr
*) buf
;
5406 hdr
->frame_control
=
5407 IEEE80211_FC(WLAN_FC_TYPE_MGMT
, WLAN_FC_STYPE_ACTION
);
5408 os_memcpy(hdr
->addr1
, dst
, ETH_ALEN
);
5409 os_memcpy(hdr
->addr2
, src
, ETH_ALEN
);
5410 os_memcpy(hdr
->addr3
, bssid
, ETH_ALEN
);
5412 if (drv
->nlmode
== NL80211_IFTYPE_AP
)
5413 ret
= wpa_driver_nl80211_send_mlme(priv
, buf
, 24 + data_len
);
5415 ret
= nl80211_send_frame_cmd(drv
, freq
, buf
, 24 + data_len
,
5416 &drv
->send_action_cookie
);
5423 static int wpa_driver_nl80211_remain_on_channel(void *priv
, unsigned int freq
,
5424 unsigned int duration
)
5426 struct i802_bss
*bss
= priv
;
5427 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
5432 msg
= nlmsg_alloc();
5436 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0, 0,
5437 NL80211_CMD_REMAIN_ON_CHANNEL
, 0);
5439 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, drv
->ifindex
);
5440 NLA_PUT_U32(msg
, NL80211_ATTR_WIPHY_FREQ
, freq
);
5441 NLA_PUT_U32(msg
, NL80211_ATTR_DURATION
, duration
);
5444 ret
= send_and_recv_msgs(drv
, msg
, cookie_handler
, &cookie
);
5446 wpa_printf(MSG_DEBUG
, "nl80211: Remain-on-channel cookie "
5447 "0x%llx for freq=%u MHz duration=%u",
5448 (long long unsigned int) cookie
, freq
, duration
);
5449 drv
->remain_on_chan_cookie
= cookie
;
5452 wpa_printf(MSG_DEBUG
, "nl80211: Failed to request remain-on-channel "
5453 "(freq=%d duration=%u): %d (%s)",
5454 freq
, duration
, ret
, strerror(-ret
));
5460 static int wpa_driver_nl80211_cancel_remain_on_channel(void *priv
)
5462 struct i802_bss
*bss
= priv
;
5463 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
5467 if (!drv
->pending_remain_on_chan
) {
5468 wpa_printf(MSG_DEBUG
, "nl80211: No pending remain-on-channel "
5473 wpa_printf(MSG_DEBUG
, "nl80211: Cancel remain-on-channel with cookie "
5475 (long long unsigned int) drv
->remain_on_chan_cookie
);
5477 msg
= nlmsg_alloc();
5481 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0, 0,
5482 NL80211_CMD_CANCEL_REMAIN_ON_CHANNEL
, 0);
5484 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, drv
->ifindex
);
5485 NLA_PUT_U64(msg
, NL80211_ATTR_COOKIE
, drv
->remain_on_chan_cookie
);
5487 ret
= send_and_recv_msgs(drv
, msg
, NULL
, NULL
);
5490 wpa_printf(MSG_DEBUG
, "nl80211: Failed to cancel remain-on-channel: "
5491 "%d (%s)", ret
, strerror(-ret
));
5497 static int wpa_driver_nl80211_probe_req_report(void *priv
, int report
)
5499 struct i802_bss
*bss
= priv
;
5500 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
5502 if (drv
->nlmode
!= NL80211_IFTYPE_STATION
) {
5503 wpa_printf(MSG_DEBUG
, "nl80211: probe_req_report control only "
5504 "allowed in station mode (iftype=%d)",
5510 if (drv
->nl_handle_preq
) {
5511 eloop_unregister_read_sock(
5512 nl_socket_get_fd(drv
->nl_handle_preq
));
5513 nl_cache_free(drv
->nl_cache_preq
);
5514 nl80211_handle_destroy(drv
->nl_handle_preq
);
5515 drv
->nl_handle_preq
= NULL
;
5520 if (drv
->nl_handle_preq
) {
5521 wpa_printf(MSG_DEBUG
, "nl80211: Probe Request reporting "
5526 drv
->nl_handle_preq
= nl80211_handle_alloc(drv
->nl_cb
);
5527 if (drv
->nl_handle_preq
== NULL
) {
5528 wpa_printf(MSG_ERROR
, "nl80211: Failed to allocate "
5529 "netlink callbacks (preq)");
5533 if (genl_connect(drv
->nl_handle_preq
)) {
5534 wpa_printf(MSG_ERROR
, "nl80211: Failed to connect to "
5535 "generic netlink (preq)");
5540 #ifdef CONFIG_LIBNL20
5541 if (genl_ctrl_alloc_cache(drv
->nl_handle_preq
,
5542 &drv
->nl_cache_preq
) < 0) {
5543 wpa_printf(MSG_ERROR
, "nl80211: Failed to allocate generic "
5544 "netlink cache (preq)");
5547 #else /* CONFIG_LIBNL20 */
5548 drv
->nl_cache_preq
= genl_ctrl_alloc_cache(drv
->nl_handle_preq
);
5549 if (drv
->nl_cache_preq
== NULL
) {
5550 wpa_printf(MSG_ERROR
, "nl80211: Failed to allocate generic "
5551 "netlink cache (preq)");
5554 #endif /* CONFIG_LIBNL20 */
5556 if (nl80211_register_frame(drv
, drv
->nl_handle_preq
,
5557 (WLAN_FC_TYPE_MGMT
<< 2) |
5558 (WLAN_FC_STYPE_PROBE_REQ
<< 4),
5563 eloop_register_read_sock(nl_socket_get_fd(drv
->nl_handle_preq
),
5564 wpa_driver_nl80211_event_receive
, drv
,
5565 drv
->nl_handle_preq
);
5570 nl_cache_free(drv
->nl_cache_preq
);
5572 nl80211_handle_destroy(drv
->nl_handle_preq
);
5573 drv
->nl_handle_preq
= NULL
;
5579 static int nl80211_disable_11b_rates(struct wpa_driver_nl80211_data
*drv
,
5580 int ifindex
, int disabled
)
5583 struct nlattr
*bands
, *band
;
5586 msg
= nlmsg_alloc();
5590 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0, 0,
5591 NL80211_CMD_SET_TX_BITRATE_MASK
, 0);
5592 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, ifindex
);
5594 bands
= nla_nest_start(msg
, NL80211_ATTR_TX_RATES
);
5596 goto nla_put_failure
;
5599 * Disable 2 GHz rates 1, 2, 5.5, 11 Mbps by masking out everything
5600 * else apart from 6, 9, 12, 18, 24, 36, 48, 54 Mbps from non-MCS
5601 * rates. All 5 GHz rates are left enabled.
5603 band
= nla_nest_start(msg
, NL80211_BAND_2GHZ
);
5605 goto nla_put_failure
;
5606 NLA_PUT(msg
, NL80211_TXRATE_LEGACY
, 8,
5607 "\x0c\x12\x18\x24\x30\x48\x60\x6c");
5608 nla_nest_end(msg
, band
);
5610 nla_nest_end(msg
, bands
);
5612 ret
= send_and_recv_msgs(drv
, msg
, NULL
, NULL
);
5615 wpa_printf(MSG_DEBUG
, "nl80211: Set TX rates failed: ret=%d "
5616 "(%s)", ret
, strerror(-ret
));
5627 static int wpa_driver_nl80211_disable_11b_rates(void *priv
, int disabled
)
5629 struct i802_bss
*bss
= priv
;
5630 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
5631 drv
->disable_11b_rates
= disabled
;
5632 return nl80211_disable_11b_rates(drv
, drv
->ifindex
, disabled
);
5636 static int wpa_driver_nl80211_deinit_ap(void *priv
)
5638 struct i802_bss
*bss
= priv
;
5639 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
5640 if (drv
->nlmode
!= NL80211_IFTYPE_AP
)
5642 wpa_driver_nl80211_del_beacon(drv
);
5643 return wpa_driver_nl80211_set_mode(priv
, IEEE80211_MODE_INFRA
);
5647 static void wpa_driver_nl80211_resume(void *priv
)
5649 struct i802_bss
*bss
= priv
;
5650 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
5651 if (linux_set_iface_flags(drv
->ioctl_sock
, bss
->ifname
, 1)) {
5652 wpa_printf(MSG_DEBUG
, "nl80211: Failed to set interface up on "
5658 static int nl80211_send_ft_action(void *priv
, u8 action
, const u8
*target_ap
,
5659 const u8
*ies
, size_t ies_len
)
5661 struct i802_bss
*bss
= priv
;
5662 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
5666 u8 own_addr
[ETH_ALEN
];
5668 if (linux_get_ifhwaddr(drv
->ioctl_sock
, bss
->ifname
, own_addr
) < 0)
5672 wpa_printf(MSG_ERROR
, "nl80211: Unsupported send_ft_action "
5673 "action %d", action
);
5678 * Action frame payload:
5679 * Category[1] = 6 (Fast BSS Transition)
5680 * Action[1] = 1 (Fast BSS Transition Request)
5686 data_len
= 2 + 2 * ETH_ALEN
+ ies_len
;
5687 data
= os_malloc(data_len
);
5691 *pos
++ = 0x06; /* FT Action category */
5693 os_memcpy(pos
, own_addr
, ETH_ALEN
);
5695 os_memcpy(pos
, target_ap
, ETH_ALEN
);
5697 os_memcpy(pos
, ies
, ies_len
);
5699 ret
= wpa_driver_nl80211_send_action(bss
, drv
->assoc_freq
, drv
->bssid
,
5700 own_addr
, drv
->bssid
,
5708 static int nl80211_signal_monitor(void *priv
, int threshold
, int hysteresis
)
5710 struct i802_bss
*bss
= priv
;
5711 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
5712 struct nl_msg
*msg
, *cqm
= NULL
;
5714 wpa_printf(MSG_DEBUG
, "nl80211: Signal monitor threshold=%d "
5715 "hysteresis=%d", threshold
, hysteresis
);
5717 msg
= nlmsg_alloc();
5721 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0,
5722 0, NL80211_CMD_SET_CQM
, 0);
5724 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, bss
->ifindex
);
5726 cqm
= nlmsg_alloc();
5730 NLA_PUT_U32(cqm
, NL80211_ATTR_CQM_RSSI_THOLD
, threshold
);
5731 NLA_PUT_U32(cqm
, NL80211_ATTR_CQM_RSSI_HYST
, hysteresis
);
5732 nla_put_nested(msg
, NL80211_ATTR_CQM
, cqm
);
5734 if (send_and_recv_msgs(drv
, msg
, NULL
, NULL
) == 0)
5746 static int nl80211_send_frame(void *priv
, const u8
*data
, size_t data_len
,
5749 struct i802_bss
*bss
= priv
;
5750 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
5751 return wpa_driver_nl80211_send_frame(drv
, data
, data_len
, encrypt
);
5755 static int nl80211_set_intra_bss(void *priv
, int enabled
)
5757 struct i802_bss
*bss
= priv
;
5758 struct wpa_driver_nl80211_data
*drv
= bss
->drv
;
5761 msg
= nlmsg_alloc();
5765 genlmsg_put(msg
, 0, 0, genl_family_get_id(drv
->nl80211
), 0, 0,
5766 NL80211_CMD_SET_BSS
, 0);
5768 NLA_PUT_U32(msg
, NL80211_ATTR_IFINDEX
, if_nametoindex(bss
->ifname
));
5769 NLA_PUT_U8(msg
, NL80211_ATTR_AP_ISOLATE
, !enabled
);
5771 return send_and_recv_msgs(drv
, msg
, NULL
, NULL
);
5777 const struct wpa_driver_ops wpa_driver_nl80211_ops
= {
5779 .desc
= "Linux nl80211/cfg80211",
5780 .get_bssid
= wpa_driver_nl80211_get_bssid
,
5781 .get_ssid
= wpa_driver_nl80211_get_ssid
,
5782 .set_key
= wpa_driver_nl80211_set_key
,
5783 .scan2
= wpa_driver_nl80211_scan
,
5784 .get_scan_results2
= wpa_driver_nl80211_get_scan_results
,
5785 .deauthenticate
= wpa_driver_nl80211_deauthenticate
,
5786 .disassociate
= wpa_driver_nl80211_disassociate
,
5787 .authenticate
= wpa_driver_nl80211_authenticate
,
5788 .associate
= wpa_driver_nl80211_associate
,
5789 .init
= wpa_driver_nl80211_init
,
5790 .deinit
= wpa_driver_nl80211_deinit
,
5791 .get_capa
= wpa_driver_nl80211_get_capa
,
5792 .set_operstate
= wpa_driver_nl80211_set_operstate
,
5793 .set_supp_port
= wpa_driver_nl80211_set_supp_port
,
5794 .set_country
= wpa_driver_nl80211_set_country
,
5795 .set_beacon
= wpa_driver_nl80211_set_beacon
,
5796 .if_add
= wpa_driver_nl80211_if_add
,
5797 .if_remove
= wpa_driver_nl80211_if_remove
,
5798 .send_mlme
= wpa_driver_nl80211_send_mlme
,
5799 .get_hw_feature_data
= wpa_driver_nl80211_get_hw_feature_data
,
5800 .sta_add
= wpa_driver_nl80211_sta_add
,
5801 .sta_remove
= wpa_driver_nl80211_sta_remove
,
5802 .hapd_send_eapol
= wpa_driver_nl80211_hapd_send_eapol
,
5803 .sta_set_flags
= wpa_driver_nl80211_sta_set_flags
,
5805 .hapd_init
= i802_init
,
5806 .hapd_deinit
= i802_deinit
,
5807 .get_seqnum
= i802_get_seqnum
,
5808 .flush
= i802_flush
,
5809 .read_sta_data
= i802_read_sta_data
,
5810 .sta_deauth
= i802_sta_deauth
,
5811 .sta_disassoc
= i802_sta_disassoc
,
5812 .get_inact_sec
= i802_get_inact_sec
,
5813 .sta_clear_stats
= i802_sta_clear_stats
,
5814 .set_rts
= i802_set_rts
,
5815 .set_frag
= i802_set_frag
,
5816 .set_rate_sets
= i802_set_rate_sets
,
5817 .set_cts_protect
= i802_set_cts_protect
,
5818 .set_preamble
= i802_set_preamble
,
5819 .set_short_slot_time
= i802_set_short_slot_time
,
5820 .set_tx_queue_params
= i802_set_tx_queue_params
,
5821 .set_sta_vlan
= i802_set_sta_vlan
,
5822 .set_wds_sta
= i802_set_wds_sta
,
5823 #endif /* HOSTAPD */
5824 .set_freq
= i802_set_freq
,
5825 .send_action
= wpa_driver_nl80211_send_action
,
5826 .remain_on_channel
= wpa_driver_nl80211_remain_on_channel
,
5827 .cancel_remain_on_channel
=
5828 wpa_driver_nl80211_cancel_remain_on_channel
,
5829 .probe_req_report
= wpa_driver_nl80211_probe_req_report
,
5830 .disable_11b_rates
= wpa_driver_nl80211_disable_11b_rates
,
5831 .deinit_ap
= wpa_driver_nl80211_deinit_ap
,
5832 .resume
= wpa_driver_nl80211_resume
,
5833 .send_ft_action
= nl80211_send_ft_action
,
5834 .signal_monitor
= nl80211_signal_monitor
,
5835 .send_frame
= nl80211_send_frame
,
5836 .set_intra_bss
= nl80211_set_intra_bss
,